AtaraxiaDev/nixos-config
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

feat: add new host - andromedae

Browse Source
This commit is contained in:
Dmitriy Kholkin 2025-06-07 16:58:34 +03:00
parent aaa6166233
commit ab8f980c8b
Signed by: AtaraxiaDev
GPG Key ID: FD266B810DF48DF2
4 changed files with 345 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
flake.nix
View File

@ -102,6 +102,11 @@
hostModuleDir = ./hosts;
hosts = {
NixOS-VM.system = "x86_64-linux";
# home-workstation
andromedae = {
system = "x86_64-linux";
useHomeManager = true;
};
# home-hypervisor
orion = {
system = "x86_64-linux";

69
hosts/andromedae/boot.nix Normal file
View File

@ -0,0 +1,69 @@
{ lib, pkgs, ... }:
{
fileSystems."/" = lib.mkForce {
device = "none";
options = [
"defaults"
"size=4G"
"mode=755"
];
fsType = "tmpfs";
};
# initrd = {
# supportedFilesystems = [ "zfs" ];
# luks.devices = {
# "cryptroot" = {
# keyFile = "/keyfile0.bin";
# allowDiscards = true;
# bypassWorkqueues = true;
# };
# };
# secrets = {
# "keyfile0.bin" = "/etc/secrets/keyfile0.bin";
# };
# };
boot = {
zfs.package = pkgs.zfs_unstable;
loader = {
grub = {
enable = true;
device = "nodev";
copyKernels = true;
efiSupport = true;
enableCryptodisk = true;
useOSProber = false;
zfsSupport = true;
gfxmodeEfi = "2560x1440";
};
efi.efiSysMountPoint = "/efi";
efi.canTouchEfiVariables = true;
};
kernelParams = [
"pti=off"
"retbleed=off" # big performance impact
"spectre_v2=off"
];
kernel.sysctl = {
"kernel.split_lock_mitigate" = 0;
};
tmp.useTmpfs = true;
tmp.tmpfsSize = "100%";
tmp.tmpfsHugeMemoryPages = "within_size";
supportedFilesystems = [ "ntfs" ];
};
# AMD EPP P-State management
# powerManagement.cpuFreqGovernor = "powersave";
# services.auto-epp = {
# enable = true;
# settings.Settings.epp_state_for_BAT = "balance_performance";
# settings.Settings.epp_state_for_AC = "balance_performance";
# };
}

79
hosts/andromedae/default.nix Normal file
View File

@ -0,0 +1,79 @@
{ config, ... }:
let
defaultUser = config.ataraxia.defaults.users.defaultUser;
in
{
imports = [
./hardware-configuration.nix
./boot.nix
];
ataraxia.defaults.role = "desktop";
# Impermanence
ataraxia.filesystems.zfs.enable = true;
ataraxia.filesystems.zfs.eraseOnBoot.enable = true;
ataraxia.filesystems.zfs.eraseOnBoot.snapshots = [
"rpool/nixos/root@empty"
"rpool/user/home@empty"
];
ataraxia.filesystems.zfs.mountpoints = [
"/etc/secrets"
"/media/libvirt"
"/nix"
"/persist"
"/srv"
"/var/lib/ccache"
"/var/lib/containers"
"/var/lib/docker"
"/var/lib/libvirt"
"/var/lib/postgresql"
"/var/log"
"/vol"
];
# Home-manager
home-manager.users.${defaultUser} = {
ataraxia.defaults.role = "desktop";
home.stateVersion = "25.05";
};
# Services
services.postgresql.settings = {
full_page_writes = "off";
wal_init_zero = "off";
wal_recycle = "off";
};
# Auto-mount lan nfs share
fileSystems = {
"/media/files" = {
fsType = "ntfs";
device = "/dev/disk/by-partuuid/15fa11a1-a6d8-4962-9c03-74b209d7c46a";
options = [
"nofail"
"uid=${toString config.users.users.${defaultUser}.uid}"
"gid=${toString config.users.groups.users.gid}"
];
};
"/media/win-sys" = {
fsType = "ntfs";
device = "/dev/disk/by-partuuid/4fba33e7-6b47-4e3b-b18b-882a58032673";
options = [
"nofail"
"uid=${toString config.users.users.${defaultUser}.uid}"
"gid=${toString config.users.groups.users.gid}"
];
};
"/media/local-nfs" = {
device = "10.10.10.11:/";
fsType = "nfs4";
options = [
"nfsvers=4.2"
"x-systemd.automount"
"noauto"
];
};
};
system.stateVersion = "25.05";
}

