refactor tsp
This commit is contained in:
parent
eeb7a84e98
commit
91a112c242
@ -9,11 +9,10 @@
|
||||
[ # Include the results of the hardware scan.
|
||||
../2configs/base.nix
|
||||
../2configs/base-gui.nix
|
||||
../2configs/tp-x200.nix
|
||||
../2configs/sda-crypto-root.nix
|
||||
];
|
||||
# not working in vm
|
||||
#services.xserver = {
|
||||
# videoDriver = "intel";
|
||||
#};
|
||||
krebs.build.host = config.krebs.hosts.tsp;
|
||||
krebs.build.user = config.krebs.users.makefu;
|
||||
krebs.build.target = "root@tsp";
|
||||
@ -21,18 +20,9 @@
|
||||
krebs.build.deps = {
|
||||
nixpkgs = {
|
||||
#url = https://github.com/NixOS/nixpkgs;
|
||||
# rev=$(curl https://nixos.org/channels/nixos-unstable/git-revision -L)
|
||||
url = https://github.com/makefu/nixpkgs;
|
||||
#rev = "4c01e6d91993b6de128795f4fbdd25f6227fb870";
|
||||
#rev = "08275910ba86ed9bd7a2608e6a1e5285faf24cb2";
|
||||
rev = "53d79a8074e7a4465515e67ea565dc73cbc14c5c";
|
||||
};
|
||||
# TODO generalize in base.nix
|
||||
secrets = {
|
||||
url = "/home/makefu/secrets/${config.krebs.build.host.name}";
|
||||
};
|
||||
# TODO generalize in base.nix
|
||||
stockholm = {
|
||||
url = toString ../..;
|
||||
rev = "8b8b65da24f13f9317504e8bcba476f9161613fe";
|
||||
};
|
||||
};
|
||||
|
||||
@ -46,40 +36,7 @@
|
||||
];
|
||||
};
|
||||
|
||||
boot = {
|
||||
#x200 specifics
|
||||
kernelModules = [ "tp_smapi" "msr" ];
|
||||
extraModulePackages = [ config.boot.kernelPackages.tp_smapi ];
|
||||
|
||||
loader.grub.enable =true;
|
||||
loader.grub.version =2;
|
||||
loader.grub.device = "/dev/sda";
|
||||
|
||||
# crypto boot
|
||||
# TODO: use UUID
|
||||
initrd.luks.devices = [ { name = "luksroot"; device= "/dev/sda2";}];
|
||||
initrd.luks.cryptoModules = ["aes" "sha512" "sha1" "xts" ];
|
||||
initrd.availableKernelModules = ["xhci_hcd" "ehci_pci" "ahci" "usb_storage" ];
|
||||
};
|
||||
fileSystems = {
|
||||
"/" = {
|
||||
device = "/dev/mapper/luksroot";
|
||||
fsType = "ext4";
|
||||
};
|
||||
"/boot" = {
|
||||
device = "/dev/disk/by-label/nixboot";
|
||||
fsType = "ext4";
|
||||
};
|
||||
};
|
||||
|
||||
# hardware specifics
|
||||
networking.wireless.enable = true;
|
||||
|
||||
hardware.enableAllFirmware = true;
|
||||
nixpkgs.config.allowUnfree = true;
|
||||
|
||||
# TODO: generalize to numCPU + 1
|
||||
nix.maxJobs = 3;
|
||||
|
||||
|
||||
networking.firewall.rejectPackets = true;
|
||||
|
@ -1,31 +1,39 @@
|
||||
{ config, lib, pkgs, ... }:
