diff --git a/config.nix b/config.nix deleted file mode 100644 index 7e0a949..0000000 --- a/config.nix +++ /dev/null @@ -1,4 +0,0 @@ -{ - allowUnfree = true; - allowUnsupportedSystem = true; -} diff --git a/flake.nix b/flake.nix index 1da0cd3..37de60d 100644 --- a/flake.nix +++ b/flake.nix @@ -63,6 +63,7 @@ nixpkgsSettings = { inherit overlays system; config = { + extraOptions = "experimental-features = nix-command flakes"; allowUnfree = true; permittedInsecurePackages = [ "electron-9.4.4" ]; # authy dependency }; @@ -117,7 +118,7 @@ modules = thorBaseModules ++ [ home-manager.nixosModules.home-manager homeManagerSettings - { home-manager.users.bertof = import ./thor.nix; } + { home-manager.users.bertof = import ./home_manager/thor.nix; } ] ++ extraModules; }; @@ -126,7 +127,7 @@ modules = thorBaseModules ++ [ home-manager-unstable.nixosModules.home-manager homeManagerSettings - { home-manager.users.bertof = import ./thor.nix; } + { home-manager.users.bertof = import ./home_manager/thor.nix; } ] ++ extraModules; }; diff --git a/home_manager/modules/pro_audio.nix b/home_manager/modules/pro_audio.nix index 122427e..d19e856 100644 --- a/home_manager/modules/pro_audio.nix +++ b/home_manager/modules/pro_audio.nix @@ -14,14 +14,14 @@ in carla rnnoise ardour - # zrythm + unstable.zrythm mixxx # Plugins # artyFX autotalent boops - # cardinal + unstable.cardinal geonkick helm (lsp-plugins.overrideAttrs (old: { version = "1.2.0"; })) @@ -31,7 +31,8 @@ in # stochas # sunvox # surge - surge-XT + unstable.giada + unstable.surge-XT talentedhack tunefish vocproc diff --git a/home_manager/odin.nix b/home_manager/odin.nix index 7730519..3d0b940 100644 --- a/home_manager/odin.nix +++ b/home_manager/odin.nix @@ -2,7 +2,7 @@ { home = { packages = with pkgs; [ - # # pulseaudio + # pulseaudio easyeffects tex2nix @@ -101,7 +101,7 @@ yq zip zoom-us - zotero + unstable.zotero ]; }; @@ -109,7 +109,7 @@ ./basic_env.nix ./modules/cpp.nix - ./modules/go.nix + # ./modules/go.nix ./modules/java.nix ./modules/javascript.nix ./modules/latex.nix @@ -125,11 +125,10 @@ ./modules/kakoune.nix # ./modules/keepassxc.nix ./modules/kitty.nix - ./modules/latex.nix ./modules/libinput-gestures.nix ./modules/mangohud.nix ./modules/megasync.nix - # ./modules/noti.nix + ./modules/noti.nix ./modules/obs-studio.nix ./modules/office.nix ./modules/onedrive.nix diff --git a/thor.nix b/home_manager/thor.nix similarity index 70% rename from thor.nix rename to home_manager/thor.nix index 3730276..f569da3 100644 --- a/thor.nix +++ b/home_manager/thor.nix @@ -14,7 +14,7 @@ ark authy bitwarden - (blender.override { cudaSupport = true; }) + (unstable.blender.override { cudaSupport = true; }) btop catgirl # IRC cava @@ -111,7 +111,7 @@ yq zip zoom-us - zotero + unstable.zotero retroarchFull # ( @@ -128,86 +128,43 @@ }; imports = [ - ./modules/configurations.nix - ./modules/fonts.nix + ./basic_env.nix + + ./modules/cpp.nix + # ./modules/go.nix + ./modules/java.nix + ./modules/javascript.nix + ./modules/latex.nix + ./modules/python.nix + ./modules/rust.nix ./modules/alacritty.nix - ./modules/bash.nix - ./modules/bat.nix - ./modules/bottom.nix - ./modules/broot.nix # ./modules/bspwm.nix - ./modules/dircolors.nix - ./modules/direnv.nix # ./modules/dunst.nix - ./modules/fzf.nix - ./modules/git.nix - ./modules/go.nix - ./modules/gpg.nix # ./modules/grobi.nix - ./modules/info.nix - ./modules/java.nix + ./modules/gtk_theme.nix ./modules/joystickwake.nix - ./modules/jq.nix ./modules/kakoune.nix # ./modules/keepassxc.nix - ./modules/keychain.nix ./modules/kitty.nix - # ./modules/latex.nix - ./modules/lf.nix - ./modules/lorri.nix - ./modules/man.nix ./modules/mangohud.nix ./modules/megasync.nix - ./modules/nix-index.nix ./modules/noti.nix ./modules/obs-studio.nix ./modules/office.nix ./modules/onedrive.nix # ./modules/picom.nix # ./modules/polybar.nix - ./modules/pycharm.nix - ./modules/gtk_theme.nix - ./modules/rofi.nix + ./modules/pro_audio.nix ./modules/rofimoji.nix + ./modules/rofi.nix # ./modules/screen_locker.nix - ./modules/ssh.nix - ./modules/starship.nix + # ./modules/security.nix # ./modules/sxhkd.nix ./modules/syncthing.nix ./modules/terminator.nix - ./modules/tmux.nix # ./modules/update_background.nix ./modules/webapp.nix # ./modules/xidlehook.nix - ./modules/zoxide.nix - ./modules/zsh.nix - - ./modules/pro_audio.nix - # ./modules/security.nix - - ./modules/shell_aliases.nix ]; - - - services = { - # blueman-applet.enable = true; - # caffeine.enable = true; - # cbatticon.enable = true; - # gnome-keyring.enable = true; - # network-manager-applet.enable = true; - # playerctld.enable = true; - # poweralertd.enable = true; - }; - - # xsession = { - # enable = true; - # numlock.enable = true; - # initExtra = '' - # ## Touchpad - # ${pkgs.xorg.xinput}/bin/xinput set-prop 'DELL0824:00 06CB:7E92 Touchpad' 'libinput Natural Scrolling Enabled' 1 - # ${pkgs.xorg.xinput}/bin/xinput set-prop 'DELL0824:00 06CB:7E92 Touchpad' 'libinput Tapping Enabled' 1 - # ''; - # }; - } diff --git a/nixos/base.nix b/nixos/base.nix deleted file mode 100644 index 0b5ded8..0000000 --- a/nixos/base.nix +++ /dev/null @@ -1,254 +0,0 @@ -{ config, pkgs, lib, ... }: -{ - imports = [ - - - - /etc/nixos/hardware-configuration.nix - # ./laptop.nix - # ./pentablet.nix - ./pro_audio.nix - # ./defcon.nix - # ./mind.nix - # ./k3s.nix - ./big_data.nix - ]; - - # Use the systemd-boot EFI boot loader. - boot.loader.systemd-boot.enable = true; - boot.loader.efi.canTouchEfiVariables = true; - boot.initrd.checkJournalingFS = true; - boot.kernelPackages = pkgs.linuxKernel.packages.linux_5_16; - boot.extraModulePackages = with config.boot.kernelPackages; [ v4l2loopback ]; - - # # Cross-build arm - boot.binfmt.emulatedSystems = [ "armv7l-linux" "aarch64-linux" ]; - - # Use same ACPI identifier as Dell Ubuntu - boot.kernelParams = [ - "acpi_osi=Linux-Dell-Video" - ]; - - networking = { - hostName = "odin"; - networkmanager.enable = true; - - # The global useDHCP flag is deprecated, therefore explicitly set to false here. - # Per-interface useDHCP will be mandatory in the future, so this generated config - # replicates the default behaviour. - useDHCP = false; - interfaces = { enp60s0.useDHCP = true; wlp0s20f3.useDHCP = true; }; - - # Configure network proxy if necessary - # proxy.default = "http://user:password@proxy:port/"; - # proxy.noProxy = "127.0.0.1,localhost,internal.domain"; - - # Open ports in the firewall. - # firewall.allowedTCPPorts = [ ... ]; - # firewall.allowedUDPPorts = [ ... ]; - # Or disable the firewall altogether. - # firewall.enable = false; - hosts = { - "*.engine.sesar.int" = [ "172.20.28.210" ]; - "vcenter.sesar.int" = [ "159.149.147.137" ]; - }; - }; - - # Set your time zone. - time.timeZone = "Europe/Rome"; - - # Select internationalisation properties. - i18n.defaultLocale = "it_IT.UTF-8"; - console = { - font = "Lat2-Terminus16"; - keyMap = "it"; - }; - - - # X11 windowing system. - services.xserver = { - enable = true; - # Enable the GNOME 3 Desktop Environment. - # displayManager.gdm = { - # enable = true; - # wayland = true; - # nvidiaWayland = true; - # }; - desktopManager.gnome.enable = true; - # windowManager.bspwm.enable = true; - - # Configure keymap in X11 - layout = "it"; - extraLayouts = { - eng = { languages = [ "eng" ]; description = "English layout for external keyboard"; }; - }; - xkbOptions = "eurosign:e;"; - libinput.enable = true; - }; - - # Enable CUPS to print documents. - services.printing = { - enable = true; - drivers = with pkgs; [ gutenprint cups-kyocera ]; - }; - - services.fwupd.enable = true; - - # Enable sound. - # PULSE - # sound.enable = true; - # hardware.pulseaudio.enable = true; - - # PIPEWIRE - hardware.pulseaudio.enable = false; - security.rtkit.enable = true; - services.pipewire = { - enable = true; - pulse.enable = true; - jack.enable = true; - alsa = { enable = true; support32Bit = true; }; - # media-session.enable = true; - }; - environment.sessionVariables.LD_LIBRARY_PATH = lib.mkForce "${config.services.pipewire.package.jack}/lib"; # Temporary fix for WebKitGTK - - # # Tablet - # hardware.opentabletdriver = { - # enable = true; - # daemon.enable = true; - # }; - - # Define a user account. Don't forget to set a password with ‘passwd’. - users.users.bertof = { - isNormalUser = true; - extraGroups = [ "audio" "input" "docker" "flashrom" "libvirtd" "network" "usb" "video" "wheel" ]; - shell = pkgs.zsh; - openssh.authorizedKeys.keys = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIN+zsSWZFFzQKnATCAvtG+iuSm4qkZHjCtHzGa9B/71W" ]; - }; - - # List packages installed in system profile. To search, run: - # $ nix search wget - environment.systemPackages = with pkgs; [ tmux firefox kakoune vim ]; - - # Some programs need SUID wrappers, can be configured further or are - # started in user sessions. - # programs.mtr.enable = true; - programs.flashrom.enable = true; - programs.gnupg.agent = { enable = true; enableSSHSupport = true; }; - - programs.steam.enable = true; - programs.dconf.enable = true; - programs.zsh = { enable = true; syntaxHighlighting.enable = true; }; - - # List services that you want to enable: - - # Enable the OpenSSH daemon. - services.openssh = { enable = true; openFirewall = true; permitRootLogin = "no"; passwordAuthentication = false; }; - - # Cooling management - services.thermald.enable = true; - - services.snapper = { - configs = - let - bertofExtraConfig = '' - ALLOW_USERS="bertof" - TIMELINE_CREATE=yes - TIMELINE_CLEANUP=yes - ''; - common = { extraConfig = bertofExtraConfig; }; - in - { - bertof_home = common // { subvolume = "/home/bertof"; }; - bertof_music = common // { subvolume = "/home/bertof/Musica"; }; - bertof_downloads = common // { subvolume = "/home/bertof/Scaricati"; }; - bertof_images = common // { subvolume = "/home/bertof/Immagini"; }; - bertof_videos = common // { subvolume = "/home/bertof/Video"; }; - bertof_documents = common // { subvolume = "/home/bertof/Documenti"; }; - bertof_games_ssd = common // { subvolume = "/home/bertof/Giochi/SSD"; }; - # bertof_games_hdd = common // { subvolume = "/home/bertof/Giochi/HDD"; }; - bertof_git = common // { subvolume = "/home/bertof/Documenti/Git"; }; - }; - }; - - services.dbus.packages = with pkgs; [ dconf ]; - services.gnome.gnome-keyring.enable = true; - hardware.bluetooth.enable = true; - # services.blueman.enable = true; - services.zerotierone = { enable = true; joinNetworks = [ "8056c2e21cf9c753" ]; }; - services.gvfs = { enable = true; package = lib.mkForce pkgs.gnome3.gvfs; }; - # services.tlp.enable = false; - services.avahi = { - enable = true; - openFirewall = true; - nssmdns = true; - publish = { - enable = true; - addresses = true; - domain = true; - userServices = true; - workstation = true; - }; - extraServiceFiles = { - ssh = "${pkgs.avahi}/etc/avahi/services/ssh.service"; - }; - }; - - # SMART - services.smartd = { enable = true; notifications.x11.enable = true; }; - - # FPRINTD - # services.fprintd = { - # enable = true; - # tod = { enable = true; driver = pkgs.libfprint-2-tod1-goodix; }; - # }; - security.pam.services.login.fprintAuth = true; - security.pam.services.xscreensaver.fprintAuth = true; - - # Clamav - services.clamav = { daemon.enable = true; updater.enable = true; }; - - # Power-profiles - services.power-profiles-daemon.enable = true; - - # services.teamviewer.enable = true; - - # Virtualisation - virtualisation = { - docker.enable = true; - kvmgt.enable = true; - libvirtd.enable = true; - podman.enable = true; - virtualbox.host.enable = true; - }; - - # Allow completion for system packages - environment.pathsToLink = [ "/share/zsh" ]; - - security.sudo.extraConfig = '' - Defaults pwfeedback - ''; - security.pam.services.sddm.enableGnomeKeyring = true; - - nixpkgs.config = { - allowUnfree = true; - packageOverrides = pkgs: { - steam = pkgs.steam.override { - extraPkgs = pkgs: with pkgs; [ icu ]; - }; - }; - }; - nix = { - package = pkgs.nixFlakes; - extraOptions = lib.optionalString (config.nix.package == pkgs.nixFlakes) - "experimental-features = nix-command flakes"; - gc.automatic = true; - }; - - # This value determines the NixOS release from which the default - # settings for stateful data, like file locations and database versions - # on your system were taken. It‘s perfectly fine and recommended to leave - # this value at the release version of the first install of this system. - # Before changing this value read the documentation for this option - # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). - system.stateVersion = "21.11"; # Did you read the comment? -} diff --git a/nixos/big_data.nix b/nixos/big_data.nix deleted file mode 100644 index a734dbc..0000000 --- a/nixos/big_data.nix +++ /dev/null @@ -1,276 +0,0 @@ -{ config, lib, pkgs, ... }: -let - setup_scirpt = '' - sudo mkdir -p /hdfs - sudo chown -R hdfs:hadoop /hdfs - - for p in {nn,dn,jn,rm,nm,jhs,HTTP}; do - sudo kadmin.local -q "ank -randkey $p/my.engine"; - sudo kadmin.local -q "xst -k /etc/hadoop.keytab $p/my.engine"; - sudo kadmin.local -q "ktrem -k /etc/hadoop.keytab $p/my.engine old" - done - sudo chown hdfs:hadoop /etc/hadoop.keytab - - - sudo kadmin.local -q "ank -randkey spark/my.engine"; - sudo kadmin.local -q "xst -k /etc/spark.keytab spark/my.engine"; - sudo kadmin.local -q "ktrem -k /etc/spark.keytab spark/my.engine old" - sudo chown spark:spark /etc/spark.keytab - ''; - hadoop_keytab_path = "/etc/hadoop.keytab"; - spark_keytab_path = "/etc/spark.keytab"; - pysparkPackageSelector = p: with p; [ numpy pyspark ]; - pysparkEnv = pkgs.python3.withPackages pysparkPackageSelector; - hadoopConf = import { - inherit pkgs lib; - cfg = config.services.hadoop; - }; - hadoopConfDir = "${hadoopConf}/"; - spark = pkgs.spark.override { - extraPythonPackages = pysparkPackageSelector pkgs.python3.pkgs; - }; - sparkConfDir = pkgs.stdenv.mkDerivation { - name = "spark-conf"; - dontUnpack = true; - installPhase = '' - # source standard environment - . $stdenv/setup - - # shorthands - base_conf=${pkgs.spark}/lib/${pkgs.spark.untarDir}/conf/ - - # create output dirs for new derivation - mkdir -p $out/ - - # link unchanged files from the original gnome-session - for f in $base_conf/*.template ; do - ln -sf $f $out/ - done - - # change selected files - cp $out/log4j.properties{.template,} - - cat > $out/spark-env.sh <<- STOP - export JAVA_HOME="${pkgs.jdk8}" - export SPARK_HOME="${pkgs.spark}/lib/${pkgs.spark.untarDir}" - export SPARK_DIST_CLASSPATH=$(${pkgs.hadoop}/bin/hadoop classpath) - export PYSPARK_PYTHON="${pysparkEnv.outPath}/bin/${pysparkEnv.executable}" - export PYSPARK_DRIVER_PYTHON="${pysparkEnv.outPath}/bin/${pysparkEnv.executable}" - export PYTHONPATH="\$PYTHONPATH:$PYTHONPATH" - export HADOOP_CONF_DIR="${hadoopConfDir}" - export SPARKR_R_SHELL="${pkgs.R}/bin/R" - export PATH="\$PATH:${pkgs.R}/bin" - STOP - - cat > $out/spark-defaults.conf <<- STOP - spark.eventLog.enabled true - spark.eventLog.dir hdfs://localhost:/logs/spark - spark.history.fs.logDirectory hdfs://localhost:/logs/spark - # spark.yarn.keytab ${spark_keytab_path} - # spark.yarn.principal spark/my.engine@MY.ENGINE - spark.history.ui.acls.enable true - spark.history.kerberos.enabled true - spark.history.kerberos.keytab ${spark_keytab_path} - spark.history.kerberos.principal spark/my.engine@MY.ENGINE - spark.yarn.appMasterEnv.PYSPARK_PYTHON ${pysparkEnv.outPath}/bin/${pysparkEnv.executable} - spark.yarn.appMasterEnv.PYTHONPATH ${pysparkEnv.outPath}/lib/${pysparkEnv.executable}/site-packages - spark.executorEnv.PYSPARK_PYTHON ${pysparkEnv.outPath}/bin/${pysparkEnv.executable} - STOP - ''; - }; -in -{ - - networking = { - hosts = { - "127.0.0.1" = [ - "ds.my.engine" - "kdc.my.engine" - "my.engine" - ]; - }; - - }; - - services = { - spark = { - package = spark; - master = { enable = true; restartIfChanged = true; }; - worker = { enable = true; restartIfChanged = true; }; - confDir = sparkConfDir; - }; - - hadoop = { - coreSite = { - "fs.defaultFS" = "hdfs://my.engine:8020"; - - # HDFS IMPERSONATION - "hadoop.proxyuser.hdfs.hosts" = "*"; - "hadoop.proxyuser.hdfs.groups" = "*"; - - # HIVE IMPERSONATION - "hadoop.proxyuser.hive.hosts" = "*"; - "hadoop.proxyuser.hive.groups" = "*"; - - # ENABLE AUTHENTICATION - "hadoop.security.authentication" = "kerberos"; - "hadoop.security.authorization" = "true"; - "hadoop.rpc.protection" = "privacy"; - - "hadoop.security.auth_to_local" = '' - RULE:[2:$1/$2@$0]([ndj]n/.*@MY\.ENGINE)s/.*/hdfs/ - RULE:[2:$1/$2@$0]([rn]m/.*@MY\.ENGINE)s/.*/yarn/ - RULE:[2:$1/$2@$0](jhs/.*@MY\.ENGINE)s/.*/mapred/ - DEFAULT - ''; - }; - hdfsSite = { - # DATA - "dfs.namenode.name.dir" = "/hdfs/dfs/name"; - "dfs.datanode.data.dir" = "/hdfs/dfs/data"; - "dfs.journalnode.edits.dir" = "/hdfs/dfs/edits"; - - # HDFS SECURITY - "dfs.block.access.token.enable" = "true"; - - # NAME NODE SECURITY - "dfs.namenode.keytab.file" = hadoop_keytab_path; - "dfs.namenode.kerberos.principal" = "nn/my.engine@MY.ENGINE"; - "dfs.namenode.kerberos.internal.spnego.principal" = "HTTP/my.engine@MY.ENGINE"; - - # SECONDARY NAME NODE SECURITY - "dfs.secondary.namenode.keytab.file" = hadoop_keytab_path; - "dfs.secondary.namenode.kerberos.principal" = "nn/my.engine@MY.ENGINE"; - "dfs.secondary.namenode.kerberos.internal.spnego.principal" = "HTTP/my.engine@MY.ENGINE"; - - # DATA NODE SECURITY - "dfs.datanode.keytab.file" = hadoop_keytab_path; - "dfs.datanode.kerberos.principal" = "dn/my.engine@MY.ENGINE"; - - # JOURNAL NODE SECURITY - "dfs.journalnode.keytab.file" = hadoop_keytab_path; - "dfs.journalnode.kerberos.principal" = "jn/my.engine@MY.ENGINE"; - - # WEBHDFS SECURITY - "dfs.webhdfs.enabled" = "true"; - - # WEB AUTHENTICATION CONFIG - "dfs.web.authentication.kerberos.principal" = "HTTP/my.engine@MY.ENGINE"; - "dfs.web.authentication.kerberos.keytab" = hadoop_keytab_path; - "ignore.secure.ports.for.testing" = "true"; - "dfs.http.policy" = "HTTP_ONLY"; - "dfs.data.transfer.protection" = "privacy"; - - # ## MULTIHOMED - # "dfs.namenode.rpc-bind-host" = "0.0.0.0"; - # "dfs.namenode.servicerpc-bind-host" = "0.0.0.0"; - # "dfs.namenode.http-bind-host" = "0.0.0.0"; - # "dfs.namenode.https-bind-host" = "0.0.0.0"; - # "dfs.client.use.datanode.hostname" = "true"; # force connection by hostname - # "dfs.datanode.use.datanode.hostname" = "true"; # force connection by hostname - }; - yarnSite = { - "yarn.nodemanager.admin-env" = "PATH=$PATH"; - "yarn.nodemanager.aux-services" = "mapreduce_shuffle"; - "yarn.nodemanager.aux-services.mapreduce_shuffle.class" = "org.apache.hadoop.mapred.ShuffleHandler"; - "yarn.nodemanager.bind-host" = "0.0.0.0"; - "yarn.nodemanager.container-executor.class" = "org.apache.hadoop.yarn.server.nodemanager.LinuxContainerExecutor"; - "yarn.nodemanager.env-whitelist" = "JAVA_HOME,HADOOP_COMMON_HOME,HADOOP_HDFS_HOME,HADOOP_CONF_DIR,CLASSPATH_PREPEND_DISTCACHE,HADOOP_YARN_HOME,HADOOP_HOME,LANG,TZ"; - "yarn.nodemanager.linux-container-executor.group" = "hadoop"; - "yarn.nodemanager.linux-container-executor.path" = "/run/wrappers/yarn-nodemanager/bin/container-executor"; - "yarn.nodemanager.log-dirs" = "/var/log/hadoop/yarn/nodemanager"; - "yarn.resourcemanager.bind-host" = "0.0.0.0"; - "yarn.resourcemanager.scheduler.class" = "org.apache.hadoop.yarn.server.resourcemanager.scheduler.fifo.FifoScheduler"; - - "yarn.resourcemanager.keytab" = hadoop_keytab_path; - "yarn.resourcemanager.principal" = "rm/my.engine@MY.ENGINE"; - "yarn.nodemanager.keytab" = hadoop_keytab_path; - "yarn.nodemanager.principal" = "nm/my.engine@MY.ENGINE"; - - # "yarn.nodemanager.container-executor.class" = "org.apache.hadoop.yarn.server.nodemanager.LinuxContainerExecutor"; - - "yarn.scheduler.capacity.root.queues" = "default"; - "yarn.scheduler.capacity.root.default.capacity" = 100; - # "yarn.scheduler.capacity.root.default.state" = "RUNNING"; - "yarn.scheduler.capacity.root.acl_submit_applications" = "hadoop,yarn,mapred,hdfs"; - }; - extraConfDirs = [ ]; - - hdfs = { - namenode = { enable = true; formatOnInit = true; restartIfChanged = true; }; - datanode = { enable = true; restartIfChanged = true; }; - journalnode = { enable = true; restartIfChanged = true; }; - zkfc = { enable = false; restartIfChanged = true; }; # ZOOKEEPER DISABLED, not using High Availability setup - httpfs = { enable = true; restartIfChanged = true; }; - }; - yarn = { - resourcemanager = { enable = true; restartIfChanged = true; }; - nodemanager = { enable = true; restartIfChanged = true; }; - }; - }; - - kerberos_server = { - enable = true; - realms."MY.ENGINE".acl = [ - { principal = "*/admin"; access = "all"; } - { principal = "*/my.engine"; access = "all"; } - ]; - }; - }; - - krb5 = { - enable = true; - realms = { - "MY.ENGINE" = { - admin_server = "kdc.my.engine"; - kdc = "kdc.my.engine"; - # default_domain = "my.engine"; - # kpasswd_server = "odin"; - }; - }; - domain_realm = { - # ".my.engine" = "MY.ENGINE"; - "my.engine" = "MY.ENGINE"; - }; - libdefaults = { - default_realm = "MY.ENGINE"; - dns_lookup_realm = true; - dns_lookup_kdc = true; - ticket_lifetime = "24h"; - renew_lifetime = "7d"; - forwardable = true; - }; - extraConfig = '' - [logging] - default = FILE:/var/log/krb5libs.log - kdc = FILE:/var/log/krb5kdc.log - admin_server = FILE:/var/log/kadmind.log - ''; - }; - - users.users.bertof.extraGroups = [ "hadoop" ]; - - systemd.services.spark-history = { - path = with pkgs; [ procps openssh nettools ]; - description = "spark history service."; - after = [ "network.target" ]; - wantedBy = [ "multi-user.target" ]; - restartIfChanged = true; - environment = { - SPARK_CONF_DIR = sparkConfDir; - SPARK_LOG_DIR = "/var/log/spark"; - }; - serviceConfig = { - Type = "forking"; - User = "spark"; - Group = "spark"; - WorkingDirectory = "${pkgs.spark}/lib/${pkgs.spark.untarDir}"; - ExecStart = "${pkgs.spark}/lib/${pkgs.spark.untarDir}/sbin/start-history-server.sh"; - ExecStop = "${pkgs.spark}/lib/${pkgs.spark.untarDir}/sbin/stop-history-server.sh"; - TimeoutSec = 300; - StartLimitBurst = 10; - Restart = "always"; - }; - }; - -} diff --git a/nixos/laptop.nix b/nixos/laptop.nix deleted file mode 100644 index 98b5971..0000000 --- a/nixos/laptop.nix +++ /dev/null @@ -1,27 +0,0 @@ -{ config, lib, ... }: -{ - # SSD swappines - boot.kernel.sysctl = { - "vm.swappiness" = lib.mkDefault 1; - }; - - # Atheros WiFi module - boot.blacklistedKernelModules = lib.optionals (!config.hardware.enableRedistributableFirmware) [ - "ath3k" - ]; - - # ACPI support - boot = { - kernelModules = [ "acpi_call" ]; - extraModulePackages = with config.boot.kernelPackages; [ acpi_call ]; - }; - - # Touchpad support - services.xserver.libinput.enable = lib.mkDefault true; - - # SSD trim service - services.fstrim.enable = lib.mkDefault true; - - # Hard disk protection if the laptop falls: - services.hdapsd.enable = lib.mkDefault true; -} diff --git a/nixos/odin-intel.nix b/nixos/odin-intel.nix deleted file mode 100644 index 893c506..0000000 --- a/nixos/odin-intel.nix +++ /dev/null @@ -1,37 +0,0 @@ -# Edit this configuration file to define what should be installed on -# your system. Help is available in the configuration.nix(5) man page -# and in the NixOS manual (accessible by running ‘nixos-help’). - -{ config, pkgs, ... }: - -{ - imports = [ - ./base.nix - ]; - - boot.initrd.kernelModules = [ "i915" ]; - - hardware.cpu.intel.updateMicrocode = config.hardware.enableRedistributableFirmware; - - hardware.opengl.enable = true; - hardware.opengl.extraPackages = with pkgs; [ - intel-media-driver - vaapiIntel - vaapiVdpau - libvdpau-va-gl - ]; - - services.xserver = { - displayManager.gdm = { - enable = true; - wayland = true; - }; - }; - - # This runs only Intel and nvidia does not drain power. - ##### disable nvidia for a very nice battery life. - hardware.nvidiaOptimus.disable = true; - boot.blacklistedKernelModules = [ "nouveau" "nvidia" ]; - services.xserver.videoDrivers = [ "intel" ]; - hardware.opengl.driSupport32Bit = true; -} diff --git a/nixos/odin-nvidia.nix b/nixos/odin-nvidia.nix deleted file mode 100644 index c21ef24..0000000 --- a/nixos/odin-nvidia.nix +++ /dev/null @@ -1,36 +0,0 @@ -# Edit this configuration file to define what should be installed on -# your system. Help is available in the configuration.nix(5) man page -# and in the NixOS manual (accessible by running ‘nixos-help’). - -{ config, pkgs, ... }: - -{ - imports = - [ - - - ./base.nix - ]; - - boot.initrd.kernelModules = [ "i915" ]; - - hardware.cpu.intel.updateMicrocode = config.hardware.enableRedistributableFirmware; - - services.xserver = { - videoDrivers = [ "nvidia" ]; - displayManager.sddm = { - enable = true; - autoNumlock = true; - }; - }; - - hardware.nvidia.prime = { - offload.enable = false; - sync.enable = true; - intelBusId = "PCI:0:2:0"; - nvidiaBusId = "PCI:1:0:0"; - }; - # hardware.nvidia.modesetting.enable = true; - # hardware.nvidia.package = pkgs.linuxPackages.nvidia_x11; - hardware.opengl.driSupport32Bit = true; -} diff --git a/nixos/pro_audio.nix b/nixos/pro_audio.nix deleted file mode 100644 index fd2f706..0000000 --- a/nixos/pro_audio.nix +++ /dev/null @@ -1,61 +0,0 @@ -{ pkgs, lib, ... }: { - boot = { - # kernelModules = [ "snd-seq" "snd-rawmidi" ]; - # kernel.sysctl = { "vm.swappiness" = 10; "fs.inotify.max_user_watches" = 524288; }; - # kernelParams = [ "threadirq" ]; - - # kernelPatches = lib.singleton { - # name = "pro_audio"; - # patch = null; - # extraConfig = '' - # PREEMPT_RT y - # PREEMPT y - # IOSCHED_DEADLINE y - # DEFAULT_DEADLINE y - # DEFAULT_IOSCHED "deadline" - # HPET_TIMER y - # CPU_FREQ n - # TREE_RCU_TRACE n - # ''; - # }; - - # postBootCommands = '' - # echo 2048 > /sys/class/rtc/rtc0/max_user_freq - # echo 2048 > /proc/sys/dev/hpet/max-user-freq - # # setpci -v -d *:* latency_timer=b0 - # # setpci -v -s $00:1b.0 latency_timer=ff - # ''; - # The SOUND_CARD_PCI_ID can be obtained like so: - # $ lspci ¦ grep -i audio - }; - - # powerManagement.cpuFreqGovernor = "performance"; - - # fileSystems."/" = { options = "noatime errors=remount-ro"; }; - - security.pam.loginLimits = [ - { domain = "@audio"; item = "memlock"; type = "-"; value = "unlimited"; } - { domain = "@audio"; item = "rtprio"; type = "-"; value = "99"; } - { domain = "@audio"; item = "nofile"; type = "soft"; value = "99999"; } - { domain = "@audio"; item = "nofile"; type = "hard"; value = "99999"; } - ]; - - # services = { - # udev = { - # packages = [ pkgs.ffado ]; # If you have a FireWire audio interface - # extraRules = '' - # KERNEL=="rtc0", GROUP="audio" - # KERNEL=="hpet", GROUP="audio" - # ''; - # }; - # cron.enable = false; - # }; - - environment.shellInit = '' - export VST_PATH=/nix/var/nix/profiles/default/lib/vst:/var/run/current-system/sw/lib/vst:~/.vst - export LXVST_PATH=/nix/var/nix/profiles/default/lib/lxvst:/var/run/current-system/sw/lib/lxvst:~/.lxvst - export LADSPA_PATH=/nix/var/nix/profiles/default/lib/ladspa:/var/run/current-system/sw/lib/ladspa:~/.ladspa - export LV2_PATH=/nix/var/nix/profiles/default/lib/lv2:/var/run/current-system/sw/lib/lv2:~/.lv2 - export DSSI_PATH=/nix/var/nix/profiles/default/lib/dssi:/var/run/current-system/sw/lib/dssi:~/.dssi - ''; -} diff --git a/nixos/thor.nix b/nixos/thor.nix deleted file mode 100644 index e681db1..0000000 --- a/nixos/thor.nix +++ /dev/null @@ -1,223 +0,0 @@ -# Edit this configuration file to define what should be installed on -# your system. Help is available in the configuration.nix(5) man page -# and in the NixOS manual (accessible by running ‘nixos-help’). - -{ config, pkgs, lib, ... }: - -{ - imports = [ - - - /etc/nixos/hardware-configuration.nix - ./pro_audio.nix - ./big_data.nix - ]; - - boot = { - binfmt.emulatedSystems = [ "armv7l-linux" "aarch64-linux" ]; - extraModulePackages = with config.boot.kernelPackages; [ v4l2loopback ]; - loader = { - systemd-boot.enable = true; - efi.canTouchEfiVariables = true; - }; - initrd = { - checkJournalingFS = true; - luks.devices = { - root = { - device = "/dev/nvme0n1p2"; - preLVM = true; - allowDiscards = true; - }; - }; - }; - }; - - console = { - font = "Lat2-Terminus16"; - keyMap = "us"; - }; - - environment = { - pathsToLink = [ "/share/zsh" ]; - systemPackages = with pkgs; [ - kakoune - tmux - vim - ]; - }; - - hardware = { - bluetooth.enable = true; - enableRedistributableFirmware = true; - pulseaudio.enable = false; - # nvidia.modesetting.enable = true; - }; - - i18n.defaultLocale = "it_IT.UTF-8"; - - programs = { - dconf.enable = true; - flashrom.enable = true; - gnupg.agent = { - enable = true; - enableSSHSupport = true; - }; - steam = { - enable = true; - }; - zsh = { - enable = true; - syntaxHighlighting.enable = true; - }; - }; - - networking = { - hostName = "thor"; # Define your hostname. - interfaces = { - eno1.useDHCP = true; - wlp5s0.useDHCP = true; - }; - networkmanager.enable = true; - useDHCP = false; - hosts = { - "*.engine.sesar.int" = [ "172.20.28.210" ]; - "vcenter.sesar.int" = [ "172.20.28.20" ]; - }; - }; - - time.timeZone = "Europe/Rome"; - - services = { - avahi = { - enable = true; - openFirewall = true; - nssmdns = true; - publish = { - enable = true; - addresses = true; - domain = true; - userServices = true; - workstation = true; - }; - extraServiceFiles = { - ssh = "${pkgs.avahi}/etc/avahi/services/ssh.service"; - }; - }; - clamav = { daemon.enable = true; updater.enable = true; }; - dbus.packages = with pkgs; [ pkgs.dconf ]; - gnome.gnome-keyring.enable = true; - gvfs = { enable = true; package = pkgs.gnome3.gvfs; }; - fwupd.enable = true; - openssh = { enable = true; openFirewall = true; permitRootLogin = "no"; passwordAuthentication = false; forwardX11 = true; }; - pipewire = { - enable = true; - pulse.enable = true; - jack.enable = true; - alsa = { - enable = true; - support32Bit = true; - }; - media-session.enable = true; - }; - power-profiles-daemon.enable = true; - smartd = { enable = true; notifications.x11.enable = true; }; - snapper = { - configs = - let - common = { - extraConfig = '' - ALLOW_USERS="bertof" - TIMELINE_CREATE=yes - TIMELINE_CLEANUP=yes - ''; - }; - in - { - bertof_home = common // { subvolume = "/home/bertof"; }; - }; - }; - thermald.enable = true; - xserver = { - enable = true; - desktopManager = { - # gnome.enable = true; - # cinnamon.enable = true; - plasma5 = { - enable = true; - runUsingSystemd = true; - useQtScaling = true; - }; - }; - # displayManager.gdm = { enable = true; nvidiaWayland = true; }; - displayManager.sddm.enable = true; - layout = "us"; - videoDrivers = [ "nvidia" ]; - xkbOptions = "eurosign:e"; - }; - # gnome.gnome-remote-desktop.enable = true; - zerotierone = { enable = true; joinNetworks = [ "8056c2e21cf9c753" ]; }; - - ethminer = { - enable = false; - wallet = "0x73b788882e1C182123333f42FFf275B7dd7f51bb"; - toolkit = "opencl"; - rig = "thor"; - pool = "eth-eu1.nanopool.org"; - stratumPort = 9999; - - registerMail = ""; - }; - - - # teamviewer.enable = true; - }; - - services.teamviewer.enable = true; - - security = { - pam.services."kde" = { - enableKwallet = true; - }; - rtkit.enable = true; - sudo.extraConfig = '' - Defaults pwfeedback - ''; - }; - - sound.enable = false; - - users.users.bertof = { - isNormalUser = true; - extraGroups = [ "audio" "input" "docker" "flashrom" "libvirtd" "network" "networkmanager" "usb" "video" "wheel" ]; - openssh.authorizedKeys.keys = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIN+zsSWZFFzQKnATCAvtG+iuSm4qkZHjCtHzGa9B/71W" ]; - shell = pkgs.zsh; - useDefaultShell = false; - }; - - virtualisation = { - docker.enable = true; - kvmgt.enable = true; - libvirtd.enable = true; - podman.enable = true; - virtualbox.host.enable = true; - }; - - nixpkgs.config = { - allowUnfree = true; - packageOverrides = pkgs: { - steam = pkgs.steam.override { - extraPkgs = pkgs: with pkgs; [ ]; - extraLibraries = pkgs: with pkgs; [ fontconfig.lib icu freetype ]; - }; - }; - # cudaSupport = true; - }; - nix = { - package = pkgs.nixFlakes; - extraOptions = lib.optionalString (config.nix.package == pkgs.nixFlakes) - "experimental-features = nix-command flakes"; - gc.automatic = true; - }; - - system.stateVersion = "21.05"; # Did you read the comment? -} diff --git a/nixos/defcon.nix b/nixos_modules/defcon.nix similarity index 100% rename from nixos/defcon.nix rename to nixos_modules/defcon.nix diff --git a/nixos/k3s.nix b/nixos_modules/k3s.nix similarity index 100% rename from nixos/k3s.nix rename to nixos_modules/k3s.nix diff --git a/nixos/mind.nix b/nixos_modules/mind.nix similarity index 100% rename from nixos/mind.nix rename