uu? rr?
This commit is contained in:
parent
42148a2489
commit
4a238ff95b
SSH key fingerprint:
SHA256:KiRjUay5C9i6objsEOIycygBHn54pDBB3Lj7fyJ0Elw
11
README.md
11
README.md
|
|
@ -39,6 +39,8 @@ Build enry and upload a generation: TODO
|
|||
|
||||
- Fill out `configuration.nix`
|
||||
|
||||
- add your key in `common/programs/ssh.nix`
|
||||
|
||||
- `sudo nixos-generate-config --show-hardware-config > hosts/$HOSTNAME/hardare-configuration.nix`
|
||||
|
||||
- `sudo nixos-rebuild switch --flake .#$HOSTNAME`
|
||||
|
|
@ -55,17 +57,18 @@ add to git: `git config --global user.signingkey ~/.ssh/id_ed25519`
|
|||
|
||||
- `google-authenticator -td -r 5 -R 60 -w 2`
|
||||
|
||||
# Hosts
|
||||
|
||||
## theseus
|
||||
## Hosts
|
||||
|
||||
### theseus
|
||||
|
||||
My main PC. Mostly unused because of power constraints
|
||||
|
||||
## phoenix
|
||||
### phoenix
|
||||
|
||||
My old laptop.
|
||||
|
||||
## stuff
|
||||
### stuff
|
||||
|
||||
Another person's laptop.
|
||||
|
||||
|
|
|
|||
|
|
@ -1,22 +0,0 @@
|
|||
{pkgs, ...}: {
|
||||
boot = {
|
||||
initrd.kernelModules = ["amdgpu"];
|
||||
|
||||
# params for Sea Islands or smth
|
||||
kernelParams = ["radeon.cik_support=0" "amdgpu.cik_support=1"];
|
||||
};
|
||||
|
||||
hardware.opengl = {
|
||||
enable = true;
|
||||
|
||||
## radv: an open-source Vulkan driver from freedesktop
|
||||
driSupport = true;
|
||||
driSupport32Bit = true;
|
||||
|
||||
## amdvlk: an open-source Vulkan driver from AMD
|
||||
extraPackages = [pkgs.amdvlk];
|
||||
extraPackages32 = [pkgs.driversi686Linux.amdvlk];
|
||||
};
|
||||
|
||||
services.xserver.videoDrivers = ["amdgpu"];
|
||||
}
|
||||
|
|
@ -3,6 +3,11 @@
|
|||
pkgs,
|
||||
...
|
||||
}: {
|
||||
boot.initrd.availableKernelModules = [
|
||||
# Btrfs CRC hardware acceleration
|
||||
"crc32c-intel"
|
||||
];
|
||||
|
||||
services.btrfs.autoScrub = {
|
||||
enable = true;
|
||||
interval = "monthly";
|
||||
|
|
|
|||
|
|
@ -5,12 +5,6 @@
|
|||
autosuggestions.enable = true;
|
||||
syntaxHighlighting.enable = true;
|
||||
|
||||
shellAliases = {
|
||||
ll = "ls -al";
|
||||
done = "curl -d 'Done' ntfy.sh/tasiaiso_done";
|
||||
rebuild = "sudo nixos-rebuild switch -flake -I nixos-config=/home/tasia/Desktop/nixos-config"; # .#hostname
|
||||
};
|
||||
|
||||
ohMyZsh = {
|
||||
enable = true;
|
||||
plugins = [
|
||||
|
|
@ -19,5 +13,6 @@
|
|||
theme = "robbyrussell";
|
||||
};
|
||||
};
|
||||
|
||||
users.defaultUserShell = pkgs.zsh;
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1,8 +1,19 @@
|
|||
{
|
||||
security.auditd.enable = true;
|
||||
security.audit.enable = true;
|
||||
# security.audit.rules = [
|
||||
# "-a exit,always -F arch=b64 -S execve"
|
||||
# ];
|
||||
# You can monitor these logs with journalctl -f. If you don't see any audit logs show up, ssh in from another window and run some commands like ls. You should see a flurry of them show up.
|
||||
{pkgs, ...}: {
|
||||
security = {
|
||||
audit = {
|
||||
enable = true;
|
||||
|
||||
rules = [
|
||||
"-a exit,always -F arch=b64 -S execve"
|
||||
# "-w /etc/passwd -p wa -k passwd_changes"
|
||||
# "-w /home/tasia -p wa -k home_changes"
|
||||
];
|
||||
};
|
||||
|
||||
auditd.enable = true;
|
||||
};
|
||||
|
||||
environment.systemPackages = with pkgs; [
|
||||
audit
|
||||
];
|
||||
}
|
||||
|
|
|
|||
|
|
@ -17,12 +17,8 @@
|
|||
allow id 8087:0025 serial "" name ""
|
||||
|
||||
# USB Drives
|
||||
|
||||
## ISO USB
|
||||
allow id 0951:1666 serial "D067E5161936F420A61181ED" name "DataTraveler 3.0"
|
||||
|
||||
## TAILS USB
|
||||
allow id 346d:5678 serial "FC081FF86A47A" name "Disk 20"
|
||||
allow id 0951:1666 serial "D067E5161936F420A61181ED" name "DataTraveler 3.0" # ISO USB
|
||||
allow id 346d:5678 serial "FC081FF86A47A" name "Disk 20" # TAILS USB
|
||||
|
||||
# Peripherals
|
||||
allow id 046d:c08b serial "178D316C3832" name "G502 HERO Gaming Mouse"
|
||||
|
|
|
|||
|
|
@ -23,6 +23,18 @@
|
|||
".librewolf/librewolf.overrides.cfg".source = ../../dotfiles/librewolf.overrides.cfg;
|
||||
};
|
||||
|
||||
home.shellAliases = {
|
||||
e = "nvim";
|
||||
ee = "nvim $(fzf)";
|
||||
g = "git";
|
||||
l = "ls";
|
||||
lg = "lazygit";
|
||||
ll = "ls -al";
|
||||
|
||||
done = "curl -d 'Done' ntfy.sh/tasiaiso_done";
|
||||
rebuild = "sudo nixos-rebuild switch --flake .#$(cat /etc/hostname)";
|
||||
};
|
||||
|
||||
home.packages = with pkgs; [
|
||||
# Development
|
||||
rustc
|
||||
|
|
|
|||
|
|
@ -28,6 +28,7 @@ in {
|
|||
../../common/components/de/hyprland.nix
|
||||
|
||||
../../common/programs/steam.nix
|
||||
../../common/services/auditd.nix
|
||||
../../common/services/adguardhome.nix
|
||||
../../common/services/syncthing.nix
|
||||
../../common/services/usbguard.nix
|
||||
|
|
@ -37,11 +38,6 @@ in {
|
|||
../../home/tasia/home.nix
|
||||
];
|
||||
|
||||
boot.initrd.availableKernelModules = [
|
||||
# Btrfs CRC hardware acceleration
|
||||
"crc32c-intel"
|
||||
];
|
||||
|
||||
networking = {
|
||||
hostName = "yaseen";
|
||||
|
||||
|
|
@ -90,10 +86,6 @@ in {
|
|||
# inputs.nix-software-center.packages.${system}.nix-software-center
|
||||
];
|
||||
|
||||
virtualisation.virtualbox.host.enable = true;
|
||||
|
||||
services.blueman.enable = true;
|
||||
|
||||
# https://nixos.wiki/wiki/FAQ/When_do_I_update_stateVersion
|
||||
system.stateVersion = "23.11";
|
||||
}
|
||||
|
|
|
|||
Loading…
Reference in a new issue