evar/nixos-framework-laptop-config
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Compare commits

merge into: evar:work
Branches Tags
evar:main
evar:work
...
pull from: evar:main
Branches Tags
evar:main
evar:work
Sign in to create a new pull request.

5 commits
work ... main

Author SHA1 Message Date
Evar
045bea8c88 home: use remote home manager config 2025-06-25 05:05:30 -04:00
Evar
227c761ebe vm: remove bridge network interface, update vm xml, general cleanup 2025-06-25 01:03:16 -04:00
Evar
9030a12931 misc: smb username map and apple fs support, other small changes 2025-06-24 22:17:33 -04:00
Evar
8a928e8f58 misc: zed editor, try to get scream working, other small changes 2025-05-13 11:40:10 -04:00
Evar
ab001fac00 flake: use nixos unstable input instead of nixpkgs, home manager follows nixpkgs 2025-05-09 22:13:22 -04:00
13 changed files with 315 additions and 175 deletions
Download patch file Download diff file Expand all files Collapse all files

211
flake.lock generated
View file

@ -6,11 +6,11 @@
"nixpkgs": "nixpkgs"
},
"locked": {
"lastModified": 1738087375,
"narHash": "sha256-GLyNtU9A2VN22jNRHZ2OXuFfTJLh8uEVVt+ftsKUX0c=",
"lastModified": 1744557573,
"narHash": "sha256-XAyj0iDuI51BytJ1PwN53uLpzTDdznPDQFG4RwihlTQ=",
"owner": "Aylur",
"repo": "ags",
"rev": "a6a7a0adb17740f4c34a59902701870d46fbb6a4",
"rev": "3ed9737bdbc8fc7a7c7ceef2165c9109f336bff6",
"type": "github"
},
"original": {
@ -26,11 +26,11 @@
"systems": "systems"
},
"locked": {
"lastModified": 1735301051,
"narHash": "sha256-jU88Q9tP4vuvWYGQcmOdFwI9e2uMPVYJHbXdiklIH9o=",
"lastModified": 1743762088,
"narHash": "sha256-f+oXT9b3xuBDmm4v4nDqJvlHabxxZRB6+pay4Ub/NvA=",
"owner": "Kirottu",
"repo": "anyrun",
"rev": "06017e753c8886d5296768dca80745ee09402a2d",
"rev": "786f539d69d5abcefa68978dbaa964ac14536a00",
"type": "github"
},
"original": {
@ -47,11 +47,11 @@
]
},
"locked": {
"lastModified": 1737670815,
"narHash": "sha256-ZCxxshGN7XooabArcoGkYSNx5yVunqjKJi2aTv6cznI=",
"lastModified": 1742571008,
"narHash": "sha256-5WgfJAeBpxiKbTR/gJvxrGYfqQRge5aUDcGKmU1YZ1Q=",
"owner": "aylur",
"repo": "astal",
"rev": "127e9cdcbf173846a3c40ddc0abfbb038df48042",
"rev": "dc0e5d37abe9424c53dcbd2506a4886ffee6296e",
"type": "github"
},
"original": {
@ -67,11 +67,11 @@
]
},
"locked": {
"lastModified": 1739634831,
"narHash": "sha256-xFnU+uUl48Icas2wPQ+ZzlL2O3n8f6J2LrzNK9f2nng=",
"lastModified": 1745502102,
"narHash": "sha256-LqhRwzvIVPEjH0TaPgwzqpyhW6DtCrvz7FnUJDoUZh8=",
"owner": "nix-community",
"repo": "disko",
"rev": "fa5746ecea1772cf59b3f34c5816ab3531478142",
"rev": "ca27b88c88948d96feeee9ed814cbd34f53d0d70",
