nom-nom-nix-gc/machines/thinkpad.nix

{ config, lib, pkgs, ... }:
let
  myusers = import ../users.nix                  { inherit pkgs; };
  mypkgs  = import ../packages.nix               { inherit pkgs; };
  i3      = import ../modules/software-config/i3.nix     { inherit pkgs; };
  vimInit = import ../modules/software-config/neovim.nix { inherit pkgs; };
  sources = import ../nix/sources.nix { };
  keys    = import ../keys.nix  {};

  nixos-hardware     = (import ../nix/sources.nix { }).nixos-hardware;
in {
  imports =
    [
      ../modules/core.nix
      ../modules/core-graphical-computers.nix
      ./thinkpad-hardware-configuration.nix
      "${nixos-hardware}/lenovo/thinkpad/x250"
    ];

  nixpkgs = {
    overlays = [ (import ../custom-pkgs/default.nix) ];
    config = {
      allowUnfree = true;
      packageOverrides = super: {
        mumble_git = super.mumble_git.override {
          pulseSupport = true;
          libpulseaudio = pkgs.libpulseaudio;
        };
      };
    };
  };
  # Use the GRUB 2 boot loader.
  boot = {
    loader.grub = {
       enable = true;
       enableCryptodisk = true;
       version = 2;
       device = "/dev/sda";
    };
  };
 services.prometheus = {
   enable = false;
   scrapeConfigs = [ {
     job_name = "prometheus";
     scrape_interval = "5s";
     static_configs = [{
       targets = ["localhost:9090"];
     }];
   }];
 };

 services.emacs = {
   enable = true;
   defaultEditor = true;
   package = pkgs.ninjatrappeur-pkgs.configured-emacs;
 };

 services.printing = {
   enable = true;
   drivers = [  pkgs.splix pkgs.ninjatrappeur-pkgs.hll2350dw-cups ];
 };

# systemd.network = {
#   enable = true;
#   networks = {
#     "98-nope" = {
#       matchConfig = { Name = "enp* wlp*"; };
#       linkConfig.Unmanaged = true;
#     };
#     "80-wlan" = {
#       enable = true;
#       matchConfig = { Name = "wlp3s0"; };
#       address = [ "192.168.1.1/24" ];
#       dhcpServerConfig = { EmitDNS = true; DNS = [ "80.67.169.12" "80.67.169.40" ]; PoolOffset = 10; EmitRouter = true; };
#       networkConfig = { IPForward = "yes"; IPMasquerade = "yes"; DHCPServer = true; };
#     };
#   };
# };


 services.openssh = {
   enable = true;
   settings = {
     PasswordAuthentication = false;
     KbdInteractiveAuthentication = false;
     PermitRootLogin = "no";
   };
 };

 networking = {
   hostName = "thinkpad-nix";
   firewall = {
     allowedUDPPorts = [
       # Patchwork discovery
       8008
     ];
     allowedTCPPorts = [
       # HTTP
       8000
       # Patchwork
       8008
     ];
   };
   networkmanager.enable = true;
 };

  networking.wireguard.interfaces."wg-extended-lan" = {
    privateKey = builtins.readFile /home/ninjatrappeur/.vpn/extended-lan.key;
    ips = ["192.168.166.2"];
    peers = [{
      endpoint            = "seldon.alternativebit.fr:51822";
      publicKey           = "ZdeqXN3Q8ZBPCWVW6pFzIBF3iS8zlVMGAj8bcePj3zk=";
      allowedIPs          = ["192.168.166.1/32" "192.168.11.0/24"];
      persistentKeepalive = 25;
    }];
  };

  users = {
    extraUsers.ninjatrappeur= {
      isNormalUser = true;
      home         = myusers.ninjatrappeur.home;
      extraGroups  = myusers.ninjatrappeur.extraGroups;
      shell        = myusers.ninjatrappeur.shell;
      openssh.authorizedKeys.keys = pkgs.lib.attrsets.attrValues keys.ninjatrappeur;
    };
    extraGroups.vboxusers.members = [ "user-with-access-to-virtualbox" ];
  };

  services.syncthing = {
    user    = myusers.ninjatrappeur.name;
    dataDir = "${myusers.ninjatrappeur.home}/.config/syncthing";
  };

  programs.bcc.enable = true;

  home-manager.users.ninjatrappeur = {
    home.stateVersion = "18.09";
    services.mako = {
      enable = true;
      anchor = "top-center";
    };

