Compare commits
No commits in common. "e10fb596a7729dbfcb8863f7abe3b848599076f4" and "49535655b6c54ff7131f5db550d512d473421aec" have entirely different histories.
e10fb596a7
...
49535655b6
|
@ -35,61 +35,6 @@
|
|||
# lib = (import ../lib { inherit pkgs; lib = pkgs.lib; });
|
||||
base = import ./base;
|
||||
inherit (base) mkModuleArgs;
|
||||
private_chromium = {config, pkgs, lib, ...}: let cfg = config.base.private_chromium;
|
||||
in {
|
||||
options.base.private_chromium = {
|
||||
enable = lib.mkOption {
|
||||
type = lib.types.bool;
|
||||
default = true;
|
||||
example = false;
|
||||
description = ''
|
||||
Enable extremely lightweight chromium with vimium plugin
|
||||
'';
|
||||
};
|
||||
};
|
||||
config = lib.mkIf cfg.enable {
|
||||
# home.packages = [pkgs.ungoogled-chromium];
|
||||
programs.chromium = {
|
||||
enable = true;
|
||||
package = pkgs.ungoogled-chromium;
|
||||
extensions =
|
||||
let
|
||||
mkChromiumExtForVersion = browserVersion: {id, sha256, extVersion,...}:
|
||||
{
|
||||
inherit id;
|
||||
crxPath = builtins.fetchurl {
|
||||
url = "https://clients2.google.com/service/update2/crx"+
|
||||
"?response=redirect"+
|
||||
"&acceptformat=crx2,crx3"+
|
||||
"&prodversion=${browserVersion}"+
|
||||
"&x=id%3D${id}%26installsource%3Dondemand%26uc";
|
||||
name = "${id}.crx";
|
||||
inherit sha256;
|
||||
};
|
||||
version = extVersion;
|
||||
};
|
||||
mkChromiumExt = mkChromiumExtForVersion (lib.versions.major pkgs.ungoogled-chromium.version);
|
||||
in
|
||||
[
|
||||
# vimium
|
||||
(mkChromiumExt {
|
||||
id = "dbepggeogbaibhgnhhndojpepiihcmeb";
|
||||
sha256 = "00qhbs41gx71q026xaflgwzzridfw1sx3i9yah45cyawv8q7ziic";
|
||||
extVersion = "1.67.4";
|
||||
})
|
||||
];
|
||||
};
|
||||
};
|
||||
};
|
||||
kde_module = {config, pkgs, ...}: {
|
||||
fonts.fontconfig.enable = true;
|
||||
home.packages = [
|
||||
(pkgs.nerdfonts.override {fonts = ["DroidSansMono"];})
|
||||
];
|
||||
# For some reasons, Windows es in the font name as DroidSansMono NF
|
||||
# so we need to override this
|
||||
base.alacritty.font.family = "DroidSansMono Nerd Font";
|
||||
};
|
||||
in
|
||||
{
|
||||
homeConfigurations =
|
||||
|
@ -116,24 +61,6 @@
|
|||
};
|
||||
};
|
||||
};
|
||||
"hungtr@bao" = home-manager.lib.homeManagerConfiguration {
|
||||
inherit pkgs;
|
||||
modules = base.modules ++ [
|
||||
./home.nix
|
||||
kde_module
|
||||
private_chromium
|
||||
];
|
||||
# optionally pass inarguments to module
|
||||
# we migrate this from in-place modules to allow flexibility
|
||||
# in this case, we can add "home" to input arglist of home.nix
|
||||
extraSpecialArgs = mkModuleArgs {
|
||||
inherit pkgs;
|
||||
myHome = {
|
||||
username = "hungtr";
|
||||
homeDirectory = "/home/hungtr";
|
||||
};
|
||||
};
|
||||
};
|
||||
"nixos@Felia" = home-manager.lib.homeManagerConfiguration {
|
||||
inherit pkgs;
|
||||
modules = [
|
||||
|
|
|
@ -57,9 +57,6 @@ in
|
|||
# pkgs.nixops_unstable # nixops v2 # insecure for now
|
||||
pkgs.lynx # Web browser at your local terminal
|
||||
|
||||
# Personal management
|
||||
pkgs.keepass
|
||||
|
||||
# pkgs.tailscale # VPC;; This should be installed in system-nix
|
||||
pkgs.python310 # dev packages should be in project
|
||||
# pkgs.python310.numpy
|
||||
|
@ -91,7 +88,4 @@ in
|
|||
# https://github.com/nix-community/home-manager/pull/3287
|
||||
# extraConfig = builtins.readFile "${proj_root}/neovim/init.lua";
|
||||
};
|
||||
# not exist in home-manager
|
||||
# have to do it at system level
|
||||
# services.ntp.enable = true; # automatic time
|
||||
}
|
||||
|
|
|
@ -29,7 +29,7 @@ with lib;
|
|||
isNormalUser = true;
|
||||
home = "/home/hungtr";
|
||||
description = "pegasust/hungtr";
|
||||
extraGroups = [ "wheel" "networkmanager" "audio"];
|
||||
extraGroups = [ "wheel" "networkmanager" ];
|
||||
};
