gebner
/
nixos-config
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Compare commits

merge into: gebner:mesa172test
Branches Tags
gebner:master
gebner:mesa172test
...
pull from: gebner:master
Branches Tags
gebner:master
gebner:mesa172test

498 Commits
mesa172tes ... master

Author SHA1 Message Date
Gabriel Ebner 37033049ed update nixos 2023-08-28 13:11:45 -07:00
Gabriel Ebner 2b8fc1d91c update nixos 2023-08-20 15:24:55 -07:00
Gabriel Ebner 69b54087e0 update nixos 2023-08-20 12:02:24 -07:00
Gabriel Ebner eaf2334a04 update nixos 2023-07-03 17:40:52 -07:00
Gabriel Ebner 4525b47d35 update nixos 2023-05-14 17:57:58 -07:00
Gabriel Ebner 4d9937cf9d flammea: zfs 2023-05-14 16:52:08 -07:00
Gabriel Ebner 90e1c36244 gthumb 2023-04-10 10:43:30 -07:00
Gabriel Ebner 5f3628d1a1 update nixos 2023-03-04 18:20:06 -08:00
Gabriel Ebner d02a0d7a45 gnome: add ibus-engines.rime 2023-02-27 15:51:20 -08:00
Gabriel Ebner 36e5d09e8a flammea: switch to gnome 2023-02-24 14:04:10 -08:00
Gabriel Ebner 821549f525 fix gnome module 2023-02-24 14:04:10 -08:00
Gabriel Ebner 9da7c7c9fc flammea: add mpd 2023-02-24 14:04:10 -08:00
Gabriel Ebner 32ec56e6e0 euhadra: update 2023-02-24 14:04:10 -08:00
Gabriel Ebner bd20b7622d update nixos 2023-02-24 11:40:43 -08:00
Gabriel Ebner 4fb0970418 flammea: add tailscale 2022-11-25 18:46:33 -08:00
Gabriel Ebner 25f079383f update nixos 2022-11-25 18:46:27 -08:00
Gabriel Ebner d7cdd2a2b3 aplysia: fix build 2022-11-24 02:30:21 +01:00
Gabriel Ebner c12f4efc1d aplysia: enable tailscale 2022-11-23 17:29:01 -08:00
Gabriel Ebner 3c6000dc31 disable nebula 2022-11-23 17:28:44 -08:00
Gabriel Ebner 81db657d73 add recommended tailscale option 2022-11-23 17:03:08 -08:00
Gabriel Ebner 84c356d93c enable tailscale 2022-11-23 17:01:25 -08:00
Gabriel Ebner 8d767ca499 euhadra: add to nebula 2022-11-24 01:59:07 +01:00
Gabriel Ebner b5b2062620 mastus: nebula dns diff port 2022-11-18 23:19:29 -08:00
Gabriel Ebner e3b25a5bc1 nebula more ports 2022-11-18 23:05:41 -08:00
Gabriel Ebner 3849c3720b mastus: nebula dns try 2 2022-11-18 22:30:32 -08:00
Gabriel Ebner cd4199dc3e euhadra: update 2022-11-19 07:24:23 +01:00
Gabriel Ebner 429a7a1e55 petalius: add to nebula 2022-11-18 22:23:42 -08:00
Gabriel Ebner 06a4738877 mastus: add nebula 2022-11-18 22:00:23 -08:00
Gabriel Ebner 2aabd4f7db update nixos 2022-11-13 14:16:03 -08:00
Gabriel Ebner 2fd59032f4 update nixos 2022-11-11 22:40:55 -08:00
Gabriel Ebner 8d4f04d8a2 update nixos 2022-10-31 17:26:09 -07:00
Gabriel Ebner 18ecb5248d add gebner2 2022-10-31 17:14:55 -07:00
Gabriel Ebner e8229ce713 Use American paper. 2022-10-21 15:18:21 -07:00
Gabriel Ebner 5cdd1b8f02 petalius: connect directly to htdf-gw 2022-09-29 16:51:26 -07:00
Gabriel Ebner d79dd140fc aplysia moves to htdf 2022-09-29 16:48:15 -07:00
Gabriel Ebner 26b98e4131 Disable radicale patch. 2022-09-29 06:39:38 -07:00
Gabriel Ebner b89904422f Fix dns. 2022-09-29 06:39:15 -07:00
Gabriel Ebner 048e8daf96 Fix radicale patch. 2022-09-28 18:16:45 -07:00
Gabriel Ebner 4d3b6bcba4 Prepare radicale patch. 2022-09-26 11:32:55 -07:00
Gabriel Ebner 981f860bdc Move to Seattle. 2022-09-26 08:13:51 -07:00
Gabriel Ebner 26e9a7d7da New htdf-gw ip 2022-09-18 18:06:41 +02:00
Gabriel Ebner a74f967624 restic 2022-09-17 17:13:29 +02:00
Gabriel Ebner 15f17e3051 update nixos 2022-09-17 13:03:09 +02:00
Gabriel Ebner 746eeffff8 mastus: radicale 3 2022-09-03 23:34:50 +02:00
Gabriel Ebner 692c8368eb update nixos 2022-09-03 12:05:12 +02:00
Gabriel Ebner a1d4c16326 fix khal completion; 2022-09-03 12:00:08 +02:00
Gabriel Ebner 1c25e80ce5 update nixos 2022-08-22 18:54:27 +02:00
Gabriel Ebner ceeebd285f Update nixos. 2022-08-15 11:37:26 +02:00
Gabriel Ebner fb2d5cab05 decoysnail: use sway 2022-08-15 11:26:12 +02:00
Gabriel Ebner 93d868d047 update nixos 2022-07-16 19:33:52 +02:00
Gabriel Ebner 7246542704 update nixos 2022-07-02 16:39:07 +02:00
Gabriel Ebner 7cda28aacc sway: add playerctl 2022-06-27 19:59:04 +02:00
Gabriel Ebner a9ca075f23 update nixos 2022-06-26 11:32:33 +02:00
Gabriel Ebner 07460df992 update nixos 2022-06-13 21:34:03 +02:00
Gabriel Ebner 513e53b032 update nixos 2022-06-08 18:41:49 +02:00
Gabriel Ebner 75176c7aef don't restart resolved 2022-06-07 12:18:37 +02:00
Gabriel Ebner cecc2f51a0 update nixos 2022-06-04 15:03:36 +02:00
Gabriel Ebner 4b727896b7 sway: disable x11 2022-05-31 17:01:19 +02:00
Gabriel Ebner 0c1d76cb38 update nixos 2022-05-31 16:57:25 +02:00
Gabriel Ebner c81774e6a7 update nixos 2022-05-28 16:51:26 +02:00
Gabriel Ebner 7bca210546 update nixos 2022-05-26 14:13:22 +02:00
Gabriel Ebner 65ee751ec8 update nixos 2022-05-22 18:21:28 +02:00
Gabriel Ebner 58f0c5f83c update nixos 2022-05-20 15:46:16 +02:00
Gabriel Ebner 3a5bc4f034 update nixos 2022-05-19 14:42:48 +02:00
Gabriel Ebner bc514fd011 petalius: sway 2022-05-18 20:38:47 +02:00
Gabriel Ebner bede6a3d48 add missing gsettings-desktop-schemas 2022-05-18 20:38:34 +02:00
Gabriel Ebner d5a8330136 update nixos 2022-05-14 12:01:32 +02:00
Gabriel Ebner a1b116cc91 update nixos 2022-05-03 17:58:54 +02:00
Gabriel Ebner f3e5a57fba sway: use rofi 2022-05-03 17:32:16 +02:00
Gabriel Ebner 7faa9f2010 fix 2022-05-01 15:15:41 +02:00
Gabriel Ebner a9fa48daee Fix podman exec. 2022-04-30 13:29:48 +02:00
Gabriel Ebner cb1548edb0 update nixos 2022-04-27 13:43:12 +02:00
Gabriel Ebner dd36e04b39 update nixos 2022-04-26 21:38:10 +02:00
Gabriel Ebner deb38305c5 update nixos 2022-04-25 17:41:15 +02:00
Gabriel Ebner ab2f9f8f4e update nixos 2022-04-25 14:23:54 +02:00
Gabriel Ebner 446f271532 poppler-utils 2022-04-25 12:31:38 +02:00
Gabriel Ebner d63d82571f update nixos 2022-04-18 16:45:02 +02:00
Gabriel Ebner c4a0c593c8 update nixos 2022-04-17 15:28:52 +02:00
Gabriel Ebner ccee0a99bf wtype 2022-04-16 17:07:13 +02:00
Gabriel Ebner 3fcd2ff615 fix firefox crash 2022-04-13 23:27:40 +02:00
Gabriel Ebner f3f22581d3 Revert "sway: use wayland version of chromium" 
This reverts commit c3d9242e2e.
 2022-04-12 19:49:13 +02:00
Gabriel Ebner c3d9242e2e sway: use wayland version of chromium 2022-04-12 19:33:47 +02:00
Gabriel Ebner 3588811d70 fix wstunnel 2022-04-09 11:35:28 +02:00
Gabriel Ebner 73ce3ae8db update nixos 2022-04-07 19:18:10 +02:00
Gabriel Ebner 69a1962827 flammea: sway 2022-04-07 18:50:58 +02:00
Gabriel Ebner ac7014a17f update nixos 2022-04-01 15:00:45 +02:00
Gabriel Ebner b5e5d70248 update nixos 2022-03-30 16:46:24 +02:00
Gabriel Ebner 7ed620c95a update nixos 2022-03-28 10:48:22 +02:00
Gabriel Ebner 5a21e8549d hyperfine 2022-03-20 15:37:10 +01:00
Gabriel Ebner 4f532a91e6 update nixos 2022-03-20 14:58:40 +01:00
Gabriel Ebner 3d5c629da2 update nixos 2022-02-04 17:16:58 +01:00
Gabriel Ebner 1e6b59eb10 use stix fonts 2022-02-04 17:10:31 +01:00
Gabriel Ebner 121050b0f6 Fix screen locker. 2022-01-31 11:24:07 +01:00
Gabriel Ebner 44c93e4d49 remove notmuch override 2022-01-30 15:43:59 +01:00
Gabriel Ebner 1bb964cd15 update nixos 2022-01-30 15:22:26 +01:00
Gabriel Ebner a0afc38771 update nixos 2022-01-16 14:11:37 +01:00
Gabriel Ebner 123fb233c5 update nixos 2022-01-12 21:38:34 +01:00
Gabriel Ebner 15ed947ac1 one more nvim patch 2022-01-12 20:27:49 +01:00
Gabriel Ebner a7d3edef60 update nixos 2022-01-02 18:10:51 +01:00
Gabriel Ebner ba2c2738c0 update nixos 2021-12-30 20:01:59 +01:00
Gabriel Ebner e1d5bea5cc Update nvim lsp patches. 2021-12-26 19:36:47 +01:00
Gabriel Ebner ef5860df46 update nixos 2021-12-21 20:19:37 +01:00
Gabriel Ebner 2c88d6efb8 Update LSP sync patch. 2021-12-15 20:36:03 +01:00
Gabriel Ebner 2ba9a7db29 Update LSP sync patch. 2021-12-15 20:21:50 +01:00
Gabriel Ebner f938fd473e Add unicode LSP sync patch for neovim. 2021-12-15 19:26:30 +01:00
Gabriel Ebner c147fb9a69 Update nixos. 2021-12-15 19:22:09 +01:00
Gabriel Ebner 97c9eeb0a1 update nixos 2021-12-12 13:21:46 +01:00
Gabriel Ebner 32d1647ebd Update nixos. 2021-12-07 12:56:25 +01:00
Gabriel Ebner c95bcb5eaf Fix m17n 2021-12-03 12:41:09 +01:00
Gabriel Ebner ea517b4e74 Update nixos. 2021-12-03 12:30:13 +01:00
Gabriel Ebner 231c0088bb update nixos 2021-11-10 18:56:37 +01:00
Gabriel Ebner 671415d3db update nixos 2021-11-05 20:15:31 +01:00
Gabriel Ebner 8dbafb128f update nixos 2021-10-31 15:00:23 +01:00
Gabriel Ebner 36dbee629f Use exfatprogs 2021-10-30 16:03:11 +02:00
Gabriel Ebner 82441e276a add mpdevil 2021-10-30 15:28:34 +02:00
Gabriel Ebner 6b022802dd Fix wakeonlan syntax 2021-10-22 09:08:04 +02:00
Gabriel Ebner cf7000da8a Reenable helvum. 2021-10-18 14:22:18 +02:00
Gabriel Ebner 1339d81209 update nixos 2021-10-11 10:20:26 +02:00
Gabriel Ebner 621e7a4195 Reactivate fixed firefox. 2021-10-05 17:39:35 +02:00
Gabriel Ebner f1d81035b0 update nixos 2021-10-05 12:00:18 +02:00
Gabriel Ebner 4e4b859940 update nixos 2021-09-29 10:23:27 +02:00
Gabriel Ebner 4c948bf59a neovim-qt: bump 2021-09-21 11:52:06 +02:00
Gabriel Ebner 2f5aa92bb9 update nixos 2021-09-21 11:20:48 +02:00
Gabriel Ebner 0bfee3d416 update nixos 2021-09-16 14:16:43 +02:00
Gabriel Ebner a73446c9fe update nixos 2021-08-30 13:02:45 +02:00
Gabriel Ebner ce44a334cc Force enable unified cgroup hierarchy. 
Otherwise systemd's MaxMemory setting is silently ignored.
 2021-08-30 13:01:09 +02:00
Gabriel Ebner 19070abca7 update nixos 2021-08-27 18:33:27 +02:00
Gabriel Ebner 19e683ec3c Remove quay registry to prevent annoying choice dialog. 2021-08-27 18:26:04 +02:00
Gabriel Ebner 00aba1d288 neovim-qt: fix ctrl-space bug 2021-08-17 16:00:23 +02:00
Gabriel Ebner ca21dfd78b decoysnail: use x11 2021-07-27 11:48:07 +02:00
Gabriel Ebner b87d5c589c update nixos 2021-07-26 18:56:10 +02:00
Gabriel Ebner f5b47396d3 update nixos 2021-07-14 19:33:13 +02:00
Gabriel Ebner 4db98ae432 mastus: fake nextcloud api 2021-07-14 14:10:24 +02:00
Gabriel Ebner 199a195ef8 switch to pipewire 2021-07-14 14:04:43 +02:00
Gabriel Ebner 129850b77a xournalpp nightly 2021-07-11 15:02:12 +02:00
Gabriel Ebner fb0c1eaa4a update nixos 2021-07-10 20:45:38 +02:00
Gabriel Ebner 41180b28b1 pipewire: add helvum 2021-07-10 20:37:15 +02:00
Gabriel Ebner 05e2939f56 update my neovim-qt fork 2021-07-05 18:46:09 +02:00
Gabriel Ebner 2d99fd2a6c Use my neovim-qt fork. 2021-06-30 19:30:32 +02:00
Gabriel Ebner 2f218c4aed update nixos 2021-06-28 09:53:28 +02:00
Gabriel Ebner 42d9f2642c mastus: reenable backup 2021-06-27 15:41:13 +02:00
Gabriel Ebner b49b708b0f mastus: increase nginx upload size 2021-06-27 15:36:17 +02:00
Gabriel Ebner 3fdda46bdd mastus: migrate to 21.05 2021-06-27 14:40:28 +02:00
Gabriel Ebner 393a699de3 Extra network-manager restartIfChanged logic. 2021-06-24 10:45:45 +02:00
Gabriel Ebner 7846a0da2d update nixos 2021-06-23 11:35:28 +02:00
Gabriel Ebner 56626d02d4 update nixos 2021-06-17 17:43:48 +02:00
Gabriel Ebner cf45358391 update nixos 2021-06-13 11:37:48 +02:00
Gabriel Ebner 58a731fff9 add xournalpp 2021-06-13 11:31:54 +02:00
Gabriel Ebner 32ccaa5cdc use ungoogled chromium instead 2021-06-13 09:36:08 +02:00
Gabriel Ebner 9b6ade6c46 add lua 2021-06-13 09:34:53 +02:00
Gabriel Ebner ff1d7507a7 Use git version of neovim-qt 2021-05-30 15:14:00 +02:00
Gabriel Ebner 3e04ee4912 decoysnail: use modern nvim 2021-05-27 12:22:40 +02:00
Gabriel Ebner e0be60449b decoysnail: flakify 2021-05-27 12:20:25 +02:00
Gabriel Ebner 99727a34f7 Disable some bitmap fonts. 2021-05-27 12:15:19 +02:00
Gabriel Ebner c9ca9058ea add more lsp 2021-05-25 21:05:27 +02:00
Gabriel Ebner a001601ec9 add neovim-qt 2021-05-24 20:09:46 +02:00
Gabriel Ebner 41c4cbdf00 add more language servers 2021-05-24 19:22:25 +02:00
Gabriel Ebner 9f87c397b4 hotfix for missing /bin/sh in nix builds 2021-05-24 12:31:46 +02:00
Gabriel Ebner fb720362a8 update flakes 2021-05-23 20:43:27 +02:00
Gabriel Ebner 8ef91afbef update nixos 2021-05-23 09:59:58 +02:00
Gabriel Ebner 097bdd971d Disable useless warning. 2021-05-22 22:40:10 +02:00
Gabriel Ebner 528ee71f8f Move neovim 0.5 overlay into separate file. 2021-05-22 21:43:10 +02:00
Gabriel Ebner b526b0ccc4 Use flake-utils-plus 2021-05-22 21:35:47 +02:00
Gabriel Ebner 116f447e39 use correct neovim overlay 2021-05-22 19:42:52 +02:00
Gabriel Ebner 98daa4eec2 flammea: flakify 2021-05-22 19:24:11 +02:00
Gabriel Ebner fd49f352b7 Add wip eclipse 5 pkg. 2021-05-22 19:14:13 +02:00
Gabriel Ebner c82c06c66b Remove stablePkgs. 2021-05-22 19:12:22 +02:00
Gabriel Ebner 6da10fb12c petalius: add neovim nightly 2021-05-22 19:04:06 +02:00
Gabriel Ebner 23e285bc47 flakify 2021-05-22 18:31:41 +02:00
Gabriel Ebner 1d6b0734b8 petalius: inline hardware configuration 2021-05-22 18:22:44 +02:00
Gabriel Ebner eccbfe2d4e petalius: enable unstable nix 2021-05-22 18:22:30 +02:00
Gabriel Ebner 801b877e42 Move hardware-configuration include to machine config. 2021-05-22 18:17:29 +02:00
Gabriel Ebner 197e008f04 Add spacenav module. 2021-05-22 15:14:01 +02:00
Gabriel Ebner 81e29fea39 Add bear. 2021-05-22 13:52:21 +02:00
Gabriel Ebner bcd7b2077a depend on latest openjdk 2021-05-14 12:20:55 +02:00
Gabriel Ebner 54c21b382a decoysnail: dont restart networkmanager 2021-04-28 11:10:23 +02:00
Gabriel Ebner 2c362d41cf additional space rodent support 2021-04-26 15:35:38 +02:00
Gabriel Ebner 6f78a84615 pipewire: modernize 2021-04-10 20:00:11 +02:00
Gabriel Ebner fc6f5bcac9 mastus/vmtest: add sqlite 2021-04-07 22:03:24 +02:00
Gabriel Ebner 64c6738675 flammea: add ddcui 2021-04-07 22:03:20 +02:00
Gabriel Ebner 1db5517027 murex: increase upload size 2021-04-04 13:34:49 +02:00
Gabriel Ebner 156dae4c56 mastus: fix vmtest 2021-04-03 12:19:23 +02:00
Gabriel Ebner 7f6e5b1294 flammea: more 2021-04-03 11:59:52 +02:00
Gabriel Ebner 0f0f67f114 flammea: amd! 2021-04-02 19:22:49 +02:00
Gabriel Ebner 009220fd46 Tentative flammea support. 2021-04-02 14:13:35 +02:00
Gabriel Ebner 90115d4c0b Add transmission group. 2021-03-16 17:12:52 +01:00
Gabriel Ebner 42001b4f3c aplysia: use different mullvad server 2021-03-12 13:33:40 +01:00
Gabriel Ebner 4773219133 add some new packages for gui 2021-02-19 11:18:43 +01:00
Gabriel Ebner aa09035b08 do not restart network manager on nixos-rebuild 2021-02-07 10:48:11 +01:00
Gabriel Ebner 0482486ce6 disable fbcon 2021-02-06 10:46:16 +01:00
Gabriel Ebner 4a63af68cf disable firefox 2020-12-26 12:12:42 +01:00
Gabriel Ebner fdbf06fcae add useful pipewire tools 2020-12-26 12:12:23 +01:00
Gabriel Ebner 30039f69bd i3: remove pa-applet 2020-12-23 20:26:33 +01:00
Gabriel Ebner a0462a5254 pipewire: add some useful tools 2020-12-23 20:18:03 +01:00
Gabriel Ebner 1ac132ac31 add pipewire module 2020-12-04 17:54:20 +01:00
Gabriel Ebner 88ab086ce5 pulseaudio: switch back to pulseaudio-modules-bt 2020-12-04 17:54:06 +01:00
Gabriel Ebner 4611083f9a fix typo 2020-12-01 13:01:26 +01:00
Gabriel Ebner 723234be94 add pasystray 2020-11-26 22:48:08 +01:00
Gabriel Ebner 8e26c3fb34 Add unstable-nix.nix 2020-11-26 19:17:59 +01:00
Gabriel Ebner 9b6f76216c petalius: switch to i3 2020-11-26 19:15:43 +01:00
Gabriel Ebner 06d038b942 archachatina: use unstable nix 2020-11-26 17:58:41 +01:00
Gabriel Ebner 73a9f4660f archachatina: switch to i3 2020-11-26 17:58:41 +01:00
Gabriel Ebner ec0eb1930b petalius: enable fwupd 2020-11-25 19:28:16 +01:00
Gabriel Ebner f58a4b31c1 Reenable dmesg. 2020-11-21 15:43:43 +01:00
Gabriel Ebner 4d7509f336 add recommended lxd settings 2020-11-21 11:55:00 +01:00
Gabriel Ebner 41916a2e03 Merge remote-tracking branch 'origin/master' 2020-11-21 11:46:27 +01:00
Gabriel Ebner 647a83bc1c enable lxd 2020-11-21 11:30:36 +01:00
Gabriel Ebner db5f55bfd1 refactor 2020-11-21 11:28:14 +01:00
Gabriel Ebner 7ba7f967fa petalius: disable unison 2020-11-21 11:20:58 +01:00
Gabriel Ebner 8b2371ffea typo 2020-11-17 10:13:36 +01:00
Gabriel Ebner b5232c4a88 Add new bluetooth dongle firmware. 2020-11-13 19:44:30 +01:00
Gabriel Ebner 0938a7079e Merge remote-tracking branch 'origin/master' 2020-11-12 19:42:25 +01:00
Gabriel Ebner 2c58227d53 Remove waybar patch as it doesn't work with winter-time. 2020-11-12 14:20:39 +01:00
Gabriel Ebner fd5f32dd18 archachatina: add commented-out support for non-free virtualbox 2020-11-12 14:19:51 +01:00
Gabriel Ebner 0379f7e4e3 add v4l2loopback 2020-11-12 14:19:09 +01:00
Gabriel Ebner 47c12d1d0f add xournal 2020-11-12 14:16:43 +01:00
Gabriel Ebner 400ecb9489 add d-feet 2020-11-12 14:09:44 +01:00
Gabriel Ebner 9b6605707b pulseaudio: enable hsphfpd 2020-11-12 14:09:28 +01:00
Gabriel Ebner a03de989d1 petalius: use nixpkgs wstunnel 2020-11-09 17:32:20 +01:00
Gabriel Ebner 90bde009e8 Add xournalpp 2020-11-05 13:24:45 +01:00
Gabriel Ebner 9126385cbb Do not require unix option on cifs mounts. 
This breaks on new linux kernel, which interpret this to mean SMB3+
 2020-10-30 19:16:02 +01:00
Gabriel Ebner 3a6692a580 mastus: typo 2020-10-30 19:10:56 +01:00
Gabriel Ebner 7aeab57206 mastus: dovecot: disable fts 2020-10-30 19:09:18 +01:00
Gabriel Ebner b311268a50 mastus: acme breakage 2020-10-30 19:06:17 +01:00
Gabriel Ebner 40783c7331 mastus: enable ACME? 2020-10-30 18:45:44 +01:00
Gabriel Ebner d82274f7d7 mastus: remove custom wstunnel 2020-10-30 17:58:08 +01:00
Gabriel Ebner 07171c5c8f dns: add ams-gw 2020-10-30 17:14:22 +01:00
Gabriel Ebner 9f4e32fc22 archachatina: use newer kernel 2020-10-22 20:03:40 +02:00
Gabriel Ebner 843cbca199 Use elinks everywhere. 2020-10-17 10:07:49 +02:00
Gabriel Ebner 1d87223b87 murex: get working again 2020-10-11 12:14:54 +02:00
Gabriel Ebner 479986d2f6 Enable pipewire 2020-10-11 12:06:18 +02:00
Gabriel Ebner 67f790dab7 Add calculix 2020-10-10 15:48:15 +02:00
Gabriel Ebner 4d62e4b028 Add paprefs 2020-10-10 15:46:50 +02:00
Gabriel Ebner 557620b462 murex: update 2020-10-03 20:19:14 +02:00
Gabriel Ebner 35651f0070 vaccaria: disable fancontrol 2020-10-03 12:53:13 +02:00
Gabriel Ebner 9bb3639a04 aplysia: transmission: listen on more than localhost 2020-10-03 12:47:03 +02:00
Gabriel Ebner 279096dee5 changes from vaccaria 2020-10-03 12:36:07 +02:00
Gabriel Ebner 750c817ce5 Force usage of CIFS unix extension. 
Unfortunately samba is removing them without replacement, so I'll have
to replace samba with something else...
 2020-10-03 12:32:43 +02:00
Gabriel Ebner 3eae53f261 update freecad version 2020-09-27 11:56:56 +02:00
Gabriel Ebner 23a64be276 add asm3 freecad version 2020-09-27 10:59:40 +02:00
Gabriel Ebner f1fd27093b use socket activated dbus 2020-09-20 17:00:59 +02:00
Gabriel Ebner f52e993906 add ncdu 2020-09-20 10:41:49 +02:00
Gabriel Ebner 05cb452f0d Install gsettings schemas. 2020-09-18 20:50:00 +02:00
Gabriel Ebner d15faa1d15 gnome3: fix build 2020-09-18 20:50:00 +02:00
Gabriel Ebner 32c0882522 Downgrade kernel for virtualbox. 2020-09-18 20:50:00 +02:00
Gabriel Ebner 1c1739317c Oops. 2020-09-16 18:56:40 +02:00
Gabriel Ebner 6f4f452c1d Upgrade to openjdk14. 2020-09-16 18:49:09 +02:00
Gabriel Ebner 0ec6adee10 firefox: keep ctrl+t 2020-09-09 19:31:19 +02:00
Gabriel Ebner a405cefba7 firefox: fix ctrl+w 2020-09-09 19:26:16 +02:00
Gabriel Ebner 9376a369b5 archachatina: fix build 2020-09-09 19:15:55 +02:00
Gabriel Ebner a2a81e167f Add perl to basic tools. 2020-09-08 17:03:17 +02:00
Gabriel Ebner 9c8bf11ac6 fix firefox patching 2020-08-31 16:45:04 +02:00
Gabriel Ebner 38dbe47139 better firefox patching 
still ui glitches
 2020-08-31 11:43:14 +02:00
Gabriel Ebner 9dd48cf55c Replace all old firefox occurrences. 2020-08-31 10:58:55 +02:00
Gabriel Ebner e87b6b93b6 Patch reserved shortcuts out of firefox. 2020-08-31 10:43:13 +02:00
Gabriel Ebner 26613ac8d6 Merge remote-tracking branch 'origin/master' into master 2020-08-22 17:36:32 +02:00
Gabriel Ebner 678add5bb9 Add strace. 2020-08-22 17:36:21 +02:00
Gabriel Ebner 047e92382e Move fonts around. 2020-08-22 16:11:23 +02:00
Gabriel Ebner 9c892c0606 Fix waybar clock locale. 2020-08-22 15:09:54 +02:00
Gabriel Ebner e763ebcbe4 Merge remote-tracking branch 'origin/master' into master 2020-08-22 14:42:34 +02:00
Gabriel Ebner 798b114b1d Add opencl support. 2020-08-22 14:42:24 +02:00
Gabriel Ebner bcafc0a526 Remove british time. 2020-08-22 12:51:09 +02:00
Gabriel Ebner 0447ee0a8e Switch timezone to amsterdam. 2020-08-20 20:02:06 +02:00
Gabriel Ebner 366f5f2f0c Add some fonts. 2020-08-17 20:50:24 +02:00
Gabriel Ebner eaa8f70cbf Do not use stable packages. 
These are semi-broken after the recent fontconfig upgrade.

