From 6eb569c1c31ba8d1d589f30c63235b75abc8033f Mon Sep 17 00:00:00 2001 From: Alex Auvolat Date: Wed, 19 Jul 2023 12:12:45 +0200 Subject: make zinzin definitive kusanagi config --- icewm/preferences | 1 + nixos/kusanagi-old.nix | 105 +++++++++++++++++++++++++++++++++++ nixos/kusanagi.nix | 140 ++++++++++++++++++++++------------------------- nixos/zinzin.nix | 93 ------------------------------- nixpkgs/kusanagi-old.nix | 19 +++++++ nixpkgs/kusanagi.nix | 7 --- nixpkgs/zinzin.nix | 12 ---- 7 files changed, 189 insertions(+), 188 deletions(-) create mode 100644 nixos/kusanagi-old.nix delete mode 100644 nixos/zinzin.nix create mode 100644 nixpkgs/kusanagi-old.nix delete mode 100644 nixpkgs/zinzin.nix diff --git a/icewm/preferences b/icewm/preferences index 8aa50bf..c2d7584 100644 --- a/icewm/preferences +++ b/icewm/preferences @@ -1,3 +1,4 @@ TerminalCommand=st TaskBarGraphHeight=28 SmallIconSize=24 +DesktopBackgroundColor="rgb:00/80/80" diff --git a/nixos/kusanagi-old.nix b/nixos/kusanagi-old.nix new file mode 100644 index 0000000..4b75489 --- /dev/null +++ b/nixos/kusanagi-old.nix @@ -0,0 +1,105 @@ +# Do not modify this file! It was generated by ‘nixos-generate-config’ +# and may be overwritten by future invocations. Please make changes +# to /etc/nixos/configuration.nix instead. +{ config, lib, pkgs, modulesPath, ... }: + +{ + imports = [ + (modulesPath + "/installer/scan/not-detected.nix") + ./common.nix + #./kde.nix + ./icewm.nix + #./gnome.nix + ]; + + networking.hostName = "kusanagi"; + + # Use systemd-boot + boot.loader.systemd-boot.enable = true; + boot.loader.efi.canTouchEfiVariables = true; + + boot.initrd.availableKernelModules = + [ "xhci_pci" "nvme" "usb_storage" "sd_mod" ]; + boot.initrd.kernelModules = [ "dm-snapshot" ]; + boot.kernelModules = [ "kvm-intel" ]; + boot.extraModulePackages = [ ]; + + specialisation = { + # Old computer challenge + tiny.configuration = { + boot.kernelParams = [ + "maxcpus=1" + "mem=512M" + ]; + powerManagement.cpuFreqGovernor = "powersave"; + }; + }; + + boot.initrd.luks.devices = { + crypted = { + device = "/dev/disk/by-uuid/e3271725-effb-4b00-a5d4-8a7a64f55420"; + allowDiscards = true; + }; + }; + + fileSystems."/" = { + device = "/dev/disk/by-uuid/2f606c6b-8009-4158-b367-2e0cf1a57ade"; + fsType = "ext4"; + options = [ "discard" ]; + }; + + fileSystems."/boot" = { + device = "/dev/disk/by-uuid/0143-7D54"; + fsType = "vfat"; + }; + + fileSystems."/home" = { + device = "/dev/disk/by-uuid/f955ce34-f25e-4abf-8732-bcf17465f78c"; + fsType = "ext4"; + options = [ "discard" ]; + }; + + swapDevices = + [{ device = "/dev/disk/by-uuid/c78cfb77-75ee-4aae-9b24-b91f8eebb7c2"; }]; + + # Nix-serve for friends on local network + services.nix-serve = { + enable = true; + secretKeyFile = "/var/lib/nix-serve/cache-priv-key.pem"; + }; + services.nginx = { + enable = true; + recommendedProxySettings = true; + virtualHosts = { + "adnab.local" = { + locations."/".proxyPass = "http://${config.services.nix-serve.bindAddress}:${toString config.services.nix-serve.port}"; + }; + }; + }; + networking.extraHosts = '' + 127.0.0.1 adnab.local + ''; + + # Docker + virtualisation.docker.enable = true; + users.users.lx.extraGroups = [ "docker" ]; + environment.systemPackages = with pkgs; [ + docker-compose + ]; + + # Printer + services.printing.drivers = [ pkgs.cups-brother-hl1210w ]; + + networking.firewall.allowedTCPPorts = [ + 80 # nginx + 57890 # troop + ]; + networking.firewall.allowedUDPPorts = [ + 57890 # troop + ]; + + nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; + #powerManagement.cpuFreqGovernor = lib.mkDefault "powersave"; + hardware.cpu.intel.updateMicrocode = + lib.mkDefault config.hardware.enableRedistributableFirmware; +} diff --git a/nixos/kusanagi.nix b/nixos/kusanagi.nix index 4b75489..59d0eee 100644 --- a/nixos/kusanagi.nix +++ b/nixos/kusanagi.nix @@ -4,102 +4,90 @@ { config, lib, pkgs, modulesPath, ... }: { - imports = [ - (modulesPath + "/installer/scan/not-detected.nix") - ./common.nix - #./kde.nix - ./icewm.nix - #./gnome.nix - ]; + imports = + [ + (modulesPath + "/installer/scan/not-detected.nix") + ./common.nix + ./icewm.nix + ]; networking.hostName = "kusanagi"; + networking.hostId = "b807fe35"; - # Use systemd-boot boot.loader.systemd-boot.enable = true; boot.loader.efi.canTouchEfiVariables = true; - boot.initrd.availableKernelModules = - [ "xhci_pci" "nvme" "usb_storage" "sd_mod" ]; - boot.initrd.kernelModules = [ "dm-snapshot" ]; + boot.initrd.availableKernelModules = [ "xhci_pci" "nvme" "usb_storage" "sd_mod" ]; + boot.initrd.kernelModules = [ ]; + boot.kernelPackages = config.boot.zfs.package.latestCompatibleLinuxPackages; boot.kernelModules = [ "kvm-intel" ]; boot.extraModulePackages = [ ]; - specialisation = { - # Old computer challenge - tiny.configuration = { - boot.kernelParams = [ - "maxcpus=1" - "mem=512M" - ]; - powerManagement.cpuFreqGovernor = "powersave"; - }; - }; - boot.initrd.luks.devices = { - crypted = { - device = "/dev/disk/by-uuid/e3271725-effb-4b00-a5d4-8a7a64f55420"; + lukszfs = { + device = "/dev/disk/by-uuid/90f30f15-3ee3-4a15-bab6-36fb31630e2a"; allowDiscards = true; }; }; + # ---- standard filesystems ---- + + fileSystems."/boot" = + { device = "/dev/disk/by-uuid/E2FA-FB92"; + fsType = "vfat"; + }; + + fileSystems."/home" = + { device = "kusanagi/nixos/home"; + fsType = "zfs"; + neededForBoot = true; # because contains password files used below + }; + + fileSystems."/nix" = + { device = "kusanagi/nixos/nix"; + fsType = "zfs"; + }; + + swapDevices = [ ]; + + # ---- tmpfs root filesystem with special persisted directory ---- + fileSystems."/" = { - device = "/dev/disk/by-uuid/2f606c6b-8009-4158-b367-2e0cf1a57ade"; - fsType = "ext4"; - options = [ "discard" ]; + device = "none"; + fsType = "tmpfs"; + options = [ "defaults" "size=4G" "mode=755" ]; }; - fileSystems."/boot" = { - device = "/dev/disk/by-uuid/0143-7D54"; - fsType = "vfat"; - }; + fileSystems."/persist" = + { device = "kusanagi/nixos/persist"; + fsType = "zfs"; + neededForBoot = true; # because contains /var/log + }; - fileSystems."/home" = { - device = "/dev/disk/by-uuid/f955ce34-f25e-4abf-8732-bcf17465f78c"; - fsType = "ext4"; - options = [ "discard" ]; - }; + environment.etc."machine-id".source = "/persist/etc/machine-id"; - swapDevices = - [{ device = "/dev/disk/by-uuid/c78cfb77-75ee-4aae-9b24-b91f8eebb7c2"; }]; + fileSystems."/etc/NetworkManager/system-connections" = + { device = "/persist/etc/NetworkManager/system-connections"; + fsType = "none"; + depends = [ "/persist" "/mnt-root/persist" ]; + options = [ "bind" ]; + }; - # Nix-serve for friends on local network - services.nix-serve = { - enable = true; - secretKeyFile = "/var/lib/nix-serve/cache-priv-key.pem"; - }; - services.nginx = { - enable = true; - recommendedProxySettings = true; - virtualHosts = { - "adnab.local" = { - locations."/".proxyPass = "http://${config.services.nix-serve.bindAddress}:${toString config.services.nix-serve.port}"; - }; - }; - }; - networking.extraHosts = '' - 127.0.0.1 adnab.local - ''; - - # Docker - virtualisation.docker.enable = true; - users.users.lx.extraGroups = [ "docker" ]; - environment.systemPackages = with pkgs; [ - docker-compose - ]; - - # Printer - services.printing.drivers = [ pkgs.cups-brother-hl1210w ]; - - networking.firewall.allowedTCPPorts = [ - 80 # nginx - 57890 # troop - ]; - networking.firewall.allowedUDPPorts = [ - 57890 # troop - ]; + fileSystems."/var/log" = + { device = "/persist/var/log"; + fsType = "none"; + depends = [ "/persist" "/mnt-root/persist" ]; + options = [ "bind" ]; + }; + + # ---- immutable user config for tmpfs root ---- + + users.mutableUsers = false; + users.users.lx.passwordFile = "/home/lx/.password"; + + # ---- nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; - #powerManagement.cpuFreqGovernor = lib.mkDefault "powersave"; - hardware.cpu.intel.updateMicrocode = - lib.mkDefault config.hardware.enableRedistributableFirmware; + powerManagement.cpuFreqGovernor = lib.mkDefault "powersave"; + hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; } diff --git a/nixos/zinzin.nix b/nixos/zinzin.nix deleted file mode 100644 index 12e3d1f..0000000 --- a/nixos/zinzin.nix +++ /dev/null @@ -1,93 +0,0 @@ -# Do not modify this file! It was generated by ‘nixos-generate-config’ -# and may be overwritten by future invocations. Please make changes -# to /etc/nixos/configuration.nix instead. -{ config, lib, pkgs, modulesPath, ... }: - -{ - imports = - [ - (modulesPath + "/installer/scan/not-detected.nix") - ./common.nix - ./icewm.nix - ]; - - networking.hostName = "zinzin"; - networking.hostId = "304a68ef"; - - boot.loader.systemd-boot.enable = true; - boot.loader.efi.canTouchEfiVariables = true; - - boot.initrd.availableKernelModules = [ "xhci_pci" "nvme" "usb_storage" "sd_mod" ]; - boot.initrd.kernelModules = [ ]; - boot.kernelPackages = config.boot.zfs.package.latestCompatibleLinuxPackages; - boot.kernelModules = [ "kvm-intel" ]; - boot.extraModulePackages = [ ]; - - boot.initrd.luks.devices = { - lukszfs = { - device = "/dev/disk/by-uuid/f75e45a4-dc1e-4f38-b2d8-3336ec3790ef"; - allowDiscards = true; - }; - }; - - # ---- standard filesystems ---- - - fileSystems."/boot" = - { device = "/dev/disk/by-uuid/3BC8-460B"; - fsType = "vfat"; - }; - - fileSystems."/home" = - { device = "zinzin/nixos/home"; - fsType = "zfs"; - neededForBoot = true; # because contains password files used below - }; - - fileSystems."/nix" = - { device = "zinzin/nixos/nix"; - fsType = "zfs"; - }; - - swapDevices = [ ]; - - # ---- tmpfs root filesystem with special persisted directory ---- - - fileSystems."/" = { - device = "none"; - fsType = "tmpfs"; - options = [ "defaults" "size=4G" "mode=755" ]; - }; - - fileSystems."/persist" = - { device = "zinzin/nixos/persist"; - fsType = "zfs"; - neededForBoot = true; # because contains /var/log - }; - - environment.etc."machine-id".source = "/persist/etc/machine-id"; - - fileSystems."/etc/NetworkManager/system-connections" = - { device = "/persist/etc/NetworkManager/system-connections"; - fsType = "none"; - depends = [ "/persist" "/mnt-root/persist" ]; - options = [ "bind" ]; - }; - - fileSystems."/var/log" = - { device = "/persist/var/log"; - fsType = "none"; - depends = [ "/persist" "/mnt-root/persist" ]; - options = [ "bind" ]; - }; - - # ---- immutable user config for tmpfs root ---- - - users.mutableUsers = false; - users.users.lx.passwordFile = "/home/lx/.password"; - - # ---- - - nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; - powerManagement.cpuFreqGovernor = lib.mkDefault "powersave"; - hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; -} diff --git a/nixpkgs/kusanagi-old.nix b/nixpkgs/kusanagi-old.nix new file mode 100644 index 0000000..4d605c1 --- /dev/null +++ b/nixpkgs/kusanagi-old.nix @@ -0,0 +1,19 @@ +{ pkgs, ... }: { + imports = [ ./common.nix ]; + + home.homeDirectory = "/home/lx"; + xdg.userDirs.download = "/home/lx/Downloads"; + + services.gpg-agent.enable = true; + services.gpg-agent.enableSshSupport = false; + services.gpg-agent.pinentryFlavor = "qt"; + services.gpg-agent.extraConfig = "no-allow-external-cache"; + + programs.keychain = { + enable = true; + enableBashIntegration = true; + keys = [ "~/.ssh/id_ed25519" ]; + }; + services.syncthing.enable = true; +} + diff --git a/nixpkgs/kusanagi.nix b/nixpkgs/kusanagi.nix index 4d605c1..2eb8900 100644 --- a/nixpkgs/kusanagi.nix +++ b/nixpkgs/kusanagi.nix @@ -8,12 +8,5 @@ services.gpg-agent.enableSshSupport = false; services.gpg-agent.pinentryFlavor = "qt"; services.gpg-agent.extraConfig = "no-allow-external-cache"; - - programs.keychain = { - enable = true; - enableBashIntegration = true; - keys = [ "~/.ssh/id_ed25519" ]; - }; - services.syncthing.enable = true; } diff --git a/nixpkgs/zinzin.nix b/nixpkgs/zinzin.nix deleted file mode 100644 index 2eb8900..0000000 --- a/nixpkgs/zinzin.nix +++ /dev/null @@ -1,12 +0,0 @@ -{ pkgs, ... }: { - imports = [ ./common.nix ]; - - home.homeDirectory = "/home/lx"; - xdg.userDirs.download = "/home/lx/Downloads"; - - services.gpg-agent.enable = true; - services.gpg-agent.enableSshSupport = false; - services.gpg-agent.pinentryFlavor = "qt"; - services.gpg-agent.extraConfig = "no-allow-external-cache"; -} - -- cgit v1.2.3