Add NixOS configurations.

.emacs.d/init.el

@@ -64,6 +64,7 @@
   :init
   (setq lsp-keymap-prefix "C-c l")
   :hook ((rust-mode . lsp)
+	 (go-mode . lsip)
 	 (lsp-mode . lsp-enable-which-key-integration))
   :commands lsp)
 
@@ -72,6 +73,17 @@
 (use-package lsp-treemacs :commands lsp-treemacs-errors-list)
 
 (use-package rust-mode)
+(use-package go-mode)
+(add-hook 'go-mode-hook #'lsp-deferred)
+
+;; Set up before-save hooks to format buffer and add/delete imports.
+;; Make sure you don't have other gofmt/goimports hooks enabled.
+(defun lsp-go-install-save-hooks ()
+  (add-hook 'before-save-hook #'lsp-format-buffer t t)
+  (add-hook 'before-save-hook #'lsp-organize-imports t t))
+(add-hook 'go-mode-hook #'lsp-go-install-save-hooks)
+
+(use-package json-mode)
 
 ;; Can't have lisps without paredit!
 (use-package paredit
@@ -120,7 +132,7 @@
  ;; Your init file should contain only one such instance.
  ;; If there is more than one, they won't work right.
  '(package-selected-packages
-   '(json-mode treemacs-projectile projectile paredit all-the-fonts doom-modeline rust-mode swipe spinner lsp-treemacs lsp-ivy lsp-ui lsp-mode counsel swiper ivy treemacs use-package monokai-pro-theme)))
+   '(treemacs-projectile projectile paredit all-the-fonts doom-modeline rust-mode swipe spinner lsp-treemacs lsp-ivy lsp-ui lsp-mode counsel swiper ivy treemacs use-package monokai-pro-theme)))
 (custom-set-faces
  ;; custom-set-faces was added by Custom.
  ;; If you edit it by hand, you could mess it up, so be careful.

Dots.org

@@ -254,6 +254,7 @@ WantedBy=timers.target
   :init
   (setq lsp-keymap-prefix "C-c l")
   :hook ((rust-mode . lsp)
+	 (go-mode . lsip)
 	 (lsp-mode . lsp-enable-which-key-integration))
   :commands lsp)
 
@@ -262,6 +263,16 @@ WantedBy=timers.target
 (use-package lsp-treemacs :commands lsp-treemacs-errors-list)
 
 (use-package rust-mode)
+(use-package go-mode)
+(add-hook 'go-mode-hook #'lsp-deferred)
+
+;; Set up before-save hooks to format buffer and add/delete imports.
+;; Make sure you don't have other gofmt/goimports hooks enabled.
+(defun lsp-go-install-save-hooks ()
+  (add-hook 'before-save-hook #'lsp-format-buffer t t)
+  (add-hook 'before-save-hook #'lsp-organize-imports t t))
+(add-hook 'go-mode-hook #'lsp-go-install-save-hooks)
+
 (use-package json-mode)
 
 ;; Can't have lisps without paredit!

Systems.org

@@ -1,10 +1,16 @@
+#+PROPERTY: header-args :mkdirp yes
+
 * Systems
 
 I have opted to use NixOS for my systems moving forward. You can read a bit more
 about this move [[https://blog.gabrielsimmer.com/posts/from-guix-to-nixos][here]]. I haven't dabbled with custom configuration too much so
 this is pretty close to the default configuration.
 
-#+begin_src nix :tangle configuration.nix
+** London
+
+   London is my primary desktop.
+
+#+begin_src nix :tangle nix/configuration.nix
 { config, pkgs, ... }:
 
 {
@@ -59,12 +65,9 @@ this is pretty close to the default configuration.
 
   # Configure keymap in X11
   services.xserver.layout = "us";
-  # services.xserver.xkbOptions = "eurosign:e";
 
-  # Enable CUPS to print documents.
+  # Disabled and replaced with Pipewire.
-  # services.printing.enable = true;
   hardware.pulseaudio.enable = false;
-
   security.rtkit.enable = true;
   services.pipewire = {
     enable = true;
@@ -91,7 +94,7 @@ this is pretty close to the default configuration.
     tailscale
   ];
   services.flatpak.enable = true;
-
+  xdg.portal.enable = true;
   programs.mtr.enable = true;
   programs.gnupg.agent = {
     enable = true;
@@ -100,6 +103,8 @@ this is pretty close to the default configuration.
 
   networking.firewall.enable = false;
 
+  boot.binfmt.emulatedSystems = [ "aarch64-linux" ];
+  
   # This value determines the NixOS release from which the default
   # settings for stateful data, like file locations and database versions
   # on your system were taken. It‘s perfectly fine and recommended to leave
@@ -114,7 +119,7 @@ this is pretty close to the default configuration.
 My goal here is to leverage the hardware configuration generated by
 the NixOS to seperate out the specific-to-my-current-hardware configuration.
 
