arch/infra
arch/infra
1
0
Fork 0
Code Actions Packages Activity

Move london system configuration to flake
All checks were successful
Lint / lint (push) Successful in 21s
Details

Browse source
This commit is contained in:
Gabriel Simmer 2023-09-05 21:37:06 +01:00
parent c8ef1a4310
commit dc688fb97d
Signed by: arch
SSH key fingerprint: SHA256:m3OEcdtrnBpMX+2BDGh/byv3hrCekCLzDYMdvGEKPPQ
3 changed files with 624 additions and 116 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

11
flake.nix
View file

@ -35,6 +35,7 @@
k6
pulumi-bin
nodejs
nil
];
buildInputs = [ ];
};
@ -50,6 +51,16 @@
};
apps = nixinate.nixinate.x86_64-linux self;
nixosConfigurations = {
london = nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
modules = [
(import ./krops/london/configuration.nix)
home-manager.nixosModules.home-manager
{
home-manager.users.gsimmer = import ./krops/london/gsimmer.nix;
}
];
};
oracle-gitea-runner = nixpkgs.lib.nixosSystem {
system = "aarch64-linux";
modules = [

134
krops/london/configuration.nix
View file

@ -1,53 +1,8 @@
{ config, pkgs, ... }:
let
# bash script to let dbus know about important env variables and
# propagate them to relevent services run at the end of sway config
# see
# https://github.com/emersion/xdg-desktop-portal-wlr/wiki/"It-doesn't-work"-Troubleshooting-Checklist
# note: this is pretty much the same as /etc/sway/config.d/nixos.conf but also restarts
# some user services to make sure they have the correct environment variables
dbus-sway-environment = pkgs.writeTextFile {
name = "dbus-sway-environment";
destination = "/bin/dbus-sway-environment";
executable = true;
text = ''
dbus-update-activation-environment --systemd WAYLAND_DISPLAY XDG_CURRENT_DESKTOP=sway
systemctl --user stop pipewire pipewire-media-session xdg-desktop-portal xdg-desktop-portal-wlr
systemctl --user start pipewire pipewire-media-session xdg-desktop-portal xdg-desktop-portal-wlr
'';
};
# currently, there is some friction between sway and gtk:
# https://github.com/swaywm/sway/wiki/GTK-3-settings-on-Wayland
# the suggested way to set gtk settings is with gsettings
# for gsettings to work, we need to tell it where the schemas are
# using the XDG_DATA_DIR environment variable
# run at the end of sway config
configure-gtk = pkgs.writeTextFile {
name = "configure-gtk";
destination = "/bin/configure-gtk";
executable = true;
text = let
schema = pkgs.gsettings-desktop-schemas;
datadir = "${schema}/share/gsettings-schemas/${schema.name}";
in ''
export XDG_DATA_DIRS=${datadir}:$XDG_DATA_DIRS
gnome_schema=org.gnome.desktop.interface
gsettings set $gnome_schema gtk-theme 'Dracula'
'';
};
in
{
imports =
[
./hardware-configuration.nix
./cachix.nix
./wayland.nix
];
# Bootloader
@ -66,7 +21,7 @@ in
};
};
binfmt.emulatedSystems = [ "aarch64-linux" ];
extraModulePackages = with pkgs; [
extraModulePackages = [
config.boot.kernelPackages.v4l2loopback
];
kernelPackages = pkgs.linuxPackages_zen;
@ -104,7 +59,7 @@ in
allowedUDPPortRanges = [ { from = 27031; to = 27036; } ];
allowedTCPPortRanges = [ { from = 27036; to = 27037; } ];
allowedTCPPorts = [ 7000 7100 ];
