From be662f37b0cc5e5f0bad3d0e5065b91d43765cba Mon Sep 17 00:00:00 2001 From: Julien Moutinho Date: Wed, 30 Nov 2022 22:13:36 +0100 Subject: [PATCH 01/16] patate: fix upgrade --- homes/julm.nix | 2 +- hosts/patate.nix | 3 ++- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/homes/julm.nix b/homes/julm.nix index bb25469..842fb50 100644 --- a/homes/julm.nix +++ b/homes/julm.nix @@ -86,7 +86,7 @@ }) // { "patate.wg" = { user = "sevy"; - proxyJump = "mermet.wg"; + #proxyJump = "mermet.wg"; }; }; programs.git = { diff --git a/hosts/patate.nix b/hosts/patate.nix index ea448a4..8196d26 100644 --- a/hosts/patate.nix +++ b/hosts/patate.nix @@ -45,7 +45,7 @@ trusted-users = [ config.users.users."sevy".name ]; substituters = [ #"ssh://nix-ssh@losurdo.wg?priority=30" - "ssh://nix-ssh@oignon.wg?priority=10" + #"ssh://nix-ssh@oignon.wg?priority=10" ]; trusted-public-keys = map lib.readFile [ ../users/root/nix/losurdo.pub @@ -53,6 +53,7 @@ ]; }; }; + install.substituteOnDestination = false; environment.systemPackages = [ pkgs.riseup-vpn # Can't be installed by home-manager because it needs to install policy-kit rules -- 2.47.2 From 35e3c3646860a9d0362a0ed21879eb3dba9b5cea Mon Sep 17 00:00:00 2001 From: Julien Moutinho Date: Thu, 1 Dec 2022 00:37:09 +0100 Subject: [PATCH 02/16] patate: emacs: disable for now --- homes/sevy/hosts/patate.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/homes/sevy/hosts/patate.nix b/homes/sevy/hosts/patate.nix index bbf5ae2..b7f699f 100644 --- a/homes/sevy/hosts/patate.nix +++ b/homes/sevy/hosts/patate.nix @@ -4,7 +4,7 @@ ../../../home-manager/profiles/chat.nix ../../../home-manager/profiles/developing.nix ../../../home-manager/profiles/drawing.nix - ../../../home-manager/profiles/emacs.nix + #../../../home-manager/profiles/emacs.nix ../../../home-manager/profiles/firefox.nix ../../../home-manager/profiles/gaming.nix ../../../home-manager/profiles/graphical.nix -- 2.47.2 From 94cea850dab343d7b0eaee74f5d6bc773c91169a Mon Sep 17 00:00:00 2001 From: Julien Moutinho Date: Sat, 3 Dec 2022 20:31:46 +0100 Subject: [PATCH 03/16] aubergine: networking: remove debugging --- nixos/profiles/networking.nix | 1 - 1 file changed, 1 deletion(-) diff --git a/nixos/profiles/networking.nix b/nixos/profiles/networking.nix index abc49ae..5fb3802 100644 --- a/nixos/profiles/networking.nix +++ b/nixos/profiles/networking.nix @@ -77,7 +77,6 @@ with lib; while read -r route; do ip route change $route dev $DEVICE_IP_IFACE congctl westwood done - ip r >>/tmp/log ;; esac ;; -- 2.47.2 From 8b9332440b2978696fb754496b701f32774f0164 Mon Sep 17 00:00:00 2001 From: Julien Moutinho Date: Sat, 3 Dec 2022 20:38:33 +0100 Subject: [PATCH 04/16] nix: try to stop nixos-fallback even if the test fails --- flake.nix | 19 ++++++++++++------- 1 file changed, 12 insertions(+), 7 deletions(-) diff --git a/flake.nix b/flake.nix index d8fc84d..e0f3dcd 100644 --- a/flake.nix +++ b/flake.nix @@ -118,7 +118,7 @@ nix copy --to ssh://${target}${lib.optionalString config.install.substituteOnDestination " --substitute-on-destination"} ${build.toplevel} - ssh ${target} set -x ';' \ + if ssh ${target} set -x ';' \ systemctl reset-failed nixos-fallback '2>/dev/null' ';' \ systemd-run -u nixos-fallback --description=nixos-fallback /bin/sh -xc '''\''' PATH=${with pkgs; lib.makeBinPath [ coreutils nix systemd ]} @@ -127,12 +127,17 @@ systemctl reboot '\'''' '&&' \ ${build.toplevel}/bin/switch-to-configuration test - - ssh ${target} -o ControlPath=none set -x ';' \ - systemctl stop nixos-fallback.service ';' \ - nix-env --profile ${profile} --set '${build.toplevel}' ';' \ - ${build.toplevel}/bin/switch-to-configuration boot '&&' \ - nix-env --delete-generations 7d --profile ${profile} + then + ssh ${target} -o ControlPath=none set -x ';' \ + systemctl stop nixos-fallback.service ';' \ + nix-env --profile ${profile} --set '${build.toplevel}' ';' \ + ${build.toplevel}/bin/switch-to-configuration boot '&&' \ + nix-env --delete-generations 7d --profile ${profile} + else + ssh ${target} -o ControlPath=none set -x ';' \ + systemctl stop nixos-fallback.service + false + fi ''; }) inputs.self.nixosConfigurations); -- 2.47.2 From 92fc0fab6b67cc46f6b091d61d16c45c2e3987a6 Mon Sep 17 00:00:00 2001 From: Julien Moutinho Date: Mon, 5 Dec 2022 00:01:44 +0100 Subject: [PATCH 05/16] xserver: default layout to `fr` --- hosts/oignon.nix | 1 + nixos/profiles/lang-fr.nix | 2 +- 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/hosts/oignon.nix b/hosts/oignon.nix index 57aac98..3763dfa 100644 --- a/hosts/oignon.nix +++ b/hosts/oignon.nix @@ -198,6 +198,7 @@ ]; services.xserver = { + layout = "fr,us(altgr-intl)"; desktopManager = { session = [ # Let the session be generated by home-manager diff --git a/nixos/profiles/lang-fr.nix b/nixos/profiles/lang-fr.nix index 0f7485b..c5483bd 100644 --- a/nixos/profiles/lang-fr.nix +++ b/nixos/profiles/lang-fr.nix @@ -5,7 +5,7 @@ console.font = "Lat2-Terminus16"; console.keyMap = lib.mkDefault "fr"; services.xserver = { - layout = "fr,us(altgr-intl)"; + layout = lib.mkDefault "fr"; xkbOptions = "eurosign:e, compose:menu, grp:alt_space_toggle"; libinput.enable = true; }; -- 2.47.2 From eef90b988d7cb6ef84efa53d467c5110d694265a Mon Sep 17 00:00:00 2001 From: Julien Moutinho Date: Thu, 22 Dec 2022 17:46:45 +0100 Subject: [PATCH 06/16] aubergine: dnscrypt-proxy2: fix listen_addresses --- hosts/aubergine/networking.nix | 6 ++++++ hosts/aubergine/networking/ethernet.nix | 5 ----- hosts/aubergine/networking/wifi.nix | 1 - 3 files changed, 6 insertions(+), 6 deletions(-) diff --git a/hosts/aubergine/networking.nix b/hosts/aubergine/networking.nix index 3728b9b..342b392 100644 --- a/hosts/aubergine/networking.nix +++ b/hosts/aubergine/networking.nix @@ -36,9 +36,15 @@ with (import networking/names-and-numbers.nix); services.avahi.enable = true; services.avahi.openFirewall = true; services.avahi.publish.enable = true; + # WARNING: settings.listen_addresses are not merged... + # hence there all defined here. services.dnscrypt-proxy2.settings.listen_addresses = [ "127.0.0.1:53" "[::1]:53" + "${eth1IPv4}.1:53" + "${eth2IPv4}.1:53" + "${eth3IPv4}.1:53" + "${wifiIPv4}.1:53" ]; networking.wireguard.wg-intra.peers = { diff --git a/hosts/aubergine/networking/ethernet.nix b/hosts/aubergine/networking/ethernet.nix index b846325..c6c55a0 100644 --- a/hosts/aubergine/networking/ethernet.nix +++ b/hosts/aubergine/networking/ethernet.nix @@ -1,11 +1,6 @@ { lib, ... }: with (import ./names-and-numbers.nix); { - services.dnscrypt-proxy2.settings.listen_addresses = [ - "${eth1IPv4}.1:53" - "${eth2IPv4}.1:53" - "${eth3IPv4}.1:53" - ]; networking.interfaces = { ${eth1Iface} = { useDHCP = false; diff --git a/hosts/aubergine/networking/wifi.nix b/hosts/aubergine/networking/wifi.nix index 15f52f3..1eaf33a 100644 --- a/hosts/aubergine/networking/wifi.nix +++ b/hosts/aubergine/networking/wifi.nix @@ -41,7 +41,6 @@ with (import ./names-and-numbers.nix); ''; networking.networkmanager.unmanaged = [ wifiIface ]; - services.dnscrypt-proxy2.settings.listen_addresses = [ "${wifiIPv4}.1:53" ]; systemd.services.dhcpd4.onFailure = [ "network-addresses-${wifiIface}.service" ]; services.dhcpd4 = { enable = true; -- 2.47.2 From 51818ba1de6461a012106e0c0ef5838cea06fce1 Mon Sep 17 00:00:00 2001 From: Julien Moutinho Date: Fri, 23 Dec 2022 21:30:46 +0100 Subject: [PATCH 07/16] aubergine: move from SD to SSD --- flake.nix | 1 + hosts/aubergine/Makefile | 29 +++++--- hosts/aubergine/hardware.nix | 74 +++++++++++--------- nixpkgs/patches.nix | 5 -- nixpkgs/patches/mmsd.diff | 131 +++++++++++++++++++++++++++++++++++ shell.nix | 1 + 6 files changed, 193 insertions(+), 48 deletions(-) create mode 100644 nixpkgs/patches/mmsd.diff diff --git a/flake.nix b/flake.nix index e0f3dcd..30031fb 100644 --- a/flake.nix +++ b/flake.nix @@ -15,6 +15,7 @@ let remoteNixpkgsPatches = import nixpkgs/patches.nix; localNixpkgsPatches = [ + nixpkgs/patches/mmsd.diff ]; originPkgs = inputs.nixpkgs.legacyPackages."x86_64-linux"; nixpkgsPath = originPkgs.applyPatches { diff --git a/hosts/aubergine/Makefile b/hosts/aubergine/Makefile index 7dfa5e0..16c1675 100644 --- a/hosts/aubergine/Makefile +++ b/hosts/aubergine/Makefile @@ -7,26 +7,27 @@ rpool := $(hostName) cipher := autotrim := on reservation := 1G +compression := zstd wipe-sd: sudo sgdisk --zap-all $(disk_sd) wipe-ssd: sudo sgdisk --zap-all $(disk_ssd) - sudo zpool labelclear -f /dev/disk/by-partlabel/$(hostName)_ssd_rpool || true + sudo zpool labelclear -f /dev/disk/by-partlabel/$(hostName)_ssd_root || true -part: wipe-sd wipe-ssd +part: part-sd part-ssd part-sd: wipe-sd sudo sgdisk -a1 -n0:34:2047 -t0:EF02 -c0:"$(hostName)_sd_bios" $(disk_sd) sudo sgdisk -n0:1M:+100M -t0:EF00 -c0:"$(hostName)_sd_efi" $(disk_sd) sudo sgdisk -n0:0:0 -t0:8300 -c0:"$(hostName)_sd_root" $(disk_sd) sudo sgdisk --randomize-guids $(disk_sd) sudo sgdisk --backup=$(hostName)_sd.sgdisk $(disk_sd) -part-ssd: +part-ssd: wipe-ssd sudo sgdisk -a1 -n0:34:2047 -t0:EF02 -c0:"$(hostName)_ssd_bios" $(disk_ssd) sudo sgdisk -n0:1M:+100M -t0:EF00 -c0:"$(hostName)_ssd_efi" $(disk_ssd) sudo sgdisk -n0:0:+256M -t0:8300 -c0:"$(hostName)_ssd_boot" $(disk_ssd) - sudo sgdisk -n0:0:+8G -t0:8200 -c0:"$(hostName)_ssd_swap" $(disk_ssd) - sudo sgdisk -n0:0:0 -t0:BF01 -c0:"$(hostName)_ssd_rpool" $(disk_ssd) + sudo sgdisk -n0:0:+2G -t0:8200 -c0:"$(hostName)_ssd_swap" $(disk_ssd) + sudo sgdisk -n0:0:0 -t0:BF01 -c0:"$(hostName)_ssd_root" $(disk_ssd) sudo sgdisk --randomize-guids $(disk_ssd) sudo sgdisk --backup=$(hostName)_ssd.sgdisk $(disk_ssd) @@ -48,8 +49,8 @@ format-ssd-boot: format-ssd-root: sudo zpool list $(rpool) 2>/dev/null || \ sudo zpool create -o ashift=12 \ - -O utf8only=yes \ - -R /mnt/$(hostName) $(rpool) /dev/disk/by-partlabel/$(hostName)_ssd_zpool + -O utf8only=on \ + -R /mnt/install/$(hostName) $(rpool) /dev/disk/by-partlabel/$(hostName)_ssd_root sudo zpool set \ autotrim=$(autotrim) \ $(rpool) @@ -77,6 +78,7 @@ format-ssd-root: # /* for p in \ nix \ + home \ var \ ; do \ sudo zfs list $(rpool)/"$$p" 2>/dev/null || \ @@ -86,7 +88,6 @@ format-ssd-root: $(rpool)/"$$p" ; \ done for p in \ - home/julm \ ; do \ sudo zfs list $(rpool)/"$$p" 2>/dev/null || \ sudo zfs create \ @@ -113,9 +114,19 @@ mount-sd-efi: | mount-sd-root mount-ssd: mount-ssd-root mount-ssd-efi mount-ssd-root: sudo mkdir -p /mnt/install/$(hostName) + sudo zpool list $(hostName) || \ + sudo zpool import -R /mnt/install/$(hostName) $(hostName) sudo mountpoint /mnt/install/$(hostName) || \ - sudo mount -v /dev/disk/by-partlabel/$(hostName)_ssd_root /mnt/install/$(hostName) + sudo mount -v -t zfs $(hostName)/root /mnt/install/$(hostName) + for p in nix home var; do \ + sudo mkdir -p /mnt/install/$(hostName)/$$p; \ + sudo mountpoint /mnt/install/$(hostName)/$$p || \ + sudo mount -v -t zfs $(hostName)/$$p /mnt/install/$(hostName)/$$p; \ + done mount-ssd-efi: | mount-ssd-root + sudo mkdir -p /mnt/install/$(hostName)/boot + sudo mountpoint /mnt/install/$(hostName)/boot || \ + sudo mount -v /dev/disk/by-partlabel/$(hostName)_ssd_boot /mnt/install/$(hostName)/boot sudo mkdir -p /mnt/install/$(hostName)/boot/efi sudo mountpoint /mnt/install/$(hostName)/boot/efi || \ sudo mount -v /dev/disk/by-partlabel/$(hostName)_ssd_efi /mnt/install/$(hostName)/boot/efi diff --git a/hosts/aubergine/hardware.nix b/hosts/aubergine/hardware.nix index 0a695ee..34cb197 100644 --- a/hosts/aubergine/hardware.nix +++ b/hosts/aubergine/hardware.nix @@ -28,7 +28,8 @@ version = 2; devices = [ #"/dev/disk/by-id/mmc-SU08G_0xb0320f0f" - "/dev/disk/by-id/usb-Generic-_Multi-Card_20071114173400000-0:0" + #"/dev/disk/by-id/usb-Generic-_Multi-Card_20071114173400000-0:0" + "/dev/disk/by-id/ata-YMTC_JGS_2201060101833" ]; configurationLimit = 9; @@ -38,28 +39,6 @@ }; boot.tmpOnTmpfs = true; - fileSystems."/" = - { - device = "/dev/disk/by-partlabel/${hostName}_sd_root"; - fsType = "ext4"; - }; - fileSystems."/boot/efi" = - { - device = "/dev/disk/by-partlabel/${hostName}_sd_efi"; - fsType = "vfat"; - }; - /* - swapDevices = [ - { device = "/dev/disk/by-partlabel/${hostName}_ssd_swap"; - randomEncryption = { - enable = true; - cipher = "aes-xts-plain64"; - source = "/dev/urandom"; - }; - } - ]; - */ - boot.supportedFilesystems = [ /*"ntfs"*/ "vfat" ]; boot.extraModulePackages = [ #config.boot.kernelPackages.exfat-nofuse @@ -68,20 +47,47 @@ powerManagement.powertop.enable = true; #services.fprintd.enable = true; - /* - fileSystems."/" = - { device = "${hostName}/root"; - fsType = "zfs"; + fileSystems."/" = + { + device = "${hostName}/root"; + fsType = "zfs"; }; - fileSystems."/nix" = - { device = "${hostName}/nix"; - fsType = "zfs"; + fileSystems."/boot" = + { + device = "/dev/disk/by-partlabel/${hostName}_ssd_boot"; + fsType = "ext4"; }; - fileSystems."/var" = - { device = "${hostName}/var"; - fsType = "zfs"; + fileSystems."/boot/efi" = + { + device = "/dev/disk/by-partlabel/${hostName}_ssd_efi"; + fsType = "vfat"; }; - */ + fileSystems."