dev.fron.io rc / 4f5d43d
phi: fix build Tony Olagbaiye authored 1 year, 7 months ago Tony Olagbaiye committed 1 year, 7 months ago
27 changed file(s) with 172 addition(s) and 39 deletion(s). Raw diff Collapse all Expand all
11
22 {
33 imports = [
4 ../../profiles/security/sudo.conf
4 ../../profiles/security/sudo.nix
5 ../../users/leaf.nix
56 ];
67
78 # Use the systemd-boot EFI boot loader.
910 efi.canTouchEfiVariables = true;
1011 systemd-boot = {
1112 enable = true;
12 configurationLimit = 8;
13 configurationLimit = 16;
1314 };
1415 };
1516
1617 boot.extraModulePackages = with config.boot.kernelPackages; [ v4l2loopback ];
1718
18 fileSystems = {
19 "/" = {
20 device = "/dev/mmcblk0p2";
21 fsType = "f2fs";
19 boot.initrd.availableKernelModules = [ "ata_generic" "ehci_pci" "ahci" "usbhid" "usb_storage" "sd_mod" "sr_mod" ];
20 boot.kernelModules = [ "kvm-intel" ];
21
22 fileSystems."/" =
23 { device = "/dev/disk/by-uuid/7f4d3be4-6f2e-4f50-9bbe-493557965337";
24 fsType = "btrfs";
25 options = [ "subvol=os" ];
2226 };
23 "/boot" = {
24 device = "/dev/mmcblk0p1";
27
28 fileSystems."/home" =
29 { device = "/dev/disk/by-uuid/7f4d3be4-6f2e-4f50-9bbe-493557965337";
30 fsType = "btrfs";
31 options = [ "subvol=home" ];
32 };
33
34 fileSystems."/nix" =
35 { device = "/dev/disk/by-uuid/7f4d3be4-6f2e-4f50-9bbe-493557965337";
36 fsType = "btrfs";
37 options = [ "subvol=nix" ];
38 };
39
40 fileSystems."/boot" =
41 { device = "/dev/disk/by-uuid/CF89-F076";
2542 fsType = "vfat";
26 neededForBoot = true;
2743 };
28 };
2944
30 swapDevices = [ { device = "/dev/mmcblk0p3"; } ];
45 swapDevices = [ ];
3146
3247 powerManagement.cpuFreqGovernor = lib.mkDefault "ondemand";
3348
3449 nix.maxJobs = lib.mkDefault 4;
3550 nix.buildMachines = [ {
3651 hostName = "nix-zeta";
37 systems = [ "x86_64-linux" ];
52 systems = [ "x86_64-linux" "aarch64-linux" "armv6l-linux" "armv7l-linux" ];
3853 maxJobs = 3;
3954 speedFactor = 2;
4055 supportedFeatures = [ "nixos-test" "benchmark" "big-parallel" "kvm" ];
4661 '';
4762
4863 networking.useDHCP = false;
49 networking.interfaces.eth0.useDHCP = true;
64 networking.interfaces.eno1.useDHCP = true;
5065
5166 environment.systemPackages = with pkgs; [
52 wget htop screen pv git dnsutils
67 wget htop screen pv git dnsutils direnv
5368 (callPackage home-assistant-cli.override {
