diff --git a/nixos/common/modules/nixos.nix b/nixos/common/modules/nixos.nix index 4ef774eb..e480318b 100644 --- a/nixos/common/modules/nixos.nix +++ b/nixos/common/modules/nixos.nix @@ -2,15 +2,17 @@ # Enable flakes: https://nixos.wiki/wiki/Flakes nix.settings.experimental-features = [ "nix-command" "flakes" ]; + + # This is now done with deploy-rs # Keep the system up-to-date automatically - system = { - autoUpgrade = { - enable = true; - allowReboot = false; - dates = "daily"; - flake = "git+file:/etc/nixos/flake.nix"; - }; - }; + # system = { + # autoUpgrade = { + # enable = true; + # allowReboot = false; + # dates = "daily"; + # flake = "git+file:/etc/nixos/flake.nix"; + # }; + # }; # Garbage collection -- Keep the system clean nix.gc = { diff --git a/nixos/common/services/fwupd.nix b/nixos/common/services/fwupd.nix index a73b86aa..7b6b17f6 100644 --- a/nixos/common/services/fwupd.nix +++ b/nixos/common/services/fwupd.nix @@ -1,3 +1,4 @@ _: { + # https://search.nixos.org/options?channel=23.11&from=0&size=50&sort=relevance&type=packages&query=services.fwupd services.fwupd.enable = true; } \ No newline at end of file diff --git a/nixos/common/services/opensnitch.nix b/nixos/common/services/opensnitch.nix index 2226467d..3152441c 100644 --- a/nixos/common/services/opensnitch.nix +++ b/nixos/common/services/opensnitch.nix @@ -4,5 +4,7 @@ services.opensnitch = { enable = true; + # https://github.com/evilsocket/opensnitch/wiki/Rules + # https://search.nixos.org/options?channel=23.11&show=services.opensnitch.rules&from=0&size=50&sort=relevance&type=packages&query=opensnitch }; } \ No newline at end of file diff --git a/nixos/minimal.nix b/nixos/minimal.nix index 8e5ba1cb..f722a232 100644 --- a/nixos/minimal.nix +++ b/nixos/minimal.nix @@ -5,7 +5,7 @@ ./common/services/fail2ban.nix # NixOS Modules - # ./common/modules/networking.nix # Initial Networking configs + ./common/modules/networking.nix # Initial Networking configs ./common/modules/nixos.nix # NixOS related items ./common/modules/remote-builders.nix # Add remote builders diff --git a/nixos/users/albert/default.nix b/nixos/users/albert/default.nix index bb901eb7..c61d175b 100644 --- a/nixos/users/albert/default.nix +++ b/nixos/users/albert/default.nix @@ -3,7 +3,7 @@ let ifExists = groups: builtins.filter (group: builtins.hasAttr group config.users.groups) groups; in { # Define a user account. - imports = [ /*./switcher.nix*/ ] ++ lib.optional (builtins.isString desktop) ./desktop.nix; + imports = [ ] ++ lib.optional (builtins.isString desktop) ./desktop.nix; users.mutableUsers = false; users.users.albert = { isNormalUser = true; @@ -20,19 +20,4 @@ in { # Make this user trusted nix.settings.trusted-users = [ "albert" ]; - - # No sudo password - deploy-rs - # security.sudo.extraRules = [ - # { - # users = [ "albert" ]; - # commands = [ - # { - # command = "ALL"; - # options = [ "NOPASSWD" ]; - # } - # ]; - # } - # ]; - - } \ No newline at end of file diff --git a/nixos/users/albert/switcher.nix b/nixos/users/albert/switcher.nix deleted file mode 100644 index 9aa1cd54..00000000 --- a/nixos/users/albert/switcher.nix +++ /dev/null @@ -1,34 +0,0 @@ -{self, ...}: { - pkgs, - config, - ... -}: { - # https://github.com/NobbZ/nixos-config/blob/a1c99894088f43a0ba31812ad53f0e09dc36f15a/nixos/modules/switcher.nix#L14-L31 - _file = ./switcher.nix; - - environment.systemPackages = [self.packages."${pkgs.system}".switcher]; - - security.sudo.extraRules = let - storePrefix = "/nix/store/*"; - systemName = "nixos-system-${config.networking.hostName}-*"; - in [ - { - commands = [ - { - command = "${storePrefix}-nix-*/bin/nix-env -p /nix/var/nix/profiles/system --set ${storePrefix}-${systemName}"; - options = ["NOPASSWD"]; - } - ]; - groups = ["wheel"]; - } - { - commands = [ - { - command = "${storePrefix}-${systemName}/bin/switch-to-configuration"; - options = ["NOPASSWD"]; - } - ]; - groups = ["wheel"]; - } - ]; -} \ No newline at end of file