lkajsdlkajsldj

2024-09-13 18:25:22 +02:00 · 2024-09-13 18:25:22 +02:00 · 408cbcd4a0
parent 573ca91f6e
commit 408cbcd4a0
6 changed files with 54 additions and 21 deletions
--- a/base.nix
+++ b/base.nix
@ -42,6 +42,22 @@

  hardware.enableRedistributableFirmware = true;

+  boot.initrd.systemd.enable = true; # systemd manages initfs boot, systemd-analyse can see what happened
+  # https://discourse.nixos.org/t/what-to-do-with-a-full-boot-partition/2049
+  # raise to 15 if auto upgrading
+  boot.loader.grub.configurationLimit = lib.mkDefault 5;
+  boot.loader.systemd-boot.configurationLimit = lib.mkDefault 5;
+  boot.loader.raspberryPi.uboot.configurationLimit = lib.mkDefault 5;
+  boot.loader.generic-extlinux-compatible.configurationLimit = lib.mkDefault 5;
+
+  networking.firewall.enable = true; # default
+  #networking.nftables.enable = true; # wirewall backend, instead of iptables, breaks docker which uses iptables
+  #networking.firewall.allowPing = false;
+  networking.networkmanager.wifi.backend = "iwd"; # default is wpa_supplicant
+
+  #system.switch.enable = false;
+  #system.switch.enableNg = true; # rewritten in rust
+
  sops.secrets.nix-access-tokens.mode = "0440";
  sops.secrets.nix-access-tokens.group = config.users.groups.keys.name;
  nix.extraOptions = ''
@ -89,13 +105,4 @@
    noto-fonts-emoji
    noto-fonts-extra
  ];
-
-  networking.firewall.enable = true; # default
-
-  # https://discourse.nixos.org/t/what-to-do-with-a-full-boot-partition/2049
-  # raise to 15 if auto upgrading
-  boot.loader.grub.configurationLimit = lib.mkDefault 5;
-  boot.loader.systemd-boot.configurationLimit = lib.mkDefault 5;
-  boot.loader.raspberryPi.uboot.configurationLimit = lib.mkDefault 5;
-  boot.loader.generic-extlinux-compatible.configurationLimit = lib.mkDefault 5;
 }
--- a/hardware/gpu/cuda.nix
+++ b/hardware/gpu/cuda.nix
@ -33,8 +33,9 @@
  hardware.nvidia.modesetting.enable = lib.mkDefault true; # needed for most wayland compositors
  hardware.nvidia.nvidiaSettings = lib.mkDefault true;

-  virtualisation.docker.enableNvidia = lib.mkDefault true;
-  virtualisation.podman.enableNvidia = lib.mkDefault true;
+  /* virtualisation.docker.enableNvidia = lib.mkDefault true; */
+  /* virtualisation.podman.enableNvidia = lib.mkDefault true; */
+  hardware.nvidia-container-toolkit.enable = lib.mkDefault true;

  # only do these per-host

--- a/40
+++ b/40
@ -4,10 +4,10 @@ export GUM_FILTER_HEIGHT := "15"
  just "$(gum filter --placeholder "Pick a recipie..." $(just --summary --unsorted))"

 eval hostname=`just _a_host`:
-  nix eval .#nixosConfigurations.{{hostname}}.config.system.build.toplevel.outPath
+  nix eval .#nixosConfigurations."{{hostname}}".config.system.build.toplevel.outPath

 report hostname=`just _a_host`:
-  nix eval .#nixosReports.{{hostname}} --json | yq . --yaml-output | bat --language yaml --style plain --paging never
+  nix eval .#nixosReports."{{hostname}}" --json | yq . --yaml-output | bat --language yaml --style plain --paging never

 reports:
  nix eval .#nixosReports --json | yq . --yaml-output | bat --language yaml --style plain --paging never
@ -28,8 +28,11 @@ update:
    | gum choose --no-limit --height=15 \
    | xargs nix flake update --commit-lock-file

-build:
-  nixos-rebuild build --accept-flake-config --show-trace --flake .
+build hostname=`just _a_host`:
+  nixos-rebuild build --accept-flake-config --show-trace --flake .#"{{hostname}}"
+
+build-vm hostname=`just _a_host`:
+  nixos-rebuild build-vm --accept-flake-config --show-trace --flake .#"{{hostname}}"

 test:
  sudo nixos-rebuild test --accept-flake-config --show-trace --flake .
@ -44,9 +47,6 @@ boot-and-reboot:
  sudo nixos-rebuild boot --accept-flake-config --show-trace --flake .
  sudo reboot

-build-vm:
-  sudo nixos-rebuild build-vm --accept-flake-config --show-trace --flake .
-
 push hostname=`just _a_host` cmd=`gum choose test switch boot --header "Select mode..."`:
  nixos-rebuild build --flake .#{{hostname}}
  @echo pushing...
@ -56,8 +56,18 @@ push hostname=`just _a_host` cmd=`gum choose test switch boot --header "Select m
 inspect:
  nix run -- nixpkgs#nix-inspect -p .

