aa-alias-manager flake dependency
This commit is contained in:
parent
cf90fea47a
commit
c18468c958
10 changed files with 189 additions and 114 deletions
|
@ -27,19 +27,20 @@ in
|
||||||
];
|
];
|
||||||
|
|
||||||
services.udev.packages = with pkgs; [ yubikey-personalization ];
|
services.udev.packages = with pkgs; [ yubikey-personalization ];
|
||||||
|
boot.bcache.enable = false;
|
||||||
|
|
||||||
hardware.i2c.enable = true;
|
# hardware.i2c.enable = true;
|
||||||
services.libinput.enable = true;
|
services.libinput.enable = true;
|
||||||
hardware.opentabletdriver.enable = true;
|
hardware.opentabletdriver.enable = true;
|
||||||
services.udisks2.enable = true;
|
services.udisks2.enable = true;
|
||||||
|
|
||||||
services.udev.extraRules = ''
|
#services.udev.extraRules = ''
|
||||||
SUBSYSTEM=="i2c-dev", ACTION=="add",\
|
# SUBSYSTEM=="i2c-dev", ACTION=="add",\
|
||||||
ATTR{name}=="NVIDIA i2c adapter*",\
|
# ATTR{name}=="NVIDIA i2c adapter*",\
|
||||||
TAG+="ddcci",\
|
# TAG+="ddcci",\
|
||||||
TAG+="systemd",\
|
# TAG+="systemd",\
|
||||||
ENV{SYSTEMD_WANTS}+="ddcci@$kernel.service"
|
# ENV{SYSTEMD_WANTS}+="ddcci@$kernel.service"
|
||||||
'';
|
#'';
|
||||||
|
|
||||||
systemd.services."ddcci@" = {
|
systemd.services."ddcci@" = {
|
||||||
scriptArgs = "%i";
|
scriptArgs = "%i";
|
||||||
|
|
|
@ -1,30 +0,0 @@
|
||||||
{ lib, rustPlatform, fetchFromGitHub, makeWrapper, nix }:
|
|
||||||
rustPlatform.buildRustPackage {
|
|
||||||
pname = "aa-alias-manager";
|
|
||||||
version = "unstable-2024-10-25";
|
|
||||||
src = fetchFromGitHub {
|
|
||||||
owner = "LordGrimmauld";
|
|
||||||
repo = "aa-alias-manager";
|
|
||||||
rev = "23a0bb9ac822c80aefba4211b426d0550769f87a";
|
|
||||||
hash = "sha256-yo+EaXZgc3BNYgoQZ/ixrJj6mllwn2YYdCtxS7T4khc=";
|
|
||||||
};
|
|
||||||
|
|
||||||
cargoHash = "sha256-nKAUOITYZJx9fte6qH6t9FbofTK8alhLb4A5YqRq3eA=";
|
|
||||||
|
|
||||||
nativeBuildInputs = [ makeWrapper ];
|
|
||||||
buildInputs = [ nix ];
|
|
||||||
|
|
||||||
postInstall = ''
|
|
||||||
wrapProgram $out/bin/aa-alias-manager \
|
|
||||||
--suffix PATH : "${nix}/bin/"
|
|
||||||
'';
|
|
||||||
|
|
||||||
meta = {
|
|
||||||
description = "Tool to generate a file of aliases for apparmor based on current nixos generation";
|
|
||||||
homepage = "https://github.com/LordGrimmauld/aa-alias-manager";
|
|
||||||
license = lib.licenses.gpl3Only;
|
|
||||||
mainProgram = "aa-alias-manager";
|
|
||||||
maintainers = with lib.maintainers; [ grimmauld ];
|
|
||||||
platforms = lib.platforms.linux;
|
|
||||||
};
|
|
||||||
}
|
|
|
@ -1,37 +0,0 @@
|
||||||
{
|
|
||||||
config,
|
|
||||||
lib,
|
|
||||||
pkgs,
|
|
||||||
...
