From 6181236775ef1d77bce3c70b02b822a36f3137a8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Karel=20Ko=C4=8D=C3=AD?= Date: Mon, 9 Oct 2023 10:08:42 +0200 Subject: Update and tweak style --- flake.lock | 115 ++++++++++------- flake.nix | 2 +- nixos/modules/desktop.nix | 268 ++++++++++++++++++++------------------- nixos/modules/develop.nix | 33 ++--- nixos/modules/home-assistant.nix | 4 +- nixos/routers/router.nix | 149 +++++++++++----------- 6 files changed, 291 insertions(+), 280 deletions(-) diff --git a/flake.lock b/flake.lock index 3f92849..57f60ab 100644 --- a/flake.lock +++ b/flake.lock @@ -7,11 +7,11 @@ "nixpkgs": "nixpkgs" }, "locked": { - "lastModified": 1695384796, + "lastModified": 1696775529, "narHash": "sha256-TYlE4B0ktPtlJJF9IFxTWrEeq+XKG8Ny0gc2FGEAdj0=", "owner": "ryantm", "repo": "agenix", - "rev": "1f677b3e161d3bdbfd08a939e8f25de2568e0ef4", + "rev": "daf42cb35b2dc614d1551e37f96406e4c4a2d3e4", "type": "github" }, "original": { @@ -76,12 +76,15 @@ } }, "flake-utils_10": { + "inputs": { + "systems": "systems_7" + }, "locked": { - "lastModified": 1659877975, - "narHash": "sha256-zllb8aq3YO3h8B/U0/J1WBgAL8EX5yWf5pMj3G0NAmc=", + "lastModified": 1694529238, + "narHash": "sha256-zsNZZGTGnMOf9YpHKJqMSsa0dXbfmxeoJ7xHlrt+xmY=", "owner": "numtide", "repo": "flake-utils", - "rev": "c0e246b9b83f637f4681389ecabcb2681b4f3af0", + "rev": "ff7b65b44d01cf9ba6a71320833626af21126384", "type": "github" }, "original": { @@ -153,11 +156,11 @@ "systems": "systems_3" }, "locked": { - "lastModified": 1681202837, - "narHash": "sha256-H+Rh19JDwRtpVPAWp64F+rlEtxUWBAQW28eAi3SRSzg=", + "lastModified": 1694529238, + "narHash": "sha256-zsNZZGTGnMOf9YpHKJqMSsa0dXbfmxeoJ7xHlrt+xmY=", "owner": "numtide", "repo": "flake-utils", - "rev": "cfacdce06f30d2b68473a46042957675eebb3401", + "rev": "ff7b65b44d01cf9ba6a71320833626af21126384", "type": "github" }, "original": { @@ -222,11 +225,11 @@ "nixpkgs": "nixpkgs_2" }, "locked": { - "lastModified": 1696327626, - "narHash": "sha256-/8yBHJeonPZeVnlwPShEsp5zvMJgtbiVsvDFBjYja1k=", + "lastModified": 1696529394, + "narHash": "sha256-0yTod159EDVHqb0CgYk+6GEJ7rnuueE52cQY8YL7YTo=", "ref": "refs/heads/master", - "rev": "877c38a581e5ad2c4d48c8320bdb890ffbb5be71", - "revCount": 3191, + "rev": "8ff2ed61ee94abd8a14c6c16e523ec9b71f60786", + "revCount": 3198, "submodules": true, "type": "git", "url": "http://jessie.elektroline.cz/elektroline/flatlineng.git" @@ -303,11 +306,11 @@ "nixpkgs-regression": "nixpkgs-regression" }, "locked": { - "lastModified": 1696490607, - "narHash": "sha256-g/g0ix+OEsRcSVvcx+i9doTM148AdBZUcgjsSngyhqk=", + "lastModified": 1696671022, + "narHash": "sha256-Qs9hVi4sKOsvV3YjKJK16hF/XF4PZ8l7XzAipjyWMPU=", "owner": "NixOS", "repo": "nix", - "rev": "d12fb4b1f1ccfa7832c029a7e37d31518df846e7", + "rev": "c29b8ba142a0650d1182ca838ddc1b2d273dcd2a", "type": "github" }, "original": { @@ -336,11 +339,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1696488240, - "narHash": "sha256-m9H4XDHaO7fGXLWTgNFrKFbBbMvrJpB7Sj6BcTM/2UE=", + "lastModified": 1696614066, + "narHash": "sha256-nAyYhO7TCr1tikacP37O9FnGr2USOsVBD3IgvndUYjM=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "6d05cccc80feaf93d5f3d6837f8c2db582b29cf8", + "rev": "bb2db418b616fea536b1be7f6ee72fb45c11afe0", "type": "github" }, "original": { @@ -425,11 +428,11 @@ }, "nixpkgs_13": { "locked": { - "lastModified": 1664847737, - "narHash": "sha256-Wxl0CtRH3Vo8+qEZ/PbCcx+9D8wEEi56tJPmROum2ss=", + "lastModified": 1696419054, + "narHash": "sha256-EdR+dIKCfqL3voZUDYwcvgRDOektQB9KbhBVcE0/3Mo=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "de80d1d04ee691279e1302a1128c082bbda3ab01", + "rev": "7131f3c223a2d799568e4b278380cd9dac2b8579", "type": "github" }, "original": { @@ -483,11 +486,11 @@ }, "nixpkgs_5": { "locked": { - "lastModified": 1696434248, - "narHash": "sha256-qivb3b3b5Cxe5/8qwCJ4CJCw/ENtim5zlhDItGR0p1I=", + "lastModified": 1696729975, + "narHash": "sha256-Bgm3GFrNftDwDbnNYvKzeX1jW5euOLif5ZsvYsYYq30=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "349bdd9653c42f1793d338b43aefe08883c5ebee", + "rev": "0cbdedb436366db9863df099a934306028ed21ca", "type": "github" }, "original": { @@ -499,11 +502,11 @@ }, "nixpkgs_6": { "locked": { - "lastModified": 1696419054, - "narHash": "sha256-EdR+dIKCfqL3voZUDYwcvgRDOektQB9KbhBVcE0/3Mo=", + "lastModified": 1679734080, + "narHash": "sha256-z846xfGLlon6t9lqUzlNtBOmsgQLQIZvR6Lt2dImk1M=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "7131f3c223a2d799568e4b278380cd9dac2b8579", + "rev": "dbf5322e93bcc6cfc52268367a8ad21c09d76fea", "type": "github" }, "original": { @@ -527,11 +530,11 @@ }, "nixpkgs_8": { "locked": { - "lastModified": 1685399834, - "narHash": "sha256-Lt7//5snriXSdJo5hlVcDkpERL1piiih0UXIz1RUcC4=", + "lastModified": 1696419054, + "narHash": "sha256-EdR+dIKCfqL3voZUDYwcvgRDOektQB9KbhBVcE0/3Mo=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "58c85835512b0db938600b6fe13cc3e3dc4b364e", + "rev": "7131f3c223a2d799568e4b278380cd9dac2b8579", "type": "github" }, "original": { @@ -594,11 +597,11 @@ "nixpkgs": "nixpkgs_10" }, "locked": { - "lastModified": 1695928422, - "narHash": "sha256-1Y1yLY6e6CAE+cwmxyq8up/iV/KOswYDKoftpWB1GoU=", + "lastModified": 1696323749, + "narHash": "sha256-IuFWLnUAAEjrF+D5dki+UvQO7TJlbYuwiOcBXpmm/ik=", "ref": "shv3", - "rev": "0f1fa8347bb783c71693a808cb177d8a9ac3d857", - "revCount": 108, + "rev": "385c759177c43447a6e58f4dcba76fc2bd9340a6", + "revCount": 109, "type": "git", "url": "https://gitlab.com/elektroline-predator/pyshv.git" }, @@ -653,11 +656,11 @@ "pyshv": "pyshv" }, "locked": { - "lastModified": 1696495195, - "narHash": "sha256-02q5WYxM4+8nCM+zPHfLleAYunC2Mwwhd7r/X6viFOQ=", + "lastModified": 1696508595, + "narHash": "sha256-+8zzmHKYEd3sLKMOQ0og9osj27Kg6sB7xHvhr7juFV0=", "ref": "dev", - "rev": "72d86fe371f84a1b72b73a0c583906fb376a7870", - "revCount": 31, + "rev": "a41fff2ecab733be74ecec250442c325cd45a731", + "revCount": 34, "type": "git", "url": "https://gitlab.com/elektroline-predator/shvcli.git" }, @@ -796,33 +799,47 @@ "type": "github" } }, + "systems_7": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } + }, "usbkey": { "inputs": { "flake-utils": "flake-utils_10", "nixpkgs": "nixpkgs_13" }, "locked": { - "lastModified": 1665754388, - "narHash": "sha256-y9fCPNjGHLeIsnXTo792bG1ffJSQA3XtyeTofYllsK4=", - "ref": "modules", - "rev": "4c7363b056aaf2a73f2a908f7e864174569de15f", - "revCount": 10, + "lastModified": 1696631236, + "narHash": "sha256-zWYntwZjYroLLMpO2zmxCvaBiisF2XvBWwQIyek7+n4=", + "ref": "refs/heads/master", + "rev": "65a86a439a1340539891f83078b01cef0e1172de", + "revCount": 