rana machine: emmie personal laptop

modules/clan/personal-computer/automatic-timezone.nix

@@ -0,0 +1,8 @@
+{ lib, ... }:
+{
+  services.automatic-timezoned.enable = true;
+  services.geoclue2 = {
+    enableDemoAgent = lib.mkForce true;
+    geoProviderUrl = "https://beacondb.net/v1/geolocate";
+  };
+}

modules/clan/personal-computer/default.nix

@@ -0,0 +1,19 @@
+{ ... }:
+{
+  _class = "clan.service";
+  manifest.name = "personal-computer";
+  manifest.description = "A service for configuring personal computer such as printing, automatic-timezone, etc.";
+  manifest.categories = [ "System" ];
+
+  roles.default = {
+    perInstance.nixosModule =
+      { inputs, lib, ... }:
+      {
+        imports = [
+          (inputs.import-tree.initFilter (
+            p: !lib.hasSuffix "default.nix" p && !lib.hasSuffix "flake-module.nix" p
+          ) ./.)
+        ];
+      };
+  };
+}

modules/clan/personal-computer/desktop-environment.nix

@@ -0,0 +1,4 @@
+{ config, ... }:
+{
+  security.pam.services."sddm".kwallet.enable = config.services.desktopManager.plasma6.enable;
+}

modules/clan/personal-computer/flake-module.nix

@@ -0,0 +1,6 @@
+{ lib, ... }:
+{
+  clan.modules = {
+    personal-computer = lib.modules.importApply ./default.nix { };
+  };
+}

modules/clan/personal-computer/libinput.nix

@@ -0,0 +1,11 @@
+{
+  services = {
+    libinput = {
+      enable = true;
+      touchpad = {
+        disableWhileTyping = true;
+        naturalScrolling = true;
+      };
+    };
+  };
+}

modules/clan/personal-computer/printing.nix

@@ -0,0 +1,62 @@
+{
+  pkgs,
+  lib,
+  config,
+  ...
+}:
+let
+  allowManageGroups = [
+    "root"
+    "wheel"
+    "lpadmin"
+  ];
+  polkitAllowGroups = builtins.concatStringsSep "||" (
+    builtins.map (group: ''subject.isInGroup("${group}")'') allowManageGroups
+  );
+
+  printerMember = lib.map (user: user.name) (
+    lib.attrsets.attrsToList (
+      lib.attrsets.filterAttrs (name: value: value.isNormalUser) config.users.users
+    )
+  );
+
+in
+{
+  services.printing = {
+    enable = true;
+    drivers = [
+      pkgs.brlaser
+      pkgs.gutenprint
+    ];
+
+    extraFilesConf = ''
+      SystemGroup ${builtins.concatStringsSep " " allowManageGroups}
+    '';
+  };
+
+  security.polkit = {
+    enable = true;
+
+    extraConfig = ''
+      polkit.addRule(function(action, subject) {
+        var actionMatchs = (
+          action.id.indexOf('org.opensuse.cupspkhelper.mechanism.') === 0
+        );
+        if (actionMatchs) {
+          if (${polkitAllowGroups}) {
+            return polkit.Result.YES
+          }
+        }
+      });
+    '';
+  };
+
+  hardware.sane = {
+    enable = true;
+  };
+
+  users.groups.lpadmin.members = printerMember;
+  users.groups.lp.members = printerMember;
+  users.groups.scanner.members = printerMember;
+
+}

modules/clan/personal-computer/users.nix

@@ -0,0 +1,11 @@
+{ lib, ... }:
+{
+  users.mutableUsers = lib.mkForce true;
+  security.polkit.extraConfig = ''
+    polkit.addRule(function(action, subject) {
+      if ((action.id == "org.freedesktop.accounts.change-own-password")) {
+        return polkit.Result.AUTH_SELF;
+      }
+    });
+  '';
+}

modules/clan/personal-computer/wireless.nix

@@ -0,0 +1,4 @@
+{
+  networking.networkmanager.enable = true;
+  hardware.bluetooth.enable = true;
+}