b12f-to-master #16
|
@ -24,6 +24,14 @@ charset = unset
|
|||
indent_style = unset
|
||||
indent_size = unset
|
||||
|
||||
[*.rom]
|
||||
end_of_line = unset
|
||||
insert_final_newline = unset
|
||||
trim_trailing_whitespace = unset
|
||||
charset = unset
|
||||
indent_style = unset
|
||||
indent_size = unset
|
||||
|
||||
[*.py]
|
||||
indent_size = 4
|
||||
|
||||
|
|
5
.gitignore
vendored
5
.gitignore
vendored
|
@ -7,6 +7,7 @@ vm
|
|||
iso
|
||||
doi
|
||||
|
||||
pkgs/_sources/.shake*
|
||||
|
||||
# PubSolarOS
|
||||
tags
|
||||
/owners
|
||||
pkgs/_sources/.shake*
|
||||
|
|
106
flake.lock
106
flake.lock
|
@ -20,6 +20,27 @@
|
|||
"type": "github"
|
||||
}
|
||||
},
|
||||
"b12f-nix-fonts": {
|
||||
"inputs": {
|
||||
"nixpkgs": [
|
||||
"latest"
|
||||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1622501268,
|
||||
"narHash": "sha256-wITrQEsJ5zWEl9yGUUPOUUpBN08Sva7MaB7uwYHmX7s=",
|
||||
"ref": "main",
|
||||
"rev": "51f94ad589c096e7fbb6a1f58f3b07037ef035bd",
|
||||
"revCount": 4,
|
||||
"type": "git",
|
||||
"url": "https://git.b12f.io/b12f/nix-fonts"
|
||||
},
|
||||
"original": {
|
||||
"ref": "main",
|
||||
"type": "git",
|
||||
"url": "https://git.b12f.io/b12f/nix-fonts"
|
||||
}
|
||||
},
|
||||
"blank": {
|
||||
"locked": {
|
||||
"lastModified": 1625557891,
|
||||
|
@ -93,11 +114,11 @@
|
|||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1628068208,
|
||||
"narHash": "sha256-akJBkj6os4bjO1drhketJvXNC21yPuy4ufL2pyius4M=",
|
||||
"lastModified": 1628752686,
|
||||
"narHash": "sha256-Lzh9MYUJDsjgif+YEyOErXtj1IH+ci8J1C30g1ms69s=",
|
||||
"owner": "serokell",
|
||||
"repo": "deploy-rs",
|
||||
"rev": "d72174307d5b88ec24cc2e69e875228fe3d642ed",
|
||||
"rev": "e5546f9c2503c26d175f08a81fc0a0f330be4cbe",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -108,11 +129,11 @@
|
|||
},
|
||||
"devshell": {
|
||||
"locked": {
|
||||
"lastModified": 1625086391,
|
||||
"narHash": "sha256-IpNPv1v8s4L3CoxhwcgZIitGpcrnNgnj09X7TA0QV3k=",
|
||||
"lastModified": 1629275356,
|
||||
"narHash": "sha256-R17M69EKXP6q8/mNHaK53ECwjFo1pdF+XaJC9Qq8zjg=",
|
||||
"owner": "numtide",
|
||||
"repo": "devshell",
|
||||
"rev": "4b5ac7cf7d9a1cc60b965bb51b59922f2210cbc7",
|
||||
"rev": "26f25a12265f030917358a9632cd600b51af1d97",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -131,6 +152,7 @@
|
|||
"home-manager": [
|
||||
"home"
|
||||
],
|
||||
"nix": "nix",
|
||||
"nixlib": [
|
||||
"nixos"
|
||||
],
|
||||
|
@ -140,11 +162,11 @@
|
|||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1628211944,
|
||||
"narHash": "sha256-2q1dNUzitVd0JNRHYTubbyb8ks3fL9hPJOvQgofxELE=",
|
||||
"lastModified": 1629419320,
|
||||
"narHash": "sha256-ktoQQnRi/27juWC9YRNBj2RBG7lJU5h/kG8/KYFQt6M=",
|
||||
"owner": "divnix",
|
||||
"repo": "digga",
|
||||
"rev": "760bb9c29063258ba547145de0ab96acd7eba4c0",
|
||||
"rev": "50f10e12156a08f71a189cca98498161fae9c952",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -192,11 +214,11 @@
|
|||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1627071952,
|
||||
"narHash": "sha256-FhE0KOuI9Kl4eyGJXu4bh9fBP2hbxjnD1DlKHljCcYs=",
|
||||
"lastModified": 1628855985,
|
||||
"narHash": "sha256-OqhVFoCCA6GfGuMhZXQ5CrmZUYsumCJTwI72FOMf82I=",
|
||||
"owner": "gytis-ivaskevicius",
|
||||
"repo": "flake-utils-plus",
|
||||
"rev": "51a82925db31073bc4822c9b538a0a3ebf1134b2",
|
||||
"rev": "a79a0b86e59dc087df6704f9b13b1ed951ef5c5f",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -228,11 +250,11 @@
|
|||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1624228557,
|
||||
"narHash": "sha256-wwOqe73BsrXfRv1PhyXQFNC8iTET50KvE/HitdkRgxs=",
|
||||
"lastModified": 1630076227,
|
||||
"narHash": "sha256-p3YdtqSPLnMudWsLMgd6XMEhQKB2oz1hvDkHtOlz5/Q=",
|
||||
"owner": "nix-community",
|
||||
"repo": "home-manager",
|
||||
"rev": "35a24648d155843a4d162de98c17b1afd5db51e4",
|
||||
"rev": "f5adb9be829f487f99bcc0f1884f74ddb85f70c8",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -258,10 +280,29 @@
|
|||
"type": "github"
|
||||
}
|
||||
},
|
||||
"lowdown-src": {
|
||||
"flake": false,
|
||||
"locked": {
|
||||
"lastModified": 1617481909,
|
||||
"narHash": "sha256-SqnfOFuLuVRRNeVJr1yeEPJue/qWoCp5N6o5Kr///p4=",
|
||||
"owner": "kristapsdz",
|
||||
"repo": "lowdown",
|
||||
"rev": "148f9b2f586c41b7e36e73009db43ea68c7a1a4d",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "kristapsdz",
|
||||
"ref": "VERSION_0_8_4",
|
||||
"repo": "lowdown",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"naersk": {
|
||||
"inputs": {
|
||||
"nixpkgs": [
|
||||
"latest"
|
||||
"digga",
|
||||
"deploy",
|
||||
"nixpkgs"
|
||||
]
|
||||
},
|
||||
"locked": {
|
||||
|
@ -286,11 +327,11 @@
|
|||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1623927034,
|
||||
"lastModified": 1629707199,
|
||||
"narHash": "sha256-sGxlmfp5eXL5sAMNqHSb04Zq6gPl+JeltIZ226OYN0w=",
|
||||
"owner": "nmattia",
|
||||
"repo": "naersk",
|
||||
"rev": "e09c320446c5c2516d430803f7b19f5833781337",
|
||||
"rev": "df71f5e4babda41cd919a8684b72218e2e809fa9",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -299,6 +340,28 @@
|
|||
"type": "github"
|
||||
}
|
||||
},
|
||||
"nix": {
|
||||
"inputs": {
|
||||
"lowdown-src": "lowdown-src",
|
||||
"nixpkgs": [
|
||||
"digga",
|
||||
"nixpkgs"
|
||||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1629360796,
|
||||
"narHash": "sha256-KAcvr8eEhEqOQweDAsHurO9ECmfdptbU1UT7smcpyBs=",
|
||||
"owner": "nixos",
|
||||
"repo": "nix",
|
||||
"rev": "ffa629b2c0ea6368deca700afdac53a6e14557aa",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "nixos",
|
||||
"repo": "nix",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"nix-dram": {
|
||||
"inputs": {
|
||||
"flake-utils": "flake-utils_2",
|
||||
|
@ -320,11 +383,11 @@
|
|||
},
|
||||
"nixos": {
|
||||
"locked": {
|
||||
"lastModified": 1628203131,
|
||||
"narHash": "sha256-jQgXeJ9NQQS0Eobb/qQOvS+RRULkqRikAeXkkFKOPDA=",
|
||||
"lastModified": 1630598110,
|
||||
"narHash": "sha256-FD1xIDoKMOjBE8tHHp95aa5HfxKDCa+3kf5T7AA47tY=",
|
||||
"owner": "nixos",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "178da37860823d35e801c7df2f73d7866d3d598a",
|
||||
"rev": "6bfe71f2a4e2e425dee26b25d2309f341ff1600d",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -437,6 +500,7 @@
|
|||
"root": {
|
||||
"inputs": {
|
||||
"agenix": "agenix",
|
||||
"b12f-nix-fonts": "b12f-nix-fonts",
|
||||
"blank": [
|
||||
"digga",
|
||||
"blank"
|
||||
|
|
11
flake.nix
11
flake.nix
|
@ -51,6 +51,10 @@
|
|||
|
||||
# PubSolarOS additions
|
||||
nix-dram.url = "github:dramforever/nix-dram";
|
||||
|
||||
# b12f additions
|
||||
b12f-nix-fonts.url = "git+https://git.b12f.io/b12f/nix-fonts?ref=main";
|
||||
b12f-nix-fonts.inputs.nixpkgs.follows = "latest";
|
||||
};
|
||||
|
||||
outputs =
|
||||
|
@ -65,6 +69,7 @@
|
|||
, nvfetcher
|
||||
, deploy
|
||||
, nix-dram
|
||||
, b12f-nix-fonts
|
||||
, ...
