Merge branch 'master' of prism.r:stockholm
This commit is contained in:
commit
cd4f0290ed
84
krebs/3modules/external/default.nix
vendored
84
krebs/3modules/external/default.nix
vendored
@ -229,6 +229,90 @@ in {
|
||||
};
|
||||
};
|
||||
};
|
||||
rose = {
|
||||
owner = config.krebs.users.Mic92;
|
||||
nets = rec {
|
||||
retiolum = {
|
||||
addrs = [
|
||||
config.krebs.hosts.rose.nets.retiolum.ip4.addr
|
||||
config.krebs.hosts.rose.nets.retiolum.ip6.addr
|
||||
];
|
||||
ip4.addr = "10.243.29.178";
|
||||
aliases = [ "rose.r" ];
|
||||
tinc.pubkey = ''
|
||||
-----BEGIN RSA PUBLIC KEY-----
|
||||
MIICCgKCAgEA0h88uEcgVFhggGh3xqHySt8T+oDdoSN8ve4ZPmMzrGCD4dnlWcUO
|
||||
6uMiwE7XG667wvjB0J2RbCJ8n8/r6eQgp6sRfPzSQL/Mc74J+py+sOVOjjjL5wJX
|
||||
btrYmASO3GKUSMhGmM0IiwHMIPrmUViaREDrweF3bUwK45d/ocqpBkc+nF27kksd
|
||||
DMYjHMWRIkKuQaj592zo/kY1pAJ/yAvDPess0x1CLL6uDNbjTr2S/L7JHdzZs9Xq
|
||||
1+SGdVtqD0sWgSBKA0PC/Mi+Divd4PC1SoSL7wZRWD0Y2DNgj3+xUc7hAWRCw2Gs
|
||||
5wofK+qiwnyYAmeNYcyQfDLosKZF9hOM8U3UbxptkPLsOK3cfZoGoLQCuOryVDBe
|
||||
6GfJkJ49WfuSSNWs3WPWL6/6zmVPeGR0TvoMt02VQ3cKTmeIkWyTIzSVoC7wYv5D
|
||||
Dl8Xt3aFr9UFI2GxenesViyuDLi8cy2fOsM3r+gowXQtgEKoXc9W2vyPwIIlcWUJ
|
||||
QrKVsyNlkKKL0YjsnGazaEvqdiE30/Iq7f7VBnXnWXRLnZhr85HbTdDQnpT4GcEv
|
||||
W3jpl1y5zShr5Hz90QoYcUTsxg9uk/+yqKpwUySZ6Gh4q0bo5k7nkM9i8mCMfNGZ
|
||||
0UU94QmwS9RoV4Mt4pSLYRcCs0mVeEjLuIfTFHkXc6LCjBWMn8ICfeMCAwEAAQ==
|
||||
-----END RSA PUBLIC KEY-----
|
||||
'';
|
||||
};
|
||||
};
|
||||
};
|
||||
martha = {
|
||||
owner = config.krebs.users.Mic92;
|
||||
nets = rec {
|
||||
retiolum = {
|
||||
addrs = [
|
||||
config.krebs.hosts.martha.nets.retiolum.ip4.addr
|
||||
config.krebs.hosts.martha.nets.retiolum.ip6.addr
|
||||
];
|
||||
ip4.addr = "10.243.29.179";
|
||||
aliases = [ "martha.r" ];
|
||||
tinc.pubkey = ''
|
||||
-----BEGIN RSA PUBLIC KEY-----
|
||||
MIICCgKCAgEA3lR3Wup2yd9SYs9n9a7lq/jXxlKdwjgp9gPEirLn3/XCFM7NpLIp
|
||||
LRm3Wdplv0NWim4zI3AsdGmUBrV3y0Ugj48Td4RpXlOiFjS8NHnvRbamCZF7m/pJ
|
||||
3T/QpQx98+QEKXb3gZ5aDGgcHLRbUYUBuwFOxAKaikuDe2qJxqXqOmA7RXZDkEqe
|
||||
FrQE/H1/+8HqJ1vhgZKi3Vu7zLRB1EV8nggWFjQKR8o0AeViLwM3OxFtGyKTaXuK
|
||||
WAQrvSdKQDpQwqAPogyeftGesOfW7z0xrelkux10p42YM9epYvZDFRG97/nupw/S
|
||||
iYGiTTFDBDTzpyT3zl1uwhmQ3re/nJXf5e4fgnZEcsweU8ysHtDhbimqrm9impVn
|
||||
XdKnnuNa9F8VlyHCT2pVC9+WDKDNtA2M8f+8lG8/hoJ7hhp5HhBZ3ncROyQqOg4F
|
||||
e6YtaFidi+fYXjQkdUXHv5FCkqFJnoxZdI2vwqU2DumltG/o+qsksI2WSsLsuMVs
|
||||
sa4KUq0+5OsmCJnIAKWV2YwbLVf1tJMjPGA0jQECrHPL6SKobRefqav6MPuTbytC
|
||||
4frtEIGbfdKqQ6nNTvTpCrAo+WAm3NE3khTYqGe4LqX/JMoGtWXp/Ex9IdG+sflM
|
||||
mESMjuHp9vPY4aZGPtYPP93Cxv3q7gm+EfIGebajISpaG28J+XjiNNsCAwEAAQ==
|
||||
-----END RSA PUBLIC KEY-----
|
||||
'';
|
||||
};
|
||||
};
|
||||
};
|
||||
donna = {
|
||||
owner = config.krebs.users.Mic92;
|
||||
nets = rec {
|
||||
retiolum = {
|
||||
addrs = [
|
||||
config.krebs.hosts.donna.nets.retiolum.ip4.addr
|
||||
config.krebs.hosts.donna.nets.retiolum.ip6.addr
|
||||
];
|
||||
ip4.addr = "10.243.29.180";
|
||||
aliases = [ "donna.r" ];
|
||||
tinc.pubkey = ''
|
||||
-----BEGIN RSA PUBLIC KEY-----
|
||||
MIICCgKCAgEAnv5zVPwjHk5Q72D3tv2rlQkp7SOsZD7Wvz8l1yI/mWkxoriJ9MVa
|
||||
x8RziSB3KF8sF1lRWIKmuynkgLI3w0X/YFs/fAvtayxk6Qf8DOl23Vd8Is0h/i3I
|
||||
0fCmCEIHhHboKsREW6NxY7w5WAI2+SFNmGef1P7vzrAv7iLyPbo9nQ8wlrAmc+PJ
|
||||
Ao3BOf4U7kP778fhsPA4dlGtF2v9CBhygeGVI/DQR8jcvzeiPd2Dr0k/JvrVMYtf
|
||||
wJW4xUwZkIpws/yfI8b4VJOFl2X/Yw9712Z8Jvga0rR32OG4YbnggvuCMum1g94k
|
||||
YwMjaSckv1XTalvPQuf1Od96XzwL2hjPFpEK3Tdl4AitMnArgj9HNzhcRL+eGonf
|
||||
U24zk52OToHnoP3palNpodi7DziIBeXIaIMl7VMXku2ymbOUJsI6zeew+uZahJkv
|
||||
QIWjxveQ8N40BoTc8Yg6pea1AId3l4f3brtwJbQOVbb3bVQ5VcrxM9Q/TBvyADYR
|
||||
Knwszxw3uBw5Za1FMbwCPwd8/y/Ar19qGCx25xK0QnsyqZZT/cHsbBOTzh6BBWwI
|
||||
IzbYu49VO/B1rktYzZ2l2ENQy6OILXWbvFjC8Pt8f1ZZQ4A21PyNA1AdyJ/rbVj7
|
||||
awm3OnnvKSvMCXWnwHPFHjksb3qMx96Aep1cw3ZBx0sQQ41UWBoOsi8CAwEAAQ==
|
||||
-----END RSA PUBLIC KEY-----
|
||||
'';
|
||||
};
|
||||
};
|
||||
};
|
||||
inspector = {
|
||||
owner = config.krebs.users.Mic92;
|
||||
nets = rec {
|
||||
|
@ -393,6 +393,55 @@ in {
|
||||
ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJzb9BPFClubs6wSOi/ivqPFVPlowXwAxBS0jHaB29hX";
|
||||
syncthing.id = "PCDXICO-GMGWKSB-V6CYF3I-LQMZSGV-B7YBJXA-DVO7KXN-TFCSQXW-XY6WNQD";
|
||||
};
|
||||
xerxes = {
|
||||
cores = 2;
|
||||
nets = rec {
|
||||
retiolum = {
|
||||
ip4.addr = "10.243.1.3";
|
||||
ip6.addr = r6 "3";
|
||||
aliases = [
|
||||
"xerxes.r"
|
||||
];
|
||||
tinc.pubkey = ''
|
||||
-----BEGIN RSA PUBLIC KEY-----
|
||||
MIIECgKCBAEArqEaK+m7WZe/9/Vbc+qx2TjkkRJ9lDgDMr1dvj98xb8/EveUME6U
|
||||
MZyAqNjLuKq3CKzJLo02ZmdFs4CT1Hj28p5IC0wLUWn53hrqdy8cCJDvIiKIv+Jk
|
||||
gItsxJyMnRtsdDbB6IFJ08D5ReGdAFJT5lqpN0DZuNC6UQRxzUK5fwKYVVzVX2+W
|
||||
/EZzEPe5XbE69V/Op2XJ2G6byg9KjOzNJyJxyjwVco7OXn1OBNp94NXoFrUO7kxb
|
||||
mTNnh3D+iB4c3qv8woLhmb+Uh/9MbXS14QrSf85ou4kfUjb5gdhjIlzz+jfA/6XO
|
||||
X4t86uv8L5IzrhSGb0TmhrIh5HhUmSKT4RdHJom0LB7EASMR2ZY9AqIG11XmXuhj
|
||||
+2b5INBZSj8Cotv5aoRXiPSaOd7bw7lklYe4ZxAU+avXot9K3/4XVLmi6Wa6Okim
|
||||
hz+MEYjW5gXY+YSUWXOR4o24jTmDjQJpdL83eKwLVAtbrE7TcVszHX6zfMoQZ5M9
|
||||
3EtOkDMxhC+WfkL+DLQAURhgcPTZoaj0cAlvpb0TELZESwTBI09jh/IBMXHBZwI4
|
||||
H1gOD5YENpf0yUbLjVu4p82Qly10y58XFnUmYay0EnEgdPOOVViovGEqTiAHMmm5
|
||||
JixtwJDz7a6Prb+owIg27/eE1/E6hpfXpU8U83qDYGkIJazLnufy32MTFE4T9fI4
|
||||
hS8icFcNlsobZp+1pB3YK4GV5BnvMwOIVXVlP8yMCRTDRWZ4oYmAZ5apD7OXyNwe
|
||||
SUP2mCNNlQCqyjRsxj5S1lZQRy1sLQztU5Sff4xYNK+5aPgJACmvSi3uaJAxBloo
|
||||
4xCCYzxhaBlvwVISJXZTq76VSPybeQ+pmSZFMleNnWOstvevLFeOoH2Is0Ioi1Fe
|
||||
vnu5r0D0VYsb746wyRooiEuOAjBmni8X/je6Vwr1gb/WZfZ23EwYpGyakJdxLNv3
|
||||
Li+LD9vUfOR80WL608sUU45tAx1RAy6QcH/YDtdClbOdK53+cQVTsYnCvDW8uGlO
|
||||
