+145

dt-common.nix

reviewed

··· 1 1 + # dt-common.nix: configuration common to every computer where I have a desktop 2 2 + # environment. 3 3 + { config, pkgs, lib, ... }: 4 4 + { 5 5 + nix.settings.experimental-features = ["nix-command" "flakes"]; 6 6 + networking.networkmanager.enable = true; 7 7 + 8 8 + virtualisation = { 9 9 + containers.enable = true; 10 10 + docker = { 11 11 + enable = true; 12 12 + }; 13 13 + }; 14 14 + 15 15 + systemd.services."user@".serviceConfig.Delegate="cpu cpuset io memory pids"; 16 16 + 17 17 + systemd.packages = [( 18 18 + pkgs.writeTextFile { 19 19 + name = "delegate.conf"; 20 20 + text = '' 21 21 + [Service] 22 22 + Delegate=yes 23 23 + ''; 24 24 + destination = "/etc/systemd/system/user@.service.d/delegate.conf"; 25 25 + } 26 26 + )]; 27 27 + 28 28 + # Set your time zone. 29 29 + time.timeZone = "America/New_York"; 30 30 + 31 31 + # Select internationalisation properties. 32 32 + i18n.defaultLocale = "en_US.UTF-8"; 33 33 + 34 34 + i18n.extraLocaleSettings = { 35 35 + LC_ADDRESS = "en_US.UTF-8"; 36 36 + LC_IDENTIFICATION = "en_US.UTF-8"; 37 37 + LC_MEASUREMENT = "en_US.UTF-8"; 38 38 + LC_MONETARY = "en_US.UTF-8"; 39 39 + LC_NAME = "en_US.UTF-8"; 40 40 + LC_NUMERIC = "en_US.UTF-8"; 41 41 + LC_PAPER = "en_US.UTF-8"; 42 42 + LC_TELEPHONE = "en_US.UTF-8"; 43 43 + LC_TIME = "en_US.UTF-8"; 44 44 + }; 45 45 + 46 46 + # TODO move to niri 47 47 + # Enable the X11 windowing system. 48 48 + # You can disable this if you're only using the Wayland session. 49 49 + services.xserver.enable = true; 50 50 + 51 51 + # Enable the KDE Plasma Desktop Environment. 52 52 + services.displayManager.sddm.enable = true; 53 53 + services.desktopManager.plasma6.enable = true; 54 54 + 55 55 + # Configure keymap in X11 56 56 + services.xserver.xkb = { 57 57 + layout = "us"; 58 58 + variant = ""; 59 59 + }; 60 60 + 61 61 + # Enable CUPS to print documents. 62 62 + services.printing.enable = true; 63 63 + 64 64 + # Enable sound with pipewire. 65 65 + services.pulseaudio.enable = false; 66 66 + security.rtkit.enable = true; 67 67 + services.pipewire = { 68 68 + enable = true; 69 69 + alsa.enable = true; 70 70 + alsa.support32Bit = true; 71 71 + pulse.enable = true; 72 72 + # If you want to use JACK applications, uncomment this 73 73 + #jack.enable = true; 74 74 + 75 75 + # use the example session manager (no others are packaged yet so this is enabled by default, 76 76 + # no need to redefine it in your config for now) 77 77 + #media-session.enable = true; 78 78 + }; 79 79 + users.users.joshua = { 80 80 + subUidRanges = [ { startUid = 100000; count = 65536; } ]; 81 81 + subGidRanges = [ { startGid = 100000; count = 65536; } ]; 82 82 + isNormalUser = true; 83 83 + description = "Joshua Barrett"; 84 84 + shell = pkgs.zsh; 85 85 + extraGroups = [ "networkmanager" "wheel" "docker" ]; 86 86 + packages = with pkgs; [ 87 87 + 88 88 + ]; 89 89 + }; 90 90 + home-manager.useGlobalPkgs = true; 91 91 + home-manager.useUserPackages = true; 92 92 + home-manager.users.joshua = ./home-manager/home.nix; 93 93 + 94 94 + # Install firefox. 95 95 + programs.firefox.enable = true; 96 96 + programs.zsh.enable = true; 97 97 + programs.foot.enable = true; 98 98 + programs.git.enable = true; 99 99 + programs.ssh.startAgent = true; 100 100 + 101 101 + # Install steam 102 102 + programs.steam = { 103 103 + enable = true; 104 104 + remotePlay.openFirewall = true; 105 105 + localNetworkGameTransfers.openFirewall = true; 106 106 + }; 107 107 + 108 108 + # Allow unfree packages 109 109 + nixpkgs.config.allowUnfree = true; 110 110 + 111 111 + services.syncthing.openDefaultPorts = true; 112 112 + 113 113 + environment.systemPackages = with pkgs; [ 114 114 + gcc 115 115 + gnumake 116 116 + bison 117 117 + flex 118 118 + autoconf 119 119 + automake 120 120 + libtool 121 121 + discord 122 122 + calibre 123 123 + libreoffice 124 124 + enchant 125 125 + rustup 126 126 + pkg-config 127 127 + passt 128 128 + # vim # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default. 129 129 + # wget 130 130 + ]; 131 131 + networking.nftables.enable = true; 132 132 + networking.firewall = { 133 133 + enable = true; 134 134 + trustedInterfaces = [ "tailscale0" ]; 135 135 + allowedUDPPorts = [ config.services.tailscale.port ]; 136 136 + }; 137 137 + 138 138 + systemd.services.tailscaled.serviceConfig.Environment = [ 139 139 + "TS_DEBUG_FIREWALL_MODE=nftables" 140 140 + ]; 141 141 + services.tailscale.enable = true; 142 142 + services.resolved.enable = true; 143 143 + systemd.network.wait-online.enable = false; 144 144 + boot.initrd.systemd.network.wait-online.enable = false; 145 145 + }

