From ccd087b00bd474eafa25e5316bd73a2ccf208435 Mon Sep 17 00:00:00 2001 From: kurogeek Date: Wed, 14 Jan 2026 14:01:33 +0700 Subject: [PATCH] mob next [ci-skip] [ci skip] [skip ci] lastFile:modules/clan/home-profiles/flake-module.nix --- inventories/personal-computer.nix | 2 +- modules/clan/home-profiles/flake-module.nix | 2 +- .../{common-user => home-user}/default.nix | 0 .../{common-user => home-user}/home.nix | 0 .../personal-computer/automatic-timezone.nix | 8 +++ modules/clan/personal-computer/default.nix | 21 +++++++ .../clan/personal-computer/flake-module.nix | 6 ++ .../clan/personal-computer/mutable-user.nix | 4 ++ modules/clan/personal-computer/printing.nix | 62 +++++++++++++++++++ 9 files changed, 103 insertions(+), 2 deletions(-) rename modules/clan/home-profiles/{common-user => home-user}/default.nix (100%) rename modules/clan/home-profiles/{common-user => home-user}/home.nix (100%) create mode 100644 modules/clan/personal-computer/automatic-timezone.nix create mode 100644 modules/clan/personal-computer/default.nix create mode 100644 modules/clan/personal-computer/flake-module.nix create mode 100644 modules/clan/personal-computer/mutable-user.nix create mode 100644 modules/clan/personal-computer/printing.nix diff --git a/inventories/personal-computer.nix b/inventories/personal-computer.nix index 1470492..352a4e4 100644 --- a/inventories/personal-computer.nix +++ b/inventories/personal-computer.nix @@ -1,4 +1,3 @@ -{ config, ... }: { clan.inventory = { tags = { @@ -7,6 +6,7 @@ }; instances = { + personal-computer = { module = {name="personal-computer";};}; kde = { module = { name = "kde"; diff --git a/modules/clan/home-profiles/flake-module.nix b/modules/clan/home-profiles/flake-module.nix index 29fcb78..c6c6121 100644 --- a/modules/clan/home-profiles/flake-module.nix +++ b/modules/clan/home-profiles/flake-module.nix @@ -1,6 +1,6 @@ { lib, ... }: { clan.modules = { - commonUser = lib.modules.importApply ./common-user { }; + home-user = lib.modules.importApply ./home-user { }; }; } diff --git a/modules/clan/home-profiles/common-user/default.nix b/modules/clan/home-profiles/home-user/default.nix similarity index 100% rename from modules/clan/home-profiles/common-user/default.nix rename to modules/clan/home-profiles/home-user/default.nix diff --git a/modules/clan/home-profiles/common-user/home.nix b/modules/clan/home-profiles/home-user/home.nix similarity index 100% rename from modules/clan/home-profiles/common-user/home.nix rename to modules/clan/home-profiles/home-user/home.nix diff --git a/modules/clan/personal-computer/automatic-timezone.nix b/modules/clan/personal-computer/automatic-timezone.nix new file mode 100644 index 0000000..803df74 --- /dev/null +++ b/modules/clan/personal-computer/automatic-timezone.nix @@ -0,0 +1,8 @@ +{ lib, ... }: +{ + services.automatic-timezoned.enable = true; + services.geoclue2 = { + enableDemoAgent = lib.mkForce true; + geoProviderUrl = "https://beacondb.net/v1/geolocate"; + }; +} diff --git a/modules/clan/personal-computer/default.nix b/modules/clan/personal-computer/default.nix new file mode 100644 index 0000000..fe2cb26 --- /dev/null +++ b/modules/clan/personal-computer/default.nix @@ -0,0 +1,21 @@ +{ ... }: +{ + _class = "clan.service"; + manifest.name = "personal-computer"; + manifest.description = "A service for configuring personal computer such as printing, automatic-timezone, etc."; + manifest.categories = [ "System" ]; + + roles.default = { + perInstance = + { ... }: + { + nixosModule = + { inputs, lib, ... }: + { + imports = [ + (inputs.import-tree.initFilter (p: !lib.hasSuffix "default.nix" p) ./.) + ]; + }; + }; + }; +} diff --git a/modules/clan/personal-computer/flake-module.nix b/modules/clan/personal-computer/flake-module.nix new file mode 100644 index 0000000..74f4a74 --- /dev/null +++ b/modules/clan/personal-computer/flake-module.nix @@ -0,0 +1,6 @@ +{ lib, ... }: +{ + clan.modules = { + personal-computer = lib.modules.importApply ./default.nix { }; + }; +} diff --git a/modules/clan/personal-computer/mutable-user.nix b/modules/clan/personal-computer/mutable-user.nix new file mode 100644 index 0000000..4fcc983 --- /dev/null +++ b/modules/clan/personal-computer/mutable-user.nix @@ -0,0 +1,4 @@ +{ lib, ... }: +{ + users.mutableUsers = lib.mkForce true; +} diff --git a/modules/clan/personal-computer/printing.nix b/modules/clan/personal-computer/printing.nix new file mode 100644 index 0000000..82fcf98 --- /dev/null +++ b/modules/clan/personal-computer/printing.nix @@ -0,0 +1,62 @@ +{ + pkgs, + lib, + config, + ... +}: +let + allowManageGroups = [ + "root" + "wheel" + "lpadmin" + ]; + polkitAllowGroups = builtins.concatStringsSep "||" ( + builtins.map (group: ''subject.isInGroup("${group}")'') allowManageGroups + ); + + printerMember = lib.map (user: user.name) ( + lib.attrsets.attrsToList ( + lib.attrsets.filterAttrs (name: value: value.isNormalUser) config.users.users + ) + ); + +in +{ + services.printing = { + enable = true; + drivers = [ + pkgs.brlaser + pkgs.gutenprint + ]; + + extraFilesConf = '' + SystemGroup ${builtins.concatStringsSep " " allowManageGroups} + ''; + }; + + security.polkit = { + enable = true; + + extraConfig = '' + polkit.addRule(function(action, subject) { + var actionMatchs = ( + action.id.indexOf('org.opensuse.cupspkhelper.mechanism.') === 0 + ); + if (actionMatchs) { + if (${polkitAllowGroups}) { + return polkit.Result.YES + } + } + }); + ''; + }; + + hardware.sane = { + enable = true; + }; + + users.groups.lpadmin.members = printerMember; + users.groups.lp.members = printerMember; + users.groups.scanner.members = printerMember; + +}