diff --git a/common/default.nix b/common/default.nix index 838bb20..b5a1f7f 100644 --- a/common/default.nix +++ b/common/default.nix @@ -49,5 +49,6 @@ ll = "exa -l"; la = "exa -la"; tree = "exa -T"; + apt = "echo 'please use nix-env -iA instead to install packages.'"; }; } diff --git a/deploy.sh b/deploy.sh index c19b0a8..f425fce 100755 --- a/deploy.sh +++ b/deploy.sh @@ -11,12 +11,16 @@ then fi mode="${1:-switch}" -host="nuc" -target="nuc@nuc.c3h" -#host="${2:-nuc}" -#target="${3:-$host.c3h}" +host="${2:-nuc}" +target="${3:-$host.c3h}" + +echo "deploying $host to $target" +sleep 1 sources=$(nix-build nix/sources-dir.nix --no-out-link) set -x -nixos-rebuild "$mode" --target-host "$target" --use-remote-sudo -I $sources -I "nixos-config=$PWD/hosts/$host/configuration.nix" +system_drv=$(nix-instantiate "" -I $sources -I "nixos-config=$PWD/hosts/$host/configuration.nix" | head -n1) +nix-copy-closure --to $target $system_drv +system=$(ssh $target "nix-store --realise $system_drv") +ssh $target "sudo nix-env -p /nix/var/nix/profiles/system -i $system && sudo /nix/var/nix/profiles/system/bin/switch-to-configuration $mode" diff --git a/hosts/bemmer/configuration.nix b/hosts/bemmer/configuration.nix new file mode 100644 index 0000000..62b02f7 --- /dev/null +++ b/hosts/bemmer/configuration.nix @@ -0,0 +1,43 @@ +{ modulesPath, lib, pkgs, ... }: + +{ + imports = [ + (modulesPath + "/installer/sd-card/sd-image-aarch64.nix") + + ../../common + + # services + ../../shared-services/pulseaudio.nix + #../../shared-services/nfs-server.nix + ../../shared-services/mpd.nix + ../../shared-services/ympd.nix + ../../shared-services/spotifyd.nix + ../../shared-services/desktop.nix + ../../shared-services/vnc.nix + ../../shared-services/webserver.nix + ]; + users.users.c3h = { + isNormalUser = true; + password = "c3h"; + extraGroups = [ "wheel" ]; + packages = with pkgs; [ chromium firefox mpv youtube-dl ]; + }; + + networking.hostName = "bemmer"; + networking.domain = "c3h"; + + networking.useDHCP = true; + + nixpkgs.system = "aarch64-linux"; + boot.initrd.availableKernelModules = lib.mkForce [ "vc4" "i2c_bcm2835" ]; + boot.supportedFilesystems = lib.mkForce [ "ext4" "vfat" ]; + boot.kernelPackages = pkgs.linuxPackages_rpi4; + documentation.enable = false; + + hardware.raspberry-pi."4" = { + fkms-3d.enable = true; + #audio.enable = true; + }; + + system.stateVersion = "21.05"; +} diff --git a/hosts/nuc/configuration.nix b/hosts/nuc/configuration.nix index 741c50e..47fc3ef 100644 --- a/hosts/nuc/configuration.nix +++ b/hosts/nuc/configuration.nix @@ -3,17 +3,18 @@ { imports = [ ./hardware-configuration.nix + ../../common # services - ./pulseaudio.nix - ./nfs-server.nix - ./mpd.nix - ./ympd.nix - ./spotifyd.nix - ./desktop.nix - ./vnc.nix - ./webserver.nix + ../../shared-services/pulseaudio.nix + ../../shared-services/nfs-server.nix + ../../shared-services/mpd.nix + ../../shared-services/ympd.nix + ../../shared-services/spotifyd.nix + ../../shared-services/desktop.nix + ../../shared-services/vnc.nix + ../../shared-services/webserver.nix ]; networking.hostName = "nuc"; diff --git a/hosts/nuc/desktop.nix b/hosts/nuc/desktop.nix deleted file mode 100644 index e539927..0000000 --- a/hosts/nuc/desktop.nix +++ /dev/null @@ -1,25 +0,0 @@ -{ pkgs, ... }: - -{ - users.mutableUsers = false; - users.users.c3h = { - isNormalUser = true; - password = "c3h"; - extraGroups = [ "wheel" ]; - packages = with pkgs; [ chromium firefox mpv youtube-dl ]; - }; - - services.xserver = { - enable = true; - layout = "de"; - - videoDrivers = [ "modesetting" ]; - useGlamor = true; - - displayManager.lightdm.enable = true; - displayManager.autoLogin.enable = true; - displayManager.autoLogin.user = "c3h"; - - desktopManager.mate.enable = true; - }; -} diff --git a/nix/sources.json b/nix/sources.json index d23d445..f739c0f 100644 --- a/nix/sources.json +++ b/nix/sources.json @@ -11,16 +11,28 @@ "url": "https://github.com/nmattia/niv/archive/e0ca65c81a2d7a4d82a189f1e23a48d59ad42070.tar.gz", "url_template": "https://github.com///archive/.tar.gz" }, + "nixos-hardware": { + "branch": "master", + "description": "A