aboutsummaryrefslogtreecommitdiffstats
path: root/hosts/common/optional
diff options
context:
space:
mode:
Diffstat (limited to 'hosts/common/optional')
-rw-r--r--hosts/common/optional/google-authenticator.nix23
-rw-r--r--hosts/common/optional/pipewire.nix24
-rw-r--r--hosts/common/optional/services/openssh.nix11
-rw-r--r--hosts/common/optional/services/xorg.nix21
-rw-r--r--hosts/common/optional/zfs.nix6
5 files changed, 85 insertions, 0 deletions
diff --git a/hosts/common/optional/google-authenticator.nix b/hosts/common/optional/google-authenticator.nix
new file mode 100644
index 0000000..7380d1b
--- /dev/null
+++ b/hosts/common/optional/google-authenticator.nix
@@ -0,0 +1,23 @@
+{ pkgs, ... }:
+{
+ environment.systemPackages = builtins.attrValues {
+ inherit (pkgs)
+ #other
+ google-authenticator;
+ };
+
+ security.pam.services = {
+ chfn.googleAuthenticator.enable = true;
+ chsh.googleAuthenticator.enable = true;
+ cups.googleAuthenticator.enable = true;
+ lightdm.googleAuthenticator.enable = true;
+ login.googleAuthenticator.enable = true;
+ other.googleAuthenticator.enable = true;
+ sshd.googleAuthenticator.enable = true;
+ su.googleAuthenticator.enable = true;
+ sudo.googleAuthenticator.enable = true;
+ vlock.googleAuthenticator.enable = true;
+ xlock.googleAuthenticator.enable = true;
+ xscreensaver.googleAuthenticator.enable = true;
+ };
+}
diff --git a/hosts/common/optional/pipewire.nix b/hosts/common/optional/pipewire.nix
new file mode 100644
index 0000000..27b2a09
--- /dev/null
+++ b/hosts/common/optional/pipewire.nix
@@ -0,0 +1,24 @@
+{ pkgs, ... }:
+{
+ sound.enable = true;
+ hardware.pulseaudio.enable = false;
+ security.rtkit.enable = true;
+ services.pipewire = {
+ enable = true;
+ alsa.enable = true;
+ alsa.support32Bit = true;
+ pulse.enable = true;
+ wireplumber.enable = true;
+ jack.enable = true;
+
+ # use the example session manager (no others are packaged yet so this is enabled by default,
+ # no need to redefine it in your config for now)
+ # media-session.enable = true;
+ };
+
+ environment.systemPackages = builtins.attrValues {
+ inherit (pkgs)
+ pamixer
+ pavucontrol;
+ };
+}
diff --git a/hosts/common/optional/services/openssh.nix b/hosts/common/optional/services/openssh.nix
new file mode 100644
index 0000000..33cdbac
--- /dev/null
+++ b/hosts/common/optional/services/openssh.nix
@@ -0,0 +1,11 @@
+{
+ services.openssh = {
+ enable = true;
+ openFirewall = true;
+ settings = {
+ KbdInteractiveAuthentication = false;
+ PasswordAuthentication = false;
+ PermitRootLogin = "yes";
+ };
+ };
+}
diff --git a/hosts/common/optional/services/xorg.nix b/hosts/common/optional/services/xorg.nix
new file mode 100644
index 0000000..ebca5ea
--- /dev/null
+++ b/hosts/common/optional/services/xorg.nix
@@ -0,0 +1,21 @@
+{
+ services.xserver = {
+ displayManager.defaultSession = "xsession";
+ displayManager.lightdm = {
+ enable = true;
+ extraSeatDefaults = ''greeter-hide-users=true'';
+ };
+ displayManager.session = [
+ {
+ manage = "desktop";
+ name = "xsession";
+ start = ''exec $HOME/.xsession'';
+ }
+ ];
+ enable = true;
+ libinput.enable = true;
+ videoDrivers = [ "amdgpu" ];
+ xkb.layout = "us";
+ xkb.options = "caps:super,compose:ralt";
+ };
+}
diff --git a/hosts/common/optional/zfs.nix b/hosts/common/optional/zfs.nix
new file mode 100644
index 0000000..a2d978d
--- /dev/null
+++ b/hosts/common/optional/zfs.nix
@@ -0,0 +1,6 @@
+{
+ services.zfs = {
+ autoScrub.enable = true;
+ trim.enable = true;
+ };
+}