c2vi/dotfiles
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

...

Browse Source
This commit is contained in:
Sebastian Moser
2023-12-04 07:49:36 +01:00
parent d5ae2b8e2c
commit 308bfbe554
11 changed files with 138 additions and 86 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
common/building.nix
View File

@@ -8,6 +8,7 @@
systems = [
"x86_64-linux"
];
supportedFeatures = [ "big-parallel" ];
}
{
hostName = "acern";

46
flake.nix
View File

@@ -55,10 +55,10 @@
outputs = { self, nixpkgs, ... }@inputs:
let
confDir = "~/work/config";
workDir = "~/work";
secretsDir = "~/.mysecrets";
persistentDir = "~/work/app-data";
confDir = "/home/me/work/config";
workDir = "/home/me/work";
secretsDir = "/home/me/.mysecrets";
persistentDir = "/home/me/work/app-data";
specialArgs = {
inherit inputs confDir workDir secretsDir persistentDir self;
pkgs = import nixpkgs { system = "x86_64-linux"; config = {
@@ -169,7 +169,11 @@
./hosts/phone/nix-on-droid.nix
{
home-manager.extraSpecialArgs = {
inherit inputs confDir workDir secretsDir persistentDir self;
inherit inputs self;
confDir = "/data/data/com.termux.nix/files/home/work/config";
workDir = "/data/data/com.termux.nix/files/home/work";
secretsDir = "/data/data/com.termux.nix/files/home/secrets";
persistentDir = "/data/data/com.termux.nix/files/home/work/app-data/";
hostname = "phone";
};
}
@@ -180,7 +184,11 @@
./hosts/tab/nix-on-droid.nix
{
home-manager.extraSpecialArgs = {
inherit inputs confDir workDir secretsDir persistentDir self;
inherit inputs self;
confDir = "/data/data/com.termux.nix/files/home/work/config";
workDir = "/data/data/com.termux.nix/files/home/work";
secretsDir = "/data/data/com.termux.nix/files/home/secrets";
persistentDir = "/data/data/com.termux.nix/files/home/work/app-data/";
hostname = "tab";
};
}
@@ -212,6 +220,20 @@
packages.x86_64-linux = {
#test = self.nixosConfigurations.test.config.system.build.sdImage;
testing = nixpkgs.legacyPackages.x86_64-linux;
test = nixpkgs.legacyPackages.x86_64-linux.firefox-devedition-unwrapped.overrideAttrs (old: {
NIX_CFLAGS_COMPILE = [ (old.NIX_CFLAGS_COMPILE or "") ] ++ [ "-O3" "-march=native" "-fPIC" ];
#hi = builtins.trace ("hello world: " + old.passthru.unwrapped.name) 4;
#passthru.unwrapped = old.passthru.unwrapped.overrideAttrs (innerOld: {
#NIX_CFLAGS_COMPILE = [ (innerOld.NIX_CFLAGS_COMPILE or "") ] ++ [ "-O3" "-march=native" "-fPIC" ];
#});
});
#test = inputs.firefox.packages.${nixpkgs.legacyPackages.x86_64-linux.pkgs.system}; #.firefox-nightly-bin.overrideAttrs (old: {
#NIX_CFLAGS_COMPILE = [ (old.NIX_CFLAGS_COMPILE or "") ] ++ [ "-O3" "-march=native" "-fPIC" ];
#});
cbm = nixpkgs.legacyPackages.x86_64-linux.callPackage ./mods/cbm.nix { };
supabase = nixpkgs.legacyPackages.x86_64-linux.callPackage ./mods/supabase.nix { };
#default... TODO
@@ -224,12 +246,22 @@
#}).config.system.build.sdImage;
lush = self.nixosConfigurations.lush.config.system.build.sdImage;
rpi = self.nixosConfigurations.rpi.config.system.build.sdImage;
test = self.nixosConfigurations.test.config.system.build.sdImage;
prootTermux = inputs.nix-on-droid.outputs.packages.x86_64-linux.prootTermux;
docker = let pkgs = nixpkgs.legacyPackages.x86_64-linux.pkgs; in pkgs.dockerTools.buildImage {
name = "hello";
tag = "0.1.0";
config = { Cmd = [ "${pkgs.bash}/bin/bash" ]; };
created = "now";
};
};
apps.x86_64-linux = {
test = inputs.nix-on-droid.outputs.apps.x86_64-linux.deploy;
wsl = {
type = "app";
program = "${self.nixosConfigurations.wsl.config.system.build.tarballBuilder}/bin/nixos-wsl-tarball-builder";

