fix desktop to work with refactor

This commit is contained in:
Noah Masur 2023-01-21 09:29:03 -05:00
parent 2dda6a31bd
commit e7bbee5da0
11 changed files with 36 additions and 34 deletions

View File

@ -1,4 +1,4 @@
{ inputs, globals, ... }: { inputs, globals, overlays, ... }:
with inputs; with inputs;
@ -16,7 +16,7 @@ nixpkgs.lib.nixosSystem {
{ {
physical = true; physical = true;
networking.hostName = "desktop"; networking.hostName = "desktop";
nixpkgs.overlays = [ nur.overlay ]; nixpkgs.overlays = [ nur.overlay ] ++ overlays;
# Set registry to flake packages, used for nix X commands # Set registry to flake packages, used for nix X commands
nix.registry.nixpkgs.flake = nixpkgs; nix.registry.nixpkgs.flake = nixpkgs;
identityFile = "/home/${globals.user}/.ssh/id_ed25519"; identityFile = "/home/${globals.user}/.ssh/id_ed25519";
@ -29,7 +29,9 @@ nixpkgs.lib.nixosSystem {
gtk.theme.name = nixpkgs.lib.mkDefault "Adwaita-dark"; gtk.theme.name = nixpkgs.lib.mkDefault "Adwaita-dark";
passwordHash = nixpkgs.lib.fileContents ../../private/password.sha512; passwordHash = nixpkgs.lib.fileContents ../../private/password.sha512;
wsl.enable = false; wsl.enable = false;
publicKey = null;
neovim.enable = true;
media.enable = true; media.enable = true;
firefox.enable = true; firefox.enable = true;
kitty.enable = true; kitty.enable = true;

View File

@ -24,7 +24,6 @@
# ''; # '';
}; };
fade = false; fade = false;
experimentalBackends = true;
inactiveOpacity = 1.0; inactiveOpacity = 1.0;
menuOpacity = 1.0; menuOpacity = 1.0;
opacityRules = [ opacityRules = [

View File

@ -1,6 +1,6 @@
{ config, pkgs, lib, ... }: { { config, pkgs, lib, ... }: {
config = lib.mkIf (config.physical && config.isLinux) { config = lib.mkIf (config.physical && pkgs.stdenv.isLinux) {
# Enables wireless support via wpa_supplicant. # Enables wireless support via wpa_supplicant.
networking.wireless.enable = true; networking.wireless.enable = true;

View File

@ -4,17 +4,17 @@
backup.s3 = { backup.s3 = {
endpoint = lib.mkOption { endpoint = lib.mkOption {
type = lib.types.str; type = lib.types.nullOr lib.types.str;
description = "S3 endpoint for backups"; description = "S3 endpoint for backups";
default = null; default = null;
}; };
bucket = lib.mkOption { bucket = lib.mkOption {
type = lib.types.str; type = lib.types.nullOr lib.types.str;
description = "S3 bucket for backups"; description = "S3 bucket for backups";
default = null; default = null;
}; };
accessKeyId = lib.mkOption { accessKeyId = lib.mkOption {
type = lib.types.str; type = lib.types.nullOr lib.types.str;
description = "S3 access key ID for backups"; description = "S3 access key ID for backups";
default = null; default = null;
}; };
@ -22,7 +22,7 @@
}; };
config = { config = lib.mkIf (config.backup.s3.endpoint != null) {
users.groups.backup = { }; users.groups.backup = { };

View File

@ -2,7 +2,7 @@
options = { options = {
bookServer = lib.mkOption { bookServer = lib.mkOption {
type = lib.types.str; type = lib.types.nullOr lib.types.str;
description = "Hostname for Calibre library"; description = "Hostname for Calibre library";
default = null; default = null;
}; };

View File

@ -8,7 +8,7 @@ in {
giteaServer = lib.mkOption { giteaServer = lib.mkOption {
description = "Hostname for Gitea."; description = "Hostname for Gitea.";
type = lib.types.str; type = lib.types.nullOr lib.types.str;
default = null; default = null;
}; };

View File

@ -2,7 +2,7 @@
options = { options = {
streamServer = lib.mkOption { streamServer = lib.mkOption {
type = lib.types.str; type = lib.types.nullOr lib.types.str;
description = "Hostname for Jellyfin library"; description = "Hostname for Jellyfin library";
default = null; default = null;
}; };

View File

@ -3,7 +3,7 @@
options = { options = {
nextcloudServer = lib.mkOption { nextcloudServer = lib.mkOption {
type = lib.types.str; type = lib.types.nullOr lib.types.str;
description = "Hostname for Nextcloud"; description = "Hostname for Nextcloud";
default = null; default = null;
}; };

View File

@ -1,7 +1,7 @@
{ config, pkgs, lib, ... }: { { config, pkgs, lib, ... }: {
options.metricsServer = lib.mkOption { options.metricsServer = lib.mkOption {
type = lib.types.str; type = lib.types.nullOr lib.types.str;
description = "Hostname of the Grafana server."; description = "Hostname of the Grafana server.";
default = null; default = null;
}; };

View File

@ -2,7 +2,7 @@
options = { options = {
publicKey = lib.mkOption { publicKey = lib.mkOption {
type = lib.types.str; type = lib.types.nullOr lib.types.str;
description = "Public SSH key authorized for this system."; description = "Public SSH key authorized for this system.";
}; };
permitRootLogin = lib.mkOption { permitRootLogin = lib.mkOption {
@ -12,25 +12,26 @@
}; };
}; };
config = lib.mkIf (pkgs.stdenv.isLinux && !config.wsl.enable) { config = lib.mkIf
services.openssh = { (pkgs.stdenv.isLinux && !config.wsl.enable && config.publicKey != null) {
enable = true; services.openssh = {
ports = [ 22 ]; enable = true;
passwordAuthentication = false; ports = [ 22 ];
gatewayPorts = "no"; passwordAuthentication = false;
forwardX11 = false; gatewayPorts = "no";
allowSFTP = true; forwardX11 = false;
permitRootLogin = config.permitRootLogin; allowSFTP = true;
permitRootLogin = config.permitRootLogin;
};
users.users.${config.user}.openssh.authorizedKeys.keys =
[ config.publicKey ];
# Implement a simple fail2ban service for sshd
services.sshguard.enable = true;
# Add terminfo for SSH from popular terminal emulators
environment.enableAllTerminfo = true;
}; };
users.users.${config.user}.openssh.authorizedKeys.keys =
[ config.publicKey ];
# Implement a simple fail2ban service for sshd
services.sshguard.enable = true;
# Add terminfo for SSH from popular terminal emulators
environment.enableAllTerminfo = true;
};
} }

View File

@ -8,7 +8,7 @@ in {
vaultwardenServer = lib.mkOption { vaultwardenServer = lib.mkOption {
description = "Hostname for Vaultwarden."; description = "Hostname for Vaultwarden.";
type = lib.types.str; type = lib.types.nullOr lib.types.str;
default = null; default = null;
}; };