citadel

My dotfiles, scripts and nix configs
git clone git://jb55.com/citadel
Log | Files | Refs | README | LICENSE

default.nix (6605B)

      1 extra:
      2 { config, lib, pkgs, ... }:
      3 {
      4   imports = [
      5     ./hardware-configuration.nix
      6     (import ../../misc/msmtp extra)
      7     (import ./networking extra)
      8     (import ../../misc/imap-notifier extra)
      9     (import ./timers extra)
     10   ];
     11 
     12   environment.systemPackages = with pkgs; [ acpi xorg.xbacklight sshuttle ];
     13 
     14   virtualisation.docker.enable = false;
     15   virtualisation.virtualbox.host.enable = false;
     16   users.extraGroups.vboxusers.members = [ "jb55" ];
     17 
     18   documentation.nixos.enable = false;
     19 
     20   programs.adb.enable = true;
     21 
     22   boot.kernelPackages = pkgs.linuxPackages_latest;
     23 
     24   boot.extraModprobeConfig = ''
     25     options thinkpad_acpi enabled=0
     26   '';
     27 
     28   services.teamviewer.enable = false;
     29 
     30   services.synergy.server.enable = true;
     31   services.synergy.server.tls.enable = false;
     32   services.synergy.server.screenName = "quiver";
     33   services.synergy.server.autoStart = true;
     34   services.synergy.server.configFile = pkgs.writeText "barrier-cfg" ''
     35     section: screens
     36       monad:
     37       quiver:
     38       mac:
     39     end
     40     section: aliases
     41         monad:
     42           10.100.0.1
     43         quiver:
     44           10.100.0.2
     45         mac:
     46           10.100.0.4
     47     end
     48     section: links
     49       monad:
     50           left = quiver
     51       quiver:
     52           right = monad
     53           left = mac
     54       mac:
     55           right = quiver
     56     end
     57     section: options
     58       keystroke(alt+control+h) = switchInDirection(left)
     59       keystroke(alt+control+l) = switchInDirection(right)
     60     end
     61   '';
     62 
     63 
     64   # telepathy is a garbage fire
     65   services.telepathy.enable = false;
     66   services.zerotierone.enable = false;
     67   services.mongodb.enable = false;
     68   services.redis.enable = false;
     69   services.keybase.enable = false;
     70   services.mysql.enable = false;
     71   services.mysql.package = pkgs.mariadb;
     72 
     73   services.xserver.screenSection = ''
     74     Option "metamodes" "1920x1080 +0+0"
     75     Option "dpi" "96 x 96"
     76   '';
     77 
     78   services.xinetd.enable = true;
     79   services.xinetd.services = [
     80     { name = "gopher";
     81       port = 70;
     82       server = "/var/gopher/in.gophernicus";
     83       serverArgs = "-nf -r /var/gopher";
     84       extraConfig = ''
     85         disable = no
     86       '';
     87     }
     88   ];
     89 
     90   services.xserver.libinput.enable = true;
     91   services.xserver.config = ''
     92     Section "InputClass"
     93       Identifier     "Enable libinput for TrackPoint"
     94       MatchProduct   "TPPS/2 Elan TrackPoint"
     95       Driver         "libinput"
     96       Option         "AccelSpeed" "1"
     97       Option         "AccelProfile" "flat"
     98     EndSection
     99 
    100     Section "InputClass"
    101       Identifier       "Disable TouchPad"
    102       MatchIsTouchpad  "on"
    103       Driver           "libinput"
    104       Option           "Ignore" "true"
    105     EndSection
    106   '';
    107 
    108 
    109   services.plex = {
    110     enable = false;
    111     openFirewall = true;
    112   };
    113 
    114   services.nginx.enable = true;
    115   services.nginx.group = "www-data";
    116 
    117   services.nginx.httpConfig = ''
    118     server {
    119       listen 80;
    120 
    121       root /var/www/share;
    122 
    123       location / {
    124         autoindex on;
    125       }
    126     }
    127   '';
    128 
    129   systemd.user.services.clightning-rpc-tunnel = {
    130     description = "clightning mainnet rpc tunnel";
    131     wantedBy = [ "default.target" ];
    132     after    = [ "default.target" ];
    133 
    134     serviceConfig.ExecStart = extra.util.writeBash "lightning-tunnel" ''
