Dandellion
/
dotfiles
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Compare commits

merge into: Dandellion:23.05
Branches Tags
Dandellion:master
Dandellion:23.05
...
pull from: Dandellion:master
Branches Tags
Dandellion:master
Dandellion:23.05

17 Commits
23.05 ... master

Author SHA1 Message Date
Daniel Olsen 3121abd968 publish soryu config 2024-08-17 03:58:06 +02:00
Daniel Olsen a6f2ac0868 move home-manager config to subdirectory 2024-08-17 03:17:40 +02:00
Daniel Olsen 08930ba021 nix flake update 2024-08-17 03:11:01 +02:00
Daniel Olsen 27c0add5cc 24.05 upgrade 2024-06-01 10:52:37 +02:00
Daniel Olsen da845c4d84 update flake.lock 2024-05-26 03:49:45 +02:00
Daniel Olsen 08c41e2162 georg volume control 2024-05-26 00:49:00 +02:00
Daniel Olsen f538623ac8 sign commits 2024-04-18 12:06:35 +02:00
Daniel Olsen 8ad9475f34 2024-04-18 2024-04-18 12:01:54 +02:00
Daniel Olsen 37f98443bf remove rnix-lsp 2024-03-20 11:43:32 +01:00
Daniel Olsen ae2a87ef23 disable qt theming to not rely on runtime libs 2024-03-20 11:02:33 +01:00
Daniel Olsen ea8a1c1136 disable geogebra, ia bad 2024-03-20 11:02:04 +01:00
Daniel Olsen 496ee9a993 osu on desktop 2024-03-20 11:01:41 +01:00
Daniel Olsen e791bda05e ubuntu-ai 2024-02-23 11:00:50 +01:00
Daniel Olsen 4143c41deb nix flake update 2023-12-19 09:37:42 +01:00
Daniel Olsen a070bbdd20 update flake.lock 2023-12-01 03:11:21 +01:00
Daniel Olsen a4b860a99e fix styles 2023-11-30 10:16:03 +01:00
Daniel Olsen 2a6a33e392 port to 23.11 2023-11-30 04:32:11 +01:00
32 changed files with 1230 additions and 37 deletions
Show Stats Expand all files Collapse all files

