mirror of
https://github.com/nmasur/dotfiles
synced 2024-11-09 23:22:57 +00:00
fix desktop to work with refactor
This commit is contained in:
parent
2dda6a31bd
commit
e7bbee5da0
@ -1,4 +1,4 @@
|
|||||||
{ inputs, globals, ... }:
|
{ inputs, globals, overlays, ... }:
|
||||||
|
|
||||||
with inputs;
|
with inputs;
|
||||||
|
|
||||||
@ -16,7 +16,7 @@ nixpkgs.lib.nixosSystem {
|
|||||||
{
|
{
|
||||||
physical = true;
|
physical = true;
|
||||||
networking.hostName = "desktop";
|
networking.hostName = "desktop";
|
||||||
nixpkgs.overlays = [ nur.overlay ];
|
nixpkgs.overlays = [ nur.overlay ] ++ overlays;
|
||||||
# Set registry to flake packages, used for nix X commands
|
# Set registry to flake packages, used for nix X commands
|
||||||
nix.registry.nixpkgs.flake = nixpkgs;
|
nix.registry.nixpkgs.flake = nixpkgs;
|
||||||
identityFile = "/home/${globals.user}/.ssh/id_ed25519";
|
identityFile = "/home/${globals.user}/.ssh/id_ed25519";
|
||||||
@ -29,7 +29,9 @@ nixpkgs.lib.nixosSystem {
|
|||||||
gtk.theme.name = nixpkgs.lib.mkDefault "Adwaita-dark";
|
gtk.theme.name = nixpkgs.lib.mkDefault "Adwaita-dark";
|
||||||
passwordHash = nixpkgs.lib.fileContents ../../private/password.sha512;
|
passwordHash = nixpkgs.lib.fileContents ../../private/password.sha512;
|
||||||
wsl.enable = false;
|
wsl.enable = false;
|
||||||
|
publicKey = null;
|
||||||
|
|
||||||
|
neovim.enable = true;
|
||||||
media.enable = true;
|
media.enable = true;
|
||||||
firefox.enable = true;
|
firefox.enable = true;
|
||||||
kitty.enable = true;
|
kitty.enable = true;
|
||||||
|
@ -24,7 +24,6 @@
|
|||||||
# '';
|
# '';
|
||||||
};
|
};
|
||||||
fade = false;
|
fade = false;
|
||||||
experimentalBackends = true;
|
|
||||||
inactiveOpacity = 1.0;
|
inactiveOpacity = 1.0;
|
||||||
menuOpacity = 1.0;
|
menuOpacity = 1.0;
|
||||||
opacityRules = [
|
opacityRules = [
|
||||||
|
@ -1,6 +1,6 @@
|
|||||||
{ config, pkgs, lib, ... }: {
|
{ config, pkgs, lib, ... }: {
|
||||||
|
|
||||||
config = lib.mkIf (config.physical && config.isLinux) {
|
config = lib.mkIf (config.physical && pkgs.stdenv.isLinux) {
|
||||||
|
|
||||||
# Enables wireless support via wpa_supplicant.
|
# Enables wireless support via wpa_supplicant.
|
||||||
networking.wireless.enable = true;
|
networking.wireless.enable = true;
|
||||||
|
@ -4,17 +4,17 @@
|
|||||||
|
|
||||||
backup.s3 = {
|
backup.s3 = {
|
||||||
endpoint = lib.mkOption {
|
endpoint = lib.mkOption {
|
||||||
type = lib.types.str;
|
type = lib.types.nullOr lib.types.str;
|
||||||
description = "S3 endpoint for backups";
|
description = "S3 endpoint for backups";
|
||||||
default = null;
|
default = null;
|
||||||
};
|
};
|
||||||
bucket = lib.mkOption {
|
bucket = lib.mkOption {
|
||||||
type = lib.types.str;
|
type = lib.types.nullOr lib.types.str;
|
||||||
description = "S3 bucket for backups";
|
description = "S3 bucket for backups";
|
||||||
default = null;
|
default = null;
|
||||||
};
|
};
|
||||||
accessKeyId = lib.mkOption {
|
accessKeyId = lib.mkOption {
|
||||||
type = lib.types.str;
|
type = lib.types.nullOr lib.types.str;
|
||||||
description = "S3 access key ID for backups";
|
description = "S3 access key ID for backups";
|
||||||
default = null;
|
default = null;
|
||||||
};
|
};
|
||||||
@ -22,7 +22,7 @@
|
|||||||
|
|
||||||
};
|
};
|
||||||
|
|
||||||
config = {
|
config = lib.mkIf (config.backup.s3.endpoint != null) {
|
||||||
|
|
||||||
users.groups.backup = { };
|
users.groups.backup = { };
|
||||||
|
|
||||||
|
@ -2,7 +2,7 @@
|
|||||||
|
|
||||||
options = {
|
options = {
|
||||||
bookServer = lib.mkOption {
|
bookServer = lib.mkOption {
|
||||||
type = lib.types.str;
|
type = lib.types.nullOr lib.types.str;
|
||||||
description = "Hostname for Calibre library";
|
description = "Hostname for Calibre library";
|
||||||
default = null;
|
default = null;
|
||||||
};
|
};
|
||||||
