etc/nix/configuration.nix: Add working usurpador configuration

author: EuAndreh <eu@euandre.org> 2023-02-17 09:34:07 -0300
committer: EuAndreh <eu@euandre.org> 2023-02-17 09:34:07 -0300
commit: 44149a930e960104146ddd89be4e2dbdd18ae76e (patch)
tree: e7cc30a8edaa528f7f6cfd7d3fc4d52f7394ff44 /etc/nix
parent: etc/xmonad/xmonad.hs: Add missing utility keybindings (diff)
download: dotfiles-44149a930e960104146ddd89be4e2dbdd18ae76e.tar.gz
dotfiles-44149a930e960104146ddd89be4e2dbdd18ae76e.tar.xz
1 files changed, 320 insertions, 0 deletions
diff --git a/etc/nix/configuration.nix b/etc/nix/configuration.nix
new file mode 100644
index 0000000..cfe6817
--- /dev/null
+++ b/etc/nix/configuration.nix
@@ -0,0 +1,320 @@
+{ config, pkgs, ... }:
+
+# rollback to a previously working channel version, useful
+# when "doas nixos-rebuild switch --upgrade" breaks:
+#
+# $ doas nix-channel --rollback
+
+let
+  work = {
+    packages = with pkgs; {
+      proprietary = [
+        slack
+        zoom-us
+      ];
+    };
+  };
+in {
+  imports = [ /etc/nixos/hardware-configuration.nix ];
+
+  # Use the systemd-boot EFI boot loader.
+  boot = {
+    loader = {
+      efi.canTouchEfiVariables = true;
+      grub = {
+        enable = true;
+        version = 2;
+        efiSupport = true;
+        device = "nodev";
+      };
+    };
+    initrd.luks.devices = {
+      crypted = {
+        device = "/dev/nvme0n1p2";
+        preLVM = true;
+      };
+    };
+  };
+
+  hardware = {
+    bluetooth.enable = true;
+    pulseaudio = {
+      package = pkgs.pulseaudioFull;
+      enable = true;
+      extraConfig = ''
+        # Switch between headset and headphone mode (e.g. for calls and music) automatically
+        load-module module-bluetooth-policy auto_switch=2
+        # Echo cancellation and noise cleanup of mic
+        load-module module-echo-cancel aec_method=webrtc
+
+        # https://til.flourishing.stream/2020/05/24/cancelamento-de-ruido-pulseaudio/
+        ### Enable Echo/Noise-Cancellation
+        load-module module-echo-cancel use_master_format=1 aec_method=webrtc aec_args="analog_gain_control=0\ digital_gain_control=1" source_name=echoCancel_source sink_name=echoCancel_sink
+        set-default-source echoCancel_source
+        set-default-sink echoCancel_sink
+      '';
+    };
+  };
+
+  networking = {
+    hostName = "usurpador";
+    networkmanager.enable = true;
+  };
+
+  console = {
+    keyMap = "br-abnt2";
+  };
+
+  # Select internationalisation properties.
+  i18n = {
+    defaultLocale = "fr_FR.UTF-8";
+  };
+
+  # Set your time zone.
