mdebray/tvl-depot
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
tvl-depot/users/tazjin/nixos/frog/default.nix
Vincent Ambo 6d3a9e7b5f feat(besadii): Implement support for Buildkite's post-command hook 
This hook is invoked by Buildkite (on the runner) after every build
stage. This change adds support in Besadii to run as this hook and
update the build status on a Gerrit CL.

Change-Id: Ie07a94d9b41645a77681cf42f6969d218abf93c1
Reviewed-on: https://cl.tvl.fyi/c/depot/+/761
Tested-by: BuildkiteCI
Reviewed-by: Kane York <rikingcoding@gmail.com>
2020-06-29 15:15:19 +00:00

289 lines
6.2 KiB
Nix
Raw Blame History

{ depot, lib, ... }:
config: let
nixpkgs = import depot.third_party.nixpkgsSrc {
config.allowUnfree = true;
};
lieer = depot.third_party.lieer {};
# add google-c-style here because other machines get it from, eh,
# elsewhere.
frogEmacs = (depot.users.tazjin.emacs.overrideEmacs(epkgs: epkgs ++ [
depot.third_party.emacsPackages.google-c-style
]));
# All Buildkite hooks are actually besadii, but it's being invoked
# with different names.
buildkiteHooks = depot.third_party.runCommandNoCC "buildkite-hooks" {} ''
mkdir -p $out/bin
ln -s ${depot.ops.besadii}/bin/besadii $out/bin/post-command
'';
in depot.lib.fix(self: {
imports = [
"${depot.depotPath}/ops/nixos/v4l2loopback.nix"
];
boot = {
tmpOnTmpfs = true;
kernelModules = [ "kvm-amd" ];
loader = {
systemd-boot.enable = true;
efi.canTouchEfiVariables = true;
};
initrd = {
luks.devices.frog-crypt.device = "/dev/disk/by-label/frog-crypt";
availableKernelModules = [ "xhci_pci" "ahci" "nvme" "usb_storage" "usbhid" "sd_mod" ];
kernelModules = [ "dm-snapshot" ];
};
kernelPackages = nixpkgs.linuxPackages_latest;
kernel.sysctl = {
"kernel.perf_event_paranoid" = 1;
};
kernelPatches = [
depot.third_party.kernelPatches.trx40_usb_audio
];
};
hardware = {
cpu.amd.updateMicrocode = true;
enableRedistributableFirmware = true;
pulseaudio.enable = true;
u2f.enable = true;
opengl = {
enable = true;
driSupport = true;
driSupport32Bit = true;
};
};
nix = {
maxJobs = 48;
nixPath = [
"depot=/depot"
"nixpkgs=${depot.third_party.nixpkgsSrc}"
];
};
nixpkgs.pkgs = nixpkgs;
networking = {
hostName = "frog";
useDHCP = false;
interfaces.enp67s0.useDHCP = true;
# Don't use ISP's DNS servers:
nameservers = [
"8.8.8.8"
"8.8.4.4"
];
firewall.enable = false;
};
# Generate an immutable /etc/resolv.conf from the nameserver settings
# above (otherwise DHCP overwrites it):
environment.etc."resolv.conf" = with lib; {
source = depot.third_party.writeText "resolv.conf" ''
${concatStringsSep "\n" (map (ns: "nameserver ${ns}") self.networking.nameservers)}
options edns0
'';
};
time.timeZone = "Europe/London";
fileSystems = {
"/".device = "/dev/disk/by-label/frog-root";
"/boot".device = "/dev/disk/by-label/BOOT";
"/home".device = "/dev/disk/by-label/frog-home";
};
# Configure user account
users.extraUsers.tazjin = {
extraGroups = [ "wheel" "audio" ];
isNormalUser = true;
uid = 1000;
shell = nixpkgs.fish;
};
security.sudo = {
enable = true;
extraConfig = "wheel ALL=(ALL:ALL) SETENV: ALL";
};
fonts = {
fonts = with nixpkgs; [
corefonts
dejavu_fonts
jetbrains-mono
noto-fonts-cjk
noto-fonts-emoji
];
fontconfig = {
hinting.enable = true;
subpixel.lcdfilter = "light";
defaultFonts = {
monospace = [ "JetBrains Mono" ];
};
};
};
# Configure location (Vauxhall, London) for services that need it.
location = {
latitude = 51.4819109;
longitude = -0.1252998;
};
programs.fish.enable = true;
programs.ssh.startAgent = true;
services.redshift.enable = true;
services.openssh.enable = true;
services.fstrim.enable = true;
# Required for Yubikey usage as smartcard
services.pcscd.enable = true;
services.udev.packages = [
nixpkgs.yubikey-personalization
];
services.xserver = {
enable = true;
layout = "us";
xkbOptions = "caps:super";
exportConfiguration = true;
videoDrivers = [ "amdgpu" ];
displayManager = {
# Give EXWM permission to control the session.
sessionCommands = "${nixpkgs.xorg.xhost}/bin/xhost +SI:localuser:$USER";
lightdm.enable = true;
lightdm.greeters.gtk.clock-format = "%H·%M"; # TODO(tazjin): TZ?
};
windowManager.session = lib.singleton {
name = "exwm";
start = "${frogEmacs}/bin/tazjins-emacs";
};
};
# Do not restart the display manager automatically
systemd.services.display-manager.restartIfChanged = lib.mkForce false;
# clangd needs more than ~2GB in the runtime directory to start up
services.logind.extraConfig = ''
RuntimeDirectorySize=16G
'';
# Configure email setup
systemd.user.services.lieer-tazjin = {
description = "Synchronise mail@tazj.in via lieer";
script = "${lieer}/bin/gmi sync";
serviceConfig = {
WorkingDirectory = "%h/mail/account.tazjin";
Type = "oneshot";
};
};
systemd.user.timers.lieer-tazjin = {
wantedBy = [ "timers.target" ];
timerConfig = {
OnActiveSec = "1";
OnUnitActiveSec = "180";
};
};
# Run a Buildkite agent for depot builds
services.buildkite-agents.frog = {
enable = true;
tokenPath = "/etc/secrets/buildkite-token";
hooks.post-command = "${buildkiteHooks}/bin/post-command";
};
environment.systemPackages =
# programs from the depot
(with depot; [
frogEmacs
fun.idual.script
fun.uggc
lieer
ops.kontemplate
third_party.ffmpeg
third_party.git
third_party.lutris
tools.nsfv-setup
]) ++
# programs from nixpkgs
(with nixpkgs; [
age
bat
chromium
clang-manpages
clang-tools
clang_10
curl
direnv
dnsutils
emacs26 # mostly for emacsclient
exa
fd
file
gnupg
go
google-chrome
google-cloud-sdk
htop
hyperfine
i3lock
iftop
imagemagick
jq
kubectl
linuxPackages.perf
manpages
miller
msmtp
nix-prefetch-github
notmuch
obs-studio
obs-v4l2sink
openssh
openssl
pass
pavucontrol
pciutils
pinentry
pinentry-emacs
pmutils
pwgen
ripgrep
rr
rustup
scrot
spotify
steam
tokei
transmission
tree
unzip
usbutils
v4l-utils
vlc
xclip
yubico-piv-tool
yubikey-personalization
zoxide
]);
# ... and other nonsense.
system.stateVersion = "20.03";
})
Reference in a new issue View git blame Copy permalink