libreoffice also had broken IME due to a glib version upgrade.
 2020-08-17 20:50:08 +02:00
Gabriel Ebner d609117a14 decoysnail: switch to sway 2020-08-17 11:02:36 +02:00
Gabriel Ebner 14338b1b08 Add wl-clipboard. 2020-08-17 11:02:28 +02:00
Gabriel Ebner 26d75615d0 Add better locale settings. 2020-08-01 17:04:54 +02:00
Gabriel Ebner 962ea693af archachatina: add presentation user 2020-08-01 16:52:23 +02:00
Gabriel Ebner 03ca0530f9 enable podman 2020-07-24 21:23:06 +02:00
Gabriel Ebner ddae1c3361 Update to latest stable. 2020-07-19 18:37:57 +02:00
Gabriel Ebner 9069ea1716 sway: add xdg-desktop-portal-wlr 2020-07-16 14:49:42 +02:00
Gabriel Ebner 0b6a984071 Disable wayland backend for Qt. 2020-07-16 12:40:19 +02:00
Gabriel Ebner a3eeafbc19 Only override pulseaudio for waybar. 2020-07-16 11:49:07 +02:00
Gabriel Ebner 5cfe3dabcd Add waybar. 2020-07-15 11:48:32 +02:00
Gabriel Ebner 890c4bf464 Reorganize configuration. 2020-07-14 16:47:09 +02:00
Gabriel Ebner 8f5ce8e2e8 Use wofi. 2020-07-14 16:34:54 +02:00
Gabriel Ebner 05c4373f1b archachatina: use sway 2020-07-14 15:09:49 +02:00
Gabriel Ebner e1b97efdb2 Audiophile pulseaudio settings. 2020-07-07 22:14:39 +02:00
Gabriel Ebner 103f5c3758 Make work with current unstable. 2020-06-22 16:06:28 +02:00
Gabriel Ebner f504d72136 Remove cquery. 2020-06-22 15:16:02 +02:00
Gabriel Ebner ef8a893828 Add flatpak 2020-06-22 13:15:16 +02:00
Gabriel Ebner 1fe4d168a7 decoysnail: use new luks.devices syntax 2020-06-15 09:23:25 +02:00
Gabriel Ebner 5147ecfd8c decoysnail: reenable docker 2020-06-15 09:22:00 +02:00
Gabriel Ebner 182743b525 mastus: update fts-xapian 2020-06-14 13:15:14 +02:00
Gabriel Ebner c421086704 euhadra: enable mpd streaming 2020-06-13 16:51:38 +02:00
Gabriel Ebner 63a3767efd euhadra: switch to aplysia 2020-06-13 16:14:42 +02:00
Gabriel Ebner 25469ac56e mastus: Fix autoindex exclude syntax. 2020-06-13 15:34:52 +02:00
Gabriel Ebner 934bfb875d mastus: index text attachments 2020-06-13 15:13:53 +02:00
Gabriel Ebner 3357962f02 mastus: enable dovecot fts plugin 2020-06-13 15:12:39 +02:00
Gabriel Ebner a7e98abd53 mastus: add full-text search to dovecot 2020-06-13 13:08:47 +02:00
Gabriel Ebner fd7b351486 mastus: fixes for 20.03 2020-06-13 13:08:34 +02:00
Gabriel Ebner c7d6e1c16a add audacious 2020-06-13 12:39:18 +02:00
Gabriel Ebner 68d748d535 Add ccls. 2020-06-07 11:21:11 +02:00
Gabriel Ebner b198dc700c enable flatpak 2020-05-24 16:34:53 +02:00
Gabriel Ebner 8ee276da6d petalius: update to current nixpkgs 2020-05-23 18:58:07 +02:00
Gabriel Ebner 4f0ce97ec6 correctly enable adb 2020-05-23 09:40:18 +02:00
Gabriel Ebner e14b9ffc8d update 2020-05-22 11:17:53 +02:00
Gabriel Ebner 37d3d4ac55 Update stable pkgs. 2020-05-03 16:02:59 +02:00
Gabriel Ebner a9c8398ed7 petalius: use older kernel for now for vbox 2020-04-11 11:38:29 +02:00
Gabriel Ebner 7a8a25926e petalius: back to the polder 2020-01-16 14:45:33 +01:00
Gabriel Ebner 67d3414005 petalius: move to pgh 2020-01-11 23:07:06 -05:00
Gabriel Ebner fa5a20c542 aplysia: enable rsyncd 2020-01-02 23:45:33 +01:00
Gabriel Ebner 4bcdee4a28 decoysnail: disable subpixel hinting 2019-12-20 10:00:55 +01:00
Gabriel Ebner efaa0f412d alias 2019-12-09 23:03:32 +01:00
Gabriel Ebner cfad7061f8 aplysia: add backup cronjob 2019-12-01 12:29:57 +01:00
Gabriel Ebner c21f3ee608 petalius: move back to europe 2019-11-21 09:28:11 +01:00
Gabriel Ebner 269716cef0 move blueman service to generic i3 config 2019-11-15 19:42:29 +01:00
Gabriel Ebner 6e2a432358 euhadra: enable blueman service 2019-11-05 18:25:34 +01:00
Gabriel Ebner cd09bef44d add magic-wormhole 2019-11-04 11:22:31 +01:00
Gabriel Ebner 25e24e7876 aplysia: fix duplicate attributes 2019-11-03 16:23:42 +01:00
Gabriel Ebner d2443c4326 aplysia: use new users.users attribute 2019-11-03 16:21:04 +01:00
Gabriel Ebner e3c5774448 aplysia: add nilotica user 2019-11-03 16:13:59 +01:00
Gabriel Ebner 9b4ac012ed archachatina: add tablet support 2019-11-03 13:35:04 +01:00
Gabriel Ebner dc793815e0 Add custom installer with ssh login enabled. 2019-11-03 11:43:49 +01:00
Gabriel Ebner 37b91c8bbd archachatina: use blueman module 2019-11-01 18:53:27 +01:00
Gabriel Ebner 5e14a8652d mastus: fix acme challenge directory 2019-10-31 22:44:25 +01:00
Gabriel Ebner 37d852f36d i3: use new gnupg.agent module 2019-10-31 20:41:31 +01:00
Gabriel Ebner b0fa421392 mastus/ttrss: update to 19.09 2019-10-31 19:36:18 +01:00
Gabriel Ebner e0d1ac9d2c petalius: move to lisbon 2019-10-19 18:35:58 +02:00
Gabriel Ebner 88b3f477bc decoysnail: use wstunnel 2019-10-16 10:37:16 +02:00
Gabriel Ebner 0d647a7c80 aplysia: proxy transmission rpc 2019-10-16 00:20:57 +02:00
Gabriel Ebner 31c4ded910 aplysia: enable transmission again 2019-10-15 21:56:40 +02:00
Gabriel Ebner f866389c28 aplysia: first version of transmission container 2019-10-15 21:45:01 +02:00
Gabriel Ebner 20353dde3f New decoysnail. 2019-10-15 13:56:13 +02:00
Gabriel Ebner ab733c8797 Fix i3 startup. 2019-10-15 13:21:50 +02:00
Gabriel Ebner db512c1dcd Move computers around europe. 2019-10-14 11:03:14 +02:00
Gabriel Ebner 5943f7ec95 update nixpkgs stable checkout 2019-10-11 13:07:39 +02:00
Gabriel Ebner 2a596102d1 add pcmanfm 2019-10-11 13:04:41 +02:00
Gabriel Ebner 15df1a7b24 aplysia: disable transmission 2019-10-09 17:13:18 +02:00
Gabriel Ebner 83b6967be6 petalius: use wstunnel workaround 2019-10-03 20:10:37 +02:00
Gabriel Ebner 882db43696 mastus: quiet wstunnel 2019-10-03 19:58:46 +02:00
Gabriel Ebner d403cf223a mastus: add wstunnel 2019-10-03 19:19:07 +02:00
Gabriel Ebner 6c86c80e07 petalius: use resolved 2019-10-03 12:30:33 +02:00
Gabriel Ebner 1a456bef2a petalius: use new blueman service 2019-10-03 12:30:24 +02:00
Gabriel Ebner 3f0dac7992 Use nodejs_latest 2019-10-01 13:01:20 +02:00
Gabriel Ebner 2878e73ad0 petalius: fix vpn gw 2019-09-25 14:23:50 +02:00
Gabriel Ebner 9636644d77 petalius: move back to vienna 2019-09-09 18:17:26 +01:00
Gabriel Ebner fd74adb3f9 petalius: move to london 2019-08-31 13:24:58 +01:00
Gabriel Ebner 63ffa3df73 mastus: use radicale 2 2019-08-26 18:06:21 +02:00
Gabriel Ebner 156181518d mastus: use nginx module 2019-08-25 18:04:33 +02:00
Gabriel Ebner e0fc41f1cc petalius: back to vienna 2019-08-06 19:30:21 +09:00
Gabriel Ebner 7d487e0c5a petalius: move to tokyo 2019-07-19 08:53:11 +02:00
Gabriel Ebner fe5b058aa0 petalius: use imps protocol, trackpoint breaks on suspend otherwise 2019-07-19 08:51:37 +02:00
Gabriel Ebner f2dfdfe5c9 petalius: use linux 5.2 2019-07-17 18:11:18 +02:00
Gabriel Ebner f38391801b petalius: add blueman 2019-07-17 18:05:54 +02:00
Gabriel Ebner 1ea122b6d9 Merge remote-tracking branch 'murex/master' 2019-07-08 22:56:44 +02:00
Gabriel Ebner 88c7f3c0a5 murex: include octoprint plugins in nixpkgs 2019-07-08 22:55:06 +02:00
Gabriel Ebner 8aab14d26e Add nodejs 12 2019-07-05 15:13:02 +02:00
Gabriel Ebner 6bdada2437 freecad 2019-06-21 10:44:44 +02:00
Gabriel Ebner b6a9c3ced5 pass-otp 2019-06-21 10:44:38 +02:00
Gabriel Ebner ef94df7dd7 cura: add plugins 2019-06-17 13:49:08 +02:00
Gabriel Ebner cd15b820f1 Set an end to satanic torture! 2019-06-15 20:36:48 +02:00
Gabriel Ebner 284c53183a re-add elinks (for mutt) 2019-06-07 12:17:45 +02:00
Gabriel Ebner a9d5985e80 Readd ag (needed for neovim) 2019-06-05 10:52:08 +02:00
Gabriel Ebner 43765b9038 murex: switch back to upstream kernel 2019-05-31 20:41:50 +02:00
Gabriel Ebner f78f549c6b murex: disable full-hd again for now 2019-05-31 20:41:17 +02:00
Gabriel Ebner 432bd49810 murex: fix 502 bad gateway 2019-05-31 19:38:30 +02:00
Gabriel Ebner a1842f265f murex: enable full-hd goodness 2019-05-31 19:27:09 +02:00
Gabriel Ebner a64c31c7fd murex: fix for kernel panic 2019-05-31 19:21:58 +02:00
Gabriel Ebner ee80e79952 murex: fix gpio permissions 2019-05-30 17:53:25 +02:00
Gabriel Ebner 2b5733f6d9 murex: fit /webcampic/ url 2019-05-30 17:52:58 +02:00
Gabriel Ebner c15d04479e murex: initialize gpio 2019-05-30 16:51:30 +02:00
Gabriel Ebner f35353812a Disable OctoPrint-PrintTimeGenius due to broken build system 2019-05-30 16:25:22 +02:00
Gabriel Ebner 8712488db7 murex: enable lots of octoprint plugins 2019-05-30 14:43:03 +02:00
Gabriel Ebner 9fe6f8ac0a Merge remote-tracking branch 'murex/master' 2019-05-30 13:31:20 +02:00
Gabriel Ebner 2f515fa498 murex: octoprint server 2019-05-30 13:30:01 +02:00
Gabriel Ebner b7a36e2212 qemu-user: new config option 2019-05-28 17:05:23 +02:00
Gabriel Ebner 4686e84de4 unclutter 2019-05-28 17:05:13 +02:00
Gabriel Ebner 63bf410b81 archachatina: i3, virtualbox, nix-serve 2019-05-14 16:14:42 +02:00
Gabriel Ebner 9a2584c22c Re-add loc. 2019-05-14 16:14:33 +02:00
Gabriel Ebner 12fa8dbd67 sway: no longer beta 2019-05-14 16:14:18 +02:00
Gabriel Ebner 8933ec7177 Fix cura hack. 2019-05-14 16:12:24 +02:00
Gabriel Ebner 7ee95d870d Update stable package set. 2019-05-14 15:53:27 +02:00
Gabriel Ebner 1359eac9b8 Add some 3D CAD related packages. 2019-05-14 15:50:46 +02:00
Gabriel Ebner 1b73fb1e87 Switch to openjdk12 (when available). 2019-04-04 10:35:14 +02:00
Gabriel Ebner 2912eeda5d petalius: support keyboards 2019-04-04 10:34:49 +02:00
Gabriel Ebner 13fb75ef14 sway: include xdg-open 2019-03-10 17:57:25 +01:00
Gabriel Ebner 72314db661 sway: updates 2019-03-10 09:53:33 +01:00
Gabriel Ebner 4acb7a5e87 archachatina: move to wayland 2019-03-09 22:46:35 +01:00
Gabriel Ebner d9c7c6db05 decoysnail: use intel driver 2019-03-08 12:37:04 +01:00
Gabriel Ebner 41f5e6bd11 Use newer nodejs. 2019-03-03 21:08:22 +01:00
Gabriel Ebner 13d146fb0a decoysnail: add udev rules for keyboard 2019-02-27 11:16:49 +01:00
Gabriel Ebner 5724f43540 Add inkscape by default. 2019-02-27 11:16:19 +01:00
Gabriel Ebner 32597895e5 Add udev rules for my keyboard. 2019-02-27 11:16:03 +01:00
Gabriel Ebner 78b51d787e archachatina: add blueman 2019-02-21 19:18:48 +01:00
Gabriel Ebner e76bccb537 decoysnail: use superior systemd-resolved 2019-02-19 13:12:37 +01:00
Gabriel Ebner ee25b7e75e More bluetooth & audio. 2019-02-18 19:47:58 +01:00
Gabriel Ebner 990d5de3c8 archachatina: enable ratbagd 2019-02-18 19:28:18 +01:00
Gabriel Ebner 5eacab2eee petalius: enable bluetooth 2019-02-16 14:25:50 +01:00
Gabriel Ebner 4d25702c3e petalius: reactivate virtualbox 2019-02-12 14:39:55 +01:00
Gabriel Ebner 45ffe6c587 Update stable packages. 2019-02-01 13:47:35 +01:00
Gabriel Ebner 86b86266e4 Update packages. 2019-01-15 10:37:51 +01:00
Gabriel Ebner 4b5f4c9238 decoysnail: enable avahi 2019-01-02 13:57:47 +01:00
Gabriel Ebner 7e1676b61c new platform-tools name 2019-01-02 13:57:28 +01:00
Gabriel Ebner a655283b60 add qemu user emulation 2018-12-18 17:30:45 +01:00
Gabriel Ebner f04d990860 b2sum: blake2 checksum 2018-12-18 15:55:13 +01:00
Gabriel Ebner f5efaf04a9 vaccaria: rdiff-backup 2018-12-18 11:30:00 +01:00
Gabriel Ebner 590c4ffb7f rclone, duplicity 2018-12-18 11:29:14 +01:00
Gabriel Ebner 78406a49ad decoysnail: add beignet 2018-12-18 11:07:01 +01:00
Gabriel Ebner 9a3a0650ed mastus: add duplicity 2018-12-17 15:52:39 +01:00
Gabriel Ebner 59e4b87363 disable nscd 2018-12-13 10:39:40 +01:00
Gabriel Ebner 10f69ddc09 Add qalc. 2018-11-22 14:08:46 +01:00
Gabriel Ebner 491b53aee9 archachatina: add clementine 2018-11-18 17:02:31 +01:00
Gabriel Ebner 8aba4ef431 add baobab 2018-11-18 13:14:46 +01:00
Gabriel Ebner 58361afaaf petalius: add video group required for backlight 2018-11-18 13:05:57 +01:00
Gabriel Ebner 3cbf73bc8b add manpages 2018-11-18 12:03:49 +01:00
Gabriel Ebner 574dd3a5c1 clean up i3 config. 2018-11-18 11:42:15 +01:00
Gabriel Ebner ee38033d99 decoysnail: add keepalive for wireguard 2018-11-15 10:06:48 +01:00
Gabriel Ebner 28835c5915 aplysia: nofail boot & transmission config 2018-11-12 19:04:38 +01:00
Gabriel Ebner c96b4b281e archachatina: enable libvirtd 2018-11-12 19:04:15 +01:00
Gabriel Ebner e5a0485884 disable virtualbox 2018-11-07 17:52:11 +01:00
Gabriel Ebner ea61d4b093 decoysnail: allow discards 2018-11-05 18:13:27 +01:00
Gabriel Ebner d98c680839 decoysnail: enable fstrim 2018-11-05 18:06:19 +01:00
Gabriel Ebner e467fb6ca3 fix fstrimroot 2018-11-05 18:05:56 +01:00
Gabriel Ebner d0740204a8 Revert "disable geoclue2" 
This reverts commit d501bf6708.
 2018-11-04 16:11:06 +01:00
Gabriel Ebner d501bf6708 disable geoclue2 2018-11-04 16:07:05 +01:00
Gabriel Ebner c7369f98c1 petalius: add libvirtd 2018-11-04 15:37:01 +01:00
Gabriel Ebner 126bb1e0c6 Use openjdk11. 2018-11-03 11:49:17 +01:00
Gabriel Ebner 4951130595 i3lock-color, nix-index 2018-10-28 14:54:38 +01:00
Gabriel Ebner 754cd7c814 archachatina: remove ratbag 
ratbag doesn't support my roccat tyon...
 2018-10-11 10:29:21 +02:00
Gabriel Ebner 37f1d82432 2018-10-09 13:29:33 +02:00
Gabriel Ebner 581100fb18 decoysnail: add ssd 2018-10-09 10:40:33 +02:00
Gabriel Ebner 17ace16793 decoysnail: add wireguard tunnel 2018-10-08 11:50:19 +02:00
Gabriel Ebner 13b2d0c933 petalius: move back to vienna 2018-10-04 08:42:22 +02:00
Gabriel Ebner 20030ce908 add firefox 2018-10-04 03:47:36 +09:00
Gabriel Ebner cd468db768 petalius: switch to tokyo 2018-09-04 08:13:53 +02:00
Gabriel Ebner d8008d3bef petalius: wg: setup dns 2018-09-03 15:43:12 +02:00
Gabriel Ebner e7e07d732a vaccaria: updates 2018-09-01 18:44:24 +02:00
Gabriel Ebner d078aa51f7 vaccaria: allow backup from aruanus 2018-09-01 18:43:27 +02:00
Gabriel Ebner 88378d8a7b common-sw: qr codes 2018-09-01 15:43:47 +02:00
Gabriel Ebner ea718b3967 petalius: add wireguard 2018-09-01 15:40:10 +02:00
Gabriel Ebner e779620861 upgrade yourkit 2018-08-22 21:16:41 +02:00
Gabriel Ebner 9b2e0d616f add cquery 2018-08-14 14:58:54 +02:00
Gabriel Ebner 7c7146cf9c Fix nix-repl fallout. 2018-08-12 20:11:14 +02:00
Gabriel Ebner 83099f22b4 update stable checkout 2018-08-07 15:01:51 +02:00
Gabriel Ebner adfcd6f7ae Rename system.nixos.stateVersion to system.stateVersion 2018-08-07 14:48:28 +02:00
Gabriel Ebner e5021d2015 Clean up packages. 2018-08-07 14:47:55 +02:00
Gabriel Ebner 0b8e55c5c4 openjdk 10 2018-08-06 16:06:25 +02:00
Gabriel Ebner 8c66260738 smartmontools 2018-08-05 10:42:42 +02:00
Gabriel Ebner 6300f08e75 re-enable clion 2018-08-05 10:41:13 +02:00
Gabriel Ebner 748f8a6eb1 move petalius to vienna 2018-07-21 19:39:51 +01:00
Gabriel Ebner 8823a8091f move petalius to oxford 2018-07-21 19:39:51 +01:00
Gabriel Ebner a3ad278358 add usbutils 2018-06-17 17:44:30 +02:00
Gabriel Ebner 27572e66cd disable calibre 2018-06-14 13:24:42 +02:00
Gabriel Ebner b9e84486b5 decoysnail: add stateVersion 2018-06-11 13:20:18 +02:00
Gabriel Ebner 9df91057ad update packages 2018-06-10 15:14:37 +02:00
Gabriel Ebner 14b1753644 use libreoffice from stable 2018-06-10 15:14:37 +02:00
Gabriel Ebner 65f5be596b add exfat support 2018-06-10 15:14:37 +02:00
Gabriel Ebner 7ed27bc204 petalius: add stateVersion 2018-05-22 21:15:31 +02:00
Gabriel Ebner 298be20708 archachatina: set stateVersion 2018-05-21 14:33:01 +02:00
Gabriel Ebner a6f4b3ab84 mastus: ttrss: disable nginx vhost 2018-04-17 11:50:16 +02:00
Gabriel Ebner 97aea12bb6 mastus: enable brotli 2018-04-07 11:08:09 +02:00
Gabriel Ebner 5e8acd1b37 nginx: enable gzip 2018-04-06 16:53:51 +02:00
Gabriel Ebner a5ddbe521f aplysia: change transmission port 2018-03-25 12:39:13 +02:00
Gabriel Ebner de7cd28dc6 pulseaudio: disable flat volumes 2018-03-25 10:53:17 +02:00
Gabriel Ebner 6197556eb3 make korean work 2018-03-16 18:00:49 +01:00
Gabriel Ebner 78daed93cf mastus: run fcgiwrap with reduced privileges 2018-03-16 17:39:12 +01:00
Gabriel Ebner 925e4e0b50 mastus: website: fix 404 cgi 2018-03-16 17:26:58 +01:00
Gabriel Ebner 71a3e19c65 mastus: website: enable 404 cgi script 2018-03-16 17:02:42 +01:00
Gabriel Ebner 3c95036437 mastus: update iface name 2018-03-10 16:40:04 +01:00
Gabriel Ebner 4e5bf55c2c mastus/website: syntax error 2018-03-10 16:36:50 +01:00
Gabriel Ebner 81f1c549a7 mastus: use nixos gogs service 2018-03-10 16:27:04 +01:00
Gabriel Ebner 533cdabc8f mastus/website: separate log file 2018-03-10 16:07:42 +01:00
Gabriel Ebner 5535f5eaeb mastus: s/blog/website/ 2018-03-10 16:01:35 +01:00
Gabriel Ebner ad3ca6bcde mastus: remove unused gitblit 2018-03-10 16:01:01 +01:00
Gabriel Ebner 612e4d3c4b mastus: update 404 page 2018-03-10 15:50:52 +01:00
Gabriel Ebner 2e50d76d90 geoip 2018-03-09 16:01:10 +01:00
Gabriel Ebner 852e922e45 Switch back to stable nix. 2018-03-08 18:45:10 +01:00
Gabriel Ebner 0c106f5c46 archachatina: disable nix-serve 2018-03-08 18:38:51 +01:00
Gabriel Ebner ef97ddd8e4 archachatina: use current postgis package 2018-02-24 18:00:14 +01:00
Gabriel Ebner c9b83860f7 decoysnail: enable ssh x11 forwarding 2018-02-19 10:31:12 +01:00
Gabriel Ebner fb6b210541 disable zsh 2018-02-19 10:30:59 +01:00
Gabriel Ebner 22e9dec442 Use prebuilt pulseaudioFull package. 2018-02-17 15:00:11 +01:00
Gabriel Ebner b3f948ae69 Update packages. 2018-01-06 13:08:22 +01:00
Gabriel Ebner 87a68d0b26 remove mu 2018-01-06 11:32:16 +01:00
Gabriel Ebner e6b258c9c1 Add electrum package. 2018-01-06 11:29:04 +01:00
Gabriel Ebner 23c2f87794 Package changes. 2018-01-06 11:28:40 +01:00
Gabriel Ebner 8da778c039 Clean up vaccaria and aplysia config. 2018-01-05 18:46:55 +01:00
Gabriel Ebner 1be3472ce7 Use wireshark module. 2018-01-05 18:46:55 +01:00
Gabriel Ebner 41e7bc98d2 yourkit: 2017.02-b53 -> 2017.02-b68 2018-01-04 11:01:42 +01:00
Gabriel Ebner c9fd298def large-sw: -clion, +qutebrowser, +rustup 2017-12-26 11:01:31 +01:00
Gabriel Ebner efe5adb30e Merge branch 'master' of https://git.gebner.org/gebner/nixos-config 2017-12-19 21:19:12 +01:00
Gabriel Ebner b93b7f08e8 i3: fix XDG_CURRENT_DESKTOP 
If XDG_CURRENT_DESKTOP=GNOME, then xdg-mime believes gio is on the PATH.
 2017-12-15 09:48:17 +01:00
Gabriel Ebner faa85a0ed4 Merge remote-tracking branch 'origin/master' 2017-12-09 19:08:42 +01:00
Gabriel Ebner 278f0b2e67 vaccaria: fix fancontrol 2017-12-09 19:08:20 +01:00
Gabriel Ebner 5210f0eaad petalius: (almost) back in vienna 2017-12-06 10:30:48 +01:00
Gabriel Ebner 6745772573 petalius: tokyo!!! 2017-11-15 00:44:21 +09:00
Gabriel Ebner 8a4401fb91 archachatina: unstable nix, postgres 2017-11-11 08:48:35 +01:00
Gabriel Ebner bc067ed6dc lean 2017-11-11 08:48:27 +01:00
Gabriel Ebner 0c3d800809 update stable checkout 2017-11-09 15:16:32 +01:00
Gabriel Ebner 90ace13369 decoysnail: switch to nix 1.12 2017-11-02 08:54:25 +01:00
Gabriel Ebner df64d06b7e petalius: use current nix 2017-11-01 15:07:12 +01:00
Gabriel Ebner 5c606ec298 euhadra: use systemwide pulseaudio 2017-10-26 22:05:58 +02:00
Gabriel Ebner 29ac6bc689 use newer nodejs 2017-10-17 17:45:06 +02:00
Gabriel Ebner 370434f673 archachatina: enable tearfree option 2017-10-17 17:37:58 +02:00
Gabriel Ebner 4d38965ad7 More neovim stuff. 2017-10-13 16:09:43 +02:00
Gabriel Ebner c2a2306dad Remove theba config. 2017-10-06 11:50:36 +02:00
61 changed files with 2471 additions and 881 deletions
Show Stats Expand all files Collapse all files

