From 93b1488bd9ebc34e0e0df60e1afd9aa5c5b76999 Mon Sep 17 00:00:00 2001 From: Stefan Junker Date: Tue, 30 Oct 2018 13:38:36 +0100 Subject: [PATCH] make * composable; add install medium; archive prevoius code --- Justfile | 16 + README.md | 42 +++ .../container-images}/build.sh | 0 .../container-images}/default.nix | 0 .../environments}/dev/cross.nix | 0 .../environments}/dev/go/default.nix | 0 .../environments}/dev/go/neovim-go.nix | 0 .../environments}/dev/pandoc.nix | 0 .../environments}/dev/rkt.nix | 0 .../environments}/dev/rust/.envrc | 0 .../environments}/dev/rust/default.nix | 0 .../environments}/dev/vim-go.nix | 0 .../environments}/dev/vim-pandoc.nix | 0 .../environments}/dev/vim-rust.nix | 0 .../environments}/fhs/android.nix | 0 .../environments}/fhs/vscode.nix | 0 .../common/pkg/neovim.nix | 0 .../nixos-configuration}/common/pkg/vim.nix | 0 .../common/user/steveej.nix | 0 {ops => nixops}/nano/configuration.nix | 0 .../nano/hardware-configuration.nix | 0 {ops => nixops}/nanos@kn.nix | 0 nixos-configuration/common/keys.nix | 7 - nixos-configuration/common/lib/default.nix | 24 -- .../common/steveej-live-usb/configuration.nix | 15 - .../common/steveej-live-usb/user.nix | 51 --- nixos-configuration/common/user/root.nix | 14 - .../steveej-laptop/configuration.nix | 15 - nixos-configuration/steveej-laptop/system.nix | 320 ------------------ nixos-configuration/steveej-laptop/user.nix | 26 -- .../steveej-laptop2/configuration.nix | 154 --------- .../hardware-configuration.nix | 71 ---- .../configuration.nix | 20 -- .../hw.nix | 51 --- .../system.nix | 8 - nixos/devices/default.nix | 62 ++++ .../devices}/steveej-laptop/boot.nix | 0 .../devices/steveej-laptop/configuration.nix | 14 + .../devices}/steveej-laptop/hw.nix | 2 +- .../devices}/steveej-laptop/pkg.nix | 16 - nixos/devices/steveej-laptop/system.nix | 57 ++++ nixos/devices/steveej-laptop/user.nix | 18 + .../configuration.nix | 12 + .../steveej-live-mmc-SL32G_0x259093f6/hw.nix | 5 + .../system.nix | 5 + .../steveej-utilitepro/configuration.nix | 0 .../hardware-configuration.nix | 0 .../utilitepro-kernel-dts-Makefile.patch | 0 .../patches/utilitepro-kernel-dts.patch | 0 nixos/lib/default.nix | 28 ++ nixos/modules/encryptedDisk.nix | 64 ++++ nixos/modules/natrouter.nix | 26 ++ nixos/profiles/common/configuration.nix | 9 + .../profiles/common/pkg.nix | 0 nixos/profiles/common/system.nix | 88 +++++ nixos/profiles/common/user.nix | 19 ++ nixos/profiles/graphical/configuration.nix | 9 + .../profiles/graphical}/system.nix | 182 +++------- .../profiles/install-medium/iso}/Justfile | 0 .../profiles/install-medium/iso}/iso.nix | 0 .../profiles/removable-medium}/boot.nix | 0 .../removable-medium/configuration.nix | 12 + .../profiles/removable-medium}/hw.nix | 3 +- .../profiles/removable-medium}/pkg.nix | 24 ++ nixos/profiles/removable-medium/system.nix | 16 + pkg-configuration/vim-derivates/commonrc.nix | 124 ------- pkg-configuration/vim-derivates/neovim.nix | 38 --- pkg-configuration/vim-derivates/vim.nix | 30 -- .../config.nix | 0 .../home-manager/steveej/neovim/default.nix | 130 +++++++ .../home-manager/steveej/neovim/vimrc | 246 ++++++++++++++ scripts/nixos-install.sh | 4 - variables/keys.nix | 10 + .../common => variables}/passwords.crypt.nix | Bin 74 files changed, 955 insertions(+), 1132 deletions(-) create mode 100755 Justfile create mode 100644 README.md rename {container-images => _archive/container-images}/build.sh (100%) rename {container-images => _archive/container-images}/default.nix (100%) rename {environments => _archive/environments}/dev/cross.nix (100%) rename {environments => _archive/environments}/dev/go/default.nix (100%) rename {environments => _archive/environments}/dev/go/neovim-go.nix (100%) rename {environments => _archive/environments}/dev/pandoc.nix (100%) rename {environments => _archive/environments}/dev/rkt.nix (100%) rename {environments => _archive/environments}/dev/rust/.envrc (100%) rename {environments => _archive/environments}/dev/rust/default.nix (100%) rename {environments => _archive/environments}/dev/vim-go.nix (100%) rename {environments => _archive/environments}/dev/vim-pandoc.nix (100%) rename {environments => _archive/environments}/dev/vim-rust.nix (100%) rename {environments => _archive/environments}/fhs/android.nix (100%) rename {environments => _archive/environments}/fhs/vscode.nix (100%) rename {nixos-configuration => _archive/nixos-configuration}/common/pkg/neovim.nix (100%) rename {nixos-configuration => _archive/nixos-configuration}/common/pkg/vim.nix (100%) rename {nixos-configuration => _archive/nixos-configuration}/common/user/steveej.nix (100%) rename {ops => nixops}/nano/configuration.nix (100%) rename {ops => nixops}/nano/hardware-configuration.nix (100%) rename {ops => nixops}/nanos@kn.nix (100%) delete mode 100644 nixos-configuration/common/keys.nix delete mode 100644 nixos-configuration/common/lib/default.nix delete mode 100644 nixos-configuration/common/steveej-live-usb/configuration.nix delete mode 100644 nixos-configuration/common/steveej-live-usb/user.nix delete mode 100644 nixos-configuration/common/user/root.nix delete mode 100644 nixos-configuration/steveej-laptop/configuration.nix delete mode 100644 nixos-configuration/steveej-laptop/system.nix delete mode 100644 nixos-configuration/steveej-laptop/user.nix delete mode 100644 nixos-configuration/steveej-laptop2/configuration.nix delete mode 100644 nixos-configuration/steveej-laptop2/hardware-configuration.nix delete mode 100644 nixos-configuration/steveej-live-usb-mmc-SL32G_0x259093f6/configuration.nix delete mode 100644 nixos-configuration/steveej-live-usb-mmc-SL32G_0x259093f6/hw.nix delete mode 100644 nixos-configuration/steveej-live-usb-mmc-SL32G_0x259093f6/system.nix create mode 100644 nixos/devices/default.nix rename {nixos-configuration => nixos/devices}/steveej-laptop/boot.nix (100%) create mode 100644 nixos/devices/steveej-laptop/configuration.nix rename {nixos-configuration => nixos/devices}/steveej-laptop/hw.nix (98%) rename {nixos-configuration => nixos/devices}/steveej-laptop/pkg.nix (79%) create mode 100644 nixos/devices/steveej-laptop/system.nix create mode 100644 nixos/devices/steveej-laptop/user.nix create mode 100644 nixos/devices/steveej-live-mmc-SL32G_0x259093f6/configuration.nix create mode 100644 nixos/devices/steveej-live-mmc-SL32G_0x259093f6/hw.nix create mode 100644 nixos/devices/steveej-live-mmc-SL32G_0x259093f6/system.nix rename {nixos-configuration => nixos/devices}/steveej-utilitepro/configuration.nix (100%) rename {nixos-configuration => nixos/devices}/steveej-utilitepro/hardware-configuration.nix (100%) rename {nixos-configuration => nixos/devices}/steveej-utilitepro/patches/utilitepro-kernel-dts-Makefile.patch (100%) rename {nixos-configuration => nixos/devices}/steveej-utilitepro/patches/utilitepro-kernel-dts.patch (100%) create mode 100644 nixos/lib/default.nix create mode 100644 nixos/modules/encryptedDisk.nix create mode 100644 nixos/modules/natrouter.nix create mode 100644 nixos/profiles/common/configuration.nix rename nixos-configuration/common/pkg/default.nix => nixos/profiles/common/pkg.nix (100%) create mode 100644 nixos/profiles/common/system.nix create mode 100644 nixos/profiles/common/user.nix create mode 100644 nixos/profiles/graphical/configuration.nix rename {nixos-configuration/common/steveej-live-usb => nixos/profiles/graphical}/system.nix (55%) rename {nixos-configuration/vm-install-iso => nixos/profiles/install-medium/iso}/Justfile (100%) rename {nixos-configuration/vm-install-iso => nixos/profiles/install-medium/iso}/iso.nix (100%) rename {nixos-configuration/common/steveej-live-usb => nixos/profiles/removable-medium}/boot.nix (100%) create mode 100644 nixos/profiles/removable-medium/configuration.nix rename {nixos-configuration/common/steveej-live-usb => nixos/profiles/removable-medium}/hw.nix (63%) rename {nixos-configuration/common/steveej-live-usb => nixos/profiles/removable-medium}/pkg.nix (92%) create mode 100644 nixos/profiles/removable-medium/system.nix delete mode 100644 pkg-configuration/vim-derivates/commonrc.nix delete mode 100644 pkg-configuration/vim-derivates/neovim.nix delete mode 100644 pkg-configuration/vim-derivates/vim.nix rename {pkg-configuration => pkgs-configuration}/config.nix (100%) create mode 100644 pkgs-configuration/home-manager/steveej/neovim/default.nix create mode 100644 pkgs-configuration/home-manager/steveej/neovim/vimrc delete mode 100755 scripts/nixos-install.sh create mode 100644 variables/keys.nix rename {nixos-configuration/common => variables}/passwords.crypt.nix (100%) diff --git a/Justfile b/Justfile new file mode 100755 index 0000000..24094b4 --- /dev/null +++ b/Justfile @@ -0,0 +1,16 @@ +devices action dir +moreargs="": + #!