"type": "github"
},
"original": {
@ -80,6 +80,45 @@
"type": "github"
}
},
"doomemacs": {
"flake": false,
"locked": {
"lastModified": 1749895289,
"narHash": "sha256-b1Hl70p4OOWkcTtXRiJ3Ker9gzOjAoZfwNqxlmE1s7g=",
"owner": "doomemacs",
"repo": "doomemacs",
"rev": "e6c755305358412a71a990fc2cf592c629edde1e",
"type": "github"
},
"original": {
"owner": "doomemacs",
"repo": "doomemacs",
"type": "github"
}
},
"emacs-overlay": {
"inputs": {
"nixpkgs": [
"nix-doom-emacs-unstraightened"
],
"nixpkgs-stable": [
"nix-doom-emacs-unstraightened"
]
},
"locked": {
"lastModified": 1750753596,
"narHash": "sha256-/XQ4k8fUYrYe+utV0aCSHT9wB0wyw/E2IzwHxYySvGc=",
"owner": "nix-community",
"repo": "emacs-overlay",
"rev": "b13d55077455690a9b4e25e4077012f3ac724e2c",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "emacs-overlay",
"type": "github"
}
},
"flake-parts": {
"inputs": {
"nixpkgs-lib": [
@ -88,11 +127,11 @@
]
},
"locked": {
"lastModified": 1727826117,
"narHash": "sha256-K5ZLCyfO/Zj9mPFldf3iwS6oZStJcU4tSpiXTMYaaL0=",
"lastModified": 1743550720,
"narHash": "sha256-hIshGgKZCgWh6AYJpJmRgFdR3WUbkY04o82X05xqQiY=",
"owner": "hercules-ci",
"repo": "flake-parts",
"rev": "3d04084d54bedc3d6b8b736c70ef449225c361b1",
"rev": "c621e8422220273271f52058f618c94e405bb0f5",
"type": "github"
},
"original": {
@ -106,11 +145,11 @@
"nixpkgs-lib": "nixpkgs-lib"
},
"locked": {
"lastModified": 1738453229,
"narHash": "sha256-7H9XgNiGLKN1G1CgRh0vUL4AheZSYzPm+zmZ7vxbJdo=",
"lastModified": 1743550720,
"narHash": "sha256-hIshGgKZCgWh6AYJpJmRgFdR3WUbkY04o82X05xqQiY=",
"owner": "hercules-ci",
"repo": "flake-parts",
"rev": "32ea77a06711b758da0ad9bd6a844c5740a87abd",
"rev": "c621e8422220273271f52058f618c94e405bb0f5",
"type": "github"
},
"original": {
@ -121,7 +160,7 @@
},
"flake-utils": {
"inputs": {
"systems": "systems_2"
"systems": "systems_3"
},
"locked": {
"lastModified": 1681202837,
@ -139,14 +178,16 @@
},
"home-manager": {
"inputs": {
"nixpkgs": "nixpkgs_3"
"nixpkgs": [
"nixpkgs"
]
},
"locked": {
"lastModified": 1739571712,
"narHash": "sha256-0UdSDV/TBY+GuxXLbrLq3l2Fq02ciyKCIMy4qmnfJXQ=",
"lastModified": 1745771770,
"narHash": "sha256-kC1yYNAO69i0Q9nnQFTxu5kdwcoHRE7x4jtJyIB5QSg=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "6d3163aea47fdb1fe19744e91306a2ea4f602292",
"rev": "0fbd8207e913b2d1660a7662f9ae80e5e639de65",
"type": "github"
},
"original": {
@ -191,6 +232,27 @@
"type": "github"
}
},
"nix-doom-emacs-unstraightened": {
"inputs": {
"doomemacs": "doomemacs",
"emacs-overlay": "emacs-overlay",
"nixpkgs": [],
"systems": "systems_2"
},
"locked": {
