diff --git a/nixos/home/mozilla.nix b/nixos/home/mozilla.nix index 804e0c7..7e0b8eb 100644 --- a/nixos/home/mozilla.nix +++ b/nixos/home/mozilla.nix @@ -60,6 +60,7 @@ ]; "browser.startup.page" = 3; "datareporting.healthreport.uploadEnabled" = false; + "extensions.webextensions.restrictedDomains" = ""; "font.name.monospace.x-western" = "Fira Code"; "layout.css.prefers-color-scheme.content-override" = 0; "svg.context-properties.content.enabled" = true; diff --git a/nixos/hosts/ioides/packages.nix b/nixos/hosts/ioides/packages.nix index 4a0e565..cce3935 100644 --- a/nixos/hosts/ioides/packages.nix +++ b/nixos/hosts/ioides/packages.nix @@ -12,6 +12,7 @@ gnumake # Tool to control the generation of non-source files from sources godot_4 # Free and Open Source 2D and 3D game engine gtk4 # Multi-platform toolkit for creating graphical user interfaces + imhex # Hex Editor for Reverse Engineers, Programmers and people who value their retinas when working at 3 AM jdk23 # Open-source Java Development Kit just # Handy way to save and run project-specific commands meson # Open source, fast and friendly build system made in Python @@ -28,6 +29,7 @@ # games alvr # Stream VR games from your PC to your headset via Wi-Fi easyrpg-player # RPG Maker 2000/2003 and EasyRPG games interpreter + gzdoom # Modder-friendly OpenGL and Vulkan source port based on the DOOM engine unstable.luanti # An open source voxel game engine (formerly Minetest) prismlauncher # Free, open source launcher for Minecraft (retroarch.override { # Multi-platform emulator frontend for libretro cores @@ -128,6 +130,7 @@ soteria # Polkit authentication agent written in GTK designed to be used with any desktop environment temurin-jre-bin-23 # Eclipse Temurin, prebuilt OpenJDK binary temurin-jre-bin-8 # Eclipse Temurin, prebuilt OpenJDK binary + tilem # Emulator and debugger for Texas Instruments Z80-based graphing calculators vlc # Cross-platform media player and streaming server ]; diff --git a/nixos/hosts/near/rpi5-config/configuration.nix b/nixos/hosts/near/rpi5-config/configuration.nix new file mode 100644 index 0000000..1915ad5 --- /dev/null +++ b/nixos/hosts/near/rpi5-config/configuration.nix @@ -0,0 +1,141 @@ +{ config, pkgs, lib, modulesPath, ... }: + +{ + + ## System + + imports = + [ ./hardware.nix + "${modulesPath}/profiles/headless.nix" + ]; + + networking.hostName = "wilson"; + + system.stateVersion = "23.11"; + + # turn off screen 5min after boot + boot.kernelParams = [ "consoleblank=300" ]; + + nix.settings.experimental-features = [ "nix-command" ]; + + + ## Packages + + nixpkgs.overlays = lib.singleton (self: super: + { # don't shadow procps, etc. + busybox = lib.setPrio 20 super.busybox; + }); + + + ## Environment + + i18n.defaultLocale = "en_GB.UTF-8"; + i18n.extraLocaleSettings.LC_TIME = "it_IT.UTF-8"; + + time.timeZone = "Europe/Rome"; + + environment.sessionVariables = + { PATH = [ "$HOME/bin" ]; + XDG_CONFIG_HOME = "$HOME/etc"; + XDG_DATA_HOME = "$HOME/var/lib"; + XDG_CACHE_HOME = "$HOME/var/cache"; + EDITOR = "vi"; + LESS = "-RSic -j.5"; + ABDUCO_CMD = "ash"; + ABDUCO_SOCKET_DIR = "$XDG_RUNTIME_DIR"; + SYSTEMD_COLORS = "16"; + PS1 = ''\e[32m\u\e[0m@\e[33m\H \e[36m\w\n\e[34mλ\e[0m ''; + }; + + environment.shellInit = + '' + # create XDG directories + mkdir -p $XDG_CONFIG_HOME $XDG_DATA_HOME $XDG_CACHE_HOME $HOME/bin + + # some aliases + alias l="ls -lh" + alias e="$EDITOR" + alias ip="ip -c" + ''; + + environment.systemPackages = with pkgs; [ abduco busybox ]; + + + ## Users + + users.users.rnhmjoj = + { isNormalUser = true; + shell = "${pkgs.busybox}/bin/ash"; + extraGroups = [ "wheel" ]; + openssh.authorizedKeys.keys = [ key ]; + }; + + + ## Security + + security.sudo.wheelNeedsPassword = false; + + # never interrupt host key generation + systemd.services.openssh.serviceConfig.TimeoutStartSec = "infinity"; + + services.openssh.enable = true; + services.openssh.settings.PermitRootLogin = "no"; + + nix.settings.trusted-users = [ "rnhmjoj" "root" ]; + + + ## Network + + networking.usePredictableInterfaceNames = false; + + # Bridges for wired to wireless + networking.bridges.br0.interfaces = [ "eth0" ]; + + # change MAC address + networking.interfaces.eth0.macAddress = "00:68:eb:26:b2:42"; + networking.interfaces.br0.macAddress = "00:68:eb:26:b2:43"; + + # Enable forwarding packets + boot.kernel.sysctl = { + "net.ipv6.conf.all.forwarding" = 1; + "net.ipv4.conf.all.forwarding" = 1; + }; + + # Create an access point + services.hostapd.enable = true; + services.hostapd.radios.wlan0 = + { band = "5g"; + channel = 0; + countryCode = "PA"; + wifi4.capabilities = + [ "HT40+" "SHORT-GI-20" "SHORT-GI-40" "MAX-AMSDU-3839" "DSSS_CCK-40" ]; + wifi5.capabilities = [ "MAX-MPDU-3895" "SHORT-GI-80" "SU-BEAMFORMEE" ]; + wifi5.operatingChannelWidth = "80"; + networks.wlan0 = + { ssid = ""; + bssid = "f8:0d:ac:60:E0:f9"; + authentication.mode = "wpa2-sha1"; + authentication.wpaPassword = ""; + settings.bridge = "br0"; + }; + }; + + + ## Make the image small + + # disable nscd + services.nscd.enable = false; + system.nssModules = lib.mkForce []; + + # use chrony + services.timesyncd.enable = false; + services.chrony.enable = true; + + # disable systemd stuff + services.dbus.enable = lib.mkForce false; + systemd.coredump.enable = false; + systemd.services.mount-pstore.enable = false; + systemd.services.systemd-udev-settle.enable = false; + systemd.services.systemd-hostnamed.enable = false; + +} diff --git a/nixos/hosts/near/rpi5-config/default.nix b/nixos/hosts/near/rpi5-config/default.nix new file mode 100644 index 0000000..5586dd3 --- /dev/null +++ b/nixos/hosts/near/rpi5-config/default.nix @@ -0,0 +1,13 @@ +let + # pinned Nixpkgs version + nixpkgs = builtins.fetchTarball + { url = "https://github.com/NixOS/nixpkgs/archive/76612b17c0ce.tar.gz"; + sha256 = "03pmy2dv212mmxgcvwxinf3xy6m6zzr8ri71pda1lqggmll2na12"; + }; + + nixos = import (nixpkgs + "/nixos") { configuration = ./configuration.nix; }; +in +{ + inherit (nixos.config.system.build) sdImage; + inherit (nixos) system pkgs config; +} diff --git a/nixos/hosts/near/rpi5-config/hardware.nix