|
@ -8,7 +8,7 @@ in {
|
|||||||
|
|
||||||
giteaServer = lib.mkOption {
|
giteaServer = lib.mkOption {
|
||||||
description = "Hostname for Gitea.";
|
description = "Hostname for Gitea.";
|
||||||
type = lib.types.str;
|
type = lib.types.nullOr lib.types.str;
|
||||||
default = null;
|
default = null;
|
||||||
};
|
};
|
||||||
|
|
||||||
|
@ -2,7 +2,7 @@
|
|||||||
|
|
||||||
options = {
|
options = {
|
||||||
streamServer = lib.mkOption {
|
streamServer = lib.mkOption {
|
||||||
type = lib.types.str;
|
type = lib.types.nullOr lib.types.str;
|
||||||
description = "Hostname for Jellyfin library";
|
description = "Hostname for Jellyfin library";
|
||||||
default = null;
|
default = null;
|
||||||
};
|
};
|
||||||
|
@ -3,7 +3,7 @@
|
|||||||
options = {
|
options = {
|
||||||
|
|
||||||
nextcloudServer = lib.mkOption {
|
nextcloudServer = lib.mkOption {
|
||||||
type = lib.types.str;
|
type = lib.types.nullOr lib.types.str;
|
||||||
description = "Hostname for Nextcloud";
|
description = "Hostname for Nextcloud";
|
||||||
default = null;
|
default = null;
|
||||||
};
|
};
|
||||||
|
@ -1,7 +1,7 @@
|
|||||||
{ config, pkgs, lib, ... }: {
|
{ config, pkgs, lib, ... }: {
|
||||||
|
|
||||||
options.metricsServer = lib.mkOption {
|
options.metricsServer = lib.mkOption {
|
||||||
type = lib.types.str;
|
type = lib.types.nullOr lib.types.str;
|
||||||
description = "Hostname of the Grafana server.";
|
description = "Hostname of the Grafana server.";
|
||||||
default = null;
|
default = null;
|
||||||
};
|
};
|
||||||
|
@ -2,7 +2,7 @@
|
|||||||
|
|
||||||
options = {
|
options = {
|
||||||
publicKey = lib.mkOption {
|
publicKey = lib.mkOption {
|
||||||
type = lib.types.str;
|
type = lib.types.nullOr lib.types.str;
|
||||||
description = "Public SSH key authorized for this system.";
|
description = "Public SSH key authorized for this system.";
|
||||||
};
|
};
|
||||||
permitRootLogin = lib.mkOption {
|
permitRootLogin = lib.mkOption {
|
||||||
@ -12,25 +12,26 @@
|
|||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
config = lib.mkIf (pkgs.stdenv.isLinux && !config.wsl.enable) {
|
config = lib.mkIf
|
||||||
services.openssh = {
|
(pkgs.stdenv.isLinux && !config.wsl.enable && config.publicKey != null) {
|
||||||
enable = true;
|
services.openssh = {
|
||||||
ports = [ 22 ];
|
enable = true;
|
||||||
passwordAuthentication = false;
|
ports = [ 22 ];
|
||||||
gatewayPorts = "no";
|
passwordAuthentication = false;
|
||||||
forwardX11 = false;
|
gatewayPorts = "no";
|
||||||
allowSFTP = true;
|
forwardX11 = false;
|
||||||
permitRootLogin = config.permitRootLogin;
|
allowSFTP = true;
|
||||||
|
permitRootLogin = config.permitRootLogin;
|
||||||
|
};
|
||||||
|
|
||||||
|
users.users.${config.user}.openssh.authorizedKeys.keys =
|
||||||
|
[ config.publicKey ];
|
||||||
|
|
||||||
|
# Implement a simple fail2ban service for sshd
|
||||||
|
services.sshguard.enable = true;
|
||||||
|
|
||||||
|
# Add terminfo for SSH from popular terminal emulators
|
||||||
|
environment.enableAllTerminfo = true;
|
||||||
};
|
};
|
||||||
|
|
||||||
users.users.${config.user}.openssh.authorizedKeys.keys =
|
|
||||||
[ config.publicKey ];
|
|
||||||
|
|
||||||
# Implement a simple fail2ban service for sshd
|
|
||||||
services.sshguard.enable = true;
|
|
||||||
|
|
||||||
# Add terminfo for SSH from popular terminal emulators
|
|
||||||
environment.enableAllTerminfo = true;
|
|
||||||
};
|
|
||||||
|
|
||||||
}
|
}
|
||||||
|
@ -8,7 +8,7 @@ in {
|
|||||||
|
|
||||||
vaultwardenServer = lib.mkOption {
|
vaultwardenServer = lib.mkOption {
|
||||||
description = "Hostname for Vaultwarden.";
|
description = "Hostname for Vaultwarden.";
|
||||||
type = lib.types.str;
|
type = lib.types.nullOr lib.types.str;
|
||||||
default = null;
|
default = null;
|
||||||
};
|
};
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user