diff --git a/SwarselSystems.org b/SwarselSystems.org index 3150785..10f1c9f 100644 --- a/SwarselSystems.org +++ b/SwarselSystems.org @@ -1,4 +1,4 @@ -#+title: SwarselSystems: NixOS + Emacs Configurationo +#+title: SwarselSystems: NixOS + Emacs Configuration #+PROPERTY: header-args:emacs-lisp :tangle files/emacs/init.el :mkdirp yes #+PROPERTY: header-args:nix :mkdirp yes #+PROPERTY: header-args:nix-ts :mkdirp yes @@ -479,11 +479,6 @@ A short overview over each input and what it does: url = "github:Gerg-l/spicetify-nix"; inputs.nixpkgs.follows = "nixpkgs"; }; - niri-flake = { - url = "github:sodiboo/niri-flake"; - inputs.nixpkgs.follows = "nixpkgs"; - }; - }; outputs = inputs: @@ -797,7 +792,6 @@ Lastly, in order make this actually available to my configurations, i use the =i inherit (globalsSystem.config.globals) domains services - hosts user root ; @@ -850,7 +844,6 @@ The rest of the outputs either define or help define the actual configurations: inputs.stylix.nixosModules.stylix inputs.nswitch-rcm-nix.nixosModules.nswitch-rcm inputs.swarsel-modules.nixosModules.default - inputs.niri-flake.nixosModules.niri "${self}/hosts/nixos/${configName}" "${self}/profiles/nixos" "${self}/modules/nixos" @@ -1480,10 +1473,6 @@ On the structure of overlays: as you notice, all of the attributes within overla ]; }; - isync = prev.isync.override { - withCyrusSaslXoauth2 = true; - }; - mgba = final.swarsel-mgba; retroarch = prev.retroarch.withCores (cores: with cores; [ @@ -1546,7 +1535,6 @@ On the structure of overlays: as you notice, all of the attributes within overla // (nixpkgs-stable24_05 final prev) // (nixpkgs-stable24_11 final prev) // (zjstatus final prev) - // (inputs.niri-flake.overlays.niri final prev) // (inputs.vbc-nix.overlays.default final prev) // (inputs.nur.overlays.default final prev) // (inputs.emacs-overlay.overlay final prev) @@ -1917,8 +1905,7 @@ My work machine. Built for more security, this is the gold standard of my config }; monitors = { main = { - # name = "BOE 0x0BC9 Unknown"; - name = "BOE 0x0BC9"; + name = "BOE 0x0BC9 Unknown"; mode = "2560x1600"; # TEMPLATE scale = "1"; position = "2560,0"; @@ -2361,8 +2348,6 @@ This is my main server that I run at home. It handles most tasks that require bi loader.efi.canTouchEfiVariables = true; }; - globals.hosts.${config.node.name}.ipv4 = config.repo.secrets.local.ipv4; - networking = { inherit (config.repo.secrets.local) hostId; hostName = "winters"; @@ -2769,7 +2754,6 @@ This machine mainly acts as my proxy server to stand before my local machines. # defaultSopsFile = lib.mkForce "/home/swarsel/.dotfiles/secrets/moonside/secrets.yaml"; secrets = { wireguard-private-key = { inherit sopsFile; }; - wireguard-home-preshared-key = { inherit sopsFile; }; }; }; @@ -2805,23 +2789,16 @@ This machine mainly acts as my proxy server to stand before my local machines. interfaces = { home-vpn = { privateKeyFile = config.sops.secrets.wireguard-private-key.path; - # ips = [ "192.168.3.4/32" ]; - ips = [ "192.168.178.201/24" ]; + ips = [ "192.168.3.4/32" ]; peers = [ { - # publicKey = "NNGvakADslOTCmN9HJOW/7qiM+oJ3jAlSZGoShg4ZWw="; - publicKey = "PmeFInoEJcKx+7Kva4dNnjOEnJ8lbudSf1cbdo/tzgw="; - presharedKeyFile = config.sops.secrets.wireguard-home-preshared-key.path; + publicKey = "NNGvakADslOTCmN9HJOW/7qiM+oJ3jAlSZGoShg4ZWw="; name = "moonside"; persistentKeepalive = 25; - # endpoint = "${config.repo.secrets.common.ipv4}:51820"; - endpoint = "${config.repo.secrets.common.wireguardEndpoint}"; - # allowedIPs = [ - # "192.168.3.0/24" - # "192.168.1.0/24" - # ]; + endpoint = "${config.repo.secrets.common.ipv4}:51820"; allowedIPs = [ - "192.168.178.0/24" + "192.168.3.0/24" + "192.168.1.0/24" ]; } ]; @@ -2890,7 +2867,6 @@ This machine mainly acts as my proxy server to stand before my local machines. }; swarselsystems = { - flakePath = "/root/.dotfiles"; info = "VM.Standard.A1.Flex, 4 OCPUs, 24GB RAM"; isImpermanence = true; isSecureBoot = false; @@ -3880,18 +3856,6 @@ in ); }; - hosts = mkOption { - type = types.attrsOf ( - types.submodule { - options = { - ipv4 = mkOption { - type = types.str; - }; - }; - } - ); - }; - domains = { main = mkOption { type = types.str; @@ -3968,7 +3932,7 @@ in emacs-radicale-pw = { owner = mainUser; }; }); templates = { - authinfo = lib.mkIf modules.emacs { + authinfo = { path = "${homeDir}/.emacs.d/.authinfo"; content = '' machine ${globals.services.radicale.domain} login ${radicaleUser} password ${config.sops.placeholder.emacs-radicale-pw} @@ -4206,7 +4170,7 @@ For that reason, make sure that =sops-nix= is properly working before finishing users = { root = { inherit (globals.root) hashedPassword; - # shell = pkgs.zsh; + shell = pkgs.zsh; }; "${config.swarselsystems.mainUser}" = { isNormalUser = true; @@ -4591,6 +4555,7 @@ Mostly used to install some compilers and lsp's that I want to have available wh dbus swaylock-effects syncthingtray-minimal + wl-mirror swayosd # secure boot @@ -4615,6 +4580,8 @@ Mostly used to install some compilers and lsp's that I want to have available wh # better make for general tasks just + screenshare + fullscreen # keyboards qmk @@ -4626,7 +4593,6 @@ Mostly used to install some compilers and lsp's that I want to have available wh # kde-connect xdg-desktop-portal - xdg-desktop-portal-gtk xdg-desktop-portal-wlr # bluetooth @@ -4864,326 +4830,325 @@ Pipewire handles communication on Wayland. This enables several sound tools as w Here I only enable =networkmanager= and a few default networks. The rest of the network config is done separately in [[#h:88bf4b90-e94b-46fb-aaf1-a381a512860d][System specific configuration]]. #+begin_src nix-ts :tangle modules/nixos/client/network.nix - { self, lib, pkgs, config, ... }: - let - certsSopsFile = self + /secrets/certs/secrets.yaml; - clientSopsFile = self + /secrets/${config.node.name}/secrets.yaml; + { self, lib, pkgs, config, ... }: + let + certsSopsFile = self + /secrets/certs/secrets.yaml; + clientSopsFile = self + /secrets/${config.node.name}/secrets.yaml; - inherit (config.swarselsystems) mainUser; - inherit (config.repo.secrets.common.network) wlan1 wlan2 mobile1 vpn1-location vpn1-cipher vpn1-address eduroam-anon; + inherit (config.swarselsystems) mainUser; + inherit (config.repo.secrets.common.network) wlan1 wlan2 mobile1 vpn1-location vpn1-cipher vpn1-address eduroam-anon; - iwd = config.networking.networkmanager.wifi.backend == "iwd"; - in - { - options.swarselsystems = { - firewall = lib.swarselsystems.mkTrueOption; + iwd = config.networking.networkmanager.wifi.backend == "iwd"; + in + { + options.swarselsystems = { + firewall = lib.swarselsystems.mkTrueOption; + }; + options.swarselmodules.network = lib.mkEnableOption "network config"; + config = lib.mkIf config.swarselmodules.network { + + sops = { + secrets = lib.mkIf (!config.swarselsystems.isPublic) { + wlan1-pw = { }; + wlan2-pw = { }; + laptop-hotspot-pw = { }; + mobile-hotspot-pw = { }; + eduroam-user = { }; + eduroam-pw = { }; + pia-vpn-user = { }; + pia-vpn-pw = { }; + home-wireguard-client-private-key = { sopsFile = clientSopsFile; }; + home-wireguard-server-public-key = { }; + home-wireguard-endpoint = { }; + pia-vpn1-crl-pem = { sopsFile = certsSopsFile; }; + pia-vpn1-ca-pem = { sopsFile = certsSopsFile; }; + }; + templates = lib.mkIf (!config.swarselsystems.isPublic) { + "network-manager.env".content = '' + WLAN1_PW=${config.sops.placeholder.wlan1-pw} + WLAN2_PW=${config.sops.placeholder.wlan2-pw} + LAPTOP_HOTSPOT_PW=${config.sops.placeholder.laptop-hotspot-pw} + MOBILE_HOTSPOT_PW=${config.sops.placeholder.mobile-hotspot-pw} + EDUROAM_USER=${config.sops.placeholder.eduroam-user} + EDUROAM_PW=${config.sops.placeholder.eduroam-pw} + PIA_VPN_USER=${config.sops.placeholder.pia-vpn-user} + PIA_VPN_PW=${config.sops.placeholder.pia-vpn-pw} + HOME_WIREGUARD_CLIENT_PRIVATE_KEY=${config.sops.placeholder.home-wireguard-client-private-key} + HOME_WIREGUARD_SERVER_PUBLIC_KEY=${config.sops.placeholder.home-wireguard-server-public-key} + HOME_WIREGUARD_ENDPOINT=${config.sops.placeholder.home-wireguard-endpoint} + ''; + }; }; - options.swarselmodules.network = lib.mkEnableOption "network config"; - config = lib.mkIf config.swarselmodules.network { - sops = { - secrets = lib.mkIf (!config.swarselsystems.isPublic) { - wlan1-pw = { }; - wlan2-pw = { }; - laptop-hotspot-pw = { }; - mobile-hotspot-pw = { }; - eduroam-user = { }; - eduroam-pw = { }; - pia-vpn-user = { }; - pia-vpn-pw = { }; - home-wireguard-client-private-key = { sopsFile = clientSopsFile; }; - home-wireguard-server-public-key = { }; - home-wireguard-endpoint = { }; - pia-vpn1-crl-pem = { sopsFile = certsSopsFile; }; - pia-vpn1-ca-pem = { sopsFile = certsSopsFile; }; - }; - templates = lib.mkIf (!config.swarselsystems.isPublic) { - "network-manager.env".content = '' - WLAN1_PW=${config.sops.placeholder.wlan1-pw} - WLAN2_PW=${config.sops.placeholder.wlan2-pw} - LAPTOP_HOTSPOT_PW=${config.sops.placeholder.laptop-hotspot-pw} - MOBILE_HOTSPOT_PW=${config.sops.placeholder.mobile-hotspot-pw} - EDUROAM_USER=${config.sops.placeholder.eduroam-user} - EDUROAM_PW=${config.sops.placeholder.eduroam-pw} - PIA_VPN_USER=${config.sops.placeholder.pia-vpn-user} - PIA_VPN_PW=${config.sops.placeholder.pia-vpn-pw} - HOME_WIREGUARD_CLIENT_PRIVATE_KEY=${config.sops.placeholder.home-wireguard-client-private-key} - HOME_WIREGUARD_SERVER_PUBLIC_KEY=${config.sops.placeholder.home-wireguard-server-public-key} - HOME_WIREGUARD_ENDPOINT=${config.sops.placeholder.home-wireguard-endpoint} - ''; + networking = { + inherit (config.swarselsystems) hostName; + wireless.iwd = { + enable = true; + settings = { + IPv6 = { + Enabled = true; + }; + Settings = { + AutoConnect = true; + }; + # DriverQuirks = { + # UseDefaultInterface = true; + # }; }; }; + nftables.enable = lib.mkDefault true; + enableIPv6 = lib.mkDefault true; + firewall = { + enable = lib.swarselsystems.mkStrong config.swarselsystems.firewall; + checkReversePath = lib.mkDefault false; + allowedUDPPorts = [ 51820 ]; # 51820: wireguard + allowedTCPPortRanges = [ + { from = 1714; to = 1764; } # kde-connect + ]; + allowedUDPPortRanges = [ + { from = 1714; to = 1764; } # kde-connect + ]; + }; - networking = { - inherit (config.swarselsystems) hostName; - wireless.iwd = { - enable = true; - settings = { - IPv6 = { - Enabled = true; - }; - Settings = { - AutoConnect = true; - }; - # DriverQuirks = { - # UseDefaultInterface = true; - # }; - }; - }; - nftables.enable = lib.mkDefault true; - enableIPv6 = lib.mkDefault true; - firewall = { - enable = lib.swarselsystems.mkStrong config.swarselsystems.firewall; - checkReversePath = lib.mkDefault false; - allowedUDPPorts = [ 51820 ]; # 51820: wireguard - allowedTCPPortRanges = [ - { from = 1714; to = 1764; } # kde-connect + networkmanager = { + enable = true; + wifi.backend = "iwd"; + plugins = [ + # list of plugins: https://search.nixos.org/packages?query=networkmanager- + # docs https://networkmanager.dev/docs/vpn/ + pkgs.networkmanager-openconnect + pkgs.networkmanager-openvpn + ]; + ensureProfiles = lib.mkIf (!config.swarselsystems.isPublic) { + environmentFiles = [ + "${config.sops.templates."network-manager.env".path}" ]; - allowedUDPPortRanges = [ - { from = 1714; to = 1764; } # kde-connect - ]; - }; - - networkmanager = { - enable = true; - wifi.backend = "iwd"; - plugins = [ - # list of plugins: https://search.nixos.org/packages?query=networkmanager- - # docs https://networkmanager.dev/docs/vpn/ - pkgs.networkmanager-openconnect - pkgs.networkmanager-openvpn - ]; - ensureProfiles = lib.mkIf (!config.swarselsystems.isPublic) { - environmentFiles = [ - "${config.sops.templates."network-manager.env".path}" - ]; - profiles = let - inherit (config.repo.secrets.local.network) home-wireguard-address home-wireguard-allowed-ips; - in - { - ${wlan1} = { - connection = { - id = wlan1; - # permissions = ""; - type = "wifi"; - }; - ipv4 = { - # dns-search = ""; - method = "auto"; - }; - ipv6 = { - addr-gen-mode = "stable-privacy"; - # dns-search = ""; - method = "auto"; - }; - wifi = { - # mac-address-blacklist = ""; - mode = "infrastructure"; - band = "a"; - ssid = wlan1; - }; - wifi-security = { - # auth-alg = "open"; - key-mgmt = "wpa-psk"; - psk = "$WLAN1_PW"; - }; + profiles = let + inherit (config.repo.secrets.local.network) home-wireguard-address home-wireguard-allowed-ips; + in + { + ${wlan1} = { + connection = { + id = wlan1; + permissions = ""; + type = "wifi"; }; - - LAN-Party = { - connection = { - autoconnect = "false"; - id = "LAN-Party"; - type = "ethernet"; - }; - ethernet = { - auto-negotiate = "true"; - cloned-mac-address = "preserve"; - }; - ipv4 = { method = "shared"; }; - ipv6 = { - addr-gen-mode = "stable-privacy"; - method = "auto"; - }; - proxy = { }; + ipv4 = { + dns-search = ""; + method = "auto"; }; - - eduroam = { - "802-1x" = { - eap = if (!iwd) then "ttls;" else "peap;"; - identity = "$EDUROAM_USER"; - password = "$EDUROAM_PW"; - phase2-auth = "mschapv2"; - anonymous-identity = lib.mkIf iwd eduroam-anon; - }; - connection = { - id = "eduroam"; - type = "wifi"; - }; - ipv4 = { method = "auto"; }; - ipv6 = { - addr-gen-mode = "default"; - method = "auto"; - }; - proxy = { }; - wifi = { - mode = "infrastructure"; - ssid = "eduroam"; - }; - wifi-security = { - auth-alg = "open"; - key-mgmt = "wpa-eap"; - }; + ipv6 = { + addr-gen-mode = "stable-privacy"; + dns-search = ""; + method = "auto"; }; - - local = { - connection = { - autoconnect = "false"; - id = "local"; - type = "ethernet"; - }; - ethernet = { }; - ipv4 = { - address1 = "10.42.1.1/24"; - method = "shared"; - }; - ipv6 = { - addr-gen-mode = "stable-privacy"; - method = "auto"; - }; - proxy = { }; + wifi = { + mac-address-blacklist = ""; + mode = "infrastructure"; + ssid = wlan1; }; - - ${wlan2} = { - connection = { - id = wlan2; - type = "wifi"; - }; - ipv4 = { method = "auto"; }; - ipv6 = { - addr-gen-mode = "stable-privacy"; - method = "auto"; - }; - proxy = { }; - wifi = { - band = "bg"; - mode = "infrastructure"; - ssid = wlan2; - }; - wifi-security = { - key-mgmt = "wpa-psk"; - psk = "$WLAN2_PW"; - }; + wifi-security = { + auth-alg = "open"; + key-mgmt = "wpa-psk"; + psk = "$WLAN1_PW"; }; - - ${mobile1} = { - connection = { - id = mobile1; - type = "wifi"; - }; - ipv4 = { method = "auto"; }; - ipv6 = { - addr-gen-mode = "default"; - method = "auto"; - }; - proxy = { }; - wifi = { - mode = "infrastructure"; - ssid = mobile1; - }; - wifi-security = { - auth-alg = "open"; - key-mgmt = "wpa-psk"; - psk = "$MOBILE_HOTSPOT_PW"; - }; - }; - - home-wireguard = { - connection = { - id = "HomeVPN"; - type = "wireguard"; - autoconnect = "false"; - interface-name = "wg1"; - }; - wireguard = { private-key = "$HOME_WIREGUARD_CLIENT_PRIVATE_KEY"; }; - "wireguard-peer.$HOME_WIREGURARD_SERVER_PUBLIC_KEY" = { - endpoint = "$HOME_WIREGUARD_ENDPOINT"; - allowed-ips = home-wireguard-allowed-ips; - }; - ipv4 = { - method = "ignore"; - address1 = home-wireguard-address; - }; - ipv6 = { - addr-gen-mode = "stable-privacy"; - method = "ignore"; - }; - proxy = { }; - }; - - pia-vpn1 = { - connection = { - autoconnect = "false"; - id = "PIA ${vpn1-location}"; - type = "vpn"; - }; - ipv4 = { method = "auto"; }; - ipv6 = { - addr-gen-mode = "stable-privacy"; - method = "auto"; - }; - proxy = { }; - vpn = { - auth = "sha1"; - ca = config.sops.secrets."pia-vpn1-ca-pem".path; - challenge-response-flags = "2"; - cipher = vpn1-cipher; - compress = "yes"; - connection-type = "password"; - crl-verify-file = config.sops.secrets."pia-vpn1-crl-pem".path; - dev = "tun"; - password-flags = "0"; - remote = vpn1-address; - remote-cert-tls = "server"; - reneg-seconds = "0"; - service-type = "org.freedesktop.NetworkManager.openvpn"; - username = "$PIA_VPN_USER"; - }; - vpn-secrets = { password = "$PIA_VPN_PW"; }; - }; - - Hotspot = { - connection = { - autoconnect = "false"; - id = "Hotspot"; - type = "wifi"; - }; - ipv4 = { method = "shared"; }; - ipv6 = { - addr-gen-mode = "default"; - method = "ignore"; - }; - proxy = { }; - wifi = { - mode = "ap"; - ssid = "Hotspot-${config.swarselsystems.mainUser}"; - }; - wifi-security = { - group = "ccmp;"; - key-mgmt = "wpa-psk"; - pairwise = "ccmp;"; - proto = "rsn;"; - psk = "$MOBILE_HOTSPOT_PW"; - }; - }; - }; + + LAN-Party = { + connection = { + autoconnect = "false"; + id = "LAN-Party"; + type = "ethernet"; + }; + ethernet = { + auto-negotiate = "true"; + cloned-mac-address = "preserve"; + }; + ipv4 = { method = "shared"; }; + ipv6 = { + addr-gen-mode = "stable-privacy"; + method = "auto"; + }; + proxy = { }; + }; + + eduroam = { + "802-1x" = { + eap = if (!iwd) then "ttls;" else "peap;"; + identity = "$EDUROAM_USER"; + password = "$EDUROAM_PW"; + phase2-auth = "mschapv2"; + anonymous-identity = lib.mkIf iwd eduroam-anon; + }; + connection = { + id = "eduroam"; + type = "wifi"; + }; + ipv4 = { method = "auto"; }; + ipv6 = { + addr-gen-mode = "default"; + method = "auto"; + }; + proxy = { }; + wifi = { + mode = "infrastructure"; + ssid = "eduroam"; + }; + wifi-security = { + auth-alg = "open"; + key-mgmt = "wpa-eap"; + }; + }; + + local = { + connection = { + autoconnect = "false"; + id = "local"; + type = "ethernet"; + }; + ethernet = { }; + ipv4 = { + address1 = "10.42.1.1/24"; + method = "shared"; + }; + ipv6 = { + addr-gen-mode = "stable-privacy"; + method = "auto"; + }; + proxy = { }; + }; + + ${wlan2} = { + connection = { + id = wlan2; + type = "wifi"; + }; + ipv4 = { method = "auto"; }; + ipv6 = { + addr-gen-mode = "stable-privacy"; + method = "auto"; + }; + proxy = { }; + wifi = { + band = "bg"; + mode = "infrastructure"; + ssid = wlan2; + }; + wifi-security = { + key-mgmt = "wpa-psk"; + psk = "$WLAN2_PW"; + }; + }; + + ${mobile1} = { + connection = { + id = mobile1; + type = "wifi"; + }; + ipv4 = { method = "auto"; }; + ipv6 = { + addr-gen-mode = "default"; + method = "auto"; + }; + proxy = { }; + wifi = { + mode = "infrastructure"; + ssid = mobile1; + }; + wifi-security = { + auth-alg = "open"; + key-mgmt = "wpa-psk"; + psk = "$MOBILE_HOTSPOT_PW"; + }; + }; + + home-wireguard = { + connection = { + id = "HomeVPN"; + type = "wireguard"; + autoconnect = "false"; + interface-name = "wg1"; + }; + wireguard = { private-key = "$HOME_WIREGUARD_CLIENT_PRIVATE_KEY"; }; + "wireguard-peer.