Make home-manager config for ll-latitude-e5591 build again

nixos/features/base.nix

@@ -0,0 +1,11 @@
+{ pkgs, ... }: {
+  users.mutableUsers = false;
+
+  networking.wireless.enable = false; # For some reason this is needed all of the time
+
+  boot.supportedFilesystems = [ "ntfs" ];
+
+  # Basic Services
+  services.smartd.enable = true;
+  services.uptimed.enable = true;
+}

nixos/features/embedded.nix

@@ -0,0 +1,45 @@
+{ pkgs, pkgs-unstable, ... }: {
+  nixpkgs.config.allowUnfree = true;
+  nixpkgs.config.segger-jlink.acceptLicense = true;
+
+  nixpkgs.config.permittedInsecurePackages = [
+    "segger-jlink-qt4-810"
+  ];
+
+  environment.systemPackages = with pkgs; [
+    pkgs-unstable.platformio # https://github.com/NixOS/nixpkgs/commit/0ba947ba44fc17c7cc94be2374dbfb939900cecd
+    segger-jlink
+
+    arduino-ide
+    stm32cubemx
+
+    avrdude
+    esptool
+    stlink
+    stlink-gui
+    (pkgs-unstable.kicad.override { addons=[pkgs-unstable.kicadAddons.kikit pkgs-unstable.kicadAddons.kikit-library]; })
+    kikit
+    screen
+    prusa-slicer
+    esphome
+    librecad
+    pulseview
+    sigrok-cli
+  ];
+
+  services.udev.packages = with pkgs; [
+    platformio
+    platformio-core
+
+    openocd
+    stlink
+    esptool
+    avrdude
+  ];
+
+  services.udev.extraRules = ''
+    SUBSYSTEM=="usb", ATTR{idVendor}="1a86", ATTR{idProduct}=="8010", MODE="0666"
+    SUBSYSTEM=="usb", ATTR{idVendor}="4348", ATTR{idProduct}=="55e0", MODE="0666"
+    SUBSYSTEM=="usb", ATTR{idVendor}="1a86", ATTR{idProduct}=="8012", MODE="0666"
+  '';
+}

nixos/features/factorio.nix

@@ -0,0 +1,14 @@
+{ pkgs, pkgs-unstable, ... }: {
+
+  environment.systemPackages = with pkgs-unstable; [
+    (factorio.override {
+      username = "";
+      token = "";
+
+      releaseType = "alpha";
+      version = "2.0.32";
+
+      # nix-prefetch-url file:///$(pwd | sed 's| |%20|')/factorio_alpha_x64-2.0.32.tar.xz --name factorio_alpha_x64-2.0.32.tar.xz
+    })
+  ];
+}

nixos/features/frigate-mpv-cage.nix

@@ -0,0 +1,20 @@
+{ pkgs, ... }: {
+  environment.systemPackages = with pkgs; [
+    mpv
+  ];
+
+  services.cage = {
+    enable = true;
+    program = "${pkgs.mpv}/bin/mpv --profile=low-latency --untimed rtsp://bastion.mlaga97.space:8554/birdseye";
+    user = "dotspace";
+    extraArguments = [ "-s" ];
+    environment = {
+      WLR_LIBINPUT_NO_DEVICES = "1"; # boot up even if no mouse/keyboard connected
+    };
+  };
+
+  systemd.services."cage-tty1.service".after = [
+    "network-online.target"
+    "systemd-resolved.service"
+  ];
+}

nixos/features/gpu/intel.nix

@@ -0,0 +1,18 @@
+{ pkgs, ... }: {
+  hardware.graphics.enable32Bit = true;
+
+  nixpkgs.config.packageOverrides = pkgs: {
+    intel-vaapi-driver = pkgs.intel-vaapi-driver.override { enableHybridCodec = true; };
+  };
+
+  hardware.graphics = {
+    enable = true;
+    extraPackages = with pkgs; [
+      intel-media-driver
+      intel-vaapi-driver
+      libvdpau-va-gl
+    ];
+  };
+
+  environment.sessionVariables = { LIBVA_DRIVER_NAME = "iHD"; };
+}