"lastModified": 1750754709,
"narHash": "sha256-NzU+nM97aF0ECj0FYXx55fxbkxC0LnzQxBZS7oweJXA=",
"owner": "marienz",
"repo": "nix-doom-emacs-unstraightened",
"rev": "12f1fb5974ac524a43f8467fdbb54ced5cef7ffd",
"type": "github"
},
"original": {
"owner": "marienz",
"repo": "nix-doom-emacs-unstraightened",
"type": "github"
}
},
"nix-index-database": {
"inputs": {
"nixpkgs": [
@ -198,11 +260,11 @@
]
},
"locked": {
"lastModified": 1739071773,
"narHash": "sha256-/Ak+Quinhmdxa9m3shjm4lwwwqmzG8zzGhhhhgR1k9I=",
"lastModified": 1745725746,
"narHash": "sha256-iR+idGZJ191cY6NBXyVjh9QH8GVWTkvZw/w+1Igy45A=",
"owner": "nix-community",
"repo": "nix-index-database",
"rev": "895d81b6228bbd50a6ef22f5a58a504ca99763ea",
"rev": "187524713d0d9b2d2c6f688b81835114d4c2a7c6",
"type": "github"
},
"original": {
@ -226,13 +288,28 @@
"type": "github"
}
},
"nix-templates": {
"locked": {
"lastModified": 1750839034,
"narHash": "sha256-8pimAU3boBi8rr8JVHrldIsXzi1OmyAbXqioNc3ENTg=",
"ref": "refs/heads/main",
"rev": "ddf6814856b643f7bdbbd704549d888a96612cd2",
"revCount": 6,
"type": "git",
"url": "https://git.xnia.org/evar/nix-templates"
},
"original": {
"type": "git",
"url": "https://git.xnia.org/evar/nix-templates"
}
},
"nixos-facter-modules": {
"locked": {
"lastModified": 1738752252,
"narHash": "sha256-/nA3tDdp/2g0FBy8966ppC2WDoyXtUWaHkZWL+N3ZKc=",
"lastModified": 1743671943,
"narHash": "sha256-7sYig0+RcrR3sOL5M+2spbpFUHyEP7cnUvCaqFOBjyU=",
"owner": "numtide",
"repo": "nixos-facter-modules",
"rev": "60f8b8f3f99667de6a493a44375e5506bf0c48b1",
"rev": "58ad9691670d293a15221d4a78818e0088d2e086",
"type": "github"
},
"original": {
@ -243,11 +320,11 @@
},
"nixos-hardware": {
"locked": {
"lastModified": 1738816619,
"narHash": "sha256-5yRlg48XmpcX5b5HesdGMOte+YuCy9rzQkJz+imcu6I=",
"lastModified": 1745503349,
"narHash": "sha256-bUGjvaPVsOfQeTz9/rLTNLDyqbzhl0CQtJJlhFPhIYw=",
"owner": "NixOS",
"repo": "nixos-hardware",
"rev": "2eccff41bab80839b1d25b303b53d339fbb07087",
"rev": "f7bee55a5e551bd8e7b5b82c9bc559bc50d868d1",
"type": "github"
},
"original": {
@ -258,11 +335,11 @@
},
"nixpkgs": {
"locked": {
"lastModified": 1737469691,
"narHash": "sha256-nmKOgAU48S41dTPIXAq0AHZSehWUn6ZPrUKijHAMmIk=",
"lastModified": 1743583204,
"narHash": "sha256-F7n4+KOIfWrwoQjXrL2wD9RhFYLs2/GGe/MQY1sSdlE=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "9e4d5190a9482a1fb9d18adf0bdb83c6e506eaab",
"rev": "2c8d3f48d33929642c1c12cd243df4cc7d2ce434",
"type": "github"
},
"original": {
@ -274,23 +351,26 @@
},
"nixpkgs-lib": {
"locked": {
"lastModified": 1738452942,
"narHash": "sha256-vJzFZGaCpnmo7I6i416HaBLpC+hvcURh/BQwROcGIp8=",
