steveej/infra
1
0
Fork 0
Code Issues 2 Pull requests Projects Releases Packages Wiki Activity Actions

chore: nixfmt *

Browse source
This commit is contained in:
steveej 2022-10-31 11:04:38 +01:00
parent aae3fd4090
commit 47c5c9dc56
161 changed files with 2693 additions and 3029 deletions
Download patch file Download diff file Expand all files Collapse all files

9
_archive/environments/dev/go/default.nix
View file

@ -1,10 +1,5 @@
{ gitpkgs ? import /home/steveej/src/github/NixOS/nixpkgs {} { gitpkgs ? import /home/steveej/src/github/NixOS/nixpkgs { }, pkgs ? gitpkgs
, pkgs ? gitpkgs , name ? "generic", version, extraBuildInputs ? [ ], extraShellHook ? "" }:
, name ? "generic"
, version
, extraBuildInputs ? []
, extraShellHook ? ""
}:
let let
go = builtins.getAttr "go_${version}" pkgs; go = builtins.getAttr "go_${version}" pkgs;
commonVimRC = '' commonVimRC = ''

6
_archive/environments/dev/go/neovim-go.nix
View file

@ -7,9 +7,5 @@
let g:deoplete#enable_smart_case = 1 let g:deoplete#enable_smart_case = 1
" } " }
''; '';
additionalPlugins = [ additionalPlugins = [ "deoplete-go" "deoplete-nvim" "vim-go" ];
"deoplete-go"
"deoplete-nvim"
"vim-go"
];
}) })

20
_archive/environments/dev/pandoc.nix
View file

@ -1,16 +1,14 @@
{ gitpkgs ? import /home/steveej/src/github/NixOS/nixpkgs {} { gitpkgs ? import /home/steveej/src/github/NixOS/nixpkgs { }, pkgs ? gitpkgs
, pkgs ? gitpkgs , name ? "generic", version ? "Stable", extraBuildInputs ? [ ] }:
, name ? "generic" let commonVimRC = "";
, version ? "Stable"
, extraBuildInputs ? []
}:
let
commonVimRC = ''
'';
in pkgs.stdenv.mkDerivation { in pkgs.stdenv.mkDerivation {
inherit name; inherit name;
buildInputs = with pkgs; [ buildInputs = with pkgs;
( import ./vim-pandoc.nix { pkgs=gitpkgs; commonRC=commonVimRC; }) [
(import ./vim-pandoc.nix {
pkgs = gitpkgs;
commonRC = commonVimRC;
})
pandoc pandoc
texlive.combined.scheme-medium texlive.combined.scheme-medium
python27Packages.pandocfilters python27Packages.pandocfilters

7
_archive/environments/dev/rkt.nix
View file

@ -1,8 +1,5 @@
{ { pkgs ? import /home/steveej/src/github/NixOS/nixpkgs { }
pkgs ? import /home/steveej/src/github/NixOS/nixpkgs {}, , mkGoEnv ? import ./go.nix, rktPath, }:
mkGoEnv ? import ./go.nix,
rktPath,
}:
let let
rktBasebuildInputs = with pkgs; [ rktBasebuildInputs = with pkgs; [
glibc.out glibc.out

25
_archive/environments/dev/rust/default.nix
View file

@ -1,9 +1,5 @@
{ gitpkgs ? import /home/steveej/src/github/NixOS/nixpkgs {} { gitpkgs ? import /home/steveej/src/github/NixOS/nixpkgs { }, pkgs ? gitpkgs
, pkgs ? gitpkgs , name ? "generic", version ? "Stable", extraBuildInputs ? [ ] }:
, name ? "generic"
, version ? "Stable"
, extraBuildInputs ? []
}:
let let
rustPackages = builtins.getAttr "rust${version}" pkgs; rustPackages = builtins.getAttr "rust${version}" pkgs;
rustc = rustPackages.rustc; rustc = rustPackages.rustc;
@ -12,19 +8,20 @@ let
setPS1 $rustname setPS1 $rustname
unset name unset name
''; '';
commonVimRC = '' commonVimRC = "";
'';
in pkgs.stdenv.mkDerivation { in pkgs.stdenv.mkDerivation {
inherit name; inherit name;
buildInputs = with rustPackages;[ buildInputs = with rustPackages;
( import ./vim-rust.nix { pkgs=gitpkgs; commonRC=commonVimRC; [
(import ./vim-rust.nix {
pkgs = gitpkgs;
commonRC = commonVimRC;
inherit rustc; inherit rustc;
racerd = pkgs.rustracerd; racerd = pkgs.rustracerd;
}) })
rustc cargo rustc
] ++ [ cargo
pkgs.rustfmt ] ++ [ pkgs.rustfmt ] ++ extraBuildInputs;
] ++ extraBuildInputs;
shellHook = (rustShellHook) { shellHook = (rustShellHook) {
inherit name; inherit name;
inherit rustc; inherit rustc;

5
_archive/environments/dev/vim-go.nix
View file

@ -13,8 +13,5 @@ import ../../pkg-configuration/vim-derivates/vim.nix (args // {
let g:neocomplete#sources#omni#input_patterns = {} let g:neocomplete#sources#omni#input_patterns = {}
endif endif
''; '';
additionalPlugins = [ additionalPlugins = [ "neocomplete" "vim-go" ];
"neocomplete"
"vim-go"
];
}) })

10
_archive/environments/dev/vim-pandoc.nix
View file

@ -1,6 +1,4 @@
{ commonRC { commonRC, ... }@args:
,
... } @ args :
import ../../pkg-configuration/vim-derivates/vim.nix (args // { import ../../pkg-configuration/vim-derivates/vim.nix (args // {
name = "vim-for-pandoc"; name = "vim-for-pandoc";
@ -14,9 +12,5 @@ import ../../pkg-configuration/vim-derivates/vim.nix (args // {
let g:syntastic_check_on_open = 1 let g:syntastic_check_on_open = 1
let g:syntastic_check_on_wq = 0 let g:syntastic_check_on_wq = 0
''; '';
additionalPlugins = [ additionalPlugins = [ "vim-pandoc" "vim-pandoc-syntax" "vimpreviewpandoc" ];
"vim-pandoc"
"vim-pandoc-syntax"
"vimpreviewpandoc"
];
}) })

9
_archive/environments/dev/vim-rust.nix
View file

@ -1,7 +1,4 @@
{ commonRC { commonRC, rustc, racerd, ... }@args:
, rustc
, racerd,
... } @ args :
import ../../pkg-configuration/vim-derivates/vim.nix (args // { import ../../pkg-configuration/vim-derivates/vim.nix (args // {
name = "vim-for-rust"; name = "vim-for-rust";
@ -40,7 +37,5 @@ import ../../pkg-configuration/vim-derivates/vim.nix (args // {
let g:ycm_racerd_binary_path = '${racerd.out}/bin/racerd' let g:ycm_racerd_binary_path = '${racerd.out}/bin/racerd'
''; '';
additionalPlugins = [ additionalPlugins = [ "rust-vim" ];
"rust-vim"
];
}) })

3
_archive/environments/fhs/android.nix
View file

@ -2,7 +2,8 @@
(pkgs.buildFHSUserEnv { (pkgs.buildFHSUserEnv {
name = "devfhs"; name = "devfhs";
multiPkgs = pkgs: (with pkgs; [ multiPkgs = pkgs:
(with pkgs; [
android-udev-rules android-udev-rules
sudo sudo
gawk gawk

9
_archive/environments/fhs/vscode.nix
View file

@ -2,8 +2,9 @@
(pkgs.buildFHSUserEnv { (pkgs.buildFHSUserEnv {
name = "everydayFHS"; name = "everydayFHS";
targetPkgs = pkgs: (with pkgs; targetPkgs = pkgs:
[ which (with pkgs; [
which
gitFull gitFull
zsh zsh
file file
@ -28,9 +29,7 @@
zlib zlib
libsecret libsecret
]); ]);
multiPkgs = pkgs: (with pkgs; multiPkgs = pkgs: (with pkgs; [ ]);
[
]);
profile = '' profile = ''
export SHELL=/bin/zsh export SHELL=/bin/zsh
''; '';

4
_archive/nixos-configuration/common/pkg/neovim.nix
View file

@ -1,6 +1,4 @@
{ config { config, pkgs, ... }@args:
, pkgs
, ... } @ args:
{ {
environment.systemPackages = [ environment.systemPackages = [

6
_archive/nixos-configuration/common/pkg/vim.nix
View file

@ -1,9 +1,9 @@
{ pkgs { pkgs, ... }@args:
, ... } @ args:
{ {
environment.systemPackages = [ environment.systemPackages = [
pkgs.xsel pkgs.xsel
(import ../../../pkg-configuration/vim-derivates/vim.nix (args // { name = "vim"; })) (import ../../../pkg-configuration/vim-derivates/vim.nix
(args // { name = "vim"; }))
]; ];
} }

4
_archive/nixos-configuration/common/user/steveej.nix
View file

@ -1,6 +1,4 @@
{ config { config, pkgs, ... }:
, pkgs
, ... }:
let let
passwords = import ../passwords.crypt.nix; passwords = import ../passwords.crypt.nix;

1
default.nix
View file

@ -7,7 +7,6 @@
{ pkgs ? import <nixpkgs> { } }: { pkgs ? import <nixpkgs> { } }:
{ {
overlays = import ./nix/overlays; overlays = import ./nix/overlays;
pkgs = import ./nix/pkgs { inherit pkgs; }; pkgs = import ./nix/pkgs { inherit pkgs; };

33
nix/container-images/default.nix
View file

@ -1,11 +1,6 @@
{ pkgs ? import <nixpkgs> {} { pkgs ? import <nixpkgs> { } }:
}:
let
baseEnv = [
"SSL_CERT_FILE=${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt"
];
let baseEnv = [ "SSL_CERT_FILE=${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt" ];
in rec { in rec {
@ -29,16 +24,9 @@ in rec {
interactive_base = pkgs.dockerTools.buildImage { interactive_base = pkgs.dockerTools.buildImage {
name = "interactive_base"; name = "interactive_base";
fromImage = base; fromImage = base;
contents = with pkgs; [ contents = with pkgs; [ procps zsh coreutils neovim ];
procps
zsh
coreutils
neovim
];
config = { config = { Cmd = [ "/bin/zsh" ]; };
Cmd = [ "/bin/zsh" ];
};
}; };
s3ql = let s3ql = let
@ -87,10 +75,7 @@ in rec {
in pkgs.dockerTools.buildImage { in pkgs.dockerTools.buildImage {
name = "s3ql"; name = "s3ql";
fromImage = interactive_base; fromImage = interactive_base;
contents = [ contents = [ pkgs.s3ql pkgs.fuse ];
pkgs.s3ql
pkgs.fuse
];
runAsRoot = '' runAsRoot = ''
#!${pkgs.stdenv.shell} #!${pkgs.stdenv.shell}
@ -146,13 +131,9 @@ in rec {
contents = pkgs.syncthing; contents = pkgs.syncthing;
config = { config = {
Env = baseEnv ++ [ Env = baseEnv ++ [ "SYNCTHING_HOME=/home/syncthing" ];
"SYNCTHING_HOME=/home/syncthing"
];
Cmd = [ entrypoint ]; Cmd = [ entrypoint ];
Volumes = { Volumes = { "/data" = { }; };
"/data" = {};
};
}; };
}; };
} }

11
nix/default.nix
View file

@ -3,8 +3,7 @@
let let
channelVersions = (import versionsPath); channelVersions = (import versionsPath);
mkChannelSource = name: mkChannelSource = name:
let let channelVersion = builtins.getAttr name channelVersions;
channelVersion = builtins.getAttr name channelVersions;
in builtins.fetchGit { in builtins.fetchGit {
# Descriptive name to make the store path easier to identify # Descriptive name to make the store path easier to identify
inherit name; inherit name;
@ -15,13 +14,11 @@ let
elem = builtins.getAttr elemName channelVersions; elem = builtins.getAttr elemName channelVersions;
elemPath = (mkChannelSource elemName); elemPath = (mkChannelSource elemName);
suffix = if builtins.hasAttr "suffix" elem then elem.suffix else ""; suffix = if builtins.hasAttr "suffix" elem then elem.suffix else "";
in in builtins.concatStringsSep "=" [ elemName elemPath ] + suffix)
builtins.concatStringsSep "=" [ elemName elemPath ] + suffix (builtins.attrNames channelVersions));
) (builtins.attrNames channelVersions));
pkgs = import (mkChannelSource "nixpkgs") { }; pkgs = import (mkChannelSource "nixpkgs") { };
in
{ in {
inherit nixPath; inherit nixPath;
channelSources = pkgs.writeText "channels.rc" '' channelSources = pkgs.writeText "channels.rc" ''
export NIX_PATH=${nixPath} export NIX_PATH=${nixPath}

46
nix/home-manager/configuration/graphical-fullblown.nix
View file

@ -1,16 +1,13 @@
{ pkgs }: { pkgs }:
let let zshCurried = import ../programs/zsh.nix { inherit pkgs; };
zshCurried = import ../programs/zsh.nix { inherit pkgs; };
in
{ pkgs in { pkgs, config, ... }:
, config
, ... }:
let let
# gitpkgs = import /home/steveej/src/github/NixOS/nixpkgs {}; # gitpkgs = import /home/steveej/src/github/NixOS/nixpkgs {};
unstablepkgs = import <channels-nixos-unstable-small> { config = config.nixpkgs.config; }; unstablepkgs =
import <channels-nixos-unstable-small> { config = config.nixpkgs.config; };
masterpkgs = import <nixpkgs-master> { config = config.nixpkgs.config; }; masterpkgs = import <nixpkgs-master> { config = config.nixpkgs.config; };
in { in {
@ -37,8 +34,7 @@ in {
gnutls = true; gnutls = true;
}; };
packageOverrides = pkgs: with pkgs; { packageOverrides = pkgs: with pkgs; { };
};
}; };
home.sessionVariables = { home.sessionVariables = {
@ -48,14 +44,10 @@ in {
GOPATH = "$HOME/src/go"; GOPATH = "$HOME/src/go";
PATH=pkgs.lib.concatStringsSep ":" [ PATH = pkgs.lib.concatStringsSep ":" [ "$HOME/.local/bin" "$PATH" ];
"$HOME/.local/bin"
"$PATH"
];
}; };
home.packages = [] home.packages = [ ] ++ (with pkgs; [
++ (with pkgs; [
# Authentication # Authentication
cacert cacert
fprintd fprintd
@ -135,7 +127,6 @@ in {
# })) # }))
appimage-run appimage-run
# Remote Control Tools # Remote Control Tools
remmina remmina
freerdp freerdp
@ -184,7 +175,6 @@ in {
feh feh
# digikam # digikam
# Modelling Tools # Modelling Tools
# plantuml # plantuml
# umlet # umlet
@ -216,26 +206,14 @@ in {
perlPackages.UnicodeLineBreak perlPackages.UnicodeLineBreak
(texlive.combine { (texlive.combine {
inherit (texlive) inherit (texlive)
scheme-small scheme-small texlive-de texlive-en texlive-scripts collection-langgerman
texlive-de
texlive-en
texlive-scripts
collection-langgerman
latexindent latexindent latexmk
latexmk
algorithms algorithms cm-super
cm-super
preprint preprint enumitem draftwatermark everypage ulem placeins minted
enumitem ifplatform fvextra xstring framed;
draftwatermark
everypage
ulem
placeins
minted ifplatform fvextra xstring framed
;
}) })
pdftk pdftk

