diff --git a/systems/linux/bosephus.nix b/systems/linux/bosephus.nix index 6c277dc..719111e 100644 --- a/systems/linux/bosephus.nix +++ b/systems/linux/bosephus.nix @@ -95,17 +95,7 @@ # List packages installed in system profile. To search, run: # $ nix search wget - environment.systemPackages = with pkgs; [ - neovim - git - borgbackup - # Add a script for users to trigger system updates - (pkgs.writeScriptBin "update-nixos" '' - #!${pkgs.bash}/bin/bash - echo "Requesting system update..." - ${pkgs.systemd}/bin/systemctl start nixos-update.service - '') - ]; + environment.systemPackages = with pkgs; [ neovim git borgbackup ]; # Some programs need SUID wrappers, can be configured further or are # started in user sessions. @@ -149,66 +139,6 @@ options = [ "defaults" "compress=zstd" ]; }; - # Samba server - services.samba = { - enable = true; - package = pkgs.sambaFull; - securityType = "user"; - openFirewall = true; - settings = { - global = { - workgroup = "SAMBA"; - security = "user"; - "passdb backend" = "tdbsam"; - printing = "cups"; - "printcap name" = "cups"; - "load printers" = "yes"; - }; - - homes = { - comment = "Home Directories"; - "valid users" = "%S, %D%w%S"; - browseable = "No"; - "read only" = "No"; - "inherit acls" = "Yes"; - }; - - printers = { - comment = "All Printers"; - path = "/var/spool/samba"; - printable = "Yes"; - "create mode" = "0700"; - browseable = "No"; - }; - - mybookduo = { - comment = "My Book Duo RAID system"; - path = "/media/my-book-duo"; - writable = "yes"; - browseable = "yes"; - public = "no"; - "valid users" = "@mixstudios"; - "create mask" = "0660"; - "directory mask" = "0770"; - "force group" = "+mixstudios"; - }; - - gdrive = { - comment = "G-DRIVE media drive"; - path = "/media/g-drive"; - writable = "yes"; - browseable = "yes"; - public = "no"; - "valid users" = "@mixstudios"; - "create mask" = "0660"; - "directory mask" = "0770"; - "force group" = "+mixstudios"; - }; - }; - }; - - systemd.tmpfiles.rules = [ "d /var/spool/samba 1777 root root -" ]; - systemd.services."fix-mount-permissions" = { wantedBy = [ "local-fs.target" ]; after = [ "local-fs.target" ]; @@ -228,54 +158,4 @@ }; }; - # Service to update NixOS configuration from git repo - systemd.services."nixos-update" = { - description = "Update NixOS configuration from git repository"; - path = with pkgs; [ git coreutils ]; - script = '' - # Ensure the directory exists - mkdir -p /srv/config - - # Clone/pull the repository - if [ -d "/srv/config/.git" ]; then - cd /srv/config - git fetch origin - git reset --hard origin/master - else - rm -rf /srv/config - git clone https://code.millironx.com/millironx/nix-dotfiles.git /srv/config - fi - - # Rebuild the system - ${pkgs.nixos-rebuild}/bin/nixos-rebuild switch --flake /srv/config#bosephus - ''; - serviceConfig = { - Type = "oneshot"; - User = "root"; - }; - }; - - # Timer to run the update service daily at 3am - systemd.timers."nixos-update" = { - wantedBy = [ "timers.target" ]; - description = "Run NixOS update daily at 3am"; - timerConfig = { - OnCalendar = "3:00"; - Persistent = true; - Unit = "nixos-update.service"; - }; - }; - - # Polkit rule to allow non-root users to trigger the update - security.polkit.extraConfig = '' - polkit.addRule(function(action, subject) { - if (action.id == "org.freedesktop.systemd1.manage-units" && - action.lookup("unit") == "nixos-update.service" && - action.lookup("verb") == "start" && - subject.isInGroup("wheel")) { - return polkit.Result.YES; - } - }); - ''; - }