summaryrefslogtreecommitdiff
path: root/Biz
diff options
context:
space:
mode:
Diffstat (limited to 'Biz')
-rw-r--r--Biz/Bild/Rules.nix24
-rw-r--r--Biz/Bild/Sources.json8
-rw-r--r--Biz/Dev/Configuration.nix (renamed from Biz/Dev/configuration.nix)59
-rw-r--r--Biz/Dev/Hardware.nix36
-rw-r--r--Biz/Dev/hardware.nix34
-rw-r--r--Biz/Keys/Ben.pub (renamed from Biz/keys/ben.pub)0
-rw-r--r--Biz/Keys/Deploy.pub (renamed from Biz/keys/deploy.pub)0
-rw-r--r--Biz/Keys/Nick.pub (renamed from Biz/keys/nick.pub)0
-rwxr-xr-xBiz/Lint.py (renamed from Biz/lint.py)0
-rw-r--r--Biz/OsBase.nix24
-rw-r--r--Biz/Packages.nix (renamed from Biz/packages.nix)0
-rw-r--r--Biz/Users.nix (renamed from Biz/users.nix)6
12 files changed, 117 insertions, 74 deletions
diff --git a/Biz/Bild/Rules.nix b/Biz/Bild/Rules.nix
index 9fea5df..e6a6979 100644
--- a/Biz/Bild/Rules.nix
+++ b/Biz/Bild/Rules.nix
@@ -128,27 +128,5 @@ in {
shellHook = ". ${./ShellHook.sh}";
};
- os = cfg: (nixos (args: lib.attrsets.recursiveUpdate cfg {
- boot.cleanTmpDir = true;
- networking.firewall.allowPing = true;
- nix.binaryCaches = [ "https://cache.nixos.org" ];
- nix.gc.automatic = true;
- nix.gc.dates = "Sunday 02:15";
- nix.optimise.automatic = true;
- nix.optimise.dates = [ "Sunday 02:30" ];
- nixpkgs.overlays = overlays;
- programs.mosh.enable = true;
- programs.mosh.withUtempter = true;
- security.acme.email = "ben@bsima.me";
- security.acme.acceptTerms = true;
- security.sudo.wheelNeedsPassword = false;
- services.clamav.daemon.enable = true; # security
- services.clamav.updater.enable = true; # security
- services.fail2ban.enable = true; # security
- services.openssh.enable = true;
- services.openssh.openFirewall = true;
- services.openssh.forwardX11 = true;
- services.openssh.passwordAuthentication = false;
- system.autoUpgrade.enable = false; # 'true' breaks our nixpkgs pin
- })).toplevel;
+ os = cfg: (nixos (args: cfg)).toplevel;
}
diff --git a/Biz/Bild/Sources.json b/Biz/Bild/Sources.json
index d2565a7..da5e255 100644
--- a/Biz/Bild/Sources.json
+++ b/Biz/Bild/Sources.json
@@ -51,15 +51,15 @@
"url_template": "https://github.com/<owner>/<repo>/archive/<rev>.tar.gz"
},
"nixpkgs": {
- "branch": "nixos-19.09",
+ "branch": "nixos-20.09",
"description": "Nix Packages collection",
"homepage": "https://github.com/NixOS/nixpkgs",
"owner": "NixOS",
"repo": "nixpkgs",
- "rev": "b0c285807d6a9f1b7562ec417c24fa1a30ecc31a",
- "sha256": "0waapr7aqz0h1fy1fqlx981ygllh91qx9sz1l2j2h59s46cdircl",
+ "rev": "d105075a1fd870b1d1617a6008cb38b443e65433",
+ "sha256": "1jcs44wn0s6mlf2jps25bvcai1rij9b2dil6zcj8zqwf2i8xmqjh",
"type": "tarball",
- "url": "https://github.com/NixOS/nixpkgs/archive/b0c285807d6a9f1b7562ec417c24fa1a30ecc31a.tar.gz",
+ "url": "https://github.com/NixOS/nixpkgs/archive/d105075a1fd870b1d1617a6008cb38b443e65433.tar.gz",
"url_template": "https://github.com/<owner>/<repo>/archive/<rev>.tar.gz"
},
"regex-applicative": {
diff --git a/Biz/Dev/configuration.nix b/Biz/Dev/Configuration.nix
index 6664163..70c2d36 100644
--- a/Biz/Dev/configuration.nix
+++ b/Biz/Dev/Configuration.nix
@@ -5,6 +5,7 @@ let
torrents = { from = 6000; to = 6999; };
in {
networking = {
+ hostName = "lithium";
hosts = {
"::1" = [ "localhost" "ipv6-localhost" "ipv6-loopback" ];
};
@@ -29,6 +30,24 @@ in {
checkReversePath = false;
};
+ # The global useDHCP flag is deprecated, therefore explicitly set to false here.
