swarsel/.dotfiles
1
0
Fork 0
mirror of https://github.com/Swarsel/.dotfiles.git synced 2025-12-06 17:17:22 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

refactor: split noweb... into appendix, template

Browse source
This commit is contained in:
Leon Schwarzäugl 2024-12-29 01:21:10 +01:00
parent 8a7e6102ac
commit 80bf7596bc
Signed by: swarsel
GPG key ID: 26A54C31F2A4FD84
3 changed files with 1013 additions and 599 deletions
Download patch file Download diff file Expand all files Collapse all files

1412
SwarselSystems.org
View file

File diff suppressed because it is too large Load diff

78
templates/hosts/nixos/default.nix Normal file
View file

@ -0,0 +1,78 @@
{ self, inputs, outputs, config, pkgs, lib, ... }:
let
profilesPath = "${self}/profiles";
sharedOptions = {
isBtrfs = true;
};
in
{
imports = outputs.nixModules ++ [
# ---- nixos-hardware here ----
./hardware-configuration.nix
./disk-config.nix
"${profilesPath}/optional/nixos/virtualbox.nix"
# "${profilesPath}/optional/nixos/vmware.nix"
"${profilesPath}/optional/nixos/autologin.nix"
"${profilesPath}/optional/nixos/nswitch-rcm.nix"
"${profilesPath}/optional/nixos/gaming.nix"
inputs.home-manager.nixosModules.home-manager
{
home-manager.users.swarsel.imports = outputs.mixedModules ++ [
"${profilesPath}/optional/home/gaming.nix"
] ++ (builtins.attrValues outputs.homeManagerModules);
}
] ++ (builtins.attrValues outputs.nixosModules);
nixpkgs = {
overlays = [ outputs.overlays.default ];
config = {
allowUnfree = true;
};
};
boot = {
kernelPackages = lib.mkDefault pkgs.linuxPackages_latest;
};
networking = {
hostName = "TEMPLATE";
firewall.enable = true;
};
swarselsystems = lib.recursiveUpdate
{
wallpaper = self + /wallpaper/lenovowp.png;
hasBluetooth = true;
hasFingerprint = true;
isImpermanence = true;
isSecureBoot = true;
isCrypted = true;
isSwap = true;
swapSize = "32G";
rootDisk = "TEMPLATE";
}
sharedOptions;
home-manager.users.swarsel.swarselsystems = lib.recursiveUpdate
{
isLaptop = true;
isNixos = true;
flakePath = "/home/swarsel/.dotfiles";
cpuCount = 16;
startup = [
{ command = "nextcloud --background"; }
{ command = "vesktop --start-minimized --enable-speech-dispatcher --ozone-platform-hint=auto --enable-features=WaylandWindowDecorations --enable-wayland-ime"; }
{ command = "element-desktop --hidden --enable-features=UseOzonePlatform --ozone-platform=wayland --disable-gpu-driver-bug-workarounds"; }
{ command = "ANKI_WAYLAND=1 anki"; }
{ command = "OBSIDIAN_USE_WAYLAND=1 obsidian"; }
{ command = "nm-applet"; }
{ command = "feishin"; }
];
}
sharedOptions;
}

122
templates/hosts/nixos/disk-config.nix Normal file
View file

@ -0,0 +1,122 @@
{ lib, pkgs, config, rootDisk, ... }:
let
type = "btrfs";
extraArgs = [ "-L" "nixos" "-f" ]; # force overwrite
subvolumes = {
"/root" = {
mountpoint = "/";
mountOptions = [
"subvol=root"
"compress=zstd"
"noatime"
];
};
"/home" = lib.mkIf config.swarselsystems.isImpermanence {
mountpoint = "/home";
mountOptions = [
"subvol=home"
"compress=zstd"
"noatime"
];
};
"/persist" = lib.mkIf config.swarselsystems.isImpermanence {
mountpoint = "/persist";
mountOptions = [
"subvol=persist"
"compress=zstd"
"noatime"
];
};
"/log" = lib.mkIf config.swarselsystems.isImpermanence {
mountpoint = "/var/log";
mountOptions = [
"subvol=log"
"compress=zstd"
"noatime"
];
};
"/nix" = {
mountpoint = "/nix";
mountOptions = [
"subvol=nix"
"compress=zstd"
"noatime"
];
};
"/swap" = lib.mkIf config.swarselsystems.isSwap {
mountpoint = "/.swapvol";
swap.swapfile.size = config.swarselsystems.swapSize;
};
};
in
{
disko.devices = {
disk = {
disk0 = {
type = "disk";
device = config.swarselsystems.rootDisk;
content = {
type = "gpt";
partitions = {
ESP = {
priority = 1;
name = "ESP";
size = "512M";
type = "EF00";
content = {
type = "filesystem";
format = "vfat";
mountpoint = "/boot";
mountOptions = [ "defaults" ];
};
};
root = lib.mkIf (!config.swarselsystems.isCrypted) {
size = "100%";
content = {
inherit type subvolumes extraArgs;
postCreateHook = lib.mkIf config.swarselsystems.isImpermanence ''
MNTPOINT=$(mktemp -d)
mount "/dev/disk/by-label/nixos" "$MNTPOINT" -o subvolid=5
trap 'umount $MNTPOINT; rm -rf $MNTPOINT' EXIT
btrfs subvolume snapshot -r $MNTPOINT/root $MNTPOINT/root-blank
'';
};
};
luks = lib.mkIf config.swarselsystems.isCrypted {
size = "100%";
content = {
type = "luks";
name = "cryptroot";
passwordFile = "/tmp/disko-password"; # this is populated by bootstrap.sh
settings = {
allowDiscards = true;
# https://github.com/hmajid2301/dotfiles/blob/a0b511c79b11d9b4afe2a5e2b7eedb2af23e288f/systems/x86_64-linux/framework/disks.nix#L36
crypttabExtraOpts = [
"fido2-device=auto"
"token-timeout=10"
];
};
content = {
inherit type subvolumes extraArgs;
postCreateHook = lib.mkIf config.swarselsystems.isImpermanence ''
MNTPOINT=$(mktemp -d)
mount "/dev/mapper/cryptroot" "$MNTPOINT" -o subvolid=5
trap 'umount $MNTPOINT; rm -rf $MNTPOINT' EXIT
btrfs subvolume snapshot -r $MNTPOINT/root $MNTPOINT/root-blank
'';
};
};
};
};
};
};
};
};
fileSystems."/persist".neededForBoot = lib.mkIf config.swarselsystems.isImpermanence true;
fileSystems."/home".neededForBoot = lib.mkIf config.swarselsystems.isImpermanence true;
environment.systemPackages = [
pkgs.yubikey-manager
];
}