Work in progress stuff for a new node. Moved sound forwarding from the VM back to pulse.

2026-02-09 12:29:19 -08:00 · 2021-02-04 13:58:20 +00:00 · 2021-02-04 13:58:20 +00:00 · fa4f112505
commit fa4f112505
parent f785c945f0
9 changed files with 99 additions and 14 deletions
--- a/config/hosts/boline/configuration.nix
+++ b/config/hosts/boline/configuration.nix
@ -0,0 +1,29 @@
+{ config, pkgs, ... }:
+
+{
+  imports = [
+    ./hardware-configuration.nix
+    #./wireguard.nix
+  ];
+
+  #meta.deploy.profiles = [];
+  meta.deploy.ssh.host = "boline.kittywit.ch";
+  
+  boot.loader.grub.enable = true;
+  boot.loader.grub.version = 2;
+  boot.loader.grub.device = "/dev/vda";
+
+  networking.hostId = "0417b551";
+  networking.hostName = "boline";
+
+  networking.useDHCP = false;
+  networking.interfaces.ens3.ipv4.addresses = [ {
+      address = "104.244.73.10";
+      prefixLength = 24;
+  }];
+  networking.defaultGateway = "104.244.73.1";
+  networking.nameservers = [ "1.1.1.1" ];
+
+  system.stateVersion = "20.09";
+}
+
--- a/config/hosts/boline/hardware-configuration.nix
+++ b/config/hosts/boline/hardware-configuration.nix
@ -0,0 +1,22 @@
+{ config, lib, pkgs, modulesPath, ... }:
+
+{
+  imports =
+    [ (modulesPath + "/profiles/qemu-guest.nix")
+    ];
+
+  boot.initrd.availableKernelModules = [ "ata_piix" "uhci_hcd" "virtio_pci" "sr_mod" "virtio_blk" ];
+  boot.initrd.kernelModules = [ ];
+  boot.kernelModules = [ "kvm-amd" ];
+  boot.extraModulePackages = [ ];
+
+  fileSystems."/" =
+    { device = "/dev/disk/by-uuid/e0a9f76a-5eed-4dd3-a5a6-a93006f7d526";
+      fsType = "ext4";
+    };
+
+  swapDevices =
+    [ { device = "/dev/disk/by-uuid/cf122d6d-eca9-44f5-b655-85aaf5b2e6af"; }
+    ];
+
+}
--- a/config/hosts/boline/wireguard.nix
+++ b/config/hosts/boline/wireguard.nix
@ -0,0 +1,35 @@
+{ config, pkgs, ... }:
+
+{
+    networking.nat.enable = true;
+    networking.nat.externalInterface = "ens3";
+    networking.nat.internalInterfaces = [ "wg0" ];
+
+    networking.firewall = {
+        allowedUDPPorts = [ 51820 ];
+    };
+
+    networking.wireguard.interfaces = {
+    wg0 = {
+      ips = [ "10.100.0.1/24" ];
+
+      listenPort = 51820;
+
+      postSetup = ''
+        ${pkgs.iptables}/bin/iptables -t nat -A POSTROUTING -s 10.100.0.0/24 -o eth0 -j MASQUERADE
+      '';
+      postShutdown = ''
+        ${pkgs.iptables}/bin/iptables -t nat -D POSTROUTING -s 10.100.0.0/24 -o eth0 -j MASQUERADE
+      '';
+
+      privateKeyFile = "/var/secrets/wireguard-private";
+
+      peers = [
+        {
+          publicKey = "{client public key}";
+          allowedIPs = [ "10.100.0.2/32" ];
+        }
+      ];
+    };
+  };
+}
--- a/config/hosts/samhain/configuration.nix
+++ b/config/hosts/samhain/configuration.nix
@ -92,7 +92,7 @@
    description = "Scream - Audio forwarding from the VM.";
    serviceConfig = {
      ExecStart =
-        "${pkgs.nur.repos.arc.packages.scream-arc}/bin/scream -i virbr0 -o alsa";
+        "${pkgs.nur.repos.arc.packages.scream-arc}/bin/scream -i virbr0 -o pulse";
      Restart = "always";
    };
  };
--- a/config/profiles/common/default.nix
+++ b/config/profiles/common/default.nix
@ -25,8 +25,11 @@ in {
  nix.gc.automatic = lib.mkDefault true;
  nix.gc.options = lib.mkDefault "--delete-older-than 1w";
  nix.trustedUsers = [ "root" "@wheel" ];
-  environment.variables.EDITOR = "kak";
-
+  environment.variables = {
+    EDITOR = "kak";
+    TERMINFO_DIRS = "${pkgs.kitty.terminfo.outPath}/share/terminfo";
+  };
+  
  services.openssh.enable = true;
  services.openssh.ports = lib.mkDefault [ 62954 ];
  services.openssh.passwordAuthentication = false;
@ -49,12 +52,12 @@ in {
    htop
    ripgrep
    git
+    kitty.terminfo
    mprime
    wget
    rsync
    pv
    progress
-    ffmpeg-full
    bc
    zstd
    file
--- a/config/profiles/common/pbb.nix
+++ b/config/profiles/common/pbb.nix
@ -1,10 +0,0 @@
-let
-  pbbNixfiles = fetchGit {
-    url = "https://git.petabyte.dev/petabyteboy/nixfiles";
-    rev = "4b0275db7842fda45dcc007d87b6274c4e63382b";
-  };
-in {
-  imports = [ "${pbbNixfiles}/modules" ];
-  nixpkgs.overlays =
-    [ (self: super: import "${pbbNixfiles}/pkgs" { nixpkgs = super.path; }) ];
-}
--- a/config/profiles/desktop/default.nix
+++ b/config/profiles/desktop/default.nix
@ -24,6 +24,7 @@ in {
        pkgs.avidemux
        pkgs.gnome3.networkmanagerapplet
        pkgs.vlc
+        pkgs.ffmpeg-full
        unstable.syncplay
        unstable.youtube-dl
        unstable.google-chrome
--- a/config/users/kat/default.nix
+++ b/config/users/kat/default.nix
@ -60,6 +60,7 @@
        "litha" = { hostname = "192.168.1.240"; } // kat;
        "yule" = { hostname = "192.168.1.92"; } // kat;
        "mabon" = { hostname = "192.168.1.218"; } // kat;
+        "boline" = { hostname = "boline.kittywit.ch"; } // kat;
      };
    };

--- a/pkgs/default.nix
+++ b/pkgs/default.nix
@ -10,6 +10,10 @@ let
    dino = callPackage "${sources.qyliss-nixlib}/overlays/patches/dino" {
      inherit (pkgs) dino;
    };
+    
+    discord = pkgs.discord.override {
+      nss = pkgs.nss_latest;
+    };

    linuxPackagesFor = kernel:
      (pkgs.linuxPackagesFor kernel).extend (_: ksuper: {