about summary refs log tree commit diff
diff options
context:
space:
mode:
-rw-r--r--.github/workflows/rebuild.yml26
-rw-r--r--flake.lock49
-rw-r--r--flake.nix15
-rw-r--r--machines/x220/default.nix106
-rw-r--r--machines/x220/disko-config.nix87
-rw-r--r--machines/x220/disko.nix76
-rw-r--r--machines/x220/hardware-configuration.nix33
7 files changed, 386 insertions, 6 deletions
diff --git a/.github/workflows/rebuild.yml b/.github/workflows/rebuild.yml
new file mode 100644
index 0000000..2ccd017
--- /dev/null
+++ b/.github/workflows/rebuild.yml
@@ -0,0 +1,26 @@
+name: "Rebuild system"
+
+on:
+  push:
+  workflow_dispatch:
+  schedule:
+  - cron: "0 8 * * 0"
+
+jobs:
+  fetcher:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+
+      - name: "Install Nix ❄️"
+        uses: cachix/install-nix-action@v30
+ 
+      - name: Cachix
+        uses: cachix/cachix-action@v15
+        with:
+          name: pn
+          authToken: '${{ secrets.CACHIX_AUTH_TOKEN }}'
+
+      - name: "Build"
+        id: fetcher
+        run: nix build .#nixosConfigurations.t14.config.system.build.toplevel
diff --git a/flake.lock b/flake.lock
index 4483915..0fedf22 100644
--- a/flake.lock
+++ b/flake.lock
@@ -23,6 +23,26 @@
         "type": "github"
       }
     },
+    "disko": {
+      "inputs": {
+        "nixpkgs": [
+          "nixpkgs"
+        ]
+      },
+      "locked": {
+        "lastModified": 1728109432,
+        "narHash": "sha256-wmbErh8FG7dRKOtMMpHUqDtFjeqt9Zjx4zssSeTalwU=",
+        "owner": "nix-community",
+        "repo": "disko",
+        "rev": "48ebb577855fb2398653f033b3b2208a9249203d",
+        "type": "github"
+      },
+      "original": {
+        "owner": "nix-community",
+        "repo": "disko",
+        "type": "github"
+      }
+    },
     "flake-compat": {
       "locked": {
         "lastModified": 1696426674,
@@ -206,6 +226,21 @@
         "type": "github"
       }
     },
+    "impermanence": {
+      "locked": {
+        "lastModified": 1727649413,
+        "narHash": "sha256-FA53of86DjFdeQzRDVtvgWF9o52rWK70VHGx0Y8fElQ=",
+        "owner": "nix-community",
+        "repo": "impermanence",
+        "rev": "d0b38e550039a72aff896ee65b0918e975e6d48e",
+        "type": "github"
+      },
+      "original": {
+        "owner": "nix-community",
+        "repo": "impermanence",
+        "type": "github"
+      }
+    },
     "nix-darwin": {
       "inputs": {
         "nixpkgs": [
@@ -250,11 +285,11 @@
     },
     "nixos-hardware": {
       "locked": {
-        "lastModified": 1727613673,
-        "narHash": "sha256-qqIffTQfxMYo3MKQ9BoY2s2mdKZNnUiksdnxv81js9U=",
+        "lastModified": 1728056216,
+        "narHash": "sha256-IrO06gFUDTrTlIP3Sz+mRB6WUoO2YsgMtOD3zi0VEt0=",
         "owner": "NixOS",
         "repo": "nixos-hardware",
-        "rev": "f5c239fa9acb27f0a5326ba2949c00fada89ca9f",
+        "rev": "b7ca02c7565fbf6d27ff20dd6dbd49c5b82eef28",
         "type": "github"
       },
       "original": {
@@ -266,11 +301,11 @@
     },
     "nixpkgs": {
       "locked": {
-        "lastModified": 1727540905,
-        "narHash": "sha256-40J9tW7Y794J7Uw4GwcAKlMxlX2xISBl6IBigo83ih8=",