+21

flake.lock

reviewed

··· 1 1 { 2 2 "nodes": { 3 3 + "home-manager": { 4 4 + "inputs": { 5 5 + "nixpkgs": [ 6 6 + "nixpkgs" 7 7 + ] 8 8 + }, 9 9 + "locked": { 10 10 + "lastModified": 1772985285, 11 11 + "narHash": "sha256-wEEmvfqJcl9J0wyMgMrj1TixOgInBW/6tLPhWGoZE3s=", 12 12 + "owner": "nix-community", 13 13 + "repo": "home-manager", 14 14 + "rev": "5be5d8245cbc7bc0c09fbb5f38f23f223c543f85", 15 15 + "type": "github" 16 16 + }, 17 17 + "original": { 18 18 + "owner": "nix-community", 19 19 + "repo": "home-manager", 20 20 + "type": "github" 21 21 + } 22 22 + }, 3 23 "nixpkgs": { 4 24 "locked": { 5 25 "lastModified": 1771574726, ··· 18 38 }, 19 39 "root": { 20 40 "inputs": { 41 41 + "home-manager": "home-manager", 21 42 "nixpkgs": "nixpkgs" 22 43 } 23 44 }

+19 -5

flake.nix

reviewed

··· 1 1 { 2 2 inputs = { 3 3 nixpkgs.url = "github:NixOS/nixpkgs/nixos-25.11"; 4 4 + home-manager = { 5 5 + url = "github:nix-community/home-manager"; 6 6 + inputs.nixpkgs.follows = "nixpkgs"; 7 7 + }; 4 8 }; 5 9 6 6 - outputs = {self, nixpkgs, ...}: { 7 7 - nixosConfigurations.prospero = nixpkgs.lib.nixosSystem { 8 8 - system = "x86_64-linux"; 9 9 - modules = [ ./prospero/configuration.nix ]; 10 10 + outputs = {self, home-manager, nixpkgs, ...}: 11 11 + { 12 12 + #TODO put home-manager in dtcommon 13 13 + nixosConfigurations.prospero = nixpkgs.lib.nixosSystem { 14 14 + system = "x86_64-linux"; 15 15 + modules = [ home-manager.nixosModules.home-manager 16 16 + ./dt-common.nix 17 17 + ./prospero/configuration.nix ]; 18 18 + }; 19 19 + nixosConfigurations.uruk = nixpkgs.lib.nixosSystem { 20 20 + system = "x86_64-linux"; 21 21 + modules = [ home-manager.nixosModules.home-manager 22 22 + ./dt-common.nix 23 23 + ./uruk/configuration.nix ]; 24 24 + }; 10 25 }; 11 11 - }; 12 26 }

+1

home-manager/#default.nix#

reviewed

··· 1 1 + {}

+1

home-manager/.#default.nix

reviewed

··· 1 1 + joshua@prospero.1084246:1771686841

home-manager/default.nix

reviewed

This is a binary file and will not be displayed.

+99

home-manager/home.nix

reviewed

··· 1 1 + { config, pkgs, ... }: 2 2 + 3 3 + { 4 4 + # Home Manager needs a bit of information about you and the paths it should 5 5 + # manage. 6 6 + home.username = "joshua"; 7 7 + home.homeDirectory = "/home/joshua"; 8 8 + 9 9 + # This value determines the Home Manager release that your configuration is 10 10 + # compatible with. This helps avoid breakage when a new Home Manager release 11 11 + # introduces backwards incompatible changes. 12 12 + # 13 13 + # You should not change this value, even if you update Home Manager. If you do 14 14 + # want to update the value, then make sure to first check the Home Manager 15 15 + # release notes. 16 16 + home.stateVersion = "25.05"; # Please read the comment before changing. 17 17 + 18 18 + # The home.packages option allows you to install Nix packages into your 19 19 + # environment. 