diff --git a/common/nixos-wayland.nix b/common/nixos-wayland.nix index f1d50a2..8d2ccd0 100644 --- a/common/nixos-wayland.nix +++ b/common/nixos-wayland.nix @@ -123,8 +123,27 @@ in { services.blueman.enable = true; hardware.bluetooth.enable = true; + # fix bluetooth-3-0-keyboard not reporting left and right cmd seperately (and remapping the other things the way i want them) + services.udev.extraHwdb = '' + evdev:input:b0005v05AC* + KEYBOARD_KEY_700e3=leftctrl + KEYBOARD_KEY_700e7=rightalt + KEYBOARD_KEY_700e2=leftmeta + KEYBOARD_KEY_700e0=leftalt + ''; + services.keyd = { enable = true; + /* + keyboards.bluetooth-3-0-keyboard = { + ids = [ "05ac:0255:f22563e9" ]; + settings.main = { + leftalt = "meta"; + leftcontrol = "leftalt"; + }; + }; + */ + #keyboards.default.ids = [ "-05ac:0255" ]; completely disables my rebinding...... hmmmm keyboards.default.settings = { main = { leftalt = "leftcontrol"; @@ -256,27 +275,27 @@ in { output * scale 1 bg #121212 solid_color #################### from nwg-display - # Generated by nwg-displays on 2025-07-09 at 20:13:34. Do not edit manually. + # Generated by nwg-displays on 2025-09-18 at 21:21:58. Do not edit manually. - output "eDP-1" { - mode 1920x1080@60.001Hz - pos 0 1080 - transform normal - scale 1.0 - scale_filter nearest - adaptive_sync off - dpms on - } - output "DP-1" { - mode 3840x2160@59.997Hz - pos 1920 0 - transform normal - scale 1.0 - scale_filter nearest - adaptive_sync off - dpms on - } - output "DP-2" disable + output "eDP-1" { + mode 1920x1080@60.001Hz + pos 0 1888 + transform normal + scale 1.0 + scale_filter nearest + adaptive_sync off + dpms on + } + output "DP-1" { + mode 3840x2160@59.997Hz + pos 1920 0 + transform normal + scale 1.0 + scale_filter nearest + adaptive_sync off + dpms on + } + output "DP-2" disable #################### end from nwg-display set $disp2 "DP-1" diff --git a/flake.lock b/flake.lock index 16addab..3274d21 100644 --- a/flake.lock +++ b/flake.lock @@ -84,6 +84,28 @@ "type": "github" } }, + "arion": { + "inputs": { + "flake-parts": "flake-parts", + "haskell-flake": "haskell-flake", + "nixpkgs": [ + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1758372896, + "narHash": "sha256-dUhnDMEeqCzf7Ad74VP3B6c51LiR/1JXc2XQ2X18Qik=", + "owner": "hercules-ci", + "repo": "arion", + "rev": "2ad420c828f6cac28261a14fc7b00e7b29dacc99", + "type": "github" + }, + "original": { + "owner": "hercules-ci", + "repo": "arion", + "type": "github" + } + }, "c2vi-config": { "inputs": { "firefox": "firefox_2", @@ -999,11 +1021,11 @@ "nixpkgs": "nixpkgs_2" }, "locked": { - "lastModified": 1752151250, - "narHash": "sha256-q8fRoDM/LH8l7YHaDqkCB/h9WX6OR7NYsQvnFPU5ZwU=", + "lastModified": 1759062765, + "narHash": "sha256-yFwzSPFEQyEAmfDcyGW7Dnk04n/PySWQ9LMXIGGOLh0=", "owner": "nix-community", "repo": "flake-firefox-nightly", - "rev": "f5df06bf5571945c8f8abde44931a13627df9183", + "rev": "cdf90e51df10590114d5cf30d0e6363e95061418", "type": "github" }, "original": { @@ -1020,11 +1042,11 @@ }, "locked": { "dir": "pkgs/firefox-addons", - "lastModified": 1752120209, - "narHash": "sha256-htBJrss6a1Zh510pXecBYlYLRXkYs+9PcT+JNim54Cw=", + "lastModified": 1758879217, + "narHash": "sha256-vWk2iw/i5c0RHc/zLVyB51UYvmbzPq3uB14NN7kaouE=", "owner": "rycee", "repo": "nur-expressions", - "rev": "46fbfdbbbd5418716fced1d049aecba0ac370033", + "rev": "58402e09ad48f9f509d9249b8704c1a4f390c434", "type": "gitlab" }, "original": { @@ -1386,6 +1408,27 @@ } }, "flake-parts": { + "inputs": { + "nixpkgs-lib": [ + "arion", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1756770412, + "narHash": "sha256-+uWLQZccFHwqpGqr2Yt5VsW/PbeJVTn9Dk6SHWhNRPw=", + "owner": "hercules-ci", + "repo": "flake-parts", + "rev": "4524271976b625a4a605beefd893f270620fd751", + "type": "github" + }, + "original": { + "owner": "hercules-ci", + "repo": "flake-parts", + "type": "github" + } + }, + "flake-parts_2": { "inputs": { "nixpkgs-lib": [ "nur", @@ -1999,6 +2042,22 @@ "type": "github" } }, + "haskell-flake": { + "locked": { + "lastModified": 1675296942, + "narHash": "sha256-u1X1sblozi5qYEcLp1hxcyo8FfDHnRUVX3dJ/tW19jY=", + "owner": "srid", + "repo": "haskell-flake", + "rev": "c2cafce9d57bfca41794dc3b99c593155006c71e", + "type": "github" + }, + "original": { + "owner": "srid", + "ref": "0.1.0", + "repo": "haskell-flake", + "type": "github" + } + }, "home-manager": { "inputs": { "nixpkgs": [ @@ -2006,11 +2065,11 @@ ] }, "locked": { - "lastModified": 1751810233, - "narHash": "sha256-kllkNbIqQi3VplgTMeGzuh1t8Gk8TauvkTRt93Km+tQ=", + "lastModified": 1758463745, + "narHash": "sha256-uhzsV0Q0I9j2y/rfweWeGif5AWe0MGrgZ/3TjpDYdGA=", "owner": "nix-community", "repo": "home-manager", - "rev": "9b0873b46c9f9e4b7aa01eb634952c206af53068", + "rev": "3b955f5f0a942f9f60cdc9cacb7844335d0f21c3", "type": "github" }, "original": { @@ -2164,11 +2223,11 @@ "nixpkgs-lib": "nixpkgs-lib" }, "locked": { - "lastModified": 1751804099, - "narHash": "sha256-xl30pF4Rq7p7zI/2bdem8DXncJbsJBkO3dRmpaHJ3PE=", + "lastModified": 1754828166, + "narHash": "sha256-i7c+fpXVsnvj2+63Gl3YfU1hVyxbLeqeFj55ZBZACWI=", "owner": "nix-community", "repo": "lib-aggregate", - "rev": "70b9076f07f94d9269babb0b4d5ed0b5223c1259", + "rev": "f01c8d121a3100230612be96e4ac668e15eafb77", "type": "github" }, "original": { @@ -2417,11 +2476,11 @@ "ws-butler": "ws-butler" }, "locked": { - "lastModified": 1701264882, - "narHash": "sha256-MBXR7x7Ua8qystlGr+lenwjQd7dsFNFpEFmtHhh10zM=", + "lastModified": 1757881340, + "narHash": "sha256-bTrp7CtkIrczwpg0kayedP9T91+xEYcWci3GvkBsThc=", "owner": "nix-community", "repo": "nix-doom-emacs", - "rev": "f7413022370f24bb53cb450bfb2803233510113e", + "rev": "dbb02d7cb21f2826acf76b956bc3fe18dcf7ec5d", "type": "github" }, "original": { @@ -2712,11 +2771,11 @@ ] }, "locked": { - "lastModified": 