    home.file = {
      ".notmuch-config".source = ../raw-conf-files/email/notmuch-config;
      ".config/msmtp/config".source = ../raw-conf-files/email/msmtp;
    };
  };

  services.xserver= {
    xkbOptions = "caps:swapescape";
    displayManager.defaultSession = "xfce+i3";
    libinput = {
      enable = true;
      touchpad = {
        disableWhileTyping = true;
        scrollMethod = "twofinger";
        tapping = true;
      };
    };

    desktopManager = {
      xterm.enable = false;
      gnome.enable = true;
      xfce = {
        enable = true;
        noDesktop = true;
        enableXfwm = false;
      };
    };
    windowManager.i3 = {
      enable = true;
      configFile = builtins.toPath (pkgs.writeText "thinkpad-i3-config" i3.thinkpad-config);
    };
  };

  virtualisation = {
    #virtualbox.host.enable = true;
    #docker.enable = true;
  };

  nix = {
    settings = {
      trusted-users = [ "root" "${myusers.ninjatrappeur.name}" ];
      sandbox = true;
    };
    extraOptions = ''
      builders-use-substitutes = true
      experimental-features = nix-command flakes
    '';
    nixPath = [
      "nixpkgs=${sources.nixpkgs}"
      "nixos-config=/etc/nixos/configuration.nix"
    ];
  };

  environment.systemPackages =
    mypkgs.common ++ mypkgs.dev ++ mypkgs.media ++ mypkgs.graphic-apps
    ++ mypkgs.laptop ++ [
      pkgs.brightnessctl
      pkgs.gnome.nautilus
      pkgs.gnome.eog
      pkgs.gnome.gvfs
      pkgs.evince
      pkgs.languagetool
      pkgs.remmina
      pkgs.carla
      (pkgs.hunspellWithDicts [
        pkgs.hunspellDicts.en-gb-ise
        pkgs.hunspellDicts.en-gb-ize
        pkgs.hunspellDicts.en-us
        pkgs.hunspellDicts.fr-any
        pkgs.hunspellDicts.fr-moderne
    ])
    ];

    system = {
      stateVersion = "18.09";
      userActivationScripts =  {
        vimConfigSetup = {
          text = ''
            ln -fs "${vimInit.neovim-config}" "${myusers.ninjatrappeur.home}/.config/nvim/init.vim"
            '';
          deps = [];
        };
      };
    };
}
Forgot some WG config... 2018-05-21 19:48:20 +02:00			`{ config, lib, pkgs, ... }:`
Update thinkpad conf according to last refactoring 2019-01-16 21:38:26 +01:00			`let`
Tree-wide: reshaping this repository's tree This configuration grew kinda organically. It got pretty messy, it was time to cleanup everything. There are now 3 new top-level important directories: - machines: containing the top-level machines definitions. - modules: containing the various nixos modules I'm using. - custom-pkgs: containing the home made pkgs. 2020-05-02 18:25:47 +02:00			`myusers = import ../users.nix { inherit pkgs; };`
			`mypkgs = import ../packages.nix { inherit pkgs; };`
			`i3 = import ../modules/software-config/i3.nix { inherit pkgs; };`
			`vimInit = import ../modules/software-config/neovim.nix { inherit pkgs; };`
Thinkpad: add ssh server 2021-05-13 10:21:03 +02:00			`sources = import ../nix/sources.nix { };`
			`keys = import ../keys.nix {};`
thinkpad: add nixos hardware conf 2020-06-23 14:11:59 +02:00
			`nixos-hardware = (import ../nix/sources.nix { }).nixos-hardware;`
Update thinkpad conf according to last refactoring 2019-01-16 21:38:26 +01:00			`in {`
Add thinkpad config. 2018-04-14 17:59:44 +02:00			`imports =`
Use nixos neovim config on Desktop 2019-02-10 19:31:34 +01:00			`[`
Tree-wide: reshaping this repository's tree This configuration grew kinda organically. It got pretty messy, it was time to cleanup everything. There are now 3 new top-level important directories: - machines: containing the top-level machines definitions. - modules: containing the various nixos modules I'm using. - custom-pkgs: containing the home made pkgs. 2020-05-02 18:25:47 +02:00			`../modules/core.nix`
			`../modules/core-graphical-computers.nix`
Add thinkpad config. 2018-04-14 17:59:44 +02:00			`./thinkpad-hardware-configuration.nix`
thinkpad: add nixos hardware conf 2020-06-23 14:11:59 +02:00			`"${nixos-hardware}/lenovo/thinkpad/x250"`
Add thinkpad config. 2018-04-14 17:59:44 +02:00			`];`