    135       socket=/home/jb55/.lightning-bitcoin-rpc
    136       rm -f $socket
    137       ${pkgs.socat}/bin/socat -d -d UNIX-LISTEN:$socket,reuseaddr,fork TCP:10.100.0.1:7878
    138     '';
    139   };
    140 
    141   systemd.user.services.clightning-testnet-rpc-tunnel = {
    142     description = "clightning testnet rpc tunnel";
    143     wantedBy = [ "default.target" ];
    144     after    = [ "default.target" ];
    145 
    146     serviceConfig.ExecStart = extra.util.writeBash "lightning-testnet-tunnel" ''
    147       socket=/home/jb55/.lightning-testnet-rpc
    148       rm -f $socket
    149       ${pkgs.socat}/bin/socat -d -d UNIX-LISTEN:$socket,reuseaddr,fork TCP:10.100.0.1:7879
    150     '';
    151   };
    152 
    153   systemd.services.blink-led-battery-low = {
    154     description = "blink power led when battery is low";
    155     wantedBy = [ "default.target" ];
    156     after    = [ "default.target" ];
    157 
    158     path = with pkgs; [ gnused acpi libnotify ];
    159 
    160     environment = {
    161       DISPLAY=":0";
    162       DBUS_SESSION_BUS_ADDRESS="unix:path=/run/user/1000/bus";
    163     };
    164 
    165     serviceConfig.ExecStart = extra.util.writeBash "battery-power" ''
    166       LED=/sys/class/leds/tpacpi::power
    167       LED2=/sys/class/leds/tpacpi::kbd_backlight
    168 
    169       # led will start blinking below this battery %
    170       limit=10
    171 
    172       state=""
    173 
    174       while true
    175       do
    176           percent=$(acpi -b | sed -E -n 's/.* ([0-9]+)%.*/\1/p')
    177 
    178           if ! acpi -b | grep Charging && [ $percent -lt $limit ] && [ "$state" != "heartbeat" ]
    179           then
    180               printf "battery %d%% < %d%%, setting heartbeat trigger\n" "$percent" "$limit" >&2
    181               notify-send "battery low: %$percent"
    182               echo heartbeat > "$LED"/trigger
    183               echo heartbeat > "$LED2"/trigger
    184               state="heartbeat"
    185           elif acpi -b | grep Charging || [ $percent -ge $limit ] && [ "$state" = "heartbeat" ]
    186           then
    187               printf "battery %d%% >= %d%%, resetting led trigger\n" "$percent" "$limit" >&2
    188               echo none > "$LED"/trigger
    189               echo none > "$LED2"/trigger
    190               cat "$LED"/max_brightness > "$LED"/brightness
    191               state=""
    192           fi
    193           sleep 10
    194       done
    195     '';
    196   };
    197 
    198   services.hydra.enable = false;
    199   services.hydra.dbi = "dbi:Pg:dbname=hydra;host=localhost;user=postgres;";
    200   services.hydra.hydraURL = "localhost";
    201   services.hydra.notificationSender = "hydra@quiver";
    202   services.hydra.buildMachinesFiles = [];
    203   services.hydra.useSubstitutes = true;
    204 
    205   users.extraGroups.hydra.members = [ "jb55" ];
    206   users.extraGroups.www-data.members = [ "jb55" ];
    207 
    208   # https://github.com/nmikhailov/Validity90  # driver not done yet
    209   services.fprintd.enable = false;
    210 
    211   #services.pleroma.enable = true;
    212 
    213   services.tor.enable = true;
    214   services.tor.client.enable = true;
    215 
    216   services.tor.controlPort = 9051;
    217   services.tor.client.socksListenAddress = {
    218     addr = "172.24.0.1";
    219     port = 9050;
    220     IsolateDestAddr = false;
    221   };
    222 
    223   services.autorandr.enable = true;
    224   services.acpid.enable = false;
    225   powerManagement.enable = false;
    226 
    227   networking.wireless.enable = true;
    228 
    229   services.postgresql = {
    230     dataDir = "/var/db/postgresql/10/";
    231     enable = false;
    232     package = pkgs.postgresql_10;
    233     # extraPlugins = with pkgs; [ pgmp ];
    234     authentication = pkgs.lib.mkForce ''
    235       # type db  user address            method
    236       local  all all                     trust
    237       host   all all  localhost          trust
    238     '';
    239     # extraConfig = ''
    240     #   listen_addresses = '172.24.172.226,127.0.0.1'
    241     # '';
    242   };
    243 
    244 }