blob: 03322003533dbc3f5683f9eeae4128530c9a297b (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
|
{ config, lib, pkgs, ... }:
let
cfg = config.workstation;
sources = import ../../npins;
nixGit = import (pkgs.fetchFromGitHub {
owner = "NixOS";
repo = "nix";
rev = "7a8a28629c61c75af010ff0a5a88c16c4ce536c7";
sha256 = "sha256-oqG9AFPXBneKVmiWa9b9ai0hGZqHVKVFaFLdBZitSUA=";
});
in
{
options.workstation = {
username = lib.mkOption {
type = lib.types.str;
};
};
imports = [
../common
<top/shared/basics-physical.nix>
./graphical.nix
./dev.nix
./create.nix
./android.nix
];
config = {
users.users.${cfg.username} = {
isNormalUser = true;
extraGroups = [
"wheel"
"networkmanager"
"dialout"
];
};
services.getty = {
autologinUser = cfg.username;
autologinOnce = true; # only in the first tty once per boot
};
environment.systemPackages = with pkgs; [
npins
(callPackage "${sources.agenix}/pkgs/agenix.nix" {})
unzip
# Android
android-tools
go-mtpfs
];
environment.sessionVariables = {
# Tell .zshrc to source zshrc-workstation.sh.
MYNIX_PROFILE = "workstation";
};
# Age defaults to this anyway when openssh is enabled.
# We're setting this here for workstations where openssh is disabled.
age.identityPaths = ["/etc/ssh/ssh_host_ed25519_key"];
# Using nix from git for --raw support in nix-instantiate --eval.
# FUTURE: remove once upgrading to NixOS 25.05
nix.package = nixGit.packages.${builtins.currentSystem}.default;
};
}
|
