Add hikari3
This commit is contained in:
parent
746e9d3e8a
commit
fa80faefdc
1
.gitattributes
vendored
1
.gitattributes
vendored
|
@ -12,4 +12,5 @@ systems/hikari/files/hosts filter=git-crypt diff=git-crypt
|
||||||
systems/hikari/web-development/projects/customer.nix filter=git-crypt diff=git-crypt
|
systems/hikari/web-development/projects/customer.nix filter=git-crypt diff=git-crypt
|
||||||
systems/hikari3/files/hosts filter=git-crypt diff=git-crypt
|
systems/hikari3/files/hosts filter=git-crypt diff=git-crypt
|
||||||
systems/hikari3/web-development/projects/customer.nix filter=git-crypt diff=git-crypt
|
systems/hikari3/web-development/projects/customer.nix filter=git-crypt diff=git-crypt
|
||||||
|
systems/hikari3/web-development/projects/customer/* filter=git-crypt diff=git-crypt
|
||||||
projects/** filter=git-crypt diff=git-crypt
|
projects/** filter=git-crypt diff=git-crypt
|
||||||
|
|
|
@ -48,6 +48,10 @@ $GLOBALS['TYPO3_CONF_VARS']['BE']['versionNumberInFilename'] = false;
|
||||||
|
|
||||||
$GLOBALS['TYPO3_CONF_VARS']['BE']['installToolPassword'] = '$1$eItwKedf$13XVDVlAwXXMvO4DKw/YQ0';
|
$GLOBALS['TYPO3_CONF_VARS']['BE']['installToolPassword'] = '$1$eItwKedf$13XVDVlAwXXMvO4DKw/YQ0';
|
||||||
|
|
||||||
|
if (getenv('GIT_PATH')) {
|
||||||
|
$GLOBALS['TYPO3_CONF_VARS']['SYS']['binSetup'] = 'git=' . getenv('GIT_PATH') . '/git';
|
||||||
|
}
|
||||||
|
|
||||||
$GLOBALS['TYPO3_CONF_VARS']['SYS']['sitename'] = '*.localhost DEVELOPMENT';
|
$GLOBALS['TYPO3_CONF_VARS']['SYS']['sitename'] = '*.localhost DEVELOPMENT';
|
||||||
if (isset($GLOBALS['_SERVER']['HTTP_HOST'])) {
|
if (isset($GLOBALS['_SERVER']['HTTP_HOST'])) {
|
||||||
$GLOBALS['TYPO3_CONF_VARS']['SYS']['sitename'] = $GLOBALS['_SERVER']['HTTP_HOST'] . ' DEVELOPMENT';
|
$GLOBALS['TYPO3_CONF_VARS']['SYS']['sitename'] = $GLOBALS['_SERVER']['HTTP_HOST'] . ' DEVELOPMENT';
|
||||||
|
|
|
@ -1,7 +1,6 @@
|
||||||
{
|
{
|
||||||
config
|
config
|
||||||
,pkgs
|
,pkgs
|
||||||
,hostName
|
|
||||||
,...
|
,...
|
||||||
}:
|
}:
|
||||||
|
|
||||||
|
@ -84,9 +83,7 @@ in {
|
||||||
|
|
||||||
TYPO3_CONTEXT = "Development/dsiepmann";
|
TYPO3_CONTEXT = "Development/dsiepmann";
|
||||||
TYPO3_ADDITIONAL_CONFIGURATION = "${config.xdg.dataHome}/typo3-configuration/AdditionalConfiguration.inc.php";
|
TYPO3_ADDITIONAL_CONFIGURATION = "${config.xdg.dataHome}/typo3-configuration/AdditionalConfiguration.inc.php";
|
||||||
} // (if hostName == "hikari" then {
|
};
|
||||||
} else {
|
|
||||||
});
|
|
||||||
|
|
||||||
shellAliases = {
|
shellAliases = {
|
||||||
ll = "ls -laphv --color=auto";
|
ll = "ls -laphv --color=auto";
|
||||||
|
|
|
@ -81,7 +81,7 @@
|
||||||
unzip
|
unzip
|
||||||
|
|
||||||
gtk-engine-murrine
|
gtk-engine-murrine
|
||||||
] ++ (if hostName == "hikari" then [
|
] ++ (if hostName == "hikari2" then [
|
||||||
# hikari
|
# hikari
|
||||||
|
|
||||||
acpilight # Used to support xbacklight
|
acpilight # Used to support xbacklight
|
||||||
|
@ -91,6 +91,10 @@
|
||||||
# Needs to be installed by ubuntu on ubuntu, therefore only add on hikari
|
# Needs to be installed by ubuntu on ubuntu, therefore only add on hikari
|
||||||
sound-juicer
|
sound-juicer
|
||||||
|
|
||||||
|
] else (if hostName == "hikari3" then [
|
||||||
|
# hikari 3
|
||||||
|
(callPackage ./packages/custom/update-nixos-system { })
|
||||||
|
(callPackage ./packages/custom/vpn-reuter-dynamics { })
|
||||||
] else [
|
] else [
|
||||||
# hikari 2
|
# hikari 2
|
||||||
|
|
||||||
|
@ -98,5 +102,5 @@
|
||||||
# TODO: Right now only for Ubuntu (hikari2) system
|
# TODO: Right now only for Ubuntu (hikari2) system
|
||||||
(callPackage ./packages/custom/backup { })
|
(callPackage ./packages/custom/backup { })
|
||||||
(callPackage ./packages/custom/vpn-reuter-dynamics { })
|
(callPackage ./packages/custom/vpn-reuter-dynamics { })
|
||||||
]);
|
]));
|
||||||
}
|
}
|
||||||
|
|
|
@ -7,8 +7,8 @@
|
||||||
|
|
||||||
let
|
let
|
||||||
|
|
||||||
positionOfCustomerName = if hostName == "hikari" then "5" else "7";
|
positionOfCustomerName = if hostName == "hikari" then "5" else "6";
|
||||||
mysqlUser = if hostName == "hikari" then "-u daniels" else "";
|
