palo/nixos-config
palo/nixos-config
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions2

moved all to subfolder nixos

Browse source
This commit is contained in:
Ingolf Wagner 2021-09-25 20:28:25 +02:00
commit 15c6866362
No known key found for this signature in database
GPG key ID: 76BF5F1928B9618B
263 changed files with 638 additions and 762 deletions

170
nixos/modules/system/audio.nix Normal file
View file

@ -0,0 +1,170 @@
{ config, lib, pkgs, ... }:
with lib;
let
ladspaPath = "${pkgs.ladspaPlugins}/lib/ladspa";
jackScript =
pkgs.writeShellScriptBin "jack" (lib.fileContents ../../assets/jack.sh);
queueElement = {
options = {
plugin = mkOption {
type = with types; str;
description = "file name without suffix of the plugin";
};
label = mkOption {
type = with types; str;
description = "label of the queue element (needs to be correct)";
};
control = mkOption {
type = with types; listOf str;
description = "parameter of plugin";
};
};
};
sinkElement = {
options = {
name = mkOption {
type = with types; str;
description = "name of the sink";
};
queue = mkOption {
type = with types; listOf (submodule queueElement);
description = "queues";
};
};
};
cfg = config.system.custom.audio;
in {
options.system.custom.audio = {
enable = mkEnableOption "use PluseAudio";
sinks = mkOption {
type = with types; listOf (submodule sinkElement);
description = "list of sinks";
};
};
config = mkIf cfg.enable {
# add virtual midi module
# -----------------------
#boot = {
# # to route midi signals
# # between bitwig and vcvrack
# kernelModules = [ "snd_virmidi" ];
# # index=-2 prevents from beeing recognised as the default
# # audio device
# # midi_devs limit the number of midi devices.
# extraModprobeConfig = "options snd-virmidi index=-2 midi_devs=1";
#};
# LADSPA
# ------
programs.bash.interactiveShellInit = # sh
''
# set ladspa library path
# about testing the plugins check analyseplugin command
export LADSPA_PATH=${ladspaPath}
'';
programs.zsh.interactiveShellInit = # sh
''
# set ladspa library path
# about testing the plugins check analyseplugin command
export LADSPA_PATH=${ladspaPath}
'';
# PulseAudio
# ----------
# because of systemWide ensure main user is in audio group
system.custom.mainUser.extraGroups = [ "audio" ];
#services.pipewire = {
# enable = true;
# alsa.enable = true;
# jack.enable = true;
# media-session.enable = true;
# pulse.enable = true;
#};
hardware.pulseaudio = {
enable = true;
package = pkgs.pulseaudioFull;
# all in audio group can do audio
systemWide = true;
extraConfig = ''
# automatically switch to newly-connected devices
load-module module-switch-on-connect
# http://plugin.org.uk/ladspa-swh/docs/ladspa-swh.html
# https://gavv.github.io/articles/pulseaudio-under-the-hood/#ladspa-plugin-sink
${builtins.toString (flip map cfg.sinks (sink: ''
# ladspa sink : ${sink.name}
# -------------
${builtins.toString (flip imap0 (reverseList sink.queue)
(index: queua:
let
sinkName = suffix: "${sink.name}${builtins.toString suffix}";
sinkValue = "sink_name=${sinkName index}";
sinkDescription = "sink_properties=device.description=${
sinkName index
}-${queua.label}";
masterValue = if (index == 0) then
""
else
"sink_master=${sinkName (index - 1)}";
pluginValue = "plugin=${ladspaPath}/${queua.plugin}";
labelValue = "label=${queua.label}";
controlValue = "control=${
builtins.toString
(foldl (a: b: "${a},${b}") (head queua.control)
(tail queua.control))
}";
in ''
# ${sinkName index} : ${queua.label}
load-module module-ladspa-sink ${sinkValue} ${sinkDescription} ${masterValue} ${pluginValue} ${labelValue} ${controlValue}
''))}
''))}
'';
};
# Packages needed
# ---------------
environment.systemPackages = with pkgs; [
# Music making
# ------------
#jackScript
#jack2Full
#patchage
#zynaddsubfx
#qjackctl
alsaUtils
# LADSPA
# ------
ladspaPlugins
ladspa-sdk
# PulseAudio control
# ------------------
pavucontrol
lxqt.pavucontrol-qt
];
};
}

