diff --git a/configuration-nas.nix b/configuration-nas.nix index c02a024..8c58a59 100644 --- a/configuration-nas.nix +++ b/configuration-nas.nix @@ -131,7 +131,7 @@ in pulse.enable = true; }; - # Enable Flatpak + # Set to enable Flatpak flatpak.enable = false; # Enable RDP @@ -152,7 +152,7 @@ in userServices = true; workstation = true; }; - extraServiceFiles = { + extraServiceFiles = { # TODO is this needed? smb = '' @@ -168,10 +168,6 @@ in }; }; - # libnvidia-container does not support cgroups v2 (prior to 1.8.0) - # https://github.com/NVIDIA/nvidia-docker/issues/1447 - systemd.enableUnifiedCgroupHierarchy = false; - systemd.services.nas-mounts = { path = [ pkgs.zfs pkgs.bash ]; script = '' @@ -202,7 +198,7 @@ in firewall = { enable = true; allowPing = true; - extraCommands = ''iptables -t raw -A OUTPUT -p udp -m udp --dport 137 -j CT --helper netbios-ns''; + extraCommands = ''iptables -t raw -A OUTPUT -p udp -m udp --dport 137 -j CT --helper netbios-ns''; # TODO is this needed? allowedTCPPorts = [ 80 443 61208 ]; allowedUDPPorts = [ 80 443 61208 ]; }; @@ -246,37 +242,48 @@ in }; # Define a user account. Don't forget to set a password with ‘passwd’. - users.users."${user}" = { - isNormalUser = true; - extraGroups = [ "wheel" "networkmanager" "docker" "podman" "libvirtd" ]; # Enable ‘sudo’ for the user. - initialHashedPassword = password; - shell = pkgs.fish; - packages = with pkgs; [ - neofetch - git - parted - aspell - aspellDicts.en - aspellDicts.en-computers - aspellDicts.en-science - aha - papirus-icon-theme - firefox - ]; + users = { + groups.jallen-nas.gid = 1000; # create nas group cause truenas perms + + # Admin account + users."${user}" = { + isNormalUser = true; + extraGroups = [ "wheel" "networkmanager" "docker" "podman" "libvirtd" ]; # Enable ‘sudo’ for the user. + initialHashedPassword = password; + shell = pkgs.fish; + packages = with pkgs; [ + neofetch + git + parted + aspell + aspellDicts.en + aspellDicts.en-computers + aspellDicts.en-science + aha + papirus-icon-theme + firefox + ]; + }; + + # Nix app account + users.nix-apps = { + isNormalUser = true; + uid = 911; + extraGroups = [ "jallen-nas" "wheel" "docker" "podman" "libvirt" ]; # Enable ‘sudo’ for the user. + initialHashedPassword = password; + }; }; - # Define a user account. Don't forget to set a password with ‘passwd’. - users.users.mjallen = { - isNormalUser = true; - extraGroups = [ "wheel" ]; # Enable ‘sudo’ for the user. - initialHashedPassword = password; - shell = pkgs.fish; - }; + # Virtualisation + virtualisation = { + docker = { + enable = true; + enableNvidia = true; + enableOnBoot = true; + }; - virtualisation.docker.enable = true; - virtualisation.docker.enableNvidia = true; - virtualisation.docker.enableOnBoot = true; - virtualisation.libvirtd.enable = true; + libvirtd.enable = true; + }; # This option defines the first version of NixOS you have installed on this particular machine, # and is used to maintain compatibility with application data (e.g. databases) created on older NixOS versions.