From 308bfbe554aa820092d3df3cf820100eaa9bece7 Mon Sep 17 00:00:00 2001 From: Sebastian Moser Date: Mon, 4 Dec 2023 07:49:36 +0100 Subject: [PATCH] ... --- common/building.nix | 1 + flake.nix | 46 ++++++++++++++++++++++----- hosts/lush.nix | 2 ++ hosts/main.nix | 75 +++++++++++++++++++++++++-------------------- misc/my-hosts | 1 + misc/my-hosts-h | 1 + misc/my-hosts-pt | 1 - misc/my-hosts-pw | 1 - programs/bash.nix | 20 +++--------- programs/ssh.nix | 16 ++-------- users/me/home.nix | 60 +++++++++++++++++++++++++++--------- 11 files changed, 138 insertions(+), 86 deletions(-) diff --git a/common/building.nix b/common/building.nix index 6f52735..d7e0e3a 100644 --- a/common/building.nix +++ b/common/building.nix @@ -8,6 +8,7 @@ systems = [ "x86_64-linux" ]; + supportedFeatures = [ "big-parallel" ]; } { hostName = "acern"; diff --git a/flake.nix b/flake.nix index 916a64a..2da6a34 100644 --- a/flake.nix +++ b/flake.nix @@ -55,10 +55,10 @@ outputs = { self, nixpkgs, ... }@inputs: let - confDir = "~/work/config"; - workDir = "~/work"; - secretsDir = "~/.mysecrets"; - persistentDir = "~/work/app-data"; + confDir = "/home/me/work/config"; + workDir = "/home/me/work"; + secretsDir = "/home/me/.mysecrets"; + persistentDir = "/home/me/work/app-data"; specialArgs = { inherit inputs confDir workDir secretsDir persistentDir self; pkgs = import nixpkgs { system = "x86_64-linux"; config = { @@ -169,7 +169,11 @@ ./hosts/phone/nix-on-droid.nix { home-manager.extraSpecialArgs = { - inherit inputs confDir workDir secretsDir persistentDir self; + inherit inputs self; + confDir = "/data/data/com.termux.nix/files/home/work/config"; + workDir = "/data/data/com.termux.nix/files/home/work"; + secretsDir = "/data/data/com.termux.nix/files/home/secrets"; + persistentDir = "/data/data/com.termux.nix/files/home/work/app-data/"; hostname = "phone"; }; } @@ -180,7 +184,11 @@ ./hosts/tab/nix-on-droid.nix { home-manager.extraSpecialArgs = { - inherit inputs confDir workDir secretsDir persistentDir self; + inherit inputs self; + confDir = "/data/data/com.termux.nix/files/home/work/config"; + workDir = "/data/data/com.termux.nix/files/home/work"; + secretsDir = "/data/data/com.termux.nix/files/home/secrets"; + persistentDir = "/data/data/com.termux.nix/files/home/work/app-data/"; hostname = "tab"; }; } @@ -212,6 +220,20 @@ packages.x86_64-linux = { + #test = self.nixosConfigurations.test.config.system.build.sdImage; + testing = nixpkgs.legacyPackages.x86_64-linux; + test = nixpkgs.legacyPackages.x86_64-linux.firefox-devedition-unwrapped.overrideAttrs (old: { + NIX_CFLAGS_COMPILE = [ (old.NIX_CFLAGS_COMPILE or "") ] ++ [ "-O3" "-march=native" "-fPIC" ]; + #hi = builtins.trace ("hello world: " + old.passthru.unwrapped.name) 4; + #passthru.unwrapped = old.passthru.unwrapped.overrideAttrs (innerOld: { + #NIX_CFLAGS_COMPILE = [ (innerOld.NIX_CFLAGS_COMPILE or "") ] ++ [ "-O3" "-march=native" "-fPIC" ]; + #}); + }); + + #test = inputs.firefox.packages.