william/nix-config
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

refactoring for isServer and isWorkstation: part 5 (final?)

Browse source
This commit is contained in:
William 2025-03-13 17:51:04 -03:00
parent a52ca12286
commit 037d68a9d4
44 changed files with 120 additions and 115 deletions
Download patch file Download diff file Expand all files Collapse all files

35
hosts/rotterdam/boot.nix
View file

@ -1,35 +0,0 @@
{ pkgs, ... }:
let
qubesnsh = pkgs.writeTextFile {
name = "qubes.nsh";
text = "HD1f65535a1:EFI\\qubes\\grubx64.efi";
};
in
{
boot = {
kernelParams = [
"processor.max_cstate=1" # Fixes bug where ryzen cpus freeze when in highest C state
"clearcpuid=514"
# Fixes amdgpu freezing
"amdgpu.noretry=0"
"amdgpu.ppfeaturemask=0xfffd3fff"
"amdgpu.gpu_recovery=1"
"amdgpu.lockup_timeout=1000"
];
# QubesOS boot entry
loader.systemd-boot = {
extraFiles = {
"efi/edk2-shell/shell.efi" = "${pkgs.edk2-uefi-shell}/shell.efi";
"qubes.nsh" = qubesnsh;
};
extraEntries."qubes.conf" = ''
title Qubes OS
efi /efi/edk2-shell/shell.efi
options -nointerrupt qubes.nsh
sort-key ab
'';
};
};
}

12
hosts/rotterdam/default.nix
View file

@ -1,12 +0,0 @@
{ ... }:
{
imports = [
./boot.nix
./ephermal.nix
./hardware-configuration.nix
./hardware.nix
./programs.nix
./services.nix
];
}

47
hosts/rotterdam/ephermal.nix
View file

@ -1,47 +0,0 @@
{ ... }:
{
boot.initrd.systemd.services.recreate-root = {
description = "Rolling over and creating new filesystem root";
requires = [ "initrd-root-device.target" ];
after = [
"local-fs-pre.target"
"initrd-root-device.target"
];
requiredBy = [ "initrd-root-fs.target" ];
before = [ "sysroot.mount" ];
unitConfig = {
AssertPathExists = "/etc/initrd-release";
DefaultDependencies = false;
};
serviceConfig = {
Type = "oneshot";
RemainAfterExit = true;
};
script = ''
mkdir /btrfs_tmp
mount /dev/disk/by-uuid/3287dbc3-c0fa-4096-a0b3-59b017cfecc8 /btrfs_tmp
if [[ -e /btrfs_tmp/@root ]]; then
mkdir -p /btrfs_tmp/old_roots
timestamp=$(date --date="@$(stat -c %Y /btrfs_tmp/@root)" "+%Y-%m-%-d_%H:%M:%S")
mv /btrfs_tmp/@root "/btrfs_tmp/old_roots/$timestamp"
fi
delete_subvolume_recursively() {
IFS=$'\n'
for i in $(btrfs subvolume list -o "$1" | cut -f 9- -d ' '); do
delete_subvolume_recursively "/btrfs_tmp/$i"
done
btrfs subvolume delete "$1"
}
for i in $(find /btrfs_tmp/old_roots/ -maxdepth 1 -mtime +30); do
delete_subvolume_recursively "$i"
done
btrfs subvolume create /btrfs_tmp/@root
umount /btrfs_tmp
'';
};
}

82
hosts/rotterdam/hardware-configuration.nix
View file

@ -1,82 +0,0 @@
{
config,
lib,
modulesPath,
...
}:
{
imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];
boot = {
initrd = {
availableKernelModules = [
"amdgpu"
"nvme"
"xhci_pci"
"ahci"
"usbhid"
"sd_mod"
];
luks.devices."cryptroot" = {
device = "/dev/disk/by-uuid/f7dd4142-7109-4493-834d-4a831777f08d";
keyFile = "/dev/disk/by-partuuid/add5fc14-e20f-48be-8b2a-0799ef04d3cb";
};
};
kernelModules = [ "kvm-amd" ];
};
fileSystems = {
"/" = {
device = "/dev/disk/by-uuid/3287dbc3-c0fa-4096-a0b3-59b017cfecc8";
fsType = "btrfs";
options = [
"subvol=@root"
"noatime"
"compress=zstd"
];
};
"/home" = {
device = "/dev/disk/by-uuid/3287dbc3-c0fa-4096-a0b3-59b017cfecc8";
fsType = "btrfs";
options = [
"subvol=@home"
"noatime"
"compress=zstd"
];
};
"/boot/efi" = {
device = "/dev/disk/by-uuid/F2A2-CF5A";
fsType = "vfat";
options = [
"noatime"
"fmask=0077"
"dmask=0077"
];
};
"/nix" = {
device = "/dev/disk/by-uuid/3287dbc3-c0fa-4096-a0b3-59b017cfecc8";
fsType = "btrfs";
options = [
"subvol=@nix"
"noatime"
"compress=zstd"
];
};
"/persistent" = {
device = "/dev/disk/by-uuid/3287dbc3-c0fa-4096-a0b3-59b017cfecc8";
fsType = "btrfs";
options = [
"subvol=@persistent"
"noatime"
"compress=zstd"
];
};
};
networking.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
}

13
hosts/rotterdam/hardware.nix
View file

@ -1,13 +0,0 @@
{ pkgs, ... }:
{
hardware = {
amdgpu = {
opencl.enable = true;
amdvlk.enable = true;
};
graphics.extraPackages = with pkgs; [ rocmPackages.clr.icd ];
};
systemd.targets.hibernate.enable = false; # disable non-functional hibernate
}

33
hosts/rotterdam/programs.nix
View file

@ -1,33 +0,0 @@
{ pkgs, ... }:
let
reboot-into-qubes = pkgs.makeDesktopItem {
name = "reboot-into-qubes";
icon = pkgs.fetchurl {
url = "https://raw.githubusercontent.com/vinceliuice/Qogir-icon-theme/31f267e1f5fd4e9596bfd78dfb41a03d3a9f33ee/src/scalable/apps/distributor-logo-qubes.svg";
sha256 = "sha256-QbHr7s5Wcs7uFtfqZctMyS0iDbMfiiZOKy2nHhDOfn0=";
};
desktopName = "Qubes OS";
genericName = "Reboot into Qubes OS";
categories = [ "System" ];
startupNotify = true;
exec = pkgs.writeShellScript "reboot-into-qubes" ''
${pkgs.yad}/bin/yad --form \
--title="Qubes OS" \
--image distributor-logo-qubes \
--text "Are you sure you want to reboot into Qubes OS?" \
--button="Yes:0" --button="Cancel:1"
if [ $? -eq 0 ]; then
systemctl reboot --boot-loader-entry=qubes.conf
fi
'';
};
in
{
environment.systemPackages = [ reboot-into-qubes ];
services.flatpak.packages = [ "net.retrodeck.retrodeck" ];
programs.steam.dedicatedServer.openFirewall = true;
}

13
hosts/rotterdam/services.nix
View file

@ -1,13 +0,0 @@
{ ... }:
{
services.keyd = {
enable = true;
keyboards.main = {
ids = [ "5653:0001" ];
settings.main = {
esc = "overload(meta, esc)";
};
};
};
}