|
||||
} @ inputs:
|
||||
digga.lib.mkFlake
|
||||
|
@ -83,6 +88,7 @@
|
|||
nvfetcher.overlay
|
||||
deploy.overlay
|
||||
nix-dram.overlay
|
||||
b12f-nix-fonts.overlay
|
||||
./pkgs/default.nix
|
||||
];
|
||||
};
|
||||
|
@ -127,7 +133,10 @@
|
|||
suites = with profiles; rec {
|
||||
base = [ core users.nixos users.root ];
|
||||
pubsolaros = [ core base-user users.root ];
|
||||
anonymous = [ pubsolaros users.nixos ];
|
||||
anonymous = pubsolaros ++ [ users.nixos ];
|
||||
b12f = pubsolaros ++ [ users.ben gaming ];
|
||||
biolimo = b12f ++ [ graphical ];
|
||||
chocolatebar = b12f ++ [ graphical virtualisation ];
|
||||
};
|
||||
};
|
||||
};
|
||||
|
|
6
hosts/biolimo/.config/sway/config.d/autostart.conf
Normal file
6
hosts/biolimo/.config/sway/config.d/autostart.conf
Normal file
|
@ -0,0 +1,6 @@
|
|||
# Autostart applications
|
||||
#
|
||||
# Example:
|
||||
# exec swayidle
|
||||
|
||||
exec keepassxc
|
19
hosts/biolimo/.config/sway/config.d/custom-keybindings.conf
Normal file
19
hosts/biolimo/.config/sway/config.d/custom-keybindings.conf
Normal file
|
@ -0,0 +1,19 @@
|
|||
# Touchpad controls
|
||||
#bindsym XF86TouchpadToggle exec $HOME/Workspace/ben/toggletouchpad.sh # toggle touchpad
|
||||
|
||||
# Screen brightness controls
|
||||
bindsym XF86MonBrightnessUp exec "brightnessctl -d intel_backlight set +10%; notify-send $(brightnessctl -d intel_backlight i | awk '/Current/ {print $4}')"
|
||||
bindsym XF86MonBrightnessDown exec "brightnessctl -d intel_backlight set 10%-; notify-send $(brightnessctl -d intel_backlight i | awk '/Current/ { print $4}')"
|
||||
|
||||
# Keyboard backlight brightness controls
|
||||
bindsym XF86KbdBrightnessDown exec "brightnessctl -d smc::kbd_backlight set 10%-; notify-send $(brightnessctl -d smc::kbd_backlight i | awk '/Current/ { print $4}')"
|
||||
bindsym XF86KbdBrightnessUp exec "brightnessctl -d smc::kbd_backlight set +10%; notify-send $(brightnessctl -d smc::kbd_backlight i | awk '/Current/ { print $4}')"
|
||||
|
||||
# Pulse Audio controls
|
||||
bindsym XF86AudioRaiseVolume exec pactl set-sink-volume @DEFAULT_SINK@ +5%; exec pactl set-sink-mute @DEFAULT_SINK@ 0 && notify-send 'Vol. up' #increase sound volume
|
||||
bindsym XF86AudioLowerVolume exec pactl set-sink-volume @DEFAULT_SINK@ -5%; exec pactl set-sink-mute @DEFAULT_SINK@ 0 && notify-send 'Vol. down' #decrease sound volume
|
||||
bindsym XF86AudioMute exec pactl set-sink-mute @DEFAULT_SINK@ toggle && notify-send 'Mute sound' # mute sound
|
||||
# Media player controls
|
||||
bindsym XF86AudioPlay exec "playerctl play-pause; notify-send 'Play/Pause'"
|
||||
bindsym XF86AudioNext exec "playerctl next; notify-send 'Next'"
|
||||
bindsym XF86AudioPrev exec "playerctl previous; notify-send 'Prev.'"
|
9
hosts/biolimo/.config/sway/config.d/input-defaults.conf
Normal file
9
hosts/biolimo/.config/sway/config.d/input-defaults.conf
Normal file
|
@ -0,0 +1,9 @@
|
|||
input "1739:0:Synaptics_TM3288-011" {
|
||||
dwt enabled
|
||||
tap enabled
|
||||
middle_emulation enabled
|
||||
}
|
||||
input * {
|
||||
xkb_layout us(intl),de
|
||||
xkb_options ctrl:nocaps
|
||||
}
|
21
hosts/biolimo/.config/sway/config.d/screens.conf
Normal file
21
hosts/biolimo/.config/sway/config.d/screens.conf
Normal file
|
@ -0,0 +1,21 @@
|
|||
set $internal eDP-1
|
||||
set $middle "Hewlett Packard HP E231 3CQ4290S5J"
|
||||
set $standup "Hewlett Packard HP E231 3CQ4251F33"
|
||||
|
||||
output $internal {
|
||||
scale 1.3
|
||||
pos 0 500
|
||||
}
|
||||
|
||||
output $middle {
|
||||
scale 1
|
||||
|
||||
# 1969 is the 1.3 scaled width of the internal monitor
|
||||
pos 1969 0
|
||||
}
|
||||
|
||||
output $standup {
|
||||
scale 1
|
||||
transform 270
|
||||
pos 3889 0
|
||||
}
|
1
hosts/biolimo/.gitattributes
vendored
Normal file
1
hosts/biolimo/.gitattributes
vendored
Normal file
|
@ -0,0 +1 @@
|
|||
secrets/** filter=git-crypt-4406E80E13CD656C diff=git-crypt-4406E80E13CD656C
|
28
hosts/biolimo/base.nix
Normal file
28
hosts/biolimo/base.nix
Normal file
|
@ -0,0 +1,28 @@
|
|||
{ config, pkgs, lib, ... }:
|
||||
with lib;
|
||||
let
|
||||
psCfg = config.pub-solar;
|
||||
xdg = config.home-manager.users."${psCfg.user.name}".xdg;
|
||||
in
|
||||
{
|
||||
imports = [
|
||||
./configuration.nix
|
||||
];
|
||||
|
||||
config = {
|
||||
pub-solar.x-os.keyfile = "/etc/nixos/hosts/biolimo/secrets/keyfile.bin";
|
||||
|
||||
hardware.cpu.intel.updateMicrocode = true;
|
||||
|
||||
networking.firewall.allowedTCPPorts = [
|
||||
5000
|
||||
];
|
||||
|
||||
home-manager.users."${psCfg.user.name}".xdg.configFile = mkIf psCfg.sway.enable {
|
||||
"sway/config.d/10-screens.conf".source = ./.config/sway/config.d/screens.conf;
|
||||
"sway/config.d/10-autostart.conf".source = ./.config/sway/config.d/autostart.conf;
|
||||
"sway/config.d/10-input-defaults.conf".source = ./.config/sway/config.d/input-defaults.conf;
|
||||
"sway/config.d/10-custom-keybindings.conf".source = ./.config/sway/config.d/custom-keybindings.conf;
|
||||
};
|
||||
};
|
||||
}
|
26
hosts/biolimo/biolimo.nix
Normal file
26
hosts/biolimo/biolimo.nix
Normal file
|
@ -0,0 +1,26 @@
|
|||
{ config, pkgs, lib, ... }:
|
||||
with lib;
|
||||
let
|
||||
psCfg = config.pub-solar;
|
||||
xdg = config.home-manager.users."${psCfg.user.name}".xdg;
|
||||
in
|
||||
{
|
||||
imports = [
|
||||
./configuration.nix
|
||||
];
|
||||
|
||||
config = {
|
||||
pub-solar.x-os.keyfile = "/etc/nixos/hosts/biolimo/secrets/keyfile.bin";
|
||||
|
||||
hardware.cpu.intel.updateMicrocode = true;
|
||||
|
||||
networking.firewall.allowedTCPPorts = [ 5000 ];
|
||||
|
||||
home-manager.users."${psCfg.user.name}".xdg.configFile = mkIf psCfg.sway.enable {
|
||||
"sway/config.d/10-screens.conf".source = ./.config/sway/config.d/screens.conf;
|
||||
"sway/config.d/10-autostart.conf".source = ./.config/sway/config.d/autostart.conf;
|
||||
"sway/config.d/10-input-defaults.conf".source = ./.config/sway/config.d/input-defaults.conf;
|
||||
"sway/config.d/10-custom-keybindings.conf".source = ./.config/sway/config.d/custom-keybindings.conf;
|
||||
};
|
||||
};
|
||||
}
|
26
hosts/biolimo/configuration.nix
Normal file
26
hosts/biolimo/configuration.nix
Normal file
|
@ -0,0 +1,26 @@
|
|||
# Edit this configuration file to define what should be installed on
|
||||
# your system. Help is available in the configuration.nix(5) man page
|
||||
# and in the NixOS manual (accessible by running ‘nixos-help’).
|
||||
|
||||
{ config, pkgs, ... }:
|
||||
|
||||
{
|
||||
imports =
|
||||
[
|
||||
# Include the results of the hardware scan.
|
||||
./hardware-configuration.nix
|
||||
];
|
||||
|
||||
# Use the systemd-boot EFI boot loader.
|
||||
boot.loader.systemd-boot.enable = true;
|
||||
boot.loader.efi.canTouchEfiVariables = true;
|
||||
|
||||
# This value determines the NixOS release from which the default
|
||||
# settings for stateful data, like file locations and database versions
|
||||
# on your system were taken. It‘s perfectly fine and recommended to leave
|
||||
# this value at the release version of the first install of this system.
|
||||
# Before changing this value read the documentation for this option
|
||||
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
|
||||
system.stateVersion = "20.09"; # Did you read the comment?
