gerg-l/nixos
1
0
Fork 0
mirror of https://github.com/Gerg-L/nixos.git synced 2025-12-10 00:43:56 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions

everything works :D

Browse source
This commit is contained in:
Gerg-L 2024-06-16 19:04:08 -04:00
parent 19a3a6c4d9
commit 714b885bfe
Signed by: gerg-l
SSH key fingerprint: SHA256:FPYDHIkvMocr4wdmZXpgpJjsb2Tw6rASs2ISPbOb0KI
9 changed files with 6400 additions and 278 deletions
Download patch file Download diff file Expand all files Collapse all files

2
disko/gerg-desktop.nix
View file

@ -17,7 +17,6 @@ lib: {
content = { content = {
type = "gpt"; type = "gpt";
partitions = { partitions = {
#BOOT is unused
BOOT = { BOOT = {
device = "${fullName}-part1"; device = "${fullName}-part1";
type = "EF00"; type = "EF00";
@ -26,6 +25,7 @@ lib: {
content = { content = {
type = "filesystem"; type = "filesystem";
format = "vfat"; format = "vfat";
mountpoint = "/efi${name}";
}; };
}; };
swap = { swap = {

238
flake.lock generated
View file

@ -1,26 +1,5 @@
{ {
"nodes": { "nodes": {
"crane": {
"inputs": {
"nixpkgs": [
"lanzaboote",
"nixpkgs"
]
},
"locked": {
"lastModified": 1718078026,
"narHash": "sha256-LbQabH6h86ZzTvDnaZHmMwedRZNB2jYtUQzmoqWQoJ8=",
"owner": "ipetkov",
"repo": "crane",
"rev": "a3f0c63eed74a516298932b9b1627dd80b9c3892",
"type": "github"
},
"original": {
"owner": "ipetkov",
"repo": "crane",
"type": "github"
}
},
"disko": { "disko": {
"inputs": { "inputs": {
"nixpkgs": [ "nixpkgs": [
@ -64,11 +43,11 @@
"flake-compat": { "flake-compat": {
"flake": false, "flake": false,
"locked": { "locked": {
"lastModified": 1696426674, "lastModified": 1673956053,
"narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=", "narHash": "sha256-4gtG9iQuiKITOjNQQeQIpoIB6b16fm+504Ch3sNKLd8=",
"owner": "edolstra", "owner": "edolstra",
"repo": "flake-compat", "repo": "flake-compat",
"rev": "0f9255e01c2351cc7d116c072cb317785dd33b33", "rev": "35bb57c0c8d8b62bbfd284272c928ceb64ddbde9",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -80,11 +59,11 @@
"flake-compat_2": { "flake-compat_2": {
"flake": false, "flake": false,
"locked": { "locked": {
"lastModified": 1673956053, "lastModified": 1696426674,
"narHash": "sha256-4gtG9iQuiKITOjNQQeQIpoIB6b16fm+504Ch3sNKLd8=", "narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=",
"owner": "edolstra", "owner": "edolstra",
"repo": "flake-compat", "repo": "flake-compat",
"rev": "35bb57c0c8d8b62bbfd284272c928ceb64ddbde9", "rev": "0f9255e01c2351cc7d116c072cb317785dd33b33",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -109,44 +88,7 @@
"type": "github" "type": "github"
} }
}, },
"flake-compat_4": {
"flake": false,
"locked": {
"lastModified": 1696426674,
"narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=",
"owner": "edolstra",
"repo": "flake-compat",
"rev": "0f9255e01c2351cc7d116c072cb317785dd33b33",
"type": "github"
},
"original": {
"owner": "edolstra",
"repo": "flake-compat",
"type": "github"
}
},
"flake-parts": { "flake-parts": {
"inputs": {
"nixpkgs-lib": [