171
aplysia.nix
View File

@ -1,9 +1,14 @@
{ config, pkgs, ... }:
let
trnsmssnIface = "wg-trnsmssn";
in
{
imports =
[
/etc/nixos/hardware-configuration.nix
./common-headless.nix
./tailscale.nix
];
boot.supportedFilesystems = ["zfs"];
@ -26,11 +31,31 @@
hostId = "34a820f1";
};
services.openssh.enable = true;
users = {
users = {
gebner.extraGroups = [
"transmission"
"nilotica"
];
users.extraUsers.gebner = {
nilotica = {
group = "nilotica";
isNormalUser = true;
extraGroups = ["wheel" "transmission"];
};
transmission = {
group = "transmission";
uid = config.ids.uids.transmission;
};
};
groups = {
nilotica = {};
transmission = {
gid = config.ids.gids.transmission;
};
};
};
boot.kernelPackages = pkgs.lib.mkOverride 10 pkgs.linuxPackages;
@ -42,11 +67,19 @@
fsType = "zfs";
};
fileSystems."/boota".options = [ "nofail" ];
fileSystems."/bootb".options = [ "nofail" ];
fileSystems."/bootc".options = [ "nofail" ];
fileSystems."/bootd".options = [ "nofail" ];
fileSystems."/boote".options = [ "nofail" ];
fileSystems."/bootf".options = [ "nofail" ];
services.samba = {
enable = true;
extraConfig = ''
passdb backend = tdbsam
unix password sync = no
min protocol = NT1
'';
shares = {
export = {
@ -57,26 +90,116 @@
};
};
containers.trnsmssn =
let
homeDir = "/mnt/aplysia/torrents";
in rec {
config = {
services.transmission = {
enable = true;
settings = {
download-dir = "/mnt/aplysia/torrents";
incomplete-dir = "/mnt/aplysia/torrents";
download-dir = homeDir;
incomplete-dir = homeDir;
peer-port = 51413;
speed-limit-down = 5000;
speed-limit-down-enabled = true;
speed-limit-up = 800;
speed-limit-up-enabled = true;
peer-port = 7455;
rpc-bind-address = localAddress;
rpc-whitelist-enabled = false;
};
};
networking.firewall = {
enable = true;
interfaces.${trnsmssnIface}.allowedTCPPorts = [
config.services.transmission.settings.peer-port
];
interfaces.eth0.allowedTCPPorts = [
9091
];
};
networking.nameservers = [ "193.138.218.74" ];
networking.interfaces.${trnsmssnIface} = {
ipv4.addresses = [ { address = "10.64.157.93"; prefixLength = 32; } ];
ipv6.addresses = [ { address = "fc00:bbbb:bbbb:bb01::1:9d5c"; prefixLength = 128; } ];
ipv4.routes = [
{ address = "0.0.0.0"; prefixLength = 1; }
{ address = "128.0.0.0"; prefixLength = 1; }
];
ipv6.routes = [ { address = "::"; prefixLength = 0; } ];
};
environment.systemPackages = with pkgs; [ wireguard-tools ];
};
privateNetwork = true;
interfaces = [ trnsmssnIface ];
hostAddress = "192.168.100.10";
localAddress = "192.168.100.11";
autoStart = true;
bindMounts.${homeDir} = {
hostPath = homeDir;
isReadOnly = false;
};
};
networking.wireguard = {
enable = true;
interfaces.${trnsmssnIface} = {
privateKeyFile = "/etc/wgkeys/mullvad";
peers = [
{
allowedIPs = ["0.0.0.0/0" "::/0"];
publicKey = "5y66WShsFXqM5K7/4CPEGCWfk7PQyNhVBT2ILjbGm2I=";
endpoint = "se15-wireguard.mullvad.net:51820";
}
];
allowedIPsAsRoutes = false;
};
};
systemd.services."container@trnsmssn" = {
requires = [ "wireguard-${trnsmssnIface}.service" ];
after = [ "wireguard-${trnsmssnIface}.service" ];
};
networking.firewall = {
allowedTCPPorts = [
445 139 # samba
config.services.transmission.settings.peer-port
config.services.rsyncd.port
];
allowedUDPPorts = [
137 138 # samba
];
};
services.nginx = {
enable = true;
recommendedTlsSettings = true;
recommendedOptimisation = true;
recommendedGzipSettings = true;
recommendedProxySettings = true;
virtualHosts."transmission-proxy" = {
serverName = "localhost";
listen = [
{ addr = "localhost"; port = 9091; }
];
locations."/transmission/" = {
proxyPass = "http://192.168.100.11:9091";
proxyWebsockets = true;
};
};
};
environment.systemPackages = with pkgs; [
transmission
samba
@ -87,4 +210,38 @@
${pkgs.hdparm}/bin/hdparm -B127 -S100 /dev/sd{a,b,c,d,e,f}
'';
services.rsyncd = {
enable = true;
settings = {
lr_mobile = {
path = "/mnt/aplysia/fotos/lr_mobile";
"read only" = "yes";
};
};
};
systemd.services.backup-fotos = rec {
wants = [ "network.target" "mnt-aplysia.mount" ];
after = wants;
serviceConfig = {
User = "gebner";
Group = "users";
Type = "oneshot";
};
script = ''
${pkgs.rclone}/bin/rclone sync -v --update --use-server-modtime \
/mnt/aplysia/fotos/lightroom/ \
glacier:gebner-fotos-raw-backup/
'';
};
systemd.timers.backup-fotos = {
wantedBy = [ "timers.target" ];
timerConfig = {
OnCalendar = "Mon,Fri 03:00";
Persistent = true;
};
};
}

93
archachatina.nix
View File

@ -3,10 +3,20 @@
{
imports =
[
./common.nix
/etc/nixos/hardware-configuration.nix
./common-headless.nix
# ./sway.nix
./i3.nix
./large-sw.nix
./uefi.nix
./fstrim.nix
# ./qemu-user.nix
./atmega.nix
./v4l2loopback.nix
./huion.nix
./rtl8761b.nix
./unstable-nix.nix
./nm-restart.nix
];
environment.etc."lvm/lvm.conf".text = ''
@ -14,53 +24,61 @@
issue_discards = 1
}
'';
boot.initrd.luks.devices = [
{
name = "sda2_crypt";
boot.initrd.luks.devices = {
sda2_crypt = {
device = "/dev/disk/by-uuid/2e2e2824-e357-4a75-bddc-8cf386cd0f53";
preLVM = true;
allowDiscards = true;
}
];
};
};
networking.hostName = "archachatina"; # Define your hostname.
networking.hostId = "cc7ea3ba";
hardware.cpu.intel.updateMicrocode = true;
services.wakeonlan.interfaces = [
{
interface = "enp3s0";
method = "magicpacket";
}
];
networking.interfaces."enp3s0".wakeOnLan.enable = true;
# services.xserver.displayManager.defaultSession = pkgs.lib.mkForce "sway";
#
# users.extraUsers.presentation = {
# isNormalUser = true;
# extraGroups = [ "networkmanager" "audio" ];
# # shell = "${pkgs.zsh}/bin/zsh";
# shell = "/run/current-system/sw/bin/fish";
#
# password = if config.virtualisation != null then "" else null;
# };
environment.systemPackages = with pkgs; [
beets
mediainfo
flac
recoll
uvccapture
piper
];
services.thermald.enable = true;
virtualisation.docker.enable = true;
users.extraUsers.gebner.extraGroups = [ "docker" "libvirtd" ];
virtualisation.virtualbox.host = {
enable = true;
# enableExtensionPack = true;
};
# nixpkgs.config.allowUnfree = true;
virtualisation.virtualbox.host.enable = true;
# virtualisation.libvirtd.enable = true;
virtualisation.libvirtd = {
enable = true;
};
networking.firewall.checkReversePath = false;
# fileSystems."/var/lib/libvirt/images/vaccaria" = {
# device = "//vaccaria.mtlaa.gebner.org/export/tmp/vms";
# fsType = "cifs";
# options = [ "noauto" "x-systemd.automount" "credentials=/etc/smbcredentials/vaccaria"
# "forceuid" "forcegid" "uid=0" "gid=0" ];
# };
fileSystems."/var/lib/libvirt/images/vaccaria" = {
device = "//vaccaria.htdf.gebner.org/export/tmp/vms";
fsType = "cifs";
options = [ "noauto" "x-systemd.automount" "credentials=/etc/smbcredentials/vaccaria"
"forceuid" "forcegid" "uid=0" "gid=0" ];
};
hardware.opengl.driSupport32Bit = true;
hardware.opengl.extraPackages = with pkgs; [
rocm-opencl-icd
# rocm-runtime-ext
];
services.nix-serve = {
enable = true;
@ -82,12 +100,27 @@
# };
#boot.kernelPackages = pkgs.lib.mkOverride 10 pkgs.linuxPackages_latest;
# boot.kernelPackages = pkgs.lib.mkOverride 10 pkgs.linuxPackages;
# boot.kernelPackages = pkgs.lib.mkOverride 10 pkgs.linuxPackages_5_8;
services.xserver = {
videoDrivers = [ "amdgpu" ];
# useGlamor = true;
deviceSection = ''
Option "TearFree" "on"
'';
};
services.transmission.enable = true;
services.postgresql = {
enable = true;
extraPlugins = [ pkgs.postgis ];
};
services.ratbagd.enable = true;
# virtualisation.anbox = {
# enable = true;
# };
system.stateVersion = "18.03";
}

