diff --git a/.cargo/.crates.toml b/.cargo/.crates.toml index 7a5ef83..579c372 100644 --- a/.cargo/.crates.toml +++ b/.cargo/.crates.toml @@ -1,5 +1,4 @@ [v1] -"b3sum 1.4.0 (registry+https://github.com/rust-lang/crates.io-index)" = ["b3sum"] "bandwhich 0.20.0 (registry+https://github.com/rust-lang/crates.io-index)" = ["bandwhich"] "cargo-outdated 0.13.1 (registry+https://github.com/rust-lang/crates.io-index)" = ["cargo-outdated"] "cargo-update 13.0.4 (registry+https://github.com/rust-lang/crates.io-index)" = [ @@ -11,7 +10,6 @@ "eva 0.3.1 (registry+https://github.com/rust-lang/crates.io-index)" = ["eva"] "rustlings 3.0.0 (path+file:///home/vis/utils/rustlings)" = ["rustlings"] "sccache 0.5.4 (registry+https://github.com/rust-lang/crates.io-index)" = ["sccache"] -"sheldon 0.7.3 (registry+https://github.com/rust-lang/crates.io-index)" = ["sheldon"] "starship 1.15.0 (registry+https://github.com/rust-lang/crates.io-index)" = ["starship"] "sway-alttab 1.1.2 (registry+https://github.com/rust-lang/crates.io-index)" = ["sway-alttab"] "swayr 0.27.0 (registry+https://github.com/rust-lang/crates.io-index)" = [ diff --git a/.config/albert/albert.conf b/.config/albert/albert.conf new file mode 100644 index 0000000..86e6b8e --- /dev/null +++ b/.config/albert/albert.conf @@ -0,0 +1,70 @@ +[General] +%23%20notifiedUnsupportedHotkey=true +fuzzy=true +hotkey=Ctrl+Space +last_used_version=0.20.14 +memoryDecay=0.82 +notifiedUnsupportedHotkey=false +showTray=true +telemetry=false +terminal=Kitty + +[applications] +enabled=true + +[calculator_muparser] +enabled=false + +[calculator_qalculate] +enabled=false + +[datetime] +enabled=true + +[googletrans] +enabled=false + +[hash] +enabled=true + +[pass] +enabled=true + +[pomodoro] +enabled=true + +[python] +enabled=true +watchSources=false + +[python_eval] +enabled=true + +[snippets] +enabled=false + +[ssh] +enabled=true + +[system] +enabled=false + +[terminal] +enabled=true + +[widgetsboxmodel] +alwaysOnTop=true +clearOnHide=true +clientShadow=true +displayIcons=true +displayScrollbar=true +followCursor=true +hideOnFocusLoss=false +historySearch=true +itemCount=8 +quitOnClose=false +showCentered=true +showFallbacksOnEmpty=true +systemShadow=false +theme=Numix +windowPosition=@Point(1962 886) diff --git a/.config/sway/config b/.config/sway/config index a9b749e..9c2e27c 100644 --- a/.config/sway/config +++ b/.config/sway/config @@ -15,6 +15,7 @@ set $nutermmenu kitty --class 'launcher' bash -c 'compgen -c | sort -u | fzf | xargs -r kitty' $bemenu bemenu-run --fork -l 5 -n -p "▶" --fn 'FiraCode Retina 17' | xargs swaymsg exec $dashpls nwggrid + $albert QT_QPA_PLATFORM=xcb albert show # $bg "~/Pictures/apod/2019-January-2-The-Orion-Nebula-in-Infrared-from-WISE.jpg fit #000000" # $bg "~/Pictures/apod/2020-April-29-The-Ion-Tail-of-New-Comet-SWAN.jpg fit #000000" $bg "~/Pictures/apod/2020-August-11-Churning-Clouds-on-Jupiter.jpg" @@ -84,26 +85,25 @@ exec_always --no-startup-id gsettings set org.gnome.desktop.wm.preferences theme '$theme' gsettings set org.gnome.desktop.peripherals.touchpad tap-to-click true - pgrep -u $(id -u) kanshi && pkill kanshi + # run this prior to first run: + # glib-compile-schemas /usr/share/glib-2.0/schemas + # glib-compile-schemas ~/.local/share/glib-2.0/schemas/ + gsettings set com.github.stunkymonkey.nautilus-open-any-terminal terminal kitty + pgrep -u $(id -u) ibus-daemon && pkill ibus-daemon ibus-daemon -dxrt auto - ### Needed for xdg-desktop-portal-kde + ### Needed for xdg-desktop-portal-* dbus-update-activation-environment --systemd --all - /usr/lib/xdg-desktop-portal --replace - pgrep -u $(id -u) kdeconnect-indi && pkill kdeconnect-indi + /usr/libexec/xdg-desktop-portal --replace pgrep -u $(id -u) mako && pkill mako pgrep -u $(id -u) fusuma && pkill fusuma pgrep -u $(id -u) swayrd && pkill swayrd - pgrep -u $(id -u) autotiling && pkill autotiling pgrep -u $(id -u) batsignal && pkill batsignal pgrep -u $(id -u) swayidle && pkill swayidle - kdeconnect-indicator mako - XDG_SESSION_TYPE=x11 XDG_CURRENT_DESKTOP=gnome fusuma -d -c ~/.config/fusuma/config-wl.yml - env RUST_BACKTRACE=1 ~/.cargo/bin/swayrd > /tmp/swayrd.log 2>&1 - kanshi - autotiling + XDG_CURRENT_DESKTOP=gnome fusuma -d -c ~/.config/fusuma/config-wl.yml + env RUST_BACKTRACE=1 swayrd > /tmp/swayrd.log 2>&1 batsignal '-d -w 25 -c 15 -d 10' swayidle -w \ timeout 545 'pgrep -u $(id -u) swaylock || notify-send -t 15000 -u critical -i "Idle timeout" "Screen is locking soon"' \ @@ -121,16 +121,13 @@ exec --no-startup-id { dbus-update-activation-environment DISPLAY XAUTHORITY ibus-daemon -dxrt auto $keyring - ### Needed for xdg-desktop-portal-kde + ### Needed for xdg-desktop-portal-* dbus-update-activation-environment --systemd --all - /usr/lib/xdg-desktop-portal --replace - pgrep -u $(id -u) kdeconnect-indi || kdeconnect-indicator + /usr/libexec/xdg-desktop-portal --replace pgrep -u $(id -u) mako || mako # XDG_SESSION_TYPE=x11 XDG_CURRENT_DESKTOP=gnome fusuma -d -c ~/.config/fusuma/config-wl.yml - pgrep -u $(id -u) fusuma || fusuma -d -c ~/.config/fusuma/config-wl.yml - env RUST_BACKTRACE=1 ~/.cargo/bin/swayrd > /tmp/swayrd.log 2>&1 - pgrep -u $(id -u) kansi || kanshi - pgrep -u $(id -u) autotiling || autotiling + pgrep -u $(id -u) fusuma || XDG_CURRENT_DESKTOP=gnome fusuma -d -c ~/.config/fusuma/config-wl.yml + env RUST_BACKTRACE=1 swayrd > /tmp/swayrd.log 2>&1 pgrep -u $(id -u) batsignal || batsignal '-d -w 25 -c 15 -d 10' pgrep -u $(id -u) swayidle || swayidle -w \ timeout 545 'pgrep -u $(id -u) swaylock || notify-send -t 15000 -u critical -i "Idle timeout" "Screen is locking soon"' \ @@ -176,8 +173,9 @@ bindsym $mod+t exec $term $mod+ctrl+Shift+t exec qterminal $mod+Shift+q kill - alt+F1 exec $menu - alt+Shift+F1 exec $dashpls + alt+Shift+F1 exec $menu + alt+F1 exec $albert + # alt+Shift+F1 exec $dashpls alt+F2 exec $bemenu alt+F3 exec ulauncher-toggle alt+Shift+F2 exec $nutermmenu diff --git a/.config/systemd/user.conf b/.config/systemd/user.conf deleted file mode 100644 index 73051bd..0000000 --- a/.config/systemd/user.conf +++ /dev/null @@ -1,3 +0,0 @@ -[Manager] -DefaultTimeoutStarSec=15s -DefaultTimeoutStopSec=15s diff --git a/.config/systemd/user/.#waybar.service15c133f9ac3a0f00 b/.config/systemd/user/.#waybar.service15c133f9ac3a0f00 deleted file mode 100644 index 42b9d96..0000000 --- a/.config/systemd/user/.#waybar.service15c133f9ac3a0f00 +++ /dev/null @@ -1,16 +0,0 @@ -# ~/.config/systemd/user/waybar.service or /etc/systemd/user/waybar.service -[Unit] -Description=Highly customizable Wayland bar for Sway and Wlroots based compositors. -Documentation=https://github.com/Alexays/Waybar/wiki/ -#PartOf=graphical-session.target -PartOf=sway-session.target -After=sway-session.target - -[Service] -ExecStart=/usr/bin/waybar -# Upstreamed in https://github.com/Alexays/Waybar/pull/1036 -ExecReload=kill -SIGUSR2 $MAINPID -Restart=on-failure - -[Install] -WantedBy=sway-session.target \ No newline at end of file diff --git a/.config/systemd/user/battery.service b/.config/systemd/user/battery.service deleted