From f7fb38af62c41824aed4df4f088b0a84bb9dec40 Mon Sep 17 00:00:00 2001
From: Yorick van Pelt <yorick@yorickvanpelt.nl>
Date: Sun, 13 May 2018 01:03:19 +0200
Subject: [PATCH] Add qca6174 firmware update, switch to overlay

---
 packages/default.nix          |   7 ++
 packages/firmware_qca6174.nix |  14 ++++
 physical/xps9360.nix          |   2 +
 roles/common.nix              | 116 ----------------------------------
 roles/default.nix             |   1 +
 roles/workstation.nix         |   1 -
 6 files changed, 24 insertions(+), 117 deletions(-)
 create mode 100644 packages/default.nix
 create mode 100644 packages/firmware_qca6174.nix
 delete mode 100644 roles/common.nix

diff --git a/packages/default.nix b/packages/default.nix
new file mode 100644
index 0000000..0da4db9
--- /dev/null
+++ b/packages/default.nix
@@ -0,0 +1,7 @@
+[ (self: super: {
+  gogitget = super.callPackage ./gogitget.nix {};
+  shallot = super.callPackage ./shallot.nix {};
+  yori-cc = super.callPackage ./yori-cc.nix {};
+  firmware_qca6174 = super.callPackage ./firmware_qca6174.nix {};
+
+})]
diff --git a/packages/firmware_qca6174.nix b/packages/firmware_qca6174.nix
new file mode 100644
index 0000000..69832da
--- /dev/null
+++ b/packages/firmware_qca6174.nix
@@ -0,0 +1,14 @@
+{ stdenv, fetchurl  }:
+stdenv.mkDerivation rec {
+  target = "QCA6174";
+  branch = "4.4.1.c1";
+  version = "${branch}-00042";
+  name = "${target}-firmware-${version}";
+  src = fetchurl {
+    url = "https://github.com/kvalo/ath10k-firmware/raw/master/${target}/hw3.0/${branch}/firmware-6.bin_RM.${version}-QCARMSWP-1";
+    sha256 = "01vvz3qhqw5l3yilcqgk1spk4y9k4qy7na7a57cbl037r231szdh";
+  };
+  buildCommand = ''
+    install -D $src $out/lib/firmware/ath10k/${target}/hw3.0/firmware-6.bin
+  '';
+}
diff --git a/physical/xps9360.nix b/physical/xps9360.nix
index 2f9b5a6..00c0587 100644
--- a/physical/xps9360.nix
+++ b/physical/xps9360.nix
@@ -43,4 +43,6 @@
   
   # bigger console font
   i18n.consoleFont = "latarcyrheb-sun32";
+
+  hardware.firmware = lib.mkBefore [ pkgs.firmware_qca6174 ];
 }
diff --git a/roles/common.nix b/roles/common.nix
deleted file mode 100644
index eae45c8..0000000
--- a/roles/common.nix
+++ /dev/null
@@ -1,116 +0,0 @@
-let secrets = import <secrets>;
-in
-{ config, pkgs, lib, ...}:
-let
-  machine = with lib; head (splitString "." config.networking.hostName);
-in
-{
-	imports = [
-    ../modules/tor-hidden-service.nix
-    ../modules/nginx.nix
-    ../roles/pub.nix
-    ../roles/quassel.nix
-    ../roles/gogs.nix
-    ../roles/mail.nix
-    ../roles/website.nix
-    ../roles/xmpp.nix
-  ];
-	time.timeZone = "Europe/Amsterdam";
-	users.mutableUsers = false;
-	users.extraUsers.root = {
-		openssh.authorizedKeys.keys = config.users.extraUsers.yorick.openssh.authorizedKeys.keys;
-    # root password is useful from console, ssh has password logins disabled
-    hashedPassword = secrets.pennyworth_hashedPassword; # TODO: generate own
-
-	};
-  services.timesyncd.enable = true;
-  services.fail2ban.enable = true;
-	users.extraUsers.yorick = {
-	  isNormalUser = true;
-	  uid = 1000;
-	  extraGroups = ["wheel"];
-	  group = "users";
-	  openssh.authorizedKeys.keys = with (import ../sshkeys.nix); [yorick];
-	};
-
-  # Nix
-  nixpkgs.config.allowUnfree = true;
-
-  nix.buildCores = config.nix.maxJobs;
-
-  nix.extraOptions = ''
-    allow-unsafe-native-code-during-evaluation = true
-  '';
-
-  # Networking
-  networking.enableIPv6 = false;
-
-  services.openssh = {
-    enable = true;
-  	passwordAuthentication = false;
-  	challengeResponseAuthentication = false;
-  };
-
-  services.tor = {
-    enable = true;
-    client.enable = true;
-    # ssh hidden service
-    hiddenServices.ssh.map = [{ port = 22; }];
-    service-keys.ssh = "/root/keys/ssh.${machine}.key";
-  };
-
-  programs.ssh.extraConfig = ''
-    Host *.onion
-      ProxyCommand nc -xlocalhost:9050 -X5 %h %p
-  '' +
-  (with lib; (flip concatMapStrings) (filter (hasPrefix "ssh.") (attrNames secrets.tor_hostnames)) (name: ''
-    Host ${removePrefix "ssh." name}.onion
-        hostname ${secrets.tor_hostnames.${name}}
-    ''
-    ));
-
-  environment.systemPackages = with pkgs; [
-    # v important.
-    cowsay ponysay
-    ed # ed, man!
-    sl
-    rlwrap
-
-    vim
-
-    # system stuff
-    ethtool inetutils
-    pciutils usbutils
-    iotop powertop htop
-    psmisc lsof
-    smartmontools hdparm
-    lm_sensors
-    ncdu
-    
-    # utils
-    file which
-    reptyr
-    tmux
-    bc
-    mkpasswd
-    shadow
-    
-    # archiving
-    xdelta
-    atool
-    unrar p7zip
-    unzip zip
-
-    # network
-    nmap mtr bind
-    socat netcat-openbsd
-    lftp wget rsync
-
-    git
-    nix-repl
-    rxvt_unicode.terminfo
-  ];
-  nix.gc.automatic = true;
-
-}
-
diff --git a/roles/default.nix b/roles/default.nix
index 3214df8..576ce6f 100644
--- a/roles/default.nix
+++ b/roles/default.nix
@@ -41,6 +41,7 @@ in
   # Nix
   nixpkgs.config.allowUnfree = true;
   nix.package = pkgs.nixUnstable;
+  nixpkgs.overlays = import ../packages;
 
   nix.buildCores = config.nix.maxJobs;
 
diff --git a/roles/workstation.nix b/roles/workstation.nix
index 223b2c5..052676d 100644
--- a/roles/workstation.nix
+++ b/roles/workstation.nix
@@ -9,7 +9,6 @@
     drivers = [ pkgs.gutenprint ];
   };
   environment.systemPackages = [pkgs.ghostscript pkgs.yubikey-manager];
-  nix.gc.automatic = pkgs.lib.mkOverride 30 false;
   #services.xserver.displayManager.sessionCommands = ''
   #  gpg-connect-agent /bye
   #  unset SSH_AGENT_PID