273
flake.lock
View File

@ -20,6 +20,55 @@
"url": "https://git.dodsorf.as/Dandellion/NUR.git" "url": "https://git.dodsorf.as/Dandellion/NUR.git"
} }
}, },
"dan_2": {
"inputs": {
"nixpkgs": [
"wack-server-conf",
"dandellion",
"unstable"
]
},
"locked": {
"lastModified": 1656687988,
"narHash": "sha256-2ywoy3wUvFAyxDTw7VPlz5TGh9mk/um2AWOjhJqJxNQ=",
"ref": "refs/heads/master",
"rev": "7e85f62e40cd585ce81fa1f3debd5385bb0cad03",
"revCount": 160,
"type": "git",
"url": "https://git.dodsorf.as/Dandellion/NUR.git"
},
"original": {
"type": "git",
"url": "https://git.dodsorf.as/Dandellion/NUR.git"
}
},
"dandellion": {
"inputs": {
"dan": "dan_2",
"home-manager": "home-manager_2",
"nixgl": "nixgl_2",
"nixpkgs": [
"wack-server-conf",
"nixpkgs"
],
"nur": "nur_2",
"unstable": "unstable_2"
},
"locked": {
"lastModified": 1699137267,
"narHash": "sha256-cBusl45B1nj9vpwYVLZamNYmSbHeama1IdWMlBl14Jo=",
"ref": "23.05",
"rev": "760228bcc60e27c94bb295106b7d470b0ebd9feb",
"revCount": 241,
"type": "git",
"url": "https://git.dodsorf.as/Dandellion/dotfiles.git"
},
"original": {
"ref": "23.05",
"type": "git",
"url": "https://git.dodsorf.as/Dandellion/dotfiles.git"
}
},
"flake-utils": { "flake-utils": {
"locked": { "locked": {
"lastModified": 1659877975, "lastModified": 1659877975,
@ -35,12 +84,92 @@
"type": "github" "type": "github"
} }
}, },
"flake-utils_2": {
"locked": {
"lastModified": 1659877975,
"narHash": "sha256-zllb8aq3YO3h8B/U0/J1WBgAL8EX5yWf5pMj3G0NAmc=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "c0e246b9b83f637f4681389ecabcb2681b4f3af0",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
},
"greg-clients": {
"inputs": {
"nixpkgs": [
"unstable"
]
},
"locked": {
"lastModified": 1722885417,
"narHash": "sha256-QTkl20cFfb5qWs8CN0HfsIp/67+N8pTTLfVaeu/i398=",
"ref": "refs/heads/master",
"rev": "cb292a56b1aa6fa0f220f91d8106fd978fe1e13a",
"revCount": 77,
"type": "git",
"url": "https://git.pvv.ntnu.no/Projects/grzegorz-clients"
},
"original": {
"type": "git",
"url": "https://git.pvv.ntnu.no/Projects/grzegorz-clients"
}
},
"home-manager": { "home-manager": {
"inputs": { "inputs": {
"nixpkgs": [ "nixpkgs": [
"nixpkgs" "nixpkgs"
] ]
}, },
"locked": {
"lastModified": 1720042825,
"narHash": "sha256-A0vrUB6x82/jvf17qPCpxaM+ulJnD8YZwH9Ci0BsAzE=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "e1391fb22e18a36f57e6999c7a9f966dc80ac073",
"type": "github"
},
"original": {
"owner": "nix-community",
"ref": "release-24.05",
"repo": "home-manager",
"type": "github"
}
},
"home-manager_2": {
"inputs": {
"nixpkgs": [
"wack-server-conf",
"dandellion",
"nixpkgs"
]
},
"locked": {
"lastModified": 1695108154,
"narHash": "sha256-gSg7UTVtls2yO9lKtP0yb66XBHT1Fx5qZSZbGMpSn2c=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "07682fff75d41f18327a871088d20af2710d4744",
"type": "github"
},
"original": {
"owner": "nix-community",
"ref": "release-23.05",
"repo": "home-manager",
"type": "github"
}
},
"home-manager_3": {
"inputs": {
"nixpkgs": [
"wack-server-conf",
"nixpkgs"
]
},
"locked": { "locked": {
"lastModified": 1695108154, "lastModified": 1695108154,
"narHash": "sha256-gSg7UTVtls2yO9lKtP0yb66XBHT1Fx5qZSZbGMpSn2c=", "narHash": "sha256-gSg7UTVtls2yO9lKtP0yb66XBHT1Fx5qZSZbGMpSn2c=",
@ -63,6 +192,29 @@
"nixpkgs" "nixpkgs"
] ]
}, },
"locked": {
"lastModified": 1713543440,
"narHash": "sha256-lnzZQYG0+EXl/6NkGpyIz+FEOc/DSEG57AP1VsdeNrM=",
"owner": "guibou",
"repo": "nixGL",
"rev": "310f8e49a149e4c9ea52f1adf70cdc768ec53f8a",
"type": "github"
},
"original": {
"owner": "guibou",
"repo": "nixGL",
"type": "github"
}
},
"nixgl_2": {
"inputs": {
"flake-utils": "flake-utils_2",
"nixpkgs": [
"wack-server-conf",
"dandellion",
"nixpkgs"
]
},
"locked": { "locked": {
"lastModified": 1685908677, "lastModified": 1685908677,
"narHash": "sha256-E4zUPEUFyVWjVm45zICaHRpfGepfkE9Z2OECV9HXfA4=", "narHash": "sha256-E4zUPEUFyVWjVm45zICaHRpfGepfkE9Z2OECV9HXfA4=",
@ -79,21 +231,52 @@
}, },
"nixpkgs": { "nixpkgs": {
"locked": { "locked": {
"lastModified": 1698942558, "lastModified": 1723688146,
"narHash": "sha256-/UmnB+mEd6Eg3mJBrAgqRcyZX//RSjHphcCO7Ig9Bpk=", "narHash": "sha256-sqLwJcHYeWLOeP/XoLwAtYjr01TISlkOfz+NG82pbdg=",
"owner": "nixos", "owner": "nixos",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "621f51253edffa1d6f08d5fce4f08614c852d17e", "rev": "c3d4ac725177c030b1e289015989da2ad9d56af0",
"type": "github" "type": "github"
}, },
"original": { "original": {
"owner": "nixos", "owner": "nixos",
"ref": "nixos-23.05", "ref": "nixos-24.05",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs-stable": {
"locked": {
"lastModified": 1698544399,
"narHash": "sha256-vhRmPyEyoPkrXF2iykBsWHA05MIaOSmMRLMF7Hul6+s=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "d87c5d8c41c9b3b39592563242f3a448b5cc4bc9",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "release-23.05",
"repo": "nixpkgs", "repo": "nixpkgs",
"type": "github" "type": "github"
} }
}, },
"nur": { "nur": {
"locked": {
"lastModified": 1723859387,
"narHash": "sha256-1a4zDw0wIH/7Yg0tvIusrkBAZlcQkpQBkqZtPYnBsCw=",
"owner": "nix-community",
"repo": "NUR",
"rev": "b43ecc46a848d0107b17091e2cd74cb442e28885",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "NUR",
"type": "github"
}
},
"nur_2": {
"locked": { "locked": {
"lastModified": 1699131694, "lastModified": 1699131694,
"narHash": "sha256-dKWORPD0ODREKihqCZqEqc1zJ3wACmoMmuf2BGg3DbE=", "narHash": "sha256-dKWORPD0ODREKihqCZqEqc1zJ3wACmoMmuf2BGg3DbE=",
@ -111,14 +294,54 @@
"root": { "root": {
"inputs": { "inputs": {
"dan": "dan", "dan": "dan",
"greg-clients": "greg-clients",
"home-manager": "home-manager", "home-manager": "home-manager",
"nixgl": "nixgl", "nixgl": "nixgl",
"nixpkgs": "nixpkgs", "nixpkgs": "nixpkgs",
"nur": "nur", "nur": "nur",
"unstable": "unstable" "unstable": "unstable",
"wack-server-conf": "wack-server-conf"
}
},
"sops-nix": {
"inputs": {
"nixpkgs": [
"wack-server-conf",
"nixpkgs"
],
"nixpkgs-stable": "nixpkgs-stable"
},
"locked": {
"lastModified": 1699021419,
"narHash": "sha256-oy2j2OHXYcckifASMeZzpmbDLSvobMGt0V/RvoDotF4=",
"owner": "Mic92",
"repo": "sops-nix",
"rev": "275b28593ef3a1b9d05b6eeda3ddce2f45f5c06f",
"type": "github"
},
"original": {
"owner": "Mic92",
"repo": "sops-nix",
"type": "github"
} }
}, },
"unstable": { "unstable": {
"locked": {
"lastModified": 1723703277,
"narHash": "sha256-nk0RaUB5f68BwtXAYy3WAjqFhVKqIl9Z89RGycTa2vk=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "8b908192e64224420e2d59dfd9b2e4309e154c5d",
"type": "github"
},
"original": {
"owner": "nixos",
"ref": "nixpkgs-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"unstable_2": {
"locked": { "locked": {
"lastModified": 1699094435, "lastModified": 1699094435,
"narHash": "sha256-YLZ5/KKZ1PyLrm2MO8UxRe4H3M0/oaYqNhSlq6FDeeA=", "narHash": "sha256-YLZ5/KKZ1PyLrm2MO8UxRe4H3M0/oaYqNhSlq6FDeeA=",
@ -133,6 +356,46 @@
"repo": "nixpkgs", "repo": "nixpkgs",
"type": "github" "type": "github"
} }
},
"unstable_3": {
"locked": {
"lastModified": 1698924604,
"narHash": "sha256-GCFbkl2tj8fEZBZCw3Tc0AkGo0v+YrQlohhEGJ/X4s0=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "fa804edfb7869c9fb230e174182a8a1a7e512c40",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"wack-server-conf": {
"inputs": {
"dandellion": "dandellion",
"home-manager": "home-manager_3",
"nixpkgs": [
"nixpkgs"
],
"sops-nix": "sops-nix",
"unstable": "unstable_3"
},
"locked": {
"lastModified": 1699656973,
"narHash": "sha256-csFw6I3dhPR9seG+mRnonlWCYm32mfLYb3Ga+vjS9Ak=",
"owner": "WackAttackCTF",
"repo": "wack-server-conf",
"rev": "77551a8f183a503653db3118a97f856af5301ec5",
"type": "github"
},
"original": {
"owner": "WackAttackCTF",
"repo": "wack-server-conf",
"type": "github"
}
} }
}, },
"root": "root", "root": "root",

