From 9a3e96428fdfc9e755977435dc60945cc509a77d Mon Sep 17 00:00:00 2001 From: jay Date: Sun, 29 Jun 2025 00:15:46 +0000 Subject: [PATCH] Update hardware info, disko. --- flake.lock | 17 ++++- flake.nix | 4 +- nodes/lappy/configuration.nix | 3 +- nodes/lappy/disko.nix | 86 ++++++++++++++++++++++++++ nodes/lappy/hardware-configuration.nix | 28 --------- nodes/lappy/node.nix | 2 +- 6 files changed, 107 insertions(+), 33 deletions(-) create mode 100644 nodes/lappy/disko.nix diff --git a/flake.lock b/flake.lock index f21a8f7..d20d3ea 100644 --- a/flake.lock +++ b/flake.lock @@ -137,6 +137,20 @@ } }, "nixpkgs": { + "locked": { + "lastModified": 1750994206, + "narHash": "sha256-3u6rEbIX9CN/5A5/mc3u0wIO1geZ0EhjvPBXmRDHqWM=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "80d50fc87924c2a0d346372d242c27973cf8cdbf", + "type": "github" + }, + "original": { + "id": "nixpkgs", + "type": "indirect" + } + }, + "nixpkgs-stable-nixos": { "locked": { "lastModified": 1750969886, "narHash": "sha256-zW/OFnotiz/ndPFdebpo3X0CrbVNf22n4DjN2vxlb58=", @@ -157,7 +171,7 @@ "nix-darwin": "nix-darwin", "nixos-anywhere": "nixos-anywhere", "nixpkgs": [ - "nixpkgs" + "nixpkgs-stable-nixos" ] }, "locked": { @@ -177,6 +191,7 @@ "root": { "inputs": { "nixpkgs": "nixpkgs", + "nixpkgs-stable-nixos": "nixpkgs-stable-nixos", "nixverse": "nixverse" } }, diff --git a/flake.nix b/flake.nix index 31b4660..93c8530 100644 --- a/flake.nix +++ b/flake.nix @@ -1,9 +1,9 @@ { inputs = { - nixpkgs.url = "github:nixos/nixpkgs/nixos-25.05"; + nixpkgs-stable-nixos.url = "github:nixos/nixpkgs/nixos-25.05"; nixverse = { url = "github:hgl/nixverse"; - inputs.nixpkgs.follows = "nixpkgs"; + inputs.nixpkgs.follows = "nixpkgs-stable-nixos"; }; }; diff --git a/nodes/lappy/configuration.nix b/nodes/lappy/configuration.nix index 1bcb0ee..553fc14 100644 --- a/nodes/lappy/configuration.nix +++ b/nodes/lappy/configuration.nix @@ -11,6 +11,7 @@ ]; # Use the systemd-boot EFI boot loader. + nixpkgs.hostPlatform = "x86_64-linux"; boot.loader.systemd-boot.enable = true; boot.loader.efi.canTouchEfiVariables = true; @@ -101,7 +102,7 @@ # Copy the NixOS configuration file and link it from the resulting system # (/run/current-system/configuration.nix). This is useful in case you # accidentally delete configuration.nix. - system.copySystemConfiguration = true; + # system.copySystemConfiguration = true; # This option defines the first version of NixOS you have installed on this particular machine, # and is used to maintain compatibility with application data (e.g. databases) created on older NixOS versions. diff --git a/nodes/lappy/disko.nix b/nodes/lappy/disko.nix new file mode 100644 index 0000000..11dc003 --- /dev/null +++ b/nodes/lappy/disko.nix @@ -0,0 +1,86 @@ +{ + disko.devices = { + disk = { + nvme1n1 = { + type = "disk"; + device = "/dev/nvme0n1"; + content = { + type = "gpt"; + partitions = { + ESP = { + label = "boot"; + name = "ESP"; + size = "4500M"; + type = "EF00"; + content = { + type = "filesystem"; + format = "vfat"; + mountpoint = "/boot"; + mountOptions = [ + "umask=0077" + "defaults" + ]; + }; + }; + luks = { + size = "100%"; + label = "luks"; + content = { + type = "luks"; + name = "cryptroot"; + # disable settings.keyFile if you want to use interactive password entry + #passwordFile = "/tmp/secret.key"; # Interactive + settings = { + allowDiscards = true; + #keyFile = "/tmp/secret.key"; + }; + + #additionalKeyFiles = [ "/tmp/additionalSecret.key" ]; + content = { + type = "btrfs"; + extraArgs = [ "-L" "nixos" "-f" ]; + subvolumes = { + "/root" = { + mountpoint = "/"; + mountOptions = [ + "subvol=root" + "compress=zstd" + "noatime" + ]; + }; + "/nix" = { + mountpoint = "/nix"; + mountOptions = [ + "subvol=nix" + "compress=zstd" + "noatime" + ]; + }; + "/persist" = { + mountpoint = "/persist"; + mountOptions = [ + "subvol=persist" + "compress=zstd" + "noatime" + ]; + }; + "/log" = { + mountpoint = "/var/log"; + mountOptions = [ + "subvol=log" + "compress=zstd" + "noatime" + ]; + }; + }; + }; + }; + }; + }; + }; + }; + }; + }; + fileSystems."/nix/persist".neededForBoot = true; + fileSystems."/var/log".neededForBoot = true; +} diff --git a/nodes/lappy/hardware-configuration.nix b/nodes/lappy/hardware-configuration.nix index ebc2870..2f1bd62 100644 --- a/nodes/lappy/hardware-configuration.nix +++ b/nodes/lappy/hardware-configuration.nix @@ -13,34 +13,6 @@ boot.kernelModules = [ "kvm-intel" ]; boot.extraModulePackages = [ ]; - fileSystems."/" = - { device = "tmpfs"; - fsType = "tmpfs"; - }; - - fileSystems."/iso" = - { device = "/dev/disk/by-uuid/1980-01-01-00-00-00-00"; - fsType = "iso9660"; - }; - - fileSystems."/nix/.ro-store" = - { device = "/iso/nix-store.squashfs"; - fsType = "squashfs"; - options = [ "loop" ]; - }; - - fileSystems."/nix/.rw-store" = - { device = "tmpfs"; - fsType = "tmpfs"; - }; - - fileSystems."/nix/store" = - { device = "overlay"; - fsType = "overlay"; - }; - - swapDevices = [ ]; - # Enables DHCP on each ethernet and wireless interface. In case of scripted networking # (the default) this is the recommended approach. When using systemd-networkd it's # still possible to use this option, but it's recommended to use it in conjunction diff --git a/nodes/lappy/node.nix b/nodes/lappy/node.nix index 7852240..0bc182d 100644 --- a/nodes/lappy/node.nix +++ b/nodes/lappy/node.nix @@ -1,4 +1,4 @@ { os = "nixos"; - channel = "25.05"; + channel = "stable"; }