21
nix/home-manager/configuration/graphical-gnome3.nix
View file

@ -1,15 +1,12 @@
{ pkgs }: { pkgs }:
let let zshCurried = import ../programs/zsh.nix { inherit pkgs; };
zshCurried = import ../programs/zsh.nix { inherit pkgs; };
in
{ pkgs in { pkgs, config, ... }:
, config,
... }:
let let
unstablepkgs = import <channels-nixos-unstable> { config = config.nixpkgs.config; }; unstablepkgs =
import <channels-nixos-unstable> { config = config.nixpkgs.config; };
in { in {
imports = [ imports = [
@ -30,16 +27,12 @@ in {
gnutls = true; gnutls = true;
}; };
packageOverrides = pkgs: with pkgs; { packageOverrides = pkgs: with pkgs; { };
};
}; };
home.sessionVariables = { home.sessionVariables = { };
};
home.packages = [ ] ++ (with pkgs; [
home.packages =
[] ++ (with pkgs; [
# Nix package related tools # Nix package related tools
patchelf patchelf
nix-index nix-index

21
nix/home-manager/configuration/graphical-removable.nix
View file

@ -1,15 +1,12 @@
{ pkgs }: { pkgs }:
let let zshCurried = import ../programs/zsh.nix { inherit pkgs; };
zshCurried = import ../programs/zsh.nix { inherit pkgs; };
in
{ pkgs in { pkgs, config, ... }:
, config,
... }:
let let
unstablepkgs = import <channels-nixos-unstable> { config = config.nixpkgs.config; }; unstablepkgs =
import <channels-nixos-unstable> { config = config.nixpkgs.config; };
in { in {
imports = [ imports = [
@ -32,16 +29,12 @@ in {
gnutls = true; gnutls = true;
}; };
packageOverrides = pkgs: with pkgs; { packageOverrides = pkgs: with pkgs; { };
};
}; };
home.sessionVariables = { home.sessionVariables = { };
};
home.packages = [ ] ++ (with pkgs; [
home.packages =
[] ++ (with pkgs; [
# Nix package related tools # Nix package related tools
patchelf patchelf
nix-index nix-index

22
nix/home-manager/configuration/text-minimal.nix
View file

@ -1,12 +1,8 @@
{ pkgs, extraPackages ? [ ] }: { pkgs, extraPackages ? [ ] }:
let let zshCurried = import ../programs/zsh.nix { inherit pkgs; };
zshCurried = import ../programs/zsh.nix { inherit pkgs; };
in
{ pkgs in { pkgs, config, ... }:
, config
, ... }:
let let
@ -18,18 +14,10 @@ in {
zshCurried zshCurried
]; ];
nixpkgs.config = { nixpkgs.config = { packageOverrides = pkgs: with pkgs; { }; };
packageOverrides = pkgs: with pkgs; {
};
};
home.sessionVariables = { home.sessionVariables = { };
};
home.packages = extraPackages home.packages = extraPackages
++ (with pkgs; [ ++ (with pkgs; [ iperf3 inetutils speedtest-cli ]);
iperf3
inetutils
speedtest-cli
]);
} }

11
nix/home-manager/lib.nix
View file

@ -1,5 +1,4 @@
{ { }:
}:
let let
@ -11,12 +10,8 @@ in {
PartOf = [ "graphical-session.target" ]; PartOf = [ "graphical-session.target" ];
}; };
Install = { Install = { WantedBy = [ "graphical-session.target" ]; };
WantedBy = [ "graphical-session.target" ];
};
Service = { Service = { ExecStart = execStart; };
ExecStart = execStart;
};
}; };
} }

7
nix/home-manager/profiles/common.nix
View file

@ -1,6 +1,4 @@
{ pkgs { pkgs, ... }:
, ...
}:
let let
in { in {
@ -36,8 +34,7 @@ in {
programs.command-not-found.enable = true; programs.command-not-found.enable = true;
programs.fzf.enable = true; programs.fzf.enable = true;
home.packages = home.packages = [ ] ++ (with pkgs; [
[] ++ (with pkgs; [
# git helpers # git helpers
git-crypt git-crypt

8
nix/home-manager/profiles/dotfiles.nix
View file

@ -1,10 +1,6 @@
{ pkgs { pkgs, config, ... }:
, config
, ...
}:
let let vcshActivationScript = pkgs.callPackage ./dotfiles/vcsh.nix { };
vcshActivationScript = pkgs.callPackage ./dotfiles/vcsh.nix {};
in { in {
# TODO: fix the dotfiles # TODO: fix the dotfiles

7
nix/home-manager/profiles/dotfiles/vcsh.tmpl.nix
View file

@ -1,8 +1,5 @@
{ pkgs { pkgs, repoHttps ? "https://gitlab.com/steveeJ/dotfiles.git"
, repoHttps ? "https://gitlab.com/steveeJ/dotfiles.git" , repoSsh ? "git@gitlab.com:/steveeJ/dotfiles.git", ... }:
, repoSsh ? "git@gitlab.com:/steveeJ/dotfiles.git"
, ...
}:
let let
repoBareLocal = pkgs.runCommand "fetchbare" { repoBareLocal = pkgs.runCommand "fetchbare" {

17
nix/home-manager/profiles/nix-channels.nix
View file

@ -1,15 +1,13 @@
{ pkgs { pkgs, config, ... }:
, config
, ...
}:
let let
in { in {
home.file.".nix-channels".text = '' home.file.".nix-channels".text = "";
'';
home.activation.removeExistingNixChannels = config.lib.dag.entryBefore ["checkLinkTargets"] '' home.activation.removeExistingNixChannels =
$DRY_RUN_CMD ${pkgs.writeScript "activation-script" '' config.lib.dag.entryBefore [ "checkLinkTargets" ] ''
$DRY_RUN_CMD ${
pkgs.writeScript "activation-script" ''
set -ex set -ex
if test -f $HOME/.nix-channels; then if test -f $HOME/.nix-channels; then
echo Uninstalling available channels... echo Uninstalling available channels...
@ -23,6 +21,7 @@ in {
mv --backup=numbered $HOME/.nix-channels.dummy $HOME/.nix-channels mv --backup=numbered $HOME/.nix-channels.dummy $HOME/.nix-channels
rm $HOME/.nix-channels rm $HOME/.nix-channels
fi fi
''}; ''
};
''; '';
} }

46
nix/home-manager/profiles/qtile-desktop.nix
View file

@ -1,16 +1,13 @@
{ pkgs { pkgs, ... }:
, ...
}:
let let
inherit (import ../lib.nix { }) inherit (import ../lib.nix { }) mkSimpleTrayService;
mkSimpleTrayService
;
audio = pkgs.writeShellScript "audio" '' audio = pkgs.writeShellScript "audio" ''
export PATH=${with pkgs; lib.makeBinPath [ export PATH=${
pulseaudio findutils gnugrep with pkgs;
]}:$PATH lib.makeBinPath [ pulseaudio findutils gnugrep ]
}:$PATH
export MUTEFILE=''${TEMPDIR:-/tmp}/.qtilemute export MUTEFILE=''${TEMPDIR:-/tmp}/.qtilemute
case $1 in case $1 in
@ -34,9 +31,7 @@ let
terminalCommand = "${pkgs.alacritty}/bin/alacritty"; terminalCommand = "${pkgs.alacritty}/bin/alacritty";
dpmsScript = pkgs.writeShellScript "dpmsScript" '' dpmsScript = pkgs.writeShellScript "dpmsScript" ''
export PATH=${with pkgs; lib.makeBinPath [ export PATH=${with pkgs; lib.makeBinPath [ xorg.xset ]}:$PATH
xorg.xset
]}:$PATH
set -xe set -xe
@ -59,9 +54,7 @@ let
''; '';
screenLockCommand = pkgs.writeShellScript "screenLock" '' screenLockCommand = pkgs.writeShellScript "screenLock" ''
export PATH=${with pkgs; lib.makeBinPath [ export PATH=${with pkgs; lib.makeBinPath [ i3lock ]}:$PATH
i3lock
]}:$PATH
revert() { revert() {
${dpmsScript} default ${dpmsScript} default
@ -260,8 +253,7 @@ def print_new_window(window):
in { in {
systemd.user = { systemd.user = {
startServices = true; startServices = true;
services = { services = { };
};
}; };
services = { services = {
@ -306,13 +298,13 @@ in {
enable = true; enable = true;
settings = { settings = {
matches = let matches = let
playerctl = ''${pkgs.coreutils}/bin/env DBUS_SESSION_BUS_ADDRESS="unix:path=/run/user/$(${pkgs.coreutils}/bin/id -u)/bus" ${pkgs.playerctl}/bin/playerctl''; playerctl = ''
${pkgs.coreutils}/bin/env DBUS_SESSION_BUS_ADDRESS="unix:path=/run/user/$(${pkgs.coreutils}/bin/id -u)/bus" ${pkgs.playerctl}/bin/playerctl'';
in [ in [
{ {
trigger = ":vpos"; trigger = ":vpos";
replace = "{{output}}"; replace = "{{output}}";
vars = [ vars = [{
{
name = "output"; name = "output";
type = "script"; type = "script";
params = { params = {
@ -331,25 +323,21 @@ in {
'') '')
]; ];
}; };
} }];
];
} }
{ {
trigger = ":vtit"; trigger = ":vtit";
replace = "{{output}}"; replace = "{{output}}";
vars = [ vars = [{
{
name = "output"; name = "output";
type = "script"; type = "script";
params = { params = {
args = [ args = [
(pkgs.writeShellScript "espanso" '' (pkgs.writeShellScript "espanso"
${playerctl} metadata title'' "${playerctl} metadata title")
)
]; ];
}; };
} }];
];
} }
{ {
trigger = ":dunno"; trigger = ":dunno";

19
nix/home-manager/programs/chromium.nix
View file

@ -1,15 +1,9 @@
{ { ... }:
...
}:
{ {
programs.chromium = { programs.chromium = { enable = true; };
enable = true;
};
programs.brave = { programs.brave = { enable = true; };
enable = true;
};
nixpkgs.config = { nixpkgs.config = {
chromium = { chromium = {
@ -18,11 +12,6 @@
}; };
}; };
programs.browserpass = { programs.browserpass = { browsers = [ "chromium" "brave" ]; };
browsers = [
"chromium"
"brave"
];
};
} }

14
nix/home-manager/programs/emacs.nix
View file

@ -1,23 +1,21 @@
{ pkgs, { pkgs, ... }:
...
}:
{ {
programs.emacs = { programs.emacs = {
enable = true; enable = true;
extraPackages = epkgs: (with epkgs; [ extraPackages = epkgs:
(with epkgs; [
nix-mode nix-mode
magit # ; Integrate git <C-x g> magit # ; Integrate git <C-x g>
zerodark-theme # ; Nicolas' theme zerodark-theme # ; Nicolas' theme
undo-tree # ; <C-x u> to show the undo tree undo-tree # ; <C-x u> to show the undo tree
# zoom-frm # ; increase/decrease font size for all buffers %lt;C-x C-+> # zoom-frm # ; increase/decrease font size for all buffers %lt;C-x C-+>
]) ++ (with epkgs.melpaPackages; [ ]) ++ (with epkgs.melpaPackages; [ evil ]) ++ (with epkgs.elpaPackages; [
evil
]) ++ (with epkgs.elpaPackages; [
auctex # ; LaTeX mode auctex # ; LaTeX mode
beacon # ; highlight my cursor when scrolling beacon # ; highlight my cursor when scrolling
nameless # ; hide current package name everywhere in elisp code nameless # ; hide current package name everywhere in elisp code
]) ++ (with pkgs; [ ]) ++ (with pkgs;
[
pkgs.notmuch # From main packages set pkgs.notmuch # From main packages set
]); ]);
}; };

15
nix/home-manager/programs/firefox.nix
View file

@ -1,19 +1,14 @@
{ pkgs { pkgs, ... }:
, ...
}:
{ {
programs.firefox = { programs.firefox = { enable = true; };
enable = true;
};
programs.browserpass = { programs.browserpass = {
enable = true; enable = true;
browsers = [ browsers = [ "firefox" ];
"firefox"
];
}; };
home.file.".mozilla/native-messaging-hosts/passff.json".source = "${pkgs.passff-host}/share/passff-host/passff.json"; home.file.".mozilla/native-messaging-hosts/passff.json".source =
"${pkgs.passff-host}/share/passff-host/passff.json";
} }

4
nix/home-manager/programs/holochain-launcher.nix
View file

@ -1,7 +1,5 @@
{ pkgs, ... }: { pkgs, ... }:
{ {
home.packages = [ home.packages = [ pkgs.holochain-launcher ];
pkgs.holochain-launcher
];
} }

21
nix/home-manager/programs/homeshick.nix
View file

@ -1,18 +1,15 @@
{ pkgs { pkgs, config, ... }:
, config
, ...
}:
let let
# TODO: clean up the impurity in here # TODO: clean up the impurity in here
in { in {
home.sessionVariables = { home.sessionVariables = { HOMESHICK_DIR = "${pkgs.homeshick}"; };
HOMESHICK_DIR="${pkgs.homeshick}";
};
home.activation.bootstrapRepos = config.lib.dag.entryAfter ["writeBoundary"] '' home.activation.bootstrapRepos =
$DRY_RUN_CMD ${pkgs.writeScript "activation-script" '' config.lib.dag.entryAfter [ "writeBoundary" ] ''
$DRY_RUN_CMD ${
pkgs.writeScript "activation-script" ''
set -e set -e
echo home-manager path is ${config.home.path} echo home-manager path is ${config.home.path}
echo home is $HOME echo home is $HOME
@ -23,12 +20,14 @@ in {
# echo Updating homeshick # echo Updating homeshick
# ln -sfT ${pkgs.homeshick} "$HOMESICK_REPOS"/.homeshick # ln -sfT ${pkgs.homeshick} "$HOMESICK_REPOS"/.homeshick
# mv -Tf "$HOMESICK_REPOS"/{.,}homeshick # mv -Tf "$HOMESICK_REPOS"/{.,}homeshick
''}; ''
};
''; '';
nixpkgs.config = { nixpkgs.config = {
packageOverrides = pkgs: with pkgs; { packageOverrides = pkgs:
with pkgs; {
homeshick = builtins.fetchGit { homeshick = builtins.fetchGit {
url = "https://github.com/andsens/homeshick.git"; url = "https://github.com/andsens/homeshick.git";
ref = "master"; ref = "master";

