From b5c8b8e76d329cc1fa8bf9e38d5228c14342afe5 Mon Sep 17 00:00:00 2001 From: Patrick Flynn Date: Fri, 20 Feb 2026 23:48:33 -0500 Subject: [PATCH 1/3] feat(weller): add bootstrap configuration for two-stage install - Refactor 'hosts/weller/default.nix' to extract hardware config to 'hosts/weller/hardware.nix'. - Create 'modules/bootstrap.nix' for initial mutable install with SSH enabled and no secrets. - Add 'weller-bootstrap' nixosConfiguration to 'flake.nix'. Fixes #263 --- flake.nix | 12 +++++ hosts/weller/default.nix | 92 +--------------------------------- hosts/weller/hardware.nix | 102 ++++++++++++++++++++++++++++++++++++++ modules/bootstrap.nix | 51 +++++++++++++++++++ 4 files changed, 166 insertions(+), 91 deletions(-) create mode 100644 hosts/weller/hardware.nix create mode 100644 modules/bootstrap.nix diff --git a/flake.nix b/flake.nix index 316bfba..caa1fe6 100644 --- a/flake.nix +++ b/flake.nix @@ -156,6 +156,18 @@ ]; }; + # Hostname: weller-bootstrap (Initial install target) + weller-bootstrap = nixpkgs.lib.nixosSystem { + system = "x86_64-linux"; + specialArgs = { inherit inputs; }; + modules = [ + ./hosts/weller/hardware.nix + ./hosts/weller/disk-config.nix + ./modules/bootstrap.nix + inputs.disko.nixosModules.disko + ]; + }; + # Hostname: weller (dual-boot Windows 11 + NixOS workstation) weller = nixpkgs.lib.nixosSystem { system = "x86_64-linux"; diff --git a/hosts/weller/default.nix b/hosts/weller/default.nix index 0feaae4..203f38f 100644 --- a/hosts/weller/default.nix +++ b/hosts/weller/default.nix @@ -1,6 +1,5 @@ { config, - lib, pkgs, modulesPath, inputs, @@ -9,7 +8,7 @@ { imports = [ - (modulesPath + "/installer/scan/not-detected.nix") + ./hardware.nix ../../modules/common/system.nix ../../modules/common/users.nix ../../modules/common/workstation.nix @@ -19,95 +18,6 @@ cosmo.user.default = "patrick"; cosmo.user.email = "big.pat@gmail.com"; - # --------------------------------------------------------------------------- - # Hardware (normally in hardware-configuration.nix, but disko handles mounts) - # --------------------------------------------------------------------------- - boot.initrd.availableKernelModules = [ - "nvme" - "xhci_pci" - "ahci" - "usbhid" - "sd_mod" - ]; - boot.kernelModules = [ "kvm-amd" ]; - hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; - nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; - - # --------------------------------------------------------------------------- - # Bootloader - systemd-boot - # --------------------------------------------------------------------------- - # Windows is on Disk 0, NixOS on Disk 1 - use UEFI boot menu (F11/F12) to switch - boot.loader.systemd-boot.enable = true; - boot.loader.efi.canTouchEfiVariables = true; - boot.initrd.systemd.enable = true; - - # Seagate FireCuda 510 firmware crashes with APST power saving (#263) - boot.kernelParams = [ - "nvme_core.default_ps_max_latency_us=0" - "btusb.enable_autosuspend=n" - ]; - - # --------------------------------------------------------------------------- - # Filesystem - Btrfs with LUKS encryption (managed by disko) - # --------------------------------------------------------------------------- - boot.supportedFilesystems = [ - "btrfs" - "ntfs" - ]; - - # --------------------------------------------------------------------------- - # Networking - # --------------------------------------------------------------------------- - networking.hostName = "weller"; - networking.networkmanager.enable = true; - - # --------------------------------------------------------------------------- - # Hardware - NVIDIA RTX 4090 - # --------------------------------------------------------------------------- - nixpkgs.config.allowUnfree = true; - - hardware.graphics.enable = true; - - services.xserver.videoDrivers = [ "nvidia" ]; - hardware.nvidia = { - modesetting.enable = true; - powerManagement.enable = false; - powerManagement.finegrained = false; - open = false; # Use proprietary driver for best compatibility - nvidiaSettings = true; - package = config.boot.kernelPackages.nvidiaPackages.stable; - }; - - # --------------------------------------------------------------------------- - # Bluetooth – optimised for Kinesis Advantage 360 Pro (ZMK / BLE) - # --------------------------------------------------------------------------- - hardware.bluetooth = { - enable = true; - powerOnBoot = true; - settings = { - General = { - # Keep adapter in page-scan mode for instant reconnects - FastConnectable = "true"; - # ZMK uses "Just Works" pairing – always allow re-pairing - JustWorksRepairing = "always"; - # Better LE handling & battery reporting - Experimental = "true"; - }; - LE = { - # Tighter polling interval (7.5–11.25 ms) for lower input latency - MinConnectionInterval = 6; - MaxConnectionInterval = 9; - ConnectionLatency = 0; - }; - Policy = { - AutoEnable = "true"; - ReconnectAttempts = 7; - ReconnectIntervals = "1,2,4,8,16,32,64"; - }; - }; - }; - environment.systemPackages = with pkgs; [ bluetuith ]; - # --------------------------------------------------------------------------- # Remote Access # --------------------------------------------------------------------------- diff --git a/hosts/weller/hardware.nix b/hosts/weller/hardware.nix new file mode 100644 index 0000000..e8139b6 --- /dev/null +++ b/hosts/weller/hardware.nix @@ -0,0 +1,102 @@ +{ + config, + lib, + pkgs, + modulesPath, + ... +}: + +{ + imports = [ + (modulesPath + "/installer/scan/not-detected.nix") + ]; + + # --------------------------------------------------------------------------- + # Hardware (normally in hardware-configuration.nix, but disko handles mounts) + # --------------------------------------------------------------------------- + boot.initrd.availableKernelModules = [ + "nvme" + "xhci_pci" + "ahci" + "usbhid" + "sd_mod" + ]; + boot.kernelModules = [ "kvm-amd" ]; + hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; + nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; + + # --------------------------------------------------------------------------- + # Bootloader - systemd-boot + # --------------------------------------------------------------------------- + # Windows is on Disk 0, NixOS on Disk 1 - use UEFI boot menu (F11/F12) to switch + boot.loader.systemd-boot.enable = true; + boot.loader.efi.canTouchEfiVariables = true; + boot.initrd.systemd.enable = true; + + # Seagate FireCuda 510 firmware crashes with APST power saving (#263) + boot.kernelParams = [ + "nvme_core.default_ps_max_latency_us=0" + "btusb.enable_autosuspend=n" + ]; + + # --------------------------------------------------------------------------- + # Filesystem - Btrfs with LUKS encryption (managed by disko) + # --------------------------------------------------------------------------- + boot.supportedFilesystems = [ + "btrfs" + "ntfs" + ]; + + # --------------------------------------------------------------------------- + # Networking + # --------------------------------------------------------------------------- + networking.hostName = "weller"; + networking.networkmanager.enable = true; + + # --------------------------------------------------------------------------- + # Hardware - NVIDIA RTX 4090 + # --------------------------------------------------------------------------- + nixpkgs.config.allowUnfree = true; + + hardware.graphics.enable = true; + + services.xserver.videoDrivers = [ "nvidia" ]; + hardware.nvidia = { + modesetting.enable = true; + powerManagement.enable = false; + powerManagement.finegrained = false; + open = false; # Use proprietary driver for best compatibility + nvidiaSettings = true; + package = config.boot.kernelPackages.nvidiaPackages.stable; + }; + + # --------------------------------------------------------------------------- + # Bluetooth – optimised for Kinesis Advantage 360 