20 20 + home.packages = with pkgs; [ 21 21 + # # Adds the 'hello' command to your environment. It prints a friendly 22 22 + # # "Hello, world!" when run. 23 23 + rsync 24 24 + keepassxc 25 25 + syncthing 26 26 + terminus_font 27 27 + jujutsu 28 28 + ripgrep 29 29 + goose-cli 30 30 + kubectl 31 31 + k3d 32 32 + tilt 33 33 + # # It is sometimes useful to fine-tune packages, for example, by applying 34 34 + # # overrides. You can do that directly here, just don't forget the 35 35 + # # parentheses. Maybe you want to install Nerd Fonts with a limited number of 36 36 + # # fonts? 37 37 + # (pkgs.nerdfonts.override { fonts = [ "FantasqueSansMono" ]; }) 38 38 + 39 39 + # # You can also create simple shell scripts directly inside your 40 40 + # # configuration. For example, this adds a command 'my-hello' to your 41 41 + # # environment: 42 42 + # (pkgs.writeShellScriptBin "my-hello" '' 43 43 + # echo "Hello, ${config.home.username}!" 44 44 + # '') 45 45 + ]; 46 46 + 47 47 + # Home Manager is pretty good at managing dotfiles. The primary way to manage 48 48 + # plain files is through 'home.file'. 49 49 + home.file = { 50 50 + # # Building this configuration will create a copy of 'dotfiles/screenrc' in 51 51 + # # the Nix store. Activating the configuration will then make '~/.screenrc' a 52 52 + # # symlink to the Nix store copy. 53 53 + # ".screenrc".source = dotfiles/screenrc; 54 54 + 55 55 + # # You can also set the file content immediately. 56 56 + # ".gradle/gradle.properties".text = '' 57 57 + # org.gradle.console=verbose 58 58 + # org.gradle.daemon.idletimeout=3600000 59 59 + # ''; 60 60 + }; 61 61 + 62 62 + # Home Manager can also manage your environment variables through 63 63 + # 'home.sessionVariables'. These will be explicitly sourced when using a 64 64 + # shell provided by Home Manager. If you don't want to manage your shell 65 65 + # through Home Manager then you have to manually source 'hm-session-vars.sh' 66 66 + # located at either 67 67 + # 68 68 + # ~/.nix-profile/etc/profile.d/hm-session-vars.sh 69 69 + # 70 70 + # or 71 71 + # 72 72 + # ~/.local/state/nix/profiles/profile/etc/profile.d/hm-session-vars.sh 73 73 + # 74 74 + # or 75 75 + # 76 76 + # /etc/profiles/per-user/joshua/etc/profile.d/hm-session-vars.sh 77 77 + # 78 78 + home.sessionVariables = { 79 79 + 80 80 + }; 81 81 + 82 82 + # Let Home Manager install and manage itself. 83 83 + programs.home-manager.enable = true; 84 84 + programs.zsh.enable = true; 85 85 + programs.emacs.enable = true; 86 86 + programs.atuin ={ 87 87 + enable = true; 88 88 + flags = [ "--disable-up-arrow" ]; 89 89 + }; 90 90 + programs.direnv = { 91 91 + enable = true; 92 92 + enableZshIntegration = true; 93 93 + nix-direnv.enable = true; 94 94 + }; 95 95 + services.emacs.enable = true; 96 96 + services.emacs.defaultEditor = true; 97 97 + services.emacs.startWithUserSession = "graphical"; 98 98 + } 99 99 +

