From 7549ce0707ac1303b92fffa5cdfc81de78fd2405 Mon Sep 17 00:00:00 2001 From: Yureka Date: Fri, 22 Oct 2021 21:56:03 +0200 Subject: [PATCH 1/7] add some chromium policies --- hosts/nuc/desktop.nix | 28 ++++++++++++++++++++++++++++ 1 file changed, 28 insertions(+) diff --git a/hosts/nuc/desktop.nix b/hosts/nuc/desktop.nix index e539927..f11fb04 100644 --- a/hosts/nuc/desktop.nix +++ b/hosts/nuc/desktop.nix @@ -22,4 +22,32 @@ desktopManager.mate.enable = true; }; + + programs.chromium = { + enable = true; + extensions = [ + "cjpalhdlnbpafiamejdnhcphjbkeiagm" # ublock origin + ]; + extraOpts = { + DefaultSearchProviderEnabled = true; + DefaultSearchProviderName = "DuckDuckGo"; + DefaultSearchProviderIconURL = "https://duckduckgo.com/favicon.ico"; + DefaultSearchProviderSearchURL = "https://duckduckgo.com/?q={searchTerms}"; + DefaultSearchProviderSuggestURL = "https://duckduckgo.com/ac/?q={searchTerms}&type=list"; + + DefaultBrowserSettingEnabled = false; + BlockThirdPartyCookies = true; + + BrowserSignin = 0; + SyncDisabled = true; + PasswordManagerEnabled = false; + + # Send less data to Google + SafeBrowsingProtectionLevel = 0; + UrlKeyedAnonymizedDataCollectionEnabled = false; + SafeBrowsingExtendedReportingEnabled = false; + SpellCheckServiceEnabled = false; + AdvancedProtectionAllowed = false; + }; + }; } From ab24240216c9f629017ae89181330b40a96ceb0a Mon Sep 17 00:00:00 2001 From: Yureka Date: Sat, 23 Oct 2021 00:25:25 +0200 Subject: [PATCH 2/7] move stuff to shared-services --- hosts/nuc/configuration.nix | 16 ++++++++-------- {hosts/nuc => shared-services}/desktop.nix | 0 {hosts/nuc => shared-services}/mpd.nix | 0 {hosts/nuc => shared-services}/nfs-server.nix | 0 {hosts/nuc => shared-services}/pulseaudio.nix | 1 + {hosts/nuc => shared-services}/spotifyd.nix | 0 {hosts/nuc => shared-services}/vnc.nix | 0 {hosts/nuc => shared-services}/webserver.nix | 0 {hosts/nuc => shared-services}/ympd.nix | 0 9 files changed, 9 insertions(+), 8 deletions(-) rename {hosts/nuc => shared-services}/desktop.nix (100%) rename {hosts/nuc => shared-services}/mpd.nix (100%) rename {hosts/nuc => shared-services}/nfs-server.nix (100%) rename {hosts/nuc => shared-services}/pulseaudio.nix (87%) rename {hosts/nuc => shared-services}/spotifyd.nix (100%) rename {hosts/nuc => shared-services}/vnc.nix (100%) rename {hosts/nuc => shared-services}/webserver.nix (100%) rename {hosts/nuc => shared-services}/ympd.nix (100%) diff --git a/hosts/nuc/configuration.nix b/hosts/nuc/configuration.nix index 741c50e..31e7546 100644 --- a/hosts/nuc/configuration.nix +++ b/hosts/nuc/configuration.nix @@ -6,14 +6,14 @@ ../../common # services - ./pulseaudio.nix - ./nfs-server.nix - ./mpd.nix - ./ympd.nix - ./spotifyd.nix - ./desktop.nix - ./vnc.nix - ./webserver.nix + ../../shared-services/pulseaudio.nix + ../../shared-services/nfs-server.nix + ../../shared-services/mpd.nix + ../../shared-services/ympd.nix + ../../shared-services/spotifyd.nix + ../../shared-services/desktop.nix + ../../shared-services/vnc.nix + ../../shared-services/webserver.nix ]; networking.hostName = "nuc"; diff --git a/hosts/nuc/desktop.nix b/shared-services/desktop.nix similarity index 100% rename from hosts/nuc/desktop.nix rename to shared-services/desktop.nix diff --git a/hosts/nuc/mpd.nix b/shared-services/mpd.nix similarity index 100% rename from hosts/nuc/mpd.nix rename to shared-services/mpd.nix diff --git a/hosts/nuc/nfs-server.nix b/shared-services/nfs-server.nix similarity index 