about summary refs log tree commit diff
diff options
authorProfpatsch <mail@profpatsch.de>2015-08-26 22:42:55 +0200
committerProfpatsch <mail@profpatsch.de>2015-08-26 22:43:15 +0200
commit744ceb25115b59cded325dfb8b2b94fd7b7c5fec (patch)
parent10abddacd543017557644c6a7e3dea21138a015c (diff)
katara: various changes
1 files changed, 284 insertions, 198 deletions
diff --git a/machines/profpatsch/katara.nix b/machines/profpatsch/katara.nix
index 90a8d8f4..5ce1c57e 100644
--- a/machines/profpatsch/katara.nix
+++ b/machines/profpatsch/katara.nix
@@ -1,234 +1,320 @@
 { config, pkgs, lib, ... }:
-  #########
-  # Kernel
-  boot.initrd.availableKernelModules = [ "uhci_hcd" "ehci_pci" "ahci" "firewire_ohci" ];
-  boot.kernelModules = [ "kvm-intel" ];
-  # Use the GRUB 2 boot loader.
-  boot.loader.grub.enable = true;
-  boot.loader.grub.version = 2;
-  # Define on which hard drive you want to install Grub.
-  boot.loader.grub.device = "/dev/sda";
-  boot.initrd.luks.devices = [ { device = "/dev/sda2"; name = "cryptroot"; } ];
-  ###########
-  # Hardware
-  # Use this if you want the T400 wifi to work …
-  hardware.enableAllFirmware = true;
-  hardware.trackpoint = {
-    enable = true;
-    emulateWheel = true;
-    speed = 250;
-    sensitivity = 140;
-  };
+  offlineimapKeyring = pkgs.offlineimap.overrideDerivation (old: {
+    propagatedBuildInputs = old.propagatedBuildInputs
+                         ++ lib.singleton pkgs.pythonPackages.keyring;
+  });
-  fileSystems."/" = {
-    device = "/dev/dm-0";
-    fsType = "btrfs";
+  mytexlive = with pkgs; texLiveAggregationFun {
+    paths = [ texLive texLiveBeamer texLiveCMSuper ];
-  fileSystems."/boot" = {
-    device = "/dev/sda1";
-    fsType = "ext3";
+  mylyx = with pkgs; stdenv.mkDerivation rec {
+    name = "mylyx";
+    src = pkgs.lyx;
+    buildInputs = [ makeWrapper ];
+    installPhase = ''
+      mkdir -p $out/bin
+      cd $out/bin
+      ln -s ${src}/bin/lyx
+      wrapProgram $out/bin/lyx \
+        --set TEXMFDIST ${mytexlive}/texmf-dist
+    '';
-  hardware.pulseaudio.enable = true;
+in {
+  config = rec {
+    #########
+    # Kernel
-  ######
-  # Nix
-  nix.maxJobs = 2;
-  nix.binaryCaches = [ "https://hydra.nixos.org/" ];
+    boot.initrd.availableKernelModules = [ "uhci_hcd" "ehci_pci" "ahci" "firewire_ohci" ];
+    boot.kernelModules = [ "kvm-intel" ];
+    # Use the GRUB 2 boot loader.
+    boot.loader.grub.enable = true;
+    boot.loader.grub.version = 2;
+    # Define on which hard drive you want to install rub.
