Initial config for socrates

2021-09-18 22:56:56 -07:00 · 2021-09-18 22:56:56 -07:00 · 68f9030e9f
parent 7142102acb
commit 68f9030e9f
11 changed files with 72 additions and 41 deletions
--- a/config/common.nix
+++ b/config/common.nix
@ -3,7 +3,7 @@
 # Config common to all hosts, which don't belong anywhere else
 {
  config = let
-    home-generator = pkgs.callPackage ../niten-home-generator.nix {};
+    home-generator = pkgs.callPackage ../nix-home {};
    host-domain = config.fudo.hosts.${config.instance.hostname}.domain;
  in {
    home-manager.users.root = home-generator.generate-config {
--- a/config/hardware/system3.nix
+++ b/config/hardware/system3.nix
@ -21,10 +21,7 @@ in {
    };

    kernelModules = [ "kvm-amd" ];
-    supportedFilesystems = [ "zfs" ];
-    # kernelPackages = pkgs.linuxPackages_latest;
-
-    zfs.enableUnstable = true;
+    kernelPackages = pkgs.linuxPackages_latest;

    # kernelPatches = [{
    #   name = "big-navi";
@ -50,25 +47,28 @@ in {
    };

    "/nix" = {
-      device = "system3/transient/nix";
-      fsType = "zfs";
+      device  = "/dev/disk/by-label/system3";
+      fsType  = "btrfs";
+      options = [ "subvol=nix" "compress=zstd" "noatime" ];
    };

    "/var/log" = {
-      device = "system3/transient/logs";
-      fsType = "zfs";
+      device  = "/dev/disk/by-label/system3";
+      fsType  = "btrfs";
+      options = [ "subvol=log" "compress=zstd" "noatime" "noexec" ];
      neededForBoot = true;
-      options = [ "noexec" ];
    };

    "/state" = {
-      device = "system3/persistent/state";
-      fsType = "zfs";
+      device  = "/dev/disk/by-label/system3";
+      fsType  = "btrfs";
+      options = [ "subvol=state" "compress=zstd" "noatime" ];
    };

    "/home" = {
-      device = "system3/persistent/home";
-      fsType = "zfs";
+      device  = "/dev/disk/by-label/system3";
+      fsType  = "btrfs";
+      options = [ "subvol=home" "compress=zstd" "noatime" ];
    };
  };

@ -97,6 +97,8 @@ in {
    };

    enableRedistributableFirmware = true;
+
+    enableAllFirmware = true;
  };

  services = {
@ -106,13 +108,13 @@ in {
  };

  networking = {
-    hostId = substring 0 8 (fileContents /etc/machine-id);
+    hostId = substring 0 8 (fileContents /state/etc/machine-id);

    useDHCP = false;

    macvlans = {
      intif0 = {
-        interface = "enp6s0";
+        interface = "enp7s0";
        mode = "bridge";
      };
    };
--- a/config/host-config/spark.nix
+++ b/config/host-config/spark.nix
@ -8,4 +8,12 @@
      extif0 = { useDHCP = true; };
    };
  };
+  
+  i18n.inputMethod = {
+    enabled = "fcitx5";
+    fcitx5.addons = with pkgs; [
+      fcitx5-chinese-addons
+      fcitx5-rime
+    ];
+  };
 }
--- a/config/hosts/socrates.nix
+++ b/config/hosts/socrates.nix
@ -0,0 +1,13 @@
+{
+  description = "sea.fudo.org deploy server.";
+  ssh-fingerprints = [
+  ];
+  rp = "niten";
+  admin-email = "niten@fudo.org";
+  domain = "sea.fudo.org";
+  site = "seattle";
+  profile = "server";
+  ssh-pubkey =
+    "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGuClWAtkOMBOVFAFFdWosCT8NvuJBps46P4RV+Qqz4b";
+  tmp-on-tmpfs = false;
+}
--- a/config/networks/sea.fudo.org.nix
+++ b/config/networks/sea.fudo.org.nix
@ -82,6 +82,7 @@ in {
      ipv4-address = "10.0.0.11";
      mac-address = "02:f5:fe:8c:22:fe";
    };
+    socrates = { ipv4-address = "10.0.0.20"; };
    plato = { ipv4-address = "10.0.0.21"; };
    cam-entrance = {
      ipv4-address = "10.0.0.31";
--- a/config/profile-config/common-ui.nix
+++ b/config/profile-config/common-ui.nix
@ -29,7 +29,7 @@ in {

      displayManager.gdm = {
        enable = true;
-        wayland = true;
+        wayland = false;
      };

      windowManager.stumpwm.enable = true;
--- a/config/profile-config/common.nix
+++ b/config/profile-config/common.nix
@ -5,6 +5,7 @@ let
  # Available to all users on the system. Keep it minimal.
  global-packages = with pkgs; [
    bind
+    cryptsetup
    git
    heimdal
    openssh_gssapi
--- a/config/users.nix
+++ b/config/users.nix
@ -1,7 +1,7 @@
 { config, lib, pkgs, ... }:

 let
-  niten-home-generator = pkgs.callPackage ../niten-home-generator.nix {};
+  home-generator = pkgs.callPackage ../nix-home {};
  