13
atmega.nix Normal file
View File

@ -0,0 +1,13 @@
{ config, pkgs, ... }:
{
services.udev.extraRules =
let action = '' OWNER := "gebner" ''; in ''
# Atmel ATMega32U4
SUBSYSTEMS=="usb", ATTRS{idVendor}=="03eb", ATTRS{idProduct}=="2ff4", ${action}
# Atmel USBKEY AT90USB1287
SUBSYSTEMS=="usb", ATTRS{idVendor}=="03eb", ATTRS{idProduct}=="2ffb", ${action}
# Atmel ATMega32U2
SUBSYSTEMS=="usb", ATTRS{idVendor}=="03eb", ATTRS{idProduct}=="2ff0", ${action}
'';
}

29
basic-tools.nix
View File

@ -6,7 +6,8 @@
# nox
wget
neovim
zsh
neovim-remote
# zsh
gitFull gitAndTools.hub tig
gnumake
m4
@ -17,33 +18,45 @@
pwgen
gcc
silver-searcher
ripgrep
fzf
tree
python
python3
python3Packages.ipython
lua
perl
gdb
bind nmap tcpdump telnet
bind nmap tcpdump (pkgs.inetutils or telnet)
usbutils
dstat
which
zip
file
unzip
elinks
links2
ctags
nix-prefetch-scripts
nix-repl
(pkgs.wireguard-tools or pkgs.wireguard or pkgs.hello)
jq
#b2sum
strace
ncdu
hyperfine
];
environment.variables.EDITOR = "${pkgs.neovim}/bin/nvim";
programs.zsh = {
enable = true;
promptInit = "";
};
# programs.zsh = {
# enable = true;
# promptInit = "";
# };
programs.bash = {
enableCompletion = true;
};
programs.fish = {
enable = true;
};
}

69
bluez-alsa.nix Normal file
View File

@ -0,0 +1,69 @@
{ stdenv, fetchFromGitHub, pkgconfig, autoreconfHook
, alsaLib, bluez, glib, sbc, dbus
# optional, but useful utils
, readline, libbsd, ncurses
# optional codecs
, aacSupport ? true, fdk_aac
# TODO: aptxSupport
}:
with stdenv.lib;
stdenv.mkDerivation rec {
pname = "bluez-alsa";
version = "3.0.0";
src = fetchFromGitHub {
owner = "Arkq";
repo = "bluez-alsa";
rev = "v${version}";
sha256 = "1jlsgxyqfhncfhx1sy3ry0dp6p95kd4agh7g2b7g51h0c4cv74h8";
};
nativeBuildInputs = [ pkgconfig autoreconfHook ];
buildInputs = [
alsaLib bluez glib sbc dbus
readline libbsd ncurses
]
++ optional aacSupport fdk_aac;
configureFlags = [
"--with-alsaplugindir=${placeholder "out"}/lib/alsa-lib"
"--with-dbusconfdir=${placeholder "out"}/share/dbus-1/system.d"
"--enable-rfcomm"
"--enable-hcitop"
"--enable-msbc"
]
++ optional aacSupport "--enable-aac";
meta = {
description = "Bluez 5 Bluetooth Audio ALSA Backend";
longDescription = ''
Bluez-ALSA (BlueALSA) is an ALSA backend for Bluez 5 audio interface.
Bluez-ALSA registers all Bluetooth devices with audio profiles in Bluez
under a virtual ALSA PCM device called `bluealsa` that supports both
playback and capture.
Some backstory: Bluez 5 removed built-in support for ALSA in favor of a
generic interface for 3rd party appliations. Thereafter, PulseAudio
implemented a backend for that interface and became the only way to get
Bluetooth audio with Bluez 5. Users prefering ALSA stayed on Bluez 4.
However, Bluez 4 eventually became deprecated.
This package is a rebirth of a direct interface between ALSA and Bluez 5,
that, unlike PulseAudio, provides KISS near-metal-like experience. It is
not possible to run BluezALSA and PulseAudio Bluetooth at the same time
due to limitations in Bluez, but it is possible to run PulseAudio over
BluezALSA if you disable `bluetooth-discover` and `bluez5-discover`
modules in PA and configure it to play/capture sound over `bluealsa` PCM.
'';
homepage = src.meta.homepage;
license = licenses.mit;
platforms = platforms.linux;
maintainers = [ maintainers.oxij maintainers.lheckemann ];
};
}

132
common-gui.nix Normal file
View File

@ -0,0 +1,132 @@
{ config, pkgs, ... }:
{
imports = [
./pipewire.nix
];
i18n.inputMethod = {
enabled = "fcitx5";
fcitx5.addons = with pkgs; [ fcitx5-mozc fcitx5-table-other fcitx5-m17n fcitx5-rime rime-data ];
};
fonts = {
enableDefaultFonts = false;
fontconfig = {
allowBitmaps = false;
};
fonts = with pkgs; [
# xorg.fontbhlucidatypewriter100dpi
# xorg.fontbhlucidatypewriter75dpi
# freefont_ttf
gyre-fonts # TrueType substitutes for standard PostScript fonts
# xorg.fontbh100dpi
# xorg.fontmiscmisc
# xorg.fontcursormisc
unifont
noto-fonts-emoji
noto-fonts-cjk
cantarell-fonts # from gnome3 module
merriweather
merriweather-sans
open-sans
# libertine # breaks 
dejavu_fonts
liberation_ttf
ubuntu_font_family
wqy_microhei
ipafont
ipaexfont
source-han-serif
source-han-sans
inconsolata
# iosevka
fira fira-mono fira-code
source-code-pro
stix-two
font-awesome_5
];
};
environment.systemPackages = with pkgs; [
(writeScriptBin "gsd-xsettings"
''
#!/bin/sh
exec ${gnome3.gnome-settings-daemon}/libexec/gsd-xsettings "$@"
'')
libinput
libnotify
gsettings-desktop-schemas
];
# prevent satanic torture
qt.platformTheme = "qt5ct";
hardware.uinput.enable = true;
users.extraUsers.gebner.extraGroups = [ "input" "tty" "audio" "video" "uinput" ];
services.dbus.packages = with pkgs; [ gcr ];
services.udev.packages = [ pkgs.gnome3.gnome-settings-daemon ];
# copied from gnome3 module
security.polkit.enable = true;
services.udisks2.enable = true;
services.accounts-daemon.enable = true;
services.geoclue2.enable = true;
services.gnome.at-spi2-core.enable = true;
services.gnome.gnome-keyring.enable = true;
services.gvfs.enable = true;
programs.seahorse.enable = true;
services.gnome.sushi.enable = true;
services.gnome.gnome-settings-daemon.enable = true;
services.telepathy.enable = true;
networking.networkmanager.enable = true;
services.upower.enable = config.powerManagement.enable;
programs.dconf.enable = true;
services.gnome.glib-networking.enable = true;
services.flatpak.enable = true;
xdg.portal = {
enable = true;
extraPortals = [ pkgs.xdg-desktop-portal-gtk ];
};
# Needed for themes and backgrounds
environment.pathsToLink = [ "/share" ];
hardware.bluetooth = {
enable = true;
package = pkgs.bluezFull;
};
services.blueman.enable = true;
programs.gnupg = {
agent.enable = true;
agent.pinentryFlavor = "gnome3";
};
# https://github.com/NixOS/nixpkgs/pull/54083
environment.extraSetup = ''
if [ -d $out/share/gsettings-schemas/ ]; then
# Create the standard schemas directory
mkdir -p $out/share/glib-2.0/schemas
# symlink any schema files to the standard schema directory
for d in $out/share/gsettings-schemas/*; do
# Force symlink, in case there are duplicates
ln -fs $d/glib-2.0/schemas/*.xml $out/share/glib-2.0/schemas
done
# and compile them
if [ -w $out/share/glib-2.0/schemas ]; then
${pkgs.glib.dev}/bin/glib-compile-schemas $out/share/glib-2.0/schemas
fi
fi
'';
}

80
common-headless.nix
View File

@ -3,16 +3,17 @@
{
imports =
[
/etc/nixos/hardware-configuration.nix
./basic-tools.nix
./common-sw.nix
];
boot.kernelPackages = pkgs.linuxPackages_latest;
nix.useSandbox = true;
nix.binaryCaches = [ https://cache.nixos.org ];
nix.trustedBinaryCaches = [ https://cache.nixos.org ];
nix.settings = {
sandbox = true;
substituters = [ "https://cache.nixos.org" ];
trusted-substituters = [ "https://cache.nixos.org" ];
};
nix.extraOptions = ''
auto-optimise-store = true
binary-caches-parallel-connections = 10
@ -21,13 +22,13 @@
networking.networkmanager.enable = true;
networking.firewall.enable = true;
time.timeZone = "Europe/Vienna";
time.timeZone = "Europe/Amsterdam";
# Enable the OpenSSH daemon.
services.openssh = {
enable = true;
permitRootLogin = "no";
passwordAuthentication = false;
settings.PermitRootLogin = "no";
settings.PasswordAuthentication = false;
};
programs.ssh.startAgent = false;
@ -38,14 +39,38 @@
browsing = true;
drivers = [ pkgs.hplip ];
};
# services.colord.enable = true;
virtualisation.podman = {
enable = true;
dockerCompat = true;
};
virtualisation.containers.containersConf.settings = {
engine = {
cgroup_manager = "cgroupfs";
};
};
virtualisation.containers = {
registries.search = [ "docker.io" ];
};
virtualisation.lxd.enable = true;
virtualisation.lxd.recommendedSysctlSettings = true;
virtualisation.lxd.package = pkgs.lxd;
virtualisation.lxc.lxcfs.enable = true;
systemd.enableUnifiedCgroupHierarchy = pkgs.lib.mkForce true;
boot.kernel.sysctl = {
"kernel.perf_event_paranoid" = "0";
"kernel.kptr_restrict" = pkgs.lib.mkForce "0";
# IntelliJ
"fs.inotify.max_user_watches" = 524288;
"fs.inotify.max_user_watches" = pkgs.lib.mkDefault 524288;
# undo lxd "recommendedSysctlSettings"
"kernel.dmesg_restrict" = pkgs.lib.mkForce 0;
};
# gapt: `ulimit -n` was 256
@ -54,13 +79,13 @@
];
fileSystems."/mnt/vaccaria" = {
device = "//vaccaria.mtlaa.gebner.org/export";
device = "//vaccaria.htdf.gebner.org/export";
fsType = "cifs";
options = [ "noauto" "x-systemd.automount" "credentials=/etc/smbcredentials/vaccaria" "vers=1.0" ];
};
fileSystems."/mnt/aplysia" = {
device = "//aplysia.mtlaa.gebner.org/export";
device = "//aplysia.htdf.gebner.org/export";
fsType = "cifs";
options = [ "noauto" "x-systemd.automount" "credentials=/etc/smbcredentials/aplysia" "vers=1.0" ];
};
@ -73,12 +98,41 @@
users.extraUsers.gebner = {
isNormalUser = true;
extraGroups = [ "wheel" "networkmanager" "transmission" ];
extraGroups = [
"wheel"
"networkmanager"
"audio"
"transmission"
"lxd"
"libvirtd"
"vboxusers"
"wireshark"
];
# shell = "${pkgs.zsh}/bin/zsh";
shell = "/run/current-system/sw/bin/fish";
password = if config.virtualisation != null then "" else null;
};
system.fsPackages = [ pkgs.ntfs3g ];
users.groups = {
transmission = {
gid = config.ids.gids.transmission;
};
};
i18n = {
defaultLocale = "en_US.UTF-8";
extraLocaleSettings = {
# LC_TIME = "en_GB.UTF-8";
# LC_PAPER = "de_AT.UTF-8";
};
supportedLocales = [ "all" ]; # https://github.com/NixOS/nixpkgs/pull/177318
};
system.fsPackages = with pkgs; [
ntfs3g
exfatprogs
];
}

122
common-sw.nix
View File

@ -1,127 +1,111 @@
{ config, pkgs, ... }:
{
imports = [
./fix-firefox.nix
];
environment.systemPackages = with pkgs.haskellPackages; with pkgs; [
gitg
gmpc
mpdevil
m4
subversion
openjdk8
(pkgs.openjdk or pkgs.openjdk14 or pkgs.openjdk12 or pkgs.openjdk11 or pkgs.openjdk10 or openjdk8)
sbt scala
chromium
ungoogled-chromium
# chromium
firefox
qalculate-gtk
speedcrunch
libqalculate
viewnior
gnupg
pass xclip pwgen
(pass.withExtensions (ext: [ ext.pass-otp ]))
xclip pwgen
remmina
ledger
hledger
hledger-diff
# hledger
# hledger-diff
cmake ninja
bear
mpv
wireshark-gtk
neomutt notmuch
goldendict
patchelf
bazaar
tokei loc
loc
tokei
ripgrep
imagemagick
mercurial
(pkgs.man-pages or manpages)
androidenv.platformTools # adb & fastboot
dfeet
geoipWithDatabase
nix-index
alacritty
neovim-qt
clinfo
lm_sensors
hdparm
smartmontools
lsof
pdfpc
# haskell dev
cabal2nix
cabal-install
# ghc-mod
poppler_utils
# emacs
emacs
emacsPackages.cask
ghostscript # for auctex
aspell
nodejs
(pkgs.nodejs_latest or pkgs.nodejs-12_x or pkgs.nodejs-11_x or pkgs.nodejs-10_x or nodejs-9_x)
mediainfo
isync
mu
msmtp
vdirsyncer khard khal
rclone
duplicity
restic
magic-wormhole
linuxPackages.perf
qrencode zbar
veriT
minisat
picosat
glucose
prover9
eprover
vampire
metis-prover
spass
z3
cvc4
graphviz
open-wbo
# toysolver
stable.haskellPackages.tip-lib
emacsPackages.proofgeneral
stablePkgs # protect nixpkgs checkout from GC
] ++ (with aspellDicts; [ en de fr nl ]);
nixpkgs.config.packageOverrides = pkgs: with pkgs; let
fetchNixPkgs = { rev, sha256 }:
fetchFromGitHub {
inherit sha256 rev;
owner = "NixOS";
repo = "nixpkgs-channels";
};
stablePkgs = fetchNixPkgs {
rev = "5237768d62a40236d24fafbd9f4f97f3227399ce";
sha256 = "1j707pwm6ll2cvmqvwfxxq21gd9q7l6s3vi3vc01jklplj2v20is";
};
in {
# idea-community-eap = pkgs.idea.idea-community.overrideDerivation (oldAttrs: rec {
# name = "idea-community-${version}";
# version = "2017.2.eap";
# src = pkgs.fetchurl {
# url = "https://download.jetbrains.com/idea/ideaIC-172.3544.6-no-jdk.tar.gz";
# sha256 = "72874a0393a6388b04353a359eea1d1242f59d6e7b96a4cf43c793602ac7ccdb";
# };
# });
idea-community-eap = pkgs.idea.idea-community;
# clion-eap = pkgs.idea.clion.overrideDerivation (oldAttrs: rec {
# name = "clion-${version}";
# version = "2017.1.eap";
# src = pkgs.fetchurl {
# url = "http://download.jetbrains.com/cpp/CLion-2017.1-RC.tar.gz";
# sha256 = "1rv9rcjv4kv39l9r4g5kqbd4y175301a6kr3js3szkjmhqd50qq3";
# };
# });
clion-eap = pkgs.idea.clion;
# neovim = pkgs.neovim.override {
# extraPythonPackages = [ pkgs.pythonPackages.websocket_client ];
# };
stablePkgs = stablePkgs;
stable = import stablePkgs {};
qutebrowser = pkgs.qutebrowser.override { withWebEngineDefault = true; };
};
] ++ (with aspellDicts; [ en de fr nl ])
++ (with gst_all_1; [ gstreamer gstreamer.dev
gst-plugins-bad gst-plugins-good gst-plugins-base gst-plugins-ugly ]);
nixpkgs.config.allowTexliveBuilds = true;
nixpkgs.config.allowUnfree = true;
nixpkgs.config.allowUnfreePredicate = (pkg: true);
nixpkgs.config.android_sdk.accept_license = true;
programs.adb.enable = true;
users.extraUsers.gebner.extraGroups = [ "adbusers" ];
nixpkgs.config.packageOverrides = pkgs: with pkgs; {
khal = pkgs.khal.overridePythonAttrs (_: { doCheck = false; });
};
}

10
common.nix
View File

@ -1,10 +0,0 @@
{ config, pkgs, ... }:
{
imports =
[
./common-headless.nix
./i3.nix
];
}

103
decoysnail.nix
View File

@ -3,18 +3,53 @@
{
imports =
[
./common.nix
./common-headless.nix
# ./i3.nix
./sway.nix
./large-sw.nix
./uefi.nix
./fstrim.nix
./atmega.nix
./v4l2loopback.nix
./huion.nix
./nvim05.nix
./nm-restart.nix
];
boot.initrd.luks.devices = [
{
name = "sda2_crypt";
device = "/dev/disk/by-uuid/6c687d35-1b43-4799-b71c-a5b5c21b3e2a";
preLVM = true;
boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "usb_storage" "usbhid" "sd_mod" ];
boot.initrd.kernelModules = [ "dm-snapshot" ];
boot.kernelModules = [ "kvm-intel" ];
boot.extraModulePackages = [ ];
fileSystems."/" =
{ device = "/dev/disk/by-uuid/a16ae3f7-11df-47fc-a8df-f22c474ec1c1";
fsType = "ext4";
};
fileSystems."/boot" =
{ device = "/dev/disk/by-uuid/3C5C-049B";
fsType = "vfat";
};
#swapDevices = [
# { device = "/dev/disk/by-uuid/b7274abd-58a5-4acc-8481-30e105e94eec"; }
#];
nix.settings.max-jobs = pkgs.lib.mkDefault 6;
powerManagement.cpuFreqGovernor = pkgs.lib.mkDefault "powersave";
environment.etc."lvm/lvm.conf".text = ''
devices {
issue_discards = 1
}
];
'';
boot.initrd.luks.devices = {
sda_crypt = {
device = "/dev/disk/by-partuuid/00292928-0088-4887-9e5d-2f2eccb4816f";
preLVM = true;
allowDiscards = true;
};
};
networking = {
hostName = "decoysnail";
@ -27,14 +62,56 @@
services.thermald.enable = true;
virtualisation.docker = {
enable = true;
storageDriver = "overlay2";
hardware.opengl = {
extraPackages = with pkgs; [ beignet ];
driSupport32Bit = true;
};
users.extraUsers.gebner.extraGroups = [ "docker" ];
hardware.opengl.driSupport32Bit = true;
#services.avahi.nssmdns = true;
#services.nscd.enable = pkgs.lib.mkOverride 10 true;
services.avahi.nssmdns = true;
services.openssh.forwardX11 = true;
system.stateVersion = "19.09";
networking.wireguard.interfaces.wg0 = {
ips = ["10.59.0.4/16"];
privateKeyFile = "/etc/wgkeys/decoysnail";
allowedIPsAsRoutes = true;
postSetup = ''
${pkgs.systemd}/bin/resolvectl domain wg0 '~htdf.gebner.org' '~mtlaa.gebner.org' '~ams.gebner.org'
${pkgs.systemd}/bin/resolvectl dns wg0 10.57.0.1
'';
peers = [{
publicKey = "ByLlJbevlTBooAo2RIZGGJvBHKqA9qiOpHBvR5yuJX4=";
allowedIPs = ["10.56.0.0/14" "10.60.1.1"];
# endpoint = "mtlaa-gw.gebner.org:35869";
# endpoint = "84.112.114.160:35869";
endpoint = "127.0.0.1:35869";
persistentKeepalive = 25;
}];
};
systemd.services.wstunnel = {
path = [ pkgs.wstunnel ];
wantedBy = [ "wireguard-wg0.service" ];
after = [ "network.target" ];
script = ''
wstunnel -L 35869:htdf-gw.gebner.org:35869 -u wss://gebner.org
'';
};
services.resolved = {
domains = [];
enable = true;
};
# services.xserver = {
# videoDrivers = [ "intel" ];
# };
fonts.fontconfig = {
subpixel.rgba = "none";
};
}

