99d55167f6
impermanence: only persist service directories if those services are enabled.
2022-07-10 17:58:16 -07:00
dc6472f39f
electrum: put on all GUI systems
2022-07-07 04:10:57 -07:00
eb8cfc682f
remove opengl modules
...
they don't seem to be necessary:
- still able to run spirv/vulkan-accelerated stuff at the same rate.
- still able to watch videos at the same CPU load.
i think mesa packages solid drivers that make this part mostly
irrelevant.
2022-07-06 02:00:12 -07:00
5a10805287
hardware.opengl.extraPackages: move to machine-specific files
2022-07-02 23:53:55 -07:00
09700adba2
desko: replace 'electron' package with 'electrum' -- as it was meant to be
2022-07-02 14:45:21 -07:00
8db30b5de9
servo: enlarge the /tmp tmpfs so we can build large nix packages
2022-06-30 00:17:05 -07:00
1f3c93623f
desko: enable snapper for testing
2022-06-29 03:58:11 -07:00
634e5a8c71
servo: use a swap partition instead of a swapfile
2022-06-29 03:29:45 -07:00
92488dd890
complete servo image & port to impermanence
...
there might still be some bugs to work out here.
this produces a workable image, but with some uncertainty
around that swapfile (the first attempt had /swapfile living on a
tmpfs).
2022-06-29 01:17:53 -07:00
fd48880a0a
nixcache: only enable on moby
...
it's annoying to rebuild on desko/lappy, and have that fail when servo
is offline/unreachable.
and it's really silly to have servo use its own cache *over the
network*.
long-term would be better to do properly distributed builds instead of
the cache.
2022-06-28 03:44:10 -07:00
9cce427ea4
WIP: add tow-boot files to servo image
...
i think this breaks the build -- will debug.
2022-06-27 17:11:27 -07:00
d0ff605f19
lappy: setup snapper (automated btrfs snapshots)
2022-06-27 01:28:17 -07:00
075969540a
uninsane.org: force SSL to avoid CORS problems
2022-06-26 04:20:33 -07:00
57886ec3d0
servo: add ipfs service
2022-06-26 03:44:41 -07:00
d3fa6a31f9
decrease transmission upload bandwidth
...
i think it's messing with other services (like ipfs) :|
2022-06-25 19:49:48 -07:00
fdcbaae776
servo: firewall: open ipfs ports
2022-06-25 17:51:46 -07:00
436ade540f
tune /var/lib impermanence (for lappy)
2022-06-24 21:10:49 -07:00
c39d0d1667
rebuild desko and flash it
...
haven't booted into it yet (we'll see!)
2022-06-24 02:07:40 -07:00
84e57ec3d8
lappy: add a dedicated /tmp fs
2022-06-24 01:02:26 -07:00
17d2029ba2
image: make the gpt headerHole configurable
2022-06-24 00:53:43 -07:00
d38f17207b
remove extlinux bootloader wrapper: use colinsane.extraBootFiles
2022-06-24 00:10:07 -07:00
e7f05fa2ec
*/fs.nix: remove extraneous mkDefault
s
...
these are no longer needed with the new image builder.
2022-06-23 21:21:01 -07:00
bf6ac1b7ae
moby: enable boot.loader.generic-extlinux-compatible.enable
2022-06-23 19:56:40 -07:00
b244e8e845
moby: properly flash firmware as part of the image build
2022-06-23 19:01:04 -07:00
187c2f2406
lappy: switch back to the existing fs uuids
2022-06-23 16:28:12 -07:00
ac050ac390
move the canTouchEfiVars into the right place
2022-06-23 16:26:46 -07:00
f0857181c0
decrease the moby-specific stuff in flake.nix
2022-06-23 15:42:20 -07:00
46dc2fb521
extend image builder to support btrfs
2022-06-23 15:28:33 -07:00
0acb2e138b
image building: enable impermanence
...
note that it still needs an interactive `mkdir /mnt-root/nix/var/{lib,log}`
in the initrd.
2022-06-23 03:39:09 -07:00
0579faaf89
get an image which can boot to a login prompt unattended
...
NB: this breaks compat with the existing lappy install.
need to switch back to impermanence, and switch the disk uuids too.
