From 0bf5484e69575267ae2b95179479218d74213810 Mon Sep 17 00:00:00 2001 From: Patrick Date: Fri, 3 Jan 2025 12:56:45 +0100 Subject: [PATCH] feat: uwsm not on ssh login --- config/services/hostapd.nix | 47 +++++++++++++++---------------- users/patrick/default.nix | 5 ++++ users/patrick/wayland/default.nix | 2 +- 3 files changed, 28 insertions(+), 26 deletions(-) diff --git a/config/services/hostapd.nix b/config/services/hostapd.nix index c269ddc..c042a9f 100644 --- a/config/services/hostapd.nix +++ b/config/services/hostapd.nix @@ -17,51 +17,48 @@ ]; boot.kernel.sysctl."net.ipv4.ip_forward" = 1; networking.nftables.firewall.zones.untrusted.interfaces = [ - "lan-home" + "mv-home" + "br-home" ]; hardware.wirelessRegulatoryDatabase = true; # systemd.network = { - # netdevs."40-wifi-home" = { + # netdevs."40-br-home" = { # netdevConfig = { # Name = "br-home"; # Kind = "bridge"; # }; # }; - # networks."10-home-bridge" = { - # networkConfig.LinkLocalAddressing = "no"; - # matchConfig.Name = "lan-home"; + # networks."10-mv-home" = { + # networkConfig = { + # LinkLocalAddressing = "no"; + # IPv6AcceptRA = lib.mkForce false; + # Bridge = "br-home"; + # }; + # matchConfig.Name = "mv-home"; # DHCP = "no"; - # extraConfig = '' - # [Network] - # Bridge=br-home - # ''; # }; - # networks."10-home-" = { + # networks."10-home" = { # matchConfig.Name = "br-home"; # DHCP = "yes"; # }; + # networks."40-wifi" = { + # matchConfig.Name = "wlan1"; + # networkConfig = { + # LinkLocalAddressing = "no"; + # IPv6AcceptRA = lib.mkForce false; + # Bridge = "br-home"; + # }; + # DHCP = "no"; + # }; # }; - # networking.nftables.firewall.zones.wlan.interfaces = [ "wlan1" ]; - # networking.nftables.firewall.zones.home.interfaces = [ "lan-home" ]; + networking.nftables.firewall.zones.wlan.interfaces = [ "wlan1" ]; + networking.nftables.firewall.zones.home.interfaces = [ "mv-home" ]; networking.nftables.firewall.rules.wifi-forward = { from = [ "wlan" ]; to = [ "home" ]; verdict = "accept"; }; - systemd.network.networks."40-wifi" = { - matchConfig.Name = "wlan1"; - address = [ - (lib.net.cidr.hostCidr (globals.services.hostapd.ip + 1) globals.net.vlans.home.cidrv4) - (lib.net.cidr.hostCidr (globals.services.hostapd.ip + 1) globals.net.vlans.home.cidrv6) - ]; - gateway = [ - (lib.net.cidr.host 1 globals.net.vlans.home.cidrv4) - (lib.net.cidr.host 1 globals.net.vlans.home.cidrv6) - ]; - - }; - services.hostapd = { enable = true; radios.wlan1 = { diff --git a/users/patrick/default.nix b/users/patrick/default.nix index 2a5d3cb..f27e597 100644 --- a/users/patrick/default.nix +++ b/users/patrick/default.nix @@ -9,6 +9,11 @@ lib.optionalAttrs (!minimal) { primaryUser = "patrick"; users.users.patrick = { shell = pkgs.zsh; + openssh.authorizedKeys.keys = [ + # Patrick + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDZixkix0KfKuq7Q19whS5FQQg51/AJGB5BiNF/7h/LM" + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHxD4GOrwrBTG4/qQhm5hoSB2CP7W9g1LPWP11oLGOjQ" + ]; isNormalUser = true; createHome = true; extraGroups = [ diff --git a/users/patrick/wayland/default.nix b/users/patrick/wayland/default.nix index f90e829..bf3951a 100644 --- a/users/patrick/wayland/default.nix +++ b/users/patrick/wayland/default.nix @@ -51,7 +51,7 @@ ]; # Autostart compositor if on tty1 (once, don't restart after logout) hm.programs.zsh.initExtra = lib.mkOrder 9999 '' - if uwsm check may-start ; then + if [[ -t 0 && "$(tty || true)" == /dev/tty1 ]] && uwsm check may-start ; then exec systemd-cat -t uwsm_start uwsm start -S -F Hyprland fi '';