Compare commits

..

24 commits

Author SHA1 Message Date
fruchti 76cabab60a Rupert: Adapt for 24.05 2024-06-02 11:06:30 +02:00
fruchti ef69748075 Emitter: Make necessary changes for 24.05 2024-06-02 10:25:45 +02:00
fruchti 4994a81881 Update Nextcloud to 28 2024-06-02 10:22:04 +02:00
fruchti 0fe9a18a96 Rupert: Add swap 2024-06-02 10:21:55 +02:00
fruchti 4553c49a2b Install git-lfs by default 2024-05-20 14:30:47 +02:00
fruchti 8c8fbbbff8 Update Dune3D 2024-05-04 10:32:45 +02:00
fruchti b7719a7570 Add Dune 3D
Lifted from nixpkgs-unstable, but with the most recent commit of Dune
3D.
2024-04-27 14:42:07 +02:00
fruchti 57f19e259f Disco: Add mpv, video playback codecs 2024-04-27 14:40:03 +02:00
fruchti 1f863c789d Disco: Switch from GNOME to XFCE 2024-04-27 14:38:38 +02:00
fruchti 801a472e99 Status e-mail: Use only main process exit code
Previously, the exit code of an ExitStartPre script might have wound up
in the e-mail subject.
2024-04-27 14:36:36 +02:00
fruchti d0d2f1f64e Emitter: Send e-mail only on repeated backup fails 2024-04-27 14:35:50 +02:00
fruchti 2a4dce6e02 GNOME: Explicitly enable gnome-keyring 2024-04-27 14:34:02 +02:00
fruchti 958117375a Fix ‘sudo nixos-rebuild’ asking for password 2024-04-27 14:33:43 +02:00
fruchti 9195d6f6de Horizon EDA: Fix Intel GPU redraw issue 2024-04-27 14:33:43 +02:00
fruchti b67bf68f0d Hedgedoc: Replace ensurePermissions 2024-04-27 14:31:11 +02:00
fruchti c44799033a Remove joshuto for now 2024-04-27 14:30:08 +02:00
fruchti 7a7eb0e9fb WCH-LinkE udev rule: Also match USB-UART 2023-12-05 20:36:45 +01:00
fruchti c0baac0488 Emitter: Switch to Forgejo 2023-12-03 11:44:46 +01:00
fruchti 131c18230a Rupert: Add changes for 23.11 2023-12-02 21:36:19 +01:00
fruchti f678ad57f8 Rupert: Add working video decoding HW acceleration 2023-12-02 21:35:50 +01:00
fruchti d6f2c33a09 X270: Try to fix nub wakeup issue 2023-12-02 20:34:42 +01:00
fruchti 7d14f4a8df Disco: Add swap file, earlyoom 2023-12-02 20:34:17 +01:00
fruchti 2494def822 Add magic-wormhole to default installation packages 2023-12-02 20:30:31 +01:00
fruchti a5d18374bf Emitter: Change configuration for new home 2023-12-02 20:29:47 +01:00
67 changed files with 266 additions and 81 deletions

View file

@ -3,7 +3,7 @@
config = lib.mkDefault {
i18n.defaultLocale = "en_GB.UTF-8";
console.keyMap = "us";
services.xserver.layout = "us-fruchti";
services.xserver.xkb.layout = "us-fruchti";
services.openssh = {
enable = true;
settings = {

View file

@ -19,7 +19,7 @@
changeColorScheme-vim
vim-dispatch
vimtex
suda-vim
vim-suda
];
opt = [];
};

View file

@ -5,7 +5,8 @@
tmux zellij
wget
rsync
git
magic-wormhole
git git-lfs
gnupg
file
ripgrep
@ -13,7 +14,7 @@
htop
ncdu
killall
ranger nnn joshuto
ranger nnn # joshuto
hexyl
rink
@ -37,7 +38,7 @@
xsel
];
fonts.fonts = with pkgs; [
fonts.packages = with pkgs; [
vollkorn
alegreya alegreya-sans
b612

View file

@ -24,7 +24,7 @@ in
groups = [ "wheel" ];
commands = [
{
command = "${pkgs.nixos-rebuild}/bin/nixos-rebuild *";
command = "/run/current-system/sw/bin/nixos-rebuild";
options = [ "NOPASSWD" ];
}
];

