From 43f696fefd6db4e9e090baeb9c113ceb8af44d53 Mon Sep 17 00:00:00 2001 From: arunoruto Date: Thu, 31 Oct 2024 20:53:53 +0100 Subject: [PATCH] Test turning off fingerprint pams --- .../nixos/hosts-bak/kuchiki/configuration.nix | 66 -------------- .../kuchiki/hardware-configuration.nix | 57 ------------ .../nixos/hosts-bak/kyuubi/configuration.nix | 90 ------------------- .../kyuubi/hardware-configuration.nix | 57 ------------ modules/nixos/hosts-bak/kyuubi/home.nix | 25 ------ modules/nixos/hosts-bak/kyuubi/monitors.xml | 45 ---------- .../hosts-bak/zangetsu/configuration.nix | 73 --------------- .../zangetsu/hardware-configuration.nix | 55 ------------ modules/nixos/hosts-bak/zangetsu/home.nix | 5 -- modules/nixos/security/fingerprint.nix | 41 +++++---- 10 files changed, 22 insertions(+), 492 deletions(-) delete mode 100644 modules/nixos/hosts-bak/kuchiki/configuration.nix delete mode 100644 modules/nixos/hosts-bak/kuchiki/hardware-configuration.nix delete mode 100644 modules/nixos/hosts-bak/kyuubi/configuration.nix delete mode 100644 modules/nixos/hosts-bak/kyuubi/hardware-configuration.nix delete mode 100644 modules/nixos/hosts-bak/kyuubi/home.nix delete mode 100644 modules/nixos/hosts-bak/kyuubi/monitors.xml delete mode 100644 modules/nixos/hosts-bak/zangetsu/configuration.nix delete mode 100644 modules/nixos/hosts-bak/zangetsu/hardware-configuration.nix delete mode 100644 modules/nixos/hosts-bak/zangetsu/home.nix diff --git a/modules/nixos/hosts-bak/kuchiki/configuration.nix b/modules/nixos/hosts-bak/kuchiki/configuration.nix deleted file mode 100644 index be7d27e..0000000 --- a/modules/nixos/hosts-bak/kuchiki/configuration.nix +++ /dev/null @@ -1,66 +0,0 @@ -{ - pkgs, - lib, - ... -}: -{ - imports = [ - ./hardware-configuration.nix - # inputs.nixos-hardware.nixosModules.framework-11th-gen-intel - ../.. - ]; - - # display-manager.enable = lib.mkForce false; - # desktop-environment.enable = lib.mkForce false; - display-manager.enable = false; - desktop-environment.enable = false; - media.enable = true; - nas.enable = true; - - firefox.enable = false; - chrome.enable = false; - steam.enable = false; - - # Set hostname - networking.hostName = lib.mkForce "kuchiki"; # Define your hostname. - - boot = { - kernelModules = [ "amdgpu" ]; - # kernelParams = [ - # #"quiet" - # #"splash" - # "ahci.mobile_lpm_policy=3" - # # For Power consumption - # # https://kvark.github.io/linux/framework/2021/10/17/framework-nixos.html - # "mem_sleep_default=deep" - # ]; - # initrd.kernelModules = ["i915"]; - }; - - hardware = { - opengl.extraPackages = with pkgs; [ - # OpenCL - rocmPackages.clr.icd - # AMDVLK - amdvlk - ]; - }; - # hardware.opengl = { - # enable = true; - # # package = pkgs.unstable.mesa.drivers; - # extraPackages = with pkgs; [ - # intel-compute-runtime - # intel-ocl - # intel-media-driver # LIBVA_DRIVER_NAME=iHD - # intel-vaapi-driver # LIBVA_DRIVER_NAME=i965 (older but works better for Firefox/Chromium) - # vaapiVdpau - # libvdpau-va-gl - # # https://nixos.wiki/wiki/Intel_Graphics - # unstable.vpl-gpu-rt - # intel-media-sdk - # ]; - # }; - # environment.sessionVariables = { - # LIBVA_DRIVER_NAME = "iHD"; - # }; # Force intel-media-driver -} diff --git a/modules/nixos/hosts-bak/kuchiki/hardware-configuration.nix b/modules/nixos/hosts-bak/kuchiki/hardware-configuration.nix deleted file mode 100644 index 7dbaa61..0000000 --- a/modules/nixos/hosts-bak/kuchiki/hardware-configuration.nix +++ /dev/null @@ -1,57 +0,0 @@ -# Do not modify this file! It was generated by ‘nixos-generate-config’ -# and may be overwritten by future invocations. Please make changes -# to /etc/nixos/configuration.nix instead. -{ - config, - lib, - pkgs, - modulesPath, - ... -}: - -{ - imports = [ - (modulesPath + "/installer/scan/not-detected.nix") - ]; - - boot.initrd.availableKernelModules = [ - "xhci_pci" - "ahci" - "nvme" - "usb_storage" - "usbhid" - "sd_mod" - "sr_mod" - ]; - boot.initrd.kernelModules = [ ]; - boot.kernelModules = [ "kvm-amd" ]; - boot.extraModulePackages = [ ]; - - fileSystems."/" = { - device = "/dev/disk/by-uuid/c59f4938-8614-493a-816a-460a4d393fa1"; - fsType = "ext4"; - }; - - fileSystems."/boot" = { - device = "/dev/disk/by-uuid/5093-C009"; - fsType = "vfat"; - options = [ - "fmask=0022" - "dmask=0022" - ]; - }; - - swapDevices = [ ]; - - # Enables DHCP on each ethernet and wireless interface. In case of scripted networking - # (the default) this is the recommended approach. When using systemd-networkd it's - # still possible to use this option, but it's recommended to use it in conjunction - # with explicit per-interface declarations with `networking.interfaces..useDHCP`. - networking.useDHCP = lib.mkDefault true; - # networking.interfaces.enp1s0f0u7u3c2.useDHCP = lib.mkDefault true; - # networking.interfaces.enp6s0.useDHCP = lib.mkDefault true; - # networking.interfaces.enp7s0.useDHCP = lib.mkDefault true; - - nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; - hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; -} diff --git a/modules/nixos/hosts-bak/kyuubi/configuration.nix b/modules/nixos/hosts-bak/kyuubi/configuration.nix deleted file mode 100644 index 6084ec7..0000000 --- a/modules/nixos/hosts-bak/kyuubi/configuration.nix +++ /dev/null @@ -1,90 +0,0 @@ -{ - config, - pkgs, - lib, - username, - ... -}: -let - # monitorsXmlContent = builtins.readFile /home/mar/.config/monitors.xml; - # monitorsConfig = pkgs.writeText "gdm_monitors.xml" monitorsXmlContent; - # monitorsConfig = pkgs.writeText "gdm_monitors.xml" (builtins.readFile /home/${username}/.config/monitors.xml); - monitorsConfig = pkgs.writeText "gdm_monitors.xml" (builtins.readFile ./monitors.xml); -in -{ - imports = [ - ./hardware-configuration.nix - ../.. - ]; - - printing.enable = true; - scanning.enable = true; - - # Define your hostname. - networking.hostName = lib.mkForce "kyuubi"; - - # environment.sessionVariables.FLAKE = "/home/${username}/Development/nix"; - - # Disable Autosuspend for USB Bluetooth dongles - boot = { - kernelModules = [ "snd-hda-intel " ]; - extraModprobeConfig = '' - options btusb enable_autosuspend=n - ''; - }; - - # Enable SSH Daemon - services = { - # openssh = { - # enable = true; - # # require public key authentication for better security - # #settings.PasswordAuthentication = false; - # #settings.KbdInteractiveAuthentication = false; - # #settings.PermitRootLogin = "yes"; - # }; - # xrdp = { - # enable = true; - # defaultWindowManager = "gnome-remote-desktop"; - # openFirewall = true; - # }; - gnome.gnome-remote-desktop.enable = true; - }; - - hardware = { - # Make logitech devices work easier - logitech.wireless = { - enable = true; - enableGraphical = true; - }; - - # Tweaks for keychron - bluetooth = { - enable = true; - settings = { - General = { - FastConnect = true; - Experimental = true; - }; - Policy = { - ReconnectAttempts = 7; - ReconnectIntervals = "1, 2, 3"; - }; - }; - }; - }; - - systemd = { - tmpfiles.rules = [ - "L+ /run/gdm/.config/monitors.xml - - - - ${monitorsConfig}" - ]; - - services.NetworkManager-wait-online = { - serviceConfig = { - ExecStart = [ - "" - "${pkgs.networkmanager}/bin/nm-online -q" - ]; - }; - }; - }; -} diff --git a/modules/nixos/hosts-bak/kyuubi/hardware-configuration.nix b/modules/nixos/hosts-bak/kyuubi/hardware-configuration.nix deleted file mode 100644 index 524cd73..0000000 --- a/modules/nixos/hosts-bak/kyuubi/hardware-configuration.nix +++ /dev/null @@ -1,57 +0,0 @@ -# Do not modify this file! It was generated by ‘nixos-generate-config’ -# and may be overwritten by future invocations. Please make changes -# to /etc/nixos/configuration.nix instead. -{ - config, - lib, - pkgs, - modulesPath, - ... -}: - -{ - imports = [ - (modulesPath + "/installer/scan/not-detected.nix") - ]; - - boot.initrd.availableKernelModules = [ - "ehci_pci" - "ahci" - "firewire_ohci" - "usb_storage" - "usbhid" - "sd_mod" - "sr_mod" - ]; - boot.initrd.kernelModules = [ ]; - boot.kernelModules = [ - "kvm-intel" - "wl" - ]; - boot.extraModulePackages = [ config.boot.kernelPackages.broadcom_sta ]; - - fileSystems."/" = { - device = "/dev/disk/by-uuid/ba3bf1e7-1ec8-4e62-b2f4-9c67976c3eab"; - fsType = "btrfs"; - options = [ "subvol=@" ]; - }; - - fileSystems."/boot" = { - device = "/dev/disk/by-uuid/0081-E962"; - fsType = "vfat"; - }; - - swapDevices = [ - { device = "/dev/disk/by-uuid/af99f525-754c-468e-9aea-3c8f1f007244"; } - ]; - - # Enables DHCP on each ethernet and wireless interface. In case of scripted networking - # (the default) this is the recommended approach. When using systemd-networkd it's - # still possible to use this option, but it's recommended to use it in conjunction - # with explicit per-interface declarations with `networking.interfaces..useDHCP`. - networking.useDHCP = lib.mkDefault true; - # networking.interfaces.eno1.useDHCP = lib.mkDefault true; - - nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; - hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; -} diff --git a/modules/nixos/hosts-bak/kyuubi/home.nix b/modules/nixos/hosts-bak/kyuubi/home.nix deleted file mode 100644 index ccf3318..0000000 --- a/modules/nixos/hosts-bak/kyuubi/home.nix +++ /dev/null @@ -1,25 +0,0 @@ -{ - home.file = { - ".config/monitors.xml".source = ./monitors.xml; - }; - - wayland.windowManager.hyprland.settings = { - monitor = [ - "DP-1, 1920x1080,0x0,1" - "DVI-I-1,1920x1200,-1200x-420,1,transform,1" - ]; - - workspace = [ - "1, monitor:DP-1" - "2, monitor:DP-1" - "3, monitor:DP-1" - "4, monitor:DP-1" - "5, monitor:DP-1" - "6, monitor:DVI-I-1" - "7, monitor:DVI-I-1" - "8, monitor:DVI-I-1" - "9, monitor:DVI-I-1" - "10, monitor:DVI-I-1" - ]; - }; -} diff --git a/modules/nixos/hosts-bak/kyuubi/monitors.xml b/modules/nixos/hosts-bak/kyuubi/monitors.xml deleted file mode 100644 index 1f291c6..0000000 --- a/modules/nixos/hosts-bak/kyuubi/monitors.xml +++ /dev/null @@ -1,45 +0,0 @@ - - - - 1200 - 438 - 1 - yes - - - DP-1 - DEL - DELL P2414H - 36WJX4632D6L - - - 1920 - 1080 - 60.000 - - - - - 0 - 0 - 1 - - left - no - - - - DVI-I-1 - DEL - DELL 2407WFP - UY54573E1DVS - - - 1920 - 1200 - 59.950 - - - - - diff --git a/modules/nixos/hosts-bak/zangetsu/configuration.nix b/modules/nixos/hosts-bak/zangetsu/configuration.nix deleted file mode 100644 index fc536c6..0000000 --- a/modules/nixos/hosts-bak/zangetsu/configuration.nix +++ /dev/null @@ -1,73 +0,0 @@ -{ - inputs, - pkgs, - lib, - ... -}: -{ - imports = [ - ./hardware-configuration.nix - inputs.nixos-hardware.nixosModules.framework-11th-gen-intel - ../.. - ]; - - # Set hostname - networking.hostName = lib.mkForce "zangetsu"; # Define your hostname. - - # Eanble fingerprint for framework laptop - fingerprint.enable = true; - - # Framework specific kernel Params - boot = { - kernelParams = [ - #"quiet" - #"splash" - "ahci.mobile_lpm_policy=3" - # For Power consumption - # https://kvark.github.io/linux/framework/2021/10/17/framework-nixos.html - "mem_sleep_default=deep" - ]; - initrd.kernelModules = [ "i915" ]; - }; - - # Enable TLP and powertop for better battery life - services = { - power-profiles-daemon.enable = false; - tlp = { - enable = true; - settings = { - CPU_BOOST_ON_AC = 1; - CPU_BOOST_ON_BAT = 0; - CPU_SCALING_GOVERNOR_ON_AC = "performance"; - CPU_SCALING_GOVERNOR_ON_BAT = "powersave"; - PCIE_ASPM_ON_BAT = "powersupersave"; - RESTORE_DEVICE_STATE_ON_STARTUP = 1; - RUNTIME_PM_ON_BAT = "auto"; - }; - }; - }; - powerManagement.powertop.enable = true; - - # nixpkgs.config.packageOverrides = pkgs: { - # intel-vaapi-driver = pkgs.intel-vaapi-driver.override {enableHybridCodec = true;}; - # }; - - hardware.opengl = { - enable = true; - # package = pkgs.unstable.mesa.drivers; - extraPackages = with pkgs; [ - intel-compute-runtime - intel-ocl - intel-media-driver # LIBVA_DRIVER_NAME=iHD - intel-vaapi-driver # LIBVA_DRIVER_NAME=i965 (older but works better for Firefox/Chromium) - vaapiVdpau - libvdpau-va-gl - # https://nixos.wiki/wiki/Intel_Graphics - unstable.vpl-gpu-rt - intel-media-sdk - ]; - }; - environment.sessionVariables = { - LIBVA_DRIVER_NAME = "iHD"; - }; # Force intel-media-driver -} diff --git a/modules/nixos/hosts-bak/zangetsu/hardware-configuration.nix b/modules/nixos/hosts-bak/zangetsu/hardware-configuration.nix deleted file mode 100644 index f4133e3..0000000 --- a/modules/nixos/hosts-bak/zangetsu/hardware-configuration.nix +++ /dev/null @@ -1,55 +0,0 @@ -# Do not modify this file! It was generated by ‘nixos-generate-config’ -# and may be overwritten by future invocations. Please make changes -# to /etc/nixos/configuration.nix instead. -{ - config, - lib, - pkgs, - modulesPath, - ... -}: - -{ - imports = [ - (modulesPath + "/installer/scan/not-detected.nix") - ]; - - boot.initrd.availableKernelModules = [ - "xhci_pci" - "thunderbolt" - "nvme" - "usb_storage" - "sd_mod" - ]; - boot.initrd.kernelModules = [ ]; - boot.kernelModules = [ "kvm-intel" ]; - boot.extraModulePackages = [ ]; - - fileSystems."