/usr/bin/env bash + set -x + sudo $(nix-build --no-link --show-trace $(dirname {{dir}})/default.nix -A {{action}} --argstr dir {{dir}} {{moreargs}} ) + +diskMount dir: + just -v devices diskMount {{dir}} + +diskUmount dir: + just -v devices diskUmount {{dir}} + +diskInstall dir: + just -v devices diskInstall {{dir}} + +device-rebuild dir rebuildarg="build": + just -v devices rebuild {{dir}} --argstr rebuildarg {{rebuildarg}} diff --git a/README.md b/README.md new file mode 100644 index 0000000..e051c26 --- /dev/null +++ b/README.md @@ -0,0 +1,42 @@ +# steveej's infra +This repository helps me to manage all computer infrastructure. +This is mostly achieved with the help of [Nix](https://nixos.org). + +In the unlikely case that you actually read this and have any questions please don't hesitate to reach out. + +## Roadmap +- All graphical systems (incl. install media) must have + - [x] Full-disk encryption by default + - [x] Yubikey support with SSH auth +- [ ] Migrate all devices to new structure + - [x] Encrypted Install media + - [ ] steveej-laptop + - [ ] steveej-laptop-work +- [ ] Toplevel Justfile for simple actions + - [x] mount/umount disks + - [x] install to mounted disk + - [x] rebuild running system + - [ ] update running system + - [ ] partition/encrypt/format disks + - [ ] annotate recipes with some documentation + - [ ] declare shell.nix with runtime deps +- [ ] Document bootstrap process +- [ ] Incorporate home environment + - [ ] home-manager + - [ ] dotfiles + - [ ] Modification strategy for tracked dotfiles + - [ ] pkgs-configuration + - [ ] development environments +- [ ] Automatic backups + - [ ] tracked dotfiles + - [ ] detect new and untracked dotfiles? +- [ ] Design disaster recovery +- [ ] Recycle *\_archived* +- [ ] Maybe make this a nix-overlay + +## Usage +*(These are reminders for my future self)* + +``` +just --list +``` diff --git a/container-images/build.sh b/_archive/container-images/build.sh similarity index 100% rename from container-images/build.sh rename to _archive/container-images/build.sh diff --git a/container-images/default.nix b/_archive/container-images/default.nix similarity index 100% rename from container-images/default.nix rename to _archive/container-images/default.nix diff --git a/environments/dev/cross.nix b/_archive/environments/dev/cross.nix similarity index 100% rename from environments/dev/cross.nix rename to _archive/environments/dev/cross.nix diff --git a/environments/dev/go/default.nix b/_archive/environments/dev/go/default.nix similarity index 100% rename from environments/dev/go/default.nix rename to _archive/environments/dev/go/default.nix diff --git a/environments/dev/go/neovim-go.nix b/_archive/environments/dev/go/neovim-go.nix similarity index 100% rename from environments/dev/go/neovim-go.nix rename to _archive/environments/dev/go/neovim-go.nix diff --git a/environments/dev/pandoc.nix b/_archive/environments/dev/pandoc.nix similarity index 100% rename from environments/dev/pandoc.nix rename to _archive/environments/dev/pandoc.nix diff --git a/environments/dev/rkt.nix b/_archive/environments/dev/rkt.nix similarity index 100% rename from environments/dev/rkt.nix rename to _archive/environments/dev/rkt.nix diff --git a/environments/dev/rust/.envrc b/_archive/environments/dev/rust/.envrc similarity index 100% rename from environments/dev/rust/.envrc rename to _archive/environments/dev/rust/.envrc diff --git a/environments/dev/rust/default.nix b/_archive/environments/dev/rust/default.nix similarity index 100% rename from environments/dev/rust/default.nix rename to _archive/environments/dev/rust/default.nix diff --git a/environments/dev/vim-go.nix b/_archive/environments/dev/vim-go.nix similarity index 100% rename from environments/dev/vim-go.nix rename to _archive/environments/dev/vim-go.nix diff --git a/environments/dev/vim-pandoc.nix b/_archive/environments/dev/vim-pandoc.nix similarity index 100% rename from environments/dev/vim-pandoc.nix rename to _archive/environments/dev/vim-pandoc.nix diff --git a/environments/dev/vim-rust.nix b/_archive/environments/dev/vim-rust.nix similarity index 100% rename from environments/dev/vim-rust.nix rename to _archive/environments/dev/vim-rust.nix diff --git a/environments/fhs/android.nix b/_archive/environments/fhs/android.nix similarity index 100% rename from environments/fhs/android.nix rename to _archive/environments/fhs/android.nix diff --git a/environments/fhs/vscode.nix b/_archive/environments/fhs/vscode.nix similarity index 100% rename from environments/fhs/vscode.nix rename to _archive/environments/fhs/vscode.nix diff --git a/nixos-configuration/common/pkg/neovim.nix b/_archive/nixos-configuration/common/pkg/neovim.nix similarity index 100% rename from nixos-configuration/common/pkg/neovim.nix rename to _archive/nixos-configuration/common/pkg/neovim.nix diff --git a/nixos-configuration/common/pkg/vim.nix b/_archive/nixos-configuration/common/pkg/vim.nix similarity index 100% rename from nixos-configuration/common/pkg/vim.nix rename to _archive/nixos-configuration/common/pkg/vim.nix diff --git a/nixos-configuration/common/user/steveej.nix b/_archive/nixos-configuration/common/user/steveej.nix similarity index 100% rename from nixos-configuration/common/user/steveej.nix rename to _archive/nixos-configuration/common/user/steveej.nix diff --git a/ops/nano/configuration.nix b/nixops/nano/configuration.nix similarity index 100% rename from ops/nano/configuration.nix rename to nixops/nano/configuration.nix diff --git a/ops/nano/hardware-configuration.nix b/nixops/nano/hardware-configuration.nix similarity index 100% rename from ops/nano/hardware-configuration.nix rename to nixops/nano/hardware-configuration.nix diff --git a/ops/nanos@kn.nix b/nixops/nanos@kn.nix similarity index 100% rename from ops/nanos@kn.nix rename to nixops/nanos@kn.nix diff --git a/nixos-configuration/common/keys.nix b/nixos-configuration/common/keys.nix deleted file mode 100644 index 33ebf40..0000000 --- a/nixos-configuration/common/keys.nix +++ /dev/null @@ -1,7 +0,0 @@ -{ - openssh = { - steveej = [ - "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC4RFtHz0sE5y0AyZZm/tH7bBBgsx55gLPt5tGsl9yZlOzih6n4qbJE/9OOdwnOY2AHRe2lrlTekbW5ewWSBBCbiBE3Vux86sLgy7LM9zoKaNC+E3hmxaoS9SExn0BTkb3kNlOcj2k6UyJhkZWEsqVMV5C21R8EWmMlLY/qm3AxptNjOyzKDwNX2zlHZ5IyjgzO4ZjIxjawmJlUrVEn7/m+M7qK3I1Tyg/ZvDSfmxVJS97sVzseYE0rVwLEWJQOnHh0wnfl27smr2McAB7Cy6sxKyPKvEGyXbNqqb8fqk4okZlRRxhq/XkKlC7IZr+uqYxlL4HN8vjkTRNlgenDUSVT cardno:000604870382" - ]; - }; -} diff --git a/nixos-configuration/common/lib/default.nix b/nixos-configuration/common/lib/default.nix deleted file mode 100644 index aa1aad3..0000000 --- a/nixos-configuration/common/lib/default.nix +++ /dev/null @@ -1,24 +0,0 @@ -let - keys = import ../keys.nix; - -in - -{ - mkUser = {uid, hashedPassword, ... } @ args: args // { - inherit uid hashedPassword; - isNormalUser = true; - extraGroups = [ - "docker" - "wheel" - "libvirtd" - "networkmanager" - "vboxusers" - "users" - "input" - "audio" - "video" - "cdrom" - ]; - }; -} - diff --git a/nixos-configuration/common/steveej-live-usb/configuration.nix b/nixos-configuration/common/steveej-live-usb/configuration.nix deleted file mode 100644 index b49f937..0000000 --- a/nixos-configuration/common/steveej-live-usb/configuration.nix +++ /dev/null @@ -1,15 +0,0 @@ -# Edit this configuration file to define what should be installed on -# your system. Help is available in the configuration.nix(5) man page -# and in the NixOS manual (accessible by running ‘nixos-help’). - -{ config, pkgs, ... }: - -{ - imports = [ - ./pkg.nix - ./hw.nix - ./system.nix - ./user.nix - ./boot.nix - ]; -} diff --git a/nixos-configuration/common/steveej-live-usb/user.nix b/nixos-configuration/common/steveej-live-usb/user.nix deleted file mode 100644 index 6d53acd..0000000 --- a/nixos-configuration/common/steveej-live-usb/user.nix +++ /dev/null @@ -1,51 +0,0 @@ -{ config -, pkgs -, ... }: - -let - passwords = import ../common/passwords.crypt.nix; - mkUser = {uid, hashedPassword, ... } @ args: args // { - inherit uid hashedPassword; - isNormalUser = true; - extraGroups = [ - "docker" - "wheel" - "libvirtd" - "networkmanager" - "vboxusers" - "users" - "input" - "audio" - "video" - "cdrom" - ]; - }; - -in -{ - users.mutableUsers = false; - users.defaultUserShell = pkgs.zsh; - - users.extraUsers.root = { - hashedPassword = passwords.users.root; - openssh.authorizedKeys.keys = ["ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQD3niN5KcIYikRhXTYZCSehI1ZQs+vvG/dZ7KxNVHslfsS+p1yTycXcZFtDDn5vtG2fAo3yksxCk+G10/AWQ+NMOcFKuAi5qTOYSLbEcHVlZ4ko8sDUe3fF79vrCqY7IWbKKjZ4DH77Qs6SXk5GIlNaIzxut8Dpv8qHnkPiPuFgrJC4oGk60ZKmCPvOEpgg9twcdI6ykIxD4Fg+hHgG1p07uSEcm9EADli8RsU3UJ1UBhXMohMC6HrKVBkBX9wTo+zY+xqXxxem6xGNnkNiZLACfhCnjXv39zh85pgFuNv7R8SzVZQ9iRoCmax/w3JtWdDjqoTGgLfJyhMMjNdjVHOx steveej@steveej-laptop"]; - }; - - users.extraUsers.steveej = mkUser { - uid = 1000; - hashedPassword = passwords.users.steveej; - }; - - users.extraUsers.steveej2 = mkUser { - uid = 1001; - hashedPassword = passwords.users.steveej2; - }; - - users.extraUsers.steveej3 = mkUser { - uid = 1002; - hashedPassword = passwords.users.steveej; - }; - - security.pam.enableU2F = true; - security.pam.services.steveej.u2fAuth = true; -} diff --git a/nixos-configuration/common/user/root.nix b/nixos-configuration/common/user/root.nix deleted file mode 100644 index 58dd395..0000000 --- a/nixos-configuration/common/user/root.nix +++ /dev/null @@ -1,14 +0,0 @@ -{ config -, pkgs -, ... }: - -let - passwords = import ../passwords.crypt.nix; - keys = import ../keys.nix; -in { - users.mutableUsers = false; - users.extraUsers.root = { - hashedPassword = passwords.users.root; - openssh.authorizedKeys.keys = keys.openssh.steveej; - }; -} diff --git a/nixos-configuration/steveej-laptop/configuration.nix b/nixos-configuration/steveej-laptop/configuration.nix deleted file mode 100644 index b49f937..0000000 --- a/nixos-configuration/steveej-laptop/configuration.nix +++ /dev/null @@ -1,15 +0,0 @@ -# Edit this configuration