arch/dotfiles
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity

Add NixOS configurations.

Browse source
This commit is contained in:
Gabriel Simmer 2021-10-09 17:12:45 +01:00
parent 4df037fc18
commit f489d191df
8 changed files with 364 additions and 13 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

14
.emacs.d/init.el
View file

@ -64,6 +64,7 @@
:init
(setq lsp-keymap-prefix "C-c l")
:hook ((rust-mode . lsp)
(go-mode . lsip)
(lsp-mode . lsp-enable-which-key-integration))
:commands lsp)
@ -72,6 +73,17 @@
(use-package lsp-treemacs :commands lsp-treemacs-errors-list)
(use-package rust-mode)
(use-package go-mode)
(add-hook 'go-mode-hook #'lsp-deferred)
;; Set up before-save hooks to format buffer and add/delete imports.
;; Make sure you don't have other gofmt/goimports hooks enabled.
(defun lsp-go-install-save-hooks ()
(add-hook 'before-save-hook #'lsp-format-buffer t t)
(add-hook 'before-save-hook #'lsp-organize-imports t t))
(add-hook 'go-mode-hook #'lsp-go-install-save-hooks)
(use-package json-mode)
;; Can't have lisps without paredit!
(use-package paredit
@ -120,7 +132,7 @@
;; Your init file should contain only one such instance.
;; If there is more than one, they won't work right.
'(package-selected-packages
'(json-mode treemacs-projectile projectile paredit all-the-fonts doom-modeline rust-mode swipe spinner lsp-treemacs lsp-ivy lsp-ui lsp-mode counsel swiper ivy treemacs use-package monokai-pro-theme)))
'(treemacs-projectile projectile paredit all-the-fonts doom-modeline rust-mode swipe spinner lsp-treemacs lsp-ivy lsp-ui lsp-mode counsel swiper ivy treemacs use-package monokai-pro-theme)))
(custom-set-faces
;; custom-set-faces was added by Custom.
;; If you edit it by hand, you could mess it up, so be careful.

11
Dots.org
View file

@ -254,6 +254,7 @@ WantedBy=timers.target
:init
(setq lsp-keymap-prefix "C-c l")
:hook ((rust-mode . lsp)
(go-mode . lsip)
(lsp-mode . lsp-enable-which-key-integration))
:commands lsp)
@ -262,6 +263,16 @@ WantedBy=timers.target
(use-package lsp-treemacs :commands lsp-treemacs-errors-list)
(use-package rust-mode)
(use-package go-mode)
(add-hook 'go-mode-hook #'lsp-deferred)
;; Set up before-save hooks to format buffer and add/delete imports.
;; Make sure you don't have other gofmt/goimports hooks enabled.
(defun lsp-go-install-save-hooks ()
(add-hook 'before-save-hook #'lsp-format-buffer t t)
(add-hook 'before-save-hook #'lsp-organize-imports t t))
(add-hook 'go-mode-hook #'lsp-go-install-save-hooks)
(use-package json-mode)
;; Can't have lisps without paredit!