30
flake.nix
View File

@ -1,13 +1,13 @@
{ {
description = "dandellion's home-manager profiles"; description = "dandellion's home-manager profiles";
nixConfig.extra-substituters = ["https://cache.dodsorf.as"]; # nixConfig.extra-substituters = ["https://cache.dodsorf.as"];
nixConfig.exta-trusted-public-keys = "cache.dodsorf.as:FYKGadXTyI2ax8mirBTOjEqS/8PZKAWxiJVOBjESQXc="; # nixConfig.exta-trusted-public-keys = "cache.dodsorf.as:FYKGadXTyI2ax8mirBTOjEqS/8PZKAWxiJVOBjESQXc=";
inputs = { inputs = {
nixpkgs.url = "github:nixos/nixpkgs/nixos-23.05"; nixpkgs.url = "github:nixos/nixpkgs/nixos-24.05";
home-manager.url = "github:nix-community/home-manager/release-23.05"; home-manager.url = "github:nix-community/home-manager/release-24.05";
home-manager.inputs.nixpkgs.follows = "nixpkgs"; home-manager.inputs.nixpkgs.follows = "nixpkgs";
unstable.url = "github:nixos/nixpkgs/nixpkgs-unstable"; unstable.url = "github:nixos/nixpkgs/nixpkgs-unstable";
@ -17,6 +17,12 @@
dan.url = "git+https://git.dodsorf.as/Dandellion/NUR.git"; #"git+https://git.dodsorf.as/Dandellion/NUR"; dan.url = "git+https://git.dodsorf.as/Dandellion/NUR.git"; #"git+https://git.dodsorf.as/Dandellion/NUR";
dan.inputs.nixpkgs.follows = "unstable"; dan.inputs.nixpkgs.follows = "unstable";
wack-server-conf.url = "github:WackAttackCTF/wack-server-conf";
wack-server-conf.inputs.nixpkgs.follows = "nixpkgs";
greg-clients.url = "git+https://git.pvv.ntnu.no/Projects/grzegorz-clients";
greg-clients.inputs.nixpkgs.follows = "unstable";
# helix.url = "github:helix-editor/helix"; # helix.url = "github:helix-editor/helix";
# helix.inputs.nixpkgs.follows = "unstable"; # helix.inputs.nixpkgs.follows = "unstable";
@ -60,8 +66,20 @@
// mkHomes [ "desktop" ] { username = "dan"; } // mkHomes [ "desktop" ] { username = "dan"; }
// mkHomes [ "pvv-terminal" ] { username = "danio"; homeDirectory = "/home/pvv/d/danio"; }; // mkHomes [ "pvv-terminal" ] { username = "danio"; homeDirectory = "/home/pvv/d/danio"; };
nixosConfigurations = {
soryu = nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
specialArgs = {
inherit inputs;
};
modules = [
./hosts/soryu/configuration.nix
];
};
};
nixosModules = { nixosModules = {
home-manager = nixlib.genAttrs allMachines (machine: import ./machines/${machine}.nix); home-manager = nixlib.genAttrs allMachines (machine: import ./home/machines/${machine}.nix);
}; };
overlays = [ overlays = [
@ -70,6 +88,8 @@
inherit (prev) system config; inherit (prev) system config;
}; };
dan = dan.packages.${prev.system}; dan = dan.packages.${prev.system};
grzegorz-clients = inputs.greg-clients.packages.${prev.system}.grzegorz-clients;
gregctl = inputs.greg-clients.packages.${prev.system}.grzegorzctl;
# helix = inputs.helix.packages.${prev.system}.helix; # helix = inputs.helix.packages.${prev.system}.helix;
}) })
nur.overlay nur.overlay

0
config.nix → home/config.nix
View File

4
machines/desktop.nix → home/machines/desktop.nix
View File

@ -19,4 +19,8 @@
profiles.zsh.enable = true; profiles.zsh.enable = true;
profiles.games.enable = true; profiles.games.enable = true;
home.packages = [
pkgs.unstable.osu-lazer
];
} }

0
machines/headless.nix → home/machines/headless.nix
View File

0
machines/laptop.nix → home/machines/laptop.nix
View File

0
machines/pvv-terminal.nix → home/machines/pvv-terminal.nix
View File

0
profiles/audio.nix → home/profiles/audio.nix
View File

31
profiles/base/default.nix → home/profiles/base/default.nix
View File

@ -44,8 +44,6 @@ in
nix-tree nix-tree
unstable.comma unstable.comma
rnix-lsp
openvpn openvpn
ldns ldns
@ -60,6 +58,9 @@ in
progress progress
file file
bintools
gh
tmux tmux
timewarrior timewarrior
@ -67,6 +68,8 @@ in
unzip unzip
p7zip p7zip
yt-dlp
parallel parallel
sshfs sshfs
jq jq
@ -74,13 +77,16 @@ in
ncdu ncdu
bat bat
exa eza
ripgrep ripgrep
gregctl
] ++ lib.optionals cfg.plus [ ] ++ lib.optionals cfg.plus [
ffmpeg-full ffmpeg-full
] ++ lib.optionals config.profiles.gui.enable [ ] ++ lib.optionals config.profiles.gui.enable [
mpv mpv
sxiv sxiv
gnome3.eog
dolphin dolphin
plasma5Packages.dolphin-plugins plasma5Packages.dolphin-plugins
@ -91,7 +97,7 @@ in
krename krename
konsole # https://bugs.kde.org/show_bug.cgi?id=407990 reeee konsole # https://bugs.kde.org/show_bug.cgi?id=407990 reeee
gnome3.gedit gedit
gimp gimp
] ++ lib.optionals (config.profiles.gui.enable && cfg.plus) [ ] ++ lib.optionals (config.profiles.gui.enable && cfg.plus) [
@ -110,7 +116,7 @@ in
mkvtoolnix mkvtoolnix
] ++ lib.optionals (config.profiles.gui.enable && (config ? nixpkgs && config.nixpkgs.config.allowUnfree) ) [ ] ++ lib.optionals (config.profiles.gui.enable && (config ? nixpkgs && config.nixpkgs.config.allowUnfree) ) [
geogebra # geogebra
]; ];
programs.firefox = { programs.firefox = {
@ -122,11 +128,11 @@ in
}; };
bookmarks = { bookmarks = {
"NixOS Options" = { "NixOS Options" = {
keyword = "no"; keyword = "nxo";
url = "https://search.nixos.org/options?query=%s"; url = "https://search.nixos.org/options?query=%s";
}; };
"NixOS Packages" = { "NixOS Packages" = {
keyword = "np"; keyword = "nxp";
url = "https://search.nixos.org/packages?query=%s"; url = "https://search.nixos.org/packages?query=%s";
}; };
"Home-Manager Options" = { "Home-Manager Options" = {
@ -134,7 +140,7 @@ in
url = "https://rycee.gitlab.io/home-manager/options.html#opt-%s"; url = "https://rycee.gitlab.io/home-manager/options.html#opt-%s";
}; };
}; };
extensions = with pkgs.nur.repos.rycee.firefox-addons; [ bitwarden cookies-txt metamask no-pdf-download sponsorblock ublock-origin ]; extensions = with pkgs.nur.repos.rycee.firefox-addons; [ cookies-txt no-pdf-download sponsorblock ublock-origin ];
}; };
}; };
}; };
@ -243,6 +249,9 @@ in
# }); # });
girt = pkgs.git-interactive-rebase-tool; girt = pkgs.git-interactive-rebase-tool;
in "${girt}/bin/interactive-rebase-tool"; in "${girt}/bin/interactive-rebase-tool";
branch.sort = "-committerdate";
gpg.format = "ssh";
user.signingKey = "~/.ssh/id_rsa.pub";
}; };
delta.enable = true; delta.enable = true;
}; };
@ -259,6 +268,11 @@ in
hostname = "desktop.daniel"; hostname = "desktop.daniel";
user = "dan"; user = "dan";
}; };
"ubuntu-ai" = {
hostname = "100.64.0.2";
port = 2222;
user = "daniel";
};
"laptop" = { "laptop" = {
hostname = "laptop.daniel"; hostname = "laptop.daniel";
user = "daniel"; user = "daniel";
@ -293,6 +307,7 @@ in
home.sessionVariables = { home.sessionVariables = {
EDITOR = "hx"; EDITOR = "hx";
GRZEGORZ_DEFAULT_API_BASE = "https://georg.pvv.ntnu.no/api";
}; };
xdg.mimeApps = { xdg.mimeApps = {

