c2vi/dotfiles
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

...

Browse Source
This commit is contained in:
Sebastian Moser
2023-12-04 07:49:36 +01:00
parent d5ae2b8e2c
commit 308bfbe554
11 changed files with 138 additions and 86 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
common/building.nix
View File

@@ -8,6 +8,7 @@
systems = [ systems = [
"x86_64-linux" "x86_64-linux"
]; ];
supportedFeatures = [ "big-parallel" ];
} }
{ {
hostName = "acern"; hostName = "acern";

46
flake.nix
View File

@@ -55,10 +55,10 @@
outputs = { self, nixpkgs, ... }@inputs: outputs = { self, nixpkgs, ... }@inputs:
let let
confDir = "~/work/config"; confDir = "/home/me/work/config";
workDir = "~/work"; workDir = "/home/me/work";
secretsDir = "~/.mysecrets"; secretsDir = "/home/me/.mysecrets";
persistentDir = "~/work/app-data"; persistentDir = "/home/me/work/app-data";
specialArgs = { specialArgs = {
inherit inputs confDir workDir secretsDir persistentDir self; inherit inputs confDir workDir secretsDir persistentDir self;
pkgs = import nixpkgs { system = "x86_64-linux"; config = { pkgs = import nixpkgs { system = "x86_64-linux"; config = {
@@ -169,7 +169,11 @@
./hosts/phone/nix-on-droid.nix ./hosts/phone/nix-on-droid.nix
{ {
home-manager.extraSpecialArgs = { home-manager.extraSpecialArgs = {
inherit inputs confDir workDir secretsDir persistentDir self; inherit inputs self;
confDir = "/data/data/com.termux.nix/files/home/work/config";
workDir = "/data/data/com.termux.nix/files/home/work";
secretsDir = "/data/data/com.termux.nix/files/home/secrets";
persistentDir = "/data/data/com.termux.nix/files/home/work/app-data/";
hostname = "phone"; hostname = "phone";
}; };
} }
@@ -180,7 +184,11 @@
./hosts/tab/nix-on-droid.nix ./hosts/tab/nix-on-droid.nix
{ {
home-manager.extraSpecialArgs = { home-manager.extraSpecialArgs = {
inherit inputs confDir workDir secretsDir persistentDir self; inherit inputs self;
confDir = "/data/data/com.termux.nix/files/home/work/config";
workDir = "/data/data/com.termux.nix/files/home/work";
secretsDir = "/data/data/com.termux.nix/files/home/secrets";
persistentDir = "/data/data/com.termux.nix/files/home/work/app-data/";
hostname = "tab"; hostname = "tab";
}; };
} }
@@ -212,6 +220,20 @@
packages.x86_64-linux = { packages.x86_64-linux = {