+    boot.loader.grub.device = "/dev/sda";
+    boot.initrd.luks.devices = [ { device = "/dev/sda2"; name = "cryptroot"; } ];
-  networking.hostName = "katara";
-  networking.networkmanager.enable = true;
-  networking.firewall = {
-    enable = true;
-    # Programmer’s dilemma
-    allowedTCPPortRanges = [
-      { from = 8000; to = 8005; }
-      { from = 8080; to = 8085; }
-    ];
-    allowedUDPPorts = [ 60001 ];
-  };
+    ###########
+    # Hardware
-  i18n = {
-    consoleFont = "lat9w-16";
-    consoleKeyMap = "us";
-    defaultLocale = "en_US.UTF-8";
-  };
+    # Use this if you want the T400 wifi to work …
+    hardware.enableAllFirmware = true;
+    hardware.trackpoint = {
+      enable = true;
+      emulateWheel = true;
+      speed = 250;
+      sensitivity = 140;
+    };
-  ###########
-  # Packages
-  environment.systemPackages = with pkgs;
-  let
-    systemPkgs = [
-      ack
-      curl
-      file
-      fish
-      git
-      mkpasswd
-      mosh
-      nix-repl
-      nmap
-      stow
-      tmux
-      vim
-      wget
-      zsh
-    ];
-    xPkgs = [
-      dmenu
-      i3lock
-      xbindkeys
-      haskellPackages.xmobar
-    ];
-    guiPkgs = [
-      gnome3.adwaita-icon-theme
-      gnome3.gnome_themes_standard
-      kde4.oxygen-icons
-    ];
-    userPrograms = [
-      chromium
-      emacs
-      gajim
-      keepassx
-      lilyterm
-    ];
-    mailPkgs = [
-      offlineimap
-      mutt-kz
-      msmtp
-      notmuch
-    ];
-    haskellPkgs = with pkgs.haskellngPackages; [
-      cabal2nix
-    ];
-  in systemPkgs ++ xPkgs ++ userPrograms ++ mailPkgs ++ haskellPkgs;
+    fileSystems."/" = {
+      device = "/dev/dm-0";
+      fsType = "btrfs";
+    };
+    fileSystems."/boot" = {
+      device = "/dev/sda1";
+      fsType = "ext3";
+    };
-  ###########
-  # Services
+    hardware.pulseaudio.enable = true;
-  # Enable the OpenSSH daemon.
-  services.openssh.enable = true;
-  # Enable CUPS to print documents.
-  services.printing.enable = true;
+    ######
+    # Nix
-  time.timeZone = "Europe/Berlin";
+    nix.maxJobs = 2;
+    nix.binaryCaches = [ "https://hydra.nixos.org/" ];
-  # locate
-  services.locate = {
-    enable = true;
-  };
+    ##########
+    # Network
+    networking.hostName = "katara";
+    networking.networkmanager.enable = true;
-  ###################
-  # Graphical System
-  # Enable the X11 windowing system.
-  services.xserver = {
-    enable = true;
-    layout = "de";
-    xkbVariant = "neo";
-    xkbOptions = "altwin:swap_alt_win";
-    serverFlagsSection = ''
-      Option "StandbyTime" "10"
-      Option "SuspendTime" "20"
-      Option "OffTime" "30"
+    networking.extraHosts = ''
+ nyx.pnetz
-    synaptics.enable = true;
-    synaptics.minSpeed = "0.5";
-    synaptics.accelFactor = "0.01";
-    videoDrivers = [ "intel" "vesa" ];
-    # otherwise xterm is enabled, creating an xterm that spawns the window manager.
