From d145f6282a91ca58ec45c6af1441b8002a0a9f13 Mon Sep 17 00:00:00 2001
From: root <root@fudo.org>
Date: Wed, 31 Mar 2021 23:28:42 +0000
Subject: [PATCH] Working (I think?) GUI on zbox

---
 config/domains.nix            |  6 +--
 config/hardware/zbox.nix      | 70 +++++++++++++++++++++++++++++++++++
 config/hosts.nix              |  3 +-
 config/hosts/zbox.nix         | 11 +++++-
 config/profiles/common-ui.nix | 20 +++++-----
 config/sites.nix              | 52 +++++++++++++-------------
 config/sites/seattle.nix      |  6 ++-
 7 files changed, 125 insertions(+), 43 deletions(-)
 create mode 100644 config/hardware/zbox.nix

diff --git a/config/domains.nix b/config/domains.nix
index 51a06c0..756180e 100644
--- a/config/domains.nix
+++ b/config/domains.nix
@@ -7,7 +7,7 @@
 
       local-users = [ "niten" "reaper" ];
       local-groups = [ "fudo" "selby" "admin" ];
-      admin-users = [ "niten" "reaper" ];
+      local-admins = [ "niten" "reaper" ];
       admin-email = "admin@fudo.org";
       gssapi-realm = "FUDO.ORG";
     };
@@ -17,7 +17,7 @@
 
       local-users = [ "niten" "reaper" "xiaoxuan" "ken" ];
       local-groups = [ "fudo" "selby" "admin" ];
-      admin-users = [ "niten" ];
+      local-admins = [ "niten" ];
       admin-email = "niten@fudo.org";
       gssapi-realm = "FUDO.ORG";
     };
@@ -48,7 +48,7 @@
 
       local-users = [ "niten" "viator" ];
       local-groups = [ "admin" ];
-      admin-users = [ "niten" ];
+      local-admins = [ "niten" ];
       admin-email = "viator@informis.land";
       gssapi-realm = "INFORMIS.LAND";
     };
diff --git a/config/hardware/zbox.nix b/config/hardware/zbox.nix
new file mode 100644
index 0000000..4998b21
--- /dev/null
+++ b/config/hardware/zbox.nix
@@ -0,0 +1,70 @@
+{ config, lib, pkgs, ... }:
+
+{
+  imports =
+    [ <nixpkgs/nixos/modules/installer/scan/not-detected.nix>
+    ];
+
+  boot = {
+    loader = {
+      systemd-boot.enable = true;
+      efi.canTouchEfiVariables = true;
+    };
+    initrd = {
+      availableKernelModules = [ "xhci_pci" "ahci" "usbhid" "sd_mod" ];
+      kernelModules = [ ];
+    };
+    kernelModules = [ "kvm-intel" ];
+    extraModulePackages = [ ];
+  };
+
+  fileSystems."/" =
+    { device = "/dev/disk/by-label/zbox-root";
+      fsType = "btrfs";
+    };
+
+  fileSystems."/boot" =
+    { device = "/dev/disk/by-label/BOOT";
+      fsType = "vfat";
+    };
+
+  swapDevices =
+    [ { device = "/dev/disk/by-label/zbox-swap"; }
+    ];
+
+  hardware = {
+    bluetooth.enable = true;
+
+    cpu.intel.updateMicrocode = true;
+
+    opengl = {
+      driSupport = true;
+      driSupport32Bit = true;
+
+      # extraPackages32 = with pkgs.i686Linux; [ libva ];
+    };
+
+    pulseaudio.support32Bit = true;
+  };
+
+  networking = {
+    macvlans = {
+      intif0 = {
+        interface = "eno1";
+        mode = "bridge";
+      };
+    };
+
+    interfaces = {
+      intif0 = {
+        # output of: echo clunk-intif0|md5sum|sed 's/^\(..\)\(..\)\(..\)\(..\)\(..\).*$/02:\1:\2:\3:\4:\5/'
+        macAddress = "02:dd:80:52:83:9b";
+      };
+    };
+  };
+
+  services.xserver.videoDrivers = [ "nvidia" ];
+
+  nix.maxJobs = lib.mkDefault 8;
+  powerManagement.cpuFreqGovernor = lib.mkDefault "powersave";
+}
diff --git a/config/hosts.nix b/config/hosts.nix
index a22b9f3..d315143 100644
--- a/config/hosts.nix
+++ b/config/hosts.nix
@@ -149,6 +149,7 @@
       profile = "desktop";
     };
 