mysqlUser = if hostName == "hikari2" then "" else "-u daniels";
|
||||||
|
|
||||||
in writeShellApplication {
|
in writeShellApplication {
|
||||||
name = "custom-project";
|
name = "custom-project";
|
||||||
|
|
|
@ -12,6 +12,10 @@ writeShellApplication {
|
||||||
gzip
|
gzip
|
||||||
];
|
];
|
||||||
|
|
||||||
|
# It might be necessary to execute:
|
||||||
|
# s/utf8mb4_0900_ai_ci/utf8mb4_unicode_520_ci/g
|
||||||
|
# As MariaDB has other collations as MySQL
|
||||||
|
|
||||||
text = ''
|
text = ''
|
||||||
zcat "$1" | pv -s "$(gzip -dc "$1" | wc -c)"
|
zcat "$1" | pv -s "$(gzip -dc "$1" | wc -c)"
|
||||||
'';
|
'';
|
||||||
|
|
|
@ -11,11 +11,13 @@
|
||||||
let
|
let
|
||||||
inherit(config.xsession.windowManager.i3.config) modifier;
|
inherit(config.xsession.windowManager.i3.config) modifier;
|
||||||
|
|
||||||
soundSwitcherForHikari2 = if hostName == "hikari" then "" else "-D pulse";
|
soundSwitcher = if hostName == "hikari2" then "-D pulse" else "";
|
||||||
keyboardBrightnessDevice = if hostName == "hikari" then "--device smc::kbd_backlight" else "";
|
keyboardBrightnessDevice = if hostName == "hikari" then "--device smc::kbd_backlight" else "";
|
||||||
displayBrightnessDevice = if hostName == "hikari" then "--device acpi_video0" else "";
|
displayBrightnessDevice = if hostName == "hikari" then "--device acpi_video0" else "";
|
||||||
displayBuiltInOutput = if hostName == "hikari" then "eDP-1" else "eDP1";
|
displayBuiltInOutput = if hostName == "hikari1" then "eDPI" else "eDP-1";
|
||||||
displayDefaults = if hostName == "hikari" then "--output ${displayBuiltInOutput} --mode 1366x768 --scale 1.25x1.25" else "";
|
displayDefaults = if hostName == "hikari" then "--output ${displayBuiltInOutput} --mode 1366x768 --scale 1.25x1.25" else (
|
||||||
|
if hostName == "hikari3" then "--output ${displayBuiltInOutput} --scale 0.75x0.75" else ""
|
||||||
|
);
|
||||||
in {
|
in {
|
||||||
xsession.windowManager.i3 = {
|
xsession.windowManager.i3 = {
|
||||||
enable = true;
|
enable = true;
|
||||||
|
@ -300,9 +302,9 @@ in {
|
||||||
"XF86AudioPlay" = "exec cmus-remote --pause";
|
"XF86AudioPlay" = "exec cmus-remote --pause";
|
||||||
"XF86AudioPrev" = "exec cmus-remote --prev";
|
"XF86AudioPrev" = "exec cmus-remote --prev";
|
||||||
"XF86AudioNext" = "exec cmus-remote --next";
|
"XF86AudioNext" = "exec cmus-remote --next";
|
||||||
"XF86AudioMute" = "exec \"amixer ${soundSwitcherForHikari2} sset Master 0\"";
|
"XF86AudioMute" = "exec \"amixer ${soundSwitcher} -q set Master toggle\"";
|
||||||
"XF86AudioRaiseVolume" = "exec \"amixer ${soundSwitcherForHikari2} sset Master 5%+\"";
|
"XF86AudioRaiseVolume" = "exec \"amixer ${soundSwitcher} sset Master 5%+\"";
|
||||||
"XF86AudioLowerVolume" = "exec \"amixer ${soundSwitcherForHikari2} sset Master 5%-\"";
|
"XF86AudioLowerVolume" = "exec \"amixer ${soundSwitcher} sset Master 5%-\"";
|
||||||
|
|
||||||
# Switch sound device:
|
# Switch sound device:
|
||||||
# https://askubuntu.com/a/72076/491377
|
# https://askubuntu.com/a/72076/491377
|
||||||
|
@ -362,7 +364,8 @@ in {
|
||||||
displays = {
|
displays = {
|
||||||
"a" = "exec xrandr --auto ${displayDefaults} && ${pkgs.brightnessctl}/bin/brightnessctl --device ${displayBrightnessDevice} s 10;";
|
"a" = "exec xrandr --auto ${displayDefaults} && ${pkgs.brightnessctl}/bin/brightnessctl --device ${displayBrightnessDevice} s 10;";
|
||||||
"e" = "exec xrandr --auto --output ${displayBuiltInOutput} --off";
|
"e" = "exec xrandr --auto --output ${displayBuiltInOutput} --off";
|
||||||
"h" = "exec xrandr --output ${displayBuiltInOutput} --off --output DP1 --scale 1x1 --mode 2560x1440";
|
|
||||||
|
"h" = if hostName == "hikari3" then "exec xrandr --output ${displayBuiltInOutput} --off --output DP-3 --scale 1x1 --mode 2560x1440" else "exec xrandr --output ${displayBuiltInOutput} --off --output DP1 --scale 1x1 --mode 2560x1440";
|
||||||
"o" = "exec xrandr --output DP2 --primary --mode 3840x2160 --scale 0.65x0.65 --output ${displayBuiltInOutput} --off";
|
"o" = "exec xrandr --output DP2 --primary --mode 3840x2160 --scale 0.65x0.65 --output ${displayBuiltInOutput} --off";
|
||||||
|
|
||||||
# Mirror
|
# Mirror
|
||||||
|
|
|
