diff options
Diffstat (limited to 'users/glittershark/system/system')
24 files changed, 0 insertions, 1037 deletions
diff --git a/users/glittershark/system/system/.skip-subtree b/users/glittershark/system/system/.skip-subtree deleted file mode 100644 index e69de29bb2..0000000000 --- a/users/glittershark/system/system/.skip-subtree +++ /dev/null diff --git a/users/glittershark/system/system/configuration.nix b/users/glittershark/system/system/configuration.nix deleted file mode 100644 index eae567015b..0000000000 --- a/users/glittershark/system/system/configuration.nix +++ /dev/null @@ -1,11 +0,0 @@ -{ config, pkgs, ... }: - -let machine = throw "Pick a machine from ./machines"; in -{ - imports = - [ - /etc/nixos/hardware-configuration.nix - ./modules/common.nix - machine - ]; -} diff --git a/users/glittershark/system/system/default.nix b/users/glittershark/system/system/default.nix deleted file mode 100644 index 6592eddc08..0000000000 --- a/users/glittershark/system/system/default.nix +++ /dev/null @@ -1,77 +0,0 @@ -args @ { depot, pkgs, ... }: - -rec { - chupacabra = import ./machines/chupacabra.nix; - - chupacabraSystem = (depot.third_party.nixos { - configuration = chupacabra; - }).system; - - mugwump = import ./machines/mugwump.nix; - - mugwumpSystem = (depot.third_party.nixos { - configuration = mugwump; - }).system; - - roswell = import ./machines/roswell.nix; - - roswellSystem = (depot.ops.nixos.nixosFor ({ ... }: { - imports = [ - ./machines/roswell.nix - "${pkgs.home-manager.src}/nixos" - ]; - - home-manager.users.grfn = { config, lib, ... }: { - imports = [ ../home/machines/roswell.nix ]; - lib.depot = depot; - _module.args.pkgs = lib.mkForce - (import pkgs.path - (lib.filterAttrs (n: v: v != null) config.nixpkgs)); - }; - })).system; - - yeren = import ./machines/yeren.nix; - - yerenSystem = (depot.ops.nixos.nixosFor yeren).system; - - iso = import ./iso.nix args; - - # Build chupacabra in CI - meta.targets = [ - "chupacabraSystem" - "mugwumpSystem" - "roswellSystem" - "yerenSystem" - - "iso" - ]; - - rebuilder = - let - depotPath = "/home/grfn/code/depot"; - - caseFor = hostname: '' - ${hostname}) - echo "Rebuilding NixOS for //users/glittershark/nixos/${hostname}" - system=$(nix-build -E '(import ${depotPath} {}).users.glittershark.system.system.${hostname}' --no-out-link) - ;; - ''; - in pkgs.writeShellScriptBin "rebuilder" '' - set -ue - if [[ $EUID -ne 0 ]]; then - echo "Oh no! Only root is allowed to rebuild the system!" >&2 - exit 1 - fi - - case $HOSTNAME in - ${caseFor "chupacabra"} - *) - echo "$HOSTNAME is not a known NixOS host!" >&2 - exit 1 - ;; - esac - - nix-env -p /nix/var/nix/profiles/system --set $system - $system/bin/switch-to-configuration switch - ''; -} diff --git a/users/glittershark/system/system/iso.nix b/users/glittershark/system/system/iso.nix deleted file mode 100644 index 256aee6a5e..0000000000 --- a/users/glittershark/system/system/iso.nix +++ /dev/null @@ -1,17 +0,0 @@ -{ depot, lib, pkgs, ... }: - -let - configuration = { ... }: { - imports = [ - "${pkgs.path}/nixos/modules/installer/cd-dvd/installation-cd-minimal-new-kernel.nix" - "${pkgs.path}/nixos/modules/installer/cd-dvd/channel.nix" - ]; - - networking.networkmanager.enable = true; - networking.useDHCP = false; - networking.firewall.enable = false; - networking.wireless.enable = lib.mkForce false; - }; -in (depot.third_party.nixos { - inherit configuration; -}).config.system.build.isoImage diff --git a/users/glittershark/system/system/machines/bumblebee.nix b/users/glittershark/system/system/machines/bumblebee.nix deleted file mode 100644 index 0fec214092..0000000000 --- a/users/glittershark/system/system/machines/bumblebee.nix +++ /dev/null @@ -1,23 +0,0 @@ -{ config, lib, pkgs, ... }: -{ - imports = [ - ../modules/reusable/battery.nix - ]; - - networking.hostName = "bumblebee"; - - powerManagement = { - enable = true; - cpuFreqGovernor = "powersave"; - powertop.enable = true; - }; - - # Hibernate on low battery - laptop.onLowBattery = { - enable = true; - action = "hibernate"; - thresholdPercentage = 5; - }; - - services.xserver.xkbOptions = "caps:swapescape"; -} diff --git a/users/glittershark/system/system/machines/chupacabra.nix b/users/glittershark/system/system/machines/chupacabra.nix deleted file mode 100644 index 974e3c34e3..0000000000 --- a/users/glittershark/system/system/machines/chupacabra.nix +++ /dev/null @@ -1,142 +0,0 @@ -{ config, lib, pkgs, ... }: - -{ - imports = [ - ../modules/common.nix - ../modules/laptop.nix - ../modules/tvl.nix - ../modules/fcitx.nix - ../modules/rtlsdr.nix - ../../../../../ops/modules/v4l2loopback.nix - ../modules/desktop.nix - ../modules/development.nix - ]; - - hardware.enableRedistributableFirmware = true; - - networking.hostName = "chupacabra"; - - powerManagement = { - enable = true; - powertop.enable = true; - cpuFreqGovernor = "powersave"; - }; - - laptop.onLowBattery = { - enable = true; - action = "hibernate"; - thresholdPercentage = 5; - }; - - boot = { - blacklistedKernelModules = [ "nouveau" "intel" ]; - extraModulePackages = [ ]; - - initrd = { - availableKernelModules = [ "xhci_pci" "ahci" "nvme" "usb_storage" "sd_mod" "rtsx_pci_sdmmc" ]; - kernelModules = [ ]; - - luks.devices = { - "cryptroot".device = "/dev/disk/by-uuid/c2fc7ce7-a45e-48a1-8cde-be966ef601db"; - "cryptswap".device = "/dev/disk/by-uuid/3b6e2fd4-bfe9-4392-a6e0-4f3b3b76e019"; - }; - }; - - kernelModules = [ "kvm-intel" ]; - kernelParams = [ "acpi_rev_override" ]; - - kernel.sysctl = { - "kernel.perf_event_paranoid" = -1; - "vm.swappiness" = 1; - }; - }; - - services.thermald.enable = true; - - hardware.cpu.intel.updateMicrocode = true; - - # Intel-only graphics - hardware.nvidiaOptimus.disable = true; - services.xserver.videoDrivers = [ "intel" ]; - - # Nvidia Optimus (hybrid) - currently not working - # services.xserver.videoDrivers = [ "intel" "nvidia" ]; - # boot.blacklistedKernelModules = [ "nouveau" "bbswitch" ]; - # boot.extraModulePackages = [ pkgs.linuxPackages.nvidia_x11 ]; - # hardware.bumblebee.enable = true; - # hardware.bumblebee.pmMethod = "none"; - - systemd.services.disable-usb-autosuspend = { - description = "Disable USB autosuspend"; - wantedBy = [ "multi-user.target" ]; - serviceConfig = { Type = "oneshot"; }; - unitConfig.RequiresMountsFor = "/sys"; - script = '' - echo -1 > /sys/module/usbcore/parameters/autosuspend - ''; - }; - - # From hardware-configuration.nix - - fileSystems."/" = - { device = "/dev/mapper/cryptroot"; - fsType = "ext4"; - }; - - fileSystems."/boot" = - { device = "/dev/disk/by-uuid/3492-9E3A"; - fsType = "vfat"; - }; - - swapDevices = - [ { device = "/dev/disk/by-uuid/caa7e2ff-475b-4024-b29e-4f88f733fc4c"; } - ]; - - # High-DPI console - console.font = lib.mkDefault "${pkgs.terminus_font}/share/consolefonts/ter-u28n.psf.gz"; - - # from nixos-hardware TODO sort this around - services.tlp.enable = true; - services.fstrim.enable = lib.mkDefault true; - - # Intel cpu stuff - hardware.opengl.extraPackages = with pkgs; [ - vaapiIntel - vaapiVdpau - libvdpau-va-gl - intel-media-driver - ]; - - services.udev.extraRules = '' - # UDEV rules for Teensy USB devices - ATTRS{idVendor}=="16c0", ATTRS{idProduct}=="04[789B]?", ENV{ID_MM_DEVICE_IGNORE}="1" - ATTRS{idVendor}=="16c0", ATTRS{idProduct}=="04[789A]?", ENV{MTP_NO_PROBE}="1" - SUBSYSTEMS=="usb", ATTRS{idVendor}=="16c0", ATTRS{idProduct}=="04[789ABCD]?", MODE:="0666" - KERNEL=="ttyACM*", ATTRS{idVendor}=="16c0", ATTRS{idProduct}=="04[789B]?", MODE:="0666" - ''; - - # Necessary