From 8d088d418893fa1f818d1a0e0162d4645b104376 Mon Sep 17 00:00:00 2001 From: M-Gregoire Date: Wed, 15 Jan 2020 19:27:44 +0100 Subject: [PATCH] [All] Improve infrastructure --- home/apps.nix | 2 ++ home/dev.nix | 2 +- home/dev/LSP.nix | 2 +- home/dev/nix.nix | 1 - home/gui.nix | 27 ++++++++++++---------- home/i3.nix | 2 +- home/services.nix | 3 +++ nixops/Skuld.nix | 10 -------- nixops/generateDeployment.sh | 4 ++-- nixops/home.nix | 9 -------- nixops/servers.nix | 9 -------- nixos/common.nix | 12 ++++++++-- nixos/dev/nfs.nix | 12 +++++++++- nixos/hosts/Eldir/configuration.nix | 2 +- nixos/hosts/FenrirDocker/configuration.nix | 12 ++++++++-- nixos/hosts/Mimir/configuration.nix | 3 +++ nixos/profiles/PC/default.nix | 8 +++---- nixos/profiles/PC/services.nix | 18 ++++++++++++--- nixos/systemd-networkd.nix | 2 ++ scripts/polybar-spotify-controls | 2 +- vendor/home-manager | 2 +- vendor/infrastructure-private | 2 +- vendor/nixpkgs-release | 2 +- vendor/update.sh | 4 ++-- 24 files changed, 87 insertions(+), 65 deletions(-) delete mode 100644 nixops/Skuld.nix diff --git a/home/apps.nix b/home/apps.nix index fc57c4c..ca56d6b 100644 --- a/home/apps.nix +++ b/home/apps.nix @@ -48,6 +48,8 @@ qrencode # Mount remote filesystems over SSH sshfs + # Run appImage + appimage-run ]; xdg.configFile."khal/config".source = builtins.toPath "${config.resources.pcs.paths.privateDotfiles}/khal/config"; diff --git a/home/dev.nix b/home/dev.nix index cf729e4..64598d3 100644 --- a/home/dev.nix +++ b/home/dev.nix @@ -2,7 +2,7 @@ { imports = [ - ./dev/LSP.nix + #./dev/LSP.nix ./dev/c.nix ./dev/compton.nix ./dev/emacs.nix diff --git a/home/dev/LSP.nix b/home/dev/LSP.nix index 98627bd..5b193ed 100644 --- a/home/dev/LSP.nix +++ b/home/dev/LSP.nix @@ -19,7 +19,7 @@ in # C / C++ ccls # Bash - unstable.nodePackages.bash-language-server + #nodePackages.bash-language-server # Python #python27Packages.python-language-server python37Packages.python-language-server diff --git a/home/dev/nix.nix b/home/dev/nix.nix index e52fa79..c6a63b9 100644 --- a/home/dev/nix.nix +++ b/home/dev/nix.nix @@ -4,7 +4,6 @@ home.packages = with pkgs;[ nix-prefetch-git nix-prefetch-github - yarn2nix nodePackages.node2nix go2nix nixops diff --git a/home/gui.nix b/home/gui.nix index 98318bd..9fcdcab 100644 --- a/home/gui.nix +++ b/home/gui.nix @@ -1,11 +1,11 @@ { config, lib, pkgs, ... }: let - thunar-with-plugins = with pkgs; with xfce; thunar.override { - thunarPlugins = [ - thunar-archive-plugin - ]; - }; + # thunar-with-plugins = with pkgs; with xfce4-14; thunar.override { + # thunarPlugins = [ + # thunar-archive-plugin + # ]; + # }; rofiTheme = import ./theme/rofi.nix { theme=config.resources.theme; @@ -16,9 +16,9 @@ in { programs.feh.enable = true; - home.packages = with pkgs; with xfce4-13; [ + home.packages = with pkgs; [ # Browser & emails - unstable.firefox + firefox chromium thunderbird # Video @@ -33,20 +33,21 @@ in leafpad # Mumble mumble - mumble_overlay + #mumble_overlay # Music spotify # Chats unstable.signal-desktop - unstable.rambox + #rambox # Thunar with archive plugin - thunar-with-plugins + xfce4-14.thunar # Volume manager - thunar-volman + xfce4-14.thunar-volman + xfce.thunar-archive-plugin # Thumbnail ffmpegthumbnailer # D-bus thumbnailer service - tumbler + xfce4-14.tumbler # Disk managment gparted # Sound control @@ -63,6 +64,8 @@ in inkscape # Image viewer nomacs + # Veracrypt + veracrypt ]; home.file.".mozilla/firefox/${config.resources.pcs.firefox.profile}/user.js".source = builtins.toPath "${config.resources.pcs.paths.publicDotfiles}/firefox/user.js"; diff --git a/home/i3.nix b/home/i3.nix index 0cce81e..0dd8e86 100644 --- a/home/i3.nix +++ b/home/i3.nix @@ -65,7 +65,7 @@ in "${workspace1}" = [{class="Firefox";}]; "${workspace3}" = [{class="Emacs";}]; "${workspace8}" = [{class="rambox";}]; - "${workspace9}" = [{class="Thunderbird";}]; + "${workspace9}" = [{class="Thunderbird";} {class="Daily";}]; }; keybindings = { diff --git a/home/services.nix b/home/services.nix index b13335f..c21070b 100644 --- a/home/services.nix +++ b/home/services.nix @@ -46,4 +46,7 @@ in }; }; }dunstTheme; + + # Automount for removable device + services.udiskie.enable = true; } diff --git a/nixops/Skuld.nix b/nixops/Skuld.nix deleted file mode 100644 index 998f8c1..0000000 --- a/nixops/Skuld.nix +++ /dev/null @@ -1,10 +0,0 @@ -{ - Skuld = - { config, pkgs, ... }: - { - deployment = { - targetHost = "Skuld"; - targetPort = config.resources.hosts.skuld.ssh.port; - }; - }; -} diff --git a/nixops/generateDeployment.sh b/nixops/generateDeployment.sh index 99cb924..92d108d 100755 --- a/nixops/generateDeployment.sh +++ b/nixops/generateDeployment.sh @@ -9,10 +9,10 @@ nixops delete -d cloud 2> /dev/null nixops delete -d pcs 2> /dev/null nixops delete -d servers 2> /dev/null -nixops create home.nix Bur.nix Mimir.nix Skuld.nix Fenrir.nix -d home +nixops create home.nix Bur.nix Mimir.nix Fenrir.nix -d home nixops create cloud.nix Eldir.nix -d cloud nixops create pcs.nix Bur.nix Mimir.nix -d pcs -nixops create servers.nix Eldir.nix Skuld.nix Fenrir.nix -d servers +nixops create servers.nix Eldir.nix Fenrir.nix -d servers #nixops deploy -d home #nixops deploy -d cloud diff --git a/nixops/home.nix b/nixops/home.nix index 6500df4..5452d11 100644 --- a/nixops/home.nix +++ b/nixops/home.nix @@ -19,15 +19,6 @@ ]; }; - Skuld = - { config, pkgs, ... }: - { - imports = - [ - ../nixos/hosts/Skuld/configuration.nix - ]; - }; - FenrirDocker = { config, pkgs, ... }: { diff --git a/nixops/servers.nix b/nixops/servers.nix index ad3a822..2c01f95 100644 --- a/nixops/servers.nix +++ b/nixops/servers.nix @@ -10,15 +10,6 @@ ]; }; - Skuld = - { config, pkgs, ... }: - { - imports = - [ - ../nixos/hosts/Skuld/configuration.nix - ]; - }; - FenrirDocker = { config, pkgs, ... }: { diff --git a/nixos/common.nix b/nixos/common.nix index 2529230..9d64d3d 100644 --- a/nixos/common.nix +++ b/nixos/common.nix @@ -4,6 +4,7 @@ imports = [ ../modules ./dev/docker.nix + ./dev/nfs.nix ./services.nix ]; @@ -39,8 +40,6 @@ nixpkgs.overlays = import ../nixpkgs/overlays.nix; networking.hostName = config.resources.hostname; - # - networking.firewall.allowedTCPPorts = config.resources.networking.firewall.openTCPPorts; networking.firewall.allowedUDPPorts = config.resources.networking.firewall.openUDPPorts; @@ -52,10 +51,19 @@ "::1" = [ "${config.resources.hostname}" ]; }; + users.groups.${config.resources.username} = { + name = "${config.resources.username}"; + members = [ "${config.resources.username}" ]; + gid = 1000; + }; + users.users.${config.resources.username} = { isNormalUser = true; home = "/home/${config.resources.username}"; + uid = 1000; + group = "${config.resources.username}"; extraGroups = [ + "users" "wheel" "docker" ]; diff --git a/nixos/dev/nfs.nix b/nixos/dev/nfs.nix index 1703216..066c2bc 100644 --- a/nixos/dev/nfs.nix +++ b/nixos/dev/nfs.nix @@ -1,5 +1,15 @@ -{ config, ... }: +{ config, pkgs, ... }: { boot.kernelModules = [ "nfs" "nfsd" ]; + + environment.systemPackages = with pkgs; [ + # NFS + nfs-utils + ]; + + boot.kernelParams = [ + # https://www.suse.com/support/kb/doc/?id=7014266 + "nfs.nfs4_disable_idmapping=1" + ]; } diff --git