feat: prepare vin host

rafaelsgirao · Jun 13, 2024 · 394d499 · 394d499
1 parent e4b51c3
commit 394d499
Show file tree

Hide file tree

Showing 6 changed files with 352 additions and 8 deletions.
diff --git a/dev.sh b/dev.sh
@@ -0,0 +1,2 @@
+#!/usr/bin/env bash
+nix --extra-experimental-features "nix-command flakes " develop -c fish
diff --git a/disko.sh b/disko.sh
@@ -0,0 +1,6 @@
+#!/usr/bin/env bash
+#sudo nix run --extra-experimental-features "nix-command flakes" 'github:nix-community/disko' -- --mode disko --flake .#vin # --disk main /dev/sdc
+sudo nix run --extra-experimental-features "nix-command flakes" 'github:nix-community/disko' -- --flake .#vin # --disk main /dev/sdc
+#sudo nix run --extra-experimental-features 'github:nix-community/disko#disko-install' -- --flake .#vin --disk main /dev/sdc
+
+# or sudo nix --experimental-features "nix-command flakes" run github:nix-community/disko -- --mode disko /tmp/disk-config.nix
diff --git a/flake.nix b/flake.nix
@@ -266,7 +266,18 @@
                 program = buildAllConfigs;
               };
             };
+          #TODO: would be cooler if the flake exposed something that could be used by 'nix profile install github:<...>'
           devShells.default = pkgs.mkShell {
+            packages = with pkgs; [
+              neovim
+              ripgrep
+              fd
+              curl
+              git
+              fish
+              tmux
+              gitui
+            ];
             shellHook = '' 
             # export DEBUG=1
             ${config.pre-commit.installationScript}