nixos/features/gpu/nvidia.nix

@@ -0,0 +1,40 @@
+# https://community.frame.work/t/egpu-gtx-1060-6gb-working-great-on-nixos-on-the-12th-gen-framework/40919
+{ config, ... }: {
+  # Enable OpenGL
+  hardware.graphics.enable = true;
+  hardware.graphics.enable32Bit = true;
+
+  # Load nvidia driver for Xorg and Wayland
+  services.xserver.videoDrivers = ["nvidia"];
+
+  # Fix stupid UI scaling bug
+  services.xserver.dpi = 96;
+
+  hardware.nvidia = {
+    # Modesetting is required.
+    modesetting.enable = true;
+
+    # Nvidia power management. Experimental, and can cause sleep/suspend to fail.
+    powerManagement.enable = false;
+
+    # Fine-grained power management. Turns off GPU when not in use.
+    # Experimental and only works on modern Nvidia GPUs (Turing or newer).
+    powerManagement.finegrained = false;
+
+    # Use the NVidia open source kernel module (not to be confused with the
+    # independent third-party "nouveau" open source driver).
+    # Support is limited to the Turing and later architectures. Full list of
+    # supported GPUs is at:
+    # https://github.com/NVIDIA/open-gpu-kernel-modules#compatible-gpus
+    # Only available from driver 515.43.04+
+    # Currently alpha-quality/buggy, so false is currently the recommended setting.
+    open = false;
+
+    # Enable the Nvidia settings menu,
+    # accessible via `nvidia-settings`.
+    nvidiaSettings = true;
+
+    # Optionally, you may need to select the appropriate driver version for your specific GPU.
+    package = config.boot.kernelPackages.nvidiaPackages.stable;
+  };
+}

nixos/features/gui-apps.nix

@@ -0,0 +1,2 @@
+{ pkgs, lib, unstable, ... }: {
+}

nixos/features/hardware/printing.nix

@@ -0,0 +1,10 @@
+{ pkgs, ... }: {
+  services.printing.enable = true;
+  services.printing.drivers = with pkgs; [ brlaser hplipWithPlugin ];
+
+  services.avahi = {
+    enable = true;
+    nssmdns4 = true;
+    openFirewall = true;
+  };
+}

nixos/features/hardware/rtl-sdr.nix

@@ -0,0 +1,12 @@
+{ pkgs, unstable, ... }: {
+  hardware.rtl-sdr.enable = true;
+  users.users.lauren_lagarde.extraGroups = [ "plugdev" ];
+
+  services.udev.packages = [ pkgs.rtl-sdr ];
+
+  environment.systemPackages = with pkgs; [
+    gnuradio
+    soapyrtlsdr
+    gqrx
+  ];
+}

nixos/features/hardware/yubikey.nix

@@ -0,0 +1,17 @@
+{ pkgs, lib, ... }: {
+  environment.systemPackages = with pkgs; [
+		yubikey-personalization
+  ];
+
+	services.udev.packages = with pkgs; [
+		yubikey-personalization
+  ];
+
+	services.pcscd.enable = true;
+  programs.ssh.startAgent = false;
+
+	programs.gnupg.agent = {
+		enable = true;
+		enableSSHSupport = true;
+  };
+}

nixos/features/headless.nix

@@ -0,0 +1,2 @@
+{ config, lib, pkgs, callPackage, ... }: {
+}

nixos/features/i3_old.nix

@@ -0,0 +1,71 @@
+{ pkgs, lib, unstable, ... }: {
+
+  hardware.graphics.enable32Bit = true;
+
+  ##############################################################################
+  ##############################################################################
+  ##############################################################################
+  # Display Server Config
+
+  services.xserver = {
+    enable = true;
+
+    desktopManager = {
+      xterm.enable = false;
+      gnome.enable = true;
+    };
+
+    windowManager.i3.enable = true;
+  };
+
+  services.displayManager = {
+    defaultSession = "none+i3";
+  };
+
+  ##############################################################################
+  ##############################################################################
+  ##############################################################################
+  # Packages
+
+  programs.virt-manager.enable = true;
+
+  environment.systemPackages = with pkgs; [
+    # Polybar
+    siji
+    polybar
+    font-awesome
+    font-awesome_5
+    networkmanagerapplet
+
+    # Apps
+    gnome-terminal
+    chromium
+    qtpass
+    unstable.yt-dlp
+
+    rofi
+    i3status
+    i3lock
+    i3blocks
+    nemo-with-extensions
+    dunst
+    pinentry-qt
+    brightnessctl
+    openscad-unstable
+    shutter
+    pavucontrol
+    arandr
+    blueman
+    sublime-merge
+    libreoffice
+    gparted
+    loupe
+    gthumb
+    vlc
+    mpv
+
+    ledger
+    xorg.xkill
+    sound-juicer
+  ];
+}

