maralorn/nixos-config
1
0
Fork 0
Code Wiki Activity

Simplify setup and remove some packages

Browse source
This commit is contained in:
Malte 2022-12-05 18:38:36 +01:00
parent f74599e97d
commit 46fb6f58cc
19 changed files with 260 additions and 373 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
home-manager/machines.nix
View file

@ -42,7 +42,6 @@ let
};
on-my-machines = [
./roles/on-my-machine.nix
./roles/accounting.nix
./roles/mail.nix
./roles/firefox.nix
./roles/kassandra.nix
@ -61,7 +60,6 @@ let
(makeAutostart "kassandra2")
(makeAutostart "unlock-ssh")
./roles/beets.nix
./roles/daily-driver-programs.nix
./roles/desktop-items.nix
./roles/desktop.nix
./roles/git-sign.nix
@ -73,14 +71,13 @@ let
./roles/mpd.nix
./roles/pythia.nix
./roles/research.nix
#./roles/night-shutdown.nix
./roles/night-shutdown.nix
./roles/tinkering.nix
./roles/wallpaper.nix
./roles/zettelkasten.nix
./roles/kitty.nix
];
orgaExtra = [
./roles/accounting.nix
./roles/mail-client.nix
./roles/pythia.nix
./roles/tinkering.nix

3
home-manager/roles/accounting.nix
View file

@ -1,3 +0,0 @@
{pkgs, ...}: {
home.packages = builtins.attrValues pkgs.accounting-pkgs;
}

65
home-manager/roles/daily-driver-programs.nix
View file

@ -1,65 +0,0 @@
{
pkgs,
lib,
config,
...
}: {
imports = [./mpv];
home.packages = builtins.attrValues rec {
zoom = pkgs.zoom-us.overrideAttrs (old: {
postFixup =
old.postFixup
+ ''
wrapProgram $out/bin/zoom-us --unset XDG_SESSION_TYPE
wrapProgram $out/bin/zoom --unset XDG_SESSION_TYPE
'';
});
mic-check = pkgs.writeShellScriptBin "mic-check" ''
echo "Activating loopback!"
${pkgs.pulseaudio}/bin/pactl load-module module-loopback
echo "Can your hear yourself? Fix audio setup! Then press enter "
read
echo "Deactivating loopback!"
${pkgs.pulseaudio}/bin/pactl unload-module module-loopback
echo "Continuing "
'';
inherit (pkgs.gnome) nautilus;
inherit (pkgs.xorg) xbacklight;
inherit
(pkgs)
# web
chromium
mumble
upower
speedtest-cli
acpi
# tools & office
feh
gimp
imagemagick
libreoffice-fresh
xournal
musescore
handbrake
evince
abcde
beets
zbar
# media
ncpamixer
pavucontrol
playerctl
deluge
gmpc
vlc
youtube-dl
spotdl
ffmpeg
syncplay
;
};
}

41
home-manager/roles/default.nix
View file

@ -56,7 +56,6 @@
enable = true;
escapeTime = 1;
historyLimit = 50000;
terminal = "screen-256color";
extraConfig = ''
set -g set-titles on
set -g status off
@ -134,17 +133,47 @@
home = {
packages =
builtins.attrValues pkgs.home-pkgs
builtins.attrValues {
inherit
(pkgs)
go
gdb
mpc_cli
ncmpcpp
shfmt
astyle
nodejs
tasksh
magic-wormhole
alejandra
rustup
nix-top
ghcWithPackages
ghcid
matrix-commander
upterm
lazygit
gh
ledger
aqbanking
;
inherit (pkgs.haskellPackages) hledger hledger-ui hledger-web;
pass-fzf = pkgs.writeShellScriptBin "pass-fzf" (builtins.readFile ./pass-fzf.sh);
mytmux = pkgs.writeShellScriptBin "mytmux" ''
session=$(${pkgs.tmux}/bin/tmux ls | grep -v attached | head -1 | cut -f1 -d:)
if [[ -n $session ]]; then
exec ${pkgs.tmux}/bin/tmux attach -t $session;
else
exec ${pkgs.tmux}/bin/tmux;
fi
'';
}
++ [
(
pkgs.writeShellScriptBin "unlock-ssh" ''
SSH_ASKPASS="print-ssh-pw" DISPLAY="a" ssh-add < /dev/null
''
)
(
pkgs.writeShellScriptBin "print-radicle-pw"
"pass show etc/radicle/${config.m-0.hostName}"
)
(
pkgs.writeShellScriptBin "print-ssh-pw"
"pass show eu/m-0/${config.m-0.hostName}.m-0.eu/ssh-key"

