peperunas/nixos
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

huge reorganization

Browse Source
This commit is contained in:
Giulio De Pasquale 2021-10-13 13:29:07 +01:00
parent c9966c2f9b
commit 75a63c6329
21 changed files with 177 additions and 160 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
.gitmodules vendored Normal file
View File

@ -0,0 +1,6 @@
[submodule "pkgs/binaryninja"]
path = pkgs/binaryninja
url = ssh://gitea@git.giugl.io:10022/peperunas/binaryninja.git
[submodule "pkgs/ida"]
path = pkgs/ida
url = ssh://gitea@git.giugl.io:10022/peperunas/ida.git

26
flake.nix
View File

@ -8,13 +8,29 @@
};
};
outputs = { self, nixpkgs, nixos-unstable, home-manager }: let
util = import ./utils.nix { inherit nixpkgs nixos-unstable home-manager; };
outputs = inputs @ { self, nixpkgs, nixos-unstable, home-manager }: let
system = "x86_64-linux";
pkgs = import nixpkgs {
inherit system;
config.allowUnfree = true;
overlays = [ (final: prev: { inherit unstable; }) ];
};
unstable = import nixos-unstable {
inherit system;
config.allowUnfree = true;
};
utils = import ./lib { inherit pkgs unstable nixpkgs nixos-unstable home-manager; };
inherit (utils) host;
inherit (utils) user;
in {
nixosConfigurations = {
architect = util.mkHost { name = "architect"; };
gAluminum = util.mkHost { name = "gAluminum"; };
proxy = util.mkHost { name = "proxy"; };
architect = host.mkHost { name = "architect"; users = [ "giulio" ]; };
gAluminum = host.mkHost { name = "gAluminum"; users = [ "giulio" ]; roles = [ "gnome" ]; };
proxy = host.mkHost { name = "proxy"; };
};
};
}

69
hosts/gAluminum/default.nix
View File

@ -5,14 +5,11 @@ let
in {
imports = [
./hardware.nix
../../variables.nix
../../common.nix
../../users.nix
./wireguard.nix
];
variables.hostname = hostname;
boot = {
supportedFilesystems = [ "ntfs" ];
loader = {
efi.canTouchEfiVariables = true;
efi.efiSysMountPoint = "/boot/efi";
@ -30,68 +27,22 @@ in {
networking = {
hostName = hostname;
wg-quick.interfaces = {
giupi = {
address = ["10.3.0.2/32"];
privateKeyFile = "/etc/wireguard/giupi.key";
dns = ["10.3.0.1"];
peers = [
{
publicKey = "I4glUMvIGjjhvQMKhwGc8copPl2t9Us/YYRjT0BKuiw=";
allowedIPs = ["0.0.0.0/0"];
endpoint = "giugl.io:1194";
persistentKeepalive = 25;
}
];
};
networkmanager.wifi = {
powersave = false;
macAddress = "random";
};
};
time.timeZone = "Europe/London";
services = {
xserver = {
enable = true;
displayManager.gdm.enable = true;
desktopManager.gnome.enable = true;
libinput.enable = true;
layout = "us";
xkbOptions = "eurosign:e";
};
printing.enable = true;
dbus.packages = with pkgs; [ gnome3.dconf ];
udev.packages = with pkgs; [ gnome3.gnome-settings-daemon ];
};
virtualisation.virtualbox.host.enable = true;
virtualisation.virtualbox.host.enableExtensionPack = true;
users.extraGroups.vboxusers.members = [ "giulio" ];
services.printing.enable = true;
sound.enable = true;
hardware.pulseaudio.enable = true;
environment.systemPackages = with pkgs; [
wget
git
pciutils
curl
virtualbox
cmake
ninja
gdb
htop
glances
tcpdump
restic
gnomeExtensions.appindicator
binutils
efibootmgr
neovim
home-manager
];
fonts.fonts = with pkgs; [cascadia-code];
environment.systemPackages = with pkgs; [ efibootmgr ];
system.stateVersion = "21.05"; # Did you read the comment?
security.pam.services.gdm.enableGnomeKeyring = true;
}