"type": "tarball",
"url": "https://github.com/NixOS/nixpkgs/archive/072a6db25e947df2f31aab9eccd0ab75d5b2da11.tar.gz"
"lastModified": 1743296961,
"narHash": "sha256-b1EdN3cULCqtorQ4QeWgLMrd5ZGOjLSLemfa00heasc=",
"owner": "nix-community",
"repo": "nixpkgs.lib",
"rev": "e4822aea2a6d1cdd36653c134cacfd64c97ff4fa",
"type": "github"
},
"original": {
"type": "tarball",
"url": "https://github.com/NixOS/nixpkgs/archive/072a6db25e947df2f31aab9eccd0ab75d5b2da11.tar.gz"
"owner": "nix-community",
"repo": "nixpkgs.lib",
"type": "github"
}
},
"nixpkgs_2": {
"locked": {
"lastModified": 1730200266,
"narHash": "sha256-l253w0XMT8nWHGXuXqyiIC/bMvh1VRszGXgdpQlfhvU=",
"lastModified": 1743583204,
"narHash": "sha256-F7n4+KOIfWrwoQjXrL2wD9RhFYLs2/GGe/MQY1sSdlE=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "807e9154dcb16384b1b765ebe9cd2bba2ac287fd",
"rev": "2c8d3f48d33929642c1c12cd243df4cc7d2ce434",
"type": "github"
},
"original": {
@ -302,11 +382,11 @@
},
"nixpkgs_3": {
"locked": {
"lastModified": 1739020877,
"narHash": "sha256-mIvECo/NNdJJ/bXjNqIh8yeoSjVLAuDuTUzAo7dzs8Y=",
"lastModified": 1745526057,
"narHash": "sha256-ITSpPDwvLBZBnPRS2bUcHY3gZSwis/uTe255QgMtTLA=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "a79cfe0ebd24952b580b1cf08cd906354996d547",
"rev": "f771eb401a46846c1aebd20552521b233dd7e18b",
"type": "github"
},
"original": {
@ -317,22 +397,6 @@
}
},
"nixpkgs_4": {
"locked": {
"lastModified": 1739451785,
"narHash": "sha256-3ebRdThRic9bHMuNi2IAA/ek9b32bsy8F5R4SvGTIog=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "1128e89fd5e11bb25aedbfc287733c6502202ea9",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixpkgs-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_5": {
"locked": {
"lastModified": 1682134069,
"narHash": "sha256-TnI/ZXSmRxQDt2sjRYK/8j8iha4B4zP2cnQCZZ3vp7k=",
@ -355,11 +419,13 @@
"home-manager": "home-manager",
"impermanence": "impermanence",
"muse-sounds-manager": "muse-sounds-manager",
"nix-doom-emacs-unstraightened": "nix-doom-emacs-unstraightened",
"nix-index-database": "nix-index-database",
"nix-std": "nix-std",
"nix-templates": "nix-templates",
"nixos-facter-modules": "nixos-facter-modules",
"nixos-hardware": "nixos-hardware",
"nixpkgs": "nixpkgs_4",
"nixpkgs": "nixpkgs_3",
"vscode-server": "vscode-server"
}
},
@ -393,10 +459,25 @@
"type": "github"
}
},
"systems_3": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "default",
"type": "github"
}
},
"vscode-server": {
"inputs": {
"flake-utils": "flake-utils",
"nixpkgs": "nixpkgs_5"
"nixpkgs": "nixpkgs_4"
},
"locked": {
"lastModified": 1729422940,

