From d5ed80fa1b4106218c8ef9df01c2f0c8b5bee6d0 Mon Sep 17 00:00:00 2001 From: lucy Date: Fri, 6 Mar 2026 19:06:32 +0100 Subject: [PATCH] split config into cyberia and wired --- configuration.nix | 3 +- flake.lock | 122 +++++++++++++++++++++++++++++++++++++ flake.nix | 47 ++++++++++++-- hardware-configuration.nix | 14 ++--- home/hyprland.nix | 5 +- 5 files changed, 176 insertions(+), 15 deletions(-) diff --git a/configuration.nix b/configuration.nix index d201075..75221fe 100755 --- a/configuration.nix +++ b/configuration.nix @@ -19,7 +19,6 @@ noto-fonts-cjk-sans noto-fonts nerd-fonts._0xproto - gnome-tweaks ]; }; services.displayManager.gdm.enable = true; @@ -79,7 +78,6 @@ services.tlp.enable = true; services.auto-cpufreq.enable = true; - networking.hostName = "wired"; # Define your hostname. # networking.wireless.enable = true; # Enables wireless support via wpa_supplicant. # Configure network proxy if necessary @@ -140,6 +138,7 @@ gnomeExtensions.blur-my-shell gnomeExtensions.appindicator gnomeExtensions.just-perfection + sbctl ]; programs.steam = { diff --git a/flake.lock b/flake.lock index 8b72d6d..710805e 100644 --- a/flake.lock +++ b/flake.lock @@ -68,6 +68,21 @@ "type": "github" } }, + "crane": { + "locked": { + "lastModified": 1765145449, + "narHash": "sha256-aBVHGWWRzSpfL++LubA0CwOOQ64WNLegrYHwsVuVN7A=", + "owner": "ipetkov", + "repo": "crane", + "rev": "69f538cdce5955fcd47abfed4395dc6d5194c1c5", + "type": "github" + }, + "original": { + "owner": "ipetkov", + "repo": "crane", + "type": "github" + } + }, "firefox-gnome-theme": { "flake": false, "locked": { @@ -84,6 +99,22 @@ "type": "github" } }, + "flake-compat": { + "flake": false, + "locked": { + "lastModified": 1761588595, + "narHash": "sha256-XKUZz9zewJNUj46b4AJdiRZJAvSZ0Dqj2BNfXvFlJC4=", + "owner": "edolstra", + "repo": "flake-compat", + "rev": "f387cd2afec9419c8ee37694406ca490c3f34ee5", + "type": "github" + }, + "original": { + "owner": "edolstra", + "repo": "flake-compat", + "type": "github" + } + }, "flake-parts": { "inputs": { "nixpkgs-lib": [ @@ -142,6 +173,28 @@ "type": "github" } }, + "gitignore": { + "inputs": { + "nixpkgs": [ + "lanzaboote", + "pre-commit", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1709087332, + "narHash": "sha256-HG2cCnktfHsKV0s4XW83gU3F57gaTljL9KNSuG6bnQs=", + "owner": "hercules-ci", + "repo": "gitignore.nix", + "rev": "637db329424fd7e46cf4185293b9cc8c88c95394", + "type": "github" + }, + "original": { + "owner": "hercules-ci", + "repo": "gitignore.nix", + "type": "github" + } + }, "gnome-shell": { "flake": false, "locked": { @@ -221,6 +274,30 @@ "type": "github" } }, + "lanzaboote": { + "inputs": { + "crane": "crane", + "nixpkgs": [ + "nixpkgs" + ], + "pre-commit": "pre-commit", + "rust-overlay": "rust-overlay" + }, + "locked": { + "lastModified": 1765382359, + "narHash": "sha256-RJmgVDzjRI18BWVogG6wpsl1UCuV6ui8qr4DJ1LfWZ8=", + "owner": "nix-community", + "repo": "lanzaboote", + "rev": "e8c096ade12ec9130ff931b0f0e25d2f1bc63607", + "type": "github" + }, + "original": { + "owner": "nix-community", + "ref": "v1.0.0", + "repo": "lanzaboote", + "type": "github" + } + }, "nixpkgs": { "locked": { "lastModified": 1770841267, @@ -343,16 +420,61 @@ "type": "github" } }, + "pre-commit": { + "inputs": { + "flake-compat": "flake-compat", + "gitignore": "gitignore", + "nixpkgs": [ + "lanzaboote", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1765016596, + "narHash": "sha256-rhSqPNxDVow7OQKi4qS5H8Au0P4S3AYbawBSmJNUtBQ=", + "owner": "cachix", + "repo": "pre-commit-hooks.nix", + "rev": "548fc44fca28a5e81c5d6b846e555e6b9c2a5a3c", + "type": "github" + }, + "original": { + "owner": "cachix", + "repo": "pre-commit-hooks.nix", + "type": "github" + } + }, "root": { "inputs": { "home-manager": "home-manager", "ignis": "ignis", + "lanzaboote": "lanzaboote", "nixpkgs": "nixpkgs_2", "nixvim": "nixvim", "spicetify-nix": "spicetify-nix", "stylix": "stylix" } }, + "rust-overlay": { + "inputs": { + "nixpkgs": [ + "lanzaboote", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1765075567, + "narHash": "sha256-KFDCdQcHJ0hE3Nt5Gm5enRIhmtEifAjpxgUQ3mzSJpA=", + "owner": "oxalica", + "repo": "rust-overlay", + "rev": "769156779b41e8787a46ca3d7d76443aaf68be6f", + "type": "github" + }, + "original": { + "owner": "oxalica", + "repo": "rust-overlay", + "type": "github" + } + }, "spicetify-nix": { "inputs": { "nixpkgs": "nixpkgs_4", diff --git a/flake.nix b/flake.nix index 92d5e8e..2b38f8f 100755 --- a/flake.nix +++ b/flake.nix @@ -10,6 +10,12 @@ url = "github:ignis-sh/ignis"; inputs.nixpkgs.follows = "nixpkgs"; # recommended }; + lanzaboote = { + url = "github:nix-community/lanzaboote/v1.0.0"; + + # Optional but recommended to limit the size of your system closure. + inputs.nixpkgs.follows = "nixpkgs"; + }; }; outputs = @@ -20,6 +26,7 @@ spicetify-nix, nixvim, home-manager, + lanzaboote, ... }@inputs: let @@ -27,12 +34,44 @@ pkgs = import nixpkgs { inherit system; }; in { - nixosConfigurations.wired = nixpkgs.lib.nixosSystem { + nixosConfigurations.cyberia = nixpkgs.lib.nixosSystem { inherit system; modules = [ stylix.nixosModules.stylix home-manager.nixosModules.home-manager + lanzaboote.nixosModules.lanzaboote + ( + { + pkgs, + lib, + config, + ... + }: + { + networking.hostName = "cyberia"; + + environment.systemPackages = [ + # For debugging and troubleshooting Secure Boot. + pkgs.sbctl + ]; + services.xserver.videoDrivers = [ "nvidia" ]; + hardware.nvidia.package = config.boot.kernelPackages.nvidiaPackages.stable; + hardware.nvidia.modesetting.enable = true; + hardware.nvidia.open = true; + + # Lanzaboote currently replaces the systemd-boot module. + # This setting is usually set to true in configuration.nix + # generated at installation time. So we force it to false + # for now. + boot.loader.systemd-boot.enable = lib.mkForce false; + + boot.lanzaboote = { + enable = true; + pkiBundle = "/var/lib/sbctl"; + }; + } + ) ./configuration.nix { @@ -40,8 +79,8 @@ home-manager.useGlobalPkgs = true; home-manager.users.lucy = { imports = [ - inputs.ignis.homeManagerModules.default - nixvim.homeModules.nixvim + inputs.ignis.homeManagerModules.default + nixvim.homeModules.nixvim spicetify-nix.homeManagerModules.spicetify ./home/home.nix @@ -53,7 +92,7 @@ }; homeConfigurations.lucy = home-manager.lib.homeManagerConfiguration { - pkgs = nixpkgs.legacyPackages.${system}; + pkgs = nixpkgs.legacyPackages.${system}; extraSpecialArgs = { inherit inputs; }; modules = [ stylix.homeModules.stylix diff --git a/hardware-configuration.nix b/hardware-configuration.nix index f01a8e9..5797f1c 100755 --- a/hardware-configuration.nix +++ b/hardware-configuration.nix @@ -8,26 +8,24 @@ [ (modulesPath + "/installer/scan/not-detected.nix") ]; - boot.initrd.availableKernelModules = [ "xhci_pci" "nvme" "usb_storage" "sd_mod" "sdhci_pci" ]; + boot.initrd.availableKernelModules = [ "nvme" "ahci" "xhci_pci" "usbhid" "usb_storage" "sd_mod" ]; boot.initrd.kernelModules = [ ]; - boot.kernelModules = [ "kvm-intel" ]; + boot.kernelModules = [ "kvm-amd" ]; boot.extraModulePackages = [ ]; fileSystems."/" = - { device = "/dev/disk/by-uuid/fbea1f31-4ad2-42f7-857a-15f7a1250793"; + { device = "/dev/disk/by-uuid/f1ed7012-39d5-4cac-8603-16767a3a3449"; fsType = "ext4"; }; fileSystems."/boot" = - { device = "/dev/disk/by-uuid/9B5B-14D1"; + { device = "/dev/disk/by-uuid/E513-A53F"; fsType = "vfat"; options = [ "fmask=0077" "dmask=0077" ]; }; - swapDevices = - [ { device = "/dev/disk/by-uuid/440b6cb1-02bf-4bda-998c-575589ec415a"; } - ]; + swapDevices = [ ]; nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; - hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; + hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; } diff --git a/home/hyprland.nix b/home/hyprland.nix index 0b26942..102aa76 100755 --- a/home/hyprland.nix +++ b/home/hyprland.nix @@ -3,7 +3,10 @@ wayland.windowManager.hyprland.enable = true; wayland.windowManager.hyprland.settings = { "$mod" = "SUPER"; - "monitor" = ",preferred,auto,1"; + monitor = [ + "DP-5,highrr,auto-left,1,bitdepth,10" + "HDMI-A-3,preffered,auto-right,1" + ]; general = { border_size = 4; gaps_in = 5;