diff --git a/.gitmodules b/.gitmodules new file mode 100644 index 0000000..6680f54 --- /dev/null +++ b/.gitmodules @@ -0,0 +1,6 @@ +[submodule "pkgs/binaryninja"] + path = pkgs/binaryninja + url = ssh://gitea@git.giugl.io:10022/peperunas/binaryninja.git +[submodule "pkgs/ida"] + path = pkgs/ida + url = ssh://gitea@git.giugl.io:10022/peperunas/ida.git diff --git a/flake.nix b/flake.nix index e217ad0..ad1d3c2 100644 --- a/flake.nix +++ b/flake.nix @@ -8,13 +8,29 @@ }; }; - outputs = { self, nixpkgs, nixos-unstable, home-manager }: let - util = import ./utils.nix { inherit nixpkgs nixos-unstable home-manager; }; + outputs = inputs @ { self, nixpkgs, nixos-unstable, home-manager }: let + system = "x86_64-linux"; + + pkgs = import nixpkgs { + inherit system; + config.allowUnfree = true; + overlays = [ (final: prev: { inherit unstable; }) ]; + }; + + unstable = import nixos-unstable { + inherit system; + config.allowUnfree = true; + }; + + utils = import ./lib { inherit pkgs unstable nixpkgs nixos-unstable home-manager; }; + + inherit (utils) host; + inherit (utils) user; in { nixosConfigurations = { - architect = util.mkHost { name = "architect"; }; - gAluminum = util.mkHost { name = "gAluminum"; }; - proxy = util.mkHost { name = "proxy"; }; + architect = host.mkHost { name = "architect"; users = [ "giulio" ]; }; + gAluminum = host.mkHost { name = "gAluminum"; users = [ "giulio" ]; roles = [ "gnome" ]; }; + proxy = host.mkHost { name = "proxy"; }; }; }; } diff --git a/hosts/gAluminum/default.nix b/hosts/gAluminum/default.nix index 6a26534..4dd6b04 100644 --- a/hosts/gAluminum/default.nix +++ b/hosts/gAluminum/default.nix @@ -5,14 +5,11 @@ let in { imports = [ ./hardware.nix - ../../variables.nix - ../../common.nix - ../../users.nix + ./wireguard.nix ]; - - variables.hostname = hostname; boot = { + supportedFilesystems = [ "ntfs" ]; loader = { efi.canTouchEfiVariables = true; efi.efiSysMountPoint = "/boot/efi"; @@ -30,68 +27,22 @@ in { networking = { hostName = hostname; - - wg-quick.interfaces = { - giupi = { - address = ["10.3.0.2/32"]; - privateKeyFile = "/etc/wireguard/giupi.key"; - dns = ["10.3.0.1"]; - peers = [ - { - publicKey = "I4glUMvIGjjhvQMKhwGc8copPl2t9Us/YYRjT0BKuiw="; - allowedIPs = ["0.0.0.0/0"]; - endpoint = "giugl.io:1194"; - persistentKeepalive = 25; - } - ]; - }; + networkmanager.wifi = { + powersave = false; + macAddress = "random"; }; }; time.timeZone = "Europe/London"; - services = { - xserver = { - enable = true; - displayManager.gdm.enable = true; - desktopManager.gnome.enable = true; - libinput.enable = true; - layout = "us"; - xkbOptions = "eurosign:e"; - }; - - printing.enable = true; - dbus.packages = with pkgs; [ gnome3.dconf ]; - udev.packages = with pkgs; [ gnome3.gnome-settings-daemon ]; - }; + virtualisation.virtualbox.host.enable = true; + virtualisation.virtualbox.host.enableExtensionPack = true; + users.extraGroups.vboxusers.members = [ "giulio" ]; + services.printing.enable = true; sound.enable = true; hardware.pulseaudio.enable = true; - - environment.systemPackages = with pkgs; [ - wget - git - pciutils - curl - virtualbox - cmake - ninja - gdb - htop - glances - tcpdump - restic - gnomeExtensions.appindicator - binutils - efibootmgr - neovim - home-manager - ]; - - fonts.fonts = with pkgs; [cascadia-code]; - + environment.systemPackages = with pkgs; [ efibootmgr ]; system.stateVersion = "21.05"; # Did you read the comment? - - security.pam.services.gdm.enableGnomeKeyring = true; } diff --git a/hosts/gAluminum/wireguard.nix b/hosts/gAluminum/wireguard.nix new file mode 100644 index 0000000..72a6b00 --- /dev/null +++ b/hosts/gAluminum/wireguard.nix @@ -0,0 +1,17 @@ +{ + networking.wg-quick.interfaces = { + giupi = { + address = ["10.3.0.2/32"]; + privateKeyFile = "/etc/wireguard/giupi.key"; + dns = ["10.3.0.1"]; + peers = [ + { + publicKey = "I4glUMvIGjjhvQMKhwGc8copPl2t9Us/YYRjT0BKuiw="; + allowedIPs = ["0.0.0.0/0"]; + endpoint = "architect.devs.giugl.io:1194"; + persistentKeepalive = 25; + } + ]; + }; + }; +} diff --git a/lib/default.nix b/lib/default.nix new file mode 100644 index 0000000..0423072 --- /dev/null +++ b/lib/default.nix @@ -0,0 +1,5 @@ +{ pkgs, unstable, nixpkgs, nixos-unstable, home-manager, ...