talexander/machine_setup
1
0
Fork 0
Code Issues Pull Requests Releases Activity

Compare commits

base: talexander:b1b2ea2109491d3cf9a36bb2a84f04079bcf3184
Branches Tags
talexander:main
talexander:kubernetes
talexander:nix
talexander:mt7927
talexander:yubipi
talexander:upstream_amd_debug_tools
talexander:install_files_mixin
talexander:starship
talexander:pixelbook
...
compare: talexander:e7df5eff8a6252f6277e07667389c33b22b917cd
Branches Tags
talexander:kubernetes
talexander:nix
talexander:mt7927
talexander:main
talexander:yubipi
talexander:upstream_amd_debug_tools
talexander:install_files_mixin
talexander:starship
talexander:pixelbook

4 Commits
b1b2ea2109 ... e7df5eff8a

Author SHA1 Message Date
Tom Alexander
e7df5eff8a
Disable some stuff in firefox. 2026-02-21 14:49:01 -05:00
Tom Alexander
9a1cab4bd3
Use rust nix-builder instead of bash script. 2026-02-21 14:49:01 -05:00
Tom Alexander
4cf3355f30
Move org custom faces to a use-package :custom-face block. 
This prevent the faces from being written to custom.el.
 2026-02-21 14:44:44 -05:00
Tom Alexander
53584aa65e
Update jujutsu config. 2026-02-21 14:44:44 -05:00
12 changed files with 390 additions and 130 deletions
Show Stats Expand all files Collapse all files

1
nix/configuration/hosts/odo/default.nix
View File

@ -106,6 +106,7 @@
me.graphics_card_type = "amd";
me.graphviz.enable = true;
me.iso_mount.enable = true;
me.jujutsu.config = ../../roles/jujutsu/files/jujutsu_config_home.toml;
me.jujutsu.enable = true;
me.kanshi.enable = false;
me.kubernetes.enable = true;

1
nix/configuration/hosts/odowork/default.nix
View File

@ -109,6 +109,7 @@
me.graphics_card_type = "amd";
me.graphviz.enable = true;
me.iso_mount.enable = true;
me.jujutsu.config = ../../roles/jujutsu/files/jujutsu_config_home.toml;
me.jujutsu.enable = true;
me.latex.enable = true;
me.launch_keyboard.enable = true;

1
nix/configuration/hosts/quark/default.nix
View File

@ -100,6 +100,7 @@
me.graphics_card_type = "amd";
me.graphviz.enable = true;
me.iso_mount.enable = true;
me.jujutsu.config = ../../roles/jujutsu/files/jujutsu_config_home.toml;
me.jujutsu.enable = true;
me.kanshi.enable = false;
me.kubernetes.enable = true;

27
nix/configuration/roles/emacs/files/emacs/elisp/base.el
View File

@ -1,9 +1,19 @@
(package-initialize)
(use-package use-package)
(use-package use-package
:custom
;; Unless otherwise specified, always install packages if they are absent.
(use-package-always-ensure t)
;; Allow updating built-in packages like eglot
;; For some reason, built-in packages are still not updating so I'm just going to comment this out.
;; (package-install-upgrade-built-in t)
;; Natively compile packages
(package-native-compile t)
:config
(add-to-list 'package-archives
'("melpa" . "https://melpa.org/packages/")
)
)
(add-to-list 'package-archives
'("melpa" . "https://melpa.org/packages/")
)
(use-package auto-package-update
:ensure t
@ -71,10 +81,11 @@
)
(setq-default
;; Unless otherwise specified, always install packages if they are absent.
use-package-always-ensure t
;; Point custom-file at /dev/null so emacs does not write any settings to my dotfiles.
custom-file "/dev/null"
;; custom-file "/dev/null"
;;
;; list-package breaks on newer versions of emacs if custom-file is set to /dev/null
custom-file (expand-file-name "custom.el" user-emacs-directory)
;; Don't pop up a small window at the bottom of emacs at launch.
inhibit-startup-screen t
inhibit-startup-message t
@ -95,8 +106,6 @@
"%b")))
;; Use 'y' or 'n' instead of 'yes' or 'no'
use-short-answers t
;; Natively compile packages
package-native-compile t
;; Confirm when opening a file that does not exist
confirm-nonexistent-file-or-buffer t
;; Do not require double space to end a sentence.