0
profiles/default.nix → home/profiles/default.nix
View File

1
profiles/games/default.nix → home/profiles/games/default.nix
View File

@ -25,7 +25,6 @@ in {
# warsow # warsow
# xonotic # xonotic
# zeroad # zeroad
unstable.osu-lazer
# nur.repos.ivar.sm64ex # nur.repos.ivar.sm64ex
# dolphinEmuMaster # dolphinEmuMaster

0
profiles/gui.nix → home/profiles/gui.nix
View File

0
profiles/non-nixos.nix → home/profiles/non-nixos.nix
View File

18
profiles/xsession/default.nix → home/profiles/xsession/default.nix
View File

@ -47,8 +47,6 @@ in
export XDG_CURRENT_DESKTOP=kde export XDG_CURRENT_DESKTOP=kde
export DESKTOP_SESSION=kde export DESKTOP_SESSION=kde
export QT_STYLE_OVERRIDE="breeze"
''; '';
windowManager = { windowManager = {
@ -71,6 +69,11 @@ in
"XF86AudioMute" = "exec --no-startup-id ${pkgs.pulseaudio}/bin/pactl set-sink-mute 0 toggle"; "XF86AudioMute" = "exec --no-startup-id ${pkgs.pulseaudio}/bin/pactl set-sink-mute 0 toggle";
"XF86AudioMicMute" = "exec --no-startup-id ${pkgs.pulseaudio}/bin/pactl set-source-mute 1 toggle"; "XF86AudioMicMute" = "exec --no-startup-id ${pkgs.pulseaudio}/bin/pactl set-source-mute 1 toggle";
# Georg volume controls
"Shift+XF86AudioRaiseVolume" = "exec --no-startup-id ${lib.getExe pkgs.gregctl} set-volume -- +5%";
"Shift+XF86AudioLowerVolume" = "exec --no-startup-id ${lib.getExe pkgs.gregctl} set-volume -- -5%";
"Shift+XF86AudioMute" = "exec --no-startup-id ${lib.getExe pkgs.gregctl} toggle";
"XF86MonBrightnessUp" = "exec --no-startup-id brightnessctl set +5%"; "XF86MonBrightnessUp" = "exec --no-startup-id brightnessctl set +5%";
"XF86MonBrightnessDown" = "exec --no-startup-id brightnessctl set 5%-"; "XF86MonBrightnessDown" = "exec --no-startup-id brightnessctl set 5%-";
@ -142,7 +145,7 @@ in
gtk = { gtk = {
enable = false; enable = true;
theme = { theme = {
package = pkgs.breeze-gtk; package = pkgs.breeze-gtk;
name = "Breeze"; name = "Breeze";
@ -152,11 +155,10 @@ in
name = "breeze"; name = "breeze";
}; };
}; };
qt = { # qt = {
enable = true; # enable = true;
#useGtkTheme = true; # platformTheme = "gtk";
platformTheme = "gtk"; # };
};
xsession.windowManager.command = lib.mkIf non-nixos.enable (lib.mkForce "${pkgs.nixgl.auto.nixGLDefault}/bin/nixGL ${config.xsession.windowManager.i3.package}/bin/i3"); xsession.windowManager.command = lib.mkIf non-nixos.enable (lib.mkForce "${pkgs.nixgl.auto.nixGLDefault}/bin/nixGL ${config.xsession.windowManager.i3.package}/bin/i3");

0
profiles/xsession/dunstrc.nix → home/profiles/xsession/dunstrc.nix
View File

0
profiles/xsession/polybar.nix → home/profiles/xsession/polybar.nix
View File

0
profiles/xsession/terminal.nix → home/profiles/xsession/terminal.nix
View File

10
profiles/zsh/default.nix → home/profiles/zsh/default.nix
View File

@ -12,7 +12,7 @@ in
programs.zsh = { programs.zsh = {
enable = true; enable = true;
dotDir = ".config/zsh"; dotDir = ".config/zsh";
enableAutosuggestions = true; autosuggestion.enable = true;
enableCompletion = true; enableCompletion = true;
history = { history = {
expireDuplicatesFirst = true; expireDuplicatesFirst = true;
@ -20,9 +20,9 @@ in
share = false; share = false;
}; };
shellAliases = { shellAliases = {
cat = "bat"; cat = "bat -pp";
ls = "exa"; ls = "eza";
tree = "exa -T"; tree = "eza -T";
df = "df -h"; df = "df -h";
sysu = "systemctl --user"; sysu = "systemctl --user";
@ -78,6 +78,8 @@ in
}; };
}; };
programs.zoxide.enable = true;
home.packages = lib.optionals (config.profiles.gui.enable && config ? nixpkgs) [ home.packages = lib.optionals (config.profiles.gui.enable && config ? nixpkgs) [
pkgs.dan.mesloNFp10k pkgs.dan.mesloNFp10k
]; ];

0
profiles/zsh/p10k.zsh → home/profiles/zsh/p10k.zsh
View File

0
scripts/dmenu_run_systemd → home/scripts/dmenu_run_systemd
View File

0
scripts/dmenuaudio → home/scripts/dmenuaudio
View File

0
scripts/dmenuunicode → home/scripts/dmenuunicode
View File

0
scripts/emojis.txt → home/scripts/emojis.txt
View File

14
hosts/soryu/0001-gnunet-fs-log.patch Normal file
View File

@ -0,0 +1,14 @@
diff --git a/src/fs/gnunet-service-fs.c b/src/fs/gnunet-service-fs.c
index 597e89e..aaade99 100644
--- a/src/fs/gnunet-service-fs.c
+++ b/src/fs/gnunet-service-fs.c
@@ -1234,7 +1234,8 @@ peer_init_handler (void *cls,
my_identity))
{
GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
- "Peer identity mismatch, refusing to start!\n");
+ "Peer identity mismatch, refusing to start! Core delivered %s.\n",
+ GNUNET_i2s (my_identity));
GNUNET_SCHEDULER_shutdown ();
}
}

