nix/nixos-config
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Got local packages working again

Browse Source
This commit is contained in:
root 2021-04-02 21:08:31 +00:00
parent 0ee115d2ca
commit b09647c970
8 changed files with 231 additions and 61 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

69
config/hardware/spark.nix Normal file
View File

@ -0,0 +1,69 @@
{ config, lib, pkgs, ... }:
{
imports =
[ <nixpkgs/nixos/modules/installer/scan/not-detected.nix>
];
system.stateVersion = "20.03";
boot = {
loader = {
systemd-boot.enable = true;
efi.canTouchEfiVariables = true;
};
initrd = {
availableKernelModules = [ "xhci_pci" "ahci" "usbhid" "sd_mod" "rtsx_usb_sdmmc" ];
kernelModules = [ ];
};
kernelModules = [ "kvm-intel" ];
extraModulePackages = [ ];
};
fileSystems."/" =
{ device = "/dev/disk/by-label/nixos";
fsType = "ext4";
};
fileSystems."/boot" =
{ device = "/dev/disk/by-label/BOOT";
fsType = "vfat";
};
hardware = {
bluetooth.enable = true;
cpu.intel.updateMicrocode = true;
opengl = {
driSupport = true;
driSupport32Bit = true;
};
pulseaudio.support32Bit = true;
};
networking = {
macvlans = {
extif0 = {
interface = "enp3s0";
mode = "bridge";
};
};
interfaces = {
enp3s0 = {
useDHCP = false;
};
extif0 = {
# output of: echo spark-extif0|md5sum|sed 's/^\(..\)\(..\)\(..\)\(..\)\(..\).*$/02:\1:\2:\3:\4:\5/'
macAddress = "02:9c:b7:b6:ad:c4";
};
};
};
services.xserver.videoDrivers = [ "intel" ];
nix.maxJobs = lib.mkDefault 4;
powerManagement.cpuFreqGovernor = lib.mkDefault "powersave";
}

18
config/hosts.nix
View File

@ -130,7 +130,12 @@
pselby-work = { description = "Google Lenovo work laptop."; }; pselby-work = { description = "Google Lenovo work laptop."; };
spark = { description = "Niten's backup desktop."; }; spark = {
description = "Niten's backup desktop.";
rp = "niten";
admin-email = "niten@fudo.org";
enable-gui = true;
};
upstairs-desktop = { upstairs-desktop = {
description = "Upstairs desktop in Russell."; description = "Upstairs desktop in Russell.";
@ -144,12 +149,13 @@
]; ];
rp = "niten"; rp = "niten";
admin-email = "niten@fudo.org"; admin-email = "niten@fudo.org";
domain = "rus.selby.ca";
site = "russell";
profile = "desktop";
}; };
zbox = { description = "Niten's primary desktop."; zbox = {
enable-gui = true;}; description = "Niten's primary desktop.";
rp = "niten";
admin-email = "niten@fudo.org";
enable-gui = true;
};
}; };
} }

16
config/hosts/spark.nix Normal file
View File

@ -0,0 +1,16 @@
{ config, lib, pkgs, ... }:
{
# TODO: remove?
nixpkgs.config.permittedInsecurePackages = [
"openssh-with-gssapi-8.4p1" # CVE-2021-28041
];
fudo.slynk.enable = true;
networking = {
interfaces = {
extif0 = { useDHCP = true; };
};
};
}

49
config/profiles/common-ui.nix
View File

@ -12,30 +12,36 @@ in {
boot.tmpOnTmpfs = true; boot.tmpOnTmpfs = true;
system.autoUpgrade.enable = true; environment = mkIf enable-gui {
systemPackages = [
#libva
];
};
environment.systemPackages = with pkgs; [ system = {
firefox autoUpgrade.enable = true;
spotify };
];
services = { services = {
xserver = mkIf enable-gui { xserver = mkIf enable-gui {
enable = true; enable = true;
desktopManager.gnome3.enable = true; desktopManager.gnome3.enable = true;
displayManager.gdm.enable = true; displayManager.gdm = {
enable = true;
wayland = true;
};
windowManager.stumpwm.enable = true; windowManager.stumpwm.enable = true;
# windowManager.session = pkgs.lib.singleton { # windowManager.session = pkgs.lib.singleton {
# name = "stumpwm"; # name = "stumpwm";
# start = '' # start = ''
# ${pkgs.lispPackages.stumpwm}/bin/stumpwm & # ${pkgs.lispPackages.stumpwm}/bin/stumpwm &
# waidPID=$! # waidPID=$!
# ''; # '';
# }; # };
}; };
emacs = { emacs = {
@ -44,6 +50,17 @@ in {
package = pkgs.emacs; package = pkgs.emacs;
defaultEditor = true; defaultEditor = true;
}; };
trezord.enable = true;
};
hardware = {
bluetooth.enable = true;
opengl = mkIf enable-gui {
driSupport = true;
driSupport32Bit = true;
};
}; };
sound.enable = true; sound.enable = true;

2
home-manager/niten.nix
View File

@ -1,5 +1,6 @@
{ config, lib, pkgs, ... }: { config, lib, pkgs, ... }:
with lib;
let let
name = "Niten"; name = "Niten";
email = "niten@fudo.org"; email = "niten@fudo.org";
@ -19,6 +20,7 @@ let
file file
firefox firefox
fortune fortune
git
gnupg gnupg
guile guile
imagemagick imagemagick

