From 2b0672ae35e0edf2a829abec23ab97cf72988611 Mon Sep 17 00:00:00 2001 From: aszlig Date: Sat, 3 Sep 2022 06:32:13 +0200 Subject: profiles/workstation: Use autoLogin on LUKS After countless boots with unlocking my LUKS containers and thereafter logging in via lightdm I started to wonder whether it really makes sense to do the latter. All of my workstations are single-user, I usually don't switch my session type (and even if, then via system configuration) and if someone manages to unlock my LUKS containers, it's really trivial to circumvent the user authentication. So if I'm not forgetting about something big[TM], the only purpose this additional auth serves is me being annoyed for no reason, so let's disable it if the configuration indicates that LUKS is used. Signed-off-by: aszlig --- .../user/aszlig/profiles/workstation/default.nix | 47 +++++++++++++--------- 1 file changed, 28 insertions(+), 19 deletions(-) (limited to 'modules') diff --git a/modules/user/aszlig/profiles/workstation/default.nix b/modules/user/aszlig/profiles/workstation/default.nix index 12d50b6b..bfc86c9e 100644 --- a/modules/user/aszlig/profiles/workstation/default.nix +++ b/modules/user/aszlig/profiles/workstation/default.nix @@ -3,7 +3,8 @@ let cfg = config.vuizvui.user.aszlig.profiles.workstation; inherit (config.services.xserver) xrandrHeads; - faceSize = if config.hardware.video.hidpi.enable then 10 else 12; + hidpi = config.hardware.video.hidpi.enable; + faceSize = if hidpi then 10 else 12; in { options.vuizvui.user.aszlig.profiles.workstation = { enable = lib.mkEnableOption "Workstation profile for aszlig"; @@ -190,24 +191,32 @@ in { enable = true; layout = "dvorak"; - displayManager.lightdm.enable = true; - displayManager.defaultSession = "none+i3"; - displayManager.sessionCommands = '' - ${pkgs.xorg.xrdb}/bin/xrdb "${pkgs.writeText "xrdb.config" '' - XTerm*termName: xterm-direct - XTerm*directColor: true - XTerm*faceName: MxPlus IBM VGA 8x16 - XTerm*faceSize: ${toString faceSize} - XTerm*renderFont: true - XTerm*saveLines: 10000 - XTerm*bellIsUrgent: true - XTerm*background: black - XTerm*foreground: grey - - XTerm*backarrowKeyIsErase: true - XTerm*ptyInitialErase: true - ''}" - ''; + displayManager = { + lightdm.enable = true; + defaultSession = "none+i3"; + sessionCommands = '' + ${pkgs.xorg.xrdb}/bin/xrdb "${pkgs.writeText "xrdb.config" '' + XTerm*termName: xterm-direct + XTerm*directColor: true + XTerm*faceName: MxPlus IBM VGA 8x16 + XTerm*faceSize: ${toString faceSize} + XTerm*renderFont: true + XTerm*saveLines: 10000 + XTerm*bellIsUrgent: true + XTerm*background: black + XTerm*foreground: grey + + XTerm*backarrowKeyIsErase: true + XTerm*ptyInitialErase: true + ''}" + ''; + } // lib.optionalAttrs (config.boot.initrd.luks.devices != {}) { + # All of my workstations are single-user machines with encrypted root + # and swap, so there is no need to prompt another time for a password + # or passphrase. + autoLogin.enable = true; + autoLogin.user = "aszlig"; + }; }; }; -- cgit 1.4.1