to get steam working - hardware.opengl.driSupport32Bit = true; - - nix = { - maxJobs = lib.mkDefault 12; - binaryCaches = [ "ssh://grfn@172.16.0.5" ]; - trustedBinaryCaches = [ "ssh://grfn@172.16.0.5" ]; - buildMachines = [ - { - hostName = "172.16.0.4"; - sshUser = "griffin"; - sshKey = "/home/grfn/.ssh/id_rsa"; - system = "x86_64-darwin"; - maxJobs = 8; # 16 cpus - } - { - hostName = "172.16.0.3"; - sshUser = "griffin"; - sshKey = "/home/grfn/.ssh/id_rsa"; - system = "x86_64-darwin"; - maxJobs = 4; - } - ]; - }; -} diff --git a/users/glittershark/system/system/machines/mugwump.nix b/users/glittershark/system/system/machines/mugwump.nix deleted file mode 100644 index 77c4dda9a5..0000000000 --- a/users/glittershark/system/system/machines/mugwump.nix +++ /dev/null @@ -1,279 +0,0 @@ -{ config, lib, pkgs, modulesPath, ... }: - -with lib; - -{ - imports = [ - ../modules/common.nix - (modulesPath + "/installer/scan/not-detected.nix") - ]; - - networking.hostName = "mugwump"; - - boot = { - loader.systemd-boot.enable = true; - - kernelModules = [ "kvm-intel" ]; - extraModulePackages = [ ]; - - initrd = { - availableKernelModules = [ "xhci_pci" "ehci_pci" "ahci" "usb_storage" "usbhid" "sd_mod" ]; - kernelModules = [ - "uas" "usbcore" "usb_storage" "vfat" "nls_cp437" "nls_iso8859_1" - ]; - - postDeviceCommands = pkgs.lib.mkBefore '' - mkdir -m 0755 -p /key - sleep 2 - mount -n -t vfat -o ro `findfs UUID=9048-A9D5` /key - ''; - - luks.devices."cryptroot" = { - device = "/dev/disk/by-uuid/803a9028-339c-4617-a213-4fe138161f6d"; - keyFile = "/key/keyfile"; - preLVM = false; - }; - }; - }; - - fileSystems = { - "/" = { - device = "/dev/mapper/cryptroot"; - fsType = "btrfs"; - }; - "/boot" = { - device = "/dev/disk/by-uuid/7D74-0E4B"; - fsType = "vfat"; - }; - }; - - networking.interfaces = { - enp0s25.useDHCP = false; - wlp2s0.useDHCP = false; - }; - - networking.firewall.enable = true; - networking.firewall.allowedTCPPorts = [ 22 80 443 ]; - - security.sudo.extraRules = [{ - groups = ["wheel"]; - commands = [{ command = "ALL"; options = ["NOPASSWD"]; }]; - }]; - - nix.gc.dates = "monthly"; - - services.fail2ban = { - enable = true; - ignoreIP = [ - "172.16.0.0/16" - ]; - }; - - services.openssh = { - allowSFTP = false; - passwordAuthentication = false; - permitRootLogin = "no"; - }; - - services.grafana = { - enable = true; - port = 3000; - domain = "metrics.gws.fyi"; - rootUrl = "https://metrics.gws.fyi"; - dataDir = "/var/lib/grafana"; - analytics.reporting.enable = false; - - provision = { - enable = true; - datasources = [{ - name = "Prometheus"; - type = "prometheus"; - url = "http://localhost:9090"; - }]; - }; - }; - - security.acme.email = "root@gws.fyi"; - security.acme.acceptTerms = true; - - services.nginx = { - enable = true; - statusPage = true; - recommendedGzipSettings = true; - recommendedOptimisation = true; - recommendedTlsSettings = true; - - virtualHosts = { - "metrics.gws.fyi" = { - enableACME = true; - forceSSL = true; - locations."/" = { - proxyPass = "http://localhost:${toString config.services.grafana.port}"; - }; - }; - }; - }; - - services.ddclient = { - enable = true; - domains = [ "home.gws.fyi" ]; - interval = "1d"; - zone = "gws.fyi"; - protocol = "cloudflare"; - username = "root@gws.fyi"; - quiet = true; - }; - - systemd.services.ddclient.serviceConfig = { - EnvironmentFile = "/etc/secrets/cloudflare.env"; - DynamicUser = lib.mkForce false; - ExecStart = lib.mkForce ( - let runtimeDir = - config.systemd.services.ddclient.serviceConfig.RuntimeDirectory; - in pkgs.writeShellScript "ddclient" '' - set -eo pipefail - - ${pkgs.gnused}/bin/sed -i -s s/password=/password=$CLOUDFLARE_API_KEY/ /run/${runtimeDir}/ddclient.conf - exec ${pkgs.ddclient}/bin/ddclient \ - -file /run/${runtimeDir}/ddclient.conf \ - -login=$CLOUDFLARE_EMAIL \ - ''); - }; - - security.acme.certs."metrics.gws.fyi" = { - dnsProvider = "cloudflare"; - credentialsFile = "/etc/secrets/cloudflare.env"; - webroot = mkForce null; - }; - - services.prometheus = { - enable = true; - exporters = { - node = { - enable = true; - openFirewall = false; - - enabledCollectors = [ - "processes" - "systemd" - "tcpstat" - "wifi" - "textfile" - ]; - - extraFlags = [ - "--collector.textfile.directory=/var/lib/prometheus/node-exporter" - ]; - }; - - nginx = { - enable = true; - openFirewall = true; - sslVerify = false; - constLabels = [ "host=mugwump" ]; - }; - - blackbox = { - enable = true; - openFirewall = true; - configFile = pkgs.writeText "blackbox-exporter.yaml" (builtins.toJSON { - modules = { - https_2xx = { - prober = "http"; - http = { - method = "GET"; - fail_if_ssl = false; - fail_if_not_ssl = true; - preferred_ip_protocol = "ip4"; - }; - }; - }; - }); - }; - }; - - scrapeConfigs = [{ - job_name = "node"; - scrape_interval = "5s"; - static_configs = [{ - targets = ["localhost:${toString config.services.prometheus.exporters.node.port}"]; - }]; - } { - job_name = "nginx"; - scrape_interval = "5s"; - static_configs = [{ - targets = ["localhost:${toString config.services.prometheus.exporters.nginx.port}"]; - }]; - } { - job_name = "blackbox"; - metrics_path = "/probe"; - params.module = ["https_2xx"]; - scrape_interval = "5s"; - static_configs = [{ - targets = [ - "https://gws.fyi" - "https://windtunnel.ci" - "https://app.windtunnel.ci" - "https://metrics.gws.fyi" - ]; - }]; - relabel_configs = [{ - source_labels = ["__address__"]; - target_label = "__param_target"; - } { - source_labels = ["__param_target"]; - target_label = "instance"; - } { - target_label = "__address__"; - replacement = "localhost:${toString config.services.prometheus.exporters.blackbox.port}"; - }]; - }]; - }; - - systemd.services."prometheus-fail2ban-exporter" = { - wantedBy = [ "multi-user.target" ]; - after = [ "network.target" "fail2ban.service" ]; - serviceConfig = { - User = "root"; - Type = "oneshot"; - ExecStart = pkgs.writeShellScript "prometheus-fail2ban-exporter" '' - set -eo pipefail - mkdir -p /var/lib/prometheus/node-exporter - exec ${pkgs.python3.withPackages (p: [ - p.prometheus_client - ])}/bin/python ${pkgs.fetchurl { - url = "https://raw.githubusercontent.com/jangrewe/prometheus-fail2ban-exporter/11066950b47bb2dbef96ea8544f76e46ed829e81/fail2ban-exporter.py"; - sha256 = "049lsvw1nj65bbvp8ygyz3743ayzdawrbjixaxmpm03qbrcfmwc4"; - }} - ''; - }; - - path = with pkgs; [ fail2ban ]; - }; - - systemd.timers."prometheus-fail2ban-exporter" = { - wantedBy = [ "multi-user.target" ]; - timerConfig.OnCalendar = "minutely"; - }; - - virtualisation.docker.enable = true; - - services.buildkite-agents = listToAttrs (map (n: rec { - name = "mugwump-${toString n}"; - value = { - inherit name; - enable = true; - tokenPath = "/etc/secrets/buildkite-agent-token"; - privateSshKeyPath = "/etc/secrets/buildkite-ssh-key"; - runtimePackages = with pkgs; [ - docker - nix - gnutar - gzip - ]; - }; - }) (range 1 1)); - - users.users."buildkite-agent-mugwump-1".extraGroups = [ "docker" ]; - users.users."buildkite-agent-mugwump-2".extraGroups = [ "docker" ]; -} diff --git a/users/glittershark/system/system/machines/roswell.nix b/users/glittershark/system/system/machines/roswell.nix deleted file mode 100644 index 4b0cdec95d..0000000000 --- a/users/glittershark/system/system/machines/roswell.nix +++ /dev/null @@ -1,17 +0,0 @@ -{ depot, config, lib, pkgs, modulesPath, ... }: - -{ - imports = [ - ../modules/common.nix - "${modulesPath}/installer/scan/not-detected.nix" - "${modulesPath}/virtualisation/amazon-image.nix" - ]; - - ec2.hvm = true; - - networking.hostName = "roswell"; - - users.users.grfn.openssh.authorizedKeys.keys = [ - depot.users.glittershark.keys.main - ]; -} diff --git a/users/glittershark/system/system/machines/yeren.nix b/users/glittershark/system/system/machines/yeren.nix deleted file mode 100644 index 7bb06716f7..0000000000 --- a/users/glittershark/system/system/machines/yeren.nix +++ /dev/null @@ -1,125 +0,0 @@ -{ depot, modulesPath, config, lib, pkgs, ... }: - -{ - imports = [ - (modulesPath + "/installer/scan/not-detected.nix") - ../modules/common.nix - ../modules/laptop.nix - ../modules/xserver.nix - ../modules/fonts.nix - ../modules/sound.nix - ../modules/tvl.nix - ../modules/development.nix - ../modules/work/kolide.nix - ]; - - networking.hostName = "yeren"; - - system.stateVersion = "21.03"; - - boot = { - initrd = { - availableKernelModules = [ "xhci_pci" "thunderbolt" "nvme" "usb_storage" "sd_mod" "rtsx_pci_sdmmc" ]; - kernelModules = [ ]; - - luks.devices = { - "cryptroot".device = "/dev/disk/by-uuid/dcfbc22d-e0d2-411b-8dd3-96704d3aae2e"; - "cryptswap".device = "/dev/disk/by-uuid/48b8a8fd-559c-4759-a617-56f221cfaaec"; - }; - }; - - kernelPackages = pkgs.linuxPackages_latest; - - kernelModules = [ "kvm-intel" ]; - blacklistedKernelModules = [ "psmouse" ]; - extraModulePackages = [ - config.boot.kernelPackages.digimend - ]; - kernelParams = [ - "i915.preliminary_hw_support=1" - ]; - - # https://bbs.archlinux.org/viewtopic.php?pid=1933643#p1933643 - extraModprobeConfig = '' - options snd-intel-dspcfg dsp_driver=1 - ''; - }; - - fileSystems = { - "/" = { - device = "/dev/mapper/cryptroot"; - fsType = "btrfs"; - }; - - "/boot" = { - device = "/dev/disk/by-uuid/53A9-248B"; - fsType = "vfat"; - }; - }; - - swapDevices = [{ device = "/dev/mapper/cryptswap"; }]; - - services.xserver = { - exportConfiguration = true; - extraConfig = '' - Section "Device" - Identifier "Intel Graphics" - Driver "intel" - Option "TripleBuffer" "true" - Option "TearFree" "true" - Option "DRI" "true" - Option "AccelMethod" "sna" - EndSection - ''; - }; - - hardware.firmware = with pkgs; [ - alsa-firmware - sof-firmware - ]; - - hardware.opengl.extraPackages = with pkgs; [ - vaapiIntel - vaapiVdpau - libvdpau-va-gl - intel-media-driver - ]; - - services.fprintd = { - enable = true; - package = pkgs.fprintd-tod; - }; - - systemd.services.fprintd.environment.FP_TOD_DRIVERS_DIR = - "${pkgs.libfprint-2-tod1-goodix}/usr/lib/libfprint-2/tod-1"; - - security.pam.loginLimits = [ - { - domain = "grfn"; - type = "soft"; - item = "nofile"; - value = "65535"; - } - ]; - - security.pam.services = { - login.fprintAuth = true; - sudo.fprintAuth = true; - i3lock.fprintAuth = false; - i3lock-color.fprintAuth = false; - lightdm.fprintAuth = true; - lightdm-greeter.fprintAuth = true; - }; - - hardware.opengl.driSupport32Bit = true; - - hardware.pulseaudio.extraConfig = '' - load-module module-remap-source source_name=KompleteAudio6_1 source_properties=device.description=KompleteAudio6Input1 master=alsa_input.usb-Native_Instruments_Komplete_Audio_6_458E0FFD-00.multichannel-input remix=no channels=1 master_channel_map=front-left channel_map=mono - load-module module-remap-source source_name=KompleteAudio6_2 source_properties=device.description=KompleteAudio6Input2 master=alsa_input.usb-Native_Instruments_Komplete_Audio_6_458E0FFD-00.multichannel-input remix=no channels=1 master_channel_map=front-right channel_map=mono - load-module module-remap-sink sink_name=KompleteAudio6_12 sink_properties=device.description=KompleteAudio6_12 remix=no master=alsa_output.usb-Native_Instruments_Komplete_Audio_6_458E0FFD-00.analog-surround-21 