feat(grfn/system): Resuscitate roswell
Resuscitate the configuration for roswell, the semi-portable configuration I use for ec2 development boxes. Lots of the changes here are trying to get Tramp working. Change-Id: I2dc2fd1d9aa76e145fa3f3f847af761cb652ab47 Reviewed-on: https://cl.tvl.fyi/c/depot/+/5798 Reviewed-by: grfn <grfn@gws.fyi> Autosubmit: grfn <grfn@gws.fyi> Tested-by: BuildkiteCI
This commit is contained in:
parent
fb22886165
commit
8851075c27
15 changed files with 164 additions and 54 deletions
|
@ -1,7 +1,7 @@
|
|||
{ pkgs, lib, config, ... }:
|
||||
|
||||
let
|
||||
laptopKeyboardId = "5";
|
||||
inherit (builtins) pathExists;
|
||||
in
|
||||
|
||||
{
|
||||
|
@ -11,7 +11,9 @@ in
|
|||
../modules/development.nix
|
||||
../modules/emacs.nix
|
||||
../modules/vim.nix
|
||||
];
|
||||
../modules/development/readyset.nix
|
||||
../modules/tmux.nix
|
||||
] ++ (lib.optional (pathExists ../modules/private.nix) ../modules/private.nix);
|
||||
|
||||
home.packages = with pkgs; [
|
||||
# System utilities
|
||||
|
@ -36,6 +38,12 @@ in
|
|||
nix-prefetch-github
|
||||
nix-review
|
||||
cachix
|
||||
|
||||
# ReadySet stuff
|
||||
nodejs
|
||||
mysql80
|
||||
|
||||
(writeShellScriptBin "xdg-open" "echo xdg-open: \"$@\"")
|
||||
];
|
||||
|
||||
programs.password-store.enable = true;
|
||||
|
|
|
@ -9,6 +9,8 @@ in
|
|||
imports = [
|
||||
../platforms/linux.nix
|
||||
../modules/common.nix
|
||||
../modules/desktop.nix
|
||||
../modules/development/agda.nix
|
||||
../modules/development/readyset.nix
|
||||
] ++ (lib.optional (pathExists ../modules/private.nix) ../modules/private.nix);
|
||||
|
||||
|
|
|
@ -1,6 +1,7 @@
|
|||
{ config, lib, pkgs, ... }:
|
||||
|
||||
# Everything in here needs to work on linux or darwin
|
||||
# Everything in here needs to work on linux or darwin, with or without a desktop
|
||||
# environment
|
||||
|
||||
{
|
||||
imports = [
|
||||
|
@ -55,6 +56,18 @@
|
|||
system=$(readlink -ef /tmp/mugwump)
|
||||
ssh mugwump sudo nix-env -p /nix/var/nix/profiles/system --set $system
|
||||
ssh mugwump sudo $system/bin/switch-to-configuration switch
|
||||
rm /tmp/mugwump
|
||||
'')
|
||||
(writeShellScriptBin "rebuild-roswell" ''
|
||||
set -eo pipefail
|
||||
cd ~/code/depot
|
||||
nix build -f . users.grfn.system.system.roswellSystem -o /tmp/roswell
|
||||
nix copy -f . users.grfn.system.system.roswellSystem \
|
||||
--to ssh://roswell
|
||||
system=$(readlink -ef /tmp/roswell)
|
||||
ssh roswell sudo nix-env -p /nix/var/nix/profiles/system --set $system
|
||||
ssh roswell sudo $system/bin/switch-to-configuration switch
|
||||
rm /tmp/roswell
|
||||
'')
|
||||
(writeShellScriptBin "rebuild-home" ''
|
||||
set -eo pipefail
|
||||
|
@ -95,7 +108,6 @@
|
|||
|
||||
"roswell" = {
|
||||
host = "roswell";
|
||||
hostname = "18.223.118.13";
|
||||
forwardAgent = true;
|
||||
};
|
||||
};
|
||||
|
|
29
users/grfn/system/home/modules/desktop.nix
Normal file
29
users/grfn/system/home/modules/desktop.nix
Normal file
|
@ -0,0 +1,29 @@
|
|||
{ config, lib, pkgs, ... }:
|
