holy moly we're almost there

2022-09-19 08:13:50 +10:00
commit 3693732aac
203 changed files with 17247 additions and 0 deletions
@@ -0,0 +1,152 @@
+{ self, profiles, suites, ... }:
+{
+  imports = [
+    ./configuration.nix
+    profiles.mossnet-hosts
+  ] ++ suites.curve;
+
+  home-manager.users.anish = { suites, ... }: {
+    imports = suites.gui;
+  };
+
+  programs.gnupg.agent.pinentryFlavor = "gnome3";
+
+  fileSystems."/mnt/ftp" = {
+    device = "192.168.1.240:/home/ftp";
+    fsType = "nfs";
+    options = [ "x-systemd.automount" "noauto" "x-systemd.idle-timeout=600" ];
+  };
+
+  fileSystems."/mnt/tv" = {
+    device = "192.168.1.240:/mnt/three/tv";
+    fsType = "nfs";
+    options = [ "x-systemd.automount" "noauto" "x-systemd.idle-timeout=600" ];
+  };
+
+  fileSystems."/mnt/movies" = {
+    device = "192.168.1.240:/mnt/three/movies";
+    fsType = "nfs";
+    options = [ "x-systemd.automount" "noauto" "x-systemd.idle-timeout=600" ];
+  };
+
+  boot.supportedFilesystems = [ "ntfs" ];
+
+  # lazy enable of ports necessary for KDE connect which is installed via cli home profile (for some reason?)
+  networking.firewall = {
+    allowedTCPPortRanges = [{ from = 1714; to = 1764; }];
+    allowedUDPPortRanges = [{ from = 1714; to = 1764; }];
+  };
+
+  age.secrets.curve-wg.file = "${self}/secrets/curve-wg.age";
+  age.secrets.curve-wg.owner = "anish";
+  mossnet.wg = {
+    enable = true;
+    ips = [ "10.0.69.2/24" ];
+    privateKeyFile = "/run/agenix/curve-wg";
+  };
+
+  age.secrets.borg-password.file = "${self}/secrets/borg-password.age";
+  mossnet.backup = {
+    enable = true;
+    name = "curve";
+    paths = [ "/home/anish" ];
+  };
+
+  # enable adb 
+  # TODO move this (it's for KaiOS WebIDE devShell?)
+  programs.adb.enable = true;
+  #virtualisation.docker.enable = true;
+  boot.blacklistedKernelModules = [ "qcserial" ];
+  # Used for packer Capsul
+  users.users.anish.extraGroups = [ "adbusers" "wheel" "plugdev" "libvertd" ];
+  virtualisation.libvirtd.enable = true;
+  hardware.keyboard.zsa.enable = true;
+  services.udev.extraRules = ''
+    # Qualcomm EDL
+    SUBSYSTEMS=="usb", ATTRS{idVendor}=="05c6", ATTRS{idProduct}=="9008", MODE="0666", GROUP="plugdev"
+
+    # Qualcomm Memory Debug
+    SUBSYSTEMS=="usb", ATTRS{idVendor}=="05c6", ATTRS{idProduct}=="9006", MODE="0666", GROUP="plugdev"
+
+    # Atmel DFU
+    ### ATmega16U2
+    SUBSYSTEMS=="usb", ATTRS{idVendor}=="03eb", ATTRS{idProduct}=="2fef", TAG+="uaccess"
+    ### ATmega32U2
+    SUBSYSTEMS=="usb", ATTRS{idVendor}=="03eb", ATTRS{idProduct}=="2ff0", TAG+="uaccess"
+    ### ATmega16U4
+    SUBSYSTEMS=="usb", ATTRS{idVendor}=="03eb", ATTRS{idProduct}=="2ff3", TAG+="uaccess"
+    ### ATmega32U4
+    SUBSYSTEMS=="usb", ATTRS{idVendor}=="03eb", ATTRS{idProduct}=="2ff4", TAG+="uaccess"
+    ### AT90USB64
+    SUBSYSTEMS=="usb", ATTRS{idVendor}=="03eb", ATTRS{idProduct}=="2ff9", TAG+="uaccess"
+    ### AT90USB162
+    SUBSYSTEMS=="usb", ATTRS{idVendor}=="03eb", ATTRS{idProduct}=="2ffa", TAG+="uaccess"
+    ### AT90USB128
+    SUBSYSTEMS=="usb", ATTRS{idVendor}=="03eb", ATTRS{idProduct}=="2ffb", TAG+="uaccess"
+
+    # Input Club
+    SUBSYSTEMS=="usb", ATTRS{idVendor}=="1c11", ATTRS{idProduct}=="b007", TAG+="uaccess"