"lanzaboote",
"nixpkgs"
]
},
"locked": {
"lastModified": 1717285511,
"narHash": "sha256-iKzJcpdXih14qYVcZ9QC9XuZYnPc6T8YImb6dX166kw=",
"owner": "hercules-ci",
"repo": "flake-parts",
"rev": "2a55567fcf15b1b1c7ed712a2c6fadaec7412ea8",
"type": "github"
},
"original": {
"owner": "hercules-ci",
"repo": "flake-parts",
"type": "github"
}
},
"flake-parts_2": {
"inputs": { "inputs": {
"nixpkgs-lib": [ "nixpkgs-lib": [
"nix", "nix",
@ -168,24 +110,6 @@
} }
}, },
"flake-utils": { "flake-utils": {
"inputs": {
"systems": "systems"
},
"locked": {
"lastModified": 1710146030,
"narHash": "sha256-SZ5L6eA7HJ/nmkzGG7/ISclqe6oZdOZTNoesiInkXPQ=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "b1d9ab70662946ef0850d488da1c9019f3a9752a",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
},
"flake-utils_2": {
"locked": { "locked": {
"lastModified": 1667395993, "lastModified": 1667395993,
"narHash": "sha256-nuEHfE/LcWyuSWnS8t12N1wc105Qtau+/OdUAjtQ0rA=", "narHash": "sha256-nuEHfE/LcWyuSWnS8t12N1wc105Qtau+/OdUAjtQ0rA=",
@ -200,54 +124,6 @@
"type": "github" "type": "github"
} }
}, },
"gitignore": {
"inputs": {
"nixpkgs": [
"lanzaboote",
"pre-commit-hooks-nix",
"nixpkgs"
]
},
"locked": {
"lastModified": 1709087332,
"narHash": "sha256-HG2cCnktfHsKV0s4XW83gU3F57gaTljL9KNSuG6bnQs=",
"owner": "hercules-ci",
"repo": "gitignore.nix",
"rev": "637db329424fd7e46cf4185293b9cc8c88c95394",
"type": "github"
},
"original": {
"owner": "hercules-ci",
"repo": "gitignore.nix",
"type": "github"
}
},
"lanzaboote": {
"inputs": {
"crane": "crane",
"flake-compat": "flake-compat",
"flake-parts": "flake-parts",
"flake-utils": "flake-utils",
"nixpkgs": [
"unstable"
],
"pre-commit-hooks-nix": "pre-commit-hooks-nix",
"rust-overlay": "rust-overlay"
},
"locked": {
"lastModified": 1718218065,
"narHash": "sha256-fKC7Ryg3AYykDrS2ilS1VqA8/9B2m3yFZcshK+7tIEc=",
"owner": "nix-community",
"repo": "lanzaboote",
"rev": "7cb05fab896bd542c0ca4260d74d9d664cd7b56e",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "lanzaboote",
"type": "github"
}
},
"libgit2": { "libgit2": {
"flake": false, "flake": false,
"locked": { "locked": {
@ -266,11 +142,11 @@
}, },
"master": { "master": {
"locked": { "locked": {
"lastModified": 1718514514, "lastModified": 1718577318,
"narHash": "sha256-TgYcdR9AUnP9rJH1yLHno5QGA3eyYVACUr+9a+Z2Jv0=", "narHash": "sha256-OTSFWyKx2RQH2O6GhvsakmM0fDnoylq3DKyi7GCMqf0=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "b22435d8fac9904352ca3b9b0c21aaebae52c36d", "rev": "80f3f19e1edb6c373c51764779544f89cd24ca73",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -299,8 +175,8 @@
}, },
"nix": { "nix": {
"inputs": { "inputs": {
"flake-compat": "flake-compat_2", "flake-compat": "flake-compat",
"flake-parts": "flake-parts_2", "flake-parts": "flake-parts",
"libgit2": "libgit2", "libgit2": "libgit2",
"nixpkgs": [ "nixpkgs": [
"stable" "stable"
@ -396,22 +272,6 @@
} }
}, },
"nixpkgs-stable": { "nixpkgs-stable": {
"locked": {
"lastModified": 1710695816,