+        "lastModified": 1728067476,
+        "narHash": "sha256-/uJcVXuBt+VFCPQIX+4YnYrHaubJSx4HoNsJVNRgANM=",
         "owner": "nixos",
         "repo": "nixpkgs",
-        "rev": "fbca5e745367ae7632731639de5c21f29c8744ed",
+        "rev": "6e6b3dd395c3b1eb9be9f2d096383a8d05add030",
         "type": "github"
       },
       "original": {
@@ -372,7 +407,9 @@
     },
     "root": {
       "inputs": {
+        "disko": "disko",
         "home-manager": "home-manager",
+        "impermanence": "impermanence",
         "nix-index-database": "nix-index-database",
         "nixos-hardware": "nixos-hardware",
         "nixpkgs": "nixpkgs",
diff --git a/flake.nix b/flake.nix
index 674900f..a480311 100644
--- a/flake.nix
+++ b/flake.nix
@@ -12,6 +12,9 @@
     		nix-index-database.inputs.nixpkgs.follows = "nixpkgs";
 		nixos-hardware.url = "github:NixOS/nixos-hardware/master";
 		ronvim.url = "git+https://codeberg.org/veeronniecaw/ronvim.git?ref=main";
+		disko.url = "github:nix-community/disko";
+  		disko.inputs.nixpkgs.follows = "nixpkgs";
+		impermanence.url = "github:nix-community/impermanence";
 	};
 
 	outputs = { self, nixpkgs, ... }@inputs: 
@@ -55,6 +58,18 @@
 						environment.systemPackages = [ inputs.ronvim.packages.x86_64-linux.default ];
 					}
 			];
+			x220 = nixosSystem "x86_64-linux" "x220" [
+				inputs.nixos-hardware.nixosModules.lenovo-thinkpad-x220
+				inputs.disko.nixosModules.disko
+				inputs.impermanence.nixosModules.impermanence
+				inputs.home-manager.nixosModules.default
+				{
+					home-manager.useGlobalPkgs = true;
+					home-manager.useUserPackages = true;
+					home-manager.users.pn = import ./home.nix;
+				}
+
+			];
 		};
 	};
 }
diff --git a/machines/x220/default.nix b/machines/x220/default.nix
new file mode 100644
index 0000000..a4914ca
--- /dev/null
+++ b/machines/x220/default.nix
@@ -0,0 +1,106 @@
+{ config, pkgs, ... }:
+
+{
+	imports =
+		[ # Include the results of the hardware scan.
+		../base.nix
+		../../modules/gnome.nix
+		../x220-gnome/pass.nix
+		./hardware-configuration.nix
+		../x220-gnome/pn.nix
+		];
+
+# Enable networking
+	networking.networkmanager.enable = true;
+
+# Set your time zone.
+	time.timeZone = "Europe/Warsaw";
+
+# Select internationalisation properties.
+	i18n.defaultLocale = "en_US.UTF-8";
+
+	i18n.extraLocaleSettings = {
+		LC_ALL = "en_US.UTF-8";
+		LC_ADDRESS = "en_US.UTF-8";
+		LC_IDENTIFICATION = "en_US.UTF-8";
+		LC_MEASUREMENT = "en_US.UTF-8";
+		LC_MONETARY = "en_US.UTF-8";
+		LC_NAME = "en_US.UTF-8";
+		LC_NUMERIC = "en_US.UTF-8";
+		LC_PAPER = "en_US.UTF-8";
+		LC_TELEPHONE = "en_US.UTF-8";
+		LC_TIME = "en_US.UTF-8";
+	};
+
+	programs.vim.defaultEditor = true;
+	programs.nano.enable = false;
+	programs.git.enable = true;
+
+# Allow unfree packages
+	nixpkgs.config.allowUnfree = true;
+	nix.settings.experimental-features = [ "flakes" "nix-command" ];
+
+# List packages installed in system profile. To search, run:
+# $ nix search wget
+	environment.systemPackages = with pkgs; [
+#  vim # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default.