|
||||
}
|
||||
|
6
hosts/biolimo/default.nix
Normal file
6
hosts/biolimo/default.nix
Normal file
|
@ -0,0 +1,6 @@
|
|||
{ suites, ... }:
|
||||
{
|
||||
imports = [
|
||||
./biolimo.nix
|
||||
] ++ suites.biolimo;
|
||||
}
|
36
hosts/biolimo/hardware-configuration.nix
Normal file
36
hosts/biolimo/hardware-configuration.nix
Normal file
|
@ -0,0 +1,36 @@
|
|||
# Do not modify this file! It was generated by ‘nixos-generate-config’
|
||||
# and may be overwritten by future invocations. Please make changes
|
||||
# to /etc/nixos/configuration.nix instead.
|
||||
{ config, lib, pkgs, modulesPath, ... }:
|
||||
|
||||
{
|
||||
imports =
|
||||
[
|
||||
(modulesPath + "/installer/scan/not-detected.nix")
|
||||
];
|
||||
|
||||
boot.initrd.availableKernelModules = [ "xhci_pci" "nvme" "usbhid" "usb_storage" "sd_mod" ];
|
||||
boot.initrd.kernelModules = [ ];
|
||||
boot.kernelModules = [ "kvm-intel" ];
|
||||
boot.extraModulePackages = [ ];
|
||||
|
||||
fileSystems."/" =
|
||||
{
|
||||
device = "/dev/disk/by-uuid/abc3fe04-368e-46eb-8c7a-3a829bb2deab";
|
||||
fsType = "ext4";
|
||||
};
|
||||
|
||||
boot.initrd.luks.devices."cryptroot".device = "/dev/disk/by-uuid/aed21f8d-8e15-4f43-8710-460cb36d488b";
|
||||
|
||||
fileSystems."/boot/efi" =
|
||||
{
|
||||
device = "/dev/disk/by-uuid/3B67-0CAB";
|
||||
fsType = "vfat";
|
||||
};
|
||||
|
||||
swapDevices = [ ];
|
||||
|
||||
powerManagement.cpuFreqGovernor = lib.mkDefault "powersave";
|
||||
# high-resolution display
|
||||
hardware.video.hidpi.enable = lib.mkDefault true;
|
||||
}
|
BIN
hosts/biolimo/secrets/keyfile.bin
Normal file
BIN
hosts/biolimo/secrets/keyfile.bin
Normal file
Binary file not shown.
6
hosts/chocolatebar/.config/sway/config.d/autostart.conf
Normal file
6
hosts/chocolatebar/.config/sway/config.d/autostart.conf
Normal file
|
@ -0,0 +1,6 @@
|
|||
# Autostart applications
|
||||
#
|
||||
# Example:
|
||||
# exec swayidle
|
||||
|
||||
exec keepassxc
|
|
@ -0,0 +1,19 @@
|
|||
# Touchpad controls
|
||||
#bindsym XF86TouchpadToggle exec $HOME/Workspace/ben/toggletouchpad.sh # toggle touchpad
|
||||
|
||||
# Screen brightness controls
|
||||
bindsym XF86MonBrightnessUp exec "brightnessctl -d intel_backlight set +10%; notify-send $(brightnessctl -d intel_backlight i | awk '/Current/ {print $4}')"
|
||||
bindsym XF86MonBrightnessDown exec "brightnessctl -d intel_backlight set 10%-; notify-send $(brightnessctl -d intel_backlight i | awk '/Current/ { print $4}')"
|
||||
|
||||
# Keyboard backlight brightness controls
|
||||
bindsym XF86KbdBrightnessDown exec "brightnessctl -d smc::kbd_backlight set 10%-; notify-send $(brightnessctl -d smc::kbd_backlight i | awk '/Current/ { print $4}')"
|
||||
bindsym XF86KbdBrightnessUp exec "brightnessctl -d smc::kbd_backlight set +10%; notify-send $(brightnessctl -d smc::kbd_backlight i | awk '/Current/ { print $4}')"
|
||||
|
||||
# Pulse Audio controls
|
||||
bindsym XF86AudioRaiseVolume exec pactl set-sink-volume @DEFAULT_SINK@ +5%; exec pactl set-sink-mute @DEFAULT_SINK@ 0 && notify-send 'Vol. up' #increase sound volume
|
||||
bindsym XF86AudioLowerVolume exec pactl set-sink-volume @DEFAULT_SINK@ -5%; exec pactl set-sink-mute @DEFAULT_SINK@ 0 && notify-send 'Vol. down' #decrease sound volume
|
||||
bindsym XF86AudioMute exec pactl set-sink-mute @DEFAULT_SINK@ toggle && notify-send 'Mute sound' # mute sound
|
||||
# Media player controls
|
||||
bindsym XF86AudioPlay exec "playerctl play-pause; notify-send 'Play/Pause'"
|
||||
bindsym XF86AudioNext exec "playerctl next; notify-send 'Next'"
|
||||
bindsym XF86AudioPrev exec "playerctl previous; notify-send 'Prev.'"
|
|
@ -0,0 +1,9 @@
|
|||
input "1739:0:Synaptics_TM3288-011" {
|
||||
dwt enabled
|
||||
tap enabled
|
||||
middle_emulation enabled
|
||||
}
|
||||
input * {
|
||||
xkb_layout us(intl),de
|
||||
xkb_options ctrl:nocaps
|
||||
}
|
21
hosts/chocolatebar/.config/sway/config.d/screens.conf
Normal file
21
hosts/chocolatebar/.config/sway/config.d/screens.conf
Normal file
|
@ -0,0 +1,21 @@
|
|||
set $internal eDP-1
|
||||
set $middle DP-4
|
||||
set $standup DP-5
|
||||
|
||||
output $internal {
|
||||
scale 1.3
|
||||
pos 0 500
|
||||
}
|
||||
|
||||
output $middle {
|
||||
scale 1
|
||||
|
||||
# 1969 is the 1.3 scaled width of the internal monitor
|
||||
pos 1969 0
|
||||
}
|
||||
|
||||
output $standup {
|
||||
scale 1
|
||||
transform 270
|
||||
pos 3889 0
|
||||
}
|
1
hosts/chocolatebar/.gitattributes
vendored
Normal file
1
hosts/chocolatebar/.gitattributes
vendored
Normal file
|
@ -0,0 +1 @@
|
|||
secrets/** filter=git-crypt-4406E80E13CD656C diff=git-crypt-4406E80E13CD656C
|
31
hosts/chocolatebar/base.nix
Normal file
31
hosts/chocolatebar/base.nix
Normal file
|
@ -0,0 +1,31 @@
|
|||
{ config, pkgs, lib, ... }:
|
||||
with lib;
|
||||
let
|
||||
psCfg = config.pub-solar;
|
||||
xdg = config.home-manager.users."${psCfg.user.name}".xdg;
|
||||
in
|
||||
{
|
||||
imports = [
|
||||
./configuration.nix
|
||||
./virtualisation
|
||||
];
|
||||
|
||||
config = {
|
||||
pub-solar.x-os.keyfile = "/etc/nixos/hosts/chocolatebar/secrets/keyfile.bin";
|
||||
|
||||
pub-solar.virtualisation.isolateGPU = "rx550x";
|
||||
|
||||
hardware.cpu.amd.updateMicrocode = true;
|
||||
|
||||
hardware.opengl.extraPackages = with pkgs; [
|
||||
rocm-opencl-icd
|
||||
rocm-opencl-runtime
|
||||
];
|
||||
|
||||
home-manager.users."${psCfg.user.name}".xdg.configFile = mkIf psCfg.sway.enable {
|
||||
"sway/config.d/10-autostart.conf".source = ./.config/sway/config.d/autostart.conf;
|
||||
"sway/config.d/10-input-defaults.conf".source = ./.config/sway/config.d/input-defaults.conf;
|
||||
"sway/config.d/10-screens.conf".source = ./.config/sway/config.d/screens.conf;
|
||||
};
|
||||
};
|
||||
}
|
31
hosts/chocolatebar/chocolatebar.nix
Normal file
31
hosts/chocolatebar/chocolatebar.nix
Normal file
|
@ -0,0 +1,31 @@
|
|||
{ config, pkgs, lib, ... }:
|
||||
with lib;
|
||||
let
|
||||
psCfg = config.pub-solar;
|
||||
xdg = config.home-manager.users."${psCfg.user.name}".xdg;
|
||||
in
|
||||
{
|
||||
imports = [
|
||||
./configuration.nix
|
||||
./virtualisation
|
||||
];
|
||||
|
||||
config = {
|
||||
pub-solar.x-os.keyfile = "/etc/nixos/hosts/chocolatebar/secrets/keyfile.bin";
|
||||
|
||||
pub-solar.virtualisation.isolateGPU = "rx550x";
|
||||
|
||||
hardware.cpu.amd.updateMicrocode = true;
|
||||
|
||||
hardware.opengl.extraPackages = with pkgs; [
|
||||
rocm-opencl-icd
|
||||
rocm-opencl-runtime
|
||||
];
|
||||
|
||||
home-manager.users."${psCfg.user.name}".xdg.configFile = mkIf psCfg.sway.enable {
|
||||
"sway/config.d/10-autostart.conf".source = ./.config/sway/config.d/autostart.conf;
|
||||
"sway/config.d/10-input-defaults.conf".source = ./.config/sway/config.d/input-defaults.conf;
|
||||
"sway/config.d/10-screens.conf".source = ./.config/sway/config.d/screens.conf;
|
||||
};
|
||||
};
