From 14ae82222c7ee39cbcc745a1c3841f45cc9c42aa Mon Sep 17 00:00:00 2001 From: Morten Olsen Date: Tue, 14 Nov 2023 20:32:30 +0100 Subject: [PATCH] update --- machines/xps/configuration.nix | 19 +++++++++++++++---- machines/xps/hardware-configuration.nix | 13 +++++-------- modules/basic/default.nix | 3 +++ modules/basic/security.nix | 2 ++ os.sh | 1 - user/programs/neovim/default.nix | 2 +- user/programs/terminal/default.nix | 1 + user/programs/terminal/files/npmrc | 1 + user/programs/terminal/files/zshrc | 2 ++ 9 files changed, 30 insertions(+), 14 deletions(-) create mode 100644 user/programs/terminal/files/npmrc diff --git a/machines/xps/configuration.nix b/machines/xps/configuration.nix index 70adbfa..b58173f 100644 --- a/machines/xps/configuration.nix +++ b/machines/xps/configuration.nix @@ -21,19 +21,30 @@ boot.loader.systemd-boot.enable = true; boot.loader.efi.canTouchEfiVariables = true; + boot.initrd.availableKernelModules = [ + "aesni_intel" + "cryptd" + ]; + # Setup keyfile boot.initrd.secrets = { "/crypto_keyfile.bin" = null; }; - # Enable swap on luks - boot.initrd.luks.devices."luks-20428df9-98ee-45a6-9dc1-fcafc0ce86f2".device = "/dev/disk/by-uuid/20428df9-98ee-45a6-9dc1-fcafc0ce86f2"; - boot.initrd.luks.devices."luks-20428df9-98ee-45a6-9dc1-fcafc0ce86f2".keyFile = "/crypto_keyfile.bin"; - boot.kernelParams = [ "i915.force_probe=9b41" ]; networking.hostName = "alice-xps"; # Define your hostname. # networking.wireless.enable = true; # Enables wireless support via wpa_supplicant. + system.autoUpgrade = { + enable = true; + }; + + nix.gc = { + automatic = true; + dates = "weekly"; + options = "--delete-older-than 7d"; + }; + system.stateVersion = "23.05"; # Did you read the comment? } diff --git a/machines/xps/hardware-configuration.nix b/machines/xps/hardware-configuration.nix index 5f3cb42..3d3a41b 100644 --- a/machines/xps/hardware-configuration.nix +++ b/machines/xps/hardware-configuration.nix @@ -8,33 +8,30 @@ [ (modulesPath + "/installer/scan/not-detected.nix") ]; - boot.initrd.availableKernelModules = [ "xhci_pci" "nvme" "usb_storage" "usbhid" "sd_mod" "rtsx_pci_sdmmc" ]; + boot.initrd.availableKernelModules = [ "xhci_pci" "nvme" "usb_storage" "sd_mod" "rtsx_pci_sdmmc" ]; boot.initrd.kernelModules = [ ]; boot.kernelModules = [ "kvm-intel" ]; boot.extraModulePackages = [ ]; fileSystems."/" = - { device = "/dev/disk/by-uuid/56f7a61b-1689-42b6-b697-5c88b8e75fc1"; + { device = "/dev/disk/by-uuid/d458bbe6-619d-4080-90a3-524f17014f22"; fsType = "ext4"; }; - boot.initrd.luks.devices."luks-f8db07f5-1808-4591-8bbf-81798eb5d4c1".device = "/dev/disk/by-uuid/f8db07f5-1808-4591-8bbf-81798eb5d4c1"; + boot.initrd.luks.devices."luks-c6580d84-86a0-4de4-820f-bbdea8109ae4".device = "/dev/disk/by-uuid/c6580d84-86a0-4de4-820f-bbdea8109ae4"; fileSystems."/boot" = - { device = "/dev/disk/by-uuid/90A7-3803"; + { device = "/dev/disk/by-uuid/98D0-6C62"; fsType = "vfat"; }; - swapDevices = - [ { device = "/dev/disk/by-uuid/e92ed4b9-8ee0-4d87-9249-f6e4223abbbe"; } - ]; + swapDevices = [ ]; # Enables DHCP on each ethernet and wireless interface. In case of scripted networking # (the default) this is the recommended approach. When using systemd-networkd it's # still possible to use this option, but it's recommended to use it in conjunction # with explicit per-interface declarations with `networking.interfaces..useDHCP`. networking.useDHCP = lib.mkDefault true; - # networking.interfaces.enp112s0.useDHCP = lib.mkDefault true; # networking.interfaces.wlp2s0.useDHCP = lib.mkDefault true; nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; diff --git a/modules/basic/default.nix b/modules/basic/default.nix index 9366fda..42736b5 100644 --- a/modules/basic/default.nix +++ b/modules/basic/default.nix @@ -7,6 +7,9 @@ ./network.nix ./security.nix ]; + environment.systemPackages = [ + pkgs.nfs-utils + ]; services = { fwupd.enable = true; diff --git a/modules/basic/security.nix b/modules/basic/security.nix index d43f011..7c63a8a 100644 --- a/modules/basic/security.nix +++ b/modules/basic/security.nix @@ -24,4 +24,6 @@ pkgs.gnupg pkgs.pinentry-gnome ]; + + networking.firewall.checkReversePath = false; } diff --git a/os.sh b/os.sh index 64e85f7..47ee227 100755 --- a/os.sh +++ b/os.sh @@ -29,7 +29,6 @@ function upgrade() { if git -C "$LOCATION" diff-index --quiet HEAD --; then nix flake update --commit-lock-file "$LOCATION" apply $1 - cleanup else echo "Error: git working tree is dirty" exit 1 diff --git a/user/programs/neovim/default.nix b/user/programs/neovim/default.nix index 613745f..f028025 100644 --- a/user/programs/neovim/default.nix +++ b/user/programs/neovim/default.nix @@ -3,7 +3,7 @@ let astronvim = builtins.fetchGit { url = "https://github.com/AstroNvim/AstroNvim"; - rev = "dad0bec1fef2833561d04ea446a544fbfde92539"; + rev = "7f087b2ea45073be3386a29e805143f0a1f896e8"; }; astronvimUser = builtins.fetchGit { url = "https://foo:foo@github.com/morten-olsen/astrovim"; diff --git a/user/programs/terminal/default.nix b/user/programs/terminal/default.nix index 53681a0..d31db7b 100644 --- a/user/programs/terminal/default.nix +++ b/user/programs/terminal/default.nix @@ -39,6 +39,7 @@ ".env".source = ./files/env; ".zshrc".source = ./files/zshrc; ".bashrc".source = ./files/bashrc; + # ".npmrc".source = ./files/npmrc; ".shellrc/rc.d" = { source = ./files/shell/rc.d; }; diff --git a/user/programs/terminal/files/npmrc b/user/programs/terminal/files/npmrc new file mode 100644 index 0000000..dc3f6fb --- /dev/null +++ b/user/programs/terminal/files/npmrc @@ -0,0 +1 @@ +prefix = ${HOME}/.npm-packages diff --git a/user/programs/terminal/files/zshrc b/user/programs/terminal/files/zshrc index aed4d59..f56d090 100644 --- a/user/programs/terminal/files/zshrc +++ b/user/programs/terminal/files/zshrc @@ -95,5 +95,7 @@ PRINT_CENTER 60 " " fi +export PATH=~/.npm-global/bin:$PATH +export NODE_PATH=~/.npm-global/lib/node_modules which wrk > /dev/null && eval `wrk tools bash`