17
hosts/gAluminum/wireguard.nix Normal file
View File

@ -0,0 +1,17 @@
{
networking.wg-quick.interfaces = {
giupi = {
address = ["10.3.0.2/32"];
privateKeyFile = "/etc/wireguard/giupi.key";
dns = ["10.3.0.1"];
peers = [
{
publicKey = "I4glUMvIGjjhvQMKhwGc8copPl2t9Us/YYRjT0BKuiw=";
allowedIPs = ["0.0.0.0/0"];
endpoint = "architect.devs.giugl.io:1194";
persistentKeepalive = 25;
}
];
};
};
}

5
lib/default.nix Normal file
View File

@ -0,0 +1,5 @@
{ pkgs, unstable, nixpkgs, nixos-unstable, home-manager, ...}:
rec {
user = import ./user.nix { inherit pkgs; };
host = import ./host.nix { inherit pkgs nixpkgs unstable nixos-unstable home-manager user; };
}

26
utils.nix → lib/host.nix
View File

@ -1,24 +1,21 @@
{ nixos-unstable, nixpkgs, home-manager, ... }:
{ pkgs, nixpkgs, nixos-unstable, unstable, home-manager, user, ... }:
{
mkHost = {name}:
mkHost = { name, users, roles ? [] }:
let
system = "x86_64-linux";
unstable = import nixos-unstable {
inherit system;
config.allowUnfree = true;
};
mkRole = role : import (../roles + "/${role}.nix");
pkgs = import nixpkgs {
inherit system;
config.allowUnfree = true;
overlays = [ (final: prev: { inherit unstable; }) ];
};
users_mod= (map (u: user.mkUser u) users);
roles_mod = (map (r: mkRole r) roles);
in nixpkgs.lib.nixosSystem {
inherit system;
modules = [
{
imports = users_mod ++ roles_mod;
nixpkgs.pkgs = pkgs;
nix.nixPath = [
"nixpkgs=${nixpkgs}"
@ -28,11 +25,10 @@
nix.registry.unstable.flake = nixos-unstable;
}
./common.nix
./users.nix
home-manager.nixosModules.home-manager
./hosts/${name}/default.nix
./acme.nix
../roles/common.nix
../roles/acme.nix
../hosts/${name}/default.nix
];
};
}

19
lib/user.nix Normal file
View File

@ -0,0 +1,19 @@
{ pkgs, ...}:
{
mkUser = name: {
fileSystems."/home/${name}/Downloads" = {
device = "tmpfs";
fsType = "tmpfs";
options = ["size=3G"];
};
users.users.${name} = {
isNormalUser = true;
shell = pkgs.zsh;
extraGroups = [ "wheel" ];
};
home-manager.users.${name}.imports = [ ../roles/home ];
};
}

1
pkgs/binaryninja Submodule

@ -0,0 +1 @@
Subproject commit 8ed0f28dc78dfc482c397056b73a6a1e680e8af0

1
pkgs/ida Submodule

@ -0,0 +1 @@
Subproject commit fe8eed08ff9f6e09abaa8216beaa45aa83767862

0
acme.nix → roles/acme.nix
View File

5
common.nix → roles/common.nix
View File

@ -28,6 +28,8 @@
};
};
fonts.fonts = with pkgs; [cascadia-code];
environment.systemPackages = with pkgs; [
file
pciutils
@ -41,12 +43,13 @@
restic
binutils
neovim
home-manager
ripgrep
tmux
parted
unzip
tree
smartmontools
nmap
ripgrep
];
}

20
roles/gnome.nix Normal file
View File

@ -0,0 +1,20 @@
{ pkgs, ... }:
{
services = {
xserver = {
enable = true;
displayManager.gdm.enable = true;
desktopManager.gnome.enable = true;
libinput.enable = true;
layout = "us";
xkbOptions = "eurosign:e";
};
dbus.packages = with pkgs; [ gnome3.dconf ];
udev.packages = with pkgs; [ gnome3.gnome-settings-daemon ];
};
environment.systemPackages = with pkgs; [ gnomeExtensions.appindicator ];
security.pam.services.gdm.enableGnomeKeyring = true;
}

