diff options
| -rw-r--r-- | nixos/lindy.nix | 100 | ||||
| -rw-r--r-- | nixpkgs/lindy.nix | 4 | ||||
| -rw-r--r-- | qutebrowser/config.py | 3 |
3 files changed, 69 insertions, 38 deletions
diff --git a/nixos/lindy.nix b/nixos/lindy.nix index 760b656..471026d 100644 --- a/nixos/lindy.nix +++ b/nixos/lindy.nix @@ -11,7 +11,13 @@ ]; networking.hostName = "lindy"; - networking.hostId = "00000000"; + networking.hostId = "b8149765"; + + # Driver config + boot.initrd.availableKernelModules = [ "xhci_pci" "ehci_pci" "ahci" "nvme" "usb_storage" "usbhid" "sd_mod" ]; + boot.initrd.kernelModules = [ "dm-snapshot" ]; + boot.kernelModules = [ "kvm-intel" "wl" ]; + boot.extraModulePackages = [ config.boot.kernelPackages.broadcom_sta ]; # ZFS config boot.kernelPackages = config.boot.zfs.package.latestCompatibleLinuxPackages; @@ -24,59 +30,83 @@ # Use Grub boot.loader.grub.enable = true; + boot.loader.grub.efiSupport = true; boot.loader.grub.device = "nodev"; boot.loader.grub.extraGrubInstallArgs = [ "--bootloader-id=NixOS" ]; boot.loader.efi.efiSysMountPoint = "/boot/efi"; boot.loader.efi.canTouchEfiVariables = true; - boot.initrd.availableKernelModules = - [ "xhci_pci" "ahci" "nvme" "usb_storage" "usbhid" ]; - boot.initrd.kernelModules = [ "dm-snapshot" ]; - boot.kernelModules = [ "kvm-intel" "wl" ]; - boot.extraModulePackages = [ config.boot.kernelPackages.broadcom_sta ]; - boot.initrd.luks.devices = { cryptssd = { - device = "/dev/disk/by-uuid/1b074a78-9116-420e-b872-7bf49ca10ce1"; + device = "/dev/disk/by-uuid/a5aad0b3-fb8c-4711-80db-d8fdcc832f83"; allowDiscards = true; }; }; + fileSystems."/" = + { device = "none"; + fsType = "tmpfs"; + options = [ "defaults" "size=6G" "mode=755" ]; + }; + + fileSystems."/var" = + { device = "lindy/nixos/var"; + fsType = "zfs"; + }; + + fileSystems."/home" = + { device = "lindy/home"; + fsType = "zfs"; + neededForBoot = true; # because contains password files used below + }; + + fileSystems."/nix" = + { device = "lindy/nixos/nix"; + fsType = "zfs"; + }; + + fileSystems."/boot" = + { device = "/dev/disk/by-uuid/b9f80731-ac5a-476e-9454-32fef4ebc40f"; + fsType = "ext4"; + options = [ "discard" ]; + }; + + fileSystems."/boot/efi" = + { device = "/dev/disk/by-uuid/02D0-F1C6"; + fsType = "vfat"; + }; + + fileSystems."/root" = # /root contains the Borg cache for the backup script + { device = "/nix/persist/root"; + fsType = "none"; + options = [ "bind" ]; + }; + + fileSystems."/etc/NetworkManager/system-connections" = + { device = "/nix/persist/etc/NetworkManager/system-connections"; + fsType = "none"; + options = [ "bind" ]; + }; + + environment.etc."machine-id".source = "/nix/persist/etc/machine-id"; + + # ---- zonz (encrypted zfs) ---- + environment.etc.crypttab = { enable = true; text = '' -Kurisu UUID=f593d307-66cc-4586-a899-f1ca20d74430 /root/kurisu_key -Kogami UUID=61534c91-df18-4c71-9244-54e677f5d4fa /root/kogami_key +Kurisu UUID=f593d307-66cc-4586-a899-f1ca20d74430 /nix/persist/root/kurisu_key +Kogami UUID=61534c91-df18-4c71-9244-54e677f5d4fa /nix/persist/root/kogami_key ''; }; - fileSystems."/" = { - device = "/dev/disk/by-uuid/2e64e6fc-ab7c-4620-b56b-faee641bd2a6"; - fsType = "ext4"; - options = [ "discard" ]; - }; - - fileSystems."/home" = { - device = "/dev/disk/by-uuid/1ef4b6f4-975d-4e04-9d88-0640e83ed0b4"; - fsType = "ext4"; - options = [ "discard" ]; - }; - - fileSystems."/boot" = { - device = "/dev/disk/by-uuid/0728e7e5-8e21-44bd-9287-eb066d489a0e"; - fsType = "ext4"; - options = [ "discard" ]; - }; - - fileSystems."/boot/efi" = { - device = "/dev/disk/by-uuid/02D0-F1C6"; - fsType = "vfat"; - }; + # ---- immutable user config ---- - swapDevices = - [{ device = "/dev/disk/by-uuid/5950785a-9793-4d04-b791-8f4dbc497ec3"; }]; + users.mutableUsers = false; + users.users.lx.passwordFile = "/home/lx/.password"; + users.users.lx.uid = 1000; - users.users.lx.home = "/home/lx.nix"; + # ---- # Backup services.cron.enable = true; diff --git a/nixpkgs/lindy.nix b/nixpkgs/lindy.nix index c1baee5..98b5dcd 100644 --- a/nixpkgs/lindy.nix +++ b/nixpkgs/lindy.nix @@ -1,8 +1,8 @@ { pkgs, ... }: { imports = [ ./common.nix ]; - home.homeDirectory = "/home/lx.nix"; - xdg.userDirs.download = "/home/lx.nix/Downloads"; + home.homeDirectory = "/home/lx"; + xdg.userDirs.download = "/home/lx/Downloads"; programs.keychain = { enable = true; diff --git a/qutebrowser/config.py b/qutebrowser/config.py index e7ded7c..48e9b8e 100644 --- a/qutebrowser/config.py +++ b/qutebrowser/config.py @@ -1,4 +1,5 @@ -config.load_autoconfig(False) # disable saved configs +# config.load_autoconfig(False) # disable saved configs +config.load_autoconfig() c.hints.chars = "qsdjflkmazeruiopghwxcvn" c.auto_save.session = True |