commit ab4085f137b0255701171babcd8ba6ff3a62d87e
parent 1be418d4369be217a4e1999ea01b7e79bb89dc32
Author: Chris <chris@echoz.io>
Date: Tue, 7 Oct 2025 10:31:14 +0200
feat: configure syncthing, dunst, hypridle, hyprlock, static uids/gids
Diffstat:
9 files changed, 269 insertions(+), 3 deletions(-)
diff --git a/flake.lock b/flake.lock
@@ -214,11 +214,11 @@
"nixpkgs": "nixpkgs_2"
},
"locked": {
- "lastModified": 1759804042,
- "narHash": "sha256-dvi/FFa9RVS3peH820gXUgl1MIIB73zSYOTg+j/45eo=",
+ "lastModified": 1759825512,
+ "narHash": "sha256-j7SciQEfakwKgxS1YUEot8qb0q4U+l1hziumne3K5uU=",
"owner": "echozio",
"repo": "sec",
- "rev": "51df35202dc657f66323c0411b18680daa5b7ff1",
+ "rev": "2daab8652c9b583ae97d079d29a7cd1bdf120ab5",
"type": "github"
},
"original": {
diff --git a/modules/dunst/default.nix b/modules/dunst/default.nix
@@ -0,0 +1,62 @@
+{
+ user,
+ ...
+}:
+{
+ home-manager.users.${user} = {
+ wayland.windowManager.hyprland.settings.layerrule = [
+ "blur,notifications"
+ "ignorezero,notifications"
+ ];
+
+ services.dunst = {
+ enable = true;
+ settings = {
+ global = {
+ follow = "mouse";
+ alignment = "center";
+ width = 500;
+ height = "(36, 180)";
+ origin = "top-center";
+ offset = "(0, 0)";
+ corner_radius = 10;
+ corners = "bottom";
+ padding = 12;
+ horizontal_padding = 12;
+ frame_width = 0;
+ markup = "full";
+ icon_position = "off";
+ font = "JetBrains Mono Nerd Font Propo 12";
+ line_height = 12;
+ stack_duplicates = true;
+ hide_duplicate_count = true;
+ transparency = 0;
+ separator_height = 0;
+ fullscreen = "show";
+ layer = "top";
+ };
+
+ urgency_low = {
+ timeout = 3;
+ background = "#00000033";
+ foreground = "#eeeeee";
+ frame_color = "#eeeeee";
+ };
+
+ urgency_normal = {
+ timeout = 3;
+ background = "#00000033";
+ foreground = "#eeeeee";
+ frame_color = "#eeeeee";
+ };
+
+ urgency_critical = {
+ timeout = 30;
+ background = "#00000033";
+ foreground = "#eeeeee";
+ frame_color = "#eeee00";
+ };
+ };
+ };
+ };
+}
diff --git a/modules/firefox/user.js b/modules/firefox/user.js
@@ -12,6 +12,8 @@ user_pref("devtools.chrome.enabled", true);
user_pref("devtools.debugger.remote-enabled", true);
user_pref("browser.sessionstore.resume_from_crash", true);
+user_pref("browser.tabs.insertAfterCurrent", true);
+user_pref("browser.tabs.insertAfterCurrentExceptPinned", true);
user_pref("general.aboutConfig.enable", true);
user_pref("middlemouse.paste", false);
user_pref("sidebar.animation.enabled", false);
diff --git a/modules/hypr/default.nix b/modules/hypr/default.nix
@@ -2,5 +2,7 @@
imports = [
./hyprland.nix
./hyprpaper.nix
+ ./hyprlock.nix
+ ./hypridle.nix
];
}
diff --git a/modules/hypr/hypridle.nix b/modules/hypr/hypridle.nix
@@ -0,0 +1,65 @@
+{
+ pkgs,
+
+ user,
+ ...
+}:
+{
+ home-manager.users.${user} = {
+ home.packages = [ pkgs.brightnessctl ];
+
+ wayland.windowManager.hyprland.settings.bind = [ "$mod, Delete, exec, loginctl lock-session" ];
+
+ services.hypridle = {
+ enable = true;
+
+ settings = {
+ general.lock_cmd = builtins.toString (pkgs.writeShellScript "lock" ''
+ pidof hyprlock || hyprlock
+ '');
+
+ listener = [
+ {
+ timeout = 1;
+ on-resume = builtins.toString (pkgs.writeShellScript "dpms-on-undim" ''
+ hyprctl dispatch dpms on
+ brightnessctl -r
+ '');
+ }
+ {
+ timeout = 10;
+ on-timeout = builtins.toString (pkgs.writeShellScript "manual-lock-dim" ''
+ save="$(brightnessctl -m | awk -F, '{if ($4 != "10%") {print "-s"; exit}}')"
+ pidof hyprlock && brightnessctl $save set 10%
+ '');
+ }
+ {
+ timeout = 30;
+ on-timeout = builtins.toString (pkgs.writeShellScript "manual-lock-dpms-off" ''
+ pidof hyprlock && hyprctl dispatch dpms off
+ '');
+ }
+ {
+ timeout = 60;
+ on-timeout = builtins.toString (pkgs.writeShellScript "auto-dim" ''
+ save="$(brightnessctl -m | awk -F, '{if ($4 != "10%") {print "-s"; exit}}')"
+ brightnessctl $save set 10%
+ '');
+ }
+ {
+ timeout = 300;
+ on-timeout = builtins.toString (pkgs.writeShellScript "auto-lock" ''
+ loginctl lock-session
+ '');
+ }
+ {
+ timeout = 330;
+ on-timeout = builtins.toString (pkgs.writeShellScript "auto-lock-dpms-off" ''
+ hyprctl dispatch dpms off
+ '');
+ }
+ ];
+ };
+ };
+ };
+}
diff --git a/modules/hypr/hyprlock.nix b/modules/hypr/hyprlock.nix
@@ -0,0 +1,37 @@
+{
+ user,
+ ...