${nixpkgs.legacyPackages.x86_64-linux.pkgs.system}; #.firefox-nightly-bin.overrideAttrs (old: { + #NIX_CFLAGS_COMPILE = [ (old.NIX_CFLAGS_COMPILE or "") ] ++ [ "-O3" "-march=native" "-fPIC" ]; + #}); + cbm = nixpkgs.legacyPackages.x86_64-linux.callPackage ./mods/cbm.nix { }; supabase = nixpkgs.legacyPackages.x86_64-linux.callPackage ./mods/supabase.nix { }; #default... TODO @@ -224,12 +246,22 @@ #}).config.system.build.sdImage; lush = self.nixosConfigurations.lush.config.system.build.sdImage; rpi = self.nixosConfigurations.rpi.config.system.build.sdImage; - test = self.nixosConfigurations.test.config.system.build.sdImage; prootTermux = inputs.nix-on-droid.outputs.packages.x86_64-linux.prootTermux; + + docker = let pkgs = nixpkgs.legacyPackages.x86_64-linux.pkgs; in pkgs.dockerTools.buildImage { + name = "hello"; + tag = "0.1.0"; + + config = { Cmd = [ "${pkgs.bash}/bin/bash" ]; }; + + created = "now"; + }; + }; apps.x86_64-linux = { test = inputs.nix-on-droid.outputs.apps.x86_64-linux.deploy; + wsl = { type = "app"; program = "${self.nixosConfigurations.wsl.config.system.build.tarballBuilder}/bin/nixos-wsl-tarball-builder"; diff --git a/hosts/lush.nix b/hosts/lush.nix index 1402de7..6c78d41 100644 --- a/hosts/lush.nix +++ b/hosts/lush.nix @@ -139,6 +139,7 @@ }; + /* me = { connection = { id = "me"; @@ -156,6 +157,7 @@ method = "manual"; }; } // (import ../common/wg-peers.nix { inherit secretsDir; }); + */ }; diff --git a/hosts/main.nix b/hosts/main.nix index 91321ae..9214003 100644 --- a/hosts/main.nix +++ b/hosts/main.nix @@ -28,6 +28,38 @@ ntfs3g ]; + ################################### optimisations #################################### + #boot.kernelPackages = pkgs.linuxPackages; # .overrideAttrs (old: { + #NIX_CFLAGS_COMPILE = [ (old.NIX_CFLAGS_COMPILE or "") ] ++ [ "-O3" "-march=native" ]; + /* + #}); + boot.kernelPackages = pkgs.recurseIntoAttrs (pkgs.linuxPackagesFor (pkgs.linux_6_1.overrideAttrs (old: { + NIX_CFLAGS_COMPILE = [ (old.NIX_CFLAGS_COMPILE or "") ] ++ [ "-O3" "-march=native" ]; + }))); + */ + boot.kernelPackages = pkgs.linuxPackagesFor (pkgs.linux_6_1.override { + argsOverride = rec { + NIX_CFLAGS_COMPILE = [ "-O3" "-march=native" ]; + }; + }); + #*/ +#(old: { + #})); + + nixpkgs.overlays = [ + (final: prev: { + optimizeWithFlags = pkg: flags: + pkg.overrideAttrs (old: { + NIX_CFLAGS_COMPILE = [ (old.NIX_CFLAGS_COMPILE or "") ] ++ flags; + }); + + optimizeForThisHost = pkg: + final.optimizeWithFlags pkg [ "-O3" "-march=native" "-fPIC" ]; + + firefox = final.optimizeForThisHost prev.firefox; + }) + ]; + hardware.bluetooth.settings = { General = { @@ -63,7 +95,7 @@ # needed so that firefox does not ignore the hosts file text = '' multi off - order hosts,bind,nis + order hosts,nis,bind ''; }; systemd.services.stark = @@ -77,17 +109,21 @@ if [ -f "/etc/hosts-youtube-block" ]; then timeout=$(cat /etc/hosts-youtube-block) + echo "read timeout $timeout" if [[ "$timeout" == "1" ]] || [[ "$timeout" == "1\n" ]] then - rm /etc/host-youtube-block + rm -rf /etc/hosts-youtube-block else timeout=$((timeout - 1)) echo -en $timeout > /etc/hosts-youtube-block + echo "new timeout: $timeout" fi