From 68f9030e9ffee1b7cb865ba06dbdbe431b465e97 Mon Sep 17 00:00:00 2001 From: niten Date: Sat, 18 Sep 2021 22:56:56 -0700 Subject: [PATCH] Initial config for socrates --- config/common.nix | 2 +- config/hardware/system3.nix | 32 +++++++++++++++-------------- config/host-config/spark.nix | 8 ++++++++ config/hosts/socrates.nix | 13 ++++++++++++ config/networks/sea.fudo.org.nix | 1 + config/profile-config/common-ui.nix | 2 +- config/profile-config/common.nix | 1 + config/users.nix | 11 +++++++--- live-disk.nix | 32 +++++++++++++++++++---------- niten-home-generator.nix | 9 -------- nix-home | 2 +- 11 files changed, 72 insertions(+), 41 deletions(-) create mode 100644 config/hosts/socrates.nix delete mode 100644 niten-home-generator.nix diff --git a/config/common.nix b/config/common.nix index de65015..4053c8d 100644 --- a/config/common.nix +++ b/config/common.nix @@ -3,7 +3,7 @@ # Config common to all hosts, which don't belong anywhere else { config = let - home-generator = pkgs.callPackage ../niten-home-generator.nix {}; + home-generator = pkgs.callPackage ../nix-home {}; host-domain = config.fudo.hosts.${config.instance.hostname}.domain; in { home-manager.users.root = home-generator.generate-config { diff --git a/config/hardware/system3.nix b/config/hardware/system3.nix index 8b907cf..5ec2e71 100644 --- a/config/hardware/system3.nix +++ b/config/hardware/system3.nix @@ -21,10 +21,7 @@ in { }; kernelModules = [ "kvm-amd" ]; - supportedFilesystems = [ "zfs" ]; - # kernelPackages = pkgs.linuxPackages_latest; - - zfs.enableUnstable = true; + kernelPackages = pkgs.linuxPackages_latest; # kernelPatches = [{ # name = "big-navi"; @@ -50,25 +47,28 @@ in { }; "/nix" = { - device = "system3/transient/nix"; - fsType = "zfs"; + device = "/dev/disk/by-label/system3"; + fsType = "btrfs"; + options = [ "subvol=nix" "compress=zstd" "noatime" ]; }; "/var/log" = { - device = "system3/transient/logs"; - fsType = "zfs"; + device = "/dev/disk/by-label/system3"; + fsType = "btrfs"; + options = [ "subvol=log" "compress=zstd" "noatime" "noexec" ]; neededForBoot = true; - options = [ "noexec" ]; }; "/state" = { - device = "system3/persistent/state"; - fsType = "zfs"; + device = "/dev/disk/by-label/system3"; + fsType = "btrfs"; + options = [ "subvol=state" "compress=zstd" "noatime" ]; }; "/home" = { - device = "system3/persistent/home"; - fsType = "zfs"; + device = "/dev/disk/by-label/system3"; + fsType = "btrfs"; + options = [ "subvol=home" "compress=zstd" "noatime" ]; }; }; @@ -97,6 +97,8 @@ in { }; enableRedistributableFirmware = true; + + enableAllFirmware = true; }; services = { @@ -106,13 +108,13 @@ in { }; networking = { - hostId = substring 0 8 (fileContents /etc/machine-id); + hostId = substring 0 8 (fileContents /state/etc/machine-id); useDHCP = false; macvlans = { intif0 = { - interface = "enp6s0"; + interface = "enp7s0"; mode = "bridge"; }; }; diff --git a/config/host-config/spark.nix