refactor(users/glittershark): Rename to grfn

Rename my //users directory and all places that refer to glittershark to
grfn, including nix references and documentation.

This may require some extra attention inside of gerrit's database after
it lands to allow me to actually push things.

Change-Id: I4728b7ec2c60024392c1c1fa6e0d4a59b3e266fa
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2933
Tested-by: BuildkiteCI
Reviewed-by: tazjin <mail@tazj.in>
Reviewed-by: lukegb <lukegb@tvl.fyi>
Reviewed-by: glittershark <grfn@gws.fyi>

users/grfn/system/system/modules/common.nix

@@ -0,0 +1,78 @@
+{ config, lib, pkgs, ... }:
+
+let
+
+  depot = import ../../../../.. {};
+
+in
+
+with lib;
+
+{
+  boot.loader.systemd-boot.enable = true;
+  boot.loader.efi.canTouchEfiVariables = true;
+
+  networking.useDHCP = false;
+  networking.networkmanager.enable = true;
+
+  i18n = {
+    defaultLocale = "en_US.UTF-8";
+  };
+
+  time.timeZone = "America/New_York";
+
+  environment.systemPackages = with pkgs; [
+    wget
+    vim
+    zsh
+    git
+    w3m
+    libnotify
+    file
+    lm_sensors
+    dnsutils
+    depot.users.grfn.system.system.rebuilder
+    htop
+  ];
+
+  services.openssh.enable = true;
+
+  programs.ssh.startAgent = true;
+
+  networking.firewall.enable = mkDefault false;
+
+  users.mutableUsers = true;
+  programs.zsh.enable = true;
+  environment.pathsToLink = [ "/share/zsh" ];
+  users.users.grfn = {
+    isNormalUser = true;
+    initialPassword = "password";
+    extraGroups = [
+      "wheel"
+      "networkmanager"
+      "audio"
+      "docker"
+    ];
+    shell = pkgs.zsh;
+  };
+
+  nixpkgs.config.allowUnfree = true;
+
+  nix = {
+    trustedUsers = [ "grfn" ];
+    autoOptimiseStore = true;
+    distributedBuilds = true;
+
+    gc = {
+      automatic = true;
+      dates = mkDefault "weekly";
+      options = "--delete-older-than 30d";
+    };
+  };
+
+  services.udev.packages = with pkgs; [
+    yubikey-personalization
+  ];
+
+  services.pcscd.enable = true;
+}

users/grfn/system/system/modules/desktop.nix

@@ -0,0 +1,19 @@
+{ config, lib, pkgs, ... }:
+
+{
+  imports = [
+    ./xserver.nix
+    ./fonts.nix
+    ./sound.nix
+    ./kernel.nix
+  ];
+
+  programs.nm-applet.enable = true;
+
+  users.users.grfn.extraGroups = [
+    "audio"
+    "video"
+  ];
+
+  services.geoclue2.enable = true;
+}

users/grfn/system/system/modules/development.nix

@@ -0,0 +1,6 @@
+{ config, lib, pkgs, ... }:
+
+{
+  virtualisation.docker.enable = true;
+  users.users.grfn.extraGroups = [ "docker" ];
+}

users/grfn/system/system/modules/fcitx.nix

@@ -0,0 +1,10 @@
+{ config, lib, pkgs, ... }:
+
+{
+  i18n.inputMethod = {
+    enabled = "fcitx";
+    fcitx.engines = with pkgs.fcitx-engines; [
+      cloudpinyin
+    ];
+  };
+}

users/grfn/system/system/modules/fonts.nix

@@ -0,0 +1,12 @@
+{ config, lib, pkgs, ... }:
+{
+  fonts = {
+    fonts = with pkgs; [
+      nerdfonts
+      noto-fonts-emoji
+      twitter-color-emoji
+    ];
+
+    fontconfig.defaultFonts.emoji = ["Twitter Color Emoji"];
+  };
+}

