commit 6c559efe66f7f7bdaf08ce45fd2c654c1a6e1660 Author: illustris Date: Fri Mar 5 07:02:38 2021 +0530 init diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..db2fc0d --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +secrets diff --git a/configuration.nix b/configuration.nix new file mode 100644 index 0000000..912127d --- /dev/null +++ b/configuration.nix @@ -0,0 +1,124 @@ +{ config, pkgs, ... }: + +{ + + nixpkgs.overlays = [ + #(import ./qemu.nix) + ]; + + imports = [ + ./hardware-configuration.nix + ./desktop-configuration.nix + ]; + + boot.kernelPackages = pkgs.linuxPackages_latest; + + boot.loader.systemd-boot.enable = true; + boot.loader.efi.canTouchEfiVariables = true; + + boot.supportedFilesystems = [ "zfs" ]; + boot.zfs.devNodes = "/dev/disk/by-partuuid"; + networking.hostId = "f86b2fa7"; + + time.timeZone = "Asia/Kolkata"; + + networking.hostName = "desktop"; # Define your hostname. + networking.useDHCP = false; + networking.interfaces.enp6s18.useDHCP = true; + #networking.interfaces.enp11s0.useDHCP = true; + + + + security.sudo.wheelNeedsPassword = false; + + users.users = { + illustris = { + isNormalUser = true; + extraGroups = [ "wheel" "docker" "tty" ]; # Enable ‘sudo’ for the user. + openssh.authorizedKeys.keyFiles = [ ./secrets/ssh_pubkeys ]; + }; + root.openssh.authorizedKeys.keyFiles = [ ./secrets/ssh_pubkeys ]; + }; + + environment.systemPackages = with pkgs; [ + git + tmux + htop + nfs-utils + bmon + sysstat + (pass.withExtensions (exts: [ exts.pass-otp ])) + nnn + mosh + ncdu + (writeScriptBin "vpnpass" (builtins.readFile ./scripts/vpnpass)) + wget + expect + openvpn + #signal-cli + tcpdump + killall + file + tree + ntfs3g + p7zip + ranger + cscope + python + bind # for nslookup + ethtool + unzip + pciutils + sshfs + jq + #arduino + #python27Packages.pyserial + ]; + + programs.gnupg.agent = { + enable = true; + }; + + services = { + openssh = { + enable = true; + forwardX11 = true; + }; + udev.packages = [ (pkgs.callPackage (import ./packages/xr-hardware/default.nix) {}) ]; + }; + environment.etc.openvpn.source = "${pkgs.update-resolv-conf}/libexec/openvpn"; + + virtualisation.docker.enable = true; + + # Temporary fix for qemu-ga till #112886 gets merged + services.udev.extraRules = '' + SUBSYSTEM=="virtio-ports", ATTR{name}=="org.qemu.guest_agent.0", TAG+="systemd" ENV{SYSTEMD_WANTS}="qemu-guest-agent.service" + ''; + systemd.services.qemu-guest-agent = { + description = "Run the QEMU Guest Agent"; + serviceConfig = { + ExecStart = "${pkgs.qemu}/bin/qemu-ga --statedir /var/run"; + Restart = "always"; + RestartSec = 0; + }; + }; + networking.hosts = { + "192.168.1.8" = ["git.illustris.tech"]; + "192.168.1.10" = ["kube-master"]; + }; + + # In case of emergency, bash glass + #systemd.tmpfiles.rules = [ + # "L /bin/bash - - - - /run/current-system/sw/bin/bash" + #]; + + # This value determines the NixOS release from which the default + # settings for stateful data, like file locations and database versions + # on your system were taken. It‘s perfectly fine and recommended to leave + # this value at the release version of the first install of this system. + # Before changing this value read the documentation for this option + # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). + system.stateVersion = "21.03"; # Did you read the comment? + +} + diff --git a/desktop-configuration.nix b/desktop-configuration.nix new file mode 100644 index 0000000..c1343d5 --- /dev/null +++ b/desktop-configuration.nix @@ -0,0 +1,74 @@ +{ config, pkgs, ... }: +{ + + nixpkgs.overlays = [ + #(import ./overlays/suckless/st-overlay.nix) + #(import ./overlays/suckless/surf-overlay.nix) + (import ./overlays/suckless/dwm-overlay.nix) + ]; + + fonts.fonts = with pkgs; [ + (nerdfonts.override { fonts = [ "DroidSansMono" ]; }) + ]; + + services = { + xserver = { + enable = true; + displayManager.defaultSession = "none+dwm"; + windowManager.dwm.enable = true; + videoDrivers = [ "nvidia" ]; + dpi = 100; + #defaultDepth = 30; + }; + picom = { + enable = true; + vSync = true; + refreshRate = 60; + #backend = "xr_glx_hybrid"; + backend = "glx"; + }; + }; + + nixpkgs.config.allowUnfree = true; + programs.steam.enable = true; + environment.systemPackages = with pkgs; [ + chromium + st + dmenu + mpv + pavucontrol + sublime3 + perlPackages.AppClusterSSH + x11vnc + kcachegrind + remmina + insomnia + vlc + openhmd + gimp + firefox + #obs-studio + signal-desktop + sxiv + scrot + (libsForQt5.callPackage (import ./packages/rescuetime/default.nix) {}) + surf + gnome3.gnome-screenshot + blender + wireshark + ]; + + hardware.pulseaudio = { + enable = true; + daemon.config.default-sample-channels = 6; + package = pkgs.pulseaudioFull; + #extraConfig = '' + # load-module module-simple-protocol-tcp rate=48000 format=s16le channels=2 source=alsa_output.pci-0000_01_00.1.hdmi-stereo.monitor record=true port=8888 + #''; + #tcp = { + # enable = true; + #}; + }; + + networking.firewall.allowedTCPPorts = [ 4713 8888 ]; +} diff --git a/hardware-configuration.nix b/hardware-configuration.nix new file mode 100644 index 0000000..b36ee50 --- /dev/null +++ b/hardware-configuration.nix @@ -0,0 +1,73 @@ +# Do not modify this file! It was generated by ‘nixos-generate-config’ +# and may be overwritten by future invocations. Please make changes +# to /etc/nixos/configuration.nix instead. +{ config, lib, pkgs, modulesPath, ... }: + +{ + imports = [ + (modulesPath + "/profiles/qemu-guest.nix") + ]; + + boot.initrd.availableKernelModules = [ "uhci_hcd" "ehci_pci" "ahci" "virtio_pci" "sr_mod" "virtio_blk" ]; + boot.initrd.kernelModules = [ ]; + boot.kernelModules = [ "v4l2loopback" ]; + boot.extraModulePackages = [ pkgs.linuxPackages_latest.v4l2loopback ]; + + fileSystems = { + "/" = { + device = "ssd/rootfs"; + fsType = "zfs"; + }; + + "/home" = { + device = "ssd/home"; + fsType = "zfs"; + }; + + "/nix" = { + device = "ssd/nix"; + fsType = "zfs"; + }; + + "/root" = { + device = "ssd/home/root"; + fsType = "zfs"; + }; + + #"/var/lib/steam" = { + # device = "ssd/steam"; + # fsType = "zfs"; + #}; + + "/tmp" = { + device = "ssd/tmp"; + fsType = "zfs"; + }; + + "/var" = { + device = "ssd/var"; + fsType = "zfs"; + }; + + "/var/lib" = { + device = "ssd/var/lib"; + fsType = "zfs"; + }; + + "/var/log" = { + device = "ssd/var/log"; + fsType = "zfs"; + }; + + "/boot" = { + device = "/dev/disk/by-uuid/453B-D3CD"; + fsType = "vfat"; + }; + }; + + swapDevices = [ ]; + zramSwap = { + enable = true; + }; + +} diff --git a/overlays/suckless/dwm-overlay.nix b/overlays/suckless/dwm-overlay.nix new file mode 100644 index 0000000..8b05cdd --- /dev/null +++ b/overlays/suckless/dwm-overlay.nix @@ -0,0 +1,5 @@ +(self: super: { + dwm = super.dwm.overrideAttrs (oldAttrs: { + src = /home/illustris/src/dwm; + }); +}) diff --git a/packages/rescuetime/default.nix b/packages/rescuetime/default.nix new file mode 100644 index 0000000..69f0b26 --- /dev/null +++ b/packages/rescuetime/default.nix @@ -0,0 +1,59 @@ +{ stdenv, lib, fetchurl, dpkg, patchelf, qt5, libXtst, libXext, libX11, mkDerivation, makeWrapper, libXScrnSaver, writeScript, common-updater-scripts, curl, pup }: + +let + version = "2.16.5.1"; + src = + if stdenv.hostPlatform.system == "i686-linux" then fetchurl { + name = "rescuetime-installer.deb"; + url = "https://www.rescuetime.com/installers/rescuetime_${version}_i386.deb"; + sha256 = "1xrvyy0higc1fbc8ascpaszvg2bl6x0a35bzmdq6dkay48hnrd8b"; + } else fetchurl { + name = "rescuetime-installer.deb"; + url = "https://www.rescuetime.com/installers/rescuetime_${version}_amd64.deb"; + sha256 = "09ng0yal66d533vzfv27k9l2va03rqbqmsni43qi3hgx7w9wx5ii"; + }; +in mkDerivation rec { + # https://www.rescuetime.com/updates/linux_release_notes.html + inherit version; + pname = "rescuetime"; + inherit src; + nativeBuildInputs = [ dpkg ]; + # avoid https://github.com/NixOS/patchelf/issues/99 + dontStrip = true; + unpackPhase = '' + mkdir pkg + dpkg-deb -x $src pkg + sourceRoot=pkg + ''; + installPhase = '' + mkdir -p $out/bin + cp usr/bin/rescuetime $out/bin + + ${patchelf}/bin/patchelf \ + --interpreter "$(cat $NIX_CC/nix-support/dynamic-linker)" \ + --set-rpath "${lib.makeLibraryPath [ qt5.qtbase libXtst libXext libX11 libXScrnSaver ]}" \ + $out/bin/rescuetime + ''; + + passthru.updateScript = writeScript "${pname}-updater" '' + #!${stdenv.shell} + set -eu -o pipefail + PATH=${lib.makeBinPath [curl pup common-updater-scripts]}:$PATH + latestVersion="$(curl -sS https://www.rescuetime.com/release-notes/linux | pup '.release:first-of-type h2 strong text{}' | tr -d '\n')" + + for platform in ${lib.concatStringsSep " " meta.platforms}; do + # The script will not perform an update when the version attribute is up to date from previous platform run + # We need to clear it before each run + update-source-version ${pname} 0 $(yes 0 | head -64 | tr -d "\n") --system=$platform + update-source-version ${pname} "$latestVersion" --system=$platform + done + ''; + + meta = with lib; { + description = "Helps you understand your daily habits so you can focus and be more productive"; + homepage = "https://www.rescuetime.com"; + maintainers = with maintainers; [ cstrahan ]; + license = licenses.unfree; + platforms = [ "i686-linux" "x86_64-linux" ]; + }; +} diff --git a/packages/xr-hardware/default.nix b/packages/xr-hardware/default.nix new file mode 100644 index 0000000..574ab64 --- /dev/null +++ b/packages/xr-hardware/default.nix @@ -0,0 +1,21 @@ +{ lib, stdenv, fetchgit }: + +stdenv.mkDerivation { + pname = "xr-hardware"; + version = "0.3.0"; + src = fetchgit { + url = "https://gitlab.freedesktop.org/monado/utilities/xr-hardware.git"; + rev = "34f51326403c076c820942f855f8532dd90860e4"; + sha256 = "1729z53lc0g9cwv05pqi4x31syi9mhfm9s99fm5azsr5f51cy3wq"; + }; + + installPhase = '' + DESTDIR=$out make install + ''; + + meta = { + description = "Udev rules for user access to XR (VR and AR)hardware devices"; + platforms = with lib.platforms; all; + license = lib.licenses.boost; + }; +} diff --git a/scripts/vpnpass b/scripts/vpnpass new file mode 100755 index 0000000..b4d4ccb --- /dev/null +++ b/scripts/vpnpass @@ -0,0 +1,15 @@ +#!/usr/bin/env expect +set conf [lindex $argv 0]; +set user [lindex $argv 1]; +set pass_pw [lindex $argv 2]; +set pass_otp [lindex $argv 3]; +spawn sudo openvpn --config $conf +expect "Enter Auth Username:" +send "$user\n" +expect "Enter Auth Password:" +set pw [exec pass "$pass_pw"] +send "$pw\n" +expect "Enter Google Authenticator Code" +set otp [exec pass otp "$pass_otp"] +send "$otp\n" +interact