feat: switched desktop

feat: sway is running
2023-09-01 20:07:03 +02:00 · 2023-09-01 20:07:03 +02:00 · a4a076b901
parent b0a8e65480
commit a4a076b901
21 changed files with 133 additions and 84 deletions
--- a/README.md
+++ b/README.md
@ -83,6 +83,11 @@
    - Alternatively boot an official nixos image connect with password
 3. Copy ISO to usb using dd
 3. After booting copy the installer to the live system using `nix copy --to <target> .#packages.<target-system>.installer-package.<target>`
+4. Run the installer script from the nix store of the live system
+    - you can get the path using `nix path-info .#packages.<target-system>.installer-package.<target>`
+4. Export all zpools and reboot into system
+6. Retrieve hostkeys using `ssh-keyscan <host> | grep -o 'ssh-ed25519.*' > host/<target>/secrets/host.pub
+5. Deploy system using colmena


 ## Deploy
--- a/hosts/common/core/net.nix
+++ b/hosts/common/core/net.nix
@ -1,4 +1,4 @@
-{
+{lib, ...}: {
  networking = {
    useNetworkd = true;
    dhcpcd.enable = false;
--- a/hosts/common/core/system.nix
+++ b/hosts/common/core/system.nix
@ -22,7 +22,7 @@
  boot = {
    initrd.systemd.enable = true;
    initrd.systemd.emergencyAccess = true;
-    initrd.availableKernelModules = ["xhci_pci" "nvme" "usb_storage" "usbhid" "sd_mod" "rtsx_pci_sdmmc"];
+    initrd.availableKernelModules = ["xhci_pci" "nvme" "usb_storage" "usbhid" "sd_mod" "rtsx_pci_sdmmc" "ahci" "uas"];
    supportedFilesystems = ["ntfs"];
    kernelModules = ["kvm-intel"];
    tmp.useTmpfs = true;
--- a/hosts/common/graphical/hyprland.nix
+++ b/hosts/common/graphical/hyprland.nix
@ -1,5 +1,8 @@
 {pkgs, ...}: {
-  programs.hyprland.enable = true;
+  programs.hyprland = {
+    enableNvidiaPatches = true;
+    enable = true;
+  };
  services.dbus.enable = true;
  xdg.portal = {
    enable = true;
--- a/hosts/common/hardware/nvidia.nix
+++ b/hosts/common/hardware/nvidia.nix
@ -4,14 +4,13 @@
  hardware = {
    opengl = {
      enable = true;
+      driSupport = true;
      driSupport32Bit = true;
    };
    nvidia = {
-      powerManagement = {
-        enable = true;
-        finegrained = true;
-      };
+      powerManagement.enable = true;
      modesetting.enable = true;
+      open = false;
    };
  };
 }
--- a/hosts/desktopnix/default.nix
+++ b/hosts/desktopnix/default.nix
@ -13,6 +13,7 @@

