milieu update

configuration.nix

@@ -0,0 +1 @@
+hosts/hackens-milieu/configuration.nix

hosts/hackens-milieu/configuration.nix

@@ -8,7 +8,7 @@
   imports =
     [ # Include the results of the hardware scan.
       ./hardware-configuration.nix
-      ../../profiles/hackens
+      ../../profiles/shared-hackens
     ];
 
   # Use the GRUB 2 boot loader.

profiles/shared-hackens/default.nix

@@ -7,6 +7,7 @@
     ./syncthing.nix
     ./programs.nix
     ./audio.nix
+    ./mosquitto.nix
     ./graphics.nix
     ./monitoring.nix
     ./users.nix
@@ -16,6 +17,8 @@
     ./nightworker.nix
     ./ssd.nix
     ./aarch64.nix
+    ./latex.nix
+    ./gnome.nix
     # ./netboot-server.nix # -- fix quick xyz mode.
   ];
 }

profiles/shared-hackens/gnome.nix

@@ -0,0 +1,8 @@
+{ ... }:
+{
+  services.xserver = {
+    enable = true;
+    displayManager.gdm.enable = true;
+    desktopManager.gnome.enable = true;
+  };
+}

profiles/shared-hackens/i3.nix

@@ -1,4 +1,4 @@
-{ pkgs, ... }:
+{ pkgs, config, lib, ... }:
 {
   environment.pathsToLink = [ "/libexec" ];
   environment.sessionVariables.TERMINAL = [ "kitty" ];
@@ -7,7 +7,7 @@
     BROWSER = "firefox";
   };
   services.xserver = {
-    displayManager = {
+    displayManager = lib.mkIf (!config.services.xserver.displayManager.gdm.enable) {
       autoLogin = {
         enable = true;
         user = "hackens";
@@ -17,7 +17,7 @@
     windowManager.i3 = {
       enable = true;
       extraSessionCommands = ''
-        ${pkgs.xlibs.xset}/bin/xset r rate 200 50
+        ${pkgs.xorg.xset}/bin/xset r rate 200 50
       '';
       extraPackages = with pkgs; [
         rofi
@@ -37,7 +37,6 @@
     liberation_ttf
     fira-code
     fira-code-symbols
-    mplus-outline-fonts
     dina-font
     proggyfonts
     powerline-fonts

profiles/shared-hackens/latex.nix

@@ -0,0 +1,4 @@
+{ pkgs, ... }:
+{
+  environment.systemPackages = [ pkgs.texlive.combined.scheme-full ];
+}

profiles/shared-hackens/monitoring.nix

@@ -56,17 +56,4 @@
   };
   services.smartd.enable = true;
   services.smartd.extraOptions = [ "-A /var/log/smartd/" ]; # For netdata.
-
-  # MQTT for every usage, notably OctoPrint events.
-  services.mosquitto = {
-    enable = true;
-    listeners = [
-      {
-        address = "192.168.1.118";
-      }
-    ];
-    settings = {
-      # allow_anonymous = true;
-    };
-  };
 }

profiles/shared-hackens/mosquitto.nix

@@ -0,0 +1,30 @@
+{ ... }:
+let
+  port = 1883;
+in
+{
+  services.mosquitto = {
+    enable = true;
+    logType = [ "all" ];
+    listeners = [
+      {
+        address = "0.0.0.0";
+        acl = [ "topic readwrite #" ];
+        port = port;
+        settings = {
+          allow_anonymous = true;
+        };
+      }
+    ];
+    bridges.hackensOrg = {
+      topics = [ "# both" ];
+      addresses = [
+        {
+          address = "new.hackens.org";
+        }
+      ];
+    };
+  };
+  networking.firewall.allowedTCPPorts = [ port ];
+}
+

profiles/shared-hackens/programs.nix

@@ -11,10 +11,11 @@
     taskwarrior
 
     # Slicers
-    prusa-slicer super-slicer
+    super-slicer
+    # prusa-slicer TODO: it is broken
 
     # CAD/3D
-    blender freecad openscad kicad-with-packages3d
+    blender openscad # kicad-with-packages3d freecad
     # Microcontrollers
     arduino arduino-cli stm32flash stm32loader
     # FPGA

