From 87dab6d253c2b1f208f27a9711c19ffad2b71d6f Mon Sep 17 00:00:00 2001 From: Christoph Hollizeck Date: Sat, 22 Nov 2025 14:32:34 +0100 Subject: [PATCH] nixberry: disko --- flake.lock | 120 +++++++-------- flake.nix | 11 +- modules/base/system/nixdaemon.nix | 2 +- modules/hosts/nixberry/default.nix | 23 +-- modules/hosts/nixberry/disko.nix | 224 ++++++++++++++++++++++++++++ modules/hosts/yggdrasil/default.nix | 10 +- 6 files changed, 307 insertions(+), 83 deletions(-) create mode 100644 modules/hosts/nixberry/disko.nix diff --git a/flake.lock b/flake.lock index 7c74acb..655ab28 100644 --- a/flake.lock +++ b/flake.lock @@ -103,11 +103,11 @@ "nixpkgs": "nixpkgs" }, "locked": { - "lastModified": 1763722042, - "narHash": "sha256-/Yc3D3Cx5buzgqxSY0CCwrnISTkJm6fxjsLx+Iwpsdk=", + "lastModified": 1763724081, + "narHash": "sha256-hCgZsbaw21R9uL3iJwG8WT3VCMXVa7xjmxGRf0nwvL4=", "owner": "catppuccin", "repo": "nix", - "rev": "0585eeeac6a265a688837e7d0323699f2a9ac078", + "rev": "e4676e1fd9b09131feadd3df556fd1d3f31fdd2d", "type": "github" }, "original": { @@ -126,11 +126,11 @@ "nixpkgs": "nixpkgs_2" }, "locked": { - "lastModified": 1763659964, - "narHash": "sha256-rSHf01ileP1lOfeAkLrnNK1v4Wx4Yx7A2NwzfDhZD8w=", + "lastModified": 1763748595, + "narHash": "sha256-7vfuJK0cmLOlYCSbq7AL/dJhoz9UaYRrw55OISGWA4I=", "owner": "cachix", "repo": "devenv", - "rev": "a79cc5b53ef8639c74c48d95eae703e2c0c2ec27", + "rev": "575f7c532a6940f0fe55dfb7e527312dcdab8831", "type": "github" }, "original": { @@ -139,6 +139,26 @@ "type": "github" } }, + "disko": { + "inputs": { + "nixpkgs": [ + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1763651264, + "narHash": "sha256-8vvwZbw0s7YvBMJeyPVpWke6lg6ROgtts5N2/SMCcv4=", + "owner": "nix-community", + "repo": "disko", + "rev": "e86a89079587497174ccab6d0d142a65811a4fd9", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "disko", + "type": "github" + } + }, "flake-compat": { "flake": false, "locked": { @@ -261,11 +281,11 @@ "nixpkgs-lib": "nixpkgs-lib" }, "locked": { - "lastModified": 1762980239, - "narHash": "sha256-8oNVE8TrD19ulHinjaqONf9QWCKK+w4url56cdStMpM=", + "lastModified": 1763759067, + "narHash": "sha256-LlLt2Jo/gMNYAwOgdRQBrsRoOz7BPRkzvNaI/fzXi2Q=", "owner": "hercules-ci", "repo": "flake-parts", - "rev": "52a2caecc898d0b46b2b905f058ccc5081f842da", + "rev": "2cccadc7357c0ba201788ae99c4dfa90728ef5e0", "type": "github" }, "original": { @@ -345,11 +365,11 @@ ] }, "locked": { - "lastModified": 1763319842, - "narHash": "sha256-YG19IyrTdnVn0l3DvcUYm85u3PaqBt6tI6VvolcuHnA=", + "lastModified": 1763741496, + "narHash": "sha256-uIRqs/H18YEtMOn1OkbnPH+aNTwXKx+iU3qnxEkVUd0=", "owner": "cachix", "repo": "git-hooks.nix", - "rev": "7275fa67fbbb75891c16d9dee7d88e58aea2d761", + "rev": "20e71a403c5de9ce5bd799031440da9728c1cda1", "type": "github" }, "original": { @@ -536,11 +556,11 @@ ] }, "locked": { - "lastModified": 1763416652, - "narHash": "sha256-8EBEEvtzQ11LCxpQHMNEBQAGtQiCu/pqP9zSovDSbNM=", + "lastModified": 1763748372, + "narHash": "sha256-AUc78Qv3sWir0hvbmfXoZ7Jzq9VVL97l+sP9Jgms+JU=", "owner": "nix-community", "repo": "home-manager", - "rev": "ea164b7c9ccdc2321379c2ff78fd4317b4c41312", + "rev": "d10a9b16b2a3ee28433f3d1c603f4e9f1fecb8e1", "type": "github" }, "original": { @@ -696,11 +716,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1763681820, - "narHash": "sha256-VCkWwhftdupNWo+kncOij63uJzeFYRcrhC9+0iksW/s=", + "lastModified": 1763750925, + "narHash": "sha256-Q5IO8VKW2fFHb6Ix6auy6SEMA6NS6pNeuefBai4+PHY=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "b5a2ef77b7876798d33502f8de006f9c478c12db", + "rev": "abb2f7ee6fc99c31b6fac05568f29c92b59565df", "type": "github" }, "original": { @@ -772,11 +792,11 @@ ] }, "locked": { - "lastModified": 1763647792, - "narHash": "sha256-a/qTiJSwId5BzWwewT3gBVOXMptg/YSckf8DNuf5Cm0=", + "lastModified": 1763732618, + "narHash": "sha256-hvElpSNHbYSBsn/GoJV0RgAecpn3vcC5kJso34XqwJw=", "owner": "hyprwm", "repo": "hyprland-plugins", - "rev": "a70775789ccca28d4065632c160ffcb5bcf52a5e", + "rev": "57961d69ad9725986290c8c0f2b0d118b645daee", "type": "github" }, "original": { @@ -1088,11 +1108,11 @@ "rust-overlay": [] }, "locked": { - "lastModified": 1763709671, - "narHash": "sha256-5G/zAXHf89w9Rr5yYjNybp/+P7pGHAamD8w5XIAPVKA=", + "lastModified": 1763729389, + "narHash": "sha256-VcToDv3/lw3q3sVIqQsMUhSGKEVdQM4h6rnr/XhPBwM=", "owner": "YaLTeR", "repo": "niri", - "rev": "98006a8dbae3ffc629891c463651968c01370c97", + "rev": "012700dd549a79c501bcab92839e5dcc46c372b5", "type": "github" }, "original": { @@ -1115,11 +1135,11 @@ "xwayland-satellite-unstable": "xwayland-satellite-unstable" }, "locked": { - "lastModified": 1763714659, - "narHash": "sha256-80Szc176ZqtcH5OM4CWwdB8r0IygHwkfgxeJR9LVyrQ=", + "lastModified": 1763739228, + "narHash": "sha256-taQ7h8kkyigrdiAHilUXOZiqdT/cCYcpxQentuH+Krc=", "owner": "sodiboo", "repo": "niri-flake", - "rev": "92176961412336bc5ea6344c492c485c527f78a8", + "rev": "4708ce5f7d7c7aec103e22c87c11a711eeafd1fa", "type": "github" }, "original": { @@ -1131,11 +1151,11 @@ "niri-unstable": { "flake": false, "locked": { - "lastModified": 1763709671, - "narHash": "sha256-5G/zAXHf89w9Rr5yYjNybp/+P7pGHAamD8w5XIAPVKA=", + "lastModified": 1763729389, + "narHash": "sha256-VcToDv3/lw3q3sVIqQsMUhSGKEVdQM4h6rnr/XhPBwM=", "owner": "YaLTeR", "repo": "niri", - "rev": "98006a8dbae3ffc629891c463651968c01370c97", + "rev": "012700dd549a79c501bcab92839e5dcc46c372b5", "type": "github" }, "original": { @@ -1205,26 +1225,6 @@ "type": "github" } }, - "nix-ld": { - "inputs": { - "nixpkgs": [ - "nixpkgs-unstable" - ] - }, - "locked": { - "lastModified": 