2021-04-10 18:05:16 +02:00
|
|
|
{ depot, lib, pkgs, ... }:
|
2020-06-11 13:21:00 +02:00
|
|
|
|
2022-01-30 17:06:58 +01:00
|
|
|
config:
|
|
|
|
let
|
2021-05-22 21:38:48 +02:00
|
|
|
inherit (pkgs) lieer;
|
2020-06-11 13:21:00 +02:00
|
|
|
|
2021-04-10 18:05:16 +02:00
|
|
|
quasselClient = pkgs.quassel.override {
|
2020-07-09 00:02:50 +02:00
|
|
|
client = true;
|
|
|
|
enableDaemon = false;
|
|
|
|
monolithic = false;
|
|
|
|
};
|
2022-01-30 17:06:58 +01:00
|
|
|
in
|
|
|
|
lib.fix (self: {
|
2020-06-11 13:21:00 +02:00
|
|
|
boot = {
|
2023-04-26 12:30:34 +02:00
|
|
|
tmp.useTmpfs = true;
|
2020-06-11 13:21:00 +02:00
|
|
|
kernelModules = [ "kvm-amd" ];
|
|
|
|
|
|
|
|
loader = {
|
|
|
|
systemd-boot.enable = true;
|
|
|
|
efi.canTouchEfiVariables = true;
|
|
|
|
};
|
|
|
|
|
|
|
|
initrd = {
|
2020-06-11 19:27:56 +02:00
|
|
|
luks.devices.frog-crypt.device = "/dev/disk/by-label/frog-crypt";
|
2020-06-11 13:21:00 +02:00
|
|
|
availableKernelModules = [ "xhci_pci" "ahci" "nvme" "usb_storage" "usbhid" "sd_mod" ];
|
|
|
|
kernelModules = [ "dm-snapshot" ];
|
|
|
|
};
|
|
|
|
|
2021-04-10 18:05:16 +02:00
|
|
|
kernelPackages = pkgs.linuxPackages_latest;
|
2020-06-11 13:21:00 +02:00
|
|
|
kernel.sysctl = {
|
2020-07-15 22:16:17 +02:00
|
|
|
"kernel.perf_event_paranoid" = -1;
|
2020-06-11 13:21:00 +02:00
|
|
|
};
|
2020-06-20 19:38:49 +02:00
|
|
|
|
2021-04-07 14:34:13 +02:00
|
|
|
# Enable this again if frog is put back into use ...
|
|
|
|
#
|
|
|
|
# kernelPatches = [
|
|
|
|
# depot.third_party.kernelPatches.trx40_usb_audio
|
|
|
|
# ];
|
2020-06-11 13:21:00 +02:00
|
|
|
};
|
|
|
|
|
|
|
|
hardware = {
|
2020-06-11 19:28:17 +02:00
|
|
|
cpu.amd.updateMicrocode = true;
|
|
|
|
enableRedistributableFirmware = true;
|
2024-08-24 16:39:55 +02:00
|
|
|
graphics = {
|
2020-06-11 19:28:17 +02:00
|
|
|
enable = true;
|
2024-08-24 16:39:55 +02:00
|
|
|
enable32Bit = true;
|
2020-06-11 19:28:17 +02:00
|
|
|
};
|
2020-07-21 21:12:28 +02:00
|
|
|
|
|
|
|
pulseaudio = {
|
|
|
|
enable = true;
|
2021-04-10 18:05:16 +02:00
|
|
|
package = pkgs.pulseaudioFull;
|
2020-07-21 21:12:28 +02:00
|
|
|
};
|
|
|
|
|
|
|
|
