Refactoring

2025-09-07 20:26:24 +02:00 · 2025-09-07 20:26:24 +02:00 · 3a90b4b3f6
commit 3a90b4b3f6
parent 23fa2928d7
9 changed files with 475 additions and 428 deletions
--- a/66
+++ b/66
@ -0,0 +1,66 @@
+# just is a command runner, Justfile is very similar to Makefile, but simpler.
+
+############################################################################
+#
+#  Nix commands related to the local machine
+#
+############################################################################
+
+deploy:
+  nixos-rebuild switch --flake . --use-remote-sudo
+
+debug:
+  nixos-rebuild switch --flake . --use-remote-sudo --show-trace --verbose
+
+up:
+  nix flake update
+
+# Update specific input
+# usage: make upp i=home-manager
+upp:
+  nix flake update $(i)
+
+history:
+  nix profile history --profile /nix/var/nix/profiles/system
+
+repl:
+  nix repl -f flake:nixpkgs
+
+clean:
+  # remove all generations older than 7 days
+  sudo nix profile wipe-history --profile /nix/var/nix/profiles/system  --older-than 7d
+
+gc:
+  # garbage collect all unused nix store entries
+  sudo nix-collect-garbage --delete-old
+
+############################################################################
+#
+#  Idols, Commands related to my remote distributed building cluster
+#
+############################################################################
+
+add-idols-ssh-key:
+  ssh-add ~/.ssh/ai-idols
+
+aqua: add-idols-ssh-key
+  nixos-rebuild --flake .#aquamarine --target-host aquamarine --build-host aquamarine switch --use-remote-sudo
+
+aqua-debug: add-idols-ssh-key
+  nixos-rebuild --flake .#aquamarine --target-host aquamarine --build-host aquamarine switch --use-remote-sudo --show-trace --verbose
+
+ruby: add-idols-ssh-key
+  nixos-rebuild --flake .#ruby --target-host ruby --build-host ruby switch --use-remote-sudo
+
+ruby-debug: add-idols-ssh-key
+  nixos-rebuild --flake .#ruby --target-host ruby --build-host ruby switch --use-remote-sudo --show-trace --verbose
+
+kana: add-idols-ssh-key
+  nixos-rebuild --flake .#kana --target-host kana --build-host kana switch --use-remote-sudo
+
+kana-debug: add-idols-ssh-key
+  nixos-rebuild --flake .#kana --target-host kana --build-host kana switch --use-remote-sudo --show-trace --verbose
+
+idols: aqua ruby kana
+
+idols-debug: aqua-debug ruby-debug kana-debug
--- a/maskiner/desktop/configuration.nix
+++ b/maskiner/desktop/configuration.nix
@ -7,89 +7,22 @@
  pkgs,
  myhostname,
  ...
-}: {
+}:
+{
  # You can import other NixOS modules here
  imports = [
    ./hardware-configuration.nix
    ../../moduler/base.nix
    ../../moduler/users.nix
    ../../moduler/nginx.nix
+    ../../moduler/k3s.nix
  ];

  environment.systemPackages = with pkgs; [
    unstable.lego
  ];
-networking.firewall = {
-  enable = true;
-  allowedTCPPorts = [ 8384 22000];
-  allowedUDPPortRanges = [
-    { from = 4000; to = 4007; }
-    { from = 8000; to = 8010; }
-  ];
-};

-
-services.k3s = {
-		enable = true;
-		role = "server";
-		token = "supersupersecretkey";
-		extraFlags = toString ([
-			"--write-kubeconfig-mode \"0644\""
-			"--cluster-init"
-			"--disable local-storage"
-			"--disable traefik"
-		]);
-		clusterInit = true;
-	  };
-
-	  services.openiscsi = {
-		enable = true;
-		name = "iqn.2016-04.com.open-iscsi:desktop";
-	  };
-
-   networking.firewall.allowedUDPPorts = [ 22000 21027 ];
-
-	services = {
-		openssh = {
-			enable = true;
-			# ports = [55502];
-			settings = {
-				PermitRootLogin = "no";
-				PasswordAuthentication = false;
-				X11Forwarding = true;
-			};
-			extraConfig = ''
-			  AllowUsers fw ios jw
-			'';
-		};
-		syncthing = {
-			enable = true;
-			user = "fw";
-			dataDir = "/home/fw/syncthing";
-			configDir = "/home/fw/.config/syncthing";
-			overrideDevices = true;     # overrides any devices added or deleted through the WebUI
-			overrideFolders = true;     # overrides any folders added or deleted through the WebUI
-		  guiAddress = "0.0.0.0:8384";
-			settings = {
-			  devices = {
-				"laptop" = { id = "2VEN7O3-PB3G2MK-XJI7R5Z-6MHTNN2-WMXERIX-6G7QWSK-VKSWOSH-Q5WFDAI"; };
-				"jobb" = { id = "XRKVC74-UNJDQSW-4G3RHC3-5I4W5UT-D2MRMBZ-R4A4MMT-4XB4W47-LFLFBAV"; };
-			  };
-			  folders = {
-				"Documents" = {         # Name of folder in Syncthing, also the folder ID
-				  path = "/home/fw/docs";    # Which folder to add to Syncthing
-				  devices = [ "laptop" ];      # Which devices to share the folder with
-				};
-			  };
-			};
-	  };
-	};
-
-
-  security.rtkit.enable = true;
  networking.hostName = myhostname;