-#+begin_src nix :tangle hardware-configuration.nix
+#+begin_src nix :tangle nix/hardware-configuration.nix
 { config, lib, pkgs, modulesPath, ... }:
 
 {
@@ -166,3 +171,103 @@ the NixOS to seperate out the specific-to-my-current-hardware configuration.
   hardware.video.hidpi.enable = lib.mkDefault true;
 }
 #+end_src
+
+** Raspberry Pis
+
+   I have two Raspberry Pis - a 3B+ ("watcher"), and a 4 ("panda"). Watcher
+   serves as a watchdog for my self hosted services, usually living on Panda.
+
+#+begin_src nix :tangle nix/image-configuration.nix
+{ ... }: {
+  imports = [
+    <nixpkgs/nixos/modules/installer/sd-card/sd-image-aarch64.nix>
+  ];
+
+  services.sshd.enable = true;
+  services.ntp.enable = true;
+  
+  users.users.gsimmer = {
+    isNormalUser = true;
+    extraGroups = [ "wheel" ];
+    password = "pass"; # This gets changed. Don't get any ideas.
+    openssh.authorizedKeys.keys = ["ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILIztwQxt+jqroFONSgq+xzPMuE2I5Dq/zWPQ8RcTYJr gabriel@gitgalaxy.com"];
+  };
+}
+
+#+end_src
+
+*** Watcher
+
+   Watcher is my Raspberry Pi 3B+ responsible for monitoring various
+   services and devices on my network (and generally the wider web).
+   It uses [[https://github.com/gmemstr/platypus][Platypus]] (my custom monitoring platform) for this, along
+   with some cron jobs.
+
+   Watcher requires a few things; it monitors my various self-hosted
+   services, and reports these to a self hosted Platypus instance.
+   
+#+begin_src nix :tangle nix/watcher-configuration.nix
+{ config, pkgs, lib, ... }: {
+
+  boot.loader.grub.enable = false;
+  boot.loader.generic-extlinux-compatible.enable = true;
+  boot.kernelPackages = pkgs.linuxPackages_latest;
+
+    
+  services.sshd.enable = true;
+  services.ntp.enable = true;
+  
+  users.users.gsimmer = {
+    isNormalUser = true;
+    extraGroups = [ "wheel" ];
+    password = "pass"; # This gets changed. Don't get any ideas.
+    openssh.authorizedKeys.keys = ["ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILIztwQxt+jqroFONSgq+xzPMuE2I5Dq/zWPQ8RcTYJr gabriel@gitgalaxy.com"];
+  };
+  
+  environment.systemPackages = [ pkgs.git pkgs.curl ];
+
+  systemd.user.services.ensure-curlscript = {
+    script = ''
+      # At some point this will pull down a more complete script.
+      echo "Done!"
+    '';
+    wantedBy = [ "multi-user.target" ];
+  };
+
+  # Enable cron services
+  services.cron = {
+    enable = true;
+    systemCronJobs = [
+      "*/5 * * * *  gsimmer  curl -I -o /dev/null -w \"$(date)|\\%{http_code}\" https://pw.gmem.ca > /home/gsimmer/pw-status"
+      "*/5 * * * *  gsimmer  curl -I -o /dev/null -w \"$(date)|\\%{http_code}\" https://hue.gmem.ca > /home/gsimmer/hue-status"
+    ];
+  };
+
+  fileSystems = {
+    "/" = {
+      device = "/dev/disk/by-label/NIXOS_SD";
+      fsType = "ext4";
+    };
+  };
+
+  networking.firewall.enable = false;
+
+}
+#+end_src
+
+*** Panda
+
+   Panda is a general-purpose Raspberry Pi 4, responsible for hosting
+   some network shares and my password manager (using [[https://github.com/dani-garcia/vaultwarden][Vaultwarden]]).
+
+#+begin_src nix :tangle nix/panda-configuration.nix
+{ ... }: {
+  imports = [
+    <nixpkgs/nixos/modules/installer/sd-card/sd-image-aarch64.nix>
+  ];
+  # put your own configuration here, for example ssh keys:
+  users.extraUsers.root.openssh.authorizedKeys.keys = [
+     "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILIztwQxt+jqroFONSgq+xzPMuE2I5Dq/zWPQ8RcTYJr gabriel@gitgalaxy.com"
+  ];
+}
+#+end_src

