No known key found for this signature in database
GPG Key ID: B4C3BF012D9B26BE
10 changed files with
87 additions and
37 deletions
-
client/desktop.nix
-
client/gpu.nix
-
client/hardware.nix
-
client/users.nix
-
clients.nix
-
flake.lock
-
flake.nix
-
installer.nix
-
machines/nfs/netinstaller.nix
-
machines/nfs/nfs.nix
|
@ -1,16 +1,48 @@ |
|
|
{ pkgs, ... }: |
|
|
{ pkgs, ... }: |
|
|
|
|
|
|
|
|
{ |
|
|
{ |
|
|
services.xserver = { |
|
|
|
|
|
|
|
|
services = { |
|
|
|
|
|
xserver = { |
|
|
enable = true; |
|
|
enable = true; |
|
|
displayManager.gdm = { |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
displayManager = { |
|
|
|
|
|
lightdm = { |
|
|
enable = true; |
|
|
enable = true; |
|
|
wayland = true; |
|
|
|
|
|
|
|
|
greeters.slick.enable = true; |
|
|
|
|
|
|
|
|
|
|
|
extraSeatDefaults = '' |
|
|
|
|
|
greeter-show-manual-login=true |
|
|
|
|
|
greeter-hide-users=true |
|
|
|
|
|
allow-guest=false |
|
|
|
|
|
''; |
|
|
|
|
|
}; |
|
|
|
|
|
}; |
|
|
|
|
|
|
|
|
|
|
|
desktopManager = { |
|
|
|
|
|
gnome = { |
|
|
|
|
|
enable = true; |
|
|
|
|
|
debug = true; |
|
|
|
|
|
}; |
|
|
|
|
|
|
|
|
|
|
|
xterm.enable = false; |
|
|
}; |
|
|
}; |
|
|
desktopManager.gnome.enable = true; |
|
|
|
|
|
|
|
|
|
|
|
xkb.layout = "de"; |
|
|
xkb.layout = "de"; |
|
|
}; |
|
|
}; |
|
|
|
|
|
|
|
|
|
|
|
displayManager = { |
|
|
|
|
|
defaultSession = "gnome"; |
|
|
|
|
|
logToFile = true; |
|
|
|
|
|
}; |
|
|
|
|
|
|
|
|
|
|
|
gnome = { |
|
|
|
|
|
core-utilities.enable = true; |
|
|
|
|
|
core-shell.enable = true; |
|
|
|
|
|
core-os-services.enable = true; |
|
|
|
|
|
gnome-keyring.enable = true; |
|
|
|
|
|
}; |
|
|
|
|
|
}; |
|
|
|
|
|
|
|
|
environment.gnome.excludePackages = with pkgs; [ |
|
|
environment.gnome.excludePackages = with pkgs; [ |
|
|
epiphany |
|
|
epiphany |
|
|
gnome-online-accounts-gtk |
|
|
gnome-online-accounts-gtk |
|
|
|
@ -1,11 +1,18 @@ |
|
|
{ pkgs, ... }: |
|
|
|
|
|
|
|
|
{ config, ... }: |
|
|
|
|
|
|
|
|
{ |
|
|
{ |
|
|
hardware.opengl = { |
|
|
hardware.opengl = { |
|
|
enable = true; |
|
|
enable = true; |
|
|
driSupport32Bit = true; |
|
|
driSupport32Bit = true; |
|
|
extraPackages = with pkgs; [ |
|
|
|
|
|
]; |
|
|
|
|
|
}; |
|
|
}; |
|
|
|
|
|
|
|
|
|
|
|
hardware.nvidia = { |
|
|
|
|
|
modesetting.enable = true; |
|
|
|
|
|
powerManagement.enable = false; |
|
|
|
|
|
|
|
|
|
|
|
package = config.boot.kernelPackages.nvidiaPackages.stable; |
|
|
|
|
|
}; |
|
|
|
|
|
|
|
|
|
|
|
services.xserver.videoDrivers = [ "nvidia" ]; |
|
|
} |
|
|
} |
|
|
|
|
|
|
|
@ -9,36 +9,34 @@ |
|
|
|
|
|
|
|
|
boot = { |
|
|
boot = { |
|
|
loader = { |
|
|
loader = { |
|
|
systemd-boot.enable = true; |
