steveej/infra
1
0
Fork 0
Code Issues 2 Pull requests Projects Releases Packages Wiki Activity Actions

format and change

Browse source
This commit is contained in:
steveej 2023-02-07 18:23:51 +01:00
parent 882ff4e5e9
commit 28c116337c
181 changed files with 2748 additions and 2578 deletions
Download patch file Download diff file Expand all files Collapse all files

1
_archive/environments/dev/cross.nix
View file

@ -87,3 +87,4 @@ import /home/steveej/src/github/NixOS/nixpkgs/default.nix {
# }; # };
# }; # };
# }; # };

15
_archive/environments/dev/go/default.nix
View file

@ -1,6 +1,11 @@
{ gitpkgs ? import /home/steveej/src/github/NixOS/nixpkgs { }, pkgs ? gitpkgs {
, name ? "generic", version, extraBuildInputs ? [ ], extraShellHook ? "" }: gitpkgs ? import /home/steveej/src/github/NixOS/nixpkgs {},
let pkgs ? gitpkgs,
name ? "generic",
version,
extraBuildInputs ? [],
extraShellHook ? "",
}: let
go = builtins.getAttr "go_${version}" pkgs; go = builtins.getAttr "go_${version}" pkgs;
commonVimRC = '' commonVimRC = ''
let g:tagbar_type_go = { let g:tagbar_type_go = {
@ -66,8 +71,8 @@ let
# ( import ./vim-go.nix { pkgs=gitpkgs; commonRC=commonVimRC; } ) # ( import ./vim-go.nix { pkgs=gitpkgs; commonRC=commonVimRC; } )
# ( import ./neovim-go.nix { pkgs=gitpkgs; commonRC=commonVimRC; } ) # ( import ./neovim-go.nix { pkgs=gitpkgs; commonRC=commonVimRC; } )
]; ];
in
in pkgs.stdenv.mkDerivation { pkgs.stdenv.mkDerivation {
inherit name; inherit name;
buildInputs = extraBuildInputs ++ buildInputs; buildInputs = extraBuildInputs ++ buildInputs;
shellHook = '' shellHook = ''

9
_archive/environments/dev/go/neovim-go.nix
View file

@ -1,7 +1,8 @@
{ commonRC, ... }@args: {commonRC, ...} @ args: (import ../../pkg-configuration/vim-derivates/neovim.nix args
// {
(import ../../pkg-configuration/vim-derivates/neovim.nix args // { additionalRC =
additionalRC = commonRC + '' commonRC
+ ''
" deoplete { " deoplete {
let g:deoplete#enable_at_startup = 1 let g:deoplete#enable_at_startup = 1
let g:deoplete#enable_smart_case = 1 let g:deoplete#enable_smart_case = 1

17
_archive/environments/dev/pandoc.nix
View file

@ -1,7 +1,13 @@
{ gitpkgs ? import /home/steveej/src/github/NixOS/nixpkgs { }, pkgs ? gitpkgs {
, name ? "generic", version ? "Stable", extraBuildInputs ? [ ] }: gitpkgs ? import /home/steveej/src/github/NixOS/nixpkgs {},
let commonVimRC = ""; pkgs ? gitpkgs,
in pkgs.stdenv.mkDerivation { name ? "generic",
version ? "Stable",
extraBuildInputs ? [],
}: let
commonVimRC = "";
in
pkgs.stdenv.mkDerivation {
inherit name; inherit name;
buildInputs = with pkgs; buildInputs = with pkgs;
[ [
@ -15,7 +21,8 @@ in pkgs.stdenv.mkDerivation {
python27Packages.htmltreediff python27Packages.htmltreediff
python27Packages.html5lib python27Packages.html5lib
python27Packages.dbus-python python27Packages.dbus-python
] ++ extraBuildInputs; ]
++ extraBuildInputs;
shellHook = '' shellHook = ''
pandocname=pandoc_${pkgs.pandoc.version} pandocname=pandoc_${pkgs.pandoc.version}
setPS1 $pandocname setPS1 $pandocname

8
_archive/environments/dev/rkt.nix
View file

@ -1,6 +1,8 @@
{ pkgs ? import /home/steveej/src/github/NixOS/nixpkgs { } {
, mkGoEnv ? import ./go.nix, rktPath, }: pkgs ? import /home/steveej/src/github/NixOS/nixpkgs {},
let mkGoEnv ? import ./go.nix,
rktPath,
}: let
rktBasebuildInputs = with pkgs; [ rktBasebuildInputs = with pkgs; [
glibc.out glibc.out
glibc.static glibc.static

24
_archive/environments/dev/rust/default.nix
View file

@ -1,15 +1,23 @@
{ gitpkgs ? import /home/steveej/src/github/NixOS/nixpkgs { }, pkgs ? gitpkgs {
, name ? "generic", version ? "Stable", extraBuildInputs ? [ ] }: gitpkgs ? import /home/steveej/src/github/NixOS/nixpkgs {},
let pkgs ? gitpkgs,
name ? "generic",
version ? "Stable",
extraBuildInputs ? [],
}: let
rustPackages = builtins.getAttr "rust${version}" pkgs; rustPackages = builtins.getAttr "rust${version}" pkgs;
rustc = rustPackages.rustc; rustc = rustPackages.rustc;
rustShellHook = { rustc, name }: '' rustShellHook = {
rustc,
name,
}: ''
rustname=rust_${rustc.version}_${name} rustname=rust_${rustc.version}_${name}
setPS1 $rustname setPS1 $rustname
unset name unset name
''; '';
commonVimRC = ""; commonVimRC = "";
in pkgs.stdenv.mkDerivation { in
pkgs.stdenv.mkDerivation {
inherit name; inherit name;
buildInputs = with rustPackages; buildInputs = with rustPackages;
[ [
@ -21,8 +29,10 @@ in pkgs.stdenv.mkDerivation {
}) })
rustc rustc
cargo cargo
] ++ [ pkgs.rustfmt ] ++ extraBuildInputs; ]
shellHook = (rustShellHook) { ++ [pkgs.rustfmt]
++ extraBuildInputs;
shellHook = rustShellHook {
inherit name; inherit name;
inherit rustc; inherit rustc;
}; };

8
_archive/environments/dev/vim-go.nix
View file

@ -1,8 +1,10 @@
{commonRC, ...} @ args: {commonRC, ...} @ args:
import ../../pkg-configuration/vim-derivates/vim.nix (args
import ../../pkg-configuration/vim-derivates/vim.nix (args // { // {
name = "vim-for-go"; name = "vim-for-go";
additionalRC = commonRC + '' additionalRC =
commonRC
+ ''
" Disable AutoComplPop. " Disable AutoComplPop.
let g:acp_enableAtStartup = 0 let g:acp_enableAtStartup = 0
" Use neocomplete. " Use neocomplete.

8
_archive/environments/dev/vim-pandoc.nix
View file

@ -1,8 +1,10 @@
{commonRC, ...} @ args: {commonRC, ...} @ args:
import ../../pkg-configuration/vim-derivates/vim.nix (args
import ../../pkg-configuration/vim-derivates/vim.nix (args // { // {
name = "vim-for-pandoc"; name = "vim-for-pandoc";
additionalRC = commonRC + '' additionalRC =
commonRC
+ ''
set statusline+=%#warningmsg# set statusline+=%#warningmsg#
set statusline+=%{SyntasticStatuslineFlag()} set statusline+=%{SyntasticStatuslineFlag()}
set statusline+=%* set statusline+=%*

15
_archive/environments/dev/vim-rust.nix
View file

@ -1,8 +1,15 @@
{ commonRC, rustc, racerd, ... }@args: {
commonRC,
import ../../pkg-configuration/vim-derivates/vim.nix (args // { rustc,
racerd,
...
} @ args:
import ../../pkg-configuration/vim-derivates/vim.nix (args
// {
name = "vim-for-rust"; name = "vim-for-rust";
additionalRC = commonRC + '' additionalRC =
commonRC
+ ''
set statusline+=%#warningmsg# set statusline+=%#warningmsg#
set statusline+=%{SyntasticStatuslineFlag()} set statusline+=%{SyntasticStatuslineFlag()}
set statusline+=%* set statusline+=%*

7
_archive/environments/fhs/android.nix
View file

@ -1,9 +1,7 @@
{pkgs ? import <nixpkgs> {}}: {pkgs ? import <nixpkgs> {}}:
(pkgs.buildFHSUserEnv { (pkgs.buildFHSUserEnv {
name = "devfhs"; name = "devfhs";
multiPkgs = pkgs: multiPkgs = pkgs: (with pkgs; [
(with pkgs; [
android-udev-rules android-udev-rules
sudo sudo
gawk gawk
@ -40,4 +38,5 @@
export LD_LIBRARY_PATH=$LD_LIBRARY_PATH:/lib:/lib64:/lib32:/usr/lib32:/usr/lib64:${pkgs.xorg.libXtst}/lib:${pkgs.glib}/lib:${pkgs.gtk2}/lib export LD_LIBRARY_PATH=$LD_LIBRARY_PATH:/lib:/lib64:/lib32:/usr/lib32:/usr/lib64:${pkgs.xorg.libXtst}/lib:${pkgs.glib}/lib:${pkgs.gtk2}/lib
''; '';
runScript = "bash"; runScript = "bash";
}).env })
.env

7
_archive/environments/fhs/vscode.nix
View file

@ -1,9 +1,7 @@
{pkgs ? import <nixpkgs> {}}: {pkgs ? import <nixpkgs> {}}:
(pkgs.buildFHSUserEnv { (pkgs.buildFHSUserEnv {
name = "everydayFHS"; name = "everydayFHS";
targetPkgs = pkgs: targetPkgs = pkgs: (with pkgs; [
(with pkgs; [
which which
gitFull gitFull
zsh zsh
@ -34,4 +32,5 @@
export SHELL=/bin/zsh export SHELL=/bin/zsh
''; '';
# FIXME runScript = "$SHELL"; # FIXME runScript = "$SHELL";
}).env })
.env

6
_archive/nixos-configuration/common/pkg/neovim.nix
View file

@ -1,6 +1,8 @@
{ config, pkgs, ... }@args:
{ {
config,
pkgs,
...
} @ args: {
environment.systemPackages = [ environment.systemPackages = [
pkgs.xsel pkgs.xsel
(import ../../../pkg-configuration/vim-derivates/neovim.nix args) (import ../../../pkg-configuration/vim-derivates/neovim.nix args)

4
_archive/nixos-configuration/common/pkg/vim.nix
View file

@ -1,6 +1,4 @@
{ pkgs, ... }@args: {pkgs, ...} @ args: {
{
environment.systemPackages = [ environment.systemPackages = [
pkgs.xsel pkgs.xsel
(import ../../../pkg-configuration/vim-derivates/vim.nix (import ../../../pkg-configuration/vim-derivates/vim.nix

