diff --git a/flake.lock b/flake.lock
index fd01e2c..416dee4 100644
--- a/flake.lock
+++ b/flake.lock
@@ -6,11 +6,11 @@
"nixpkgs": "nixpkgs"
},
"locked": {
- "lastModified": 1738087375,
- "narHash": "sha256-GLyNtU9A2VN22jNRHZ2OXuFfTJLh8uEVVt+ftsKUX0c=",
+ "lastModified": 1744557573,
+ "narHash": "sha256-XAyj0iDuI51BytJ1PwN53uLpzTDdznPDQFG4RwihlTQ=",
"owner": "Aylur",
"repo": "ags",
- "rev": "a6a7a0adb17740f4c34a59902701870d46fbb6a4",
+ "rev": "3ed9737bdbc8fc7a7c7ceef2165c9109f336bff6",
"type": "github"
},
"original": {
@@ -26,11 +26,11 @@
"systems": "systems"
},
"locked": {
- "lastModified": 1735301051,
- "narHash": "sha256-jU88Q9tP4vuvWYGQcmOdFwI9e2uMPVYJHbXdiklIH9o=",
+ "lastModified": 1743762088,
+ "narHash": "sha256-f+oXT9b3xuBDmm4v4nDqJvlHabxxZRB6+pay4Ub/NvA=",
"owner": "Kirottu",
"repo": "anyrun",
- "rev": "06017e753c8886d5296768dca80745ee09402a2d",
+ "rev": "786f539d69d5abcefa68978dbaa964ac14536a00",
"type": "github"
},
"original": {
@@ -47,11 +47,11 @@
]
},
"locked": {
- "lastModified": 1737670815,
- "narHash": "sha256-ZCxxshGN7XooabArcoGkYSNx5yVunqjKJi2aTv6cznI=",
+ "lastModified": 1742571008,
+ "narHash": "sha256-5WgfJAeBpxiKbTR/gJvxrGYfqQRge5aUDcGKmU1YZ1Q=",
"owner": "aylur",
"repo": "astal",
- "rev": "127e9cdcbf173846a3c40ddc0abfbb038df48042",
+ "rev": "dc0e5d37abe9424c53dcbd2506a4886ffee6296e",
"type": "github"
},
"original": {
@@ -67,11 +67,11 @@
]
},
"locked": {
- "lastModified": 1739634831,
- "narHash": "sha256-xFnU+uUl48Icas2wPQ+ZzlL2O3n8f6J2LrzNK9f2nng=",
+ "lastModified": 1745502102,
+ "narHash": "sha256-LqhRwzvIVPEjH0TaPgwzqpyhW6DtCrvz7FnUJDoUZh8=",
"owner": "nix-community",
"repo": "disko",
- "rev": "fa5746ecea1772cf59b3f34c5816ab3531478142",
+ "rev": "ca27b88c88948d96feeee9ed814cbd34f53d0d70",
"type": "github"
},
"original": {
@@ -80,6 +80,45 @@
"type": "github"
}
},
+ "doomemacs": {
+ "flake": false,
+ "locked": {
+ "lastModified": 1749895289,
+ "narHash": "sha256-b1Hl70p4OOWkcTtXRiJ3Ker9gzOjAoZfwNqxlmE1s7g=",
+ "owner": "doomemacs",
+ "repo": "doomemacs",
+ "rev": "e6c755305358412a71a990fc2cf592c629edde1e",
+ "type": "github"
+ },
+ "original": {
+ "owner": "doomemacs",
+ "repo": "doomemacs",
+ "type": "github"
+ }
+ },
+ "emacs-overlay": {
+ "inputs": {
+ "nixpkgs": [
+ "nix-doom-emacs-unstraightened"
+ ],
+ "nixpkgs-stable": [
+ "nix-doom-emacs-unstraightened"
+ ]
+ },
+ "locked": {
+ "lastModified": 1750753596,
+ "narHash": "sha256-/XQ4k8fUYrYe+utV0aCSHT9wB0wyw/E2IzwHxYySvGc=",
+ "owner": "nix-community",
+ "repo": "emacs-overlay",
+ "rev": "b13d55077455690a9b4e25e4077012f3ac724e2c",
+ "type": "github"
+ },
+ "original": {
+ "owner": "nix-community",
