diff --git a/hosts/nixos-laptop/default.nix b/hosts/nixos-laptop/default.nix index 742c13a..7ebd02d 100644 --- a/hosts/nixos-laptop/default.nix +++ b/hosts/nixos-laptop/default.nix @@ -10,9 +10,13 @@ ./hardware-configuration.nix ]; - my.profiles = { - desktop.enable = true; - personal.enable = true; + my = { + virtualisation.libvirtd.enable = true; + profiles = { + desktop.enable = true; + personal.enable = true; + webis.enable = true; + }; }; # BOOT @@ -33,6 +37,7 @@ xserver.libinput.enable = true; xserver.libinput.touchpad.disableWhileTyping = true; printing.enable = true; + logind.lidSwitch = "hybrid-sleep"; }; hardware.bluetooth.enable = true; @@ -105,16 +110,6 @@ wantedBy = [ "multi-user.target" ]; }; - programs.ssh.extraConfig = '' - Host builder - Hostname 192.168.0.14 - Port 22 - User moritz - - IdentitiesOnly yes - IdentityFile /etc/ssh/ssh_host_ed25519_key - ''; - # This value determines the NixOS release from which the default # settings for stateful data, like file locations and database versions # on your system were taken. It‘s perfectly fine and recommended to leave diff --git a/modules/profiles/desktop.nix b/modules/profiles/desktop.nix index 678df5c..b909535 100644 --- a/modules/profiles/desktop.nix +++ b/modules/profiles/desktop.nix @@ -72,6 +72,7 @@ in }; }; services = { + illum.enable = true; gnome.gnome-keyring.enable = true; pipewire = { enable = true; diff --git a/modules/profiles/personal.nix b/modules/profiles/personal.nix index 37cca50..e1cb308 100644 --- a/modules/profiles/personal.nix +++ b/modules/profiles/personal.nix @@ -18,7 +18,7 @@ in synology-drive.enable = true; }; programs = { - ssh.includeSecrets = mkDefault [ ../../secrets/ssh-home.age ]; + ssh.includeSecrets = [ ../../secrets/ssh-home.age ]; git.signing = mkDefault true; hub.enable = mkDefault true; firefox.arkenfox = { diff --git a/modules/profiles/webis.nix b/modules/profiles/webis.nix new file mode 100644 index 0000000..bded073 --- /dev/null +++ b/modules/profiles/webis.nix @@ -0,0 +1,28 @@ +{ lib +, config +, ... +}: + +with lib; +let + cfg = config.my.profiles.webis; +in + +{ + options.my.profiles.webis.enable = mkEnableOption "webis profile"; + + config = mkIf cfg.enable { + my.programs.ssh.includeSecrets = [ ../../secrets/webis-ssh.age ]; + age.secrets.webis = { + file = ../../secrets/webis.age; + name = "webis.ovpn"; + }; + services.openvpn.servers = { + webis = { + config = "config /run/agenix/webis.ovpn"; + autoStart = false; + updateResolvConf = true; + }; + }; + }; +} diff --git a/modules/programs/hyprland/_config.nix b/modules/programs/hyprland/_config.nix index 5feef36..eaa5a2e 100644 --- a/modules/programs/hyprland/_config.nix +++ b/modules/programs/hyprland/_config.nix @@ -171,8 +171,6 @@ in bind = , XF86AudioNext , exec , playerctl -p "spotifyd,firefox" next bind = , XF86AudioPlay , exec , playerctl -p "spotifyd,firefox" play-pause bind = , XF86AudioPrev , exec , playerctl -p "spotifyd,firefox" previous - binde = , XF86MonBrightnessDown , exec , brightnessctl s 10%- - binde = , XF86MonBrightnessUp , exec , brightnessctl s 10%+ # Move focus with mainMod + hjkl binde = $mainMod, H, movefocus, l diff --git a/modules/programs/hyprland/default.nix b/modules/programs/hyprland/default.nix index 42f39c6..dc58269 100644 --- a/modules/programs/hyprland/default.nix +++ b/modules/programs/hyprland/default.nix @@ -91,11 +91,11 @@ in events = [ { event = "before-sleep"; - command = "${pkgs.swaylock}/bin/swaylock -fF"; + command = "${getExe pkgs.swaylock} -fF"; } { event = "lock"; - command = "${pkgs.swaylock}/bin/swaylock -fF"; + command = "${getExe pkgs.swaylock} -fF"; } ]; timeouts = @@ -118,12 +118,10 @@ in } ] ++ optional (!cfg.nvidiaSupport) # TODO https://github.com/hyprwm/Hyprland/issues/1728 - [ - { - timeout = 30 * 60; - command = "${pkgs.systemd}/bin/systemctl suspend-then-hibernate"; - } - ]; + { + timeout = 30 * 60; + command = "${pkgs.systemd}/bin/systemctl suspend-and-hibernate"; + }; systemdTarget = "hyprland-session.target"; }; }; @@ -148,7 +146,7 @@ in wantedBy = [ "graphical-session.target" ]; serviceConfig = { ExecStartPre = "${pkgs.coreutils}/bin/sleep 0.5"; - ExecStart = "${pkgs.hyprpaper}/bin/hyprpaper -c ${config}"; + ExecStart = "${getExe pkgs.hyprpaper} -c ${config}"; RestartSec = "500ms"; Restart = "on-failure"; }; diff --git a/modules/programs/nvim/default.nix b/modules/programs/nvim/default.nix index 092636b..805e88b 100644 --- a/modules/programs/nvim/default.nix +++ b/modules/programs/nvim/default.nix @@ -94,3 +94,4 @@ in }; }; } + diff --git a/secrets/secrets.nix b/secrets/secrets.nix index 179ef3a..723b0a8 100644 --- a/secrets/secrets.nix +++ b/secrets/secrets.nix @@ -6,7 +6,8 @@ let nixos-laptop = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDhtwHDGAZshiQWKkCcPWV9tC83b+bKBgjDcjP/N2CKO"; nixos-desktop = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKl8gMhwSf1NsP5gp14xbbyjqQLZzcHLb/XKRMoHdXgI"; nixos-work = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGQdruRBgcS3JbX+8DP4GE+28M/ZnxqxhoaMM5EVUkrD"; - hosts = [ nixos-laptop nixos-desktop nixos-work ]; + hosts-personal = [ nixos-laptop nixos-desktop ]; + hosts = hosts-personal ++ [ nixos-work ]; all = users ++ hosts; in @@ -18,4 +19,6 @@ in "uni-vpn.age".publicKeys = all; "wireguard-preshared-key.age".publicKeys = all; "wireguard-private-key.age".publicKeys = all; + "webis.age".publicKeys = hosts-personal ++ [ moritz ]; + "webis-ssh.age".publicKeys = hosts-personal ++ [ moritz ]; } diff --git a/secrets/webis-ssh.age b/secrets/webis-ssh.age new file mode 100644 index 0000000..f5ddae0 Binary files /dev/null and b/secrets/webis-ssh.age differ diff --git a/secrets/webis.age b/secrets/webis.age new file mode 100644 index 0000000..c7e921a Binary files /dev/null and b/secrets/webis.age differ