allowedUDPPorts = [ 6000 6001 7011 ];
allowedUDPPorts = [ 6000 6001 7011 41641 3478 ];
trustedInterfaces = [ "tailscale0" ];
checkReversePath = "loose";
};
@ -115,6 +70,13 @@ in
i18n.defaultLocale = "en_GB.utf8";
services = {
prometheus.exporters.node = {
enable = true;
listenAddress = "100.95.77.62";
enabledCollectors = [
"systemd" "processes"
];
};
dbus.enable = true;
yubikey-agent.enable = true;
udev.packages = with pkgs; [ libu2f-host yubikey-personalization ];
@ -180,6 +142,7 @@ in
};
programs = {
gamemode.enable = true;
zsh.enable = true;
fish.enable = true;
nix-ld.enable = true;
@ -190,17 +153,17 @@ in
dedicatedServer.openFirewall = false; # Open ports in the firewall for Source Dedicated Server
};
gnupg.agent = {
enable = true;
pinentryFlavor = "gnome3";
enableSSHSupport = false;
};
enable = true;
pinentryFlavor = "gnome3";
enableSSHSupport = false;
};
};
# Define a user account. Don't forget to set a password with passwd.
users.users.gsimmer = {
shell = pkgs.fish;
shell = pkgs.nushell;
isNormalUser = true;
description = "Gabriel Simmer";
extraGroups = [ "networkmanager" "wheel" "libvirtd" "qemu-libvirtd" ];
extraGroups = [ "networkmanager" "wheel" "libvirtd" "qemu-libvirtd" "docker" ];
packages = with pkgs; [
firefox-wayland
vim
@ -211,7 +174,6 @@ in
virtualisation = {
docker = {
enable = true;
enableNvidia = true;
rootless = {
enable = true;
setSocketVariable = true;
@ -235,74 +197,14 @@ in
pinentry-curses
noisetorch
nix-output-monitor
pinentry-qt
pinentry-gnome
xdg-utils
dracula-theme
dbus-sway-environment
yubikey-touch-detector
i3pystatus (python310.withPackages(ps: with ps; [ i3pystatus keyring ]))
docker-compose
];
};
# -- Sway Stuff --
systemd.user.targets.sway-session = {
description = "Sway compositor session";
documentation = [ "man:systemd.special(7)" ];
bindsTo = [ "graphical-session.target" ];
wants = [ "graphical-session-pre.target" ];
after = [ "graphical-session-pre.target" ];
};
programs.sway = {
enable = true;
extraOptions = [ "--unsupported-gpu" ];
wrapperFeatures.gtk = true;
extraPackages = with pkgs; [
bemenu
swaylock
swayidle
xwayland
mako
kanshi
grim
slurp
wl-clipboard
wf-recorder
(python310.withPackages(ps: with ps; [ i3pystatus keyring ]))
];
extraSessionCommands = ''
export SDL_VIDEODRIVER=wayland
export QT_QPA_PLATFORM=wayland
export QT_WAYLAND_DISABLE_WINDOWDECORATION="1"
export _JAVA_AWT_WM_NONREPARENTING=1
export MOZ_ENABLE_WAYLAND=1
export WLR_RENDERER=vulkan
'';
};
hardware.opengl.extraPackages = with pkgs; [
# trying to fix `WLR_RENDERER=vulkan sway`
vulkan-validation-layers
];
# configuring kanshi
systemd.user.services.kanshi = {
description = "Kanshi output autoconfig ";
wantedBy = [ "graphical-session.target" ];
partOf = [ "graphical-session.target" ];
environment = { XDG_CONFIG_HOME="/home/mschwaig/.config"; };
serviceConfig = {
# kanshi doesn't have an option to specifiy config file yet, so it looks
# at .config/kanshi/config
ExecStart = ''
${pkgs.kanshi}/bin/kanshi
'';
RestartSec = 5;
Restart = "always";
};
};
security = {
polkit.enable = true;
rtkit.enable = true;