2022-06-23 02:24:52 -07:00
d80bd7d162
inline image building, and (for lappy) use a generic-extlinux-compatible bootloader
...
the generic bootloader will allow more code-sharing with rpi and
pinephone. desko should soon use the generic bootloader as well.
problems: lappy can't boot from USB stick. it makes it to the initrd,
but there's no dev nodes for the USB drive.
unsure if this is how it was before, too.
2022-06-23 00:24:39 -07:00
b6de07a731
ddns-he: start timer on boot
2022-06-20 15:36:48 -07:00
fa131fe39f
lappy: enable impermanence
...
it mostly went smooth, though i lost a .ssh key.
probably the best upgrade process is to do most of the heavy work in the
initrd:
write the new nix config, notably, configuring a tmpfs / mount
and moving the previous / to /nix.
then boot and in the initrd, move all the `/nix/nix/...` items
up a level.
2022-06-20 03:28:01 -07:00
a91914053d
transmission: disable the anti-brute-force option
...
this should allow me to more reliably login from anywhere.
2022-06-18 18:47:22 -07:00
a031beee18
servo: transmission: relax the umask (to hopefully make files globally readable)
2022-06-18 15:54:27 -07:00
b50150b52e
enable stuff needed for ifuse/iphone photo syncing
2022-06-15 17:22:27 -07:00
2b8ff8d5ae
rename 'uninsane' machine -> 'servo'
2022-06-12 15:11:41 -07:00
fb15f84f1d
desko: enable duplicity backups
2022-06-10 01:43:48 -07:00
7da3d48272
migrate duplicity config to a module
...
this will let other machines reuse it
2022-06-10 01:30:57 -07:00
defcc15b03
desko: update fs UUIDs
2022-06-10 00:32:50 -07:00
cd43247d2c
enable himalaya
for sending and receiving email
...
sent messages don't get copied to the sent mailbox, but oh well.
problem for another day.
2022-06-09 18:58:42 -07:00
51bf327290
port helpers/home-manager-gen-colin.nix to modules system
2022-06-09 14:50:24 -07:00
bc51244c52
move helpers/universal -> modules/universal
2022-06-09 14:06:31 -07:00
ff002c3197
matrix: port secrets to sops
2022-06-08 17:03:41 -07:00
117b69d39e
pleroma: port secrets to sops
2022-06-08 16:46:32 -07:00
46b0f10b9d
nix-serve: port secrets to sops
2022-06-08 16:27:35 -07:00
e188db9344
postfix/dovecot: convert secrets to sops
2022-06-08 15:59:02 -07:00
85f16d9732
ovpn config: use sops for secrets
2022-06-08 14:39:10 -07:00
bc9450a0fa
port ddns-he to sops secret
2022-06-08 14:32:16 -07:00
364f76b59e
move uninsane secrets to a machine-global file
2022-06-08 14:22:43 -07:00
ed50ea4b4b
sway: configure emoji fonts
2022-06-08 13:02:28 -07:00
05559c9c39
secrets: move uninsane secrets so nix config is valid on other hosts
2022-06-07 23:29:57 -07:00
a313f61351
duplicity: migrate secrets to sops
2022-06-07 02:33:11 -07:00
d2ea4c5ffe
migrate duplicity PASSPHRASE to sops
2022-06-06 19:06:53 -07:00
d33d5a4582
hardware-x86_64: port to modules system
2022-06-06 17:51:35 -07:00
5bae11fcbc
gui/phosh: port to module system
2022-06-06 17:39:40 -07:00
d28738eb0e
gui/sway: port to module system
2022-06-06 17:35:28 -07:00
fa7a2186ca
lappy: switch to sway
2022-06-06 01:17:08 -07:00
8ef29966b3
cleanup: remove unecessary arguments from nix config
2022-06-05 23:44:01 -07:00
75ba43aaca
desko: switch to sway compositor
2022-06-03 01:40:32 -07:00
6df3ccd81f
enable i3; switch desko to i3
2022-06-02 23:43:41 -07:00
4300cbbf8a
uninsane: clarify kernelPkgs config value
2022-06-02 17:02:36 -07:00
a7259279bb
port raspberry pi bootloader fixes to a nixpkgs patch
2022-06-02 14:18:41 -07:00
a30050af8f
moby: add gnome-podcasts
2022-05-31 20:07:18 -07:00
14e7db3eae
moby: scale display to 150%
2022-05-31 16:12:29 -07:00
ca5fa0839c
moby: try a slight variant of phosh
2022-05-30 14:56:31 -07:00
7c36ebee3c
acme: update config for nixos 22.05
2022-05-29 16:39:57 -07:00
524e9749be
desko/lappy: explicitly set system.stateVersion
2022-05-28 13:14:48 -07:00
7ae8526771
update nixos-21.11 -> nixos-22.05
2022-05-28 12:40:35 -07:00
6318e66314
uninsane: enable nix-cache
...