/nix" = + { + device = "${hostName}/nix"; + fsType = "zfs"; + }; + fileSystems."/var" = + { + device = "${hostName}/var"; + fsType = "zfs"; + }; + fileSystems."/home" = + { + device = "${hostName}/home"; + fsType = "zfs"; + }; + swapDevices = + [ + { + device = "/dev/disk/by-partlabel/${hostName}_ssd_swap"; + randomEncryption = { + enable = true; + cipher = "aes-xts-plain64"; + source = "/dev/urandom"; + }; + } + ]; hardware.pulseaudio.enable = lib.mkDefault true; #hardware.pulseaudio.tcp.enable = lib.mkDefault true; diff --git a/nixpkgs/patches.nix b/nixpkgs/patches.nix index 926e15e..b2da6c2 100644 --- a/nixpkgs/patches.nix +++ b/nixpkgs/patches.nix @@ -9,11 +9,6 @@ url = "https://github.com/NixOS/nixpkgs/pull/128014.diff"; sha256 = "sha256-FVp0ogzLwYbQuU8Luj+yAmFOjGC4ZyyQLSybRdfQLoA="; } - { - meta.description = "mmsd"; - url = "https://github.com/NixOS/nixpkgs/pull/196965.diff"; - sha256 = "sha256-7hNuN2RUzLT0hZmITIEdRK3k7xu07I7XC1m8NPN+BYU="; - } { meta.description = "nixos/syncoid: enable N:N dataset mappings"; url = "https://github.com/NixOS/nixpkgs/pull/147559.diff"; diff --git a/nixpkgs/patches/mmsd.diff b/nixpkgs/patches/mmsd.diff new file mode 100644 index 0000000..66b83d6 --- /dev/null +++ b/nixpkgs/patches/mmsd.diff @@ -0,0 +1,131 @@ +diff --git a/nixos/modules/module-list.nix b/nixos/modules/module-list.nix +index ad0679d6165..cf593ad6aa9 100644 +--- a/nixos/modules/module-list.nix ++++ b/nixos/modules/module-list.nix +@@ -856,7 +856,9 @@ + ./services/networking/mjpg-streamer.nix + ./services/networking/minidlna.nix + ./services/networking/miniupnpd.nix +- ./services/networking/mosquitto.nix ++ ./services/networking/miredo.nix ++ ./services/networking/mjpg-streamer.nix ++ ./services/networking/mmsd.nix + ./services/networking/monero.nix + ./services/networking/morty.nix + ./services/networking/mozillavpn.nix +diff --git a/nixos/modules/services/networking/mmsd.nix b/nixos/modules/services/networking/mmsd.nix +new file mode 100644 +index 00000000000..7e262a9326c +--- /dev/null ++++ b/nixos/modules/services/networking/mmsd.nix +@@ -0,0 +1,38 @@ ++{ pkgs, lib, config, ... }: ++with lib; ++let ++ cfg = config.services.mmsd; ++ dbusServiceFile = pkgs.writeTextDir "share/dbus-1/services/org.ofono.mms.service" '' ++ [D-BUS Service] ++ Name=org.ofono.mms ++ SystemdService=dbus-org.ofono.mms.service ++ ++ # Exec= is still required despite SystemdService= being used: ++ # https://github.com/freedesktop/dbus/blob/ef55a3db0d8f17848f8a579092fb05900cc076f5/test/data/systemd-activation/com.example.SystemdActivatable1.service ++ Exec=${pkgs.coreutils}/bin/false mmsd ++ ''; ++in ++{ ++ options.services.mmsd = { ++ enable = mkEnableOption (mdDoc "Multimedia Messaging Service Daemon"); ++ extraArgs = mkOption { ++ type = with types; listOf str; ++ description = mdDoc "Extra arguments passed to `mmsd-tng`"; ++ default = []; ++ example = ["--debug"]; ++ }; ++ }; ++ config = mkIf cfg.enable { ++ services.dbus.packages = [ dbusServiceFile ]; ++ systemd.user.services.mmsd = { ++ after = [ "ModemManager.service" ]; ++ aliases = [ "dbus-org.ofono.mms.service" ]; ++ serviceConfig = { ++ Type = "dbus"; ++ ExecStart = "${pkgs.mmsd-tng}/bin/mmsdtng " + escapeShellArgs cfg.extraArgs; ++ BusName = "org.ofono.mms"; ++ Restart = "on-failure"; ++ }; ++ }; ++ }; ++} +diff --git a/pkgs/tools/networking/mmsd-tng/default.nix b/pkgs/tools/networking/mmsd-tng/default.nix +new file mode 100644 +index 00000000000..eaf12263751 +--- /dev/null ++++ b/pkgs/tools/networking/mmsd-tng/default.nix +@@ -0,0 +1,53 @@ ++{ lib, stdenv ++, fetchFromGitLab ++, c-ares ++, dbus ++, glib ++, libphonenumber ++, libsoup ++, meson ++, mobile-broadband-provider-info ++, modemmanager ++, ninja ++, pkg-config ++, protobuf ++}: ++ ++stdenv.mkDerivation rec { ++ pname = "mmsd-tng"; ++ version = "1.12.1"; ++ ++ src = fetchFromGitLab { ++ owner = "kop316"; ++ repo = "mmsd"; ++ rev = version; ++ sha256 = "sha256-fhbiTJWmQwJpuMaVX2qWyWwJ/2Y/Vczo//+0T0b6jhA="; ++ }; ++ ++ nativeBuildInputs = [ ++ meson ++ ninja ++ pkg-config ++ ]; ++ ++ buildInputs = [ ++ c-ares ++ dbus ++ glib ++ libphonenumber ++ libsoup ++ mobile-broadband-provider-info ++ modemmanager ++ protobuf ++ ]; ++ ++ doCheck = true; ++ ++ meta = with lib; { ++ description = "Multimedia Messaging Service Daemon - The Next Generation"; ++ homepage = "https://gitlab.com/kop316/mmsd"; ++ license = licenses.gpl2Plus; ++ maintainers = with maintainers; [ julm ]; ++ platforms = platforms.linux; ++ }; ++} +diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix +index dc456b3848e..9cf798e033d 100644 +--- a/pkgs/top-level/all-packages.nix ++++ b/pkgs/top-level/all-packages.nix +@@ -30199,6 +30199,8 @@ with pkgs; + + mmsd = callPackage ../tools/networking/mmsd { }; + ++ mmsd-tng = callPackage ../tools/networking/mmsd-tng { }; ++ + mmtc = callPackage ../applications/audio/mmtc { }; + + mnamer = callPackage ../applications/misc/mnamer { }; diff --git a/shell.nix b/shell.nix index 5d21318..d64d2cc 100644 --- a/shell.nix +++ b/shell.nix @@ -6,6 +6,7 @@ pkgs.mkShell { #allowSubstitutes = false; buildInputs = [ (pkgs.nixos [ ]).nixos-install + pkgs.gnumake pkgs.gptfdisk ]; #enableParallelBuilding = true; -- 2.47.2 From 9964ba4a27a78886bf3d428384d99d9f336497c8 Mon Sep 17 00:00:00 2001 From: Julien Moutinho Date: Sat, 24 Dec 2022 02:11:50 +0100 Subject: [PATCH 08/16] developing: install exfat --- home-manager/profiles/developing.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/home-manager/profiles/developing.nix b/home-manager/profiles/developing.nix index 9199d50..03380df 100644 --- a/home-manager/profiles/developing.nix +++ b/home-manager/profiles/developing.nix @@ -11,6 +11,7 @@ pkgs.bpftrace pkgs.cachix pkgs.exa + pkgs.exfat pkgs.flamegraph pkgs.gdb pkgs.gnumake -- 2.47.2 From 4c7a756aa0979a1dfc4f70f8b3eb30d11ee671ae Mon Sep 17 00:00:00 2001 From: Julien Moutinho Date: Sun, 25 Dec 2022 14:13:31 +0100 Subject: [PATCH 09/16] audio: move from pulseaudio to pipewire --- nixos/profiles/graphical.nix | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) diff --git a/nixos/profiles/graphical.nix b/nixos/profiles/graphical.nix index 356f8d8..9d8bcaa 100644 --- a/nixos/profiles/graphical.nix +++ b/nixos/profiles/graphical.nix @@ -4,15 +4,23 @@ with lib; console.useXkbConfig = mkDefault true; environment.systemPackages = [ pkgs.paprefs + pkgs.pulseaudio ]; - hardware.pulseaudio.enable = mkDefault true; + + security.rtkit.enable = true; # optional but recommended + services.pipewire = { + enable = true; + alsa.enable = mkDefault true; + alsa.support32Bit = mkDefault true; + pulse.enable = mkDefault true; + }; + # Allow members of the "adbusers" group to mount Android devices via MTP. programs.adb.enable = true; programs.dconf.enable = true; services.dbus.packages = [ pkgs.dconf ]; services.gvfs.enable = mkDefault true; services.avahi.enable = mkDefault true; - sound.enable = mkDefault true; services.xserver = { enable = mkDefault true; -- 2.47.2 From b5986f3165507d13e0689ced1a9c96b18e917e85 Mon Sep 17 00:00:00 2001 From: Julien Moutinho Date: Sun, 25 Dec 2022 14:13:51 +0100 Subject: [PATCH 10/16] oignon: audio: enable jack --- home-manager/profiles/graphical.nix | 1 + hosts/oignon/hardware.nix | 2 ++ 2 files changed, 3 insertions(+) diff --git a/home-manager/profiles/graphical.nix b/home-manager/profiles/graphical.nix index b127ddb..fbd51de 100644 --- a/home-manager/profiles/graphical.nix +++ b/home-manager/profiles/graphical.nix @@ -12,6 +12,7 @@ pkgs.gnome.dconf-editor pkgs.hicolor-icon-theme pkgs.pavucontrol + pkgs.qpwgraph pkgs.x2goclient pkgs.xclip pkgs.xorg.xkill diff --git a/hosts/oignon/hardware.nix b/hosts/oignon/hardware.nix index 2ed914f..f7a5867 100644 --- a/hosts/oignon/hardware.nix +++ b/hosts/oignon/hardware.nix @@ -79,4 +79,6 @@ fsType = "zfs"; }; + services.pipewire.jack.enable = true; + } -- 2.47.2 From 4f0b4dfb28b76014e4c0d88afdc41fb28f70ddb7 Mon Sep 17 00:00:00 2001 From: Julien Moutinho Date: Mon, 26 Dec 2022 10:52:44 +0100 Subject: [PATCH 11/16] gdk: fix SVG support --- nixos/profiles/graphical.nix | 2 ++ 1 file changed, 2 insertions(+) diff --git a/nixos/profiles/graphical.nix b/nixos/profiles/graphical.nix index 9d8bcaa..e88076d 100644 --- a/nixos/profiles/graphical.nix +++ b/nixos/profiles/graphical.nix @@ -41,4 +41,6 @@ with lib; }; displayManager.autoLogin.enable = mkDefault true; }; + + services.xserver.gdk-pixbuf.modulePackages = [ pkgs.librsvg ]; } -- 2.47.2 From 3d659720a48c6dd34b843e5893c82cf15c8d5f3f Mon Sep 17 00:00:00 2001 From: Julien Moutinho Date: Mon, 26 Dec 2022 10:53:10 +0100 Subject: [PATCH 12/16] oignon: fluidsynth: install --- homes/julm/hosts/oignon.nix | 2 ++ nixos/profiles/graphical.nix | 3 ++- 2 files changed, 4 insertions(+), 1 deletion(-) diff --git a/homes/julm/hosts/oignon.nix b/homes/julm/hosts/oignon.nix index 9c92155..72a728b 100644 --- a/homes/julm/hosts/oignon.nix +++ b/homes/julm/hosts/oignon.nix @@ -29,6 +29,7 @@ }; home.packages = [ pkgs.chromium + pkgs.fluidsynth pkgs.gpsbabel #(pkgs.qgis.override { extraPythonPackages = (ps: [ # ps.pyqt5_with_qtwebkit @@ -40,5 +41,6 @@ pkgs.wxmaxima pkgs.espeak-ng pkgs.iodine + #pkgs.qsynth ]; } diff --git a/nixos/profiles/graphical.nix b/nixos/profiles/graphical.nix index e88076d..e3a02a3 100644 --- a/nixos/profiles/graphical.nix +++ b/nixos/profiles/graphical.nix @@ -3,8 +3,9 @@ with lib; { console.useXkbConfig = mkDefault true; environment.systemPackages = [ + pkgs.gdk-pixbuf.dev # for gdk-pixbuf-query-loaders pkgs.paprefs - pkgs.pulseaudio + pkgs.pulseaudio # for pactl when using pipewire ]; security.rtkit.enable = true; # optional but recommended -- 2.47.2 From b8354c103228e5a657c67800916fda20e9015dd7 Mon Sep 17 00:00:00 2001 From: Julien Moutinho Date: Mon, 2 Jan 2023 01:03:19 +0100 Subject: [PATCH 13/16] mpv: add c binding to show chapters --- home-manager/profiles/mpv.nix | 3 +++ 1 file changed, 3 insertions(+) diff --git a/home-manager/profiles/mpv.nix b/home-manager/profiles/mpv.nix index 3e9104e..768b7fb 100644 --- a/home-manager/profiles/mpv.nix +++ b/home-manager/profiles/mpv.nix @@ -8,6 +8,9 @@ # See https://github.com/mpv-player/mpv/issues/3979 Alt+a cycle-values af "dynaudnorm=f=75:g=25:n=0:p=0.58" "loudnorm" "" Alt+f cycle video-unscaled + + # Show all chapters (like a right-clic on |<< or >>|) + c show_text ''${chapter-list} ''; xdg.configFile."mpv/mpv.conf".text = '' hwdec=auto-safe -- 2.47.2 From 3b705bb5897a2b0b47f27338769715d4c7b7ee15 Mon Sep 17 00:00:00 2001 From: Julien Moutinho Date: Sun, 8 Jan 2023 12:27:49 +0100 Subject: [PATCH 14/16] firefox: user browserpass instead of passff --- home-manager/profiles/firefox.nix | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/home-manager/profiles/firefox.nix b/home-manager/profiles/firefox.nix index b75e23d..21b83c3 100644 --- a/home-manager/profiles/firefox.nix +++ b/home-manager/profiles/firefox.nix @@ -3,6 +3,8 @@ home.packages = lib.mkIf config.programs.firefox.enable [ #pkgs.tor-browser-bundle-bin ]; + programs.browserpass.enable = true; + programs.browserpass.browsers = [ "firefox" ]; programs.firefox = { enable = lib.mkDefault true; /* @@ -45,7 +47,7 @@ SearchSuggestEnabled = false; UserMessaging = { ExtensionRecommendations = false; SkipOnboarding = true; }; }; - extraNativeMessagingHosts = [ pkgs.passff-host ]; + #extraNativeMessagingHosts = [ pkgs.passff-host ]; }; }; } -- 2.47.2 From 72f47be719c8d1f10cd326061a3d8ff2d2c644c6 Mon Sep 17 00:00:00 2001 From: Julien Moutinho Date: Sun, 8 Jan 2023 20:57:59 +0100 Subject: [PATCH 15/16] drawing: add darktable --- home-manager/profiles/drawing.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/home-manager/profiles/drawing.nix b/home-manager/profiles/drawing.nix index b5756eb..63f9cc5 100644 --- a/home-manager/profiles/drawing.nix +++ b/home-manager/profiles/drawing.nix @@ -2,6 +2,7 @@ { home.packages = [ #pkgs.blender + pkgs.darktable pkgs.gcolor2 pkgs.geeqie pkgs.gimp -- 2.47.2 From 637f02c4f35d8dc4b0181abb8e517518467ad541 Mon Sep 17 00:00:00 2001 From: Julien Moutinho Date: Mon, 9 Jan 2023 02:25:47 +0100 Subject: [PATCH 16/16] systemd-creds: improve documentation --- nixos/modules/security/systemd-creds.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/nixos/modules/security/systemd-creds.nix b/nixos/modules/security/systemd-creds.nix index 04a0c2f..6895f0d 100644 --- a/nixos/modules/security/systemd-creds.nix +++ b/nixos/modules/security/systemd-creds.nix @@ -105,10 +105,10 @@ let cfg = config.security.systemd-creds; in ::: {.warning} To be able to access the relative path of the `.cred` file, - `inputs.self` has to be used in `LoadCredentialEncrypted`. + `inputs.self` has to be used in `LoadCredentialEncrypted=`. Note that `inputs` is a `config._module.args` or `specialArgs` usually set in your `flake.nix`. - Using `''${wireguard/wg-intra/privatekey}` + In other words, using `''${wireguard/wg-intra/privatekey}` here, would not work, because it drops the `wireguard/wg-intra/` part. ::: ''; -- 2.47.2