diff options
| -rw-r--r-- | .gitignore | 1 | ||||
| -rw-r--r-- | flake.nix | 8 | ||||
| -rw-r--r-- | flake/default.nix | 20 | ||||
| -rw-r--r-- | flake/nixosConfigurations/default.nix | 8 | ||||
| -rw-r--r-- | hosts/apzu/hardware/default.nix | 6 | ||||
| -rw-r--r-- | hosts/tiamat/hardware/default.nix | 14 | ||||
| -rw-r--r-- | system/default.nix | 2 | ||||
| -rw-r--r-- | system/disks/default.nix | 120 | ||||
| -rw-r--r-- | system/disks/fstrim.nix | 44 | ||||
| -rw-r--r-- | system/disks/hibernate.nix | 42 | ||||
| -rw-r--r-- | system/fileSystemLayouts/default.nix | 155 | ||||
| -rw-r--r-- | system/services/backup/default.nix | 1 |
12 files changed, 237 insertions, 184 deletions
@@ -1 +1,2 @@ .direnv +/result @@ -213,6 +213,7 @@ agenix, ragenix, serverphone, + disko, # external dependencies neovim_config, user_js, @@ -245,21 +246,22 @@ sysLib nixpkgs # modules - + home-manager nixos-generators impermanence agenix ragenix serverphone + disko # external dependencies - + neovim_config user_js snap-sync templates # my binaries - + video_pause strip_js_comments generate_firefox_extensions diff --git a/flake/default.nix b/flake/default.nix index 6a3622a1..6e70428b 100644 --- a/flake/default.nix +++ b/flake/default.nix @@ -12,6 +12,7 @@ agenix, ragenix, serverphone, + disko, # external dependencies neovim_config, user_js, @@ -38,10 +39,10 @@ pkgs sysLib # extra information - + system # bins - + video_pause yambar_cpu yambar_memory @@ -51,12 +52,12 @@ shell_library flake_update # external deps - + user_js neovim_config snap-sync # modules - + impermanence ; }; @@ -70,6 +71,8 @@ serverphone.nixosModules.default + disko.nixosModules.default + home-manager.nixosModules.home-manager homeManagerConfig @@ -89,11 +92,11 @@ in { nixpkgs sysLib # configs - + defaultModules defaultSpecialArgs # bins - + video_pause yambar_cpu yambar_memory @@ -103,17 +106,18 @@ in { shell_library flake_update # external deps - + user_js neovim_config snap-sync templates # modules - + impermanence home-manager agenix serverphone + disko ; }; packages."${system}" = import ./packages { diff --git a/flake/nixosConfigurations/default.nix b/flake/nixosConfigurations/default.nix index d8667673..e521a5ab 100644 --- a/flake/nixosConfigurations/default.nix +++ b/flake/nixosConfigurations/default.nix @@ -25,6 +25,7 @@ home-manager, agenix, serverphone, + disko, ... }: let generateHost = name: { @@ -39,7 +40,12 @@ ++ defaultModules; }; }; - hosts = ["tiamat" "mammun" "apzu" "lahmu"]; + hosts = [ + "tiamat" + #"mammun" + "apzu" + #"lahmu" + ]; generatedHosts = builtins.listToAttrs (builtins.map generateHost hosts); in generatedHosts diff --git a/hosts/apzu/hardware/default.nix b/hosts/apzu/hardware/default.nix index ab25c244..1f77e435 100644 --- a/hosts/apzu/hardware/default.nix +++ b/hosts/apzu/hardware/default.nix @@ -7,10 +7,8 @@ nixpkgs.hostPlatform = "x86_64-linux"; - system.fileSystemLayouts = { - enable = true; - mainDisk = "/dev/disk/by-uuid/b4a0500c-43a3-4d00-b544-467c1792eeea"; - efiDisk = "/dev/disk/by-uuid/71E7-AA08"; + soispha.disks = { + disk = "/dev/disk/by-uuid/b4a0500c-43a3-4d00-b544-467c1792eeea"; ssd = true; swap = { uuid = "b4a0500c-43a3-4d00-b544-467c1792eeea"; diff --git a/hosts/tiamat/hardware/default.nix b/hosts/tiamat/hardware/default.nix index bb4596ec..be81253d 100644 --- a/hosts/tiamat/hardware/default.nix +++ b/hosts/tiamat/hardware/default.nix @@ -1,10 +1,4 @@ -{ - config, - lib, - pkgs, - modulesPath, - ... -}: { +{modulesPath, ...