f9970ce3af
The changes update the configuration to use a `device.user` variable instead of hardcoded usernames like "fs0c131y" and "servius". This makes the configurations more flexible and reusable across different devices. The changes affect nixos configurations for mirai, ryu, and tako, as well as the darwin configuration for kuro, and the deploy.nix file. The key changes include: - Replacing hardcoded usernames with `device.user` in trusted-users lists - Updating system.primaryUser to use `device.user` - Modifying user definitions to use the device.user variable - Adjusting deploy configuration to use "servius" as sshUser for tako - Commenting out some service modules in tako's services/default.nix
80 lines
2.2 KiB
Nix
80 lines
2.2 KiB
Nix
{
|
|
config,
|
|
pkgs,
|
|
device,
|
|
...
|
|
}: {
|
|
imports = [./services ./homebrew.nix ./programs];
|
|
|
|
# environment.systemPackages = with pkgs; [nix neovim];
|
|
nix = {
|
|
enable = true;
|
|
settings = {
|
|
# ids.gids.nixbld = 30000;
|
|
experimental-features = "nix-command flakes auto-allocate-uids";
|
|
max-jobs = 8;
|
|
trusted-users = ["root" device.user];
|
|
substituters = [
|
|
"https://nix-community.cachix.org"
|
|
# "https://sh.darksailor.dev"
|
|
];
|
|
trusted-public-keys = [
|
|
"nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
|
|
# "mirai:bcVPoFGBZ0i7JAKMXIqLj2GY3CulLC4kP7rQyqes1RM="
|
|
];
|
|
};
|
|
extraOptions = ''
|
|
build-users-group = nixbld
|
|
extra-nix-path = nixpkgs=flake:nixpkgs
|
|
builders-use-substitutes = true
|
|
'';
|
|
package = pkgs.nixVersions.latest;
|
|
buildMachines = [
|
|
../../builders/mirai.nix
|
|
../../builders/shiro.nix
|
|
];
|
|
distributedBuilds = true;
|
|
};
|
|
|
|
# security.pam.enableSudoTouchIdAuth = true;
|
|
security.pam.services.sudo_local.touchIdAuth = true;
|
|
# system.patches = [
|
|
# (pkgs.writeText "pam-reattach.patch"
|
|
# # diff
|
|
# ''
|
|
# new file mode 100644
|
|
# index 0000000..e4293c0
|
|
# --- /dev/null
|
|
# +++ b/etc/pam.d/sudo_local
|
|
# @@ -0,0 +1,3 @@
|
|
# +# sudo_local: local config file which survives system update and is included for sudo
|
|
# +# uncomment following line to enable Touch ID for sudo
|
|
# +auth optional ${pkgs.pam-reattach}/lib/pam/pam_reattach.so
|
|
# '')
|
|
# ];
|
|
|
|
programs.bash.enable = false;
|
|
programs.zsh.enable = false;
|
|
programs.fish.enable = true;
|
|
|
|
# services.nix-daemon.enable = true;
|
|
system.stateVersion = 5;
|
|
system.primaryUser = device.user;
|
|
|
|
system.keyboard.enableKeyMapping = true;
|
|
system.keyboard.remapCapsLockToControl = true;
|
|
system.keyboard.swapLeftCommandAndLeftAlt = true;
|
|
system.keyboard.userKeyMapping = [
|
|
{
|
|
# Right Command to Option
|
|
HIDKeyboardModifierMappingSrc = 30064771303;
|
|
HIDKeyboardModifierMappingDst = 30064771302;
|
|
}
|
|
{
|
|
# Right Option to command
|
|
HIDKeyboardModifierMappingSrc = 30064771302;
|
|
HIDKeyboardModifierMappingDst = 30064771303;
|
|
}
|
|
];
|
|
}
|