diff --git a/hosts/20212060/configuration.nix b/hosts/20212060/configuration.nix index 19940d0..7ad8ff4 100644 --- a/hosts/20212060/configuration.nix +++ b/hosts/20212060/configuration.nix @@ -1,4 +1,9 @@ -{ inputs, pkgs, ... }: +{ + inputs, + pkgs, + lib, + ... +}: { # State version @@ -11,6 +16,7 @@ users.users.jan.extraGroups = [ "wheel" "wireshark" + "podman" ]; # Set up kerberos @@ -24,6 +30,65 @@ }; }; + services.netbird = { + enable = true; + }; + + # TODO: Move clatd setup + + # services.clatd = { + # enable = true; + # enableNetworkManagerIntegration = true; + # }; + # networking.networkmanager.settings = { + # connection."ipv6.clat" = "yes"; + # }; + networking.networkmanager.package = pkgs.networkmanager.overrideAttrs ( + final: prev: { + src = pkgs.fetchFromGitLab { + domain = "gitlab.freedesktop.org"; + owner = "Mstrodl"; + repo = "NetworkManager"; + # rev = "d367285a1fec5167f2fa94af2ea1448b6e21650e"; + # sha256 = "0BHxuJ6KtFoVxh2Xt0bq4oM3q87QBhtawyMtixz/cPs="; + rev = "fa3b0c6ade05a67316520d143608c5bd9963a23c"; + hash = "sha256-7TENrRDKXMFPWv6oDuBWBYIBrDvNsy/JGtkppMk1oQo="; + }; + + postPatch = prev.postPatch + '' + substituteInPlace meson.build \ + --replace "find_program('clang'" "find_program('${pkgs.stdenv.cc.targetPrefix}clang'" + ''; + + hardeningDisable = [ + "zerocallusedregs" + "shadowstack" + "pacret" + ]; + + nativeBuildInputs = + prev.nativeBuildInputs + ++ (with pkgs; [ + xdp-tools + bpftools + buildPackages.llvmPackages.clang + buildPackages.llvmPackages.libllvm + ]); + + buildInputs = + prev.buildInputs + ++ (with pkgs; [ + libbpf + ]); + + mesonFlags = prev.mesonFlags ++ [ + "-Dclat=true" + "-Dnbft=false" + "-Dbpf-compiler=clang" + ]; + } + ); + # TODO: Remove once laptop is properly integrated into domain programs.ssh = { package = pkgs.openssh_gssapi; @@ -58,6 +123,30 @@ }; }; + # Enable flatpak + services.flatpak.enable = true; + + # Set up MADD + # services.madd-client = { + # enable = true; + # endpoint = "http://localhost:3000"; + # interface = "wlp0s20f3"; + # }; + # services.madd-server = { + # enable = true; + # settings = { + # bind = "127.0.0.1:3000"; + # zone = "lab.bulthuis.dev"; + # networks = [ "10.0.0.0/8" ]; + # registration_limit = 1; + # dns_server = "127.0.0.1:2053"; + # tsig_key_name = "madd"; + # tsig_key_file = "/home/jan/Code/MADD/madd.tsig"; + # tsig_algorithm = "hmac-sha256"; + # data_dir = "/var/lib/madd"; + # }; + # }; + # Module setup modules = { profiles.laptop.enable = true; @@ -66,4 +155,52 @@ imports = [ ./hardware-configuration.nix ]; + + virtualisation.podman = { + enable = true; + dockerCompat = true; + dockerSocket.enable = true; + autoPrune.enable = true; + }; + + environment.systemPackages = + let + wrapProgram = + pkg: bwrapArgs: + pkgs.runCommandLocal pkg.name { bwrapArgs = (lib.join " \\\n" bwrapArgs) + " \\"; } '' + mkdir -p $out + + # Link all top level folders + ln -s ${pkg}/* $out + + # Except for bin + rm $out/bin + mkdir -p $out/bin + + # Wrap each executable + for file in ${pkg}/bin/*; do + base=$(basename $file) + echo "#!