to nixos_modules/mind.nix diff --git a/nixos/pentablet.nix b/nixos_modules/pentablet.nix similarity index 100% rename from nixos/pentablet.nix rename to nixos_modules/pentablet.nix diff --git a/odin.nix b/odin.nix deleted file mode 100644 index 1b00a47..0000000 --- a/odin.nix +++ /dev/null @@ -1,199 +0,0 @@ -{ pkgs, lib, ... }: -{ - home = { - language.base = "it_IT.UTF-8"; - keyboard = { - layout = "it"; - options = [ "terminate:ctrl_alt_bksp" "compose:rctrl" ]; - }; - packages = with pkgs; [ - # pulseaudio - easyeffects - tex2nix - - kubectl - docker-compose - docker-machine - - arandr - ark - authy - bitwarden - btop - catgirl # IRC - cava - discord - droidcam - # element-desktop # matrix client - # evolution - file - filelight - # firefox - gallery-dl - # gnome.dconf-editor - # gnome.eog - # gnome.evince - # gnomeExtensions.appindicator - # gnomeExtensions.caffeine - # gnomeExtensions.dash-to-dock - # # gnomeExtensions.dynamic-panel-transparency - # gnomeExtensions.gtile - # gnomeExtensions.just-perfection - # gnomeExtensions.vitals - # gnome.file-roller - # gnome.gnome-screenshot - gnome.gnome-sound-recorder - gnome.gnome-sudoku - # gnome.gnome-system-monitor - # gnome.gnome-tweaks - # gnome.nautilus - # gnome.quadrapassel - # gnome.seahorse - # gnome.sushi - google-chrome - gucharmap - htop - httpie - # hyperspace-cli - inkscape - jetbrains.datagrip - kmail - kompare - kontact - korganizer - krita - ksystemlog - kubectl - lutris - kcolorchooser - kompare - korganizer - # keepassxc - kgpg - # kid3 # tag mp3 - krita - ksystemlog - lutris - meld - mmv-go - mpv - neofetch - nixos-option - nix-prefetch-scripts - nix-tree - obsidian - okular - openvpn - p7zip - pavucontrol - pcmanfm - pentablet-driver - procps - ripgrep - skypeforlinux - spotify - tdesktop - teams - tracker - transmission-gtk - unrar - unzip - virt-manager - wget - # wineFull - wireguard-tools - xclip - xournalpp - yq - zip - zoom-us - zotero - - ]; - }; - - imports = [ - ./modules/configurations.nix - ./modules/fonts.nix - - ./modules/alacritty.nix - ./modules/bash.nix - ./modules/bat.nix - ./modules/bottom.nix - ./modules/broot.nix - # ./modules/bspwm.nix - ./modules/dircolors.nix - ./modules/direnv.nix - # ./modules/dunst.nix - ./modules/fzf.nix - ./modules/git.nix - ./modules/go.nix - ./modules/gpg.nix - # ./modules/grobi.nix - ./modules/info.nix - ./modules/java.nix - ./modules/joystickwake.nix - ./modules/jq.nix - ./modules/kakoune.nix - # ./modules/keepassxc.nix - ./modules/keychain.nix - ./modules/kitty.nix - ./modules/latex.nix - ./modules/lf.nix - ./modules/libinput-gestures.nix - # ./modules/lorri.nix - ./modules/man.nix - ./modules/mangohud.nix - ./modules/megasync.nix - ./modules/nix-index.nix - # ./modules/noti.nix - ./modules/obs-studio.nix - ./modules/office.nix - ./modules/onedrive.nix - # ./modules/picom.nix - # ./modules/polybar.nix - ./modules/pycharm.nix - ./modules/gtk_theme.nix - ./modules/rofi.nix - ./modules/rofimoji.nix - # ./modules/screen_locker.nix - ./modules/ssh.nix - ./modules/starship.nix - # ./modules/sxhkd.nix - ./modules/syncthing.nix - ./modules/terminator.nix - ./modules/tmux.nix - # ./modules/update_background.nix - ./modules/webapp.nix - # ./modules/xidlehook.nix - ./modules/zoxide.nix - ./modules/zsh.nix - - ./modules/pro_audio.nix - # ./modules/security.nix - - ./modules/shell_aliases.nix - ]; - - - services = { - # blueman-applet.enable = true; - # caffeine.enable = true; - # cbatticon.enable = true; - # gnome-keyring.enable = true; - # network-manager-applet.enable = true; - # playerctld.enable = true; - # poweralertd.enable = true; - }; - - # xsession = { - # enable = true; - # numlock.enable = true; - # initExtra = '' - # ## Touchpad - # ${pkgs.xorg.xinput}/bin/xinput set-prop 'DELL0824:00 06CB:7E92 Touchpad' 'libinput Natural Scrolling Enabled' 1 - # ${pkgs.xorg.xinput}/bin/xinput set-prop 'DELL0824:00 06CB:7E92 Touchpad' 'libinput Tapping Enabled' 1 - # ''; - # }; - -} diff --git a/overlays.nix b/overlays.nix deleted file mode 100644 index 7b0b5db..0000000 --- a/overlays.nix +++ /dev/null @@ -1,4 +0,0 @@ -[ - (import (builtins.fetchTarball "https://github.com/oxalica/rust-overlay/archive/master.tar.gz")) - -] diff --git a/thor/configuration.nix b/thor/configuration.nix index a7b001b..f849ec8 100644 --- a/thor/configuration.nix +++ b/thor/configuration.nix @@ -4,7 +4,7 @@ boot = { binfmt.emulatedSystems = [ "armv7l-linux" "aarch64-linux" ]; - kernelPackages = pkgs.linuxPackages_latest; + kernelPackages = pkgs.linuxPackages_5_17; extraModulePackages = with config.boot.kernelPackages; [ v4l2loopback ]; loader = { systemd-boot.enable = true;