8
_archive/nixos-configuration/common/user/steveej.nix
View file

@ -1,6 +1,8 @@
{ config, pkgs, ... }: {
config,
let pkgs,
...
}: let
passwords = import ../passwords.crypt.nix; passwords = import ../passwords.crypt.nix;
keys = import ../keys.nix; keys = import ../keys.nix;
inherit (import ../lib) mkUser; inherit (import ../lib) mkUser;

5
default.nix
View file

@ -4,10 +4,7 @@
# Having pkgs default to <nixpkgs> is fine though, and it lets you use short # Having pkgs default to <nixpkgs> is fine though, and it lets you use short
# commands such as: # commands such as:
# nix-build -A mypackage # nix-build -A mypackage
{pkgs ? import <nixpkgs> {}}: {
{ pkgs ? import <nixpkgs> { } }:
{
overlays = import ./nix/overlays; overlays = import ./nix/overlays;
pkgs = import ./nix/pkgs {inherit pkgs;}; pkgs = import ./nix/pkgs {inherit pkgs;};
} }

17
nix/container-images/default.nix
View file

@ -1,9 +1,6 @@
{ pkgs ? import <nixpkgs> { } }: {pkgs ? import <nixpkgs> {}}: let
baseEnv = ["SSL_CERT_FILE=${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt"];
let baseEnv = [ "SSL_CERT_FILE=${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt" ];
in rec { in rec {
base = pkgs.dockerTools.buildImage rec { base = pkgs.dockerTools.buildImage rec {
name = "base"; name = "base";
@ -72,7 +69,8 @@ in rec {
# FIXME: touch .isbucket after mount # FIXME: touch .isbucket after mount
''; '';
in pkgs.dockerTools.buildImage { in
pkgs.dockerTools.buildImage {
name = "s3ql"; name = "s3ql";
fromImage = interactive_base; fromImage = interactive_base;
contents = [pkgs.s3ql pkgs.fuse]; contents = [pkgs.s3ql pkgs.fuse];
@ -86,7 +84,9 @@ in rec {
''; '';
config = { config = {
Env = baseEnv ++ [ Env =
baseEnv
++ [
"HOME=/home/s3ql" "HOME=/home/s3ql"
"S3QL_CACHE_DIR=/var/cache/s3ql" "S3QL_CACHE_DIR=/var/cache/s3ql"
"S3QL_AUTHINFO2=/etc/s3ql/authinfo2" "S3QL_AUTHINFO2=/etc/s3ql/authinfo2"
@ -125,7 +125,8 @@ in rec {
-gui-address=$SYNCTHING_GUI_ADDRESS \ -gui-address=$SYNCTHING_GUI_ADDRESS \
-no-browser -no-browser
''; '';
in pkgs.dockerTools.buildImage { in
pkgs.dockerTools.buildImage {
name = "syncthing"; name = "syncthing";
fromImage = interactive_base; fromImage = interactive_base;
contents = pkgs.syncthing; contents = pkgs.syncthing;

28
nix/default.nix
View file

@ -1,23 +1,25 @@
{ versionsPath }: {versionsPath}: let
channelVersions = import versionsPath;
let mkChannelSource = name: let
channelVersions = (import versionsPath); channelVersion = builtins.getAttr name channelVersions;
mkChannelSource = name: in
let channelVersion = builtins.getAttr name channelVersions; builtins.fetchGit {
in builtins.fetchGit {
# Descriptive name to make the store path easier to identify # Descriptive name to make the store path easier to identify
inherit name; inherit name;
inherit (channelVersion) url ref rev; inherit (channelVersion) url ref rev;
}; };
nixPath = builtins.concatStringsSep ":" (builtins.map (elemName: nixPath = builtins.concatStringsSep ":" (builtins.map
let (elemName: let
elem = builtins.getAttr elemName channelVersions; elem = builtins.getAttr elemName channelVersions;
elemPath = (mkChannelSource elemName); elemPath = mkChannelSource elemName;
suffix = if builtins.hasAttr "suffix" elem then elem.suffix else ""; suffix =
in builtins.concatStringsSep "=" [ elemName elemPath ] + suffix) if builtins.hasAttr "suffix" elem
then elem.suffix
else "";
in
builtins.concatStringsSep "=" [elemName elemPath] + suffix)
(builtins.attrNames channelVersions)); (builtins.attrNames channelVersions));
pkgs = import (mkChannelSource "nixpkgs") {}; pkgs = import (mkChannelSource "nixpkgs") {};
in { in {
inherit nixPath; inherit nixPath;
channelSources = pkgs.writeText "channels.rc" '' channelSources = pkgs.writeText "channels.rc" ''

54
nix/home-manager/configuration/graphical-fullblown.nix
View file

@ -1,15 +1,15 @@
{ pkgs }: {pkgs}: let
zshCurried = import ../programs/zsh.nix {inherit pkgs;};
let zshCurried = import ../programs/zsh.nix { inherit pkgs; }; in
{
in { pkgs, config, ... }: pkgs,
config,
let ...
}: let
# gitpkgs = import /home/steveej/src/github/NixOS/nixpkgs {}; # gitpkgs = import /home/steveej/src/github/NixOS/nixpkgs {};
unstablepkgs = unstablepkgs =
import <channels-nixos-unstable-small> {config = config.nixpkgs.config;}; import <channels-nixos-unstable-small> {config = config.nixpkgs.config;};
masterpkgs = import <nixpkgs-master> {config = config.nixpkgs.config;}; masterpkgs = import <nixpkgs-master> {config = config.nixpkgs.config;};
in { in {
imports = [ imports = [
../profiles/common.nix ../profiles/common.nix
@ -48,7 +48,9 @@ in {
PATH = pkgs.lib.concatStringsSep ":" ["$HOME/.local/bin" "$PATH"]; PATH = pkgs.lib.concatStringsSep ":" ["$HOME/.local/bin" "$PATH"];
}; };
home.packages = [ ] ++ (with pkgs; [ home.packages =
[]
++ (with pkgs; [
# Authentication # Authentication
cacert cacert
fprintd fprintd
@ -105,7 +107,7 @@ in {
aspellDicts.de aspellDicts.de
skypeforlinux skypeforlinux
unstablepkgs.jitsi-meet-electron unstablepkgs.jitsi-meet-electron
unstablepkgs.zoom-us zoom-us
thunderbird thunderbird
evolution # gnome4.glib_networking evolution # gnome4.glib_networking
masterpkgs.kotatogram-desktop masterpkgs.kotatogram-desktop
@ -206,15 +208,29 @@ in {
perlPackages.FileHomeDir perlPackages.FileHomeDir
perlPackages.UnicodeLineBreak perlPackages.UnicodeLineBreak
(texlive.combine { (texlive.combine {
inherit (texlive) inherit
scheme-small texlive-de texlive-en texlive-scripts collection-langgerman (texlive)
scheme-small
latexindent latexmk texlive-de
texlive-en
algorithms cm-super texlive-scripts
collection-langgerman
preprint enumitem draftwatermark everypage ulem placeins minted latexindent
ifplatform fvextra xstring framed; latexmk
algorithms
cm-super
preprint
enumitem
draftwatermark
everypage
ulem
placeins
minted
ifplatform
fvextra
xstring
framed
;
}) })
pdftk pdftk

20
nix/home-manager/configuration/graphical-gnome3.nix
View file

@ -1,13 +1,13 @@
{ pkgs }: {pkgs}: let
zshCurried = import ../programs/zsh.nix {inherit pkgs;};
let zshCurried = import ../programs/zsh.nix { inherit pkgs; }; in
{
in { pkgs, config, ... }: pkgs,
config,
let ...
}: let
unstablepkgs = unstablepkgs =
import <channels-nixos-unstable> {config = config.nixpkgs.config;}; import <channels-nixos-unstable> {config = config.nixpkgs.config;};
in { in {
imports = [ imports = [
../profiles/common.nix ../profiles/common.nix
@ -32,7 +32,9 @@ in {
home.sessionVariables = {}; home.sessionVariables = {};
home.packages = [ ] ++ (with pkgs; [ home.packages =
[]
++ (with pkgs; [
# Nix package related tools # Nix package related tools
patchelf patchelf
nix-index nix-index

20
nix/home-manager/configuration/graphical-removable.nix
View file

@ -1,13 +1,13 @@
{ pkgs }: {pkgs}: let
zshCurried = import ../programs/zsh.nix {inherit pkgs;};
let zshCurried = import ../programs/zsh.nix { inherit pkgs; }; in
{
in { pkgs, config, ... }: pkgs,
config,
let ...
}: let
unstablepkgs = unstablepkgs =
import <channels-nixos-unstable> {config = config.nixpkgs.config;}; import <channels-nixos-unstable> {config = config.nixpkgs.config;};
in { in {
imports = [ imports = [
../profiles/common.nix ../profiles/common.nix
@ -34,7 +34,9 @@ in {
home.sessionVariables = {}; home.sessionVariables = {};
home.packages = [ ] ++ (with pkgs; [ home.packages =
[]
++ (with pkgs; [
# Nix package related tools # Nix package related tools
patchelf patchelf
nix-index nix-index

22
nix/home-manager/configuration/text-minimal.nix
View file

@ -1,11 +1,14 @@
{ pkgs, extraPackages ? [ ] }: {
pkgs,
let zshCurried = import ../programs/zsh.nix { inherit pkgs; }; extraPackages ? [],
}: let
in { pkgs, config, ... }: zshCurried = import ../programs/zsh.nix {inherit pkgs;};
in
let {
pkgs,
config,
...
}: let
in { in {
imports = [ imports = [
../profiles/common.nix ../profiles/common.nix
@ -18,6 +21,7 @@ in {
home.sessionVariables = {}; home.sessionVariables = {};
home.packages = extraPackages home.packages =
extraPackages
++ (with pkgs; [iperf3 inetutils speedtest-cli]); ++ (with pkgs; [iperf3 inetutils speedtest-cli]);
} }

5
nix/home-manager/lib.nix
View file

@ -1,7 +1,4 @@
{ }: {}: let
let
in { in {
mkSimpleTrayService = {execStart}: { mkSimpleTrayService = {execStart}: {
Unit = { Unit = {