@ -13,7 +13,7 @@ let
|
||||||
xinput --set-prop bcm5974 'libinput Natural Scrolling Enabled' 1
|
xinput --set-prop bcm5974 'libinput Natural Scrolling Enabled' 1
|
||||||
'';
|
'';
|
||||||
initExtraHikari2 = ''
|
initExtraHikari2 = ''
|
||||||
xrandr --auto --brightness 1
|
xrandr --auto --output eDP-1 --brightness 1
|
||||||
|
|
||||||
# Enable tapping instead of phsyical click
|
# Enable tapping instead of phsyical click
|
||||||
xinput --set-prop 'DELL07E6:00 06CB:76AF Touchpad' 'libinput Tapping Enabled' 1
|
xinput --set-prop 'DELL07E6:00 06CB:76AF Touchpad' 'libinput Tapping Enabled' 1
|
||||||
|
@ -21,13 +21,19 @@ let
|
||||||
# Use natural scrolling for trackpad
|
# Use natural scrolling for trackpad
|
||||||
xinput --set-prop 'DELL07E6:00 06CB:76AF Touchpad' 'libinput Natural Scrolling Enabled' 1
|
xinput --set-prop 'DELL07E6:00 06CB:76AF Touchpad' 'libinput Natural Scrolling Enabled' 1
|
||||||
'';
|
'';
|
||||||
|
initExtraHikari3 = ''
|
||||||
|
xrandr --auto --output eDP-1 --brightness 1
|
||||||
|
|
||||||
|
# Use natural scrolling for trackpad
|
||||||
|
xinput --set-prop 'PIXA3854:00 093A:0274 Touchpad' 'libinput Natural Scrolling Enabled' 1
|
||||||
|
'';
|
||||||
in {
|
in {
|
||||||
xsession = {
|
xsession = {
|
||||||
enable = true;
|
enable = true;
|
||||||
|
|
||||||
numlock.enable = true;
|
numlock.enable = true;
|
||||||
|
|
||||||
initExtra = (if hostName == "hikari" then initExtraHikari else initExtraHikari2) + ''
|
initExtra = (if hostName == "hikari" then initExtraHikari else (if hostName == "hikari3" then initExtraHikari3 else initExtraHikari2)) + ''
|
||||||
# Set backlight of output
|
# Set backlight of output
|
||||||
xbacklight -set 25
|
xbacklight -set 25
|
||||||
|
|
||||||
|
|
|
@ -18,7 +18,6 @@ in {
|
||||||
./projects/private.nix
|
./projects/private.nix
|
||||||
./projects/service-wrapper.nix
|
./projects/service-wrapper.nix
|
||||||
./projects/typo3.nix
|
./projects/typo3.nix
|
||||||
./projects/customer.nix
|
|
||||||
|
|
||||||
];
|
];
|
||||||
|
|
||||||
|
|
13
systems/hikari3/cachix.nix
Normal file
13
systems/hikari3/cachix.nix
Normal file
|
@ -0,0 +1,13 @@
|
||||||
|
|
||||||
|
# WARN: this file will get overwritten by $ cachix use <name>
|
||||||
|
{ pkgs, lib, ... }:
|
||||||
|
|
||||||
|
let
|
||||||
|
folder = ./cachix;
|
||||||
|
toImport = name: value: folder + ("/" + name);
|
||||||
|
filterCaches = key: value: value == "regular" && lib.hasSuffix ".nix" key;
|
||||||
|
imports = lib.mapAttrsToList toImport (lib.filterAttrs filterCaches (builtins.readDir folder));
|
||||||
|
in {
|
||||||
|
inherit imports;
|
||||||
|
nix.settings.substituters = ["https://cache.nixos.org/"];
|
||||||
|
}
|
13
systems/hikari3/cachix/fossar.nix
Normal file
13
systems/hikari3/cachix/fossar.nix
Normal file
|
@ -0,0 +1,13 @@
|
||||||
|
|
||||||
|
{
|
||||||
|
nix = {
|
||||||
|
settings = {
|
||||||
|
substituters = [
|
||||||
|
"https://fossar.cachix.org"
|
||||||
|
];
|
||||||
|
trusted-public-keys = [
|
||||||
|
"fossar.cachix.org-1:Zv6FuqIboeHPWQS7ysLCJ7UT7xExb4OE8c4LyGb5AsE="
|
||||||
|
];
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
146
systems/hikari3/configuration.nix
Normal file
146
systems/hikari3/configuration.nix
Normal file
|
@ -0,0 +1,146 @@
|
||||||
|
# Edit this configuration file to define what should be installed on
|
||||||
|
# your system. help is available in the configuration.nix(5) man page
|
||||||
|
# and in the NixOS manual (accessible by running ‘nixos-help’).
|
||||||
|
|
||||||
|
{ config, pkgs, ... }:
|
||||||
|
|
||||||
|
{
|
||||||
|
imports = [
|
||||||
|
./hardware-configuration.nix
|
||||||
|
|
||||||
|
./cachix.nix
|
||||||
|
|
||||||
|
./web-development
|
||||||
|
];
|
||||||
|
|
||||||
|
# Bootloader.
|
||||||
|
boot = {
|
||||||
|
loader = {
|
||||||
|
systemd-boot.enable = true;
|
||||||
|
efi.canTouchEfiVariables = true;
|
||||||
|
};
|
||||||
|
|
||||||
|
initrd.luks.devices."luks-ac06ecd4-7548-4807-a9c9-a616f8219e5f".device = "/dev/disk/by-uuid/ac06ecd4-7548-4807-a9c9-a616f8219e5f";
|
||||||
|
};
|
||||||
|
networking = {
|
||||||
|
hostName = "hikari3";
|
||||||
|
extraHosts = builtins.readFile ./files/hosts;