|
|
|
|
|
efi.canTouchEfiVariables = true; |
|
|
|
|
|
|
|
|
grub.enable = true; |
|
|
}; |
|
|
}; |
|
|
|
|
|
|
|
|
consoleLogLevel = 3; |
|
|
|
|
|
|
|
|
#consoleLogLevel = 3; |
|
|
|
|
|
|
|
|
initrd = { |
|
|
initrd = { |
|
|
systemd.enable = true; |
|
|
|
|
|
verbose = false; |
|
|
|
|
|
|
|
|
#systemd.enable = true; |
|
|
|
|
|
#verbose = true; |
|
|
availableKernelModules = [ |
|
|
availableKernelModules = [ |
|
|
"uhci_hcd" |
|
|
|
|
|
"ehci_pci" |
|
|
|
|
|
"ata_piix" |
|
|
|
|
|
"mptsas" |
|
|
|
|
|
"usb_storage" |
|
|
|
|
|
|
|
|
"xhci_pci" |
|
|
|
|
|
"ahci" |
|
|
|
|
|
"nvme" |
|
|
"usbhid" |
|
|
"usbhid" |
|
|
"sd_mod" |
|
|
|
|
|
"sr_mod" |
|
|
|
|
|
]; |
|
|
]; |
|
|
}; |
|
|
}; |
|
|
|
|
|
|
|
|
|
|
|
kernelModules = [ "kvm-intel" ]; |
|
|
|
|
|
|
|
|
kernelParams = [ |
|
|
kernelParams = [ |
|
|
"quiet" |
|
|
|
|
|
"udev.log_level=3" |
|
|
|
|
|
|
|
|
#"quiet" |
|
|
|
|
|
#"udev.log_level=3" |
|
|
|
|
|
"log_level=4" |
|
|
]; |
|
|
]; |
|
|
|
|
|
|
|
|
plymouth = { |
|
|
|
|
|
enable = true; |
|
|
|
|
|
theme = "bgrt"; |
|
|
|
|
|
}; |
|
|
|
|
|
|
|
|
#plymouth = { |
|
|
|
|
|
# enable = true; |
|
|
|
|
|
# theme = "bgrt"; |
|
|
|
|
|
#}; |
|
|
}; |
|
|
}; |
|
|
|
|
|
|
|
|
hardware.enableRedistributableFirmware = true; |
|
|
hardware.enableRedistributableFirmware = true; |
|
|
|
@ -20,6 +20,11 @@ in |
|
|
sssdStrictAccess = true; |
|
|
sssdStrictAccess = true; |
|
|
unixAuth = lib.mkForce true; |
|
|
unixAuth = lib.mkForce true; |
|
|
}; |
|
|
}; |
|
|
|
|
|
lightdm = { |
|
|
|
|
|
makeHomeDir = true; |
|
|
|
|
|
sssdStrictAccess = true; |
|
|
|
|
|
unixAuth = lib.mkForce true; |
|
|
|
|
|
}; |
|
|
systemd-user = { |
|
|
systemd-user = { |
|
|
makeHomeDir = true; |
|
|
makeHomeDir = true; |
|
|
sssdStrictAccess = true; |
|
|
sssdStrictAccess = true; |
|
|
|
@ -11,5 +11,9 @@ |
|
|
"04" = { |
|
|
"04" = { |
|
|
mac = ""; |
|
|
mac = ""; |
|
|
}; |
|
|
}; |
|
|
|
|
|
"13" = { |
|
|
|
|
|
targetHost = "10.33.65.113"; |
|
|
|
|
|
mac = ""; |
|
|
|
|
|
}; |
|
|
} |
|
|
} |
|
|
|
|
|
|
|
@ -203,11 +203,11 @@ |
|
|
"ldap-sync": { |
|
|
"ldap-sync": { |
|
|
"flake": false, |
|
|
"flake": false, |
|
|
"locked": { |
|
|
"locked": { |
|
|
"lastModified": 1705328305, |
|
|
|
|
|
"narHash": "sha256-PPc16Obzg53YVLSMP2pCOXBF6+q7/BIG6FF7EiI0st8=", |
|
|
|
|
|
|
|
|
"lastModified": 1731935440, |
|
|
|
|
|
"narHash": "sha256-hMVN9As58cqqiu9JQaS4ffmzhG4xV01QhNKsTP5BF9c=", |
|
|
"ref": "refs/heads/main", |
|
|
"ref": "refs/heads/main", |
|
|
"rev": "49edeafeaf7fbadbfe59e4763223593cab989317", |
|
|
|
|
|
"revCount": 14, |
|
|
|
|
|
|
|
|
"rev": "4b4b76543b298f0db15644c308c3a4deaaa4dbdd", |
|
|
|
|
|
"revCount": 17, |