5469 python3 = python3 // {
5570 pkgs = python3.pkgs // {
6681 programs.mosh.enable = true;
6782 programs.tmux.enable = true;
6883 programs.adb.enable = true;
84 programs.mtr.enable = true;
85 programs.gnupg.agent = {
86 enable = true;
87 enableSSHSupport = true;
88 pinentryFlavor = "gnome3";
89 };
6990
91 services.lorri.enable = true;
7092 services.resolved.enable = true;
7193 services.resolved.dnssec = "false";
7294 services.openssh.enable = true;
134156 networking.firewall.enable = false;
135157
136158 sound.enable = true;
137 # hardware.pulseaudio.enable = true;
159 hardware.pulseaudio.enable = true;
138160
139 users.mutableUsers = lib.mkForce true;
140 users.users.leaf = {
141 #uid = 1001;
142 isNormalUser = true;
143 extraGroups = [ "wheel" ];
144 };
161 users.users.root.openssh.authorizedKeys.keys = [
162 "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAEAQC/Ca5MUwmHMZt4sH/xLAq20X12xDj2bSqg88thxWLvpqnLpLEJmpasaHKRRh9O6E/NE0Zsn45dsTuvB9/otoDGdstYX2VZyi3UBIWp3BjxdbvmMrbhvpihiZl6rAFXU45/LM/4PvraLic2ZXuOGFqoLcnKDAvCATJsQfUGcEnM0YJVcFLjA4sSPHarSoSHFxZ90RXVmW8m5sfNCsMMo3jCMgE49zlWhcrKfp/FfpIlKMytTDdb+JE0JIsR+28oxJtL63wTbO9p2zFS8geNPVMfj8+Ge4bb0YWroBNGaMo3cHcdtquWWvTzZxWJu+AiSlZIWcP6aOhOoRiFrCWIYBP91dtARm2+OXIpUNAT+yPR+YQ4BAUNxYyBZO3hTH47cq2dC4NAQVcjuUb5VLoRAOAl+DzHSj7FNFGo49CxE/eDlhoXzmgP28N5tDktZYYstrr4j/KAZPYzGW8tB6s/VhhiCGFgZQXq2irH2UtU3Amr7cw0Wiiuyoe4x67dUB+sy3yT5jle/dLe0U9qgAiFTptix1QpjDaT8dFYQsi0kzXlSUEB05pmnCjM2n9eksdtF5kggLDNQ3VKH+LRN/rd5JKJsMJn9Lxr9nO3x+x+fhBurthumrDB2S3oqEOWQDxJ+JaZi5mshzZ2bB4lSXGB5aYjaBSk49EmlrNo8dUUXpZFT9mePx8BIC73XtoEsFgH9kpvHqHxOaBBO3wsxWekbS5bzi2KkBWxMAHq/fVV37iNaDHnldEn9DGDIQb6fQnjLkWbwNRBsdZxqfJGBqVpUNVbsS4BOFoa7yxnCZ6OgxzXpScoyeTxgM1nDALRnwee2d+3GrKHzE23Db6tIwUUeHEkcNwY2L6MW6Z2Onv2T9+V0IITe16EV+TcTc04DQ2XtnVEqUfqK5NZX0wpDuO0Bw0cJrbxJy3lk1PbnUnP/slfRgB4yOvkA0zRrer27EiyRsQe9QSfcmcpIK66+UncYqTFZ/qJFBdupn2ruYaDfCq/G8HyNsm7fXJLgsnGrAfEqUlBabbmLBdSvPqWpkMCjmmX7tMvTTWV5/IdFo0NVPQ7VBdZrRoPbYOQetZqr6S1tkKvpISrBKMRXXgaCcegnqWKqomZsFWcTnhyV0vCJM16IaNp++2rqw426hvpm2F+hhUzDa7CP/+HKvo0ucwC1u24CX75eT/pEP7WuINNMEx1y+/VxyeWscAK89NYa2YGBzqBEJ9+0QVFNYye/baaNn1dNEuPk49bkM7g3LTp8ae+J+5dAb3QsKMxL/bssFzAc+7M5+LFQDFpWtxkzkB5+X9HzMtVbsgDk9CDgn56OfkpzjFR7PeDUcKeFWeccWHRMOyXVX1daoUTeDIpESID2FnR bao@delta"
