# Config for framework16 { config, pkgs, lib, ... }: #... luksOpen /dev/mapper/crypt #zpool import -f rpool #mount -t zfs rpool/local/root /mnt #mkdir -p /mnt/{boot,nix,home,persist,var/lib,var/log} #mount /dev/nvme0n1p1 /mnt/boot #mount -t zfs rpool/local/nix /mnt/nix #mount -t zfs rpool/safe/home /mnt/home #mount -t zfs rpool/safe/persist /mnt/persist #mount -t zfs rpool/local/var/lib /mnt/var/lib #mount -t zfs rpool/local/var/log /mnt/var/log let impermanence = builtins.fetchTarball "https://github.com/nix-community/impermanence/archive/master.tar.gz"; in { imports = [ ./hardware-configuration.nix "${impermanence}/nixos.nix" ]; boot = { kernelPackages = config.boot.zfs.package.latestCompatibleLinuxPackages; kernelParams = [ "nohibernate" ]; supportedFilesystems = [ "zfs" ]; loader.systemd-boot.enable = true; loader.efi.canTouchEfiVariables = true; zfs.requestEncryptionCredentials = false; zfs.devNodes = "/dev/disk/by-path"; initrd.luks.devices."crypt".device = "/dev/disk/by-uuid/9f40ebbb-b4b6-42bc-9ae3-493ee933142a"; initrd.postResumeCommands = lib.mkAfter '' zfs rollback -r rpool/local/root@blank ''; }; fileSystems = { "/persist" = { device = "rpool/safe/persist"; fsType = "zfs"; neededForBoot = true; # Only /persist needs to be marked as needed for boot }; }; swapDevices = [ { device = "/dev/nvme0n1p2"; randomEncryption.enable = true; } ]; networking.hostId = "3294c9a2"; # Required for ZFS networking.hostName = "cryochamber"; # networking.wireless.enable = true; # Enables wireless support via wpa_supplicant. environment.persistence."/persist" = { hideMounts = true; directories = [ "/root" "/etc/nixos" "/etc/ssh" ]; files = [ "/etc/machine-id" #"/etc/nix/id_rsa" # Needed? ]; }; # Files are not copied to /persist during install, so need to do so manually #rsync -azPH /mnt/root/ /mnt/persist/root #rsync -azPH /mnt/etc/nixos/ /mnt/persist/etc/nixos #rsync -azPH /mnt/etc/ssh/ /mnt/persist/etc/ssh #cp /mnt/etc/machine-id /mnt/persist/etc/machine-id networking.networkmanager.enable = true; # Set your time zone. time.timeZone = "America/Los_Angeles"; # Select internationalisation properties. i18n.defaultLocale = "en_US.UTF-8"; i18n.extraLocaleSettings = { LC_ADDRESS = "en_US.UTF-8"; LC_IDENTIFICATION = "en_US.UTF-8"; LC_MEASUREMENT = "en_US.UTF-8"; LC_MONETARY = "en_US.UTF-8"; LC_NAME = "en_US.UTF-8"; LC_NUMERIC = "en_US.UTF-8"; LC_PAPER = "en_US.UTF-8"; LC_TELEPHONE = "en_US.UTF-8"; LC_TIME = "en_US.UTF-8"; }; virtualisation.docker = { enable = true; extraOptions = "--storage-driver=overlay2"; }; programs.zsh.enable = true; services.openssh.enable = true; services.openssh.settings.PermitRootLogin = "yes"; # Enable the X11 windowing system. services.xserver.enable = true; # Enable the GNOME Desktop Environment. services.xserver.displayManager.gdm.enable = true; services.xserver.desktopManager.gnome.enable = true; # Configure keymap in X11 services.xserver.xkb = { layout = "us"; variant = ""; }; # Enable CUPS to print documents. services.printing.enable = true; # Enable sound with pipewire. hardware.pulseaudio.enable = false; security.rtkit.enable = true; services.pipewire = { enable = true; alsa.enable = true; alsa.support32Bit = true; pulse.enable = true; # If you want to use JACK applications, uncomment this #jack.enable = true; # use the example session manager (no others are packaged yet so this is enabled by default, # no need to redefine it in your config for now) #media-session.enable = true; }; # Enable touchpad support (enabled default in most desktopManager). # services.xserver.libinput.enable = true; # Define a user account. Don't forget to set a password with ‘passwd’. users.users.hunner = { isNormalUser = true; description = "Hunter Haugen"; extraGroups = [ "docker" "networkmanager" "wheel" ]; hashedPassword = "$y$j9T$hLqdzlz7dbJZgUnKs.eo3/$25s/2X18vGtDKj53qD1sn/.Omp/6CBJWbn7d9KAiOK7"; shell = pkgs.zsh; packages = with pkgs; [ # thunderbird ]; }; # Enable automatic login for the user. services.displayManager.autoLogin.enable = true; services.displayManager.autoLogin.user = "hunner"; # Workaround for GNOME autologin: https://github.com/NixOS/nixpkgs/issues/103746#issuecomment-945091229 systemd.services."getty@tty1".enable = false; systemd.services."autovt@tty1".enable = false; # Install firefox. programs.firefox.enable = true; # Allow unfree packages nixpkgs.config.allowUnfree = true; # List packages installed in system profile. To search, run: # $ nix search wget environment.systemPackages = with pkgs; [ # vim # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default. # wget git vim wget curl htop zfs tmux docker-compose ]; # Some programs need SUID wrappers, can be configured further or are # started in user sessions. # programs.mtr.enable = true; # programs.gnupg.agent = { # enable = true; # enableSSHSupport = true; # }; # List services that you want to enable: # Enable the OpenSSH daemon. # services.openssh.enable = true; # Open ports in the firewall. # networking.firewall.allowedTCPPorts = [ ... ]; # networking.firewall.allowedUDPPorts = [ ... ]; # Or disable the firewall altogether. # networking.firewall.enable = false; # This value determines the NixOS release from which the default # settings for stateful data, like file locations and database versions # on your system were taken. It‘s perfectly fine and recommended to leave # this value at the release version of the first install of this system. # Before changing this value read the documentation for this option # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). system.stateVersion = "24.11"; # Did you read the comment? }