fix: small env related inaccuracies

.sops.yaml

@@ -49,7 +49,7 @@ creation_rules:
       - *surface
       - *winters
       - *moonside
-  - path_regex: secrets/nbl-imba-2/[^/]+\.(yaml|json|env|ini)$
+  - path_regex: secrets/pyramid/[^/]+\.(yaml|json|env|ini)$
     key_groups:
     - pgp:
       - *swarsel
@@ -85,7 +85,7 @@ creation_rules:
       - *swarsel
       age:
       - *milkywell
-  - path_regex: hosts/nixos/nbl-imba-2/secrets/pii.nix.enc
+  - path_regex: hosts/nixos/pyramid/secrets/pii.nix.enc
     key_groups:
     - pgp:
       - *swarsel

files/emacs/init.el

@@ -402,7 +402,7 @@ create a new one."
       password-cache-expiry nil
       )
 (setq browse-url-browser-function 'browse-url-firefox)
-(setenv "DISPLAY" ":0")
+;; (setenv "DISPLAY" ":0") ;; needed for firefox
 ;; disable a keybind that does more harm than good
 (global-set-key [remap suspend-frame]
                 (lambda ()

flake.lock

@@ -3232,11 +3232,11 @@
     },
     "nixpkgs_27": {
       "locked": {
-        "lastModified": 1754498491,
+        "lastModified": 1754725699,
-        "narHash": "sha256-erbiH2agUTD0Z30xcVSFcDHzkRvkRXOQ3lb887bcVrs=",
+        "narHash": "sha256-iAcj9T/Y+3DBy2J0N+yF9XQQQ8IEb5swLFzs23CdP88=",
         "owner": "nixos",
         "repo": "nixpkgs",
-        "rev": "c2ae88e026f9525daf89587f3cbee584b92b6134",
+        "rev": "85dbfc7aaf52ecb755f87e577ddbe6dbbdbc1054",
         "type": "github"
       },
       "original": {
@@ -4416,11 +4416,11 @@
         "systems": "systems_17"
       },
       "locked": {
-        "lastModified": 1754778610,
+        "lastModified": 1754846369,
-        "narHash": "sha256-XFv8P39Lps5bbjFdA3GWkY8ibpgdekFd10LsAFUVQhA=",
+        "narHash": "sha256-yT9Z1VS/i9ZkqdeMYjACd0xPmF/X0ZILt7YTlHfBD8k=",
         "owner": "Swarsel",
         "repo": "swarsel-modules",
-        "rev": "7ecf2230e28e64097ca1208aa4bf4f242ec2bc3b",
+        "rev": "60a2c35486f458e9ae95883801d8509840096d21",
         "type": "github"
       },
       "original": {

modules/home/common/env.nix

@@ -1,24 +1,22 @@
-{ lib, config, globals, nixosConfig ? config, ... }:
+{ lib, config, nixosConfig ? config, ... }:
 let
   inherit (nixosConfig.repo.secrets.common.mail) address1 address2 address3 address4 allMailAddresses;
   inherit (nixosConfig.repo.secrets.common.calendar) source1 source1-name source2 source2-name source3 source3-name;
   inherit (nixosConfig.repo.secrets.common) fullName;
-  inherit (config.swarselsystems) isPublic;
+  inherit (config.swarselsystems) isPublic homeDir;
-  crocDomain = globals.services.croc.domain;
+
+  DISPLAY = ":0";
 in
 {
   options.swarselmodules.env = lib.mkEnableOption "env settings";
   config = lib.mkIf config.swarselmodules.env {
     home.sessionVariables = {
+      inherit DISPLAY;
       EDITOR = "e -w";
-      DISPLAY = ":0";
+    } // (lib.optionalAttrs (!isPublic) { });
-      SWARSEL_LO_RES = config.swarselsystems.lowResolution;
+    systemd.user.sessionVariables = {
-      SWARSEL_HI_RES = config.swarselsystems.highResolution;
+      DOCUMENT_DIR_PRIV = lib.mkForce "${homeDir}/Documents/Private";
-    } // (lib.optionalAttrs (!isPublic) {
+    } // lib.optionalAttrs (!isPublic) {
-      CROC_RELAY = crocDomain;
-      GITHUB_NOTIFICATION_TOKEN_PATH = nixosConfig.sops.secrets.github-notifications-token.path;
-    });
-    systemd.user.sessionVariables = lib.mkIf (!isPublic) {
       SWARSEL_MAIL1 = address1;
       SWARSEL_MAIL2 = address2;
       SWARSEL_MAIL3 = address3;

