add new host tabby, with impermanence

2024-06-05 18:16:21 +02:00 · 2024-06-05 18:16:21 +02:00 · c7811a9b47
commit c7811a9b47
parent 5fab16f8a2
6 changed files with 142 additions and 16 deletions
--- a/flake.lock
+++ b/flake.lock
@ -66,11 +66,11 @@
        "nixpkgs-lib": "nixpkgs-lib"
      },
      "locked": {
-        "lastModified": 1715865404,
-        "narHash": "sha256-/GJvTdTpuDjNn84j82cU6bXztE0MSkdnTWClUCRub78=",
+        "lastModified": 1717285511,
+        "narHash": "sha256-iKzJcpdXih14qYVcZ9QC9XuZYnPc6T8YImb6dX166kw=",
        "owner": "hercules-ci",
        "repo": "flake-parts",
-        "rev": "8dc45382d5206bd292f9c2768b8058a8fd8311d9",
+        "rev": "2a55567fcf15b1b1c7ed712a2c6fadaec7412ea8",
        "type": "github"
      },
      "original": {
@ -119,11 +119,11 @@
        ]
      },
      "locked": {
-        "lastModified": 1716736833,
-        "narHash": "sha256-rNObca6dm7Qs524O4st8VJH6pZ/Xe1gxl+Rx6mcWYo0=",
+        "lastModified": 1717527182,
+        "narHash": "sha256-vWSkg6AMok1UUQiSYVdGMOXKD2cDFnajITiSi0Zjd1A=",
        "owner": "nix-community",
        "repo": "home-manager",
-        "rev": "a631666f5ec18271e86a5cde998cba68c33d9ac6",
+        "rev": "845a5c4c073f74105022533907703441e0464bc3",
        "type": "github"
      },
      "original": {
@ -133,13 +133,28 @@
        "type": "github"
      }
    },
+    "impermanence": {
+      "locked": {
+        "lastModified": 1708968331,
+        "narHash": "sha256-VUXLaPusCBvwM3zhGbRIJVeYluh2uWuqtj4WirQ1L9Y=",
+        "owner": "nix-community",
+        "repo": "impermanence",
+        "rev": "a33ef102a02ce77d3e39c25197664b7a636f9c30",
+        "type": "github"
+      },
+      "original": {
+        "owner": "nix-community",
+        "repo": "impermanence",
+        "type": "github"
+      }
+    },
    "nixpkgs": {
      "locked": {
-        "lastModified": 1717144377,
-        "narHash": "sha256-F/TKWETwB5RaR8owkPPi+SPJh83AQsm6KrQAlJ8v/uA=",
+        "lastModified": 1717281328,
+        "narHash": "sha256-evZPzpf59oNcDUXxh2GHcxHkTEG4fjae2ytWP85jXRo=",
        "owner": "NixOS",
        "repo": "nixpkgs",
-        "rev": "805a384895c696f802a9bf5bf4720f37385df547",
+        "rev": "b3b2b28c1daa04fe2ae47c21bb76fd226eac4ca1",
        "type": "github"
      },
      "original": {
@ -150,23 +165,23 @@
    },
    "nixpkgs-lib": {
      "locked": {
-        "lastModified": 1714640452,
-        "narHash": "sha256-QBx10+k6JWz6u7VsohfSw8g8hjdBZEf8CFzXH1/1Z94=",
+        "lastModified": 1717284937,
+        "narHash": "sha256-lIbdfCsf8LMFloheeE6N31+BMIeixqyQWbSr2vk79EQ=",
        "type": "tarball",
-        "url": "https://github.com/NixOS/nixpkgs/archive/50eb7ecf4cd0a5756d7275c8ba36790e5bd53e33.tar.gz"
+        "url": "https://github.com/NixOS/nixpkgs/archive/eb9ceca17df2ea50a250b6b27f7bf6ab0186f198.tar.gz"
      },
      "original": {
        "type": "tarball",
-        "url": "https://github.com/NixOS/nixpkgs/archive/50eb7ecf4cd0a5756d7275c8ba36790e5bd53e33.tar.gz"
+        "url": "https://github.com/NixOS/nixpkgs/archive/eb9ceca17df2ea50a250b6b27f7bf6ab0186f198.tar.gz"
      }
    },
    "nixpkgs-unstable": {
      "locked": {
-        "lastModified": 1717112898,
-        "narHash": "sha256-7R2ZvOnvd9h8fDd65p0JnB7wXfUvreox3xFdYWd1BnY=",
+        "lastModified": 1717399147,
+        "narHash": "sha256-eCWaE/q1VItpFAxxLVt171MdtDcjEnwi6QB/yuF73JU=",
        "owner": "NixOS",
        "repo": "nixpkgs",
-        "rev": "6132b0f6e344ce2fe34fc051b72fb46e34f668e0",
+        "rev": "4a4ecb0ab415c9fccfb005567a215e6a9564cdf5",
        "type": "github"
      },
      "original": {
@ -181,6 +196,7 @@
        "colmena": "colmena",
        "flake-parts": "flake-parts",
        "home-manager": "home-manager",
+        "impermanence": "impermanence",
        "nixpkgs": "nixpkgs",
        "nixpkgs-unstable": "nixpkgs-unstable"
      }
--- a/flake.nix
+++ b/flake.nix
@ -19,6 +19,8 @@
      inputs.nixpkgs.follows = "nixpkgs";
    };