-    desktopManager.xterm.enable = false;
-    windowManager.xmonad = {
+    networking.firewall = {
       enable = true;
-      enableContribAndExtras = true;
+      # Programmer’s dilemma
+      allowedTCPPortRanges = [
+        { from = 8000; to = 8005; }
+        { from = 8080; to = 8085; }
+      ];
+    };
+    i18n = {
+      consoleFont = "lat9w-16";
+      consoleKeyMap = "us";
+      defaultLocale = "en_US.UTF-8";
-    displayManager.sessionCommands =
-      ''
-      xset r rate 250 35
+    ###########
+    # Packages
+    environment.systemPackages = with pkgs;
+    let
+      systemPkgs = [
+        ack
+        atool
+        curl
+        file
+        fish
+        git
+        gnupg
+        htop
+        imagemagick
+        mkpasswd
+        mosh
+        nix-repl
+        nmap
+        stow
+        tmux
+        vim
+        wget
+        zsh
+      ];
+      xPkgs = [
+        dmenu
+        dunst
+        i3lock
+        libnotify
+        lxappearance
+        xbindkeys
+        haskellPackages.xmobar
+      ];
+      guiPkgs = [
+        gnome3.adwaita-icon-theme
+        gnome3.gnome_themes_standard
+        # kde4.oxygen-icons TODO
+      ];
+      userPrograms = [
+        audacity
+        (chromium.override { enablePepperFlash = true; })
+        dropbox-cli
+        emacs
+        feh
+        filezilla
+        gajim
+        gmpc
+        kde4.kdiff3
+        keepassx
+        libreoffice
+        lilyterm
+        # (lyx.overrideDerivation (old: { buildInputs = old.buildInputs ++ /*packages*/ lib.singleton mytexlive; }))
+        mylyx mytexlive
+        mpv
+        audacity lame
+        gmpc
+        zathura
+      ];
+      mailPkgs = [
+        offlineimapKeyring
+        mutt-with-sidebar # TODO mutt-kz
+        msmtp
+        notmuch
+      ];
+      haskellPkgs = with pkgs.haskellngPackages; [
+        cabal2nix
+      ];
+      nixPkgs = [
+        nix-prefetch-scripts
+      ];
+    in systemPkgs ++ xPkgs ++ guiPkgs ++ userPrograms ++ mailPkgs ++ haskellPkgs ++ nixPkgs;
+    ###########
+    # Services
+    # Enable the OpenSSH daemon.
+    services.openssh.enable = true;
+    # Enable CUPS to print documents.
+    services.printing = {
+      enable = true;
+      drivers = [ pkgs.gutenprint ];
+    };
+    time.timeZone = "Europe/Berlin";
+    # locate
+    services.locate = {
+      enable = true;
+    };
+    # Automount
+    services.udisks2.enable = true;
+    # Music as a Service
+    services.mpd.enable = false;
+    services.mpd.musicDirectory = pkgs.runCommand "mpd-link" {} ''
+      ln -s ${users.extraUsers.philip.home}/Downloads/music $out
+    '';
+    ###################
+    # Graphical System
+    # Enable the X11 windowing system.
+    services.xserver = {
+      enable = true;
+      layout = "de";
+      xkbVariant = "neo";
+      xkbOptions = "altwin:swap_alt_win";
+      serverFlagsSection = ''
+        Option "StandbyTime" "10"
+        Option "SuspendTime" "20"
+        Option "OffTime" "30"
+      synaptics.enable = true;
+      synaptics.minSpeed = "0.5";
+      synaptics.accelFactor = "0.01";
+      videoDrivers = [ "intel" ];
-    startGnuPGAgent = true;
-  };
+      # otherwise xterm is enabled, creating an xterm that spawns the window manager.
+      desktopManager.xterm.enable = false;
+      windowManager.xmonad = {
+        enable = true;
+        enableContribAndExtras = true;
+      };
+      displayManager.sessionCommands =
+        ''
+        #TODO add as nixpkg
+        export PATH+=":$HOME/scripts" #add utility scripts
+        xset r rate 250 35
+        set-background &
+        xbindkeys
+        nice -n19 dropbox start &
+        '';
-  fonts.enableCoreFonts = true;
-  fonts.fontconfig = {
-    defaultFonts = {
