From 3f6324c205e9575d327c1bb5401a45582c4e4192 Mon Sep 17 00:00:00 2001
From: Tasia Iso <tasiaiso@proton.me>
Date: Wed, 12 Jun 2024 15:20:56 +0200
Subject: [PATCH] usbguard and doc format

---
 README.md                    | 9 ++-------
 common/services/usbguard.nix | 7 +++++--
 2 files changed, 7 insertions(+), 9 deletions(-)

diff --git a/README.md b/README.md
index 9f965ee..154e2ef 100644
--- a/README.md
+++ b/README.md
@@ -32,18 +32,13 @@ Build enry and upload a generation: `nixos-rebuild switch --use-remote-sudo --fl
 ### To do on a new machine
 
 - Install NixOS
-
 - Clone this repo `git clone https://gitea.com/tasiaiso/nixos-config.git && cd nixos-onfig`
-
 - `export HOSTNAME=<your-hostname> && mkdir hosts/$HOSTNAME && cd hosts/$HOSTNAME && touch configuration.nix`
-
 - Fill out `configuration.nix`
-
 - add your key in `common/programs/ssh.nix`
-
 - `sudo nixos-generate-config --show-hardware-config > hosts/$HOSTNAME/hardare-configuration.nix`
-
-- `sudo nixos-rebuild switch --flake .#$HOSTNAME`
+- `sudo nixos-rebuild switch --flake .#$HOSTNAME"
+- If `usbguard` is enabled, check allowed devices.
 
 #### git
 
diff --git a/common/services/usbguard.nix b/common/services/usbguard.nix
index a8cf7dd..a5e483e 100644
--- a/common/services/usbguard.nix
+++ b/common/services/usbguard.nix
@@ -19,17 +19,20 @@
       # USB Drives
       allow id 0951:1666 serial "D067E5161936F420A61181ED" name "DataTraveler 3.0" # ISO USB
       allow id 346d:5678 serial "FC081FF86A47A" name "Disk 20" # TAILS USB
+      allow id abcd:1234 # small usb
+      block id 0781:5567 serial "20054963930A6791494D" name "Cruzer Blade" # ?
+      block id 048d:1234 serial "9474621090551435743" name "Disk 2.0" # ?
 
       # Peripherals
       allow id 046d:c08b serial "178D316C3832" name "G502 HERO Gaming Mouse"
       allow id 1ea7:0907 serial "SN0000000001" name "USB-HID Gaming Keyboard"
+      allow id 0bc2:231a serial "2HC015KJ" name "Expansion" # USB-SATA adapter
+      allow id 04f9:02d3 serial "E71830G6J592482" name "" # Printer
 
       # Phones
       allow id 18d1:4ee1 serial "28051FDH200ATC" name "Pixel 7"
       allow id 2717:ff40 serial "52bb384f0512" name "Redmi 10 2022"
 
-      allow id 04f9:02d3 serial "E71830G6J592482" name "" # Printer
-      allow id abcd:1234 # small usb
     '';
   };
 }