WIP: computer bricked

2023-10-10 18:37:55 +02:00 · 2023-10-10 18:37:55 +02:00 · ef7388d000
parent 5105004d98
commit ef7388d000
10 changed files with 28 additions and 33 deletions
--- a/README.md
+++ b/README.md
@ -101,7 +101,7 @@
 1. Time to reboot and pray

 ### Add luks encryption TPM keys
-`systemd-cryptenroll --tpm2-pcrs=7+8+9 --tpm2-with-pin={yes/no} --tpm2-device=auto <device>`
+`systemd-cryptenroll --tpm2-with-pin={yes/no} --tpm2-device=auto <device>`


 ## Deploy
--- a/hosts/desktopnix/default.nix
+++ b/hosts/desktopnix/default.nix
@ -12,7 +12,6 @@
    ../../modules/optional/xserver.nix
    ../../modules/optional/secureboot.nix

-    ../../modules/hardware/bluetooth.nix
    ../../modules/hardware/intel.nix
    ../../modules/hardware/nintendo.nix
    ../../modules/hardware/nvidia.nix
--- a/modules/config/boot.nix
+++ b/modules/config/boot.nix
@ -11,7 +11,7 @@
      extraBin.ip = "${pkgs.iproute}/bin/ip";
    };

-    initrd.availableKernelModules = ["xhci_pci" "nvme" "r8169" "usb_storage" "usbhid" "sd_mod" "rtsx_pci_sdmmc" "ahci" "uas"];
+    initrd.availableKernelModules = ["xhci_pci" "nvme" "r8169" "usb_storage" "usbhid" "sd_mod" "rtsx_pci_sdmmc" "ahci" "uas" "tpm_crb"];
    supportedFilesystems = ["ntfs"];
    kernelModules = ["kvm-intel"];
    kernelParams = [
--- a/modules/config/system.nix
+++ b/modules/config/system.nix
@ -39,7 +39,7 @@
  time.timeZone = lib.mkDefault "Europe/Berlin";
  i18n.defaultLocale = "C.UTF-8";
  console = {
-    font = "ter-v28n";
+    font = "${pkgs.terminus_font}/share/consolefonts/ter-v28n.psf.gz";
    packages = with pkgs; [terminus_font];
    useXkbConfig = true; # use xkbOptions in tty.
    keyMap = lib.mkDefault "de-latin1-nodeadkeys";
--- a/modules/optional/xserver.nix
+++ b/modules/optional/xserver.nix
@ -32,15 +32,17 @@ lib.optionalAttrs (!minimal) {
    exe =
      pkgs.writeShellScript "set-key-repeat"
      ''
-           if [ -d "/tmp/.X11-unix" ]; then
-                for D in /tmp/.X11-unix/*; do
-                	file=$(${pkgs.coreutils}/bin/basename $D)
-                	export DISPLAY=":''${file:1}"
+              if [ -d "/tmp/.X11-unix" ]; then
+                   for D in /tmp/.X11-unix/*; do
+                   	file=$(${pkgs.coreutils}/bin/basename $D)
+                   	export DISPLAY=":''${file:1}"
        user=$(${pkgs.coreutils}/bin/stat -c '%U' "$D")
-        ${pkgs.util-linux}/bin/runuser -u "$user" -- ${pkgs.xorg.xset}/bin/xset r rate \
-        ${toString config.services.xserver.autoRepeatDelay} ${toString config.services.xserver.autoRepeatInterval}
-                done
-           fi
+        # sleep to give X time to access the keyboard
+        (sleep 0.2; ${pkgs.util-linux}/bin/runuser -u "$user" -- ${pkgs.xorg.xset}/bin/xset r rate \
+        ${toString config.services.xserver.autoRepeatDelay} ${toString config.services.xserver.autoRepeatInterval})&
+        echo "lol" > /tmp/lel
+                   done
+              fi
      '';
  in ''
    ACTION=="add", SUBSYSTEM=="input", ATTRS{bInterfaceClass}=="03", RUN+="${exe}"
--- a/users/common/graphical/Xorg/wallpapers.nix
+++ b/users/common/graphical/Xorg/wallpapers.nix
@ -17,9 +17,13 @@ in {
          Description = "Set a random wallpaper every 3 minutes";
        };
        Timer = {
+          OnActiveSec = "5 sec";
          OnUnitActiveSec = "3 min";
        };
-        Install.WantedBy = ["timers.target"];
+        Install.WantedBy = [
+          "timers.target"
+          "graphical-session.target"
+        ];
      };
    };
    services = {
@ -32,7 +36,6 @@ in {
          ExecStart =
            exe;
        };
-        Install.WantedBy = ["graphical-session.target"];
      };
    };
  };
--- a/users/common/graphical/Xorg/xinitrc
+++ b/users/common/graphical/Xorg/xinitrc
@ -15,4 +15,9 @@ if command -v dbus-update-activation-environment >/dev/null 2>&1; then
        dbus-update-activation-environment DISPLAY XAUTHORITY
 fi

+autorandr -c
+# I3 does no start graphical session.target because ????
+# so we need to manually start all service we want
+systemctl --user start set-wallpaper.timer streamdeck.service
+xset r rate 235 60
 exec i3
--- a/users/common/impermanence.nix
+++ b/users/common/impermanence.nix
@ -21,11 +21,6 @@
      ++ optionals config.programs.nushell.enable [
        ".config/nushell"
      ]
-      ++ optionals config.programs.neovim.enable [
-        ".local/share/nvim"
-        ".local/state/nvim"
-        ".cache/nvim"
-      ]
      ++ optionals nixosConfig.services.pipewire.enable [
        # persist sound config
        ".local/state/wireplumber"
--- a/users/common/programs/nvim/default.nix
+++ b/users/common/programs/nvim/default.nix
@ -24,4 +24,9 @@
    recursive = true;
    source = ./.;
  };
+  home.persistence."/state".directories = [
+    ".local/share/nvim"
+    ".local/state/nvim"
+    ".cache/nvim"
+  ];
 }
--- a/users/patrick/streamdeck.nix
+++ b/users/patrick/streamdeck.nix
@ -74,18 +74,4 @@
      };
    };
  };
-  systemd.user = {
-    services = {
-      streamdeck-ui = {
-        Unit = {
-          Description = "start streamdeck-ui";
-        };
-        Service = {
-          Type = "exec";
-          ExecStart = "${pkgs.streamdeck-ui}/bin/streamdeck-ui --no-ui";
-        };
-        Install.WantedBy = ["graphical-session.target"];
-      };
-    };
-  };
 }