+}:
+{
+ security.pam.services.hyprlock = { };
+
+ home-manager.users.${user}.programs.hyprlock = {
+ enable = true;
+ settings = {
+ general = {
+ hide_cursor = true;
+ ignore_empty_input = true;
+ };
+ background = {
+ path = "screenshot";
+ blur_passes = 3;
+ blur_size = 9;
+ };
+
+ input-field = {
+ size = "500, 64";
+ position = "0, 0";
+ monitor = "";
+ dots_center = false;
+ fade_on_empty = true;
+ font_color = "rgba(255, 255, 255, 0.2)";
+ inner_color = "rgba(0,0,0,0.2)";
+ check_color = "rgba(0,0,255,0.2)";
+ fail_color = "rgba(255,0,0,0.2)";
+ outline_thickness = 0;
+ placeholder_text = "";
+ shadow_passes = 0;
+ };
+ };
+ };
+}
diff --git a/modules/static-uids-gids/default.nix b/modules/static-uids-gids/default.nix
@@ -0,0 +1,25 @@
+{
+ users = {
+ users = {
+ dhcpcd.uid = 999;
+ flatpak.uid = 998;
+ greeter.uid = 997;
+ nscd.uid = 996;
+ rtkit.uid = 995;
+ sshd.uid = 994;
+ systemd-oom.uid = 993;
+ };
+ groups = {
+ dhcpcd.gid = 999;
+ flatpak.gid = 998;
+ greeter.gid = 997;
+ nscd.gid = 996;
+ polkituser.gid = 995;
+ resolvconf.gid = 994;
+ rtkit.gid = 993;
+ sshd.gid = 992;
+ systemd-coredump.gid = 991;
+ systemd-oom.gid = 990;
+ };
+ };
+}
diff --git a/modules/syncthing/default.nix b/modules/syncthing/default.nix
@@ -0,0 +1,18 @@
+{
+ user,
+ ...
+}:
+{
+ imports = [ ./syncthingtray-init.nix ];
+
+ home-manager.users.${user}.services.syncthing = {
+ enable = true;
+ tray.enable = true;
+
+ overrideFolders = true;
+ overrideDevices = true;
+ settings.options = {
+ urAccepted = -1;
+ };
+ };
+}
diff --git a/modules/syncthing/syncthingtray-init.nix b/modules/syncthing/syncthingtray-init.nix
@@ -0,0 +1,55 @@
+{
+ lib,
+ pkgs,
+
+ user,
+ ...
+}:
+{
+ home-manager.users.${user} = { config, ... }: {
+ systemd.user.services = {
+ ${config.services.syncthing.tray.package.pname}.Unit.Requires = [ "syncthingtray-init.service" ];
+ syncthingtray-init = {
+ Unit = {
+ Description = "Generate syncthingtray config";
+ After = [
+ "syncthing.service"
+ "graphical-session.target"
+ ];
+ Requires = [ "syncthing.service" ];
+ Before = [ "${config.services.syncthing.tray.package.pname}.service" ];
+ PartOf = [ "graphical-session.target" ];
+ };
+
+ Install.WantedBy = [ "default.target" ];
+
+ Service = {
+ Type = "oneshot";
+ RuntimeDirectory = "syncthingtray-init";
+ RemainAfterExit = true;
+ ExecStart = pkgs.writeShellScript "syncthingtray-init" ''
+ while
+ ! ${pkgs.libxml2}/bin/xmllint \
+ --xpath 'string(configuration/gui/apikey)' \
+ "''${XDG_STATE_HOME:-$HOME/.local/state}/syncthing/config.xml" \
+ >"$RUNTIME_DIRECTORY/api_key"
+ do ${lib.getExe' pkgs.coreutils "sleep"} 1; done
+ cat >"''${XDG_CONFIG_HOME:-$HOME/.config}/syncthingtray.ini" <<EOF
+ [General]
+ v=${config.services.syncthing.tray.package.version}
+
+ [tray]
+ connections\\1\\apiKey=@ByteArray($(cat "$RUNTIME_DIRECTORY/api_key"))
+ connections\\1\\syncthingUrl=http://127.0.0.1:8384
+ connections\\1\\authEnabled=false
+ connections\\1\\autoConnect=true
+ connections\\1\\httpsCertPath=''${XDG_STATE_HOME:-$HOME/.local/state}/syncthing/https-cert.pem
+ connections\\1\\label=localhost
+ connections\size=1
+ EOF
+ '';
+ };
+ };
+ };
+ };
+}
