summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--.sops.yaml2
-rw-r--r--files/keys/thinkpad.asc20
-rw-r--r--hosts/thinkpad/default.nix10
-rw-r--r--hosts/thinkpad/hardware.nix32
-rw-r--r--hosts/thinkpad/secrets.yaml36
5 files changed, 57 insertions, 43 deletions
diff --git a/.sops.yaml b/.sops.yaml
index f0b36a3..cbad8a8 100644
--- a/.sops.yaml
+++ b/.sops.yaml
@@ -6,7 +6,7 @@ keys:
- &hosts:
- &shinji 659C3533EF08B6EB0A81A777E9A11C12771D6185
- &kaworu FDD5D980CA2FEFF1AA8433B10F7CD7B91AB7CF01
- - &thinkpad ED1C2FCA9DF4A843D740222A2320AAE969A6A53D
+ - &thinkpad 118107A1BA67FA2A7A90D47FF871DB487089D99B
creation_rules:
- path_regex: ^hosts/shinji/secrets.yaml$
key_groups:
diff --git a/files/keys/thinkpad.asc b/files/keys/thinkpad.asc
index be92432..cb07914 100644
--- a/files/keys/thinkpad.asc
+++ b/files/keys/thinkpad.asc
@@ -1,13 +1,13 @@
-----BEGIN PGP PUBLIC KEY BLOCK-----
-mDMEaFdiiRYJKwYBBAHaRw8BAQdALb+t75mJH4LazlEYOAtpe6dIHzF6HIp8CEdp
-LgANpzS0NUZyZXlhIE11cnBoeSAoVGhpbmtwYWQga2V5IHBhaXIpIDxmcmV5YUBm
-cmV5YWNhdC5vcmc+iI4EExYKADYWIQTtHC/KnfSoQ9dAIiojIKrpaaalPQUCaFdi
-iQIbAwQLCQgHBBUKCQgFFgIDAQACHgUCF4AACgkQIyCq6WmmpT2z3gEAodU5dSOQ
-2U0fJsjQniA10CnXHQNzpKIMTH6g9H4U74gBAN/Vus725zVIly7MWtJYy78Uqcon
-WMeXm3zPHbe55DsGuDgEaFdiiRIKKwYBBAGXVQEFAQEHQPsmJ74jvF1VEpAc5n6d
-I5luNmdLvw9Tp766/ZwTgHk9AwEIB4h4BBgWCgAgFiEE7Rwvyp30qEPXQCIqIyCq
-6WmmpT0FAmhXYokCGwwACgkQIyCq6WmmpT2UtAD6A9AVzAzybLad/VLahxT/YKXJ
-zr3/qE2exo3SRQnl6SYA/AtYIn2Ld+9WsGWxRUgwKIMwoJ/kJqzB2HjEwTzCywoH
-=zQnQ
+mDMEabK01hYJKwYBBAHaRw8BAQdAJqf5q3qWmDI55vxKigS9eud8XRy7sH4qKOi4
+2cAerbK0NUZyZXlhIE11cnBoeSAoVGhpbmtwYWQga2V5IHBhaXIpIDxmcmV5YUBm
+cmV5YWNhdC5vcmc+iI4EExYKADYWIQQRgQehumf6KnqQ1H/4cdtIcInZmwUCabK0
+1gIbAwQLCQgHBBUKCQgFFgIDAQACHgECF4AACgkQ+HHbSHCJ2Zu7SQEA1c6JzwC3
+F/PAg1bB+IvtfeeeDPk1AKgddxgY+wk624oBAJsa4ijqgbM4x9FZWOvc+FUFfJg7
+CK7r0I04BmyqLsIEuDgEabK2ehIKKwYBBAGXVQEFAQEHQDx/o+HOceUD+ZINhjQk
+qljtNH81R8/C/ad25jNNo4spAwEIB4h4BBgWCgAgFiEEEYEHobpn+ip6kNR/+HHb
+SHCJ2ZsFAmmytnoCGwwACgkQ+HHbSHCJ2ZvjvwEApXTDyhaRV+LbEZV85NYlOyp5
+VSSAvHnZTteEKs7sy30A/0IqBcTnIMf5yuATcQ4/PBp1bdwFd9xcTEmCUwyvg74E
+=k9RB
-----END PGP PUBLIC KEY BLOCK-----
diff --git a/hosts/thinkpad/default.nix b/hosts/thinkpad/default.nix
index 5560fb4..11b5bcb 100644
--- a/hosts/thinkpad/default.nix
+++ b/hosts/thinkpad/default.nix
@@ -37,9 +37,9 @@ _: {
};
# modules
- battery = true;
- bluetooth = true;
- network = true;
- fingerprint = true;
- tpm = true;
+ battery.enable = true;
+ bluetooth.enable = true;
+ network.enable = true;
+ fingerprint.enable = true;
+ tpm.enable = true;
}
diff --git a/hosts/thinkpad/hardware.nix b/hosts/thinkpad/hardware.nix
index 109f6c0..6effb9a 100644
--- a/hosts/thinkpad/hardware.nix
+++ b/hosts/thinkpad/hardware.nix
@@ -1,9 +1,22 @@
-_: {
+{
+ config,
+ inputs,
+ ...
