diff --git a/flake.lock b/flake.lock index 83a3a8a..5236d43 100644 --- a/flake.lock +++ b/flake.lock @@ -127,6 +127,29 @@ "type": "github" } }, + "devshell": { + "inputs": { + "flake-utils": "flake-utils_7", + "nixpkgs": [ + "nix-hash-collection", + "queued-build-hook", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1705332421, + "narHash": "sha256-USpGLPme1IuqG78JNqSaRabilwkCyHmVWY0M9vYyqEA=", + "owner": "numtide", + "repo": "devshell", + "rev": "83cb93d6d063ad290beee669f4badf9914cc16ec", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "devshell", + "type": "github" + } + }, "doom-emacs": { "flake": false, "locked": { @@ -357,6 +380,37 @@ "type": "github" } }, + "flake-compat_5": { + "locked": { + "lastModified": 1696426674, + "narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=", + "owner": "edolstra", + "repo": "flake-compat", + "rev": "0f9255e01c2351cc7d116c072cb317785dd33b33", + "type": "github" + }, + "original": { + "owner": "edolstra", + "repo": "flake-compat", + "type": "github" + } + }, + "flake-compat_6": { + "flake": false, + "locked": { + "lastModified": 1696426674, + "narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=", + "owner": "edolstra", + "repo": "flake-compat", + "rev": "0f9255e01c2351cc7d116c072cb317785dd33b33", + "type": "github" + }, + "original": { + "owner": "edolstra", + "repo": "flake-compat", + "type": "github" + } + }, "flake-parts": { "inputs": { "nixpkgs-lib": [ @@ -504,6 +558,78 @@ "type": "github" } }, + "flake-utils_6": { + "inputs": { + "systems": "systems_5" + }, + "locked": { + "lastModified": 1705309234, + "narHash": "sha256-uNRRNRKmJyCRC/8y1RqBkqWBLM034y4qN7EprSdmgyA=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "1ef2e671c3b0c19053962c07dbda38332dcebf26", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, + "flake-utils_7": { + "inputs": { + "systems": "systems_6" + }, + "locked": { + "lastModified": 1701680307, + "narHash": "sha256-kAuep2h5ajznlPMD9rnQyffWG8EM/C73lejGofXvdM8=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "4022d587cbbfd70fe950c1e2083a02621806a725", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, + "flake-utils_8": { + "inputs": { + "systems": "systems_7" + }, + "locked": { + "lastModified": 1705309234, + "narHash": "sha256-uNRRNRKmJyCRC/8y1RqBkqWBLM034y4qN7EprSdmgyA=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "1ef2e671c3b0c19053962c07dbda38332dcebf26", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, + "flake-utils_9": { + "inputs": { + "systems": "systems_8" + }, + "locked": { + "lastModified": 1701680307, + "narHash": "sha256-kAuep2h5ajznlPMD9rnQyffWG8EM/C73lejGofXvdM8=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "4022d587cbbfd70fe950c1e2083a02621806a725", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, "format-all": { "flake": false, "locked": { @@ -543,6 +669,29 @@ "type": "github" } }, + "gitignore_2": { + "inputs": { + "nixpkgs": [ + "nix-hash-collection", + "queued-build-hook", + "pre-commit-hooks", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1703887061, + "narHash": "sha256-gGPa9qWNc6eCXT/+Z5/zMkyYOuRZqeFZBDbopNZQkuY=", + "owner": "hercules-ci", + "repo": "gitignore.nix", + "rev": "43e1aa1308018f37118e34d3a9cb4f5e75dc11d5", + "type": "github" + }, + "original": { + "owner": "hercules-ci", + "repo": "gitignore.nix", + "type": "github" + } + }, "home-manager": { "inputs": { "nixpkgs": [ @@ -692,6 +841,27 @@ "type": "github" } }, + "nix-hash-collection": { + "inputs": { + "flake-compat": "flake-compat_5", + "flake-utils": "flake-utils_6", + "nixpkgs": "nixpkgs_7", + "queued-build-hook": "queued-build-hook" + }, + "locked": { + "lastModified": 