/" = { - device = "/dev/disk/by-uuid/a5766cf8-3b60-4ecd-9ba8-6cb226d5513b"; - fsType = "ext4"; - }; - - fileSystems."/boot" = { - device = "/dev/disk/by-uuid/2ED7-6054"; - fsType = "vfat"; - options = [ - "fmask=0022" - "dmask=0022" - ]; - }; - - swapDevices = [ - { device = "/dev/disk/by-uuid/72ace7c5-ffce-4ec9-87c9-092f99f5cc37"; } - ]; - - # Enables DHCP on each ethernet and wireless interface. In case of scripted networking - # (the default) this is the recommended approach. When using systemd-networkd it's - # still possible to use this option, but it's recommended to use it in conjunction - # with explicit per-interface declarations with `networking.interfaces..useDHCP`. - networking.useDHCP = lib.mkDefault true; - # networking.interfaces.wlp170s0.useDHCP = lib.mkDefault true; - - nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; - hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; -} diff --git a/modules/nixos/hosts-bak/zangetsu/home.nix b/modules/nixos/hosts-bak/zangetsu/home.nix deleted file mode 100644 index 70eae83..0000000 --- a/modules/nixos/hosts-bak/zangetsu/home.nix +++ /dev/null @@ -1,5 +0,0 @@ -{ - wayland.windowManager.hyprland.settings = { - monitor = ",preferred,auto,1.175"; - }; -} diff --git a/modules/nixos/security/fingerprint.nix b/modules/nixos/security/fingerprint.nix index 8ddeee1..a566a35 100644 --- a/modules/nixos/security/fingerprint.nix +++ b/modules/nixos/security/fingerprint.nix @@ -9,27 +9,30 @@ config = lib.mkIf config.fingerprint.enable { # Enable fingerprint support with goodix (framework) - services.fprintd = { - enable = true; - # The following should work, but it does not... - # package = pkgs.fprintd-tod; - # tod = { - # enable = true; - # driver = pkgs.libfprint-2-tod1-goodix; - # }; - }; + # services.fprintd = { + # enable = true; + # # The following should work, but it does not... + # # package = pkgs.fprintd-tod; + # # tod = { + # # enable = true; + # # driver = pkgs.libfprint-2-tod1-goodix; + # # }; + # }; - systemd.services.fprintd = { - wantedBy = [ "multi-user.target" ]; - serviceConfig.Type = "simple"; - }; + # systemd.services.fprintd = { + # wantedBy = [ "multi-user.target" ]; + # serviceConfig.Type = "simple"; + # }; - security.pam.services = { - # Enable fprintd for login, and it seems like for gnome and other stuff... - login.fprintAuth = true; - # If a key is pluged in, prioritse the fprintd instead of a yubikey - sudo.rules.auth.fprintd.order = config.security.pam.services.sudo.rules.auth.u2f.order - 10; - }; + # security.pam.services = { + # login = { + # # Enable fprintd for login, and it seems like for gnome and other stuff... + # fprintAuth = true; + # }; + # # If a key is pluged in, prioritse the fprintd instead of a yubikey + # # sudo.rules.auth.fprintd.order = config.security.pam.services.sudo.rules.auth.u2f.order - 10; + # # sudo.rules.auth.u2f.order = config.security.pam.services.sudo.rules.auth.fprintd.order + 10; + # }; ## we need fwupd 1.9.7 to downgrade the fingerprint sensor firmware # services.fwupd.package =