Enterprise: Goodbye, old friend..
Gone, but not forgotten (thanks, Git), Enterprise will live on in our memories (and git log). With this commit, we have finally let go of: - sound - networking - hw - nvidia And some more stuff from home.nix and configuration.nix for Enterprise. I'll probably come back to this commit to refer to it in future, so ite better to leave as many clues here as possible.
This commit is contained in:
parent
19590f6695
commit
d6bf7ac375
20 changed files with 0 additions and 905 deletions
32
flake.nix
32
flake.nix
|
@ -47,38 +47,6 @@
|
|||
nixosConfigurations = {
|
||||
|
||||
# The Workhorse
|
||||
enterprise = nixpkgs.lib.nixosSystem {
|
||||
system = "x86_64-linux";
|
||||
modules = common-modules ++ [
|
||||
|
||||
# Overlays
|
||||
{ nixpkgs.overlays = [ emacs-overlay.overlay ]; }
|
||||
|
||||
# Modules and module config
|
||||
./modules/fish.nix
|
||||
./modules/plasma-desktop.nix
|
||||
./modules/fonts.nix
|
||||
./modules/users.nix
|
||||
|
||||
# Host-specific config
|
||||
./hosts/enterprise/hw.nix
|
||||
./hosts/enterprise/networking.nix
|
||||
./hosts/enterprise/sound.nix
|
||||
./hosts/enterprise/nvidia.nix
|
||||
./hosts/enterprise/configuration.nix
|
||||
|
||||
# User-specific config : Home-manager
|
||||
home-manager.nixosModules.home-manager
|
||||
{
|
||||
home-manager.useGlobalPkgs = true;
|
||||
home-manager.useUserPackages = true;
|
||||
home-manager.users.payas = import ./hosts/enterprise/home.nix;
|
||||
}
|
||||
|
||||
];
|
||||
};
|
||||
|
||||
# The (new) Workhorse
|
||||
hermes = nixpkgs.lib.nixosSystem {
|
||||
system = "x86_64-linux";
|
||||
modules = common-modules ++ [
|
||||
|
|
|
@ -1,274 +0,0 @@
|
|||
{ config, pkgs, options, ... }:
|
||||
|
||||
# Automated Backup and backup notification configuration for NixOS
|
||||
# Using:
|
||||
# 1. Restic : encryption, snapshots, dedeuplication
|
||||
# 2. Rclone : access to free storages (Google Drive, OneDrive etc)
|
||||
# 3. Systemd/NixOS : automation, notifications etc
|
||||
# 4. (DBus) : desktop notifications, provided by Plasma desktop
|
||||
let
|
||||
payas = "payas";
|
||||
in
|
||||
{
|
||||
environment.systemPackages = with pkgs; [
|
||||
restic # It is included in system by restic service, but its useful to have the package in PATH to remove occasional locks
|
||||
rsync
|
||||
rclone
|
||||
];
|
||||
|
||||
# Le Backups!! Test them every month or so, just to be sure
|
||||
services.restic.backups =
|
||||
let
|
||||
defaultPruneOpts = [
|
||||
"--keep-last 10"
|
||||
"--keep-hourly 3"
|
||||
"--keep-daily 4"
|
||||
"--keep-weekly 3"
|
||||
"--keep-monthly 3"
|
||||
];
|
||||
defaultBackupFrequency = "hourly";
|
||||
in
|
||||
{
|
||||
# maildir (for one email account, on a shared folder curtosy of family member)
|
||||
maildir_relekarpayas_onedrive_shared = {
|
||||
user = payas;
|
||||
repository = "rclone:relekarpayas_onedrive_shared:/payas_backup/maildir_rpg";
|
||||
initialize = false; # for now, I want to control repo intialization myself
|
||||
passwordFile = config.age.secrets.maildir_relekarpayas_onedrive.path;
|
||||
paths = [ "/home/payas/.mail/" ];
|
||||
# Run our nice little service every hour. If this proves too taxing, increase duration or give out fixed time.
|
||||
timerConfig.OnCalendar = defaultBackupFrequency;
|
||||
pruneOpts = defaultPruneOpts;
|
||||
};
|
||||
|
||||
# Syncthing dir
|
||||
syncthing_googledrive = {
|
||||
user = payas;
|
||||
repository = "rclone:relekarpayas_googledrive:/syncthing";
|
||||
initialize = false; # for now, I want to control repo intialization myself
|
||||
passwordFile = config.age.secrets.syncthing_relekarpayas_googledrive.path;
|
||||
paths = [ "/home/payas/Syncthing/" ];
|
||||
# Ignore Media dir because it contains non-essential and heavy media files
|
||||
extraBackupArgs = [ "--exclude=/home/payas/Syncthing/Media" ];
|
||||
# Run our nice little service every hour. If this proves too taxing, increase duration or give out fixed time.
|
||||
timerConfig.OnCalendar = defaultBackupFrequency;
|
||||
pruneOpts = defaultPruneOpts;
|
||||
};
|
||||
|
||||
syncthing_onedrive_shared = {
|
||||
user = payas;
|
||||
repository = "rclone:relekarpayas_onedrive_shared:/payas_backup/Syncthing";
|
||||
initialize = false; # for now, I want to control repo intialization myself
|
||||
passwordFile = config.age.secrets.syncthing_relekarpayas_onedrive.path;
|
||||
paths = [ "/home/payas/Syncthing/" ];
|
||||
# Ignore Media dir because it contains non-essential and heavy media files
|
||||
extraBackupArgs = [ "--exclude=/home/payas/Syncthing/Media" ];