|
||||
users.users.root = {
|
||||
# openssh runs in root, no? This is because port < 1024 requires root.
|
||||
|
@ -61,7 +61,6 @@ with lib;
|
|||
# inherit services;
|
||||
services = lib.recursiveUpdate _services {
|
||||
tailscale.enable = true;
|
||||
ntp.enable = true;
|
||||
};
|
||||
# create a oneshot job to authenticate to Tailscale
|
||||
systemd.services.tailscale-autoconnect = {
|
||||
|
|
|
@ -184,17 +184,7 @@
|
|||
specialArgs.hostname = "bao";
|
||||
modules = [
|
||||
./configuration.nix
|
||||
# automount using s3fs
|
||||
({config, pkgs, lib, ...}: {
|
||||
environment.systemPackages = [pkgs.s3fs]; # s3fs-fuse
|
||||
# Sadly, this uses systemd, so we can't put it in home-manager yet
|
||||
# WIP
|
||||
# services.autofs = {
|
||||
# enable = true;
|
||||
# autoMaster =
|
||||
# };
|
||||
})
|
||||
# GPU, sound, networking stuffs
|
||||
|
||||
({ config, pkgs, lib, ... }:
|
||||
let
|
||||
gpu_pkgs = [ pkgs.clinfo pkgs.lshw pkgs.glxinfo pkgs.pciutils ];
|
||||
|
@ -204,7 +194,8 @@
|
|||
enable = true;
|
||||
extraPackages = let
|
||||
inherit (pkgs) rocm-opencl-icd rocm-opencl-runtime;
|
||||
in [rocm-opencl-icd rocm-opencl-runtime];
|
||||
in
|
||||
[rocm-opencl-icd rocm-opencl-runtime];
|
||||
# Vulkan
|
||||
driSupport = true;
|
||||
driSupport32Bit = true;
|
||||
|
@ -226,7 +217,13 @@
|
|||
};
|
||||
systemPackages = [] ++ gpu_pkgs;
|
||||
in
|
||||
lib.recursiveUpdate gpu_conf (lib.recursiveUpdate nv_rtx3060 {
|
||||
lib.recursiveUpdate gpu_conf (lib.recursiveUpdate nv_rtx3060
|
||||
{
|
||||
imports =
|
||||
[ # Include the results of the hardware scan.
|
||||
./profiles/bao/hardware-configuration.nix
|
||||
];
|
||||
|
||||
# Use UEFI
|
||||
boot.loader.systemd-boot.enable = true;
|
||||
|
||||
|
@ -237,11 +234,11 @@
|
|||
|
||||
# Enable the X11 windowing system.
|
||||
services.xserver.enable = true;
|
||||
# KDE & Plasma 5
|
||||
services.xserver.displayManager.sddm.enable = true;
|
||||
services.xserver.desktopManager.plasma5.enable = true;
|
||||
|
||||
time.timeZone = "America/Phoenix";
|
||||
|
||||
|
||||
# Configure keymap in X11
|
||||
services.xserver.layout = "us";
