2024-03-21 15:00:36 +01:00
|
|
|
|
# Do not modify this file! It was generated by ‘nixos-generate-config’
|
|
|
|
|
|
# and may be overwritten by future invocations. Please make changes
|
|
|
|
|
|
# to /etc/nixos/configuration.nix instead.
|
2024-11-19 10:31:29 +01:00
|
|
|
|
{
|
|
|
|
|
|
config,
|
|
|
|
|
|
lib,
|
|
|
|
|
|
pkgs,
|
|
|
|
|
|
modulesPath,
|
|
|
|
|
|
...
|
|
|
|
|
|
}:
|
2024-03-21 15:00:36 +01:00
|
|
|
|
|
|
|
|
|
|
{
|
2024-11-19 10:31:29 +01:00
|
|
|
|
imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];
|
2024-03-21 15:00:36 +01:00
|
|
|
|
|
|
|
|
|
|
boot.kernelModules = [ "kvm-intel" ];
|
|
|
|
|
|
boot.initrd.availableKernelModules = [
|
|
|
|
|
|
"ahci"
|
|
|
|
|
|
"nvme"
|
|
|
|
|
|
"rng_core"
|
|
|
|
|
|
"sd_mod"
|
|
|
|
|
|
"sdhci_pci"
|
|
|
|
|
|
"thunderbolt"
|
|
|
|
|
|
"tpm"
|
|
|
|
|
|
"tpm_crb"
|
|
|
|
|
|
"tpm_tis"
|
|
|
|
|
|
"tpm_tis_core"
|
|
|
|
|
|
"trusted"
|
|
|
|
|
|
"uas"
|
|
|
|
|
|
"usb_storage"
|
|
|
|
|
|
"usbhid"
|
|
|
|
|
|
"xhci_pci"
|
|
|
|
|
|
"uas"
|
|
|
|
|
|
];
|
|
|
|
|
|
boot.initrd.kernelModules = [ ];
|
2024-08-08 09:59:42 +02:00
|
|
|
|
boot.kernelPackages = lib.mkOverride 0 pkgs.linuxPackages_latest;
|
2024-03-21 15:00:36 +01:00
|
|
|
|
boot.kernelParams = [
|
|
|
|
|
|
"lockdown=confidentiality"
|
|
|
|
|
|
"intel_iommu=on"
|
|
|
|
|
|
"quiet"
|
|
|
|
|
|
"splash"
|
|
|
|
|
|
"video=efifb:nobgrt"
|
2024-07-25 13:53:52 +02:00
|
|
|
|
];
|
2024-03-21 15:00:36 +01:00
|
|
|
|
|
|
|
|
|
|
boot.extraModulePackages = [ ];
|
|
|
|
|
|
|
|
|
|
|
|
services.btrfs.autoScrub.enable = true;
|
2024-11-19 10:31:29 +01:00
|
|
|
|
swapDevices = [ { device = "/swapfile"; } ];
|
2024-03-21 15:00:36 +01:00
|
|
|
|
|
|
|
|
|
|
boot.initrd.luks.devices.crypted = {
|
|
|
|
|
|
device = "/dev/nvme0n1p2";
|
|
|
|
|
|
preLVM = true;
|
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
|
|
fileSystems = {
|
2024-11-19 10:31:29 +01:00
|
|
|
|
"/" = {
|
|
|
|
|
|
device = "/dev/mapper/crypted";
|
|
|
|
|
|
fsType = "btrfs";
|
|
|
|
|
|
options = [ "subvol=/rootfs" ];
|
|
|
|
|
|
neededForBoot = true;
|
|
|
|
|
|
};
|
2024-03-21 15:00:36 +01:00
|
|
|
|
"/nix" = {
|
|
|
|
|
|
device = "/dev/mapper/crypted";
|
|
|
|
|
|
fsType = "btrfs";
|
|
|
|
|
|
options = [ "subvol=/nix" ];
|
|
|
|
|
|
neededForBoot = true;
|
|
|
|
|
|
};
|
|
|
|
|
|
"/home" = {
|
|
|
|
|
|
device = "/dev/mapper/crypted";
|
|
|
|
|
|
fsType = "btrfs";
|
|
|
|
|
|
options = [ "subvol=/home" ];
|
|
|
|
|
|
};
|
|
|
|
|
|
"/persist" = {
|
|
|
|
|
|
device = "/dev/mapper/crypted";
|
|
|
|
|
|
fsType = "btrfs";
|
|
|
|
|
|
options = [ "subvol=/persist" ];
|
|
|
|
|
|
neededForBoot = true;
|
|
|
|
|
|
};
|
2024-11-19 10:31:29 +01:00
|
|
|
|
"/boot" = {
|
|
|
|
|
|
device = "/dev/disk/by-partlabel/disk-one-ESP";
|
|
|
|
|
|
fsType = "vfat";
|
|
|
|
|
|
};
|
2024-03-21 15:00:36 +01:00
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
|
|
console.keyMap = "de-latin1-nodeadkeys";
|
2024-07-18 10:15:45 +02:00
|
|
|
|
services.xserver.xkb = {
|
2024-07-19 11:45:24 +02:00
|
|
|
|
layout = "de,de+us";
|
2024-08-01 11:18:00 +02:00
|
|
|
|
variant = "nodeadkeys,";
|
2024-03-21 15:00:36 +01:00
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
|
|
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
|
|
|
|
|
|
# (the default) this is the recommended approach. When using systemd-networkd it's
|
|
|
|
|
|
# still possible to use this option, but it's recommended to use it in conjunction
|
|
|
|
|
|
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
|
|
|
|
|
|
networking.useDHCP = lib.mkDefault true;
|
|
|
|
|
|
# networking.interfaces.enp82s0u1u3u4.useDHCP = lib.mkDefault true;
|
|
|
|
|
|
# networking.interfaces.wlp0s20f3.useDHCP = lib.mkDefault true;
|
|
|
|
|
|
|
|
|
|
|
|
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
|
|
|
|
|
|
hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
|
|
|
|
|
|
}
|
