bunch of misc stuff i don't feel like commit messaging

2025-12-10 00:43:56 -05:00 · 2024-06-22 12:50:51 -04:00 · 2024-06-22 12:50:51 -04:00 · 5823cab2c4
commit 5823cab2c4
parent 46752bcb1d
26 changed files with 173 additions and 168 deletions
--- a/hosts/gerg-desktop/zfs.nix
+++ b/hosts/gerg-desktop/zfs.nix
@ -2,48 +2,8 @@
  config,
  lib,
  pkgs,
-  lanzaboote,
 }:
-let
-  windowsConf = ''
-    title  Windows
-    efi     /shellx64.efi
-    options -nointerrupt -noconsolein -noconsoleout HD2d65535a1:EFI\Microsoft\Boot\Bootmgfw.efi
-
-  '';
-in
 {
-  imports = [ lanzaboote.nixosModules.lanzaboote ];
-
-  environment.systemPackages = [ pkgs.sbctl ];
-
-  boot.lanzaboote = {
-    enable = true;
-    pkiBundle = "/etc/secureboot";
-    configurationLimit = 10;
-    package = lib.mkForce (
-      pkgs.writeShellApplication {
-        name = "lzbt";
-        runtimeInputs = [
-          lanzaboote.packages.tool
-          pkgs.coreutils
-          pkgs.sbctl
-        ];
-        text = ''
-          set -o pipefail
-          lzbt "$@"
-          MP='${config.boot.loader.efi.efiSysMountPoint}'
-          cp -f '${pkgs.edk2-uefi-shell.efi}' "$MP/shellx64.efi"
-          mkdir -p "$MP/loader/entries"
-          sbctl sign -s "$MP/shellx64.efi"
-          cat << EOF > "$MP/loader/entries/windows.conf"
-          ${windowsConf}
-          EOF
-        '';
-      }
-    );
-  };
-
  #link some stuff
  systemd.tmpfiles.rules = [
    "L+ /etc/secureboot - - - - /persist/secureboot"
@ -60,47 +20,17 @@ in
  sops.age.sshKeyPaths = lib.mkForce [ "/persist/ssh/ssh_host_ed25519_key" ];
  fileSystems."/persist".neededForBoot = true;
  boot = {
-    supportedFilesystems = {
-      ntfs = true;
-    };
+    supportedFilesystems.ntfs = true;
+
    zfs = {
      package = pkgs.zfs_unstable;
      devNodes = "/dev/disk/by-id/";
      forceImportAll = true;
    };
-    kernelPackages = pkgs.linuxPackagesFor (
-      let
-        version = "6.8.12";
-      in
-      (pkgs.linuxManualConfig {
-        version = "${version}-gerg";
-        modDirVersion = "${version}-gerg";
-        src = pkgs.fetchurl {
-          url = "mirror://kernel/linux/kernel/v${lib.versions.major version}.x/linux-${version}.tar.xz";
-          hash = "sha256-GbMZVtIptbnKVnH6HHQyAXloKj2NAPyGeUEUsh2oYDk=";
-        };
-
-        inherit (config.boot) kernelPatches;
-
-        config = {
-          CONFIG_RUST = "y";
-          CONFIG_MODULES = "y";
-        };
-        configfile = ./kernelConfig;
-      }).overrideAttrs
-        (old: {
-          passthru = (old.passthru or { }) // {
-            features = lib.foldr (x: y: (x.features or { }) // y) {
-              efiBootStub = true;
-              netfilterRPFilter = true;
-              ia32Emulation = true;
-            } config.boot.kernelPatches;
-          };
-        })
-    );

    #set ARC max
    kernelParams = [ "zfs.zfs_arc_max=17179869184" ];
+
    initrd = {
      kernelModules = [
        #module for multiple swap devices
@ -108,6 +38,7 @@ in
        #keyboard module for zfs password
        "hid_generic"
      ];
+
      systemd.services.rollback = {
        serviceConfig = {
          Type = "oneshot";
@ -124,15 +55,5 @@ in
        '';
      };
    };
-    loader = {
-      systemd-boot = {
-        enable = lib.mkForce false;
-        extraFiles."shellx64.efi" = pkgs.edk2-uefi-shell.efi;
-        extraEntries."windows.conf" = windowsConf;
-      };
-      grub.enable = lib.mkForce false;
-      timeout = lib.mkForce 5;
-      efi.efiSysMountPoint = "/efi22";
-    };
  };
 }