 in {
  config.fudo.users = {
@ -16,7 +16,7 @@ in {
        "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDoWkjyeIfgwm0b78weToVYOQSD0RQ0qbNzpsN5NokbIFv2/980kLtnYrQEgIJ/JwMLlT3uJYacbCT5/a6Fb8oLxNpj0AF1EKaWZ3Rrlg72Sq+9SEwJwWWmZizX83sovMwUBMaUp6jWLhAhPpzBW5pfc5YWoc89wxGbELSwzgt5EgHbSJgvDnaHSp3fVaY01wfDXbL/oO160iNe7wv2HLMZu/FkWBkIjz6HmoGJJzYM89bUpHbyYG28lmCHB/8UPog5/BsjOn3/qupgf4zh6mMdMsXLvbR2jVwVjxcEMj9N5nCvc+Y3oi7Mij6VNrWbhkaAJMEzeMhWYrF3/pFQxUqG37aK3d0gw9kp5tMDLIlAPX4y1lfA87pIzoa0+Alql0CJQA1IJvp9SFG7lBmSthWQLmZvwwfoGg/ZjF6rOgsVoZ8TizpQnydWJDr6NboU9LL9Oa64OM5Rs0AU3cR2UbOF4QIcWFJ/7oDe3dOnfZ8QYqx9eXJyxoAUpDanaaTHYBiAKkeOBwQU+MVLKCcONKw9FZclf/1TpDB5b3/JeUFANjHQTv0UXA4YYU7iCx6H7XB4qwwtU9O19CGQYYfCfULX12/fRpYJw6VJaQWyyU4Bn5dk/dcB2nGI36jwbLMfhbUTIApujioAnd/GQIMakHEZ1+syPhMx9BxMkZb99B0A1Q== openpgp:0x4EC95B64"
      ];
      home-directory = "/home/niten";
-      home-manager-generator = niten-home-generator.generate-config {
+      home-manager-generator = home-generator.generate-config {
        username = "niten";
        user-email = "niten@fudo.org";
        home-dir = "/home/niten";
@ -193,6 +193,11 @@ in {
      ldap-hashed-passwd = "{MD5}iecbyMpyVkmOaMBzSFy58Q==";
      login-hashed-passwd =
        "$6$C8lYHrK7KvdKm/RE$cHZ2hg5gEOEjTV8Zoayik8sz5h.Vh0.ClCgOlQn8l/2Qx/qdxqZ7xCsAZ1GZ.IEyESfhJeJbjLpykXDwPpfVF0";
+      home-manager-generator = home-generator.generate-config {
+        username = "xiaoxuan";
+        user-email = "xiaoxuan@fudo.org";
+        home-dir = "/home/fudo/xiaoxuan";
+      };
    };

    thibor = {
@ -475,7 +480,7 @@ in {
      uid = 10115;
      primary-group = "informis";
      common-name = "Viator";
-      home-manager-generator = niten-home-generator.generate-config {
+      home-manager-generator = home-generator.generate-config {
        username = "viator";
        user-email = "viator@informis.land";
        home-dir = "/home/viator";
--- a/live-disk.nix
+++ b/live-disk.nix
@ -1,20 +1,27 @@
-{ config, lib, pkgs, ... }:
+{ config, lib, ... }:

 with lib;
 let
  nixos-version = "21.05";

-  home-manager-package = builtins.fetchGit {
-    url = "https://github.com/nix-community/home-manager.git";
-    ref = "release-${nixos-version}";
+  pkgs = import <nixpkgs> {
+    config = {
+      allowUnfree = true;
+      permittedInsecurePackages = [
+        "openssh-with-gssapi-8.4p1"
+      ];
+    };
+
+    overlays = [
+      (import ./fudo-pkgs/overlay.nix)
+    ];
  };

 in {
  imports = [
    <nixpkgs/nixos/modules/installer/cd-dvd/installation-cd-minimal.nix>
    <nixpkgs/nixos/modules/installer/cd-dvd/channel.nix>
-    "${home-manager-package}/nixos"
-    ./packages
+    <home-manager/nixos>
  ];

  hardware.enableAllFirmware = true;
@ -22,7 +29,6 @@ in {

  environment.systemPackages = with pkgs; [
    btrfs-progs
-    doomEmacsInit
    emacs
    git
    gparted
@ -58,14 +64,18 @@ in {
    # groups = { wheel = { members = [ "niten" ]; }; };
  };

-  home-manager = {
+  home-manager = let
+    home-generator = pkgs.callPackage ./nix-home {};
+  in {
    useGlobalPkgs = true;

    users = {
-      niten = import ./home-manager/niten.nix {
-        inherit config lib pkgs;
+      niten = (home-generator.generate-config {
+        username = "niten";
+        user-email = "niten@fudo.org";
+        home-dir = "/home/niten";
+      }) {
        enable-gui = false;
-        homedir = "/home/niten";
      };
    };
  };
--- a/niten-home-generator.nix
+++ b/niten-home-generator.nix
@ -1,9 +0,0 @@
-{ config, lib, pkgs, ... }:
-
-# pkgs.callPackage (pkgs.fetchgit {
-#   url = "https://git.fudo.org/niten/nix-home.git";
-#   rev = "932f49fd76d2283ce6a866a2c8bcc0762bf6af7e";
-#   sha256 = "01dbvy8ry6dsbav74aiyzsswhzwyb3n5qgahigxm17rni4jw8y0g";
-# }) {}
-
-pkgs.callPackage ./nix-home {}
--- a/2
+++ b/2
@ -1 +1 @@
-Subproject commit 5a8601bc6e48b100d1e4390d9458503877504a66
+Subproject commit 0d213bdbf0838a0571582659aaf18ea5700eed4b