refactor tsp

makefu/1systems/tsp.nix

@@ -9,11 +9,10 @@
     [ # Include the results of the hardware scan.
       ../2configs/base.nix
       ../2configs/base-gui.nix
+      ../2configs/tp-x200.nix
+      ../2configs/sda-crypto-root.nix
     ];
   # not working in vm
-  #services.xserver = {
-  #  videoDriver = "intel";
-  #};
   krebs.build.host = config.krebs.hosts.tsp;
   krebs.build.user = config.krebs.users.makefu;
   krebs.build.target = "root@tsp";
@@ -21,18 +20,9 @@
   krebs.build.deps = {
     nixpkgs = {
       #url = https://github.com/NixOS/nixpkgs;
+      # rev=$(curl https://nixos.org/channels/nixos-unstable/git-revision -L)
       url = https://github.com/makefu/nixpkgs;
-      #rev = "4c01e6d91993b6de128795f4fbdd25f6227fb870";
-      #rev = "08275910ba86ed9bd7a2608e6a1e5285faf24cb2";
-      rev = "53d79a8074e7a4465515e67ea565dc73cbc14c5c";
-    };
-    # TODO generalize in base.nix
-    secrets = {
-      url = "/home/makefu/secrets/${config.krebs.build.host.name}";
-    };
-    # TODO generalize in base.nix
-    stockholm = {
-      url = toString ../..;
+      rev = "8b8b65da24f13f9317504e8bcba476f9161613fe";
     };
   };
 
@@ -46,40 +36,7 @@
     ];
   };
 
-  boot = {
-    #x200 specifics
-    kernelModules = [ "tp_smapi" "msr" ];
-    extraModulePackages = [ config.boot.kernelPackages.tp_smapi ];
-
-    loader.grub.enable =true;
-    loader.grub.version =2;
-    loader.grub.device = "/dev/sda";
-
-    # crypto boot
-    # TODO: use UUID
-    initrd.luks.devices = [ { name = "luksroot"; device= "/dev/sda2";}];
-    initrd.luks.cryptoModules = ["aes" "sha512" "sha1" "xts" ];
-    initrd.availableKernelModules = ["xhci_hcd" "ehci_pci" "ahci" "usb_storage" ];
-  };
-  fileSystems = {
-    "/" = {
-      device = "/dev/mapper/luksroot";
-      fsType = "ext4";
-    };
-    "/boot" = {
-      device = "/dev/disk/by-label/nixboot";
-      fsType = "ext4";
-    };
-  };
-
   # hardware specifics
-  networking.wireless.enable = true;
-
-  hardware.enableAllFirmware = true;
-  nixpkgs.config.allowUnfree = true;
-
-  # TODO: generalize to numCPU + 1
-  nix.maxJobs = 3;
 
 
   networking.firewall.rejectPackets = true;

makefu/2configs/base-gui.nix

@@ -1,31 +1,39 @@
 { config, lib, pkgs, ... }:
-
+##
+# of course this name is a lie - it prepares a GUI environment close to my
+# current configuration.
+#
+# autologin with mainUser into awesome
+##
+#
 with lib;
+let
+  mainUser = config.krebs.build.user.name;
+in
 {
   imports = [ ];
   services.xserver = {
     enable = true;
     layout = "us";
 
-# use awesome, direct boot into
-    displayManager.auto.enable = true;
-# TODO: use config.krebs.users.makefu ... or not
-    displayManager.auto.user = "makefu";
-
     windowManager = {
       awesome.enable = true;
       awesome.luaModules = [ pkgs.luaPackages.vicious ];
       default = "awesome";
     };
 
+    displayManager.auto.enable = true;
+    displayManager.auto.user = mainUser;
     desktopManager.xterm.enable = false;
-    desktopManager.default = "none";
   };
 
   security.setuidPrograms = [ "slock" ];
 
-# use pulseaudio
-  environment.systemPackages = [ pkgs.slock ];
+  environment.systemPackages = [
+    pkgs.slock
+    pkgs.rxvt_unicode-with-plugins
+  ];
+
   hardware.pulseaudio = {
     enable = true;
     systemWide = true;

makefu/2configs/base.nix

@@ -6,7 +6,7 @@ with lib;
   krebs.enable = true;
   krebs.search-domain = "retiolum";
 
-  networking.hostName = config.krebs.build.host.name;
+
   users.extraUsers = {
     root = {
         openssh.authorizedKeys.keys = [ config.krebs.users.makefu.pubkey ];
@@ -24,6 +24,18 @@ with lib;
     };
   };
 
+  networking.hostName = config.krebs.build.host.name;
+  nix.maxJobs = config.krebs.build.host.cores + 1;
+
+  krebs.build.deps = {
+    secrets = {
+      url = "/home/makefu/secrets/${config.krebs.build.host.name}";
+    };
+    stockholm = {
+      url = toString ../..;
+    };
+  };
+
   services.openssh.enable = true;
   nix.useChroot = true;
 

makefu/2configs/sda-crypto-root.nix

@@ -0,0 +1,27 @@
+{ config, lib, pkgs, ... }:
+
+# sda:  bootloader grub2
+# sda1: boot ext4 (label nixboot)
+# sda2: cryptoluks -> ext4
+with lib;
+{
+  boot = {
+    loader.grub.enable =true;
+    loader.grub.version =2;
+    loader.grub.device = "/dev/sda";
+
+    initrd.luks.devices = [ { name = "luksroot"; device= "/dev/sda2";}];
+    initrd.luks.cryptoModules = ["aes" "sha512" "sha1" "xts" ];
+    initrd.availableKernelModules = ["xhci_hcd" "ehci_pci" "ahci" "usb_storage" ];
+  };
+  fileSystems = {
+    "/" = {
+      device = "/dev/mapper/luksroot";
+      fsType = "ext4";
+    };
+    "/boot" = {
+      device = "/dev/disk/by-label/nixboot";
+      fsType = "ext4";
+    };
+  };
+}

makefu/2configs/tp-x200.nix

@@ -0,0 +1,23 @@
+{ config, lib, pkgs, ... }:
+
+with lib;
+{
+  #services.xserver = {
+  #  videoDriver = "intel";
+  #};
+
+  boot = {
+    kernelModules = [ "tp_smapi" "msr" ];
+    extraModulePackages = [ config.boot.kernelPackages.tp_smapi ];
+
+  };
+
+  networking.wireless.enable = true;
+
+  hardware.enableAllFirmware = true;
+  nixpkgs.config.allowUnfree = true;
+
+  hardware.trackpoint.enable = true;
+  hardware.trackpoint.sensitivity = 255;
+  hardware.trackpoint.speed = 255;
+}