diff options
author | Karel Kočí <cynerd@email.cz> | 2024-01-10 11:17:22 +0100 |
---|---|---|
committer | Karel Kočí <cynerd@email.cz> | 2024-01-10 11:17:22 +0100 |
commit | 55296b643fe2934b875561dd58861b69d4951e9c (patch) | |
tree | 26e673315c12c099b681ce813a0d6299e72bf957 /nixos/modules | |
parent | 78201a313a24376b1e54f8d6d977191a4d5735fd (diff) | |
download | nixos-personal-55296b643fe2934b875561dd58861b69d4951e9c.tar.gz nixos-personal-55296b643fe2934b875561dd58861b69d4951e9c.tar.bz2 nixos-personal-55296b643fe2934b875561dd58861b69d4951e9c.zip |
nixos: multiple tweaks
Diffstat (limited to 'nixos/modules')
-rw-r--r-- | nixos/modules/generic.nix | 88 |
1 files changed, 47 insertions, 41 deletions
diff --git a/nixos/modules/generic.nix b/nixos/modules/generic.nix index 8688732..9b64aa8 100644 --- a/nixos/modules/generic.nix +++ b/nixos/modules/generic.nix @@ -32,10 +32,12 @@ in { }; }; - boot.loader.systemd-boot.enable = mkOverride 1100 true; - boot.loader.efi.canTouchEfiVariables = mkDefault true; - boot.kernelPackages = mkOverride 1100 pkgs.linuxPackages_latest; - boot.kernelParams = ["boot.shell_on_fail"]; + boot = { + loader.systemd-boot.enable = mkOverride 1100 true; + loader.efi.canTouchEfiVariables = mkDefault true; + kernelPackages = mkOverride 1100 pkgs.linuxPackages_latest; + kernelParams = ["boot.shell_on_fail"]; + }; hardware.enableAllFirmware = true; services.fwupd.enable = mkIf (pkgs.system == "x86_64-linux") true; @@ -107,46 +109,50 @@ in { mlocate ]; - users.mutableUsers = false; - users.groups.cynerd.gid = 1000; - users.users = { - root = { - hashedPasswordFile = "/run/secrets/root.pass"; - }; - cynerd = { - group = "cynerd"; - extraGroups = ["users" "wheel" "dialout" "kvm" "uucp"]; - uid = 1000; - subUidRanges = [ - { - count = 65534; - startUid = 10000; - } - ]; - subGidRanges = [ - { - count = 65534; - startGid = 10000; - } - ]; - isNormalUser = true; - createHome = true; - shell = - if isNative - then pkgs.zsh.out - else pkgs.bash.out; - hashedPasswordFile = "/run/secrets/cynerd.pass"; - openssh.authorizedKeys.keyFiles = [ - (config.personal-secrets + "/unencrypted/git-private.pub") - ]; + users = { + mutableUsers = false; + groups.cynerd.gid = 1000; + users = { + root = { + hashedPasswordFile = "/run/secrets/root.pass"; + }; + cynerd = { + group = "cynerd"; + extraGroups = ["users" "wheel" "dialout" "kvm" "uucp"]; + uid = 1000; + subUidRanges = [ + { + count = 65534; + startUid = 10000; + } + ]; + subGidRanges = [ + { + count = 65534; + startGid = 10000; + } + ]; + isNormalUser = true; + createHome = true; + shell = + if isNative + then pkgs.zsh.out + else pkgs.bash.out; + hashedPasswordFile = "/run/secrets/cynerd.pass"; + openssh.authorizedKeys.keyFiles = [ + (config.personal-secrets + "/unencrypted/git-private.pub") + ]; + }; }; }; - programs.zsh = { - enable = isNative; - syntaxHighlighting.enable = isNative; + programs = { + zsh = { + enable = isNative; + syntaxHighlighting.enable = isNative; + }; + shellrc = true; + vim.defaultEditor = mkDefault true; }; - programs.shellrc = true; - programs.vim.defaultEditor = mkDefault true; security.sudo.extraRules = [ { |