$HOME_WIREGURARD_SERVER_PUBLIC_KEY" = { + endpoint = "$HOME_WIREGUARD_ENDPOINT"; + allowed-ips = home-wireguard-allowed-ips; + }; + ipv4 = { + method = "ignore"; + address1 = home-wireguard-address; + }; + ipv6 = { + addr-gen-mode = "stable-privacy"; + method = "ignore"; + }; + proxy = { }; + }; + + pia-vpn1 = { + connection = { + autoconnect = "false"; + id = "PIA ${vpn1-location}"; + type = "vpn"; + }; + ipv4 = { method = "auto"; }; + ipv6 = { + addr-gen-mode = "stable-privacy"; + method = "auto"; + }; + proxy = { }; + vpn = { + auth = "sha1"; + ca = config.sops.secrets."pia-vpn1-ca-pem".path; + challenge-response-flags = "2"; + cipher = vpn1-cipher; + compress = "yes"; + connection-type = "password"; + crl-verify-file = config.sops.secrets."pia-vpn1-crl-pem".path; + dev = "tun"; + password-flags = "0"; + remote = vpn1-address; + remote-cert-tls = "server"; + reneg-seconds = "0"; + service-type = "org.freedesktop.NetworkManager.openvpn"; + username = "$PIA_VPN_USER"; + }; + vpn-secrets = { password = "$PIA_VPN_PW"; }; + }; + + Hotspot = { + connection = { + autoconnect = "false"; + id = "Hotspot"; + type = "wifi"; + }; + ipv4 = { method = "shared"; }; + ipv6 = { + addr-gen-mode = "default"; + method = "ignore"; + }; + proxy = { }; + wifi = { + mode = "ap"; + ssid = "Hotspot-${config.swarselsystems.mainUser}"; + }; + wifi-security = { + group = "ccmp;"; + key-mgmt = "wpa-psk"; + pairwise = "ccmp;"; + proto = "rsn;"; + psk = "$MOBILE_HOTSPOT_PW"; + }; + }; + }; }; }; - - systemd.services.NetworkManager-ensure-profiles.after = [ "NetworkManager.service" ]; }; - } + + systemd.services.NetworkManager-ensure-profiles.after = [ "NetworkManager.service" ]; + }; + } #+end_src **** sops @@ -5215,7 +5180,7 @@ I use sops-nix to handle secrets that I want to have available on my machines at }; }; } -#+end_src +sh#+end_src **** Theme (stylix) :PROPERTIES: @@ -5478,35 +5443,6 @@ This is a super-convenient package that lets my remap my =CAPS= key to =ESC= if } #+end_src -***** keyd: remap SUPER - - -#+begin_src nix-ts :tangle modules/nixos/client/keyd.nix - { lib, config, ... }: - let - moduleName = "keyd"; - in - { - options.swarselmodules.${moduleName} = lib.mkEnableOption "${moduleName} tools config"; - config = lib.mkIf config.swarselmodules.${moduleName} { - services.keyd = { - enable = true; - keyboards = { - default = { - ids = [ "*" ]; - settings = { - main = { - leftmeta = "overload(meta, macro(rightmeta+z))"; - rightmeta = "overload(meta, macro(rightmeta+z))"; - }; - }; - }; - }; - }; - }; - } -#+end_src - ***** power-profiles-daemon :PROPERTIES: :CUSTOM_ID: h:82fbba41-3a46-4db7-aade-49e4c23fc475 @@ -5897,7 +5833,7 @@ This is used to better integrate Sway into the system on NixOS hosts. On the hom } #+end_src -**** xdg-portal (Screensharing) +**** xdg-portal :PROPERTIES: :CUSTOM_ID: h:872d5f46-2ffd-4076-9a2c-98783dd29434 :END: @@ -5911,11 +5847,11 @@ This allows me to use screen sharing on Wayland. The implementation is a bit cru config = lib.mkIf config.swarselmodules.xdg-portal { xdg.portal = { enable = true; - # config = { - # common = { - # default = "wlr"; - # }; - # }; + config = { + common = { + default = "wlr"; + }; + }; wlr.enable = true; wlr.settings.screencast = { output_name = "eDP-1"; @@ -6102,49 +6038,12 @@ Auto login for the initial session. comment = "Sway compositor managed by UWSM"; binPath = "/run/current-system/sw/bin/sway"; }; - niri = { - prettyName = "Niri"; - comment = "Niri compositor managed by UWSM"; - binPath = "/run/current-system/sw/bin/niri-session"; - }; }; }; }; } #+end_src -**** Niri - -Auto login for the initial session. - -#+begin_src nix-ts :tangle modules/nixos/client/niri.nix - { lib, config, pkgs, ... }: - let - moduleName = "niri"; - in - { - options.swarselmodules.${moduleName} = lib.mkEnableOption "${moduleName} settings"; - config = lib.mkIf config.swarselmodules.${moduleName} { - - environment.systemPackages = with pkgs; [ - wl-clipboard - wayland-utils - libsecret - cage - gamescope - xwayland-satellite-unstable - ]; - - niri-flake.cache.enable = true; - - programs.niri = { - enable = true; - package = pkgs.niri-unstable; # the actual niri that will be installed and used - }; - }; - } -#+end_src - *** Server :PROPERTIES: :CUSTOM_ID: h:e492c24a-83a0-4bcb-a084-706f49318651 @@ -6407,7 +6306,7 @@ Here I am forcing =startWhenNeeded= to false so that the value will not be set t :END: #+begin_src nix-ts :tangle modules/nixos/server/kavita.nix - { self, lib, config, pkgs, globals, ... }: + { self, lib, config, pkgs, ... }: let inherit (config.swarselsystems) sopsFile; @@ -6415,7 +6314,6 @@ Here I am forcing =startWhenNeeded= to false so that the value will not be set t serviceName = "kavita"; serviceUser = "kavita"; serviceDomain = config.repo.secrets.common.services.domains.${serviceName}; - serviceAddress = globals.hosts.winters.ipv4; in { options.swarselmodules.server.${serviceName} = lib.mkEnableOption "enable ${serviceName} on server"; @@ -6451,7 +6349,7 @@ Here I am forcing =startWhenNeeded= to false so that the value will not be set t upstreams = { ${serviceName} = { servers = { - "${serviceAddress}:${builtins.toString servicePort}" = { }; + "192.168.1.2:${builtins.toString servicePort}" = { }; }; }; }; @@ -6481,13 +6379,12 @@ Here I am forcing =startWhenNeeded= to false so that the value will not be set t :END: #+begin_src nix-ts :tangle modules/nixos/server/jellyfin.nix - { pkgs, lib, config, globals, ... }: + { pkgs, lib, config, ... }: let servicePort = 8096; serviceName = "jellyfin"; serviceUser = "jellyfin"; serviceDomain = config.repo.secrets.common.services.domains.${serviceName}; - serviceAddress = globals.hosts.winters.ipv4; in { options.swarselmodules.server.${serviceName} = lib.mkEnableOption "enable ${serviceName} on server"; @@ -6521,7 +6418,7 @@ Here I am forcing =startWhenNeeded= to false so that the value will not be set t upstreams = { ${serviceName} = { servers = { - "${serviceAddress}:${builtins.toString servicePort}" = { }; + "192.168.1.2:${builtins.toString servicePort}" = { }; }; }; }; @@ -6552,14 +6449,13 @@ Here I am forcing =startWhenNeeded= to false so that the value will not be set t :END: #+begin_src nix-ts :tangle modules/nixos/server/navidrome.nix - { pkgs, config, lib, globals, ... }: + { pkgs, config, lib, ... }: let servicePort = 4040; serviceName = "navidrome"; serviceUser = "navidrome"; serviceGroup = serviceUser; serviceDomain = config.repo.secrets.common.services.domains.${serviceName}; - serviceAddress = globals.hosts.winters.ipv4; in { options.swarselmodules.server.${serviceName} = lib.mkEnableOption "enable ${serviceName} on server"; @@ -6639,7 +6535,7 @@ Here I am forcing =startWhenNeeded= to false so that the value will not be set t upstreams = { ${serviceName} = { servers = { - "${serviceAddress}:${builtins.toString servicePort}" = { }; + "192.168.1.2:${builtins.toString servicePort}" = { }; }; }; }; @@ -6873,7 +6769,7 @@ Here I am forcing =startWhenNeeded= to false so that the value will not be set t :END: #+begin_src nix-ts :tangle modules/nixos/server/matrix.nix - { lib, config, pkgs, globals, ... }: + { lib, config, pkgs, ... }: let inherit (config.swarselsystems) sopsFile; @@ -6881,7 +6777,6 @@ Here I am forcing =startWhenNeeded= to false so that the value will not be set t serviceName = "matrix"; serviceDomain = config.repo.secrets.common.services.domains.matrix; serviceUser = "matrix-synapse"; - serviceAddress = globals.hosts.winters.ipv4; federationPort = 8448; whatsappPort = 29318; @@ -7169,7 +7064,7 @@ Here I am forcing =startWhenNeeded= to false so that the value will not be set t upstreams = { ${serviceName} = { servers = { - "${serviceAddress}:${builtins.toString servicePort}" = { }; + "192.168.1.2:${builtins.toString servicePort}" = { }; }; }; }; @@ -7229,7 +7124,7 @@ Here I am forcing =startWhenNeeded= to false so that the value will not be set t :END: #+begin_src nix-ts :tangle modules/nixos/server/nextcloud.nix - { pkgs, lib, config, globals, ... }: + { pkgs, lib, config, ... }: let inherit (config.repo.secrets.local.nextcloud) adminuser; inherit (config.swarselsystems) sopsFile; @@ -7239,7 +7134,6 @@ Here I am forcing =startWhenNeeded= to false so that the value will not be set t serviceGroup = serviceUser; serviceName = "nextcloud"; serviceDomain = config.repo.secrets.common.services.domains.${serviceName}; - serviceAddress = globals.hosts.winters.ipv4; in { options.swarselmodules.server.${serviceName} = lib.mkEnableOption "enable ${serviceName} on server"; @@ -7283,7 +7177,7 @@ Here I am forcing =startWhenNeeded= to false so that the value will not be set t upstreams = { ${serviceName} = { servers = { - "${serviceAddress}:${builtins.toString servicePort}" = { }; + "192.168.1.2:${builtins.toString servicePort}" = { }; }; }; }; @@ -7316,7 +7210,6 @@ Here I am forcing =startWhenNeeded= to false so that the value will not be set t serviceUser = "immich"; serviceName = "immich"; serviceDomain = config.repo.secrets.common.services.domains.${serviceName}; - serviceAddress = globals.hosts.winters.ipv4; in { options.swarselmodules.server.${serviceName} = lib.mkEnableOption "enable ${serviceName} on server"; @@ -7346,7 +7239,7 @@ Here I am forcing =startWhenNeeded= to false so that the value will not be set t upstreams = { ${serviceName} = { servers = { - "${serviceAddress}:${builtins.toString servicePort}" = { }; + "192.168.1.2:${builtins.toString servicePort}" = { }; }; }; }; @@ -7400,7 +7293,6 @@ Also I install Tika and Gotenberg, which are needed to create PDFs out of =.eml= serviceGroup = serviceUser; serviceName = "paperless"; serviceDomain = config.repo.secrets.common.services.domains.${serviceName}; - serviceAddress = globals.hosts.winters.ipv4; tikaPort = 9998; gotenbergPort = 3002; @@ -7495,7 +7387,7 @@ Also I install Tika and Gotenberg, which are needed to create PDFs out of =.eml= upstreams = { ${serviceName} = { servers = { - "${serviceAddress}:${builtins.toString servicePort}" = { }; + "192.168.1.2:${builtins.toString servicePort}" = { }; }; }; }; @@ -7719,17 +7611,15 @@ Also I install Tika and Gotenberg, which are needed to create PDFs out of =.eml= :END: #+begin_src nix-ts :tangle modules/nixos/server/syncthing.nix - { lib, config, configName, globals, ... }: + { lib, config, configName, ... }: let - inherit (config.swarselsystems.syncthing) serviceDomain; - inherit (config.swarselsystems.syncthing) serviceIP; - servicePort = 8384; serviceUser = "syncthing"; serviceGroup = serviceUser; serviceName = "syncthing"; - serviceAddress = globals.hosts.winters.ipv4; specificServiceName = "syncthing-${configName}"; + inherit (config.swarselsystems.syncthing) serviceDomain; + inherit (config.swarselsystems.syncthing) serviceIP; cfg = config.services.${serviceName}; devices = config.swarselsystems.syncthing.syncDevices; @@ -7745,7 +7635,7 @@ Also I install Tika and Gotenberg, which are needed to create PDFs out of =.eml= }; serviceIP = lib.mkOption { type = lib.types.str; - default = "${serviceAddress}"; + default = "192.168.1.2"; }; syncDevices = lib.mkOption { type = lib.types.listOf lib.types.str; @@ -7954,7 +7844,6 @@ This section exposes several metrics that I use to check the health of my server serviceGroup = serviceUser; serviceName = "grafana"; serviceDomain = config.repo.secrets.common.services.domains.${serviceName}; - serviceAddress = globals.hosts.winters.ipv4; prometheusPort = 9090; prometheusUser = "prometheus"; @@ -8159,12 +8048,12 @@ This section exposes several metrics that I use to check the health of my server upstreams = { "${grafanaUpstream}" = { servers = { - "${serviceAddress}:${builtins.toString servicePort}" = { }; + "192.168.1.2:${builtins.toString servicePort}" = { }; }; }; "${prometheusUpstream}" = { servers = { - "${serviceAddress}:${builtins.toString prometheusPort}" = { }; + "192.168.1.2:${builtins.toString prometheusPort}" = { }; }; }; }; @@ -8203,12 +8092,11 @@ This section exposes several metrics that I use to check the health of my server This is a WIP Jenkins instance. It is used to automatically build a new system when pushes to the main repository are detected. I have turned this service off for now however, as I actually prefer to start my builds manually. #+begin_src nix-ts :tangle modules/nixos/server/jenkins.nix - { pkgs, lib, config, globals, ... }: + { pkgs, lib, config, ... }: let servicePort = 8088; serviceName = "jenkins"; serviceDomain = config.repo.secrets.common.services.domains.${serviceName}; - serviceAddress = globals.hosts.winters.ipv4; in { options.swarselmodules.server.${serviceName} = lib.mkEnableOption "enable ${serviceName} on server"; @@ -8227,7 +8115,7 @@ This is a WIP Jenkins instance. It is used to automatically build a new system w upstreams = { ${serviceName} = { servers = { - "${serviceAddress}:${builtins.toString servicePort}" = { }; + "192.168.1.2:${builtins.toString servicePort}" = { }; }; }; }; @@ -8296,14 +8184,13 @@ I am using this with CapyReader on my phone, set it up as a FreshRSS account wit FreshRSS claims to support HTTP header auth, but at least it does not work with my oauth2-proxy setup. Until this is fixed, I resorted to the "form" login, since I mostly do not use the web version anyways. #+begin_src nix-ts :tangle modules/nixos/server/freshrss.nix - { self, lib, config, globals, ... }: + { self, lib, config, ... }: let servicePort = 80; serviceName = "freshrss"; serviceUser = "freshrss"; serviceGroup = serviceName; serviceDomain = config.repo.secrets.common.services.domains.${serviceName}; - serviceAddress = globals.hosts.winters.ipv4; inherit (config.swarselsystems) sopsFile; in @@ -8376,7 +8263,7 @@ FreshRSS claims to support HTTP header auth, but at least it does not work with upstreams = { ${serviceName} = { servers = { - "${serviceAddress}:${builtins.toString servicePort}" = { }; + "192.168.1.2:${builtins.toString servicePort}" = { }; }; }; }; @@ -8419,7 +8306,6 @@ FreshRSS claims to support HTTP header auth, but at least it does not work with serviceGroup = serviceUser; serviceName = "forgejo"; serviceDomain = config.repo.secrets.common.services.domains.${serviceName}; - serviceAddress = globals.hosts.winters.ipv4; kanidmDomain = globals.services.kanidm.domain; in @@ -8545,7 +8431,7 @@ FreshRSS claims to support HTTP header auth, but at least it does not work with upstreams = { ${serviceName} = { servers = { - "${serviceAddress}:${builtins.toString servicePort}" = { }; + "192.168.1.2:${builtins.toString servicePort}" = { }; }; }; }; @@ -8583,7 +8469,6 @@ FreshRSS claims to support HTTP header auth, but at least it does not work with servicePort = 27701; serviceName = "ankisync"; serviceDomain = config.repo.secrets.common.services.domains.${serviceName}; - serviceAddress = globals.hosts.winters.ipv4; ankiUser = globals.user.name; in @@ -8620,7 +8505,7 @@ FreshRSS claims to support HTTP header auth, but at least it does not work with upstreams = { ${serviceName} = { servers = { - "${serviceAddress}:${builtins.toString servicePort}" = { }; + "192.168.1.2:${builtins.toString servicePort}" = { }; }; }; }; @@ -8668,7 +8553,6 @@ To get other URLs (token, etc.), use https:///oauth2/openid//oauth2/openid//oauth2/openid//oauth2/openid//oauth2/openid//oauth2/openid//oauth2/openid//oauth2/openid//oauth2/openid//oauth2/openid//oauth2/openid//oauth2/openid/{}"; }; - "niri/window" = { - format = "{title} ({app_id})"; - }; - modules-right = config.swarselsystems.waybarModules; "custom/pseudobat" = lib.mkIf (!config.swarselsystems.isLaptop) { @@ -13053,7 +12948,7 @@ I am currently using SwayFX, which adds some nice effects to sway, like rounded Currently, I am too lazy to explain every option here, but most of it is very self-explaining in any case. #+begin_src nix-ts :tangle modules/home/common/sway.nix - { config, lib, vars, ... }: + { self, config, lib, vars, ... }: let eachOutput = _: monitor: { inherit (monitor) name; @@ -13256,14 +13151,22 @@ Currently, I am too lazy to explain every option here, but most of it is very se "${modifier}+r" = "mode resize"; # "${modifier}+Return" = "exec kitty"; "${modifier}+Return" = "exec swarselzellij"; + "${modifier}+Print" = "exec screenshare"; + # exec swaymsg move workspace to "$(swaymsg -t get_outputs | jq '[.[] | select(.active == true)] | .[(map(.focused) | index(true) + 1) % length].name')" + # "XF86AudioRaiseVolume" = "exec pa 5%"; + # "XF86AudioRaiseVolume" = "exec pamixer -i 5"; "XF86AudioRaiseVolume" = "exec swayosd-client --output-volume raise"; + # "XF86AudioLowerVolume" = "exec pactl set-sink-volume @DEFAULT_SINK@ -5%"; + # "XF86AudioLowerVolume" = "exec pamixer -d 5"; "XF86AudioLowerVolume" = "exec swayosd-client --output-volume lower"; + # "XF86AudioMute" = "exec pactl set-sink-mute @DEFAULT_SINK@ toggle"; + # "XF86AudioMute" = "exec pamixer -t"; "XF86AudioMute" = "exec swayosd-client --output-volume mute-toggle"; + # "XF86MonBrightnessUp" = "exec brightnessctl set +5%"; "XF86MonBrightnessUp" = "exec swayosd-client --brightness raise"; + # "XF86MonBrightnessDown" = "exec brightnessctl set 5%-"; "XF86MonBrightnessDown" = "exec swayosd-client --brightness lower"; "XF86Display" = "exec wl-mirror eDP-1"; - # "--no-repeat Super_L" = "exec killall -SIGUSR1 .waybar-wrapped"; - # "${modifier}+z" = "exec killall -SIGUSR1 .waybar-wrapped"; } config.swarselsystems.keybindings; modes = { @@ -13278,14 +13181,14 @@ Currently, I am too lazy to explain every option here, but most of it is very se }; }; defaultWorkspace = "workspace 1:一"; - # output = { - # "${config.swarselsystems.sharescreen}" = { - # bg = "${self}/files/wallpaper/lenovowp.png ${config.stylix.imageScalingMode}"; - # }; - # "Philips Consumer Electronics Company PHL BDM3270 AU11806002320" = { - # bg = "${self}/files/wallpaper/standwp.png ${config.stylix.imageScalingMode}"; - # }; - # }; + output = { + "${config.swarselsystems.sharescreen}" = { + bg = "${self}/files/wallpaper/lenovowp.png ${config.stylix.imageScalingMode}"; + }; + "Philips Consumer Electronics Company PHL BDM3270 AU11806002320" = { + bg = "${self}/files/wallpaper/standwp.png ${config.stylix.imageScalingMode}"; + }; + }; input = config.swarselsystems.standardinputs; workspaceOutputAssign = let @@ -13481,215 +13384,6 @@ Currently, I am too lazy to explain every option here, but most of it is very se } #+end_src -**** Niri - -#+begin_src nix-ts :tangle modules/home/common/niri.nix - { config, pkgs, lib, vars, ... }: - { - options.swarselmodules.niri = lib.mkEnableOption "niri settings"; - config = lib.mkIf config.swarselmodules.niri { - - programs.niri = { - package = pkgs.niri-unstable; # which package to use for niri validation - settings = { - xwayland-satellite = { - enable = true; - path = "${lib.getExe pkgs.xwayland-satellite-unstable}"; - }; - prefer-no-csd = true; - layer-rules = [ - { matches = [ { namespace = "^notifications$"; }]; block-out-from = "screencast";} - { matches = [ { namespace = "^wallpaper$"; }]; place-within-backdrop = true;} - ]; - window-rules = [ - { - matches = [{ app-id = ".