diff options
| -rwxr-xr-x | disko.sh | 2 | ||||
| -rw-r--r-- | flake.nix | 2 | ||||
| -rw-r--r-- | machines/x/configuration.nix | 42 | ||||
| -rw-r--r-- | machines/x/hardware-configuration.nix | 4 | ||||
| -rw-r--r-- | modules/compromyse.nix | 2 | ||||
| -rw-r--r-- | packages/dwl.nix | 2 |
6 files changed, 30 insertions, 24 deletions
@@ -3,4 +3,4 @@ sudo nix \ --experimental-features "nix-command flakes" \ run github:nix-community/disko -- --mode disko ./disko.nix \ - --arg device "/dev/nvme0n1" + --arg device '"/dev/nvme0n1"' @@ -32,7 +32,7 @@ specialArgs = { inherit inputs; }; modules = [ inputs.disko.nixosModules.default - (import ./disko.nix { device = "/dev/vda"; }) + (import ./disko.nix { device = "/dev/nvme0n1"; }) ./machines/x/configuration.nix diff --git a/machines/x/configuration.nix b/machines/x/configuration.nix index 82db98f..64da9ac 100644 --- a/machines/x/configuration.nix +++ b/machines/x/configuration.nix @@ -26,8 +26,16 @@ "wm_utils.nix" ]); - boot.loader.grub.enable = true; - boot.loader.grub.efiSupport = true; + boot.loader = { + efi = { + canTouchEfiVariables = true; + }; + grub = { + enable = true; + efiSupport = true; + device = "/dev/nvme0n1"; + }; + }; boot.initrd.postDeviceCommands = lib.mkAfter '' mkdir /btrfs_tmp @@ -54,19 +62,6 @@ umount /btrfs_tmp ''; - boot.extraModprobeConfig = "options kvm_amd nested=1"; - - nixpkgs.config.allowUnfree = true; - nixpkgs.config.allowUnfreePredicate = _: true; - - services.fstrim.enable = true; - - networking.hostName = "x"; - - environment.variables = { - XCURSOR_SIZE = "16"; - }; - fileSystems."/persist".neededForBoot = true; environment.persistence."/persist/system" = { hideMounts = true; @@ -77,18 +72,29 @@ "/var/lib/nixos" "/var/lib/systemd/coredump" "/etc/NetworkManager/system-connections" - { directory = "/var/lib/colord"; user = "colord"; group = "colord"; mode = "u=rwx,g=rx,o="; } ]; files = [ "/etc/machine-id" - "/etc/shadow" { file = "/var/keys/secret_file"; parentDirectory = { mode = "u=rwx,g=,o="; }; } ]; }; + boot.extraModprobeConfig = "options kvm_amd nested=1"; + + nixpkgs.config.allowUnfree = true; + nixpkgs.config.allowUnfreePredicate = _: true; + + services.fstrim.enable = true; + + networking.hostName = "x"; + + environment.variables = { + XCURSOR_SIZE = "16"; + }; + programs.fuse.userAllowOther = true; home-manager = { - extraSpecialArgs = {inherit inputs;}; + extraSpecialArgs = { inherit inputs; }; users = { "compromyse" = import ./home.nix; }; diff --git a/machines/x/hardware-configuration.nix b/machines/x/hardware-configuration.nix index 7d34b69..39216b4 100644 --- a/machines/x/hardware-configuration.nix +++ b/machines/x/hardware-configuration.nix @@ -8,8 +8,8 @@ [ (modulesPath + "/installer/scan/not-detected.nix") ]; - boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" "usbhid" ]; - boot.initrd.kernelModules = [ ]; + boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" "usb_storage" "usbhid" "sd_mod" ]; + boot.initrd.kernelModules = [ "dm-snapshot" ]; boot.kernelModules = [ "kvm-amd" ]; boot.extraModulePackages = [ ]; diff --git a/modules/compromyse.nix b/modules/compromyse.nix index a19b643..779a300 100644 --- a/modules/compromyse.nix +++ b/modules/compromyse.nix @@ -2,7 +2,7 @@ { users.users.compromyse = { - initialPassword = "changeme"; + hashedPassword = "$y$j9T$QfsPs3aK5iQOzctkQglAp1$00VuaoJthM6hNxnoMsx58CbI3rsFDem5xtsKqPRfy4C"; isNormalUser = true; # openssh.authorizedKeys.keys = []; extraGroups = [ "wheel" "video" "storage" "input" "plugdev" "libvirtd" "docker" "kvm" ]; diff --git a/packages/dwl.nix b/packages/dwl.nix index e5313a6..c0e1586 100644 --- a/packages/dwl.nix +++ b/packages/dwl.nix @@ -27,7 +27,7 @@ stdenv.mkDerivation (finalAttrs: { owner = "compromyse"; repo = "dwl"; rev = "compromyse"; - hash = "sha256-wEaDA7VJhkYkSf88GcxjrIAp+iEc+/vnszufz9NU1h4="; + hash = "sha256-P9ieyKFBk+ROm+DzXOGmu05nYg0aoqhF9vRl8LpChg0="; }; nativeBuildInputs = [ |