feat: fix systemd-boot, secure boot, and enable keyd

This commit is contained in:
Youwen Wu 2024-08-10 00:29:49 -07:00
parent d4c1c6ecc1
commit 41a4fd7a9e
Signed by: youwen5
GPG key ID: 865658ED1FE61EC3
2 changed files with 45 additions and 20 deletions

View file

@ -18,17 +18,34 @@
# generated at installation time. So we force it to false
# for now.
systemd-boot = {
enable = false;
enable = true;
consoleMode = "auto";
};
};
boot.lanzaboote = {
enable = true;
enable = false;
pkiBundle = "/etc/secureboot";
};
boot.initrd.luks.devices."luks-52d1be6d-b32f-41e0-a6d7-2ff52599fe7c".device = "/dev/disk/by-uuid/52d1be6d-b32f-41e0-a6d7-2ff52599fe7c";
services.keyd = {
enable = true;
keyboards = {
default = {
ids = [ "*" ];
settings = {
main = {
capslock = "esc";
leftalt = "leftcontrol";
leftcontrol = "leftalt";
};
};
};
};
};
boot.initrd.luks.devices."luks-52d1be6d-b32f-41e0-a6d7-2ff52599fe7c".device =
"/dev/disk/by-uuid/52d1be6d-b32f-41e0-a6d7-2ff52599fe7c";
networking.hostName = "adrastea"; # Define your hostname.
# networking.wireless.enable = true; # Enables wireless support via wpa_supplicant.
@ -78,6 +95,14 @@
powerManagement.finegrained = false;
open = false;
nvidiaSettings = true;
prime = {
amdgpuBusId = "PCI:4:0:0";
nvidiaBusId = "PCI:1:0:0";
offload = {
enable = true;
enableOffloadCmd = true;
};
};
};
hardware.graphics.enable = true;

View file

@ -4,31 +4,30 @@
{ config, lib, pkgs, modulesPath, ... }:
{
imports =
[ (modulesPath + "/installer/scan/not-detected.nix")
];
imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];
boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" "usbhid" "usb_storage" "sd_mod" ];
boot.initrd.availableKernelModules =
[ "nvme" "xhci_pci" "usbhid" "usb_storage" "sd_mod" ];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-amd" ];
boot.extraModulePackages = [ ];
fileSystems."/" =
{ device = "/dev/disk/by-uuid/01983a52-5693-4cda-ad2e-5a406776bfb9";
fileSystems."/" = {
device = "/dev/disk/by-uuid/01983a52-5693-4cda-ad2e-5a406776bfb9";
fsType = "ext4";
};
boot.initrd.luks.devices."luks-f169a679-d70b-4dff-a344-7131f3303813".device = "/dev/disk/by-uuid/f169a679-d70b-4dff-a344-7131f3303813";
boot.initrd.luks.devices."luks-f169a679-d70b-4dff-a344-7131f3303813".device =
"/dev/disk/by-uuid/f169a679-d70b-4dff-a344-7131f3303813";
fileSystems."/boot" =
{ device = "/dev/disk/by-uuid/3FCB-9D60";
fileSystems."/boot" = {
device = "/dev/disk/by-uuid/3FCB-9D60";
fsType = "vfat";
options = [ "fmask=0022" "dmask=0022" ];
};
swapDevices =
[ { device = "/dev/disk/by-uuid/f28d0752-feab-4591-899e-e5deac3712d0"; }
];
[{ device = "/dev/disk/by-uuid/f28d0752-feab-4591-899e-e5deac3712d0"; }];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's
@ -39,5 +38,6 @@
# networking.interfaces.wlp2s0.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
hardware.cpu.amd.updateMicrocode =
lib.mkDefault config.hardware.enableRedistributableFirmware;
}