|
||||
# services.xserver.xkbOptions = {
|
||||
|
@ -252,28 +249,9 @@
|
|||
# Enable CUPS to print documents.
|
||||
# services.printing.enable = true;
|
||||
|
||||
# Enable sound. (pulse audio)
|
||||
# Enable sound.
|
||||
sound.enable = true;
|
||||
programs.dconf.enable = true;
|
||||
hardware.pulseaudio.enable = true;
|
||||
hardware.pulseaudio.support32Bit = true;
|
||||
nixpkgs.config.pulseaudio = true;
|
||||
hardware.pulseaudio.extraConfig = "load-module module-combine-sink";
|
||||
|
||||
# Sound: pipewire
|
||||
# sound.enable = false;
|
||||
# hardware.pulseaudio.enable = false;
|
||||
# services.pipewire = {
|
||||
# enable = true;
|
||||
# alsa.enable = true;
|
||||
# alsa.support32Bit = true;
|
||||
# pulse.enable = true;
|
||||
# # Might want to use JACK in the future
|
||||
# jack.enable = true;
|
||||
# };
|
||||
#
|
||||
# security.rtkit.enable = true;
|
||||
|
||||
|
||||
# Enable touchpad support (enabled default in most desktopManager).
|
||||
# services.xserver.libinput.enable = true;
|
||||
|
@ -290,7 +268,7 @@
|
|||
# Just an initial user to get this started lol
|
||||
users.users.user = {
|
||||
initialPassword = "pw123";
|
||||
extraGroups = [ "wheel" "networkmanager" "audio"];
|
||||
extraGroups = [ "wheel" "networkmanager" ];
|
||||
isNormalUser = true;
|
||||
};
|
||||
|
||||
|
@ -332,6 +310,7 @@
|
|||
# Before changing this value read the documentation for this option
|
||||
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
|
||||
system.stateVersion = "22.11"; # Did you read the comment?
|
||||
|
||||
}))
|
||||
];
|
||||
};
|
||||
|
|
|
@ -30,20 +30,6 @@ if [ ! -f "${HARDWARE_CONF}" ]; then
|
|||
fi
|
||||
git add "${HARDWARE_CONF}"
|
||||
|
||||
# Copy ssh/id-rsa details onto ssh/authorized_keys
|
||||
SSH_PRIV="${HOME}/.ssh/id_rsa"
|
||||
SSH_PUB="${SSH_PRIV}.pub"
|
||||
SSH_DIR="${SCRIPT_DIR}/../ssh"
|
||||
if [ ! -f "${SSH_PRIV}" ]; then
|
||||
ssh-keygen -b 2048 -t rsa -f "${SSH_PRIV}" -q -N ""
|
||||
fi
|
||||
# idempotently adds to authorized_keys
|
||||
cat "${SSH_PUB}" >> "${SSH_DIR}/authorized_keys"
|
||||
# If we do this, then uniq is performed first :?
|
||||
# sort "${SSH_DIR}/authorized_keys" | uniq >"${SSH_DIR}/authorized_keys"
|
||||
sort "${SSH_DIR}/authorized_keys" | uniq | tee "${SSH_DIR}/authorized_keys"
|
||||
cat "${SSH_DIR}/authorized_keys"
|
||||
|
||||
echo "Apply nixos-rebuild"
|
||||
sudo nixos-rebuild switch --flake "${SYSNIX_DIR}#${HOSTNAME}"
|
||||
|
||||
|
|
|
@ -1,6 +1,7 @@
|
|||
#!/usr/bin/env sh
|
||||
# NOTE: Untested on case of no home-manager
|
||||
set -xv
|
||||
|
||||
