Add qca6174 firmware update, switch to overlay
parent
5d9fdc8b33
commit
f7fb38af62
|
@ -0,0 +1,7 @@
|
||||||
|
[ (self: super: {
|
||||||
|
gogitget = super.callPackage ./gogitget.nix {};
|
||||||
|
shallot = super.callPackage ./shallot.nix {};
|
||||||
|
yori-cc = super.callPackage ./yori-cc.nix {};
|
||||||
|
firmware_qca6174 = super.callPackage ./firmware_qca6174.nix {};
|
||||||
|
|
||||||
|
})]
|
|
@ -0,0 +1,14 @@
|
||||||
|
{ stdenv, fetchurl }:
|
||||||
|
stdenv.mkDerivation rec {
|
||||||
|
target = "QCA6174";
|
||||||
|
branch = "4.4.1.c1";
|
||||||
|
version = "${branch}-00042";
|
||||||
|
name = "${target}-firmware-${version}";
|
||||||
|
src = fetchurl {
|
||||||
|
url = "https://github.com/kvalo/ath10k-firmware/raw/master/${target}/hw3.0/${branch}/firmware-6.bin_RM.${version}-QCARMSWP-1";
|
||||||
|
sha256 = "01vvz3qhqw5l3yilcqgk1spk4y9k4qy7na7a57cbl037r231szdh";
|
||||||
|
};
|
||||||
|
buildCommand = ''
|
||||||
|
install -D $src $out/lib/firmware/ath10k/${target}/hw3.0/firmware-6.bin
|
||||||
|
'';
|
||||||
|
}
|
|
@ -43,4 +43,6 @@
|
||||||
|
|
||||||
# bigger console font
|
# bigger console font
|
||||||
i18n.consoleFont = "latarcyrheb-sun32";
|
i18n.consoleFont = "latarcyrheb-sun32";
|
||||||
|
|
||||||
|
hardware.firmware = lib.mkBefore [ pkgs.firmware_qca6174 ];
|
||||||
}
|
}
|
||||||
|
|
116
roles/common.nix
116
roles/common.nix
|
@ -1,116 +0,0 @@
|
||||||
let secrets = import <secrets>;
|
|
||||||
in
|
|
||||||
{ config, pkgs, lib, ...}:
|
|
||||||
let
|
|
||||||
machine = with lib; head (splitString "." config.networking.hostName);
|
|
||||||
in
|
|
||||||
{
|
|
||||||
imports = [
|
|
||||||
../modules/tor-hidden-service.nix
|
|
||||||
../modules/nginx.nix
|
|
||||||
../roles/pub.nix
|
|
||||||
../roles/quassel.nix
|
|
||||||
../roles/gogs.nix
|
|
||||||
../roles/mail.nix
|
|
||||||
../roles/website.nix
|
|
||||||
../roles/xmpp.nix
|
|
||||||
];
|
|
||||||
time.timeZone = "Europe/Amsterdam";
|
|
||||||
users.mutableUsers = false;
|
|
||||||
users.extraUsers.root = {
|
|
||||||
openssh.authorizedKeys.keys = config.users.extraUsers.yorick.openssh.authorizedKeys.keys;
|
|
||||||
# root password is useful from console, ssh has password logins disabled
|
|
||||||
hashedPassword = secrets.pennyworth_hashedPassword; # TODO: generate own
|
|
||||||
|
|
||||||
};
|
|
||||||
services.timesyncd.enable = true;
|
|
||||||
services.fail2ban.enable = true;
|
|
||||||
users.extraUsers.yorick = {
|
|
||||||
isNormalUser = true;
|
|
||||||
uid = 1000;
|
|
||||||
extraGroups = ["wheel"];
|
|
||||||
group = "users";
|
|
||||||
openssh.authorizedKeys.keys = with (import ../sshkeys.nix); [yorick];
|
|
||||||
};
|
|
||||||
|
|
||||||
# Nix
|
|
||||||
nixpkgs.config.allowUnfree = true;
|
|
||||||
|
|
||||||
nix.buildCores = config.nix.maxJobs;
|
|
||||||
|
|
||||||
nix.extraOptions = ''
|
|
||||||
