steveej-laptop: commit current config

* disable CPU wining * migrate system packages away to out-of-tree home-manger * vim: disable deoplete * enable the firewall * upgrade syntax for release 18.03 * enable gnome services (again)
2018-05-04 09:13:54 +02:00 · 2018-05-04 09:13:54 +02:00 · f3683fcda9
commit f3683fcda9
parent 81f953baee
7 changed files with 113 additions and 266 deletions
--- a/nixos-configuration/common/passwords.crypt.nix
+++ b/nixos-configuration/common/passwords.crypt.nix
--- a/nixos-configuration/common/pkg/default.nix
+++ b/nixos-configuration/common/pkg/default.nix
@ -3,15 +3,6 @@
 {
  # Package configuration
  environment.systemPackages = with pkgs; [
    nix-repl
 #    ( busybox.override {
 #        extraConfig = ''
 #          CONFIG_STATIC y
 #          CONFIG_INSTALL_APPLET_DONT y
 #          CONFIG_INSTALL_APPLET_SYMLINKS n
 #        '';
 #    })
    elfutils
    exfat
    file
--- a/nixos-configuration/steveej-laptop/boot.nix
+++ b/nixos-configuration/steveej-laptop/boot.nix
@ -2,14 +2,17 @@
 {
  boot.kernelPackages = pkgs.linuxPackages_latest;
  #boot.kernelPackages = pkgs.myLinuxPackages;
  # Bootloader, initrd and Kernel
  boot.loader.grub.enable = true;
  boot.loader.grub.enableCryptodisk = true;
  boot.loader.grub.version = 2;
-  # Workaround for nm-pptp
+  # workaround to disable CPU wining
  # current CPU has 9 idle cstates.
  boot.kernelParams = [ "intel_idle.max_cstate=0" ]; 
  # Workaround for nm-pptp to enforce module load
  boot.kernelModules = [ 
      "nf_conntrack_proto_gre"
      "nf_conntrack_pptp"
--- a/nixos-configuration/steveej-laptop/pkg.nix
+++ b/nixos-configuration/steveej-laptop/pkg.nix
@ -3,6 +3,7 @@
  ... }:
 let
  gitpkgs = import /home/steveej/src/github/NixOS/nixpkgs {};
 in
 {
--- a/nixos-configuration/steveej-laptop/system.nix
+++ b/nixos-configuration/steveej-laptop/system.nix
@ -1,26 +1,62 @@
 { config, lib, pkgs, ... }:
 let
  gitpkgs = import /home/steveej/src/github/NixOS/nixpkgs {};
 in 
 rec {
  nix.binaryCachePublicKeys = [
-    "hydra.nixos.org-1:CNHJZBh9K4tP3EKF6FkkgeVYsS3ohTl+oS0Qa8bezVs="
+    # "hydra.nixos.org-1:CNHJZBh9K4tP3EKF6FkkgeVYsS3ohTl+oS0Qa8bezVs="
  ];
  nix.binaryCaches = [
    "https://cache.nixos.org"
-    "https://hydra.nixos.org"
+    # "https://hydra.nixos.org"
  ];
  nix.trustedBinaryCaches = [
    "https://cache.nixos.org"
-    "https://hydra.nixos.org"
+    # "https://hydra.nixos.org"
  ];
  nix.daemonNiceLevel = 19;
  nix.daemonIONiceLevel = 7;
  nix.package = pkgs.nixUnstable;
  nix.useSandbox = true;
  # The NixOS release to be compatible with for stateful data such as databases.
  # system.stateVersion = "unstable";
  networking.hostName = "steveej-laptop"; # Define your hostname.
