2024-11-26 19:20:10 +01:00
|
|
|
{
|
|
|
|
config,
|
|
|
|
lib,
|
|
|
|
pkgs,
|
|
|
|
...
|
|
|
|
}:
|
2024-09-08 21:05:56 +02:00
|
|
|
{
|
|
|
|
imports = [
|
|
|
|
# Include the results of the hardware scan.
|
|
|
|
./hardware-configuration.nix
|
|
|
|
# ./modules/kvm.nix
|
|
|
|
./../../sway
|
|
|
|
];
|
|
|
|
|
2024-11-30 10:47:40 +01:00
|
|
|
age.identityPaths = [ ../../secrets/yubikey-identity.txt ];
|
2024-09-08 21:05:56 +02:00
|
|
|
|
|
|
|
services.zfs.trim.enable = true;
|
|
|
|
boot.supportedFilesystems.zfs = true;
|
2024-11-26 19:20:10 +01:00
|
|
|
|
2024-09-21 09:43:57 +02:00
|
|
|
# security.pam.yubico.control = "required";
|
|
|
|
|
2024-11-26 19:20:10 +01:00
|
|
|
services.udev.extraRules =
|
|
|
|
let
|
|
|
|
inherit (lib) getExe' getExe;
|
|
|
|
inherit (pkgs) procps writeShellScriptBin;
|
|
|
|
exitSway = writeShellScriptBin "kill-sway" ''
|
|
|
|
for pid in $(${getExe' procps "pgrep"} sway -x)
|
|
|
|
do
|
|
|
|
uid=$(id -u $(${getExe' procps "ps"} -o user= -p $pid))
|
|
|
|
export SWAYSOCK="/run/user/$uid/sway-ipc.$uid.$pid.sock"
|
|
|
|
if [[ -e "$SWAYSOCK" ]] ; then
|
|
|
|
echo "sock is $SWAYSOCK"
|
|
|
|
${getExe' config.programs.sway.package "swaymsg"} exit
|
|
|
|
fi
|
|
|
|
done
|
|
|
|
'';
|
|
|
|
in
|
|
|
|
''
|
|
|
|
ACTION=="remove",\
|
|
|
|
ENV{SUBSYSTEM}=="usb",\
|
|
|
|
ENV{PRODUCT}=="1050/407/543",\
|
|
|
|
RUN+="${lib.getExe exitSway}"
|
|
|
|
# '';
|
|
|
|
|
2024-11-27 09:47:58 +01:00
|
|
|
services.printing.cups-pdf.enable = true; # implies printing enable
|
|
|
|
# services.printing.enable = true;
|
|
|
|
security.apparmor.enable = true;
|
|
|
|
|
2024-11-26 19:20:10 +01:00
|
|
|
# RUN+="${lib.getExe' pkgs.systemd "loginctl"} lock-sessions"
|
2024-09-21 09:43:57 +02:00
|
|
|
|
2024-11-26 19:20:10 +01:00
|
|
|
# networking.hostId = "2ea79333";
|
|
|
|
# boot.kernelPackages = lib.mkForce config.boot.zfs.package.latestCompatibleLinuxPackages;
|
2024-09-08 21:05:56 +02:00
|
|
|
|
|
|
|
grimmShared = {
|
|
|
|
tooling = {
|
|
|
|
pass = true;
|
|
|
|
};
|
|
|
|
gaming = true;
|
|
|
|
portals = true;
|
|
|
|
sound = {
|
|
|
|
enable = true;
|
|
|
|
midi = true;
|
|
|
|
};
|
|
|
|
graphical = true;
|
|
|
|
firefox = {
|
|
|
|
enable = true;
|
|
|
|
plugins = {
|
|
|
|
"uBlock0@raymondhill.net" = "ublock-origin";
|
|
|
|
"{1e6672b5-a286-4217-83ec-81cc872debcf}" = "youtube-control-fix";
|
|
|
|
"gdpr@cavi.au.dk" = "consent-o-matic";
|
|
|
|
"{41f9e51d-35e4-4b29-af66-422ff81c8b41}" = "disable-javascript";
|
|
|
|
"{7a7a4a92-a2a0-41d1-9fd7-1e92480d612d}" = "styl-us";
|
|
|
|
"wappalyzer@crunchlabz.com" = "wappalyzer";
|
|
|
|
"{b9db16a4-6edc-47ec-a1f4-b86292ed211d}" = "video-downloadhelper";
|
|
|
|
"{1526fba1-ac33-4dfc-99d8-163e6129f7b9}" = "reveye-ris";
|
2024-10-04 22:12:18 +02:00
|
|
|
"shinigamieyes@shinigamieyes" = "shinigami-eyes";
|
2024-09-08 21:05:56 +02:00
|
|
|
};
|
|
|
|
};
|
|
|
|
cloudSync = {
|
|
|
|
enable = true;
|
|
|
|
username = "Grimmauld";
|
|
|
|
server = "cloud.grimmauld.de";
|
|
|
|
passwordFile = config.age.secrets.nextcloud_pass.path;
|
|
|
|
};
|
|
|
|
|
|
|
|
spotify.enable = true;
|
|
|
|
};
|
|
|
|
|
|
|
|
age.secrets.nextcloud_pass = {
|
|
|
|
file = ./../../secrets/nextcloud_pass.age;
|
|
|
|
mode = "777";
|
|
|
|
};
|
|
|
|
|
|
|
|
networking.hostName = "grimm-nixos-ssd";
|
|
|
|
|
|
|
|
system.stateVersion = "24.05";
|
|
|
|
|
|
|
|
# nix.settings.extra-substituters = [ "https://nixcache.grimmauld.de" ];
|
|
|
|
|
|
|
|
nix.settings.trusted-public-keys = [
|
|
|
|
"nixcache.grimmauld.de:LFBlakr8RYIuVb9I1S0+L9JGyB2THcfbPa0W6srghqo="
|
|
|
|
];
|
|
|
|
}
|