users/grfn/system/system/modules/kernel.nix

@@ -0,0 +1,39 @@
+{ config, lib, pkgs, ... }:
+with lib.versions;
+let
+  inherit (pkgs) stdenvNoCC;
+  kernelRelease = config.boot.kernelPackages.kernel.version;
+  mj = major kernelRelease;
+  mm = majorMinor kernelRelease;
+  patched-linux-ck = stdenvNoCC.mkDerivation {
+    name = "linux-ck";
+    src = builtins.fetchurl {
+      name = "linux-ck-patch-${mm}-ck1.xz";
+      # example: http://ck.kolivas.org/patches/5.0/5.4/5.4-ck1/patch-5.4-ck1.xz
+      url = "http://ck.kolivas.org/patches/${mj}.0/${mm}/${mm}-ck1/patch-${mm}-ck1.xz";
+      sha256 = "14lfpq9hvq1amxrl0ayfid1d04kd35vwsvk1ppnqa87nqfkjq47c";
+    };
+
+    unpackPhase = ''
+      ${pkgs.xz}/bin/unxz -kfdc $src > patch-${mm}-ck1
+    '';
+
+    installPhase = ''
+      cp patch-${mm}-ck1 $out
+    '';
+  };
+in
+{
+  boot.kernelPackages = pkgs.linuxPackages_5_11.extend (self: super: {
+    kernel = super.kernel.override {
+      ignoreConfigErrors = true;
+      kernelPatches = super.kernel.kernelPatches ++ [{
+        name = "linux-ck";
+        patch = patched-linux-ck;
+      }];
+      argsOverride = {
+        modDirVersion = super.kernel.modDirVersion + "-ck1";
+      };
+    };
+  });
+}

users/grfn/system/system/modules/laptop.nix

@@ -0,0 +1,13 @@
+{ config, lib, pkgs, ... }:
+
+{
+  imports = [
+    ./reusable/battery.nix
+  ];
+
+  laptop.onLowBattery.enable = true;
+
+  services.logind.extraConfig = ''
+    HandlePowerKey=hibernate
+  '';
+}

users/grfn/system/system/modules/reusable/README.org

@@ -0,0 +1,2 @@
+This directory contains things I'm eventually planning on contributing upstream
+to nixpkgs

users/grfn/system/system/modules/reusable/battery.nix

@@ -0,0 +1,32 @@
+{ config, lib, pkgs, ... }:
+with lib;
+{
+  options = {
+    laptop.onLowBattery = {
+      enable = mkEnableOption "Perform action on low battery";
+
+      thresholdPercentage = mkOption {
+        description = "Threshold battery percentage on which to perform the action";
+        default = 8;
+        type = types.int;
+      };
+
+      action = mkOption {
+        description = "Action to perform on low battery";
+        default = "hibernate";
+        type = types.enum [ "hibernate" "suspend" "suspend-then-hibernate" ];
+      };
+    };
+  };
+
+  config =
+    let cfg = config.laptop.onLowBattery;
+    in mkIf cfg.enable {
+    services.udev.extraRules = concatStrings [
+      ''SUBSYSTEM=="power_supply", ''
+      ''ATTR{status}=="Discharging", ''
+      ''ATTR{capacity}=="[0-${toString cfg.thresholdPercentage}]", ''
+      ''RUN+="${pkgs.systemd}/bin/systemctl ${cfg.action}"''
+    ];
+  };
+}

users/grfn/system/system/modules/rtlsdr.nix

@@ -0,0 +1,17 @@
+{ config, lib, pkgs, ... }:
+
+{
+
+  environment.systemPackages = with pkgs; [
+    rtl-sdr
+  ];
+
+  services.udev.packages = with pkgs; [
+    rtl-sdr
+  ];
+
+  # blacklist for rtl-sdr
+  boot.blacklistedKernelModules = [
+    "dvb_usb_rtl28xxu"
+  ];
+}