||||
|
||||
# Things that only work in the presence of a linux desktop environment
|
||||
|
||||
{
|
||||
imports = [
|
||||
./i3.nix
|
||||
./obs.nix
|
||||
./games.nix
|
||||
];
|
||||
|
||||
home.packages = with pkgs; [
|
||||
ntfy
|
||||
];
|
||||
|
||||
programs.zsh.initExtra = ''
|
||||
eval "$(${pkgs.ntfy}/bin/ntfy shell-integration)"
|
||||
'';
|
||||
|
||||
services.syncthing.tray.enable = true;
|
||||
|
||||
gtk = {
|
||||
enable = true;
|
||||
gtk3.bookmarks = [
|
||||
"file:///home/grfn/code"
|
||||
"file:///home/grfn/notes"
|
||||
];
|
||||
};
|
||||
}
|
|
@ -28,4 +28,11 @@
|
|||
programs.zsh.shellAliases = {
|
||||
"tf" = "terraform";
|
||||
};
|
||||
|
||||
home.file.".docker/config.json".text = builtins.toJSON {
|
||||
credHelpers = {
|
||||
"305232526136.dkr.ecr.us-east-2.amazonaws.com" = "ecr-login";
|
||||
"public.ecr.aws" = "ecr-login";
|
||||
};
|
||||
};
|
||||
}
|
||||
|
|
|
@ -100,10 +100,7 @@ in
|
|||
}
|
||||
(mkIf pkgs.stdenv.isLinux {
|
||||
# Notes
|
||||
services.syncthing = {
|
||||
enable = true;
|
||||
tray.enable = true;
|
||||
};
|
||||
services.syncthing.enable = true;
|
||||
})
|
||||
];
|
||||
}
|
||||
|
|
|
@ -62,10 +62,13 @@ with lib;
|
|||
in hm.dag.entryAfter ([ "writeBoundary" ] ++ after) ''
|
||||
$DRY_RUN_CMD mkdir -p $(dirname "${path}")
|
||||
if [[ ! -d ${path} ]]; then
|
||||
$DRY_RUN_CMD git clone "${repoURL}" "${path}"
|
||||
pushd ${path}
|
||||
$DRY_RUN_CMD ${onClone}
|
||||
popd
|
||||
if $DRY_RUN_CMD git clone "${repoURL}" "${path}"; then
|
||||
pushd ${path}
|
||||
$DRY_RUN_CMD ${onClone}
|
||||
popd
|
||||
else
|
||||
echo "Git repository ${path} failed to clone"
|
||||
fi
|
||||
fi
|
||||
'')
|
||||
config.grfn.impure.clonedRepos;
|
||||
|
|
|
@ -92,6 +92,10 @@ prompt_pure_nix_info() {
|
|||
}
|
||||
|
||||
prompt_pure_precmd() {
|
||||
if [[ "$TERM" == "dumb" ]]; then
|
||||
return
|
||||
fi
|
||||
|
||||
# shows the full path in the title
|
||||
print -Pn '\e]0;%~\a'
|
||||
|
||||
|
|
|
@ -68,7 +68,6 @@ in
|
|||
home.packages = with pkgs; [
|
||||
zsh
|
||||
autojump
|
||||
ntfy
|
||||
];
|
||||
|
||||
home.sessionVariables = {
|
||||
|
@ -133,6 +132,12 @@ in
|
|||
};
|
||||
}];
|
||||
|
||||
initExtraFirst = ''
|
||||
if [[ "$TERM" = "dumb" ]]; then
|
||||
return
|
||||
fi
|
||||
'';
|
||||
|
||||
initExtraBeforeCompInit = ''
|
||||
zstyle ':completion:*' completer _complete _ignored _correct _approximate
|
||||
zstyle ':completion:*' matcher-list \'\' 'm:{[:lower:]}={[:upper:]} m:{[:lower:][:upper:]}={[:upper:][:lower:]} r:|[._- :]=** r:|=**' 'l:|=* r:|=*'
|
||||
|
@ -145,33 +150,32 @@ in
|
|||
'';
|
||||
|
||||
initExtra = ''
|
||||
source ${./zshrc}
|
||||
source ${pkgs.fetchFromGitHub {
|
||||
owner = "zsh-users";
|
||||
repo = "zsh-syntax-highlighting";
|
||||
rev = "7678a8a22780141617f809002eeccf054bf8f448";
|
||||
sha256 = "0xh4fbd54kvwwpqvabk8lpw7m80phxdzrd75q3y874jw0xx1a9q6";
|
||||
}}/zsh-syntax-highlighting.zsh
|
||||
source ${pkgs.autojump}/share/autojump/autojump.zsh
|
||||
source ${pkgs.fetchFromGitHub {
|
||||