nixos/features/i3wm.nix

@@ -0,0 +1,32 @@
+{ pkgs, ... }: {
+  services.xserver = {
+    enable = true;
+
+    desktopManager = {
+      xterm.enable = false;
+      gnome.enable = true;
+    };
+
+    windowManager = {
+      i3.enable = true;
+    };
+
+    displayManager.lightdm.enable = true;
+  };
+
+  services.displayManager.defaultSession = "none+i3";
+
+  systemd.user.services.polkit-gnome-authentication-agent-1 = {
+    description = "polkit-gnome-authentication-agent-1";
+    wantedBy = [ "graphical-session.target" ];
+    wants = [ "graphical-session.target" ];
+    after = [ "graphical-session.target" ];
+    serviceConfig = {
+      Type = "simple";
+      ExecStart = "${pkgs.polkit_gnome}/libexec/polkit-gnome-authentication-agent-1";
+      Restart = "on-failure";
+      RestartSec = 1;
+      TimeoutStopSec = 10;
+    };
+  };
+}

nixos/features/initrd-ssh.nix

@@ -0,0 +1,33 @@
+# ssh-keygen -t ed25519 -N "" -f ./ssh_host_ed25519_key
+
+{ ... }: {
+  imports = [
+    ./systemd-boot.nix
+  ];
+
+  boot.initrd = {
+    systemd = {
+      enable = true;
+      users.root.shell = "/bin/systemd-tty-ask-password-agent";
+      network = {
+        enable = true;
+        networks."10-enp1s0" = {
+          matchConfig.Name = "enp1s0";
+          networkConfig.DHCP = "yes";
+        };
+      };
+    };
+
+    network = {
+      enable = true;
+      ssh = {
+        enable = true;
+        port = 2222;
+        hostKeys = [ "/root/secrets/initrd/ssh_host_ed25519_key" ];
+        authorizedKeys = [
+          "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCl881A1gvgCx+4ECrmJnO2QCTiqjaOLfAegKAAkvWNFKL0rDfsj8tZULUcyn87HYsRrdmqCOQ62GOjQyK803azq7QTxwY4vjczkJxico4LnIToTobcz+JkgF6Rf/h74bs9dHk4ZU853FRBz3wi/14rI10Iwckt37B1ayJacpELuzFobKYip2FjiL1vNH3tiAFR131z+YBByvNX+uJYEhpsI0xry9zbsSUWUq5/YFpmjezblzYRokfsReYiKJeQBeROSeRC/xFBSnikECSylNI4sw5VIpGXFIxL5xhss+s+3dnb+LFQ+zInOYxkVRydYc/In9Wz6Tu7v07K8bjvE7nQwHenoGtRW590Xu0rJApS+k8Cu16sCO2QFj/aI+gCrhU0ymM0aicr0hFAME6Y7j9HcR6PxYxnXZjI7cfqhO5TG8jot25SPzJcvH3EV5oPKtAkw9XA+8+nAI9czFlUgHnuMJAqw1IGOD3qozwqZ5yn1+kG7FZJRpvaPc5pK2HtqaAKJmnRuVaWcFuNALh86gr7Qn8IEp8Q+YyKmDqrMZ4KLJUMnVqn4y0HVS1eB5nVujaJZUGJWA4q3og0FE/2kH74WEp2ZtuJAoEPcgfZ6Ns7BmmXIZU7qu4kQoQ73b3mn6hCi5xlQ/sClzwHYkRPo4tST64ED/UIRPCYe1byNUWSww== lauren@lagarde.dev"
+        ];
+      };
+    };
+  };
+}

nixos/features/networking/networkd-br0.nix

@@ -0,0 +1,23 @@
+{ ... }: {
+  networking.useNetworkd = true;
+  systemd.network = {
+    enable = true;
+    netdevs."20-br0".netdevConfig = {
+      Kind = "bridge";
+      Name = "br0";
+    };
+    networks = {
+      "40-br0" = {
+        matchConfig.Name = "br0";
+        bridgeConfig = {};
+        linkConfig = {
+          RequiredForOnline = "routable";
+        };
+        networkConfig = {
+          DHCP = "ipv4";
+          IPv6AcceptRA = true;
+        };
+      };
+    };
+  };
+}

nixos/features/openssh-server.nix

@@ -0,0 +1,9 @@
+{ lib, ... }: {
+  services.openssh = {
+    enable = true;
+    settings = {
+      PermitRootLogin = lib.mkForce "no";
+      PasswordAuthentication = false;
+    };
+  };
+}

nixos/features/stronghold-binary-cache.nix

@@ -0,0 +1,13 @@
+{ ... }: {
+  nix.settings = {
+    substituters = [
+      "http://nix-cache.stronghold.mlaga97.space"
+      "https://nix-community.cachix.org"
+      "https://cache.nixos.org/"
+    ];
+    trusted-public-keys = [
+      "nix-cache.stronghold.mlaga97.space:RR2S/XWXGjACgAeN30qWCgG1wySOyTGtup8Os3yrdQw="
+      "nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
+    ];
+  };
+}