|
||||||
|
# wireless.enable = true; # Enables wireless support via wpa_supplicant.
|
||||||
|
|
||||||
|
# Configure network proxy if necessary
|
||||||
|
# proxy.default = "http://user:password@proxy:port/";
|
||||||
|
# proxy.noProxy = "127.0.0.1,localhost,internal.domain";
|
||||||
|
|
||||||
|
# Enable networking
|
||||||
|
networkmanager.enable = true;
|
||||||
|
};
|
||||||
|
|
||||||
|
# Set your time zone.
|
||||||
|
time.timeZone = "Europe/Berlin";
|
||||||
|
|
||||||
|
# Select internationalisation properties.
|
||||||
|
i18n = {
|
||||||
|
defaultLocale = "en_US.UTF-8";
|
||||||
|
|
||||||
|
extraLocaleSettings = {
|
||||||
|
LC_ADDRESS = "de_DE.UTF-8";
|
||||||
|
LC_IDENTIFICATION = "de_DE.UTF-8";
|
||||||
|
LC_MEASUREMENT = "de_DE.UTF-8";
|
||||||
|
LC_MONETARY = "de_DE.UTF-8";
|
||||||
|
LC_NAME = "de_DE.UTF-8";
|
||||||
|
LC_NUMERIC = "de_DE.UTF-8";
|
||||||
|
LC_PAPER = "de_DE.UTF-8";
|
||||||
|
LC_TELEPHONE = "de_DE.UTF-8";
|
||||||
|
LC_TIME = "de_DE.UTF-8";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
documentation = {
|
||||||
|
dev.enable = false;
|
||||||
|
doc.enable = false;
|
||||||
|
info.enable = false;
|
||||||
|
man.enable = true;
|
||||||
|
nixos.enable = true;
|
||||||
|
};
|
||||||
|
|
||||||
|
programs = {
|
||||||
|
# Enable network manager applet
|
||||||
|
nm-applet.enable = true;
|
||||||
|
dconf.enable = true;
|
||||||
|
};
|
||||||
|
|
||||||
|
services = {
|
||||||
|
# Enable the X11 windowing system.
|
||||||
|
xserver = {
|
||||||
|
enable = true;
|
||||||
|
displayManager.lightdm.enable = true;
|
||||||
|
desktopManager.lxqt.enable = true;
|
||||||
|
|
||||||
|
# Configure keymap in X11
|
||||||
|
xkb = {
|
||||||
|
layout = "us";
|
||||||
|
variant = "";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
# Enable automatic login for the user.
|
||||||
|
displayManager.autoLogin = {
|
||||||
|
enable = true;
|
||||||
|
user = "daniels";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
# Enable sound with pipewire.
|
||||||
|
sound.enable = true;
|
||||||
|
# sound.mediaKeys.enable = true;
|
||||||
|
hardware.pulseaudio.enable = false;
|
||||||
|
security.rtkit.enable = true;
|
||||||
|
services.pipewire = {
|
||||||
|
enable = true;
|
||||||
|
alsa.enable = true;
|
||||||
|
alsa.support32Bit = true;
|
||||||
|
pulse.enable = true;
|
||||||
|
};
|
||||||
|
|
||||||
|
# Define a user account. Don't forget to set a password with ‘passwd’.
|
||||||
|
users.users.daniels = {
|
||||||
|
isNormalUser = true;
|
||||||
|
description = "Daniel Siepmann";
|
||||||
|
extraGroups = [ "networkmanager" "wheel" ];
|
||||||
|
packages = with pkgs; [
|
||||||
|
i3lock
|
||||||
|
xsel
|
||||||
|
];
|
||||||
|
};
|
||||||
|
|
||||||
|
virtualisation.containers = {
|
||||||
|
enable = true;
|
||||||
|
};
|
||||||
|
|
||||||
|
# List packages installed in system profile. To search, run:
|
||||||
|
# $ nix search wget
|
||||||
|
environment.systemPackages = with pkgs; [
|
||||||
|
vim # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default.
|
||||||
|
git
|
||||||
|
xorg.xbacklight
|
||||||
|
openfortivpn
|
||||||
|
lxqt.pavucontrol-qt
|
||||||
|
];
|
||||||
|
|
||||||
|
environment.variables = {
|
||||||
|
EDITOR = "vim";
|
||||||
|
};
|
||||||
|
|
||||||
|
security = {
|
||||||
|
sudo.execWheelOnly = true;
|
||||||
|
};
|
||||||
|
|
||||||
|
# This value determines the NixOS release from which the default
|
||||||
|
# settings for stateful data, like file locations and database versions
|
||||||
|
# on your system were taken. It‘s perfectly fine and recommended to leave
|
||||||
|
# this value at the release version of the first install of this system.
|
||||||
|
# Before changing this value read the documentation for this option
|
||||||
|
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
|
||||||
|
system.stateVersion = "23.11"; # Did you read the comment?
|
||||||
|
|
||||||
|
}
|
BIN
systems/hikari3/files/hosts
Normal file
BIN
systems/hikari3/files/hosts
Normal file
Binary file not shown.