+ "repo": "emacs-overlay",
+ "type": "github"
+ }
+ },
"flake-parts": {
"inputs": {
"nixpkgs-lib": [
@@ -88,11 +127,11 @@
]
},
"locked": {
- "lastModified": 1727826117,
- "narHash": "sha256-K5ZLCyfO/Zj9mPFldf3iwS6oZStJcU4tSpiXTMYaaL0=",
+ "lastModified": 1743550720,
+ "narHash": "sha256-hIshGgKZCgWh6AYJpJmRgFdR3WUbkY04o82X05xqQiY=",
"owner": "hercules-ci",
"repo": "flake-parts",
- "rev": "3d04084d54bedc3d6b8b736c70ef449225c361b1",
+ "rev": "c621e8422220273271f52058f618c94e405bb0f5",
"type": "github"
},
"original": {
@@ -106,11 +145,11 @@
"nixpkgs-lib": "nixpkgs-lib"
},
"locked": {
- "lastModified": 1738453229,
- "narHash": "sha256-7H9XgNiGLKN1G1CgRh0vUL4AheZSYzPm+zmZ7vxbJdo=",
+ "lastModified": 1743550720,
+ "narHash": "sha256-hIshGgKZCgWh6AYJpJmRgFdR3WUbkY04o82X05xqQiY=",
"owner": "hercules-ci",
"repo": "flake-parts",
- "rev": "32ea77a06711b758da0ad9bd6a844c5740a87abd",
+ "rev": "c621e8422220273271f52058f618c94e405bb0f5",
"type": "github"
},
"original": {
@@ -121,7 +160,7 @@
},
"flake-utils": {
"inputs": {
- "systems": "systems_2"
+ "systems": "systems_3"
},
"locked": {
"lastModified": 1681202837,
@@ -139,14 +178,16 @@
},
"home-manager": {
"inputs": {
- "nixpkgs": "nixpkgs_3"
+ "nixpkgs": [
+ "nixpkgs"
+ ]
},
"locked": {
- "lastModified": 1739571712,
- "narHash": "sha256-0UdSDV/TBY+GuxXLbrLq3l2Fq02ciyKCIMy4qmnfJXQ=",
+ "lastModified": 1745771770,
+ "narHash": "sha256-kC1yYNAO69i0Q9nnQFTxu5kdwcoHRE7x4jtJyIB5QSg=",
"owner": "nix-community",
"repo": "home-manager",
- "rev": "6d3163aea47fdb1fe19744e91306a2ea4f602292",
+ "rev": "0fbd8207e913b2d1660a7662f9ae80e5e639de65",
"type": "github"
},
"original": {
@@ -191,6 +232,27 @@
"type": "github"
}
},
+ "nix-doom-emacs-unstraightened": {
+ "inputs": {
+ "doomemacs": "doomemacs",
+ "emacs-overlay": "emacs-overlay",
+ "nixpkgs": [],
+ "systems": "systems_2"
+ },
+ "locked": {
+ "lastModified": 1750754709,
+ "narHash": "sha256-NzU+nM97aF0ECj0FYXx55fxbkxC0LnzQxBZS7oweJXA=",
+ "owner": "marienz",
+ "repo": "nix-doom-emacs-unstraightened",
+ "rev": "12f1fb5974ac524a43f8467fdbb54ced5cef7ffd",
+ "type": "github"
+ },
+ "original": {
+ "owner": "marienz",
+ "repo": "nix-doom-emacs-unstraightened",
+ "type": "github"
+ }
+ },
"nix-index-database": {
"inputs": {
"nixpkgs": [
@@ -198,11 +260,11 @@
]
},
"locked": {
- "lastModified": 1739071773,
- "narHash": "sha256-/Ak+Quinhmdxa9m3shjm4lwwwqmzG8zzGhhhhgR1k9I=",
+ "lastModified": 1745725746,
+ "narHash": "sha256-iR+idGZJ191cY6NBXyVjh9QH8GVWTkvZw/w+1Igy45A=",
"owner": "nix-community",
"repo": "nix-index-database",
- "rev": "895d81b6228bbd50a6ef22f5a58a504ca99763ea",