|
||||
# Run our nice little service every hour. If this proves too taxing, increase duration or give out fixed time.
|
||||
timerConfig.OnCalendar = defaultBackupFrequency;
|
||||
pruneOpts = defaultPruneOpts;
|
||||
};
|
||||
|
||||
# Org-mode notes
|
||||
org_googledrive = {
|
||||
user = payas;
|
||||
repository = "rclone:relekarpayas_googledrive:/org";
|
||||
initialize = false; # for now, I want to control repo intialization myself
|
||||
passwordFile = config.age.secrets.org_relekarpayas_googledrive.path;
|
||||
paths = [ "/home/payas/org/" ];
|
||||
# Run our nice little service every hour. If this proves too taxing, increase duration or give out fixed time.
|
||||
timerConfig.OnCalendar = defaultBackupFrequency;
|
||||
pruneOpts = defaultPruneOpts;
|
||||
};
|
||||
|
||||
org_onedrive_shared = {
|
||||
user = payas;
|
||||
repository = "rclone:relekarpayas_onedrive_shared:/payas_backup/org";
|
||||
initialize = false; # for now, I want to control repo intialization myself
|
||||
passwordFile = config.age.secrets.org_relekarpayas_onedrive.path;
|
||||
paths = [ "/home/payas/org/" ];
|
||||
# Run our nice little service every hour. If this proves too taxing, increase duration or give out fixed time.
|
||||
timerConfig.OnCalendar = defaultBackupFrequency;
|
||||
pruneOpts = defaultPruneOpts;
|
||||
};
|
||||
};
|
||||
|
||||
# Le Backup notifications : So I find out about success/failure of backups without having to check logs every now and then
|
||||
# This generates actual desktop notifications, and integrates nicely (as long as DBus is accessible to service)
|
||||
#
|
||||
# Backup notification idea (for now) is this:
|
||||
# 1. Detect service failure: handled by systemd
|
||||
# 2. Invoke alert service: handled by systemd
|
||||
# 3. touch a BACKUP_Failure file in ~: probably unnecessary, but I intent to delete these files after
|
||||
# investigating/fixing failures so as to have greater visibility and
|
||||
# don't want file-not-exist conflicts
|
||||
# 4. Show desktop notification for exactly which backup failed
|
||||
systemd.services =
|
||||
let
|
||||
defaultBackupServiceEnv = {
|
||||
DBUS_SESSION_BUS_ADDRESS = "unix:path=/run/user/1000/bus";
|
||||
};
|
||||
defaultDescr = "Backup notification";
|
||||
failureDescr = ": Failure: ";
|
||||
orgDescr = "Org";
|
||||
syncthingDescr = "Syncthing";
|
||||
maildirDescr = "Maildir";
|
||||
googDescr = "goog";
|
||||
msDescr = "ms";
|
||||
oneshot = "oneshot";
|
||||
backupFailedPrefix = "/home/payas/BACKUP_FAILED";
|
||||
in
|
||||
{
|
||||
# Syncthing failure notification
|
||||
backup-failure-alert-syncthing-goog = {
|
||||
description = defaultDescr + failureDescr + syncthingDescr;
|
||||
environment = defaultBackupServiceEnv;
|
||||
serviceConfig = {
|
||||
Type = oneshot;
|
||||
ExecStart = [
|
||||
"${pkgs.coreutils}/bin/touch '${backupFailedPrefix}_${syncthingDescr}_${googDescr}'"
|
||||
"${pkgs.libnotify}/bin/notify-send --hint='string:desktop-entry:org.kde.konsole' 'Backup failure: Syncthing: Goog'"
|
||||
];
|
||||
User = payas;
|
||||
};
|
||||
};
|
||||
|
||||
# Syncthing success: Remove failure indicator file if present
|
||||
backup-success-alert-syncthing-goog = {
|
||||
description = "Syncthing_goog backup success: Remove failure indicator file if present";
|
||||
environment = defaultBackupServiceEnv;
|
||||
serviceConfig = {
|
||||
Type = oneshot;
|
||||
ExecStart = [
|
||||
"${pkgs.coreutils}/bin/rm '${backupFailedPrefix}_${syncthingDescr}_${googDescr}'"
|
||||
];
|
||||
User = payas;
|
||||
};
|
||||
};
|
||||
# Configure notification services for restic backup service
|
||||
restic-backups-syncthing_googledrive = {
|
||||
onFailure = [ "backup-failure-alert-syncthing-goog.service" ];
|
||||
unitConfig.OnSuccess = [ "backup-success-alert-syncthing-goog.service" ];
|
||||
};
|
||||
|
||||
backup-failure-alert-syncthing-ms = {
|
||||
description = defaultDescr + failureDescr + syncthingDescr;
|
||||
environment = defaultBackupServiceEnv;
|
||||
serviceConfig = {
|
||||
Type = oneshot;
|
||||
ExecStart = [
|
||||
"${pkgs.coreutils}/bin/touch '${backupFailedPrefix}_${syncthingDescr}_${msDescr}'"
|
||||
"${pkgs.libnotify}/bin/notify-send --hint='string:desktop-entry:org.kde.konsole' 'Backup failure: Syncthing: MS'"
|
||||
];
|
||||
User = payas;
|
||||
};
|
||||
};
|
||||
|
||||
backup-success-alert-syncthing-ms = {
|
||||
description = "Syncthing_ms backup success: Remove failure indicator file if present";
|
||||
environment = defaultBackupServiceEnv;
|
||||
serviceConfig = {
|
||||
Type = oneshot;
|
||||
ExecStart = [
|
||||