48
systems/hikari3/hardware-configuration.nix
Normal file
48
systems/hikari3/hardware-configuration.nix
Normal file
|
@ -0,0 +1,48 @@
|
||||||
|
# Do not modify this file! It was generated by ‘nixos-generate-config’
|
||||||
|
# and may be overwritten by future invocations. Please make changes
|
||||||
|
# to /etc/nixos/configuration.nix instead.
|
||||||
|
{ config, lib, pkgs, modulesPath, ... }:
|
||||||
|
|
||||||
|
{
|
||||||
|
imports = [
|
||||||
|
<nixos-hardware/framework/13-inch/7040-amd>
|
||||||
|
(modulesPath + "/installer/scan/not-detected.nix")
|
||||||
|
];
|
||||||
|
|
||||||
|
boot = {
|
||||||
|
initrd = {
|
||||||
|
availableKernelModules = [ "nvme" "xhci_pci" "thunderbolt" "usb_storage" "uas" "sd_mod" ];
|
||||||
|
kernelModules = [ ];
|
||||||
|
};
|
||||||
|
kernelModules = [ "kvm-amd" ];
|
||||||
|
extraModulePackages = [ ];
|
||||||
|
};
|
||||||
|
|
||||||
|
fileSystems."/" = {
|
||||||
|
device = "/dev/disk/by-uuid/dd7cefcc-8920-4c3d-9559-962a3a584498";
|
||||||
|
fsType = "ext4";
|
||||||
|
};
|
||||||
|
|
||||||
|
boot.initrd.luks.devices."luks-ddc87566-6172-4909-987e-8600b96a41c2".device = "/dev/disk/by-uuid/ddc87566-6172-4909-987e-8600b96a41c2";
|
||||||
|
|
||||||
|
fileSystems."/boot" = {
|
||||||
|
device = "/dev/disk/by-uuid/E402-2F77";
|
||||||
|
fsType = "vfat";
|
||||||
|
options = [ "fmask=0022" "dmask=0022" ];
|
||||||
|
};
|
||||||
|
|
||||||
|
swapDevices = [
|
||||||
|
{ device = "/dev/disk/by-uuid/877afecd-5cdb-452d-82d2-2fb0823d2879"; }
|
||||||
|
];
|
||||||
|
|
||||||
|
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
|
||||||
|
# (the default) this is the recommended approach. When using systemd-networkd it's
|
||||||
|
# still possible to use this option, but it's recommended to use it in conjunction
|
||||||
|
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
|
||||||
|
networking.useDHCP = lib.mkDefault true;
|
||||||
|
# networking.interfaces.enp193s0f3u2.useDHCP = lib.mkDefault true;
|
||||||
|
# networking.interfaces.wlp1s0.useDHCP = lib.mkDefault true;
|
||||||
|
|
||||||
|
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
|
||||||
|
hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
|
||||||
|
}
|
35
systems/hikari3/readme.rst
Normal file
35
systems/hikari3/readme.rst
Normal file
|
@ -0,0 +1,35 @@
|
||||||
|
nixos for hikari
|
||||||
|
================
|
||||||
|
|
||||||
|
Hikari is my old MacBook Air.
|
||||||
|
It runs NixOS.
|
||||||
|
|
||||||
|
I'm using that machine to migrate my existing Ubuntu Setup to NixOS in order to replace Ubuntu in the future.
|
||||||
|
And I use this Setup for my personal use.
|
||||||
|
|
||||||
|
Installation
|
||||||
|
------------
|
||||||
|
|
||||||
|
Update to nixpkgs unstable via:
|
||||||
|
|
||||||
|
nix-channel --add https://nixos.org/channels/nixos-unstable nixos
|
||||||
|
nix-channel --update
|
||||||
|
|
||||||
|
See: https://nixos.wiki/wiki/Nix_channels
|
||||||
|
|
||||||
|
I also need older php versions:
|
||||||
|
|
||||||
|
nix-channel --add https://github.com/fossar/nix-phps/archive/master.tar.gz phps
|
||||||
|
nix-channel --update
|
||||||
|
|
||||||
|
Add hardware channel:
|
||||||
|
|
||||||
|
nix-channel --add https://github.com/NixOS/nixos-hardware/archive/master.tar.gz nixos-hardware
|
||||||
|
nix-channel --update
|
||||||
|
|
||||||
|
See: https://github.com/NixOS/nixos-hardware
|
||||||
|
|
||||||
|
TODOs
|
||||||
|
-----
|
||||||
|
|
||||||
|
* Add docker-compose for Elasticsearch, proxy, solr.
|
134
systems/hikari3/web-development/default.nix
Normal file
134
systems/hikari3/web-development/default.nix
Normal file
|
@ -0,0 +1,134 @@
|
||||||
|
{ pkgs, config, lib, ... }:
|
||||||
|
|
||||||
|
let
|
||||||
|
|
||||||
|
mysqlEnsurePermissionsForDevUser = builtins.listToAttrs (
|
||||||
|
map (databaseName: {
|
||||||
|
name = "${databaseName}.*";
|
||||||
|
value = "ALL PRIVILEGES";
|
||||||
|
})
|
||||||
|
config.custom.web-development.databases
|
||||||
|
);
|
||||||
|
|
||||||
|
in {
|
||||||
|
imports = [
|
||||||
|
|
||||||
|
./lib/mkcert.nix
|
||||||
|
|
||||||
|
./projects/service-wrapper.nix
|
||||||
|
./projects/typo3.nix
|
||||||
|
./projects/customer/sa-sa.nix
|
||||||
|
./projects/customer/reu-reu.nix
|
||||||
|
./projects/customer/wm-interdaf.nix
|
||||||
|
./projects/customer/wm-sozio.nix
|
||||||
|
|
||||||
|
];
|
||||||
|
|
||||||
|
options = {
|
||||||
|
|
||||||
|
custom.web-development = {
|
||||||
|
rootPath = lib.mkOption {
|
||||||
|
type = lib.types.path;
|
||||||
|
default = "/var/projects";
|
||||||
|
description = ''
|
||||||
|
The root folder where web development happens.
|
||||||
|
All Projects need to be placed within this folder.
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
databases = lib.mkOption {
|
||||||
|
type = lib.types.listOf lib.types.nonEmptyStr;
|
||||||
|
default = [];
|
||||||
|
example = lib.literalExpression "[namespace_project namespace2_project1]";
|
||||||
|
description = ''
|
||||||
|
A list of all necessary databases.
|
||||||
|
Used to create the databases and grant permissions.
