mirror of
https://github.com/nmasur/dotfiles
synced 2024-11-22 18:05:37 +00:00
fix desktop to work with refactor
This commit is contained in:
parent
2dda6a31bd
commit
e7bbee5da0
@ -1,4 +1,4 @@
|
||||
{ inputs, globals, ... }:
|
||||
{ inputs, globals, overlays, ... }:
|
||||
|
||||
with inputs;
|
||||
|
||||
@ -16,7 +16,7 @@ nixpkgs.lib.nixosSystem {
|
||||
{
|
||||
physical = true;
|
||||
networking.hostName = "desktop";
|
||||
nixpkgs.overlays = [ nur.overlay ];
|
||||
nixpkgs.overlays = [ nur.overlay ] ++ overlays;
|
||||
# Set registry to flake packages, used for nix X commands
|
||||
nix.registry.nixpkgs.flake = nixpkgs;
|
||||
identityFile = "/home/${globals.user}/.ssh/id_ed25519";
|
||||
@ -29,7 +29,9 @@ nixpkgs.lib.nixosSystem {
|
||||
gtk.theme.name = nixpkgs.lib.mkDefault "Adwaita-dark";
|
||||
passwordHash = nixpkgs.lib.fileContents ../../private/password.sha512;
|
||||
wsl.enable = false;
|
||||
publicKey = null;
|
||||
|
||||
neovim.enable = true;
|
||||
media.enable = true;
|
||||
firefox.enable = true;
|
||||
kitty.enable = true;
|
||||
|
@ -24,7 +24,6 @@
|
||||
# '';
|
||||
};
|
||||
fade = false;
|
||||
experimentalBackends = true;
|
||||
inactiveOpacity = 1.0;
|
||||
menuOpacity = 1.0;
|
||||
opacityRules = [
|
||||
|
@ -1,6 +1,6 @@
|
||||
{ config, pkgs, lib, ... }: {
|
||||
|
||||
config = lib.mkIf (config.physical && config.isLinux) {
|
||||
config = lib.mkIf (config.physical && pkgs.stdenv.isLinux) {
|
||||
|
||||
# Enables wireless support via wpa_supplicant.
|
||||
networking.wireless.enable = true;
|
||||
|
@ -4,17 +4,17 @@
|
||||
|
||||
backup.s3 = {
|
||||
endpoint = lib.mkOption {
|
||||
type = lib.types.str;
|
||||
type = lib.types.nullOr lib.types.str;
|
||||
description = "S3 endpoint for backups";
|
||||
default = null;
|
||||
};
|
||||
bucket = lib.mkOption {
|
||||
type = lib.types.str;
|
||||
type = lib.types.nullOr lib.types.str;
|
||||
description = "S3 bucket for backups";
|
||||
default = null;
|
||||
};
|
||||
accessKeyId = lib.mkOption {
|
||||
type = lib.types.str;
|
||||
type = lib.types.nullOr lib.types.str;
|
||||
description = "S3 access key ID for backups";
|
||||
default = null;
|
||||
};
|
||||
@ -22,7 +22,7 @@
|
||||
|
||||
};
|
||||
|
||||
config = {
|
||||
config = lib.mkIf (config.backup.s3.endpoint != null) {
|
||||
|
||||
users.groups.backup = { };
|
||||
|
||||
|
@ -2,7 +2,7 @@
|
||||
|
||||
options = {
|
||||
bookServer = lib.mkOption {
|
||||
type = lib.types.str;
|
||||
type = lib.types.nullOr lib.types.str;
|
||||
description = "Hostname for Calibre library";
|
||||
default = null;
|
||||
};
|
||||
|
@ -8,7 +8,7 @@ in {
|
||||
|
||||
giteaServer = lib.mkOption {
|
||||
description = "Hostname for Gitea.";
|
||||
type = lib.types.str;
|
||||
type = lib.types.nullOr lib.types.str;
|
||||
default = null;
|
||||
};
|
||||
|
||||
|
@ -2,7 +2,7 @@
|
||||
|
||||
options = {
|
||||
streamServer = lib.mkOption {
|
||||
type = lib.types.str;
|
||||
type = lib.types.nullOr lib.types.str;
|
||||
description = "Hostname for Jellyfin library";
|
||||
default = null;
|
||||
};
|
||||
|
@ -3,7 +3,7 @@
|
||||
options = {
|
||||
|
||||
nextcloudServer = lib.mkOption {
|
||||
type = lib.types.str;
|
||||
type = lib.types.nullOr lib.types.str;
|
||||
description = "Hostname for Nextcloud";
|
||||
default = null;
|
||||
};
|
||||
|
@ -1,7 +1,7 @@
|
||||
{ config, pkgs, lib, ... }: {
|
||||
|
||||
options.metricsServer = lib.mkOption {
|
||||
type = lib.types.str;
|
||||
type = lib.types.nullOr lib.types.str;
|
||||
description = "Hostname of the Grafana server.";
|
||||
default = null;
|
||||
};
|
||||
|
@ -2,7 +2,7 @@
|
||||
|
||||
options = {
|
||||
publicKey = lib.mkOption {
|
||||
type = lib.types.str;
|
||||
type = lib.types.nullOr lib.types.str;
|
||||
description = "Public SSH key authorized for this system.";
|
||||
};
|
||||
permitRootLogin = lib.mkOption {
|
||||
@ -12,25 +12,26 @@
|
||||
};
|
||||
};
|
||||
|
||||
config = lib.mkIf (pkgs.stdenv.isLinux && !config.wsl.enable) {
|
||||
services.openssh = {
|
||||
enable = true;
|
||||
ports = [ 22 ];
|
||||
passwordAuthentication = false;
|
||||
gatewayPorts = "no";
|
||||
forwardX11 = false;
|
||||
allowSFTP = true;
|
||||
permitRootLogin = config.permitRootLogin;
|
||||
config = lib.mkIf
|
||||
(pkgs.stdenv.isLinux && !config.wsl.enable && config.publicKey != null) {
|
||||
services.openssh = {
|
||||
enable = true;
|
||||
ports = [ 22 ];
|
||||
passwordAuthentication = false;
|
||||
gatewayPorts = "no";
|
||||
forwardX11 = false;
|
||||
allowSFTP = true;
|
||||
permitRootLogin = config.permitRootLogin;
|
||||
};
|
||||
|
||||
users.users.${config.user}.openssh.authorizedKeys.keys =
|
||||
[ config.publicKey ];
|
||||
|
||||
# Implement a simple fail2ban service for sshd
|
||||
services.sshguard.enable = true;
|
||||
|
||||
# Add terminfo for SSH from popular terminal emulators
|
||||
environment.enableAllTerminfo = true;
|
||||
};
|
||||
|
||||
users.users.${config.user}.openssh.authorizedKeys.keys =
|
||||
[ config.publicKey ];
|
||||
|
||||
# Implement a simple fail2ban service for sshd
|
||||
services.sshguard.enable = true;
|
||||
|
||||
# Add terminfo for SSH from popular terminal emulators
|
||||
environment.enableAllTerminfo = true;
|
||||
};
|
||||
|
||||
}
|
||||
|
@ -8,7 +8,7 @@ in {
|
||||
|
||||
vaultwardenServer = lib.mkOption {
|
||||
description = "Hostname for Vaultwarden.";
|
||||
type = lib.types.str;
|
||||
type = lib.types.nullOr lib.types.str;
|
||||
default = null;
|
||||
};
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user