From d9f3b84dd998862c8dd945f7aef22951711c0998 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Leon=20Schwarz=C3=A4ugl?=
 <leon.schwarzaeugl@imba.oeaw.ac.at>
Date: Wed, 26 Mar 2025 21:51:04 +0100
Subject: [PATCH] feat: [work] lock upon yubikey removal

---
 SwarselSystems.org               |  5 ++---
 profiles/nixos/optional/work.nix | 22 ++++------------------
 2 files changed, 6 insertions(+), 21 deletions(-)

diff --git a/SwarselSystems.org b/SwarselSystems.org
index 49f8f5f..f6d957f 100644
--- a/SwarselSystems.org
+++ b/SwarselSystems.org
@@ -8487,7 +8487,7 @@ Options that I need specifically at work. There are more options at [[#h:f0b2ea9
       openssh = {
         enable = true;
         extraConfig = ''
-                  '';
+                    '';
       };
 
       syncthing = {
@@ -8510,14 +8510,13 @@ Options that I need specifically at work. There are more options at [[#h:f0b2ea9
         SUBSYSTEM=="usb", ACTION=="add", ATTRS{idVendor}=="04e8", ATTRS{idProduct}=="6860", TAG+="systemd", ENV{SYSTEMD_WANTS}="swarsel-screenshare.service"
 
         # lock screen when yubikey removed
-        SUBSYSTEM=="usb", ACTION=="remove", ENV{PRODUCT}=="1050/407/543", TAG+="systemd", ENV{SYSTEMD_WANTS}="swarsel-lock.service"
+        ACTION=="remove", ENV{PRODUCT}=="3/1050/407/110", RUN+="${pkgs.systemd}/bin/systemctl suspend"
       '';
 
     };
 
     systemd.services = lib.mkMerge [
       (swarselService "swarsel-screenshare" "Start screensharing after HDMI dongle is detected" "${pkgs.screenshare}/bin/screenshare -h")
-      (swarselService "swarsel-lock" "Lock screen upon Yubikey removel" "${pkgs.swaylock-effects}/bin/swaylock -f --screenshots --clock --effect-blur 7x5 --effect-vignette 0.5:0.5 --fade-in 0.2")
     ];
 
     # cgroups v1 is required for centos7 dockers
diff --git a/profiles/nixos/optional/work.nix b/profiles/nixos/optional/work.nix
index 3df2d53..355b89e 100644
--- a/profiles/nixos/optional/work.nix
+++ b/profiles/nixos/optional/work.nix
@@ -123,7 +123,7 @@ in
     openssh = {
       enable = true;
       extraConfig = ''
-                '';
+                  '';
     };
 
     syncthing = {
@@ -144,27 +144,13 @@ in
     udev.extraRules = ''
       # share screen when dongle detected
       SUBSYSTEM=="usb", ACTION=="add", ATTRS{idVendor}=="04e8", ATTRS{idProduct}=="6860", TAG+="systemd", ENV{SYSTEMD_WANTS}="swarsel-screenshare.service"
+
+      # lock screen when yubikey removed
+      ACTION=="remove", ENV{PRODUCT}=="3/1050/407/110", RUN+="${pkgs.systemd}/bin/systemctl suspend"
     '';
 
   };
 
-  systemd.services.swarsel-screenshare = {
-    enable = true;
-    description = "Screensharing service upon dongle plugin";
-    serviceConfig = {
-      ExecStart = "${pkgs.screenshare}/bin/screenshare -h";
-      User = mainUser;
-      Group = "users";
-      Environment = [
-        "PATH=/run/current-system/sw/bin:/etc/profiles/per-user/${mainUser}/bin"
-        "XDG_RUNTIME_DIR=${xdgDir}"
-        "WAYLAND_DISPLAY=wayland-1"
-      ];
-      Type = "oneshot";
-      StandardOutput = "journal";
-      StandardError = "journal";
-    };
-  };
   systemd.services = lib.mkMerge [
     (swarselService "swarsel-screenshare" "Start screensharing after HDMI dongle is detected" "${pkgs.screenshare}/bin/screenshare -h")
   ];