Amélioration de la doc

2023-10-02 22:08:37 +02:00 · 2023-10-02 22:08:37 +02:00 · 6d4a283d53
parent 71174014e1
commit 6d4a283d53
1 changed files with 30 additions and 4 deletions
--- a/config.scm
+++ b/config.scm
@ -22,7 +22,7 @@
 (use-modules (gnu))
 (use-modules (gnu packages freedesktop))
 (use-modules (srfi srfi-1))
-(use-service-modules cups desktop networking ssh xorg virtualization vpn)
+(use-service-modules cups desktop networking ssh xorg virtualization vpn security-token)
 ;; Configuration sudoer personnalisée
 (define %sudoers-specification
@ -35,10 +35,29 @@ root ALL=(ALL) ALL
 ;; Permet le partage de périphériques USB via virt-manager
 (define %spice-rules
  (udev-rule
-    "50-spice.rules"
+    "41-spice-and-nitrokey.rules"
    (string-append "\
 SUBSYSTEM==\"usb\", GROUP=\"spice\", MODE=\"0660\"
 SUBSYSTEM==\"usb_device\", GROUP=\"spice\", MODE=\"0660\"
 ACTION!=\"add|change\", GOTO=\"u2f_end\"
 KERNEL==\"hidraw*\", SUBSYSTEM==\"hidraw\", ATTRS{idVendor}==\"2581\", ATTRS{idProduct}==\"f1d0\", TAG+=\"uaccess\"
 KERNEL==\"hidraw*\", SUBSYSTEM==\"hidraw\", ATTRS{idVendor}==\"20a0\", ATTRS{idProduct}==\"4287\", TAG+=\"uaccess\"
 KERNEL==\"hidraw*\", SUBSYSTEM==\"hidraw\", ATTRS{idVendor}==\"20a0\", ATTRS{idProduct}==\"42b1\", TAG+=\"uaccess\"
 KERNEL==\"hidraw*\", SUBSYSTEM==\"hidraw\", ATTRS{idVendor}==\"20a0\", ATTRS{idProduct}==\"42b2\", TAG+=\"uaccess\"
 KERNEL==\"hidraw*\", SUBSYSTEM==\"hidraw\", ATTRS{idVendor}==\"20a0\", ATTRS{idProduct}==\"42dd\", TAG+=\"uaccess\"
 ATTRS{idVendor}==\"20a0\", ATTRS{idProduct}==\"42e8\", TAG+=\"uaccess\"
 LABEL=\"u2f_end\"
 SUBSYSTEM!=\"usb\", GOTO=\"gnupg_rules_end\"
 ACTION!=\"add\", GOTO=\"gnupg_rules_end\"
 ATTR{idVendor}==\"20a0\", ATTR{idProduct}==\"4107\", ENV{ID_SMARTCARD_READER}=\"1\", ENV{ID_SMARTCARD_READER_DRIVER}=\"gnupg\", TAG+=\"uaccess\"
 ATTR{idVendor}==\"20a0\", ATTR{idProduct}==\"4108\", ENV{ID_SMARTCARD_READER}=\"1\", ENV{ID_SMARTCARD_READER_DRIVER}=\"gnupg\", TAG+=\"uaccess\"
 ATTRS{idVendor}==\"20a0\", ATTRS{idProduct}==\"42b4\", TAG+=\"uaccess\"
 ATTR{idVendor}==\"20a0\", ATTR{idProduct}==\"4109\", ENV{ID_SMARTCARD_READER}=\"1\", ENV{ID_SMARTCARD_READER_DRIVER}=\"gnupg\", TAG+=\"uaccess\"
 ATTR{idVendor}==\"03eb\", ATTR{idProduct}==\"2ff1\", TAG+=\"uaccess\"
 ATTR{idVendor}==\"20a0\", ATTR{idProduct}==\"4211\", ENV{ID_SMARTCARD_READER}=\"1\", ENV{ID_SMARTCARD_READER_DRIVER}=\"gnupg\", TAG+=\"uaccess\"
 ATTR{idVendor}==\"20a0\", ATTR{idProduct}==\"4230\", ENV{ID_SMARTCARD_READER}=\"1\", ENV{ID_SMARTCARD_READER_DRIVER}=\"gnupg\", TAG+=\"uaccess\"
 LABEL=\"gnupg_rules_end\"
 KERNEL==\"sd?1\", ATTRS{idVendor}==\"20a0\", ATTRS{idProduct}==\"4109\", SYMLINK+=\"nitrospace\"
 ")))
 ;; Configuration du système
@ -49,7 +68,11 @@ SUBSYSTEM==\"usb_device\", GROUP=\"spice\", MODE=\"0660\"
  (keyboard-layout (keyboard-layout "fr" "oss"))
  (host-name "n-guix-port")
  ;; Application de la configuration sudoer personnalisée (définie plus haut)
  (kernel-arguments
    (list "modprobe.blacklist=usbmouse,usbkbd"))
  (sudoers-file %sudoers-specification)
  ;; La liste des comptes utilisateurs (« root » est implicite).
@ -82,6 +105,9 @@ SUBSYSTEM==\"usb_device\", GROUP=\"spice\", MODE=\"0660\"
    (modify-services (append (list
      (service gnome-desktop-service-type)
      ;; Service de gestion des clés de chiffrement physique
      (service pcscd-service-type)
      ;; Service d'impression
      (service cups-service-type)
@ -99,7 +125,7 @@ SUBSYSTEM==\"usb_device\", GROUP=\"spice\", MODE=\"0660\"
          (pam-limits-entry "@audio" 'both 'rtprio 99)
          (pam-limits-entry "@audio" 'both 'memlock 'unlimited)))
-
+      ;; Configuration de l'environnement graphique (notamment clavier)
      (set-xorg-configuration
        (xorg-configuration (keyboard-layout keyboard-layout))))
        %desktop-services)