modules/home/common/firefox.nix

@@ -2,6 +2,11 @@
 {
   options.swarselmodules.firefox = lib.mkEnableOption "firefox settings";
   config = lib.mkIf config.swarselmodules.firefox {
+
+    programs.zsh.sessionVariables = {
+      MOZ_DISABLE_RDD_SANDBOX = "1";
+    };
+
     programs.firefox = {
       enable = true;
       package = pkgs.firefox; # uses overrides

modules/home/common/sway.nix

@@ -1,4 +1,4 @@
-{ self, config, lib, ... }:
+{ self, config, lib, vars, ... }:
 let
   eachOutput = _: monitor: {
     inherit (monitor) name;
@@ -27,8 +27,8 @@ in
         # { command = "nextcloud --background"; }
         { command = "vesktop --start-minimized --enable-speech-dispatcher --ozone-platform-hint=auto --enable-features=WaylandWindowDecorations --enable-wayland-ime"; }
         { command = "element-desktop --hidden  --enable-features=UseOzonePlatform --ozone-platform=wayland --disable-gpu-driver-bug-workarounds"; }
-        { command = "ANKI_WAYLAND=1 anki"; }
+        { command = "anki"; }
-        { command = "OBSIDIAN_USE_WAYLAND=1 obsidian"; }
+        { command = "obsidian"; }
         { command = "nm-applet"; }
         # { command = "feishin"; }
       ];
@@ -59,16 +59,16 @@ in
     };
     swayfxConfig = lib.mkOption {
       type = lib.types.str;
-      default = "
+      default = ''
-                        blur enable
+        blur enable
-                        blur_xray disable
+        blur_xray disable
-                        blur_passes 1
+        blur_passes 1
-                        blur_radius 1
+        blur_radius 1
-                        shadows enable
+        shadows enable
-                        corner_radius 2
+        corner_radius 2
-                        titlebar_separator disable
+        titlebar_separator disable
-                        default_dim_inactive 0.02
+        default_dim_inactive 0.02
-                    ";
+      '';
       internal = true;
     };
   };
@@ -85,15 +85,29 @@ in
       };
       swayfxConfig = lib.mkIf (!config.swarselsystems.isNixos) " ";
     };
+
     wayland.windowManager.sway = {
       enable = true;
-      checkConfig = false; # delete this line once SwayFX is fixed upstream
+      # checkConfig = false; # delete this line once SwayFX is fixed upstream
       package = lib.mkIf config.swarselsystems.isNixos null;
       systemd = {
         enable = true;
         xdgAutostart = true;
+        variables = [
+          "DISPLAY"
+          "WAYLAND_DISPLAY"
+          "SWAYSOCK"
+          "XDG_CURRENT_DESKTOP"
+          "XDG_SESSION_TYPE"
+          "NIXOS_OZONE_WL"
+          "XCURSOR_THEME"
+          "XCURSOR_SIZE"
+        ];
+      };
+      wrapperFeatures = {
+        base = true;
+        gtk = true;
       };
-      wrapperFeatures.gtk = true;
       config = rec {
         modifier = "Mod4";
         # terminal = "kitty";
@@ -371,16 +385,10 @@ in
         };
       };
       extraSessionCommands = ''
-        export SDL_VIDEODRIVER=wayland
+        export XDG_CURRENT_DESKTOP=sway;
-        export QT_QPA_PLATFORM=wayland
+        export XDG_SESSION_DESKTOP=sway;
-        export QT_WAYLAND_DISABLE_WINDOWDECORATION="1"
+        export _JAVA_AWT_WM_NONREPARENTING=1;
-        export _JAVA_AWT_WM_NONREPARENTING=1
+      '' + vars.waylandExports;
-        export XDG_CURRENT_DESKTOP=sway
-        export XDG_SESSION_DESKTOP=sway
-        export QTWEBENGINE_CHROMIUM_FLAGS="--no-sandbox";
-        export ANKI_WAYLAND=1;
-        export OBSIDIAN_USE_WAYLAND=1;
-      '';
       # extraConfigEarly = "
       # exec systemctl --user import-environment DISPLAY WAYLAND_DISPLAY SWAYSOCK
       # exec hash dbus-update-activation-environment 2>/dev/null && dbus-update-activation-environment --systemd DISPLAY WAYLAND_DISPLAY SWAYSOCK
@@ -391,36 +399,36 @@ in
           swayfxSettings = config.swarselsystems.swayfxConfig;
         in
         "
-          exec_always autotiling
+exec_always autotiling
-          set $exit \"exit: [s]leep, [l]ock, [p]oweroff, [r]eboot, [u]ser logout\"
+            set $exit \"exit: [s]leep, [l]ock, [p]oweroff, [r]eboot, [u]ser logout\"
 