+#  wget
+	];
+
+	fileSystems."/persist".neededForBoot = true;
+	environment.persistence."/persistent" = {
+    enable = true;  # NB: Defaults to true, not needed
+    hideMounts = true;
+    directories = [
+      "/var/log"
+      "/var/lib/bluetooth"
+      "/var/lib/nixos"
+      "/var/lib/systemd/coredump"
+      "/etc/NetworkManager/system-connections"
+      { directory = "/var/lib/colord"; user = "colord"; group = "colord"; mode = "u=rwx,g=rx,o="; }
+    ];
+    files = [
+      "/etc/machine-id"
+	"/etc/shadow"
+      { file = "/var/keys/secret_file"; parentDirectory = { mode = "u=rwx,g=,o="; }; }
+    ];
+    users.pn = {
+      directories = [
+        "Downloads"
+        "Music"
+        "Pictures"
+        "Documents"
+        "Videos"
+        "VirtualBox VMs"
+        { directory = ".gnupg"; mode = "0700"; }
+        { directory = ".ssh"; mode = "0700"; }
+        { directory = ".local/share/keyrings"; mode = "0700"; }
+        ".local/share/direnv"
+      ];
+    };
+  };
+
+# Some programs need SUID wrappers, can be configured further or are
+# started in user sessions.
+# programs.mtr.enable = true;
+# programs.gnupg.agent = {
+#   enable = true;
+#   enableSSHSupport = true;
+# };
+
+
+# Open ports in the firewall.
+# networking.firewall.allowedTCPPorts = [ ... ];
+# networking.firewall.allowedUDPPorts = [ ... ];
+# Or disable the firewall altogether.
+# networking.firewall.enable = false;
+
+
+# This value determines the NixOS release from which the default
+# settings for stateful data, like file locations and database versions
+# on your system were taken. It‘s perfectly fine and recommended to leave
+# this value at the release version of the first install of this system.
+# Before changing this value read the documentation for this option
+# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
+
+}
diff --git a/machines/x220/disko-config.nix b/machines/x220/disko-config.nix
new file mode 100644
index 0000000..3512416
--- /dev/null
+++ b/machines/x220/disko-config.nix
@@ -0,0 +1,87 @@
+# USAGE in your configuration.nix.
+# Update devices to match your hardware.
+# {
+#  imports = [ ./disko-config.nix ];
+#  disko.devices.disk.main.device = "/dev/sda";
+#  disko.devices.disk.main.content.partitions.swap.size = "16G"; # Must be greater than RAM to enable hibernation
+# }
+{ lib, config, ... }:
+{
+
+  #boot.initrd.postDeviceCommands = ''
+    #mkdir /btrfs_tmp
+    #mount -t btrfs -o subvol=root,defaults ${config.disko.devices.disk.main.device} /btrfs_tmp
+    #if [[ -e /btrfs_tmp/root ]]; then
+        #mkdir -p /btrfs_tmp/old_roots
+        #timestamp=$(date --date="@$(stat -c %Y /btrfs_tmp/root)" "+%Y-%m-%-d_%H:%M:%S")
+        #mv /btrfs_tmp/root "/btrfs_tmp/old_roots/$timestamp"
+    #fi
+#
+    #delete_subvolume_recursively() {
+        #IFS=$'\n'
+        #for i in $(btrfs subvolume list -o "$1" | cut -f 9- -d ' '); do
+            #delete_subvolume_recursively "/btrfs_tmp/$i"
+        #done
+        #btrfs subvolume delete "$1"
+    #}
+#
+    #for i in $(find /btrfs_tmp/old_roots/ -maxdepth 1 -mtime +30); do
+        #delete_subvolume_recursively "$i"
+    #done
+#
+    #btrfs subvolume create /btrfs_tmp/root
+    #umount /btrfs_tmp
+  #'';
+
+  disko.devices = {
+    disk = {
+      main = {
+	device = "/dev/sda";
+        type = "disk";
+        content = {
+          type = "gpt";
+          partitions = {
+            ESP = {
+              size = "1G";
+              type = "EF00";
+              content = {
+                type = "filesystem";
+                format = "vfat";
+                mountpoint = "/boot";
+                mountOptions = [ "umask=0077" ];
+              };
+            };
+	    swap = {
+	      size = "13G";
+	      content = {
+		type = "swap";
+		discardPolicy = "both";
+                resumeDevice = true;
+	      };
+	    };
+            data = {
+              size = "100%";
+              content = {
+                type = "btrfs";
+		extraArgs = [ "-f" ];
+		mountpoint = "/partition-root";
+		subvolumes = {
+                  "/nix" = {
+                    mountOptions = [ "compress=zstd" "noatime" ];
+                    mountpoint = "/nix";
+                  };
+		  "/persist" = {
+		    mountpoint = "/persist";
+		  };
+		  "/root" = {
+		    mountpoint = "/";
+		  };
+		};
+              };
+            };
+          };
+        };
+      };
+    };
+  };
+}
diff --git a/machines/x220/disko.nix b/machines/x220/disko.nix
new file mode 100644
index 0000000..714cafa
--- /dev/null
+++ b/machines/x220/disko.nix
@@ -0,0 +1,76 @@
+{
+  device ? throw "Set this to your disk device, e.g. /dev/sda",
+  ...