"${pkgs.coreutils}/bin/rm '${backupFailedPrefix}_${syncthingDescr}_${msDescr}'"
|
||||
];
|
||||
User = payas;
|
||||
};
|
||||
};
|
||||
restic-backups-syncthing_onedrive_shared = {
|
||||
onFailure = [ "backup-failure-alert-syncthing-ms.service" ];
|
||||
unitConfig.OnSuccess = [ "backup-success-alert-syncthing-ms.service" ];
|
||||
};
|
||||
|
||||
# Org failure notification
|
||||
backup-failure-alert-org-goog = {
|
||||
description = defaultDescr + failureDescr + orgDescr;
|
||||
environment = defaultBackupServiceEnv;
|
||||
serviceConfig = {
|
||||
Type = oneshot;
|
||||
ExecStart = [
|
||||
"${pkgs.coreutils}/bin/touch '${backupFailedPrefix}_${orgDescr}_${googDescr}'"
|
||||
"${pkgs.libnotify}/bin/notify-send --hint='string:desktop-entry:org.kde.konsole' 'Backup failure: Org: Goog'"
|
||||
];
|
||||
User = payas;
|
||||
};
|
||||
};
|
||||
|
||||
# Org success: Remove failure indicator file if present
|
||||
backup-success-alert-org-goog = {
|
||||
description = "Org backup success: Remove failure indicator file if present";
|
||||
environment = defaultBackupServiceEnv;
|
||||
serviceConfig = {
|
||||
Type = oneshot;
|
||||
ExecStart = [
|
||||
"${pkgs.coreutils}/bin/rm '${backupFailedPrefix}_${orgDescr}_${googDescr}'"
|
||||
];
|
||||
User = payas;
|
||||
};
|
||||
};
|
||||
# Configure notification services for restic backup service
|
||||
restic-backups-org_googledrive = {
|
||||
onFailure = [ "backup-failure-alert-org-goog.service" ];
|
||||
unitConfig.OnSuccess = [ "backup-success-alert-org-goog.service" ];
|
||||
};
|
||||
|
||||
backup-failure-alert-org-ms = {
|
||||
description = defaultDescr + failureDescr + syncthingDescr;
|
||||
environment = defaultBackupServiceEnv;
|
||||
serviceConfig = {
|
||||
Type = oneshot;
|
||||
ExecStart = [
|
||||
"${pkgs.coreutils}/bin/touch '${backupFailedPrefix}_${orgDescr}_${msDescr}'"
|
||||
"${pkgs.libnotify}/bin/notify-send --hint='string:desktop-entry:org.kde.konsole' 'Backup failure: Org: MS'"
|
||||
];
|
||||
User = payas;
|
||||
};
|
||||
};
|
||||
|
||||
backup-success-alert-org-ms = {
|
||||
description = "${orgDescr}_${msDescr} backup success: Remove failure indicator file if present";
|
||||
environment = defaultBackupServiceEnv;
|
||||
serviceConfig = {
|
||||
Type = oneshot;
|
||||
ExecStart = [
|
||||
"${pkgs.coreutils}/bin/rm '${backupFailedPrefix}_${orgDescr}_${msDescr}'"
|
||||
];
|
||||
User = payas;
|
||||
};
|
||||
};
|
||||
restic-backups-org_onedrive_shared = {
|
||||
onFailure = [ "backup-failure-alert-org-ms.service" ];
|
||||
unitConfig.OnSuccess = [ "backup-success-alert-org-ms.service" ];
|
||||
};
|
||||
|
||||
# Maildir backup failure notification
|
||||
backup-failure-alert-maildir_onedrive = {
|
||||
description = defaultDescr + failureDescr + maildirDescr;
|
||||
environment = defaultBackupServiceEnv;
|
||||
serviceConfig = {
|
||||
Type = oneshot;
|
||||
ExecStart = [
|
||||
"${pkgs.coreutils}/bin/touch '${backupFailedPrefix}_${maildirDescr}_${msDescr}'"
|
||||
"${pkgs.libnotify}/bin/notify-send --hint='string:desktop-entry:org.kde.konsole' 'Backup failure: Maildir: MS_shared'"
|
||||
];
|
||||
User = payas;
|
||||
};
|
||||
};
|
||||
|
||||
backup-success-alert-maildir-onedrive = {
|
||||
description = "Maildir backup success: Remove failure indicator file if present";
|
||||
environment = defaultBackupServiceEnv;
|
||||
serviceConfig = {
|
||||
Type = oneshot;
|
||||
ExecStart = [
|
||||
"${pkgs.coreutils}/bin/rm '${backupFailedPrefix}_${maildirDescr}_${msDescr}'"
|
||||
];
|
||||
User = payas;
|
||||
};
|
||||
};
|
||||
# Configure notification services for restic backup service
|
||||
restic-backups-maildir_relekarpayas_onedrive_shared = {
|
||||
onFailure = [ "backup-failure-alert-maildir_onedrive.service" ];
|
||||
unitConfig.OnSuccess = [ "backup-success-alert-maildir-onedrive.service" ];
|
||||
};
|
||||
};
|
||||
}
|
|
@ -1,56 +0,0 @@
|
|||
{ config, pkgs, ... }:
|
||||
{
|
||||
imports = [
|
||||
# Include the results of the hardware scan.
|
||||
./hardware-configuration.nix
|
||||
];
|
||||
|
||||
# Set your time zone.
|
||||
time.timeZone = "Asia/Kolkata";
|
||||
|
||||
# Reduce stupid systemd shutdown timer so it possibly takes less time next time
|
||||
systemd.extraConfig = ''
|
||||
DefaultTimeoutStopSec=10s
|
||||
'';
|
||||
|
||||
# This value determines the NixOS release with which your system is to be
|
||||
# compatible, in order to avoid breaking some software such as database
|
||||
# servers. You should change this only after NixOS release notes say you
|
||||
# should.
|
||||
system.stateVersion = "19.09"; # Did you read the comment?