1
nix/configuration/roles/emacs/files/emacs/elisp/common-lsp.el
View File

@ -1,4 +1,5 @@
(use-package eglot
;; This is an emacs built-in but we're pulling the latest version
:pin gnu
:commands (eglot eglot-ensure)
:bind (:map eglot-mode-map

140
nix/configuration/roles/emacs/files/emacs/elisp/lang-org.el
View File

@ -1,81 +1,79 @@
(use-package org
:ensure nil
:commands org-mode
:bind (:map org-mode-map
("C-c l" . org-store-link)
("C-c a" . org-agenda)
("S-<up>" . org-shiftup)
("S-<right>" . org-shiftright)
("S-<down>" . org-shiftdown)
("S-<left>" . org-shiftleft)
)
:hook (
(org-mode . (lambda ()
(org-indent-mode +1)
))
;; Make windmove work in Org mode:
(org-shiftup-final . windmove-up)
(org-shiftleft-final . windmove-left)
(org-shiftdown-final . windmove-down)
(org-shiftright-final . windmove-right)
)
:config
(require 'org-tempo)
(setq org-export-latex-listings t)
(setq org-startup-truncated nil)
(setq org-startup-folded nil)
(setq org-src-fontify-natively t
org-src-tab-acts-natively t
org-confirm-babel-evaluate nil
)
(require 'color)
(let ((bg (face-attribute 'default :background)))
(use-package org
:ensure nil
:commands org-mode
:bind (:map org-mode-map
("C-c l" . org-store-link)
("C-c a" . org-agenda)
("S-<up>" . org-shiftup)
("S-<right>" . org-shiftright)
("S-<down>" . org-shiftdown)
("S-<left>" . org-shiftleft)
)
:hook (
(org-mode . (lambda ()
(org-indent-mode +1)
))
;; Make windmove work in Org mode:
(org-shiftup-final . windmove-up)
(org-shiftleft-final . windmove-left)
(org-shiftdown-final . windmove-down)
(org-shiftright-final . windmove-right)
)
:custom-face
(org-block ((t (:inherit default :background ,(color-lighten-name bg 15) :extend ,t))))
(org-block-begin-line ((t (:inherit default :background ,"#472300" :extend ,t))))
(org-block-end-line ((t (:inherit default :background ,"#472300" :extend ,t))))
:config
(require 'org-tempo)
(setq org-export-latex-listings t)
(setq org-startup-truncated nil)
(setq org-startup-folded nil)
(setq org-src-fontify-natively t
org-src-tab-acts-natively t
org-confirm-babel-evaluate nil
)
;; Show the full source of org-mode links instead of condensing them. I.E. render "[[foo]]" instead of "foo"
(setq org-descriptive-links nil)
;; Show the full source of org-mode links instead of condensing them. I.E. render "[[foo]]" instead of "foo"
(setq org-descriptive-links nil)
;; Only interpret _ and ^ and sub and superscripts if they're of the form _{subscript} and ^{superscript}
(setq org-export-with-sub-superscripts '{})
;; Don't include a "validate" link at the bottom of html export
(setq org-html-validation-link nil)
;; Only interpret _ and ^ and sub and superscripts if they're of the form _{subscript} and ^{superscript}
(setq org-export-with-sub-superscripts '{})
;; Don't include a "validate" link at the bottom of html export