-  services.xserver.dpi = 100;
-
  system.stateVersion = "23.11";
 }
--- a/moduler/base.nix
+++ b/moduler/base.nix
@ -1,5 +1,3 @@
-# This is your system's configuration file.
-# Use this to configure your system environment (it replaces /etc/nixos/configuration.nix)
 {
  inputs,
  lib,
@ -9,8 +7,6 @@
 }:
 {
  nixpkgs = {
-    overlays = [
-    ];
    config = {
      allowUnfree = true;
    };
@ -92,19 +88,10 @@
  };
  console.keyMap = "sv-latin1";

-  environment.systemPackages = with pkgs; [
-    waypipe
-  ];
-
  services = {
    clipmenu.enable = true;
    openssh = {
      enable = true;
    };
-    blueman = {
-      enable = true;
  };
-  };
-
-  system.stateVersion = "25.05";
 }
--- a/moduler/hyprland.nix
+++ b/moduler/hyprland.nix
@ -20,6 +20,7 @@ in
    waypipe
  ];

+
  services = {
    gnome.gnome-keyring.enable = true;
    greetd = {
@ -260,7 +261,7 @@ in

            # Applications
            "$mod, q, exec, ${pkgs.firefox}/bin/firefox"
-            "$mod, d, exec, ${pkgs.rofi}/bin/rofi"
+            "$mod, d, exec, ${pkgs.rofi}/bin/rofi -show run"

            # Screencapture
            "$mod, S, exec, ${pkgs.grim}/bin/grim | wl-copy"
--- a/moduler/k3s.nix
+++ b/moduler/k3s.nix
@ -9,19 +9,36 @@
 let
 in
 {
-  networking.firewall.allowedTCPPorts = [
+  networking.firewall = {
+    enable = true;
+    allowedTCPPorts = [
      6443
      5173
      8080
      3000
+      8384
+      22000
    ];
+    allowedUDPPortRanges = [
+      {
+        from = 4000;
+        to = 4007;
+      }
+      {
+        from = 8000;
+        to = 8010;
+      }
+      22000
+      21027
+    ];
+  };
  services.k3s = {
    enable = true;
    role = "server";
    extraFlags = toString ([
      "--write-kubeconfig-mode \"0644\""
      "--cluster-init"
-	    "--disable servicelb"
+      # "--disable servicelb"
      "--disable traefik"
      "--disable local-storage"
    ]);
--- a/moduler/network.nix
+++ b/moduler/network.nix
@ -18,12 +18,17 @@
  	environment.systemPackages = with pkgs; [
 		openvpn
 		networkmanagerapplet
-		networkmanager-l2tp
-		strongswan
-		networkmanager_strongswan
 		wireguard-tools
 		networkmanager
 		openssh
-		dig
+
+		mtr # A network diagnostic tool
+		iperf3
+		dnsutils  # `dig` + `nslookup`
+		ldns # replacement of `dig`, it provide the command `drill`
+		aria2 # A lightweight multi-protocol & multi-source command-line download utility
+		socat # replacement of openbsd-netcat
+		nmap # A utility for network discovery and security auditing
+		ipcalc  # it is a calculator for the IPv4/v6 addresses
 	];
 }
--- a/moduler/sound.nix
+++ b/moduler/sound.nix
@ -9,6 +9,7 @@
      alsa.support32Bit = true;
      pulse.enable = true;
    };
+	blueman.enable = true;
  };
  hardware = {
    bluetooth = {
--- a/moduler/system.nix
+++ b/moduler/system.nix
@ -7,7 +7,8 @@
  pkgs,
  myhostname,
  ...
-}: {
+}:
+{

  services.pcscd.enable = true;
  programs.gnupg.agent = {
@ -22,8 +23,10 @@
    flake = "/home/fw/nix";
  };