-124

prospero/configuration.nix

reviewed

··· 5 5 { config, lib, pkgs, ... }: 6 6 7 7 { 8 8 - nixpkgs.overlays = [ (final: prev: { 9 9 - inherit (prev.lixPackageSets.stable) 10 10 - nixpkgs-review 11 11 - nix-eval-jobs 12 12 - nix-fast-build 13 13 - colmena; 14 14 - }) ]; 15 15 - nix.package = pkgs.lixPackageSets.stable.lix; 16 8 nix.settings.experimental-features = ["nix-command" "flakes"]; 17 9 imports = 18 10 [ # Include the results of the hardware scan. ··· 40 32 41 33 # Enable networking 42 34 networking.networkmanager.enable = true; 43 43 - 44 44 - virtualisation = { 45 45 - containers.enable = true; 46 46 - docker = { 47 47 - enable = true; 48 48 - }; 49 49 - }; 50 50 - 51 51 - systemd.services."user@".serviceConfig.Delegate="cpu cpuset io memory pids"; 52 52 - 53 53 - systemd.packages = [( 54 54 - pkgs.writeTextFile { 55 55 - name = "delegate.conf"; 56 56 - text = '' 57 57 - [Service] 58 58 - Delegate=yes 59 59 - ''; 60 60 - destination = "/etc/systemd/system/user@.service.d/delegate.conf"; 61 61 - } 62 62 - )]; 63 63 - 64 64 - # Set your time zone. 65 65 - time.timeZone = "America/New_York"; 66 66 - 67 67 - # Select internationalisation properties. 68 68 - i18n.defaultLocale = "en_US.UTF-8"; 69 69 - 70 70 - i18n.extraLocaleSettings = { 71 71 - LC_ADDRESS = "en_US.UTF-8"; 72 72 - LC_IDENTIFICATION = "en_US.UTF-8"; 73 73 - LC_MEASUREMENT = "en_US.UTF-8"; 74 74 - LC_MONETARY = "en_US.UTF-8"; 75 75 - LC_NAME = "en_US.UTF-8"; 76 76 - LC_NUMERIC = "en_US.UTF-8"; 77 77 - LC_PAPER = "en_US.UTF-8"; 78 78 - LC_TELEPHONE = "en_US.UTF-8"; 79 79 - LC_TIME = "en_US.UTF-8"; 80 80 - }; 81 81 - 82 82 - # Enable the X11 windowing system. 83 83 - # You can disable this if you're only using the Wayland session. 84 84 - services.xserver.enable = true; 85 85 - 86 86 - # Enable the KDE Plasma Desktop Environment. 87 87 - services.displayManager.sddm.enable = true; 88 88 - services.desktopManager.plasma6.enable = true; 89 89 - 90 90 - # Configure keymap in X11 91 91 - services.xserver.xkb = { 92 92 - layout = "us"; 93 93 - variant = ""; 94 94 - }; 95 95 - 96 96 - # Enable CUPS to print documents. 97 97 - services.printing.enable = true; 98 98 - 99 99 - # Enable sound with pipewire. 100 100 - services.pulseaudio.enable = false; 101 101 - security.rtkit.enable = true; 102 102 - services.pipewire = { 103 103 - enable = true; 104 104 - alsa.enable = true; 105 105 - alsa.support32Bit = true; 106 106 - pulse.enable = true; 107 107 - # If you want to use JACK applications, uncomment this 108 108 - #jack.enable = true; 109 109 - 110 110 - # use the example session manager (no others are packaged yet so this is enabled by default, 111 111 - # no need to redefine it in your config for now) 112 112 - #media-session.enable = true; 113 113 - }; 114 35 115 36 # Enable touchpad support (enabled default in most desktopManager). 