fabianhauser/dotfiles
1
0
Fork 0
Code Issues 4 Pull requests 1 Projects Releases Packages Wiki Activity Actions

Integrate hummelberg desktop configuration

Browse source
This commit is contained in:
Fabian Hauser 2020-11-30 16:23:45 +01:00
parent e8f2a29484
commit 81eb15d52a
22 changed files with 824 additions and 25 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

104
defaults/base/default.nix
View file

@ -2,7 +2,7 @@
{ config, lib, pkgs, ... }: { config, lib, pkgs, ... }:
{ {
imports = [ ../../modules ]; imports = [ ../../modules ./unfree.nix ];
nixpkgs.overlays = [ (import ../../overlays) ]; nixpkgs.overlays = [ (import ../../overlays) ];
@ -14,28 +14,79 @@
console = { console = {
font = "Lat2-Terminus16"; font = "Lat2-Terminus16";
keyMap = "sg-latin1"; keyMap = "de_CH-latin1";
}; };
i18n.defaultLocale = "en_US.UTF-8"; i18n.defaultLocale = "en_US.UTF-8";
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs;
wget [
curl
vim vim
tmux tmux
git
ncat
bind
ack
fwupd fwupd
pciutils pciutils
dmidecode dmidecode
smartmontools smartmontools
parted
borgbackup borgbackup
nixfmt
iw iw
killall
bc
efibootmgr
efitools
efivar
mkpasswd
rename
wipe
gnupg
pass
pwgen
units
powertop
lm_sensors
] ++ [ nixfmt nix-index nix-diff nixpkgs-review ]
++ [ autojump powerline-go ] ++ [ # File Utilities
ack
unzip
unrar
perl530Packages.DigestSHA3
borgbackup
iotop
cabextract
tree # p7zip
vim
vimPlugins.pathogen
vimPlugins.airline
git
git-lfs
] ++ [ # Filesystem & Disk Utilities
fuse_exfat
cifs-utils
keyutils # required for cifs kerberos auth
smbclient
exfat-utils
sshfs-fuse
hdparm
mtpfs
ntfs3g
smartmontools
parted
] ++ [ # Networking Utilities
nmap
bind
curl
wget
ncat
tor
tor-arm
mosh
whois
wol
rsync
sshuttle
iftop
mailutils # hash-slinger #TODO: hash-slinger has broken dependency pyunbound
imapsync
bluez-tools
]; ];
services.fwupd.enable = true; services.fwupd.enable = true;
@ -54,16 +105,24 @@
nix.trustedUsers = [ "root" "@wheel" ]; nix.trustedUsers = [ "root" "@wheel" ];
users.groups = {
fhauser.gid = 1000;
das-g.gid = 1001;
empty0.gid = 1002;
};
users.mutableUsers = false; users.mutableUsers = false;
users.users = rec { users.users = rec { # TODO: Migrate to meta
root.openssh.authorizedKeys.keys = root.openssh.authorizedKeys.keys =
lib.flatten (map (u: u.openssh.authorizedKeys.keys) [ fhauser das-g ]); lib.flatten (map (u: u.openssh.authorizedKeys.keys) [ fhauser das-g ]);
fhauser = { fhauser = {
uid = 1000;
isNormalUser = true; isNormalUser = true;
description = "Fabian Hauser"; description = "Fabian Hauser";
extraGroups = [ "wheel" ]; group = "fhauser";
uid = 1000; extraGroups = [ "wheel" "video" ]
++ (if config.virtualisation.docker.enable then [ "docker" ] else [ ]);
hashedPassword = hashedPassword =
"$6$rounds=20000$TYZ8CojfBLwejcwn$smEJe6/anL9NGf.Ytfny14nBfhr4TRPv2XK1lgHz7yg.zQow1HACePirEjsjxzFC6vTHGaT8t2NxobUsHbWLg1"; "$6$rounds=20000$TYZ8CojfBLwejcwn$smEJe6/anL9NGf.Ytfny14nBfhr4TRPv2XK1lgHz7yg.zQow1HACePirEjsjxzFC6vTHGaT8t2NxobUsHbWLg1";