|
||||
|
||||
##
|
||||
# of course this name is a lie - it prepares a GUI environment close to my
|
||||
# current configuration.
|
||||
#
|
||||
# autologin with mainUser into awesome
|
||||
##
|
||||
#
|
||||
with lib;
|
||||
let
|
||||
mainUser = config.krebs.build.user.name;
|
||||
in
|
||||
{
|
||||
imports = [ ];
|
||||
services.xserver = {
|
||||
enable = true;
|
||||
layout = "us";
|
||||
|
||||
# use awesome, direct boot into
|
||||
displayManager.auto.enable = true;
|
||||
# TODO: use config.krebs.users.makefu ... or not
|
||||
displayManager.auto.user = "makefu";
|
||||
|
||||
windowManager = {
|
||||
awesome.enable = true;
|
||||
awesome.luaModules = [ pkgs.luaPackages.vicious ];
|
||||
default = "awesome";
|
||||
};
|
||||
|
||||
displayManager.auto.enable = true;
|
||||
displayManager.auto.user = mainUser;
|
||||
desktopManager.xterm.enable = false;
|
||||
desktopManager.default = "none";
|
||||
};
|
||||
|
||||
security.setuidPrograms = [ "slock" ];
|
||||
|
||||
# use pulseaudio
|
||||
environment.systemPackages = [ pkgs.slock ];
|
||||
environment.systemPackages = [
|
||||
pkgs.slock
|
||||
pkgs.rxvt_unicode-with-plugins
|
||||
];
|
||||
|
||||
hardware.pulseaudio = {
|
||||
enable = true;
|
||||
systemWide = true;
|
||||
|
@ -6,7 +6,7 @@ with lib;
|
||||
krebs.enable = true;
|
||||
krebs.search-domain = "retiolum";
|
||||
|
||||
networking.hostName = config.krebs.build.host.name;
|
||||
|
||||
users.extraUsers = {
|
||||
root = {
|
||||
openssh.authorizedKeys.keys = [ config.krebs.users.makefu.pubkey ];
|
||||
@ -24,6 +24,18 @@ with lib;
|
||||
};
|
||||
};
|
||||
|
||||
networking.hostName = config.krebs.build.host.name;
|
||||
nix.maxJobs = config.krebs.build.host.cores + 1;
|
||||
|
||||
krebs.build.deps = {
|
||||
secrets = {
|
||||
url = "/home/makefu/secrets/${config.krebs.build.host.name}";
|
||||
};
|
||||
stockholm = {
|
||||
url = toString ../..;
|
||||
};
|
||||
};
|
||||
|
||||
services.openssh.enable = true;
|
||||
nix.useChroot = true;
|
||||
|
||||
|
27
makefu/2configs/sda-crypto-root.nix
Normal file
27
makefu/2configs/sda-crypto-root.nix
Normal file
@ -0,0 +1,27 @@
|
||||
{ config, lib, pkgs, ... }:
|
||||
|
||||
# sda: bootloader grub2
|
||||
# sda1: boot ext4 (label nixboot)
|
||||
# sda2: cryptoluks -> ext4
|
||||
with lib;
|
||||
{
|
||||
boot = {
|
||||
loader.grub.enable =true;
|
||||
loader.grub.version =2;
|
||||
loader.grub.device = "/dev/sda";
|
||||
|
||||
initrd.luks.devices = [ { name = "luksroot"; device= "/dev/sda2";}];
|
||||
initrd.luks.cryptoModules = ["aes" "sha512" "sha1" "xts" ];
|
||||
initrd.availableKernelModules = ["xhci_hcd" "ehci_pci" "ahci" "usb_storage" ];
|
||||
};
|
||||
fileSystems = {
|
||||
"/" = {
|
||||
device = "/dev/mapper/luksroot";
|
||||
fsType = "ext4";
|
||||
};
|
||||
"/boot" = {
|
||||
device = "/dev/disk/by-label/nixboot";
|
||||
fsType = "ext4";
|
||||
};
|
||||
};
|
||||
}
|
23
makefu/2configs/tp-x200.nix
Normal file
23
makefu/2configs/tp-x200.nix
Normal file
@ -0,0 +1,23 @@
|
||||
{ config, lib, pkgs, ... }:
|
||||
|
||||
with lib;
|
||||
{
|
||||
#services.xserver = {
|
||||
# videoDriver = "intel";
|
||||
#};
|
||||
|
||||
boot = {
|
||||
kernelModules = [ "tp_smapi" "msr" ];
|
||||
extraModulePackages = [ config.boot.kernelPackages.tp_smapi ];
|
||||
|
||||
};
|
||||
|
||||
networking.wireless.enable = true;
|
||||
|
||||
hardware.enableAllFirmware = true;
|
||||
nixpkgs.config.allowUnfree = true;
|
||||
|
||||
hardware.trackpoint.enable = true;
|
||||
hardware.trackpoint.sensitivity = 255;
|
||||
hardware.trackpoint.speed = 255;
|
||||
}
|
Loading…
Reference in New Issue
Block a user