BeiNacht/nixos-config
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

framework-2024-12-03-15-01-23

Browse Source
This commit is contained in:
Alexander Szczepanski
2024-12-03 15:01:23 +01:00
parent 5b6bdd88b7
commit aa336cf497
3 changed files with 65 additions and 86 deletions
Download Patch File Download Diff File Expand all files Collapse all files

68
configs/common-linux.nix
View File

@ -31,44 +31,44 @@
supportedFilesystems = ["ntfs" "btrfs"];
initrd = {
postDeviceCommands = pkgs.lib.mkBefore ''
mkdir -p /mnt
# postDeviceCommands = pkgs.lib.mkBefore ''
# mkdir -p /mnt
# We first mount the btrfs root to /mnt
# so we can manipulate btrfs subvolumes.
mount -o subvol=/ /dev/mapper/lvm-root /mnt
# # We first mount the btrfs root to /mnt
# # so we can manipulate btrfs subvolumes.
# mount -o subvol=/ /dev/mapper/lvm-root /mnt
# While we're tempted to just delete /root and create
# a new snapshot from /root-blank, /root is already
# populated at this point with a number of subvolumes,
# which makes `btrfs subvolume delete` fail.
# So, we remove them first.
#
# /root contains subvolumes:
# - /root/var/lib/portables
# - /root/var/lib/machines
#
# I suspect these are related to systemd-nspawn, but
# since I don't use it I'm not 100% sure.
# Anyhow, deleting these subvolumes hasn't resulted
# in any issues so far, except for fairly
# benign-looking errors from systemd-tmpfiles.
btrfs subvolume list -o /mnt/root |
cut -f9 -d' ' |
while read subvolume; do
echo "deleting /$subvolume subvolume..."
btrfs subvolume delete "/mnt/$subvolume"
done &&
echo "deleting /root subvolume..." &&
btrfs subvolume delete /mnt/root
# # While we're tempted to just delete /root and create
# # a new snapshot from /root-blank, /root is already
# # populated at this point with a number of subvolumes,
# # which makes `btrfs subvolume delete` fail.
# # So, we remove them first.
# #
# # /root contains subvolumes:
# # - /root/var/lib/portables
# # - /root/var/lib/machines
# #
# # I suspect these are related to systemd-nspawn, but
# # since I don't use it I'm not 100% sure.
# # Anyhow, deleting these subvolumes hasn't resulted
# # in any issues so far, except for fairly
# # benign-looking errors from systemd-tmpfiles.
# btrfs subvolume list -o /mnt/root |
# cut -f9 -d' ' |
# while read subvolume; do
# echo "deleting /$subvolume subvolume..."
# btrfs subvolume delete "/mnt/$subvolume"
# done &&
# echo "deleting /root subvolume..." &&
# btrfs subvolume delete /mnt/root
echo "restoring blank /root subvolume..."
btrfs subvolume snapshot /mnt/root-blank /mnt/root
# echo "restoring blank /root subvolume..."
# btrfs subvolume snapshot /mnt/root-blank /mnt/root
# Once we're done rolling back to a blank snapshot,
# we can unmount /mnt and continue on the boot process.
umount /mnt
'';
# # Once we're done rolling back to a blank snapshot,
# # we can unmount /mnt and continue on the boot process.
# umount /mnt
# '';
};
};

18
machine/framework/configuration.nix
View File

@ -21,24 +21,13 @@ in {
];
sops = {
defaultSopsFile = ../../secrets/secrets.yaml;
validateSopsFiles = true;
age = {
sshKeyPaths = ["/persist/etc/ssh/ssh_host_ed25519_key"];
keyFile = "/var/lib/sops-nix/key.txt";
generateKey = true;
};
defaultSopsFile = ../../secrets-framework.yaml;
secrets = {
borg-key = {
sopsFile = ../../secrets/secrets-framework.yaml;
owner = config.users.users.alex.name;
group = config.users.users.alex.group;
};
hashedPassword = {
neededForUsers = true;
};
};
};
@ -224,11 +213,6 @@ in {
# fahviewer
# fahcontrol
];
# persistence."/persist" = {
# directories = [
# # "/var/lib/samba"
# ];
# };
};
# Partition swapfile is on (after LUKS decryption)

65
machine/framework/hardware-configuration.nix
View File

@ -1,6 +1,3 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{
config,
lib,
@ -19,21 +16,23 @@
"usb_storage"
"sd_mod"
];
# boot.initrd.kernelModules = [];
# boot.kernelModules = ["kvm-intel"];
# boot.extraModulePackages = [];
fileSystems = {
# "/" = {
# device = "/dev/disk/by-uuid/20780bfe-5714-4c2f-bf53-7296b76cfbdc";
# fsType = "btrfs";
# options = [
# "subvol=root"
# "discard=async"
# "compress=zstd"
# "nodiratime"
# "noatime"
# ];
# };
"/" = {
device = "/dev/disk/by-uuid/20780bfe-5714-4c2f-bf53-7296b76cfbdc";
fsType = "btrfs";
options = [
"subvol=root"
"discard=async"
"compress=zstd"
"nodiratime"
"noatime"
];
device = "none";
fsType = "tmpfs";
options = ["defaults" "size=16G" "mode=755"];
};
"/home" = {
device = "/dev/disk/by-uuid/20780bfe-5714-4c2f-bf53-7296b76cfbdc";
@ -86,24 +85,24 @@
fsType = "vfat";
options = ["fmask=0022" "dmask=0022"];
};
# "/home/alex/shared/storage" = {
# device = "/dev/disk/by-uuid/58259976-4f63-4f60-a755-7870b08286e7";
# fsType = "btrfs";
# options = [
# "subvol=@data"
# "discard=async"
# "compress=zstd"
# "nodiratime"
# "noatime"
# "nofail"
# "x-systemd.automount"
# ];
# };
"/home/alex/shared/storage" = {
device = "/dev/disk/by-uuid/58259976-4f63-4f60-a755-7870b08286e7";
fsType = "btrfs";
options = [
"subvol=@data"
"discard=async"
"compress=zstd"
"nodiratime"
"noatime"
"nofail"
"x-systemd.automount"
];
};
};
# environment.etc.crypttab.text = ''
# luks-e36ec189-2211-4bcc-bb9d-46650443d76b UUID=e36ec189-2211-4bcc-bb9d-46650443d76b /persist/luks-key01
# '';
environment.etc.crypttab.text = ''
luks-e36ec189-2211-4bcc-bb9d-46650443d76b UUID=e36ec189-2211-4bcc-bb9d-46650443d76b /persist/luks-key01
'';
swapDevices = [
{
@ -111,10 +110,6 @@
}
];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's
# still possible to use this option, but it's recommended to use it in conjunction
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
networking.useDHCP = lib.mkDefault true;
# networking.interfaces.wlp166s0.useDHCP = lib.mkDefault true;