switched the thinkpad to zfs again

2025-04-25 16:08:30 +02:00 · 2023-08-02 18:04:26 +02:00 · 2023-08-02 18:04:26 +02:00 · 085e064e46
commit 085e064e46
parent 3949aa8bb9
6 changed files with 67 additions and 71 deletions
--- a/hosts/thinkpad/default.nix
+++ b/hosts/thinkpad/default.nix
@ -16,20 +16,21 @@
    # This setting is usually set to true in configuration.nix
    # generated at installation time. So we force it to false
    # for now.
-    loader.systemd-boot.enable = lib.mkForce false;
-    lanzaboote = {
-      enable = true;
-      pkiBundle = "/etc/secureboot";
-      configurationLimit = 10;
-    };
+    # loader.systemd-boot.enable = lib.mkForce false;
+    loader.systemd-boot.enable = true;
+    # lanzaboote = {
+    #   enable = true;
+    #   pkiBundle = "/etc/secureboot";
+    #   configurationLimit = 10;
+    # };
    extraModulePackages = [
      config.boot.kernelPackages.v4l2loopback.out
    ];


-    loader.systemd-boot.editor = false;
+    #loader.systemd-boot.editor = false;
    loader.efi.canTouchEfiVariables = true;
-    kernelPackages = pkgs.linuxPackages_latest;
+    kernelPackages = config.boot.zfs.package.latestCompatibleLinuxPackages;
    tmp.useTmpfs = true;
  };

@ -61,19 +62,19 @@
    # ];
  };

-  environment.persistence."/nix/persist/system" = {
-    directories = [
-      "/etc/nixos" # bind mounted from /nix/persist/system/etc/nixos to /etc/nixos
-      "/etc/ssh"
-      "/etc/secureboot"
-      "/root/.ssh"
-    ];
-    files = [
-      "/etc/machine-id"
-    ];
-  };
+  #environment.persistence."/nix/persist/system" = {
+  #  directories = [
+  #    "/etc/nixos" # bind mounted from /nix/persist/system/etc/nixos to /etc/nixos
+  #    "/etc/ssh"
+  #    "/etc/secureboot"
+  #    "/root/.ssh"
+  #  ];
+  #  files = [
+  #    "/etc/machine-id"
+  #  ];
+  #};
  # impermanence fixes
-  sops.age.sshKeyPaths = lib.mkForce [ "/nix/persist/system/etc/ssh/ssh_host_ed25519_key" ];
+  #sops.age.sshKeyPaths = lib.mkForce [ "/nix/persist/system/etc/ssh/ssh_host_ed25519_key" ];
  sops.gnupg.sshKeyPaths = lib.mkForce [ ];

  time.timeZone = "Europe/Berlin";
@ -118,8 +119,6 @@

  security = {
    polkit.enable = true;
-    audit.enable = true;
-    auditd.enable = true;
  };

  services.pipewire = {
@ -158,7 +157,6 @@
      enable = true;
      openFirewall = false;
    };
-    btrfs.autoScrub.enable = true; # periodically check filesystem and repair it
    fwupd.enable = true; # firmware updates
  };

@ -195,7 +193,6 @@

  environment.systemPackages = with pkgs; [
    # hardware utilities
-    btdu
    nvme-cli
    intel-gpu-tools

--- a/hosts/thinkpad/hardware-configuration.nix
+++ b/hosts/thinkpad/hardware-configuration.nix
@ -22,45 +22,39 @@
    device = "/dev/disk/by-uuid/4a5fd2d9-1b37-4895-a24b-835a9cd4063e";
  };

-  fileSystems."/" =
-    {
-      device = "tmpfs";
-      fsType = "tmpfs";
-      options = [ "mode=755" ];
-    };

-
-  fileSystems."/home" =
+  fileSystems."/nix" =
    {
-      device = "/dev/disk/by-uuid/3d44cde5-17a2-4023-b9ae-3a02ae68aa81";
-      fsType = "btrfs";
-      options = [ "subvol=home" "compress=zstd" "discard=async" "noatime" ];
+      device = "rpool/nixos/nix";
+      fsType = "zfs";
    };

  fileSystems."/var/lib" =
    {
-      device = "/dev/disk/by-uuid/3d44cde5-17a2-4023-b9ae-3a02ae68aa81";
-      fsType = "btrfs";
-      options = [ "subvol=lib" "compress=zstd" "discard=async" "noatime" "x-mount.mkdir" ];
+      device = "rpool/nixos/var/lib";
+      fsType = "zfs";
    };

  fileSystems."/var/log" =
    {
-      device = "/dev/disk/by-uuid/3d44cde5-17a2-4023-b9ae-3a02ae68aa81";
-      fsType = "btrfs";
-      options = [ "subvol=log" "compress=zstd" "discard=async" "noatime" "x-mount.mkdir" ];
+      device = "rpool/nixos/var/log";
+      fsType = "zfs";
    };

-  fileSystems."/nix" =
+  fileSystems."/home" =
    {
-      device = "/dev/disk/by-uuid/3d44cde5-17a2-4023-b9ae-3a02ae68aa81";
-      fsType = "btrfs";
-      options = [ "subvol=nix" "compress=zstd" "discard=async" "noatime" ];
+      device = "rpool/nixos/home";
+      fsType = "zfs";
+    };
+  fileSystems."/" =
+    {
+      device = "rpool/nixos/fixroot";
+      fsType = "zfs";
    };

  fileSystems."/boot" =
    {
-      device = "/dev/disk/by-uuid/B174-4DAE";
+      device = "/dev/disk/by-uuid/DF86-7611";
      fsType = "vfat";
    };

--- a/hosts/thinkpad/modules/backup/default.nix
+++ b/hosts/thinkpad/modules/backup/default.nix
@ -21,9 +21,13 @@
          "/home/*/.cache"
          "/home/*/.zcomp*"
          "/home/*/.zcomp*"
-          "/home/*/.local/share/Steam"
-          "/home/*/.local/share/Trash"
-          "/home/*/.local/share/vifm/Trash"
+          "/home/*/.gradle*"
+          "/home/*/.java*"
+          "/home/*/.m2*"
+          "/home/*/.wine*"
+          "/home/*/.mypy_cache*"
+          "/home/*/.local/share"
+          "/home/*/.local/share"
          "/home/*/Linux/Isos"
        ];
      };
--- a/hosts/thinkpad/modules/networks/default.nix
+++ b/hosts/thinkpad/modules/networks/default.nix
@ -14,6 +14,7 @@
  networking = {
    useNetworkd = true;
    hostName = "thinkpad";
+    hostId = "d8d34032";
    enableIPv6 = true;
    wireless = {
      enable = true;