nixos-config/configs/nixos/ni/modules/setups/development.nix

{ config, lib, pkgs, ... }:

let
  hostCfg = config.hosts.ni;
  cfg = hostCfg.setups.development;
in
{
  options.hosts.ni.setups.development.enable =
    lib.mkEnableOption "software development setup";

  config = lib.mkIf cfg.enable (lib.mkMerge [
    {
      # Bring all of the software development goodies.
      suites.dev = {
        enable = true;
        extras.enable = true;
        hardware.enable = true;
        containers.enable = true;
        virtual-machines.enable = true;
        security.enable = true;
        neovim.enable = true;
      };

      # Allow USB redirections to machines.
      virtualisation.spiceUSBRedirection.enable = lib.mkDefault true;

      virtualisation.docker = {
        enable = true;
        autoPrune = {
          enable = true;
          dates = "weekly";
        };
        logDriver = "journald";
      };

      environment.systemPackages = with pkgs;
        [
          # For debugging build environments in Nix packages.
          cntr

          devpod-desktop

          freecad
        ];

      # Enable the terminal emulator of choice.
      programs.wezterm.enable = true;

      # Enable them debugging your mobile tracker.
      programs.adb.enable = true;

      # Installing Guix within NixOS. Now that's some OTP rarepair material right
      # there.
      services.guix = {
        enable = true;
        gc = {
          enable = true;
          dates = "weekly";
        };
      };

      # Adding a bunch of emulated systems for cross-system building.
      boot.binfmt.emulatedSystems = [
        "aarch64-linux"
        "riscv64-linux"
      ];
    }

    (lib.mkIf config.suites.dev.containers.enable {
      state.ports.cockpit.value = 9090;

      services.cockpit = {
        enable = true;
        port = config.state.ports.cockpit.value;
        settings = {
          WebService.AllowUnencrypted = true;
        };
      };

      # Setting up a single-node k3s cluster for learning purposes.
      services.k3s = {
        enable = true;
        role = "server";
        extraFlags = [ "--debug" ];
      };

      networking.firewall.allowedTCPPorts = [
        6443 # required so that pods can reach the API server (running on port 6443 by default)
        2379 # etcd clients: required if using a "High Availability Embedded etcd" configuration
        2380 # etcd peers: required if using a "High Availability Embedded etcd" configuration
      ];

      networking.firewall.allowedUDPPorts = [
        8472 # flannel: required if using multi-node for inter-node networking
      ];
    })

    # You'll be most likely having these anyways and even if this is disabled,
    # you most likely cannot use the system at all so WHY IS IT HERE?
    (lib.mkIf hostCfg.networking.enable {
      environment.systemPackages = with pkgs; [
        # Some sysadmin thingamajigs.
        openldap

        # Searchsploit.
        exploitdb
      ];

      # Be a networking doctor or something.
      programs.mtr.enable = true;

      # Wanna be a wannabe haxxor, kid?
      programs.wireshark.package = pkgs.wireshark;

      # Modern version of SSH.
      programs.mosh.enable = true;
    })
  ]);
}
hosts/ni/setups/development: init module 2023-12-13 02:50:33 +00:00			`{ config, lib, pkgs, ... }:`

			`let`
			`hostCfg = config.hosts.ni;`
			`cfg = hostCfg.setups.development;`
			`in`
			`{`
			`options.hosts.ni.setups.development.enable =`
			`lib.mkEnableOption "software development setup";`

			`config = lib.mkIf cfg.enable (lib.mkMerge [`
			`{`
			`# Bring all of the software development goodies.`
modules: move `profiles` custom namespace to `suites` We now have a "proper" profiles modules ala-nixpkgs so we'll have to move these to make it less confusing. 2024-01-22 06:48:55 +00:00			`suites.dev = {`
hosts/ni/setups/development: init module 2023-12-13 02:50:33 +00:00			`enable = true;`
profiles/dev: simplify the configuration Now with host-specific and user-specific modules, we can now start remove parts of the modules with my configurations on them that are otherwise intended for the entire cluster. 2023-12-17 16:00:55 +00:00			`extras.enable = true;`
profiles/dev: add hardware submodule 2023-12-25 12:05:49 +00:00			`hardware.enable = true;`
profiles/dev: separate containers and virtual machines setup 2023-12-17 16:11:11 +00:00			`containers.enable = true;`
			`virtual-machines.enable = true;`
hosts/ni/setups/development: add security tools 2024-10-30 11:09:16 +00:00			`security.enable = true;`
hosts/ni/setups/development: init module 2023-12-13 02:50:33 +00:00			`neovim.enable = true;`
			`};`

