diff options
| author | tv <tv@krebsco.de> | 2019-06-25 19:21:20 +0200 |
|---|---|---|
| committer | tv <tv@krebsco.de> | 2019-06-25 20:16:12 +0200 |
| commit | acfa08271cfd8e92cd042366e58a4cb26bdaab00 (patch) | |
| tree | 9a116ba594bea4d63ecb33ae88920f1e7732448e | |
| parent | 83dc4cbc409b9434a3e5efbff23d597049db94be (diff) | |
| parent | d73cb179ece69c0a71e35cdefecdd831af88493a (diff) | |
Merge remote-tracking branch 'prism/master'
| -rw-r--r-- | jeschli/1systems/bolide/config.nix | 68 | ||||
| -rw-r--r-- | jeschli/1systems/bolide/hardware-configuration.nix | 1 | ||||
| -rw-r--r-- | jeschli/1systems/bolide/home.nix | 171 | ||||
| -rw-r--r-- | jeschli/1systems/brauerei/config.nix | 37 | ||||
| -rw-r--r-- | jeschli/1systems/enklave/config.nix | 2 | ||||
| -rw-r--r-- | jeschli/2configs/default.nix | 4 | ||||
| -rw-r--r-- | jeschli/2configs/git.nix | 2 | ||||
| -rw-r--r-- | jeschli/2configs/home-manager/default.nix | 9 | ||||
| -rw-r--r-- | jeschli/krops.nix | 6 | ||||
| -rw-r--r-- | mb/1systems/gr33n/configuration.nix | 130 | ||||
| -rw-r--r-- | mb/1systems/gr33n/hardware-configuration.nix | 37 | ||||
| -rw-r--r-- | mb/1systems/orange/configuration.nix | 9 | ||||
| -rw-r--r-- | mb/1systems/p1nk/configuration.nix | 8 | ||||
| -rw-r--r-- | mb/2configs/default.nix | 3 |
14 files changed, 445 insertions, 42 deletions
diff --git a/jeschli/1systems/bolide/config.nix b/jeschli/1systems/bolide/config.nix index 699a85b..a9f564f 100644 --- a/jeschli/1systems/bolide/config.nix +++ b/jeschli/1systems/bolide/config.nix @@ -2,15 +2,15 @@ # your system. Help is available in the configuration.nix(5) man page # and in the NixOS manual (accessible by running ‘nixos-help’). -{ config, pkgs, ... }: - +{ config, pkgs, lib, ... }: { imports = [ ./hardware-configuration.nix <stockholm/jeschli> + <home-manager/nixos> <stockholm/jeschli/2configs/urxvt.nix> - <stockholm/jeschli/2configs/emacs.nix> + # <stockholm/jeschli/2configs/emacs.nix> ]; krebs.build.host = config.krebs.hosts.bolide; @@ -29,7 +29,8 @@ allowDiscards = true; } ]; # networking.hostName = "bolide"; # Define your hostname. - networking.wireless.enable = true; # Enables wireless support via wpa_supplicant. +# networking.wireless.enable = true; # Enables wireless support via wpa_supplicant. + networking.networkmanager.enable = true; # Select internationalisation properties. # i18n = { @@ -52,6 +53,8 @@ }; nixpkgs.config.allowUnfree = true; environment.systemPackages = with pkgs; [ + home-manager + wget vim # system helper ag @@ -92,6 +95,22 @@ zathura ]; + home-manager.useUserPackages = true; + home-manager.users.jeschli = { + home.stateVersion = "19.03"; + }; + + home-manager.users.jeschli.home.file = { + ".emacs.d" = { + source = pkgs.fetchFromGitHub { + owner = "jeschli"; + repo = "emacs.d"; + rev = "8ed6c40"; + sha256 = "1q2y478srwp9f58l8cixnd2wj51909gp1z68k8pjlbjy2mrvibs0"; + }; + recursive = true; + }; + }; # Some programs need SUID wrappers, can be configured further or are # started in user sessions. # programs.bash.enableCompletion = true; @@ -103,36 +122,37 @@ # Enable the OpenSSH daemon. services.openssh.enable = true; - # Open ports in the firewall. - # networking.firewall.allowedTCPPorts = [ ... ]; - # networking.firewall.allowedUDPPorts = [ ... ]; - # Or disable the firewall altogether. - # networking.firewall.enable = false; - # Enable CUPS to print documents. - # services.printing.enable = true; + services.xserver = { + + enable = true; - # Enable the X11 windowing system. - services.xserver.enable = true; - # services.xserver.layout = "us"; - # services.xserver.xkbOptions = "eurosign:e"; + desktopManager = { + xfce.enable = true; + gnome3.enable = true; + }; +# # Don't install feh into systemPackages +# # refs <nixpkgs/nixos/modules/services/x11/desktop-managers> +# desktopManager.session = lib.mkForce []; +# +# enable = true; +# display = 11; +# tty = 11; +# +# dpi = 96; - services.xserver.displayManager.sddm.enable = true; - services.xserver.windowManager.xmonad.enable = true; - services.xserver.windowManager.xmonad.enableContribAndExtras = true; - # Enable touchpad support. - # services.xserver.libinput.enable = true; + videoDrivers = [ "nvidia" ]; + }; - # Enable the KDE Desktop Environment. - # services.xserver.displayManager.sddm.enable = true; - # services.xserver.desktopManager.plasma5.enable = true; + services.xserver.windowManager.i3.enable = true; - # Define a user account. Don't forget to set a password with ‘passwd’. users.extraUsers.jeschli = { isNormalUser = true; + extraGroups = ["docker" "vboxusers" "audio"]; uid = 1000; }; + hardware.pulseaudio.enable = true; # This value determines the NixOS release with which your system is to be # compatible, in order to avoid breaking some software such as database # servers. You should change this only after NixOS release notes say you diff --git a/jeschli/1systems/bolide/hardware-configuration.nix b/jeschli/1systems/bolide/hardware-configuration.nix index 183b29e..042b746 100644 --- a/jeschli/1systems/bolide/hardware-configuration.nix +++ b/jeschli/1systems/bolide/hardware-configuration.nix @@ -29,4 +29,5 @@ nix.maxJobs = lib.mkDefault 8; powerManagement.cpuFreqGovernor = "powersave"; + hardware.pulseaudio.enable = true; } diff --git a/jeschli/1systems/bolide/home.nix b/jeschli/1systems/bolide/home.nix new file mode 100644 index 0000000..60fee8b --- /dev/null +++ b/jeschli/1systems/bolide/home.nix @@ -0,0 +1,171 @@ +{ pkgs, ... }: + +{ + home.file = { + ".emacs.d" = { + source = pkgs.fetchFromGitHub { + owner = "jeschli"; + repo = "emacs.d"; + rev = "8ed6c40"; + sha256 = "1q2y478srwp9f58l8cixnd2wj51909gp1z68k8pjlbjy2mrvibs0"; + }; + recursive = true; + }; + ".config/i3/config".text = '' + +set $mod Mod4 + +font pango:monospace 8 + +floating_modifier $mod + +bindsym $mod+Return exec i3-sensible-terminal + +bindsym $mod+Shift+q kill + +bindsym $mod+d exec rofi -modi drun#run -combi-modi drun#run -show combi -show-icons -display-combi run + +bindsym $mod+x exec rofi -modi window -show window -auto-select + +# switch to last used window +bindsym $mod+Tab exec rofi -show window& sleep 0.15 && xdotool key Down + +# change focus +bindsym $mod+j focus left +bindsym $mod+k focus down +bindsym $mod+l focus up +bindsym $mod+semicolon focus right + +# alternatively, you can use the cursor keys: +bindsym $mod+Left focus left +bindsym $mod+Down focus down +bindsym $mod+Up focus up +bindsym $mod+Right focus right + +# Resizing windows by 10 in i3 using keyboard only +bindsym $mod+Ctrl+Shift+Right resize shrink width 10 px or 10 ppt +bindsym $mod+Ctrl+Shift+Up resize grow height 10 px or 10 ppt +bindsym $mod+Ctrl+Shift+Down resize shrink height 10 px or 10 ppt +bindsym $mod+Ctrl+Shift+Left resize grow width 10 px or 10 ppt + +# move focused window +bindsym $mod+Shift+j move left +bindsym $mod+Shift+k move down +bindsym $mod+Shift+l move up +bindsym $mod+Shift+semicolon move right + +# alternatively, you can use the cursor keys: +bindsym $mod+Shift+Left move left +bindsym $mod+Shift+Down move down +bindsym $mod+Shift+Up move up +bindsym $mod+Shift+Right move right + +# split in horizontal orientation +bindsym $mod+h split h + +# split in vertical orientation +bindsym $mod+v split v + +# enter fullscreen mode for the focused container +bindsym $mod+f fullscreen toggle + +# change container layout (stacked, tabbed, toggle split) +bindsym $mod+s layout stacking +bindsym $mod+w layout tabbed +bindsym $mod+e layout toggle split + +# toggle tiling / floating +bindsym $mod+Shift+space floating toggle + +# change focus between tiling / floating windows +bindsym $mod+space focus mode_toggle + +# focus the parent container +bindsym $mod+a focus parent + +# focus the child container +#bindsym $mod+d focus child + +# Define names for default workspaces for which we configure key bindings later on. +# We use variables to avoid repeating the names in multiple places. +set $ws1 "1" +set $ws2 "2" +set $ws3 "3" +set $ws4 "4" +set $ws5 "5" +set $ws6 "6" +set $ws7 "7" +set $ws8 "8" +set $ws9 "9" +set $ws10 "10" + +# switch to workspace +bindsym $mod+1 workspace $ws1 +bindsym $mod+2 workspace $ws2 +bindsym $mod+3 workspace $ws3 +bindsym $mod+4 workspace $ws4 +bindsym $mod+5 workspace $ws5 +bindsym $mod+6 workspace $ws6 +bindsym $mod+7 workspace $ws7 +bindsym $mod+8 workspace $ws8 +bindsym $mod+9 workspace $ws9 +bindsym $mod+0 workspace $ws10 + +# move focused container to workspace +bindsym $mod+Shift+1 move container to workspace $ws1 +bindsym $mod+Shift+2 move container to workspace $ws2 +bindsym $mod+Shift+3 move container to workspace $ws3 +bindsym $mod+Shift+4 move container to workspace $ws4 +bindsym $mod+Shift+5 move container to workspace $ws5 +bindsym $mod+Shift+6 move container to workspace $ws6 +bindsym $mod+Shift+7 move container to workspace $ws7 +bindsym $mod+Shift+8 move container to workspace $ws8 +bindsym $mod+Shift+9 move container to workspace $ws9 +bindsym $mod+Shift+0 move container to workspace $ws10 + +# reload the configuration file +bindsym $mod+Shift+c reload +# restart i3 inplace (preserves your layout/session, can be used to upgrade i3) +bindsym $mod+Shift+r restart +# exit i3 (logs you out of your X session) +bindsym $mod+Shift+e exec "i3-nagbar -t warning -m 'You pressed the exit shortcut. Do you really want to exit i3? This will end your X session.' -b 'Yes, exit i3' 'i3-msg exit'" + +bindsym $mod+p exec i3-sensible-pager + +# resize window (you can also use the mouse for that) +mode "resize" { + # These bindings trigger as soon as you enter the resize mode + + # Pressing left will shrink the window’s width. + # Pressing right will grow the window’s