|
||||
}
|
25
hosts/chocolatebar/configuration.nix
Normal file
25
hosts/chocolatebar/configuration.nix
Normal file
|
@ -0,0 +1,25 @@
|
|||
# Edit this configuration file to define what should be installed on
|
||||
# your system. Help is available in the configuration.nix(5) man page
|
||||
# and in the NixOS manual (accessible by running ‘nixos-help’).
|
||||
|
||||
{ config, pkgs, ... }:
|
||||
|
||||
{
|
||||
imports =
|
||||
[
|
||||
# Include the results of the hardware scan.
|
||||
./hardware-configuration.nix
|
||||
];
|
||||
|
||||
# Use the systemd-boot EFI boot loader.
|
||||
boot.loader.systemd-boot.enable = true;
|
||||
boot.loader.efi.canTouchEfiVariables = true;
|
||||
|
||||
# This value determines the NixOS release from which the default
|
||||
# settings for stateful data, like file locations and database versions
|
||||
# on your system were taken. It‘s perfectly fine and recommended to leave
|
||||
# this value at the release version of the first install of this system.
|
||||
# Before changing this value read the documentation for this option
|
||||
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
|
||||
system.stateVersion = "20.09"; # Did you read the comment?
|
||||
}
|
6
hosts/chocolatebar/default.nix
Normal file
6
hosts/chocolatebar/default.nix
Normal file
|
@ -0,0 +1,6 @@
|
|||
{ suites, ... }:
|
||||
{
|
||||
imports = [
|
||||
./chocolatebar.nix
|
||||
] ++ suites.chocolatebar;
|
||||
}
|
33
hosts/chocolatebar/hardware-configuration.nix
Normal file
33
hosts/chocolatebar/hardware-configuration.nix
Normal file
|
@ -0,0 +1,33 @@
|
|||
# Do not modify this file! It was generated by ‘nixos-generate-config’
|
||||
# and may be overwritten by future invocations. Please make changes
|
||||
# to /etc/nixos/configuration.nix instead.
|
||||
{ config, lib, pkgs, modulesPath, ... }:
|
||||
|
||||
{
|
||||
imports =
|
||||
[
|
||||
(modulesPath + "/installer/scan/not-detected.nix")
|
||||
];
|
||||
|
||||
boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" "ahci" "usbcore" "usbhid" "sd_mod" ];
|
||||
boot.initrd.kernelModules = [ "dm-snapshot" ];
|
||||
boot.kernelModules = [ "kvm-amd" ];
|
||||
boot.extraModulePackages = [ ];
|
||||
|
||||
fileSystems."/" =
|
||||
{
|
||||
device = "/dev/disk/by-uuid/a3a74208-b244-4268-b374-e58265810fce";
|
||||
fsType = "ext4";
|
||||
};
|
||||
|
||||
boot.initrd.luks.devices."cryptroot".device = "/dev/disk/by-uuid/afcde41f-9811-4ac8-bb7b-a683844acc5c";
|
||||
|
||||
fileSystems."/boot/efi" =
|
||||
{
|
||||
device = "/dev/disk/by-uuid/12FD-62A8";
|
||||
fsType = "vfat";
|
||||
};
|
||||
|
||||
swapDevices = [ ];
|
||||
|
||||
}
|
BIN
hosts/chocolatebar/secrets/.gitkeep
Normal file
BIN
hosts/chocolatebar/secrets/.gitkeep
Normal file
Binary file not shown.
BIN
hosts/chocolatebar/secrets/crypto_keyfile.bin
Normal file
BIN
hosts/chocolatebar/secrets/crypto_keyfile.bin
Normal file
Binary file not shown.
BIN
hosts/chocolatebar/secrets/hdd_keyfile.bin
Normal file
BIN
hosts/chocolatebar/secrets/hdd_keyfile.bin
Normal file
Binary file not shown.
BIN
hosts/chocolatebar/secrets/keyfile.bin
Normal file
BIN
hosts/chocolatebar/secrets/keyfile.bin
Normal file
Binary file not shown.
78
hosts/chocolatebar/virtualisation/create-service.nix
Normal file
78
hosts/chocolatebar/virtualisation/create-service.nix
Normal file
|
@ -0,0 +1,78 @@
|
|||
{ config, pkgs, lib, vm, ... }:
|
||||
let
|
||||
psCfg = config.pub-solar;
|
||||
xdg = config.home-manager.users."${psCfg.user.name}".xdg;
|
||||
varsFile = "${xdg.dataHome}/libvirt/OVMF_VARS_${vm.name}.fd";
|
||||
generateXML = import ./generate-xml.nix;
|
||||
in
|
||||
{
|
||||
serviceConfig = {
|
||||
Type = "oneshot";
|
||||
RemainAfterExit = "yes";
|
||||
Restart = "no";
|
||||
};
|
||||
|
||||
script =
|
||||
let
|
||||
networkXML = pkgs.writeText "network.xml" (import ./network-xml.nix { inherit config; inherit pkgs; inherit lib; });
|
||||
machineXML = pkgs.writeText "${vm.name}.xml" (generateXML { inherit config; inherit pkgs; inherit lib; inherit vm; varsFile = varsFile; });
|
||||
in
|
||||
''
|
||||
echo "Checking if ${vm.name} is already running"
|
||||
STATUS=$(${pkgs.libvirt}/bin/virsh list --all | grep "${vm.name}" | ${pkgs.gawk}/bin/awk '{ print $3 " " $4 }' )
|
||||
if [[ $STATUS != "shut off" && $STATUS != "" ]]; then
|
||||
echo "Domain ${vm.name} is already running or in an inconsistent state:"
|
||||
${pkgs.libvirt}/bin/virsh list --all
|
||||
exit 0
|
||||
fi
|
||||
|
||||
NET_TMP_FILE="/tmp/network.xml"
|
||||
|
||||
NETUUID="$(${pkgs.libvirt}/bin/virsh net-uuid 'default' || true)"
|
||||
(sed "s/UUID/$NETUUID/" '${networkXML}') > $NET_TMP_FILE
|
||||
|
||||
${pkgs.libvirt}/bin/virsh net-define $NET_TMP_FILE
|
||||
${pkgs.libvirt}/bin/virsh net-start 'default' || true
|
||||
|
||||
VARS_FILE=${varsFile}
|
||||
if [ ! -f "$VARS_FILE" ]; then
|
||||
cp /run/libvirt/nix-ovmf/OVMF_VARS.fd $VARS_FILE
|
||||
fi
|
||||
|
||||
TMP_FILE="/tmp/${vm.name}.xml"
|
||||
|
||||
UUID="$(${pkgs.libvirt}/bin/virsh domuuid '${vm.name}' || true)"
|
||||
(sed "s/UUID/$UUID/" '${machineXML}') > $TMP_FILE
|
||||
|
||||
USB_DEV=$(${pkgs.usbutils}/bin/lsusb | grep 046d:c52b | grep 'Bus 001' | cut -b 18)
|
||||
LINE_NUMBER=$(cat $TMP_FILE | grep -n -A 1 0xc52b | tail -n 1 | cut -b 1,2,3)
|
||||
sed -i "''${LINE_NUMBER}s/\(.\{33\}\)./\1''${USB_DEV}/" $TMP_FILE
|
||||
|
||||
USB_BUS=$(${pkgs.usbutils}/bin/lsusb | grep 046d:c328 | cut -b 7)
|
||||
USB_DEV=$(${pkgs.usbutils}/bin/lsusb | grep 046d:c328 | cut -b 18)
|
||||
LINE_NUMBER=$(cat $TMP_FILE | grep -n -A 1 0xc328 | tail -n 1 | cut -b 1,2,3)
|
||||
sed -i "''${LINE_NUMBER}s/.*/<address bus=\"''${USB_BUS}\" device=\"''${USB_DEV}\" \/>/" $TMP_FILE
|
||||
|
||||
# TODO: Set correct pci address too
|
||||
|
||||
${pkgs.libvirt}/bin/virsh define $TMP_FILE
|
||||
${pkgs.libvirt}/bin/virsh start '${vm.name}'
|
||||
'';
|
||||
|
||||
preStop =
|
||||
''
|
||||
${pkgs.libvirt}/bin/virsh shutdown '${vm.name}'
|
||||
let "timeout = $(date +%s) + 10"
|
||||
while [ "$(${pkgs.libvirt}/bin/virsh list --name | grep --count '^${vm.name}$')" -gt 0 ]; do