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
};
|
||||||
|
|
||||||
|
config = {
|
||||||
|
|
||||||
|
services = {
|
||||||
|
httpd = {
|
||||||
|
enable = true;
|
||||||
|
|
||||||
|
user = "daniels";
|
||||||
|
|
||||||
|
adminAddr = "apache@hikari.localhost";
|
||||||
|
|
||||||
|
extraModules = [
|
||||||
|
"info"
|
||||||
|
"rewrite"
|
||||||
|
"proxy"
|
||||||
|
"proxy_fcgi"
|
||||||
|
];
|
||||||
|
|
||||||
|
virtualHosts."localhost".locations."/server-info" = {
|
||||||
|
extraConfig = ''
|
||||||
|
SetHandler server-info
|
||||||
|
Require local
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
mysql = {
|
||||||
|
enable = true;
|
||||||
|
|
||||||
|
package = pkgs.mariadb;
|
||||||
|
|
||||||
|
ensureUsers = [
|
||||||
|
{
|
||||||
|
name = "daniels";
|
||||||
|
ensurePermissions = {
|
||||||
|
"*.*" = "ALL PRIVILEGES";
|
||||||
|
};
|
||||||
|
}
|
||||||
|
{
|
||||||
|
# INITIALLY once change dev user to be identified by password
|
||||||
|
# alter user dev@localhost IDENTIFIED VIA mysql_native_password USING PASSWORD('dev');
|
||||||
|
name = "testing";
|
||||||
|
ensurePermissions = {
|
||||||
|
"*.*" = "ALL PRIVILEGES";
|
||||||
|
};
|
||||||
|
}
|
||||||
|
{
|
||||||
|
# INITIALLY once change dev user to be identified by password
|
||||||
|
# alter user dev@localhost IDENTIFIED VIA mysql_native_password USING PASSWORD('dev');
|
||||||
|
name = "dev";
|
||||||
|
ensurePermissions = mysqlEnsurePermissionsForDevUser;
|
||||||
|
}
|
||||||
|
];
|
||||||
|
|
||||||
|
ensureDatabases = [
|
||||||
|
"testing" # Used by TYPO3 functional tests
|
||||||
|
"testing_at" # Used by TYPO3 Acceptance tests
|
||||||
|
] ++ config.custom.web-development.databases;
|
||||||
|
|
||||||
|
settings = {
|
||||||
|
mysqld = {
|
||||||
|
# sql_mode = "SRTICT_TRANS_TABLES;NO_ZERO_IN_DATE;NO_ZERO_DATE;ERROR_FOR_DIVISION_BY_ZERO;NO_ENGINE_SUBSTITUTION";
|
||||||
|
general_log = true;
|
||||||
|
general_log_file = "/var/lib/mysql/query.log";
|
||||||
|
|
||||||
|
# slow_query_log = true;
|
||||||
|
# slow_query_log_file = "/var/lib/mysql/slow_query.log";
|
||||||
|
# long_query_time = 1;
|
||||||
|
|
||||||
|
bind-address = "127.0.0.1";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
systemd.tmpfiles.rules = [
|
||||||
|
# TODO: Improve handling of TYPO3 global configuration
|
||||||
|
# Current issue: The files are copied once.
|
||||||
|
# Changes are not reflected until reboot?
|
||||||
|
# I can edit the copied files, but need to keep files in sync.
|
||||||
|
"C ${config.custom.web-development.rootPath}/own/typo3-configuration - - - - ${config.users.users.daniels.home}/.config/nixpkgs/home/files/typo3-configuration"
|
||||||
|
];
|
||||||
|
|
||||||
|
};
|
||||||
|
}
|
30
systems/hikari3/web-development/lib/create-static.nix
Normal file
30
systems/hikari3/web-development/lib/create-static.nix
Normal file
|
@ -0,0 +1,30 @@
|
||||||
|
{
|
||||||
|
config
|
||||||
|
, domain
|
||||||
|
, relativeDocumentRoot
|
||||||
|
}:
|
||||||
|
|
||||||
|
let
|
||||||
|
documentRoot = "${config.custom.web-development.rootPath}/${relativeDocumentRoot}";
|
||||||
|
in {
|
||||||
|
services = {
|
||||||
|
|
||||||
|
httpd.virtualHosts.${domain} = {
|
||||||
|
forceSSL = true;
|
||||||
|
sslServerCert = "${config.custom.web-development.certFolder}${domain}.pem";
|
||||||
|
sslServerKey = "${config.custom.web-development.certFolder}${domain}-key.pem";
|
||||||
|
|
||||||
|
inherit documentRoot;
|
||||||
|
|
||||||
|
extraConfig = ''
|
||||||
|
<Directory ${documentRoot}>
|
||||||
|
AllowOverride All
|
||||||
|
Require all granted
|
||||||
|
Options MultiViews Indexes SymLinksIfOwnerMatch IncludesNoExec
|
||||||
|
DirectoryIndex index.html Index.html
|
||||||
|
</Directory>
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
|
||||||
|
};
|
||||||
|
}
|
129
systems/hikari3/web-development/lib/create-typo3.nix
Normal file
129
systems/hikari3/web-development/lib/create-typo3.nix
Normal file
|
@ -0,0 +1,129 @@
|
||||||
|
{
|
||||||
|
config
|
||||||
|
, lib
|
||||||
|
, pkgs
|
||||||
|
, domain
|
||||||
|
, relativeDocumentRoot
|
||||||
|
, databaseName
|
||||||
|
, php
|
||||||
|
}:
|
||||||
|
|
||||||
|
let
|
||||||
|
|
||||||
|
documentRoot = "${config.custom.web-development.rootPath}/${relativeDocumentRoot}";
|
||||||
|
|
||||||
|
phpPackage = php.buildEnv {
|
||||||
|
extensions = { enabled, all }: enabled ++ (with all; [
|
||||||
|
xdebug
|
||||||
|
]);
|
||||||
|
extraConfig = ''
|
||||||
|
max_execution_time = 240
|
||||||
|
max_input_vars = 1500
|
||||||
|
|
||||||
|
display_errors = 1
|
||||||
|
error_reporting = E_ALL
|
||||||
|
|
||||||
|
xdebug.mode = debug
|
||||||
|
xdebug.max_nesting_level = 400
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
|
||||||
|
in {
|
||||||
|
custom.web-development = {
|
||||||
|
|
||||||
|
databases = [databaseName];
|
||||||
|
|
||||||
|
};
|
||||||
|
|
||||||
|
services = {
|
||||||
|
|
||||||
|
httpd.virtualHosts.${domain} = {
|
||||||
|
forceSSL = true;
|
||||||
|
sslServerCert = "${config.custom.web-development.certFolder}${domain}.pem";
|
||||||
|
sslServerKey = "${config.custom.web-development.certFolder}${domain}-key.pem";
|
||||||
|
|
||||||
|
inherit documentRoot;
|
||||||
|
|
||||||
|
extraConfig = ''
|
||||||
|
<Directory ${documentRoot}>
|
||||||
|
AllowOverride None
|
||||||
|
Require all granted
|
||||||
|
DirectoryIndex index.php
|
||||||
|
|
||||||
|
RewriteEngine On
|
||||||
|
|
||||||
|
# Store the current location in an environment variable CWD to use
|
||||||
|
# mod_rewrite in .htaccess files without knowing the RewriteBase
|
||||||
|
RewriteCond $0#%{REQUEST_URI} ([^#]*)#(.*)\1$
|
||||||
|
RewriteRule ^.*$ - [E=CWD:%2]
