Stefan Junker
b215e8280d
Also add udev rule to allow users device access. This is required for users accessing the Yubikey directly which is the case when using gpg without pcscd
124 lines
3.4 KiB
Nix
124 lines
3.4 KiB
Nix
{ pkgs
|
|
, ...
|
|
}:
|
|
|
|
{
|
|
networking.networkmanager = {
|
|
enable = true;
|
|
dns = "dnsmasq";
|
|
unmanaged = [
|
|
"interface-name:veth*"
|
|
"interface-name:virbr*"
|
|
"interface-name:br*"
|
|
"interface-name:*vbox*"
|
|
"interface-name:*cni*"
|
|
];
|
|
};
|
|
networking.usePredictableInterfaceNames = false;
|
|
|
|
services.resolved.enable = false;
|
|
|
|
# hardware related services
|
|
services.illum.enable = true;
|
|
services.pcscd.enable = false;
|
|
hardware = {
|
|
bluetooth.enable = true;
|
|
pulseaudio = {
|
|
enable = true;
|
|
package = pkgs.pulseaudioFull;
|
|
support32Bit = true;
|
|
};
|
|
};
|
|
# required for running blueman-applet in user sessions
|
|
services.dbus.packages = with pkgs; [
|
|
blueman
|
|
];
|
|
services.blueman.enable = true;
|
|
|
|
services.xserver = {
|
|
enable = true;
|
|
libinput.enable = true;
|
|
libinput.naturalScrolling = true;
|
|
|
|
videoDrivers = [ "qxl" "modesetting" "ati" "cirrus" "intel" "vesa" "vmware" "modesetting" ];
|
|
xkbVariant = "altgr-intl";
|
|
xkbOptions = "nodeadkeys";
|
|
|
|
desktopManager = {
|
|
# FIXME: gnome should be moved to user session
|
|
gnome3.enable = true;
|
|
|
|
xterm.enable = true;
|
|
plasma5.enable = false;
|
|
};
|
|
|
|
displayManager = {
|
|
gdm.enable = false;
|
|
|
|
autoLogin = {
|
|
enable = true;
|
|
user = "steveej";
|
|
};
|
|
|
|
lightdm = {
|
|
enable = true;
|
|
background = "${pkgs.nixos-artwork.wallpapers.simple-blue}/share/artwork/gnome/nix-wallpaper-simple-blue.png";
|
|
};
|
|
|
|
sessionCommands = ''
|
|
'';
|
|
};
|
|
};
|
|
|
|
services.gvfs.enable = true;
|
|
programs.seahorse.enable = true;
|
|
programs.gpaste.enable = false;
|
|
programs.gnome-terminal.enable = false;
|
|
programs.gnome-documents.enable = false;
|
|
programs.gnome-disks.enable = false;
|
|
|
|
services.gnome3 = {
|
|
# gnome-online-miners.enable = false; TODO: enable this again
|
|
games.enable = false;
|
|
gnome-remote-desktop.enable = false;
|
|
gnome-user-share.enable = false;
|
|
rygel.enable = false;
|
|
sushi.enable = false;
|
|
tracker.enable = false;
|
|
tracker-miners.enable = false;
|
|
|
|
# FIXME: gnome should be moved to user session
|
|
at-spi2-core.enable = true;
|
|
evolution-data-server.enable = true;
|
|
gnome-online-accounts.enable = true;
|
|
gnome-keyring.enable = true;
|
|
};
|
|
|
|
# More Services
|
|
services.udev.packages = [
|
|
pkgs.libu2f-host
|
|
pkgs.yubikey-personalization
|
|
pkgs.android-udev-rules
|
|
];
|
|
services.udev.extraRules = ''
|
|
# OnePlusOne
|
|
ATTR{idVendor}=="05c6", ATTR{idProduct}=="6764", SYMLINK+="libmtp-%k", MODE="660", GROUP="audio", ENV{ID_MTP_DEVICE}="1", ENV{ID_MEDIA_PLAYER}="1", TAG+="uaccess"
|
|
ATTR{idVendor}=="05c6", ATTR{idProduct}=="6765", SYMLINK+="libmtp-%k", MODE="660", GROUP="audio", ENV{ID_MTP_DEVICE}="1", ENV{ID_MEDIA_PLAYER}="1", TAG+="uaccess"
|
|
|
|
# Plantronics BackBeat PRO
|
|
SUBSYSTEM=="usb", ATTR{idVendor}=="047f", ATTR{idProduct}=="011a", GROUP="users", MODE="0777"
|
|
SUBSYSTEM=="usb", ATTR{idVendor}=="047f", ATTR{idProduct}=="fffe", GROUP="users", MODE="0777"
|
|
SUBSYSTEM=="usb", ATTR{idVendor}=="047f", ATTR{idProduct}=="0001", GROUP="users", MODE="0777"
|
|
|
|
# Yubikey 4/5 U2F+CCID
|
|
SUBSYSTEM=="usb", ATTR{idVendor}=="1050", ATTR{idProduct}=="0406", ENV{ID_SECURITY_TOKEN}="1", GROUP="wheel"
|
|
'';
|
|
|
|
|
|
services.samba.enable = true;
|
|
services.samba.extraConfig = ''
|
|
client max protocol = SMB3
|
|
'';
|
|
|
|
services.logind.lidSwitchExternalPower = "ignore";
|
|
}
|