-  networking.firewall.enable = false;
+  networking.hosts = {
    "160.85.37.177" = [ "splabchat" ];
  };
  networking.firewall.enable = true;
  networking.firewall.checkReversePath = false;
  # Provide a NAT/DHCP Router
  #
  # networking.nat.enable = true;
  # networking.nat.internalInterfaces = [ "enp0s20f0u4u1u3" ];
  # networking.nat.externalInterface = "wlp1s0";
  # networking.interfaces."enp0s20f0u4u1u3".ipv4.addresses = [
  #     { address = "10.254.253.254"; prefixLength = 24; }
  # ];
  # services.dnsmasq = {
  #   enable = true;
  #   servers = [ "8.8.8.8" "8.8.4.4" ];
  #   extraConfig = ''
  #     domain=lan
  #     interface=enp0s20f0u4u1u3
  #     bind-interfaces
  #     dhcp-range=10.254.253.100,10.254.253.199,1h
  #   '';
  # };
  networking.networkmanager = {
    enable = true;
    unmanaged = [
@ -33,7 +69,7 @@ rec {
  };
  networking.bridges."virbr1".interfaces = [];
-  networking.interfaces."virbr1".ip4 = [
+  networking.interfaces."virbr1".ipv4.addresses = [
      { address = "10.254.254.254"; prefixLength = 24; }
  ];
@ -94,9 +130,6 @@ rec {
    '';
  };
   # Package configuration
   environment.systemPackages = with pkgs; [
   ];
  environment.sessionVariables = {
    EDITOR = "vim";
@ -129,11 +162,33 @@ rec {
  services.openssh.enable = true;
  services.openssh.permitRootLogin = "yes";
  services.gnome3 = {
    gnome-disks.enable = false;
    gnome-documents.enable = false;
    gnome-online-miners.enable = false;
    gnome-user-share.enable = false;
    gnome-terminal-server.enable = false;
    gpaste.enable = false;
    sushi.enable = false;
    tracker.enable = false;
    # FIXME: gnome should be moved to user session
    seahorse.enable = true;
    gvfs.enable = true;
    at-spi2-core.enable = true;
    evolution-data-server.enable = true;
    gnome-online-accounts.enable = true;
    gnome-keyring.enable = true;
  };
  services.teamviewer.enable = false;
  services.printing = {
    enable = true;
-    drivers = [ pkgs.hplip ];
+    drivers = [ 
      pkgs.hplip
      gitpkgs.cups-kyodialog3
    ];
  };
  services.pcscd.enable = true;
@ -146,31 +201,38 @@ rec {
    xkbVariant = "altgr-intl";
    xkbOptions = "nodeadkeys,caps:swapescape";
    windowManager.qtile.enable = true;
    windowManager.default = "qtile";
    desktopManager = {
      # FIXME: gnome should be moved to user session
      gnome3.enable = true;
      xterm.enable = true;
      plasma5.enable = false;
    };
    displayManager = {
-      gdm.enable = true;
+      lightdm = {
-      gdm.wayland = false;
+        enable = true;
-        # ${pkgs.xautolock}/bin/xautolock -time 10 -locker slimlock &
+        autoLogin = {
-        # ${pkgs.redshift}/bin/redshift-gtk -v -b 1.0:1.0 -l 47.6691:9.1698 -t 7000:4500 -m randr &
+          enable = true;
          user = "steveej";
        };
        background = "${pkgs.nixos-artwork.wallpapers.simple-blue}/share/artwork/gnome/nix-wallpaper-simple-blue.png";
      };
      sessionCommands = ''
        ${pkgs.redshift}/bin/redshift-gtk -v -l 47.6691:9.1698 -t 7000:4500 -m randr &
        ${pkgs.networkmanagerapplet}/bin/nm-applet &
        ${pkgs.xorg.xsetroot}/bin/xsetroot -solid darkblue &
        ${pkgs.autorandr}/bin/autorandr -l common &
      '';
    };
  };
 # Package configuration
  environment.systemPackages = with pkgs; [
  ];
  # More Services
  services.udev.packages = [
-      pkgs.libu2f-host
+    pkgs.libu2f-host
-      pkgs.yubikey-personalization
+    pkgs.yubikey-personalization
-    ];
+  ];
  services.udev.extraRules = ''
    # OnePlusOne
    ATTR{idVendor}=="05c6", ATTR{idProduct}=="6764", SYMLINK+="libmtp-%k", MODE="660", GROUP="audio", ENV{ID_MTP_DEVICE}="1", ENV{ID_MEDIA_PLAYER}="1", TAG+="uaccess"
@ -205,9 +267,24 @@ rec {
    };
  };
  services.fprintd.enable = true;
  security.pam.services = {
    login.fprintAuth = true;
    sudo.fprintAuth = true;
  };
  # required for running blueman-applet in user sessions
  services.dbus.packages = with pkgs; [ 
    blueman
  ];
  # Kubernetes
  # services.kubernetes.roles = ["master" "node"];
  # virtualization
  virtualisation = {
    libvirtd.enable = true;
    libvirtd.qemuPackage = pkgs.qemu;
    virtualbox.host.enable = true;
    virtualbox.host.addNetworkInterface = true;
    docker.enable = true;
--- a/pkg-configuration/config.nix
+++ b/pkg-configuration/config.nix
@ -1,239 +1,14 @@
 { ... } @ args:
 # unused, switched to home-manager
 let
-  gitpkgs = import /home/steveej/src/github/NixOS/nixpkgs {};
+  stablepkgs = import <nixos> {};
  unstablepkgs = import <nixos-unstable> {};
 in {
  # required by nox
  permittedInsecurePackages = [
    "linux-4.13.16"
  ];
  allowBroken = true;
  chromium = {
    enablePepperFlash = true;
    enablePepperPDF = true;
