diff --git a/firestar/btrbk.nix b/firestar/btrbk.nix index c2df045..8e31373 100644 --- a/firestar/btrbk.nix +++ b/firestar/btrbk.nix @@ -28,14 +28,19 @@ in snapshot_preserve = "7d 5w"; transaction_log = "/var/log/btrbk.log"; volume = { - "/btrfs/hdd" = volumeConfig [ + "/btrfs/nvme1" = volumeConfig [ + "@" + "@development" "@documents" "@downloads" + "@home" + "@instantupload" "@music" - "@pictures" + "@notes" + "@photos" + "@root" "@videos" ]; - "/btrfs/nvme" = volumeConfig [ "@development" ]; }; }; }; @@ -46,8 +51,7 @@ in snapshot_preserve = "2h 2d"; transaction_log = "/var/log/btrbk-games.log"; volume = { - "/btrfs/ssd" = volumeConfig [ "@games" ]; - "/btrfs/nvme2" = volumeConfig [ "@games" ]; + "/btrfs/nvme1" = volumeConfig [ "@games" ]; }; }; }; diff --git a/firestar/default.nix b/firestar/default.nix index fc51748..db79e33 100644 --- a/firestar/default.nix +++ b/firestar/default.nix @@ -1,13 +1,12 @@ # Edit this configuration file to define what should be installed on -# your system. Help is available in the configuration.nix(5) man page -# and in the NixOS manual (accessible by running ‘nixos-help’). +# your system. Help is available in the configuration.nix(5) man page, on +# https://search.nixos.org/options and in the NixOS manual (`nixos-help`). { config, pkgs, ... }: { imports = - [ - # Include the results of the hardware scan. + [ # Include the results of the hardware scan. ./btrbk.nix ./hardware-configuration.nix ./wireguard.nix @@ -19,53 +18,55 @@ secret-key-files = /etc/nix/cache-priv-key.pem ''; - # Bootloader. + # Use the systemd-boot EFI boot loader. boot.loader.systemd-boot.enable = true; boot.loader.efi.canTouchEfiVariables = true; - boot.loader.efi.efiSysMountPoint = "/boot/efi"; - # Setup keyfile - boot.initrd.secrets = { - "/crypto_keyfile.bin" = null; - "/keyfile" = null; - }; + boot.initrd.luks.devices."luks-18cf6425-3540-4121-9313-dc3307d8f42a".device = "/dev/disk/by-uuid/18cf6425-3540-4121-9313-dc3307d8f42a"; boot.extraModulePackages = with config.boot.kernelPackages; [ v4l2loopback ]; - # Enable swap on luks - boot.initrd.luks.devices."luks-28ea4268-e74a-4ed7-9484-b113c676124e".device = "/dev/disk/by-uuid/28ea4268-e74a-4ed7-9484-b113c676124e"; - boot.initrd.luks.devices."luks-28ea4268-e74a-4ed7-9484-b113c676124e".keyFile = "/crypto_keyfile.bin"; - - boot.initrd.luks.devices."cryptdrive4".device = "/dev/disk/by-uuid/d2119824-fe98-449b-9d1b-2ab552568493"; - boot.initrd.luks.devices."cryptdrive4".keyFile = "/keyfile"; - - boot.initrd.luks.devices."cryptdrive3".device = "/dev/disk/by-uuid/99dd440d-c6ed-4149-85a1-e8f22a6f2535"; - boot.initrd.luks.devices."cryptdrive3".keyFile = "/keyfile"; - - boot.initrd.luks.devices."cryptdrive2".device = "/dev/disk/by-uuid/fd0c26d4-db05-4218-826c-51a87dd39eb5"; - boot.initrd.luks.devices."cryptdrive2".keyFile = "/keyfile"; - - boot.initrd.luks.devices."cryptdrive1".device = "/dev/disk/by-uuid/20515efa-5380-4116-946e-7fe527ed3b92"; - boot.initrd.luks.devices."cryptdrive1".keyFile = "/keyfile"; - boot.kernelPackages = pkgs.linuxPackages_latest; boot.binfmt.emulatedSystems = [ "aarch64-linux" ]; fileSystems = { - "/home/asonix/Development".options = [ "compress=zstd" ]; - "/home/asonix/Diskimages".options = [ "compress=zstd" ]; - "/home/asonix/Documents".options = [ "compress=zstd" ]; - "/home/asonix/Downloads".options = [ "compress=zstd" ]; - "/home/asonix/Games".options = [ "compress=zstd" ]; - "/home/asonix/Games2".options = [ "compress=zstd" ]; - "/home/asonix/Music".options = [ "compress=zstd" ]; - "/home/asonix/Pictures".options = [ "compress=zstd" ]; - "/home/asonix/Videos".options = [ "compress=zstd" ]; + "/".options = ["compress=zstd"]; + "/home".options = ["compress=zstd"]; + "/nix".options = ["compress=zstd" "noatime"]; + "/root".options = ["compress=zstd"]; + "/var/log".options = ["compress=zstd"]; + "/home/asonix/Development".options = ["compress=zstd"]; + "/home/asonix/Documents".options = ["compress=zstd"]; + "/home/asonix/Downloads".options = ["compress=zstd"]; + "/home/asonix/Games".options = ["compress=zstd"]; + "/home/asonix/InstantUpload".options = ["compress=zstd"]; + "/home/asonix/Music".options = ["compress=zstd"]; + "/home/asonix/Pictures".options = ["compress=zstd"]; + "/home/asonix/Videos".options = ["compress=zstd"]; }; networking.hostName = "firestar"; # Define your hostname. + services.btrfs.autoScrub = { + enable = true; + interval = "weekly"; + fileSystems = [ + "/" + "/home" + "/root" + "/var/log" + "/home/asonix/Development" + "/home/asonix/Documents" + "/home/asonix/Downloads" + "/home/asonix/Games" + "/home/asonix/InstantUpload" + "/home/asonix/Music" + "/home/asonix/Pictures" + "/home/asonix/Videos" + ]; + }; + # Open ports in the firewall. # networking.firewall.allowedTCPPorts = [ ... ]; # networking.firewall.allowedUDPPorts = [ ... ]; @@ -74,12 +75,27 @@ nix.settings.experimental-features = [ "nix-command" "flakes" ]; - # This value determines the NixOS release from which the default - # settings for stateful data, like file locations and database versions - # on your system were taken. It's perfectly fine and recommended to leave - # this value at the release version of the first install of this system. - # Before changing this value read the documentation for this option - # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). - system.stateVersion = "22.05"; # Did you read the comment? + # Copy the NixOS configuration file and link it from the resulting system + # (/run/current-system/configuration.nix). This is useful in case you + # accidentally delete configuration.nix. + # system.copySystemConfiguration = true; + + # This option defines the first version of NixOS you have installed on this particular machine, + # and is used to maintain compatibility with application data (e.g. databases) created on older NixOS versions. + # + # Most users should NEVER change this value after the initial install, for any reason, + # even if you've upgraded your system to a new NixOS release. + # + # This value does NOT affect the Nixpkgs version your packages and OS are pulled from, + # so changing it will NOT upgrade your system. + # + # This value being lower than the current NixOS release does NOT mean your system is + # out of date, out of support, or vulnerable. + # + # Do NOT change this value