595
krops/london/gsimmer.nix Normal file
View file

@ -0,0 +1,595 @@
{ config, pkgs, callPackage, ... }:
{
nixpkgs.overlays =
let
discordOverlay = self: super: {
discord = super.discord.override { withOpenASAR = true; withVencord = true; };
};
in
[
(import (builtins.fetchTarball {
url = "https://github.com/nix-community/emacs-overlay/archive/master.tar.gz";
sha256 = "0xyhs0xj72nk0acd54ngryazsqllwgfjh0964fa2176ji73a6c1d";
})) discordOverlay];
home.username = "gsimmer";
home.homeDirectory = "/home/gsimmer";
nixpkgs.config.allowUnfree = true;
programs.bash.enable = false;
programs.fish = {
enable = false;
interactiveShellInit = ''
set fish_greeting
atuin init fish | source
'';
plugins = [
{
name = "z";
src = pkgs.fetchFromGitHub {
owner = "jethrokuan";
repo = "z";
rev = "e0e1b9dfdba362f8ab1ae8c1afc7ccf62b89f7eb";
sha256 = "0dbnir6jbwjpjalz14snzd3cgdysgcs3raznsijd6savad3qhijc";
};
}
];
};
programs.tmux = {
enable = true;
plugins = with pkgs; [
tmuxPlugins.sensible
tmuxPlugins.cpu
];
};
programs.nushell = {
enable = true;
extraConfig =
''
$env.config = {
shell_integration: true
keybindings: [
{
name: completion_menu
modifier: none
keycode: tab
mode: [emacs vi_normal vi_insert]
event: {
until: [
{ send: menu name: completion_menu }
{ send: menunext }
]
}
}
{
name: history_menu
modifier: control
keycode: char_r
mode: [emacs, vi_insert, vi_normal]
event: { send: menu name: history_menu }
}
{
name: help_menu
modifier: none
keycode: f1
mode: [emacs, vi_insert, vi_normal]
event: { send: menu name: help_menu }
}
{
name: completion_previous_menu
modifier: shift
keycode: backtab
mode: [emacs, vi_normal, vi_insert]
event: { send: menuprevious }
}
{
name: next_page_menu
modifier: control
keycode: char_x
mode: emacs
event: { send: menupagenext }
}
{
name: undo_or_previous_page_menu
modifier: control
keycode: char_z
mode: emacs
event: {
until: [
{ send: menupageprevious }
{ edit: undo }
]
}
}
{
name: escape
modifier: none
keycode: escape
mode: [emacs, vi_normal, vi_insert]
event: { send: esc } # NOTE: does not appear to work
}
{
name: cancel_command
modifier: control
keycode: char_c
mode: [emacs, vi_normal, vi_insert]
event: { send: ctrlc }
}
{
name: quit_shell
modifier: control
keycode: char_d
mode: [emacs, vi_normal, vi_insert]
event: { send: ctrld }
}
{
name: clear_screen
modifier: control
keycode: char_l
mode: [emacs, vi_normal, vi_insert]
event: { send: clearscreen }
}
{
name: search_history
modifier: control
keycode: char_q
mode: [emacs, vi_normal, vi_insert]
event: { send: searchhistory }
}
{
name: open_command_editor
modifier: control
keycode: char_o
mode: [emacs, vi_normal, vi_insert]
event: { send: openeditor }
}
{
name: move_up
modifier: none
keycode: up
mode: [emacs, vi_normal, vi_insert]
event: {
until: [
{send: menuup}
{send: up}
]
}
}
{
name: move_down
modifier: none
keycode: down
mode: [emacs, vi_normal, vi_insert]
event: {
until: [
{send: menudown}
{send: down}
]
}
}
{
name: move_left
modifier: none
keycode: left
mode: [emacs, vi_normal, vi_insert]
event: {
until: [
{send: menuleft}
{send: left}
]
}
}
{
name: move_right_or_take_history_hint
modifier: none
keycode: right
mode: [emacs, vi_normal, vi_insert]
event: {
until: [
{send: historyhintcomplete}
{send: menuright}
{send: right}
]
}
}
{
name: move_one_word_left
modifier: control
keycode: left
mode: [emacs, vi_normal, vi_insert]
event: {edit: movewordleft}
}
{
name: move_one_word_right_or_take_history_hint
modifier: control
keycode: right
mode: [emacs, vi_normal, vi_insert]
event: {
until: [
{send: historyhintwordcomplete}
{edit: movewordright}
]
}
}
{
name: move_to_line_start
modifier: none
keycode: home
mode: [emacs, vi_normal, vi_insert]
event: {edit: movetolinestart}
}
{
name: move_to_line_start
modifier: control
keycode: char_a
mode: [emacs, vi_normal, vi_insert]
event: {edit: movetolinestart}
}
{
name: move_to_line_end_or_take_history_hint
modifier: none
keycode: end
mode: [emacs, vi_normal, vi_insert]
event: {
until: [
{send: historyhintcomplete}
{edit: movetolineend}
]
}
}
{
name: move_to_line_end_or_take_history_hint
modifier: control
keycode: char_e
mode: [emacs, vi_normal, vi_insert]
event: {
until: [
{send: historyhintcomplete}
{edit: movetolineend}
]
}
}
{
name: move_to_line_start
modifier: control
keycode: home
mode: [emacs, vi_normal, vi_insert]
event: {edit: movetolinestart}
}
{
name: move_to_line_end
modifier: control
keycode: end
mode: [emacs, vi_normal, vi_insert]
event: {edit: movetolineend}
}
{
name: move_up
modifier: control
keycode: char_p
mode: [emacs, vi_normal, vi_insert]
event: {
until: [
{send: menuup}
{send: up}
