nixos-config/modules/profiles.nix

98 lines
2.4 KiB
Nix
Raw Normal View History

2021-03-10 03:50:54 +00:00
{ config, pkgs, lib, ... }:
with lib;
let
cfg = config.sconfig.profile;
2021-06-11 20:36:50 +00:00
pkcslib = "${pkgs.opensc}/lib/opensc-pkcs11.so";
2021-06-10 05:13:32 +00:00
in
{
options.sconfig.profile = mkOption {
type = types.enum [ "server" "desktop" ];
};
2021-06-09 23:38:26 +00:00
2021-06-10 05:13:32 +00:00
config = mkMerge [
2021-06-09 23:38:26 +00:00
2021-06-10 05:13:32 +00:00
(mkIf (cfg == "server") {
services.openssh.enable = true;
documentation.nixos.enable = false;
nix.gc = {
automatic = true;
options = "--delete-older-than 30d";
};
})
2021-06-09 23:38:26 +00:00
2021-06-10 05:13:32 +00:00
(mkIf (cfg == "desktop") {
2021-06-11 20:36:50 +00:00
services.pcscd.enable = true;
programs.ssh.startAgent = true;
programs.ssh.agentPKCS11Whitelist = pkcslib;
nixpkgs.overlays = [
(self: super: {
gnome = super.gnome // {
gnome-keyring = super.gnome.gnome-keyring.overrideAttrs (old: {
configureFlags = old.configureFlags ++ [ "--disable-ssh-agent" ];
});
};
})
];
2021-06-10 05:13:32 +00:00
environment.systemPackages = with pkgs; [
brave
gimp
ffmpeg
mpv
tdesktop
element-desktop
pavucontrol
gnome3.dconf-editor
glxinfo
steam-run
2021-06-09 23:38:26 +00:00
2021-06-11 20:36:50 +00:00
pkgs.opensc
(pkgs.writeShellScriptBin "mfa" "exec ssh-add -s${pkcslib}")
2021-06-10 05:13:32 +00:00
(vscode-with-extensions.override {
vscode = vscodium;
vscodeExtensions = with pkgs.vscode-extensions; [
bbenoist.Nix
ms-python.python
ms-vscode.cpptools
ms-azuretools.vscode-docker
];
})
2021-06-09 23:38:26 +00:00
2021-06-10 05:13:32 +00:00
(wrapFirefox firefox-unwrapped {
extraPolicies = {
CaptivePortal = false;
DisablePocket = true;
DisableFirefoxStudies = true;
OfferToSaveLogins = false;
DisableFormHistory = true;
SearchSuggestEnabled = false;
Preferences = {
"extensions.formautofill.available" = { Status = "locked"; Value = "off"; };
"browser.contentblocking.category" = { Status = "locked"; Value = "strict"; };
"network.IDN_show_punycode" = { Status = "locked"; Value = true; };
"browser.zoom.siteSpecific" = { Status = "locked"; Value = false; };
};
};
})
2021-06-09 23:38:26 +00:00
2021-06-10 05:13:32 +00:00
];
2021-06-09 23:38:26 +00:00
2021-06-10 05:13:32 +00:00
programs.steam.enable = true;
2021-06-09 23:38:26 +00:00
2021-06-10 05:13:32 +00:00
virtualisation.docker = { enable = true; enableOnBoot = false; };
2021-06-09 23:38:26 +00:00
2021-06-10 05:13:32 +00:00
boot.loader.timeout =
if config.boot.loader.systemd-boot.enable
then null else lib.mkOverride 9999 99;
})
2021-06-09 23:38:26 +00:00
2021-03-10 03:50:54 +00:00
2021-06-10 05:13:32 +00:00
];
2021-03-10 03:50:54 +00:00
}