diff options
-rw-r--r-- | krebs/3modules/lass/default.nix | 11 | ||||
-rw-r--r-- | krebs/3modules/lass/ssh/xerxes.ed25519 | 1 | ||||
-rw-r--r-- | krebs/3modules/lass/ssh/xerxes.rsa | 1 | ||||
-rw-r--r-- | lass/1systems/xerxes/config.nix | 21 | ||||
-rw-r--r-- | lass/1systems/xerxes/icarus/config.nix | 33 | ||||
-rw-r--r-- | lass/1systems/xerxes/icarus/physical.nix | 25 | ||||
-rw-r--r-- | lass/1systems/xerxes/physical.nix | 83 |
7 files changed, 159 insertions, 16 deletions
diff --git a/krebs/3modules/lass/default.nix b/krebs/3modules/lass/default.nix index 1821ea7e9..217edfdd1 100644 --- a/krebs/3modules/lass/default.nix +++ b/krebs/3modules/lass/default.nix @@ -398,6 +398,7 @@ in { nets = rec { retiolum = { ip4.addr = "10.243.1.3"; + ip6.addr = r6 "3"; aliases = [ "xerxes.r" ]; @@ -428,10 +429,18 @@ in { -----END RSA PUBLIC KEY----- ''; }; + wiregrill = { + ip6.addr = w6 "3"; + aliases = [ + "xerxes.w" + ]; + wireguard.pubkey = "UTm8B8YUVvBGqwwxAUMVFsVQFQGQ6jbcXAavZ8LxYT8="; + }; }; secure = true; ssh.privkey.path = <secrets/ssh.id_ed25519>; ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIE5HyLyaIvVH0qHIQ4ciKhDiElhSqsK+uXcA6lTvL+5n"; + syncthing.id = "EA76ZHP-DF2I3CJ-NNTFEUH-YGPQK5S-T7FQ6JA-BNQQUNC-GF2YL46-CKOZCQM"; }; red = { monitoring = false; @@ -666,7 +675,7 @@ in { }; lass-xerxes = { mail = "lass@xerxes.r"; - pubkey = builtins.readFile ./ssh/xerxes.rsa; + pubkey = builtins.readFile ./ssh/xerxes.ed25519; }; lass-daedalus = { mail = "lass@daedalus.r"; diff --git a/krebs/3modules/lass/ssh/xerxes.ed25519 b/krebs/3modules/lass/ssh/xerxes.ed25519 new file mode 100644 index 000000000..87a40ca2a --- /dev/null +++ b/krebs/3modules/lass/ssh/xerxes.ed25519 @@ -0,0 +1 @@ +ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGwCq56DGqj/kz8d8ax0xIl29jV9f3tUtDgtnCnS1b4q lass@xerxes diff --git a/krebs/3modules/lass/ssh/xerxes.rsa b/krebs/3modules/lass/ssh/xerxes.rsa deleted file mode 100644 index 2b5da7b25..000000000 --- a/krebs/3modules/lass/ssh/xerxes.rsa +++ /dev/null @@ -1 +0,0 @@ -ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAEZgGjBN0aFs6GxNwMjCvlddbN6+vb6LZuWiWWe+wbAynaGuGbae0TXCLp0/eMNy7fH8poDjpdW9M4mKbBFKOqyG8WJLCPFoQw761tjKl1hccJn0hFSkQAEGKxtfzHlAl/Mz+59yvqNg7/WNSivv41hE7btYltzRy238VQDYFv2eLM7acyxrgGo7tWOtkbpfELj5cM8Qw1j3TF9bGV5pK6IOEtaHbmalS8Iiz77syAu+6E/y6zKBTtGMHI15l6RNJ/Y7A1LM/WwuNL+9dJMYWJFVHy3/4dpaxiioHREiSawUbz9wNHknCrT6vaPCIVVcujhz9Oee1C5UiYUyyfJrFYdlzaTg7FuLNIt2hKMY6NYx1D8/Pwpq1JOsaEfK/K5ytCgaJb115mRevcaUA5s7KYNWHmmZvy08JzCgSM6ZPRtfkQIcha77wVq6DugJ+KgBz+oADQRKiaMrumOMldd0B3q4Oxb71gDTE1XLAbWJnd/0Up1H5GAtZZUUrMUslZiU/23R6SOkyEMLWQTx/KgkWcz8DZLtib5o03uZpfJDVqp2CR+sjmy4x9aa+lSaOzuZP0KRyg+mOKl0o3zL7TNAzrzSCORVBg7nOh+0SPJkDxVRkc6dVY1L3ZOfdm2P/19fhWEr5ECgVrmYYKnDPwWY1iWJlZsiEc3Mj7KB1m44ov0FJg2hiNnydImqcXTCoszp515MBmeHnpqJsqEZuWS8dAnaEiOwZaSKIO1E7lQ7CoP86+eD4yAwLq6fb2tgjHT69LgDMaIha4hMfrO2o4UDVw9OZMfnPtyatI4pxplaQDoQM1p0dej0rZ7uxL1tfoKAyT0UCdtjhxfnNs0x1gOQbML4eGbqyKuyF82eOQRgKRDqH/tParoE4SRBVi7o3s0kILRmXA3ng3n1uhEiGwPTH8JsQ9huM+XOhH8+CzQeg4yb/jCrhsDzvLaW654+ouq9G+kjwqmO4vLNs5eZxfae84rppbS2MJqK1x8rkJixvKBKEfvYJOuDNV+hXyMbToaq8qtGy7cCSq4+