scQWgk+od3qvo6yCPO7pRlEd3nedcPSGh/KjBHao6eP+bsVERp733Vb9qrEVwmxv
|
||||
jlZ1m12V63wHVu9uMAGi9MhK+2Q/l7uLTj03OYpi4NYKL2Bu01VXfoxuauuZLdIJ
|
||||
Z3ZV+qUcjzZI0PBlGxubq6CqVFoSB7nhHUbcdPQ66WUnwoKq0cKmE7VOlJQvJ07u
|
||||
/Wsl8BIsxODVt0rTzEAx0hTd5mJCX7sCawRt+NF+1DZizl9ouebNMkNlsEAg4Ps0
|
||||
bQerZLcOmpYjGa5+lWDwJIMXVIcxwTmQR86stlP/KQm0vdOvH2ZUWTXcYvCYlHkQ
|
||||
sgVnnA2wt+7UpZnEBHy04ry+jYaSsPdYgwIDAQAB
|
||||
-----END RSA PUBLIC KEY-----
|
||||
'';
|
||||
};
|
||||
wiregrill = {
|
||||
ip6.addr = w6 "3";
|
||||
aliases = [
|
||||
"xerxes.w"
|
||||
];
|
||||
wireguard.pubkey = "UTm8B8YUVvBGqwwxAUMVFsVQFQGQ6jbcXAavZ8LxYT8=";
|
||||
};
|
||||
};
|
||||
secure = true;
|
||||
ssh.privkey.path = <secrets/ssh.id_ed25519>;
|
||||
ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIE5HyLyaIvVH0qHIQ4ciKhDiElhSqsK+uXcA6lTvL+5n";
|
||||
syncthing.id = "EA76ZHP-DF2I3CJ-NNTFEUH-YGPQK5S-T7FQ6JA-BNQQUNC-GF2YL46-CKOZCQM";
|
||||
};
|
||||
red = {
|
||||
monitoring = false;
|
||||
cores = 1;
|
||||
@ -626,7 +675,7 @@ in {
|
||||
};
|
||||
lass-xerxes = {
|
||||
mail = "lass@xerxes.r";
|
||||
pubkey = builtins.readFile ./ssh/xerxes.rsa;
|
||||
pubkey = builtins.readFile ./ssh/xerxes.ed25519;
|
||||
};
|
||||
lass-daedalus = {
|
||||
mail = "lass@daedalus.r";
|
||||
|
1
krebs/3modules/lass/ssh/xerxes.ed25519
Normal file
1
krebs/3modules/lass/ssh/xerxes.ed25519
Normal file
@ -0,0 +1 @@
|
||||
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGwCq56DGqj/kz8d8ax0xIl29jV9f3tUtDgtnCnS1b4q lass@xerxes
|
@ -1 +0,0 @@
|
||||
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAEZgGjBN0aFs6GxNwMjCvlddbN6+vb6LZuWiWWe+wbAynaGuGbae0TXCLp0/eMNy7fH8poDjpdW9M4mKbBFKOqyG8WJLCPFoQw761tjKl1hccJn0hFSkQAEGKxtfzHlAl/Mz+59yvqNg7/WNSivv41hE7btYltzRy238VQDYFv2eLM7acyxrgGo7tWOtkbpfELj5cM8Qw1j3TF9bGV5pK6IOEtaHbmalS8Iiz77syAu+6E/y6zKBTtGMHI15l6RNJ/Y7A1LM/WwuNL+9dJMYWJFVHy3/4dpaxiioHREiSawUbz9wNHknCrT6vaPCIVVcujhz9Oee1C5UiYUyyfJrFYdlzaTg7FuLNIt2hKMY6NYx1D8/Pwpq1JOsaEfK/K5ytCgaJb115mRevcaUA5s7KYNWHmmZvy08JzCgSM6ZPRtfkQIcha77wVq6DugJ+KgBz+oADQRKiaMrumOMldd0B3q4Oxb71gDTE1XLAbWJnd/0Up1H5GAtZZUUrMUslZiU/23R6SOkyEMLWQTx/KgkWcz8DZLtib5o03uZpfJDVqp2CR+sjmy4x9aa+lSaOzuZP0KRyg+mOKl0o3zL7TNAzrzSCORVBg7nOh+0SPJkDxVRkc6dVY1L3ZOfdm2P/19fhWEr5ECgVrmYYKnDPwWY1iWJlZsiEc3Mj7KB1m44ov0FJg2hiNnydImqcXTCoszp515MBmeHnpqJsqEZuWS8dAnaEiOwZaSKIO1E7lQ7CoP86+eD4yAwLq6fb2tgjHT69LgDMaIha4hMfrO2o4UDVw9OZMfnPtyatI4pxplaQDoQM1p0dej0rZ7uxL1tfoKAyT0UCdtjhxfnNs0x1gOQbML4eGbqyKuyF82eOQRgKRDqH/tParoE4SRBVi7o3s0kILRmXA3ng3n1uhEiGwPTH8JsQ9huM+XOhH8+CzQeg4yb/jCrhsDzvLaW654+ouq9G+kjwqmO4vLNs5eZxfae84rppbS2MJqK1x8rkJixvKBKEfvYJOuDNV+hXyMbToaq8qtGy7cCSq4+UDio3DsSHY0Tpt9e+yEzoOOqFQLQyq6uHv/+u9MY+VADoa4N64U3S2SXul9tE3g6hOAY0F5BYMbxQSuj59kzwghlAmbsyWN2FCmWdsfCQkkZX7wCTj20DtZB/GdVSGNgHGAoU5JZrXKca3A2Yc9hzbYjyNYr0NmQ9NUbkbaOkcYJRIUXtS2OBOHP+FoUkkqL3ieKXR07l5xJbWLzbyVUxN9Zii4Baj5xnDO/RLZPDvTUxbER/0d1orMZztL2EKmfSn4j4uhWqpi04Rg9sWH+WVLAq22EKhAuqcFEOUimjcyZWYKxcAq5Z51NJNBQB7euz55eCJUZkBUYEpNuYr0UDlmBxKB2r6ZWDeNXT7eLxBdwDHCHSqXV7qOG1vMhHtjbbxmQMnkQ4InhO9TdpaN3tj67nGmc6hhgYO4b7NvyL1/pvDPrHrR/3GzkDkwqvt3uESdVdqAJSCk6gFh9V1aGs= lass@xerxes
|
@ -36,6 +36,32 @@ in {
|
||||
};
|
||||
};
|
||||
};
|
||||
rofl = {
|
||||
nets = {
|
||||
retiolum = {
|
||||
ip4.addr = "10.243.42.43";
|
||||
aliases = [
|
||||
"rofl.r"
|
||||
];
|
||||
tinc.pubkey = ''
|
||||
-----BEGIN PUBLIC KEY-----
|
||||
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAnysdVVwxkmSroNUleYZm
|
||||
xdaIB9EdZYCo2xj3WyhsD2lWMpj51FzSH6Y052Vy1V1TCuIXIwjidpmMohBvflG8
|
||||
txKCaBGQOZbVqRgzyCDXsNisbr05ayYuHcRrXTpn5ask4HN0Vtx2uJOn8YmOxA0D
|
||||
VhyEnf8xWu+vi8dwDqRVR17QnPBYqgenzIBmAuRngvNqg6WZg+E9X2e1Dco/PMzb
|
||||
VW0AgC2+zFCl4+G7dEW7uhsI6IJLy4LsJuEN4TlvWAf7tfdFEnBzTfODW8quGdts
|
||||
1Yzah4svPNNt9F1ZhOR/1bDsfVoOjI76BgB0G+ZZPQAGV1zxgn8DXSKi/tJTLNu1
|
||||
vj/n9sUJfXMYQdTAOkABghCyEDFUspPKCffQqUXUcJbLKY9fNssGGBeanMsobUQC
|
||||
Ch9z7kIJ52JDcP/D58z9Yf62P5ENqXzeVPCcodIOey1EizOu/FH3jVo52we1M5sp
|
||||
1iM4hMc3ZINUBI9AA1nLWWlB3lBnErAXrhmMMHjcO4nO7/M0YU+EalkDB5eIhqiH
|
||||
QJx7VnOE2UZYU9Y0vVNSWfYocU12aABK98T7lr5Tde4dI1J81sk2MUZcbNHger3f
|
||||
NxpvNzOBpeC5xvq/ENCRR7MDf/59xWW5P5N7PbGprLQAi8cfdSoIEhSPz17Taq1f
|
||||
3aAAePgBsZvRQozxXZfqp58CAwEAAQ==
|
||||
-----END PUBLIC KEY-----
|
||||
'';
|
||||
};
|
||||
};
|
||||
};
|
||||
p1nk = {
|
||||
nets = {
|
||||
retiolum = {
|
||||
|
@ -1,7 +1,7 @@
|
||||
{
|
||||
"url": "https://github.com/NixOS/nixpkgs-channels",
|
||||
"rev": "d77e3bd661354ea775a8cacc97bb59ddde513c09",
|
||||
"date": "2019-06-18T23:08:17+02:00",
|
||||
"sha256": "1m82zs00n6nc0pkdpmd9amm013qxwksjfhzcm6gck3p469q7n866",
|
||||
"rev": "754763ff4ba1dd03fe3fad3a0fea36d2e39f5860",
|
||||
"date": "2019-07-05T14:34:03+02:00",
|
||||
"sha256": "10752kda1rzljlpcchi826hmbc8853vnbg9rkh7s89mxq6yjnm15",
|
||||
"fetchSubmodules": false
|
||||
}
|
||||
|
35
lass/1systems/xerxes/config.nix
Normal file
35
lass/1systems/xerxes/config.nix
Normal file
@ -0,0 +1,35 @@
|
||||
{ config, lib, pkgs, ... }:
|
||||
|
||||
{
|
||||
imports = [
|
||||
<stockholm/lass>
|
||||
|
||||
<stockholm/lass/2configs/retiolum.nix>
|
||||
<stockholm/lass/2configs/exim-retiolum.nix>
|
||||
<stockholm/lass/2configs/baseX.nix>
|
||||
<stockholm/lass/2configs/browsers.nix>
|
||||
<stockholm/lass/2configs/programs.nix>
|
||||
<stockholm/lass/2configs/network-manager.nix>
|
||||
<stockholm/lass/2configs/syncthing.nix>
|
||||
<stockholm/lass/2configs/games.nix>
|
||||
<stockholm/lass/2configs/steam.nix>
|
||||
<stockholm/lass/2configs/wine.nix>
|
||||
<stockholm/lass/2configs/fetchWallpaper.nix>
|
||||
<stockholm/lass/2configs/nfs-dl.nix>
|
||||
<stockholm/lass/2configs/pass.nix>
|
||||
<stockholm/lass/2configs/mail.nix>
|
||||
];
|
||||
|
||||