+ # Per-interface useDHCP will be mandatory in the future, so this generated config
+ # replicates the default behaviour.
+ useDHCP = false;
+ interfaces.enp1s0.useDHCP = true;
+ interfaces.wlp0s20f0u4.useDHCP = true;
+
+ wireless.enable = true; # Enables wireless support via wpa_supplicant.
+ wireless.interfaces = [ "wlp0s20f0u4" ];
+ wireless.networks = {
+ Simanet = {
+ psk = "1123581321";
+ };
+ Simanet-5g = {
+ psk = "1123581321";
+ priority = 1;
+ };
+ };
};
# Use the systemd-boot EFI boot loader.
@@ -36,13 +55,6 @@ in {
boot.loader.efi.canTouchEfiVariables = true;
boot.enableContainers = true;
- boot.initrd.luks.devices = {
- root = {
- device = "/dev/disk/by-uuid/a0160f25-e0e3-4af0-8236-3e298eac957a";
- preLVM = true;
- };
- };
-
powerManagement.enable = false;
time.timeZone = "America/Los_Angeles";
@@ -52,7 +64,10 @@ in {
fira fira-code fira-code-symbols
];
- environment.systemPackages = [ pkgs.wemux pkgs.tmux ];
+ environment.systemPackages = [
+ #pkgs.wemux
+ pkgs.tmux
+ ];
nixpkgs = {
config = {
@@ -124,14 +139,34 @@ in {
xserver = {
enable = true;
+ autorun = true;
layout = "us";
xkbOptions = "caps:ctrl_modifier";
- displayManager.sddm.enable = true;
+ displayManager = {
+ sddm = {
+ enable = true;
+ enableHidpi = true;
+ };
+ #startx.enable = true;
+ session = [
+ {
+ manage = "desktop";
+ name = "home-manager";
+ start = ''
+ ${pkgs.runtimeShell} $HOME/.hm-xsession &
+ waitPID=$!
+ '';
+ }
+ ];
+ };
desktopManager = {
- kodi.enable = true;
- plasma5.enable = true;
+ #kodi.enable = false;
+ #plasma5.enable = false;
xterm.enable = true;
};
+ windowManager = {
+ xmonad.enable = true;
+ };
};
jupyter = {
@@ -209,5 +244,5 @@ in {
# compatible, in order to avoid breaking some software such as database
# servers. You should change this only after NixOS release notes say you
# should.
- system.stateVersion = "17.09"; # Did you read the comment?
+ system.stateVersion = "20.09"; # Did you read the comment?
}
diff --git a/Biz/Dev/Hardware.nix b/Biz/Dev/Hardware.nix
new file mode 100644
index 0000000..7f87f74
--- /dev/null
+++ b/Biz/Dev/Hardware.nix
@@ -0,0 +1,36 @@
+# Do not modify this file! It was generated by ‘nixos-generate-config’
+# and may be overwritten by future invocations. Please make changes
+# to /etc/nixos/configuration.nix instead.
+{ config, lib, pkgs, modulesPath, ... }:
+
+{
+ imports =
+ [ (modulesPath + "/installer/scan/not-detected.nix")
+ ];
+
+ boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "usb_storage" "usbhid" "sd_mod" ];
+ boot.kernelModules = [ "kvm-intel" ];
+ boot.extraModulePackages = [ ];
+
+ fileSystems."/" =
+ { device = "/dev/disk/by-uuid/f08dd8f9-787c-4e2a-a0cc-7019edc2ce2b";
+ fsType = "ext4";
+ };
+
+ fileSystems."/boot" =
+ { device = "/dev/disk/by-uuid/C67C-D7B5";
+ fsType = "vfat";
+ };
+
+ #fileSystems."/mnt/lake" =
+ # { device = "/dev/disk/by-uuid/037df3ae-4609-402c-ab1d-4593190d0ee7";
+ # fsType = "ext4";
+ # };
+
+ swapDevices = [ ];
+
+ powerManagement.cpuFreqGovernor = lib.mkDefault "powersave";
+
+ # high-resolution display
+ hardware.video.hidpi.enable = lib.mkDefault true;
+}
diff --git a/Biz/Dev/hardware.nix b/Biz/Dev/hardware.nix
deleted file mode 100644
index fc0e7a0..0000000
--- a/Biz/Dev/hardware.nix
+++ /dev/null
@@ -1,34 +0,0 @@
-# Do not modify this file! It was generated by ‘nixos-generate-config’
-# and may be overwritten by future invocations. Please make changes
-# to /etc/nixos/configuration.nix instead.