2
hosts/lush.nix
View File

@@ -139,6 +139,7 @@
};
/*
me = {
connection = {
id = "me";
@@ -156,6 +157,7 @@
method = "manual";
};
} // (import ../common/wg-peers.nix { inherit secretsDir; });
*/
};

75
hosts/main.nix
View File

@@ -28,6 +28,38 @@
ntfs3g
];
################################### optimisations ####################################
#boot.kernelPackages = pkgs.linuxPackages; # .overrideAttrs (old: {
#NIX_CFLAGS_COMPILE = [ (old.NIX_CFLAGS_COMPILE or "") ] ++ [ "-O3" "-march=native" ];
/*
#});
boot.kernelPackages = pkgs.recurseIntoAttrs (pkgs.linuxPackagesFor (pkgs.linux_6_1.overrideAttrs (old: {
NIX_CFLAGS_COMPILE = [ (old.NIX_CFLAGS_COMPILE or "") ] ++ [ "-O3" "-march=native" ];
})));
*/
boot.kernelPackages = pkgs.linuxPackagesFor (pkgs.linux_6_1.override {
argsOverride = rec {
NIX_CFLAGS_COMPILE = [ "-O3" "-march=native" ];
};
});
#*/
#(old: {
#}));
nixpkgs.overlays = [
(final: prev: {
optimizeWithFlags = pkg: flags:
pkg.overrideAttrs (old: {
NIX_CFLAGS_COMPILE = [ (old.NIX_CFLAGS_COMPILE or "") ] ++ flags;
});
optimizeForThisHost = pkg:
final.optimizeWithFlags pkg [ "-O3" "-march=native" "-fPIC" ];
firefox = final.optimizeForThisHost prev.firefox;
})
];
hardware.bluetooth.settings = {
General = {
@@ -63,7 +95,7 @@
# needed so that firefox does not ignore the hosts file
text = ''
multi off
order hosts,bind,nis
order hosts,nis,bind
'';
};
systemd.services.stark =
@@ -77,17 +109,21 @@
if [ -f "/etc/hosts-youtube-block" ];
then
timeout=$(cat /etc/hosts-youtube-block)
echo "read timeout $timeout"
if [[ "$timeout" == "1" ]] || [[ "$timeout" == "1\n" ]]
then
rm /etc/host-youtube-block
rm -rf /etc/hosts-youtube-block
else
timeout=$((timeout - 1))
echo -en $timeout > /etc/hosts-youtube-block
echo "new timeout: $timeout"
fi
else
echo "updateing hosts file"
rm -rf /etc/hosts
cat ${self}/misc/my-hosts > /etc/hosts
cat ${self}/misc/my-hosts-"$(cat /etc/current_hosts)" >> /etc/hosts
cat /etc/current_hosts >> /etc/hosts
#cat ${self}/misc/my-hosts-"$(cat /etc/current_hosts)" >> /etc/hosts
fi
'';
};
@@ -108,36 +144,6 @@
};
############################## syncthing for main #############################################
services.syncthing = {
enable = true;
user = "me";
#dataDir = "/home/";
configDir = "/home/me/.config/syncthing";
extraFlags = ["-no-browser"];
openDefaultPorts = true;
overrideDevices = true; # overrides any devices added or deleted through the WebUI
overrideFolders = true; # overrides any folders added or deleted through the WebUI
devices = {
"seb-phone" = {
id = builtins.readFile "${secretsDir}/syncthing-id-phone";
#addresses = [ "tcp://192.168.200.24:22000" ];
};
"seb-tab" = {
id = builtins.readFile "${secretsDir}/syncthing-id-tab";
#addresses = [ "tcp://192.168.200.26:22000" ];
};
};
folders = {
"priv-share" = { # Name of folder in Syncthing, also the folder ID
path = "/home/me/work/priv-share"; # Which folder to add to Syncthing
#devices = [ "seb-phone" "seb-tab" ]; # Which devices to share the folder with
devices = [ "seb-phone" "seb-tab" ]; # Which devices to share the folder with
};
};
};
############################## networking ###############################################
networking.hostName = "main";
@@ -173,7 +179,7 @@
${builtins.readFile "${self}/misc/my-hosts"}
${builtins.readFile "${self}/misc/my-hosts-me"}
'';
environment.etc.current_hosts.text = "me";
environment.etc.current_hosts.text = builtins.readFile "${self}/misc/my-hosts-me";
environment.etc.current_hosts.mode = "rw";
#environment.etc.hosts.mode = "rw";
@@ -258,6 +264,7 @@
ipv4 = {
#address1 = "192.168.20.11/24";
dns = "1.1.1.1;8.8.8.8;";
method = "auto";
};
};