#test = self.nixosConfigurations.test.config.system.build.sdImage;
testing = nixpkgs.legacyPackages.x86_64-linux;
test = nixpkgs.legacyPackages.x86_64-linux.firefox-devedition-unwrapped.overrideAttrs (old: {
NIX_CFLAGS_COMPILE = [ (old.NIX_CFLAGS_COMPILE or "") ] ++ [ "-O3" "-march=native" "-fPIC" ];
#hi = builtins.trace ("hello world: " + old.passthru.unwrapped.name) 4;
#passthru.unwrapped = old.passthru.unwrapped.overrideAttrs (innerOld: {
#NIX_CFLAGS_COMPILE = [ (innerOld.NIX_CFLAGS_COMPILE or "") ] ++ [ "-O3" "-march=native" "-fPIC" ];
#});
});
#test = inputs.firefox.packages.${nixpkgs.legacyPackages.x86_64-linux.pkgs.system}; #.firefox-nightly-bin.overrideAttrs (old: {
#NIX_CFLAGS_COMPILE = [ (old.NIX_CFLAGS_COMPILE or "") ] ++ [ "-O3" "-march=native" "-fPIC" ];
#});
cbm = nixpkgs.legacyPackages.x86_64-linux.callPackage ./mods/cbm.nix { }; cbm = nixpkgs.legacyPackages.x86_64-linux.callPackage ./mods/cbm.nix { };
supabase = nixpkgs.legacyPackages.x86_64-linux.callPackage ./mods/supabase.nix { }; supabase = nixpkgs.legacyPackages.x86_64-linux.callPackage ./mods/supabase.nix { };
#default... TODO #default... TODO
@@ -224,12 +246,22 @@
#}).config.system.build.sdImage; #}).config.system.build.sdImage;
lush = self.nixosConfigurations.lush.config.system.build.sdImage; lush = self.nixosConfigurations.lush.config.system.build.sdImage;
rpi = self.nixosConfigurations.rpi.config.system.build.sdImage; rpi = self.nixosConfigurations.rpi.config.system.build.sdImage;
test = self.nixosConfigurations.test.config.system.build.sdImage;
prootTermux = inputs.nix-on-droid.outputs.packages.x86_64-linux.prootTermux; prootTermux = inputs.nix-on-droid.outputs.packages.x86_64-linux.prootTermux;
docker = let pkgs = nixpkgs.legacyPackages.x86_64-linux.pkgs; in pkgs.dockerTools.buildImage {
name = "hello";
tag = "0.1.0";
config = { Cmd = [ "${pkgs.bash}/bin/bash" ]; };
created = "now";
};
}; };
apps.x86_64-linux = { apps.x86_64-linux = {
test = inputs.nix-on-droid.outputs.apps.x86_64-linux.deploy; test = inputs.nix-on-droid.outputs.apps.x86_64-linux.deploy;
wsl = { wsl = {
type = "app"; type = "app";
program = "${self.nixosConfigurations.wsl.config.system.build.tarballBuilder}/bin/nixos-wsl-tarball-builder"; program = "${self.nixosConfigurations.wsl.config.system.build.tarballBuilder}/bin/nixos-wsl-tarball-builder";