|
|
||||||
}:
|
|
||||||
let
|
|
||||||
inherit (lib) getExe mkIf;
|
|
||||||
aa-alias-manager = pkgs.callPackage ./aa-alias-manager-package.nix { };
|
|
||||||
alias_dir = "/run/aliases.d";
|
|
||||||
in
|
|
||||||
{
|
|
||||||
config = mkIf config.security.apparmor.enable {
|
|
||||||
security.apparmor.includes."tunables/alias.d/store" = ''
|
|
||||||
include if exists "${alias_dir}"
|
|
||||||
'';
|
|
||||||
|
|
||||||
systemd.services.aa-alias-setup = {
|
|
||||||
after = [ "local-fs.target" ];
|
|
||||||
before = [ "apparmor.service" ];
|
|
||||||
requiredBy = [ "apparmor.service" ];
|
|
||||||
|
|
||||||
path = [ config.nix.package ]; # respect the users choice to use alternative nix implementations
|
|
||||||
|
|
||||||
unitConfig = {
|
|
||||||
Description = "Initialize alias rules required for AppArmor policies";
|
|
||||||
DefaultDependencies = "no";
|
|
||||||
ConditionSecurity = "apparmor";
|
|
||||||
};
|
|
||||||
|
|
||||||
serviceConfig = {
|
|
||||||
Type = "oneshot";
|
|
||||||
ExecStart = "${getExe aa-alias-manager} -o ${alias_dir} -p ${./aa-alias-patterns.json}";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
};
|
|
||||||
}
|
|
|
@ -1,16 +0,0 @@
|
||||||
[
|
|
||||||
{
|
|
||||||
"name": "bin",
|
|
||||||
"target": "/bin",
|
|
||||||
"pattern": [
|
|
||||||
"bin",
|
|
||||||
"libexec",
|
|
||||||
"sbin",
|
|
||||||
"usr/bin",
|
|
||||||
"usr/sbin"
|
|
||||||
],
|
|
||||||
"individual": true,
|
|
||||||
"only_exe": true,
|
|
||||||
"disallowed_strings": [ "!" ]
|
|
||||||
}
|
|
||||||
]
|
|
|
@ -35,7 +35,7 @@ index a887d4b9..606b4643 100644
|
||||||
Preamble: Rules{
|
Preamble: Rules{
|
||||||
&Variable{Name: "arch", Values: []string{"x86_64", "amd64", "i386"}, Define: true},
|
&Variable{Name: "arch", Values: []string{"x86_64", "amd64", "i386"}, Define: true},
|
||||||
- &Variable{Name: "bin", Values: []string{"/{,usr/}{,s}bin"}, Define: true},
|
- &Variable{Name: "bin", Values: []string{"/{,usr/}{,s}bin"}, Define: true},
|
||||||
+ &Variable{Name: "bin", Values: []string{"/{nix/store/*/,}{,usr/}{,s}bin"}, Define: true},
|
+ &Variable{Name: "bin", Values: []string{"/bin"}, Define: true},
|
||||||
&Variable{Name: "c", Values: []string{"[0-9a-zA-Z]"}, Define: true},
|
&Variable{Name: "c", Values: []string{"[0-9a-zA-Z]"}, Define: true},
|
||||||
&Variable{Name: "etc_ro", Values: []string{"/{,usr/}etc/"}, Define: true},
|
&Variable{Name: "etc_ro", Values: []string{"/{,usr/}etc/"}, Define: true},
|
||||||
&Variable{Name: "HOME", Values: []string{"/home/*"}, Define: true},
|
&Variable{Name: "HOME", Values: []string{"/home/*"}, Define: true},
|
||||||
|
|
|
@ -9,7 +9,7 @@ let
|
||||||
inherit (lib) mkIf getExe' getExe;
|
inherit (lib) mkIf getExe' getExe;
|
||||||
in
|
in
|
||||||
{
|
{
|
||||||
imports = [ ./apparmor-d-module.nix ./aa-alias-module.nix ];
|
imports = [ ./apparmor-d-module.nix ]; # ./aa-alias-module.nix ];
|
||||||
|
|
||||||
config = mkIf (enable && tooling.enable) {
|
config = mkIf (enable && tooling.enable) {
|
||||||
services.dbus.apparmor = "enabled";
|
services.dbus.apparmor = "enabled";
|
||||||
|
@ -18,6 +18,12 @@ in
|
||||||
security.apparmor.enable = true;
|
security.apparmor.enable = true;
|
||||||
# security.apparmor.enableCache = true;
|