UDio3DsSHY0Tpt9e+yEzoOOqFQLQyq6uHv/+u9MY+VADoa4N64U3S2SXul9tE3g6hOAY0F5BYMbxQSuj59kzwghlAmbsyWN2FCmWdsfCQkkZX7wCTj20DtZB/GdVSGNgHGAoU5JZrXKca3A2Yc9hzbYjyNYr0NmQ9NUbkbaOkcYJRIUXtS2OBOHP+FoUkkqL3ieKXR07l5xJbWLzbyVUxN9Zii4Baj5xnDO/RLZPDvTUxbER/0d1orMZztL2EKmfSn4j4uhWqpi04Rg9sWH+WVLAq22EKhAuqcFEOUimjcyZWYKxcAq5Z51NJNBQB7euz55eCJUZkBUYEpNuYr0UDlmBxKB2r6ZWDeNXT7eLxBdwDHCHSqXV7qOG1vMhHtjbbxmQMnkQ4InhO9TdpaN3tj67nGmc6hhgYO4b7NvyL1/pvDPrHrR/3GzkDkwqvt3uESdVdqAJSCk6gFh9V1aGs= lass@xerxes diff --git a/lass/1systems/xerxes/config.nix b/lass/1systems/xerxes/config.nix index 1bd6cf2c5..b393f203d 100644 --- a/lass/1systems/xerxes/config.nix +++ b/lass/1systems/xerxes/config.nix @@ -1,4 +1,4 @@ -{ config, pkgs, ... }: +{ config, lib, pkgs, ... }: { imports = [ @@ -9,8 +9,27 @@ <stockholm/lass/2configs/baseX.nix> <stockholm/lass/2configs/browsers.nix> <stockholm/lass/2configs/programs.nix> + <stockholm/lass/2configs/network-manager.nix> + <stockholm/lass/2configs/syncthing.nix> + <stockholm/lass/2configs/games.nix> + <stockholm/lass/2configs/steam.nix> + <stockholm/lass/2configs/wine.nix> <stockholm/lass/2configs/fetchWallpaper.nix> + <stockholm/lass/2configs/nfs-dl.nix> + <stockholm/lass/2configs/pass.nix> + <stockholm/lass/2configs/mail.nix> ]; krebs.build.host = config.krebs.hosts.xerxes; + + services.xserver = { + displayManager.lightdm.autoLogin.enable = true; + displayManager.lightdm.autoLogin.user = "lass"; + }; + + boot.blacklistedKernelModules = [ + "xpad" + ]; + + lass.screenlock.enable = lib.mkForce false; } diff --git a/lass/1systems/xerxes/icarus/config.nix b/lass/1systems/xerxes/icarus/config.nix new file mode 100644 index 000000000..dada4949e --- /dev/null +++ b/lass/1systems/xerxes/icarus/config.nix @@ -0,0 +1,33 @@ +{ config, lib, pkgs, ... }: + +{ + imports = [ + <stockholm/lass> + + <stockholm/lass/2configs/mouse.nix> + <stockholm/lass/2configs/retiolum.nix> + <stockholm/lass/2configs/git.nix> + <stockholm/lass/2configs/exim-retiolum.nix> + <stockholm/lass/2configs/baseX.nix> + #<stockholm/lass/2configs/browsers.nix> + <stockholm/lass/2configs/programs.nix> + <stockholm/lass/2configs/fetchWallpaper.nix> + <stockholm/lass/2configs/games.nix> + <stockholm/lass/2configs/bitcoin.nix> + <stockholm/lass/2configs/wine.nix> + #<stockholm/lass/2configs/blue-host.nix> + #<stockholm/lass/2configs/xtreemfs.nix> + <stockholm/lass/2configs/syncthing.nix> + <stockholm/lass/2configs/nfs-dl.nix> + #<stockholm/lass/2configs/prism-share.nix> + <stockholm/lass/2configs/ssh-cryptsetup.nix> + ]; + + krebs.build.host = config.krebs.hosts.icarus; + + environment.systemPackages = with pkgs; [ + macchanger + nix-review + ]; + programs.adb.enable = true; +} diff --git a/lass/1systems/xerxes/icarus/physical.nix b/lass/1systems/xerxes/icarus/physical.nix new file mode 100644 index 000000000..e9e09bc05 --- /dev/null +++ b/lass/1systems/xerxes/icarus/physical.nix @@ -0,0 +1,25 @@ +{ + imports = [ + ./config.nix + <stockholm/lass/2configs/hw/x220.nix> + <stockholm/lass/2configs/boot/coreboot.nix> + ]; + + fileSystems = { + "/bku" = { + device = "/dev/mapper/pool-bku"; + fsType = "btrfs"; + options = ["defaults" "noatime" "ssd" "compress=lzo"]; + }; + }; + + services.udev.extraRules = '' + SUBSYSTEM=="net", ATTR{address}=="00:24:d7:f0:a0:0c", NAME="wl0" + SUBSYSTEM=="net", ATTR{address}=="f0:de:f1:71:cb:35", NAME="et0" + ''; + + services.thinkfan.enable = true; + services.tlp.extraConfig = '' + START_CHARGE_THRESH_BAT0=80 + ''; +} diff --git a/lass/1systems/xerxes/physical.nix b/lass/1systems/xerxes/physical.nix index 17caccfe6..f88578e19 100644 --- a/lass/1systems/xerxes/physical.nix +++ b/lass/1systems/xerxes/physical.nix @@ -1,29 +1,86 @@ +{ pkgs, lib, ... }: { imports = [ ./config.nix - <stockholm/lass/2configs/hw/gpd-pocket.nix> - <stockholm/lass/2configs/boot/stock-x220.nix> + <nixpkgs/nixos/modules/installer/scan/not-detected.nix> ]; - services.udev.extraRules = '' - SUBSYSTEM=="net", ATTR{address}=="b0:f1:ec:9f:5c:78", NAME="wl0" + + boot.zfs.enableUnstable = true; + boot.loader.grub = { + enable = true; + device = "/dev/sda"; + efiSupport = true; + }; + boot.loader.efi.canTouchEfiVariables = true; + + # TODO fix touchscreen + boot.blacklistedKernelModules = [ + "goodix" + ]; + boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "usbhid" "sd_mod" ]; + boot.initrd.kernelModules = [ ]; + boot.initrd.luks.devices.crypted.device = "/dev/sda3"; + boot.kernelModules = [ "kvm-intel" ]; + boot.extraModulePackages = [ ]; + boot.kernelParams = [ + "fbcon=rotate:1" + "boot.shell_on_fail" + ]; + + services.xserver.displayManager.sessionCommands = '' + (sleep 2 && ${pkgs.xorg.xrandr}/bin/xrandr --output eDP-1 --rotate right) + (sleep 2 && ${pkgs.xorg.xinput}/bin/xinput set-prop 'Goodix Capacitive TouchScreen' 'Coordinate Transformation Matrix' 0 1 0 -1 0 1 0 0 1) ''; fileSystems."/" = { - device = "/dev/disk/by-uuid/d227d88f-bd24-4e8a-aa14-9e966b471437"; - fsType = "btrfs"; + device = "rpool/root"; + fsType = "zfs"; + }; + + fileSystems."/home" = { + device = "rpool/home"; + fsType = "zfs"; }; fileSystems."/boot" = { - device = "/dev/disk/by-uuid/16C8-D053"; + device = "/dev/disk/by-uuid/E749-784C"; fsType = "vfat"; }; - fileSystems."/home" = { - device = "/dev/disk/by-uuid/1ec4193b-7f41-490d-8782-7677d437b358"; - fsType = "btrfs"; - }; + swapDevices = [ ]; + + boot.extraModprobeConfig = '' + options zfs zfs_arc_max=1073741824 + ''; + + nix.maxJobs = lib.mkDefault 4; + + networking.hostId = "9b0a74ac"; + networking.networkmanager.enable = true; - boot.initrd.luks.devices = [ { name = "luksroot"; device = "/dev/disk/by-uuid/d17f19a3-dcba-456d-b5da-e45cc15dc9c8"; } ]; + hardware.opengl.enable = true; - networking.wireless.enable = true; + services.tlp.enable = true; + services.tlp.extraConfig = '' + CPU_SCALING_GOVERNOR_ON_AC=ondemand + CPU_SCALING_GOVERNOR_ON_BAT=powersave + CPU_MIN_PERF_ON_AC=0 + CPU_MAX_PERF_ON_AC=100 + CPU_MIN_PERF_ON_BAT=0 + CPU_MAX_PERF_ON_BAT=30 + ''; + + services.logind.extraConfig = '' + HandlePowerKey=suspend + IdleAction=suspend + IdleActionSec=300 + ''; + + services.xserver.extraConfig = '' + Section "Device" + Identifier "Intel Graphics" + Driver "Intel" + Option "TearFree" "true" + EndSection + ''; } |