84
home-manager/roles/desktop.nix
View file

@ -1,9 +1,91 @@
{pkgs, ...}: let
inherit (import ../../lib) colors;
in {
imports = [./mpv];
m-0.colors = colors;
home = {
packages = builtins.attrValues pkgs.desktop-pkgs;
packages = builtins.attrValues rec {
zoom = pkgs.zoom-us.overrideAttrs (old: {
postFixup =
old.postFixup
+ ''
wrapProgram $out/bin/zoom-us --unset XDG_SESSION_TYPE
wrapProgram $out/bin/zoom --unset XDG_SESSION_TYPE
'';
});
mic-check = pkgs.writeShellScriptBin "mic-check" ''
echo "Activating loopback!"
${pkgs.pulseaudio}/bin/pactl load-module module-loopback
echo "Can your hear yourself? Fix audio setup! Then press enter "
read
echo "Deactivating loopback!"
${pkgs.pulseaudio}/bin/pactl unload-module module-loopback
echo "Continuing "
'';
inherit (pkgs.gnome) nautilus;
inherit (pkgs.xorg) xbacklight;
inherit
(pkgs)
# web
chromium
mumble
upower
speedtest-cli
acpi
# tools & office
feh
gimp
imagemagick
libreoffice-fresh
xournal
musescore
handbrake
evince
abcde
beets
zbar
# media
ncpamixer
pavucontrol
playerctl
deluge
gmpc
vlc
youtube-dl
spotdl
ffmpeg
syncplay
esphome
# To flash devices
esptool
# provides esptool.py
lm_sensors
xwayland
xdg_utils
libnotify
kassandra
shotcut
audacity
paprefs
wl-clipboard
dconf2nix
chrysalis
;
inherit
(pkgs.gnome)
dconf-editor
gnome-tweaks
adwaita-icon-theme
gnome-session
;
};
file.".zprofile".text = ". $HOME/.nix-profile/etc/profile.d/hm-session-vars.sh";
};
gtk = {

8
home-manager/roles/gnome.nix
View file

@ -17,10 +17,16 @@
removable-drive-menu
highlight-focus
mouse-follows-focus
executor
gtile
caffeine
;
executor = pkgs.gnomeExtensions.executor.overrideAttrs (old: {
postInstall =
(old.postInstall or "")
+ ''
substituteInPlace $out/share/gnome-shell/extensions/executor@raujonas.github.io/extension.js --replace "'/bin/bash'" "'bash'"
'';
});
};
inherit (lib.hm.gvariant) mkTuple;
in {

1
home-manager/roles/on-my-machine.nix
View file

@ -7,6 +7,5 @@
home = {
username = "maralorn";
homeDirectory = "/home/maralorn";
packages = builtins.attrValues pkgs.my-home-pkgs;
};
}