*"; }]; - opacity = 0.95; - default-column-width = { proportion = 0.5; }; - shadow = { - enable = true; - draw-behind-window = true; - }; - geometry-corner-radius = { top-left = 2.0; top-right = 2.0; bottom-left = 2.0; bottom-right = 2.0; }; - } - { matches = [{ app-id = "at.yrlf.wl_mirror"; }]; opacity = 1.0; } - { matches = [{ app-id = "Gimp"; }]; opacity = 1.0; } - { matches = [{ app-id = "firefox"; }]; opacity = 0.99; } - { matches = [{ app-id = "^special.*"; }]; default-column-width = { proportion = 0.9; }; open-on-workspace = "Scratchpad"; } - { matches = [{ app-id = "chromium-browser"; }]; opacity = 0.99; } - { matches = [{ app-id = "^qalculate-gtk$"; }]; open-floating = true; } - { matches = [{ app-id = "^blueman$"; }]; open-floating = true; } - { matches = [{ app-id = "^pavucontrol$"; }]; open-floating = true; } - { matches = [{ app-id = "^syncthingtray$"; }]; open-floating = true; } - { matches = [{ app-id = "^Element$"; }]; open-floating = true; default-column-width = { proportion = 0.5; }; block-out-from = "screencast"; } - # { matches = [{ app-id = "^Element$"; }]; default-column-width = { proportion = 0.9; }; open-on-workspace = "Scratchpad"; block-out-from = "screencast"; } - { matches = [{ app-id = "^vesktop$"; }]; open-floating = true; default-column-width = { proportion = 0.5; }; block-out-from = "screencast"; } - # { matches = [{ app-id = "^vesktop$"; }]; default-column-width = { proportion = 0.9; }; open-on-workspace = "Scratchpad"; block-out-from = "screencast"; } - { matches = [{ app-id = "^com.nextcloud.desktopclient.nextcloud$"; }]; open-floating = true; } - { matches = [{ title = ".*1Password.*"; }]; excludes = [{ app-id = "^firefox$"; } { app-id = "^emacs$"; } { app-id = "^kitty$"; }]; open-floating = true; block-out-from = "screencast"; } - { matches = [{ title = "(?:Open|Save) (?:File|Folder|As)"; }]; open-floating = true; } - { matches = [{ title = "^Add$"; }]; open-floating = true; } - { matches = [{ title = "^Picture-in-Picture$"; }]; open-floating = true; } - { matches = [{ title = "Syncthing Tray"; }]; open-floating = true; } - { matches = [{ title = "^Emacs Popup Frame$"; }]; open-floating = true; } - { matches = [{ title = "^Emacs Popup Anchor$"; }]; open-floating = true; } - { matches = [{ app-id = "^spotifytui$"; }]; open-floating = true; default-column-width = { proportion = 0.5; }; } - { matches = [{ app-id = "^kittyterm$"; }]; open-floating = true; default-column-width = { proportion = 0.5; }; } - ]; - environment = { - DISPLAY = ":0"; - } // vars.waylandSessionVariables; - screenshot-path = "~/Pictures/Screenshots/screenshot_%Y-%m-%d-%H%M%S.png"; - input = { - mod-key = "Super"; - keyboard = { - xkb = { - layout = "us"; - variant = "altgr-intl"; - }; - }; - mouse = { - natural-scroll = false; - }; - touchpad = { - enable = true; - tap = true; - tap-button-map = "left-right-middle"; - natural-scroll = true; - scroll-method = "two-finger"; - click-method = "clickfinger"; - disabled-on-external-mouse = true; - drag = true; - drag-lock = false; - dwt = true; - dwtp = true; - }; - }; - cursor = { - hide-after-inactive-ms = 2000; - hide-when-typing = true; - }; - layout = { - background-color = "transparent"; - border = { - enable = true; - width = 1; - }; - focus-ring = { - enable = false; - }; - gaps = 5; - }; - binds = with config.lib.niri.actions; let - sh = spawn "sh" "-c"; - in - { - - # "Mod+Super_L" = spawn "killall -SIGUSR1 .waybar-wrapped"; - "Mod+z".action = spawn "killall -SIGUSR1 .waybar-wrapped"; - "Mod+Shift+t".action = toggle-window-rule-opacity; - # "Mod+Escape".action = "mode $exit"; - "Mod+m".action = focus-workspace-previous; - "Mod+Shift+Space".action = toggle-window-floating; - "Mod+Shift+f".action = toggle-windowed-fullscreen; - "Mod+q".action = close-window; - "Mod+f".action = spawn "firefox"; - "Mod+Space".action = spawn "fuzzel"; - "Mod+Shift+c".action = spawn "qalculate-gtk"; - "Mod+Ctrl+p".action = spawn "1password" "--quick-acces"; - "Mod+Shift+Escape".action = spawn "kitty" "-o" "confirm_os_window_close=0" "btm"; - "Mod+h".action = sh ''hyprpicker | wl-copy''; - # "Mod+s".action = spawn "grim" "-g" "\"$(slurp)\"" "-t" "png" "-" "|" "wl-copy" "-t" "image/png"; - "Mod+s".action = screenshot { show-pointer = false; }; - # "Mod+Shift+s".action = spawn "slurp" "|" "grim" "-g" "-" "Pictures/Screenshots/$(date +'screenshot_%Y-%m-%d-%H%M%S.png')"; - "Mod+Shift+s".action = screenshot-window { write-to-disk = true; }; - # "Mod+Shift+v".action = spawn "wf-recorder" "-g" "'$(slurp -f %o -or)'" "-f" "~/Videos/screenrecord_$(date +%Y-%m-%d-%H%M%S).mkv"; - - "Mod+e".action = sh "emacsclient -nquc -a emacs -e '(dashboard-open)'"; - "Mod+c".action = sh "emacsclient -ce '(org-capture)'"; - "Mod+t".action = sh "emacsclient -ce '(org-agenda)'"; - "Mod+Shift+m".action = sh "emacsclient -ce '(mu4e)'"; - "Mod+Shift+a".action = sh "emacsclient -ce '(swarsel/open-calendar)'"; - - "Mod+a".action = spawn "swarselcheck-niri" "-s"; - "Mod+x".action = spawn "swarselcheck-niri" "-k"; - "Mod+d".action = spawn "swarselcheck-niri" "-d"; - "Mod+w".action = spawn "swarselcheck-niri" "-e"; - - "Mod+p".action = spawn "pass-fuzzel"; - "Mod+o".action = spawn "pass-fuzzel" "--otp"; - "Mod+Shift+p".action = spawn "pass-fuzzel" "--type"; - "Mod+Shift+o".action = spawn "pass-fuzzel" "--otp" "--type"; - - "Mod+Left".action = focus-column-or-monitor-left; - "Mod+Right".action = focus-column-or-monitor-right; - "Mod+Down".action = focus-window-or-workspace-down; - "Mod+Up".action = focus-window-or-workspace-up; - "Mod+Shift+Left".action = move-column-left; - "Mod+Shift+Right".action = move-column-right; - "Mod+Shift+Down".action = move-window-down-or-to-workspace-down; - "Mod+Shift+Up".action = move-window-up-or-to-workspace-up; - # "Mod+Ctrl+Shift+c".action = "reload"; - # "Mod+Ctrl+Shift+r".action = "exec swarsel-displaypower"; - # "Mod+Shift+e".action = "exec swaynag -t warning -m 'You pressed the exit shortcut. Do you really want to exit sway? This will end your Wayland session.' -b 'Yes, exit sway' 'swaymsg exit'"; - # "Mod+r".action = "mode resize"; - # "Mod+Return".action = "exec kitty"; - "Mod+Return".action = spawn "swarselzellij"; - "XF86AudioRaiseVolume".action = spawn "swayosd-client" "--output-volume" "raise"; - "XF86AudioLowerVolume".action = spawn "swayosd-client" "--output-volume" "lower"; - "XF86AudioMute".action = spawn "swayosd-client" "--output-volume" "mute-toggle"; - "XF86MonBrightnessUp".action = spawn "swayosd-client" "--brightness raise"; - "XF86MonBrightnessDown".action = spawn "swayosd-client" "--brightness lower"; - "XF86Display".action = spawn "wl-mirror" "eDP-1"; - "Mod+Escape".action = spawn "wlogout"; - "Mod+Equal".action = set-column-width "+10%"; - "Mod+Minus".action = set-column-width "-10%"; - - "Mod+1".action = focus-workspace 1; - "Mod+2".action = focus-workspace 2; - "Mod+3".action = focus-workspace 3; - "Mod+4".action = focus-workspace 4; - "Mod+5".action = focus-workspace 5; - "Mod+6".action = focus-workspace 6; - "Mod+7".action = focus-workspace 7; - "Mod+8".action = focus-workspace 8; - "Mod+9".action = focus-workspace 9; - "Mod+0".action = focus-workspace 0; - - "Mod+Shift+1".action = move-column-to-index 1; - "Mod+Shift+2".action = move-column-to-index 2; - "Mod+Shift+3".action = move-column-to-index 3; - "Mod+Shift+4".action = move-column-to-index 4; - "Mod+Shift+5".action = move-column-to-index 5; - "Mod+Shift+6".action = move-column-to-index 6; - "Mod+Shift+7".action = move-column-to-index 7; - "Mod+Shift+8".action = move-column-to-index 8; - "Mod+Shift+9".action = move-column-to-index 9; - "Mod+Shift+0".action = move-column-to-index 0; - }; - spawn-at-startup = [ - { command = [ "vesktop" "--start-minimized" "--enable-speech-dispatcher" "--ozone-platform-hint=auto" "--enable-features=WaylandWindowDecorations" "--enable-wayland-ime" ]; } - { command = [ "element-desktop" "--hidden" "--enable-features=UseOzonePlatform" "--ozone-platform=wayland" "--disable-gpu-driver-bug-workarounds" ]; } - { command = [ "anki" ]; } - { command = [ "obsidian" ]; } - { command = [ "nm-applet" ]; } - { command = [ "niri" "msg" "action" "focus-workspace" "2" ]; } - ]; - workspaces = { - # "01-Main" = { - # name = "Scratchpad"; - # }; - "99-Scratchpad" = { - name = ""; - }; - }; - }; - }; - - }; - } -#+end_src - **** Kanshi :PROPERTIES: :CUSTOM_ID: h:eb94df98-2bcd-4555-9f88-e252f93b924f @@ -13697,19 +13391,19 @@ Currently, I am too lazy to explain every option here, but most of it is very se #+begin_src nix-ts :tangle modules/home/common/kanshi.nix - { self, lib, pkgs, config, ... }: + { lib, config, ... }: { options.swarselmodules.kanshi = lib.mkEnableOption "kanshi settings"; config = lib.mkIf config.swarselmodules.kanshi { swarselsystems = { monitors = { - homedesktop = rec { + homedesktop = { name = "Philips Consumer Electronics Company PHL BDM3270 AU11806002320"; mode = "2560x1440"; scale = "1"; position = "0,0"; - workspace = "11:M"; - output = name; + workspace = "1:一"; + output = "DP-11"; }; }; }; @@ -13735,7 +13429,6 @@ Currently, I am too lazy to explain every option here, but most of it is very se { profile = { name = "lidopen"; - exec = [ "${pkgs.swaybg}/bin/swaybg --output '${config.swarselsystems.sharescreen}' --image ${config.swarselsystems.wallpaper} --mode ${config.stylix.imageScalingMode}" ]; outputs = [ { criteria = "eDP-2"; @@ -13746,51 +13439,41 @@ Currently, I am too lazy to explain every option here, but most of it is very se }; } { - profile = - let - monitor = "Philips Consumer Electronics Company PHL BDM3270 AU11806002320"; - in - { - name = "lidopen"; - exec = [ "${pkgs.swaybg}/bin/swaybg --output '${monitor}' --image ${self}/files/wallpaper/standwp.png --mode ${config.stylix.imageScalingMode}" ]; - outputs = [ - { - criteria = config.swarselsystems.sharescreen; - status = "enable"; - scale = 1.7; - position = "2560,0"; - } - { - criteria = monitor; - scale = 1.0; - mode = "2560x1440"; - position = "0,0"; - } - ]; - }; + profile = { + name = "lidopen"; + outputs = [ + { + criteria = config.swarselsystems.sharescreen; + status = "enable"; + scale = 1.7; + position = "2560,0"; + } + { + criteria = "Philips Consumer Electronics Company PHL BDM3270 AU11806002320"; + scale = 1.0; + mode = "2560x1440"; + position = "0,0"; + } + ]; + }; } { - profile = - let - monitor = "Philips Consumer Electronics Company PHL BDM3270 AU11806002320"; - in - { - name = "lidclosed"; - exec = [ "${pkgs.swaybg}/bin/swaybg --output '${monitor}' --image ${self}/files/wallpaper/standwp.png --mode ${config.stylix.imageScalingMode}"] ; - outputs = [ - { - criteria = config.swarselsystems.sharescreen; - status = "disable"; - position = "2560,0"; - } - { - criteria = monitor; - scale = 1.0; - mode = "2560x1440"; - position = "0,0"; - } - ]; - }; + profile = { + name = "lidclosed"; + outputs = [ + { + criteria = config.swarselsystems.sharescreen; + status = "disable"; + position = "2560,0"; + } + { + criteria = "Philips Consumer Electronics Company PHL BDM3270 AU11806002320"; + scale = 1.0; + mode = "2560x1440"; + position = "0,0"; + } + ]; + }; } ]; }; @@ -13815,14 +13498,11 @@ Settinfs that are needed for the gpg-agent. Also we are enabling emacs support f config = lib.mkIf config.swarselmodules.gpgagent { services.gpg-agent = { enable = true; - verbose = true; enableZshIntegration = true; enableScDaemon = true; enableSshSupport = true; enableExtraSocket = true; - pinentry.package = pkgs.wayprompt; - pinentry.program = "pinentry-wayprompt"; - # pinentry.package = pkgs.pinentry.gtk2; + pinentry.package = pkgs.pinentry.gtk2; defaultCacheTtl = 600; maxCacheTtl = 7200; extraConfig = '' @@ -14121,8 +13801,9 @@ The rest of the settings is at [[#h:bbf2ecb6-c8ff-4462-b5d5-d45b28604ddf][work]] }; }; msmtp = { - enable = true; + enable = false; extraConfig = { + account = "work"; auth = "xoauth2"; host = "outlook.office365.com"; protocol = "smtp"; @@ -14134,11 +13815,10 @@ The rest of the settings is at [[#h:bbf2ecb6-c8ff-4462-b5d5-d45b28604ddf][work]] passwordeval = "pizauth show work"; }; }; - mu.enable = true; + mu.enable = false; mbsync = { - enable = true; + enable = false; expunge = "both"; - patterns = [ "INBOX" ]; extraConfig = { account = { AuthMechs = "XOAUTH2"; @@ -14147,19 +13827,19 @@ The rest of the settings is at [[#h:bbf2ecb6-c8ff-4462-b5d5-d45b28604ddf][work]] }; }; - # wayland.windowManager.sway.config = { - # output = { - # "Applied Creative Technology Transmitter QUATTRO201811" = { - # bg = "${self}/files/wallpaper/navidrome.png ${config.stylix.imageScalingMode}"; - # }; - # "Hewlett Packard HP Z24i CN44250RDT" = { - # bg = "${self}/files/wallpaper/op6wp.png ${config.stylix.imageScalingMode}"; - # }; - # "HP Inc. HP 732pk CNC4080YL5" = { - # bg = "${self}/files/wallpaper/botanicswp.png ${config.stylix.imageScalingMode}"; - # }; - # }; - # }; + wayland.windowManager.sway.config = { + output = { + "Applied Creative Technology Transmitter QUATTRO201811" = { + bg = "${self}/files/wallpaper/navidrome.png ${config.stylix.imageScalingMode}"; + }; + "Hewlett Packard HP Z24i CN44250RDT" = { + bg = "${self}/files/wallpaper/op6wp.png ${config.stylix.imageScalingMode}"; + }; + "HP Inc. HP 732pk CNC4080YL5" = { + bg = "${self}/files/wallpaper/botanicswp.png ${config.stylix.imageScalingMode}"; + }; + }; + }; stylix = { targets.firefox.profileNames = @@ -14340,10 +14020,6 @@ The rest of the settings is at [[#h:bbf2ecb6-c8ff-4462-b5d5-d45b28604ddf][work]] { profile = { name = "lidopen"; - exec = [ - "${pkgs.swaybg}/bin/swaybg --output 'HP Inc. HP 732pk CNC4080YL5' --image ${self}/files/wallpaper/botanicswp.png --mode ${config.stylix.imageScalingMode}" - "${pkgs.swaybg}/bin/swaybg --output 'Hewlett Packard HP Z24i CN44250RDT' --image ${self}/files/wallpaper/op6wp.png --mode ${config.stylix.imageScalingMode}" - ]; outputs = [ { criteria = config.swarselsystems.sharescreen; @@ -14368,14 +14044,8 @@ The rest of the settings is at [[#h:bbf2ecb6-c8ff-4462-b5d5-d45b28604ddf][work]] }; } { - profile = let - monitor = "Applied Creative Technology Transmitter QUATTRO201811"; - in { + profile = { name = "lidopen"; - exec = [ - "${pkgs.swaybg}/bin/swaybg --output '${monitor}' --image ${self}/files/wallpaper/navidrome.png --mode ${config.stylix.imageScalingMode}" - "${pkgs.kanshare}/bin/kanshare ${config.swarselsystems.sharescreen} '${monitor}'" - ]; outputs = [ { criteria = config.swarselsystems.sharescreen; @@ -14395,10 +14065,6 @@ The rest of the settings is at [[#h:bbf2ecb6-c8ff-4462-b5d5-d45b28604ddf][work]] { profile = { name = "lidclosed"; - exec = [ - "${pkgs.swaybg}/bin/swaybg --output 'HP Inc. HP 732pk CNC4080YL5' --image ${self}/files/wallpaper/botanicswp.png --mode ${config.stylix.imageScalingMode}" - "${pkgs.swaybg}/bin/swaybg --output 'Hewlett Packard HP Z24i CN44250RDT' --image ${self}/files/wallpaper/op6wp.png --mode ${config.stylix.imageScalingMode}" - ]; outputs = [ { criteria = config.swarselsystems.sharescreen; @@ -14421,13 +14087,8 @@ The rest of the settings is at [[#h:bbf2ecb6-c8ff-4462-b5d5-d45b28604ddf][work]] }; } { - profile = let - monitor = "Applied Creative Technology Transmitter QUATTRO201811"; - in { + profile = { name = "lidclosed"; - exec = [ - "${pkgs.swaybg}/bin/swaybg --output '${monitor}' --image ${self}/files/wallpaper/navidrome.png --mode ${config.stylix.imageScalingMode}" - ]; outputs = [ { criteria = config.swarselsystems.sharescreen; @@ -14446,20 +14107,8 @@ The rest of the settings is at [[#h:bbf2ecb6-c8ff-4462-b5d5-d45b28604ddf][work]] }; }; - systemd.user.services.pizauth.Service = { - ExecStartPost= [ - "${pkgs.toybox}/bin/sleep 1" - "//bin/sh -c '${lib.getExe pkgs.pizauth} restore < ${homeDir}/.pizauth.state'" - ]; - }; - swarselservices.pizauth = { enable = true; - extraConfig = '' - auth_notify_cmd = "if [[ \"$(notify-send -A \"Open $PIZAUTH_ACCOUNT\" -t 30000 'pizauth authorisation')\" == \"0\" ]]; then open \"$PIZAUTH_URL\"; fi"; - error_notify_cmd = "notify-send -t 90000 \"pizauth error for $PIZAUTH_ACCOUNT\" \"$PIZAUTH_MSG\""; - token_event_cmd = "pizauth dump > ${homeDir}/.pizauth.state"; - ''; accounts = { work = { authUri = "https://login.microsoftonline.com/common/oauth2/v2.0/authorize"; @@ -14537,60 +14186,70 @@ The rest of the settings is at [[#h:bbf2ecb6-c8ff-4462-b5d5-d45b28604ddf][work]] { command = "1password"; } ]; monitors = { - work_back_middle = rec { + main = { + name = "BOE 0x0BC9 Unknown"; + mode = "2560x1600"; # TEMPLATE + scale = "1"; + position = "2560,0"; + workspace = "15:L"; + output = "eDP-2"; + }; + homedesktop = { + name = "Philips Consumer Electronics Company PHL BDM3270 AU11806002320"; + mode = "2560x1440"; + scale = "1"; + position = "0,0"; + workspace = "1:一"; + output = "DP-11"; + }; + work_back_middle = { name = "LG Electronics LG Ultra HD 0x000305A6"; mode = "2560x1440"; scale = "1"; position = "5120,0"; workspace = "1:一"; - # output = "DP-10"; - output = name; + output = "DP-10"; }; - work_front_left = rec { + work_front_left = { name = "LG Electronics LG Ultra HD 0x0007AB45"; mode = "3840x2160"; scale = "1"; position = "5120,0"; workspace = "1:一"; - # output = "DP-7"; - output = name; + output = "DP-7"; }; - work_back_right = rec { + work_back_right = { name = "HP Inc. HP Z32 CN41212T55"; mode = "3840x2160"; scale = "1"; position = "5120,0"; workspace = "1:一"; - # output = "DP-3"; - output = name; + output = "DP-3"; }; - work_middle_middle_main = rec { + work_middle_middle_main = { name = "HP Inc. HP 732pk CNC4080YL5"; mode = "3840x2160"; scale = "1"; position = "-1280,0"; workspace = "11:M"; - # output = "DP-8"; - output = name; + output = "DP-8"; }; - work_middle_middle_side = rec { + work_middle_middle_side = { name = "Hewlett Packard HP Z24i CN44250RDT"; mode = "1920x1200"; transform = "270"; scale = "1"; position = "-2480,0"; workspace = "12:S"; - # output = "DP-9"; - output = name; + output = "DP-9"; }; - work_seminary = rec { + work_seminary = { name = "Applied Creative Technology Transmitter QUATTRO201811"; mode = "1280x720"; scale = "1"; position = "10000,10000"; # i.e. this screen is inaccessible by moving the mouse workspace = "14:T"; - # output = "DP-4"; - output = name; + output = "DP-4"; }; }; inputs = { @@ -14614,6 +14273,9 @@ The rest of the settings is at [[#h:bbf2ecb6-c8ff-4462-b5d5-d45b28604ddf][work]] xkb_variant = "altgr-intl"; }; }; + keybindings = { + "Mod4+Ctrl+Shift+p" = "exec screenshare"; + }; }; }; @@ -15321,7 +14983,7 @@ The normal =command-not-found.sh= uses the outdated =nix-shell= commands as sugg fi echo -n "searching nix-index..." - ATTRS=$(@nix-locate@ --minimal --no-group --type x --type s --whole-name --at-root "/bin/$1") + ATTRS=$(@nix-locate@ --minimal --no-group --type x --type s --top-level --whole-name --at-root "/bin/$1") case $(echo -n "$ATTRS" | grep -c "^") in 0) @@ -15430,57 +15092,6 @@ This app checks for different apps that I keep around in the scratchpad for quic #+end_src -*** swarselcheck-niri - -#+begin_src shell :tangle files/scripts/swarselcheck-niri.sh - while :; do - case ${1:-} in - -k | --kitty) - cmd=(sh -c 'kitty --app-id kittyterm -o confirm_os_window_close=0 zellij attach --create kittyterm' '&') - searchapp="kittyterm" - ;; - -e | --element) - cmd=(element-desktop) - searchapp="Element" - ;; - -d | --vesktop) - cmd=(vesktop) - searchapp="vesktop" - ;; - -s | --spotifyplayer) - cmd=(sh -c 'kitty --add-id spotifytui -o confirm_os_window_close=0 spotify_player' '&') - searchapp="spotifytui" - ;; - ,*) break ;; - esac - shift - done - - WIN_INFO=$(niri msg -j windows | jq --arg search "$searchapp" '.