+ "rev": "187524713d0d9b2d2c6f688b81835114d4c2a7c6",
"type": "github"
},
"original": {
@@ -226,13 +288,28 @@
"type": "github"
}
},
+ "nix-templates": {
+ "locked": {
+ "lastModified": 1750839034,
+ "narHash": "sha256-8pimAU3boBi8rr8JVHrldIsXzi1OmyAbXqioNc3ENTg=",
+ "ref": "refs/heads/main",
+ "rev": "ddf6814856b643f7bdbbd704549d888a96612cd2",
+ "revCount": 6,
+ "type": "git",
+ "url": "https://git.xnia.org/evar/nix-templates"
+ },
+ "original": {
+ "type": "git",
+ "url": "https://git.xnia.org/evar/nix-templates"
+ }
+ },
"nixos-facter-modules": {
"locked": {
- "lastModified": 1738752252,
- "narHash": "sha256-/nA3tDdp/2g0FBy8966ppC2WDoyXtUWaHkZWL+N3ZKc=",
+ "lastModified": 1743671943,
+ "narHash": "sha256-7sYig0+RcrR3sOL5M+2spbpFUHyEP7cnUvCaqFOBjyU=",
"owner": "numtide",
"repo": "nixos-facter-modules",
- "rev": "60f8b8f3f99667de6a493a44375e5506bf0c48b1",
+ "rev": "58ad9691670d293a15221d4a78818e0088d2e086",
"type": "github"
},
"original": {
@@ -243,11 +320,11 @@
},
"nixos-hardware": {
"locked": {
- "lastModified": 1738816619,
- "narHash": "sha256-5yRlg48XmpcX5b5HesdGMOte+YuCy9rzQkJz+imcu6I=",
+ "lastModified": 1745503349,
+ "narHash": "sha256-bUGjvaPVsOfQeTz9/rLTNLDyqbzhl0CQtJJlhFPhIYw=",
"owner": "NixOS",
"repo": "nixos-hardware",
- "rev": "2eccff41bab80839b1d25b303b53d339fbb07087",
+ "rev": "f7bee55a5e551bd8e7b5b82c9bc559bc50d868d1",
"type": "github"
},
"original": {
@@ -258,11 +335,11 @@
},
"nixpkgs": {
"locked": {
- "lastModified": 1737469691,
- "narHash": "sha256-nmKOgAU48S41dTPIXAq0AHZSehWUn6ZPrUKijHAMmIk=",
+ "lastModified": 1743583204,
+ "narHash": "sha256-F7n4+KOIfWrwoQjXrL2wD9RhFYLs2/GGe/MQY1sSdlE=",
"owner": "nixos",
"repo": "nixpkgs",
- "rev": "9e4d5190a9482a1fb9d18adf0bdb83c6e506eaab",
+ "rev": "2c8d3f48d33929642c1c12cd243df4cc7d2ce434",
"type": "github"
},
"original": {
@@ -274,23 +351,26 @@
},
"nixpkgs-lib": {
"locked": {
- "lastModified": 1738452942,
- "narHash": "sha256-vJzFZGaCpnmo7I6i416HaBLpC+hvcURh/BQwROcGIp8=",
- "type": "tarball",
- "url": "https://github.com/NixOS/nixpkgs/archive/072a6db25e947df2f31aab9eccd0ab75d5b2da11.tar.gz"
+ "lastModified": 1743296961,
+ "narHash": "sha256-b1EdN3cULCqtorQ4QeWgLMrd5ZGOjLSLemfa00heasc=",
+ "owner": "nix-community",
+ "repo": "nixpkgs.lib",
+ "rev": "e4822aea2a6d1cdd36653c134cacfd64c97ff4fa",
+ "type": "github"
},
"original": {
- "type": "tarball",
- "url": "https://github.com/NixOS/nixpkgs/archive/072a6db25e947df2f31aab9eccd0ab75d5b2da11.tar.gz"
+ "owner": "nix-community",
+ "repo": "nixpkgs.lib",
+ "type": "github"
}
},
"nixpkgs_2": {
"locked": {
- "lastModified": 1730200266,
- "narHash": "sha256-l253w0XMT8nWHGXuXqyiIC/bMvh1VRszGXgdpQlfhvU=",
