-
Notifications
You must be signed in to change notification settings - Fork 0
/
boot.nix
88 lines (75 loc) · 2.17 KB
/
boot.nix
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
{
config,
lib,
modulesPath,
options,
pkgs,
specialArgs,
}:
let
udevConf = pkgs.writeText "udev.conf" "udev_log=debug";
in
{
boot.loader.systemd-boot.enable = true;
boot.loader.systemd-boot.consoleMode = "max";
boot.loader.efi.canTouchEfiVariables = true;
# Use systemd in the initrd.
boot.initrd.systemd.enable = true;
boot.initrd.systemd.tpm2.enable = true;
boot.initrd.systemd.emergencyAccess = true;
boot.initrd.systemd.managerEnvironment.SYSTEMD_LOG_LEVEL = "debug";
boot.initrd.availableKernelModules = [
"ahci"
"nvme"
"sd_mod"
"usb_storage"
"usbhid"
"xhci_pci"
];
boot.initrd.extraFiles."etc/udev/udev.conf".source = udevConf;
environment.etc."udev/udev.conf".source = udevConf;
console.enable = true;
# Enable a TPM.
security.tpm2.enable = true;
security.tpm2.pkcs11.enable = true;
security.tpm2.tctiEnvironment.enable = true;
environment.systemPackages = with pkgs; [ tpm2-tools ];
# No software RAID in this system.
boot.swraid.enable = false;
# Use `systemd-gpt-auto-root` to detect the root filesystem partition.
boot.initrd.supportedFilesystems = [ "ext4" ];
boot.initrd.systemd.root = "gpt-auto";
# Mount the boot partition specifically. I'd like to move this to a mount unit.
fileSystems."/boot".device = "/dev/disk/by-uuid/0D2C-FF36";
fileSystems."/boot".fsType = "vfat";
# No swap devices in this system (maybe a bad call.)
swapDevices = [ ];
# We're in Tacoma, WA, USA.
location.latitude = 47.2656321;
location.longitude = -122.4575112;
# We're in the Pacific time zone.
time.timeZone = "America/Los_Angeles";
i18n.defaultLocale = "en_US.UTF-8";
i18n.extraLocaleSettings = {
LC_ADDRESS = "en_US.UTF-8";
LC_IDENTIFICATION = "en_US.UTF-8";
LC_MEASUREMENT = "en_US.UTF-8";
LC_MONETARY = "en_US.UTF-8";
LC_NAME = "en_US.UTF-8";
LC_NUMERIC = "en_US.UTF-8";
LC_PAPER = "en_US.UTF-8";
LC_TELEPHONE = "en_US.UTF-8";
LC_TIME = "en_US.UTF-8";
};
# Define my user account.
users.users.philip = {
isNormalUser = true;
description = "Philip Taron";
extraGroups = [
"libvirtd"
"tss"
"wheel"
"wireshark"
];
};
}