1751774635, - "narHash": "sha256-DuOznGdgMxeSlPpUu6Wkq0ZD5e2Cfv9XRZeZlHWMd1s=", + "lastModified": 1759032422, + "narHash": "sha256-WZf+FhebP2/1pK2np5xj/NuDjD6fXK2BHnq/tPUN18o=", "owner": "Mic92", "repo": "nix-index-database", - "rev": "85686025ba6d18df31cc651a91d5adef63378978", + "rev": "ec7a78cb0e098832d8acac091a4df393259c4839", "type": "github" }, "original": { @@ -2999,11 +3058,11 @@ "nixpkgs": "nixpkgs_5" }, "locked": { - "lastModified": 1752138162, - "narHash": "sha256-ClgAN2eyqlkRjpnU9y0AL+Rg3ICs5k2sJvCjuSit57A=", + "lastModified": 1758785683, + "narHash": "sha256-mRn51IeEBXeNh5a6xNLylk4PKBX0s/QQxgkEbYoPq/w=", "owner": "nix-community", "repo": "NixOS-WSL", - "rev": "11500b1ad1c01f7ade38b487924ae89f69f3d022", + "rev": "1bfb978f2f6261b6086e04af17f9418e1fe36d70", "type": "github" }, "original": { @@ -3230,11 +3289,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1752048960, - "narHash": "sha256-gATnkOe37eeVwKKYCsL+OnS2gU4MmLuZFzzWCtaKLI8=", + "lastModified": 1758663926, + "narHash": "sha256-6CFdj7Xs616t1W4jLDH7IohAAvl5Dyib3qEv/Uqw1rk=", "owner": "nixos", "repo": "nixos-hardware", - "rev": "7ced9122cff2163c6a0212b8d1ec8c33a1660806", + "rev": "170ff93c860b2a9868ed1e1102d4e52cb3d934e1", "type": "github" }, "original": { @@ -3290,11 +3349,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1757034884, - "narHash": "sha256-PgLSZDBEWUHpfTRfFyklmiiLBE1i1aGCtz4eRA3POao=", + "lastModified": 1746576598, + "narHash": "sha256-FshoQvr6Aor5SnORVvh/ZdJ1Sa2U4ZrIMwKBX5k2wu0=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "ca77296380960cd497a765102eeb1356eb80fed0", + "rev": "b3582c75c7f21ce0b429898980eddbbf05c68e55", "type": "github" }, "original": { @@ -3434,11 +3493,11 @@ }, "nixpkgs-lib": { "locked": { - "lastModified": 1751764648, - "narHash": "sha256-YcOV5pjz6CGo3rogh6Cn+idk1D54stnHKPssKZHdSKA=", + "lastModified": 1754788789, + "narHash": "sha256-x2rJ+Ovzq0sCMpgfgGaaqgBSwY+LST+WbZ6TytnT9Rk=", "owner": "nix-community", "repo": "nixpkgs.lib", - "rev": "ad3b5848957727196961b696418a3cea370b77a8", + "rev": "a73b9c743612e4244d865a2fdee11865283c04e6", "type": "github" }, "original": { @@ -3550,11 +3609,11 @@ }, "nixpkgs-unstable": { "locked": { - "lastModified": 1751984180, - "narHash": "sha256-LwWRsENAZJKUdD3SpLluwDmdXY9F45ZEgCb0X+xgOL0=", + "lastModified": 1758690382, + "narHash": "sha256-NY3kSorgqE5LMm1LqNwGne3ZLMF2/ILgLpFr1fS4X3o=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "9807714d6944a957c2e036f84b0ff8caf9930bc0", + "rev": "e643668fd71b949c53f8626614b21ff71a07379d", "type": "github" }, "original": { @@ -3834,11 +3893,11 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1752124863, - "narHash": "sha256-5rWuf6RAlMDp/CAEuyYEz7ryxzgjxOCgUDhWEef864c=", + "lastModified": 1759046355, + "narHash": "sha256-6XrsRkVv9ei9wRu3bQ9Sh17/UrvZFi38gWiHV9CWTn4=", "owner": "nixos", "repo": "nixpkgs", - "rev": "40de82b434526744da778ed53c742c1282d9e75e", + "rev": "5099bd78fcf8c36c9a85ac7c9f5515aa706716a3", "type": "github" }, "original": { @@ -4084,11 +4143,11 @@ }, "nixpkgs_5": { "locked": { - "lastModified": 1751792365, - "narHash": "sha256-J1kI6oAj25IG4EdVlg2hQz8NZTBNYvIS0l4wpr9KcUo=", + "lastModified": 1758277210, + "narHash": "sha256-iCGWf/LTy+aY0zFu8q12lK8KuZp7yvdhStehhyX1v8w=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "1fd8bada0b6117e6c7eb54aad5813023eed37ccb", + "rev": "8eaee110344796db060382e15d3af0a9fc396e0e", "type": "github" }, "original": { @@ -4100,11 +4159,11 @@ }, "nixpkgs_6": { "locked": { - "lastModified": 1752162966, - "narHash": "sha256-3MxxkU8ZXMHXcbFz7UE4M6qnIPTYGcE/7EMqlZNnVDE=", + "lastModified": 1759090419, + "narHash": "sha256-Njtgv8AwGCEdq8VeO+O9CtjSP4ArVTXEpa84yJpveGM=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "10e687235226880ed5e9f33f1ffa71fe60f2638a", + "rev": "04e1ec9c5dbf94ab78b6b755b5ec28c1d6dd5392", "type": "github" }, "original": { @@ -4116,11 +4175,11 @@ }, "nixpkgs_7": { "locked": { - "lastModified": 1751984180, - "narHash": "sha256-LwWRsENAZJKUdD3SpLluwDmdXY9F45ZEgCb0X+xgOL0=", + "lastModified": 1758690382, + "narHash": "sha256-NY3kSorgqE5LMm1LqNwGne3ZLMF2/ILgLpFr1fS4X3o=", "owner": "nixos", "repo": "nixpkgs", - "rev": "9807714d6944a957c2e036f84b0ff8caf9930bc0", + "rev": "e643668fd71b949c53f8626614b21ff71a07379d", "type": "github" }, "original": { @@ -4418,15 +4477,15 @@ }, "nur": { "inputs": { - "flake-parts": "flake-parts", + "flake-parts": "flake-parts_2", "nixpkgs": "nixpkgs_7" }, "locked": { - "lastModified": 1752169447, - "narHash": "sha256-RkmaDo+SjuNrDC41640pWTrwgVwmiFmy1noiK09sxRs=", + "lastModified": 1759091793, + "narHash": "sha256-BBeGZR3lbAp9x1CJxjQ2FkUZX4iOf5UIRvwUPQrSfFw=", "owner": "nix-community", "repo": "NUR", - "rev": "c32fcb4a2c7edd97934f5a3520cb2e66f90cb623", + "rev": "e88fd7766e9b1af996a438341cbbd51d6ca1c621", "type": "github" }, "original": { @@ -4895,11 +4954,11 @@ ] }, "locked": { - "lastModified": 1743438845, - "narHash": "sha256-1GSaoubGtvsLRwoYwHjeKYq40tLwvuFFVhGrG8J9Oek=", + "lastModified": 1758265079, + "narHash": "sha256-amLaLNwKSZPShQHzfgmc/9o76dU8xzN0743dWgvYlr8=", "owner": "nix-community", "repo": "pyproject.nix", - "rev": "8063ec98edc459571d042a640b1c5e334ecfca1e", + "rev": "02e9418fd4af638447dca4b17b1280da95527fc9", "type": "github" }, "original": { @@ -5054,6 +5113,7 @@ }, "root": { "inputs": { + "arion": "arion", "disko": "disko", "firefox": "firefox", "firefox-addons": "firefox-addons", @@ -5838,11 +5898,11 @@ ] }, "locked": { - "lastModified": 1750353031, - "narHash": "sha256-Bx7DOPLhkr8Z60U9Qw4l0OidzHoqLDKQH5rDV5ef59A=", + "lastModified": 1753541826, + "narHash": "sha256-foGgZu8+bCNIGeuDqQ84jNbmKZpd+JvnrL2WlyU4tuU=", "owner": "nix-community", "repo": "nixos-vscode-server", - "rev": "4ec4859b12129c0436b0a471ed1ea6dd8a317993", + "rev": "6d5f074e4811d143d44169ba4af09b20ddb6937d", "type": "github" }, "original": { @@ -5880,11 +5940,11 @@ ] }, "locked": { - "lastModified": 1748247366, - "narHash": "sha256-+uQh9e8F8KjC5HzHCztvDvW4xZdI4TZVxNFjaesL338=", + "lastModified": 1757845097, + "narHash": "sha256-pA+G2XGZ1ZDDJ2L5SG0JcvACXNm0oZ3n2erujcD3A9o=", "owner": "liff", "repo": "waveforms-flake", - "rev": "7b5dc468bfb2a284f97d29b91f9a9fe5acd5a673", + "rev": "c6fac3b8694ab95a3f4204b6bf110df9d2594d0f", "type": "github" }, "original": { @@ -6009,11 +6069,11 @@ "zephyr": "zephyr_2" }, "locked": { - "lastModified": 1743625659, - "narHash": "sha256-sdM/skladcDTed+Xyp0/YneaDpwVpeA6hBLWR1Uc/6Y=", + "lastModified": 1758543734, + "narHash": "sha256-2Rc5DxtBXRlojC9BufB9aVP6oVo8Y7qV3U+fc5Pgm/8=", "owner": "adisbladis", "repo": "zephyr-nix", - "rev": "5ba6564b7f2db1508bcf87f0f869b8e4f8be96c1", + "rev": "b614ffaa1343beacaca254213451186af10e88f6", "type": "github" }, "original": { @@ -6025,16 +6085,16 @@ "zephyr_2": { "flake": false, "locked": { - "lastModified": 1721992675, - "narHash": "sha256-rmOHH0uRU27U2T4w4+FEMcAcuiZ7W7p4vOwtSwiAFNY=", + "lastModified": 1752880629, + "narHash": "sha256-N5VgJMYJZCgTe3Qj59KVynxD0Gs5+qawXkH2geWTEE0=", "owner": "zephyrproject-rtos", "repo": "zephyr", - "rev": "36940db938a8f4a1e919496793ed439850a221c2", + "rev": "413b789deb391d3a37d06b463288a5fe765ee57e", "type": "github" }, "original": { "owner": "zephyrproject-rtos", - "ref": "v3.7.0", + "ref": "v4.2.0", "repo": "zephyr", "type": "github" } @@ -6068,11 +6128,11 @@ ] }, "locked": { - "lastModified": 1751762606, - "narHash": "sha256-uhAx0iVSpjukhRbLOVdLbFxFF886E8u3/PvW8a25jw0=", + "lastModified": 1759019986, + "narHash": "sha256-/5WVzkUZZ7oX/e65cw/40+Vet26T1Uho7Kqq1EYB+6Y=", "owner": "lilyinstarlight", "repo": "zmk-nix", - "rev": "f528613ff83fd56967332a0ccd54e85ba9c46647", + "rev": "c54acf72030701cbf00c77ff262511815a758066", "type": "github" }, "original": { diff --git a/flake.nix b/flake.nix index 468bcc9..84886cf 100644 --- a/flake.nix +++ b/flake.nix @@ -32,6 +32,11 @@ nix-doom-emacs.url = "github:nix-community/nix-doom-emacs"; + arion = { + url = "github:hercules-ci/arion"; + inputs.nixpkgs.follows = "nixpkgs"; + }; + nix-index-database.url = "github:Mic92/nix-index-database"; nix-index-database.inputs.nixpkgs.follows = "nixpkgs"; @@ -110,6 +115,7 @@ workDir = "/home/me/work"; secretsDir = "/home/me/secrets"; persistentDir = "/home/me/work/app-data"; + dataDir = "/home/me/host"; tunepkgs = import nixpkgs { @@ -150,7 +156,7 @@ }; specialArgs = { - inherit inputs confDir workDir secretsDir persistentDir self tunepkgs unstable nur pkgsUnstable; + inherit inputs confDir workDir secretsDir persistentDir self tunepkgs unstable nur pkgsUnstable dataDir; system = "x86_64-linux"; pkgs = mypkgs; }; @@ -266,7 +272,7 @@ # default value if no --mode provided - MODE="default" + MODE="format" ARGS=() while [[ $# -gt 0 ]]; do @@ -295,6 +301,15 @@ DO_FLASH=yes shift 1 ;; + --efi-vars) + ARGS+=("--write-efi-boot-entries") # all other args preserved + shift 1 + ;; + --help) + ARGS+=("--help") # all other args preserved + DO_FLASH=yes + shift 1 + ;; --disk) # --mode VALUE if [[ $# -lt 3 ]]; then echo "Error: --disk requires two values" >&2 @@ -342,6 +357,7 @@ in { te = createFlashScript "te"; ki = createFlashScript "ki"; + fasu = createFlashScript "fasu"; }; test = inputs.nix-on-droid.outputs.apps.x86_64-linux.deploy; @@ -482,15 +498,6 @@ ]; }; - # lesh... seccond raspi - "le" = nixpkgs.lib.nixosSystem { - inherit specialArgs; - system = "aarch64-linux"; - modules = [ - ./hosts/le.nix - ]; - }; - "te" = nixpkgs.lib.nixosSystem { inherit specialArgs; system = "x86_64-linux"; @@ -544,6 +551,16 @@ ]; }; + # lesh... seccond raspi + "le" = nixpkgs.lib.nixosSystem rec { + specialArgs = { inherit inputs confDir workDir secretsDir persistentDir self system; }; + system = "aarch64-linux"; + modules = [ + ./hosts/le.nix + ]; + }; + + "hec-tmp" = nixpkgs.lib.nixosSystem rec { system = "aarch64-linux"; specialArgs = { inherit inputs confDir workDir secretsDir persistentDir self system; }; diff --git a/hosts/fasu.nix b/hosts/fasu.nix index ed13604..f729c07 100644 --- a/hosts/fasu.nix +++ b/hosts/fasu.nix @@ -6,22 +6,13 @@ ../common/nixos.nix ../common/building.nix + inputs.disko.nixosModules.disko inputs.home-manager.nixosModules.home-manager ../users/me/headless.nix ../users/root/default.nix ../users/server/headles.nix ]; - fileSystems."/" = { - device = "/dev/disk/by-label/fasu-root"; - fsType = "ext4"; - }; - - fileSystems."/boot" = { - device = "/dev/disk/by-label/FASU-BOOT"; - fsType = "vfat"; - }; - # allow acern to ssh into server users.users.server.openssh.authorizedKeys.keys = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHTV1VoNAjMha5IP+qb8XABDo02pW3iN0yPBIbSqZA27 me@acern" @@ -35,16 +26,6 @@ } ]; - # Use the GRUB 2 boot loader. - boot.loader.grub = { - enable = true; - #device = "/dev/nbd1"; - device = "nodev"; - efiSupport = false; - extraConfig = '' - set timeout=2 - ''; - }; #fileSystems."