file to define what should be installed on -# your system. Help is available in the configuration.nix(5) man page -# and in the NixOS manual (accessible by running ‘nixos-help’). - -{ config, pkgs, ... }: - -{ - imports = [ - ./pkg.nix - ./hw.nix - ./system.nix - ./user.nix - ./boot.nix - ]; -} diff --git a/nixos-configuration/steveej-laptop/system.nix b/nixos-configuration/steveej-laptop/system.nix deleted file mode 100644 index 3cb446b..0000000 --- a/nixos-configuration/steveej-laptop/system.nix +++ /dev/null @@ -1,320 +0,0 @@ -{ config, lib, pkgs, ... }: - - -let - gitpkgs = import /home/steveej/src/github/NixOS/nixpkgs {}; - unstablepkgs = import {}; - -in - -rec { - nix.binaryCachePublicKeys = [ - # "hydra.nixos.org-1:CNHJZBh9K4tP3EKF6FkkgeVYsS3ohTl+oS0Qa8bezVs=" - ]; - nix.binaryCaches = [ - "https://cache.nixos.org" - # "https://hydra.nixos.org" - ]; - nix.trustedBinaryCaches = [ - "https://cache.nixos.org" - # "https://hydra.nixos.org" - ]; - - nix.daemonNiceLevel = 19; - nix.daemonIONiceLevel = 7; - - nix.package = unstablepkgs.nixStable; - - nix.useSandbox = true; - - # The NixOS release to be compatible with for stateful data such as databases. - # system.stateVersion = "unstable"; - networking.hostName = "steveej-laptop"; # Define your hostname. - - networking.hosts = { - "160.85.37.177" = [ "splabchat" ]; - }; - - networking.firewall.enable = true; - networking.firewall.checkReversePath = false; - - # Provide a NAT/DHCP Router - # - # networking.nat.enable = true; - # networking.nat.internalInterfaces = [ "enp0s20f0u4u1u3" ]; - # networking.nat.externalInterface = "wlp1s0"; - # networking.interfaces."enp0s20f0u4u1u3".ipv4.addresses = [ - # { address = "10.254.253.254"; prefixLength = 24; } - # ]; - # services.dnsmasq = { - # enable = true; - # servers = [ "8.8.8.8" "8.8.4.4" ]; - # extraConfig = '' - # domain=lan - # interface=enp0s20f0u4u1u3 - # bind-interfaces - # dhcp-range=10.254.253.100,10.254.253.199,1h - # ''; - # }; - - networking.networkmanager = { - enable = true; - dns = "dnsmasq"; - unmanaged = [ - "interface-name:veth*" - "interface-name:virbr*" - "interface-name:br*" - "interface-name:*vbox*" - "interface-name:*cni*" - ]; - }; - # Used for testing local Tectonic clusters - environment.etc."NetworkManager/dnsmasq.d/tectonic.conf".text = '' - server=/tt.testing/192.168.124.1 - server=/tectonic-ci.de/192.168.124.1 - server=/tectonic-ci.lan/192.168.124.1 - ''; - - networking.bridges."virbr1".interfaces = []; - networking.interfaces."virbr1".ipv4.addresses = [ - { address = "10.254.254.254"; prefixLength = 24; } - ]; - - programs.zsh = { - enable = false; -# enableAutosuggestions = true; # enableCompletion = true; -# syntaxHighlighting.enable = true; -# syntaxHighlighting.patterns = {}; -# ohMyZsh = { -# enable = true; -# theme = "tjkirch"; -# }; -# promptInit = '' -# autoload -U promptinit -# promptinit -# ZSH_THEME_GIT_PROMPT_PREFIX='@ ' -# PROMPT='%F{%(!.red.green)}%n%f@%m %(?.%F{green}✓%f.%F{red}✗ ($?%))%f %F{blue}%~%f %F{magenta}$(git_prompt_info)%f -#%_%F{%(!.red.green)}$(prompt_char)%f ' -# RPROMPT="" -# ''; -# interactiveShellInit = '' -# ''; - }; - - programs.bash = { - enableCompletion = true; - promptInit = '' - function exitstatus() { - if [[ $? -eq 0 ]]; then - printf '✓' - else - printf '✗' - fi - } - function nixshellEval { - if [[ "$1" != "" ]]; then - printf "»$1« " - fi - } - function setPS1 { - if test "$TERM" != "dumb"; then - # Provide a nice prompt. - BLUE="\[\033[0;34m\]" - RED="\[\033[1;31m\]" - GREEN="\[\033[1;32m\]" - NO_COLOR="\[\033[0m\]" - - PROMPT_COLOR=$RED - let $UID && PROMPT_COLOR=$GREEN - PS1="$PROMPT_COLOR\u$NO_COLOR@\h \$(exitstatus) \$(nixshellEval $1)$BLUE\w$NO_COLOR\n$PROMPT_COLOR\\$ $NO_COLOR" - if test "$TERM" = "xterm"; then - PS1="\[\033]2;\h:\u:\w\007\]$PS1" - fi - fi - } - setPS1 - ''; - }; - - environment.sessionVariables = { - NIXPKGS_ALLOW_UNFREE = "1"; - - # Don't create .pyc files. - PYTHONDONTWRITEBYTECODE = "1"; - }; - - environment.etc."lvm/lvm.conf".text = '' - devices { - issue_discards = 1 - } - ''; - - environment.pathsToLink = [ "/share/zsh" ]; - - # Fonts, I18N, Date ... - fonts = { - enableCoreFonts = true; - }; - - i18n = { - consoleFont = "lat9w-16"; - defaultLocale = "en_US.UTF-8"; - }; - time.timeZone = "Europe/Berlin"; - #time.timeZone = "America/Los_Angeles"; - - # Services - services.gpm.enable = true; - services.openssh.enable = true; - services.openssh.permitRootLogin = "yes"; - - services.gnome3 = { - gnome-disks.enable = false; - gnome-documents.enable = false; - gnome-online-miners.enable = false; - gnome-user-share.enable = false; - gnome-terminal-server.enable = false; - gpaste.enable = false; - sushi.enable = false; - tracker.enable = false; - - # FIXME: gnome should be moved to user session - seahorse.enable = true; - gvfs.enable = true; - at-spi2-core.enable = true; - evolution-data-server.enable = true; - gnome-online-accounts.enable = true; - gnome-keyring.enable = true; - }; - - services.teamviewer.enable = false; - - services.printing = { - enable = true; - drivers = [ - pkgs.hplip - unstablepkgs.cups-kyodialog3 - unstablepkgs.mfcj6510dwlpr - unstablepkgs.mfcj6510dw-cupswrapper - ]; - }; - - services.pcscd.enable = true; - services.xserver = { - enable = true; - libinput.enable = true; - libinput.naturalScrolling = true; - - videoDrivers = [ "qxl" "modesetting" ]; - xkbVariant = "altgr-intl"; - xkbOptions = "nodeadkeys"; - - desktopManager = { - # FIXME: gnome should be moved to user session - gnome3.enable = true; - - xterm.enable = true; - plasma5.enable = false; - }; - - displayManager = { - gdm.enable = false; - - lightdm = { - enable = true; - autoLogin = { - enable = true; - user = "steveej"; - }; - background = "${pkgs.nixos-artwork.wallpapers.simple-blue}/share/artwork/gnome/nix-wallpaper-simple-blue.png"; - }; - - sessionCommands = '' - ''; - }; - }; - - # Package configuration - environment.systemPackages = with pkgs; [ - ]; - - # More Services - services.udev.packages = [ - pkgs.libu2f-host - pkgs.yubikey-personalization - ]; - services.udev.extraRules = '' - # OnePlusOne - ATTR{idVendor}=="05c6", ATTR{idProduct}=="6764", SYMLINK+="libmtp-%k", MODE="660", GROUP="audio", ENV{ID_MTP_DEVICE}="1", ENV{ID_MEDIA_PLAYER}="1", TAG+="uaccess" - ATTR{idVendor}=="05c6", ATTR{idProduct}=="6765", SYMLINK+="libmtp-%k", MODE="660", GROUP="audio", ENV{ID_MTP_DEVICE}="1", ENV{ID_MEDIA_PLAYER}="1", TAG+="uaccess" - - # Plantronics BackBeat PRO - SUBSYSTEM=="usb", ATTR{idVendor}=="047f", ATTR{idProduct}=="011a", GROUP="users", MODE="0777" - SUBSYSTEM=="usb", ATTR{idVendor}=="047f", ATTR{idProduct}=="fffe", GROUP="users", MODE="0777" - SUBSYSTEM=="usb", ATTR{idVendor}=="047f", ATTR{idProduct}=="0001", GROUP="users", MODE="0777" - '' - ; - - services.packagekit.enable = true; - - services.resolved.enable = false; - services.nix-serve.enable = true; - - services.samba.enable = true; - services.samba.extraConfig = '' - client max protocol = SMB3 - ''; - - # hardware related services - services.illum.enable = true; - - hardware = { - bluetooth.enable = true; - pulseaudio = { - enable = true; - package = pkgs.pulseaudioFull; - support32Bit = true; - }; - }; - - services.fprintd.enable = true; - security.pam.services = { - login.fprintAuth = true; - sudo.fprintAuth = true; - }; - - # required for running blueman-applet in user sessions - services.dbus.packages = with pkgs; [ - blueman - ]; - - # Kubernetes - # services.kubernetes.roles = ["master" "node"]; - - # virtualization - virtualisation = { - libvirtd.enable = true; - virtualbox.host.enable = true; - virtualbox.host.addNetworkInterface = true; - docker.enable = true; - }; - - # Activation scripts for impure set up of paths in / - system.activationScripts.bin = '' - echo "setting up /bin..." - ln -sfT ${pkgs.bash}/bin/bash /bin/.bash - mv -Tf /bin/.bash /bin/bash - ''; - system.activationScripts.etcX11sessinos = '' - echo "setting up /etc/X11/sessions..." - mkdir -p /etc/X11 - ln -sfT ${config.services.xserver.displayManager.session.desktops} /etc/X11/.sessions - mv -Tf /etc/X11/.sessions /etc/X11/sessions - ''; - system.activationScripts.lib64 = '' - echo "setting up /lib64..." - mkdir -p /lib64 - ln -sfT ${pkgs.stdenv.glibc}/lib/ld-linux-x86-64.so.2 /lib64/.ld-linux-x86-64.so.2 - mv -Tf /lib64/.ld-linux-x86-64.so.2 /lib64/ld-linux-x86-64.so.2 - ''; -} diff --git a/nixos-configuration/steveej-laptop/user.nix b/nixos-configuration/steveej-laptop/user.nix deleted file mode 100644 index bb04679..0000000 --- a/nixos-configuration/steveej-laptop/user.nix +++ /dev/null @@ -1,26 +0,0 @@ -{ config -, pkgs -, ... }: - -let - passwords = import ../common/passwords.crypt.nix; - keys = import ../common/keys.nix; - inherit (import ../common/lib) mkUser; - -in -{ - users.extraUsers.root = { - openssh.authorizedKeys.keys = keys.openssh.steveej; - }; - - users.extraUsers.steveej2 = mkUser { - uid = 1001; - hashedPassword = passwords.users.steveej; - }; - - users.extraUsers.steveej3 = mkUser { - uid = 1002; - hashedPassword = passwords.users.steveej; - }; -} - diff --git a/nixos-configuration/steveej-laptop2/configuration.nix b/nixos-configuration/steveej-laptop2/configuration.nix deleted file mode 100644 index 281d497..0000000 --- a/nixos-configuration/steveej-laptop2/configuration.nix +++ /dev/null @@ -1,154 +0,0 @@ -# Edit this configuration file to define what should be installed on -# your system. Help is available in the configuration.nix(5) man page -# and in the NixOS manual (accessible by running ‘nixos-help’). - -{ config, pkgs, ... }: - -let - passwords = import ../common/passwords.crypt.nix; - -in -{ - nixpkgs.config.allowUnfree = true; - - nix.binaryCachePublicKeys = [ "hydra.nixos.org-1:CNHJZBh9K4tP3EKF6FkkgeVYsS3ohTl+oS0Qa8bezVs=" ]; - nix.binaryCaches = [ - "https://cache.nixos.org" - "https://hydra.nixos.org" - ]; - nix.trustedBinaryCaches = [ - "https://cache.nixos.org" - "https://hydra.nixos.org" - ]; - - nix.daemonNiceLevel = 19; - nix.daemonIONiceLevel = 7; - - imports = - [ # Include the results of the hardware scan. - ./hardware-configuration.nix - ]; - - networking.hostName = "steveej-laptop2"; # Define your hostname. - - fonts = { - enableCoreFonts = true; - }; - - i18n = { - defaultLocale = "en_US.UTF-8"; - }; - - # Set your time zone. - time.timeZone = "Europe/Amsterdam"; - - networking.firewall.enable = false; - networking.networkmanager = { - enable = true; - unmanaged = [ - "interface-name:veth*" - "interface-name:virbr*" - "interface-name:br*" - "interface-name:*vbox*" - "interface-name:*cni*" - ]; - }; - - programs.bash = { - enableCompletion = true; - promptInit = '' - function exitstatus() { - if [[ $? -eq 0 ]]; then - printf '✓' - else - printf '✗' - fi - } - function nixshellEval { - if [[ "$1" != "" ]]; then - printf "»$1« " - fi - } - function setPS1 { - if test "$TERM" != "dumb"; then - # Provide a nice prompt. - BLUE="\[\033[0;34m\]" - RED="\[\033[1;31m\]" - GREEN="\[\033[1;32m\]" - NO_COLOR="\[\033[0m\]" - - PROMPT_COLOR=$RED - let $UID && PROMPT_COLOR=$GREEN - PS1="$PROMPT_COLOR\u$NO_COLOR@\h \$(exitstatus) \$(nixshellEval $1)$BLUE\w$NO_COLOR\n$PROMPT_COLOR\\$ $NO_COLOR" - if test "$TERM" = "xterm"; then - PS1="\[\033]2;\h:\u:\w\007\]$PS1" - fi - fi - } - setPS1 - ''; - }; - - services.xserver = { - libinput.enable = true; - libinput.naturalScrolling = true; - - videoDrivers = [ "qxl" "intel" ]; - enable = true; - layout = "us"; - - windowManager.qtile.enable = true; - desktopManager = { - xterm.enable = false; - gnome3.enable = true; - }; - - displayManager = { - slim = { - enable = true; - theme = pkgs.fetchFromGitHub { - owner = "steveej"; - repo = "nixos-slim-theme"; - rev = "eec04a624113db835f2b5960d305e242da9dbc2a"; - sha256 = "146zmr5rzwxq5mz6b7108a3ksf3nvqxrr8bvi82jsw6xqji4i5f5"; - }; - autoLogin = false; - defaultUser = "steveej"; - }; -# sessionCommands = '' -# xscreensaver -no-splash & -# ${pkgs.networkmanagerapplet}/bin/nm-applet & -# $(sleep 2; xmodmap /home/steveej/.Xmodmap) & -# ''; - }; - }; - - users.mutableUsers = false; - users.extraUsers.root = { - hashedPassword = passwords.users.root; - openssh.authorizedKeys.keys = ["ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQD3niN5KcIYikRhXTYZCSehI1ZQs+vvG/dZ7KxNVHslfsS+p1yTycXcZFtDDn5vtG2fAo3yksxCk+G10/AWQ+NMOcFKuAi5qTOYSLbEcHVlZ4ko8sDUe3fF79vrCqY7IWbKKjZ4DH77Qs6SXk5GIlNaIzxut8Dpv8qHnkPiPuFgrJC4oGk60ZKmCPvOEpgg9twcdI6ykIxD4Fg+hHgG1p07uSEcm9EADli8RsU3UJ1UBhXMohMC6HrKVBkBX9wTo+zY+xqXxxem6xGNnkNiZLACfhCnjXv39zh85pgFuNv7R8SzVZQ9iRoCmax/w3JtWdDjqoTGgLfJyhMMjNdjVHOx steveej@steveej-laptop"]; - }; - users.extraUsers.steveej = { - uid = 1000; - isNormalUser = true; - home = "/home/steveej"; - extraGroups = [ "wheel" "libvirtd" "networkmanager" "vboxusers" ]; - hashedPassword = passwords.users.steveej; - }; - - services.gpm.enable = true; - services.openssh.enable = true; - services.openssh.permitRootLogin = "yes"; - - # List packages installed in system profile. To search by name, run: - # $ nix-env -qaP | grep wget - environment.systemPackages = with pkgs; [ - xorg.xmodmap - wget - vim - roxterm - ]; - - # The NixOS release to be compatible with for stateful data such as databases. - system.stateVersion = "16.09"; -} diff --git a/nixos-configuration/steveej-laptop2/hardware-configuration.nix b/nixos-configuration/steveej-laptop2/hardware-configuration.nix deleted file mode 100644 index bd1561c..0000000 --- a/nixos-configuration/steveej-laptop2/hardware-configuration.nix +++ /dev/null @@ -1,71 +0,0 @@ -# Do not modify this file! It was generated by ‘nixos-generate-config’ -# and may be overwritten by future invocations. Please make changes -# to /etc/nixos/configuration.nix instead. -{ config, lib, pkgs, ... }: - -{ - boot.initrd.availableKernelModules = [ - "xhci_pci" "ehci_pci" "ahci" "usbhid" "sd_mod" - ]; - boot.kernelModules = [ - "nf_conntrack_proto_gre" - "nf_conntrack_pptp" - "kvm-intel" - ]; - boot.extraModulePackages = [ ]; - - nix.maxJobs = lib.mkDefault 2; - nix.buildCores = 2; - - boot.kernelPackages = pkgs.linuxPackages_latest; - - # Bootloader, initrd and Kernel - boot.loader.grub.enable = true; - boot.loader.grub.enableCryptodisk = true; - boot.loader.grub.version = 2; - - # Workaround for nm-pptp - - boot.tmpOnTmpfs = true; - - hardware.enableAllFirmware = true; - hardware.trackpoint.emulateWheel = true; - - fileSystems."/" = { device = "/dev/disk/by-uuid/c428a7e0-cd80-4ae7-90fb-530a9676278e"; - fsType = "btrfs"; - options = [ - "defaults" - "compress=lzo" - "subvol=nixos" - ]; - }; - fileSystems."/home" = { device = "/dev/disk/by-uuid/c428a7e0-cd80-4ae7-90fb-530a9676278e"; - fsType = "btrfs"; - options = [ - "defaults" - "compress=lzo" - "subvol=home" - ]; - }; - - fileSystems."/var/lib/rkt" = { - fsType = "tmpfs"; - }; - - fileSystems."/var/lib/cni" = { - fsType = "tmpfs"; - }; - - swapDevices = [ ]; - - # Define on which hard drive you want to install Grub. - boot.loader.grub.device = "/dev/sda"; - - boot.initrd.luks.devices = [ { - name = "luksroot"; - device = "/dev/disk/by-uuid/4ac7f8ba-4dea-41e8-99ea-b794aace24a1"; - preLVM = false; - allowDiscards = true; - } - ]; -} diff --git a/nixos-configuration/steveej-live-usb-mmc-SL32G_0x259093f6/configuration.nix b/nixos-configuration/steveej-live-usb-mmc-SL32G_0x259093f6/configuration.nix deleted file mode 100644 index 6830f65..0000000 --- a/nixos-configuration/steveej-live-usb-mmc-SL32G_0x259093f6/configuration.nix +++ /dev/null @@ -1,20 +0,0 @@ -# Edit this configuration file to define what should be installed on -# your system. Help is available in the configuration.nix(5) man page -# and in the NixOS manual (accessible by running ‘nixos-help’). - -{ config, pkgs, deviceid, ... }: - -{ - imports = [ - ../common/steveej-live-usb/boot.nix - ../common/steveej-live-usb/system.nix - ../common/steveej-live-usb/hw.nix - ../common/steveej-live-usb/pkg.nix - ../common/user/root.nix - ../common/user/steveej.nix - ../common/pkg/default.nix - - ./system.nix - ./hw.nix - ]; -} diff --git a/nixos-configuration/steveej-live-usb-mmc-SL32G_0x259093f6/hw.nix b/nixos-configuration/steveej-live-usb-mmc-SL32G_0x259093f6/hw.nix deleted file mode 100644 index 4c0cf5a..0000000 --- a/nixos-configuration/steveej-live-usb-mmc-SL32G_0x259093f6/hw.nix +++ /dev/null @@ -1,51 +0,0 @@ -# Do not modify this file! It was generated by ‘nixos-generate-config’ -# and may be overwritten by future invocations. Please make changes -# to /etc/nixos/configuration.nix instead. -{ config, lib, pkgs, ... }: - -let - deviceId = "mmc-SL32G_0x259093f6"; - volumeGroup = deviceId; - - bootGrubDevice = lib.concatStrings [ "/dev/disk/by-id/" deviceId ]; - bootFsDevice = lib.concatStrings [ "/dev/disk/by-partlabel/" deviceId "-part2" ]; - bootLuksDevice = lib.concatStrings [ "/dev/disk/by-partlabel/" deviceId "-part3" ]; - rootFsDevice = lib.concatStrings [ "/dev/" volumeGroup "/root" ]; - swapFsDevice = lib.concatStrings [ "/dev/" volumeGroup "/swap" ]; - -in { - - fileSystems."/boot" = { - device = bootFsDevice; - fsType = "vfat"; - }; - - fileSystems."/" = { - device = rootFsDevice; - fsType = "btrfs"; - options = [ "subvol=nixos" ]; - }; - - fileSystems."/home" = { - device = rootFsDevice; - fsType = "btrfs"; - options = [ "subvol=home" ]; - }; - - swapDevices = [ { device = swapFsDevice; } ]; - - boot.loader.grub = { - device = bootGrubDevice; - efiSupport = true; - efiInstallAsRemovable = true; - }; - - boot.initrd.luks.devices = [ - { - name = "cryptliveusb"; - device = bootLuksDevice; - preLVM = true; - allowDiscards = true; - } - ]; -} diff --git a/nixos-configuration/steveej-live-usb-mmc-SL32G_0x259093f6/system.nix b/nixos-configuration/steveej-live-usb-mmc-SL32G_0x259093f6/system.nix deleted file mode 100644 index c202de5..0000000 --- a/nixos-configuration/steveej-live-usb-mmc-SL32G_0x259093f6/system.nix +++ /dev/null @@ -1,8 +0,0 @@ -{ config, lib, pkgs, ... }: - -let - -in { - - networking.hostName = "steveej-mmc-SL32G_0x259093f6"; # Define your hostname. -} diff --git a/nixos/devices/default.nix b/nixos/devices/default.nix new file mode 100644 index 0000000..995f0fc --- /dev/null +++ b/nixos/devices/default.nix @@ -0,0 +1,62 @@ +{ pkgs ? import {} +, dir +, rebuildarg ? null +}: + +let + diskId = (import ((builtins.getEnv "PWD")+"/${dir}/hw.nix") {}).hardware.encryptedDisk.diskId; + +in { + rebuild = pkgs.writeScript "script" '' + #!/usr/bin/env bash + set -xe + + pushd ${dir} + export NIXOS_CONFIG="$PWD"/configuration.nix + export INSTALL_ROOT="/mnt/$ID-root" + + [[ -e "''${NIXOS_CONFIG}" ]] + + nixos-rebuild -I nixos-config=''${NIXOS_CONFIG} ${rebuildarg} + rm result + ''; + + diskMount = pkgs.writeScript "script" '' + #!