bluetooth = {
|
|
|
|
enable = true;
|
|
|
|
};
|
2020-06-11 13:21:00 +02:00
|
|
|
};
|
|
|
|
|
2022-08-25 14:54:32 +02:00
|
|
|
nix.settings = {
|
|
|
|
max-jobs = 48;
|
|
|
|
substituters = [ "ssh://nix-ssh@whitby.tvl.fyi" ];
|
2020-06-11 13:21:00 +02:00
|
|
|
};
|
|
|
|
|
|
|
|
networking = {
|
|
|
|
hostName = "frog";
|
2020-07-21 21:12:28 +02:00
|
|
|
useDHCP = true;
|
2020-06-11 13:21:00 +02:00
|
|
|
|
|
|
|
# Don't use ISP's DNS servers:
|
|
|
|
nameservers = [
|
|
|
|
"8.8.8.8"
|
|
|
|
"8.8.4.4"
|
|
|
|
];
|
|
|
|
|
|
|
|
firewall.enable = false;
|
|
|
|
};
|
|
|
|
|
|
|
|
# Generate an immutable /etc/resolv.conf from the nameserver settings
|
|
|
|
# above (otherwise DHCP overwrites it):
|
|
|
|
environment.etc."resolv.conf" = with lib; {
|
2021-04-10 18:05:16 +02:00
|
|
|
source = pkgs.writeText "resolv.conf" ''
|
2020-06-11 13:21:00 +02:00
|
|
|
${concatStringsSep "\n" (map (ns: "nameserver ${ns}") self.networking.nameservers)}
|
|
|
|
options edns0
|
|
|
|
'';
|
|
|
|
};
|
|
|
|
|
|
|
|
time.timeZone = "Europe/London";
|
|
|
|
|
|
|
|
fileSystems = {
|
|
|
|
"/".device = "/dev/disk/by-label/frog-root";
|
|
|
|
"/boot".device = "/dev/disk/by-label/BOOT";
|
|
|
|
"/home".device = "/dev/disk/by-label/frog-home";
|
|
|
|
};
|
|
|
|
|
|
|
|
# Configure user account
|
|
|
|
users.extraUsers.tazjin = {
|
2020-07-25 15:38:44 +02:00
|
|
|
extraGroups = [ "wheel" "audio" "docker" ];
|
2020-06-11 13:21:00 +02:00
|
|
|
isNormalUser = true;
|
|
|
|
uid = 1000;
|
2021-04-10 18:05:16 +02:00
|
|
|
shell = pkgs.fish;
|
2020-06-11 13:21:00 +02:00
|
|
|
};
|
|
|
|
|
|
|
|
security.sudo = {
|
|
|
|
enable = true;
|
|
|
|
extraConfig = "wheel ALL=(ALL:ALL) SETENV: ALL";
|
|
|
|
};
|
|
|
|
|
|
|
|
fonts = {
|
2024-02-26 12:43:05 +01:00
|
|
|
packages = with pkgs; [
|
2020-06-11 13:21:00 +02:00
|
|
|
corefonts
|
|
|
|
dejavu_fonts
|
|
|
|
jetbrains-mono
|
|
|
|
noto-fonts-cjk
|
|
|
|
noto-fonts-emoji
|
|
|
|
];
|
|
|
|
|
|
|
|
fontconfig = {
|
|
|
|
hinting.enable = true;
|
|
|
|
subpixel.lcdfilter = "light";
|
|
|
|
|
|
|
|
defaultFonts = {
|
|
|
|
monospace = [ "JetBrains Mono" ];
|
|
|
|
};
|
|
|
|
};
|
|
|
|
};