100% rename from hosts/nuc/nfs-server.nix rename to shared-services/nfs-server.nix diff --git a/hosts/nuc/pulseaudio.nix b/shared-services/pulseaudio.nix similarity index 87% rename from hosts/nuc/pulseaudio.nix rename to shared-services/pulseaudio.nix index 7bb6565..cdc48fe 100644 --- a/hosts/nuc/pulseaudio.nix +++ b/shared-services/pulseaudio.nix @@ -8,4 +8,5 @@ hardware.pulseaudio.package = pkgs.pulseaudio; hardware.pulseaudio.tcp.enable = true; hardware.pulseaudio.tcp.anonymousClients.allowedIpRanges = [ "127.0.0.0/8" "::/64" "10.23.42.0/24" ]; + environment.variables.PULSE_SERVER = "127.0.0.1"; } diff --git a/hosts/nuc/spotifyd.nix b/shared-services/spotifyd.nix similarity index 100% rename from hosts/nuc/spotifyd.nix rename to shared-services/spotifyd.nix diff --git a/hosts/nuc/vnc.nix b/shared-services/vnc.nix similarity index 100% rename from hosts/nuc/vnc.nix rename to shared-services/vnc.nix diff --git a/hosts/nuc/webserver.nix b/shared-services/webserver.nix similarity index 100% rename from hosts/nuc/webserver.nix rename to shared-services/webserver.nix diff --git a/hosts/nuc/ympd.nix b/shared-services/ympd.nix similarity index 100% rename from hosts/nuc/ympd.nix rename to shared-services/ympd.nix From dda25e506c060503699e06853d55eabdebb980c1 Mon Sep 17 00:00:00 2001 From: Yureka Date: Sat, 23 Oct 2021 00:25:51 +0200 Subject: [PATCH 3/7] switch to nixos-unstable --- nix/sources.json | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/nix/sources.json b/nix/sources.json index d23d445..25f09a4 100644 --- a/nix/sources.json +++ b/nix/sources.json @@ -12,15 +12,15 @@ "url_template": "https://github.com///archive/.tar.gz" }, "nixpkgs": { - "branch": "nixos-21.05", + "branch": "nixos-unstable", "description": "Nix Packages collection", "homepage": "", "owner": "NixOS", "repo": "nixpkgs", - "rev": "70904d4a9927a4d6e05c72c4aaac4370e05107f3", - "sha256": "08vvir0npyrdx85ypiannwzvyryqdw3749bghffhdsq2dgz1cx8z", + "rev": "34ad3ffe08adfca17fcb4e4a47bb5f3b113687be", + "sha256": "02li241rz5668nfyp88zfjilxf0mr9yansa93fbl38hjwkhf3ix6", "type": "tarball", - "url": "https://github.com/NixOS/nixpkgs/archive/70904d4a9927a4d6e05c72c4aaac4370e05107f3.tar.gz", + "url": "https://github.com/NixOS/nixpkgs/archive/34ad3ffe08adfca17fcb4e4a47bb5f3b113687be.tar.gz", "url_template": "https://github.com///archive/.tar.gz" } } From e2efc796861a1621dcf5ec66763c306ff4bdaa7d Mon Sep 17 00:00:00 2001 From: Yureka Date: Sat, 23 Oct 2021 00:26:04 +0200 Subject: [PATCH 4/7] add nixos-hardware repo --- hosts/nuc/configuration.nix | 1 + nix/sources.json | 12 ++++++++++++ 2 files changed, 13 insertions(+) diff --git a/hosts/nuc/configuration.nix b/hosts/nuc/configuration.nix index 31e7546..47fc3ef 100644 --- a/hosts/nuc/configuration.nix +++ b/hosts/nuc/configuration.nix @@ -3,6 +3,7 @@ { imports = [ ./hardware-configuration.nix + ../../common # services diff --git a/nix/sources.json b/nix/sources.json index 25f09a4..f739c0f 100644 --- a/nix/sources.json +++ b/nix/sources.json @@ -11,6 +11,18 @@ "url": "https://github.com/nmattia/niv/archive/e0ca65c81a2d7a4d82a189f1e23a48d59ad42070.tar.gz", "url_template": "https://github.com///archive/.tar.gz" }, + "nixos-hardware": { + "branch": "master", + "description": "A collection of NixOS modules covering hardware