0
overlays/pass-fzf.sh → home-manager/roles/pass-fzf.sh
View file

44
nixos/machines/apollo/configuration.nix
View file

@ -19,6 +19,7 @@ in {
../../roles/boot-key.nix
../../roles/standalone
../../roles/metal.nix
../../roles/display-server.nix
(import ../../roles/monitoring/folder-size-exporter.nix {
folders = [
"/"
@ -69,29 +70,11 @@ in {
};
};
programs = {
adb.enable = true;
sway.enable = true;
seahorse.enable = lib.mkForce false;
dconf.enable = true;
};
security.rtkit.enable = true;
services = {
pipewire = {
enable = lib.mkForce false;
};
fwupd.enable = true;
upower.enable = true;
printing = {
enable = true;
drivers = [pkgs.gutenprint pkgs.hplip];
};
udev.extraRules = ''
ACTION=="add", SUBSYSTEM=="backlight", KERNEL=="intel_backlight", RUN+="${pkgs.coreutils}/bin/chgrp video /sys/class/backlight/%k/brightness"
ACTION=="add", SUBSYSTEM=="backlight", KERNEL=="intel_backlight", RUN+="${pkgs.coreutils}/bin/chmod g+w /sys/class/backlight/%k/brightness"
'';
fstrim.enable = true;
snapper = {
configs.home = {
subvolume = "/home";
@ -121,31 +104,6 @@ in {
key = pkgs.privatePath "syncthing/apollo/key.pem";
}
// syncthing.declarativeWith ["hera" "zeus" "pegasus"] "/home/maralorn/media";
xserver = {
enable = true;
displayManager = {
autoLogin = {
enable = true;
user = "maralorn";
};
gdm.enable = true;
};
desktopManager.gnome.enable = true;
};
gnome = {
evolution-data-server.enable = lib.mkForce false;
gnome-keyring.enable = lib.mkForce false;
at-spi2-core.enable = lib.mkForce false;
tracker.enable = false;
tracker-miners.enable = false;
gnome-online-miners.enable = lib.mkForce false;
};
};
boot.kernel.sysctl."fs.inotify.max_user_watches" = 204800;
console.keyMap = "neo";
sound.enable = true;
system.stateVersion = "19.09";
}

7
nixos/machines/fluffy/configuration.nix
View file

@ -125,14 +125,11 @@ in {
};
};
};
programs = {
ssh = {
startAgent = true;
};
};
security.rtkit.enable = true;
hardware.printers = {
ensureDefaultPrinter = "Klio";
ensurePrinters = [
@ -150,7 +147,6 @@ in {
path = "/backup/hera-borg-repo";
authorizedKeys = pkgs.privateValue ["dummy-key"] "backup-ssh-keys";
};
fwupd.enable = true;
printing = {
enable = true;
allowFrom = ["all"];
@ -194,9 +190,6 @@ in {
};
};
#boot.kernel.sysctl."fs.inotify.max_user_watches" = 204800;
console.keyMap = "neo";
# This value determines the NixOS release from which the default
# settings for stateful data, like file locations and database versions
# on your system were taken. Its perfectly fine and recommended to leave

1
nixos/machines/hera/configuration.nix
View file

@ -122,7 +122,6 @@ in {
}
// syncthing.declarativeWith ["apollo" "zeus" "pegasus"] "/media";
};
boot.kernel.sysctl = {"fs.inotify.max_user_watches" = 204800;};
systemd.tmpfiles.rules = ["Z /media 0770 maralorn nginx - -"];
nix.sshServe = {
protocol = "ssh-ng";

58
nixos/machines/zeus/configuration.nix
View file

@ -18,6 +18,7 @@ in {
../../roles/fonts.nix
../../roles/earlyoom.nix
../../roles/metal.nix
../../roles/display-server.nix
#../../roles/boot-key.nix
../../roles/standalone
(vpn "zeus")
@ -74,7 +75,7 @@ in {
"Z /home/maralorn - maralorn users - -"
"d /disk/volatile/maralorn 700 maralorn users - -"
"d /disk/persist/bluetooth - - - - -"
"d /disk/persist/minecraft 700 minecraft minecraft - -"
# "d /disk/persist/minecraft 700 minecraft minecraft - -"
"d /var/lib/misc 755 - - - -"
"L+ /root/.ssh - - - - /disk/persist/root/.ssh"
];
@ -144,23 +145,7 @@ in {
};
};
};
programs = {
seahorse.enable = lib.mkForce false;
dconf.enable = true;
adb.enable = true;
};
security.rtkit.enable = true;
boot.kernelPackages = pkgs.linuxPackages_testing;
services = {
pipewire.enable = lib.mkForce false;
fwupd.enable = true;
printing = {
enable = true;
clientConf = "ServerName fluffy.lo.m-0.eu";
};
fstrim.enable = true;
snapper = {
configs.persist = {
subvolume = "/disk/persist";
@ -189,45 +174,19 @@ in {
configDir = "/disk/persist/syncthing";
}
// syncthing.declarativeWith ["hera" "apollo" "pegasus"] "/disk/persist/maralorn/media";
xserver = {
enable = true;
displayManager = {
autoLogin = {
enable = true;
user = "maralorn";
};
gdm.enable = true;
};
desktopManager.gnome.enable = true;
};
gnome = {
evolution-data-server.enable = lib.mkForce false;
gnome-keyring.enable = lib.mkForce false;
at-spi2-core.enable = lib.mkForce false;
tracker.enable = false;
tracker-miners.enable = false;
gnome-online-miners.enable = lib.mkForce false;
};
minecraft-server = {
enable = true;
openFirewall = true;
eula = true;
dataDir = "/disk/persist/minecraft";
};
#minecraft-server = {
# enable = true;
# openFirewall = true;
# eula = true;
# dataDir = "/disk/persist/minecraft";
#};
};
boot.kernel.sysctl."fs.inotify.max_user_watches" = 204800;
console.keyMap = "neo";
sound.enable = true;
hardware = {
opengl = {
enable = true;
driSupport32Bit = true; # for gw2
};
pulseaudio = {
package = pkgs.pulseaudioFull;
enable = true;
support32Bit = true;
tcp = {
enable = true;
@ -235,6 +194,5 @@ in {
};
};
};
system.stateVersion = "21.05";
}