nix/configuration.nix

@@ -0,0 +1,103 @@
+{ config, pkgs, ... }:
+
+{
+  imports =
+    [
+      ./hardware-configuration.nix
+    ];
+
+  nixpkgs.config.allowUnfree = true;
+
+  boot.kernelPackages = pkgs.linuxPackages_latest;
+
+  # Use the systemd-boot EFI boot loader.
+  boot.loader.systemd-boot.enable = true;
+  boot.loader.efi.canTouchEfiVariables = true;
+
+  networking.hostName = "london";
+
+  # i18n stuff.
+  time.timeZone = "Europe/London";
+  i18n.defaultLocale = "en_US.UTF-8";
+  console = {
+    font = "Lat2-Terminus16";
+    keyMap = "us";
+  };
+
+  # Networking stuff.
+  networking.useDHCP = false;
+  networking.interfaces.enp4s0.useDHCP = true;
+  services.tailscale.enable = true;
+
+  # Enable the X11 windowing system.
+  services.xserver.enable = true;
+  services.xserver.videoDrivers = [ "nvidia" ];
+
+  hardware.opengl = {
+    enable = true;
+    extraPackages = with pkgs; [
+      vaapiIntel
+      vaapiVdpau
+      libvdpau-va-gl
+    ];
+    setLdLibraryPath = true;
+    driSupport32Bit = true;
+  };
+  # Required for Proton games to function.
+  programs.steam.enable = true;
+
+  # Enable the GNOME Desktop Environment.
+  services.xserver.displayManager.gdm.enable = true;
+  services.xserver.desktopManager.gnome.enable = true;
+
+  # Configure keymap in X11
+  services.xserver.layout = "us";
+
+  # Disabled and replaced with Pipewire.
+  hardware.pulseaudio.enable = false;
+  security.rtkit.enable = true;
+  services.pipewire = {
+    enable = true;
+    alsa.enable = true;
+    alsa.support32Bit = true;
+    pulse.enable = true;
+    jack.enable = true;
+  };
+
+  programs.zsh.enable = true;
+  users.users.gsimmer = {
+    isNormalUser = true;
+    shell = pkgs.zsh;
+    extraGroups = [ "wheel" "networkmanager" ];
+  };
+
+  environment.systemPackages = with pkgs; [
+    vim
+    wget
+    firefox
+    emacs
+    curl
+    podman
+    tailscale
+  ];
+  services.flatpak.enable = true;
+  xdg.portal.enable = true;
+  programs.mtr.enable = true;
+  programs.gnupg.agent = {
+    enable = true;
+    enableSSHSupport = true;
+  };
+
+  networking.firewall.enable = false;
+
+  boot.binfmt.emulatedSystems = [ "aarch64-linux" ];
+  
+  # This value determines the NixOS release from which the default
+  # settings for stateful data, like file locations and database versions
+  # on your system were taken. It‘s perfectly fine and recommended to leave
+  # this value at the release version of the first install of this system.
+  # Before changing this value read the documentation for this option
+  # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
+  system.stateVersion = "21.05"; # Did you read the comment?
+
+}

