From 57cae6c3d365604c7659f61f0d2b316c9c1b77a6 Mon Sep 17 00:00:00 2001
From: catvayor <catvayor@katvayor.net>
Date: Fri, 22 Mar 2024 14:24:31 +0100
Subject: [PATCH] beginned mail cfg + a virtual machine

---
 hive.nix                                     |  17 +++
 machines/kat-virt/configuration.nix          | 107 ++++++++++++++
 machines/kat-virt/hardware-configuration.nix |  36 +++++
 modules/default.nix                          |   1 +
 modules/desktop/waybar/config                |   2 +-
 modules/mail.nix                             | 148 +++++++++++++++++++
 modules/ssh.nix                              |  14 ++
 7 files changed, 324 insertions(+), 1 deletion(-)
 create mode 100644 machines/kat-virt/configuration.nix
 create mode 100644 machines/kat-virt/hardware-configuration.nix
 create mode 100644 modules/mail.nix

diff --git a/hive.nix b/hive.nix
index 09881d6..6a03f46 100644
--- a/hive.nix
+++ b/hive.nix
@@ -48,8 +48,25 @@ in {
     users.users.root.openssh.authorizedKeys.keys = [
       "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAA16foz+XzwKwyIR4wFgNIAE3Y7AfXyEsUZFVVz8Rie catvayor@katvayor"
     ];
+    home-manager.users.catvayor = {
+      imports = [ mods.home.mail ];
+    };
   };
 
+  kat-virt = { name, nodes, ... }: {
+    deployment.targetHost = "virt.kat";
+
+    imports = [
+      ./machines/kat-virt/configuration.nix
+      users.root
+    ];
+    networking.hostName = name;
+    users.users.root.openssh.authorizedKeys.keys = [
+      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAA16foz+XzwKwyIR4wFgNIAE3Y7AfXyEsUZFVVz8Rie catvayor@katvayor"
+    ];
+  };
+
+
   kat-iso = { name, pkgs, ... }:{
     deployment = {
       allowLocalDeployment = false;
diff --git a/machines/kat-virt/configuration.nix b/machines/kat-virt/configuration.nix
new file mode 100644
index 0000000..771ae48
--- /dev/null
+++ b/machines/kat-virt/configuration.nix
@@ -0,0 +1,107 @@
+# https://search.nixos.org/options and in the NixOS manual (`nixos-help`).
+
+{ config, lib, pkgs, ... }:
+
+{
+  imports =
+    [
+      ./hardware-configuration.nix
+    ];
+
+  boot.loader.systemd-boot.enable = true;
+  boot.loader.efi.canTouchEfiVariables = true;
+  boot.supportedFilesystems = [ "bcachefs" ];
+  boot.kernelPackages = pkgs.linuxPackages_latest;
+
+  networking.networkmanager.enable = true;  # Easiest to use and most distros use this by default.
+  time.timeZone = "Europe/Paris";
+
+  # Configure network proxy if necessary
+  # networking.proxy.default = "http://user:password@proxy:port/";
+  # networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain";
+
+  # Select internationalisation properties.
+  i18n.defaultLocale = "en_US.UTF-8";
+  console = {
+    font = "Lat2-Terminus16";
+    keyMap = "fr";
+  };
+
+  # Enable the X11 windowing system.
+  # services.xserver.enable = true;
+
+  # security.polkit.enable = true;
+  # programs.light.enable = true;
+  services.dbus.packages = with pkgs; [ dconf ];
+
+  nixpkgs.config.allowUnfree = true;
+
+  # Configure keymap in X11
+  # services.xserver.xkb.layout = "us";
+  # services.xserver.xkb.options = "eurosign:e,caps:escape";
+
+  # Enable CUPS to print documents.
+  # services.printing.enable = true;
+
+  # Enable touchpad support (enabled default in most desktopManager).
+  # services.xserver.libinput.enable = true;
+
+  # Define a user account. Don't forget to set a password with ‘passwd’.
+  programs.zsh.enable = true;
+
+  environment.systemPackages = with pkgs; [
+    wget
+    nix-search-cli
+    git
+    btop
+    ranger
+    screen
+  ];
+
+  # Some programs need SUID wrappers, can be configured further or are
+  # started in user sessions.
+  # programs.mtr.enable = true;
+  programs.gnupg.agent = {
+    enable = true;
+    enableSSHSupport = true;
+  };
+
+  # List services that you want to enable:
+
+  # Enable the OpenSSH daemon.
