init

.gitignore

@@ -0,0 +1 @@
+secrets

configuration.nix

@@ -0,0 +1,124 @@
+{ config, pkgs, ... }:
+
+{
+
+	nixpkgs.overlays = [
+		#(import ./qemu.nix)
+	];
+
+	imports = [
+		./hardware-configuration.nix
+		./desktop-configuration.nix
+	];
+
+	boot.kernelPackages = pkgs.linuxPackages_latest;
+
+	boot.loader.systemd-boot.enable = true;
+	boot.loader.efi.canTouchEfiVariables = true;
+
+	boot.supportedFilesystems = [ "zfs" ];
+	boot.zfs.devNodes = "/dev/disk/by-partuuid";
+	networking.hostId = "f86b2fa7";
+
+	time.timeZone = "Asia/Kolkata";
+
+	networking.hostName = "desktop"; # Define your hostname.
+	networking.useDHCP = false;
+	networking.interfaces.enp6s18.useDHCP = true;
+	#networking.interfaces.enp11s0.useDHCP = true;
+	
+	
+
+	security.sudo.wheelNeedsPassword = false;
+
+	users.users = {
+		illustris = {
+			isNormalUser = true;
+			extraGroups = [ "wheel" "docker" "tty" ]; # Enable ‘sudo’ for the user.
+			openssh.authorizedKeys.keyFiles = [ ./secrets/ssh_pubkeys ];
+		};
+		root.openssh.authorizedKeys.keyFiles = [ ./secrets/ssh_pubkeys ];
+	};
+
+	environment.systemPackages = with pkgs; [
+		git
+		tmux
+		htop
+		nfs-utils
+		bmon
+		sysstat
+		(pass.withExtensions (exts: [ exts.pass-otp ]))
+		nnn
+		mosh
+		ncdu
+		(writeScriptBin "vpnpass" (builtins.readFile ./scripts/vpnpass))
+		wget
+		expect
+		openvpn
+		#signal-cli
+		tcpdump
+		killall
+		file
+		tree
+		ntfs3g
+		p7zip
+		ranger
+		cscope
+		python
+		bind # for nslookup
+		ethtool
+		unzip
+		pciutils
+		sshfs
+		jq
+		#arduino
+		#python27Packages.pyserial
+	];
+
+	programs.gnupg.agent = {
+		enable = true;
+	};
+
+	services = {
+		openssh = {
+			enable = true;
+			forwardX11 = true;
+		};
+		udev.packages = [ (pkgs.callPackage (import ./packages/xr-hardware/default.nix) {}) ];
+	};
+	environment.etc.openvpn.source = "${pkgs.update-resolv-conf}/libexec/openvpn";
+
+	virtualisation.docker.enable = true;
+
+	# Temporary fix for qemu-ga till #112886 gets merged
+	services.udev.extraRules = ''
+		SUBSYSTEM=="virtio-ports", ATTR{name}=="org.qemu.guest_agent.0", TAG+="systemd" ENV{SYSTEMD_WANTS}="qemu-guest-agent.service"
+	'';
+	systemd.services.qemu-guest-agent = {
+		description = "Run the QEMU Guest Agent";
+		serviceConfig = {
+			ExecStart = "${pkgs.qemu}/bin/qemu-ga --statedir /var/run";
+			Restart = "always";
+			RestartSec = 0;
+		};
+	};
+	networking.hosts = {
+		"192.168.1.8" = ["git.illustris.tech"];
+		"192.168.1.10" = ["kube-master"];
+	};
+
+	# In case of emergency, bash glass
+	#systemd.tmpfiles.rules = [
+	#	"L /bin/bash - - - - /run/current-system/sw/bin/bash"
+	#];
+
+	# This value determines the NixOS release from which the default
+	# settings for stateful data, like file locations and database versions
+	# on your system were taken. It‘s perfectly fine and recommended to leave
+	# this value at the release version of the first install of this system.
+	# Before changing this value read the documentation for this option
+	# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
+	system.stateVersion = "21.03"; # Did you read the comment?
+
+}
+

