From 1fb31bc86d8f011da197928a527c773d82b9d2d4 Mon Sep 17 00:00:00 2001 From: Suyashtnt Date: Fri, 31 May 2024 12:31:25 +0200 Subject: [PATCH] feat: better polkit config --- flake.lock | 84 +++++++++++++++---------------- systems/GAMER-PC/config.nix | 4 -- systems/GAMER-PC/hardware.nix | 5 ++ systems/modules/core/security.nix | 29 ++++++++++- systems/modules/niri.nix | 2 +- users/modules/helix/default.nix | 42 ++++++++-------- 6 files changed, 97 insertions(+), 69 deletions(-) diff --git a/flake.lock b/flake.lock index 81f28d2..af24431 100644 --- a/flake.lock +++ b/flake.lock @@ -206,11 +206,11 @@ ] }, "locked": { - "lastModified": 1716745752, - "narHash": "sha256-8K1R9Yg4r08rYk86Yq+lu3E9L3uRUb4xMqYHgl0VGS0=", + "lastModified": 1717025063, + "narHash": "sha256-dIubLa56W9sNNz0e8jGxrX3CAkPXsq7snuFA/Ie6dn8=", "owner": "ipetkov", "repo": "crane", - "rev": "19ca94ec2d288de334ae932107816b4a97736cd8", + "rev": "480dff0be03dac0e51a8dfc26e882b0d123a450e", "type": "github" }, "original": { @@ -352,11 +352,11 @@ "nixpkgs-stable": "nixpkgs-stable" }, "locked": { - "lastModified": 1716972855, - "narHash": "sha256-u09wfqXJGMpmU6WRo0sYa16wfz/GPr5OQvUFS0VgPJo=", + "lastModified": 1717146521, + "narHash": "sha256-tO5THLapCBZ7IGEeROvPitB1FYTlZK4RO/uCoTn+0q4=", "owner": "nix-community", "repo": "emacs-overlay", - "rev": "30b19743d243f97e0a6d71ff9fe3522e1b7bc581", + "rev": "b95883a0b9701e7d716e5c298e5d7961076301cd", "type": "github" }, "original": { @@ -945,11 +945,11 @@ ] }, "locked": { - "lastModified": 1716930911, - "narHash": "sha256-t4HT5j3Jy7skRB5PINnxcEBCkgE89rGBpwTI7YS4Ffo=", + "lastModified": 1717097707, + "narHash": "sha256-HC5vJ3oYsjwsCaSbkIPv80e4ebJpNvFKQTBOGlHvjLs=", "owner": "nix-community", "repo": "home-manager", - "rev": "a9b36cbe9292a649222b89fdb9ae9907e9c74086", + "rev": "0eb314b4f0ba337e88123e0b1e57ef58346aafd9", "type": "github" }, "original": { @@ -1161,11 +1161,11 @@ "neovide-src": { "flake": false, "locked": { - "lastModified": 1716577622, - "narHash": "sha256-vN4LwJdVU0OWBuG7omDYY3Q6QZ2pTyCxWxFzv9Z1/6I=", + "lastModified": 1717036279, + "narHash": "sha256-VpeS14JtWrhMalj69ZwnUFc1CMKsxhiN+UQTKD+XHbU=", "owner": "neovide", "repo": "neovide", - "rev": "4d567d726ae8c2e89c6f4aa2a652766955bd0746", + "rev": "930128b3f0bc3cf443b742257192c585d85c39a4", "type": "github" }, "original": { @@ -1184,11 +1184,11 @@ "nixpkgs": "nixpkgs" }, "locked": { - "lastModified": 1716827514, - "narHash": "sha256-5qS9Jn3FaEFMGGhS/1mLOUifMFDLPcLczjcdaN7xgyE=", + "lastModified": 1717086148, + "narHash": "sha256-rZyQv0MdYX+tYoGhc5mV4iZb+kGqA93+k3R1BIRiwXk=", "owner": "nix-community", "repo": "neovim-nightly-overlay", - "rev": "7849e018a09688cd71bde887113954b3ce08739c", + "rev": "fe31f9e863e643327e8a5fffa0f4aae9288fd048", "type": "github" }, "original": { @@ -1200,11 +1200,11 @@ "neovim-src": { "flake": false, "locked": { - "lastModified": 1716642936, - "narHash": "sha256-l53vGzYIy6tI1rYBlbxW502sDgpmZ4i/uTdWWtPKPtM=", + "lastModified": 1717058786, + "narHash": "sha256-IuoPQ4AMGvSzo8IT4vFVO5rz6l4GMYxO6nLE0CjClzQ=", "owner": "neovim", "repo": "neovim", - "rev": "52389e724366ebb2fb58f08c657f580900dd09ee", + "rev": "5c33815448e11b514678f39cecc74e68131d4628", "type": "github" }, "original": { @@ -1227,11 +1227,11 @@ "nixpkgs-stable": "nixpkgs-stable_2" }, "locked": { - "lastModified": 1716902970, - "narHash": "sha256-bAQ7meBu5HSL65y5B/1I1ZzbjjTLozUUn6yhZkii6hE=", + "lastModified": 