b/nixos/hosts/near/rpi5-config/hardware.nix new file mode 100644 index 0000000..5820b15 --- /dev/null +++ b/nixos/hosts/near/rpi5-config/hardware.nix @@ -0,0 +1,59 @@ +{ lib, config, pkgs, modulesPath, ... }: + +{ + + ## Hardware + + # Cross compile for aarch64 + nixpkgs.crossSystem.config = "aarch64-unknown-linux-gnu"; + + # Use the raspberry Pi 5 kernel + boot.kernelPackages = pkgs.linuxPackagesFor + (pkgs.linux_rpi4.override + { rpiVersion = 5; + argsOverride.defconfig = "bcm2712_defconfig"; + }); + + # Only add strictly necessary modules + hardware.firmware = [ pkgs.raspberrypiWirelessFirmware ]; + boot.initrd.includeDefaultModules = false; + boot.initrd.kernelModules = [ "ext4" "mmc_block" ]; + disabledModules = + [ "${modulesPath}/profiles/all-hardware.nix" + "${modulesPath}/profiles/base.nix" + ]; + + # Configure u-boot image + boot.loader.grub.enable = false; + boot.loader.generic-extlinux-compatible.enable = true; + + imports = [ "${modulesPath}/installer/sd-card/sd-image.nix" ]; + sdImage.populateFirmwareCommands = + let + uboot = pkgs.buildUBoot + { defconfig = "rpi_arm64_config"; + extraMeta.platforms = [ "aarch64-linux" ]; + filesToInstall = [ "u-boot.bin" ]; + }; + + config = pkgs.writeText "config.txt" + '' + avoid_warnings=1 + enable_uart=1 + kernel=u-boot.bin + ''; + in + '' + cp ${uboot}/u-boot.bin firmware/u-boot.bin + cp ${pkgs.raspberrypifw}/share/raspberrypi/boot/{bootcode.bin,fixup*.dat,start*.elf} firmware/ + cp ${pkgs.raspberrypi-armstubs}/armstub8-gic.bin firmware/armstub8-gic.bin + cp ${pkgs.raspberrypifw}/share/raspberrypi/boot/bcm2712-rpi-5-b.dtb firmware/ + cp ${config} firmware/config.txt + ''; + sdImage.populateRootCommands = + '' + mkdir -p ./files/boot + ${config.boot.loader.generic-extlinux-compatible.populateCmd} -c ${config.system.build.toplevel} -d ./files/boot + ''; + +} diff --git a/nixos/pkgs/vasm-psi-x/default.nix b/nixos/pkgs/vasm-psi-x/default.nix index 62f0304..1fe6ef8 100644 --- a/nixos/pkgs/vasm-psi-x/default.nix +++ b/nixos/pkgs/vasm-psi-x/default.nix @@ -1,7 +1,7 @@ # TODO with import {}; stdenv.mkDerivation rec { - pname = "vasm-psi-x-m68k"; + pname = "vasm-psi-x"; version = "1.1.2"; src = fetchFromGitHub { diff --git a/nixos/pkgs/vlink/default.nix b/nixos/pkgs/vlink/default.nix new file mode 100644 index 0000000..a129366 --- /dev/null +++ b/nixos/pkgs/vlink/default.nix @@ -0,0 +1,10 @@ +#! TODO +with import {}; +stdenv.mkDerivation { + pname = "vlink"; + version = "0.18"; + + meta = with lib; { + description = "A portable linker for multiple file formats"; + }; +} diff --git a/secrets/cemetech.gpg b/secrets/cemetech.gpg new file mode 100644 index 0000000..07ef7b4 --- /dev/null +++ b/secrets/cemetech.gpg @@ -0,0 +1,2 @@ +^>=̢ @I'ѤCK u|5#J`yY0~zYomO|#uxg @u;+`` +u"7xXU vy:k[+ݭiQ^J~7[Y6{Ơ1{0GHZ5:Ҡ:; \ No newline at end of file diff --git a/secrets/coursera.gpg b/secrets/coursera.gpg new file mode 100644 index 0000000..339c5b4 --- /dev/null +++ b/secrets/coursera.gpg @@ -0,0 +1 @@ +^>=̢ @єC'7u?%Fzt=3UAz0H>g4JU)gZo\ӯq]DۙRU JLX)|0y`4U.j'&]Ⲉ6WТ\M@HV]m~闪Kn