+
+    # STM32duino
+    SUBSYSTEMS=="usb", ATTRS{idVendor}=="1eaf", ATTRS{idProduct}=="0003", TAG+="uaccess"
+    # STM32 DFU
+    SUBSYSTEMS=="usb", ATTRS{idVendor}=="0483", ATTRS{idProduct}=="df11", TAG+="uaccess"
+
+    # BootloadHID
+    SUBSYSTEMS=="usb", ATTRS{idVendor}=="16c0", ATTRS{idProduct}=="05df", TAG+="uaccess"
+
+    # USBAspLoader
+    SUBSYSTEMS=="usb", ATTRS{idVendor}=="16c0", ATTRS{idProduct}=="05dc", TAG+="uaccess"
+
+    # ModemManager should ignore the following devices
+    # Atmel SAM-BA (Massdrop)
+    SUBSYSTEMS=="usb", ATTRS{idVendor}=="03eb", ATTRS{idProduct}=="6124", TAG+="uaccess", ENV{ID_MM_DEVICE_IGNORE}="1"
+
+    # Caterina (Pro Micro)
+    ## pid.codes shared PID
+    ### Keyboardio Atreus 2 Bootloader
+    SUBSYSTEMS=="usb", ATTRS{idVendor}=="1209", ATTRS{idProduct}=="2302", TAG+="uaccess", ENV{ID_MM_DEVICE_IGNORE}="1"
+    ## Spark Fun Electronics
+    ### Pro Micro 3V3/8MHz
+    SUBSYSTEMS=="usb", ATTRS{idVendor}=="1b4f", ATTRS{idProduct}=="9203", TAG+="uaccess", ENV{ID_MM_DEVICE_IGNORE}="1"
+    ### Pro Micro 5V/16MHz
+    SUBSYSTEMS=="usb", ATTRS{idVendor}=="1b4f", ATTRS{idProduct}=="9205", TAG+="uaccess", ENV{ID_MM_DEVICE_IGNORE}="1"
+    ### LilyPad 3V3/8MHz (and some Pro Micro clones)
+    SUBSYSTEMS=="usb", ATTRS{idVendor}=="1b4f", ATTRS{idProduct}=="9207", TAG+="uaccess", ENV{ID_MM_DEVICE_IGNORE}="1"
+    ## Pololu Electronics
+    ### A-Star 32U4
+    SUBSYSTEMS=="usb", ATTRS{idVendor}=="1ffb", ATTRS{idProduct}=="0101", TAG+="uaccess", ENV{ID_MM_DEVICE_IGNORE}="1"
+    ## Arduino SA
+    ### Leonardo
+    SUBSYSTEMS=="usb", ATTRS{idVendor}=="2341", ATTRS{idProduct}=="0036", TAG+="uaccess", ENV{ID_MM_DEVICE_IGNORE}="1"
+    ### Micro
+    SUBSYSTEMS=="usb", ATTRS{idVendor}=="2341", ATTRS{idProduct}=="0037", TAG+="uaccess", ENV{ID_MM_DEVICE_IGNORE}="1"
+    ## Adafruit Industries LLC
+    ### Feather 32U4
+    SUBSYSTEMS=="usb", ATTRS{idVendor}=="239a", ATTRS{idProduct}=="000c", TAG+="uaccess", ENV{ID_MM_DEVICE_IGNORE}="1"
+    ### ItsyBitsy 32U4 3V3/8MHz
+    SUBSYSTEMS=="usb", ATTRS{idVendor}=="239a", ATTRS{idProduct}=="000d", TAG+="uaccess", ENV{ID_MM_DEVICE_IGNORE}="1"
+    ### ItsyBitsy 32U4 5V/16MHz
+    SUBSYSTEMS=="usb", ATTRS{idVendor}=="239a", ATTRS{idProduct}=="000e", TAG+="uaccess", ENV{ID_MM_DEVICE_IGNORE}="1"
+    ## dog hunter AG
+    ### Leonardo
+    SUBSYSTEMS=="usb", ATTRS{idVendor}=="2a03", ATTRS{idProduct}=="0036", TAG+="uaccess", ENV{ID_MM_DEVICE_IGNORE}="1"
+    ### Micro
+    SUBSYSTEMS=="usb", ATTRS{idVendor}=="2a03", ATTRS{idProduct}=="0037", TAG+="uaccess", ENV{ID_MM_DEVICE_IGNORE}="1"
+
+    # hid_listen
+    KERNEL=="hidraw*", MODE="0660", GROUP="plugdev", TAG+="uaccess", TAG+="udev-acl"
+
+    # hid bootloaders
+    ## QMK HID
+    SUBSYSTEMS=="usb", ATTRS{idVendor}=="03eb", ATTRS{idProduct}=="2067", TAG+="uaccess"
+    ## PJRC's HalfKay
+    SUBSYSTEMS=="usb", ATTRS{idVendor}=="16c0", ATTRS{idProduct}=="0478", TAG+="uaccess"
+  '';
+
+  # enable wireguard tunnel
+  # privKey = "/run/secrets/curve-wg"; -> local config
+  # publicKey = "..."; -> shipped to server config
+  # IP = "10.0.69.2"; -> shipped to both configs
+  system.stateVersion = "22.05";
+}