file mode 100644 index 9c77bc7..0000000 --- a/.config/systemd/user/battery.service +++ /dev/null @@ -1,9 +0,0 @@ -[Unit] -Description=Power Profiles service - -[Service] -Type=simple -ExecStart=%h/.local/bin/battery.sh - -[Install] -WantedBy=multi-user.target \ No newline at end of file diff --git a/.config/systemd/user/battery.timer b/.config/systemd/user/battery.timer deleted file mode 100644 index 0c5cdd2..0000000 --- a/.config/systemd/user/battery.timer +++ /dev/null @@ -1,10 +0,0 @@ -[Unit] -Description=Power Profiles timer - -[Timer] -OnActiveSec=20s -OnUnitActiveSec=5m -Unit=battery.service - -[Install] -WantedBy=timers.target \ No newline at end of file diff --git a/.config/systemd/user/default.target.wants/pipewire.service b/.config/systemd/user/default.target.wants/pipewire.service deleted file mode 120000 index 47f171d..0000000 --- a/.config/systemd/user/default.target.wants/pipewire.service +++ /dev/null @@ -1 +0,0 @@ -/usr/lib/systemd/user/pipewire.service \ No newline at end of file diff --git a/.config/systemd/user/ff_nn.service b/.config/systemd/user/ff_nn.service deleted file mode 100644 index e92a1ec..0000000 --- a/.config/systemd/user/ff_nn.service +++ /dev/null @@ -1,39 +0,0 @@ -# /etc/systemd/system/ffnn.service -[Unit] -Description=sh*tbrowser -PartOf=sway-session.target -After=sway-session.target - -[Service] -; RemainAfterExit=yes - -; Security -; PrivateUsers=true -; ProtectKernelModules=yes -DevicePolicy=closed -ProtectHome=true -ProtectSystem=strict -ReadWritePaths=-%h/Downloads/firefox-nightly -ReadWritePaths=-%h/Downloads -NoNewPrivileges=true -ProtectProc=invisible -PrivateTmp=yes -LockPersonality=true -SystemCallArchitectures=native - -Environment=MOZ_ENABLE_WAYLAND=1 -Environment=MOZ_DBUS_REMOTE=1 -Environment=MOZ_USE_XINPUT2=1 -Environment=QT_QPA_PLATFORM=wayland -Environment=XDG_SESSION_TYPE=wayland -Environment=SDL_VIDEODRIVER=wayland -Environment=NO_AT_BRIDGE=1 -ExecStart= -ExecStart=-%h/Downloads/firefox-nightly/firefox-bin -; ExecStart=-%h/Downloads/firefox-nightly/firefox-bin -desktop -Restart=on-failure -StartLimitBurst=3 -StartLimitInterval=60s - -[Install] -WantedBy=sway-session.target diff --git a/.config/systemd/user/gopls.service b/.config/systemd/user/gopls.service deleted file mode 100644 index 7b910fb..0000000 --- a/.config/systemd/user/gopls.service +++ /dev/null @@ -1,31 +0,0 @@ -[Unit] -Description = Go language server. - -[Service] -ExecStartPre=bash -c "rm -v -f /tmp/.gopls-daemon.sock || true" -ExecStart=%h/go/bin/gopls -listen="unix;/tmp/.gopls-daemon.sock" -ExecStopPost=bash -c "rm -v -f /tmp/.gopls-daemon.sock || true" -; -remote.listen.timeout -Restart=on-failure -RestartSec=1m - -SystemCallFilter=~@reboot @obsolete - -ProtectProc=invisible -ProcSubset=pid -ProtectHome=true - -RestrictNamespaces=true - -NoNewPrivileges=yes -ProtectSystem=strict -DevicePolicy=closed -LockPersonality=true -MemoryDenyWriteExecute=true -RestrictAddressFamilies=AF_UNIX -RestrictRealtime=true -RestrictSUIDSGID=true -SystemCallArchitectures=native - -[Install] -WantedBy=default.target \ No newline at end of file diff --git a/.config/systemd/user/podman.service b/.config/systemd/user/podman.service deleted file mode 100644 index c07fff4..0000000 --- a/.config/systemd/user/podman.service +++ /dev/null @@ -1,19 +0,0 @@ -[Unit] -Description=Podman API Service -Requires=podman.socket -After=podman.socket -Documentation=man:podman-system-service(1) -StartLimitIntervalSec=0 - -[Service] -Slice=podman.slice -; Delegate=yes -Delegate=cpu