diff --git a/.gitmodules b/.gitmodules new file mode 100644 index 0000000..6680f54 --- /dev/null +++ b/.gitmodules @@ -0,0 +1,6 @@ +[submodule "pkgs/binaryninja"] + path = pkgs/binaryninja + url = ssh://gitea@git.giugl.io:10022/peperunas/binaryninja.git +[submodule "pkgs/ida"] + path = pkgs/ida + url = ssh://gitea@git.giugl.io:10022/peperunas/ida.git diff --git a/flake.nix b/flake.nix index e217ad0..fe8c943 100644 --- a/flake.nix +++ b/flake.nix @@ -8,13 +8,29 @@ }; }; - outputs = { self, nixpkgs, nixos-unstable, home-manager }: let - util = import ./utils.nix { inherit nixpkgs nixos-unstable home-manager; }; + outputs = inputs @ { self, nixpkgs, nixos-unstable, home-manager }: let + system = "x86_64-linux"; + + pkgs = import nixpkgs { + inherit system; + config.allowUnfree = true; + overlays = [ (final: prev: { inherit unstable; }) ]; + }; + + unstable = import nixos-unstable { + inherit system; + config.allowUnfree = true; + }; + + utils = import ./lib { inherit pkgs unstable nixpkgs nixos-unstable home-manager; }; + + inherit (utils) host; + inherit (utils) user; in { nixosConfigurations = { - architect = util.mkHost { name = "architect"; }; - gAluminum = util.mkHost { name = "gAluminum"; }; - proxy = util.mkHost { name = "proxy"; }; + architect = host.mkHost { name = "architect"; users = [ { user = "giulio"; } ]; }; + gAluminum = host.mkHost { name = "gAluminum"; users = [ { user = "giulio"; roles = [ "desktop" "ssh" "git" ]; } ]; roles = [ "gnome" ]; }; + proxy = host.mkHost { name = "proxy"; }; }; }; } diff --git a/home/default.nix b/home/default.nix deleted file mode 100644 index df495b4..0000000 --- a/home/default.nix +++ /dev/null @@ -1,67 +0,0 @@ -{ config, pkgs, ... }: - -let - albert_autostart = (pkgs.makeAutostartItem { - name = "albert"; - package = pkgs.albert; - }); - guake_autostart = (pkgs.makeAutostartItem { - name = "guake"; - package = pkgs.guake; - }); -in - { - imports = [ - ./zsh.nix - ./code.nix - ./git.nix - ./gnome.nix - ./ssh.nix - ]; - - nixpkgs.config.allowUnfree = true; - - home = { - stateVersion = "21.05"; - sessionVariables = { - EDITOR = "nvim"; - VISUAL = "nvim"; - }; - - packages = with pkgs; [ - # essentials - albert - guake - - # browsers - firefox - brave - chromium - - # reversing - rizin - - nmap - - slack - signal-desktop - teams - discord - element-desktop - - # music - spotify - - # misc - bind - - # system - gparted - sshfs - - # autostart - albert_autostart - guake_autostart - ]; -}; -} diff --git a/hosts/gAluminum/default.nix b/hosts/gAluminum/default.nix index 6a26534..4dd6b04 100644 --- a/hosts/gAluminum/default.nix +++ b/hosts/gAluminum/default.nix @@ -5,14 +5,11 @@ let in { imports = [ ./hardware.nix - ../../variables.nix - ../../common.nix - ../../users.nix + ./wireguard.nix ]; - - variables.hostname = hostname; boot = { + supportedFilesystems = [ "ntfs" ]; loader = { efi.canTouchEfiVariables = true; efi.efiSysMountPoint = "/boot/efi"; @@ -30,68 +27,22 @@ in { networking = { hostName = hostname; - - wg-quick.interfaces = { - giupi = { - address = ["10.3.0.2/32"]; - privateKeyFile = "/etc/wireguard/giupi.key"; - dns = ["10.3.0.1"]; - peers = [ - { - publicKey = "I4glUMvIGjjhvQMKhwGc8copPl2t9Us/YYRjT0BKuiw="; - allowedIPs = ["0.0.0.0/0"]; - endpoint = "giugl.io:1194"; - persistentKeepalive = 25; - } - ]; - }; + networkmanager.wifi = { + powersave = false; + macAddress = "random"; }; }; time.timeZone = "Europe/London"; - services = { - xserver = { - enable = true; - displayManager.gdm.enable = true; - desktopManager.gnome.enable = true; - libinput.enable = true; - layout = "us"; - xkbOptions = "eurosign:e"; - }; - - printing.enable = true; - dbus.packages = with pkgs; [ gnome3.dconf ]; - udev.packages = with pkgs; [ gnome3.gnome-settings-daemon ]; - }; + virtualisation.virtualbox.host.enable = true; + virtualisation.virtualbox.host.enableExtensionPack = true; + users.extraGroups.vboxusers.members = [ "giulio" ]; + services.printing.enable = true; sound.enable = true; hardware.pulseaudio.enable = true; - - environment.systemPackages = with pkgs; [ - wget - git - pciutils - curl - virtualbox - cmake - ninja - gdb - htop - glances - tcpdump - restic - gnomeExtensions.appindicator - binutils - efibootmgr - neovim - home-manager - ]; - - fonts.fonts = with pkgs; [cascadia-code]; - + environment.systemPackages = with pkgs; [ efibootmgr ]; system.stateVersion = "21.05"; # Did you read the comment? - - security.pam.services.gdm.enableGnomeKeyring = true; } diff --git a/hosts/gAluminum/wireguard.nix b/hosts/gAluminum/wireguard.nix new file mode 100644 index 0000000..72a6b00 --- /dev/null +++ b/hosts/gAluminum/wireguard.nix @@ -0,0 +1,17 @@ +{ + networking.wg-quick.interfaces = { + giupi = { + address = ["10.3.0.2/32"]; + privateKeyFile = "/etc/wireguard/giupi.key"; + dns = ["10.3.0.1"]; + peers = [ + { + publicKey = "I4glUMvIGjjhvQMKhwGc8copPl2t9Us/YYRjT0BKuiw="; + allowedIPs = ["0.0.0.0/0"]; + endpoint = "architect.devs.giugl.io:1194"; + persistentKeepalive = 25; + } + ]; + }; + }; +} diff --git a/lib/default.nix b/lib/default.nix new file mode 100644 index 0000000..0423072 --- /dev/null +++ b/lib/default.nix @@ -0,0 +1,5 @@ +{ pkgs, unstable, nixpkgs, nixos-unstable, home-manager, ...}: +rec { + user = import ./user.nix { inherit pkgs; }; + host = import ./host.nix { inherit pkgs nixpkgs unstable nixos-unstable home-manager user; }; +} diff --git a/lib/host.nix b/lib/host.nix new file mode 100644 index 0000000..d52facf --- /dev/null +++ b/lib/host.nix @@ -0,0 +1,40 @@ +{ pkgs, nixpkgs, nixos-unstable, unstable, home-manager, user, ... }: + +{ + mkHost = { name, users, roles ? [] }: + let + system = "x86_64-linux"; + + mkRole = role : import (../roles + "/${role}.nix"); + + users_mod= (map (u: user.mkUser {name = u.user; roles= u.roles; }) users); + roles_mod = (map (r: mkRole r) roles); + in nixpkgs.lib.nixosSystem { + inherit system; + + modules = [ + { + imports = users_mod ++ roles_mod; + + nixpkgs.pkgs = pkgs; + nix.nixPath = [ + "nixpkgs=${nixpkgs}" + "unstable=${nixos-unstable}" + ]; + nix.registry.nixpkgs.flake = nixpkgs; + nix.registry.unstable.flake = nixos-unstable; + + users.users.root = { + shell = pkgs.zsh; + }; + + home-manager.users.root.imports = [ ../roles/home/common.nix ]; + } + + home-manager.nixosModules.home-manager + ../roles/common.nix + ../roles/acme.nix + ../hosts/${name}/default.nix + ]; + }; +} diff --git a/lib/user.nix b/lib/user.nix new file mode 100644 index 0000000..18b055f --- /dev/null +++ b/lib/user.nix @@ -0,0 +1,23 @@ +{ pkgs, ...}: + +{ + mkUser = { name, roles ? [] }: + let + mkRole = role: import (../roles/home + "/${role}.nix"); + roles_mod = (map (r: mkRole r) roles); + in { + fileSystems."/home/${name}/Downloads" = { + device = "tmpfs"; + fsType = "tmpfs"; + options = ["size=3G"]; + }; + + users.users.${name} = { + isNormalUser = true; + shell = pkgs.zsh; + extraGroups = [ "wheel" ]; + }; + + home-manager.users.