(setq org-html-validation-link nil)
(setq org-latex-listings 'minted)
(setq org-latex-minted-options '(("breaklines" "true")
("breakanywhere" "true")
("bgcolor" "mintedbg") ("frame" "single") ("framesep" "6pt") ("fontsize" "\\footnotesize")))
(setq org-latex-listings 'minted)
(setq org-latex-minted-options '(("breaklines" "true")
("breakanywhere" "true")
("bgcolor" "mintedbg") ("frame" "single") ("framesep" "6pt") ("fontsize" "\\footnotesize")))
;; TODO: There is an option to set the compiler, could be better than manually doing this here https://orgmode.org/manual/LaTeX_002fPDF-export-commands.html
;; (setq org-latex-compiler "lualatex")
;; TODO: nixos latex page recommends this line, figure out what it does / why its needed:
;; (setq org-preview-latex-default-process 'dvisvgm)
(setq org-latex-pdf-process
'("lualatex -shell-escape -interaction nonstopmode -output-directory %o %f"
"lualatex -shell-escape -interaction nonstopmode -output-directory %o %f"
"lualatex -shell-escape -interaction nonstopmode -output-directory %o %f"))
(add-to-list 'org-latex-packages-alist '("cache=false" "minted"))
(add-to-list 'org-latex-packages-alist '("" "svg"))
(add-to-list 'org-latex-packages-alist '("margin=2cm" "geometry" nil))
;; TODO: There is an option to set the compiler, could be better than manually doing this here https://orgmode.org/manual/LaTeX_002fPDF-export-commands.html
;; (setq org-latex-compiler "lualatex")
;; TODO: nixos latex page recommends this line, figure out what it does / why its needed:
;; (setq org-preview-latex-default-process 'dvisvgm)
(setq org-latex-pdf-process
'("lualatex -shell-escape -interaction nonstopmode -output-directory %o %f"
"lualatex -shell-escape -interaction nonstopmode -output-directory %o %f"
"lualatex -shell-escape -interaction nonstopmode -output-directory %o %f"))
(add-to-list 'org-latex-packages-alist '("cache=false" "minted"))
(add-to-list 'org-latex-packages-alist '("" "svg"))
(add-to-list 'org-latex-packages-alist '("margin=2cm" "geometry" nil))
(add-to-list 'org-src-lang-modes '("dot" . "graphviz-dot"))
(add-to-list 'org-src-lang-modes '("dot" . "graphviz-dot"))
(org-babel-do-load-languages 'org-babel-load-languages
'((shell . t)
(js . t)
(emacs-lisp . t)
(python . t)
(dot . t)
(css . t)
(gnuplot . t)
(sqlite . t)
))
(require 'color)
(let ((bg (face-attribute 'default :background)))
(custom-set-faces
`(org-block ((t (:inherit default :background ,(color-lighten-name bg 15) :extend ,t))))
`(org-block-begin-line ((t (:inherit default :background ,"#472300" :extend ,t))))
`(org-block-end-line ((t (:inherit default :background ,"#472300" :extend ,t))))
))
(org-babel-do-load-languages 'org-babel-load-languages
'((shell . t)
(js . t)
(emacs-lisp . t)
(python . t)
(dot . t)
(css . t)
(gnuplot . t)
(sqlite . t)
))
)
)
(use-package org-bullets