/boot" = { # device = "/dev/disk/by-label/fusu-boot"; @@ -124,4 +105,43 @@ }; }; + ############### disk config + boot.plymouth.enable = false; + boot.loader.grub.enable = true; + boot.loader.grub.efiSupport = false; + boot.loader.grub.efiInstallAsRemovable = false; + boot.loader.grub.devices = [ "nodev" ]; + boot.loader.grub.extraConfig = '' + set timeout=2 + ''; + + # the flash drive in use for fasu + disko.devices.disk.root.device = "/dev/nbd0"; + disko.devices = { + disk = { + root = { + type = "disk"; + content = { + type = "gpt"; + partitions = { + + biosboot = { + size = "2M"; + type = "21686148-6449-6E6F-744E-656564454649"; # BIOS boot + }; + + root = { + size = "100%"; + content = { + type = "filesystem"; + format = "ext4"; + mountpoint = "/"; + }; + }; + }; + }; + }; + }; + }; + } diff --git a/hosts/fe.nix b/hosts/fe.nix index fccf333..b67294e 100644 --- a/hosts/fe.nix +++ b/hosts/fe.nix @@ -163,4 +163,9 @@ nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; + ################################ services ############################ + services.traefik = { + }; + + } diff --git a/hosts/fusu.nix b/hosts/fusu.nix index 32a5638..ec9e61e 100644 --- a/hosts/fusu.nix +++ b/hosts/fusu.nix @@ -1,6 +1,7 @@ -{ inputs, pkgs, secretsDir, ... }: -{ +{ inputs, pkgs, secretsDir, config, system, ... }: let + +in { #disabledModules = [ "services/databases/couchdb.nix" ]; imports = [ @@ -14,6 +15,9 @@ ../users/root/default.nix ../users/files/headless.nix ../users/server/headless.nix + + inputs.arion.nixosModules.arion + ../mods/fusu-services.nix ]; # mac address for wakeonlan: 00:19:99:fd:28:23 @@ -37,12 +41,19 @@ services.tailscale.enable = true; + + services.resilio = { - # TODO: add the config for the share to here enable = true; enableWebUI = true; httpListenAddr = "100.70.54.18"; + checkForUpdates = false; + listeningPort = 44444; }; + networking.firewall.interfaces."tailscale0".allowedTCPPorts = [ + 44444 # resilio sync + 9000 # resilio webui + ]; boot.supportedFilesystems = [ "zfs" ]; @@ -55,15 +66,6 @@ fsType = "zfs"; }; - virtualisation.libvirtd = { - enable = true; - qemuOvmf = true; - qemuSwtpm = true; - #qemuOvmfPackage = pkgs.OVMFFull; - }; - virtualisation.docker.enable = true; - users.users.server.extraGroups = [ "docker" ]; - # Use the GRUB 2 boot loader. boot.loader.grub = { enable = true; @@ -98,12 +100,6 @@ networking.firewall.allowPing = true; networking.firewall.enable = true; - networking.firewall.interfaces."tailscale0".allowedTCPPorts = [ - 443 # couchdb for obsidian live sync https - 44444 # resilio sync - 9000 # resilio webui - ]; - services.samba.openFirewall = true; networking.firewall.allowedTCPPorts = [ @@ -154,6 +150,8 @@ fuse3 terraform usbutils + qemu_full + libvirt ]; nix.settings = { diff --git a/hosts/ki.nix b/hosts/ki.nix index de31fa4..1e3a2b7 100644 --- a/hosts/ki.nix +++ b/hosts/ki.nix @@ -1,13 +1,5 @@ { lib, secretsDir, pkgs, inputs, unstable, ... }: let -myobs = pkgs.wrapOBS { - plugins = with pkgs.obs-studio-plugins; [ - obs-ndi - obs-teleport - ]; -}; - - in { imports = [ @@ -25,7 +17,9 @@ in { services.tailscale.enable = true; programs.nix-ld.enable = true; - networking.hostName = "mac"; + services.keyd.enable = lib.mkForce false; + + networking.hostName = "ki"; networking.firewall.enable = false; services.avahi = { enable = true; @@ -60,6 +54,22 @@ in { 4410 # lan-mouse ]; + services.resilio = { + enable = true; + enableWebUI = true; + httpListenAddr = "100.96.201.42"; + checkForUpdates = false; + listeningPort = 44444; + }; + users.users.me.extraGroups = [ "rslsync" ]; + users.users.rslsync.extraGroups = [ "users" ]; + users.users.me.homeMode = "770"; # important for resilio + networking.firewall.interfaces."tailscale0".allowedTCPPorts = [ + 44444 # resilio sync + 9000 # resilio webui + ]; + + swapDevices = [ { device = "/swapfile"; } ]; boot.kernelModules = [ "usbip_core" ]; @@ -70,6 +80,10 @@ in { "aarch64-linux" ]; + home-manager.users.me.home.file.".config/sway/config".text = '' + exec ${pkgs.wayvnc}/bin/wayvnc 0.0.0.0 6666 + ''; + virtualisation.libvirtd = { enable = true; qemuOvmf = true; @@ -102,68 +116,16 @@ in { ''; }; - - services.greetd = lib.mkForce { - enable = true; - settings = rec { - terminal.vt = 1; - initial_session = let - - newerUnstableSrc = builtins.getFlake "nixpkgs/d0fc30899600b9b3466ddb260fd83deb486c32f1"; - newerUnstable = import newerUnstableSrc.outPath {}; - - mySway = newerUnstable.sway.override { - sway-unwrapped = (newerUnstable.sway-unwrapped.overrideAttrs (prev: { - /* - src = pkgs.fetchFromGitHub { - owner = "WillPower3309"; - repo = "swayfx"; - rev = ""; - hash = ""; - }; - */ - src = pkgs.fetchFromGitHub { - owner = "swaywm"; - repo = "sway"; - rev = "73c244fb4807a29c6599d42c15e8a8759225b2d6"; - hash = "sha256-P2w1oRVUNBWajt8jZOxPXvBE29urbrhtORy+lfYqnF8="; - }; - })).override { - wlroots = newerUnstable.wlroots.overrideAttrs (prev: { - version = "master"; - src = pkgs.fetchFromGitLab { - domain = "gitlab.freedesktop.org"; - owner = "wlroots"; - repo = "wlroots"; - rev = "master"; - sha256 = "sha256-2FK6FGRpgf/YYqwJST0LVA/pnNRSUDrfrrp6mSwA0Fk="; - }; - - }); - }; - }; - - in { - #command = "${pkgs.greetd.tuigreet}/bin/tuigreet --time -d --env WLR_RENDERER_ALLOW_SOFTWARE=1 --cmd sway"; - command = "${pkgs.greetd.tuigreet}/bin/tuigreet --time --cmd ${pkgs.writeScriptBin "run-sway" '' - export WLR_RENDERER_ALLOW_SOFTWARE=1 - export SDL_VIDEODRIVER=wayland - export _JAVA_AWT_WM_NONREPARENTING=1 - export QT_QPA_PLATFORM=wayland - export XDG_CURRENT_DESKTOP=sway - export XDG_SESSION_DESKTOP=sway - exec ${pkgs.lib.getExe mySway} - ''}/bin/run-sway"; - user = "me"; - }; - default_session = initial_session; - }; - }; - - systemd.extraConfig = "DefaultLimitNOFILE=2048"; - ###################################################### the kiosk stuff + services.logind = { + extraConfig = '' + HandlePowerKey=suspend-then-hibernate + ''; + lidSwitch = "ignore"; + lidSwitchExternalPower = "ignore"; + lidSwitchDocked = "ignore"; + }; services.dbus.enable = true; @@ -218,7 +180,7 @@ in { }; wifi = { mode = "ap"; - ssid = "c2vi-mac"; + ssid = "c2vi-ki"; }; wifi-security = { @@ -297,6 +259,11 @@ in { type = "gpt"; partitions = { + biosboot = { + size = "2M"; + type = "21686148-6449-6E6F-744E-656564454649"; # BIOS boot + }; + ESP = { size = "1G"; type = "EF00"; diff --git a/hosts/le.nix b/hosts/le.nix index b0a277f..0c7259c 100644 --- a/hosts/le.nix +++ b/hosts/le.nix @@ -124,7 +124,7 @@ 3240 # usbip ]; - networking.hostName = "lush"; + networking.hostName = "le"; networking.networkmanager.enable = true; @@ -136,7 +136,7 @@ type = "wifi"; interface-name = "wlan0"; autoconnect = true; - autoconnect-priority = "-200"; + autoconnect-priority = "400"; }; wifi = { @@ -156,6 +156,29 @@ }; }; + hot = { + connection = { + id = "hot"; + uuid = "ab51de8a-9742-465a-928b-be54a83ab6a3"; + type = "wifi"; + interface-name = "wlp3s0"; + autoconnect-priority = "200"; + }; + wifi = { + mode = "ap"; + ssid = "c2vi-le"; + }; + + wifi-security = { + key-mgmt = "wpa-psk"; + psk = builtins.readFile "${secretsDir}/wifi-password"; + }; + + ipv4 = { + method = "shared"; + }; + }; + hh40 = { connection = { id = "hh40"; @@ -163,7 +186,7 @@ type = "wifi"; interface-name = "wlan0"; autoconnect = true; - autoconnect-priority = "-999"; + autoconnect-priority = "300"; }; wifi = { @@ -188,7 +211,7 @@ id = "dhcp"; uuid = "c006389a-1697-4f77-91c3-95b466f85f13"; type = "ethernet"; - autoconnect = "true"; + autoconnect = true; interface-name = "end0"; }; diff --git a/hosts/mac.nix b/hosts/mac.nix index 8ca04ba..6031dc2 100644 --- a/hosts/mac.nix +++ b/hosts/mac.nix @@ -24,6 +24,8 @@ in { services.tailscale.enable = true; programs.nix-ld.enable = true; + services.pid-fan-controller.enable = true; + networking.hostName = "mac"; networking.firewall.enable = false; services.avahi = { @@ -88,6 +90,7 @@ in { }; environment.systemPackages = with pkgs; [ + lm_sensors linuxPackages.usbip helvum passt @@ -216,7 +219,7 @@ in { in { #command = "${pkgs.greetd.tuigreet}/bin/tuigreet --time -d --env WLR_RENDERER_ALLOW_SOFTWARE=1 --cmd sway"; - command = "${pkgs.greetd.tuigreet}/bin/tuigreet --time --cmd ${pkgs.writeScriptBin "run-sway" '' + command = "${pkgs.writeScriptBin "run-sway" '' export WLR_RENDERER_ALLOW_SOFTWARE=1 export SDL_VIDEODRIVER=wayland export _JAVA_AWT_WM_NONREPARENTING=1 @@ -353,6 +356,7 @@ in { uuid = "e0103dac-7da0-4e32-a01b-487b8c4c813c"; type = "wifi"; interface-name = "wlp3s0"; + autoconnect-priority = "200"; }; wifi = { @@ -378,8 +382,8 @@ in { id = "hot"; uuid = "ab51de8a-9742-465a-928b-be54a83ab6a3"; type = "wifi"; - autoconnect = false; interface-name = "wlp3s0"; + autoconnect-priority = "100"; }; wifi = { mode = "ap"; @@ -426,6 +430,7 @@ in { uuid = "c006389a-1697-4f77-91c3-95b466f85f13"; type = "ethernet"; autoconnect = true; + autoconnect-priority = "200"; interface-name = "enp2s0"; }; diff --git a/hosts/main.nix b/hosts/main.nix index a24ff5b..a217b7c 100644 --- a/hosts/main.nix +++ b/hosts/main.nix @@ -1,5 +1,5 @@ -{ pkgs, lib, workDir, self, secretsDir, config, inputs, system, pkgsUnstable, ... }: +{ pkgs, lib, persistentDir, self, secretsDir, config, inputs, system, pkgsUnstable, ... }: { # https://bugzilla.kernel.org/show_bug.cgi?id=110941 @@ -167,8 +167,15 @@ services.resilio = { enable = true; enableWebUI = true; + httpListenAddr = "100.71.47.106"; + checkForUpdates = false; + listeningPort = 44444; }; users.users.me.homeMode = "770"; # important for resilio + networking.firewall.interfaces."tailscale0".allowedTCPPorts = [ + 44444 # resilio sync + 9000 # resilio webui + ]; @@ -203,11 +210,11 @@ ################# make firefox default browser environment.sessionVariables.DEFAULT_BROWSER = "firefox"; # for electron apps xdg.mime.defaultApplications = { - "text/html" = "firefox.desktop"; - "x-scheme-handler/http" = "firefox.desktop"; - "x-scheme-handler/https" = "firefox.desktop"; - "x-scheme-handler/about" = "firefox.desktop"; - "x-scheme-handler/unknown" = "firefox.desktop"; + "text/html" = "firefox-nightly.desktop"; + "x-scheme-handler/http" = "firefox-nightly.desktop"; + "x-scheme-handler/https" = "firefox-nightly.desktop"; + "x-scheme-handler/about" = "firefox-nightly.desktop"; + "x-scheme-handler/unknown" = "firefox-nightly.desktop"; }; @@ -393,6 +400,62 @@ ''; # */ + + + + ################################ extra home-manager config for main ############################# + home-manager.users.me.programs.bash = { + bashrcExtra = '' + + function rp () { + host=$1 + + if [[ "$host" == "mosatop" ]] + then + xfreerdp /u:"c2vi" /v:mosatop /p:$(cat ${secretsDir}/mosatop-rdp-password) /dynamic-resolution +clipboard +auto-reconnect /wm-class:"Microsoft Windows" + + elif [[ "$host" == "acern" ]] + then + xfreerdp /u:"seb" /v:acern /p:$(cat ${secretsDir}/acern-rdp-password) /dynamic-resolution +clipboard +auto-reconnect /wm-class:"Microsoft Windows" + + elif [[ "$host" == "mwin" ]] + then + xfreerdp /u:"me" /v:mac:4400 /p:$(cat /home/me/secrets/win-vm-pwd) /dynamic-resolution +clipboard +auto-reconnect +home-drive /wm-class:"Microsoft Windows"; + + elif [[ "$host" == "win" ]] + then + xfreerdp /u:"me" /v:192.168.122.141 /p:$(cat /home/me/secrets/win-vm-pwd) /dynamic-resolution +clipboard +auto-reconnect +home-drive /wm-class:"Microsoft Windows"; + + elif [[ "$host" == "phone" ]] + then + ssh phone "source ~/.bashrc && on" + ${pkgs.rustdesk}/bin/rustdesk --connect 100.77.80.77 + + elif [[ "$host" == "fwin" ]] + then + ${pkgs.remmina}/bin/remmina -c ${persistentDir}/remmina/fwin.remmina + + elif [[ "$host" == "ki" ]] + then + ${pkgs.remmina}/bin/remmina -c ${persistentDir}/remmina/ki.remmina + + elif [[ "$host" == "mac" ]] + then + ${pkgs.remmina}/bin/remmina -c ${persistentDir}/remmina/mac.remmina + + elif [[ "$host" == "mandroid" ]] + then + ${pkgs.remmina}/bin/remmina -c ${persistentDir}/remmina/mandroid.remmina + + fi + } + complete -W "mosatop acern phone mwin win fwin ki mac mandroid" rp + ''; + }; + + + + ################################ my youtube blocking service ############################# environment.etc."host.conf" = { # needed so that firefox does not ignore the hosts file @@ -436,10 +499,6 @@ services.samba.openFirewall = true; - networking.firewall.interfaces."tailscale0".allowedTCPPorts = [ - 44444 # resilio sync - ]; - networking.firewall.allowedTCPPorts = [ 5357 # wsdd 8888 # for general usage diff --git a/hosts/te.nix b/hosts/te.nix index 10d038e..981f26a 100644 --- a/hosts/te.nix +++ b/hosts/te.nix @@ -289,7 +289,7 @@ in { boot.loader.grub.enable = true; boot.loader.grub.efiSupport = true; boot.loader.grub.efiInstallAsRemovable = true; - boot.loader.grub.devices = [ "nodev" ]; + boot.loader.grub.device = "nodev"; boot.initrd.availableKernelModules = [ "xhci_pci" "ehci_pci" diff --git a/log b/log new file mode 100644 index 0000000..95bc7d3 --- /dev/null +++ b/log @@ -0,0 +1,220 @@ +warning: Git tree '/home/me/work/config' is dirty +evaluation warning: You have set specialArgs.pkgs, which means that options like nixpkgs.config + and nixpkgs.overlays will be ignored. If you wish to reuse an already created + pkgs, which you know is configured correctly for this NixOS configuration, + please import the `nixosModules.readOnlyPkgs` module from the nixpkgs flake or + `(modulesPath + "/misc/nixpkgs/read-only.nix"), and set `{ nixpkgs.pkgs = ; }`. + This properly disables the ignored options to prevent future surprises. +error: + … while calling the 'derivationStrict' builtin + at :37:12: + 36| + 37| strict = derivationStrict drvAttrs; + | ^ + 38| + + … while evaluating derivation 'nixos-image-sd-card-25.05.20250710.10e6872-x86_64-linux.img.zst' + whose name attribute is located at /nix/store/f4989aa56frar4hhr107kg3dxmvv4g9h-source/pkgs/stdenv/generic/make-derivation.nix:480:13 + + … while evaluating attribute 'buildCommand' of derivation 'nixos-image-sd-card-25.05.20250710.10e6872-x86_64-linux.img.zst' + at /nix/store/f4989aa56frar4hhr107kg3dxmvv4g9h-source/nixos/modules/installer/sd-card/sd-image.nix:235:9: + 234| + 235| buildCommand = '' + | ^ + 236| mkdir -p $out/nix-support $out/sd-image + + … from call site + at /nix/store/f4989aa56frar4hhr107kg3dxmvv4g9h-source/nixos/modules/installer/sd-card/sd-image.nix:285:13: + 284| mkdir firmware + 285| ${config.sdImage.populateFirmwareCommands} + | ^ + 286| + + … while calling anonymous lambda + at /nix/store/f4989aa56frar4hhr107kg3dxmvv4g9h-source/lib/attrsets.nix:1182:17: + 1181| mapAttrs ( + 1182| name: value: + | ^ + 1183| if isAttrs value && cond value then recurse (path ++ [ name ]) value else f (path ++ [ name ]) value + + … from call site + at /nix/store/f4989aa56frar4hhr107kg3dxmvv4g9h-source/lib/attrsets.nix:1183:85: + 1182| name: value: + 1183| if isAttrs value && cond value then recurse (path ++ [ name ]) value else f (path ++ [ name ]) value + | ^ + 1184| ); + + … while calling anonymous lambda + at /nix/store/f4989aa56frar4hhr107kg3dxmvv4g9h-source/lib/modules.nix:273:71: + 272| # For definitions that have an associated option + 273| declaredConfig = mapAttrsRecursiveCond (v: !isOption v) (_: v: v.value) options; + | ^ + 274| + + … while evaluating the attribute 'value' + at /nix/store/f4989aa56frar4hhr107kg3dxmvv4g9h-source/lib/modules.nix:1084:7: + 1083| // { + 1084| value = addErrorContext "while evaluating the option `${showOption loc}':" value; + | ^ + 1085| inherit (res.defsFinal') highestPrio; + + … while evaluating the option `sdImage.populateFirmwareCommands': + + … while evaluating the attribute 'mergedValue' + at /nix/store/f4989aa56frar4hhr107kg3dxmvv4g9h-source/lib/modules.nix:1131:5: + 1130| # Type-check the remaining definitions, and merge them. Or throw if no definitions. + 1131| mergedValue = + | ^ + 1132| if isDefined then + + … while evaluating a branch condition + at /nix/store/f4989aa56frar4hhr107kg3dxmvv4g9h-source/lib/modules.nix:1132:7: + 1131| mergedValue = + 1132| if isDefined then + | ^ + 1133| if all (def: type.check def.value) defsFinal then + + … while evaluating the attribute 'values' + at /nix/store/f4989aa56frar4hhr107kg3dxmvv4g9h-source/lib/modules.nix:1125:9: + 1124| { + 1125| values = defs'''; + | ^ + 1126| inherit (defs'') highestPrio; + + … while evaluating a branch condition + at /nix/store/f4989aa56frar4hhr107kg3dxmvv4g9h-source/lib/modules.nix:1119:11: + 1118| # Avoid sorting if we don't have to. + 1119| if any (def: def.value._type or "" == "order") defs''.values then + | ^ + 1120| sortProperties defs''.values + + … while calling the 'any' builtin + at /nix/store/f4989aa56frar4hhr107kg3dxmvv4g9h-source/lib/modules.nix:1119:14: + 1118| # Avoid sorting if we don't have to. + 1119| if any (def: def.value._type or "" == "order") defs''.values then + | ^ + 1120| sortProperties defs''.values + + … while evaluating the attribute 'values' + at /nix/store/f4989aa56frar4hhr107kg3dxmvv4g9h-source/lib/modules.nix:1252:7: + 1251| { + 1252| values = concatMap (def: if getPrio def == highestPrio then [ (strip def) ] else [ ]) defs; + | ^ + 1253| inherit highestPrio; + + … while calling the 'concatMap' builtin + at /nix/store/f4989aa56frar4hhr107kg3dxmvv4g9h-source/lib/modules.nix:1252:16: + 1251| { + 1252| values = concatMap (def: if getPrio def == highestPrio then [ (strip def) ] else [ ]) defs; + | ^ + 1253| inherit highestPrio; + + … while calling the 'concatMap' builtin + at /nix/store/f4989aa56frar4hhr107kg3dxmvv4g9h-source/lib/modules.nix:1099:17: + 1098| # Process mkMerge and mkIf properties. + 1099| defs' = concatMap ( + | ^ + 1100| m: + + … while calling anonymous lambda + at /nix/store/f4989aa56frar4hhr107kg3dxmvv4g9h-source/lib/modules.nix:1100:11: + 1099| defs' = concatMap ( + 1100| m: + | ^ + 1101| map ( + + … while calling the 'map' builtin + at /nix/store/f4989aa56frar4hhr107kg3dxmvv4g9h-source/lib/modules.nix:1101:11: + 1100| m: + 1101| map ( + | ^ + 1102| value: + + … while evaluating definitions from `/nix/store/f4989aa56frar4hhr107kg3dxmvv4g9h-source/nixos/modules/installer/sd-card/sd-image-aarch64.nix': + + … from call site + at /nix/store/f4989aa56frar4hhr107kg3dxmvv4g9h-source/lib/modules.nix:1110:80: + 1109| } + 1110| ) (addErrorContext "while evaluating