thinkpad: update config 2021-02-01 20:26:53 +01:00			`nixpkgs = {`
			`overlays = [ (import ../custom-pkgs/default.nix) ];`
			`config = {`
			`allowUnfree = true;`
			`packageOverrides = super: {`
			`mumble_git = super.mumble_git.override {`
			`pulseSupport = true;`
			`libpulseaudio = pkgs.libpulseaudio;`
			`};`
			`};`
			`};`
			`};`
Add thinkpad config. 2018-04-14 17:59:44 +02:00			`# Use the GRUB 2 boot loader.`
Forgot some WG config... 2018-05-21 19:48:20 +02:00			`boot = {`
			`loader.grub = {`
			`enable = true;`
			`enableCryptodisk = true;`
			`version = 2;`
			`device = "/dev/sda";`
			`};`
Add thinkpad config. 2018-04-14 17:59:44 +02:00			`};`
Update thinkpad. 2019-08-26 00:36:03 +02:00			`services.prometheus = {`
Seldon: add emacs config 2020-10-07 22:07:33 +02:00			`enable = false;`
Update thinkpad. 2019-08-26 00:36:03 +02:00			`scrapeConfigs = [ {`
			`job_name = "prometheus";`
			`scrape_interval = "5s";`
			`static_configs = [{`
			`targets = ["localhost:9090"];`
			`}];`
			`}];`
			`};`
Add thinkpad config. 2018-04-14 17:59:44 +02:00
Seldon: add emacs config 2020-10-07 22:07:33 +02:00			`services.emacs = {`
			`enable = true;`
			`defaultEditor = true;`
			`package = pkgs.ninjatrappeur-pkgs.configured-emacs;`
			`};`

			`services.printing = {`
			`enable = true;`
Add brother printer cups driver 2021-02-01 20:13:13 +01:00			`drivers = [ pkgs.splix pkgs.ninjatrappeur-pkgs.hll2350dw-cups ];`
Seldon: add emacs config 2020-10-07 22:07:33 +02:00			`};`

Update thinkpad. 2019-08-26 00:36:03 +02:00			`# systemd.network = {`
			`# enable = true;`
			`# networks = {`
			`# "98-nope" = {`
			`# matchConfig = { Name = "enp* wlp*"; };`
			`# linkConfig.Unmanaged = true;`
			`# };`
			`# "80-wlan" = {`
			`# enable = true;`
			`# matchConfig = { Name = "wlp3s0"; };`
			`# address = [ "192.168.1.1/24" ];`
			`# dhcpServerConfig = { EmitDNS = true; DNS = [ "80.67.169.12" "80.67.169.40" ]; PoolOffset = 10; EmitRouter = true; };`
			`# networkConfig = { IPForward = "yes"; IPMasquerade = "yes"; DHCPServer = true; };`
			`# };`
			`# };`
			`# };`
Thinkpad: add ssh server 2021-05-13 10:21:03 +02:00
nixpkgs: bump 2023-04-20 10:20:39 +02:00
			`services.openssh = {`
Thinkpad: add ssh server 2021-05-13 10:21:03 +02:00			`enable = true;`
nixpkgs: bump 2023-04-20 10:20:39 +02:00			`settings = {`
			`PasswordAuthentication = false;`
			`KbdInteractiveAuthentication = false;`
			`PermitRootLogin = "no";`
			`};`
Thinkpad: add ssh server 2021-05-13 10:21:03 +02:00			`};`