openssh.authorizedKeys.keys = [ openssh.authorizedKeys.keys = [
@ -72,16 +131,27 @@
}; };
das-g = { das-g = {
uid = 1001;
isNormalUser = true; isNormalUser = true;
description = "Raphael Das Gupta"; description = "Raphael Das Gupta";
group = "das-g";
extraGroups = [ "wheel" ]; extraGroups = [ "wheel" ];
uid = 1001;
hashedPassword = hashedPassword =
"$6$rounds=37000$omA92cfwup$Ri9FXHbeOUIIDKf83D6UNa5NWGac.G9A3voJmrivwkVtaDGVMGLIa5qdgkaDeCKoMkl8YRjJ7smEyrMwTnuRD0"; "$6$rounds=37000$omA92cfwup$Ri9FXHbeOUIIDKf83D6UNa5NWGac.G9A3voJmrivwkVtaDGVMGLIa5qdgkaDeCKoMkl8YRjJ7smEyrMwTnuRD0";
openssh.authorizedKeys.keys = [ openssh.authorizedKeys.keys = [
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDRWDaUzbDyCNee/K8iCcXtoLrR0fZoGpXAV4f/CjB8kKb42lWKWXc67Juy0RnRVCZQc21ooApuQPJZ08Cawj9Okgz0j3vYdMnDBY1Ox9Ik12hzbpdLDHhOrIj3BOJuAKfFy5OM9Z2ZLwdvjXFk+1RQK1Qadd3PwtGjxLAgp5eBHj8TgUP8DXKGQQElphjfVLua4ufqoTldT1mrmDn/+GDgNY5HUTQb+YZ6AwjcemG+eAdG30Al1JRkOogke83hIXBVNCD9ObPtRv/KiAZv3TV8bgP2mzeeG2aDDb9qz8HXKvBlbN2ouz0cWTA5D5+Ua+wkOggEfhfPKBauF9sbQ8bRuknWm8VnuVXkikzdYZVGKdzvoHRdOfoTCL4JHzpGW6H3jVqdQuGTv5r28y/jxbDY95w6KmxLS+2u8SHVBh6hVAxf5i3P8aIHkOTEN//SyS/fa1uXHSQt0sVya2+4pTsCQfwWjE3TrQg6W6bmguVMjaICze5wWwckap+57jKbK9sPCuLFfYPwOvQ3nfb6wwNBhvNxmD9xGfk8/UzXsoq6OgPvF7GE5UWA04GHCnF4H0tEAQBK0vsjKxqC2lM8nK9msbqkSxadIFYqiG1+DAZyju3uZgkkInev8dh02yNsVJKYoCm60PWaMTLeVsrYZuvNDWXsXm7+nD02wWI0lxnkVw== das-g@x1carbon" "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDRWDaUzbDyCNee/K8iCcXtoLrR0fZoGpXAV4f/CjB8kKb42lWKWXc67Juy0RnRVCZQc21ooApuQPJZ08Cawj9Okgz0j3vYdMnDBY1Ox9Ik12hzbpdLDHhOrIj3BOJuAKfFy5OM9Z2ZLwdvjXFk+1RQK1Qadd3PwtGjxLAgp5eBHj8TgUP8DXKGQQElphjfVLua4ufqoTldT1mrmDn/+GDgNY5HUTQb+YZ6AwjcemG+eAdG30Al1JRkOogke83hIXBVNCD9ObPtRv/KiAZv3TV8bgP2mzeeG2aDDb9qz8HXKvBlbN2ouz0cWTA5D5+Ua+wkOggEfhfPKBauF9sbQ8bRuknWm8VnuVXkikzdYZVGKdzvoHRdOfoTCL4JHzpGW6H3jVqdQuGTv5r28y/jxbDY95w6KmxLS+2u8SHVBh6hVAxf5i3P8aIHkOTEN//SyS/fa1uXHSQt0sVya2+4pTsCQfwWjE3TrQg6W6bmguVMjaICze5wWwckap+57jKbK9sPCuLFfYPwOvQ3nfb6wwNBhvNxmD9xGfk8/UzXsoq6OgPvF7GE5UWA04GHCnF4H0tEAQBK0vsjKxqC2lM8nK9msbqkSxadIFYqiG1+DAZyju3uZgkkInev8dh02yNsVJKYoCm60PWaMTLeVsrYZuvNDWXsXm7+nD02wWI0lxnkVw== das-g@x1carbon"
]; ];
}; };
empty0 = {
uid = 1002;
isNormalUser = true;
description = "Testuser empty0";
group = "empty0";
extraGroups = [ "video" ];
hashedPassword =
"$6$mlI7Au.EzmrL9uJj$vz8ujechSkx83tsFcRA8D04vh5.3ZwPlPmE.wsf2CTKvLio48a1eXtRxUHkkDfPlLAjqyJ55bSSw2lLazH9Ip/";
};
}; };
nix.gc = { nix.gc = {
@ -90,10 +160,14 @@
options = "--delete-older-than 30d"; options = "--delete-older-than 30d";
}; };
services.btrfs.autoScrub.enable = true;
environment.etc = { environment.etc = {
gitconfig.source = ./etc/gitconfig; gitconfig.source = ./etc/gitconfig;
vimrc.source = ./etc/vimrc; vimrc.source = ./etc/vimrc;
}; };
programs.autojump.enable = true;
programs.vim.defaultEditor = true;
security.acme = { security.acme = {
acceptTerms = true; acceptTerms = true;