|
||||
if [ "$(date +%s)" -ge "$timeout" ]; then
|
||||
# Meh, we warned it...
|
||||
${pkgs.libvirt}/bin/virsh destroy '${vm.name}'
|
||||
else
|
||||
# The machine is still running, let's give it some time to shut down
|
||||
sleep 0.5
|
||||
fi
|
||||
done
|
||||
|
||||
${pkgs.libvirt}/bin/virsh net-destroy 'default' || true
|
||||
'';
|
||||
}
|
52
hosts/chocolatebar/virtualisation/default.nix
Normal file
52
hosts/chocolatebar/virtualisation/default.nix
Normal file
|
@ -0,0 +1,52 @@
|
|||
{ config, pkgs, lib, ... }:
|
||||
with lib;
|
||||
let
|
||||
psCfg = config.pub-solar;
|
||||
xdg = config.home-manager.users."${psCfg.user.name}".xdg;
|
||||
createService = import ./create-service.nix;
|
||||
isolateAnyGPU = psCfg.virtualisation.isolateGPU != null;
|
||||
in
|
||||
{
|
||||
options.pub-solar.virtualisation.isolateGPU = mkOption {
|
||||
description = "Which GPU to isolate for virtualisation guests";
|
||||
type = with types; nullOr (enum [ "rx5700xt" "rx550x" ]);
|
||||
default = null;
|
||||
};
|
||||
|
||||
config = mkIf psCfg.virtualisation.enable {
|
||||
boot.extraModprobeConfig = mkIf isolateAnyGPU (concatStringsSep "\n" [
|
||||
"softdep amdgpu pre: vfio vfio_pci"
|
||||
(if psCfg.virtualisation.isolateGPU == "rx5700xt"
|
||||
then "options vfio-pci ids=1002:731f,1002:ab38"
|
||||
else "options vfio-pci ids=1002:699f,1002:aae0"
|
||||
)
|
||||
]);
|
||||
|
||||
systemd.user.services = {
|
||||
vm-windows = createService {
|
||||
inherit config;
|
||||
inherit pkgs;
|
||||
inherit lib;
|
||||
vm = {
|
||||
name = "windows";
|
||||
disk = "/dev/disk/by-id/ata-SanDisk_SDSSDA240G_162402455603";
|
||||
id = "http://microsoft.com/win/10";
|
||||
gpu = true;
|
||||
mountHome = false;
|
||||
};
|
||||
};
|
||||
vm-manjaro = createService {
|
||||
inherit config;
|
||||
inherit pkgs;
|
||||
inherit lib;
|
||||
vm = {
|
||||
name = "manjaro";
|
||||
disk = "/dev/disk/by-id/ata-KINGSTON_SM2280S3G2240G_50026B726B0265CE";
|
||||
id = "https://manjaro.org/download/#i3";
|
||||
gpu = true;
|
||||
mountHome = true;
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
}
|
242
hosts/chocolatebar/virtualisation/generate-xml.nix
Normal file
242
hosts/chocolatebar/virtualisation/generate-xml.nix
Normal file
|
@ -0,0 +1,242 @@
|
|||
{ config, pkgs, lib, vm, varsFile, ... }:
|
||||
let
|
||||
psCfg = config.pub-solar;
|
||||
xdg = config.home-manager.users."${psCfg.user.name}".xdg;
|
||||
home = config.home-manager.users."${psCfg.user.name}".home;
|
||||
in
|
||||
''
|
||||
<domain type='kvm'>
|
||||
<name>${vm.name}</name>
|
||||
<uuid>UUID</uuid>
|
||||
<metadata>
|
||||
<libosinfo:libosinfo xmlns:libosinfo="http://libosinfo.org/xmlns/libvirt/domain/1.0">
|
||||
<libosinfo:os id="${vm.id}"/>
|
||||
</libosinfo:libosinfo>
|
||||
</metadata>
|
||||
<memory unit='KiB'>33554432</memory>
|
||||
<currentMemory unit='KiB'>33554432</currentMemory>
|
||||
<vcpu placement='static'>12</vcpu>
|
||||
<cputune>
|
||||
<vcpupin vcpu='0' cpuset='6'/>
|
||||
<vcpupin vcpu='1' cpuset='7'/>
|
||||
<vcpupin vcpu='2' cpuset='8'/>
|
||||
<vcpupin vcpu='3' cpuset='9'/>
|
||||
<vcpupin vcpu='4' cpuset='10'/>
|
||||
<vcpupin vcpu='5' cpuset='11'/>
|
||||
<vcpupin vcpu='6' cpuset='18'/>
|
||||
<vcpupin vcpu='7' cpuset='19'/>
|
||||
<vcpupin vcpu='8' cpuset='20'/>
|
||||
<vcpupin vcpu='9' cpuset='21'/>
|
||||
<vcpupin vcpu='10' cpuset='22'/>
|
||||
<vcpupin vcpu='11' cpuset='23'/>
|
||||
</cputune>
|
||||
<resource>
|
||||
<partition>/machine</partition>
|
||||
</resource>
|
||||
<os>
|
||||
<type arch='x86_64' machine='pc-q35-4.2'>hvm</type>
|
||||
<loader readonly='yes' type='pflash'>/run/libvirt/nix-ovmf/OVMF_CODE.fd</loader>
|
||||
<nvram>${varsFile}</nvram>
|
||||
<boot dev='hd'/>
|
||||
</os>
|
||||
<features>
|
||||
<acpi/>
|
||||
<apic/>
|
||||
<hyperv>
|
||||
<relaxed state='on'/>
|
||||
<vapic state='on'/>
|
||||
<spinlocks state='on' retries='8191'/>
|
||||
<vendor_id state='on' value='wahtever'/>
|
||||
</hyperv>
|
||||
<kvm>
|
||||
<hidden state='on'/>
|
||||
</kvm>
|
||||
<vmport state='off'/>
|
||||
</features>
|
||||
<cpu mode='custom' match='exact' check='full'>
|
||||
<model fallback='forbid'>EPYC-IBPB</model>
|
||||
<vendor>AMD</vendor>
|
||||
<topology sockets='1' dies='1' cores='6' threads='2'/>
|
||||
<feature policy='require' name='x2apic'/>
|
||||
<feature policy='require' name='tsc-deadline'/>
|
||||
<feature policy='require' name='hypervisor'/>
|
||||
<feature policy='require' name='tsc_adjust'/>
|
||||
<feature policy='require' name='clwb'/>
|
||||
<feature policy='require' name='umip'/>
|
||||
<feature policy='require' name='stibp'/>
|
||||
<feature policy='require' name='arch-capabilities'/>
|
||||
<feature policy='require' name='ssbd'/>
|
||||
<feature policy='require' name='xsaves'/>
|
||||
<feature policy='require' name='cmp_legacy'/>
|
||||
<feature policy='require' name='perfctr_core'/>
|
||||
<feature policy='require' name='clzero'/>
|
||||
<feature policy='require' name='wbnoinvd'/>
|
||||
<feature policy='require' name='amd-ssbd'/>
|
||||
<feature policy='require' name='virt-ssbd'/>
|
||||
<feature policy='require' name='rdctl-no'/>
|
||||
<feature policy='require' name='skip-l1dfl-vmentry'/>
|
||||
<feature policy='require' name='mds-no'/>
|
||||
<feature policy='require' name='pschange-mc-no'/>
|
||||
<feature policy='disable' name='monitor'/>
|
||||
<feature policy='disable' name='svm'/>
|
||||
<feature policy='require' name='topoext'/>
|
||||
</cpu>
|
||||
<clock offset='utc'>
|
||||
<timer name='rtc' tickpolicy='catchup'/>
|
||||
<timer name='pit' tickpolicy='delay'/>
|
||||
<timer name='hpet' present='no'/>
|
||||
</clock>
|
||||
<on_poweroff>destroy</on_poweroff>
|
||||
<on_reboot>restart</on_reboot>
|
||||
<on_crash>destroy</on_crash>
|
||||
<pm>
|
||||
<suspend-to-mem enabled='no'/>
|
||||
<suspend-to-disk enabled='no'/>
|
||||
</pm>
|
||||
<devices>
|
||||
<emulator>${pkgs.qemu}/bin/qemu-system-x86_64</emulator>
|
||||
<disk type='block' device='disk'>
|
||||
<driver name='qemu' type='raw'/>
|
||||
<source dev='${vm.disk}'/>
|
||||
<backingStore/>
|
||||
<target dev='vdb' bus='virtio'/>
|
||||
<address type='pci' domain='0x0000' bus='0x04' slot='0x00' function='0x0'/>
|
||||
</disk>
|
||||
<controller type='usb' index='0' model='qemu-xhci' ports='15'>
|
||||
<address type='pci' domain='0x0000' bus='0x02' slot='0x00' function='0x0'/>
|
||||
</controller>
|
||||
<controller type='sata' index='0'>
|
||||
<address type='pci' domain='0x0000' bus='0x00' slot='0x1f' function='0x2'/>
|
||||
</controller>
|
||||
<controller type='pci' index='0' model='pcie-root'/>
|
||||
<controller type='pci' index='1' model='pcie-root-port'>
|
||||
<model name='pcie-root-port'/>
|
||||
<target chassis='1' port='0x10'/>
|
||||
<address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x0' multifunction='on'/>
|
||||
</controller>
|
||||
<controller type='pci' index='2' model='pcie-root-port'>
|
||||
<model name='pcie-root-port'/>
|
||||
<target chassis='2' port='0x11'/>
|
||||