34
lib/fudo/users-common.nix Normal file
View File

@ -0,0 +1,34 @@
# Common home-manager config
{ config, lib, pkgs, ... }:
with lib;
let
sys = import ../system.nix { inherit lib config; };
list-contains = lst: item: any (i: i == item) lst;
domain-realm = domain: domainOpts: domainOpts.gssapi-realm;
user-realms = username:
mapAttrsToList domain-realm
(filterAttrs (domain: domainOpts: list-contains domainOpts.local-users username)
config.fudo.domains);
user-principals = username:
map (realm: "${username}@${realm}") (user-realms username);
user-k5login = username: userOpts: let
principals = userOpts.k5login ++ (user-principals username);
in ''
${concatStringsSep "\n" principals}
'';
user-config = username: userOpts: {
home.file.".k5login" = {
source = pkgs.writeText "${username}-k5login" (user-k5login username userOpts);
};
};
in {
config.home-manager.users = mapAttrs user-config sys.local-users;
}

73
lib/fudo/users.nix
View File

@ -150,28 +150,13 @@ in {
}; };
}; };
imports = [
./users-common.nix
];
config = let config = let
local-host = config.instance.hostname; sys = import ../system.nix { inherit lib config; };
local-domain = config.fudo.hosts.${local-host}.domain;
local-site = config.fudo.hosts.${local-host}.site;
host-user-list = config.fudo.hosts."${local-host}".local-users;
domain-user-list = config.fudo.domains."${local-domain}".local-users;
local-users =
getAttrs (host-user-list ++ domain-user-list) config.fudo.users;
host-admin-list = config.fudo.hosts."${local-host}".local-admins;
domain-admin-list = config.fudo.domains."${local-domain}".local-admins;
site-admin-list = config.fudo.sites."${local-site}".local-admins;
local-admins = host-admin-list ++ domain-admin-list ++ site-admin-list;
host-group-list = config.fudo.hosts."${local-host}".local-groups;
domain-group-list = config.fudo.domains."${local-domain}".local-groups;
site-group-list = config.fudo.sites."${local-site}".local-groups;
local-groups =
getAttrs (host-group-list ++ domain-group-list ++ site-group-list)
config.fudo.groups;
in { in {
fudo.auth.ldap-server = let fudo.auth.ldap-server = let
ldapUsers = (filterAttrs ldapUsers = (filterAttrs
@ -211,29 +196,39 @@ in {
"/home/${userOpts.primary-group}/${username}"; "/home/${userOpts.primary-group}/${username}";
hashedPassword = userOpts.login-hashed-passwd; hashedPassword = userOpts.login-hashed-passwd;
openssh.authorizedKeys.keys = userOpts.ssh-authorized-keys; openssh.authorizedKeys.keys = userOpts.ssh-authorized-keys;
}) local-users; }) sys.local-users;
groups = (mapAttrs (groupname: groupOpts: { groups = (mapAttrs (groupname: groupOpts: {
gid = groupOpts.gid; gid = groupOpts.gid;
members = filterExistingUsers local-users groupOpts.members; members = filterExistingUsers sys.local-users groupOpts.members;
}) local-groups) // { }) sys.local-groups) // {
wheel = { members = local-admins; }; wheel = { members = sys.local-admins; };
}; };
}; };
home-manager.users = let home-manager = {
home-manager-users = useGlobalPkgs = true;
filterAttrs (username: userOpts: userOpts.home-manager-config != null)
local-users; users = let
common-user-config = username: { home-manager-users =
home.file.".k5login" = { filterAttrs (username: userOpts: userOpts.home-manager-config != null)
source = pkgs.writeText "${username}-k5login" '' sys.local-users;
${concatStringsSep "\n" config.fudo.users.${username}.k5login} in mapAttrs (username: userOpts: userOpts.home-manager-config) home-manager-users;
'';
}; # users = let
}; # home-manager-users =
in mapAttrs (username: userOpts: # filterAttrs (username: userOpts: userOpts.home-manager-config != null)
userOpts.home-manager-config // (common-user-config username)) # local-users;
home-manager-users; # common-user-config = username: {
# home.file.".k5login" = {
# source = pkgs.writeText "${username}-k5login" ''
# ${concatStringsSep "\n" config.fudo.users.${username}.k5login}
# '';
# };
# };
# in mapAttrs (username: userOpts:
# userOpts.home-manager-config // (common-user-config username))
# home-manager-users;
};
}; };
} }

31
lib/system.nix Normal file
View File

@ -0,0 +1,31 @@
{ config, lib, ... }:
with lib;
let
local-host = config.instance.hostname;
local-domain = config.fudo.hosts.${local-host}.domain;
local-site = config.fudo.hosts.${local-host}.site;
host-user-list = config.fudo.hosts."${local-host}".local-users;
domain-user-list = config.fudo.domains."${local-domain}".local-users;
site-user-list = config.fudo.sites."${local-site}".local-users;
local-users =
getAttrs (host-user-list ++ domain-user-list ++ site-user-list) config.fudo.users;
host-admin-list = config.fudo.hosts."${local-host}".local-admins;
domain-admin-list = config.fudo.domains."${local-domain}".local-admins;
site-admin-list = config.fudo.sites."${local-site}".local-admins;
local-admins = host-admin-list ++ domain-admin-list ++ site-admin-list;
host-group-list = config.fudo.hosts."${local-host}".local-groups;
domain-group-list = config.fudo.domains."${local-domain}".local-groups;
site-group-list = config.fudo.sites."${local-site}".local-groups;
local-groups =
getAttrs (host-group-list ++ domain-group-list ++ site-group-list)
config.fudo.groups;
in {
local-users = local-users;
local-admins = local-admins;
local-groups = local-groups;
}