nixos-config: add live MMC system and extract commons

2018-10-29 00:54:49 +01:00 · 2018-10-29 00:54:49 +01:00 · f75ab8d271
commit f75ab8d271
parent 68ca11e4db
15 changed files with 771 additions and 40 deletions
--- a/nixos-configuration/common/steveej-live-usb/system.nix
+++ b/nixos-configuration/common/steveej-live-usb/system.nix
@ -0,0 +1,214 @@
+{ config, lib, pkgs, ... }:
+
+
+let
+
+in {
+  nix.binaryCachePublicKeys = [
+    # "hydra.nixos.org-1:CNHJZBh9K4tP3EKF6FkkgeVYsS3ohTl+oS0Qa8bezVs="
+  ];
+  nix.binaryCaches = [
+    "https://cache.nixos.org"
+    # "https://hydra.nixos.org"
+  ];
+  nix.trustedBinaryCaches = [
+    "https://cache.nixos.org"
+    # "https://hydra.nixos.org"
+  ];
+
+  nix.daemonNiceLevel = 19;
+  nix.daemonIONiceLevel = 7;
+  nix.maxJobs = lib.mkDefault 3;
+  nix.buildCores = 3;
+
+  nix.useSandbox = true;
+
+  networking.firewall.enable = true;
+  networking.firewall.checkReversePath = false;
+
+  networking.networkmanager = {
+    enable = true;
+    dns = "dnsmasq";
+    unmanaged = [
+      "interface-name:veth*"
+      "interface-name:virbr*"
+      "interface-name:br*"
+      "interface-name:*vbox*"
+      "interface-name:*cni*"
+    ];
+  };
+
+  environment.sessionVariables = {
+    NIXPKGS_ALLOW_UNFREE = "1";
+
+    # Don't create .pyc files.
+    PYTHONDONTWRITEBYTECODE = "1";
+  };
+
+  environment.etc."lvm/lvm.conf".text = ''
+    devices {
+      issue_discards = 1
+    }
+  '';
+
+  environment.pathsToLink = [ "/share/zsh" ];
+
+  # Fonts, I18N, Date ...
+  fonts = {
+    enableCoreFonts = true;
+  };
+
+  i18n = {
+    consoleFont = "lat9w-16";
+    defaultLocale = "en_US.UTF-8";
+  };
+  time.timeZone = "Europe/Berlin";
+  #time.timeZone = "America/Los_Angeles";
+
+  # Services
+  services.gpm.enable = true;
+  services.openssh.enable = true;
+  services.openssh.permitRootLogin = "yes";
+
+  services.gnome3 = {
+    gnome-disks.enable = false;
+    gnome-documents.enable = false;
+    gnome-online-miners.enable = false;
+    gnome-user-share.enable = false;
+    gnome-terminal-server.enable = false;
+    gpaste.enable = false;
+    sushi.enable = false;
+    tracker.enable = false;
+
+    # FIXME: gnome should be moved to user session
+    seahorse.enable = true;
+    gvfs.enable = true;
+    at-spi2-core.enable = true;
+    evolution-data-server.enable = true;
+    gnome-online-accounts.enable = true;
+    gnome-keyring.enable = true;
+  };
+
+  services.teamviewer.enable = false;
+
+  services.printing = {
+    enable = false;
+  };
+
+  services.pcscd.enable = true;
+  services.xserver = {
+    enable = true;
+    libinput.enable = true;
+    libinput.naturalScrolling = true;
+
+    videoDrivers = [ "qxl" "modesetting" "ati" "cirrus" "intel" "vesa" "vmware" "modesetting" ];
+    xkbVariant = "altgr-intl";
+    xkbOptions = "nodeadkeys";
+
+    desktopManager = {
+      # FIXME: gnome should be moved to user session
+      gnome3.enable = true;
+
+      xterm.enable = true;