owner = "chisui";
|
||||
repo = "zsh-nix-shell";
|
||||
rev = "a65382a353eaee5a98f068c330947c032a1263bb";
|
||||
sha256 = "0l41ac5b7p8yyjvpfp438kw7zl9dblrpd7icjg1v3ig3xy87zv0n";
|
||||
}}/nix-shell.plugin.zsh
|
||||
if [[ "$TERM" != "dumb" ]]; then
|
||||
source ${./zshrc}
|
||||
source ${pkgs.fetchFromGitHub {
|
||||
owner = "zsh-users";
|
||||
repo = "zsh-syntax-highlighting";
|
||||
rev = "7678a8a22780141617f809002eeccf054bf8f448";
|
||||
sha256 = "0xh4fbd54kvwwpqvabk8lpw7m80phxdzrd75q3y874jw0xx1a9q6";
|
||||
}}/zsh-syntax-highlighting.zsh
|
||||
source ${pkgs.autojump}/share/autojump/autojump.zsh
|
||||
source ${pkgs.fetchFromGitHub {
|
||||
owner = "chisui";
|
||||
repo = "zsh-nix-shell";
|
||||
rev = "a65382a353eaee5a98f068c330947c032a1263bb";
|
||||
sha256 = "0l41ac5b7p8yyjvpfp438kw7zl9dblrpd7icjg1v3ig3xy87zv0n";
|
||||
}}/nix-shell.plugin.zsh
|
||||
|
||||
eval "$(${pkgs.ntfy}/bin/ntfy shell-integration)"
|
||||
|
||||
export RPS1=""
|
||||
autoload -U promptinit; promptinit
|
||||
prompt pure
|
||||
export RPS1=""
|
||||
autoload -U promptinit; promptinit
|
||||
prompt pure
|
||||
fi
|
||||
|
||||
if [[ "$TERM" == "dumb" ]]; then
|
||||
unsetopt zle
|
||||
unsetopt prompt_cr
|
||||
unsetopt prompt_subst
|
||||
unfunction precmd
|
||||
unfunction preexec
|
||||
unset zle_bracketed_paste
|
||||
export PS1='$ '
|
||||
fi
|
||||
'';
|
||||
|
|
42
users/grfn/system/home/modules/tmux.nix
Normal file
42
users/grfn/system/home/modules/tmux.nix
Normal file
|
@ -0,0 +1,42 @@
|
|||
{ config, lib, pkgs, ... }:
|
||||
|
||||
{
|
||||
programs.tmux = {
|
||||
enable = true;
|
||||
customPaneNavigationAndResize = true;
|
||||
keyMode = "vi";
|
||||
newSession = true;
|
||||
prefix = "C-a";
|
||||
shell = "${pkgs.zsh}/bin/zsh";
|
||||
shortcut = "a";
|
||||
|
||||
extraConfig = ''
|
||||
set -g status-bg "colour0"
|
||||
set -g message-command-fg "colour7"
|
||||
set -g status-justify "centre"
|
||||
set -g status-left-length "100"
|
||||
set -g status "on"
|
||||
set -g pane-active-border-fg "colour14"
|
||||
set -g message-bg "colour11"
|
||||
set -g status-right-length "100"
|
||||
set -g status-right-attr "none"
|
||||
set -g message-fg "colour7"
|
||||
set -g message-command-bg "colour11"
|
||||
set -g status-attr "none"
|
||||
# set -g status-utf8 "on"
|
||||
set -g pane-border-fg "colour11"
|
||||
set -g status-left-attr "none"
|
||||
setw -g window-status-fg "colour10"
|
||||
setw -g window-status-attr "none"
|
||||
setw -g window-status-activity-bg "colour0"
|
||||
setw -g window-status-activity-attr "none"
|
||||
setw -g window-status-activity-fg "colour14"
|
||||
setw -g window-status-separator ""
|
||||
setw -g window-status-bg "colour0"
|
||||
set -g status-left "#[fg=colour15,bg=colour14,bold] #S #[fg=colour14,bg=colour11,nobold,nounderscore,noitalics]#[fg=colour7,bg=colour11] #F #[fg=colour11,bg=colour0,nobold,nounderscore,noitalics]#[fg=colour10,bg=colour0] #W #[fg=colour0,bg=colour0,nobold,nounderscore,noitalics]"
|
||||