View file

@ -1,6 +1,6 @@
{ ... }:
{
services.xserver.extraLayouts = {
services.xserver.xkb.extraLayouts = {
de-x270 = {
description = "DE layout with some small changes for Thinkpad X270";
languages = [ "deu" ];

View file

@ -2,7 +2,7 @@
{
imports = [
./development.nix
./gnome.nix
./xfce.nix
./x270.nix
./scanner.nix
./printer.nix
@ -63,13 +63,16 @@
zathura
inkscape
vlc
vlc mpv a52dec
gthumb
gimp
tenacity
openscad
freecad
solvespace
(pkgs.callPackage ../packages/dune3d.nix {})
vscodium
marktext
tor-browser-bundle-bin
@ -172,6 +175,16 @@
LidSwitchIgnoreInhibited = no
'';
services.earlyoom = {
enable = true;
enableNotifications = true;
};
swapDevices = [{
device = "/swapfile";
size = 16 * 1024;
}];
# This value determines the NixOS release from which the default
# settings for stateful data, like file locations and database versions
# on your system were taken. Its perfectly fine and recommended to leave

View file

@ -1,12 +1,12 @@
{ config, pkgs, ... }:
{
imports = [
./gitea.nix
./forgejo.nix
./tls_sni.nix
];
boot.loader.grub.enable = true;
boot.loader.grub.device = "/dev/vda";
boot.loader.grub.device = "/dev/sda";
networking.hostName = "Emitter";
@ -14,12 +14,12 @@
networking.useDHCP = false;
networking = {
defaultGateway = {
address = "2.59.133.1";
interface = "ens3";
address = "176.96.139.1";
interface = "ens18";
};
defaultGateway6 = {
address = "2a0d:5940:7::1";
interface = "ens3";
address = "2a0d:5940:80:4e::1";
interface = "ens18";
};
nameservers = [
"9.9.9.10"
@ -27,38 +27,38 @@
"2606:4700:4700::1111"
"2001:4860:4860::8888"
];
interfaces.ens3 = {
interfaces.ens18 = {
ipv4 = {
addresses = [
{
address = "2.59.133.12";
address = "176.96.139.54";
prefixLength = 24;
}
];
routes = [
{
address = "2.59.133.0";
address = "176.96.139.0";
prefixLength = 24;
via = "2.59.133.1";
via = "176.96.139.1";
}
];
};
ipv6 = {
addresses = [
{
address = "2a0d:5940:7:16f:216:3cff:fe63:9a54";
address = "2a0d:5940:80:4e::2";
prefixLength = 64;
}
{
address = "fe80::216:3cff:fe63:9a54";
address = "fe80::4874:40ff:fe38:7a45";
prefixLength = 64;
}
];
routes = [
{
address = "2a0d:5940:7:16f:216:3cff:fe63:9a54";
address = "2a0d:5940:80:4e::2";
prefixLength = 64;
via = "2a0d:5940:7::1";
via = "2a0d:5940:80:4e::1";
}
];
};
@ -131,7 +131,11 @@
};
serviceConfig = {
Restart = "on-failure";
RestartSec = retryDelay;
# Skip transitions through failed state, i.e. dont send a e-mail
# before the maximum number of retries is exhausted
RestartMode = "direct";
};
};

View file

@ -21,6 +21,24 @@ in
boot.loader.efi.canTouchEfiVariables = true;
boot.kernelParams = [ "acpi=force" "reboot=bios" ];
boot.initrd.kernelModules = [ "i915" ];
nixpkgs.config.packageOverrides = pkgs: {
vaapiIntel = pkgs.vaapiIntel.override { enableHybridCodec = true; };
};
hardware.opengl = {
enable = true;
extraPackages = with pkgs; [
(if (lib.versionOlder (lib.versions.majorMinor lib.version) "23.11") then vaapiIntel else intel-vaapi-driver)
libvdpau-va-gl
vaapiVdpau
# intel-media-driver
];
};
environment.variables = {
VDPAU_DRIVER = "va_gl";
};
hardware.cpu.intel.updateMicrocode = true;
networking.hostName = "Rupert";
users.users = {
@ -56,6 +74,7 @@ in
services.flatpak.enable = true;
xdg.portal.extraPortals = [ pkgs.xdg-desktop-portal-gtk ];
xdg.portal.enable = true;
xdg.portal.config.common.default = "*";
hardware.bluetooth = {
enable = true;
@ -127,6 +146,11 @@ in
SUBSYSTEM=="video4linux", ATTRS{idProduct}=="0002", ATTRS{idVendor}=="1d6b", SYMLINK+="hdmi_capture"
'';
swapDevices = [{
device = "/swapfile";
size = 8 * 1024;
}];
# This value determines the NixOS release from which the default
# settings for stateful data, like file locations and database versions
# on your system were taken. Its perfectly fine and recommended to leave

