init

QixYuanmeng · Aug 18, 2024 · 160abdd · 160abdd
1 parent d54c718
commit 160abdd
Show file tree

Hide file tree

Showing 6 changed files with 29 additions and 31 deletions.
diff --git a/hosts/idols-ai/hardware-configuration.nix b/hosts/idols-ai/hardware-configuration.nix
@@ -21,11 +21,11 @@
   # boot.kernelPackages = pkgs.linuxPackages_latest;
   boot.kernelPackages = pkgs.linuxPackages_xanmod_latest;
 
-  boot.initrd.availableKernelModules = ["xhci_pci" "ahci" "nvme" "usbhid" "usb_storage" "sd_mod"];
+  boot.initrd.availableKernelModules = ["xhci_pci" "ahci" "vmd" "thunderbolt" "nvme" "usbhid" "usb_storage" "sd_mod"];
   boot.initrd.kernelModules = [];
   boot.kernelModules = ["kvm-intel"]; # kvm virtualization support
   boot.extraModprobeConfig = "options kvm_intel nested=1"; # for intel cpu
-  boot.kernelParams = ["nvidia.NVreg_PreserveVideoMemoryAllocations=1"];
+  boot.kernelParams = ["nvidia.NVreg_PreserveVideoMemoryAllocations=1" "ibt=off"];
   boot.extraModulePackages = [];
   # clear /tmp on boot to get a stateless /tmp directory.
   boot.tmp.cleanOnBoot = true;
@@ -48,7 +48,7 @@
     luks.devices."crypted-nixos" = {
       # NOTE: DO NOT use device name here(like /dev/sda, /dev/nvme0n1p2, etc), use UUID instead.
       # https://github.com/ryan4yin/nix-config/issues/43
-      device = "/dev/disk/by-uuid/a21ca82a-9ee6-4e5c-9d3f-a93e84e4e0f4";
+      device = "/dev/disk/by-uuid/d706f3bb-a6bb-4c71-83a8-7b5253885f1d";
       # the keyfile(or device partition) that should be used as the decryption key for the encrypted device.
       # if not specified, you will be prompted for a passphrase instead.
       #keyFile = "/root-part.key";
@@ -64,7 +64,7 @@
   };
 
   fileSystems."/btr_pool" = {
-    device = "/dev/disk/by-uuid/1167076c-dee1-486c-83c1-4b1af37555cd";
+    device = "/dev/disk/by-uuid/ff72baf7-d437-466c-884b-caca7dd46904";
     fsType = "btrfs";
     # btrfs's top-level subvolume, internally has an id 5
     # we can access all other subvolumes from this subvolume.
@@ -81,41 +81,41 @@
   };
 
   fileSystems."/nix" = {
-    device = "/dev/disk/by-uuid/1167076c-dee1-486c-83c1-4b1af37555cd";
+    device = "/dev/disk/by-uuid/ff72baf7-d437-466c-884b-caca7dd46904";
     fsType = "btrfs";
     options = ["subvol=@nix" "noatime" "compress-force=zstd:1"];
   };
 
   # for guix store, which use `/gnu/store` as its store directory.
   fileSystems."/gnu" = {
-    device = "/dev/disk/by-uuid/1167076c-dee1-486c-83c1-4b1af37555cd";
+    device = "/dev/disk/by-uuid/ff72baf7-d437-466c-884b-caca7dd46904";
     fsType = "btrfs";
     options = ["subvol=@guix" "noatime" "compress-force=zstd:1"];
   };
 
   fileSystems."/persistent" = {
-    device = "/dev/disk/by-uuid/1167076c-dee1-486c-83c1-4b1af37555cd";
+    device = "/dev/disk/by-uuid/ff72baf7-d437-466c-884b-caca7dd46904";
     fsType = "btrfs";
     options = ["subvol=@persistent" "compress-force=zstd:1"];
     # impermanence's data is required for booting.
     neededForBoot = true;
   };
 
   fileSystems."/snapshots" = {
-    device = "/dev/disk/by-uuid/1167076c-dee1-486c-83c1-4b1af37555cd";
+    device = "/dev/disk/by-uuid/ff72baf7-d437-466c-884b-caca7dd46904";
     fsType = "btrfs";
     options = ["subvol=@snapshots" "compress-force=zstd:1"];
   };
 
   fileSystems."/tmp" = {
-    device = "/dev/disk/by-uuid/1167076c-dee1-486c-83c1-4b1af37555cd";
+    device = "/dev/disk/by-uuid/ff72baf7-d437-466c-884b-caca7dd46904";
     fsType = "btrfs";
     options = ["subvol=@tmp" "compress-force=zstd:1"];
   };
 