nixos/features/systemd-boot.nix

@@ -0,0 +1,4 @@
+{ ... }: {
+  boot.loader.systemd-boot.enable = true;
+  boot.loader.efi.canTouchEfiVariables = true;
+}

nixos/features/tui-apps.nix

@@ -0,0 +1,31 @@
+{ pkgs, ... }: {
+  environment.systemPackages = with pkgs; [
+    # Basic Utilities
+    bc pv killall zip unzip unrar-wrapper unar units
+
+    # System Monitoring / TUI QoL Tools
+    btop iotop tmux byobu
+
+    # Security / Cryptography
+    (pass.withExtensions (ext: with ext; [ pass-otp pass-update ]))
+    ssss gnupg pwgen qrencode diceware
+
+    # Applications
+    vim_configurable
+
+    # File Management
+    git ffmpeg restic rclone imagemagick
+
+    # File Systems
+    nfs-utils cifs-utils exfatprogs
+
+    # Networking Utilities
+    dig tinc_pre traceroute wireguard-tools iperf3
+
+    # NixOS Helpers
+    nixos-generators nix-index nix-search-cli
+
+    # Hardware Utilities
+    usbutils pciutils
+  ];
+}

nixos/features/virtualization/docker.nix

@@ -0,0 +1,11 @@
+{ ... }: {
+  virtualisation.docker.enable = true;
+  virtualisation.containers.enable = true;
+
+  # Enable podman, but don't default to it
+  virtualisation.podman = {
+    enable = true;
+    dockerCompat = false;
+    defaultNetwork.settings.dns_enabled = true;
+  };
+}

nixos/features/virtualization/dockge.nix

@@ -0,0 +1,21 @@
+{ ... }: {
+  virtualisation.oci-containers.backend = "docker";
+  virtualisation.oci-containers.containers = {
+    dockge = {
+      image = "louislam/dockge";
+      ports = [
+        "5001:5001"
+      ];
+      volumes = [
+        "/var/run/docker.sock:/var/run/docker.sock"
+        "/opt/stacks/dockge/data:/app/data"
+        "/root/.docker/:/root/.docker"
+        "/opt/stacks:/opt/stacks"
+      ];
+      environment = {
+        DOCKGE_STACKS_DIR = "/opt/stacks";
+      };
+    };
+  };
+
+}

nixos/features/virtualization/libvirt-guest-uefi.nix

@@ -0,0 +1,8 @@
+{ ... }: {
+  boot.initrd = {
+    kernelModules = [ "virtio_net" "e1000" ];
+    availableKernelModules = [ "ahci" "xhci_pci" "virtio_pci" "sr_mod" "virtio_blk" ];
+  };
+
+  boot.zfs.devNodes = "/dev/disk/by-partuuid";
+}

nixos/features/virtualization/libvirt-host.nix

@@ -0,0 +1,3 @@
+{ ... }: {
+  virtualisation.libvirtd.enable = true;
+}

nixos/features/virtualization/persistent_docker.nix

@@ -0,0 +1,40 @@
+{ pkgs, lib, ... }: {
+  systemd.mounts = [
+    {
+      type = "ext4";
+      options = "rw";
+      what = "/dev/vda";
+      where = "/persistent";
+    }
+  ];
+
+  systemd.automounts = [
+    {
+      wantedBy = [ "multi-user.target" ];
+      where = "/persistent";
+    }
+  ];
+
+  virtualisation.docker.daemon.settings = {
+    data-root = "/persistent/docker-root";
+  };
+
+  virtualisation.oci-containers.backend = "docker";
+  virtualisation.oci-containers.containers = {
+    dockge = {
+      image = "louislam/dockge";
+      ports = [
+        "5001:5001"
+      ];
+      volumes = [
+        "/var/run/docker.sock:/var/run/docker.sock"
+        "/persistent/stacks/dockge/data:/app/data"
+        "/root/.docker/:/root/.docker"
+        "/persistent/stacks:/persistent/stacks"
+      ];
+      environment = {
+        DOCKGE_STACKS_DIR = "/persistent/stacks";
+      };
+    };
+  };
+}

nixos/features/virtualization/virtualbox-host.nix

@@ -0,0 +1,10 @@
+{ ... }: {
+  virtualisation.libvirtd.enable = false;
+
+  virtualisation.virtualbox = {
+    host = {
+      enable = true;
+      enableExtensionPack = true;
+    };
+  };
+}