chore: Flake | a bit of cleanup
This commit is contained in:
15
flake.nix
15
flake.nix
@@ -43,11 +43,6 @@
|
|||||||
outputs = {
|
outputs = {
|
||||||
self,
|
self,
|
||||||
nixpkgs,
|
nixpkgs,
|
||||||
home-manager,
|
|
||||||
disko,
|
|
||||||
lanzaboote,
|
|
||||||
nixos-hardware,
|
|
||||||
sops-nix,
|
|
||||||
...
|
...
|
||||||
} @ inputs:
|
} @ inputs:
|
||||||
let
|
let
|
||||||
@@ -60,10 +55,10 @@
|
|||||||
"${host}" = nixpkgs.lib.nixosSystem {
|
"${host}" = nixpkgs.lib.nixosSystem {
|
||||||
inherit system;
|
inherit system;
|
||||||
modules = [
|
modules = [
|
||||||
lanzaboote.nixosModules.lanzaboote
|
inputs.lanzaboote.nixosModules.lanzaboote
|
||||||
disko.nixosModules.disko
|
inputs.disko.nixosModules.disko
|
||||||
nixos-hardware.nixosModules.framework-13-7040-amd
|
inputs.nixos-hardware.nixosModules.framework-13-7040-amd
|
||||||
sops-nix.nixosModules.sops
|
inputs.sops-nix.nixosModules.sops
|
||||||
./nixos/configuration.nix
|
./nixos/configuration.nix
|
||||||
./nixos/disko-config.nix
|
./nixos/disko-config.nix
|
||||||
./nixos/hardware-configuration.nix
|
./nixos/hardware-configuration.nix
|
||||||
@@ -76,7 +71,7 @@
|
|||||||
};
|
};
|
||||||
|
|
||||||
homeConfigurations = {
|
homeConfigurations = {
|
||||||
"${user}" = home-manager.lib.homeManagerConfiguration {
|
"${user}" = inputs.home-manager.lib.homeManagerConfiguration {
|
||||||
inherit pkgs;
|
inherit pkgs;
|
||||||
modules = [ ./home-manager/home.nix ];
|
modules = [ ./home-manager/home.nix ];
|
||||||
};
|
};
|
||||||
|
|||||||
@@ -12,12 +12,13 @@ in
|
|||||||
boot = {
|
boot = {
|
||||||
loader = {
|
loader = {
|
||||||
# Set this to true on first install. This must be false for secure boot.
|
# Set this to true on first install. This must be false for secure boot.
|
||||||
systemd-boot.enable = lib.mkForce false;
|
systemd-boot.enable = true;
|
||||||
|
# systemd-boot.enable = lib.mkForce false;
|
||||||
efi.canTouchEfiVariables = true;
|
efi.canTouchEfiVariables = true;
|
||||||
};
|
};
|
||||||
|
|
||||||
lanzaboote = {
|
lanzaboote = {
|
||||||
enable = true;
|
enable = false;
|
||||||
pkiBundle = "/etc/secureboot";
|
pkiBundle = "/etc/secureboot";
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|||||||
@@ -6,10 +6,15 @@
|
|||||||
{
|
{
|
||||||
imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];
|
imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];
|
||||||
|
|
||||||
boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" "thunderbolt" "usb_storage" "sd_mod" ];
|
boot = {
|
||||||
boot.initrd.kernelModules = [ ];
|
initrd = {
|
||||||
boot.kernelModules = [ "kvm-amd" ];
|
availableKernelModules = [ "nvme" "xhci_pci" "thunderbolt" "usb_storage" "sd_mod" ];
|
||||||
boot.extraModulePackages = [ ];
|
kernelModules = [ ];
|
||||||
|
};
|
||||||
|
|
||||||
|
kernelModules = [ "kvm-amd" ];
|
||||||
|
extraModulePackages = [ ];
|
||||||
|
};
|
||||||
|
|
||||||
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
|
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
|
||||||
# (the default) this is the recommended approach. When using systemd-networkd it's
|
# (the default) this is the recommended approach. When using systemd-networkd it's
|
||||||
|
|||||||
Reference in New Issue
Block a user