163 "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOvcvk1nLYImKqjhL8HdAb1sM2vXcEGu+rMZJ8XIG4H7 bao@delta"
164 "ecdsa-sha2-nistp521 AAAAE2VjZHNhLXNoYTItbmlzdHA1MjEAAAAIbmlzdHA1MjEAAACFBAEY1DRzmt77NPp64/DEkuPwdOd5yzchRBDmZJBvu+ip42tV3c1FdDNs/7ictpROqfm/Nkh6D/mmbQV+MI2Aa1H66AC+8/wMJl/fkfSEeX6Z6thVM7oC6a2kXuJjlZNF5wQngTP5AWydEFacuZduW+Ir2++IVFyjtIVOR/lumtdzuvi5/A== Tony@tomoko"
165 "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKAjEvrKkGk5kX7pQEILjZ3d57C8l7rpa9RH+5ynj+HQ Theta ED25519"
166 "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACQQCuvdbIeDhfVgfp5rt3/II64jtB4WCpxRrW/JarbNlwAs+U/OLJAc9YM/vFUCr3Oenn11n3qrkMXrnPawqBaqIy7JDO0c0ox75f/SZc5k0TK26dmEEywFKUUXYUDsqQn38YdCWPNy8hGHrfL+pfUCjKGbVBB2H353bHlEur15iCdcYtA/DU4yUaozs3CZWDKVR18lZPmJHtmugIDJhR6A4FOJUGld2FETXMHRPxpn2pvk+SM8xiqiCk4j1TUEixq5dAe51iVOfXg8bt8nipGlpPx4YMVY4eGFPRw+qPqws209xyJiyVt2WIa5rN924llVfPZZQr5iVm5UvPUlpWP7ogtClz+u3c9tMFDM1EUqT/Xe5iSJG1loKRKHeYR2aMR6db8lc7ke8EuyqIAcHSwefEqFLXDM7gCvSmDU+6/ynV63tQSzTgQU+FBNZX+FW+Xpr66qIoYHaAyzlfO64OyyyArux/HVEwQgupOx93LzyiKzwgQqbVQLEbD2P3RyLrxeSIxlSBZACvVl7A7daTWWeZ9+TA/k6Im/9jBTnlJTzRMlaknR2gYwJ7dCtduRF0/4fZrkVQ/gJ0xjOOBhPbM3x2P86f+ZSWd81PdVz2cD/1O+PJCFpdsgrZsiEpcXIjqJeU9aND7k0lge2OFV5iRq12kpU6iXkRUVUVKHDloJkmTx79mn3Qn2ZwVt7+pbJ1XbM+1xdEsASXXQCTeZjLkNA5fAEnKmv1S4QnfGE48FSPDqowuojCBiD/+QyusVmZmOU= Theta RSA"
167 "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDX40Dm37dDdxreqQxQ+bd9c9mNXfSqC5k3Rrf4iQHy7OdzsQD0qngHFdcq2dG0d4sYeHeyJGYHPbtwNYb0AED/zDVgfuiW6+xYSW+apg5Hc2EfktxxmVbRXqq8SoWUP9CtwJLIw0Q4vBiWBKT367VlXnWJ5ob8bwhfRlK7Sk4595Mm2Wp98sgMXdcQbFc+nQ+TYyYnkIYv63g3Lyxi8NQKWGwh2zspGl2rbDVJrtr196bSd3leZhD/v+YquqO2Saf9DZCmDMJmw4rUWZ84rkUZ0lB5eSICfQZAl5UxpnorWutLDxjuFOc/7H6iSGFRNjQ/fM8Jh2dxDm3XWxWp+E+F9q5Q9bsziL+zwxkAL2SvWULhmAALbLMqEC2qkPU9ccqRRBteGIRt/ix+J87lImz6Zp2UqSYFe2GpwP+NtMB8TyMaDUOni+L/NGw7o/EvAm7K7tH6OJW5vSC7e8P5lLc825SHlJdfn5L2aAfD+vr8rZv4L9uy1isJTMvVDRp4CLHwsw+xn4XfnfvsNtWNyVoAfi7NN3+jtCGlpNckj+5ylaQcgGuFbQUJ7jhsUGDYRSvX3wWaRBD94Pi+XS1jUTLyRmIbgcbiSeyzx2fZm1saQAb3MSF9yf0ibCJlTJ3JMLfqlDYP6Yl64bQ67T8QcYvDSUurqh+T6AN83SF6aHT3HQ== openpgp:0xBF0F46CF"
168 ];
169 # Enable the X11 windowing system.
170 services.xserver.enable = true;
171 services.xserver.layout = "gb";
172
173 # Enable touchpad support.
174 services.xserver.libinput.enable = true;
175
176 # Enable the KDE Desktop Environment.
