Little refactor to reduce reuse
This commit is contained in:
parent
5a05a79705
commit
1e62fd2886
|
|
@ -70,6 +70,9 @@
|
|||
git-filter-repo
|
||||
gnupg
|
||||
pciutils
|
||||
podman
|
||||
podman-compose
|
||||
sbctl
|
||||
waydroid
|
||||
xwaylandvideobridge
|
||||
yubikey-personalization
|
||||
|
|
@ -89,6 +92,7 @@
|
|||
|
||||
# User tools
|
||||
noisetorch
|
||||
qjackctl
|
||||
wireplumber
|
||||
];
|
||||
|
||||
|
|
@ -159,19 +163,49 @@
|
|||
enable = true;
|
||||
};
|
||||
|
||||
virtualisation.podman = {
|
||||
enable = true;
|
||||
dockerCompat = true;
|
||||
};
|
||||
|
||||
sops.defaultSopsFile = ./secrets/sops.yaml;
|
||||
sops.age.keyFile = ../../../../../../var/secrets/keys.txt;
|
||||
|
||||
sops.secrets."lillian-password".neededForUsers = true;
|
||||
|
||||
users.users.lillian = {
|
||||
isNormalUser = true;
|
||||
extraGroups = ["sudo" "networkmanager" "wheel" "vboxsf" "docker"];
|
||||
shell = pkgs.zsh;
|
||||
hashedPasswordFile = config.sops.secrets."lillian-password".path;
|
||||
};
|
||||
|
||||
users.mutableUsers = false;
|
||||
|
||||
users.users = {
|
||||
root = {
|
||||
hashedPassword = "*";
|
||||
};
|
||||
lillian = {
|
||||
isNormalUser = true;
|
||||
extraGroups = ["sudo" "networkmanager" "wheel" "vboxsf"];
|
||||
shell = pkgs.zsh;
|
||||
};
|
||||
users.users.root = {
|
||||
hashedPassword = "*";
|
||||
};
|
||||
|
||||
boot.bootspec.enable = true;
|
||||
boot.kernelPackages = pkgs.linuxPackages_latest;
|
||||
boot.supportedFilesystems = ["bcachefs"];
|
||||
boot.extraModulePackages = with config.boot.kernelPackages; [v4l2loopback.out];
|
||||
boot.kernelModules = [
|
||||
# Virtual Camera
|
||||
"v4l2loopback"
|
||||
# Virtual Microphone, built-in
|
||||
"snd-aloop"
|
||||
];
|
||||
# Set initial kernel module settings
|
||||
boot.extraModprobeConfig = ''
|
||||
# exclusive_caps: Skype, Zoom, Teams etc. will only show device when actually streaming
|
||||
# card_label: Name of virtual camera, how it'll show up in Skype, Zoom, Teams
|
||||
# https://github.com/umlaeute/v4l2loopback
|
||||
options v4l2loopback exclusive_caps=1 card_label="Virtual Camera"
|
||||
'';
|
||||
boot.loader.systemd-boot.configurationLimit = 3;
|
||||
boot.loader.efi.canTouchEfiVariables = true;
|
||||
|
||||
# Enable completion of system packages by zsh
|
||||
environment.pathsToLink = ["/share/zsh"];
|
||||
}
|
||||
|
|
|
|||
|
|
@ -30,16 +30,6 @@
|
|||
./hardware-configuration.nix
|
||||
];
|
||||
|
||||
sops.defaultSopsFile = ./secrets/sops.yaml;
|
||||
sops.age.keyFile = ../../../../../../var/secrets/keys.txt;
|
||||
|
||||
sops.secrets."lillian-password".neededForUsers = true;
|
||||
|
||||
users.users.lillian = {
|
||||
hashedPasswordFile = config.sops.secrets."lillian-password".path;
|
||||
extraGroups = ["docker"];
|
||||
};
|
||||
|
||||
home-manager = {
|
||||
extraSpecialArgs = {inherit inputs outputs;};
|
||||
users = {
|
||||
|
|
@ -49,38 +39,21 @@
|
|||
};
|
||||
|
||||
environment.systemPackages = with pkgs; [
|
||||
podman
|
||||
podman-compose
|
||||
sbctl
|
||||
];
|
||||
|
||||
virtualisation.podman = {
|
||||
enable = true;
|
||||
dockerCompat = true;
|
||||
};
|
||||
|
||||
networking.hostName = "EDI";
|
||||
|
||||
boot.bootspec.enable = true;
|
||||
boot.kernelPackages = pkgs.linuxPackages_latest;
|
||||
boot.supportedFilesystems = ["bcachefs"];
|
||||
|
||||
# Lanzaboote currently replaces the systemd-boot module.
|
||||
# This setting is usually set to true in configuration.nix
|
||||
# generated at installation time. So we force it to false
|
||||
# for now.
|
||||
boot.loader.systemd-boot.enable = lib.mkForce false;
|
||||
boot.loader.systemd-boot.configurationLimit = 3;
|
||||
boot.loader.efi.canTouchEfiVariables = true;
|
||||
|
||||
boot.lanzaboote = {
|
||||
enable = true;
|
||||
pkiBundle = "/etc/secureboot";
|
||||
};
|
||||
|
||||
# Enable bluetooth hardware
|
||||
hardware.bluetooth.enable = true;
|
||||
|
||||
# https://nixos.wiki/wiki/FAQ/When_do_I_update_stateVersion
|
||||
system.stateVersion = "unstable";
|
||||
}
|
||||
|
|
|
|||
|
|
@ -31,10 +31,6 @@
|
|||
];
|
||||
|
||||
environment.systemPackages = with pkgs; [
|
||||
podman
|
||||
podman-compose
|
||||
sbctl
|
||||
qjackctl
|
||||
];
|
||||
|
||||
services.xserver.videoDrivers = ["amdgpu"];
|
||||
|
|
@ -55,25 +51,6 @@
|
|||
pkiBundle = "/etc/secureboot";
|
||||
};
|
||||
|
||||
boot.loader.systemd-boot.configurationLimit = 3;
|
||||
boot.loader.efi.canTouchEfiVariables = true;
|
||||
boot.supportedFilesystems = ["bcachefs"];
|
||||
boot.extraModulePackages = with config.boot.kernelPackages; [v4l2loopback.out];
|
||||
boot.kernelModules = [
|
||||
# Virtual Camera
|
||||
"v4l2loopback"
|
||||
# Virtual Microphone, built-in
|
||||
"snd-aloop"
|
||||
];
|
||||
# Set initial kernel module settings
|
||||
boot.extraModprobeConfig = ''
|
||||
# exclusive_caps: Skype, Zoom, Teams etc. will only show device when actually streaming
|
||||
# card_label: Name of virtual camera, how it'll show up in Skype, Zoom, Teams
|
||||
# https://github.com/umlaeute/v4l2loopback
|
||||
options v4l2loopback exclusive_caps=1 card_label="Virtual Camera"
|
||||
'';
|
||||
boot.kernelPackages = pkgs.linuxPackages_latest;
|
||||
|
||||
home-manager = {
|
||||
extraSpecialArgs = {inherit inputs outputs;};
|
||||
users = {
|
||||
|
|
|
|||
Loading…
Reference in a new issue