35
defaults/base/unfree.nix Normal file
View file

@ -0,0 +1,35 @@
{ config, lib, pkgs, ... }:
{
nixpkgs.config.allowUnfreePredicate = pkg:
builtins.elem (lib.getName pkg) [
"unrar"
"hplip"
"google-chrome"
"spotify"
"skypeforlinux"
"slack"
"teams"
"discord"
"teamviewer"
"unity-editor"
"corefonts"
"camingo-code"
"helvetica-neue-lt-std"
#"kochi-substitute-naga10"
"ttf-envy-code-r"
"vista-fonts"
"vista-fonts-chs"
"xkcd-font-unstable"
"ricty"
"pycharm-professional"
"idea-ultimate"
"android-studio-stable"
"vmware-view"
];
}

37
defaults/cifs-auth-fix/default.nix Normal file
View file

@ -0,0 +1,37 @@
{ config, lib, pkgs, ... }:
{
# Remove this once https://github.com/NixOS/nixpkgs/issues/34638 is resolved
# The TL;DR is: the kernel calls out to the hard-coded path of
# /sbin/request-key as part of its CIFS auth process, which of course does
# not exist on NixOS due to the usage of Nix store paths.
system.activationScripts.symlink-requestkey = ''
if [ ! -d /sbin ]; then
mkdir /sbin
fi
ln -sfn /run/current-system/sw/bin/request-key /sbin/request-key
'';
# request-key expects a configuration file under /etc
environment.etc."request-key.conf" = {
text = let
upcall = "${pkgs.cifs-utils}/bin/cifs.upcall";
keyctl = "${pkgs.keyutils}/bin/keyctl";
in ''
#OP TYPE DESCRIPTION CALLOUT_INFO PROGRAM
# -t is required for DFS share servers...
create cifs.spnego * * ${upcall} -t %k
create dns_resolver * * ${upcall} %k
# Everything below this point is essentially the default configuration,
# modified minimally to work under NixOS. Notably, it provides debug
# logging.
create user debug:* negate ${keyctl} negate %k 30 %S
create user debug:* rejected ${keyctl} reject %k 30 %c %S
create user debug:* expired ${keyctl} reject %k 30 %c %S
create user debug:* revoked ${keyctl} reject %k 30 %c %S
create user debug:loop:* * |${pkgs.coreutils}/bin/cat
create user debug:* * ${pkgs.keyutils}/share/keyutils/request-key-debug.sh %k %d %c %S
negate * * * ${keyctl} negate %k 30 %S
'';
};
}

