104 lines
2.9 KiB
Nix
104 lines
2.9 KiB
Nix
{user}: { config, lib, pkgs, modulesPath, ... }:
|
|
|
|
{
|
|
imports =
|
|
[
|
|
(modulesPath + "/installer/scan/not-detected.nix")
|
|
./displays.nix
|
|
];
|
|
|
|
boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" "ahci" "usbhid" "usb_storage" "sd_mod" ];
|
|
boot.initrd.kernelModules = [ "uas" "usbcore" "usb_storage" "vfat" "nls_cp437" "nls_iso8859_1" ];
|
|
boot.kernelModules = [ "kvm-amd" ];
|
|
boot.extraModulePackages = [ ];
|
|
|
|
fileSystems."/" =
|
|
{
|
|
device = "/dev/disk/by-uuid/2dad5ed6-44cc-4d9d-9392-32afaa7b3909";
|
|
fsType = "btrfs";
|
|
options = [ "subvol=@" "compress=zstd" "autodefrag" ];
|
|
};
|
|
|
|
boot.initrd.postDeviceCommands = pkgs.lib.mkBefore ''
|
|
mkdir -m 0755 -p /key
|
|
|
|
until cryptsetup luksOpen /dev/disk/by-id/usb-Generic_Flash_Disk_BCC97785-0:0 usbkey
|
|
do
|
|
echo "Failed to unlock usbkey!"
|
|
echo "Found block devices:"
|
|
ls /dev/disk/by-id/
|
|
sleep 2
|
|
done
|
|
mount -n -t vfat -o ro /dev/mapper/usbkey /key
|
|
'';
|
|
|
|
boot.initrd.luks.devices."cryptroot" = {
|
|
device = "/dev/disk/by-uuid/cc0617df-8cbf-4618-abbc-df64c96de151";
|
|
keyFileSize = 4096;
|
|
keyFile = "/key/keyfile";
|
|
preLVM = false;
|
|
};
|
|
|
|
fileSystems."/home" =
|
|
{
|
|
device = "/dev/disk/by-uuid/2dad5ed6-44cc-4d9d-9392-32afaa7b3909";
|
|
fsType = "btrfs";
|
|
options = [ "subvol=@home" "compress=zstd" "autodefrag" ];
|
|
};
|
|
|
|
fileSystems."/boot" =
|
|
{
|
|
device = "/dev/disk/by-uuid/FE7E-0DE3";
|
|
fsType = "vfat";
|
|
};
|
|
|
|
swapDevices =
|
|
[{ device = "/dev/disk/by-uuid/da57b489-ab77-4830-b710-9f96cf43d053"; }];
|
|
|
|
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
|
|
# (the default) this is the recommended approach. When using systemd-networkd it's
|
|
# still possible to use this option, but it's recommended to use it in conjunction
|
|
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
|
|
networking.useDHCP = lib.mkDefault true;
|
|
# networking.interfaces.enp5s0.useDHCP = lib.mkDefault true;
|
|
|
|
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
|
|
hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
|
|
|
|
hardware.keyboard.zsa.enable = true;
|
|
|
|
networking.hostName = "zenix";
|
|
|
|
services.openssh.enable = true;
|
|
|
|
networking.firewall.checkReversePath = "loose";
|
|
|
|
system.stateVersion = "22.11"; # do not change
|
|
|
|
virtualisation = {
|
|
podman = {
|
|
enable = true;
|
|
};
|
|
};
|
|
|
|
home-manager.users.${user}.imports = [{
|
|
home.stateVersion = "22.05";
|
|
|
|
wayland.windowManager.hyprland = {
|
|
extraConfig = ''
|
|
workspace = DP-1, 1
|
|
workspace = 1, monitor:DP-1
|
|
workspace = 2, monitor:DP-1
|
|
workspace = 3, monitor:DP-1
|
|
workspace = 4, monitor:DP-1
|
|
workspace = 5, monitor:DP-1
|
|
'';
|
|
};
|
|
programs.waybar.settings.mainBar."hyprland/workspaces".persistent_workspaces = {
|
|
DP-1 = 5;
|
|
};
|
|
|
|
home.packages = with pkgs; [ monado openxr-loader ];
|
|
}];
|
|
|
|
}
|