krebs.build.host = config.krebs.hosts.xerxes;
|
||||
|
||||
services.xserver = {
|
||||
displayManager.lightdm.autoLogin.enable = true;
|
||||
displayManager.lightdm.autoLogin.user = "lass";
|
||||
};
|
||||
|
||||
boot.blacklistedKernelModules = [
|
||||
"xpad"
|
||||
];
|
||||
|
||||
lass.screenlock.enable = lib.mkForce false;
|
||||
}
|
33
lass/1systems/xerxes/icarus/config.nix
Normal file
33
lass/1systems/xerxes/icarus/config.nix
Normal file
@ -0,0 +1,33 @@
|
||||
{ config, lib, pkgs, ... }:
|
||||
|
||||
{
|
||||
imports = [
|
||||
<stockholm/lass>
|
||||
|
||||
<stockholm/lass/2configs/mouse.nix>
|
||||
<stockholm/lass/2configs/retiolum.nix>
|
||||
<stockholm/lass/2configs/git.nix>
|
||||
<stockholm/lass/2configs/exim-retiolum.nix>
|
||||
<stockholm/lass/2configs/baseX.nix>
|
||||
#<stockholm/lass/2configs/browsers.nix>
|
||||
<stockholm/lass/2configs/programs.nix>
|
||||
<stockholm/lass/2configs/fetchWallpaper.nix>
|
||||
<stockholm/lass/2configs/games.nix>
|
||||
<stockholm/lass/2configs/bitcoin.nix>
|
||||
<stockholm/lass/2configs/wine.nix>
|
||||
#<stockholm/lass/2configs/blue-host.nix>
|
||||
#<stockholm/lass/2configs/xtreemfs.nix>
|
||||
<stockholm/lass/2configs/syncthing.nix>
|
||||
<stockholm/lass/2configs/nfs-dl.nix>
|
||||
#<stockholm/lass/2configs/prism-share.nix>
|
||||
<stockholm/lass/2configs/ssh-cryptsetup.nix>
|
||||
];
|
||||
|
||||
krebs.build.host = config.krebs.hosts.icarus;
|
||||
|
||||
environment.systemPackages = with pkgs; [
|
||||
macchanger
|
||||
nix-review
|
||||
];
|
||||
programs.adb.enable = true;
|
||||
}
|
25
lass/1systems/xerxes/icarus/physical.nix
Normal file
25
lass/1systems/xerxes/icarus/physical.nix
Normal file
@ -0,0 +1,25 @@
|
||||
{
|
||||
imports = [
|
||||
./config.nix
|
||||
<stockholm/lass/2configs/hw/x220.nix>
|
||||
<stockholm/lass/2configs/boot/coreboot.nix>
|
||||
];
|
||||
|
||||
fileSystems = {
|
||||
"/bku" = {
|
||||
device = "/dev/mapper/pool-bku";
|
||||
fsType = "btrfs";
|
||||
options = ["defaults" "noatime" "ssd" "compress=lzo"];
|
||||
};
|
||||
};
|
||||
|
||||
services.udev.extraRules = ''
|
||||
SUBSYSTEM=="net", ATTR{address}=="00:24:d7:f0:a0:0c", NAME="wl0"
|
||||
SUBSYSTEM=="net", ATTR{address}=="f0:de:f1:71:cb:35", NAME="et0"
|
||||
'';
|
||||
|
||||
services.thinkfan.enable = true;
|
||||
services.tlp.extraConfig = ''
|
||||
START_CHARGE_THRESH_BAT0=80
|
||||
'';
|
||||
}
|
86
lass/1systems/xerxes/physical.nix
Normal file
86
lass/1systems/xerxes/physical.nix
Normal file
@ -0,0 +1,86 @@
|
||||
{ pkgs, lib, ... }:
|
||||
{
|
||||
imports = [
|
||||
./config.nix
|
||||
<nixpkgs/nixos/modules/installer/scan/not-detected.nix>
|
||||
];
|
||||
|
||||
boot.zfs.enableUnstable = true;
|
||||
boot.loader.grub = {
|
||||
enable = true;
|
||||
device = "/dev/sda";
|
||||
efiSupport = true;
|
||||
};
|
||||
boot.loader.efi.canTouchEfiVariables = true;
|
||||
|
||||
# TODO fix touchscreen
|
||||
boot.blacklistedKernelModules = [
|
||||
"goodix"
|
||||
];
|
||||
boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "usbhid" "sd_mod" ];
|
||||
boot.initrd.kernelModules = [ ];
|
||||
boot.initrd.luks.devices.crypted.device = "/dev/sda3";
|
||||
boot.kernelModules = [ "kvm-intel" ];
|
||||
boot.extraModulePackages = [ ];
|
||||
boot.kernelParams = [
|
||||
"fbcon=rotate:1"
|
||||
"boot.shell_on_fail"
|
||||
];
|
||||
|
||||
services.xserver.displayManager.sessionCommands = ''
|
||||
(sleep 2 && ${pkgs.xorg.xrandr}/bin/xrandr --output eDP-1 --rotate right)
|
||||
(sleep 2 && ${pkgs.xorg.xinput}/bin/xinput set-prop 'Goodix Capacitive TouchScreen' 'Coordinate Transformation Matrix' 0 1 0 -1 0 1 0 0 1)
|
||||
'';
|
||||
|
||||
fileSystems."/" = {
|
||||
device = "rpool/root";
|
||||
fsType = "zfs";
|
||||
};
|
||||
|
||||
fileSystems."/home" = {
|
||||
device = "rpool/home";
|
||||
fsType = "zfs";
|
||||
};
|
||||
|
||||
fileSystems."/boot" = {
|
||||
device = "/dev/disk/by-uuid/E749-784C";
|
||||
fsType = "vfat";
|
||||
};
|
||||
|
||||
swapDevices = [ ];
|
||||
|
||||
boot.extraModprobeConfig = ''
|
||||
options zfs zfs_arc_max=1073741824
|
||||
'';
|
||||
|
||||
nix.maxJobs = lib.mkDefault 4;
|
||||
|
||||
networking.hostId = "9b0a74ac";
|
||||
networking.networkmanager.enable = true;
|
||||
|
||||
hardware.opengl.enable = true;
|
||||
|
||||
services.tlp.enable = true;
|
||||
services.tlp.extraConfig = ''
|
||||
CPU_SCALING_GOVERNOR_ON_AC=ondemand
|
||||
CPU_SCALING_GOVERNOR_ON_BAT=powersave
|
||||
CPU_MIN_PERF_ON_AC=0
|
||||
CPU_MAX_PERF_ON_AC=100
|
||||
CPU_MIN_PERF_ON_BAT=0
|
||||
CPU_MAX_PERF_ON_BAT=30
|
||||
'';
|
||||
|
||||
services.logind.extraConfig = ''
|
||||
HandlePowerKey=suspend
|
||||
IdleAction=suspend
|
||||
IdleActionSec=300
|
||||
'';
|
||||
|
||||
services.xserver.extraConfig = ''
|
||||
Section "Device"
|
||||
Identifier "Intel Graphics"
|
||||
Driver "Intel"
|
||||
Option "TearFree" "true"
|
||||
EndSection
|
||||
'';
|
||||
}
|
@ -62,6 +62,7 @@ in {
|
||||
wcalc
|
||||
wget
|
||||
xz
|
||||
zbackup
|
||||
];
|
||||
|
||||
programs.gnupg.agent = { enable = true; enableSSHSupport = true; };
|
||||
@ -71,6 +72,19 @@ in {
|
||||
services.openssh.enable = true;
|
||||
services.openssh.passwordAuthentication = false;
|
||||
|
||||
services.codimd = {
|
||||
enable = true;
|
||||
workDir = "/storage/codimd";
|
||||
configuration = {
|
||||
port = 1337;
|
||||
host = "0.0.0.0";
|
||||
db = {
|
||||
dialect = "sqlite";
|
||||
storage = "/storage/codimd/db.codimd.sqlite";
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
networking.wireless.enable = false;
|
||||
networking.networkmanager.enable = false;
|
||||
krebs.iptables.enable = true;
|
||||
|
@ -5,6 +5,7 @@ in {
|
||||
[ # Include the results of the hardware scan.