Update thinkpad. 2019-08-26 00:36:03 +02:00			`networking = {`
			`hostName = "thinkpad-nix";`
			`firewall = {`
			`allowedUDPPorts = [`
			`# Patchwork discovery`
			`8008`
			`];`
			`allowedTCPPorts = [`
			`# HTTP`
			`8000`
			`# Patchwork`
			`8008`
			`];`
			`};`
			`networkmanager.enable = true;`
			`};`
Add thinkpad config. 2018-04-14 17:59:44 +02:00
thinkpad: setup extended-lan VPN 2022-11-08 15:38:31 +01:00			`networking.wireguard.interfaces."wg-extended-lan" = {`
			`privateKey = builtins.readFile /home/ninjatrappeur/.vpn/extended-lan.key;`
			`ips = ["192.168.166.2"];`
			`peers = [{`
			`endpoint = "seldon.alternativebit.fr:51822";`
			`publicKey = "ZdeqXN3Q8ZBPCWVW6pFzIBF3iS8zlVMGAj8bcePj3zk=";`
			`allowedIPs = ["192.168.166.1/32" "192.168.11.0/24"];`
			`persistentKeepalive = 25;`
			`}];`
			`};`
Forgot some WG config... 2018-05-21 19:48:20 +02:00
Update thinkpad virtualbox service.$ 2019-05-03 21:51:46 +02:00			`users = {`
			`extraUsers.ninjatrappeur= {`
Add thinkpad config. 2018-04-14 17:59:44 +02:00			`isNormalUser = true;`
Update thinkpad conf according to last refactoring 2019-01-16 21:38:26 +01:00			`home = myusers.ninjatrappeur.home;`
			`extraGroups = myusers.ninjatrappeur.extraGroups;`
			`shell = myusers.ninjatrappeur.shell;`
Thinkpad: add ssh server 2021-05-13 10:21:03 +02:00			`openssh.authorizedKeys.keys = pkgs.lib.attrsets.attrValues keys.ninjatrappeur;`
Update thinkpad virtualbox service.$ 2019-05-03 21:51:46 +02:00			`};`
			`extraGroups.vboxusers.members = [ "user-with-access-to-virtualbox" ];`
Forgot some WG config... 2018-05-21 19:48:20 +02:00			`};`
Add thinkpad config. 2018-04-14 17:59:44 +02:00
Add syncthing to thinkpad. 2018-05-23 22:01:45 +02:00			`services.syncthing = {`
Update thinkpad conf according to last refactoring 2019-01-16 21:38:26 +01:00			`user = myusers.ninjatrappeur.name;`
			`dataDir = "${myusers.ninjatrappeur.home}/.config/syncthing";`
Add syncthing to thinkpad. 2018-05-23 22:01:45 +02:00			`};`

Thinkpad: update 2022-10-07 07:29:52 +02:00			`programs.bcc.enable = true;`

thinkpad: update config 2021-02-01 20:26:53 +01:00			`home-manager.users.ninjatrappeur = {`
thinkpad: bump to latest nixpkgs 2022-10-07 07:33:24 +02:00			`home.stateVersion = "18.09";`
nixpkgs: bump 2023-04-20 10:20:39 +02:00			`services.mako = {`
Configure thinkpad trackpad. 2018-04-14 22:42:26 +02:00			`enable = true;`
thinkpad: update config 2021-02-01 20:26:53 +01:00			`anchor = "top-center";`
Configure thinkpad trackpad. 2018-04-14 22:42:26 +02:00			`};`

thinkpad: update config 2021-02-01 20:26:53 +01:00			`home.file = {`
thinkpad: setup local email config 2021-08-18 21:28:12 +02:00			`".notmuch-config".source = ../raw-conf-files/email/notmuch-config;`
			`".config/msmtp/config".source = ../raw-conf-files/email/msmtp;`
Add thinkpad config. 2018-04-14 17:59:44 +02:00			`};`
			`};`
Update thinkpad virtualbox service.$ 2019-05-03 21:51:46 +02:00
thinkpad: move back to i3 2022-03-18 22:48:03 +01:00			`services.xserver= {`
			`xkbOptions = "caps:swapescape";`
Thinkpad: update 2022-10-07 07:29:52 +02:00			`displayManager.defaultSession = "xfce+i3";`
thinkpad: move back to i3 2022-03-18 22:48:03 +01:00			`libinput = {`
			`enable = true;`
			`touchpad = {`
			`disableWhileTyping = true;`
			`scrollMethod = "twofinger";`
			`tapping = true;`
			`};`
			`};`
thinkpad: update config 2021-02-01 20:26:53 +01:00
Thinkpad: use xfce on top of i3 2022-04-09 09:38:32 +02:00			`desktopManager = {`
			`xterm.enable = false;`
thinkpad: setup extended-lan VPN 2022-11-08 15:38:31 +01:00			`gnome.enable = true;`
Thinkpad: use xfce on top of i3 2022-04-09 09:38:32 +02:00			`xfce = {`
			`enable = true;`
			`noDesktop = true;`
			`enableXfwm = false;`
			`};`
			`};`
thinkpad: move back to i3 2022-03-18 22:48:03 +01:00			`windowManager.i3 = {`
			`enable = true;`
			`configFile = builtins.toPath (pkgs.writeText "thinkpad-i3-config" i3.thinkpad-config);`
			`};`
			`};`
thinkpad: update config 2021-02-01 20:26:53 +01:00
Update thinkpad virtualbox service.$ 2019-05-03 21:51:46 +02:00			`virtualisation = {`
Seldon: add emacs config 2020-10-07 22:07:33 +02:00			`#virtualbox.host.enable = true;`
			`#docker.enable = true;`
Update thinkpad virtualbox service.$ 2019-05-03 21:51:46 +02:00			`};`