102
euhadra.nix
View File

@ -1,11 +1,16 @@
{ config, pkgs, ... }:
let mpdStreamingPort = 8080; in
{
imports =
[
./common.nix
/etc/nixos/hardware-configuration.nix
./common-headless.nix
./sway.nix
./uefi.nix
./fstrim.nix
# ./nebula.nix
./tailscale.nix
];
environment.etc."lvm/lvm.conf".text = ''
@ -13,27 +18,44 @@
issue_discards = 1
}
'';
boot.initrd.luks.devices = [
{
name = "euhadra_crypt";
boot.initrd.luks.devices = {
euhadra_crypt = {
device = "/dev/disk/by-uuid/328a9ede-0958-490b-8e82-62b06b839e21";
preLVM = true;
allowDiscards = true;
}
];
};
};
networking.hostName = "euhadra";
networking.hostId = "ddb5f0fd";
hardware.cpu.intel.updateMicrocode = true;
services.mpd = {
enable = true;
network.listenAddress = "any";
musicDirectory = "/mnt/vaccaria/music";
# network.listenAddress = "127.0.0.1";
musicDirectory = "/mnt/aplysia/music";
extraConfig = ''
bind_to_address "10.59.0.6"
bind_to_address "100.97.134.100"
# audio_output {
# type "alsa"
# name "dac"
# device "sysdefault:CARD=QAMP"
# }
audio_output {
type "alsa"
name "dac"
device "sysdefault:CARD=QAMP"
type "pulse"
name "pulse"
server "127.0.0.1"
}
audio_output {
type "httpd"
name "http"
encoder "flac"
port "${toString mpdStreamingPort}"
}
replaygain "auto"
@ -41,9 +63,43 @@
'';
};
services.pipewire = {
config.pipewire-pulse = {
"pulse.properties"."server.address" = [
"unix:native"
"tcp:127.0.0.1:4713"
"tcp:100.97.134.100:4713"
];
};
};
networking.wireguard.interfaces.wg0 = {
ips = ["10.59.0.6/16"];
privateKeyFile = "/etc/wgkeys/euhadra";
allowedIPsAsRoutes = true;
postSetup = ''
${pkgs.systemd}/bin/resolvectl domain wg0 '~htdf.gebner.org' '~mtlaa.gebner.org' '~ams.gebner.org'
${pkgs.systemd}/bin/resolvectl dns wg0 10.58.0.1
'';
peers = [{
publicKey = "ByLlJbevlTBooAo2RIZGGJvBHKqA9qiOpHBvR5yuJX4=";
allowedIPs = ["10.56.0.0/14" "10.60.1.1"];
endpoint = "htdf-gw.gebner.org:35869";
# endpoint = "80.109.29.104:35869";
# endpoint = "127.0.0.1:35869";
}];
};
# systemd.services.wireguard-wg0.wantedBy = pkgs.lib.mkOverride 10 [];
services.resolved = {
domains = [];
enable = true;
};
networking.firewall.allowedTCPPorts = [
config.services.mpd.network.port
4713 # pulseaudio
mpdStreamingPort # mpd streaming
];
environment.systemPackages = with pkgs; [ mpc_cli ];
@ -52,15 +108,19 @@
nixpkgs.config.mpv.vaapiSupport = true;
hardware.pulseaudio = {
zeroconf.publish.enable = true;
tcp = {
enable = true;
anonymousClients.allowedIpRanges = [
"127.0.0.1"
"10.57.0.0/16"
];
};
};
# hardware.pulseaudio = {
# systemWide = true;
# zeroconf.publish.enable = true;
# tcp = {
# enable = true;
# anonymousClients.allowedIpRanges = [
# "127.0.0.1"
# "10.57.0.0/16"
# ];
# };
# };
system.stateVersion = "22.05";
time.timeZone = pkgs.lib.mkOverride 10 "US/Pacific";
}

37
fix-firefox.nix Normal file
View File

@ -0,0 +1,37 @@
{ config, pkgs, ... }:
# unreserve ctrl+w shortcuts
{
nixpkgs.config.packageOverrides = pkgs: with pkgs; {
firefox-unwrapped = stdenv.mkDerivation {
inherit (firefox-unwrapped) name version;
nativeBuildInputs = [ unzip zip ];
buildCommand = ''
mkdir -p $out
cp -ra ${firefox-unwrapped}/. $out/.
chmod +w -R $out
sed -i "s|${firefox-unwrapped}|$out|g" $out/bin/firefox
j=$out/lib/firefox/browser/omni.ja
f=localization/en-US/browser/browserSets.ftl
mkdir browser
cd browser
# corrupt zip files??
unzip $j || true
patch $f <${./fix-firefox.patch}
rm $j
zip -0DXqr $j *
'';
inherit (firefox-unwrapped) meta;
passthru = {
inherit (firefox-unwrapped.passthru) version isFirefox3Like gtk
nspr gssSupport browserName ffmpegSupport gtk3 binaryName;
};
};
};
}

31
fix-firefox.patch Normal file
View File

@ -0,0 +1,31 @@
--- localization/en-US/browser/browserSets.ftl~ 2020-08-31 11:28:51.148881026 +0200
+++ localization/en-US/browser/browserSets.ftl 2020-08-31 19:07:11.687530527 +0200
@@ -9,16 +9,16 @@
.label = Zoom
window-new-shortcut =
- .key = N
+ .keycode = VK_F20
window-minimize-shortcut =
.key = M
close-shortcut =
- .key = W
+ .keycode = VK_F17
tab-new-shortcut =
- .key = T
+ .key = T
location-open-shortcut =
.key = L
@@ -185,7 +185,7 @@
## global menu.
quit-app-shortcut =
- .key = Q
+ .keycode = VK_F18
help-shortcut =
.key = ?

62
flake.lock Normal file
View File

@ -0,0 +1,62 @@
{
"nodes": {
"flake-utils": {
"locked": {
"lastModified": 1638122382,
"narHash": "sha256-sQzZzAbvKEqN9s0bzWuYmRaA03v40gaJ4+iL1LXjaeI=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "74f7e4319258e287b0f9cb95426c9853b282730b",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
},
"nixpkgs": {
"locked": {
"lastModified": 1693158576,
"narHash": "sha256-aRTTXkYvhXosGx535iAFUaoFboUrZSYb1Ooih/auGp0=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "a999c1cc0c9eb2095729d5aa03e0d8f7ed256780",
"type": "github"
},
"original": {
"owner": "nixos",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"root": {
"inputs": {
"nixpkgs": "nixpkgs",
"utils": "utils"
}
},
"utils": {
"inputs": {
"flake-utils": "flake-utils"
},
"locked": {
"lastModified": 1638172912,
"narHash": "sha256-jxhQGNEsZTdop/Br3JPS+xmBf6t9cIWRzVZFxbT76Rw=",
"owner": "gytis-ivaskevicius",
"repo": "flake-utils-plus",
"rev": "166d6ebd9f0de03afc98060ac92cba9c71cfe550",
"type": "github"
},
"original": {
"owner": "gytis-ivaskevicius",
"ref": "v1.3.1",
"repo": "flake-utils-plus",
"type": "github"
}
}
},
"root": "root",
"version": 7
}

35
flake.nix Normal file
View File

@ -0,0 +1,35 @@
{
inputs = {
nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable";
utils.url = "github:gytis-ivaskevicius/flake-utils-plus/v1.3.1";
# neovim-overlay = {
# url = "github:nix-community/neovim-nightly-overlay";
# inputs.nixpkgs.follows = "nixpkgs";
# };
};
outputs = inputs@{ self, nixpkgs, utils, ... }: utils.lib.mkFlake {
inherit self inputs;
channels.nixpkgs.input = nixpkgs;
channels.nixpkgs.patches = [ ];
nix.generateRegistryFromInputs = true;
hostDefaults = {
modules = [
({ ... }: { nix.extraOptions = "warn-dirty = false"; })
];
};
hosts = {
petalius.modules = [ ./petalius.nix ];
flammea.modules = [ ./flammea.nix ];
decoysnail.modules = [ ./decoysnail.nix ];
};
};
}

195
flammea.nix Normal file
View File

@ -0,0 +1,195 @@
{ config, pkgs, ... }:
let mpdStreamingPort = 8080; in
{
imports =
[
./common-headless.nix
# ./sway.nix
# ./i3.nix
./gnome3.nix
./large-sw.nix
./uefi.nix
./fstrim.nix
# ./qemu-user.nix
./atmega.nix
./v4l2loopback.nix
./huion.nix
./spacenav.nix
./nvim05.nix
./nm-restart.nix
./tailscale.nix
];
hardware.enableRedistributableFirmware = true;
boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" "ahci" "usbhid" "usb_storage" "sd_mod" ];
boot.initrd.kernelModules = [ "dm-snapshot" ];
boot.kernelModules = [
"kvm-amd"
"zenpower"
];
boot.extraModulePackages = [ ];
boot.supportedFilesystems = [ "zfs" ];
fileSystems."/" =
{ device = "/dev/disk/by-uuid/3b8c5c8a-fff2-49ba-98bd-ceb01d6d57c3";
fsType = "ext4";
};
fileSystems."/boot" =
{ device = "/dev/disk/by-uuid/1FA2-93AB";
fsType = "vfat";
};
swapDevices = [ ];
environment.etc."lvm/lvm.conf".text = ''
devices {
issue_discards = 1
}
'';
boot.initrd.luks.devices = {
nvme0n1p2_crypt = {
device = "/dev/disk/by-uuid/0fd33358-83dc-4acd-b6b8-0f079082367e";
preLVM = true;
allowDiscards = true;
};
};
networking.hostName = "flammea"; # Define your hostname.
networking.hostId = "390adc00";
hardware.cpu.amd.updateMicrocode = true;
networking.interfaces."enp42s0".wakeOnLan.enable = true;
# users.extraUsers.presentation = {
# isNormalUser = true;
# extraGroups = [ "networkmanager" "audio" ];
# # shell = "${pkgs.zsh}/bin/zsh";
# shell = "/run/current-system/sw/bin/fish";
#
# password = if config.virtualisation != null then "" else null;
# };
environment.systemPackages = with pkgs; [
beets
piper
ddcutil
ddcui
];
services.thermald.enable = true;
virtualisation.virtualbox.host = {
enable = true;
enableExtensionPack = true;
};
# nixpkgs.config.allowUnfree = true;
# virtualisation.libvirtd = {
# enable = true;
# };
# networking.firewall.checkReversePath = false;
# fileSystems."/var/lib/libvirt/images/vaccaria" = {
# device = "//vaccaria.htdf.gebner.org/export/tmp/vms";
# fsType = "cifs";
# options = [ "noauto" "x-systemd.automount" "credentials=/etc/smbcredentials/vaccaria"
# "forceuid" "forcegid" "uid=0" "gid=0" ];
# };
hardware.opengl.extraPackages = with pkgs; [
rocm-opencl-icd
rocm-runtime
];
# services.nix-serve = {
# enable = true;
# secretKeyFile = "/etc/nix-serve/secret.key";
# };
# networking.firewall.allowedTCPPorts = [ config.services.nix-serve.port ];
networking.firewall.trustedInterfaces = [ "tailscale0" ];
services.openssh.settings.X11Forwarding = true;
fileSystems."/mnt/aplysia".device = pkgs.lib.mkOverride 10 "//aplysia.auroch-boa.ts.net/export";
time.timeZone = pkgs.lib.mkOverride 10 "US/Pacific";
# nixpkgs.config.packageOverrides = super: let self = super.pkgs; in {
# mesa_drivers = self.mesaDarwinOr (
# let mo = self.mesa_noglu.override {
# llvmPackages = pkgs.llvmPackages_39;
# grsecEnabled = false;
# enableTextureFloats = true;
# };
# in mo.drivers
# );
# };
boot.kernelPackages = pkgs.lib.mkOverride 10 pkgs.linuxPackages_6_1;
# services.xserver = {
# videoDrivers = [ "amdgpu" ];
# deviceSection = ''
# Option "TearFree" "on"
# '';
# };
services.ratbagd.enable = true;
# virtualisation.anbox = {
# enable = true;
# };
services.udev.extraRules = ''
# allow admin use of i2c devices
ACTION=="add", KERNEL=="i2c-[0-9]*", GROUP="wheel", MODE="666"
'';
system.stateVersion = "22.11";
# services.mpd = {
# enable = true;
# # network.listenAddress = "127.0.0.1";
# # musicDirectory = "/mnt/aplysia/music";
# musicDirectory = "/home/gebner/Music";
# user = "gebner";
# extraConfig = ''
# bind_to_address "100.125.210.32"
#
# # audio_output {
# # type "alsa"
# # name "dac"
# # device "sysdefault:CARD=QAMP"
# # }
#
# audio_output {
# type "pulse"
# name "pulse"
# server "127.0.0.1"
# }
#
# audio_output {
# type "httpd"
# name "http"
# encoder "flac"
# port "${toString mpdStreamingPort}"
# }
#
# replaygain "auto"
# restore_paused "yes"
# '';
# };
#
# environment.etc."pipewire/pipewire-pulse.conf.d/listen.conf".text = ''
# pulse.properties = {
# server.address = [
# "unix:native"
# "tcp:127.0.0.1:4713"
# # "tcp:100.97.134.100:4713"
# ]
# }
# '';
}

78
freecad-asm3.nix Normal file
View File

@ -0,0 +1,78 @@
with import <nixpkgs> { }; let der =
{ stdenv, mkDerivation, fetchFromGitHub, fetchpatch, cmake, ninja, coin3d,
xercesc, ode, eigen, qtbase, qttools, qtwebengine, qtxmlpatterns, wrapQtAppsHook,
opencascade-occt, gts, hdf5, vtk, medfile, zlib, python3Packages, swig,
gfortran, libXmu, soqt, libf2c, libGLU, makeWrapper, pkgconfig, mpi ? null }:
let
pythonPackages = python3Packages;
in mkDerivation rec {
pname = "freecad-assembly3";
version = "08.18";
src = fetchFromGitHub {
owner = "realthunder";
repo = "FreeCAD";
rev = "04c80c99eee0f7d2f761bdc7d8b32c077adefdec";
sha256 = "1f40biy2gc16awb233lha77xabwf2p3jvzzjrp0lnsl2gk4l9w8h";
};
nativeBuildInputs = [
cmake
ninja
pkgconfig
pythonPackages.pyside2-tools
wrapQtAppsHook
];
buildInputs = [
cmake coin3d xercesc ode eigen opencascade-occt gts
zlib swig gfortran soqt libf2c makeWrapper mpi vtk hdf5 medfile
libGLU libXmu qtbase qttools qtwebengine qtxmlpatterns
] ++ (with pythonPackages; [
matplotlib pycollada shiboken2 pyside2 pyside2-tools pivy python boost
]);
cmakeFlags = [
"-DBUILD_QT5=ON"
"-DSHIBOKEN_INCLUDE_DIR=${pythonPackages.shiboken2}/include"
"-DSHIBOKEN_LIBRARY=Shiboken2::libshiboken"
("-DPYSIDE_INCLUDE_DIR=${pythonPackages.pyside2}/include"
+ ";${pythonPackages.pyside2}/include/PySide2/QtCore"
+ ";${pythonPackages.pyside2}/include/PySide2/QtWidgets"
+ ";${pythonPackages.pyside2}/include/PySide2/QtGui"
)
"-DPYSIDE_LIBRARY=PySide2::pyside2"
];
# This should work on both x86_64, and i686 linux
preBuild = ''
export NIX_LDFLAGS="-L${gfortran.cc}/lib64 -L${gfortran.cc}/lib $NIX_LDFLAGS";
'';
# Their main() removes PYTHONPATH=, and we rely on it.
preConfigure = ''
sed '/putenv("PYTHONPATH/d' -i src/Main/MainGui.cpp
qtWrapperArgs+=(--prefix PYTHONPATH : "$PYTHONPATH")
'';
qtWrapperArgs = [
"--set COIN_GL_NO_CURRENT_CONTEXT_CHECK 1"
];
postFixup = ''
mv $out/share/doc $out
'';
meta = with stdenv.lib; {
description = "General purpose Open Source 3D CAD/MCAD/CAx/CAE/PLM modeler";
homepage = "https://www.freecadweb.org/";
license = licenses.lgpl2Plus;
maintainers = with maintainers; [ viric gebner ];
platforms = platforms.linux;
};
}
; in libsForQt514.callPackage der { mpi = openmpi; }

2
fstrim.nix
View File

@ -8,7 +8,7 @@
Type = "oneshot";
};
script = "fstrim -v /";
script = "${pkgs.utillinux.bin}/bin/fstrim -v /";
startAt = "04:00";
};

110
gnome3.nix
View File

@ -1,30 +1,106 @@
{ config, pkgs, ... }:
{
programs.ibus.enable = true;
programs.ibus.plugins = [ pkgs.ibus-anthy pkgs.mozc ];
environment.systemPackages = with pkgs; [
xlibs.xwininfo # for gnome maximus extension
unzip
gnome3.libgweather
imports = [
./pipewire.nix
];
i18n.inputMethod = {
enabled = "ibus";
ibus.engines = with pkgs.ibus-engines; [ mozc table-others m17n rime ];
};
environment.systemPackages = with pkgs; [
gnome.gnome-tweaks
pavucontrol
paprefs
playerctl
xorg.xlsclients
gthumb
];
hardware.pulseaudio.enable = false;
fonts = {
enableDefaultFonts = false;
fontconfig = {
allowBitmaps = false;
};
fonts = with pkgs; [
inconsolata
dejavu_fonts
ipafont
# xorg.fontbhlucidatypewriter100dpi
# xorg.fontbhlucidatypewriter75dpi
# freefont_ttf
gyre-fonts # TrueType substitutes for standard PostScript fonts
# xorg.fontbh100dpi
# xorg.fontmiscmisc
# xorg.fontcursormisc
unifont
noto-fonts-emoji
noto-fonts-cjk
cantarell-fonts # from gnome3 module
merriweather
merriweather-sans
open-sans
# libertine # breaks 
dejavu_fonts
liberation_ttf
ubuntu_font_family
wqy_microhei
ipafont
ipaexfont
source-han-serif
source-han-sans
inconsolata
iosevka
fira fira-mono fira-code
source-code-pro
stix-two
font-awesome_5
];
};
services.xserver.enable = true;
services.xserver.displayManager.gdm.enable = true;
services.xserver.displayManager.desktopManagerHandlesLidAndPower = false;
services.xserver.desktopManager.gnome3.enable = true;
services.xserver.layout = "us";
services.xserver.xkbVariant = "altgr-intl";
services.xserver.xkbOptions = "caps:ctrl_modifier";
# prevent satanic torture
qt.platformTheme = "qt5ct";
hardware.uinput.enable = true;
users.extraUsers.gebner.extraGroups = [ "input" "tty" "audio" "video" "uinput" ];
hardware.bluetooth = {
enable = true;
package = pkgs.bluezFull;
};
services.blueman.enable = true;
programs.gnupg = {
agent.enable = true;
agent.pinentryFlavor = "gnome3";
};
services.xserver = {
enable = true;
# libinput.enable = true;
displayManager.gdm.enable = true;
# displayManager.defaultSession = "gnome";
desktopManager.gnome = {
enable = true;
};
};
# rust winit's wayland support is broken for input methods
environment.sessionVariables.WINIT_UNIX_BACKEND = "x11";
# services.xserver.enable = true;
# services.xserver.displayManager.gdm.enable = true;
# services.xserver.displayManager.desktopManagerHandlesLidAndPower = false;
# services.xserver.layout = "us";
# services.xserver.xkbVariant = "altgr-intl";
# services.xserver.xkbOptions = "caps:ctrl_modifier";
}

10
huion.nix Normal file
View File

@ -0,0 +1,10 @@
{ config, pkgs, ... }:
{
services.xserver.digimend.enable = true;
services.udev.extraRules = ''
SUBSYSTEM=="input", ENV{ID_BUS}=="usb" ENV{ID_VENDOR_ID}=="256c", \
ATTRS{name}=="* Touch *", ENV{ID_INPUT.tags}="low_res_touch"
'';
}

