feat(wpcarro/nixos): Support kyoko

Yet Another NixOS System Change-Id: I29590c5e7c2a651f3ef56642018649dddd9f06b6 Reviewed-on: https://cl.tvl.fyi/c/depot/+/7297 Reviewed-by: wpcarro <wpcarro@gmail.com> Tested-by: BuildkiteCI Reviewed-by: tazjin <tazjin@tvl.su> Autosubmit: wpcarro <wpcarro@gmail.com>
2022-11-14 09:51:51 -08:00 · 2022-11-14 09:51:51 -08:00 · 9166a9915a
commit 9166a9915a
parent 869b6897be
6 changed files with 282 additions and 0 deletions
--- a/ops/machines/all-systems.nix
+++ b/ops/machines/all-systems.nix
@ -20,6 +20,7 @@

 (with depot.users.wpcarro.nixos; [
  ava
+  kyoko
  marcus
  tarasco
 ])
--- a/users/wpcarro/nixos/default.nix
+++ b/users/wpcarro/nixos/default.nix
@ -4,6 +4,7 @@ let
  inherit (depot.users.wpcarro.nixos)
    ava
    diogenes
+    kyoko
    marcus
    tarasco;

@ -11,6 +12,7 @@ let
 in
 {
  avaSystem = systemFor ava;
+  kyokoSystem = systemFor kyoko;
  marcusSystem = systemFor marcus;
  tarascoSystem = systemFor ava;