20, "type": "git", - "url": "https://git.cynerd.cz/usbkey" + "url": "https://gitlab.com/cynerd/usbkey" }, "original": { - "ref": "modules", "type": "git", - "url": "https://git.cynerd.cz/usbkey" + "url": "https://gitlab.com/cynerd/usbkey" } }, "vpsadminos": { "locked": { - "lastModified": 1696431809, - "narHash": "sha256-3aD0G27Vv4/aZ7Tq7508Czd6EMuHAArAss7DHDJk884=", + "lastModified": 1696775004, + "narHash": "sha256-8L4VBXSd9uHhT7w0JKfhAEF1uKGGCIyaW1hree6rWeU=", "owner": "vpsfreecz", "repo": "vpsadminos", - "rev": "edcc1846ec84bc4c5beb0be189019cfc6beb1c2d", + "rev": "93627de1041417c616d5aab888b798900dc2764c", "type": "github" }, "original": { diff --git a/flake.nix b/flake.nix index 2f3676b..a073bb1 100644 --- a/flake.nix +++ b/flake.nix @@ -16,7 +16,7 @@ vpsadminos.url = "github:vpsfreecz/vpsadminos"; shellrc.url = "git+https://git.cynerd.cz/shellrc"; - usbkey.url = "git+https://git.cynerd.cz/usbkey?ref=modules"; + usbkey.url = "git+https://gitlab.com/cynerd/usbkey"; }; outputs = { diff --git a/nixos/modules/desktop.nix b/nixos/modules/desktop.nix index 093a9c2..3697ec8 100644 --- a/nixos/modules/desktop.nix +++ b/nixos/modules/desktop.nix @@ -23,139 +23,141 @@ in { }; config = mkIf cnf.enable { - programs.sway.enable = true; - programs.sway.wrapperFeatures.gtk = true; - programs.sway.extraPackages = with pkgs; - [ - gnome.dconf-editor - glib - gsettings-desktop-schemas - i3blocks - sysstat - wofi - rofimoji - wev - swaybackground - myswaylock - - alacritty - - kanshi - wdisplays - wayvnc - wl-mirror - slurp - grim - wf-recorder - wl-clipboard - wl-color-picker - swayidle - dunst - libnotify - - isync - msmtp - notmuch - astroid - taskwarrior - vdirsyncer - khal - khard - gnupg - pinentry-gnome - pinentry-curses - (pass.withExtensions (exts: [ - exts.pass-otp - exts.pass-audit - ])) - - chromium - ferdium - signal-desktop - libreoffice - mupdf - zathura - pdfgrep - - xdg-utils - xdg-launch - mesa-demos - vulkan-tools - - pulsemixer - mpd - mpc-cli - ncmpcpp - feh - shotwell - id3lib - vlc - mpv - youtube-dl - spotify - - nordic - delft-icon-theme - gnome.adwaita-icon-theme - vanilla-dmz - sound-theme-freedesktop - gucharmap - - (sdcv.withDictionaries [stardict-en-cz stardict-de-cz stardict-cz]) - - samba - cifs-utils - - tigervnc - freerdp - plasma5Packages.kdeconnect-kde - - hdparm - ethtool - multipath-tools - usb-modeswitch - v4l-utils - - # Calculating - python3Packages.numpy - python3Packages.sympy - python3Packages.matplotlib - - # Creation - simple-scan - audacity - gimp - inkscape - blender - kdenlive - - # GStreamer - gst_all_1.gst-libav - gst_all_1.gst-plugins-bad - gst_all_1.gst-plugins-base - gst_all_1.gst-plugins-good - gst_all_1.gst-plugins-ugly - gst_all_1.gst-plugins-viperfx - - # Writing - texlive.combined.scheme-full - vale - - # Gnome utils - gnome-firmware - gaphor - - # CAD - freecad - kicad - sweethome3d.application - qelectrotech - ] - ++ (optionals cnf.laptop [ - # Power management - powertop - acpi - ]); + programs.sway = { + enable = true; + wrapperFeatures.gtk = true; + extraPackages = with pkgs; + [ + gnome.dconf-editor + glib + gsettings-desktop-schemas + i3blocks + sysstat + wofi + rofimoji + wev + swaybackground + myswaylock + + alacritty + + kanshi + wdisplays + wayvnc + wl-mirror + slurp + grim + wf-recorder + wl-clipboard + wl-color-picker + swayidle + dunst + libnotify + + isync + msmtp + notmuch + astroid + taskwarrior + vdirsyncer + khal + khard + gnupg + pinentry-gnome + pinentry-curses + (pass.withExtensions (exts: [ + exts.pass-otp + exts.pass-audit + ])) + + chromium + ferdium + signal-desktop + libreoffice + mupdf + zathura + pdfgrep + + xdg-utils + xdg-launch + mesa-demos + vulkan-tools + + pulsemixer + mpd + mpc-cli + ncmpcpp + feh + shotwell + id3lib + vlc + mpv + youtube-dl + spotify + + nordic + delft-icon-theme + gnome.adwaita-icon-theme + vanilla-dmz + sound-theme-freedesktop + gucharmap + + (sdcv.withDictionaries [stardict-en-cz stardict-de-cz stardict-cz]) + + samba + cifs-utils + + tigervnc + freerdp + plasma5Packages.kdeconnect-kde + + hdparm + ethtool + multipath-tools + usb-modeswitch + v4l-utils + + # Calculating + python3Packages.numpy + python3Packages.sympy + python3Packages.matplotlib + + # Creation + simple-scan + audacity + gimp + inkscape + blender + kdenlive + + # GStreamer + gst_all_1.gst-libav + gst_all_1.gst-plugins-bad + gst_all_1.gst-plugins-base + gst_all_1.gst-plugins-good + gst_all_1.gst-plugins-ugly + gst_all_1.gst-plugins-viperfx + + # Writing + texlive.combined.scheme-full + vale + + # Gnome utils + gnome-firmware + gaphor + + # CAD + freecad + kicad + sweethome3d.application + qelectrotech + ] + ++ (optionals cnf.laptop [ + # Power management + powertop + acpi + ]); + }; programs = { vim.package = pkgs.vimHugeX; firefox.enable = true; diff --git a/nixos/modules/develop.nix b/nixos/modules/develop.nix index 6cd7645..bd8d43d 100644 --- a/nixos/modules/develop.nix +++ b/nixos/modules/develop.nix @@ -77,14 +77,8 @@ with lib; { geckodriver chromedriver - # Lua - (lua5_1.withPackages (luapkgs: - with luapkgs; [ - luacheck - ])) - - # Ansible - ansible + # Julia + julia # Qemmu qemu @@ -96,7 +90,6 @@ with lib; { tftp-hpa # Network - iperf2 iperf3 wireshark inetutils @@ -137,19 +130,17 @@ with lib; { SUBSYSTEMS=="usb", ATTRS{idVendor}=="1366", ATTRS{idProduct}=="0105", MODE:="0660", GROUP="develop", SYMLINK+="jlink_%n" ''; - virtualisation.containers = { - enable = true; - }; - virtualisation.docker = { - enable = true; - autoPrune.enable = true; - storageDriver = "btrfs"; - }; - virtualisation.lxd = { - enable = true; - recommendedSysctlSettings = true; - }; virtualisation = { + containers.enable = true; + docker = { + enable = true; + autoPrune.enable = true; + storageDriver = "btrfs"; + }; + lxd = { + enable = true; + recommendedSysctlSettings = true; + }; lxc.enable = true; libvirtd.enable = true; spiceUSBRedirection.enable = true; diff --git a/nixos/modules/home-assistant.nix b/nixos/modules/home-assistant.nix index abe8c1a..0567785 100644 --- a/nixos/modules/home-assistant.nix +++ b/nixos/modules/home-assistant.nix @@ -48,7 +48,9 @@ in { } ]; }; - networking.firewall.allowedTCPPorts = [1883]; + networking.firewall.allowedTCPPorts = [ + 1883 # Mosquitto + ]; services.bigclown = { gateway = { diff --git a/nixos/routers/router.nix b/nixos/routers/router.nix index 0139c6f..50405dc 100644 --- a/nixos/routers/router.nix +++ b/nixos/routers/router.nix @@ -1,7 +1,6 @@ { config, lib, - pkgs, ... }: with lib; let @@ -89,89 +88,89 @@ in { nameservers = ["1.1.1.1" "8.8.8.8"]; }; - services.kea = { - dhcp4 = { - enable = true; - settings = { - lease-database = { - name = "/var/lib/kea/dhcp4.leases"; - persist = true; - type = "memfile"; - }; - valid-lifetime = 4000; - renew-timer = 1000; - rebind-timer = 2000; - interfaces-config = { - interfaces = ["brlan" "brguest"]; - service-sockets-max-retries = -1; + services = { + kea = { + dhcp4 = { + enable = true; + settings = { + lease-database = { + name = "/var/lib/kea/dhcp4.leases"; + persist = true; + type = "memfile"; + }; + valid-lifetime = 4000; + renew-timer = 1000; + rebind-timer = 2000; + interfaces-config = { + interfaces = ["brlan" "brguest"]; + service-sockets-max-retries = -1; + }; + option-data = [ + { + name = "domain-name-servers"; + data = "1.1.1.1, 8.8.8.8"; + } + ]; + subnet4 = [ + { + interface = "brlan"; + subnet = "${ipv4.prefix2ip cnf.lanIP cnf.lanPrefix}/${toString cnf.lanPrefix}"; + pools = let + ip_start = ipv4.ipAdd cnf.lanIP cnf.lanPrefix cnf.dynIPStart; + ip_end = ipv4.ipAdd cnf.lanIP cnf.lanPrefix (cnf.dynIPStart + cnf.dynIPCount); + in [{pool = "${ip_start} - ${ip_end}";}]; + option-data = [ + { + name = "routers"; + data = cnf.lanIP; + } + ]; + reservations = [ + { + duid = "e4:6f:13:f3:d5:be"; + ip-address = ipv4.ipAdd cnf.lanIP cnf.lanPrefix 60; + } + ]; + } + { + interface = "brguest"; + subnet = "192.168.1.0/24"; + pools = [{pool = "192.168.1.50 - 192.168.1.254";}]; + "option-data" = [ + { + name = "routers"; + data = "192.168.1.1"; + } + ]; + } + ]; }; - option-data = [ - { - name = "domain-name-servers"; - data = "1.1.1.1, 8.8.8.8"; - } - ]; - subnet4 = [ - { - interface = "brlan"; - subnet = "${ipv4.prefix2ip cnf.lanIP cnf.lanPrefix}/${toString cnf.lanPrefix}"; - pools = let - ip_start = ipv4.ipAdd cnf.lanIP cnf.lanPrefix cnf.dynIPStart; - ip_end = ipv4.ipAdd cnf.lanIP cnf.lanPrefix (cnf.dynIPStart + cnf.dynIPCount); - in [{pool = "${ip_start} - ${ip_end}";}]; - option-data = [ - { - name = "routers"; - data = cnf.lanIP; - } - ]; - reservations = [ - { - duid = "e4:6f:13:f3:d5:be"; - ip-address = ipv4.ipAdd cnf.lanIP cnf.lanPrefix 60; - } - ]; - } - { - interface = "brguest"; - subnet = "192.168.1.0/24"; - pools = [{pool = "192.168.1.50 - 192.168.1.254";}]; - "option-data" = [ - { - name = "routers"; - data = "192.168.1.1"; - } - ]; - } - ]; }; }; + radvd = { + enable = true; + config = '' + interface brlan { + AdvSendAdvert on; + MinRtrAdvInterval 3; + MaxRtrAdvInterval 10; + prefix ::/64 { + AdvOnLink on; + AdvAutonomous on; + AdvRouterAddr on; + }; + RDNSS 2001:4860:4860::8888 2001:4860:4860::8844 { + }; + }; + ''; + }; + kresd = {enable = false;}; }; systemd.services.kea-dhcp4-server.after = [ "sys-subsystem-net-devices-brlan.device" "sys-subsystem-net-devices-brguest.device" ]; - services.radvd = { - enable = true; - config = '' - interface brlan { - AdvSendAdvert on; - MinRtrAdvInterval 3; - MaxRtrAdvInterval 10; - prefix ::/64 { - AdvOnLink on; - AdvAutonomous on; - AdvRouterAddr on; - }; - RDNSS 2001:4860:4860::8888 2001:4860:4860::8844 { - }; - }; - ''; - }; - - services.kresd = {enable = false;}; - networking.nftables.enable = true; networking.firewall = { filterForward = true; -- cgit v1.2.3