+7 -7

modules/nixos/by-category/gui/programs.nix

··· 5 5 inputs, 6 6 ... 7 7 }: let 8 8 - chromium_policy = ../../home-manager/sources/.config/chromium/policies/managed/defaultExtensions.json; 9 9 - brave_policy = ../../home-manager/sources/.config/brave/policies/managed/DisableBraveRewardsWalletAI.json; 8 8 + chromium_policy = ../../../home-manager/sources/.config/chromium/policies/managed/defaultExtensions.json; 9 9 + brave_policy = ../../../home-manager/sources/.config/brave/policies/managed/DisableBraveRewardsWalletAI.json; 10 10 in { 11 11 imports = [ 12 12 { ··· 22 22 config = lib.mkIf config.teq.nixos.gui.enable { 23 23 programs = { 24 24 appimage = { 25 25 - enable = lib.lib.mkDefault true; 26 26 - binfmt = lib.lib.mkDefault true; # NixOS-specific option 25 25 + enable = lib.mkDefault true; 26 26 + binfmt = lib.mkDefault true; # NixOS-specific option 27 27 package = pkgs.appimage-run.override { 28 28 extraPkgs = pkgs: [pkgs.ffmpeg pkgs.imagemagick]; 29 29 }; 30 30 }; 31 31 fuse = { 32 32 - userAllowOther = lib.lib.mkDefault true; # Allow non-root users to specify the allow_other or allow_root mount options, see mount.fuse3(8). Might not be needed 33 33 - mountMax = lib.lib.mkDefault 32000; # Set the maximum number of FUSE mounts allowed to non-root users. Integer between 0 and 32767, default 1000 32 32 + userAllowOther = lib.mkDefault true; # Allow non-root users to specify the allow_other or allow_root mount options, see mount.fuse3(8). Might not be needed 33 33 + mountMax = lib.mkDefault 32000; # Set the maximum number of FUSE mounts allowed to non-root users. Integer between 0 and 32767, default 1000 34 34 }; 35 35 - virt-manager.enable = lib.lib.mkDefault true; 35 35 + virt-manager.enable = lib.mkDefault true; 36 36 }; 37 37 38 38 environment.systemPackages = with pkgs; [

+5 -5

modules/nixos/by-category/hardware.nix

··· 22 22 }; 23 23 }; 24 24 earlyoom.enable = lib.mkDefault true; # RAM is a kind of hardware 25 25 + hardware.bolt.enable = lib.mkDefault true; # Thunderbolt 3 device manager 25 26 }; 27 27 + hardware.bluetooth.enable = lib.mkDefault true; # enables support for Bluetooth 28 28 + # hardware.bluetooth.package = pkgs.bluez; # selects the Bluetooth package to use 29 29 + hardware.bluetooth.powerOnBoot = lib.mkDefault true; # powers up the default Bluetooth controller on boot 30 30 + hardware.logitech.wireless.enable = lib.mkDefault true; # Linux devices manager for the Logitech Unifying Receiver 26 31 # programs = { 27 32 # }; 28 33 environment.systemPackages = with pkgs; [ 29 34 logiops # Unofficial userspace driver for HID++ Logitech devices 30 35 ]; 31 31 - hardware.bolt.enable = lib.mkDefault true; # Thunderbolt 3 device manager 32 32 - hardware.bluetooth.enable = lib.mkDefault true; # enables support for Bluetooth 33 33 - # hardware.bluetooth.package = pkgs.bluez; # selects the Bluetooth package to use 34 34 - hardware.bluetooth.powerOnBoot = lib.mkDefault true; # powers up the default Bluetooth controller on boot 35 35 - hardware.logitech.wireless.enable = lib.mkDefault true; # Linux devices manager for the Logitech Unifying Receiver 36 36 }; 37 37 }

+29 -27

modules/nixos/by-category/networking.nix

··· 37 37 }; 38 38 # environment.systemPackages = with pkgs; [ 39 39 # ]; 40 40 - networkmanager.enable = lib.mkDefault true; 41 41 - useDHCP = lib.mkDefault true; # Attempt to enable DHCP on all interfaces 42 42 - wireless.enable = lib.mkDefault false; # Enables wireless support via wpa_supplicant. 43 43 - wireless.userControlled.enable = lib.mkDefault true; # Allow normal users to control wpa_supplicant through wpa_gui or wpa_cli. 44 44 - stevenblack = lib.mkIf config.teq.nixos.blocklist { 45 45 - enable = true; 46 46 - block = [ 47 47 - "fakenews" 48 48 - "gambling" 49 49 - "porn" 50 50 - # "social" 51 51 - ]; 52 52 - }; 53 53 - firewall = { 54 54 - enable = true; 55 55 - allowedTCPPortRanges = [ 56 56 - { 57 57 - from = 1714; 58 58 - to = 1764; 59 59 - } # KDE Connect 60 60 - ]; 61 61 - allowedUDPPortRanges = [ 62 62 - { 63 63 - from = 1714; 64 64 - to = 1764; 65 65 - } # KDE Connect 66 66 - ]; 40 40 + networking = { 41 41 + networkmanager.enable = lib.mkDefault true; 42 42 + useDHCP = lib.mkDefault true; # Attempt to enable DHCP on all interfaces 43 43 + wireless.enable = lib.mkDefault false; # Enables wireless support via wpa_supplicant. 44 44 + wireless.userControlled.enable = lib.mkDefault true; # Allow normal users to control wpa_supplicant through wpa_gui or wpa_cli. 45 45 + stevenblack = lib.mkIf config.teq.nixos.blocklist { 46 46 + enable = true; 47 47 + block = [ 48 48 + "fakenews" 49 49 + "gambling" 50 50 + "porn" 51 51 + # "social" 52 52 + ]; 53 53 + }; 54 54 + firewall = { 55 55 + enable = true; 56 56 + allowedTCPPortRanges = [ 57 57 + { 58 58 + from = 1714; 59 59 + to = 1764; 60 60 + } # KDE Connect 61 61 + ]; 62 62 + allowedUDPPortRanges = [ 63 63 + { 64 64 + from = 1714; 65 65 + to = 1764; 66 66 + } # KDE Connect 67 67 + ]; 68 68 + }; 67 69 }; 68 70 }; 69 71 }

+11 -11

modules/nixos/by-category/security.nix

··· 20 20 extraConfig = lib.mkDefault '' 21 21 Defaults lecture = never 22 22 ''; 23 23 - doas = { 24 24 - enable = true; 25 25 - wheelNeedsPassword = false; 26 26 - extraRules = [ 27 27 - { 28 28 - users = ["teq"]; # TODO: Add userinfo list variable 29 29 - keepEnv = true; 30 30 - persist = true; 31 31 - } 32 32 - ]; 33 33 - }; 23 23 + }; 24 24 + doas = { 25 25 + enable = true; 26 26 + wheelNeedsPassword = false; 27 27 + extraRules = [ 28 28 + { 29 29 + users = ["teq"]; # TODO: Add userinfo list variable 30 30 + keepEnv = true; 31 31 + persist = true; 32 32 + } 33 33 + ]; 34 34 }; 35 35 }; 36 36 };