diff options
Diffstat (limited to 'laptop/configuration.nix')
| -rw-r--r-- | laptop/configuration.nix | 247 |
1 files changed, 247 insertions, 0 deletions
diff --git a/laptop/configuration.nix b/laptop/configuration.nix new file mode 100644 index 0000000..6efd55a --- /dev/null +++ b/laptop/configuration.nix @@ -0,0 +1,247 @@ +{config, ...}: let + sources = import ../npins; + pkgs = import sources.nixpkgs {}; +in { + boot = { + initrd = { + availableKernelModules = ["xhci_pci" "nvme" "sdhci_pci"]; + systemd = { + services.impermanent-btrfs = { + description = "saves old root and makes new one"; + unitConfig.DefaultDependencies = false; + serviceConfig = { + Type = "oneshot"; + StandardOutput = "journal+console"; + StandardError = "journal+console"; + }; + requiredBy = [ + "initrd.target" + ]; + before = [ + "sysroot.mount" + ]; + requires = [ + "initrd-root-device.target" + ]; + after = [ + "initrd-root-device.target" + "local-fs-pre.target" + ]; + script = '' + mkdir /btrfs_tmp + mount ${config.fileSystems."/".device} /btrfs_tmp + if [[ -e /btrfs_tmp/root ]]; then + mkdir -p /btrfs_tmp/old_roots + timestamp=$(date --date="@$(stat -c %Y /btrfs_tmp/root)" "+%Y-%m-%-d_%H:$M:%S") + mv /btrfs_tmp/root "/btrfs_tmp/old_roots/$timestamp" + fi + + delete_subvolume_recursively() { + IFS=$'\n' + for i in $(btrfs subvolume list -o "$1" | cut -f 9- -d ' '); do + delete_subvolume_recursively "/btrfs_tmp/$i" + done + btrfs subvolume delete "$1" + } + + for i in $(find /btrfs_tmp/old_roots/ -maxdepth 1 -mtime +30); do + delete_subvolume_recursively "$i" + done + + btrfs subvolume create /btrfs_tmp/root + mkdir /btrfs_tmp/root/persist + mkdir /btrfs_tmp/root/etc + mount ${config.fileSystems."/persist".device} /btrfs_tmp/root/persist -o subvol=persist + cp /btrfs_tmp/root/persist/etc/ssh /btrfs_tmp/root/etc/ssh -r + umount /btrfs_tmp/root/persist + rm -r /btrfs_tmp/root/persist + umount /btrfs_tmp + ''; + }; + extraBin = { + "mkdir" = "${pkgs.coreutils}/bin/mkdir"; + "date" = "${pkgs.coreutils}/bin/date"; + "stat" = "${pkgs.coreutils}/bin/stat"; + "mv" = "${pkgs.coreutils}/bin/mv"; + "cp" = "${pkgs.coreutils}/bin/cp"; + "rm" = "${pkgs.coreutils}/bin/rm"; + "btrfs" = "${pkgs.btrfs-progs}/bin/btrfs"; + }; + }; + }; + kernelPackages = pkgs.linuxPackages_latest; + kernelModules = ["kvm-intel"]; + loader = { + efi.canTouchEfiVariables = true; + grub = { + device = "nodev"; + efiSupport = true; + enable = true; + extraEntries = '' + menuentry "Guix" { + search --set=drive1 --fs-uuid F425-55BA + chainloader ($drive1)//EFI/Guix/grubx64.efi + } + ''; + }; + }; + tmp.cleanOnBoot = true; + }; + documentation = { + dev.enable = true; + nixos.includeAllModules = true; + }; + environment.persistence."