+ "lastModified": 1743583204,
+ "narHash": "sha256-F7n4+KOIfWrwoQjXrL2wD9RhFYLs2/GGe/MQY1sSdlE=",
"owner": "NixOS",
"repo": "nixpkgs",
- "rev": "807e9154dcb16384b1b765ebe9cd2bba2ac287fd",
+ "rev": "2c8d3f48d33929642c1c12cd243df4cc7d2ce434",
"type": "github"
},
"original": {
@@ -302,11 +382,11 @@
},
"nixpkgs_3": {
"locked": {
- "lastModified": 1739020877,
- "narHash": "sha256-mIvECo/NNdJJ/bXjNqIh8yeoSjVLAuDuTUzAo7dzs8Y=",
+ "lastModified": 1745526057,
+ "narHash": "sha256-ITSpPDwvLBZBnPRS2bUcHY3gZSwis/uTe255QgMtTLA=",
"owner": "NixOS",
"repo": "nixpkgs",
- "rev": "a79cfe0ebd24952b580b1cf08cd906354996d547",
+ "rev": "f771eb401a46846c1aebd20552521b233dd7e18b",
"type": "github"
},
"original": {
@@ -317,22 +397,6 @@
}
},
"nixpkgs_4": {
- "locked": {
- "lastModified": 1739451785,
- "narHash": "sha256-3ebRdThRic9bHMuNi2IAA/ek9b32bsy8F5R4SvGTIog=",
- "owner": "NixOS",
- "repo": "nixpkgs",
- "rev": "1128e89fd5e11bb25aedbfc287733c6502202ea9",
- "type": "github"
- },
- "original": {
- "owner": "NixOS",
- "ref": "nixpkgs-unstable",
- "repo": "nixpkgs",
- "type": "github"
- }
- },
- "nixpkgs_5": {
"locked": {
"lastModified": 1682134069,
"narHash": "sha256-TnI/ZXSmRxQDt2sjRYK/8j8iha4B4zP2cnQCZZ3vp7k=",
@@ -355,11 +419,13 @@
"home-manager": "home-manager",
"impermanence": "impermanence",
"muse-sounds-manager": "muse-sounds-manager",
+ "nix-doom-emacs-unstraightened": "nix-doom-emacs-unstraightened",
"nix-index-database": "nix-index-database",
"nix-std": "nix-std",
+ "nix-templates": "nix-templates",
"nixos-facter-modules": "nixos-facter-modules",
"nixos-hardware": "nixos-hardware",
- "nixpkgs": "nixpkgs_4",
+ "nixpkgs": "nixpkgs_3",
"vscode-server": "vscode-server"
}
},
@@ -393,10 +459,25 @@
"type": "github"
}
},
+ "systems_3": {
+ "locked": {
+ "lastModified": 1681028828,
+ "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
+ "owner": "nix-systems",
+ "repo": "default",
+ "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
+ "type": "github"
+ },
+ "original": {
+ "owner": "nix-systems",
+ "repo": "default",
+ "type": "github"
+ }
+ },
"vscode-server": {
"inputs": {
"flake-utils": "flake-utils",
- "nixpkgs": "nixpkgs_5"
+ "nixpkgs": "nixpkgs_4"
},
"locked": {
"lastModified": 1729422940,
diff --git a/flake.nix b/flake.nix
index 9fcad16..463a8e8 100644
--- a/flake.nix
+++ b/flake.nix
@@ -1,6 +1,16 @@
{
inputs = {
- nixpkgs.url = "github:NixOS/nixpkgs/nixpkgs-unstable";
+ nix-doom-emacs-unstraightened = {
+ url = "github:marienz/nix-doom-emacs-unstraightened";
+ # Optional, to download less. Neither the module nor the overlay uses this input.