177 services.xserver.desktopManager.plasma5.enable = true;
178
179 # Define a user account. Don't forget to set a password with ‘passwd’.
180 users.users.leaf.openssh.authorizedKeys.keys = config.users.users.root.openssh.authorizedKeys.keys;
145181
146182 # This value determines the NixOS release with which your system is to be
147183 # compatible, in order to avoid breaking some software such as database
148184 # servers. You should change this only after NixOS release notes say you
149185 # should.
150 system.stateVersion = "20.03"; # Did you read the comment?
186 system.stateVersion = "20.09"; # Did you read the comment?
151187 }
legacy/leaf/.bash_history less more
Binary diff not shown
legacy/leaf/.bash_profile less more
Binary diff not shown
legacy/leaf/.bashrc less more
Binary diff not shown
legacy/leaf/.config/configstore/update-notifier-snips-sam.json less more
Binary diff not shown
legacy/leaf/.config/htop/htoprc less more
Binary diff not shown
legacy/leaf/.dvtm-status.sh less more
Binary diff not shown
legacy/leaf/.histfile less more
Binary diff not shown
legacy/leaf/.lesshst less more
Binary diff not shown
+0
-1
legacy/leaf/.nix-defexpr/channels less more
0 /nix/var/nix/profiles/per-user/leaf/channels
+0
-1
legacy/leaf/.nix-defexpr/channels_root less more
0 /nix/var/nix/profiles/per-user/root/channels
+0
-1
legacy/leaf/.nix-profile less more
0 /nix/var/nix/profiles/per-user/leaf/profile
legacy/leaf/.sam/configuration.yml less more
Binary diff not shown
legacy/leaf/.screenrc less more
Binary diff not shown
legacy/leaf/.ssh/authorized_keys less more
Binary diff not shown
legacy/leaf/.ssh/id_rsa_snips less more
Binary diff not shown
legacy/leaf/.ssh/id_rsa_snips.pub less more
Binary diff not shown
legacy/leaf/.ssh/known_hosts less more
Binary diff not shown
legacy/leaf/.terminfo/e/eterm-256color less more
Binary diff not shown
legacy/leaf/.tmux.conf less more
Binary diff not shown
legacy/leaf/.viminfo less more
Binary diff not shown
legacy/leaf/.wget-hsts less more
Binary diff not shown
legacy/leaf/.zcompdump less more
Binary diff not shown
legacy/leaf/.zshrc less more
Binary diff not shown
0 final: prev: {
0 final: prev: rec {
11 iptables = prev.iptables-nftables-compat;
22 systemd = prev.systemd.override { iptables = prev.iptables; };
3 webkitgtk = prev.webkitgtk.override {
4 geoclue2 = prev.geoclue2.override {
5 glib-networking = prev.glib-networking.override {
6 libproxy = prev.libproxy.override {
7 networkmanager = prev.networkmanager.override {
8 dhcp = prev.dhcp.override {
9 iproute = prev.iproute.override {
10 iptables = prev.iptables;
11 };
12 };
13 iptables = prev.iptables;
14 };
15 };
3 networkmanager = prev.networkmanager.override {
4 dhcp = prev.dhcp.override {
5 iproute = prev.iproute.override {
6 iptables = prev.iptables;
167 };
178 };
9 iptables = prev.iptables;
1810 };
1911 }
Binary diff not shown
0 { config, pkgs, lib, ... }:
1
2 {
3 imports = [
4 ../profiles/develop
5 ];
6
7 environment.variables = {
8 GITHUB_TOKEN = (import ../secrets/git.github.nix).oauth-token;
9 };
10
11 services.dbus.packages = with pkgs; [ gnome3.dconf ];