|
|
|
|
|
|
|
|
# Configure location (Vauxhall, London) for services that need it.
|
|
|
|
location = {
|
|
|
|
latitude = 51.4819109;
|
|
|
|
longitude = -0.1252998;
|
|
|
|
};
|
|
|
|
|
|
|
|
programs.fish.enable = true;
|
|
|
|
programs.ssh.startAgent = true;
|
|
|
|
|
|
|
|
services.redshift.enable = true;
|
|
|
|
services.openssh.enable = true;
|
|
|
|
services.fstrim.enable = true;
|
2020-07-21 21:12:28 +02:00
|
|
|
services.blueman.enable = true;
|
2020-06-11 13:21:00 +02:00
|
|
|
|
|
|
|
# Required for Yubikey usage as smartcard
|
|
|
|
services.pcscd.enable = true;
|
|
|
|
services.udev.packages = [
|
2021-04-10 18:05:16 +02:00
|
|
|
pkgs.yubikey-personalization
|
2020-06-11 13:21:00 +02:00
|
|
|
];
|
|
|
|
|
2020-07-25 15:38:44 +02:00
|
|
|
# Enable Docker for Nixery testing
|
|
|
|
virtualisation.docker = {
|
|
|
|
enable = true;
|
|
|
|
autoPrune.enable = true;
|
|
|
|
};
|
|
|
|
|
2020-06-11 13:21:00 +02:00
|
|
|
services.xserver = {
|
|
|
|
enable = true;
|
2024-02-26 12:43:05 +01:00
|
|
|
xkb.layout = "us";
|
|
|
|
xkb.options = "caps:super";
|
2020-06-11 13:21:00 +02:00
|
|
|
exportConfiguration = true;
|
2020-06-24 03:23:59 +02:00
|
|
|
videoDrivers = [ "amdgpu" ];
|
2020-06-11 13:21:00 +02:00
|
|
|
displayManager = {
|
|
|
|
# Give EXWM permission to control the session.
|
2021-04-10 18:05:16 +02:00
|
|
|
sessionCommands = "${pkgs.xorg.xhost}/bin/xhost +SI:localuser:$USER";
|
2020-06-11 13:21:00 +02:00
|
|
|
|
|
|
|
lightdm.enable = true;
|
|
|
|
lightdm.greeters.gtk.clock-format = "%H·%M"; # TODO(tazjin): TZ?
|
|
|
|
};
|
|
|
|
|
|
|
|
windowManager.session = lib.singleton {
|
|
|
|
name = "exwm";
|
2021-04-14 12:36:05 +02:00
|
|
|
start = "${depot.users.tazjin.emacs}/bin/tazjins-emacs";
|
2020-06-11 13:21:00 +02:00
|
|
|
};
|
|
|
|
};
|
|
|
|
|
|
|
|
# Do not restart the display manager automatically
|
|
|
|
systemd.services.display-manager.restartIfChanged = lib.mkForce false;
|
|
|
|
|
|
|
|
# clangd needs more than ~2GB in the runtime directory to start up
|
|
|
|
services.logind.extraConfig = ''
|
|
|
|
RuntimeDirectorySize=16G
|
|
|
|
'';
|
|
|
|
|
2020-06-12 00:47:58 +02:00
|
|
|
# Configure email setup
|
|
|
|
systemd.user.services.lieer-tazjin = {
|
|
|
|
description = "Synchronise mail@tazj.in via lieer";
|
|
|
|
script = "${lieer}/bin/gmi sync";
|
|
|
|
|
|
|
|
serviceConfig = {
|
|
|
|
WorkingDirectory = "%h/mail/account.tazjin";
|
|
|
|
Type = "oneshot";
|
|
|
|
};
|
|
|
|
};
|
|
|
|
|
|
|
|
systemd.user.timers.lieer-tazjin = {
|
|
|
|
wantedBy = [ "timers.target" ];
|
|
|
|
|
|
|
|
timerConfig = {
|
|
|
|
OnActiveSec = "1";