+  time.timeZone = "America/Sao_Paulo";
+
+  documentation = {
+    enable = true;
+    man.enable = true;
+    dev.enable = true;
+    man.generateCaches = true;
+    nixos.includeAllModules = true;
+  };
+
+  environment = {
+    enableDebugInfo = true;
+
+    systemPackages = let
+      pkgs-19 = import (fetchTarball
+        "https://github.com/NixOS/nixpkgs/archive/b0d748e244df6c977b2a1db3873ffdc271e59615.tar.gz")
+        { };
+
+    in with pkgs;
+    [
+      ## DVCS
+      pkgs-19.bitkeeper
+
+      ## CLI tools
+      bash-completion
+      nix-bash-completions
+      rq
+      st
+      xsel
+      kubernetes
+
+      ## xmonad
+      xclip
+      xorg.xmodmap
+      xorg.xmessage
+      xorg.xbacklight
+      lightdm
+      haskellPackages.xmobar
+    ] ++ work.packages.proprietary;
+  };
+
+  nixpkgs = let allow-unfree = builtins.length work.packages.proprietary > 0;
+  in {
+    config = {
+      android_sdk.accept_license = allow-unfree;
+      allowUnfree = allow-unfree;
+    };
+  };
+
+  programs = {
+    bash.enableCompletion = true;
+  };
+
+  services = {
+    upower.enable = true;
+    flatpak.enable = true;
+
+    openssh = {
+      enable = true;
+      settings = {
+        PermitRootLogin = "no";
+        PasswordAuthentication = false;
+      };
+    };
+
+    # required by vagrant+libvirt
+    nfs.server.enable = true;
+
+    # Required for local network printer
+    avahi = {
+      enable = true;
+      nssmdns = true;
+      extraServiceFiles = {
+        ssh = "${pkgs.avahi}/etc/avahi/services/ssh.service";
+      };
+      hostName = "usurpadinho";
+      publish = {
+        enable = true;
+        addresses = true;
+        domain = true;
+        userServices = true;
+        workstation = true;
+        hinfo = true;
+      };
+      reflector = true;
+    };
+
+    printing = {
+      enable = true;
+      drivers = let
+        epson-201401w = with pkgs;
+          stdenv.mkDerivation rec {
+            v = "201401w";
+            pname = "epson-${v}";
+            version = "1.0.0";
+
+            src = fetchurl {
+              urls = [
+                "https://download.ebz.epson.net/dsc/op/stable/SRPMS/epson-inkjet-printer-${v}-${version}-1lsb3.2.src.rpm"
+                "https://download3.ebz.epson.net/dsc/f/03/00/03/45/41/92e9c9254f0ee4230a069545ba27ec2858a2c457/epson-inkjet-printer-201401w-1.0.0-1lsb3.2.src.rpm"
+              ];
+              sha256 = "0c60m1sd59s4sda38dc5nniwa7dh1b0kv1maajr0x9d38gqlyk3x";
+            };
+
+            nativeBuildInputs = [ rpmextract autoreconfHook file ];
+
+            buildInputs = [ libjpeg cups ];
+
+            unpackPhase = ''
+              rpmextract $src
+              tar -zxf epson-inkjet-printer-${v}-${version}.tar.gz
+              tar -zxf epson-inkjet-printer-filter-${version}.tar.gz
+              for ppd in epson-inkjet-printer-${v}-${version}/ppds/*; do
+                      substituteInPlace $ppd --replace "/opt/epson-inkjet-printer-${v}" "$out"
+                      substituteInPlace $ppd --replace "/cups/lib" "/lib/cups"
+              done
+              cd epson-inkjet-printer-filter-${version}
+            '';
+
+            postInstall = ''
+              cd ../epson-inkjet-printer-${v}-${version}
+              cp -a lib64 resource watermark $out
+              mkdir -p $out/share/cups/model/epson-inkjet-printer-${v}
+              cp -a ppds $out/share/cups/model/epson-inkjet-printer-${v}/
+              cp -a Manual.txt $out/doc/
+              cp -a README $out/doc/README.driver
+            '';
+          };
+      in [
+        epson-201401w
+      ];
+    };
+
+    xserver = {
+      enable = true;
+      layout = "br";
+      xkbOptions = "caps:swapescape";
+
+      # Touchpad support