-
  environment.systemPackages = with pkgs; [
+	# Build
+	just
+  	
    # System
    libnotify
    lf
@ -63,11 +66,13 @@
    fastfetch
    keyutils
    pinentry-all
-		(pass.withExtensions (ext: with ext; [
+    (pass.withExtensions (
+      ext: with ext; [
        pass-import
        pass-genphrase
        pass-update
-		]))
+      ]
+    ))
    lazygit
    chawan
    go-passbolt-cli
@ -82,5 +87,45 @@
    websocat
    nix-search-cli
    libsixel
+
+    # system call monitoring
+    strace # system call monitoring
+    ltrace # library call monitoring
+    lsof # list open files
+
+    # system tools
+    sysstat
+    lm_sensors # for `sensors` command
+    ethtool
+    pciutils # lspci
+    usbutils # lsusb
+
+    (
+      let
+        base = pkgs.appimageTools.defaultFhsEnvArgs;
+      in
+      pkgs.buildFHSUserEnv (
+        base
+        // {
+          name = "fhs";
+          targetPkgs =
+            pkgs:
+            # pkgs.buildFHSUserEnv provides only a minimal FHS environment,
+            # lacking many basic packages needed by most software.
+            # Therefore, we need to add them manually.
+            #
+            # pkgs.appimageTools provides basic packages required by most software.
+            (base.targetPkgs pkgs)
+            ++ (with pkgs; [
+              pkg-config
+              ncurses
+              # Feel free to add more packages here if needed.
+            ]);
+          profile = "export FHS=1";
+          runScript = "bash";
+          extraOutputsToInstall = [ "dev" ];
+        }
+      )
+    )
  ];
 }
--- a/moduler/waybar.nix
+++ b/moduler/waybar.nix
@ -1,25 +1,30 @@
 {
-  config,
-  pkgs,
  ...
-}: {
-  home.packages = with pkgs; [waybar];
+}:
+{

  programs.waybar = {
    enable = true;
+	systemd.enable = true;
    settings = {
      mainBar = {
        layer = "top";
-        "modules-left" = ["hyprland/workspaces" "hyprland/window"];
-        "modules-center" = ["clock"];
-        "modules-right" = ["tray" "cpu" "memory" "idle_inhibitor" "pulseaudio" "bluetooth"];
+        "modules-left" = [
+          "hyprland/workspaces"
+        ];
+        "modules-right" = [
+          "tray"
+		  "clock"
+          "pulseaudio"
+          "bluetooth"
+        ];
        "hyprland/window" = {
          format = "{title}";
          "max-length" = 333;
          "seperate-outputs" = true;
        };
        clock = {
-          format = "<span foreground='#282828'> </span><span>{:%I:%M %a %d}</span>";
+          format = "<span>{:%c}</span>";
          "tooltip-format" = "{calendar}";
          calendar = {
            mode = "month";
@ -47,22 +52,6 @@
          format = "<span foreground='#d65d9e'>󰍛</span> {}%";
          interval = 1;
        };
-        "custom/gpu-util" = {
-          exec = "./scripts/gpu-util";
-          format = "<span foreground='#67b0e8'>󰯿</span> {}";
-          interval = 1;
-        };
-        "custom/gpu-temp" = {
-          exec = "./scripts/gpu-temp";
-          format = "<span foreground='#e57474'></span> {}";
-          interval = 1;
-        };
-        temperature = {
-          "hwmon-path" = "/sys/class/hwmon/hwmon1/temp1_input";
-          "critical-threshold" = 80;
-          format = "<span foreground='#83a598'></span> {temperatureC}°C";
-          interval = 1;
-        };
        "hyprland/workspaces" = {
          format = "{icon}";
          "active-only" = false;
@ -103,7 +92,11 @@
            headphone = "";
            phone = "";
            portable = "";
-            default = ["" "" ""];
+            default = [
+              ""
+              ""
+              ""
+            ];
          };
          "on-click-left" = "pavucontrol";
          input = true;
@ -149,7 +142,7 @@
          "tooltip-format" = "{title}";
          "on-click" = "activate";
          "on-click-middle" = "close";
-          "ignore-list" = ["Alacritty"];
+          "ignore-list" = [ "Alacritty" ];
          "app_ids-mapping" = {
            firefoxdeveloperedition = "firefox-developer-edition";
          };
@ -175,24 +168,24 @@
      };
    };
    style = ''
-      @define-color bg #${config.stylix.base16Scheme.base00};
-      @define-color fg #${config.stylix.base16Scheme.base05};
-      @define-color lbg #${config.stylix.base16Scheme.base01};
-      @define-color yellow #${config.stylix.base16Scheme.base0A};
-      @define-color lavender #${config.stylix.base16Scheme.base0E};
-      @define-color peach #${config.stylix.base16Scheme.base0A};
-      @define-color red #${config.stylix.base16Scheme.base08};
-      @define-color green #${config.stylix.base16Scheme.base0B};
-      @define-color blue #${config.stylix.base16Scheme.base0D};
-      @define-color border #${config.stylix.base16Scheme.base02};
+      @define-color bg #eff1f5;
+      @define-color fg #4c4f69;
+      @define-color lbg #e6e9ef;
+      @define-color yellow #df8e1d;
+      @define-color lavender #7287fd;
+      @define-color peach #fe640b;
+      @define-color red #d20f39;
+      @define-color green #40a02b;
+      @define-color blue #1e66f5;
+      @define-color border #dce0e8;

            * {
              min-height: 0;
              margin: 0px 0px 0px 0px;
              padding: 0;
              border-radius: 7px;
-        font-family: "JetBrains Mono Nerd Font";
-        font-size: 14pt;
+              font-family: "ComicShannsMono Nerd Font";
+              font-size: 11pt;
              font-weight: 700;
              padding-bottom: 0px;
            }
@ -427,4 +420,3 @@
    '';
  };
 }
-