129
Systems.org
View file

@ -1,10 +1,16 @@
#+PROPERTY: header-args :mkdirp yes
* Systems
I have opted to use NixOS for my systems moving forward. You can read a bit more
about this move [[https://blog.gabrielsimmer.com/posts/from-guix-to-nixos][here]]. I haven't dabbled with custom configuration too much so
this is pretty close to the default configuration.
#+begin_src nix :tangle configuration.nix
** London
London is my primary desktop.
#+begin_src nix :tangle nix/configuration.nix
{ config, pkgs, ... }:
{
@ -43,10 +49,10 @@ this is pretty close to the default configuration.
hardware.opengl = {
enable = true;
extraPackages = with pkgs; [
vaapiIntel
vaapiVdpau
libvdpau-va-gl
];
vaapiIntel
vaapiVdpau
libvdpau-va-gl
];
setLdLibraryPath = true;
driSupport32Bit = true;
};
@ -56,15 +62,12 @@ this is pretty close to the default configuration.
# Enable the GNOME Desktop Environment.
services.xserver.displayManager.gdm.enable = true;
services.xserver.desktopManager.gnome.enable = true;
# Configure keymap in X11
services.xserver.layout = "us";
# services.xserver.xkbOptions = "eurosign:e";
# Enable CUPS to print documents.
# services.printing.enable = true;
# Disabled and replaced with Pipewire.
hardware.pulseaudio.enable = false;
security.rtkit.enable = true;
services.pipewire = {
enable = true;
@ -91,7 +94,7 @@ this is pretty close to the default configuration.
tailscale
];
services.flatpak.enable = true;
xdg.portal.enable = true;
programs.mtr.enable = true;
programs.gnupg.agent = {
enable = true;
@ -100,6 +103,8 @@ this is pretty close to the default configuration.
networking.firewall.enable = false;
boot.binfmt.emulatedSystems = [ "aarch64-linux" ];
# This value determines the NixOS release from which the default
# settings for stateful data, like file locations and database versions
# on your system were taken. Its perfectly fine and recommended to leave
@ -114,7 +119,7 @@ this is pretty close to the default configuration.
My goal here is to leverage the hardware configuration generated by
the NixOS to seperate out the specific-to-my-current-hardware configuration.
#+begin_src nix :tangle hardware-configuration.nix
#+begin_src nix :tangle nix/hardware-configuration.nix
{ config, lib, pkgs, modulesPath, ... }:
{
@ -166,3 +171,103 @@ the NixOS to seperate out the specific-to-my-current-hardware configuration.
hardware.video.hidpi.enable = lib.mkDefault true;
}
#+end_src
** Raspberry Pis
I have two Raspberry Pis - a 3B+ ("watcher"), and a 4 ("panda"). Watcher
serves as a watchdog for my self hosted services, usually living on Panda.
#+begin_src nix :tangle nix/image-configuration.nix
{ ... }: {
imports = [
<nixpkgs/nixos/modules/installer/sd-card/sd-image-aarch64.nix>
];
services.sshd.enable = true;
services.ntp.enable = true;
users.users.gsimmer = {
isNormalUser = true;
extraGroups = [ "wheel" ];
password = "pass"; # This gets changed. Don't get any ideas.
openssh.authorizedKeys.keys = ["ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILIztwQxt+jqroFONSgq+xzPMuE2I5Dq/zWPQ8RcTYJr gabriel@gitgalaxy.com"];
};
}
#+end_src
*** Watcher
Watcher is my Raspberry Pi 3B+ responsible for monitoring various
services and devices on my network (and generally the wider web).
It uses [[https://github.com/gmemstr/platypus][Platypus]] (my custom monitoring platform) for this, along
with some cron jobs.
Watcher requires a few things; it monitors my various self-hosted
services, and reports these to a self hosted Platypus instance.
#+begin_src nix :tangle nix/watcher-configuration.nix
{ config, pkgs, lib, ... }: {
boot.loader.grub.enable = false;
boot.loader.generic-extlinux-compatible.enable = true;
boot.kernelPackages = pkgs.linuxPackages_latest;
services.sshd.enable = true;
services.ntp.enable = true;
users.users.gsimmer = {
isNormalUser = true;
extraGroups = [ "wheel" ];
password = "pass"; # This gets changed. Don't get any ideas.
openssh.authorizedKeys.keys = ["ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILIztwQxt+jqroFONSgq+xzPMuE2I5Dq/zWPQ8RcTYJr gabriel@gitgalaxy.com"];
};
environment.systemPackages = [ pkgs.git pkgs.curl ];
systemd.user.services.ensure-curlscript = {
script = ''
# At some point this will pull down a more complete script.
echo "Done!"
'';
wantedBy = [ "multi-user.target" ];
};
# Enable cron services
services.cron = {
enable = true;
systemCronJobs = [
"*/5 * * * * gsimmer curl -I -o /dev/null -w \"$(date)|\\%{http_code}\" https://pw.gmem.ca > /home/gsimmer/pw-status"
"*/5 * * * * gsimmer curl -I -o /dev/null -w \"$(date)|\\%{http_code}\" https://hue.gmem.ca > /home/gsimmer/hue-status"
];
};
fileSystems = {
"/" = {
device = "/dev/disk/by-label/NIXOS_SD";
fsType = "ext4";
};
};
networking.firewall.enable = false;
}
#+end_src
*** Panda
Panda is a general-purpose Raspberry Pi 4, responsible for hosting
some network shares and my password manager (using [[https://github.com/dani-garcia/vaultwarden][Vaultwarden]]).
#+begin_src nix :tangle nix/panda-configuration.nix
{ ... }: {
imports = [
<nixpkgs/nixos/modules/installer/sd-card/sd-image-aarch64.nix>
];
# put your own configuration here, for example ssh keys:
users.extraUsers.root.openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILIztwQxt+jqroFONSgq+xzPMuE2I5Dq/zWPQ8RcTYJr gabriel@gitgalaxy.com"
];
}
#+end_src