}: +rec { + user = import ./user.nix { inherit pkgs; }; + host = import ./host.nix { inherit pkgs nixpkgs unstable nixos-unstable home-manager user; }; +} diff --git a/utils.nix b/lib/host.nix similarity index 50% rename from utils.nix rename to lib/host.nix index 6a2c8e6..9dab99f 100644 --- a/utils.nix +++ b/lib/host.nix @@ -1,24 +1,21 @@ -{ nixos-unstable, nixpkgs, home-manager, ... }: +{ pkgs, nixpkgs, nixos-unstable, unstable, home-manager, user, ... }: { - mkHost = {name}: + mkHost = { name, users, roles ? [] }: let system = "x86_64-linux"; - unstable = import nixos-unstable { - inherit system; - config.allowUnfree = true; - }; + mkRole = role : import (../roles + "/${role}.nix"); - pkgs = import nixpkgs { - inherit system; - config.allowUnfree = true; - overlays = [ (final: prev: { inherit unstable; }) ]; - }; + users_mod= (map (u: user.mkUser u) users); + roles_mod = (map (r: mkRole r) roles); in nixpkgs.lib.nixosSystem { inherit system; + modules = [ { + imports = users_mod ++ roles_mod; + nixpkgs.pkgs = pkgs; nix.nixPath = [ "nixpkgs=${nixpkgs}" @@ -28,11 +25,10 @@ nix.registry.unstable.flake = nixos-unstable; } - ./common.nix - ./users.nix home-manager.nixosModules.home-manager - ./hosts/${name}/default.nix - ./acme.nix + ../roles/common.nix + ../roles/acme.nix + ../hosts/${name}/default.nix ]; }; } diff --git a/lib/user.nix b/lib/user.nix new file mode 100644 index 0000000..d4e2caa --- /dev/null +++ b/lib/user.nix @@ -0,0 +1,19 @@ +{ pkgs, ...}: + +{ + mkUser = name: { + fileSystems."/home/${name}/Downloads" = { + device = "tmpfs"; + fsType = "tmpfs"; + options = ["size=3G"]; + }; + + users.users.${name} = { + isNormalUser = true; + shell = pkgs.zsh; + extraGroups = [ "wheel" ]; + }; + + home-manager.users.${name}.imports = [ ../roles/home ]; + }; +} diff --git a/pkgs/binaryninja b/pkgs/binaryninja new file mode 160000 index 0000000..8ed0f28 --- /dev/null +++ b/pkgs/binaryninja @@ -0,0 +1 @@ +Subproject commit 8ed0f28dc78dfc482c397056b73a6a1e680e8af0 diff --git a/pkgs/ida b/pkgs/ida new file mode 160000 index 0000000..fe8eed0 --- /dev/null +++ b/pkgs/ida @@ -0,0 +1 @@ +Subproject commit fe8eed08ff9f6e09abaa8216beaa45aa83767862 diff --git a/acme.nix b/roles/acme.nix similarity index 100% rename from acme.nix rename to roles/acme.nix diff --git a/common.nix b/roles/common.nix similarity index 91% rename from common.nix rename to roles/common.nix index cfe90da..d9a581c 100644 --- a/common.nix +++ b/roles/common.nix @@ -28,6 +28,8 @@ }; }; + fonts.fonts = with pkgs; [cascadia-code]; + environment.systemPackages = with pkgs; [ file pciutils @@ -41,12 +43,13 @@ restic binutils neovim - home-manager ripgrep tmux parted unzip tree smartmontools + nmap + ripgrep ]; } diff --git a/roles/gnome.nix b/roles/gnome.nix new file mode 100644 index 0000000..0b4fc52 --- /dev/null +++ b/roles/gnome.nix @@ -0,0 +1,20 @@ +{ pkgs, ... }: + +{ + services = { + xserver = { + enable = true; + displayManager.gdm.enable = true; + desktopManager.gnome.enable = true; + libinput.enable = true; + layout = "us"; + xkbOptions = "eurosign:e"; + }; + + dbus.packages = with pkgs; [ gnome3.dconf ]; + udev.packages = with pkgs; [ gnome3.gnome-settings-daemon ]; + }; + + environment.systemPackages = with pkgs; [ gnomeExtensions.appindicator ]; + security.pam.services.gdm.enableGnomeKeyring = true; +} diff --git a/home/code.nix b/roles/home/code.nix similarity index 85% rename from home/code.nix rename to roles/home/code.nix index cee2e5b..e60b1ac 100644 --- a/home/code.nix +++ b/roles/home/code.nix @@ -6,10 +6,13 @@ home.packages = with pkgs; [ nixfmt vscode + jetbrains.idea-ultimate ]; programs.neovim = { enable = true; + #package = pkgs.unstable.neovim-unwrapped; + extraConfig = '' " syntax syntax enable @@ -22,9 +25,9 @@ set wildmode=longest:full,full " remapping popup menu (command autocompletion) -" cnoremap pumvisible() ? "" : " -" cnoremap