116 37 # services.xserver.libinput.enable = true; 117 38 118 39 # Define a user account. Don't forget to set a password with ‘passwd’. 119 119 - users.users.joshua = { 120 120 - subUidRanges = [ { startUid = 100000; count = 65536; } ]; 121 121 - subGidRanges = [ { startGid = 100000; count = 65536; } ]; 122 122 - isNormalUser = true; 123 123 - description = "Joshua Barrett"; 124 124 - shell = pkgs.zsh; 125 125 - extraGroups = [ "networkmanager" "wheel" "docker" ]; 126 126 - packages = with pkgs; [ 127 127 - 128 128 - ]; 129 129 - }; 130 130 - 131 131 - # Install firefox. 132 132 - programs.firefox.enable = true; 133 133 - programs.zsh.enable = true; 134 134 - programs.foot.enable = true; 135 135 - # Install steam 136 136 - programs.steam = { 137 137 - enable = true; 138 138 - remotePlay.openFirewall = true; 139 139 - localNetworkGameTransfers.openFirewall = true; 140 140 - }; 141 141 - 142 142 - # Allow unfree packages 143 143 - nixpkgs.config.allowUnfree = true; 144 40 145 41 # List packages installed in system profile. To search, run: 146 42 # $ nix search wget ··· 162 58 # vim # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default. 163 59 # wget 164 60 ]; 165 165 - 166 166 - # Some programs need SUID wrappers, can be configured further or are 167 167 - # started in user sessions. 168 168 - programs.git.enable = true; 169 169 - programs.ssh.startAgent = true; 170 61 171 62 # programs.mtr.enable = true; 172 63 # programs.gnupg.agent = { ··· 178 69 # Enable the OpenSSH daemon. 179 70 # services.openssh.enable = true; 180 71 # syncthing gets run as a user service, but we need the ports open up here 181 181 - services.syncthing.openDefaultPorts = true; 182 72 # Open ports in the firewall. 183 73 # networking.firewall.allowedTCPPorts = [ ... ]; 184 74 # networking.firewall.allowedUDPPorts = [ ... ]; 185 75 # Or disable the firewall altogether. 186 186 - networking.nftables.enable = true; 187 187 - networking.firewall = { 188 188 - enable = true; 189 189 - trustedInterfaces = [ "tailscale0" ]; 190 190 - allowedUDPPorts = [ config.services.tailscale.port ]; 191 191 - }; 192 192 - 193 193 - systemd.services.tailscaled.serviceConfig.Environment = [ 194 194 - "TS_DEBUG_FIREWALL_MODE=nftables" 195 195 - ]; 196 196 - services.tailscale.enable = true; 197 197 - services.resolved.enable = true; 198 198 - systemd.network.wait-online.enable = false; 199 199 - boot.initrd.systemd.network.wait-online.enable = false; 200 76 201 77 # This value determines the NixOS release from which the default 202 78 # settings for stateful data, like file locations and database versions