24
flake.nix
View file

@ -1,6 +1,16 @@
{
inputs = {
nixpkgs.url = "github:NixOS/nixpkgs/nixpkgs-unstable";
nix-doom-emacs-unstraightened = {
url = "github:marienz/nix-doom-emacs-unstraightened";
# Optional, to download less. Neither the module nor the overlay uses this input.
inputs.nixpkgs.follows = "";
};
nix-templates = {
url = "git+https://git.xnia.org/evar/nix-templates";
inputs.nixpkgs.follows = "nixpkgs";
};
nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable";
flake-parts.url = "github:hercules-ci/flake-parts";
vscode-server.url = "github:nix-community/nixos-vscode-server";
@ -11,7 +21,10 @@
disko.inputs.nixpkgs.follows = "nixpkgs";
nixos-facter-modules.url = "github:numtide/nixos-facter-modules";
home-manager.url = "github:nix-community/home-manager";
home-manager = {
url = "github:nix-community/home-manager";
inputs.nixpkgs.follows = "nixpkgs";
};
impermanence.url = "github:nix-community/impermanence";
nix-index-database = {
url = "github:nix-community/nix-index-database";
@ -25,9 +38,10 @@
};
};
outputs = inputs @ {flake-parts, ...}:
flake-parts.lib.mkFlake {inherit inputs;} {
systems = ["x86_64-linux"];
outputs =
inputs@{ flake-parts, ... }:
flake-parts.lib.mkFlake { inherit inputs; } {
systems = [ "x86_64-linux" ];
imports = [
./systems
./dev-shell

7
home/apps.nix
View file

@ -5,6 +5,7 @@
imports = [
./apps/firefox.nix
./apps/syncthing.nix
./apps/zed.nix
];
home.packages = [
@ -23,7 +24,7 @@
pkgs.libreoffice
pkgs.gimp
pkgs.krita
pkgs.okular
pkgs.kdePackages.okular
pkgs.localsend
pkgs.ffmpeg # Generally useful
@ -34,6 +35,8 @@
pkgs.spotify # Proprietary
# Documents
pkgs.kdePackages.kimageformats
pkgs.kdePackages.kdegraphics-thumbnailers
# emily suggested I try these (albiet via their web thing), so keeping them commented
#pkgs.typst # TeX alternative
@ -49,6 +52,8 @@
#pkgs.zed-editor
pkgs.obsidian
pkgs.anki
pkgs.quickemu
];
programs.mpv.enable = true; # media player

22
home/apps/zed.nix Normal file
View file

@ -0,0 +1,22 @@
{ pkgs, ... }:
{
programs.zed-editor = {
enable = true;
extensions = [
"dockerfile"
# disabled until https://github.com/eth0net/zed-docker-compose/issues/2
# "docker-compose"
"nix"
];
installRemoteServer = true;
userSettings = {
"vim_mode" = true;
"terminal"."shell"."program" = "fish";
"lsp"."package-version-server"."binary"."path" = pkgs.package-version-server + "/bin/package-version-server";
"lsp"."nixd"."binary"."path" = pkgs.nixd + "/bin/nixd";
"lsp"."nil"."binary"."path" = pkgs.nil + "/bin/nil";
};
};
}

34
home/default.nix
View file

@ -1,39 +1,23 @@
{
pkgs,
inputs,
...
}: let
variables = {
# VISUAL = "emacs";
EDITOR = "nvim";
};
in {
}:
{
imports = [
./xdg.nix
./terminal.nix
./desktop.nix
# ./emacs.nix
./apps.nix
./git.nix
inputs.nix-templates.homeManagerModules.default
inputs.nix-templates.homeManagerModules.home
inputs.nix-templates.homeManagerModules.dev
# ./xdg.nix
./vm.nix
];
home.sessionVariables = variables;
systemd.user.sessionVariables = variables;
xdg.enable = true; # TODO: what is this?
fonts.fontconfig.enable = true; # allows adding fonts from home manager config
home.packages = with pkgs; [
noto-fonts-cjk-sans
noto-fonts-cjk-serif
noto-fonts-color-emoji
];
# programs.ssh
programs.ssh = {
enable = true;
addKeysToAgent = "1h";
};
services.ssh-agent.enable = true;
programs.yt-dlp.enable = true;

