Browse Source

Add qca6174 firmware update, switch to overlay

master
Yorick van Pelt 1 year ago
parent
commit
f7fb38af62
Signed by: Yorick van Pelt <yorick@yorickvanpelt.nl> GPG Key ID: D8D3CC6D951384DE
6 changed files with 24 additions and 117 deletions
  1. 7
    0
      packages/default.nix
  2. 14
    0
      packages/firmware_qca6174.nix
  3. 2
    0
      physical/xps9360.nix
  4. 0
    116
      roles/common.nix
  5. 1
    0
      roles/default.nix
  6. 0
    1
      roles/workstation.nix

+ 7
- 0
packages/default.nix View File

@@ -0,0 +1,7 @@
[ (self: super: {
gogitget = super.callPackage ./gogitget.nix {};
shallot = super.callPackage ./shallot.nix {};
yori-cc = super.callPackage ./yori-cc.nix {};
firmware_qca6174 = super.callPackage ./firmware_qca6174.nix {};

})]

+ 14
- 0
packages/firmware_qca6174.nix View File

@@ -0,0 +1,14 @@
{ stdenv, fetchurl }:
stdenv.mkDerivation rec {
target = "QCA6174";
branch = "4.4.1.c1";
version = "${branch}-00042";
name = "${target}-firmware-${version}";
src = fetchurl {
url = "https://github.com/kvalo/ath10k-firmware/raw/master/${target}/hw3.0/${branch}/firmware-6.bin_RM.${version}-QCARMSWP-1";
sha256 = "01vvz3qhqw5l3yilcqgk1spk4y9k4qy7na7a57cbl037r231szdh";
};
buildCommand = ''
install -D $src $out/lib/firmware/ath10k/${target}/hw3.0/firmware-6.bin
'';
}

+ 2
- 0
physical/xps9360.nix View File

@@ -43,4 +43,6 @@
# bigger console font
i18n.consoleFont = "latarcyrheb-sun32";

hardware.firmware = lib.mkBefore [ pkgs.firmware_qca6174 ];
}

+ 0
- 116
roles/common.nix View File

@@ -1,116 +0,0 @@
let secrets = import <secrets>;
in
{ config, pkgs, lib, ...}:
let
machine = with lib; head (splitString "." config.networking.hostName);
in
{
imports = [
../modules/tor-hidden-service.nix
../modules/nginx.nix
../roles/pub.nix
../roles/quassel.nix
../roles/gogs.nix
../roles/mail.nix
../roles/website.nix
../roles/xmpp.nix
];
time.timeZone = "Europe/Amsterdam";
users.mutableUsers = false;
users.extraUsers.root = {
openssh.authorizedKeys.keys = config.users.extraUsers.yorick.openssh.authorizedKeys.keys;
# root password is useful from console, ssh has password logins disabled
hashedPassword = secrets.pennyworth_hashedPassword; # TODO: generate own

};
services.timesyncd.enable = true;
services.fail2ban.enable = true;
users.extraUsers.yorick = {
isNormalUser = true;
uid = 1000;
extraGroups = ["wheel"];
group = "users";
openssh.authorizedKeys.keys = with (import ../sshkeys.nix); [yorick];
};

# Nix
nixpkgs.config.allowUnfree = true;

nix.buildCores = config.nix.maxJobs;

nix.extraOptions = ''
allow-unsafe-native-code-during-evaluation = true
'';

# Networking
networking.enableIPv6 = false;

services.openssh = {
enable = true;
passwordAuthentication = false;
challengeResponseAuthentication = false;
};

services.tor = {
enable = true;
client.enable = true;
# ssh hidden service
hiddenServices.ssh.map = [{ port = 22; }];
service-keys.ssh = "/root/keys/ssh.${machine}.key";
};

programs.ssh.extraConfig = ''
Host *.onion
ProxyCommand nc -xlocalhost:9050 -X5 %h %p
'' +
(with lib; (flip concatMapStrings) (filter (hasPrefix "ssh.") (attrNames secrets.tor_hostnames)) (name: ''
Host ${removePrefix "ssh." name}.onion
hostname ${secrets.tor_hostnames.${name}}
''
));

environment.systemPackages = with pkgs; [
# v important.
cowsay ponysay
ed # ed, man!
sl
rlwrap

vim

# system stuff
ethtool inetutils
pciutils usbutils
iotop powertop htop
psmisc lsof
smartmontools hdparm
lm_sensors
ncdu
# utils
file which
reptyr
tmux
bc
mkpasswd
shadow
# archiving
xdelta
atool
unrar p7zip
unzip zip

# network
nmap mtr bind
socat netcat-openbsd
lftp wget rsync

git
nix-repl
rxvt_unicode.terminfo
];
nix.gc.automatic = true;

}


+ 1
- 0
roles/default.nix View File

@@ -41,6 +41,7 @@ in
# Nix
nixpkgs.config.allowUnfree = true;
nix.package = pkgs.nixUnstable;
nixpkgs.overlays = import ../packages;

nix.buildCores = config.nix.maxJobs;


+ 0
- 1
roles/workstation.nix View File

@@ -9,7 +9,6 @@
drivers = [ pkgs.gutenprint ];
};
environment.systemPackages = [pkgs.ghostscript pkgs.yubikey-manager];
nix.gc.automatic = pkgs.lib.mkOverride 30 false;
#services.xserver.displayManager.sessionCommands = ''
# gpg-connect-agent /bye
# unset SSH_AGENT_PID

Loading…
Cancel
Save