channels=2 master_channel_map=front-left,front-right channel_map=front-left,front-right - ''; - - services.fwupd.enable = true; - - services.tailscale.enable = true; -} diff --git a/users/glittershark/system/system/modules/common.nix b/users/glittershark/system/system/modules/common.nix deleted file mode 100644 index 0eab590660..0000000000 --- a/users/glittershark/system/system/modules/common.nix +++ /dev/null @@ -1,78 +0,0 @@ -{ config, lib, pkgs, ... }: - -let - - depot = import ../../../../.. {}; - -in - -with lib; - -{ - boot.loader.systemd-boot.enable = true; - boot.loader.efi.canTouchEfiVariables = true; - - networking.useDHCP = false; - networking.networkmanager.enable = true; - - i18n = { - defaultLocale = "en_US.UTF-8"; - }; - - time.timeZone = "America/New_York"; - - environment.systemPackages = with pkgs; [ - wget - vim - zsh - git - w3m - libnotify - file - lm_sensors - dnsutils - depot.users.glittershark.system.system.rebuilder - htop - ]; - - services.openssh.enable = true; - - programs.ssh.startAgent = true; - - networking.firewall.enable = mkDefault false; - - users.mutableUsers = true; - programs.zsh.enable = true; - environment.pathsToLink = [ "/share/zsh" ]; - users.users.grfn = { - isNormalUser = true; - initialPassword = "password"; - extraGroups = [ - "wheel" - "networkmanager" - "audio" - "docker" - ]; - shell = pkgs.zsh; - }; - - nixpkgs.config.allowUnfree = true; - - nix = { - trustedUsers = [ "grfn" ]; - autoOptimiseStore = true; - distributedBuilds = true; - - gc = { - automatic = true; - dates = mkDefault "weekly"; - options = "--delete-older-than 30d"; - }; - }; - - services.udev.packages = with pkgs; [ - yubikey-personalization - ]; - - services.pcscd.enable = true; -} diff --git a/users/glittershark/system/system/modules/desktop.nix b/users/glittershark/system/system/modules/desktop.nix deleted file mode 100644 index 3adbd9d9b0..0000000000 --- a/users/glittershark/system/system/modules/desktop.nix +++ /dev/null @@ -1,19 +0,0 @@ -{ config, lib, pkgs, ... }: - -{ - imports = [ - ./xserver.nix - ./fonts.nix - ./sound.nix - ./kernel.nix - ]; - - programs.nm-applet.enable = true; - - users.users.grfn.extraGroups = [ - "audio" - "video" - ]; - - services.geoclue2.enable = true; -} diff --git a/users/glittershark/system/system/modules/development.nix b/users/glittershark/system/system/modules/development.nix deleted file mode 100644 index bfa0e22cff..0000000000 --- a/users/glittershark/system/system/modules/development.nix +++ /dev/null @@ -1,6 +0,0 @@ -{ config, lib, pkgs, ... }: - -{ - virtualisation.docker.enable = true; - users.users.grfn.extraGroups = [ "docker" ]; -} diff --git a/users/glittershark/system/system/modules/fcitx.nix b/users/glittershark/system/system/modules/fcitx.nix deleted file mode 100644 index 812f598f9f..0000000000 --- a/users/glittershark/system/system/modules/fcitx.nix +++ /dev/null @@ -1,10 +0,0 @@ -{ config, lib, pkgs, ... }: - -{ - i18n.inputMethod = { - enabled = "fcitx"; - fcitx.engines = with pkgs.fcitx-engines; [ - cloudpinyin - ]; - }; -} diff --git a/users/glittershark/system/system/modules/fonts.nix b/users/glittershark/system/system/modules/fonts.nix deleted file mode 100644 index babe30d427..0000000000 --- a/users/glittershark/system/system/modules/fonts.nix +++ /dev/null @@ -1,12 +0,0 @@ -{ config, lib, pkgs, ... }: -{ - fonts = { - fonts = with pkgs; [ - nerdfonts - noto-fonts-emoji - twitter-color-emoji - ]; - - fontconfig.defaultFonts.emoji = ["Twitter Color Emoji"]; - }; -} diff --git a/users/glittershark/system/system/modules/kernel.nix b/users/glittershark/system/system/modules/kernel.nix deleted file mode 100644 index 5c5ff85515..0000000000 --- a/users/glittershark/system/system/modules/kernel.nix +++ /dev/null @@ -1,39 +0,0 @@ -{ config, lib, pkgs, ... }: -with lib.versions; -let - inherit (pkgs) stdenvNoCC; - kernelRelease = config.boot.kernelPackages.kernel.version; - mj = major kernelRelease; - mm = majorMinor kernelRelease; - patched-linux-ck = stdenvNoCC.mkDerivation { - name = "linux-ck"; - src = builtins.fetchurl { - name = "linux-ck-patch-${mm}-ck1.xz"; - # example: http://ck.kolivas.org/patches/5.0/5.4/5.4-ck1/patch-5.4-ck1.xz - url = "http://ck.kolivas.org/patches/${mj}.0/${mm}/${mm}-ck1/patch-${mm}-ck1.xz"; - sha256 = "14lfpq9hvq1amxrl0ayfid1d04kd35vwsvk1ppnqa87nqfkjq47c"; - }; - - unpackPhase = '' - ${pkgs.xz}/bin/unxz -kfdc $src > patch-${mm}-ck1 - ''; - - installPhase = '' - cp patch-${mm}-ck1 $out - ''; - }; -in -{ - boot.kernelPackages = pkgs.linuxPackages_5_11.extend (self: super: { - kernel = super.kernel.override { - ignoreConfigErrors = true; - kernelPatches = super.kernel.kernelPatches ++ [{ - name = "linux-ck"; - patch = patched-linux-ck; - }]; - argsOverride = { - modDirVersion = super.kernel.modDirVersion + "-ck1"; - }; - }; - }); -} diff --git a/users/glittershark/system/system/modules/laptop.nix b/users/glittershark/system/system/modules/laptop.nix deleted file mode 100644 index 8c09f3a442..0000000000 --- a/users/glittershark/system/system/modules/laptop.nix +++ /dev/null @@ -1,13 +0,0 @@ -{ config, lib, pkgs, ... }: - -{ - imports = [ - ./reusable/battery.nix - ]; - - laptop.onLowBattery.enable = true; - - services.logind.extraConfig = '' - HandlePowerKey=hibernate - ''; -} diff --git a/users/glittershark/system/system/modules/reusable/README.org b/users/glittershark/system/system/modules/reusable/README.org deleted file mode 100644 index 34d9bfdcb7..0000000000 --- a/users/glittershark/system/system/modules/reusable/README.org +++ /dev/null @@ -1,2 +0,0 @@ -This directory contains things I'm eventually planning on contributing upstream -to nixpkgs diff --git a/users/glittershark/system/system/modules/reusable/battery.nix b/users/glittershark/system/system/modules/reusable/battery.nix deleted file mode 100644 index ca92e0c3f6..0000000000 --- a/users/glittershark/system/system/modules/reusable/battery.nix +++ /dev/null @@ -1,32 +0,0 @@ -{ config, lib, pkgs, ... }: -with lib; -{ - options = { - laptop.onLowBattery = { - enable = mkEnableOption "Perform action on low battery"; - - thresholdPercentage = mkOption { - description = "Threshold battery percentage on which to perform the action"; - default = 8; - type = types.int; - }; - - action = mkOption { - description = "Action to perform on low battery"; - default = "hibernate"; - type = types.enum [ "hibernate" "suspend" "suspend-then-hibernate" ]; - }; - }; - }; - - config = - let cfg = config.laptop.onLowBattery; - in mkIf cfg.enable { - services.udev.extraRules = concatStrings [ - ''SUBSYSTEM=="power_supply", '' - ''ATTR{status}=="Discharging", '' - ''ATTR{capacity}=="[0-${toString cfg.thresholdPercentage}]", '' - ''RUN+="${pkgs.systemd}/bin/systemctl ${cfg.action}"'' - ]; - }; -} diff --git a/users/glittershark/system/system/modules/rtlsdr.nix b/users/glittershark/system/system/modules/rtlsdr.nix deleted file mode 100644 index ce58ebb0dc..0000000000 --- a/users/glittershark/system/system/modules/rtlsdr.nix +++ /dev/null @@ -1,17 +0,0 @@ -{ config, lib, pkgs, ... }: - -{ - - environment.systemPackages = with pkgs; [ - rtl-sdr - ]; - - services.udev.packages = with pkgs; [ - rtl-sdr - ]; - - # blacklist for rtl-sdr - boot.blacklistedKernelModules = [ - "dvb_usb_rtl28xxu" - ]; -} diff --git a/users/glittershark/system/system/modules/sound.nix b/users/glittershark/system/system/modules/sound.nix deleted file mode 100644 index 15c8dd5e3f..0000000000 --- a/users/glittershark/system/system/modules/sound.nix +++ /dev/null @@ -1,16 +0,0 @@ -{ config, lib, pkgs, ... }: -{ - # Enable sound. - sound.enable = true; - hardware.pulseaudio.enable = true; - nixpkgs.config.pulseaudio = true; - - environment.systemPackages = with pkgs; [ - pulseaudio-ctl - paprefs - pasystray - pavucontrol - ]; - - hardware.pulseaudio.package = pkgs.pulseaudioFull; -} diff --git a/users/glittershark/system/system/modules/tvl.nix b/users/glittershark/system/system/modules/tvl.nix deleted file mode 100644 index 905ec8ced5..0000000000 --- a/users/glittershark/system/system/modules/tvl.nix +++ /dev/null @@ -1,37 +0,0 @@ -{ config, lib, pkgs, ... }: - -{ - nix = { - buildMachines = [{ - hostName = "whitby.tvl.fyi"; - sshUser = "grfn"; - sshKey = "/root/.ssh/id_rsa"; - system = "x86_64-linux"; - maxJobs = 64; - supportedFeatures = ["big-parallel" "kvm" "nixos-test" "benchmark"]; - }]; - - extraOptions = '' - builders-use-substitutes = true - ''; - - binaryCaches = [ - "https://cache.nixos.org" - "ssh://nix-ssh@whitby.tvl.fyi" - ]; - trustedBinaryCaches = [ - "https://cache.nixos.org" - "ssh://nix-ssh@whitby.tvl.fyi" - ]; - binaryCachePublicKeys = [ - "cache.tvl.fyi:fd+9d1ceCPvDX/xVhcfv8nAa6njEhAGAEe+oGJDEeoc=" - ]; - }; - - programs.ssh.knownHosts.whitby = { - hostNames = [ "whitby" "whitby.tvl.fyi" "49.12.129.211"]; - publicKeyFile = pkgs.writeText "whitby.pub" '' - ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILNh/w4BSKov0jdz3gKBc98tpoLta5bb87fQXWBhAl2I - ''; - }; -} diff --git a/users/glittershark/system/system/modules/work/kolide.deb b/users/glittershark/system/system/modules/work/kolide.deb deleted file mode 100644 index a319a5806f..0000000000 --- a/users/glittershark/system/system/modules/work/kolide.deb +++ /dev/null Binary files differdiff --git a/users/glittershark/system/system/modules/work/kolide.nix b/users/glittershark/system/system/modules/work/kolide.nix deleted file mode 100644 index 29ee0a0d7c..0000000000 --- a/users/glittershark/system/system/modules/work/kolide.nix +++ /dev/null @@ -1,49 +0,0 @@ -{ config, lib, pkgs, ... }: - -let - deb = ./kolide.deb; - - kolide = pkgs.runCommand "kolide-data" { - buildInputs = [ pkgs.binutils-unwrapped ]; - } '' - cp ${deb} ./kolide.deb - ar x kolide.deb - mkdir result - tar xzf data.tar.gz -C result - patchelf \ - --set-interpreter ${pkgs.glibc}/lib/ld-linux-x86-64.so.2 \ - --set-rpath "${lib.makeLibraryPath (with pkgs; [ - zlib - ])}" \ - result/usr/local/kolide-k2/bin/osqueryd - mv result $out - ''; - -in { - systemd.services."launcher.kolide-k2" = { - wantedBy = [ "multi-user.target" ]; - after = [ "network.target" "syslog.service" ]; - description = "The Kolide Launcher"; - serviceConfig = { - ExecStart = '' - ${kolide}/usr/local/kolide-k2/bin/launcher \ - -config \ - ${pkgs.writeText "launcher.flags" '' - with_initial_runner - control - autoupdate - root_directory /var/lib/kolide - osqueryd_path ${kolide}/usr/local/kolide-k2/bin/osqueryd - enroll_secret_path ${kolide}/etc/kolide-k2/secret - control_hostname k2control.kolide.com - update_channel stable - transport jsonrpc - hostname k2device.kolide.com - ''} - ''; - StateDirectory = "kolide"; - Restart = "on-failure"; - RestartSec = 3; - }; - }; -} diff --git a/users/glittershark/system/system/modules/xserver.nix b/users/glittershark/system/system/modules/xserver.nix deleted file mode 100644 index 35ee44112e..0000000000 --- a/users/glittershark/system/system/modules/xserver.nix +++ /dev/null @@ -1,16 +0,0 @@ -{ config, pkgs, ... }: -{ - # Enable the X11 windowing system. - services.xserver = { - enable = true; - layout = "us"; - - libinput.enable = true; - - displayManager = { - defaultSession = "none+i3"; - }; - - windowManager.i3.enable = true; - }; -} |