|
||||
|
||||
nixpkgs = {
|
||||
config = {
|
||||
# Allow searching and installing proprietory packages
|
||||
allowUnfree = true;
|
||||
|
||||
# Accelerated playback, proprietory codecs etc
|
||||
packageOverrides = pkgs: {
|
||||
vaapiIntel = pkgs.vaapiIntel.override { enableHybridCodec = true; };
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
environment = {
|
||||
variables = {
|
||||
BROWSER = [ "firefox" ];
|
||||
EDITOR = [ "kwrite" ];
|
||||
};
|
||||
|
||||
systemPackages = with pkgs; [
|
||||
glxinfo
|
||||
inxi
|
||||
|
||||
# dev
|
||||
file
|
||||
|
||||
# System
|
||||
parted
|
||||
gparted
|
||||
pciutils
|
||||
acpi
|
||||
acpid
|
||||
lsof
|
||||
];
|
||||
};
|
||||
}
|
|
@ -1,62 +0,0 @@
|
|||
{ config, pkgs, emacs-overlay, ... }:
|
||||
|
||||
{
|
||||
nixpkgs.overlays = [ emacs-overlay.overlay ];
|
||||
|
||||
programs = {
|
||||
# Emacs Git (master branch, currently 29.0) with extra packages (that require native component)
|
||||
# Built via nix-community/emacs-overlay expressions
|
||||
emacs = {
|
||||
enable = true;
|
||||
package = pkgs.emacsPgtkNativeComp;
|
||||
extraPackages = epkgs: with epkgs; [
|
||||
pdf-tools
|
||||
org-pdftools
|
||||
emacsql
|
||||
emacsql-sqlite
|
||||
emacsql-sqlite-builtin
|
||||
(tree-sitter-langs.withPlugins (p: [
|
||||
p.tree-sitter-bash
|
||||
p.tree-sitter-css
|
||||
p.tree-sitter-html
|
||||
p.tree-sitter-java
|
||||
p.tree-sitter-javascript
|
||||
p.tree-sitter-json
|
||||
p.tree-sitter-nix
|
||||
p.tree-sitter-python
|
||||
]))
|
||||
];
|
||||
};
|
||||
|
||||
direnv = {
|
||||
enable = true;
|
||||
enableBashIntegration = true;
|
||||
enableFishIntegration = true;
|
||||
nix-direnv.enable = true;
|
||||
};
|
||||
};
|
||||
|
||||
home.packages = with pkgs; [
|
||||
binutils # native-comp needs 'as', provided by this
|
||||
sqlite # for org-roam
|
||||
gcc # also for org-roam
|
||||
# aspell is used by ispell for spell check
|
||||
(aspellWithDicts (dicts: with dicts; [
|
||||
en en-computers en-science mr ]))
|
||||
|
||||
beancount
|
||||
fava
|
||||
|
||||
imagemagick
|
||||
|
||||
tectonic # munging TeX better than texlive
|
||||
texlive.combined.scheme-full # because org-babel cannot use tectonic
|
||||
pandoc # convert doc formats
|
||||
# ghostscript # mungind pfds
|
||||
pdftk # munging pdfs in less incantation-y way
|
||||
|
||||
# Nix things
|
||||
nixpkgs-fmt
|
||||
rnix-lsp
|
||||
];
|
||||
}
|
|
@ -1,33 +0,0 @@
|
|||
# Do not modify this file! It was generated by ‘nixos-generate-config’
|
||||
# and may be overwritten by future invocations. Please make changes
|
||||
# to /etc/nixos/configuration.nix instead.
|
||||
{ config, lib, pkgs, modulesPath, ... }:
|
||||
# added modulesPath here^ so we can purely access modules path instead of using <>
|
||||
|
||||
{
|
||||
imports =
|
||||
[ "${modulesPath}/installer/scan/not-detected.nix"
|
||||
];
|
||||
|
||||
boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "nvme" "usb_storage" "sd_mod" "rtsx_usb_sdmmc" ];
|
||||
boot.initrd.kernelModules = [ ];
|
||||
boot.kernelModules = [ "kvm-intel" ];
|
||||
boot.extraModulePackages = [ ];
|
||||
|
||||
fileSystems."/" =
|
||||
{ device = "/dev/disk/by-uuid/79dd69ba-ea56-4479-a104-14f0ba6776b0";
|
||||
fsType = "ext4";
|
||||
};
|
||||
|
||||
fileSystems."/boot" =
|
||||
{ device = "/dev/disk/by-uuid/15A2-FD75";
|
||||
fsType = "vfat";
|
||||
};
|
||||
|
||||
swapDevices =
|
||||
[ { device = "/dev/disk/by-uuid/fc70026b-8b25-47b1-8190-d6c3d0f12975"; }
|
||||
];
|
||||
|
||||
nix.settings.max-jobs = lib.mkDefault 8;
|
||||
powerManagement.cpuFreqGovernor = lib.mkDefault "powersave";
|
||||
}
|
|
@ -1,46 +0,0 @@
|
|||
{ config, pkgs, ... }:
|
||||
|
||||
{
|
||||
imports = [
|
||||
../../modules/common-home.nix
|
||||
|
||||
home.packages = with pkgs; [
|
||||
# learn...things?
|
||||
anki
|
||||
|
||||
# security
|
||||
keepassxc # password management
|
||||
age # secrets management
|
||||
|
||||
# apps
|
||||
vlc
|
||||
strawberry
|
||||
picard # tag music tracks
|
||||
firefox-wayland
|
||||
soulseekqt
|
||||
appimage-run # for soulseek-qt
|
||||
|
||||
# communication
|
||||
element-desktop
|
||||
nheko
|
||||
|
||||
# utilities
|
||||
youtube-dl
|
||||
qbittorrent
|
||||
# digikam
|
||||
okular
|
||||
kcalc
|
||||
ark # munging archives
|
||||
unrar # So ark can open .rar files
|
||||
spectacle
|
||||
gwenview
|
||||
kate
|
||||
|
||||
libreoffice # thoroughly average grown up stuff
|
||||
|
||||
scanmem # cheating at games has never been more fun!
|
||||
|
||||
# Nix things
|
||||
niv
|
||||
];
|
||||
}
|
|
@ -1,63 +0,0 @@
|
|||
{ config, pkgs, ... }:
|
||||
|
||||
{
|
||||
boot = {
|
||||
loader = {
|
||||
efi = {
|
||||
canTouchEfiVariables = true;
|
||||
# assuming /boot is the mount point of the EFI partition in NixOS (as the installation section recommends).
|
||||
# efiSysMountPoint = "/boot";
|
||||
};
|
||||
grub = {
|
||||
devices = [ "nodev" ];
|
||||
efiSupport = true;
|
||||
enable = true;
|
||||
version = 2;
|
||||
# efiInstallAsRemovable = true;
|
||||
gfxmodeEfi = "1920x1080";
|
||||
useOSProber = true;
|
||||
fsIdentifier = "label";
|
||||
extraEntries = ''
|
||||
menuentry "Reboot" {
|
||||
reboot
|
||||
}
|
||||
menuentry "Poweroff" {
|
||||
halt
|
||||
}
|
||||
'';
|
||||
};
|
||||
};
|
||||
kernelPackages = pkgs.linuxPackages_latest;
|
||||
kernel.sysctl = { "net.ipv4.ip_forward" = 1; }; # IPv4 NAT networking
|
||||
|
||||
# Compile for aarch64 (Raspberry Pi) from this machine
|
||||
binfmt.emulatedSystems = [ "aarch64-linux" ];
|
||||
};
|
||||
|
||||
fileSystems."/mnt/Data" = {
|
||||
device = "/dev/sda4";
|
||||
fsType = "ntfs";
|
||||
options = [ "rw" "uid=1000" ];
|
||||
};
|
||||
|
||||
hardware = {
|
||||
enableRedistributableFirmware = true;
|
||||
acpilight.enable = true;
|
||||
|
||||
opengl = {
|
||||
enable = true;
|
||||
driSupport32Bit = true;
|
||||
extraPackages = with pkgs; [
|
||||
vaapiIntel
|
||||
libvdpau-va-gl
|
||||
intel-media-driver
|
||||
];
|
||||
};
|
||||
|
||||
bluetooth = {
|
||||
enable = true;
|
||||
package = pkgs.bluezFull;
|
||||
hsphfpd.enable = true;
|
||||
};
|
||||
};
|
||||
}
|
|
@ -1,68 +0,0 @@
|
|||
{ config, lib, pkgs, ... }:
|
||||
|
||||
with lib;
|
||||
let
|
||||
name = "Payas Relekar";
|
||||
maildir = "/home/payas/.mail";
|
||||
email = "relekarpayas@gmail.com";
|
||||
in
|
||||
{
|
||||
imports = [
|
||||
../../modules/common-home.nix
|
||||
];
|
||||
|
||||
accounts.email = {
|
||||
maildirBasePath = maildir;
|
||||
accounts = {
|
||||
Gmail = {
|
||||
address = email;
|
||||
userName = email;
|
||||
flavor = "gmail.com";
|
||||
# passwordCommand = "cat ${config.age.secrets.mu4e_gmail.path}";
|
||||
passwordCommand = "cat /run/agenix/mu4e_gmail"; # TODO: Make this use agenix path variable instead of hardcoded path
|
||||
primary = true;
|
||||
# gpg.encryptByDefault = true;
|
||||
mbsync = {
|
||||
enable = true;
|
||||
create = "both";
|
||||
expunge = "both";
|
||||
patterns = [ "*" "[Gmail]*" ]; # "[Gmail]/Sent Mail" ];
|
||||
};
|
||||