1
misc/my-hosts
View File

@@ -1,4 +1,5 @@
127.0.0.1 youtube.com
127.0.0.1 www.youtube.com
192.168.122.56 uwu
::1 www.youtube.com
::1 youtube.com

1
misc/my-hosts-h
View File

@@ -1,4 +1,5 @@
192.168.1.6 hpm
192.168.1.3 server
192.168.1.2 rpi
192.168.1.5 acern
192.168.1.122 lush

1
misc/my-hosts-pt
View File

@@ -1,4 +1,3 @@
192.168.44.1 phone
192.168.44.11 main
c2vi.dev rpi

1
misc/my-hosts-pw
View File

@@ -1 +0,0 @@
192.168.20.12 tab

20
programs/bash.nix
View File

@@ -91,7 +91,7 @@
# so that programms i spawn from my shell don't have so high cpu priority
[[ which renice 2>/dev/null ]] && renice -n 9 $$ > /dev/null
[ which renice 2>/dev/null ] && renice -n 9 $$ > /dev/null
# If not running interactively, don't do anything
@@ -115,10 +115,10 @@
tta(){
if [[ "$1" == "" ]]
then
scp -O ~/work/priv-share/fast tab:/sdcard/fast
rsync ~/work/priv-share/fast tab:/sdcard/fast
elif [[ "$1" == "p" ]]
then
scp -O tab:/sdcard/fast ~/work/priv-share/fast
rsync tab:/sdcard/fast ~/work/priv-share/fast
elif [[ "$1" == "k" ]]
then
scp -O "$1" tab:/sdcard/keep
@@ -130,10 +130,10 @@
tph(){
if [[ "$1" == "" ]]
then
scp ~/work/priv-share/fast phone:/sdcard/fast
rsync ~/work/priv-share/fast phone:/sdcard/fast
elif [[ "$1" == "p" ]]
then
scp phone:/sdcard/fast ~/work/priv-share/fast
rsync phone:/sdcard/fast ~/work/priv-share/fast
elif [[ "$1" == "k" ]]
then
scp -O "$1" tab:/sdcard/keep
@@ -176,16 +176,6 @@
fi
}
# a little programm, that changes the ssh config to always be able to acces rpi
#function rpi(){
##sudo rm /etc/hosts
#sudo su -c "cat ${self}/misc/my-hosts > /etc/hosts"
#sudo su -c "cat ${self}/misc/my-hosts-$1 >> /etc/hosts"
#sudo su -c "echo -en "$1" > /etc/current_hosts"
#}
# git commit func
function gc(){
tmp=$(echo -en $@)

16
programs/ssh.nix
View File

@@ -2,7 +2,6 @@
{
programs.ssh = {
enable = true;
#includes = [ "./current_rpi_config" ];
matchBlocks = {
"*" = {
identityFile = "${secretsDir}/private-key";
@@ -14,7 +13,6 @@
rpi = {
port = 49388;
user = "me";
hostname = "192.168.1.2";
};
phone = {
user = "u0_a345";
@@ -26,31 +24,23 @@
};
uwu = {
user = "sebastian";
identityFile = "${secretsDir}/private-key-main";
hostname = "192.168.122.56";
};
acern = {
user = "me";
identityFile = "${secretsDir}/private-key-main";
hostname = "192.168.1.5";
port = 2222;
};
hpm = {
#hostname = "192.168.1.6";
user = "me";
identityFile = "${secretsDir}/private-key-main";
};
servers = {
hostname = "192.168.1.3";
hostname = "server";
user = "server";
identityFile = "${secretsDir}/private-key-main";
};
server = {
hostname = "192.168.1.3";
hostname = "server";
user = "admin";
identityFile = "${secretsDir}/private-key-main";
};
ocia = {
@@ -74,7 +64,7 @@
github.com ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOMqqnkVzrm0SdG6UOoqKLsabgH5C9okWi0dh2l9GKJl
rpi ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOX+6B6Axx7AqgCm1H1rrou/3yOLeOLcTd8s0In0mOIY
phone ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBHxg0HKtGAkwymll8r17d9cXdt40dJgRkSAzB699pWke+edne4Ildcnbde2yle01nEL7GOg92vh5t1sh6vkCzJQ=
[tab]:8022 ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDdwFZf3IRa4YZyrNseofTRIDbkmdMiIXa3Gxs7wFzZN+ICwXeipfqV1Lh9C1sI4YnRIqfZlCSU+SE2dqVoQB6Uj64cdLrdslHYvgsR9PY3vVtrYypGfE1XTkLvD516x4mFofo22A9j8fK95fcMwpWLtNnv9SVBIT3V+4fUlbRCngdJ1V2cOd41JIwBrIxmRJ6X5v/SEqajmnVneqEmsqGgGA7JBJBCMSz5wwmZzWrTpzwj4SAD5b1z/R12DZfFHmgJCZYcMbjDgUiD5khsOwCCflH8DtO41PkOZRqDlpPPT9al7qhhESwxE6w5gIvaVh6HJljSCNw9OCQWONotv3gF9tVs6sZXsWxRZ2R0oIeA3rnM+mZxEtxElc2MKLVlsQ9SM2Xcr3J4Y43cWm7m03cDOz+iZecxs2qKAgn5Au72fudapDAtiCuYjKlMGEgbWX3CmxL0n/Uo32yfTRXnEHWMzXezmdGsuHUzk/sHTL8z5RVyzIBNl2HGlhldFbATuwRxXyBW9JIuEll+rW9Jm0MvpT3KoD/Q5aXDVH+21l6SSNBcjvZu00WNiYDD+gFR4BlewobtacGNOR4ErjxVZ10d8p6S5smadmo/RmbjhrVJK8EzigJPsVxEEjtuVq+jAQCvLTZCpEyDF/cBv60vIu4CyZkoAq1UaL64m7nIhR/8Yw==
uwu ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIE6H4kcLXH5hvXN8Ablcfo4q2MwdvVBiAdYWlc4qUiCj
'';
home.file.".ssh/rpi/local".text = ''