|
||||
./hardware-configuration.nix
|
||||
<stockholm/mb>
|
||||
<stockholm/mb/2configs/nvim.nix>
|
||||
];
|
||||
|
||||
krebs.build.host = config.krebs.hosts.orange;
|
||||
@ -124,15 +125,19 @@ in {
|
||||
unstable.ponyc
|
||||
unstable.sublime3
|
||||
unstable.youtube-dl
|
||||
vim
|
||||
virt-viewer
|
||||
virtmanager
|
||||
vulnix
|
||||
wcalc
|
||||
wget
|
||||
xz
|
||||
zbackup
|
||||
];
|
||||
|
||||
environment.variables = {
|
||||
EDITOR = ["nvim"];
|
||||
};
|
||||
|
||||
environment.shellAliases = {
|
||||
ll = "ls -alh";
|
||||
ls = "ls --color=tty";
|
||||
|
@ -5,6 +5,7 @@ in {
|
||||
[ # Include the results of the hardware scan.
|
||||
./hardware-configuration.nix
|
||||
<stockholm/mb>
|
||||
<stockholm/mb/2configs/nvim.nix>
|
||||
];
|
||||
|
||||
krebs.build.host = config.krebs.hosts.p1nk;
|
||||
@ -118,13 +119,13 @@ in {
|
||||
unstable.ponyc
|
||||
unstable.sublime3
|
||||
youtube-dl
|
||||
vim
|
||||
virt-viewer
|
||||
virtmanager
|
||||
vulnix
|
||||
wcalc
|
||||
wget
|
||||
xz
|
||||
zbackup
|
||||
];
|
||||
|
||||
environment.shellAliases = {
|
||||
@ -159,6 +160,7 @@ in {
|
||||
};
|
||||
};
|
||||
windowManager.ratpoison.enable = true;
|
||||
windowManager.pekwm.enable = true;
|
||||
};
|
||||
|
||||
services.openssh.enable = true;
|
||||
|
103
mb/1systems/rofl/configuration.nix
Normal file
103
mb/1systems/rofl/configuration.nix
Normal file
@ -0,0 +1,103 @@
|
||||
{ config, pkgs, callPackage, ... }: let
|
||||
unstable = import <nixpkgs-unstable> { config = { allowUnfree = true; }; };
|
||||
in {
|
||||
imports =
|
||||
[ # Include the results of the hardware scan.
|
||||
<stockholm/mb/2configs/google-compute-config.nix>
|
||||
<stockholm/mb>
|
||||
];
|
||||
|
||||
krebs.build.host = config.krebs.hosts.rofl;
|
||||
|
||||
i18n = {
|
||||
consoleFont = "Lat2-Terminus16";
|
||||
consoleKeyMap = "de";
|
||||
defaultLocale = "en_US.UTF-8";
|
||||
};
|
||||
|
||||
time.timeZone = "Europe/Berlin";
|
||||
|
||||
nixpkgs.config.allowUnfree = true;
|
||||
|
||||
environment.shellAliases = {
|
||||
ll = "ls -alh";
|
||||
ls = "ls --color=tty";
|
||||
};
|
||||
|
||||
environment.systemPackages = with pkgs; [
|
||||
curl
|
||||
fish
|
||||
git
|
||||
htop
|
||||
nmap
|
||||
ranger
|
||||
tcpdump
|
||||
tmux
|
||||
traceroute
|
||||
tree
|
||||
vim
|
||||
xz
|
||||
zbackup
|
||||
];
|
||||
|
||||
sound.enable = false;
|
||||
|
||||
services.openssh.enable = true;
|
||||
services.openssh.passwordAuthentication = false;
|
||||
|
||||
networking.wireless.enable = false;
|
||||
networking.networkmanager.enable = false;
|
||||
krebs.iptables.enable = true;
|
||||
networking.enableIPv6 = false;
|
||||
|
||||
programs.fish = {
|
||||
enable = true;
|
||||
shellInit = ''
|
||||
function ssh_agent --description 'launch the ssh-agent and add the id_rsa identity'
|
||||
if begin
|
||||
set -q SSH_AGENT_PID
|
||||
and kill -0 $SSH_AGENT_PID
|
||||
and grep -q '^ssh-agent' /proc/$SSH_AGENT_PID/cmdline
|
||||
end
|
||||
echo "ssh-agent running on pid $SSH_AGENT_PID"
|
||||
else
|
||||
eval (command ssh-agent -c | sed 's/^setenv/set -Ux/')
|
||||
end
|
||||
set -l identity $HOME/.ssh/id_rsa
|
||||
set -l fingerprint (ssh-keygen -lf $identity | awk '{print $2}')
|
||||
ssh-add -l | grep -q $fingerprint
|
||||
or ssh-add $identity
|
||||
end
|
||||
'';
|
||||
promptInit = ''
|
||||
function fish_prompt --description 'Write out the prompt'
|
||||
set -l color_cwd
|
||||
set -l suffix
|
||||
set -l nix_shell_info (
|
||||
if test "$IN_NIX_SHELL" != ""
|
||||
echo -n " <nix-shell>"
|
||||
end
|
||||
)
|
||||
switch "$USER"
|
||||
case root toor
|
||||
if set -q fish_color_cwd_root
|
||||
set color_cwd $fish_color_cwd_root
|
||||
else
|
||||
set color_cwd $fish_color_cwd
|
||||
end
|
||||
set suffix '#'
|
||||
case '*'
|
||||
set color_cwd $fish_color_cwd
|
||||
set suffix '>'
|
||||
end
|
||||
|
||||
echo -n -s "$USER" @ (set_color green) (prompt_hostname) (set_color normal) "$nix_shell_info" ' ' (set_color $color_cwd) (prompt_pwd) (set_color normal) "$suffix "
|
||||
end
|
||||
'';
|
||||
};
|
||||
|
||||
system.autoUpgrade.enable = false;
|
||||
system.autoUpgrade.channel = "https://nixos.org/channels/nixos-19.03";
|
||||
system.stateVersion = "19.03";
|
||||
|
||||
}
|
181
mb/1systems/sunsh1n3/configuration.nix
Normal file
181
mb/1systems/sunsh1n3/configuration.nix
Normal file
@ -0,0 +1,181 @@
|
||||
|
||||
{ config, pkgs, ... }: let
|
||||
unstable = import <nixpkgs-unstable> { config = { allowUnfree = true; }; };
|
||||
in {
|
||||
imports =
|
||||
[ # Include the results of the hardware scan.
|
||||
./hardware-configuration.nix
|
||||
<stockholm/mb>
|
||||
];
|
||||
|
||||
krebs.build.host = config.krebs.hosts.sunsh1n3;
|
||||
|
||||
boot.kernelPackages = pkgs.linuxPackages_latest;
|
||||
|
||||
# Use the systemd-boot EFI boot loader.
|
||||
boot.loader.systemd-boot.enable = true;
|
||||
boot.loader.efi.canTouchEfiVariables = true;
|
||||
|
||||
fileSystems."/".options = [ "noatime" "nodiratime" "discard" ];
|
||||
|
||||
boot.initrd.luks.devices = [
|
||||
{
|
||||
name = "root";
|
||||
device = "/dev/disk/by-uuid/5354ba31-c7de-4b55-8f86-a2a437dfbb21";
|
||||
preLVM = true;
|
||||
allowDiscards = true;
|
||||
}
|
||||
];
|
||||
|
||||
i18n = {
|
||||
consoleFont = "Lat2-Terminus16";
|
||||
consoleKeyMap = "de";
|
||||
defaultLocale = "en_US.UTF-8";
|
||||
};
|
||||
|
||||
time.timeZone = "Europe/Berlin";
|
||||
|
||||
nixpkgs.config.packageOverrides = super : {
|
||||
openvpn = super.openvpn.override { pkcs11Support = true; useSystemd = true ; };
|
||||
};
|
||||
|
||||
nixpkgs.config.allowUnfree = true;
|
||||
|
||||
fonts = {
|
||||
enableCoreFonts = true;
|
||||
enableGhostscriptFonts = true;
|
||||
fonts = with pkgs; [
|
||||
anonymousPro
|
||||
corefonts
|
||||
dejavu_fonts
|
||||
envypn-font
|
||||
fira
|
||||
gentium
|
||||
gohufont
|
||||
inconsolata
|
||||
liberation_ttf
|
||||
powerline-fonts
|
||||
source-code-pro
|
||||
terminus_font
|
||||
ttf_bitstream_vera
|
||||
ubuntu_font_family
|
||||
unifont
|
||||
unstable.cherry
|
||||
xorg.fontbitstream100dpi
|
||||
xorg.fontbitstream75dpi
|
||||
xorg.fontbitstreamtype1
|
||||
];
|
||||
};
|
||||
|
||||
environment.systemPackages = with pkgs; [
|
||||
wget vim git curl fish
|
||||
ag
|
||||
chromium
|
||||
firefox
|
||||
gimp
|
||||
p7zip
|
||||
htop
|
||||
mpv
|
||||
mpvc
|
||||
nmap
|
||||
ntfs3g
|
||||
keepassx2
|
||||
sshfs
|
||||
#unstable.skrooge
|
||||
skrooge
|
||||
unstable.alacritty
|
||||
tmux
|
||||
tree
|
||||
wcalc
|
||||
virtmanager
|
||||
virt-viewer
|
||||
(wine.override { wineBuild = "wineWow"; })
|
||||
xz
|
||||
zbackup
|
||||
];
|
||||
|
||||
virtualisation.libvirtd.enable = true;
|
||||
virtualisation.kvmgt.enable = true;
|
||||
|
||||
# Some programs need SUID wrappers, can be configured further or are
|
||||
# started in user sessions.
|
||||
# programs.mtr.enable = true;
|
||||
|
||||
programs.gnupg.agent = { enable = true; enableSSHSupport = true; };
|
||||
programs.dconf.enable = true;
