commit a0b591a6cf491bbcbcdfca5e954307c7d79dd566
parent cb916045da25ba8c5d00456167455219ad93b04d
Author: Leah (ctucx) <leah@ctu.cx>
Date: Sun, 13 Feb 2022 14:14:08 +0100
parent cb916045da25ba8c5d00456167455219ad93b04d
Author: Leah (ctucx) <leah@ctu.cx>
Date: Sun, 13 Feb 2022 14:14:08 +0100
machines/currywurst: add new device (x1nano)
8 files changed, 122 insertions(+), 2 deletions(-)
A
|
69
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
diff --git a/configurations/desktop-sway.nix b/configurations/desktop-sway.nix @@ -18,9 +18,10 @@ trackpoint = { enable = true; + device = "TPPS/2 JYT_Synaptics TrackPoint"; emulateWheel = true; -# speed = 80; -# sensitivity = 100; + speed = 85; + sensitivity = 80; }; };
diff --git a/configurations/programs/sway.nix b/configurations/programs/sway.nix @@ -111,6 +111,7 @@ output = { "*" = { bg = "~/Pictures/photos.ctu.cx/Bahnbilder/2019.06/20190622-153441.jpg fill"; + scale = "1"; }; };
diff --git a/configurations/services/syncthing.nix b/configurations/services/syncthing.nix @@ -5,6 +5,7 @@ let devices = { #laptops/desktops coladose.id = secrets.syncthing.ids.coladose; + currywurst.id = secrets.syncthing.ids.currywurst; stasicontainer.id = secrets.syncthing.ids.stasicontainer; ludmilla.id = secrets.syncthing.ids.ludmilla; @@ -41,16 +42,24 @@ let "ctucx-media" "ctucx-windoofs" ]; + lollo = [ "ctucx-audiobooks-orig" "ctucx-music-orig" "ctucx-media" "ctucx-windoofs" ]; + + stasicontainer = [ "ctucx-audiobooks-orig" "ctucx-music-orig" ]; + + currywurst = [ + "ctucx-audiobooks-orig" + "ctucx-music-orig" + ]; }; deviceNames = builtins.attrNames (lib.filterAttrs isCurrentHost devices);
diff --git a/machines/currywurst/configuration.nix b/machines/currywurst/configuration.nix @@ -0,0 +1,69 @@ +{ config, pkgs, lib, ... }: + +{ + imports = [ + ./hardware-configuration.nix + ../../configurations/mobile-device.nix + ../../configurations/common.nix + ../../configurations/bluetooth.nix + ../../configurations/desktop-sway.nix + ]; + + hardware.cpu.intel.updateMicrocode = true; + + boot = { + loader = { + systemd-boot.enable = true; + efi.canTouchEfiVariables = true; + }; + + consoleLogLevel = 3; + kernel.sysctl."vm.swappiness" = 0; + kernel.sysctl."kernel/sysrq" = 1; + kernelModules = [ "tpm-rng" ]; + kernelParams = [ + "quiet" + "scsi_mod.use_blk_mq=1" + "modeset" + "nofb" + "rd.systemd.show_status=auto" + "rd.udev.log_priority=3" + "pti=off" + "spectre_v2=off" + ]; + + extraModprobeConfig = lib.mkMerge [ + "options ec_sys write_support=1" + "options iwlwifi power_save=0 uapsd_disable=1" + "options i915 fastboot=1" + ]; + + initrd.availableKernelModules = [ "i915" ]; + }; + + networking = { + hostName = "currywurst"; +# domain = "ctu.cx"; + + dhcpcd.enable = true; + + wireless = { + iwd.enable = true; + }; + + firewall = { + enable = true; +# allowedTCPPorts = [ ]; + }; + }; + + services = { + fwupd.enable = true; + fprintd.enable = true; + }; + + security.pam.services.swaylock.fprintAuth = true; + + home-manager.users.leah.home.stateVersion = "21.05"; + system.stateVersion = "21.05"; # Did you read the comment? +}
diff --git a/machines/currywurst/hardware-configuration.nix b/machines/currywurst/hardware-configuration.nix @@ -0,0 +1,34 @@ +# Do not modify this file! It was generated by ‘nixos-generate-config’ +# and may be overwritten by future invocations. Please make changes +# to /etc/nixos/configuration.nix instead. +{ config, lib, pkgs, modulesPath, ... }: + +{ + imports = + [ (modulesPath + "/installer/scan/not-detected.nix") + ]; + + boot.initrd.availableKernelModules = [ "xhci_pci" "thunderbolt" "nvme" "usb_storage" "usbhid" "sd_mod" "sr_mod" ]; + boot.initrd.kernelModules = [ ]; + boot.kernelModules = [ "kvm-intel" ]; + boot.extraModulePackages = [ ]; + + fileSystems."/" = + { device = "/dev/disk/by-uuid/8c643a77-4607-4f3d-880f-58a7290beb4c"; + fsType = "ext4"; + }; + + boot.initrd.luks.devices."root".device = "/dev/disk/by-uuid/dd3703ad-1222-45d0-845f-3c5d3b5f1d80"; + + fileSystems."/boot" = + { device = "/dev/disk/by-uuid/804C-16D2"; + fsType = "vfat"; + }; + + swapDevices = [ ]; + + powerManagement.cpuFreqGovernor = lib.mkDefault "powersave"; + hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; + # high-resolution display + hardware.video.hidpi.enable = lib.mkDefault true; +}
diff --git a/secrets/currywurst/syncthing/cert.age b/secrets/currywurst/syncthing/cert.age Binary files differ.
diff --git a/secrets/currywurst/syncthing/key.age b/secrets/currywurst/syncthing/key.age Binary files differ.
diff --git a/secrets/secrets.nix b/secrets/secrets.nix @@ -2,6 +2,7 @@ let leah = "age1mn57hntgx775kwcwx4jrrd7rfl7z4wl54kqtgq8w2kzg7agz7alsv5eesw"; stasicontainer = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPq+v28FTTV9B/YYLczDcxSBgtn2J0cqKT86ckxalXPk"; coladose = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIP2ky7icnZOUMDtBPwVoq5icGFAzf1C5nfNhoqZEins7"; + currywurst = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO0Ge6Lr9Cjua0ruGcPnKTPc4jTOO7K++HqWarUNZjrW"; #servers lollo = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPNCdn6aHCgxG1tq5f0XPvQ+lIgsQ/3gzT6FNvokOIgX"; @@ -31,6 +32,10 @@ in { "coladose/syncthing/cert.age".publicKeys = [ leah coladose ]; + "currywurst/syncthing/key.age".publicKeys = [ leah currywurst ]; + "currywurst/syncthing/cert.age".publicKeys = [ leah currywurst ]; + + "lollo/syncthing/key.age".publicKeys = [ leah lollo ]; "lollo/syncthing/cert.age".publicKeys = [ leah lollo ]; @@ -79,6 +84,7 @@ in { "taurus/restic/pleroma.age".publicKeys = [ leah taurus ]; "taurus/restic/matrix-synapse.age".publicKeys = [ leah taurus ]; + "hector/restic-server-htpasswd.age".publicKeys = [ leah hector ]; }