unless you have manually inspected all the changes it would make to your configuration, + # and migrated your data accordingly. + # + # For more information, see `man configuration.nix` or https://nixos.org/manual/nixos/stable/options#opt-system.stateVersion . + system.stateVersion = "23.11"; # Did you read the comment? } diff --git a/firestar/hardware-configuration.nix b/firestar/hardware-configuration.nix index 3827629..2b15b2f 100644 --- a/firestar/hardware-configuration.nix +++ b/firestar/hardware-configuration.nix @@ -9,108 +9,110 @@ (modulesPath + "/installer/scan/not-detected.nix") ]; - boot.initrd.availableKernelModules = [ "vmd" "xhci_pci" "ahci" "nvme" "usbhid" "sd_mod" ]; + boot.initrd.availableKernelModules = [ "vmd" "xhci_pci" "ahci" "nvme" "usbhid" "uas" "sd_mod" ]; boot.initrd.kernelModules = [ ]; boot.kernelModules = [ "kvm-intel" ]; boot.extraModulePackages = [ ]; fileSystems."/" = - { device = "/dev/disk/by-uuid/09ed1efd-4baa-42f3-840b-6c4635f3acea"; - fsType = "ext4"; + { device = "/dev/disk/by-uuid/fe8523dd-a04e-4f47-8ba8-f3874e51b06c"; + fsType = "btrfs"; + options = [ "subvol=@" ]; }; - boot.initrd.luks.devices."luks-0da55fa3-569a-4687-ab82-7618c5c8ec0a".device = "/dev/disk/by-uuid/0da55fa3-569a-4687-ab82-7618c5c8ec0a"; + boot.initrd.luks.devices."cryptextroot".device = "/dev/disk/by-uuid/24d40dee-98f9-4126-8fed-fa6d433cf90d"; - fileSystems."/boot/efi" = - { device = "/dev/disk/by-uuid/53F9-82A1"; + fileSystems."/root" = + { device = "/dev/disk/by-uuid/fe8523dd-a04e-4f47-8ba8-f3874e51b06c"; + fsType = "btrfs"; + options = [ "subvol=@root" ]; + }; + + fileSystems."/home" = + { device = "/dev/disk/by-uuid/fe8523dd-a04e-4f47-8ba8-f3874e51b06c"; + fsType = "btrfs"; + options = [ "subvol=@home" ]; + }; + + fileSystems."/var/log" = + { device = "/dev/disk/by-uuid/fe8523dd-a04e-4f47-8ba8-f3874e51b06c"; + fsType = "btrfs"; + options = [ "subvol=@log" ]; + }; + + fileSystems."/btrfs/nvme1" = + { device = "/dev/disk/by-uuid/fe8523dd-a04e-4f47-8ba8-f3874e51b06c"; + fsType = "btrfs"; + }; + + fileSystems."/boot" = + { device = "/dev/disk/by-uuid/9881-231B"; fsType = "vfat"; options = [ "fmask=0022" "dmask=0022" ]; }; - fileSystems."/btrfs/nvme" = - { device = "/dev/disk/by-uuid/344b7e72-1098-448e-9d4f-8170af224605"; - fsType = "btrfs"; - }; - - boot.initrd.luks.devices."cryptdrive1".device = "/dev/disk/by-uuid/20515efa-5380-4116-946e-7fe527ed3b92"; - - fileSystems."/home/asonix/Development" = - { device = "/dev/disk/by-uuid/344b7e72-1098-448e-9d4f-8170af224605"; - fsType = "btrfs"; - options = [ "subvol=@development" ]; - }; - - fileSystems."/btrfs/ssd" = - { device = "/dev/disk/by-uuid/60d35aa5-d38d-4070-9c90-c5adaed90862"; - fsType = "btrfs"; - }; - - boot.initrd.luks.devices."cryptdrive3".device = "/dev/disk/by-uuid/99dd440d-c6ed-4149-85a1-e8f22a6f2535"; - fileSystems."/home/asonix/Games" = - { device = "/dev/disk/by-uuid/60d35aa5-d38d-4070-9c90-c5adaed90862"; + { device = "/dev/disk/by-uuid/fe8523dd-a04e-4f47-8ba8-f3874e51b06c"; fsType = "btrfs"; options = [ "subvol=@games" ]; }; - fileSystems."