|
|
|
@ -1,12 +1,14 @@
|
|
|
|
|
{ config, pkgs, ... }: let
|
|
|
|
|
{ config, pkgs, options, ... }: let
|
|
|
|
|
packages = (import ../lib/packages.nix) { config = config.nixpkgs.config; };
|
|
|
|
|
callPackageFile = path: (import path) packages;
|
|
|
|
|
in {
|
|
|
|
|
imports = [
|
|
|
|
|
(callPackageFile ../profiles/system/base.nix)
|
|
|
|
|
(callPackageFile ../profiles/system/wpa-cli.nix)
|
|
|
|
|
|
|
|
|
|
(callPackageFile ../profiles/environment/graphical-environment.nix)
|
|
|
|
|
(callPackageFile ../profiles/environment/xfce4.nix)
|
|
|
|
|
/*(callPackageFile ../profiles/environment/xfce4.nix)*/
|
|
|
|
|
(callPackageFile ../profiles/environment/plasma5.nix)
|
|
|
|
|
(callPackageFile ../profiles/environment/common-software.nix)
|
|
|
|
|
|
|
|
|
|
(callPackageFile ../profiles/system/efi-boot.nix)
|
|
|
|
@ -15,22 +17,38 @@ in {
|
|
|
|
|
(callPackageFile ../profiles/system/scanning.nix)
|
|
|
|
|
(callPackageFile ../profiles/system/amd.nix)
|
|
|
|
|
(callPackageFile ../profiles/system/pulseaudio.nix)
|
|
|
|
|
(callPackageFile ../profiles/system/bluetooth.nix)
|
|
|
|
|
(callPackageFile ../profiles/system/virtualization.nix)
|
|
|
|
|
(callPackageFile ../profiles/system/service-accounting.nix)
|
|
|
|
|
|
|
|
|
|
(callPackageFile ../profiles/software/elasticsearch.nix)
|
|
|
|
|
(callPackageFile ../profiles/software/couchdb.nix)
|
|
|
|
|
/* (callPackageFile ../profiles/software/couchdb.nix) */
|
|
|
|
|
|
|
|
|
|
(callPackageFile ../profiles/software/games.nix)
|
|
|
|
|
(callPackageFile ../profiles/software/guake.nix)
|
|
|
|
|
/*(callPackageFile ../profiles/software/guake.nix)*/
|
|
|
|
|
(callPackageFile ../profiles/software/yakuake.nix)
|
|
|
|
|
(callPackageFile ../profiles/software/synergy.nix)
|
|
|
|
|
(callPackageFile ../profiles/software/workrave.nix)
|
|
|
|
|
];
|
|
|
|
|
|
|
|
|
|
nix.trustedUsers = ["sven"];
|
|
|
|
|
|
|
|
|
|
services.xserver = {
|
|
|
|
|
xrandrHeads = [
|
|
|
|
|
"DFP6"
|
|
|
|
|
"CRT1"
|
|
|
|
|
];
|
|
|
|
|
|
|
|
|
|
# The below is a workaround, because SDDM inexplicably results in a masked display-manager.service on this system.
|
|
|
|
|
displayManager = {
|
|
|
|
|
lightdm = {
|
|
|
|
|
enable = true;
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
sddm = {
|
|
|
|
|
enable = pkgs.stdenv.lib.mkForce false;
|
|
|
|
|
};
|
|
|
|
|
};
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
networking = {
|
|
|
|
@ -39,10 +57,12 @@ in {
|
|
|
|
|
firewall = { # FIXME: abstract this out...
