From d0d378fb7b3555245f379482930101067bcc7c90 Mon Sep 17 00:00:00 2001 From: Mel Date: Sat, 30 Aug 2025 00:46:02 +0200 Subject: Upgrade serpentine to new bare metal NUC host Signed-off-by: Mel --- machines/serpentine/devices.nix | 25 +++++++++++++++----- machines/serpentine/hardware.nix | 49 +++++++++++++++++++++++++++------------- 2 files changed, 52 insertions(+), 22 deletions(-) (limited to 'machines') diff --git a/machines/serpentine/devices.nix b/machines/serpentine/devices.nix index 66a5568..700b198 100644 --- a/machines/serpentine/devices.nix +++ b/machines/serpentine/devices.nix @@ -1,4 +1,4 @@ -{ config, pkgs, ... }: +{ pkgs, ... }: { boot = { @@ -8,15 +8,28 @@ loader.efi.canTouchEfiVariables = true; }; + hardware = { + enableRedistributableFirmware = true; + enableAllFirmware = true; + + graphics = { + enable = true; + enable32Bit = true; + }; + }; + + # trying out this fancy "trust" stuff! + systemd.tpm2.enable = true; + security.tpm2 = { + enable = true; + pkcs11.enable = true; + tctiEnvironment.enable = true; + }; + zramSwap = { enable = true; algorithm = "zstd"; swapDevices = 1; memoryPercent = 50; }; - - networking.nameservers = [ - "2606:4700:4700::1111" - "2606:4700:4700::1001" - ]; } diff --git a/machines/serpentine/hardware.nix b/machines/serpentine/hardware.nix index 80b22ba..4bad1bf 100644 --- a/machines/serpentine/hardware.nix +++ b/machines/serpentine/hardware.nix @@ -1,28 +1,44 @@ # Do not modify this file! It was generated by ‘nixos-generate-config’ # and may be overwritten by future invocations. Please make changes # to /etc/nixos/configuration.nix instead. -{ config, lib, pkgs, modulesPath, ... }: +{ + config, + lib, + pkgs, + modulesPath, + ... +}: { - imports = - [ (modulesPath + "/profiles/qemu-guest.nix") - ]; + imports = [ + (modulesPath + "/installer/scan/not-detected.nix") + ]; - boot.initrd.availableKernelModules = [ "ata_piix" "virtio_pci" "virtio_scsi" "sd_mod" "virtio_blk" ]; + boot.initrd.availableKernelModules = [ + "xhci_pci" + "ahci" + "usb_storage" + "usbhid" + "sd_mod" + "sr_mod" + ]; boot.initrd.kernelModules = [ ]; - boot.kernelModules = [ "kvm-amd" ]; + boot.kernelModules = [ "kvm-intel" ]; boot.extraModulePackages = [ ]; - fileSystems."/" = - { device = "/dev/disk/by-uuid/6f4738f1-ccb0-4976-8d83-177fd6eafa28"; - fsType = "ext4"; - }; + fileSystems."/" = { + device = "/dev/disk/by-uuid/c278f114-1113-46cf-a431-f9afe0d06974"; + fsType = "ext4"; + }; - fileSystems."/boot" = - { device = "/dev/disk/by-uuid/0656-5677"; - fsType = "vfat"; - options = [ "fmask=0077" "dmask=0077" ]; - }; + fileSystems."/boot" = { + device = "/dev/disk/by-uuid/409F-1FE4"; + fsType = "vfat"; + options = [ + "fmask=0077" + "dmask=0077" + ]; + }; swapDevices = [ ]; @@ -31,7 +47,8 @@ # still possible to use this option, but it's recommended to use it in conjunction # with explicit per-interface declarations with `networking.interfaces..useDHCP`. networking.useDHCP = lib.mkDefault true; - # networking.interfaces.ens2.useDHCP = lib.mkDefault true; + # networking.interfaces.enp0s31f6.useDHCP = lib.mkDefault true; nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; + hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; } -- cgit 1.4.1