The `HostKeyAlgorithms +ssh-rsa` setting has been removed from the SSH configuration in the default Nix file. This change simplifies the config and helps ensure compatibility with modern security practices.
Added openssh to the default dependencies list in the Darwin services base module. This ensures that OpenSSH tools are available by default, enhancing remote access and security operations.
Changed the neovim-flake URL to the new repository and updated its version from v0.5 to v0.6. This ensures we are using the latest configurations and features from the renamed repository.
This change modifies the NSGlobalDomain settings to make the menu bar always visible by setting `_HIHideMenuBar` to false. This ensures a consistent user interface by keeping the menu bar accessible at all times.
Introduce 'cleanup', 'autoUpdate', and 'upgrade' options under the onActivation section for improved manageability. Additionally, remove unused homebrew configuration from modules/darwin/nix/default.nix.
Convert masApps from list to set for better structure consistency. Add initialization for Homebrew in the Fish shell to ensure the environment is correctly set up.
This commit updates the default Homebrew configuration to include 'mas' alongside 'libusb' for the aarch64-darwin system. It also introduces an empty 'masApps' array for potential future use.
Added configuration to enable Homebrew on aarch64-darwin systems. Created a new module for managing Homebrew settings and added support for declarative tap management.
Renamed several modules to better align with Darwin-specific configurations. Refactored configuration for Alacritty and removed it from system packages where not needed. Introduced Homebrew settings and cleaned up redundant entries in multiple Nix files.
Add Zsh to the list of available shells in the Darwin services module.
Introduce new Nix configurations for aarch64-darwin, including system packages and font settings.
Set up user-specific environment for Harald on aarch64-darwin system.
Included HSA_OVERRIDE_GFX_VERSION for ROCm acceleration. Added LIBVA_DRIVER_NAME and commented NIXOS_OZONE_WL to environment.sessionVariables settings.
Moved the system defaults configuration block to follow the system activation script definition. This change organizes the code better, improving readability and maintainability.
Introduce a script to organize applications under /Applications/Nix Apps. This setup improves the management and accessibility of system applications by creating aliases for them.
The dlog alias now includes the '-p' flag to display patch output by default. This change helps users see inline differences along with the log entries.
Set `submodule.recurse` to true in the git configuration. This change ensures that all submodules are automatically initialized and updated recursively.
Disable the NIXOS_OZONE_WL environment variable in session variables to avoid potential conflicts. This change ensures the stability of the GUI service while leaving the intel-media-driver configuration untouched.
Enabled Intel media driver support and set environment variables for better compatibility with Wayland. Also updated MPV configuration for hardware decoding and GPU settings.
Move and enhance OpenGL configuration in GUI services. The configuration now includes onevpl-intel-gpu and retains intel-compute-runtime from base services.
Added an HTTP SSL CA certificate configuration to enhance security and ensure trusted connections. This change sets the CA certificate file path to '/etc/ssl/certs/ca-certificates.crt'.
Added a custom shell script for qemu-system-x86_64 enabling UEFI support using OVMF. This ensures that the command uses the specified OVMF firmware for UEFI boot.
Add chromium and rustup to systemPackages, and move pcsctools and yubikey-personalization entries. Introduce environment session variable NIXOS_OZONE_WL for better Wayland support.
Enable temporary file storage on tmpfs and configure TMPDIR for the nix-daemon. Also, ensure temporary files are cleaned on boot and enable fstrim service for filesystem maintenance.
The alacritty package entry was misaligned in the list of systemPackages. This fix ensures consistent indentation for better readability and maintainability.
This commit shifts the Alacritty terminal emulator from "tools" within the user-level configuration to "systemPackages" under the base services configuration. This change allows global access to Alacritty across the system.
This commit enables the 'base' edition in the default.nix configuration file within the Darwin suites module. This update provides the necessary settings for the base installation, enhancing the flexibility of system setup.
This commit introduces a new base configuration for the Darwin service. It includes options for system packages, shell programs and security features. This base configuration is customizable with an enable option.
This commit modifies the `nix` configuration in the `darwin` module, changing from the unstable `nix` package use to the stable version. This change is intended to improve stability and reliability of the module.
This commit renames the 'fonts' array in the darwin system fonts module to 'packages'. The refactor is aimed at improving the code readability and making the name more descriptive and representative of its content.
This commit adds the `autohide-battery@sitnik.ru` extension to the home configurations of `harald@t15` and `harald@x1`. It also adjusts the path of the `xkb.layout` setting in the GUI service's configuration. Furthermore, the `sound-output-device-chooser` extension has been removed.
This commit adds three new GNOME extensions to the gui module in the NixOS service. Specifically, 'gnome-browser-connector', 'autohide-battery', and 'sound-output-device-chooser' were added. This update is intended to enhance the system's user experience.
This commit modifies several settings of the home printer module in default.nix. The PageSize parameter was changed, and several new parameters related to print quality and color correction were added for better print results, specifically for photos.
Created a new module for home printer setup and enabled it on x86_64-linux systems. The module configures printing drivers and ensures that printers are set up properly. In addition, moved specific printer configurations into the newly created homeprinter module.
The user's extraGroups in the NixOS module now contains 'wheel' by default. This change provides the user with more privileges. Consequently, 'wheel' has been removed from the SGX-Attic's 'user.extraGroups' as it became redundant.
This commit introduces a new substituter 'https://attic.teepot.org/tee-pot' and its associated trusted key 'tee-pot:SS6HcrpG87S1M6HZGPsfo7d1xJccCGev7/tXc5+I4jg='. The changes affect the Nix, aesmd_dcap, home settings, and pccs modules. This update provides additional package sources for these modules.
The default value for `wheelNeedsPassword` has been changed to `true` in `base/default.nix`. The redundant entry in `gui/default.nix` setting `wheelNeedsPassword` to `true` was removed as it is now enforced by the base module.
This change updates the settings in the GUI module for the sudo wheel group. The security policy has been modified to require a password when a member of the wheel group attempts to use sudo.
Adjust default garbage collection intervals and retention periods. Set default GC to run weekly and retain 14 days on nixos module and to run daily and retain 7 days on the 64-linux module.
Signed-off-by: Harald Hoyer <harald@hoyer.xyz>
The update modifies the default setting for the 'sudo wheelNeedsPassword' option in both the base and gui modules/services. Now, the base service has 'sudo wheelNeedsPassword' marked as a default option and disabled by default in the gui service.
This commit corrects the code's formatting in two parts:
1) It normalizes the indentation in the BindPaths block under aesmd_dcap/default.nix.
2) It also removes the extra space before "DE" in the default_phone_region setting in nextcloud.nix.
This commit removes the "--refresh" flag from the system.autoUpgrade field in the default.nix file. The update function will now rely on the remaining flags only.
Harald Hoyer