View file

@ -4,12 +4,14 @@
enable = true;
windowManager.bspwm.enable = true;
displayManager = {
defaultSession = "none+bspwm";
lightdm.enable = true;
autoLogin.enable = true;
autoLogin.user = "waldi";
};
};
services.displayManager = {
defaultSession = "none+bspwm";
autoLogin.enable = true;
autoLogin.user = "waldi";
};
services.unclutter-xfixes = {
enable = true;

View file

@ -31,7 +31,7 @@
SUBSYSTEM=="usb", ATTRS{idVendor}=="0483", ATTRS{idProduct}=="3748", MODE="0660", GROUP="plugdev"
# WCH-LinkE
SUBSYSTEM=="usb", ATTRS{idVendor}=="1a86", ATTRS{idProduct}=="8010", MODE="0660", GROUP="plugdev"
SUBSYSTEMS=="usb", ATTRS{idVendor}=="1a86", ATTRS{idProduct}=="8010", MODE="0660", GROUP="plugdev"
# Glasgow
SUBSYSTEM=="usb", ATTRS{idVendor}=="20b7", ATTRS{idProduct}=="9db1", MODE="0660", GROUP="plugdev"

View file

Before

Width:  |  Height:  |  Size: 10 KiB

After

Width:  |  Height:  |  Size: 10 KiB

View file

Before

Width:  |  Height:  |  Size: 14 KiB

After

Width:  |  Height:  |  Size: 14 KiB

View file

Before

Width:  |  Height:  |  Size: 12 KiB

After

Width:  |  Height:  |  Size: 12 KiB

View file

Before

Width:  |  Height:  |  Size: 13 KiB

After

Width:  |  Height:  |  Size: 13 KiB

View file

Before

Width:  |  Height:  |  Size: 40 KiB

After

Width:  |  Height:  |  Size: 40 KiB

View file

Before

Width:  |  Height:  |  Size: 13 KiB

After

Width:  |  Height:  |  Size: 13 KiB

View file

@ -2,18 +2,17 @@
let
domain = "git.25120.org";
giteaCustom = pkgs.callPackage ../packages/directory.nix {
name = "gitea-custom";
source = ./gitea-custom;
forgejoCustom = pkgs.callPackage ../packages/directory.nix {
name = "forgejo-custom";
source = ./forgejo-custom;
};
in
{
services.gitea = {
services.forgejo = {
enable = true;
appName = "${domain}";
database = {
type = "postgres";
passwordFile = "/secrets/gitea_db_password";
passwordFile = "/secrets/forgejo_db_password";
createDatabase = false;
};
repositoryRoot = "/data/git/repositories";
@ -42,7 +41,7 @@ in
input_file="$1"
command="${nbconvert}/bin/jupyter nbconvert --stdout --to html --template basic"
cache_directory="${config.services.gitea.stateDir}/markup_cache/jupyter"
cache_directory="${config.services.forgejo.stateDir}/markup_cache/jupyter"
max_cache_file_count="${toString max_cached_jupyter_notebooks}"
cache_file="$cache_directory/$(md5sum "$input_file" | cut -d' ' -f1)"
@ -65,6 +64,7 @@ in
'';
in
{
DEFAULT.APP_NAME = "${domain}";
server = {
SSH_PORT = lib.head config.services.openssh.ports;
ROOT_URL = "https://${domain}/";
@ -73,42 +73,43 @@ in
};
service.DISABLE_REGISTRATION = true;
session.COOKIE_SECURE = true;
UI.DEFAULT_THEME = "forgejo-auto";
"markup.restructuredtext" = {
ENABLED = true;
FILE_EXTENSIONS = ".rst";
RENDER_COMMAND = "${docutils}/bin/rst2html.py";
IS_INPUT_FILE = false;
};
