diff options
Diffstat (limited to 'os/cez')
-rw-r--r-- | os/cez/configuration.nix | 40 | ||||
-rw-r--r-- | os/cez/modules/getty.nix | 15 | ||||
-rw-r--r-- | os/cez/modules/network.nix | 15 | ||||
-rw-r--r-- | os/cez/modules/sshfs.nix | 27 | ||||
-rw-r--r-- | os/cez/modules/wayland.nix | 41 | ||||
-rw-r--r-- | os/cez/modules/wireguard.nix | 7 | ||||
-rw-r--r-- | os/cez/secrets.yaml | 5 |
7 files changed, 10 insertions, 140 deletions
diff --git a/os/cez/configuration.nix b/os/cez/configuration.nix index f8c9dfe..655ff8b 100644 --- a/os/cez/configuration.nix +++ b/os/cez/configuration.nix @@ -1,42 +1,14 @@ -{ config, pkgs, ... }: let - user = config.global.userdata.name; -in { +{ ... }: { imports = [ - ../common/configuration.nix + ../pc/configuration.nix ./hardware-configuration.nix - ./modules/wayland.nix - ./modules/sshfs.nix ./modules/wireguard.nix - ./modules/network.nix ./modules/tlp.nix - ./modules/getty.nix ]; - boot = { - consoleLogLevel = 3; - kernelPackages = pkgs.linuxPackages_latest; - }; - - sound = { - enable = true; - extraConfig = '' - defaults.pcm.card 1 - defaults.ctl.card 1 - ''; - }; - - services.pipewire = { - enable = true; - pulse.enable = true; - }; - - programs.adb.enable = true; - users.users.${user} = { - extraGroups = [ "adbusers" ]; - packages = with pkgs; [ - ffmpeg - (pass.withExtensions (exts: [ exts.pass-otp ])) - ]; - }; + sound.extraConfig = '' + defaults.pcm.card 1 + defaults.ctl.card 1 + ''; } diff --git a/os/cez/modules/getty.nix b/os/cez/modules/getty.nix deleted file mode 100644 index 8c7f57e..0000000 --- a/os/cez/modules/getty.nix +++ /dev/null @@ -1,15 +0,0 @@ -{ config, ... }: let - user = config.global.userdata.name; -in { - systemd.services."getty@".serviceConfig.TTYVTDisallocate = "no"; - - services.getty = { - loginOptions = "-f ${user}"; - extraArgs = [ - "--nonewline" - "--skip-login" - "--noclear" - "--noissue" - ]; - }; -} diff --git a/os/cez/modules/network.nix b/os/cez/modules/network.nix deleted file mode 100644 index fb30056..0000000 --- a/os/cez/modules/network.nix +++ /dev/null @@ -1,15 +0,0 @@ -{ ... }: - -{ - networking = { - firewall.enable = false; - - wireless.iwd = { - enable = true; - settings = { - General.EnableNetworkConfiguration = true; - Network.NameResolvingService = "resolvconf"; - }; - }; - }; -} diff --git a/os/cez/modules/sshfs.nix b/os/cez/modules/sshfs.nix deleted file mode 100644 index 5fdbeaf..0000000 --- a/os/cez/modules/sshfs.nix +++ /dev/null @@ -1,27 +0,0 @@ -{ config, pkgs, ... }: - -let - domain = config.global.userdata.domain; - user = config.global.userdata.name; - uid = config.users.users.${user}.uid; - gid = config.users.groups.users.gid; -in -{ - sops.secrets."misc/sftp" = {}; - system.fsPackages = with pkgs; [ sshfs ]; - - fileSystems."/media/kay" = { - device = "sftp@${domain}:"; - fsType = "sshfs"; - options = [ - "allow_other" # for non-root access - "uid=${toString uid}" - "gid=${toString gid}" - "_netdev" # this is a network fs - "x-systemd.automount" # mount on demand - "reconnect" # handle connection drops - "ServerAliveInterval=15" # keep connections alive - "IdentityFile=${config.sops.secrets."misc/sftp".path}" - ]; - }; -} diff --git a/os/cez/modules/wayland.nix b/os/cez/modules/wayland.nix deleted file mode 