-    zbox = { description = "Niten's primary desktop."; };
+    zbox = { description = "Niten's primary desktop.";
+           enable-gui = true;};
   };
 }
diff --git a/config/hosts/zbox.nix b/config/hosts/zbox.nix
index 718db2e..d4f8240 100644
--- a/config/hosts/zbox.nix
+++ b/config/hosts/zbox.nix
@@ -1,10 +1,17 @@
 { config, lib, pkgs, ... }:
 
 {
+  # TODO: remove?
+  nixpkgs.config.permittedInsecurePackages = [
+    "openssh-with-gssapi-8.4p1" # CVE-2021-28041
+  ];
+
   fudo.slynk.enable = true;
 
   networking = {
-    eno1.useDHCP = false;
-    intif0 = { useDHCP = true; };
+    interfaces = {
+      eno1.useDHCP = false;
+      intif0 = { useDHCP = true; };
+    };
   };
 }
diff --git a/config/profiles/common-ui.nix b/config/profiles/common-ui.nix
index b17aa94..4210b28 100644
--- a/config/profiles/common-ui.nix
+++ b/config/profiles/common-ui.nix
@@ -6,7 +6,7 @@ let
   enable-gui = config.fudo.hosts.${hostname}.enable-gui;
 
 in {
-  import = [ ./common.nix ];
+  imports = [ ./common.nix ];
 
   boot.plymouth.enable = false;
 
@@ -14,7 +14,8 @@ in {
 
   system.autoUpgrade.enable = true;
 
-  services.xserver = mkIf enable-gui {
+  services = {
+    xserver = mkIf enable-gui {
     enable = true;
 
     desktopManager.gnome3.enable = true;
@@ -23,13 +24,6 @@ in {
 
     windowManager.stumpwm.enable = true;
 
-    emacs = {
-      enable = true;
-      install = true;
-      package = pkgs.emacs;
-      defaultEditor = true;
-    };
-
     # windowManager.session = pkgs.lib.singleton {
     #   name = "stumpwm";
     #   start = ''
@@ -37,6 +31,14 @@ in {
     #     waidPID=$!
     #   '';
     # };
+    };
+
+    emacs = {
+      enable = true;
+      install = true;
+      package = pkgs.emacs;
+      defaultEditor = true;
+    };
   };
 
   sound.enable = true;
diff --git a/config/sites.nix b/config/sites.nix
index 8097af9..16289ff 100644
--- a/config/sites.nix
+++ b/config/sites.nix
@@ -10,32 +10,32 @@
       timezone = "America/Los_Angeles";
       gateway-host = "nostromo";
       # FIXME: good idea?
-      network-mounts = {
-        "/mnt/documents" = {
-          device = "whitedwarf:/volume1/Documents";
-          fsType = "nfs4";
-        };
-        "/mnt/downloads" = {
-          device = "whitedwarf:/volume1/Downloads";
-          fsType = "nfs4";
-        };
-        "/mnt/music" = {
-          device = "doraemon:/volume1/Music";
-          fsType = "nfs4";
-        };
-        "/mnt/video" = {
-          device = "doraemon:/volume1/Video";
-          fsType = "nfs4";
-        };
-        "/mnt/cargo_video" = {
-          device = "cargo:/volume1/video";
-          fsType = "nfs4";
-        };
-        "/mnt/photo" = {
-          device = "cargo:/volume1/pictures";
-          fsType = "nfs4";
-        };
-      };
+      # network-mounts = {
+      #   "/mnt/documents" = {
+      #     device = "whitedwarf:/volume1/Documents";
+      #     fsType = "nfs4";
+      #   };
+      #   "/mnt/downloads" = {
+      #     device = "whitedwarf:/volume1/Downloads";
+      #     fsType = "nfs4";
+      #   };
+      #   "/mnt/music" = {
+      #     device = "doraemon:/volume1/Music";
+      #     fsType = "nfs4";
+      #   };
+      #   "/mnt/video" = {
+      #     device = "doraemon:/volume1/Video";
+      #     fsType = "nfs4";
+      #   };
+      #   "/mnt/cargo_video" = {
+      #     device = "cargo:/volume1/video";
+      #     fsType = "nfs4";
+      #   };
+      #   "/mnt/photo" = {
+      #     device = "cargo:/volume1/pictures";
+      #     fsType = "nfs4";
+      #   };
+      # };
     };
 
     portage = {
diff --git a/config/sites/seattle.nix b/config/sites/seattle.nix
index 3c2a8b4..b352f09 100644
--- a/config/sites/seattle.nix
+++ b/config/sites/seattle.nix
@@ -1,5 +1,7 @@
 { config, lib, pkgs, ... }:
 
 {
-
-}
\ No newline at end of file
+  environment.systemPackages = with pkgs; [
+    hll2380dw-cups
+  ];
+}