|
||||
|
||||
# Enable the OpenSSH daemon.
|
||||
services.openssh.enable = true;
|
||||
services.openssh.passwordAuthentication = false;
|
||||
|
||||
krebs.iptables.enable = true;
|
||||
#networking.wireless.enable = true;
|
||||
networking.networkmanager.enable = true;
|
||||
networking.enableIPv6 = false;
|
||||
|
||||
# Enable sound.
|
||||
sound.enable = true;
|
||||
hardware.pulseaudio.enable = true;
|
||||
hardware.pulseaudio.support32Bit = true;
|
||||
nixpkgs.config.pulseaudio = true;
|
||||
|
||||
services.xserver.enable = true;
|
||||
services.xserver.layout = "de";
|
||||
services.xserver.xkbOptions = "nodeadkeys";
|
||||
services.xserver.libinput.enable = true;
|
||||
|
||||
# Enable the KDE Desktop Environment.
|
||||
services.xserver.displayManager.sddm.enable = true;
|
||||
services.xserver.desktopManager.plasma5.enable = true;
|
||||
|
||||
programs.fish = {
|
||||
enable = true;
|
||||
shellInit = ''
|
||||
function ssh_agent --description 'launch the ssh-agent and add the id_rsa identity'
|
||||
if begin
|
||||
set -q SSH_AGENT_PID
|
||||
and kill -0 $SSH_AGENT_PID
|
||||
and grep -q '^ssh-agent' /proc/$SSH_AGENT_PID/cmdline
|
||||
end
|
||||
echo "ssh-agent running on pid $SSH_AGENT_PID"
|
||||
else
|
||||
eval (command ssh-agent -c | sed 's/^setenv/set -Ux/')
|
||||
end
|
||||
set -l identity $HOME/.ssh/id_rsa
|
||||
set -l fingerprint (ssh-keygen -lf $identity | awk '{print $2}')
|
||||
ssh-add -l | grep -q $fingerprint
|
||||
or ssh-add $identity
|
||||
end
|
||||
'';
|
||||
promptInit = ''
|
||||
function fish_prompt --description 'Write out the prompt'
|
||||
set -l color_cwd
|
||||
set -l suffix
|
||||
set -l nix_shell_info (
|
||||
if test "$IN_NIX_SHELL" != ""
|
||||
echo -n " <nix-shell>"
|
||||
end
|
||||
)
|
||||
switch "$USER"
|
||||
case root toor
|
||||
if set -q fish_color_cwd_root
|
||||
set color_cwd $fish_color_cwd_root
|
||||
else
|
||||
set color_cwd $fish_color_cwd
|
||||
end
|
||||
set suffix '#'
|
||||
case '*'
|
||||
set color_cwd $fish_color_cwd
|
||||
set suffix '>'
|
||||
end
|
||||
|
||||
echo -n -s "$USER" @ (set_color yellow) (prompt_hostname) (set_color normal) "$nix_shell_info" ' ' (set_color $color_cwd) (prompt_pwd) (set_color normal) "$suffix "
|
||||
end
|
||||
'';
|
||||
};
|
||||
|
||||
nix.buildCores = 4;
|
||||
|
||||
system.stateVersion = "19.09";
|
||||
|
||||
}
|
29
mb/1systems/sunsh1n3/hardware-configuration.nix
Normal file
29
mb/1systems/sunsh1n3/hardware-configuration.nix
Normal file
@ -0,0 +1,29 @@
|
||||
# Do not modify this file! It was generated by ‘nixos-generate-config’
|
||||
# and may be overwritten by future invocations. Please make changes
|
||||
# to /etc/nixos/configuration.nix instead.
|
||||
{ config, lib, pkgs, ... }:
|
||||
|
||||
{
|
||||
imports =
|
||||
[ <nixpkgs/nixos/modules/installer/scan/not-detected.nix>
|
||||
];
|
||||
|
||||
boot.initrd.availableKernelModules = [ "ahci" "xhci_pci" "usb_storage" "sd_mod" "sdhci_pci" "rtsx_usb_sdmmc" ];
|
||||
boot.kernelModules = [ "kvm-intel" ];
|
||||
boot.extraModulePackages = [ ];
|
||||
|
||||
fileSystems."/" =
|
||||
{ device = "/dev/disk/by-uuid/a3257922-d2d4-45ae-87cc-cc38d32e0774";
|
||||
fsType = "ext4";
|
||||
};
|
||||
|
||||
fileSystems."/boot" =
|
||||
{ device = "/dev/disk/by-uuid/60A6-4DAB";
|
||||
fsType = "vfat";
|
||||
};
|
||||
|
||||
swapDevices = [ ];
|
||||
|
||||
nix.maxJobs = lib.mkDefault 4;
|
||||
powerManagement.cpuFreqGovernor = lib.mkDefault "powersave";
|
||||
}
|
@ -21,6 +21,29 @@ with import <stockholm/lib>;
|
||||
"video"
|
||||
"fuse"
|
||||
"wheel"
|
||||
"kvm"
|
||||
"qemu-libvirtd"
|
||||
"libvirtd"
|
||||
];
|
||||
openssh.authorizedKeys.keys = [
|
||||
config.krebs.users.mb.pubkey
|
||||
];
|
||||
};
|
||||
xo = {
|
||||
name = "xo";
|
||||
uid = 2323;
|
||||
home = "/home/xo";
|
||||
group = "users";
|
||||
createHome = true;
|
||||
shell = "/run/current-system/sw/bin/fish";
|
||||
extraGroups = [
|
||||
"audio"
|
||||
"video"
|
||||
"fuse"
|
||||
"wheel"
|
||||
"kvm"
|
||||
"qemu-libvirtd"
|
||||
"libvirtd"
|
||||
];
|
||||
openssh.authorizedKeys.keys = [
|
||||
config.krebs.users.mb.pubkey
|
||||
|
231
mb/2configs/google-compute-config.nix
Normal file
231
mb/2configs/google-compute-config.nix
Normal file
@ -0,0 +1,231 @@
|
||||
{ config, lib, pkgs, ... }:
|
||||
with lib;
|
||||
let
|
||||
gce = pkgs.google-compute-engine;
|
||||
in
|
||||
{
|
||||
imports = [
|
||||
./headless.nix
|
||||
./qemu-guest.nix
|
||||
];
|
||||
|
||||
fileSystems."/" = {
|
||||
device = "/dev/disk/by-label/nixos";
|
||||
autoResize = true;
|
||||
};
|
||||
|
||||
boot.growPartition = true;
|
||||
boot.kernelParams = [ "console=ttyS0" "panic=1" "boot.panic_on_fail" ];
|
||||
boot.initrd.kernelModules = [ "virtio_scsi" ];
|
||||
boot.kernelModules = [ "virtio_pci" "virtio_net" ];
|
||||
|
||||
# Generate a GRUB menu. Amazon's pv-grub uses this to boot our kernel/initrd.
|
||||
boot.loader.grub.device = "/dev/sda";
|
||||
boot.loader.timeout = 0;
|
||||
|
||||
# Don't put old configurations in the GRUB menu. The user has no
|
||||
# way to select them anyway.
|
||||
boot.loader.grub.configurationLimit = 0;
|
||||
|
||||
# Allow root logins only using the SSH key that the user specified
|
||||
# at instance creation time.
|
||||
#services.openssh.enable = true;
|
||||
#services.openssh.permitRootLogin = "prohibit-password";
|
||||
#services.openssh.passwordAuthentication = mkDefault false;
|
||||
|
||||
# Use GCE udev rules for dynamic disk volumes
|
||||
services.udev.packages = [ gce ];
|
||||
|
||||
# Force getting the hostname from Google Compute.
|
||||
networking.hostName = mkDefault "";
