atridad/lavitz
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

1754190633

Browse Source
This commit is contained in:
Atridad Lahiji
2025-08-02 21:10:33 -06:00
parent ac410d859c
commit 0e27305108
4 changed files with 40 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
modules/hardware.nix
View File

@@ -14,8 +14,7 @@
powerManagement.enable = true;
powerManagement.finegrained = false;
gsp.enable = true;
open = true;
open = false;
nvidiaSettings = true;
package = config.boot.kernelPackages.nvidiaPackages.stable;
};
}

4
modules/packages.nix
View File

@@ -37,6 +37,7 @@ in
openssl
ffmpeg
vscodium
usbutils
# Desktop applications
bitwarden-desktop
@@ -53,7 +54,6 @@ in
duckstation
dolphin-emu
ryubing
gpu-screen-recorder
# GNOME extensions
gnomeExtensions.appindicator
@@ -62,4 +62,4 @@ in
++ (with unstablePkgs; [
onlyoffice-desktopeditors
]);
}
}

31
modules/services.nix
View File

@@ -30,4 +30,35 @@
# Fwupd
services.fwupd.enable = true;
# udev
services.udev.extraRules = ''
# --- Rules for WebHID/WebUSB Permissions for Keychron Devices ---
# These rules aim to make ALL Keychron devices accessible to users in the 'plugdev' group,
# or the 'users' group, so browsers (running as that user) can potentially interact.
# This rule targets any Keychron device by its Vendor ID.
# It sets the group to 'plugdev' (or 'users') and grants read/write permissions.
#
# Considerations:
# 1. 'SUBSYSTEMS=="usb"': Matches devices within the USB subsystem, broad enough for WebUSB/WebHID.
# 2. 'ATTRS{idVendor}=="3434"': Specifically targets Keychron devices.
# 3. 'MODE="0660"': Grants read/write to owner (root) and group (plugdev/users).
# 4. 'GROUP="plugdev"': Assigns the 'plugdev' group. You might use 'users' or 'your-username-group'
# if 'plugdev' isn't suitable or doesn't exist on your system.
# The group used here must be one that your *browser's user process* is a member of.
#
# IMPORTANT: Do NOT use this rule for your primary system keyboard/mouse
# if you want to prevent web pages from *potentially* messing with them.
# For a general-purpose keyboard, the OS typically blacklists it from WebHID.
# This rule is most useful for custom peripherals or secondary devices.
ACTION=="add", SUBSYSTEM=="usb", ATTRS{idVendor}=="3434", MODE="0660", GROUP="plugdev"
ACTION=="add", SUBSYSTEM=="hidraw", ATTRS{idVendor}=="3434", MODE="0660", GROUP="plugdev"
# You might also include specific product IDs if you only want to grant access to certain Keychron models:
# ACTION=="add", SUBSYSTEM=="usb", ATTRS{idVendor}=="3434", ATTRS{idProduct}=="d030", MODE="0660", GROUP="plugdev"
# ACTION=="add", SUBSYSTEM=="usb", ATTRS{idVendor}=="3434", ATTRS{idProduct}=="0e20", MODE="0660", GROUP="plugdev"
# ACTION=="add", SUBSYSTEM=="hidraw", ATTRS{idVendor}=="3434", ATTRS{idProduct}=="d030", MODE="0660", GROUP="plugdev"
# ACTION=="add", SUBSYSTEM=="hidraw", ATTRS{idVendor}=="3434", ATTRS{idProduct}=="0e20", MODE="0660", GROUP="plugdev"
'';
}

7
modules/users.nix
View File

@@ -1,11 +1,16 @@
{ config, pkgs, ... }:
{
# Define groups
users.groups.plugdev = {
gid = 69420;
};
# Define a user account. Don't forget to set a password with 'passwd'.
users.users.atridad = {
isNormalUser = true;
description = "Atridad";
extraGroups = [ "networkmanager" "wheel" "docker" ];
extraGroups = [ "networkmanager" "wheel" "docker" "plugdev" ];
packages = with pkgs; [
# thunderbird
];