first usable configuration

2023-12-24 20:09:35 +01:00 · 2023-12-24 20:09:35 +01:00 · c6c879ddb4
commit c6c879ddb4
parent 469038e980
7 changed files with 94 additions and 35 deletions
--- a/.gitignore
+++ b/.gitignore
@ -0,0 +1,2 @@
+result
+result-man
--- a/flake.lock
+++ b/flake.lock
@ -1,25 +1,5 @@
 {
  "nodes": {
-    "nix-index-database": {
-      "inputs": {
-        "nixpkgs": [
-          "nixpkgs"
-        ]
-      },
-      "locked": {
-        "lastModified": 1703387252,
-        "narHash": "sha256-XKJqGj0BaEn/zyctEnkgVIh6Ba1rgTRc+UBi9EU8Y54=",
-        "owner": "Mic92",
-        "repo": "nix-index-database",
-        "rev": "f4340c1a42c38d79293ba69bfd839fbd6268a538",
-        "type": "github"
-      },
-      "original": {
-        "owner": "Mic92",
-        "repo": "nix-index-database",
-        "type": "github"
-      }
-    },
    "nixos-modules": {
      "inputs": {
        "nixpkgs-lib": [
@ -27,11 +7,11 @@
        ]
      },
      "locked": {
-        "lastModified": 1703426109,
-        "narHash": "sha256-/ujCgLJUq+iMgrvMVj58uvXan/nKvG0SeNVVrsvzJHk=",
+        "lastModified": 1703443084,
+        "narHash": "sha256-POWXUw4gf8c9eZ1PJ2Har+PBsgdyULeHbqabdVSAQZE=",
        "owner": "SuperSandro2000",
        "repo": "nixos-modules",
-        "rev": "caa008d22e663c6190ffe12286566b2e87f357e4",
+        "rev": "55e8b1d38fe4a5e0315f91dfc44bd1a6f32b06ef",
        "type": "github"
      },
      "original": {
@ -58,7 +38,6 @@
    },
    "root": {
      "inputs": {
-        "nix-index-database": "nix-index-database",
        "nixos-modules": "nixos-modules",
        "nixpkgs": "nixpkgs",
        "sops-nix": "sops-nix"
--- a/flake.nix
+++ b/flake.nix
@ -16,16 +16,14 @@
        nixpkgs-stable.follows = "nixpkgs";
      };
    };
-
-    nix-index-database = {
-      url = "github:Mic92/nix-index-database";
-      inputs.nixpkgs.follows = "nixpkgs";
-    };
  };

-  outputs = { nixpkgs, nixos-modules, nix-index-database, sops-nix, ... }:
+  outputs = { nixpkgs, nixos-modules, sops-nix, ... }:
  let
    inherit (nixpkgs) lib;
+    src = builtins.filterSource (path: type: type == "directory" || lib.hasSuffix ".nix" (baseNameOf path)) ./.;
+    ls = dir: lib.attrNames (builtins.readDir (src + "/${dir}"));
+    fileList = dir: map (file: ./. + "/${dir}/${file}") (ls dir);
  in {
    nixosConfigurations = let
      constructSystem = {
@ -39,11 +37,11 @@
        modules = [
          nixos-modules.nixosModule
          sops-nix.nixosModules.sops
-          nix-index-database.nixosModules.nix-index
          ./systems/programs.nix
          ./systems/configuration.nix
+          ./systems/${hostname}/hardware.nix
          ./systems/${hostname}/configuration.nix
-        ] ++ modules ++ map(user: ./users/${user}) users;
+        ] ++ modules ++ fileList "modules" ++ map(user: ./users/${user}) users;

      };
    in {
--- a/modules/boot.nix
+++ b/modules/boot.nix
@ -0,0 +1,39 @@
+{ config, lib, libS, ... }:
+
+let
+  cfg = config.boot;
+in
+{
+  options = {
+    boot = {
+      default = libS.mkOpinionatedOption "enable the boot builder";
+    };
+  };
+
+  config.boot = lib.mkIf cfg.default {
+    supportedFilesystems = [ "zfs" ];
+    tmp.useTmpfs = true;
+    kernelPackages = config.boot.zfs.package.latestCompatibleLinuxPackages;
+    kernelParams = [ "kvm-amd" "nordrand" ];
+    zfs = {            
+      enableUnstable = true;
+      devNodes = "/dev/disk/by-id/";
+      forceImportRoot = true;
+    };
+    loader = {
+      efi = {
+        canTouchEfiVariables = false;
+      };
+      generationsDir.copyKernels = true;
+      grub = {
+        enable = true;
+        copyKernels = true;
+        zfsSupport = true;
+        efiSupport = true;
+        efiInstallAsRemovable = true;
+        fsIdentifier = "uuid";
+        device = "nodev";
+      };
+    };
+  };
+}
--- a/systems/configuration.nix
+++ b/systems/configuration.nix
@ -8,6 +8,10 @@
    ];
  };

+  boot = {
+    default = true;
+  };
+
  networking.firewall.allowedTCPPorts = [ 22 ];

  services = {
@ -150,9 +154,8 @@
  };

  systemd.watchdog = {
-    enable = true;
    device = "/dev/watchdog";
-    runTime = "30s";
+    runtimeTime = "30s";
    rebootTime = "5m";
  };

@ -178,7 +181,7 @@
      enable = true;
      randomizedDelaySec = "1h";
      persistent = true;
-      system.autoUpgrade.flake = "github:RAD-Development/nix-dotfiles";
+      flake = "github:RAD-Development/nix-dotfiles";
    };
  };
 }
--- a/systems/palatine-hill/configuration.nix
+++ b/systems/palatine-hill/configuration.nix
@ -2,6 +2,7 @@
 {
  time.timeZone = "America/New_York";
  console.keyMap = "us";
+  networking.hostId = "1139fa08";

  virtualisation = {
    docker = {
--- a/systems/palatine-hill/hardware.nix
+++ b/systems/palatine-hill/hardware.nix
@ -0,0 +1,37 @@
+# Do not modify this file!  It was generated by ‘nixos-generate-config’
+# and may be overwritten by future invocations.  Please make changes
+# to /etc/nixos/configuration.nix instead.
+{ config, lib, modulesPath, ... }:
+
+{
+  imports =
+    [
+      (modulesPath + "/installer/scan/not-detected.nix")
+    ];
+
+  boot = {
+    initrd = {
+      availableKernelModules = [ "nvme" "xhci_pci" "ahci" "usbhid" "sd_mod" ];
+      kernelModules = [ ];
+    };
+    kernelModules = [ "kvm-amd" ];
+    extraModulePackages = [ ];
+  };
+
+  fileSystems."/" =
+  {
+    device = "proot/nixos/root";
+    fsType = "zfs";
+  };
+
+  # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
+  # (the default) this is the recommended approach. When using systemd-networkd it's
+  # still possible to use this option, but it's recommended to use it in conjunction
+  # with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
+  networking.useDHCP = lib.mkDefault true;
+  # networking.interfaces.enp5s0.useDHCP = lib.mkDefault true;
+  # networking.interfaces.wlp4s0.useDHCP = lib.mkDefault true;
+ 
+  nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
+  hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
+}