From 744ceb25115b59cded325dfb8b2b94fd7b7c5fec Mon Sep 17 00:00:00 2001 From: Profpatsch Date: Wed, 26 Aug 2015 22:42:55 +0200 Subject: katara: various changes --- machines/profpatsch/katara.nix | 482 ++++++++++++++++++++++++----------------- 1 file changed, 284 insertions(+), 198 deletions(-) (limited to 'machines/profpatsch') diff --git a/machines/profpatsch/katara.nix b/machines/profpatsch/katara.nix index 90a8d8f4..5ce1c57e 100644 --- a/machines/profpatsch/katara.nix +++ b/machines/profpatsch/katara.nix @@ -1,234 +1,320 @@ { config, pkgs, lib, ... }: -{ - - ######### - # Kernel - - boot.initrd.availableKernelModules = [ "uhci_hcd" "ehci_pci" "ahci" "firewire_ohci" ]; - boot.kernelModules = [ "kvm-intel" ]; - # Use the GRUB 2 boot loader. - boot.loader.grub.enable = true; - boot.loader.grub.version = 2; - # Define on which hard drive you want to install Grub. - boot.loader.grub.device = "/dev/sda"; - boot.initrd.luks.devices = [ { device = "/dev/sda2"; name = "cryptroot"; } ]; - - - ########### - # Hardware - - # Use this if you want the T400 wifi to work … - hardware.enableAllFirmware = true; - - hardware.trackpoint = { - enable = true; - emulateWheel = true; - speed = 250; - sensitivity = 140; - }; +let + + offlineimapKeyring = pkgs.offlineimap.overrideDerivation (old: { + propagatedBuildInputs = old.propagatedBuildInputs + ++ lib.singleton pkgs.pythonPackages.keyring; + }); - fileSystems."/" = { - device = "/dev/dm-0"; - fsType = "btrfs"; + mytexlive = with pkgs; texLiveAggregationFun { + paths = [ texLive texLiveBeamer texLiveCMSuper ]; }; - fileSystems."/boot" = { - device = "/dev/sda1"; - fsType = "ext3"; + mylyx = with pkgs; stdenv.mkDerivation rec { + name = "mylyx"; + src = pkgs.lyx; + buildInputs = [ makeWrapper ]; + installPhase = '' + mkdir -p $out/bin + cd $out/bin + ln -s ${src}/bin/lyx + wrapProgram $out/bin/lyx \ + --set TEXMFDIST ${mytexlive}/texmf-dist + ''; }; - hardware.pulseaudio.enable = true; +in { + config = rec { + ######### + # Kernel - ###### - # Nix - - nix.maxJobs = 2; - nix.binaryCaches = [ "https://hydra.nixos.org/" ]; + boot.initrd.availableKernelModules = [ "uhci_hcd" "ehci_pci" "ahci" "firewire_ohci" ]; + boot.kernelModules = [ "kvm-intel" ]; + # Use the GRUB 2 boot loader. + boot.loader.grub.enable = true; + boot.loader.grub.version = 2; + # Define on which hard drive you want to install rub. + boot.loader.grub.device = "/dev/sda"; + boot.initrd.luks.devices = [ { device = "/dev/sda2"; name = "cryptroot"; } ]; - networking.hostName = "katara"; - networking.networkmanager.enable = true; - networking.firewall = { - enable = true; - # Programmer’s dilemma - allowedTCPPortRanges = [ - { from = 8000; to = 8005; } - { from = 8080; to = 8085; } - ]; - allowedUDPPorts = [ 60001 ]; - }; + ########### + # Hardware - i18n = { - consoleFont = "lat9w-16"; - consoleKeyMap = "us"; - defaultLocale = "en_US.UTF-8"; - }; + # Use this if you want the T400 wifi to work … + hardware.enableAllFirmware = true; + hardware.trackpoint = { + enable = true; + emulateWheel = true; + speed = 250; + sensitivity = 140; + }; - ########### - # Packages - - environment.systemPackages = with pkgs; - let - systemPkgs = [ - ack - curl - file - fish - git - mkpasswd - mosh - nix-repl - nmap - stow - tmux - vim - wget - zsh - ]; - xPkgs = [ - dmenu - i3lock - xbindkeys - haskellPackages.xmobar - ]; - guiPkgs = [ - gnome3.adwaita-icon-theme - gnome3.gnome_themes_standard - kde4.oxygen-icons - ]; - userPrograms = [ - chromium - emacs - gajim - keepassx - lilyterm - ]; - mailPkgs = [ - offlineimap - mutt-kz - msmtp - notmuch - ]; - haskellPkgs = with pkgs.haskellngPackages; [ - cabal2nix - ]; - in systemPkgs ++ xPkgs ++ userPrograms ++ mailPkgs ++ haskellPkgs; + fileSystems."/" = { + device = "/dev/dm-0"; + fsType = "btrfs"; + }; + fileSystems."