uuuupdate

2024-10-06 02:44:35 +02:00 · 2024-10-06 02:44:35 +02:00 · 63c50cfa2a
commit 63c50cfa2a
parent 6e143facef
27 changed files with 314 additions and 257 deletions
--- a/modules/sec_auth/firejail.nix
+++ b/modules/sec_auth/firejail.nix
@ -1,9 +1,8 @@
 # TODO refine firejail it seems that / is not shielded enough and app armor does not work
-{ pkgs, ... }:
-{
+{pkgs, ...}: {
  programs.firejail = {
-  enable = true;
-  wrappedBinaries = {
+    enable = true;
+    wrappedBinaries = {
      firefox = {
        executable = "${pkgs.firefox}/bin/firefox";
        profile = "${pkgs.firejail}/etc/firejail/firefox.profile";
@ -51,11 +50,10 @@
    };
  };
  environment.etc = {
-  "firejail/brave.local".text = ''
+    "firejail/brave.local".text = ''
      whitelist ''${HOME}/.config/brave
      whitelist ''${HOME}/.local
      whitelist ''${HOME}/Downloads
-  '';
+    '';
  };
-
 }
--- a/modules/sec_auth/login-manager.nix
+++ b/modules/sec_auth/login-manager.nix
@ -1,5 +1,4 @@
-{ pkgs, ... }:
-{
+{pkgs, ...}: {
  # Enable touchpad support (enabled default in most desktopManager).
  # services.xserver.libinput.enable = true;
  services.greetd = {
@ -7,14 +6,14 @@
    vt = 7;
    settings = {
      default_session = {
-        command = ''${pkgs.greetd.tuigreet}/bin/tuigreet \
-	  --time \
-	  --time-format '%Y-%m-%dT%H:%M:%S %A' \
-	  --remember \
-	  --user-menu \
-	  --theme 'border=lightgreen;text=lightgreen;prompt=lightgreen;time=lightgreen;action=lightgreen;button=lightgreen;input=lightgreen' \
-	  --cmd hyprland'';
-	  # removed elements from theme: container
+        command = ''          ${pkgs.greetd.tuigreet}/bin/tuigreet \
+          	  --time \
+          	  --time-format '%Y-%m-%dT%H:%M:%S %A' \
+          	  --remember \
+          	  --user-menu \
+          	  --theme 'border=lightgreen;text=lightgreen;prompt=lightgreen;time=lightgreen;action=lightgreen;button=lightgreen;input=lightgreen' \
+          	  --cmd hyprland'';
+        # removed elements from theme: container
        user = "greeter";
      };
    };
--- a/modules/sec_auth/ssh.nix
+++ b/modules/sec_auth/ssh.nix
@ -1,5 +1,4 @@
-{ pkgs, ... }:
-{
+{pkgs, ...}: {
  programs.ssh = {
    startAgent = true;
    enableAskPassword = true;
@ -18,7 +17,6 @@
    lxqt.lxqt-openssh-askpass
  ];

-
  # Some programs need SUID wrappers, can be configured further or are
  # started in user sessions.
  # programs.mtr.enable = true;
--- a/modules/sec_auth/users_and_permissions.nix
+++ b/modules/sec_auth/users_and_permissions.nix
@ -1,10 +1,9 @@
-{ pkgs, ... }:
-{
+{pkgs, ...}: {
  # Define a user account. Don't forget to set a password with ‘passwd’.
  users.users.ranomier = {
    isNormalUser = true;
    description = "Ranomier";
-    extraGroups = [ "networkmanager" "wheel" ];
+    extraGroups = ["networkmanager" "wheel"];
    #packages = with pkgs; [];
  };

@ -23,14 +22,14 @@
  # This is using a rec (recursive) expression to set and access XDG_BIN_HOME within the expression
  # For more on rec expressions see https://nix.dev/tutorials/first-steps/nix-language#recursive-attribute-set-rec
  environment.sessionVariables = rec {
-    XDG_CACHE_HOME  = "$HOME/.cache";
+    XDG_CACHE_HOME = "$HOME/.cache";
    XDG_CONFIG_HOME = "$HOME/.config";
-    XDG_DATA_HOME   = "$HOME/.local/share";
-    XDG_STATE_HOME  = "$HOME/.local/state";
+    XDG_DATA_HOME = "$HOME/.local/share";
+    XDG_STATE_HOME = "$HOME/.local/state";

    # Not officially in the specification
-    XDG_BIN_HOME    = "$HOME/.local/mybin";
-    PATH = [ 
+    XDG_BIN_HOME = "$HOME/.local/mybin";
+    PATH = [
      "${XDG_BIN_HOME}"
    ];
  };
@ -48,7 +47,6 @@

  security.apparmor.enable = true;

-
  # Some programs need SUID wrappers, can be configured further or are
  # started in user sessions.
  # programs.mtr.enable = true;