14
nix/home-manager/profiles/common.nix
View file

@ -1,6 +1,4 @@
{ pkgs, ... }: {pkgs, ...}: let
let
in { in {
# TODO: re-enable this with the appropriate version # TODO: re-enable this with the appropriate version
# programs.home-manager.enable = true; # programs.home-manager.enable = true;
@ -15,10 +13,8 @@ in {
permittedInsecurePackages = []; permittedInsecurePackages = [];
}; };
nix.settings = { nix.settings.experimental-features = ["nix-command" "flakes" "impure-derivations" "ca-derivations" "recursive-nix"];
experimental-features = nix.settings.sandbox = "relaxed";
[ "nix-command" "flakes" "impure-derivations" "ca-derivations" ];
};
home.keyboard = { home.keyboard = {
layout = "us"; layout = "us";
@ -41,7 +37,9 @@ in {
programs.command-not-found.enable = true; programs.command-not-found.enable = true;
programs.fzf.enable = true; programs.fzf.enable = true;
home.packages = [ ] ++ (with pkgs; [ home.packages =
[]
++ (with pkgs; [
# git helpers # git helpers
git-crypt git-crypt

10
nix/home-manager/profiles/dotfiles.nix
View file

@ -1,7 +1,9 @@
{ pkgs, config, ... }: {
pkgs,
let vcshActivationScript = pkgs.callPackage ./dotfiles/vcsh.nix { }; config,
...
}: let
vcshActivationScript = pkgs.callPackage ./dotfiles/vcsh.nix {};
in { in {
# TODO: fix the dotfiles # TODO: fix the dotfiles
# home.activation.vcsh = config.lib.dag.entryAfter["linkGeneration"] '' # home.activation.vcsh = config.lib.dag.entryAfter["linkGeneration"] ''

18
nix/home-manager/profiles/dotfiles/vcsh.tmpl.nix
View file

@ -1,8 +1,12 @@
{ pkgs, repoHttps ? "https://gitlab.com/steveeJ/dotfiles.git" {
, repoSsh ? "git@gitlab.com:/steveeJ/dotfiles.git", ... }: pkgs,
repoHttps ? "https://gitlab.com/steveeJ/dotfiles.git",
let repoSsh ? "git@gitlab.com:/steveeJ/dotfiles.git",
repoBareLocal = pkgs.runCommand "fetchbare" { ...
}: let
repoBareLocal =
pkgs.runCommand "fetchbare"
{
outputHashMode = "recursive"; outputHashMode = "recursive";
outputHashAlgo = "sha256"; outputHashAlgo = "sha256";
outputHash = "0000000000000000000000000000000000000000000000000000"; outputHash = "0000000000000000000000000000000000000000000000000000";
@ -14,8 +18,8 @@ let
${pkgs.git}/bin/git clone --mirror ${repoHttps} $out ${pkgs.git}/bin/git clone --mirror ${repoHttps} $out
) )
''; '';
in
in pkgs.writeScript "activation-script" '' pkgs.writeScript "activation-script" ''
export HOST=$(hostname -s) export HOST=$(hostname -s)
function set_remotes { function set_remotes {

11
nix/home-manager/profiles/nix-channels.nix
View file

@ -1,11 +1,12 @@
{ pkgs, config, ... }: {
pkgs,
let config,
...
}: let
in { in {
home.file.".nix-channels".text = ""; home.file.".nix-channels".text = "";
home.activation.removeExistingNixChannels = home.activation.removeExistingNixChannels = config.lib.dag.entryBefore ["checkLinkTargets"] ''
config.lib.dag.entryBefore [ "checkLinkTargets" ] ''
$DRY_RUN_CMD ${ $DRY_RUN_CMD ${
pkgs.writeScript "activation-script" '' pkgs.writeScript "activation-script" ''
set -ex set -ex

17
nix/home-manager/profiles/qtile-desktop.nix
View file

@ -1,6 +1,4 @@
{ pkgs, ... }: {pkgs, ...}: let
let
passwords = import ../../variables/passwords.crypt.nix; passwords = import ../../variables/passwords.crypt.nix;
inherit (import ../lib.nix {}) mkSimpleTrayService; inherit (import ../lib.nix {}) mkSimpleTrayService;
@ -251,7 +249,6 @@ let
def print_new_window(window): def print_new_window(window):
print("new window: ", window) print("new window: ", window)
''; '';
in { in {
systemd.user = { systemd.user = {
startServices = true; startServices = true;
@ -310,7 +307,8 @@ in {
{ {
trigger = ":vpos"; trigger = ":vpos";
replace = "{{output}}"; replace = "{{output}}";
vars = [{ vars = [
{
name = "output"; name = "output";
type = "script"; type = "script";
params = { params = {
@ -329,12 +327,14 @@ in {
'') '')
]; ];
}; };
}]; }
];
} }
{ {
trigger = ":vtit"; trigger = ":vtit";
replace = "{{output}}"; replace = "{{output}}";
vars = [{ vars = [
{
name = "output"; name = "output";
type = "script"; type = "script";
params = { params = {
@ -343,7 +343,8 @@ in {
"${playerctl} metadata title") "${playerctl} metadata title")
]; ];
}; };
}]; }
];
} }
{ {
trigger = ":dunno"; trigger = ":dunno";

5
nix/home-manager/programs/chromium.nix
View file

@ -1,6 +1,4 @@
{ ... }: {...}: {
{
programs.chromium = {enable = true;}; programs.chromium = {enable = true;};
programs.brave = {enable = true;}; programs.brave = {enable = true;};
@ -14,4 +12,3 @@
programs.browserpass = {browsers = ["chromium" "brave"];}; programs.browserpass = {browsers = ["chromium" "brave"];};
} }

12
nix/home-manager/programs/emacs.nix
View file

@ -1,6 +1,4 @@
{ pkgs, ... }: {pkgs, ...}: {
{
programs.emacs = { programs.emacs = {
enable = true; enable = true;
extraPackages = epkgs: extraPackages = epkgs:
@ -10,12 +8,14 @@
zerodark-theme # ; Nicolas' theme zerodark-theme # ; Nicolas' theme
undo-tree # ; <C-x u> to show the undo tree undo-tree # ; <C-x u> to show the undo tree
# zoom-frm # ; increase/decrease font size for all buffers %lt;C-x C-+> # zoom-frm # ; increase/decrease font size for all buffers %lt;C-x C-+>
]) ++ (with epkgs.melpaPackages; [ evil ]) ++ (with epkgs.elpaPackages; [ ])
++ (with epkgs.melpaPackages; [evil])
++ (with epkgs.elpaPackages; [
auctex # ; LaTeX mode auctex # ; LaTeX mode
beacon # ; highlight my cursor when scrolling beacon # ; highlight my cursor when scrolling
nameless # ; hide current package name everywhere in elisp code nameless # ; hide current package name everywhere in elisp code
]) ++ (with pkgs; ])
[ ++ (with pkgs; [
pkgs.notmuch # From main packages set pkgs.notmuch # From main packages set
]); ]);
}; };

8
nix/home-manager/programs/firefox.nix
View file

@ -1,6 +1,4 @@
{ pkgs, ... }: {pkgs, ...}: {
{
programs.firefox = {enable = true;}; programs.firefox = {enable = true;};
programs.browserpass = { programs.browserpass = {
@ -8,7 +6,5 @@
browsers = ["firefox"]; browsers = ["firefox"];
}; };
home.file.".mozilla/native-messaging-hosts/passff.json".source = home.file.".mozilla/native-messaging-hosts/passff.json".source = "${pkgs.passff-host}/share/passff-host/passff.json";
"${pkgs.passff-host}/share/passff-host/passff.json";
} }

4
nix/home-manager/programs/holochain-launcher.nix
View file

@ -1,5 +1,3 @@
{ pkgs, ... }: {pkgs, ...}: {
{
home.packages = [pkgs.holochain-launcher]; home.packages = [pkgs.holochain-launcher];
} }

13
nix/home-manager/programs/homeshick.nix
View file

@ -1,13 +1,13 @@
{ pkgs, config, ... }: {
pkgs,
let config,
...
}: let
# TODO: clean up the impurity in here # TODO: clean up the impurity in here
in { in {
home.sessionVariables = {HOMESHICK_DIR = "${pkgs.homeshick}";}; home.sessionVariables = {HOMESHICK_DIR = "${pkgs.homeshick}";};
home.activation.bootstrapRepos = home.activation.bootstrapRepos = config.lib.dag.entryAfter ["writeBoundary"] ''
config.lib.dag.entryAfter [ "writeBoundary" ] ''
$DRY_RUN_CMD ${ $DRY_RUN_CMD ${
pkgs.writeScript "activation-script" '' pkgs.writeScript "activation-script" ''
set -e set -e
@ -25,7 +25,6 @@ in {
''; '';
nixpkgs.config = { nixpkgs.config = {
packageOverrides = pkgs: packageOverrides = pkgs:
with pkgs; { with pkgs; {
homeshick = builtins.fetchGit { homeshick = builtins.fetchGit {

4
nix/home-manager/programs/libreoffice.nix
View file

@ -1,6 +1,4 @@
{ pkgs, ... }: {pkgs, ...}: {
{
home.sessionVariables = { home.sessionVariables = {
# Workaround for Libreoffice to force gtk3 # Workaround for Libreoffice to force gtk3
SAL_USE_VCLPLUGIN = "gtk3"; SAL_USE_VCLPLUGIN = "gtk3";

10
nix/home-manager/programs/neovim.nix
View file

@ -1,14 +1,11 @@
{ pkgs, ... }: {pkgs, ...}: let
let
in { in {
home.sessionVariables = {EDITOR = "nvim";}; home.sessionVariables = {EDITOR = "nvim";};
programs.neovim = { programs.neovim = {
enable = true; enable = true;
extraPython3Packages = (ps: with ps; [ ]); extraPython3Packages = ps: with ps; [];
extraConfig = builtins.readFile ./neovim/vimrc; extraConfig = builtins.readFile ./neovim/vimrc;
@ -77,7 +74,8 @@ in {
}; };
}; };
} }
] ++ (with pkgs.vimPlugins; [ ]
++ (with pkgs.vimPlugins; [
delimitMate delimitMate
vim-airline vim-airline
vim-airline-themes vim-airline-themes

8
nix/home-manager/programs/pass.nix
View file

@ -1,10 +1,7 @@
{ pkgs, ... }: {pkgs, ...}: {
{
home.sessionVariables = { home.sessionVariables = {
# required by pass-otp # required by pass-otp
PASSWORD_STORE_EXTENSIONS_DIR = PASSWORD_STORE_EXTENSIONS_DIR = "$HOME/.nix-profile/lib/password-store/extensions";
"$HOME/.nix-profile/lib/password-store/extensions";
PASSWORD_STORE_ENABLE_EXTENSIONS = "true"; PASSWORD_STORE_ENABLE_EXTENSIONS = "true";
}; };
@ -12,4 +9,3 @@
home.packages = with pkgs; [pass qtpass rofi-pass gnupg]; home.packages = with pkgs; [pass qtpass rofi-pass gnupg];
} }

