106 lines
2.9 KiB
Nix
106 lines
2.9 KiB
Nix
{user}: {
|
|
config,
|
|
lib,
|
|
pkgs,
|
|
modulesPath,
|
|
...
|
|
}: {
|
|
imports = [
|
|
(modulesPath + "/installer/scan/not-detected.nix")
|
|
./displays.nix
|
|
];
|
|
|
|
boot.initrd.availableKernelModules = ["nvme" "xhci_pci" "ahci" "usbhid" "usb_storage" "sd_mod"];
|
|
boot.initrd.kernelModules = ["uas" "usbcore" "usb_storage" "vfat" "nls_cp437" "nls_iso8859_1"];
|
|
boot.kernelModules = ["kvm-amd"];
|
|
boot.extraModulePackages = [];
|
|
|
|
fileSystems."/" = {
|
|
device = "/dev/disk/by-uuid/2dad5ed6-44cc-4d9d-9392-32afaa7b3909";
|
|
fsType = "btrfs";
|
|
options = ["subvol=@" "compress=zstd" "autodefrag"];
|
|
};
|
|
|
|
boot.initrd.postDeviceCommands = pkgs.lib.mkBefore ''
|
|
mkdir -m 0755 -p /key
|
|
|
|
dev=/dev/disk/by-id/usb-Generic_Flash_Disk_BCC97785-0:0
|
|
sleep 1
|
|
until cryptsetup luksOpen "$dev" usbkey
|
|
do
|
|
echo "Insert key and press enter..."
|
|
read res
|
|
if test "$res" = "fzf"
|
|
then
|
|
ls /dev/disk/by-id | ${pkgs.fzf}/bin/fzf
|
|
fi
|
|
done
|
|
mount -n -t vfat -o ro /dev/mapper/usbkey /key
|
|
'';
|
|
|
|
boot.initrd.luks.devices."cryptroot" = {
|
|
device = "/dev/disk/by-uuid/cc0617df-8cbf-4618-abbc-df64c96de151";
|
|
keyFileSize = 4096;
|
|
keyFile = "/key/keyfile";
|
|
preLVM = false;
|
|
};
|
|
|
|
fileSystems."/home" = {
|
|
device = "/dev/disk/by-uuid/2dad5ed6-44cc-4d9d-9392-32afaa7b3909";
|
|
fsType = "btrfs";
|
|
options = ["subvol=@home" "compress=zstd" "autodefrag"];
|
|
};
|
|
|
|
fileSystems."/boot" = {
|
|
device = "/dev/disk/by-uuid/FE7E-0DE3";
|
|
fsType = "vfat";
|
|
};
|
|
|
|
swapDevices = [{device = "/dev/disk/by-uuid/da57b489-ab77-4830-b710-9f96cf43d053";}];
|
|
|
|
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
|
|
# (the default) this is the recommended approach. When using systemd-networkd it's
|
|
# still possible to use this option, but it's recommended to use it in conjunction
|
|
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
|
|
networking.useDHCP = lib.mkDefault true;
|
|
# networking.interfaces.enp5s0.useDHCP = lib.mkDefault true;
|
|
|
|
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
|
|
hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
|
|
|
|
hardware.keyboard.zsa.enable = true;
|
|
|
|
networking.hostName = "zenix";
|
|
|
|
services.openssh.enable = true;
|
|
|
|
networking.firewall.checkReversePath = "loose";
|
|
|
|
system.stateVersion = "22.11"; # do not change
|
|
|
|
virtualisation = {
|
|
podman = {
|
|
enable = true;
|
|
};
|
|
};
|
|
|
|
home-manager.users.${user}.imports = [
|
|
{
|
|
home.stateVersion = "22.05";
|
|
|
|
wayland.windowManager.hyprland = {
|
|
extraConfig = ''
|
|
workspace = DP-1, 1
|
|
workspace = 1, monitor:DP-1
|
|
workspace = 2, monitor:DP-1
|
|
workspace = 3, monitor:DP-1
|
|
workspace = 4, monitor:DP-1
|
|
workspace = 5, monitor:DP-1
|
|
'';
|
|
};
|
|
programs.waybar.settings.mainBar."hyprland/workspaces".persistent_workspaces = {
|
|
DP-1 = 5;
|
|
};
|
|
}
|
|
];
|
|
}
|