+  services.openssh.enable = true;
+  services.netbird.enable = true;
+
+  virtualisation.docker.enable = true;
+
+  # Open ports in the firewall.
+  # networking.firewall.allowedTCPPorts = [ ... ];
+  # networking.firewall.allowedUDPPorts = [ ... ];
+  # Or disable the firewall altogether.
+  # networking.firewall.enable = false;
+
+  # Copy the NixOS configuration file and link it from the resulting system
+  # (/run/current-system/configuration.nix). This is useful in case you
+  # accidentally delete configuration.nix.
+  # system.copySystemConfiguration = true;
+
+  # This option defines the first version of NixOS you have installed on this particular machine,
+  # and is used to maintain compatibility with application data (e.g. databases) created on older NixOS versions.
+  #
+  # Most users should NEVER change this value after the initial install, for any reason,
+  # even if you've upgraded your system to a new NixOS release.
+  #
+  # This value does NOT affect the Nixpkgs version your packages and OS are pulled from,
+  # so changing it will NOT upgrade your system.
+  #
+  # This value being lower than the current NixOS release does NOT mean your system is
+  # out of date, out of support, or vulnerable.
+  #
+  # Do NOT change this value unless you have manually inspected all the changes it would make to your configuration,
+  # and migrated your data accordingly.
+  #
+  # For more information, see `man configuration.nix` or https://nixos.org/manual/nixos/stable/options#opt-system.stateVersion .
+  system.stateVersion = "23.11"; # Did you read the comment?
+
+}
+
diff --git a/machines/kat-virt/hardware-configuration.nix b/machines/kat-virt/hardware-configuration.nix
new file mode 100644
index 0000000..f9547ab
--- /dev/null
+++ b/machines/kat-virt/hardware-configuration.nix
@@ -0,0 +1,36 @@
+# Do not modify this file!  It was generated by ‘nixos-generate-config’
+# and may be overwritten by future invocations.  Please make changes
+# to /etc/nixos/configuration.nix instead.
+{ config, lib, pkgs, modulesPath, ... }:
+
+{
+  imports =
+    [ (modulesPath + "/profiles/qemu-guest.nix")
+    ];
+
+  boot.initrd.availableKernelModules = [ "ahci" "xhci_pci" "virtio_pci" "sr_mod" "virtio_blk" ];
+  boot.initrd.kernelModules = [ ];
+  boot.kernelModules = [ "kvm-intel" ];
+  boot.extraModulePackages = [ ];
+
+  fileSystems."/" =
+    { device = "UUID=301a23cf-1aa3-4c53-a174-1a97592da5fa";
+      fsType = "bcachefs";
+    };
+
+  fileSystems."/boot" =
+    { device = "/dev/disk/by-uuid/F594-E8DB";
+      fsType = "vfat";
+    };
+
+  swapDevices = [ ];
+
+  # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
+  # (the default) this is the recommended approach. When using systemd-networkd it's
+  # still possible to use this option, but it's recommended to use it in conjunction
+  # with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
+  networking.useDHCP = lib.mkDefault true;
+  # networking.interfaces.enp1s0.useDHCP = lib.mkDefault true;
+
+  nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
+}
diff --git a/modules/default.nix b/modules/default.nix
index 6b08ab0..96984cf 100644
--- a/modules/default.nix
+++ b/modules/default.nix
@@ -6,6 +6,7 @@ in {
     neovim = ./neovim;
     zsh = ./zsh.nix;
     ssh = ./ssh.nix;
+    mail = ./mail.nix;
   };
   global = {
     sway = sway.global;
diff --git a/modules/desktop/waybar/config b/modules/desktop/waybar/config
index 7976ffd..6fbe114 100644
--- a/modules/desktop/waybar/config
+++ b/modules/desktop/waybar/config
@@ -99,7 +99,7 @@
         "format-disconnected": "",
         "tooltip-format": "{ifname}: {ipaddr}",
         "tooltip-format-disconnected": "Disconnected",
-        "on-click": "xfce4-terminal -e 'nmtui'",
+//        "on-click": "xfce4-terminal -e 'nmtui'",
         "on-click-right": "wl-copy $(ip -json route get 8.8.8.8 | jq -r '.[].prefsrc')", // copy ip-address
     },
 
diff --git a/modules/mail.nix b/modules/mail.nix
new file mode 100644
index 0000000..b38ce35
--- /dev/null
+++ b/modules/mail.nix
@@ -0,0 +1,148 @@
+{
+  programs.thunderbird = {