7
nix/home-manager/programs/podman.nix
View file

@ -1,6 +1,4 @@
{ pkgs, ... }: {pkgs, ...}: let
let
cniConfigDir = let cniConfigDir = let
loopback = pkgs.writeText "00-loopback.conf" '' loopback = pkgs.writeText "00-loopback.conf" ''
{ {
@ -36,7 +34,8 @@ let
] ]
} }
''; '';
in pkgs.runCommand "cniConfig" { } '' in
pkgs.runCommand "cniConfig" {} ''
set -x set -x
mkdir $out; mkdir $out;
ln -s ${loopback} $out/${loopback.name} ln -s ${loopback} $out/${loopback.name}

12
nix/home-manager/programs/radicale.nix
View file

@ -1,6 +1,9 @@
{ config, pkgs, lib, ... }: {
config,
let pkgs,
lib,
...
}: let
passwords = import ../../variables/passwords.crypt.nix; passwords = import ../../variables/passwords.crypt.nix;
libdecsync = pkgs.python3Packages.buildPythonPackage rec { libdecsync = pkgs.python3Packages.buildPythonPackage rec {
@ -25,7 +28,8 @@ let
propagatedBuildInputs = [libdecsync pkgs.python3Packages.setuptools]; propagatedBuildInputs = [libdecsync pkgs.python3Packages.setuptools];
}; };
radicale-decsync = pkgs.radicale.overrideAttrs (old: { radicale-decsync = pkgs.radicale.overrideAttrs (old: {
propagatedBuildInputs = old.propagatedBuildInputs propagatedBuildInputs =
old.propagatedBuildInputs
++ [radicale-storage-decsync]; ++ [radicale-storage-decsync];
}); });
radicale-config = pkgs.writeText "radicale-config" '' radicale-config = pkgs.writeText "radicale-config" ''

13
nix/home-manager/programs/vscode/default.nix
View file

@ -1,6 +1,4 @@
{ pkgs, ... }: {pkgs, ...}: let
let
packagedExtensions = with pkgs.vscode-extensions; [ packagedExtensions = with pkgs.vscode-extensions; [
# bbenoist.Nix # bbenoist.Nix
ms-vscode-remote.remote-ssh ms-vscode-remote.remote-ssh
@ -462,24 +460,22 @@ let
sha256 = "1jmmbz3i0hxq5ka4rsk07mynxh3pkh5g736d9ryv1czhnrb06lwf"; sha256 = "1jmmbz3i0hxq5ka4rsk07mynxh3pkh5g736d9ryv1czhnrb06lwf";
} }
]; ];
in { in {
programs.vscode = { programs.vscode = {
enable = true; enable = true;
extensions = [ ] ++ packagedExtensions extensions =
[] ++ packagedExtensions
# ++ marketPlaceExtensions # ++ marketPlaceExtensions
; ;
}; };
home.packages = [ pkgs.nixpkgs-fmt pkgs.nixfmt ]; home.packages = [pkgs.nixpkgs-fmt pkgs.alejandra];
} }
# TODO: automate # TODO: automate
# rustup install stable # rustup install stable
# rustup component add rust-analysis --toolchain stable # rustup component add rust-analysis --toolchain stable
# rustup component add rust-src --toolchain stable # rustup component add rust-src --toolchain stable
# rustup component add rls --toolchain stable # rustup component add rls --toolchain stable
### original list: ### original list:
# 74th.Theme-NaturalContrast-With-HC # 74th.Theme-NaturalContrast-With-HC
# AlanWalk.markdown-toc # AlanWalk.markdown-toc
@ -553,3 +549,4 @@ in {
# xyz.plsql-language # xyz.plsql-language
# yzane.markdown-pdf # yzane.markdown-pdf
# zxh404.vscode-proto3 # zxh404.vscode-proto3

23
nix/home-manager/programs/zsh.nix
View file

@ -1,8 +1,4 @@
{ pkgs }: {pkgs}: {...}: let
{ ... }:
let
just-plugin = let just-plugin = let
plugin_file = pkgs.writeText "_just" '' plugin_file = pkgs.writeText "_just" ''
#compdef just #compdef just
@ -22,8 +18,8 @@ let
_describe 'command' subcmds _describe 'command' subcmds
''; '';
in
in pkgs.stdenv.mkDerivation { pkgs.stdenv.mkDerivation {
name = "just-completions"; name = "just-completions";
version = "0.1.0"; version = "0.1.0";
phases = "installPhase"; phases = "installPhase";
@ -34,7 +30,6 @@ let
chmod --recursive a-w $out chmod --recursive a-w $out
''; '';
}; };
in { in {
programs.zsh = { programs.zsh = {
enable = true; enable = true;
@ -42,7 +37,8 @@ in {
# will be called again by oh-my-zsh # will be called again by oh-my-zsh
enableCompletion = false; enableCompletion = false;
enableAutosuggestions = true; enableAutosuggestions = true;
initExtra = let inNixShell = ''$([[ -n "$IN_NIX_SHELL" ]] && printf " 🐚")''; initExtra = let
inNixShell = ''$([[ -n "$IN_NIX_SHELL" ]] && printf " 🐚")'';
in '' in ''
PROMPT='%F{%(!.red.green)}%n%f@%m %(?.%F{green}%f.%F{red} ($?%))%f %F{blue}%~%f${inNixShell}%F{magenta}$(git_prompt_info)%f$prompt_newline%_%F{%(!.red.green)}$(prompt_char)%f ' PROMPT='%F{%(!.red.green)}%n%f@%m %(?.%F{green}%f.%F{red} ($?%))%f %F{blue}%~%f${inNixShell}%F{magenta}$(git_prompt_info)%f$prompt_newline%_%F{%(!.red.green)}$(prompt_char)%f '
RPROMPT="" RPROMPT=""
@ -54,11 +50,14 @@ in {
. $HOME/.shrc.d/sh_aliases . $HOME/.shrc.d/sh_aliases
fi fi
${if builtins.hasAttr "homeshick" pkgs then '' ${
if builtins.hasAttr "homeshick" pkgs
then ''
source ${pkgs.homeshick}/homeshick.sh source ${pkgs.homeshick}/homeshick.sh
fpath=(${pkgs.homeshick}/completions $fpath) fpath=(${pkgs.homeshick}/completions $fpath)
'' else ''
""} else ""
}
# Disable intercepting of ctrl-s and ctrl-q as flow control. # Disable intercepting of ctrl-s and ctrl-q as flow control.
stty stop ''' -ixoff -ixon stty stop ''' -ixoff -ixon

11
nix/ops/nano/configuration.nix
View file

@ -1,11 +1,13 @@
# Edit this configuration file to define what should be installed on # Edit this configuration file to define what should be installed on
# your system. Help is available in the configuration.nix(5) man page # your system. Help is available in the configuration.nix(5) man page
# and in the NixOS manual (accessible by running nixos-help). # and in the NixOS manual (accessible by running nixos-help).
{ n, pkgs, ... }:
{ {
imports = [ # Include the results of the hardware scan. n,
pkgs,
...
}: {
imports = [
# Include the results of the hardware scan.
./hardware-configuration.nix ./hardware-configuration.nix
]; ];
@ -60,5 +62,4 @@
# The NixOS release to be compatible with for stateful data such as databases. # The NixOS release to be compatible with for stateful data such as databases.
system.stateVersion = "16.03"; system.stateVersion = "16.03";
} }

10
nix/ops/nano/hardware-configuration.nix
View file

@ -1,13 +1,15 @@
# Do not modify this file! It was generated by nixos-generate-config # Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes # and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead. # to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, ... }:
{ {
config,
lib,
pkgs,
...
}: {
imports = [<nixpkgs/nixos/modules/installer/scan/not-detected.nix>]; imports = [<nixpkgs/nixos/modules/installer/scan/not-detected.nix>];
boot.initrd.availableKernelModules = boot.initrd.availableKernelModules = ["xhci_pci" "ehci_pci" "ahci" "usb_storage" "usbhid" "sd_mod"];
[ "xhci_pci" "ehci_pci" "ahci" "usb_storage" "usbhid" "sd_mod" ];
boot.kernelModules = ["kvm-intel"]; boot.kernelModules = ["kvm-intel"];
boot.extraModulePackages = []; boot.extraModulePackages = [];

12
nix/ops/nanos@kn.nix
View file

@ -1,7 +1,7 @@
{ nixpkgs ? import <nixpkgs> { }, nrNanos ? 1 # Number of nanos {
}: nixpkgs ? import <nixpkgs> {},
nrNanos ? 1, # Number of nanos
let }: let
pkgs = nixpkgs; pkgs = nixpkgs;
webserver = { webserver = {
services.httpd.enable = true; services.httpd.enable = true;
@ -21,5 +21,5 @@ let
mkNanos = n: mkNanos = n:
nixpkgs.lib.nameValuePair "nano${toString n}" (mkNano {inherit n;}); nixpkgs.lib.nameValuePair "nano${toString n}" (mkNano {inherit n;});
in
in nixpkgs.lib.listToAttrs (map mkNanos (nixpkgs.lib.range 0 (nrNanos - 1))) nixpkgs.lib.listToAttrs (map mkNanos (nixpkgs.lib.range 0 (nrNanos - 1)))

28
nix/os/containers/backup-target.nix
View file

@ -1,6 +1,16 @@
{ hostAddress, localAddress, containerBackupCfg {
, sshPort ? containerBackupCfg.portInt, autoStart ? false }: { hostAddress,
config = { config, pkgs, lib, ... }: { localAddress,
containerBackupCfg,
sshPort ? containerBackupCfg.portInt,
autoStart ? false,
}: {
config = {
config,
pkgs,
lib,
...
}: {
system.stateVersion = "22.05"; # Did you read the comment? system.stateVersion = "22.05"; # Did you read the comment?
imports = [../profiles/containers/configuration.nix]; imports = [../profiles/containers/configuration.nix];
@ -30,7 +40,8 @@
security.sudo = { security.sudo = {
enable = true; enable = true;
extraRules = [{ extraRules = [
{
users = ["bkp"]; users = ["bkp"];
commands = [ commands = [
{ {
@ -46,7 +57,8 @@
options = ["NOPASSWD"]; options = ["NOPASSWD"];
} }
]; ];
}]; }
];
}; };
}; };
@ -62,12 +74,14 @@
extraFlags = ["--resolv-conf=bind-host"]; extraFlags = ["--resolv-conf=bind-host"];
privateNetwork = true; privateNetwork = true;
forwardPorts = [{ forwardPorts = [
{
# ssh # ssh
containerPort = 22; containerPort = 22;
hostPort = sshPort; hostPort = sshPort;
protocol = "tcp"; protocol = "tcp";
}]; }
];
inherit hostAddress localAddress; inherit hostAddress localAddress;
} }

