Commit graph

1729 commits

Author SHA1 Message Date
Simon Bruder a02d3cb883
Use separate state version for every machine
This also uses the system state version as the home-manager state
version.

Fixes #35.
2021-01-31 12:21:05 +01:00
Simon Bruder f211bae4e2
Globally set Let’s Encrypt requirements 2021-01-31 12:21:05 +01:00
Simon Bruder 3304c8e62e
programs: Add poppler_utils 2021-01-30 23:27:53 +01:00
Simon Bruder ebddfd35ba
Update sources 2021-01-30 17:09:25 +01:00
Simon Bruder 1a63539df8
Update readme to better reflect current state
Fixes #7.
2021-01-30 16:43:04 +01:00
Simon Bruder 4664265bb0
Add installation machine
Its configuration does not fit a real machine, but rather serves as a
minimal configuration for new machines during installation.
2021-01-30 16:41:06 +01:00
Simon Bruder d61fc70f23
mpd: Only enable when gui is enabled 2021-01-30 13:27:29 +01:00
Simon Bruder 82d5a24dfa
deploy: Do not fail with broken local config 2021-01-29 16:04:38 +01:00
Simon Bruder 241bc188cb
sayuri: Use performance scaling governor
That machine is not very energy efficient anyway.
2021-01-29 15:54:59 +01:00
Simon Bruder 05a72217aa
Use nixos-hardware for hardware configuration
This removes the manual modules that use options to activate hardware
configuration. It seems to general (e.g. newer Intel GPUs require
different opencl icd) or not flexible enough (in case of the ssd
module).

Closes #21.
2021-01-29 15:50:16 +01:00
Simon Bruder 55fb2cfdda
shell.nix: Add luks remote unlock script
Closes #9.
2021-01-28 19:02:19 +01:00
Simon Bruder e7c6406820
Decouple machine configuration and deployment
This allows custom scripts to access machine-specific variables.
2021-01-28 17:08:08 +01:00
Simon Bruder 204962d0f3
user: Fix gui programs being installed by mistake 2021-01-28 16:35:54 +01:00
Simon Bruder 67fe507a2d
Update sources 2021-01-27 21:55:55 +01:00
Simon Bruder d6df163d2e
Update sources 2021-01-26 18:44:43 +01:00
Simon Bruder 603a006df8
Make routing all traffic over wireguard tunnel work
Fixes #26 (regression introduced in
126a0dad4b)

This is not an ideal solution, since it disables some features of the
firewall. Ideally, the mullvad configuration would be declaratively
managed and include a PostUp and PreDown command that adds routes to the
tunnel endpoint to the physical interface.
2021-01-24 14:44:00 +01:00
Simon Bruder bcbd5e772a
gui: Use better way to enable 32bit opengl support 2021-01-24 12:51:56 +01:00
Simon Bruder 617fc28668
Update sources 2021-01-23 08:53:09 +01:00
Simon Bruder 5ecebf4435
nvim: Add nix snippet for sha256 hash 2021-01-22 20:18:39 +01:00
Simon Bruder 428e8103d9
tools/adb: Use proper way to determine if x86_64 2021-01-20 16:40:36 +01:00
Simon Bruder d8b8e5de93
libvirt: Remove custom option 2021-01-20 16:31:59 +01:00
Simon Bruder e5f90116e8
network-manager: Reformat module 2021-01-20 16:28:52 +01:00
Simon Bruder 64ef37badd
Move global lidSwitchDocked setting to nunotaba 2021-01-20 16:27:51 +01:00
Simon Bruder c1283b6ffa
Add option to disable large packages
Fixes #27

This adds the `sbruder.full` option (enabled by default), which disables
some otherwise enabled packages/modules when disabled. When setting it
to false on a full gui system it reduces the size of the system closure
by over 50%. It is intended for systems with low (main) disk space.
2021-01-20 16:23:18 +01:00
Simon Bruder 80cae99fef
Update sources 2021-01-20 15:32:46 +01:00
Simon Bruder 7a41da6f17
sway: Fix multimedia key bindings 2021-01-19 12:47:03 +01:00
Simon Bruder 9cdf89fe15
firewall: Trust wg-home
Fixes regression introduced in 126a0dad4b.
2021-01-18 00:05:18 +01:00
Simon Bruder 21a8f5a358
Make docker optional 2021-01-17 19:32:01 +01:00
Simon Bruder a68b429a58
Remove user from docker group
This prevents unauthorised programs to effectively be root.
2021-01-17 18:06:12 +01:00
Simon Bruder 973b82c90f
Update sources 2021-01-17 14:01:50 +01:00
Simon Bruder 126a0dad4b
Enable firewall by default
Fixes #25
2021-01-17 11:03:54 +01:00
Simon Bruder b1592a08dc
Update sources 2021-01-16 00:09:51 +01:00
Simon Bruder d35991e700
Update sources 2021-01-11 22:12:57 +01:00
Simon Bruder 3610d32c06
osu-lazer-container: Ensure state directory exists 2021-01-10 21:39:27 +01:00
Simon Bruder 8a4710684d
osu-lazer-container: Respect XDG_DATA_HOME 2021-01-10 21:39:04 +01:00
Simon Bruder 73f4c7080b
bwrap-helper: Do not filter dbus socket
This is not ideal security-wise, but the only way to protect my sanity
from whatever steam and some of my games try to do with the dbus socket.
2021-01-09 12:53:34 +01:00
Simon Bruder 39742c8fbd
restic: Remove hostname from service name 2021-01-08 21:33:45 +01:00
Simon Bruder a981641273
Disable waifu2x-converter-cpp
The build is currently broken in nixos unstable (git bisect says since
af802654b91e150fdaa8e32c29a0eefbdf953597). However, in a manual build
(outside of nix), it builds with gcc 10. It probably has to do with
flags that are passed.
2021-01-08 21:16:24 +01:00
Simon Bruder 8cdc023f57
Update sources 2021-01-08 14:30:43 +01:00
Simon Bruder 7152112076
home/games: Add module and option 2021-01-07 18:29:18 +01:00
Simon Bruder dfc4bab334
home: Deduplicate inheritance of nixos options
Fixes #17
2021-01-07 18:22:21 +01:00
Simon Bruder b586b7d2b5
overlay: Add osu-lazer-container 2021-01-07 17:31:22 +01:00
Simon Bruder a1efb5faa1
overlay: Add osu-lazer with faster start patch 2021-01-07 17:28:08 +01:00
Simon Bruder f5b383ddbc
Add overlay wrapper for custom overlay 2021-01-07 17:17:43 +01:00
Simon Bruder e2d93ea30e
Add bwrap-helper 2021-01-07 17:11:31 +01:00
Simon Bruder 37c54887b9
Add custom overlay
Fixes #20
2021-01-07 17:10:32 +01:00
Simon Bruder a44f1fd1ac
Add optional ssh server to initrd 2021-01-07 13:39:25 +01:00
Simon Bruder f1620679d4
deploy: Make secrets deployment optional 2021-01-07 12:32:43 +01:00
Simon Bruder 2b6a7bc1f6
deploy: Make options actually work 2021-01-06 23:41:33 +01:00
Simon Bruder 9a65a81c3c
tools: Only enable adb on x86_64-linux
Since it at least fails to build on aarch64.
2021-01-06 23:40:52 +01:00