hosts/ni: update for virtualization usage 2024-12-03 04:40:43 +00:00			`# Allow USB redirections to machines.`
			`virtualisation.spiceUSBRedirection.enable = lib.mkDefault true;`

hosts/ni/setups/development: replace Podman with Docker as container runtime 2024-10-27 03:40:13 +00:00			`virtualisation.docker = {`
			`enable = true;`
			`autoPrune = {`
			`enable = true;`
			`dates = "weekly";`
			`};`
			`logDriver = "journald";`
			`};`

			`environment.systemPackages = with pkgs;`
			`[`
			`# For debugging build environments in Nix packages.`
			`cntr`
hosts/ni/setups: update config 2024-12-09 11:21:53 +00:00
			`devpod-desktop`
hosts/ni: update program list 2024-12-11 10:15:41 +00:00
			`freecad`
hosts/ni/setups/development: replace Podman with Docker as container runtime 2024-10-27 03:40:13 +00:00			`];`
hosts/ni/setups/development: init module 2023-12-13 02:50:33 +00:00
			`# Enable the terminal emulator of choice.`
			`programs.wezterm.enable = true;`

			`# Enable them debugging your mobile tracker.`
			`programs.adb.enable = true;`

			`# Installing Guix within NixOS. Now that's some OTP rarepair material right`
			`# there.`
			`services.guix = {`
			`enable = true;`
			`gc = {`
			`enable = true;`
			`dates = "weekly";`
			`};`
			`};`

			`# Adding a bunch of emulated systems for cross-system building.`
			`boot.binfmt.emulatedSystems = [`
			`"aarch64-linux"`
			`"riscv64-linux"`
			`];`
			`}`

hosts/ni/setups/development: add k3s server 2024-12-11 02:57:43 +00:00			`(lib.mkIf config.suites.dev.containers.enable {`
hosts/plover/setups/development: enable Cockpit server 2024-12-16 14:33:37 +00:00			`state.ports.cockpit.value = 9090;`

			`services.cockpit = {`
			`enable = true;`
			`port = config.state.ports.cockpit.value;`
			`settings = {`
			`WebService.AllowUnencrypted = true;`
			`};`
			`};`

hosts/ni/setups/development: add k3s server 2024-12-11 02:57:43 +00:00			`# Setting up a single-node k3s cluster for learning purposes.`
			`services.k3s = {`
			`enable = true;`
			`role = "server";`
			`extraFlags = [ "--debug" ];`
			`};`

			`networking.firewall.allowedTCPPorts = [`
			`6443 # required so that pods can reach the API server (running on port 6443 by default)`
			`2379 # etcd clients: required if using a "High Availability Embedded etcd" configuration`
			`2380 # etcd peers: required if using a "High Availability Embedded etcd" configuration`
			`];`

			`networking.firewall.allowedUDPPorts = [`
			`8472 # flannel: required if using multi-node for inter-node networking`
			`];`
			`})`

hosts/ni/setups/development: init module 2023-12-13 02:50:33 +00:00			`# You'll be most likely having these anyways and even if this is disabled,`
			`# you most likely cannot use the system at all so WHY IS IT HERE?`
			`(lib.mkIf hostCfg.networking.enable {`
			`environment.systemPackages = with pkgs; [`
			`# Some sysadmin thingamajigs.`
			`openldap`

			`# Searchsploit.`
			`exploitdb`
			`];`

			`# Be a networking doctor or something.`
			`programs.mtr.enable = true;`

			`# Wanna be a wannabe haxxor, kid?`
			`programs.wireshark.package = pkgs.wireshark;`

			`# Modern version of SSH.`
			`programs.mosh.enable = true;`
			`})`
			`]);`
			`}`