Put in earplugs
This commit is contained in:
parent
635ed1f88b
commit
99ffa1c345
2 changed files with 15 additions and 8 deletions
|
@ -98,7 +98,7 @@ Layout is qwerty, CAPS_LOCK is CTRL, Ctrl-Fn-Meta-super to left of SPACE. The =k
|
||||||
** kernel
|
** kernel
|
||||||
A custom kernel is configured above, kernel arguments are declared here.
|
A custom kernel is configured above, kernel arguments are declared here.
|
||||||
|
|
||||||
The =hid_sensor_hub= module needs to be disabled for screen dimming and keyboard backlight to work as expecrted. Some other kernel arguments possibly required for (in)compatability with other features include "amdgpu.sg_display=0", "acpi_osi=linux" "acpi_backlight=vendor"
|
The =hid_sensor_hub= module needs to be disabled for screen dimming and keyboard backlight to work as expecrted. Some other kernel arguments possibly required for (in)compatability with other features include ="amdgpu.sg_display=0"=, ="acpi_osi=linux" "acpi_backlight=vendor"=
|
||||||
|
|
||||||
Kernel & driver details
|
Kernel & driver details
|
||||||
- https://gitlab.com/nonguix/nonguix
|
- https://gitlab.com/nonguix/nonguix
|
||||||
|
@ -172,7 +172,6 @@ Packages installed system-wide. Users can also install packages under their own
|
||||||
"emacs-exwm"
|
"emacs-exwm"
|
||||||
"openssh-sans-x"
|
"openssh-sans-x"
|
||||||
"nss-certs"
|
"nss-certs"
|
||||||
"htop"
|
|
||||||
;; xfce
|
;; xfce
|
||||||
"xfce4-power-manager"
|
"xfce4-power-manager"
|
||||||
"xfce4-screensaver"
|
"xfce4-screensaver"
|
||||||
|
@ -224,6 +223,9 @@ use dovecot for local IMAP
|
||||||
(service iptables-service-type
|
(service iptables-service-type
|
||||||
(iptables-configuration
|
(iptables-configuration
|
||||||
(ipv4-rules (plain-file "iptables.rules"
|
(ipv4-rules (plain-file "iptables.rules"
|
||||||
|
#+end_src
|
||||||
|
**** ipv4 rules
|
||||||
|
#+BEGIN_SRC scheme
|
||||||
"*nat
|
"*nat
|
||||||
:PREROUTING ACCEPT
|
:PREROUTING ACCEPT
|
||||||
:INPUT ACCEPT
|
:INPUT ACCEPT
|
||||||
|
@ -231,7 +233,7 @@ use dovecot for local IMAP
|
||||||
:POSTROUTING ACCEPT
|
:POSTROUTING ACCEPT
|
||||||
-A POSTROUTING -o en0 -j MASQUERADE
|
-A POSTROUTING -o en0 -j MASQUERADE
|
||||||
COMMIT
|
COMMIT
|
||||||
*filter
|
,*filter
|
||||||
:INPUT ACCEPT
|
:INPUT ACCEPT
|
||||||
:FORWARD ACCEPT
|
:FORWARD ACCEPT
|
||||||
:OUTPUT ACCEPT
|
:OUTPUT ACCEPT
|
||||||
|
@ -248,7 +250,6 @@ SMB
|
||||||
-A INPUT -m state --state NEW -m tcp -p tcp -s 192.168.0.0/16 --dport 445 -j ACCEPT
|
-A INPUT -m state --state NEW -m tcp -p tcp -s 192.168.0.0/16 --dport 445 -j ACCEPT
|
||||||
#+end_src
|
#+end_src
|
||||||
wireguard
|
wireguard
|
||||||
|
|
||||||
#+BEGIN_SRC scheme
|
#+BEGIN_SRC scheme
|
||||||
-A INPUT -p udp -m udp --dport 51820 -j ACCEPT
|
-A INPUT -p udp -m udp --dport 51820 -j ACCEPT
|
||||||
-A INPUT -i wg0 -m state --state ESTABLISHED,RELATED -j ACCEPT
|
-A INPUT -i wg0 -m state --state ESTABLISHED,RELATED -j ACCEPT
|
||||||
|
@ -260,6 +261,9 @@ wireguard
|
||||||
-A INPUT -m conntrack --ctstate INVALID -j DROP
