end of semester update
This commit is contained in:
parent
15283725f0
commit
6eca6b0950
|
@ -18,10 +18,9 @@
|
||||||
tor-browser-bundle-bin
|
tor-browser-bundle-bin
|
||||||
yubikey-manager-qt
|
yubikey-manager-qt
|
||||||
libsForQt5.kdeconnect-kde
|
libsForQt5.kdeconnect-kde
|
||||||
obsidian
|
|
||||||
|
|
||||||
# virtualisation
|
# virtualisation
|
||||||
podman-compose
|
docker-compose
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
|
|
||||||
|
@ -46,14 +45,10 @@
|
||||||
# yubikey
|
# yubikey
|
||||||
services.pcscd.enable = true;
|
services.pcscd.enable = true;
|
||||||
|
|
||||||
# podman and libvirt
|
# docker and libvirt
|
||||||
programs.virt-manager.enable = true;
|
programs.virt-manager.enable = true;
|
||||||
virtualisation = {
|
virtualisation = {
|
||||||
podman = {
|
docker.enable = true;
|
||||||
enable = true;
|
|
||||||
dockerCompat = true;
|
|
||||||
defaultNetwork.settings.dns_enabled = true;
|
|
||||||
};
|
|
||||||
|
|
||||||
# enable libvirt
|
# enable libvirt
|
||||||
spiceUSBRedirection.enable = true;
|
spiceUSBRedirection.enable = true;
|
||||||
|
@ -75,5 +70,5 @@
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
users.users.caleb.extraGroups = [ "libvirtd" ];
|
users.users.caleb.extraGroups = [ "libvirtd" "docker" ];
|
||||||
}
|
}
|
||||||
|
|
|
@ -8,7 +8,6 @@
|
||||||
./networking-configuration.nix
|
./networking-configuration.nix
|
||||||
./application-configuration.nix
|
./application-configuration.nix
|
||||||
./software-development-configuration.nix
|
./software-development-configuration.nix
|
||||||
./school-configuration.nix
|
|
||||||
./faf-linux.nix
|
./faf-linux.nix
|
||||||
];
|
];
|
||||||
|
|
||||||
|
@ -37,11 +36,6 @@
|
||||||
driSupport32Bit = true;
|
driSupport32Bit = true;
|
||||||
};
|
};
|
||||||
|
|
||||||
# Allow unfree and insecure packages
|
|
||||||
nixpkgs.config.permittedInsecurePackages = [
|
|
||||||
"electron-25.9.0"
|
|
||||||
];
|
|
||||||
|
|
||||||
nixpkgs.config.allowUnfreePredicate = pkg: builtins.elem (lib.getName pkg) [
|
nixpkgs.config.allowUnfreePredicate = pkg: builtins.elem (lib.getName pkg) [
|
||||||
"vista-fonts"
|
"vista-fonts"
|
||||||
"corefonts"
|
"corefonts"
|
||||||
|
@ -58,8 +52,6 @@
|
||||||
|
|
||||||
"vscode"
|
"vscode"
|
||||||
"code"
|
"code"
|
||||||
|
|
||||||
"obsidian"
|
|
||||||
];
|
];
|
||||||
|
|
||||||
# Enable the X11 windowing system.
|
# Enable the X11 windowing system.
|
||||||
|
@ -74,7 +66,7 @@
|
||||||
fonts.packages = with pkgs; [
|
fonts.packages = with pkgs; [
|
||||||
vistafonts
|
vistafonts
|
||||||
corefonts
|
corefonts
|
||||||
nerdfonts # nvcahd dependency
|
nerdfonts # nvchad dependency
|
||||||
];
|
];
|
||||||
|
|
||||||
# Enable sound with pipewire.
|
# Enable sound with pipewire.
|
||||||
|
@ -88,7 +80,7 @@
|
||||||
pulse.enable = true;
|
pulse.enable = true;
|
||||||
};
|
};
