nixcfg/systems/x86_64-linux/sgx/hardware-configuration.nix

# Do not modify this file!  It was generated by ‘nixos-generate-config’
# and may be overwritten by future invocations.  Please make changes
# to /etc/nixos/configuration.nix instead.
{ pkgs, config, lib, modulesPath, ... }:

{
  imports = [
    (modulesPath + "/installer/scan/not-detected.nix")
  ];

  boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "usbhid" "uas" "sd_mod" ];
  boot.initrd.kernelModules = [ ];
  boot.kernelModules = [ "kvm-intel" ];
  boot.extraModulePackages = [ ];
  boot.extraModprobeConfig = "options kvm_intel nested=1";

  services.btrfs.autoScrub.enable = true;

  fileSystems = {
    "/" = {
      device = "/dev/disk/by-uuid/7aa17b01-785e-41c6-9723-79195af906c6";
      fsType = "btrfs";
      options = [ "subvol=@" ];
      neededForBoot = true;
    };

    "/boot" = {
      device = "/dev/disk/by-uuid/C902-1AF5";
      fsType = "vfat";
    };

    "/mnt/raid" = {
      fsType = "btrfs";
      device = "/dev/disk/by-uuid/11727be7-bf9b-4888-8b02-d7eb1f898712";
      options = [ "defaults" "compress=zstd" "subvol=root" "autodefrag" "noatime" "nofail" "x-systemd.device-timeout=60" ];
    };

    "/mnt/backup" = {
      fsType = "btrfs";
      device = "/dev/disk/by-uuid/c29e7eac-26ba-41b1-ac3e-11123476b7c5";
      options = [ "defaults" "compress=zstd" "subvol=root" "autodefrag" "noatime" "nofail" "x-systemd.device-timeout=60" ];
    };
  };

  swapDevices =
    [{ device = "/dev/disk/by-uuid/72d061d7-ab18-47b9-beb1-1c465dda1be9"; }];

  environment.etc."crypttab".text = ''
    a16 /dev/disk/by-uuid/6f1c1b24-3c94-44be-8d1b-70db562079c1 /dev/disk/by-id/usb-Ut165_USB2FlashStorage_08050508d213e6-0:0-part1 luks,keyfile-size=256
    b16 /dev/disk/by-uuid/9540de6d-c907-43e4-b740-2d75dbf37135 /dev/disk/by-id/usb-Ut165_USB2FlashStorage_08050508d213e6-0:0-part1 luks,keyfile-size=256
    a4  /dev/disk/by-uuid/72924bd6-3d58-4437-aafd-ae6d2b995fbf /dev/disk/by-id/usb-Ut165_USB2FlashStorage_08050508d213e6-0:0-part1 luks,keyfile-size=256
    b4  /dev/disk/by-uuid/459c8d9a-6e92-4dec-a998-701ab9e76a2e /dev/disk/by-id/usb-Ut165_USB2FlashStorage_08050508d213e6-0:0-part1 luks,keyfile-size=256
    c4  /dev/disk/by-uuid/5c61cbf0-dbca-48e0-948e-71bea3806a6c /dev/disk/by-id/usb-Ut165_USB2FlashStorage_08050508d213e6-0:0-part1 luks,keyfile-size=256
  '';

  systemd.services.hd-idle = {
    description = "Set to idle";
    wantedBy = [ "multi-user.target" ];
    after = [
      "dev-disk-by\\x2did-ata\\x2dST16000NT001\\x2d3LV101_ZRS0K2TX.device"
      "dev-disk-by\\x2did-ata\\x2dST16000NT001\\x2d3LV101_ZRS0K3WR.device"
      "dev-disk-by\\x2did-ata\\x2dWDC_WD40EFRX\\x2d68WT0N0_WD\\x2dWCC4E0710903.device"
      "dev-disk-by\\x2did-ata\\x2dWDC_WD40EFRX\\x2d68WT0N0_WD\\x2dWCC4E0732164.device"
      "dev-disk-by\\x2did-ata\\x2dWDC_WD40EFRX\\x2d68WT0N0_WD\\x2dWCC4E0732505.device"
    ];
    bindsTo = [
      "dev-disk-by\\x2did-ata\\x2dST16000NT001\\x2d3LV101_ZRS0K2TX.device"
      "dev-disk-by\\x2did-ata\\x2dST16000NT001\\x2d3LV101_ZRS0K3WR.device"
      "dev-disk-by\\x2did-ata\\x2dWDC_WD40EFRX\\x2d68WT0N0_WD\\x2dWCC4E0710903.device"
      "dev-disk-by\\x2did-ata\\x2dWDC_WD40EFRX\\x2d68WT0N0_WD\\x2dWCC4E0732164.device"
      "dev-disk-by\\x2did-ata\\x2dWDC_WD40EFRX\\x2d68WT0N0_WD\\x2dWCC4E0732505.device"
    ];
    serviceConfig = {
      Type = "oneshot";
      ExecStart = "${pkgs.bash}/bin/bash -c '${pkgs.hdparm}/sbin/hdparm -S 60 /dev/disk/by-id/ata-*'";
    };
  };

  nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
  hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;

  security.tpm2.enable = true;
  security.tpm2.abrmd.enable = true;
  powerManagement.cpuFreqGovernor = "ondemand";
}