<address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x1'/>
|
||||
</controller>
|
||||
<controller type='pci' index='3' model='pcie-root-port'>
|
||||
<model name='pcie-root-port'/>
|
||||
<target chassis='3' port='0x12'/>
|
||||
<address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x2'/>
|
||||
</controller>
|
||||
<controller type='pci' index='4' model='pcie-root-port'>
|
||||
<model name='pcie-root-port'/>
|
||||
<target chassis='4' port='0x13'/>
|
||||
<address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x3'/>
|
||||
</controller>
|
||||
<controller type='pci' index='5' model='pcie-root-port'>
|
||||
<model name='pcie-root-port'/>
|
||||
<target chassis='5' port='0x14'/>
|
||||
<address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x4'/>
|
||||
</controller>
|
||||
<controller type='pci' index='6' model='pcie-root-port'>
|
||||
<model name='pcie-root-port'/>
|
||||
<target chassis='6' port='0x15'/>
|
||||
<address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x5'/>
|
||||
</controller>
|
||||
<controller type='pci' index='7' model='pcie-root-port'>
|
||||
<model name='pcie-root-port'/>
|
||||
<target chassis='7' port='0x16'/>
|
||||
<address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x6'/>
|
||||
</controller>
|
||||
<controller type='pci' index='8' model='pcie-to-pci-bridge'>
|
||||
<model name='pcie-pci-bridge'/>
|
||||
<address type='pci' domain='0x0000' bus='0x01' slot='0x00' function='0x0'/>
|
||||
</controller>
|
||||
<controller type='pci' index='9' model='pcie-root-port'>
|
||||
<model name='pcie-root-port'/>
|
||||
<target chassis='9' port='0x17'/>
|
||||
<address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x7'/>
|
||||
</controller>
|
||||
<controller type='virtio-serial' index='0'>
|
||||
<address type='pci' domain='0x0000' bus='0x03' slot='0x00' function='0x0'/>
|
||||
</controller>
|
||||
${if vm.mountHome then ''
|
||||
<filesystem type='mount' accessmode='mapped'>
|
||||
<source dir='/home/${psCfg.user.name}'/>
|
||||
<target dir='/media/home'/>
|
||||
<address type='pci' domain='0x0000' bus='0x07' slot='0x00' function='0x0'/>
|
||||
</filesystem>
|
||||
'' else ""}
|
||||
<interface type='network'>
|
||||
<mac address='52:54:00:44:cd:ac'/>
|
||||
<source network='default'/>
|
||||
<model type='rtl8139'/>
|
||||
<address type='pci' domain='0x0000' bus='0x08' slot='0x01' function='0x0'/>
|
||||
</interface>
|
||||
<serial type='pty'>
|
||||
<target type='isa-serial' port='0'>
|
||||
<model name='isa-serial'/>
|
||||
</target>
|
||||
</serial>
|
||||
<console type='pty'>
|
||||
<target type='serial' port='0'/>
|
||||
</console>
|
||||
<input type='tablet' bus='usb'>
|
||||
<address type='usb' bus='0' port='1'/>
|
||||
</input>
|
||||
<input type='mouse' bus='ps2'/>
|
||||
<input type='keyboard' bus='ps2'/>
|
||||
<graphics type='spice' autoport='yes' listen='127.0.0.1'>
|
||||
<listen type='address' address='127.0.0.1'/>
|
||||
<image compression='off'/>
|
||||
</graphics>
|
||||
<video>
|
||||
<model type='cirrus' vram='16384' heads='1' primary='yes'/>
|
||||
<address type='pci' domain='0x0000' bus='0x00' slot='0x01' function='0x0'/>
|
||||
</video>
|
||||
<hostdev mode='subsystem' type='usb' managed='yes'>
|
||||
<source>
|
||||
<vendor id='0x046d'/>
|
||||
<product id='0xc328'/>
|
||||
<address bus='1' device='2'/>
|
||||
</source>
|
||||
<address type='usb' bus='0' port='4'/>
|
||||
</hostdev>
|
||||
<hostdev mode='subsystem' type='usb' managed='yes'>
|
||||
<source>
|
||||
<vendor id='0x046d'/>
|
||||
<product id='0xc52b'/>
|
||||
<address bus='1' device='4'/>
|
||||
</source>
|
||||
<address type='usb' bus='0' port='5'/>
|
||||
</hostdev>
|
||||
${if vm.gpu && psCfg.virtualisation.isolateGPU != null then ''
|
||||
<hostdev mode='subsystem' type='pci' managed='yes'>
|
||||
<driver name='vfio'/>
|
||||
<source>
|
||||
<address domain='0x0000' bus='0x0b' slot='0x00' function='0x0'/>
|
||||
</source>
|
||||
<rom bar='on' file='/etc/nixos/owners/b12f/devices/chocolatebar/virtualisation/${psCfg.virtualisation.isolateGPU}.rom'/>
|
||||
<address type='pci' domain='0x0000' bus='0x06' slot='0x00' function='0x0' multifunction='on'/>
|
||||
</hostdev>
|
||||
<hostdev mode='subsystem' type='pci' managed='yes'>
|
||||
<driver name='vfio'/>
|
||||
<source>
|
||||
<address domain='0x0000' bus='0x0b' slot='0x00' function='0x1'/>
|
||||
</source>
|
||||
<address type='pci' domain='0x0000' bus='0x06' slot='0x00' function='0x1'/>
|
||||
</hostdev>
|
||||
'' else ""}
|
||||
<redirdev bus='usb' type='spicevmc'>
|
||||
<address type='usb' bus='0' port='2'/>
|
||||
</redirdev>
|
||||
<redirdev bus='usb' type='spicevmc'>
|
||||
<address type='usb' bus='0' port='3'/>
|
||||
</redirdev>
|
||||
<memballoon model='virtio'>
|
||||
<address type='pci' domain='0x0000' bus='0x05' slot='0x00' function='0x0'/>
|
||||
</memballoon>
|
||||
<shmem name='scream-ivshmem'>
|
||||
<model type='ivshmem-plain'/>
|
||||
<size unit='M'>2</size>
|
||||
<address type='pci' domain='0x0000' bus='0x08' slot='0x02' function='0x0'/>
|
||||
</shmem>
|
||||
</devices>
|
||||
</domain>
|
||||
''
|
19
hosts/chocolatebar/virtualisation/network-xml.nix
Normal file
19
hosts/chocolatebar/virtualisation/network-xml.nix
Normal file
|
@ -0,0 +1,19 @@
|
|||
{ config, pkgs, lib, ... }:
|
||||
''
|
||||
<network>
|
||||
<name>default</name>
|
||||
<uuid>UUID</uuid>
|
||||
<forward mode='nat'>
|
||||
<nat>
|
||||
<port start='1024' end='65535'/>
|
||||
</nat>
|
||||
</forward>
|
||||
<bridge name='virbr0' stp='on' delay='0'/>
|
||||
<mac address='52:54:00:bd:a0:73'/>
|
||||
<ip address='192.168.122.1' netmask='255.255.255.0'>
|
||||
<dhcp>
|
||||
<range start='192.168.122.2' end='192.168.122.254'/>
|
||||
</dhcp>
|
||||
</ip>
|
||||
</network>
|
||||
''
|
BIN
hosts/chocolatebar/virtualisation/rx550x.rom
Normal file
BIN
hosts/chocolatebar/virtualisation/rx550x.rom
Normal file
Binary file not shown.
BIN
hosts/chocolatebar/virtualisation/rx5700xt.rom
Normal file
BIN
hosts/chocolatebar/virtualisation/rx5700xt.rom
Normal file
Binary file not shown.
|
@ -18,6 +18,7 @@ in
|
|||
restic
|
||||
shellcheck
|
||||
terraform_0_15
|
||||
tea
|
||||
];
|
||||
};
|
||||
};
|
||||
|
|
|
@ -39,6 +39,15 @@ let
|
|||
sha256 = "QPTCl6KaGcAjTS5yVDov9yxmv0fDaFoPLMsrtVIG6GQ=";
|
||||
};
|
||||
};
|
||||
vim-mdx-js = pkgs.vimUtils.buildVimPlugin {
|
||||
name = "vim-mdx-js";
|
||||
src = pkgs.fetchFromGitHub {
|
||||
owner = "jxnblk";
|
||||
repo = "vim-mdx-js";
|
||||
rev = "17179d7f2a73172af5f9a8d65b01a3acf12ddd50";
|
||||
sha256 = "wfYCvw9JVGG8p8PQhRPT6CeGGf2OVz9SR2KQM0LjQhY=";
|
||||
};
|
||||
};
|
||||
in
|
||||
{
|
||||
enable = true;
|
||||
|
@ -137,5 +146,6 @@ in
|
|||
vim-ruby
|
||||
vim-toml
|
||||
vim-nix
|
||||
vim-mdx-js
|
||||
];
|
||||
}
|
||||
|
|
|
@ -8,6 +8,7 @@ channels: final: prev: {
|
|||
discord
|
||||
element-desktop-wayland
|
||||
rage
|
||||
docker-compose
|
||||
neovim-unwrapped
|
||||
nixpkgs-fmt
|
||||
qutebrowser
|
||||
|
|
|
@ -7,18 +7,14 @@ in
|
|||
./home.nix
|
||||
];
|
||||
|
||||
users = {
|
||||
mutableUsers = false;