[] | select (.app_id | test($search)) | { id, is_focused, workspace_id }') - ID=$(echo "$WIN_INFO" | jq -r '.id // empty') - IS_FOCUSED=$(echo "$WIN_INFO" | jq -r '.is_focused // empty') - TARGET_MONITOR=$(niri msg -j workspaces | jq --arg search "" '.[] | select (.name != null and (.name | test($search))) | { output }' | jq -r '.output // empty') - CURRENT_WORKSPACE=$(niri msg -j workspaces | jq -r '.[] | select (.is_active == true) | .output // empty') - - if [ -z "$ID" ]; then - niri msg action spawn -- "${cmd[@]}" - elif [ "$IS_FOCUSED" ]; then - niri msg action move-window-to-workspace "" --window-id "$ID" --focus false - else - niri msg action focus-monitor "$TARGET_MONITOR" && niri msg action move-window-to-workspace "$CURRENT_WORKSPACE" --window-id "$ID" && niri msg action focus-floating - fi -#+end_src - -#+begin_src nix-ts :tangle pkgs/swarselcheck-niri/default.nix - { self, name, writeShellApplication, kitty, element-desktop, vesktop, spotify-player, jq }: - writeShellApplication { - inherit name; - runtimeInputs = [ kitty element-desktop vesktop spotify-player jq ]; - text = builtins.readFile "${self}/files/scripts/${name}.sh"; - } - -#+end_src - *** swarselzellij :PROPERTIES: :CUSTOM_ID: h:564c102c-e335-4f17-a613-c5a436bb4864 @@ -15637,21 +15248,66 @@ This utility checks if there are updated packages in nixpkgs-unstable. It does s } #+end_src -*** kanshare +*** fullscreen +:PROPERTIES: +:CUSTOM_ID: h:9d49531a-1d9b-4600-b200-18befb5e0f3a +:END: -This utility checks if there are updated packages in nixpkgs-unstable. It does so by fully building the most recent configuration, which I do not love, but it has its merits once I am willing to switch to the newer version. +This application moves the wl-mirror app to the T workspace and makes it fullscreen there. + +#+begin_src nix-ts :tangle pkgs/fullscreen/default.nix + { name, writeShellApplication, sway, ... }: + + writeShellApplication { + inherit name; + runtimeInputs = [ sway ]; + text = '' + swaymsg '[app_id=at.yrlf.wl_mirror] move to workspace 14:T' + swaymsg '[app_id=at.yrlf.wl_mirror] fullscreen' + ''; + } +#+end_src +*** screenshare +:PROPERTIES: +:CUSTOM_ID: h:960e539c-2a5a-4e21-b3d4-bcdfc8be8fda +:END: -#+begin_src nix-ts :tangle pkgs/kanshare/default.nix - { name, writeShellApplication, wlr-randr, busybox, wl-mirror, ... }: +#+begin_src shell :tangle files/scripts/screenshare.sh - writeShellApplication { - inherit name; - runtimeInputs = [ wlr-randr busybox wl-mirror]; - text = '' - wlr-randr | grep "$2" | cut -d" " -f1 | xargs -I{} wl-present mirror "$1" --fullscreen-output {} - ''; - } + headless="false" + while [[ $# -gt 0 ]]; do + case "$1" in + -h) + headless="true" + ;; + ,*) + echo "Invalid option detected." + ;; + esac + shift + done + + SHARESCREEN="$(nix eval --raw ~/.dotfiles#nixosConfigurations."$(hostname)".config.home-manager.users."$(whoami)".swarselsystems.sharescreen)" + + if [[ $headless == "true" ]]; then + wl-mirror "$SHARESCREEN" + else + wl-mirror "$SHARESCREEN" & + sleep 0.1 + swaymsg '[app_id=at.yrlf.wl_mirror] move to workspace 14:T' + swaymsg '[app_id=at.yrlf.wl_mirror] fullscreen' + fi +#+end_src + + +#+begin_src nix-ts :tangle pkgs/screenshare/default.nix + { self, name, writeShellApplication, sway }: + writeShellApplication { + inherit name; + runtimeInputs = [ sway ]; + text = builtins.readFile "${self}/files/scripts/${name}.sh"; + } #+end_src *** swarsel-bootstrap @@ -16958,7 +16614,6 @@ Modules that need to be loaded on the NixOS level. Note that these will not be a networkDevices = lib.mkDefault true; gvfs = lib.mkDefault true; interceptionTools = lib.mkDefault true; - # keyd = lib.mkDefault true; swayosd = lib.mkDefault true; ppd = lib.mkDefault true; yubikey = lib.mkDefault true; @@ -16971,7 +16626,6 @@ Modules that need to be loaded on the NixOS level. Note that these will not be a gnome-keyring = lib.mkDefault true; uwsm = lib.mkDefault true; sway = lib.mkDefault true; - niri = lib.mkDefault true; xdg-portal = lib.mkDefault true; distrobox = lib.mkDefault true; appimage = lib.mkDefault true; @@ -17560,7 +17214,6 @@ This holds modules that are to be used on most hosts. These are also the most im swayosd = lib.mkDefault true; yubikeytouch = lib.mkDefault true; sway = lib.mkDefault true; - niri = lib.mkDefault true; kanshi = lib.mkDefault true; gpgagent = lib.mkDefault true; gammastep = lib.mkDefault true; @@ -20817,7 +20470,6 @@ The hook functions are defined here: [[#h:34506761-06b9-43b5-a818-506d9b3faf28][ '((:maildir "/leon/Inbox" :key ?1) (:maildir "/nautilus/Inbox" :key ?2) (:maildir "/mrswarsel/Inbox" :key ?3) - (:maildir "/work/Inbox" :key ?4) (:maildir "/Sent Mail" :key ?s) (:maildir "/Trash" :key ?t) (:maildir "/Drafts" :key ?d) @@ -20861,6 +20513,7 @@ This adds the simple utility of sending desktop notifications whenever a new mai This provides a beautiful calender to emacs. +Yes, I am aware that I am exposing my university-calendar to the public here. I can imagine worse things ;) if you however know how to obscure this, let me know! #+begin_src emacs-lisp @@ -22590,60 +22243,42 @@ before-sleep 'swaylock -f --screenshots --clock --effect-blur 7x5 --effect-vigne :CUSTOM_ID: h:2e9b84d7-cb18-4e74-83f8-65ada11a8911 :END: -#+begin_src bash :tangle files/stylix/swarsel.yaml :mkdirp yes - # scheme: "better-contrast" - author: "Swarsel" - author: "Swarsel" - base00: "1d252c" #1d252c" - base01: "171d23" #171d23" - base02: "206a86" #206a86" - base03: "003a66" #003a66" - base04: "5ec4ff" #5ec4ff" - base05: "a0b3c5" #a0b3c5" - base06: "7ed4ff" #7ed4ff" - base07: "8ef4ff" #8ef4ff" - base08: "d95468" #d95468" - base09: "ffa880" #ffa880" - base0A: "6ed4ff" #6ed4ff" - base0B: "8bd49c" #8bd49c" - base0C: "008b94" #008b94" - base0D: "5ec4ff" #5ec4ff" - base0E: "c06ece" #c06ece" - base0F: "3c0044" #3c0044" +#+begin_src css :tangle files/stylix/swarsel.yaml :mkdirp yes +# scheme: "better-contrast" +author: "Swarsel" +base00: "1D252C" # #1d252c passt +base01: "171D23" # #171d23 +base02: "5EC4FF" # #5EC4FF +base03: "566C7D" # #566C7D passt +base04: "5EC4FF" # #5EC4FF passt +base05: "A0B3C5" # #A0B3C5 passt +base06: "C06ECE" # #C06ECE passt +base07: "A0B3C5" # #A0B3C5 passt +base08: "D95468" # #D95468 passt +base09: "FFA880" # #ffA880 passt +base0A: "5EC4FF" # #5EC4FF +base0B: "8BD49C" # #8BD49C +base0C: "008B94" # #008B94 passt +base0D: "5EC4FF" # #5EC4FF passt +base0E: "C06ECE" # #C06ECE passt +base0F: "5EC4FF" # #5EC4FF passt - # base00: "1D252C" # #1d252c passt - # base01: "171D23" # #171d23 - # base02: "5EC4FF" # #5EC4FF - # base03: "566C7D" # #566C7D passt - # base04: "5EC4FF" # #5EC4FF passt - # base05: "A0B3C5" # #A0B3C5 passt - # base06: "C06ECE" # #C06ECE passt - # base07: "A0B3C5" # #A0B3C5 passt - # base08: "D95468" # #D95468 passt - # base09: "FFA880" # #ffA880 passt - # base0A: "5EC4FF" # #5EC4FF - # base0B: "8BD49C" # #8BD49C - # base0C: "008B94" # #008B94 passt - # base0D: "5EC4FF" # #5EC4FF passt - # base0E: "C06ECE" # #C06ECE passt - # base0F: "5EC4FF" # #5EC4FF passt - - # base00 - Default Background - # base01 - Lighter Background (Used for status bars) - # base02 - Selection Background - # base03 - Comments, Invisibles, Line Highlighting - # base04 - Dark Foreground (Used for status bars) - # base05 - Default Foreground, Caret, Delimiters, Operators - # base06 - Light Foreground (Not often used) - # base07 - Light Background (Not often used) - # base08 - Variables, XML Tags, Markup Link Text, Markup Lists, Diff Deleted - # base09 - Integers, Boolean, Constants, XML Attributes, Markup Link Url - # base0A - Classes, Markup Bold, Search Text Background - # base0B - Strings, Inherited Class, Markup Code, Diff Inserted - # base0C - Support, Regular Expressions, Escape Characters, Markup Quotes - # base0D - Functions, Methods, Attribute IDs, Headings - # base0E - Keywords, Storage, Selector, Markup Italic, Diff Changed - # base0F - Deprecated, Opening/Closing Embedded Language Tags, e.g. +# base00 - Default Background +# base01 - Lighter Background (Used for status bars) +# base02 - Selection Background +# base03 - Comments, Invisibles, Line Highlighting +# base04 - Dark Foreground (Used for status bars) +# base05 - Default Foreground, Caret, Delimiters, Operators +# base06 - Light Foreground (Not often used) +# base07 - Light Background (Not often used) +# base08 - Variables, XML Tags, Markup Link Text, Markup Lists, Diff Deleted +# base09 - Integers, Boolean, Constants, XML Attributes, Markup Link Url +# base0A - Classes, Markup Bold, Search Text Background +# base0B - Strings, Inherited Class, Markup Code, Diff Inserted +# base0C - Support, Regular Expressions, Escape Characters, Markup Quotes +# base0D - Functions, Methods, Attribute IDs, Headings +# base0E - Keywords, Storage, Selector, Markup Italic, Diff Changed +# base0F - Deprecated, Opening/Closing Embedded Language Tags, e.g. #+end_src ** .gitmessage :PROPERTIES: diff --git a/files/emacs/init.el b/files/emacs/init.el index 7f8999a..05a8905 100644 --- a/files/emacs/init.el +++ b/files/emacs/init.el @@ -1579,7 +1579,6 @@ create a new one." '((:maildir "/leon/Inbox" :key ?1) (:maildir "/nautilus/Inbox" :key ?2) (:maildir "/mrswarsel/Inbox" :key ?3) - (:maildir "/work/Inbox" :key ?4) (:maildir "/Sent Mail" :key ?s) (:maildir "/Trash" :key ?t) (:maildir "/Drafts" :key ?d) diff --git a/files/scripts/command-not-found.sh b/files/scripts/command-not-found.sh index c81cb7a..4cd0b87 100644 --- a/files/scripts/command-not-found.sh +++ b/files/scripts/command-not-found.sh @@ -6,7 +6,7 @@ command_not_found_handle() { fi echo -n "searching nix-index..." - ATTRS=$(@nix-locate@ --minimal --no-group --type x --type s --whole-name --at-root "/bin/$1") + ATTRS=$(@nix-locate@ --minimal --no-group --type x --type s --top-level --whole-name --at-root "/bin/$1") case $(echo -n "$ATTRS" | grep -c "^") in 0) diff --git a/files/scripts/screenshare.sh b/files/scripts/screenshare.sh new file mode 100644 index 0000000..e4d4f5f --- /dev/null +++ b/files/scripts/screenshare.sh @@ -0,0 +1,23 @@ +headless="false" +while [[ $# -gt 0 ]]; do + case "$1" in + -h) + headless="true" + ;; + *) + echo "Invalid option detected." + ;; + esac + shift +done + +SHARESCREEN="$(nix eval --raw ~/.dotfiles#nixosConfigurations."$(hostname)".config.home-manager.users."$(whoami)".swarselsystems.sharescreen)" + +if [[ $headless == "true" ]]; then + wl-mirror "$SHARESCREEN" +else + wl-mirror "$SHARESCREEN" & + sleep 0.1 + swaymsg '[app_id=at.yrlf.wl_mirror] move to workspace 14:T' + swaymsg '[app_id=at.yrlf.wl_mirror] fullscreen' +fi diff --git a/files/scripts/swarselcheck-niri.sh b/files/scripts/swarselcheck-niri.sh deleted file mode 100644 index f0b2143..0000000 --- a/files/scripts/swarselcheck-niri.sh +++ /dev/null @@ -1,36 +0,0 @@ -while :; do - case ${1:-} in - -k | --kitty) - cmd=(sh -c 'kitty --app-id kittyterm -o confirm_os_window_close=0 zellij attach --create kittyterm' '&') - searchapp="kittyterm" - ;; - -e | --element) - cmd=(element-desktop) - searchapp="Element" - ;; - -d | --vesktop) - cmd=(vesktop) - searchapp="vesktop" - ;; - -s | --spotifyplayer) - cmd=(sh -c 'kitty --add-id spotifytui -o confirm_os_window_close=0 spotify_player' '&') - searchapp="spotifytui" - ;; - *) break ;; - esac - shift -done - -WIN_INFO=$(niri msg -j windows | jq --arg search "$searchapp" '.[] | select (.app_id | test($search)) | { id, is_focused, workspace_id }') -ID=$(echo "$WIN_INFO" | jq -r '.id // empty') -IS_FOCUSED=$(echo "$WIN_INFO" | jq -r '.is_focused // empty') -TARGET_MONITOR=$(niri msg -j workspaces | jq --arg search "" '.[] | select (.name != null and (.name | test($search))) | { output }' | jq -r '.output // empty') -CURRENT_WORKSPACE=$(niri msg -j workspaces | jq -r '.[] | select (.is_active == true) | .output // empty') - -if [ -z "$ID" ]; then - niri msg action spawn -- "${cmd[@]}" -elif [ "$IS_FOCUSED" ]; then - niri msg action move-window-to-workspace "" --window-id "$ID" --focus false -else - niri msg action focus-monitor "$TARGET_MONITOR" && niri msg action move-window-to-workspace "$CURRENT_WORKSPACE" --window-id "$ID" && niri msg action focus-floating -fi diff --git a/files/stylix/swarsel.yaml b/files/stylix/swarsel.yaml index 155b93e..772524b 100644 --- a/files/stylix/swarsel.yaml +++ b/files/stylix/swarsel.yaml @@ -1,39 +1,21 @@ # scheme: "better-contrast" author: "Swarsel" -author: "Swarsel" -base00: "1d252c" #1d252c" -base01: "171d23" #171d23" -base02: "206a86" #206a86" -base03: "003a66" #003a66" -base04: "5ec4ff" #5ec4ff" -base05: "a0b3c5" #a0b3c5" -base06: "7ed4ff" #7ed4ff" -base07: "8ef4ff" #8ef4ff" -base08: "d95468" #d95468" -base09: "ffa880" #ffa880" -base0A: "6ed4ff" #6ed4ff" -base0B: "8bd49c" #8bd49c" -base0C: "008b94" #008b94" -base0D: "5ec4ff" #5ec4ff" -base0E: "c06ece" #c06ece" -base0F: "3c0044" #3c0044" - -# base00: "1D252C" # #1d252c passt -# base01: "171D23" # #171d23 -# base02: "5EC4FF" # #5EC4FF -# base03: "566C7D" # #566C7D passt -# base04: "5EC4FF" # #5EC4FF passt -# base05: "A0B3C5" # #A0B3C5 passt -# base06: "C06ECE" # #C06ECE passt -# base07: "A0B3C5" # #A0B3C5 passt -# base08: "D95468" # #D95468 passt -# base09: "FFA880" # #ffA880 passt -# base0A: "5EC4FF" # #5EC4FF -# base0B: "8BD49C" # #8BD49C -# base0C: "008B94" # #008B94 passt -# base0D: "5EC4FF" # #5EC4FF passt -# base0E: "C06ECE" # #C06ECE passt -# base0F: "5EC4FF" # #5EC4FF passt +base00: "1D252C" # #1d252c passt +base01: "171D23" # #171d23 +base02: "5EC4FF" # #5EC4FF +base03: "566C7D" # #566C7D passt +base04: "5EC4FF" # #5EC4FF passt +base05: "A0B3C5" # #A0B3C5 passt +base06: "C06ECE" # #C06ECE passt +base07: "A0B3C5" # #A0B3C5 passt +base08: "D95468" # #D95468 passt +base09: "FFA880" # #ffA880 passt +base0A: "5EC4FF" # #5EC4FF +base0B: "8BD49C" # #8BD49C +base0C: "008B94" # #008B94 passt +base0D: "5EC4FF" # #5EC4FF passt +base0E: "C06ECE" # #C06ECE passt +base0F: "5EC4FF" # #5EC4FF passt # base00 - Default Background # base01 - Lighter Background (Used for status bars) diff --git a/flake.lock b/flake.lock index 7275056..394265e 100644 --- a/flake.lock +++ b/flake.lock @@ -510,7 +510,7 @@ "swarsel", "nixpkgs" ], - "nixpkgs-stable": "nixpkgs-stable_4" + "nixpkgs-stable": "nixpkgs-stable_3" }, "locked": { "lastModified": 1751908357, @@ -533,7 +533,7 @@ "swarsel", "nixpkgs" ], - "nixpkgs-stable": "nixpkgs-stable_6" + "nixpkgs-stable": "nixpkgs-stable_5" }, "locked": { "lastModified": 1751908357, @@ -1887,64 +1887,6 @@ "type": "github" } }, - "niri-flake": { - "inputs": { - "niri-stable": "niri-stable", - "niri-unstable": "niri-unstable", - "nixpkgs": [ - "nixpkgs" - ], - "nixpkgs-stable": "nixpkgs-stable_2", - "xwayland-satellite-stable": "xwayland-satellite-stable", - "xwayland-satellite-unstable": "xwayland-satellite-unstable" - }, - "locked": { - "lastModified": 1754797984, - "narHash": "sha256-t2WFkdB2qUyZt5rdqmJ340kqhvQWWOCJBJIc1nQ/Hg4=", - "owner": "sodiboo", - "repo": "niri-flake", - "rev": "647a310f1eaa59abec8aa215ff69d8979195425e", - "type": "github" - }, - "original": { - "owner": "sodiboo", - "repo": "niri-flake", - "type": "github" - } - }, - "niri-stable": { - "flake": false, - "locked": { - "lastModified": 1748151941, - "narHash": "sha256-z4viQZLgC2bIJ3VrzQnR+q2F3gAOEQpU1H5xHtX/2fs=", - "owner": "YaLTeR", - "repo": "niri", - "rev": "8ba57fcf25d2fc9565131684a839d58703f1dae7", - "type": "github" - }, - "original": { - "owner": "YaLTeR", - "ref": "v25.05.1", - "repo": "niri", - "type": "github" - } - }, - "niri-unstable": { - "flake": false, - "locked": { - "lastModified": 1754742008, - "narHash": "sha256-Tp0FG7VpLudVEC622d91z2hbdfPLCXxw0Nv43iNN4O0=", - "owner": "YaLTeR", - "repo": "niri", - "rev": "67361f88fd01974ebee4cf80f0e29c87d805cc39", - "type": "github" - }, - "original": { - "owner": "YaLTeR", - "repo": "niri", - "type": "github" - } - }, "nix-darwin": { "inputs": { "nixpkgs": [ @@ -2521,11 +2463,11 @@ }, "nixpkgs-dev": { "locked": { - "lastModified": 1755895490, - "narHash": "sha256-BIqIaeWsmrSxIs/oUg5hjo0/ZU0d5pf5RkPvcQGRilc=", + "lastModified": 1754384443, + "narHash": "sha256-sjSFVbQhMJ6c3x/DUWmactuR2sw1FtLzBMXMyicOQSU=", "owner": "Swarsel", "repo": "nixpkgs", - "rev": "526b9d738fc2af2eb010b996b9b5918b46e7cf92", + "rev": "d078a753aa08f98a2aa11922f87ae2b11bf67ca9", "type": "github" }, "original": { @@ -2939,22 +2881,6 @@ } }, "nixpkgs-stable_3": { - "locked": { - "lastModified": 1754689972, - "narHash": "sha256-eogqv6FqZXHgqrbZzHnq43GalnRbLTkbBbFtEfm1RSc=", - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "fc756aa6f5d3e2e5666efcf865d190701fef150a", - "type": "github" - }, - "original": { - "owner": "NixOS", - "ref": "nixos-25.05", - "repo": "nixpkgs", - "type": "github" - } - }, - "nixpkgs-stable_4": { "locked": { "lastModified": 1751274312, "narHash": "sha256-/bVBlRpECLVzjV19t5KMdMFWSwKLtb5RyXdjz3LJT+g=", @@ -2970,7 +2896,7 @@ "type": "github" } }, - "nixpkgs-stable_5": { + "nixpkgs-stable_4": { "locked": { "lastModified": 1751741127, "narHash": "sha256-t75Shs76NgxjZSgvvZZ9qOmz5zuBE8buUaYD28BMTxg=", @@ -2986,7 +2912,7 @@ "type": "github" } }, - "nixpkgs-stable_6": { + "nixpkgs-stable_5": { "locked": { "lastModified": 1751274312, "narHash": "sha256-/bVBlRpECLVzjV19t5KMdMFWSwKLtb5RyXdjz3LJT+g=", @@ -3002,7 +2928,7 @@ "type": "github" } }, - "nixpkgs-stable_7": { + "nixpkgs-stable_6": { "locked": { "lastModified": 