14
nix/configuration/roles/firefox/default.nix
View File

@ -79,6 +79,20 @@
policies = {
DisableTelemetry = true;
DisplayBookmarksToolbar = "newtab";
DisableFirefoxStudies = true;
FirefoxHome = {
SponsoredStories = false;
SponsoredTopSites = false;
Stories = false;
};
GenerativeAI = {
Enabled = false;
};
SearchEngines = {
Remove = [
"Perplexity"
];
};
# Check about:support for extension/add-on ID strings.
# Valid strings for installation_mode are "allowed", "blocked",

109
nix/configuration/roles/hydra/default.nix
View File

@ -6,29 +6,51 @@
}:
let
patchScriptBin =
{
filename,
contents,
path ? [ ],
}:
((pkgs.writeScriptBin filename contents).overrideAttrs (old: {
buildInputs = [ pkgs.makeWrapper ];
buildCommand = "${old.buildCommand}\n patchShebangs $out\nwrapProgram $out/bin/${filename} --prefix PATH : ${lib.makeBinPath path}";
}));
build_odo = (
patchScriptBin {
filename = "build_odo";
contents = (builtins.readFile ./files/build_odo.bash);
path = with pkgs; [
bash
git
nix
nix-output-monitor
nixos-rebuild
];
}
);
# patchScriptBin =
# {
# filename,
# contents,
# path ? [ ],
# }:
# ((pkgs.writeScriptBin filename contents).overrideAttrs (old: {
# buildInputs = [ pkgs.makeWrapper ];
# buildCommand = "${old.buildCommand}\n patchShebangs $out\nwrapProgram $out/bin/${filename} --prefix PATH : ${lib.makeBinPath path}";
# }));
nix_builder = pkgs.rustPlatform.buildRustPackage rec {
pname = "nix_builder";
version = "0.0.0";
src = pkgs.fetchgit {
url = "https://code.fizz.buzz/talexander/nix_builder.git";
# tag = version;
rev = "d0fc2331e7aadc8bdd98836b466172ac37628e7d";
hash = "sha256-V1DU9U4+k96KfGV9BTxKYjxLzV6tWvQPM+a+5NU94G8=";
leaveDotGit = false;
};
cargoLock = {
lockFile = "${src}/Cargo.lock";
};
meta = with lib; {
description = "A builder of nix configs for a build server.";
homepage = "https://code.fizz.buzz/talexander/nix_builder";
license = licenses.bsd0;
maintainers = [ ];
};
nativeBuildInputs = [ pkgs.makeWrapper ];
postInstall = ''
wrapProgram $out/bin/nix-builder --prefix PATH : ${
lib.makeBinPath [
pkgs.git
pkgs.nix
pkgs.nixos-rebuild
]
}
'';
};
in
{
imports = [ ];
@ -44,7 +66,8 @@ in
config = lib.mkIf config.me.hydra.enable {
environment.systemPackages = with pkgs; [
build_odo
nix_builder
sqlite # For manually inspecting the database.
];
environment.persistence."/persist" = lib.mkIf (config.me.mountPersistence) {
@ -76,7 +99,7 @@ in
systemd.timers."build-cache" = {
wantedBy = [ "timers.target" ];
timerConfig = {
OnCalendar = "Mon *-*-* 02:00:00 America/New_York";
OnCalendar = "* *-*-* 03:00:00 America/New_York";
Unit = "build-cache.service";
};
};
@ -87,13 +110,45 @@ in
IFS=$'\n\t'
DIR="$( cd "$( dirname "''${BASH_SOURCE[0]}" )" && pwd )"
${build_odo}/bin/build_odo
NIX_REMOTE='local?root=/home/nixworker/persist/root' RUST_BACKTRACE=1 RUST_LOG=nix_builder=DEBUG ${nix_builder}/bin/nix-builder build --config ${./files/nix_builder.toml} --target odo --target odo_update --target odowork --target odowork_update --target quark --target quark_update --target hydra --target hydra_update --target controller0 --target controller0_update --target controller1 --target controller1_update --target controller2 --target controller2_update --target worker0 --target worker0_update --target worker1 --target worker1_update --target worker2 --target worker2_update
'';
restartIfChanged = false;
serviceConfig = {
Type = "simple";
User = "nixworker";
RemainAfterExit = true; # Prevents the service from automatically starting on rebuild. See https://discourse.nixos.org/t/how-to-prevent-custom-systemd-service-from-restarting-on-nixos-rebuild-switch/43431
# restartIfChanged = false;
# RemainAfterExit = true; # Prevents the service from automatically starting on rebuild. See https://discourse.nixos.org/t/how-to-prevent-custom-systemd-service-from-restarting-on-nixos-rebuild-switch/43431
LimitNOFILE = 8192;
};
};
# TODO: This should move into nix-builder so we can only run clean when builds are passing. Otherwise partial builds will lose progress.
# TODO: In nix-builder maybe include setting to auto delete to make room during builds if we run out of space, just in case builds are failing for a long time and prevent cleanup from running.
systemd.timers."clean-cache" = {
wantedBy = [ "timers.target" ];
timerConfig = {
OnCalendar = "* *-*-01 02:00:00 America/New_York";
Unit = "clean-cache.service";
};
};
systemd.services."clean-cache" = {
script = ''
set -euo pipefail
IFS=$'\n\t'
DIR="$( cd "$( dirname "''${BASH_SOURCE[0]}" )" && pwd )"
NIX_REMOTE='local?root=/home/nixworker/persist/root' nix-collect-garbage -d
'';
path = with pkgs; [
pkgs.nix
];
restartIfChanged = false;
serviceConfig = {
Type = "simple";
User = "nixworker";
# restartIfChanged = false;
# RemainAfterExit = true; # Prevents the service from automatically starting on rebuild. See https://discourse.nixos.org/t/how-to-prevent-custom-systemd-service-from-restarting-on-nixos-rebuild-switch/43431
LimitNOFILE = 8192;
};
};