diff --git a/hosts/vin/hardware.nix b/hosts/vin/hardware.nix
@@ -0,0 +1,133 @@
+# Do not modify this file!  It was generated by ‘nixos-generate-config’
+# and may be overwritten by future invocations.  Please make changes
+# to /etc/nixos/configuration.nix instead.
+{ config, lib, modulesPath, ... }:
+
+{
+  imports =
+    [
+      (modulesPath + "/installer/scan/not-detected.nix")
+    ];
+
+  boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "usbhid" "usb_storage" "uas" "sd_mod" "rtsx_pci_sdmmc" ];
+  boot.initrd.kernelModules = [ ];
+  boot.kernelModules = [ "kvm-intel" ];
+  boot.extraModulePackages = [ ];
+
+  # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
+  # (the default) this is the recommended approach. When using systemd-networkd it's
+  # still possible to use this option, but it's recommended to use it in conjunction
+  # with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
+  networking.useDHCP = lib.mkDefault true;
+  # networking.interfaces.enp0s20f0u3u4.useDHCP = lib.mkDefault true;
+  # networking.interfaces.wlp2s0.useDHCP = lib.mkDefault true;
+
+  nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
+  hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
+
+
+  # Storage.
+  disko.devices = {
+    disk.main = {
+      type = "disk";
+      #TODO: changeme: this is the NVME adapter, not the SSD itself
+      device = "/dev/disk/by-id/usb-Realtek_RTL9210B-CG_012345679039-0:0";
+      content.type = "gpt";
+      content.partitions = {
+        ESP = {
+          size = "512M";
+          type = "EF00";
+          priority = 1; # Needs to be first partition
+          content = {
+            type = "filesystem";
+            format = "vfat";
+            mountpoint = "/boot";
+          };
+        };
+        sazedpool = {
+          size = "100%";
+          content = {
+            type = "zfs";
+            pool = "zpool";
+          };
+        };
+      };
+    };
+    nodev."/home/rg/Screenshots" = {
+      fsType = "tmpfs";
+      mountOptions = [
+        "defaults"
+        "size=100M"
+        "mode=700"
+      ];
+    };
+    zpool.zpool = {
+      type = "zpool";
+      # mode = "TODO"; #TODO
+      options = {
+        ashift = "12";
+      };
+      # man zfsprops
+      rootFsOptions = {
+        acltype = "posixacl";
+        atime = "off";
+        canmount = "off";
+        compression = "zstd";
+        dnodesize = "auto";
+        normalization = "formD";
+        xattr = "sa";
+        mountpoint = "none";
+        encryption = "on";
+        keyformat = "passphrase";
+        keylocation = "prompt";
+      };
+      datasets = {
+        "local" = {
+          type = "zfs_fs";
+          options = {
+            sync = "disabled";
+          };
+        };
+        "local/root" = {
+          type = "zfs_fs";
+          mountpoint = "/";
+          postCreateHook = "zfs snapshot zpool/local/root@blank";
+        };
+        "local/docker" = {
+          type = "zfs_fs";
+          mountpoint = "/var/lib/docker";
+          postCreateHook = "zfs snapshot zpool/local/docker@blank";
+        };
+        "local/cache" = {
+          type = "zfs_fs";
+          mountpoint = "/var/cache";
+          postCreateHook = "zfs snapshot zpool/local/cache@blank";
+        };
+        "local/nix" = {
+          type = "zfs_fs";
+          mountpoint = "/nix";
+        };
+        "local/reserved" = {
+          type = "zfs_fs";
+          options = {
+            mountpoint = "none";
+            refreservation = "2G";
+          };
+        };
+        "local/state" = {
+          type = "zfs_fs";
+          mountpoint = "/state";
+        };
+        "safe/persist" = {
+          type = "zfs_fs";
+          mountpoint = "/pst";
+        };
+      };
+    };
+  };
+
+  fileSystems."/pst".neededForBoot = true;
+  fileSystems."/state".neededForBoot = true;
+
+
+}
diff --git a/hosts/vin/machine.nix b/hosts/vin/machine.nix
@@ -0,0 +1,193 @@
+{ config, pkgs, lib, ... }:
+
+{
+
+  boot.binfmt.emulatedSystems = [ "aarch64-linux" "i686-linux" ];
+
+  imports = [
+    ../../modules/systemd-initrd.nix
+    ../../modules/workstation/firefox.nix
+    ../../modules/workstation/default.nix
+    ../../modules/workstation/gnome.nix
+    ../../modules/workstation/flatpak.nix
+
+    ../../modules/hardware/laptop.nix
+    ../../modules/hardware/uefi.nix
+    ../../modules/hardware/zfs.nix
+    ../../modules/impermanence.nix
+    ../../modules/docker.nix
+    ../../modules/dei.nix
+  ];
+
+  programs.gamemode.enable = true;
+
+  services.zfs.expandOnBoot = "all";
+
+  users.users.rg.extraGroups = [ "docker" "gamemode" ];
+
+  rg = {
+    ip = "192.168.10.2";
+    machineId = "cdc47ebb53e645aab6576d786aac1084";
+    machineType = "intel";
+    class = "workstation";
+    #TODO: changeme!
+    pubKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFlOwjvhd+yIUCNLtK4q3nNT3sZNa/CfPcvuxXMU02Fq";
+  };
+
+  environment.persistence."/state" = {
+    # directories = [ ];
+    users.rg = {
+      files = [
+      ];
+      directories = [
+        ".fly"
+        ".vscode"
+        ".config/Code"
+        ".config/chromium"
+        ".config/Sonixd"
+        ".local/share/ykman"
+        ".config/JetBrains"
+        ".local/share/JetBrains"
+        ".m2"
+      ];
+    };
+  };
+
+  # boot.initrd.systemd.enable = true;
+
+  environment.persistence."/pst" = {
+    directories =
+      [
+        "/etc/NetworkManager/system-connections"
+      ];
+    users.rg = {
+      directories = [
+        ".config/dconf"
+        ".config/safeeyes"
+        ".thunderbird"
+        ".local/share/davisr"
+        ".config/davisr"
+        "Documents"
+        "Downloads"
+        ".config/monero-project"
+        # I have a feeling impermanence files don't work that great... using folders for now.
+        ".config/goa-1.0"
+      ];
+      files = [
+        #see above comment
+        # ".local/share/fish/fish_history"
+        # ".local/share/zoxide/db.zo"
+      ];
+    };
+  };
+
+  nix.settings = {
+    max-jobs = 4;
+    cores = 6; # Dell Latitude has 8 vCores, leave two for rest of the system
+  };
+
+  boot.initrd.postDeviceCommands = lib.mkIf (!config.boot.initrd.systemd.enable) (lib.mkAfter ''
+    zfs rollback -r neonrgpool/local/root@blank
+  '');
+
+  # boot.crashDump.enable = true;
+
+  boot.initrd.systemd.emergencyAccess = true;
+  boot.initrd.systemd.services.rollback = {
+    description = "Rollback root filesystem to a pristine state on boot";
+    wantedBy = [
+      # "zfs.target"
+      "initrd.target"
+    ];
+    after = [
+      "zfs-import-zpool.service"
+    ];
+    before = [
+      "sysroot.mount"
+    ];
+    path = with pkgs; [
+      zfs
+    ];
+    unitConfig.DefaultDependencies = "no";
+    serviceConfig.Type = "oneshot";
+    script = ''
+      zfs rollback -r neonrgpool/local/root@blank && echo "  >> >> rollback complete << <<"
+    '';
+  };
+
+  environment.variables = {
+    QEMU_OPTS =
+      "-m 4096 -smp 4 -enable-kvm"; # https://github.com/NixOS/nixpkgs/issues/59219
+  };
+
+
+  #SSH daemon only inside Nebula
+  services.openssh.listenAddresses = [{
+    addr = config.rg.ip;
+    port = 22;
+  }];
+
+  # Systemd timer so I go to sleep at decent hours
+  # Thanks to abread on #JustNixThings https://discord.com/channels/759576132227694642/874345962515071026/923166110759677992
+  systemd.services.go-to-bed = {
+    serviceConfig.Type = "oneshot";
+    path = with pkgs; [ "systemd" ];
+    script = "poweroff";
+  };
+  systemd.timers.go-to-bed-2200 = {
+    wantedBy = [ "timers.target" ];
+    partOf = [ "go-to-bed.service" ];
+    timerConfig = {
+      OnCalendar = "*-*-* 21:59:59";
+      Unit = "go-to-bed.service";
+    };
+  };
+  systemd.timers.go-to-bed-2230 = {
+    wantedBy = [ "timers.target" ];
+    partOf = [ "go-to-bed.service" ];
+    timerConfig = {
+      OnCalendar = "*-*-* 22:30..05:05";
+      Unit = "go-to-bed.service";
+    };
+  };
+
+  #Additional packages
+  environment.systemPackages = with pkgs; [
+    ffmpeg
+    gcc
+    appimage-run
+    lm_sensors
+    colordiff
+    gnome.gnome-tweaks
+    easyeffects
+  ];
+
+  zramSwap.enable = true;
+
+  hm.home.stateVersion = "24.05";
+  system.stateVersion = "24.05";
+
+  hm.programs.lan-mouse = {
+    enable = true;
+    # package = inputs.lan-mouse.packages.${pkgs.stdenv.hostPlatform.system}.default
+    # Optional configuration in nix syntax, see config.toml for available options
+    settings = {
+      top = {
+        # sazed
+        activate_on_startup = false;
+        ips = [ "192.168.10.5" ];
+        port = 7742;
+      };
+    };
+  };
+
+  services.udev.extraRules = lib.mkIf (config.rg.class == "workstation") ''
+    # DualShock 3 over USB
+    KERNEL=="hidraw", ATTRS{idVendor}=="054c", ATTRS{idProduct}=="0268", MODE="0666"
+
+    # DualShock 3 over Bluetooth
+    KERNEL=="hidraw*", KERNELS=="*054C:0268*", MODE="0666"
+
+  '';
+
+}
diff --git a/modules/blocky.nix b/modules/blocky.nix
@@ -58,8 +58,8 @@ in
         "scout.rafael.ovh" = "192.168.10.1";
 
