From da7b62f13052a6ec80b17430dc673b8399a8f9fb Mon Sep 17 00:00:00 2001 From: Mohammad Rafiq Date: Sun, 18 May 2025 14:00:21 +0800 Subject: [PATCH] feat(systems/nemesis): set up basic nemesis configuration --- configuration.nix | 37 ++++++++++++++++++++++++ device.txt | 1 + disko.nix | 71 +++++++++++++++++++++++++++++++++++++++++++++++ flake.lock | 48 ++++++++++++++++++++++++++++++++ flake.nix | 17 ++++++++++++ 5 files changed, 174 insertions(+) create mode 100644 configuration.nix create mode 100644 device.txt create mode 100644 disko.nix create mode 100644 flake.lock create mode 100644 flake.nix diff --git a/configuration.nix b/configuration.nix new file mode 100644 index 0000000..5ea38e7 --- /dev/null +++ b/configuration.nix @@ -0,0 +1,37 @@ +{ config, lib, pkgs, modulesPath, ... }: +{ + imports = + [ + (modulesPath + "/installer/scan/not-detected.nix") + (import ./disko.nix {inherit lib; device = "/dev/disk/by-id/nvme-CT2000P3SSD8_2325E6E77434";}) + ]; + + boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" "ahci" "usbhid" "usb_storage" "sd_mod" ]; + boot.initrd.kernelModules = [ "dm-snapshot" ]; + boot.kernelModules = [ "kvm-amd" ]; + boot.loader.systemd-boot.enable = true; + boot.loader.efi.canTouchEfiVariables = true; + networking.useDHCP = lib.mkDefault true; + nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; + hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; + networking.hostName = "nemesis"; # Define your hostname. + networking.networkmanager.enable = true; # Easiest to use and most distros use this by default. + time.timeZone = "Asia/Singapore"; + i18n.defaultLocale = "en_US.UTF-8"; + services.pipewire = { + enable = true; + pulse.enable = true; + }; + users.users.rafiq = { + isNormalUser = true; + initialPassword = "1"; + extraGroups = [ "wheel" ]; # Enable ‘sudo’ for the user. + packages = with pkgs; [ + git + neovim + ]; + }; + nix.settings.experimental-features = ["nix-command" "flakes"]; + system.stateVersion = "25.05"; # Did you read the comment? +} + diff --git a/device.txt b/device.txt new file mode 100644 index 0000000..46b2b36 --- /dev/null +++ b/device.txt @@ -0,0 +1 @@ +/dev/disk/by-id/nvme-CT2000P3SSD8_2325E6E77434 diff --git a/disko.nix b/disko.nix new file mode 100644 index 0000000..7233e13 --- /dev/null +++ b/disko.nix @@ -0,0 +1,71 @@ +{lib, device,...}: +{ + boot.initrd.postDeviceCommands = lib.mkAfter '' + mkdir /btrfs_tmp + mount /dev/root_vg/root /btrfs_tmp + if [[ -e /btrfs_tmp/root ]]; then + mkdir -p /btrfs_tmp/old_roots + timestamp=$(date --date="@$(stat -c %Y /btrfs_tmp/root)" "+%Y-%m-%-d_%H:%M:%S") + mv /btrfs_tmp/root "/btrfs_tmp/old_roots/$timestamp" + fi + + delete_subvolume_recursively() { + IFS=$'\n' + for i in $(btrfs subvolume list -o "$1" | cut -f 9- -d ' '); do + delete_subvolume_recursively "/btrfs_tmp/$i" + done + btrfs subvolume delete "$1" + } + + for i in $(find /btrfs_tmp/old_roots/ -maxdepth 1 -mtime +30); do + delete_subvolume_recursively "$i" + done + + btrfs subvolume create /btrfs_tmp/root + umount /btrfs_tmp + ''; + + disko.devices.disk.main = { + inherit device; + type = "disk"; + content.type = "gpt"; + content.partitions = { + boot.name = "boot"; + boot.size = "1M"; + boot.type = "EF02"; + esp.name = "ESP"; + esp.size = "500M"; + esp.type = "EF00"; + esp.content = { + type = "filesystem"; + format = "vfat"; + mountpoint = "/boot"; + }; + swap.size = "4G"; + swap.content = { + type = "swap"; + resumeDevice = true; + }; + root.name = "root"; + root.size = "100%"; + root.content = { + type = "lvm_pv"; + vg = "root_vg"; + }; + }; + }; + + disko.devices.lvm_vg.root_vg = { + type = "lvm_vg"; + lvs.root.size = "100%FREE"; + lvs.root.content.type = "btrfs"; + lvs.root.content.extraArgs = ["-f"]; + lvs.root.content.subvolumes = { + "/root".mountpoint = "/"; + "/persist".mountpoint = "/persist"; + "/persist".mountOptions = ["subvol=persist" "noatime"]; + "/nix".mountpoint = "/nix"; + "/nix".mountOptions = ["subvol=nix" "noatime"]; + }; + }; +} diff --git a/flake.lock b/flake.lock new file mode 100644 index 0000000..62198bc --- /dev/null +++ b/flake.lock @@ -0,0 +1,48 @@ +{ + "nodes": { + "disko": { + "inputs": { + "nixpkgs": [ + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1747274630, + "narHash": "sha256-87RJwXbfOHyzTB9LYagAQ6vOZhszCvd8Gvudu+gf3qo=", + "owner": "nix-community", + "repo": "disko", + "rev": "ec7c109a4f794fce09aad87239eab7f66540b888", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "disko", + "type": "github" + } + }, + "nixpkgs": { + "locked": { + "lastModified": 1747327360, + "narHash": "sha256-LSmTbiq/nqZR9B2t4MRnWG7cb0KVNU70dB7RT4+wYK4=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "e06158e58f3adee28b139e9c2bcfcc41f8625b46", + "type": "github" + }, + "original": { + "owner": "nixos", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "root": { + "inputs": { + "disko": "disko", + "nixpkgs": "nixpkgs" + } + } + }, + "root": "root", + "version": 7 +} diff --git a/flake.nix b/flake.nix new file mode 100644 index 0000000..31265ae --- /dev/null +++ b/flake.nix @@ -0,0 +1,17 @@ +{ + inputs = { + nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable"; + disko.url = "github:nix-community/disko"; + disko.inputs.nixpkgs.follows = "nixpkgs"; + }; + + outputs = inputs: { + nixosConfigurations.nemesis = inputs.nixpkgs.lib.nixosSystem { + specialArgs = { inherit inputs; }; + modules = [ + inputs.disko.nixosModules.disko + ./configuration.nix + ]; + }; + }; +}