README: Prefer UEFI in installation instructions

README.md

@@ -45,6 +45,15 @@ Set up wifi if no wired connection is available:
 
 Create the partition table (enter the indented lines in the repl):
 
+    parted /dev/nvmeXnY
+      mktable GPT
+      mkpart ESP 1MiB 512MiB
+      mkpart root 512MiB 100%
+      set 1 esp on
+      quit
+
+On MBR:
+
     parted /dev/sdX
       mktable GPT
       mkpart primary 1MiB 2MiB
@@ -54,19 +63,10 @@ Create the partition table (enter the indented lines in the repl):
       disk_toggle pmbr_boot
       quit
 
-On UEFI:
-
-    parted /dev/nvmeXnY
-      mktable GPT
-      mkpart ESP 1MiB 512MiB
-      mkpart root 512MiB 100%
-      set 1 esp on
-      quit
-
 Format encrypted partition and open it:
 
-    cryptsetup luksFormat --type luks2 /dev/sdX3
-    cryptsetup open --type luks2 /dev/sdX3 HOSTNAME-pv
+    cryptsetup luksFormat --type luks2 /dev/nvmeXnYp2
+    cryptsetup open --type luks2 /dev/nvmeXnYp2 HOSTNAME-pv
 
 Create LVM (replace `8G` with desired swap size):
 
@@ -81,13 +81,13 @@ the following after opening the luks partition: `vgchange -ay`.
 
 Create filesystems:
 
-    mkfs.ext2 /dev/sdX2
+    mkfs.fat -F 32 -n boot /dev/nvmeXnYpZ
     mkfs.btrfs -L root /dev/HOSTNAME-vg/root
     mkswap -L swap /dev/HOSTNAME-vg/swap
 
-On UEFI:
+On MBR:
 
-    mkfs.fat -F 32 -n boot /dev/nvmeXnYpZ
+    mkfs.ext2 /dev/sdX2
     mkfs.btrfs -L root /dev/HOSTNAME-vg/root
     mkswap -L swap /dev/HOSTNAME-vg/swap
 
@@ -95,7 +95,7 @@ Mount the file systems and activate swap:
 
     mount /dev/HOSTNAME-vg/root /mnt
     mkdir /mnt/boot
-    mount /dev/sdX2 /mnt/boot
+    mount /dev/nvmeXnYp1 /mnt/boot
     swapon /dev/HOSTNAME-vg/swap
 
 Generate hardware configuration and copy hardware configuration to machine

machines/fuuko/services/router.nix

@@ -67,8 +67,8 @@ in
         };
         wireguardPeers = lib.singleton {
           wireguardPeerConfig = {
-            Endpoint = "146.70.117.194:51820";
-            PublicKey = "ydXFN45/kROELJrF6id+uIrnS5DvTKSCkZDjfL9De2Q=";
+            Endpoint = "193.32.127.70:51820";
+            PublicKey = "dV/aHhwG0fmp0XuvSvrdWjCtdyhPDDFiE/nuv/1xnRM=";
             AllowedIPs = [ "0.0.0.0/0" "::0/0" ];
             PersistentKeepalive = 25;
           };

machines/hitagi/README.md

@@ -8,9 +8,7 @@ Custom build in a be quiet! Pure Base 500.
  * CPU: AMD Ryzen 7 5800X
  * RAM: 2×16GB G.Skill Aegis DDR4-3200 CL16 (not because it is anything special)
  * PSU: be quiet! System Power 10 750W
- * Main SSD: 250GB Samsung 970 Evo Pro NVMe
- * Secondary SSD: 256GB micron MTFDDAK256TBN-1AR15ABHA SATA
- * HDD: 2TB Toshiba HDWA120
+ * SSD: 1TB Samsung 980 Pro NVMe
  * GPU: Intel Arc A770 Limited Edition (16GB VRAM)
  * Case fans: 2 be quiet! Pure Wings 2 140 mm (included in case), 3 more with PWM
  * CPU Cooler: Noctua NH-U12S with an additional NF-F12 PWM

machines/hitagi/configuration.nix

@@ -26,11 +26,6 @@
     wireguard.home.enable = true;
   };
 
-  virtualisation.libvirtd = {
-    enable = true;
-    qemu.package = pkgs.qemu_kvm;
-  };
-
   services.tor = {
     enable = true;
     client.enable = true;
@@ -40,35 +35,6 @@
     enableTor = true;
   };
 
-  services.samba = {
-    enable = true;
-    securityType = "user";
-    extraConfig = ''
-      interfaces = 192.168.122.1
-      bind interfaces only = yes
-      map to guest = bad user
-      load printers = no
-      printing = bsd
-      disable spoolss = yes
-      usershare max shares = 0
-      acl allow execute always = True
-    '';
-    shares = {
-      qemu = {
-        path = "/data/cache/win10/shared";
-        browseable = "yes";
-        "read only" = "no";
-        "guest ok" = "yes";
-        "force user" = "simon";
-      };
-    };
-  };
-  networking.firewall.trustedInterfaces = [ "virbr0" ];
-  systemd.services.samba-nmbd = {
-    wants = [ "libvirtd.service" ];
-    after = [ "libvirtd.service" ];
-  };
-
   networking.hostName = "hitagi";
 
   system.stateVersion = "20.03";

machines/hitagi/hardware-configuration.nix

@@ -26,7 +26,7 @@
       luks.devices = {
         root = {
           name = "root";
-          device = "/dev/disk/by-uuid/1607bb2a-329b-4252-b11a-b43eb6b7bf0c";
+          device = "/dev/disk/by-uuid/63c6aa7c-47c5-43f5-b0eb-c32b0768327b";
           preLVM = true;
           allowDiscards = true;
         };
@@ -36,44 +36,19 @@
 
   fileSystems = {
     "/" = {
-      device = "/dev/disk/by-uuid/9e6b279e-6995-44da-b673-21b9e23a5278";
+      device = "/dev/disk/by-uuid/3994f497-9848-459e-9642-cbc14a7d3c97";
       fsType = "btrfs";
       options = [ "discard=async" "noatime" "compress=zstd" ];
     };
 
     "/boot" = {
-      device = "/dev/disk/by-uuid/75DA-DFE2";
+      device = "/dev/disk/by-uuid/96B6-34BD";
       fsType = "vfat";
     };
-
-    "/data" = {
-      device = "/dev/mapper/data";
-      fsType = "btrfs";
-      options = [ "compress=zstd" ];
-      encrypted = {
-        label = "data";
-        enable = true;
-        blkDev = "/dev/disk/by-uuid/7f4ba71e-3aca-4294-b37f-49f37b584dbd";
-        keyFile = "/mnt-root/root/luks-data";
-      };
-    };
-
-    "/data/ssd" = {
-      device = "/dev/mapper/data-ssd";
-      fsType = "btrfs";
-      options = [ "discard=async" "noatime" "compress=zstd" ];
-      encrypted = {
-        # !!! HACK
-        label = "data-ssd --allow-discards";
-        enable = true;
-        blkDev = "/dev/disk/by-uuid/41baa168-7fa0-4eb3-b314-50766ddf126d";
-        keyFile = "/mnt-root/root/luks-data";
-      };
-    };
   };
 
   swapDevices = [
-    { device = "/dev/disk/by-uuid/2774d182-ddc9-4d79-886e-995fcd60a88a"; }
+    { device = "/dev/disk/by-uuid/98de7ced-4d7c-4915-bf5b-1a0300458ea6"; }
   ];
 
   # GPU