diff options
Diffstat (limited to 'nixos/modules/hardware')
| -rw-r--r-- | nixos/modules/hardware/keyboard.nix | 24 | ||||
| -rw-r--r-- | nixos/modules/hardware/linode.nix | 38 | ||||
| -rw-r--r-- | nixos/modules/hardware/yubikey.nix | 47 |
3 files changed, 109 insertions, 0 deletions
diff --git a/nixos/modules/hardware/keyboard.nix b/nixos/modules/hardware/keyboard.nix new file mode 100644 index 0000000..69ab14a --- /dev/null +++ b/nixos/modules/hardware/keyboard.nix @@ -0,0 +1,24 @@ +{ config, lib, pkgs, ... }: +with lib; + +let + cfg = config.eth.keyboard; + +in { + + options.eth.keyboard = { + enable = mkEnableOption "Eth's keyboard preferences"; + }; + + config = mkIf cfg.enable { + + console.useXkbConfig = true; + + services.xserver = { + layout = "us"; + xkbVariant = "colemak"; + xkbOptions = "caps:escape"; + }; + + }; +} diff --git a/nixos/modules/hardware/linode.nix b/nixos/modules/hardware/linode.nix new file mode 100644 index 0000000..d70c929 --- /dev/null +++ b/nixos/modules/hardware/linode.nix @@ -0,0 +1,38 @@ +{ config, pkgs, lib, ... }: +with lib; + +# from https://www.linode.com/docs/tools-reference/custom-kernels-distros/install-nixos-on-linode/. + +let + cfg = config.eth.linode; + +in { + + options.eth.linode = { + enable = mkEnableOption "good defaults for Linodes"; + }; + + config = mkIf cfg.enable { + + # Enable LISH serial console. + boot.kernelParams = [ "console=ttyS0,19200n8" ]; + boot.loader.grub.extraConfig = '' + serial --speed=19200 --unit=0 --word=8 --parity=no --stop=1; + terminal_input serial; + terminal_output serial; + ''; + + # GRUB has issues with Linode, + # so this ignores the warnings. + boot.loader.grub.forceInstall = true; + + # A long timeout to cope with LISH delays. + boot.loader.timeout = 10; + + boot.loader.grub = { + enable = true; + version = 2; + device = "nodev"; # "nodev" for EFI. + }; + }; +} diff --git a/nixos/modules/hardware/yubikey.nix b/nixos/modules/hardware/yubikey.nix new file mode 100644 index 0000000..0c16807 --- /dev/null +++ b/nixos/modules/hardware/yubikey.nix @@ -0,0 +1,47 @@ +{ config, lib, pkgs, ... }: +with lib; + +let + cfg = config.eth.yubikey; + +in { + + options.eth.yubikey = { + enable = mkEnableOption "Set up Yubikey"; + }; + + config = mkIf cfg.enable { + + hardware.u2f.enable = true; + + programs.ssh.startAgent = false; + + programs.gnupg.agent = { + enable = true; + enableSSHSupport = true; + pinentryFlavor = "curses"; + }; + + services.pcscd.enable = true; + + services.udev.packages = with pkgs; [ + libu2f-host + yubikey-personalization + ]; + + environment.systemPackages = with pkgs; [ + gnupg + pinentry-curses + ]; + + environment.shellInit = '' + gpg-connect-agent /bye + export SSH_AUTH_SOCK=$(gpgconf --list-dirs agent-ssh-socket) + ''; + programs.fish.shellInit = '' + gpg-connect-agent /bye + set -Ux SSH_AUTH_SOCK (gpgconf --list-dirs agent-ssh-socket) + ''; + + }; +} |