pumvisible() ? "" : "" -" cnoremap pumvisible() ? "":"" + " cnoremap pumvisible() ? "" : " + " cnoremap pumvisible() ? "" : "" + " cnoremap pumvisible() ? "":"" " set line numbers set number @@ -65,6 +68,12 @@ " Fix for code not being aligned if between comment blocks set cindent cinkeys-=0# set expandtab shiftwidth=2 tabstop=2 softtabstop=2 + + + + set statusline+=%#warningmsg# + set statusline+=%{SyntasticStatuslineFlag()} + set statusline+=%* ''; viAlias = true; @@ -83,6 +92,7 @@ vim-fugitive vim-yaml vim-autoformat + vimtex ]; }; diff --git a/home/default.nix b/roles/home/default.nix similarity index 51% rename from home/default.nix rename to roles/home/default.nix index df495b4..c09823b 100644 --- a/home/default.nix +++ b/roles/home/default.nix @@ -19,7 +19,6 @@ in ./ssh.nix ]; - nixpkgs.config.allowUnfree = true; home = { stateVersion = "21.05"; @@ -29,39 +28,42 @@ in }; packages = with pkgs; [ - # essentials - albert - guake + albert + guake - # browsers - firefox - brave - chromium + firefox + brave + chromium - # reversing - rizin + rizin - nmap + nmap - slack - signal-desktop - teams - discord - element-desktop + slack + signal-desktop + teams + discord + element-desktop - # music - spotify + spotify - # misc - bind + bind - # system - gparted - sshfs + gparted + sshfs - # autostart - albert_autostart - guake_autostart - ]; -}; -} + libreoffice + + albert_autostart + guake_autostart + ]; + }; + + programs = { + direnv = { + enable = true; + nix-direnv.enable = true; + nix-direnv.enableFlakes = true; + }; + }; + } diff --git a/home/git.nix b/roles/home/git.nix similarity index 100% rename from home/git.nix rename to roles/home/git.nix diff --git a/home/gnome.nix b/roles/home/gnome.nix similarity index 100% rename from home/gnome.nix rename to roles/home/gnome.nix diff --git a/home/ssh.nix b/roles/home/ssh.nix similarity index 97% rename from home/ssh.nix rename to roles/home/ssh.nix index b72e2db..c01b34b 100644 --- a/home/ssh.nix +++ b/roles/home/ssh.nix @@ -4,6 +4,11 @@ compression = true; matchBlocks = { + "giugl.io" = { + user = "root"; + identityFile = "~/.ssh/architectproxy"; + }; + "tommy.devs.giugl.io" = { user = "giulio"; identityFile = "~/.ssh/tommypc"; diff --git a/home/zsh.nix b/roles/home/zsh.nix similarity index 61% rename from home/zsh.nix rename to roles/home/zsh.nix index bd76a89..cf12329 100644 --- a/home/zsh.nix +++ b/roles/home/zsh.nix @@ -1,5 +1,5 @@ { config, pkgs, lib, ... }: { - home.packages = with pkgs; [ zsh ]; + home.packages = with pkgs; [ zsh any-nix-shell ]; programs.zsh = { enable = true; @@ -9,5 +9,9 @@ plugins = [ "git" "sudo" "docker" "docker-compose" "adb" "systemd" ]; theme = "bira"; }; + + initExtra = '' + any-nix-shell zsh --info-right | source /dev/stdin + ''; }; } diff --git a/roles/zsh.nix b/roles/zsh.nix new file mode 100644 index 0000000..6eb0786 --- /dev/null +++ b/roles/zsh.nix @@ -0,0 +1,8 @@ +{ ... }: + +{ + programs.zsh = { + enableBashCompletion = true; + enableCompletion = true; + }; +} diff --git a/users.nix b/users.nix deleted file mode 100644 index 3996b42..0000000 --- a/users.nix +++ /dev/null @@ -1,35 +0,0 @@ -{config, pkgs, home-manager, ...}: - -{ - users.users = { - giulio = { - description = "Giulio De Pasquale"; - isNormalUser = true; - shell = pkgs.zsh; - extraGroups = [ "wheel" "docker" "networkmanager" ]; - }; - - root = { - shell = pkgs.zsh; - }; - }; - - programs.zsh = { - enableBashCompletion = true; - enableCompletion = true; - }; - - home-manager.users.root = { - imports = [ ./home/zsh.nix ./home/ssh.nix ./home/code.nix ]; - }; - - home-manager.users.giulio = { - imports = [ ./home ]; - }; - - fileSystems."/home/giulio/Downloads" = { - device = "tmpfs"; - fsType = "tmpfs"; - options = ["size=3G"]; - }; -} diff --git a/variables.nix b/variables.nix deleted file mode 100644 index 8516086..0000000 --- a/variables.nix +++ /dev/null @@ -1,12 +0,0 @@ -{ config, lib, ... }: - -with lib; - -{ - options.variables = mkOption { - type = types.attrs; - default = {}; - }; - - config._module.args.variables = config.variables; -}