summaryrefslogtreecommitdiff
path: root/os/pc
diff options
context:
space:
mode:
Diffstat (limited to 'os/pc')
-rw-r--r--os/pc/configuration.nix10
-rw-r--r--os/pc/modules/firejail.nix3
-rw-r--r--os/pc/modules/getty.nix6
-rw-r--r--os/pc/modules/network.nix5
-rw-r--r--os/pc/modules/nocodb.nix11
-rw-r--r--os/pc/modules/nopolkit.nix45
-rw-r--r--os/pc/modules/sshfs.nix12
-rw-r--r--os/pc/modules/wayland.nix34
8 files changed, 77 insertions, 49 deletions
diff --git a/os/pc/configuration.nix b/os/pc/configuration.nix
index 7e7218a..33f38cd 100644
--- a/os/pc/configuration.nix
+++ b/os/pc/configuration.nix
@@ -1,6 +1,8 @@
-{ config, pkgs, ... }: let
+{ config, pkgs, ... }:
+let
user = config.global.userdata.name;
-in {
+in
+{
imports = [
../common/configuration.nix
@@ -19,8 +21,8 @@ in {
};
services.pipewire = {
- enable = true;
- pulse.enable = true;
+ enable = true;
+ pulse.enable = true;
};
documentation.dev.enable = true;
diff --git a/os/pc/modules/firejail.nix b/os/pc/modules/firejail.nix
index 920607e..f915d07 100644
--- a/os/pc/modules/firejail.nix
+++ b/os/pc/modules/firejail.nix
@@ -1,4 +1,5 @@
-{ pkgs, lib, ... }: {
+{ pkgs, lib, ... }:
+{
programs.firejail = {
enable = true;
diff --git a/os/pc/modules/getty.nix b/os/pc/modules/getty.nix
index 8c7f57e..c0d5d1c 100644
--- a/os/pc/modules/getty.nix
+++ b/os/pc/modules/getty.nix
@@ -1,6 +1,8 @@
-{ config, ... }: let
+{ config, ... }:
+let
user = config.global.userdata.name;
-in {
+in
+{
systemd.services."getty@".serviceConfig.TTYVTDisallocate = "no";
services.getty = {
diff --git a/os/pc/modules/network.nix b/os/pc/modules/network.nix
index 6e07963..029822f 100644
--- a/os/pc/modules/network.nix
+++ b/os/pc/modules/network.nix
@@ -1,5 +1,6 @@
-{ ... }: {
- networking.wireless.iwd = {
+{ ... }:
+{
+ networking.wireless.iwd = {
enable = true;
settings = {
diff --git a/os/pc/modules/nocodb.nix b/os/pc/modules/nocodb.nix
index 6b26bf2..9bd1d75 100644
--- a/os/pc/modules/nocodb.nix
+++ b/os/pc/modules/nocodb.nix
@@ -1,6 +1,13 @@
-{ config, pkgs, lib, ... }: let
+{
+ config,
+ pkgs,
+ lib,
+ ...
+}:
+let
user = config.global.userdata.name;
-in {
+in
+{
programs.firejail.wrappedBinaries.slack = {
executable = lib.getExe pkgs.slack;
profile = "${pkgs.firejail}/etc/firejail/slack.profile";
diff --git a/os/pc/modules/nopolkit.nix b/os/pc/modules/nopolkit.nix
index 0c45f41..f7148aa 100644
--- a/os/pc/modules/nopolkit.nix
+++ b/os/pc/modules/nopolkit.nix
@@ -1,26 +1,33 @@
-{ config, pkgs, ... }: let
+{ config, pkgs, ... }:
+let
user = config.global.userdata.name;
-in {
+in
+{
security.sudo = {
enable = true;
- extraRules = [{
- commands = [
- {
- command = "${pkgs.systemd}/bin/systemctl suspend-then-hibernate";
- options = [ "SETENV" "NOPASSWD" ];
- }
- {
- command = "${pkgs.systemd}/bin/reboot";
- options = [ "NOPASSWD" ];
- }
- {
- command = "${pkgs.systemd}/bin/poweroff";
- options = [ "NOPASSWD" ];
- }
- ];
+ extraRules = [
+ {
+ commands = [
+ {
+ command = "${pkgs.systemd}/bin/systemctl suspend-then-hibernate";
+ options = [
+ "SETENV"
+ "NOPASSWD"
+ ];
+ }
+ {