+    enable = true;
+    profiles."nix" = {
+      isDefault = true;
+    };
+  };
+
+  accounts.email.accounts =
+  let
+    thunderbird = { enable = true; profiles = [ "nix" ]; };
+  in {
+    "ens" = {
+      primary = true;
+      inherit thunderbird;
+      address = "lubin.bailly@ens.psl.eu";
+      realName = "Lubin Bailly";
+      userName = "lbailly";
+      signature = {
+        delimiter = "--";
+        showSignature = "append";
+        text = "Lubin Bailly";
+      };
+      # passwordCommand
+      imap = {
+        host = "clipper.ens.psl.eu";
+        port = 993;
+        tls.enable = true;
+      };
+      smtp = {
+        host = "clipper.ens.psl.eu";
+        port = 465;
+        tls.enable = true;
+      };
+    };
+    "katmail" = {
+      inherit thunderbird;
+      address = "catvayor@katvayor.net";
+      realName = "catvayor";
+      userName = "catvayor@katvayor.net";
+      signature = {
+        delimiter = "--";
+        showSignature = "append";
+        text = "catvayor";
+      };
+      # passwordCommand
+      imap = {
+        host = "ssl0.ovh.net";
+        port = 993;
+        tls.enable = true;
+      };
+      smtp = {
+        host = "ssl0.ovh.net";
+        port = 465;
+        tls.enable = true;
+      };
+    };
+    "dgnum" = {
+      inherit thunderbird;
+      address = "catvayor@dgnum.eu";
+      realName = "catvayor";
+      userName = "catvayor@dgnum.eu";
+      signature = {
+        delimiter = "--";
+        showSignature = "append";
+        text = "catvayor";
+      };
+      # passwordCommand
+      imap = {
+        host = "kurisu.lahfa.xyz";
+        port = 993;
+        tls.enable = true;
+      };
+      smtp = {
+        host = "kurisu.lahfa.xyz";
+        port = 587;
+        tls.enable = true;
+        tls.useStartTls = true;
+      };
+    };
+    "gmail.geek" = {
+      inherit thunderbird;
+      address = "lubin.geek@gmail.com";
+      realName = "Lubin Bailly";
+      userName = "lubin.geek@gmail.com";
+      signature = {
+        delimiter = "--";
+        showSignature = "append";
+        text = "Lubin Bailly";
+      };
+      # passwordCommand
+      imap = {
+        host = "imap.gmail.com";
+        port = 993;
+        tls.enable = true;
+      };
+      smtp = {
+        host = "smtp.gmail.com";
+        port = 465;
+        tls.enable = true;
+      };
+    };
+    "gmail.pro" = {
+      inherit thunderbird;
+      address = "lubin.bailly@gmail.com";
+      realName = "Lubin Bailly";
+      userName = "lubin.bailly@gmail.com";
+      signature = {
+        delimiter = "--";
+        showSignature = "append";
+        text = "Lubin Bailly";
+      };
+      # passwordCommand
+      imap = {
+        host = "imap.gmail.com";
+        port = 993;
+        tls.enable = true;
+      };
+      smtp = {
+        host = "smtp.gmail.com";
+        port = 465;
+        tls.enable = true;
+      };
+    };
+    "laposte" = {
+      inherit thunderbird;
+      address = "lubin-bailly@laposte.net";
+      realName = "Lubin Bailly";
+      userName = "lubin-bailly";
+      signature = {
+        delimiter = "--";
+        showSignature = "append";
+        text = "Lubin Bailly";
+      };
+      # passwordCommand
+      imap = {
+        host = "imap.laposte.net";
+        port = 993;
+        tls.enable = true;
+      };
+      smtp = {
+        host = "smtp.laposte.net";
+        port = 465;
+        tls.enable = true;
+      };
+    };
+  };
+}
diff --git a/modules/ssh.nix b/modules/ssh.nix
index 8297ffc..3adc925 100644
--- a/modules/ssh.nix
+++ b/modules/ssh.nix
@@ -42,6 +42,20 @@
         hostname = "fregate";
         proxyJump = "sas.ens";
       };
+
+      "jourdan01.dgn" = {
+        user = "root";
+        hostname = "192.168.42.17";
+        proxyJump = "r86s.kat";
+      };
+      "jourdan01.netconf.dgn" = {
+        user = "dgnum";
+        hostname = "192.168.42.17";
+        proxyJump = "r86s.kat";
+        port = 830;
+        extraOptions.sessionType = "subsystem";
+        identityFile = "~/.ssh/juniper";
+      };
     };
   };
 }