|
||||
|
||||
users = with pkgs; pkgs.lib.setAttrByPath [ psCfg.user.name ] {
|
||||
# Indicates whether this is an account for a “real” user.
|
||||
# This automatically sets group to users, createHome to true,
|
||||
# home to /home/username, useDefaultShell to true, and isSystemUser to false.
|
||||
isNormalUser = true;
|
||||
description = "";
|
||||
extraGroups = [ "wheel" "docker" "input" "audio" "networkmanager" "lp" "scanner" ];
|
||||
initialHashedPassword = if psCfg.user.password != null then psCfg.user.password else "";
|
||||
shell = pkgs.zsh;
|
||||
};
|
||||
users.users = with pkgs; pkgs.lib.setAttrByPath [ psCfg.user.name ] {
|
||||
# Indicates whether this is an account for a “real” user.
|
||||
# This automatically sets group to users, createHome to true,
|
||||
# home to /home/username, useDefaultShell to true, and isSystemUser to false.
|
||||
isNormalUser = true;
|
||||
description = "The main PubSolarOS user";
|
||||
extraGroups = [ "wheel" "docker" "input" "audio" "networkmanager" "lp" "scanner" ];
|
||||
initialHashedPassword = if psCfg.user.password != null then psCfg.user.password else "";
|
||||
shell = pkgs.zsh;
|
||||
};
|
||||
}
|
||||
|
|
|
@ -9,7 +9,7 @@ in
|
|||
./session-variables.nix
|
||||
];
|
||||
|
||||
home-manager = pkgs.lib.setAttrByPath [ "users" psCfg.user.name ] {
|
||||
home-manager.users = pkgs.lib.setAttrByPath [ psCfg.user.name ] {
|
||||
# Let Home Manager install and manage itself.
|
||||
programs.home-manager.enable = true;
|
||||
|
||||
|
|
|
@ -3,7 +3,4 @@ let inherit (lib) fileContents;
|
|||
in
|
||||
{
|
||||
pub-solar.gaming.enable = true;
|
||||
pub-solar.docker.enable = true;
|
||||
pub-solar.docker.enable = true;
|
||||
pub-solar.docker.enable = true;
|
||||
};
|
||||
}
|
||||
|
|
6
profiles/virtualisation/default.nix
Normal file
6
profiles/virtualisation/default.nix
Normal file
|
@ -0,0 +1,6 @@
|
|||
{ self, config, lib, pkgs, ... }:
|
||||
let inherit (lib) fileContents;
|
||||
in
|
||||
{
|
||||
pub-solar.virtualisation.enable = true;
|
||||
}
|
31
users/ben/.config/msmtp/config
Normal file
31
users/ben/.config/msmtp/config
Normal file
|
@ -0,0 +1,31 @@
|
|||
account hello@benjaminbaedorf.eu
|
||||
host mail.hosting.de
|
||||
port 587
|
||||
protocol smtp
|
||||
auth on
|
||||
from hello@benjaminbaedorf.eu
|
||||
user hello@benjaminbaedorf.eu
|
||||
tls on
|
||||
tls_trust_file /etc/ssl/certs/ca-certificates.crt
|
||||
|
||||
account benjamin.baedorf@rwth-aachen.de
|
||||
host mail.rwth-aachen.de
|
||||
port 587
|
||||
protocol smtp
|
||||
auth on
|
||||
from benjamin.baedorf@rwth-aachen.de
|
||||
user bb564306@rwth-aachen.de
|
||||
tls on
|
||||
tls_trust_file /etc/ssl/certs/ca-certificates.crt
|
||||
|
||||
account b.baedorf@openproject.com
|
||||
host smtp.mailbox.org
|
||||
port 465
|
||||
protocol smtp
|
||||
auth on
|
||||
from b.baedorf@openproject.com
|
||||
user b.baedorf@openproject.com
|
||||
tls on
|
||||
tls_trust_file /etc/ssl/certs/ca-certificates.crt
|
||||
|
||||
account default : hello@benjaminbaedorf.eu
|
24
users/ben/.config/mutt/b.baedorf@openproject.com.muttrc
Normal file
24
users/ben/.config/mutt/b.baedorf@openproject.com.muttrc
Normal file
|
@ -0,0 +1,24 @@
|
|||
# vim: filetype=muttrc
|
||||
|
||||
set from = "Benjamin Bädorf <b.baedorf@openproject.com>"
|
||||
set sendmail = "msmtp -a b.baedorf@openproject.com"
|
||||
set signature = "~/.config/mutt/b.baedorf@openproject.com.signature"
|
||||
|
||||
set pgp_default_key="DB94333951EC9A362B33FBA5069CA2D117AB5CCF"
|
||||
|
||||
set imap_user = b.baedorf@openproject.com
|
||||
set imap_pass = `secret-tool lookup service smtp host smtp.mailbox.org user b.baedorf@openproject.com`
|
||||
|
||||
set folder = imaps://imap.mailbox.org:993
|
||||
|
||||
set spoolfile = "+INBOX"
|
||||
set postponed = "+Drafts"
|
||||
set record = "+Sent"
|
||||
set trash = "+Trash"
|
||||
mbox-hook = "+Archive"
|
||||
unmailboxes *
|
||||
mailboxes +INBOX \
|
||||
+Drafts \
|
||||
+Sent \
|
||||
+Archive \
|
||||
+Trash
|
19
users/ben/.config/mutt/b.baedorf@openproject.com.signature
Normal file
19
users/ben/.config/mutt/b.baedorf@openproject.com.signature
Normal file
|
@ -0,0 +1,19 @@
|
|||
--
|
||||
|
||||
Benjamin Bädorf
|
||||
Senior Frontend Engineer
|
||||
|
||||
OpenProject GmbH
|
||||
Karl-Liebknecht-Str. 5
|
||||
10178 Berlin
|
||||
|
||||
E: b.baedorf@openproject.com
|
||||
GPG: DB94 3339 51EC 9A36 2B33 FBA5 069C A2D1 17AB 5CC
|
||||
|
||||
T: +49 9599 899 22
|
||||
M: +49 151 2266 2777
|
||||
I: www.openproject.org
|
||||
|
||||
Amtsgericht Berlin-Charlottenburg HRB 117935
|
||||
Geschäftsführer Niels Lindenthal
|
||||
UStID DE211309779
|
|
@ -0,0 +1,21 @@
|
|||
# vim: filetype=muttrc
|
||||
|
||||
set from = "Benjamin Bädorf <benjamin.baedorf@rwth-aachen.de>"
|
||||
set sendmail = "msmtp -a benjamin.baedorf@rwth-aachen.de"
|
||||
set signature = "~/.config/mutt/hello@benjaminbaedorf.eu.signature"
|
||||
|
||||
set pgp_default_key="4332E0D02B214D31376C366E4406E80E13CD656C"
|
||||
|
||||
set mbox_type = Maildir
|
||||
set folder = ~/Mail
|
||||
set spoolfile = "+benjamin.baedorf\@rwth-aachen.de/INBOX"
|
||||
set postponed = "+benjamin.baedorf\@rwth-aachen.de/Drafts"
|
||||
set record = "+benjamin.baedorf\@rwth-aachen.de/Sent"
|
||||
set trash = "+benjamin.baedorf\@rwth-aachen.de/Trash"
|
||||
mbox-hook = "+benjamin.baedorf\@rwth-aachen.de/Journal"
|
||||
unmailboxes *
|
||||
mailboxes +benjamin.baedorf\@rwth-aachen.de/INBOX \
|
||||
+benjamin.baedorf\@rwth-aachen.de/Drafts \
|
||||
+benjamin.baedorf\@rwth-aachen.de/Sent \
|
||||
+benjamin.baedorf\@rwth-aachen.de/Journal \
|
||||
+benjamin.baedorf\@rwth-aachen.de/Trash
|
21
users/ben/.config/mutt/hello@benjaminbaedorf.eu.muttrc
Normal file
21
users/ben/.config/mutt/hello@benjaminbaedorf.eu.muttrc
Normal file
|
@ -0,0 +1,21 @@
|
|||
# vim: filetype=muttrc
|
||||
|
||||
set from = "Benjamin Bädorf <hello@benjaminbaedorf.eu>"
|
||||
set sendmail = "msmtp -a hello@benjaminbaedorf.eu"
|
||||
set signature = "~/.config/mutt/hello@benjaminbaedorf.eu.signature"
|
||||
|
||||
set pgp_default_key="4332E0D02B214D31376C366E4406E80E13CD656C"
|
||||
|
||||
set mbox_type = Maildir
|
||||
set folder = ~/Mail
|
||||
set spoolfile = "+hello\@benjaminbaedorf.eu/INBOX"
|
||||
set postponed = "+hello\@benjaminbaedorf.eu/Drafts"
|
||||
set record = "+hello\@benjaminbaedorf.eu/Sent"
|
||||
set trash = "+hello\@benjaminbaedorf.eu/Trash"
|
||||
mbox-hook = "+hello\@benjaminbaedorf.eu/Archive"
|
||||
unmailboxes *
|
||||
mailboxes +hello\@benjaminbaedorf.eu/INBOX \
|
||||
+hello\@benjaminbaedorf.eu/Drafts \