1
home/terminal.nix
View file

@ -32,6 +32,7 @@
pkgs.pciutils # lspci
pkgs.usbutils # lsusb
pkgs.btop
pkgs.bottom
pkgs.htop
pkgs.lsof

12
nixos/default.nix
View file

@ -33,10 +33,10 @@
];
# So that I can get to the netgear router
networking.extraHosts = ''
10.0.0.152 routerlogin.net
10.0.0.152 www.routerlogin.net
'';
# networking.extraHosts = ''
# 10.0.0.152 routerlogin.net
# 10.0.0.152 www.routerlogin.net
# '';
services.flatpak.enable = true;
xdg.portal.extraPortals = [ pkgs.xdg-desktop-portal-gtk ];
@ -186,7 +186,11 @@
### System software
nixpkgs.config.allowUnfree = true;
environment.systemPackages = [
pkgs.unifi
pkgs.git
pkgs.gdu

19
nixos/kvmfr.nix
View file

@ -119,15 +119,16 @@ in {
# So I can build for kernel 6.13
# til https://github.com/gnif/LookingGlass/pull/1154 is merged
boot.extraModulePackages = with config.boot.kernelPackages; [
(kvmfr.overrideAttrs (old: {
patches = [ ]; # The patches have already since been merged
src = pkgs.fetchFromGitHub {
owner = "zeule";
repo = "LookingGlass";
rev = "7740692e3000c2019e21b9861585960174dd5ddc";
sha256 = "sha256-2ayH8FXOn4Bflf55WvhMWTDMLwvucmofD3POI72bC+Q=";
};
}))
kvmfr
# (kvmfr.overrideAttrs (old: {
# patches = [ ]; # The patches have already since been merged
# src = pkgs.fetchFromGitHub {
# owner = "zeule";
# repo = "LookingGlass";
# rev = "7740692e3000c2019e21b9861585960174dd5ddc";
# sha256 = "sha256-2ayH8FXOn4Bflf55WvhMWTDMLwvucmofD3POI72bC+Q=";
# };
# }))
];
services.udev.packages = optionals (cfg.devices != [ ]) [ udevPackage ];

1
nixos/smb-usernames.map Normal file
View file

@ -0,0 +1 @@
evar = microsoft@evar.dev

4
nixos/tailscale.nix
View file

@ -4,6 +4,10 @@
pkgs,
...
}: {
# to allow me to be an exit node
boot.kernel.sysctl."net.ipv4.ip_forward" = 1;
boot.kernel.sysctl."net.ipv6.conf.all.forwarding" = 1;
services.tailscale = {
enable = true;
openFirewall = true;

1
nixos/users.nix
View file

@ -25,6 +25,7 @@
uid = 1000;
isNormalUser = true;
extraGroups = [
"libvirtd"
"wheel"
"networkmanager"
"video"

