Enable plymouth again

2024-02-25 00:00:00 +07:00 · 2024-02-25 00:00:00 +07:00 · b147dfff27
parent 2d60495a40
commit b147dfff27
3 changed files with 51 additions and 39 deletions
--- a/hosts/aragorn/default.nix
+++ b/hosts/aragorn/default.nix
@ -1,4 +1,4 @@
-{ config, lib, ... }:
+{ config, lib, pkgs, ... }:
 {
  imports = [
    ./users
@ -21,7 +21,16 @@
  };

  # Being fancy. Other people have already taken care of all the tough setting-up parts :)
-  # boot.plymouth.enable = true;
+  boot.plymouth = {
+    enable = true;
+    logo = pkgs.fetchurl {
+      url = "https://github.com/NixOS/nixos-artwork/raw/master/logo/nixos.svg.png";
+      hash = "sha256-9+OfqfP5LmubdTcwBkS/AnOX4wZI2tKHLu5nhi43xcc=";
+    };
+    extraConfig = ''
+      DeviceScale=2
+    '';
+  };

  # Most valuable directories (.e.g /home, /gnu, /nix) are persisted using ZFS datasets.
  # Impermanence is used to deal with state files.
--- a/hosts/aragorn/hardware.nix
+++ b/hosts/aragorn/hardware.nix
@ -2,6 +2,7 @@
  boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" "ahci" "usb_storage" "usbhid" "sd_mod" ];
  boot.initrd.kernelModules = [ "amdgpu" ];
  boot.initrd.supportedFilesystems = [ "zfs" ];
+  boot.initrd.systemd.enable = true; # allow plymouth to prompt for LUKS password

  boot.kernelModules = [ "kvm-amd" ];
  boot.kernelParams = [ "amd_pstate=active" ];
@ -54,6 +55,8 @@
      };
    };

+    # NOTE: disko's mount script fails, due to zfs datasets being mounted automatically in `zfs import` step before rootfs is mounted.
+    # To work around, simply unmount everything under /mnt, then the zfs datasets with `zfs unmount -a`. The mount script can be invoked again.
    zpool.zroot = {
      type = "zpool";
      rootFsOptions = {
--- a/hosts/aragorn/users/default.nix
+++ b/hosts/aragorn/users/default.nix
@ -1,42 +1,42 @@
-{ config, pkgs, ... }:
-let
-  inherit (config.sops) secrets;
-in
-{
-  sops.secrets = {
-    "users/root/hashedPassword" = { };
-    "users/follie/hashedPassword" = { neededForUsers = true; };
-    "users/gema/hashedPassword" = { neededForUsers = true; };
-  };
+{ config, lib, pkgs, ... }:
+lib.mkMerge [
+  # Set users' passwords
+  (lib.foldr (a: b: lib.recursiveUpdate a b) { }
+    (builtins.map
+      (name:
+        let
+          secretPath = "users/${name}/hashedPassword";
+        in
+        {
+          sops.secrets.${secretPath} = { neededForUsers = true; };
+          users.users.${name}.hashedPasswordFile = config.sops.secrets.${secretPath}.path;
+        })
+      [ "root" "follie" "gema" ]))

-  users.mutableUsers = false;
-  users.users = {
-    root.hashedPasswordFile = secrets."users/root/hashedPassword".path;
-
-    follie = {
-      isNormalUser = true;
-      extraGroups = [ "wheel" "networkmanager" ];
-      shell = pkgs.fish;
-
-      hashedPasswordFile = secrets."users/follie/hashedPassword".path;
-
-      # TODO: Ref: https://rootlesscontaine.rs/getting-started/common/subuid/
-      # subUidRanges
-      # subGidRanges
+  {
+    # Enable corresponding shells for each user
+    programs = {
+      fish.enable = true;
+      zsh.enable = true;
    };

-    gema = {
-      isNormalUser = true;
-      extraGroups = [ "networkmanager" ];
-      shell = pkgs.zsh;
+    users.mutableUsers = false;
+    users.users = {
+      follie = {
+        isNormalUser = true;
+        extraGroups = [ "wheel" "networkmanager" ];
+        shell = pkgs.fish;

-      hashedPasswordFile = secrets."users/gema/hashedPassword".path;
+        # TODO: Ref: https://rootlesscontaine.rs/getting-started/common/subuid/
+        # subUidRanges
+        # subGidRanges
+      };
+
+      gema = {
+        isNormalUser = true;
+        extraGroups = [ "networkmanager" ];
+        shell = pkgs.zsh;
+      };
    };
-  };
-
-  # Enable users' shells
-  programs = {
-    fish.enable = true;
-    zsh.enable = true;
-  };
-}
+  }
+]