From 7c01fddce1e7ad756e1f2b039d02521c88e7b474 Mon Sep 17 00:00:00 2001 From: Yorick van Pelt Date: Sun, 25 Feb 2018 21:29:39 +0100 Subject: [PATCH] There is no capslock, only escape. Also, other changes. --- logical/ascanius.nix | 30 ++++++++++++++++++------------ logical/jarvis.nix | 4 ++-- physical/xps9360.nix | 4 ++-- roles/common.nix | 1 + roles/graphical.nix | 1 + 5 files changed, 24 insertions(+), 16 deletions(-) diff --git a/logical/ascanius.nix b/logical/ascanius.nix index 37ecfbe..7da4fdd 100644 --- a/logical/ascanius.nix +++ b/logical/ascanius.nix @@ -11,30 +11,36 @@ in [ ../physical/hp8570w.nix ../roles/common.nix ../roles/workstation.nix - ../modules/tor-hidden-service.nix ]; # no, not that Ascanius. networking.hostName = secrets.hostnames.ascanius; - # GOTTA GO FASTER - # this pulls in systemd-udevd-settle, which slows down boot - systemd.services.scsi-link-pm.enable = false; - nixpkgs.config = { packageOverrides = pkgs : { bluez = pkgs.bluez5; # https://github.com/NixOS/nixpkgs/issues/22099 - trustedGrub = pkgs.trustedGrub.overrideDerivation (attr: {NIX_CFLAGS_COMPILE = "-Wno-error";}); + trustedGrub = pkgs.grub2.overrideDerivation (attr: rec { + version = "2.x-20170910"; + name = "trustedGRUB2-${version}"; + buildInputs = attr.buildInputs ++ (with pkgs;[autoconf automake]); + prePatch = '' + rm -rf po + tar Jxf ${pkgs.grub2.src} grub-2.02/po + cp -r grub-2.02/po po + ./autogen.sh + ''; + src = pkgs.fetchFromGitHub { + repo = "TrustedGRUB2"; + owner = "Rohde-Schwarz-Cybersecurity"; + rev = "e656aaabd3bc5abda6c62c8967ebfd0c53ef179b"; + sha256 = "08lq4prqhn923i8a7q79s4lsfnqgk4jd255xzk1wy12vg45dwlsc"; + }; + }); }; }; - services.tor.hiddenServices = [ - { name = "ssh"; - port = 22; - hostname = secrets.tor_hostnames."ssh.ascanius"; - private_key = "/run/keys/torkeys/ssh.ascanius.key"; } - ]; + services.tor.hiddenServices.ssh.map = [{ port = 22; }]; nix.gc.automatic = pkgs.lib.mkOverride 30 false; } diff --git a/logical/jarvis.nix b/logical/jarvis.nix index 9b30d18..d47b924 100644 --- a/logical/jarvis.nix +++ b/logical/jarvis.nix @@ -16,8 +16,8 @@ # The NixOS release to be compatible with for stateful data such as databases. - system.stateVersion = "17.03"; - networking.enableIPv6 = lib.mkOverride 30 true; + system.stateVersion = "17.09"; + #networking.enableIPv6 = lib.mkOverride 30 true; services.xserver.displayManager.sessionCommands = '' diff --git a/physical/xps9360.nix b/physical/xps9360.nix index 477d868..a605d2f 100644 --- a/physical/xps9360.nix +++ b/physical/xps9360.nix @@ -12,7 +12,7 @@ boot.extraModulePackages = [ ]; boot.blacklistedKernelModules = ["psmouse"]; - boot.kernelPackages = pkgs.linuxPackages_4_11; + boot.kernelPackages = pkgs.linuxPackages_latest; # Use the systemd-boot EFI boot loader. @@ -33,7 +33,7 @@ hardware.bluetooth.enable = true; # https://wiki.archlinux.org/index.php/Dell_XPS_13_(9360)#Module-based_Powersaving_Options # might require linux 4.11 - boot.kernelParams = ["i915.enable_fbc=1" "i915.enable_guc_loading=1" "i915.enable_guc_submission=1" "i915.enable_huc=1" "i915.enable_psr=2"]; + boot.kernelParams = ["i915.enable_fbc=1" "i915.enable_guc_loading=1" "i915.enable_guc_submission=1" "i915.enable_huc=1" "i915.enable_psr=2" "intel_iommu=on"]; # now we wait until enable_psr=1 is fixed fileSystems."/" = diff --git a/roles/common.nix b/roles/common.nix index 3dad562..f31d304 100644 --- a/roles/common.nix +++ b/roles/common.nix @@ -67,6 +67,7 @@ in cowsay ponysay ed # ed, man! sl + rlwrap vim diff --git a/roles/graphical.nix b/roles/graphical.nix index ab68a15..d69f414 100644 --- a/roles/graphical.nix +++ b/roles/graphical.nix @@ -18,6 +18,7 @@ in tappingDragLock = false; }; layout = "us"; + xkbOptions = "caps:escape"; displayManager.slim.defaultUser = "yorick"; # xkbOptions = "eurosign:e"; windowManager.i3 = {