refactor: indirections f. user,[home,flake,xdg]Dir

profiles/nixos/common/impermanence.nix

@@ -1,10 +1,11 @@
 { config, lib, ... }:
 let
   mapperTarget = lib.swarselsystems.mkIfElse config.swarselsystems.isCrypted "/dev/mapper/cryptroot" "/dev/disk/by-label/nixos";
+  inherit (config.swarselsystems) homeDir isImpermanence isCrypted;
 in
 {
 
-  security.sudo.extraConfig = lib.mkIf config.swarselsystems.isImpermanence ''
+  security.sudo.extraConfig = lib.mkIf isImpermanence ''
     # rollback results in sudo lectures after each reboot
     Defaults lecture = never
   '';
@@ -13,15 +14,15 @@ in
   # So if it doesn't run, the btrfs system effectively acts like a normal system
   # Taken from https://github.com/NotAShelf/nyx/blob/2a8273ed3f11a4b4ca027a68405d9eb35eba567b/modules/core/common/system/impermanence/default.nix
 
-  boot.initrd.systemd.enable = lib.mkIf config.swarselsystems.isImpermanence true;
+  boot.initrd.systemd.enable = lib.mkIf isImpermanence true;
 
-  boot.initrd.systemd.services.rollback = lib.mkIf config.swarselsystems.isImpermanence {
+  boot.initrd.systemd.services.rollback = lib.mkIf isImpermanence {
     description = "Rollback BTRFS root subvolume to a pristine state";
     wantedBy = [ "initrd.target" ];
     # make sure it's done after encryption
     # i.e. LUKS/TPM process
-    after = lib.swarselsystems.mkIfElseList config.swarselsystems.isCrypted [ "systemd-cryptsetup@cryptroot.service" ] [ "dev-disk-by\\x2dlabel-nixos.device" ];
-    requires = lib.mkIf (!config.swarselsystems.isCrypted) [ "dev-disk-by\\x2dlabel-nixos.device" ];
+    after = lib.swarselsystems.mkIfElseList isCrypted [ "systemd-cryptsetup@cryptroot.service" ] [ "dev-disk-by\\x2dlabel-nixos.device" ];
+    requires = lib.mkIf (!isCrypted) [ "dev-disk-by\\x2dlabel-nixos.device" ];
     # mount the root fs before clearing
     before = [ "sysroot.mount" ];
     unitConfig.DefaultDependencies = "no";
@@ -63,7 +64,7 @@ in
   };
 
 
-  environment.persistence."/persist" = lib.mkIf config.swarselsystems.isImpermanence {
+  environment.persistence."/persist" = lib.mkIf isImpermanence {
     hideMounts = true;
     directories =
       [
@@ -73,7 +74,7 @@ in
         "/etc/nix"
         "/etc/NetworkManager/system-connections"
         # "/etc/secureboot"
-        "/home/swarsel/.dotfiles"
+        "${homeDir}/.dotfiles"
         "/var/db/sudo"
         "/var/cache"
         "/var/lib"

profiles/nixos/common/login.nix

@@ -4,7 +4,6 @@
     enable = true;
     settings = {
       initial_session.command = "sway";
-      # initial_session.user ="swarsel";
       default_session.command = ''
         ${pkgs.greetd.tuigreet}/bin/tuigreet \
           --time \

profiles/nixos/common/network.nix

@@ -225,7 +225,7 @@
             proxy = { };
             wifi = {
               mode = "ap";
-              ssid = "Hotspot-swarsel";
+              ssid = "Hotspot-${config.swarselsystems.mainUser}";
             };
             wifi-security = {
               group = "ccmp;";

profiles/nixos/common/settings.nix

@@ -21,7 +21,7 @@
           "cgroups"
           "pipe-operators"
         ];
-        trusted-users = [ "@wheel" "swarsel" ];
+        trusted-users = [ "@wheel" "${config.swarselsystems.mainUser}" ];
         connect-timeout = 5;
         bash-prompt-prefix = "$SHLVL:\\w ";
         bash-prompt = "$(if [[ $? -gt 0 ]]; then printf \"\"; else printf \"\"; fi)\[\e[1m\]λ\[\e[0m\] ";

profiles/nixos/common/sops.nix

@@ -1,12 +1,13 @@
 { self, config, lib, ... }:
 let
   certsSopsFile = self + /secrets/certs/secrets.yaml;
+  inherit (config.swarselsystems) mainUser homeDir;
 in
 {
   sops = lib.mkIf (!config.swarselsystems.isPublic) {
 
