diff options
Diffstat (limited to 'users/wpcarro/nixos')
| -rw-r--r-- | users/wpcarro/nixos/ava/ava.el | 61 | ||||
| -rw-r--r-- | users/wpcarro/nixos/ava/default.nix | 150 | ||||
| -rw-r--r-- | users/wpcarro/nixos/default.nix | 24 | ||||
| -rw-r--r-- | users/wpcarro/nixos/iso.nix | 17 | ||||
| -rw-r--r-- | users/wpcarro/nixos/kyoko/default.nix | 153 | ||||
| -rw-r--r-- | users/wpcarro/nixos/kyoko/kyoko.el | 61 | ||||
| -rw-r--r-- | users/wpcarro/nixos/marcus/default.nix | 169 | ||||
| -rw-r--r-- | users/wpcarro/nixos/marcus/hardware.nix | 29 | ||||
| -rw-r--r-- | users/wpcarro/nixos/marcus/marcus.el | 40 | ||||
| -rw-r--r-- | users/wpcarro/nixos/modules/.skip-subtree | 1 | ||||
| -rw-r--r-- | users/wpcarro/nixos/modules/hadrian-cache.nix | 17 | ||||
| -rw-r--r-- | users/wpcarro/nixos/modules/hardware/dell-emc-egw-5200.nix | 47 | ||||
| -rw-r--r-- | users/wpcarro/nixos/modules/hardware/nopn.nix | 53 | ||||
| -rw-r--r-- | users/wpcarro/nixos/modules/laptop.nix | 15 | ||||
| -rw-r--r-- | users/wpcarro/nixos/modules/nginx.nix | 45 | ||||
| -rw-r--r-- | users/wpcarro/nixos/tarasco/default.nix | 144 | ||||
| -rw-r--r-- | users/wpcarro/nixos/tarasco/tarasco.el | 61 |
17 files changed, 1087 insertions, 0 deletions
diff --git a/users/wpcarro/nixos/ava/ava.el b/users/wpcarro/nixos/ava/ava.el new file mode 100644 index 0000000000..b0b13746b0 --- /dev/null +++ b/users/wpcarro/nixos/ava/ava.el @@ -0,0 +1,61 @@ +;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; +;; Dependencies +;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; + +(require 'bookmark) +(require 'display) +(require 'window-manager) + +;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; +;; Configuration +;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; + +(bookmark-install-kbd + (make-bookmark :label "hadrian" + :path "/hadrian" + :kbd "h")) + +(setq initial-buffer-choice "/hadrian") + +(add-to-list 'ssh-hosts "wpcarro@tarasco") + +(display-register primary + :output "HDMI-1" + :primary t + :coords (0 0) + :size (2560 1440) + :rate 30.0 + :dpi 96 + :rotate normal) + +(display-register secondary + :output "HDMI-2" + :primary nil + :coords (2561 0) + :size (2560 1440) + :rate 30.0 + :dpi 96 + :rotate normal) + +(display-arrangement main :displays (primary secondary)) + +(setq window-manager-named-workspaces + (list (make-window-manager-named-workspace + :label "Web Browsing" + :kbd "c" + :display display-secondary) + (make-window-manager-named-workspace + :label "Coding I" + :kbd "1" + :display display-primary) + (make-window-manager-named-workspace + :label "Coding II" + :kbd "2" + :display display-primary) + (make-window-manager-named-workspace + :label "Chatting" + :kbd "h" + :display display-secondary))) + +;; I *think* this needs to be the last statement in this file. +(window-manager-init :init-hook #'display-arrange-main) diff --git a/users/wpcarro/nixos/ava/default.nix b/users/wpcarro/nixos/ava/default.nix new file mode 100644 index 0000000000..25c43c003f --- /dev/null +++ b/users/wpcarro/nixos/ava/default.nix @@ -0,0 +1,150 @@ +{ depot, pkgs, lib, ... }: +{ ... }: + +let + inherit (depot.users) wpcarro; + inherit (depot.users.wpcarro.lib) usermod; + + wpcarrosEmacs = wpcarro.emacs.nixos { + load = [ ./ava.el ]; + }; + + quasselClient = pkgs.quassel.override { + client = true; + enableDaemon = false; + monolithic = false; + }; +in +{ + imports = [ + (usermod "hardware/nopn.nix") + ]; + + # Use the TVL binary cache + tvl.cache.enable = true; + + boot.loader.systemd-boot.enable = true; + boot.loader.efi.canTouchEfiVariables = true; + + # Support IP forwarding to use this device as a Tailscale