BeiNacht/nixos-config
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

desktop-2024-10-31-13-41-42

Browse Source
This commit is contained in:
Alexander Szczepanski
2024-10-31 13:41:42 +01:00
parent cd4a5fe3c1
commit 6784442e11
9 changed files with 281 additions and 99 deletions
Download Patch File Download Diff File Expand all files Collapse all files

99
machine/desktop/configuration.nix
View File

@ -68,7 +68,7 @@ in
borg-key = {
sopsFile = ../../secrets-desktop.yaml;
owner = config.users.users.alex.name;
group = config.users.users.alex.group;
group = config.users.users.alex.group;
};
hashedPassword = {
@ -77,7 +77,17 @@ in
};
};
nix.settings.system-features = [ "nixos-test" "benchmark" "big-parallel" "kvm" "gccarch-znver2" ];
nix.settings = {
system-features = [
"nixos-test"
"benchmark"
"big-parallel"
"kvm"
"gccarch-znver2"
];
trusted-substituters = [ "https://ai.cachix.org" ];
trusted-public-keys = [ "ai.cachix.org-1:N9dzRK+alWwoKXQlnn0H6aUx0lU/mspIoz8hMvGvbbc=" ];
};
boot = {
loader = {
@ -92,16 +102,24 @@ in
};
tmp.useTmpfs = false;
supportedFilesystems = [ "btrfs" ];
kernelPackages = pkgs.pkgs.linuxPackages_cachyos-rc;
kernelModules = [ "nct6775" ];
extraModulePackages = with pkgs.pkgs.linuxPackages_cachyos-rc; [ ryzen-smu ];
# kernelParams = [ "clearcpuid=514" ];
# kernelParams = [ "amdgpu.ppfeaturemask=0xffffffff" ];
kernelPatches = [{
name = "fix problems with netfilter in 6.11.4";
patch = ../../kernelpatches/fix-netfilter-6.11.4.patch;
}];
# kernelPatches = [{
# name = "fix problems with netfilter in 6.11.4";
# patch = ../../kernelpatches/fix-netfilter-6.11.4.patch;
# }];
initrd.luks.devices = {
root = {
# Use https://nixos.wiki/wiki/Full_Disk_Encryption
device = "/dev/disk/by-uuid/cc43f1eb-49c3-41a6-9279-6766de3659e7";
preLVM = true;
};
};
};
systemd.services = {
@ -176,8 +194,6 @@ in
# printing.enable = true;
fwupd.enable = true;
# xserver.videoDrivers = [ "amdgpu" ];
pipewire = {
enable = true;
alsa.enable = true;
@ -227,32 +243,53 @@ in
tailscale.enable = true;
borgbackup.jobs.home = rec {
compression = "auto,zstd";
encryption = {
mode = "repokey-blake2";
passCommand = "cat ${config.sops.secrets.borg-key.path}";
borgbackup.jobs = {
home = rec {
compression = "auto,zstd";
encryption = {
mode = "repokey-blake2";
passCommand = "cat ${config.sops.secrets.borg-key.path}";
};
extraCreateArgs = "--checkpoint-interval 600 --exclude-caches";
environment.BORG_RSH = "ssh -i ~/.ssh/id_borg_ed25519";
paths = "/home/alex";
repo = "ssh://u278697-sub2@u278697.your-storagebox.de:23/./borg";
startAt = "daily";
user = "alex";
prune.keep = {
daily = 7;
weekly = 4;
monthly = 6;
};
extraPruneArgs = "--save-space --list --stats";
exclude = map (x: paths + "/" + x) be.borg-exclude;
};
extraCreateArgs = "--checkpoint-interval 600 --exclude-caches";
environment.BORG_RSH = "ssh -i ~/.ssh/id_borg_ed25519";
paths = "/home/alex";
repo = "ssh://u278697-sub2@u278697.your-storagebox.de:23/./borg";
startAt = "daily";
user = "alex";
prune.keep = {
daily = 7;
weekly = 4;
monthly = 6;
home-external = rec {
compression = "auto,zstd";
encryption = {
mode = "repokey-blake2";
passCommand = "cat ${config.sops.secrets.borg-key.path}";
};
extraCreateArgs = "--checkpoint-interval 600 --exclude-caches";
paths = "/home/alex";
repo = "/run/media/alex/b6c33623-fc23-47ed-b6f5-e99455d5534a/borg";
startAt = [];
user = "alex";
prune.keep = {
daily = 7;
weekly = 4;
monthly = 6;
};
extraPruneArgs = "--save-space --list --stats";
exclude = map (x: paths + "/" + x) [
".cache"
".config/Nextcloud/logs"
".local/share/baloo"
];
};
extraPruneArgs = "--save-space --list --stats";
exclude = map (x: paths + "/" + x) be.borg-exclude;
};
};
swapDevices = [{
device = "/swapfile";
size = 32 * 1024;
}];
system.stateVersion = "24.11";
}

59
machine/desktop/hardware-configuration.nix
View File

@ -9,32 +9,53 @@
(modulesPath + "/installer/scan/not-detected.nix")
];
boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" "ahci" "usb_storage" "usbhid" "sd_mod" ];
boot.initrd.kernelModules = [ ];
boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" "ahci" "uas" "usb_storage" "usbhid" "sd_mod" ];
boot.initrd.kernelModules = [ "dm-snapshot" ];
boot.kernelModules = [ "kvm-amd" ];
boot.extraModulePackages = [ ];
fileSystems."/" = {
device = "/dev/disk/by-uuid/593a3e75-5479-4ee4-9797-d453c8841f8e";
options = [ "discard" ];
fsType = "ext4";
fileSystems = {
"/" = {
device = "/dev/disk/by-uuid/87c6b0fb-b921-47d5-a3a1-4b4c0a4f02ad";
fsType = "btrfs";
options = [ "subvol=root" "compress=zstd" "noatime" ];
};
"/home" = {
device = "/dev/disk/by-uuid/87c6b0fb-b921-47d5-a3a1-4b4c0a4f02ad";
fsType = "btrfs";
options = [ "subvol=home" "compress=zstd" "noatime" ];
};
"/nix" = {
device = "/dev/disk/by-uuid/87c6b0fb-b921-47d5-a3a1-4b4c0a4f02ad";
fsType = "btrfs";
options = [ "subvol=nix" "compress=zstd" "noatime" ];
};
"/persist" = {
device = "/dev/disk/by-uuid/87c6b0fb-b921-47d5-a3a1-4b4c0a4f02ad";
fsType = "btrfs";
options = [ "subvol=persist" "compress=zstd" "noatime" ];
};
"/var/log" = {
device = "/dev/disk/by-uuid/87c6b0fb-b921-47d5-a3a1-4b4c0a4f02ad";
fsType = "btrfs";
options = [ "subvol=log" "compress=zstd" "noatime" ];
neededForBoot = true;
};
"/boot" = {
device = "/dev/disk/by-uuid/4339-5A4C";
fsType = "vfat";
options = [ "fmask=0022" "dmask=0022" ];
};
};
boot.initrd.luks.devices."nixos" = {
device = "/dev/disk/by-uuid/56c16ba5-1a5f-4364-a663-6d924810f7e9";
allowDiscards = true;
};
fileSystems."/boot" = {
device = "/dev/disk/by-uuid/28F0-919C";
fsType = "vfat";
options = [ "fmask=0022" "dmask=0022" ];
};
swapDevices = [ ];
swapDevices = [{ device = "/dev/disk/by-uuid/831be7b8-5b1b-4bda-a27d-5a1c4efb2c4d"; }];
networking.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
}