  };
  firefox = {
    enableGoogleTalkPlugin = true;
    enableAdobeFlash = false;
  };
  pidgin = {
    openssl = true;
    gnutls = true;
  };
  packageOverrides = stablepkgs: rec {
 #    virtmanager = stablepkgs.virtmanager.overrideDerivation (oldAttrs: {
 #      patchPhase = ''
 #        sed -i "/'install_egg_info'/d" setup.py
 #        sed -i "s|self.cli_usbredir = None|self.cli_usbredir = True|" virtManager/config.py
 #      '';
 #    });
 #    labshell = (import (unstablepkgs.fetchFromGitHub {
 #          owner = "htwg-syslab";
 #          repo = "nix-expressions";
 #          rev = "89040d81cf6147b1ebaae8eca059f4718400a01a";
 #          sha256 = "1ci8xbbnj7bdcciq7ibqz8vfhs3ml7k4yx6m8f8whgwrhzk4c8wa";
 #        }) { labshellExpressionsRemoteRev = "master"; }
 #      ).labshell;
 #     labshell
    busyboxStatic =  stablepkgs.busybox.override {
      enableStatic = true;
      extraConfig = ''
         CONFIG_STATIC y
         CONFIG_INSTALL_APPLET_DONT y
         CONFIG_INSTALL_APPLET_SYMLINKS n
       '';
    };
    dropbearStatic = stablepkgs.dropbear.override {
      enableStatic = true;
    };
    userPackages = with stablepkgs; buildEnv {
      name = "userPackages";
-      paths = [
+      paths = [];
        patchelf
        nix-index
        busyboxStatic 
        #nixUnstable
        #nox
        unetbootin
        androidsdk
        #nixops
        git-crypt
        unstablepkgs.ansible2
        pijul
        picocom
        roxterm
        xorg.xbacklight
        coreutils
        lsof
        pavucontrol
        xscreensaver
        x11_ssh_askpass
        xdotool
        xdg_utils
        xdg-user-dirs
        exiv2
        htop
 #        gnome3.nautilus
 #        gnome3.gvfs
        #(with xfce; 
        #  thunar.override { thunarPlugins = [
        #    thunar_volman
        #    thunar-archive-plugin
        #  ];
        #})
        #xfce.gvfs
        #xfce.xfce4icontheme
        sshfsFuse
        xarchive
        p7zip
        zip
        unzip
        gzip
        python
        python3Packages.ipython
        python3
        jre
        openjdk
        gnupg
        pass
        qtpass
        yubikey-neo-manager
        yubikey-personalization
        yubikey-personalization-gui
        unstablepkgs.chromium
        unstablepkgs.firefox
        seafile-client
        grive2
        dropbox
        zathura
        thunderbird
        unstablepkgs.libreoffice
        pidgin
        hexchat
        gitpkgs.hunspellDicts.en-us
        gitpkgs.hunspellDicts.de-any
        aspellDicts.en
        aspellDicts.de
        unstablepkgs.skype
        #zoom-us
        virtmanager
 #        gnome3.dconf
        qemu
        vagrant
        unstablepkgs.rkt
        python27Packages.docker_compose
        remmina
        freerdp
        x2goclient
        samba
        vlc
        audacity
        gitpkgs.spotify
        pdftk
        calibre
        imagemagick
 #        gnome3.eog
        unstablepkgs.mendeley
        iptables
        nftables
        iperf
        bind
        unstablepkgs.vscode
        unstablepkgs.atom
        gimp
        inkscape
        plantuml
        umlet
        graphviz
 #        bundler
 #        bundix
        travis
        jq
 #        pandoc
        unstablepkgs.texlive.combined.scheme-medium
 #        perlPackages.YAMLTiny
 #        gnome3.pomodoro
        ntfs3g
        ddrescue
        ncdu
        xorg.xhost
 #        gitpkgs.wtftw
        autorandr
        arandr
 #        numix-icon-theme
 #        numix-gtk-theme
        gnome3.gnome_themes_standard
        gnome3.adwaita-icon-theme
        lxappearance
        xorg.xcursorthemes
        openssl
        mkpasswd
        hdparm
        testdisk
        wireshark
        # games
        zeroad
        # Compilers & Toolchains
        gcc
        pkgconfig
        binutils
        valgrind
        gdb
        cgdb
        man-pages
        gnumake
        nodejs
        emscripten
        ## Rust Development
        rustup
        capnproto
        kcov
      ];
    };
  };
 }
--- a/pkg-configuration/vim-derivates/neovim.nix
+++ b/pkg-configuration/vim-derivates/neovim.nix
@ -9,8 +9,8 @@ pkgs.neovim.override {
    # add custom .vimrc lines like this:
    customRC = (import ./commonrc.nix {}) + ''
      " deoplete {
-      let g:deoplete#enable_at_startup = 1
+      " let g:deoplete#enable_at_startup = 1
-      let g:deoplete#enable_smart_case = 1
+      " let g:deoplete#enable_smart_case = 1
      " }
    '' + additionalRC;
@ -25,7 +25,7 @@ pkgs.neovim.override {
      "vim-colorschemes"
      "vim-colorstepper"
      "vim-signify"
-      "deoplete-nvim"
+      # "deoplete-nvim"
    ] ++ additionalPlugins;
  };
  extraPythonPackages = [];