exit node. + boot.kernel.sysctl."net.ipv4.ip_forward" = true; + boot.kernel.sysctl."net.ipv6.conf.all.forwarding" = true; + # Additionall exit node settings that Tailscale recommends. + networking.firewall.checkReversePath = "loose"; + + time.timeZone = "America/Los_Angeles"; + + networking = { + # The global useDHCP flag is deprecated, therefore explicitly set to false + # here. Per-interface useDHCP will be mandatory in the future, so this + # generated config replicates the default behaviour. + useDHCP = false; + hostName = "ava"; + networkmanager.enable = true; + interfaces.enp1s0.useDHCP = true; + interfaces.enp3s0.useDHCP = true; + interfaces.wlp2s0.useDHCP = true; + }; + + services = wpcarro.common.services // { + # Check the amount of available memory and free swap a few times per second + # and kill the largest process if both are below 10%. + earlyoom.enable = true; + + tailscale.enable = true; + + openssh.enable = true; + + printing = { + enable = true; + drivers = with pkgs; [ gutenprint ]; + }; + + xserver = { + enable = true; + xkb.layout = "us"; + xkb.options = "caps:escape"; + displayManager = { + # Give EXWM permission to control the session (from tazjin's setup). + sessionCommands = "${pkgs.xorg.xhost}/bin/xhost +SI:localhost:$USER"; + lightdm.enable = true; + }; + windowManager.session = lib.singleton { + name = "exwm"; + start = "${wpcarrosEmacs}/bin/wpcarros-emacs"; + }; + }; + }; + + # Enable sound. + sound.enable = true; + hardware.pulseaudio.enable = true; + + users.mutableUsers = true; + users.users.root.openssh.authorizedKeys.keys = with wpcarro.keys; [ + iphone + nathan + tarasco + ]; + users.users.wpcarro = { + initialPassword = "password"; + isNormalUser = true; + extraGroups = [ + "networkmanager" + "wheel" + "docker" + ]; + shell = pkgs.fish; + openssh.authorizedKeys.keys = with wpcarro.keys; [ + iphone + nathan + tarasco + ]; + }; + users.extraGroups.vboxusers.members = [ "wpcarro" ]; + + security.sudo.wheelNeedsPassword = false; + + fonts = { + packages = with pkgs; [ + jetbrains-mono + ]; + + fontconfig = { + defaultFonts = { + monospace = [ "JetBrains Mono" ]; + }; + }; + }; + + programs = wpcarro.common.programs // { + mosh.enable = true; + }; + + virtualisation.docker.enable = true; + virtualisation.virtualbox.host.enable = true; + + environment.variables = { + EDITOR = "emacsclient"; + ALTERNATE_EDITOR = "emacs -q -nw"; + VISUAL = "emacsclient"; + }; + + environment.systemPackages = + wpcarro.common.shell-utils ++ + (with pkgs; [ + alacritty + ec2-api-tools + firefox + google-chrome + httpie + pavucontrol + quasselClient + remmina + tdesktop + wpcarrosEmacs + xsecurelock + ]); + + system.stateVersion = "21.11"; +} diff --git a/users/wpcarro/nixos/default.nix b/users/wpcarro/nixos/default.nix new file mode 100644 index 0000000000..9c8a7e5a79 --- /dev/null +++ b/users/wpcarro/nixos/default.nix @@ -0,0 +1,24 @@ +{ depot, pkgs, ... }: + +let + inherit (depot.users.wpcarro.nixos) + ava + kyoko + marcus + tarasco; + + systemFor = sys: (depot.ops.nixos.nixosFor sys).system; +in +{ + avaSystem = systemFor ava; + kyokoSystem = systemFor kyoko; + marcusSystem = systemFor marcus; + tarascoSystem = systemFor tarasco; + + meta.ci.targets = [ + "avaSystem" + "kyokoSystem" + "marcusSystem" + "tarascoSystem" + ]; +} diff --git a/users/wpcarro/nixos/iso.nix b/users/wpcarro/nixos/iso.nix new file mode 100644 index 0000000000..8102c98fb8 --- /dev/null +++ b/users/wpcarro/nixos/iso.nix @@ -0,0 +1,17 @@ +# TODO(wpcarro): Support the workflow outlined in these docs. +# +# Usage: +# $ lsblk # get your USB dev path (e.g. /dev/sdb) +# $ create-installer --dev=/dev/sdb //users/wpcarro/nixos/marcus + +{ pkgs, ... }: + +{ + imports = [ + "${pkgs.nixos}/modules/installer/cd-graphical-gnome.nix" + ]; + + config = { + networking.wireless.enable = true; + }; +} diff --git a/users/wpcarro/nixos/kyoko/default.nix b/users/wpcarro/nixos/kyoko/default.nix new file mode 100644 index 0000000000..0d8907edd2 --- /dev/null +++ b/users/wpcarro/nixos/kyoko/default.nix @@ -0,0 +1,153 @@ +{ depot, pkgs, lib, ... }: +_: + +let + inherit (depot.users) wpcarro; + inherit (depot.users.wpcarro.lib) usermod; + + wpcarrosEmacs = wpcarro.emacs.nixos { + load = [ ./kyoko.el ]; + }; + + quasselClient = pkgs.quassel.override { + client = true; + enableDaemon = false; + monolithic = false; + }; +in +{ + imports = [ + (usermod "hardware/dell-emc-egw-5200.nix") + (usermod "hadrian-cache.nix") + ]; + + # TVL's Nix binary cache + tvl.cache.enable = true; + + # Hadrian's Nix binary cache. + hadrian.cache.enable = true; + + nix.settings.trusted-users = [ "@wheel" ]; + + boot.loader.systemd-boot.enable = true; + boot.loader.efi.canTouchEfiVariables = true; + + # Additionall exit node settings that Tailscale recommends. + networking.firewall.checkReversePath = "loose"; + + time.timeZone = "America/Los_Angeles"; + + networking = { + # The global useDHCP flag is deprecated, therefore explicitly set to false + # here. Per-interface useDHCP will be mandatory in the future, so this + # generated config replicates the default behaviour. + useDHCP = false; + hostName = "kyoko"; + networkmanager.enable = true; + interfaces.enp1s0.useDHCP = true; + interfaces.enp3s0.useDHCP = true; + interfaces.wlp2s0.useDHCP = true; + }; + + services = wpcarro.common.services // { + # Check the amount of available memory and free swap a few times per second + # and kill the largest process if both are below 10%. + earlyoom.enable = true; + + tailscale.enable = true; + + openssh.enable = true; + + printing = { + enable = true; + drivers = with pkgs; [ gutenprint ]; + }; + + xserver = { + enable = true; + xkb.layout = "us"; + xkb.options = "caps:escape"; + displayManager = { + # Give EXWM permission to control the session (from tazjin's setup). + sessionCommands = "${pkgs.xorg.xhost}/bin/xhost +SI:localhost:$USER"; + lightdm.enable = true; + }; + windowManager.session = lib.singleton { + name = "exwm"; + start = "${wpcarrosEmacs}/bin/wpcarros-emacs"; + }; + }; + }; + + # Enable sound. + sound.enable = true; + hardware.pulseaudio.enable = true; + + users.mutableUsers = true; + users.users.root.openssh.authorizedKeys.keys = with wpcarro.keys; [ + iphone + nathan + tarasco + ]; + users.users.wpcarro = { + initialPassword = "password"; + isNormalUser = true; + extraGroups = [ + "networkmanager" + "wheel" + "docker" + ]; + shell = pkgs.fish; + openssh.authorizedKeys.keys = with wpcarro.keys; [ + iphone + nathan + tarasco + ]; + }; + users.extraGroups.vboxusers.members = [ "wpcarro" ]; + + security.sudo.wheelNeedsPassword = false; + + fonts = { + packages = with pkgs; [ + jetbrains-mono + ]; + + fontconfig = { + defaultFonts = { + monospace = [ "JetBrains Mono" ]; + }; + }; + }; + + programs = wpcarro.common.programs // { + mosh.enable = true; + }; + + virtualisation.docker.enable = true; + virtualisation.virtualbox.host.enable = true; + + environment.variables = { + EDITOR = "emacsclient"; + ALTERNATE_EDITOR = "emacs -q -nw"; + VISUAL = "emacsclient"; + }; + + environment.systemPackages = + wpcarro.common.shell-utils ++ + (with pkgs; [ + alacritty + ec2-api-tools + firefox + google-chrome + httpie + pavucontrol + quasselClient + remmina + tdesktop + wpcarrosEmacs + xsecurelock + ]); + + system.stateVersion = "21.11"; +} diff --git a/users/wpcarro/nixos/kyoko/kyoko.el b/users/wpcarro/nixos/kyoko/kyoko.el new file mode 100644 index 0000000000..310323688a --- /dev/null +++ b/users/wpcarro/nixos/kyoko/kyoko.el @@ -0,0 +1,61 @@ +;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; +;; Dependencies +;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; + +(require 'bookmark) +(require 'display) +(require 'window-manager) + +;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; +;; Configuration +;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; + +(bookmark-install-kbd + (make-bookmark :label "hadrian" + :path "/hadrian" + :kbd "h")) + +(setq initial-buffer-choice "/hadrian") + +(add-to-list 'ssh-hosts "wpcarro@tarasco") + +(display-register primary + :output "DP-2" + :primary t + :coords (0 0) + :size (2560 1440) + :rate 30.0 + :dpi 96 + :rotate normal) + +(display-register secondary + :output "DP-1" + :primary nil + :coords (2561 0) + :size (2560 1440) + :rate 30.0 + :dpi 96 + :rotate normal) + +(display-arrangement main :displays (primary secondary)) + +(setq window-manager-named-workspaces + (list (make-window-manager-named-workspace + :label "Web Browsing" + :kbd "c" + :display display-secondary) + (make-window-manager-named-workspace + :label "Coding I" + :kbd "1" + :display display-primary) + (make-window-manager-named-workspace + :label "Coding II" + :kbd "2" + :display display-primary) + (make-window-manager-named-workspace + :label "Chatting" + :kbd "h" + :display display-secondary))) + +;; I *think* this needs to be the last statement in this file. +(window-manager-init :init-hook #'display-arrange-main) diff --git a/users/wpcarro/nixos/marcus/default.nix b/users/wpcarro/nixos/marcus/default.nix new file mode 100644 index 0000000000..a97d6d264d --- /dev/null +++ b/users/wpcarro/nixos/marcus/default.nix @@ -0,0 +1,169 @@ +{ depot, pkgs, lib, ... }: +{ ... }: + +let + inherit (depot.users) wpcarro; + inherit (depot.users.wpcarro.lib) usermod; + + wpcarrosEmacs = wpcarro.emacs.nixos { + load = [ ./marcus.el ]; + }; + + quasselClient = pkgs.quassel.override { + client = true; + enableDaemon = false; + monolithic = false; + }; +in +{ + imports = [ + (depot.path.origSrc + "/users/wpcarro/nixos/marcus/hardware.nix") + (pkgs.home-manager.src + "/nixos") + (usermod "laptop.nix") + ]; + + # Use the TVL binary cache + tvl.cache.enable = true; + + boot.loader.systemd-boot.enable = true; + boot.loader.efi.canTouchEfiVariables = true; + + networking = { + # The global useDHCP flag is deprecated, therefore explicitly set to false + # here. Per-interface useDHCP will be mandatory in the future, so this + # generated config replicates the default behaviour. + useDHCP = false; + hostName = "marcus"; + networkmanager.enable = true; + interfaces.enp0s31f6.useDHCP = true; + interfaces.wlp0s20f3.useDHCP = true; + }; + + services = wpcarro.common.services // { + # Enable the Tailscale daemon to connect to work and personal Tailnet. + tailscale.enable = true; + + tzupdate.enable = true; + + depot.auto-deploy = { + enable = true; + interval = "1d"; + }; + + xserver = { + enable = true; + libinput = { + enable = true; + touchpad.naturalScrolling = false; + touchpad.tapping = false; + }; + xkb.layout = "us"; + xkb.options = "caps:escape"; + displayManager = { + # Give EXWM permission to control the session (from tazjin's setup). + sessionCommands = "${pkgs.xorg.xhost}/bin/xhost +SI:localhost:$USER"; + lightdm.enable = true; + }; + extraConfig = '' + Section "InputClass" + Identifier "Touchscreen catchall" + MatchIsTouchscreen "on" + Option "Ignore" "on" + EndSection + ''; + windowManager.session = lib.singleton { + name = "exwm"; + start = "${wpcarrosEmacs}/bin/wpcarros-emacs"; + }; + }; + }; + + # Enable sound. + sound.enable = true; + hardware.pulseaudio.enable = true; + + users.mutableUsers = true; + users.users.wpcarro = { + isNormalUser = true; + extraGroups = [ + "networkmanager" + "wheel" + "video" # needed to control the screen brightness + ]; + shell = pkgs.fish; + }; + + security.sudo.wheelNeedsPassword = false; + + fonts = { + packages = with pkgs; [ + jetbrains-mono + ]; + + fontconfig = { + defaultFonts = { + monospace = [ "JetBrains Mono" ]; + }; + }; + }; + + programs = wpcarro.common.programs; + + environment.variables = { + EDITOR = "emacsclient"; + ALTERNATE_EDITOR = "emacs -q -nw"; + VISUAL = "emacsclient"; + }; + + home-manager.useGlobalPkgs = true; + home-manager.users.wpcarro = { config, lib, ... }: { + programs.git = { + enable = true; + userName = "William Carroll"; + userEmail = "wpcarro@gmail.com"; + extraConfig = { + pull.rebase = true; + }; + }; + + services.picom = { + enable = true; + vSync = true; + backend = "glx"; + }; + + services.redshift = { + enable = true; + latitude = 37.4223931; + longitude = -122.0864016; + }; + + services.dunst.enable = true; + xdg.configFile."dunst/dunstrc" = { + source = wpcarro.dotfiles.dunstrc; + onChange = '' + ${pkgs.procps}/bin/pkill -u "$USER" ''${VERBOSE+-e} dunst || true + ''; + }; + + systemd.user.startServices = true; + + # Previous default version, see https://github.com/nix-community/home-manager/blob/master/docs/release-notes/rl-2211.adoc + home.stateVersion = "18.09"; + }; + + environment.systemPackages = + wpcarro.common.shell-utils ++ + (with pkgs; [ + alacritty + firefox + pavucontrol + quasselClient + tdesktop + weechat + wpcarrosEmacs + xsecurelock + ]); + + system.stateVersion = "21.11"; +} diff --git a/users/wpcarro/nixos/marcus/hardware.nix b/users/wpcarro/nixos/marcus/hardware.nix new file mode 100644 index 0000000000..8a2672206b --- /dev/null +++ b/users/wpcarro/nixos/marcus/hardware.nix @@ -0,0 +1,29 @@ +{ config, lib, pkgs, modulesPath, ... }: + +{ + imports = [ + (modulesPath + "/installer/scan/not-detected.nix") + ]; + + boot.initrd.availableKernelModules = [ "xhci_pci" "nvme" "usb_storage" "sd_mod" ]; + boot.initrd.kernelModules = [ ]; + boot.kernelModules = [ "kvm-intel" ]; + boot.extraModulePackages = [ ]; + + fileSystems."/" = { + device = "/dev/disk/by-label/nixos"; + fsType = "ext4"; + }; + + fileSystems."/boot" = { + device = "/dev/disk/by-label/boot"; + fsType = "vfat"; + }; + + swapDevices = lib.singleton { + device = "/dev/disk/by-label/swap"; + }; + + powerManagement.cpuFreqGovernor = lib.mkDefault "powersave"; + hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; +} diff --git a/users/wpcarro/nixos/marcus/marcus.el b/users/wpcarro/nixos/marcus/marcus.el new file mode 100644 index 0000000000..90c04f7ff3 --- /dev/null +++ b/users/wpcarro/nixos/marcus/marcus.el @@ -0,0 +1,40 @@ +;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; +;; Dependencies +;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; + +(require 'tvl) +(require 'display) +(require 'window-manager) + +;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; +;; Monitor Configuration +;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; + +(display-register laptop + :output "eDP-1" + :primary t + :coords (0 0) + :size (1920 1080) + :rate 30.0 + :dpi 96 + :rotate normal) + +(display-arrangement primary :displays (laptop)) + +(setq initial-buffer-choice tvl-depot-path) + +(setq window-manager-named-workspaces + (list (make-window-manager-named-workspace + :label "Web