|
|
|
|
OnUnitActiveSec = "180";
|
|
|
|
};
|
|
|
|
};
|
|
|
|
|
2020-06-11 13:21:00 +02:00
|
|
|
environment.systemPackages =
|
|
|
|
# programs from the depot
|
|
|
|
(with depot; [
|
|
|
|
fun.idual.script
|
2020-06-15 20:29:19 +02:00
|
|
|
fun.uggc
|
2020-06-11 13:21:00 +02:00
|
|
|
lieer
|
|
|
|
ops.kontemplate
|
2020-07-09 00:02:50 +02:00
|
|
|
quasselClient
|
2020-06-11 13:21:00 +02:00
|
|
|
third_party.git
|
2020-06-26 20:55:48 +02:00
|
|
|
tools.nsfv-setup
|
2021-04-14 12:36:05 +02:00
|
|
|
users.tazjin.emacs
|
2020-06-11 13:21:00 +02:00
|
|
|
]) ++
|
|
|
|
|
|
|
|
# programs from nixpkgs
|
2021-04-10 18:05:16 +02:00
|
|
|
(with pkgs; [
|
2020-06-11 13:21:00 +02:00
|
|
|
age
|
|
|
|
bat
|
|
|
|
chromium
|
|
|
|
clang-manpages
|
2024-01-16 16:44:38 +01:00
|
|
|
clang-tools
|
|
|
|
clang
|
2020-06-11 13:21:00 +02:00
|
|
|
curl
|
|
|
|
direnv
|
|
|
|
dnsutils
|
2022-04-21 16:36:04 +02:00
|
|
|
emacs28 # mostly for emacsclient
|
2020-06-11 13:21:00 +02:00
|
|
|
fd
|
2020-06-23 00:46:21 +02:00
|
|
|
file
|
2020-07-13 18:20:39 +02:00
|
|
|
gdb
|
2020-06-11 13:21:00 +02:00
|
|
|
gnupg
|
|
|
|
go
|
|
|
|
google-chrome
|
|
|
|
google-cloud-sdk
|
|
|
|
htop
|
|
|
|
hyperfine
|
|
|
|
i3lock
|
2020-06-23 00:46:21 +02:00
|
|
|
iftop
|
2020-06-11 13:21:00 +02:00
|
|
|
imagemagick
|
|
|
|
jq
|
|
|
|
kubectl
|
|
|
|
linuxPackages.perf
|
2022-03-13 17:19:07 +01:00
|
|
|
man-pages
|
2020-06-11 13:21:00 +02:00
|
|
|
miller
|
|
|
|
msmtp
|
|
|
|
nix-prefetch-github
|
|
|
|
notmuch
|
2020-06-23 00:46:21 +02:00
|
|
|
obs-studio
|
2020-06-11 13:21:00 +02:00
|
|
|
openssh
|
|
|
|
openssl
|
|
|
|
pass
|
|
|
|
pavucontrol
|
2020-06-20 19:38:49 +02:00
|
|
|
pciutils
|
2020-06-11 13:21:00 +02:00
|
|
|
pinentry
|
|
|
|
pinentry-emacs
|
2020-06-23 00:46:21 +02:00
|
|
|
pmutils
|
2020-06-11 13:21:00 +02:00
|
|
|
pwgen
|
|
|
|
ripgrep
|
|
|
|
rustup
|
2020-08-01 16:11:16 +02:00
|
|
|
screen
|
2020-06-11 13:21:00 +02:00
|
|
|
spotify
|
|
|
|
tokei
|
2020-06-23 00:46:21 +02:00
|
|
|
transmission
|
2020-06-11 13:21:00 +02:00
|
|
|
tree
|
|
|
|
unzip
|
2020-06-20 19:38:49 +02:00
|
|
|
usbutils
|
2020-06-23 00:46:21 +02:00
|
|
|
v4l-utils
|
2020-06-11 13:21:00 +02:00
|
|
|
vlc
|
|
|
|
xclip
|
2020-08-01 16:11:16 +02:00
|
|
|
xsecurelock
|
2020-06-11 13:21:00 +02:00
|
|
|
yubico-piv-tool
|
|
|
|
yubikey-personalization
|
|
|
|
zoxide
|
2021-04-07 14:34:13 +02:00
|
|
|
|
|
|
|
# Commented out because of interim breakage:
|
|
|
|
# steam
|
|
|
|
# lutris
|
2020-06-11 13:21:00 +02:00
|
|
|
]);
|
|
|
|
|
|
|
|
# ... and other nonsense.
|
|
|
|
system.stateVersion = "20.03";
|
|
|
|
})
|