1751741127, "narHash": "sha256-t75Shs76NgxjZSgvvZZ9qOmz5zuBE8buUaYD28BMTxg=", @@ -4059,7 +3985,6 @@ "home-manager": "home-manager", "impermanence": "impermanence", "lanzaboote": "lanzaboote", - "niri-flake": "niri-flake", "nix-darwin": "nix-darwin", "nix-index-database": "nix-index-database", "nix-on-droid": "nix-on-droid", @@ -4070,7 +3995,7 @@ "nixpkgs": "nixpkgs_4", "nixpkgs-dev": "nixpkgs-dev", "nixpkgs-kernel": "nixpkgs-kernel", - "nixpkgs-stable": "nixpkgs-stable_3", + "nixpkgs-stable": "nixpkgs-stable_2", "nixpkgs-stable24_05": "nixpkgs-stable24_05", "nixpkgs-stable24_11": "nixpkgs-stable24_11", "nswitch-rcm-nix": "nswitch-rcm-nix", @@ -4457,7 +4382,7 @@ "nixpkgs": "nixpkgs_12", "nixpkgs-dev": "nixpkgs-dev_2", "nixpkgs-kernel": "nixpkgs-kernel_2", - "nixpkgs-stable": "nixpkgs-stable_5", + "nixpkgs-stable": "nixpkgs-stable_4", "nixpkgs-stable24_05": "nixpkgs-stable24_05_2", "nixpkgs-stable24_11": "nixpkgs-stable24_11_2", "nswitch-rcm-nix": "nswitch-rcm-nix_2", @@ -4491,11 +4416,11 @@ "systems": "systems_17" }, "locked": { - "lastModified": 1754895103, - "narHash": "sha256-v8t5EjfbDurvTCBVHtFSRL+m5OfCPpTMmgzVC7h93sU=", + "lastModified": 1754846369, + "narHash": "sha256-yT9Z1VS/i9ZkqdeMYjACd0xPmF/X0ZILt7YTlHfBD8k=", "owner": "Swarsel", "repo": "swarsel-modules", - "rev": "4e779044540278b93171d846c71d2bd7823fd806", + "rev": "60a2c35486f458e9ae95883801d8509840096d21", "type": "github" }, "original": { @@ -4525,7 +4450,7 @@ "nixpkgs": "nixpkgs_20", "nixpkgs-dev": "nixpkgs-dev_3", "nixpkgs-kernel": "nixpkgs-kernel_3", - "nixpkgs-stable": "nixpkgs-stable_7", + "nixpkgs-stable": "nixpkgs-stable_6", "nixpkgs-stable24_05": "nixpkgs-stable24_05_3", "nixpkgs-stable24_11": "nixpkgs-stable24_11_3", "nswitch-rcm-nix": "nswitch-rcm-nix_3", @@ -5210,39 +5135,6 @@ "url": "ssh://git@github.com/vbc-it/vbc-nix.git" } }, - "xwayland-satellite-stable": { - "flake": false, - "locked": { - "lastModified": 1748488455, - "narHash": "sha256-IiLr1alzKFIy5tGGpDlabQbe6LV1c9ABvkH6T5WmyRI=", - "owner": "Supreeeme", - "repo": "xwayland-satellite", - "rev": "3ba30b149f9eb2bbf42cf4758d2158ca8cceef73", - "type": "github" - }, - "original": { - "owner": "Supreeeme", - "ref": "v0.6", - "repo": "xwayland-satellite", - "type": "github" - } - }, - "xwayland-satellite-unstable": { - "flake": false, - "locked": { - "lastModified": 1754533920, - "narHash": "sha256-fCZ68Yud1sUCq6UNXj0SDyiBgVA8gJUE+14ZFGsFJG8=", - "owner": "Supreeeme", - "repo": "xwayland-satellite", - "rev": "e0d1dad25a158551ab58547b2ece4b7d5a19929c", - "type": "github" - }, - "original": { - "owner": "Supreeeme", - "repo": "xwayland-satellite", - "type": "github" - } - }, "zjstatus": { "inputs": { "crane": "crane_4", diff --git a/flake.nix b/flake.nix index d70ec01..af2d912 100644 --- a/flake.nix +++ b/flake.nix @@ -87,11 +87,6 @@ url = "github:Gerg-l/spicetify-nix"; inputs.nixpkgs.follows = "nixpkgs"; }; - niri-flake = { - url = "github:sodiboo/niri-flake"; - inputs.nixpkgs.follows = "nixpkgs"; - }; - }; outputs = inputs: diff --git a/hosts/nixos/moonside/default.nix b/hosts/nixos/moonside/default.nix index 69d0afb..86555e5 100644 --- a/hosts/nixos/moonside/default.nix +++ b/hosts/nixos/moonside/default.nix @@ -14,7 +14,6 @@ in # defaultSopsFile = lib.mkForce "/home/swarsel/.dotfiles/secrets/moonside/secrets.yaml"; secrets = { wireguard-private-key = { inherit sopsFile; }; - wireguard-home-preshared-key = { inherit sopsFile; }; }; }; @@ -50,23 +49,16 @@ in interfaces = { home-vpn = { privateKeyFile = config.sops.secrets.wireguard-private-key.path; - # ips = [ "192.168.3.4/32" ]; - ips = [ "192.168.178.201/24" ]; + ips = [ "192.168.3.4/32" ]; peers = [ { - # publicKey = "NNGvakADslOTCmN9HJOW/7qiM+oJ3jAlSZGoShg4ZWw="; - publicKey = "PmeFInoEJcKx+7Kva4dNnjOEnJ8lbudSf1cbdo/tzgw="; - presharedKeyFile = config.sops.secrets.wireguard-home-preshared-key.path; + publicKey = "NNGvakADslOTCmN9HJOW/7qiM+oJ3jAlSZGoShg4ZWw="; name = "moonside"; persistentKeepalive = 25; - # endpoint = "${config.repo.secrets.common.ipv4}:51820"; - endpoint = "${config.repo.secrets.common.wireguardEndpoint}"; - # allowedIPs = [ - # "192.168.3.0/24" - # "192.168.1.0/24" - # ]; + endpoint = "${config.repo.secrets.common.ipv4}:51820"; allowedIPs = [ - "192.168.178.0/24" + "192.168.3.0/24" + "192.168.1.0/24" ]; } ]; @@ -135,7 +127,6 @@ in }; swarselsystems = { - flakePath = "/root/.dotfiles"; info = "VM.Standard.A1.Flex, 4 OCPUs, 24GB RAM"; isImpermanence = true; isSecureBoot = false; diff --git a/hosts/nixos/pyramid/default.nix b/hosts/nixos/pyramid/default.nix index 20054e5..b89f44d 100644 --- a/hosts/nixos/pyramid/default.nix +++ b/hosts/nixos/pyramid/default.nix @@ -56,8 +56,7 @@ in }; monitors = { main = { - # name = "BOE 0x0BC9 Unknown"; - name = "BOE 0x0BC9"; + name = "BOE 0x0BC9 Unknown"; mode = "2560x1600"; # TEMPLATE scale = "1"; position = "2560,0"; diff --git a/hosts/nixos/winters/default.nix b/hosts/nixos/winters/default.nix index 5345157..9e872ff 100644 --- a/hosts/nixos/winters/default.nix +++ b/hosts/nixos/winters/default.nix @@ -10,8 +10,6 @@ loader.efi.canTouchEfiVariables = true; }; - globals.hosts.${config.node.name}.ipv4 = config.repo.secrets.local.ipv4; - networking = { inherit (config.repo.secrets.local) hostId; hostName = "winters"; diff --git a/hosts/nixos/winters/secrets/pii.nix.enc b/hosts/nixos/winters/secrets/pii.nix.enc index 448bd0a..9c0e82b 100644 --- a/hosts/nixos/winters/secrets/pii.nix.enc +++ b/hosts/nixos/winters/secrets/pii.nix.enc @@ -1,5 +1,5 @@ { - "data": "ENC[AES256_GCM,data:ehwByZT896X/hKe5CgolapiScCrPj9yhc99mWJ8HCDvK/p5JsZcq/fISfnhNDtXw2mk9DzdCAOkOqaJ2K/ZQTkTogqKbO/992K23hXe6xF/HhjjELJuRf5mnVT8Z9T27Co9w1FyGQnzIMEJcj7NVfnwjZjOSRFJG9u2tjRy09gO6cNnRF4fKZzqy3BRKWo/2CCib+nIFTrUX/tE9gUm0kIkX9lEDFH4lEXdNnVZTPeGM8OTAhiClWzqWInFqW9CrXaXuZrkfa0XyaXG4pWr+J8rYjBGqCHU4h43FqkUU0UKbapTbnY7yxlnwA61dueGYYpXGjRuyY8rVD9GWd7FgPO7SrgbvOb6nSGBOdDsBa2ME3ysG2+9tQwOvKbllpD3BlK0ettpcdpqBtpFUrpf8PUJsmWdzVZTP0ZVM0k3OdqLIPzgB5mLrcN5MvJ6MvWXWo1i/yWKGFVSGNfD8cieI7avIXm9zwSouDz06fmq9cWtZ4oG+z+h0fjsw7Ns5/mmH8r298JIQmJKg8LhShA0PCC4Yptv8RCDJMv6DRVMCqIEc10rpg0jDZWPImeHh4eCY6qyXoDsDRXVIEEYVawQJIN7PJfV3fN8X+wCJJatARIrFapJFLGNRCyFrIG5h5IhACwaBmawZrJf9WQVaKCLVQ+NDyC6PMmsmuV5b6JukrPruTfXYLFdIODEr8qVYfvwaCN1mqa/iVLO3T9zNUEed7bSuLj0KAQdEdoxhrB/hU7EO3q9VfjZXMlnDyDQNAPKwpnsk18kCgVWL3S2BKwQbfFvKi9Aqx0WtBkn6K9UJ0tZyOywz1RdhH/CL+FxOU4PsG8piNgrvWEqMDFPaefaj9BNKIY8Mhb1wDgb5etVbT7vvhIGTZfUVUAOcXmySqqiDdSNwImDZAMJmzAoArzyUswq/dVzNmCfm7Or9/KAZxp5nqM/DrfPw2wLWpOxxyY6R/irzT9KyhHHtv59IROIDtU0wm6gzU3j+oEJ2MgnpRzgqknDM1K8j9Wk/kzPcT9Hqp9N95NfLApQHaKuDtmqFoa09mIQa5pGFacArWA0P8PjEsj5vJLZ1n/+HG0odU3fv5z54Azd1MmHu1lIvIRlbvKDmtvFW53IyLnD1sqRMCkntsuuef8bIobS6An8wy08tP+bKaPX4pMLUD9TpSkYgPOJEx9MVpUyUSGiBnVoN/DJr3ZrDY6cB9d+nOD9euQLv0F+dXteArvuxe2uTvetnmta+fW0+fQhLOoD2tNehOq3jyn1/JJlIzhx4K6go1toNeUKcZX/niYhzYjSw6+q6kQPcz+t+LhqyWdlWnLEDMc2auiJRpImGMjGYYF+pK6tPkBftmR5h0DcG7EYgL2XGEGprKRIIUuZ4a+DGGqb1aL99WenwU+Wtz/kvohuLZd1jsym0lhgqxlenx54GIzMDCu6UF5vYd1dnqfpKH0HjlBFRCZk/WXCp6BFrgtmhbUhfCi4xCUniDsN2zeIzH7rF+uIdqsTtm2bbSLBZh3RqeswqFMSs7ZnQRjmT3CdXS7F45vX2pMyo,iv:AtYXO4kgmOsMys8DFNe7aCq1PJ9sBzsaAmaNGVNMq4A=,tag:2ovss2xLfW3GgcdLfltwcQ==,type:str]", + "data": "ENC[AES256_GCM,data:Ow17QtITRfXk4BJGWb4jw1gX8HRIAdpBDpyGtif3Vb42cCqSWpLaIR1KecbU3OPkGesC/vh2tgmfE/xlm6nUR8kvRDZdhFr7UckeKFiD4hlfHBhGckaCXOiRZ3ACHrHfM/a2CbKDl14xLDMFDervdMRfB/4vjvnn9xvhjepZ1e7+Iopd9agL8r658AMFF3j2tRYZp7l5GLArs+7mUsFfXujkui1Xgh5+TRvYPh3zQ18RWyP4QMYP6HPHgHRH7S6uciUb6Qq1yEytOy3pCJTb+gZaa9xI1azzP7r83b7KeXdukupR+9fNWN52swDHXRugThMrh4kOrBdyaafJ1v2w4FTTPwj6JQvkxT+vMV4+WIclhD/FWtEHtUqsHDFnMzTIQfyTMt42HZKNdQDwp2fwuV1BP0qOUqRnheaTPiyZiZL8I27xDfwp5zfSqxA7KEzLL2uRbIPefdqNFlcte/xL9IkbTux+AmHaIjQeLkiPyMf2wc2NTIabWPk/ILC917vnancdAQuujB38SaWPrKeCEqDKsArvgjnmn47ctBND73G4PszieneCnuq4sNT9QrC81mk/AQv5TFG0i0fvPoXfpO4ul7MgaP+iPodb2CThHKDAwL+Gnq/6+tg+vJbTKxrsixHvYViA9p/ke1YaRFg2R8V7NwRDl68NI2yCaqj3qlS6Sa8Mx7IUQR6aCN4nkpcJs2GLVCEhWKFBsNXXhPa01C/81JGJ6+/zfHuGbY6gGtS7k3cZ9+dfizN29nBlp+A1U+Noxjl9arYOX4gjEnQhvo9Tp/gBCmrvXjoE6ja8XXUv78/Bfnvup52gdNunYRYv3Aj91F0u6fH6UqoWPXVTy6eznV727Pj9H1BPzMEfmf3EPc6Qcg7AR7vKORfH3U0PFXxFMY0kGEJdug5jmLuwUoRR9zOyHOqdS4Tk9BcMT02gRyQf6LZ3drDoqC35L5hop/gfbleUXXODn3cE1mEuAuZ08OSavZ24IHo1aMr50gjn32WSBKkjfC0dobBWzWwykxhu0vZZI3xYJx/59qqsodDGAJAhry5N6vrwM/PK/O73L2QBqkaT50eImIQ4+vpahcvFPRIkHLvQkzxlyH0dafuGyyF2gfig5Rq3vw02pT8z06LjmJ/ehvteyy1BE9CdiUvYHjaBXiWg2n5FvAe5e8EQxUx9+SwfwEpnucuocp7g+d3W3cXJOU6m9JxwvK7LX95MbpKOtdPq11yi35LLb1TikFLdFZyu+SeaNFD3AzQMOSem6Lwc7N7WHC5z3Ah7FvqqnL2J51hDfMLW78A7DCI9GNRVoyVjx++gRr+ftEf8UUAYmkJdT/D898wtLWmBXikY/2e36q3QJV0Hy3fGBjxLmN/Tdz62jgCaXrNdJqJTFZ5h+hjd03GT6utmPwp0D2lBSM0LXsZsql+jI54P8cFdu3S4mNIjHZqV1kmsk0MCCVJKnGODeLQLxJhp287N3+0HJEm4KicGWMchef/YeiLLtD7mz7ov/9OI,iv:KvoTnlj+f+eMsFEZP8F1v0r/xZ4aVBUWmO+zsQCvhS4=,tag:U1ziE2832QfNkP0yjIzBeA==,type:str]", "sops": { "age": [ { @@ -7,8 +7,8 @@ "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAyK0w2RjJ5R1l2ay94QXRj\nekJwSlowcFVLc1cvWVFjNEVFUnFocEJHYlNnCnBnUEYvNWdNWE9BTjB5ODRuTlAw\nMUh4QmlTeVVYNHM0S1FwWG5qUG42VDgKLS0tIHh5VlU2dVZmUlRIMDRlVEJmNU55\ncFlXR1BzMkVnMkFWN3BBZWhHalltMlEKibdARxBcFqaXUhYp3KkrrvO9YgaBDacl\n8BEv4ph0f2baDN0dsymJjmdHStwKTjOwDspRtCTs5u75hR35a2xyFQ==\n-----END AGE ENCRYPTED FILE-----\n" } ], - "lastmodified": "2025-08-12T18:21:56Z", - "mac": "ENC[AES256_GCM,data:6gxEKYRIefxE0DKWuc40wkOp/oCzKxg4jMz5WVqWHXUjOorz6A9TTLYo8UhYCVB8pwxC46iLCND3rDWudurz+2vl/tTDpuh04utB2f6GFy+g5f6Rs9x/KWWFR8pB/BwaG9tEW4UfF7bud6FYM9dY5fJADU6CPxpanOLdhzt7j8A=,iv:oxMFeIwbLFzvCZsmf/z5L3Wi4Quscx+zzD8dafEc66Y=,tag:hKfqVt2nZieQyqQAKexMiA==,type:str]", + "lastmodified": "2025-07-17T20:14:29Z", + "mac": "ENC[AES256_GCM,data:4YP1fp9Mcbx0pvS5l9Xzc5cbhFnBo5GkqyRvcEspNYQ3IW5LIWtPwItwLZH/ymfEkpwIVYOugnB12HJJo9jpudgfUMXtp43ImDUNVHs59qkNhJFmTSoEZMBHQjPtE/jE17OIAZzeA41EAItesrmExV1W8ePy7rTgHQl5BDooWME=,iv:vyZ0BGjMUDeoVMkDw6wLZK3KKIECK5caz/nQB3nXlGs=,tag:GAqKNcSf3Ny/WsB3tYM/og==,type:str]", "pgp": [ { "created_at": "2025-06-11T11:42:23Z", diff --git a/modules/home/common/custom-packages.nix b/modules/home/common/custom-packages.nix index 8ce08a2..5c66542 100644 --- a/modules/home/common/custom-packages.nix +++ b/modules/home/common/custom-packages.nix @@ -11,7 +11,6 @@ timer e swarselcheck - swarselcheck-niri waybarupdate opacitytoggle fs-diff diff --git a/modules/home/common/emacs.nix b/modules/home/common/emacs.nix index 1535d63..2a0d331 100644 --- a/modules/home/common/emacs.nix +++ b/modules/home/common/emacs.nix @@ -1,4 +1,4 @@ -{ self, lib, config, pkgs, globals, inputs, ... }: +{ self, lib, config, pkgs, globals, ... }: let inherit (config.swarselsystems) homeDir isPublic isNixos; inherit (config.repo.secrets.common.emacs) radicaleUser; @@ -56,19 +56,17 @@ in packageRequires = [ epkgs.jsonrpc epkgs.eglot ]; }) - (inputs.nixpkgs-dev.legacyPackages.${pkgs.system}.emacsPackagesFor pkgs.emacs-git-pgtk).calfw - # epkgs.calfw - # (epkgs.trivialBuild rec { - # pname = "calfw"; - # version = "1.0.0-20231002"; - # src = pkgs.fetchFromGitHub { - # owner = "haji-ali"; - # repo = "emacs-calfw"; - # rev = "bc99afee611690f85f0cd0bd33300f3385ddd3d3"; - # hash = "sha256-0xMII1KJhTBgQ57tXJks0ZFYMXIanrOl9XyqVmu7a7Y="; - # }; - # packageRequires = [ epkgs.howm ]; - # }) + (epkgs.trivialBuild rec { + pname = "calfw"; + version = "1.0.0-20231002"; + src = pkgs.fetchFromGitHub { + owner = "haji-ali"; + repo = "emacs-calfw"; + rev = "bc99afee611690f85f0cd0bd33300f3385ddd3d3"; + hash = "sha256-0xMII1KJhTBgQ57tXJks0ZFYMXIanrOl9XyqVmu7a7Y="; + }; + packageRequires = [ epkgs.howm ]; + }) (epkgs.trivialBuild rec { pname = "fast-scroll"; diff --git a/modules/home/common/gpg-agent.nix b/modules/home/common/gpg-agent.nix index e92711f..f8da000 100644 --- a/modules/home/common/gpg-agent.nix +++ b/modules/home/common/gpg-agent.nix @@ -7,14 +7,11 @@ in config = lib.mkIf config.swarselmodules.gpgagent { services.gpg-agent = { enable = true; - verbose = true; enableZshIntegration = true; enableScDaemon = true; enableSshSupport = true; enableExtraSocket = true; - pinentry.package = pkgs.wayprompt; - pinentry.program = "pinentry-wayprompt"; - # pinentry.package = pkgs.pinentry.gtk2; + pinentry.package = pkgs.pinentry.gtk2; defaultCacheTtl = 600; maxCacheTtl = 7200; extraConfig = '' diff --git a/modules/home/common/kanshi.nix b/modules/home/common/kanshi.nix index 43b80b0..026450e 100644 --- a/modules/home/common/kanshi.nix +++ b/modules/home/common/kanshi.nix @@ -1,16 +1,16 @@ -{ self, lib, pkgs, config, ... }: +{ lib, config, ... }: { options.swarselmodules.kanshi = lib.mkEnableOption "kanshi settings"; config = lib.mkIf config.swarselmodules.kanshi { swarselsystems = { monitors = { - homedesktop = rec { + homedesktop = { name = "Philips Consumer Electronics Company PHL BDM3270 AU11806002320"; mode = "2560x1440"; scale = "1"; position = "0,0"; - workspace = "11:M"; - output = name; + workspace = "1:一"; + output = "DP-11"; }; }; }; @@ -36,7 +36,6 @@ { profile = { name = "lidopen"; - exec = [ "${pkgs.swaybg}/bin/swaybg --output '${config.swarselsystems.sharescreen}' --image ${config.swarselsystems.wallpaper} --mode ${config.stylix.imageScalingMode}" ]; outputs = [ { criteria = "eDP-2"; @@ -47,51 +46,41 @@ }; } { - profile = - let - monitor = "Philips Consumer Electronics Company PHL BDM3270 AU11806002320"; - in - { - name = "lidopen"; - exec = [ "${pkgs.swaybg}/bin/swaybg --output '${monitor}' --image ${self}/files/wallpaper/standwp.png --mode ${config.stylix.imageScalingMode}" ]; - outputs = [ - { - criteria = config.swarselsystems.sharescreen; - status = "enable"; - scale = 1.7; - position = "2560,0"; - } - { - criteria = monitor; - scale = 1.0; - mode = "2560x1440"; - position = "0,0"; - } - ]; - }; + profile = { + name = "lidopen"; + outputs = [ + { + criteria = config.swarselsystems.sharescreen; + status = "enable"; + scale = 1.7; + position = "2560,0"; + } + { + criteria = "Philips Consumer Electronics Company PHL BDM3270 AU11806002320"; + scale = 1.0; + mode = "2560x1440"; + position = "0,0"; + } + ]; + }; } { - profile = - let - monitor = "Philips Consumer Electronics Company PHL BDM3270 AU11806002320"; - in - { - name = "lidclosed"; - exec = [ "${pkgs.swaybg}/bin/swaybg --output '${monitor}' --image ${self}/files/wallpaper/standwp.png --mode ${config.stylix.imageScalingMode}" ]; - outputs = [ - { - criteria = config.swarselsystems.sharescreen; - status = "disable"; - position = "2560,0"; - } - { - criteria = monitor; - scale = 1.0; - mode = "2560x1440"; - position = "0,0"; - } - ]; - }; + profile = { + name = "lidclosed"; + outputs = [ + { + criteria = config.swarselsystems.sharescreen; + status = "disable"; + position = "2560,0"; + } + { + criteria = "Philips Consumer Electronics Company PHL BDM3270 AU11806002320"; + scale = 1.0; + mode = "2560x1440"; + position = "0,0"; + } + ]; + }; } ]; }; diff --git a/modules/home/common/mail.nix b/modules/home/common/mail.nix index e86e03a..f977d12 100644 --- a/modules/home/common/mail.nix +++ b/modules/home/common/mail.nix @@ -119,7 +119,6 @@ in account = { Timeout = 120; PipelineDepth = 1; - AuthMechs = "LOGIN"; }; }; }; diff --git a/modules/home/common/niri.nix b/modules/home/common/niri.nix deleted file mode 100644 index 16f173b..0000000 --- a/modules/home/common/niri.nix +++ /dev/null @@ -1,204 +0,0 @@ -{ config, pkgs, lib, vars, ... }: -{ - options.swarselmodules.niri = lib.mkEnableOption "niri settings"; - config = lib.mkIf config.swarselmodules.niri { - - programs.niri = { - package = pkgs.niri-unstable; # which package to use for niri validation - settings = { - xwayland-satellite = { - enable = true; - path = "${lib.getExe pkgs.xwayland-satellite-unstable}"; - }; - prefer-no-csd = true; - layer-rules = [ - { matches = [{ namespace = "^notifications$"; }]; block-out-from = "screencast"; } - { matches = [{ namespace = "^wallpaper$"; }]; place-within-backdrop = true; } - ]; - window-rules = [ - { - matches = [{ app-id = ".*"; }]; - opacity = 0.95; - default-column-width = { proportion = 0.5; }; - shadow = { - enable = true; - draw-behind-window = true; - }; - geometry-corner-radius = { top-left = 2.0; top-right = 2.0; bottom-left = 2.0; bottom-right = 2.0; }; - } - { matches = [{ app-id = "at.yrlf.wl_mirror"; }]; opacity = 1.0; } - { matches = [{ app-id = "Gimp"; }]; opacity = 1.0; } - { matches = [{ app-id = "firefox"; }]; opacity = 0.99; } - { matches = [{ app-id = "^special.*"; }]; default-column-width = { proportion = 0.9; }; open-on-workspace = "Scratchpad"; } - { matches = [{ app-id = "chromium-browser"; }]; opacity = 0.99; } - { matches = [{ app-id = "^qalculate-gtk$"; }]; open-floating = true; } - { matches = [{ app-id = "^blueman$"; }]; open-floating = true; } - { matches = [{ app-id = "^pavucontrol$"; }]; open-floating = true; } - { matches = [{ app-id = "^syncthingtray$"; }]; open-floating = true; } - { matches = [{ app-id = "^Element$"; }]; open-floating = true; default-column-width = { proportion = 0.5; }; block-out-from = "screencast"; } - # { matches = [{ app-id = "^Element$"; }]; default-column-width = { proportion = 0.9; }; open-on-workspace = "Scratchpad"; block-out-from = "screencast"; } - { matches = [{ app-id = "^vesktop$"; }]; open-floating = true; default-column-width = { proportion = 0.5; }; block-out-from = "screencast"; } - # { matches = [{ app-id = "^vesktop$"; }]; default-column-width = { proportion = 0.9; }; open-on-workspace = "Scratchpad"; block-out-from = "screencast"; } - { matches = [{ app-id = "^com.nextcloud.desktopclient.nextcloud$"; }]; open-floating = true; } - { matches = [{ title = ".*1Password.