diff options
| -rw-r--r-- | dom0/system.scm | 28 | ||||
| -rw-r--r-- | files/desktop-files/disposable-firefox.desktop | 4 | ||||
| -rw-r--r-- | files/misc-config/dom0-sway-config | 2 | ||||
| -rw-r--r-- | files/scripts/disposable-firefox | 6 | ||||
| -rw-r--r-- | pwn/packages/scrapy.scm | 2 | ||||
| -rw-r--r-- | pwn/packages/wafw00f.scm | 2 |
6 files changed, 33 insertions, 11 deletions
diff --git a/dom0/system.scm b/dom0/system.scm index 3757c0a..dbb27dc 100644 --- a/dom0/system.scm +++ b/dom0/system.scm @@ -2,6 +2,7 @@ (define-module (dom0 system) #:use-module (gnu) #:use-module (gnu services guix) + #:use-module (gnu system privilege) #:use-module (guix transformations) #:use-module (nongnu packages linux) #:use-module (nongnu system linux-initrd) @@ -9,9 +10,11 @@ #:use-module (nongnu services nvidia)) (use-service-modules linux guix desktop pm audio virtualization - networking dbus xorg avahi spice) + networking dbus xorg avahi spice + security-token) (use-package-modules linux audio libusb wm fonts virtualization - freedesktop vim cryptsetup version-control) + freedesktop vim cryptsetup version-control + security-token spice) (define patch-libvirt (options->transformation @@ -88,7 +91,7 @@ (append (list "https://substitutes.nonguix.org") %default-substitute-urls)) (authorized-keys - (append (list (local-file "..files/nonguix-signing-key.pub")) + (append (list (local-file "../files/nonguix-signing-key.pub")) %default-authorized-guix-keys))))) (list ;; NVIDIA @@ -158,11 +161,24 @@ (libvirt (patch-libvirt libvirt)) (qemu (replace-mesa qemu)))) (service virtlog-service-type) + + ;polkit rules for spice usb passthru + (simple-service 'spice-polkit polkit-service-type (list spice-gtk)) + ;; yubikey + (service pcscd-service-type) ;; udev - (udev-rules-service 'pipewire-add-udev-rules pipewire)))) - - ;; Packages (system-wide) + (udev-rules-service 'pipewire-add-udev-rules pipewire) + (udev-rules-service 'fido2 libfido2 #:groups '("plugdev"))))) + + ;; required for spice usb passthru + (privileged-programs + (cons (privileged-program + (program (file-append spice-gtk "/libexec/spice-client-glib-usb-acl-helper")) + (setuid? #t)) + %default-privileged-programs)) + +;; Packages (system-wide) (packages (cons* vim git cryptsetup diff --git a/files/desktop-files/disposable-firefox.desktop b/files/desktop-files/disposable-firefox.desktop new file mode 100644 index 0000000..9274c92 --- /dev/null +++ b/files/desktop-files/disposable-firefox.desktop @@ -0,0 +1,4 @@ +[Desktop Entry] +Type=Application +Name=browser +Exec=bash /home/dom0/.local/bin/disposable-firefox diff --git a/files/misc-config/dom0-sway-config b/files/misc-config/dom0-sway-config index 891de4c..708cc11 100644 --- a/files/misc-config/dom0-sway-config +++ b/files/misc-config/dom0-sway-config @@ -216,8 +216,6 @@ bindsym $mod+r mode "resize" bindsym --locked XF86MonBrightnessUp exec brightnessctl set 5%+ # Special key to take a screenshot with grim bindsym $mod+p exec grimshot copy area - # swaylock - bindsym $mod+l exec swaylock -i /home/dom0/.config/gubes/files/wallpapers/taclnc.png # # Status Bar: diff --git a/files/scripts/disposable-firefox b/files/scripts/disposable-firefox new file mode 100644 index 0000000..7932522 --- /dev/null +++ b/files/scripts/disposable-firefox @@ -0,0 +1,6 @@ +BUILDDIR=$HOME/.gubes/ +CONFIG=$BUILDDIR/disposable/firefox-dsp.scm +SCRIPT=$(guix system vm -L ${BUILDDIR} ${CONFIG}) + +trap 'kill 0' EXIT +$SCRIPT -m 2048 -smp 2 -vga qxl -device virtio-serial-pci -spice port=5930,disable-ticketing=on -device virtserialport,chardev=spicechannel0,name=com.redhat.spice.0 -chardev spicevmc,id=spicechannel0,name=vdagent -device virtio-sound-pci,audiodev=my_audiodev -audiodev spice,id=my_audiodev & remote-viewer spice://localhost:5930 diff --git a/pwn/packages/scrapy.scm b/pwn/packages/scrapy.scm index a3297f7..899fd54 100644 --- a/pwn/packages/scrapy.scm +++ b/pwn/packages/scrapy.scm @@ -2,8 +2,6 @@ #:use-module (guix packages) #:use-module (guix download) #:use-module (guix build-system pyproject) - ;#:use-module (gnu packages python-check) - ; #:use-module (gnu packages python-xyz) #:use-module (gnu packages python-build) #:use-module (guix licenses)) diff --git a/pwn/packages/wafw00f.scm b/pwn/packages/wafw00f.scm index 12cc0d4..18e145a 100644 --- a/pwn/packages/wafw00f.scm +++ b/pwn/packages/wafw00f.scm @@ -1,4 +1,4 @@ -(define-module (gnu packages impacket) +(define-module (gnu packages wafw00f) #:use-module (guix packages) #:use-module (guix download) #:use-module (guix build-system python) |