desktop-configuration.nix

@@ -0,0 +1,74 @@
+{ config, pkgs, ... }:
+{
+
+	nixpkgs.overlays = [
+		#(import ./overlays/suckless/st-overlay.nix)
+		#(import ./overlays/suckless/surf-overlay.nix)
+		(import ./overlays/suckless/dwm-overlay.nix)
+	];
+
+	fonts.fonts = with pkgs; [
+		(nerdfonts.override { fonts = [ "DroidSansMono" ]; })
+	];
+
+	services = {
+		xserver = {
+			enable = true;
+			displayManager.defaultSession = "none+dwm";
+			windowManager.dwm.enable = true;
+			videoDrivers = [ "nvidia" ];
+			dpi = 100;
+			#defaultDepth = 30;
+		};
+		picom = {
+			enable = true;
+			vSync = true;
+			refreshRate = 60;
+			#backend = "xr_glx_hybrid";
+			backend = "glx";
+		};
+	};
+
+	nixpkgs.config.allowUnfree = true;
+	programs.steam.enable = true;
+	environment.systemPackages = with pkgs; [
+		chromium
+		st
+		dmenu
+		mpv
+		pavucontrol
+		sublime3
+		perlPackages.AppClusterSSH
+		x11vnc
+		kcachegrind
+		remmina
+		insomnia
+		vlc
+		openhmd
+		gimp
+		firefox
+		#obs-studio
+		signal-desktop
+		sxiv
+		scrot
+		(libsForQt5.callPackage (import ./packages/rescuetime/default.nix) {})
+		surf
+		gnome3.gnome-screenshot
+		blender
+		wireshark
+	];
+
+	hardware.pulseaudio = {
+		enable = true;
+		daemon.config.default-sample-channels = 6;
+		package = pkgs.pulseaudioFull;
+		#extraConfig = ''
+		#	load-module module-simple-protocol-tcp rate=48000 format=s16le channels=2 source=alsa_output.pci-0000_01_00.1.hdmi-stereo.monitor record=true port=8888
+		#'';
+		#tcp = {
+		#	enable = true;
+		#};
+	};
+
+	networking.firewall.allowedTCPPorts = [ 4713 8888 ];
+}

hardware-configuration.nix

@@ -0,0 +1,73 @@
+# Do not modify this file! It was generated by ‘nixos-generate-config’
+# and may be overwritten by future invocations. Please make changes
+# to /etc/nixos/configuration.nix instead.
+{ config, lib, pkgs, modulesPath, ... }:
+
+{
+	imports = [
+		(modulesPath + "/profiles/qemu-guest.nix")
+	];
+
+	boot.initrd.availableKernelModules = [ "uhci_hcd" "ehci_pci" "ahci" "virtio_pci" "sr_mod" "virtio_blk" ];
+	boot.initrd.kernelModules = [ ];
+	boot.kernelModules = [ "v4l2loopback" ];
+	boot.extraModulePackages = [ pkgs.linuxPackages_latest.v4l2loopback ];
+
+	fileSystems = {
+		"/" = {
+			device = "ssd/rootfs";
+			fsType = "zfs";
+		};
+
+		"/home" = {
+			device = "ssd/home";
+			fsType = "zfs";
+		};
+
+		"/nix" = {
+			device = "ssd/nix";
+			fsType = "zfs";
+		};
+
+		"/root" = {
+			device = "ssd/home/root";
+			fsType = "zfs";
+		};
+
+		#"/var/lib/steam" = {
+		#	device = "ssd/steam";
+		#	fsType = "zfs";
+		#};
+
+		"/tmp" = {
+			device = "ssd/tmp";
+			fsType = "zfs";
+		};
+
+		"/var" = {
+			device = "ssd/var";
+			fsType = "zfs";
+		};
+
+		"/var/lib" = {
+			device = "ssd/var/lib";
+			fsType = "zfs";
+		};
+
+		"/var/log" = {
+			device = "ssd/var/log";
+			fsType = "zfs";
+		};
+
+		"/boot" = {
+			device = "/dev/disk/by-uuid/453B-D3CD";
+			fsType = "vfat";
+		};
+	};
+
+	swapDevices = [ ];
+	zramSwap = {
+		enable = true;
+	};
+
+}

overlays/suckless/dwm-overlay.nix

@@ -0,0 +1,5 @@
+(self: super: {
+	dwm = super.dwm.overrideAttrs (oldAttrs: {
+		src = /home/illustris/src/dwm;
+	});
+})

