diff options
| -rw-r--r-- | flake.lock | 2 | ||||
| -rw-r--r-- | machines/serpentine/devices.nix | 25 | ||||
| -rw-r--r-- | machines/serpentine/hardware.nix | 49 |
3 files changed, 53 insertions, 23 deletions
diff --git a/flake.lock b/flake.lock index 305a887..611691c 100644 --- a/flake.lock +++ b/flake.lock @@ -195,7 +195,7 @@ "narHash": "sha256-fprwZKE1uMzO9tiWWOrmLWBW3GPkMayQfb0xOvVFIno=", "rev": "868d97695bab9d21f6070b03957bcace249fbe3c", "type": "tarball", - "url": "https://git.lix.systems/api/v1/repos/lix-project/nixos-module/archive/868d97695bab9d21f6070b03957bcace249fbe3c.tar.gz?rev=868d97695bab9d21f6070b03957bcace249fbe3c" + "url": "https://git.lix.systems/api/v1/repos/lix-project/nixos-module/archive/868d97695bab9d21f6070b03957bcace249fbe3c.tar.gz" }, "original": { "type": "tarball", diff --git a/machines/serpentine/devices.nix b/machines/serpentine/devices.nix index 66a5568..700b198 100644 --- a/machines/serpentine/devices.nix +++ b/machines/serpentine/devices.nix @@ -1,4 +1,4 @@ -{ config, pkgs, ... }: +{ pkgs, ... }: { boot = { @@ -8,15 +8,28 @@ loader.efi.canTouchEfiVariables = true; }; + hardware = { + enableRedistributableFirmware = true; + enableAllFirmware = true; + + graphics = { + enable = true; + enable32Bit = true; + }; + }; + + # trying out this fancy "trust" stuff! + systemd.tpm2.enable = true; + security.tpm2 = { + enable = true; + pkcs11.enable = true; + tctiEnvironment.enable = true; + }; + zramSwap = { enable = true; algorithm = "zstd"; swapDevices = 1; memoryPercent = 50; }; - - networking.nameservers = [ - "2606:4700:4700::1111" - "2606:4700:4700::1001" - ]; } diff --git a/machines/serpentine/hardware.nix b/machines/serpentine/hardware.nix index 80b22ba..4bad1bf 100644 --- a/machines/serpentine/hardware.nix +++ b/machines/serpentine/hardware.nix @@ -1,28 +1,44 @@ # Do not modify this file! It was generated by ‘nixos-generate-config’ # and may be overwritten by future invocations. Please make changes # to /etc/nixos/configuration.nix instead. -{ config, lib, pkgs, modulesPath, ... }: +{ + config, + lib, + pkgs, + modulesPath, + ... +}: { - imports = - [ (modulesPath + "/profiles/qemu-guest.nix") - ]; + imports = [ + (modulesPath + "/installer/scan/not-detected.nix") + ]; - boot.initrd.availableKernelModules = [ "ata_piix" "virtio_pci" "virtio_scsi" "sd_mod" "virtio_blk" ]; + boot.initrd.availableKernelModules = [ + "xhci_pci" + "ahci" + "usb_storage" + "usbhid" + "sd_mod" + "sr_mod" + ]; boot.initrd.kernelModules = [ ]; - boot.kernelModules = [ "kvm-amd" ]; + boot.kernelModules = [ "kvm-intel" ]; boot.extraModulePackages = [ ]; - fileSystems."/" = - { device = "/dev/disk/by-uuid/6f4738f1-ccb0-4976-8d83-177fd6eafa28"; - fsType = "ext4"; - }; + fileSystems."/" = { + device = "/dev/disk/by-uuid/c278f114-1113-46cf-a431-f9afe0d06974"; + fsType = "ext4"; + }; - fileSystems."/boot" = - { device = "/dev/disk/by-uuid/0656-5677"; - fsType = "vfat"; - options = [ "fmask=0077" "dmask=0077" ]; - }; + fileSystems."/boot" = { + device = "/dev/disk/by-uuid/409F-1FE4"; + fsType = "vfat"; + options = [ + "fmask=0077" + "dmask=0077" + ]; + }; swapDevices = [ ]; @@ -31,7 +47,8 @@ # still possible to use this option, but it's recommended to use it in conjunction # with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`. networking.useDHCP = lib.mkDefault true; - # networking.interfaces.ens2.useDHCP = lib.mkDefault true; + # networking.interfaces.enp0s31f6.useDHCP = lib.mkDefault true; nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; + hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; } |