|
||||
|
||||
# Always include cryptsetup so that NixOps can use it.
|
||||
environment.systemPackages = [ pkgs.cryptsetup ];
|
||||
|
||||
# Make sure GCE image does not replace host key that NixOps sets
|
||||
environment.etc."default/instance_configs.cfg".text = lib.mkDefault ''
|
||||
[InstanceSetup]
|
||||
set_host_keys = false
|
||||
'';
|
||||
|
||||
# Rely on GCP's firewall instead
|
||||
networking.firewall.enable = mkDefault false;
|
||||
|
||||
# Configure default metadata hostnames
|
||||
networking.extraHosts = ''
|
||||
169.254.169.254 metadata.google.internal metadata
|
||||
'';
|
||||
|
||||
networking.timeServers = [ "metadata.google.internal" ];
|
||||
|
||||
networking.usePredictableInterfaceNames = false;
|
||||
|
||||
# GC has 1460 MTU
|
||||
networking.interfaces.eth0.mtu = 1460;
|
||||
|
||||
security.googleOsLogin.enable = true;
|
||||
|
||||
systemd.services.google-clock-skew-daemon = {
|
||||
description = "Google Compute Engine Clock Skew Daemon";
|
||||
after = [
|
||||
"network.target"
|
||||
"google-instance-setup.service"
|
||||
"google-network-setup.service"
|
||||
];
|
||||
requires = ["network.target"];
|
||||
wantedBy = ["multi-user.target"];
|
||||
serviceConfig = {
|
||||
Type = "simple";
|
||||
ExecStart = "${gce}/bin/google_clock_skew_daemon --debug";
|
||||
};
|
||||
};
|
||||
|
||||
systemd.services.google-instance-setup = {
|
||||
description = "Google Compute Engine Instance Setup";
|
||||
after = ["local-fs.target" "network-online.target" "network.target" "rsyslog.service"];
|
||||
before = ["sshd.service"];
|
||||
wants = ["local-fs.target" "network-online.target" "network.target"];
|
||||
wantedBy = [ "sshd.service" "multi-user.target" ];
|
||||
path = with pkgs; [ ethtool openssh ];
|
||||
serviceConfig = {
|
||||
ExecStart = "${gce}/bin/google_instance_setup --debug";
|
||||
Type = "oneshot";
|
||||
};
|
||||
};
|
||||
|
||||
systemd.services.google-network-daemon = {
|
||||
description = "Google Compute Engine Network Daemon";
|
||||
after = ["local-fs.target" "network-online.target" "network.target" "rsyslog.service" "google-instance-setup.service"];
|
||||
wants = ["local-fs.target" "network-online.target" "network.target"];
|
||||
requires = ["network.target"];
|
||||
partOf = ["network.target"];
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
path = with pkgs; [ iproute ];
|
||||
serviceConfig = {
|
||||
ExecStart = "${gce}/bin/google_network_daemon --debug";
|
||||
};
|
||||
};
|
||||
|
||||
systemd.services.google-shutdown-scripts = {
|
||||
description = "Google Compute Engine Shutdown Scripts";
|
||||
after = [
|
||||
"local-fs.target"
|
||||
"network-online.target"
|
||||
"network.target"
|
||||
"rsyslog.service"
|
||||
"systemd-resolved.service"
|
||||
"google-instance-setup.service"
|
||||
"google-network-daemon.service"
|
||||
];
|
||||
wants = [ "local-fs.target" "network-online.target" "network.target"];
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
serviceConfig = {
|
||||
ExecStart = "${pkgs.coreutils}/bin/true";
|
||||
ExecStop = "${gce}/bin/google_metadata_script_runner --debug --script-type shutdown";
|
||||
Type = "oneshot";
|
||||
RemainAfterExit = true;
|
||||
TimeoutStopSec = "infinity";
|
||||
};
|
||||
};
|
||||
|
||||
systemd.services.google-startup-scripts = {
|
||||
description = "Google Compute Engine Startup Scripts";
|
||||
after = [
|
||||
"local-fs.target"
|
||||
"network-online.target"
|
||||
"network.target"
|
||||
"rsyslog.service"
|
||||
"google-instance-setup.service"
|
||||
"google-network-daemon.service"
|
||||
];
|
||||
wants = ["local-fs.target" "network-online.target" "network.target"];
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
serviceConfig = {
|
||||
ExecStart = "${gce}/bin/google_metadata_script_runner --debug --script-type startup";
|
||||
KillMode = "process";
|
||||
Type = "oneshot";
|
||||
};
|
||||
};
|
||||
|
||||
|
||||
# Settings taken from https://github.com/GoogleCloudPlatform/compute-image-packages/blob/master/google_config/sysctl/11-gce-network-security.conf
|
||||
boot.kernel.sysctl = {
|
||||
# Turn on SYN-flood protections. Starting with 2.6.26, there is no loss
|
||||
# of TCP functionality/features under normal conditions. When flood
|
||||
# protections kick in under high unanswered-SYN load, the system
|
||||
# should remain more stable, with a trade off of some loss of TCP
|
||||
# functionality/features (e.g. TCP Window scaling).
|
||||
"net.ipv4.tcp_syncookies" = mkDefault "1";
|
||||
|
||||
# ignores source-routed packets
|
||||
"net.ipv4.conf.all.accept_source_route" = mkDefault "0";
|
||||
|
||||
# ignores source-routed packets
|
||||
"net.ipv4.conf.default.accept_source_route" = mkDefault "0";
|
||||
|
||||
# ignores ICMP redirects
|
||||
"net.ipv4.conf.all.accept_redirects" = mkDefault "0";
|
||||
|
||||
# ignores ICMP redirects
|
||||
"net.ipv4.conf.default.accept_redirects" = mkDefault "0";
|
||||
|
||||
# ignores ICMP redirects from non-GW hosts
|
||||
"net.ipv4.conf.all.secure_redirects" = mkDefault "1";
|
||||
|
||||
# ignores ICMP redirects from non-GW hosts
|
||||
"net.ipv4.conf.default.secure_redirects" = mkDefault "1";
|
||||
|
||||
# don't allow traffic between networks or act as a router
|
||||
"net.ipv4.ip_forward" = mkDefault "0";
|
||||
|
||||
# don't allow traffic between networks or act as a router
|
||||
"net.ipv4.conf.all.send_redirects" = mkDefault "0";
|
||||
|
||||
# don't allow traffic between networks or act as a router
|
||||
"net.ipv4.conf.default.send_redirects" = mkDefault "0";
|
||||
|
||||
# reverse path filtering - IP spoofing protection
|
||||
"net.ipv4.conf.all.rp_filter" = mkDefault "1";
|
||||
|
||||
# reverse path filtering - IP spoofing protection
|
||||
"net.ipv4.conf.default.rp_filter" = mkDefault "1";
|
||||
|
||||
# ignores ICMP broadcasts to avoid participating in Smurf attacks
|
||||
"net.ipv4.icmp_echo_ignore_broadcasts" = mkDefault "1";
|
||||
|
||||
# ignores bad ICMP errors
|
||||
"net.ipv4.icmp_ignore_bogus_error_responses" = mkDefault "1";
|
||||
|
||||
# logs spoofed, source-routed, and redirect packets
|
||||
"net.ipv4.conf.all.log_martians" = mkDefault "1";
|
||||
|
||||
# log spoofed, source-routed, and redirect packets
|
||||
"net.ipv4.conf.default.log_martians" = mkDefault "1";
|
||||
|
||||
# implements RFC 1337 fix
|
||||
"net.ipv4.tcp_rfc1337" = mkDefault "1";
|
||||
|
||||
# randomizes addresses of mmap base, heap, stack and VDSO page
|
||||
"kernel.randomize_va_space" = mkDefault "2";
|
||||
|
||||
# Reboot the machine soon after a kernel panic.
|
||||
"kernel.panic" = mkDefault "10";
|
||||
|
||||
## Not part of the original config
|
||||
|
||||
# provides protection from ToCToU races
|
||||
"fs.protected_hardlinks" = mkDefault "1";
|
||||
|
||||
# provides protection from ToCToU races
|
||||
"fs.protected_symlinks" = mkDefault "1";
|
||||
|
||||
# makes locating kernel addresses more difficult
|
||||
"kernel.kptr_restrict" = mkDefault "1";
|
||||
|
||||
# set ptrace protections
|
||||
"kernel.yama.ptrace_scope" = mkOverride 500 "1";
|
||||
|
||||
# set perf only available to root
|
||||
"kernel.perf_event_paranoid" = mkDefault "2";
|
||||
};
|
||||
}
|
25
mb/2configs/headless.nix
Normal file
25
mb/2configs/headless.nix
Normal file
@ -0,0 +1,25 @@
|
||||
# Common configuration for headless machines (e.g., Amazon EC2
|
||||
# instances).
|
||||
|
||||
{ lib, ... }:
|
||||
|
||||
with lib;
|
||||
|
||||
{
|
||||
boot.vesa = false;
|
||||
|
||||
# Don't start a tty on the serial consoles.
|
||||
systemd.services."serial-getty@ttyS0".enable = false;
|
||||
systemd.services."serial-getty@hvc0".enable = false;
|
||||
systemd.services."getty@tty1".enable = false;
|
||||
systemd.services."autovt@".enable = false;
|
||||
|
||||
# Since we can't manually respond to a panic, just reboot.
|
||||
boot.kernelParams = [ "panic=1" "boot.panic_on_fail" ];
|
||||
|
||||
# Don't allow emergency mode, because we don't have a console.
|
||||
systemd.enableEmergencyMode = false;
|
||||
|
||||
# Being headless, we don't need a GRUB splash image.
|
||||
boot.loader.grub.splashImage = null;
|
||||
}
|
446
mb/2configs/neovimrc
Normal file
446
mb/2configs/neovimrc
Normal file
@ -0,0 +1,446 @@
|
||||
|
||||
"*****************************************************************************
|
||||
"" Functions
|
||||
"*****************************************************************************
|
||||
|
||||
function! GetBufferList()
|
||||
redir =>buflist
|
||||
silent! ls!
|
||||
redir END
|
||||
return buflist
|
||||
endfunction
|
||||
|
||||
function! ToggleList(bufname, pfx)
|
||||
let buflist = GetBufferList()
|
||||
for bufnum in map(filter(split(buflist, '\n'), 'v:val =~ "'.a:bufname.'"'), 'str2nr(matchstr(v:val, "\\d\\+"))')
|
||||
if bufwinnr(bufnum) != -1
|
||||
exec(a:pfx.'close')
|
||||
return
|
||||
endif
|
||||
endfor
|
||||
if a:pfx == 'l' && len(getloclist(0)) == 0
|
||||
echohl ErrorMsg
|
||||
echo "Location List is Empty."
|
||||
return
|
||||
endif
|
||||
let winnr = winnr()
|
||||
exec(a:pfx.'open')
|
||||
if winnr() != winnr
|
||||
wincmd p
|
||||
endif
|
||||
endfunction
|
||||
|
||||
|
||||
"*****************************************************************************
|
||||
"" Basic Setup
|
||||
"*****************************************************************************"
|
||||
" General
|
||||
let no_buffers_menu=1
|
||||
syntax on
|
||||
set ruler
|
||||
set number
|
||||
set mousemodel=popup
|
||||
set t_Co=256
|
||||
set guioptions=egmrti
|
||||
set gfn=Monospace\ 10
|
||||
|
||||
" TODO: Testing if this works against automatically setting paste mode
|
||||
" Issue: https://github.com/neovim/neovim/issues/7994
|
||||
au InsertLeave * set nopaste
|
||||
|
||||
|
||||
" undofile - This allows you to use undos after exiting and restarting
|
||||
" This, like swap and backups, uses .vim-undo first, then ~/.vim/undo
|
||||
" :help undo-persistence
|
||||
if exists("+undofile")
|
||||
if isdirectory($HOME . '/.vim/undo') == 0
|
||||
:silent !mkdir -p ~/.vim/undo > /dev/null 2>&1
|
||||
endif
|
||||
set undodir=./.vim-undo//
|
||||
set undodir+=~/.vim/undo//
|
||||
set undofile
|
||||
endif
|
||||
|
||||
" Encoding
|
||||
set encoding=utf-8
|
||||
set fileencoding=utf-8
|
||||
set fileencodings=utf-8
|
||||
set bomb
|
||||
set binary
|
||||
|
||||
" Fix backspace indent
|
||||
set backspace=indent,eol,start
|
||||
|
||||
" Tabs. May be overriten by autocmd rules
|
||||
set tabstop=4
|
||||
set softtabstop=0
|
||||
set shiftwidth=4
|
||||
set expandtab
|
||||
|
||||
" Map leader to ,
|
||||
let mapleader=','
|
||||
|
||||
" Enable hidden buffers
|
||||
set hidden
|
||||
|
||||
" Searching
|
||||
set hlsearch
|
||||
set incsearch
|
||||
set ignorecase
|
||||
set smartcase
|
||||
|
||||
" Directories for swp files
|
||||
set nobackup
|
||||
set noswapfile
|
||||
|
||||
set fileformats=unix,dos,mac
|
||||
|
||||
" File overview
|
||||
set wildmode=list:longest,list:full
|
||||
set wildignore+=*.o,*.obj,.git,*.rbc,*.pyc,__pycache__
|
||||
|
||||
" Shell to emulate
|
||||
if exists('$SHELL')
|
||||
set shell=$SHELL
|
||||
else
|
||||
set shell=/bin/bash
|
||||
endif
|
||||
|
||||
" Set color scheme
|
||||
colorscheme molokai
|
||||
|
||||
"Show always Status bar
|
||||
set laststatus=2
|
||||
|
||||
" Use modeline overrides
|
||||
set modeline
|
||||
set modelines=10
|
||||
|
||||
" Set terminal title
|
||||
set title
|
||||
set titleold="Terminal"
|
||||
set titlestring=%F
|
||||
|
||||
" search will center on the line it's found in.
