]> Git — Sourcephile - julm/julm-nix.git/blob - hosts/blackberry/hardware.nix
Add 1 git-crypt collaborator
[julm/julm-nix.git] / hosts / blackberry / hardware.nix
1 { pkgs, hostName, ... }:
2 {
3 imports = [
4 ../../nixos/profiles/hardware/E5500.nix
5 ../../nixos/profiles/zfs.nix
6 ../../nixos/profiles/zramSwap.nix
7 ];
8
9 # Setting the machine-id avoids to reencrypt all credentials
10 # when reinstalling NixOS on a new drive.
11 # Manually generated with : uuidgen | tr -d -
12 environment.etc.machine-id.source = ./machine-id.clear;
13
14 # The 32-bit host id of the host, formatted as 8 hexadecimal characters.
15 # You should try to make this id unique among your hosts.
16 # Manually generated with : uuidgen | head -c8
17 networking.hostId = "e53001b7";
18
19 boot.loader = {
20 grub = {
21 enable = true;
22 memtest86.enable = true;
23 mirroredBoots = [
24 { path = "/boot1"; devices = [ "/dev/disk/by-id/ata-CT250MX500SSD1_2004E2849DD5" ]; }
25 ];
26 # Roughly 25MiB (initrd) + 9MiB (kernel) per configuration
27 configurationLimit = 6;
28
29 #zfsSupport = true;
30 #efiSupport = true;
31 #enableCryptodisk = true;
32 };
33 };
34 boot.zfs.requestEncryptionCredentials = [ "${hostName}/root" ];
35
36 hardware.enableRedistributableFirmware = true;
37
38 fileSystems."/boot1" =
39 {
40 device = "/dev/disk/by-partlabel/${hostName}_ssd1_boot";
41 fsType = "vfat";
42 options = [ "rw" "noexec" "nodev" "nofail" "X-mount.mkdir" "iocharset=iso8859-1" ];
43 };
44 swapDevices = [
45 {
46 device = "/dev/disk/by-partlabel/${hostName}_ssd1_swap";
47 randomEncryption = {
48 enable = true;
49 cipher = "aes-xts-plain64";
50 source = "/dev/urandom";
51 };
52 }
53 ];
54
55 boot.supportedFilesystems = [ "ntfs" "vfat" ];
56
57 fileSystems."/" =
58 {
59 device = "${hostName}/root";
60 fsType = "zfs";
61 options = [ "zfsutil" ];
62 };
63 fileSystems."/nix" =
64 {
65 device = "${hostName}/root/nix";
66 fsType = "zfs";
67 options = [ "X-mount.mkdir" "zfsutil" ];
68 };
69 fileSystems."/var" =
70 {
71 device = "${hostName}/root/var";
72 fsType = "zfs";
73 options = [ "X-mount.mkdir" "zfsutil" ];
74 };
75
76 services.pipewire.jack.enable = true;
77
78 }