Amend sway config, disposable vms and add .desktop

author: c0co.channel <c0co.channel@braincrime.com> 2025-10-23 23:29:42 +0100
committer: c0co.channel <c0co.channel@braincrime.com> 2025-10-23 23:29:42 +0100
commit: 22e51f645f9725cf3786aef807bdd9182afffc66 (patch)
tree: 067353382f2eef2fe441a37750ed6cbea6fb83d7
parent: ae78645ec48c9e6b522bc54eb15fc5ca849c36cd (diff)
6 files changed, 33 insertions, 11 deletions
diff --git a/dom0/system.scm b/dom0/system.scm
index 3757c0a..dbb27dc 100644
--- a/dom0/system.scm
+++ b/dom0/system.scm
@@ -2,6 +2,7 @@
 (define-module (dom0 system)
   #:use-module (gnu)
   #:use-module (gnu services guix)
+  #:use-module (gnu system privilege)
   #:use-module (guix transformations)
   #:use-module (nongnu packages linux)
   #:use-module (nongnu system linux-initrd)
@@ -9,9 +10,11 @@
   #:use-module (nongnu services nvidia))
 
 (use-service-modules linux guix desktop pm audio virtualization 
-		     networking dbus xorg avahi spice)
+		     networking dbus xorg avahi spice
+		     security-token)
 (use-package-modules linux audio libusb wm fonts virtualization
-		     freedesktop vim cryptsetup version-control)
+		     freedesktop vim cryptsetup version-control
+		     security-token spice)
 
 (define patch-libvirt
   (options->transformation
@@ -88,7 +91,7 @@
 				     (append (list "https://substitutes.nonguix.org")
 					     %default-substitute-urls))
 				     (authorized-keys
-				       (append (list (local-file "..files/nonguix-signing-key.pub"))
+				       (append (list (local-file "../files/nonguix-signing-key.pub"))
 					       %default-authorized-guix-keys)))))
 	      (list 
 	      ;; NVIDIA
@@ -158,11 +161,24 @@
                          (libvirt (patch-libvirt libvirt))
 			 (qemu (replace-mesa qemu))))
               (service virtlog-service-type)
+	     
+	      ;polkit rules for spice usb passthru
+              (simple-service 'spice-polkit polkit-service-type (list spice-gtk))
 
+ 	      ;; yubikey
+	      (service pcscd-service-type)
               ;; udev
-              (udev-rules-service 'pipewire-add-udev-rules pipewire))))
-
-  ;; Packages (system-wide) 
+              (udev-rules-service 'pipewire-add-udev-rules pipewire)
+	      (udev-rules-service 'fido2 libfido2 #:groups '("plugdev")))))
+  
+  ;; required for spice usb passthru
+  (privileged-programs
+  (cons (privileged-program
+         (program (file-append spice-gtk "/libexec/spice-client-glib-usb-acl-helper"))
+         (setuid? #t))
+         %default-privileged-programs))
+  
+;; Packages (system-wide) 
   (packages (cons* vim
 		   git
 		   cryptsetup
diff --git a/files/desktop-files/disposable-firefox.desktop b/files/desktop-files/disposable-firefox.desktop
new file mode 100644
index 0000000..9274c92
--- /dev/null
+++ b/files/desktop-files/disposable-firefox.desktop
@@ -0,0 +1,4 @@
+[Desktop Entry]
+Type=Application
+Name=browser
+Exec=bash /home/dom0/.local/bin/disposable-firefox
diff --git a/files/misc-config/dom0-sway-config b/files/misc-config/dom0-sway-config
index 891de4c..708cc11 100644
--- a/files/misc-config/dom0-sway-config
+++ b/files/misc-config/dom0-sway-config
@@ -216,8 +216,6 @@ bindsym $mod+r mode "resize"
     bindsym --locked XF86MonBrightnessUp exec brightnessctl set 5%+
     # Special key to take a screenshot with grim
     bindsym $mod+p exec grimshot copy area
-    # swaylock
-    bindsym $mod+l exec swaylock -i /home/dom0/.config/gubes/files/wallpapers/taclnc.png
 
 #
 # Status Bar:
diff --git a/files/scripts/disposable-firefox b/files/scripts/disposable-firefox
new file mode 100644
index 0000000..7932522
--- /dev/null
+++ b/files/scripts/disposable-firefox
@@ -0,0 +1,6 @@
+BUILDDIR=$HOME/.gubes/
+CONFIG=$BUILDDIR/disposable/firefox-dsp.scm
+SCRIPT=$(guix system vm -L ${BUILDDIR} ${CONFIG})
+
+trap 'kill 0' EXIT
+$SCRIPT  -m 2048 -smp 2 -vga qxl -device virtio-serial-pci -spice port=5930,disable-ticketing=on -device virtserialport,chardev=spicechannel0,name=com.redhat.spice.0 -chardev spicevmc,id=spicechannel0,name=vdagent -device virtio-sound-pci,audiodev=my_audiodev -audiodev spice,id=my_audiodev & remote-viewer spice://localhost:5930
diff --git a/pwn/packages/scrapy.scm b/pwn/packages/scrapy.scm
index a3297f7..899fd54 100644
--- a/pwn/packages/scrapy.scm
+++ b/pwn/packages/scrapy.scm
@@ -2,8 +2,6 @@
   #:use-module (guix packages)
   #:use-module (guix download)
   #:use-module (guix build-system pyproject)
-  ;#:use-module (gnu packages python-check)
- ; #:use-module (gnu packages python-xyz)
   #:use-module (gnu packages python-build)
   #:use-module (guix licenses))
 
diff --git a/pwn/packages/wafw00f.scm b/pwn/packages/wafw00f.scm
index 12cc0d4..18e145a 100644
--- a/pwn/packages/wafw00f.scm
+++ b/pwn/packages/wafw00f.scm
@@ -1,4 +1,4 @@
-(define-module (gnu packages impacket)
+(define-module (gnu packages wafw00f)
   #:use-module (guix packages)
   #:use-module (guix download)
   #:use-module (guix build-system python)
author	c0co.channel <c0co.channel@braincrime.com>	2025-10-23 23:29:42 +0100
committer	c0co.channel <c0co.channel@braincrime.com>	2025-10-23 23:29:42 +0100
commit	22e51f645f9725cf3786aef807bdd9182afffc66 (patch)
tree	067353382f2eef2fe441a37750ed6cbea6fb83d7
parent	ae78645ec48c9e6b522bc54eb15fc5ca849c36cd (diff)