111
nixos/vm.nix
View file

@ -82,34 +82,33 @@ in {
# the network bridge interface with systemctl start network-addresses-winvm0.service,
# and potentially toggle the link state in the vm config
# to get this working. would be good to fix it.
networking.bridges = {
"winvm0" = {
interfaces = [ "eth0" ];
};
};
# networking.bridges = {
# "winvm0" = {
# interfaces = [ "eth0" ];
# };
# };
networking.dhcpcd.denyInterfaces = [ "winvm0" ];
# networking.dhcpcd.denyInterfaces = [ "winvm0" ];
# TODO: the below doesn't actually work, so I just
# disable wait-online entirely.
# ensure the bridge network doesn't cause us to wait
# on boot
systemd.network.wait-online.ignoredInterfaces = [ "eth0" "winvm0" ];
boot.initrd.systemd.network.wait-online.ignoredInterfaces = [ "eth0" "winvm0" ];
# systemd.network.wait-online.ignoredInterfaces = [ "eth0" "winvm0" ];
# systemd.network.wait-online.anyInterface = true;
# boot.initrd.systemd.network.wait-online.ignoredInterfaces = [ "eth0" "winvm0" ];
# These are needed, since I'm not currently trying to
# reserve a static IP for the bridge interface
networking.interfaces.winvm0 = {
useDHCP = false;
ipv4 = {
addresses = [
{ address = "10.0.5.1"; prefixLength = 16; }
];
routes = [{
address = "10.0.0.0";
prefixLength = 16;
options = { scope = "link"; metric = "900"; };
}];
};
};
# networking.defaultGateway = { address = "10.0.0.1"; interface = "eth0"; };
# networking.interfaces.winvm0 = {
# useDHCP = false;
# ipv4 = {
# addresses = [
# { address = "10.0.5.1"; prefixLength = 32; }
# ];
# };
# };
environment.systemPackages = [
# For sharing filesystems
@ -136,7 +135,10 @@ in {
hardware.graphics.enable = true; # needed for display spice opengl
virtualisation.libvirtd = {
enable = true;
qemu.swtpm.enable = true; # for TPM 2.0 support
qemu = {
swtpm.enable = true; # for TPM 2.0 support
ovmf.packages = [ pkgs.OVMFFull.fd ];
};
onBoot = "ignore"; # only start autostart vms, not just ones that were running
onShutdown = "shutdown"; # always shut down the vm's cleanly
@ -148,22 +150,25 @@ in {
# note that the VM needs 64 MB for the shmem in side the
# xml for the full res of the FW laptop
# systemd.tmpfiles.rules = [
# "f /dev/shm/scream 0660 evar qemu-libvirtd -"
# "f /dev/shm/looking-glass 0660 evar qemu-libvirtd -"
# ];
systemd.tmpfiles.rules = [
"f /dev/shm/scream 0660 evar qemu-libvirtd -"
];
# service for hooking up scream for audio
# systemd.user.services.scream-ivshmem = {
# enable = true;
# description = "Scream IVSHMEM";
# serviceConfig = {
# ExecStart = "${pkgs.scream}/bin/scream-ivshmem-pulse /dev/shm/scream";
# Restart = "always";
# };
# wantedBy = [ "multi-user.target" ];
# requires = [ "pulseaudio.service" ];
# };
systemd.user.services.scream-ivshmem = {
enable = true;
description = "Scream";
serviceConfig = {
ExecStart = "${pkgs.scream}/bin/scream -v -n scream -o pulse -m /dev/shm/scream";
Restart = "always";
};
wantedBy = [ "multi-user.target" ];
requires = [
"pipewire-pulse.service"
"pipewire.service"
"sound.target"
];
};
boot = {
initrd.kernelModules = [
@ -194,6 +199,9 @@ in {
# Samba share. Primarily intended to be used via the
# bridged network adapter for speed
#
# TODO: https://www.samba.org/samba/docs/current/man-html/vfs_btrfs.8.html
# to take advantage of btrfs stuff
services.samba = {
enable = true;
openFirewall = true;
@ -204,6 +212,8 @@ in {
"netbios name" = "Atreus";
"security" = "user";
"username map" = "${./smb-usernames.map}";
# don't show shares to people who aren't valid to see them
"access based share enum" = "yes";
@ -215,21 +225,48 @@ in {
"interfaces" = "virbr0";
# note: localhost is the ipv6 localhost ::1
"hosts allow" = "192.168.122.";
"hosts allow" = "192.168.122. 100.64.0.0/10";
# "hosts deny" = "0.0.0.0/0";
"guest account" = "nobody";
"map to guest" = "bad user";
# Stuff for MacOS
# see https://wiki.samba.org/index.php/Configure_Samba_to_Work_Better_with_Mac_OS_X
# for additional settings - see manpage for vfs_fruit
"vfs objects" = "fruit streams_xattr"; # load in modules, enable APPL extensions - order is critical
"fruit:metadata" = "stream"; # stores osx medatadata
"fruit:model" = "MacSamba"; # server icon in finder
"fruit:veto_appledouble" = "no"; # following stuff generally cleans up files
"fruit:zero_file_id" = "yes";
"fruit:wipe_intentionally_left_blank_rfork" = "yes";
"fruit:delete_empty_adfiles" = "yes";
"fruit:posix_rename" = "yes";
"fruit:nfs_aces" = "no"; # prevents macOS clients from motifying the UNIX mode of directories that use NFS ACEs
};
"TimeMachineBackup" = {
"fruit:time machine" = "yes";
# "fruit:time machine max size" = "SIZE";
};
"Virtio Shared" = {
# macos spotlight indexing backend
# see smb.conf for other elasticsearch params
"spotlight backend" = "elasticsearch";
"path" = "/home/evar/Virtio Shared";
"comment" = "Virtio shared directory";
"valid users" = "evar";
"force user" = "evar";
# POSIX ACE entry maps to Full Control ACL in windows
"acl map full control" = "yes";
# allow users with write access to also change perms
"dos filemode" = "yes";
# files created by a samba client have posix ace
"force create mode" = 0777;
"read only" = "no";

