steveej/infra
1
0
Fork 0
Code Issues 2 Pull requests Projects Releases Packages Wiki Activity Actions

steveej-laptop: commit current config

Browse source 
* disable CPU wining
* migrate system packages away to out-of-tree home-manger
* vim: disable deoplete
* enable the firewall
* upgrade syntax for release 18.03
* enable gnome services (again)
This commit is contained in:
steveej 2018-05-04 09:13:54 +02:00
parent 81f953baee
commit f3683fcda9
7 changed files with 113 additions and 266 deletions
Download patch file Download diff file Expand all files Collapse all files

BIN
nixos-configuration/common/passwords.crypt.nix
View file

Binary file not shown.

9
nixos-configuration/common/pkg/default.nix
View file

@ -3,15 +3,6 @@
{
# Package configuration
environment.systemPackages = with pkgs; [
nix-repl
# ( busybox.override {
# extraConfig = ''
# CONFIG_STATIC y
# CONFIG_INSTALL_APPLET_DONT y
# CONFIG_INSTALL_APPLET_SYMLINKS n
# '';
# })
elfutils
exfat
file

7
nixos-configuration/steveej-laptop/boot.nix
View file

@ -2,14 +2,17 @@
{
boot.kernelPackages = pkgs.linuxPackages_latest;
#boot.kernelPackages = pkgs.myLinuxPackages;
# Bootloader, initrd and Kernel
boot.loader.grub.enable = true;
boot.loader.grub.enableCryptodisk = true;
boot.loader.grub.version = 2;
# Workaround for nm-pptp
# workaround to disable CPU wining
# current CPU has 9 idle cstates.
boot.kernelParams = [ "intel_idle.max_cstate=0" ];
# Workaround for nm-pptp to enforce module load
boot.kernelModules = [
"nf_conntrack_proto_gre"
"nf_conntrack_pptp"

1
nixos-configuration/steveej-laptop/pkg.nix
View file

@ -3,6 +3,7 @@
... }:
let
gitpkgs = import /home/steveej/src/github/NixOS/nixpkgs {};
in
{