|
||||||
|
|
||||||
# Define a user account. Don't forget to set a password with ‘passwd’.
|
# Define a user account.
|
||||||
users.users.caleb = {
|
users.users.caleb = {
|
||||||
isNormalUser = true;
|
isNormalUser = true;
|
||||||
description = "caleb";
|
description = "caleb";
|
||||||
|
@ -144,7 +136,7 @@
|
||||||
hostName = "talos";
|
hostName = "talos";
|
||||||
system = "x86_64-linux";
|
system = "x86_64-linux";
|
||||||
protocol = "ssh-ng";
|
protocol = "ssh-ng";
|
||||||
speedFactor = 3;
|
speedFactor = 2;
|
||||||
supportedFeatures = [ "nixos-test" "benchmark" "big-parallel" "kvm" ];
|
supportedFeatures = [ "nixos-test" "benchmark" "big-parallel" "kvm" ];
|
||||||
mandatoryFeatures = [ ];
|
mandatoryFeatures = [ ];
|
||||||
}
|
}
|
||||||
|
@ -152,18 +144,10 @@
|
||||||
hostName = "january";
|
hostName = "january";
|
||||||
system = "x86_64-linux";
|
system = "x86_64-linux";
|
||||||
protocol = "ssh-ng";
|
protocol = "ssh-ng";
|
||||||
speedFactor = 4;
|
speedFactor = 3;
|
||||||
supportedFeatures = [ "nixos-test" "benchmark" "big-parallel" "kvm" ];
|
supportedFeatures = [ "nixos-test" "benchmark" "big-parallel" "kvm" ];
|
||||||
mandatoryFeatures = [ ];
|
mandatoryFeatures = [ ];
|
||||||
}
|
}
|
||||||
/* {
|
|
||||||
hostName = "pubnix";
|
|
||||||
system = "x86_64-linux";
|
|
||||||
protocol = "ssh-ng";
|
|
||||||
speedFactor = 2;
|
|
||||||
supportedFeatures = [ "nixos-test" "benchmark" "big-parallel" "kvm" ];
|
|
||||||
mandatoryFeatures = [ ];
|
|
||||||
} */
|
|
||||||
];
|
];
|
||||||
nix.distributedBuilds = true;
|
nix.distributedBuilds = true;
|
||||||
# optional, useful when the builder has a faster internet connection than yours
|
# optional, useful when the builder has a faster internet connection than yours
|
||||||
|
|
|
@ -25,19 +25,18 @@
|
||||||
|
|
||||||
# Enable mullvad vpn
|
# Enable mullvad vpn
|
||||||
services.mullvad-vpn.package = pkgs.mullvad-vpn;
|
services.mullvad-vpn.package = pkgs.mullvad-vpn;
|
||||||
#services.resolved.enable = true;
|
|
||||||
#networking.resolvconf.enable = false;
|
|
||||||
services.mullvad-vpn.enable = true;
|
services.mullvad-vpn.enable = true;
|
||||||
|
|
||||||
# Enable tailscale
|
# Enable tailscale
|
||||||
services.tailscale.enable = true;
|
services.tailscale.enable = true;
|
||||||
|
|
||||||
# exclude tailscale IPs from mullvad routing
|
# exclude tailscale IPs from mullvad routing
|
||||||
/* networking.nftables = {
|
networking.nftables = {
|
||||||
enable = true;
|
enable = true;
|
||||||
ruleset = ''
|
ruleset = ''
|
||||||
define TAILNET_DNS = {
|
define TAILNET_DNS = {
|
||||||
100.100.100.100
|
100.100.100.100,
|
||||||
|
9.9.9.9
|
||||||
}
|
}
|
||||||
define TAILNET_IPV4 = {
|
define TAILNET_IPV4 = {
|
||||||
100.64.0.0/10
|
100.64.0.0/10
|
||||||
|
@ -52,13 +51,6 @@
|
||||||
ip daddr $TAILNET_DNS tcp dport 53 ct mark set 0x00000f41 meta mark set 0x6d6f6c65;
|
ip daddr $TAILNET_DNS tcp dport 53 ct mark set 0x00000f41 meta mark set 0x6d6f6c65;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
table inet excludeTraffic {
|
|
||||||
chain excludeOutgoing {
|
|
||||||
type route hook output priority 0; policy accept;
|
|
||||||
ip daddr $TAILNET_IPV4 ct mark set 0x00000f41 meta mark set 0x6d6f6c65;
|
|
||||||
ip6 daddr $TAILNET_IPV6 ct mark set 0x00000f41 meta mark set 0x6d6f6c65;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
'';
|
'';
|
||||||
}; */
|
};
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,15 +0,0 @@
|
||||||
{ pkgs, ... }:
|
|
||||||
{
|
|
||||||
environment.systemPackages = with pkgs; [
|
|
||||||
nmap
|
|
||||||
wireshark
|
|
||||||
libstdcxx5
|
|
||||||
];
|
|
||||||
|
|
||||||
users.users.caleb.packages = with pkgs; [
|
|
||||||
python311Packages.pygame
|
|
||||||
];
|
|
||||||
|
|
||||||
#virtualisation.virtualbox.host.enable = true;
|
|
||||||
#users.extraGroups.vboxusers.members = [ "caleb" ];
|
|
||||||
}
|
|
|
@ -1,15 +1,4 @@
|
||||||
{ config, lib, pkgs, ... }:
|
{ config, lib, pkgs, ... }:
|
||||||
|
|
||||||
# nvidia-offload script
|
|
||||||
let
|
|
||||||
nvidia-offload = pkgs.writeShellScriptBin "nvidia-offload" ''
|
|
||||||
export __NV_PRIME_RENDER_OFFLOAD=1
|
|
||||||
export __NV_PRIME_RENDER_OFFLOAD_PROVIDER=NVIDIA-G0
|
|
||||||
export __GLX_VENDOR_LIBRARY_NAME=nvidia
|
|
||||||
export __VK_LAYER_NV_optimus=NVIDIA_only
|
|
||||||
exec "$@"
|
|
||||||
'';
|
|
||||||
in
|
|
||||||
{
|
{
|
||||||
imports =
|
imports =
|
||||||
[
|
[
|
||||||
|
@ -25,7 +14,7 @@ in
|
||||||
# Nvidia driver setup
|
# Nvidia driver setup
|
||||||
hardware.nvidia = {
|
hardware.nvidia = {
|
||||||
modesetting.enable = true;
|
modesetting.enable = true;
|
||||||
package = config.boot.kernelPackages.nvidiaPackages.latest;
|
package = config.boot.kernelPackages.nvidiaPackages.stable;
|
||||||
nvidiaSettings = true;
|
nvidiaSettings = true;
|
||||||
powerManagement = {
|
powerManagement = {
|
||||||
enable = true;
|
enable = true;
|
||||||
|
|
Loading…
Reference in New Issue
Block a user