|
|
"type": "git", |
|
|
"type": "git", |
|
|
"url": "https://gogs.informatik.hs-fulda.de/fooker/ldap-sync.git" |
|
|
"url": "https://gogs.informatik.hs-fulda.de/fooker/ldap-sync.git" |
|
|
}, |
|
|
}, |
|
|
|
@ -95,7 +95,7 @@ |
|
|
// (builtins.listToAttrs (builtins.map |
|
|
// (builtins.listToAttrs (builtins.map |
|
|
(id: { |
|
|
(id: { |
|
|
name = "client-${id}"; |
|
|
name = "client-${id}"; |
|
|
value = ./client; |
|
|
|
|
|
|
|
|
value = (import ./client) id; |
|
|
}) |
|
|
}) |
|
|
clients)) |
|
|
clients)) |
|
|
; |
|
|
; |
|
|
|
@ -75,7 +75,6 @@ in |
|
|
}; |
|
|
}; |
|
|
}; |
|
|
}; |
|
|
|
|
|
|
|
|
# Expose the installer script |
|
|
|
|
|
system.build.installer = installer; |
|
|
|
|
|
|
|
|
system.stateVersion = config.system.nixos.release; |
|
|
} |
|
|
} |
|
|
|
|
|
|
|
@ -27,6 +27,10 @@ let |
|
|
--no-channel-copy \ |
|
|
--no-channel-copy \ |
|
|
--no-root-password \ |
|
|
--no-root-password \ |
|
|
--verbose |
|
|
--verbose |
|
|
|
|
|
|
|
|
|
|
|
# umount -R /mnt |
|
|
|
|
|
|
|
|
|
|
|
# reboot |
|
|
''; |
|
|
''; |
|
|
|
|
|
|
|
|
ipxe-script = pkgs.writeText "boot-local.ipxe" '' |
|
|
ipxe-script = pkgs.writeText "boot-local.ipxe" '' |
|
@ -36,7 +40,7 @@ let |
|
|
|
|
|
|
|
|
prompt --key 0x18 --timeout 5000 Press Ctrl-X to re-deploy system... || goto local |
|
|
prompt --key 0x18 --timeout 5000 Press Ctrl-X to re-deploy system... || goto local |
|
|
|
|
|
|
|
|
echo "Starting installer..." |
|
|
|
|
|
|
|
|
echo Starting installer... |
|
|
sleep 2 |
|
|
sleep 2 |
|
|
|
|
|
|
|
|
kernel --name kernel http://''${next-server:ipv4}/bzImage || goto err |
|
|
kernel --name kernel http://''${next-server:ipv4}/bzImage || goto err |
|
@ -45,10 +49,11 @@ let |
|
|
boot kernel initrd=initrd init=${installer.config.system.build.toplevel}/init nixos.install=${installer-script} loglevel=4 || goto err |
|
|
boot kernel initrd=initrd init=${installer.config.system.build.toplevel}/init nixos.install=${installer-script} loglevel=4 || goto err |
|
|
|
|
|
|
|
|
:err |
|
|
:err |
|
|
|
|
|
:shell |
|
|
shell |
|
|
shell |
|
|
|
|
|
|
|
|
:local |
|
|
:local |
|
|
echo "Booting local disk..." |
|
|
|
|
|
|
|
|
prompt --key 0x19 --timeout 2000 Booting local disk... && goto shell |
|
|
sleep 2 |
|
|
sleep 2 |
|
|
|
|
|
|
|
|
sanboot -n -d 0x80 |
|
|
sanboot -n -d 0x80 |
|
|
|
@ -6,7 +6,7 @@ with lib; |
|
|
services.nfs.server = { |
|
|
services.nfs.server = { |
|
|
enable = true; |
|
|
enable = true; |
|
|
exports = '' |
|
|
exports = '' |
|
|
/home 10.32.45.0/24(rw,async,no_root_squash) |
|
|
|
|
|
|
|
|
/home 10.33.64.0/20(rw,async,no_root_squash) |
|
|
''; |
|
|
''; |
|
|
}; |
|
|
}; |
|
|
|
|
|
|
|
|