/usr/bin/env bash + set -xe + ID=${diskId} + echo Mounting $ID + set -xe + cryptsetup luksOpen /dev/disk/by-partlabel/$ID-part3 $ID-part3 + vgchange -ay $ID + mkdir -p /mnt/$ID-root + mount /dev/$ID/root /mnt/$ID-root -o subvol=nixos + mount /dev/$ID/root /mnt/$ID-root/home -o subvol=home + mount /dev/disk/by-partlabel/$ID-part2 /mnt/$ID-root/boot + ''; + + diskUmount = pkgs.writeScript "script" '' + #!/usr/bin/env bash + set -xe + ID=${diskId} + umount -R /mnt/$ID-root + rmdir /mnt/$ID-root + vgchange -an $ID + cryptsetup luksClose $ID-part3 + sync + ''; + + diskInstall = pkgs.writeScript "script" '' + #!/usr/bin/env bash + set -xe + ID=${diskId} + pushd ${dir} + export NIXOS_CONFIG="$PWD"/configuration.nix + export INSTALL_ROOT="/mnt/$ID-root" + + [[ -e "''${NIXOS_CONFIG}" ]] + [[ -e "''${INSTALL_ROOT}" ]] + + nixos-install --max-jobs 5 --cores 4 --no-channel-copy --no-root-passwd --root "''${INSTALL_ROOT}" + ''; +} diff --git a/nixos-configuration/steveej-laptop/boot.nix b/nixos/devices/steveej-laptop/boot.nix similarity index 100% rename from nixos-configuration/steveej-laptop/boot.nix rename to nixos/devices/steveej-laptop/boot.nix diff --git a/nixos/devices/steveej-laptop/configuration.nix b/nixos/devices/steveej-laptop/configuration.nix new file mode 100644 index 0000000..da100b3 --- /dev/null +++ b/nixos/devices/steveej-laptop/configuration.nix @@ -0,0 +1,14 @@ +{ ... }: + +{ + imports = [ + ../../profiles/common/configuration.nix + ../../profiles/graphical/configuration.nix + + ./pkg.nix + ./system.nix + ./hw.nix + ./user.nix + ./boot.nix + ]; +} diff --git a/nixos-configuration/steveej-laptop/hw.nix b/nixos/devices/steveej-laptop/hw.nix similarity index 98% rename from nixos-configuration/steveej-laptop/hw.nix rename to nixos/devices/steveej-laptop/hw.nix index 992fe47..8af9706 100644 --- a/nixos-configuration/steveej-laptop/hw.nix +++ b/nixos/devices/steveej-laptop/hw.nix @@ -4,7 +4,7 @@ { config, lib, pkgs, ... }: { - nix.maxJobs = lib.mkDefault 3; + nix.maxJobs = 3; nix.buildCores = 3; hardware.enableAllFirmware = true; diff --git a/nixos-configuration/steveej-laptop/pkg.nix b/nixos/devices/steveej-laptop/pkg.nix similarity index 79% rename from nixos-configuration/steveej-laptop/pkg.nix rename to nixos/devices/steveej-laptop/pkg.nix index 334036d..4048c76 100644 --- a/nixos-configuration/steveej-laptop/pkg.nix +++ b/nixos/devices/steveej-laptop/pkg.nix @@ -13,17 +13,6 @@ in allowUnfree = true; packageOverrides = pkgs: rec { - # Version override example: - # rustracerd = pkgs.lib.overrideDerivation pkgs.rustracerd (attrs: rec { - # version = "2016-08-23"; - # name = "racerd-${version}"; - # src = pkgs.fetchgit { - # url = "git://github.com/jwilm/racerd.git"; - # rev = "813d8214f50e8f77b5d8adf5173173209c8f6d74"; - # sha256 = "07p4kvrc529khb1afrgwfkdb9nh3nvsk1v2p2b1rdaqvkpgwqr74"; - # }; - # }); - libvirt = unstablepkgs.libvirt; myLinuxPackages = pkgs.recurseIntoAttrs (pkgs.linuxPackagesFor @@ -69,11 +58,6 @@ in }; }; - imports = - [ - ../common/pkg/default.nix - ]; - environment.systemPackages = with pkgs; [ ]; } diff --git a/nixos/devices/steveej-laptop/system.nix b/nixos/devices/steveej-laptop/system.nix new file mode 100644 index 0000000..6935be2 --- /dev/null +++ b/nixos/devices/steveej-laptop/system.nix @@ -0,0 +1,57 @@ +{ config +, lib +, pkgs +, ... +}: + +let + unstablepkgs = import {}; + +in rec { + # The NixOS release to be compatible with for stateful data such as databases. + # system.stateVersion = "unstable"; + + networking.hostName = "steveej-laptop"; # Define your hostname. + + # Used for testing local Tectonic clusters + environment.etc."NetworkManager/dnsmasq.d/tectonic.conf".text = '' + server=/tt.testing/192.168.124.1 + server=/tectonic-ci.de/192.168.124.1 + server=/tectonic-ci.lan/192.168.124.1 + ''; + networking.firewall.checkReversePath = false; + + networking.bridges."virbr1".interfaces = []; + networking.interfaces."virbr1".ipv4.addresses = [ + { address = "10.254.254.254"; prefixLength = 24; } + ]; + + services.printing = { + enable = true; + drivers = [ + pkgs.hplip + unstablepkgs.cups-kyodialog3 + unstablepkgs.mfcj6510dwlpr + unstablepkgs.mfcj6510dw-cupswrapper + ]; + }; + + services.nix-serve.enable = true; + + services.fprintd.enable = true; + security.pam.services = { + login.fprintAuth = true; + sudo.fprintAuth = true; + }; + + # Kubernetes + # services.kubernetes.roles = ["master" "node"]; + + # virtualization + virtualisation = { + libvirtd.enable = true; + virtualbox.host.enable = true; + virtualbox.host.addNetworkInterface = true; + docker.enable = true; + }; +} diff --git a/nixos/devices/steveej-laptop/user.nix b/nixos/devices/steveej-laptop/user.nix new file mode 100644 index 0000000..5f385ed --- /dev/null +++ b/nixos/devices/steveej-laptop/user.nix @@ -0,0 +1,18 @@ +{ config +, pkgs +, ... }: + +let + inherit (import ../../lib/default.nix { }) mkUser; + +in +{ + users.extraUsers.steveej2 = mkUser { + uid = 1001; + }; + + users.extraUsers.steveej3 = mkUser { + uid = 1002; + }; +} + diff --git a/nixos/devices/steveej-live-mmc-SL32G_0x259093f6/configuration.nix b/nixos/devices/steveej-live-mmc-SL32G_0x259093f6/configuration.nix new file mode 100644 index 0000000..87284bc --- /dev/null +++ b/nixos/devices/steveej-live-mmc-SL32G_0x259093f6/configuration.nix @@ -0,0 +1,12 @@ +{ ... }: + +{ + imports = [ + ../../profiles/common/configuration.nix + ../../profiles/graphical/configuration.nix + ../../profiles/removable-medium/configuration.nix + + ./system.nix + ./hw.nix + ]; +} diff --git a/nixos/devices/steveej-live-mmc-SL32G_0x259093f6/hw.nix b/nixos/devices/steveej-live-mmc-SL32G_0x259093f6/hw.nix new file mode 100644 index 0000000..6aa9818 --- /dev/null +++ b/nixos/devices/steveej-live-mmc-SL32G_0x259093f6/hw.nix @@ -0,0 +1,5 @@ +{ ... }: + +{ + hardware.encryptedDisk.diskId = "mmc-SL32G_0x259093f6"; +} diff --git a/nixos/devices/steveej-live-mmc-SL32G_0x259093f6/system.nix b/nixos/devices/steveej-live-mmc-SL32G_0x259093f6/system.nix new file mode 100644 index 0000000..e453def --- /dev/null +++ b/nixos/devices/steveej-live-mmc-SL32G_0x259093f6/system.nix @@ -0,0 +1,5 @@ +{ ... }: + +{ + networking.hostName = "mmc-sandiskultra32gb"; # Define your hostname. +} diff --git a/nixos-configuration/steveej-utilitepro/configuration.nix b/nixos/devices/steveej-utilitepro/configuration.nix similarity index 100% rename from nixos-configuration/steveej-utilitepro/configuration.nix rename to nixos/devices/steveej-utilitepro/configuration.nix diff --git a/nixos-configuration/steveej-utilitepro/hardware-configuration.nix b/nixos/devices/steveej-utilitepro/hardware-configuration.nix similarity index 100% rename from nixos-configuration/steveej-utilitepro/hardware-configuration.nix rename to nixos/devices/steveej-utilitepro/hardware-configuration.nix diff --git a/nixos-configuration/steveej-utilitepro/patches/utilitepro-kernel-dts-Makefile.patch b/nixos/devices/steveej-utilitepro/patches/utilitepro-kernel-dts-Makefile.patch similarity index 100% rename from nixos-configuration/steveej-utilitepro/patches/utilitepro-kernel-dts-Makefile.patch rename to nixos/devices/steveej-utilitepro/patches/utilitepro-kernel-dts-Makefile.patch diff --git a/nixos-configuration/steveej-utilitepro/patches/utilitepro-kernel-dts.patch b/nixos/devices/steveej-utilitepro/patches/utilitepro-kernel-dts.patch similarity index 100% rename from nixos-configuration/steveej-utilitepro/patches/utilitepro-kernel-dts.patch rename to nixos/devices/steveej-utilitepro/patches/utilitepro-kernel-dts.patch diff --git a/nixos/lib/default.nix b/nixos/lib/default.nix new file mode 100644 index 0000000..0334c1d --- /dev/null +++ b/nixos/lib/default.nix @@ -0,0 +1,28 @@ +{ keys ? import ../../variables/keys.nix +, passwords ? import ../../variables/passwords.crypt.nix +}: + +{ + mkRoot = { } @ args: { + hashedPassword = passwords.users.root; + openssh.authorizedKeys.keys = keys.users.steveej.openssh; + } // args; + + mkUser = {uid, hashedPassword ? passwords.users.steveej, ... } @ args: { + inherit uid hashedPassword; + isNormalUser = true; + extraGroups = [ + "docker" + "wheel" + "libvirtd" + "networkmanager" + "vboxusers" + "users" + "input" + "audio" + "video" + "cdrom" + ]; + openssh.authorizedKeys.keys = keys.users.steveej.openssh; + } // args; +} diff --git a/nixos/modules/encryptedDisk.nix b/nixos/modules/encryptedDisk.nix new file mode 100644 index 0000000..9567873 --- /dev/null +++ b/nixos/modules/encryptedDisk.nix @@ -0,0 +1,64 @@ +{ lib +, config +, ... }: +with lib; + +let + cfg = config.hardware.encryptedDisk; + + volumeGroup = cfg.diskId; + bootGrubDevice = lib.concatStrings [ "/dev/disk/by-id/" cfg.diskId ]; + bootFsDevice = lib.concatStrings [ "/dev/disk/by-partlabel/" cfg.diskId "-part2" ]; + bootLuksDevice = lib.concatStrings [ "/dev/disk/by-partlabel/" cfg.diskId "-part3" ]; + rootFsDevice = lib.concatStrings [ "/dev/" volumeGroup "/root" ]; + swapFsDevice = lib.concatStrings [ "/dev/" volumeGroup "/swap" ]; + +in { + options.hardware.encryptedDisk = { + enable = mkEnableOption "Enable encrypted filesystem layout"; + diskId = mkOption { + type = types.string; + }; + }; + + config = lib.mkIf cfg.enable { + fileSystems."/boot" = { + device = bootFsDevice; + fsType = "vfat"; + }; + + fileSystems."/" = { + device = rootFsDevice; + fsType = "btrfs"; + options = [ "subvol=nixos" ]; + }; + + fileSystems."