19
nix/os/containers/backup.nix
View file

@ -1,10 +1,13 @@
{ config, hostAddress, localAddress, subvolumes, targetPathSuffix ? "" {
, autoStart ? false }: config,
hostAddress,
let localAddress,
subvolumes,
targetPathSuffix ? "",
autoStart ? false,
}: let
passwords = import ../../variables/passwords.crypt.nix; passwords = import ../../variables/passwords.crypt.nix;
subvolumeParentDir = "/var/lib/container-volumes"; subvolumeParentDir = "/var/lib/container-volumes";
in { in {
config = {pkgs, ...}: { config = {pkgs, ...}: {
system.stateVersion = "20.03"; # Did you read the comment? system.stateVersion = "20.03"; # Did you read the comment?
@ -104,10 +107,12 @@ in {
}; };
}; };
allowedDevices = [{ allowedDevices = [
{
node = "/dev/fuse"; node = "/dev/fuse";
modifier = "rw"; modifier = "rw";
}]; }
];
extraFlags = ["--resolv-conf=bind-host"]; extraFlags = ["--resolv-conf=bind-host"];

21
nix/os/containers/ipxe.nix
View file

@ -1,8 +1,17 @@
{ hostAddress, localAddress, httpPort ? 80, httpsPort ? 443 }: {
hostAddress,
let passwords = import ../../variables/passwords.crypt.nix; localAddress,
httpPort ? 80,
httpsPort ? 443,
}: let
passwords = import ../../variables/passwords.crypt.nix;
in { in {
config = { config, pkgs, lib, ... }: { config = {
config,
pkgs,
lib,
...
}: {
imports = [../profiles/containers/configuration.nix]; imports = [../profiles/containers/configuration.nix];
networking.firewall.enable = false; networking.firewall.enable = false;
@ -63,7 +72,6 @@ in {
proxyPass = "http://127.0.0.1:3000/socket.io/"; proxyPass = "http://127.0.0.1:3000/socket.io/";
proxyWebsockets = true; proxyWebsockets = true;
}; };
}; };
services.phpfpm.pools.mypool = { services.phpfpm.pools.mypool = {
@ -78,8 +86,7 @@ in {
"pm.max_spare_servers" = 3; "pm.max_spare_servers" = 3;
"pm.max_requests" = 500; "pm.max_requests" = 500;
"php_admin_value[error_reporting]" = "php_admin_value[error_reporting]" = "E_ALL & ~E_NOTICE & ~E_WARNING & ~E_STRICT & ~E_DEPRECATED";
"E_ALL & ~E_NOTICE & ~E_WARNING & ~E_STRICT & ~E_DEPRECATED";
}; };
}; };

18
nix/os/containers/mailserver.nix
View file

@ -1,15 +1,16 @@
{ hostAddress, localAddress, imapsPort ? 993, sievePort ? 4190 {
, autoStart ? false }: hostAddress,
localAddress,
let passwords = import ../../variables/passwords.crypt.nix; imapsPort ? 993,
sievePort ? 4190,
autoStart ? false,
}: let
passwords = import ../../variables/passwords.crypt.nix;
in { in {
config = {pkgs, ...}: { config = {pkgs, ...}: {
system.stateVersion = "21.11"; # Did you read the comment? system.stateVersion = "21.11"; # Did you read the comment?
imports = imports = [../profiles/containers/configuration.nix ../profiles/common/user.nix];
[ ../profiles/containers/configuration.nix ../profiles/common/user.nix ];
networking.firewall.enable = false; networking.firewall.enable = false;
@ -51,7 +52,6 @@ in {
mail_max_userip_connections = 64 mail_max_userip_connections = 64
} }
''; '';
}; };
environment.etc."dovecot/users".text = '' environment.etc."dovecot/users".text = ''

16
nix/os/containers/syncthing.nix
View file

@ -1,9 +1,15 @@
{ hostAddress, localAddress, syncthingPort ? 22000
, syncthingLocalAnnouncePort ? 21027, autoStart ? false }:
{ {
hostAddress,
config = { config, pkgs, ... }: { localAddress,
syncthingPort ? 22000,
syncthingLocalAnnouncePort ? 21027,
autoStart ? false,
}: {
config = {
config,
pkgs,
...
}: {
system.stateVersion = "20.05"; # Did you read the comment? system.stateVersion = "20.05"; # Did you read the comment?
imports = [../profiles/containers/configuration.nix]; imports = [../profiles/containers/configuration.nix];

23
nix/os/containers/webserver.nix
View file

@ -1,9 +1,18 @@
{ hostAddress, localAddress, httpPort ? 80, httpsPort ? 443, autoStart ? false {
}: hostAddress,
localAddress,
let passwords = import ../../variables/passwords.crypt.nix; httpPort ? 80,
httpsPort ? 443,
autoStart ? false,
}: let
passwords = import ../../variables/passwords.crypt.nix;
in { in {
config = { config, pkgs, lib, ... }: { config = {
config,
pkgs,
lib,
...
}: {
system.stateVersion = "22.05"; # Did you read the comment? system.stateVersion = "22.05"; # Did you read the comment?
imports = [../profiles/containers/configuration.nix]; imports = [../profiles/containers/configuration.nix];
@ -66,7 +75,6 @@ in {
proxyPass = "http://127.0.0.1:3000/socket.io/"; proxyPass = "http://127.0.0.1:3000/socket.io/";
proxyWebsockets = true; proxyWebsockets = true;
}; };
}; };
services.phpfpm.pools.mypool = { services.phpfpm.pools.mypool = {
@ -81,8 +89,7 @@ in {
"pm.max_spare_servers" = 3; "pm.max_spare_servers" = 3;
"pm.max_requests" = 500; "pm.max_requests" = 500;
"php_admin_value[error_reporting]" = "php_admin_value[error_reporting]" = "E_ALL & ~E_NOTICE & ~E_WARNING & ~E_STRICT & ~E_DEPRECATED";
"E_ALL & ~E_NOTICE & ~E_WARNING & ~E_STRICT & ~E_DEPRECATED";
}; };
}; };

4
nix/os/devices/167.233.1.14/boot.nix
View file

@ -1,6 +1,4 @@
{ lib, ... }: {lib, ...}: {
{
boot.loader.grub.efiSupport = lib.mkForce false; boot.loader.grub.efiSupport = lib.mkForce false;
boot.extraModulePackages = []; boot.extraModulePackages = [];
} }

4
nix/os/devices/167.233.1.14/configuration.nix
View file

@ -1,6 +1,4 @@
{ ... }: {...}: {
{
disabledModules = []; disabledModules = [];
imports = [ imports = [
../../profiles/common/configuration.nix ../../profiles/common/configuration.nix

8
nix/os/devices/167.233.1.14/hw.nix
View file

@ -1,6 +1,4 @@
{ ... }: {...}: let
let
stage1Modules = [ stage1Modules = [
"virtio_balloon" "virtio_balloon"
"virtio_scsi" "virtio_scsi"
@ -17,7 +15,6 @@ let
"pata_acpi" "pata_acpi"
"ata_generic" "ata_generic"
]; ];
in { in {
fileSystems."/boot" = { fileSystems."/boot" = {
device = "/dev/disk/by-uuid/354fb107-2f4a-42ad-80dd-9dddb61bfd02"; device = "/dev/disk/by-uuid/354fb107-2f4a-42ad-80dd-9dddb61bfd02";
@ -38,8 +35,7 @@ in {
neededForBoot = true; neededForBoot = true;
}; };
swapDevices = swapDevices = [{device = "/dev/disk/by-uuid/d16b5f4a-f38c-41c6-8aae-1625be815f9d";}];
[{ device = "/dev/disk/by-uuid/d16b5f4a-f38c-41c6-8aae-1625be815f9d"; }];
boot.loader.grub = {device = "/dev/vda";}; boot.loader.grub = {device = "/dev/vda";};

22
nix/os/devices/167.233.1.14/pkg.nix
View file

@ -1,14 +1,18 @@
{ config, pkgs, lib, ... }:
{ {
config,
pkgs,
lib,
...
}: {
nixpkgs.config.packageOverrides = pkgs: nixpkgs.config.packageOverrides = pkgs:
with pkgs; { with pkgs; {
nixPath = (import ../../../default.nix { nixPath =
(import ../../../default.nix {
versionsPath = ./versions.nix; versionsPath = ./versions.nix;
}).nixPath; })
.nixPath;
}; };
home-manager.users.steveej = home-manager.users.steveej = import ../../../home-manager/configuration/text-minimal.nix {
import ../../../home-manager/configuration/text-minimal.nix {
inherit pkgs; inherit pkgs;
extraPackages = [ extraPackages = [
# required by vscode's remote-ssh plugin # required by vscode's remote-ssh plugin
@ -20,10 +24,12 @@
]; ];
}; };
nix.buildMachines = [{ nix.buildMachines = [
{
hostName = "localhost"; hostName = "localhost";
system = "x86_64-linux"; system = "x86_64-linux";
supportedFeatures = ["kvm" "nixos-test" "big-parallel" "benchmark"]; supportedFeatures = ["kvm" "nixos-test" "big-parallel" "benchmark"];
maxJobs = 4; maxJobs = 4;
}]; }
];
} }

17
nix/os/devices/167.233.1.14/system.nix
View file

@ -1,7 +1,10 @@
{ pkgs, lib, config, ... }: {
pkgs,
let keys = import ../../../variables/keys.nix; lib,
config,
...
}: let
keys = import ../../../variables/keys.nix;
in { in {
nix.binaryCaches = ["https://cache.holo.host"]; nix.binaryCaches = ["https://cache.holo.host"];
@ -26,10 +29,12 @@ in {
networking.interfaces.eth0 = { networking.interfaces.eth0 = {
mtu = 1400; mtu = 1400;
useDHCP = false; useDHCP = false;
ipv4.addresses = [{ ipv4.addresses = [
{
"address" = "167.233.1.14"; "address" = "167.233.1.14";
"prefixLength" = 29; "prefixLength" = 29;
}]; }
];
ipv6.addresses = []; ipv6.addresses = [];
}; };

1
nix/os/devices/167.233.1.14/versions.nix
View file

@ -4,7 +4,6 @@ let
ref = "nixos-21.11"; ref = "nixos-21.11";
rev = "e34c5379866833f41e2a36f309912fa675d687c7"; rev = "e34c5379866833f41e2a36f309912fa675d687c7";
}; };
in { in {
inherit nixpkgs; inherit nixpkgs;
"channels-nixos-stable" = nixpkgs; "channels-nixos-stable" = nixpkgs;

