2025-02-15 08:59:32 +01:00
|
|
|
{
|
|
|
|
|
pkgs,
|
|
|
|
|
username,
|
2025-02-17 03:57:20 +01:00
|
|
|
host,
|
2025-02-15 08:59:32 +01:00
|
|
|
...
|
2025-02-17 17:39:21 +01:00
|
|
|
}: let
|
2025-02-17 03:57:20 +01:00
|
|
|
inherit (import ../../hosts/${host}/variables.nix) keyboardLayout;
|
2025-02-17 17:39:21 +01:00
|
|
|
in {
|
2025-02-15 08:59:32 +01:00
|
|
|
# Services to start
|
|
|
|
|
services = {
|
2025-02-17 03:57:20 +01:00
|
|
|
libinput.enable = true;
|
|
|
|
|
fstrim.enable = true;
|
|
|
|
|
gvfs.enable = true;
|
|
|
|
|
openssh.enable = true;
|
2025-02-17 17:39:21 +01:00
|
|
|
flatpak.enable = true;
|
2025-02-17 03:57:20 +01:00
|
|
|
blueman.enable = true;
|
|
|
|
|
|
2025-02-15 08:59:32 +01:00
|
|
|
xserver = {
|
|
|
|
|
enable = false;
|
|
|
|
|
xkb = {
|
|
|
|
|
layout = "${keyboardLayout}";
|
|
|
|
|
variant = "";
|
|
|
|
|
};
|
|
|
|
|
};
|
|
|
|
|
greetd = {
|
|
|
|
|
enable = true;
|
|
|
|
|
vt = 3;
|
|
|
|
|
settings = {
|
|
|
|
|
default_session = {
|
|
|
|
|
user = username;
|
|
|
|
|
command = "${pkgs.greetd.tuigreet}/bin/tuigreet --time --cmd Hyprland"; # start Hyprland with a TUI login manager
|
|
|
|
|
};
|
|
|
|
|
};
|
|
|
|
|
};
|
|
|
|
|
smartd = {
|
|
|
|
|
enable = false;
|
|
|
|
|
autodetect = true;
|
|
|
|
|
};
|
|
|
|
|
printing = {
|
|
|
|
|
enable = true;
|
|
|
|
|
drivers = [
|
|
|
|
|
# pkgs.hplipWithPlugin
|
|
|
|
|
];
|
|
|
|
|
};
|
|
|
|
|
gnome.gnome-keyring.enable = true;
|
|
|
|
|
avahi = {
|
|
|
|
|
enable = true;
|
|
|
|
|
nssmdns4 = true;
|
|
|
|
|
openFirewall = true;
|
|
|
|
|
};
|
|
|
|
|
ipp-usb.enable = true;
|
|
|
|
|
syncthing = {
|
|
|
|
|
enable = false;
|
|
|
|
|
user = "${username}";
|
|
|
|
|
dataDir = "/home/${username}";
|
|
|
|
|
configDir = "/home/${username}/.config/syncthing";
|
|
|
|
|
};
|
|
|
|
|
pipewire = {
|
|
|
|
|
enable = true;
|
|
|
|
|
alsa.enable = true;
|
|
|
|
|
alsa.support32Bit = true;
|
|
|
|
|
pulse.enable = true;
|
|
|
|
|
};
|
2025-02-17 17:39:21 +01:00
|
|
|
rpcbind.enable = true;
|
|
|
|
|
nfs.server.enable = true;
|
2025-02-15 08:59:32 +01:00
|
|
|
};
|
|
|
|
|
|
|
|
|
|
systemd.services.flatpak-repo = {
|
2025-02-17 17:39:21 +01:00
|
|
|
path = [pkgs.flatpak];
|
2025-02-15 08:59:32 +01:00
|
|
|
script = ''
|
|
|
|
|
flatpak remote-add --if-not-exists flathub https://flathub.org/repo/flathub.flatpakrepo
|
|
|
|
|
'';
|
|
|
|
|
};
|
2025-02-17 17:39:21 +01:00
|
|
|
|
2025-02-15 08:59:32 +01:00
|
|
|
# Security / Polkit
|
|
|
|
|
security.rtkit.enable = true;
|
|
|
|
|
security.polkit.enable = true;
|
|
|
|
|
security.polkit.extraConfig = ''
|
|
|
|
|
polkit.addRule(function(action, subject) {
|
|
|
|
|
if (
|
|
|
|
|
subject.isInGroup("users")
|
|
|
|
|
&& (
|
|
|
|
|
action.id == "org.freedesktop.login1.reboot" ||
|
|
|
|
|
action.id == "org.freedesktop.login1.reboot-multiple-sessions" ||
|
|
|
|
|
action.id == "org.freedesktop.login1.power-off" ||
|
|
|
|
|
action.id == "org.freedesktop.login1.power-off-multiple-sessions"
|
|
|
|
|
)
|
|
|
|
|
)
|
|
|
|
|
{
|
|
|
|
|
return polkit.Result.YES;
|
|
|
|
|
}
|
|
|
|
|
})
|
|
|
|
|
'';
|
|
|
|
|
security.pam.services.swaylock = {
|
|
|
|
|
text = ''
|
|
|
|
|
auth include login
|
|
|
|
|
'';
|
|
|
|
|
};
|
|
|
|
|
}
|