+      libinput.enable = true;
+
+      config = ''
+        Section "Device"
+          Identifier  "Intel Graphics"
+          Driver      "intel01"
+          Option      "Backlight"  "intel_backlight"
+        EndSection
+      '';
+
+      windowManager.xmonad = {
+        enable = true;
+        enableContribAndExtras = true;
+      };
+      displayManager = {
+        defaultSession = "none+xmonad";
+
+        lightdm.enable = true;
+
+        # The config inception was inspired by:
+        # http://ubuntuforum-br.org/index.php?topic=13784.0
+        # Lambda symbol name taken from:
+        # http://wiki.linuxquestions.org/wiki/List_of_Keysyms_Recognised_by_Xmodmap
+        # To test a keycode:
+        # xmodmap -e 'keycode 118 = bar Greek_lamda'
+        sessionCommands = ''
+          ${pkgs.fvwm}/bin/xpmroot  ~/annex/docs/emotion.png &
+        '';
+      };
+    };
+
+    blueman.enable = true;
+    pcscd.enable = true;
+  };
+
+  users = {
+    extraUsers = let
+      andrehUser = {
+        andreh = {
+          isNormalUser = true;
+          uid = 1000;
+          description = "EuAndreh";
+          extraGroups = [ "wheel" "networkmanager" "libvirtd" "docker" ];
+        };
+      };
+      # From the Guix manual:
+      # https://www.gnu.org/software/guix/manual/en/html_node/Build-Environment-Setup.html#Build-Environment-Setup
+      buildUser = (i: {
+        "guixbuilder${i}" = { # guixbuilder$i
+          group = "guixbuild"; # -g guixbuild
+          extraGroups = [ "guixbuild" ]; # -G guixbuild
+          home = "/var/empty"; # -d /var/empty
+          shell = pkgs.shadow; # -s `which nologin`
+          description = "Guix build user ${i}"; # -c "Guix buid user $i"
+          isSystemUser = true; # --system
+        };
+      });
+      # merge all users
+    in pkgs.lib.fold (str: acc: acc // buildUser str) andrehUser
+    # for i in `seq -w 1 10`
+    (map (pkgs.lib.fixedWidthNumber 2) (builtins.genList (n: n + 1) 10));
+
+    extraGroups.guixbuild = { name = "guixbuild"; };
+  };
+
+  systemd = {
+    services = {
+      # Derived from Guix guix-daemon.service.in
+      # https://git.savannah.gnu.org/cgit/guix.git/tree/etc/guix-daemon.service.in?id=00c86a888488b16ce30634d3a3a9d871ed6734a2
+      guix-daemon = {
+        enable = true;
+        description = "Build daemon for GNU Guix";
+        serviceConfig = {
+          ExecStart =
+            "/var/guix/profiles/per-user/root/current-guix/bin/guix-daemon --build-users-group=guixbuild --substitute-urls='https://substitutes.nonguix.org https://ci.guix.gnu.org https://bordeaux.guix.gnu.org'";
+        };
+        wantedBy = [ "multi-user.target" ];
+      };
+    };
+    user.services = {
+      mpris-proxy = {
+        enable = false;
+        description = "Mpris proxy, added to support bluetooth media keys";
+        serviceConfig = {
+          After = [ "network.target" "sound.target" ];
+          ExecStart = "${pkgs.bluez}/bin/mpris-proxy";
+          WantedBy = [ "default.target" ];
+        };
+      };
+    };
+  };
+
+  system = {
+    stateVersion = "20.03";
+    autoUpgrade = {
+      enable = true;
+      dates = "0:10";
+    };
+  };
+
+  xdg.portal = {
+    enable = true;
+    extraPortals = [ pkgs.xdg-desktop-portal-gtk ];
+  };
+
+  virtualisation.libvirtd.enable = true;
+  virtualisation.docker.enable = true;
+}
author	EuAndreh <eu@euandre.org>	2023-02-17 09:34:07 -0300
committer	EuAndreh <eu@euandre.org>	2023-02-17 09:34:07 -0300
commit	44149a930e960104146ddd89be4e2dbdd18ae76e (patch)
tree	e7cc30a8edaa528f7f6cfd7d3fc4d52f7394ff44 /etc/nix
parent	etc/xmonad/xmonad.hs: Add missing utility keybindings (diff)
download	dotfiles-44149a930e960104146ddd89be4e2dbdd18ae76e.tar.gz dotfiles-44149a930e960104146ddd89be4e2dbdd18ae76e.tar.xz