|
|
|
|
|
allowedTCPPorts = [
|
|
|
|
|
25565 # Minecraft
|
|
|
|
|
3979 # OpenTTD
|
|
|
|
|
];
|
|
|
|
|
|
|
|
|
|
allowedUDPPorts = [
|
|
|
|
|
34197 # Factorio
|
|
|
|
|
3979 # OpenTTD
|
|
|
|
|
];
|
|
|
|
|
};
|
|
|
|
|
};
|
|
|
|
@ -50,7 +70,10 @@ in {
|
|
|
|
|
users.extraUsers.sven = {
|
|
|
|
|
isNormalUser = true;
|
|
|
|
|
uid = 1000;
|
|
|
|
|
extraGroups = ["libvirtd"];
|
|
|
|
|
extraGroups = [
|
|
|
|
|
"libvirtd"
|
|
|
|
|
"dialout"
|
|
|
|
|
];
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
users.groups = {
|
|
|
|
@ -63,35 +86,15 @@ in {
|
|
|
|
|
|
|
|
|
|
boot = {
|
|
|
|
|
kernelModules = [ "tun" "virtio" "nbd" ];
|
|
|
|
|
kernelPackages = pkgs.linuxPackages_4_4;
|
|
|
|
|
kernelParams = [ "radeon.dpm=0" ];
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
fileSystems = [
|
|
|
|
|
{
|
|
|
|
|
mountPoint = "/mnt/storage1";
|
|
|
|
|
device = "/dev/disk/by-uuid/f7b13747-f465-4600-9928-d7bf0720df1a";
|
|
|
|
|
}
|
|
|
|
|
{
|
|
|
|
|
mountPoint = "/mnt/storage2";
|
|
|
|
|
device = "/dev/disk/by-uuid/71cc55ca-7fc7-40c2-9dee-9e6216959d15";
|
|
|
|
|
}
|
|
|
|
|
{
|
|
|
|
|
mountPoint = "/mnt/temp";
|
|
|
|
|
device = "/dev/disk/by-uuid/6251105f-2b32-40de-859b-1654d6d1037e";
|
|
|
|
|
}
|
|
|
|
|
{
|
|
|
|
|
mountPoint = "/mnt/opensuse";
|
|
|
|
|
device = "/dev/disk/by-uuid/02a65154-3d26-4077-8942-c48337a3f9a2";
|
|
|
|
|
}
|
|
|
|
|
];
|
|
|
|
|
|
|
|
|
|
environment = {
|
|
|
|
|
systemPackages = with packages; [
|
|
|
|
|
nixpkgs.blueman
|
|
|
|
|
nixpkgs.nixops
|
|
|
|
|
nixpkgs.oraclejre8
|
|
|
|
|
myNixpkgs.technic-launcher
|
|
|
|
|
myNixpkgs.ftb-launcher
|
|
|
|
|
nixpkgs.devilspie2
|
|
|
|
|
nixpkgs.bundix
|
|
|
|
|
];
|
|
|
|
|
|
|
|
|
|
etc = {
|
|
|
|
@ -128,7 +131,6 @@ in {
|
|
|
|
|
];
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
hardware.bluetooth.enable = true;
|
|
|
|
|
hardware.pulseaudio.extraConfig = ''
|
|
|
|
|
load-module module-loopback
|
|
|
|
|
load-module module-combine-sink sink_name=all
|
|
|
|
@ -138,16 +140,11 @@ in {
|
|
|
|
|
127.0.0.1 im-project.im
|
|
|
|
|
'';
|
|
|
|
|
|
|
|
|
|
/*networking.wireguard.interfaces = {
|
|
|
|
|
wg0 = {
|
|
|
|
|
ips = [ "192.168.3.1/24" ];
|
|
|
|
|
privateKey = (import ../private/credentials.nix).wireguard.privateKey;
|
|
|
|
|
peers = [{
|
|
|
|
|
allowedIPs = [ "192.168.3.2/32" ];
|
|
|
|
|
publicKey = "2LAxq8w89vdCqa+Jdtk4xsaJ0OcbU/jv71mzm/K0pXE=";
|
|
|
|
|
}];
|
|
|
|
|
};
|
|
|
|
|
};*/
|
|
|
|
|
services.mpd = {
|
|
|
|
|
enable = true;
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
/* SSHd */
|
|
|
|
|
|
|
|
|
|
services.openssh = {
|
|
|
|
|
enable = true;
|
|
|
|
@ -155,9 +152,34 @@ in {
|
|
|
|
|
challengeResponseAuthentication = false;
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
users.users.root.openssh.authorizedKeys.keys = [
|
|
|
|
|
users.users.root.openssh.authorizedKeys.keys = [
|
|
|
|
|
(builtins.readFile ../private/joepie91.pub)
|
|
|
|
|
];
|
|
|
|
|
|
|
|
|
|
nix.useSandbox = true;
|
|
|
|
|
/* Hydra */
|
|
|
|
|
|
|
|
|
|
services.hydra = {
|
|
|
|
|
enable = true;
|
|
|
|
|
port = 3333;
|
|
|
|
|
hydraURL = "http://localhost:3333/";
|
|
|
|
|
notificationSender = "hydra@cryto.net";
|
|
|
|
|
useSubstitutes = true;
|
|
|
|
|
minimumDiskFree = 20;
|
|
|
|
|
minimumDiskFreeEvaluator = 20;
|
|
|
|
|
buildMachinesFiles = pkgs.lib.mkIf (config.nix.buildMachines == []) [];
|
|
|
|
|
extraConfig = ''
|
|
|
|
|
store_uri = file:///var/lib/hydra-builds
|
|
|
|
|
'';
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
/* morepkgs */
|
|
|
|
|
|
|
|
|
|
nix.binaryCaches = options.nix.binaryCaches.default ++ [
|
|
|
|
|
"https://nix-cache.cryto.net/"
|
|
|
|
|
];
|
|
|
|
|
|
|
|
|
|
nix.binaryCachePublicKeys = [
|
|
|
|
|
"hydra.nixos.org-1:CNHJZBh9K4tP3EKF6FkkgeVYsS3ohTl+oS0Qa8bezVs="
|
|
|
|
|
"nix-cache.cryto.net:+FTmODNmc5L50krRNZwx93Ti2PM6Tgqj5EVL2CqazC4="
|
|
|
|
|
];
|
|
|
|
|
}
|
|
|
|
|