2023-10-21 04:39:51 +00:00
|
|
|
{
|
|
|
|
# config,
|
|
|
|
pkgs,
|
|
|
|
...
|
|
|
|
}: {
|
|
|
|
imports = [
|
|
|
|
# Include the results of the hardware scan.
|
|
|
|
./hardware-configuration.nix
|
|
|
|
];
|
|
|
|
|
2023-11-23 17:34:23 +00:00
|
|
|
# ------------ System ------------
|
2023-11-23 04:54:46 +00:00
|
|
|
|
2023-12-23 01:12:44 +00:00
|
|
|
boot.loader.efi.efiSysMountPoint = "/boot/efi";
|
|
|
|
boot.loader.grub.enableCryptodisk = true;
|
|
|
|
|
|
|
|
boot.initrd = {
|
|
|
|
luks.devices."root" = {
|
2023-12-27 03:42:13 +00:00
|
|
|
device = "/dev/disk/by-uuid/25e06c9e-3f53-4abc-a656-d8b388b27f58"; # UUID for /dev/nvme01np2
|
2023-12-23 01:12:44 +00:00
|
|
|
preLVM = true;
|
|
|
|
keyFile = "/keyfile0.bin";
|
|
|
|
allowDiscards = true;
|
|
|
|
};
|
|
|
|
secrets = {
|
|
|
|
# Create /mnt/etc/secrets/initrd directory and copy keys to it
|
|
|
|
"keyfile0.bin" = "/etc/secrets/initrd/keyfile0.bin";
|
|
|
|
"keyfile1.bin" = "/etc/secrets/initrd/keyfile1.bin";
|
|
|
|
};
|
|
|
|
};
|
|
|
|
|
|
|
|
# Data mount
|
|
|
|
fileSystems."/data" = {
|
|
|
|
device = "/dev/disk/by-uuid/12c28d9c-f781-499c-bd58-ad2608c9322a"; # UUID for /dev/mapper/crypted-data
|
|
|
|
encrypted = {
|
|
|
|
enable = true;
|
|
|
|
label = "crypted-data";
|
|
|
|
blkDev = "/dev/disk/by-uuid/3f16043b-ab85-42af-a3aa-a687372dae67"; # UUID for /dev/nvme1n1p1
|
|
|
|
keyFile = "/keyfile1.bin";
|
|
|
|
};
|
|
|
|
};
|
2023-10-21 04:39:51 +00:00
|
|
|
|
2023-10-29 18:11:54 +00:00
|
|
|
time.timeZone = "America/New_York";
|
|
|
|
|
2023-11-23 17:34:23 +00:00
|
|
|
networking.hostName = "JWST";
|
|
|
|
|
|
|
|
# This value determines the NixOS release from which the default
|
|
|
|
# settings for stateful data, like file locations and database versions
|
|
|
|
# on your system were taken. It's perfectly fine and recommended to leave
|
|
|
|
# this value at the release version of the first install of this system.
|
|
|
|
# Before changing this value read the documentation for this option
|
|
|
|
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
|
2023-12-23 01:12:44 +00:00
|
|
|
system.stateVersion = "23.11"; # Did you read the comment?
|
2023-11-23 17:34:23 +00:00
|
|
|
|
|
|
|
# ------------ Graphics ------------
|
|
|
|
|
2023-12-21 05:50:27 +00:00
|
|
|
hardware.opengl.extraPackages = with pkgs; [
|
|
|
|
intel-compute-runtime
|
|
|
|
vaapiVdpau
|
|
|
|
];
|
2023-10-21 04:39:51 +00:00
|
|
|
|
2023-11-23 17:21:10 +00:00
|
|
|
hardware.nvidia = {
|
|
|
|
modesetting.enable = true;
|
|
|
|
powerManagement.enable = false;
|
|
|
|
powerManagement.finegrained = false;
|
|
|
|
open = false;
|
|
|
|
nvidiaSettings = true;
|
|
|
|
prime = {
|
|
|
|
offload.enable = true;
|
|
|
|
offload.enableOffloadCmd = true;
|
|
|
|
intelBusId = "PCI:0:2:0";
|
|
|
|
nvidiaBusId = "PCI:1:0:0";
|
|
|
|
};
|
|
|
|
};
|
|
|
|
|
|
|
|
services.xserver.videoDrivers = ["nvidia"];
|
2023-10-21 04:39:51 +00:00
|
|
|
}
|