Alice Huston
46a605d12e
* Add artemision Signed-off-by: ahuston-0 <aliceghuston@gmail.com> * blank config.nix for alice Signed-off-by: ahuston-0 <aliceghuston@gmail.com> * move alice config Signed-off-by: ahuston-0 <aliceghuston@gmail.com> * move alice config Signed-off-by: ahuston-0 <aliceghuston@gmail.com> * fix slack (artemision) Signed-off-by: ahuston-0 <aliceghuston@gmail.com> * fix unipicker (artemision) Signed-off-by: ahuston-0 <aliceghuston@gmail.com> * fix vscode (artemision) Signed-off-by: ahuston-0 <aliceghuston@gmail.com> * add wired-notify (not currently working, artemision) Signed-off-by: ahuston-0 <aliceghuston@gmail.com> * change formatter to nixfmt-rfc-style Signed-off-by: ahuston-0 <aliceghuston@gmail.com> * update lock Signed-off-by: ahuston-0 <aliceghuston@gmail.com> * initial format Signed-off-by: ahuston-0 <aliceghuston@gmail.com> * artemision settings Signed-off-by: ahuston-0 <aliceghuston@gmail.com> * add artemision files Signed-off-by: ahuston-0 <aliceghuston@gmail.com> * artemision initial setup * artemision initial setup * sops generation Signed-off-by: ahuston-0 <aliceghuston@gmail.com> * sops updates Signed-off-by: ahuston-0 <aliceghuston@gmail.com> * sops updates Signed-off-by: ahuston-0 <aliceghuston@gmail.com> * fix breaking changes, add framework module Signed-off-by: ahuston-0 <aliceghuston@gmail.com> * formatting and friends Signed-off-by: ahuston-0 <aliceghuston@gmail.com> * add boot, mutable users is true * fmt * Add desktop/framework dependencies Signed-off-by: ahuston-0 <aliceghuston@gmail.com> * enable sops * sops/ethernet fixes * update subs * cache key fix & mutable users * temp neovim * zsh changes Signed-off-by: ahuston-0 <aliceghuston@gmail.com> * dependency fixes, zsh.nix * zsh fixes for home-manager Signed-off-by: ahuston-0 <aliceghuston@gmail.com> * minor zsh fixes * minor zsh/home fixes * cleanup * typo from merge Signed-off-by: ahuston-0 <aliceghuston@gmail.com> * formatting Signed-off-by: ahuston-0 <aliceghuston@gmail.com> * remove owner Signed-off-by: ahuston-0 <aliceghuston@gmail.com> * non-server :) Signed-off-by: ahuston-0 <aliceghuston@gmail.com> * add display manager Signed-off-by: ahuston-0 <aliceghuston@gmail.com> * switch to gdm Signed-off-by: ahuston-0 <aliceghuston@gmail.com> * wayland errors Signed-off-by: ahuston-0 <aliceghuston@gmail.com> * fix formatting Signed-off-by: ahuston-0 <aliceghuston@gmail.com> * remove ZFS unstable Signed-off-by: ahuston-0 <aliceghuston@gmail.com> * zsh reorg Signed-off-by: ahuston-0 <aliceghuston@gmail.com> * wayland enable Signed-off-by: ahuston-0 <aliceghuston@gmail.com> * add boot partition options Signed-off-by: ahuston-0 <aliceghuston@gmail.com> * wayland agian Signed-off-by: ahuston-0 <aliceghuston@gmail.com> * nix format Signed-off-by: ahuston-0 <aliceghuston@gmail.com> --------- Signed-off-by: ahuston-0 <aliceghuston@gmail.com> Co-authored-by: ahuston-0 <alice.huston@gmail.com>
74 lines
1.9 KiB
Nix
74 lines
1.9 KiB
Nix
{
|
|
config,
|
|
lib,
|
|
libS,
|
|
...
|
|
}:
|
|
|
|
let
|
|
cfg = config.boot;
|
|
in
|
|
{
|
|
options = {
|
|
boot = {
|
|
default = libS.mkOpinionatedOption "enable the boot builder";
|
|
fullDiskEncryption = libS.mkOpinionatedOption "use luks full disk encrytion";
|
|
useSystemdBoot = libS.mkOpinionatedOption "use systemd boot";
|
|
cpuType = lib.mkOption {
|
|
type = lib.types.str;
|
|
example = "amd";
|
|
default = "";
|
|
description = "The cpu-type installed on the server.";
|
|
};
|
|
|
|
amdGPU = libS.mkOpinionatedOption "the system contains a AMD GPU";
|
|
filesystem = lib.mkOption {
|
|
type = lib.types.str;
|
|
example = "btrfs";
|
|
default = "ext4";
|
|
description = "The filesystem installed.";
|
|
};
|
|
};
|
|
};
|
|
|
|
config.boot = lib.mkIf cfg.default {
|
|
supportedFilesystems = [ cfg.filesystem ];
|
|
tmp.useTmpfs = true;
|
|
kernelPackages = config.boot.zfs.package.latestCompatibleLinuxPackages;
|
|
kernelParams =
|
|
[ "nordrand" ]
|
|
++ lib.optional (cfg.cpuType == "amd") "kvm-amd"
|
|
++ lib.optional cfg.fullDiskEncryption "ip=<ip-addr>::<ip-gateway>:<netmask>";
|
|
initrd = {
|
|
kernelModules = lib.mkIf cfg.amdGPU [ "amdgpu" ];
|
|
network = lib.mkIf cfg.fullDiskEncryption {
|
|
enable = true;
|
|
ssh = {
|
|
enable = true;
|
|
port = 2222;
|
|
};
|
|
};
|
|
};
|
|
|
|
zfs = lib.mkIf (cfg.filesystem == "zfs") {
|
|
devNodes = "/dev/disk/by-id/";
|
|
forceImportRoot = true;
|
|
};
|
|
|
|
loader = {
|
|
efi.canTouchEfiVariables = false;
|
|
generationsDir.copyKernels = true;
|
|
systemd-boot.enable = lib.mkIf cfg.useSystemdBoot true;
|
|
grub = lib.mkIf (!cfg.useSystemdBoot) {
|
|
enable = lib.mkForce true;
|
|
copyKernels = true;
|
|
zfsSupport = lib.mkIf (cfg.filesystem == "zfs") true;
|
|
efiSupport = true;
|
|
efiInstallAsRemovable = true;
|
|
fsIdentifier = "uuid";
|
|
enableCryptodisk = lib.mkIf cfg.fullDiskEncryption true;
|
|
};
|
|
};
|
|
};
|
|
}
|