-{ config, lib, pkgs, ... }:
-
-{
- imports =
- [ <nixpkgs/nixos/modules/installer/scan/not-detected.nix>
- ];
-
- boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "usbhid" "sd_mod" ];
- boot.kernelModules = [ "kvm-intel" ];
- boot.extraModulePackages = [ ];
-
- fileSystems."/" =
- { device = "/dev/disk/by-uuid/0d8b0e52-10de-4af2-bcd9-b36278352e77";
- fsType = "ext4";
- };
-
- fileSystems."/boot" =
- { device = "/dev/disk/by-uuid/9B89-85C7";
- fsType = "vfat";
- };
-
- fileSystems."/mnt/lake" =
- { device = "/dev/disk/by-uuid/037df3ae-4609-402c-ab1d-4593190d0ee7";
- fsType = "ext4";
- };
-
- swapDevices = [ ];
-
- nix.maxJobs = lib.mkDefault 4;
- powerManagement.cpuFreqGovernor = "powersave";
-}
diff --git a/Biz/keys/ben.pub b/Biz/Keys/Ben.pub
index c661508..c661508 100644
--- a/Biz/keys/ben.pub
+++ b/Biz/Keys/Ben.pub
diff --git a/Biz/keys/deploy.pub b/Biz/Keys/Deploy.pub
index 664a2d9..664a2d9 100644
--- a/Biz/keys/deploy.pub
+++ b/Biz/Keys/Deploy.pub
diff --git a/Biz/keys/nick.pub b/Biz/Keys/Nick.pub
index 4dc08fb..4dc08fb 100644
--- a/Biz/keys/nick.pub
+++ b/Biz/Keys/Nick.pub
diff --git a/Biz/lint.py b/Biz/Lint.py
index fccda57..fccda57 100755
--- a/Biz/lint.py
+++ b/Biz/Lint.py
diff --git a/Biz/OsBase.nix b/Biz/OsBase.nix
new file mode 100644
index 0000000..0ba3fca
--- /dev/null
+++ b/Biz/OsBase.nix
@@ -0,0 +1,24 @@
+{...}:
+{
+ boot.cleanTmpDir = true;
+ networking.firewall.allowPing = true;
+ nix.binaryCaches = [ "https://cache.nixos.org" ];
+ nix.gc.automatic = true;
+ nix.gc.dates = "Sunday 02:15";
+ nix.optimise.automatic = true;
+ nix.optimise.dates = [ "Sunday 02:30" ];
+ #nixpkgs.overlays = overlays;
+ programs.mosh.enable = true;
+ programs.mosh.withUtempter = true;
+ security.acme.email = "ben@bsima.me";
+ security.acme.acceptTerms = true;
+ security.sudo.wheelNeedsPassword = false;
+ services.clamav.daemon.enable = true; # security
+ services.clamav.updater.enable = true; # security
+ services.fail2ban.enable = true; # security
+ services.openssh.enable = true;
+ services.openssh.openFirewall = true;
+ services.openssh.forwardX11 = true;
+ services.openssh.passwordAuthentication = false;
+ system.autoUpgrade.enable = false; # 'true' breaks our nixpkgs pin
+}
diff --git a/Biz/packages.nix b/Biz/Packages.nix
index ea032fe..ea032fe 100644
--- a/Biz/packages.nix
+++ b/Biz/Packages.nix
diff --git a/Biz/users.nix b/Biz/Users.nix
index c7c4041..8a804ca 100644
--- a/Biz/users.nix
+++ b/Biz/Users.nix
@@ -21,12 +21,16 @@
# humans
#
root.openssh.authorizedKeys.keyFiles = [ ./Keys/Ben.pub ];
+ root.password = "erewhon";
+
ben = {
description = "Ben Sima";
isNormalUser = true;
home = "/home/ben";
openssh.authorizedKeys.keyFiles = [ ./Keys/Ben.pub ];
- extraGroups = [ "wheel" "networkmanager" "docker" ];
+ extraGroups = [ "wheel" "docker" ];
+ hashedPassword =
+ "$6$SGhdoRB6DhWe$elW8RQE1ebe8JKf1ALW8jGZTPCyn2rpq/0J8MV/A9y8qFMEhA.Z2eiexMgptohZAK5kcGOc6HIUgNzJqnDUvY.";
};
nick = {
description = "Nick Sima";
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-01 09:40:22 +0000