-          mode $exit {
+            mode $exit {
-            bindsym --to-code {
+              bindsym --to-code {
-              s exec \"systemctl suspend\", mode \"default\"
+                s exec \"systemctl suspend\", mode \"default\"
-              h exec \"systemctl hibernate\", mode \"default\"
+                h exec \"systemctl hibernate\", mode \"default\"
-              l exec \"swaylock --screenshots --clock --effect-blur 7x5 --effect-vignette 0.5:0.5 --fade-in 0.2 --daemonize\", mode \"default\
+                l exec \"swaylock --screenshots --clock --effect-blur 7x5 --effect-vignette 0.5:0.5 --fade-in 0.2 --daemonize\", mode \"default\
-              p exec \"systemctl poweroff\"
+                p exec \"systemctl poweroff\"
-              r exec \"systemctl reboot\"
+                r exec \"systemctl reboot\"
-              u exec \"swaymsg exit\"
+                u exec \"swaymsg exit\"
 
-              Return mode \"default\"
+                Return mode \"default\"
-              Escape mode \"default\"
+                Escape mode \"default\"
-              ${modifier}+Escape mode \"default\"
+                ${modifier}+Escape mode \"default\"
+              }
             }
-          }
 
-          exec systemctl --user import-environment
+            exec systemctl --user import-environment
-          exec swayidle -w
+            exec swayidle -w
 
-          seat * hide_cursor 2000
+            seat * hide_cursor 2000
 
-          exec_always kill -1 $(pidof kanshi)
+            exec_always kill -1 $(pidof kanshi)
 
-          bindswitch --locked lid:on exec kanshictl switch lidclosed
+            bindswitch --locked lid:on exec kanshictl switch lidclosed
-          bindswitch --locked lid:off exec kanshictl switch lidopen
+            bindswitch --locked lid:off exec kanshictl switch lidopen
 
-          ${swayfxSettings}
+            ${swayfxSettings}
-          ";
+            ";
     };
   };
 }

modules/home/common/waybar.nix

@@ -64,11 +64,13 @@ in
       github-notifications-token = { path = "${xdgDir}/secrets/github-notifications-token"; };
     };
 
+    services.playerctld.enable = true;
+
     programs.waybar = {
       enable = true;
       systemd = {
         enable = true;
-        target = "sway-sessions.target";
+        target = "sway-session.target";
       };
       settings = {
         mainBar = {

modules/home/common/zsh.nix

@@ -1,6 +1,7 @@
-{ config, lib, minimal, nixosConfig ? config, ... }:
+{ config, pkgs, lib, minimal, globals, nixosConfig ? config, ... }:
 let
   inherit (config.swarselsystems) flakePath;
+  crocDomain = globals.services.croc.domain;
 in
 {
   options.swarselmodules.zsh = lib.mkEnableOption "zsh settings";
@@ -86,7 +87,7 @@ in
           #   src = pkgs.zsh-fzf-tab;
           # }
         ];
-        initContent = lib.mkIf (!config.swarselsystems.isPublic) ''
+        initContent = ''
           my-forward-word() {
             local WORDCHARS=$WORDCHARS
             WORDCHARS="''${WORDCHARS//:}"
@@ -125,10 +126,14 @@ in
           zle -N my-backward-delete-word
           # ctrl + del
           bindkey '^H' my-backward-delete-word
-
-          export CROC_PASS="$(cat ${nixosConfig.sops.secrets.croc-password.path})"
-          export GITHUB_TOKEN="$(cat ${nixosConfig.sops.secrets.github-nixpkgs-review-token.path})"
         '';
+        sessionVariables = lib.mkIf (!config.swarselsystems.isPublic) {
+          CROC_RELAY = crocDomain;
+          CROC_PASS = "$(cat ${nixosConfig.sops.secrets.croc-password.path})";
+          GITHUB_TOKEN = "$(cat ${nixosConfig.sops.secrets.github-nixpkgs-review-token.path})";
+          QT_QPA_PLATFORM_PLUGIN_PATH = "${pkgs.libsForQt5.qt5.qtbase.bin}/lib/qt-${pkgs.libsForQt5.qt5.qtbase.version}/plugins";
+          # QTWEBENGINE_CHROMIUM_FLAGS = "--no-sandbox";
+        };
       };
     };
 }

modules/home/optional/work.nix

@@ -20,8 +20,7 @@ in
         openstackclient
       ];
 