52
defaults/desktop/applications.nix Normal file
View file

@ -0,0 +1,52 @@
{ config, pkgs, lib, ... }:
{
environment.systemPackages = with pkgs;
[ # Networking
unison
transmission # GUI Tools, maybe extract...
] ++ [ # Desktop Environment Applications
firefox
google-chrome
chromium
midori
qutebrowser
gnome3.evolution # TODO: Evolution EWS
synergy
quicksynergy
simple-scan
nextcloud-client
owncloud-client
] ++ [ # office # TODO: Migrate to office.nix
libreoffice-fresh # TODO: Dictionaries, nixos/nixpkgs#14430
pdfgrep
pdftk
calibre
tectonic
texstudio
pandoc
system-config-printer
cups-pk-helper
cups-bjnp
gutenprint
gutenprintBin
hplipWithPlugin
gnome3.gnome-online-accounts
gnome3.gnome-control-center
] ++ [ # Communication
signal-desktop
tdesktop
discord
mattermost-desktop
# pidgin pidgin-otr pidgin-with-plugins #TODO: Pidgin needed?
#TODO: ekiga?
skype
slack
teams
teamviewer
rdesktop
vmware-horizon-client
];
}

15
defaults/desktop/default.nix Normal file
View file

@ -0,0 +1,15 @@
{ config, pkgs, lib, ... }: {
imports = [
./applications.nix
./desktop-environment.nix
./desktop-i3.nix
./hardware.nix
./multimedia.nix
./office-suite.nix
./scripts.nix
./security.nix
./webapps.nix
];
}

53
defaults/desktop/desktop-environment.nix Normal file
View file

@ -0,0 +1,53 @@
{ config, pkgs, lib, ... }: {
environment.systemPackages = with pkgs;
[ # Utilities
freetype
light
xorg.xbacklight
feh
redshift
numlockx # TODO: Does this work?
lxappearance
] ++ [ # Networking
gnome3.networkmanager-openconnect
] ++ [ # Various
xfce.thunar
xfce.thunar-archive-plugin
xfce.xfce4-appfinder # xfce.thunar-volman # needed?
xfce.terminal
gnome3.gnome-screenshot
pinentry-gtk2 # Required by gnupg
];
programs = {
gnome-terminal.enable = false;
geary.enable = false;
light.enable = true;
gnupg.agent.pinentryFlavor = "gtk2";
dconf.enable = true;
};
services.gnome3 = {
# TODO: Do this manually and not all at once.
core-utilities.enable = true;
gnome-keyring.enable = true;
evolution-data-server.enable = true;
gnome-online-accounts.enable = true;
sushi.enable = false;
};
services.gvfs.enable = true;
services.flatpak.enable = true;
xdg.portal = {
enable = true;
gtkUsePortal = true;
extraPortals = [ pkgs.xdg-desktop-portal-gtk ];
};
}

36
defaults/desktop/desktop-i3.nix Normal file
View file

@ -0,0 +1,36 @@
{ config, pkgs, lib, ... }: {
services.xserver = {
enable = true;
desktopManager.xterm.enable = false;
displayManager = {
startx.enable = false;
lightdm.enable = true;
defaultSession = "none+i3";
};
windowManager.i3 = {
enable = true;
extraPackages = with pkgs; [
xdotool # for passmenu
python37Packages.py3status
file # TODO: py3status dependencies that should be added to nixpkgs
i3status
i3lock
redshift
rofi # TODO: add themes to global shared
feh
gnome3.networkmanagerapplet
pulseaudioLight.out
gnome3.gnome-screenshot
];
};
};
# Enable touchpad support.
services.xserver.libinput.enable = true;
# i18n
services.xserver.layout = "ch,de";
services.xserver.xkbOptions = "eurosign:e";
}

18
defaults/desktop/hardware.nix Normal file
View file

@ -0,0 +1,18 @@
{ config, pkgs, lib, ... }:
{
services.blueman.enable = true;
# Enable sound.
sound.enable = true;
hardware = {
pulseaudio.enable = true;
opengl.enable = true;
u2f.enable = true;
acpilight.enable = true;
bluetooth.enable = true;
};
}