1711057687, + "narHash": "sha256-0bEKlNx3R+LlrjFguhEfsLt3gX/epRB29Z5B/2kYi3M=", + "owner": "JulienMalka", + "repo": "nix-hash-collection", + "rev": "12ccb127dd530dc6d80d03cd99c4279daf013bc4", + "type": "github" + }, + "original": { + "owner": "JulienMalka", + "repo": "nix-hash-collection", + "type": "github" + } + }, "nix-index-database": { "inputs": { "nixpkgs": [ @@ -816,6 +986,53 @@ "type": "github" } }, + "nixpkgs-stable_3": { + "locked": { + "lastModified": 1704874635, + "narHash": "sha256-YWuCrtsty5vVZvu+7BchAxmcYzTMfolSPP5io8+WYCg=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "3dc440faeee9e889fe2d1b4d25ad0f430d449356", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-23.11", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_10": { + "locked": { + "lastModified": 1709309926, + "narHash": "sha256-VZFBtXGVD9LWTecGi6eXrE0hJ/mVB3zGUlHImUs2Qak=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "79baff8812a0d68e24a836df0a364c678089e2c7", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-23.11", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_11": { + "locked": { + "lastModified": 1708161998, + "narHash": "sha256-6KnemmUorCvlcAvGziFosAVkrlWZGIc6UNT9GUYr0jQ=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "84d981bae8b5e783b3b548de505b22880559515f", + "type": "github" + }, + "original": { + "id": "nixpkgs", + "ref": "nixos-23.11", + "type": "indirect" + } + }, "nixpkgs_2": { "locked": { "lastModified": 1696019113, @@ -897,35 +1114,50 @@ }, "nixpkgs_7": { "locked": { - "lastModified": 1709309926, - "narHash": "sha256-VZFBtXGVD9LWTecGi6eXrE0hJ/mVB3zGUlHImUs2Qak=", - "owner": "NixOS", + "lastModified": 1708793639, + "narHash": "sha256-9wfI2UtdXZkBmy0ZET83ZOaea+ioSVB49m9ox46OYUw=", + "owner": "nixos", "repo": "nixpkgs", - "rev": "79baff8812a0d68e24a836df0a364c678089e2c7", + "rev": "8e9536d9642e07a7706d3343ad367406b1a9d7dd", "type": "github" }, "original": { - "owner": "NixOS", - "ref": "nixos-23.11", + "owner": "nixos", "repo": "nixpkgs", "type": "github" } }, "nixpkgs_8": { "locked": { - "lastModified": 1708161998, - "narHash": "sha256-6KnemmUorCvlcAvGziFosAVkrlWZGIc6UNT9GUYr0jQ=", + "lastModified": 1708815994, + "narHash": "sha256-hL7N/ut2Xu0NaDxDMsw2HagAjgDskToGiyZOWriiLYM=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "84d981bae8b5e783b3b548de505b22880559515f", + "rev": "9a9dae8f6319600fa9aebde37f340975cab4b8c0", "type": "github" }, "original": { "id": "nixpkgs", - "ref": "nixos-23.11", + "ref": "nixpkgs-unstable", "type": "indirect" } }, + "nixpkgs_9": { + "locked": { + "lastModified": 1704842529, + "narHash": "sha256-OTeQA+F8d/Evad33JMfuXC89VMetQbsU4qcaePchGr4=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "eabe8d3eface69f5bb16c18f8662a702f50c20d5", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixpkgs-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, "nose": { "flake": false, "locked": { @@ -1037,6 +1269,28 @@ "type": "github" } }, + "pre-commit-hooks": { + "inputs": { + "flake-compat": "flake-compat_6", + "flake-utils": "flake-utils_9", + "gitignore": "gitignore_2", + "nixpkgs": "nixpkgs_9", + "nixpkgs-stable": "nixpkgs-stable_3" + }, + "locked": { + "lastModified": 1708018599, + "narHash": "sha256-M+Ng6+SePmA8g06CmUZWi1AjG2tFBX9WCXElBHEKnyM=", + "owner": "cachix", + "repo": "pre-commit-hooks.nix", + "rev": "5df5a70ad7575f6601d91f0efec95dd9bc619431", + "type": "github" + }, + "original": { + "owner": "cachix", + "repo": "pre-commit-hooks.nix", + "type": "github" + } + }, "pre-commit-hooks-nix": { "inputs": { "flake-compat": [ @@ -1068,6 +1322,29 @@ "type": "github" } }, + "queued-build-hook": { + "inputs": { + "devshell": "devshell", + "flake-utils": "flake-utils_8", + "nixpkgs": "nixpkgs_8", + "pre-commit-hooks": "pre-commit-hooks", + "treefmt-nix": "treefmt-nix_2" + }, + "locked": { + "lastModified": 