1
nix/os/devices/167.233.1.14/versions.tmpl.nix
View file

@ -6,7 +6,6 @@ let
<% git ls-remote https://github.com/nixos/nixpkgs nixos-21.11 | awk '{ print $1 }' | tr -d ' <% git ls-remote https://github.com/nixos/nixpkgs nixos-21.11 | awk '{ print $1 }' | tr -d '
' -%>''; ' -%>'';
}; };
in { in {
inherit nixpkgs; inherit nixpkgs;
"channels-nixos-stable" = nixpkgs; "channels-nixos-stable" = nixpkgs;

47
nix/os/devices/default.nix
View file

@ -1,15 +1,20 @@
{ dir, pkgs ? import <channels-nixos-stable> { } {
, ownLib ? import ../lib/default.nix { }, gitRoot ? dir,
"$(git rev-parse --show-toplevel)" pkgs ? import <channels-nixos-stable> {},
ownLib ? import ../lib/default.nix {},
gitRoot ? "$(git rev-parse --show-toplevel)",
# FIXME: why do these need explicit mentioning? # FIXME: why do these need explicit mentioning?
, moreargs ? "", rebuildarg ? "", ... }@args: moreargs ? "",
rebuildarg ? "",
let ...
} @ args: let
rebuildargsSudo = ["switch" "boot"]; rebuildargsSudo = ["switch" "boot"];
rebuild = { gitRoot, rebuildarg ? "dry-activate", moreargs ? "" rebuild = {
gitRoot,
, ... }: rebuildarg ? "dry-activate",
moreargs ? "",
...
}:
pkgs.writeScript "script" '' pkgs.writeScript "script" ''
#!/usr/bin/env bash #!/usr/bin/env bash
set -xe set -xe
@ -23,17 +28,20 @@ let
rm result rm result
fi fi
${if (builtins.elem rebuildarg rebuildargsSudo) ${
&& (builtins.match ".*--target-host.*" moreargs) == null then if
"sudo -E \\" (builtins.elem rebuildarg rebuildargsSudo)
else && (builtins.match ".*--target-host.*" moreargs) == null
""} then "sudo -E \\"
else ""
}
nixos-rebuild --show-trace -I nixos-config=''${NIXOS_CONFIG} ${rebuildarg} ${moreargs} nixos-rebuild --show-trace -I nixos-config=''${NIXOS_CONFIG} ${rebuildarg} ${moreargs}
''; '';
in { in {
recipes = { recipes =
rebuild = rebuild { {
rebuild =
rebuild {
inherit gitRoot; inherit gitRoot;
inherit moreargs; inherit moreargs;
inherit rebuildarg; inherit rebuildarg;
@ -41,5 +49,6 @@ in {
# // pkgs.lib.attrsets.optionalAttrs (moreargs != "") { inherit moreargs; } # // pkgs.lib.attrsets.optionalAttrs (moreargs != "") { inherit moreargs; }
# // pkgs.lib.attrsets.optionalAttrs (rebuildarg != "") { inherit rebuildarg; } # // pkgs.lib.attrsets.optionalAttrs (rebuildarg != "") { inherit rebuildarg; }
; ;
} // (import ./disk.nix (args // { inherit pkgs ownLib gitRoot; })); }
// (import ./disk.nix (args // {inherit pkgs ownLib gitRoot;}));
} }

27
nix/os/devices/disk.nix
View file

@ -1,13 +1,24 @@
{ pkgs, ownLib, dir, gitRoot, diskId ? {
pkgs,
ownLib,
dir,
gitRoot,
diskId ?
(import ((builtins.getEnv "PWD") + "/${dir}/hw.nix") (import ((builtins.getEnv "PWD") + "/${dir}/hw.nix")
{ }).hardware.opinionatedDisk.diskId, encrypted ? {})
.hardware
.opinionatedDisk
.diskId,
encrypted ?
(import ((builtins.getEnv "PWD") + "/${dir}/hw.nix") (import ((builtins.getEnv "PWD") + "/${dir}/hw.nix")
{ }).hardware.opinionatedDisk.encrypted, previousDiskId ? "" {})
.hardware
, ... }: .opinionatedDisk
.encrypted,
let mntRootVol = "/mnt/${diskId}-root"; previousDiskId ? "",
...
}: let
mntRootVol = "/mnt/${diskId}-root";
in rec { in rec {
diskMount = pkgs.writeScript "script" '' diskMount = pkgs.writeScript "script" ''
#!/usr/bin/env bash #!/usr/bin/env bash

4
nix/os/devices/elias-e525/boot.nix
View file

@ -1,6 +1,4 @@
{ lib, ... }: {lib, ...}: {
{
boot.loader.grub.efiInstallAsRemovable = lib.mkForce true; boot.loader.grub.efiInstallAsRemovable = lib.mkForce true;
boot.loader.efi.canTouchEfiVariables = lib.mkForce false; boot.loader.efi.canTouchEfiVariables = lib.mkForce false;
} }

4
nix/os/devices/elias-e525/configuration.nix
View file

@ -1,6 +1,4 @@
{ ... }: {...}: {
{
imports = [ imports = [
../../profiles/common/configuration.nix ../../profiles/common/configuration.nix
../../profiles/graphical/configuration.nix ../../profiles/graphical/configuration.nix

4
nix/os/devices/elias-e525/hw.nix
View file

@ -1,6 +1,4 @@
{ ... }: {...}: {
{
# TASK: new device # TASK: new device
hardware.opinionatedDisk = { hardware.opinionatedDisk = {
enable = true; enable = true;

15
nix/os/devices/elias-e525/pkg.nix
View file

@ -1,6 +1,8 @@
{ pkgs, lib, ... }: {
pkgs,
let lib,
...
}: let
homeEnv = keyboard: { homeEnv = keyboard: {
imports = [ imports = [
(import ../../../home-manager/configuration/graphical-gnome3.nix { (import ../../../home-manager/configuration/graphical-gnome3.nix {
@ -18,13 +20,14 @@ let
jitsi jitsi
]; ];
}; };
in { in {
nixpkgs.config.packageOverrides = pkgs: nixpkgs.config.packageOverrides = pkgs:
with pkgs; { with pkgs; {
nixPath = (import ../../../default.nix { nixPath =
(import ../../../default.nix {
versionsPath = ./versions.nix; versionsPath = ./versions.nix;
}).nixPath; })
.nixPath;
}; };
services.gnome = builtins.mapAttrs (attr: value: lib.mkForce value) { services.gnome = builtins.mapAttrs (attr: value: lib.mkForce value) {

13
nix/os/devices/elias-e525/system.nix
View file

@ -1,7 +1,9 @@
{ pkgs, lib, config, ... }: {
pkgs,
let lib,
config,
...
}: let
in { in {
# TASK: new device # TASK: new device
networking.hostName = "elias-e525"; # Define your hostname. networking.hostName = "elias-e525"; # Define your hostname.
@ -41,8 +43,7 @@ in {
# udev.packages = [ pkgs.gnome3.gnome-settings-daemon ]; # udev.packages = [ pkgs.gnome3.gnome-settings-daemon ];
}; };
security.pki.certificateFiles = security.pki.certificateFiles = ["${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt"];
[ "${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt" ];
services.xserver.videoDrivers = ["modesetting"]; services.xserver.videoDrivers = ["modesetting"];

9
nix/os/devices/elias-e525/user.nix
View file

@ -1,10 +1,11 @@
{ config, pkgs, ... }: {
config,
let pkgs,
...
}: let
passwords = import ../../../variables/passwords.crypt.nix; passwords = import ../../../variables/passwords.crypt.nix;
keys = import ../../../variables/keys.nix; keys = import ../../../variables/keys.nix;
inherit (import ../../lib/default.nix {}) mkUser; inherit (import ../../lib/default.nix {}) mkUser;
in { in {
users.extraUsers.elias = mkUser { users.extraUsers.elias = mkUser {
uid = 1001; uid = 1001;

1
nix/os/devices/elias-e525/versions.nix
View file

@ -4,7 +4,6 @@ let
ref = "nixos-21.11"; ref = "nixos-21.11";
rev = "386234e2a61e1e8acf94dfa3a3d3ca19a6776efb"; rev = "386234e2a61e1e8acf94dfa3a3d3ca19a6776efb";
}; };
in { in {
inherit nixpkgs; inherit nixpkgs;
nixos = nixpkgs // {suffix = "/nixos";}; nixos = nixpkgs // {suffix = "/nixos";};

1
nix/os/devices/elias-e525/versions.tmpl.nix
View file

@ -6,7 +6,6 @@ let
<% git ls-remote https://github.com/nixos/nixpkgs nixos-21.11 | awk '{ print $1 }' | tr -d ' <% git ls-remote https://github.com/nixos/nixpkgs nixos-21.11 | awk '{ print $1 }' | tr -d '
' -%>''; ' -%>'';
}; };
in { in {
inherit nixpkgs; inherit nixpkgs;
nixos = nixpkgs // {suffix = "/nixos";}; nixos = nixpkgs // {suffix = "/nixos";};

4
nix/os/devices/fwhost1/boot.nix
View file

@ -1,6 +1,4 @@
{ lib, ... }: {lib, ...}: {
{
boot.loader.grub.efiInstallAsRemovable = lib.mkForce true; boot.loader.grub.efiInstallAsRemovable = lib.mkForce true;
boot.loader.efi.canTouchEfiVariables = lib.mkForce false; boot.loader.efi.canTouchEfiVariables = lib.mkForce false;
} }

4
nix/os/devices/fwhost1/configuration.nix
View file

@ -1,6 +1,4 @@
{ ... }: {...}: {
{
imports = [ imports = [
../../profiles/common/configuration.nix ../../profiles/common/configuration.nix
../../modules/opinionatedDisk.nix ../../modules/opinionatedDisk.nix

5
nix/os/devices/fwhost1/hw.nix
View file

@ -1,7 +1,4 @@
{ ... }: {...}: let
let
in { in {
# TASK: new device # TASK: new device
hardware.opinionatedDisk = { hardware.opinionatedDisk = {

13
nix/os/devices/fwhost1/pkg.nix
View file

@ -1,14 +1,13 @@
{ pkgs, ... }: {pkgs, ...}: {
{
nixpkgs.config.packageOverrides = pkgs: nixpkgs.config.packageOverrides = pkgs:
with pkgs; { with pkgs; {
nixPath = (import ../../../default.nix { nixPath =
(import ../../../default.nix {
versionsPath = ./versions.nix; versionsPath = ./versions.nix;
}).nixPath; })
.nixPath;
}; };
home-manager.users.steveej = home-manager.users.steveej = import ../../../home-manager/configuration/text-minimal.nix {
import ../../../home-manager/configuration/text-minimal.nix {
inherit pkgs; inherit pkgs;
}; };