34
nixos/modules/system/bluetooth.nix Normal file
View file

@ -0,0 +1,34 @@
{ config, lib, pkgs, ... }:
let
cfg = config.system.custom.bluetooth;
in {
options.system.custom.bluetooth.enable =
lib.mkEnableOption "enable bluetooth support";
config = lib.mkIf cfg.enable {
hardware.bluetooth = {
enable = true;
powerOnBoot = true;
settings.General.AutoConnect = true;
};
services.blueman.enable = true;
environment.systemPackages = with pkgs; [
# bluetooth audio
# ---------------
# todo : check if pulseaudio is enabled
bluez
bluez-tools
];
};
}

76
nixos/modules/system/font.nix Normal file
View file

@ -0,0 +1,76 @@
{ config, lib, pkgs, ... }:
with lib;
let
cfg = config.system.custom.fonts;
in {
options.system.custom.fonts = {
enable = mkEnableOption "enable fonts";
dpi = mkOption {
type = types.int;
default = 141;
description = ''
dpi of the monitor
'';
};
};
# You can put your private ttf fonts into
# in $XDG_DATA_HOME/fonts, which for most users will resolve to ~/.local/share/fonts
# see https://nixos.wiki/wiki/Fonts
config = mkIf cfg.enable {
fonts = {
enableDefaultFonts = true;
enableGhostscriptFonts = true;
fontDir.enable = true;
fontconfig = {
dpi = cfg.dpi;
subpixel = {
lcdfilter = "default";
rgba = "rgb";
};
hinting = {
enable = true;
autohint = false;
};
enable = true;
antialias = true;
#defaultFonts = { monospace = [ "inconsolata" ]; };
};
fonts = with pkgs; [
corefonts
hasklig
inconsolata
source-code-pro
symbola
ubuntu_font_family
# symbol fonts
# ------------
# nerdfonts
powerline-fonts
font-awesome-ttf
fira-code-symbols
# shell font
# ----------
terminus_font
gohufont
];
};
};
}

75
nixos/modules/system/mainUser.nix Normal file
View file

@ -0,0 +1,75 @@
{ config, pkgs, lib, ... }:
with lib;
let
cfg = config.system.custom.mainUser;
dockerGroup =
if (config.virtualisation.docker.enable) then [ "docker" ] else [ ];
vboxGroup = if (config.virtualisation.virtualbox.host.enable) then
[ "vboxusers" ]
else
[ ];
in {
options.system.custom.mainUser = {
enable = mkEnableOption "enable mainUser for a desktop system";
userName = mkOption {
type = with types; str;
description = ''
name of the main user
'';
};
uid = mkOption {
type = with types; int;
default = 1337;
description = ''
uid of main user
'';
};
extraGroups = mkOption {
default = [ ];
type = with types; listOf str;
description = ''
list of groups the main user should also be in
'';
};
authorizedKeyFiles = mkOption {
default = [ ];
type = with types; listOf str;
description = ''
list of keys allowed to login as this user
'';
};
};
config = mkIf cfg.enable {
users = {
mutableUsers = true;
defaultUserShell = pkgs.zsh;
users.mainUser = {
isNormalUser = true;
name = cfg.userName;
uid = cfg.uid;
home = "/home/${cfg.userName}";
initialPassword = cfg.userName;
extraGroups = [ "wheel" "networkmanager" "transmission" "wireshark" ]
++ dockerGroup ++ vboxGroup ++ cfg.extraGroups;
openssh.authorizedKeys.keyFiles = cfg.authorizedKeyFiles;
};
};
};
}