|
-A INPUT -m conntrack --ctstate INVALID -j DROP
|
||||||
COMMIT
|
COMMIT
|
||||||
"))
|
"))
|
||||||
|
#+end_src
|
||||||
|
**** ipv6 rules
|
||||||
|
#+BEGIN_SRC scheme
|
||||||
(ipv6-rules (plain-file "ip6tables.rules"
|
(ipv6-rules (plain-file "ip6tables.rules"
|
||||||
"*nat
|
"*nat
|
||||||
:PREROUTING ACCEPT
|
:PREROUTING ACCEPT
|
||||||
|
@ -321,7 +325,8 @@ details can be found (and mostly ignored) in [[https://guix.gnu.org/cookbook/en
|
||||||
(endpoint "example.org:51820")
|
(endpoint "example.org:51820")
|
||||||
(public-key "taeID3fNgci9OpE+1UYkS4DYZE6DIlhpLQL1BVN9sg8=")
|
(public-key "taeID3fNgci9OpE+1UYkS4DYZE6DIlhpLQL1BVN9sg8=")
|
||||||
(allowed-ips '("10.0.0.13/32" "fded:dada::13/128"))
|
(allowed-ips '("10.0.0.13/32" "fded:dada::13/128"))
|
||||||
(keep-alive 25))))))
|
(keep-alive 25)))))
|
||||||
|
(%auto-start? #t))
|
||||||
#+END_SRC
|
#+END_SRC
|
||||||
|
|
||||||
*** display manager
|
*** display manager
|
||||||
|
|
|
@ -1,6 +1,6 @@
|
||||||
;; -*- mode: scheme; coding: utf-8; -*-
|
;; -*- mode: scheme; coding: utf-8; -*-
|
||||||
;;
|
;;
|
||||||
;; tangled from framework13-system.org on 2024-01-31 09:21:35+01:00)
|
;; tangled from framework13-system.org on 2024-01-31 11:13:11+01:00)
|
||||||
|
|
||||||
(use-modules (gnu)
|
(use-modules (gnu)
|
||||||
(gnu packages)
|
(gnu packages)
|
||||||
|
@ -94,7 +94,6 @@
|
||||||
"emacs-exwm"
|
"emacs-exwm"
|
||||||
"openssh-sans-x"
|
"openssh-sans-x"
|
||||||
"nss-certs"
|
"nss-certs"
|
||||||
"htop"
|
|
||||||
;; xfce
|
;; xfce
|
||||||
"xfce4-power-manager"
|
"xfce4-power-manager"
|
||||||
"xfce4-screensaver"
|
"xfce4-screensaver"
|
||||||
|
@ -127,6 +126,7 @@
|
||||||
(service iptables-service-type
|
(service iptables-service-type
|
||||||
(iptables-configuration
|
(iptables-configuration
|
||||||
(ipv4-rules (plain-file "iptables.rules"
|
(ipv4-rules (plain-file "iptables.rules"
|
||||||
|
|
||||||
"*nat
|
"*nat
|
||||||
:PREROUTING ACCEPT
|
:PREROUTING ACCEPT
|
||||||
:INPUT ACCEPT
|
:INPUT ACCEPT
|
||||||
|
@ -156,6 +156,7 @@ COMMIT
|
||||||
-A INPUT -m conntrack --ctstate INVALID -j DROP
|
-A INPUT -m conntrack --ctstate INVALID -j DROP
|
||||||
COMMIT
|
COMMIT
|
||||||
"))
|
"))
|
||||||
|
|
||||||
(ipv6-rules (plain-file "ip6tables.rules"
|
(ipv6-rules (plain-file "ip6tables.rules"
|
||||||
"*nat
|
"*nat
|
||||||
:PREROUTING ACCEPT
|
:PREROUTING ACCEPT
|
||||||
|
@ -205,7 +206,8 @@ COMMIT
|
||||||
(endpoint "example.org:51820")
|
(endpoint "example.org:51820")
|
||||||
(public-key "taeID3fNgci9OpE+1UYkS4DYZE6DIlhpLQL1BVN9sg8=")
|
(public-key "taeID3fNgci9OpE+1UYkS4DYZE6DIlhpLQL1BVN9sg8=")
|
||||||
(allowed-ips '("10.0.0.13/32" "fded:dada::13/128"))
|
(allowed-ips '("10.0.0.13/32" "fded:dada::13/128"))
|
||||||
(keep-alive 25))))))
|
(keep-alive 25)))))
|
||||||
|
(%auto-start? #t))
|
||||||
|
|
||||||
;; (service sddm-service-type
|
;; (service sddm-service-type
|
||||||
;; (sddm-configuration
|
;; (sddm-configuration
|
||||||
|
|
Loading…
Reference in a new issue