From 0f06a86b1eaa99ff21cdce8c5f1c54b688cbbcf6 Mon Sep 17 00:00:00 2001 From: Gregor Kleen Date: Thu, 1 Aug 2024 10:48:06 +0200 Subject: ... --- accounts/gkleen@sif/default.nix | 3 +- hosts/sif/default.nix | 110 ++++++++++++++++----------------- modules/ibus.nix | 79 ----------------------- modules/network-interfaces-systemd.nix | 6 +- modules/yggdrasil-wg/default.nix | 32 ++++------ 5 files changed, 67 insertions(+), 163 deletions(-) delete mode 100644 modules/ibus.nix diff --git a/accounts/gkleen@sif/default.nix b/accounts/gkleen@sif/default.nix index 05cfc2c8..5b463f12 100644 --- a/accounts/gkleen@sif/default.nix +++ b/accounts/gkleen@sif/default.nix @@ -83,9 +83,8 @@ in { ]; config = { + services.displayManager.defaultSession = "none+xmonad"; services.xserver = { - displayManager.defaultSession = "none+xmonad"; - windowManager.session = [{ name = "xmonad"; start = '' diff --git a/hosts/sif/default.nix b/hosts/sif/default.nix index 96cd66cc..610d990d 100644 --- a/hosts/sif/default.nix +++ b/hosts/sif/default.nix @@ -187,12 +187,10 @@ in { # FirewallMark = 1; }; wireguardPeers = [ - { wireguardPeerConfig = { - AllowedIPs = [ "10.200.116.1/32" "10.163.88.40/32" ] ++ mwnSubnetsPrivate ++ mwnSubnetsPublic; - PublicKey = "YlRFLc+rD2k2KXl7pIJbOKbcPgdJCl8ZTsv0xlK4VEI="; - PersistentKeepalive = 25; - Endpoint = "wg.math.lmu.de:51820"; - }; + { AllowedIPs = [ "10.200.116.1/32" "10.163.88.40/32" ] ++ mwnSubnetsPrivate ++ mwnSubnetsPublic; + PublicKey = "YlRFLc+rD2k2KXl7pIJbOKbcPgdJCl8ZTsv0xlK4VEI="; + PersistentKeepalive = 25; + Endpoint = "wg.math.lmu.de:51820"; } ]; }; @@ -211,43 +209,34 @@ in { Name = "wgrz"; }; address = ["10.200.116.128/24"]; - routes = map (Destination: { routeConfig = { + routes = map (Destination: { inherit Destination; Gateway = "10.200.116.1"; GatewayOnLink = true; Table = "wgrz"; - };}) (mwnSubnetsPrivate ++ mwnSubnetsPublic ++ ["10.163.88.40/32"]); + }) (mwnSubnetsPrivate ++ mwnSubnetsPublic ++ ["10.163.88.40/32"]); routingPolicyRules = [ - { routingPolicyRuleConfig = { - Table = "main"; - # FirewallMark = 1; - To = "129.187.111.225"; - Priority = 100; - }; + { Table = "main"; + # FirewallMark = 1; + To = "129.187.111.225"; + Priority = 100; } - { routingPolicyRuleConfig = { - Table = "main"; - To = "10.153.91.204"; - Priority = 100; - }; + { Table = "main"; + To = "10.153.91.204"; + Priority = 100; } - { routingPolicyRuleConfig = { - Table = "wgrz"; - From = "10.200.116.128"; - Priority = 200; - }; + { Table = "wgrz"; + From = "10.200.116.128"; + Priority = 200; } - { routingPolicyRuleConfig = { - Table = "wgrz"; - To = "10.163.88.40"; - Priority = 200; - }; + { Table = "wgrz"; + To = "10.163.88.40"; + Priority = 200; } - ] ++ map (To: { routingPolicyRuleConfig = { - Table = "wgrz"; - inherit To; - Priority = 200; - };}) (mwnSubnetsPrivate ++ mwnSubnetsPublic); + ] ++ map (To: { Table = "wgrz"; + inherit To; + Priority = 200; + }) (mwnSubnetsPrivate ++ mwnSubnetsPublic); linkConfig = { RequiredForOnline = false; }; @@ -328,7 +317,7 @@ in { }; environment.systemPackages = with pkgs; [ - nvtop brightnessctl config.boot.kernelPackages.v4l2loopback s-tui uhk-agent + nvtopPackages.full brightnessctl config.boot.kernelPackages.v4l2loopback s-tui uhk-agent ]; services = { @@ -375,9 +364,27 @@ in { xserver = { enable = true; - layout = "us"; - xkbVariant = "dvp"; - xkbOptions = "compose:caps"; + xkb = { + layout = "us"; + variant = "dvp"; + options = "compose:caps"; + }; + + wacom.enable = true; + + dpi = 282; + + videoDrivers = [ "nvidia" ]; + + screenSection = '' + Option "metamodes" "nvidia-auto-select +0+0 { ForceCompositionPipeline = On }" + ''; + + deviceSection = '' + Option "TearFree" "True" + ''; + + exportConfiguration = true; displayManager.lightdm = { enable = true; @@ -403,24 +410,8 @@ in { ''; }; }; - - wacom.enable = true; - libinput.enable = true; - - dpi = 282; - - videoDrivers = [ "nvidia" ]; - - screenSection = '' - Option "metamodes" "nvidia-auto-select +0+0 { ForceCompositionPipeline = On }" - ''; - - deviceSection = '' - Option "TearFree" "True" - ''; - - exportConfiguration = true; }; + libinput.enable = true; }; systemd.tmpfiles.rules = [ @@ -549,9 +540,9 @@ in { }; }; - opengl = { + graphics = { enable = true; - driSupport32Bit = true; + enable32Bit = true; # setLdLibraryPath = true; }; @@ -647,7 +638,10 @@ in { group = "users"; }; - i18n.inputMethod.enabled = "ibus"; + i18n.inputMethod = { + enable = true; + type = "ibus"; + }; environment.sessionVariables."GTK_USE_PORTAL" = "1"; xdg.portal = { diff --git a/modules/ibus.nix b/modules/ibus.nix deleted file mode 100644 index bb9b3765..00000000 --- a/modules/ibus.nix +++ /dev/null @@ -1,79 +0,0 @@ -{ config, pkgs, lib, ... }: - -with lib; - -let - cfg = config.i18n.inputMethod.ibus; - ibusPackage = pkgs.ibus-with-plugins.override { plugins = cfg.engines; }; - ibusEngine = types.package // { - name = "ibus-engine"; - check = x: (lib.types.package.check x) && (attrByPath ["meta" "isIbusEngine"] false x); - }; -in -{ - disabledModules = [ "i18n/input-method/ibus.nix" ]; - - imports = [ - (mkRenamedOptionModule [ "programs" "ibus" "plugins" ] [ "i18n" "inputMethod" "ibus" "engines" ]) - ]; - - options = { - i18n.inputMethod.ibus = { - engines = mkOption { - type = with types; listOf ibusEngine; - default = []; - example = literalExpression "with pkgs.ibus-engines; [ mozc hangul ]"; - description = - let - enginesDrv = filterAttrs (const isDerivation) pkgs.ibus-engines; - engines = concatStringsSep ", " - (map (name: "${name}") (attrNames enginesDrv)); - in - "Enabled IBus engines. Available engines are: ${engines}."; - }; - panel = mkOption { - type = with types; nullOr path; - default = null; - example = literalExpression ''"''${pkgs.plasma5Packages.plasma-desktop}/lib/libexec/kimpanel-ibus-panel"''; - description = "Replace the IBus panel with another panel."; - }; - }; - }; - - config = mkIf (config.i18n.inputMethod.enabled == "ibus") { - i18n.inputMethod.package = ibusPackage; - - # Without dconf enabled it is impossible to use IBus - programs.dconf.enable = true; - - programs.dconf.packages = [ ibusPackage ]; - - environment.variables = { - GTK_IM_MODULE = "ibus"; - QT_IM_MODULE = "ibus"; - XMODIFIERS = "@im=ibus"; - }; - - xdg.portal.extraPortals = mkIf config.xdg.portal.enable [ - ibusPackage - ]; - - systemd.user.services.ibus = { - description = "Intelligent Input Bus"; - documentation = ["man:ibus-daemon(1)"]; - after = ["graphical-session-pre.target"]; - wantedBy = ["graphical-session.target"]; - - serviceConfig = { - Type = "dbus"; - BusName = "org.freedesktop.IBus"; - ExecStart = "${ibusPackage}/bin/ibus-daemon --xim ${optionalString (cfg.panel != null) "--panel ${cfg.panel}"}"; - ExecReload = "${ibusPackage}/bin/ibus restart"; - ExecStop = "${ibusPackage}/bin/ibus exit"; - }; - }; - }; - - # uses attributes of the linked package - meta.buildDocsInSandbox = false; -} diff --git a/modules/network-interfaces-systemd.nix b/modules/network-interfaces-systemd.nix index a3a49f5e..f62c6b86 100644 --- a/modules/network-interfaces-systemd.nix +++ b/modules/network-interfaces-systemd.nix @@ -60,10 +60,8 @@ in ++ optional (cfg.defaultGateway6 != null && (cfg.defaultGateway6.address or "") != "") cfg.defaultGateway6.address; in optionalAttrs (gateway != [ ]) { routes = override (map (gateway: { - routeConfig = { - Gateway = gateway; - GatewayOnLink = false; - }; + Gateway = gateway; + GatewayOnLink = false; }) gateway); } // optionalAttrs (domains != [ ]) { domains = override domains; diff --git a/modules/yggdrasil-wg/default.nix b/modules/yggdrasil-wg/default.nix index 8525cea0..8b190651 100644 --- a/modules/yggdrasil-wg/default.nix +++ b/modules/yggdrasil-wg/default.nix @@ -135,7 +135,7 @@ let PrivateKeyFile = "/run/credentials/systemd-networkd.service/yggdrasil-wg-${family}.priv"; ListenPort = listenPort.${family}; }; - wireguardPeers = map (opts@{to, from, ...}: { wireguardPeerConfig = linkToPeer family opts; }) hostLinks.${family}; + wireguardPeers = map (opts@{to, from, ...}: linkToPeer family opts) hostLinks.${family}; }; familyToLoadCred = family: "yggdrasil-wg-${family}.priv:${config.sops.secrets."yggdrasil-wg-${family}.priv".path}"; familyToYggdrasilNetwork = family: nameValuePair "yggdrasil-wg-${family}" { @@ -145,9 +145,7 @@ let }; address = [wgHostIPs.${family}.${hostName}]; routes = [ - { routeConfig = { - Destination = "${wgSubnet.${family}}::/${toString wgSubnetLength}"; - }; + { Destination = "${wgSubnet.${family}}::/${toString wgSubnetLength}"; } ]; linkConfig = { @@ -203,25 +201,19 @@ in { dns = ["2a03:4000:52:ada:1:1::"]; domains = ["yggdrasil"]; routes = [ - { routeConfig = { - Destination = "${batSubnet}::/${toString batSubnetLength}"; - GatewayOnLink = true; - }; + { Destination = "${batSubnet}::/${toString batSubnetLength}"; + GatewayOnLink = true; } - { routeConfig = { - Destination = "${batSubnet}::/${toString batSubnetLength}"; - GatewayOnLink = true; - Table = "yggdrasil"; - }; + { Destination = "${batSubnet}::/${toString batSubnetLength}"; + GatewayOnLink = true; + Table = "yggdrasil"; } - { routeConfig = { - Destination = batHostIPs.${hostName}; - GatewayOnLink = true; - Table = "yggdrasil"; - }; + { Destination = batHostIPs.${hostName}; + GatewayOnLink = true; + Table = "yggdrasil"; } - ] ++ (concatMap (router: map (rAddr: { routeConfig = { Destination = "::/0"; Gateway = stripSubnet rAddr; GatewayOnLink = true; Table = "yggdrasil"; }; }) batHostIPs.${router}) (filter (router: router != hostName) routers)); - routingPolicyRules = map (addr: { routingPolicyRuleConfig = { Table = "yggdrasil"; From = addr; Priority = 1; }; }) batHostIPs.${hostName}; + ] ++ (concatMap (router: map (rAddr: { Destination = "::/0"; Gateway = stripSubnet rAddr; GatewayOnLink = true; Table = "yggdrasil"; }) batHostIPs.${router}) (filter (router: router != hostName) routers)); + routingPolicyRules = map (addr: { Table = "yggdrasil"; From = addr; Priority = 1; }) batHostIPs.${hostName}; linkConfig = { MACAddress = "${batHostMACs.${hostName}}"; RequiredForOnline = false; -- cgit v1.2.3