nix/hardware-configuration.nix

@@ -0,0 +1,50 @@
+{ config, lib, pkgs, modulesPath, ... }:
+
+{
+  imports =
+    [ (modulesPath + "/installer/scan/not-detected.nix")
+    ];
+
+  boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" "ahci" "usbhid" "usb_storage" "sd_mod" ];
+  boot.initrd.kernelModules = [ ];
+  boot.kernelModules = [ "kvm-amd" ];
+  boot.extraModulePackages = [ ];
+
+  services.xserver = {
+    libinput = {
+      enable = true;
+      mouse = { accelProfile = "flat"; };
+    };
+  };
+
+  fileSystems."/" =
+    { device = "/dev/disk/by-uuid/eb8699bd-a9e9-4166-8879-559b244caa20";
+      fsType = "ext4";
+      options = [ "noatime" "nodiratime" "discard" ];
+    };
+
+  fileSystems."/boot" =
+    { device = "/dev/disk/by-uuid/D582-4408";
+      fsType = "vfat";
+      options = [ "noatime" "nodiratime" "discard" ];
+    };
+
+  fileSystems."/mnt/wd" =
+    { device = "/dev/disk/by-partlabel/WD";
+      fsType = "ext4";
+      options = [ "noatime" "nodiratime" "discard" ];
+    };
+
+  fileSystems."/mnt/fhg" =
+    { device = "/dev/disk/by-label/FHG";
+      fsType = "ext4";
+      options = [ "noatime" "nodiratime" "discard" ];
+    };
+
+  swapDevices =
+    [ { device = "/dev/disk/by-uuid/8a0c74ad-a88f-4ecd-a6ac-d7985355bce6"; }
+    ];
+
+  # high-resolution display
+  hardware.video.hidpi.enable = lib.mkDefault true;
+}

nix/image-configuration.nix

@@ -0,0 +1,15 @@
+{ ... }: {
+  imports = [
+    <nixpkgs/nixos/modules/installer/sd-card/sd-image-aarch64.nix>
+  ];
+
+  services.sshd.enable = true;
+  services.ntp.enable = true;
+  
+  users.users.gsimmer = {
+    isNormalUser = true;
+    extraGroups = [ "wheel" ];
+    password = "pass"; # This gets changed. Don't get any ideas.
+    openssh.authorizedKeys.keys = ["ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILIztwQxt+jqroFONSgq+xzPMuE2I5Dq/zWPQ8RcTYJr gabriel@gitgalaxy.com"];
+  };
+}

nix/panda-configuration.nix

@@ -0,0 +1,9 @@
+{ ... }: {
+  imports = [
+    <nixpkgs/nixos/modules/installer/sd-card/sd-image-aarch64.nix>
+  ];
+  # put your own configuration here, for example ssh keys:
+  users.extraUsers.root.openssh.authorizedKeys.keys = [
+     "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILIztwQxt+jqroFONSgq+xzPMuE2I5Dq/zWPQ8RcTYJr gabriel@gitgalaxy.com"
+  ];
+}

nix/watcher-configuration.nix

@@ -0,0 +1,46 @@
+{ config, pkgs, lib, ... }: {
+
+  boot.loader.grub.enable = false;
+  boot.loader.generic-extlinux-compatible.enable = true;
+  boot.kernelPackages = pkgs.linuxPackages_latest;
+
+    
+  services.sshd.enable = true;
+  services.ntp.enable = true;
+  
+  users.users.gsimmer = {
+    isNormalUser = true;
+    extraGroups = [ "wheel" ];
+    password = "pass"; # This gets changed. Don't get any ideas.
+    openssh.authorizedKeys.keys = ["ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILIztwQxt+jqroFONSgq+xzPMuE2I5Dq/zWPQ8RcTYJr gabriel@gitgalaxy.com"];
+  };
+  
+  environment.systemPackages = [ pkgs.git pkgs.curl ];
+
+  systemd.user.services.ensure-curlscript = {
+    script = ''
+      # At some point this will pull down a more complete script.
+      echo "Done!"
+    '';
+    wantedBy = [ "multi-user.target" ];
+  };
+
+  # Enable cron services
+  services.cron = {
+    enable = true;
+    systemCronJobs = [
+      "*/5 * * * *  gsimmer  curl -I -o /dev/null -w \"$(date)|\\%{http_code}\" https://pw.gmem.ca > /home/gsimmer/pw-status"
+      "*/5 * * * *  gsimmer  curl -I -o /dev/null -w \"$(date)|\\%{http_code}\" https://hue.gmem.ca > /home/gsimmer/hue-status"
+    ];
+  };
+
+  fileSystems = {
+    "/" = {
+      device = "/dev/disk/by-label/NIXOS_SD";
+      fsType = "ext4";
+    };
+  };
+
+  networking.firewall.enable = false;
+
+}