summaryrefslogtreecommitdiff
path: root/profiles
diff options
context:
space:
mode:
Diffstat (limited to 'profiles')
-rw-r--r--profiles/core/configuration.nix89
-rw-r--r--profiles/core/secrets.nix9
2 files changed, 5 insertions, 93 deletions
diff --git a/profiles/core/configuration.nix b/profiles/core/configuration.nix
index e677306..dd1cca6 100644
--- a/profiles/core/configuration.nix
+++ b/profiles/core/configuration.nix
@@ -12,92 +12,11 @@
hardware.keyboard.qmk.enable = true;
services.udev.extraRules = ''
- # Atmel DFU
- ### ATmega16U2
- SUBSYSTEMS=="usb", ATTRS{idVendor}=="03eb", ATTRS{idProduct}=="2fef", TAG+="uaccess"
- ### ATmega32U2
- SUBSYSTEMS=="usb", ATTRS{idVendor}=="03eb", ATTRS{idProduct}=="2ff0", TAG+="uaccess"
- ### ATmega16U4
- SUBSYSTEMS=="usb", ATTRS{idVendor}=="03eb", ATTRS{idProduct}=="2ff3", TAG+="uaccess"
- ### ATmega32U4
- SUBSYSTEMS=="usb", ATTRS{idVendor}=="03eb", ATTRS{idProduct}=="2ff4", TAG+="uaccess"
- ### AT90USB64
- SUBSYSTEMS=="usb", ATTRS{idVendor}=="03eb", ATTRS{idProduct}=="2ff9", TAG+="uaccess"
- ### AT90USB162
- SUBSYSTEMS=="usb", ATTRS{idVendor}=="03eb", ATTRS{idProduct}=="2ffa", TAG+="uaccess"
- ### AT90USB128
- SUBSYSTEMS=="usb", ATTRS{idVendor}=="03eb", ATTRS{idProduct}=="2ffb", TAG+="uaccess"
+ # Yubico Yubikey II
+ ATTRS{idVendor}=="1050", ATTRS{idProduct}=="0010|0110|0111|0114|0116|0401|0403|0405|0407|0410", \
+ ENV{ID_SECURITY_TOKEN}="1"
- # Input Club
- SUBSYSTEMS=="usb", ATTRS{idVendor}=="1c11", ATTRS{idProduct}=="b007", TAG+="uaccess"
-
- # STM32duino
- SUBSYSTEMS=="usb", ATTRS{idVendor}=="1eaf", ATTRS{idProduct}=="0003", TAG+="uaccess"
- # STM32 DFU
- SUBSYSTEMS=="usb", ATTRS{idVendor}=="0483", ATTRS{idProduct}=="df11", TAG+="uaccess"
-
- # BootloadHID
- SUBSYSTEMS=="usb", ATTRS{idVendor}=="16c0", ATTRS{idProduct}=="05df", TAG+="uaccess"
-
- # USBAspLoader
- SUBSYSTEMS=="usb", ATTRS{idVendor}=="16c0", ATTRS{idProduct}=="05dc", TAG+="uaccess"
-
- # USBtinyISP
- SUBSYSTEMS=="usb", ATTRS{idVendor}=="1782", ATTRS{idProduct}=="0c9f", TAG+="uaccess"
-
- # ModemManager should ignore the following devices
- # Atmel SAM-BA (Massdrop)
- SUBSYSTEMS=="usb", ATTRS{idVendor}=="03eb", ATTRS{idProduct}=="6124", TAG+="uaccess", ENV{ID_MM_DEVICE_IGNORE}="1"
-
- # Caterina (Pro Micro)
- ## pid.codes shared PID
- ### Keyboardio Atreus 2 Bootloader
- SUBSYSTEMS=="usb", ATTRS{idVendor}=="1209", ATTRS{idProduct}=="2302", TAG+="uaccess", ENV{ID_MM_DEVICE_IGNORE}="1"
- ## Spark Fun Electronics
- ### Pro Micro 3V3/8MHz
- SUBSYSTEMS=="usb", ATTRS{idVendor}=="1b4f", ATTRS{idProduct}=="9203", TAG+="uaccess", ENV{ID_MM_DEVICE_IGNORE}="1"
- ### Pro Micro 5V/16MHz
- SUBSYSTEMS=="usb", ATTRS{idVendor}=="1b4f", ATTRS{idProduct}=="9205", TAG+="uaccess", ENV{ID_MM_DEVICE_IGNORE}="1"
- ### LilyPad 3V3/8MHz (and some Pro Micro clones)
- SUBSYSTEMS=="usb", ATTRS{idVendor}=="1b4f", ATTRS{idProduct}=="9207", TAG+="uaccess", ENV{ID_MM_DEVICE_IGNORE}="1"
- ## Pololu Electronics
- ### A-Star 32U4
- SUBSYSTEMS=="usb", ATTRS{idVendor}=="1ffb", ATTRS{idProduct}=="0101", TAG+="uaccess", ENV{ID_MM_DEVICE_IGNORE}="1"
- ## Arduino SA
- ### Leonardo
- SUBSYSTEMS=="usb", ATTRS{idVendor}=="2341", ATTRS{idProduct}=="0036", TAG+="uaccess", ENV{ID_MM_DEVICE_IGNORE}="1"
- ### Micro
- SUBSYSTEMS=="usb", ATTRS{idVendor}=="2341", ATTRS{idProduct}=="0037", TAG+="uaccess", ENV{ID_MM_DEVICE_IGNORE}="1"
- ## Adafruit Industries LLC
- ### Feather 32U4
- SUBSYSTEMS=="usb", ATTRS{idVendor}=="239a", ATTRS{idProduct}=="000c", TAG+="uaccess", ENV{ID_MM_DEVICE_IGNORE}="1"
- ### ItsyBitsy 32U4 3V3/8MHz
- SUBSYSTEMS=="usb", ATTRS{idVendor}=="239a", ATTRS{idProduct}=="000d", TAG+="uaccess", ENV{ID_MM_DEVICE_IGNORE}="1"
- ### ItsyBitsy 32U4 5V/16MHz
- SUBSYSTEMS=="usb", ATTRS{idVendor}=="239a", ATTRS{idProduct}=="000e", TAG+="uaccess", ENV{ID_MM_DEVICE_IGNORE}="1"
- ## dog hunter AG
- ### Leonardo
- SUBSYSTEMS=="usb", ATTRS{idVendor}=="2a03", ATTRS{idProduct}=="0036", TAG+="uaccess", ENV{ID_MM_DEVICE_IGNORE}="1"
- ### Micro
- SUBSYSTEMS=="usb", ATTRS{idVendor}=="2a03", ATTRS{idProduct}=="0037", TAG+="uaccess", ENV{ID_MM_DEVICE_IGNORE}="1"
-
- # hid_listen
- KERNEL=="hidraw*", MODE="0660", GROUP="plugdev", TAG+="uaccess", TAG+="udev-acl"
-
- # hid bootloaders
- ## QMK HID
- SUBSYSTEMS=="usb", ATTRS{idVendor}=="03eb", ATTRS{idProduct}=="2067", TAG+="uaccess"
- ## PJRC's HalfKay
- SUBSYSTEMS=="usb", ATTRS{idVendor}=="16c0", ATTRS{idProduct}=="0478", TAG+="uaccess"
-
- # APM32 DFU
- SUBSYSTEMS=="usb", ATTRS{idVendor}=="314b", ATTRS{idProduct}=="0106", TAG+="uaccess"
-
- # GD32V DFU
- SUBSYSTEMS=="usb", ATTRS{idVendor}=="28e9", ATTRS{idProduct}=="0189", TAG+="uaccess"
-
- # WB32 DFU
- SUBSYSTEMS=="usb", ATTRS{idVendor}=="342d", ATTRS{idProduct}=="dfa0", TAG+="uaccess"
+ KERNEL=="hidraw*", SUBSYSTEM=="hidraw", ATTRS{idVendor}=="1050", ATTRS{idProduct}=="0113|0114|0115|0116|0120|0200|0402|0403|0406|0407|0410", TAG+="uaccess"
'';
boot.loader.systemd-boot.enable = true;
diff --git a/profiles/core/secrets.nix b/profiles/core/secrets.nix
index e09a1fb..5c44676 100644
--- a/profiles/core/secrets.nix
+++ b/profiles/core/secrets.nix
@@ -5,16 +5,10 @@
];
sops = {
gnupg = {
- home = config.hm.programs.gpg.homedir;
sshKeyPaths = [];
};
age.sshKeyPaths = [];
-
- # Taken from: https://github.com/ncfavier/config/blob/main/modules/secrets.nix
- # GPG running as root can't find my socket dir (https://github.com/NixOS/nixpkgs/issues/57779)
- environment.SOPS_GPG_EXEC = pkgs.writeShellScript "gpg-mike" ''
- exec ${pkgs.util-linux}/bin/runuser -u mike -- ${pkgs.gnupg}/bin/gpg "$@"
- '';
+ age.keyFile = "${config.hm.xdg.configHome}/sops/age/keys.txt";
secrets = mapAttrs' (name: _: let
parts = splitString "." name;
@@ -33,7 +27,6 @@
environment = {
systemPackages = [ pkgs.sops ];
- sessionVariables.SOPS_PGP_FP = "95B594256E6684F46B337254CE5CD59ACAB73E44";
};
hm = {
generated by cgit v1.2.3 (git 2.25.1) at 2026-02-12 15:50:33 +0000