58
users/me/home.nix
View File

@@ -81,7 +81,9 @@
# my own packages
supabase-cli
inputs.firefox.packages.${pkgs.system}.firefox-nightly-bin
(inputs.firefox.packages.${pkgs.system}.firefox-nightly-bin.overrideAttrs (old: {
NIX_CFLAGS_COMPILE = [ (old.NIX_CFLAGS_COMPILE or "") ] ++ [ "-O3" "-march=native" "-fPIC" ];
}))
# base-devel
gcc
@@ -102,15 +104,17 @@
(pkgs.writeShellApplication {
name = "rpi";
text = let
myPythonRpi = pkgs.writers.writePython3Bin "myPythonRpi" {} ''
myPythonRpi = pkgs.writers.writePython3Bin "myPythonRpi" { libraries = [pkgs.python310Packages.dnspython]; } ''
# flake8: noqa
import os
import sys
import subprocess
mac_map = {
"tab": "";
"phone": "86:9d:6a:bc:ca:1b"
import dns.resolver
pw_map = {
"tab": "00:0a:50:90:f1:00",
"phone": "86:9d:6a:bc:ca:1b",
}
@@ -119,12 +123,6 @@
exit()
net = sys.argv[1]
if net == "pw":
ips = subprocess.run(["${pkgs.arp-scan}/bin/arp-scan", "-l", "-x", "-I", "wlp2s0"])
for line in ips.split("\n"):
split = line.split(" ")
ip = split[0]
mac = split[1]
old = {}
with open(f"/etc/hosts", "r") as file:
@@ -140,12 +138,40 @@
#to_update = {}
with open(f"${self}/misc/my-hosts-{net}", "r") as file:
for line in file.readlines():
split = line.split(" ")
split = line.strip().split(" ")
try:
if split[0][0] not in ["1", "2", "3", "4", "5", "6", "7", "8", "9", "0"]:
print("looking up: ", split[1])
result = dns.resolver.resolve(split[0].strip(), "A")
ips = list(map(lambda ip: ip.to_text(), result))
print("got:", ips)
old[split[1].strip()] = str(ips[0])
else:
old[split[1].strip()] = split[0].strip()
except:
except Exception as e:
print("error with: ", split)
print(e)
if net == "pw":
ips = subprocess.run(["sudo", "${pkgs.arp-scan}/bin/arp-scan", "-l", "-x", "-I", "wlp2s0"], capture_output=True)
for line in ips.stdout.decode("utf-8").split("\n"):
try:
split = line.split("\t")
ip = split[0]
mac = split[1]
except:
print("error on line:", line)
continue
for name, mac_table in pw_map.items():
if mac == mac_table:
# found name
print(f"found {name} with ip {ip}")
old[name] = ip
os.system("rm -rf /etc/hosts")
with open("/etc/hosts", "w") as file:
lines = []
for key, val in old.items():
@@ -153,7 +179,11 @@
file.write("\n".join(lines) + "\n")
with open("/etc/current_hosts", "w") as file:
file.write(net)
lines = []
for key, val in old.items():
lines.append(val + " " + key)
file.write("\n".join(lines) + "\n")
'';
in ''sudo ${myPythonRpi}/bin/myPythonRpi "$@"'';
})