/usr/bin/env bash" > $out/bin/$base + echo "exec ${pkgs.bubblewrap}/bin/bwrap \\" >> $out/bin/$base + echo "$bwrapArgs" >> $out/bin/$base + echo "-- $file \"\$@\"" >> $out/bin/$base + chmod +x $out/bin/$base + done + ''; + wish = pkgs.writeShellScriptBin "wish" '' + env + exec ${lib.getExe pkgs.firefox} "$@" + ''; + in + [ + (wrapProgram wish [ + "--new-session" + "--unshare-all" + "--clearenv" + "--dev /dev" + "--proc /proc" + "--ro-bind /nix/store /nix/store" + "--bind $HOME/Code $HOME/Code" + ]) + ]; } diff --git a/hosts/20212060/users/compprog.nix b/hosts/20212060/users/compprog.nix new file mode 100644 index 0000000..e475924 --- /dev/null +++ b/hosts/20212060/users/compprog.nix @@ -0,0 +1,120 @@ +{ + lib, + config, + pkgs, + ... +}: + +{ + home.stateVersion = "24.11"; + + home.packages = with pkgs; [ + # Desktop environment + gnome-text-editor + gnome-calculator + gnome-console + gnome-logs + gnome-system-monitor + nautilus + adwaita-icon-theme + gnome-control-center + gnome-shell-extensions + glib + gnome-menus + gtk3.out + xdg-user-dirs + xdg-user-dirs-gtk + cantarell-fonts + dejavu_fonts + source-code-pro + source-sans + gnome-session + adwaita-fonts + + # Coding tools + vim-full + nano + neovim + emacs + gedit + geany + kdePackages.kate + vscode + python310 + jdk17 + gnumake + gcc + lldb + # pypy310 + + # Runners + (writeShellScriptBin "mygcc" "gcc -std=gnu17 -x c -Wall -O2 -static -pipe -o $1 \"$1.c\" -lm") + (writeShellScriptBin "mygpp" "g++ -std=gnu++20 -x c++ -Wall -O2 -static -pipe -o $1 \"$1.cpp\" -lm") + (writeShellScriptBin "mypython" "python3 $@") + (writeShellScriptBin "myjavac" "javac -encoding UTF-8 -sourcepath . -d . $@") + (writeShellScriptBin "mykotlinc" "kotlinc -d . $@") + ]; + + modules.profiles.gnome.enable = true; + + programs.vscode = { + enable = true; + mutableExtensionsDir = false; + profiles.default = { + extensions = with pkgs.vscode-extensions; [ + ms-vscode.cpptools + ms-dotnettools.csharp + formulahendry.code-runner + vscjava.vscode-java-debug + dbaeumer.vscode-eslint + redhat.java + ms-python.python + ]; + }; + }; + + programs.firefox = { + enable = true; + package = pkgs.firefox; + profiles.default = { + settings = { + "browser.startup.homepage" = "https://domjudge.bulthuis.dev"; + }; + bookmarks = { + force = true; + settings = [ + { + name = "Sites"; + toolbar = true; + bookmarks = [ + { + name = "C Reference"; + url = "https://en.cppreference.com/w/c"; + } + { + name = "C++ Reference"; + url = "https://en.cppreference.com/w/cpp"; + } + { + name = "Python 3.10 documentation"; + url = "https://docs.python.org/3.10/download.html"; + } + { + name = "Java 17 API Specification"; + url = "https://docs.oracle.com/en/java/javase/17/docs/api/"; + } + { + name = "Kotlin Language Documentation"; + url = "https://kotlinlang.org/docs/kotlin-reference.pdf"; + } + { + name = "DOMjudge Team Manual"; + url = "https://www.domjudge.org/docs/manual/main/index.html"; + } + ]; + } + ]; + }; + }; + }; +} diff --git a/hosts/20212060/users/jan.nix b/hosts/20212060/users/jan.nix index f97d752..b878e75 100644 --- a/hosts/20212060/users/jan.nix +++ b/hosts/20212060/users/jan.nix @@ -1,4 +1,5 @@ { + pkgs, ... }: @@ -6,4 +7,25 @@ home.stateVersion = "24.11"; modules.profiles.jan.enable = true; + + # home.packages = with pkgs; [ + # opencloud-desktop + # code-nautilus + # nautilus-open-in-blackbox + # ]; + + xdg.desktopEntries = { + canvas = { + name = "Canvas"; + type = "Application"; + exec = "${pkgs.chromium}/bin/chromium --app=\"https://canvas.tue.nl\" --user-data-dir=/home/jan/.local/state/Canvas"; + settings.StartupWMClass = "chrome-canvas.tue.nl__-Default"; + }; + overleaf = { + name = "Overleaf"; + type = "Application"; + exec = "${pkgs.chromium}/bin/chromium --app=\"https://www.overleaf.com\" --user-data-dir=/home/jan/.local/state/Overleaf"; + settings.StartupWMClass = "chrome-www.overleaf.com__-Default"; + }; + }; }