2024-07-01 16:47:35 +00:00
|
|
|
{
|
|
|
|
config,
|
|
|
|
lib,
|
|
|
|
modulesPath,
|
|
|
|
...
|
|
|
|
}:
|
|
|
|
|
|
|
|
let
|
2024-07-03 15:56:10 +00:00
|
|
|
bootUUID = "FC20-D155"; # The UUID of the boot partition.
|
2024-07-03 15:43:21 +00:00
|
|
|
luksUUID = "9fdc521b-a037-4070-af47-f54da03675e4"; # The UUID of the locked LUKS partition.
|
2024-07-01 16:47:35 +00:00
|
|
|
in
|
|
|
|
{
|
|
|
|
imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];
|
|
|
|
|
|
|
|
boot = {
|
2024-08-13 00:09:08 +00:00
|
|
|
# Enable antenna aggregation
|
|
|
|
extraModprobeConfig = ''
|
|
|
|
options iwlwifi 11n_disable=8
|
|
|
|
'';
|
|
|
|
|
2024-07-04 01:13:13 +00:00
|
|
|
initrd.availableKernelModules = [
|
|
|
|
"xhci_pci"
|
|
|
|
"nvme"
|
|
|
|
"usb_storage"
|
|
|
|
"sd_mod"
|
|
|
|
"sdhci_pci"
|
|
|
|
];
|
2024-07-01 16:47:35 +00:00
|
|
|
kernelModules = [ "kvm-intel" ];
|
|
|
|
extraModulePackages = [ ];
|
2024-07-04 01:13:13 +00:00
|
|
|
|
|
|
|
# Enable mdadm for Sapana (RAID 5 primary storage).
|
|
|
|
swraid = {
|
|
|
|
enable = true;
|
|
|
|
mdadmConf = ''
|
|
|
|
ARRAY /dev/md/Sapana metadata=1.2 UUID=51076daf:efdb34dd:bce48342:3b549fcb
|
|
|
|
MAILADDR ${config.secrets.users.aires.email}
|
|
|
|
'';
|
|
|
|
};
|
2024-07-01 16:47:35 +00:00
|
|
|
};
|
|
|
|
|
2024-07-02 22:15:37 +00:00
|
|
|
# Configure the main filesystem.
|
2024-07-04 01:13:13 +00:00
|
|
|
aux.system.filesystem = {
|
2024-07-05 13:36:11 +00:00
|
|
|
enable = true;
|
|
|
|
partitions = {
|
|
|
|
boot = "/dev/disk/by-uuid/${bootUUID}";
|
|
|
|
luks = "/dev/disk/by-uuid/${luksUUID}";
|
2024-07-01 16:47:35 +00:00
|
|
|
};
|
2024-07-05 13:36:11 +00:00
|
|
|
swapFile = {
|
2024-07-02 22:15:37 +00:00
|
|
|
enable = true;
|
2024-07-05 13:36:11 +00:00
|
|
|
size = 16384;
|
2024-07-01 16:47:35 +00:00
|
|
|
};
|
|
|
|
};
|
|
|
|
|
2024-08-27 15:45:42 +00:00
|
|
|
# Automatically scrub the RAID array monthly
|
|
|
|
systemd.services."raid-scrub" = {
|
|
|
|
description = "Periodically scrub RAID volumes for errors.";
|
|
|
|
serviceConfig = {
|
|
|
|
Type = "oneshot";
|
|
|
|
User = "root";
|
|
|
|
};
|
|
|
|
script = "echo check > /sys/block/md127/md/sync_action";
|
|
|
|
};
|
|
|
|
systemd.timers."raid-scrub" = {
|
|
|
|
description = "Periodically scrub RAID volumes for errors.";
|
|
|
|
wantedBy = [ "timers.target" ];
|
|
|
|
timerConfig = {
|
|
|
|
OnCalendar = "monthly";
|
|
|
|
Persistent = true;
|
|
|
|
Unit = "raid-scrub.service";
|
|
|
|
};
|
|
|
|
};
|
|
|
|
|
2024-07-01 16:47:35 +00:00
|
|
|
hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
|
2024-08-23 14:56:14 +00:00
|
|
|
|
|
|
|
# Detect keyboard as "internal" so we can automatically disable the touchpad while typing
|
|
|
|
# If this doesn't work, try changing "MatchName" to "AT Raw Set 2 keyboard"
|
|
|
|
environment.etc."libinput/keyboard-touchpard.quirks" = {
|
|
|
|
mode = "0600";
|
|
|
|
text = ''
|
|
|
|
[Microsoft Surface Type Cover Touchpad]
|
|
|
|
MatchUdevType=touchpad
|
|
|
|
MatchName=*Microsoft Surface Type Cover Touchpad
|
|
|
|
AttrKeyboardIntegration=internal
|
|
|
|
|
|
|
|
[Microsoft Surface Type Cover Keyboard]
|
|
|
|
MatchUdevType=keyboard
|
|
|
|
MatchName=*Microsoft Surface Type Cover Keyboard
|
|
|
|
AttrKeyboardIntegration=internal
|
|
|
|
'';
|
|
|
|
};
|
2024-07-01 16:47:35 +00:00
|
|
|
}
|