1 { pkgs, lib, config, hostName, ... }:
5 ../../nixos/profiles/hardware/T480.nix
6 ../../nixos/profiles/zfs.nix
7 ../../nixos/profiles/zramSwap.nix
11 # Setting the machine-id avoids to reencrypt all credentials
12 # when reinstalling NixOS on a new drive.
13 # Manually generated with : uuidgen | tr -d -
14 environment.etc.machine-id.source = ./machine-id.clear;
16 # The 32-bit host id of the host, formatted as 8 hexadecimal characters.
17 # You should try to make this id unique among your hosts.
18 # Manually generated with : uuidgen | head -c8
19 networking.hostId = "e6eba6c4";
26 boot.kernelPackages = config.boot.zfs.package.latestCompatibleLinuxPackages;
29 canTouchEfiVariables = true;
30 efiSysMountPoint = "/boot1";
35 # Roughly 25MiB (initrd) + 9MiB (kernel) per configuration
36 configurationLimit = 6;
37 memtest86.enable = true;
39 extraInstallCommands = ''
41 cp -r /efiboot/efi1 /efiboot/efi2
44 # FIXME: needs https://github.com/NixOS/nixpkgs/pull/246897
48 boot.zfs.requestEncryptionCredentials = [ "${hostName}/root" ];
50 hardware.enableRedistributableFirmware = true;
52 fileSystems."/boot1" =
54 device = "/dev/disk/by-partlabel/${hostName}_ssd1_boot";
56 options = [ "rw" "noexec" "nodev" "nofail" "X-mount.mkdir" "iocharset=iso8859-1" ];
60 device = "/dev/disk/by-partlabel/${hostName}_ssd1_swap";
63 cipher = "aes-xts-plain64";
64 source = "/dev/urandom";
69 boot.supportedFilesystems = [ "ntfs" "vfat" ];
73 device = "${hostName}/root";
75 options = [ "zfsutil" ];
79 device = "${hostName}/root/nix";
81 options = [ "X-mount.mkdir" "zfsutil" ];
85 device = "${hostName}/root/var";
87 options = [ "X-mount.mkdir" "zfsutil" ];
90 services.pipewire.jack.enable = true;