40
hosts/soryu/ai.nix Normal file
View File

@ -0,0 +1,40 @@
{ config, lib, pkgs, ... }:
{
systemd.nspawn.ubuntu-ai = {
execConfig = {
Boot = true;
};
networkConfig = {
Private = false;
};
filesConfig = {
BindReadOnly = [
"/etc/resolv.conf:/etc/resolv.conf"
];
Bind = [
"/dev/dri:/dev/dri"
"/dev/kfd:/dev/kfd"
"/mnt/human/llama:/llama"
"/mnt/human/sd:/sd"
];
};
};
systemd.services."systemd-nspawn@ubuntu-ai" = {
environment = {
SYSTEMD_NSPAWN_TMPFS_TMP = "0";
};
serviceConfig = {
CPUQuota = "300%";
MemoryHigh = "14G";
MemoryMax = "15G";
MemorySwapMax = "25G";
ExecStart = "systemd-nspawn --quiet --keep-unit --boot --link-journal=try-guest --network-veth -U --settings=override --machine=%i -D /mnt/human/machines/ubuntu-ai";
};
# overrideStrategy = "asDropin";
};
}

231
hosts/soryu/configuration.nix Normal file
View File

@ -0,0 +1,231 @@
# Edit this configuration file to define what should be installed on
# your system. Help is available in the configuration.nix(5) man page
# and in the NixOS manual (accessible by running nixos-help).
{ config, lib, pkgs, ... }:
{
imports =
[ # Include the results of the hardware scan.
./hardware-configuration.nix
./tahoe.nix
./gnunet-module.nix
./wack.nix
./ai.nix
];
# programs.adb.enable = true;
systemd.enableEmergencyMode = false;
networking.hostName = "soryu";
networking.extraHosts = ''
127.0.0.1 modules-cdn.eac-prod.on.epicgames.com #Star Citizen EAC workaround
'';
# Star Citizen resource limits
boot.kernel.sysctl = {
"vm.max_map_count" = 16777216;
"fs.file-max" = 524288;
};
disabledModules = [
"services/network-filesystems/tahoe.nix"
"services/networking/gnunet.nix"
];
services.resolved.enable = true;
services.resolved.dnssec = "false";
services.gnome.gnome-keyring.enable = true;
# services.tahoe.nodes.pvv-danio-desktop = {
# settings = {
# storage.enabled = true;
# storage.storage_dir = "/mnt/human/tahoe-lafs/pvv";
# client."shares.total" = 10;
# client."shares.needed" = 4;
# client."shares.happy" = 1;
# };
# };
# services.gnunet = {
# enable = true;
# package = pkgs.callPackage ./gnunet.nix { };
# settings = {
# hostlist = {
# OPTIONS = "-b -e";
# SERVERS = "http://v15.gnunet.org/hostlist https://gnunet.io/hostlist";
# };
## nat = {
## BEHIND_NAT = "YES";
## ENABLE_UPNP = "NO";
## DISABLEV6 = "YES";
## };
# ats = {
# WAN_QUOTA_IN = "unlimited";
# WAN_QUOTA_OUT = "unlimited";
# };
# };
# };
ids.gids.gnunetdns = 327;
# services.gnunet = {
# enable = true;
# extraOptions = ''
# [hostlist]
# OPTIONS = -b -e
# SERVERS = http://v11.gnunet.org:58080/
# HTTPPORT = 8080
# HOSTLISTFILE = $SERVICEHOME/hostlists.file
# [arm]
# START_SYSTEM_SERVICES = YES
# START_USER_SERVICES = NO
# '';
# };
services.murmur = {
enable = true;
# registerName = "DODSORFAS";
welcometext = "Dans PC at singsaker smh backup mumble server";
};
# Use the systemd-boot EFI boot loader.
boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = true;
#boot.kernelParams = ["radeon.cik_support=0" "amdgpu.cik_support=1"];
boot.extraModulePackages = with config.boot.kernelPackages; [ v4l2loopback ];
boot.kernelPackages = pkgs.linuxPackages_latest;
boot.kernelModules = [ "kvm-intel" ];
programs.steam = {
enable = true;
remotePlay.openFirewall = false; # Open ports in the firewall for Steam Remote Play
dedicatedServer.openFirewall = false; # Open ports in the firewall for Source Dedicated Server
};
nixpkgs.config = {
allowUnfree = true;
};
services.tailscale.enable = true;
networking.firewall.interfaces."tailscale0" = let
all = { from = 0; to = 65535; };
in {
allowedUDPPortRanges = [ all ];
allowedTCPPortRanges = [ all ];
};
# Select internationalisation properties.
console.keyMap = "no-latin1";
time.timeZone = "Europe/Oslo";
# List packages installed in system profile. To search, run:
# $ nix search wget
environment.systemPackages = with pkgs; [
wget vim git
];
# Some programs need SUID wrappers, can be configured further or are
# started in user sessions.
# programs.mtr.enable = true;
# programs.gnupg.agent = { enable = true; enableSSHSupport = true; };
# List services that you want to enable:
# Enable the OpenSSH daemon.
services.openssh.enable = true;
# Open ports in the firewall.
# networking.firewall.allowedTCPPorts = [ ... ];
# networking.firewall.allowedUDPPorts = [ ... ];
# Or disable the firewall altogether.
networking.firewall.enable = true;
networking.firewall.allowedTCPPorts = [ 8000 6007 5001 config.services.murmur.port ];
networking.firewall.allowedUDPPorts = [ 5001 21977 config.services.murmur.port ];
# Enable CUPS to print documents.
# services.printing.enable = true;
security.rtkit.enable = true;
services.pipewire = {
enable = true;
alsa.enable = true;
alsa.support32Bit = true;
pulse.enable = true;
jack.enable = true;
};
# systemd.tmpfiles.rules = [
# "L+ /opt/rocm/hip - - - - ${pkgs.hip}"
# ];
hardware.opengl.driSupport = true;
hardware.opengl.driSupport32Bit = true;
hardware.opengl.extraPackages = with pkgs; [
libva
rocmPackages.clr.icd
];
# Enable the X11 windowing system.
services.xserver.enable = true;
services.xserver.layout = "no";
# services.xserver.xkbOptions = "eurosign:e";
services.xserver.displayManager.lightdm.enable = true;
services.xserver.videoDrivers = ["amdgpu"];
programs.zsh.enable = true;
virtualisation.docker.enable = true;
virtualisation.libvirtd.enable = true;
# networking.nameservers = lib.mkForce [ "192.168.0.25" ];
# services.ipfs.enable = true;
# services.ipfs.gatewayAddress = "/ip4/127.0.0.1/tcp/5002";
nix.trustedUsers = [ "dan" ];
nix.extraOptions = ''
experimental-features = nix-command flakes
'';
users.users.dan = {
isNormalUser = true;
uid = 1001;
shell = pkgs.zsh;
extraGroups = [ "wheel" "networkmanager" "docker" "video" "gnunet" "libvirtd" ];
initialPassword = "Abc123";
};
programs.dconf.enable = true;
services.dbus.packages = with pkgs; [ dconf ];
# This value determines the NixOS release with which your system is to be
# compatible, in order to avoid breaking some software such as database
# servers. You should change this only after NixOS release notes say you
# should.
system.stateVersion = "19.03"; # Did you read the comment?
}