width. + # Pressing up will shrink the window’s height. + # Pressing down will grow the window’s height. + bindsym j resize shrink width 10 px or 10 ppt + bindsym k resize grow height 10 px or 10 ppt + bindsym l resize shrink height 10 px or 10 ppt + bindsym semicolon resize grow width 10 px or 10 ppt + + # same bindings, but for the arrow keys + bindsym Left resize shrink width 10 px or 10 ppt + bindsym Down resize grow height 10 px or 10 ppt + bindsym Up resize shrink height 10 px or 10 ppt + bindsym Right resize grow width 10 px or 10 ppt + + # back to normal: Enter or Escape or $mod+r + bindsym Return mode "default" + bindsym Escape mode "default" + bindsym $mod+r mode "default" +} + +bindsym $mod+r mode "resize" + +# Start i3bar to display a workspace bar (plus the system information i3status +# finds out, if available) +bar { + position top + status_command i3status +} + ''; + }; + +} diff --git a/jeschli/1systems/brauerei/config.nix b/jeschli/1systems/brauerei/config.nix index b9bb021..059ec6d 100644 --- a/jeschli/1systems/brauerei/config.nix +++ b/jeschli/1systems/brauerei/config.nix @@ -1,19 +1,17 @@ { config, pkgs, lib, ... }: let xmonad-jeschli = pkgs.callPackage <stockholm/jeschli/5pkgs/simple/xmonad-jeschli> { inherit config; }; + mainUser = config.krebs.build.user.name; in { imports = [ <stockholm/jeschli> ./hardware-configuration.nix + <home-manager/nixos> <stockholm/jeschli/2configs/urxvt.nix> -# <stockholm/jeschli/2configs/emacs.nix> -# <stockholm/jeschli/2configs/xdg.nix> -# <stockholm/jeschli/2configs/xserver> <stockholm/jeschli/2configs/steam.nix> <stockholm/jeschli/2configs/virtualbox.nix> - ]; - + ]; krebs.build.host = config.krebs.hosts.brauerei; # Use the GRUB 2 boot loader. boot.loader.grub.enable = true; @@ -54,7 +52,10 @@ in copyq curl dmenu + rofi + xdotool git + gnupg i3lock keepass networkmanagerapplet @@ -92,9 +93,11 @@ in }) # dev tools gnumake + jetbrains.clion jetbrains.goland jetbrains.pycharm-professional jetbrains.webstorm + vscode # document viewer evince zathura @@ -105,7 +108,6 @@ in cargo rustracer rustup - vscode # orga tools taskwarrior # xorg @@ -120,6 +122,24 @@ in # programs.mtr.enable = true; programs.gnupg.agent = { enable = true; enableSSHSupport = true; }; + home-manager.useUserPackages = true; + home-manager.users.jeschli = { + home.stateVersion = "19.03"; + }; +# home-manager.enable = true; + + home-manager.users.jeschli.home.file = { + ".emacs.d" = { + source = pkgs.fetchFromGitHub { + owner = "jeschli"; + repo = "emacs.d"; + rev = "8ed6c40"; + sha256 = "1q2y478srwp9f58l8cixnd2wj51909gp1z68k8pjlbjy2mrvibs0"; + }; + recursive = true; + }; + }; + # List services that you want to enable: # Enable the OpenSSH daemon. @@ -155,6 +175,11 @@ in extraGroups = ["docker" "vboxusers" "audio"]; uid = 1000; }; + users.extraUsers.blafoo = { + isNormalUser = true; + extraGroups = ["audio"]; + uid = 1002; + }; users.extraUsers.jamie = { isNormalUser = true; uid = 1001; # TODO genid diff --git a/jeschli/1systems/enklave/config.nix b/jeschli/1systems/enklave/config.nix index cadec3c..86d21f7 100644 --- a/jeschli/1systems/enklave/config.nix +++ b/jeschli/1systems/enklave/config.nix @@ -49,7 +49,7 @@ listenPort = 53589; organisations.lass.users = [ "jeschli" ]; }; - networking.firewall.allowedTCPPorts = [ 53589 ]; + networking.firewall.allowedTCPPorts = [ 53589 8001 ]; } ]; diff --git a/jeschli/2configs/default.nix b/jeschli/2configs/default.nix index 5aaabe2..8b61fa2 100644 --- a/jeschli/2configs/default.nix +++ b/jeschli/2configs/default.nix @@ -2,7 +2,7 @@ with import <stockholm/lib>; { imports = [ - ./vim.nix +# ./vim.nix ./retiolum.nix ./zsh.nix <stockholm/lass/2configs/security-workarounds.nix> @@ -56,7 +56,7 @@ with import <stockholm/lib>; usbutils # logify goify - + vim #unpack stuff p7zip unzip diff --git a/jeschli/2configs/git.nix b/jeschli/2configs/git.nix index a260227..faa8ccf 100644 --- a/jeschli/2configs/git.nix +++ b/jeschli/2configs/git.nix @@ -60,7 +60,7 @@ let with git // config.krebs.users; repo: singleton { - user = [ jeschli jeschli-brauerei]; + user = [ jeschli jeschli-brauerei jeschli-bolide]; repo = [ repo ]; perm = push "refs/*" [ non-fast-forward create delete merge ]; } ++ diff --git a/jeschli/2configs/home-manager/default.nix b/jeschli/2configs/home-manager/default.nix new file mode 100644 index 0000000..ad8663d --- /dev/null +++ b/jeschli/2configs/home-manager/default.nix @@ -0,0 +1,9 @@ +{ + imports = [ + <home-manager/nixos> + ]; + home-manager.useUserPackages = true; + home-manager.users.jeschli = { + home.stateVersion = "19.03"; + }; +} diff --git a/jeschli/krops.nix b/jeschli/krops.nix index dbf94bd..f3964a5 100644 --- a/jeschli/krops.nix +++ b/jeschli/krops.nix @@ -15,6 +15,12 @@ file = "${lib.getEnv "HOME"}/secrets/${name}"; }; } + { + home-manager.git = { + url = https://github.com/rycee/home-manager; + ref = "2ccbf43"; + }; + } ]; in { diff --git a/mb/1systems/gr33n/configuration.nix b/mb/1systems/gr33n/configuration.nix new file mode 100644 index 0000000..4342ba0 --- /dev/null +++ b/mb/1systems/gr33n/configuration.nix @@ -0,0 +1,130 @@ +{ config, pkgs, callPackage, ... }: let + unstable = import <nixpkgs-unstable> { config = { allowUnfree = true; }; }; +in { + imports = + [ # Include the results of the hardware scan. + ./hardware-configuration.nix + <stockholm/mb> + ]; + + krebs.build.host = config.krebs.hosts.gr33n; + + boot.kernelPackages = pkgs.linuxPackages_latest; + boot.extraModulePackages = with config.boot.kernelPackages; [ wireguard ]; + + # Use the systemd-boot EFI boot loader. + boot.loader.systemd-boot.enable = true; + boot.loader.efi.canTouchEfiVariables = true; + + fileSystems."/".options = [ "noatime" "nodiratime" "discard" ]; + fileSystems."/mnt/public" = { + device = "//192.168.0.4/public"; + fsType = "cifs"; + options = let + automount_opts = "x-systemd.automount,noauto,x-systemd.idle-timeout=60,x-systemd.device-timeout=5s,x-systemd.mount-timeout=5s"; + in [ "${automount_opts},user,rw,username=mb0,iocharset=utf8,credentials=${config.users.users.mb.home}/.smbcredentials" ]; + }; + + i18n = { + consoleFont = "Lat2-Terminus16"; + consoleKeyMap = "de"; + defaultLocale = "en_US.UTF-8"; + }; + + time.timeZone = "Europe/Berlin"; + + nixpkgs.config.allowUnfree = true; + + nixpkgs.config.packageOverrides = super: { + openvpn = super.openvpn.override { + pkcs11Support = true; + useSystemd = false; + }; + }; + + environment.shellAliases = { + ll = "ls -alh"; + ls = "ls --color=tty"; + }; + + environment.systemPackages = with pkgs; [ + curl + fish + git + htop + nmap + ranger + tcpdump + tmux + traceroute + tree + vim + wcalc + wget + xz + ]; + + programs.gnupg.agent = { enable = true; enableSSHSupport = true; }; + + sound.enable = false; + + services.openssh.enable = true; + services.openssh.passwordAuthentication = false; + + networking.wireless.enable = false; + networking.networkmanager.enable = false; + krebs.iptables.enable = true; + networking.enableIPv6 = false; + + programs.fish = { + enable = true; + shellInit = '' + function ssh_agent --description 'launch the ssh-agent and add the id_rsa identity' + if begin + set -q SSH_AGENT_PID + and kill -0 $SSH_AGENT_PID + and grep -q '^ssh-agent' /proc/$SSH_AGENT_PID/cmdline + end + echo "ssh-agent running on pid $SSH_AGENT_PID" + else + eval (command ssh-agent -c | sed 's/^setenv/set -Ux/') + end + set -l identity $HOME/.ssh/id_rsa + set -l fingerprint (ssh-keygen -lf $identity | awk '{print $2}') + ssh-add -l | grep -q $fingerprint + or ssh-add $identity + end + ''; + promptInit = '' + function fish_prompt --description 'Write out the prompt' + set -l color_cwd + set -l suffix + set -l nix_shell_info ( + if test "$IN_NIX_SHELL" != "" + echo -n " <nix-shell>" + end + ) + switch "$USER" + case root toor + if set -q fish_color_cwd_root + set color_cwd $fish_color_cwd_root + else + set color_cwd $fish_color_cwd + end + set suffix '#' + case '*' + set color_cwd $fish_color_cwd + set suffix '>' + end + + echo -n -s "$USER" @ (set_color green) (prompt_hostname) (set_color normal) "$nix_shell_info" ' ' (set_color $color_cwd) (prompt_pwd) (set_color normal) "$suffix " + end + ''; + }; + + nix.buildCores = 4; + system.autoUpgrade.enable = false; + system.autoUpgrade.channel = "https://nixos.org/channels/nixos-19.03"; + system.stateVersion = "19.03"; + +} diff --git a/mb/1systems/gr33n/hardware-configuration.nix b/mb/1systems/gr33n/hardware-configuration.nix new file mode 100644 index 0000000..1d13b8d --- /dev/null +++ b/mb/1systems/gr33n/hardware-configuration.nix @@ -0,0 +1,37 @@ +# Do not modify this file! It was generated by ‘nixos-generate-config’ +# and may be overwritten by future invocations. Please make changes +# to /etc/nixos/configuration.nix instead. +{ config, lib, pkgs, ... }: + +{ + imports = + [ <nixpkgs/nixos/modules/installer/scan/not-detected.nix> + ]; + + boot.initrd.availableKernelModules = [ "ahci" "xhci_pci" "nvme" "usb_storage" "usbhid" "sd_mod" ]; + boot.kernelModules = [ "kvm-intel" ]; + boot.extraModulePackages = [ ]; + + boot.initrd.mdadmConf = '' + ARRAY /dev/md0 level=raid6 num-devices=4 metadata=1.2 name=gr33n:0 UUID=5b715fd9:0be6bfa6:19f07db4:c16836d6 + devices=/dev/sda1,/dev/sdb1,/dev/sdc1,/dev/sdd1 + ''; + + fileSystems."/" = + { device = "/dev/disk/by-uuid/a9f2c19b-f60f-450c-87f1-146a54c4198b"; + fsType = "ext4"; + }; + fileSystems."/storage" = + { device = "/dev/disk/by-label/storage"; + fsType = "ext4"; + }; + fileSystems."