"narHash": "sha256-3Eh7fhEID17pv9ZxrPwCLfqXnYP006RKzSs0JptsN84=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "614b4613980a522ba49f0d194531beddbb7220d3",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-23.11",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs-stable_2": {
"locked": { "locked": {
"lastModified": 1718478900, "lastModified": 1718478900,
"narHash": "sha256-v43N1gZLcGkhg3PdcrKUNIZ1L0FBzB2JqhIYEyKAHEs=", "narHash": "sha256-v43N1gZLcGkhg3PdcrKUNIZ1L0FBzB2JqhIYEyKAHEs=",
@ -429,7 +289,7 @@
}, },
"nvim-flake": { "nvim-flake": {
"inputs": { "inputs": {
"flake-compat": "flake-compat_3", "flake-compat": "flake-compat_2",
"neovim-src": "neovim-src", "neovim-src": "neovim-src",
"nixpkgs": [ "nixpkgs": [
"unstable" "unstable"
@ -454,7 +314,7 @@
"flake-compat": [ "flake-compat": [
"nix" "nix"
], ],
"flake-utils": "flake-utils_2", "flake-utils": "flake-utils",
"gitignore": [ "gitignore": [
"nix" "nix"
], ],
@ -481,38 +341,10 @@
"type": "github" "type": "github"
} }
}, },
"pre-commit-hooks-nix": {
"inputs": {
"flake-compat": [
"lanzaboote",
"flake-compat"
],
"gitignore": "gitignore",
"nixpkgs": [
"lanzaboote",
"nixpkgs"
],
"nixpkgs-stable": "nixpkgs-stable"
},
"locked": {
"lastModified": 1717664902,
"narHash": "sha256-7XfBuLULizXjXfBYy/VV+SpYMHreNRHk9nKMsm1bgb4=",
"owner": "cachix",
"repo": "pre-commit-hooks.nix",
"rev": "cc4d466cb1254af050ff7bdf47f6d404a7c646d1",
"type": "github"
},
"original": {
"owner": "cachix",
"repo": "pre-commit-hooks.nix",
"type": "github"
}
},
"root": { "root": {
"inputs": { "inputs": {
"disko": "disko", "disko": "disko",
"fetch-rs": "fetch-rs", "fetch-rs": "fetch-rs",
"lanzaboote": "lanzaboote",
"master": "master", "master": "master",
"nix": "nix", "nix": "nix",
"nix-index-database": "nix-index-database", "nix-index-database": "nix-index-database",
@ -525,37 +357,12 @@
"unstable": "unstable" "unstable": "unstable"
} }
}, },
"rust-overlay": {
"inputs": {
"flake-utils": [
"lanzaboote",
"flake-utils"
],
"nixpkgs": [
"lanzaboote",
"nixpkgs"
]
},
"locked": {
"lastModified": 1717813066,
"narHash": "sha256-wqbRwq3i7g5EHIui0bIi84mdqZ/It1AXBSLJ5tafD28=",
"owner": "oxalica",
"repo": "rust-overlay",
"rev": "6dc3e45fe4aee36efeed24d64fc68b1f989d5465",
"type": "github"
},
"original": {
"owner": "oxalica",
"repo": "rust-overlay",
"type": "github"
}
},
"sops-nix": { "sops-nix": {
"inputs": { "inputs": {
"nixpkgs": [ "nixpkgs": [
"unstable" "unstable"
], ],
"nixpkgs-stable": "nixpkgs-stable_2" "nixpkgs-stable": "nixpkgs-stable"
}, },
"locked": { "locked": {
"lastModified": 1718506969, "lastModified": 1718506969,
@ -573,7 +380,7 @@
}, },
"spicetify-nix": { "spicetify-nix": {
"inputs": { "inputs": {
"flake-compat": "flake-compat_4", "flake-compat": "flake-compat_3",
"nixpkgs": [ "nixpkgs": [
"unstable" "unstable"
] ]
@ -628,21 +435,6 @@
"type": "github" "type": "github"
} }
}, },
"systems": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "default",
"type": "github"
}
},
"unstable": { "unstable": {
"locked": { "locked": {
"lastModified": 1718318537, "lastModified": 1718318537,

