mob next [ci-skip] [ci skip] [skip ci]

lastFile:machines/rana/configuration.nix

modules/nixos/personal-computer/default.nix

@@ -0,0 +1 @@
+{ imports = [ ./printing.nix ]; }

modules/nixos/personal-computer/printing.nix

@@ -0,0 +1,63 @@
+{
+  pkgs,
+  lib,
+  config,
+  ...
+}:
+let
+  allowManageGroups = [
+    "root"
+    "wheel"
+    "lpadmin"
+  ];
+  polkitAllowGroups = builtins.concatStringsSep "||" (
+    builtins.map (group: ''subject.isInGroup("${group}")'') allowManageGroups
+  );
+in
+{
+  services.printing = {
+    enable = true;
+    drivers = [
+      pkgs.brlaser
+      pkgs.gutenprint
+    ];
+
+    extraFilesConf = ''
+      SystemGroup ${builtins.concatStringsSep " " allowManageGroups}
+    '';
+  };
+
+  security.polkit = {
+    enable = true;
+
+    extraConfig = ''
+      polkit.addRule(function(action, subject) {
+        var actionMatchs = (
+          action.id.indexOf('org.opensuse.cupspkhelper.mechanism.') === 0
+        );
+        if (actionMatchs) {
+          if (${polkitAllowGroups}) {
+            return polkit.Result.YES
+          }
+        }
+      });
+    '';
+  };
+
+  hardware.sane = {
+    enable = true;
+  };
+
+  users.groups.lpadmin.members = lib.pipe config.users.users [
+    (lib.attrsets.filterAttrs (name: value: value.isNormalUser))
+    (lib.attrsets.attrsToList)
+    (lib.map (user: user.name))
+  ];
+
+  users.groups.lp.members = lib.pipe config.users.users [
+    (lib.attrsets.filterAttrs (name: value: value.isNormalUser))
+    (lib.attrsets.attrsToList)
+    (lib.map (user: user.name))
+  ];
+
+}