29
win10.xml
View file

@ -183,25 +183,12 @@
<controller type="virtio-serial" index="0">
<address type="pci" domain="0x0000" bus="0x03" slot="0x00" function="0x0"/>
</controller>
<filesystem type="mount" accessmode="passthrough">
<driver type="virtiofs"/>
<binary path="/run/current-system/sw/bin/virtiofsd"/>
<source dir="/home/evar/Virtio Shared/"/>
<target dir="Virtio Shared"/>
<address type="pci" domain="0x0000" bus="0x0c" slot="0x00" function="0x0"/>
</filesystem>
<interface type="network">
<mac address="52:54:00:15:1c:97"/>
<source network="default"/>
<model type="virtio"/>
<address type="pci" domain="0x0000" bus="0x0a" slot="0x00" function="0x0"/>
</interface>
<interface type="bridge">
<mac address="52:54:00:33:7d:5e"/>
<source bridge="winvm0"/>
<model type="virtio"/>
<link state="up"/>
<address type="pci" domain="0x0000" bus="0x0b" slot="0x00" function="0x0"/>
<address type="pci" domain="0x0000" bus="0x0a" slot="0x00" function="0x0"/>
</interface>
<serial type="pty">
<target type="isa-serial" port="0">
@ -255,19 +242,17 @@
</source>
<address type="pci" domain="0x0000" bus="0x06" slot="0x00" function="0x0"/>
</hostdev>
<hostdev mode="subsystem" type="usb" managed="yes">
<source>
<vendor id="0x256c"/>
<product id="0x006b"/>
</source>
<address type="usb" bus="0" port="1"/>
</hostdev>
<watchdog model="itco" action="reset"/>
<memballoon model="none"/>
<shmem name="scream">
<model type="ivshmem-plain"/>
<size unit="M">2</size>
<address type="pci" domain="0x0000" bus="0x00" slot="0x11" function="0x0"/>
</shmem>
</devices>
<qemu:commandline>
<qemu:arg value="-device"/>
<qemu:arg value="{&quot;driver&quot;:&quot;ivshmem-plain&quot;,&quot;id&quot;:&quot;shmem0&quot;,&quot;memdev&quot;:&quot;looking-glass&quot;}"/>
<qemu:arg value="{&quot;driver&quot;:&quot;ivshmem-plain&quot;,&quot;id&quot;:&quot;shmem1&quot;,&quot;memdev&quot;:&quot;looking-glass&quot;}"/>
<qemu:arg value="-object"/>
<qemu:arg value="{&quot;qom-type&quot;:&quot;memory-backend-file&quot;,&quot;id&quot;:&quot;looking-glass&quot;,&quot;mem-path&quot;:&quot;/dev/kvmfr0&quot;,&quot;size&quot;:134217728,&quot;share&quot;:true}"/>
</qemu:commandline>