add Dell-Laptop

flake.nix

@@ -95,13 +95,16 @@
     inherit self inputs;
     supportedSystems = [ "x86_64-linux" "aarch64-linux" ];
 
+    customModules = builtins.listToAttrs (findModules ./modules);
+    nixosProfiles = builtins.listToAttrs (findModules ./profiles);
+    nixosRoles = import ./roles;
+
     sharedPatches = patchesPath [
       "mullvad-exclude-containers.patch"
       "ydotoold.patch"
       "gitea-208605.patch"
       "waydroid-1.4.0.patch"
       "bitwarden-pr224092.patch"
-      "mullvad-2023.3.patch"
     ];
     channelsConfig = { allowUnfree = true; };
     channels.unstable.input = nixpkgs;
@@ -137,14 +140,26 @@
         specialArgs = { inherit inputs; };
         channelName = "unstable-zfs";
       };
+      Dell-Laptop = {
+        system = builtins.readFile (./machines/Dell-Laptop/system);
+        modules = __attrValues self.customModules ++ [
+          (import (./machines/Dell-Laptop))
+          { device = "Dell-Laptop"; mainuser = "ataraxia"; }
+          inputs.vscode-server.nixosModule
+        ];
+        specialArgs = { inherit inputs; };
+        channelName = "unstable-zfs";
+      };
       Flakes-ISO = {
         system = "x86_64-linux";
-        modules = __attrValues self.customModules ++ [
+        modules = [
           (import (./machines/Flakes-ISO))
           { device = "Flakes-ISO"; mainuser = "ataraxia"; }
           ./machines/Home-Hypervisor/autoinstall.nix
           ./machines/AMD-Workstation/autoinstall.nix
+          ./machines/Dell-Laptop/autoinstall.nix
           ./machines/NixOS-VM/autoinstall.nix
+          self.customModules.autoinstall
         ];
         specialArgs = { inherit inputs; };
       };
@@ -227,9 +242,5 @@
         };
       };
     };
-
-    customModules = builtins.listToAttrs (findModules ./modules);
-    nixosProfiles = builtins.listToAttrs (findModules ./profiles);
-    nixosRoles = import ./roles;
   };
 }

machines/Dell-Laptop/autoinstall.nix

@@ -0,0 +1,22 @@
+{ ... }: {
+  autoinstall.Dell-Laptop = {
+    mainuser = "ataraxia";
+    flakesPath = "/home/nixos/nixos-config";
+    encryption.encryptBoot = false;
+    encryption.encryptRoot = true;
+    encryption.passwordFile = "/home/nixos/pass";
+    encryption.argonIterTime = "4000";
+    partitioning.useEntireDisk = true;
+    partitioning.disk = "/dev/disk/by-id/nvme-Samsung_SSD_960_EVO_250GB_S3ESNX0K159868B";
+    partitioning.nullifyDisk = false;
+    partitioning.createBootPool = true;
+    swapPartition.enable = true;
+    swapPartition.size = "8GiB";
+    efiMountPoint = "/efi";
+    bootSize = "2G";
+    zfsOpts.ashift = 13;
+    zfsOpts.bootPoolReservation = "128M";
+    zfsOpts.rootPoolReservation = "12G";
+    persist.enable = true;
+  };
+}