         # Discontinued
-        # "heavy" = "192.168.10.2";
-        # "heavy.rafael.ovh" = "192.168.10.2";
+        "vin" = "192.168.10.2";
+        "vin.rafael.ovh" = "192.168.10.2";
 
         # Discontinued
         # "engineer" = "192.168.10.3";
@@ -72,20 +72,19 @@ in
         # "pyro" = "192.168.10.4";
         # "pyro.rafael.ovh" = "192.168.10.4";
 
-        # Discontinued
-        # "medic" = "192.168.10.5";
-        # "medic.rafael.ovh" = "192.168.10.5";
-        # "medicist" =
-        #   lib.mkIf (config.networking.hostName != "engie") "193.136.132.93";
+        "sazed" = "192.168.10.5";
+        "sazed.rafael.ovh" = "192.168.10.5";
 
         "spy" = "192.168.10.6";
         "spy.rafael.ovh" = "192.168.10.6";
         "media.rafael.ovh" =
-          lib.mkIf (config.networking.hostName != "engie") "192.168.10.6";
+          #TODO: hacky. create an option for this.
+          lib.mkIf (config.networking.hostName != "saxton") "192.168.10.6";
 
         "demo" = "192.168.10.7";
         "demo.rafael.ovh" = "192.168.10.7";
 
+        #TODO: remove. doesn't exist anymore
         "sniper" = "192.168.10.8";
         "sniper.rafael.ovh" = "192.168.10.8";