# "markup.jupyter" = {
# ENABLED = true;
# FILE_EXTENSIONS = ".ipynb";
# # RENDER_COMMAND = "\"${nbconvert}/bin/jupyter nbconvert --stdout --to html --template basic \"";
# RENDER_COMMAND = "\"${cached_jupyter_preview} \"";
# IS_INPUT_FILE = true;
# # RENDER_CONTENT_MODE = "iframe";
# };
# "markup.sanitizer.jupyter.div" = { ELEMENT = "div"; ALLOW_ATTR = "class"; REGEXP = ""; };
# "markup.sanitizer.jupyter.span" = { ELEMENT = "span"; ALLOW_ATTR = "class"; REGEXP = ""; };
# "markup.sanitizer.jupyter.img" = { ELEMENT = "img"; ALLOW_ATTR = "class"; REGEXP = ""; ALLOW_DATA_URI_IMAGES = "true"; };
# "markup.sanitizer.jupyter.svg.width" = { ELEMENT = "svg"; ALLOW_ATTR = "width"; REGEXP = ""; };
# "markup.sanitizer.jupyter.svg.height" = { ELEMENT = "svg"; ALLOW_ATTR = "height"; REGEXP = ""; };
# "markup.sanitizer.jupyter.svg.viewbox" = { ELEMENT = "svg"; ALLOW_ATTR = "viewbox"; REGEXP = ""; };
# "markup.sanitizer.jupyter.svg.use" = { ELEMENT = "use"; ALLOW_ATTR = "transform"; REGEXP = ""; };
# "markup.sanitizer.jupyter.svg.g" = { ELEMENT = "g"; ALLOW_ATTR = "class"; REGEXP = ""; };
# "markup.sanitizer.jupyter.svg.path.style" = { ELEMENT = "path"; ALLOW_ATTR = "style"; REGEXP = ""; };
# "markup.sanitizer.jupyter.svg.path.d" = { ELEMENT = "path"; ALLOW_ATTR = "d"; REGEXP = ""; };
# "markup.sanitizer.jupyter.svg.path.transform" = { ELEMENT = "path"; ALLOW_ATTR = "transform"; REGEXP = ""; };
"markup.jupyter" = {
ENABLED = true;
FILE_EXTENSIONS = ".ipynb";
# RENDER_COMMAND = "\"${nbconvert}/bin/jupyter nbconvert --stdout --to html --template basic \"";
RENDER_COMMAND = "\"${cached_jupyter_preview} \"";
IS_INPUT_FILE = true;
# RENDER_CONTENT_MODE = "iframe";
};
"markup.sanitizer.jupyter.div" = { ELEMENT = "div"; ALLOW_ATTR = "class"; REGEXP = ""; };
"markup.sanitizer.jupyter.span" = { ELEMENT = "span"; ALLOW_ATTR = "class"; REGEXP = ""; };
"markup.sanitizer.jupyter.img" = { ELEMENT = "img"; ALLOW_ATTR = "class"; REGEXP = ""; ALLOW_DATA_URI_IMAGES = "true"; };
"markup.sanitizer.jupyter.svg.width" = { ELEMENT = "svg"; ALLOW_ATTR = "width"; REGEXP = ""; };
"markup.sanitizer.jupyter.svg.height" = { ELEMENT = "svg"; ALLOW_ATTR = "height"; REGEXP = ""; };
"markup.sanitizer.jupyter.svg.viewbox" = { ELEMENT = "svg"; ALLOW_ATTR = "viewbox"; REGEXP = ""; };
"markup.sanitizer.jupyter.svg.use" = { ELEMENT = "use"; ALLOW_ATTR = "transform"; REGEXP = ""; };
"markup.sanitizer.jupyter.svg.g" = { ELEMENT = "g"; ALLOW_ATTR = "class"; REGEXP = ""; };
"markup.sanitizer.jupyter.svg.path.style" = { ELEMENT = "path"; ALLOW_ATTR = "style"; REGEXP = ""; };
"markup.sanitizer.jupyter.svg.path.d" = { ELEMENT = "path"; ALLOW_ATTR = "d"; REGEXP = ""; };
"markup.sanitizer.jupyter.svg.path.transform" = { ELEMENT = "path"; ALLOW_ATTR = "transform"; REGEXP = ""; };
};
};
services.postgresql = {
enable = true;
authentication = ''
local gitea all ident map=gitea-users
local forgejo all ident map=forgejo-users
'';
# Map the gitea user to postgresql
# Map the forgejo user to postgresql
identMap = ''
gitea-users gitea gitea
forgejo-users forgejo forgejo
'';
};
@ -125,14 +126,14 @@ in
};
};
# users.users.gitea.extraGroups = [ "keys" ];
systemd.services.gitea = {
# users.users.forgejo.extraGroups = [ "keys" ];
systemd.services.forgejo = {
serviceConfig = {
ReadOnlyPaths = [ "/secrets" ];
};
preStart = ''
cp -frT "${giteaCustom}/" "${config.services.gitea.stateDir}/custom/"
find "${config.services.gitea.stateDir}/custom/" -type d -exec chmod 0750 '{}' + -or -type f -exec chmod 0640 '{}' +
cp -frT "${forgejoCustom}/" "${config.services.forgejo.stateDir}/custom/"
find "${config.services.forgejo.stateDir}/custom/" -type d -exec chmod 0750 '{}' + -or -type f -exec chmod 0640 '{}' +
'';
};

