j: dirty merge again

2018-03-20 15:17:36 +01:00 · 2018-03-20 15:17:36 +01:00 · 390375cd8a
commit 390375cd8a
parent ffc294575c
4 changed files with 38 additions and 73 deletions
--- a/jeschli/1systems/bln/config.nix
+++ b/jeschli/1systems/bln/config.nix
@ -12,54 +12,25 @@
      ./hardware-configuration.nix
      # ./dcso-vpn.nix
    ];
+  # Use the systemd-boot EFI boot loader.
+  boot.loader.systemd-boot.enable = true;
+  boot.loader.efi.canTouchEfiVariables = true;

-  # Use the GRUB 2 boot loader.
-  boot.loader.grub.enable = true;
-  boot.loader.grub.version = 2;
-  # boot.loader.grub.efiSupport = true;
-  # boot.loader.grub.efiInstallAsRemovable = true;
-  # boot.loader.efi.efiSysMountPoint = "/boot/efi";
-  # Define on which hard drive you want to install Grub.
-  boot.loader.grub.device = "/dev/sda"; # or "nodev" for efi only
-  boot.loader.grub.extraEntries = ''
-    menuentry "Debian GNU/Linux, kernel 4.9.0-4-amd64" {
-      search --set=drive1 --fs-uuid f169fd32-bf96-4da0-bc34-294249ffa606
-      linux ($drive1)/vmlinuz-4.9.0-4-amd64 root=/dev/mapper/pool-debian ro
-      initrd ($drive1)/initrd.img-4.9.0-4-amd64
-    }
-  '';
-  boot.initrd.luks.devices = [
-    {
-      name = "root";
-      device = "/dev/disk/by-uuid/cba5d550-c3c8-423e-a913-14b5210bdd32";
-      preLVM = true;
-      allowDiscards = true;
-    }
-  ];
-
-  networking.hostName = lib.mkForce "BLN02NB0154"; # Define your hostname.
+  environment.shellAliases = {
+    n = "nix-shell";
+    gd = "cd /home/jeschli/go/src/gitlab.dcso.lolcat";
+    gh = "cd /home/jeschli/go/src/github.com";
+    stocki = pkgs.writeDash "deploy" ''
+      cd ~/stockholm
+      LOGNAME=jeschli exec nix-shell -I stockholm="$PWD" --run 'deploy  --system="bln"'
+    '';
+  };
+  networking.hostName = lib.mkForce "BLN02NB0232"; # Define your hostname.
  networking.networkmanager.enable = true;
-  # networking.wireless.enable = true;  # Enables wireless support via wpa_supplicant.
-
-  # Select internationalisation properties.
-  # i18n = {
-  #   consoleFont = "Lat2-Terminus16";
-  #   consoleKeyMap = "us";
-  #   defaultLocale = "en_US.UTF-8";
-  # };
-
  # Set your time zone.
  time.timeZone = "Europe/Berlin";
-
-
-  # List packages installed in system profile. To search by name, run:
-  # $ nix-env -qaP | grep wget
+  # Setup Packages
  nixpkgs.config.allowUnfree = true;
-  environment.shellAliases = { 
-    n = "nix-shell"; 
-    gd = "cd /home/markus/go/src/gitlab.dcso.lolcat"; 
-    gh = "cd /home/markus/go/src/github.com"; 
-  };
  environment.variables = { GOROOT= [ "${pkgs.go.out}/share/go" ]; };
  environment.systemPackages = with pkgs; [
  # system helper
@ -108,9 +79,6 @@
  ];


-
-  # Some programs need SUID wrappers, can be configured further or are
-  # started in user sessions.
  programs.bash.enableCompletion = true;
  programs.vim.defaultEditor = true;
  # programs.mtr.enable = true;
@ -132,33 +100,26 @@
  services.printing.drivers = [ pkgs.postscript-lexmark ];
  # Enable the X11 windowing system.
  services.xserver.enable = true;
+  services.xserver.videoDrivers = [ "nvidia" ];
  # services.xserver.xrandrHeads = [
  #  { output = "eDP1"; }
  #  { output = "DP-2-2-8"; primary = true; }
  #  { output = "DP-2-1-8"; monitorConfig = ''Option "Rotate" "left"''; }
  # ];
-  # services.xserver.layout = "us";
-  # services.xserver.xkbOptions = "eurosign:e";
-
-  # Enable touchpad support.
-  # services.xserver.libinput.enable = true;
-
-  # Enable the KDE Desktop Environment.
-#  services.xserver.displayManager.lightdm.enable = true;
  services.xserver.windowManager.xmonad.enable = true;
  services.xserver.windowManager.xmonad.enableContribAndExtras = true;
-#   services.xserver.desktopManager.gnome3.enable = true;
-  # services.xserver.displayManager.gdm.enable = true;
  services.xserver.displayManager.sddm.enable = true;
-  #services.xserver.desktopManager.plasma5.enable = true;
+#  services.xserver.desktopManager.gnome3.enable = true;
+  services.xserver.dpi = 100;
+  fonts.fontconfig.dpi = 100;
+
 #  services.xserver.displayManager.sessionCommands = ''
 #    (sleep 1 && ${pkgs.xorg.xrandr}/bin/xrandr --output VIRTUAL1 --off --output eDP1 --mode 1920x1080 --pos 5120x688 --rotate normal --output DP1 --off --output DP2-1 --mode 2560x1440 --pos 2560x328 --rotate normal --output DP2-2 --primary --mode 2560x1440 --pos 0x328 --rotate normal --output DP2-3 --off --output HDMI2 --off --output HDMI1 --off --output DP2 --off
 #'';

