nixos-config/machines/fuuko/hardware-configuration.nix

109 lines
2.8 KiB
Nix
Raw Normal View History

2024-05-25 16:13:03 +02:00
# SPDX-FileCopyrightText: 2021-2024 Simon Bruder <simon@sbruder.de>
#
# SPDX-License-Identifier: AGPL-3.0-or-later
2021-01-26 18:42:42 +01:00
{ config, lib, modulesPath, pkgs, ... }:
{
imports =
[
(modulesPath + "/installer/scan/not-detected.nix")
];
boot = {
kernelModules = [ "kvm-amd" "sg" ];
2021-01-26 18:42:42 +01:00
extraModulePackages = [ ];
2023-02-22 16:59:14 +01:00
extraModprobeConfig = ''
options gigabyte_wmi force_load=1
'';
2021-01-26 18:42:42 +01:00
supportedFilesystems = [ "btrfs" ];
2023-07-01 12:37:12 +02:00
kernelParams = [ "ip=dhcp" ];
2021-01-26 18:42:42 +01:00
initrd = {
availableKernelModules = [
"aesni_intel" # hardware crypto for luks
"ahci"
"cryptd"
"igc" # network interface for remote unlocking
"r8169" # "
2021-01-26 18:42:42 +01:00
"sd_mod"
"usb_storage"
"usbhid"
"xhci_pci"
];
kernelModules = [ ];
network.enable = true; # remote unlocking
luks.devices = {
root = {
name = "root";
device = "/dev/disk/by-uuid/c5cf6858-cca0-40dc-a3b5-ab47a3f9d49c";
2021-01-26 18:42:42 +01:00
preLVM = true;
allowDiscards = true;
};
};
};
loader.grub.device = "/dev/disk/by-id/ata-INTEL_SSDSC2KB480G7_PHYS749202D6480BGN";
2021-01-26 18:42:42 +01:00
};
# Getting this to work with NixOS is a headache,
# so trusty old crypttab comes to help.
environment.etc.crypttab.text = ''
data0 UUID=aa692e73-2b75-4239-8a87-5f5b69ea56c5 /root/luks-data luks
data1 UUID=1f4120b6-a3a0-4973-8c4c-a4d6703eea2a /root/luks-data luks
data-hot UUID=c9aeade0-4c96-4786-9b22-3161d935d644 /root/luks-data-hot luks,discard
'';
2021-01-26 18:42:42 +01:00
fileSystems = {
"/" = {
device = "/dev/disk/by-uuid/92a1f733-8a23-42ea-958b-0d01a5de7776";
fsType = "btrfs";
options = [ "compress=zstd" "discard" "noatime" ];
2021-01-26 18:42:42 +01:00
};
"/boot" = {
device = "/dev/disk/by-uuid/0f1822e1-643b-49e0-b279-5e3373c6a26c";
2021-01-26 18:42:42 +01:00
fsType = "ext2";
};
"/data/cold" = {
2021-01-26 18:42:42 +01:00
device = "/dev/mapper/data0";
fsType = "btrfs";
options = [ "compress=zstd" ];
};
"/data/hot" = {
device = "/dev/mapper/data-hot";
fsType = "btrfs";
options = [ "compress=zstd" "discard" "noatime" ];
};
2021-01-26 18:42:42 +01:00
};
systemd.tmpfiles.rules = [
"d /data 0755 root root - -"
"d /data/hot 0755 root root - -"
"d /data/cold 0755 root root - -"
];
2021-01-26 18:42:42 +01:00
services.btrfs.autoScrub = {
enable = true;
fileSystems = [ "/data/cold" "/data/hot" ];
2021-01-26 18:42:42 +01:00
};
swapDevices = [
{
device = "/dev/disk/by-partuuid/22978e17-fbbf-4879-9385-5c9473df1706";
2021-01-26 18:42:42 +01:00
randomEncryption.enable = true;
}
];
2024-05-25 16:13:03 +02:00
services.prometheus.exporters.smartctl.devices = [ "/dev/nvme0n1" "/dev/sda" "/dev/sdb" "/dev/sdc" ];
powerManagement.cpuFreqGovernor = "schedutil";
2021-01-26 18:42:42 +01:00
2023-07-01 12:37:12 +02:00
networking = {
useDHCP = false;
interfaces.enp10s0.useDHCP = true;
2023-08-12 15:32:12 +02:00
interfaces.enp9s0.useDHCP = true;
2023-07-01 12:37:12 +02:00
};
services.logind.extraConfig = ''
HandlePowerKey=suspend
'';
2021-01-26 18:42:42 +01:00
}