a/nixos/hosts/Eldir/configuration.nix b/nixos/hosts/Eldir/configuration.nix index e6b1beb..deb2861 100644 --- a/nixos/hosts/Eldir/configuration.nix +++ b/nixos/hosts/Eldir/configuration.nix @@ -12,7 +12,7 @@ ./nixos-in-place.nix ]; - system.stateVersion = "16.09"; + system.stateVersion = "19.03"; networking.firewall.allowedTCPPorts = [ config.resources.hosts.eldir.ssh.port ]; services.openssh.ports = [ config.resources.hosts.eldir.ssh.port ]; diff --git a/nixos/hosts/FenrirDocker/configuration.nix b/nixos/hosts/FenrirDocker/configuration.nix index dd98faa..88e1441 100644 --- a/nixos/hosts/FenrirDocker/configuration.nix +++ b/nixos/hosts/FenrirDocker/configuration.nix @@ -17,6 +17,15 @@ networking.firewall.allowedTCPPorts = [ config.resources.hosts.fenrirDocker.ssh.port ]; services.openssh.ports = [ config.resources.hosts.fenrirDocker.ssh.port ]; + # Unifi + services.unifi.enable = true; + + fileSystems."/nfs/Sharkoon" = { + device = "fenrirNas.martinache.net:/mnt/Sharkoon"; + fsType = "nfs"; + options = [ "defaults" "uid=1000" "gid=1000" "umask=002" ]; + }; + networking.hosts = { # This part is used to define custom DNS records by my PiHole "${config.resources.hosts.bur.ip.default}" = [ "Bur" "${builtins.concatStringsSep " " config.resources.hosts.bur.extraDomains}" ]; @@ -24,7 +33,6 @@ "${config.resources.hosts.idunn.ip.default}" = [ "Idunn" "${builtins.concatStringsSep " " config.resources.hosts.idunn.extraDomains}" ]; "${config.resources.hosts.mimir.ip.default}" = [ "Mimir" "${builtins.concatStringsSep " " config.resources.hosts.mimir.extraDomains}" ]; "${config.resources.hosts.skuld.ip.default}" = [ "Skuld" "${builtins.concatStringsSep " " config.resources.hosts.skuld.extraDomains}" ]; - "${config.resources.hosts.fenrir.ip.default}" = [ "Fenrir" "${builtins.concatStringsSep " " config.resources.hosts.fenrir.extraDomains}" ]; # Basic hostname already defined in the home profile "${config.resources.hosts.beyla.ip.default}" = [ "${builtins.concatStringsSep " " config.resources.hosts.beyla.extraDomains}" ]; "${config.resources.hosts.octopi.ip.default}" = [ "${builtins.concatStringsSep " " config.resources.hosts.octopi.extraDomains}" ]; @@ -32,5 +40,5 @@ "${config.resources.hosts.fenrirDocker.ip.default}" = [ "${builtins.concatStringsSep " " config.resources.hosts.fenrirDocker.extraDomains}" ]; } // config.resources.hosts.extra; - system.stateVersion = "19.09"; + system.stateVersion = "19.03"; } diff --git a/nixos/hosts/Mimir/configuration.nix b/nixos/hosts/Mimir/configuration.nix index b8b743f..3910743 100644 --- a/nixos/hosts/Mimir/configuration.nix +++ b/nixos/hosts/Mimir/configuration.nix @@ -16,6 +16,9 @@ ./hardware-configuration.nix ]; + # Unifi + services.unifi.enable = true; + services.xserver.libinput.accelSpeed = null; services.xserver.videoDrivers = [ "amdgpu" ]; diff --git a/nixos/profiles/PC/default.nix b/nixos/profiles/PC/default.nix index 7a834ba..9e6b574 100644 --- a/nixos/profiles/PC/default.nix +++ b/nixos/profiles/PC/default.nix @@ -3,14 +3,14 @@ { imports = [ (import ../../../vendor/home-manager { inherit pkgs; }).nixos + #../../dev/ipfs.nix ../../../modules ../../dev/3D.nix ../../dev/android.nix ../../dev/fwudp.nix - #../../dev/ipfs.nix ../../dev/openvpn-client.nix ../../dev/pam.nix - ../../dev/teamviewer.nix + #../../dev/teamviewer.nix ../../dev/wireguard-client-home.nix ../../dev/wireguard-tools.nix ./mime.nix @@ -76,6 +76,8 @@ }; fonts.fonts = with pkgs; [ + # https://github.com/NixOS/nixpkgs/issues/47921#issuecomment-435310057 + # nix-prefetch-url --type sha256 --unpack --name source