fern/flock
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

btrfs on muskduck

Browse source
This commit is contained in:
Fern Garden 2025-09-19 14:23:17 +08:00
parent 92058f9bfd
commit b89c9af77e
1 changed files with 23 additions and 55 deletions
Download patch file Download diff file Expand all files Collapse all files

78
hosts/muskduck/default.nix
View file

@ -1,70 +1,38 @@
{lib, ...}: {
with lib; {
# Kernel modules. # Kernel modules.
boot.initrd.availableKernelModules = [ boot.initrd.availableKernelModules = ["xhci_pci" "nvme" "usb_storage" "sd_mod"];
"xhci_pci"
"nvme"
"usb_storage"
"sd_mod"
];
boot.kernelModules = ["kvm-intel"]; boot.kernelModules = ["kvm-intel"];
# Enable lanzaboote & secure boot. # Full disk encryption.
boot.initrd.systemd.enable = true; boot.initrd.luks.devices."nvme0n1p2_crypt".device = "/dev/disk/by-uuid/7196bd89-099f-4e9e-80e5-3d6d555272b1";
boot.loader.systemd-boot.enable = mkForce false;
boot.bootspec.enable = true;
boot.lanzaboote = {
enable = true;
pkiBundle = "/var/lib/sbctl";
settings.timeout = 0;
};
# Root filesystem. # Root filesystem.
fileSystems."/" = { fileSystems."/" = {
device = "/dev/disk/by-uuid/63d79656-aa5b-466a-b369-be5eac3f51ab"; device = "/dev/disk/by-uuid/bea34866-903b-460e-abff-c817e06891c7";
fsType = "ext4"; fsType = "btrfs";
options = ["subvol=root"];
}; };
boot.initrd.luks.devices."luks-93fa00bc-777f-4359-bad5-880c29faca0d".device = "/dev/disk/by-uuid/93fa00bc-777f-4359-bad5-880c29faca0d"; # Nix directory.
fileSystems."/nix" = {
# EFI/boot partition. device = "/dev/disk/by-uuid/bea34866-903b-460e-abff-c817e06891c7";
fileSystems."/boot" = { fsType = "btrfs";
device = "/dev/disk/by-uuid/EBD7-3E1C"; options = ["subvol=nix"];
fsType = "vfat";
options = [
"fmask=0077"
"dmask=0077"
];
}; };
# Share Music dir. # Home directory.
services.samba = { fileSystems."/home" = {
enable = true; device = "/dev/disk/by-uuid/bea34866-903b-460e-abff-c817e06891c7";
openFirewall = true; fsType = "btrfs";
settings = { options = ["subvol=home"];
global = {
"workgroup" = "FLOCK";
"server string" = "muskduck";
"netbios name" = "muskduck";
"security" = "user";
};
"Music" = {
"path" = "/home/fern/Music";
"browseable" = "yes";
"read only" = "yes";
"guest ok" = "no";
};
};
}; };
services.samba-wsdd = { # Swap.
enable = true; fileSystems."/swap" = {
openFirewall = true; device = "/dev/disk/by-uuid/bea34866-903b-460e-abff-c817e06891c7";
fsType = "btrfs";
options = ["subvol=swap"];
}; };
flock.docker = { swapDevices = [{device = "/swap/swapfile";}];
enable = true;
};
} }