+    impermanence.url = "github:nix-community/impermanence";
+
    flake-parts.url = "github:hercules-ci/flake-parts";
  };

--- a/hive.nix
+++ b/hive.nix
@ -28,6 +28,7 @@ in
            ./profiles/base
            (import ./overlays)
            inputs.home-manager.nixosModules.home-manager
+            inputs.impermanence.nixosModules.impermanence
          ] ++ builtins.attrValues self.nixosModules;

          config = {
--- a/hosts/tabby/default.nix
+++ b/hosts/tabby/default.nix
@ -0,0 +1,31 @@
+# Edit this configuration file to define what should be installed on
+# your system. Help is available in the configuration.nix(5) man page, on
+# https://search.nixos.org/options and in the NixOS manual (`nixos-help`).
+
+{ pkgs, lib, ... }: {
+  imports = [
+    ../../profiles/desktop
+    ./hardware-configuration.nix
+  ];
+
+  cherrykitten.impermanence.enable = true;
+  boot.loader.systemd-boot.enable = true;
+  boot.loader.efi.canTouchEfiVariables = true;
+
+  networking.wireless.iwd.enable = true;
+
+  # Enable CUPS to print documents.
+  services.printing.enable = true;
+
+  services.fwupd.enable = true;
+
+  services.xserver.xkb.layout = lib.mkForce "us";
+  home-manager.users.sammy.wayland.windowManager.sway.config.input."*".xkb_layout = lib.mkForce "us";
+
+  users.users.sammy.packages = with pkgs; [
+    picard
+    discord
+  ];
+
+  system.stateVersion = "24.05"; # Did you read the comment?
+}
--- a/hosts/tabby/hardware-configuration.nix
+++ b/hosts/tabby/hardware-configuration.nix
@ -0,0 +1,45 @@
+{ config, lib, pkgs, modulesPath, ... }:
+
+{
+  imports =
+    [
+      (modulesPath + "/installer/scan/not-detected.nix")
+    ];
+
+  boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" "thunderbolt" "usbhid" "uas" "sd_mod" ];
+  boot.initrd.kernelModules = [ ];
+  boot.kernelModules = [ "kvm-amd" ];
+  boot.extraModulePackages = [ ];
+
+  fileSystems."/" =
+    {
+      device = "none";
+      fsType = "tmpfs";
+      options = [ "defaults" "size=50%" "mode=755" ];
+    };
+
+  fileSystems."/boot" =
+    {
+      device = "/dev/disk/by-uuid/7BD4-96D5";
+      fsType = "vfat";
+      options = [ "fmask=0022" "dmask=0022" ];
+    };
+
+  fileSystems."/nix" =
+    {
+      device = "/dev/disk/by-uuid/b1377283-89a6-434b-8315-60314dcd56ab";
+      fsType = "btrfs";
+      neededForBoot = true;
+    };
+
+  boot.initrd.luks.devices."nix".device = "/dev/disk/by-uuid/51f9bf11-5b38-4753-b927-2ff3e01dd5e0";
+  boot.initrd.luks.devices."swap".device = "/dev/disk/by-uuid/2c2f9f9d-0eca-4375-b284-108564c48af8";
+
+  swapDevices =
+    [{ device = "/dev/mapper/swap"; }];
+
+  networking.useDHCP = lib.mkDefault true;
+
+  nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
+  hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
+}
--- a/modules/nixos/impermanence/default.nix
+++ b/modules/nixos/impermanence/default.nix
@ -0,0 +1,31 @@
+{ lib, config, ... }:
+
+let
+  cfg = config.cherrykitten.impermanence;
+in
+{
+  options.cherrykitten.impermanence = {
+    enable = lib.mkEnableOption "impermanence";
+  };
+
+  config = lib.mkIf cfg.enable {
+    environment.persistence."/nix/persist" = {
+      hideMounts = true;
+      directories = [
+        "/var/log"
+        "/var/lib/bluetooth"
+        "/var/lib/nixos"
+        "/var/lib/systemd/coredump"
+        "/var/lib/iwd"
+        "/home"
+      ];
+      files = [
+        "/etc/machine-id"
+        "/etc/ssh/ssh_host_rsa_key"
+        "/etc/ssh/ssh_host_rsa_key.pub"
+        "/etc/ssh/ssh_host_ed25519_key"
+        "/etc/ssh/ssh_host_ed25519_key.pub"
+      ];
+    };
+  };
+}