# Where this script located
|
||||
SCRIPT_DIR=$(realpath $(dirname $0))
|
||||
echo "SCRIPT_DIR: ${SCRIPT_DIR}"
|
||||
|
@ -12,7 +13,7 @@ HOME_MANAGER_DIR="${SCRIPT_DIR}/../nix-conf/home-manager"
|
|||
if [ $(home-manager >/dev/null 2>&1) ]; then
|
||||
nix-shell -p home-manager --run "home-manager switch --flake $HOME_MANAGER_DIR"
|
||||
else
|
||||
home-manager switch -b backup --flake "$HOME_MANAGER_DIR"
|
||||
home-manager switch --flake "$HOME_MANAGER_DIR"
|
||||
fi
|
||||
|
||||
|
||||
|
|
|
@ -1,3 +0,0 @@
|
|||
#!/usr/bin/env sh
|
||||
sudo nix-env --list-generations --profile /nix/var/nix/profiles/system
|
||||
|
|
@ -1,7 +1,6 @@
|
|||
sh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCgmng5xL/auvI2F8ufFAfId2Ey55ONHjgnKKSEWLVWkPMutXT3BCnSglNAuEVRLX2zfzg3beQd80AHTow+qro5QWI/rYfeL1QPNEwoThbRFcvtWLTlgzBGA4ejjpIF9sCPNp0sXrrQRfxRP7w4b23BcRJQcsDoaEtKGKJZ2GQIoOafkYypwcunANb54EAouZTfHEPKDr26Gfw8usc2Sae32G/80QLBF2jGabyexJjNE3F6hdJTwq5iiqIVdSr4ue82zo3M8jBdtCMDGaOliI5RWSa9iuX9o2scCGDU69Gkw7ma+JHOP/e9Z8sUz03TkjPbEnGi3EC3YAHEoDzmwqTi07hppCuzacLB5NZ9UZ1g5PzBIZR8TJTONngT08EQyGrkNv2sUnn0dtBqve5tHR04NuXy65ym7Iwl2DDVbAL0NlM4gKWzOGZ2CnSLT0WmkG2sQKU37NmS2pBJ8RXJBatUFe4vQVzqlFj39iRGIBV5XR0I9xcxDfCxBHFs3aIqAqE= hwtr@hwtr-prince
|
||||
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIH0Z5noQn3mHy5yiN3n6YyOKRhlQT6fx4NLmI/3d4vY6 root@Fel
|
||||
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQClSDhyOeehUOIMdRonTDD9h7kBbzC3c/QG650S7vfhLE67UNt5tuUjazQg7pFj3O/5WnyqCpBOMJoPaSZ0S5gGdo4h4xatPUBAGDjMygKhg4VA0x7Lr3Tbc1CF8dyuRKVlB+aIWLIyLHHPL5wDao7tnvmuCGKDyaV8XFaKpzRZqAlpfn8svR90Y4wNFYr1V+F+Y6r8reB1Rph6A9BY4niDKY0MbFhvTj6VJQf++1ji0FziACVpYI9aqAcZ4ngReUtgWiIsnq5UMfrEk0vYBG/3KsYElaRig76Bucz1fBA16iAgQua1hthPifsw8vmaK5k6Q3c2SOdc5PGF6IlTfSGJ root@Fel
|
||||
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQD49VHCU8S6zqNsaS0SFiVqULmOWtyVOIeteYSOznzTHJ0dVjXnamuj/uVsSXRkYIIdAkABWQm9WKELUC2SBBE7DgDj+Izv3cO7QkAJ9v1cxV1P1efrTytz8XtyX++XYygxXCwZ5zyqxhSF5ZW+FO0CNRx1cNisAhF6AMzoXRsyF1dqNioitXTN0xh0xx2mR0Bb3zy1kYNZVwn1uBYyd4Hz6CBgJ7Xi6d/STXWcmc0XnEJTllNSQNEpI6vJjL62JmUPubqDjVKh4awiPRPiw9By1FGaGVtHhOZ+8AvVMTps07GNVJ+XZi1DJLmeItpiCwYsWh96HCp3lup0onLzubpP pi@raspberrypi
|
||||
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDFQN5Ia8rTalnQgcvdxH2n7UNNT1Tq9UvNdJeg9ziJtUkKaC6H4NM4ArOEZ60izANOQX1crAD8hmBmz1Go8/4P3VXTYlTb7eDyZqLyncOe/shBXeVVLxJWzhEj60RTgecnmNYdtRAm+9INbPW/Bvcj8U2KyaykIXZGdjIuZ7TPruHjITxZYR+dkDOoVkJuYJMdYzxyHZpylPh+HjgDDvUG3oNJtj4ri5JKwLAMyq5t5S1JcLx4rXivrKREizUMMG8LzWSfjeByTzF8+lHtUdP94ygG02v/6Jod/g6taUQS9Yu+NDFqkKjRH3H9jgyd/DVGsRw5akBWbR81DATtTprx ssh-key-2022-12-15
