-
-
Notifications
You must be signed in to change notification settings - Fork 6
/
Copy pathMakefile
236 lines (216 loc) · 7.89 KB
/
Makefile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
SHELL :=bash
.SHELLFLAGS :=-euo pipefail -c
.ONESHELL: ;
.EXPORT_ALL_VARIABLES: ;
ifndef DEBUG
.SILENT: ;
endif
.DEFAULT_GOAL :=switch
WORKDIR :=$(patsubst %/,%,$(dir $(realpath $(lastword $(MAKEFILE_LIST)))))
HOSTNAME ?=$(shell hostname)
SYSTEM :=$(shell uname -s)
ifdef DEBUG
FLAGS +=--verbose
FLAGS +=--show-trace
DEPLOY_FLAGS +=--debug-logs
else
NIX_FLAGS +=--no-warn-dirty
endif
ifeq ($(SYSTEM),Darwin)
FLAGS +=--impure
else # NixOS:
FLAGS +=--option pure-eval no
endif
DEPLOY_FLAGS +=--skip-checks
# TODO:
# - Helper for individual input updates:
# nix flake lock --update-input darwin
ifeq ($(SYSTEM),Darwin)
NIX_REBUILD :=nix build $(NIX_FLAGS) $(FLAGS)
NIX_REBUILD +=.\#darwinConfigurations.$(HOSTNAME).system
NIX_REBUILD +=&&
NIX_REBUILD +=./result/sw/bin/darwin-rebuild $(FLAGS)
else
NIX_REBUILD :=sudo nixos-rebuild $(FLAGS)
endif
NIX_REBUILD +=--flake .\#$(HOSTNAME)
# Make defaults.
all: switch
clean: ; rm -f result
.PHONY: all clean
# Build targets.
switch: ; $(NIX_REBUILD) switch
rollback: ; $(NIX_REBUILD) switch --rollback
upgrade: ; $(NIX_REBUILD) switch --upgrade
.PHONY: switch rollback upgrade
test: ACTION=$(if $(filter-out Darwin,$(SYSTEM)),test,check)
test: ; $(NIX_REBUILD) $(ACTION)
.PHONY: test
update-flake: ; nix flake update
update-homebrew:
update: update-flake update-homebrew
.PHONY: update-flake update-homebrew update
# Runtime targets.
gc:
ifeq ($(SYSTEM),Darwin)
brew bundle cleanup --zap -f
endif
nix-collect-garbage -d
.PHONY: gc
# Remote deploy targets.
deploy-zuul: ; sudo nixos-rebuild switch --flake '.#zuul' --target-host mbaillie@zuul --build-host localhost --impure && rsync -avz --delete --exclude '.git' --exclude '.private/.git' /etc/dotfiles mbaillie@zuul:/etc/
deploy-naptime: ; sudo nixos-rebuild switch --flake '.#naptime' --target-host mbaillie@naptime --build-host localhost --impure && rsync -avz --delete --exclude '.git' --exclude '.private/.git' /etc/dotfiles mbaillie@naptime:/etc/
.PHONY: deploy-zuul deploy-naptime
# Emacs configuration.
$(XDG_CONFIG_HOME)/emacs:
git clone --depth 1 https://github.com/doomemacs/doomemacs $@
# Sadly not everything in the Emacs world is supporting XDG yet.
ln -sf $@ $(HOME)/.emacs.d
$(XDG_CONFIG_HOME)/doom: ; ln -sf $(WORKDIR)/config/emacs $@
config-emacs: $(XDG_CONFIG_HOME)/doom $(XDG_CONFIG_HOME)/emacs ; doom install
.PHONY: config-emacs
# Theme targets.
$(XDG_DATA_HOME)/theme.nix:
ifndef NIX_THEME
$(error ERROR: NIX_THEME missing)