-      home.sessionVariables = {
+      systemd.user.sessionVariables = {
-        DOCUMENT_DIR_PRIV = lib.mkForce "${homeDir}/Documents/Private";
         DOCUMENT_DIR_WORK = lib.mkForce "${homeDir}/Documents/Work";
       };
 
@@ -136,6 +135,19 @@ in
               pr = "$HOME/Documents/Private";
               ac = path1;
             };
+
+            sessionVariables = {
+              VSPHERE_USER = "$(cat ${nixosConfig.sops.secrets.vcuser.path})";
+              VSPHERE_PW = "$(cat ${nixosConfig.sops.secrets.vcpw.path})";
+              GOVC_USERNAME = "$(cat ${nixosConfig.sops.secrets.govcuser.path})";
+              GOVC_PASSWORD = "$(cat ${nixosConfig.sops.secrets.govcpw.path})";
+              GOVC_URL = "$(cat ${nixosConfig.sops.secrets.govcurl.path})";
+              GOVC_DATACENTER = "$(cat ${nixosConfig.sops.secrets.govcdc.path})";
+              GOVC_DATASTORE = "$(cat ${nixosConfig.sops.secrets.govcds.path})";
+              GOVC_HOST = "$(cat ${nixosConfig.sops.secrets.govchost.path})";
+              GOVC_RESOURCE_POOL = "$(cat ${nixosConfig.sops.secrets.govcpool.path})";
+              GOVC_NETWORK = "$(cat ${nixosConfig.sops.secrets.govcnetwork.path})";
+            };
           };
 
           ssh = {
@@ -424,8 +436,8 @@ in
           # { command = "nextcloud --background"; }
           { command = "vesktop --start-minimized --enable-speech-dispatcher --ozone-platform-hint=auto --enable-features=WaylandWindowDecorations --enable-wayland-ime"; }
           { command = "element-desktop --hidden  --enable-features=UseOzonePlatform --ozone-platform=wayland --disable-gpu-driver-bug-workarounds"; }
-          { command = "ANKI_WAYLAND=1 anki"; }
+          { command = "anki"; }
-          { command = "OBSIDIAN_USE_WAYLAND=1 obsidian"; }
+          { command = "obsidian"; }
           { command = "nm-applet"; }
           # { command = "feishin"; }
           { command = "teams-for-linux --disableGpu=true --minimized=true --trayIconEnabled=true"; }

modules/nixos/client/env.nix

@@ -7,15 +7,15 @@
       wordlist.enable = true;
       sessionVariables = {
         NIXOS_OZONE_WL = "1";
+        SWARSEL_LO_RES = config.swarselsystems.lowResolution;
+        SWARSEL_HI_RES = config.swarselsystems.highResolution;
         GST_PLUGIN_SYSTEM_PATH_1_0 = lib.makeSearchPathOutput "lib" "lib/gstreamer-1.0" (with pkgs.gst_all_1; [
           gst-plugins-good
           gst-plugins-bad
           gst-plugins-ugly
           gst-libav
         ]);
-      } // (lib.optionalAttrs (!config.swarselsystems.isPublic) {
+      } // (lib.optionalAttrs (!config.swarselsystems.isPublic) { });
-        GITHUB_NOTIFICATION_TOKEN_PATH = config.sops.secrets.github-notifications-token.path;
-      });
     };
   };
 }

modules/nixos/client/login.nix

@@ -5,7 +5,8 @@
     services.greetd = {
       enable = true;
       settings = {
-        initial_session.command = "sway";
+        # initial_session.command = "sway";
+        initial_session.command = "uwsm start -- sway-uwsm.desktop";
         default_session.command = ''
           ${pkgs.tuigreet}/bin/tuigreet \
             --time \
@@ -16,8 +17,8 @@
       };
     };
 