+}: {
+ # external defaults
+ imports = [
+ inputs.nixos-hardware.nixosModules.lenovo-thinkpad-x1-7th-gen
+ ];
+
# bootloader
- boot.loader.systemd-boot.enable = true;
- boot.loader.efi = {
- canTouchEfiVariables = true;
- efiSysMountPoint = "/boot/efi";
+ boot.loader = {
+ efi.canTouchEfiVariables = true;
+ grub = {
+ enable = true;
+ efiSupport = true;
+ device = "nodev";
+ splashImage = config.theme.wallpaper;
+ };
};
# kernel modules
@@ -17,23 +30,24 @@ _: {
hardware.cpu.intel.updateMicrocode = true;
# luks device
- boot.initrd.luks.devices."root".device = "/dev/disk/by-uuid/fe5e24c0-d35d-4722-929d-1496b7eb9872";
+ boot.initrd.luks.devices."root".device = "/dev/disk/by-uuid/b94c88f4-a74e-42b6-b525-d69dc70cbe09";
+ boot.initrd.luks.devices."swap".device = "/dev/disk/by-uuid/61866c6a-da39-4a0e-97aa-1437e8827621";
# root
fileSystems."/" = {
- device = "/dev/disk/by-uuid/e7bdadd0-0914-42ea-81c4-4449537d3477";
+ device = "/dev/disk/by-uuid/71e9cd8e-1f62-4587-bcfe-9ee74eb25d53";
fsType = "btrfs";
};
# boot
fileSystems."/boot/efi" = {
- device = "/dev/disk/by-uuid/6CE8-EFE0";
+ device = "/dev/disk/by-uuid/5116-3132";
fsType = "vfat";
options = ["fmask=0022" "dmask=0022"];
};
# swap
swapDevices = [
- {device = "/dev/disk/by-uuid/01099db8-dd7a-4fe5-981a-6889fdb3735e";}
+ {device = "/dev/disk/by-uuid/8e876b25-899d-40ea-b9e5-764a38d818b7";}
];
}
diff --git a/hosts/thinkpad/secrets.yaml b/hosts/thinkpad/secrets.yaml
index df406fc..d3b8a4c 100644
--- a/hosts/thinkpad/secrets.yaml
+++ b/hosts/thinkpad/secrets.yaml
@@ -1,29 +1,29 @@
-freyanetWg: ENC[AES256_GCM,data:iupv8u+jrRsCVjHwrRYSsONftzk1+Q9MughsZR0VPJAKPHMHwJ66z/wxvYw=,iv:igAfgl+Uf5mPmuwuYoPGOSCibDLa3ioRjLQBvRhZbos=,tag:mzGYEesXyLuo3vrN4oz8LA==,type:str]
+freyanetWg: ENC[AES256_GCM,data:XFOuXXSS2eO1o/sjBGG0ryQOzw7VELudsPU474VoM0jFufqOiYWPunlI5x4=,iv:ECm6SMNF+Zu1JMgdSKtkuSi3pImSg/PPhfpzecCRUa0=,tag:G6kgmAr53JeO+odez/k1vA==,type:str]
sops:
- lastmodified: "2025-08-24T03:46:59Z"
- mac: ENC[AES256_GCM,data:TW/7tmlxBgH/7Op7EFA3kGYcpDxkNwhQKFPR001ebEsrkcRvjbVewHo0AO3k/TNSxDaGfPlCo4johEcEF1iD+A+KDurDsZVhjkxSnrofgFKWxL3i+TgEcRXh6CyujMtLmaZi+o17lczQcMEQsZVjgM6Dkx1Uf2i/OS/XvySZ9x4=,iv:EUqRBeRtSTzIYI3cDXqFW2ATeinFu/hLZ77WVNvg2xg=,tag:Zw9mMRTM5zPZ+98TZyDSFw==,type:str]