+116

uruk/configuration.nix

reviewed

··· 1 1 + # Edit this configuration file to define what should be installed on 2 2 + # your system. Help is available in the configuration.nix(5) man page, on 3 3 + # https://search.nixos.org/options and in the NixOS manual (`nixos-help`). 4 4 + 5 5 + { config, lib, pkgs, ... }: 6 6 + 7 7 + { 8 8 + imports = 9 9 + [ # Include the results of the hardware scan. 10 10 + ./hardware-configuration.nix 11 11 + ]; 12 12 + 13 13 + # Use the systemd-boot EFI boot loader. 14 14 + boot.loader.systemd-boot.enable = true; 15 15 + boot.loader.efi.canTouchEfiVariables = true; 16 16 + networking.hostId = "5398fbbf"; 17 17 + networking.hostName = "uruk"; # Define your hostname. 18 18 + 19 19 + # Configure network connections interactively with nmcli or nmtui. 20 20 + 21 21 + # Set your time zone. 22 22 + # time.timeZone = "Europe/Amsterdam"; 23 23 + 24 24 + # Configure network proxy if necessary 25 25 + # networking.proxy.default = "http://user:password@proxy:port/"; 26 26 + # networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain"; 27 27 + 28 28 + # Select internationalisation properties. 29 29 + # i18n.defaultLocale = "en_US.UTF-8"; 30 30 + #console = { 31 31 + # font = "Lat2-Terminus16"; 32 32 + # keyMap = "us"; 33 33 + # useXkbConfig = true; # use xkb.options in tty. 34 34 + #}; 35 35 + 36 36 + # Configure keymap in X11 37 37 + # services.xserver.xkb.layout = "us"; 38 38 + # services.xserver.xkb.options = "eurosign:e,caps:escape"; 39 39 + 40 40 + # Enable CUPS to print documents. 41 41 + # services.printing.enable = true; 42 42 + 43 43 + # Enable sound. 44 44 + # services.pulseaudio.enable = true; 45 45 + # OR 46 46 + # services.pipewire = { 47 47 + # enable = true; 48 48 + # pulse.enable = true; 49 49 + # }; 50 50 + 51 51 + # Enable touchpad support (enabled default in most desktopManager). 52 52 + # services.libinput.enable = true; 53 53 + 54 54 + # Define a user account. Don't forget to set a password with ‘passwd’. 55 55 + # users.users.alice = { 56 56 + # isNormalUser = true; 57 57 + # extraGroups = [ "wheel" ]; # Enable ‘sudo’ for the user. 58 58 + # packages = with pkgs; [ 59 59 + # tree 60 60 + # ]; 61 61 + # }; 62 62 + 63 63 + # programs.firefox.enable = true; 64 64 + 65 65 + # List packages installed in system profile. 66 66 + # You can use https://search.nixos.org/ to find more packages (and options). 67 67 + # environment.systemPackages = with pkgs; [ 68 68 + # vim # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default. 69 69 + # wget 70 70 + # ]; 71 71 + 72 72 + # Some programs need SUID wrappers, can be configured further or are 73 73 + # started in user sessions. 74 74 + # programs.mtr.enable = true; 75 75 + # programs.gnupg.agent = { 76 76 + # enable = true; 77 77 + # enableSSHSupport = true; 78 78 + # }; 79 79 + 80 80 + # List services that you want to enable: 81 81 + 82 82 + # Enable the OpenSSH daemon. 83 83 + # services.openssh.enable = true; 84 84 + 85 85 + # Open ports in the firewall. 86 86 + # networking.firewall.allowedTCPPorts = [ ... ]; 87 87 + # networking.firewall.allowedUDPPorts = [ ... ]; 88 88 + # Or disable the firewall altogether. 89 89 + # networking.firewall.enable = false; 90 90 + 91 91 + # Copy the NixOS configuration file and link it from the resulting system 92 92 + # (/run/current-system/configuration.nix). This is useful in case you 93 93 + # accidentally delete configuration.nix. 94 94 + # system.copySystemConfiguration = true; 95 95 + 96 96 + # This option defines the first version of NixOS you have installed on this particular machine, 97 97 + # and is used to maintain compatibility with application data (e.g. databases) created on older NixOS versions. 98 98 + # 99 99 + # Most users should NEVER change this value after the initial install, for any reason, 100 100 + # even if you've upgraded your system to a new NixOS release. 101 101 + # 102 102 + # This value does NOT affect the Nixpkgs version your packages and OS are pulled from, 103 103 + # so changing it will NOT upgrade your system - see https://nixos.org/manual/nixos/stable/#sec-upgrading for how 104 104 + # to actually do that. 105 105 + # 106 106 + # This value being lower than the current NixOS release does NOT mean your system is 107 107 + # out of date, out of support, or vulnerable. 108 108 + # 109 109 + # Do NOT change this value unless you have manually inspected all the changes it would make to your configuration, 110 110 + # and migrated your data accordingly. 111 111 + # 112 112 + # For more information, see `man configuration.nix` or https://nixos.org/manual/nixos/stable/options#opt-system.stateVersion . 113 113 + system.stateVersion = "25.11"; # Did you read the comment? 114 114 + 115 115 + } 116 116 +