8
nix/home-manager/programs/libreoffice.nix
View file

@ -1,6 +1,4 @@
{ pkgs, { pkgs, ... }:
...
}:
{ {
home.sessionVariables = { home.sessionVariables = {
@ -8,7 +6,5 @@
SAL_USE_VCLPLUGIN = "gtk3"; SAL_USE_VCLPLUGIN = "gtk3";
}; };
home.packages = with pkgs; [ home.packages = with pkgs; [ libreoffice-fresh ];
libreoffice-fresh
];
} }

23
nix/home-manager/programs/neovim.nix
View file

@ -1,13 +1,9 @@
{ pkgs, { pkgs, ... }:
...
}:
let let
in { in {
home.sessionVariables = { home.sessionVariables = { EDITOR = "nvim"; };
EDITOR = "nvim";
};
programs.neovim = { programs.neovim = {
enable = true; enable = true;
@ -16,7 +12,8 @@ in {
extraConfig = builtins.readFile ./neovim/vimrc; extraConfig = builtins.readFile ./neovim/vimrc;
plugins = with pkgs; [ plugins = with pkgs;
[
# yaml-folds # yaml-folds
{ {
plugin = vimUtils.buildVimPlugin { plugin = vimUtils.buildVimPlugin {
@ -80,8 +77,7 @@ in {
}; };
}; };
} }
] ] ++ (with pkgs.vimPlugins; [
++ (with pkgs.vimPlugins; [
delimitMate delimitMate
vim-airline vim-airline
vim-airline-themes vim-airline-themes
@ -109,7 +105,8 @@ in {
tabular tabular
# Nix # Nix
vim-addon-nix tlib vim-addon-nix
tlib
vim-addon-vim2nix vim-addon-vim2nix
# LaTeX # LaTeX
@ -124,8 +121,8 @@ in {
vim-markdown-toc vim-markdown-toc
# misc syntax support # misc syntax support
vim-bazel maktaba vim-bazel
]) maktaba
; ]);
}; };
} }

18
nix/home-manager/programs/pass.nix
View file

@ -1,23 +1,15 @@
{ pkgs { pkgs, ... }:
, ...
}:
{ {
home.sessionVariables = { home.sessionVariables = {
# required by pass-otp # required by pass-otp
PASSWORD_STORE_EXTENSIONS_DIR = "$HOME/.nix-profile/lib/password-store/extensions"; PASSWORD_STORE_EXTENSIONS_DIR =
"$HOME/.nix-profile/lib/password-store/extensions";
PASSWORD_STORE_ENABLE_EXTENSIONS = "true"; PASSWORD_STORE_ENABLE_EXTENSIONS = "true";
}; };
programs.browserpass = { programs.browserpass = { enable = true; };
enable = true;
};
home.packages = with pkgs; [ home.packages = with pkgs; [ pass qtpass rofi-pass gnupg ];
pass
qtpass
rofi-pass
gnupg
];
} }

8
nix/home-manager/programs/podman.nix
View file

@ -1,6 +1,4 @@
{ pkgs { pkgs, ... }:
, ...
}:
let let
cniConfigDir = let cniConfigDir = let
@ -107,9 +105,7 @@ let
default_network = "podman" default_network = "podman"
''; '';
in { in {
home.packages = with pkgs; [ home.packages = with pkgs; [ podman ];
podman
];
home.file.".config/containers/containers.conf".source = containersConf; home.file.".config/containers/containers.conf".source = containersConf;

10
nix/home-manager/programs/vscode/default.nix
View file

@ -462,20 +462,16 @@ let
sha256 = "1jmmbz3i0hxq5ka4rsk07mynxh3pkh5g736d9ryv1czhnrb06lwf"; sha256 = "1jmmbz3i0hxq5ka4rsk07mynxh3pkh5g736d9ryv1czhnrb06lwf";
} }
]; ];
in
{ in {
programs.vscode = { programs.vscode = {
enable = true; enable = true;
extensions = [] extensions = [ ] ++ packagedExtensions
++ packagedExtensions
# ++ marketPlaceExtensions # ++ marketPlaceExtensions
; ;
}; };
home.packages = [ home.packages = [ pkgs.nixpkgs-fmt ];
pkgs.nixpkgs-fmt
];
} }
# TODO: automate # TODO: automate

15
nix/home-manager/programs/zsh.nix
View file

@ -3,8 +3,7 @@
{ ... }: { ... }:
let let
just-plugin = just-plugin = let
let
plugin_file = pkgs.writeText "_just" '' plugin_file = pkgs.writeText "_just" ''
#compdef just #compdef just
#autload #autload
@ -43,8 +42,7 @@ in {
# will be called again by oh-my-zsh # will be called again by oh-my-zsh
enableCompletion = false; enableCompletion = false;
enableAutosuggestions = true; enableAutosuggestions = true;
initExtra = let initExtra = let inNixShell = ''$([[ -n "$IN_NIX_SHELL" ]] && printf " 🐚")'';
inNixShell = ''$([[ -n "$IN_NIX_SHELL" ]] && printf " 🐚")'';
in '' in ''
PROMPT='%F{%(!.red.green)}%n%f@%m %(?.%F{green}%f.%F{red} ($?%))%f %F{blue}%~%f${inNixShell}%F{magenta}$(git_prompt_info)%f$prompt_newline%_%F{%(!.red.green)}$(prompt_char)%f ' PROMPT='%F{%(!.red.green)}%n%f@%m %(?.%F{green}%f.%F{red} ($?%))%f %F{blue}%~%f${inNixShell}%F{magenta}$(git_prompt_info)%f$prompt_newline%_%F{%(!.red.green)}$(prompt_char)%f '
RPROMPT="" RPROMPT=""
@ -59,8 +57,8 @@ in {
${if builtins.hasAttr "homeshick" pkgs then '' ${if builtins.hasAttr "homeshick" pkgs then ''
source ${pkgs.homeshick}/homeshick.sh source ${pkgs.homeshick}/homeshick.sh
fpath=(${pkgs.homeshick}/completions $fpath) fpath=(${pkgs.homeshick}/completions $fpath)
'' else '' '' else
''} ""}
# Disable intercepting of ctrl-s and ctrl-q as flow control. # Disable intercepting of ctrl-s and ctrl-q as flow control.
stty stop ''' -ixoff -ixon stty stop ''' -ixoff -ixon
@ -117,10 +115,7 @@ in {
oh-my-zsh = { oh-my-zsh = {
enable = true; enable = true;
theme = "tjkirch"; theme = "tjkirch";
plugins = [ plugins = [ "git" "sudo" ];
"git"
"sudo"
];
}; };
}; };
} }

3
nix/ops/nano/configuration.nix
View file

@ -5,8 +5,7 @@
{ n, pkgs, ... }: { n, pkgs, ... }:
{ {
imports = imports = [ # Include the results of the hardware scan.
[ # Include the results of the hardware scan.
./hardware-configuration.nix ./hardware-configuration.nix
]; ];

11
nix/ops/nano/hardware-configuration.nix
View file

@ -4,16 +4,15 @@
{ config, lib, pkgs, ... }: { config, lib, pkgs, ... }:
{ {
imports = imports = [ <nixpkgs/nixos/modules/installer/scan/not-detected.nix> ];
[ <nixpkgs/nixos/modules/installer/scan/not-detected.nix>
];
boot.initrd.availableKernelModules = [ "xhci_pci" "ehci_pci" "ahci" "usb_storage" "usbhid" "sd_mod" ]; boot.initrd.availableKernelModules =
[ "xhci_pci" "ehci_pci" "ahci" "usb_storage" "usbhid" "sd_mod" ];
boot.kernelModules = [ "kvm-intel" ]; boot.kernelModules = [ "kvm-intel" ];
boot.extraModulePackages = [ ]; boot.extraModulePackages = [ ];
fileSystems."/" = fileSystems."/" = {
{ device = "/dev/disk/by-uuid/e02a410e-5044-440f-90e9-b573e51f1315"; device = "/dev/disk/by-uuid/e02a410e-5044-440f-90e9-b573e51f1315";
fsType = "ext4"; fsType = "ext4";
}; };

11
nix/ops/nanos@kn.nix
View file

@ -1,10 +1,10 @@
{ nixpkgs ? import <nixpkgs> {} { nixpkgs ? import <nixpkgs> { }, nrNanos ? 1 # Number of nanos
, nrNanos ? 1 # Number of nanos
}: }:
let let
pkgs = nixpkgs; pkgs = nixpkgs;
webserver = { services.httpd.enable = true; webserver = {
services.httpd.enable = true;
services.httpd.adminAddr = "mail@stefanjunker.de"; services.httpd.adminAddr = "mail@stefanjunker.de";
services.httpd.documentRoot = "${pkgs.nixops}/share/doc/nixops/"; services.httpd.documentRoot = "${pkgs.nixops}/share/doc/nixops/";
networking.firewall.allowedTCPPorts = [ 80 ]; networking.firewall.allowedTCPPorts = [ 80 ];
@ -19,8 +19,7 @@ let
deployment.targetHost = "nano${toString n}"; deployment.targetHost = "nano${toString n}";
}; };
mkNanos = n: nixpkgs.lib.nameValuePair "nano${toString n}" ( mkNanos = n:
mkNano { inherit n; } nixpkgs.lib.nameValuePair "nano${toString n}" (mkNano { inherit n; });
);
in nixpkgs.lib.listToAttrs (map mkNanos (nixpkgs.lib.range 0 (nrNanos - 1))) in nixpkgs.lib.listToAttrs (map mkNanos (nixpkgs.lib.range 0 (nrNanos - 1)))

39
nix/os/containers/backup-target.nix
View file

@ -1,14 +1,9 @@
{ hostAddress { hostAddress, localAddress, containerBackupCfg
, localAddress , sshPort ? containerBackupCfg.portInt }: {
, containerBackupCfg
, sshPort ? containerBackupCfg.portInt
}: {
config = { config, pkgs, lib, ... }: { config = { config, pkgs, lib, ... }: {
system.stateVersion = "21.11"; # Did you read the comment? system.stateVersion = "21.11"; # Did you read the comment?
imports = [ imports = [ ../profiles/containers/configuration.nix ];
../profiles/containers/configuration.nix
];
networking.firewall.enable = false; networking.firewall.enable = false;
@ -28,7 +23,8 @@
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDNI3H0BRSYOZ/MbTs9J80doJwSd1HymFOP5quNt0J48vxZ5FPVrT2FHpQiNrCcYbCKRsU4X8AiGUHiXC0PapQQ3JDkqp6WZoqBNDx6BI7RadyH1TqVQPlou3pQmCAogzfBInruR53YTDmQqXiPwfM0okPOXgiBNjDfZXOX4+CyUfkmZZwASoicTInqWGkn1sFnh4tyXIkgWflg0njlVmfkVvH71+evvKLYHtoNpVXazkQ0SXbyuW5f3mSta7TNkpC3HbBm+4n+WxYGySrlRLWQhTo+aoWUKk9h5zvECDNpwRtbqzt+bA9nKrdg180ceu8hruwvWNiC6PPA2GW9Z1+VKROviGu1C3dliE/pPCBtK+ZoRVv2CGE+pmAuQsB9Nif9tk5tY6HJhuLNxKYiMfQkiLsDYv6KdZXUIVK/4BIDkZuQNnjhdOQBLnea0ANOhutA9gnjxnsd3UT6ovfazg5gud7n3u4yBtzjTkRrqWZ63eM1NmUVOgMWHQ715pV+hJfOFGqzRBEe3g/p3bWNgpROBYJbG1H8l9DN7emG4FGWsb1HeNFwQ5lS0Zsezb7qzahr4vSmHNugVw7w8ONt5dPbPI9wQnWvkkuHH76P/NYy6OC6lHrN1rXyA1okqdPr06YAZnCot+Pqdgn/ijxgp06J3dtkhin+Q7PoQbGff3ERIw== bkp" "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDNI3H0BRSYOZ/MbTs9J80doJwSd1HymFOP5quNt0J48vxZ5FPVrT2FHpQiNrCcYbCKRsU4X8AiGUHiXC0PapQQ3JDkqp6WZoqBNDx6BI7RadyH1TqVQPlou3pQmCAogzfBInruR53YTDmQqXiPwfM0okPOXgiBNjDfZXOX4+CyUfkmZZwASoicTInqWGkn1sFnh4tyXIkgWflg0njlVmfkVvH71+evvKLYHtoNpVXazkQ0SXbyuW5f3mSta7TNkpC3HbBm+4n+WxYGySrlRLWQhTo+aoWUKk9h5zvECDNpwRtbqzt+bA9nKrdg180ceu8hruwvWNiC6PPA2GW9Z1+VKROviGu1C3dliE/pPCBtK+ZoRVv2CGE+pmAuQsB9Nif9tk5tY6HJhuLNxKYiMfQkiLsDYv6KdZXUIVK/4BIDkZuQNnjhdOQBLnea0ANOhutA9gnjxnsd3UT6ovfazg5gud7n3u4yBtzjTkRrqWZ63eM1NmUVOgMWHQ715pV+hJfOFGqzRBEe3g/p3bWNgpROBYJbG1H8l9DN7emG4FGWsb1HeNFwQ5lS0Zsezb7qzahr4vSmHNugVw7w8ONt5dPbPI9wQnWvkkuHH76P/NYy6OC6lHrN1rXyA1okqdPr06YAZnCot+Pqdgn/ijxgp06J3dtkhin+Q7PoQbGff3ERIw== bkp"
]; ];
packages = with pkgs; [ packages = with pkgs;
[
btrfsProgs btrfsProgs
# btrbk # btrbk
]; ];
@ -38,16 +34,23 @@
security.sudo = { security.sudo = {
enable = true; enable = true;
extraRules = [ extraRules = [{
{
users = [ "bkp" ]; users = [ "bkp" ];
commands = [ commands = [
{ command = "/etc/profiles/per-user/bkp/bin/btrfs"; options = [ "NOPASSWD" ]; } {
{ command = "/run/current-system/sw/bin/readlink"; options = [ "NOPASSWD" ]; } command = "/etc/profiles/per-user/bkp/bin/btrfs";
{ command = "/run/current-system/sw/bin/test"; options = [ "NOPASSWD" ]; } options = [ "NOPASSWD" ];
]; }
{
command = "/run/current-system/sw/bin/readlink";
options = [ "NOPASSWD" ];
}
{
command = "/run/current-system/sw/bin/test";
options = [ "NOPASSWD" ];
} }
]; ];
}];
}; };
}; };
@ -61,14 +64,12 @@
}; };
privateNetwork = true; privateNetwork = true;
forwardPorts = [ forwardPorts = [{
{
# ssh # ssh
containerPort = 22; containerPort = 22;
hostPort = sshPort; hostPort = sshPort;
protocol = "tcp"; protocol = "tcp";
} }];
];
inherit hostAddress localAddress; inherit hostAddress localAddress;
} }