+}: {
+  disko.devices = {
+    disk.main = {
+      inherit device;
+      type = "disk";
+      content = {
+        type = "gpt";
+        partitions = {
+          boot = {
+            name = "boot";
+            size = "1M";
+            type = "EF02";
+          };
+          esp = {
+            name = "ESP";
+            size = "500M";
+            type = "EF00";
+            content = {
+              type = "filesystem";
+              format = "vfat";
+              mountpoint = "/boot";
+            };
+          };
+          swap = {
+            size = "13G";
+            content = {
+              type = "swap";
+              resumeDevice = true;
+            };
+          };
+          root = {
+            name = "root";
+            size = "100%";
+            content = {
+              type = "lvm_pv";
+              vg = "root_vg";
+            };
+          };
+        };
+      };
+    };
+    lvm_vg = {
+      root_vg = {
+        type = "lvm_vg";
+        lvs = {
+          root = {
+            size = "100%FREE";
+            content = {
+              type = "btrfs";
+              extraArgs = ["-f"];
+
+              subvolumes = {
+                "/root" = {
+                  mountpoint = "/";
+                };
+
+                "/persist" = {
+                  mountOptions = ["subvol=persist" "noatime"];
+                  mountpoint = "/persist";
+                };
+
+                "/nix" = {
+                  mountOptions = ["subvol=nix" "noatime"];
+                  mountpoint = "/nix";
+                };
+              };
+            };
+          };
+        };
+      };
+    };
+  };
+}
diff --git a/machines/x220/hardware-configuration.nix b/machines/x220/hardware-configuration.nix
new file mode 100644
index 0000000..9190ff7
--- /dev/null
+++ b/machines/x220/hardware-configuration.nix
@@ -0,0 +1,33 @@
+# Do not modify this file!  It was generated by ‘nixos-generate-config’
+# and may be overwritten by future invocations.  Please make changes
+# to /etc/nixos/configuration.nix instead.
+{ config, lib, pkgs, modulesPath, ... }:
+
+{
+  imports =
+    [ (modulesPath + "/installer/scan/not-detected.nix")
+      (import ./disko.nix { device = "/dev/sda"; })
+    ];
+
+  boot.loader.systemd-boot.enable = true;
+  boot.loader.efi.canTouchEfiVariables = true;
+
+  boot.initrd.availableKernelModules = [ "ehci_pci" "ahci" "sd_mod" "sdhci_pci" ];
+  boot.initrd.kernelModules = [ ];
+  boot.kernelModules = [ "kvm-intel" ];
+  boot.extraModulePackages = [ ];
+
+  # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
+  # (the default) this is the recommended approach. When using systemd-networkd it's
+  # still possible to use this option, but it's recommended to use it in conjunction
+  # with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
+  networking.useDHCP = lib.mkDefault true;
+  # networking.interfaces.enp0s25.useDHCP = lib.mkDefault true;
+  # networking.interfaces.wlp3s0.useDHCP = lib.mkDefault true;
+  # networking.interfaces.wwp0s29u1u4i6.useDHCP = lib.mkDefault true;
+
+  nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
+  hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
+
+  system.stateVersion = "24.05"; # Did you read the comment?
+}