/home" = { + device = rootFsDevice; + fsType = "btrfs"; + options = [ "subvol=home" ]; + }; + + swapDevices = [ { device = swapFsDevice; } ]; + + boot.loader.grub = { + device = bootGrubDevice; + efiSupport = true; + efiInstallAsRemovable = true; + }; + + boot.initrd.luks.devices = [ + { + name = + let + splitstring = builtins.split "/" bootLuksDevice; + lastelem = (builtins.length splitstring)-1; + in + builtins.elemAt splitstring lastelem; + device = bootLuksDevice; + preLVM = true; + allowDiscards = true; + } + ]; + }; +} diff --git a/nixos/modules/natrouter.nix b/nixos/modules/natrouter.nix new file mode 100644 index 0000000..a834cca --- /dev/null +++ b/nixos/modules/natrouter.nix @@ -0,0 +1,26 @@ +{ lib +, config +, ... }: +with lib; + +{ + # TODO + # Provide a NAT/DHCP Router + # + # networking.nat.enable = true; + # networking.nat.internalInterfaces = [ "enp0s20f0u4u1u3" ]; + # networking.nat.externalInterface = "wlp1s0"; + # networking.interfaces."enp0s20f0u4u1u3".ipv4.addresses = [ + # { address = "10.254.253.254"; prefixLength = 24; } + # ]; + # services.dnsmasq = { + # enable = true; + # servers = [ "8.8.8.8" "8.8.4.4" ]; + # extraConfig = '' + # domain=lan + # interface=enp0s20f0u4u1u3 + # bind-interfaces + # dhcp-range=10.254.253.100,10.254.253.199,1h + # ''; + # }; +} diff --git a/nixos/profiles/common/configuration.nix b/nixos/profiles/common/configuration.nix new file mode 100644 index 0000000..273637c --- /dev/null +++ b/nixos/profiles/common/configuration.nix @@ -0,0 +1,9 @@ +{ ... }: + +{ + imports = [ + ./pkg.nix + ./user.nix + ./system.nix + ]; +} diff --git a/nixos-configuration/common/pkg/default.nix b/nixos/profiles/common/pkg.nix similarity index 100% rename from nixos-configuration/common/pkg/default.nix rename to nixos/profiles/common/pkg.nix diff --git a/nixos/profiles/common/system.nix b/nixos/profiles/common/system.nix new file mode 100644 index 0000000..b6fc3ef --- /dev/null +++ b/nixos/profiles/common/system.nix @@ -0,0 +1,88 @@ +{ config +, pkgs +, lib +, ... +}: + +{ + nix.binaryCachePublicKeys = [ + # "hydra.nixos.org-1:CNHJZBh9K4tP3EKF6FkkgeVYsS3ohTl+oS0Qa8bezVs=" + ]; + nix.binaryCaches = [ + "https://cache.nixos.org" + # "https://hydra.nixos.org" + ]; + nix.trustedBinaryCaches = [ + "https://cache.nixos.org" + # "https://hydra.nixos.org" + ]; + + nix.daemonNiceLevel = lib.mkDefault 19; + nix.daemonIONiceLevel = lib.mkDefault 7; + nix.maxJobs = lib.mkDefault 3; + nix.buildCores = lib.mkDefault 3; + nix.useSandbox = true; + + environment.etc."lvm/lvm.conf".text = '' + devices { + issue_discards = 1 + } + ''; + + # Fonts, I18N, Date ... + fonts = { + enableCoreFonts = true; + }; + + i18n = { + consoleFont = "lat9w-16"; + defaultLocale = "en_US.UTF-8"; + }; + time.timeZone = "Europe/Berlin"; + services.gpm.enable = true; + + services.packagekit.enable = true; + services.openssh.enable = true; + networking.firewall.enable = true; + + # Activation scripts for impure set up of paths in / + system.activationScripts.bin = '' + echo "setting up /bin..." + ln -sfT ${pkgs.bash}/bin/bash /bin/.bash + mv -Tf /bin/.bash /bin/bash + ''; + system.activationScripts.etcX11sessinos = '' + echo "setting up /etc/X11/sessions..." + mkdir -p /etc/X11 + ln -sfT ${config.services.xserver.displayManager.session.desktops} /etc/X11/.sessions + mv -Tf /etc/X11/.sessions /etc/X11/sessions + ''; + system.activationScripts.lib64 = '' + echo "setting up /lib64..." + mkdir -p /lib64 + ln -sfT ${pkgs.stdenv.glibc}/lib/ld-linux-x86-64.so.2 /lib64/.ld-linux-x86-64.so.2 + mv -Tf /lib64/.ld-linux-x86-64.so.2 /lib64/ld-linux-x86-64.so.2 + ''; + + programs.zsh = { + enable = false; +# TODO: basic zsh config +# enableAutosuggestions = true; # enableCompletion = true; +# syntaxHighlighting.enable = true; +# syntaxHighlighting.patterns = {}; +# ohMyZsh = { +# enable = true; +# theme = "tjkirch"; +# }; +# promptInit = '' +# autoload -U promptinit +# promptinit +# ZSH_THEME_GIT_PROMPT_PREFIX='@ ' +# PROMPT='%F{%(!.red.green)}%n%f@%m %(?.%F{green}✓%f.%F{red}✗ ($?%))%f %F{blue}%~%f %F{magenta}$(git_prompt_info)%f +#%_%F{%(!.red.green)}$(prompt_char)%f ' +# RPROMPT="" +# ''; +# interactiveShellInit = '' +# ''; + }; +} diff --git a/nixos/profiles/common/user.nix b/nixos/profiles/common/user.nix new file mode 100644 index 0000000..6d47e9e --- /dev/null +++ b/nixos/profiles/common/user.nix @@ -0,0 +1,19 @@ +{ config +, pkgs +, ... }: + +let + passwords = import ../../../variables/passwords.crypt.nix; + libinfraos = import ../../lib/default.nix { }; + inherit (import ../../lib/default.nix { }) mkUser mkRoot; +in { + users.mutableUsers = false; + + users.extraUsers.root = mkRoot { }; + users.extraUsers.steveej = mkUser { + uid = 1000; + }; + + security.pam.enableU2F = true; + security.pam.services.steveej.u2fAuth = true; +} diff --git a/nixos/profiles/graphical/configuration.nix b/nixos/profiles/graphical/configuration.nix new file mode 100644 index 0000000..ee53530 --- /dev/null +++ b/nixos/profiles/graphical/configuration.nix @@ -0,0 +1,9 @@ +{ pkgs +, ... +}: + +{ + imports = [ + ./system.nix + ]; +} diff --git a/nixos-configuration/common/steveej-live-usb/system.nix b/nixos/profiles/graphical/system.nix similarity index 55% rename from nixos-configuration/common/steveej-live-usb/system.nix rename to nixos/profiles/graphical/system.nix index 7e662a4..a924cf8 100644 --- a/nixos-configuration/common/steveej-live-usb/system.nix +++ b/nixos/profiles/graphical/system.nix @@ -1,31 +1,8 @@ -{ config, lib, pkgs, ... }: - - -let - -in { - nix.binaryCachePublicKeys = [ - # "hydra.nixos.org-1:CNHJZBh9K4tP3EKF6FkkgeVYsS3ohTl+oS0Qa8bezVs=" - ]; - nix.binaryCaches = [ - "https://cache.nixos.org" - # "https://hydra.nixos.org" - ]; - nix.trustedBinaryCaches = [ - "https://cache.nixos.org" - # "https://hydra.nixos.org" - ]; - - nix.daemonNiceLevel = 19; - nix.daemonIONiceLevel = 7; - nix.maxJobs = lib.mkDefault 3; - nix.buildCores = 3; - - nix.useSandbox = true; - - networking.firewall.enable = true; - networking.firewall.checkReversePath = false; +{ pkgs +, ... +}: +{ networking.networkmanager = { enable = true; dns = "dnsmasq"; @@ -37,65 +14,27 @@ in { "interface-name:*cni*" ]; }; + services.resolved.enable = false; - environment.sessionVariables = { - NIXPKGS_ALLOW_UNFREE = "1"; - - # Don't create .pyc files. - PYTHONDONTWRITEBYTECODE = "1"; - }; - - environment.etc."lvm/lvm.conf".text = '' - devices { - issue_discards = 1 - } - ''; - + users.defaultUserShell = pkgs.zsh; environment.pathsToLink = [ "/share/zsh" ]; - # Fonts, I18N, Date ... - fonts = { - enableCoreFonts = true; - }; - - i18n = { - consoleFont = "lat9w-16"; - defaultLocale = "en_US.UTF-8"; - }; - time.timeZone = "Europe/Berlin"; - #time.timeZone = "America/Los_Angeles"; - - # Services - services.gpm.enable = true; - services.openssh.enable = true; - services.openssh.permitRootLogin = "yes"; - - services.gnome3 = { - gnome-disks.enable = false; - gnome-documents.enable = false; - gnome-online-miners.enable = false; - gnome-user-share.enable = false; - gnome-terminal-server.enable = false; - gpaste.enable = false; - sushi.enable = false; - tracker.enable = false; - - # FIXME: gnome should be moved to user session - seahorse.enable = true; - gvfs.enable = true; - at-spi2-core.enable = true; - evolution-data-server.enable = true; - gnome-online-accounts.enable = true; - gnome-keyring.enable = true; - }; - - services.teamviewer.enable = false; - - services.printing = { - enable = false; - }; - + # hardware related services + services.illum.enable = true; services.pcscd.enable = true; + hardware = { + bluetooth.enable = true; + pulseaudio = { + enable = true; + package = pkgs.pulseaudioFull; + support32Bit = true; + }; + }; + # required for running blueman-applet in user sessions + services.dbus.packages = with pkgs; [ + blueman + ]; + services.xserver = { enable = true; libinput.enable = true; @@ -130,9 +69,24 @@ in { }; }; - # Package configuration - environment.systemPackages = with pkgs; [ - ]; + services.gnome3 = { + gnome-disks.enable = false; + gnome-documents.enable = false; + gnome-online-miners.enable = false; + gnome-user-share.enable = false; + gnome-terminal-server.enable = false; + gpaste.enable = false; + sushi.enable = false; + tracker.enable = false; + + # FIXME: gnome should be moved to user session + seahorse.enable = true; + gvfs.enable = true; + at-spi2-core.enable = true; + evolution-data-server.enable = true; + gnome-online-accounts.enable = true; + gnome-keyring.enable = true; + }; # More Services services.udev.packages = [ @@ -148,67 +102,11 @@ in { SUBSYSTEM=="usb", ATTR{idVendor}=="047f", ATTR{idProduct}=="011a", GROUP="users", MODE="0777" SUBSYSTEM=="usb", ATTR{idVendor}=="047f", ATTR{idProduct}=="fffe", GROUP="users", MODE="0777" SUBSYSTEM=="usb", ATTR{idVendor}=="047f", ATTR{idProduct}=="0001", GROUP="users", MODE="0777" - '' - ; + ''; - services.packagekit.enable = true; - - services.resolved.enable = false; - services.nix-serve.enable = false; services.samba.enable = true; services.samba.extraConfig = '' client max protocol = SMB3 ''; - - # hardware related services - services.illum.enable = true; - - hardware = { - bluetooth.enable = true; - pulseaudio = { - enable = true; - package = pkgs.pulseaudioFull; - support32Bit = true; - }; - }; - - services.fprintd.enable = true; - security.pam.services = { - login.fprintAuth = true; - sudo.fprintAuth = true; - }; - - # required for running blueman-applet in user sessions - services.dbus.packages = with pkgs; [ - blueman - ]; - - # virtualization - virtualisation = { - libvirtd.enable = false; - virtualbox.host.enable = false; - virtualbox.guest.enable = false; - docker.enable = true; - }; - - # Activation scripts for impure set up of paths in / - system.activationScripts.bin = '' - echo "setting up /bin..." - mkdir -p /bin - ln -sfT ${pkgs.bash}/bin/bash /bin/.bash - mv -Tf /bin/.bash /bin/bash - ''; - system.activationScripts.etcX11sessinos = '' - echo "setting up /etc/X11/sessions..." - mkdir -p /etc/X11 - ln -sfT ${config.services.xserver.displayManager.session.desktops} /etc/X11/.sessions - mv -Tf /etc/X11/.sessions /etc/X11/sessions - ''; - system.activationScripts.lib64 = '' - echo "setting up /lib64..." - mkdir -p /lib64 - ln -sfT ${pkgs.stdenv.glibc}/lib/ld-linux-x86-64.so.2 /lib64/.ld-linux-x86-64.so.2 - mv -Tf /lib64/.ld-linux-x86-64.so.2 /lib64/ld-linux-x86-64.so.2 - ''; } diff --git a/nixos-configuration/vm-install-iso/Justfile b/nixos/profiles/install-medium/iso/Justfile similarity index 100% rename from nixos-configuration/vm-install-iso/Justfile rename to nixos/profiles/install-medium/iso/Justfile diff --git a/nixos-configuration/vm-install-iso/iso.nix b/nixos/profiles/install-medium/iso/iso.nix similarity index 100% rename from nixos-configuration/vm-install-iso/iso.nix rename to nixos/profiles/install-medium/iso/iso.nix diff --git a/nixos-configuration/common/steveej-live-usb/boot.nix b/nixos/profiles/removable-medium/boot.nix similarity index 100% rename from nixos-configuration/common/steveej-live-usb/boot.nix rename to nixos/profiles/removable-medium/boot.nix diff --git a/nixos/profiles/removable-medium/configuration.nix b/nixos/profiles/removable-medium/configuration.nix new file mode 100644 index 0000000..883c2a4 --- /dev/null +++ b/nixos/profiles/removable-medium/configuration.nix @@ -0,0 +1,12 @@ +{ ... }: + +{ + imports = [ + ../../modules/encryptedDisk.nix + + ./pkg.nix + ./hw.nix + ./system.nix + ./boot.nix + ]; +} diff --git a/nixos-configuration/common/steveej-live-usb/hw.nix b/nixos/profiles/removable-medium/hw.nix similarity index 63% rename from nixos-configuration/common/steveej-live-usb/hw.nix rename to nixos/profiles/removable-medium/hw.nix index eb625e4..dc39ae9 100644 --- a/nixos-configuration/common/steveej-live-usb/hw.nix +++ b/nixos/profiles/removable-medium/hw.nix @@ -1,6 +1,7 @@ -{ config, lib, pkgs, ... }: +{ ... }: { + hardware.encryptedDisk.enable = true; hardware.enableAllFirmware = true; hardware.trackpoint.emulateWheel = true; } diff --git a/nixos-configuration/common/steveej-live-usb/pkg.nix b/nixos/profiles/removable-medium/pkg.nix similarity index 92% rename from nixos-configuration/common/steveej-live-usb/pkg.nix rename to nixos/profiles/removable-medium/pkg.nix index ee791e6..38d23a8 100644 --- a/nixos-configuration/common/steveej-live-usb/pkg.nix +++ b/nixos/profiles/removable-medium/pkg.nix @@ -148,6 +148,30 @@ in { enable = true; userName = "Stefan Junker"; userEmail = "mail@stefanjunker.de"; + extraConfig = '' + [push] + default = simple + [color] + ui = auto + [gpg] + program = gpg2 + [alias] + mr = !sh -c 'git fetch $1 merge-requests/$2/head:mr-$1-$2 && git checkout mr-$1-$2' - + [diff] + tool = nvimdiff + [merge] + tool = nvimdiff + [mergetool] + path = nvim + [difftool "nvimdiff"] + cmd = "nvim -d \"$LOCAL\" \"$REMOTE\"" + + [remote "origin"] + prune = true + [remote "upstream"] + prune = true + ''; + }; home.keyboard = { diff --git a/nixos/profiles/removable-medium/system.nix b/nixos/profiles/removable-medium/system.nix new file mode 100644 index 0000000..6af50cc --- /dev/null +++ b/nixos/profiles/removable-medium/system.nix @@ -0,0 +1,16 @@ +{ config, lib, pkgs, ... }: + + +let + +in { + services.printing = { + enable = false; + }; + + virtualisation = { + libvirtd.enable = false; + virtualbox.host.enable = false; + docker.enable = true; + }; +} diff --git a/pkg-configuration/vim-derivates/commonrc.nix b/pkg-configuration/vim-derivates/commonrc.nix deleted file mode 100644 index cfb9524..0000000 --- a/pkg-configuration/vim-derivates/commonrc.nix +++ /dev/null @@ -1,124 +0,0 @@ -{}: -'' -set nocompatible -set mouse= - -" leader -let mapleader = ',' -let maplocalleader = ',' - -" save on ctrl-s -nnoremap :w -inoremap :w - -set hidden -syntax on -set hlsearch -set number - -" mappings to stop insert mode -imap jjj -imap kkk -imap lll -imap hhh -set scroll=11 - -" new mappings -noremap -noremap - -noremap :tabn -noremap :tabp -let g:ctrlp_map = '' -set wildignore+=*/site/*,*.so,*.swp,*.zip -let g:ctrlp_custom_ignore = { - \ 'dir': '\v[\/]\.(git|hg|svn|)$$', - \ 'file': '\v\.(exe|so|dll)$$', - \ } - -"let g:ctrlp_match_func = { 'match': 'pymatcher#PyMatch' } -"let g:pydiction_location = '~/.vim/bundle/pydiction/complete-dict' - -" allways show status line -set ls=2 -set tabstop=4 -set shiftwidth=4 -set softtabstop=4 -set expandtab -"set textwidth=80 - -set backspace=indent,eol,start - -set wildignore+=*/site/*,*.so,*.swp,*.zip -let g:ctrlp_custom_ignore = { - \ 'dir': '\v[\/]\.(git|hg|svn|)$$', - \ 'file': '\v\.(exe|so|dll)$$', - \ } -" } - -" spelling {{{ -au BufRead,BufNewFile *.txt,*.tex,*.md,*.markdown setlocal spell spelllang=en_us,de_de -" }}} - -" sync default register to clipboard { -if has('unnamedplus') - set clipboard=unnamedplus -else - set clipboard=unnamed -endif -" } - -" colored brackets { -let g:rbpt_colorpairs = [ - \ ['brown', 'RoyalBlue3'], - \ ['Darkblue', 'SeaGreen3'], - \ ['darkgray', 'DarkOrchid3'], - \ ['darkgreen', 'firebrick3'], - \ ['darkcyan', 'RoyalBlue3'], - \ ['darkred', 'SeaGreen3'], - \ ['darkmagenta', 'DarkOrchid3'], - \ ['brown', 'firebrick3'], - \ ['gray', 'RoyalBlue3'], - \ ['black', 'SeaGreen3'], - \ ['darkmagenta', 'DarkOrchid3'], - \ ['Darkblue', 'firebrick3'], - \ ['darkgreen', 'RoyalBlue3'], - \ ['darkcyan', 'SeaGreen3'], - \ ['darkred', 'DarkOrchid3'], - \ ['red', 'firebrick3'], - \ ] -let g:rbpt_max = 16 -let g:rbpt_loadcmd_toggle = 0 - -au VimEnter * RainbowParenthesesToggle -au Syntax * RainbowParenthesesLoadRound -au Syntax * RainbowParenthesesLoadSquare -au Syntax * RainbowParenthesesLoadBraces -" } - -set t_ut= -colorscheme PaperColor - -" Python {{{ -augroup ft_python - au! - au FileType python setlocal omnifunc=pythoncomplete#Complete - au FileType python setlocal define=^\s*\\(def\\\\|class\\) -augroup END -" }}} - -" YAML {{{ -augroup ft_yaml - au! - setlocal autoindent sw=2 et tabstop=2 shiftwidth=2 softtabstop=2 -augroup END -" }}} - -" markdown { -augroup filetypedetect - " gitit page files - au BufRead,BufNewFile *.page set filetype=markdown -augroup END -" } markdown -'' - diff --git a/pkg-configuration/vim-derivates/neovim.nix b/pkg-configuration/vim-derivates/neovim.nix deleted file mode 100644 index 9bd7807..0000000 --- a/pkg-configuration/vim-derivates/neovim.nix +++ /dev/null @@ -1,38 +0,0 @@ -{ pkgs -, additionalRC ? "" -, additionalPlugins ? [] -, ... }: - -pkgs.neovim.override { - vimAlias = true; - configure = { - # add custom .vimrc lines like this: - customRC = (import ./commonrc.nix {}) + '' - let g:indent_guides_enable_on_vim_startup = 1 - - " deoplete { - let g:deoplete#enable_at_startup = 1 - let g:deoplete#enable_smart_case = 1 - " } - '' + additionalRC; - - vam.knownPlugins = pkgs.vimPlugins; # optional - vam.pluginDictionaries = [ # full ducomentation at github.com/MarcWeber/vim-addon-manager - "vim-addon-vim2nix" - "vim-airline" - "vim-addon-nix" - "ctrlp" - "vim-css-color" - "rainbow_parentheses" - "vim-colorschemes" - "vim-colorstepper" - "vim-signify" - "deoplete-nvim" - "fugitive" - "ctrlp" - "vim-indent-guides" - ] ++ additionalPlugins; - }; - extraPythonPackages = []; - withPython3 = true; -} diff --git a/pkg-configuration/vim-derivates/vim.nix b/pkg-configuration/vim-derivates/vim.nix deleted file mode 100644 index 7ae172e..0000000 --- a/pkg-configuration/vim-derivates/vim.nix +++ /dev/null @@ -1,30 +0,0 @@ -{ pkgs -, name -, additionalRC ? "" -, additionalPlugins ? [] -, ... } @ args : - -pkgs.vim_configurable.customize { - inherit name; - # add custom .vimrc lines like this: - vimrcConfig.customRC = (import ./commonrc.nix {}) + '' - '' + additionalRC; - - vimrcConfig.vam.knownPlugins = pkgs.vimPlugins; # optional - vimrcConfig.vam.pluginDictionaries = [{ - # full ducomentation at github.com/MarcWeber/vim-addon-manager - names = [ - "vim-addon-vim2nix" - "vim-airline" - "vim-addon-nix" - "ctrlp" - "syntastic" - "vim-css-color" - "rainbow_parentheses" - "vim-colorschemes" - "vim-colorstepper" - "vim-signify" -# "youcompleteme" - ] ++ additionalPlugins; - }]; -} diff --git a/pkg-configuration/config.nix b/pkgs-configuration/config.nix similarity index 100% rename from pkg-configuration/config.nix rename to pkgs-configuration/config.nix diff --git a/pkgs-configuration/home-manager/steveej/neovim/default.nix b/pkgs-configuration/home-manager/steveej/neovim/default.nix new file mode 100644 index 0000000..8867557 --- /dev/null +++ b/pkgs-configuration/home-manager/steveej/neovim/default.nix @@ -0,0 +1,130 @@ +{ pkgs }: + +{ + enable = true; + + extraPythonPackages = (ps: with ps; [ ]); + extraPython3Packages = (ps: with ps; [ ]); + + configure = { + customRC = builtins.readFile ./vimrc; + vam = { + knownPlugins = with pkgs; vimPlugins // { + delimitMate = vimUtils.buildVimPlugin { + name = "delimitMate-vim"; + src = fetchFromGitHub { + owner = "Raimondi"; + repo = "delimitMate"; + rev = "728b57a6564c1d2bdfb9b9e0f2f8c5ba3d7e0c5c"; + sha256 = "0fskm9gz81dk8arcidrm71mv72a7isng1clssqkqn5wnygbiimsn"; + }; + buildInputs = [ zip vim ]; + }; + + yaml-folds = vimUtils.buildVimPlugin { + name = "vim-yaml-folds"; + src = fetchFromGitHub { + owner = "pedrohdz"; + repo = "vim-yaml-folds"; + rev = "0672d9a3b685b51b4c49d8716c2ad4e27cfa5abd"; + sha256 = "0yp2jgaqiria79lh75fkrs77rw7nk518bq63w9bvyy814i7s4scn"; + }; + buildInputs = [ zip vim ]; + }; + + vim-markdown-toc = vimUtils.buildVimPlugin { + name = "vim-markdown-toc"; + src = fetchFromGitHub { + owner = "mzlogin"; + repo = "vim-markdown-toc"; + rev = "a6e227023f405a7c39590a8aaf0d54dde5614a2e"; + sha256 = "1vpsnjzc7hvrkp6mq68myxl3k1x363iif58rrd17njcsa4jh1zwy"; + }; + }; + vim-perl = vimUtils.buildVimPlugin { + name = "vim-perl"; + src = fetchFromGitHub { + owner = "vim-perl"; + repo = "vim-perl"; + rev = "21d0a0d795336acf8a9306da35f379c32cfc5e08"; + sha256 = "0f2sa0v3djd89k16n4saji9n7grziyhkljq75dskcbv8r19m8i1j"; + }; + }; + + git-blame = vimUtils.buildVimPlugin { + name = "git-blame"; + src = fetchFromGitHub { + "owner" = "zivyangll"; + "repo" = "git-blame.vim"; + "rev" = "a5b666840eead1b1ea1c351038da6ce026716bb6"; + "sha256" = "181siphb87yzln9433159ssa6vmm1h2dd0kqhlx7bgsi51gng4rv"; + }; + }; + }; + + pluginDictionaries = let + default = [ + "delimitMate" + "vim-airline" + "ctrlp" + "vim-css-color" + "rainbow_parentheses" + "vim-colorschemes" + "vim-colorstepper" + "vim-signify" + "fugitive" + "ctrlp" + "vim-indent-guides" + "UltiSnips" + "fzfWrapper" + + "ncm2" + "ncm2-bufword" + "ncm2-path" + "ncm2-tmux" + "ncm2-ultisnips" + "nvim-yarp" + + "LanguageClient-neovim" + + "Improved-AnsiEsc" + "tabular" + "git-blame" + + # Nix + "vim-addon-nix" + "vim-addon-vim2nix" + + # LaTeX + "vim-latex-live-preview" + "vimtex" + + # YAML + "yaml-folds" + + # Perl + # "vim-perl" + + + # markdown + "vim-markdown" + "vim-markdown-toc" + + # misc syntax support + "vim-bazel" + ]; + in [ + { names = default; } + { names = default ++ [ + ]; + filename_regex = ".*\.nix\$"; + } + { names = default ++ [ + ]; + filename_regex = ".*\.tex\$"; + } + ]; + + }; + }; +} diff --git a/pkgs-configuration/home-manager/steveej/neovim/vimrc b/pkgs-configuration/home-manager/steveej/neovim/vimrc new file mode 100644 index 0000000..f1742e2 --- /dev/null +++ b/pkgs-configuration/home-manager/steveej/neovim/vimrc @@ -0,0 +1,246 @@ +set nocompatible +set mouse= + +" Enable Elite mode, No ARRRROWWS!!!! +let g:elite_mode=1 +if get(g:, 'elite_mode') +nnoremap :resize +2 +nnoremap :resize -2 +nnoremap :vertical resize +2 +nnoremap :vertical resize -2 +endif + +nnoremap K getline('.')[col('.')-1]==' ' ? "r" : "i" + +" Enable highlighting of the current line +set cursorline + +" leader +let mapleader = ',' +let maplocalleader = ',' + +" save on ctrl-s +nnoremap :w +inoremap :w + +set hidden +syntax on +set hlsearch +set ignorecase +set smartcase +set number + +" mappings to stop insert mode +imap jjj +imap kkk +imap lll +imap hhh +set scroll=11 + +" new mappings +noremap +noremap + +noremap :tabn +noremap :tabp +let g:ctrlp_map = '' +set wildignore+=*/site/*,*.so,*.swp,*.zip +let g:ctrlp_custom_ignore = { +\ 'dir': '\v[\/]\.(git|hg|svn|)$$', +\ 'file': '\v\.(exe|so|dll)$$', +\ } + +"let g:ctrlp_match_func = { 'match': 'pymatcher#PyMatch' } +"let g:pydiction_location = '~/.vim/bundle/pydiction/complete-dict' + +" allways show status line +set ls=2 +set tabstop=4 +set shiftwidth=4 +set softtabstop=4 +set expandtab +"set textwidth=80 + +set backspace=indent,eol,start + +set wildignore+=*/site/*,*.so,*.swp,*.zip +let g:ctrlp_custom_ignore = { +\ 'dir': '\v[\/]\.(git|hg|svn|)$$', +\ 'file': '\v\.(exe|so|dll)$$', +\ } +" } + +" spelling {{{ +au BufRead,BufNewFile *.txt,*.tex,*.md,*.markdown setlocal spell spelllang=en_us,de_de +" }}} + +" sync default register to clipboard { +if has('unnamedplus') +set clipboard=unnamedplus +else +set clipboard=unnamed +endif +" } + +" colored brackets { +let g:rbpt_colorpairs = [ +\ ['brown', 'RoyalBlue3'], +\ ['Darkblue', 'SeaGreen3'], +\ ['darkgray', 'DarkOrchid3'], +\ ['darkgreen', 'firebrick3'], +\ ['darkcyan', 'RoyalBlue3'], +\ ['darkred', 'SeaGreen3'], +\ ['darkmagenta', 'DarkOrchid3'], +\ ['brown', 'firebrick3'], +\ ['gray', 'RoyalBlue3'], +\ ['black', 'SeaGreen3'], +\ ['darkmagenta', 'DarkOrchid3'], +\ ['Darkblue', 'firebrick3'], +\ ['darkgreen', 'RoyalBlue3'], +\ ['darkcyan', 'SeaGreen3'], +\ ['darkred', 'DarkOrchid3'], +\ ['red', 'firebrick3'], +\ ] +let g:rbpt_max = 16 +let g:rbpt_loadcmd_toggle = 0 + +au VimEnter * RainbowParenthesesToggle +au Syntax * RainbowParenthesesLoadRound +au Syntax * RainbowParenthesesLoadSquare +au Syntax * RainbowParenthesesLoadBraces +" } + +set t_ut= +colorscheme PaperColor + +" Python {{{ +augroup ft_python +au! +au FileType python setlocal omnifunc=pythoncomplete#Complete +au FileType python setlocal define=^\s*\\(def\\\\|class\\) +augroup END +" }}} + +" YAML {{{ +augroup ft_yaml +au! +setlocal autoindent sw=2 et tabstop=2 shiftwidth=2 softtabstop=2 +augroup END +" }}} + +" markdown { +augroup filetypedetect +" gitit page files +au BufRead,BufNewFile *.page set filetype=markdown +augroup END + + +" Cycle between the valid list item markers *, - and + in the TOC +let g:vmt_cycle_list_item_markers = 1 + +" } markdown + +let g:indent_guides_enable_on_vim_startup = 1 + + +"bazel +augroup filetypedetect +au BufRead,BufNewFile *.bazel set filetype=bzl +augroup END + +"Justfile +augroup filetypedetect +au BufRead,BufNewFile Justfile set filetype=make +augroup END + + +augroup VCenterCursor +au! +au BufEnter,WinEnter,WinNew,VimResized *,*.* +\ let &scrolloff=winheight(win_getid())/2 +augroup END + +" " deoplete { +" let g:deoplete#enable_at_startup = 1 +" let g:deoplete#num_processes = 1 +" let g:deoplete#enable_smart_case = 1 +" +" if !exists('g:deoplete#omni#input_patterns') +" let g:deoplete#omni#input_patterns = {} +" endif +" let g:deoplete#omni#input_patterns.tex = g:vimtex#re#deoplete +" " } deoplete + +" enable ncm2 for all buffers +autocmd BufEnter * call ncm2#enable_for_buffer() +set completeopt=noinsert,menuone,noselect + +" LanguageClient { +set hidden + +let g:LanguageClient_serverCommands = { +\ 'rust': ['rustup', 'run', 'stable', 'rls'], +\ 'javascript.jsx': ['tcp://127.0.0.1:2089'], +\ } +" \ 'javascript': ['/usr/local/bin/javascript-typescript-stdio'], +" \ 'python': ['/usr/local/bin/pyls'], +nnoremap :call LanguageClient_contextMenu() +" Or map each action separately +nnoremap K :call LanguageClient#textDocument_hover() +nnoremap gd :call LanguageClient#textDocument_definition() +nnoremap :call LanguageClient#textDocument_rename() +" } + +let g:vimtex_view_method = 'zathura' +let g:vimtex_complete_enabled = 1 +let g:vimtex_complete_close_braces = 1 +let g:vimtex_complete_recursive_bib = 1 +let g:vimtex_indent_enabled = 1 +let g:vimtex_indent_bib_enabled = 1 +let g:vimtex_fold_enabled = 1 +let g:vimtex_fold_comments = 1 +let g:vimtex_fold_preamble = 1 +let g:vimtex_compiler_latexmk = { +\ 'options' : [ +\ '-shell-escape', +\ '-pdf', +\ '-verbose', +\ '-file-line-error', +\ '-synctex=1', +\ '-interaction=nonstopmode', +\ ], +\} +let g:vimtex_quickfix_latexlog = { +\ 'default' : 1, +\ 'general' : 1, +\ 'references' : 1, +\ 'overfull' : 0, +\ 'underfull' : 0, +\ 'font' : 0, +\ 'packages' : { +\ 'default' : 1, +\ 'natbib' : 1, +\ 'biblatex' : 1, +\ 'babel' : 1, +\ 'hyperref' : 1, +\ 'scrreprt' : 1, +\ 'fixltx2e' : 1, +\ 'titlesec' : 1, +\ }, +\} + +function! ViewerCallback() dict +call self.forward_search(self.out()) +endfunction +let g:vimtex_view_zathura_hook_callback = 'ViewerCallback' +let g:vimtex_view_general_callback = 'ViewerCallback' +let g:vimtex_compiler_progname = '${pkgs.neovim-remote}/bin/nvr' +" } latex + +" terminal { +tnoremap +" } terminal + +" allow per-project vimrc +" TODO: only source if it exists +" source .vimrc diff --git a/scripts/nixos-install.sh b/scripts/nixos-install.sh deleted file mode 100755 index 3829d08..0000000 --- a/scripts/nixos-install.sh +++ /dev/null @@ -1,4 +0,0 @@ -#!/usr/bin/env bash -set -xe -export NIXOS_CONFIG=${PWD}/configuration.nix -nixos-install --max-jobs 5 --cores 4 --no-channel-copy --no-root-passwd "${@}" diff --git a/variables/keys.nix b/variables/keys.nix new file mode 100644 index 0000000..92cbb88 --- /dev/null +++ b/variables/keys.nix @@ -0,0 +1,10 @@ +{ + users = { + steveej = { + openssh = [ + "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC4RFtHz0sE5y0AyZZm/tH7bBBgsx55gLPt5tGsl9yZlOzih6n4qbJE/9OOdwnOY2AHRe2lrlTekbW5ewWSBBCbiBE3Vux86sLgy7LM9zoKaNC+E3hmxaoS9SExn0BTkb3kNlOcj2k6UyJhkZWEsqVMV5C21R8EWmMlLY/qm3AxptNjOyzKDwNX2zlHZ5IyjgzO4ZjIxjawmJlUrVEn7/m+M7qK3I1Tyg/ZvDSfmxVJS97sVzseYE0rVwLEWJQOnHh0wnfl27smr2McAB7Cy6sxKyPKvEGyXbNqqb8fqk4okZlRRxhq/XkKlC7IZr+uqYxlL4HN8vjkTRNlgenDUSVT cardno:000604870382" + "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCnrvnvECGpBU4OXK7m7oJOOu7aJzAxOQyvEWhkRBEEyme8/eIiTJMi99wX5kKMWtpbUvinIyZ37VIrnVZv0bJ3WpJQJQkrqAkV1Bs3m5dE7AGIH0BrxgLXHuNxkW3BwmAaqUOq21r4MaYVu2xF38xwKrrk57nQkNjuZ2eiv7XyHaDn+n352jULJzcIXVKyJExhsiGomrwEXq/cmmD+s6M3yUp559fw4cQTdg6iaK76gUAFukL35HCWN3sFKPVEC/yxvfKUIhVsKuwjHfvsSxJgSjcS5yXEtJOB1RhlJ3dLfSyJzuY/AHSqSpMwUSCksMn4xTUKHLGD4wJJI8tRHbsp cardno:000605247559" + ]; + }; + }; +} diff --git a/nixos-configuration/common/passwords.crypt.nix b/variables/passwords.crypt.nix similarity index 100% rename from nixos-configuration/common/passwords.crypt.nix rename to variables/passwords.crypt.nix