49
nix/os/containers/backup.nix
View file

@ -1,9 +1,4 @@
{ config { config, hostAddress, localAddress, subvolumes, targetPathSuffix ? "" }:
, hostAddress
, localAddress
, subvolumes
, targetPathSuffix ? ""
}:
let let
passwords = import ../../variables/passwords.crypt.nix; passwords = import ../../variables/passwords.crypt.nix;
@ -13,14 +8,9 @@ in {
config = { pkgs, ... }: { config = { pkgs, ... }: {
system.stateVersion = "20.03"; # Did you read the comment? system.stateVersion = "20.03"; # Did you read the comment?
imports = [ imports = [ ../profiles/containers/configuration.nix ];
../profiles/containers/configuration.nix
];
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs; [ btrfs-progs btrbk ];
btrfs-progs
btrbk
];
networking.firewall.enable = true; networking.firewall.enable = true;
@ -28,17 +18,11 @@ in {
enable = true; enable = true;
description = "bkp-sync service"; description = "bkp-sync service";
serviceConfig = { serviceConfig = { Type = "oneshot"; };
Type = "oneshot";
};
after = [ after = [ "bkp-run.service" ];
"bkp-run.service"
];
requires = [ requires = [ "bkp-run.service" ];
"bkp-run.service"
];
path = with pkgs; [ utillinux ]; path = with pkgs; [ utillinux ];
script = '' script = ''
@ -51,13 +35,9 @@ in {
enable = true; enable = true;
description = "bkp-run"; description = "bkp-run";
serviceConfig = { serviceConfig = { Type = "oneshot"; };
Type = "oneshot";
};
partOf = [ partOf = [ "bkp-sync.service" ];
"bkp-sync.service"
];
path = with pkgs; [ btrfs-progs btrbk coreutils ]; path = with pkgs; [ btrfs-progs btrbk coreutils ];
@ -78,7 +58,8 @@ in {
volume ${subvolumeParentDir} volume ${subvolumeParentDir}
target ${passwords.storage.backupTarget.target}/container-volumes/${targetPathSuffix} target ${passwords.storage.backupTarget.target}/container-volumes/${targetPathSuffix}
${builtins.foldl' (sum: elem: sum + " subvolume " + elem + "\n") "" subvolumes} ${builtins.foldl' (sum: elem: sum + " subvolume " + elem + "\n") ""
subvolumes}
''; '';
in '' in ''
#! ${pkgs.bash}/bin/bash #! ${pkgs.bash}/bin/bash
@ -122,13 +103,13 @@ in {
}; };
}; };
allowedDevices = [ allowedDevices = [{
{ node = "/dev/fuse"; modifier = "rw"; } node = "/dev/fuse";
]; modifier = "rw";
}];
privateNetwork = true; privateNetwork = true;
forwardPorts = [ forwardPorts = [ ];
];
inherit hostAddress localAddress; inherit hostAddress localAddress;
} }

18
nix/os/containers/mailserver.nix
View file

@ -1,22 +1,14 @@
{ hostAddress { hostAddress, localAddress, imapsPort ? 993, sievePort ? 4190 }:
, localAddress
, imapsPort ? 993
, sievePort ? 4190
}:
let let passwords = import ../../variables/passwords.crypt.nix;
passwords = import ../../variables/passwords.crypt.nix;
in in {
{
config = { pkgs, ... }: { config = { pkgs, ... }: {
system.stateVersion = "21.11"; # Did you read the comment? system.stateVersion = "21.11"; # Did you read the comment?
imports = [ imports =
../profiles/containers/configuration.nix [ ../profiles/containers/configuration.nix ../profiles/common/user.nix ];
../profiles/common/user.nix
];
networking.firewall.enable = false; networking.firewall.enable = false;

11
nix/os/containers/syncthing.nix
View file

@ -1,17 +1,12 @@
{ hostAddress { hostAddress, localAddress, syncthingPort ? 22000
, localAddress , syncthingLocalAnnouncePort ? 21027 }:
, syncthingPort ? 22000
, syncthingLocalAnnouncePort ? 21027
}:
{ {
config = { config, pkgs, ... }: { config = { config, pkgs, ... }: {
system.stateVersion = "20.05"; # Did you read the comment? system.stateVersion = "20.05"; # Did you read the comment?
imports = [ imports = [ ../profiles/containers/configuration.nix ];
../profiles/containers/configuration.nix
];
networking.firewall.enable = true; networking.firewall.enable = true;
networking.firewall.allowedTCPPorts = [ networking.firewall.allowedTCPPorts = [

33
nix/os/containers/webserver.nix
View file

@ -1,19 +1,11 @@
{ hostAddress { hostAddress, localAddress, httpPort ? 80, httpsPort ? 443 }:
, localAddress
, httpPort ? 80
, httpsPort ? 443
}:
let let passwords = import ../../variables/passwords.crypt.nix;
passwords = import ../../variables/passwords.crypt.nix; in {
in
{
config = { config, pkgs, lib, ... }: { config = { config, pkgs, lib, ... }: {
system.stateVersion = "22.05"; # Did you read the comment? system.stateVersion = "22.05"; # Did you read the comment?
imports = [ imports = [ ../profiles/containers/configuration.nix ];
../profiles/containers/configuration.nix
];
networking.firewall.enable = false; networking.firewall.enable = false;
@ -58,20 +50,16 @@ in
# sslCertificate = "/etc/secrets/stefanjunker.de/nginx/nginx.crt"; # sslCertificate = "/etc/secrets/stefanjunker.de/nginx/nginx.crt";
# sslCertificateKey = "/etc/secrets/stefanjunker.de/nginx/nginx.key"; # sslCertificateKey = "/etc/secrets/stefanjunker.de/nginx/nginx.key";
locations."/fi" = { locations."/fi" = { index = "index.php"; };
index = "index.php";
};
locations."~ ^(.+\.php)(.*)$".extraConfig = '' locations."~ ^(.+.php)(.*)$".extraConfig = ''
fastcgi_split_path_info ^(.+\.php)(.*)$; fastcgi_split_path_info ^(.+\.php)(.*)$;
fastcgi_pass unix:${config.services.phpfpm.pools.mypool.socket}; fastcgi_pass unix:${config.services.phpfpm.pools.mypool.socket};
fastcgi_index index.php; fastcgi_index index.php;
''; '';
locations."/hedgedoc/" = { locations."/hedgedoc/" = { proxyPass = "http://127.0.0.1:3000/"; };
proxyPass = "http://127.0.0.1:3000/";
};
locations."/hedgedoc/socket.io/" = { locations."/hedgedoc/socket.io/" = {
proxyPass = "http://127.0.0.1:3000/socket.io/"; proxyPass = "http://127.0.0.1:3000/socket.io/";
@ -92,15 +80,14 @@ in
"pm.max_spare_servers" = 3; "pm.max_spare_servers" = 3;
"pm.max_requests" = 500; "pm.max_requests" = 500;
"php_admin_value[error_reporting]" = "E_ALL & ~E_NOTICE & ~E_WARNING & ~E_STRICT & ~E_DEPRECATED"; "php_admin_value[error_reporting]" =
"E_ALL & ~E_NOTICE & ~E_WARNING & ~E_STRICT & ~E_DEPRECATED";
}; };
}; };
# the custom php5 we're using here has no fpm-systemd, so the default `Type = "notify"` won't work # the custom php5 we're using here has no fpm-systemd, so the default `Type = "notify"` won't work
systemd.services."phpfpm-mypool" = { systemd.services."phpfpm-mypool" = {
serviceConfig = { serviceConfig = { Type = lib.mkForce "simple"; };
Type = lib.mkForce "simple";
};
}; };
services.mysql = { services.mysql = {

4
nix/os/devices/167.233.1.14/boot.nix
View file

@ -1,6 +1,4 @@
{ lib { lib, ... }:
, ...
}:
{ {
boot.loader.grub.efiSupport = lib.mkForce false; boot.loader.grub.efiSupport = lib.mkForce false;

3
nix/os/devices/167.233.1.14/configuration.nix
View file

@ -1,8 +1,7 @@
{ ... }: { ... }:
{ {
disabledModules = [ disabledModules = [ ];
];
imports = [ imports = [
../../profiles/common/configuration.nix ../../profiles/common/configuration.nix

13
nix/os/devices/167.233.1.14/hw.nix
View file

@ -18,8 +18,7 @@ let
"ata_generic" "ata_generic"
]; ];
in in {
{
fileSystems."/boot" = { fileSystems."/boot" = {
device = "/dev/disk/by-uuid/354fb107-2f4a-42ad-80dd-9dddb61bfd02"; device = "/dev/disk/by-uuid/354fb107-2f4a-42ad-80dd-9dddb61bfd02";
fsType = "ext4"; fsType = "ext4";
@ -39,14 +38,12 @@ in
neededForBoot = true; neededForBoot = true;
}; };
swapDevices = [ { device = "/dev/disk/by-uuid/d16b5f4a-f38c-41c6-8aae-1625be815f9d"; } ]; swapDevices =
[{ device = "/dev/disk/by-uuid/d16b5f4a-f38c-41c6-8aae-1625be815f9d"; }];
boot.loader.grub = { boot.loader.grub = { device = "/dev/vda"; };
device = "/dev/vda";
};
boot.initrd.availableKernelModules = stage1Modules; boot.initrd.availableKernelModules = stage1Modules;
boot.initrd.kernelModules = stage1Modules; boot.initrd.kernelModules = stage1Modules;
boot.extraModprobeConfig = '' boot.extraModprobeConfig = "";
'';
} }

23
nix/os/devices/167.233.1.14/pkg.nix
View file

@ -1,14 +1,14 @@
{ config { config, pkgs, lib, ... }:
, pkgs
, lib
, ...
}:
{ {
nixpkgs.config.packageOverrides = pkgs: with pkgs; { nixpkgs.config.packageOverrides = pkgs:
nixPath = (import ../../../default.nix { versionsPath = ./versions.nix; }).nixPath; with pkgs; {
nixPath = (import ../../../default.nix {
versionsPath = ./versions.nix;
}).nixPath;
}; };
home-manager.users.steveej = import ../../../home-manager/configuration/text-minimal.nix { home-manager.users.steveej =
import ../../../home-manager/configuration/text-minimal.nix {
inherit pkgs; inherit pkgs;
extraPackages = [ extraPackages = [
# required by vscode's remote-ssh plugin # required by vscode's remote-ssh plugin
@ -20,11 +20,10 @@
]; ];
}; };
nix.buildMachines = [ nix.buildMachines = [{
{ hostName = "localhost"; hostName = "localhost";
system = "x86_64-linux"; system = "x86_64-linux";
supportedFeatures = [ "kvm" "nixos-test" "big-parallel" "benchmark" ]; supportedFeatures = [ "kvm" "nixos-test" "big-parallel" "benchmark" ];
maxJobs = 4; maxJobs = 4;
} }];
];
} }

38
nix/os/devices/167.233.1.14/system.nix
View file

@ -1,15 +1,9 @@
{ pkgs { pkgs, lib, config, ... }:
, lib
, config
, ... }:
let let keys = import ../../../variables/keys.nix;
keys = import ../../../variables/keys.nix;
in { in {
nix.binaryCaches = [ nix.binaryCaches = [ "https://cache.holo.host" ];
"https://cache.holo.host"
];
nix.binaryCachePublicKeys = [ nix.binaryCachePublicKeys = [
"cache.holo.host-1:lNXIXtJgS9Iuw4Cu6X0HINLu9sTfcjEntnrgwMQIMcE=" "cache.holo.host-1:lNXIXtJgS9Iuw4Cu6X0HINLu9sTfcjEntnrgwMQIMcE="
@ -32,11 +26,11 @@ in {
networking.interfaces.eth0 = { networking.interfaces.eth0 = {
mtu = 1400; mtu = 1400;
useDHCP = false; useDHCP = false;
ipv4.addresses = [ ipv4.addresses = [{
{ "address" = "167.233.1.14"; "prefixLength" = 29; } "address" = "167.233.1.14";
]; "prefixLength" = 29;
ipv6.addresses = [ }];
]; ipv6.addresses = [ ];
}; };
networking.defaultGateway = { networking.defaultGateway = {
@ -49,9 +43,7 @@ in {
interface = "eth0"; interface = "eth0";
}; };
networking.nameservers = [ networking.nameservers = [ "1.1.1.1" ];
"1.1.1.1"
];
networking.nat = { networking.nat = {
enable = true; enable = true;
@ -63,9 +55,7 @@ in {
# services.kubernetes.roles = ["master" "node"]; # services.kubernetes.roles = ["master" "node"];
# virtualization # virtualization
virtualisation = { virtualisation = { docker.enable = true; };
docker.enable = true;
};
services.spice-vdagentd.enable = true; services.spice-vdagentd.enable = true;
services.qemuGuest.enable = true; services.qemuGuest.enable = true;
@ -79,9 +69,7 @@ in {
''; '';
}; };
systemd.services.sshd.serviceConfig = { systemd.services.sshd.serviceConfig = { TasksMax = 32; };
TasksMax = 32;
};
systemd.timers."sshd-status" = { systemd.timers."sshd-status" = {
description = "Timer to trigger sshd-status periodically"; description = "Timer to trigger sshd-status periodically";
@ -95,9 +83,7 @@ in {
}; };
}; };
nix.gc = { nix.gc = { automatic = true; };
automatic = true;
};
networking.useHostResolvConf = true; networking.useHostResolvConf = true;

3
nix/os/devices/167.233.1.14/versions.nix
View file

@ -4,9 +4,8 @@ let
ref = "nixos-21.11"; ref = "nixos-21.11";
rev = "e34c5379866833f41e2a36f309912fa675d687c7"; rev = "e34c5379866833f41e2a36f309912fa675d687c7";
}; };
in
{ in {
inherit nixpkgs; inherit nixpkgs;
"channels-nixos-stable" = nixpkgs; "channels-nixos-stable" = nixpkgs;
"channels-nixos-21.05" = { "channels-nixos-21.05" = {