56
defaults/desktop/multimedia.nix Normal file
View file

@ -0,0 +1,56 @@
{ config, pkgs, lib, ... }:
{
environment.systemPackages = with pkgs;
[ vlc v4l-utils calibre blender openshot-qt playerctl youtube-dl ]
++ [ # Audio
audacity
enblend-enfuse
ffmpeg
mplayer
sox # TODO: mencoder?
vorbis-tools
vorbisgain
opusTools
flac
lame
id3lib
id3v2 # TODO: icedax?
pasystray
pavucontrol
spotify
] ++ [ # Imaging
gimp
hugin
lensfun
luminanceHDR
darktable
geeqie
gphoto2
# ImageMagick-perl perl-File-Type perl-Term-ProgressBar #TODO: Support libraries for scripts
inkscape
ghostscript
stellarium
unity3d
] ++ [ # Codecs for Audio and Video
vobcopy
libdv
libdvbpsi # TODO: librtmp?
xvidcore
x264
gst-plugins-base
gst-plugins-bad
gst-plugins-good
gst-plugins-ugly
gst_all_1.gstreamer
gst_all_1.gst-vaapi
gst_all_1.gst-rtsp-server
gst_all_1.gst-libav
gst_all_1.gst-plugins-base
gst_all_1.gst-plugins-bad
gst_all_1.gst-plugins-good
gst_all_1.gst-plugins-ugly
];
}

177
defaults/desktop/office-suite.nix Normal file
View file

@ -0,0 +1,177 @@
{ config, pkgs, lib, ... }:
{
# Hamster
environment.systemPackages = with pkgs; [ hamster ];
programs.hamster.enable = true;
# Fonts
fonts.fonts = with pkgs; [
google-fonts
lalezar-fonts
nahid-fonts
fontconfig-penultimate
nika-fonts
agave
aileron
amiri
andagii
#andika # Breaks Font-Awesome
ankacoder
ankacoder-condensed
aurulent-sans
caladea
cantarell-fonts
carlito
cascadia-code
#charis-sil # Breaks Font-Awesome
cherry
cnstrokeorder
comfortaa
comic-neue
comic-relief
corefonts
culmus
clearlyU
creep
crimson
dejavu_fonts
dina-font
dina-font-pcf
#doulos-sil # Breaks Font-Awesome
cabin
camingo-code
cooper-hewitt
d2coding
dosis
dosemu_fonts
eb-garamond
eunomia
ferrum
fixedsys-excelsior
emacs-all-the-icons-fonts
emojione
encode-sans
envypn-font
fantasque-sans-mono
fira
fira-code
fira-code-symbols
fira-mono
#gentium
#gentium-book-basic
#gohufont
#go-font
#gubbi-font
#gyre-fonts
#hack-font
##helvetica-neue-lt-std
#hanazono
#hermit
#hyperscrypt-font
#ia-writer-duospace
#inconsolata
#inconsolata-lgc
##input-fonts
#inriafonts
#iosevka
#iosevka-bin
#ipafont
#ipaexfont
#iwona
#jetbrains-mono
#jost
#kanji-stroke-order-font
#latinmodern-math
#lato
#league-of-moveable-type
##liberation-sans-narrow
#libertine
#libertinus
#libre-baskerville
#libre-bodoni
#libre-caslon
#libre-franklin
#lmmath
#lmodern
#luculent
#marathi-cursive
#manrope
#material-design-icons
#material-icons
#meslo-lg
#migmix
#migu
#medio
#mno16
#monoid
#mononoki
#montserrat
#mph_2b_damase
#mplus-outline-fonts
#mro-unicode
#myrica
#nafees
#nanum-gothic-coding
#national-park-typeface
#office-code-pro
#oldstandard
#oldsindhi
#open-dyslexic
open-sans
orbitron
overpass
oxygenfonts
#pecita
paratype-pt-mono
paratype-pt-sans
paratype-pt-serif
penna
poly
powerline-fonts
profont
proggyfonts
public-sans
redhat-official-fonts
route159
#sarasa-gothic
seshat
scheherazade
#signwriting
stix-otf
stix-two
quattrocento
quattrocento-sans
raleway
recursive
rhodium-libre
roboto
roboto-mono
roboto-slab
hasklig
siji
source-code-pro
source-sans-pro
source-serif-pro
tamsyn
theano
tenderness
terminus_font
tipa
twemoji-color-font
twitter-color-emoji
ubuntu_font_family
#ucs-fonts
ultimate-oldschool-pc-font-pack
victor-mono
work-sans
wqy_microhei
wqy_zenhei
xits-math
xkcd-font
yanone-kaffeesatz
norwester-font
font-awesome
]; # Generated with `cd /home/fhauser/projects/nixos/nixpkgs/pkgs/data/fonts; echo *`
}