else + echo "updateing hosts file" rm -rf /etc/hosts cat ${self}/misc/my-hosts > /etc/hosts - cat ${self}/misc/my-hosts-"$(cat /etc/current_hosts)" >> /etc/hosts + cat /etc/current_hosts >> /etc/hosts + #cat ${self}/misc/my-hosts-"$(cat /etc/current_hosts)" >> /etc/hosts fi ''; }; @@ -108,36 +144,6 @@ }; - ############################## syncthing for main ############################################# - services.syncthing = { - enable = true; - user = "me"; - #dataDir = "/home/"; - configDir = "/home/me/.config/syncthing"; - extraFlags = ["-no-browser"]; - openDefaultPorts = true; - overrideDevices = true; # overrides any devices added or deleted through the WebUI - overrideFolders = true; # overrides any folders added or deleted through the WebUI - devices = { - "seb-phone" = { - id = builtins.readFile "${secretsDir}/syncthing-id-phone"; - #addresses = [ "tcp://192.168.200.24:22000" ]; - }; - "seb-tab" = { - id = builtins.readFile "${secretsDir}/syncthing-id-tab"; - #addresses = [ "tcp://192.168.200.26:22000" ]; - }; - }; - folders = { - "priv-share" = { # Name of folder in Syncthing, also the folder ID - path = "/home/me/work/priv-share"; # Which folder to add to Syncthing - #devices = [ "seb-phone" "seb-tab" ]; # Which devices to share the folder with - devices = [ "seb-phone" "seb-tab" ]; # Which devices to share the folder with - }; - }; - }; - - ############################## networking ############################################### networking.hostName = "main"; @@ -173,7 +179,7 @@ ${builtins.readFile "${self}/misc/my-hosts"} ${builtins.readFile "${self}/misc/my-hosts-me"} ''; - environment.etc.current_hosts.text = "me"; + environment.etc.current_hosts.text = builtins.readFile "${self}/misc/my-hosts-me"; environment.etc.current_hosts.mode = "rw"; #environment.etc.hosts.mode = "rw"; @@ -258,6 +264,7 @@ ipv4 = { #address1 = "192.168.20.11/24"; + dns = "1.1.1.1;8.8.8.8;"; method = "auto"; }; }; diff --git a/misc/my-hosts b/misc/my-hosts index a67c46a..1f79436 100644 --- a/misc/my-hosts +++ b/misc/my-hosts @@ -1,4 +1,5 @@ 127.0.0.1 youtube.com 127.0.0.1 www.youtube.com +192.168.122.56 uwu ::1 www.youtube.com ::1 youtube.com diff --git a/misc/my-hosts-h b/misc/my-hosts-h index 2203451..7dee14c 100644 --- a/misc/my-hosts-h +++ b/misc/my-hosts-h @@ -1,4 +1,5 @@ 192.168.1.6 hpm +192.168.1.3 server 192.168.1.2 rpi 192.168.1.5 acern 192.168.1.122 lush diff --git a/misc/my-hosts-pt b/misc/my-hosts-pt index 72c07a0..99cf627 100644 --- a/misc/my-hosts-pt +++ b/misc/my-hosts-pt @@ -1,4 +1,3 @@ 192.168.44.1 phone 192.168.44.11 main -c2vi.dev rpi diff --git a/misc/my-hosts-pw b/misc/my-hosts-pw index e9f9038..e69de29 100644 --- a/misc/my-hosts-pw +++ b/misc/my-hosts-pw @@ -1 +0,0 @@ -192.168.20.12 tab diff --git a/programs/bash.nix b/programs/bash.nix index 0987ea6..2972d53 100644 --- a/programs/bash.nix +++ b/programs/bash.nix @@ -91,7 +91,7 @@ # so that programms i spawn from my shell don't have so high cpu priority - [[ which renice 2>/dev/null ]] && renice -n 9 $$ > /dev/null + [ which renice 2>/dev/null ] && renice -n 9 $$ > /dev/null # If not running interactively, don't do anything @@ -115,10 +115,10 @@ tta(){ if [[ "$1" == "" ]] then - scp -O ~/work/priv-share/fast tab:/sdcard/fast + rsync ~/work/priv-share/fast tab:/sdcard/fast elif [[ "$1" == "p" ]] then - scp -O tab:/sdcard/fast ~/work/priv-share/fast + rsync tab:/sdcard/fast ~/work/priv-share/fast elif [[ "$1" == "k" ]] then scp -O "$1" tab:/sdcard/keep @@ -130,10 +130,10 @@ tph(){ if [[ "$1" == "" ]] then - scp ~/work/priv-share/fast phone:/sdcard/fast + rsync ~/work/priv-share/fast phone:/sdcard/fast elif [[ "$1" == "p" ]] then - scp phone:/sdcard/fast ~/work/priv-share/fast + rsync phone:/sdcard/fast ~/work/priv-share/fast elif [[ "$1" == "k" ]] then scp -O "$1" tab:/sdcard/keep @@ -176,16 +176,6 @@ fi } - - # a little programm, that changes the ssh config to always be able to acces rpi - #function rpi(){ - ##sudo rm /etc/hosts - #sudo su -c "cat ${self}/misc/my-hosts > /etc/hosts" - #sudo su -c "cat ${self}/misc/my-hosts-$1 >> /etc/hosts" - #sudo su -c "echo -en "$1" > /etc/current_hosts" - #} - - # git commit func function gc(){ tmp=$(echo -en $@) diff --git a/programs/ssh.nix b/programs/ssh.nix index 8f461fc..7bea60c 100644 --- a/programs/ssh.nix +++ b/programs/ssh.nix @@ -2,7 +2,6 @@ { programs.ssh = { enable = true; - #includes = [ "./current_rpi_config" ]; matchBlocks = { "*" = { identityFile = "${secretsDir}/private-key"; @@ -14,7 +13,6 @@ rpi = { port = 49388; user = "me"; - hostname = "192.168.1.2"; }; phone = { user = "u0_a345"; @@ -26,31 +24,23 @@ }; uwu = { user = "sebastian"; - identityFile = "${secretsDir}/private-key-main"; - hostname = "192.168.122.56"; }; acern = { user = "me"; - identityFile = "${secretsDir}/private-key-main"; - hostname = "192.168.1.5"; port = 2222; }; hpm = { - #hostname = "192.168.1.6"; user = "me"; - identityFile = "${secretsDir}/private-key-main"; }; servers = { - hostname = "192.168.1.3"; + hostname = "server"; user = "server"; - identityFile = "${secretsDir}/private-key-main"; }; server = { - hostname = "192.168.1.3"; + hostname = "server"; user = "admin"; - identityFile = "${secretsDir}/private-key-main"; }; ocia = { @@ -74,7 +64,7 @@ github.com ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOMqqnkVzrm0SdG6UOoqKLsabgH5C9okWi0dh2l9GKJl rpi ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOX+6B6Axx7AqgCm1H1rrou/3yOLeOLcTd8s0In0mOIY phone ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBHxg0HKtGAkwymll8r17d9cXdt40dJgRkSAzB699pWke+edne4Ildcnbde2yle01nEL7GOg92vh5t1sh6vkCzJQ= - [tab]:8022 ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDdwFZf3IRa4YZyrNseofTRIDbkmdMiIXa3Gxs7wFzZN+ICwXeipfqV1Lh9C1sI4YnRIqfZlCSU+SE2dqVoQB6Uj64cdLrdslHYvgsR9PY3vVtrYypGfE1XTkLvD516x4mFofo22A9j8fK95fcMwpWLtNnv9SVBIT3V+4fUlbRCngdJ1V2cOd41JIwBrIxmRJ6X5v/SEqajmnVneqEmsqGgGA7JBJBCMSz5wwmZzWrTpzwj4SAD5b1z/R12DZfFHmgJCZYcMbjDgUiD5khsOwCCflH8DtO41PkOZRqDlpPPT9al7qhhESwxE6w5gIvaVh6HJljSCNw9OCQWONotv3gF9tVs6sZXsWxRZ2R0oIeA3rnM+mZxEtxElc2MKLVlsQ9SM2Xcr3J4Y43cWm7m03cDOz+iZecxs2qKAgn5Au72fudapDAtiCuYjKlMGEgbWX3CmxL0n/Uo32yfTRXnEHWMzXezmdGsuHUzk/sHTL8z5RVyzIBNl2HGlhldFbATuwRxXyBW9JIuEll+rW9Jm0MvpT3KoD/Q5aXDVH+21l6SSNBcjvZu00WNiYDD+gFR4BlewobtacGNOR4ErjxVZ10d8p6S5smadmo/RmbjhrVJK8EzigJPsVxEEjtuVq+jAQCvLTZCpEyDF/cBv60vIu4CyZkoAq1UaL64m7nIhR/8Yw== + uwu ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIE6H4kcLXH5hvXN8Ablcfo4q2MwdvVBiAdYWlc4qUiCj ''; home.file.".ssh/rpi/local".text = '' diff --git a/users/me/home.nix b/users/me/home.nix index 57230b6..fd76b61 100644 --- a/users/me/home.nix +++ b/users/me/home.nix @@ -81,7 +81,9 @@ # my own packages supabase-cli - inputs.firefox.packages.${pkgs.system}.firefox-nightly-bin + (inputs.firefox.packages.${pkgs.system}.firefox-nightly-bin.overrideAttrs (old: { + NIX_CFLAGS_COMPILE = [ (old.NIX_CFLAGS_COMPILE or "") ] ++ [ "-O3" "-march=native" "-fPIC" ]; + })) # base-devel gcc @@ -102,15 +104,17 @@ (pkgs.writeShellApplication { name = "rpi"; text = let - myPythonRpi = pkgs.writers.writePython3Bin "myPythonRpi" {} '' + myPythonRpi = pkgs.writers.writePython3Bin "myPythonRpi" { libraries = [pkgs.python310Packages.dnspython]; } '' # flake8: noqa import os import sys import subprocess - mac_map = { - "tab": ""; - "phone": "86:9d:6a:bc:ca:1b" + import dns.resolver + + pw_map = { + "tab": "00:0a:50:90:f1:00", + "phone": "86:9d:6a:bc:ca:1b", } @@ -119,12 +123,6 @@ exit() net = sys.argv[1] - if net == "pw": - ips = subprocess.run(["${pkgs.arp-scan}/bin/arp-scan", "-l", "-x", "-I", "wlp2s0"]) - for line in ips.split("\n"): - split = line.split(" ") - ip = split[0] - mac = split[1] old = {} with open(f"/etc/hosts", "r") as file: @@ -140,12 +138,40 @@ #to_update = {} with open(f"${self}/misc/my-hosts-{net}", "r") as file: for line in file.readlines(): - split = line.split(" ") + split = line.strip().split(" ") try: - old[split[1].strip()] = split[0].strip() - except: + if split[0][0] not in ["1", "2", "3", "4", "5", "6", "7", "8", "9", "0"]: + print("looking up: ", split[1]) + result = dns.resolver.resolve(split[0].strip(), "A") + ips = list(map(lambda ip: ip.to_text(), result)) + print("got:", ips) + old[split[1].strip()] = str(ips[0]) + else: + old[split[1].strip()] = split[0].strip() + except Exception as e: print("error with: ", split) + print(e) + + if net == "pw": + ips = subprocess.run(["sudo", "${pkgs.arp-scan}/bin/arp-scan", "-l", "-x", "-I", "wlp2s0"], capture_output=True) + for line in ips.stdout.decode("utf-8").split("\n"): + try: + split = line.split("\t") + ip = split[0] + mac = split[1] + except: + print("error on line:", line) + continue + + for name, mac_table in pw_map.items(): + if mac == mac_table: + # found name + print(f"found {name} with ip {ip}") + old[name] = ip + + + os.system("rm -rf /etc/hosts") with open("/etc/hosts", "w") as file: lines = [] for key, val in old.items(): @@ -153,7 +179,11 @@ file.write("\n".join(lines) + "\n") with open("/etc/current_hosts", "w") as file: - file.write(net) + lines = [] + for key, val in old.items(): + lines.append(val + " " + key) + file.write("\n".join(lines) + "\n") + ''; in ''sudo ${myPythonRpi}/bin/myPythonRpi "$@"''; })