View file

@ -11,6 +11,7 @@
autoLogin.user = "fruchti";
};
security.pam.services.gdm.enableGnomeKeyring = true;
services.gnome.gnome-keyring.enable = true;
services.touchegg.enable = true;
services.gnome.gnome-settings-daemon.enable = true;

View file

@ -5,7 +5,6 @@ in
{
services.hedgedoc = {
enable = true;
workDir = "/data/hedgedoc";
environmentFile = "/secrets/hedgedoc.env";
settings = {
port = 7000;
@ -39,9 +38,7 @@ in
ensureUsers = [
{
name = "hedgedoc";
ensurePermissions = {
"DATABASE hedgedoc" = "ALL PRIVILEGES";
};
ensureDBOwnership = true;
}
];
ensureDatabases = [ "hedgedoc" ];

View file

@ -6,20 +6,21 @@ in
services.nextcloud = {
enable = true;
https = true;
package = pkgs.nextcloud26;
package = pkgs.nextcloud28;
hostName = hostName;
datadir = "/data/nextcloud";
config = {
dbtype = "pgsql";
dbhost = "/run/postgresql";
adminpassFile = "/secrets/nextcloud_admin_password.txt";
extraTrustedDomains = [
settings = {
trusted_domains = [
((lib.toLower config.networking.hostName) + ".lan")
(lib.toLower config.networking.hostName)
];
};
config = {
dbtype = "pgsql";
dbhost = "/run/postgresql";
adminpassFile = "/secrets/nextcloud_admin_password.txt";
};
caching.redis = true;
enableBrokenCiphersForSSE = false;
};
services.postgresql = {
@ -27,16 +28,14 @@ in
ensureUsers = [
{
name = "nextcloud";
ensurePermissions = {
"DATABASE nextcloud" = "ALL PRIVILEGES";
};
}
{
name = "superuser";
ensurePermissions = {
"ALL TABLES IN SCHEMA public" = "ALL PRIVILEGES";
};
ensureDBOwnership = true;
}
# {
# name = "superuser";
# ensurePermissions = {
# "ALL TABLES IN SCHEMA public" = "ALL PRIVILEGES";
# };
# }
];
ensureDatabases = [ "nextcloud" ];
};

View file

@ -6,6 +6,17 @@
speed = 170;
};
# Ensure that trackpoint mouse buttons work after suspend without having
# to touch the trackpoint first
powerManagement = {
powerDownCommands = ''
modprobe -r psmouse
'';
resumeCommands = ''
modprobe psmouse
'';
};
services.xserver.videoDrivers = [ "modesetting" ];
boot.initrd.kernelModules = [ "i915" ];

