diff options
| -rw-r--r-- | flake.nix | 11 | ||||
| -rw-r--r-- | hosts/omar/configuration.nix | 81 | ||||
| -rw-r--r-- | hosts/omar/hardware-configuration.nix | 54 | ||||
| -rw-r--r-- | shared/nixos/zfs-impermenance/default.nix | 32 |
4 files changed, 178 insertions, 0 deletions
@@ -90,6 +90,17 @@ ] ++ builtins.attrValues (import ./modules/nixos); }; + omar = nixpkgs.lib.nixosSystem { + system = "x86_64-linux"; + modules = + [ + {_module.args = args;} + home-manager.nixosModules.home-manager + agenix.nixosModules.default + ./hosts/omar/configuration.nix + ] + ++ builtins.attrValues (import ./modules/nixos); + }; }; # Formatter to be run when `nix fmt` is executed. diff --git a/hosts/omar/configuration.nix b/hosts/omar/configuration.nix new file mode 100644 index 0000000..9248c3c --- /dev/null +++ b/hosts/omar/configuration.nix @@ -0,0 +1,81 @@ +{ + config, + lib, + pkgs, + ... +}: { + imports = [ + # Include the results of the hardware scan. + ./hardware-configuration.nix + + ../../shared/nixos/common-nix-settings + ../../shared/nixos/common-shell-settings + ../../shared/nixos/common-hm-settings + ../../shared/nixos/zfs-impermenance + ]; + + boot.loader.grub = { + # Use the GRUB 2 boot loader. + enable = true; + + # Install grub on the main HDD. + device = "/dev/sda"; + + # ZFS on root requires GRUB to be able to read the pool. + # The pool was created with `-o compatibility=grub2`. + zfsSupport = true; + }; + + # The host id is required by ZFS. + # It is used to (among other things) avoid multiple hosts modifying the same dataset unsafely. + # This was randomly generated. + networking.hostId = "b6e8e80a"; + + # Should match containing folder. + networking.hostName = "omar"; + + # Pick only one of the below networking options. + networking.wireless.enable = true; # Enables wireless support via wpa_supplicant. + # networking.networkmanager.enable = true; # Easiest to use and most distros use this by default. + + # Create the main user. + users.users.linus = { + isNormalUser = true; + hashedPassword = "$y$j9T$UmZES4WC8FWrjBvdazq2e/$rzneAKZeySwSVKiSZJfXC.fciiQdGqxB5uyRaPQ6OF."; + extraGroups = ["wheel"]; + }; + users.mutableUsers = false; + + home-manager.users.linus = { + imports = [ + # I am planning on using this host when traveling. + ../../shared/home-manager/development-full + ]; + }; + + # Enable the X11 windowing system. + # services.xserver.enable = true; + + # Configure keymap in X11 + # services.xserver.xkb.layout = "us"; + # services.xserver.xkb.options = "eurosign:e,caps:escape"; + + # Enable CUPS to print documents. + # services.printing.enable = true; + + # Enable sound. + # hardware.pulseaudio.enable = true; + # OR + # services.pipewire = { + # enable = true; + # pulse.enable = true; + # }; + + # Enable touchpad support (enabled default in most desktopManager). + # services.libinput.enable = true; + + # Enable the OpenSSH daemon. + services.openssh.enable = true; + + system.stateVersion = "24.11"; +} diff --git a/hosts/omar/hardware-configuration.nix b/hosts/omar/hardware-configuration.nix new file mode 100644 index 0000000..611bfa3 --- /dev/null +++ b/hosts/omar/hardware-configuration.nix @@ -0,0 +1,54 @@ +# Do not modify this file! It was generated by ‘nixos-generate-config’ +# and may be overwritten by future invocations. Please make changes +# to /etc/nixos/configuration.nix instead. +{ + config, + lib, + pkgs, + modulesPath, + ... +}: { + imports = [ + (modulesPath + "/installer/scan/not-detected.nix") + ]; + + boot.initrd.availableKernelModules = ["uhci_hcd" "ehci_pci" "ahci" "usb_storage" "sd_mod"]; + boot.initrd.kernelModules = []; + boot.kernelModules = []; + boot.extraModulePackages = []; + + fileSystems."/" = { + device = "rpool/local/root"; + fsType = "zfs"; + }; + + fileSystems."/nix" = { + device = "rpool/local/nix"; + fsType = "zfs"; + }; + + fileSystems."/persist" = { + device = "rpool/safe/persist"; + fsType = "zfs"; + }; + + fileSystems."/home" = { + device = "rpool/safe/home"; + fsType = "zfs"; + }; + + swapDevices = [ + {device = "/dev/disk/by-uuid/a719dc89-0c69-4384-b9f7-b82b2a0f5cf1";} + ]; + + # Enables DHCP on each ethernet and wireless interface. In case of scripted networking + # (the default) this is the recommended approach. When using systemd-networkd it's + # still possible to use this option, but it's recommended to use it in conjunction + # with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`. + networking.useDHCP = lib.mkDefault true; + # networking.interfaces.enp9s0.useDHCP = lib.mkDefault true; + # networking.interfaces.wlp5s0.useDHCP = lib.mkDefault true; + + nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; + hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; +} diff --git a/shared/nixos/zfs-impermenance/default.nix b/shared/nixos/zfs-impermenance/default.nix new file mode 100644 index 0000000..f1789a6 --- /dev/null +++ b/shared/nixos/zfs-impermenance/default.nix @@ -0,0 +1,32 @@ +# This module sets up basic impermenance the way I like to do it on my ZFS +# hosts. It assumes there is a main zpool called rpool, which has a dataset +# `rpool/local/root` mounted at `/`, and that the dataset has an empty dataset +# called `@blank`. +# +# Here is the dataset structure I use: +# +# rpool +# ├── local +# │ ├── nix (atime=off, mountpoint=/nix) +# │ └── root (mountpoint=/) +# └── safe +# ├── home (mountpoint=/home) +# └── persist (mountpoint=/persist) +# +# I usually follow the convention that `rpool/local` isn't backed up and +# `rpool/safe` is. +# +# See: https://grahamc.com/blog/erase-your-darlings/ +{lib, ...}: { + # Reset / to empty on boot. This is what achieves the impermenance. + # Unlike the holy book (the linked article), I had to use `postResumeCommands` + # as this is the step where ZFS imports the dataset (but doesnt't mounted it yet). + # See: https://github.com/NixOS/nixpkgs/blob/b681065d0919f7eb5309a93cea2cfa84dec9aa88/nixos/modules/tasks/filesystems/zfs.nix#L627-L659 + boot.initrd.postResumeCommands = lib.mkAfter '' + zfs rollback -r rpool/local/root@blank + ''; + + # Filesystems with mountpoints at `/` and `/nix` are automatically mounted at boot, + # but `/persist` is bespoke, so we have to teach init about that one ourselves. + fileSystems."/persist".neededForBoot = true; +} |