65
nixos/modules/system/on-failure.nix Normal file
View file

@ -0,0 +1,65 @@
{ config, lib, pkgs, ... }:
with lib;
let
cfg = config.on-failure;
api = {
enable = mkEnableOption "krebs.on-failure" // {
default = cfg.plans != { };
};
url = mkOption {
type = types.str;
description = "url on where to send the message to";
};
plans = mkOption {
default = { };
type = with types;
attrsOf (submodule ({ config, ... }: {
options = {
enable = mkEnableOption "on-failure.${config.name}" // {
default = true;
};
name = mkOption {
type = types.str;
default = config._module.args.name;
description = "Name of the to-be-monitored service.";
};
};
}));
};
};
enabled-plans = filter (getAttr "enable") (attrValues cfg.plans);
to-services = plan: {
"${plan.name}".unitConfig.OnFailure = "on-failure.${plan.name}.service";
"on-failure.${plan.name}".serviceConfig = rec {
ExecStart = mattermostStart plan;
SyslogIdentifier = ExecStart.name;
Type = "oneshot";
};
};
# todo this output must be better
mattermostStart = plan:
pkgs.writers.writeDash "on-failure.${plan.name}" ''
${pkgs.curl}/bin/curl \
--include \
--request POST \
--data-urlencode \
'payload={"text": "<!channel> :fire: Service Failed ${plan.name} on ${config.networking.hostName}"}' \
${cfg.url}
'';
in {
options.on-failure = api;
config = lib.mkIf cfg.enable {
systemd.services = foldl (a: b: a // b) { } (map to-services enabled-plans);
};
}

95
nixos/modules/system/permown.nix Normal file
View file

@ -0,0 +1,95 @@
{ config, pkgs, lib, ... }:
with lib;
let
cfg = config.system.permown;
nameGenerator = path: "permown.${replaceStrings [ "/" ] [ "_" ] path}";
in {
options.system.permown = mkOption {
default = { };
type = with types;
attrsOf (submodule ({ config, ... }: {
options = {
directory-mode = mkOption {
default = "=rwx";
type = types.str;
};
file-mode = mkOption {
default = "=rw";
type = types.str;
};
group = mkOption {
apply = x: if x == null then "" else x;
default = null;
type = types.nullOr types.str;
};
owner = mkOption { type = types.str; };
path = mkOption {
default = config._module.args.name;
type = types.path;
};
umask = mkOption {
default = "0027";
type = types.str;
};
timer = mkOption {
default = "hourly";
type = types.str;
description =
"OnCalendar string on how frequent should this command run";
};
};
}));
};
config = let plans = lib.attrValues cfg;
in mkIf (plans != [ ]) {
system.activationScripts.permown = let
mkdir = { path, ... }: ''
${pkgs.coreutils}/bin/mkdir -p ${path}
'';
in concatMapStrings mkdir plans;
systemd.services = listToAttrs (flip map plans
({ path, directory-mode, file-mode, owner, group, umask, ... }: {
name = nameGenerator path;
value = {
environment = {
DIR_MODE = directory-mode;
FILE_MODE = file-mode;
OWNER_GROUP = "${owner}:${group}";
ROOT_PATH = path;
};
path = [ pkgs.coreutils pkgs.findutils pkgs.inotifyTools ];
serviceConfig = {
ExecStart = pkgs.writers.writeDash "permown" ''
set -efu
find "$ROOT_PATH" -exec chown -h "$OWNER_GROUP" {} +
find "$ROOT_PATH" -type d -exec chmod "$DIR_MODE" {} +
find "$ROOT_PATH" -type f -exec chmod "$FILE_MODE" {} +
'';
PrivateTmp = true;
Restart = "always";
RestartSec = 10;
UMask = umask;
};
wantedBy = [ "multi-user.target" ];
};
}));
systemd.timers = listToAttrs (flip map plans ({ path, timer, ... }: {
name = nameGenerator path;
value = {
wantedBy = [ "multi-user.target" ];
timerConfig.OnCalendar = timer;
};
}));
};
}

