1 files changed, 39 insertions, 18 deletions

diff --git a/sys/default.nix b/sys/default.nix
index a11dd26..6880673 100644
--- a/sys/default.nix
+++ b/sys/default.nix
@@ -14,10 +14,18 @@ in {
       type = bool;
     };
 
+    btrfs = mkOption {
+      type = bool;
+    };
+
     loader = mkOption {
       type = enum [ "grub" "systemd-boot" ];
     };
 
+    cpuVendor = mkOption {
+      type = enum [ "amd" "intel" ];
+    };
+
     canTouchEfiVariables = mkOption {
       type = bool;
     };
@@ -41,10 +49,14 @@ in {
     };
 
     crypt = mkOption {
+      default = {};
+
       type = submodule {
         options = {
           toplevel = mkOption {
-            type = submodule {
+            default = null;
+
+            type = nullOr (submodule {
               options = {
                 device = mkOption {
                   type = str;
@@ -58,7 +70,7 @@ in {
                   type = str;
                 };
               };
-            };
+            });
           };
 
           aux = mkOption {
@@ -183,7 +195,7 @@ in {
         availableKernelModules = cfg.initrdModules;
         supportedFilesystems = [ "vfat" ];
 
-        preDeviceCommands = ''
+        preDeviceCommands = optionalString (crypt != null) ''
           mkdir -p `dirname ${headerPathEscaped}`
           touch ${headerPathEscaped}
         '';
@@ -202,18 +214,20 @@ in {
           '';
         in concatStringsSep "\n" (map auxOpen cfg.crypt.aux);
 
-        luks.devices."${crypt.target}" = {
-          inherit (crypt) device;
-          header = "/initrd-boot/${crypt.headerFromBoot}";
-          preLVM = false;
+        luks.devices = mkIf (crypt != null) {
+          "${crypt.target}" = {
+            inherit (crypt) device;
+            header = "/initrd-boot/${crypt.headerFromBoot}";
+            preLVM = false;
 
-          preOpenCommands = ''
-            mount -o ro -t vfat ${escapeShellArg cfg.fs.boot.device} /initrd-boot
-          '';
+            preOpenCommands = ''
+              mount -o ro -t vfat ${escapeShellArg cfg.fs.boot.device} /initrd-boot
+            '';
 
-          postOpenCommands = ''
-            umount /initrd-boot
-          '';
+            postOpenCommands = ''
+              umount /initrd-boot
+            '';
+          };
         };
 
         #network = {
@@ -227,11 +241,16 @@ in {
       };
     };
 
-    hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
+    hardware.cpu = let
+      ucode.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
+    in {
+      amd = mkIf (cfg.cpuVendor == "amd") ucode;
+      intel = mkIf (cfg.cpuVendor == "intel") ucode;
+    };
 
     fileSystems = let
       inherit (cfg) fs;
-      btrfs = { device, subvol, isSys }: {
+      btrfs = { device, subvol, isSys }: mkIf cfg.btrfs {
         inherit device;
         fsType = "btrfs";
         options = let
@@ -264,7 +283,7 @@ in {
       };
 
       "/boot" = {
-        inherit (fs.boot) device;
+        inherit (cfg.fs.boot) device;
         fsType = "vfat";
         options = [ "noatime" "umask=027" ];
       };
@@ -298,7 +317,7 @@ in {
 
     environment.systemPackages = [
       pkgs.local.btclone
-	];
+    ];
 
     services.udev.packages = [
       pkgs.android-udev-rules
@@ -341,7 +360,9 @@ in {
       ];
     };
 
-    local.snapperSubvols.home = "/home";
+    local.snapperSubvols = mkIf cfg.btrfs {
+      home = "/home";
+    };
 
     services.snapper.configs = let
       snapperConfig = _: subvolume: {