diff --git a/flake.nix b/flake.nix index 1c05f67..3f946ee 100644 --- a/flake.nix +++ b/flake.nix @@ -238,7 +238,17 @@ in { formatter."${system}" = pkgs.nixpkgs-fmt; - packages."${system}" = import ./pkgs { inherit pkgs lib config; }; + packages."${system}" = + import ./pkgs { inherit pkgs lib config; } + // { + rescue-iso = + let + mod = "${inputs.nixos-images}/nix/image-installer/module.nix"; + os = nixpkgs.legacyPackages.${system}.nixos [ mod ]; + iso = os.config.system.build.isoImage; + in + iso; + }; diskoConfigurations = { nixos-desk = import ./systems/nixos-desk/disko.nix; nixos-pulse = import ./systems/nixos-pulse/disko.nix; diff --git a/home-mods/shell/default.nix b/home-mods/shell/default.nix index b42ed64..b847fa2 100644 --- a/home-mods/shell/default.nix +++ b/home-mods/shell/default.nix @@ -17,13 +17,20 @@ let ref = "main"; rev = "c7392136bed264258c9b8788b14410e1ff06d602"; }; - myEmacs = (pkgs.emacsPackagesFor pkgs.emacs-unstable-pgtk).emacsWithPackages (epkgs: + myEmacs = (pkgs.emacsPackagesFor pkgs.emacs).emacsWithPackages (epkgs: with epkgs; [ vterm treesit-grammars.with-all-grammars inputs.nix-emacs-extra.packages."${system}".doom-dashboard inputs.nix-emacs-extra.packages."${system}".ultra-scroll ]); + # myEmacs = (pkgs.emacsPackagesFor pkgs.emacs-unstable-pgtk).emacsWithPackages (epkgs: + # with epkgs; [ + # vterm + # treesit-grammars.with-all-grammars + # inputs.nix-emacs-extra.packages."${system}".doom-dashboard + # inputs.nix-emacs-extra.packages."${system}".ultra-scroll + # ]); in { programs = { diff --git a/os-mods/ryzenapu/default.nix b/os-mods/ryzenapu/default.nix index 2945269..4900016 100644 --- a/os-mods/ryzenapu/default.nix +++ b/os-mods/ryzenapu/default.nix @@ -19,8 +19,9 @@ ]; systemd = let - tcl = "85"; - coall = "1048561"; # 1048561 = 0x100000 - 15(mV) $ math "0x100000-15" # slight undervolt + tcl = "80"; + # coall = "1048561"; # 1048561 = 0x100000 - 15(mV) $ math "0x100000-15" # slight undervolt + coall = " 1048576"; # no oc? defaults = "--tctl-temp=${tcl} --set-coall=${coall}"; in { diff --git a/pkgs/miraclecast.nix b/pkgs/miraclecast.nix index f46f858..a4ab898 100644 --- a/pkgs/miraclecast.nix +++ b/pkgs/miraclecast.nix @@ -18,7 +18,6 @@ , relyUdev ? true , }: - let gstreamerPluginPaths = lib.concatMapStrings (pth: pth + "/lib/gstreamer-1.0:") [ (lib.getLib gst_all_1.gstreamer) diff --git a/secrets/rekeyed/nixos-fw16/1e80b286118d1a05182b8b59ae075c09-tristand_passwd_hash.age b/secrets/rekeyed/nixos-fw16/1e80b286118d1a05182b8b59ae075c09-tristand_passwd_hash.age new file mode 100644 index 0000000..3c76fa0 Binary files /dev/null and b/secrets/rekeyed/nixos-fw16/1e80b286118d1a05182b8b59ae075c09-tristand_passwd_hash.age differ diff --git a/secrets/rekeyed/nixos-fw16/259fceb88a8ac9aa592e2bd7ad37050f-oeko-smb.age b/secrets/rekeyed/nixos-fw16/259fceb88a8ac9aa592e2bd7ad37050f-oeko-smb.age new file mode 100644 index 0000000..32ceb3d --- /dev/null +++ b/secrets/rekeyed/nixos-fw16/259fceb88a8ac9aa592e2bd7ad37050f-oeko-smb.age @@ -0,0 +1,8 @@ +age-encryption.org/v1 +-> ssh-ed25519 nA0mnQ WtsuBNNRDJ2qBqqfKPYBjsG5J8RA1FLG22V4rcpmIAs ++b/BJpaLA/TCIMwRg0c7eO8UqIa+KPgpaOTmpVeW60k +-> m-grease +RCMzLSoDYLRPgxDe1bS2EOXDAD19QYDO3UI/0tzYNOGvcEMnHw +--- WBgm8Vf3dtFoPsTbBIoS73fD824cOm5COYSz66dcvYQ +6{; + Jm <Z7"y \ No newline at end of file diff --git a/secrets/rekeyed/nixos-fw16/3f7ba2027615b520a68df8c74eba9558-tester_passwd_hash.age b/secrets/rekeyed/nixos-fw16/3f7ba2027615b520a68df8c74eba9558-tester_passwd_hash.age deleted file mode 100644 index ecbaa2c..0000000 Binary files a/secrets/rekeyed/nixos-fw16/3f7ba2027615b520a68df8c74eba9558-tester_passwd_hash.age and /dev/null differ diff --git a/secrets/rekeyed/nixos-fw16/9632fb41a7c8b72726e87096a9ec145a-tester_passwd_hash.age b/secrets/rekeyed/nixos-fw16/9632fb41a7c8b72726e87096a9ec145a-tester_passwd_hash.age new file mode 100644 index 0000000..625ad59 Binary files /dev/null and b/secrets/rekeyed/nixos-fw16/9632fb41a7c8b72726e87096a9ec145a-tester_passwd_hash.age differ diff --git a/secrets/rekeyed/nixos-fw16/d4ebce9353c576be067a9832580d7899-tristand_passwd_hash.age b/secrets/rekeyed/nixos-fw16/d4ebce9353c576be067a9832580d7899-tristand_passwd_hash.age deleted file mode 100644 index afe3bb6..0000000 --- a/secrets/rekeyed/nixos-fw16/d4ebce9353c576be067a9832580d7899-tristand_passwd_hash.age +++ /dev/null @@ -1,9 +0,0 @@ -age-encryption.org/v1 --> ssh-ed25519 MqgTQA kHKU7lp3SvhVlgDk8qBbQU+nrV8O84CLtR32ZGATDw4 -1E9KyKzKwio7ltF1H36tSLWSao0TPNNlbwJAwxhw3CI --> +&-grease -y1YrcXJ8+mGdSTrJywOZM/E8jbHPSX9rARC6uKOHgESGkH1NWsINbEk0/1fYHi62 -6Y+k9Ig9oX7taekoNCU ---- lgK5w16T9LaMc6yoWW+h+zVNyuKuoEoeJi8p7lura1Q -X -&bZ[IC>ԘОWp? [-]) HY(u/ݰɖ^摨@9xVG.n 9RrxzJfw KzbqZ֩fF =P \ No newline at end of file diff --git a/secrets/rekeyed/nixos-fw16/d9071a3e62472d160241e0d2497a3b57-oeko-smb.age b/secrets/rekeyed/nixos-fw16/d9071a3e62472d160241e0d2497a3b57-oeko-smb.age deleted file mode 100644 index 9c97c4f..0000000 --- a/secrets/rekeyed/nixos-fw16/d9071a3e62472d160241e0d2497a3b57-oeko-smb.age +++ /dev/null @@ -1,8 +0,0 @@ -age-encryption.org/v1 --> ssh-ed25519 MqgTQA 7y3on/Y6P89gncEtSzn6dak659D+C0jT0Lo711yQaQ0 -bsILI8jRG8MFJ2xSowtYyNYHPbcZmS+OFBbTrn7vNgo --> a-grease /3 -faRjVzpKpTOBeDIZVd+uK9AGzVH7LYbIH3QiTZMHE+zE21fI6yjGEQyIE2jsVhTq -q/PxcbNtJ9fZ2JCU43lGX7DveIYT7Z84vX955I3BkIppgQ4 ---- dNDrqjg89dlNEf3ZkyW0fU7OyETfVPtRAw7JcRJxQ1o -Cد DXo؂?9uiݔsrީwyB~umȹ3DMb2tj`zDX \ No newline at end of file diff --git a/systems/nixos-fw16/default.nix b/systems/nixos-fw16/default.nix index 4299c08..488590c 100644 --- a/systems/nixos-fw16/default.nix +++ b/systems/nixos-fw16/default.nix @@ -27,7 +27,9 @@ ./disks.nix ]; - age.rekey.hostPubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIRFEtmoq36QmvAwv/xIVdvaf+B9Scbm5cUFFkP/c1nS root@nixos-f16"; + # age.rekey.hostPubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIRFEtmoq36QmvAwv/xIVdvaf+B9Scbm5cUFFkP/c1nS root@nixos-f16"; + age.rekey.hostPubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIANI+JugoOABEG49405FrbVwbTT/cbYamNZC5Tb01/xp root@nixos-fw16"; + nix.settings.builders-use-substitutes = true; nix.distributedBuilds = true; nix.buildMachines = [ ]; @@ -127,17 +129,17 @@ }; }; - specialisation = { - linux-latest.configuration = { - boot.kernelPackages = lib.mkForce pkgs.linuxPackages_latest; - }; - linux-zen.configuration = { - boot.kernelPackages = lib.mkForce pkgs.linuxPackages_zen; - }; - linux-cachyos.configuration = { - boot.kernelPackages = lib.mkForce pkgs.linuxPackages_cachyos; - }; - }; + # specialisation = { + # linux-latest.configuration = { + # boot.kernelPackages = lib.mkForce pkgs.linuxPackages_latest; + # }; + # linux-zen.configuration = { + # boot.kernelPackages = lib.mkForce pkgs.linuxPackages_zen; + # }; + # linux-cachyos.configuration = { + # boot.kernelPackages = lib.mkForce pkgs.linuxPackages_cachyos; + # }; + # }; boot = { # kernelPackages = pkgs.linuxPackages_latest; # bootstrap # kernelPackages = pkgs.linuxPackages_zen; # bootstrap @@ -165,7 +167,8 @@ loader = { timeout = 0; systemd-boot = { - enable = false; # due to lanzaboote + # enable = false; # due to lanzaboote + enable = true; # bootstrap configurationLimit = 12; memtest86.enable = true; @@ -175,7 +178,7 @@ }; lanzaboote = { - enable = true; + # enable = true; configurationLimit = 12; # pkiBundle = "/etc/secureboot"; pkiBundle = "/var/lib/sbctl"; diff --git a/systems/nixos-fw16/disks.nix b/systems/nixos-fw16/disks.nix index 37fd754..ce4e4fb 100644 --- a/systems/nixos-fw16/disks.nix +++ b/systems/nixos-fw16/disks.nix @@ -16,8 +16,8 @@ config = { boot = { - supportedFilesystems = [ "bcachefs" "vfat" ]; - initrd.supportedFilesystems = [ "bcachefs" "vfat" ]; + supportedFilesystems = [ "btrfs" "vfat" ]; + initrd.supportedFilesystems = [ "btrfs" "vfat" ]; initrd.luks.devices = lib.attrsets.mergeAttrsList ( @@ -38,45 +38,32 @@ ); }; - fileSystems = - let - automount_opts = "x-systemd.automount,noauto,x-systemd.idle-timeout=60,x-systemd.device-timeout=5s,x-systemd.mount-timeout=5s"; - perm_opts = "uid=1001,gid=100"; - smb_opts = [ - "vers=3,credentials=/home/tristand/.smb-secrets" - perm_opts - automount_opts + fileSystems = { + "/" = { + device = "/dev/mapper/crypt_ssd_4t_data"; + # device = "UUID=f89215ba-3313-42d3-8f68-051ad2453870"; + fsType = "btrfs"; + options = [ + "rw" + "autodefrag" + "compress=zstd" + "discard=async" + "relatime" + "space_cache=v2" + "ssd" ]; - sshfs_opts = [ - "allow_other,_netdev,reconnect,ServerAliveInterval=15,IdentityFile=/var/secrets/id_ed25519" - perm_opts - automount_opts - ]; - in - { - "/" = { - device = "/dev/mapper/crypt_ssd_4t_data"; - # device = "UUID=f89215ba-3313-42d3-8f68-051ad2453870"; - fsType = "bcachefs"; - options = [ "relatime" ]; - }; - - "/boot" = { - device = "/dev/disk/by-uuid/05A2-6A8A"; - fsType = "vfat"; - options = [ "fmask=0022" "dmask=0022" ]; - }; - - # "/mnt/media_v2" = { - # device = "root@23.88.68.113:/media_v2"; - # fsType = "sshfs"; - # options = sshfs_opts; - # }; }; + "/boot" = { + device = "/dev/disk/by-uuid/05A2-6A8A"; + fsType = "vfat"; + options = [ "fmask=0022" "dmask=0022" ]; + }; + }; + swapDevices = [ - { device = "/dev/disk/by-uuid/a8f478f0-ad5e-47ae-8e18-63060f7e5706"; } - { device = "/dev/disk/by-uuid/59987b2a-c5c5-4547-95ad-f0d1dcdf8458"; } + # { device = "/dev/disk/by-uuid/a8f478f0-ad5e-47ae-8e18-63060f7e5706"; } + # { device = "/dev/disk/by-uuid/59987b2a-c5c5-4547-95ad-f0d1dcdf8458"; } ]; system.fsPackages = [ pkgs.sshfs ]; diff --git a/users/admin-thin.nix b/users/admin-thin.nix index ffe08c4..0a3d299 100644 --- a/users/admin-thin.nix +++ b/users/admin-thin.nix @@ -8,7 +8,7 @@ imports = [ ../home-mods/audio ../home-mods/common - ../home-mods/firefox + ../home-mods/firefox/zen-browser.nix # ../home-mods/plasma ../home-mods/shell ];