109
hosts/soryu/gnunet-module.nix Normal file
View File

@ -0,0 +1,109 @@
{config, lib, pkgs, ...}:
let
cfg = config.services.gnunet;
format = pkgs.formats.ini { };
configFile = format.generate "gnunet-config.conf" cfg.settings;
in
{
options = {
services.gnunet = {
enable = lib.mkEnableOption "GNUnet daemon";
package = lib.mkPackageOption pkgs "gnunet" { };
settings = lib.mkOption {
type = lib.types.submodule {
freeformType = format.type;
options = {
transport-udp.PORT = lib.mkOption {
default = 2086;
type = lib.types.port;
description = "The UDP port for use by GNUnet.";
};
};
};
};
};
};
config = lib.mkIf cfg.enable {
users.users.gnunet = {
group = "gnunet";
description = "GNUnet User";
uid = config.ids.uids.gnunet;
};
users.groups.gnunet.gid = config.ids.gids.gnunet;
users.groups.gnunetdns.gid = config.ids.gids.gnunetdns;
# TODO: Avoid putting these in $PATH
security.wrappers = let
mkGnunetSuid = source: {
setuid = true;
owner = "root";
group = "gnunet";
permissions = "o+rx,o-w,g+rx,g-w,o-rwx";
inherit source;
};
helpers = b: "${cfg.package}/lib/gnunet/libexec/${b}";
in {
gnunet-helper-vpn = mkGnunetSuid (helpers "gnunet-helper-vpn");
# These don't exist
#gnunet-helper-transport-wlan = mkGnunetSuid (helpers "gnunet-helper-transport-wlan");
#gnunet-helper-transport-bluetooth = mkGnunetSuid (helpers "gnunet-helper-transport-bluetooth");
gnunet-helper-exit = mkGnunetSuid (helpers "gnunet-helper-exit");
gnunet-helper-nat-server = mkGnunetSuid (helpers "gnunet-helper-nat-server");
gnunet-helper-nat-client = mkGnunetSuid (helpers "gnunet-helper-nat-client");
# > The binary should then be owned by root and be in group "gnunetdns"
# > and be installed SUID and only be group-executable (2750).
# But logically it should be 4750
gnunet-helper-dns = {
setuid = true;
owner = "root";
group = "gnunetdns";
permissions = "o+rx,o-w,g+rx,g-w,o-rwx";
source = (helpers "gnunet-helper-dns");
};
gnunet-service-dns = {
setgid = true;
owner = "root";
group = "gnunetdns";
permissions = "o+rx,o-w,g-rwx,o-rwx";
source = (helpers "gnunet-service-dns");
};
};
services.gnunet.settings = {
arm = {
START_SYSTEM_SERVICES = lib.mkDefault "YES";
START_USER_SERVICES = lib.mkDefault "NO";
};
dns = {
BINARY = lib.mkDefault "/run/wrappers/bin/gnunet-service-dns";
};
PATHS = {
SUID_BINARY_PATH = lib.mkDefault "/run/wrappers/bin";
GNUNET_HOME = lib.mkDefault "/var/lib/gnunet";
GNUNET_RUNTIME_DIR = lib.mkDefault "/run/gnunet";
GNUNET_USER_RUNTIME_DIR = lib.mkDefault "/run/gnunet";
GNUNET_DATA_HOME = lib.mkDefault "/var/lib/gnunet/data";
};
};
systemd.services.gnunet = {
description = "GNUnet system deamon";
after = [ "network.target" ];
wantedBy = [ "multi-user.target" ];
path = [ cfg.package pkgs.miniupnpc ];
serviceConfig = {
ExecStart = "${cfg.package}/lib/gnunet/libexec/gnunet-service-arm -c ${configFile}";
User = "gnunet";
Group = "gnunet";
StateDirectory = "gnunet";
StateDirectoryMode = "0700";
WorkingDirectory = "/var/lib/gnunet";
RuntimeDirectory = "gnunet";
};
};
environment.systemPackages = [ cfg.package ];
};
}

82
hosts/soryu/gnunet.nix Normal file
View File

@ -0,0 +1,82 @@
{ lib, stdenv, fetchurl, adns, curlWithGnuTls, gettext, gmp, gnutls, libextractor
, libgcrypt, libgnurl, libidn, libmicrohttpd, libtool, libunistring
, makeWrapper, ncurses, pkg-config, libxml2, sqlite, zlib
, libpulseaudio, libopus, libogg, jansson, libsodium
, postgresqlSupport ? true, postgresql }:
stdenv.mkDerivation rec {
pname = "gnunet";
version = "0.19.4";
src = fetchurl {
url = "mirror://gnu/gnunet/${pname}-${version}.tar.gz";
sha256 = "sha256-AKY99AjVmH9bqaUEQfKncYK9n7MvHjAq5WOslOesAJs=";
};
patches = [
./0001-gnunet-fs-log.patch
];
enableParallelBuilding = true;
nativeBuildInputs = [ pkg-config libtool makeWrapper ];
buildInputs = [
adns curlWithGnuTls gmp gnutls libextractor libgcrypt libgnurl libidn
libmicrohttpd libunistring libxml2 ncurses gettext libsodium
sqlite zlib libpulseaudio libopus libogg jansson
] ++ lib.optional postgresqlSupport postgresql;
configureFlags = ["--enable-logging=verbose"];
preConfigure = ''
# Brute force: since nix-worker chroots don't provide
# /etc/{resolv.conf,hosts}, replace all references to `localhost'
# by their IPv4 equivalent.
find . \( -name \*.c -or -name \*.conf \) | \
xargs sed -ie 's|\<localhost\>|127.0.0.1|g'
# Make sure the tests don't rely on `/tmp', for the sake of chroot
# builds.
find . \( -iname \*test\*.c -or -name \*.conf \) | \
xargs sed -ie "s|/tmp|$TMPDIR|g"
sed -ie 's|@LDFLAGS@|@LDFLAGS@ $(Z_LIBS)|g' \
src/regex/Makefile.in \
src/fs/Makefile.in
'';
# unfortunately, there's still a few failures with impure tests
doCheck = false;
checkPhase = ''
export GNUNET_PREFIX="$out"
export PATH="$out/bin:$PATH"
make -k check
'';
meta = with lib; {
description = "GNU's decentralized anonymous and censorship-resistant P2P framework";
longDescription = ''
GNUnet is a framework for secure peer-to-peer networking that
does not use any centralized or otherwise trusted services. A
first service implemented on top of the networking layer
allows anonymous censorship-resistant file-sharing. Anonymity
is provided by making messages originating from a peer
indistinguishable from messages that the peer is routing. All
peers act as routers and use link-encrypted connections with
stable bandwidth utilization to communicate with each other.
GNUnet uses a simple, excess-based economic model to allocate
resources. Peers in GNUnet monitor each others behavior with
respect to resource usage; peers that contribute to the
network are rewarded with better service.
'';
homepage = "https://gnunet.org/";
license = licenses.agpl3Plus;
maintainers = with maintainers; [ pstn vrthra ];
platforms = platforms.gnu ++ platforms.linux;
changelog = "https://git.gnunet.org/gnunet.git/tree/ChangeLog?h=v${version}";
};
}