|
||||||
|
|
||||||
|
# Rule for versioned static files, configured through:
|
||||||
|
# - $GLOBALS['TYPO3_CONF_VARS']['BE']['versionNumberInFilename']
|
||||||
|
# - $GLOBALS['TYPO3_CONF_VARS']['FE']['versionNumberInFilename']
|
||||||
|
# IMPORTANT: This rule has to be the very first RewriteCond in order to work!
|
||||||
|
RewriteCond %{REQUEST_FILENAME} !-f
|
||||||
|
RewriteCond %{REQUEST_FILENAME} !-d
|
||||||
|
RewriteRule ^(.+)\.(\d+)\.(php|js|css|png|jpg|gif|gzip)$ %{ENV:CWD}$1.$3 [L]
|
||||||
|
|
||||||
|
# Access block for folders
|
||||||
|
RewriteRule _(?:recycler|temp)_/ - [F]
|
||||||
|
RewriteRule fileadmin/templates/.*\.(?:txt|ts)$ - [F]
|
||||||
|
RewriteRule ^(?:vendor|typo3_src|typo3temp/var) - [F]
|
||||||
|
RewriteRule (?:typo3conf/ext|typo3/sysext|typo3/ext)/[^/]+/(?:Configuration|Resources/Private|Tests?|Documentation|docs?)/ - [F]
|
||||||
|
|
||||||
|
# Block access to all hidden files and directories with the exception of
|
||||||
|
# the visible content from within the `/.well-known/` hidden directory (RFC 5785).
|
||||||
|
RewriteCond %{REQUEST_URI} "!(^|/)\.well-known/([^./]+./?)+$" [NC]
|
||||||
|
RewriteCond %{SCRIPT_FILENAME} -d [OR]
|
||||||
|
RewriteCond %{SCRIPT_FILENAME} -f
|
||||||
|
RewriteRule (?:^|/)\. - [F]
|
||||||
|
|
||||||
|
# Stop rewrite processing, if we are in any other known directory
|
||||||
|
# NOTE: Add your additional local storages here
|
||||||
|
RewriteRule ^(?:fileadmin/|typo3conf/|typo3temp/|uploads/) - [L]
|
||||||
|
|
||||||
|
# If the file/symlink/directory does not exist but is below /typo3/, redirect to the TYPO3 Backend entry point.
|
||||||
|
RewriteCond %{REQUEST_FILENAME} !-f
|
||||||
|
RewriteCond %{REQUEST_FILENAME} !-d
|
||||||
|
RewriteCond %{REQUEST_FILENAME} !-l
|
||||||
|
RewriteCond %{REQUEST_URI} ^/typo3/.*$
|
||||||
|
RewriteRule ^typo3/(.*)$ %{ENV:CWD}typo3/index.php [QSA,L]