86
nixos/modules/system/wifi.nix Normal file
View file

@ -0,0 +1,86 @@
{ config, lib, pkgs, ... }:
with lib;
let
cfg = config.system.custom.wifi;
in {
options.system.custom.wifi = {
enable = mkEnableOption "enable wifi";
system = mkOption {
default = "wpa_supplicant";
type = with types; enum [ "wpa_supplicant" "networkmanager" ];
};
configurationFile = mkOption {
default = null;
type = with types; nullOr path;
description = ''
the target of /etc/wpa_supplicant.conf
'';
};
interfaces = mkOption {
type = with types; listOf string;
default = [ ];
description = ''
list of interfaces to take care of,
if empty it will test all interfaces
'';
};
};
config = mkMerge [
(mkIf (cfg.enable && cfg.system == "wpa_supplicant") {
networking.wireless.enable = true;
networking.wireless.interfaces = cfg.interfaces;
})
(mkIf (cfg.enable && cfg.system == "networkmanager") {
networking.networkmanager.enable = true;
networking.networkmanager.wifi.powersave = true;
networking.networkmanager.extraConfig = ''
# The number of times a connection activation should be automatically tried
# before switching to another one. This value applies only to connections
# that can auto-connect and have a connection. autoconnect-retries property set to -1.
# If not specified, connections will be tried 4 times.
# Setting this value to 1 means to try activation once, without retry.
autoconnect-retries-default=999
'';
})
(mkIf (cfg.enable && cfg.configurationFile != null) {
environment.etc."wpa_supplicant.conf".source = cfg.configurationFile;
})
(mkIf cfg.enable {
networking.dhcpcd.allowInterfaces = cfg.interfaces;
networking.usePredictableInterfaceNames = true;
hardware.enableRedistributableFirmware = true;
environment.systemPackages = [
(pkgs.writeShellScriptBin "scan-wifi" ''
# todo : use column to make a nice view
${pkgs.wirelesstools}/bin/iwlist scan | \
grep -v "Interface doesn't support scanning" | \
sed -e '/^\s*$/d' | \
grep -e "ESSID" -e "Encrypt" | \
sed -e "s/Encryption key:on/encrypted/g" | \
sed -e "s/Encryption key:off/open/g" | \
sed -e "s/ESSID://g" | \
xargs -L 2 printf "%9s - '%s'\n"
'')
];
})
];
}

98
nixos/modules/system/x11.nix Normal file
View file

@ -0,0 +1,98 @@
{ config, pkgs, lib, ... }:
with lib;
let
cfg = config.system.custom.x11;
in {
options.system.custom.x11 = {
enable = mkEnableOption "enable x11";
autoLoginUser = mkOption {
type = with types; str;
description = "user to login";
};
};
config = mkIf cfg.enable {
services.xserver = {
enable = true;
# Configure video Drivers
# -----------------------
videoDrivers = [ "intel" ];
deviceSection = ''
Option "DRI" "2"
Option "TearFree" "true"
'';
# window-manager : Xmonad
# -----------------------
displayManager = {
defaultSession = lib.mkDefault "none+xmonad";
autoLogin.enable = lib.mkDefault true;
autoLogin.user = cfg.autoLoginUser;
lightdm.enable = lib.mkDefault true;
};
desktopManager = {
xterm.enable = false;
#gnome3.enable = lib.mkDefault true;
};
windowManager = {
xmonad.enable = true;
xmonad.enableContribAndExtras = true;
i3.enable = true;
};
# mouse/touchpad
# --------------
libinput = {
enable = true;
touchpad = {
disableWhileTyping = true;
tapping = true;
scrollMethod = "twofinger";
accelSpeed = "2";
};
};
# Wacom configuraton
# ------------------
modules = [ pkgs.xf86_input_wacom ];
};
# Packages
# --------
environment.systemPackages = with pkgs; [
dmenu
arandr
xcalib
flameshot
xorg.xmodmap
feh
];
# Xresources config
# -----------------
# spread the Xresource config
# across different files
# just add a file into `/etc/X11/Xresource.d/` and it will be
# evaluated.
services.xserver.displayManager.sessionCommands = ''
for file in `ls /etc/X11/Xresource.d/`
do
${pkgs.xorg.xrdb}/bin/xrdb -merge /etc/X11/Xresource.d/$file
done
'';
environment.etc."/X11/Xresource.d/.keep".text = "";
};
}