121
nixos-configuration/steveej-laptop/system.nix
View file

@ -1,26 +1,62 @@
{ config, lib, pkgs, ... }:
let
gitpkgs = import /home/steveej/src/github/NixOS/nixpkgs {};
in
rec {
nix.binaryCachePublicKeys = [
"hydra.nixos.org-1:CNHJZBh9K4tP3EKF6FkkgeVYsS3ohTl+oS0Qa8bezVs="
# "hydra.nixos.org-1:CNHJZBh9K4tP3EKF6FkkgeVYsS3ohTl+oS0Qa8bezVs="
];
nix.binaryCaches = [
"https://cache.nixos.org"
"https://hydra.nixos.org"
# "https://hydra.nixos.org"
];
nix.trustedBinaryCaches = [
"https://cache.nixos.org"
"https://hydra.nixos.org"
# "https://hydra.nixos.org"
];
nix.daemonNiceLevel = 19;
nix.daemonIONiceLevel = 7;
nix.package = pkgs.nixUnstable;
nix.useSandbox = true;
# The NixOS release to be compatible with for stateful data such as databases.
# system.stateVersion = "unstable";
networking.hostName = "steveej-laptop"; # Define your hostname.
networking.firewall.enable = false;
networking.hosts = {
"160.85.37.177" = [ "splabchat" ];
};
networking.firewall.enable = true;
networking.firewall.checkReversePath = false;
# Provide a NAT/DHCP Router
#
# networking.nat.enable = true;
# networking.nat.internalInterfaces = [ "enp0s20f0u4u1u3" ];
# networking.nat.externalInterface = "wlp1s0";
# networking.interfaces."enp0s20f0u4u1u3".ipv4.addresses = [
# { address = "10.254.253.254"; prefixLength = 24; }
# ];
# services.dnsmasq = {
# enable = true;
# servers = [ "8.8.8.8" "8.8.4.4" ];
# extraConfig = ''
# domain=lan
# interface=enp0s20f0u4u1u3
# bind-interfaces
# dhcp-range=10.254.253.100,10.254.253.199,1h
# '';
# };
networking.networkmanager = {
enable = true;
unmanaged = [
@ -33,7 +69,7 @@ rec {
};
networking.bridges."virbr1".interfaces = [];
networking.interfaces."virbr1".ip4 = [
networking.interfaces."virbr1".ipv4.addresses = [
{ address = "10.254.254.254"; prefixLength = 24; }
];
@ -94,9 +130,6 @@ rec {
'';
};
# Package configuration
environment.systemPackages = with pkgs; [
];
environment.sessionVariables = {
EDITOR = "vim";
@ -129,11 +162,33 @@ rec {
services.openssh.enable = true;
services.openssh.permitRootLogin = "yes";
services.gnome3 = {
gnome-disks.enable = false;
gnome-documents.enable = false;
gnome-online-miners.enable = false;
gnome-user-share.enable = false;
gnome-terminal-server.enable = false;
gpaste.enable = false;
sushi.enable = false;
tracker.enable = false;
# FIXME: gnome should be moved to user session
seahorse.enable = true;
gvfs.enable = true;
at-spi2-core.enable = true;
evolution-data-server.enable = true;
gnome-online-accounts.enable = true;
gnome-keyring.enable = true;
};
services.teamviewer.enable = false;
services.printing = {
enable = true;
drivers = [ pkgs.hplip ];
drivers = [
pkgs.hplip
gitpkgs.cups-kyodialog3
];
};
services.pcscd.enable = true;
@ -146,31 +201,38 @@ rec {
xkbVariant = "altgr-intl";
xkbOptions = "nodeadkeys,caps:swapescape";
windowManager.qtile.enable = true;
windowManager.default = "qtile";
desktopManager = {
# FIXME: gnome should be moved to user session
gnome3.enable = true;
xterm.enable = true;
plasma5.enable = false;
};
displayManager = {
gdm.enable = true;
gdm.wayland = false;
# ${pkgs.xautolock}/bin/xautolock -time 10 -locker slimlock &
# ${pkgs.redshift}/bin/redshift-gtk -v -b 1.0:1.0 -l 47.6691:9.1698 -t 7000:4500 -m randr &
lightdm = {
enable = true;
autoLogin = {
enable = true;
user = "steveej";
};
background = "${pkgs.nixos-artwork.wallpapers.simple-blue}/share/artwork/gnome/nix-wallpaper-simple-blue.png";
};
sessionCommands = ''
${pkgs.redshift}/bin/redshift-gtk -v -l 47.6691:9.1698 -t 7000:4500 -m randr &
${pkgs.networkmanagerapplet}/bin/nm-applet &
${pkgs.xorg.xsetroot}/bin/xsetroot -solid darkblue &
${pkgs.autorandr}/bin/autorandr -l common &
'';
};
};
# Package configuration
environment.systemPackages = with pkgs; [
];
# More Services
services.udev.packages = [
pkgs.libu2f-host
pkgs.yubikey-personalization
];
pkgs.libu2f-host
pkgs.yubikey-personalization
];
services.udev.extraRules = ''
# OnePlusOne
ATTR{idVendor}=="05c6", ATTR{idProduct}=="6764", SYMLINK+="libmtp-%k", MODE="660", GROUP="audio", ENV{ID_MTP_DEVICE}="1", ENV{ID_MEDIA_PLAYER}="1", TAG+="uaccess"
@ -205,9 +267,24 @@ rec {
};
};
services.fprintd.enable = true;
security.pam.services = {
login.fprintAuth = true;
sudo.fprintAuth = true;
};
# required for running blueman-applet in user sessions
services.dbus.packages = with pkgs; [
blueman
];
# Kubernetes
# services.kubernetes.roles = ["master" "node"];
# virtualization
virtualisation = {
libvirtd.enable = true;
libvirtd.qemuPackage = pkgs.qemu;
virtualbox.host.enable = true;
virtualbox.host.addNetworkInterface = true;
docker.enable = true;