collection of NixOS modules covering hardware quirks.", + "homepage": "", + "owner": "NixOS", + "repo": "nixos-hardware", + "rev": "3aabf78bfcae62f5f99474f2ebbbe418f1c6e54f", + "sha256": "10g240brgjz7qi20adwajxwqrqb5zxc79ii1mc20fasgqlf2a8sx", + "type": "tarball", + "url": "https://github.com/NixOS/nixos-hardware/archive/3aabf78bfcae62f5f99474f2ebbbe418f1c6e54f.tar.gz", + "url_template": "https://github.com///archive/.tar.gz" + }, "nixpkgs": { - "branch": "nixos-21.05", + "branch": "nixos-unstable", "description": "Nix Packages collection", "homepage": "", "owner": "NixOS", "repo": "nixpkgs", - "rev": "70904d4a9927a4d6e05c72c4aaac4370e05107f3", - "sha256": "08vvir0npyrdx85ypiannwzvyryqdw3749bghffhdsq2dgz1cx8z", + "rev": "34ad3ffe08adfca17fcb4e4a47bb5f3b113687be", + "sha256": "02li241rz5668nfyp88zfjilxf0mr9yansa93fbl38hjwkhf3ix6", "type": "tarball", - "url": "https://github.com/NixOS/nixpkgs/archive/70904d4a9927a4d6e05c72c4aaac4370e05107f3.tar.gz", + "url": "https://github.com/NixOS/nixpkgs/archive/34ad3ffe08adfca17fcb4e4a47bb5f3b113687be.tar.gz", "url_template": "https://github.com///archive/.tar.gz" } } diff --git a/shared-services/desktop.nix b/shared-services/desktop.nix new file mode 100644 index 0000000..f11fb04 --- /dev/null +++ b/shared-services/desktop.nix @@ -0,0 +1,53 @@ +{ pkgs, ... }: + +{ + users.mutableUsers = false; + users.users.c3h = { + isNormalUser = true; + password = "c3h"; + extraGroups = [ "wheel" ]; + packages = with pkgs; [ chromium firefox mpv youtube-dl ]; + }; + + services.xserver = { + enable = true; + layout = "de"; + + videoDrivers = [ "modesetting" ]; + useGlamor = true; + + displayManager.lightdm.enable = true; + displayManager.autoLogin.enable = true; + displayManager.autoLogin.user = "c3h"; + + desktopManager.mate.enable = true; + }; + + programs.chromium = { + enable = true; + extensions = [ + "cjpalhdlnbpafiamejdnhcphjbkeiagm" # ublock origin + ]; + extraOpts = { + DefaultSearchProviderEnabled = true; + DefaultSearchProviderName = "DuckDuckGo"; + DefaultSearchProviderIconURL = "https://duckduckgo.com/favicon.ico"; + DefaultSearchProviderSearchURL = "https://duckduckgo.com/?q={searchTerms}"; + DefaultSearchProviderSuggestURL = "https://duckduckgo.com/ac/?q={searchTerms}&type=list"; + + DefaultBrowserSettingEnabled = false; + BlockThirdPartyCookies = true; + + BrowserSignin = 0; + SyncDisabled = true; + PasswordManagerEnabled = false; + + # Send less data to Google + SafeBrowsingProtectionLevel = 0; + UrlKeyedAnonymizedDataCollectionEnabled = false; + SafeBrowsingExtendedReportingEnabled = false; + SpellCheckServiceEnabled = false; + AdvancedProtectionAllowed = false; + }; + }; +} diff --git a/hosts/nuc/mpd.nix b/shared-services/mpd.nix similarity index 100% rename from hosts/nuc/mpd.nix rename to shared-services/mpd.nix diff --git a/hosts/nuc/nfs-server.nix b/shared-services/nfs-server.nix similarity index 100% rename from hosts/nuc/nfs-server.nix rename to shared-services/nfs-server.nix diff --git a/hosts/nuc/pulseaudio.nix b/shared-services/pulseaudio.nix similarity index 87% rename from hosts/nuc/pulseaudio.nix rename to shared-services/pulseaudio.nix index 7bb6565..cdc48fe 100644 --- a/hosts/nuc/pulseaudio.nix +++ b/shared-services/pulseaudio.nix @@ -8,4 +8,5 @@ hardware.pulseaudio.package = pkgs.pulseaudio; hardware.pulseaudio.tcp.enable = true; hardware.pulseaudio.tcp.anonymousClients.allowedIpRanges = [ "127.0.0.0/8" "::/64" "10.23.42.0/24" ]; + environment.variables.PULSE_SERVER = "127.0.0.1"; } diff --git a/hosts/nuc/spotifyd.nix b/shared-services/spotifyd.nix similarity index 100% rename from hosts/nuc/spotifyd.nix rename to shared-services/spotifyd.nix diff --git a/hosts/nuc/vnc.nix b/shared-services/vnc.nix similarity index 100% rename from hosts/nuc/vnc.nix rename to shared-services/vnc.nix diff --git a/hosts/nuc/webserver.nix b/shared-services/webserver.nix similarity index 100% rename from hosts/nuc/webserver.nix rename to shared-services/webserver.nix diff --git a/hosts/nuc/ympd.nix b/shared-services/ympd.nix similarity index 100% rename from hosts/nuc/ympd.nix rename to shared-services/ympd.nix