29
nix/os/devices/fwhost1/system.nix
View file

@ -1,10 +1,12 @@
{ pkgs, lib, config, ... }: {
pkgs,
let lib,
config,
...
}: let
keys = import ../../../variables/keys.nix; keys = import ../../../variables/keys.nix;
passwords = import ../../../variables/passwords.crypt.nix; passwords = import ../../../variables/passwords.crypt.nix;
in { in {
# TASK: new device # TASK: new device
networking.hostName = "fwhost1"; # Define your hostname. networking.hostName = "fwhost1"; # Define your hostname.
@ -28,25 +30,31 @@ in {
# WAN interfaces, currently unused because the OPNsense guest acts as a router. # WAN interfaces, currently unused because the OPNsense guest acts as a router.
networking.vlans.wan1.id = 3; networking.vlans.wan1.id = 3;
networking.vlans.wan1.interface = "breth"; networking.vlans.wan1.interface = "breth";
networking.interfaces.wan1.ipv4.addresses = [{ networking.interfaces.wan1.ipv4.addresses = [
{
address = "192.168.0.15"; address = "192.168.0.15";
prefixLength = 24; prefixLength = 24;
}]; }
];
networking.vlans.wan2.id = 4; networking.vlans.wan2.id = 4;
networking.vlans.wan2.interface = "breth"; networking.vlans.wan2.interface = "breth";
networking.interfaces.wan2.ipv4.addresses = [{ networking.interfaces.wan2.ipv4.addresses = [
{
address = "172.16.0.15"; address = "172.16.0.15";
prefixLength = 12; prefixLength = 12;
}]; }
];
# Local interfaces, all accessed via VLAN tags on the main bridge # Local interfaces, all accessed via VLAN tags on the main bridge
networking.vlans.lan.id = 1; networking.vlans.lan.id = 1;
networking.vlans.lan.interface = "breth"; networking.vlans.lan.interface = "breth";
networking.interfaces.lan.ipv4.addresses = [{ networking.interfaces.lan.ipv4.addresses = [
{
address = "172.172.171.15"; address = "172.172.171.15";
prefixLength = 24; prefixLength = 24;
}]; }
];
networking.vlans.dmz.id = 5; networking.vlans.dmz.id = 5;
networking.vlans.dmz.interface = "breth"; networking.vlans.dmz.interface = "breth";
@ -77,4 +85,3 @@ in {
boot.kernelPackages = lib.mkForce pkgs.linuxPackages_latest; boot.kernelPackages = lib.mkForce pkgs.linuxPackages_latest;
} }

9
nix/os/devices/fwhost1/user.nix
View file

@ -1,8 +1,9 @@
{ config, pkgs, ... }: {
config,
let pkgs,
...
}: let
passwords = import ../../../variables/passwords.crypt.nix; passwords = import ../../../variables/passwords.crypt.nix;
keys = import ../../../variables/keys.nix; keys = import ../../../variables/keys.nix;
inherit (import ../../lib/default.nix {}) mkUser; inherit (import ../../lib/default.nix {}) mkUser;
in {} in {}

1
nix/os/devices/fwhost1/versions.nix
View file

@ -4,7 +4,6 @@ let
ref = "nixos-21.11"; ref = "nixos-21.11";
rev = "386234e2a61e1e8acf94dfa3a3d3ca19a6776efb"; rev = "386234e2a61e1e8acf94dfa3a3d3ca19a6776efb";
}; };
in { in {
inherit nixpkgs; inherit nixpkgs;
nixos = nixpkgs // {suffix = "/nixos";}; nixos = nixpkgs // {suffix = "/nixos";};

1
nix/os/devices/fwhost1/versions.tmpl.nix
View file

@ -6,7 +6,6 @@ let
<% git ls-remote https://github.com/nixos/nixpkgs nixos-21.11 | awk '{ print $1 }' | tr -d ' <% git ls-remote https://github.com/nixos/nixpkgs nixos-21.11 | awk '{ print $1 }' | tr -d '
' -%>''; ' -%>'';
}; };
in { in {
inherit nixpkgs; inherit nixpkgs;
nixos = nixpkgs // {suffix = "/nixos";}; nixos = nixpkgs // {suffix = "/nixos";};

4
nix/os/devices/fwhost2/boot.nix
View file

@ -1,6 +1,4 @@
{ lib, ... }: {lib, ...}: {
{
boot.loader.grub.efiInstallAsRemovable = lib.mkForce true; boot.loader.grub.efiInstallAsRemovable = lib.mkForce true;
boot.loader.efi.canTouchEfiVariables = lib.mkForce false; boot.loader.efi.canTouchEfiVariables = lib.mkForce false;
} }

4
nix/os/devices/fwhost2/configuration.nix
View file

@ -1,6 +1,4 @@
{ ... }: {...}: {
{
imports = [ imports = [
../../profiles/common/configuration.nix ../../profiles/common/configuration.nix
../../modules/opinionatedDisk.nix ../../modules/opinionatedDisk.nix

5
nix/os/devices/fwhost2/hw.nix
View file

@ -1,7 +1,4 @@
{ ... }: {...}: let
let
in { in {
# TASK: new device # TASK: new device
hardware.opinionatedDisk = { hardware.opinionatedDisk = {

13
nix/os/devices/fwhost2/pkg.nix
View file

@ -1,14 +1,13 @@
{ pkgs, ... }: {pkgs, ...}: {
{
nixpkgs.config.packageOverrides = pkgs: nixpkgs.config.packageOverrides = pkgs:
with pkgs; { with pkgs; {
nixPath = (import ../../../default.nix { nixPath =
(import ../../../default.nix {
versionsPath = ./versions.nix; versionsPath = ./versions.nix;
}).nixPath; })
.nixPath;
}; };
home-manager.users.steveej = home-manager.users.steveej = import ../../../home-manager/configuration/text-minimal.nix {
import ../../../home-manager/configuration/text-minimal.nix {
inherit pkgs; inherit pkgs;
}; };

30
nix/os/devices/fwhost2/system.nix
View file

@ -1,10 +1,13 @@
{ pkgs, lib, config, utils, ... }: {
pkgs,
let lib,
config,
utils,
...
}: let
keys = import ../../../variables/keys.nix; keys = import ../../../variables/keys.nix;
passwords = import ../../../variables/passwords.crypt.nix; passwords = import ../../../variables/passwords.crypt.nix;
in { in {
# TASK: new device # TASK: new device
networking.hostName = "fwhost2"; # Define your hostname. networking.hostName = "fwhost2"; # Define your hostname.
@ -28,25 +31,31 @@ in {
# WAN interfaces, currently unused because the OPNsense guest acts as a router. # WAN interfaces, currently unused because the OPNsense guest acts as a router.
networking.vlans.wan1.id = 3; networking.vlans.wan1.id = 3;
networking.vlans.wan1.interface = "breth"; networking.vlans.wan1.interface = "breth";
networking.interfaces.wan1.ipv4.addresses = [{ networking.interfaces.wan1.ipv4.addresses = [
{
address = "192.168.0.16"; address = "192.168.0.16";
prefixLength = 24; prefixLength = 24;
}]; }
];
networking.vlans.wan2.id = 4; networking.vlans.wan2.id = 4;
networking.vlans.wan2.interface = "breth"; networking.vlans.wan2.interface = "breth";
networking.interfaces.wan2.ipv4.addresses = [{ networking.interfaces.wan2.ipv4.addresses = [
{
address = "172.16.0.16"; address = "172.16.0.16";
prefixLength = 12; prefixLength = 12;
}]; }
];
# Local interfaces, all accessed via VLAN tags on the main bridge # Local interfaces, all accessed via VLAN tags on the main bridge
networking.vlans.lan.id = 1; networking.vlans.lan.id = 1;
networking.vlans.lan.interface = "breth"; networking.vlans.lan.interface = "breth";
networking.interfaces.lan.ipv4.addresses = [{ networking.interfaces.lan.ipv4.addresses = [
{
address = "172.172.171.16"; address = "172.172.171.16";
prefixLength = 24; prefixLength = 24;
}]; }
];
networking.vlans.dmz.id = 5; networking.vlans.dmz.id = 5;
networking.vlans.dmz.interface = "breth"; networking.vlans.dmz.interface = "breth";
@ -77,4 +86,3 @@ in {
boot.kernelPackages = lib.mkForce pkgs.linuxPackages_latest; boot.kernelPackages = lib.mkForce pkgs.linuxPackages_latest;
} }

9
nix/os/devices/fwhost2/user.nix
View file

@ -1,10 +1,11 @@
{ config, pkgs, ... }: {
config,
let pkgs,
...
}: let
passwords = import ../../../variables/passwords.crypt.nix; passwords = import ../../../variables/passwords.crypt.nix;
keys = import ../../../variables/keys.nix; keys = import ../../../variables/keys.nix;
inherit (import ../../lib/default.nix {}) mkUser; inherit (import ../../lib/default.nix {}) mkUser;
in { in {
# users.extraUsers.steveej2 = mkUser { # users.extraUsers.steveej2 = mkUser {
# uid = 1001; # uid = 1001;

1
nix/os/devices/fwhost2/versions.nix
View file

@ -4,7 +4,6 @@ let
ref = "nixos-21.11"; ref = "nixos-21.11";
rev = "386234e2a61e1e8acf94dfa3a3d3ca19a6776efb"; rev = "386234e2a61e1e8acf94dfa3a3d3ca19a6776efb";
}; };
in { in {
inherit nixpkgs; inherit nixpkgs;
nixos = nixpkgs // {suffix = "/nixos";}; nixos = nixpkgs // {suffix = "/nixos";};

1
nix/os/devices/fwhost2/versions.tmpl.nix
View file

@ -6,7 +6,6 @@ let
<% git ls-remote https://github.com/nixos/nixpkgs nixos-21.11 | awk '{ print $1 }' | tr -d ' <% git ls-remote https://github.com/nixos/nixpkgs nixos-21.11 | awk '{ print $1 }' | tr -d '
' -%>''; ' -%>'';
}; };
in { in {
inherit nixpkgs; inherit nixpkgs;
nixos = nixpkgs // {suffix = "/nixos";}; nixos = nixpkgs // {suffix = "/nixos";};

4
nix/os/devices/srv0.home-ch.stefanjunker.de/boot.nix
View file

@ -1,6 +1,4 @@
{ lib, ... }: {lib, ...}: {
{
boot.loader.grub.efiSupport = true; boot.loader.grub.efiSupport = true;
boot.extraModulePackages = []; boot.extraModulePackages = [];
} }