# security.apparmor.enableCache = true;
|
||||||
|
|
||||||
|
security.apparmor.includes."tunables/alias.d/programs" = ''
|
||||||
|
alias /bin/spotify -> ${pkgs.spotify}/share/spotify/spotify,
|
||||||
|
'';
|
||||||
|
|
||||||
|
security.audit.backlogLimit = 512;
|
||||||
|
|
||||||
security.apparmor_d = {
|
security.apparmor_d = {
|
||||||
enable = true;
|
enable = true;
|
||||||
profiles = {
|
profiles = {
|
||||||
|
@ -76,6 +82,10 @@ in
|
||||||
'';
|
'';
|
||||||
|
|
||||||
"local/xdg-mime" = ''
|
"local/xdg-mime" = ''
|
||||||
|
# include <abstractions/app/bus>
|
||||||
|
/bin/grep rix,
|
||||||
|
/bin/gawk rix,
|
||||||
|
# /bin/dbus-send Cx -> bus,
|
||||||
/dev/tty* rw,
|
/dev/tty* rw,
|
||||||
'';
|
'';
|
||||||
|
|
||||||
|
@ -101,6 +111,10 @@ in
|
||||||
capability sys_ptrace,
|
capability sys_ptrace,
|
||||||
'';
|
'';
|
||||||
|
|
||||||
|
"local/xdg-open" = ''
|
||||||
|
@{bin}/grep rix,
|
||||||
|
'';
|
||||||
|
|
||||||
"local/child-open" = ''
|
"local/child-open" = ''
|
||||||
include <abstractions/app/bus>
|
include <abstractions/app/bus>
|
||||||
@{bin}/grep ix,
|
@{bin}/grep ix,
|
||||||
|
@ -127,6 +141,10 @@ in
|
||||||
/run/wrappers/wrappers.*/unix_chkpwd rix,
|
/run/wrappers/wrappers.*/unix_chkpwd rix,
|
||||||
@{bin}/unix_chkpwd rix,
|
@{bin}/unix_chkpwd rix,
|
||||||
'';
|
'';
|
||||||
|
|
||||||
|
# "local/spotify" = ''
|
||||||
|
# @{bin}/
|
||||||
|
# '';
|
||||||
};
|
};
|
||||||
|
|
||||||
security.apparmor.policies = {
|
security.apparmor.policies = {
|
||||||
|
@ -197,6 +215,18 @@ in
|
||||||
#} '';
|
#} '';
|
||||||
# };
|
# };
|
||||||
|
|
||||||
|
|
||||||
|
sleep = {
|
||||||
|
state = "enforce";
|
||||||
|
profile = ''
|
||||||
|
abi <abi/4.0>,
|
||||||
|
include <tunables/global>
|
||||||
|
profile sleep ${getExe' pkgs.coreutils-full "sleep"} {
|
||||||
|
include <abstractions/base>
|
||||||
|
}
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
|
||||||
osu-lazer = {
|
osu-lazer = {
|
||||||
state = "enforce";
|
state = "enforce";
|
||||||
# enable = true;
|
# enable = true;
|
||||||
|
|
|
@ -23,7 +23,7 @@ in
|
||||||
./lsp.nix
|
./lsp.nix
|
||||||
./helix.nix
|
./helix.nix
|
||||||
./git.nix
|
./git.nix
|
||||||
./wine.nix
|
# ./wine.nix
|
||||||
./c.nix
|
./c.nix
|
||||||
./java.nix
|
./java.nix
|
||||||
./opensnitch
|
./opensnitch
|
||||||
|
|
158
flake.lock
158
flake.lock
|
@ -1,8 +1,30 @@
|
||||||
{
|
{
|
||||||
"nodes": {
|
"nodes": {
|
||||||
|
"aa-alias-manager": {
|
||||||
|
"inputs": {
|
||||||
|
"nix-github-actions": "nix-github-actions",
|
||||||
|
"nixpkgs": [
|
||||||
|
"nixpkgs"
|
||||||
|
],
|
||||||
|
"pre-commit-hooks": "pre-commit-hooks"
|
||||||
|
},
|
||||||
|
"locked": {
|
||||||
|
"lastModified": 1730472722,
|
||||||
|
"narHash": "sha256-/ut+TH7jZwgZEREMOZp/Wx7zXl6hgBJGGxQHU0KO6yY=",
|
||||||
|
"owner": "LordGrimmauld",
|
||||||
|
"repo": "aa-alias-manager",
|
||||||
|
"rev": "f2ef05f2af456e247d2b37a0b3bf09edbe1788a9",
|
||||||
|
"type": "github"
|
||||||
|
},
|
||||||
|
"original": {
|
||||||
|
"owner": "LordGrimmauld",
|
||||||
|
"repo": "aa-alias-manager",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
"aagl-gtk-on-nix": {
|
"aagl-gtk-on-nix": {
|
||||||
"inputs": {
|
"inputs": {
|
||||||
"flake-compat": "flake-compat",
|
"flake-compat": "flake-compat_2",
|
||||||
"nixpkgs": [
|
"nixpkgs": [
|
||||||
"nixpkgs"
|
"nixpkgs"
|
||||||
]
|
]
|
||||||
|
@ -70,11 +92,11 @@
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1729599319,
|
"lastModified": 1730390431,
|
||||||
"narHash": "sha256-e/4JPcIRte5zkwqmGFrFo3763e0iHURX6N0apz4jbI0=",
|
"narHash": "sha256-M+rMhDB69Y35IlhmAMN4ErDige+wKPwhb6HDqpF14Rw=",
|
||||||
"owner": "chaotic-cx",
|
"owner": "chaotic-cx",
|
||||||
"repo": "nyx",
|
"repo": "nyx",
|
||||||
"rev": "1b86b304c8eb1437d9337a760e7f930826fc4d6d",
|
"rev": "40388a7427ee32af175c5169ae7587ffd2dec125",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -138,6 +160,22 @@
|
||||||
"type": "github"
|
"type": "github"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
|
"flake-compat_3": {
|
||||||
|
"flake": false,
|
||||||
|
"locked": {
|
||||||
|
"lastModified": 1696426674,
|
||||||
|
"narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=",
|
||||||
|
"owner": "edolstra",
|
||||||
|
"repo": "flake-compat",
|
||||||
|
"rev": "0f9255e01c2351cc7d116c072cb317785dd33b33",
|
||||||
|
"type": "github"
|
||||||
|
},
|
||||||
|
"original": {
|
||||||
|
"owner": "edolstra",
|
||||||
|
"repo": "flake-compat",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
"flake-schemas": {
|
"flake-schemas": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1721999734,
|
"lastModified": 1721999734,
|
||||||
|
@ -152,6 +190,28 @@
|
||||||
"url": "https://flakehub.com/f/DeterminateSystems/flake-schemas/%3D0.1.5.tar.gz"
|
"url": "https://flakehub.com/f/DeterminateSystems/flake-schemas/%3D0.1.5.tar.gz"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
|
"gitignore": {
|
||||||
|
"inputs": {
|
||||||
|
"nixpkgs": [
|
||||||
|
"aa-alias-manager",
|
||||||
|
"pre-commit-hooks",
|
||||||
|
"nixpkgs"
|
||||||
|
]
|
||||||
|
},
|
||||||
|
"locked": {
|
||||||
|
"lastModified": 1709087332,
|
||||||
|
"narHash": "sha256-HG2cCnktfHsKV0s4XW83gU3F57gaTljL9KNSuG6bnQs=",
|
||||||
|
"owner": "hercules-ci",
|
||||||
|
"repo": "gitignore.nix",
|
||||||
|
"rev": "637db329424fd7e46cf4185293b9cc8c88c95394",
|
||||||
|
"type": "github"
|
||||||
|
},
|
||||||
|
"original": {
|
||||||
|
"owner": "hercules-ci",
|
||||||
|
"repo": "gitignore.nix",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
"home-manager": {
|
"home-manager": {
|
||||||
"inputs": {
|
"inputs": {
|
||||||
"nixpkgs": [
|
"nixpkgs": [
|
||||||
|
@ -181,11 +241,11 @@
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1729414726,
|
"lastModified": 1730016908,
|
||||||
"narHash": "sha256-Dtmm1OU8Ymiy9hVWn/a2B8DhRYo9Eoyx9veERdOBR4o=",
|
"narHash": "sha256-bFCxJco7d8IgmjfNExNz9knP8wvwbXU4s/d53KOK6U0=",
|
||||||
"owner": "nix-community",
|
"owner": "nix-community",
|
||||||
"repo": "home-manager",
|
"repo": "home-manager",
|
||||||
"rev": "fe56302339bb28e3471632379d733547caec8103",
|
"rev": "e83414058edd339148dc142a8437edb9450574c8",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -196,18 +256,18 @@
|
||||||
},
|
},
|
||||||
"jovian": {
|
"jovian": {
|
||||||
"inputs": {
|
"inputs": {
|
||||||
"nix-github-actions": "nix-github-actions",
|
"nix-github-actions": "nix-github-actions_2",
|
||||||
"nixpkgs": [
|
"nixpkgs": [
|
||||||
"chaotic",