+ command = "${pkgs.systemd}/bin/reboot";
+ options = [ "NOPASSWD" ];
+ }
+ {
+ command = "${pkgs.systemd}/bin/poweroff";
+ options = [ "NOPASSWD" ];
+ }
+ ];
- users = [ user ];
- }];
+ users = [ user ];
+ }
+ ];
};
}
diff --git a/os/pc/modules/sshfs.nix b/os/pc/modules/sshfs.nix
index 2dbccce..b173d7c 100644
--- a/os/pc/modules/sshfs.nix
+++ b/os/pc/modules/sshfs.nix
@@ -1,9 +1,11 @@
-{ config, pkgs, ... }: let
+{ config, pkgs, ... }:
+let
domain = config.global.userdata.domain;
user = config.global.userdata.name;
uid = config.users.users.${user}.uid;
gid = config.users.groups.users.gid;
-in {
+in
+{
sops.secrets."misc/sftp".sopsFile = ../secrets.yaml;
system.fsPackages = with pkgs; [ sshfs ];
@@ -12,12 +14,12 @@ in {
fsType = "sshfs";
options = [
- "allow_other" # for non-root access
+ "allow_other" # for non-root access
"uid=${toString uid}"
"gid=${toString gid}"
- "_netdev" # this is a network fs
+ "_netdev" # this is a network fs
"x-systemd.automount" # mount on demand
- "reconnect" # handle connection drops
+ "reconnect" # handle connection drops
"ServerAliveInterval=15" # keep connections alive
"IdentityFile=${config.sops.secrets."misc/sftp".path}"
];
diff --git a/os/pc/modules/wayland.nix b/os/pc/modules/wayland.nix
index 33f25c8..6787e9a 100644
--- a/os/pc/modules/wayland.nix
+++ b/os/pc/modules/wayland.nix
@@ -1,11 +1,12 @@
-{ config, pkgs, ... }: let
+{ config, pkgs, ... }:
+let
user = config.global.userdata.name;
fontSans = config.global.font.sans.name;
fontMonospace = config.global.font.monospace.name;
- fontPackages = config.global.font.monospace.packages
- ++ config.global.font.sans.packages;
-in {
+ fontPackages = config.global.font.monospace.packages ++ config.global.font.sans.packages;
+in
+{
fonts = {
packages = fontPackages;
enableDefaultPackages = true;
@@ -32,7 +33,10 @@ in {
};
systemd.services.swaynag_battery = {
- path = [ pkgs.sway pkgs.systemd ];
+ path = [
+ pkgs.sway
+ pkgs.systemd
+ ];
environment = {
# TODO: don't hardcode them
WAYLAND_DISPLAY = "wayland-1";
@@ -46,19 +50,21 @@ in {
systemctl hibernate
'';
};
- services.udev.extraRules = let
- start = "${pkgs.systemd}/bin/systemctl start swaynag_battery";
- stop = "${pkgs.systemd}/bin/systemctl stop swaynag_battery";
- in ''
- SUBSYSTEM=="power_supply", ATTR{status}=="Discharging", ATTR{capacity}=="[0-9]", RUN+="${start}"
- SUBSYSTEM=="power_supply", ENV{POWER_SUPPLY_ONLINE}=="1", RUN+="${stop}"
- SUBSYSTEM=="power_supply", ATTR{status}=="Charging", RUN+="${stop}"
- '';
+ services.udev.extraRules =
+ let
+ start = "${pkgs.systemd}/bin/systemctl start swaynag_battery";
+ stop = "${pkgs.systemd}/bin/systemctl stop swaynag_battery";
+ in
+ ''
+ SUBSYSTEM=="power_supply", ATTR{status}=="Discharging", ATTR{capacity}=="[0-9]", RUN+="${start}"
+ SUBSYSTEM=="power_supply", ENV{POWER_SUPPLY_ONLINE}=="1", RUN+="${stop}"
+ SUBSYSTEM=="power_supply", ATTR{status}=="Charging", RUN+="${stop}"
+ '';
hardware.graphics = {
enable = true;
enable32Bit = true;
};
- security.pam.services.swaylock = {};
+ security.pam.services.swaylock = { };
}