4
nix/os/devices/srv0.home-ch.stefanjunker.de/configuration.nix
View file

@ -1,6 +1,4 @@
{ ... }: {...}: {
{
disabledModules = []; disabledModules = [];
imports = [ imports = [
../../profiles/common/configuration.nix ../../profiles/common/configuration.nix

5
nix/os/devices/srv0.home-ch.stefanjunker.de/hw.nix
View file

@ -1,6 +1,4 @@
{ ... }: {...}: let
let
stage1Modules = [ stage1Modules = [
"aesni_intel" "aesni_intel"
"kvm-intel" "kvm-intel"
@ -19,7 +17,6 @@ let
"xhci_hcd" "xhci_hcd"
"xhci_pci" "xhci_pci"
]; ];
in { in {
# TASK: new device # TASK: new device
hardware.opinionatedDisk = { hardware.opinionatedDisk = {

22
nix/os/devices/srv0.home-ch.stefanjunker.de/pkg.nix
View file

@ -1,23 +1,29 @@
{ config, pkgs, lib, ... }:
{ {
config,
pkgs,
lib,
...
}: {
nixpkgs.config.packageOverrides = pkgs: nixpkgs.config.packageOverrides = pkgs:
with pkgs; { with pkgs; {
nixPath = (import ../../../default.nix { nixPath =
(import ../../../default.nix {
versionsPath = ./versions.nix; versionsPath = ./versions.nix;
}).nixPath; })
.nixPath;
}; };
home-manager.users.steveej = home-manager.users.steveej = import ../../../home-manager/configuration/text-minimal.nix {
import ../../../home-manager/configuration/text-minimal.nix {
inherit pkgs; inherit pkgs;
}; };
nix.buildMachines = [{ nix.buildMachines = [
{
hostName = "localhost"; hostName = "localhost";
system = "x86_64-linux"; system = "x86_64-linux";
supportedFeatures = ["kvm" "nixos-test" "big-parallel" "benchmark"]; supportedFeatures = ["kvm" "nixos-test" "big-parallel" "benchmark"];
maxJobs = 4; maxJobs = 4;
}]; }
];
# services.hydra = { # services.hydra = {
# enable = false; # enable = false;

11
nix/os/devices/srv0.home-ch.stefanjunker.de/system.nix
View file

@ -1,7 +1,10 @@
{ pkgs, lib, config, ... }: {
pkgs,
let keys = import ../../../variables/keys.nix; lib,
config,
...
}: let
keys = import ../../../variables/keys.nix;
in { in {
# TASK: new device # TASK: new device
networking.hostName = "srv0"; # Define your hostname. networking.hostName = "srv0"; # Define your hostname.

1
nix/os/devices/srv0.home-ch.stefanjunker.de/versions.nix
View file

@ -4,7 +4,6 @@ let
ref = "nixos-22.05"; ref = "nixos-22.05";
rev = "040c6d8374d090f46ab0e99f1f7c27a4529ecffd"; rev = "040c6d8374d090f46ab0e99f1f7c27a4529ecffd";
}; };
in { in {
inherit nixpkgs; inherit nixpkgs;
"channels-nixos-stable" = nixpkgs; "channels-nixos-stable" = nixpkgs;

1
nix/os/devices/srv0.home-ch.stefanjunker.de/versions.tmpl.nix
View file

@ -6,7 +6,6 @@ let
<% git ls-remote https://github.com/nixos/nixpkgs nixos-22.05 | awk '{ print $1 }' | tr -d ' <% git ls-remote https://github.com/nixos/nixpkgs nixos-22.05 | awk '{ print $1 }' | tr -d '
' -%>''; ' -%>'';
}; };
in { in {
inherit nixpkgs; inherit nixpkgs;
"channels-nixos-stable" = nixpkgs; "channels-nixos-stable" = nixpkgs;

4
nix/os/devices/steveej-nuc7pjyh-work/configuration.nix
View file

@ -1,6 +1,4 @@
{ ... }: {...}: {
{
imports = [ imports = [
../../profiles/common/configuration.nix ../../profiles/common/configuration.nix
../../profiles/graphical/configuration.nix ../../profiles/graphical/configuration.nix

4
nix/os/devices/steveej-nuc7pjyh-work/hw.nix
View file

@ -1,6 +1,4 @@
{ ... }: {...}: {
{
# TASK: new device # TASK: new device
hardware.encryptedDisk = { hardware.encryptedDisk = {
enable = true; enable = true;

8
nix/os/devices/steveej-nuc7pjyh-work/system.nix
View file

@ -1,6 +1,8 @@
{ pkgs, lib, ... }: {
pkgs,
let lib,
...
}: let
in { in {
services.udev.extraRules = ''SUBSYSTEM=="sgx", MODE="0660", GROUP="sgx"''; services.udev.extraRules = ''SUBSYSTEM=="sgx", MODE="0660", GROUP="sgx"'';
users.groups.sgx = {}; users.groups.sgx = {};

21
nix/os/devices/steveej-nuc7pjyh-work/user.nix
View file

@ -1,10 +1,11 @@
{ config, pkgs, ... }: {
config,
let pkgs,
...
}: let
passwords = import ../../../variables/passwords.crypt.nix; passwords = import ../../../variables/passwords.crypt.nix;
keys = import ../../../variables/keys.nix; keys = import ../../../variables/keys.nix;
inherit (import ../../lib/default.nix {}) mkUser; inherit (import ../../lib/default.nix {}) mkUser;
in { in {
users.extraUsers.sjunker = mkUser { users.extraUsers.sjunker = mkUser {
uid = 1001; uid = 1001;
@ -15,13 +16,17 @@ in {
}; };
extraGroups = ["sgx"]; extraGroups = ["sgx"];
subUidRanges = [{ subUidRanges = [
{
startUid = 100000; startUid = 100000;
count = 65536; count = 65536;
}]; }
subGidRanges = [{ ];
subGidRanges = [
{
startGid = 100000; startGid = 100000;
count = 65536; count = 65536;
}]; }
];
}; };
} }

4
nix/os/devices/steveej-pa600/boot.nix
View file

@ -1,6 +1,4 @@
{ lib, ... }: {lib, ...}: {
{
boot.loader.grub.efiInstallAsRemovable = lib.mkForce true; boot.loader.grub.efiInstallAsRemovable = lib.mkForce true;
boot.loader.efi.canTouchEfiVariables = lib.mkForce false; boot.loader.efi.canTouchEfiVariables = lib.mkForce false;
} }

4
nix/os/devices/steveej-pa600/configuration.nix
View file

@ -1,6 +1,4 @@
{ ... }: {...}: {
{
imports = [ imports = [
../../profiles/common/configuration.nix ../../profiles/common/configuration.nix
../../profiles/graphical/configuration.nix ../../profiles/graphical/configuration.nix

5
nix/os/devices/steveej-pa600/hw.nix
View file

@ -1,6 +1,4 @@
{ ... }: {...}: let
let
stage1Modules = [ stage1Modules = [
"aesni_intel" "aesni_intel"
"kvm-intel" "kvm-intel"
@ -9,7 +7,6 @@ let
"xhci_pci" "xhci_pci"
"hxci_hcd" "hxci_hcd"
]; ];
in { in {
# TASK: new device # TASK: new device
hardware.opinionatedDisk = { hardware.opinionatedDisk = {

13
nix/os/devices/steveej-pa600/pkg.nix
View file

@ -1,14 +1,13 @@
{ pkgs, ... }: {pkgs, ...}: {
{
nixpkgs.config.packageOverrides = pkgs: nixpkgs.config.packageOverrides = pkgs:
with pkgs; { with pkgs; {
nixPath = (import ../../../default.nix { nixPath =
(import ../../../default.nix {
versionsPath = ./versions.nix; versionsPath = ./versions.nix;
}).nixPath; })
.nixPath;
}; };
home-manager.users.steveej = home-manager.users.steveej = import ../../../home-manager/configuration/graphical-fullblown.nix {
import ../../../home-manager/configuration/graphical-fullblown.nix {
inherit pkgs; inherit pkgs;
}; };
services.teamviewer.enable = true; services.teamviewer.enable = true;

14
nix/os/devices/steveej-pa600/system.nix
View file

@ -1,8 +1,11 @@
{ pkgs, lib, config, ... }: {
pkgs,
let keys = import ../../../variables/keys.nix; lib,
config,
...
}: let
keys = import ../../../variables/keys.nix;
in { in {
# TASK: new device # TASK: new device
networking.hostName = "steveej-pa600"; # Define your hostname. networking.hostName = "steveej-pa600"; # Define your hostname.
@ -26,8 +29,7 @@ in {
sudo.fprintAuth = true; sudo.fprintAuth = true;
}; };
security.pki.certificateFiles = security.pki.certificateFiles = ["${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt"];
[ "${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt" ];
services.xserver.videoDrivers = ["modesetting"]; services.xserver.videoDrivers = ["modesetting"];
services.xserver.serverFlagsSection = '' services.xserver.serverFlagsSection = ''

9
nix/os/devices/steveej-pa600/user.nix
View file

@ -1,10 +1,11 @@
{ config, pkgs, ... }: {
config,
let pkgs,
...
}: let
passwords = import ../../../variables/passwords.crypt.nix; passwords = import ../../../variables/passwords.crypt.nix;
keys = import ../../../variables/keys.nix; keys = import ../../../variables/keys.nix;
inherit (import ../../lib/default.nix {}) mkUser; inherit (import ../../lib/default.nix {}) mkUser;
in { in {
users.extraUsers.steveej2 = mkUser { users.extraUsers.steveej2 = mkUser {
uid = 1001; uid = 1001;

1
nix/os/devices/steveej-pa600/versions.nix
View file

@ -4,7 +4,6 @@ let
ref = "nixos-20.09"; ref = "nixos-20.09";
rev = "e065200fc90175a8f6e50e76ef10a48786126e1c"; rev = "e065200fc90175a8f6e50e76ef10a48786126e1c";
}; };
in { in {
inherit nixpkgs; inherit nixpkgs;
nixos = nixpkgs // {suffix = "/nixos";}; nixos = nixpkgs // {suffix = "/nixos";};

1
nix/os/devices/steveej-pa600/versions.tmpl.nix
View file

@ -6,7 +6,6 @@ let
<% git ls-remote https://github.com/nixos/nixpkgs nixos-20.09 | awk '{ print $1 }' | tr -d ' <% git ls-remote https://github.com/nixos/nixpkgs nixos-20.09 | awk '{ print $1 }' | tr -d '
' -%>''; ' -%>'';
}; };
in { in {
inherit nixpkgs; inherit nixpkgs;
nixos = nixpkgs // {suffix = "/nixos";}; nixos = nixpkgs // {suffix = "/nixos";};

Some files were not shown because too many files have changed in this diff Show more