Browsing" + :kbd "c" + :display display-laptop) + (make-window-manager-named-workspace + :label "Coding" + :kbd "d" + :display display-laptop) + (make-window-manager-named-workspace + :label "Chatting" + :kbd "h" + :display display-laptop))) + +(window-manager-init :init-hook #'display-arrange-primary) diff --git a/users/wpcarro/nixos/modules/.skip-subtree b/users/wpcarro/nixos/modules/.skip-subtree new file mode 100644 index 0000000000..09520f8c83 --- /dev/null +++ b/users/wpcarro/nixos/modules/.skip-subtree @@ -0,0 +1 @@ +NixOS modules are not readTree compatible. diff --git a/users/wpcarro/nixos/modules/hadrian-cache.nix b/users/wpcarro/nixos/modules/hadrian-cache.nix new file mode 100644 index 0000000000..033c03c825 --- /dev/null +++ b/users/wpcarro/nixos/modules/hadrian-cache.nix @@ -0,0 +1,17 @@ +# If enabled, use Hadrian's Nix cache. +{ config, lib, pkgs, ... }: + +{ + options = { + hadrian.cache.enable = lib.mkEnableOption "Hadrian's binary cache"; + }; + + config = lib.mkIf config.hadrian.cache.enable { + nix.settings.trusted-public-keys = [ + "cache.hadrian.internal:XWdYSn5ZASj6IqZd4nnDBXJmahQEolBrtq9DvSe0UT0=" + ]; + nix.settings.substituters = [ + "http://cache.hadrian.internal" + ]; + }; +} diff --git a/users/wpcarro/nixos/modules/hardware/dell-emc-egw-5200.nix b/users/wpcarro/nixos/modules/hardware/dell-emc-egw-5200.nix new file mode 100644 index 0000000000..df46405629 --- /dev/null +++ b/users/wpcarro/nixos/modules/hardware/dell-emc-egw-5200.nix @@ -0,0 +1,47 @@ +# In a nutshell, this configuration defines the configuration required to run +# NixOS on the Dell EMC EGW 5200 (often the config that NixOS put in +# hardware.nix by default). +{ config, lib, modulesPath, ... }: + +{ + imports = [ + (modulesPath + "/installer/scan/not-detected.nix") + ]; + + boot.initrd.availableKernelModules = [ + "xhci_pci" + "ahci" + "usb_storage" + "usbhid" + "sd_mod" + ]; + boot.initrd.kernelModules = [ ]; + boot.kernelModules = [ "kvm-intel" ]; + boot.extraModulePackages = [ ]; + boot.loader.systemd-boot.enable = true; + boot.loader.efi.canTouchEfiVariables = true; + + fileSystems."/" = { + device = "/dev/disk/by-label/NIXROOT"; + fsType = "ext4"; + }; + + fileSystems."/boot" = { + device = "/dev/disk/by-label/NIXBOOT"; + fsType = "vfat"; + }; + + swapDevices = [ ]; + + powerManagement.cpuFreqGovernor = lib.mkDefault "powersave"; + hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; + + # Needed for Tailscale subnet routing + boot.kernel.sysctl."net.ipv4.ip_forward" = 1; + networking.useDHCP = false; + networking.interfaces.eno1.useDHCP = true; + networking.interfaces.enp3s0.useDHCP = true; + networking.interfaces.enp4s0.useDHCP = true; + + system.stateVersion = "21.11"; +} diff --git a/users/wpcarro/nixos/modules/hardware/nopn.nix b/users/wpcarro/nixos/modules/hardware/nopn.nix new file mode 100644 index 0000000000..a356954212 --- /dev/null +++ b/users/wpcarro/nixos/modules/hardware/nopn.nix @@ -0,0 +1,53 @@ +# I tried looking up the manufacturer, product name, and version, but +# `dmidecode -t system` reported "To be filled by O.E.M." for each of these +# fields. +{ config, lib, pkgs, modulesPath, ... }: + +{ + imports = [ + (modulesPath + "/installer/scan/not-detected.nix") + ]; + + fileSystems."/" = { + device = "/dev/disk/by-label/NIXROOT"; + fsType = "ext4"; + }; + + fileSystems."