swarsel/.dotfiles
1
0
Fork 0
mirror of https://github.com/Swarsel/.dotfiles.git synced 2025-12-06 09:07:21 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

feat: impermanence tuning for nbl

Browse source
This commit is contained in:
Swarsel 2024-08-12 08:31:28 +02:00
parent 4cfdf7e1b2
commit f02873ecd9
Signed by: swarsel
GPG key ID: 26A54C31F2A4FD84
5 changed files with 20 additions and 13 deletions
Download patch file Download diff file Expand all files Collapse all files

11
SwarselSystems.org
View file

@ -1855,7 +1855,6 @@ My work machine. Built for more security, this is the gold standard of my config
wallpaper = ../../wallpaper/lenovowp.png;
hasBluetooth = true;
hasFingerprint = true;
initialSetup = true;
impermanence = false;
isBtrfs = true;
};
@ -6061,6 +6060,8 @@ Normally, doing that also resets the lecture that happens on the first use of =s
# So if it doesn't run, the btrfs system effectively acts like a normal system
# Taken from https://github.com/NotAShelf/nyx/blob/2a8273ed3f11a4b4ca027a68405d9eb35eba567b/modules/core/common/system/impermanence/default.nix
boot.initrd.systemd.enable = true;
boot.initrd.systemd.services.rollback = lib.mkIf config.swarselsystems.impermanence {
description = "Rollback BTRFS root subvolume to a pristine state";
wantedBy = [ "initrd.target" ];
@ -6112,16 +6113,16 @@ Normally, doing that also resets the lecture that happens on the first use of =s
hideMounts = true;
directories =
[
"/.cache/nix/"
"/.cache/nix"
"/srv"
"/etc/nixos"
"/etc/nix"
"/home/swarsel/.dotfiles"
"/etc/NetworkManager/system-connections"
"/etc/secureboot"
"/var/db/sudo/"
"/var/cache/"
"/var/lib/"
"/var/db/sudo"
"/var/cache"
"/var/lib"
];
files = [

10
profiles/common/nixos/impermanence.nix
View file

@ -10,6 +10,8 @@
# So if it doesn't run, the btrfs system effectively acts like a normal system
# Taken from https://github.com/NotAShelf/nyx/blob/2a8273ed3f11a4b4ca027a68405d9eb35eba567b/modules/core/common/system/impermanence/default.nix
boot.initrd.systemd.enable = true;
boot.initrd.systemd.services.rollback = lib.mkIf config.swarselsystems.impermanence {
description = "Rollback BTRFS root subvolume to a pristine state";
wantedBy = [ "initrd.target" ];
@ -61,16 +63,16 @@
hideMounts = true;
directories =
[
"/.cache/nix/"
"/.cache/nix"
"/srv"
"/etc/nixos"
"/etc/nix"
"/home/swarsel/.dotfiles"
"/etc/NetworkManager/system-connections"
"/etc/secureboot"
"/var/db/sudo/"
"/var/cache/"
"/var/lib/"
"/var/db/sudo"
"/var/cache"
"/var/lib"
];
files = [

1
profiles/nbl-imba-2/default.nix
View file

@ -71,7 +71,6 @@
wallpaper = ../../wallpaper/lenovowp.png;
hasBluetooth = true;
hasFingerprint = true;
initialSetup = true;
impermanence = false;
isBtrfs = true;
};

7
profiles/nbl-imba-2/hardware-configuration.nix
View file

@ -9,10 +9,15 @@
(modulesPath + "/installer/scan/not-detected.nix")
];
boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" "thunderbolt" "usb_storage" "usbhid" "sd_mod" ];
boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" "thunderbolt" "usb_storage" "cryptd" "usbhid" "sd_mod" ];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-amd" ];
boot.extraModulePackages = [ ];
boot.initrd.luks.devices."cryptroot" = {
# improve performance on ssds
bypassWorkqueues = true;
preLVM = true;
};
# fileSystems."/" =
# {

4
programs/swayidle/config
View file

@ -1,4 +1,4 @@
timeout 300 'swaylock -f --screenshots --clock --effect-blur 7x5 --effect-vignette 0.5:0.5 --fade-in 0.2 --daemonize '
timeout 600 'swaymsg "output * power off"'
after-resume 'swaymsg "output * power on"'
timeout 600 'swaymsg "output * dpms off"'
after-resume 'swaymsg "output * dpms on"'
before-sleep 'swaylock -f --screenshots --clock --effect-blur 7x5 --effect-vignette 0.5:0.5 --fade-in 0.2 --daemonize -'