diff --git a/nixos-configuration/common/passwords.crypt.nix b/nixos-configuration/common/passwords.crypt.nix index de66808..caeb271 100644 Binary files a/nixos-configuration/common/passwords.crypt.nix and b/nixos-configuration/common/passwords.crypt.nix differ diff --git a/nixos-configuration/common/pkg/default.nix b/nixos-configuration/common/pkg/default.nix index b328140..b29250a 100644 --- a/nixos-configuration/common/pkg/default.nix +++ b/nixos-configuration/common/pkg/default.nix @@ -3,15 +3,6 @@ { # Package configuration environment.systemPackages = with pkgs; [ - nix-repl -# ( busybox.override { -# extraConfig = '' -# CONFIG_STATIC y -# CONFIG_INSTALL_APPLET_DONT y -# CONFIG_INSTALL_APPLET_SYMLINKS n -# ''; -# }) - elfutils exfat file diff --git a/nixos-configuration/steveej-laptop/boot.nix b/nixos-configuration/steveej-laptop/boot.nix index 08fe544..441a468 100644 --- a/nixos-configuration/steveej-laptop/boot.nix +++ b/nixos-configuration/steveej-laptop/boot.nix @@ -2,14 +2,17 @@ { boot.kernelPackages = pkgs.linuxPackages_latest; - #boot.kernelPackages = pkgs.myLinuxPackages; # Bootloader, initrd and Kernel boot.loader.grub.enable = true; boot.loader.grub.enableCryptodisk = true; boot.loader.grub.version = 2; - # Workaround for nm-pptp + # workaround to disable CPU wining + # current CPU has 9 idle cstates. + boot.kernelParams = [ "intel_idle.max_cstate=0" ]; + + # Workaround for nm-pptp to enforce module load boot.kernelModules = [ "nf_conntrack_proto_gre" "nf_conntrack_pptp" diff --git a/nixos-configuration/steveej-laptop/pkg.nix b/nixos-configuration/steveej-laptop/pkg.nix index b4a4426..77fe7e0 100644 --- a/nixos-configuration/steveej-laptop/pkg.nix +++ b/nixos-configuration/steveej-laptop/pkg.nix @@ -3,6 +3,7 @@ ... }: let + gitpkgs = import /home/steveej/src/github/NixOS/nixpkgs {}; in { diff --git a/nixos-configuration/steveej-laptop/system.nix b/nixos-configuration/steveej-laptop/system.nix index 4497121..7457f70 100644 --- a/nixos-configuration/steveej-laptop/system.nix +++ b/nixos-configuration/steveej-laptop/system.nix @@ -1,26 +1,62 @@ { config, lib, pkgs, ... }: + +let + gitpkgs = import /home/steveej/src/github/NixOS/nixpkgs {}; + +in + rec { nix.binaryCachePublicKeys = [ - "hydra.nixos.org-1:CNHJZBh9K4tP3EKF6FkkgeVYsS3ohTl+oS0Qa8bezVs=" + # "hydra.nixos.org-1:CNHJZBh9K4tP3EKF6FkkgeVYsS3ohTl+oS0Qa8bezVs=" ]; nix.binaryCaches = [ "https://cache.nixos.org" - "https://hydra.nixos.org" + # "https://hydra.nixos.org" ]; nix.trustedBinaryCaches = [ "https://cache.nixos.org" - "https://hydra.nixos.org" + # "https://hydra.nixos.org" ]; nix.daemonNiceLevel = 19; nix.daemonIONiceLevel = 7; + nix.package = pkgs.nixUnstable; + + nix.useSandbox = true; + # The NixOS release to be compatible with for stateful data such as databases. # system.stateVersion = "unstable"; networking.hostName = "steveej-laptop"; # Define your hostname. - networking.firewall.enable = false; + networking.hosts = { + "160.85.37.177" = [ "splabchat" ]; + }; + + networking.firewall.enable = true; + networking.firewall.checkReversePath = false; + + # Provide a NAT/DHCP Router + # + # networking.nat.enable = true; + # networking.nat.internalInterfaces = [ "enp0s20f0u4u1u3" ]; + # networking.nat.externalInterface = "wlp1s0"; + # networking.interfaces."enp0s20f0u4u1u3".ipv4.addresses = [ + # { address = "10.254.253.254"; prefixLength = 24; } + # ]; + # services.dnsmasq = { + # enable = true; + # servers = [ "8.8.8.8" "8.8.4.4" ]; + # extraConfig = '' + # domain=lan + # interface=enp0s20f0u4u1u3 + # bind-interfaces + # dhcp-range=10.254.253.100,10.254.253.199,1h + # ''; + # }; + + networking.networkmanager = { enable = true; unmanaged = [ @@ -33,7 +69,7 @@ rec { }; networking.bridges."virbr1".interfaces = []; - networking.interfaces."virbr1".ip4 = [ + networking.interfaces."virbr1".ipv4.addresses = [ { address = "10.254.254.254"; prefixLength = 24; } ]; @@ -94,9 +130,6 @@ rec { ''; }; - # Package configuration - environment.systemPackages = with pkgs; [ - ]; environment.sessionVariables = { EDITOR = "vim"; @@ -129,11 +162,33 @@ rec { services.openssh.enable = true; services.openssh.permitRootLogin = "yes"; + services.gnome3 = { + gnome-disks.enable = false; + gnome-documents.enable = false; + gnome-online-miners.enable = false; + gnome-user-share.enable = false; + gnome-terminal-server.enable = false; + gpaste.enable = false; + sushi.enable = false; + tracker.enable = false; + + # FIXME: gnome should be moved to user session + seahorse.enable = true; + gvfs.enable = true; + at-spi2-core.enable = true; + evolution-data-server.enable = true; + gnome-online-accounts.enable = true; + gnome-keyring.enable = true; + }; + services.teamviewer.enable = false; services.printing = { enable = true; - drivers = [ pkgs.hplip ]; + drivers = [ + pkgs.hplip + gitpkgs.cups-kyodialog3 + ]; }; services.pcscd.enable = true; @@ -146,31 +201,38 @@ rec { xkbVariant = "altgr-intl"; xkbOptions = "nodeadkeys,caps:swapescape"; - windowManager.qtile.enable = true; - windowManager.default = "qtile"; desktopManager = { + # FIXME: gnome should be moved to user session gnome3.enable = true; + xterm.enable = true; plasma5.enable = false; }; displayManager = { - gdm.enable = true; - gdm.wayland = false; - # ${pkgs.xautolock}/bin/xautolock -time 10 -locker slimlock & - # ${pkgs.redshift}/bin/redshift-gtk -v -b 1.0:1.0 -l 47.6691:9.1698 -t 7000:4500 -m randr & + lightdm = { + enable = true; + autoLogin = { + enable = true; + user = "steveej"; + }; + background = "${pkgs.nixos-artwork.wallpapers.simple-blue}/share/artwork/gnome/nix-wallpaper-simple-blue.png"; + }; + sessionCommands = '' - ${pkgs.redshift}/bin/redshift-gtk -v -l 47.6691:9.1698 -t 7000:4500 -m randr & - ${pkgs.networkmanagerapplet}/bin/nm-applet & - ${pkgs.xorg.xsetroot}/bin/xsetroot -solid darkblue & - ${pkgs.autorandr}/bin/autorandr -l common & ''; }; }; + + # Package configuration + environment.systemPackages = with pkgs; [ + ]; + + # More Services services.udev.packages = [ - pkgs.libu2f-host - pkgs.yubikey-personalization - ]; + pkgs.libu2f-host + pkgs.yubikey-personalization + ]; services.udev.extraRules = '' # OnePlusOne ATTR{idVendor}=="05c6", ATTR{idProduct}=="6764", SYMLINK+="libmtp-%k", MODE="660", GROUP="audio", ENV{ID_MTP_DEVICE}="1", ENV{ID_MEDIA_PLAYER}="1", TAG+="uaccess" @@ -205,9 +267,24 @@ rec { }; }; + services.fprintd.enable = true; + security.pam.services = { + login.fprintAuth = true; + sudo.fprintAuth = true; + }; + + # required for running blueman-applet in user sessions + services.dbus.packages = with pkgs; [ + blueman + ]; + + # Kubernetes + # services.kubernetes.roles = ["master" "node"]; + # virtualization virtualisation = { libvirtd.enable = true; + libvirtd.qemuPackage = pkgs.qemu; virtualbox.host.enable = true; virtualbox.host.addNetworkInterface = true; docker.enable = true; diff --git a/pkg-configuration/config.nix b/pkg-configuration/config.nix index f3f9173..b7bcdab 100644 --- a/pkg-configuration/config.nix +++ b/pkg-configuration/config.nix @@ -1,239 +1,14 @@ { ... } @ args: + +# unused, switched to home-manager + let - gitpkgs = import /home/steveej/src/github/NixOS/nixpkgs {}; - unstablepkgs = import {}; - + stablepkgs = import {}; in { - # required by nox - permittedInsecurePackages = [ - "linux-4.13.16" - ]; - - allowBroken = true; - - chromium = { - enablePepperFlash = true; - enablePepperPDF = true; - }; - - firefox = { - enableGoogleTalkPlugin = true; - enableAdobeFlash = false; - }; - - pidgin = { - openssl = true; - gnutls = true; - }; - packageOverrides = stablepkgs: rec { - -# virtmanager = stablepkgs.virtmanager.overrideDerivation (oldAttrs: { -# patchPhase = '' -# sed -i "/'install_egg_info'/d" setup.py -# sed -i "s|self.cli_usbredir = None|self.cli_usbredir = True|" virtManager/config.py -# ''; -# }); - -# labshell = (import (unstablepkgs.fetchFromGitHub { -# owner = "htwg-syslab"; -# repo = "nix-expressions"; -# rev = "89040d81cf6147b1ebaae8eca059f4718400a01a"; -# sha256 = "1ci8xbbnj7bdcciq7ibqz8vfhs3ml7k4yx6m8f8whgwrhzk4c8wa"; -# }) { labshellExpressionsRemoteRev = "master"; } -# ).labshell; -# labshell - busyboxStatic = stablepkgs.busybox.override { - enableStatic = true; - extraConfig = '' - CONFIG_STATIC y - CONFIG_INSTALL_APPLET_DONT y - CONFIG_INSTALL_APPLET_SYMLINKS n - ''; - }; - - dropbearStatic = stablepkgs.dropbear.override { - enableStatic = true; - }; - userPackages = with stablepkgs; buildEnv { name = "userPackages"; - paths = [ - patchelf - nix-index - - busyboxStatic - #nixUnstable - #nox - unetbootin - - androidsdk - - #nixops - git-crypt - unstablepkgs.ansible2 - pijul - - picocom - roxterm - xorg.xbacklight - coreutils - lsof - pavucontrol - xscreensaver - x11_ssh_askpass - xdotool - xdg_utils - xdg-user-dirs - - exiv2 - htop - -# gnome3.nautilus -# gnome3.gvfs - #(with xfce; - # thunar.override { thunarPlugins = [ - # thunar_volman - # thunar-archive-plugin - # ]; - #}) - #xfce.gvfs - #xfce.xfce4icontheme - sshfsFuse - xarchive - p7zip - zip - unzip - gzip - - python - python3Packages.ipython - python3 - jre - openjdk - - - gnupg - pass - qtpass - yubikey-neo-manager - yubikey-personalization - yubikey-personalization-gui - - unstablepkgs.chromium - unstablepkgs.firefox - seafile-client - grive2 - dropbox - zathura - thunderbird - unstablepkgs.libreoffice - - pidgin - hexchat - gitpkgs.hunspellDicts.en-us - gitpkgs.hunspellDicts.de-any - aspellDicts.en - aspellDicts.de - unstablepkgs.skype - #zoom-us - - virtmanager - -# gnome3.dconf - qemu - vagrant - unstablepkgs.rkt - python27Packages.docker_compose - - remmina - freerdp - x2goclient - samba - - vlc - audacity - gitpkgs.spotify - - pdftk - calibre - imagemagick -# gnome3.eog - unstablepkgs.mendeley - - iptables - nftables - iperf - bind - - unstablepkgs.vscode - unstablepkgs.atom - gimp - inkscape - plantuml - umlet - graphviz - -# bundler -# bundix - - - - travis - jq - -# pandoc - unstablepkgs.texlive.combined.scheme-medium -# perlPackages.YAMLTiny - -# gnome3.pomodoro - - ntfs3g - ddrescue - ncdu - - xorg.xhost -# gitpkgs.wtftw - autorandr - arandr - -# numix-icon-theme -# numix-gtk-theme - gnome3.gnome_themes_standard - gnome3.adwaita-icon-theme - lxappearance - xorg.xcursorthemes - - openssl - mkpasswd - - hdparm - testdisk - wireshark - - - # games - zeroad - - - # Compilers & Toolchains - gcc - pkgconfig - binutils - valgrind - gdb - cgdb - man-pages - gnumake - - nodejs - emscripten - - ## Rust Development - rustup - capnproto - kcov - ]; + paths = []; }; }; } diff --git a/pkg-configuration/vim-derivates/neovim.nix b/pkg-configuration/vim-derivates/neovim.nix index c514d07..49f199f 100644 --- a/pkg-configuration/vim-derivates/neovim.nix +++ b/pkg-configuration/vim-derivates/neovim.nix @@ -9,8 +9,8 @@ pkgs.neovim.override { # add custom .vimrc lines like this: customRC = (import ./commonrc.nix {}) + '' " deoplete { - let g:deoplete#enable_at_startup = 1 - let g:deoplete#enable_smart_case = 1 + " let g:deoplete#enable_at_startup = 1 + " let g:deoplete#enable_smart_case = 1 " } '' + additionalRC; @@ -25,7 +25,7 @@ pkgs.neovim.override { "vim-colorschemes" "vim-colorstepper" "vim-signify" - "deoplete-nvim" + # "deoplete-nvim" ] ++ additionalPlugins; }; extraPythonPackages = [];