From 33205b70a9c5daf9fe40008bbf68bcac2316069e Mon Sep 17 00:00:00 2001 From: Jonni Liljamo Date: Thu, 11 Dec 2025 18:42:12 +0200 Subject: [PATCH] feat: arwen untested --- flake.lock | 16 +++ flake.nix | 1 + modules/hosts/ws/arwen/_nixos/default.nix | 36 ++++++ .../arwen/_nixos/hardware-configuration.nix | 48 ++++++++ .../_nixos/not-managed-by-modules-yet.nix | 14 +++ .../hosts/ws/arwen/_nixos/preservation.nix | 55 +++++++++ modules/hosts/ws/arwen/default.nix | 113 ++++++++++++++++++ modules/hosts/ws/arwen/niri.kdl | 74 ++++++++++++ 8 files changed, 357 insertions(+) create mode 100644 modules/hosts/ws/arwen/_nixos/default.nix create mode 100644 modules/hosts/ws/arwen/_nixos/hardware-configuration.nix create mode 100644 modules/hosts/ws/arwen/_nixos/not-managed-by-modules-yet.nix create mode 100644 modules/hosts/ws/arwen/_nixos/preservation.nix create mode 100644 modules/hosts/ws/arwen/default.nix create mode 100644 modules/hosts/ws/arwen/niri.kdl diff --git a/flake.lock b/flake.lock index 8c5cae0..54a94f2 100644 --- a/flake.lock +++ b/flake.lock @@ -864,6 +864,21 @@ "type": "github" } }, + "preservation": { + "locked": { + "lastModified": 1757436102, + "narHash": "sha256-mMI9IanU+Xw+pVogD2oT0I2kTmvz2Un/Apc5+CwUpEY=", + "owner": "nix-community", + "repo": "preservation", + "rev": "93416f4614ad2dfed5b0dcf12f27e57d27a5ab11", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "preservation", + "type": "github" + } + }, "root": { "inputs": { "flake-parts": "flake-parts", @@ -879,6 +894,7 @@ "nixpkgs-stable": "nixpkgs-stable", "nixpkgs-unstable": "nixpkgs-unstable", "nvim-flake": "nvim-flake", + "preservation": "preservation", "sops-nix": "sops-nix" } }, diff --git a/flake.nix b/flake.nix index 0c2188b..db5064f 100644 --- a/flake.nix +++ b/flake.nix @@ -27,6 +27,7 @@ # System related modules impermanence.url = "github:nix-community/impermanence"; + preservation.url = "github:nix-community/preservation"; sops-nix.url = "github:Mic92/sops-nix"; # Hyprland diff --git a/modules/hosts/ws/arwen/_nixos/default.nix b/modules/hosts/ws/arwen/_nixos/default.nix new file mode 100644 index 0000000..0ec0ea0 --- /dev/null +++ b/modules/hosts/ws/arwen/_nixos/default.nix @@ -0,0 +1,36 @@ +{pkgs, ...}: { + imports = [ + ./hardware-configuration.nix + ./preservation.nix + ./not-managed-by-modules-yet.nix + ]; + + boot.loader.systemd-boot.enable = true; + boot.loader.systemd-boot.configurationLimit = 9; + boot.loader.efi.canTouchEfiVariables = true; + + boot.initrd.systemd.enable = true; + boot.initrd.systemd.services.wipe = { + wantedBy = ["initrd.target"]; + after = ["zfs-import-zpool.service"]; + before = ["sysroot.mount"]; + path = with pkgs; [zfs]; + unitConfig.DefaultDependencies = "no"; + serviceConfig.Type = "oneshot"; + script = '' + zfs rollback -r zpool/root@blank + zfs rollback -r zpool/home@blank + ''; + }; + + sops.defaultSopsFile = ../../../../../secrets/arwen/secrets.yaml; + sops.gnupg.sshKeyPaths = ["/persist/etc/ssh/ssh_host_rsa_key"]; + sops.age.sshKeyPaths = ["/persist/etc/ssh/ssh_host_ed25519_key"]; + + networking.hostId = "9c928f21"; + networking.networkmanager.enable = true; + + time.timeZone = "Europe/Helsinki"; + + system.stateVersion = "25.11"; +} diff --git a/modules/hosts/ws/arwen/_nixos/hardware-configuration.nix