about summary refs log tree commit diff
path: root/ops/nixos/frog/default.nix
diff options
context:
space:
mode:
Diffstat (limited to 'ops/nixos/frog/default.nix')
-rw-r--r--ops/nixos/frog/default.nix254
1 files changed, 0 insertions, 254 deletions
diff --git a/ops/nixos/frog/default.nix b/ops/nixos/frog/default.nix
deleted file mode 100644
index 72b1c9ed3612..000000000000
--- a/ops/nixos/frog/default.nix
+++ /dev/null
@@ -1,254 +0,0 @@
-{ depot, lib, ... }:
-
-config: let
-  nixpkgs = import depot.third_party.nixpkgsSrc {
-    config.allowUnfree = true;
-  };
-
-  lieer = depot.third_party.lieer {};
-
-  # add google-c-style here because other machines get it from, eh,
-  # elsewhere.
-  frogEmacs = (depot.tools.emacs.overrideEmacs(epkgs: epkgs ++ [
-    depot.third_party.emacsPackages.google-c-style
-  ]));
-in depot.lib.fix(self: {
-  # TODO(tazjin): v4l2loopback
-
-  boot = {
-    tmpOnTmpfs = true;
-    kernelModules = [ "kvm-amd" ];
-
-    loader = {
-      systemd-boot.enable = true;
-      efi.canTouchEfiVariables = true;
-    };
-
-    initrd = {
-      luks.devices.frog-crypt.device = "/dev/disk/by-label/frog-crypt";
-      availableKernelModules = [ "xhci_pci" "ahci" "nvme" "usb_storage" "usbhid" "sd_mod" ];
-      kernelModules = [ "dm-snapshot" ];
-    };
-
-    kernelPackages = nixpkgs.linuxPackages_latest;
-    kernel.sysctl = {
-      "kernel.perf_event_paranoid" = 1;
-    };
-  };
-
-  hardware = {
-    cpu.amd.updateMicrocode = true;
-    enableRedistributableFirmware = true;
-    pulseaudio.enable = true;
-    u2f.enable = true;
-    opengl = {
-      enable = true;
-      driSupport = true;
-    };
-  };
-
-  nix = {
-    maxJobs = 48;
-    nixPath = [
-      "depot=/depot"
-      "nixpkgs=${depot.third_party.nixpkgsSrc}"
-    ];
-  };
-
-  nixpkgs.pkgs = nixpkgs;
-
-  networking = {
-    hostName = "frog";
-    useDHCP = false;
-    interfaces.enp67s0.useDHCP = true;
-
-    # Don't use ISP's DNS servers:
-    nameservers = [
-      "8.8.8.8"
-      "8.8.4.4"
-    ];
-
-    firewall.enable = false;
-  };
-
-  # Generate an immutable /etc/resolv.conf from the nameserver settings
-  # above (otherwise DHCP overwrites it):
-  environment.etc."resolv.conf" = with lib; {
-    source = depot.third_party.writeText "resolv.conf" ''
-      ${concatStringsSep "\n" (map (ns: "nameserver ${ns}") self.networking.nameservers)}
-      options edns0
-    '';
-  };
-
-  time.timeZone = "Europe/London";
-
-  fileSystems = {
-    "/".device = "/dev/disk/by-label/frog-root";
-    "/boot".device = "/dev/disk/by-label/BOOT";
-    "/home".device = "/dev/disk/by-label/frog-home";
-  };
-
-  # Configure user account
-  users.extraUsers.tazjin = {
-    extraGroups = [ "wheel" "audio" ];
-    isNormalUser = true;
-    uid = 1000;
-    shell = nixpkgs.fish;
-  };
-
-  security.sudo = {
-    enable = true;
-    extraConfig = "wheel ALL=(ALL:ALL) SETENV: ALL";
-  };
-
-  fonts = {
-    fonts = with nixpkgs; [
-      corefonts
-      dejavu_fonts
-      jetbrains-mono
-      noto-fonts-cjk
-      noto-fonts-emoji
-    ];
-
-    fontconfig = {
-      hinting.enable = true;
-      subpixel.lcdfilter = "light";
-
-      defaultFonts = {
-        monospace = [ "JetBrains Mono" ];
-      };
-    };
-  };
-
-  # Configure location (Vauxhall, London) for services that need it.
-  location = {
-    latitude = 51.4819109;
-    longitude = -0.1252998;
-  };
-
-  programs.fish.enable = true;
-  programs.ssh.startAgent = true;
-
-  services.redshift.enable = true;
-  services.openssh.enable = true;
-  services.fstrim.enable = true;
-
-  # Required for Yubikey usage as smartcard
-  services.pcscd.enable = true;
-  services.udev.packages = [
-    nixpkgs.yubikey-personalization
-  ];
-
-  services.xserver = {
-    enable = true;
-    layout = "us";
-    xkbOptions = "caps:super";
-    exportConfiguration = true;
-    displayManager = {
-      # Give EXWM permission to control the session.
-      sessionCommands = "${nixpkgs.xorg.xhost}/bin/xhost +SI:localuser:$USER";
-
-      lightdm.enable = true;
-      lightdm.greeters.gtk.clock-format = "%H·%M"; # TODO(tazjin): TZ?
-    };
-
-    windowManager.session = lib.singleton {
-      name = "exwm";
-      start = "${frogEmacs}/bin/tazjins-emacs";
-    };
-  };
-
-  # Do not restart the display manager automatically
-  systemd.services.display-manager.restartIfChanged = lib.mkForce false;
-
-  # clangd needs more than ~2GB in the runtime directory to start up
-  services.logind.extraConfig = ''
-    RuntimeDirectorySize=16G
-  '';
-
-  # Configure email setup
-  systemd.user.services.lieer-tazjin = {
-    description = "Synchronise mail@tazj.in via lieer";
-    script = "${lieer}/bin/gmi sync";
-
-    serviceConfig = {
-      WorkingDirectory = "%h/mail/account.tazjin";
-      Type = "oneshot";
-    };
-  };
-
-  systemd.user.timers.lieer-tazjin = {
-    wantedBy = [ "timers.target" ];
-
-    timerConfig = {
-      OnActiveSec = "1";
-      OnUnitActiveSec = "180";
-    };
-  };
-
-  environment.systemPackages =
-    # programs from the depot
-    (with depot; [
-      fun.idual.script
-      lieer
-      frogEmacs
-      ops.kontemplate
-      third_party.ffmpeg
-      third_party.git
-    ]) ++
-
-    # programs from nixpkgs
-    (with nixpkgs; [
-      age
-      bat
-      chromium
-      clang-manpages
-      clang-tools
-      clang_10
-      curl
-      direnv
-      dnsutils
-      emacs26 # mostly for emacsclient
-      exa
-      fd
-      gnupg
-      go
-      google-chrome
-      google-cloud-sdk
-      htop
-      hyperfine
-      i3lock
-      imagemagick
-      jq
-      kubectl
-      linuxPackages.perf
-      miller
-      msmtp
-      nix-prefetch-github
-      notmuch
-      openssh
-      openssl
-      pass
-      pavucontrol
-      pinentry
-      pinentry-emacs
-      pwgen
-      ripgrep
-      rr
-      rustup
-      scrot
-      spotify
-      steam
-      tokei
-      tree
-      unzip
-      vlc
-      xclip
-      yubico-piv-tool
-      yubikey-personalization
-      zoxide
-    ]);
-
-  # ... and other nonsense.
-  system.stateVersion = "20.03";
-})