cpuset memory pids io -Type=exec -KillMode=process -Environment=LOGGING="--log-level=info" -ExecStart=/usr/bin/podman --cgroup-manager=systemd $LOGGING system service - -[Install] -; WantedBy=multi-user.target -WantedBy=sway-session.target \ No newline at end of file diff --git a/.config/systemd/user/podman.slice b/.config/systemd/user/podman.slice deleted file mode 100644 index 1c423c4..0000000 --- a/.config/systemd/user/podman.slice +++ /dev/null @@ -1,18 +0,0 @@ -[Unit] -Description=Slice that limits podman resources -Before=slices.target -# refs: -# https://baykara.medium.com/docker-resource-management-via-cgroups-and-systemd-633b093a835c -# https://docs.docker.com/engine/reference/commandline/dockerd/#docker-runtime-execution-op> - -[Slice] -CPUAccounting=yes -# 100% is an equivalent of full utilization on a single core -# we allow for 85% here - applies to all docker.service-spawn -# processes cumulatively -# CPUQuota=85% -CPUQuota=50% -MemoryAccounting=yes -MemoryHigh=10G -MemoryMax=12G -MemorySwapMax=1G \ No newline at end of file diff --git a/.config/systemd/user/sockets.target.wants/pipewire-pulse.socket b/.config/systemd/user/sockets.target.wants/pipewire-pulse.socket deleted file mode 120000 index 45f6209..0000000 --- a/.config/systemd/user/sockets.target.wants/pipewire-pulse.socket +++ /dev/null @@ -1 +0,0 @@ -/usr/lib/systemd/user/pipewire-pulse.socket \ No newline at end of file diff --git a/.config/systemd/user/sockets.target.wants/pipewire.socket b/.config/systemd/user/sockets.target.wants/pipewire.socket deleted file mode 120000 index d871d81..0000000 --- a/.config/systemd/user/sockets.target.wants/pipewire.socket +++ /dev/null @@ -1 +0,0 @@ -/usr/lib/systemd/user/pipewire.socket \ No newline at end of file diff --git a/.config/systemd/user/sway-session.target b/.config/systemd/user/sway-session.target deleted file mode 100644 index 30151b3..0000000 --- a/.config/systemd/user/sway-session.target +++ /dev/null @@ -1,6 +0,0 @@ -[Unit] -Description=sway compositor session -Documentation=man:systemd.special(7) -BindsTo=graphical-session.target -Wants=graphical-session-pre.target -After=graphical-session-pre.target diff --git a/.config/systemd/user/sway-session.target.d/override.conf b/.config/systemd/user/sway-session.target.d/override.conf deleted file mode 100644 index 1387784..0000000 --- a/.config/systemd/user/sway-session.target.d/override.conf +++ /dev/null @@ -1,3 +0,0 @@ -[Unit] -Wants=xdg-desktop-autostart.target -Before=xdg-desktop-autostart.target diff --git a/.config/systemd/user/sway-session.target.wants/podman.service b/.config/systemd/user/sway-session.target.wants/podman.service deleted file mode 120000 index 3d3f888..0000000 --- a/.config/systemd/user/sway-session.target.wants/podman.service +++ /dev/null @@ -1 +0,0 @@ -../podman.service \ No newline at end of file diff --git a/.config/systemd/user/sway-session.target.wants/waybar.service b/.config/systemd/user/sway-session.target.wants/waybar.service deleted file mode 120000 index defcecf..0000000 --- a/.config/systemd/user/sway-session.target.wants/waybar.service +++ /dev/null @@ -1 +0,0 @@ -../waybar.service \ No newline at end of file diff --git a/.config/systemd/user/sway.service b/.config/systemd/user/sway.service deleted file mode 100644 index ec25e3a..0000000 --- a/.config/systemd/user/sway.service +++ /dev/null @@ -1,16 +0,0 @@ -[Unit] -Description=sway - SirCmpwn's Wayland window manager -# as per https://github.com/swaywm/sway/wiki/Systemd-integration#running-sway-itself-as-a---user-service -Documentation=man:sway(5) -BindsTo=graphical-session.target -Wants=graphical-session-pre.target -After=graphical-session-pre.target - -[Service] -Type=simple -EnvironmentFile=-%h/.config/sway/env -ExecStartPre=-source %h/.zprofile -ExecStart=/usr/bin/sway -Restart=on-failure -RestartSec=2 -TimeoutStopSec=10 \ No newline at end of file diff --git a/.config/systemd/user/timers.target.wants/battery.timer b/.config/systemd/user/timers.target.wants/battery.timer deleted file mode 120000 index 3cbc6fb..0000000 --- a/.config/systemd/user/timers.target.wants/battery.timer +++ /dev/null @@ -1 +0,0 @@ -/home/vis/.config/systemd/user/battery.timer \ No newline at end of file diff --git a/.config/systemd/user/tracker-extract-3.service b/.config/systemd/user/tracker-extract-3.service deleted file mode 120000 index dc1dc0c..0000000 --- a/.config/systemd/user/tracker-extract-3.service +++ /dev/null @@ -1 +0,0 @@ -/dev/null \ No newline at end of file diff --git a/.config/systemd/user/tracker-miner-fs-3.service b/.config/systemd/user/tracker-miner-fs-3.service deleted file mode 120000 index dc1dc0c..0000000 --- a/.config/systemd/user/tracker-miner-fs-3.service +++ /dev/null @@ -1 +0,0 @@ -/dev/null \ No newline at end of file diff --git a/.config/systemd/user/tracker-miner-fs-control-3.service b/.config/systemd/user/tracker-miner-fs-control-3.service deleted file mode 120000 index dc1dc0c..0000000 --- a/.config/systemd/user/tracker-miner-fs-control-3.service +++ /dev/null @@ -1 +0,0 @@ -/dev/null \ No newline at end of file diff --git a/.config/systemd/user/tracker-miner-rss-3.service b/.config/systemd/user/tracker-miner-rss-3.service deleted file mode 120000 index dc1dc0c..0000000 --- a/.config/systemd/user/tracker-miner-rss-3.service +++ /dev/null @@ -1 +0,0 @@ -/dev/null \ No newline at end of file diff --git a/.config/systemd/user/tracker-writeback-3.service b/.config/systemd/user/tracker-writeback-3.service deleted file mode 120000 index dc1dc0c..0000000 --- a/.config/systemd/user/tracker-writeback-3.service +++ /dev/null @@ -1 +0,0 @@ -/dev/null \ No newline at end of file diff --git a/.config/systemd/user/tracker-xdg-portal-3.service b/.config/systemd/user/tracker-xdg-portal-3.service deleted file mode 120000 index dc1dc0c..0000000 --- a/.config/systemd/user/tracker-xdg-portal-3.service +++ /dev/null @@ -1 +0,0 @@ -/dev/null \ No newline at end of file diff --git a/.config/systemd/user/waybar.service b/.config/systemd/user/waybar.service deleted file mode 100644 index f4b8986..0000000 --- a/.config/systemd/user/waybar.service +++ /dev/null @@ -1,17 +0,0 @@ -# ~/.config/systemd/user/waybar.service or /etc/systemd/user/waybar.service -[Unit] -Description=Highly customizable Wayland bar for Sway and Wlroots based compositors. -Documentation=https://github.com/Alexays/Waybar/wiki/ -#PartOf=graphical-session.target -PartOf=sway-session.target -After=sway-session.target - -[Service] -ExecStart=/usr/bin/waybar -# Upstreamed in https://github.com/Alexays/Waybar/pull/1036 -ExecReload=kill -SIGUSR2 $MAINPID -Restart=on-failure -RestartSec=5s - -[Install] -WantedBy=sway-session.target \ No newline at end of file diff --git a/.config/systemd/user/waybar.service.d/override.conf b/.config/systemd/user/waybar.service.d/override.conf deleted file mode 100644 index 3e9cc7d..0000000 --- a/.config/systemd/user/waybar.service.d/override.conf +++ /dev/null @@ -1,2 +0,0 @@ -[Service] -Environment=PATH=%h/bin:/usr/local/bin:/usr/bin \ No newline at end of