loki: Several changes:

- Use linuxPackages_latest - Remove TPM2 configuration due to breaking stuff - Remap some buttons on ELECOM trackball - Enable U2F for PAM - Configure some disk stuff for encrypted USB drive
2023-09-11 20:13:44 +02:00 · 2023-09-11 20:13:44 +02:00 · ec9bd24303
commit ec9bd24303
parent b82b0d1204
2 changed files with 42 additions and 10 deletions
--- a/machines/loki/configuration.nix
+++ b/machines/loki/configuration.nix
@ -95,7 +95,7 @@
    initrd.availableKernelModules = [ "nvme" "xhci_pci" "ahci" "usb_storage" "usbhid" "sd_mod" ];
    initrd.kernelModules = [ ];

-    kernelPackages = pkgs.linuxPackages_6_4;
+    kernelPackages = pkgs.linuxPackages_latest;
    kernelModules = [ "kvm-amd" "apple-mfi-fastcharge" "zenpower" "nf_nat_ftp" ];
    kernelParams = [ "amd_pstate.shared_mem=1" ];
    extraModulePackages = [ ] ++
@ -110,16 +110,19 @@
    };
  };

-  security = {
-    tpm2 = {
-      enable = true; # Broken, see https://github.com/NixOS/nixpkgs/issues/244107
-      pkcs11.enable = true;
-      abrmd.enable = true;
-      tctiEnvironment.enable = true;
-    };
-  };
+  services.udev = {
+    extraHwdb = ''
+      evdev:name:ELECOM TrackBall Mouse HUGE TrackBall:*
+        ID_INPUT_KEY=1
+        KEYBOARD_KEY_90008=red
+        KEYBOARD_KEY_90007=copy
+        KEYBOARD_KEY_90006=paste
+    '';

-  users.users.erwin.extraGroups = [ "tss" ];
+    extraRules = ''
+      ACTION=="add", ATTRS{idVendor}=="0951", ATTRS{idProduct}=="1666", NAME=keys
+    '';
+  };

  time.timeZone = "Europe/Amsterdam";

@ -193,6 +196,12 @@
    };
  };

+  security.pam.u2f = {
+    enable = true;
+    # interactive = true;
+    cue = true;
+  };
+
  systemd.network = {
    enable = true;

@ -302,6 +311,12 @@
  services.openssh.enable = true;
  # programs.ssh.startAgent = true;

+  programs.gnome-disks.enable = true;
+
+  services.udisks2 = {
+    enable = true;
+  };
+
  services.envfs.enable = true;
  services.cpupower-gui.enable = true;
  services.tailscale.enable = true;
--- a/users/erwin/home.nix
+++ b/users/erwin/home.nix
@ -251,6 +251,23 @@ in
          };
        };

+        services.udiskie = {
+          enable = true;
+          tray = "auto";
+          notify = true;
+          settings = {
+            program_options = {
+              menu = "nested";
+            };
+            device_config = [
+              {
+                device_file = "/dev/loop*";
+                ignore = true;
+              }
+            ];
+          };
+        };
+
        imports = [
          ../../modules/options
        ] ++ (map (mod: (../../home-manager/modules + "/${mod}")) (builtins.attrNames (builtins.readDir ../../home-manager/modules)));