diff --git a/flake.lock b/flake.lock index e1c84df..553a9ce 100644 --- a/flake.lock +++ b/flake.lock @@ -105,18 +105,14 @@ ] }, "locked": { - "lastModified": 1772870050, - "narHash": "sha256-il+K3xjwpb68ojPNt5yEF+TqTHWAiIBaXU0QMhw5ek8=", - "owner": "cry128", - "repo": "cerulean", - "rev": "7bd81f84e6c0c47e62e3498508e018d2a1a8c7e4", - "type": "github" + "lastModified": 1772890888, + "narHash": "sha256-fJ73wGR6h71ItlUIXlHvQpGbbwE6WA5Bjjs3n4kJ6tM=", + "path": "/home/me/cry/mk/cerulean", + "type": "path" }, "original": { - "owner": "cry128", - "ref": "bleeding", - "repo": "cerulean", - "type": "github" + "path": "/home/me/cry/mk/cerulean", + "type": "path" } }, "curl-src": { diff --git a/flake.nix b/flake.nix index cd28d3d..c901398 100644 --- a/flake.nix +++ b/flake.nix @@ -16,7 +16,8 @@ nt.url = "git+https://tearforge.net/cry/nt"; cerulean = { - url = "github:cry128/cerulean/bleeding"; + # url = "github:cry128/cerulean/bleeding"; + url = "/home/me/cry/mk/cerulean"; inputs = { nt.follows = "nt"; systems.follows = "systems"; diff --git a/groups/all/default.nix b/groups/all/default.nix index fac958f..0ba6d11 100644 --- a/groups/all/default.nix +++ b/groups/all/default.nix @@ -7,9 +7,10 @@ ./modules/flatpak.nix ]; - # NOTE: mkDefault is 1000 and mkForce is 50 - # NOTE: so this is like a second mkDefault - security.sudo.wheelNeedsPassword = true; + security.sudo-rs = { + enable = true; + wheelNeedsPassword = lib.mkOverride 200 true; + }; networking = { networkmanager.enable = true; diff --git a/groups/cryos/default.nix b/groups/cryos/default.nix index 1f37683..cadbee6 100644 --- a/groups/cryos/default.nix +++ b/groups/cryos/default.nix @@ -86,10 +86,7 @@ }; }; - security = { - rtkit.enable = true; # I *think* this is for pipewire - sudo.wheelNeedsPassword = lib.mkDefault true; - }; + security.rtkit.enable = true; # I *think* this is for pipewire # ---- ENVIRONMENT VARIABLES ---- environment = { diff --git a/groups/server/default.nix b/groups/server/default.nix index 18f1256..cb55017 100644 --- a/groups/server/default.nix +++ b/groups/server/default.nix @@ -19,10 +19,6 @@ defaults.email = "eclarkboman@gmail.com"; }; - sudo = { - enable = true; - wheelNeedsPassword = true; - }; # allow SSH keys for passwordless auth pam = { sshAgentAuth.enable = true; diff --git a/homes/cry/default.nix b/homes/cry/default.nix index 4ff9b0a..2403b1d 100644 --- a/homes/cry/default.nix +++ b/homes/cry/default.nix @@ -1,8 +1,4 @@ {...}: { - nixpkgs = { - config.allowUnfree = false; - }; - imports = [ ../modules/fish.nix ../modules/bat.nix diff --git a/homes/me/default.nix b/homes/me/default.nix index 32130dc..835f509 100755 --- a/homes/me/default.nix +++ b/homes/me/default.nix @@ -27,16 +27,7 @@ ../modules/mako.nix ]; - nixpkgs.config.allowUnfreePredicate = pkg: - builtins.elem (lib.GetName pkg) [ - # "vscode-extension-ms-dotnettools-csharp" - "spotify" - ]; - home = { - username = "me"; - homeDirectory = "/home/me"; - shellAliases = { # rebuild = "sudo nixos-rebuild switch --flake /home/me/flake --show-trace"; # trybuild = "sudo nixos-rebuild test --flake /home/me/flake --show-trace"; @@ -46,10 +37,6 @@ man = "batman"; # bat + man }; - sessionVariables = { - NIX_SHELL_PRESERVE_PROMPT = 1; - }; - pointerCursor = { gtk.enable = true; # x11.enable = true # dont enable since im on hyprland @@ -99,9 +86,6 @@ }; programs = { - # these are both required for home-manager to work - home-manager.enable = true; - hyfetch = { enable = true; settings = { @@ -186,8 +170,6 @@ }; # the ssh-agent won't set this for itself... # systemd.user.sessionVariables.SSH_AUTH_SOCK = "$XDG_RUNTIME_DIR/ssh-agent"; - # Nicely reload system units when changing configs - systemd.user.startServices = "sd-switch"; home.stateVersion = "24.05"; # don't change this } diff --git a/hosts/myputer/default.nix b/hosts/myputer/default.nix index a5a28e5..1a05530 100755 --- a/hosts/myputer/default.nix +++ b/hosts/myputer/default.nix @@ -46,7 +46,7 @@ }; }; - security.sudo.wheelNeedsPassword = lib.mkForce false; + security.sudo-rs.wheelNeedsPassword = lib.mkForce false; # ---- SYSTEM PACKAGES ----- environment.systemPackages = with pkgs; [ diff --git a/snow.nix b/snow.nix index ec6e9d8..07a453c 100644 --- a/snow.nix +++ b/snow.nix @@ -47,8 +47,9 @@ groups = groups: [groups.server]; deploy.ssh = { host = "dobutterfliescry.net"; - user = "cry"; port = 42069; + # XXX: WARNING: TEMP: this public key is temporary and used solely for debugging + publicKeys = ["ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKJqtXaBWEM6nte+Bci/PizXvv/n8abYKUCKaS/x1st1 me@myputer"]; }; }; @@ -58,7 +59,8 @@ groups = groups: [groups.server]; deploy.ssh = { host = "hyrule.dobutterfliescry.net"; - user = "cry"; + # XXX: WARNING: TEMP: this public key is temporary and used solely for debugging + publicKeys = ["ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKJqtXaBWEM6nte+Bci/PizXvv/n8abYKUCKaS/x1st1 me@myputer"]; }; }; @@ -70,7 +72,8 @@ remoteBuild = true; ssh = { host = "192.168.88.250"; # <- DEBUG: TEMP: TODO: switch to `matcha.dobutterfliescry.net` - user = "emile"; + # XXX: WARNING: TEMP: this public key is temporary and used solely for debugging + publicKeys = ["ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKJqtXaBWEM6nte+Bci/PizXvv/n8abYKUCKaS/x1st1 me@myputer"]; }; }; };