1717104623, + "narHash": "sha256-PW8lAi0HEDbmWLPR7rkxXUf9fX8Xiyl30yfjrf/YtvE=", "owner": "sodiboo", "repo": "niri-flake", - "rev": "2ad8c40e811bb6776b489815036295e57b61d58f", + "rev": "4742fdbe28aa9bac9fdd2638c25cd9602dd35e84", "type": "github" }, "original": { @@ -1260,11 +1260,11 @@ "niri-unstable": { "flake": false, "locked": { - "lastModified": 1716899745, - "narHash": "sha256-TiNlzU5t2MCmT4BGtQprWYxILR6ataQLsw9XNXSo56E=", + "lastModified": 1716990063, + "narHash": "sha256-0Vv125wrFCJgSUSQRqhuHQOopWbOc8ICVeY/d2wAjOg=", "owner": "YaLTeR", "repo": "niri", - "rev": "f2ce84b243e4eae837a97a146fe1d8fcf0e512ca", + "rev": "c8e46b9d172dfa2ca89d82b87055b8e39622f80c", "type": "github" }, "original": { @@ -1311,11 +1311,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1716881121, - "narHash": "sha256-oTf3enbe/lbiNzsyZ8ria+422hx4e/FB3xQcY2LPnJw=", + "lastModified": 1716987116, + "narHash": "sha256-uuEkErFVsFdg2K0cKbNQ9JlFSAm/xYqPr4rbPLI91Y8=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "806e9d4a933dd1e75592e88894d4bd2f296f5bbf", + "rev": "8251761f93d6f5b91cee45ac09edb6e382641009", "type": "github" }, "original": { @@ -1326,11 +1326,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1716588411, - "narHash": "sha256-CdAZ3o459+1mAgILcdJfMBQAwUXupVe2cVTknvxs5kQ=", + "lastModified": 1716941088, + "narHash": "sha256-GKSAGfLNocNTux33YT9GbEXwEewxepwFL+ViX1CrMCQ=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "1a9df4f74273f90d04e621e8516777efcec2802a", + "rev": "6c25325ec30a566f5c0446ceee61ada081903872", "type": "github" }, "original": { @@ -1406,11 +1406,11 @@ }, "nixpkgs-stable": { "locked": { - "lastModified": 1716633019, - "narHash": "sha256-xim1b5/HZYbWaZKyI7cn9TJCM6ewNVZnesRr00mXeS4=", + "lastModified": 1716991068, + "narHash": "sha256-Av0UWCCiIGJxsZ6TFc+OiKCJNqwoxMNVYDBChmhjNpo=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "9d29cd266cebf80234c98dd0b87256b6be0af44e", + "rev": "25cf937a30bf0801447f6bf544fc7486c6309234", "type": "github" }, "original": { @@ -1422,11 +1422,11 @@ }, "nixpkgs-stable_2": { "locked": { - "lastModified": 1716633019, - "narHash": "sha256-xim1b5/HZYbWaZKyI7cn9TJCM6ewNVZnesRr00mXeS4=", + "lastModified": 1716991068, + "narHash": "sha256-Av0UWCCiIGJxsZ6TFc+OiKCJNqwoxMNVYDBChmhjNpo=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "9d29cd266cebf80234c98dd0b87256b6be0af44e", + "rev": "25cf937a30bf0801447f6bf544fc7486c6309234", "type": "github" }, "original": { @@ -1500,11 +1500,11 @@ }, "nixpkgs_4": { "locked": { - "lastModified": 1716509168, - "narHash": "sha256-4zSIhSRRIoEBwjbPm3YiGtbd8HDWzFxJjw5DYSDy1n8=", + "lastModified": 1716948383, + "narHash": "sha256-SzDKxseEcHR5KzPXLwsemyTR/kaM9whxeiJohbL04rs=", "owner": "nixos", "repo": "nixpkgs", - "rev": "bfb7a882678e518398ce9a31a881538679f6f092", + "rev": "ad57eef4ef0659193044870c731987a6df5cf56b", "type": "github" }, "original": { @@ -1680,11 +1680,11 @@ ] }, "locked": { - "lastModified": 1716949111, - "narHash": "sha256-ms3aD3Z2jKd1dk8qd0D/N7C8vFxn6z6LQ1G7cvNTVJ8=", + "lastModified": 1717121863, + "narHash": "sha256-/3sxIe7MZqF/jw1RTQCSmgTjwVod43mmrk84m50MJQ4=", "owner": "oxalica", "repo": "rust-overlay", - "rev": "2e7ccf572ce0f0547d4cf4426de4482936882d0e", + "rev": "2a7b53172ed08f856b8382d7dcfd36a4e0cbd866", "type": "github" }, "original": { diff --git a/systems/GAMER-PC/config.nix b/systems/GAMER-PC/config.nix