Setup maryland
This commit is contained in:
parent
833c2c5158
commit
f861e50f3e
39
flake.lock
39
flake.lock
|
@ -197,11 +197,11 @@
|
|||
"nixpkgs": "nixpkgs"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1710427903,
|
||||
"narHash": "sha256-sV0Q5ndvfjK9JfCg/QM/HX/fcittohvtq8dD62isxdM=",
|
||||
"lastModified": 1711462743,
|
||||
"narHash": "sha256-3wKGpHy9Kyh98DrziqC/s//60Q0pE17NgbY93L0uWng=",
|
||||
"owner": "nix-community",
|
||||
"repo": "disko",
|
||||
"rev": "21d89b333ca300bef82c928c856d48b94a9f997c",
|
||||
"rev": "a6717b1afee7ae955c61eefdf0ce8f864ef78115",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -238,10 +238,11 @@
|
|||
"nixpkgs": "nixpkgs_3"
|
||||
},
|
||||
"locked": {
|
||||
"dirtyRev": "70f14f5928c6cffb3be81784425b57d984a00acd-dirty",
|
||||
"dirtyShortRev": "70f14f5-dirty",
|
||||
"lastModified": 1710021649,
|
||||
"narHash": "sha256-3gmgWWaVJNW1xpbov8dVkf3EGucNXQggd5KsYONfTo0=",
|
||||
"lastModified": 1711478570,
|
||||
"narHash": "sha256-qjzwq2qj0e9EpN7QYTnTXipHmrWWUG3bEARmzju81OI=",
|
||||
"ref": "refs/heads/v4",
|
||||
"rev": "2d459669cb67e1960579e97e05ccac05c993b70a",
|
||||
"revCount": 1063,
|
||||
"type": "git",
|
||||
"url": "file:///home/lxsameer/src/fg42"
|
||||
},
|
||||
|
@ -418,11 +419,11 @@
|
|||
},
|
||||
"nixlib": {
|
||||
"locked": {
|
||||
"lastModified": 1710031547,
|
||||
"narHash": "sha256-pkUg3hOKuGWMGF9WEMPPN/G4pqqdbNGJQ54yhyQYDVY=",
|
||||
"lastModified": 1711241261,
|
||||
"narHash": "sha256-knrTvpl81yGFHIpm1SsLDApe0thFkw1cl3ISAMPmP/0=",
|
||||
"owner": "nix-community",
|
||||
"repo": "nixpkgs.lib",
|
||||
"rev": "630ebdc047ca96d8126e16bb664c7730dc52f6e6",
|
||||
"rev": "b2a1eeef8c185f6bd27432b053ff09d773244cbc",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -439,11 +440,11 @@
|
|||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1710398463,
|
||||
"narHash": "sha256-fQlYanU84E8uwBpcoTCcLCwU8cqn0eQ7nwTcrWfSngc=",
|
||||
"lastModified": 1711375484,
|
||||
"narHash": "sha256-+d4HqehyQvuHUKR8Nv9HGGd/SP5wjg3MA/hEYJBWQq0=",
|
||||
"owner": "nix-community",
|
||||
"repo": "nixos-generators",
|
||||
"rev": "efd4e38532b5abfaa5c9fc95c5a913157dc20ccb",
|
||||
"rev": "2b3720c7af2271be8cee713cd2f69c5127b0a8e4",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -454,11 +455,11 @@
|
|||
},
|
||||
"nixos-hardware": {
|
||||
"locked": {
|
||||
"lastModified": 1710123225,
|
||||
"narHash": "sha256-j3oWlxRZxB7cFsgEntpH3rosjFHRkAo/dhX9H3OfxtY=",
|
||||
"lastModified": 1711352745,
|
||||
"narHash": "sha256-luvqik+i3HTvCbXQZgB6uggvEcxI9uae0nmrgtXJ17U=",
|
||||
"owner": "nixos",
|
||||
"repo": "nixos-hardware",
|
||||
"rev": "ad2fd7b978d5e462048729a6c635c45d3d33c9ba",
|
||||
"rev": "9a763a7acc4cfbb8603bb0231fec3eda864f81c0",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -469,11 +470,11 @@
|
|||
},
|
||||
"nixpkgs": {
|
||||
"locked": {
|
||||
"lastModified": 1710346304,
|
||||
"narHash": "sha256-vwoyBoCovK7+vdbCYqL9MssoFQjaXtZN8sElcjUdbx8=",
|
||||
"lastModified": 1710889954,
|
||||
"narHash": "sha256-Pr6F5Pmd7JnNEMHHmspZ0qVqIBVxyZ13ik1pJtm2QXk=",
|
||||
"owner": "NixOS",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "a0906f14161a5c5792e9883117b9471f5bf6df72",
|
||||
"rev": "7872526e9c5332274ea5932a0c3270d6e4724f3b",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
|
Binary file not shown.
