patrick/nix-config
1
1
Fork 0
Code Issues Pull requests Projects Wiki Activity

feat: uwsm not on ssh login

Browse source
This commit is contained in:
Patrick 2025-01-03 12:56:45 +01:00
parent 9b2e40d47b
commit 0bf5484e69
Signed by: patrick
GPG key ID: 451F95EFB8BECD0F
3 changed files with 28 additions and 26 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

47
config/services/hostapd.nix
View file

@ -17,51 +17,48 @@
]; ];
boot.kernel.sysctl."net.ipv4.ip_forward" = 1; boot.kernel.sysctl."net.ipv4.ip_forward" = 1;
networking.nftables.firewall.zones.untrusted.interfaces = [ networking.nftables.firewall.zones.untrusted.interfaces = [
"lan-home" "mv-home"
"br-home"
]; ];
hardware.wirelessRegulatoryDatabase = true; hardware.wirelessRegulatoryDatabase = true;
# systemd.network = { # systemd.network = {
# netdevs."40-wifi-home" = { # netdevs."40-br-home" = {
# netdevConfig = { # netdevConfig = {
# Name = "br-home"; # Name = "br-home";
# Kind = "bridge"; # Kind = "bridge";
# }; # };
# }; # };
# networks."10-home-bridge" = { # networks."10-mv-home" = {
# networkConfig.LinkLocalAddressing = "no"; # networkConfig = {
# matchConfig.Name = "lan-home"; # LinkLocalAddressing = "no";
# IPv6AcceptRA = lib.mkForce false;
# Bridge = "br-home";
# };
# matchConfig.Name = "mv-home";
# DHCP = "no"; # DHCP = "no";
# extraConfig = ''
# [Network]
# Bridge=br-home
# '';
# }; # };
# networks."10-home-" = { # networks."10-home" = {
# matchConfig.Name = "br-home"; # matchConfig.Name = "br-home";
# DHCP = "yes"; # DHCP = "yes";
# }; # };
# networks."40-wifi" = {
# matchConfig.Name = "wlan1";
# networkConfig = {
# LinkLocalAddressing = "no";
# IPv6AcceptRA = lib.mkForce false;
# Bridge = "br-home";
# };
# DHCP = "no";
# };
# }; # };
# networking.nftables.firewall.zones.wlan.interfaces = [ "wlan1" ]; networking.nftables.firewall.zones.wlan.interfaces = [ "wlan1" ];
# networking.nftables.firewall.zones.home.interfaces = [ "lan-home" ]; networking.nftables.firewall.zones.home.interfaces = [ "mv-home" ];
networking.nftables.firewall.rules.wifi-forward = { networking.nftables.firewall.rules.wifi-forward = {
from = [ "wlan" ]; from = [ "wlan" ];
to = [ "home" ]; to = [ "home" ];
verdict = "accept"; verdict = "accept";
}; };
systemd.network.networks."40-wifi" = {
matchConfig.Name = "wlan1";
address = [
(lib.net.cidr.hostCidr (globals.services.hostapd.ip + 1) globals.net.vlans.home.cidrv4)
(lib.net.cidr.hostCidr (globals.services.hostapd.ip + 1) globals.net.vlans.home.cidrv6)
];
gateway = [
(lib.net.cidr.host 1 globals.net.vlans.home.cidrv4)
(lib.net.cidr.host 1 globals.net.vlans.home.cidrv6)
];
};
services.hostapd = { services.hostapd = {
enable = true; enable = true;
radios.wlan1 = { radios.wlan1 = {

5
users/patrick/default.nix
View file

@ -9,6 +9,11 @@ lib.optionalAttrs (!minimal) {
primaryUser = "patrick"; primaryUser = "patrick";
users.users.patrick = { users.users.patrick = {
shell = pkgs.zsh; shell = pkgs.zsh;
openssh.authorizedKeys.keys = [
# Patrick
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDZixkix0KfKuq7Q19whS5FQQg51/AJGB5BiNF/7h/LM"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHxD4GOrwrBTG4/qQhm5hoSB2CP7W9g1LPWP11oLGOjQ"
];
isNormalUser = true; isNormalUser = true;
createHome = true; createHome = true;
extraGroups = [ extraGroups = [

2
users/patrick/wayland/default.nix
View file

@ -51,7 +51,7 @@
]; ];
# Autostart compositor if on tty1 (once, don't restart after logout) # Autostart compositor if on tty1 (once, don't restart after logout)
hm.programs.zsh.initExtra = lib.mkOrder 9999 '' hm.programs.zsh.initExtra = lib.mkOrder 9999 ''
if uwsm check may-start ; then if [[ -t 0 && "$(tty || true)" == /dev/tty1 ]] && uwsm check may-start ; then
exec systemd-cat -t uwsm_start uwsm start -S -F Hyprland exec systemd-cat -t uwsm_start uwsm start -S -F Hyprland
fi fi
''; '';