-  # Define a user account. Don't forget to set a password with ‘passwd’.
-  users.extraUsers.markus = {
+  users.extraUsers.jeschli = {
    isNormalUser = true;
-    extraGroups = ["docker"];
+    extraGroups = ["docker" "vboxusers"];
    uid = 1000;
  };

@ -179,7 +140,7 @@
 #    });
 #  };

-#  virtualisation.docker.enable = true;
+  virtualisation.docker.enable = true;
  

  # DCSO Certificates
@ -191,6 +152,8 @@
   (pkgs.fetchurl { url = "http://pki.dcso.de/ca/PEM/DCSOCACOMPC3G1.pem"; sha256 = "0w88qaqhwxzvdkx40kzj2gka1yi85ipppjdkxah4mscwfhlryrnk"; })
   (pkgs.fetchurl { url = "http://pki.dcso.de/ca/PEM/DCSOCAIDENC2G1.pem"; sha256 = "1z2qkyhgjvri13bvi06ynkb7mjmpcznmc9yw8chx1lnwc3cxa7kf"; })
   (pkgs.fetchurl { url = "http://pki.dcso.de/ca/PEM/DCSOCAIDENC3G1.pem"; sha256 = "0smdjjvz95n652cb45yhzdb2lr83zg52najgbzf6lm3w71f8mv7f"; })
+   # VBOX certs
+   ./services.bundled.crt
  ]; 

  hardware.bluetooth.enable = true;
--- a/jeschli/1systems/bln/hardware-configuration.nix
+++ b/jeschli/1systems/bln/hardware-configuration.nix
@ -8,27 +8,29 @@
    [ <nixpkgs/nixos/modules/installer/scan/not-detected.nix>
    ];

-  boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "usbhid" "sd_mod" "rtsx_pci_sdmmc" ];
+  boot.initrd.availableKernelModules = [ "xhci_pci" "nvme" "usb_storage" "sr_mod" "rtsx_pci_sdmmc" ];
  boot.kernelModules = [ "kvm-intel" ];
  boot.extraModulePackages = [ ];

+  boot.initrd.luks.devices.crypted.device = "/dev/disk/by-uuid/25534522-5748-4dcc-a5ca-80a3ac70f59d";
+
  fileSystems."/" =
-    { device = "/dev/disk/by-uuid/02144ea4-947d-440e-bbf9-99cab0dccf05";
+    { device = "/dev/disk/by-uuid/496c8889-96db-446d-9bac-60d4347faeac";
+      fsType = "ext4";
+    };
+
+  fileSystems."/home" =
+    { device = "/dev/disk/by-uuid/2785adf5-a99e-49d7-86d6-99f393f457ea";
      fsType = "ext4";
    };

  fileSystems."/boot" =
-    { device = "/dev/disk/by-uuid/f169fd32-bf96-4da0-bc34-294249ffa606";
-      fsType = "ext2";
-    };
-
-  fileSystems."/home" =
-    { device = "/dev/disk/by-uuid/68ef2163-7b3d-4dbb-add9-d3543ad7c738";
-      fsType = "ext4";
+    { device = "/dev/disk/by-uuid/927E-01A0";
+      fsType = "vfat";
    };

  swapDevices = [ ];

-  nix.maxJobs = lib.mkDefault 4;
+  nix.maxJobs = lib.mkDefault 8;
  powerManagement.cpuFreqGovernor = "powersave";
 }
--- a/jeschli/2configs/virtualbox.nix
+++ b/jeschli/2configs/virtualbox.nix
@ -1,7 +1,7 @@
 { config, pkgs, ... }:

 let
-  mainUser = config.users.extraUsers.markus;
+  mainUser = config.users.extraUsers.jeschli;

 in {
  #services.virtualboxHost.enable = true;
--- a/jeschli/source.nix
+++ b/jeschli/source.nix
@ -10,7 +10,7 @@ in
      nixos-config.symlink = "stockholm/jeschli/1systems/${name}/config.nix";
      nixpkgs.git = {
        url = https://github.com/nixos/nixpkgs;
-        ref = "0653b73";
+        ref = "395fe7f";
      };
      secrets.file = getAttr builder {
        buildbot = toString <stockholm/jeschli/2configs/tests/dummy-secrets>;