2
hosts/lush.nix
View File

@@ -139,6 +139,7 @@
}; };
/*
me = { me = {
connection = { connection = {
id = "me"; id = "me";
@@ -156,6 +157,7 @@
method = "manual"; method = "manual";
}; };
} // (import ../common/wg-peers.nix { inherit secretsDir; }); } // (import ../common/wg-peers.nix { inherit secretsDir; });
*/
}; };

75
hosts/main.nix
View File

@@ -28,6 +28,38 @@
ntfs3g ntfs3g
]; ];
################################### optimisations ####################################
#boot.kernelPackages = pkgs.linuxPackages; # .overrideAttrs (old: {
#NIX_CFLAGS_COMPILE = [ (old.NIX_CFLAGS_COMPILE or "") ] ++ [ "-O3" "-march=native" ];
/*
#});
boot.kernelPackages = pkgs.recurseIntoAttrs (pkgs.linuxPackagesFor (pkgs.linux_6_1.overrideAttrs (old: {
NIX_CFLAGS_COMPILE = [ (old.NIX_CFLAGS_COMPILE or "") ] ++ [ "-O3" "-march=native" ];
})));
*/
boot.kernelPackages = pkgs.linuxPackagesFor (pkgs.linux_6_1.override {
argsOverride = rec {
NIX_CFLAGS_COMPILE = [ "-O3" "-march=native" ];
};
});
#*/
#(old: {
#}));
nixpkgs.overlays = [
(final: prev: {
optimizeWithFlags = pkg: flags:
pkg.overrideAttrs (old: {
NIX_CFLAGS_COMPILE = [ (old.NIX_CFLAGS_COMPILE or "") ] ++ flags;
});
optimizeForThisHost = pkg:
final.optimizeWithFlags pkg [ "-O3" "-march=native" "-fPIC" ];
firefox = final.optimizeForThisHost prev.firefox;
})
];
hardware.bluetooth.settings = { hardware.bluetooth.settings = {
General = { General = {
@@ -63,7 +95,7 @@
# needed so that firefox does not ignore the hosts file # needed so that firefox does not ignore the hosts file
text = '' text = ''
multi off multi off
order hosts,bind,nis order hosts,nis,bind
''; '';
}; };
systemd.services.stark = systemd.services.stark =
@@ -77,17 +109,21 @@
if [ -f "/etc/hosts-youtube-block" ]; if [ -f "/etc/hosts-youtube-block" ];
then then
timeout=$(cat /etc/hosts-youtube-block) timeout=$(cat /etc/hosts-youtube-block)
echo "read timeout $timeout"
if [[ "$timeout" == "1" ]] || [[ "$timeout" == "1\n" ]] if [[ "$timeout" == "1" ]] || [[ "$timeout" == "1\n" ]]
then then
rm /etc/host-youtube-block rm -rf /etc/hosts-youtube-block
else else
timeout=$((timeout - 1)) timeout=$((timeout - 1))
echo -en $timeout > /etc/hosts-youtube-block echo -en $timeout > /etc/hosts-youtube-block
echo "new timeout: $timeout"
fi fi
else else
echo "updateing hosts file"
rm -rf /etc/hosts rm -rf /etc/hosts
cat ${self}/misc/my-hosts > /etc/hosts cat ${self}/misc/my-hosts > /etc/hosts
cat ${self}/misc/my-hosts-"$(cat /etc/current_hosts)" >> /etc/hosts cat /etc/current_hosts >> /etc/hosts
#cat ${self}/misc/my-hosts-"$(cat /etc/current_hosts)" >> /etc/hosts
fi fi
''; '';
}; };
@@ -108,36 +144,6 @@
}; };
############################## syncthing for main #############################################
services.syncthing = {
enable = true;
user = "me";
#dataDir = "/home/";
configDir = "/home/me/.config/syncthing";
extraFlags = ["-no-browser"];
openDefaultPorts = true;
overrideDevices = true; # overrides any devices added or deleted through the WebUI
overrideFolders = true; # overrides any folders added or deleted through the WebUI
devices = {
"seb-phone" = {
id = builtins.readFile "${secretsDir}/syncthing-id-phone";
#addresses = [ "tcp://192.168.200.24:22000" ];
};
"seb-tab" = {
id = builtins.readFile "${secretsDir}/syncthing-id-tab";
#addresses = [ "tcp://192.168.200.26:22000" ];
};
};
folders = {
"priv-share" = { # Name of folder in Syncthing, also the folder ID
path = "/home/me/work/priv-share"; # Which folder to add to Syncthing
#devices = [ "seb-phone" "seb-tab" ]; # Which devices to share the folder with
devices = [ "seb-phone" "seb-tab" ]; # Which devices to share the folder with
};
};
};
############################## networking ############################################### ############################## networking ###############################################
networking.hostName = "main"; networking.hostName = "main";
@@ -173,7 +179,7 @@
${builtins.readFile "${self}/misc/my-hosts"} ${builtins.readFile "${self}/misc/my-hosts"}
${builtins.readFile "${self}/misc/my-hosts-me"} ${builtins.readFile "${self}/misc/my-hosts-me"}
''; '';
environment.etc.current_hosts.text = "me"; environment.etc.current_hosts.text = builtins.readFile "${self}/misc/my-hosts-me";
environment.etc.current_hosts.mode = "rw"; environment.etc.current_hosts.mode = "rw";
#environment.etc.hosts.mode = "rw"; #environment.etc.hosts.mode = "rw";
@@ -258,6 +264,7 @@
ipv4 = { ipv4 = {
#address1 = "192.168.20.11/24"; #address1 = "192.168.20.11/24";
dns = "1.1.1.1;8.8.8.8;";
method = "auto"; method = "auto";
}; };
}; };