definitions from `${m.file}':" (dischargeProperties m.value)) + | ^ + 1111| ) defs; + + … while calling 'dischargeProperties' + at /nix/store/f4989aa56frar4hhr107kg3dxmvv4g9h-source/lib/modules.nix:1203:5: + 1202| dischargeProperties = + 1203| def: + | ^ + 1204| if def._type or "" == "merge" then + + … while evaluating a branch condition + at /nix/store/f4989aa56frar4hhr107kg3dxmvv4g9h-source/lib/modules.nix:1204:5: + 1203| def: + 1204| if def._type or "" == "merge" then + | ^ + 1205| concatMap dischargeProperties def.contents + + … while evaluating the attribute 'value' + at /nix/store/f4989aa56frar4hhr107kg3dxmvv4g9h-source/lib/modules.nix:770:21: + 769| inherit (module) file; + 770| inherit value; + | ^ + 771| }) module.config + + … in the condition of the assert statement + at /nix/store/f4989aa56frar4hhr107kg3dxmvv4g9h-source/lib/customisation.nix:422:9: + 421| outPath = + 422| assert condition; + | ^ + 423| drv.outPath; + + … while evaluating the attribute 'handled' + at /nix/store/f4989aa56frar4hhr107kg3dxmvv4g9h-source/pkgs/stdenv/generic/check-meta.nix:653:9: + 652| # or, alternatively, just output a warning message. + 653| handled = ( + | ^ + 654| if valid == "yes" then + + … from call site + at /nix/store/f4989aa56frar4hhr107kg3dxmvv4g9h-source/pkgs/stdenv/generic/check-meta.nix:657:14: + 656| else if valid == "no" then + 657| (handleEvalIssue { inherit meta attrs; } { inherit (validity) reason errormsg; }) + | ^ + 658| else if valid == "warn" then + + … while calling 'handleEvalIssue' + at /nix/store/f4989aa56frar4hhr107kg3dxmvv4g9h-source/pkgs/stdenv/generic/check-meta.nix:301:5: + 300| { meta, attrs }: + 301| { + | ^ + 302| reason, + + … while calling the 'throw' builtin + at /nix/store/f4989aa56frar4hhr107kg3dxmvv4g9h-source/pkgs/stdenv/generic/check-meta.nix:318:5: + 317| in + 318| handler msg; + | ^ + 319| + + error: Package ‘uboot-rpi_3_defconfig-2025.01’ in /nix/store/f4989aa56frar4hhr107kg3dxmvv4g9h-source/pkgs/misc/uboot/default.nix:148 is not available on the requested hostPlatform: + hostPlatform.config = "x86_64-unknown-linux-gnu" + package.meta.platforms = [ + "aarch64-linux" + ] + package.meta.badPlatforms = [ ] + , refusing to evaluate. + + a) To temporarily allow packages that are unsupported for this system, you can use an environment variable + for a single invocation of the nix tools. + + $ export NIXPKGS_ALLOW_UNSUPPORTED_SYSTEM=1 + + Note: When using `nix shell`, `nix build`, `nix develop`, etc with a flake, + then pass `--impure` in order to allow use of environment variables. + + b) For `nixos-rebuild` you can set + { nixpkgs.config.allowUnsupportedSystem = true; } + in configuration.nix to override this. + + c) For `nix-env`, `nix-build`, `nix-shell` or any other Nix command you can add + { allowUnsupportedSystem = true; } + to ~/.config/nixpkgs/config.nix. diff --git a/misc/my-hosts-t b/misc/my-hosts-t index ba68d75..a455d95 100644 --- a/misc/my-hosts-t +++ b/misc/my-hosts-t @@ -1,8 +1,12 @@ 100.71.47.106 main 100.77.80.77 phone 100.70.54.18 fusu +100.70.54.18 files 100.81.207.107 lush 100.76.146.119 tab 100.70.39.65 waydroid -100.78.105.36 mac 100.107.67.76 te +100.100.55.117 mac +100.96.201.42 ki +100.107.101.77 fe +100.107.101.77 fesu diff --git a/mods/fusu-services.nix b/mods/fusu-services.nix new file mode 100644 index 0000000..16e80c3 --- /dev/null +++ b/mods/fusu-services.nix @@ -0,0 +1,74 @@ +{ pkgs, dataDir, config, inputs, system, ... }: let + + /** + thanks: @melektron + This builder creates a small shell script that wraps arion to specify + it to operate on a specific registered arion service identified by `srv_name`. + This can be used to manage the docker-compose functionality of an arion service + that is defined in the NixOS system, independently from the systemctl service that + starts it. If you start/stop compose projects using this, you should first stop + the systemctl service. + */ + createArionServiceManager = srv_name: setup: ( + pkgs.writeShellScriptBin "manage-arion-${srv_name}" '' + echo operating on: ${config.virtualisation.arion.projects."${srv_name}".settings.out.dockerComposeYaml} + ${setup} + ${pkgs.lib.getExe inputs.arion.packages."${system}".arion} --prebuilt-file ${config.virtualisation.arion.projects."${srv_name}".settings.out.dockerComposeYaml} $@ + '' + ); + +in { + + environment.systemPackages = [ + pkgs.arion + + # Do install the docker CLI to talk to podman. + # Not needed when virtualisation.docker.enable = true; + pkgs.docker-client + + # add all the service managers + (createArionServiceManager "libvirt" "") + ]; + + # Arion works with Docker, but for NixOS-based containers, you need Podman + # since NixOS 21.05. + virtualisation.docker.enable = false; + virtualisation.podman.enable = true; + virtualisation.podman.dockerSocket.enable = true; + + users.extraUsers.me.extraGroups = ["podman"]; + + ######################## libvirtd in container ######################### + virtualisation.arion = { + backend = "podman-socket"; + + projects.libvirt.settings.services.libvirt = { pkgs, lib, ... }: { + nixos.useSystemd = true; + service.useHostStore = true; + + nixos.configuration = { + boot.tmp.useTmpfs = true; + virtualisation.libvirtd = { + enable = true; + }; + users.users.me = { + uid = 1001; + isNormalUser = true; + password = "changeme"; + extraGroups = [ "networkmanager" "wheel" "libvirtd" "plugdev" ]; + }; + }; + + service = { + privileged = true; + + volumes = [ + "${dataDir}/libvirt/run:/run/libvirt" + "${dataDir}/libvirt/lib:/var/lib/libvirt" + ]; + }; + + }; + }; + +} diff --git a/mods/le-disk-setup.nix b/mods/le-disk-setup.nix new file mode 100644 index 0000000..6ab855c --- /dev/null +++ b/mods/le-disk-setup.nix @@ -0,0 +1,105 @@ + +# future setup of using disko to format my raspi sd-card + +{ + config, + lib, + pkgs, + inputs, + ... +}: + +{ + imports = [ + "${inputs.nixpkgs}/nixos/modules/installer/sd-card/sd-image.nix" + "${inputs.nixpkgs}/nixos/modules/profiles/base.nix" + ]; + + boot.loader.grub.enable = false; + boot.loader.generic-extlinux-compatible.enable = true; + + boot.consoleLogLevel = lib.mkDefault 7; + + # The serial ports listed here are: + # - ttyS0: for Tegra (Jetson TX1) + # - ttyAMA0: for QEMU's -machine virt + boot.kernelParams = [ + "console=ttyS0,115200n8" + "console=ttyAMA0,115200n8" + "console=tty0" + ]; + + sdImage = { + populateFirmwareCommands = + let + configTxt = pkgs.writeText "config.txt" '' + [pi3] + kernel=u-boot-rpi3.bin + + # Otherwise the serial output will be garbled. + core_freq=250 + + [pi02] + kernel=u-boot-rpi3.bin + + [pi4] + kernel=u-boot-rpi4.bin + enable_gic=1 + armstub=armstub8-gic.bin + + # Otherwise the resolution will be weird in most cases, compared to + # what the pi3 firmware does by default. + disable_overscan=1 + + # Supported in newer board revisions + arm_boost=1 + + [cm4] + # Enable host mode on the 2711 built-in XHCI USB controller. + # This line should be removed if the legacy DWC2 controller is required + # (e.g. for USB device mode) or if USB support is not required. + otg_mode=1 + + [all] + # Boot in 64-bit mode. + arm_64bit=1 + + # U-Boot needs this to work, regardless of whether UART is actually used or not. + # Look in arch/arm/mach-bcm283x/Kconfig in the U-Boot tree to see if this is still + # a requirement in the future. + enable_uart=1 + + # Prevent the firmware from smashing the framebuffer setup done by the mainline kernel + # when attempting to show low-voltage or overtemperature warnings. + avoid_warnings=1 + ''; + in + '' + (cd ${pkgs.raspberrypifw}/share/raspberrypi/boot && cp bootcode.bin fixup*.dat start*.elf $NIX_BUILD_TOP/firmware/) + + # Add the config + cp ${configTxt} firmware/config.txt + + # Add pi3 specific files + cp ${pkgs.ubootRaspberryPi3_64bit}/u-boot.bin firmware/u-boot-rpi3.bin + cp ${pkgs.raspberrypifw}/share/raspberrypi/boot/bcm2710-rpi-2-b.dtb firmware/ + cp ${pkgs.raspberrypifw}/share/raspberrypi/boot/bcm2710-rpi-3-b.dtb firmware/ + cp ${pkgs.raspberrypifw}/share/raspberrypi/boot/bcm2710-rpi-3-b-plus.dtb firmware/ + cp ${pkgs.raspberrypifw}/share/raspberrypi/boot/bcm2710-rpi-cm3.dtb firmware/ + cp ${pkgs.raspberrypifw}/share/raspberrypi/boot/bcm2710-rpi-zero-2.dtb firmware/ + cp ${pkgs.raspberrypifw}/share/raspberrypi/boot/bcm2710-rpi-zero-2-w.dtb firmware/ + + # Add pi4 specific files + cp ${pkgs.ubootRaspberryPi4_64bit}/u-boot.bin firmware/u-boot-rpi4.bin + cp ${pkgs.raspberrypi-armstubs}/armstub8-gic.bin firmware/armstub8-gic.bin + cp ${pkgs.raspberrypifw}/share/raspberrypi/boot/bcm2711-rpi-4-b.dtb firmware/ + cp ${pkgs.raspberrypifw}/share/raspberrypi/boot/bcm2711-rpi-400.dtb firmware/ + cp ${pkgs.raspberrypifw}/share/raspberrypi/boot/bcm2711-rpi-cm4.dtb firmware/ + cp ${pkgs.raspberrypifw}/share/raspberrypi/boot/bcm2711-rpi-cm4s.dtb firmware/ + ''; + populateRootCommands = '' + mkdir -p ./files/boot + ${config.boot.loader.generic-extlinux-compatible.populateCmd} -c ${config.system.build.toplevel} -d ./files/boot + ''; + }; +} diff --git a/mybin/ru b/mybin/ru index b28cd9c..9993f0f 100755 --- a/mybin/ru +++ b/mybin/ru @@ -21,6 +21,10 @@ elif [ "$1" == "du" ] then du -d 1 -h $2 | sort -h -r +elif [ "$1" == "g" ] +then +ping 1.1.1.1 + diff --git a/programs/bash.nix b/programs/bash.nix index 3dfbc05..a1b7b21 100644 --- a/programs/bash.nix +++ b/programs/bash.nix @@ -1,4 +1,4 @@ -{ secretsDir, confDir, hostname, self, pkgs, config, system, inputs, workDir, ... }: +{ secretsDir, confDir, hostname, self, pkgs, config, system, workDir, ... }: { programs.bash = { @@ -137,36 +137,6 @@ - function rp () { - host=$1 - - if [[ "$host" == "mosatop" ]] - then - xfreerdp /u:"c2vi" /v:mosatop /p:$(cat ${secretsDir}/mosatop-rdp-password) /dynamic-resolution +clipboard +auto-reconnect /wm-class:"Microsoft Windows" - - elif [[ "$host" == "acern" ]] - then - xfreerdp /u:"seb" /v:acern /p:$(cat ${secretsDir}/acern-rdp-password) /dynamic-resolution +clipboard +auto-reconnect /wm-class:"Microsoft Windows" - - elif [[ "$host" == "mwin" ]] - then - xfreerdp /u:"me" /v:mac:4400 /p:$(cat /home/me/secrets/win-vm-pwd) /dynamic-resolution +clipboard +auto-reconnect +home-drive /wm-class:"Microsoft Windows"; - - elif [[ "$host" == "win" ]] - then - xfreerdp /u:"me" /v:192.168.122.141 /p:$(cat /home/me/secrets/win-vm-pwd) /dynamic-resolution +clipboard +auto-reconnect +home-drive /wm-class:"Microsoft Windows"; - - elif [[ "$host" == "phone" ]] - then - ssh phone "source ~/.bashrc && on" - ${pkgs.rustdesk}/bin/rustdesk --connect 100.77.80.77 - - fi - } - complete -W "mosatop acern" rp - - - # function to create a tmpdir, to use for some temporary work.... # made this, to not just keep cluttering my $HOME... with all kinds of projects function mt () { diff --git a/programs/thunderbird.nix b/programs/thunderbird.nix new file mode 100644 index 0000000..4e2289c --- /dev/null +++ b/programs/thunderbird.nix @@ -0,0 +1,20 @@ +{ pkgs, config, persistentDir, ... }: { + + programs.thunderbird = { + enable = true; + + profiles.me = { + isDefault = true; + }; + }; + + +/* + home.file.".thunderbird" = { + force = true; + source = config.lib.file.mkOutOfStoreSymlink "${persistentDir}/thunderbird"; + }; + */ + +} + diff --git a/users/me/gui-home.nix b/users/me/gui-home.nix index 500871e..bfcf9b5 100755 --- a/users/me/gui-home.nix +++ b/users/me/gui-home.nix @@ -13,6 +13,7 @@ ../../programs/rofi/default.nix ../../programs/zathura.nix ../../programs/firefox/default.nix + ../../programs/thunderbird.nix inputs.lan-mouse.homeManagerModules.default "${inputs.vscode-server}/modules/vscode-server/home.nix"