-    age.sshKeyPaths = lib.swarselsystems.mkIfElseList config.swarselsystems.isBtrfs [ "/persist/.ssh/sops" "/persist/.ssh/ssh_host_ed25519_key" ] [ "${config.users.users.swarsel.home}/.ssh/sops" "/etc/ssh/ssh_host_ed25519_key" ];
-    defaultSopsFile = lib.swarselsystems.mkIfElseList config.swarselsystems.isBtrfs "/persist/.dotfiles/secrets/general/secrets.yaml" "${config.users.users.swarsel.home}/.dotfiles/secrets/general/secrets.yaml";
+    age.sshKeyPaths = lib.swarselsystems.mkIfElseList config.swarselsystems.isBtrfs [ "/persist/.ssh/sops" "/persist/.ssh/ssh_host_ed25519_key" ] [ "${homeDir}/.ssh/sops" "/etc/ssh/ssh_host_ed25519_key" ];
+    defaultSopsFile = lib.swarselsystems.mkIfElseList config.swarselsystems.isBtrfs "/persist/.dotfiles/secrets/general/secrets.yaml" "${homeDir}/.dotfiles/secrets/general/secrets.yaml";
 
     validateSopsFiles = false;
 
@@ -28,8 +29,8 @@ in
       githubforgepass = { };
       gitlabforgeuser = { };
       gitlabforgepass = { };
-      "sweden-aes-128-cbc-udp-dns-crl-verify.pem" = { sopsFile = certsSopsFile; owner = "swarsel"; };
-      "sweden-aes-128-cbc-udp-dns-ca.pem" = { sopsFile = certsSopsFile; owner = "swarsel"; };
+      "sweden-aes-128-cbc-udp-dns-crl-verify.pem" = { sopsFile = certsSopsFile; owner = mainUser; };
+      "sweden-aes-128-cbc-udp-dns-ca.pem" = { sopsFile = certsSopsFile; owner = mainUser; };
     };
     templates = {
       "network-manager.env".content = ''
@@ -45,15 +46,6 @@ in
         WIREGUARDPUB=${config.sops.placeholder.wireguardpub}
         WIREGUARDENDPOINT=${config.sops.placeholder.wireguardendpoint}
       '';
-      # ".authinfo" = {
-      #   owner = "swarsel";
-      #   path = "${config.users.users.swarsel.home}/.emacs.d/.authinfo";
-      #   content = ''
-      #     machine stash.swarsel.win:443 port https login ${config.sops.placeholder.stashuser} password ${config.sops.placeholder.stashpass}
-      #     machine gitlab.com/api/v4 login ${config.sops.placeholder.githubforgeuser} password ${config.sops.placeholder.githubforgepass}
-      #     machine api.github.com login ${config.sops.placeholder.gitlabforgeuser} password ${config.sops.placeholder.gitlabforgepass}
-      #   '';
-      # };
     };
   };
 }

profiles/nixos/common/stylix.nix

@@ -6,7 +6,7 @@
       image = config.swarselsystems.wallpaper;
     }
     config.swarselsystems.stylix;
-  home-manager.users.swarsel = {
+  home-manager.users."${config.swarselsystems.mainUser}" = {
     stylix = {
       targets = {
         emacs.enable = false;

profiles/nixos/common/syncthing.nix

@@ -1,10 +1,13 @@
-{ lib, ... }:
+{ lib, config, ... }:
+let
+  inherit (config.swarselsystems) mainUser homeDir;
+in
 {
   services.syncthing = {
     enable = true;
-    user = "swarsel";
-    dataDir = "/home/swarsel";
-    configDir = "/home/swarsel/.config/syncthing";
+    user = mainUser;
+    dataDir = homeDir;
+    configDir = "${homeDir}/.config/syncthing";
     openDefaultPorts = true;
     settings = {
       devices = {
@@ -20,27 +23,27 @@
       };
       folders = {
         "Default Folder" = lib.mkDefault {
-          path = "/home/swarsel/Sync";
+          path = "${homeDir}/Sync";
           devices = [ "sync (@oracle)" "magicant" "winters" ];
           id = "default";
         };
         "Obsidian" = {
-          path = "/home/swarsel/Nextcloud/Obsidian";
+          path = "${homeDir}/Nextcloud/Obsidian";
           devices = [ "sync (@oracle)" "magicant" "winters" ];
           id = "yjvni-9eaa7";
         };
         "Org" = {
-          path = "/home/swarsel/Nextcloud/Org";
+          path = "${homeDir}/Nextcloud/Org";
           devices = [ "sync (@oracle)" "magicant" "winters" ];
           id = "a7xnl-zjj3d";
         };
         "Vpn" = {
-          path = "/home/swarsel/Vpn";
+          path = "${homeDir}/Vpn";
           devices = [ "sync (@oracle)" "magicant" "winters" ];
           id = "hgp9s-fyq3p";
         };
         ".elfeed" = {
-          path = "/home/swarsel/.elfeed";
+          path = "${homeDir}/.elfeed";
           devices = [ "sync (@oracle)" "magicant" "winters" ];
           id = "h7xbs-fs9v1";
         };