121
i3.nix
View File

@ -1,71 +1,43 @@
{ config, pkgs, ... }:
{
# programs.ibus.enable = true;
# programs.ibus.plugins = [ pkgs.ibus-anthy pkgs.mozc ];
i18n.inputMethod = {
enabled = "fcitx";
fcitx.engines = with pkgs.fcitx-engines; [ mozc anthy table-other m17n ];
};
imports = [
./common-gui.nix
];
environment.systemPackages = with pkgs; with gnome3; [
environment.systemPackages = with pkgs; [
i3
i3status
rofi
rofi-pass
pa_applet
feh
gnome_keyring
gnome3.gnome-keyring
networkmanagerapplet
gnome_terminal
nautilus # in closure of gnome-terminal anyhow
colord
gnome3.nautilus # in closure of gnome-terminal anyhow
pcmanfm
# colord
evince
arandr
xss-lock i3lock
xss-lock i3lock i3lock-color
xdotool
scrot
pavucontrol
dconf-editor
pasystray
gnome3.dconf-editor
unclutter-xfixes
dunst
xorg.xev
# gnome3 core packages
desktop_file_utils shared_mime_info
desktop-file-utils shared-mime-info
glib gtk3
glib_networking gvfs dconf
gnome_settings_daemon
gnome_themes_standard defaultIconTheme
hicolor_icon_theme
glib-networking gvfs dconf
gnome3.gnome-settings-daemon
gnome-themes-extra gnome3.adwaita-icon-theme
hicolor-icon-theme
];
fonts = {
enableDefaultFonts = false;
fonts = with pkgs; [
xorg.fontbhlucidatypewriter100dpi
xorg.fontbhlucidatypewriter75dpi
dejavu_fonts
freefont_ttf
gyre-fonts # TrueType substitutes for standard PostScript fonts
liberation_ttf
xorg.fontbh100dpi
xorg.fontmiscmisc
xorg.fontcursormisc
# unifont
wqy_microhei
inconsolata
dejavu_fonts
ipafont
ipaexfont
# unifont
ubuntu_font_family
source-code-pro
fira
noto-fonts-emoji
cantarell_fonts # from gnome3 module
];
};
services.xserver = {
enable = true;
@ -75,21 +47,21 @@
# # slim.autoLogin = true;
lightdm.enable = true;
# startx.enable = true;
# sddm.enable = true;
defaultSession = "i3wm";
};
desktopManager = {
default = "i3wm";
xterm.enable = false;
session = [ {
name = "i3wm";
start = ''
export XDG_DATA_DIRS=/run/current-system/sw/share/''${XDG_DATA_DIRS:+:}$XDG_DATA_DIRS
export $(${pkgs.gnome3.gnome_keyring}/bin/gnome-keyring-daemon --start --components=pkcs11,secrets,ssh,gpg)
export XDG_CURRENT_DESKTOP=GNOME
for m in xsettings; do
${pkgs.gnome3.gnome_settings_daemon}/libexec/gsd-$m &
done
export $(${pkgs.gnome3.gnome-keyring}/bin/gnome-keyring-daemon --start --components=pkcs11,secrets,ssh)
export XDG_CURRENT_DESKTOP=X-Generic
i3 &
waitPID=$!
'';
@ -98,48 +70,13 @@
updateDbusEnvironment = true;
windowManager = {
default = "i3";
i3.enable = true;
};
layout = "us";
xkbVariant = "altgr-intl";
xkbOptions = "caps:ctrl_modifier";
};
services.dbus.packages = with pkgs; [ dunst gnome3.gcr ];
services.udev.packages = [ pkgs.gnome3.gnome_settings_daemon ];
# copied from gnome3 module
security.polkit.enable = true;
services.udisks2.enable = true;
services.accounts-daemon.enable = true;
services.geoclue2.enable = true;
services.gnome3.at-spi2-core.enable = true;
# services.gnome3.evolution-data-server.enable = true;
# services.gnome3.gnome-documents.enable = true;
services.gnome3.gnome-keyring.enable = true;
#services.gnome3.gnome-online-accounts.enable = true;
# services.gnome3.gnome-user-share.enable = true;
services.gnome3.gvfs.enable = true;
services.gnome3.seahorse.enable = true;
services.gnome3.sushi.enable = true;
# services.gnome3.tracker.enable = true;
services.telepathy.enable = true;
networking.networkmanager.enable = true;
services.upower.enable = config.powerManagement.enable;
hardware.bluetooth.enable = true;
# Needed for themes and backgrounds
environment.pathsToLink = [ "/share" ];
environment.variables.GIO_EXTRA_MODULES = with pkgs.gnome3; [
"${pkgs.lib.getLib dconf}/lib/gio/modules"
"${glib_networking.out}/lib/gio/modules"
"${gvfs}/lib/gio/modules" ];
hardware.pulseaudio = {
enable = true;
zeroconf.discovery.enable = true;
};
# services.dbus.socketActivated = true;
services.dbus.packages = with pkgs; [ dunst ];
systemd.packages = [ pkgs.dunst ];
}

64
large-sw.nix
View File

@ -2,35 +2,65 @@
{
environment.systemPackages = with pkgs.haskellPackages; with pkgs; [
idea-community-eap
clion-eap
jetbrains.idea-community
# idea.clion
texlive.combined.scheme-full biber
gimp
inkscape
jabref
# jabref
libreoffice-fresh
calibre
# calibre
# goldendict
# qutebrowser
open-wbo # only in 17.09+
xournal
xournalpp
vscode
clang
stack
ccls
sumneko-lua-language-server
texlab
rnix-lsp
pyright
nodePackages.typescript-language-server
rust-analyzer
coq_8_6
# stack
# cargo rustc
elan
# coq
# emacsPackages.proofgeneral
# virtmanager
(if lib.hasAttr "curaPlugins" pkgs then
cura.override {
plugins = with curaPlugins; [ octoprint rawmouse ];
}
else cura)
openscad
freecad
calculix
meshlab
audacious
flac
clementine
uvccapture
yarn
gnome3.baobab
rustup
] ++ (with aspellDicts; [ en de fr nl ]);
nixpkgs.config.packageOverrides = pkgs: with pkgs; {
myemacs = emacs25.override {
withGTK2 = false;
withGTK3 = true;
withXwidgets = true;
};
programs.wireshark = {
enable = true;
package = pkgs.wireshark;
};
hardware.opengl.driSupport32Bit = true;
}

46
mastus/blog.nix
View File

@ -1,46 +0,0 @@
{ config, pkgs, ... }:
{
services.nginx.httpConfig = ''
server {
listen [::]:443;
listen 443;
server_name gabrielebner.at www.gabrielebner.at 2b7e.org www.2b7e.org www.gebner.org;
ssl on;
ssl_certificate_key /var/lib/acme/gebner.org/key.pem;
ssl_certificate /var/lib/acme/gebner.org/fullchain.pem;
ssl_dhparam /etc/nginx/dhparam.pem;
ssl_protocols TLSv1.1 TLSv1.2;
ssl_ciphers 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!3DES:!MD5:!PSK';
ssl_prefer_server_ciphers on;
add_header Strict-Transport-Security max-age=15768000;
ssl_stapling on;
ssl_stapling_verify on;
location / {
rewrite ^(.*) https://gebner.org$1 permanent;
}
}
server {
listen [::]:443;
listen 443;
server_name gebner.org;
ssl on;
ssl_certificate_key /var/lib/acme/gebner.org/key.pem;
ssl_certificate /var/lib/acme/gebner.org/fullchain.pem;
ssl_dhparam /etc/nginx/dhparam.pem;
ssl_protocols TLSv1.1 TLSv1.2;
ssl_ciphers 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!3DES:!MD5:!PSK';
ssl_prefer_server_ciphers on;
add_header Strict-Transport-Security max-age=15768000;
ssl_stapling on;
ssl_stapling_verify on;
root /srv/www.gebner.org;
error_page 404 403 /pages/404.html;
}
'';
}

9
mastus/configuration.nix
View File

@ -6,15 +6,18 @@
/etc/nixos/hardware-configuration.nix
../basic-tools.nix
./backup.nix
./duplicity.nix
./mail.nix
./www.nix
./gogs.nix
./gitea.nix
./letsencrypt.nix
./blog.nix
./website.nix
./wstunnel.nix
./radicale.nix
./ttrss.nix
# ./ttrss.nix
./dns.nix
./nebula.nix
];
boot.loader.grub.enable = true;

8
mastus/dns.nix
View File

@ -9,7 +9,7 @@ let
IN AAAA 2a02:2770:3:0:21a:4aff:feac:bc0e
'';
timestamp = "1497294847";
timestamp = "1664458744";
heNsServers = ''
@ IN NS ns1.he.net.
@ -48,9 +48,9 @@ in
misuji ${misuji}
mastus ${mastus}
home-gw IN A 80.109.2.154
htdf-gw IN A 80.109.2.154
mtlaa-gw IN A 84.112.114.160
home-gw IN A 80.109.29.104
htdf-gw IN A 80.109.29.104
ams-gw IN A 82.217.167.76
@ ${mastus}
www IN CNAME mastus

7
mastus/duplicity.nix Normal file
View File

@ -0,0 +1,7 @@
{ config, pkgs, ... }:
{
environment.systemPackages = [ pkgs.duplicity ];
}

35
mastus/fts_xapian.nix Normal file
View File

@ -0,0 +1,35 @@
{ stdenv, fetchFromGitHub, autoconf, automake, pkg-config, dovecot, libtool, xapian, icu64, sqlite }:
stdenv.mkDerivation rec {
pname = "fts-xapian";
version = "1.3.2";
src = fetchFromGitHub {
owner = "grosjo";
repo = "fts-xapian";
rev = version;
sha256 = "12rgchx1ikwxbhdgychcfrhfnmx1rzl1l5zhmzchjkh44cwmpdbh";
};
buildInputs = [ dovecot xapian icu64 sqlite ];
nativeBuildInputs = [ autoconf automake libtool pkg-config ];
preConfigure = ''
export PANDOC=false
autoreconf -vi
'';
configureFlags = [
"--with-dovecot=${dovecot}/lib/dovecot"
"--without-dovecot-install-dirs"
"--with-moduledir=$(out)/lib/dovecot"
];
meta = with stdenv.lib; {
homepage = "https://github.com/grosjo/fts-xapian";
description = "Dovecot FTS plugin based on Xapian";
license = licenses.lgpl21;
maintainers = with maintainers; [ julm ];
platforms = platforms.unix;
};
}

77
mastus/gitblit.nix
View File

@ -1,77 +0,0 @@
{ config, pkgs, ... }:
let
gitblitWar = pkgs.fetchurl {
url = "http://dl.bintray.com/gitblit/releases/gitblit-1.6.2.war";
sha256 = "01gqarpwqbx1ix5zycfxw4172q5l8hhxvb7f92y3lz8l6x42l7i9";
};
gitHome = "/srv/git.gebner.org";
in
{
containers.gitblit = {
config = { config, pkgs, ... }: {
users.extraUsers.git = { home = gitHome; extraGroups = [ "git" ]; };
users.extraGroups.git = { };
systemd.services.createGitDir = {
wantedBy = [ "winstone-gitblit.service" ];
serviceConfig.Type = "oneshot";
script = ''
mkdir -p ${gitHome}
chown git:git -R ${gitHome}
'';
};
services.winstone.gitblit = {
user = "git";
group = "git";
warFile = "${gitblitWar}";
extraJavaOptions = [ "-DGITBLIT_HOME=${gitHome}" ];
};
};
privateNetwork = true;
hostAddress = "192.168.100.10";
localAddress = "192.168.101.10";
};
services.nginx.appendConfig = ''
http {
server {
listen [::]:80;
listen 80;
server_name git.gebner.org;
rewrite ^(.*) https://$host$1 permanent;
}
server {
listen [::]:443;
listen 443;
server_name git.gebner.org;
ssl on;
ssl_certificate_key /var/lib/acme/gebner.org/mastus.key;
ssl_certificate /var/lib/acme/gebner.org/git.cert;
location / {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_redirect off;
proxy_buffering off;
proxy_pass http://gitblit;
client_max_body_size 30M;
break;
}
}
upstream gitblit {
server 192.168.100.10:8080;
}
}
'';
}

42
mastus/gitea.nix Normal file
View File

@ -0,0 +1,42 @@
{ config, pkgs, ... }:
{
services.gitea = rec {
enable = true;
stateDir = "/srv/git.gebner.org";
appName = "Gabriel Ebner's git server";
domain = "git.gebner.org";
rootUrl = "https://git.gebner.org/";
httpPort = 8001;
cookieSecure = true;
log.level = "Info";
disableRegistration = true;
settings = {
picture = {
DISABLE_GRAVATAR = "false";
AVATAR_UPLOAD_PATH = "${stateDir}/data/avatars";
};
};
};
environment.systemPackages = [
(let cfg = config.services.gitea; in pkgs.writeScriptBin "gitea" ''
exec ${pkgs.sudo}/bin/sudo -u ${cfg.user} \
env GITEA_WORK_DIR=${cfg.stateDir} ${pkgs.gitea}/bin/gitea "$@"
'')
];
services.nginx = {
recommendedProxySettings = true;
virtualHosts."git.gebner.org" = {
forceSSL = true;
useACMEHost = "gebner.org";
locations."/" = {
proxyPass = "http://127.0.0.1:${toString config.services.gitea.httpPort}";
extraConfig = ''
proxy_buffering off;
client_max_body_size 256M;
'';
};
};
};
}

154
mastus/gogs.nix
View File

@ -1,125 +1,45 @@
{ config, pkgs, ... }:
let
gitHome = "/srv/git.gebner.org";
gogs = pkgs.callPackage ../pkgs/gogs.nix { };
gogsPort = 8001;
gogsConfig = pkgs.writeText "gogs.ini" ''
APP_NAME = Gogs: Go Git Service
RUN_USER = git
RUN_MODE = prod
[database]
DB_TYPE = sqlite3
HOST = 127.0.0.1:3306
NAME = gogs
USER = root
PASSWD =
SSL_MODE = disable
PATH = ${gitHome}/data/gogs.db
[repository]
ROOT = ${gitHome}/gogs-repositories
[server]
DOMAIN = git.gebner.org
HTTP_PORT = ${toString gogsPort}
ROOT_URL = https://git.gebner.org/
DISABLE_SSH = false
SSH_PORT = 22
OFFLINE_MODE = true
[mailer]
ENABLED = false
[service]
REGISTER_EMAIL_CONFIRM = false
ENABLE_NOTIFY_MAIL = false
DISABLE_REGISTRATION = true
REQUIRE_SIGNIN_VIEW = false
[picture]
DISABLE_GRAVATAR = false
AVATAR_UPLOAD_PATH = ${gitHome}/data/avatars
[session]
PROVIDER = file
[log]
ROOT_PATH = ${gitHome}/logs
MODE = file
LEVEL = Info
[security]
INSTALL_LOCK = true
'';
in
{
users.extraUsers.git = { home = gitHome; extraGroups = [ "git" ]; };
users.extraUsers.git = { home = config.services.gogs.stateDir; extraGroups = [ "git" ]; };
users.extraGroups.git = { };
systemd.services.gogs = {
path = with pkgs; [ git openssh bash ];
wantedBy = [ "multi-user.target" ];
serviceConfig = {
Type = "simple";
Restart = "always";
User = "git";
Group = "git";
ExecStart = "${gogs}/gogs web -c ${gogsConfig}";
WorkingDirectory = gitHome;
};
};
services.gogs = rec {
enable = true;
stateDir = "/srv/git.gebner.org";
user = "git";
group = "git";
appName = "Gabriel Ebner's git server";
domain = "git.gebner.org";
rootUrl = "https://git.gebner.org/";
httpPort = 8001;
cookieSecure = true;
extraConfig = ''
[picture]
DISABLE_GRAVATAR = false
AVATAR_UPLOAD_PATH = ${stateDir}/data/avatars
services.nginx.httpConfig = ''
server {
listen [::]:80;
listen 80;
server_name git.gebner.org;
[log]
ROOT_PATH = ${stateDir}/logs
MODE = file
LEVEL = Info
location /.well-known/acme-challenge {
default_type text/plain;
alias /var/lib/acme/www/.well-known/acme-challenge;
}
location / {
rewrite ^(.*) https://$host$1 permanent;
}
}
server {
listen [::]:443;
listen 443;
server_name git.gebner.org;
ssl on;
ssl_certificate_key /var/lib/acme/gebner.org/key.pem;
ssl_certificate /var/lib/acme/gebner.org/fullchain.pem;
ssl_dhparam /etc/nginx/dhparam.pem;
ssl_protocols TLSv1.1 TLSv1.2;
ssl_ciphers 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!3DES:!MD5:!PSK';
ssl_prefer_server_ciphers on;
add_header Strict-Transport-Security max-age=15768000;
ssl_stapling on;
ssl_stapling_verify on;
location / {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_redirect off;
proxy_buffering off;
proxy_pass http://gogs;
client_max_body_size 30M;
break;
}
}
upstream gogs {
server 127.0.0.1:${toString gogsPort};
}
[service]
DISABLE_REGISTRATION = true
'';
};
services.nginx = {
recommendedProxySettings = true;
virtualHosts."git.gebner.org" = {
forceSSL = true;
useACMEHost = "gebner.org";
locations."/" = {
proxyPass = "http://127.0.0.1:${toString config.services.gogs.httpPort}";
extraConfig = ''
proxy_buffering off;
client_max_body_size 30M;
'';
};
};
};
}

24
mastus/letsencrypt.nix
View File

@ -3,18 +3,18 @@
{
security.acme.certs = {
"gebner.org" = {
webroot = "/var/lib/acme/www";
webroot = "/var/lib/acme/acme-challenge";
email = "gebner@gebner.org";
extraDomains = {
"git.gebner.org" = null;
"mail.gebner.org" = null;
"gebner.org" = null;
"www.gebner.org" = null;
"gabrielebner.at" = null;
"www.gabrielebner.at" = null;
"2b7e.org" = null;
"www.2b7e.org" = null;
};
extraDomainNames = [
"git.gebner.org"
"mail.gebner.org"
"gebner.org"
"www.gebner.org"
"gabrielebner.at"
"www.gabrielebner.at"
"2b7e.org"
"www.2b7e.org"
];
postRun = ''
systemctl reload nginx
@ -26,4 +26,6 @@
};
};
security.acme.acceptTerms = true;
}

26
mastus/mail.nix
View File

@ -18,6 +18,7 @@
extraAliases = ''
ge: gebner
cutintro: gebner
gebne: gebner
'';
hostname = "mastus.gebner.org";
sslCert = "/var/lib/acme/gebner.org/fullchain.pem";
@ -67,8 +68,6 @@
sslServerCert = "/var/lib/acme/gebner.org/fullchain.pem";
sslServerKey = "/var/lib/acme/gebner.org-dovecot/key.pem";
extraConfig = ''
ssl_protocols = !SSLv2 !SSLv3
service auth {
unix_listener /var/lib/postfix/queue/private/auth {
mode = 0660
@ -76,7 +75,30 @@
group = postfix
}
}
# # use mailPlugins.globally.enable after nixos 20.09
# mail_plugins = fts fts_xapian
#
# plugin {
# plugin = fts fts_xapian
#
# fts = xapian
# fts_xapian = partial=2 full=20 attachments=1 verbose=0
#
# fts_autoindex = yes
# fts_enforced = yes
#
# fts_autoindex_exclude = Trash
# fts_autoindex_exclude2 = spam
# }
#
# default_vsz_limit = 0
#
# service indexer-worker {
# vsz_limit = 0
# }
'';
# modules = [ (pkgs.callPackage ./fts_xapian.nix {}) ];
};
systemd.services.dovecotSslKey = rec {
wantedBy = [ "dovecot2.service" ];

25
mastus/nebula.nix Normal file
View File

@ -0,0 +1,25 @@
{ config, pkgs, ... }:
let mastus = "37.252.120.145";
in {
services.nebula.networks.gabriel = {
enable = true;
ca = "/etc/nebula/gabriel/ca.crt";
cert = "/etc/nebula/gabriel/mastus.crt";
key = "/etc/nebula/gabriel/mastus.key";
isLighthouse = true;
staticHostMap = {
"192.168.18.36" = [ "${mastus}:4242" ];
};
firewall.inbound = [ { port = "any"; proto = "any"; host = "any"; } ];
settings = {
serve_dns = true;
lighthouse.dns = { host = "192.168.18.36"; port = 5353; };
};
};
networking.firewall.allowedUDPPorts = [ 4242 ];
}

107
mastus/radicale.nix
View File

@ -5,77 +5,56 @@ in
{
services.radicale = {
enable = true;
config = ''
[server]
hosts = 127.0.0.1:${toString radicalePort}
ssl = false
dns_lookup = false
[storage]
filesystem_folder = /var/lib/radicale/storage
[auth]
type = IMAP
[rights]
type = owner_only
'';
package = pkgs.radicale3.overrideDerivation (_: {
#patches = [ ./radicale1249.patch ];
doCheck = false;
pytestCheckPhase = "true";
});
settings = {
server = {
hosts = "127.0.0.1:${toString radicalePort}";
ssl = false;
};
security.acme.certs."gebner.org".extraDomains."radicale.gebner.org" = null;
storage = {
filesystem_folder = "/var/lib/radicale/collections";
};
services.nginx.httpConfig = ''
server {
listen [::]:80;
listen 80;
server_name radicale.gebner.org;
auth = {
type = "htpasswd";
htpasswd_filename = "/var/lib/radicale/htpasswd";
htpasswd_encryption = "bcrypt";
};
location /.well-known/acme-challenge {
default_type text/plain;
alias /var/lib/acme/www/.well-known/acme-challenge;
}
rights = {
type = "owner_only";
};
};
};
location / {
rewrite ^(.*) https://$host$1 permanent;
}
}
security.acme.certs."gebner.org".extraDomainNames = [ "radicale.gebner.org" ];
server {
listen [::]:443;
listen 443;
server_name radicale.gebner.org;
services.nginx = {
recommendedProxySettings = true;
virtualHosts."radicale.gebner.org" = {
forceSSL = true;
useACMEHost = "gebner.org";
locations."/" = {
proxyPass = "http://127.0.0.1:${toString radicalePort}";
};
# Fake nextcloud api:
# https://gitlab.gnome.org/GNOME/gnome-online-accounts/-/issues/1#note_857357
extraConfig = ''
rewrite ^/remote.php/carddav / redirect;
rewrite ^/remote.php/caldav / redirect;
ssl on;
ssl_certificate_key /var/lib/acme/gebner.org/key.pem;
ssl_certificate /var/lib/acme/gebner.org/fullchain.pem;
ssl_dhparam /etc/nginx/dhparam.pem;
ssl_protocols TLSv1.1 TLSv1.2;
ssl_ciphers 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!3DES:!MD5:!PSK';
ssl_prefer_server_ciphers on;
add_header Strict-Transport-Security max-age=15768000;
ssl_stapling on;
ssl_stapling_verify on;
location / {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_redirect off;
proxy_buffering off;
proxy_connect_timeout 900;
proxy_send_timeout 900;
proxy_read_timeout 900;
send_timeout 900;
proxy_pass http://radicale;
client_max_body_size 30M;
break;
}
}
upstream radicale {
server 127.0.0.1:${toString radicalePort};
location /remote.php/webdav {
return 200;
}
'';
};
};
environment.systemPackages = with pkgs; [ apacheHttpd ];
}

