rouven.seifert/nixos-config
1
1
Fork 0
mirror of https://git.sr.ht/~rouven/nixos-config synced 2025-04-27 08:58:30 +02:00
Code Issues Projects Releases Packages Wiki Activity

re-enabled impermanence and secure boot

Browse source
This commit is contained in:
Rouven Seifert 2023-08-02 20:28:22 +02:00
parent 085e064e46
commit a7a6c8e320
Signed by: rouven.seifert
GPG key ID: B95E8FE6B11C4D09
3 changed files with 45 additions and 35 deletions
Download patch file Download diff file Expand all files Collapse all files

36
hosts/thinkpad/hardware-configuration.nix
View file

@ -9,17 +9,26 @@
(modulesPath + "/installer/scan/not-detected.nix")
];
boot.initrd.availableKernelModules = [ "xhci_pci" "thunderbolt" "nvme" "usbhid" "usb_storage" "sd_mod" "sdhci_pci" ];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-intel" ];
boot.extraModulePackages = [ ];
boot.initrd.systemd.enable = true;
boot.initrd.luks.devices."luksroot" = {
device = "/dev/disk/by-uuid/6b89181c-71e0-4e84-8523-2456d3e28400";
allowDiscards = true;
};
boot.initrd.luks.devices."luksswap" = {
device = "/dev/disk/by-uuid/4a5fd2d9-1b37-4895-a24b-835a9cd4063e";
boot = {
initrd = {
availableKernelModules = [ "xhci_pci" "thunderbolt" "nvme" "usbhid" "usb_storage" "sd_mod" "sdhci_pci" ];
kernelModules = [ ];
systemd.enable = true;
luks.devices."luksroot" = {
device = "/dev/disk/by-uuid/6b89181c-71e0-4e84-8523-2456d3e28400";
allowDiscards = true;
};
luks.devices."luksswap" = {
device = "/dev/disk/by-uuid/4a5fd2d9-1b37-4895-a24b-835a9cd4063e";
};
};
kernelModules = [ "kvm-intel" ];
zfs = {
allowHibernation = true;
forceImportRoot = false;
};
};
@ -48,8 +57,9 @@
};
fileSystems."/" =
{
device = "rpool/nixos/fixroot";
fsType = "zfs";
device = "tmpfs";
fsType = "tmpfs";
options = [ "mode=755" ];
};
fileSystems."/boot" =