35
nix/os/devices/167.233.1.14/versions.tmpl.nix
View file

@ -2,46 +2,61 @@ let
nixpkgs = { nixpkgs = {
url = "https://github.com/NixOS/nixpkgs/"; url = "https://github.com/NixOS/nixpkgs/";
ref = "nixos-21.11"; ref = "nixos-21.11";
rev = "<% git ls-remote https://github.com/nixos/nixpkgs nixos-21.11 | awk '{ print $1 }' | tr -d '\n' -%>"; rev = ''
<% git ls-remote https://github.com/nixos/nixpkgs nixos-21.11 | awk '{ print $1 }' | tr -d '
' -%>'';
}; };
in
{ in {
inherit nixpkgs; inherit nixpkgs;
"channels-nixos-stable" = nixpkgs; "channels-nixos-stable" = nixpkgs;
"channels-nixos-21.05" = { "channels-nixos-21.05" = {
url = "https://github.com/NixOS/nixpkgs/"; url = "https://github.com/NixOS/nixpkgs/";
ref = "nixos-21.05"; ref = "nixos-21.05";
rev = "<% git ls-remote https://github.com/nixos/nixpkgs nixos-20.05 | awk '{ print $1 }' | tr -d '\n' -%>"; rev = ''
<% git ls-remote https://github.com/nixos/nixpkgs nixos-20.05 | awk '{ print $1 }' | tr -d '
' -%>'';
}; };
"channels-nixos-20.09" = { "channels-nixos-20.09" = {
url = "https://github.com/NixOS/nixpkgs/"; url = "https://github.com/NixOS/nixpkgs/";
ref = "nixos-20.09"; ref = "nixos-20.09";
rev = "<% git ls-remote https://github.com/nixos/nixpkgs nixos-20.09 | awk '{ print $1 }' | tr -d '\n' -%>"; rev = ''
<% git ls-remote https://github.com/nixos/nixpkgs nixos-20.09 | awk '{ print $1 }' | tr -d '
' -%>'';
}; };
"channels-nixos-20.03" = { "channels-nixos-20.03" = {
url = "https://github.com/NixOS/nixpkgs/"; url = "https://github.com/NixOS/nixpkgs/";
ref = "nixos-20.03"; ref = "nixos-20.03";
rev = "<% git ls-remote https://github.com/nixos/nixpkgs nixos-20.03 | awk '{ print $1 }' | tr -d '\n' -%>"; rev = ''
<% git ls-remote https://github.com/nixos/nixpkgs nixos-20.03 | awk '{ print $1 }' | tr -d '
' -%>'';
}; };
"channels-nixos-19.09" = { "channels-nixos-19.09" = {
url = "https://github.com/NixOS/nixpkgs/"; url = "https://github.com/NixOS/nixpkgs/";
ref = "nixos-19.09"; ref = "nixos-19.09";
rev = "<% git ls-remote https://github.com/nixos/nixpkgs nixos-19.09 | awk '{ print $1 }' | tr -d '\n' -%>"; rev = ''
<% git ls-remote https://github.com/nixos/nixpkgs nixos-19.09 | awk '{ print $1 }' | tr -d '
' -%>'';
}; };
"channels-nixos-unstable" = { "channels-nixos-unstable" = {
url = "https://github.com/NixOS/nixpkgs/"; url = "https://github.com/NixOS/nixpkgs/";
ref = "nixos-unstable"; ref = "nixos-unstable";
rev = "<% git ls-remote https://github.com/nixos/nixpkgs nixos-unstable | awk '{ print $1 }' | tr -d '\n' -%>"; rev = ''
<% git ls-remote https://github.com/nixos/nixpkgs nixos-unstable | awk '{ print $1 }' | tr -d '
' -%>'';
}; };
"nixpkgs-master" = { "nixpkgs-master" = {
url = "https://github.com/NixOS/nixpkgs/"; url = "https://github.com/NixOS/nixpkgs/";
ref = "master"; ref = "master";
rev = "<% git ls-remote https://github.com/NixOS/nixpkgs.git master | head -n1 | awk '{ print $1 }' | tr -d '\n' -%>"; rev = ''
<% git ls-remote https://github.com/NixOS/nixpkgs.git master | head -n1 | awk '{ print $1 }' | tr -d '
' -%>'';
}; };
"home-manager-module" = { "home-manager-module" = {
url = "https://github.com/nix-community/home-manager"; url = "https://github.com/nix-community/home-manager";
ref = "release-21.05"; ref = "release-21.05";
rev = "<% git ls-remote https://github.com/nix-community/home-manager.git release-21.05 | awk '{ print $1 }' | tr -d '\n' -%>"; rev = ''
<% git ls-remote https://github.com/nix-community/home-manager.git release-21.05 | awk '{ print $1 }' | tr -d '
' -%>'';
}; };
} }

31
nix/os/devices/default.nix
View file

@ -1,23 +1,16 @@
{ dir { dir, pkgs ? import <channels-nixos-stable> { }
, pkgs ? import <channels-nixos-stable> {} , ownLib ? import ../lib/default.nix { }, gitRoot ?
, ownLib ? import ../lib/default.nix { } "$(git rev-parse --show-toplevel)"
, gitRoot ? "$(git rev-parse --show-toplevel)"
# FIXME: why do these need explicit mentioning? # FIXME: why do these need explicit mentioning?
, moreargs ? "" , moreargs ? "", rebuildarg ? "", ... }@args:
, rebuildarg ? ""
, ...
} @ args :
let let
rebuildargsSudo = [ "switch" "boot" ]; rebuildargsSudo = [ "switch" "boot" ];
rebuild = { rebuild = { gitRoot, rebuildarg ? "dry-activate", moreargs ? ""
gitRoot
, rebuildarg ? "dry-activate"
, moreargs ? ""
, ... , ... }:
}: pkgs.writeScript "script" '' pkgs.writeScript "script" ''
#!/usr/bin/env bash #!/usr/bin/env bash
set -xe set -xe
@ -31,16 +24,13 @@ let
fi fi
${if (builtins.elem rebuildarg rebuildargsSudo) ${if (builtins.elem rebuildarg rebuildargsSudo)
&& (builtins.match ".*--target-host.*" moreargs) == null && (builtins.match ".*--target-host.*" moreargs) == null then
then
"sudo -E \\" "sudo -E \\"
else else
"" ""}
}
nixos-rebuild --show-trace -I nixos-config=''${NIXOS_CONFIG} ${rebuildarg} ${moreargs} nixos-rebuild --show-trace -I nixos-config=''${NIXOS_CONFIG} ${rebuildarg} ${moreargs}
''; '';
in { in {
recipes = { recipes = {
rebuild = rebuild { rebuild = rebuild {
@ -51,6 +41,5 @@ in {
# // pkgs.lib.attrsets.optionalAttrs (moreargs != "") { inherit moreargs; } # // pkgs.lib.attrsets.optionalAttrs (moreargs != "") { inherit moreargs; }
# // pkgs.lib.attrsets.optionalAttrs (rebuildarg != "") { inherit rebuildarg; } # // pkgs.lib.attrsets.optionalAttrs (rebuildarg != "") { inherit rebuildarg; }
; ;
} // (import ./disk.nix (args // { inherit pkgs ownLib gitRoot; })) } // (import ./disk.nix (args // { inherit pkgs ownLib gitRoot; }));
;
} }

52
nix/os/devices/disk.nix
View file

@ -1,16 +1,12 @@
{ pkgs { pkgs, ownLib, dir, gitRoot, diskId ?
, ownLib (import ((builtins.getEnv "PWD") + "/${dir}/hw.nix")
, dir { }).hardware.opinionatedDisk.diskId, encrypted ?
, gitRoot (import ((builtins.getEnv "PWD") + "/${dir}/hw.nix")
, diskId ? (import ((builtins.getEnv "PWD")+"/${dir}/hw.nix") {}).hardware.opinionatedDisk.diskId { }).hardware.opinionatedDisk.encrypted, previousDiskId ? ""
, encrypted ? (import ((builtins.getEnv "PWD")+"/${dir}/hw.nix") {}).hardware.opinionatedDisk.encrypted
, previousDiskId ? ""
, ... , ... }:
}:
let let mntRootVol = "/mnt/${diskId}-root";
mntRootVol="/mnt/${diskId}-root";
in rec { in rec {
diskMount = pkgs.writeScript "script" '' diskMount = pkgs.writeScript "script" ''
@ -18,14 +14,18 @@ in rec {
set -xe set -xe
echo Mounting ${diskId} echo Mounting ${diskId}
${pkgs.lib.strings.optionalString encrypted '' ${pkgs.lib.strings.optionalString encrypted ''
sudo cryptsetup luksOpen ${ownLib.disk.bootLuksDevice diskId} ${ownLib.disk.luksName diskId} sudo cryptsetup luksOpen ${ownLib.disk.bootLuksDevice diskId} ${
ownLib.disk.luksName diskId
}
''} ''}
sleep 1 sleep 1
sudo vgchange -ay ${ownLib.disk.volumeGroup diskId} sudo vgchange -ay ${ownLib.disk.volumeGroup diskId}
sudo mkdir -p /mnt sudo mkdir -p /mnt
sudo mkdir ${mntRootVol} sudo mkdir ${mntRootVol}
sudo mount ${ownLib.disk.rootFsDevice diskId} ${mntRootVol} sudo mount ${ownLib.disk.rootFsDevice diskId} ${mntRootVol}
sudo mount ${ownLib.disk.rootFsDevice diskId} ${mntRootVol}/nixos/home -o subvol=home sudo mount ${
ownLib.disk.rootFsDevice diskId
} ${mntRootVol}/nixos/home -o subvol=home
sudo mount ${ownLib.disk.bootFsDevice diskId} ${mntRootVol}/nixos/boot sudo mount ${ownLib.disk.bootFsDevice diskId} ${mntRootVol}/nixos/boot
''; '';
@ -62,7 +62,9 @@ in rec {
#!/usr/bin/env bash #!/usr/bin/env bash
set -xe set -xe
read -p "Continue to format ${ownLib.disk.bootGrubDevice diskId} (YES/n)? " choice read -p "Continue to format ${
ownLib.disk.bootGrubDevice diskId
} (YES/n)? " choice
case "$choice" in case "$choice" in
YES ) echo "Continuing in 3 seconds..."; sleep 3;; YES ) echo "Continuing in 3 seconds..."; sleep 3;;
n|N ) echo "Exiting..."; exit 0;; n|N ) echo "Exiting..."; exit 0;;
@ -109,11 +111,15 @@ in rec {
${pkgs.lib.strings.optionalString encrypted '' ${pkgs.lib.strings.optionalString encrypted ''
# Encrypt # Encrypt
sudo cryptsetup luksFormat ${ownLib.disk.bootLuksDevice diskId} - sudo cryptsetup luksFormat ${ownLib.disk.bootLuksDevice diskId} -
sudo cryptsetup luksOpen ${ownLib.disk.bootLuksDevice diskId} ${ownLib.disk.luksName diskId} sudo cryptsetup luksOpen ${ownLib.disk.bootLuksDevice diskId} ${
ownLib.disk.luksName diskId
}
''} ''}
# LVM # LVM
sudo vgcreate ${ownLib.disk.volumeGroup diskId} ${ownLib.disk.lvmPv diskId encrypted} sudo vgcreate ${ownLib.disk.volumeGroup diskId} ${
ownLib.disk.lvmPv diskId encrypted
}
sudo lvcreate ${ownLib.disk.volumeGroup diskId} -L 2G -n swap sudo lvcreate ${ownLib.disk.volumeGroup diskId} -L 2G -n swap
sudo lvcreate ${ownLib.disk.volumeGroup diskId} -l 100%FREE -n root sudo lvcreate ${ownLib.disk.volumeGroup diskId} -l 100%FREE -n root
@ -137,7 +143,9 @@ in rec {
#!/usr/bin/env bash #!/usr/bin/env bash
set -xe set -xe
read -p "Continue to relabel ${ownLib.disk.bootGrubDevice diskId} (YES/n)?" choice read -p "Continue to relabel ${
ownLib.disk.bootGrubDevice diskId
} (YES/n)?" choice
case "$choice" in case "$choice" in
YES ) echo "Continuing in 3 seconds..."; sleep 3;; YES ) echo "Continuing in 3 seconds..."; sleep 3;;
n|N ) echo "Exiting..."; exit 0;; n|N ) echo "Exiting..."; exit 0;;
@ -168,9 +176,13 @@ in rec {
if test "${previousDiskId}"; then if test "${previousDiskId}"; then
${pkgs.lib.strings.optionalString encrypted '' ${
sudo cryptsetup luksOpen ${ownLib.disk.bootLuksDevice diskId} ${ownLib.disk.luksName diskId} pkgs.lib.strings.optionalString encrypted ''
''} sudo cryptsetup luksOpen ${ownLib.disk.bootLuksDevice diskId} ${
ownLib.disk.luksName diskId
}
''
}
sync sync
sleep 1 sleep 1
if sudo vgs ${previousDiskId}; then if sudo vgs ${previousDiskId}; then

4
nix/os/devices/elias-e525/boot.nix
View file

@ -1,6 +1,4 @@
{ lib { lib, ... }:
, ...
}:
{ {
boot.loader.grub.efiInstallAsRemovable = lib.mkForce true; boot.loader.grub.efiInstallAsRemovable = lib.mkForce true;

3
nix/os/devices/elias-e525/hw.nix
View file

@ -9,6 +9,5 @@
}; };
# boot.initrd.availableKernelModules = stage1Modules; # boot.initrd.availableKernelModules = stage1Modules;
boot.extraModprobeConfig = '' boot.extraModprobeConfig = "";
'';
} }

31
nix/os/devices/elias-e525/pkg.nix
View file

@ -1,13 +1,11 @@
{ pkgs { pkgs, lib, ... }:
, lib
, ...
}:
let let
homeEnv = keyboard: homeEnv = keyboard: {
{
imports = [ imports = [
(import ../../../home-manager/configuration/graphical-gnome3.nix { inherit pkgs; }) (import ../../../home-manager/configuration/graphical-gnome3.nix {
inherit pkgs;
})
]; ];
home.keyboard = keyboard; home.keyboard = keyboard;
@ -20,17 +18,16 @@ let
jitsi jitsi
]; ];
}; };
in
{ in {
nixpkgs.config.packageOverrides = pkgs: with pkgs; { nixpkgs.config.packageOverrides = pkgs:
nixPath = (import ../../../default.nix { versionsPath = ./versions.nix; }).nixPath; with pkgs; {
nixPath = (import ../../../default.nix {
versionsPath = ./versions.nix;
}).nixPath;
}; };
services.gnome = services.gnome = builtins.mapAttrs (attr: value: lib.mkForce value) {
builtins.mapAttrs
(attr: value: lib.mkForce value)
{
games.enable = true; games.enable = true;
gnome-remote-desktop.enable = true; gnome-remote-desktop.enable = true;
gnome-user-share.enable = true; gnome-user-share.enable = true;
@ -38,8 +35,7 @@ in
sushi.enable = true; sushi.enable = true;
tracker.enable = true; tracker.enable = true;
tracker-miners.enable = true; tracker-miners.enable = true;
} };
;
home-manager.users.steveej = homeEnv { home-manager.users.steveej = homeEnv {
layout = "en"; layout = "en";
@ -59,7 +55,6 @@ in
variant = ""; variant = "";
}; };
services.teamviewer.enable = true; services.teamviewer.enable = true;
system.stateVersion = "21.11"; system.stateVersion = "21.11";
} }

