From a89e6a711bd370398f6a8f2d9b8c99adfa831029 Mon Sep 17 00:00:00 2001 From: Ben Sima Date: Fri, 18 Feb 2022 12:20:26 -0500 Subject: updates --- machines/helium.nix | 22 ++++++++++++---------- machines/oxygen.nix | 9 +++++---- machines/users.nix | 2 +- 3 files changed, 18 insertions(+), 15 deletions(-) (limited to 'machines') diff --git a/machines/helium.nix b/machines/helium.nix index 383cbe1..44c317d 100644 --- a/machines/helium.nix +++ b/machines/helium.nix @@ -63,15 +63,12 @@ in { # hardware.acpilight.enable = true; hardware.brillo.enable = true; hardware.opengl.enable = true; - hardware.pulseaudio = { - enable = true; - extraConfig = '' - load-module module-loopback - ''; - }; sound.enable = true; sound.mediaKeys.enable = true; + hardware.pulseaudio.enable = true; + hardware.pulseaudio.daemon.logLevel = "debug"; + # hardware.pulseaudio.extraConfig = "load-module module-loopback"; programs = { bash.enableCompletion = true; @@ -89,6 +86,7 @@ in { pcscd.enable = true; logind.lidSwitch = "suspend"; + logind.lidSwitchDocked = "lock"; logind.extraConfig = "IdleAction=lock"; clight.enable = true; @@ -111,6 +109,8 @@ in { xserver.xautolock.locker = "${pkgs.xlockmore}/bin/xlock"; xserver.xautolock.nowlocker = "${pkgs.xlockmore}/bin/xlock"; # xautolock -locknow xserver.xautolock.time = 5; # minutes + xserver.xautolock.killer = "${pkgs.systemd}/bin/systemctl suspend"; + xserver.xautolock.killtime = 120; # minutes xserver.xautolock.enableNotifier = true; xserver.xautolock.notify = 30; # seconds xserver.xautolock.notifier = ''${pkgs.libnotify}/bin/notify-send "Locking in 30 seconds"''; @@ -130,15 +130,17 @@ in { LABEL="yubico_end" # when yubi is removed, activate yubilock - ACTION=="remove", ENV{ID_BUS}=="usb", ENV{ID_VENDOR_ID}=="1050", ENV{ID_MODEL_ID}=="0407", ENV{ID_SERIAL}="Yubico_Yubikey_4_OTP+U2F+CCID", RUN+="${pkgs.systemd}/bin/systemctl start yubilock" + #ACTION=="remove", ENV{ID_BUS}=="usb", ENV{ID_VENDOR_ID}=="1050", ENV{ID_MODEL_ID}=="0407", ENV{ID_SERIAL}="Yubico_Yubikey_4_OTP+U2F+CCID", RUN+="${pkgs.systemd}/bin/systemctl start xlock" ''; }; systemd.services = { - "yubilock" = { - enable = false; + "xlock" = { + enable = true; script = "xlock"; path = [ pkgs.xlockmore ]; - wantedBy = ["dummy.device"]; # i have to provide a WantedBy + # nat sure about these targets + wantedBy = [ "sleep.target" "suspend.target" "hibernate.target" ]; + after = [ "sleep.target" "suspend.target" "hibernate.target" ]; environment = { DISPLAY = ":0"; }; # i think i can get rid of user if I use this script: # https://0day.work/locking-the-screen-when-removing-a-yubikey/ diff --git a/machines/oxygen.nix b/machines/oxygen.nix index 4aa933e..7630436 100644 --- a/machines/oxygen.nix +++ b/machines/oxygen.nix @@ -13,7 +13,7 @@ let owner = "drduh"; repo = "YubiKey-Guide"; rev = "fe6434577bce964aefd33d5e085d6ac0008e17ce"; - sha256 = lib.fakeSha256; + sha256 = "1f4sqj2nspv6939p3gj2ma4fnbz12l95kcr3bjzphjdgxkdx42hx"; }; buildInputs = [ pkgs.pandoc ]; installPhase = "pandoc --highlight-style pygments -s --toc README.md -o $out"; @@ -32,7 +32,6 @@ in { isoImage.makeUsbBootable = true; users.users.root.initialHashedPassword = ""; - services.getty.autologinUser = "root"; documentation.enable = true; documentation.nixos.enable = true; @@ -119,6 +118,7 @@ in { services.xserver.displayManager.sddm.enable = true; services.xserver.displayManager.autoLogin.enable = true; + services.xserver.displayManager.autoLogin.user = "root"; services.xserver.displayManager.defaultSession = "xfce"; services.xserver.displayManager.sessionCommands = '' ${pkgs.midori}/bin/midori ${guide} & @@ -134,13 +134,14 @@ in { powerManagement.enable = false; - nix.useSandbox = true; nix.nixPath = [ "nixpkgs=${nixpkgs}" "nixos-config=/etc/nixos/configuration.nix" "/nix/var/nix/profiles/per-user/root/channels" ]; - nix.binaryCaches = [ ]; + nix.useSandbox = true; + nix.buildMachines = [ ]; + system.extraSystemBuilderCmds = "ln -sv ${pkgs.path} $out/nixpkgs"; environment.etc.host-nix-channel.source = pkgs.path; diff --git a/machines/users.nix b/machines/users.nix index c716dcc..e64e61a 100644 --- a/machines/users.nix +++ b/machines/users.nix @@ -10,7 +10,7 @@ in isNormalUser = true; home = "/home/ben"; openssh.authorizedKeys.keys = [ "${benKey}" ]; - extraGroups = [ "wheel" "networkmanager" "docker" "video"]; + extraGroups = [ "wheel" "networkmanager" "docker" "audio" "video"]; }; }; }; -- cgit v1.2.3