Cleanup

nixos/common/modules/nixos.nix

@@ -2,15 +2,17 @@
   # Enable flakes:  https://nixos.wiki/wiki/Flakes
   nix.settings.experimental-features = [ "nix-command" "flakes" ];
 
+
+  # This is now done with deploy-rs
   # Keep the system up-to-date automatically
-  system = {
+  # system = {
-    autoUpgrade = {
+  #   autoUpgrade = {
-      enable = true;
+  #     enable = true;
-      allowReboot = false;
+  #     allowReboot = false;
-      dates = "daily";
+  #     dates = "daily";
-      flake = "git+file:/etc/nixos/flake.nix";
+  #     flake = "git+file:/etc/nixos/flake.nix";
-    };
+  #   };
-  };
+  # };
 
   # Garbage collection -- Keep the system clean
   nix.gc = {

nixos/common/services/fwupd.nix

@@ -1,3 +1,4 @@
 _: {
+  # https://search.nixos.org/options?channel=23.11&from=0&size=50&sort=relevance&type=packages&query=services.fwupd 
   services.fwupd.enable = true;
 }

nixos/common/services/opensnitch.nix

@@ -4,5 +4,7 @@
 
     services.opensnitch = {
         enable = true;
+        # https://github.com/evilsocket/opensnitch/wiki/Rules
+        # https://search.nixos.org/options?channel=23.11&show=services.opensnitch.rules&from=0&size=50&sort=relevance&type=packages&query=opensnitch 
     };
 }

nixos/minimal.nix

@@ -5,7 +5,7 @@
       ./common/services/fail2ban.nix
 
       # NixOS Modules
-      # ./common/modules/networking.nix      # Initial Networking configs
+      ./common/modules/networking.nix      # Initial Networking configs
       ./common/modules/nixos.nix           # NixOS related items
       ./common/modules/remote-builders.nix # Add remote builders
 

nixos/users/albert/default.nix

@@ -3,7 +3,7 @@ let
   ifExists = groups: builtins.filter (group: builtins.hasAttr group config.users.groups) groups;
 in {
   # Define a user account.
-  imports = [ /*./switcher.nix*/ ]  ++ lib.optional (builtins.isString desktop) ./desktop.nix;
+  imports = [  ]  ++ lib.optional (builtins.isString desktop) ./desktop.nix;
   users.mutableUsers = false;
   users.users.albert = {
     isNormalUser = true;
@@ -20,19 +20,4 @@ in {
 
   # Make this user trusted
   nix.settings.trusted-users = [ "albert" ];
-
-  # No sudo password - deploy-rs
-  # security.sudo.extraRules = [
-  #   { 
-  #     users = [ "albert" ];
-  #     commands = [
-  #       { 
-  #         command = "ALL";
-  #         options = [ "NOPASSWD" ];
-  #       }
-  #     ];
-  #   }
-  # ];
-
-
 }

nixos/users/albert/switcher.nix

@@ -1,34 +0,0 @@
-{self, ...}: {
-  pkgs,
-  config,
-  ...
-}: {
-  #  https://github.com/NobbZ/nixos-config/blob/a1c99894088f43a0ba31812ad53f0e09dc36f15a/nixos/modules/switcher.nix#L14-L31
-  _file = ./switcher.nix;
-
-  environment.systemPackages = [self.packages."${pkgs.system}".switcher];
-
-  security.sudo.extraRules = let
-    storePrefix = "/nix/store/*";
-    systemName = "nixos-system-${config.networking.hostName}-*";
-  in [
-    {
-      commands = [
-        {
-          command = "${storePrefix}-nix-*/bin/nix-env -p /nix/var/nix/profiles/system --set ${storePrefix}-${systemName}";
-          options = ["NOPASSWD"];
-        }
-      ];
-      groups = ["wheel"];
-    }
-    {
-      commands = [
-        {
-          command = "${storePrefix}-${systemName}/bin/switch-to-configuration";
-          options = ["NOPASSWD"];
-        }
-      ];
-      groups = ["wheel"];
-    }
-  ];
-}