From 1ca6189cfd201815e6019b187b9f8e451f4e03ca Mon Sep 17 00:00:00 2001 From: Kat Inskip Date: Sun, 29 Jan 2023 10:02:24 -0800 Subject: [PATCH] feat: further fixups --- kat/gui/gtk.nix | 2 +- kat/gui/mako.nix | 2 +- kat/gui/sway.nix | 4 ++-- kat/gui/swaylock.nix | 2 +- kat/gui/waybar.sass | 2 +- modules/home/base16.nix | 4 ++-- nixos/common/access.nix | 41 ++++++++++++++++++++++++++++------------ nixos/common/network.nix | 8 +++++--- nixos/gui/fonts.nix | 9 +++------ systems/default.nix | 2 +- 10 files changed, 46 insertions(+), 30 deletions(-) diff --git a/kat/gui/gtk.nix b/kat/gui/gtk.nix index ccb579ff..a1378615 100644 --- a/kat/gui/gtk.nix +++ b/kat/gui/gtk.nix @@ -6,7 +6,7 @@ gtk = { enable = true; font = { - name = "Iosevka Comfy"; + name = "Iosevka"; size = 9; }; iconTheme = { diff --git a/kat/gui/mako.nix b/kat/gui/mako.nix index 73331c36..b2ff644d 100644 --- a/kat/gui/mako.nix +++ b/kat/gui/mako.nix @@ -18,7 +18,7 @@ in { programs.mako = { enable = true; - font = "Iosevka Comfy 10"; + font = "Iosevka 10"; defaultTimeout = 3000; borderColor = palette.base08; backgroundColor = "${palette.base00}BF"; diff --git a/kat/gui/sway.nix b/kat/gui/sway.nix index 5d40d0a3..f0267c7d 100644 --- a/kat/gui/sway.nix +++ b/kat/gui/sway.nix @@ -117,9 +117,9 @@ in { }; fonts = { - names = [ "Iosevka Comfy"]; + names = [ "Iosevka"]; style = "Regular"; - size = 10.0; + size = 12.0; }; terminal = "${pkgs.wezterm}/bin/wezterm"; diff --git a/kat/gui/swaylock.nix b/kat/gui/swaylock.nix index 7974c383..79981d8b 100644 --- a/kat/gui/swaylock.nix +++ b/kat/gui/swaylock.nix @@ -9,7 +9,7 @@ indicator = true; indicator-radius = 110; indicator-thickness = 8; - font = "Iosevka Comfy"; + font = "Iosevka"; font-size = "12px"; clock = true; datestr = "%F"; diff --git a/kat/gui/waybar.sass b/kat/gui/waybar.sass index af2695f9..b0e9d35f 100644 --- a/kat/gui/waybar.sass +++ b/kat/gui/waybar.sass @@ -7,7 +7,7 @@ border: none border-radius: 0 background: none - font-family: "Iosevka Comfy", "Font Awesome 6 Free", "Font Awesome 6 Brands" + font-family: "Iosevka", "Font Awesome 6 Free", "Font Awesome 6 Brands" font-size: $font_size min-height: 8px text-shadow: none diff --git a/modules/home/base16.nix b/modules/home/base16.nix index befe2633..4b9c51e1 100644 --- a/modules/home/base16.nix +++ b/modules/home/base16.nix @@ -14,8 +14,8 @@ in with lib; { variables = mkOption { type = attrsOf str; default = (cfg.palette // cfg.palette' // { - term_font = "Iosevka Comfy"; - font = "Iosevka Comfy"; + term_font = "Iosevka"; + font = "Iosevka"; font_size = "12px"; }); }; diff --git a/nixos/common/access.nix b/nixos/common/access.nix index 256edfad..eaab32c9 100644 --- a/nixos/common/access.nix +++ b/nixos/common/access.nix @@ -2,17 +2,34 @@ # TODO: solve lib usage inherit (lib.lists) concatLists elem; inherit (lib.attrsets) mapAttrsToList; +commonUser = { + shell = pkgs.zsh; + openssh.authorizedKeys.keys = concatLists (mapAttrsToList + (name: user: + if elem "wheel" user.extraGroups then + user.openssh.authorizedKeys.keys + else + [ ]) + config.users.users); +}; in { - users.users.root = { - shell = pkgs.zsh; - hashedPassword = - "$6$i28yOXoo$/WokLdKds5ZHtJHcuyGrH2WaDQQk/2Pj0xRGLgS8UcmY2oMv3fw2j/85PRpsJJwCB2GBRYRK5LlvdTleHd3mB."; - openssh.authorizedKeys.keys = concatLists (mapAttrsToList - (name: user: - if elem "wheel" user.extraGroups then - user.openssh.authorizedKeys.keys - else - [ ]) - config.users.users); + security.sudo.extraRules = [{ + users = [ "deploy" ]; + commands = [ { + command = "ALL"; + options = [ + "NOPASSWD" + "SETENV" + ]; + } ]; + }]; + users.users = { + root = commonUser // { + hashedPassword = + "$6$i28yOXoo$/WokLdKds5ZHtJHcuyGrH2WaDQQk/2Pj0xRGLgS8UcmY2oMv3fw2j/85PRpsJJwCB2GBRYRK5LlvdTleHd3mB."; + }; + deploy = commonUser // { + isNormalUser = true; + }; }; - } +} diff --git a/nixos/common/network.nix b/nixos/common/network.nix index fc84ef59..71114927 100644 --- a/nixos/common/network.nix +++ b/nixos/common/network.nix @@ -1,5 +1,7 @@ -_: { - networking.nftables.enable = true; - +{ machine, ... }: { + networking = { + hostName = machine; + nftables.enable = true; + }; services.tailscale.enable = true; } diff --git a/nixos/gui/fonts.nix b/nixos/gui/fonts.nix index 3aaf7f08..8b1a165e 100644 --- a/nixos/gui/fonts.nix +++ b/nixos/gui/fonts.nix @@ -1,12 +1,9 @@ { pkgs, ... }: { fonts = { - fonts = (with pkgs; [ + fonts = with pkgs; [ twitter-color-emoji - ]) ++ (with pkgs.iosevka-comfy; [ - comfy - comfy-motion - comfy-wide - ]); + iosevka-bin + ]; enableDefaultFonts = true; fontDir.enable = true; fontconfig = { diff --git a/systems/default.nix b/systems/default.nix index b27d2a83..bde2307b 100644 --- a/systems/default.nix +++ b/systems/default.nix @@ -123,7 +123,7 @@ }; hostname = "${name}.inskip.me"; sshOpts = ["-p" "${builtins.toString (builtins.head inputs.self.nixosConfigurations.${name}.config.services.openssh.ports)}"]; - sshUser = "root"; + sshUser = "deploy"; user = "root"; autoRollback = true; magicRollback = true;