From 6eca6b09500e37e31f7cb6faa320e0f0a5ad1a43 Mon Sep 17 00:00:00 2001 From: caleb Date: Sun, 5 May 2024 18:53:07 -0400 Subject: [PATCH] end of semester update --- application-configuration.nix | 13 ++++--------- configuration.nix | 24 ++++-------------------- networking-configuration.nix | 16 ++++------------ school-configuration.nix | 15 --------------- surfacebook-configuration.nix | 13 +------------ 5 files changed, 13 insertions(+), 68 deletions(-) delete mode 100644 school-configuration.nix diff --git a/application-configuration.nix b/application-configuration.nix index 6b6fcaf..6ad02cd 100644 --- a/application-configuration.nix +++ b/application-configuration.nix @@ -18,10 +18,9 @@ tor-browser-bundle-bin yubikey-manager-qt libsForQt5.kdeconnect-kde - obsidian # virtualisation - podman-compose + docker-compose ]; }; @@ -46,14 +45,10 @@ # yubikey services.pcscd.enable = true; - # podman and libvirt + # docker and libvirt programs.virt-manager.enable = true; virtualisation = { - podman = { - enable = true; - dockerCompat = true; - defaultNetwork.settings.dns_enabled = true; - }; + docker.enable = true; # enable libvirt spiceUSBRedirection.enable = true; @@ -75,5 +70,5 @@ }; }; }; - users.users.caleb.extraGroups = [ "libvirtd" ]; + users.users.caleb.extraGroups = [ "libvirtd" "docker" ]; } diff --git a/configuration.nix b/configuration.nix index 7607f6c..7ce6662 100644 --- a/configuration.nix +++ b/configuration.nix @@ -8,7 +8,6 @@ ./networking-configuration.nix ./application-configuration.nix ./software-development-configuration.nix - ./school-configuration.nix ./faf-linux.nix ]; @@ -37,11 +36,6 @@ driSupport32Bit = true; }; - # Allow unfree and insecure packages - nixpkgs.config.permittedInsecurePackages = [ - "electron-25.9.0" - ]; - nixpkgs.config.allowUnfreePredicate = pkg: builtins.elem (lib.getName pkg) [ "vista-fonts" "corefonts" @@ -58,8 +52,6 @@ "vscode" "code" - - "obsidian" ]; # Enable the X11 windowing system. @@ -74,7 +66,7 @@ fonts.packages = with pkgs; [ vistafonts corefonts - nerdfonts # nvcahd dependency + nerdfonts # nvchad dependency ]; # Enable sound with pipewire. @@ -88,7 +80,7 @@ pulse.enable = true; }; - # Define a user account. Don't forget to set a password with ‘passwd’. + # Define a user account. users.users.caleb = { isNormalUser = true; description = "caleb"; @@ -144,7 +136,7 @@ hostName = "talos"; system = "x86_64-linux"; protocol = "ssh-ng"; - speedFactor = 3; + speedFactor = 2; supportedFeatures = [ "nixos-test" "benchmark" "big-parallel" "kvm" ]; mandatoryFeatures = [ ]; } @@ -152,18 +144,10 @@ hostName = "january"; system = "x86_64-linux"; protocol = "ssh-ng"; - speedFactor = 4; + speedFactor = 3; supportedFeatures = [ "nixos-test" "benchmark" "big-parallel" "kvm" ]; mandatoryFeatures = [ ]; } - /* { - hostName = "pubnix"; - system = "x86_64-linux"; - protocol = "ssh-ng"; - speedFactor = 2; - supportedFeatures = [ "nixos-test" "benchmark" "big-parallel" "kvm" ]; - mandatoryFeatures = [ ]; - } */ ]; nix.distributedBuilds = true; # optional, useful when the builder has a faster internet connection than yours diff --git a/networking-configuration.nix b/networking-configuration.nix index 8324b4a..adebab1 100644 --- a/networking-configuration.nix +++ b/networking-configuration.nix @@ -25,19 +25,18 @@ # Enable mullvad vpn services.mullvad-vpn.package = pkgs.mullvad-vpn; - #services.resolved.enable = true; - #networking.resolvconf.enable = false; services.mullvad-vpn.enable = true; # Enable tailscale services.tailscale.enable = true; # exclude tailscale IPs from mullvad routing - /* networking.nftables = { + networking.nftables = { enable = true; ruleset = '' define TAILNET_DNS = { - 100.100.100.100 + 100.100.100.100, + 9.9.9.9 } define TAILNET_IPV4 = { 100.64.0.0/10 @@ -52,13 +51,6 @@ ip daddr $TAILNET_DNS tcp dport 53 ct mark set 0x00000f41 meta mark set 0x6d6f6c65; } } - table inet excludeTraffic { - chain excludeOutgoing { - type route hook output priority 0; policy accept; - ip daddr $TAILNET_IPV4 ct mark set 0x00000f41 meta mark set 0x6d6f6c65; - ip6 daddr $TAILNET_IPV6 ct mark set 0x00000f41 meta mark set 0x6d6f6c65; - } - } ''; - }; */ + }; } diff --git a/school-configuration.nix b/school-configuration.nix deleted file mode 100644 index 5563158..0000000 --- a/school-configuration.nix +++ /dev/null @@ -1,15 +0,0 @@ -{ pkgs, ... }: -{ - environment.systemPackages = with pkgs; [ - nmap - wireshark - libstdcxx5 - ]; - - users.users.caleb.packages = with pkgs; [ - python311Packages.pygame - ]; - - #virtualisation.virtualbox.host.enable = true; - #users.extraGroups.vboxusers.members = [ "caleb" ]; -} diff --git a/surfacebook-configuration.nix b/surfacebook-configuration.nix index 96476f7..3bbdf5d 100644 --- a/surfacebook-configuration.nix +++ b/surfacebook-configuration.nix @@ -1,15 +1,4 @@ { config, lib, pkgs, ... }: - -# nvidia-offload script -let - nvidia-offload = pkgs.writeShellScriptBin "nvidia-offload" '' - export __NV_PRIME_RENDER_OFFLOAD=1 - export __NV_PRIME_RENDER_OFFLOAD_PROVIDER=NVIDIA-G0 - export __GLX_VENDOR_LIBRARY_NAME=nvidia - export __VK_LAYER_NV_optimus=NVIDIA_only - exec "$@" - ''; -in { imports = [ @@ -25,7 +14,7 @@ in # Nvidia driver setup hardware.nvidia = { modesetting.enable = true; - package = config.boot.kernelPackages.nvidiaPackages.latest; + package = config.boot.kernelPackages.nvidiaPackages.stable; nvidiaSettings = true; powerManagement = { enable = true;