1762763360, - "narHash": "sha256-sGxV5zfmy/s9V+/QA0q2ihCu0FZcKVraFuVKiUavGg8=", - "owner": "Mic92", - "repo": "nix-ld", - "rev": "b6255fb02dfe52ac5ebb515e99ed12b74163db5a", - "type": "github" - }, - "original": { - "owner": "Mic92", - "repo": "nix-ld", - "type": "github" - } - }, "nixos-hardware": { "locked": { "lastModified": 1762847253, @@ -1295,11 +1295,11 @@ ] }, "locked": { - "lastModified": 1763587902, - "narHash": "sha256-kYhcVG34C5MThK6JQp2UeGTooFgi3XEElGk2TNFcTWg=", + "lastModified": 1763738061, + "narHash": "sha256-VpNRcInaj1MOya8NmcqhFmdO7KGO7SSZelJQmPl6HoQ=", "owner": "nix-community", "repo": "NixOS-WSL", - "rev": "cce7a45e8fb3398f669bfd54aaa15047e70c81a8", + "rev": "3bcc267c4e0efa023b98b9c5cfbe11b88ec2dc8f", "type": "github" }, "original": { @@ -1372,11 +1372,11 @@ }, "nixpkgs-master": { "locked": { - "lastModified": 1763722325, - "narHash": "sha256-rGbZ5SIIz53zBbiHw3ufP4ojpJCsNgF7LhbP4IyjEnE=", + "lastModified": 1763759767, + "narHash": "sha256-z0LznuopYN/3XGpixZzgPjknFzmIflUZYr9gUgkLBKs=", "owner": "nixos", "repo": "nixpkgs", - "rev": "bc9f9ed9ceb41728dfa81d45d104598600609398", + "rev": "8e087d5ea60a39676587983dc5829a3346f18c37", "type": "github" }, "original": { @@ -1573,6 +1573,7 @@ "inputs": { "catppuccin": "catppuccin", "devenv": "devenv", + "disko": "disko", "flake-parts": "flake-parts_2", "git-hooks": "git-hooks_2", "gpg-base-conf": "gpg-base-conf", @@ -1587,7 +1588,6 @@ "niri": "niri", "niri-flake": "niri-flake", "nix-gaming": "nix-gaming", - "nix-ld": "nix-ld", "nixos-hardware": "nixos-hardware", "nixos-raspberrypi": "nixos-raspberrypi", "nixos-wsl": "nixos-wsl", @@ -1845,11 +1845,11 @@ ] }, "locked": { - "lastModified": 1763598860, - "narHash": "sha256-XWr2PCMb5PVjowteaoDaj/npkA9i3AgCFfSwAWfLYOQ=", + "lastModified": 1763727223, + "narHash": "sha256-xSg60w84Hd57SQqRjjBBHBxUnoMBgNt9mQDDKGBqQZg=", "owner": "mitchellh", "repo": "zig-overlay", - "rev": "af655d7d9bf9c1592797d1b76c346af4614b847a", + "rev": "c56cf48522ffa05b64b7cfb4d49ac92b160a3aaa", "type": "github" }, "original": { diff --git a/flake.nix b/flake.nix index b46e078..490194b 100644 --- a/flake.nix +++ b/flake.nix @@ -25,11 +25,16 @@ nixos-hardware.url = "github:nixos/nixos-hardware"; - nix-ld = { - url = "github:Mic92/nix-ld"; - inputs.nixpkgs.follows = "nixpkgs-unstable"; + disko = { + url = "github:nix-community/disko"; + inputs.nixpkgs.follows = "nixpkgs"; }; + # nix-ld = { + # url = "github:Mic92/nix-ld"; + # inputs.nixpkgs.follows = "nixpkgs-unstable"; + # }; + nh-flake = { url = "github:nix-community/nh"; inputs.nixpkgs.follows = "nixpkgs-unstable"; diff --git a/modules/base/system/nixdaemon.nix b/modules/base/system/nixdaemon.nix index eeeba29..7d5c74a 100644 --- a/modules/base/system/nixdaemon.nix +++ b/modules/base/system/nixdaemon.nix @@ -11,7 +11,7 @@ username = "cholli"; in { - imports = [ inputs.nix-ld.nixosModules.nix-ld ]; + # imports = [ inputs.nix-ld.nixosModules.nix-ld ]; environment.systemPackages = with pkgs; [ nixfmt-rfc-style diff --git a/modules/hosts/nixberry/default.nix b/modules/hosts/nixberry/default.nix index b2327fa..7199c24 100644 --- a/modules/hosts/nixberry/default.nix +++ b/modules/hosts/nixberry/default.nix @@ -20,11 +20,15 @@ in { nixpkgs = { config.allowUnfree = true; + crossSystem = lib.mkIf (pkgs.stdenv.buildPlatform.system != "aarch64-linux") ( + lib.systems.elaborate "aarch64-linux" + ); }; - # hack + # hack, homemanager needs it environment.systemPackages = [ pkgs.dconf ]; + # build failure programs.nix-ld.enable = false; imports = @@ -147,7 +151,7 @@ in }; services.home-assistant = { - enable = true; + enable = false; configWritable = true; extraComponents = [ "default_config" @@ -224,20 +228,5 @@ in }; openFirewall = true; }; - - fileSystems."/" = { - device = "/dev/disk/by-uuid/44444444-4444-4444-8888-888888888888"; - fsType = "ext4"; - }; - - fileSystems."/boot/firmware" = { - device = "/dev/disk/by-uuid/2178-694E"; - fsType = "vfat"; - options = [ - "fmask=0022" - "dmask=0022" - ]; - }; - }; } diff --git a/modules/hosts/nixberry/disko.nix b/modules/hosts/nixberry/disko.nix new file mode 100644 index 0000000..e6b4640 --- /dev/null +++ b/modules/hosts/nixberry/disko.nix @@ -0,0 +1,224 @@ +{ + flake.modules.nixos."hosts/nixberry" = + { + inputs, + lib, + ... + }: + let + firmwarePartition = lib.recursiveUpdate { + # label = "FIRMWARE"; + priority = 1; + + type = "0700"; # Microsoft basic data + attributes = [ + 0 # Required Partition + ]; + + size = "1024M"; + content = { + type = "filesystem"; + format = "vfat"; + # mountpoint = "/boot/firmware"; + mountOptions = [ + "noatime" + "noauto" + "x-systemd.automount" + "x-systemd.idle-timeout=1min" + ]; + }; + }; + + espPartition = lib.recursiveUpdate { + # label = "ESP"; + + type = "EF00"; # EFI System Partition (ESP) + attributes = [ + 2 # Legacy BIOS Bootable, for U-Boot to find extlinux config + ]; + + size = "1024M"; + content = { + type = "filesystem"; + format = "vfat"; + # mountpoint = "/boot"; + mountOptions = [ + "noatime" + "noauto" + "x-systemd.automount" + "x-systemd.idle-timeout=1min" + "umask=0077" + ]; + }; + }; + + in + { + imports = [ inputs.disko.nixosModules.disko ]; + + boot.supportedFilesystems = [ "zfs" ]; + networking.hostId = "8425e349"; + + services.zfs.autoScrub.enable = true; + services.zfs.trim.enable = true; + + disko.devices = { + disk = { + ssd = { + device = "/dev/sda"; + content = { + type = "gpt"; + partitions = { + zfs = { + size = "100%"; + content = { + type = "zfs"; + pool = "rpool"; + }; + }; + }; + + }; + }; + + main = { + device = "/dev/mmcblk0"; + content = { + type = "gpt"; + partitions = { + FIRMWARE = firmwarePartition { + label = "FIRMWARE"; + content.mountpoint = "/boot/firmware"; + }; + ESP = espPartition { + label = "ESP"; + content.mountpoint = "/boot"; + }; + # Swap Partition + swap = { + size = "8G"; + label = "swap"; + content = { + type = "swap"; + discardPolicy = "both"; + resumeDevice = true; + }; + }; + + zfs = { + size = "100%"; + content = { + type = "zfs"; + pool = "rpool"; # zroot + }; + }; + + }; + }; + }; + }; + + zpool = { + rpool = { + type = "zpool"; + options = { + ashift = "12"; + autotrim = "on"; # see also services.zfs.trim.enable + }; + + rootFsOptions = { + "com.sun:auto-snapshot" = "false"; + # https://jrs-s.net/2018/08/17/zfs-tuning-cheat-sheet/ + compression = "lz4"; + atime = "off"; + xattr = "sa"; + acltype = "posixacl"; + # https://rubenerd.com/forgetting-to-set-utf-normalisation-on-a-zfs-pool/ + normalization = "formD"; + dnodesize = "auto"; + mountpoint = "none"; + canmount = "off"; + }; + + postCreateHook = + let + poolName = "rpool"; + in + "zfs list -t snapshot -H -o name | grep -E '^${poolName}@blank$' || zfs snapshot ${poolName}@blank"; + + datasets = { + + # stuff which can be recomputed/easily redownloaded, e.g. nix store + local = { + type = "zfs_fs"; + options.mountpoint = "none"; + }; + "local/nix" = { + type = "zfs_fs"; + options = { + reservation = "128M"; + mountpoint = "legacy"; # to manage "with traditional tools" + }; + mountpoint = "/nix"; # nixos configuration mountpoint + }; + + # _system_ data + system = { + type = "zfs_fs"; + options = { + mountpoint = "none"; + }; + }; + "system/root" = { + type = "zfs_fs"; + options = { + mountpoint = "legacy"; + }; + mountpoint = "/"; + }; + "system/var" = { + type = "zfs_fs"; + options = { + mountpoint = "legacy"; + }; + mountpoint = "/var"; + }; + + # _user_ and _user service_ data. safest, long retention policy + safe = { + type = "zfs_fs"; + options = { + copies = "2"; + mountpoint = "none"; + }; + }; + "safe/home" = { + type = "zfs_fs"; + options = { + mountpoint = "legacy"; + }; + mountpoint = "/home"; + }; + "safe/storage" = { + type = "zfs_fs"; + options = { + mountpoint = "legacy"; + "com.sun:auto-snapshot" = "true"; + }; + mountpoint = "/storage"; + }; + "safe/var/lib" = { + type = "zfs_fs"; + options = { + mountpoint = "legacy"; + }; + mountpoint = "/var/lib"; + }; + + }; + }; + }; + }; + + }; +} diff --git a/modules/hosts/yggdrasil/default.nix b/modules/hosts/yggdrasil/default.nix index d06773a..aa26ff0 100644 --- a/modules/hosts/yggdrasil/default.nix +++ b/modules/hosts/yggdrasil/default.nix @@ -13,13 +13,19 @@ in ... }: { - nixpkgs.config.allowUnfree = true; + nixpkgs = { + config.allowUnfree = true; + }; + + # Enable binfmt emulation. + boot.binfmt.emulatedSystems = [ + "aarch64-linux" + ]; environment.systemPackages = with pkgs; [ teamviewer teams-for-linux - pyfa obsidian diebahn