diff --git a/config/automatrop/roles/system/files/openvpn-client.service b/config/automatrop/roles/system/files/openvpn-client.service deleted file mode 100644 index 1748351..0000000 --- a/config/automatrop/roles/system/files/openvpn-client.service +++ /dev/null @@ -1,11 +0,0 @@ -[Service] -ExecStart= -ExecStart=/usr/bin/openvpn --suppress-timestamps --nobind --config %i.conf --script-security 2 --up /etc/openvpn/update-resolv-conf --down /etc/openvpn/update-resolv-conf -# The part before --script-security 2 might need upgrading from -# /usr/lib/systemd/system/openvpn-client@.service if it was upgraded -Restart=on-failure -User= -AmbiantCapabilities= -# It's not pretty, but other script only work with systemd or call resolvconf with -p, -# which doesn't work without a local DNS resolver -# TODO Local DNS resolver sounds nice anyway diff --git a/config/automatrop/roles/system/handlers/main.yaml b/config/automatrop/roles/system/handlers/main.yaml index 9bda647..307a93b 100644 --- a/config/automatrop/roles/system/handlers/main.yaml +++ b/config/automatrop/roles/system/handlers/main.yaml @@ -23,8 +23,3 @@ debug: msg: "The Panfrost display driver configuration was changed, but needs a reboot to be applied." listen: panfrost config changed - -- name: Reload systemd-logind - command: systemctl kill -s HUP systemd-logind - become: yes - listen: systemd-logind config changed diff --git a/config/automatrop/roles/system/tasks/main.yml b/config/automatrop/roles/system/tasks/main.yml index 03cdc0d..77a75fc 100644 --- a/config/automatrop/roles/system/tasks/main.yml +++ b/config/automatrop/roles/system/tasks/main.yml @@ -76,53 +76,3 @@ - etc changed - systemd changed when: not auto_numlock - -### STOPPED HERE ### - -- name: Empty motd - copy: - content: "" - dest: /etc/motd - mode: "u=rw,g=r,o=r" - become: yes - notify: - - etc changed - -# VPN configuration - -- name: Prepare directory for openvpn-client service override - file: - path: /etc/systemd/system/openvpn-client@.service.d - state: directory - mode: "u=rwx,g=rx,o=rx" - become: yes - -- name: Make openvpn use hooks for resolvconf - copy: - src: openvpn-client.service - dest: /etc/systemd/system/openvpn-client@.service.d/override.conf - become: yes - notify: - - etc changed - - systemd changed - -- name: Disable power button - lineinfile: - path: /etc/systemd/logind.conf - line: 'HandlePowerKey=ignore' - regexp: '^#? *HandlePowerKey=' - insertafter: '^\[Login\]$' - become: yes - notify: systemd-logind config changed - # Reason: I sometimes press it accidentally - # (hoping to start it when it's already started, - # or really accidentally on the Pinebook). - # Suspend would be nice, but it doesn't have the locker then - -# TODO Hibernation, if that's relevant -# $ sudo blkid | grep 'TYPE="swap"' -# $ sudoedit /etc/default/grub -# Add resume=UUID= to GRUB_CMDLINE_LINUX_DEFAULT -# $ sudo grub-mkconfig -o /boot/grub/grub.cfg - -# TODO udevil diff --git a/config/nix/modules/common.nix b/config/nix/modules/common.nix index 17763ac..193fb81 100644 --- a/config/nix/modules/common.nix +++ b/config/nix/modules/common.nix @@ -122,6 +122,9 @@ # Might want to see if it's worth using on NixOS gnupg.agent.enable = true; + # Let users mount disks + udevil.enable = true; + # TODO Below should be user config zsh = { @@ -145,13 +148,23 @@ # Time sychronisation chrony = { - enable = true; - servers = map (n: "${toString n}.europe.pool.ntp.org") (lib.lists.range 0 3); - extraConfig = "rtcsync"; + enable = true; + servers = map (n: "${toString n}.europe.pool.ntp.org") (lib.lists.range 0 3); + extraConfig = "rtcsync"; }; + # Prevent power button from shutting down the computer. + # On Pinebook it's too easy to hit, + # on others I sometimes turn it off when unsuspending. + logind.extraConfig = "HandlePowerKey=ignore"; + }; + # FIXME services.openvpn.servers..updateResolvConf=true + # For profiles in the extensions + + # TODO Hibernation? + # TEST system.copySystemConfiguration = true;