diff options
81 files changed, 1609 insertions, 509 deletions
diff --git a/jeschli/1systems/bln/config.nix b/jeschli/1systems/bln/config.nix index 9e5f8c52e..8a3090a49 100644 --- a/jeschli/1systems/bln/config.nix +++ b/jeschli/1systems/bln/config.nix @@ -3,15 +3,17 @@ # and in the NixOS manual (accessible by running ‘nixos-help’). { config, lib, pkgs, ... }: - +# bln config file { imports = [ # Include the results of the hardware scan. <stockholm/jeschli> + <stockholm/jeschli/2configs/virtualbox.nix> + <stockholm/jeschli/2configs/urxvt.nix> ./hardware-configuration.nix # ./dcso-vpn.nix ]; - + jeschliFontSize = 20; # Use the GRUB 2 boot loader. boot.loader.grub.enable = true; boot.loader.grub.version = 2; @@ -35,7 +37,15 @@ allowDiscards = true; } ]; - + environment.shellAliases = { + n = "nix-shell"; + gd = "cd /home/markus/go/src/gitlab.dcso.lolcat"; + gh = "cd /home/markus/go/src/github.com"; + stocki = pkgs.writeDash "deploy" '' + cd ~/stockholm + LOGNAME=jeschli exec nix-shell -I stockholm="$PWD" --run 'deploy --system="bln"' + ''; + }; networking.hostName = lib.mkForce "BLN02NB0154"; # Define your hostname. networking.networkmanager.enable = true; # networking.wireless.enable = true; # Enables wireless support via wpa_supplicant. @@ -54,13 +64,9 @@ # List packages installed in system profile. To search by name, run: # $ nix-env -qaP | grep wget nixpkgs.config.allowUnfree = true; - environment.shellAliases = { - n = "nix-shell"; - gd = "cd /home/markus/go/src/gitlab.dcso.lolcat"; - gh = "cd /home/markus/go/src/github.com"; - }; environment.variables = { GOROOT= [ "${pkgs.go.out}/share/go" ]; }; environment.systemPackages = with pkgs; [ + termite # system helper ag copyq @@ -85,6 +91,7 @@ chromium google-chrome # programming languages + elmPackages.elm go gcc ghc diff --git a/jeschli/1systems/bolide/config.nix b/jeschli/1systems/bolide/config.nix new file mode 100644 index 000000000..83640801f --- /dev/null +++ b/jeschli/1systems/bolide/config.nix @@ -0,0 +1,142 @@ +# Edit this configuration file to define what should be installed on +# your system. Help is available in the configuration.nix(5) man page +# and in the NixOS manual (accessible by running ‘nixos-help’). + +{ config, pkgs, ... }: + +{ + imports = + [ + ./hardware-configuration.nix + <stockholm/jeschli> + <stockholm/jeschli/2configs/urxvt.nix> + ]; + + krebs.build.host = config.krebs.hosts.bolide; + # Use the GRUB 2 boot loader. + boot.loader.grub.enable = true; + boot.loader.grub.version = 2; + # boot.loader.grub.efiSupport = true; + # boot.loader.grub.efiInstallAsRemovable = true; + # boot.loader.efi.efiSysMountPoint = "/boot/efi"; + # Define on which hard drive you want to install Grub. + boot.loader.grub.device = "/dev/sdb"; # or "nodev" for efi only + boot.initrd.luks.devices = [ { + name = "bla"; + device = "/dev/disk/by-uuid/53f1eeaf-a7ac-456c-a2af-778dd8b8d5b0"; + preLVM = true; + allowDiscards = true; + } ]; +# networking.hostName = "bolide"; # Define your hostname. + networking.wireless.enable = true; # Enables wireless support via wpa_supplicant. + + # Select internationalisation properties. + # i18n = { + # consoleFont = "Lat2-Terminus16"; + # consoleKeyMap = "us"; + # defaultLocale = "en_US.UTF-8"; + # }; + + # Set your time zone. + # time.timeZone = "Europe/Amsterdam"; + + # List packages installed in system profile. To search by name, run: + # $ nix-env -qaP | grep wget + environment.shellAliases = { + n = "nix-shell"; + stocki = pkgs.writeDash "deploy" '' + cd ~/stockholm + exec nix-shell -I stockholm="$PWD" --run 'deploy --system="bolide"' + ''; + }; + nixpkgs.config.allowUnfree = true; + environment.systemPackages = with pkgs; [ + wget vim + # system helper + ag + curl + copyq + dmenu + git + i3lock + keepass + networkmanagerapplet + rsync + terminator + tmux + wget + # rxvt_unicode + # editors + emacs + # internet + thunderbird + chromium + google-chrome + # programming languages + go + gcc + ghc + python35 + python35Packages.pip + # go tools + golint + gotools + # dev tools + elmPackages.elm + gnumake + jetbrains.pycharm-professional + jetbrains.webstorm + jetbrains.goland + # document viewer + zathura + ]; + + # Some programs need SUID wrappers, can be configured further or are + # started in user sessions. + # programs.bash.enableCompletion = true; + # programs.mtr.enable = true; + # programs.gnupg.agent = { enable = true; enableSSHSupport = true; }; + + # List services that you want to enable: + + # Enable the OpenSSH daemon. + services.openssh.enable = true; + + # Open ports in the firewall. + # networking.firewall.allowedTCPPorts = [ ... ]; + # networking.firewall.allowedUDPPorts = [ ... ]; + # Or disable the firewall altogether. + # networking.firewall.enable = false; + + # Enable CUPS to print documents. + # services.printing.enable = true; + + # Enable the X11 windowing system. + services.xserver.enable = true; + # services.xserver.layout = "us"; + # services.xserver.xkbOptions = "eurosign:e"; + + services.xserver.displayManager.sddm.enable = true; + services.xserver.windowManager.xmonad.enable = true; + services.xserver.windowManager.xmonad.enableContribAndExtras = true; + # Enable touchpad support. + # services.xserver.libinput.enable = true; + + # Enable the KDE Desktop Environment. + # services.xserver.displayManager.sddm.enable = true; + # services.xserver.desktopManager.plasma5.enable = true; + + # Define a user account. Don't forget to set a password with ‘passwd’. + users.extraUsers.jeschli = { + isNormalUser = true; + uid = 1000; + }; + + # This value determines the NixOS release with which your system is to be + # compatible, in order to avoid breaking some software such as database + # servers. You should change this only after NixOS release notes say you + # should. + system.stateVersion = "17.09"; # Did you read the comment? + +} + diff --git a/jeschli/1systems/bolide/hardware-configuration.nix b/jeschli/1systems/bolide/hardware-configuration.nix new file mode 100644 index 000000000..183b29e42 --- /dev/null +++ b/jeschli/1systems/bolide/hardware-configuration.nix @@ -0,0 +1,32 @@ +# Do not modify this file! It was generated by ‘nixos-generate-config’ +# and may be overwritten by future invocations. Please make changes +# to /etc/nixos/configuration.nix instead. +{ config, lib, pkgs, ... }: + +{ + imports = + [ <nixpkgs/nixos/modules/installer/scan/not-detected.nix> + ]; + + boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "usb_storage" "usbhid" "sd_mod" ]; + boot.kernelModules = [ "kvm-intel" "wl" ]; + boot.extraModulePackages = [ config.boot.kernelPackages.broadcom_sta ]; + + fileSystems."/" = + { device = "/dev/bolide-pool/bolide-root"; + fsType = "ext4"; + }; + + fileSystems."/home" = + { device = "/dev/bolide-pool/bolide-home"; + fsType = "ext4"; + }; + fileSystems."/boot" = + { device = "/dev/disk/by-uuid/3aeb67c4-5b6e-4df2-8013-607fe0fb8525"; + fsType = "ext4"; + }; + swapDevices = [ ]; + + nix.maxJobs = lib.mkDefault 8; + powerManagement.cpuFreqGovernor = "powersave"; +} diff --git a/jeschli/1systems/bolide/source.nix b/jeschli/1systems/bolide/source.nix new file mode 100644 index 000000000..0bd7af50f --- /dev/null +++ b/jeschli/1systems/bolide/source.nix @@ -0,0 +1,4 @@ +import <stockholm/jeschli/source.nix> { + name = "bolide"; + secure = true; +} diff --git a/jeschli/1systems/brauerei/config.nix b/jeschli/1systems/brauerei/config.nix index 2dec45795..eb2bb11d2 100644 --- a/jeschli/1systems/brauerei/config.nix +++ b/jeschli/1systems/brauerei/config.nix @@ -35,6 +35,13 @@ time.timeZone = "Europe/Amsterdam"; nixpkgs.config.allowUnfree = true; # List packages installed in system profile. To search by name, run: # $ nix-env -qaP | grep wget + environment.shellAliases = { + n = "nix-shell"; + stocki = pkgs.writeDash "deploy" '' + cd ~/stockholm + exec nix-shell -I stockholm="$PWD" --run 'deploy --system="brauerei"' + ''; + }; environment.systemPackages = with pkgs; [ # system helper ag @@ -72,6 +79,8 @@ jetbrains.goland # document viewer zathura + # xorg + xorg.xbacklight ]; # Some programs need SUID wrappers, can be configured further or are diff --git a/jeschli/1systems/enklave/config.nix b/jeschli/1systems/enklave/config.nix index 010089017..470566a8b 