43
hosts/xfce.nix Normal file
View file

@ -0,0 +1,43 @@
{ config, pkgs, ... }:
{
services.xserver = {
enable = true;
libinput.enable = true;
desktopManager = {
xfce.enable = true;
xterm.enable = false;
};
displayManager = {
lightdm.enable = true;
defaultSession = "xfce";
autoLogin.enable = true;
autoLogin.user = "fruchti";
};
};
nixpkgs.config.pulseaudio = true;
hardware.pulseaudio.enable = true;
hardware.bluetooth.enable = true;
services.blueman.enable = true;
# environment.xfce.excludePackages = with pkgs.xfce; [
# xfce4-terminal
# ];
environment.systemPackages = with pkgs; [
xfce.xfce4-whiskermenu-plugin
xfce.xfce4-pulseaudio-plugin
xfce.xfce4-volumed-pulse
xfce.xfwm4-themes
pinentry-gnome
lounge-gtk-theme
hackneyed
blueman
gnome.file-roller
];
security.pam.services.lightdm.enableGnomeKeyring = true;
services.gnome.gnome-keyring.enable = true;
services.cpupower-gui.enable = true;
programs.gnupg.agent.pinentryFlavor = "gnome3";
services.pcscd.enable = true;
services.dbus.packages = [ pkgs.gcr ];
}

View file

@ -20,7 +20,7 @@ in
to="${toAddress}"
service="$1"
full_status="$(systemctl status --full --lines 200 "$service")"
exit_code="$(echo "$full_status" | head -n5 | tail -1 | sed -e 's/.*status=\(.*\))$/\1/g')"
exit_code="$(echo "$full_status" | head -n5 | tail -1 | sed -e 's/.*ExecStart=.*status=\(.*\))$/\1/g')"
# state="$(systemctl is-failed "$service")"
fail_priority=1

View file

@ -2,5 +2,6 @@
{
imports = [
./burp.nix
./horizon-eda.nix
];
}

13
overlays/horizon-eda.nix Normal file
View file

@ -0,0 +1,13 @@
{ config, ... }:
{
nixpkgs.overlays = [
(self: super: {
horizon-eda = (super.horizon-eda.overrideAttrs (old: {
# Add an environment variable to fix redraw issues on Intel Graphics
patches = [
./horizon_software_draw_surface.patch
];
}));
})
];
}

View file

@ -0,0 +1,10 @@
diff --git a/org.horizon_eda.HorizonEDA.desktop b/org.horizon_eda.HorizonEDA.desktop
index 7551df54..d8df7800 100644
--- a/org.horizon_eda.HorizonEDA.desktop
+++ b/org.horizon_eda.HorizonEDA.desktop
@@ -5,4 +5,4 @@ Categories=Development;Engineering;Electronics;
Type=Application
Terminal=false
Icon=org.horizon_eda.HorizonEDA
-Exec=horizon-eda %U
+Exec=env GDK_GL=software-draw-surface horizon-eda %U

65
packages/dune3d.nix Normal file
View file

@ -0,0 +1,65 @@
{
cmake,
eigen,
fetchFromGitHub,
glm,
gobject-introspection,
gtkmm4,
lib,
libepoxy,
librsvg,
libspnav,
libuuid,
meson,
ninja,
opencascade-occt,
pkg-config,
python3,
gcc13Stdenv,
wrapGAppsHook,
}:
gcc13Stdenv.mkDerivation rec {
pname = "dune3d";
version = "1.1.0";
src = fetchFromGitHub {
owner = "dune3d";
repo = "dune3d";
rev = "v${version}";
hash = "sha256-Z/kdOc/MbnnEyRsel3aZGndTAy1eCdAK0Wdta0HxaE4=";
};
nativeBuildInputs = [
gobject-introspection
meson
ninja
pkg-config
wrapGAppsHook
];
buildInputs = [
cmake
eigen
glm
gtkmm4
libepoxy
librsvg
libspnav
libuuid
opencascade-occt
(python3.withPackages (pp: [
pp.pygobject3
]))
];
env.CASROOT = opencascade-occt;
meta = with lib; {
description = "3D CAD application";
homepage = "https://dune3d.org";
license = licenses.gpl3Plus;
mainProgram = "dune3d";
platforms = platforms.linux;
};
}