    ../common/hardware/bluetooth.nix
    ../common/hardware/intel.nix
+    ../common/hardware/nvidia.nix
    ../common/hardware/physical.nix
    ../common/hardware/pipewire.nix
    ../common/hardware/yubikey.nix
--- a/hosts/desktopnix/fs.nix
+++ b/hosts/desktopnix/fs.nix
@ -47,4 +47,6 @@
      panzer = defaultZpoolOptions // {datasets = {};};
    };
  };
+  boot.initrd.luks.devices.enc-rpool.allowDiscards = true;
+  boot.initrd.luks.devices.enc-infantry-fighting-vehicle.allowDiscards = true;
 }
--- a/hosts/desktopnix/net.nix
+++ b/hosts/desktopnix/net.nix
@ -7,6 +7,10 @@
      DHCP = "yes";
      matchConfig.MACAddress = config.secrets.secrets.local.networking.lan1.mac;
      dns = ["192.168.178.2"];
+      networkConfig = {
+        IPv6PrivacyExtensions = "yes";
+        MulticastDNS = true;
+      };
    };
  };
 }
--- a/hosts/desktopnix/secrets/host.pub
+++ b/hosts/desktopnix/secrets/host.pub
--- a/hosts/desktopnix/secrets/secrets.nix.age
+++ b/hosts/desktopnix/secrets/secrets.nix.age
--- a/hosts/patricknix/fs.nix
+++ b/hosts/patricknix/fs.nix
@ -23,4 +23,5 @@
      rpool = defaultZpoolOptions // {datasets = defaultZfsDatasets;};
    };
  };
+  boot.initrd.luks.devices.enc-rpool.allowDiscards = true;
 }
--- a/hosts/testienix/fs.nix
+++ b/hosts/testienix/fs.nix
@ -14,7 +14,7 @@
          partitions = [
            (partEfiBoot "boot" "0%" "1GiB")
            (partSwap "swap" "1GiB" "17GiB")
-            (partLuksZfs "rpool" "rpool" "17GiB" "100%")
+            (lib.attrsets.recursiveUpdate (partLuksZfs "rpool" "rpool" "17GiB" "100%") {content.extraFormatArgs = ["--pbkdf pbkdf2"];})
          ];
        };
      };
@ -25,7 +25,7 @@
          type = "table";
          format = "gpt";
          partitions = [
-            (partLuksZfs "panzer-1" "panzer" "0%" "100%")
+            (lib.attrsets.recursiveUpdate (partLuksZfs "panzer-1" "panzer" "0%" "100%") {content.extraFormatArgs = ["--pbkdf pbkdf2"];})
          ];
        };
      };
@ -36,7 +36,7 @@
          type = "table";
          format = "gpt";
          partitions = [
-            (partLuksZfs "panzer-2" "panzer" "0%" "100%")
+            (lib.attrsets.recursiveUpdate (partLuksZfs "panzer-2" "panzer" "0%" "100%") {content.extraFormatArgs = ["--pbkdf pbkdf2"];})
          ];
        };
      };
@ -54,4 +54,6 @@
        };
    };
  };
+
+  boot.initrd.luks.devices.enc-rpool.allowDiscards = true;
 }
--- a/hosts/testienix/net.nix
+++ b/hosts/testienix/net.nix
@ -7,6 +7,10 @@
      DHCP = "yes";
      matchConfig.MACAddress = config.secrets.secrets.local.networking.lan1.mac;
      dns = ["192.168.178.2"];
+      networkConfig = {
+        IPv6PrivacyExtensions = "yes";
+        MulticastDNS = true;
+      };
    };
  };
 }
--- a/hosts/testienix/secrets/host.pub
+++ b/hosts/testienix/secrets/host.pub
@ -0,0 +1 @@
+ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIB9g6E+f7XMSE4V2YDdw5kZjWpV9o1G4JPKb6f3SHjO4
--- a/lib/disko.nix
+++ b/lib/disko.nix
@ -28,7 +28,7 @@ inputs: self: super: {
            content = {
              type = "luks";
              name = "enc-${name}";
-              extraOpenArgs = ["--allow-discard"];
+              extraOpenArgs = ["--allow-discards"];
              content = {
                type = "zfs";
                inherit pool;
--- a/users/common/graphical/default.nix
+++ b/users/common/graphical/default.nix
@ -1,9 +1,9 @@
 {pkgs, ...}: {
  imports = [
-    ./graphical/kitty.nix
-    ./graphical/hyprland
-    ./graphical/rofi.nix
-    ./graphical/firefox.nix
+    ./kitty.nix
+    ./sway
+    ./rofi.nix
+    ./firefox.nix
  ];
  home = {
    packages = with pkgs; [
--- a/users/common/graphical/hyprland/hyprland.conf.nix
+++ b/users/common/graphical/hyprland/hyprland.conf.nix
@ -83,6 +83,12 @@ MOD: TAGS: pkgs:
        workspace = eDP-1, 42

        exec-once=bash -c "waybar >/tmp/waybar_error.log"
+  	  env = LIBVA_DRIVER_NAME,nvidia
+  env = XDG_SESSION_TYPE,wayland
+  env = GBM_BACKEND,nvidia-drm
+  env = __GLX_VENDOR_LIBRARY_NAME,nvidia
+  env = WLR_NO_HARDWARE_CURSORS,1
+
 ''
 + builtins.concatStringsSep "\n" (map (
    x: ''
--- a/users/common/graphical/sway/default.nix
+++ b/users/common/graphical/sway/default.nix
@ -0,0 +1,9 @@
+{config, ...}: {
+  wayland.windowManager.sway = {
+    enable = true;
+    config = {
+      modifier = "Mod4";
+      terminal = "kitty";
+    };
+  };
+}
--- a/users/common/shells/alias.nix
+++ b/users/common/shells/alias.nix
@ -24,6 +24,5 @@ _: {
    rg = "rg -S";

    zf = "zathura --fork";
-    hypr = "Hyprland";
  };
 }
--- a/users/patrick/default.nix
+++ b/users/patrick/default.nix
@ -5,7 +5,7 @@
 }: {
  # enable nixos wide hyprland config
  imports = [
-    ../../hosts/common/graphical/hyprland.nix
+    #../../hosts/common/graphical/hyprland.nix
  ];

  users.users.patrick = {
@ -31,7 +31,7 @@
      ./impermanence.nix
      ../common
      ../common/interactive.nix
-      ../common/graphical.nix
+      ../common/graphical
    ];
  };
 }
--- a/users/patrick/ssh.nix
+++ b/users/patrick/ssh.nix
@ -16,12 +16,25 @@
        user = "root";
        inherit identityFile;
      };
+
      "patricknix" = {
        hostname = "patricknix.local";
        user = "root";
        inherit identityFile;
      };

+      "testienix" = {
+        hostname = "192.168.178.74";
+        user = "root";
+        inherit identityFile;
+      };
+
+      "desktopnix" = {
+        hostname = "192.168.178.176";
+        user = "root";
+        inherit identityFile;
+      };
+
      "WSALVM" = {
        hostname = "172.10.8.156";
        user = "root";
				`@ -0,0 +1 @@`
				`ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIB9g6E+f7XMSE4V2YDdw5kZjWpV9o1G4JPKb6f3SHjO4`