diff --git a/SwarselSystems.org b/SwarselSystems.org index 3cf6865..600ea51 100644 --- a/SwarselSystems.org +++ b/SwarselSystems.org @@ -1855,7 +1855,6 @@ My work machine. Built for more security, this is the gold standard of my config wallpaper = ../../wallpaper/lenovowp.png; hasBluetooth = true; hasFingerprint = true; - initialSetup = true; impermanence = false; isBtrfs = true; }; @@ -6061,6 +6060,8 @@ Normally, doing that also resets the lecture that happens on the first use of =s # So if it doesn't run, the btrfs system effectively acts like a normal system # Taken from https://github.com/NotAShelf/nyx/blob/2a8273ed3f11a4b4ca027a68405d9eb35eba567b/modules/core/common/system/impermanence/default.nix + boot.initrd.systemd.enable = true; + boot.initrd.systemd.services.rollback = lib.mkIf config.swarselsystems.impermanence { description = "Rollback BTRFS root subvolume to a pristine state"; wantedBy = [ "initrd.target" ]; @@ -6112,16 +6113,16 @@ Normally, doing that also resets the lecture that happens on the first use of =s hideMounts = true; directories = [ - "/.cache/nix/" + "/.cache/nix" "/srv" "/etc/nixos" "/etc/nix" "/home/swarsel/.dotfiles" "/etc/NetworkManager/system-connections" "/etc/secureboot" - "/var/db/sudo/" - "/var/cache/" - "/var/lib/" + "/var/db/sudo" + "/var/cache" + "/var/lib" ]; files = [ diff --git a/profiles/common/nixos/impermanence.nix b/profiles/common/nixos/impermanence.nix index 75114ec..963178b 100644 --- a/profiles/common/nixos/impermanence.nix +++ b/profiles/common/nixos/impermanence.nix @@ -10,6 +10,8 @@ # So if it doesn't run, the btrfs system effectively acts like a normal system # Taken from https://github.com/NotAShelf/nyx/blob/2a8273ed3f11a4b4ca027a68405d9eb35eba567b/modules/core/common/system/impermanence/default.nix + boot.initrd.systemd.enable = true; + boot.initrd.systemd.services.rollback = lib.mkIf config.swarselsystems.impermanence { description = "Rollback BTRFS root subvolume to a pristine state"; wantedBy = [ "initrd.target" ]; @@ -61,16 +63,16 @@ hideMounts = true; directories = [ - "/.cache/nix/" + "/.cache/nix" "/srv" "/etc/nixos" "/etc/nix" "/home/swarsel/.dotfiles" "/etc/NetworkManager/system-connections" "/etc/secureboot" - "/var/db/sudo/" - "/var/cache/" - "/var/lib/" + "/var/db/sudo" + "/var/cache" + "/var/lib" ]; files = [ diff --git a/profiles/nbl-imba-2/default.nix b/profiles/nbl-imba-2/default.nix index da0d312..b1624fc 100644 --- a/profiles/nbl-imba-2/default.nix +++ b/profiles/nbl-imba-2/default.nix @@ -71,7 +71,6 @@ wallpaper = ../../wallpaper/lenovowp.png; hasBluetooth = true; hasFingerprint = true; - initialSetup = true; impermanence = false; isBtrfs = true; }; diff --git a/profiles/nbl-imba-2/hardware-configuration.nix b/profiles/nbl-imba-2/hardware-configuration.nix index 27f5d25..3ac3115 100644 --- a/profiles/nbl-imba-2/hardware-configuration.nix +++ b/profiles/nbl-imba-2/hardware-configuration.nix @@ -9,10 +9,15 @@ (modulesPath + "/installer/scan/not-detected.nix") ]; - boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" "thunderbolt" "usb_storage" "usbhid" "sd_mod" ]; + boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" "thunderbolt" "usb_storage" "cryptd" "usbhid" "sd_mod" ]; boot.initrd.kernelModules = [ ]; boot.kernelModules = [ "kvm-amd" ]; boot.extraModulePackages = [ ]; + boot.initrd.luks.devices."cryptroot" = { + # improve performance on ssds + bypassWorkqueues = true; + preLVM = true; + }; # fileSystems."/" = # { diff --git a/programs/swayidle/config b/programs/swayidle/config index 0d4c878..2c3e194 100644 --- a/programs/swayidle/config +++ b/programs/swayidle/config @@ -1,4 +1,4 @@ timeout 300 'swaylock -f --screenshots --clock --effect-blur 7x5 --effect-vignette 0.5:0.5 --fade-in 0.2 --daemonize ' -timeout 600 'swaymsg "output * power off"' -after-resume 'swaymsg "output * power on"' +timeout 600 'swaymsg "output * dpms off"' +after-resume 'swaymsg "output * dpms on"' before-sleep 'swaylock -f --screenshots --clock --effect-blur 7x5 --effect-vignette 0.5:0.5 --fade-in 0.2 --daemonize -'