imap = {
|
||||
host = "imap.gmail.com";
|
||||
port = 993;
|
||||
tls.enable = true;
|
||||
};
|
||||
imapnotify = {
|
||||
enable = true;
|
||||
boxes = [ "INBOX" ];
|
||||
onNotifyPost = "${pkgs.libnotify}/bin/notify-send -h 'string:desktop-entry:emacs' 'New mail'";
|
||||
};
|
||||
realName = name;
|
||||
msmtp.enable = true;
|
||||
mu.enable = true;
|
||||
smtp = {
|
||||
host = "smtp.gmail.com";
|
||||
port = 587;
|
||||
tls.useStartTls = true;
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
services = {
|
||||
imapnotify.enable = true;
|
||||
mbsync = {
|
||||
enable = true;
|
||||
frequency = "*:2/5";
|
||||
preExec = "${pkgs.isync}/bin/mbsync -Ha";
|
||||
postExec = "${pkgs.mu}/bin/mu index -m ${maildir}";
|
||||
};
|
||||
};
|
||||
|
||||
programs = {
|
||||
msmtp.enable = true;
|
||||
mbsync.enable = true;
|
||||
mu.enable = true;
|
||||
};
|
||||
}
|
|
@ -1,35 +0,0 @@
|
|||
{ config, pkgs, ... }:
|
||||
|
||||
{
|
||||
networking = {
|
||||
hostName = "enterprise"; # Define your hostname.;
|
||||
|
||||
# use iNet Wireless Daemon (instead of wpa_supplicant) for wireless device management
|
||||
wireless.iwd = {
|
||||
enable = true;
|
||||
|
||||
# All options: https://iwd.wiki.kernel.org/networkconfigurationsettings
|
||||
settings = {
|
||||
Network = {
|
||||
EnableIPv6 = true;
|
||||
RoutePriorityOffset = 300;
|
||||
};
|
||||
Settings = {
|
||||
AutoConnect = true;
|
||||
Hidden = true;
|
||||
AlwaysRandomizeAddress = false; # for predictable local network
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
networkmanager = {
|
||||
enable = true;
|
||||
wifi.backend = "iwd";
|
||||
};
|
||||
|
||||
interfaces = {
|
||||
enp3s0.useDHCP = true;
|
||||
wlo1.useDHCP = true;
|
||||
};
|
||||
};
|
||||
}
|
|
@ -1,58 +0,0 @@
|
|||
{ config, pkgs, options, ... }:
|
||||
|
||||
let
|
||||
nvidiaEnabled = false;
|
||||
nvidiaAlwaysOn = true;
|
||||
|
||||
# For some reason at least one game needs this to be set,
|
||||
# even if nvidia GPU is in sync-mode
|
||||
# Could be Wayland, needs further investigation
|
||||
nvidia-offload = pkgs.writeShellScriptBin "nvidia-offload" ''
|
||||
export __NV_PRIME_RENDER_OFFLOAD=1
|
||||
export __NV_PRIME_RENDER_OFFLOAD_PROVIDER=NVIDIA-G0
|
||||
export __GLX_VENDOR_LIBRARY_NAME=nvidia
|
||||
export __VK_LAYER_NV_optimus=NVIDIA_only
|
||||
exec -a "$0" "$@"
|
||||
'';
|
||||
in
|
||||
{
|
||||
hardware = {
|
||||
nvidiaOptimus.disable = !nvidiaEnabled;
|
||||
nvidia = {
|
||||
package = config.boot.kernelPackages.nvidiaPackages.stable;
|
||||
nvidiaSettings = nvidiaEnabled;
|
||||
modesetting.enable = nvidiaAlwaysOn; # Same as sync.enable
|
||||
powerManagement = {
|
||||
# Only for offload.enable=true
|
||||
enable = !nvidiaAlwaysOn;
|
||||
finegrained = !nvidiaAlwaysOn;
|
||||
};
|
||||
prime = {
|
||||
# Bus ID of the Intel GPU. You can find it using lspci, either under 3D or VGA
|
||||
intelBusId = "PCI:0:2:0";
|
||||
# Bus ID of the NVIDIA GPU. You can find it using lspci, either under 3D or VGA
|
||||
nvidiaBusId = "PCI:1:0:0";
|
||||
sync.enable = nvidiaAlwaysOn; # Complement of offload.enable
|
||||
offload.enable = !nvidiaAlwaysOn;
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
services.xserver.videoDrivers = [
|
||||
(if nvidiaEnabled
|
||||
then
|
||||
"nvidia" # Keep only "nvidia" when using sync-mode
|
||||