Pro (ZMK / BLE) + # --------------------------------------------------------------------------- + hardware.bluetooth = { + enable = true; + powerOnBoot = true; + settings = { + General = { + # Keep adapter in page-scan mode for instant reconnects + FastConnectable = "true"; + # ZMK uses "Just Works" pairing – always allow re-pairing + JustWorksRepairing = "always"; + # Better LE handling & battery reporting + Experimental = "true"; + }; + LE = { + # Tighter polling interval (7.5–11.25 ms) for lower input latency + MinConnectionInterval = 6; + MaxConnectionInterval = 9; + ConnectionLatency = 0; + }; + Policy = { + AutoEnable = "true"; + ReconnectAttempts = 7; + ReconnectIntervals = "1,2,4,8,16,32,64"; + }; + }; + }; + environment.systemPackages = with pkgs; [ bluetuith ]; +} diff --git a/modules/bootstrap.nix b/modules/bootstrap.nix new file mode 100644 index 0000000..64935a1 --- /dev/null +++ b/modules/bootstrap.nix @@ -0,0 +1,51 @@ +{ + config, + pkgs, + lib, + ... +}: + +let + keys = import ../secrets/keys.nix; +in +{ + imports = [ + ./common/system.nix + ]; + + # Define the default user options here since we are importing system.nix + cosmo.user.default = "patrick"; + cosmo.user.email = "big.pat@gmail.com"; + + # Enable SSH + services.openssh = { + enable = true; + settings = { + PermitRootLogin = "yes"; + PasswordAuthentication = true; + }; + }; + + # Mutable users for bootstrap + users.mutableUsers = true; + + users.users.root.openssh.authorizedKeys.keys = keys.users; + + users.users.${config.cosmo.user.default} = { + isNormalUser = true; + uid = 1000; + extraGroups = [ + "wheel" + "networkmanager" + "video" + ]; + initialPassword = "nixos"; + openssh.authorizedKeys.keys = keys.users; + }; + + # Make it easy to assume root during bootstrap + security.sudo.wheelNeedsPassword = false; + + # Ensure compatibility + system.stateVersion = "25.11"; +} From 1884b3facaa0a49f75784f7604a37ff04320a2d1 Mon Sep 17 00:00:00 2001 From: Patrick Flynn Date: Sun, 22 Feb 2026 17:23:24 -0500 Subject: [PATCH 2/3] feat(system): add hardware diagnostic tools - Add smartmontools for S.M.A.R.T. monitoring and testing. - Add nvme-cli for detailed NVMe status and error reporting. - These tools are needed to debug recent Btrfs corruption issues on 'weller'. --- modules/common/system.nix | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/modules/common/system.nix b/modules/common/system.nix index b42a025..9a59fac 100644 --- a/modules/common/system.nix +++ b/modules/common/system.nix @@ -32,6 +32,10 @@ # Version Control git + + # Hardware Diagnostics + smartmontools + nvme-cli ]; # Enable Flakes and new command line tools From 54f31ef1944cd2f6a7a05a83677051f7abe41db7 Mon Sep 17 00:00:00 2001 From: Patrick Flynn Date: Sun, 22 Feb 2026 18:05:22 -0500 Subject: [PATCH 3/3] feat(weller): add MemTest86+ boot entry and diagnostic tools Add MemTest86+ to systemd-boot menu for proper overnight memory testing. Add lm_sensors and memtester to system packages for hardware diagnostics. --- hosts/weller/hardware.nix | 1 + modules/common/system.nix | 2 ++ 2 files changed, 3 insertions(+) diff --git a/hosts/weller/hardware.nix b/hosts/weller/hardware.nix index e8139b6..449c53b 100644 --- a/hosts/weller/hardware.nix +++ b/hosts/weller/hardware.nix @@ -30,6 +30,7 @@ # --------------------------------------------------------------------------- # Windows is on Disk 0, NixOS on Disk 1 - use UEFI boot menu (F11/F12) to switch boot.loader.systemd-boot.enable = true; + boot.loader.systemd-boot.memtest86.enable = true; boot.loader.efi.canTouchEfiVariables = true; boot.initrd.systemd.enable = true; diff --git a/modules/common/system.nix b/modules/common/system.nix index 9a59fac..a77d00f 100644 --- a/modules/common/system.nix +++ b/modules/common/system.nix @@ -36,6 +36,8 @@ # Hardware Diagnostics smartmontools nvme-cli + lm_sensors + memtester ]; # Enable Flakes and new command line tools