12
13 users.users.leaf = {
14 uid = 1000;
15 group = "users";
16 shell = pkgs.xonsh;
17 isNormalUser = true;
18 extraGroups = [ "wheel" "adbusers" ];
19 } // import ../secrets/leaf.password.nix;
20
21 home-manager.users.leaf = let
22 home-config = config.home-manager.users.leaf;
23 in {
24 imports = [
25 ./shells/fish
26 ./shells/xonsh
27 ./editors/vim
28 ./utilities/git
29 ./utilities/htop
30 ./services/gnupg
31 ];
32
33 home.file.".bashrc".text = ''
34 # If not running interactively, don't do anything
35 [[ $- != *i* ]] && return
36
37 source /etc/profile
38
39 [[ $INSIDE_EMACS == "vterm" ]] && [[ $IN_NIX_SHELL == "" ]] && exec xonsh
40
41 PS1='[\u@\h \W]\$ '
42
43 PS1="\n\[\e[1;30m\][''$$:$PPID - \j:\!\[\e[1;30m\]]\[\e[0;36m\] \T \[\e[1;30m\][\[\e[1;34m\]\u@\H\[\e[1;30m\]:\[\e[0;37m\]''${SSH_TTY:-o} \[\e[0;32m\]+''${SHLVL}\[\e[1;30m\]] \[\e[1;37m\]\w\[\e[0;37m\] \n\$ "
44 '';
45 home.file.".profile".text = ''
46 '';
47
48 programs.home-manager.enable = true;
49 programs.command-not-found.enable = false; # Needs flake-safe version
50 programs.xonsh.enable = true;
51 programs.fish.enable = true;
52 programs.htop.enable = true;
53 programs.bat.enable = true;
54 programs.fzf.enable = true;
55 programs.tmux.enable = true;
56 programs.neovim.enable = true;
57 programs.jq.enable = true;
58 programs.direnv.enable = true;
59 programs.taskwarrior.enable = true;
60 programs.mpv.enable = true;
61 programs.feh.enable = true;
62 programs.git.enable = true;
63 programs.ssh.enable = false; # TODO
64
65 services.lorri.enable = true;
66 services.gpg-agent.enable = true;
67 services.spotifyd.enable = true;
68 services.taskwarrior-sync.enable = true;
69 services.syncthing.enable = false; # TODO
70 services.unclutter.enable = false; # TODO
71
72 home.packages = with pkgs; let
73 ipfscat = pkgs.writeShellScriptBin "ipfscat" ''
74 export IPFS_PATH='/var/lib/ipfs'
75 bold="$(${pkgs.ncurses}/bin/tput bold)"
76 sgr0="$(${pkgs.ncurses}/bin/tput sgr0)"
77 if [ -z "$DISPLAY" ]; then
78 ${pkgs.ipfs}/bin/ipfs add $@ |\
79 ${pkgs.gnugrep}/bin/grep added |\
80 ${pkgs.coreutils}/bin/cut -d' ' -f 2 |\
81 ${pkgs.findutils}/bin/xargs -I{} echo "https://gateway.ipfs.io/ipfs/{}" |\
82 ${pkgs.findutils}/bin/xargs echo $bold"Copy:"$sgr0
83 else
84 ${pkgs.ipfs}/bin/ipfs add $@ |\
85 ${pkgs.gnugrep}/bin/grep added |\
86 ${pkgs.coreutils}/bin/cut -d' ' -f 2 |\
87 ${pkgs.findutils}/bin/xargs -I{} echo "https://gateway.ipfs.io/ipfs/{}" |\
88 ${pkgs.xclip}/bin/xclip -i -r -f -selection primary |\
89 ${pkgs.xclip}/bin/xclip -i -r -f -selection secondary |\
90 ${pkgs.xclip}/bin/xclip -i -r -f -selection clipboard |\
91 ${pkgs.findutils}/bin/xargs echo $bold"Copied:"$sgr0
92 fi
93 '';
94 in [
95 abduco dvtm # Terminal Multiplexing
96 yadm # Dotfile Management
97 pstree # Process Monitoring
98 pv pup # Pipe Management
99 nmap wget curl ipfscat mitmproxy # Network Utilities
100 bitwarden-cli protonvpn-cli-ng # Password Management
101 file exa unrar unzip ncdu # File Management
102 xpra xsel xclip scrot # X11 Utilities
103 gdb lldb radare2 radare2-cutter # Debug Utilities
104 ];
105
106 };
107 }