103
nix/configuration.nix Normal file
View file

@ -0,0 +1,103 @@
{ config, pkgs, ... }:
{
imports =
[
./hardware-configuration.nix
];
nixpkgs.config.allowUnfree = true;
boot.kernelPackages = pkgs.linuxPackages_latest;
# Use the systemd-boot EFI boot loader.
boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = true;
networking.hostName = "london";
# i18n stuff.
time.timeZone = "Europe/London";
i18n.defaultLocale = "en_US.UTF-8";
console = {
font = "Lat2-Terminus16";
keyMap = "us";
};
# Networking stuff.
networking.useDHCP = false;
networking.interfaces.enp4s0.useDHCP = true;
services.tailscale.enable = true;
# Enable the X11 windowing system.
services.xserver.enable = true;
services.xserver.videoDrivers = [ "nvidia" ];
hardware.opengl = {
enable = true;
extraPackages = with pkgs; [
vaapiIntel
vaapiVdpau
libvdpau-va-gl
];
setLdLibraryPath = true;
driSupport32Bit = true;
};
# Required for Proton games to function.
programs.steam.enable = true;
# Enable the GNOME Desktop Environment.
services.xserver.displayManager.gdm.enable = true;
services.xserver.desktopManager.gnome.enable = true;
# Configure keymap in X11
services.xserver.layout = "us";
# Disabled and replaced with Pipewire.
hardware.pulseaudio.enable = false;
security.rtkit.enable = true;
services.pipewire = {
enable = true;
alsa.enable = true;
alsa.support32Bit = true;
pulse.enable = true;
jack.enable = true;
};
programs.zsh.enable = true;
users.users.gsimmer = {
isNormalUser = true;
shell = pkgs.zsh;
extraGroups = [ "wheel" "networkmanager" ];
};
environment.systemPackages = with pkgs; [
vim
wget
firefox
emacs
curl
podman
tailscale
];
services.flatpak.enable = true;
xdg.portal.enable = true;
programs.mtr.enable = true;
programs.gnupg.agent = {
enable = true;
enableSSHSupport = true;
};
networking.firewall.enable = false;
boot.binfmt.emulatedSystems = [ "aarch64-linux" ];
# This value determines the NixOS release from which the default
# settings for stateful data, like file locations and database versions
# on your system were taken. Its perfectly fine and recommended to leave
# this value at the release version of the first install of this system.
# Before changing this value read the documentation for this option
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
system.stateVersion = "21.05"; # Did you read the comment?
}