-    environment.etc."greetd/environments".text = ''
+    # environment.etc."greetd/environments".text = ''
-      sway
+    #   sway
-    '';
+    # '';
   };
 }

modules/nixos/client/network.nix

@@ -59,9 +59,9 @@ in
           Settings = {
             AutoConnect = true;
           };
-          DriverQuirks = {
+          # DriverQuirks = {
-            UseDefaultInterface = true;
+          #   UseDefaultInterface = true;
-          };
+          # };
         };
       };
       nftables.enable = lib.mkDefault true;

modules/nixos/client/sway.nix

@@ -1,4 +1,7 @@
 { lib, config, pkgs, ... }:
+let
+  inherit (config.swarselsystems) mainUser;
+in
 {
   options.swarselmodules.sway = lib.mkEnableOption "sway config";
   config = lib.mkIf config.swarselmodules.sway {
@@ -10,15 +13,7 @@
         gtk = true;
       };
 
-      extraSessionCommands = ''
+      inherit (config.home-manager.users.${mainUser}.wayland.windowManager.sway) extraSessionCommands;
-        export XDG_SESSION_DESKTOP=sway
-        export SDL_VIDEODRIVER=wayland
-        export QT_QPA_PLATFORM=wayland-egl
-        export QT_WAYLAND_DISABLE_WINDOWDECORATION=1
-        export QT_QPA_PLATFORM_PLUGIN_PATH="${pkgs.libsForQt5.qt5.qtbase.bin}/lib/qt-${pkgs.libsForQt5.qt5.qtbase.version}/plugins";
-        export MOZ_ENABLE_WAYLAND=1
-        export MOZ_DISABLE_RDD_SANDBOX=1
-      '';
     };
   };
 }

modules/nixos/client/uwsm.nix

@@ -0,0 +1,19 @@
+{ lib, config, ... }:
+let
+  moduleName = "uwsm";
+in
+{
+  options.swarselmodules.${moduleName} = lib.mkEnableOption "${moduleName} settings";
+  config = lib.mkIf config.swarselmodules.${moduleName} {
+    programs.uwsm = {
+      enable = true;
+      waylandCompositors = {
+        sway = {
+          prettyName = "Sway";
+          comment = "Sway compositor managed by UWSM";
+          binPath = "/run/current-system/sw/bin/sway";
+        };
+      };
+    };
+  };
+}

modules/nixos/optional/work.nix

@@ -83,18 +83,6 @@ in
     };
 
     programs = {
-      zsh.shellInit = ''
-        export VSPHERE_USER="$(cat ${config.sops.secrets.vcuser.path})"
-        export VSPHERE_PW="$(cat ${config.sops.secrets.vcpw.path})"
-        export GOVC_USERNAME="$(cat ${config.sops.secrets.govcuser.path})"
-        export GOVC_PASSWORD="$(cat ${config.sops.secrets.govcpw.path})"
-        export GOVC_URL="$(cat ${config.sops.secrets.govcurl.path})"
-        export GOVC_DATACENTER="$(cat ${config.sops.secrets.govcdc.path})"
-        export GOVC_DATASTORE="$(cat ${config.sops.secrets.govcds.path})"
-        export GOVC_HOST="$(cat ${config.sops.secrets.govchost.path})"
-        export GOVC_RESOURCE_POOL="$(cat ${config.sops.secrets.govcpool.path})"
-        export GOVC_NETWORK="$(cat ${config.sops.secrets.govcnetwork.path})"
-      '';
 
       browserpass.enable = true;
       _1password.enable = true;

modules/shared/vars.nix

@@ -1,7 +1,22 @@
 { self, lib, pkgs, ... }:
 {
   _module.args = {
-    vars = {
+    vars = rec {
+      waylandSessionVariables = {
+        SDL_VIDEODRIVER = "wayland";
+        QT_WAYLAND_DISABLE_WINDOWDECORATION = "1";
+        QT_QPA_PLATFORM = "wayland-egl";
+        ANKI_WAYLAND = "1";
+        OBSIDIAN_USE_WAYLAND = "1";
+        MOZ_ENABLE_WAYLAND = "1";
+      };
+
+      waylandExports =
+        let
+          renderedWaylandExports = map (key: "export ${key}=${waylandSessionVariables.${key}};") (builtins.attrNames waylandSessionVariables);
+        in
+        builtins.concatStringsSep "\n" renderedWaylandExports;
+
       stylix = {
         polarity = "dark";
         opacity.popups = 0.5;

profiles/nixos/personal/default.nix

@@ -36,6 +36,7 @@
       impermanence = lib.mkDefault true;
       nvd = lib.mkDefault true;
       gnome-keyring = lib.mkDefault true;
+      uwsm = lib.mkDefault true;
       sway = lib.mkDefault true;
       xdg-portal = lib.mkDefault true;
       distrobox = lib.mkDefault true;