17
defaults/desktop/scripts.nix Normal file
View file

@ -0,0 +1,17 @@
{ config, pkgs, lib, ... }:
let
locksuspend = pkgs.writeScriptBin "locksuspend" ''
#!${pkgs.stdenv.shell}
set -euo pipefail
IFS=$'\n\t'
i3lock --ignore-empty-password --show-failed-attempts --color=000000
sleep 0.5
exec systemctl suspend
'';
in {
environment.homeBinInPath = true;
environment.systemPackages = [ locksuspend ];
}

15
defaults/desktop/security.nix Normal file
View file

@ -0,0 +1,15 @@
{ config, pkgs, lib, ... }:
{
programs.gnupg.agent = {
enable = true;
enableSSHSupport = true;
};
services.pcscd.enable = true;
# Ignore Broadcom smartcard
# See https://ludovicrousseau.blogspot.com/2015/12/remove-andor-customize-pcsc-reader-names.html
systemd.services.pcscd.environment.PCSCLITE_FILTER_IGNORE_READER_NAMES =
"Broadcom";
}

12
defaults/desktop/webapps.nix Normal file
View file

@ -0,0 +1,12 @@
{ config, pkgs, lib, ... }:
let
web-app = name: url:
pkgs.writeScriptBin name ''
#!${pkgs.stdenv.shell}
exec ${pkgs.chromium}/bin/chromium --app="${url}"
'';
whatsapp = web-app "whatsapp" "https://web.whatsapp.com/";
threema = web-app "threema" "https://web.threema.ch/";
netflix = web-app "netflix" "https://netflix.com/";
in { environment.systemPackages = with pkgs; [ whatsapp netflix threema ]; }

30
defaults/development-tools/default.nix Normal file
View file

@ -0,0 +1,30 @@
{ config, lib, pkgs, ... }:
{
virtualisation = { # TODO: This should probably be somewhere else.
docker.enable = true;
libvirtd.enable = true;
};
environment.systemPackages = with pkgs;
[
vscodium
jetbrains.webstorm
jetbrains.pycharm-professional
jetbrains.idea-ultimate
android-studio
#umlet
#hugo # TODO: Is this the extended version?
#kubernetes-helm # TODO: is this the client?
#wireshark # sslscan aircrack-ng # Network
pipenv # Python
yubikey-manager # cracklib genisoimage # Security
gitlab-runner
] ++ [ # Virtualisation, Docker & Kubernetes # TODO: MOoe
virt-manager
docker-compose
kubectl
vagrant # TODO: Supports libvirtd?
];
}

16
defaults/games/default.nix Normal file
View file

@ -0,0 +1,16 @@
{ config, lib, pkgs, ... }:
{
environment.systemPackages = with pkgs; [
neverball
wesnoth
pingus
superTux
superTuxKart
extremetuxracer
zeroad
#TODO: smc
];
services.gnome3.games.enable = true;
}

11
defaults/printing/default.nix Normal file
View file

@ -0,0 +1,11 @@
{ config, lib, pkgs, ... }:
{
services.printing = {
enable = true;
drivers = with pkgs; [ gutenprint hplip splix cups-googlecloudprint ];
};
services.system-config-printer.enable = true;
programs.system-config-printer.enable = true;
}

2
hardware/apu.nix
View file

@ -22,7 +22,7 @@
boot.extraModulePackages = [ ]; boot.extraModulePackages = [ ];
boot.kernelParams = [ "console=ttyS0,115200n8" ]; boot.kernelParams = [ "console=ttyS0,115200n8" ];
# CPU Configuration
hardware.cpu.amd.updateMicrocode = true; hardware.cpu.amd.updateMicrocode = true;
nix.maxJobs = lib.mkDefault 4; nix.maxJobs = lib.mkDefault 4;
} }

20
hardware/dell-precision-3530.nix Normal file
View file

@ -0,0 +1,20 @@
{ config, lib, pkgs, ... }: {
imports = [ <nixpkgs/nixos/modules/installer/scan/not-detected.nix> ];
boot.initrd.availableKernelModules = [
"xhci_pci"
"ahci"
"nvme"
"usb_storage"
"usbhid"
"sd_mod"
"rtsx_pci_sdmmc"
];
boot.kernelModules = [ "kvm-intel" ];
# CPU Configuration
hardware.cpu.amd.updateMicrocode = true;
nix.maxJobs = lib.mkDefault 12;
powerManagement.cpuFreqGovernor = lib.mkDefault "ondemand";
}