packages/rescuetime/default.nix

@@ -0,0 +1,59 @@
+{ stdenv, lib, fetchurl, dpkg, patchelf, qt5, libXtst, libXext, libX11, mkDerivation, makeWrapper, libXScrnSaver, writeScript, common-updater-scripts, curl, pup }:
+
+let
+  version = "2.16.5.1";
+  src =
+    if stdenv.hostPlatform.system == "i686-linux" then fetchurl {
+      name = "rescuetime-installer.deb";
+      url = "https://www.rescuetime.com/installers/rescuetime_${version}_i386.deb";
+      sha256 = "1xrvyy0higc1fbc8ascpaszvg2bl6x0a35bzmdq6dkay48hnrd8b";
+    } else fetchurl {
+      name = "rescuetime-installer.deb";
+      url = "https://www.rescuetime.com/installers/rescuetime_${version}_amd64.deb";
+      sha256 = "09ng0yal66d533vzfv27k9l2va03rqbqmsni43qi3hgx7w9wx5ii";
+    };
+in mkDerivation rec {
+  # https://www.rescuetime.com/updates/linux_release_notes.html
+  inherit version;
+  pname = "rescuetime";
+  inherit src;
+  nativeBuildInputs = [ dpkg ];
+  # avoid https://github.com/NixOS/patchelf/issues/99
+  dontStrip = true;
+  unpackPhase = ''
+    mkdir pkg
+    dpkg-deb -x $src pkg
+    sourceRoot=pkg
+  '';
+  installPhase = ''
+    mkdir -p $out/bin
+    cp usr/bin/rescuetime $out/bin
+
+    ${patchelf}/bin/patchelf \
+      --interpreter "$(cat $NIX_CC/nix-support/dynamic-linker)" \
+      --set-rpath "${lib.makeLibraryPath [ qt5.qtbase libXtst libXext libX11 libXScrnSaver ]}" \
+      $out/bin/rescuetime
+  '';
+
+  passthru.updateScript = writeScript "${pname}-updater" ''
+    #!${stdenv.shell}
+    set -eu -o pipefail
+    PATH=${lib.makeBinPath [curl pup common-updater-scripts]}:$PATH
+    latestVersion="$(curl -sS https://www.rescuetime.com/release-notes/linux | pup '.release:first-of-type h2 strong text{}' | tr -d '\n')"
+
+    for platform in ${lib.concatStringsSep " " meta.platforms}; do
+      # The script will not perform an update when the version attribute is up to date from previous platform run
+      # We need to clear it before each run
+      update-source-version ${pname} 0 $(yes 0 | head -64 | tr -d "\n") --system=$platform
+      update-source-version ${pname} "$latestVersion" --system=$platform
+    done
+  '';
+
+  meta = with lib; {
+    description = "Helps you understand your daily habits so you can focus and be more productive";
+    homepage    = "https://www.rescuetime.com";
+    maintainers = with maintainers; [ cstrahan ];
+    license     = licenses.unfree;
+    platforms   = [ "i686-linux" "x86_64-linux" ];
+  };
+}

packages/xr-hardware/default.nix

@@ -0,0 +1,21 @@
+{ lib, stdenv, fetchgit }:
+
+stdenv.mkDerivation {
+	pname = "xr-hardware";
+	version = "0.3.0";
+	src = fetchgit {
+		url = "https://gitlab.freedesktop.org/monado/utilities/xr-hardware.git";
+		rev = "34f51326403c076c820942f855f8532dd90860e4";
+		sha256 = "1729z53lc0g9cwv05pqi4x31syi9mhfm9s99fm5azsr5f51cy3wq";
+	};
+
+	installPhase = ''
+		DESTDIR=$out make install
+	'';
+
+	meta = {
+		description = "Udev rules for user access to XR (VR and AR)hardware devices";
+		platforms = with lib.platforms; all;
+		license = lib.licenses.boost;
+	};
+}

scripts/vpnpass

@@ -0,0 +1,15 @@
+#!/usr/bin/env expect
+set conf [lindex $argv 0];
+set user [lindex $argv 1];
+set pass_pw [lindex $argv 2];
+set pass_otp [lindex $argv 3];
+spawn sudo openvpn --config $conf
+expect "Enter Auth Username:"
+send "$user\n"
+expect "Enter Auth Password:"
+set pw [exec pass "$pass_pw"]
+send "$pw\n"
+expect "Enter Google Authenticator Code"
+set otp [exec pass otp "$pass_otp"]
+send "$otp\n"
+interact