diff --git a/flake.nix b/flake.nix index 9a179d7..c3da1a5 100644 --- a/flake.nix +++ b/flake.nix @@ -39,10 +39,9 @@ , nixos-hardware , lanzaboote , ... - }: { - formatter.x86_64-linux = nixpkgs.legacyPackages.x86_64-linux.nixfmt; - - nixosConfigurations.pim = nixpkgs.lib.nixosSystem rec { + }: + let + mkNixosSystem = extraModule: nixpkgs.lib.nixosSystem rec { system = "x86_64-linux"; modules = [ @@ -59,7 +58,6 @@ } ./nixos agenix.nixosModules.default - nixos-hardware.nixosModules.lenovo-thinkpad-x260 home-manager.nixosModules.home-manager { home-manager.useGlobalPkgs = true; @@ -69,7 +67,57 @@ }; } lanzaboote.nixosModules.lanzaboote + extraModule ]; }; + in + { + formatter.x86_64-linux = nixpkgs.legacyPackages.x86_64-linux.nixfmt; + + nixosConfigurations = { + personal = mkNixosSystem ({ pkgs, lib, ... }: { + imports = [ nixos-hardware.nixosModules.lenovo-thinkpad-x260 ]; + + config = { + fprintd = { + enable = true; + + tod = { + enable = true; + driver = pkgs.libfprint-2-tod1-vfs0090; + }; + }; + + swapDevices = [{ device = "/dev/disk/by-uuid/6028bf52-404d-4143-9cb0-9b06cd60a373"; }]; + powerManagement.cpuFreqGovernor = lib.mkDefault "powersave"; + boot.initrd.availableKernelModules = [ "ahci" "rtsx_pci_sdmmc" ]; + }; + }); + + sue = mkNixosSystem ({ ... }: { + imports = [ nixos-hardware.nixosModules.dell-xps-13-9310 ]; + + config = { + swapDevices = [{ device = "/dev/disk/by-uuid/96a43c35-0174-4e92-81f0-168a5f601f0b"; }]; + fileSystems = { + "/" = + { + device = "/dev/disk/by-uuid/31638735-5cc4-4013-8037-17e30edcbb0a"; + fsType = "ext4"; + }; + + "boot" = + { + device = "/dev/disk/by-uuid/560E-F8A2"; + fsType = "vfat"; + options = [ "fmask = 0022 " " dmask=0022" ]; + }; + }; + + boot.initrd.luks.devices."luks-8ffd3129-4908-4209-98c4-4eb68a35c494".device = "/dev/disk/by-uuid/8ffd3129-4908-4209-98c4-4eb68a35c494"; + boot.initrd.availableKernelModules = [ "thunderbolt" "vmd" "nvme" "usb_storage" ]; + }; + }); + }; }; } diff --git a/home-manager/default.nix b/home-manager/default.nix index 5b66b8a..4ae943c 100644 --- a/home-manager/default.nix +++ b/home-manager/default.nix @@ -55,6 +55,7 @@ unstable.devenv unstable.attic-client unstable.hexchat + sbctl ]; }; diff --git a/nixos/default.nix b/nixos/default.nix index 588932d..a759d28 100644 --- a/nixos/default.nix +++ b/nixos/default.nix @@ -18,15 +18,6 @@ enable = true; drivers = [ pkgs.hplip pkgs.gutenprint ]; }; - - fprintd = { - enable = true; - - tod = { - enable = true; - driver = pkgs.libfprint-2-tod1-vfs0090; - }; - }; }; users = { @@ -48,13 +39,14 @@ tree dig ]; - gnome.excludePackages = with pkgs; [ - gnome.totem + gnome.excludePackages = with pkgs; with pkgs.gnome; [ + totem gnome-tour - gnome.epiphany - gnome.geary + epiphany + geary gnome-console - gnome.gnome-music + gnome-music + gnome-calendar ]; }; @@ -144,6 +136,6 @@ nixpkgs.config = { permittedInsecurePackages = [ "electron-25.9.0" ]; - allowUnfreePredicate = pkg: builtins.elem (lib.getName pkg) [ "vmware-horizon-client" ]; + allowUnfreePredicate = pkg: builtins.elem (lib.getName pkg) [ "vmware-horizon-client" "libfprint-2-tod1-goodix" ]; }; } diff --git a/nixos/hardware-configuration.nix b/nixos/hardware-configuration.nix index a33fdaa..c278552 100644 --- a/nixos/hardware-configuration.nix +++ b/nixos/hardware-configuration.nix @@ -1,55 +1,33 @@ -# Do not modify this file! It was generated by ‘nixos-generate-config’ -# and may be overwritten by future invocations. Please make changes -# to /etc/nixos/configuration.nix instead. { config, lib, modulesPath, ... }: { imports = [ (modulesPath + "/installer/scan/not-detected.nix") ]; - boot.initrd.availableKernelModules = - [ "xhci_pci" "ahci" "sd_mod" "rtsx_pci_sdmmc" ]; - boot.initrd.kernelModules = [ ]; - boot.kernelModules = [ "kvm-intel" ]; - boot.extraModulePackages = [ ]; - boot.loader.systemd-boot.enable = lib.mkForce false; + boot = { + kernelModules = [ "kvm-intel" ]; + extraModulePackages = [ ]; - boot.lanzaboote = { - enable = true; - pkiBundle = "/etc/secureboot"; + initrd = { + availableKernelModules = [ "xhci_pci" "sd_mod" ]; + kernelModules = [ ]; + }; + + loader = { + efi.canTouchEfiVariables = true; + systemd-boot.enable = lib.mkForce false; + }; + + lanzaboote = { + enable = true; + pkiBundle = "/etc/secureboot"; + }; + + kernel.sysctl = { + "net.core.default_qdisc" = "fq"; + "net.ipv4.tcp_congestion_control" = "bbr"; + }; }; - - fileSystems."/" = { - device = "/dev/disk/by-uuid/33e4587b-fba3-4a9d-82d2-a9e49a8e75fa"; - fsType = "ext4"; - }; - - boot.initrd.luks.devices."luks-cd1139a7-0c1b-4459-b586-29b577825ee9".device = - "/dev/disk/by-uuid/cd1139a7-0c1b-4459-b586-29b577825ee9"; - - boot.kernel.sysctl = { - "net.core.default_qdisc" = "fq"; - "net.ipv4.tcp_congestion_control" = "bbr"; - }; - - boot.blacklistedKernelModules = [ "uvcvideo" ]; - - fileSystems."/boot" = { - device = "/dev/disk/by-uuid/87DA-B083"; - fsType = "vfat"; - }; - - swapDevices = - [{ device = "/dev/disk/by-uuid/908399cd-2f4f-4555-8805-80c9faf190aa"; }]; - - # Enables DHCP on each ethernet and wireless interface. In case of scripted networking - # (the default) this is the recommended approach. When using systemd-networkd it's - # still possible to use this option, but it's recommended to use it in conjunction - # with explicit per-interface declarations with `networking.interfaces..useDHCP`. networking.useDHCP = lib.mkDefault true; - # networking.interfaces.enp0s31f6.useDHCP = lib.mkDefault true; - # networking.interfaces.wlp4s0.useDHCP = lib.mkDefault true; nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; - powerManagement.cpuFreqGovernor = lib.mkDefault "powersave"; - hardware.cpu.intel.updateMicrocode = - lib.mkDefault config.hardware.enableRedistributableFirmware; + hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; }