|
||||
nnoremap n nzzzv
|
||||
nnoremap N Nzzzv
|
||||
|
||||
|
||||
|
||||
"*****************************************************************************
|
||||
"" Abbreviations
|
||||
"*****************************************************************************
|
||||
" no one is really happy until you have this shortcuts
|
||||
cnoreabbrev W! w!
|
||||
cnoreabbrev Q! q!
|
||||
cnoreabbrev Qall! qall!
|
||||
cnoreabbrev Wq wq
|
||||
cnoreabbrev Wa wa
|
||||
cnoreabbrev wQ wq
|
||||
cnoreabbrev WQ wq
|
||||
cnoreabbrev W w
|
||||
cnoreabbrev Q q
|
||||
cnoreabbrev Qall qall
|
||||
|
||||
" NERDTree configuration
|
||||
let g:NERDTreeChDirMode=2
|
||||
let g:NERDTreeIgnore=['\.rbc$', '\~$', '\.pyc$', '\.db$', '\.sqlite$', '__pycache__']
|
||||
let g:NERDTreeSortOrder=['^__\.py$', '\/$', '*', '\.swp$', '\.bak$', '\~$']
|
||||
let g:NERDTreeShowBookmarks=1
|
||||
let g:nerdtree_tabs_focus_on_files=1
|
||||
let g:NERDTreeMapOpenInTabSilent = '<RightMouse>'
|
||||
let g:NERDTreeWinSize = 50
|
||||
set wildignore+=*/tmp/*,*.so,*.swp,*.zip,*.pyc,*.db,*.sqlite
|
||||
nnoremap <silent> <F1> :NERDTreeFind<CR>
|
||||
nnoremap <silent> <F2> :NERDTreeToggle<CR>
|
||||
|
||||
" open terminal emulation
|
||||
nnoremap <silent> <leader>sh :terminal<CR>:startinsert<CR>
|
||||
|
||||
"*****************************************************************************
|
||||
"" Autocmd Rules
|
||||
"*****************************************************************************
|
||||
"" The PC is fast enough, do syntax highlight syncing from start unless 200 lines
|
||||
augroup vimrc-sync-fromstart
|
||||
autocmd!
|
||||
autocmd BufEnter * :syntax sync maxlines=200
|
||||
augroup END
|
||||
|
||||
" Nasm filetype
|
||||
augroup nasm
|
||||
autocmd!
|
||||
autocmd BufRead,BufNewFile *.nasm set ft=nasm
|
||||
augroup END
|
||||
|
||||
" Binary filetype
|
||||
augroup Binary
|
||||
au!
|
||||
au BufReadPre *.bin,*.exe,*.elf let &bin=1
|
||||
au BufReadPost *.bin,*.exe,*.elf if &bin | %!xxd
|
||||
au BufReadPost *.bin,*.exe,*.elf set ft=xxd | endif
|
||||
au BufWritePre *.bin,*.exe,*.elf if &bin | %!xxd -r
|
||||
au BufWritePre *.bin,*.exe,*.elf endif
|
||||
au BufWritePost *.bin,*.exe,*.elf if &bin | %!xxd
|
||||
au BufWritePost *.bin,*.exe,*.elf set nomod | endif
|
||||
augroup END
|
||||
|
||||
" Binary filetype
|
||||
augroup fasm
|
||||
au!
|
||||
au BufReadPost *.fasm set ft=fasm
|
||||
augroup END
|
||||
|
||||
augroup deoplete-update
|
||||
autocmd!
|
||||
autocmd VimEnter * UpdateRemotePlugin
|
||||
augroup END
|
||||
|
||||
"" Remember cursor position
|
||||
augroup vimrc-remember-cursor-position
|
||||
autocmd!
|
||||
autocmd BufReadPost * if line("'\"") > 1 && line("'\"") <= line("$") | exe "normal! g`\"" | endif
|
||||
augroup END
|
||||
|
||||
"" txt
|
||||
" augroup vimrc-wrapping
|
||||
" autocmd!
|
||||
" autocmd BufRead,BufNewFile *.txt call s:setupWrapping()
|
||||
" augroup END
|
||||
|
||||
"" make/cmake
|
||||
augroup vimrc-make-cmake
|
||||
autocmd!
|
||||
autocmd FileType make setlocal noexpandtab
|
||||
autocmd BufNewFile,BufRead CMakeLists.txt setlocal filetype=cmake
|
||||
augroup END
|
||||
|
||||
set autoread
|
||||
|
||||
"*****************************************************************************
|
||||
"" Mappings
|
||||
"*****************************************************************************
|
||||
|
||||
" Split
|
||||
noremap <Leader>h :<C-u>split<CR>
|
||||
noremap <Leader>v :<C-u>vsplit<CR>
|
||||
|
||||
" Git
|
||||
noremap <Leader>ga :Gwrite<CR>
|
||||
noremap <Leader>gc :Gcommit<CR>
|
||||
noremap <Leader>gsh :Gpush<CR>
|
||||
noremap <Leader>gll :Gpull<CR>
|
||||
noremap <Leader>gs :Gstatus<CR>
|
||||
noremap <Leader>gb :Gblame<CR>
|
||||
noremap <Leader>gd :Gvdiff<CR>
|
||||
noremap <Leader>gr :Gremove<CR>
|
||||
|
||||
" Tabs
|
||||
nnoremap <Tab> gt
|
||||
nnoremap <S-Tab> gT
|
||||
nnoremap <silent> <S-t> :tabnew<CR>
|
||||
|
||||
" Set working directory
|
||||
nnoremap <leader>. :lcd %:p:h<CR>
|
||||
|
||||
" Opens an edit command with the path of the currently edited file filled in
|
||||
noremap <Leader>e :e <C-R>=expand("%:p:h") . "/" <CR>
|
||||
|
||||
" Opens a tab edit command with the path of the currently edited file filled
|
||||
noremap <Leader>te :tabe <C-R>=expand("%:p:h") . "/" <CR>
|
||||
|
||||
" Tagbar
|
||||
nmap <silent> <F3> :TagbarToggle<CR>
|
||||
let g:tagbar_autofocus = 1
|
||||
|
||||
" Copy/Paste/Cut
|
||||
set clipboard^=unnamed,unnamedplus
|
||||
|
||||
noremap YY "+y<CR>
|
||||
noremap <leader>p "+gP<CR>
|
||||
noremap XX "+x<CR>
|
||||
|
||||
" Enable mouse for vim
|
||||
set mouse=a
|
||||
|
||||
" Buffer nav
|
||||
noremap <leader>z :bp<CR>
|
||||
noremap <leader>q :bp<CR>
|
||||
noremap <leader>x :bn<CR>
|
||||
noremap <leader>w :bn<CR>
|
||||
|
||||
" Close buffer
|
||||
noremap <leader>c :bd<CR>
|
||||
|
||||
" Clean search (highlight)
|
||||
nnoremap <silent> <leader><space> :noh<cr>
|
||||
|
||||
" Switching windows
|
||||
noremap <C-j> <C-w>j
|
||||
noremap <C-k> <C-w>k
|
||||
noremap <C-l> <C-w>l
|
||||
noremap <C-h> <C-w>h
|
||||
|
||||
" Vmap for maintain Visual Mode after shifting > and <
|
||||
vmap < <gv
|
||||
vmap > >gv
|
||||
|
||||
" Move visual block
|
||||
vnoremap J :m '>+1<CR>gv=gv
|
||||
vnoremap K :m '<-2<CR>gv=gv
|
||||
|
||||
" Open current line on GitHub
|
||||
nnoremap <Leader>o :.Gbrowse<CR>
|
||||
|
||||
|
||||
" Save on strg+s if not in paste mode
|
||||
nmap <c-s> :w<CR>
|
||||
vmap <c-s> <Esc><c-s>gv
|
||||
imap <c-s> <Esc><c-s>
|
||||
|
||||
" Quit on strg+q in normal mode
|
||||
nnoremap <c-q> :q<cr>
|
||||
|
||||
" Strg+d to replace word under cursor
|
||||
nnoremap <c-d> :%s/\<<C-r><C-w>\>//g<Left><Left>
|
||||
|
||||
" Strg+f ro find word under cursor
|
||||
nnoremap <c-f> :/<C-r><C-w><Left><Left>
|
||||
|
||||
" Remove unneccessary spaces
|
||||
nnoremap <silent> <F5> :let _s=@/ <Bar> :%s/\s\+$//e <Bar> :let @/=_s <Bar> :nohl <Bar> :unlet _s <CR>
|
||||
|
||||
" Reindent whole file with F6
|
||||
map <F6> mzgg=G`z
|
||||
|
||||
" Toggle location list
|
||||
nmap <silent> <F4> :call ToggleList("Quickfix List", 'c')<CR>
|
||||
|
||||
" Replacing text in visual mode doesn't copy it anymore
|
||||
xmap p <Plug>ReplaceWithRegisterVisual
|
||||
xmap <MiddleMouse> <Plug>ReplaceWithRegisterVisual
|
||||
|
||||
" ALE mappings
|
||||
nmap <Leader>i <Plug>(ale_hover)
|
||||
nmap <Leader>d <Plug>(ale_go_to_definition_in_tab)
|
||||
nmap <Leader>rf <Plug>(ale_find_references)
|
||||
nmap <silent><F7> <Plug>(ale_fix)
|
||||
|
||||
" Vim-Go mappings
|
||||
au FileType go nmap <Leader>i :GoDoc<cr>
|
||||
au FileType go nmap <Leader>d :GoDef<cr>
|
||||
au FileType go nmap <Leader>rf :GoReferrers<cr>
|
||||
|
||||
|
||||
"" Opens an edit command with the path of the currently edited file filled in
|
||||
noremap <Leader>e :e <C-R>=expand("%:p:h") . "/" <CR>
|
||||
|
||||
" Use tab for navigatin in autocompletion window
|
||||
inoremap <expr> <Tab> pumvisible() ? "\<C-n>" : "\<Tab>"