allow-unsafe-native-code-during-evaluation = true
|
|
||||||
'';
|
|
||||||
|
|
||||||
# Networking
|
|
||||||
networking.enableIPv6 = false;
|
|
||||||
|
|
||||||
services.openssh = {
|
|
||||||
enable = true;
|
|
||||||
passwordAuthentication = false;
|
|
||||||
challengeResponseAuthentication = false;
|
|
||||||
};
|
|
||||||
|
|
||||||
services.tor = {
|
|
||||||
enable = true;
|
|
||||||
client.enable = true;
|
|
||||||
# ssh hidden service
|
|
||||||
hiddenServices.ssh.map = [{ port = 22; }];
|
|
||||||
service-keys.ssh = "/root/keys/ssh.${machine}.key";
|
|
||||||
};
|
|
||||||
|
|
||||||
programs.ssh.extraConfig = ''
|
|
||||||
Host *.onion
|
|
||||||
ProxyCommand nc -xlocalhost:9050 -X5 %h %p
|
|
||||||
'' +
|
|
||||||
(with lib; (flip concatMapStrings) (filter (hasPrefix "ssh.") (attrNames secrets.tor_hostnames)) (name: ''
|
|
||||||
Host ${removePrefix "ssh." name}.onion
|
|
||||||
hostname ${secrets.tor_hostnames.${name}}
|
|
||||||
''
|
|
||||||
));
|
|
||||||
|
|
||||||
environment.systemPackages = with pkgs; [
|
|
||||||
# v important.
|
|
||||||
cowsay ponysay
|
|
||||||
ed # ed, man!
|
|
||||||
sl
|
|
||||||
rlwrap
|
|
||||||
|
|
||||||
vim
|
|
||||||
|
|
||||||
# system stuff
|
|
||||||
ethtool inetutils
|
|
||||||
pciutils usbutils
|
|
||||||
iotop powertop htop
|
|
||||||
psmisc lsof
|
|
||||||
smartmontools hdparm
|
|
||||||
lm_sensors
|
|
||||||
ncdu
|
|
||||||
|
|
||||||
# utils
|
|
||||||
file which
|
|
||||||
reptyr
|
|
||||||
tmux
|
|
||||||
bc
|
|
||||||
mkpasswd
|
|
||||||
shadow
|
|
||||||
|
|
||||||
# archiving
|
|
||||||
xdelta
|
|
||||||
atool
|
|
||||||
unrar p7zip
|
|
||||||
unzip zip
|
|
||||||
|
|
||||||
# network
|
|
||||||
nmap mtr bind
|
|
||||||
socat netcat-openbsd
|
|
||||||
lftp wget rsync
|
|
||||||
|
|
||||||
git
|
|
||||||
nix-repl
|
|
||||||
rxvt_unicode.terminfo
|
|
||||||
];
|
|
||||||
nix.gc.automatic = true;
|
|
||||||
|
|
||||||
}
|
|
||||||
|
|
|
@ -41,6 +41,7 @@ in
|
||||||
# Nix
|
# Nix
|
||||||
nixpkgs.config.allowUnfree = true;
|
nixpkgs.config.allowUnfree = true;
|
||||||
nix.package = pkgs.nixUnstable;
|
nix.package = pkgs.nixUnstable;
|
||||||
|
nixpkgs.overlays = import ../packages;
|
||||||
|
|
||||||
nix.buildCores = config.nix.maxJobs;
|
nix.buildCores = config.nix.maxJobs;
|
||||||
|
|
||||||
|
|
|
@ -9,7 +9,6 @@
|
||||||
drivers = [ pkgs.gutenprint ];
|
drivers = [ pkgs.gutenprint ];
|
||||||
};
|
};
|
||||||
environment.systemPackages = [pkgs.ghostscript pkgs.yubikey-manager];
|
environment.systemPackages = [pkgs.ghostscript pkgs.yubikey-manager];
|
||||||
nix.gc.automatic = pkgs.lib.mkOverride 30 false;
|
|
||||||
#services.xserver.displayManager.sessionCommands = ''
|
#services.xserver.displayManager.sessionCommands = ''
|
||||||
# gpg-connect-agent /bye
|
# gpg-connect-agent /bye
|
||||||
# unset SSH_AGENT_PID
|
# unset SSH_AGENT_PID
|
||||||
|
|
Loading…
Reference in New Issue