From 54589eb953d191e6f1b4bac48e3fca40fca752e0 Mon Sep 17 00:00:00 2001 From: Lillian-Violet Date: Thu, 15 Feb 2024 14:27:03 +0100 Subject: [PATCH] set up lanzaboot and update the EDI disko setup --- disko/EDI/lvm.nix | 3 +- nixos/hosts/EDI/configuration.nix | 27 +++++++++--- nixos/hosts/EDI/hardware-configuration.nix | 51 +++++++++------------- 3 files changed, 42 insertions(+), 39 deletions(-) diff --git a/disko/EDI/lvm.nix b/disko/EDI/lvm.nix index 43b5e8f..f8cd5dc 100644 --- a/disko/EDI/lvm.nix +++ b/disko/EDI/lvm.nix @@ -47,9 +47,10 @@ type = "lvm_vg"; lvs = { swap = { - size = "4G"; + size = "8G"; content = { type = "swap"; + resumeDevice = true; # resume from hiberation from this device }; }; root = { diff --git a/nixos/hosts/EDI/configuration.nix b/nixos/hosts/EDI/configuration.nix index 7788910..b76499a 100644 --- a/nixos/hosts/EDI/configuration.nix +++ b/nixos/hosts/EDI/configuration.nix @@ -24,7 +24,7 @@ ../../desktop - ../../../disko/EDI + ../../../disko/EDI/lvm.nix # Import your generated (nixos-generate-config) hardware configuration ./hardware-configuration.nix @@ -41,6 +41,7 @@ environment.systemPackages = with pkgs; [ podman podman-compose + sbctl ]; virtualisation.podman = { @@ -53,13 +54,25 @@ boot.bootspec.enable = true; boot.kernelPackages = pkgs.linuxPackages_latest; boot.supportedFilesystems = ["bcachefs"]; - boot = { - loader.systemd-boot.enable = lib.mkForce false; - lanzaboote = { - enable = true; - pkiBundle = "/etc/secureboot"; - }; + + # Lanzaboote currently replaces the systemd-boot module. + # This setting is usually set to true in configuration.nix + # generated at installation time. So we force it to false + # for now. + boot.loader.systemd-boot.enable = lib.mkForce false; + + boot.lanzaboote = { + enable = true; + pkiBundle = "/etc/secureboot"; }; + + #boot = { + #loader.systemd-boot.enable = lib.mkForce false; + #lanzaboote = { + #enable = true; + #pkiBundle = "/etc/secureboot"; + #}; + #}; # Enable bluetooth hardware hardware.bluetooth.enable = true; diff --git a/nixos/hosts/EDI/hardware-configuration.nix b/nixos/hosts/EDI/hardware-configuration.nix index 6e02f8d..006d087 100644 --- a/nixos/hosts/EDI/hardware-configuration.nix +++ b/nixos/hosts/EDI/hardware-configuration.nix @@ -1,48 +1,37 @@ # Do not modify this file! It was generated by ‘nixos-generate-config’ # and may be overwritten by future invocations. Please make changes # to /etc/nixos/configuration.nix instead. +{ config, lib, pkgs, modulesPath, ... }: + { - config, - lib, - pkgs, - modulesPath, - ... -}: { - imports = [ - (modulesPath + "/installer/scan/not-detected.nix") - ]; + imports = + [ (modulesPath + "/installer/scan/not-detected.nix") + ]; - boot.initrd.availableKernelModules = ["xhci_pci" "nvme" "usb_storage" "sd_mod" "rtsx_pci_sdmmc"]; - boot.initrd.kernelModules = []; - boot.kernelModules = ["kvm-intel"]; - boot.extraModulePackages = []; + boot.initrd.availableKernelModules = [ "xhci_pci" "nvme" "usb_storage" "sd_mod" "rtsx_pci_sdmmc" ]; + boot.initrd.kernelModules = [ "dm-snapshot" ]; + boot.kernelModules = [ "kvm-intel" ]; + boot.extraModulePackages = [ ]; - # fileSystems."/" = { - # device = "UUID=88cd54d3-b644-4bae-96e9-51d2db3c5628"; - # fsType = "bcachefs"; - # }; + #fileSystems."/" = + # { device = "UUID=65956905-b7a5-4573-81fe-622c42cabdf5"; + # fsType = "bcachefs"; + # }; - #boot.initrd.luks.devices."crypted".device = "/dev/disk/by-uuid/91da75e7-52bc-4a50-9293-7e5e431040e0"; + #fileSystems."/boot" = + # { device = "/dev/disk/by-uuid/3D90-9CF4"; + # fsType = "vfat"; + # }; - # fileSystems."/boot" = { - # device = "/dev/disk/by-uuid/01B2-909E"; - # fsType = "vfat"; - # options = ["fmask=0077" "dmask=0077" "defaults"]; - # }; - - # swapDevices = [ - # { - # device = "/dev/disk/by-path/pci-0000:71:00.0-nvme-1-part2"; - # randomEncryption.enable = true; - # } - # ]; + #swapDevices = + # [ { device = "/dev/disk/by-uuid/07258619-dbae-4fe9-aa2e-921d85b6a53b"; } + # ]; # Enables DHCP on each ethernet and wireless interface. In case of scripted networking # (the default) this is the recommended approach. When using systemd-networkd it's # still possible to use this option, but it's recommended to use it in conjunction # with explicit per-interface declarations with `networking.interfaces..useDHCP`. networking.useDHCP = lib.mkDefault true; - # networking.interfaces.enp0s20f0u9u2c2.useDHCP = lib.mkDefault true; # networking.interfaces.wlp2s0.useDHCP = lib.mkDefault true; nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";