set up lanzaboot and update the EDI disko setup

This commit is contained in:
Lillian Violet 2024-02-15 14:27:03 +01:00
parent e37d49f05f
commit 54589eb953
3 changed files with 42 additions and 39 deletions

View file

@ -47,9 +47,10 @@
type = "lvm_vg"; type = "lvm_vg";
lvs = { lvs = {
swap = { swap = {
size = "4G"; size = "8G";
content = { content = {
type = "swap"; type = "swap";
resumeDevice = true; # resume from hiberation from this device
}; };
}; };
root = { root = {

View file

@ -24,7 +24,7 @@
../../desktop ../../desktop
../../../disko/EDI ../../../disko/EDI/lvm.nix
# Import your generated (nixos-generate-config) hardware configuration # Import your generated (nixos-generate-config) hardware configuration
./hardware-configuration.nix ./hardware-configuration.nix
@ -41,6 +41,7 @@
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs; [
podman podman
podman-compose podman-compose
sbctl
]; ];
virtualisation.podman = { virtualisation.podman = {
@ -53,13 +54,25 @@
boot.bootspec.enable = true; boot.bootspec.enable = true;
boot.kernelPackages = pkgs.linuxPackages_latest; boot.kernelPackages = pkgs.linuxPackages_latest;
boot.supportedFilesystems = ["bcachefs"]; boot.supportedFilesystems = ["bcachefs"];
boot = {
loader.systemd-boot.enable = lib.mkForce false; # Lanzaboote currently replaces the systemd-boot module.
lanzaboote = { # This setting is usually set to true in configuration.nix
enable = true; # generated at installation time. So we force it to false
pkiBundle = "/etc/secureboot"; # for now.
}; boot.loader.systemd-boot.enable = lib.mkForce false;
boot.lanzaboote = {
enable = true;
pkiBundle = "/etc/secureboot";
}; };
#boot = {
#loader.systemd-boot.enable = lib.mkForce false;
#lanzaboote = {
#enable = true;
#pkiBundle = "/etc/secureboot";
#};
#};
# Enable bluetooth hardware # Enable bluetooth hardware
hardware.bluetooth.enable = true; hardware.bluetooth.enable = true;

View file

@ -1,48 +1,37 @@
# Do not modify this file! It was generated by nixos-generate-config # Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes # and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead. # to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }:
{ {
config, imports =
lib, [ (modulesPath + "/installer/scan/not-detected.nix")
pkgs, ];
modulesPath,
...
}: {
imports = [
(modulesPath + "/installer/scan/not-detected.nix")
];
boot.initrd.availableKernelModules = ["xhci_pci" "nvme" "usb_storage" "sd_mod" "rtsx_pci_sdmmc"]; boot.initrd.availableKernelModules = [ "xhci_pci" "nvme" "usb_storage" "sd_mod" "rtsx_pci_sdmmc" ];
boot.initrd.kernelModules = []; boot.initrd.kernelModules = [ "dm-snapshot" ];
boot.kernelModules = ["kvm-intel"]; boot.kernelModules = [ "kvm-intel" ];
boot.extraModulePackages = []; boot.extraModulePackages = [ ];
# fileSystems."/" = { #fileSystems."/" =
# device = "UUID=88cd54d3-b644-4bae-96e9-51d2db3c5628"; # { device = "UUID=65956905-b7a5-4573-81fe-622c42cabdf5";
# fsType = "bcachefs"; # fsType = "bcachefs";
# }; # };
#boot.initrd.luks.devices."crypted".device = "/dev/disk/by-uuid/91da75e7-52bc-4a50-9293-7e5e431040e0"; #fileSystems."/boot" =
# { device = "/dev/disk/by-uuid/3D90-9CF4";
# fsType = "vfat";
# };
# fileSystems."/boot" = { #swapDevices =
# device = "/dev/disk/by-uuid/01B2-909E"; # [ { device = "/dev/disk/by-uuid/07258619-dbae-4fe9-aa2e-921d85b6a53b"; }
# fsType = "vfat"; # ];
# options = ["fmask=0077" "dmask=0077" "defaults"];
# };
# swapDevices = [
# {
# device = "/dev/disk/by-path/pci-0000:71:00.0-nvme-1-part2";
# randomEncryption.enable = true;
# }
# ];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's # (the default) this is the recommended approach. When using systemd-networkd it's
# still possible to use this option, but it's recommended to use it in conjunction # still possible to use this option, but it's recommended to use it in conjunction
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`. # with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
networking.useDHCP = lib.mkDefault true; networking.useDHCP = lib.mkDefault true;
# networking.interfaces.enp0s20f0u9u2c2.useDHCP = lib.mkDefault true;
# networking.interfaces.wlp2s0.useDHCP = lib.mkDefault true; # networking.interfaces.wlp2s0.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";