+      plasma5.enable = false;
+    };
+
+    displayManager = {
+      gdm.enable = false;
+
+      lightdm = {
+        enable = true;
+        autoLogin = {
+          enable = true;
+          user = "steveej";
+        };
+        background = "${pkgs.nixos-artwork.wallpapers.simple-blue}/share/artwork/gnome/nix-wallpaper-simple-blue.png";
+      };
+
+      sessionCommands = ''
+      '';
+    };
+  };
+
+ # Package configuration
+  environment.systemPackages = with pkgs; [
+  ];
+
+  # More Services
+  services.udev.packages = [
+    pkgs.libu2f-host
+    pkgs.yubikey-personalization
+  ];
+  services.udev.extraRules = ''
+    # OnePlusOne
+    ATTR{idVendor}=="05c6", ATTR{idProduct}=="6764", SYMLINK+="libmtp-%k", MODE="660", GROUP="audio", ENV{ID_MTP_DEVICE}="1", ENV{ID_MEDIA_PLAYER}="1", TAG+="uaccess"
+    ATTR{idVendor}=="05c6", ATTR{idProduct}=="6765", SYMLINK+="libmtp-%k", MODE="660", GROUP="audio", ENV{ID_MTP_DEVICE}="1", ENV{ID_MEDIA_PLAYER}="1", TAG+="uaccess"
+
+    # Plantronics BackBeat PRO
+    SUBSYSTEM=="usb", ATTR{idVendor}=="047f", ATTR{idProduct}=="011a", GROUP="users", MODE="0777"
+    SUBSYSTEM=="usb", ATTR{idVendor}=="047f", ATTR{idProduct}=="fffe", GROUP="users", MODE="0777"
+    SUBSYSTEM=="usb", ATTR{idVendor}=="047f", ATTR{idProduct}=="0001", GROUP="users", MODE="0777"
+  ''
+      ;
+
+  services.packagekit.enable = true;
+
+  services.resolved.enable = false;
+  services.nix-serve.enable = false;
+
+  services.samba.enable = true;
+  services.samba.extraConfig = ''
+    client max protocol = SMB3
+  '';
+
+  # hardware related services
+  services.illum.enable = true;
+
+  hardware = {
+    bluetooth.enable = true;
+    pulseaudio = {
+      enable = true;
+      package = pkgs.pulseaudioFull;
+      support32Bit = true;
+    };
+  };
+
+  services.fprintd.enable = true;
+  security.pam.services = {
+    login.fprintAuth = true;
+    sudo.fprintAuth = true;
+  };
+
+  # required for running blueman-applet in user sessions
+  services.dbus.packages = with pkgs; [ 
+    blueman
+  ];
+
+  # virtualization
+  virtualisation = {
+    libvirtd.enable = false;
+    virtualbox.host.enable = false;
+    virtualbox.guest.enable = false;
+    docker.enable = true;
+  };
+
+  # Activation scripts for impure set up of paths in /
+  system.activationScripts.bin = ''
+    echo "setting up /bin..."
+    mkdir -p /bin
+    ln -sfT ${pkgs.bash}/bin/bash /bin/.bash
+    mv -Tf /bin/.bash /bin/bash
+  '';
+  system.activationScripts.etcX11sessinos = ''
+    echo "setting up /etc/X11/sessions..."
+    mkdir -p /etc/X11
+    ln -sfT ${config.services.xserver.displayManager.session.desktops} /etc/X11/.sessions
+    mv -Tf /etc/X11/.sessions /etc/X11/sessions
+  '';
+  system.activationScripts.lib64 = ''
+    echo "setting up /lib64..."
+    mkdir -p /lib64
+    ln -sfT ${pkgs.stdenv.glibc}/lib/ld-linux-x86-64.so.2 /lib64/.ld-linux-x86-64.so.2
+    mv -Tf /lib64/.ld-linux-x86-64.so.2 /lib64/ld-linux-x86-64.so.2
+  '';
+}