1708941860, + "narHash": "sha256-U2U3hyXNI33gtkC1EK17AFa1dnAnbQGySCT51JBZXvI=", + "owner": "JulienMalka", + "repo": "queued-build-hook", + "rev": "fce00ce379e69a4fb15bfbcb94bb4d99b7b95632", + "type": "github" + }, + "original": { + "owner": "JulienMalka", + "ref": "postbuildscript", + "repo": "queued-build-hook", + "type": "github" + } + }, "revealjs": { "flake": false, "locked": { @@ -1097,10 +1374,11 @@ "lanzaboote": "lanzaboote", "linkal": "linkal", "nix-doom-emacs": "nix-doom-emacs", + "nix-hash-collection": "nix-hash-collection", "nix-index-database": "nix-index-database", "nix-straight": "nix-straight", "nixd": "nixd", - "nixpkgs": "nixpkgs_7", + "nixpkgs": "nixpkgs_10", "nur": "nur", "simple-nixos-mailserver": "simple-nixos-mailserver", "sops-nix": "sops-nix", @@ -1308,6 +1586,66 @@ "type": "github" } }, + "systems_6": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } + }, + "systems_7": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } + }, + "systems_8": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } + }, + "systems_9": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } + }, "treefmt-nix": { "inputs": { "nixpkgs": [ @@ -1329,6 +1667,28 @@ "type": "github" } }, + "treefmt-nix_2": { + "inputs": { + "nixpkgs": [ + "nix-hash-collection", + "queued-build-hook", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1708897213, + "narHash": "sha256-QECZB+Hgz/2F/8lWvHNk05N6NU/rD9bWzuNn6Cv8oUk=", + "owner": "numtide", + "repo": "treefmt-nix", + "rev": "e497a9ddecff769c2a7cbab51e1ed7a8501e7a3a", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "treefmt-nix", + "type": "github" + } + }, "ts-fold": { "flake": false, "locked": { @@ -1347,16 +1707,16 @@ }, "unstable": { "locked": { - "lastModified": 1709237383, - "narHash": "sha256-cy6ArO4k5qTx+l5o+0mL9f5fa86tYUX3ozE1S+Txlds=", + "lastModified": 1711708974, + "narHash": "sha256-qdBcRm0F3gY6jKSvCJOz+jYXvCOlY2+tuSI5BuBTmzs=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "1536926ef5621b09bba54035ae2bb6d806d72ac8", + "rev": "82a35d388606993109cbac25045443c8ba8dc2d6", "type": "github" }, "original": { "owner": "NixOS", - "ref": "nixos-unstable", + "ref": "nixos-unstable-small", "repo": "nixpkgs", "type": "github" } @@ -1379,7 +1739,7 @@ }, "utils": { "inputs": { - "systems": "systems_5" + "systems": "systems_9" }, "locked": { "lastModified": 1705309234, @@ -1412,7 +1772,7 @@ }, "zotero-nix": { "inputs": { - "nixpkgs": "nixpkgs_8", + "nixpkgs": "nixpkgs_11", "utils": "utils" }, "locked": { diff --git a/flake.nix b/flake.nix index d87d7aa..081d8b4 100644 --- a/flake.nix +++ b/flake.nix @@ -19,7 +19,7 @@ flake = false; }; - unstable.url = "github:NixOS/nixpkgs/nixos-unstable"; + unstable.url = "github:NixOS/nixpkgs/nixos-unstable-small"; unstable-plus-patches.url = "github:JulienMalka/nixpkgs/unstable-plus-patches"; @@ -83,6 +83,8 @@ zotero-nix.url = "github:camillemndn/zotero-nix"; nur.url = "github:nix-community/NUR"; emacs-overlay.url = "github:nix-community/emacs-overlay"; + + nix-hash-collection.url = "github:JulienMalka/nix-hash-collection"; }; outputs = { self, nixpkgs, ... }@inputs: diff --git a/lib/mkmachine.nix b/lib/mkmachine.nix index 8577c69..1f1e8c0 100644 --- a/lib/mkmachine.nix +++ b/lib/mkmachine.nix @@ -35,6 +35,7 @@ nixpkgs.lib.nixosSystem { inputs.nix-index-database.nixosModules.nix-index inputs.buildbot-nix.nixosModules.buildbot-master inputs.buildbot-nix.nixosModules.buildbot-worker + inputs.nix-hash-collection.nixosModules.hash-collection inputs.nur.nixosModules.nur { diff --git a/machines/x2100/default.nix b/machines/x2100/default.nix index b41d97a..7c8edff 100644 --- a/machines/x2100/default.nix +++ b/machines/x2100/default.nix @@ -7,6 +7,7 @@ ./home-julien.nix ../../users/julien.nix ../../users/default.nix + ../../share.nix ]; @@ -27,6 +28,7 @@ wireplumber.enable = true; }; + hardware.pulseaudio.enable = lib.mkForce false; services.postgresql.enable = true; @@ -59,18 +61,12 @@ hardware.opengl.driSupport = true; services.dbus.enable = true; - xdg.portal = { - enable = true; - wlr.enable = true; - extraPortals = lib.mkForce [ pkgs.xdg-desktop-portal-wlr pkgs.xdg-desktop-portal-gtk ]; - - }; programs.dconf.enable = true; security.polkit.enable = true; - services.tlp.enable = true; + services.tlp.enable = false; security.tpm2.enable = true; security.tpm2.pkcs11.enable = true; # expose /run/current-system/sw/lib/libtpm2_pkcs11.so @@ -102,6 +98,28 @@ wl-mirror ]; + + networking.wireguard.interfaces.rezo = { + ips = [ "fd81:fb3a:50cc::200/128" ]; + privateKeyFile = "/root/wg-private"; + peers = [ + { + publicKey = "srQPT9ZjXBKyJ7R1mvXYMZNy+NcnHMy5qE1WGZDfmnc="; + allowedIPs = [ "fd81:fb3a:50cc::/48" ]; + endpoint = "129.199.146.230:25351"; + } + ]; + }; + + + + services.hash-collection = { + enable = true; + retries = 1; + collection-url = "http://localhost:8000"; + tokenFile = "/home/julien/token"; + }; + services.printing.enable = true; services.avahi.enable = true; services.avahi.nssmdns = true; diff --git a/machines/x2100/hardware.nix b/machines/x2100/hardware.nix index deb68b2..df9f94d 100644 --- a/machines/x2100/hardware.nix +++ b/machines/x2100/hardware.nix @@ -13,7 +13,7 @@ boot.initrd.kernelModules = [ ]; boot.kernelModules = [ "kvm-intel" ]; boot.extraModulePackages = [ ]; - boot.kernelPackages = lib.mkForce pkgs.linuxPackages_testing_bcachefs; + boot.kernelPackages = lib.mkForce pkgs.linuxPackages_latest; fileSystems."/" = { diff --git a/machines/x2100/home-julien.nix b/machines/x2100/home-julien.nix index ab30404..dcae891 100644 --- a/machines/x2100/home-julien.nix +++ b/machines/x2100/home-julien.nix @@ -76,7 +76,7 @@ gh gh-dash cvc5 - signal-desktop-beta + signal-desktop scli texlive.combined.scheme-full ]; diff --git a/share.nix b/share.nix new file mode 100644 index 0000000..e79a71c --- /dev/null +++ b/share.nix @@ -0,0 +1,53 @@ +{ config, pkgs, lib, ... }: +let + # bash script to let dbus know about important env variables and + # propagate them to relevent services run at the end of sway config + # see + # https://github.com/emersion/xdg-desktop-portal-wlr/wiki/"It-doesn't-work"-Troubleshooting-Checklist + # note: this is pretty much the same as /etc/sway/config.d/nixos.conf but also restarts + # some user services to make sure they have the correct environment variables + dbus-sway-environment = pkgs.writeTextFile { + name = "dbus-sway-environment"; + destination = "/bin/dbus-sway-environment"; + executable = true; + + text = '' + dbus-update-activation-environment --systemd WAYLAND_DISPLAY XDG_CURRENT_DESKTOP=sway + systemctl --user stop pipewire pipewire-media-session xdg-desktop-portal xdg-desktop-portal-wlr + systemctl --user start pipewire pipewire-media-session xdg-desktop-portal xdg-desktop-portal-wlr + ''; + }; + + # currently, there is some friction between sway and gtk: + # https://github.com/swaywm/sway/wiki/GTK-3-settings-on-Wayland + # the suggested way to set gtk settings is with gsettings + # for gsettings to work, we need to tell it where the schemas are + # using the XDG_DATA_DIR environment variable + # run at the end of sway config + configure-gtk = pkgs.writeTextFile { + name = "configure-gtk"; + destination = "/bin/configure-gtk"; + executable = true; + text = let + schema = pkgs.gsettings-desktop-schemas; + datadir = "${schema}/share/gsettings-schemas/${schema.name}"; + in '' + export XDG_DATA_DIRS=${datadir}:$XDG_DATA_DIRS + gnome_schema=org.gnome.desktop.interface + gsettings set $gnome_schema gtk-theme 'Dracula' + ''; + }; + in +{ + environment.systemPackages = [ dbus-sway-environment configure-gtk ]; + programs.sway.enable = true; + services.pipewire.wireplumber.enable = true; + xdg.portal = { + enable = true; + wlr.enable = true; + extraPortals = [ + pkgs.xdg-desktop-portal-gtk + ]; + }; +} +