diff --git a/nixosConfigurations/gerg-desktop/boot.nix b/nixosConfigurations/gerg-desktop/boot.nix index 40f592f..4529d28 100644 --- a/nixosConfigurations/gerg-desktop/boot.nix +++ b/nixosConfigurations/gerg-desktop/boot.nix @@ -9,7 +9,6 @@ let title Windows efi /shellx64.efi options -nointerrupt -noconsolein -noconsoleout HD2d65535a1:EFI\Microsoft\Boot\Bootmgfw.efi - ''; in { @@ -28,39 +27,6 @@ in ]; boot = { - initrd = { - kernelModules = [ "igc" ]; - network = { - enable = true; - ssh = { - enable = true; - port = 22; - hostKeys = [ "/persist/initrd-keys/ssh_host_ed5519_key" ]; - authorizedKeys = [ config.local.keys.gerg_gerg-phone ]; - }; - }; - systemd = { - # For linuxManualConfig to work: - strip = lib.mkForce false; - network = { - enable = true; - networks.enp11s0 = { - name = "enp11s0"; - address = [ "192.168.1.4/24" ]; - gateway = [ "192.168.1.1" ]; - dns = [ "192.168.1.1" ]; - DHCP = "no"; - linkConfig = { - MACAddress = "D8:5E:D3:E5:47:90"; - RequiredForOnline = "routable"; - }; - }; - wait-online.enable = false; - }; - users.root.shell = "/bin/systemd-tty-ask-password-agent"; - }; - }; - lanzaboote = { enable = true; pkiBundle = "/var/lib/sbctl"; @@ -97,36 +63,5 @@ in timeout = lib.mkForce 5; efi.efiSysMountPoint = "/efi22"; }; - kernelPackages = pkgs.linuxPackagesFor ( - let - version = "6.12.11"; - src = pkgs.fetchurl { - url = "mirror://kernel/linux/kernel/v${builtins.head (lib.splitVersion version)}.x/linux-${version}.tar.xz"; - hash = "sha256-R1Fy/b2HoVPxI6V5Umcudzvbba9bWKQX0aXkGfz+7Ek="; - }; - in - (pkgs.linuxManualConfig { - inherit src; - inherit (config.boot) kernelPatches; - version = "${version}-gerg"; - config = { - CONFIG_RUST = "y"; - CONFIG_MODULES = "y"; - }; - configfile = ./kernelConfig; - }).overrideAttrs - (old: { - passthru = old.passthru or { } // { - features = lib.foldr (x: y: x.features or { } // y) { - efiBootStub = true; - netfilterRPFilter = true; - ia32Emulation = true; - } config.boot.kernelPatches; - }; - meta = old.meta or { } // { - broken = false; - }; - }) - ); }; } diff --git a/nixosConfigurations/gerg-desktop/kernel.nix b/nixosConfigurations/gerg-desktop/kernel.nix new file mode 100644 index 0000000..4e4f20c --- /dev/null +++ b/nixosConfigurations/gerg-desktop/kernel.nix @@ -0,0 +1,44 @@ +{ + lib, + pkgs, + config, +}: +{ + + boot = { + # For linuxManualConfig to work: https://github.com/NixOS/nixpkgs/issues/368249 + initrd.systemd.strip = false; + + kernelPackages = pkgs.linuxPackagesFor ( + let + version = "6.12.11"; + src = pkgs.fetchurl { + url = "mirror://kernel/linux/kernel/v${builtins.head (lib.splitVersion version)}.x/linux-${version}.tar.xz"; + hash = "sha256-R1Fy/b2HoVPxI6V5Umcudzvbba9bWKQX0aXkGfz+7Ek="; + }; + in + (pkgs.linuxManualConfig { + inherit src; + inherit (config.boot) kernelPatches; + version = "${version}-gerg"; + config = { + CONFIG_RUST = "y"; + CONFIG_MODULES = "y"; + }; + configfile = ./kernelConfig; + }).overrideAttrs + (old: { + passthru = old.passthru or { } // { + features = lib.foldr (x: y: x.features or { } // y) { + efiBootStub = true; + netfilterRPFilter = true; + ia32Emulation = true; + } config.boot.kernelPatches; + }; + meta = old.meta or { } // { + broken = false; + }; + }) + ); + }; +} diff --git a/nixosConfigurations/gerg-desktop/main.nix b/nixosConfigurations/gerg-desktop/main.nix index 68861f9..e498566 100644 --- a/nixosConfigurations/gerg-desktop/main.nix +++ b/nixosConfigurations/gerg-desktop/main.nix @@ -58,7 +58,21 @@ nixpkgs-review = pkgs.nixpkgs-review.override { nix = config.nix.package; }; }; }; - boot.binfmt.emulatedSystems = [ "aarch64-linux" ]; + boot = { + binfmt.emulatedSystems = [ "aarch64-linux" ]; + + supportedFilesystems.ntfs = true; + initrd = { + availableKernelModules = [ + "nvme" + "xhci_pci" + "ahci" + "usbhid" + "sd_mod" + ]; + includeDefaultModules = false; + }; + }; hardware.nvidia = { package = config.boot.kernelPackages.nvidiaPackages.beta; @@ -213,16 +227,6 @@ root.hashedPassword = "!"; }; }; - boot.initrd = { - availableKernelModules = [ - "nvme" - "xhci_pci" - "ahci" - "usbhid" - "sd_mod" - ]; - includeDefaultModules = false; - }; system.stateVersion = "24.11"; networking.hostName = "gerg-desktop"; diff --git a/nixosConfigurations/gerg-desktop/zfs.nix b/nixosConfigurations/gerg-desktop/zfs.nix index e379cd4..8d020b0 100644 --- a/nixosConfigurations/gerg-desktop/zfs.nix +++ b/nixosConfigurations/gerg-desktop/zfs.nix @@ -1,6 +1,7 @@ { config, lib, + pkgs, }: { #link some stuff @@ -18,9 +19,8 @@ #make sure the sopskey is found sops.age.sshKeyPaths = lib.mkForce [ "/persist/ssh/ssh_host_ed25519_key" ]; fileSystems."/persist".neededForBoot = true; - boot = { - supportedFilesystems.ntfs = true; + boot = { zfs = { devNodes = "/dev/disk/by-id/"; forceImportAll = true; @@ -35,23 +35,49 @@ "dm_mod" #keyboard module for zfs password "hid_generic" + #stage one internet + "igc" ]; - systemd.services.rollback = { - serviceConfig = { - Type = "oneshot"; - RemainAfterExit = true; + network = { + enable = true; + ssh = { + enable = true; + port = 22; + hostKeys = [ "/persist/initrd-keys/ssh_host_ed5519_key" ]; + authorizedKeys = [ config.local.keys.gerg_gerg-phone ]; }; - unitConfig.DefaultDependencies = "no"; - wantedBy = [ "initrd.target" ]; - after = [ "zfs-import.target" ]; - before = [ "sysroot.mount" ]; - path = [ config.boot.zfs.package ]; - script = '' - zfs rollback -r rpool/root@empty - zfs rollback -r rpool/var@empty - ''; + }; + systemd = { + network = { + enable = true; + networks.enp11s0 = { + name = "enp11s0"; + address = [ "192.168.1.4/24" ]; + gateway = [ "192.168.1.1" ]; + dns = [ "192.168.1.1" ]; + DHCP = "no"; + linkConfig = { + MACAddress = "D8:5E:D3:E5:47:90"; + RequiredForOnline = "routable"; + }; + }; + wait-online.enable = false; + }; + users.root.shell = "/bin/systemd-tty-ask-password-agent"; }; }; }; + + systemd.shutdownRamfs = { + enable = true; + contents."/etc/systemd/system-shutdown/zfs-rollback".source = + pkgs.writeShellScript "zfs-rollback" '' + zfs='${lib.getExe config.boot.zfs.package}' + zfs rollback -r rpool/root@empty + zfs rollback -r rpool/var@empty + ''; + storePaths = [ (lib.getExe config.boot.zfs.package) ]; + }; + }