/btrfs/nvme2" = - { device = "/dev/disk/by-uuid/fe880346-4ec8-4c64-8992-60127a484147"; - fsType = "btrfs"; - }; - - boot.initrd.luks.devices."cryptdrive2".device = "/dev/disk/by-uuid/fd0c26d4-db05-4218-826c-51a87dd39eb5"; - - fileSystems."/home/asonix/Games2" = - { device = "/dev/disk/by-uuid/fe880346-4ec8-4c64-8992-60127a484147"; - fsType = "btrfs"; - options = [ "subvol=@games" ]; - }; - - fileSystems."/btrfs/hdd" = - { device = "/dev/disk/by-uuid/bce8bc87-faf2-4b9e-90d2-cb8281c40c7e"; - fsType = "btrfs"; - }; - - boot.initrd.luks.devices."cryptdrive4".device = "/dev/disk/by-uuid/d2119824-fe98-449b-9d1b-2ab552568493"; - - fileSystems."/home/asonix/Videos" = - { device = "/dev/disk/by-uuid/bce8bc87-faf2-4b9e-90d2-cb8281c40c7e"; - fsType = "btrfs"; - options = [ "subvol=@videos" ]; - }; - - fileSystems."/home/asonix/Pictures" = - { device = "/dev/disk/by-uuid/bce8bc87-faf2-4b9e-90d2-cb8281c40c7e"; - fsType = "btrfs"; - options = [ "subvol=@pictures" ]; - }; - - fileSystems."/home/asonix/Diskimages" = - { device = "/dev/disk/by-uuid/bce8bc87-faf2-4b9e-90d2-cb8281c40c7e"; - fsType = "btrfs"; - options = [ "subvol=@diskimages" ]; - }; - - fileSystems."/home/asonix/Music" = - { device = "/dev/disk/by-uuid/bce8bc87-faf2-4b9e-90d2-cb8281c40c7e"; - fsType = "btrfs"; - options = [ "subvol=@music" ]; - }; - fileSystems."/home/asonix/Documents" = - { device = "/dev/disk/by-uuid/bce8bc87-faf2-4b9e-90d2-cb8281c40c7e"; + { device = "/dev/disk/by-uuid/fe8523dd-a04e-4f47-8ba8-f3874e51b06c"; fsType = "btrfs"; options = [ "subvol=@documents" ]; }; fileSystems."/home/asonix/Downloads" = - { device = "/dev/disk/by-uuid/bce8bc87-faf2-4b9e-90d2-cb8281c40c7e"; + { device = "/dev/disk/by-uuid/fe8523dd-a04e-4f47-8ba8-f3874e51b06c"; fsType = "btrfs"; options = [ "subvol=@downloads" ]; }; + fileSystems."/home/asonix/Pictures" = + { device = "/dev/disk/by-uuid/fe8523dd-a04e-4f47-8ba8-f3874e51b06c"; + fsType = "btrfs"; + options = [ "subvol=@photos" ]; + }; + + fileSystems."/home/asonix/Videos" = + { device = "/dev/disk/by-uuid/fe8523dd-a04e-4f47-8ba8-f3874e51b06c"; + fsType = "btrfs"; + options = [ "subvol=@videos" ]; + }; + + fileSystems."/home/asonix/Music" = + { device = "/dev/disk/by-uuid/fe8523dd-a04e-4f47-8ba8-f3874e51b06c"; + fsType = "btrfs"; + options = [ "subvol=@music" ]; + }; + + fileSystems."/home/asonix/InstantUpload" = + { device = "/dev/disk/by-uuid/fe8523dd-a04e-4f47-8ba8-f3874e51b06c"; + fsType = "btrfs"; + options = [ "subvol=@instantupload" ]; + }; + + fileSystems."/home/asonix/Notes" = + { device = "/dev/disk/by-uuid/fe8523dd-a04e-4f47-8ba8-f3874e51b06c"; + fsType = "btrfs"; + options = [ "subvol=@notes" ]; + }; + + fileSystems."/home/asonix/Development" = + { device = "/dev/disk/by-uuid/fe8523dd-a04e-4f47-8ba8-f3874e51b06c"; + fsType = "btrfs"; + options = [ "subvol=@development" ]; + }; + + fileSystems."/nix" = + { device = "/dev/disk/by-uuid/fe8523dd-a04e-4f47-8ba8-f3874e51b06c"; + fsType = "btrfs"; + options = [ "subvol=@nix" ]; + }; + swapDevices = - [ { device = "/dev/disk/by-uuid/ec3f1ad9-5f72-4a8e-8562-f25156c936a2"; } + [ { device = "/dev/disk/by-uuid/bc06c7f7-46e2-4372-aa79-ddb5150f35e8"; } ]; # Enables DHCP on each ethernet and wireless interface. In case of scripted networking