+ inputs.nixpkgs.follows = "";
+ };
+ nix-templates = {
+ url = "git+https://git.xnia.org/evar/nix-templates";
+ inputs.nixpkgs.follows = "nixpkgs";
+ };
+
+ nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable";
flake-parts.url = "github:hercules-ci/flake-parts";
vscode-server.url = "github:nix-community/nixos-vscode-server";
@@ -11,7 +21,10 @@
disko.inputs.nixpkgs.follows = "nixpkgs";
nixos-facter-modules.url = "github:numtide/nixos-facter-modules";
- home-manager.url = "github:nix-community/home-manager";
+ home-manager = {
+ url = "github:nix-community/home-manager";
+ inputs.nixpkgs.follows = "nixpkgs";
+ };
impermanence.url = "github:nix-community/impermanence";
nix-index-database = {
url = "github:nix-community/nix-index-database";
@@ -25,9 +38,10 @@
};
};
- outputs = inputs @ {flake-parts, ...}:
- flake-parts.lib.mkFlake {inherit inputs;} {
- systems = ["x86_64-linux"];
+ outputs =
+ inputs@{ flake-parts, ... }:
+ flake-parts.lib.mkFlake { inherit inputs; } {
+ systems = [ "x86_64-linux" ];
imports = [
./systems
./dev-shell
diff --git a/home/apps.nix b/home/apps.nix
index b001962..3aea90b 100644
--- a/home/apps.nix
+++ b/home/apps.nix
@@ -5,6 +5,7 @@
imports = [
./apps/firefox.nix
./apps/syncthing.nix
+ ./apps/zed.nix
];
home.packages = [
@@ -23,7 +24,7 @@
pkgs.libreoffice
pkgs.gimp
pkgs.krita
- pkgs.okular
+ pkgs.kdePackages.okular
pkgs.localsend
pkgs.ffmpeg # Generally useful
@@ -34,6 +35,8 @@
pkgs.spotify # Proprietary
# Documents
+ pkgs.kdePackages.kimageformats
+ pkgs.kdePackages.kdegraphics-thumbnailers
# emily suggested I try these (albiet via their web thing), so keeping them commented
#pkgs.typst # TeX alternative
@@ -49,6 +52,8 @@
#pkgs.zed-editor
pkgs.obsidian
+ pkgs.anki
+ pkgs.quickemu
];
programs.mpv.enable = true; # media player
diff --git a/home/apps/zed.nix b/home/apps/zed.nix
new file mode 100644
index 0000000..0d58507
--- /dev/null
+++ b/home/apps/zed.nix
@@ -0,0 +1,22 @@
+{ pkgs, ... }:
+{
+ programs.zed-editor = {
+ enable = true;
+ extensions = [
+ "dockerfile"
+ # disabled until https://github.com/eth0net/zed-docker-compose/issues/2
+ # "docker-compose"
+
+ "nix"
+ ];
+ installRemoteServer = true;
+ userSettings = {
+ "vim_mode" = true;
+ "terminal"."shell"."program" = "fish";
+
+ "lsp"."package-version-server"."binary"."path" = pkgs.package-version-server + "/bin/package-version-server";
+ "lsp"."nixd"."binary"."path" = pkgs.nixd + "/bin/nixd";
+ "lsp"."nil"."binary"."path" = pkgs.nil + "/bin/nil";
+ };
+ };
+}
\ No newline at end of file
diff --git a/home/default.nix b/home/default.nix
index d76f4ae..cbd37be 100644
--- a/home/default.nix
+++ b/home/default.nix
@@ -1,39 +1,23 @@
{
pkgs,
+ inputs,
...
-}: let
- variables = {
- # VISUAL = "emacs";
- EDITOR = "nvim";
- };
-in {
+}:
+{
imports = [
- ./xdg.nix
- ./terminal.nix
- ./desktop.nix
- # ./emacs.nix
- ./apps.nix
- ./git.nix
+ inputs.nix-templates.homeManagerModules.default
+ inputs.nix-templates.homeManagerModules.home
+ inputs.nix-templates.homeManagerModules.dev
+
+ # ./xdg.nix
./vm.nix
];
- home.sessionVariables = variables;
- systemd.user.sessionVariables = variables;
-
- xdg.enable = true; # TODO: what is this?
