Change to dedicated user for nfs and syncthing

This commit is contained in:
Nathan Anderson 2024-03-18 19:45:31 -06:00
parent b6cbe22d7a
commit 47629ac5df
5 changed files with 59 additions and 42 deletions

View File

@ -35,7 +35,7 @@
# change ownership of kage to be open
systemd.tmpfiles.rules = [
"d /nfs_export/kage 0777 nobody nogroup - -"
"d /nfs_export/kage 0777 kage kage - -"
];
swapDevices = [ ];

View File

@ -13,7 +13,7 @@ in
config = lib.mkIf cfg.enable {
programs.firefox = {
# Add pipewire support
package = (pkgs.wrapFirefox (pkgs.firefox-unwrapped.override { pipewireSupport = true;}) {});
# package = (pkgs.wrapFirefox (pkgs.firefox-unwrapped.override { pipewireSupport = true;}) {});
enable = true;
profiles = {
default = {
@ -51,7 +51,6 @@ in
settings = {
"browser.startup.blankWindow" = true;
"browser.startup.homepage" = "https://www.startpage.com/do/mypage.pl?prfe=11898a1adf7b7dfb587580692f358773a11ca25e993b8e077476641cec033319e15f2449c345f5be919fd0a082015c3e4ed23143bd4337512466c04c2999831a54abca2eaeb42963c63ff064";
"browser.newtabpage.enabled" = false;
"browser.search.region" = "US";
"browser.search.isUS" = true;
"distribution.searchplugins.defaultLocale" = "en-US";

View File

@ -105,15 +105,14 @@
keepassxc
obs-studio
#
# Style
#
catppuccin-kvantum
libsForQt5.qtstyleplugin-kvantum
libsForQt5.qt5ct
# Install fonts
(nerdfonts.override { fonts = [ "Hermit" "Overpass" ]; })
# # You can also create simple shell scripts directly inside your
# # configuration. For example, this adds a command 'my-hello' to your
# # environment:
# (pkgs.writeShellScriptBin "my-hello" ''
# echo "Hello, ${config.home.username}!"
# '')
];
# Home Manager is pretty good at managing dotfiles. The primary way to manage
@ -133,18 +132,6 @@
# '';
};
# Home Manager can also manage your environment variables through
# 'home.sessionVariables'. If you don't want to manage your shell through Home
# Manager then you have to manually source 'hm-session-vars.sh' located at
# either
#
# ~/.nix-profile/etc/profile.d/hm-session-vars.sh
#
# or
#
# /etc/profiles/per-user/nate/etc/profile.d/hm-session-vars.sh
#
home.sessionVariables = {
EDITOR = "hx";
XDG_CURRENT_DESKTOP="sway";
@ -166,6 +153,7 @@
bash.enable = true; # see note on other shells below
};
# Zsh setup
programs.zsh = {
enable = true;
@ -203,21 +191,39 @@
qt = {
enable = true;
platformTheme = "gtk";
style.name = "adwaita-dark";
style.package = pkgs.adwaita-qt;
platformTheme = "qtct";
style.name = "kvantum";
};
gtk = {
enable = true;
cursorTheme.package = pkgs.catppuccin-cursors;
cursorTheme.name = "latteFlamingo";
cursorTheme.name = "macchiatoLavender";
iconTheme = {
package = pkgs.catppuccin-papirus-folders;
name = "Papirus-Dark";
};
theme = {
name = "Catppuccin-Latte-Pink";
name = "Catppuccin-Macchiato-Compact-Lavender-Dark";
package = pkgs.catppuccin-gtk.override {
accents = [ "pink" ];
tweaks = [ ];
variant = "latte";
accents = [ "lavender" ];
size = "compact";
tweaks = [ "rimless" ];
variant = "macchiato";
};
};
};
# Symlink in gtk and kvantum theme
xdg.configFile = {
"gtk-4.0/assets".source = "${config.gtk.theme.package}/share/themes/${config.gtk.theme.name}/gtk-4.0/assets";
"gtk-4.0/gtk.css".source = "${config.gtk.theme.package}/share/themes/${config.gtk.theme.name}/gtk-4.0/gtk.css";
"gtk-4.0/gtk-dark.css".source = "${config.gtk.theme.package}/share/themes/${config.gtk.theme.name}/gtk-4.0/gtk-dark.css";
"Kvantum/kvantum.kvconfig".text = ''
[General]
theme=Catppuccin-Frappe-Blue
'';
"Kvantum/Catppuccin-Frappe-Blue".source = "${pkgs.catppuccin-kvantum}/share/Kvantum/Catppuccin-Frappe-Blue";
# "Kvantum/ArcDark".source = "${pkgs.arc-kde-theme}/share/Kvantum/ArcDark";
# "Kvantum/kvantum.kvconfig".text = "[General]\ntheme=ArcDark";
};
}

View File

@ -69,6 +69,7 @@
networkmanagerapplet
pavucontrol
slurp
syncthingtray
swaylock
swayidle
swww
@ -86,6 +87,7 @@
# pkgs.lutris
# ])
];
environment.variables.QT_STYLE_OVERRIDE = "kvantum";
# environment.loginShellInit = ''
# [[ "$(tty)" == /dev/tty1 ]] && sway
@ -116,6 +118,7 @@
services.gvfs.enable = true; # thunar functionalities
services.openssh.enable = true;
services.dbus.enable = true;
services.syncthing.enable = true;
# Audio
security.rtkit.enable = true;

View File

@ -102,17 +102,26 @@ in
# 8384 - syncthing
networking.firewall.allowedTCPPorts = [ 80 2049 8384 ];
users.users.kage = {
isSystemUser = true;
initialPassword = "password";
description = "user to manage nfs and syncthing tasks";
group = "kage";
extraGroups = [
"users"
];
};
services.syncthing = lib.mkIf srvConfig.syncthingEnable {
enable = true;
user = "luci";
user = "kage";
group = "users";
dataDir = "${srvConfig.nfsRoot}/kage/syncthing";
configDir = "${srvConfig.nfsRoot}/kage/.config/syncthing";
# overrideDevices = true; # overrides any devices added or deleted through the WebUI
# overrideFolders = true; # overrides any folders added or deleted through the WebUI
openDefaultPorts = true;
group = "users";
relay.enable = false;
relay.enable = true;
guiAddress = "0.0.0.0:8384";
# settings = {
# devices = {