19
nix/os/devices/elias-e525/system.nix
View file

@ -1,13 +1,8 @@
{ pkgs { pkgs, lib, config, ... }:
, lib
, config
, ... }:
let let
in in {
{
# TASK: new device # TASK: new device
networking.hostName = "elias-e525"; # Define your hostname. networking.hostName = "elias-e525"; # Define your hostname.
@ -22,10 +17,7 @@ in
services.printing = { services.printing = {
enable = true; enable = true;
drivers = with pkgs; [ drivers = with pkgs; [ mfcl3770cdw.driver mfcl3770cdw.cupswrapper ];
mfcl3770cdw.driver
mfcl3770cdw.cupswrapper
];
}; };
services.fprintd.enable = true; services.fprintd.enable = true;
@ -49,9 +41,8 @@ in
# udev.packages = [ pkgs.gnome3.gnome-settings-daemon ]; # udev.packages = [ pkgs.gnome3.gnome-settings-daemon ];
}; };
security.pki.certificateFiles = [ security.pki.certificateFiles =
"${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt" [ "${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt" ];
];
services.xserver.videoDrivers = [ "modesetting" ]; services.xserver.videoDrivers = [ "modesetting" ];

4
nix/os/devices/elias-e525/user.nix
View file

@ -1,6 +1,4 @@
{ config { config, pkgs, ... }:
, pkgs
, ... }:
let let
passwords = import ../../../variables/passwords.crypt.nix; passwords = import ../../../variables/passwords.crypt.nix;

7
nix/os/devices/elias-e525/versions.nix
View file

@ -4,13 +4,10 @@ let
ref = "nixos-21.11"; ref = "nixos-21.11";
rev = "386234e2a61e1e8acf94dfa3a3d3ca19a6776efb"; rev = "386234e2a61e1e8acf94dfa3a3d3ca19a6776efb";
}; };
in
{ in {
inherit nixpkgs; inherit nixpkgs;
nixos = nixpkgs // { nixos = nixpkgs // { suffix = "/nixos"; };
suffix = "/nixos";
};
"channels-nixos-stable" = nixpkgs; "channels-nixos-stable" = nixpkgs;
"channels-nixos-unstable" = { "channels-nixos-unstable" = {
url = "https://github.com/NixOS/nixpkgs/"; url = "https://github.com/NixOS/nixpkgs/";

23
nix/os/devices/elias-e525/versions.tmpl.nix
View file

@ -2,29 +2,34 @@ let
nixpkgs = { nixpkgs = {
url = "https://github.com/NixOS/nixpkgs/"; url = "https://github.com/NixOS/nixpkgs/";
ref = "nixos-21.11"; ref = "nixos-21.11";
rev = "<% git ls-remote https://github.com/nixos/nixpkgs nixos-21.11 | awk '{ print $1 }' | tr -d '\n' -%>"; rev = ''
<% git ls-remote https://github.com/nixos/nixpkgs nixos-21.11 | awk '{ print $1 }' | tr -d '
' -%>'';
}; };
in
{ in {
inherit nixpkgs; inherit nixpkgs;
nixos = nixpkgs // { nixos = nixpkgs // { suffix = "/nixos"; };
suffix = "/nixos";
};
"channels-nixos-stable" = nixpkgs; "channels-nixos-stable" = nixpkgs;
"channels-nixos-unstable" = { "channels-nixos-unstable" = {
url = "https://github.com/NixOS/nixpkgs/"; url = "https://github.com/NixOS/nixpkgs/";
ref = "nixos-unstable"; ref = "nixos-unstable";
rev = "<% git ls-remote https://github.com/nixos/nixpkgs nixos-unstable | awk '{ print $1 }' | tr -d '\n' -%>"; rev = ''
<% git ls-remote https://github.com/nixos/nixpkgs nixos-unstable | awk '{ print $1 }' | tr -d '
' -%>'';
}; };
"nixpkgs-master" = { "nixpkgs-master" = {
url = "https://github.com/NixOS/nixpkgs/"; url = "https://github.com/NixOS/nixpkgs/";
ref = "master"; ref = "master";
rev = "<% git ls-remote https://github.com/NixOS/nixpkgs.git master | head -n1 | awk '{ print $1 }' | tr -d '\n' -%>"; rev = ''
<% git ls-remote https://github.com/NixOS/nixpkgs.git master | head -n1 | awk '{ print $1 }' | tr -d '
' -%>'';
}; };
"home-manager-module" = { "home-manager-module" = {
url = "https://github.com/nix-community/home-manager"; url = "https://github.com/nix-community/home-manager";
ref = "release-21.11"; ref = "release-21.11";
rev = "<% git ls-remote https://github.com/nix-community/home-manager.git release-21.11 | awk '{ print $1 }' | tr -d '\n' -%>"; rev = ''
<% git ls-remote https://github.com/nix-community/home-manager.git release-21.11 | awk '{ print $1 }' | tr -d '
' -%>'';
}; };
} }

4
nix/os/devices/fwhost1/boot.nix
View file

@ -1,6 +1,4 @@
{ lib { lib, ... }:
, ...
}:
{ {
boot.loader.grub.efiInstallAsRemovable = lib.mkForce true; boot.loader.grub.efiInstallAsRemovable = lib.mkForce true;

6
nix/os/devices/fwhost1/hw.nix
View file

@ -2,8 +2,7 @@
let let
in in {
{
# TASK: new device # TASK: new device
hardware.opinionatedDisk = { hardware.opinionatedDisk = {
enable = true; enable = true;
@ -12,6 +11,5 @@ in
}; };
hardware.enableRedistributableFirmware = true; hardware.enableRedistributableFirmware = true;
boot.extraModprobeConfig = '' boot.extraModprobeConfig = "";
'';
} }

22
nix/os/devices/fwhost1/pkg.nix
View file

@ -1,18 +1,18 @@
{ pkgs { pkgs, ... }:
, ...
}:
{ {
nixpkgs.config.packageOverrides = pkgs: with pkgs; { nixpkgs.config.packageOverrides = pkgs:
nixPath = (import ../../../default.nix { versionsPath = ./versions.nix; }).nixPath; with pkgs; {
nixPath = (import ../../../default.nix {
versionsPath = ./versions.nix;
}).nixPath;
};
home-manager.users.steveej =
import ../../../home-manager/configuration/text-minimal.nix {
inherit pkgs;
}; };
home-manager.users.steveej = import ../../../home-manager/configuration/text-minimal.nix { inherit pkgs; };
environment.systemPackages = with pkgs; [ iw wirelesstools ];
environment.systemPackages = with pkgs; [
iw
wirelesstools
];
system.stateVersion = "21.11"; system.stateVersion = "21.11";
} }

20
nix/os/devices/fwhost1/system.nix
View file

@ -1,7 +1,4 @@
{ pkgs { pkgs, lib, config, ... }:
, lib
, config
, ... }:
let let
keys = import ../../../variables/keys.nix; keys = import ../../../variables/keys.nix;
@ -31,16 +28,25 @@ in {
# WAN interfaces, currently unused because the OPNsense guest acts as a router. # WAN interfaces, currently unused because the OPNsense guest acts as a router.
networking.vlans.wan1.id = 3; networking.vlans.wan1.id = 3;
networking.vlans.wan1.interface = "breth"; networking.vlans.wan1.interface = "breth";
networking.interfaces.wan1.ipv4.addresses = [{ address = "192.168.0.15"; prefixLength = 24; } ]; networking.interfaces.wan1.ipv4.addresses = [{
address = "192.168.0.15";
prefixLength = 24;
}];
networking.vlans.wan2.id = 4; networking.vlans.wan2.id = 4;
networking.vlans.wan2.interface = "breth"; networking.vlans.wan2.interface = "breth";
networking.interfaces.wan2.ipv4.addresses = [{ address = "172.16.0.15"; prefixLength = 12; } ]; networking.interfaces.wan2.ipv4.addresses = [{
address = "172.16.0.15";
prefixLength = 12;
}];
# Local interfaces, all accessed via VLAN tags on the main bridge # Local interfaces, all accessed via VLAN tags on the main bridge
networking.vlans.lan.id = 1; networking.vlans.lan.id = 1;
networking.vlans.lan.interface = "breth"; networking.vlans.lan.interface = "breth";
networking.interfaces.lan.ipv4.addresses = [{ address = "172.172.171.15"; prefixLength = 24; } ]; networking.interfaces.lan.ipv4.addresses = [{
address = "172.172.171.15";
prefixLength = 24;
}];
networking.vlans.dmz.id = 5; networking.vlans.dmz.id = 5;
networking.vlans.dmz.interface = "breth"; networking.vlans.dmz.interface = "breth";

7
nix/os/devices/fwhost1/user.nix
View file

@ -1,11 +1,8 @@
{ config { config, pkgs, ... }:
, pkgs
, ... }:
let let
passwords = import ../../../variables/passwords.crypt.nix; passwords = import ../../../variables/passwords.crypt.nix;
keys = import ../../../variables/keys.nix; keys = import ../../../variables/keys.nix;
inherit (import ../../lib/default.nix { }) mkUser; inherit (import ../../lib/default.nix { }) mkUser;
in { in { }
}

7
nix/os/devices/fwhost1/versions.nix
View file

@ -4,13 +4,10 @@ let
ref = "nixos-21.11"; ref = "nixos-21.11";
rev = "386234e2a61e1e8acf94dfa3a3d3ca19a6776efb"; rev = "386234e2a61e1e8acf94dfa3a3d3ca19a6776efb";
}; };
in
{ in {
inherit nixpkgs; inherit nixpkgs;
nixos = nixpkgs // { nixos = nixpkgs // { suffix = "/nixos"; };
suffix = "/nixos";
};
"channels-nixos-stable" = nixpkgs; "channels-nixos-stable" = nixpkgs;
"channels-nixos-unstable" = { "channels-nixos-unstable" = {

23
nix/os/devices/fwhost1/versions.tmpl.nix
View file

@ -2,30 +2,35 @@ let
nixpkgs = { nixpkgs = {
url = "https://github.com/NixOS/nixpkgs/"; url = "https://github.com/NixOS/nixpkgs/";
ref = "nixos-21.11"; ref = "nixos-21.11";
rev = "<% git ls-remote https://github.com/nixos/nixpkgs nixos-21.11 | awk '{ print $1 }' | tr -d '\n' -%>"; rev = ''
<% git ls-remote https://github.com/nixos/nixpkgs nixos-21.11 | awk '{ print $1 }' | tr -d '
' -%>'';
}; };
in
{ in {
inherit nixpkgs; inherit nixpkgs;
nixos = nixpkgs // { nixos = nixpkgs // { suffix = "/nixos"; };
suffix = "/nixos";
};
"channels-nixos-stable" = nixpkgs; "channels-nixos-stable" = nixpkgs;
"channels-nixos-unstable" = { "channels-nixos-unstable" = {
url = "https://github.com/NixOS/nixpkgs/"; url = "https://github.com/NixOS/nixpkgs/";
ref = "nixos-unstable"; ref = "nixos-unstable";
rev = "<% git ls-remote https://github.com/nixos/nixpkgs nixos-unstable | awk '{ print $1 }' | tr -d '\n' -%>"; rev = ''
<% git ls-remote https://github.com/nixos/nixpkgs nixos-unstable | awk '{ print $1 }' | tr -d '
' -%>'';
}; };
"nixpkgs-master" = { "nixpkgs-master" = {
url = "https://github.com/NixOS/nixpkgs/"; url = "https://github.com/NixOS/nixpkgs/";
ref = "master"; ref = "master";
rev = "<% git ls-remote https://github.com/NixOS/nixpkgs.git master | head -n1 | awk '{ print $1 }' | tr -d '\n' -%>"; rev = ''
<% git ls-remote https://github.com/NixOS/nixpkgs.git master | head -n1 | awk '{ print $1 }' | tr -d '
' -%>'';
}; };
"home-manager-module" = { "home-manager-module" = {
url = "https://github.com/nix-community/home-manager"; url = "https://github.com/nix-community/home-manager";
ref = "release-21.11"; ref = "release-21.11";
rev = "<% git ls-remote https://github.com/nix-community/home-manager.git release-21.11 | awk '{ print $1 }' | tr -d '\n' -%>"; rev = ''
<% git ls-remote https://github.com/nix-community/home-manager.git release-21.11 | awk '{ print $1 }' | tr -d '
' -%>'';
}; };
} }

4
nix/os/devices/fwhost2/boot.nix
View file

@ -1,6 +1,4 @@
{ lib { lib, ... }:
, ...
}:
{ {
boot.loader.grub.efiInstallAsRemovable = lib.mkForce true; boot.loader.grub.efiInstallAsRemovable = lib.mkForce true;

6
nix/os/devices/fwhost2/hw.nix
View file

@ -2,8 +2,7 @@
let let
in in {
{
# TASK: new device # TASK: new device
hardware.opinionatedDisk = { hardware.opinionatedDisk = {
enable = true; enable = true;
@ -12,6 +11,5 @@ in
}; };
hardware.enableRedistributableFirmware = true; hardware.enableRedistributableFirmware = true;
boot.extraModprobeConfig = '' boot.extraModprobeConfig = "";
'';
} }

22
nix/os/devices/fwhost2/pkg.nix
View file

@ -1,18 +1,18 @@
{ pkgs { pkgs, ... }:
, ...
}:
{ {
nixpkgs.config.packageOverrides = pkgs: with pkgs; { nixpkgs.config.packageOverrides = pkgs:
nixPath = (import ../../../default.nix { versionsPath = ./versions.nix; }).nixPath; with pkgs; {
nixPath = (import ../../../default.nix {
versionsPath = ./versions.nix;
}).nixPath;
};
home-manager.users.steveej =
import ../../../home-manager/configuration/text-minimal.nix {
inherit pkgs;
}; };
home-manager.users.steveej = import ../../../home-manager/configuration/text-minimal.nix { inherit pkgs; };
environment.systemPackages = with pkgs; [ iw wirelesstools ];
environment.systemPackages = with pkgs; [
iw
wirelesstools
];
system.stateVersion = "21.11"; system.stateVersion = "21.11";
} }