-
- fonts.fontconfig.enable = true; # allows adding fonts from home manager config
- home.packages = with pkgs; [
- noto-fonts-cjk-sans
- noto-fonts-cjk-serif
- noto-fonts-color-emoji
- ];
-
- # programs.ssh
programs.ssh = {
enable = true;
addKeysToAgent = "1h";
};
+
services.ssh-agent.enable = true;
programs.yt-dlp.enable = true;
diff --git a/home/terminal.nix b/home/terminal.nix
index 2fa4c0e..1e21306 100644
--- a/home/terminal.nix
+++ b/home/terminal.nix
@@ -32,6 +32,7 @@
pkgs.pciutils # lspci
pkgs.usbutils # lsusb
+ pkgs.btop
pkgs.bottom
pkgs.htop
pkgs.lsof
diff --git a/nixos/default.nix b/nixos/default.nix
index ea6bc03..4943729 100644
--- a/nixos/default.nix
+++ b/nixos/default.nix
@@ -6,9 +6,9 @@
...
}:
{
- imports = [
+ imports = [
inputs.disko.nixosModules.disko
-
+
./device.nix
./disk-config.nix
./hardware-configuration.nix
@@ -28,15 +28,15 @@
./vm.nix
(import ./kvmfr.nix { std = inputs.nix-std.lib; lib = lib; pkgs = pkgs; config = config; })
./libvirtd.nix
-
+
./osrs.nix
];
# So that I can get to the netgear router
- networking.extraHosts = ''
- 10.0.0.152 routerlogin.net
- 10.0.0.152 www.routerlogin.net
- '';
+ # networking.extraHosts = ''
+ # 10.0.0.152 routerlogin.net
+ # 10.0.0.152 www.routerlogin.net
+ # '';
services.flatpak.enable = true;
xdg.portal.extraPortals = [ pkgs.xdg-desktop-portal-gtk ];
@@ -51,7 +51,7 @@
vfio = {
enable = true;
- earlyKMS = true;
+ earlyKMS = true;
applyACSpatch = true;
};
@@ -86,7 +86,7 @@
# };
# Allows referring to this flake by the shorthand `nixos-config`, which lets you do e.g.
- # nix repl nixos-config
+ # nix repl nixos-config
nix.registry.nixos-config.to = {
type = "git";
url = "file://${config.users.users.evar.home}/git/nixos-framework-laptop-config";
@@ -94,7 +94,7 @@
# In order to catch all logs, we need to mount this early enough in the boot process.
fileSystems."/var/log".neededForBoot = true;
-
+
zramSwap = {
enable = true;
memoryPercent = 25;
@@ -186,7 +186,11 @@
### System software
+ nixpkgs.config.allowUnfree = true;
+
environment.systemPackages = [
+ pkgs.unifi
+
pkgs.git
pkgs.gdu
@@ -254,4 +258,4 @@
#
# For more information, see `man configuration.nix` or https://nixos.org/manual/nixos/stable/options#opt-system.stateVersion .
system.stateVersion = "23.11"; # Did you read the comment?
-}
\ No newline at end of file
+}
diff --git a/nixos/kvmfr.nix b/nixos/kvmfr.nix
index ab0a6da..aa8b81b 100644
--- a/nixos/kvmfr.nix
+++ b/nixos/kvmfr.nix
@@ -119,15 +119,16 @@ in {
# So I can build for kernel 6.13
# til https://github.com/gnif/LookingGlass/pull/1154 is merged
boot.extraModulePackages = with config.boot.kernelPackages; [
- (kvmfr.overrideAttrs (old: {
- patches = [ ]; # The patches have already since been merged
- src = pkgs.fetchFromGitHub {
- owner = "zeule";
- repo = "LookingGlass";
- rev = "7740692e3000c2019e21b9861585960174dd5ddc";
- sha256 = "sha256-2ayH8FXOn4Bflf55WvhMWTDMLwvucmofD3POI72bC+Q=";
- };
- }))
+ kvmfr
+ # (kvmfr.overrideAttrs (old: {
+ # patches = [ ]; # The patches have already since been merged
+ # src = pkgs.fetchFromGitHub {
+ # owner = "zeule";
+ # repo = "LookingGlass";
+ # rev = "7740692e3000c2019e21b9861585960174dd5ddc";
+ # sha256 = "sha256-2ayH8FXOn4Bflf55WvhMWTDMLwvucmofD3POI72bC+Q=";
+ # };
+ # }))
];
services.udev.packages = optionals (cfg.devices != [ ]) [ udevPackage ];
diff --git a/nixos/smb-usernames.map b/nixos/smb-usernames.map
new file mode 100644
index 0000000..b2239fe
--- /dev/null
+++ b/nixos/smb-usernames.map
@@ -0,0 +1 @@
+evar = microsoft@evar.dev
\ No newline at end of file
diff --git a/nixos/tailscale.nix b/nixos/tailscale.nix
index 05b37e0..f4343d8 100644
--- a/nixos/tailscale.nix
+++ b/nixos/tailscale.nix
@@ -4,6 +4,10 @@
pkgs,
...