53
hosts/soryu/hardware-configuration.nix Normal file
View File

@ -0,0 +1,53 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }:
{
imports =
[ (modulesPath + "/installer/scan/not-detected.nix")
];
boot.initrd.availableKernelModules = [ "xhci_pci" "ehci_pci" "ahci" "usbhid" "sd_mod" ];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-intel" ];
boot.extraModulePackages = [ ];
fileSystems."/" =
{ device = "/dev/disk/by-uuid/ea6aa4dc-47bd-499c-8b51-c5d99a5a5a5e";
fsType = "ext4";
};
fileSystems."/boot" =
{ device = "/dev/disk/by-uuid/EE37-4B85";
fsType = "vfat";
};
fileSystems."/mnt/henning" =
{ device = "/dev/disk/by-uuid/0c16a107-fe7a-472e-881d-a28bc305988b";
fsType = "ext4";
};
fileSystems."/mnt/human" =
{ device = "/dev/disk/by-uuid/2d2b84b2-58b4-47a9-b328-cd4984927e48";
fsType = "ext4";
};
swapDevices =
[ { device = "/dev/disk/by-uuid/9969ac13-32c6-4f44-a706-cc810fe8339b"; }
];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's
# still possible to use this option, but it's recommended to use it in conjunction
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
networking.useDHCP = lib.mkDefault true;
# networking.interfaces.docker0.useDHCP = lib.mkDefault true;
# networking.interfaces.eno1.useDHCP = lib.mkDefault true;
# networking.interfaces.tailscale0.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
powerManagement.cpuFreqGovernor = lib.mkDefault "ondemand";
hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
# high-resolution display
}

293
hosts/soryu/tahoe.nix Normal file
View File

@ -0,0 +1,293 @@
{ config, lib, pkgs, ... }:
with lib;
let
cfg = config.services.tahoe;
format = pkgs.formats.ini { };
in
{
options.services.tahoe = {
introducers = mkOption {
default = {};
type = with types; attrsOf (submodule {
options = {
settings = mkOption {
type = types.submodule {
freeformType = format.type;
options = {
node.nickname = mkOption {
type = types.str;
description = "The nickname of this Tahoe introducer.";
};
node."tub.port" = mkOption {
default = 3458;
type = types.port;
description = "The port on which the introducer will listen.";
};
node."tub.location" = mkOption {
type = types.nullOr types.str;
description = ''
The external location that the introducer should listen on.
If specified, the port should be included.
'';
};
};
};
description = "Freeform settings for the introducer";
};
package = mkOption {
default = pkgs.tahoe-lafs;
defaultText = literalExpression "pkgs.tahoe-lafs";
type = types.package;
description = "The package to use for the Tahoe LAFS daemon.";
};
};
});
description = lib.mdDoc "The Tahoe introducers.";
};
nodes = mkOption {
default = {};
type = with types; attrsOf (submodule ({name, config, ...}: {
options = {
settings = mkOption {
type = types.submodule {
freeformType = format.type;
options = {
node.nickname = mkOption {
type = types.str;
description = "Value to display in management tools.";
default = name;
};
node."tub.port" = mkOption {
type = types.oneOf [ types.str types.port (types.enum [ "disabled" null ]) ];
description = "A twisted server endpoint specification for receiving connections from other nodes.";
example = "tcp:12345:interface=127.0.0.1";
default = 3457;
};
node."tub.location" = mkOption {
type = types.either types.str (types.enum [ "disabled" null ]);
description = "comma separated connection strings that can be reached publically.";
example = "tcp:mynode.example.com:3457,AUTO";
default = "AUTO";
};
node."web.port" = mkOption {
type = types.nullOr (types.either types.str types.port);
description = "Twisted strport specification for webui and REST-api.";
example = "tcp:3456:interface=127.0.0.1";
default = 3456;
};
client."shares.needed" = mkOption {
type = types.ints.between 1 256;
description = "Default amount of shares needed to reconstruct an uploaded file.";
default = 3;
};
client."shares.total" = mkOption {
type = types.ints.between 1 256;
description = "Default amount of shares a file is split into.";
default = 10;
};
client."shares.happy" = mkOption {
type = types.ints.positive;
description = ''
How spread out should your shares be.
Can be smaller than needed, but not more than amount of servers available.";
'';
default = 7;
};
client."mutable.format" = mkOption {
type = types.enum [ "sdmf" "mdmf" ];
description = ''
What format to save mutable files in.
SDMF is useful when some nodes on your network run an older version of Tahoe-LAFS.
MDMF supports inplace modification and streaming downloads.
'';
default = "sdmf";
};
storage.enabled = mkEnableOption "storage service";
storage.anonymous = mkOption {
type = types.bool;
description = "Whether to expose storage with just the FURL and no other authentication.";
default = true;
};
storage.reserved_space = mkOption {
type = types.str;
description = "The minimum amount of free disk space to keep.";
default = "1G";
};
helper.enabled = mkEnableOption "helper service";
sftpd.enabled = mkEnableOption "sftpd service";
sftpd.port = mkOption {
type = types.nullOr types.str;
description = "A twisted connection string to listen on for the sftpd service.";
example = "tcp:8022:interface=127.0.0.1";
default = null;
};
sftpd.host_pubkey_file = mkOption {
type = types.nullOr types.path;
description = "Path to ssh public key to use for the service.";
default = null;
};
sftpd.host_privkey_file = mkOption {
type = types.nullOr types.path;
description = "Path to ssh private key to use for the service.";
default = null;
};
};
};
description = "freeform options for a normal tahoe-lafs node";
};
client.introducersFile = mkOption {
type = types.nullOr types.path;
description = "Path to a secret file containing introducers, will be placed in private/introducers.yaml";
default = null;
};
client.helperFile = mkOption {
type = types.nullOr types.path;
description = "Secret file containing a furl to use as a helper.";
default = null;
};
sftpd.accountsFile = mkOption {
type = types.nullOr types.path;
description = "Path to the accounts file. Will be copied to private/accounts";
default = null;
};
package = mkOption {
default = pkgs.tahoe-lafs;
defaultText = literalExpression "pkgs.tahoelafs";
type = types.package;
description = lib.mdDoc ''
The package to use for the Tahoe LAFS daemon.
'';
};
};
}));
description = "The Tahoe nodes.";
};
};
config = mkMerge [
(mkIf (cfg.introducers != {}) {
environment = {
etc = flip mapAttrs' cfg.introducers (node: settings:
nameValuePair "tahoe-lafs/introducer-${node}.cfg" {
mode = "0444";
source = format.generate "tahoe-lafs-introducer" settings.settings;
});
# Actually require Tahoe, so that we will have it installed.
systemPackages = flip mapAttrsToList cfg.introducers (node: settings:
settings.package
);
};
systemd.services = flip mapAttrs' cfg.introducers (node: settings:
let
pidfile = "/run/tahoe.introducer-${node}.pid";
# This is a directory, but it has no trailing slash. Tahoe commands
# get antsy when there's a trailing slash.
nodedir = "/var/db/tahoe-lafs/introducer-${node}";
in nameValuePair "tahoe.introducer-${node}" {
description = "Tahoe LAFS node ${node}";
wantedBy = [ "multi-user.target" ];
path = [ settings.package ];
restartTriggers = [
config.environment.etc."tahoe-lafs/introducer-${node}.cfg".source ];
serviceConfig = {
Type = "simple";
PIDFile = pidfile;
# Believe it or not, Tahoe is very brittle about the order of
# arguments to $(tahoe run). The node directory must come first,
# and arguments which alter Twisted's behavior come afterwards.
ExecStart = ''
${settings.package}/bin/tahoe run ${lib.escapeShellArg nodedir} --pidfile=${lib.escapeShellArg pidfile}
'';
};
preStart = ''
if [ ! -d ${lib.escapeShellArg nodedir} ]; then
mkdir -p /var/db/tahoe-lafs
# See https://github.com/NixOS/nixpkgs/issues/25273
tahoe create-introducer \
--hostname="${config.networking.hostName}" \
${lib.escapeShellArg nodedir}
fi
# Tahoe has created a predefined tahoe.cfg which we must now
# scribble over.
# XXX I thought that a symlink would work here, but it doesn't, so
# we must do this on every prestart. Fixes welcome.
# rm ${nodedir}/tahoe.cfg
# ln -s /etc/tahoe-lafs/introducer-${node}.cfg ${nodedir}/tahoe.cfg
cp /etc/tahoe-lafs/introducer-"${node}".cfg ${lib.escapeShellArg nodedir}/tahoe.cfg
'';
});
users.users = flip mapAttrs' cfg.introducers (node: _:
nameValuePair "tahoe.introducer-${node}" {
description = "Tahoe node user for introducer ${node}";
isSystemUser = true;
group = "tahoe.introducer-${node}";
});
users.groups = flip mapAttrs' cfg.nodes (node: _:
nameValuePair "tahoe.introducer-${node}" { });
})
(mkIf (cfg.nodes != {}) {
environment = {
etc = flip mapAttrs' cfg.nodes (node: settings:
nameValuePair "tahoe-lafs/${node}.cfg" {
mode = "0444";
source = let placeholderFile = lib.pipe settings.settings [
(s: lib.recursiveUpdate
(lib.optionalAttrs (settings.client.helperFile != null) { client."helper.furl" = "@CLIENT_HELPER_FURL@"; })
s)
];
in format.generate "tahoe-lafs-node" placeholderFile;
});
# Actually require Tahoe, so that we will have it installed.
# systemPackages = flip mapAttrsToList cfg.nodes (node: settings:
# settings.package
# );
};
systemd.services = flip mapAttrs' cfg.nodes (node: settings:
let
pidfile = "/run/tahoe.${node}.pid";
# This is a directory, but it has no trailing slash. Tahoe commands
# get antsy when there's a trailing slash.
nodedir = "/var/db/tahoe-lafs/${node}";
in nameValuePair "tahoe.${node}" {
description = "Tahoe LAFS node ${node}";
wantedBy = [ "multi-user.target" ];
path = [ settings.package ];
restartTriggers = [
config.environment.etc."tahoe-lafs/${node}.cfg".source ];
serviceConfig = {
Type = "simple";
PIDFile = pidfile;
# Believe it or not, Tahoe is very brittle about the order of
# arguments to $(tahoe run). The node directory must come first,
# and arguments which alter Twisted's behavior come afterwards.
ExecStart = ''
${settings.package}/bin/tahoe run ${lib.escapeShellArg nodedir} --pidfile=${lib.escapeShellArg pidfile}
'';
};
preStart = ''
if [ ! -d ${lib.escapeShellArg nodedir} ]; then
mkdir -p /var/db/tahoe-lafs
tahoe create-node --hostname=localhost ${lib.escapeShellArg nodedir}
fi
cp /etc/tahoe-lafs/${lib.escapeShellArg node}.cfg ${lib.escapeShellArg nodedir}/tahoe.cfg
'' + lib.optionalString (settings.client.helperFile != null) ''
${pkgs.replace-secret}/bin/replace-secret '@CLIENT_HELPER_FURL@' ${settings.client.helperFile} ${lib.escapeShellArg nodedir}/tahoe.cfg
'' + lib.optionalString (settings.client.introducersFile != null) ''
cp "${config.settings.client.introducersFile}" ${lib.escapeShellArg nodedir}/private/introducers.yaml
'' + lib.optionalString (settings.sftpd.accountsFile != null) ''
cp "${config.settings.client.introducersFile}" ${lib.escapeShellArg nodedir}/private/accounts
'';
});
users.users = flip mapAttrs' cfg.nodes (node: _:
nameValuePair "tahoe.${node}" {
description = "Tahoe node user for node ${node}";
isSystemUser = true;
group = "tahoe.${node}";
});
users.groups = flip mapAttrs' cfg.nodes (node: _:
nameValuePair "tahoe.${node}" { });
})
];
}

