From 9166a9915a079e9c7e1a202552f2237121103669 Mon Sep 17 00:00:00 2001 From: William Carroll Date: Mon, 14 Nov 2022 09:51:51 -0800 Subject: feat(wpcarro/nixos): Support kyoko Yet Another NixOS System Change-Id: I29590c5e7c2a651f3ef56642018649dddd9f06b6 Reviewed-on: https://cl.tvl.fyi/c/depot/+/7297 Reviewed-by: wpcarro Tested-by: BuildkiteCI Reviewed-by: tazjin Autosubmit: wpcarro --- users/wpcarro/nixos/kyoko/default.nix | 153 ++++++++++++++++++++++++++++++++++ 1 file changed, 153 insertions(+) create mode 100644 users/wpcarro/nixos/kyoko/default.nix (limited to 'users/wpcarro/nixos/kyoko/default.nix') diff --git a/users/wpcarro/nixos/kyoko/default.nix b/users/wpcarro/nixos/kyoko/default.nix new file mode 100644 index 000000000000..4bfa29cb8e91 --- /dev/null +++ b/users/wpcarro/nixos/kyoko/default.nix @@ -0,0 +1,153 @@ +{ depot, pkgs, lib, ... }: +_: + +let + inherit (depot.users) wpcarro; + inherit (depot.users.wpcarro.lib) usermod; + + wpcarrosEmacs = wpcarro.emacs.nixos { + load = [ ./kyoko.el ]; + }; + + quasselClient = pkgs.quassel.override { + client = true; + enableDaemon = false; + monolithic = false; + }; +in +{ + imports = [ + (usermod "hardware/dell-emc-egw-5200.nix") + (usermod "hadrian-cache.nix") + ]; + + # TVL's Nix binary cache + tvl.cache.enable = true; + + # Hadrian's Nix binary cache. + hadrian.cache.enable = true; + + nix.settings.trusted-users = [ "@wheel" ]; + + boot.loader.systemd-boot.enable = true; + boot.loader.efi.canTouchEfiVariables = true; + + # Additionall exit node settings that Tailscale recommends. + networking.firewall.checkReversePath = "loose"; + + time.timeZone = "America/Los_Angeles"; + + networking = { + # The global useDHCP flag is deprecated, therefore explicitly set to false + # here. Per-interface useDHCP will be mandatory in the future, so this + # generated config replicates the default behaviour. + useDHCP = false; + hostName = "kyoko"; + networkmanager.enable = true; + interfaces.enp1s0.useDHCP = true; + interfaces.enp3s0.useDHCP = true; + interfaces.wlp2s0.useDHCP = true; + }; + + services = wpcarro.common.services // { + # Check the amount of available memory and free swap a few times per second + # and kill the largest process if both are below 10%. + earlyoom.enable = true; + + tailscale.enable = true; + + openssh.enable = true; + + printing = { + enable = true; + drivers = with pkgs; [ gutenprint ]; + }; + + xserver = { + enable = true; + layout = "us"; + xkbOptions = "caps:escape"; + displayManager = { + # Give EXWM permission to control the session (from tazjin's setup). + sessionCommands = "${pkgs.xorg.xhost}/bin/xhost +SI:localhost:$USER"; + lightdm.enable = true; + }; + windowManager.session = lib.singleton { + name = "exwm"; + start = "${wpcarrosEmacs}/bin/wpcarros-emacs"; + }; + }; + }; + + # Enable sound. + sound.enable = true; + hardware.pulseaudio.enable = true; + + users.mutableUsers = true; + users.users.root.openssh.authorizedKeys.keys = with wpcarro.keys; [ + iphone + nathan + tarasco + ]; + users.users.wpcarro = { + initialPassword = "password"; + isNormalUser = true; + extraGroups = [ + "networkmanager" + "wheel" + "docker" + ]; + shell = pkgs.fish; + openssh.authorizedKeys.keys = with wpcarro.keys; [ + iphone + nathan + tarasco + ]; + }; + users.extraGroups.vboxusers.members = [ "wpcarro" ]; + + security.sudo.wheelNeedsPassword = false; + + fonts = { + fonts = with pkgs; [ + jetbrains-mono + ]; + + fontconfig = { + defaultFonts = { + monospace = [ "JetBrains Mono" ]; + }; + }; + }; + + programs = wpcarro.common.programs // { + mosh.enable = true; + }; + + virtualisation.docker.enable = true; + virtualisation.virtualbox.host.enable = true; + + environment.variables = { + EDITOR = "emacsclient"; + ALTERNATE_EDITOR = "emacs -q -nw"; + VISUAL = "emacsclient"; + }; + + environment.systemPackages = + wpcarro.common.shell-utils ++ + (with pkgs; [ + alacritty + ec2-api-tools + firefox + google-chrome + httpie + pavucontrol + quasselClient + remmina + tdesktop + wpcarrosEmacs + xsecurelock + ]); + + system.stateVersion = "21.11"; +} -- cgit 1.4.1