|
@ -23,10 +23,10 @@ let
|
|||
mary = {
|
||||
yubikey_1 = "age1yubikey1qtsln0tj4my8t0nywnmpse8tsfl28ctmd26tkxahspm5skefmqvmvpw4ef4";
|
||||
yubikey_2 = "age1yubikey1qvnajv3gu2t7q239nxz2ggfykavrt0k5vaauy9gc8ac82gsrsx3cwk7lfpd";
|
||||
pub = "age1zmrr9vrq6r3twfj3e00vn33hn2qgggv5dg3l2kysw9kjtx2r2ckq87ee5w";
|
||||
pub = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOXfcDiEl2a520F3BEirU8ey4VUxcNQu90FIescz1PQi mary@maryland";
|
||||
};
|
||||
in
|
||||
{
|
||||
"lxsameer/user.age".publicKeys = [ lxsameer.pub ];
|
||||
"mary/user.age".publicKeys = [ mary.yubikey_1 mary.yubikey_2 ];
|
||||
"mary/user.age".publicKeys = [ mary.pub ];
|
||||
}
|
||||
|
|
|
@ -73,7 +73,6 @@ rec {
|
|||
"networkmanager"
|
||||
];
|
||||
password = "123123";
|
||||
|
||||
};
|
||||
users.lxsameer = {
|
||||
isNormalUser = true;
|
||||
|
@ -90,7 +89,6 @@ rec {
|
|||
openssh.authorizedKeys.keys = [
|
||||
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIG3aV2dwnll3KxFR57Oj6Br51c7gJ/pkRa+IkKM6slve lxsameer@lxsameer.com"
|
||||
];
|
||||
|
||||
};
|
||||
};
|
||||
|
||||
|
|
|
@ -154,57 +154,6 @@ in {
|
|||
remmina
|
||||
];
|
||||
|
||||
# # basic configuration of git, please change to your own
|
||||
# programs.git = {
|
||||
# enable = true;
|
||||
# package = pkgs.gitFull;
|
||||
# userName = "Sameer Rahmani";
|
||||
# userEmail = "lxsameer@gnu.org";
|
||||
# aliases = {
|
||||
# co = "checkout";
|
||||
# br = "branch";
|
||||
# ci = "commit";
|
||||
# st = "status";
|
||||
# unstage = "reset HEAD --";
|
||||
# last = "log -1 HEAD";
|
||||
# lg =
|
||||
# "log --graph --pretty=format:'%Cred%h%Creset -%C(yellow)%d%Creset %s %Cgreen(%cr) %C(bold blue)<%an>%Creset' --abbrev-commit";
|
||||
# brs =
|
||||
# "for-each-ref --sort='-authordate:iso8601' --count 20 --format=' %(color:green)%(authordate:relative)%09%(if)%(HEAD)%(then)%(color:brightwhite)*%(else)%(color:white) %(end)%(refname:short)%09%(color:yellow)%(authorname)%(authoremail)' refs/heads";
|
||||
# e = "emacsclient";
|
||||
# };
|
||||
|
||||
# signing = {
|
||||
# key = "0x8741FACBF412FFA5";
|
||||
# signByDefault = true;
|
||||
# };
|
||||
|
||||
# difftastic.enable = true;
|
||||
# # delta.enable = true;
|
||||
|
||||
# extraConfig = {
|
||||
# core = {
|
||||
# abbrev = 12;
|
||||
# excludesFile = "${./git/gitignore}";
|
||||
# };
|
||||
|
||||
# pretty = { fixes = ''Fixes: %h ("%s")''; };
|
||||
|
||||
# url."git@github.com:" = { insteadOf = "https://github.com/"; };
|
||||
|
||||
# sendemail = {
|
||||
# smtpEncryption = "tls";
|
||||
# smtpServer = "fencepost.gnu.org";
|
||||
# smtpUser = "lxsameer";
|
||||
# smtpServerPort = 587;
|
||||
# };
|
||||
|
||||
# status.submoduleSummary = true;
|
||||
# pull.rebase = false;
|
||||
# http.sslVerify = true;
|
||||
# };
|
||||
# };
|
||||
|
||||
# starship - an customizable prompt for any shell
|
||||
programs.starship = {
|
||||
enable = true;
|
||||
|
@ -453,4 +402,5 @@ in {
|
|||
enableBashIntegration = true; # see note on other shells below
|
||||
nix-direnv.enable = true;
|
||||
};
|
||||
|
||||
}
|
||||
|
|
|
@ -43,15 +43,15 @@ rec {
|
|||
(inputs.agenix.packages.x86_64-linux.default.override { ageBin = "${rager}/bin/rager"; })
|
||||
];
|
||||
|
||||
|
||||
age.identityPaths = [
|
||||
# This is an actual private key, we should avoid
|
||||
# including it in the store
|
||||
"/home/mary/.ssh/universe"
|
||||
|
||||
# Since these are stubs, its ok to include them in the store
|
||||
./yubikey_1.stub.id
|
||||
./yubikey_2.stub.id
|
||||
|
||||
# But this is an actual private key, we should avoid
|
||||
# including it in the store
|
||||
#"~/.ssh/universe.priv"
|
||||
];
|
||||
|
||||
age.secrets.user.file = ../../secrets/mary/user.age;
|
||||
|