machines/Dell-Laptop/boot.nix

@@ -0,0 +1,59 @@
+{ config, pkgs, lib, ... }:
+let
+  zfs_arc_max = toString (2 * 1024 * 1024 * 1024);
+in {
+  boot = {
+    initrd = {
+      supportedFilesystems = [ "zfs" ];
+      luks.devices = {
+        "cryptroot" = {
+          preLVM = true;
+          keyFile = "/keyfile0.bin";
+          allowDiscards = true;
+          bypassWorkqueues = true;
+          fallbackToPassword = true;
+        };
+      };
+      secrets = {
+        "keyfile0.bin" = "/etc/secrets/keyfile0.bin";
+      };
+    };
+
+    loader = {
+      grub = {
+        enable = true;
+        version = 2;
+        device = "nodev";
+        copyKernels = true;
+        efiSupport = true;
+        enableCryptodisk = true;
+        useOSProber = false;
+        zfsSupport = true;
+      };
+      systemd-boot.enable = lib.mkForce false;
+      efi.canTouchEfiVariables = true;
+      efi.efiSysMountPoint = "/efi";
+      generationsDir.copyKernels = true;
+    };
+
+    kernelPackages = pkgs.linuxPackages_lqx;
+    kernelParams = [
+      "zfs.metaslab_lba_weighting_enabled=0"
+      "zfs.zfs_arc_max=${zfs_arc_max}"
+    ];
+    tmpOnTmpfs = true;
+    tmpOnTmpfsSize = "4G";
+  };
+
+  persist = {
+    enable = true;
+    cache.clean.enable = true;
+  };
+
+  fileSystems."/home".neededForBoot = true;
+  fileSystems."/persist".neededForBoot = true;
+  boot.initrd.postDeviceCommands = lib.mkAfter ''
+    zfs rollback -r rpool/nixos/root@empty
+    zfs rollback -r rpool/user/home@empty
+  '';
+}

machines/Dell-Laptop/default.nix

@@ -0,0 +1,50 @@
+{ inputs, config, lib, pkgs, ... }: {
+  imports = with inputs.self; [
+    ./boot.nix
+    ./hardware-configuration.nix
+    nixosRoles.desktop
+  ];
+
+  deviceSpecific.devInfo = {
+    cpu = {
+      vendor = "intel";
+      clock = 1600;
+      cores = 8;
+    };
+    drive = {
+      type = "ssd";
+      speed = 2000;
+      size = 250;
+    };
+    gpu = {
+      vendor = "intel";
+    };
+    bigScreen = false;
+    ram = 16;
+    fileSystem = "zfs";
+  };
+  deviceSpecific.isGaming = false;
+  deviceSpecific.enableVirtualisation = true;
+  deviceSpecific.vpn.ivpn.enable = true;
+
+  boot.blacklistedKernelModules = [
+    "psmouse"
+  ];
+
+  services.fwupd.enable = true;
+
+  # systemd.services.unbind-usb2 = {
+  #   wantedBy = [ "multi-user.target" ];
+  #   serviceConfig = {
+  #     ExecStart = "${pkgs.coreutils}/bin/echo 'usb2' | ${pkgs.coreutils}/bin/tee /sys/bus/usb/drivers/usb/unbind";
+  #     Type = "oneshot";
+  #   };
+  # };
+
+  boot.kernelParams = [ "mem_sleep_default=deep" ];
+
+  home-manager.users.${config.mainuser} = {
+    home.stateVersion = "23.05";
+  };
+  system.stateVersion = "23.05";
+}

machines/Dell-Laptop/system

@@ -0,0 +1 @@
+x86_64-linux

machines/Flakes-ISO/default.nix

@@ -2,7 +2,6 @@
   imports = with inputs.self; [
     "${toString modulesPath}/installer/cd-dvd/installation-cd-graphical-plasma5.nix"
     # "${toString modulesPath}/installer/cd-dvd/installation-cd-base.nix"
-    ../../modules/autoinstall/default.nix
   ];
 
   options = {
@@ -11,6 +10,8 @@
   };
 
   config = {
+    systemd.services.nix-daemon.serviceConfig.LimitNOFILE = 40960;
+
     networking.hostName = config.device;
 
     programs.ssh.extraConfig = ''

profiles/boot.nix

@@ -4,7 +4,7 @@ with config.deviceSpecific; {
     enable = true;
     algorithm = "zstd";
     priority = 100;
-    memoryPercent = 100; # around 25% of memory
+    memoryPercent = 150; # around 50% of memory
   };
 
   persist.state.files = [ "/etc/machine-id" ];