100644 --- a/jeschli/1systems/enklave/config.nix +++ b/jeschli/1systems/enklave/config.nix @@ -4,6 +4,7 @@ imports = [ <stockholm/jeschli> <stockholm/jeschli/2configs/retiolum.nix> + <stockholm/jeschli/2configs/IM.nix> <stockholm/jeschli/2configs/os-templates/CentOS-7-64bit.nix> { networking.dhcpcd.allowInterfaces = [ @@ -39,6 +40,16 @@ }; }; } + { + services.taskserver = { + enable = true; + fqdn = "enklave.r"; + listenHost = "::"; + listenPort = 53589; + organisations.lass.users = [ "jeschli" ]; + }; + networking.firewall.allowedTCPPorts = [ 53589 ]; + } ]; krebs.build.host = config.krebs.hosts.enklave; diff --git a/jeschli/1systems/enklave/taskserver.nix b/jeschli/1systems/enklave/taskserver.nix new file mode 100644 index 000000000..23b235d70 --- /dev/null +++ b/jeschli/1systems/enklave/taskserver.nix @@ -0,0 +1,10 @@ + { + services.taskserver = { + enable = true; + fqdn = "enklave.r"; + listenHost = "::"; + listenPort = 53589; + organisations.lass.users = [ "jeschli" ]; + }; + networking.firewall.allowedTCPPorts = [ 53589 ]; + } diff --git a/jeschli/2configs/IM.nix b/jeschli/2configs/IM.nix new file mode 100644 index 000000000..171b78242 --- /dev/null +++ b/jeschli/2configs/IM.nix @@ -0,0 +1,56 @@ +with (import <stockholm/lib>); +{ config, lib, pkgs, ... }: +let + tmux = pkgs.writeDashBin "tmux" '' + export TERM=xterm-256color + exec ${pkgs.tmux}/bin/tmux -f ${pkgs.writeText "tmux.conf" '' + set-option -g default-terminal screen-256color + ''} "$@" + ''; +in { + + services.bitlbee = { + enable = true; + portNumber = 6666; + plugins = [ + pkgs.bitlbee-facebook + pkgs.bitlbee-steam + pkgs.bitlbee-discord + ]; + libpurple_plugins = [ pkgs.telegram-purple ]; + }; + + users.extraUsers.chat = { + home = "/home/chat"; + uid = genid "chat"; + useDefaultShell = true; + createHome = true; + openssh.authorizedKeys.keys = with config.krebs.users; [ + jeschli.pubkey + jeschli-bln.pubkey + jeschli-brauerei.pubkey + ]; + packages = [ tmux ]; + }; + + + systemd.services.chat = { + description = "chat environment setup"; + after = [ "network.target" ]; + wantedBy = [ "multi-user.target" ]; + + restartIfChanged = false; + + path = [ + pkgs.rxvt_unicode.terminfo + ]; + + serviceConfig = { + User = "chat"; + RemainAfterExit = true; + Type = "oneshot"; + ExecStart = "${tmux}/bin/tmux -2 new-session -d -s IM ${pkgs.weechat}/bin/weechat"; + ExecStop = "${tmux}/bin/tmux kill-session -t IM"; + }; + }; +} diff --git a/jeschli/2configs/default.nix b/jeschli/2configs/default.nix index 6d788d283..5aaabe24b 100644 --- a/jeschli/2configs/default.nix +++ b/jeschli/2configs/default.nix @@ -4,6 +4,7 @@ with import <stockholm/lib>; imports = [ ./vim.nix ./retiolum.nix + ./zsh.nix <stockholm/lass/2configs/security-workarounds.nix> { environment.variables = { @@ -23,6 +24,9 @@ with import <stockholm/lib>; proot populate + # aliases + (writeDashBin "irc" "ssh chat@enklave -t tmux a") + #style most rxvt_unicode.terminfo diff --git a/jeschli/2configs/urxvt.nix b/jeschli/2configs/urxvt.nix index 69811eb0a..014918748 100644 --- a/jeschli/2configs/urxvt.nix +++ b/jeschli/2configs/urxvt.nix @@ -1,34 +1,39 @@ { config, pkgs, ... }: with import <stockholm/lib>; - { - services.urxvtd.enable = true; - krebs.xresources.enable = true; - krebs.xresources.resources.urxvt = '' - *foreground: rgb:a8/a8/a8 - *background: rgb:00/00/00 - *faceName: DejaVu Sans Mono - *faceSize: 12 - *color0: rgb:00/00/00 - *color1: rgb:a8/00/00 - *color2: rgb:00/a8/00 - *color3: rgb:a8/54/00 - *color4: rgb:00/00/a8 - *color5: rgb:a8/00/a8 - *color6: rgb:00/a8/a8 - *color7: rgb:a8/a8/a8 - *color8: rgb:54/54/54 - *color9: rgb:fc/54/54 - *color10: rgb:54/fc/54 - *color11: rgb:fc/fc/54 - *color12: rgb:54/54/fc - *color13: rgb:fc/54/fc - *color14: rgb:54/fc/fc - *color15: rgb:fc/fc/fc - - URxvt*scrollBar: false - URxvt*urgentOnBell: true - URxvt*font: xft:DejaVu Sans Mono:pixelsize=12 - URXvt*faceSize: 12 - ''; + options.jeschliFontSize = mkOption { + type = types.int; + default = 12; + }; + config = { + services.urxvtd.enable = true; + krebs.xresources.enable = true; + krebs.xresources.resources.urxvt = '' + |