30
host/hummelberg/default.nix Normal file
View file

@ -0,0 +1,30 @@
{ config, pkgs, ... }: {
imports = [
./filesystems.nix
./networking.nix
./printing.nix
#./backup.nix #TODO: Extract applications from desktop role
../../hardware/dell-precision-3530.nix
../../defaults/base
../../defaults/cifs-auth-fix
../../defaults/desktop
../../defaults/development-tools
../../defaults/games
../../defaults/printing
];
# Set your time zone.
time.timeZone = "Europe/Amsterdam";
# This value determines the NixOS release from which the default
# settings for stateful data, like file locations and database versions
# on your system were taken. Its perfectly fine and recommended to leave
# this value at the release version of the first install of this system.
# Before changing this value read the documentation for this option
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
system.stateVersion = "20.03"; # Did you read the comment?
}

64
host/hummelberg/filesystems.nix Normal file
View file

@ -0,0 +1,64 @@
{ config, pkgs, lib, ... }:
let
networkShares = let
hsr_options = [
"defaults"
"noauto"
#"iocharset=utf8"
"soft"
"user=fhauser"
"domain=hsr.ch"
"uid=1000"
"gid=1000"
];
hsr_share = share_name:
{ domain ? "hsr.ch/root", path ? share_name, extra_options ? [ ] }:
lib.nameValuePair "/mnt/hsr/${share_name}" {
device = "//${domain}/${path}";
fsType = "cifs";
options = hsr_options ++ extra_options;
noCheck = true;
};
in lib.mapAttrs' hsr_share {
"skripte".path = "alg/skripte";
"scratch".path = "alg/scratch";
"fhauser".domain = "c101.hsr.ch";
#"fabian.hauser".domain = "svm-c113.ost.ch"; # User!
"afe" = { };
"auw" = { };
"ebooks" = {
path = "alg/ebooks";
extra_options = [ "ro" ];
};
};
in {
boot.initrd.luks.devices = {
"root".device = "/dev/disk/by-uuid/28d2914f-c053-40a8-ad90-f2743190c772";
"swap".device = "/dev/disk/by-uuid/ed89158d-4460-4012-86d7-f8761127371c";
};
fileSystems = {
"/" = {
device = "/dev/disk/by-uuid/6396b6eb-a7e6-430c-8c97-970404f88b35";
fsType = "btrfs";
options = [ "subvol=nixos" ];
};
"/home" = {
device = "/dev/disk/by-uuid/6396b6eb-a7e6-430c-8c97-970404f88b35";
fsType = "btrfs";
options = [ "subvol=home" ];
};
"/boot" = {
device = "/dev/disk/by-uuid/E86E-3C6C";
fsType = "vfat";
};
} // networkShares;
swapDevices = [{ device = "/dev/mapper/swap"; }];
# Use the systemd-boot EFI boot loader.
boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = true;
}

15
host/hummelberg/networking.nix Normal file
View file

@ -0,0 +1,15 @@
{ config, pkgs, ... }:
{
networking = {
networkmanager.enable = true;
useDHCP = false;
#wireless.enable = true; # Enables wireless support via wpa_supplicant.
hostName = "hummelberg";
};
# Configure network proxy if necessary
# networking.proxy.default = "http://user:password@proxy:port/";
# networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain";
}

16
host/hummelberg/printing.nix Normal file
View file

@ -0,0 +1,16 @@
{ config, pkgs, ... }:
{
hardware.printers.ensureDefaultPrinter = "hsr-mfp-8261";
hardware.printers.ensurePrinters = [{
name = "hsr-mfp-8261";
deviceUri = "smb://hsr.ch/printsrv-d.hsr.ch/d8261-a4mfp";
location = "HSR 8.261";
model = "HP/hp-color_laserjet_mfp_m577-ps.ppd.gz";
ppdOptions = {
Duplex = "DuplexNoTumble";
PageSize = "A4";
auth-info-required = "username,password";
};
}];
}