From ea97d5bad99000088c1c843eea15531bc0e2eab7 Mon Sep 17 00:00:00 2001 From: Silas Schöffel Date: Tue, 29 Oct 2024 22:13:01 +0100 Subject: basesystem: disable everything interfering with disko --- modules/nixos/sils/basesystem.nix | 145 +++++++++++++++++++------------------- 1 file changed, 74 insertions(+), 71 deletions(-) diff --git a/modules/nixos/sils/basesystem.nix b/modules/nixos/sils/basesystem.nix index 89b5a5f..17f7e8d 100644 --- a/modules/nixos/sils/basesystem.nix +++ b/modules/nixos/sils/basesystem.nix @@ -14,92 +14,95 @@ in { boot = { initrd = { - systemd.enable = true; + systemd.enable = false; availableKernelModules = ["xhci_pci" "nvme" "rtsx_pci_sdmmc"]; kernelModules = []; - luks.devices."cryptroot" = { - crypttabExtraOpts = ["fido2-device=auto"]; - device = config.sils.meta.rootPart; - }; + #luks.devices."cryptroot" = { + # crypttabExtraOpts = ["fido2-device=auto"]; + # device = lib.mkIf (config.sils.disks.enable == false) config.sils.meta.rootPart; + #}; }; kernelModules = ["kvm-intel"]; extraModulePackages = []; kernelPackages = pkgs.linuxPackages_latest; lanzaboote = { - enable = true; + enable = false; configurationLimit = 10; pkiBundle = "/etc/secureboot"; settings = { editor = false; }; }; - resumeDevice = config.sils.meta.mainDisk; - kernelParams = ["resume_offset=369403136"]; + loader.grub.enable = true; + #loader.grub.efiSupport = true; + #loader.grub.efiInstallAsRemovable = true; + resumeDevice = lib.mkIf (config.sils.disks.enable == false) config.sils.meta.mainDisk; + #kernelParams = ["resume_offset=369403136"]; }; - fileSystems = { - "/" = { - device = "tmpfs"; - fsType = "tmpfs"; - options = ["defaults" "size=2G" "mode=755"]; - }; - "/tmp" = { - device = "tmpfs"; - fsType = "tmpfs"; - options = ["defaults" "size=5G" "mode=755"]; - }; - "/nix" = { - device = config.sils.meta.mainDisk; - fsType = "btrfs"; - options = ["subvol=nix" "compress-force=zstd"]; - }; - "/etc/NetworkManager" = { - device = config.sils.meta.mainDisk; - fsType = "btrfs"; - options = ["subvol=networkmanagerconfig" "compress-force=zstd"]; - }; - "/etc/secureboot" = { - device = config.sils.meta.mainDisk; - fsType = "btrfs"; - options = ["subvol=secureboot" "compress-force=zstd"]; - }; - "/etc/nixos" = { - device = config.sils.meta.mainDisk; - fsType = "btrfs"; - options = ["subvol=nixconfig" "compress-force=zstd"]; - }; - "/srv" = { - device = config.sils.meta.mainDisk; - fsType = "btrfs"; - options = ["subvol=srv" "compress-force=zstd"]; - neededForBoot = true; - }; - "/swap" = { - device = config.sils.meta.mainDisk; - fsType = "btrfs"; - options = ["subvol=swap" "noatime"]; - }; - "/home" = { - device = config.sils.meta.mainDisk; - fsType = "btrfs"; - options = ["subvol=home" "compress-force=zstd"]; - }; - "/srv/snapshots" = { - device = config.sils.meta.mainDisk; - fsType = "btrfs"; - options = ["subvol=snapshots" "compress-force=zstd"]; - }; - "/boot" = { - device = config.sils.meta.bootPart; - fsType = "vfat"; - }; - }; + #fileSystems = { + # "/" = { + # device = "tmpfs"; + # fsType = "tmpfs"; + # options = ["defaults" "size=2G" "mode=755"]; + # }; + # "/tmp" = { + # device = "tmpfs"; + # fsType = "tmpfs"; + # options = ["defaults" "size=5G" "mode=755"]; + # }; + # "/nix" = { + # device = config.sils.meta.mainDisk; + # fsType = "btrfs"; + # options = ["subvol=nix" "compress-force=zstd"]; + # }; + # "/etc/NetworkManager" = { + # device = config.sils.meta.mainDisk; + # fsType = "btrfs"; + # options = ["subvol=networkmanagerconfig" "compress-force=zstd"]; + # }; + # "/etc/secureboot" = { + # device = config.sils.meta.mainDisk; + # fsType = "btrfs"; + # options = ["subvol=secureboot" "compress-force=zstd"]; + # }; + # "/etc/nixos" = { + # device = config.sils.meta.mainDisk; + # fsType = "btrfs"; + # options = ["subvol=nixconfig" "compress-force=zstd"]; + # }; + # "/srv" = { + # device = config.sils.meta.mainDisk; + # fsType = "btrfs"; + # options = ["subvol=srv" "compress-force=zstd"]; + # neededForBoot = true; + # }; + # "/swap" = { + # device = config.sils.meta.mainDisk; + # fsType = "btrfs"; + # options = ["subvol=swap" "noatime"]; + # }; + # "/home" = { + # device = config.sils.meta.mainDisk; + # fsType = "btrfs"; + # options = ["subvol=home" "compress-force=zstd"]; + # }; + # "/srv/snapshots" = { + # device = config.sils.meta.mainDisk; + # fsType = "btrfs"; + # options = ["subvol=snapshots" "compress-force=zstd"]; + # }; + # "/boot" = { + # device = config.sils.meta.bootPart; + # fsType = "vfat"; + # }; + #}; - swapDevices = [ - { - device = "/swap/swapfile"; - } - ]; + #swapDevices = [ + # { + # device = "/swap/swapfile"; + # } + #]; system.stateVersion = "23.05"; @@ -110,7 +113,7 @@ in { # (the default) this is the recommended approach. When using systemd-networkd it's # still possible to use this option, but it's recommended to use it in conjunction # with explicit per-interface declarations with `networking.interfaces..useDHCP`. - networking.useDHCP = true; + #networking.useDHCP = true; # networking.interfaces.enp0s31f6.useDHCP = lib.mkDefault true; # networking.interfaces.wlp3s0.useDHCP = lib.mkDefault true; -- cgit 1.4.1