0xa/nix-config
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

add networking unlocking for zfs

Browse source
This commit is contained in:
Grigory Shipunov 2023-07-11 22:24:27 +02:00
parent fcfc0ed9c9
commit f0e33c91c7
Signed by: 0xa
GPG key ID: 91FA5E5BF9AA901C
1 changed files with 50 additions and 7 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

55
hosts/dishwasher/hardware-configuration.nix
View file

@ -9,9 +9,9 @@
(modulesPath + "/installer/scan/not-detected.nix") (modulesPath + "/installer/scan/not-detected.nix")
]; ];
boot.initrd.availableKernelModules = [ "xhci_pci" "thunderbolt" "nvme" "usb_storage" "sd_mod" "rtsx_pci_sdmmc" ]; boot.initrd.availableKernelModules = [ "xhci_pci" "thunderbolt" "nvme" "usb_storage" "sd_mod" "rtsx_pci_sdmmc" "r8169" ];
boot.initrd.kernelModules = [ ]; boot.initrd.kernelModules = [ "r8169" ];
boot.kernelModules = [ "kvm-intel" ]; boot.kernelModules = [ "kvm-intel" "r8169" ];
boot.extraModulePackages = [ ]; boot.extraModulePackages = [ ];
fileSystems."/" = fileSystems."/" =
@ -56,7 +56,50 @@
networking.interfaces.enp53s0.useDHCP = lib.mkDefault true; networking.interfaces.enp53s0.useDHCP = lib.mkDefault true;
networking.interfaces.wlan0.useDHCP = lib.mkDefault true; networking.interfaces.wlan0.useDHCP = lib.mkDefault true;
# hostId for zfs
networking.hostId = "7da4f1e6";
# extra zfs settings
boot = {
loader = {
efi.canTouchEfiVariables = true;
systemd-boot.enable = true;
};
supportedFilesystems = [ "zfs" ];
kernelPackages = pkgs.zfs.latestCompatibleLinuxPackages;
kernelParams = [ "nohibernate" ];
zfs.devNodes = "/dev/";
plymouth.enable = false;
tmp.useTmpfs = true;
};
# remote unlock
boot.initrd.network = {
enable = true;
ssh = {
enable = true;
port = 2222;
hostKeys = [ "/etc/initrd-ssh/key" ];
authorizedKeys = [ "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDP6xE2ey0C8XXfvniiiHiqXsCC277jKI9RXEA+s2LQLUI5zl7v350i3Oa8H3NCcPj39lfMreqE6ncxcOhqYyzahPrrMkOqgbPAoRvq8H3ophLK+56O3xdHoKwLBwRD1yoGACjqG4UTiTrmnN2ateENgYcnTEY1e4vDw1qMj1drUXCsZ/6mkBBmHJiFfCaR4yCMt1r4gGi/dAC7ifnBP3oSyV/lJEwPxYYkGlbOBIvX/7Ar98pJS6xYPB3jHs9gwyNNON63d0fNYrwBojXPPCnGGaRZNOkBTzex3zZYp12ThINQ2xl8tRp9D8qpZ7vrLjhTD6AXkOBRzmDj+NsCeEaeTuWajqUM93iKncYUI+JxR1t7q8gA2pBMFzLesMXnx7R+5Kw7QDtSJM7a4GMIfsocPwf64BH6rzxEz68rXFE3P+J77PPM9CuaYw90JXHo3z220zYw2nMQ/1qjATVZw/hiVrLmQMVfmFJIufnGjTBs2sy3IoNyzvYm/oDeNNg1cdSV9gyyRKZhK08fxjXN5GSf9vZkfZa9tHtqaZ99HI40GQBHUVx1K2/NQJY8TVTSA+v16SFnJK8BIbmp/WFCuvDcMkgLIbqiYtDASe7P2mKIib86uOENT+P820egeLiTQ06kFw/gfUa8t69d5qEcjiQZ+lxCeYIs/E9KrEXHvRUWew== cardno:16 811 34" ];
};
};
services.zfs = {
trim.enable = true;
autoScrub = {
enable = true;
pools = [ "rpool" ];
};
autoSnapshot.enable = true;
};
# update the microcode
hardware.cpu.intel.updateMicrocode = true;
nixpkgs.config.allowUnfree = true;
hardware.enableAllFirmware = true;
services.logind.lidSwitch = "ignore";
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
powerManagement.cpuFreqGovernor = lib.mkDefault "powersave"; powerManagement.cpuFreqGovernor = lib.mkDefault "performance";
hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; }
}