b/modules/hosts/ws/arwen/_nixos/hardware-configuration.nix new file mode 100644 index 0000000..18ff706 --- /dev/null +++ b/modules/hosts/ws/arwen/_nixos/hardware-configuration.nix @@ -0,0 +1,48 @@ +{ + config, + lib, + modulesPath, + ... +}: { + imports = [ + (modulesPath + "/installer/scan/not-detected.nix") + ]; + + boot.initrd.availableKernelModules = ["nvme" "xhci_pci" "usb_storage" "sd_mod" "sdhci_pci"]; + boot.initrd.kernelModules = ["zfs"]; + boot.kernelModules = ["kvm-amd"]; + boot.supportedFilesystems = ["zfs"]; + + fileSystems."/" = { + device = "zpool/root"; + fsType = "zfs"; + neededForBoot = true; + }; + + fileSystems."/home" = { + device = "zpool/home"; + fsType = "zfs"; + neededForBoot = true; + }; + + fileSystems."/nix" = { + device = "zpool/nix"; + fsType = "zfs"; + neededForBoot = true; + }; + + fileSystems."/persist" = { + device = "zpool/persist"; + fsType = "zfs"; + neededForBoot = true; + }; + + fileSystems."/boot" = { + device = "/dev/disk/by-uuid/DE99-660A"; + fsType = "vfat"; + options = ["fmask=0022" "dmask=0022"]; + }; + + nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; + hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; +} diff --git a/modules/hosts/ws/arwen/_nixos/not-managed-by-modules-yet.nix b/modules/hosts/ws/arwen/_nixos/not-managed-by-modules-yet.nix new file mode 100644 index 0000000..7060f0e --- /dev/null +++ b/modules/hosts/ws/arwen/_nixos/not-managed-by-modules-yet.nix @@ -0,0 +1,14 @@ +{pkgs, ...}: { + environment.systemPackages = with pkgs; [ + prismlauncher + ]; + + services.libinput.enable = true; + + programs.firefox.enable = true; + + services.logind = { + settings.Login.HandlePowerKey = "suspend"; + settings.Login.HandleLidSwitch = "suspend"; + }; +} diff --git a/modules/hosts/ws/arwen/_nixos/preservation.nix b/modules/hosts/ws/arwen/_nixos/preservation.nix new file mode 100644 index 0000000..6f47954 --- /dev/null +++ b/modules/hosts/ws/arwen/_nixos/preservation.nix @@ -0,0 +1,55 @@ +{...}: { + preservation = { + enable = true; + preserveAt."/persist" = { + files = [ + # Machine ID + { + file = "/etc/machine-id"; + inInitrd = true; + } + + # SSH host keys + { + file = "/etc/ssh/ssh_host_rsa_key"; + how = "symlink"; + configureParent = true; + } + { + file = "/etc/ssh/ssh_host_ed25519_key"; + how = "symlink"; + configureParent = true; + } + ]; + directories = [ + # NixOS state + "/var/lib/nixos" + + # Tailscale state + "/var/lib/tailscale" + + # NetworkManager connections + "/etc/NetworkManager/system-connections" + ]; + users.skye = { + directories = [ + # SSH state (keys, known_hosts, etc) + { + directory = ".ssh"; + mode = "0700"; + } + + # Dev directory + "dev" + + # Application states + ".local/share/direnv" + ".local/share/PrismLauncher" + ".mozilla" + ]; + }; + }; + }; + + systemd.suppressedSystemUnits = ["systemd-machine-id-commit.service"]; +} diff --git a/modules/hosts/ws/arwen/default.nix b/modules/hosts/ws/arwen/default.nix new file mode 100644 index 0000000..f4f40a2 --- /dev/null +++ b/modules/hosts/ws/arwen/default.nix @@ -0,0 +1,113 @@ +{inputs, ...}: let + channel = "unstable"; + system = "x86_64-linux"; + hostName = "arwen"; +in { + flake.nixosConfigurations.