18
nix/configuration/roles/hydra/files/build_odo.bash
View File

@ -1,18 +0,0 @@
#!/usr/bin/env bash
#
set -euo pipefail
IFS=$'\n\t'
DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
# : ${FOO:="1"}
# MANUAL: doas install -d -o nixworker -g nixworker /persist/manual/manual_add_to_store
# MANUAL: doas -u nixworker touch /persist/manual/manual_add_to_store/foo
mkdir -p /home/nixworker/persist/machines/odo /home/nixworker/persist/root
if [ ! -d /home/nixworker/persist/machine_setup ]; then
git clone --branch kubernetes https://code.fizz.buzz/talexander/machine_setup.git /home/nixworker/persist/machine_setup
fi
(cd /home/nixworker/persist/machines/odo && JOBS=1 NIX_REMOTE='local?root=/home/nixworker/persist/root' NOM='false' /home/nixworker/persist/machine_setup/nix/configuration/hosts/odo/SELF_BUILD)

163
nix/configuration/roles/hydra/files/nix_builder.toml Normal file
View File

@ -0,0 +1,163 @@
output_directory = "/home/nixworker/persist/nix_builder"
[[targets]]
name = "odo"
repo = "https://code.fizz.buzz/talexander/machine_setup.git"
branch = "nix"
path = "nix/configuration"
attr = "nixosConfigurations.odo.config.system.build.toplevel"
[[targets]]
name = "odo_update"
repo = "https://code.fizz.buzz/talexander/machine_setup.git"
branch = "nix"
path = "nix/configuration"
attr = "nixosConfigurations.odo.config.system.build.toplevel"
update = true
update_branch = "nix_update"
[[targets]]
name = "odowork"
repo = "https://code.fizz.buzz/talexander/machine_setup.git"
branch = "nix"
path = "nix/configuration"
attr = "nixosConfigurations.odowork.config.system.build.toplevel"
[[targets]]
name = "odowork_update"
repo = "https://code.fizz.buzz/talexander/machine_setup.git"
branch = "nix"
path = "nix/configuration"
attr = "nixosConfigurations.odowork.config.system.build.toplevel"
update = true
update_branch = "nix_update"
[[targets]]
name = "quark"
repo = "https://code.fizz.buzz/talexander/machine_setup.git"
branch = "nix"
path = "nix/configuration"
attr = "nixosConfigurations.quark.config.system.build.toplevel"
[[targets]]
name = "quark_update"
repo = "https://code.fizz.buzz/talexander/machine_setup.git"
branch = "nix"
path = "nix/configuration"
attr = "nixosConfigurations.quark.config.system.build.toplevel"
update = true
update_branch = "nix_update"
[[targets]]
name = "hydra"
repo = "https://code.fizz.buzz/talexander/machine_setup.git"
branch = "nix"
path = "nix/configuration"
attr = "hydra.vm_iso"
[[targets]]
name = "hydra_update"
repo = "https://code.fizz.buzz/talexander/machine_setup.git"
branch = "nix"
path = "nix/configuration"
attr = "hydra.vm_iso"
update = true
update_branch = "nix_update"
[[targets]]
name = "controller0"
repo = "https://code.fizz.buzz/talexander/machine_setup.git"
branch = "kubernetes"
path = "nix/kubernetes"
attr = "controller0.vm_iso"
[[targets]]
name = "controller0_update"
repo = "https://code.fizz.buzz/talexander/machine_setup.git"
branch = "kubernetes"
path = "nix/kubernetes"
attr = "controller0.vm_iso"
update = true
update_branch = "kubernetes_update"