}: { imports = [ (modulesPath + "/installer/scan/not-detected.nix") # TODO is this necessary? ./cpu.nix @@ -13,10 +7,8 @@ nixpkgs.hostPlatform = "x86_64-linux"; - system.fileSystemLayouts = { - enable = true; - mainDisk = "/dev/disk/by-uuid/4211a4ff-f2e9-41ed-83ca-712830fd0254"; - efiDisk = "/dev/disk/by-uuid/2BFA-8F0F"; + soispha.disks = { + disk = "/dev/disk/by-uuid/4211a4ff-f2e9-41ed-83ca-712830fd0254"; # TODO ssd = true; swap = { uuid = "4211a4ff-f2e9-41ed-83ca-712830fd0254"; diff --git a/system/default.nix b/system/default.nix index af4d4591..73d1a43a 100644 --- a/system/default.nix +++ b/system/default.nix @@ -1,7 +1,7 @@ {lib, ...}: { imports = [ ./boot - ./fileSystemLayouts + ./disks ./font ./hardware #./impermanence already at flake level imported diff --git a/system/disks/default.nix b/system/disks/default.nix new file mode 100644 index 00000000..33e1fa33 --- /dev/null +++ b/system/disks/default.nix @@ -0,0 +1,120 @@ +{ + config, + lib, + pkgs, + ... +}: let + cfg = config.soispha.disks; + defaultMountOptions = [ + "compress-force=zstd:15" # This saves disk space, at a performance cost + "noatime" # should have some performance upsides, and I don't use it anyways + "lazytime" # make time changes in memory + ]; +in { + options.soispha.disks = { + disk = lib.mkOption { + type = lib.types.path; + example = lib.literalExpression "/dev/disk/by-uuid/0442cb6d-f13a-4635-b487-fa76189774c5"; + description = lib.mdDoc "The disk used for installing the OS"; + }; + ssd = lib.mkOption { + type = lib.types.bool; + example = lib.literalExpression "true"; + default = false; + description = lib.mdDoc "Enable ssd specific improvements, like trim"; + }; + swap = { + uuid = lib.mkOption { + type = lib.types.str; + example = lib.literalExpression "d1d20ae7-3d8a-44da-86da-677dbbb10c89"; + description = lib.mdDoc "The uuid of the swapfile"; + }; + resumeOffset = lib.mkOption { + type = lib.types.str; + example = lib.literalExpression "134324224"; + description = lib.mdDoc "The resume offset of the swapfile"; + }; + }; + }; + + config = { + systemd = lib.recursiveUpdate (import ./hibernate.nix {inherit pkgs;}) (import ./fstrim.nix {inherit pkgs lib cfg;}); + + disko.devices = { + disk = { + main = { + device = cfg.mainDisk; + content = { + type = "gpt"; + partitions = { + root = { + size = "100%"; + name = "root"; + content = { + type = "btrfs"; + extraArgs = ["-f"]; # Override existing partitions + subvolumes = { + "nix" = { + mountpoint = "/nix"; + mountOptions = defaultMountOptions; + }; + "persistent-storage" = { + mountpoint = "/srv"; + mountOptions = defaultMountOptions; + }; + "swap" = { + mountpoint = "/swap"; + mountOptions = defaultMountOptions; + }; + }; + }; + }; + boot = { + type = "EF00"; + size = "512M"; + name = "boot"; + content = { + type = "filesystem"; + format = "vfat"; + mountpoint = "/boot"; + }; + }; + }; + }; + }; + }; + nodev = { + "/" = { + fsType = "tmpfs"; + mountOptions = ["defaults" "size=4G" "mode=755"]; + }; + }; + }; + fileSystems = { + "/srv" = { + neededForBoot = true; + }; + "/swap" = { + neededForBoot = true; + }; + }; + swapDevices = [ + { + device = "/swap/swapfile"; + priority = 1; # lower than zramSwap, just in case + # size = 2048; # TODO can nixos create a btrfs swapfile correctly? + } + ]; + zramSwap = { + enable = true; + priority = 10; # needs to be higher than hardware-swap + }; + boot.kernelParams = [ + "resume=UUID=${cfg.swap.uuid}" + "resume_offset=${cfg.swap.resumeOffset}" + "zswap.enabled=0" # zswap and zram are not really compatible + ]; + }; +} +# vim: ts=2 + diff --git a/system/disks/fstrim.nix b/system/disks/fstrim.nix new file mode 100644 index 00000000..6a8da5be --- /dev/null +++ b/system/disks/fstrim.nix @@ -0,0 +1,44 @@ +{ + pkgs, + lib, + cfg, +}: { + timers.fstrim = lib.mkIf cfg.ssd { + wantedBy = ["timers.target"]; + wants = ["fstrim.service"]; + unitConfig = { + Description = "Discard unused blocks once a week"; + Documentation = "man:fstrim"; + ConditionVirtualization = "!container"; + ConditionPathExists = "!