| Commit message (Collapse) | Author | Age | Files | Lines |
... | |
|
|
|
|
|
| |
Now that my machine landscape also includes AMD, having a blanket
`thermald` service running makes no sense. All Intel-based machines now
have a `thermald` service explicitly enabled instead.
|
|
|
|
|
| |
I've been wanting to test ZFS for a while now, and since 0.8 we have
stable encryption and TRIM support for SSDs.
|
|
|
|
| |
Everything is locked down, but thankfully we have an NTP running. Phew.
|
|
|
|
| |
Otherwise keyboard-controlled volume won't work.
|
|
|
|
|
| |
Makes little sense on this machine and only provokes weird behavior
obviously. Don't know why I even put it in the first place.
|
|
|
|
|
| |
Fails some tests on hydra right now and it's not very important for me
to have at the moment.
|
| |
|
|
|
|
| |
Brainfart.
|
|
|
|
|
|
|
| |
I'm bored of the names my machines have. Luckily NixOS makes changing
names as easy as changing underwear! So, let's use Valkyrie names
instead. Also, change the console font to something nicer, like the
default `Lat2-Terminus16` font!
|
|
|
|
|
|
| |
This is a new work machine. The configuration is based off of `titan`
and `skunkworks`. I expect there to be plenty of changes in the future
as I get accustomed to it and shape it to my needs.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
I don't recall the exact model which was used for that machine, but it
was definitely one that required version 5.70.
Now I made a pull request for nixpkgs a while ago[1], which hasn't been
merged and as I didn't have the chance to test it by myself I didn't
merge that pull request yet.
Since the user asked about that printer driver again, I decided to give
version 5.70 a shot in vuizvui only and merge it upstream, once the user
reports that the driver is working.
[1]: https://github.com/NixOS/nixpkgs/pull/58399
Signed-off-by: aszlig <aszlig@nix.build>
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Generates a wireguard configuration based on
https://nixos.wiki/wiki/Wireguard and sets up the iptables firewall in
a way that only enables forwarding between `eth0` and the `wg`
interfaces.
The standard NixOS firewall configuration allows `FORWARD` between all
interfaces, and `networking.nat.enable` enables the `ip_forward` rule
in the kernel, meaning packages can suddenly hop interfaces without a
firewall that `DROP`s forwards by default.
|
| |
|
| |
|
| |
|
|
|
|
|
|
|
|
| |
I've had these packages in here disabled in case I'd ever have to get
back to them. I've not had to for, what feels like, an eternity.
Additionally to slimming the config down, removing them will also
somewhat slim down closure size since Nix will build them anyway even
though they're not actively used.
|
|
|
|
|
|
| |
The previous commit was wrong in that it was not the correct way to
include the 'light' package. According to the manual, this is the
correct way.
|
|
|
|
|
|
| |
Since the 'modesetting' driver does not work with 'xbacklight' we have
the choice of either 'light' or 'backlightctl'. For now we'll choose
'light' and see how it goes.
|
|
|
|
|
| |
The release notes for NixOS 19.03 state that the 'intel' driver has
been superseded by the 'modesetting' driver.
|
| |
|
| |
|
| |
|
| |
|
| |
|
|
|
|
|
|
|
|
| |
This machine was used for controlling the LED lighting bars at
Rockfabrik. I no longer work there and the machine has subsequently been
replaced by something else, so I don't need kzerza anymore.
Signed-off-by: aszlig <aszlig@nix.build>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
I did have a major outage this week, because I was using bcache with
writeback mode on a RAID10 backing storage. Fortunately, I was able to
recover 99.9% of the data (only the most recent stuff wasn't
recoverable), but I certainly don't want this to happen again in the
future.
While I did use bcache with hibernate and writeback, the interesting
part is that the caching device went bonkers after a "normal" shutdown
rather than a suspend/hibernate, with "normal" being "with a bunch of
kernel warnings about zswap". Also, this happened around a btrfs scrub,
so the inconsistency was all over the place.
So first of all, I'm now going with writaround mode rather than
writeback mode for the time being. Although it's slower than writeback,
the chances that I need to do such a recovery again is close to 0% with
writethrough and writearound because all writes are synchronous.
Second, this very change makes sure that whenever the machine goes to
sleep or a scrub is started, the caching is disabled and afterwards it's
re-enabled. That way we shouldn't have lots of trash on the caching
device.
Signed-off-by: aszlig <aszlig@nix.build>
|
|
|
|
|
|
|
|
| |
I had this in my local configuration.nix since a while and while it
might be annoying when this runs every month, I think it's better to do
it regularily rather than having a dying disk go unnoticed.
Signed-off-by: aszlig <aszlig@nix.build>
|
|
|
|
|
|
|
| |
This reverts commit 292099429d0bab51f0cb634c6bc5c9745c4c1383.
Well, looks like iwd ist still not ready for primetime with my
university's eduroam implementation.
|
| |
|
| |
|
| |
|
|
|
|
|
|
| |
Now, it's not yet clear if iwd will work with my uni's eduroam service
at all. Either way though, this is in preparation for the switch and
test once I'm near an eduroam access point.
|
|
|
|
|
|
|
|
| |
Since quite a while, NixOS re-uses the passphrases from earlier devices,
so there is no need anymore for such a device in order to unlock
multiple containers with the same passphrase.
Signed-off-by: aszlig <aszlig@nix.build>
|
|
|
|
|
|
|
| |
The "luksClose" subcommand for cryptsetup has been deprecated for a
while, so let's move over to "close".
Signed-off-by: aszlig <aszlig@nix.build>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Since I got a new SSD for the machine (thanks @cvdnext), I also had the
opportunity to re-create my LUKS containers to LUKS2 with Argon2 key
derivation alongside creating bcache backing devices.
The change in order to support bcache is just a matter of adding
"bcache" to availableKernelModules and we're done.
However, as the storage configuration is not a very common one, I
decided to add a test specific to that to make sure future NixOS updates
won't prevent the machine from booting.
Signed-off-by: aszlig <aszlig@nix.build>
|
|
|
|
| |
Remove unused packages and commented out stuff.
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
|
|
|
|
|
|
|
|
| |
Since alot version 0.8, Python 2.x is no longer supported and
subsequently trying to use it from pythonPackages will result in an
evaluation error.
Signed-off-by: aszlig <aszlig@nix.build>
Cc: @Profpatsch
|
|
|
|
|
|
|
|
|
|
|
|
| |
The internal SSD of the machine just died, so I reconstructed the Nix
store on the spinning rust from the machine configuration and we're now
left without the SSD.
Maybe it makes sense to still use the SSD with bcache, depending on how
failure-resilient it is, but for now, let's just remove it so we at
least have a working system.
Signed-off-by: aszlig <aszlig@nix.build>
|
|
|
|
| |
These packages are unnecessary currently.
|
|
|
|
| |
both don't exist anymore
|