+inspect-config host=`just _a_host`:
+  nix run -- nixpkgs#nix-inspect  -e '(builtins.getFlake "'"$PWD"'").nixosConfigurations.{{host}}.config'
+
@_a_host:
-  nix eval .#nixosConfigurations --apply builtins.attrNames --json 2>/dev/null | jq '.[]' -r | gum filter --placeholder "Pick a host..."
+  hostnames="$(nix eval .#nixosConfigurations --apply builtins.attrNames --json 2>/dev/null | jq '.[]' -r)"; \
+  if test "$(grep <<<"$hostnames" "^$(hostname)$" | wc -l)" -eq 1; then hostnames="$(hostname; grep <<<"$hostnames" -v "^$(hostname)$")"; fi; \
+  gum <<<"$hostnames" filter --placeholder "Pick a host..."
+
+@_a_fqdn:
+  hostnames="$(nix eval .#nixosConfigurations --apply 'c: builtins.attrValues (builtins.mapAttrs (_: x: x.config.networking.fqdn) c)' --json 2>/dev/null | jq '.[]' -r)"; \
+  if test "$(grep <<<"$hostnames" "^$(hostname --fqdn)$" | wc -l)" -eq 1; then hostnames="$(hostname --fqdn; grep <<<"$hostnames" -v "^$(hostname --fqdn)$")"; fi; \
+  gum <<<"$hostnames" filter --placeholder "Pick a host..."

@remote-current:
  >&2 echo Current remote: $(remote-host)
@ -65,14 +75,24 @@ inspect:
@remote-list:
  tomlq <.remote.toml '.hosts | to_entries[] | "remote-set \(.key+1) # -> \(.value.host)"' -r

+@remote-set remote=`just remote-current && just _a-remote-label`:
+  remote-set {{remote}}
+
@_a-remote-label:
  just remote-list | gum filter --placeholder "Pick a remote..." | cut -d' ' -f2

@_a-remote-fqdn:
  just remote-list | gum filter --placeholder "Pick a remote..." | cut -d' ' -f5-

-@remote-set remote=`just remote-current && just _a-remote-label`:
-  remote-set {{remote}}
+@_remote_ensure hostname=`just _a_fqdn`:
+  if test ! -s .remote.toml; then remote-init "{{ hostname }}"; \
+  elif tomlq <.remote.toml '.hosts | to_entries[] |.value.host' -r | grep -q "{{ hostname }}"; then true; \
+  else remote-add "{{ hostname }}"; \
+  fi
+
+@_remote_label_from_fqdn hostname=`just _a_fqdn`:
+  tomlq <.remote.toml '.hosts | to_entries[] | select(.value.host == "{{ hostname }}") | .key' -r
+

 # TODO: support multiple labels, run in tmux
 remote label=`just _a-remote-label` cmd=`printf "just %s\n" $(just --summary --unsorted) | gum filter --placeholder "Pick a recipie..."`:
--- a/profiles/desktop/gnome/default.nix
+++ b/profiles/desktop/gnome/default.nix
@ -16,6 +16,8 @@
  services.gnome.sushi.enable = true;
  services.gnome.gnome-online-accounts.enable = true;

+  services.gnome.gnome-browser-connector.enable  = true;
+
  environment.systemPackages = with pkgs; [
    firefox
    pavucontrol
--- a/profiles/desktop/sound/pipewire.nix
+++ b/profiles/desktop/sound/pipewire.nix
@ -9,6 +9,7 @@
  services.pipewire.alsa.support32Bit = true;
  #services.pipewire.jack.enable = true;
  services.pipewire.pulse.enable = true;
+
  # use the example session manager (no others are packaged yet so this is enabled by default,
  # no need to redefine it in your config for now)
  #services.pipewire.media-session.enable = true;
--- a/users/pbsds/home/profiles/desktop.nix
+++ b/users/pbsds/home/profiles/desktop.nix
@ -52,6 +52,8 @@
    zoom-us
  ];

+  programs.firefox.enableGnomeExtensions = true;
+
  home.shellAliases.eog = lib.mkIf (pkgs?loupe) "loupe";

  # flatpak