note that the other machines can't easily use it unitl i upgrade to nixos-22.05
2022-05-28 12:39:50 -07:00
52bf4f5b67
put all gui helpers under helpers/gui/ subdir
2022-05-27 01:14:36 -07:00
f30d51abbc
move phosh out from moby/ to helpers/
...
better yet would be put these all in a gui/ subdir
2022-05-27 01:13:09 -07:00
123e140212
moby: switch from phosh to plasma-mobile
...
this isn't the *best*: it's verrry slow to login.
but more software works. that could be more due to using wayland though,
than to plasma itself.
2022-05-27 01:08:59 -07:00
27f1360681
migrate dovecot secrets to secrets nix file
2022-05-27 00:57:36 -07:00
e207ca56dc
duplicity: port passphrase to secrets file
2022-05-27 00:46:58 -07:00
a9b7b614b8
move matrix-synapse email password to secrets file
2022-05-27 00:34:19 -07:00
243a8e1e4c
pleroma: port to secrets.nix
2022-05-26 23:21:43 -07:00
a407bd9920
wireguard: port private key to secrets.nix
2022-05-26 22:41:16 -07:00
0f54253cf7
duplicity: port url to secrets.nix
2022-05-26 22:24:50 -07:00
9c290e0a03
move 'machines/common' into helpers/
2022-05-26 22:16:16 -07:00
9dcbd2f2af
duplicity: allow "source mismatches" (hostname changes)
2022-05-26 14:34:43 -07:00
6e4629c0e8
disable powertop service: it breaks USB HID (mouse permanently asleep; keyboard powers off every 2 seconds)
2022-05-26 03:20:06 -07:00
1cdae86121
boot.initrd.availableKernelModules: annotate these modules based on what i know about their origin
2022-05-26 03:19:19 -07:00
48a985c74e
try some phosh packages
2022-05-24 23:12:51 -07:00
c95485589a
moby: upgrade pkgs from 2022/03/30 -> 2022/05/20
...
this upstreams the manual phosh tweaks i had previously applied.
2022-05-24 20:58:45 -07:00
e4a2dc986a
HE DDNS: properly run every 10 minutes
2022-05-24 19:02:51 -07:00
f8cf676df4
uninsane: add a hurricane electric ddns service
...
also adds some basic secrets management. i can make this more robust in time.
2022-05-24 17:24:11 -07:00
e8cc71b03e
moby: update pkgs-mobile to 2022/03/30
...
i was using something from like 2021/06/...
it's not new enough to have upstream support for phosh,
so i still need the wrapper. i think such an update is blocked on the
mobile-nixos project.
2022-05-24 02:47:04 -07:00
2d03f0d647
env: add electrum, metamask
2022-05-23 22:50:50 -07:00
7cf0dffa36
colin: switch default shell to zsh
2022-05-23 20:33:08 -07:00
17174a1f6e
omit unnecessary inputs from some imports
2022-05-23 17:16:56 -07:00
b11fcebd5b
moby: switch to phosh
2022-05-23 03:06:29 -07:00
ecac3d71e3
rename common/{hardware.nix -> hardware-x86_64.nix} to signal its platform dependence
2022-05-23 00:55:26 -07:00
493bd5de65
move timezone config to common config so it applies to... ALL platforms
2022-05-23 00:52:36 -07:00
a12560c8b4
machines/common: put some of these files behind all/
, indicating that they're expected to be used by *all* machines
2022-05-23 00:46:58 -07:00
dc6f949c4d
rename gui.nix -> gnome.nix
2022-05-23 00:43:27 -07:00
5c17274721
moby: use the 'home-manager-gen-colin' helper
2022-05-23 00:40:59 -07:00
94b145f869
machines: uninsane: migrate default user config to common/
2022-05-23 00:33:11 -07:00
5060669738
machines/uninsane: define 'colin' user via the helper
2022-05-23 00:26:46 -07:00
c06e9800b9
machines/uninsane: use the home-manager helper
2022-05-23 00:10:52 -07:00