file:///home/gregoire/Downloads/nerd-fonts-2.0.0.tar.gz 09i467hyskvzj2wn5sj6shvc9pb0a0rx5iknjkkkbg1ng3bla7nm unstable.nerdfonts ]; @@ -84,7 +86,5 @@ ntfs3g # exFat exfat - # NFS - nfs-utils ]; } diff --git a/nixos/profiles/PC/services.nix b/nixos/profiles/PC/services.nix index e2de03a..753d59e 100644 --- a/nixos/profiles/PC/services.nix +++ b/nixos/profiles/PC/services.nix @@ -12,8 +12,20 @@ }; }; - # Unifi - services.unifi.enable = true; + services.gvfs.enable = true; + + # https://github.com/NixOS/nixpkgs/issues/22064 +# nixpkgs.config.packageOverrides = pkgs: { +# xfce = pkgs.xfce // { +# gvfs = pkgs.gvfs; +# }; +# }; + # Network share +# environment.systemPackages = with pkgs; [ +# lxqt.lxqt-policykit +# pkgs.xfce.gvfs +# ]; # provides a default authentification client for policykit + # Smart card services.pcscd.enable = true; @@ -59,7 +71,7 @@ serviceConfig.User = "${config.resources.username}"; script = '' if [ -d '${config.resources.pcs.paths.publicConfig}' ]; then - if ${pkgs.git}/bin/git -C ${config.resources.pcs.paths.publicConfig}/vendor/nixpkgs-release fetch --all && ${pkgs.git}/bin/git -C ${config.resources.pcs.paths.publicConfig}/vendor/nixpkgs-release checkout channels/nixos-19.03; then + if ${pkgs.git}/bin/git -C ${config.resources.pcs.paths.publicConfig}/vendor/nixpkgs-release fetch --all && ${pkgs.git}/bin/git -C ${config.resources.pcs.paths.publicConfig}/vendor/nixpkgs-release checkout channels/nixos-19.09; then echo "nixpkgs-release updated" else echo "nixpkgs-release update failed: sending notification" diff --git a/nixos/systemd-networkd.nix b/nixos/systemd-networkd.nix index fc7b49f..9105fe7 100644 --- a/nixos/systemd-networkd.nix +++ b/nixos/systemd-networkd.nix @@ -7,6 +7,8 @@ networking.wireless.enable = true; + networking.useDHCP = false; + services.resolved.enable = true; # /!\ DNS fallback is not a recovery DNS # See https://github.com/systemd/systemd/issues/5771#issuecomment-296673115 diff --git a/scripts/polybar-spotify-controls b/scripts/polybar-spotify-controls index 0cea920..8ead9b4 160000 --- a/scripts/polybar-spotify-controls +++ b/scripts/polybar-spotify-controls @@ -1 +1 @@ -Subproject commit 0cea920753f9cf744e05ab30471fff2072d7ad5b +Subproject commit 8ead9b4e7655269141e890594994254aa657451b diff --git a/vendor/home-manager b/vendor/home-manager index 0f1c9f2..8d66333 160000 --- a/vendor/home-manager +++ b/vendor/home-manager @@ -1 +1 @@ -Subproject commit 0f1c9f25cf03cd5ed62db05c461af7e13f84a7b6 +Subproject commit 8d663335eb7b5032f637d8b719416ae4f2c1f612 diff --git a/vendor/infrastructure-private b/vendor/infrastructure-private index 01a6dbf..f19ab56 160000 --- a/vendor/infrastructure-private +++ b/vendor/infrastructure-private @@ -1 +1 @@ -Subproject commit 01a6dbf6ba18723e22712ac59508230498bb7661 +Subproject commit f19ab56d171f6f12e9fce8030776342a8194b83b diff --git a/vendor/nixpkgs-release b/vendor/nixpkgs-release index d1dff0b..eb65d1d 160000 --- a/vendor/nixpkgs-release +++ b/vendor/nixpkgs-release @@ -1 +1 @@ -Subproject commit d1dff0bcd9f8cd5cf8fca1ab8f08d55dff5c9c57 +Subproject commit eb65d1dae626f4b149566c4cbccdad7ec24af189 diff --git a/vendor/update.sh b/vendor/update.sh index b396690..e5ff878 100755 --- a/vendor/update.sh +++ b/vendor/update.sh @@ -4,7 +4,7 @@ nix-channel --update cd home-manager git fetch --all -git checkout master +git checkout release-19.09 git pull cd .. @@ -13,7 +13,7 @@ cd nixpkgs-release git remote add channels https://github.com/NixOS/nixpkgs-channels.git git remote update channels git fetch --all -git checkout channels/nixos-19.03 +git checkout channels/nixos-19.09 cd ..