|
"chaotic",
|
||||||
"nixpkgs"
|
"nixpkgs"
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1729177642,
|
"lastModified": 1730248099,
|
||||||
"narHash": "sha256-DdKal+ZhB9QD/tnEwFg4cZ4j4YnrkvSljBxnyG+3eE0=",
|
"narHash": "sha256-Fl7BSdpLk0uTXF6ol/MR0q1EB4XQ8tn0ftig0pyYh5Y=",
|
||||||
"owner": "Jovian-Experiments",
|
"owner": "Jovian-Experiments",
|
||||||
"repo": "Jovian-NixOS",
|
"repo": "Jovian-NixOS",
|
||||||
"rev": "bb69165ff372ddbd3228a03513922acd783040e8",
|
"rev": "c11bab124fc55a37cbd854ed28ea121ed609231f",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -217,6 +277,27 @@
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"nix-github-actions": {
|
"nix-github-actions": {
|
||||||
|
"inputs": {
|
||||||
|
"nixpkgs": [
|
||||||
|
"aa-alias-manager",
|
||||||
|
"nixpkgs"
|
||||||
|
]
|
||||||
|
},
|
||||||
|
"locked": {
|
||||||
|
"lastModified": 1729742964,
|
||||||
|
"narHash": "sha256-B4mzTcQ0FZHdpeWcpDYPERtyjJd/NIuaQ9+BV1h+MpA=",
|
||||||
|
"owner": "nix-community",
|
||||||
|
"repo": "nix-github-actions",
|
||||||
|
"rev": "e04df33f62cdcf93d73e9a04142464753a16db67",
|
||||||
|
"type": "github"
|
||||||
|
},
|
||||||
|
"original": {
|
||||||
|
"owner": "nix-community",
|
||||||
|
"repo": "nix-github-actions",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"nix-github-actions_2": {
|
||||||
"inputs": {
|
"inputs": {
|
||||||
"nixpkgs": [
|
"nixpkgs": [
|
||||||
"chaotic",
|
"chaotic",
|
||||||
|
@ -225,11 +306,11 @@
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1690328911,
|
"lastModified": 1729697500,
|
||||||
"narHash": "sha256-fxtExYk+aGf2YbjeWQ8JY9/n9dwuEt+ma1eUFzF8Jeo=",
|
"narHash": "sha256-VFTWrbzDlZyFHHb1AlKRiD/qqCJIripXKiCSFS8fAOY=",
|
||||||
"owner": "zhaofengli",
|
"owner": "zhaofengli",
|
||||||
"repo": "nix-github-actions",
|
"repo": "nix-github-actions",
|
||||||
"rev": "96df4a39c52f53cb7098b923224d8ce941b64747",
|
"rev": "e418aeb728b6aa5ca8c5c71974e7159c2df1d8cf",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -242,7 +323,7 @@
|
||||||
"nixos-mailserver": {
|
"nixos-mailserver": {
|
||||||
"inputs": {
|
"inputs": {
|
||||||
"blobs": "blobs",
|
"blobs": "blobs",
|
||||||
"flake-compat": "flake-compat_2",
|
"flake-compat": "flake-compat_3",
|
||||||
"nixpkgs": [
|
"nixpkgs": [
|
||||||
"nixpkgs"
|
"nixpkgs"
|
||||||
],
|
],
|
||||||
|
@ -285,11 +366,11 @@
|
||||||
},
|
},
|
||||||
"nixpkgs": {
|
"nixpkgs": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1729413321,
|
"lastModified": 1730200266,
|
||||||
"narHash": "sha256-I4tuhRpZFa6Fu6dcH9Dlo5LlH17peT79vx1y1SpeKt0=",
|
"narHash": "sha256-l253w0XMT8nWHGXuXqyiIC/bMvh1VRszGXgdpQlfhvU=",
|
||||||
"owner": "NixOS",
|
"owner": "NixOS",
|
||||||
"repo": "nixpkgs",
|
"repo": "nixpkgs",
|
||||||
"rev": "1997e4aa514312c1af7e2bda7fad1644e778ff26",
|
"rev": "807e9154dcb16384b1b765ebe9cd2bba2ac287fd",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -314,8 +395,49 @@
|
||||||
"type": "indirect"
|
"type": "indirect"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
|
"nixpkgs-stable": {
|
||||||
|
"locked": {
|
||||||
|
"lastModified": 1720386169,
|
||||||
|
"narHash": "sha256-NGKVY4PjzwAa4upkGtAMz1npHGoRzWotlSnVlqI40mo=",
|
||||||
|
"owner": "NixOS",
|
||||||
|
"repo": "nixpkgs",
