Lillian-Violet/NixOS-Config
1
0
Fork 0
Code Issues Pull requests Actions Packages Projects Releases Wiki Activity

set up lanzaboot and update the EDI disko setup

Browse source
This commit is contained in:
Lillian Violet 2024-02-15 14:27:03 +01:00
parent e37d49f05f
commit 54589eb953
3 changed files with 42 additions and 39 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
disko/EDI/lvm.nix
View file

@ -47,9 +47,10 @@
type = "lvm_vg";
lvs = {
swap = {
size = "4G";
size = "8G";
content = {
type = "swap";
resumeDevice = true; # resume from hiberation from this device
};
};
root = {

27
nixos/hosts/EDI/configuration.nix
View file

@ -24,7 +24,7 @@
../../desktop
../../../disko/EDI
../../../disko/EDI/lvm.nix
# Import your generated (nixos-generate-config) hardware configuration
./hardware-configuration.nix
@ -41,6 +41,7 @@
environment.systemPackages = with pkgs; [
podman
podman-compose
sbctl
];
virtualisation.podman = {
@ -53,13 +54,25 @@
boot.bootspec.enable = true;
boot.kernelPackages = pkgs.linuxPackages_latest;
boot.supportedFilesystems = ["bcachefs"];
boot = {
loader.systemd-boot.enable = lib.mkForce false;
lanzaboote = {
enable = true;
pkiBundle = "/etc/secureboot";
};
# Lanzaboote currently replaces the systemd-boot module.
# This setting is usually set to true in configuration.nix
# generated at installation time. So we force it to false
# for now.
boot.loader.systemd-boot.enable = lib.mkForce false;
boot.lanzaboote = {
enable = true;
pkiBundle = "/etc/secureboot";
};
#boot = {
#loader.systemd-boot.enable = lib.mkForce false;
#lanzaboote = {
#enable = true;
#pkiBundle = "/etc/secureboot";
#};
#};
# Enable bluetooth hardware
hardware.bluetooth.enable = true;

51
nixos/hosts/EDI/hardware-configuration.nix
View file

@ -1,48 +1,37 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }:
{
config,
lib,
pkgs,
modulesPath,
...
}: {
imports = [
(modulesPath + "/installer/scan/not-detected.nix")
];
imports =
[ (modulesPath + "/installer/scan/not-detected.nix")
];
boot.initrd.availableKernelModules = ["xhci_pci" "nvme" "usb_storage" "sd_mod" "rtsx_pci_sdmmc"];
boot.initrd.kernelModules = [];
boot.kernelModules = ["kvm-intel"];
boot.extraModulePackages = [];
boot.initrd.availableKernelModules = [ "xhci_pci" "nvme" "usb_storage" "sd_mod" "rtsx_pci_sdmmc" ];
boot.initrd.kernelModules = [ "dm-snapshot" ];
boot.kernelModules = [ "kvm-intel" ];
boot.extraModulePackages = [ ];
# fileSystems."/" = {
# device = "UUID=88cd54d3-b644-4bae-96e9-51d2db3c5628";
# fsType = "bcachefs";
# };
#fileSystems."/" =
# { device = "UUID=65956905-b7a5-4573-81fe-622c42cabdf5";
# fsType = "bcachefs";
# };
#boot.initrd.luks.devices."crypted".device = "/dev/disk/by-uuid/91da75e7-52bc-4a50-9293-7e5e431040e0";
#fileSystems."/boot" =
# { device = "/dev/disk/by-uuid/3D90-9CF4";
# fsType = "vfat";
# };
# fileSystems."/boot" = {
# device = "/dev/disk/by-uuid/01B2-909E";
# fsType = "vfat";
# options = ["fmask=0077" "dmask=0077" "defaults"];
# };
# swapDevices = [
# {
# device = "/dev/disk/by-path/pci-0000:71:00.0-nvme-1-part2";
# randomEncryption.enable = true;
# }
# ];
#swapDevices =
# [ { device = "/dev/disk/by-uuid/07258619-dbae-4fe9-aa2e-921d85b6a53b"; }
# ];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's
# still possible to use this option, but it's recommended to use it in conjunction
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
networking.useDHCP = lib.mkDefault true;
# networking.interfaces.enp0s20f0u9u2c2.useDHCP = lib.mkDefault true;
# networking.interfaces.wlp2s0.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";