else
|
||||
"intel")
|
||||
];
|
||||
|
||||
environment.systemPackages = with pkgs;
|
||||
if nvidiaEnabled
|
||||
then
|
||||
[
|
||||
nvidia-offload
|
||||
primus
|
||||
]
|
||||
else
|
||||
[ ];
|
||||
}
|
|
@ -1,6 +0,0 @@
|
|||
age-encryption.org/v1
|
||||
-> ssh-ed25519 dy7D9w 7No0DsdBZnT2q+pEyfZWs25tzwCG5pufTlfY7rHnbWk
|
||||
p96mO5AcA5Heio2zXSxl0G2YmOuU3pzZtwcqJHc1QdE
|
||||
--- jaEARnhHeBNOSUwjMYYQPyh5f18qRFmMCnW71H6itqU
|
||||
Ãx³qH1Y©^œSZ: ~äÅk^Á²˜‘»t6Oým^Í©ž<Úå€EÂÄDU‰/ϳqhÞ/×ÙE¶¶i/z^7£ª–ZÂT4ÿ…+Sãe‰‚ƒ9ƒ¹¥ÃfÍ
|
||||
<EFBFBD>z®“{c\m&rͺZÿ©rϾþ¨O·Ð”»z{þn2КÖi<C396>u`
|
|
@ -1,7 +0,0 @@
|
|||
age-encryption.org/v1
|
||||
-> ssh-ed25519 dy7D9w IFzyPbRh5LLzYH6vDy83SyKzZDS+qF2MEOenMsNtOnQ
|
||||
lAx+ygintMnPCDl4rr+iDnud/5bQ63gbbZS43Vtzr5Y
|
||||
-> 9M9qX4-grease S`5 jR._GqU {9)a Eub
|
||||
eBZQB13O+P1m4DsTWCN8k6RWpeKcqsg5yfm/8n/CaVfMFACclQ
|
||||
--- PtyjC9OVjUAdkGz111hZsDkEFjcwNtO1BvJhpn/5x3g
|
||||
8p©Ë®ŠÁdÇÜÜŒtL͸kóúî‘Û/{\><3E>ÍOò&”7Åp`–}¸Ñ—°¼?¥kÏ€0Çtò â˜Ï¦re1ÙÃ6>Y*TdÛkÝÕ5ÿ3KpÖ1rœÇ@³« 4ó¶AàÄH7ŒlÛ¥ó´ Í@ð
˜ŠƒV׫Rbà
|
|
@ -1,5 +0,0 @@
|
|||
age-encryption.org/v1
|
||||
-> ssh-ed25519 dy7D9w yhRM5/w1eepD/nEGCoOzqhN2Ed4WCweQxc5nw90OFFE
|
||||
z9/iOzG+to2rcC60yO7nzI6GgIfvZLjHfJr42SrbxLY
|
||||
--- tiudW9x74CzCHpASjlnHxN8zKekP/2L4HkqtDwRkm5U
|
||||
‹kÊh„ŒA`ŒÑŠ«i¹X±÷´„ Tmøæ‹::¨+W:štÅû±û½â‘û&ýÎì
|
|
@ -1,7 +0,0 @@
|
|||
age-encryption.org/v1
|
||||
-> ssh-ed25519 dy7D9w ccKo6iVUtF/88bxSy1B8xnRYBUkbnbi/heOcS0zYEDY
|
||||
Rraz/mFj1fR95kJZRCSJ7SRAQUtgHjOZJi0VvzYGmvk
|
||||
-> ZwkrMG-grease <?G)_dY N !KANB*" -hB+Su(
|
||||
U5LEeJZOBtIWPWGBEQ
|
||||
--- yE1a37Lu918LVJumhD9gYvxWb/6OweXzYrOeoC+tnp8
|
||||
ã_×ñæ<C3B1>â¢6Ñép4äÕ·Æ‹Þ,«ïÆ}Zf‘?OZÞ£;Ä5§›dCÖ×_ÄkÂ"dcÓ@ÛC¹Ê±@Bž<42>B›lËižum)±P?¢Ç—²·yÍ0ð(!¢Ëô]â=3‰îæ!I‡{Cúö˜ªêž.kcÛ}»¾<C2BB>ò|í·hàá®
|
|
@ -1,8 +0,0 @@
|
|||
age-encryption.org/v1
|
||||
-> ssh-ed25519 dy7D9w 5OnF9DkSjroG96Q88oo04Q1EINi3wcN/vfyzKALrMww
|
||||
kBc2w/X+Od+ouik4AsH7YZlNoZGPfWGt1NXUip9yfwY
|
||||
-> g(-grease A
|
||||
zT177g
|
||||
--- JFz13LrERcGNmpmtjp9IK92FDyAUpxK00Kal7CsYyZ8
|
||||
ñþºÆÅn_1ÙH"ž›Q[2Àvh%ê¾E…AînÀԜͥIáÏE@Í¿s†,Ÿ4]\FÂ[”jöÈ`oÓ¼=}…~®g>•ÈPÎHÈÃ
|
||||
e>'¶FÚø÷ÿÞ™·C¹¯'@ðV;ŒÞš¸ÖÛSc$Љ@˜`/›E|Uà’aƒtì“
|
|
@ -1,11 +0,0 @@
|
|||
let key = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPziuF0B4Vj/W434rpshcvQu2KieXjGc8HnwymLapyLu nixos@enterprise";
|
||||
in
|
||||
{
|
||||
"maildir_relekarpayas_onedrive.age".publicKeys = [ key ];
|
||||
"syncthing_relekarpayas_googledrive.age".publicKeys = [ key ];
|
||||
"syncthing_relekarpayas_onedrive.age".publicKeys = [ key ];
|
||||
"org_relekarpayas_googledrive.age".publicKeys = [ key ];
|
||||
"org_relekarpayas_onedrive.age".publicKeys = [ key ];
|
||||
"mu4e_gmail.age".publicKeys = [ key ];
|
||||
"enterprise-nix-cache-key-sec.age".publicKeys = [ key ];
|
||||
}
|
|
@ -1,9 +0,0 @@
|
|||
age-encryption.org/v1
|
||||
-> ssh-ed25519 dy7D9w O2oC8+mG4ddds/vWrEgoKcH/08Uf+Asb+5IMvHFaC04
|
||||
zTptkB7UdU0BGm2tOUTjllYHsv3tEkt+k61VgyCnnZw
|
||||
-> A$-grease 2MWD =a@~f
|
||||
h1ff7UE4JFUCf2hRMDEBnOrsvbEztceDSaMVTyzzzsf+D9TYLeA7Liv8zJuOu1PV
|
||||
pTCXhpWqO0Th9ol9fJc3eQ7MxuiGOSGm6H65HPIjgxWJNSLmNg
|
||||
--- vbumS83Qmuc1aOt0o7Rut1P5kSVix/AKL7SLJBKVD6A
|
||||
-›:VÅøhN¡Õëüû41þž¨N<ÃY´ãirò
|
||||
€uÏß<EFBFBD>Â'q#P—xJLd‰ë9v:4äŽ7rpÝ&º\<5C>CÒ]=ê
9uWÙÍ÷…r£¹ñÆkdÇ>+ç@·!ÍÞy@W“o$ñ<>þ|(žD¨4G0&ýÔÝ¡
|
|
@ -1,9 +0,0 @@
|
|||
age-encryption.org/v1
|
||||