72
hosts/soryu/wack.nix Normal file
View File

@ -0,0 +1,72 @@
{ config, lib, pkgs, inputs, ... }:
{
networking.firewall.allowedTCPPorts = [ 1337 ];
networking.nat.forwardPorts = [
{
destination = "${config.containers.ireul.hostAddress}:1337";
proto = "tcp";
sourcePort = 1337;
}
];
containers.ireul = {
bindMounts."/wordlists" = {
hostPath = "/mnt/human/wordlists";
isReadOnly = false;
};
privateNetwork = true;
hostAddress = "192.168.10.1";
localAddress = "192.168.10.2";
forwardPorts = [
{ containerPort = 1337;
hostPort = 1337;
protocol = "tcp";
}
];
bindMounts."/dev/dri" = {
hostPath = "/dev/dri";
isReadOnly = false;
};
bindMounts."/dev/kfd" = {
hostPath = "/dev/kfd";
isReadOnly = false;
};
bindMounts."/run/opengl-driver" = {
hostPath = "/run/opengl-driver";
isReadOnly = false;
};
allowedDevices = [
{ node = "/dev/dri/card0"; modifier = "rw"; }
{ node = "/dev/dri/renderD128"; modifier = "rw"; }
{ node = "/dev/kfd"; modifier = "rw"; }
];
config = { config, pkgs, ... }: {
services.openssh.enable = true;
services.openssh.ports = [ 1337 ];
environment.systemPackages = with pkgs; [
hashcat
hashcat-utils
john
kitty.terminfo
];
users.groups.video.members = builtins.attrNames config.users.users;
programs.zsh.enable = true;
imports = [ (inputs.wack-server-conf + /users/default.nix) ];
system.stateVersion = "23.05";
};
};
}

6
overlays/mumble.nix
View File

@ -1,6 +0,0 @@
self: super:
{
mumble = super.mumble.override (OldAttr: {
pulseSupport = true;
});
}