+ lastmodified: "2026-03-12T12:50:40Z"
+ mac: ENC[AES256_GCM,data:U3RXiQ/BBKvWTxzDXzHgP6HCoxVfuhOqfGsdoNJ1lxFGUpNi0TgMOYY8Ot3UNlC2f5D45Q3xlEOJUP7syIDqzlifqG/X9Qu4G+k1Sp2FhqU9cFFarBnFk/lI9bm1bByVvjNkyZm1yHbj3RVept/1nk9lJ5tNbwDK0CTU1v7hq2U=,iv:ZOAJxy9y6+5YEAfKLd/qyYi0886pusUf0tLcErwIEgA=,tag:/2YhnCyxDONXot6aQlC0TQ==,type:str]
pgp:
- - created_at: "2025-07-02T23:48:03Z"
+ - created_at: "2026-03-12T12:50:40Z"
enc: |-
-----BEGIN PGP MESSAGE-----
- hF4DNAX7itQ/dpkSAQdA5m1vsAEbOtx2mD+j92sAXoEYFS7TkokwB/zFnRWVE2Iw
- aGhhIFroNipYmWbwsrWJ1rcel4NmOCJYkA28Hfs1Ejvl8Hpi6NursNFeObYJMITG
- 0l4BzejxDHvEH2dkOFOtoKqAOkgVbIZGQCPhBM3p9T3ul5vVO9HTC8ZN+UvGAk+c
- AwbBUa54h4pa6kx0XsYn3dbHB/AGPakZt1IpTFroK/rzBfrWj4SoiO/gS3H4riYw
- =/Tcr
+ hF4D0Q846mnV8HYSAQdAQ8c8GFP9c0yCPBMsmk46WUic5mHPRncMKbmaWkvivRsw
+ /mzAiwJveqzaVyM9wrky9bKui+axN5wsxFKjsPBhEO1n9YFAfWCshiJIDC2sB/HX
+ 0l4Bc6DV/OCz1FbC8o2lMCUNhlPGHU5UyX3im0OfThFfUV/PDJpU6dn4pNWsns+k
+ 55ZmQhzA6vapjuYVUoVV96zQiyp5VYD2XeHJbNiAAYT2g1EXi/y2jot2oxjeVyqt
+ =Udw2
-----END PGP MESSAGE-----
- fp: ED1C2FCA9DF4A843D740222A2320AAE969A6A53D
- - created_at: "2025-07-02T23:48:03Z"
+ fp: D9AF0A4209B7C2DE11A884BFACBC553660D9993D
+ - created_at: "2026-03-12T12:50:40Z"
enc: |-
-----BEGIN PGP MESSAGE-----
- hF4D0Q846mnV8HYSAQdAchFpGB9bS32W0KTAG+NVsMcVEPKiY4CVg9LZi7faHDkw
- gZeHWvnIonpC3WHPGeB1z8oUAxkFY/rF6pmT/jCbEZg4D0BEJ+F74gErquyFpOai
- 0l4BFL74dFWqtZv/a1Rod/tie3vvXm9H8KrsP+IDdoS0Inv4n+5dXsWHYA7VM7Wc
- lnsXiP7W8mIGmmQQCeH09DPvUQeq36WmvITOlyhZ1z+MirZhpcUHnWBP1wFmAAYa
- =FTmy
+ hF4D5b+QRFVjHlsSAQdAAU41lxOZNahNE/1iGYMq/iCKQSFvYNKiu/HTXxUi8zIw
+ 1b+T+0lVC68vfUG3E7VwHAgIX76it9/i+u4cnXp6rwtYvoI2Z8457pGZs1XaXamA
+ 0l4BsdHQ8sklfXtRhmJ74of7hIWnxVuhcL/Qce7tok2GZhedZ/78ilC4Yiw5GYBf
+ wIWSUOL/qQOBRfqg4DDzOKm4k5/HuYJK7Gz3qH9V24pEE10oS6/kqMshkywA091E
+ =85rI
-----END PGP MESSAGE-----
- fp: D9AF0A4209B7C2DE11A884BFACBC553660D9993D
+ fp: 118107A1BA67FA2A7A90D47FF871DB487089D99B
unencrypted_suffix: _unencrypted
- version: 3.10.2
+ version: 3.12.1
generated by cgit v1.2.3-freya (git 2.53.0.84.g453e7b744a) at 2026-03-12 20:09:32 +0000