|
||||||
|
|
||||||
|
# If the file/symlink/directory does not exist => Redirect to index.php.
|
||||||
|
# For httpd.conf, you need to prefix each '%{REQUEST_FILENAME}' with '%{DOCUMENT_ROOT}'.
|
||||||
|
RewriteCond %{REQUEST_FILENAME} !-f
|
||||||
|
RewriteCond %{REQUEST_FILENAME} !-d
|
||||||
|
RewriteCond %{REQUEST_FILENAME} !-l
|
||||||
|
RewriteRule ^.*$ %{ENV:CWD}index.php [QSA,L]
|
||||||
|
</Directory>
|
||||||
|
|
||||||
|
<FilesMatch "\.php$">
|
||||||
|
SetHandler "proxy:unix:${config.services.phpfpm.pools."${domain}".socket}|fcgi://${domain}/"
|
||||||
|
</FilesMatch>
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
|
||||||
|
phpfpm.pools.${domain} = {
|
||||||
|
inherit (config.services.httpd) user group;
|
||||||
|
inherit phpPackage;
|
||||||
|
|
||||||
|
settings = {
|
||||||
|
"listen.owner" = config.services.httpd.user;
|
||||||
|
"listen.group" = config.services.httpd.group;
|
||||||
|
"pm" = "ondemand";
|
||||||
|
"pm.max_children" = 15;
|
||||||
|
};
|
||||||
|
|
||||||
|
phpEnv = {
|
||||||
|
TYPO3_ADDITIONAL_CONFIGURATION = "/var/projects/own/typo3-configuration/AdditionalConfiguration.inc.php";
|
||||||
|
TYPO3_DATABASE = databaseName;
|
||||||
|
TYPO3_CONTEXT = "Development/dsiepmann";
|
||||||
|
TYPO3_BASE = "https://${domain}/";
|
||||||
|
|
||||||
|
# Used via TYPO3 API, expose
|
||||||
|
IMAGEMAGICK_PATH = lib.makeBinPath [ pkgs.imagemagick ] + "/";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
};
|
||||||
|
}
|
53
systems/hikari3/web-development/lib/mkcert.nix
Normal file
53
systems/hikari3/web-development/lib/mkcert.nix
Normal file
|
@ -0,0 +1,53 @@
|
||||||
|
{ pkgs, lib, config, ... }:
|
||||||
|
|
||||||
|
let
|
||||||
|
certFolder = "/var/projects/own/mkcert";
|
||||||
|
|
||||||
|
domains = builtins.concatStringsSep " " (
|
||||||
|
map (domain: "\"${domain}\"") (
|
||||||
|
builtins.attrNames config.services.httpd.virtualHosts
|
||||||
|
)
|
||||||
|
);
|
||||||
|
|
||||||
|
custom-generate-certs = pkgs.writeShellApplication {
|
||||||
|
name = "custom-generate-certs";
|
||||||
|
|
||||||
|
runtimeInputs = [
|
||||||
|
pkgs.mkcert
|
||||||
|
];
|
||||||
|
|
||||||
|
text = ''
|
||||||
|
mkdir -p ${certFolder}
|
||||||
|
pushd ${certFolder}
|
||||||
|
declare -a domains=(${domains})
|
||||||
|
for domain in "''${domains[@]}"
|
||||||
|
do
|
||||||
|
CAROOT="${certFolder}" mkcert "$domain"
|
||||||
|
done
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
in {
|
||||||
|
options = {
|
||||||
|
custom.web-development = {
|
||||||
|
certFolder = lib.mkOption {
|
||||||
|
type = lib.types.path;
|
||||||
|
default = "${config.custom.web-development.rootPath}/own/mkcert/";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
config = {
|
||||||
|
|
||||||
|
# TODO: Run once before httpd service starts?
|
||||||
|
environment.systemPackages = [
|
||||||
|
custom-generate-certs
|
||||||
|
];
|
||||||
|
|
||||||
|
# NOTE: Disable until root certificate is generated, then add again
|
||||||
|
# Maybe check for file existense and throw proper error message?
|
||||||
|
security.pki.certificates = [
|
||||||
|
(builtins.readFile "${config.custom.web-development.certFolder}rootCA.pem")
|
||||||
|
];
|
||||||
|
|
||||||
|
};
|
||||||
|
}
|
BIN
systems/hikari3/web-development/projects/customer/reu-reu.nix
Normal file
BIN
systems/hikari3/web-development/projects/customer/reu-reu.nix
Normal file
Binary file not shown.
BIN
systems/hikari3/web-development/projects/customer/sa-sa.nix
Normal file
BIN
systems/hikari3/web-development/projects/customer/sa-sa.nix
Normal file
Binary file not shown.
Binary file not shown.
BIN
systems/hikari3/web-development/projects/customer/wm-sozio.nix
Normal file
BIN
systems/hikari3/web-development/projects/customer/wm-sozio.nix
Normal file
Binary file not shown.
13
systems/hikari3/web-development/projects/private.nix
Normal file
13
systems/hikari3/web-development/projects/private.nix
Normal file
|
@ -0,0 +1,13 @@
|
||||||
|
{ pkgs, lib, config, ... }:
|
||||||
|
|
||||||
|
let
|
||||||
|
|
||||||
|
php = pkgs.php83;
|
||||||
|
|
||||||
|
in import ./../lib/create-typo3.nix {
|
||||||
|
inherit config lib pkgs php;
|
||||||
|
|
||||||
|
domain = "daniel-siepmann.own.localhost";
|
||||||
|
relativeDocumentRoot = "own/daniel-siepmann/project/public/";
|
||||||
|
databaseName = "own_danielsiepmann";
|
||||||
|
}
|
28
systems/hikari3/web-development/projects/service-wrapper.nix
Normal file
28
systems/hikari3/web-development/projects/service-wrapper.nix
Normal file
|
@ -0,0 +1,28 @@
|
||||||
|
{ pkgs, lib, config, ... }:
|
||||||
|
|
||||||
|
let
|
||||||
|
domain = "mailhog.localhost";
|
||||||
|
in {
|
||||||
|
services = {
|
||||||
|
|
||||||
|
httpd.virtualHosts.${domain} = {
|
||||||
|
forceSSL = true;
|
||||||
|
sslServerCert = "${config.custom.web-development.certFolder}${domain}.pem";
|
||||||
|
sslServerKey = "${config.custom.web-development.certFolder}${domain}-key.pem";
|
||||||
|
|
||||||
|
extraConfig = ''
|
||||||
|
RequestHeader unset Authorization
|
||||||
|
ProxyRequests Off
|
||||||
|
ProxyPreserveHost On
|
||||||
|
ProxyPass / http://localhost:8025/
|
||||||
|
ProxyPassReverse / http://localhost:8025/
|
||||||
|
|
||||||
|
# Mailhog specific
|
||||||
|
<LocationMatch /api/v2/websocket>
|
||||||
|
ProxyPass ws://localhost:8025/api/v2/websocket
|
||||||
|
</LocationMatch>
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
|
||||||
|
};
|
||||||
|
}
|
8
systems/hikari3/web-development/projects/typo3.nix
Normal file
8
systems/hikari3/web-development/projects/typo3.nix
Normal file
|
@ -0,0 +1,8 @@
|
||||||
|
{ lib, config, ... }:
|
||||||
|
|
||||||
|
import ./../lib/create-static.nix {
|
||||||
|
inherit config;
|
||||||
|
|
||||||
|
domain = "tea-docs.typo3.localhost";
|
||||||
|
relativeDocumentRoot = "typo3/tea/Documentation-GENERATED-temp/Result/project/0.0.0/";
|
||||||
|
}
|
Loading…
Reference in a new issue