dots/hosts/orion/os/boot.nix

{ modulesPath, pkgs, ... }:
{

  imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];

  security.tpm2.enable = true;
  environment.systemPackages = with pkgs; [ tpm2-tss ];

  services.btrfs-rollback = {
    enable = true;
    diskLabel = "NixOS-Primary";
    subvolume = "root";
    snapshot = "root-base";
  };

  boot = {
    loader = {
      systemd-boot.enable = true;
      efi.canTouchEfiVariables = true;
    };
    kernelPackages = pkgs.linuxPackages_latest;
    kernelModules = [ "kvm-intel" ];
    kernelParams = [ "audit=1" ];
    extraModulePackages = [ ];
    initrd = {
      availableKernelModules = [
        "xhci_pci"
        "thunderbolt"
        "vmd"
        "nvme"
        "usbhid"
        "rtsx_pci_sdmmc"
      ];
      systemd = {
        enable = true;
        enableTpm2 = true;
      };
    };
  };
}
refactor!: the big nix refactor 2024-05-03 14:35:00 -05:00			`{ modulesPath, pkgs, ... }:`
			`{`

refactor(nix/hosts/orion): use real system os options 2024-05-24 17:18:15 -05:00			`imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];`
refactor!: the big nix refactor 2024-05-03 14:35:00 -05:00
feat(host/orion): improve tpm2 support 2024-07-24 22:16:17 -05:00			`security.tpm2.enable = true;`
			`environment.systemPackages = with pkgs; [ tpm2-tss ];`

refactor(nix): extract orion's btrfs rollback to NixOS module 2024-08-24 23:38:27 -05:00			`services.btrfs-rollback = {`
			`enable = true;`
			`diskLabel = "NixOS-Primary";`
			`subvolume = "root";`
			`snapshot = "root-base";`
			`};`

refactor!: the big nix refactor 2024-05-03 14:35:00 -05:00			`boot = {`
			`loader = {`
			`systemd-boot.enable = true;`
			`efi.canTouchEfiVariables = true;`
			`};`
feat(host/orion): use latest linux kernel 2024-07-01 22:41:24 -05:00			`kernelPackages = pkgs.linuxPackages_latest;`
refactor!: the big nix refactor 2024-05-03 14:35:00 -05:00			`kernelModules = [ "kvm-intel" ];`
			`kernelParams = [ "audit=1" ];`
			`extraModulePackages = [ ];`
			`initrd = {`
			`availableKernelModules = [`
			`"xhci_pci"`
refactor(nix/hosts/orion): use real system os options 2024-05-24 17:18:15 -05:00			`"thunderbolt"`
			`"vmd"`
			`"nvme"`
			`"usbhid"`
			`"rtsx_pci_sdmmc"`
refactor!: the big nix refactor 2024-05-03 14:35:00 -05:00			`];`
			`systemd = {`
			`enable = true;`
feat(host/orion): improve tpm2 support 2024-07-24 22:16:17 -05:00			`enableTpm2 = true;`
refactor!: the big nix refactor 2024-05-03 14:35:00 -05:00			`};`
			`};`
			`};`
			`}`