21
nix/os/devices/fwhost2/system.nix
View file

@ -1,8 +1,4 @@
{ pkgs { pkgs, lib, config, utils, ... }:
, lib
, config
, utils
, ... }:
let let
keys = import ../../../variables/keys.nix; keys = import ../../../variables/keys.nix;
@ -32,16 +28,25 @@ in {
# WAN interfaces, currently unused because the OPNsense guest acts as a router. # WAN interfaces, currently unused because the OPNsense guest acts as a router.
networking.vlans.wan1.id = 3; networking.vlans.wan1.id = 3;
networking.vlans.wan1.interface = "breth"; networking.vlans.wan1.interface = "breth";
networking.interfaces.wan1.ipv4.addresses = [{ address = "192.168.0.16"; prefixLength = 24; } ]; networking.interfaces.wan1.ipv4.addresses = [{
address = "192.168.0.16";
prefixLength = 24;
}];
networking.vlans.wan2.id = 4; networking.vlans.wan2.id = 4;
networking.vlans.wan2.interface = "breth"; networking.vlans.wan2.interface = "breth";
networking.interfaces.wan2.ipv4.addresses = [{ address = "172.16.0.16"; prefixLength = 12; } ]; networking.interfaces.wan2.ipv4.addresses = [{
address = "172.16.0.16";
prefixLength = 12;
}];
# Local interfaces, all accessed via VLAN tags on the main bridge # Local interfaces, all accessed via VLAN tags on the main bridge
networking.vlans.lan.id = 1; networking.vlans.lan.id = 1;
networking.vlans.lan.interface = "breth"; networking.vlans.lan.interface = "breth";
networking.interfaces.lan.ipv4.addresses = [{ address = "172.172.171.16"; prefixLength = 24; } ]; networking.interfaces.lan.ipv4.addresses = [{
address = "172.172.171.16";
prefixLength = 24;
}];
networking.vlans.dmz.id = 5; networking.vlans.dmz.id = 5;
networking.vlans.dmz.interface = "breth"; networking.vlans.dmz.interface = "breth";

4
nix/os/devices/fwhost2/user.nix
View file

@ -1,6 +1,4 @@
{ config { config, pkgs, ... }:
, pkgs
, ... }:
let let
passwords = import ../../../variables/passwords.crypt.nix; passwords = import ../../../variables/passwords.crypt.nix;

7
nix/os/devices/fwhost2/versions.nix
View file

@ -4,13 +4,10 @@ let
ref = "nixos-21.11"; ref = "nixos-21.11";
rev = "386234e2a61e1e8acf94dfa3a3d3ca19a6776efb"; rev = "386234e2a61e1e8acf94dfa3a3d3ca19a6776efb";
}; };
in
{ in {
inherit nixpkgs; inherit nixpkgs;
nixos = nixpkgs // { nixos = nixpkgs // { suffix = "/nixos"; };
suffix = "/nixos";
};
"channels-nixos-stable" = nixpkgs; "channels-nixos-stable" = nixpkgs;
"channels-nixos-unstable" = { "channels-nixos-unstable" = {

23
nix/os/devices/fwhost2/versions.tmpl.nix
View file

@ -2,30 +2,35 @@ let
nixpkgs = { nixpkgs = {
url = "https://github.com/NixOS/nixpkgs/"; url = "https://github.com/NixOS/nixpkgs/";
ref = "nixos-21.11"; ref = "nixos-21.11";
rev = "<% git ls-remote https://github.com/nixos/nixpkgs nixos-21.11 | awk '{ print $1 }' | tr -d '\n' -%>"; rev = ''
<% git ls-remote https://github.com/nixos/nixpkgs nixos-21.11 | awk '{ print $1 }' | tr -d '
' -%>'';
}; };
in
{ in {
inherit nixpkgs; inherit nixpkgs;
nixos = nixpkgs // { nixos = nixpkgs // { suffix = "/nixos"; };
suffix = "/nixos";
};
"channels-nixos-stable" = nixpkgs; "channels-nixos-stable" = nixpkgs;
"channels-nixos-unstable" = { "channels-nixos-unstable" = {
url = "https://github.com/NixOS/nixpkgs/"; url = "https://github.com/NixOS/nixpkgs/";
ref = "nixos-unstable"; ref = "nixos-unstable";
rev = "<% git ls-remote https://github.com/nixos/nixpkgs nixos-unstable | awk '{ print $1 }' | tr -d '\n' -%>"; rev = ''
<% git ls-remote https://github.com/nixos/nixpkgs nixos-unstable | awk '{ print $1 }' | tr -d '
' -%>'';
}; };
"nixpkgs-master" = { "nixpkgs-master" = {
url = "https://github.com/NixOS/nixpkgs/"; url = "https://github.com/NixOS/nixpkgs/";
ref = "master"; ref = "master";
rev = "<% git ls-remote https://github.com/NixOS/nixpkgs.git master | head -n1 | awk '{ print $1 }' | tr -d '\n' -%>"; rev = ''
<% git ls-remote https://github.com/NixOS/nixpkgs.git master | head -n1 | awk '{ print $1 }' | tr -d '
' -%>'';
}; };
"home-manager-module" = { "home-manager-module" = {
url = "https://github.com/nix-community/home-manager"; url = "https://github.com/nix-community/home-manager";
ref = "release-21.11"; ref = "release-21.11";
rev = "<% git ls-remote https://github.com/nix-community/home-manager.git release-21.11 | awk '{ print $1 }' | tr -d '\n' -%>"; rev = ''
<% git ls-remote https://github.com/nix-community/home-manager.git release-21.11 | awk '{ print $1 }' | tr -d '
' -%>'';
}; };
} }

4
nix/os/devices/srv0.home-ch.stefanjunker.de/boot.nix
View file

@ -1,6 +1,4 @@
{ lib { lib, ... }:
, ...
}:
{ {
boot.loader.grub.efiSupport = true; boot.loader.grub.efiSupport = true;

3
nix/os/devices/srv0.home-ch.stefanjunker.de/configuration.nix
View file

@ -1,8 +1,7 @@
{ ... }: { ... }:
{ {
disabledModules = [ disabledModules = [ ];
];
imports = [ imports = [
../../profiles/common/configuration.nix ../../profiles/common/configuration.nix
../../modules/opinionatedDisk.nix ../../modules/opinionatedDisk.nix

6
nix/os/devices/srv0.home-ch.stefanjunker.de/hw.nix
View file

@ -20,8 +20,7 @@ let
"xhci_pci" "xhci_pci"
]; ];
in in {
{
# TASK: new device # TASK: new device
hardware.opinionatedDisk = { hardware.opinionatedDisk = {
enable = true; enable = true;
@ -31,6 +30,5 @@ in
boot.initrd.availableKernelModules = stage1Modules; boot.initrd.availableKernelModules = stage1Modules;
boot.initrd.kernelModules = stage1Modules; boot.initrd.kernelModules = stage1Modules;
boot.extraModprobeConfig = '' boot.extraModprobeConfig = "";
'';
} }

25
nix/os/devices/srv0.home-ch.stefanjunker.de/pkg.nix
View file

@ -1,22 +1,23 @@
{ config { config, pkgs, lib, ... }:
, pkgs
, lib
, ...
}:
{ {
nixpkgs.config.packageOverrides = pkgs: with pkgs; { nixpkgs.config.packageOverrides = pkgs:
nixPath = (import ../../../default.nix { versionsPath = ./versions.nix; }).nixPath; with pkgs; {
nixPath = (import ../../../default.nix {
versionsPath = ./versions.nix;
}).nixPath;
};
home-manager.users.steveej =
import ../../../home-manager/configuration/text-minimal.nix {
inherit pkgs;
}; };
home-manager.users.steveej = import ../../../home-manager/configuration/text-minimal.nix { inherit pkgs; };
nix.buildMachines = [ nix.buildMachines = [{
{ hostName = "localhost"; hostName = "localhost";
system = "x86_64-linux"; system = "x86_64-linux";
supportedFeatures = [ "kvm" "nixos-test" "big-parallel" "benchmark" ]; supportedFeatures = [ "kvm" "nixos-test" "big-parallel" "benchmark" ];
maxJobs = 4; maxJobs = 4;
} }];
];
# services.hydra = { # services.hydra = {
# enable = false; # enable = false;

27
nix/os/devices/srv0.home-ch.stefanjunker.de/system.nix
View file

@ -1,10 +1,6 @@
{ pkgs { pkgs, lib, config, ... }:
, lib
, config
, ... }:
let let keys = import ../../../variables/keys.nix;
keys = import ../../../variables/keys.nix;
in { in {
# TASK: new device # TASK: new device
@ -46,18 +42,12 @@ in {
# services.kubernetes.roles = ["master" "node"]; # services.kubernetes.roles = ["master" "node"];
# virtualization # virtualization
virtualisation = { virtualisation = { docker.enable = true; };
docker.enable = true;
};
nix.gc = { nix.gc = { automatic = true; };
automatic = true;
};
networking.useHostResolvConf = false; networking.useHostResolvConf = false;
services.resolved = { services.resolved = { enable = true; };
enable = true;
};
containers = { containers = {
mailserver = import ../../containers/mailserver.nix { mailserver = import ../../containers/mailserver.nix {
@ -87,12 +77,7 @@ in {
inherit config; inherit config;
hostAddress = "192.168.100.16"; hostAddress = "192.168.100.16";
localAddress = "192.168.100.17"; localAddress = "192.168.100.17";
subvolumes = [ subvolumes = [ "mailserver" "webserver" "backup" "syncthing" ];
"mailserver"
"webserver"
"backup"
"syncthing"
];
}; };
}; };

3
nix/os/devices/srv0.home-ch.stefanjunker.de/versions.nix
View file

@ -4,9 +4,8 @@ let
ref = "nixos-22.05"; ref = "nixos-22.05";
rev = "040c6d8374d090f46ab0e99f1f7c27a4529ecffd"; rev = "040c6d8374d090f46ab0e99f1f7c27a4529ecffd";
}; };
in
{ in {
inherit nixpkgs; inherit nixpkgs;
"channels-nixos-stable" = nixpkgs; "channels-nixos-stable" = nixpkgs;
"nixpkgs-master" = { "nixpkgs-master" = {

15
nix/os/devices/srv0.home-ch.stefanjunker.de/versions.tmpl.nix
View file

@ -2,21 +2,26 @@ let
nixpkgs = { nixpkgs = {
url = "https://github.com/NixOS/nixpkgs/"; url = "https://github.com/NixOS/nixpkgs/";
ref = "nixos-22.05"; ref = "nixos-22.05";
rev = "<% git ls-remote https://github.com/nixos/nixpkgs nixos-22.05 | awk '{ print $1 }' | tr -d '\n' -%>"; rev = ''
<% git ls-remote https://github.com/nixos/nixpkgs nixos-22.05 | awk '{ print $1 }' | tr -d '
' -%>'';
}; };
in
{ in {
inherit nixpkgs; inherit nixpkgs;
"channels-nixos-stable" = nixpkgs; "channels-nixos-stable" = nixpkgs;
"nixpkgs-master" = { "nixpkgs-master" = {
url = "https://github.com/NixOS/nixpkgs/"; url = "https://github.com/NixOS/nixpkgs/";
ref = "master"; ref = "master";
rev = "<% git ls-remote https://github.com/NixOS/nixpkgs.git master | head -n1 | awk '{ print $1 }' | tr -d '\n' -%>"; rev = ''
<% git ls-remote https://github.com/NixOS/nixpkgs.git master | head -n1 | awk '{ print $1 }' | tr -d '
' -%>'';
}; };
"home-manager-module" = { "home-manager-module" = {
url = "https://github.com/nix-community/home-manager"; url = "https://github.com/nix-community/home-manager";
ref = "release-22.05"; ref = "release-22.05";
rev = "<% git ls-remote https://github.com/nix-community/home-manager.git release-22.05 | awk '{ print $1 }' | tr -d '\n' -%>"; rev = ''
<% git ls-remote https://github.com/nix-community/home-manager.git release-22.05 | awk '{ print $1 }' | tr -d '
' -%>'';
}; };
} }

19
nix/os/devices/steveej-nuc7pjyh-work/user.nix
View file

@ -1,6 +1,4 @@
{ config { config, pkgs, ... }:
, pkgs
, ... }:
let let
passwords = import ../../../variables/passwords.crypt.nix; passwords = import ../../../variables/passwords.crypt.nix;
@ -11,10 +9,19 @@ in {
users.extraUsers.sjunker = mkUser { users.extraUsers.sjunker = mkUser {
uid = 1001; uid = 1001;
openssh.authorizedKeys.keys = keys.users.steveej.openssh; openssh.authorizedKeys.keys = keys.users.steveej.openssh;
shell = pkgs.posh { image = "quay.io/enarx/fedora"; run_args = "-v /dev/sgx:/dev/sgx"; }; shell = pkgs.posh {
image = "quay.io/enarx/fedora";
run_args = "-v /dev/sgx:/dev/sgx";
};
extraGroups = [ "sgx" ]; extraGroups = [ "sgx" ];
subUidRanges = [{ startUid = 100000; count = 65536; }]; subUidRanges = [{
subGidRanges = [{ startGid = 100000; count = 65536; }]; startUid = 100000;
count = 65536;
}];
subGidRanges = [{
startGid = 100000;
count = 65536;
}];
}; };
} }

4
nix/os/devices/steveej-pa600/boot.nix
View file

@ -1,6 +1,4 @@
{ lib { lib, ... }:
, ...
}:
{ {
boot.loader.grub.efiInstallAsRemovable = lib.mkForce true; boot.loader.grub.efiInstallAsRemovable = lib.mkForce true;

6
nix/os/devices/steveej-pa600/hw.nix
View file

@ -10,8 +10,7 @@ let
"hxci_hcd" "hxci_hcd"
]; ];
in in {
{
# TASK: new device # TASK: new device
hardware.opinionatedDisk = { hardware.opinionatedDisk = {
enable = true; enable = true;
@ -21,6 +20,5 @@ in
# boot.initrd.availableKernelModules = stage1Modules; # boot.initrd.availableKernelModules = stage1Modules;
boot.initrd.kernelModules = stage1Modules; boot.initrd.kernelModules = stage1Modules;
boot.extraModprobeConfig = '' boot.extraModprobeConfig = "";
'';
} }

16
nix/os/devices/steveej-pa600/pkg.nix
View file

@ -1,12 +1,16 @@
{ pkgs { pkgs, ... }:
, ...
}:
{ {
nixpkgs.config.packageOverrides = pkgs: with pkgs; { nixpkgs.config.packageOverrides = pkgs:
nixPath = (import ../../../default.nix { versionsPath = ./versions.nix; }).nixPath; with pkgs; {
nixPath = (import ../../../default.nix {
versionsPath = ./versions.nix;
}).nixPath;
};
home-manager.users.steveej =
import ../../../home-manager/configuration/graphical-fullblown.nix {
inherit pkgs;
}; };
home-manager.users.steveej = import ../../../home-manager/configuration/graphical-fullblown.nix { inherit pkgs; };
services.teamviewer.enable = true; services.teamviewer.enable = true;
system.stateVersion = "20.09"; system.stateVersion = "20.09";
} }