/boot" = { + device = "/dev/sda1"; + fsType = "ext3"; + }; - ########### - # Services + hardware.pulseaudio.enable = true; - # Enable the OpenSSH daemon. - services.openssh.enable = true; - # Enable CUPS to print documents. - services.printing.enable = true; + ###### + # Nix - time.timeZone = "Europe/Berlin"; + nix.maxJobs = 2; + nix.binaryCaches = [ "https://hydra.nixos.org/" ]; - # locate - services.locate = { - enable = true; - }; + ########## + # Network + + networking.hostName = "katara"; + networking.networkmanager.enable = true; - - ################### - # Graphical System - - # Enable the X11 windowing system. - services.xserver = { - enable = true; - layout = "de"; - xkbVariant = "neo"; - xkbOptions = "altwin:swap_alt_win"; - serverFlagsSection = '' - Option "StandbyTime" "10" - Option "SuspendTime" "20" - Option "OffTime" "30" + networking.extraHosts = '' + 192.168.1.10 nyx.pnetz ''; - synaptics.enable = true; - synaptics.minSpeed = "0.5"; - synaptics.accelFactor = "0.01"; - videoDrivers = [ "intel" "vesa" ]; - - # otherwise xterm is enabled, creating an xterm that spawns the window manager. - desktopManager.xterm.enable = false; - windowManager.xmonad = { + + networking.firewall = { enable = true; - enableContribAndExtras = true; + # Programmer’s dilemma + allowedTCPPortRanges = [ + { from = 8000; to = 8005; } + { from = 8080; to = 8085; } + ]; + }; + + i18n = { + consoleFont = "lat9w-16"; + consoleKeyMap = "us"; + defaultLocale = "en_US.UTF-8"; }; - displayManager.sessionCommands = - '' - xset r rate 250 35 + + + ########### + # Packages + + environment.systemPackages = with pkgs; + let + systemPkgs = [ + ack + atool + curl + file + fish + git + gnupg + htop + imagemagick + mkpasswd + mosh + nix-repl + nmap + stow + tmux + vim + wget + zsh + ]; + xPkgs = [ + dmenu + dunst + i3lock + libnotify + lxappearance + xbindkeys + haskellPackages.xmobar + ]; + guiPkgs = [ + gnome3.adwaita-icon-theme + gnome3.gnome_themes_standard + # kde4.oxygen-icons TODO + ]; + userPrograms = [ + audacity + (chromium.override { enablePepperFlash = true; }) + dropbox-cli + emacs + feh + filezilla + gajim + gmpc + kde4.kdiff3 + keepassx + libreoffice + lilyterm + # (lyx.overrideDerivation (old: { buildInputs = old.buildInputs ++ /*packages*/ lib.singleton mytexlive; })) + mylyx mytexlive + mpv + audacity lame + gmpc + zathura + ]; + mailPkgs = [ + offlineimapKeyring + mutt-with-sidebar # TODO mutt-kz + msmtp + notmuch + ]; + haskellPkgs = with pkgs.haskellngPackages; [ + cabal2nix + ]; + nixPkgs = [ + nix-prefetch-scripts + ]; + in systemPkgs ++ xPkgs ++ guiPkgs ++ userPrograms ++ mailPkgs ++ haskellPkgs ++ nixPkgs; + + + ########### + # Services + + # Enable the OpenSSH daemon. + services.openssh.enable = true; + + # Enable CUPS to print documents. + services.printing = { + enable = true; + drivers = [ pkgs.gutenprint ]; + }; + + time.timeZone = "Europe/Berlin"; + + # locate + services.locate = { + enable = true; + }; + + # Automount + services.udisks2.enable = true; + + # Music as a Service + services.mpd.enable = false; + services.mpd.musicDirectory = pkgs.runCommand "mpd-link" {} '' + ln -s ${users.extraUsers.philip.home}/Downloads/music $out + ''; + + + ################### + # Graphical System + + # Enable the X11 windowing system. + services.xserver = { + enable = true; + layout = "de"; + xkbVariant = "neo"; + xkbOptions = "altwin:swap_alt_win"; + serverFlagsSection = '' + Option "StandbyTime" "10" + Option "SuspendTime" "20" + Option "OffTime" "30" ''; + synaptics.enable = true; + synaptics.minSpeed = "0.5"; + synaptics.accelFactor = "0.01"; + videoDrivers = [ "intel" ]; - startGnuPGAgent = true; - - }; + # otherwise xterm is enabled, creating an xterm that spawns the window manager. + desktopManager.xterm.enable = false; + windowManager.xmonad = { + enable = true; + enableContribAndExtras = true; + }; + displayManager.sessionCommands = + '' + #TODO add as nixpkg + export PATH+=":$HOME/scripts" #add utility scripts + xset r rate 250 35 + set-background & + xbindkeys + nice -n19 dropbox start & + ''; - fonts.enableCoreFonts = true; - fonts.fontconfig = { - defaultFonts = { - monospace = [ "Source Code Pro" "DejaVu Sans Mono" ]; - sansSerif = [ "Liberation Sans" ]; + startGnuPGAgent = true; }; - # use overkill infinality settings from old Arch installation - ultimate = { - rendering = { - INFINALITY_FT_FILTER_PARAMS = "08 24 36 24 08"; - INFINALITY_FT_FRINGE_FILTER_STRENGTH = "25"; - INFINALITY_FT_USE_VARIOUS_TWEAKS = "true"; - INFINALITY_FT_WINDOWS_STYLE_SHARPENING_STRENGTH = "25"; - INFINALITY_FT_STEM_ALIGNMENT_STRENGTH = "15"; - INFINALITY_FT_STEM_FITTING_STRENGTH = "15"; + + fonts.fontconfig = { + defaultFonts = { + monospace = [ "Source Code Pro" "DejaVu Sans Mono" ]; + sansSerif = [ "Liberation Sans" ]; + }; + # use overkill infinality settings from old Arch installation + ultimate = { + rendering = { + INFINALITY_FT_FILTER_PARAMS = "08 24 36 24 08"; + INFINALITY_FT_FRINGE_FILTER_STRENGTH = "25"; + INFINALITY_FT_USE_VARIOUS_TWEAKS = "true"; + INFINALITY_FT_WINDOWS_STYLE_SHARPENING_STRENGTH = "25"; + INFINALITY_FT_STEM_ALIGNMENT_STRENGTH = "15"; + INFINALITY_FT_STEM_FITTING_STRENGTH = "15"; + }; + # substitutions = "combi"; }; - # substitutions = "combi"; }; - }; - - # redshift - services.redshift = { - enable = true; - latitude = "48"; - longitude = "10"; - }; + fonts.enableFontDir = true; + fonts.fonts = with pkgs; [ + corefonts + source-han-sans-japanese + source-han-sans-korean + source-han-sans-simplified-chinese + source-code-pro + dejavu_fonts + ubuntu_font_family + ]; + + # redshift + services.redshift = { + enable = true; + latitude = "48"; + longitude = "10"; + }; + + ######## + # Users - ######## - # Users - - # Nobody wants mutable state. :) - users.mutableUsers = false; - users.extraUsers = - let authKeys = ["ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDJhthfk38lzDvoI7lPqRneI0yBpZEhLDGRBpcXzpPSu+V0YlgrDix5fHhBl+EKfw4aeQNvQNuAky3pDtX+BDK1b7idbz9ZMCExy2a1kBKDVJz/onLSQxiiZMuHlAljVj9iU4uoTOxX3vB85Ok9aZtMP1rByRIWR9e81/km4HdfZTCjFVRLWfvo0s29H7l0fnbG9bb2E6kydlvjnXJnZFXX+KUM16X11lK53ilPdPJdm87VtxeSKZ7GOiBz6q7FHzEd2Zc3CnzgupQiXGSblXrlN22IY3IWfm5S/8RTeQbMLVoH0TncgCeenXH7FU/sXD79ypqQV/WaVVDYMOirsnh/ philip@nyx"]; - in { - philip = rec { - name = "philip"; - group = "users"; - extraGroups = [ "wheel" "networkmanager" ]; - uid = 1000; - createHome = true; - home = "/home/philip"; - passwordFile = "${home}/.config/passwd"; - # password = "test"; # in case of emergency, break glass - shell = "/run/current-system/sw/bin/bash"; - openssh.authorizedKeys.keys = authKeys; + # Nobody wants mutable state. :) + users.mutableUsers = false; + users.extraUsers = + let authKeys = ["ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDJhthfk38lzDvoI7lPqRneI0yBpZEhLDGRBpcXzpPSu+V0YlgrDix5fHhBl+EKfw4aeQNvQNuAky3pDtX+BDK1b7idbz9ZMCExy2a1kBKDVJz/onLSQxiiZMuHlAljVj9iU4uoTOxX3vB85Ok9aZtMP1rByRIWR9e81/km4HdfZTCjFVRLWfvo0s29H7l0fnbG9bb2E6kydlvjnXJnZFXX+KUM16X11lK53ilPdPJdm87VtxeSKZ7GOiBz6q7FHzEd2Zc3CnzgupQiXGSblXrlN22IY3IWfm5S/8RTeQbMLVoH0TncgCeenXH7FU/sXD79ypqQV/WaVVDYMOirsnh/ philip@nyx"]; + in { + philip = rec { + name = "philip"; + group = "users"; + extraGroups = [ "wheel" "networkmanager" ]; + uid = 1000; + createHome = true; + home = "/home/philip"; + passwordFile = "${home}/.config/passwd"; + # password = "test"; # in case of emergency, break glass + shell = "/run/current-system/sw/bin/bash"; + openssh.authorizedKeys.keys = authKeys; + }; }; - }; - ########### - # Programs + ########### + # Programs - programs.ssh = { - startAgent = false; # see services.xserver.startGnuPGAgent - agentTimeout = "1h"; - }; + programs.ssh = { + startAgent = false; # see services.xserver.startGnuPGAgent + agentTimeout = "1h"; + }; + + ####### + # Misc + + security.pki.certificateFiles = [ "${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt" ]; - ######## - # Fixes - - # fix for emacs - programs.bash.promptInit = "PS1=\"# \""; + ######## + # Fixes + + # fix for emacs + programs.bash.promptInit = "PS1=\"# \""; + + }; } -- cgit 1.4.1