*"; }]; excludes = [{ app-id = "^firefox$"; } { app-id = "^emacs$"; } { app-id = "^kitty$"; }]; open-floating = true; block-out-from = "screencast"; } - { matches = [{ title = "(?:Open|Save) (?:File|Folder|As)"; }]; open-floating = true; } - { matches = [{ title = "^Add$"; }]; open-floating = true; } - { matches = [{ title = "^Picture-in-Picture$"; }]; open-floating = true; } - { matches = [{ title = "Syncthing Tray"; }]; open-floating = true; } - { matches = [{ title = "^Emacs Popup Frame$"; }]; open-floating = true; } - { matches = [{ title = "^Emacs Popup Anchor$"; }]; open-floating = true; } - { matches = [{ app-id = "^spotifytui$"; }]; open-floating = true; default-column-width = { proportion = 0.5; }; } - { matches = [{ app-id = "^kittyterm$"; }]; open-floating = true; default-column-width = { proportion = 0.5; }; } - ]; - environment = { - DISPLAY = ":0"; - } // vars.waylandSessionVariables; - screenshot-path = "~/Pictures/Screenshots/screenshot_%Y-%m-%d-%H%M%S.png"; - input = { - mod-key = "Super"; - keyboard = { - xkb = { - layout = "us"; - variant = "altgr-intl"; - }; - }; - mouse = { - natural-scroll = false; - }; - touchpad = { - enable = true; - tap = true; - tap-button-map = "left-right-middle"; - natural-scroll = true; - scroll-method = "two-finger"; - click-method = "clickfinger"; - disabled-on-external-mouse = true; - drag = true; - drag-lock = false; - dwt = true; - dwtp = true; - }; - }; - cursor = { - hide-after-inactive-ms = 2000; - hide-when-typing = true; - }; - layout = { - background-color = "transparent"; - border = { - enable = true; - width = 1; - }; - focus-ring = { - enable = false; - }; - gaps = 5; - }; - binds = with config.lib.niri.actions; let - sh = spawn "sh" "-c"; - in - { - - # "Mod+Super_L" = spawn "killall -SIGUSR1 .waybar-wrapped"; - "Mod+z".action = spawn "killall -SIGUSR1 .waybar-wrapped"; - "Mod+Shift+t".action = toggle-window-rule-opacity; - # "Mod+Escape".action = "mode $exit"; - "Mod+m".action = focus-workspace-previous; - "Mod+Shift+Space".action = toggle-window-floating; - "Mod+Shift+f".action = toggle-windowed-fullscreen; - "Mod+q".action = close-window; - "Mod+f".action = spawn "firefox"; - "Mod+Space".action = spawn "fuzzel"; - "Mod+Shift+c".action = spawn "qalculate-gtk"; - "Mod+Ctrl+p".action = spawn "1password" "--quick-acces"; - "Mod+Shift+Escape".action = spawn "kitty" "-o" "confirm_os_window_close=0" "btm"; - "Mod+h".action = sh ''hyprpicker | wl-copy''; - # "Mod+s".action = spawn "grim" "-g" "\"$(slurp)\"" "-t" "png" "-" "|" "wl-copy" "-t" "image/png"; - "Mod+s".action = screenshot { show-pointer = false; }; - # "Mod+Shift+s".action = spawn "slurp" "|" "grim" "-g" "-" "Pictures/Screenshots/$(date +'screenshot_%Y-%m-%d-%H%M%S.png')"; - "Mod+Shift+s".action = screenshot-window { write-to-disk = true; }; - # "Mod+Shift+v".action = spawn "wf-recorder" "-g" "'$(slurp -f %o -or)'" "-f" "~/Videos/screenrecord_$(date +%Y-%m-%d-%H%M%S).mkv"; - - "Mod+e".action = sh "emacsclient -nquc -a emacs -e '(dashboard-open)'"; - "Mod+c".action = sh "emacsclient -ce '(org-capture)'"; - "Mod+t".action = sh "emacsclient -ce '(org-agenda)'"; - "Mod+Shift+m".action = sh "emacsclient -ce '(mu4e)'"; - "Mod+Shift+a".action = sh "emacsclient -ce '(swarsel/open-calendar)'"; - - "Mod+a".action = spawn "swarselcheck-niri" "-s"; - "Mod+x".action = spawn "swarselcheck-niri" "-k"; - "Mod+d".action = spawn "swarselcheck-niri" "-d"; - "Mod+w".action = spawn "swarselcheck-niri" "-e"; - - "Mod+p".action = spawn "pass-fuzzel"; - "Mod+o".action = spawn "pass-fuzzel" "--otp"; - "Mod+Shift+p".action = spawn "pass-fuzzel" "--type"; - "Mod+Shift+o".action = spawn "pass-fuzzel" "--otp" "--type"; - - "Mod+Left".action = focus-column-or-monitor-left; - "Mod+Right".action = focus-column-or-monitor-right; - "Mod+Down".action = focus-window-or-workspace-down; - "Mod+Up".action = focus-window-or-workspace-up; - "Mod+Shift+Left".action = move-column-left; - "Mod+Shift+Right".action = move-column-right; - "Mod+Shift+Down".action = move-window-down-or-to-workspace-down; - "Mod+Shift+Up".action = move-window-up-or-to-workspace-up; - # "Mod+Ctrl+Shift+c".action = "reload"; - # "Mod+Ctrl+Shift+r".action = "exec swarsel-displaypower"; - # "Mod+Shift+e".action = "exec swaynag -t warning -m 'You pressed the exit shortcut. Do you really want to exit sway? This will end your Wayland session.' -b 'Yes, exit sway' 'swaymsg exit'"; - # "Mod+r".action = "mode resize"; - # "Mod+Return".action = "exec kitty"; - "Mod+Return".action = spawn "swarselzellij"; - "XF86AudioRaiseVolume".action = spawn "swayosd-client" "--output-volume" "raise"; - "XF86AudioLowerVolume".action = spawn "swayosd-client" "--output-volume" "lower"; - "XF86AudioMute".action = spawn "swayosd-client" "--output-volume" "mute-toggle"; - "XF86MonBrightnessUp".action = spawn "swayosd-client" "--brightness raise"; - "XF86MonBrightnessDown".action = spawn "swayosd-client" "--brightness lower"; - "XF86Display".action = spawn "wl-mirror" "eDP-1"; - "Mod+Escape".action = spawn "wlogout"; - "Mod+Equal".action = set-column-width "+10%"; - "Mod+Minus".action = set-column-width "-10%"; - - "Mod+1".action = focus-workspace 1; - "Mod+2".action = focus-workspace 2; - "Mod+3".action = focus-workspace 3; - "Mod+4".action = focus-workspace 4; - "Mod+5".action = focus-workspace 5; - "Mod+6".action = focus-workspace 6; - "Mod+7".action = focus-workspace 7; - "Mod+8".action = focus-workspace 8; - "Mod+9".action = focus-workspace 9; - "Mod+0".action = focus-workspace 0; - - "Mod+Shift+1".action = move-column-to-index 1; - "Mod+Shift+2".action = move-column-to-index 2; - "Mod+Shift+3".action = move-column-to-index 3; - "Mod+Shift+4".action = move-column-to-index 4; - "Mod+Shift+5".action = move-column-to-index 5; - "Mod+Shift+6".action = move-column-to-index 6; - "Mod+Shift+7".action = move-column-to-index 7; - "Mod+Shift+8".action = move-column-to-index 8; - "Mod+Shift+9".action = move-column-to-index 9; - "Mod+Shift+0".action = move-column-to-index 0; - }; - spawn-at-startup = [ - { command = [ "vesktop" "--start-minimized" "--enable-speech-dispatcher" "--ozone-platform-hint=auto" "--enable-features=WaylandWindowDecorations" "--enable-wayland-ime" ]; } - { command = [ "element-desktop" "--hidden" "--enable-features=UseOzonePlatform" "--ozone-platform=wayland" "--disable-gpu-driver-bug-workarounds" ]; } - { command = [ "anki" ]; } - { command = [ "obsidian" ]; } - { command = [ "nm-applet" ]; } - { command = [ "niri" "msg" "action" "focus-workspace" "2" ]; } - ]; - workspaces = { - # "01-Main" = { - # name = "Scratchpad"; - # }; - "99-Scratchpad" = { - name = ""; - }; - }; - }; - }; - - }; -} diff --git a/modules/home/common/packages.nix b/modules/home/common/packages.nix index f39bb61..0e066d8 100644 --- a/modules/home/common/packages.nix +++ b/modules/home/common/packages.nix @@ -70,7 +70,6 @@ restic # "big" programs - obs-studio gimp inkscape zoom-us @@ -81,7 +80,7 @@ # spotify vesktop # discord client # nextcloud-client # enables a systemd service that I do not want - stable.spotify-player + spotify-player element-desktop nicotine-plus stable.transmission_3 @@ -136,8 +135,8 @@ # wayland stuff wtype - wl-mirror wl-clipboard + stable.wl-mirror wf-recorder kanshi diff --git a/modules/home/common/ssh.nix b/modules/home/common/ssh.nix index 0124c15..052e9a1 100644 --- a/modules/home/common/ssh.nix +++ b/modules/home/common/ssh.nix @@ -19,7 +19,7 @@ user = "root"; }; "winters" = { - hostname = "192.168.178.24"; + hostname = "192.168.1.2"; user = "root"; }; "minecraft" = { diff --git a/modules/home/common/sway.nix b/modules/home/common/sway.nix index f4e13de..5d1e5c3 100644 --- a/modules/home/common/sway.nix +++ b/modules/home/common/sway.nix @@ -1,4 +1,4 @@ -{ config, lib, vars, ... }: +{ self, config, lib, vars, ... }: let eachOutput = _: monitor: { inherit (monitor) name; @@ -201,14 +201,22 @@ in "${modifier}+r" = "mode resize"; # "${modifier}+Return" = "exec kitty"; "${modifier}+Return" = "exec swarselzellij"; + "${modifier}+Print" = "exec screenshare"; + # exec swaymsg move workspace to "$(swaymsg -t get_outputs | jq '[.[] | select(.active == true)] | .[(map(.focused) | index(true) + 1) % length].name')" + # "XF86AudioRaiseVolume" = "exec pa 5%"; + # "XF86AudioRaiseVolume" = "exec pamixer -i 5"; "XF86AudioRaiseVolume" = "exec swayosd-client --output-volume raise"; + # "XF86AudioLowerVolume" = "exec pactl set-sink-volume @DEFAULT_SINK@ -5%"; + # "XF86AudioLowerVolume" = "exec pamixer -d 5"; "XF86AudioLowerVolume" = "exec swayosd-client --output-volume lower"; + # "XF86AudioMute" = "exec pactl set-sink-mute @DEFAULT_SINK@ toggle"; + # "XF86AudioMute" = "exec pamixer -t"; "XF86AudioMute" = "exec swayosd-client --output-volume mute-toggle"; + # "XF86MonBrightnessUp" = "exec brightnessctl set +5%"; "XF86MonBrightnessUp" = "exec swayosd-client --brightness raise"; + # "XF86MonBrightnessDown" = "exec brightnessctl set 5%-"; "XF86MonBrightnessDown" = "exec swayosd-client --brightness lower"; "XF86Display" = "exec wl-mirror eDP-1"; - # "--no-repeat Super_L" = "exec killall -SIGUSR1 .waybar-wrapped"; - # "${modifier}+z" = "exec killall -SIGUSR1 .waybar-wrapped"; } config.swarselsystems.keybindings; modes = { @@ -223,14 +231,14 @@ in }; }; defaultWorkspace = "workspace 1:一"; - # output = { - # "${config.swarselsystems.sharescreen}" = { - # bg = "${self}/files/wallpaper/lenovowp.png ${config.stylix.imageScalingMode}"; - # }; - # "Philips Consumer Electronics Company PHL BDM3270 AU11806002320" = { - # bg = "${self}/files/wallpaper/standwp.png ${config.stylix.imageScalingMode}"; - # }; - # }; + output = { + "${config.swarselsystems.sharescreen}" = { + bg = "${self}/files/wallpaper/lenovowp.png ${config.stylix.imageScalingMode}"; + }; + "Philips Consumer Electronics Company PHL BDM3270 AU11806002320" = { + bg = "${self}/files/wallpaper/standwp.png ${config.stylix.imageScalingMode}"; + }; + }; input = config.swarselsystems.standardinputs; workspaceOutputAssign = let diff --git a/modules/home/common/waybar.nix b/modules/home/common/waybar.nix index fce5b2d..f773ed2 100644 --- a/modules/home/common/waybar.nix +++ b/modules/home/common/waybar.nix @@ -70,29 +70,20 @@ in enable = true; systemd = { enable = true; - # target = "sway-session.target"; - inherit (config.wayland.systemd) target; + target = "sway-session.target"; }; settings = { mainBar = { ipc = true; id = "bar-0"; - # mode = "hide"; - # mode = "overlay"; - # passthrough = false; - # start_hidden = true; layer = "top"; position = "top"; - modules-left = [ "sway/workspaces" "niri/workspaces" "custom/outer-right-arrow-dark" "niri/window" "sway/window" ]; + modules-left = [ "sway/workspaces" "custom/outer-right-arrow-dark" "sway/window" ]; modules-center = [ "sway/mode" "privacy" "custom/github" "custom/configwarn" "custom/nix-updates" ]; "sway/mode" = { format = "{}"; }; - "niri/window" = { - format = "{title} ({app_id})"; - }; - modules-right = config.swarselsystems.waybarModules; "custom/pseudobat" = lib.mkIf (!config.swarselsystems.isLaptop) { diff --git a/modules/home/optional/work.nix b/modules/home/optional/work.nix index ce6459e..2ada5d5 100644 --- a/modules/home/optional/work.nix +++ b/modules/home/optional/work.nix @@ -59,8 +59,9 @@ in }; }; msmtp = { - enable = true; + enable = false; extraConfig = { + account = "work"; auth = "xoauth2"; host = "outlook.office365.com"; protocol = "smtp"; @@ -72,11 +73,10 @@ in passwordeval = "pizauth show work"; }; }; - mu.enable = true; + mu.enable = false; mbsync = { - enable = true; + enable = false; expunge = "both"; - patterns = [ "INBOX" ]; extraConfig = { account = { AuthMechs = "XOAUTH2"; @@ -85,19 +85,19 @@ in }; }; - # wayland.windowManager.sway.config = { - # output = { - # "Applied Creative Technology Transmitter QUATTRO201811" = { - # bg = "${self}/files/wallpaper/navidrome.png ${config.stylix.imageScalingMode}"; - # }; - # "Hewlett Packard HP Z24i CN44250RDT" = { - # bg = "${self}/files/wallpaper/op6wp.png ${config.stylix.imageScalingMode}"; - # }; - # "HP Inc. HP 732pk CNC4080YL5" = { - # bg = "${self}/files/wallpaper/botanicswp.png ${config.stylix.imageScalingMode}"; - # }; - # }; - # }; + wayland.windowManager.sway.config = { + output = { + "Applied Creative Technology Transmitter QUATTRO201811" = { + bg = "${self}/files/wallpaper/navidrome.png ${config.stylix.imageScalingMode}"; + }; + "Hewlett Packard HP Z24i CN44250RDT" = { + bg = "${self}/files/wallpaper/op6wp.png ${config.stylix.imageScalingMode}"; + }; + "HP Inc. HP 732pk CNC4080YL5" = { + bg = "${self}/files/wallpaper/botanicswp.png ${config.stylix.imageScalingMode}"; + }; + }; + }; stylix = { targets.firefox.profileNames = @@ -278,10 +278,6 @@ in { profile = { name = "lidopen"; - exec = [ - "${pkgs.swaybg}/bin/swaybg --output 'HP Inc. HP 732pk CNC4080YL5' --image ${self}/files/wallpaper/botanicswp.png --mode ${config.stylix.imageScalingMode}" - "${pkgs.swaybg}/bin/swaybg --output 'Hewlett Packard HP Z24i CN44250RDT' --image ${self}/files/wallpaper/op6wp.png --mode ${config.stylix.imageScalingMode}" - ]; outputs = [ { criteria = config.swarselsystems.sharescreen; @@ -306,39 +302,27 @@ in }; } { - profile = - let - monitor = "Applied Creative Technology Transmitter QUATTRO201811"; - in - { - name = "lidopen"; - exec = [ - "${pkgs.swaybg}/bin/swaybg --output '${monitor}' --image ${self}/files/wallpaper/navidrome.png --mode ${config.stylix.imageScalingMode}" - "${pkgs.kanshare}/bin/kanshare ${config.swarselsystems.sharescreen} '${monitor}'" - ]; - outputs = [ - { - criteria = config.swarselsystems.sharescreen; - status = "enable"; - scale = 1.7; - position = "2560,0"; - } - { - criteria = "Applied Creative Technology Transmitter QUATTRO201811"; - scale = 1.0; - mode = "1280x720"; - position = "10000,10000"; - } - ]; - }; + profile = { + name = "lidopen"; + outputs = [ + { + criteria = config.swarselsystems.sharescreen; + status = "enable"; + scale = 1.7; + position = "2560,0"; + } + { + criteria = "Applied Creative Technology Transmitter QUATTRO201811"; + scale = 1.0; + mode = "1280x720"; + position = "10000,10000"; + } + ]; + }; } { profile = { name = "lidclosed"; - exec = [ - "${pkgs.swaybg}/bin/swaybg --output 'HP Inc. HP 732pk CNC4080YL5' --image ${self}/files/wallpaper/botanicswp.png --mode ${config.stylix.imageScalingMode}" - "${pkgs.swaybg}/bin/swaybg --output 'Hewlett Packard HP Z24i CN44250RDT' --image ${self}/files/wallpaper/op6wp.png --mode ${config.stylix.imageScalingMode}" - ]; outputs = [ { criteria = config.swarselsystems.sharescreen; @@ -361,47 +345,28 @@ in }; } { - profile = - let - monitor = "Applied Creative Technology Transmitter QUATTRO201811"; - in - { - name = "lidclosed"; - exec = [ - "${pkgs.swaybg}/bin/swaybg --output '${monitor}' --image ${self}/files/wallpaper/navidrome.png --mode ${config.stylix.imageScalingMode}" - ]; - outputs = [ - { - criteria = config.swarselsystems.sharescreen; - status = "disable"; - } - { - criteria = "Applied Creative Technology Transmitter QUATTRO201811"; - scale = 1.0; - mode = "1280x720"; - position = "10000,10000"; - } - ]; - }; + profile = { + name = "lidclosed"; + outputs = [ + { + criteria = config.swarselsystems.sharescreen; + status = "disable"; + } + { + criteria = "Applied Creative Technology Transmitter QUATTRO201811"; + scale = 1.0; + mode = "1280x720"; + position = "10000,10000"; + } + ]; + }; } ]; }; }; - systemd.user.services.pizauth.Service = { - ExecStartPost = [ - "${pkgs.toybox}/bin/sleep 1" - "//bin/sh -c '${lib.getExe pkgs.pizauth} restore < ${homeDir}/.pizauth.state'" - ]; - }; - swarselservices.pizauth = { enable = true; - extraConfig = '' - auth_notify_cmd = "if [[ \"$(notify-send -A \"Open $PIZAUTH_ACCOUNT\" -t 30000 'pizauth authorisation')\" == \"0\" ]]; then open \"$PIZAUTH_URL\"; fi"; - error_notify_cmd = "notify-send -t 90000 \"pizauth error for $PIZAUTH_ACCOUNT\" \"$PIZAUTH_MSG\""; - token_event_cmd = "pizauth dump > ${homeDir}/.pizauth.state"; - ''; accounts = { work = { authUri = "https://login.microsoftonline.com/common/oauth2/v2.0/authorize"; @@ -479,60 +444,70 @@ in { command = "1password"; } ]; monitors = { - work_back_middle = rec { + main = { + name = "BOE 0x0BC9 Unknown"; + mode = "2560x1600"; # TEMPLATE + scale = "1"; + position = "2560,0"; + workspace = "15:L"; + output = "eDP-2"; + }; + homedesktop = { + name = "Philips Consumer Electronics Company PHL BDM3270 AU11806002320"; + mode = "2560x1440"; + scale = "1"; + position = "0,0"; + workspace = "1:一"; + output = "DP-11"; + }; + work_back_middle = { name = "LG Electronics LG Ultra HD 0x000305A6"; mode = "2560x1440"; scale = "1"; position = "5120,0"; workspace = "1:一"; - # output = "DP-10"; - output = name; + output = "DP-10"; }; - work_front_left = rec { + work_front_left = { name = "LG Electronics LG Ultra HD 0x0007AB45"; mode = "3840x2160"; scale = "1"; position = "5120,0"; workspace = "1:一"; - # output = "DP-7"; - output = name; + output = "DP-7"; }; - work_back_right = rec { + work_back_right = { name = "HP Inc. HP Z32 CN41212T55"; mode = "3840x2160"; scale = "1"; position = "5120,0"; workspace = "1:一"; - # output = "DP-3"; - output = name; + output = "DP-3"; }; - work_middle_middle_main = rec { + work_middle_middle_main = { name = "HP Inc. HP 732pk CNC4080YL5"; mode = "3840x2160"; scale = "1"; position = "-1280,0"; workspace = "11:M"; - # output = "DP-8"; - output = name; + output = "DP-8"; }; - work_middle_middle_side = rec { + work_middle_middle_side = { name = "Hewlett Packard HP Z24i CN44250RDT"; mode = "1920x1200"; transform = "270"; scale = "1"; position = "-2480,0"; workspace = "12:S"; - # output = "DP-9"; - output = name; + output = "DP-9"; }; - work_seminary = rec { + work_seminary = { name = "Applied Creative Technology Transmitter QUATTRO201811"; mode = "1280x720"; scale = "1"; position = "10000,10000"; # i.e. this screen is inaccessible by moving the mouse workspace = "14:T"; - # output = "DP-4"; - output = name; + output = "DP-4"; }; }; inputs = { @@ -556,6 +531,9 @@ in xkb_variant = "altgr-intl"; }; }; + keybindings = { + "Mod4+Ctrl+Shift+p" = "exec screenshare"; + }; }; }; diff --git a/modules/nixos/client/keyd.nix b/modules/nixos/client/keyd.nix deleted file mode 100644 index 486cac3..0000000 --- a/modules/nixos/client/keyd.nix +++ /dev/null @@ -1,23 +0,0 @@ -{ lib, config, ... }: -let - moduleName = "keyd"; -in -{ - options.swarselmodules.${moduleName} = lib.mkEnableOption "${moduleName} tools config"; - config = lib.mkIf config.swarselmodules.${moduleName} { - services.keyd = { - enable = true; - keyboards = { - default = { - ids = [ "*" ]; - settings = { - main = { - leftmeta = "overload(meta, macro(rightmeta+z))"; - rightmeta = "overload(meta, macro(rightmeta+z))"; - }; - }; - }; - }; - }; - }; -} diff --git a/modules/nixos/client/network.nix b/modules/nixos/client/network.nix index c4246b0..dc85817 100644 --- a/modules/nixos/client/network.nix +++ b/modules/nixos/client/network.nix @@ -99,26 +99,25 @@ in ${wlan1} = { connection = { id = wlan1; - # permissions = ""; + permissions = ""; type = "wifi"; }; ipv4 = { - # dns-search = ""; + dns-search = ""; method = "auto"; }; ipv6 = { addr-gen-mode = "stable-privacy"; - # dns-search = ""; + dns-search = ""; method = "auto"; }; wifi = { - # mac-address-blacklist = ""; + mac-address-blacklist = ""; mode = "infrastructure"; - band = "a"; ssid = wlan1; }; wifi-security = { - # auth-alg = "open"; + auth-alg = "open"; key-mgmt = "wpa-psk"; psk = "$WLAN1_PW"; }; diff --git a/modules/nixos/client/niri.nix b/modules/nixos/client/niri.nix deleted file mode 100644 index 2ea4472..0000000 --- a/modules/nixos/client/niri.nix +++ /dev/null @@ -1,25 +0,0 @@ -{ lib, config, pkgs, ... }: -let - moduleName = "niri"; -in -{ - options.swarselmodules.