Add qca6174 firmware update, switch to overlay
parent
5d9fdc8b33
commit
f7fb38af62
|
@ -0,0 +1,7 @@
|
|||
[ (self: super: {
|
||||
gogitget = super.callPackage ./gogitget.nix {};
|
||||
shallot = super.callPackage ./shallot.nix {};
|
||||
yori-cc = super.callPackage ./yori-cc.nix {};
|
||||
firmware_qca6174 = super.callPackage ./firmware_qca6174.nix {};
|
||||
|
||||
})]
|
|
@ -0,0 +1,14 @@
|
|||
{ stdenv, fetchurl }:
|
||||
stdenv.mkDerivation rec {
|
||||
target = "QCA6174";
|
||||
branch = "4.4.1.c1";
|
||||
version = "${branch}-00042";
|
||||
name = "${target}-firmware-${version}";
|
||||
src = fetchurl {
|
||||
url = "https://github.com/kvalo/ath10k-firmware/raw/master/${target}/hw3.0/${branch}/firmware-6.bin_RM.${version}-QCARMSWP-1";
|
||||
sha256 = "01vvz3qhqw5l3yilcqgk1spk4y9k4qy7na7a57cbl037r231szdh";
|
||||
};
|
||||
buildCommand = ''
|
||||
install -D $src $out/lib/firmware/ath10k/${target}/hw3.0/firmware-6.bin
|
||||
'';
|
||||
}
|
|
@ -43,4 +43,6 @@
|
|||
|
||||
# bigger console font
|
||||
i18n.consoleFont = "latarcyrheb-sun32";
|
||||
|
||||
hardware.firmware = lib.mkBefore [ pkgs.firmware_qca6174 ];
|
||||
}
|
||||
|
|
116
roles/common.nix
116
roles/common.nix
|
@ -1,116 +0,0 @@
|
|||
let secrets = import <secrets>;
|
||||
in
|
||||
{ config, pkgs, lib, ...}:
|
||||
let
|
||||
machine = with lib; head (splitString "." config.networking.hostName);
|
||||
in
|
||||
{
|
||||
imports = [
|
||||
../modules/tor-hidden-service.nix
|
||||
../modules/nginx.nix
|
||||
../roles/pub.nix
|
||||
../roles/quassel.nix
|
||||
../roles/gogs.nix
|
||||
../roles/mail.nix
|
||||
../roles/website.nix
|
||||
../roles/xmpp.nix
|
||||
];
|
||||
time.timeZone = "Europe/Amsterdam";
|
||||
users.mutableUsers = false;
|
||||
users.extraUsers.root = {
|
||||
openssh.authorizedKeys.keys = config.users.extraUsers.yorick.openssh.authorizedKeys.keys;
|
||||
# root password is useful from console, ssh has password logins disabled
|
||||
hashedPassword = secrets.pennyworth_hashedPassword; # TODO: generate own
|
||||
|
||||
};
|
||||
services.timesyncd.enable = true;
|
||||
services.fail2ban.enable = true;
|
||||
users.extraUsers.yorick = {
|
||||
isNormalUser = true;
|
||||
uid = 1000;
|
||||
extraGroups = ["wheel"];
|
||||
group = "users";
|
||||
openssh.authorizedKeys.keys = with (import ../sshkeys.nix); [yorick];
|
||||
};
|
||||
|
||||
# Nix
|
||||
nixpkgs.config.allowUnfree = true;
|
||||
|
||||
nix.buildCores = config.nix.maxJobs;
|
||||
|
||||
nix.extraOptions = ''
|
||||
allow-unsafe-native-code-during-evaluation = true
|
||||
'';
|
||||
|
||||
# Networking
|
||||
networking.enableIPv6 = false;
|
||||
|
||||
services.openssh = {
|
||||
enable = true;
|
||||
passwordAuthentication = false;
|
||||
challengeResponseAuthentication = false;
|
||||
};
|
||||
|
||||
services.tor = {
|
||||
enable = true;
|
||||
client.enable = true;
|
||||
# ssh hidden service
|
||||
hiddenServices.ssh.map = [{ port = 22; }];
|
||||
service-keys.ssh = "/root/keys/ssh.${machine}.key";
|
||||
};
|
||||
|
||||
programs.ssh.extraConfig = ''
|
||||
Host *.onion
|
||||
ProxyCommand nc -xlocalhost:9050 -X5 %h %p
|
||||
'' +
|
||||
(with lib; (flip concatMapStrings) (filter (hasPrefix "ssh.") (attrNames secrets.tor_hostnames)) (name: ''
|
||||
Host ${removePrefix "ssh." name}.onion
|
||||
hostname ${secrets.tor_hostnames.${name}}
|
||||
''
|
||||
));
|
||||
|
||||
environment.systemPackages = with pkgs; [
|
||||
# v important.
|
||||
cowsay ponysay
|
||||
ed # ed, man!
|
||||
sl
|
||||
rlwrap
|
||||
|
||||
vim
|
||||
|
||||
# system stuff
|
||||
ethtool inetutils
|
||||
pciutils usbutils
|
||||
iotop powertop htop
|
||||
psmisc lsof
|
||||
smartmontools hdparm
|
||||
lm_sensors
|
||||
ncdu
|
||||
|
||||
# utils
|
||||
file which
|
||||
reptyr
|
||||
tmux
|
||||
bc
|
||||
mkpasswd
|
||||
shadow
|
||||
|
||||
# archiving
|
||||
xdelta
|
||||
atool
|
||||
unrar p7zip
|
||||
unzip zip
|
||||
|
||||
# network
|
||||
nmap mtr bind
|
||||
socat netcat-openbsd
|
||||
lftp wget rsync
|
||||
|
||||
git
|
||||
nix-repl
|
||||
rxvt_unicode.terminfo
|
||||
];
|
||||
nix.gc.automatic = true;
|
||||
|
||||
}
|
||||
|
|
@ -41,6 +41,7 @@ in
|
|||
# Nix
|
||||
nixpkgs.config.allowUnfree = true;
|
||||
nix.package = pkgs.nixUnstable;
|
||||
nixpkgs.overlays = import ../packages;
|
||||
|
||||
nix.buildCores = config.nix.maxJobs;
|
||||
|
||||
|
|
|
@ -9,7 +9,6 @@
|
|||
drivers = [ pkgs.gutenprint ];
|
||||
};
|
||||
environment.systemPackages = [pkgs.ghostscript pkgs.yubikey-manager];
|
||||
nix.gc.automatic = pkgs.lib.mkOverride 30 false;
|
||||
#services.xserver.displayManager.sessionCommands = ''
|
||||
# gpg-connect-agent /bye
|
||||
# unset SSH_AGENT_PID
|
||||
|
|
Loading…
Reference in New Issue