Updating ZSH config to autocomplete CLI. 2019-02-07 11:33:15 +01:00			`nix = {`
Update nixpkgs 2022-03-01 16:50:54 +01:00			`settings = {`
			`trusted-users = [ "root" "${myusers.ninjatrappeur.name}" ];`
			`sandbox = true;`
			`};`
Updating ZSH config to autocomplete CLI. 2019-02-07 11:33:15 +01:00			`extraOptions = ''`
			`builders-use-substitutes = true`
thinkpad: move back to i3 2022-03-18 22:48:03 +01:00			`experimental-features = nix-command flakes`
Updating ZSH config to autocomplete CLI. 2019-02-07 11:33:15 +01:00			`'';`
			`nixPath = [`
Thinkpad: add ssh server 2021-05-13 10:21:03 +02:00			`"nixpkgs=${sources.nixpkgs}"`
Updating ZSH config to autocomplete CLI. 2019-02-07 11:33:15 +01:00			`"nixos-config=/etc/nixos/configuration.nix"`
			`];`
			`};`
Add thinkpad config. 2018-04-14 17:59:44 +02:00
Use nixos neovim config on Desktop 2019-02-10 19:31:34 +01:00			`environment.systemPackages =`
nixpkgs: bump 2022-03-25 16:01:08 +01:00			`mypkgs.common ++ mypkgs.dev ++ mypkgs.media ++ mypkgs.graphic-apps`
			`++ mypkgs.laptop ++ [`
			`pkgs.brightnessctl`
thinkpad: bump to latest nixpkgs 2022-10-07 07:33:24 +02:00			`pkgs.gnome.nautilus`
			`pkgs.gnome.eog`
			`pkgs.gnome.gvfs`
nixpkgs: bump 2022-03-25 16:01:08 +01:00			`pkgs.evince`
Thinkpad: update 2022-10-07 07:29:52 +02:00			`pkgs.languagetool`
thinkpad: setup extended-lan VPN 2022-11-08 15:38:31 +01:00			`pkgs.remmina`
Add keys & all 2023-11-01 17:37:19 +01:00			`pkgs.carla`
Thinkpad: update 2022-10-07 07:29:52 +02:00			`(pkgs.hunspellWithDicts [`
			`pkgs.hunspellDicts.en-gb-ise`
			`pkgs.hunspellDicts.en-gb-ize`
			`pkgs.hunspellDicts.en-us`
			`pkgs.hunspellDicts.fr-any`
			`pkgs.hunspellDicts.fr-moderne`
			`])`
nixpkgs: bump 2022-03-25 16:01:08 +01:00			`];`
Update thinkpad conf according to last refactoring 2019-01-16 21:38:26 +01:00
Deploy vim config using nix 2019-02-10 18:48:00 +01:00			`system = {`
			`stateVersion = "18.09";`
Use nixos neovim config on Desktop 2019-02-10 19:31:34 +01:00			`userActivationScripts = {`
			`vimConfigSetup = {`
Deploy vim config using nix 2019-02-10 18:48:00 +01:00			`text = ''`
Use nixos neovim config on Desktop 2019-02-10 19:31:34 +01:00			`ln -fs "${vimInit.neovim-config}" "${myusers.ninjatrappeur.home}/.config/nvim/init.vim"`
Deploy vim config using nix 2019-02-10 18:48:00 +01:00			`'';`
Use nixos neovim config on Desktop 2019-02-10 19:31:34 +01:00			`deps = [];`
			`};`
Deploy vim config using nix 2019-02-10 18:48:00 +01:00			`};`
			`};`
Add thinkpad config. 2018-04-14 17:59:44 +02:00			`}`