16
home/code.nix → roles/home/code.nix
View File

@ -6,10 +6,13 @@
home.packages = with pkgs; [
nixfmt
vscode
jetbrains.idea-ultimate
];
programs.neovim = {
enable = true;
#package = pkgs.unstable.neovim-unwrapped;
extraConfig = ''
" syntax
syntax enable
@ -22,9 +25,9 @@
set wildmode=longest:full,full
" remapping popup menu (command autocompletion)
" cnoremap <expr> <up> pumvisible() ? "<C-p>" : "<up>
" cnoremap <expr> <down> pumvisible() ? "<C-n>" : "<down>"
" cnoremap <expr> <CR> pumvisible() ? "<C-e>":"<CR>"
" cnoremap <expr> <up> pumvisible() ? "<C-p>" : "<up>
" cnoremap <expr> <down> pumvisible() ? "<C-n>" : "<down>"
" cnoremap <expr> <CR> pumvisible() ? "<C-e>":"<CR>"
" set line numbers
set number
@ -65,6 +68,12 @@
" Fix for code not being aligned if between comment blocks
set cindent cinkeys-=0#
set expandtab shiftwidth=2 tabstop=2 softtabstop=2
set statusline+=%#warningmsg#
set statusline+=%{SyntasticStatuslineFlag()}
set statusline+=%*
'';
viAlias = true;
@ -83,6 +92,7 @@
vim-fugitive
vim-yaml
vim-autoformat
vimtex
];
};

22
home/default.nix → roles/home/default.nix
View File

@ -19,7 +19,6 @@ in
./ssh.nix
];
nixpkgs.config.allowUnfree = true;
home = {
stateVersion = "21.05";
@ -29,16 +28,13 @@ in
};
packages = with pkgs; [
# essentials
albert
guake
# browsers
firefox
brave
chromium
# reversing
rizin
nmap
@ -49,19 +45,25 @@ in
discord
element-desktop
# music
spotify
# misc
bind
# system
gparted
sshfs
# autostart
libreoffice
albert_autostart
guake_autostart
];
};
}
};
programs = {
direnv = {
enable = true;
nix-direnv.enable = true;
nix-direnv.enableFlakes = true;
};
};
}

0
home/git.nix → roles/home/git.nix
View File

0
home/gnome.nix → roles/home/gnome.nix
View File

5
home/ssh.nix → roles/home/ssh.nix
View File

@ -4,6 +4,11 @@
compression = true;
matchBlocks = {
"giugl.io" = {
user = "root";
identityFile = "~/.ssh/architectproxy";
};
"tommy.devs.giugl.io" = {
user = "giulio";
identityFile = "~/.ssh/tommypc";

6
home/zsh.nix → roles/home/zsh.nix
View File

@ -1,5 +1,5 @@
{ config, pkgs, lib, ... }: {
home.packages = with pkgs; [ zsh ];
home.packages = with pkgs; [ zsh any-nix-shell ];
programs.zsh = {
enable = true;
@ -9,5 +9,9 @@
plugins = [ "git" "sudo" "docker" "docker-compose" "adb" "systemd" ];
theme = "bira";
};
initExtra = ''
any-nix-shell zsh --info-right | source /dev/stdin
'';
};
}

8
roles/zsh.nix Normal file
View File

@ -0,0 +1,8 @@
{ ... }:
{
programs.zsh = {
enableBashCompletion = true;
enableCompletion = true;
};
}

35
users.nix
View File

@ -1,35 +0,0 @@
{config, pkgs, home-manager, ...}:
{
users.users = {
giulio = {
description = "Giulio De Pasquale";
isNormalUser = true;
shell = pkgs.zsh;
extraGroups = [ "wheel" "docker" "networkmanager" ];
};
root = {
shell = pkgs.zsh;
};
};
programs.zsh = {
enableBashCompletion = true;
enableCompletion = true;
};
home-manager.users.root = {
imports = [ ./home/zsh.nix ./home/ssh.nix ./home/code.nix ];
};
home-manager.users.giulio = {
imports = [ ./home ];
};
fileSystems."/home/giulio/Downloads" = {
device = "tmpfs";
fsType = "tmpfs";
options = ["size=3G"];
};
}

12
variables.nix
View File

@ -1,12 +0,0 @@
{ config, lib, ... }:
with lib;
{
options.variables = mkOption {
type = types.attrs;
default = {};
};
config._module.args.variables = config.variables;
}