]
}
}
{
name: move_down
modifier: control
keycode: char_t
mode: [emacs, vi_normal, vi_insert]
event: {
until: [
{send: menudown}
{send: down}
]
}
}
{
name: delete_one_character_backward
modifier: none
keycode: backspace
mode: [emacs, vi_insert]
event: {edit: backspace}
}
{
name: delete_one_word_backward
modifier: control
keycode: backspace
mode: [emacs, vi_insert]
event: {edit: backspaceword}
}
{
name: delete_one_character_forward
modifier: none
keycode: delete
mode: [emacs, vi_insert]
event: {edit: delete}
}
{
name: delete_one_character_forward
modifier: control
keycode: delete
mode: [emacs, vi_insert]
event: {edit: delete}
}
{
name: delete_one_character_forward
modifier: control
keycode: char_h
mode: [emacs, vi_insert]
event: {edit: backspace}
}
{
name: delete_one_word_backward
modifier: control
keycode: char_w
mode: [emacs, vi_insert]
event: {edit: backspaceword}
}
{
name: move_left
modifier: none
keycode: backspace
mode: vi_normal
event: {edit: moveleft}
}
{
name: newline_or_run_command
modifier: none
keycode: enter
mode: emacs
event: {send: enter}
}
{
name: move_left
modifier: control
keycode: char_b
mode: emacs
event: {
until: [
{send: menuleft}
{send: left}
]
}
}
{
name: move_right_or_take_history_hint
modifier: control
keycode: char_f
mode: emacs
event: {
until: [
{send: historyhintcomplete}
{send: menuright}
{send: right}
]
}
}
{
name: redo_change
modifier: control
keycode: char_g
mode: emacs
event: {edit: redo}
}
{
name: undo_change
modifier: control
keycode: char_z
mode: emacs
event: {edit: undo}
}
{
name: paste_before
modifier: control
keycode: char_y
mode: emacs
event: {edit: pastecutbufferbefore}
}
{
name: cut_word_left
modifier: control
keycode: char_w
mode: emacs
event: {edit: cutwordleft}
}
{
name: cut_line_to_end
modifier: control
keycode: char_k
mode: emacs
event: {edit: cuttoend}
}
{
name: cut_line_from_start
modifier: control
keycode: char_u
mode: emacs
event: {edit: cutfromstart}
}
{
name: swap_graphemes
modifier: control
keycode: char_t
mode: emacs
event: {edit: swapgraphemes}
}
{
name: move_one_word_left
modifier: alt
keycode: left
mode: emacs
event: {edit: movewordleft}
}
{
name: move_one_word_right_or_take_history_hint
modifier: alt
keycode: right
mode: emacs
event: {
until: [
{send: historyhintwordcomplete}
{edit: movewordright}
]
}
}
{
name: move_one_word_left
modifier: alt
keycode: char_b
mode: emacs
event: {edit: movewordleft}
}
{
name: move_one_word_right_or_take_history_hint
modifier: alt
keycode: char_f
mode: emacs
event: {
until: [
{send: historyhintwordcomplete}
{edit: movewordright}
]
}
}
{
name: delete_one_word_forward
modifier: alt
keycode: delete
mode: emacs
event: {edit: deleteword}
}
{
name: delete_one_word_backward
modifier: alt
keycode: backspace
mode: emacs
event: {edit: backspaceword}
}
{
name: delete_one_word_backward
modifier: alt
keycode: char_m
mode: emacs
event: {edit: backspaceword}
}
{
name: cut_word_to_right
modifier: alt
keycode: char_d
mode: emacs
event: {edit: cutwordright}
}
{
name: upper_case_word
modifier: alt
keycode: char_u
mode: emacs
event: {edit: uppercaseword}
}
{
name: lower_case_word
modifier: alt
keycode: char_l
mode: emacs
event: {edit: lowercaseword}
}
{
name: capitalize_char
modifier: alt
keycode: char_c
mode: emacs
event: {edit: capitalizechar}
}
]
}
source ~/.local/share/atuin/init.nu
'';
};
programs.direnv = {
enable = true;
nix-direnv.enable = true;
};
services.lorri.enable = true;
programs.git = {
enable = true;
userName = "Gabriel Simmer";
userEmail = "g@gmem.ca";
extraConfig = {
gpg = {
format = "ssh";
};
user = {
signingkey = "/home/gsimmer/.ssh/yubikey-second.pub";
};
tag = {
gpgSign = true;
};
commit = {
gpgSign = true;
};
};
};
programs.emacs = {
enable = true;
package = pkgs.emacs-unstable-pgtk;
extraPackages = epkgs: [
epkgs.vterm
];
};
programs.exa = {
enable = true;
enableAliases = true;
};
programs.bat = {
enable = true;
};
home.packages = with pkgs; [
bitwarden-cli
vlc
obs-studio
python3
thunderbird
prismlauncher
ripgrep
kitty
virt-manager
jre8
parsec-bin
nodejs
telegram-desktop
atuin
age-plugin-yubikey
rage
discord
podman-desktop
mangohud
];
# This value determines the Home Manager release that your
# configuration is compatible with. This helps avoid breakage
# when a new Home Manager release introduces backwards
# incompatible changes.
#
# You can update Home Manager without changing this value. See
# the Home Manager release notes for a list of state version
# changes in each release.
home.stateVersion = "23.05";
# Let Home Manager install and manage itself.
programs.home-manager.enable = true;
}