[[targets]]
name = "controller1"
repo = "https://code.fizz.buzz/talexander/machine_setup.git"
branch = "kubernetes"
path = "nix/kubernetes"
attr = "controller1.vm_iso"
[[targets]]
name = "controller1_update"
repo = "https://code.fizz.buzz/talexander/machine_setup.git"
branch = "kubernetes"
path = "nix/kubernetes"
attr = "controller1.vm_iso"
update = true
update_branch = "kubernetes_update"
[[targets]]
name = "controller2"
repo = "https://code.fizz.buzz/talexander/machine_setup.git"
branch = "kubernetes"
path = "nix/kubernetes"
attr = "controller2.vm_iso"
[[targets]]
name = "controller2_update"
repo = "https://code.fizz.buzz/talexander/machine_setup.git"
branch = "kubernetes"
path = "nix/kubernetes"
attr = "controller2.vm_iso"
update = true
update_branch = "kubernetes_update"
[[targets]]
name = "worker0"
repo = "https://code.fizz.buzz/talexander/machine_setup.git"
branch = "kubernetes"
path = "nix/kubernetes"
attr = "worker0.vm_iso"
[[targets]]
name = "worker0_update"
repo = "https://code.fizz.buzz/talexander/machine_setup.git"
branch = "kubernetes"
path = "nix/kubernetes"
attr = "worker0.vm_iso"
update = true
update_branch = "kubernetes_update"
[[targets]]
name = "worker1"
repo = "https://code.fizz.buzz/talexander/machine_setup.git"
branch = "kubernetes"
path = "nix/kubernetes"
attr = "worker1.vm_iso"
[[targets]]
name = "worker1_update"
repo = "https://code.fizz.buzz/talexander/machine_setup.git"
branch = "kubernetes"
path = "nix/kubernetes"
attr = "worker1.vm_iso"
update = true
update_branch = "kubernetes_update"
[[targets]]
name = "worker2"
repo = "https://code.fizz.buzz/talexander/machine_setup.git"
branch = "kubernetes"
path = "nix/kubernetes"
attr = "worker2.vm_iso"
[[targets]]
name = "worker2_update"
repo = "https://code.fizz.buzz/talexander/machine_setup.git"
branch = "kubernetes"
path = "nix/kubernetes"
attr = "worker2.vm_iso"
update = true
update_branch = "kubernetes_update"
# TODO: Add steam deck

28
nix/configuration/roles/jujutsu/default.nix
View File

@ -15,11 +15,29 @@
example = true;
description = "Whether we want to install jujutsu.";
};
jujutsu.config = lib.mkOption {
type = lib.types.nullOr lib.types.path;
default = null;
example = ./files/jujutsu_config_home.toml;
description = "A jujutsu config file.";
};
};
config = lib.mkIf config.me.jujutsu.enable {
environment.systemPackages = with pkgs; [
jujutsu
];
};
config = lib.mkIf config.me.jujutsu.enable (
lib.mkMerge [
{
environment.systemPackages = with pkgs; [
jujutsu
];
}
(lib.mkIf (config.me.jujutsu.config != null) {
me.install.user.talexander.file = {
".config/jj/config.toml" = {
source = config.me.jujutsu.config;
};
};
})
]
);
}

17
nix/configuration/roles/jujutsu/files/jujutsu_config_home.toml Normal file
View File

@ -0,0 +1,17 @@
#:schema https://docs.jj-vcs.dev/latest/config-schema.json
[ui]
default-command = "log"
paginate = "never"
[user]
name = "Tom Alexander"
email = "tom@fizz.buzz"
[signing]
behavior = "own"
backend = "gpg"
key = "36C99E8B3C39D85F"
# [git]
# sign-on-push = true