59
nixos/roles/default.nix
View file

@ -48,6 +48,65 @@
};
environment = {
systemPackages = builtins.attrValues {
inherit
(pkgs)
gnumake
mkpasswd
file
wget
curl
wireguard-tools
gnupg
bind
liboping
psmisc
unzip
rename
whois
lsof
parted
python3
binutils
ntfsprogs
ventoy-bin
htop
helix
btop
tree
pwgen
borgbackup
inotifyTools
direnv
socat
nmap
ncdu
tcpdump
tmux
tig
exa
fzf
fd
sd
bat
ripgrep
ranger
pass
sshuttle
vnstat
entr
libargon2
mblaze
niv
compsize
mediainfo
asciinema
nix-output-monitor
jq
home-manager
;
inherit (pkgs.python3Packages) qrcode;
};
etc =
lib.mapAttrs'
(name: value: lib.nameValuePair "nix-path/${name}" {source = value;})

47
nixos/roles/display-server.nix Normal file
View file

@ -0,0 +1,47 @@
{
lib,
pkgs,
...
}: {
programs = {
adb.enable = true;
seahorse.enable = lib.mkForce false;
dconf.enable = true;
};
services = {
udev.packages = [pkgs.chrysalis];
pipewire.enable = lib.mkForce false;
printing = {
enable = true;
clientConf = "ServerName fluffy.lo.m-0.eu";
};
xserver = {
enable = true;
displayManager = {
autoLogin = {
enable = true;
user = "maralorn";
};
gdm.enable = true;
};
desktopManager.gnome.enable = true;
};
gnome = {
evolution-data-server.enable = lib.mkForce false;
gnome-keyring.enable = lib.mkForce false;
at-spi2-core.enable = lib.mkForce false;
tracker.enable = false;
tracker-miners.enable = false;
gnome-online-miners.enable = lib.mkForce false;
core-utilities.enable = lib.mkForce false;
};
};
environment.gnome.excludePackages = [pkgs.orca pkgs.gnome-tour];
sound.enable = true;
hardware = {
pulseaudio = {
package = pkgs.pulseaudioFull;
enable = true;
};
};
}

4
nixos/roles/laminar/kassandra.nix
View file

@ -20,8 +20,8 @@
cd ${repo}
export PATH=/run/current-system/sw/bin:$PATH
export ANDROID_HOME=${pkgs.androidsdk_9_0}/libexec/android-sdk
fdroid publish
fdroid update
${pkgs.fdroidserver}/bin/fdroid publish
${pkgs.fdroidserver}/bin/fdroid update
''
}";
target = name: ''

8
nixos/roles/metal.nix
View file

@ -1,4 +1,10 @@
{pkgs, ...}: {
boot.kernelParams = ["mitigations=off"];
services.udev.packages = [pkgs.chrysalis];
console.keyMap = "neo";
security.rtkit.enable = true;
services = {
fwupd.enable = true;
upower.enable = true;
fstrim.enable = true;
};
}