235
pkg-configuration/config.nix
View file

@ -1,239 +1,14 @@
{ ... } @ args:
# unused, switched to home-manager
let
gitpkgs = import /home/steveej/src/github/NixOS/nixpkgs {};
unstablepkgs = import <nixos-unstable> {};
stablepkgs = import <nixos> {};
in {
# required by nox
permittedInsecurePackages = [
"linux-4.13.16"
];
allowBroken = true;
chromium = {
enablePepperFlash = true;
enablePepperPDF = true;
};
firefox = {
enableGoogleTalkPlugin = true;
enableAdobeFlash = false;
};
pidgin = {
openssl = true;
gnutls = true;
};
packageOverrides = stablepkgs: rec {
# virtmanager = stablepkgs.virtmanager.overrideDerivation (oldAttrs: {
# patchPhase = ''
# sed -i "/'install_egg_info'/d" setup.py
# sed -i "s|self.cli_usbredir = None|self.cli_usbredir = True|" virtManager/config.py
# '';
# });
# labshell = (import (unstablepkgs.fetchFromGitHub {
# owner = "htwg-syslab";
# repo = "nix-expressions";
# rev = "89040d81cf6147b1ebaae8eca059f4718400a01a";
# sha256 = "1ci8xbbnj7bdcciq7ibqz8vfhs3ml7k4yx6m8f8whgwrhzk4c8wa";
# }) { labshellExpressionsRemoteRev = "master"; }
# ).labshell;
# labshell
busyboxStatic = stablepkgs.busybox.override {
enableStatic = true;
extraConfig = ''
CONFIG_STATIC y
CONFIG_INSTALL_APPLET_DONT y
CONFIG_INSTALL_APPLET_SYMLINKS n
'';
};
dropbearStatic = stablepkgs.dropbear.override {
enableStatic = true;
};
userPackages = with stablepkgs; buildEnv {
name = "userPackages";
paths = [
patchelf
nix-index
busyboxStatic
#nixUnstable
#nox
unetbootin
androidsdk
#nixops
git-crypt
unstablepkgs.ansible2
pijul
picocom
roxterm
xorg.xbacklight
coreutils
lsof
pavucontrol
xscreensaver
x11_ssh_askpass
xdotool
xdg_utils
xdg-user-dirs
exiv2
htop
# gnome3.nautilus
# gnome3.gvfs
#(with xfce;
# thunar.override { thunarPlugins = [
# thunar_volman
# thunar-archive-plugin
# ];
#})
#xfce.gvfs
#xfce.xfce4icontheme
sshfsFuse
xarchive
p7zip
zip
unzip
gzip
python
python3Packages.ipython
python3
jre
openjdk
gnupg
pass
qtpass
yubikey-neo-manager
yubikey-personalization
yubikey-personalization-gui
unstablepkgs.chromium
unstablepkgs.firefox
seafile-client
grive2
dropbox
zathura
thunderbird
unstablepkgs.libreoffice
pidgin
hexchat
gitpkgs.hunspellDicts.en-us
gitpkgs.hunspellDicts.de-any
aspellDicts.en
aspellDicts.de
unstablepkgs.skype
#zoom-us
virtmanager
# gnome3.dconf
qemu
vagrant
unstablepkgs.rkt
python27Packages.docker_compose
remmina
freerdp
x2goclient
samba
vlc
audacity
gitpkgs.spotify
pdftk
calibre
imagemagick
# gnome3.eog
unstablepkgs.mendeley
iptables
nftables
iperf
bind
unstablepkgs.vscode
unstablepkgs.atom
gimp
inkscape
plantuml
umlet
graphviz
# bundler
# bundix
travis
jq
# pandoc
unstablepkgs.texlive.combined.scheme-medium
# perlPackages.YAMLTiny
# gnome3.pomodoro
ntfs3g
ddrescue
ncdu
xorg.xhost
# gitpkgs.wtftw
autorandr
arandr
# numix-icon-theme
# numix-gtk-theme
gnome3.gnome_themes_standard
gnome3.adwaita-icon-theme
lxappearance
xorg.xcursorthemes
openssl
mkpasswd
hdparm
testdisk
wireshark
# games
zeroad
# Compilers & Toolchains
gcc
pkgconfig
binutils
valgrind
gdb
cgdb
man-pages
gnumake
nodejs
emscripten
## Rust Development
rustup
capnproto
kcov
];
paths = [];
};
};
}

6
pkg-configuration/vim-derivates/neovim.nix
View file

@ -9,8 +9,8 @@ pkgs.neovim.override {
# add custom .vimrc lines like this:
customRC = (import ./commonrc.nix {}) + ''
" deoplete {
let g:deoplete#enable_at_startup = 1
let g:deoplete#enable_smart_case = 1
" let g:deoplete#enable_at_startup = 1
" let g:deoplete#enable_smart_case = 1
" }
'' + additionalRC;
@ -25,7 +25,7 @@ pkgs.neovim.override {
"vim-colorschemes"
"vim-colorstepper"
"vim-signify"
"deoplete-nvim"
# "deoplete-nvim"
] ++ additionalPlugins;
};
extraPythonPackages = [];