From 9133eb3a505e49060e80b09147b6b0a795d3ca03 Mon Sep 17 00:00:00 2001 From: Shahab Dogar Date: Fri, 10 Jan 2025 12:11:07 +0500 Subject: [PATCH] feat: NixOS | enable virtualization and lock when key unplugged --- nixos/configuration.nix | 36 +++++++++++++++++++++++++++++++++++- 1 file changed, 35 insertions(+), 1 deletion(-) diff --git a/nixos/configuration.nix b/nixos/configuration.nix index 412e9b8..155bc89 100644 --- a/nixos/configuration.nix +++ b/nixos/configuration.nix @@ -100,6 +100,15 @@ #media-session.enable = true; }; + services.udev.extraRules = '' + ACTION=="remove",\ + ENV{ID_BUS}=="usb",\ + ENV{ID_MODEL_ID}=="0407",\ + ENV{ID_VENDOR_ID}=="1050",\ + ENV{ID_VENDOR}=="Yubico",\ + RUN+="${pkgs.systemd}/bin/loginctl lock-sessions" + ''; + # Enable sound with pipewire. hardware = { pulseaudio.enable = false; @@ -126,7 +135,7 @@ isNormalUser = true; description = "Shahab Dogar"; - extraGroups = [ "networkmanager" "wheel" "input" ]; + extraGroups = [ "networkmanager" "wheel" "input" "libvirtd" ]; }; # Allow unfree packages @@ -136,6 +145,13 @@ # $ nix search wget environment.systemPackages = with pkgs; [ pciutils + virt-manager + virt-viewer + spice + spice-gtk + spice-protocol + win-virtio + win-spice ]; programs._1password.enable = true; @@ -146,6 +162,8 @@ polkitPolicyOwners = [ "shahab" ]; }; + programs.dconf.enable = true; + # Hyprland programs.hyprland = { enable = true; @@ -174,8 +192,24 @@ search = ["docker.io"]; }; }; + + libvirtd = { + enable = true; + qemu = { + swtpm.enable = true; + + ovmf = { + enable = true; + packages = with pkgs; [ OVMFFull.fd ]; + }; + }; + }; + + spiceUSBRedirection.enable = true; }; + services.spice-vdagentd.enable = true; + # Some programs need SUID wrappers, can be configured further or are # started in user sessions. # programs.mtr.enable = true;