set -g status-right "#{battery_status_bg} Batt: #{battery_percentage} #{battery_remain} | #[fg=colour0,bg=colour0,nobold,nounderscore,noitalics]#[fg=colour10,bg=colour0] %a #[fg=colour11,bg=colour0,nobold,nounderscore,noitalics]#[fg=colour7,bg=colour11] %b %d %R #[fg=colour14,bg=colour11,nobold,nounderscore,noitalics]#[fg=colour15,bg=colour14] #H "
|
||||
setw -g window-status-format "#[fg=colour0,bg=colour0,nobold,nounderscore,noitalics]#[default] #I #W #[fg=colour0,bg=colour0,nobold,nounderscore,noitalics]"
|
||||
setw -g window-status-current-format "#[fg=colour0,bg=colour11,nobold,nounderscore,noitalics]#[fg=colour7,bg=colour11] #I #W #[fg=colour11,bg=colour0,nobold,nounderscore,noitalics]"
|
||||
'';
|
||||
};
|
||||
}
|
|
@ -15,8 +15,6 @@ in
|
|||
../modules/email.nix
|
||||
../modules/firefox.nix
|
||||
../modules/games.nix
|
||||
../modules/obs.nix
|
||||
../modules/i3.nix
|
||||
../modules/shell.nix
|
||||
../modules/tarsnap.nix
|
||||
../modules/vim.nix
|
||||
|
@ -77,15 +75,8 @@ in
|
|||
enable = true;
|
||||
};
|
||||
|
||||
gtk = {
|
||||
enable = true;
|
||||
gtk3.bookmarks = [
|
||||
"file:///home/grfn/code"
|
||||
];
|
||||
};
|
||||
|
||||
programs.zsh.initExtra = ''
|
||||
[[ ! $IN_NIX_SHELL ]] && alsi -l
|
||||
[[ ! $IN_NIX_SHELL && "$TERM" != "dumb" ]] && alsi -l
|
||||
'';
|
||||
|
||||
services.lorri.enable = true;
|
||||
|
|
|
@ -3,10 +3,13 @@
|
|||
{
|
||||
imports = [
|
||||
../modules/common.nix
|
||||
../modules/development.nix
|
||||
"${modulesPath}/installer/scan/not-detected.nix"
|
||||
"${modulesPath}/virtualisation/amazon-image.nix"
|
||||
];
|
||||
|
||||
system.stateVersion = "22.05";
|
||||
|
||||
ec2.hvm = true;
|
||||
|
||||
networking.hostName = "roswell";
|
||||
|
@ -14,4 +17,13 @@
|
|||
users.users.grfn.openssh.authorizedKeys.keys = [
|
||||
depot.users.grfn.keys.main
|
||||
];
|
||||
|
||||
boot.loader.systemd-boot.enable = lib.mkForce false;
|
||||
boot.loader.efi.canTouchEfiVariables = lib.mkForce false;
|
||||
|
||||
services.openssh.passwordAuthentication = false;
|
||||
|
||||
services.tailscale.enable = true;
|
||||
|
||||
security.sudo.wheelNeedsPassword = false;
|
||||
}
|
||||
|
|
|
@ -105,15 +105,6 @@
|
|||
systemd.services.fprintd.environment.FP_TOD_DRIVERS_DIR =
|
||||
"${pkgs.libfprint-2-tod1-goodix}/usr/lib/libfprint-2/tod-1";
|
||||
|
||||
security.pam.loginLimits = [
|
||||
{
|
||||
domain = "grfn";
|
||||
type = "soft";
|
||||
item = "nofile";
|
||||
value = "65535";
|
||||
}
|
||||
];
|
||||
|
||||
security.pam.services = {
|
||||
login.fprintAuth = true;
|
||||
sudo.fprintAuth = true;
|
||||
|
|
|
@ -55,7 +55,6 @@ with lib;
|
|||
"wheel"
|
||||
"networkmanager"
|
||||
"audio"
|
||||
"docker"
|
||||
];
|
||||
shell = pkgs.zsh;
|
||||
};
|
||||
|
|
|
@ -3,4 +3,13 @@
|
|||
{
|
||||
virtualisation.docker.enable = true;
|
||||
users.users.grfn.extraGroups = [ "docker" ];
|
||||
|
||||
security.pam.loginLimits = [
|
||||
{
|
||||
domain = "grfn";
|
||||
type = "soft";
|
||||
item = "nofile";
|
||||
value = "65535";
|
||||
}
|
||||
];
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue