julm: pumpkin: enable music profile

[julm/julm-nix.git] / hosts / blackberry.nix

diff --git a/hosts/blackberry.nix b/hosts/blackberry.nix
index 3d26eb9cdbd38ffdda5bf5eaf95d6a21fd8662d2..1c7e15530923dd76826a1b99e284d825c681ea55 100644 (file)
--- a/hosts/blackberry.nix
+++ b/hosts/blackberry.nix
@@ -1,4 +1,11 @@
-{ config, pkgs, lib, inputs, hostName, ... }:
+{
+  config,
+  pkgs,
+  lib,
+  inputs,
+  hostName,
+  ...
+}:
 {
   imports = [
     #../nixos/profiles/debug.nix
@@ -8,12 +15,15 @@
     ../nixos/profiles/desktop.nix
     ../nixos/profiles/printing.nix
     #../nixos/profiles/radio.nix
-    #../nixos/profiles/tor.nix
+    ../nixos/profiles/tor.nix
     ../nixos/profiles/bluetooth.nix
+    ../nixos/profiles/home.nix
     #blackberry/backup.nix
     blackberry/hardware.nix
     blackberry/nebula.nix
     blackberry/networking.nix
+    #blackberry/pixiecore.nix
+    blackberry/nix-ssh.nix
   ];
 
   # Lower kernel's security for better performances
@@ -24,8 +34,9 @@
   };
   users.users.root = {
     openssh.authorizedKeys.keys = map lib.readFile [
-      # For nix -L run .#oignon.switch
+      # For nix -L run .#pumpkin.switch
       ../users/julm/ssh/oignon.pub
+      ../users/julm/ssh/pumpkin.pub
       ../users/julm/ssh/blackberry.pub
     ];
   };
@@ -43,9 +54,10 @@
       "networkmanager"
       "plugdev" # For rtl-sdr
       "scanner"
-      #"tor"
+      "tor"
       "video"
       "wheel"
+      "wireshark"
       #"ipfs"
       config.services.davfs2.davGroup
       #"vboxusers"
@@ -55,13 +67,13 @@
     createHome = false;
     openssh.authorizedKeys.keys = map lib.readFile [
       ../users/julm/ssh/oignon.pub
+      ../users/julm/ssh/pumpkin.pub
       ../users/julm/ssh/losurdo.pub
     ];
   };
 
   nix = {
-    extraOptions = ''
-    '';
+    extraOptions = '''';
     settings = {
       substituters = [
       ];
@@ -82,39 +94,40 @@
   programs.fuse.userAllowOther = true;
 
   systemd.automounts = [
-    { where = "/mnt/aubergine"; automountConfig.TimeoutIdleSec = "5 min"; }
+    {
+      where = "/mnt/aubergine";
+      automountConfig.TimeoutIdleSec = "5 min";
+    }
   ];
   fileSystems =
     let
       # Use the user's gpg-agent session to query
       # for the password of the SSH key when auto-mounting.
-      sshAsUser =
-        pkgs.writeScript "sshAsUser" ''
-          user="$1"; shift
-          exec ${pkgs.sudo}/bin/sudo -i -u "$user" \
-            ${pkgs.openssh}/bin/ssh "$@"
-        '';
-      options =
-        [
-          "user"
-          "uid=julm"
-          "gid=users"
-          "allow_other"
-          "exec" # Override "user"'s noexec
-          "noatime"
-          "nosuid"
-          "_netdev"
-          "ssh_command=${sshAsUser}\\040julm"
-          "noauto"
-          "x-gvfs-hide"
-          "x-systemd.automount"
-          #"Compression=yes" # YMMV
-          # Disconnect approximately 2*15=30 seconds after a network failure
-          "ServerAliveCountMax=1"
-          "ServerAliveInterval=15"
-          "dir_cache=no"
-          #"reconnect"
-        ];
+      sshAsUser = pkgs.writeScript "sshAsUser" ''
+        user="$1"; shift
+        exec ${pkgs.sudo}/bin/sudo -i -u "$user" \
+          ${pkgs.openssh}/bin/ssh "$@"
+      '';
+      options = [
+        "user"
+        "uid=julm"
+        "gid=users"
+        "allow_other"
+        "exec" # Override "user"'s noexec
+        "noatime"
+        "nosuid"
+        "_netdev"
+        "ssh_command=${sshAsUser}\\040julm"
+        "noauto"
+        "x-gvfs-hide"
+        "x-systemd.automount"
+        #"Compression=yes" # YMMV
+        # Disconnect approximately 2*15=30 seconds after a network failure
+        "ServerAliveCountMax=1"
+        "ServerAliveInterval=15"
+        "dir_cache=no"
+        #"reconnect"
+      ];
     in
     {
       "/mnt/aubergine" = {