tasiaiso/nixos-config
1
0
Fork 0
Code Issues Pull requests Actions Packages Projects Releases Wiki Activity

usbguard and doc format

Browse source
This commit is contained in:
Tasia Iso 2024-06-12 15:20:56 +02:00
parent 98ec1cf538
commit 3f6324c205
Signed by: tasiaiso
SSH key fingerprint: SHA256:KiRjUay5C9i6objsEOIycygBHn54pDBB3Lj7fyJ0Elw
2 changed files with 7 additions and 9 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

9
README.md
View file

@ -32,18 +32,13 @@ Build enry and upload a generation: `nixos-rebuild switch --use-remote-sudo --fl
### To do on a new machine ### To do on a new machine
- Install NixOS - Install NixOS
- Clone this repo `git clone https://gitea.com/tasiaiso/nixos-config.git && cd nixos-onfig` - Clone this repo `git clone https://gitea.com/tasiaiso/nixos-config.git && cd nixos-onfig`
- `export HOSTNAME=<your-hostname> && mkdir hosts/$HOSTNAME && cd hosts/$HOSTNAME && touch configuration.nix` - `export HOSTNAME=<your-hostname> && mkdir hosts/$HOSTNAME && cd hosts/$HOSTNAME && touch configuration.nix`
- Fill out `configuration.nix` - Fill out `configuration.nix`
- add your key in `common/programs/ssh.nix` - add your key in `common/programs/ssh.nix`
- `sudo nixos-generate-config --show-hardware-config > hosts/$HOSTNAME/hardare-configuration.nix` - `sudo nixos-generate-config --show-hardware-config > hosts/$HOSTNAME/hardare-configuration.nix`
- `sudo nixos-rebuild switch --flake .#$HOSTNAME"
- `sudo nixos-rebuild switch --flake .#$HOSTNAME` - If `usbguard` is enabled, check allowed devices.
#### git #### git

7
common/services/usbguard.nix
View file

@ -19,17 +19,20 @@
# USB Drives # USB Drives
allow id 0951:1666 serial "D067E5161936F420A61181ED" name "DataTraveler 3.0" # ISO USB allow id 0951:1666 serial "D067E5161936F420A61181ED" name "DataTraveler 3.0" # ISO USB
allow id 346d:5678 serial "FC081FF86A47A" name "Disk 20" # TAILS USB allow id 346d:5678 serial "FC081FF86A47A" name "Disk 20" # TAILS USB
allow id abcd:1234 # small usb
block id 0781:5567 serial "20054963930A6791494D" name "Cruzer Blade" # ?
block id 048d:1234 serial "9474621090551435743" name "Disk 2.0" # ?
# Peripherals # Peripherals
allow id 046d:c08b serial "178D316C3832" name "G502 HERO Gaming Mouse" allow id 046d:c08b serial "178D316C3832" name "G502 HERO Gaming Mouse"
allow id 1ea7:0907 serial "SN0000000001" name "USB-HID Gaming Keyboard" allow id 1ea7:0907 serial "SN0000000001" name "USB-HID Gaming Keyboard"
allow id 0bc2:231a serial "2HC015KJ" name "Expansion" # USB-SATA adapter
allow id 04f9:02d3 serial "E71830G6J592482" name "" # Printer
# Phones # Phones
allow id 18d1:4ee1 serial "28051FDH200ATC" name "Pixel 7" allow id 18d1:4ee1 serial "28051FDH200ATC" name "Pixel 7"
allow id 2717:ff40 serial "52bb384f0512" name "Redmi 10 2022" allow id 2717:ff40 serial "52bb384f0512" name "Redmi 10 2022"
allow id 04f9:02d3 serial "E71830G6J592482" name "" # Printer
allow id abcd:1234 # small usb
''; '';
}; };
} }