/persist" = { + directories = [ + "/etc/ly/custom-sessions" + "/etc/NetworkManager/system-connections" + "/etc/ssh" + "/gnu" + "/var/guix" + "/var/log" + "/var/lib/bluetooth" + "/var/lib/nixos" + "/var/lib/systemd/coredump" + ]; + enable = true; + files = [ + "/etc/ly/save.txt" + "/etc/machine-id" + ]; + hideMounts = true; + users.andromeda = { + directories = [ + ".backups" + ".cache/guix" + ".config/guix" + ".gnupg" + #".local/share/AAAAXY" + ".local/share/Anki2" + #".local/share/chat.fluffy.fluffychat" + ".local/share/cinny" + ".local/share/in.cinny.app" + #".local/share/Mindustry" + ".local/share/zoxide" + ".ssh" + "conf" + "Downloads" + "pp" + ]; + files = [".bash_history"]; + }; + }; + fileSystems = { + "/" = { + device = "/dev/disk/by-uuid/5455cfb4-0efd-4f55-b496-d2cab3f419b7"; + fsType = "btrfs"; + options = ["subvol=root"]; + }; + "/boot" = { + device = "/dev/disk/by-uuid/F425-55BA"; + fsType = "vfat"; + options = ["fmask=0022" "dmask=0022"]; + }; + "/nix" = { + device = "/dev/disk/by-uuid/0e586651-36f4-42b0-99b3-3f0704a894d6"; + fsType = "btrfs"; + }; + "/persist" = { + device = "/dev/disk/by-uuid/5455cfb4-0efd-4f55-b496-d2cab3f419b7"; + fsType = "btrfs"; + neededForBoot = true; + options = ["subvol=persist"]; + }; + }; + hardware = { + bluetooth = { + enable = true; + powerOnBoot = false; + }; + cpu.intel.updateMicrocode = true; + enableRedistributableFirmware = true; + }; + home-manager = { + backupFileExtension = "bak"; + useGlobalPkgs = true; + users.andromeda = import ./home.nix; + }; + i18n.defaultLocale = "de_DE.UTF-8"; + imports = [ + "${sources.Phoenix {inherit pkgs;}}/nix/module.nix" + "${sources.agenix {inherit pkgs;}}/modules/age.nix" + "${sources.impermanence {inherit pkgs;}}/nixos.nix" + "${sources.home-manager {inherit pkgs;}}/nixos" + ../secrets.nix + ]; + networking = { + domain = "nixos"; + hostName = "nixos"; + firewall.enable = true; + networkmanager.enable = true; + }; + nixpkgs = { + config.allowUnfree = false; + flake.source = sources.nixpkgs; + hostPlatform = "x86_64-linux"; + overlays = [ + ( + final: prev: { + phoenix = (final.callPackage "${sources.Phoenix {inherit pkgs;}}/nix/package.nix" {}).overrideAttrs { + patches = [./patches/change-default-search-engine.patch]; # default search to ddg html + }; + + withPhoenix = firefoxPackage: + firefoxPackage.override { + extraPoliciesFiles = ["${final.phoenix}/policies.json"]; + extraPrefsFiles = ["${final.phoenix}/phoenix.cfg"]; + }; + } + ) + ]; + }; + nix = { + settings = { + experimental-features = ["nix-command" "flakes"]; + substituters = ["https://cache.dataaturservice.se/spectrum/"]; + trusted-public-keys = [ + "cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY=" + "spectrum-os.org-2:foQk3r7t2VpRx92CaXb5ROyy/NBdRJQG2uX2XJMYZfU=" + ]; + trusted-users = ["@wheel"]; + }; + channel.enable = false; + }; + programs.sway.enable = true; + services = { + blueman.enable = true; + displayManager = { + enable = true; + ly.enable = true; + }; + guix.enable = true; + libinput.enable = true; + openssh.enable = true; + printing.enable = true; + xserver.xkb.layout = "de(neo)"; + }; + system.stateVersion = "26.05"; + time.timeZone = "Europe/Berlin"; + users = { + mutableUsers = false; + users.andromeda = { + isNormalUser = true; + hashedPasswordFile = builtins.toString config.age.secrets.andromeda-pw.path; + extraGroups = [ + "networkmanager" + "wheel" + "dialout" + ]; + }; + }; + zramSwap = { + enable = true; + priority = 100; + algorithm = "zstd"; + memoryPercent = 35; + }; +} |