-> ssh-ed25519 dy7D9w cC14jHh4xEnU4ytYVPvsHFItTP32ejCva6JIfyL7yCg
|
||||
OynqzGM3787awMhBuUuSq3+LNiw8BQbQzPDH3fx08aU
|
||||
-> 1}N-grease 63VK8 ' \ S=if
|
||||
ZACSbwxOec//qcHEPOWoc9lTTcf6eIK2g2Bw4xXjqYD5/F08jXx5By4REgLsvg7h
|
||||
jzGImN08q5msOunmJNlc5AV2lWvUVU7860sn/5ZLJQ5/F9G5Rl2fK7xs
|
||||
--- 8m6Tz3ExeYuw/IiMYJu3jGbTqhQNaKXNc7Y6BIDQuxc
|
||||
Fgî);ÐÍCd<43><64>Ó=gA/"´¥:ë-Ã
]ºº@XñgOÌ2j…Ÿ=«Ø7,ð”WäãŠ?påd´Dæßÿ_ÙëI†Ÿ<07>qVóóÝ®°‹‘nzù¢í‹œ—<C593>è!y[i’hC¨f³\Ãú@AL_©R+\ÅýNCK<43>?Q÷
|
||||
íã
|
|
@ -1,58 +0,0 @@
|
|||
{ config, pkgs, options, ... }:
|
||||
|
||||
# Sound config for PipeWire.
|
||||
# PipeWire implements interfaces for ALSA and PulseAudio,
|
||||
# so they need not be configured separately
|
||||
{
|
||||
# Disable sound as it can conflict with PipeWire according to NixOS wiki
|
||||
sound.enable = false;
|
||||
|
||||
# High quality BT calls
|
||||
hardware = {
|
||||
bluetooth = {
|
||||
enable = true;
|
||||
hsphfpd.enable = true;
|
||||
};
|
||||
# Disable Pulse, PipeWire implements PulseAudio compatible interface
|
||||
pulseaudio.enable = false;
|
||||
};
|
||||
|
||||
# PipeWire config
|
||||
security.rtkit.enable = true;
|
||||
services.pipewire = {
|
||||
enable = true;
|
||||
|
||||
# Enable ALSA interface
|
||||
alsa = {
|
||||
enable = true;
|
||||
support32Bit = true;
|
||||
};
|
||||
|
||||
# Enable PulseAudio interface
|
||||
pulse.enable = true;
|
||||
|
||||
# High quality BT calls
|
||||
media-session.config.bluez-monitor.rules = [
|
||||
{
|
||||
# Matches all cards
|
||||
matches = [{ "device.name" = "~bluez_card.*"; }];
|
||||
actions = {
|
||||
"update-props" = {
|
||||
"bluez5.auto-connect" = [ "hfp_hf" "hsp_hs" "a2dp_sink" ];
|
||||
};
|
||||
};
|
||||
}
|
||||
{
|
||||
matches = [
|
||||
# Matches all sources
|
||||
{
|
||||
"node.name" = "~bluez_input.*";
|
||||
}
|
||||
# Matches all outputs
|
||||
{ "node.name" = "~bluez_output.*"; }
|
||||
];
|
||||
actions = { "node.pause-on-idle" = false; };
|
||||
}
|
||||
];
|
||||
};
|
||||
}
|
|
@ -1,58 +0,0 @@
|
|||
{ config, ... }:
|
||||
let
|
||||
payas = "payas";
|
||||
in
|
||||
{
|
||||
imports = [
|
||||
../../modules/common-syncthing.nix
|
||||
];
|
||||
|
||||
services.syncthing = {
|
||||
guiAddress = "127.0.0.1:8384";
|
||||
|
||||
folders = {
|
||||
Keepass = {
|
||||
devices = [ "bebop" "Childish Tycoon" ];
|
||||
type = "sendreceive";
|
||||
watch = true;
|
||||
versioning = {
|
||||
type = "simple";
|
||||
params.keep = "5";
|
||||
};
|
||||
};
|
||||
|
||||
Syncthing = {
|
||||
devices = [ "bebop" "Childish Tycoon" ];
|
||||
type = "sendreceive";
|
||||
watch = true;
|
||||
versioning = {
|
||||
type = "staggered";
|
||||
params = {
|
||||
cleanInterval = "3600";
|
||||
maxAge = "31536000";
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
org = {
|
||||
devices = [ "bebop" "Childish Tycoon" ];
|
||||
type = "sendreceive";
|
||||
watch = true;
|
||||
};
|
||||
|
||||
Music = {
|
||||
devices = [ "bebop" "Childish Tycoon" ];
|
||||
type = "sendreceive";
|
||||
watch = true;
|
||||
};
|
||||
|
||||
|
||||
Pictures = {
|
||||
# Kept as future reminder
|
||||
devices = [ ]; # no pause option in NixOS module, no sharing is as good as paused
|
||||
type = "sendreceive";
|
||||
watch = false; # disabled folder, no need to watch
|
||||
};
|
||||
};
|
||||
};
|
||||
}
|
Reference in a new issue