${name}.imports = [ ../roles/home/common.nix ] ++ roles_mod; + }; +} diff --git a/pkgs/binaryninja b/pkgs/binaryninja new file mode 160000 index 0000000..8ed0f28 --- /dev/null +++ b/pkgs/binaryninja @@ -0,0 +1 @@ +Subproject commit 8ed0f28dc78dfc482c397056b73a6a1e680e8af0 diff --git a/pkgs/ida b/pkgs/ida new file mode 160000 index 0000000..fe8eed0 --- /dev/null +++ b/pkgs/ida @@ -0,0 +1 @@ +Subproject commit fe8eed08ff9f6e09abaa8216beaa45aa83767862 diff --git a/acme.nix b/roles/acme.nix similarity index 100% rename from acme.nix rename to roles/acme.nix diff --git a/common.nix b/roles/common.nix similarity index 91% rename from common.nix rename to roles/common.nix index cfe90da..d9a581c 100644 --- a/common.nix +++ b/roles/common.nix @@ -28,6 +28,8 @@ }; }; + fonts.fonts = with pkgs; [cascadia-code]; + environment.systemPackages = with pkgs; [ file pciutils @@ -41,12 +43,13 @@ restic binutils neovim - home-manager ripgrep tmux parted unzip tree smartmontools + nmap + ripgrep ]; } diff --git a/roles/gnome.nix b/roles/gnome.nix new file mode 100644 index 0000000..0b4fc52 --- /dev/null +++ b/roles/gnome.nix @@ -0,0 +1,20 @@ +{ pkgs, ... }: + +{ + services = { + xserver = { + enable = true; + displayManager.gdm.enable = true; + desktopManager.gnome.enable = true; + libinput.enable = true; + layout = "us"; + xkbOptions = "eurosign:e"; + }; + + dbus.packages = with pkgs; [ gnome3.dconf ]; + udev.packages = with pkgs; [ gnome3.gnome-settings-daemon ]; + }; + + environment.systemPackages = with pkgs; [ gnomeExtensions.appindicator ]; + security.pam.services.gdm.enableGnomeKeyring = true; +} diff --git a/home/code.nix b/roles/home/common.nix similarity index 78% rename from home/code.nix rename to roles/home/common.nix index cee2e5b..fe1b6a2 100644 --- a/home/code.nix +++ b/roles/home/common.nix @@ -1,15 +1,26 @@ -{ config, pkgs, lib, home, ... }: +{ config, pkgs, ... }: -{ - nixpkgs.config.allowUnfree = true; +{ + imports = [ ./zsh.nix ]; - home.packages = with pkgs; [ - nixfmt - vscode - ]; + home = { + stateVersion = "21.05"; + sessionVariables = { + EDITOR = "nvim"; + VISUAL = "nvim"; + }; + + packages = with pkgs; [ + rizin + sshfs + nixfmt + ]; + }; programs.neovim = { enable = true; + #package = pkgs.unstable.neovim-unwrapped; + extraConfig = '' " syntax syntax enable @@ -22,9 +33,9 @@ set wildmode=longest:full,full " remapping popup menu (command autocompletion) -" cnoremap pumvisible() ? "" : " -" cnoremap pumvisible() ? "" : "" -" cnoremap pumvisible() ? "":"" + " cnoremap pumvisible() ? "" : " + " cnoremap pumvisible() ? "" : "" + " cnoremap pumvisible() ? "":"" " set line numbers set number @@ -65,6 +76,10 @@ " Fix for code not being aligned if between comment blocks set cindent cinkeys-=0# set expandtab shiftwidth=2 tabstop=2 softtabstop=2 + + set statusline+=%#warningmsg# + set statusline+=%{SyntasticStatuslineFlag()} + set statusline+=%* ''; viAlias = true; @@ -83,7 +98,7 @@ vim-fugitive vim-yaml vim-autoformat + vimtex ]; }; - } diff --git a/roles/home/desktop.nix b/roles/home/desktop.nix new file mode 100644 index 0000000..323ad24 --- /dev/null +++ b/roles/home/desktop.nix @@ -0,0 +1,42 @@ +{ pkgs, ... }: + +let + albert_autostart = (pkgs.makeAutostartItem { + name = "albert"; + package = pkgs.albert; + }); + guake_autostart = (pkgs.makeAutostartItem { + name = "guake"; + package = pkgs.guake; + }); +in + { + imports = [ ./gnome.nix ]; + + nixpkgs.config.allowUnfree = true; + home.packages = with pkgs; [ + albert + guake + + firefox + brave + chromium + + slack + signal-desktop + teams + discord + element-desktop + + spotify + + gparted + + libreoffice + vscode + jetbrains.idea-ultimate + + albert_autostart + guake_autostart + ]; + } diff --git a/home/git.nix b/roles/home/git.nix similarity index 100% rename from home/git.nix rename to roles/home/git.nix diff --git a/home/gnome.nix b/roles/home/gnome.nix similarity index 100% rename from home/gnome.nix rename to roles/home/gnome.nix diff --git a/home/ssh.nix b/roles/home/ssh.nix similarity index 97% rename from home/ssh.nix rename to roles/home/ssh.nix index b72e2db..c01b34b 100644 --- a/home/ssh.nix +++ b/roles/home/ssh.nix @@ -4,6 +4,11 @@ compression = true; matchBlocks = { + "giugl.io" = { + user = "root"; + identityFile = "~/.ssh/architectproxy"; + }; + "tommy.devs.giugl.io" = { user = "giulio"; identityFile = "~/.ssh/tommypc"; diff --git a/home/zsh.nix b/roles/home/zsh.nix similarity index 61% rename from home/zsh.nix rename to roles/home/zsh.nix index bd76a89..cf12329 100644 --- a/home/zsh.nix +++ b/roles/home/zsh.nix @@ -1,5 +1,5 @@ { config, pkgs, lib, ... }: { - home.packages = with pkgs; [ zsh ]; + home.packages = with pkgs; [ zsh any-nix-shell ]; programs.zsh = { enable = true; @@ -9,5 +9,9 @@ plugins = [ "git" "sudo" "docker" "docker-compose" "adb" "systemd" ]; theme = "bira"; }; + + initExtra = '' + any-nix-shell zsh --info-right | source /dev/stdin + ''; }; } diff --git a/roles/zsh.nix b/roles/zsh.nix new file mode 100644 index 0000000..6eb0786 --- /dev/null +++ b/roles/zsh.nix @@ -0,0 +1,8 @@ +{ ... }: + +{ + programs.zsh = { + enableBashCompletion = true; + enableCompletion = true; + }; +} diff --git a/users.nix b/users.nix deleted file mode 100644 index 3996b42..0000000 --- a/users.nix +++ /dev/null @@ -1,35 +0,0 @@ -{config, pkgs, home-manager, ...}: - -{ - users.users = { - giulio = { - description = "Giulio De Pasquale"; - isNormalUser = true; - shell = pkgs.zsh; - extraGroups = [ "wheel" "docker" "networkmanager" ]; - }; - - root = { - shell = pkgs.zsh; - }; - }; - - programs.zsh = { - enableBashCompletion = true; - enableCompletion = true; - }; - - home-manager.users.root = { - imports = [ ./home/zsh.nix ./home/ssh.nix ./home/code.nix ]; - }; - - home-manager.users.giulio = { - imports = [ ./home ]; - }; - - fileSystems."/home/giulio/Downloads" = { - device = "tmpfs"; - fsType = "tmpfs"; - options = ["size=3G"]; - }; -} diff --git a/utils.nix b/utils.nix deleted file mode 100644 index 6a2c8e6..0000000 --- a/utils.nix +++ /dev/null @@ -1,38 +0,0 @@ -{ nixos-unstable, nixpkgs, home-manager, ... }: - -{ - mkHost = {name}: - let - system = "x86_64-linux"; - - unstable = import nixos-unstable { - inherit system; - config.allowUnfree = true; - }; - - pkgs = import nixpkgs { - inherit system; - config.allowUnfree = true; - overlays = [ (final: prev: { inherit unstable; }) ]; - }; - in nixpkgs.lib.nixosSystem { - inherit system; - modules = [ - { - nixpkgs.pkgs = pkgs; - nix.nixPath = [ - "nixpkgs=${nixpkgs}" - "unstable=${nixos-unstable}" - ]; - nix.registry.nixpkgs.flake = nixpkgs; - nix.registry.unstable.flake = nixos-unstable; - } - - ./common.nix - ./users.nix - home-manager.nixosModules.home-manager - ./hosts/${name}/default.nix - ./acme.nix - ]; - }; -} diff --git a/variables.nix b/variables.nix deleted file mode 100644 index 8516086..0000000 --- a/variables.nix +++ /dev/null @@ -1,12 +0,0 @@ -{ config, lib, ... }: - -with lib; - -{ - options.variables = mkOption { - type = types.attrs; - default = {}; - }; - - config._module.args.variables = config.variables; -}