19
nix/os/devices/steveej-pa600/system.nix
View file

@ -1,10 +1,6 @@
{ pkgs { pkgs, lib, config, ... }:
, lib
, config
, ... }:
let let keys = import ../../../variables/keys.nix;
keys = import ../../../variables/keys.nix;
in { in {
# TASK: new device # TASK: new device
@ -21,11 +17,7 @@ in {
services.printing = { services.printing = {
enable = true; enable = true;
drivers = with pkgs; [ drivers = with pkgs; [ hplip mfcl3770cdw.driver mfcl3770cdw.cupswrapper ];
hplip
mfcl3770cdw.driver
mfcl3770cdw.cupswrapper
];
}; };
services.fprintd.enable = true; services.fprintd.enable = true;
@ -34,9 +26,8 @@ in {
sudo.fprintAuth = true; sudo.fprintAuth = true;
}; };
security.pki.certificateFiles = [ security.pki.certificateFiles =
"${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt" [ "${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt" ];
];
services.xserver.videoDrivers = [ "modesetting" ]; services.xserver.videoDrivers = [ "modesetting" ];
services.xserver.serverFlagsSection = '' services.xserver.serverFlagsSection = ''

4
nix/os/devices/steveej-pa600/user.nix
View file

@ -1,6 +1,4 @@
{ config { config, pkgs, ... }:
, pkgs
, ... }:
let let
passwords = import ../../../variables/passwords.crypt.nix; passwords = import ../../../variables/passwords.crypt.nix;

7
nix/os/devices/steveej-pa600/versions.nix
View file

@ -4,13 +4,10 @@ let
ref = "nixos-20.09"; ref = "nixos-20.09";
rev = "e065200fc90175a8f6e50e76ef10a48786126e1c"; rev = "e065200fc90175a8f6e50e76ef10a48786126e1c";
}; };
in
{ in {
inherit nixpkgs; inherit nixpkgs;
nixos = nixpkgs // { nixos = nixpkgs // { suffix = "/nixos"; };
suffix = "/nixos";
};
"channels-nixos-stable" = nixpkgs; "channels-nixos-stable" = nixpkgs;
"channels-nixos-unstable" = { "channels-nixos-unstable" = {
url = "https://github.com/NixOS/nixpkgs/"; url = "https://github.com/NixOS/nixpkgs/";

23
nix/os/devices/steveej-pa600/versions.tmpl.nix
View file

@ -2,29 +2,34 @@ let
nixpkgs = { nixpkgs = {
url = "https://github.com/NixOS/nixpkgs/"; url = "https://github.com/NixOS/nixpkgs/";
ref = "nixos-20.09"; ref = "nixos-20.09";
rev = "<% git ls-remote https://github.com/nixos/nixpkgs nixos-20.09 | awk '{ print $1 }' | tr -d '\n' -%>"; rev = ''
<% git ls-remote https://github.com/nixos/nixpkgs nixos-20.09 | awk '{ print $1 }' | tr -d '
' -%>'';
}; };
in
{ in {
inherit nixpkgs; inherit nixpkgs;
nixos = nixpkgs // { nixos = nixpkgs // { suffix = "/nixos"; };
suffix = "/nixos";
};
"channels-nixos-stable" = nixpkgs; "channels-nixos-stable" = nixpkgs;
"channels-nixos-unstable" = { "channels-nixos-unstable" = {
url = "https://github.com/NixOS/nixpkgs/"; url = "https://github.com/NixOS/nixpkgs/";
ref = "nixos-unstable"; ref = "nixos-unstable";
rev = "<% git ls-remote https://github.com/nixos/nixpkgs nixos-unstable | awk '{ print $1 }' | tr -d '\n' -%>"; rev = ''
<% git ls-remote https://github.com/nixos/nixpkgs nixos-unstable | awk '{ print $1 }' | tr -d '
' -%>'';
}; };
"nixpkgs-master" = { "nixpkgs-master" = {
url = "https://github.com/NixOS/nixpkgs/"; url = "https://github.com/NixOS/nixpkgs/";
ref = "master"; ref = "master";
rev = "<% git ls-remote https://github.com/NixOS/nixpkgs.git master | head -n1 | awk '{ print $1 }' | tr -d '\n' -%>"; rev = ''
<% git ls-remote https://github.com/NixOS/nixpkgs.git master | head -n1 | awk '{ print $1 }' | tr -d '
' -%>'';
}; };
"home-manager-module" = { "home-manager-module" = {
url = "https://github.com/nix-community/home-manager"; url = "https://github.com/nix-community/home-manager";
ref = "release-20.09"; ref = "release-20.09";
rev = "<% git ls-remote https://github.com/nix-community/home-manager.git release-20.09 | awk '{ print $1 }' | tr -d '\n' -%>"; rev = ''
<% git ls-remote https://github.com/nix-community/home-manager.git release-20.09 | awk '{ print $1 }' | tr -d '
' -%>'';
}; };
} }

3
nix/os/devices/steveej-rmvbl-mmc-SL32G_0x259093f6/system.nix
View file

@ -1,5 +1,6 @@
{ ... }: { ... }:
{ {
networking.hostName = "steveej-rmvbl-mmc-SL32G_0x259093f6"; # Define your hostname. networking.hostName =
"steveej-rmvbl-mmc-SL32G_0x259093f6"; # Define your hostname.
} }

7
nix/os/devices/steveej-rmvbl-sdep0/configuration.nix
View file

@ -1,8 +1,11 @@
{ ... }: { ... }:
{ {
nixpkgs.config.packageOverrides = pkgs: with pkgs; { nixpkgs.config.packageOverrides = pkgs:
nixPath = (import ../../../default.nix { versionsPath = ./versions.nix; }).nixPath; with pkgs; {
nixPath = (import ../../../default.nix {
versionsPath = ./versions.nix;
}).nixPath;
}; };
imports = [ imports = [

7
nix/os/devices/steveej-rmvbl-sdep0/versions.nix
View file

@ -4,13 +4,10 @@ let
ref = "nixos-21.11"; ref = "nixos-21.11";
rev = "386234e2a61e1e8acf94dfa3a3d3ca19a6776efb"; rev = "386234e2a61e1e8acf94dfa3a3d3ca19a6776efb";
}; };
in
{ in {
inherit nixpkgs; inherit nixpkgs;
nixos = nixpkgs // { nixos = nixpkgs // { suffix = "/nixos"; };
suffix = "/nixos";
};
"channels-nixos-stable" = nixpkgs; "channels-nixos-stable" = nixpkgs;
# "channels-nixos-21.05" = { # "channels-nixos-21.05" = {

5
nix/os/devices/steveej-t14/boot.nix
View file

@ -1,7 +1,4 @@
{ lib { lib, pkgs, ... }:
, pkgs
, ...
}:
{ {
boot.loader.grub.efiInstallAsRemovable = lib.mkForce true; boot.loader.grub.efiInstallAsRemovable = lib.mkForce true;

3
nix/os/devices/steveej-t14/hw.nix
View file

@ -11,8 +11,7 @@ let
"e1000e" "e1000e"
]; ];
in in {
{
# TASK: new device # TASK: new device
hardware.opinionatedDisk = { hardware.opinionatedDisk = {
enable = true; enable = true;

16
nix/os/devices/steveej-t14/pkg.nix
View file

@ -1,12 +1,16 @@
{ pkgs { pkgs, ... }:
, ...
}:
{ {
nixpkgs.config.packageOverrides = pkgs: with pkgs; { nixpkgs.config.packageOverrides = pkgs:
nixPath = (import ../../../default.nix { versionsPath = ./versions.nix; }).nixPath; with pkgs; {
nixPath = (import ../../../default.nix {
versionsPath = ./versions.nix;
}).nixPath;
};
home-manager.users.steveej =
import ../../../home-manager/configuration/graphical-fullblown.nix {
inherit pkgs;
}; };
home-manager.users.steveej = import ../../../home-manager/configuration/graphical-fullblown.nix { inherit pkgs; };
services.teamviewer.enable = true; services.teamviewer.enable = true;
system.stateVersion = "20.09"; system.stateVersion = "20.09";
} }

41
nix/os/devices/steveej-t14/system.nix
View file

@ -1,16 +1,10 @@
{ pkgs { pkgs, lib, config, ... }:
, lib
, config
, ... }:
let let keys = import ../../../variables/keys.nix;
keys = import ../../../variables/keys.nix;
in { in {
nix = { nix = {
binaryCaches = [ binaryCaches =
"https://holochain-ci.cachix.org" [ "https://holochain-ci.cachix.org" "https://cache.holo.host/" ];
"https://cache.holo.host/"
];
binaryCachePublicKeys = [ binaryCachePublicKeys = [
"holochain-ci.cachix.org-1:5IUSkZc0aoRS53rfkvH9Kid40NpyjwCMCzwRTXy+QN8=" "holochain-ci.cachix.org-1:5IUSkZc0aoRS53rfkvH9Kid40NpyjwCMCzwRTXy+QN8="
"cache.holo.host-1:lNXIXtJgS9Iuw4Cu6X0HINLu9sTfcjEntnrgwMQIMcE=" "cache.holo.host-1:lNXIXtJgS9Iuw4Cu6X0HINLu9sTfcjEntnrgwMQIMcE="
@ -22,9 +16,10 @@ in {
networking.hostName = "steveej-t14"; # Define your hostname. networking.hostName = "steveej-t14"; # Define your hostname.
networking.bridges."virbr1".interfaces = [ ]; networking.bridges."virbr1".interfaces = [ ];
networking.interfaces."virbr1".ipv4.addresses = [ networking.interfaces."virbr1".ipv4.addresses = [{
{ address = "10.254.254.254"; prefixLength = 24; } address = "10.254.254.254";
]; prefixLength = 24;
}];
networking.firewall.enable = true; networking.firewall.enable = true;
networking.firewall.allowedTCPPorts = [ networking.firewall.allowedTCPPorts = [
@ -40,11 +35,7 @@ in {
services.printing = { services.printing = {
enable = true; enable = true;
drivers = with pkgs; [ drivers = with pkgs; [ hplip mfcl3770cdw.driver mfcl3770cdw.cupswrapper ];
hplip
mfcl3770cdw.driver
mfcl3770cdw.cupswrapper
];
}; };
services.fprintd.enable = true; services.fprintd.enable = true;
@ -55,9 +46,7 @@ in {
# virtualization # virtualization
virtualisation = { virtualisation = {
libvirtd = { libvirtd = { enable = true; };
enable = true;
};
virtualbox.host = { virtualbox.host = {
enable = false; enable = false;
@ -74,14 +63,10 @@ in {
# client min protocol = NT1 # client min protocol = NT1
''; '';
security.pki.certificateFiles =
[ "${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt" ];
security.pki.certificateFiles = [ services.xserver.videoDrivers = lib.mkForce [ "amdgpu" ];
"${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt"
];
services.xserver.videoDrivers = lib.mkForce [
"amdgpu"
];
services.xserver.serverFlagsSection = '' services.xserver.serverFlagsSection = ''
Option "BlankTime" "0" Option "BlankTime" "0"
Option "StandbyTime" "0" Option "StandbyTime" "0"

4
nix/os/devices/steveej-t14/user.nix
View file

@ -1,6 +1,4 @@
{ config { config, pkgs, ... }:
, pkgs
, ... }:
let let
passwords = import ../../../variables/passwords.crypt.nix; passwords = import ../../../variables/passwords.crypt.nix;

7
nix/os/devices/steveej-t14/versions.nix
View file

@ -4,13 +4,10 @@ let
ref = "nixos-22.05"; ref = "nixos-22.05";
rev = "6107f97012a0c134c5848125b5aa1b149b76d2c9"; rev = "6107f97012a0c134c5848125b5aa1b149b76d2c9";
}; };
in
{ in {
inherit nixpkgs; inherit nixpkgs;
nixos = nixpkgs // { nixos = nixpkgs // { suffix = "/nixos"; };
suffix = "/nixos";
};
"channels-nixos-stable" = nixpkgs; "channels-nixos-stable" = nixpkgs;
"channels-nixos-unstable" = { "channels-nixos-unstable" = {
url = "https://github.com/NixOS/nixpkgs/"; url = "https://github.com/NixOS/nixpkgs/";

27
nix/os/devices/steveej-t14/versions.tmpl.nix
View file

@ -2,34 +2,41 @@ let
nixpkgs = { nixpkgs = {
url = "https://github.com/NixOS/nixpkgs/"; url = "https://github.com/NixOS/nixpkgs/";
ref = "nixos-22.05"; ref = "nixos-22.05";
rev = "<% git ls-remote https://github.com/nixos/nixpkgs nixos-22.05 | awk '{ print $1 }' | tr -d '\n' -%>"; rev = ''
<% git ls-remote https://github.com/nixos/nixpkgs nixos-22.05 | awk '{ print $1 }' | tr -d '
' -%>'';
}; };
in
{ in {
inherit nixpkgs; inherit nixpkgs;
nixos = nixpkgs // { nixos = nixpkgs // { suffix = "/nixos"; };
suffix = "/nixos";
};
"channels-nixos-stable" = nixpkgs; "channels-nixos-stable" = nixpkgs;
"channels-nixos-unstable" = { "channels-nixos-unstable" = {
url = "https://github.com/NixOS/nixpkgs/"; url = "https://github.com/NixOS/nixpkgs/";
ref = "nixos-unstable"; ref = "nixos-unstable";
rev = "<% git ls-remote https://github.com/nixos/nixpkgs nixos-unstable | awk '{ print $1 }' | tr -d '\n' -%>"; rev = ''
<% git ls-remote https://github.com/nixos/nixpkgs nixos-unstable | awk '{ print $1 }' | tr -d '
' -%>'';
}; };
"channels-nixos-unstable-small" = { "channels-nixos-unstable-small" = {
url = "https://github.com/NixOS/nixpkgs/"; url = "https://github.com/NixOS/nixpkgs/";
ref = "nixos-unstable-small"; ref = "nixos-unstable-small";
rev = "<% git ls-remote https://github.com/nixos/nixpkgs nixos-unstable-small | awk '{ print $1 }' | tr -d '\n' -%>"; rev = ''
<% git ls-remote https://github.com/nixos/nixpkgs nixos-unstable-small | awk '{ print $1 }' | tr -d '
' -%>'';
}; };
"nixpkgs-master" = { "nixpkgs-master" = {
url = "https://github.com/NixOS/nixpkgs/"; url = "https://github.com/NixOS/nixpkgs/";
ref = "master"; ref = "master";
rev = "<% git ls-remote https://github.com/NixOS/nixpkgs.git master | head -n1 | awk '{ print $1 }' | tr -d '\n' -%>"; rev = ''
<% git ls-remote https://github.com/NixOS/nixpkgs.git master | head -n1 | awk '{ print $1 }' | tr -d '
' -%>'';
}; };
"home-manager-module" = { "home-manager-module" = {
url = "https://github.com/nix-community/home-manager"; url = "https://github.com/nix-community/home-manager";
ref = "release-22.05"; ref = "release-22.05";
rev = "<% git ls-remote https://github.com/nix-community/home-manager.git release-22.05 | awk '{ print $1 }' | tr -d '\n' -%>"; rev = ''
<% git ls-remote https://github.com/nix-community/home-manager.git release-22.05 | awk '{ print $1 }' | tr -d '
' -%>'';
}; };
} }

Some files were not shown because too many files have changed in this diff Show more