/etc/initrd-release"; + }; + timerConfig = { + OnCalendar = "weekly"; + AccuracySec = "1h"; + Persistent = "true"; + RandomizedDelaySec = "6000"; + }; + }; + services.fstrim = lib.mkIf cfg.ssd { + wantedBy = lib.mkForce []; + unitConfig = { + Description = "Discard unused blocks on filesystems from /etc/fstab"; + Documentation = "man:fstrim(8)"; + ConditionVirtualization = "!container"; + }; + serviceConfig = { + Type = "oneshot"; + ExecStart = "${pkgs.util-linux}/bin/fstrim --listed-in /etc/fstab:/proc/self/mountinfo --verbose --quiet-unsupported"; + PrivateDevices = "no"; + PrivateNetwork = "yes"; + PrivateUsers = "no"; + ProtectKernelTunables = "yes"; + ProtectKernelModules = "yes"; + ProtectControlGroups = "yes"; + MemoryDenyWriteExecute = "yes"; + SystemCallFilter = "@default @file-system @basic-io @system-service"; + }; + }; +} +# vim: ts=2 + diff --git a/system/disks/hibernate.nix b/system/disks/hibernate.nix new file mode 100644 index 00000000..5bb0f8d5 --- /dev/null +++ b/system/disks/hibernate.nix @@ -0,0 +1,42 @@ +{pkgs}: { + services = { + hibernate-preparation = { + # TODO check if they work + wantedBy = ["systemd-hibernate.service"]; + unitConfig = { + Description = "Enable swap file and disable zram before hibernate"; + Before = "systemd-hibernate.service"; + }; + serviceConfig = { + Type = "oneshot"; + User = "root"; + ExecStart = "${pkgs.dash}/bin/dash -c \"${pkgs.util-linux}/bin/swapon /swap/swapfile && ${pkgs.util-linux}/bin/swapoff /dev/zram0\""; + }; + }; + hibernate-resume = { + wantedBy = ["hibernate.target"]; + unitConfig = { + Description = "Disable swap after resuming from hibernation"; + After = "hibernate.target"; + }; + serviceConfig = { + Type = "oneshot"; + User = "root"; + ExecStart = "${pkgs.util-linux}/bin/swapoff /swap/swapfile"; + }; + }; + swapoff-start = { + wantedBy = ["multi-user.target"]; + unitConfig = { + Description = "Disable hardware swap after booting"; + }; + serviceConfig = { + Type = "oneshot"; + User = "root"; + ExecStart = "${pkgs.util-linux}/bin/swapoff /swap/swapfile"; + }; + }; + #systemd-hibernate.serviceConfig.Environment = "SYSTEMD_BYPASS_HIBERNATION_MEMORY_CHECK=1"; + #systemd-logind.serviceConfig.Environment = "SYSTEMD_BYPASS_HIBERNATION_MEMORY_CHECK=1"; + }; +} diff --git a/system/fileSystemLayouts/default.nix b/system/fileSystemLayouts/default.nix deleted file mode 100644 index 40855714..00000000 --- a/system/fileSystemLayouts/default.nix +++ /dev/null @@ -1,155 +0,0 @@ -# vim: ts=2 -{ - config, - lib, - pkgs, - ... -}: let - cfg = config.system.fileSystemLayouts; - defaultMountOptions = [ - "compress-force=zstd:15" # This saves disk space, at a performance cost - "noatime" # should have some performance upsides, and I don't use it anyways - "lazytime" # make time changes in memory - ]; -in { - options.system.fileSystemLayouts = { - enable = lib.mkEnableOption (lib.mdDoc "fileSystemLayout"); - mainDisk = lib.mkOption { - type = lib.types.path; - example = lib.literalExpression "/dev/disk/by-uuid/0442cb6d-f13a-4635-b487-fa76189774c5"; - description = lib.mdDoc "Path to the main disk"; - }; - efiDisk = lib.mkOption { - type = lib.types.path; - example = lib.literalExpression "/dev/disk/by-uuid/5143-6136"; - description = lib.mdDoc "Path to the main disk"; - }; - ssd = lib.mkOption { - type = lib.types.bool; - example = lib.literalExpression "true"; - default = false; - description = lib.mdDoc "Enable ssd specific improvements?"; - }; - swap = { - uuid = lib.mkOption { - type = lib.types.str; - example = lib.literalExpression "d1d20ae7-3d8a-44da-86da-677dbbb10c89"; - description = lib.mdDoc "The uuid of the swapfile"; - }; - resumeOffset = lib.mkOption { - type = lib.types.str; - example = lib.literalExpression "134324224"; - description = lib.mdDoc "The resume offset of the swapfile"; - }; - }; - }; - - config = lib.mkIf cfg.enable { - systemd = { - services = { - hibernate-preparation = { - # TODO check if they work - wantedBy = ["systemd-hibernate.service"]; - unitConfig = { - Description = "Enable swap file and disable zram before hibernate"; - Before = "systemd-hibernate.service"; - }; - serviceConfig = { - Type = "oneshot"; - User = "root"; - ExecStart = "${pkgs.dash}/bin/dash -c \"${pkgs.util-linux}/bin/swapon /swap/swapfile && ${pkgs.util-linux}/bin/swapoff /dev/zram0\""; - }; - }; - hibernate-resume = { - wantedBy = ["hibernate.target"]; - unitConfig = { - Description = "Disable swap after resuming from hibernation"; - After = "hibernate.target"; - }; - serviceConfig = { - Type = "oneshot"; - User = "root"; - ExecStart = "${pkgs.util-linux}/bin/swapoff /swap/swapfile"; - }; - }; - systemd-hibernate.serviceConfig.Environment = "SYSTEMD_BYPASS_HIBERNATION_MEMORY_CHECK=1"; - systemd-logind.serviceConfig.Environment = "SYSTEMD_BYPASS_HIBERNATION_MEMORY_CHECK=1"; - }; - timers.fstrim = lib.mkIf cfg.ssd { - wantedBy = ["timers.target"]; - wants = ["fstrim.service"]; - unitConfig = { - Description = "Discard unused blocks once a week"; - Documentation = "man:fstrim"; - ConditionVirtualization = "!container"; - ConditionPathExists = "!/etc/initrd-release"; - }; - timerConfig = { - OnCalendar = "weekly"; - AccuracySec = "1h"; - Persistent = "true"; - RandomizedDelaySec = "6000"; - }; - }; - services.fstrim = lib.mkIf cfg.ssd { - wantedBy = lib.mkForce []; - unitConfig = { - Description = "Discard unused blocks on filesystems from /etc/fstab"; - Documentation = "man:fstrim(8)"; - ConditionVirtualization = "!container"; - }; - serviceConfig = { - Type = "oneshot"; - ExecStart = "${pkgs.util-linux}/bin/fstrim --listed-in /etc/fstab:/proc/self/mountinfo --verbose --quiet-unsupported"; - PrivateDevices = "no"; - PrivateNetwork = "yes"; - PrivateUsers = "no"; - ProtectKernelTunables = "yes"; - ProtectKernelModules = "yes"; - ProtectControlGroups = "yes"; - MemoryDenyWriteExecute = "yes"; - SystemCallFilter = "@default @file-system @basic-io @system-service"; - }; - }; - }; - - fileSystems = { - "/" = { - device = "none"; - fsType = "tmpfs"; - options = ["defaults" "size=4G" "mode=755"]; - }; - "/nix" = { - device = cfg.mainDisk; - fsType = "btrfs"; - options = ["subvol=nix-store"] ++ defaultMountOptions; - }; - "/srv" = { - device = cfg.mainDisk; - fsType = "btrfs"; - neededForBoot = true; - options = ["subvol=persistent-storage"] ++ defaultMountOptions; - }; - "/swap" = { - device = cfg.mainDisk; - fsType = "btrfs"; - neededForBoot = true; - options = ["subvol=swap"] ++ defaultMountOptions; - }; - "/boot" = { - device = cfg.efiDisk; - fsType = "vfat"; - }; - }; - swapDevices = []; - zramSwap = { - enable = true; - priority = 10; # needs to be higher than harware-swap - }; - boot.kernelParams = [ - "resume=UUID=${cfg.swap.uuid}" - "resume_offset=${cfg.swap.resumeOffset}" - "zswap.enabled=0" # zswap and zram are not really compatible - ]; - }; -} diff --git a/system/services/backup/default.nix b/system/services/backup/default.nix index 7d96d3fe..170fecba 100644 --- a/system/services/backup/default.nix +++ b/system/services/backup/default.nix @@ -55,7 +55,6 @@ in { }; timers.backup = { wantedBy = ["timers.target"]; - wants = ["backup.service"]; unitConfig = { Description = "Backup 15min after boot"; }; |