37
mastus/radicale1249.patch Normal file
View File

@ -0,0 +1,37 @@
diff --git a/radicale/app/propfind.py b/radicale/app/propfind.py
index 52d0b00..ee7cf28 100644
--- a/radicale/app/propfind.py
+++ b/radicale/app/propfind.py
@@ -350,8 +350,8 @@ class ApplicationPartPropfind(ApplicationBase):
permission = "r"
status = "read"
else:
- permission = ""
- status = "NO"
+ permission = "r"
+ status = "read"
logger.debug(
"%s has %s access to %s",
repr(user) if user else "anonymous user", status, target)
@@ -362,8 +362,8 @@ class ApplicationPartPropfind(ApplicationBase):
path: str, user: str) -> types.WSGIResponse:
"""Manage PROPFIND request."""
access = Access(self._rights, user, path)
- if not access.check("r"):
- return httputils.NOT_ALLOWED
+ #if not access.check("r"):
+ # return httputils.NOT_ALLOWED
try:
xml_content = self._read_xml_request_body(environ)
except RuntimeError as e:
@@ -380,8 +380,8 @@ class ApplicationPartPropfind(ApplicationBase):
item = next(items_iter, None)
if not item:
return httputils.NOT_FOUND
- if not access.check("r", item):
- return httputils.NOT_ALLOWED
+ #if not access.check("r", item):
+ # return httputils.NOT_ALLOWED
# put item back
items_iter = itertools.chain([item], items_iter)
allowed_items = self._collect_allowed_items(items_iter, user)

106
mastus/ttrss.nix
View File

@ -2,7 +2,13 @@
{
containers.ttrss = {
config = {
users.extraUsers.ttrss = {};
users.users.ttrss = {
group = "ttrss";
isSystemUser = true;
};
users.groups.ttrss = {};
users.users.tt_rss.isSystemUser = true;
services.postgresql = {
enable = true;
@ -19,6 +25,7 @@
user = "ttrss";
pool = "ttrss";
virtualHost = null;
database = {
type = "pgsql";
@ -32,23 +39,21 @@
};
services.phpfpm = {
extraConfig = ''
error_log = /var/log/phpfpm.log
log_level = notice
'';
poolConfigs = {
ttrss = ''
listen = 9000
user = ttrss
pm = dynamic
pm.max_children = 75
pm.start_servers = 10
pm.min_spare_servers = 5
pm.max_spare_servers = 20
pm.max_requests = 500
catch_workers_output = 1
'';
pools = {
ttrss = {
user = "ttrss";
group = "ttrss";
settings = {
listen = "9000";
pm = "dynamic";
"pm.max_children" = 75;
"pm.start_servers" = 10;
"pm.min_spare_servers" = 5;
"pm.max_spare_servers" = 20;
"pm.max_requests" = 500;
catch_workers_output = 1;
};
};
};
};
@ -63,61 +68,28 @@
networking.nat.enable = true;
networking.nat.internalInterfaces = ["ve-+"];
networking.nat.externalInterface = "enp0s3";
networking.nat.externalInterface = "ens3";
security.acme.certs."gebner.org".extraDomains."reader.gebner.org" = null;
security.acme.certs."gebner.org".extraDomainNames = [ "reader.gebner.org" ];
services.nginx.httpConfig = ''
server {
listen [::]:80;
listen 80;
server_name reader.gebner.org;
location /.well-known/acme-challenge {
default_type text/plain;
alias /var/lib/acme/www/.well-known/acme-challenge;
}
location / {
rewrite ^(.*) https://$host$1 permanent;
}
}
server {
listen [::]:443;
listen 443;
server_name reader.gebner.org;
ssl on;
ssl_certificate_key /var/lib/acme/gebner.org/key.pem;
ssl_certificate /var/lib/acme/gebner.org/fullchain.pem;
ssl_dhparam /etc/nginx/dhparam.pem;
ssl_protocols TLSv1.1 TLSv1.2;
ssl_ciphers 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!3DES:!MD5:!PSK';
ssl_prefer_server_ciphers on;
add_header Strict-Transport-Security max-age=15768000;
ssl_stapling on;
ssl_stapling_verify on;
location / {
root /var/lib/containers/ttrss/var/lib/tt-rss;
index index.php;
}
location /cache {
deny all;
}
location = /config.php {
deny all;
}
location ~ \.php$ {
services.nginx = {
virtualHosts."reader.gebner.org" = {
forceSSL = true;
useACMEHost = "gebner.org";
locations."/" = {
root = "/var/lib/containers/ttrss/var/lib/tt-rss";
index = "index.php";
};
locations."/cache".extraConfig = "deny all;";
locations."= /config.php".extraConfig = "deny all;";
locations."~ \\.php$".extraConfig = ''
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass 192.168.100.11:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME /var/lib/tt-rss/$fastcgi_script_name;
include ${pkgs.nginx}/conf/fastcgi_params;
}
}
'';
};
};
}

16
mastus/vmtest.nix
View File

@ -9,7 +9,7 @@ let
boot.enableContainers = true;
systemd.services.setupVM = rec {
wantedBy = [ "gogs.service" "dovecot2.service" "nginx.service" ];
wantedBy = [ "gitea.service" "dovecot2.service" "nginx.service" ];
before = wantedBy;
serviceConfig = {
Type = "oneshot";
@ -17,14 +17,22 @@ let
};
script = ''
mkdir -p /srv/git.gebner.org
chown git:git -R /srv/git.gebner.org
chown gitea:gitea -R /srv/git.gebner.org
'';
};
environment.systemPackages = with pkgs; [ elinks carddav-util fcgi ];
environment.systemPackages = with pkgs; [
elinks
carddav-util
fcgi
wstunnel
sqlite-interactive
];
security.acme.server = "http://localhost";
networking.extraHosts = ''
127.0.0.1 gebner.org www.gebner.org reader.gebner.org git.gebner.org mail.gebner.org radicale.gebner.org
127.0.0.1 gebner.org www.gebner.org reader.gebner.org git.gebner.org mail.gebner.org radicale.gebner.org gabrielebner.at
# disable letsencrypt
127.0.0.111 acme-v01.api.letsencrypt.org

33
mastus/website.nix Normal file
View File

@ -0,0 +1,33 @@
{ config, pkgs, ... }:
{
services.nginx = {
virtualHosts."gebner.org" = {
enableACME = true;
forceSSL = true;
root = "/srv/www.gebner.org";
extraConfig = ''
access_log /var/log/nginx/website_access.log;
error_page 404 403 /404.html;
location / {
try_files $uri $uri/ @not_found;
}
location @not_found {
try_files /404.cgi =404;
fastcgi_intercept_errors on;
fastcgi_pass unix:${config.services.fcgiwrap.socketAddress};
}
'';
};
};
services.fcgiwrap = {
enable = true;
user = "nobody";
group = "nogroup";
};
}

24
mastus/wstunnel.nix Normal file
View File

@ -0,0 +1,24 @@
{ config, pkgs, ... }:
let
port = 58613;
in
{
systemd.services.wstunnel = rec {
path = [ pkgs.wstunnel ];
wantedBy = [ "nginx.service" ];
after = [ "network.target" ];
script = ''
wstunnel --server --restrictTo=htdf-gw.gebner.org:35869 ws://localhost:${toString port}
'';
};
services.nginx.virtualHosts."gebner.org".locations = {
"/wstunnel/udp/htdf-gw.gebner.org/35869" = {
proxyWebsockets = true;
proxyPass = "http://localhost:${toString port}";
};
};
}

25
mastus/www.nix
View File

@ -16,21 +16,18 @@
services.nginx = {
enable = true;
httpConfig = ''
server {
listen [::]:80;
listen 80;
server_name _;
location /.well-known/acme-challenge {
default_type text/plain;
alias /var/lib/acme/www/.well-known/acme-challenge;
}
recommendedTlsSettings = true;
recommendedOptimisation = true;
location / {
rewrite ^(.*) https://gebner.org$1 permanent;
}
}
'';
sslDhparam = "/etc/nginx/dhparam.pem";
virtualHosts."_" = {
default = true;
addSSL = true;
useACMEHost = "gebner.org";
globalRedirect = "gebner.org";
};
};
}

147
murex.nix Normal file
View File

@ -0,0 +1,147 @@
{ config, pkgs, ... }:
{
imports = [
/etc/nixos/hardware-configuration.nix
./basic-tools.nix
];
boot.loader.grub.enable = false;
boot.loader.raspberryPi = {
enable = true;
version = 3;
uboot.enable = true;
};
boot.kernelPackages = pkgs.linuxPackages_5_4;
boot.kernelParams = [
"cma=32M" # for virtual console, see https://nixos.wiki/wiki/NixOS_on_ARM
"console=tty0"
];
hardware.enableRedistributableFirmware = true;
# hardware.firmware = with pkgs; [
# (stdenv.mkDerivation {
# name = "broadcom-rpi3bplus-extra";
# src = fetchurl {
# url = "https://raw.githubusercontent.com/RPi-Distro/firmware-nonfree/b518de4/brcm/brcmfmac43455-sdio.txt";
# sha256 = "0r4bvwkm3fx60bbpwd83zbjganjnffiq1jkaj0h20bwdj9ysawg9";
# };
# phases = [ "installPhase" ];
# installPhase = ''
# mkdir -p $out/lib/firmware/brcm
# cp $src $out/lib/firmware/brcm/brcmfmac43455-sdio.txt
# '';
# })
# ];
# networking.wireless.enable = true;
# networking.networkmanager.enable = true;
networking.wireless.iwd.enable = true;
fileSystems = {
"/" = {
device = "/dev/disk/by-label/NIXOS_SD";
fsType = "ext4";
};
};
networking.hostName = "murex";
#networking.hostId = "34a820f1";
time.timeZone = "Europe/Amsterdam";
environment.systemPackages = with pkgs; [
raspberrypi-tools
];
users.extraUsers.gebner = {
isNormalUser = true;
extraGroups = [ "wheel" "networkmanager" "audio" "dialout" ];
shell = pkgs.fish;
};
services.openssh = {
enable = true;
passwordAuthentication = false;
};
documentation.nixos.enable = false;
services.octoprint = {
enable = true;
plugins = ps: with ps; [
printtimegenius
touchui
# psucontrol
];
};
# systemd.services.setupGpioForRelais = rec {
# wantedBy = [ "octoprint.service" ];
# serviceConfig = {
# Type = "oneshot";
# RemainAfterExit = "yes";
# };
# script = let gpio = toString (458 + 17); in ''
# if echo ${gpio} > /sys/class/gpio/export; then
# echo high > /sys/class/gpio/gpio${gpio}/direction
# fi
# chown octoprint:dialout /sys/class/gpio/gpio${gpio}/value
# '';
# };
users.users.${config.services.octoprint.user}.extraGroups = [
"dialout" # ttyUSB access
];
systemd.services.ethKernelPanicFix = rec {
wantedBy = [ "networking.target" ];
serviceConfig = {
Type = "oneshot";
RemainAfterExit = "yes";
};
# https://github.com/raspberrypi/linux/issues/2449
script = ''
${pkgs.ethtool}/bin/ethtool -K eth0 tx-tcp-segmentation off tx-tcp6-segmentation off
'';
};
services.mjpg-streamer = {
enable = true;
# inputPlugin = "input_uvc.so -r 1920x1080";
};
networking.firewall = {
enable = true;
allowedTCPPorts = [
# config.services.octoprint.port
# 5050 # mjpg-streamer
80
];
};
services.nginx = {
enable = true;
recommendedTlsSettings = true;
recommendedOptimisation = true;
recommendedGzipSettings = true;
recommendedProxySettings = true;
virtualHosts."murex.ams.gebner.org" = {
locations."/" = {
proxyPass = "http://localhost:${toString config.services.octoprint.port}";
proxyWebsockets = true;
# do not cache that octoprint is inaccessible on startup
extraConfig = ''
proxy_cache off;
proxy_set_header Accept-Encoding "*";
client_max_body_size 50M;
'';
};
locations."/webcam/".proxyPass = "http://localhost:5050/?action=stream";
locations."/webcampic/".proxyPass = "http://localhost:5050/?action=snapshot";
};
};
system.stateVersion = "20.09";
}

26
nebula.nix Normal file
View File

@ -0,0 +1,26 @@
{ config, pkgs, ... }:
let mastus = "37.252.120.145"; hostname = config.networking.hostName;
in {
services.nebula.networks.gabriel = {
enable = true;
ca = "/etc/nebula/gabriel/ca.crt";
cert = "/etc/nebula/gabriel/${hostname}.crt";
key = "/etc/nebula/gabriel/${hostname}.key";
listen.host = "[::]";
listen.port = 0; # dynamic ip
staticHostMap = {
"192.168.18.36" = [ "${mastus}:4242" ];
};
lighthouses = [
"192.168.18.36"
];
firewall.outbound = [ { port = "any"; proto = "any"; host = "any"; } ];
firewall.inbound = [ { port = "any"; proto = "any"; host = "any"; } ];
};
networking.firewall.allowedUDPPorts = [ 4242 ];
}

9
nm-restart.nix Normal file
View File

@ -0,0 +1,9 @@
{ ... }:
{
systemd.services.NetworkManager.restartIfChanged = false;
systemd.services.NetworkManager-dispatcher.restartIfChanged = false;
systemd.services.NetworkManager-wait-online.restartIfChanged = false;
systemd.services.wpa_supplicant.restartIfChanged = false;
systemd.services.systemd-resolved.restartIfChanged = false;
}

21
nvim05.nix Normal file
View File

@ -0,0 +1,21 @@
{ config, inputs, ... }:
{
# nixpkgs.overlays = [ inputs.neovim-overlay.overlay ];
nixpkgs.config.packageOverrides = pkgs: with pkgs; {
# neovim-unwrapped = neovim-unwrapped.overrideDerivation (orig: {
# patches = orig.patches ++ [ ];
# });
# neovim-qt-unwrapped = neovim-qt-unwrapped.overrideDerivation (_: {
# version = "0.2.17.9999";
# src = fetchFromGitHub {
# owner = "equalsraf";
# repo = "neovim-qt";
# rev = "67cc4e414a8e64a475e55230818fab0f78415634";
# sha256 = "sha256-3jYYY7T7L4rMsxIxJwY32izmlJKrrqbmU4DZ2Aow5uE=";
# };
# });
};
}

174
petalius.nix
View File

@ -3,42 +3,73 @@
{
imports =
[
./common.nix
./common-headless.nix
./sway.nix
# ./i3.nix
./large-sw.nix
./uefi.nix
./fstrim.nix
./atmega.nix
./v4l2loopback.nix
./huion.nix
./nvim05.nix
./nm-restart.nix
# ./nebula.nix
./tailscale.nix
];
hardware.enableRedistributableFirmware = true;
boot.initrd.availableKernelModules = [ "xhci_pci" "nvme" "usb_storage" "sd_mod" "rtsx_pci_sdmmc" ];
boot.kernelModules = [
"kvm-intel"
"rmi_smbus"
"i2c_hid"
"psmouse"
];
fileSystems."/" =
{ device = "/dev/disk/by-uuid/c87491ed-0dd6-4eb4-bef2-fe4c707e91f2";
fsType = "ext4";
};
fileSystems."/boot" =
{ device = "/dev/disk/by-uuid/E526-BAB7";
fsType = "vfat";
};
swapDevices = [ ];
nix.settings.max-jobs = 4;
environment.etc."lvm/lvm.conf".text = ''
devices {
issue_discards = 1
}
'';
boot.initrd.luks.devices = [
{
name = "nvme0n1p2";
boot.initrd.luks.devices = {
nvme0n1p2 = {
device = "/dev/disk/by-uuid/5ca3d7ec-3f9e-4a08-8bc2-b26bfc3459c5";
preLVM = true;
allowDiscards = true;
}
];
services.xserver = {
dpi = 120;
libinput.enable = true;
config = ''
Section "InputClass"
Identifier "touchpad"
Driver "libinput"
MatchDevicePath "/dev/input/event*"
MatchIsPointer "true"
EndSection
'';
videoDrivers = [ "modesetting" ];
useGlamor = true;
};
};
# services.xserver = {
# dpi = 120;
#
# libinput.enable = true;
# config = ''
# Section "InputClass"
# Identifier "touchpad"
# Driver "libinput"
# MatchDevicePath "/dev/input/event*"
# MatchIsPointer "true"
# EndSection
# '';
#
# videoDrivers = [ "modesetting" ];
# useGlamor = true;
# };
programs.light.enable = true;
services.tlp.enable = true;
@ -46,29 +77,34 @@
networking.hostName = "petalius";
networking.hostId = "cf58caa9";
systemd.services.ModemManager = {
enable = true;
wantedBy = [ "multi-user.target" ];
};
hardware.cpu.intel.updateMicrocode = true;
# systemd.services.ModemManager = {
# enable = true;
# wantedBy = [ "multi-user.target" ];
# };
hardware.opengl.extraPackages = [ pkgs.vaapiIntel ];
nixpkgs.config.packageOverrides = pkgs: rec {
};
environment.systemPackages = with pkgs; [
unison
];
# environment.systemPackages = with pkgs; [
# unison
# ];
virtualisation.docker = {
enable = true;
storageDriver = "overlay2";
};
users.extraUsers.gebner.extraGroups = [ "docker" ];
users.extraUsers.gebner.extraGroups = [ "libvirtd" ];
virtualisation.libvirtd.enable = true;
#virtualisation.virtualbox.host.enable = true;
virtualisation.waydroid.enable = true;
# boot.kernelPackages = pkgs.lib.mkOverride 10 pkgs.linuxPackages;
# virtualisation.virtualbox.host.enable = true;
# boot.kernelPackages = pkgs.lib.mkOverride 10 pkgs.linuxPackages_5_4;
# boot.kernelPackages = pkgs.lib.mkOverride 10 pkgs.linuxPackages_5_5;
# boot.kernelPackages = pkgs.lib.mkOverride 10 pkgs.linuxPackages_4_19;
boot.kernelPatches = [
# { patch = ./len0073.patch; name = "len0073"; }
];
@ -76,14 +112,70 @@
# "psmouse.synaptics_intertouch=1"
"psmouse.proto=imps"
];
boot.kernelModules = [
"rmi_smbus"
"i2c_hid"
"psmouse"
];
# time.timeZone = pkgs.lib.mkOverride 10 "Asia/Tokyo";
# time.timeZone = pkgs.lib.mkOverride 10 "Europe/London";
# time.timeZone = pkgs.lib.mkOverride 10 "Europe/Lisbon";
# time.timeZone = pkgs.lib.mkOverride 10 "US/Eastern";
time.timeZone = pkgs.lib.mkOverride 10 "US/Pacific";
#services.avahi.nssmdns = true;
system.stateVersion = "22.11";
networking.wireguard.interfaces.wg0 = {
ips = ["10.59.0.2/16"];
privateKeyFile = "/etc/wgkeys/petalius";
allowedIPsAsRoutes = true;
postSetup = ''
${pkgs.systemd}/bin/resolvectl domain wg0 '~htdf.gebner.org' '~mtlaa.gebner.org' '~ams.gebner.org'
${pkgs.systemd}/bin/resolvectl dns wg0 10.58.0.1
'';
peers = [{
publicKey = "ByLlJbevlTBooAo2RIZGGJvBHKqA9qiOpHBvR5yuJX4=";
allowedIPs = ["10.56.0.0/14" "10.60.1.1"];
endpoint = "htdf-gw.gebner.org:35869";
# endpoint = "80.109.29.104:35869";
# endpoint = "127.0.0.1:35869";
}];
};
systemd.services.wireguard-wg0.wantedBy = pkgs.lib.mkOverride 10 [];
systemd.services.wstunnel = {
path = [ pkgs.wstunnel ];
wantedBy = [ "wireguard-wg0.service" ];
after = [ "network.target" ];
script = ''
wstunnel -L 35869:htdf-gw.gebner.org:35869 -u wss://gebner.org
'';
};
services.resolved = {
domains = [];
enable = true;
};
# environment.systemPackages = [
# (pkgs.callPackage ./bluez-alsa.nix {})
# ];
services.fwupd.enable = true;
users.extraUsers.gebner2 = {
isNormalUser = true;
extraGroups = [
"wheel"
# "networkmanager"
"audio"
# "transmission"
# "lxd"
# "libvirtd"
# "vboxusers"
# "wireshark"
"input" "tty" "audio" "video" "uinput"
];
# shell = "${pkgs.zsh}/bin/zsh";
shell = "/run/current-system/sw/bin/fish";
};
}