@ -61,6 +61,19 @@ rec {
|
|||
gid = 1001;
|
||||
};
|
||||
|
||||
users.lxsameer1 = {
|
||||
isNormalUser = true;
|
||||
shell = pkgs.zsh;
|
||||
uid = 9000;
|
||||
group = "lxsameer";
|
||||
|
||||
extraGroups = [
|
||||
"wheel"
|
||||
"networkmanager"
|
||||
];
|
||||
password = "123123";
|
||||
};
|
||||
|
||||
users.mary = {
|
||||
isNormalUser = true;
|
||||
shell = pkgs.zsh;
|
||||
|
@ -71,8 +84,13 @@ rec {
|
|||
"wheel"
|
||||
"networkmanager"
|
||||
];
|
||||
|
||||
hashedPasswordFile = config.age.secrets.user.path;
|
||||
|
||||
openssh.authorizedKeys.keys = [
|
||||
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIG3aV2dwnll3KxFR57Oj6Br51c7gJ/pkRa+IkKM6slve lxsameer@lxsameer.com"
|
||||
];
|
||||
|
||||
};
|
||||
};
|
||||
|
||||
|
|
|
@ -113,6 +113,10 @@
|
|||
protonvpn-gui
|
||||
yubioath-flutter
|
||||
yubikey-manager
|
||||
|
||||
shotwell
|
||||
flameshot
|
||||
|
||||
];
|
||||
|
||||
# basic configuration of git, please change to your own
|
||||
|
@ -224,7 +228,6 @@
|
|||
eval $(thefuck --alias)
|
||||
autopair-init
|
||||
'';
|
||||
|
||||
plugins = with pkgs; [
|
||||
{
|
||||
name = "formarks";
|
||||
|
@ -312,7 +315,6 @@
|
|||
|
||||
programs.mpv.enable = true;
|
||||
programs.obs-studio.enable = true;
|
||||
programs.noti.enable = true;
|
||||
# Let home Manager install and manage itself.
|
||||
programs.home-manager.enable = true;
|
||||
|
||||
|
@ -327,9 +329,18 @@
|
|||
home.stateVersion = "24.05";
|
||||
|
||||
services.network-manager-applet.enable = true;
|
||||
|
||||
programs.gpg = {
|
||||
enable = true;
|
||||
scdaemonSettings = {
|
||||
disable-ccid = true;
|
||||
};
|
||||
homedir = lib.mkForce "/home/mary/.gnupg";
|
||||
};
|
||||
|
||||
services.gpg-agent = {
|
||||
enable = true;
|
||||
enableSshSupport = false;
|
||||
enableSshSupport = lib.mkForce false;
|
||||
};
|
||||
|
||||
gtk = {
|
||||
|
@ -342,5 +353,11 @@
|
|||
platformTheme = "gtk";
|
||||
};
|
||||
|
||||
programs.direnv = {
|
||||
enable = true;
|
||||
enableBashIntegration = true; # see note on other shells below
|
||||
nix-direnv.enable = true;
|
||||
};
|
||||
|
||||
services.ssh-agent.enable = true;
|
||||
}
|
||||
|
|
|
@ -34,6 +34,7 @@ let
|
|||
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
|
||||
|
||||
boot.initrd.kernelModules = [ "amdgpu" ];
|
||||
boot.kernelParams = [ "radeon.cik_support=0" "amdgpu.cik_support=1" ];
|
||||
hardware.enableRedistributableFirmware = true;
|
||||
hardware.cpu.amd.updateMicrocode = true;
|
||||
|
||||
|
@ -41,19 +42,33 @@ let
|
|||
services.xserver.displayManager.sddm.enable = true;
|
||||
services.xserver.desktopManager.plasma6.enable = true;
|
||||
|
||||
# I want to fully control my users via nix
|
||||
users.mutableUsers = false;
|
||||
networking.extraHosts = ''
|
||||
192.168.0.86 sameer
|
||||
'';
|
||||
|
||||
services.printing.enable = true;
|
||||
services.avahi = {
|
||||
enable = true;
|
||||
nssmdns = true;
|
||||
openFirewall = true;
|
||||
};
|
||||
|
||||
fileSystems."/home".neededForBoot = true;
|
||||
services.gvfs.enable = true;
|
||||
|
||||
networking.firewall = {
|
||||
enable = true;
|
||||
allowedTCPPorts = [ 8000 ];
|
||||
};
|
||||
|
||||
};
|
||||
|
||||
mary = pkgs.callPackage ../users/mary/default.nix {};
|
||||
|
||||
fg42 = inputs.fg42.packages.${system}.default;
|
||||
inVM = (utils.sanitizeBuilderConfig hostBuilderConfig).inVM;
|
||||
|
||||
in {
|
||||
|
||||
installer = import ./installer.nix (params // {
|
||||
|
@ -79,6 +94,7 @@ in {
|
|||
desktop
|
||||
styles
|
||||
yubikey
|
||||
virtualisation.podman
|
||||
inputs.home-manager.nixosModules.home-manager
|
||||
{
|
||||
home-manager.useGlobalPkgs = true;
|
||||
|
|
Loading…
Reference in New Issue