users/grfn/system/system/modules/sound.nix

@@ -0,0 +1,16 @@
+{ config, lib, pkgs, ... }:
+{
+  # Enable sound.
+  sound.enable = true;
+  hardware.pulseaudio.enable = true;
+  nixpkgs.config.pulseaudio = true;
+
+  environment.systemPackages = with pkgs; [
+    pulseaudio-ctl
+    paprefs
+    pasystray
+    pavucontrol
+  ];
+
+  hardware.pulseaudio.package = pkgs.pulseaudioFull;
+}

users/grfn/system/system/modules/tvl.nix

@@ -0,0 +1,37 @@
+{ config, lib, pkgs, ... }:
+
+{
+  nix = {
+    buildMachines = [{
+      hostName = "whitby.tvl.fyi";
+      sshUser = "grfn";
+      sshKey = "/root/.ssh/id_rsa";
+      system = "x86_64-linux";
+      maxJobs = 64;
+      supportedFeatures = ["big-parallel" "kvm" "nixos-test" "benchmark"];
+    }];
+
+    extraOptions = ''
+      builders-use-substitutes = true
+    '';
+
+    binaryCaches = [
+      "https://cache.nixos.org"
+      "ssh://nix-ssh@whitby.tvl.fyi"
+    ];
+    trustedBinaryCaches = [
+      "https://cache.nixos.org"
+      "ssh://nix-ssh@whitby.tvl.fyi"
+    ];
+    binaryCachePublicKeys = [
+      "cache.tvl.fyi:fd+9d1ceCPvDX/xVhcfv8nAa6njEhAGAEe+oGJDEeoc="
+    ];
+  };
+
+  programs.ssh.knownHosts.whitby = {
+    hostNames = [ "whitby" "whitby.tvl.fyi" "49.12.129.211"];
+    publicKeyFile = pkgs.writeText "whitby.pub" ''
+      ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILNh/w4BSKov0jdz3gKBc98tpoLta5bb87fQXWBhAl2I
+    '';
+  };
+}

users/grfn/system/system/modules/work/kolide.nix

@@ -0,0 +1,49 @@
+{ config, lib, pkgs, ... }:
+
+let
+  deb = ./kolide.deb;
+
+  kolide = pkgs.runCommand "kolide-data" {
+    buildInputs = [ pkgs.binutils-unwrapped ];
+  } ''
+    cp ${deb} ./kolide.deb
+    ar x kolide.deb
+    mkdir result
+    tar xzf data.tar.gz -C result
+    patchelf \
+      --set-interpreter ${pkgs.glibc}/lib/ld-linux-x86-64.so.2 \
+      --set-rpath "${lib.makeLibraryPath (with pkgs; [
+        zlib
+      ])}" \
+      result/usr/local/kolide-k2/bin/osqueryd
+    mv result $out
+  '';
+
+in {
+  systemd.services."launcher.kolide-k2" = {
+    wantedBy = [ "multi-user.target" ];
+    after = [ "network.target" "syslog.service" ];
+    description = "The Kolide Launcher";
+    serviceConfig = {
+      ExecStart = ''
+        ${kolide}/usr/local/kolide-k2/bin/launcher \
+          -config \
+          ${pkgs.writeText "launcher.flags" ''
+            with_initial_runner
+            control
+            autoupdate
+            root_directory /var/lib/kolide
+            osqueryd_path ${kolide}/usr/local/kolide-k2/bin/osqueryd
+            enroll_secret_path ${kolide}/etc/kolide-k2/secret
+            control_hostname k2control.kolide.com
+            update_channel stable
+            transport jsonrpc
+            hostname k2device.kolide.com
+          ''}
+      '';
+      StateDirectory = "kolide";
+      Restart = "on-failure";
+      RestartSec = 3;
+    };
+  };
+}

users/grfn/system/system/modules/xserver.nix

@@ -0,0 +1,16 @@
+{ config, pkgs, ... }:
+{
+  # Enable the X11 windowing system.
+  services.xserver = {
+    enable = true;
+    layout = "us";
+
+    libinput.enable = true;
+
+    displayManager = {
+      defaultSession = "none+i3";
+    };
+
+    windowManager.i3.enable = true;
+  };
+}