|
||||
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQC/UzKwmFsAlLoCXvOq2lsC1sr1BRDW5uPkdcYUfQ7z4JowL/pscoTV9zjfJd1hPBvHLBvn7gs7gWt0wNnJfD1Oor26VreHjhi1PZE2kovrEzjmPoz+GqMPciV+HF9XNIRwDiHlUNFPt9qJjAJXJCFhzcmT9q0JQuPlNgJtQ6+By7RgPuJczpf17IbxpheLcXqtOFcTHyRT01KijIPhAtWRlmG5dahVuu50EfpmHRYZ8nCJJqkuJ6uRbFaPE6mYLnXLSzJUdyakYnzWbCd5phpoGAuFyQZnS503CFZUOFCnNEN8QfO2DXihp7lvrzzpI6PgcpvpotSo9kYFiEuB+DRlBQcVMWL0lUk2J1JHJH83y3CxwH0pUc7E1k6FAZE4pv4x0KEvbZSvmb8jAGWZkn4HvZCwXR5wGVi22s6RCdIHvR2PCpAy+ZSjpM+2FJIqDHpxY/vo3ktM9rpeCSwp14F/iiw6nanVq/KZBpCZ2paMcAU4WreCFZiPdGsdiixYlts= hungtr@bao
|
||||
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDAW4E8L/zGkcqixJo1102ddqeexoBMHIhXRXpWR3dTmJtbaaVbo4+rHRsjHPvHif9CRfi+BQ8CHG3zmBjH7DZPZIRCVtkms1EDe1k/G3fEnfgYc6gboJfoTdLkVjNOtdStTi03dCA/riQqUKc7/v16R5ZXIAmNCnmMHelObCSDPzYg8psZAUk1ZZY//pnhp9JRPsC2JxsshN7HCNIED9aFgrJkvUt+wUVGjVHzyQwyR6J7m1yyoivTwdmYdulG7OriLeeNq8vkoDmLGgLSC+zKehzJYOZsH3EKuxuZjQ3J9tK/NseQOhsQglRHE/OvphMwT/J96gl9dZR/LQXp4S6hwLccTzFfs8rLaTOIK6CEpqBUuBonot/1vJP5j5E73hfkHwZO7TQKwfXtpRCxCl5Nm3cB2Y3kz5mArDiwWioVsX4qd0XR0F9MFtuTVTn2f4K/Gwr9P3XMkLWXU1+1KbQiWIg+Zf5DpQgBW5HWryZzsMcjyMC2I2BJCl6Q+V8ofSM= nixos@Felia
|
||||
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQD49VHCU8S6zqNsaS0SFiVqULmOWtyVOIeteYSOznzTHJ0dVjXnamuj/uVsSXRkYIIdAkABWQm9WKELUC2SBBE7DgDj+Izv3cO7QkAJ9v1cxV1P1efrTytz8XtyX++XYygxXCwZ5zyqxhSF5ZW+FO0CNRx1cNisAhF6AMzoXRsyF1dqNioitXTN0xh0xx2mR0Bb3zy1kYNZVwn1uBYyd4Hz6CBgJ7Xi6d/STXWcmc0XnEJTllNSQNEpI6vJjL62JmUPubqDjVKh4awiPRPiw9By1FGaGVtHhOZ+8AvVMTps07GNVJ+XZi1DJLmeItpiCwYsWh96HCp3lup0onLzubpP pi@raspberrypi
|
||||
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQClSDhyOeehUOIMdRonTDD9h7kBbzC3c/QG650S7vfhLE67UNt5tuUjazQg7pFj3O/5WnyqCpBOMJoPaSZ0S5gGdo4h4xatPUBAGDjMygKhg4VA0x7Lr3Tbc1CF8dyuRKVlB+aIWLIyLHHPL5wDao7tnvmuCGKDyaV8XFaKpzRZqAlpfn8svR90Y4wNFYr1V+F+Y6r8reB1Rph6A9BY4niDKY0MbFhvTj6VJQf++1ji0FziACVpYI9aqAcZ4ngReUtgWiIsnq5UMfrEk0vYBG/3KsYElaRig76Bucz1fBA16iAgQua1hthPifsw8vmaK5k6Q3c2SOdc5PGF6IlTfSGJ root@Fel
|
||||
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIH0Z5noQn3mHy5yiN3n6YyOKRhlQT6fx4NLmI/3d4vY6 root@Fel
|
||||
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDFQN5Ia8rTalnQgcvdxH2n7UNNT1Tq9UvNdJeg9ziJtUkKaC6H4NM4ArOEZ60izANOQX1crAD8hmBmz1Go8/4P3VXTYlTb7eDyZqLyncOe/shBXeVVLxJWzhEj60RTgecnmNYdtRAm+9INbPW/Bvcj8U2KyaykIXZGdjIuZ7TPruHjITxZYR+dkDOoVkJuYJMdYzxyHZpylPh+HjgDDvUG3oNJtj4ri5JKwLAMyq5t5S1JcLx4rXivrKREizUMMG8LzWSfjeByTzF8+lHtUdP94ygG02v/6Jod/g6taUQS9Yu+NDFqkKjRH3H9jgyd/DVGsRw5akBWbR81DATtTprx ssh-key-2022-12-15
|
||||
|
|
Loading…
Reference in New Issue