   # mount swap subvolume in readonly mode.
   fileSystems."/swap" = {
-    device = "/dev/disk/by-uuid/1167076c-dee1-486c-83c1-4b1af37555cd";
+    device = "/dev/disk/by-uuid/ff72baf7-d437-466c-884b-caca7dd46904";
     fsType = "btrfs";
     options = ["subvol=@swap" "ro"];
   };
@@ -131,7 +131,7 @@
   };
 
   fileSystems."/boot" = {
-    device = "/dev/disk/by-uuid/90FB-9F88";
+    device = "/dev/disk/by-uuid/8A30-7482";
     fsType = "vfat";
   };
 

diff --git a/hosts/idols-ai/home.nix b/hosts/idols-ai/home.nix
@@ -21,7 +21,7 @@
     enable = true;
     extraConfig = ''
       Host github.com
-          IdentityFile ~/.ssh/idols-ai
+          IdentityFile ~/.ssh/qixNix
           # Specifies that ssh should only use the identity file explicitly configured above
           # required to prevent sending default identity files first.
           IdentitiesOnly yes

diff --git a/modules/base.nix b/modules/base.nix
@@ -19,7 +19,7 @@
 
   # auto upgrade nix to the unstable version
   # https://github.com/NixOS/nixpkgs/blob/nixos-unstable/pkgs/tools/package-management/nix/default.nix#L284
-  nix.package = pkgs.nixVersions.latest;
+  #nix.package = pkgs.nixVersions.latest;
 
   environment.systemPackages = with pkgs; [
     git # used by nix flakes

diff --git a/modules/nixos/base/networking.nix b/modules/nixos/base/networking.nix
@@ -3,15 +3,15 @@
   # With this enabled, you can access your machine at <hostname>.local
   # it's more convenient than using the IP address.
   # https://avahi.org/
-  services.avahi = {
-    enable = true;
-    nssmdns4 = true;
-    publish = {
-      enable = true;
-      domain = true;
-      userServices = true;
-    };
-  };
+  #services.avahi = {
+  #  enable = true;
+  #  nssmdns4 = true;
+  #  publish = {
+  #    enable = true;
+  #    domain = true;
+  #    userServices = true;
+  #  };
+  # };
 
   # Use an NTP server located in the mainland of China to synchronize the system time
   networking.timeServers = [

diff --git a/modules/nixos/base/user-group.nix b/modules/nixos/base/user-group.nix
@@ -22,7 +22,7 @@
   users.users."${myvars.username}" = {
     # generated by `mkpasswd -m scrypt`
     # we have to use initialHashedPassword here when using tmpfs for /
-    inherit (myvars) initialHashedPassword;
+    initialHashedPassword = "$7$CU..../....51P5EgDJiyi9kr2dm43wa.$EqZLUBRYMGUA2e/.Yn492GFsFp4OL1.RhUu5M3FbZZA";
     home = "/home/${myvars.username}";
     isNormalUser = true;
     extraGroups = [

diff --git a/vars/default.nix b/vars/default.nix
@@ -1,10 +1,10 @@
 {lib}: {
-  username = "ryan";
-  userfullname = "Ryan Yin";
-  useremail = "xiaoyin_c@qq.com";
-  networking = import ./networking.nix {inherit lib;};
+  username = "qix";
+  userfullname = "QixYuanmeng";
+  useremail = "3286046540@qq.com";
+  #networking = import ./networking.nix {inherit lib;};
   # generated by `mkpasswd -m scrypt`
-  initialHashedPassword = "$7$CU..../....KDvTIXqLTXpmCaoUy2yC9.$145eM358b7Q0sRXgEBvxctd5EAuEEdao57LmZjc05D.";
+  initialHashedPassword = "$7$CU..../....51P5EgDJiyi9kr2dm43wa.$EqZLUBRYMGUA2e/.Yn492GFsFp4OL1.RhUu5M3FbZZA";
   # Public Keys that can be used to login to all my PCs, Macbooks, and servers.
   #
   # Since its authority is so large, we must strengthen its security:
@@ -18,8 +18,6 @@
   #    2. Never leave the device and never sent over the network.
   # 2. Or just use hardware security keys like Yubikey/CanoKey.
   sshAuthorizedKeys = [
-    "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIKlN+Q/GxvwxDX/OAjJHaNFEznEN4Tw4E4TwqQu/eD6 ryan@idols-ai"
-    "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPoa9uEI/gR5+klqTQwvCgD6CD5vT5iD9YCNx2xNrH3B ryan@fern"
-    "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPwZ9MdotnyhxIJrI4gmVshExHiZOx+FGFhcW7BaYkfR ryan@harmonica"
+    "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIN3OgMpUI8G1D8Q8Q8G3YSZ/QH0buUo9XSG5cM340hIg qix@qixNix"
   ];
 }