# Do not modify this file!  It was generated by ‘nixos-generate-config’
# and may be overwritten by future invocations.  Please make changes
# to /etc/nixos/configuration.nix instead.
{
  config,
  lib,
  pkgs,
  modulesPath,
  ...
}:

{
  imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];

  boot.kernelModules = [ "kvm-intel" ];
  boot.initrd.availableKernelModules = [
    "ahci"
    "nvme"
    "rng_core"
    "sd_mod"
    "sdhci_pci"
    "thunderbolt"
    "tpm"
    "tpm_crb"
    "tpm_tis"
    "tpm_tis_core"
    "trusted"
    "uas"
    "usb_storage"
    "usbhid"
    "xhci_pci"
    "uas"
  ];
  boot.initrd.kernelModules = [ ];
  boot.kernelPackages = lib.mkOverride 0 pkgs.linuxPackages_latest;
  boot.kernelParams = [
    "lockdown=confidentiality"
    "intel_iommu=on"
    "quiet"
    "splash"
    "video=efifb:nobgrt"
  ];

  boot.extraModulePackages = [ ];

  services.btrfs.autoScrub.enable = true;
  swapDevices = [ { device = "/swapfile"; } ];

  boot.initrd.luks.devices.crypted = {
    device = "/dev/nvme0n1p2";
    preLVM = true;
  };

  fileSystems = {
    "/" = {
      device = "/dev/mapper/crypted";
      fsType = "btrfs";
      options = [ "subvol=/rootfs" ];
      neededForBoot = true;
    };
    "/nix" = {
      device = "/dev/mapper/crypted";
      fsType = "btrfs";
      options = [ "subvol=/nix" ];
      neededForBoot = true;
    };
    "/home" = {
      device = "/dev/mapper/crypted";
      fsType = "btrfs";
      options = [ "subvol=/home" ];
    };
    "/persist" = {
      device = "/dev/mapper/crypted";
      fsType = "btrfs";
      options = [ "subvol=/persist" ];
      neededForBoot = true;
    };
    "/boot" = {
      device = "/dev/disk/by-partlabel/disk-one-ESP";
      fsType = "vfat";
    };
  };

  console.keyMap = "de-latin1-nodeadkeys";
  services.xserver.xkb = {
    layout = "de,de+us";
    variant = "nodeadkeys,";
  };

  # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
  # (the default) this is the recommended approach. When using systemd-networkd it's
  # still possible to use this option, but it's recommended to use it in conjunction
  # with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
  networking.useDHCP = lib.mkDefault true;
  # networking.interfaces.enp82s0u1u3u4.useDHCP = lib.mkDefault true;
  # networking.interfaces.wlp0s20f3.useDHCP = lib.mkDefault true;

  nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
  hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
}