2021-03-10 03:50:54 +00:00
|
|
|
{ config, pkgs, lib, ... }:
|
|
|
|
with lib;
|
|
|
|
let
|
|
|
|
cfg = config.sconfig.profile;
|
2021-06-11 20:36:50 +00:00
|
|
|
|
|
|
|
pkcslib = "${pkgs.opensc}/lib/opensc-pkcs11.so";
|
|
|
|
|
2021-06-10 05:13:32 +00:00
|
|
|
in
|
|
|
|
{
|
|
|
|
options.sconfig.profile = mkOption {
|
|
|
|
type = types.enum [ "server" "desktop" ];
|
|
|
|
};
|
2021-06-09 23:38:26 +00:00
|
|
|
|
2021-06-10 05:13:32 +00:00
|
|
|
config = mkMerge [
|
2021-06-09 23:38:26 +00:00
|
|
|
|
|
|
|
|
2021-06-10 05:13:32 +00:00
|
|
|
(mkIf (cfg == "server") {
|
|
|
|
services.openssh.enable = true;
|
|
|
|
documentation.nixos.enable = false;
|
|
|
|
nix.gc = {
|
|
|
|
automatic = true;
|
|
|
|
options = "--delete-older-than 30d";
|
|
|
|
};
|
|
|
|
})
|
2021-06-09 23:38:26 +00:00
|
|
|
|
|
|
|
|
2021-06-10 05:13:32 +00:00
|
|
|
(mkIf (cfg == "desktop") {
|
2021-06-11 20:36:50 +00:00
|
|
|
services.pcscd.enable = true;
|
|
|
|
programs.ssh.startAgent = true;
|
|
|
|
programs.ssh.agentPKCS11Whitelist = pkcslib;
|
|
|
|
|
|
|
|
nixpkgs.overlays = [
|
|
|
|
(self: super: {
|
|
|
|
gnome = super.gnome // {
|
|
|
|
gnome-keyring = super.gnome.gnome-keyring.overrideAttrs (old: {
|
|
|
|
configureFlags = old.configureFlags ++ [ "--disable-ssh-agent" ];
|
|
|
|
});
|
|
|
|
};
|
|
|
|
})
|
|
|
|
];
|
|
|
|
|
2021-06-10 05:13:32 +00:00
|
|
|
environment.systemPackages = with pkgs; [
|
|
|
|
brave
|
|
|
|
gimp
|
|
|
|
ffmpeg
|
|
|
|
mpv
|
|
|
|
tdesktop
|
|
|
|
element-desktop
|
|
|
|
pavucontrol
|
|
|
|
gnome3.dconf-editor
|
|
|
|
glxinfo
|
|
|
|
steam-run
|
2021-06-09 23:38:26 +00:00
|
|
|
|
2021-06-11 20:36:50 +00:00
|
|
|
pkgs.opensc
|
|
|
|
(pkgs.writeShellScriptBin "mfa" "exec ssh-add -s${pkcslib}")
|
|
|
|
|
2021-06-10 05:13:32 +00:00
|
|
|
(vscode-with-extensions.override {
|
|
|
|
vscode = vscodium;
|
|
|
|
vscodeExtensions = with pkgs.vscode-extensions; [
|
|
|
|
bbenoist.Nix
|
|
|
|
ms-python.python
|
|
|
|
ms-vscode.cpptools
|
|
|
|
ms-azuretools.vscode-docker
|
|
|
|
];
|
|
|
|
})
|
2021-06-09 23:38:26 +00:00
|
|
|
|
2021-06-10 05:13:32 +00:00
|
|
|
(wrapFirefox firefox-unwrapped {
|
|
|
|
extraPolicies = {
|
|
|
|
CaptivePortal = false;
|
|
|
|
DisablePocket = true;
|
|
|
|
DisableFirefoxStudies = true;
|
|
|
|
OfferToSaveLogins = false;
|
|
|
|
DisableFormHistory = true;
|
|
|
|
SearchSuggestEnabled = false;
|
|
|
|
Preferences = {
|
|
|
|
"extensions.formautofill.available" = { Status = "locked"; Value = "off"; };
|
|
|
|
"browser.contentblocking.category" = { Status = "locked"; Value = "strict"; };
|
|
|
|
"network.IDN_show_punycode" = { Status = "locked"; Value = true; };
|
|
|
|
"browser.zoom.siteSpecific" = { Status = "locked"; Value = false; };
|
|
|
|
};
|
|
|
|
};
|
|
|
|
})
|
2021-06-09 23:38:26 +00:00
|
|
|
|
2021-06-10 05:13:32 +00:00
|
|
|
];
|
2021-06-09 23:38:26 +00:00
|
|
|
|
2021-06-10 05:13:32 +00:00
|
|
|
programs.steam.enable = true;
|
2021-06-09 23:38:26 +00:00
|
|
|
|
2021-06-10 05:13:32 +00:00
|
|
|
virtualisation.docker = { enable = true; enableOnBoot = false; };
|
2021-06-09 23:38:26 +00:00
|
|
|
|
2021-06-10 05:13:32 +00:00
|
|
|
hardware.pulseaudio.enable = false;
|
|
|
|
services.pipewire = {
|
|
|
|
enable = true;
|
|
|
|
pulse.enable = true;
|
|
|
|
alsa.enable = true;
|
|
|
|
alsa.support32Bit = true;
|
|
|
|
};
|
2021-06-09 23:38:26 +00:00
|
|
|
|
2021-06-10 05:13:32 +00:00
|
|
|
boot.loader.timeout =
|
|
|
|
if config.boot.loader.systemd-boot.enable
|
|
|
|
then null else lib.mkOverride 9999 99;
|
|
|
|
})
|
2021-06-09 23:38:26 +00:00
|
|
|
|
2021-03-10 03:50:54 +00:00
|
|
|
|
2021-06-10 05:13:32 +00:00
|
|
|
];
|
2021-03-10 03:50:54 +00:00
|
|
|
}
|