quirks.", + "homepage": "", + "owner": "NixOS", + "repo": "nixos-hardware", + "rev": "3aabf78bfcae62f5f99474f2ebbbe418f1c6e54f", + "sha256": "10g240brgjz7qi20adwajxwqrqb5zxc79ii1mc20fasgqlf2a8sx", + "type": "tarball", + "url": "https://github.com/NixOS/nixos-hardware/archive/3aabf78bfcae62f5f99474f2ebbbe418f1c6e54f.tar.gz", + "url_template": "https://github.com///archive/.tar.gz" + }, "nixpkgs": { "branch": "nixos-unstable", "description": "Nix Packages collection", From c576495bb2ef132ddcec39a0a6bd2ebbddb5e3bc Mon Sep 17 00:00:00 2001 From: Yureka Date: Sat, 23 Oct 2021 00:26:39 +0200 Subject: [PATCH 5/7] update deploy script to support aarch64 --- deploy.sh | 14 +++++++++----- 1 file changed, 9 insertions(+), 5 deletions(-) diff --git a/deploy.sh b/deploy.sh index c19b0a8..f425fce 100755 --- a/deploy.sh +++ b/deploy.sh @@ -11,12 +11,16 @@ then fi mode="${1:-switch}" -host="nuc" -target="nuc@nuc.c3h" -#host="${2:-nuc}" -#target="${3:-$host.c3h}" +host="${2:-nuc}" +target="${3:-$host.c3h}" + +echo "deploying $host to $target" +sleep 1 sources=$(nix-build nix/sources-dir.nix --no-out-link) set -x -nixos-rebuild "$mode" --target-host "$target" --use-remote-sudo -I $sources -I "nixos-config=$PWD/hosts/$host/configuration.nix" +system_drv=$(nix-instantiate "" -I $sources -I "nixos-config=$PWD/hosts/$host/configuration.nix" | head -n1) +nix-copy-closure --to $target $system_drv +system=$(ssh $target "nix-store --realise $system_drv") +ssh $target "sudo nix-env -p /nix/var/nix/profiles/system -i $system && sudo /nix/var/nix/profiles/system/bin/switch-to-configuration $mode" From 08cb02d7d965b895e62a438c71c4c62a0dfa5cd4 Mon Sep 17 00:00:00 2001 From: Yureka Date: Sat, 23 Oct 2021 00:26:56 +0200 Subject: [PATCH 6/7] add new host bemmer --- hosts/bemmer/configuration.nix | 43 ++++++++++++++++++++++++++++++++++ 1 file changed, 43 insertions(+) create mode 100644 hosts/bemmer/configuration.nix diff --git a/hosts/bemmer/configuration.nix b/hosts/bemmer/configuration.nix new file mode 100644 index 0000000..62b02f7 --- /dev/null +++ b/hosts/bemmer/configuration.nix @@ -0,0 +1,43 @@ +{ modulesPath, lib, pkgs, ... }: + +{ + imports = [ + (modulesPath + "/installer/sd-card/sd-image-aarch64.nix") + + ../../common + + # services + ../../shared-services/pulseaudio.nix + #../../shared-services/nfs-server.nix + ../../shared-services/mpd.nix + ../../shared-services/ympd.nix + ../../shared-services/spotifyd.nix + ../../shared-services/desktop.nix + ../../shared-services/vnc.nix + ../../shared-services/webserver.nix + ]; + users.users.c3h = { + isNormalUser = true; + password = "c3h"; + extraGroups = [ "wheel" ]; + packages = with pkgs; [ chromium firefox mpv youtube-dl ]; + }; + + networking.hostName = "bemmer"; + networking.domain = "c3h"; + + networking.useDHCP = true; + + nixpkgs.system = "aarch64-linux"; + boot.initrd.availableKernelModules = lib.mkForce [ "vc4" "i2c_bcm2835" ]; + boot.supportedFilesystems = lib.mkForce [ "ext4" "vfat" ]; + boot.kernelPackages = pkgs.linuxPackages_rpi4; + documentation.enable = false; + + hardware.raspberry-pi."4" = { + fkms-3d.enable = true; + #audio.enable = true; + }; + + system.stateVersion = "21.05"; +} From 90f258df0539b511d6fb2b8e78f6b7189c30f406 Mon Sep 17 00:00:00 2001 From: busti Date: Sun, 24 Oct 2021 20:28:19 +0200 Subject: [PATCH 7/7] add alias for apt --- common/default.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/common/default.nix b/common/default.nix index 838bb20..b5a1f7f 100644 --- a/common/default.nix +++ b/common/default.nix @@ -49,5 +49,6 @@ ll = "exa -l"; la = "exa -la"; tree = "exa -T"; + apt = "echo 'please use nix-env -iA instead to install packages.'"; }; }