|
||||
+hello\@benjaminbaedorf.eu/Sent \
|
||||
+hello\@benjaminbaedorf.eu/Archive \
|
||||
+hello\@benjaminbaedorf.eu/Trash
|
|
@ -0,0 +1,7 @@
|
|||
--
|
||||
|
||||
Benjamin Bädorf
|
||||
Software Engineer
|
||||
|
||||
E: hello@benjaminbaedorf.eu
|
||||
GPG: 4332 E0D0 2B21 4D31 376C 366E 4406 E80E 13CD 656C
|
49
users/ben/.config/offlineimap/config
Normal file
49
users/ben/.config/offlineimap/config
Normal file
|
@ -0,0 +1,49 @@
|
|||
[general]
|
||||
pythonfile = $XDG_CONFIG_HOME/offlineimap/functions.py
|
||||
metadata = $XDG_DATA_HOME/offlineimap
|
||||
accounts = BBEU, RWTH
|
||||
|
||||
[Account BBEU]
|
||||
localrepository = LocalBBEU
|
||||
remoterepository = RemoteBBEU
|
||||
|
||||
[Repository LocalBBEU]
|
||||
type = Maildir
|
||||
localfolders = ~/Mail/hello@benjaminbaedorf.eu
|
||||
|
||||
[Repository RemoteBBEU]
|
||||
type = IMAP
|
||||
remotehost = mail.hosting.de
|
||||
remoteuser = hello@benjaminbaedorf.eu
|
||||
remotepasseval = get_secret("service", "smtp", "host", "mail.hosting.de", "user", "hello@benjaminbaedorf.eu")
|
||||
sslcacertfile = /etc/ssl/certs/ca-certificates.crt
|
||||
|
||||
[Account RWTH]
|
||||
localrepository = LocalRWTH
|
||||
remoterepository = RemoteRWTH
|
||||
|
||||
[Repository LocalRWTH]
|
||||
type = Maildir
|
||||
localfolders = ~/Mail/benjamin.baedorf@rwth-aachen.de
|
||||
|
||||
[Repository RemoteRWTH]
|
||||
type = IMAP
|
||||
remotehost = mail.rwth-aachen.de
|
||||
remoteuser = bb564306@rwth-aachen.de
|
||||
remotepasseval = get_secret("service", "smtp", "host", "mail.rwth-aachen.de", "user", "bb564306@rwth-aachen.de")
|
||||
sslcacertfile = /etc/ssl/certs/ca-certificates.crt
|
||||
|
||||
[Account OPGmail]
|
||||
localrepository = LocalOPGmail
|
||||
remoterepository = RemoteOPGmail
|
||||
|
||||
[Repository LocalOPGmail]
|
||||
type = Maildir
|
||||
localfolders = ~/Mail/b.baedorf@openproject.com
|
||||
|
||||
[Repository RemoteOPGmail]
|
||||
type = IMAP
|
||||
remotehost = imap.gmail.com
|
||||
remoteuser = b.baedorf@openproject.com
|
||||
remotepasseval = get_secret("service", "smtp", "host", "smtp.gmail.com", "user", "b.baedorf@openproject.com")
|
||||
sslcacertfile = /etc/ssl/certs/ca-certificates.crt
|
1
users/ben/.gitattributes
vendored
Normal file
1
users/ben/.gitattributes
vendored
Normal file
|
@ -0,0 +1 @@
|
|||
secrets/** filter=git-crypt-4406E80E13CD656C diff=git-crypt-4406E80E13CD656C
|
37
users/ben/default.nix
Normal file
37
users/ben/default.nix
Normal file
|
@ -0,0 +1,37 @@
|
|||
{ config, pkgs, lib, ... }:
|
||||
let
|
||||
psCfg = config.pub-solar;
|
||||
in
|
||||
{
|
||||
imports = [
|
||||
./home.nix
|
||||
];
|
||||
|
||||
config = {
|
||||
pub-solar = {
|
||||
# These are your personal settings
|
||||
# The only required settings are `name` and `password`,
|
||||
# The rest is used for programs like git
|
||||
user = {
|
||||
name = "ben";
|
||||
password = "$6$LO2YoaHwuRQhUoSz$iHw9avM887eJg9cIty2nmG4Ibkol3YpviEhYpivVQP31VrnihFz/6LyugxD7X4VmXx9nxvcYIZnN90rlGxwjT.";
|
||||
fullName = "Benjamin Bädorf";
|
||||
email = "hello@benjaminbaedorf.eu";
|
||||
gpgKeyId = "4406E80E13CD656C";
|
||||
};
|
||||
|
||||
email.enable = true;
|
||||
uhk.enable = true;
|
||||
};
|
||||
|
||||
networking.hosts = {
|
||||
"127.0.0.1" = [
|
||||
"openproject.local"
|
||||
"saas-1.openproject.local"
|
||||
"transmission.local"
|
||||
];
|
||||
};
|
||||
|
||||
fonts.fonts = lib.attrValues pkgs.b12f.fonts;
|
||||
};
|
||||
}
|
51
users/ben/home.nix
Normal file
51
users/ben/home.nix
Normal file
|
@ -0,0 +1,51 @@
|
|||
{ config, pkgs, lib, ... }:
|
||||
with lib;
|
||||
let
|
||||
psCfg = config.pub-solar;
|
||||
xdg = config.home-manager.users."${psCfg.user.name}".xdg;
|
||||
in
|
||||
{
|
||||
imports = [
|
||||
./session-variables.nix
|
||||
];
|
||||
|
||||
home-manager = pkgs.lib.setAttrByPath [ "users" psCfg.user.name ] {
|
||||
home.packages = with pkgs; [
|
||||
dogecoin
|
||||
nodejs
|
||||
];
|
||||
|
||||
programs.ssh = {
|
||||
enable = true;
|
||||
matchBlocks = {
|
||||
"git.b12f.io" = {
|
||||
hostname = "git.b12f.io";
|
||||
port = 2222;
|
||||
user = "git";
|
||||
};
|
||||
|
||||
"aur.archlinux.org" = {
|
||||
user = "aur";
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
xdg.configFile."mutt/accounts.muttrc".text = ''
|
||||
source ./hello@benjaminbaedorf.eu.muttrc
|
||||
|
||||
macro index <f1> '<sync-mailbox><enter-command>source $XDG_CONFIG_HOME/mutt/hello@benjaminbaedorf.eu.muttrc<enter><change-folder>!<enter>'
|
||||
macro index <f2> '<sync-mailbox><enter-command>source $XDG_CONFIG_HOME/mutt/benjamin.baedorf@rwth-aachen.de.muttrc<enter><change-folder>!<enter>'
|
||||
macro index <f3> '<sync-mailbox><enter-command>source $XDG_CONFIG_HOME/mutt/b.baedorf@openproject.com.muttrc<enter><change-folder>!<enter>'
|
||||
'';
|
||||
xdg.configFile."mutt/hello@benjaminbaedorf.eu.muttrc".source = ./.config/mutt + "/hello@benjaminbaedorf.eu.muttrc";
|
||||
xdg.configFile."mutt/benjamin.baedorf@rwth-aachen.de.muttrc".source = ./.config/mutt + "/benjamin.baedorf@rwth-aachen.de.muttrc";
|
||||
xdg.configFile."mutt/hello@benjaminbaedorf.eu.signature".source = ./.config/mutt + "/hello@benjaminbaedorf.eu.signature";
|
||||
xdg.configFile."mutt/b.baedorf@openproject.com.muttrc".source = ./.config/mutt + "/b.baedorf@openproject.com.muttrc";
|
||||
xdg.configFile."mutt/b.baedorf@openproject.com.signature".source = ./.config/mutt + "/b.baedorf@openproject.com.signature";
|
||||
xdg.configFile."offlineimap/config".source = ./.config/offlineimap/config;
|
||||
xdg.configFile."msmtp/config".source = ./.config/msmtp/config;
|
||||
# xdg.configFile."wallpaper.jpg".source = ./assets/wallpaper.jpg;
|
||||
};
|
||||
|
||||
services.mopidy.configuration = mkIf config.pub-solar.audio.enable (builtins.readFile ./secrets/mopidy.conf);
|
||||
}
|
BIN
users/ben/secrets/mopidy.conf
Normal file
BIN
users/ben/secrets/mopidy.conf
Normal file
Binary file not shown.
14
users/ben/session-variables.nix
Normal file
14
users/ben/session-variables.nix
Normal file
|
@ -0,0 +1,14 @@
|
|||
{ config, pkgs, ... }:
|
||||
let
|
||||
psCfg = config.pub-solar;
|
||||
xdg = config.home-manager.users."${psCfg.user.name}".xdg;
|
||||
in
|
||||
{
|
||||
home-manager = pkgs.lib.setAttrByPath [ "users" psCfg.user.name ] {
|
||||
home.sessionVariables = {
|
||||
DRONE_SERVER = "https://ci.b12f.io";
|
||||
RESTIC_REPOSITORY = "sftp:root@backup.b12f.io:/media/internal/backups";
|
||||
RESTIC_PASSWORD_COMMAND = "secret-tool lookup restic repository-password";
|
||||
};
|
||||
};
|
||||
}
|
Loading…
Reference in a new issue