38
pipewire.nix Normal file
View File

@ -0,0 +1,38 @@
{ config, pkgs, ... }:
{
users.extraUsers.gebner.extraGroups = [ "bluetooth" ];
security.rtkit.enable = true;
services.pipewire = {
enable = true;
alsa.enable = true;
alsa.support32Bit = true;
pulse.enable = true;
jack.enable = true;
# media-session.config.bluez-monitor.rules = [
# {
# # Matches all cards
# matches = [ { "device.name" = "~bluez_card.*"; } ];
# actions = {
# "update-props" = {
# "bluez5.reconnect-profiles" = [ "hfp_hf" "hsp_hs" "a2dp_sink" ];
# "bluez5.msbc-support" = true;
# };
# };
# }
# ];
};
environment.systemPackages = with pkgs; [
pulseaudio
alsaUtils
carla
qjackctl
pipewire.lib
helvum
];
}

32
pkgs/eclipse-5.nix Normal file
View File

@ -0,0 +1,32 @@
with import <nixpkgs> {};
stdenv.mkDerivation rec {
name = "eclipse-clp-${version}";
version = "5.10_147";
src = fetchurl {
url = "http://eclipseclp.org/Distribution/Old/${version}/src/eclipse_src.tgz";
sha256 = "1473b1byfjgygf80sqyjjl53pvybcyyr397w23f2gn64cv68f6qx";
};
# configureFlags = [ "--without-tcl" ];
preConfigure = ''
find -name Makefile.in | xargs sed -i "s,/bin/\(cp\|mv\|chmod\|pwd\),${coreutils}&,g"
sed -i "s,/bin/pwd,pwd,g;s,/usr/bin/ranlib,ranlib,g" RUNME
sed -i "s/-fforce-mem/-D_GNU_SOURCE/" configure
cp sepia/include/*.h icparc_solvers/
'';
postConfigure = ''
ln -s Makefile.*_* Makefile # rename Makefile.x86_64_linux
'';
postInstall = ''
# eclipse puts files in bin/x86_64_linux...
mv $out/bin/*/* $out/bin/
rmdir $out/bin/*/
'';
buildInputs = [ tcl-8_5 gmp ];
# tcltk, java, mysqlclient, latex
}

21
pkgs/gogs.nix
View File

@ -1,21 +0,0 @@
{ nixpkgs ? import <nixpkgs> {} }: with nixpkgs;
stdenv.mkDerivation rec {
name = "gogs-${version}";
version = "0.9.48";
src = fetchzip {
url = "https://github.com/gogits/gogs/releases/download/v${version}/linux_amd64.zip";
sha256 = "1z00lqcz7nwbyavs1mwgsr9zjnqrjjmqvxy43p8gap768y45pvlb";
};
buildPhase = ''
patchelf \
--set-interpreter "$(cat $NIX_CC/nix-support/dynamic-linker)" \
--set-rpath ${pam}/lib \
gogs
'';
installPhase = ''
cp -ra ./ $out/
'';
}

6
pkgs/yourkit.nix
View File

@ -1,11 +1,11 @@
with import <nixpkgs> {};
stdenv.mkDerivation rec {
name = "yjp-${version}";
version = "2017.02-b53";
version = "2017.02-b75";
src = fetchurl {
url = "https://www.yourkit.com/download/${name}.zip";
sha256 = "0ms1pq5badk6wb468s6kxqb2c9ll1sbjz2p61sdbpjp59a1sv2gx";
url = "https://www.yourkit.com/download/YourKit-JavaProfiler-${version}.zip";
sha256 = "0m0xjyp2plwpfgy2fps86k3cqv49268s4piasyszc00gf5n5cban";
};
nativeBuildInputs = [ unzip makeWrapper patchelf ];

31
pulseaudio.nix Normal file
View File

@ -0,0 +1,31 @@
{ config, pkgs, ... }:
{
hardware.pulseaudio = {
enable = true;
zeroconf.discovery.enable = true;
daemon.config = {
flat-volumes = "no";
avoid-resampling = "yes";
resample-method = "speex-float-10";
default-sample-format = "s32le";
default-sample-rate = "96000";
};
# package = pkgs.pulseaudio-hsphfpd;
package = pkgs.pulseaudioFull;
extraModules = [ pkgs.pulseaudio-modules-bt ];
};
# hardware.bluetooth.hsphfpd.enable = true;
users.extraUsers.gebner.extraGroups = [ "bluetooth" ];
services.pipewire = {
enable = true;
};
# causes recompilation
# nixpkgs.config.pulseaudio = true;
}

29
qemu-user.nix Normal file
View File

@ -0,0 +1,29 @@
{ config, pkgs, lib, ... }:
let
arm = {
interpreter = "${pkgs.qemu}/bin/qemu-arm";
magicOrExtension = ''\x7fELF\x01\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x28\x00'';
mask = ''\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\x00\xff\xfe\xff\xff\xff'';
};
aarch64 = {
interpreter = "${pkgs.qemu}/bin/qemu-aarch64";
magicOrExtension = ''\x7fELF\x02\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\xb7\x00'';
mask = ''\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\x00\xff\xfe\xff\xff\xff'';
};
riscv64 = {
interpreter = "${pkgs.qemu}/bin/qemu-riscv64";
magicOrExtension = ''\x7fELF\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xf3\x00'';
mask = ''\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\x00\xff\xfe\xff\xff\xff'';
};
in {
boot.binfmt.registrations = {
inherit arm;
inherit aarch64;
inherit riscv64;
};
nix.extraOptions = ''
extra-platforms = armv6l-linux armv7l-linux aarch64-linux riscv64-linux i686-linux
'';
nix.sandboxPaths = [ "/run/binfmt" "${pkgs.qemu}" ];
}

16
remote-ssh-install-cd.nix Normal file
View File

@ -0,0 +1,16 @@
with import <nixpkgs> {};
(pkgs.nixos ({ config, pkgs, ... }: {
imports = [
<nixpkgs/nixos/modules/installer/cd-dvd/installation-cd-minimal.nix>
<nixpkgs/nixos/modules/installer/cd-dvd/channel.nix>
];
networking.hostName = "nixos-install";
systemd.services.sshd.wantedBy = pkgs.lib.mkForce [ "multi-user.target" ];
users.users.root.openssh.authorizedKeys.keys = [
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCmLT+dRGdvDQS/1+34f86Dr62UUUCyoBoQDa3Keyy0oMQqdgWK+4qIVOzvKKn2/nZ7rbNDXEnZ1wJ2+BvQ8V1QAl7I6GvkLJifZpztZ9B0o8t6fnGRMoi3BXu2cdb+HBvKvTZH0A+WU/OEwc4HF/+o2DyrTytYNucBgWaIUGZDw4RzUfoAurQ827Eslrz34qRaEk/Q+BGE2G8bDzrEHmf2wR6apuA7mF0961CNq09DNtYUTuxnqWVuzg1yOFQ0e8K4NzjqvRoproK3472/6Wifg20V7CoKE/81IocfVCuCvLuUyyQ6HHlq7MmJowCZzGs6L7SmXOMeponUTSZ1ivZ9 gebner@archachatina"
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC9n0cCLVTBg8IhXvonlNU3kJ5ScOVzoHdnXaffVAq+UihNQYayDtLlFetYD4RvjAgoxb8xkLKM0PWjYJicVntuPz0GhHVKlZeWIqgDG+Ec8w+7PI2Fc2WF1fLatTRBH7lwDMd7eEhPLPY5FVfqTtvEAL6aIV9uzJ0coHeh1GPp6YQ9kgobuGTxpa0r8wtd/7Q7uKkkuxfqZW6Aig56xohNYHkcI2LAJgv5e4Cim1GR/2kXY4EHfxPfxAhzx0ZIxRdp0kAmkLHEbeEUASs1kd6n/5XtmJgjl9605QrCXrKXQXf+czTbjKu5isOimFdKlXwLZYVaZd1iPPvzSNcYhMat gebner@petalius"
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDMTO3cgQHCgHEBK8SeHJ+Nh/pNHCBASw04VCnuVBv9EW1gApGLx4K1F1nsS/TJR9N+ayxADbAfKOTyJ5Dj6AyG16im8UM1or+GMpkXeY+t9HbFt7aHt8Ogn3P4G7VZyEwTvTEifNjmCrIdaAFnDztBoGMo0oR8MT+ry58byiMH5tIlt8yKsYdE5M1UzAyrwbTmAf8N3WxgQQv1wTvIET9+OrcY4Pw1z55Tft44ZdvQDghCRTUHz9kGpHSlOXYxa0ht+pPRLiufbsAvs5Ue+TwQmVVuAHbGn+tNrBlvYPjuNHCfiXXcGiBqNVNaWb28DCCCuchzpu9hAUXr8MbQuOnH gebner@decoysnail"
];
})).isoImage

27
rtl8761b.nix Normal file
View File

@ -0,0 +1,27 @@
{ config, pkgs, ... }:
{
hardware.firmware = with pkgs; [ (stdenv.mkDerivation rec {
name = "rtl8761b-fw";
fw = fetchurl {
url = "https://github.com/Realtek-OpenSource/android_hardware_realtek/raw/e58b611f34f2f5ff57bb0d8cdf1b2e4751e3ccbd/bt/rtkbt/Firmware/BT/rtl8761b_fw";
sha256 = "0b59a1f2422c006837c4b5e46b59d49bfdbca1defb958adbbc0d57ebdc19cc82";
};
config = fetchurl {
url = "https://github.com/Realtek-OpenSource/android_hardware_realtek/raw/e58b611f34f2f5ff57bb0d8cdf1b2e4751e3ccbd/bt/rtkbt/Firmware/BT/rtl8761b_config";
sha256 = "aa86a092ee58e96256331d5c28c199ceaadec434460e98e7dea20e411e1aa570";
};
unpackPhase = ":";
buildPhase = ''
dn=$out/lib/firmware
mkdir -p $dn/rtl_bt
ln -s ${fw} $dn/rtl_bt/rtl8761b_fw.bin
ln -s ${config} $dn/rtl_bt/rtl8761b_config.bin
'';
installPhase = ":";
}) ];
}

22
spacenav.nix Normal file
View File

@ -0,0 +1,22 @@
{ config, pkgs, ... }:
{
environment.systemPackages = with pkgs; [
spnavcfg
];
hardware.spacenavd.enable = true;
nixpkgs.config.packageOverrides = pkgs: with pkgs; {
spacenavd = spacenavd.overrideDerivation (_: {
patches = spacenavd.patches ++ [
(fetchpatch {
url = "https://github.com/FreeSpacenav/spacenavd/commit/fbf9019470f2511d24a368e2c9113361b58483d5.patch";
sha256 = "1i98c3k4x8f35kpfp4b9xcwgq45mdjab2frp8c2jl6y62fs84d6j";
})
];
});
};
}

84
sway.nix Normal file
View File

@ -0,0 +1,84 @@
{ config, pkgs, ... }:
{
imports = [
./common-gui.nix
];
environment.systemPackages = with pkgs; [
i3status
(waybar.override { pulseSupport = true; })
rofi-wayland
ydotool
wtype
wl-clipboard
feh
gnome3.gnome-keyring
networkmanagerapplet
pcmanfm
evince
grim
mako
pavucontrol
paprefs
gnome3.dconf-editor
xdg_utils # for xdg-open
# gnome3 core packages
desktop-file-utils shared-mime-info
glib gtk3
glib-networking gvfs dconf
gnome-themes-extra gnome3.adwaita-icon-theme
hicolor-icon-theme
# for QT_QPA_PLATFORM=wayland
qt5.qtwayland
wdisplays
playerctl
xorg.xlsclients
];
# services.dbus.socketActivated = true;
programs.sway = {
enable = true;
wrapperFeatures.gtk = true;
extraSessionCommands = ''
export SDL_VIDEODRIVER=wayland
# https://github.com/swaywm/sway/issues/4506
export QT_QPA_PLATFORM=xcb
# export QT_QPA_PLATFORM=wayland
export QT_WAYLAND_DISABLE_WINDOWDECORATION=1
# Fix for some Java AWT applications (e.g. Android Studio),
# use this if they aren't displayed properly:
export _JAVA_AWT_WM_NONREPARENTING=1
# rust winit's wayland support is broken for input methods
export WINIT_UNIX_BACKEND=x11
export XDG_DATA_DIRS=/run/current-system/sw/share/''${XDG_DATA_DIRS:+:}$XDG_DATA_DIRS
export $(${pkgs.gnome3.gnome-keyring}/bin/gnome-keyring-daemon --start --components=pkcs11,secrets,ssh,gpg)
export XDG_CURRENT_DESKTOP=sway
'';
};
# services.xserver = {
# enable = true;
# libinput.enable = true;
# # displayManager.lightdm.enable = true;
# displayManager.defaultSession = "sway";
# };
services.dbus.packages = with pkgs; [ mako ];
xdg.portal.extraPortals = [ pkgs.xdg-desktop-portal-wlr ];
}

9
tailscale.nix Normal file
View File

@ -0,0 +1,9 @@
{ config, pkgs, ... }: {
# make the tailscale command usable to users
environment.systemPackages = [ pkgs.tailscale ];
# enable the tailscale service
services.tailscale.enable = true;
networking.firewall.checkReversePath = "loose";
}

74
theba.nix
View File

@ -1,74 +0,0 @@
{ config, pkgs, ... }:
{
imports =
[
./common.nix
./large-sw.nix
./uefi.nix
./fstrim.nix
];
environment.etc."lvm/lvm.conf".text = ''
devices {
issue_discards = 1
}
'';
boot.initrd.luks.devices = [
{
name = "sda2_crypt";
device = "/dev/disk/by-uuid/a7482f34-1d7b-4181-9f3c-f6bbbdb8679d";
preLVM = true;
allowDiscards = true;
}
];
services.xserver = {
libinput.enable = true;
config = ''
Section "InputClass"
Identifier "touchpad"
Driver "libinput"
MatchDevicePath "/dev/input/event*"
MatchIsPointer "true"
EndSection
'';
videoDrivers = [ "modesetting" ];
useGlamor = true;
};
programs.light.enable = true;
services.tlp.enable = true;
networking.hostName = "theba"; # Define your hostname.
networking.hostId = "b29b900f";
# services.colord.enable = true;
systemd.services.ModemManager.enable = true;
hardware.opengl.extraPackages = [ pkgs.vaapiIntel ];
nixpkgs.config.packageOverrides = pkgs: rec {
};
environment.systemPackages = with pkgs; [
unison
];
virtualisation.docker = {
enable = true;
storageDriver = "overlay2";
};
users.extraUsers.gebner.extraGroups = [ "docker" ];
# virtualisation.virtualbox.host.enable = true;
# boot.kernelPackages = pkgs.lib.mkOverride 10 pkgs.linuxPackages;
# time.timeZone = pkgs.lib.mkOverride 10 "Europe/London";
services.avahi.nssmdns = true;
}

2
uefi.nix
View File

@ -4,6 +4,4 @@
# Use the gummiboot efi boot loader.
boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = true;
boot.initrd.kernelModules = [ "fbcon" ];
}

11
unstable-nix.nix Normal file
View File

@ -0,0 +1,11 @@
{ config, pkgs, ... }:
{
nix.package = pkgs.nixUnstable;
nix.extraOptions = ''
experimental-features = flakes nix-command
'';
}

10
v4l2loopback.nix Normal file
View File

@ -0,0 +1,10 @@
{ config, pkgs, ... }:
{
boot = {
kernelModules = [ "v4l2loopback" ];
extraModulePackages = with config.boot.kernelPackages; [ v4l2loopback ];
};
}

75
vaccaria.nix
View File

@ -3,6 +3,7 @@
{
imports =
[
/etc/nixos/hardware-configuration.nix
./common-headless.nix
];
@ -15,12 +16,7 @@
hostId = "3d551a7c";
};
services.openssh.enable = true;
users.extraUsers.gebner = {
isNormalUser = true;
extraGroups = ["wheel" "transmission"];
};
users.extraUsers.gebner.extraGroups = ["transmission"];
boot.supportedFilesystems = ["zfs"];
boot.kernelPackages = pkgs.lib.mkOverride 10 pkgs.linuxPackages;
@ -32,11 +28,21 @@
fsType = "zfs";
};
fileSystems."/home/drebner" = pkgs.lib.mkOverride 10 {
device = "vaccaria/drebner";
fsType = "zfs";
};
users.extraUsers.drebner = {
isNormalUser = true;
};
services.samba = {
enable = true;
extraConfig = ''
passdb backend = tdbsam
unix password sync = no
min protocol = NT1
'';
shares = {
export = {
@ -44,6 +50,11 @@
"read only" = "no";
path = "/mnt/vaccaria";
};
drebner = {
"guest ok" = "no";
"read only" = "no";
path = "/home/drebner";
};
};
};
@ -61,6 +72,7 @@
allowedTCPPorts = [
445 139 # samba
config.services.transmission.settings.peer-port
config.services.rsyncd.port
];
allowedUDPPorts = [
137 138 # samba
@ -70,32 +82,47 @@
environment.systemPackages = with pkgs; [
transmission
samba
rdiff-backup
];
# fancontrol
boot.kernelModules = ["it87"];
systemd.services.fancontrol =
let fancontrolConfig = pkgs.writeText "fancontrol" ''
# Configuration file generated by pwmconfig, changes will be lost
INTERVAL=10
DEVPATH=hwmon0=devices/pci0000:00/0000:00:18.3 hwmon2=devices/platform/it87.552
DEVNAME=hwmon0=k10temp hwmon2=it8720
FCTEMPS=hwmon2/pwm3=hwmon0/temp1_input hwmon2/pwm1=hwmon0/temp1_input
FCFANS=hwmon2/pwm3=hwmon2/fan1_input hwmon2/pwm1=hwmon2/fan1_input
MINTEMP=hwmon2/pwm3=40 hwmon2/pwm1=40
MAXTEMP=hwmon2/pwm3=65 hwmon2/pwm1=65
MINSTART=hwmon2/pwm3=150 hwmon2/pwm1=150
MINSTOP=hwmon2/pwm3=0 hwmon2/pwm1=100
''; in {
description = "fancontrol from lm_sensors";
wantedBy = ["multi-user.target"];
serviceConfig.ExecStart = "${pkgs.lm_sensors}/bin/fancontrol ${fancontrolConfig}";
};
# systemd.services.fancontrol =
# let fancontrolConfig = pkgs.writeText "fancontrol" ''
# # Configuration file generated by pwmconfig, changes will be lost
# INTERVAL=10
# DEVPATH=hwmon1=devices/pci0000:00/0000:00:18.3 hwmon0=devices/platform/it87.552
# DEVNAME=hwmon1=k10temp hwmon0=it8720
# FCTEMPS=hwmon0/pwm3=hwmon1/temp1_input hwmon0/pwm1=hwmon1/temp1_input
# FCFANS=hwmon0/pwm3=hwmon0/fan1_input hwmon0/pwm1=hwmon0/fan1_input
# MINTEMP=hwmon0/pwm3=40 hwmon0/pwm1=40
# MAXTEMP=hwmon0/pwm3=65 hwmon0/pwm1=65
# MINSTART=hwmon0/pwm3=150 hwmon0/pwm1=150
# MINSTOP=hwmon0/pwm3=0 hwmon0/pwm1=100
# ''; in {
# description = "fancontrol from lm_sensors";
# wantedBy = ["multi-user.target"];
# serviceConfig.ExecStart = "${pkgs.lm_sensors}/bin/fancontrol ${fancontrolConfig}";
# };
# hdd spindown
powerManagement.powerUpCommands = ''
${pkgs.hdparm}/bin/hdparm -B127 -S100 /dev/sd{a,b,c,d,e,f}
${pkgs.hdparm}/bin/hdparm -B200 -S0 /dev/sd{a,b,c,d,e,f}
'';
services.rsyncd = {
enable = true;
modules = {
lr_mobile = {
path = "/mnt/vaccaria/fotos/lr_mobile";
"read only" = "yes";
};
};
};
users.extraUsers.gebner.openssh.authorizedKeys.keys = [
''command="rdiff-backup --server --restrict-read-only /",no-port-forwarding,no-X11-forwarding,no-pty ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCiZhy9mm9sUeomfe9Vj5JhNE4l7YOkj7Yiii5Ni2RzUyj/dc9pxvNJSI+om/ruwb1n2gIYi0bOpwrZGiyvrUrpiqLcOwU6IOYLxnQ3E9nHLX3rsGMIyJtMcoBOcTY/rJMogqA4m6uMaaPEaeBlS5F/qb5UGIvQ7YlW1rF75RJ/QXrdL3Y7R3OJbG90QGR5EThs/1HOEBUKgkEcPQDodzNvZ8hFtznWrCw5bMSQYGMfY4WBc1b7UdLaYZ6vghQgsZ5IyvFDvCNTHTfhObYhv71YMXDkocAyI8XecNP1hoJ67oZ1xn06LEUEMiuXIQ4Ss7RYZLzNc2yrd5RYqCdd4x1n backups@aruanus''
];
}