From e01f3c7cdc0a727514432a0610dca55c1db549fb Mon Sep 17 00:00:00 2001 From: Felix Schulze Date: Tue, 17 Jun 2025 12:22:23 +0200 Subject: [PATCH] make amdgpu & stateversion host-specific, fix yubikey --- hosts/wildfire/configuration.nix | 17 ++++++++++++++--- modules/common.nix | 17 ++++++++++------- modules/desktops/hyprland-desktop.nix | 2 +- 3 files changed, 25 insertions(+), 11 deletions(-) diff --git a/hosts/wildfire/configuration.nix b/hosts/wildfire/configuration.nix index eec7a95..e1510e8 100644 --- a/hosts/wildfire/configuration.nix +++ b/hosts/wildfire/configuration.nix @@ -16,11 +16,14 @@ graphics.enable = true; }; - # Network security specific to wildfire + # AMD GPU kernel module + boot.initrd.kernelModules = ["amdgpu"]; + + # Network security specific to host networking.firewall.allowedTCPPorts = []; networking.firewall.allowedUDPPorts = []; - # Wildfire-specific packages + # host-specific packages environment.systemPackages = with pkgs; [ lact multiviewer-for-f1 @@ -30,7 +33,7 @@ ardour ]; - # Wildfire-specific Systemd services + # host-specific Systemd services systemd.services.lact = { description = "AMDGPU Control Daemon"; after = ["multi-user.target"]; @@ -40,4 +43,12 @@ }; enable = true; }; + + # This value determines the NixOS release from which the default + # settings for stateful data, like file locations and database versions + # on your system were taken. It‘s perfectly fine and recommended to leave + # this value at the release version of the first install of this system. + # Before changing this value read the documentation for this option + # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). + system.stateVersion = "23.11"; } diff --git a/modules/common.nix b/modules/common.nix index 6c82b48..35f8826 100644 --- a/modules/common.nix +++ b/modules/common.nix @@ -8,7 +8,7 @@ users.schulze = { isNormalUser = true; description = "Felix Schulze"; - extraGroups = ["networkmanager" "wheel" "docker"]; + extraGroups = ["networkmanager" "wheel" "docker" "plugdev"]; shell = pkgs.fish; }; groups.libvirtd.members = ["schulze"]; @@ -18,7 +18,6 @@ boot = { loader.systemd-boot.enable = true; loader.efi.canTouchEfiVariables = true; - initrd.kernelModules = ["amdgpu"]; kernelPackages = pkgs.linuxPackages_latest; }; @@ -123,6 +122,12 @@ firefox = { executable = "${pkgs.lib.getBin pkgs.firefox}/bin/firefox"; profile = "${pkgs.firejail}/etc/firejail/firefox.profile"; + extraArgs = [ + # Required for U2F USB stick + "--ignore=private-dev" + # Enable system notifications + "--dbus-user.talk=org.freedesktop.Notifications" + ]; }; chromium = { executable = "${pkgs.lib.getBin pkgs.ungoogled-chromium}/bin/chromium"; @@ -130,9 +135,7 @@ }; }; }; - - # This value determines the NixOS release from which the default - # settings for stateful data, like file locations and database versions - # on your system were taken. - system.stateVersion = "23.11"; +# Yubikey Settings + services.yubikey-agent.enable = true; +security.pam.u2f.enable =true ; } diff --git a/modules/desktops/hyprland-desktop.nix b/modules/desktops/hyprland-desktop.nix index 4557f76..232c667 100644 --- a/modules/desktops/hyprland-desktop.nix +++ b/modules/desktops/hyprland-desktop.nix @@ -4,7 +4,7 @@ enable = true; displayManager.gdm.enable = false; }; - + # Greetd is lightweight and Wayland-native greetd.enable = true; upower.enable = true;