profiles/shared-hackens/system.nix

@@ -25,6 +25,7 @@
 
   services.locate.enable = true;
   services.openssh.enable = true;
+  services.openssh.passwordAuthentication = false;
   networking.firewall.enable = false;
   documentation.info.enable = false;
 }

profiles/shared-hackens/users.nix

@@ -1,23 +1,24 @@
 { pkgs, ... }:
+let
+  superadmins = [
+    ../../pubkeys/raito.keys
+    ../../pubkeys/gdd.keys
+    ../../pubkeys/BiBi.keys
+  ];
+in
 {
   users.users.hackens = {
     isNormalUser = true;
-    extraGroups = [ "wheel" ];
+    extraGroups = [ "wheel" "dialout" "audio" "video" ];
 
     openssh.authorizedKeys.keys = [ 
       "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDcKULx/AgnqBsgwRX2BfV8waq6JXIkvZHhu9Y8paofM8awq6Om56BZoA7AV45YOcJxO/eFDOxSegXXmt22s4WjIf8I049aMdsW54BNpFpC/h18cMzm5ylKVGHl1ier/WXxpBsA8YU++YdRlGHPpKnhCtYLnBzD4Q5h+05GMIHismNZP1aGpE9s01FuP8eaDDkZUba7oSpn03AA77DBw4/2ZreSbqo96Z6WwiG09KeZvxFtEIk98EQtmiExB2fwsK3/JIxIBCoZHh4SzERcslxxGgzdppd6NhhSh7g523zhiihLaTAPNXBovGm5wcKOU9uWe+pUWEbwV04E+809aVbkJOdYBCtIf8M91meqpupA8jK38uquePHEFvpNr5UmY0qUlJCoqTvoqg9XgrfJVjlPEmYknj/QjQzkA4k19y8njsyEjnYOBL6tsztg6Igl+NZXjBAPuAzxCsfHOtWw1WM5gANwqOL0V9f7+14yST3HwweqjHRj4xky6ritxK+ujfc= hackens@hackens-desktop"
     ];
-    openssh.authorizedKeys.keyFiles = [
+    openssh.authorizedKeys.keyFiles = superadmins;
-      ../../pubkeys/raito.keys
+   };
-      ../../pubkeys/gdd.keys
-    ];
-  };
 
   users.users.root = {
-    openssh.authorizedKeys.keyFiles = [
+    openssh.authorizedKeys.keyFiles = superadmins;
-      ./pubkeys/raito.keys
-      ./pubkeys/gdd.keys
-    ];
   };
 
 }

pubkeys/BiBi.keys

@@ -0,0 +1,3 @@
+ecdsa-sha2-nistp521 AAAAE2VjZHNhLXNoYTItbmlzdHA1MjEAAAAIbmlzdHA1MjEAAACFBACC4RyZ/2ZTACUl5j6K1VlLu4+WUI3eUuylxqPw9DVWnKH5u5pGld/6pL3Nq0rM5W5kfDLd0SWYDL5f1FUdBr2VugDGLO8swdOK6SWM3J5TN1c2ZwDAeBsbXF4scqXqT1Fxay31LPUCAy526P6pRowxwBZwEMn6wHc7Lp//LRMOqh2DSA==
+ecdsa-sha2-nistp521 AAAAE2VjZHNhLXNoYTItbmlzdHA1MjEAAAAIbmlzdHA1MjEAAACFBABLEDU82YDUFYgji+hM1fdfpxzY2QHNRCrlSF1X9FSqLLBHYxcpIWEl6kd6bQTml+sjhIpdvbDzvr2MR4prk/zsiwDmuLrzv+j7jri7BZkBzREYYm45LQNhbJZuRaszEMpvOU902UOvEzPU2WDAtHH1G7fRnxjHsDAiVc/fUzJz9r9uXg==
+ecdsa-sha2-nistp521 AAAAE2VjZHNhLXNoYTItbmlzdHA1MjEAAAAIbmlzdHA1MjEAAACFBADkJamWNY4+IdqAKI4p7NZ9EecVj3gc2oH/JpmyKREnQBBiCdNmu5HOqzplYYIEmr3HtGLZNcL8o0bvXNtX43onLQDsyOa2UuTNRYLOgx9Uq0tFLhGrDmDP1SK/v5OfcM9H+vm5NO4bFdPjqTrqwDOamUrSt83BY9XRue+JIe/nTzDX0g==