/boot" = + { device = "/dev/disk/by-uuid/93EB-BCA3"; + fsType = "vfat"; + }; + + swapDevices = [ ]; + + nix.maxJobs = lib.mkDefault 4; + powerManagement.cpuFreqGovernor = lib.mkDefault "powersave"; +} diff --git a/mb/1systems/orange/configuration.nix b/mb/1systems/orange/configuration.nix index 4ac0996..3e90f89 100644 --- a/mb/1systems/orange/configuration.nix +++ b/mb/1systems/orange/configuration.nix @@ -27,15 +27,13 @@ in { fileSystems."/".options = [ "noatime" "nodiratime" "discard" ]; fileSystems."/mnt/public" = { - device = "//192.168.88.252/public"; + device = "//192.168.0.4/public"; fsType = "cifs"; options = let automount_opts = "x-systemd.automount,noauto,x-systemd.idle-timeout=60,x-systemd.device-timeout=5s,x-systemd.mount-timeout=5s"; in [ "${automount_opts},user,rw,username=mb0,iocharset=utf8,credentials=${config.users.users.mb.home}/.smbcredentials" ]; }; - #networking.hostName = "0r4n93"; - networking.wireless.enable = false; # Select internationalisation properties. i18n = { @@ -132,7 +130,6 @@ in { vulnix wcalc wget - wireshark-gtk xz ]; @@ -151,6 +148,8 @@ in { sound.enable = true; hardware.pulseaudio.enable = true; + hardware.pulseaudio.support32Bit = true; + nixpkgs.config.pulseaudio = true; services.xserver = { enable = true; @@ -173,7 +172,9 @@ in { #services.openssh.permitRootLogin = "yes"; services.openssh.passwordAuthentication = false; + networking.wireless.enable = false; networking.networkmanager.enable = false; + krebs.iptables.enable = true; #networking.nameservers = [ "8.8.8.8" "141.1.1.1" ]; networking.enableIPv6 = false; diff --git a/mb/1systems/p1nk/configuration.nix b/mb/1systems/p1nk/configuration.nix index 28a7c77..905630e 100644 --- a/mb/1systems/p1nk/configuration.nix +++ b/mb/1systems/p1nk/configuration.nix @@ -22,14 +22,13 @@ in { ]; fileSystems."/".options = [ "noatime" "nodiratime" "discard" ]; fileSystems."/mnt/public" = { - device = "//192.168.88.252/public"; + device = "//192.168.0.4/public"; fsType = "cifs"; options = let automount_opts = "x-systemd.automount,noauto,x-systemd.idle-timeout=60,x-systemd.device-timeout=5s,x-systemd.mount-timeout=5s"; in [ "${automount_opts},user,rw,username=mb0,iocharset=utf8,credentials=${config.users.users.mb.home}/.smbcredentials" ]; }; - networking.wireless.enable = true; i18n = { consoleFont = "Lat2-Terminus16"; @@ -143,11 +142,12 @@ in { sound.enable = true; hardware.pulseaudio.enable = true; + hardware.pulseaudio.support32Bit = true; services.xserver = { enable = true; layout = "de"; - xkbOptions = "neo"; + xkbOptions = "nodeadkeys"; libinput.enable = true; desktopManager = { default = "xfce"; @@ -164,7 +164,9 @@ in { services.openssh.enable = true; services.openssh.passwordAuthentication = false; + krebs.iptables.enable = true; networking.networkmanager.enable = false; + networking.wireless.enable = true; networking.nameservers = [ "8.8.8.8" "141.1.1.1" ]; networking.enableIPv6 = false; diff --git a/mb/2configs/default.nix b/mb/2configs/default.nix index 75189e1..ab11495 100644 --- a/mb/2configs/default.nix +++ b/mb/2configs/default.nix @@ -49,7 +49,7 @@ with import <stockholm/lib>; build.user = config.krebs.users.mb; }; - users.mutableUsers = false; + users.mutableUsers = true; services.timesyncd.enable = mkForce true; @@ -67,6 +67,7 @@ with import <stockholm/lib>; environment.systemPackages = with pkgs; [ #stockholm git + git-preview gnumake jq parallel |