|
||||
inoremap <expr> <S-Tab> pumvisible() ? "\<C-p>" : "\<S-Tab>"
|
||||
|
||||
|
||||
"*****************************************************************************
|
||||
"" Plugin settings
|
||||
"*****************************************************************************
|
||||
|
||||
" vim-airline
|
||||
set statusline+=%{fugitive#statusline()}
|
||||
let g:airline_theme = 'powerlineish'
|
||||
let g:airline#extensions#syntastic#enabled = 1
|
||||
let g:airline#extensions#branch#enabled = 1
|
||||
let g:airline#extensions#tabline#enabled = 1
|
||||
let g:airline#extensions#tagbar#enabled = 1
|
||||
let g:airline_skip_empty_sections = 1
|
||||
let g:airline#extensions#ale#enabled = 1
|
||||
|
||||
" show indent lines
|
||||
let g:indent_guides_enable_on_vim_startup = 1
|
||||
let g:indent_guides_auto_colors = 0
|
||||
hi IndentGuidesOdd ctermbg=235
|
||||
hi IndentGuidesEven ctermbg=235
|
||||
let g:indent_guides_guide_size = 1
|
||||
let g:indent_guides_start_level = 2
|
||||
|
||||
" Enable autocompletion
|
||||
let g:deoplete#enable_at_startup = 1
|
||||
set completeopt-=preview
|
||||
|
||||
" Ale no preview on hover
|
||||
let g:ale_close_preview_on_insert = 0
|
||||
let g:ale_cursor_detail = 0
|
||||
|
||||
" Ale skip if file size over 2G
|
||||
let g:ale_maximum_file_size = "2147483648"
|
||||
|
||||
" Ale to loclist and quickfix
|
||||
let g:ale_set_quickfix = 1
|
||||
" let g:ale_set_loclist = 1
|
||||
|
||||
|
||||
" Ale language server
|
||||
let g:ale_linters = {
|
||||
\ 'python': ['pyls'],
|
||||
\ 'c': ['cquery'],
|
||||
\ 'cpp': ['cquery'],
|
||||
\ 'xml': ['xmllint']
|
||||
\ }
|
||||
|
||||
|
||||
" ALE fixers
|
||||
let g:ale_fixers = { '*': ['remove_trailing_lines', 'trim_whitespace'] }
|
||||
let g:ale_fixers.python = ['black']
|
||||
let g:ale_fixers.go = ['gofmt']
|
||||
let g:ale_fixers.c = ['clang-format']
|
||||
let g:ale_fixers.cpp = ['clang-format']
|
||||
let g:ale_fixers.json = ['jq']
|
||||
let g:ale_fixers.xml = ['xmllint']
|
||||
|
||||
let g:ale_completion_enabled = 1
|
||||
let g:ale_sign_error = '⤫'
|
||||
let g:ale_sign_warning = '⚠'
|
||||
let g:ale_lint_on_insert_leave = 1
|
||||
|
||||
" Vim-Go Settings
|
||||
let g:go_auto_sameids = 1
|
||||
let g:go_fmt_command = "goimports"
|
||||
let g:go_auto_type_info = 1
|
||||
|
||||
" Disable syntastic for langserver supported languages
|
||||
let g:syntastic_mode_map = {
|
||||
\ "mode": "active",
|
||||
\ "passive_filetypes": ["go", "python", "c", "cpp", "xml" ]
|
||||
\ }
|
||||
let g:syntastic_always_populate_loc_list = 1
|
||||
let g:syntastic_auto_loc_list = 2
|
||||
let g:syntastic_aggregate_errors = 1
|
||||
let g:syntastic_check_on_open = 1
|
||||
let g:syntastic_check_on_wq = 0
|
||||
let g:syntastic_error_symbol='✗'
|
||||
let g:syntastic_warning_symbol='⚠'
|
||||
let g:syntastic_style_error_symbol = '✗'
|
||||
let g:syntastic_style_warning_symbol = '⚠'
|
||||
|
||||
"*****************************************************************************
|
||||
"" Shortcuts overview
|
||||
"*****************************************************************************
|
||||
" Shortcuts overview
|
||||
" F1 --> Filetree find
|
||||
" F2 --> Filetree toggle
|
||||
" F3 --> Function overview
|
||||
" F4 --> Toggle error bar
|
||||
|
||||
" F5 --> Remove trailing whitespaces
|
||||
" F6 --> Reindent whole file
|
||||
" F7 --> Format and lint file
|
||||
" ,i --> Information about function
|
||||
" ,d --> Jump to definition
|
||||
" ,r --> Rename in all occurences
|
||||
" ,rf --> Find references of function/variable
|
||||
" ,e --> Change current file
|
||||
" ,te --> Open file in new tab
|
||||
" strg+f --> Find current selected word
|
||||
" strg+d --> Replace current selected word
|
||||
" strg+s --> Save file
|
||||
" strg+q --> Close current file
|
||||
" space+, --> Stop highlighting words after search
|
||||
|
70
mb/2configs/nvim.nix
Normal file
70
mb/2configs/nvim.nix
Normal file
@ -0,0 +1,70 @@
|
||||
{ pkgs, config, ... }: let
|
||||
#unstable = import <nixos-unstable> { };
|
||||
in
|
||||
|
||||
{
|
||||
environment.variables = {
|
||||
EDITOR = ["nvim"];
|
||||
};
|
||||
|
||||
nixpkgs.config.packageOverrides = pkgs: with pkgs;{
|
||||
neovim_custom = neovim.override {
|
||||
configure = {
|
||||
customRC = builtins.readFile ./neovimrc;
|
||||
|
||||
packages.myVimPackage = with pkgs.vimPlugins;
|
||||
{
|
||||
# loaded on launch
|
||||
start = [
|
||||
nerdtree # file manager
|
||||
commentary # comment stuff out based on language
|
||||
fugitive # full git integration
|
||||
vim-airline-themes # lean & mean status/tabline
|
||||
vim-airline # status bar
|
||||
gitgutter # git diff in the gutter (sign column)
|
||||
vim-trailing-whitespace # trailing whitspaces in red
|
||||
tagbar # F3 function overview
|
||||
syntastic # Fallback to singlethreaded but huge syntax support
|
||||
ReplaceWithRegister # For better copying/replacing
|
||||
polyglot # Language pack
|
||||
vim-indent-guides # for displaying indent levels
|
||||
ale # threaded language client
|
||||
vim-go # go linting
|
||||
deoplete-go # go autocompletion completion
|
||||
deoplete-nvim # general autocompletion
|
||||
molokai # color scheme
|
||||
];
|
||||
|
||||
# manually loadable by calling `:packadd $plugin-name`
|
||||
opt = [];
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
environment.systemPackages = with pkgs; [
|
||||
ctags
|
||||
neovim_custom
|
||||
jq # For fixing json files
|
||||
xxd # .bin files will be displayed with xxd
|
||||
shellcheck # Shell linting
|
||||
ansible-lint # Ansible linting
|
||||
unzip # To vim into unzipped files
|
||||
nodePackages.jsonlint # json linting
|
||||
#python36Packages.python-language-server # python linting
|
||||
#python36Packages.pyls-mypy # Python static type checker
|
||||
#python36Packages.black # Python code formatter
|
||||
#python37Packages.yamllint # For linting yaml files
|
||||
#python37Packages.libxml2 # For fixing yaml files
|
||||
cquery # C/C++ support
|
||||
clang-tools # C++ fixer
|
||||
];
|
||||
|
||||
fonts = {
|
||||
fonts = with pkgs; [
|
||||
font-awesome_5
|
||||
];
|
||||
};
|
||||
|
||||
}
|
||||
|
19
mb/2configs/qemu-guest.nix
Normal file
19
mb/2configs/qemu-guest.nix
Normal file
@ -0,0 +1,19 @@
|
||||
# Common configuration for virtual machines running under QEMU (using
|
||||
# virtio).
|
||||
|
||||
{ ... }:
|
||||
|
||||
{
|
||||
boot.initrd.availableKernelModules = [ "virtio_net" "virtio_pci" "virtio_mmio" "virtio_blk" "virtio_scsi" "9p" "9pnet_virtio" ];
|
||||
boot.initrd.kernelModules = [ "virtio_balloon" "virtio_console" "virtio_rng" ];
|
||||
|
||||
boot.initrd.postDeviceCommands =
|
||||
''
|
||||
# Set the system time from the hardware clock to work around a
|
||||
# bug in qemu-kvm > 1.5.2 (where the VM clock is initialised
|
||||
# to the *boot time* of the host).
|
||||
hwclock -s
|
||||
'';
|
||||
|
||||
security.rngd.enable = false;
|
||||
}
|
Loading…
Reference in New Issue
Block a user