}: {
+ # to allow me to be an exit node
+ boot.kernel.sysctl."net.ipv4.ip_forward" = 1;
+ boot.kernel.sysctl."net.ipv6.conf.all.forwarding" = 1;
+
services.tailscale = {
enable = true;
openFirewall = true;
diff --git a/nixos/users.nix b/nixos/users.nix
index 455111e..6ce3029 100644
--- a/nixos/users.nix
+++ b/nixos/users.nix
@@ -25,6 +25,7 @@
uid = 1000;
isNormalUser = true;
extraGroups = [
+ "libvirtd"
"wheel"
"networkmanager"
"video"
diff --git a/nixos/vm.nix b/nixos/vm.nix
index f5893e0..4ae0697 100644
--- a/nixos/vm.nix
+++ b/nixos/vm.nix
@@ -82,34 +82,33 @@ in {
# the network bridge interface with systemctl start network-addresses-winvm0.service,
# and potentially toggle the link state in the vm config
# to get this working. would be good to fix it.
- networking.bridges = {
- "winvm0" = {
- interfaces = [ "eth0" ];
- };
- };
+ # networking.bridges = {
+ # "winvm0" = {
+ # interfaces = [ "eth0" ];
+ # };
+ # };
- networking.dhcpcd.denyInterfaces = [ "winvm0" ];
+ # networking.dhcpcd.denyInterfaces = [ "winvm0" ];
+ # TODO: the below doesn't actually work, so I just
+ # disable wait-online entirely.
# ensure the bridge network doesn't cause us to wait
# on boot
- systemd.network.wait-online.ignoredInterfaces = [ "eth0" "winvm0" ];
- boot.initrd.systemd.network.wait-online.ignoredInterfaces = [ "eth0" "winvm0" ];
+ # systemd.network.wait-online.ignoredInterfaces = [ "eth0" "winvm0" ];
+ # systemd.network.wait-online.anyInterface = true;
+ # boot.initrd.systemd.network.wait-online.ignoredInterfaces = [ "eth0" "winvm0" ];
# These are needed, since I'm not currently trying to
# reserve a static IP for the bridge interface
- networking.interfaces.winvm0 = {
- useDHCP = false;
- ipv4 = {
- addresses = [
- { address = "10.0.5.1"; prefixLength = 16; }
- ];
- routes = [{
- address = "10.0.0.0";
- prefixLength = 16;
- options = { scope = "link"; metric = "900"; };
- }];
- };
- };
+ # networking.defaultGateway = { address = "10.0.0.1"; interface = "eth0"; };
+ # networking.interfaces.winvm0 = {
+ # useDHCP = false;
+ # ipv4 = {
+ # addresses = [
+ # { address = "10.0.5.1"; prefixLength = 32; }
+ # ];
+ # };
+ # };
environment.systemPackages = [
# For sharing filesystems
@@ -136,7 +135,10 @@ in {
hardware.graphics.enable = true; # needed for display spice opengl
virtualisation.libvirtd = {
enable = true;
- qemu.swtpm.enable = true; # for TPM 2.0 support
+ qemu = {
+ swtpm.enable = true; # for TPM 2.0 support
+ ovmf.packages = [ pkgs.OVMFFull.fd ];
+ };
onBoot = "ignore"; # only start autostart vms, not just ones that were running
onShutdown = "shutdown"; # always shut down the vm's cleanly
@@ -148,22 +150,25 @@ in {
# note that the VM needs 64 MB for the shmem in side the
# xml for the full res of the FW laptop
- # systemd.tmpfiles.rules = [
- # "f /dev/shm/scream 0660 evar qemu-libvirtd -"
- # "f /dev/shm/looking-glass 0660 evar qemu-libvirtd -"
- # ];
+ systemd.tmpfiles.rules = [
+ "f /dev/shm/scream 0660 evar qemu-libvirtd -"
+ ];
# service for hooking up scream for audio
- # systemd.user.services.scream-ivshmem = {
