From 68e599367fc21db5797465d3f96e8d5404a94447 Mon Sep 17 00:00:00 2001 From: Ingolf Wagner Date: Sun, 3 Mar 2024 14:56:49 +0100 Subject: [PATCH] heavy refactorings --- flake.nix | 1 + nixos/components/gui/cups.nix | 28 ++++ nixos/components/gui/default.nix | 1 + nixos/components/network/tinc/secret.nix | 9 +- nixos/components/terminal/zsh.nix | 3 + nixos/homes/palo/default.nix | 1 + nixos/homes/palo/packages/development.nix | 124 ++++++------------ nixos/homes/palo/tmux.nix | 14 ++ nixos/homes/root/default.nix | 1 + nixos/machines/cherry/configuration.nix | 7 +- nixos/machines/cherry/cups.nix | 16 --- .../cherry/hardware-configuration/default.nix | 26 ++++ .../disko-config.nix | 18 --- .../hardware-configuration.nix | 0 nixos/machines/chungus/configuration.nix | 2 - nixos/machines/cream/configuration.nix | 1 - nixos/machines/cream/cups.nix | 16 --- nixos/machines/orbi/configuration.nix | 8 +- .../orbi/hardware-configuration/default.nix | 2 + .../hardware-configuration/disko-config.nix | 1 - nixos/machines/robi/configuration.nix | 5 - nixos/machines/sternchen/configuration.nix | 2 - nixos/machines/sternchen/cups.nix | 16 --- 23 files changed, 126 insertions(+), 176 deletions(-) create mode 100644 nixos/components/gui/cups.nix create mode 100644 nixos/homes/palo/tmux.nix delete mode 100644 nixos/machines/cherry/cups.nix create mode 100644 nixos/machines/cherry/hardware-configuration/default.nix rename nixos/machines/cherry/{ => hardware-configuration}/disko-config.nix (65%) rename nixos/machines/cherry/{ => hardware-configuration}/hardware-configuration.nix (100%) delete mode 100644 nixos/machines/cream/cups.nix delete mode 100644 nixos/machines/sternchen/cups.nix diff --git a/flake.nix b/flake.nix index a04dbf7..73eeab4 100644 --- a/flake.nix +++ b/flake.nix @@ -322,6 +322,7 @@ sternchen = nixosConfigurationSetup { name = "sternchen"; host = "sternchen.secret"; + #host = "192.168.178.25"; modules = [ nixos-hardware.nixosModules.lenovo-thinkpad-x220 homeManagerModules diff --git a/nixos/components/gui/cups.nix b/nixos/components/gui/cups.nix new file mode 100644 index 0000000..5123e7f --- /dev/null +++ b/nixos/components/gui/cups.nix @@ -0,0 +1,28 @@ +{ config, lib, ... }: +with lib; +{ + + options.components.gui.cups.enable = mkOption { + type = lib.types.bool; + default = config.components.gui.enable; + }; + + config = mkIf (config.components.gui.cups.enable) { + + hardware.printers.ensurePrinters = [ + { + description = "Lexmark E350d"; + deviceUri = "usb://Lexmark/E350d?serial=622Z9ZC"; + location = "office"; + name = "Lexmark_E350d"; + model = "drv:///sample.drv/generic.ppd"; + ppdOptions = { + job-sheets = "none, none"; + media = "na_letter_8.5x11in"; + sides = "one-sided"; + }; + } + ]; + + }; +} diff --git a/nixos/components/gui/default.nix b/nixos/components/gui/default.nix index 1a0907e..aed0201 100644 --- a/nixos/components/gui/default.nix +++ b/nixos/components/gui/default.nix @@ -9,6 +9,7 @@ with lib; # todo : structure with home-manager and such is not cool, create another structure ./audio.nix ./browser.nix + ./cups.nix ./fonts.nix ./home-manager ./kmonad.nix diff --git a/nixos/components/network/tinc/secret.nix b/nixos/components/network/tinc/secret.nix index 695bf31..e04fcd2 100644 --- a/nixos/components/network/tinc/secret.nix +++ b/nixos/components/network/tinc/secret.nix @@ -9,10 +9,11 @@ let port = 721; hosts = { - sternchen = "10.123.42.25"; - sterni = "10.123.42.24"; + cherry = "10.123.42.29"; cream = "10.123.42.27"; robi = "10.123.42.123"; + sternchen = "10.123.42.25"; + sterni = "10.123.42.24"; }; network = "secret"; in @@ -35,6 +36,10 @@ in subnets = [{ address = hosts.cream; }]; settings.Ed25519PublicKey = "Y/YRA90mAlNEmdhUWlUTHjjsco6d6hlvW11sPtarIdL"; }; + cherry = { + subnets = [{ address = hosts.cherry; }]; + settings.Ed25519PublicKey = "BsPIrZjbzn0aryC0HO3OXSb4oFCMmzNDmMDQmxUXUuC"; + }; sterni = { subnets = [{ address = hosts.sterni; }]; settings.Ed25519PublicKey = "r6mRDc814z2YtyG9ev/XXV2SgquqWR8n53V13xNXb7O"; diff --git a/nixos/components/terminal/zsh.nix b/nixos/components/terminal/zsh.nix index 6996fc4..e977062 100644 --- a/nixos/components/terminal/zsh.nix +++ b/nixos/components/terminal/zsh.nix @@ -8,6 +8,9 @@ with lib; config = mkIf (config.components.terminal.zsh.enable) { + # root uses zsh on default + users.users.root.shell = pkgs.zsh; + programs.zsh = { enable = true; diff --git a/nixos/homes/palo/default.nix b/nixos/homes/palo/default.nix index bc0a50f..cf7bef2 100644 --- a/nixos/homes/palo/default.nix +++ b/nixos/homes/palo/default.nix @@ -9,6 +9,7 @@ ./packages ./ssh.nix ./stylix.nix + ./tmux.nix ./vim.nix ./yubikey.nix ./zellij.nix diff --git a/nixos/homes/palo/packages/development.nix b/nixos/homes/palo/packages/development.nix index e0865b7..c182d2b 100644 --- a/nixos/homes/palo/packages/development.nix +++ b/nixos/homes/palo/packages/development.nix @@ -7,102 +7,44 @@ with lib; (mkIf config.gui.enable { - home.packages = - let + home.packages = [ - # to make copilot work - # jetbrains.pycharm-professional - #fhsPyCharm = pkgs.buildFHSUserEnv { - # name = "pycharm"; - # targetPkgs = pkgs: (with pkgs; [ - # black - # isort - # #unstable.jetbrains.pycharm-professional - # jetbrains.pycharm-professional - # python311 - # pipenv - # zlib # needed for NumPy - # nodejs - # git - # ]); - # runScript = "pycharm-professional"; - #}; + # general + unstable.jetbrains.idea-ultimate + #vscode - # jetbrains.datagrip - #fhsDataGrip = pkgs.buildFHSUserEnv { - # name = "datagrip"; - # targetPkgs = pkgs: (with pkgs; [ - # unstable.jetbrains.datagrip - # ]); - # runScript = "datagrip"; - #}; + jetbrains.mps - #fhsClion = pkgs.buildFHSUserEnv { - # name = "clion"; - # targetPkgs = pkgs: (with pkgs; [ - # unstable.jetbrains.clion - # ]); - # runScript = "clion"; - #}; + unstable.jetbrains.datagrip - in - [ + # Rust + # ---- + unstable.jetbrains.clion + gcc + rustup - # general - unstable.jetbrains.idea-ultimate - #vscode + # Python + # ------ + unstable.jetbrains.pycharm-professional - jetbrains.mps + # planing + ((ganttproject-bin.override { + jre = pkgs.openjdk11; + }).overrideAttrs (old: { + version = "3.1.3100"; + src = pkgs.fetchzip { + url = "https://dl.ganttproject.biz/ganttproject-3.1.3100/ganttproject-3.1.3100.zip"; + sha256 = "sha256-hw2paak0P670/kemiuqYHIaN0uUtkVKy+AX2X7OdnJ4="; + }; + })) - unstable.jetbrains.datagrip - #fhsDataGrip - #(pkgs.makeDesktopItem { - # name = "datagrip"; - # desktopName = "DataGrip"; - # exec = "${fhsDataGrip}/bin/datagrip"; - # terminal = false; - #}) + mermaid-cli - # Rust - unstable.jetbrains.clion - #fhsClion - #(pkgs.makeDesktopItem { - # name = "clion"; - # desktopName = "Clion"; - # exec = "${fhsClion}/bin/clion"; - # terminal = false; - #}) - gcc - rustup - - # python - - unstable.jetbrains.pycharm-professional - #fhsPyCharm - #(pkgs.makeDesktopItem { - # name = "pycharm"; - # desktopName = "PyCharm"; - # exec = "${fhsPyCharm}/bin/pycharm"; - # terminal = false; - #}) - - # planing - ((ganttproject-bin.override { - jre = pkgs.openjdk11; - }).overrideAttrs (old: { - version = "3.1.3100"; - src = pkgs.fetchzip { - url = "https://dl.ganttproject.biz/ganttproject-3.1.3100/ganttproject-3.1.3100.zip"; - sha256 = "sha256-hw2paak0P670/kemiuqYHIaN0uUtkVKy+AX2X7OdnJ4="; - }; - })) - - mermaid-cli - - ]; + ]; }) { + home.packages = let pandocScript = { inputFormat, outputFormat }: @@ -116,7 +58,7 @@ with lib; in [ - # smoke + lnav tmux @@ -160,6 +102,16 @@ with lib; nixpkgs-fmt treefmt + + (pkgs.writers.writeBashBin "ssl-check-cert-of-domain" '' + DOMAIN=$1 + echo | \ + ${pkgs.openssl}/bin/openssl s_client -servername ''${DOMAIN} -connect ''${DOMAIN}:443 2>/dev/null | \ + ${pkgs.openssl}/bin/openssl x509 -text | \ + ${pkgs.less}/bin/less + '') + + ] ++ (map pandocScript (lib.cartesianProductOfSets { inputFormat = [ "man" "markdown" "mediawiki" "asciidoc" ]; outputFormat = [ "mediawiki" "docbook5" "html5" "man" "jira" "markdown" ]; diff --git a/nixos/homes/palo/tmux.nix b/nixos/homes/palo/tmux.nix new file mode 100644 index 0000000..19ec8a3 --- /dev/null +++ b/nixos/homes/palo/tmux.nix @@ -0,0 +1,14 @@ +{ pkgs, ... }: +with pkgs; +{ + programs.tmux = { + enable = true; + aggressiveResize = true; + baseIndex = 1; + clock24 = true; + historyLimit = 150000; + keyMode = "vi"; + mouse = true; + secureSocket = true; + }; +} diff --git a/nixos/homes/root/default.nix b/nixos/homes/root/default.nix index e9809a5..8cc8a9e 100644 --- a/nixos/homes/root/default.nix +++ b/nixos/homes/root/default.nix @@ -4,4 +4,5 @@ ../palo/doom-emacs.nix ]; gui.enable = false; + } diff --git a/nixos/machines/cherry/configuration.nix b/nixos/machines/cherry/configuration.nix index 43c4f75..a55d66f 100644 --- a/nixos/machines/cherry/configuration.nix +++ b/nixos/machines/cherry/configuration.nix @@ -3,16 +3,13 @@ imports = [ - ../../modules ../../components + ../../modules - ./disko-config.nix - ./hardware-configuration.nix + ./hardware-configuration ./syncthing.nix - ./cups.nix ./tinc.nix - #./tinc_retiolum.nix ./qemu.nix ./wireguard.nix diff --git a/nixos/machines/cherry/cups.nix b/nixos/machines/cherry/cups.nix deleted file mode 100644 index 2c2e41d..0000000 --- a/nixos/machines/cherry/cups.nix +++ /dev/null @@ -1,16 +0,0 @@ -{ - hardware.printers.ensurePrinters = [ - { - description = "Lexmark E350d"; - deviceUri = "usb://Lexmark/E350d?serial=622Z9ZC"; - location = "office"; - name = "Lexmark_E350d"; - model = "drv:///sample.drv/generic.ppd"; - ppdOptions = { - job-sheets = "none, none"; - media = "na_letter_8.5x11in"; - sides = "one-sided"; - }; - } - ]; -} diff --git a/nixos/machines/cherry/hardware-configuration/default.nix b/nixos/machines/cherry/hardware-configuration/default.nix new file mode 100644 index 0000000..a1d76e6 --- /dev/null +++ b/nixos/machines/cherry/hardware-configuration/default.nix @@ -0,0 +1,26 @@ +{ lib, config, ... }: +{ + imports = [ + ./disko-config.nix + ./hardware-configuration.nix + ]; + + boot.tmp.useTmpfs = true; + boot.loader.systemd-boot.enable = true; + boot.loader.efi.canTouchEfiVariables = true; + + # ZFS stuff + # --------- + boot.supportedFilesystems = [ "zfs" ]; + # head -c4 /dev/urandom | od -A none -t x4 + networking.hostId = "59e38471"; + services.zfs.autoSnapshot.enable = true; + + # todo not needed anymore if srvos is used + # ZFS already has its own scheduler. Without this my(@Artturin) computer froze for a second when i nix build something. + # copied from : https://github.com/numtide/srvos/blob/main/nixos/common/zfs.nix + services.udev.extraRules = lib.optionalString (config.boot.zfs.enabled) '' + ACTION=="add|change", KERNEL=="sd[a-z]*[0-9]*|mmcblk[0-9]*p[0-9]*|nvme[0-9]*n[0-9]*p[0-9]*", ENV{ID_FS_TYPE}=="zfs_member", ATTR{../queue/scheduler}="none" + ''; + +} diff --git a/nixos/machines/cherry/disko-config.nix b/nixos/machines/cherry/hardware-configuration/disko-config.nix similarity index 65% rename from nixos/machines/cherry/disko-config.nix rename to nixos/machines/cherry/hardware-configuration/disko-config.nix index 5b1f2b4..9e705d0 100644 --- a/nixos/machines/cherry/disko-config.nix +++ b/nixos/machines/cherry/hardware-configuration/disko-config.nix @@ -1,24 +1,6 @@ -# nix run github:nix-community/disko -- --mode zap_create_mount ./disko-config.nix -# nixos-generate-config --no-filesystems --root /mnt { config, lib, ... }: { - boot.loader.systemd-boot.enable = true; - boot.loader.efi.canTouchEfiVariables = true; - boot.tmp.useTmpfs = true; # make /tmp a tmpfs (performance!) - - # ZFS stuff - # --------- - boot.supportedFilesystems = [ "zfs" ]; - # head -c4 /dev/urandom | od -A none -t x4 - networking.hostId = "59e38471"; - services.zfs.autoSnapshot.enable = true; - # ZFS already has its own scheduler. Without this my(@Artturin) computer froze for a second when i nix build something. - # copied from : https://github.com/numtide/srvos/blob/main/nixos/common/zfs.nix - services.udev.extraRules = lib.optionalString (config.boot.zfs.enabled) '' - ACTION=="add|change", KERNEL=="sd[a-z]*[0-9]*|mmcblk[0-9]*p[0-9]*|nvme[0-9]*n[0-9]*p[0-9]*", ENV{ID_FS_TYPE}=="zfs_member", ATTR{../queue/scheduler}="none" - ''; - # disko configuration # ------------------- disko.devices = { diff --git a/nixos/machines/cherry/hardware-configuration.nix b/nixos/machines/cherry/hardware-configuration/hardware-configuration.nix similarity index 100% rename from nixos/machines/cherry/hardware-configuration.nix rename to nixos/machines/cherry/hardware-configuration/hardware-configuration.nix diff --git a/nixos/machines/chungus/configuration.nix b/nixos/machines/chungus/configuration.nix index 45fb0e4..fede3e1 100644 --- a/nixos/machines/chungus/configuration.nix +++ b/nixos/machines/chungus/configuration.nix @@ -84,8 +84,6 @@ networking.hostName = "chungus"; - users.users.root.shell = pkgs.zsh; - hardware.opengl = { enable = true; extraPackages = with pkgs; [ diff --git a/nixos/machines/cream/configuration.nix b/nixos/machines/cream/configuration.nix index fae5b98..69bb336 100644 --- a/nixos/machines/cream/configuration.nix +++ b/nixos/machines/cream/configuration.nix @@ -9,7 +9,6 @@ ./hardware-configuration.nix ./syncthing.nix - ./cups.nix ./tinc.nix ./tinc_retiolum.nix diff --git a/nixos/machines/cream/cups.nix b/nixos/machines/cream/cups.nix deleted file mode 100644 index 2c2e41d..0000000 --- a/nixos/machines/cream/cups.nix +++ /dev/null @@ -1,16 +0,0 @@ -{ - hardware.printers.ensurePrinters = [ - { - description = "Lexmark E350d"; - deviceUri = "usb://Lexmark/E350d?serial=622Z9ZC"; - location = "office"; - name = "Lexmark_E350d"; - model = "drv:///sample.drv/generic.ppd"; - ppdOptions = { - job-sheets = "none, none"; - media = "na_letter_8.5x11in"; - sides = "one-sided"; - }; - } - ]; -} diff --git a/nixos/machines/orbi/configuration.nix b/nixos/machines/orbi/configuration.nix index b00e1bc..9af5071 100644 --- a/nixos/machines/orbi/configuration.nix +++ b/nixos/machines/orbi/configuration.nix @@ -52,21 +52,17 @@ networking.hostName = "orbi"; + components.terminal.enable = true; components.mainUser.enable = true; components.gui.enable = false; components.network.enable = true; components.network.wifi.enable = false; - users.users.root.shell = pkgs.zsh; - security.acme.acceptTerms = true; security.acme.defaults.email = "contact@ingolf-wagner.de"; + # todo create your own sops.defaultSopsFile = ../../secrets/robi.yaml; - services.smartd.enable = true; - - - } diff --git a/nixos/machines/orbi/hardware-configuration/default.nix b/nixos/machines/orbi/hardware-configuration/default.nix index 8f2141c..ab1819d 100644 --- a/nixos/machines/orbi/hardware-configuration/default.nix +++ b/nixos/machines/orbi/hardware-configuration/default.nix @@ -34,6 +34,8 @@ in ./hardware-configuration.nix ]; + services.smartd.enable = true; + # Use GRUB2 as the boot loader. # We don't use systemd-boot because Hetzner uses BIOS legacy boot. boot.loader.grub = { diff --git a/nixos/machines/orbi/hardware-configuration/disko-config.nix b/nixos/machines/orbi/hardware-configuration/disko-config.nix index 60a12d5..b94e6ca 100644 --- a/nixos/machines/orbi/hardware-configuration/disko-config.nix +++ b/nixos/machines/orbi/hardware-configuration/disko-config.nix @@ -4,7 +4,6 @@ let disks = [ "sda" "sdb" ]; in { - disko.devices = { disk = lib.genAttrs disks (disk: { diff --git a/nixos/machines/robi/configuration.nix b/nixos/machines/robi/configuration.nix index 4b3f70d..43658dc 100644 --- a/nixos/machines/robi/configuration.nix +++ b/nixos/machines/robi/configuration.nix @@ -66,11 +66,6 @@ services.sshguard.enable = true; - # Shell configuration - # ------------------- - #programs.custom. zsh.enable = true; - users.users.root.shell = pkgs.zsh; - security.acme.acceptTerms = true; security.acme.defaults.email = "contact@ingolf-wagner.de"; diff --git a/nixos/machines/sternchen/configuration.nix b/nixos/machines/sternchen/configuration.nix index 75babba..d2d4320 100644 --- a/nixos/machines/sternchen/configuration.nix +++ b/nixos/machines/sternchen/configuration.nix @@ -11,8 +11,6 @@ ./syncthing.nix ./tinc.nix - ./cups.nix - ]; sops.defaultSopsFile = ../../secrets/sternchen.yaml; diff --git a/nixos/machines/sternchen/cups.nix b/nixos/machines/sternchen/cups.nix deleted file mode 100644 index 2c2e41d..0000000 --- a/nixos/machines/sternchen/cups.nix +++ /dev/null @@ -1,16 +0,0 @@ -{ - hardware.printers.ensurePrinters = [ - { - description = "Lexmark E350d"; - deviceUri = "usb://Lexmark/E350d?serial=622Z9ZC"; - location = "office"; - name = "Lexmark_E350d"; - model = "drv:///sample.drv/generic.ppd"; - ppdOptions = { - job-sheets = "none, none"; - media = "na_letter_8.5x11in"; - sides = "one-sided"; - }; - } - ]; -}