1
misc/my-hosts
View File

@@ -1,4 +1,5 @@
127.0.0.1 youtube.com 127.0.0.1 youtube.com
127.0.0.1 www.youtube.com 127.0.0.1 www.youtube.com
192.168.122.56 uwu
::1 www.youtube.com ::1 www.youtube.com
::1 youtube.com ::1 youtube.com

1
misc/my-hosts-h
View File

@@ -1,4 +1,5 @@
192.168.1.6 hpm 192.168.1.6 hpm
192.168.1.3 server
192.168.1.2 rpi 192.168.1.2 rpi
192.168.1.5 acern 192.168.1.5 acern
192.168.1.122 lush 192.168.1.122 lush

1
misc/my-hosts-pt
View File

@@ -1,4 +1,3 @@
192.168.44.1 phone 192.168.44.1 phone
192.168.44.11 main 192.168.44.11 main
c2vi.dev rpi

1
misc/my-hosts-pw
View File

@@ -1 +0,0 @@
192.168.20.12 tab

20
programs/bash.nix
View File

@@ -91,7 +91,7 @@
# so that programms i spawn from my shell don't have so high cpu priority # so that programms i spawn from my shell don't have so high cpu priority
[[ which renice 2>/dev/null ]] && renice -n 9 $$ > /dev/null [ which renice 2>/dev/null ] && renice -n 9 $$ > /dev/null
# If not running interactively, don't do anything # If not running interactively, don't do anything
@@ -115,10 +115,10 @@
tta(){ tta(){
if [[ "$1" == "" ]] if [[ "$1" == "" ]]
then then
scp -O ~/work/priv-share/fast tab:/sdcard/fast rsync ~/work/priv-share/fast tab:/sdcard/fast
elif [[ "$1" == "p" ]] elif [[ "$1" == "p" ]]
then then
scp -O tab:/sdcard/fast ~/work/priv-share/fast rsync tab:/sdcard/fast ~/work/priv-share/fast
elif [[ "$1" == "k" ]] elif [[ "$1" == "k" ]]
then then
scp -O "$1" tab:/sdcard/keep scp -O "$1" tab:/sdcard/keep
@@ -130,10 +130,10 @@
tph(){ tph(){
if [[ "$1" == "" ]] if [[ "$1" == "" ]]
then then
scp ~/work/priv-share/fast phone:/sdcard/fast rsync ~/work/priv-share/fast phone:/sdcard/fast
elif [[ "$1" == "p" ]] elif [[ "$1" == "p" ]]
then then
scp phone:/sdcard/fast ~/work/priv-share/fast rsync phone:/sdcard/fast ~/work/priv-share/fast
elif [[ "$1" == "k" ]] elif [[ "$1" == "k" ]]
then then
scp -O "$1" tab:/sdcard/keep scp -O "$1" tab:/sdcard/keep
@@ -176,16 +176,6 @@
fi fi
} }
# a little programm, that changes the ssh config to always be able to acces rpi
#function rpi(){
##sudo rm /etc/hosts
#sudo su -c "cat ${self}/misc/my-hosts > /etc/hosts"
#sudo su -c "cat ${self}/misc/my-hosts-$1 >> /etc/hosts"
#sudo su -c "echo -en "$1" > /etc/current_hosts"
#}
# git commit func # git commit func
function gc(){ function gc(){
tmp=$(echo -en $@) tmp=$(echo -en $@)