-      monospace = [ "Source Code Pro" "DejaVu Sans Mono" ];
-      sansSerif = [ "Liberation Sans" ];
+      startGnuPGAgent = true;
-    # use overkill infinality settings from old Arch installation
-    ultimate = {
-      rendering = {
-        INFINALITY_FT_FILTER_PARAMS = "08 24 36 24 08";
+    fonts.fontconfig = {
+      defaultFonts = {
+        monospace = [ "Source Code Pro" "DejaVu Sans Mono" ];
+        sansSerif = [ "Liberation Sans" ];
+      };
+      # use overkill infinality settings from old Arch installation
+      ultimate = {
+        rendering = {
+          INFINALITY_FT_FILTER_PARAMS = "08 24 36 24 08";
+        };
+        # substitutions = "combi";
-      # substitutions = "combi";
-  };
-  # redshift
-  services.redshift = {
-    enable = true;
-    latitude = "48";
-    longitude = "10";
-  };
+    fonts.enableFontDir = true;
+    fonts.fonts = with pkgs; [
+      corefonts
+      source-han-sans-japanese
+      source-han-sans-korean
+      source-han-sans-simplified-chinese
+      source-code-pro
+      dejavu_fonts
+      ubuntu_font_family
+    ];
+    # redshift
+    services.redshift = {
+      enable = true;
+      latitude = "48";
+      longitude = "10";
+    };
+    ########
+    # Users
-  ########
-  # Users
-  # Nobody wants mutable state. :)
-  users.mutableUsers = false;
-  users.extraUsers = 
-    let authKeys = ["ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDJhthfk38lzDvoI7lPqRneI0yBpZEhLDGRBpcXzpPSu+V0YlgrDix5fHhBl+EKfw4aeQNvQNuAky3pDtX+BDK1b7idbz9ZMCExy2a1kBKDVJz/onLSQxiiZMuHlAljVj9iU4uoTOxX3vB85Ok9aZtMP1rByRIWR9e81/km4HdfZTCjFVRLWfvo0s29H7l0fnbG9bb2E6kydlvjnXJnZFXX+KUM16X11lK53ilPdPJdm87VtxeSKZ7GOiBz6q7FHzEd2Zc3CnzgupQiXGSblXrlN22IY3IWfm5S/8RTeQbMLVoH0TncgCeenXH7FU/sXD79ypqQV/WaVVDYMOirsnh/ philip@nyx"];
-    in {
-      philip = rec {
-	name = "philip";
-	group = "users";
-        extraGroups = [ "wheel" "networkmanager" ];
-	uid = 1000;
-	createHome = true;
-	home = "/home/philip";
-        passwordFile = "${home}/.config/passwd";
-        # password = "test"; # in case of emergency, break glass
-	shell = "/run/current-system/sw/bin/bash";
-        openssh.authorizedKeys.keys = authKeys;
+    # Nobody wants mutable state. :)
+    users.mutableUsers = false;
+    users.extraUsers = 
+      let authKeys = ["ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDJhthfk38lzDvoI7lPqRneI0yBpZEhLDGRBpcXzpPSu+V0YlgrDix5fHhBl+EKfw4aeQNvQNuAky3pDtX+BDK1b7idbz9ZMCExy2a1kBKDVJz/onLSQxiiZMuHlAljVj9iU4uoTOxX3vB85Ok9aZtMP1rByRIWR9e81/km4HdfZTCjFVRLWfvo0s29H7l0fnbG9bb2E6kydlvjnXJnZFXX+KUM16X11lK53ilPdPJdm87VtxeSKZ7GOiBz6q7FHzEd2Zc3CnzgupQiXGSblXrlN22IY3IWfm5S/8RTeQbMLVoH0TncgCeenXH7FU/sXD79ypqQV/WaVVDYMOirsnh/ philip@nyx"];
+      in {
+        philip = rec {
+  	name = "philip";
+  	group = "users";
+          extraGroups = [ "wheel" "networkmanager" ];
+  	uid = 1000;
+  	createHome = true;
+  	home = "/home/philip";
+          passwordFile = "${home}/.config/passwd";
+          # password = "test"; # in case of emergency, break glass
+  	shell = "/run/current-system/sw/bin/bash";
+          openssh.authorizedKeys.keys = authKeys;
+      };
-  };
-  ###########
-  # Programs
+    ###########
+    # Programs
-  programs.ssh = {
-    startAgent = false; # see services.xserver.startGnuPGAgent
-    agentTimeout = "1h";
-  };
+    programs.ssh = {
+      startAgent = false; # see services.xserver.startGnuPGAgent
+      agentTimeout = "1h";
+    };
+    #######
+    # Misc
+    security.pki.certificateFiles = [ "${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt" ];
-  ########
-  # Fixes
-  # fix for emacs
-  programs.bash.promptInit = "PS1=\"# \"";
+    ########
+    # Fixes
+    # fix for emacs
+    programs.bash.promptInit = "PS1=\"# \"";
+  };