- # enable = true;
- # description = "Scream IVSHMEM";
- # serviceConfig = {
- # ExecStart = "${pkgs.scream}/bin/scream-ivshmem-pulse /dev/shm/scream";
- # Restart = "always";
- # };
- # wantedBy = [ "multi-user.target" ];
- # requires = [ "pulseaudio.service" ];
- # };
+ systemd.user.services.scream-ivshmem = {
+ enable = true;
+ description = "Scream";
+ serviceConfig = {
+ ExecStart = "${pkgs.scream}/bin/scream -v -n scream -o pulse -m /dev/shm/scream";
+ Restart = "always";
+ };
+ wantedBy = [ "multi-user.target" ];
+ requires = [
+ "pipewire-pulse.service"
+ "pipewire.service"
+ "sound.target"
+ ];
+ };
boot = {
initrd.kernelModules = [
@@ -194,6 +199,9 @@ in {
# Samba share. Primarily intended to be used via the
# bridged network adapter for speed
+ #
+ # TODO: https://www.samba.org/samba/docs/current/man-html/vfs_btrfs.8.html
+ # to take advantage of btrfs stuff
services.samba = {
enable = true;
openFirewall = true;
@@ -204,6 +212,8 @@ in {
"netbios name" = "Atreus";
"security" = "user";
+ "username map" = "${./smb-usernames.map}";
+
# don't show shares to people who aren't valid to see them
"access based share enum" = "yes";
@@ -215,21 +225,48 @@ in {
"interfaces" = "virbr0";
# note: localhost is the ipv6 localhost ::1
- "hosts allow" = "192.168.122.";
+ "hosts allow" = "192.168.122. 100.64.0.0/10";
# "hosts deny" = "0.0.0.0/0";
"guest account" = "nobody";
"map to guest" = "bad user";
+
+ # Stuff for MacOS
+ # see https://wiki.samba.org/index.php/Configure_Samba_to_Work_Better_with_Mac_OS_X
+ # for additional settings - see manpage for vfs_fruit
+ "vfs objects" = "fruit streams_xattr"; # load in modules, enable APPL extensions - order is critical
+ "fruit:metadata" = "stream"; # stores osx medatadata
+ "fruit:model" = "MacSamba"; # server icon in finder
+ "fruit:veto_appledouble" = "no"; # following stuff generally cleans up files
+ "fruit:zero_file_id" = "yes";
+ "fruit:wipe_intentionally_left_blank_rfork" = "yes";
+ "fruit:delete_empty_adfiles" = "yes";
+ "fruit:posix_rename" = "yes";
+ "fruit:nfs_aces" = "no"; # prevents macOS clients from motifying the UNIX mode of directories that use NFS ACEs
+ };
+
+ "TimeMachineBackup" = {
+ "fruit:time machine" = "yes";
+ # "fruit:time machine max size" = "SIZE";
};
"Virtio Shared" = {
+ # macos spotlight indexing backend
+ # see smb.conf for other elasticsearch params
+ "spotlight backend" = "elasticsearch";
+
"path" = "/home/evar/Virtio Shared";
"comment" = "Virtio shared directory";
"valid users" = "evar";
+ "force user" = "evar";
# POSIX ACE entry maps to Full Control ACL in windows
"acl map full control" = "yes";
+ # allow users with write access to also change perms
+ "dos filemode" = "yes";
+
+ # files created by a samba client have posix ace
"force create mode" = 0777;
"read only" = "no";
diff --git a/win10.xml b/win10.xml
index 431bb5e..8927c1f 100644
--- a/win10.xml
+++ b/win10.xml
@@ -183,25 +183,12 @@
-
-
-
-
-
-
-
-
-
-
-
-
-
-
+
@@ -255,19 +242,17 @@
-
-
-
-
-
-
-
+
+
+ 2
+
+
-
+