~jb55/citadel

ref: d49a08a54e2552e0a471f6bb678e81f368ac0a9c citadel/nix-config/machines/quiver/default.nix -rw-r--r-- 5.2 KiB
d49a08a5William Casarin nix: fix machine forked configs 1 year, 2 months ago
                                                                                
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
extra:
{ config, lib, pkgs, ... }:
{
  imports = [
    ./hardware-configuration.nix
    (import ../../misc/msmtp extra)
    (import ./networking extra)
    (import ../../misc/imap-notifier extra)
    (import ./timers extra)
  ];

  environment.systemPackages = with pkgs; [ acpi xorg.xbacklight ];

  virtualisation.docker.enable = true;
  virtualisation.virtualbox.host.enable = false;
  users.extraGroups.vboxusers.members = [ "jb55" ];

  documentation.nixos.enable = false;

  boot.extraModprobeConfig = ''
    options thinkpad_acpi enabled=0
  '';


  # telepathy is a garbage fire
  services.telepathy.enable = false;
  services.zerotierone.enable = false;
  services.mongodb.enable = true;
  services.redis.enable = true;
  services.keybase.enable = true;
  services.mysql.enable = true;
  services.mysql.package = pkgs.mariadb;

  services.xserver.screenSection = ''
    Option "metamodes" "1920x1080 +0+0"
    Option "dpi" "96 x 96"
  '';

  services.xinetd.enable = true;
  services.xinetd.services = [
    { name = "gopher";
      port = 70;
      server = "/var/gopher/in.gophernicus";
      serverArgs = "-nf -r /var/gopher";
      extraConfig = ''
        disable = no
      '';
    }
  ];

  services.xserver.libinput.enable = true;
  services.xserver.config = ''
    Section "InputClass"
      Identifier     "Enable libinput for TrackPoint"
      MatchProduct   "TPPS/2 Elan TrackPoint"
      Driver         "libinput"
      Option         "AccelSpeed" "1"
      Option         "AccelProfile" "flat"
    EndSection

    Section "InputClass"
      Identifier       "Disable TouchPad"
      MatchIsTouchpad  "on"
      Driver           "libinput"
      Option           "Ignore" "true"
    EndSection
  '';


  services.plex = {
    enable = false;
    openFirewall = true;
  };

  services.nginx.enable = true;
  services.nginx.group = "www-data";

  services.nginx.httpConfig = ''
    server {
      listen 80;

      root /var/www/share;

      location / {
        autoindex on;
      }
    }
  '';

  systemd.user.services.clightning-rpc-tunnel = {
    description = "clightning mainnet rpc tunnel";
    wantedBy = [ "default.target" ];
    after    = [ "default.target" ];

    serviceConfig.ExecStart = extra.util.writeBash "lightning-tunnel" ''
      socket=/home/jb55/.lightning-bitcoin-rpc
      rm -f $socket
      ${pkgs.socat}/bin/socat -d -d UNIX-LISTEN:$socket,reuseaddr,fork TCP:10.147.20.220:7878
    '';
  };

  systemd.user.services.clightning-testnet-rpc-tunnel = {
    description = "clightning testnet rpc tunnel";
    wantedBy = [ "default.target" ];
    after    = [ "default.target" ];

    serviceConfig.ExecStart = extra.util.writeBash "lightning-testnet-tunnel" ''
      socket=/home/jb55/.lightning-testnet-rpc
      rm -f $socket
      ${pkgs.socat}/bin/socat -d -d UNIX-LISTEN:$socket,reuseaddr,fork TCP:10.147.20.220:7879
    '';
  };

  systemd.services.blink-led-battery-low = {
    description = "blink power led when battery is low";
    wantedBy = [ "default.target" ];
    after    = [ "default.target" ];

    path = with pkgs; [ gnused acpi ];

    serviceConfig.ExecStart = extra.util.writeBash "battery-power" ''
      set -e

      LED=/sys/class/leds/tpacpi::power
      LED2=/sys/class/leds/tpacpi::kbd_backlight

      # led will start blinking below this battery %
      limit=10

      state=""

      while true
      do
          percent=$(acpi -b | sed -E -n 's/.* ([0-9]+)%.*/\1/p')

          if [ $percent -lt $limit ] && [ "$state" != "heartbeat" ]
          then
              printf "battery %d%% < %d%%, setting heartbeat trigger\n" "$percent" "$limit" >&2
              echo heartbeat > "$LED"/trigger
              echo heartbeat > "$LED2"/trigger
              state="heartbeat"
          elif [ $percent -ge $limit ] && [ "$state" = "heartbeat" ]
          then
              printf "battery %d%% >= %d%%, resetting led trigger\n" "$percent" "$limit" >&2
              echo none > "$LED"/trigger
              echo none > "$LED2"/trigger
              cat "$LED"/max_brightness > "$LED"/brightness
              state=""
          fi
          sleep 10
      done
    '';
  };

  services.hydra.enable = false;
  services.hydra.dbi = "dbi:Pg:dbname=hydra;host=localhost;user=postgres;";
  services.hydra.hydraURL = "localhost";
  services.hydra.notificationSender = "hydra@quiver";
  services.hydra.buildMachinesFiles = [];
  services.hydra.useSubstitutes = true;

  users.extraGroups.hydra.members = [ "jb55" ];
  users.extraGroups.www-data.members = [ "jb55" ];

  # https://github.com/nmikhailov/Validity90  # driver not done yet
  services.fprintd.enable = false;

  services.tor.enable = false;
  services.tor.controlPort = 9051;

  services.autorandr.enable = true;
  services.acpid.enable = false;
  powerManagement.enable = false;

  networking.wireless.enable = true;

  services.postgresql = {
    dataDir = "/var/db/postgresql/10/";
    enable = true;
    package = pkgs.postgresql_10;
    # extraPlugins = with pkgs; [ pgmp ];
    authentication = pkgs.lib.mkForce ''
      # type db  user address            method
      local  all all                     trust
      host   all all  localhost          trust
    '';
    # extraConfig = ''
    #   listen_addresses = '172.24.172.226,127.0.0.1'
    # '';
  };

}