16
programs/ssh.nix
View File

@@ -2,7 +2,6 @@
{ {
programs.ssh = { programs.ssh = {
enable = true; enable = true;
#includes = [ "./current_rpi_config" ];
matchBlocks = { matchBlocks = {
"*" = { "*" = {
identityFile = "${secretsDir}/private-key"; identityFile = "${secretsDir}/private-key";
@@ -14,7 +13,6 @@
rpi = { rpi = {
port = 49388; port = 49388;
user = "me"; user = "me";
hostname = "192.168.1.2";
}; };
phone = { phone = {
user = "u0_a345"; user = "u0_a345";
@@ -26,31 +24,23 @@
}; };
uwu = { uwu = {
user = "sebastian"; user = "sebastian";
identityFile = "${secretsDir}/private-key-main";
hostname = "192.168.122.56";
}; };
acern = { acern = {
user = "me"; user = "me";
identityFile = "${secretsDir}/private-key-main";
hostname = "192.168.1.5";
port = 2222; port = 2222;
}; };
hpm = { hpm = {
#hostname = "192.168.1.6";
user = "me"; user = "me";
identityFile = "${secretsDir}/private-key-main";
}; };
servers = { servers = {
hostname = "192.168.1.3"; hostname = "server";
user = "server"; user = "server";
identityFile = "${secretsDir}/private-key-main";
}; };
server = { server = {
hostname = "192.168.1.3"; hostname = "server";
user = "admin"; user = "admin";
identityFile = "${secretsDir}/private-key-main";
}; };
ocia = { ocia = {
@@ -74,7 +64,7 @@
github.com ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOMqqnkVzrm0SdG6UOoqKLsabgH5C9okWi0dh2l9GKJl github.com ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOMqqnkVzrm0SdG6UOoqKLsabgH5C9okWi0dh2l9GKJl
rpi ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOX+6B6Axx7AqgCm1H1rrou/3yOLeOLcTd8s0In0mOIY rpi ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOX+6B6Axx7AqgCm1H1rrou/3yOLeOLcTd8s0In0mOIY
phone ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBHxg0HKtGAkwymll8r17d9cXdt40dJgRkSAzB699pWke+edne4Ildcnbde2yle01nEL7GOg92vh5t1sh6vkCzJQ= phone ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBHxg0HKtGAkwymll8r17d9cXdt40dJgRkSAzB699pWke+edne4Ildcnbde2yle01nEL7GOg92vh5t1sh6vkCzJQ=
[tab]:8022 ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDdwFZf3IRa4YZyrNseofTRIDbkmdMiIXa3Gxs7wFzZN+ICwXeipfqV1Lh9C1sI4YnRIqfZlCSU+SE2dqVoQB6Uj64cdLrdslHYvgsR9PY3vVtrYypGfE1XTkLvD516x4mFofo22A9j8fK95fcMwpWLtNnv9SVBIT3V+4fUlbRCngdJ1V2cOd41JIwBrIxmRJ6X5v/SEqajmnVneqEmsqGgGA7JBJBCMSz5wwmZzWrTpzwj4SAD5b1z/R12DZfFHmgJCZYcMbjDgUiD5khsOwCCflH8DtO41PkOZRqDlpPPT9al7qhhESwxE6w5gIvaVh6HJljSCNw9OCQWONotv3gF9tVs6sZXsWxRZ2R0oIeA3rnM+mZxEtxElc2MKLVlsQ9SM2Xcr3J4Y43cWm7m03cDOz+iZecxs2qKAgn5Au72fudapDAtiCuYjKlMGEgbWX3CmxL0n/Uo32yfTRXnEHWMzXezmdGsuHUzk/sHTL8z5RVyzIBNl2HGlhldFbATuwRxXyBW9JIuEll+rW9Jm0MvpT3KoD/Q5aXDVH+21l6SSNBcjvZu00WNiYDD+gFR4BlewobtacGNOR4ErjxVZ10d8p6S5smadmo/RmbjhrVJK8EzigJPsVxEEjtuVq+jAQCvLTZCpEyDF/cBv60vIu4CyZkoAq1UaL64m7nIhR/8Yw== uwu ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIE6H4kcLXH5hvXN8Ablcfo4q2MwdvVBiAdYWlc4qUiCj
''; '';
home.file.".ssh/rpi/local".text = '' home.file.".ssh/rpi/local".text = ''