192
hosts/andromedae/hardware-configuration.nix Normal file
View File

@ -0,0 +1,192 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{
config,
lib,
modulesPath,
...
}:
{
imports = [
(modulesPath + "/installer/scan/not-detected.nix")
];
boot.initrd.availableKernelModules = [
"nvme"
"xhci_pci"
"ahci"
"usb_storage"
"usbhid"
"sd_mod"
];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-amd" ];
boot.extraModulePackages = [ ];
fileSystems."/home" = {
device = "rpool/user/home";
fsType = "zfs";
options = [
"zfsutil"
"X-mount.mkdir"
];
};
fileSystems."/persist" = {
device = "rpool/persistent/impermanence";
fsType = "zfs";
options = [
"zfsutil"
"X-mount.mkdir"
];
};
fileSystems."/srv" = {
device = "rpool/persistent/servers";
fsType = "zfs";
options = [
"zfsutil"
"X-mount.mkdir"
];
};
fileSystems."/etc/secrets" = {
device = "rpool/persistent/secrets";
fsType = "zfs";
options = [
"zfsutil"
"X-mount.mkdir"
];
};
fileSystems."/nix" = {
device = "rpool/persistent/nix";
fsType = "zfs";
options = [
"zfsutil"
"X-mount.mkdir"
];
};
fileSystems."/var/log" = {
device = "rpool/persistent/log";
fsType = "zfs";
options = [
"zfsutil"
"X-mount.mkdir"
];
};
fileSystems."/var/lib/docker" = {
device = "rpool/persistent/docker";
fsType = "zfs";
options = [
"zfsutil"
"X-mount.mkdir"
];
};
fileSystems."/var/lib/containers" = {
device = "rpool/persistent/containers";
fsType = "zfs";
options = [
"zfsutil"
"X-mount.mkdir"
];
};
fileSystems."/var/lib/nixos-containers" = {
device = "rpool/persistent/nixos-containers";
fsType = "zfs";
options = [
"zfsutil"
"X-mount.mkdir"
];
};
fileSystems."/var/lib/libvirt" = {
device = "rpool/persistent/libvirt";
fsType = "zfs";
options = [
"zfsutil"
"X-mount.mkdir"
];
};
fileSystems."/media/libvirt" = {
device = "rpool/persistent/libvirt-user";
fsType = "zfs";
options = [
"zfsutil"
"X-mount.mkdir"
];
};
fileSystems."/media/libvirt/images" = {
device = "rpool/persistent/libvirt-user/images";
fsType = "zfs";
options = [
"zfsutil"
"X-mount.mkdir"
];
};
fileSystems."/var/lib/ccache" = {
device = "rpool/persistent/ccache";
fsType = "zfs";
options = [
"zfsutil"
"X-mount.mkdir"
];
};
fileSystems."/var/lib/postgresql" = {
device = "rpool/persistent/postgresql";
fsType = "zfs";
options = [
"zfsutil"
"X-mount.mkdir"
];
};
fileSystems."/boot" = {
device = "bpool/nixos/boot";
fsType = "zfs";
options = [
"zfsutil"
"X-mount.mkdir"
];
};
fileSystems."/efi" = {
device = "/dev/disk/by-uuid/A556-CD19";
fsType = "vfat";
options = [
"fmask=0022"
"dmask=0022"
];
};
swapDevices = [
{
device = "/dev/disk/by-partuuid/a42e17be-989d-4b26-b7a2-055e0068eb05";
randomEncryption.enable = true;
randomEncryption.allowDiscards = true;
}
];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's
# still possible to use this option, but it's recommended to use it in conjunction
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
networking.useDHCP = lib.mkDefault true;
# networking.interfaces.enp8s0.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
networking.hostId = "ec5d10ad";
boot.zfs.devNodes = "/dev/disk/by-id";
boot.supportedFilesystems = [ "zfs" ];
}