index 8aaa49f..1e705d8 100644 --- a/systems/GAMER-PC/config.nix +++ b/systems/GAMER-PC/config.nix @@ -26,10 +26,6 @@ glib-networking.enable = true; }; - udev.packages = with pkgs; [ - gnome.gnome-settings-daemon - ]; - openssh = { enable = true; # require public key authentication for better security diff --git a/systems/GAMER-PC/hardware.nix b/systems/GAMER-PC/hardware.nix index bf540ec..b69aaea 100755 --- a/systems/GAMER-PC/hardware.nix +++ b/systems/GAMER-PC/hardware.nix @@ -32,6 +32,11 @@ fsType = "vfat"; }; + fileSystems."/mnt/BulkStorage" = { + device = "/dev/disk/by-uuid/36F2637DF263406B"; + fsType = "ntfs"; + }; + # Enables DHCP on each ethernet and wireless interface. In case of scripted networking # (the default) this is the recommended approach. When using systemd-networkd it's # still possible to use this option, but it's recommended to use it in conjunction diff --git a/systems/modules/core/security.nix b/systems/modules/core/security.nix index 0bb0dca..81f2ecd 100644 --- a/systems/modules/core/security.nix +++ b/systems/modules/core/security.nix @@ -1,4 +1,4 @@ -{...}: { +{pkgs, ...}: { security.pam.loginLimits = [ # Unlimited amount of processes for root { @@ -13,4 +13,31 @@ value = "unlimited"; } ]; + + security.polkit.enable = true; + + systemd = { + user.services.polkit-gnome-authentication-agent-1 = { + description = "polkit-gnome-authentication-agent-1"; + wantedBy = [ "graphical-session.target" ]; + wants = [ "graphical-session.target" ]; + after = [ "graphical-session.target" ]; + serviceConfig = { + Type = "simple"; + ExecStart = "${pkgs.polkit_gnome}/libexec/polkit-gnome-authentication-agent-1"; + Restart = "on-failure"; + RestartSec = 1; + TimeoutStopSec = 10; + }; + }; + }; + + services.udev.packages = with pkgs; [ + gnome.gnome-settings-daemon + qmk-udev-rules + vial + ]; + + # add nushell to list of valid shells + environment.shells = [ pkgs.nushell ]; } diff --git a/systems/modules/niri.nix b/systems/modules/niri.nix index bf23fd7..7a77ada 100644 --- a/systems/modules/niri.nix +++ b/systems/modules/niri.nix @@ -6,6 +6,6 @@ enable = true; package = pkgs.niri-unstable; }; - + systemd.user.services.niri-flake-polkit.enable = false; services.gnome.sushi.enable = true; } diff --git a/users/modules/helix/default.nix b/users/modules/helix/default.nix index 2adfa30..30201ce 100644 --- a/users/modules/helix/default.nix +++ b/users/modules/helix/default.nix @@ -14,28 +14,28 @@ "ui.virtual.inlay-hint.type" = { fg = "base04"; }; "ui.virtual.jump-label" = { fg = "base0F"; }; }; - languages = { - language-server.copilot = { - command = "${pkgs.helix-gpt}/bin/helix-gpt --handler copilot --copilotKey $(cat /run/secrets/copilot/key)"; - }; + # languages = { + # language-server.copilot = { + # command = "${pkgs.helix-gpt}/bin/helix-gpt --handler copilot --copilotKey $(cat /run/secrets/copilot/key)"; + # }; - language = [ - { - name = "rust"; - language-servers = [ - "rust-analyzer" - "copilot" - ]; - } - { - name = "typescript"; - language-servers = [ - "typescript-language-server" - "copilot" - ]; - } - ]; - }; + # language = [ + # { + # name = "rust"; + # language-servers = [ + # "rust-analyzer" + # "copilot" + # ]; + # } + # { + # name = "typescript"; + # language-servers = [ + # "typescript-language-server" + # "copilot" + # ]; + # } + # ]; + # }; settings = { theme = lib.mkForce "stylix-edit"; editor = {