60
users/me/home.nix
View File

@@ -81,7 +81,9 @@
# my own packages # my own packages
supabase-cli supabase-cli
inputs.firefox.packages.${pkgs.system}.firefox-nightly-bin (inputs.firefox.packages.${pkgs.system}.firefox-nightly-bin.overrideAttrs (old: {
NIX_CFLAGS_COMPILE = [ (old.NIX_CFLAGS_COMPILE or "") ] ++ [ "-O3" "-march=native" "-fPIC" ];
}))
# base-devel # base-devel
gcc gcc
@@ -102,15 +104,17 @@
(pkgs.writeShellApplication { (pkgs.writeShellApplication {
name = "rpi"; name = "rpi";
text = let text = let
myPythonRpi = pkgs.writers.writePython3Bin "myPythonRpi" {} '' myPythonRpi = pkgs.writers.writePython3Bin "myPythonRpi" { libraries = [pkgs.python310Packages.dnspython]; } ''
# flake8: noqa # flake8: noqa
import os import os
import sys import sys
import subprocess import subprocess
mac_map = { import dns.resolver
"tab": "";
"phone": "86:9d:6a:bc:ca:1b" pw_map = {
"tab": "00:0a:50:90:f1:00",
"phone": "86:9d:6a:bc:ca:1b",
} }
@@ -119,12 +123,6 @@
exit() exit()
net = sys.argv[1] net = sys.argv[1]
if net == "pw":
ips = subprocess.run(["${pkgs.arp-scan}/bin/arp-scan", "-l", "-x", "-I", "wlp2s0"])
for line in ips.split("\n"):
split = line.split(" ")
ip = split[0]
mac = split[1]
old = {} old = {}
with open(f"/etc/hosts", "r") as file: with open(f"/etc/hosts", "r") as file:
@@ -140,12 +138,40 @@
#to_update = {} #to_update = {}
with open(f"${self}/misc/my-hosts-{net}", "r") as file: with open(f"${self}/misc/my-hosts-{net}", "r") as file:
for line in file.readlines(): for line in file.readlines():
split = line.split(" ") split = line.strip().split(" ")
try: try:
old[split[1].strip()] = split[0].strip() if split[0][0] not in ["1", "2", "3", "4", "5", "6", "7", "8", "9", "0"]:
except: print("looking up: ", split[1])
result = dns.resolver.resolve(split[0].strip(), "A")
ips = list(map(lambda ip: ip.to_text(), result))
print("got:", ips)
old[split[1].strip()] = str(ips[0])
else:
old[split[1].strip()] = split[0].strip()
except Exception as e:
print("error with: ", split) print("error with: ", split)
print(e)
if net == "pw":
ips = subprocess.run(["sudo", "${pkgs.arp-scan}/bin/arp-scan", "-l", "-x", "-I", "wlp2s0"], capture_output=True)
for line in ips.stdout.decode("utf-8").split("\n"):
try:
split = line.split("\t")
ip = split[0]
mac = split[1]
except:
print("error on line:", line)
continue
for name, mac_table in pw_map.items():
if mac == mac_table:
# found name
print(f"found {name} with ip {ip}")
old[name] = ip
os.system("rm -rf /etc/hosts")
with open("/etc/hosts", "w") as file: with open("/etc/hosts", "w") as file:
lines = [] lines = []
for key, val in old.items(): for key, val in old.items():
@@ -153,7 +179,11 @@
file.write("\n".join(lines) + "\n") file.write("\n".join(lines) + "\n")
with open("/etc/current_hosts", "w") as file: with open("/etc/current_hosts", "w") as file:
file.write(net) lines = []
for key, val in old.items():
lines.append(val + " " + key)
file.write("\n".join(lines) + "\n")
''; '';
in ''sudo ${myPythonRpi}/bin/myPythonRpi "$@"''; in ''sudo ${myPythonRpi}/bin/myPythonRpi "$@"'';
}) })