20
nixos/roles/standalone/default.nix
View file

@ -13,6 +13,7 @@
configurationLimit = 5;
};
};
kernel.sysctl."fs.inotify.max_user_watches" = 204800;
};
security.sudo.extraConfig = "\n Defaults timestamp_type=global, timestamp_timeout=15\n ";
@ -29,16 +30,15 @@
environment = {
# Put these into an extra file so the essential packages can also be included on non selfadminstrated systems from home-manager
systemPackages = builtins.attrValues ({
inherit
(import ../../../lib/update-system.nix {
inherit pkgs;
inherit (config.system.build) nixos-rebuild;
})
update-system
;
}
// pkgs.system-pkgs);
systemPackages = builtins.attrValues {
inherit
(import ../../../lib/update-system.nix {
inherit pkgs;
inherit (config.system.build) nixos-rebuild;
})
update-system
;
};
};
programs = {

14
overlays/30-ghc/packages.nix
View file

@ -23,27 +23,13 @@ rec {
cabal-fmt
stack
ghcid
ghcide
iCalendar
pretty-simple
stm-containers
streamly
haskell-language-server
cabal-install
dhall
taskwarrior
pandoc
hlint
cabal2nix
weeder
reflex-dom
password
optics
shh-extras
hmatrix
postgresql-simple
nix-derivation
req
witch
;
}

164
overlays/pkgSets.nix
View file

@ -1,164 +0,0 @@
self: super: {
# pkgs assumed to be present on a non nixos host
core-system-pkgs = {
inherit
(self)
gitFull
gnumake
mkpasswd
file
wget
curl
wireguard-tools
gnupg
mutt
bind
liboping
psmisc
unzip
rename
whois
lsof
parted
python3
binutils
ntfsprogs
neovim
ventoy-bin
;
};
extra-system-pkgs = {
inherit (self.python3Packages) qrcode;
inherit
(self)
htop
helix
btop
tree
pwgen
borgbackup
inotifyTools
direnv
socat
nmap
ncdu
tcpdump
tmux
tig
exa
fzf
fd
bat
ripgrep
ranger
pass
sshuttle
vnstat
entr
libargon2
mblaze
niv
compsize
mediainfo
asciinema
gomuks
nix-output-monitor
fdroidserver
jq
;
};
my-home-pkgs = {
print215 = super.writeShellScriptBin "print215" ''
scp "$@" ag-forward:
ssh ag-forward lpr -Zduplex -r "$@"
'';
print215single = super.writeShellScriptBin "print215single" ''
scp "$@" ag-forward:
ssh ag-forward lpr -r "$@"
'';
mytmux = super.writeShellScriptBin "mytmux" ''
session=$(${self.tmux}/bin/tmux ls | grep -v attached | head -1 | cut -f1 -d:)
if [[ -n $session ]]; then
exec ${self.tmux}/bin/tmux attach -t $session;
else
exec ${self.tmux}/bin/tmux;
fi
'';
};
desktop-pkgs = {
inherit
(self)
esphome
# To flash devices
esptool
# provides esptool.py
dconf
lm_sensors
xwayland
xdg_utils
libnotify
kassandra
shotcut
mlt
audacity
paprefs
wl-clipboard
dconf2nix
chrysalis
;
executor = self.gnomeExtensions.executor.overrideAttrs (old: {
postInstall =
(old.postInstall or "")
+ ''
substituteInPlace $out/share/gnome-shell/extensions/executor@raujonas.github.io/extension.js --replace "'/bin/bash'" "'bash'"
'';
});
inherit
(self.gnome)
dconf-editor
gnome-tweaks
adwaita-icon-theme
gnome-session
;
};
home-pkgs = {
inherit
(self)
go
gdb
mpc_cli
ncmpcpp
shfmt
astyle
nodejs
tasksh
magic-wormhole
alejandra
rustup
nix-top
ghcWithPackages
ghcid
matrix-commander
upterm
lazygit
gh
;
pass-fzf = self.writeShellScriptBin "pass-fzf" (builtins.readFile ./pass-fzf.sh);
};
accounting-pkgs = {
inherit (self.haskellPackages) hledger hledger-ui hledger-web;
inherit (self) ledger aqbanking;
};
system-pkgs =
self.core-system-pkgs
// self.extra-system-pkgs
// {
home-manager =
self.callPackage "${self.sources."${self.home-manager-channel}"}/home-manager" {};
};
foreign-home-pkgs = self.extra-system-pkgs;
}