b/config/host-config/spark.nix index 395ffbe..1f78b85 100644 --- a/config/host-config/spark.nix +++ b/config/host-config/spark.nix @@ -8,4 +8,12 @@ extif0 = { useDHCP = true; }; }; }; + + i18n.inputMethod = { + enabled = "fcitx5"; + fcitx5.addons = with pkgs; [ + fcitx5-chinese-addons + fcitx5-rime + ]; + }; } diff --git a/config/hosts/socrates.nix b/config/hosts/socrates.nix new file mode 100644 index 0000000..29072c0 --- /dev/null +++ b/config/hosts/socrates.nix @@ -0,0 +1,13 @@ +{ + description = "sea.fudo.org deploy server."; + ssh-fingerprints = [ + ]; + rp = "niten"; + admin-email = "niten@fudo.org"; + domain = "sea.fudo.org"; + site = "seattle"; + profile = "server"; + ssh-pubkey = + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGuClWAtkOMBOVFAFFdWosCT8NvuJBps46P4RV+Qqz4b"; + tmp-on-tmpfs = false; +} diff --git a/config/networks/sea.fudo.org.nix b/config/networks/sea.fudo.org.nix index 4ddcf51..00f4e26 100644 --- a/config/networks/sea.fudo.org.nix +++ b/config/networks/sea.fudo.org.nix @@ -82,6 +82,7 @@ in { ipv4-address = "10.0.0.11"; mac-address = "02:f5:fe:8c:22:fe"; }; + socrates = { ipv4-address = "10.0.0.20"; }; plato = { ipv4-address = "10.0.0.21"; }; cam-entrance = { ipv4-address = "10.0.0.31"; diff --git a/config/profile-config/common-ui.nix b/config/profile-config/common-ui.nix index 1998291..9c46276 100644 --- a/config/profile-config/common-ui.nix +++ b/config/profile-config/common-ui.nix @@ -29,7 +29,7 @@ in { displayManager.gdm = { enable = true; - wayland = true; + wayland = false; }; windowManager.stumpwm.enable = true; diff --git a/config/profile-config/common.nix b/config/profile-config/common.nix index ed8a4e4..795a61c 100644 --- a/config/profile-config/common.nix +++ b/config/profile-config/common.nix @@ -5,6 +5,7 @@ let # Available to all users on the system. Keep it minimal. global-packages = with pkgs; [ bind + cryptsetup git heimdal openssh_gssapi diff --git a/config/users.nix b/config/users.nix index dbb2644..82a82d6 100644 --- a/config/users.nix +++ b/config/users.nix @@ -1,7 +1,7 @@ { config, lib, pkgs, ... }: let - niten-home-generator = pkgs.callPackage ../niten-home-generator.nix {}; + home-generator = pkgs.callPackage ../nix-home {}; in { config.fudo.users = { @@ -16,7 +16,7 @@ in { "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDoWkjyeIfgwm0b78weToVYOQSD0RQ0qbNzpsN5NokbIFv2/980kLtnYrQEgIJ/JwMLlT3uJYacbCT5/a6Fb8oLxNpj0AF1EKaWZ3Rrlg72Sq+9SEwJwWWmZizX83sovMwUBMaUp6jWLhAhPpzBW5pfc5YWoc89wxGbELSwzgt5EgHbSJgvDnaHSp3fVaY01wfDXbL/oO160iNe7wv2HLMZu/FkWBkIjz6HmoGJJzYM89bUpHbyYG28lmCHB/8UPog5/BsjOn3/qupgf4zh6mMdMsXLvbR2jVwVjxcEMj9N5nCvc+Y3oi7Mij6VNrWbhkaAJMEzeMhWYrF3/pFQxUqG37aK3d0gw9kp5tMDLIlAPX4y1lfA87pIzoa0+Alql0CJQA1IJvp9SFG7lBmSthWQLmZvwwfoGg/ZjF6rOgsVoZ8TizpQnydWJDr6NboU9LL9Oa64OM5Rs0AU3cR2UbOF4QIcWFJ/7oDe3dOnfZ8QYqx9eXJyxoAUpDanaaTHYBiAKkeOBwQU+MVLKCcONKw9FZclf/1TpDB5b3/JeUFANjHQTv0UXA4YYU7iCx6H7XB4qwwtU9O19CGQYYfCfULX12/fRpYJw6VJaQWyyU4Bn5dk/dcB2nGI36jwbLMfhbUTIApujioAnd/GQIMakHEZ1+syPhMx9BxMkZb99B0A1Q== openpgp:0x4EC95B64" ]; home-directory = "/home/niten"; - home-manager-generator = niten-home-generator.generate-config { + home-manager-generator = home-generator.generate-config { username = "niten"; user-email = "niten@fudo.org"; home-dir = "/home/niten"; @@ -193,6 +193,11 @@ in { ldap-hashed-passwd = "{MD5}iecbyMpyVkmOaMBzSFy58Q=="; login-hashed-passwd = "$6$C8lYHrK7KvdKm/RE$cHZ2hg5gEOEjTV8Zoayik8sz5h.Vh0.ClCgOlQn8l/2Qx/qdxqZ7xCsAZ1GZ.IEyESfhJeJbjLpykXDwPpfVF0"; + home-manager-generator = home-generator.generate-config { + username = "xiaoxuan"; + user-email = "xiaoxuan@fudo.org"; + home-dir = "/home/fudo/xiaoxuan"; + }; }; thibor = { @@ -475,7 +480,7 @@ in { uid = 10115; primary-group = "informis"; common-name = "Viator"; - home-manager-generator = niten-home-generator.generate-config { + home-manager-generator = home-generator.generate-config { username = "viator"; user-email = "viator@informis.land"; home-dir = "/home/viator"; diff --git a/live-disk.nix b/live-disk.nix index 67625ea..b481344 100644 --- a/live-disk.nix +++ b/live-disk.nix @@ -1,20 +1,27 @@ -{ config, lib, pkgs, ... }: +{ config, lib, ... }: with lib; let nixos-version = "21.05"; - home-manager-package = builtins.fetchGit { - url = "https://github.com/nix-community/home-manager.git"; - ref = "release-${nixos-version}"; + pkgs = import { + config = { + allowUnfree = true; + permittedInsecurePackages = [ + "openssh-with-gssapi-8.4p1" + ]; + }; + + overlays = [ + (import ./fudo-pkgs/overlay.nix) + ]; }; in { imports = [ - "${home-manager-package}/nixos" - ./packages + ]; hardware.enableAllFirmware = true; @@ -22,7 +29,6 @@ in { environment.systemPackages = with pkgs; [ btrfs-progs - doomEmacsInit emacs git gparted @@ -58,14 +64,18 @@ in { # groups = { wheel = { members = [ "niten" ]; }; }; }; - home-manager = { + home-manager = let + home-generator = pkgs.callPackage ./nix-home {}; + in { useGlobalPkgs = true; users = { - niten = import ./home-manager/niten.nix { - inherit config lib pkgs; + niten = (home-generator.generate-config { + username = "niten"; + user-email = "niten@fudo.org"; + home-dir = "/home/niten"; + }) { enable-gui = false; - homedir = "/home/niten"; }; }; }; diff --git a/niten-home-generator.nix b/niten-home-generator.nix deleted file mode 100644 index d21335a..0000000 --- a/niten-home-generator.nix +++ /dev/null @@ -1,9 +0,0 @@ -{ config, lib, pkgs, ... }: - -# pkgs.callPackage (pkgs.fetchgit { -# url = "https://git.fudo.org/niten/nix-home.git"; -# rev = "932f49fd76d2283ce6a866a2c8bcc0762bf6af7e"; -# sha256 = "01dbvy8ry6dsbav74aiyzsswhzwyb3n5qgahigxm17rni4jw8y0g"; -# }) {} - -pkgs.callPackage ./nix-home {} diff --git a/nix-home b/nix-home index 5a8601b..0d213bd 160000 --- a/nix-home +++ b/nix-home @@ -1 +1 @@ -Subproject commit 5a8601bc6e48b100d1e4390d9458503877504a66 +Subproject commit 0d213bdbf0838a0571582659aaf18ea5700eed4b