# SPDX-FileCopyrightText: 2024 Simon Bruder # # SPDX-License-Identifier: AGPL-3.0-or-later { modulesPath, pkgs, ... }: { imports = [ (modulesPath + "/installer/scan/not-detected.nix") ]; boot = { swraid.enable = true; kernelModules = [ "kvm-intel" ]; kernelParams = [ "ip=dhcp" ]; loader = { grub = { devices = [ "/dev/nvme0n1" "/dev/nvme1n1" ]; }; }; initrd = { availableKernelModules = [ "aesni_intel" "ahci" "e1000e" "nvme" ]; kernelModules = [ "dm-snapshot" ]; network.enable = true; # remote unlocking luks.devices = { koyomi-pv = { name = "koyomi-pv"; device = "/dev/disk/by-uuid/9145417d-e8f5-4aa9-a526-419e507c47fd"; preLVM = true; allowDiscards = true; }; }; # FIXME XXX HACK # This is required to have the md device available under /dev/disk/by-uuid. # Both commands are run as part of the regular stage-1 init script, # but for some reason, they need to be run twice. preLVMCommands = '' udevadm trigger udevadm settle ''; }; }; fileSystems = { "/" = { device = "/dev/disk/by-uuid/3b31163f-4fec-4e1c-b311-7c8aaca76cd4"; fsType = "btrfs"; options = [ "discard=async" "noatime" "compress=zstd" ]; }; "/boot" = { device = "/dev/disk/by-uuid/12CE-A600"; fsType = "vfat"; }; }; services.prometheus.exporters.smartctl.devices = [ "/dev/nvme0n1" "/dev/nvme1n1" ]; # TODO Enable periodic RAID scrubbing/checking with mdcheck networking.useDHCP = false; networking.usePredictableInterfaceNames = false; systemd.network = { enable = true; networks = { eth0 = { name = "eth0"; DHCP = "yes"; domains = [ "sbruder.de" ]; address = [ "2a01:4f8:151:712d::1/64" ]; gateway = [ "fe80::1" ]; }; }; }; }