|
||||||
|
"rev": "194846768975b7ad2c4988bdb82572c00222c0d7",
|
||||||
|
"type": "github"
|
||||||
|
},
|
||||||
|
"original": {
|
||||||
|
"owner": "NixOS",
|
||||||
|
"ref": "nixos-24.05",
|
||||||
|
"repo": "nixpkgs",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"pre-commit-hooks": {
|
||||||
|
"inputs": {
|
||||||
|
"flake-compat": "flake-compat",
|
||||||
|
"gitignore": "gitignore",
|
||||||
|
"nixpkgs": [
|
||||||
|
"aa-alias-manager",
|
||||||
|
"nixpkgs"
|
||||||
|
],
|
||||||
|
"nixpkgs-stable": "nixpkgs-stable"
|
||||||
|
},
|
||||||
|
"locked": {
|
||||||
|
"lastModified": 1730302582,
|
||||||
|
"narHash": "sha256-W1MIJpADXQCgosJZT8qBYLRuZls2KSiKdpnTVdKBuvU=",
|
||||||
|
"owner": "cachix",
|
||||||
|
"repo": "git-hooks.nix",
|
||||||
|
"rev": "af8a16fe5c264f5e9e18bcee2859b40a656876cf",
|
||||||
|
"type": "github"
|
||||||
|
},
|
||||||
|
"original": {
|
||||||
|
"owner": "cachix",
|
||||||
|
"repo": "git-hooks.nix",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
"root": {
|
"root": {
|
||||||
"inputs": {
|
"inputs": {
|
||||||
|
"aa-alias-manager": "aa-alias-manager",
|
||||||
"aagl-gtk-on-nix": "aagl-gtk-on-nix",
|
"aagl-gtk-on-nix": "aagl-gtk-on-nix",
|
||||||
"agenix": "agenix",
|
"agenix": "agenix",
|
||||||
"chaotic": "chaotic",
|
"chaotic": "chaotic",
|
||||||
|
|
|
@ -28,9 +28,13 @@
|
||||||
url = "github:ezKEa/aagl-gtk-on-nix";
|
url = "github:ezKEa/aagl-gtk-on-nix";
|
||||||
inputs.nixpkgs.follows = "nixpkgs";
|
inputs.nixpkgs.follows = "nixpkgs";
|
||||||
};
|
};
|
||||||
|
aa-alias-manager = {
|
||||||
|
url = "github:LordGrimmauld/aa-alias-manager";
|
||||||
|
inputs.nixpkgs.follows = "nixpkgs";
|
||||||
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
outputs = inputs @ { self, agenix, nixpkgs, chaotic, aagl-gtk-on-nix, nixos-mailserver, nixos-matrix-modules, ... }:
|
outputs = inputs @ { self, agenix, nixpkgs, chaotic, aagl-gtk-on-nix, nixos-mailserver, nixos-matrix-modules, aa-alias-manager, ... }:
|
||||||
let
|
let
|
||||||
patches = [
|
patches = [
|
||||||
./aa_mod.patch
|
./aa_mod.patch
|
||||||
|
@ -69,6 +73,7 @@
|
||||||
chaotic.nixosModules.default
|
chaotic.nixosModules.default
|
||||||
aagl-gtk-on-nix.nixosModules.default
|
aagl-gtk-on-nix.nixosModules.default
|
||||||
./configuration.nix
|
./configuration.nix
|
||||||
|
aa-alias-manager.nixosModules.default
|
||||||
|
|
||||||
./specific/grimm-nixos-ssd/configuration.nix
|
./specific/grimm-nixos-ssd/configuration.nix
|
||||||
];
|
];
|
||||||
|
|
|
@ -24,7 +24,7 @@
|
||||||
boot.supportedFilesystems.zfs = true;
|
boot.supportedFilesystems.zfs = true;
|
||||||
networking.hostId = "40fa5ea8";
|
networking.hostId = "40fa5ea8";
|
||||||
# boot.kernelPackages = config.boot.zfs.package.latestCompatibleLinuxPackages;
|
# boot.kernelPackages = config.boot.zfs.package.latestCompatibleLinuxPackages;
|
||||||
boot.kernelPackages = pkgs.linuxPackages_6_10;
|
boot.kernelPackages = pkgs.linuxPackages_6_6;
|
||||||
boot.extraModulePackages = [ ];
|
boot.extraModulePackages = [ ];
|
||||||
boot.kernelParams = [ "mds=full,nosmt" ];
|
boot.kernelParams = [ "mds=full,nosmt" ];
|
||||||
services.homed.enable = true;
|
services.homed.enable = true;
|
||||||
|
|
Loading…
Reference in a new issue