@ -53,6 +55,7 @@ in

  meta.ci.targets = [
    "avaSystem"
+    "kyokoSystem"
    "marcusSystem"
    "tarascoSystem"
  ];
--- a/users/wpcarro/nixos/kyoko/default.nix
+++ b/users/wpcarro/nixos/kyoko/default.nix
@ -0,0 +1,153 @@
+{ depot, pkgs, lib, ... }:
+_:
+
+let
+  inherit (depot.users) wpcarro;
+  inherit (depot.users.wpcarro.lib) usermod;
+
+  wpcarrosEmacs = wpcarro.emacs.nixos {
+    load = [ ./kyoko.el ];
+  };
+
+  quasselClient = pkgs.quassel.override {
+    client = true;
+    enableDaemon = false;
+    monolithic = false;
+  };
+in
+{
+  imports = [
+    (usermod "hardware/dell-emc-egw-5200.nix")
+    (usermod "hadrian-cache.nix")
+  ];
+
+  # TVL's Nix binary cache
+  tvl.cache.enable = true;
+
+  # Hadrian's Nix binary cache.
+  hadrian.cache.enable = true;
+
+  nix.settings.trusted-users = [ "@wheel" ];
+
+  boot.loader.systemd-boot.enable = true;
+  boot.loader.efi.canTouchEfiVariables = true;
+
+  # Additionall exit node settings that Tailscale recommends.
+  networking.firewall.checkReversePath = "loose";
+
+  time.timeZone = "America/Los_Angeles";
+
+  networking = {
+    # The global useDHCP flag is deprecated, therefore explicitly set to false
+    # here.  Per-interface useDHCP will be mandatory in the future, so this
+    # generated config replicates the default behaviour.
+    useDHCP = false;
+    hostName = "kyoko";
+    networkmanager.enable = true;
+    interfaces.enp1s0.useDHCP = true;
+    interfaces.enp3s0.useDHCP = true;
+    interfaces.wlp2s0.useDHCP = true;
+  };
+
+  services = wpcarro.common.services // {
+    # Check the amount of available memory and free swap a few times per second
+    # and kill the largest process if both are below 10%.
+    earlyoom.enable = true;
+
+    tailscale.enable = true;
+
+    openssh.enable = true;
+
+    printing = {
+      enable = true;
+      drivers = with pkgs; [ gutenprint ];
+    };
+
+    xserver = {
+      enable = true;
+      layout = "us";
+      xkbOptions = "caps:escape";
+      displayManager = {
+        # Give EXWM permission to control the session (from tazjin's setup).
+        sessionCommands = "${pkgs.xorg.xhost}/bin/xhost +SI:localhost:$USER";
+        lightdm.enable = true;
+      };
+      windowManager.session = lib.singleton {
+        name = "exwm";
+        start = "${wpcarrosEmacs}/bin/wpcarros-emacs";
+      };
+    };
+  };
+
+  # Enable sound.
+  sound.enable = true;
+  hardware.pulseaudio.enable = true;
+
+  users.mutableUsers = true;
+  users.users.root.openssh.authorizedKeys.keys = with wpcarro.keys; [
+    iphone
+    nathan
+    tarasco
+  ];
+  users.users.wpcarro = {
+    initialPassword = "password";
+    isNormalUser = true;
+    extraGroups = [
+      "networkmanager"
+      "wheel"
+      "docker"
+    ];
+    shell = pkgs.fish;
+    openssh.authorizedKeys.keys = with wpcarro.keys; [
+      iphone
+      nathan
+      tarasco
+    ];
+  };
+  users.extraGroups.vboxusers.members = [ "wpcarro" ];
+
+  security.sudo.wheelNeedsPassword = false;
+
+  fonts = {
+    fonts = with pkgs; [
+      jetbrains-mono
+    ];
+
+    fontconfig = {
+      defaultFonts = {
+        monospace = [ "JetBrains Mono" ];
+      };
+    };
+  };
+
+  programs = wpcarro.common.programs // {
+    mosh.enable = true;
+  };
+
+  virtualisation.docker.enable = true;
+  virtualisation.virtualbox.host.enable = true;
+
+  environment.variables = {
+    EDITOR = "emacsclient";
+    ALTERNATE_EDITOR = "emacs -q -nw";
+    VISUAL = "emacsclient";
+  };
+
+  environment.systemPackages =
+    wpcarro.common.shell-utils ++
+    (with pkgs; [
+      alacritty
+      ec2-api-tools
+      firefox
+      google-chrome
+      httpie
+      pavucontrol
+      quasselClient
+      remmina
+      tdesktop
+      wpcarrosEmacs
+      xsecurelock
+    ]);
+
+  system.stateVersion = "21.11";
+}
--- a/users/wpcarro/nixos/kyoko/kyoko.el
+++ b/users/wpcarro/nixos/kyoko/kyoko.el
@ -0,0 +1,61 @@
+;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
+;; Dependencies
+;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
+
+(require 'bookmark)
+(require 'display)
+(require 'window-manager)
+
+;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
+;; Configuration
+;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
+
+(bookmark-install-kbd
+ (make-bookmark :label "hadrian"
+                :path "/hadrian"
+                :kbd "h"))
+
+(setq initial-buffer-choice "/hadrian")
+
+(add-to-list 'ssh-hosts "wpcarro@tarasco")
+
+(display-register primary
+                  :output "DP-2"
+                  :primary t
+                  :coords (0 0)
+                  :size (2560 1440)
+                  :rate 30.0
+                  :dpi 96
+                  :rotate normal)
+
+(display-register secondary
+                  :output "DP-1"
+                  :primary nil
+                  :coords (2561 0)
+                  :size (2560 1440)
+                  :rate 30.0
+                  :dpi 96
+                  :rotate normal)
+
+(display-arrangement main :displays (primary secondary))
+
+(setq window-manager-named-workspaces
+      (list (make-window-manager-named-workspace
+             :label "Web Browsing"
+             :kbd "c"
+             :display display-secondary)
+            (make-window-manager-named-workspace
+             :label "Coding I"
+             :kbd "1"
+             :display display-primary)
+            (make-window-manager-named-workspace
+             :label "Coding II"
+             :kbd "2"
+             :display display-primary)
+            (make-window-manager-named-workspace
+             :label "Chatting"
+             :kbd "h"
+             :display display-secondary)))
+
+;; I *think* this needs to be the last statement in this file.
+(window-manager-init :init-hook #'display-arrange-main)
--- a/users/wpcarro/nixos/modules/hadrian-cache.nix
+++ b/users/wpcarro/nixos/modules/hadrian-cache.nix
@ -0,0 +1,17 @@
+# If enabled, use Hadrian's Nix cache.
+{ config, lib, pkgs, ... }:
+
+{
+  options = {
+    hadrian.cache.enable = lib.mkEnableOption "Hadrian's binary cache";
+  };
+
+  config = lib.mkIf config.hadrian.cache.enable {
+    nix.settings.trusted-public-keys = [
+      "cache.hadrian.internal:XWdYSn5ZASj6IqZd4nnDBXJmahQEolBrtq9DvSe0UT0="
+    ];
+    nix.settings.substituters = [
+      "http://cache.hadrian.internal"
+    ];
+  };
+}
--- a/users/wpcarro/nixos/modules/hardware/dell-emc-egw-5200.nix
+++ b/users/wpcarro/nixos/modules/hardware/dell-emc-egw-5200.nix
@ -0,0 +1,47 @@
+# In a nutshell, this configuration defines the configuration required to run
+# NixOS on the Dell EMC EGW 5200 (often the config that NixOS put in
+# hardware.nix by default).
+{ config, lib, modulesPath, ... }:
+
+{
+  imports = [
+    (modulesPath + "/installer/scan/not-detected.nix")
+  ];
+
+  boot.initrd.availableKernelModules = [
+    "xhci_pci"
+    "ahci"
+    "usb_storage"
+    "usbhid"
+    "sd_mod"
+  ];
+  boot.initrd.kernelModules = [ ];
+  boot.kernelModules = [ "kvm-intel" ];
+  boot.extraModulePackages = [ ];
+  boot.loader.systemd-boot.enable = true;
+  boot.loader.efi.canTouchEfiVariables = true;
+
+  fileSystems."/" = {
+    device = "/dev/disk/by-label/NIXROOT";
+    fsType = "ext4";
+  };
+
+  fileSystems."/boot" = {
+    device = "/dev/disk/by-label/NIXBOOT";
+    fsType = "vfat";
+  };
+
+  swapDevices = [ ];
+
+  powerManagement.cpuFreqGovernor = lib.mkDefault "powersave";
+  hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
+
+  # Needed for Tailscale subnet routing
+  boot.kernel.sysctl."net.ipv4.ip_forward" = 1;
+  networking.useDHCP = false;
+  networking.interfaces.eno1.useDHCP = true;
+  networking.interfaces.enp3s0.useDHCP = true;
+  networking.interfaces.enp4s0.useDHCP = true;
+
+  system.stateVersion = "21.11";
+}