/boot" = { + device = "/dev/disk/by-label/NIXBOOT"; + fsType = "vfat"; + }; + + boot = { + initrd.availableKernelModules = [ + "xhci_pci" + "ehci_pci" + "ahci" + "usb_storage" + "usbhid" + "sd_mod" + ]; + initrd.kernelModules = [ ]; + kernelModules = [ "kvm-intel" ]; + extraModulePackages = [ ]; + + # Can verify these settings with: + # $ lsmod + # ...or: + # $ cat /etc/modprobe.d/nixos.conf + blacklistedKernelModules = [ + # Disabling this buggy network driver (and preferring ethernet) to prevent + # my machine from becoming unresponsive. + # TODO(wpcarro): Consider replacing this module with this fork (if NixOS + # isn't already): https://github.com/tomaspinho/rtl8821ce + "rtw88_8821ce" + ]; + }; + + swapDevices = [ ]; + + hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; + # TODO(wpcarro): https://github.com/NixOS/nixpkgs/issues/222805 + # high-resolution display + # hardware.video.hidpi.enable = lib.mkDefault true; +} diff --git a/users/wpcarro/nixos/modules/laptop.nix b/users/wpcarro/nixos/modules/laptop.nix new file mode 100644 index 0000000000..03dd0f39bb --- /dev/null +++ b/users/wpcarro/nixos/modules/laptop.nix @@ -0,0 +1,15 @@ +# Laptop-specific NixOS configuration. +_: + +{ + # Automatically detect location for redshift. + services.geoclue2.enable = true; + location.provider = "geoclue2"; + + # Enable power-saving features. + powerManagement.powertop.enable = true; + + # Backlight control command. + programs.light.enable = true; +} + diff --git a/users/wpcarro/nixos/modules/nginx.nix b/users/wpcarro/nixos/modules/nginx.nix new file mode 100644 index 0000000000..e6cc6b0feb --- /dev/null +++ b/users/wpcarro/nixos/modules/nginx.nix @@ -0,0 +1,45 @@ +# Common configuration for Nginx. +{ pkgs, ... }: + +{ + config = { + security.acme = { + acceptTerms = true; + defaults.email = "wpcarro@gmail.com"; + }; + + services.nginx = { + enable = true; + enableReload = true; + + recommendedTlsSettings = true; + recommendedGzipSettings = true; + + # Log errors to journald (i.e. /dev/log) with debug verbosity. + logError = "syslog:server=unix:/dev/log debug"; + + # for journaldriver + commonHttpConfig = '' + log_format json_combined escape=json + '{' + '"remote_addr":"$remote_addr",' + '"method":"$request_method",' + '"host":"$host",' + '"uri":"$request_uri",' + '"status":$status,' + '"request_size":$request_length,' + '"response_size":$body_bytes_sent,' + '"response_time":$request_time,' + '"referrer":"$http_referer",' + '"user_agent":"$http_user_agent"' + '}'; + + access_log syslog:server=unix:/dev/log,nohostname json_combined; + ''; + + appendHttpConfig = '' + add_header Permissions-Policy "interest-cohort=()"; + ''; + }; + }; +} diff --git a/users/wpcarro/nixos/tarasco/default.nix b/users/wpcarro/nixos/tarasco/default.nix new file mode 100644 index 0000000000..7033caa11a --- /dev/null +++ b/users/wpcarro/nixos/tarasco/default.nix @@ -0,0 +1,144 @@ +{ depot, pkgs, lib, ... }: +{ ... }: + +let + inherit (depot.users) wpcarro; + inherit (depot.users.wpcarro.lib) usermod; + + wpcarrosEmacs = wpcarro.emacs.nixos { + load = [ ./tarasco.el ]; + }; + + quasselClient = pkgs.quassel.override { + client = true; + enableDaemon = false; + monolithic = false; + }; +in +{ + imports = [ + (usermod "hardware/nopn.nix") + ]; + + # Use the TVL binary cache + tvl.cache.enable = true; + + boot = { + loader.systemd-boot.enable = true; + loader.efi.canTouchEfiVariables = true; + + # Support IP forwarding to use this device as a Tailscale exit node. + kernel.sysctl."net.ipv4.ip_forward" = true; + kernel.sysctl."net.ipv6.conf.all.forwarding" = true; + }; + + + time.timeZone = "America/Los_Angeles"; + + networking = { + useDHCP = false; + hostName = "tarasco"; + networkmanager.enable = true; + interfaces.enp1s0.useDHCP = true; + interfaces.enp3s0.useDHCP = true; + firewall.checkReversePath = "loose"; + # Disabling wifi because the Realtek network card drivers crash. For more + # context, see the boot.blacklistedKernelModules configuration. + # interfaces.wlp2s0.useDHCP = true; + }; + + services = wpcarro.common.services // { + # Check the amount of available memory and free swap a few times per second + # and kill the largest process if both are below 10%. + earlyoom.enable = true; + + tailscale.enable = true; + + openssh.enable = true; + + xserver = { + enable = true; + xkb.layout = "us"; + xkb.options = "caps:escape"; + displayManager = { + # Give EXWM permission to control the session (from tazjin's setup). + sessionCommands = "${pkgs.xorg.xhost}/bin/xhost +SI:localhost:$USER"; + lightdm.enable = true; + }; + windowManager.session = lib.singleton { + name = "exwm"; + start = "${wpcarrosEmacs}/bin/wpcarros-emacs"; + }; + }; + }; + + # Enable sound. + sound.enable = true; + hardware.pulseaudio.enable = true; + + users.mutableUsers = true; + users.users.root.openssh.authorizedKeys.keys = with wpcarro.keys; [ + ava + iphone + nathan + ]; + users.users.wpcarro = { + isNormalUser = true; + extraGroups = [ + "networkmanager" + "wheel" + "docker" + ]; + shell = pkgs.fish; + openssh.authorizedKeys.keys = with wpcarro.keys; [ + ava + iphone + nathan + ]; + }; + users.extraGroups.vboxusers.members = [ "wpcarro" ]; + + security.sudo.wheelNeedsPassword = false; + + fonts = { + packages = with pkgs; [ + jetbrains-mono + ]; + + fontconfig = { + defaultFonts = { + monospace = [ "JetBrains Mono" ]; + }; + }; + }; + + programs = wpcarro.common.programs // { + mosh.enable = true; + }; + + virtualisation.docker.enable = true; + virtualisation.virtualbox.host.enable = true; + + environment.variables = { + EDITOR = "emacsclient"; + ALTERNATE_EDITOR = "emacs -q -nw"; + VISUAL = "emacsclient"; + }; + + environment.systemPackages = + wpcarro.common.shell-utils ++ + (with pkgs; [ + alacritty + firefox + google-chrome + httpie + pavucontrol + quasselClient + remmina + tdesktop + wpcarrosEmacs + xsecurelock + ]); + + system.stateVersion = "21.11"; +} diff --git a/users/wpcarro/nixos/tarasco/tarasco.el b/users/wpcarro/nixos/tarasco/tarasco.el new file mode 100644 index 0000000000..c840493f24 --- /dev/null +++ b/users/wpcarro/nixos/tarasco/tarasco.el @@ -0,0 +1,61 @@ +;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; +;; Dependencies +;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; + +(require 'bookmark) +(require 'display) +(require 'window-manager) + +;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; +;; Configuration +;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; + +(bookmark-install-kbd + (make-bookmark :label "hadrian" + :path "/hadrian" + :kbd "h")) + +(setq initial-buffer-choice "/hadrian") + +(add-to-list 'ssh-hosts "wpcarro@ava") + +(display-register primary + :output "HDMI-1" + :primary t + :coords (0 0) + :size (2560 1440) + :rate 30.0 + :dpi 96 + :rotate normal) + +(display-register secondary + :output "HDMI-2" + :primary nil + :coords (2561 0) + :size (2560 1440) + :rate 30.0 + :dpi 96 + :rotate normal) + +(display-arrangement main :displays (primary secondary)) + +(setq window-manager-named-workspaces + (list (make-window-manager-named-workspace + :label "Web Browsing" + :kbd "c" + :display display-secondary) + (make-window-manager-named-workspace + :label "Coding I" + :kbd "1" + :display display-primary) + (make-window-manager-named-workspace + :label "Coding II" + :kbd "2" + :display display-primary) + (make-window-manager-named-workspace + :label "Chatting" + :kbd "h" + :display display-secondary))) + +;; I *think* this needs to be the last statement in this file. +(window-manager-init :init-hook #'display-arrange-main) |