${moduleName} = lib.mkEnableOption "${moduleName} settings"; - config = lib.mkIf config.swarselmodules.${moduleName} { - - environment.systemPackages = with pkgs; [ - wl-clipboard - wayland-utils - libsecret - cage - gamescope - xwayland-satellite-unstable - ]; - - niri-flake.cache.enable = true; - - programs.niri = { - enable = true; - package = pkgs.niri-unstable; # the actual niri that will be installed and used - }; - }; -} diff --git a/modules/nixos/client/packages.nix b/modules/nixos/client/packages.nix index ce4d934..d44c15c 100644 --- a/modules/nixos/client/packages.nix +++ b/modules/nixos/client/packages.nix @@ -23,6 +23,7 @@ dbus swaylock-effects syncthingtray-minimal + wl-mirror swayosd # secure boot @@ -47,6 +48,8 @@ # better make for general tasks just + screenshare + fullscreen # keyboards qmk @@ -58,7 +61,6 @@ # kde-connect xdg-desktop-portal - xdg-desktop-portal-gtk xdg-desktop-portal-wlr # bluetooth diff --git a/modules/nixos/client/uwsm.nix b/modules/nixos/client/uwsm.nix index 28888f0..f3138d8 100644 --- a/modules/nixos/client/uwsm.nix +++ b/modules/nixos/client/uwsm.nix @@ -13,11 +13,6 @@ in comment = "Sway compositor managed by UWSM"; binPath = "/run/current-system/sw/bin/sway"; }; - niri = { - prettyName = "Niri"; - comment = "Niri compositor managed by UWSM"; - binPath = "/run/current-system/sw/bin/niri-session"; - }; }; }; }; diff --git a/modules/nixos/client/xdg-portal.nix b/modules/nixos/client/xdg-portal.nix index da04970..9da6946 100644 --- a/modules/nixos/client/xdg-portal.nix +++ b/modules/nixos/client/xdg-portal.nix @@ -4,11 +4,11 @@ config = lib.mkIf config.swarselmodules.xdg-portal { xdg.portal = { enable = true; - # config = { - # common = { - # default = "wlr"; - # }; - # }; + config = { + common = { + default = "wlr"; + }; + }; wlr.enable = true; wlr.settings.screencast = { output_name = "eDP-1"; diff --git a/modules/nixos/common/globals.nix b/modules/nixos/common/globals.nix index c42e7ae..24e3793 100644 --- a/modules/nixos/common/globals.nix +++ b/modules/nixos/common/globals.nix @@ -39,18 +39,6 @@ in ); }; - hosts = mkOption { - type = types.attrsOf ( - types.submodule { - options = { - ipv4 = mkOption { - type = types.str; - }; - }; - } - ); - }; - domains = { main = mkOption { type = types.str; diff --git a/modules/nixos/common/home-manager-secrets.nix b/modules/nixos/common/home-manager-secrets.nix index f6299ef..3be77fa 100644 --- a/modules/nixos/common/home-manager-secrets.nix +++ b/modules/nixos/common/home-manager-secrets.nix @@ -24,7 +24,7 @@ in emacs-radicale-pw = { owner = mainUser; }; }); templates = { - authinfo = lib.mkIf modules.emacs { + authinfo = { path = "${homeDir}/.emacs.d/.authinfo"; content = '' machine ${globals.services.radicale.domain} login ${radicaleUser} password ${config.sops.placeholder.emacs-radicale-pw} diff --git a/modules/nixos/common/users.nix b/modules/nixos/common/users.nix index b04ffd2..29d3afb 100644 --- a/modules/nixos/common/users.nix +++ b/modules/nixos/common/users.nix @@ -12,7 +12,7 @@ in users = { root = { inherit (globals.root) hashedPassword; - # shell = pkgs.zsh; + shell = pkgs.zsh; }; "${config.swarselsystems.mainUser}" = { isNormalUser = true; diff --git a/modules/nixos/optional/work.nix b/modules/nixos/optional/work.nix index cd9eebf..2a1ef16 100644 --- a/modules/nixos/optional/work.nix +++ b/modules/nixos/optional/work.nix @@ -1,9 +1,28 @@ { self, lib, pkgs, config, configName, ... }: let - inherit (config.swarselsystems) mainUser homeDir; + inherit (config.swarselsystems) mainUser homeDir xdgDir; iwd = config.networking.networkmanager.wifi.backend == "iwd"; owner = mainUser; sopsFile = self + /secrets/work/secrets.yaml; + swarselService = name: description: execStart: { + "${name}" = { + enable = true; + inherit description; + serviceConfig = { + ExecStart = execStart; + User = mainUser; + Group = "users"; + Environment = [ + "PATH=/run/current-system/sw/bin:/etc/profiles/per-user/${mainUser}/bin" + "XDG_RUNTIME_DIR=${xdgDir}" + "WAYLAND_DISPLAY=wayland-1" + ]; + Type = "oneshot"; + StandardOutput = "journal"; + StandardError = "journal"; + }; + }; + }; in { options.swarselmodules.optional.work = lib.mkEnableOption "optional work settings"; @@ -105,7 +124,6 @@ in mac-address = "E8:65:38:52:63:FF"; mac-address-randomization = "1"; mode = "infrastructure"; - band = "a"; ssid = "VBC"; }; wifi-security = { @@ -153,6 +171,10 @@ in }; environment.systemPackages = with pkgs; [ + # (python39.withPackages (ps: with ps; [ + # cryptography + # ])) + # docker stable24_11.python39 qemu packer @@ -206,12 +228,19 @@ in }; udev.extraRules = '' + # share screen when dongle detected + SUBSYSTEM=="usb", ACTION=="add", ATTRS{idVendor}=="343c", ATTRS{idProduct}=="0000", TAG+="systemd", ENV{SYSTEMD_WANTS}="swarsel-screenshare.service" + # lock screen when yubikey removed ACTION=="remove", ENV{PRODUCT}=="3/1050/407/110", RUN+="${pkgs.systemd}/bin/systemctl suspend" ''; }; + systemd.services = lib.mkMerge [ + (swarselService "swarsel-screenshare" "Start screensharing after HDMI dongle is detected" "${pkgs.screenshare}/bin/screenshare -h") + ]; + # cgroups v1 is required for centos7 dockers # specialisation = { # cgroup_v1.configuration = { diff --git a/modules/nixos/server/ankisync.nix b/modules/nixos/server/ankisync.nix index 0447dea..8f03d14 100644 --- a/modules/nixos/server/ankisync.nix +++ b/modules/nixos/server/ankisync.nix @@ -5,7 +5,6 @@ let servicePort = 27701; serviceName = "ankisync"; serviceDomain = config.repo.secrets.common.services.domains.${serviceName}; - serviceAddress = globals.hosts.winters.ipv4; ankiUser = globals.user.name; in @@ -42,7 +41,7 @@ in upstreams = { ${serviceName} = { servers = { - "${serviceAddress}:${builtins.toString servicePort}" = { }; + "192.168.1.2:${builtins.toString servicePort}" = { }; }; }; }; diff --git a/modules/nixos/server/atuin.nix b/modules/nixos/server/atuin.nix index 38fe352..59714f6 100644 --- a/modules/nixos/server/atuin.nix +++ b/modules/nixos/server/atuin.nix @@ -1,9 +1,8 @@ -{ lib, config, globals, ... }: +{ lib, config, ... }: let servicePort = 8888; serviceName = "atuin"; serviceDomain = config.repo.secrets.common.services.domains.${serviceName}; - serviceAddress = globals.hosts.winters.ipv4; in { options.swarselmodules.server.${serviceName} = lib.mkEnableOption "enable ${serviceName} on server"; @@ -24,7 +23,7 @@ in upstreams = { ${serviceName} = { servers = { - "${serviceAddress}:${builtins.toString servicePort}" = { }; + "192.168.1.2:${builtins.toString servicePort}" = { }; }; }; }; diff --git a/modules/nixos/server/firefly-iii.nix b/modules/nixos/server/firefly-iii.nix index 37aa48a..781da1a 100644 --- a/modules/nixos/server/firefly-iii.nix +++ b/modules/nixos/server/firefly-iii.nix @@ -1,11 +1,10 @@ -{ self, lib, config, globals, ... }: +{ self, lib, config, ... }: let servicePort = 80; serviceUser = "firefly-iii"; serviceGroup = serviceUser; serviceName = "firefly-iii"; serviceDomain = config.repo.secrets.common.services.domains.${serviceName}; - serviceAddress = globals.hosts.winters.ipv4; nginxGroup = "nginx"; @@ -82,7 +81,7 @@ in upstreams = { ${serviceName} = { servers = { - "${serviceAddress}:${builtins.toString servicePort}" = { }; + "192.168.1.2:${builtins.toString servicePort}" = { }; }; }; }; diff --git a/modules/nixos/server/forgejo.nix b/modules/nixos/server/forgejo.nix index 886c6aa..949c2e7 100644 --- a/modules/nixos/server/forgejo.nix +++ b/modules/nixos/server/forgejo.nix @@ -7,7 +7,6 @@ let serviceGroup = serviceUser; serviceName = "forgejo"; serviceDomain = config.repo.secrets.common.services.domains.${serviceName}; - serviceAddress = globals.hosts.winters.ipv4; kanidmDomain = globals.services.kanidm.domain; in @@ -133,7 +132,7 @@ in upstreams = { ${serviceName} = { servers = { - "${serviceAddress}:${builtins.toString servicePort}" = { }; + "192.168.1.2:${builtins.toString servicePort}" = { }; }; }; }; diff --git a/modules/nixos/server/freshrss.nix b/modules/nixos/server/freshrss.nix index 8e94add..7f9362c 100644 --- a/modules/nixos/server/freshrss.nix +++ b/modules/nixos/server/freshrss.nix @@ -1,11 +1,10 @@ -{ self, lib, config, globals, ... }: +{ self, lib, config, ... }: let servicePort = 80; serviceName = "freshrss"; serviceUser = "freshrss"; serviceGroup = serviceName; serviceDomain = config.repo.secrets.common.services.domains.${serviceName}; - serviceAddress = globals.hosts.winters.ipv4; inherit (config.swarselsystems) sopsFile; in @@ -78,7 +77,7 @@ in upstreams = { ${serviceName} = { servers = { - "${serviceAddress}:${builtins.toString servicePort}" = { }; + "192.168.1.2:${builtins.toString servicePort}" = { }; }; }; }; diff --git a/modules/nixos/server/immich.nix b/modules/nixos/server/immich.nix index 4a17a23..a3e9eee 100644 --- a/modules/nixos/server/immich.nix +++ b/modules/nixos/server/immich.nix @@ -4,7 +4,6 @@ let serviceUser = "immich"; serviceName = "immich"; serviceDomain = config.repo.secrets.common.services.domains.${serviceName}; - serviceAddress = globals.hosts.winters.ipv4; in { options.swarselmodules.server.${serviceName} = lib.mkEnableOption "enable ${serviceName} on server"; @@ -34,7 +33,7 @@ in upstreams = { ${serviceName} = { servers = { - "${serviceAddress}:${builtins.toString servicePort}" = { }; + "192.168.1.2:${builtins.toString servicePort}" = { }; }; }; }; diff --git a/modules/nixos/server/jellyfin.nix b/modules/nixos/server/jellyfin.nix index 1b80a0e..296fa76 100644 --- a/modules/nixos/server/jellyfin.nix +++ b/modules/nixos/server/jellyfin.nix @@ -1,10 +1,9 @@ -{ pkgs, lib, config, globals, ... }: +{ pkgs, lib, config, ... }: let servicePort = 8096; serviceName = "jellyfin"; serviceUser = "jellyfin"; serviceDomain = config.repo.secrets.common.services.domains.${serviceName}; - serviceAddress = globals.hosts.winters.ipv4; in { options.swarselmodules.server.${serviceName} = lib.mkEnableOption "enable ${serviceName} on server"; @@ -38,7 +37,7 @@ in upstreams = { ${serviceName} = { servers = { - "${serviceAddress}:${builtins.toString servicePort}" = { }; + "192.168.1.2:${builtins.toString servicePort}" = { }; }; }; }; diff --git a/modules/nixos/server/jenkins.nix b/modules/nixos/server/jenkins.nix index 91d94f0..c9a587e 100644 --- a/modules/nixos/server/jenkins.nix +++ b/modules/nixos/server/jenkins.nix @@ -1,9 +1,8 @@ -{ pkgs, lib, config, globals, ... }: +{ pkgs, lib, config, ... }: let servicePort = 8088; serviceName = "jenkins"; serviceDomain = config.repo.secrets.common.services.domains.${serviceName}; - serviceAddress = globals.hosts.winters.ipv4; in { options.swarselmodules.server.${serviceName} = lib.mkEnableOption "enable ${serviceName} on server"; @@ -22,7 +21,7 @@ in upstreams = { ${serviceName} = { servers = { - "${serviceAddress}:${builtins.toString servicePort}" = { }; + "192.168.1.2:${builtins.toString servicePort}" = { }; }; }; }; diff --git a/modules/nixos/server/kanidm.nix b/modules/nixos/server/kanidm.nix index 3ed5546..e9b97cb 100644 --- a/modules/nixos/server/kanidm.nix +++ b/modules/nixos/server/kanidm.nix @@ -8,7 +8,6 @@ let serviceGroup = serviceUser; serviceName = "kanidm"; serviceDomain = config.repo.secrets.common.services.domains.${serviceName}; - serviceAddress = globals.hosts.winters.ipv4; oauth2ProxyDomain = globals.services.oauth2Proxy.domain; immichDomain = globals.services.immich.domain; @@ -238,7 +237,7 @@ in upstreams = { ${serviceName} = { servers = { - "${serviceAddress}:${builtins.toString servicePort}" = { }; + "192.168.1.2:${builtins.toString servicePort}" = { }; }; }; }; diff --git a/modules/nixos/server/kavita.nix b/modules/nixos/server/kavita.nix index c93be62..e278037 100644 --- a/modules/nixos/server/kavita.nix +++ b/modules/nixos/server/kavita.nix @@ -1,4 +1,4 @@ -{ self, lib, config, pkgs, globals, ... }: +{ self, lib, config, pkgs, ... }: let inherit (config.swarselsystems) sopsFile; @@ -6,7 +6,6 @@ let serviceName = "kavita"; serviceUser = "kavita"; serviceDomain = config.repo.secrets.common.services.domains.${serviceName}; - serviceAddress = globals.hosts.winters.ipv4; in { options.swarselmodules.server.${serviceName} = lib.mkEnableOption "enable ${serviceName} on server"; @@ -42,7 +41,7 @@ in upstreams = { ${serviceName} = { servers = { - "${serviceAddress}:${builtins.toString servicePort}" = { }; + "192.168.1.2:${builtins.toString servicePort}" = { }; }; }; }; diff --git a/modules/nixos/server/koillection.nix b/modules/nixos/server/koillection.nix index 08da2d1..3ebb23b 100644 --- a/modules/nixos/server/koillection.nix +++ b/modules/nixos/server/koillection.nix @@ -1,4 +1,4 @@ -{ self, lib, config, globals, ... }: +{ self, lib, config, ... }: let serviceUser = "koillection"; serviceDB = "koillection"; @@ -6,7 +6,6 @@ let servicePort = 2282; serviceDomain = config.repo.secrets.common.services.domains.${serviceName}; serviceDir = "/Vault/data/koillection"; - serviceAddress = globals.hosts.winters.ipv4; postgresUser = config.systemd.services.postgresql.serviceConfig.User; # postgres postgresPort = config.services.postgresql.settings.port; # 5432 @@ -108,7 +107,7 @@ in upstreams = { ${serviceName} = { servers = { - "${serviceAddress}:${builtins.toString servicePort}" = { }; + "192.168.1.2:${builtins.toString servicePort}" = { }; }; }; }; diff --git a/modules/nixos/server/matrix.nix b/modules/nixos/server/matrix.nix index 1544331..4f88707 100644 --- a/modules/nixos/server/matrix.nix +++ b/modules/nixos/server/matrix.nix @@ -1,4 +1,4 @@ -{ lib, config, pkgs, globals, ... }: +{ lib, config, pkgs, ... }: let inherit (config.swarselsystems) sopsFile; @@ -6,7 +6,6 @@ let serviceName = "matrix"; serviceDomain = config.repo.secrets.common.services.domains.matrix; serviceUser = "matrix-synapse"; - serviceAddress = globals.hosts.winters.ipv4; federationPort = 8448; whatsappPort = 29318; @@ -294,7 +293,7 @@ in upstreams = { ${serviceName} = { servers = { - "${serviceAddress}:${builtins.toString servicePort}" = { }; + "192.168.1.2:${builtins.toString servicePort}" = { }; }; }; }; diff --git a/modules/nixos/server/monitoring.nix b/modules/nixos/server/monitoring.nix index 758e63d..6a35c5c 100644 --- a/modules/nixos/server/monitoring.nix +++ b/modules/nixos/server/monitoring.nix @@ -5,7 +5,6 @@ let serviceGroup = serviceUser; serviceName = "grafana"; serviceDomain = config.repo.secrets.common.services.domains.${serviceName}; - serviceAddress = globals.hosts.winters.ipv4; prometheusPort = 9090; prometheusUser = "prometheus"; @@ -210,12 +209,12 @@ in upstreams = { "${grafanaUpstream}" = { servers = { - "${serviceAddress}:${builtins.toString servicePort}" = { }; + "192.168.1.2:${builtins.toString servicePort}" = { }; }; }; "${prometheusUpstream}" = { servers = { - "${serviceAddress}:${builtins.toString prometheusPort}" = { }; + "192.168.1.2:${builtins.toString prometheusPort}" = { }; }; }; }; diff --git a/modules/nixos/server/navidrome.nix b/modules/nixos/server/navidrome.nix index f66fa14..3d6df90 100644 --- a/modules/nixos/server/navidrome.nix +++ b/modules/nixos/server/navidrome.nix @@ -1,11 +1,10 @@ -{ pkgs, config, lib, globals, ... }: +{ pkgs, config, lib, ... }: let servicePort = 4040; serviceName = "navidrome"; serviceUser = "navidrome"; serviceGroup = serviceUser; serviceDomain = config.repo.secrets.common.services.domains.${serviceName}; - serviceAddress = globals.hosts.winters.ipv4; in { options.swarselmodules.server.${serviceName} = lib.mkEnableOption "enable ${serviceName} on server"; @@ -85,7 +84,7 @@ in upstreams = { ${serviceName} = { servers = { - "${serviceAddress}:${builtins.toString servicePort}" = { }; + "192.168.1.2:${builtins.toString servicePort}" = { }; }; }; }; diff --git a/modules/nixos/server/nextcloud.nix b/modules/nixos/server/nextcloud.nix index 13d671d..1deeb81 100644 --- a/modules/nixos/server/nextcloud.nix +++ b/modules/nixos/server/nextcloud.nix @@ -1,4 +1,4 @@ -{ pkgs, lib, config, globals, ... }: +{ pkgs, lib, config, ... }: let inherit (config.repo.secrets.local.nextcloud) adminuser; inherit (config.swarselsystems) sopsFile; @@ -8,7 +8,6 @@ let serviceGroup = serviceUser; serviceName = "nextcloud"; serviceDomain = config.repo.secrets.common.services.domains.${serviceName}; - serviceAddress = globals.hosts.winters.ipv4; in { options.swarselmodules.server.${serviceName} = lib.mkEnableOption "enable ${serviceName} on server"; @@ -52,7 +51,7 @@ in upstreams = { ${serviceName} = { servers = { - "${serviceAddress}:${builtins.toString servicePort}" = { }; + "192.168.1.2:${builtins.toString servicePort}" = { }; }; }; }; diff --git a/modules/nixos/server/paperless.nix b/modules/nixos/server/paperless.nix index ca813b1..3172fd9 100644 --- a/modules/nixos/server/paperless.nix +++ b/modules/nixos/server/paperless.nix @@ -7,7 +7,6 @@ let serviceGroup = serviceUser; serviceName = "paperless"; serviceDomain = config.repo.secrets.common.services.domains.${serviceName}; - serviceAddress = globals.hosts.winters.ipv4; tikaPort = 9998; gotenbergPort = 3002; @@ -102,7 +101,7 @@ in upstreams = { ${serviceName} = { servers = { - "${serviceAddress}:${builtins.toString servicePort}" = { }; + "192.168.1.2:${builtins.toString servicePort}" = { }; }; }; }; diff --git a/modules/nixos/server/radicale.nix b/modules/nixos/server/radicale.nix index 68a940b..2917064 100644 --- a/modules/nixos/server/radicale.nix +++ b/modules/nixos/server/radicale.nix @@ -1,4 +1,4 @@ -{ self, lib, config, globals, ... }: +{ self, lib, config, ... }: let sopsFile = self + /secrets/winters/secrets2.yaml; @@ -7,7 +7,6 @@ let serviceUser = "radicale"; serviceGroup = serviceUser; serviceDomain = config.repo.secrets.common.services.domains.${serviceName}; - serviceAddress = globals.hosts.winters.ipv4; cfg = config.services.${serviceName}; in @@ -86,7 +85,7 @@ in upstreams = { ${serviceName} = { servers = { - "${serviceAddress}:${builtins.toString servicePort}" = { }; + "192.168.1.2:${builtins.toString servicePort}" = { }; }; }; }; diff --git a/modules/nixos/server/syncthing.nix b/modules/nixos/server/syncthing.nix index 6d1ac78..4bde68b 100644 --- a/modules/nixos/server/syncthing.nix +++ b/modules/nixos/server/syncthing.nix @@ -1,14 +1,12 @@ -{ lib, config, configName, globals, ... }: +{ lib, config, configName, ... }: let - inherit (config.swarselsystems.syncthing) serviceDomain; - inherit (config.swarselsystems.syncthing) serviceIP; - servicePort = 8384; serviceUser = "syncthing"; serviceGroup = serviceUser; serviceName = "syncthing"; - serviceAddress = globals.hosts.winters.ipv4; specificServiceName = "syncthing-${configName}"; + inherit (config.swarselsystems.syncthing) serviceDomain; + inherit (config.swarselsystems.syncthing) serviceIP; cfg = config.services.