profiles/nixos/common/users.nix

@@ -4,7 +4,7 @@
 
   users = {
     mutableUsers = lib.mkIf (!config.swarselsystems.initialSetup) false;
-    users.swarsel = {
+    users."${config.swarselsystems.mainUser}" = {
       isNormalUser = true;
       description = "Leon S";
       password = lib.mkIf config.swarselsystems.initialSetup "setup";

profiles/nixos/optional/autologin.nix

@@ -1,7 +1,10 @@
-_:
+{ config, ... }:
+let
+  inherit (config.swarselsystems) mainUser;
+in
 {
   services = {
-    getty.autologinUser = "swarsel";
-    greetd.settings.initial_session.user = "swarsel";
+    getty.autologinUser = mainUser;
+    greetd.settings.initial_session.user = mainUser;
   };
 }

profiles/nixos/optional/work.nix

@@ -1,6 +1,7 @@
 { self, lib, pkgs, config, ... }:
 let
-  owner = "swarsel";
+  inherit (config.swarselsystems) mainUser homeDir xdgDir;
+  owner = mainUser;
   sopsFile = self + /secrets/work/secrets.yaml;
 in
 {
@@ -26,7 +27,7 @@ in
     _1password.enable = true;
     _1password-gui = {
       enable = true;
-      polkitPolicyOwners = [ "swarsel" ];
+      polkitPolicyOwners = [ "${mainUser}" ];
     };
   };
 
@@ -93,7 +94,7 @@ in
     openssh = {
       enable = true;
       extraConfig = ''
-          '';
+        '';
     };
 
     syncthing = {
@@ -103,13 +104,36 @@ in
         };
         folders = {
           "Documents" = {
-            path = "/home/swarsel/Documents";
+            path = "${homeDir}/Documents";
             devices = [ "magicant" "winters" ];
             id = "hgr3d-pfu3w";
           };
         };
       };
     };
+
+    udev.extraRules = ''
+      SUBSYSTEM=="usb", ACTION=="add", ATTRS{idVendor}=="04e8", ATTRS{idProduct}=="6860", TAG+="systemd", ENV{SYSTEMD_WANTS}="swarsel-screenshare.service"
+    '';
+
+  };
+
+  systemd.services.swarsel-screenshare = {
+    enable = true;
+    description = "Screensharing service upon dongle plugin";
+    serviceConfig = {
+      ExecStart = "${pkgs.screenshare}/bin/screenshare";
+      User = mainUser;
+      Group = "users";
+      Environment = [
+        "PATH=/run/current-system/sw/bin:/etc/profiles/per-user/${mainUser}/bin"
+        "XDG_RUNTIME_DIR=${xdgDir}"
+        "WAYLAND_DISPLAY=wayland-1"
+      ];
+      Type = "oneshot";
+      StandardOutput = "journal";
+      StandardError = "journal";
+    };
   };
 
   # cgroups v1 is required for centos7 dockers

profiles/nixos/server/settings.nix

@@ -1,12 +1,15 @@
 { lib, config, ... }:
+let
+  inherit (config.swarselsystems) flakePath;
+in
 {
   environment.shellAliases = lib.recursiveUpdate
     {
-      npswitch = "cd ${config.swarselsystems.flakePath}; git pull; sudo nixos-rebuild --flake .#$(hostname) switch; cd -;";
-      nswitch = "sudo nixos-rebuild --flake ${config.swarselsystems.flakePath}#$(hostname) switch;";
-      npiswitch = "cd ${config.swarselsystems.flakePath}; git pull; sudo nixos-rebuild --flake .#$(hostname) switch --impure; cd -;";
-      nipswitch = "cd ${config.swarselsystems.flakePath}; git pull; sudo nixos-rebuild --flake .#$(hostname) switch --impure; cd -;";
-      niswitch = "sudo nixos-rebuild --flake ${config.swarselsystems.flakePath}#$(hostname) switch --impure;";
+      npswitch = "cd ${flakePath}; git pull; sudo nixos-rebuild --flake .#$(hostname) switch; cd -;";
+      nswitch = "sudo nixos-rebuild --flake ${flakePath}#$(hostname) switch;";
+      npiswitch = "cd ${flakePath}; git pull; sudo nixos-rebuild --flake .#$(hostname) switch --impure; cd -;";
+      nipswitch = "cd ${flakePath}; git pull; sudo nixos-rebuild --flake .#$(hostname) switch --impure; cd -;";
+      niswitch = "sudo nixos-rebuild --flake ${flakePath}#$(hostname) switch --impure;";
     }
     config.swarselsystems.shellAliases;
 

profiles/nixos/server/ssh.nix

@@ -1,9 +1,9 @@
-{ self, ... }:
+{ self, config, ... }:
 {
   services.openssh = {
     enable = true;
   };
-  users.users.swarsel.openssh.authorizedKeys.keyFiles = [
+  users.users."${config.swarselsystems.mainUser}".openssh.authorizedKeys.keyFiles = [
     (self + /secrets/keys/ssh/yubikey.pub)
     (self + /secrets/keys/ssh/magicant.pub)
   ];