+51

uruk/hardware-configuration.nix

reviewed

··· 1 1 + # Do not modify this file! It was generated by ‘nixos-generate-config’ 2 2 + # and may be overwritten by future invocations. Please make changes 3 3 + # to /etc/nixos/configuration.nix instead. 4 4 + { config, lib, pkgs, modulesPath, ... }: 5 5 + 6 6 + { 7 7 + imports = 8 8 + [ (modulesPath + "/installer/scan/not-detected.nix") 9 9 + ]; 10 10 + 11 11 + boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" "ahci" "usb_storage" "usbhid" "sd_mod" ]; 12 12 + boot.initrd.kernelModules = [ ]; 13 13 + boot.kernelModules = [ "kvm-amd" ]; 14 14 + boot.extraModulePackages = [ ]; 15 15 + boot.zfs.extraPools = [ "datastore" ]; 16 16 + fileSystems."/" = 17 17 + { device = "zpool/root"; 18 18 + fsType = "zfs"; 19 19 + }; 20 20 + fileSystems."/boot" = 21 21 + { 22 22 + device = "/dev/disk/by-id/nvme-INTEL_SSDPEKNW010T9_BTNR014314861P0B-part1"; 23 23 + fsType = "vfat"; 24 24 + }; 25 25 + fileSystems."/nix" = 26 26 + { device = "zpool/nix"; 27 27 + fsType = "zfs"; 28 28 + }; 29 29 + 30 30 + fileSystems."/var" = 31 31 + { device = "zpool/var"; 32 32 + fsType = "zfs"; 33 33 + }; 34 34 + 35 35 + fileSystems."/home" = 36 36 + { device = "zpool/home"; 37 37 + fsType = "zfs"; 38 38 + }; 39 39 + 40 40 + swapDevices = [{ 41 41 + device = "/dev/disk/by-id/nvme-INTEL_SSDPEKNW010T9_BTNR014314861P0B-part3"; 42 42 + randomEncryption = true; 43 43 + } 44 44 + { 45 45 + device = "/dev/disk/by-id/nvme-TEAM_TM8FP6001T_112301031502314-part3"; 46 46 + randomEncryption = true; 47 47 + }]; 48 48 + 49 49 + nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; 50 50 + hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; 51 51 + }