${serviceName}; devices = config.swarselsystems.syncthing.syncDevices; @@ -24,7 +22,7 @@ in }; serviceIP = lib.mkOption { type = lib.types.str; - default = "${serviceAddress}"; + default = "192.168.1.2"; }; syncDevices = lib.mkOption { type = lib.types.listOf lib.types.str; diff --git a/nix/globals.nix b/nix/globals.nix index 1b534d3..77d5e01 100644 --- a/nix/globals.nix +++ b/nix/globals.nix @@ -54,7 +54,6 @@ inherit (globalsSystem.config.globals) domains services - hosts user root ; diff --git a/nix/hosts.nix b/nix/hosts.nix index 7d00c6e..243219a 100644 --- a/nix/hosts.nix +++ b/nix/hosts.nix @@ -19,7 +19,6 @@ inputs.stylix.nixosModules.stylix inputs.nswitch-rcm-nix.nixosModules.nswitch-rcm inputs.swarsel-modules.nixosModules.default - inputs.niri-flake.nixosModules.niri "${self}/hosts/nixos/${configName}" "${self}/profiles/nixos" "${self}/modules/nixos" diff --git a/nix/overlays.nix b/nix/overlays.nix index 5a0fbc4..5559021 100644 --- a/nix/overlays.nix +++ b/nix/overlays.nix @@ -24,10 +24,6 @@ in ]; }; - isync = prev.isync.override { - withCyrusSaslXoauth2 = true; - }; - mgba = final.swarsel-mgba; retroarch = prev.retroarch.withCores (cores: with cores; [ @@ -90,7 +86,6 @@ in // (nixpkgs-stable24_05 final prev) // (nixpkgs-stable24_11 final prev) // (zjstatus final prev) - // (inputs.niri-flake.overlays.niri final prev) // (inputs.vbc-nix.overlays.default final prev) // (inputs.nur.overlays.default final prev) // (inputs.emacs-overlay.overlay final prev) diff --git a/pkgs/kanshare/default.nix b/pkgs/kanshare/default.nix deleted file mode 100644 index 946ab35..0000000 --- a/pkgs/kanshare/default.nix +++ /dev/null @@ -1,9 +0,0 @@ -{ name, writeShellApplication, wlr-randr, busybox, wl-mirror, ... }: - -writeShellApplication { - inherit name; - runtimeInputs = [ wlr-randr busybox wl-mirror ]; - text = '' - wlr-randr | grep "$2" | cut -d" " -f1 | xargs -I{} wl-present mirror "$1" --fullscreen-output {} - ''; -} diff --git a/pkgs/swarselcheck-niri/default.nix b/pkgs/swarselcheck-niri/default.nix deleted file mode 100644 index 7504de3..0000000 --- a/pkgs/swarselcheck-niri/default.nix +++ /dev/null @@ -1,6 +0,0 @@ -{ self, name, writeShellApplication, kitty, element-desktop, vesktop, spotify-player, jq }: -writeShellApplication { - inherit name; - runtimeInputs = [ kitty element-desktop vesktop spotify-player jq ]; - text = builtins.readFile "${self}/files/scripts/${name}.sh"; -} diff --git a/profiles/home/personal/default.nix b/profiles/home/personal/default.nix index 8ced7fa..87dbc5c 100644 --- a/profiles/home/personal/default.nix +++ b/profiles/home/personal/default.nix @@ -37,7 +37,6 @@ swayosd = lib.mkDefault true; yubikeytouch = lib.mkDefault true; sway = lib.mkDefault true; - niri = lib.mkDefault true; kanshi = lib.mkDefault true; gpgagent = lib.mkDefault true; gammastep = lib.mkDefault true; diff --git a/profiles/nixos/personal/default.nix b/profiles/nixos/personal/default.nix index 08032d1..3c44f55 100644 --- a/profiles/nixos/personal/default.nix +++ b/profiles/nixos/personal/default.nix @@ -26,7 +26,6 @@ networkDevices = lib.mkDefault true; gvfs = lib.mkDefault true; interceptionTools = lib.mkDefault true; - # keyd = lib.mkDefault true; swayosd = lib.mkDefault true; ppd = lib.mkDefault true; yubikey = lib.mkDefault true; @@ -39,7 +38,6 @@ gnome-keyring = lib.mkDefault true; uwsm = lib.mkDefault true; sway = lib.mkDefault true; - niri = lib.mkDefault true; xdg-portal = lib.mkDefault true; distrobox = lib.mkDefault true; appimage = lib.mkDefault true; diff --git a/secrets/general/secrets.yaml b/secrets/general/secrets.yaml index 5e3cd83..412f4aa 100644 --- a/secrets/general/secrets.yaml +++ b/secrets/general/secrets.yaml @@ -4,8 +4,7 @@ address3-token: ENC[AES256_GCM,data:9rotZe4tdPJpdWZMN8UMjksqlA==,iv:gVzLlM6h/+YX address4-token: ENC[AES256_GCM,data:q1z9P0zo8/66HZOVYv2sT1bxGsIrKSQKGcM3ouX8DaE=,iv:KJFPnQoGObsiLGH1WZFdhrg6cuasLBgbZ8sQ2jiFzEc=,tag:koqwVXnA+i27IkGSeEawkQ==,type:str] fever-pw: ENC[AES256_GCM,data:62cQ/mUFMTb63OY=,iv:RCqzwKEi7LdIegibpVe/WlTsREECy4xrqPFNini49Z8=,tag:bfmBEFj3zzmzfk4T7CfPAw==,type:str] main-user-hashed-pw: ENC[AES256_GCM,data:RbXaVuCd8+MTFwwRGK2aJ07clDOOt5msCsEK+384WLdeJz8fjxKJcwIsIUfqlsjKG1Ands9GINlFiCHXPFBRTjnN1ih20t6InA==,iv:pLas4FuJXz5ORvKqZmXyOp9RzKse/vUFOMbw3S1B+Wk=,tag:gkZ2C/Krf53nQiPBVnZ/rw==,type:str] -#ENC[AES256_GCM,data:O/ceQ4r5sc3YS86n1yQYH40l,iv:Ak2QK9MCIrrT7TRGpyCTEo9e2VsyaeATWjCITqYI+7g=,tag:kcIDdMujWfs2IZIheA82ZQ==,type:comment] -wlan1-pw: ENC[AES256_GCM,data:j6bzXwqUMrZcHV+4ttQE+oZjlC0H0ZWCwGbyRHKZ/DCxsLdtcdeSpQ==,iv:KX+A9xG/FEZW6vHsUvPolwGFvbD+Lhz+G54sbuCQGcc=,tag:r7Pss5DyOa2D4FIks7oz2w==,type:str] +wlan1-pw: ENC[AES256_GCM,data:UMKfdycQBa8=,iv:w1Cx+Tf4D/e0bXDrV55JieuF1P0fxGYyZVaaULaIfN0=,tag:Bf8mHZC0lpt4petFzgDVMg==,type:str] wlan2-pw: ENC[AES256_GCM,data:jAcBIgg7HjA=,iv:yPYC1rVeGQPEDuYthba93zz3D1+cypmayNqOiTEx7eI=,tag:vPji0mZwR7rfexDwxww8WQ==,type:str] laptop-hotspot-pw: ENC[AES256_GCM,data:cxWByDxQups=,iv:VyM9lZDbxu95ycpZNjjWEgyBtPbEVlESZPEiIg3G/7U=,tag:nQNRdeNmgplUr2SKzXaECA==,type:str] mobile-hotspot-pw: ENC[AES256_GCM,data:gwIK/rhU/lA=,iv:y9G5haF3w85pdCG8r/jrGGQ3+p6fTS1ugdsF3gVzyog=,tag:3x9LTZzsRsOmxlqnGFyw0g==,type:str] @@ -90,8 +89,8 @@ sops: SjV6L3crUkdLWTlsNFgyRHBla2FFam8KILYsNbLdCirfoC/Vex8yEYpS2G4O0EQP wa1xzPk3Ue0/g67dv5UZFhUn0ZB2XGFC3kEPWpptTj0VL+9Z/r0zKA== -----END AGE ENCRYPTED FILE----- - lastmodified: "2025-08-13T07:33:50Z" - mac: ENC[AES256_GCM,data:7RjYDh/n+j9lU6Sz3NRDi5tWX/7QL+HK43hOImCQkiHbBaO4n/Gms6hAAzkWfHpfbW9cm02mcPsmQLE85xlzD0DaJz2x4CVQ1wT26D5Sth6RP/rWGiVeoN4shncxuR0Ro0gTFFkTLYftJT2v/4LocPxIeEuOyQrX/J45UXUnhh4=,iv:309gb4TVc/uf6DOfPmSuqWTDt2Newi5rrFmBM2O0e+0=,tag:aVU9bVNTiSdeo4DkvUeJpA==,type:str] + lastmodified: "2025-08-05T09:33:50Z" + mac: ENC[AES256_GCM,data:rMtrDQtYsDyNqqVYKY9vg7fDGJjO2zQ+boN3j0dmYKyr5zzbbJAeCxAs3H/rNkgc3ril7sCfyAvP8n9KtYO6xmQuvu3Qgj2oqBiyvolfmYCArT0l7n+ImnNUGnFOfeugYPEIxvhDcEDK6dKiBMlEuyhtJ0hbVfvE4POQZi/jvMM=,iv:imWVUiFAbgzhPN/RNecx2LzCC5MJFg5nAIvGDCN2k0I=,tag:z0P180ZKj5p/g/E38CUjAQ==,type:str] pgp: - created_at: "2025-07-10T23:51:26Z" enc: |- diff --git a/secrets/moonside/secrets.yaml b/secrets/moonside/secrets.yaml index 493716d..cc08428 100644 --- a/secrets/moonside/secrets.yaml +++ b/secrets/moonside/secrets.yaml @@ -1,8 +1,7 @@ #ENC[AES256_GCM,data:HCHFN2Q=,iv:Z3tD7Hn5eudPR9DuX6etamkpNnYB/NRYGppWdyuUDuM=,tag:tbuWEFDmh4HAyksOZOihLw==,type:comment] acme-dns-token: ENC[AES256_GCM,data:lW/XJCHwApvIofSZHL5h7AUPISjARfmDnpSnprDBHQYzj0u5ZlZS5A==,iv:/y3gjgC9AEU3r+l8Uq6P7DAU2C8i+qTQ9DP4t0g8ZhE=,tag:v24WRudw8NB84b3XBFupHQ==,type:str] #ENC[AES256_GCM,data:XdLlonkGBN0b,iv:wimLW/7+a4MJCVg4zazY0ogakxXjdyPNZmZt0CzpXao=,tag:rg7FEi1qaYMkCXX+dwjFLA==,type:comment] -wireguard-private-key: ENC[AES256_GCM,data:aBQSwDyASfVPhU+5/yT9P99DCEfgt4SvhVq/aLe+AUcXwSqMiI2DkM5THO4=,iv:iAW/OUihMXHoQpX8pX+f/mz2nclj+n/ygwYxx7PVxnQ=,tag:zhlxjoIkfa237RoFNblszw==,type:str] -wireguard-home-preshared-key: ENC[AES256_GCM,data:yr4vO9Bn+3PJheJHbeNRHu0ozCkgxCGuKBJnb/3zzHVQAsI7GonXXQxFjBM=,iv:1r9QgfdLkXCtrRS+/2+f251FjHiAm9nf/Zfzu+CYuws=,tag:kWiXCTfj4Rrzhx+SpSp/dg==,type:str] +wireguard-private-key: ENC[AES256_GCM,data:GCi+otqW06yoBKnG0WCIN4Wu9VKDsOUv8WRm240cHBnSAoW/ycd2WgDWsYY=,iv:TYj38C00fMIhg8LEGz6HPWxg11xUdwGgnxOmy+1SG9k=,tag:CQr9phCmU5it2EYjzqhAlA==,type:str] #ENC[AES256_GCM,data:u/O2rHXqOoTNpOSm,iv:hqhZC9R76P3sPkpQMximrvcTC15IM99QaRZErC9AIc4=,tag:wc2w7iwtfazlwWpnQJV63w==,type:comment] oauth2-cookie-secret: ENC[AES256_GCM,data:cbNVAkBAWJCN4fLmkYUFhy8v9iE5fB30hFI3nTpZuVIFCnmXPBtlftI58Zg=,iv:q9xjUDOH9M4pW+9YB9dEYSqEu9gpsezbxcGbpORNljU=,tag:KoGNcssD608huewmHeJOxw==,type:str] kanidm-oauth2-proxy-client: ENC[AES256_GCM,data:wUTfb0r9d7nRb1wmQEOjXwDTM8V56DmOGw==,iv:OMXiObgt4AbKmovT62+P99r0UzGELj37FX+lqW38F0g=,tag:lksIWm0cSLydTZvlxliXgA==,type:str] @@ -25,8 +24,8 @@ sops: bURRem1aY203VW0ya0tZWUY3WTJLQ3MKonflaevgNP91G1cVgzoE6/K800kyG6BK Goe81HCYFfm86pzv5wV3/38j7fTZNeZnKwPFkMgEUueF1kA8J9V5CA== -----END AGE ENCRYPTED FILE----- - lastmodified: "2025-08-12T09:24:55Z" - mac: ENC[AES256_GCM,data:qeBiuiK/On/NeMpjiCKeIvbQCRH0JcPFldJaTD+nHLtwNU+qpHX4y+dL/jTQrdSWxHV9+E3KmxnakEP91qZnycrSXhwSIIavNtXUP1veuv/JmHOxW6UxpJBJVDeMNe9k2AFQ3gwYEnXrisjvLDkYyqa+E+GsE7b82i3iyerpskY=,iv:jbw0OIJM3vr9SXkdAObc6JS6v4r11s6MPkg33x1sCvU=,tag:/BAMuCJgh78UgOXkTVkN7Q==,type:str] + lastmodified: "2025-07-09T13:40:12Z" + mac: ENC[AES256_GCM,data:B1pkubTJuLU1pCprTHtANC58sfgbvjgnDtztF4g7M4cIgj4pasrPGjOXLw5hrRwpYKffuciOogDOJx1/DekpFG0rydc5+R46saCtzGYVBEXWpH+SuaiHGBokTq0zIwnNEDpMpQ2xKTDiv3yKJBNUXOPugEYgDuvmg1wRyZ9iWBY=,iv:ZUij0KY74PEYo2IcCQoFiHFB/uOF6CxyHIpL4yJyFlg=,tag:srWW114VV3oCMjSLG9lVwA==,type:str] pgp: - created_at: "2025-06-13T21:18:31Z" enc: |- diff --git a/secrets/repo/pii.nix.enc b/secrets/repo/pii.nix.enc index 7b97c4e..4a55990 100644 --- a/secrets/repo/pii.nix.enc +++ b/secrets/repo/pii.nix.enc @@ -1,5 +1,5 @@ { - "data": "ENC[AES256_GCM,data:FhYNSJHNQXIEH0R0mf0ZNV5Tqz8PydVeYyf5aLMSobSjw59UxY1Hqa9nLd851Ma28TiM+deXbqPfB960XtsLlI3YfV+LP3ZD8sWyQXIyv5Tty0ed46Q5hCa5DRPlviYtHcjMTjXvJWxjy+UpAQd4JKCMb+pafUEpgfCHalqUyuDyZ/WV9A9nDoz3b0YpMiynflXUBuXOAUq2ccQvR1Od1h3iWk/RiN774HlIH+10VH3vNb1UqWd/dgRR3aYUeMfnN+zu/L+RXrVokxo0LLP9JEN6Qqp6iwIAddw3CKXmM1xR14+6UO2WNkYdr/wWadgdMVjFkFFtcGAfWWBuAkcuXjUURzL4tXpLoUjQFNwlBGdw7JrMd14zs1L68daJGBpB/8SY2i3+axsz2JsUXea+S1/V0Dz0fCQVA66j6WrqgeJrpLF1nd/9OUQyWDvzz6q73t16bZMiODUGQ2pxOaiC9/kv76b+KkpIvHBYJDynijOVmrTIs5bLnrNzHB1UWxBzXJFyI5ytcYS+HjLB667PwCTN780sDoJIpbU5EY8Xlm6cv4VO0dgAnipwWbBeakTyCf4kecfH/QplyxzqcVI3aYjrOvbTpTzIaUjBepcKfmB62WtZlWrxiVKgFN/PNhoeYIWa0b0ataRNX3OA9U0qADBG737uAgogOk9VLhVIuAPe6RVbQiZBqYV55Rs78I0RHkVn7FjqoZVr0KLo5fRiDcQjQwnd2dEHfyhrYKh0Avch5tfU5auyi8VHJ+DCFaaIHS0wY25cAbAakgMxaw92X9/s376VwVL284ffXJNLxP09nDl1EIFb+9qGCjOaBo0RArLeQ5IN4BI46y+7Trifgz77A8x7lohZJiNsAqdWFOPWTQtdDnXMbtR6PFBLuaKQzAuJzHO69ymfd8LwaftkhKfh0ej9LH+OrjX31ce8hoczTltMkoVmOCq3t0npMg8+mGfKtqnmi5aHWPX0ziPA186DYm01EdCcqpT2Nm8C9sEVuvQyCbQd2tEEXRMIAUcr6DQvK9M6sV6dWjURQXqhtPLftkIhO5GsuuOU4HQYraUfhZAhCGvI46EaO0fPwTgkP8HS16tcDUg23uiEzoIc/Oh3c8aEepXH3rEXZmp10Murv6zrhjZjMqt/ZuQchgivbzmOhw5s1BT4wEk5nJ6C070AJPpPq48Zpu6imb5qsm3NLfwmg/BkVv+tqakBTg6GD4abxsi2e2jeEGObyc5OnIgvlCSRG8xA5b8mjV17oOV5/yHmU9jbeul3yVaF2qcieuZ5YZz6qXEAgla2hxZ1dzyv6BHMj0hbQfF+utA40zuODu5XhzCKdYx5RPMqFe7zIDLHQeAb9jpcpgljMgrkcO6uLrZwZpaoUi8S2AmW/y5+8E/f/TTucit1cSo8QLa8W7ISj363wpsy80Emm3YdtJVnJVquLkLq5SllXmrzwQDMST7O4XmCVGkVP2W18lFDIfdYEikOGdQ13wYSkS/vksZ/2CkOhOAFBpydTZ1nVwryxsSwUQs9602u632Mw0JaspYTHwF1AHqXY/vu4TTamnU+UxngbI6HMQyFk9YXgh9yqR1E4nzWi+FRjYs8o/IU1Yyg0LUnQV44NJaUT7g1QU7V2oBMM7zBQhbum9MB4qgo4X5YcnZRBilfQ5qVc+GvGYbBNLizUe12+Jia3OAjE6LJh8ibp8NtxNmbIFsIyYOR6I3WhAhhVG0qzD9IMKy0gqFqebY3Ht2s5C+OaTrFp+VWW9nm90PxqZWkuvjQmfrPrykIX5C6NlMzQfehSHyIpz//pAvL7HkJRLE71QsqKjqDxx70Ar/aPf0+jRawW+QuYiH1DYpIk20oQdOq3QckYnA2ElfLNVYmpQSmVNAUmqIduJ2Swf4MXrPecbmuq+iCzvVaEUvlwkzxQEGPbykudqYSRbrFVuf8c3DX5oVeA7A3Pvd2AOvZn9VNdsnO10ppuYVe2CU/a+spj7hp4wt9+ofJoOULSDKb4sUU//63SW23grgueU4RyGsEzFJhq96QY6s/Xa/aqCifFrBhuHRWWpvccH59FmDI1tKC0yFqAhTav/tjO9mGT//7/Y+KBeYIKl4rcu6uqhMvC0/Mq+TaGLJBWY2ElsptJxiLhHigu2lmnIDFTLV3wJHmx3ngWKnzFeDtW0f27BieUCnhpK1BNLoI8hLR5aUJ0/jE4YdjCU2Ff4BxmxRBxNiLTpVtfhSyKAJtzNsc+VsK3ZETL4VpW09I3sFTebgjLv7fcMD0WlwXq9gcV/qrsJKS5v8iUBLQ4TVUqT9XoLpFzHFfTd4VdZZcj+zeUMVkSfGFKt96fxpy2XVzlGKg0fZ3xXQC2uAz3jqHWkTcK3nu2fX1Aj7UjNxSpmjRRKf3N8tm3rjK+XR8ekr24/KSTYpyFftUlKQ6L9Mv1RB67mU4cr2eaRRHxuwwMzRluAjnkkiN/B6j0Rmm/yi/pri7qfqzodY5EUnaSQYlOg0peG2mIpGnY/+Wz8XeIYxN4ocpk/0J4AQ7XyCU8GBY34TKRg5PO/dm+4pDI+rNDtV8kXjDV6+qmek/NmBGz2/oZIg0EQ4+MrQQ6TokclAIgsA8b4wq0efQLNF45zngdhdgsV+OI17Dgmu4NeNZYSGB+CRNWSVg5rcyj+oZdw8AKPvkZwE/A/20oGjC9QrhhsSOI/KH5fqttyHXjXkmk5BpDevCCRf7MRZDpY6FtUo+ce7nA11MIKez5aIlo+cekJAGjZlOV4n+ACkjEIRv6a7nVAVEMiQMEKmB+BPEZUN/iMPUc807SoDzFNcxPXyrAExDYS/Jjo7syBC409laFHO2AQ9h1hsaxcKIChRF2brNjVT6M05WeihBb/1G0MYcX94h8IV2ipqRUaQ3eSc2fI/5UoNV2vlPkXcsOT2pWADdDc6hctf4Fk0Rg6zzuZtIeod3bSEpGkIZkKz2S1wrSW+yttEntX/vhKKCb0kV3nVt+ez0TIRRbYfQPgPdJ0Ly31oap6DdhTcILrTXjDmwMVsmF0WQcQkBy+nI+2aI3HxISXS/D9asUp3zQ/eysx7t+cTjtCePvK/654EGDCFSY5P7YBjUr5ylzqIa5HHfb51eRM2xxEz8PLIQeO76NMFMGEbkYtDWEEgznvMM4J9nVoWte2WhiBX507f6O8RhYILqfZvoosw61LfMryTn1jCJ36GJZfuFwvX2UPRV3ORcBVDokhlxrrdFvetg53RgdFpu6vu0mitpk730LbQ3Y+V/9NCe7X8vXo0VV2Pw2M/x4n22cJN34K7Y7FC/dyQsaHm74bZBiFqGfZxhMl0vGa/TK9YMx396SSbtJuCwsVdHg7zqeehA5rkmZPnpsVMYWejOVyEUjac6ydDbd3xvAjWZWPnyBYd3yGWiOvU3AuMBVjtkocVKw+d8Z9hzGQdVricg8bPOc6SeN67MiVPtmwHFuZNxYL60AhmKyQ3jdnFDjlH1ByBTIjqlXdHHUX+0UG9mlUBnyQ3HVOTEoS7JiWuEl9nxWr2OqAbafHCx2+tJcw+ulvDXtcQKuNspxbP0g+VCTsNDQBRLQ2RdB7RZi10BH24nlplonVtC26w/3SkGMTTk7qFbDSYsemmJ4Kzm4gp7ecrRua/1AoW9kQyFB6WL0pe2YJyknlLnesltmKgUAHV8FKEH+0QRHgUdEwlufZTUwgy/ctsDpnDSVwtv38oxyIg3F/NwgTfQIIyiwd/+TVHRIP+9BPhsB2fRFI4/6X8QzU67iWJne6sMACwSGZriwvzzFpJxKwhgzFMLmB1GApNb1dy910v03LJh30lOkUVnUi6daVZvrYBSgd3R8sovibaBXXg3RvjkWRLuRrnl3sxTiqXQzHKI4ovfZdFGX/Hs6zl00XBcYesug2xCxvcHNtgQYNXF7ZG5Iu9zTbpa7zd/60cf/wduxfHxkbQWEMBGSqYq0aMqfoS+YrBVYKyqn48Zduxc1+nGeeWHoiDWzodo0mH6HFQyrU77mqbKu/BZOidEyS6AnWBHNA2+dw/ch8CTGIlT7OGpluPaa3KwumPuGxM=,iv:BSs/FJQlMeQMcZjWmwAB8gSLAXp4iCvLcm1m5lm0L+o=,tag:0FuDBrYNlpA+55lccvkdsA==,type:str]", + "data": "ENC[AES256_GCM,data:93ubLQUuSE0QMWwXadiH4HGCTMXFj25AbstjRt7Cvwh/jwpsmNcsnJfv7zBE2bl33ystKzMRHVjbp/IPKI0VSBbPbX5joKr0U9tMOXo+9Nc6Z6wFVSO8x5WjxZnj/8WxJMCmON+8lFvadegPxT1gy8aPtK1HKMDYzZp4wEiKzuJNrmwAA7Ofy5nWj1HVVCL7C2PDC7JUJZWVoNx4PITUIJYzc6F5nSCOz8SmIyHewAyUovFLmdnnRYsmyJOYpe3chXxgO60huQEhvJw0lt+OxGNONhGsYUeMFIsA84hfaqosXCXXVC7R8Z8Xr7EvyKoUiQnTr1iSCXFN4FO6PhhM8KO17BXREAmrqlcA74a+csLLj2iAmJ1mMMT2EuIaC3W5XJO6YsVxb8hCNjP2tUg/RxwhiRXN/elhhmsPyk2Csxx9yYOFR3q7BXgRKLvGHQIQZ+HS/vy4m0qsZyKInsDHahcgqggKxsLeGUzOSKEXmznM9Hu058Mn0+i5NoDitZfZ41JZuEaz6bvP6AqLz7mVMiHzfnR9JuuoqpQyHxlq3OQyQGQHJpl6Wmc1lG/QOgHchHxgDJYkGxUNPiC5Y5hV9XxFaVQ8QzArt/nScC7r4ZI2vcMBWAgb5tPJZkltPzuymmJXe5N3T4y7dKb1PaJnWO1rN1A/qYtB31K+bCsguFuo8S7P4mkdHIhJ0f1+dykHmDIlmeN5wJWZHO+Zg47KH1X8pqOFCiZcE0hFkqzlSiuKWNOMFN8WuVqw/JjUf59AD2WPKsuyshaKxjkCoZXKH89mO/9qOpx7R7vAybJHit6X4PeyKUizEl5lCWSW7HmnQPVy2Z8yc2o/rnO3G1lThqeGwqG4uVrEdQvH8oRCDDm9LjRN7TTo77cdZgVnc2bT8UyFOqLg9r0Ux4+0TuQse2ibiGHERNYU/UKZQBVvz28yG5o7LkpIfqHuo4JHpbF20MLoOzYWDj2A+s0pEWlPT7P0EF9POiuK5TKxPCcjCWtd2IgHiPhatNIMD9ygpvfw8f9wkPBTuPN0yJaXa+JlyXf73K+cmigTOhAyoGRB40QzxeZP2/hexUinNBPwy8r+D07bSP9EJi245yKmaZyNn9fEKjGCY4xJeroPY5jTgs8T74k+6onISXzv37XbqTRLfykdjJ3ttk6R2McnS2h1YwTvlTbw0Wsf9ocWc8qjPz4mggxiDalxemKCabM9pRcepGmbkXdtXQi7G17VxT8Ur8Y0zy/M8bVfwYCmhOq0JqHqJuRbo2nMX0kSXFKwZDeNiwmWF77YJscCW3ZU/k0p6yHzWXwk7jTmUD60Ht+kR0uQSt5LNqNty7i9uo783kMXmHoX7Q3UVPf3wtjRDgOxLPMaTFHWeHWoSpHHmCuxvKRBDt0mg3rvtmeRrTgFXCNIBBwgks65TpMrzj/0Pw7GyqZOHvC7GKJY8kwGssS6X8XRD6gxQqPfNl5REv4yT+Oa+6tG6rD6zkFv0pkJIRm0EXRZ+w0gqUzduTE1n64IS/yBJexgVjkJfJKbRinWk50yzymZYeMEIsutpRAiZZ0nBiGRngl0KzvvUA8ranyRUkKD7m5lS+vfwtsKSI6OixK8hBwypUGqR9vD2qWvQVUjkvltPFMiONoLEC6bt/mNuhQGscFGi6tIkra0PUovk0msJ5SnjFpj1hFTs/QEL2xNHx+9q+7XqddzAn6j4t3UjYhyuf3B2QuZ7au2q+NRdzoGDaXM5eJyvCYSMDmZq0vZ0LK60h44b7T5JnstuO59pr6fGKCoQRYfT0eTp86cWRcPugIh05I0CF82080vQhNXvjYxzzLwjkx9zYBCJk5KDE4Q9nZSLzDRl5IwGysOqqwO5t//CAF4tpsyTE81OSgi1ca/+hbl+ro6wQiWVlMhXObuFf/4+6UtsRouY35tXGlgclpvLMsQfpE5Y7HcLQ3+tlsZncXjG2PGNeGyWHZqsWmJjT5p1D9UVRMFwGxQpQiCE6NaVbHN4rIuD5jEDkM6Z/l8nPFSesU2ddQGi8Xtg3gdP+AFXWiIGEqIKSlG7drJ3WMK2FAgkaYk/zgvFYTK8jMjJBm25baJa0LLKGv3v5mU+w/bXr6CmGM+1GbhM0jnb3LSCsDIFJFpeILWsI7Ej62w/knwNzaHw251fquecbUEUkXkGeBq/izATp6TXHB07RL9BIMDaOlrSI3Pb/ej77MjcNkvZMfSJdDL+O/Ob5JgPQYp+tyubipLNaAxnlNlKvEzm5KSacHIXyDHUpYzsx84J6x65i2AbrtmJ1O2ontwOY2vlrSEQgduDuTZm48D2BBCZZ7TTAP2E+yD1GllGlSZY69TQSKF08gFbrSf+Jj+AXKOrQQerXc47hFAMPFScTH0rtN1zsM9pV0d/5zhkFePatL8Ztoa8uJUCVpJxu2z+h8BedIDfhXtijCxEmOKc+9iLokTyWupk/uCQyLqJO+cqYqf6T4Rf4S9XmlkPELGPSRwpOjSDhlKyWf72sbvokgIQ6G/TRQIGlOMlmTn60j0Mf6kWmL3hx6LWVN7kH4TpHmryWy2s0pgKEiqNihvoM3IR9NhM4cv2RTbY6NG3x5ql3Y8A9Aoor9tuS4IDCDb8n/TZ63CxSui+c7qGLCdg0znUlWv2XvTOTjleCHgukMbUqDqXphE3/vwMePJ/uXA3PBZ8gWCuOhsa5FU9ABi17h37XKhZG6Vys6iw2EWN3VbIEsdjjVPBDNCluy7eoEJGNKATS4Y6/5bhXUBtYOYI2WvoJCdR35WR0grkDsV7AaGdKGg/slKByWXmyOw2Rrj0siz0SC/42DhwDB46dL+0EZpL+pnBv/pT/PcMJ/hrp1blgdgXgRSH56cLHQhmX6SdZT55DSCW6BKfSDSAH9fVuSAVzdqBgjMhzQ3ar94UjTCkSXVu0NspZm2BKQprsgnAbUz192/phZ+jrVkcIb+iq6+HgJ3BYT+ByKR3e4AoBN6HvANYjXOgLe3iExeo7QIgdDWyXZH8mxOz4j/BPN8EjsHrk7FazgrID5oJSHDDBJ36hKoAvjCSsMHveWrbBwS00hGIpgGX5EaCaeTE/6UYZ0DF56M8/pa4L3khyDs/sXUCsJEoxQcvMkt2IFAnoKXpkWPND8iLFt0DSq7ov9+rKjXpgeH0K/DIj0Qfkwk66EusEUtwux4EYTofwcyorlpgA5RXzAZB5jroqmcL5I79uZ/oLyoBjulS4nEcKQihcSEozRVSSiQlKHsb0DWOKovUlwdBossAQUXcrShAhkfddc3iqIonpFDJYw6np9HwZ+QSOXNaEkRtucW+J0I6YSTHnRF64GARGpvF9DXlpbhfONm96mgTpkCkO2NekNP2nuvWnIs+MDmD8BZd2o2hLPo1Hmr+2n0Gkvd5DJAemfggTrEZ8YuaMnQbhwOKJ79Vu4N7mmhghDjuHi55hnzZDEUXgeyJ/rQTsiD4V29kOnPvoMBNRGSD74LPptOceXw1HqoOyMI+wDXHTj00Elr33rTEJ0lfcFvtW8EgvU85mCHP1/TC5Ms2jKAUvVBGSC7CGkwx7O0mSCujU+BYTD/1r1a2KdGyhvU5xVcMp0RMm7y25I+5ckWJUzrN2A3wO3ANJZ0PE6qk49316/XDyK0xn2C1EvFxT7nl/e/KTmCUBm/8Bx0suiAand4PhCbuMT8IcENCBEglwg0aEYTo2HkKmJFOkPzVjW0VAyXR4/NYjt0lAIGN7AsBVo+Wp2N3O+67eqA+wjMFV/6pAc8u0Pla7NfzCiM9hcgWH0+fKD+DJSiRU536gucBA0vXMWzjEzy6Hy2cn3j7fm6Q6B1MjVHzAmZqElPm3frGxv7eOTJzKS+YhqzPkBuF5wa0MUskmFd4aHt/zchSlMD183A3CmPxV7lwM+d0q0O7OoB8uH4AyM4DnkTvBP+jDxlEaVP85dbX0EHexmTLGweH2QL5W2stLNxGGPjROIMJRUz1yc=,iv:sTMh997U5saMDn6pvEmSjEv9czye1NhMPJOwrcb/JHs=,tag:56yLcBmZ0bu89cBTYHEFuw==,type:str]", "sops": { "age": [ { @@ -27,8 +27,8 @@ "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBtU240VjVRZmJ5TGsrclJF\nRXRLbTRCZURtR0Z3d2E2eDNNeGRDODlXVEY4CllTeVFYbDJQWlRSS1RFLzAxSnlM\nZi9NU1c3cWo3YWRLcUJ2U2ZFWFBBVEEKLS0tIGtmZU9qSWdBT3RDeStaaFFDSWtk\ndkUzZXJwZUl4LzVxYXdidmxXRnNnclUKyAMZqCKSY/RQvTR4bbjLaPnGKwdBcHXc\nvtiVSrLdIdzMa6id/J07TJH5UesUmcp0wjU41MDa4aMBLy+cXhuBHA==\n-----END AGE ENCRYPTED FILE-----\n" } ], - "lastmodified": "2025-08-12T08:32:44Z", - "mac": "ENC[AES256_GCM,data:dSoqNCOKIhI8EdM6p+fCqNvmJorGQBmHDqXq04oHAg4q2pxoD2+C/HoNdp0+Bqo9jAqpb2oZ9ipjMIGzLbmJByaocYICsA5VnG4HjLoFbH9J1eNMjdId2411zmzTWH/afibhMIugZSsd4iEG+l2iq9r4yVgu27DOoT3haa0p7wg=,iv:Kte/K25/oVGOnT0a/0PZzrDwekgeItalyDJQvirez7g=,tag:z6PH9NaQ5PaxW5tD1f4wGw==,type:str]", + "lastmodified": "2025-07-22T05:18:26Z", + "mac": "ENC[AES256_GCM,data:lxQFZ8hWrBepjVzeaBrHS4SpkwQzXyEvJu6fclWAvEby1w+eG7kMR3quHzD/F6zPoT3jLdFM3fSIhjVOSslSnut0pTtselvco23YtbYzEz1JK/mTGW6IytGQvZVH1HGM3lwHJ9G7jLPRUq5CBQr4zULtqZBO4rK+f9YnFChhPyY=,iv:DsgxvDPHWv8qHqYB3RXiVmZcZfdxI6iUFABHj2iE0Bg=,tag:KK0RYpLgyzVSQPYIr4DLTQ==,type:str]", "pgp": [ { "created_at": "2025-06-13T20:13:06Z",