100644 index 872c7fb..0000000 --- a/os/cez/modules/wayland.nix +++ /dev/null @@ -1,41 +0,0 @@ -{ config, pkgs, ... }: let - user = config.global.userdata.name; - - fontSans = config.global.font.sans.name; - fontMonospace = config.global.font.monospace.name; - fontPackages = config.global.font.monospace.packages - ++ config.global.font.sans.packages; -in { - fonts = { - packages = fontPackages; - enableDefaultPackages = true; - fontconfig = { - hinting.style = "full"; - subpixel.rgba = "rgb"; - defaultFonts = { - monospace = [ fontMonospace ]; - serif = [ fontSans ]; - sansSerif = [ fontSans ]; - }; - }; - }; - - users.users.${user}.extraGroups = [ "seat" ]; - services = { - seatd.enable = true; - dbus = { - enable = true; - implementation = "broker"; - }; - }; - - programs = { - gnupg.agent = { - enable = true; - pinentryPackage = pkgs.pinentry-bemenu; - }; - }; - - security.pam.services.swaylock = {}; - hardware.opengl.enable = true; -} diff --git a/os/cez/modules/wireguard.nix b/os/cez/modules/wireguard.nix index 706751c..40dd796 100644 --- a/os/cez/modules/wireguard.nix +++ b/os/cez/modules/wireguard.nix @@ -1,9 +1,6 @@ -{ config, ... }: - -let +{ config, ... }: let domain = config.global.userdata.domain; -in -{ +in { sops.secrets."misc/wireguard" = {}; networking.wg-quick.interfaces."kay" = { diff --git a/os/cez/secrets.yaml b/os/cez/secrets.yaml index f72eba6..5cfd108 100644 --- a/os/cez/secrets.yaml +++ b/os/cez/secrets.yaml @@ -1,5 +1,4 @@ misc: - sftp: ENC[AES256_GCM,data:xic1JI1RHo3Xc/izQBubMQ5TEvQxeFIOEbkFj/MWjw7UOgQrQEozfhvmGvB3lqjdgO2e2RXYHc7RvwAfquZN9QWFFp7vS7JqhqGTg4+I0JNh28LDsdzeAXe7d4yLkJ5cl4EhU5a6Zd9Qo60JyO8HRAMSXQBuHMzTW0A4achARcTguyJUiCntxvyLiKPZGdGj7HsHfxr32S1ieejGDqxuOLTrssOgyxikWT+PqibWie+JDH20+ZP8l6ip8FdNaWcyzfED/SJybpRbDBvL3iXw9tb67SeRWKR8I91nyyLh69hwLHrp/IgboDlCW8/ZmOYoRWCJF4lH86v3312wuoU60x8IoSL7YhWW5N3WQpWxWeEmLlMFD0x6LcJclUeoIlpVNvR8wDNKeayHhdLChIs2ZiEUAAIaTcUKdWWccY7JraMosqKgS9BmnjLJLEei9kFEF+y97QxQ/q4AfyFPbajxSd7aujqXuUfqpL1aLgt65h1TyOKN3E3Y2faiTaR76EALyv2d4PdYHWhkhxXVATRhsG+N2Mg9FSCciGnD7wlu9IR28HrbLuvX7W2KsLDVdI2oBtfExTf8YQwPSk1vp28=,iv:VyhdbfiiQJqG6cKAz6WjmlG3MkM25VzQzfCt1qYgH4M=,tag:KIoEb/dkEPpeaCJaNkAflw==,type:str] wireguard: ENC[AES256_GCM,data:WUHMeYro1PS25wEtsQKHHtpLXbtox8JtqX5863dHelBIA2SB7YZ+eWyv5hQ=,iv:hGgR3UcFeVGZjWJjdnVuQeUQtz3p4Lh6QRBJDfTr9Qo=,tag:4qpU9Ue4QtfBINdy0CSdvw==,type:str] sops: kms: [] @@ -25,8 +24,8 @@ sops: dVZ3V0VUQzF5VzN0RFM5c0RjZHpJZ0EK09qgyPHEhHgRZt2GZQB5IM9Z/nfYXW28 fcfmF6pko9qOYQ72P7vwv8Xub0SEI8GKGQwz2QPDJT9gd1qtipuhuQ== -----END AGE ENCRYPTED FILE----- - lastmodified: "2024-01-09T06:00:09Z" - mac: ENC[AES256_GCM,data:WkXFwF0bHvFvNTlLKrGk6iQpk5RqMIapluqyv3rcKATP4S1rQSCXwlUn88TNfKeOsJ6pSqoBmwPNjufr9SNrPZZNKYZ4sA4yft9jgCeBcyX6TaPPA123qL8xM3C2TcaE1oBrG9fwmMgEJMYJA7LxBAXz4sW17geb/y4TZgUDwBw=,iv:VJzYR0dbT761ezejxOwPO6x8cKPAzMZtwZHWvPhiDzI=,tag:Xu43SfKeGgCJivfgk+vp3Q==,type:str] + lastmodified: "2024-06-04T10:16:20Z" + mac: ENC[AES256_GCM,data:NhVEt9Yg3J3+L1CqaI2IKFtC4VG9FdDkTOuDwc/hbwDvJmdbT7YocyQSX4IxsZ5ZxpaFXcp56C+QE5tDyjdWJs+njcxm8zDLsXaCfu3vLn7JHgzeQ9JeKeCzWV2oAj+PaTiY64QuhDP3LhaFZEZPEPJK5lGYR0XEZQHV2ngtF3U=,iv:LEkUb2cthtT+QG0SryRG17a5VRBli8PtRfhf1gTGBLo=,tag:G1Lo7tGUMWxgvSEQIuIAaw==,type:str] pgp: [] unencrypted_suffix: _unencrypted version: 3.8.1 |