mob next [ci-skip] [ci skip] [skip ci]

lastFile:modules/clan/home-profiles/flake-module.nix

inventories/personal-computer.nix

@@ -1,4 +1,3 @@
-{ config, ... }:
 {
   clan.inventory = {
     tags = {
@@ -7,6 +6,7 @@
     };
 
     instances = {
+      personal-computer = { module = {name="personal-computer";};};
       kde = {
         module = {
           name = "kde";

modules/clan/home-profiles/flake-module.nix

@@ -1,6 +1,6 @@
 { lib, ... }:
 {
   clan.modules = {
-    commonUser = lib.modules.importApply ./common-user { };
+    home-user = lib.modules.importApply ./home-user { };
   };
 }

modules/clan/personal-computer/automatic-timezone.nix

@@ -0,0 +1,8 @@
+{ lib, ... }:
+{
+  services.automatic-timezoned.enable = true;
+  services.geoclue2 = {
+    enableDemoAgent = lib.mkForce true;
+    geoProviderUrl = "https://beacondb.net/v1/geolocate";
+  };
+}

modules/clan/personal-computer/default.nix

@@ -0,0 +1,21 @@
+{ ... }:
+{
+  _class = "clan.service";
+  manifest.name = "personal-computer";
+  manifest.description = "A service for configuring personal computer such as printing, automatic-timezone, etc.";
+  manifest.categories = [ "System" ];
+
+  roles.default = {
+    perInstance =
+      { ... }:
+      {
+        nixosModule =
+          { inputs, lib, ... }:
+          {
+            imports = [
+              (inputs.import-tree.initFilter (p: !lib.hasSuffix "default.nix" p) ./.)
+            ];
+          };
+      };
+  };
+}

modules/clan/personal-computer/flake-module.nix

@@ -0,0 +1,6 @@
+{ lib, ... }:
+{
+  clan.modules = {
+    personal-computer = lib.modules.importApply ./default.nix { };
+  };
+}

modules/clan/personal-computer/mutable-user.nix

@@ -0,0 +1,4 @@
+{ lib, ... }:
+{
+  users.mutableUsers = lib.mkForce true;
+}

modules/clan/personal-computer/printing.nix

@@ -0,0 +1,62 @@
+{
+  pkgs,
+  lib,
+  config,
+  ...
+}:
+let
+  allowManageGroups = [
+    "root"
+    "wheel"
+    "lpadmin"
+  ];
+  polkitAllowGroups = builtins.concatStringsSep "||" (
+    builtins.map (group: ''subject.isInGroup("${group}")'') allowManageGroups
+  );
+
+  printerMember = lib.map (user: user.name) (
+    lib.attrsets.attrsToList (
+      lib.attrsets.filterAttrs (name: value: value.isNormalUser) config.users.users
+    )
+  );
+
+in
+{
+  services.printing = {
+    enable = true;
+    drivers = [
+      pkgs.brlaser
+      pkgs.gutenprint
+    ];
+
+    extraFilesConf = ''
+      SystemGroup ${builtins.concatStringsSep " " allowManageGroups}
+    '';
+  };
+
+  security.polkit = {
+    enable = true;
+
+    extraConfig = ''
+      polkit.addRule(function(action, subject) {
+        var actionMatchs = (
+          action.id.indexOf('org.opensuse.cupspkhelper.mechanism.') === 0
+        );
+        if (actionMatchs) {
+          if (${polkitAllowGroups}) {
+            return polkit.Result.YES
+          }
+        }
+      });
+    '';
+  };
+
+  hardware.sane = {
+    enable = true;
+  };
+
+  users.groups.lpadmin.members = printerMember;
+  users.groups.lp.members = printerMember;
+  users.groups.scanner.members = printerMember;
+
+}