6
flake.nix
View file

@ -45,12 +45,6 @@
repo = "disko"; repo = "disko";
inputs.nixpkgs.follows = "unstable"; inputs.nixpkgs.follows = "unstable";
}; };
lanzaboote = {
type = "github";
owner = "nix-community";
repo = "lanzaboote";
inputs.nixpkgs.follows = "unstable";
};
nix-index-database = { nix-index-database = {
type = "github"; type = "github";
owner = "nix-community"; owner = "nix-community";

6325
hosts/gerg-desktop/kernelConfig Normal file
View file

File diff suppressed because it is too large Load diff

2
hosts/gerg-desktop/main.nix
View file

@ -194,5 +194,5 @@
}; };
}; };
system.stateVersion = "23.05"; system.stateVersion = "24.11";
} }

5
hosts/gerg-desktop/vfio.nix
View file

@ -63,11 +63,6 @@ in
"vfio_iommu_type1.allow_unsafe_interrupts=1" "vfio_iommu_type1.allow_unsafe_interrupts=1"
"kvm.ignore_msrs=1" "kvm.ignore_msrs=1"
]; ];
kernelPatches = lib.singleton {
name = "fix_amd_mem_access";
patch = null;
extraStructuredConfig.HSA_AMD_SVM = lib.kernel.yes;
};
}; };
environment = { environment = {

83
hosts/gerg-desktop/zfs.nix
View file

@ -1,24 +1,12 @@
{ {
lanzaboote,
config, config,
lib, lib,
pkgs, pkgs,
}: }:
{ {
imports = [ lanzaboote.nixosModules.lanzaboote ];
environment.systemPackages = [ pkgs.sbctl ];
boot.lanzaboote = {
enable = true;
pkiBundle = "/etc/secureboot";
configurationLimit = 10;
};
#link some stuff #link some stuff
systemd.tmpfiles.rules = [ systemd.tmpfiles.rules = [
"L+ /etc/secureboot - - - - /persist/secureboot"
"L+ /etc/ssh/ssh_host_ed25519_key - - - - /persist/ssh/ssh_host_ed25519_key" "L+ /etc/ssh/ssh_host_ed25519_key - - - - /persist/ssh/ssh_host_ed25519_key"
"L+ /etc/ssh/ssh_host_ed25519_key.pub - - - - /persist/ssh/ssh_host_ed25519_key.pub" "L+ /etc/ssh/ssh_host_ed25519_key.pub - - - - /persist/ssh/ssh_host_ed25519_key.pub"
"L /etc/nixos/flake.nix - - - - /home/gerg/Projects/nixos/flake.nix" "L /etc/nixos/flake.nix - - - - /home/gerg/Projects/nixos/flake.nix"
@ -30,35 +18,56 @@
}; };
#make sure the sopskey is found #make sure the sopskey is found
sops.age.sshKeyPaths = lib.mkForce [ "/persist/ssh/ssh_host_ed25519_key" ]; sops.age.sshKeyPaths = lib.mkForce [ "/persist/ssh/ssh_host_ed25519_key" ];
fileSystems = { fileSystems."/persist".neededForBoot = true;
"/persist".neededForBoot = true;
# These are my Windows drives partitions
"/efi".device = "/dev/disk/by-id/ata-Samsung_SSD_870_EVO_500GB_S6PXNM0T402828A-part1";
"/boot".device = "/dev/disk/by-id/ata-Samsung_SSD_870_EVO_500GB_S6PXNM0T402828A-part4";
"/efi/EFI/Linux" = {
device = "/boot/EFI/Linux";
options = [ "bind" ];
};
"/efi/EFI/nixos" = {
device = "/boot/EFI/nixos";
options = [ "bind" ];
};
};
boot = { boot = {
supportedFilesystems = {
ntfs = true;
};
zfs = { zfs = {
package = pkgs.zfs_unstable; package = pkgs.zfs_unstable;
devNodes = "/dev/disk/by-id/"; devNodes = "/dev/disk/by-id/";
forceImportAll = true; forceImportAll = true;
}; };
kernelPackages = config.boot.zfs.package.latestCompatibleLinuxPackages; kernelPackages = pkgs.linuxPackagesFor (
let
version = "6.8.12";
in
(pkgs.linuxManualConfig {
version = "${version}-gerg";
modDirVersion = "${version}-gerg";
src = pkgs.fetchurl {
url = "mirror://kernel/linux/kernel/v${lib.versions.major version}.x/linux-${version}.tar.xz";
hash = "sha256-GbMZVtIptbnKVnH6HHQyAXloKj2NAPyGeUEUsh2oYDk=";
};
inherit (config.boot) kernelPatches;
config = {
CONFIG_RUST = "y";
CONFIG_MODULES = "y";
};
configfile = ./kernelConfig;
}).overrideAttrs
(old: {
passthru = (old.passthru or { }) // {
features = lib.foldr (x: y: (x.features or { }) // y) {
efiBootStub = true;
netfilterRPFilter = true;
ia32Emulation = true;
} config.boot.kernelPatches;
};
})
);
#set ARC max #set ARC max
kernelParams = [ "zfs.zfs_arc_max=17179869184" ]; kernelParams = [ "zfs.zfs_arc_max=17179869184" ];
initrd = { initrd = {
kernelModules = [
#module for multiple swap devices #module for multiple swap devices
kernelModules = [ "dm_mod" ]; "dm_mod"
#keyboard module for zfs password #keyboard module for zfs password
availableKernelModules = [ "hid_generic" ]; "hid_generic"
];
systemd.services.rollback = { systemd.services.rollback = {
serviceConfig = { serviceConfig = {
Type = "oneshot"; Type = "oneshot";
@ -77,13 +86,19 @@
}; };
loader = { loader = {
systemd-boot = { systemd-boot = {
enable = lib.mkForce false; enable = lib.mkForce true;
xbootldrMountPoint = "/boot"; extraFiles."shellx64.efi" = pkgs.edk2-uefi-shell.efi;
};
extraEntries."windows.conf" = ''
title Windows
efi /shellx64.efi
options -nointerrupt -noconsolein -noconsoleout HD2d65535a1:EFI\Microsoft\Boot\Bootmgfw.efi
'';
};
grub.enable = lib.mkForce false; grub.enable = lib.mkForce false;
timeout = lib.mkForce 5; timeout = lib.mkForce 5;
efi.efiSysMountPoint = "/efi"; efi.efiSysMountPoint = "/efi22";
}; };
}; };
} }

