chore: titanium snapshot

2025-11-10 13:58:46 -06:00 · 2025-11-10 13:58:46 -06:00 · f061c20021
commit f061c20021
parent cfb0a99306
11 changed files with 579 additions and 102 deletions
--- a/hosts/titanium/README.md
+++ b/hosts/titanium/README.md
@ -0,0 +1,20 @@
+# titanium
+
+This is my primary workstation / gaming pc.
+It will generally be the most out of sync with the repo, as there will be a lot
+of software I experiment with, which I simply forget to commit here. Everything
+of importance will find it's way to this repo.
+
+## Non-Deterministic Post-Install Steps
+
+Rearrange Monitors in Gnome Display Settings
+
+Use a fido2 key (YubiKey) to decrypt luks
+```bash
+sudo -E -s systemd-cryptenroll --fido2-device=auto /dev/disk/by-partlabel/disk-main-luks
+```
+
+## Installing Remotely
+```bash
+nix run github:nix-community/nixos-anywhere -- --flake .#titanium <ssh-addr>
+```
--- a/hosts/titanium/configuration.nix
+++ b/hosts/titanium/configuration.nix
@ -16,5 +16,5 @@
  services.openssh.enable = true;
  services.tailscale.enable = true;
  networking.firewall.trustedInterfaces = [ "tailscale0" ];
-  system.stateVersion = "25.05";
+  system.stateVersion = "25.11";
 }
--- a/hosts/titanium/default.nix
+++ b/hosts/titanium/default.nix
@ -1,17 +1,41 @@
-{ inputs, ... }:
+{ inputs, pkgs, ... }:
+let
+  nixpkgs = inputs.nixpkgs;
+in
 {
  nixpkgs.config.allowUnfree = true;
+  nixpkgs.overlays = (import (../../overlays) {inherit nixpkgs;});
  imports = [
    ../../modules/nixos/base.nix
    ../../modules/nixos/audio.nix
-    ../../modules/nixos/desktop.nix
+    ../../modules/nixos/desktop
    ../../modules/nixos/gaming.nix
    inputs.nixos-hardware.nixosModules.asus-rog-strix-x570e
-    #./hardware.nix
+    ./hardware.nix
    ./configuration.nix
    ./nvidia.nix
+    inputs.lanzaboote.nixosModules.lanzaboote
    ./secure-boot.nix
    inputs.disko.nixosModules.disko
    ./disko.nix
+    ./game-emulation.nix
+    #./meetings.nix
  ];
+
+  zw.gaming.enable = true;
+
+  stylix = {
+    #enable = true;
+    # catppuccin-mocha
+    base16Scheme = "${pkgs.base16-schemes}/share/themes/catppuccin-mocha.yaml";
+    # image = ./path.png; polarity = "dark"; # /etc/stylix/palette.html
+    # TODO: Add Atkinson Hyperlegible Next, Mono, and also a good Serif font.
+    # https://search.nixos.org/packages?channel=unstable&show=atkinson-hyperlegible-next&query=atkinson
+    # fonts = {
+    #   serif = {};
+    #   sansSerif = {};
+    #   monospace = {};
+    #   emoji = {};
+    # };
+  };
 }
--- a/hosts/titanium/hardware.nix
+++ b/hosts/titanium/hardware.nix
@ -8,41 +8,43 @@
    [ (modulesPath + "/installer/scan/not-detected.nix")
    ];

-  boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "usbhid" "usb_storage" "sd_mod" ];
+  boot.initrd.systemd.enable = true;
+  #boot.initrd.luks.devices.FOO.crypttabExtraOpts = ["fido2-device=auto"];
+  boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "usbhid" "usb_storage" "sd_mod" "sr_mod" ];
  boot.initrd.kernelModules = [ ];
  boot.kernelModules = [ "kvm-amd" ];
  boot.extraModulePackages = [ ];

  fileSystems."/" =
-    { device = "/dev/disk/by-uuid/0b3de117-c34f-4cc6-81db-5b84ea46cd51";
+    { #device = "/dev/disk/by-uuid/bac9b4de-d201-4008-9e97-3954417aab65";
      fsType = "btrfs";
      options = [ "subvol=root" ];
    };

-  boot.initrd.luks.devices."crypted".device = "/dev/disk/by-uuid/0ccc4028-c27e-4259-ade9-a2b2081722cb";
+  #boot.initrd.luks.devices."crypted".device = "/dev/disk/by-uuid/16b8ccb6-0102-4348-bb1b-d8d68bfb4d23";
+
+  fileSystems."/nix" =
+    { #device = "/dev/disk/by-uuid/bac9b4de-d201-4008-9e97-3954417aab65";
+      fsType = "btrfs";
+      options = [ "subvol=nix" ];
+    };

  fileSystems."/.swapvol" =
-    { device = "/dev/disk/by-uuid/0b3de117-c34f-4cc6-81db-5b84ea46cd51";
+    { #device = "/dev/disk/by-uuid/bac9b4de-d201-4008-9e97-3954417aab65";
      fsType = "btrfs";
      options = [ "subvol=swap" ];
    };

-  fileSystems."/boot" =
-    { device = "/dev/disk/by-uuid/219D-4579";
-      fsType = "vfat";
-      options = [ "fmask=0077" "dmask=0077" ];
-    };
-
  fileSystems."/home" =
-    { device = "/dev/disk/by-uuid/0b3de117-c34f-4cc6-81db-5b84ea46cd51";
+    { #device = "/dev/disk/by-uuid/bac9b4de-d201-4008-9e97-3954417aab65";
      fsType = "btrfs";
      options = [ "subvol=home" ];
    };

-  fileSystems."/nix" =
-    { device = "/dev/disk/by-uuid/0b3de117-c34f-4cc6-81db-5b84ea46cd51";
-      fsType = "btrfs";
-      options = [ "subvol=nix" ];
+  fileSystems."/boot" =
+    { #device = "/dev/disk/by-uuid/E076-75D6";
+      fsType = "vfat";
+      options = [ "fmask=0077" "dmask=0077" ];
    };

  swapDevices = [ ];
@ -54,7 +56,7 @@
  networking.useDHCP = lib.mkDefault true;
  # networking.interfaces.enp4s0.useDHCP = lib.mkDefault true;
  # networking.interfaces.enp5s0.useDHCP = lib.mkDefault true;
-  # networking.interfaces.wlp3s0.useDHCP = lib.mkDefault true;
+  # networking.interfaces.tailscale0.useDHCP = lib.mkDefault true;

  nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
  hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
--- a/hosts/titanium/secure-boot.nix
+++ b/hosts/titanium/secure-boot.nix
@ -1,5 +1,4 @@
-{ pkgs, lib, inputs, ... }: {
-  imports = with inputs; [ lanzaboote.nixosModules.lanzaboote ];
+{ pkgs, lib, ... }: {
  environment.systemPackages = [ pkgs.sbctl ];
  boot.loader.systemd-boot.enable = lib.mkForce false;
  boot.lanzaboote.enable = true;