${hostName} = inputs."nixpkgs-${channel}".lib.nixosSystem { + inherit system; + specialArgs = { + inherit inputs; + lib = inputs."nixpkgs-${channel}".lib.extend ( + final: prev: + import ../../../../lib { + inherit inputs; + lib = final; + } + ); + }; + modules = [ + { + networking.hostName = hostName; + } + + ./_nixos + + inputs.nixos-hardware.nixosModules.lenovo-thinkpad-e495 + inputs.preservation.nixosModules.preservation + inputs.sops-nix.nixosModules.sops + inputs."home-manager-${channel}".nixosModules.home-manager + + ({ + config, + lib, + ... + }: let + user = "skye"; + in { + imports = with inputs.self.modules.nixos; + [ + core + amdgpu + audio + nvim + nix + tailscale + lazygit + gnupg + tlp + + home-manager + { + home-manager.users.${user} = { + imports = with inputs.self.modules.homeManager; + [ + git + ] + ++ [ + { + home.stateVersion = config.system.stateVersion; + home.file.".config/niri/config.kdl".source = ./niri.kdl; + } + + # TODO: see alice + { + arta.git = { + email = "jonni@liljamo.com"; + name = "Jonni Liljamo"; + }; + + arta.waybar.extraConfig = { + output = ["eDP-1"]; + + modules-left = ["niri/workspaces"]; + modules-right = [ + "bluetooth" + "custom/sep" + "backlight" + "custom/sep" + "battery" + "custom/sep" + "wireplumber" + "custom/sep" + "disk" + "custom/sep" + "network" + "custom/sep" + "clock" + "custom/sep" + "niri/language" + "tray" + ]; + + "network".interface = "wlp4s0"; + }; + } + ]; + }; + } + ] + ++ [ + inputs.self.modules.nixos.${user} + { + users.users.${user}.extraGroups = ["video"]; + } + ] + ++ lib.flatten [ + (lib.arta.importBoth "niri" user) + (lib.arta.importBoth "shell" user) + (lib.arta.importBoth "passmenu" user) + ]; + }) + ]; + }; +} diff --git a/modules/hosts/ws/arwen/niri.kdl b/modules/hosts/ws/arwen/niri.kdl new file mode 100644 index 0000000..08e5ae2 --- /dev/null +++ b/modules/hosts/ws/arwen/niri.kdl @@ -0,0 +1,74 @@ +input { + keyboard { + xkb { + layout "us,fi" + options "grp:win_space_toggle,ctrl:nocaps" + } + } + + warp-mouse-to-focus + focus-follows-mouse +} + +output "eDP-1" { + mode "1920x1080@60.008" + scale 1 +} + +layout { + gaps 8 + + focus-ring { + off + } + + border { + width 4 + } +} + +spawn-at-startup "waybar" + +hotkey-overlay { + skip-at-startup +} + +prefer-no-csd + +binds { + Mod+Return { spawn "foot"; } + Mod+D { spawn "rofi" "-show" "run"; } + + Mod+Shift+Q { close-window; } + + Mod+Shift+E { quit; } + + Mod+H { focus-column-left; } + Mod+J { focus-window-down; } + Mod+K { focus-window-up; } + Mod+L { focus-column-right; } + + Mod+Shift+H { move-column-left; } + Mod+Shift+J { move-window-down; } + Mod+Shift+K { move-window-up; } + Mod+Shift+L { move-column-right; } + + Mod+1 { focus-workspace 1; } + Mod+2 { focus-workspace 2; } + Mod+3 { focus-workspace 3; } + Mod+4 { focus-workspace 4; } + Mod+5 { focus-workspace 5; } + Mod+6 { focus-workspace 6; } + Mod+7 { focus-workspace 7; } + Mod+8 { focus-workspace 8; } + Mod+9 { focus-workspace 9; } + Mod+Shift+1 { move-column-to-workspace 1; } + Mod+Shift+2 { move-column-to-workspace 2; } + Mod+Shift+3 { move-column-to-workspace 3; } + Mod+Shift+4 { move-column-to-workspace 4; } + Mod+Shift+5 { move-column-to-workspace 5; } + Mod+Shift+6 { move-column-to-workspace 6; } + Mod+Shift+7 { move-column-to-workspace 7; } + Mod+Shift+8 { move-column-to-workspace 8; } + Mod+Shift+9 { move-column-to-workspace 9; } +} -- 2.44.1