50
nix/hardware-configuration.nix Normal file
View file

@ -0,0 +1,50 @@
{ config, lib, pkgs, modulesPath, ... }:
{
imports =
[ (modulesPath + "/installer/scan/not-detected.nix")
];
boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" "ahci" "usbhid" "usb_storage" "sd_mod" ];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-amd" ];
boot.extraModulePackages = [ ];
services.xserver = {
libinput = {
enable = true;
mouse = { accelProfile = "flat"; };
};
};
fileSystems."/" =
{ device = "/dev/disk/by-uuid/eb8699bd-a9e9-4166-8879-559b244caa20";
fsType = "ext4";
options = [ "noatime" "nodiratime" "discard" ];
};
fileSystems."/boot" =
{ device = "/dev/disk/by-uuid/D582-4408";
fsType = "vfat";
options = [ "noatime" "nodiratime" "discard" ];
};
fileSystems."/mnt/wd" =
{ device = "/dev/disk/by-partlabel/WD";
fsType = "ext4";
options = [ "noatime" "nodiratime" "discard" ];
};
fileSystems."/mnt/fhg" =
{ device = "/dev/disk/by-label/FHG";
fsType = "ext4";
options = [ "noatime" "nodiratime" "discard" ];
};
swapDevices =
[ { device = "/dev/disk/by-uuid/8a0c74ad-a88f-4ecd-a6ac-d7985355bce6"; }
];
# high-resolution display
hardware.video.hidpi.enable = lib.mkDefault true;
}

15
nix/image-configuration.nix Normal file
View file

@ -0,0 +1,15 @@
{ ... }: {
imports = [
<nixpkgs/nixos/modules/installer/sd-card/sd-image-aarch64.nix>
];
services.sshd.enable = true;
services.ntp.enable = true;
users.users.gsimmer = {
isNormalUser = true;
extraGroups = [ "wheel" ];
password = "pass"; # This gets changed. Don't get any ideas.
openssh.authorizedKeys.keys = ["ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILIztwQxt+jqroFONSgq+xzPMuE2I5Dq/zWPQ8RcTYJr gabriel@gitgalaxy.com"];
};
}

9
nix/panda-configuration.nix Normal file
View file

@ -0,0 +1,9 @@
{ ... }: {
imports = [
<nixpkgs/nixos/modules/installer/sd-card/sd-image-aarch64.nix>
];
# put your own configuration here, for example ssh keys:
users.extraUsers.root.openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILIztwQxt+jqroFONSgq+xzPMuE2I5Dq/zWPQ8RcTYJr gabriel@gitgalaxy.com"
];
}

46
nix/watcher-configuration.nix Normal file
View file

@ -0,0 +1,46 @@
{ config, pkgs, lib, ... }: {
boot.loader.grub.enable = false;
boot.loader.generic-extlinux-compatible.enable = true;
boot.kernelPackages = pkgs.linuxPackages_latest;
services.sshd.enable = true;
services.ntp.enable = true;
users.users.gsimmer = {
isNormalUser = true;
extraGroups = [ "wheel" ];
password = "pass"; # This gets changed. Don't get any ideas.
openssh.authorizedKeys.keys = ["ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILIztwQxt+jqroFONSgq+xzPMuE2I5Dq/zWPQ8RcTYJr gabriel@gitgalaxy.com"];
};
environment.systemPackages = [ pkgs.git pkgs.curl ];
systemd.user.services.ensure-curlscript = {
script = ''
# At some point this will pull down a more complete script.
echo "Done!"
'';
wantedBy = [ "multi-user.target" ];
};
# Enable cron services
services.cron = {
enable = true;
systemCronJobs = [
"*/5 * * * * gsimmer curl -I -o /dev/null -w \"$(date)|\\%{http_code}\" https://pw.gmem.ca > /home/gsimmer/pw-status"
"*/5 * * * * gsimmer curl -I -o /dev/null -w \"$(date)|\\%{http_code}\" https://hue.gmem.ca > /home/gsimmer/hue-status"
];
};
fileSystems = {
"/" = {
device = "/dev/disk/by-label/NIXOS_SD";
fsType = "ext4";
};
};
networking.firewall.enable = false;
}