endif
echo "{ modules.theme.mode = \"$(NIX_THEME)\"; }" > $@
nix-switch-theme: $(XDG_DATA_HOME)/theme.nix $(NIX_THEME) switch
.PHONY: nix-switch-theme
################################################################################
# Leftover imperative commands needed after a Nix theme switch.
#
# It is surprisingly difficult to programmatically change a macOS background
# across all spaces!
darwin-wallpaper: WALLPAPER ?=$(XDG_CONFIG_HOME)/wallpaper
darwin-wallpaper:
osascript \
-e 'tell application "System Events"' \
-e 'set picture of every desktop to POSIX file "'$(WALLPAPER)'"' \
-e 'end tell' &
.PHONY: darwin-wallpaper
# light: EMACS_THEME ?=doom-solarized-light
# light: TERM_THEME ?=base16-solarized-light.sh
light: EMACS_THEME ?=modus-operandi
light: TERM_THEME ?=base16-tomorrow.sh
light:
ifeq ($(SYSTEM),Darwin)
light: darwin-wallpaper
light:
osascript \
-e 'tell application "System Events"' \
-e 'tell appearance preferences' \
-e 'set dark mode to false' \
-e 'end tell' \
-e 'end tell' &
endif
ifeq ($(SYSTEM),Linux)
ln -sf $(ZGEN_DIR)/chriskempson/base16-shell-master/scripts/$(TERM_THEME) \
$(ZDOTDIR)/theme.zsh
emacsclient -a "" -n -e "(mb/set-wallpaper)" &>/dev/null
endif
echo "(setq doom-theme '$(EMACS_THEME))" >$(XDG_CONFIG_HOME)/doom/+theme.el
emacsclient -a "" -n \
-e "(setq doom-theme '$(EMACS_THEME))" \
-e "(doom/reload-theme)" \
&>/dev/null
.PHONY: light
dark: EMACS_THEME ?=doom-dracula
dark: TERM_THEME ?=base16-dracula.sh
dark:
ifeq ($(SYSTEM),Darwin)
dark: darwin-wallpaper
dark:
osascript \
-e 'tell application "System Events"' \
-e 'tell appearance preferences' \
-e 'set dark mode to true' \
-e 'end tell' \
-e 'end tell' &
endif
ifeq ($(SYSTEM),Linux)
ln -sf $(ZGEN_DIR)/chriskempson/base16-shell/___/scripts/$(TERM_THEME) \
$(ZDOTDIR)/theme.zsh
emacsclient -a "" -n \
-e "(progn (mb/set-wallpaper) (mb/start-panel))" \
&>/dev/null
endif
echo "(setq doom-theme '$(EMACS_THEME))" >$(XDG_CONFIG_HOME)/doom/+theme.el
ifeq ($(SYSTEM),Darwin)
echo "(add-to-list 'default-frame-alist '(ns-appearance . dark))" \
>>$(XDG_CONFIG_HOME)/doom/+theme.el
endif
emacsclient -a "" -n \
-e "(progn (setq doom-theme '$(EMACS_THEME)) (doom/reload-theme))" \
&>/dev/null
.PHONY: dark
################################################################################
# Parasite VM for macOS.
#
# Initial bootstrap notes:
# 1. Mount a NixOS minimal ISO to a VMWare VM
# 2. Notable configs:
# - Keyboard: disable all apart from command-ctrl.
# - Display: 3d Acceleration, full shared graphics memory and use Retina
# - Hard-disk: NVMe and allocate full disk upfront
# - Delete soundcard
# - Isolation: remove drag and drop
# - USB: Enable controller; passthrough Yubi
# https://support.yubico.com/hc/en-us/articles/360013647640
# - Advanced: Disable side channel mitigations
# https://kb.vmware.com/s/article/79832
# - Advanced: Harddisk buffering
# - Advanced: Passthru power
# 3. Boot the VM, `sudo su` and change the password to 'root'
# 4. Grab the addreess from `ip addr` and run the target
# 5. Copy keys over sneakernet.
# ssh mbaillie@172.16.136.128 mkdir -p /home/mbaillie/.local/share
# scp $XDG_DATA_HOME/keys.txt \
# mbaillie@172.16.136.128:/home/mbaillie/.local/share/keys.txt
# 6. Switch to the parasite configuration.
# ssh mbaillie@172.16.136.128
# cd /etc/dotfiles && make switch
parasite: PARASITE_ADDR ?=172.16.136.128
parasite: SSH_OPTIONS =-o PubkeyAuthentication=no
parasite: SSH_OPTIONS +=-o UserKnownHostsFile=/dev/null
parasite: SSH_OPTIONS +=-o StrictHostKeyChecking=no
parasite: ; ssh $(SSH_OPTIONS) root@$(PARASITE_ADDR) " \
parted /dev/nvme0n1 -- mklabel gpt; \
parted /dev/nvme0n1 -- mkpart primary 512MiB -8GiB; \
parted /dev/nvme0n1 -- mkpart primary linux-swap -8GiB 100\%; \
parted /dev/nvme0n1 -- mkpart ESP fat32 1MiB 512MiB; \
parted /dev/nvme0n1 -- set 3 esp on; \
sleep 1; \
mkfs.ext4 -L nixos /dev/nvme0n1p1; \
mkswap -L swap /dev/nvme0n1p2; \
mkfs.fat -F 32 -n boot /dev/nvme0n1p3; \
sleep 1; \
mount /dev/disk/by-label/nixos /mnt; \
mkdir -p /mnt/boot; \
mount /dev/disk/by-label/boot /mnt/boot; \
swapon /dev/disk/by-label/swap; \
nixos-generate-config --root /mnt; \
sed --in-place '/system\.stateVersion = .*/a \
environment.systemPackages = with pkgs; [ gitMinimal gnumake vim ];\n \
nix.package = pkgs.nixUnstable;\n \
nix.extraOptions = \"experimental-features = nix-command flakes\";\n \
nix.settings.substituters = [\"https://martinbaillie.cachix.org\"];\n \
nix.settings.trusted-public-keys = [\"martinbaillie.cachix.org-1:clUspg2ke4PWimP2gYEtm1/lvbcDDEc8yFP6lgOiqlQ=\"];\n \
networking.hostName = \"parasite\";\n \
services.openssh.enable = true;\n \
services.openssh.passwordAuthentication = true;\n \
services.openssh.permitRootLogin = \"yes\";\n \
users.users.root.initialPassword = \"root\";\n \
users.users.mbaillie.uid = 501;\n \
users.users.mbaillie.initialPassword = \"mbaillie\";\n \
users.users.mbaillie.group = \"users\";\n \
users.users.mbaillie.extraGroups = [ \"wheel\" ];\n \
users.users.mbaillie.isNormalUser = true;\n \
fileSystems.\"/etc/dotfiles\".device = \".host:/dotfiles\";\n \
fileSystems.\"/etc/dotfiles\".fsType = \"fuse./run/current-system/sw/bin/vmhgfs-fuse\";\n \
fileSystems.\"/etc/dotfiles\".options = [ \"nofail,allow_other,uid=501,gid=100\" ];\n \
virtualisation.vmware.guest.enable = true;\n \
' /mnt/etc/nixos/configuration.nix; \
nixos-install --no-root-passwd; \
reboot; \
"