6
hosts/media-laptop/main.nix
View file

@ -2,7 +2,7 @@
lib, lib,
pkgs, pkgs,
config, config,
nvim-flake,
}: }:
{ {
local = { local = {
@ -21,11 +21,11 @@
environment.systemPackages = builtins.attrValues { environment.systemPackages = builtins.attrValues {
inherit (pkgs) inherit (pkgs)
neovim
vlc vlc
pavucontrol # gui volume control pavucontrol # gui volume control
chromium chromium
; ;
inherit (nvim-flake.packages) neovim;
}; };
services.xserver.videoDrivers = [ "intel" ]; services.xserver.videoDrivers = [ "intel" ];
@ -75,7 +75,7 @@
"L+ %h/Desktop/vlc.desktop - - - - ${pkgs.vlc}/share/applications/vlc.desktop" "L+ %h/Desktop/vlc.desktop - - - - ${pkgs.vlc}/share/applications/vlc.desktop"
]; ];
system.stateVersion = "23.05"; system.stateVersion = "24.11";
swapDevices = [ swapDevices = [
{ {

7
lib/default.nix
View file

@ -31,7 +31,7 @@ rec {
listNixFilesRecursive = wrench [ listNixFilesRecursive = wrench [
builtins.unsafeDiscardStringContext builtins.unsafeDiscardStringContext
lib.filesystem.listFilesRecursive lib.filesystem.listFilesRecursive
(builtins.filter (x: !lib.hasPrefix "_" x && lib.hasSuffix ".nix" x)) (builtins.filter (x: !lib.hasPrefix "_" (builtins.baseNameOf x) && lib.hasSuffix ".nix" x))
]; ];
mkModules = mkModules =
@ -81,7 +81,7 @@ rec {
(lib.mapAttrs (n: _: allArgs.${n} or { })) (lib.mapAttrs (n: _: allArgs.${n} or { }))
]; ];
neededArgs = (lib.filterAttrs (n: _: !builtins.elem n argNames) funcArgs); neededArgs = lib.filterAttrs (n: _: !builtins.elem n argNames) funcArgs;
in in
{ {
__functor = __functor =
@ -93,10 +93,11 @@ rec {
providedArgs providedArgs
// ( // (
let let
inputs' = constructInputs' (args.pkgs.stdenv.system) inputs; inputs' = constructInputs' args.pkgs.stdenv.system inputs;
actuallyAllArgs = inputs' // { actuallyAllArgs = inputs' // {
inherit inputs'; inherit inputs';
self' = inputs'.self; self' = inputs'.self;
inherit (inputs) self;
}; };
in in
lib.filterAttrs (n: _: providedArgs ? ${n}) actuallyAllArgs lib.filterAttrs (n: _: providedArgs ? ${n}) actuallyAllArgs