file diff --git a/home-surtur.nix b/home-surtur.nix index a683229..fe42ece 100644 --- a/home-surtur.nix +++ b/home-surtur.nix @@ -6,6 +6,7 @@ ... }: let hostName = "surtur"; + swayTgt = "sway-session.target"; in { home.username = "$USER"; home.sessionVariables.HOSTNAME = "${hostName}"; @@ -28,16 +29,35 @@ in { statix niv rnix-lsp + + exa + ripgrep + starship + sheldon duf dua du-dust + b3sum + cargo-watch zellij cloak headscale btop sops neovim + + nautilus-open-any-terminal + + dhall ccache + + zathura + autotiling + bemenu + swayr + kanshi + waybar + albert ]; homeage = { @@ -78,6 +98,362 @@ in { ./nix/programs.nix ]; + services = { + kdeconnect = { + enable = true; + indicator = true; + }; + }; + + systemd.user.services = { + kanshi = { + Unit = { + Description = "Dynamic output configuration for Wayland compositors"; + # Documentation = "man:kanshi(1)"; + Documentation = "https://sr.ht/~emersion/kanshi"; + BindsTo = config.services.kanshi.systemdTarget; + }; + + Service = { + Type = "simple"; + # ExecStart = "/usr/sbin/kanshi"; + ExecStart = "${config.services.kanshi.package}/bin/kanshi"; + Restart = "always"; + RestartSec = "5s"; + LockPersonality = true; + PrivateTmp = "yes"; + DevicePolicy = "closed"; + }; + + Install = {WantedBy = [config.services.kanshi.systemdTarget];}; + }; + + waybar = { + Unit = { + Description = "Highly customizable Wayland bar for Sway and Wlroots based compositors."; + Documentation = "https://github.com/Alexays/Waybar/wiki/"; + PartOf = swayTgt; + After = swayTgt; + }; + + Service = { + ExecStart = "${pkgs.waybar}/bin/waybar"; + # ExecReload = "kill -SIGUSR2 $MAINPID"; + ExecReload = "kill -SIGUSR2 ''$MAINPID"; + Restart = "on-failure"; + RestartSec = "3s"; + LockPersonality = true; + PrivateTmp = "yes"; + DevicePolicy = "closed"; + }; + + Install = {WantedBy = [swayTgt];}; + }; + + autotiling = { + Unit = { + Description = "Script for sway and i3 to automatically switch the horizontal / vertical window split orientation"; + Documentation = "https://github.com/nwg-piotr/autotiling"; + BindsTo = swayTgt; + }; + + Service = { + Type = "simple"; + ExecStart = "${pkgs.autotiling}/bin/autotiling"; + Restart = "always"; + RestartSec = "5s"; + LockPersonality = true; + PrivateTmp = "yes"; + DevicePolicy = "closed"; + }; + + Install = {WantedBy = [swayTgt];}; + }; + + albert = { + Unit = { + Description = "A C++/Qt based desktop agnostic keyboard launcher that helps you to accomplish your workflows in a breeze"; + Documentation = "https://albertlauncher.github.io/"; + BindsTo = swayTgt; + }; + + Service = { + Type = "simple"; + # after hm stateVersion bump to 23.05, albert doesn't seem to support explicit wayland. + Environment = "QT_QPA_PLATFORM=xcb"; + ExecStart = "${pkgs.albert}/bin/albert"; + Restart = "always"; + RestartSec = "3s"; + LockPersonality = true; + PrivateTmp = "yes"; + DevicePolicy = "closed"; + }; + + Install = {WantedBy = [swayTgt];}; + }; + + gopls = { + Unit = { + Description = "Go language server"; + }; + + Service = { + Type = "simple"; + ExecStartPre = "bash -c 'rm -v -f /tmp/.gopls-daemon.sock || true'"; + ExecStart = "%h/go/bin/gopls -listen='unix;/tmp/.gopls-daemon.sock'"; + ExecStopPost = "bash -c 'rm -v -f /tmp/.gopls-daemon.sock || true'"; + Restart = "on-failure"; + RestartSec = "1m"; + TimeoutStopFailureMode = "abort"; + SystemCallFilter = "~@reboot @obsolete"; + ProtectProc = "invisible"; + ProcSubset = "pid"; + ProtectHome = true; + RestrictNamespaces = true; + NoNewPrivileges = "yes"; + ProtectSystem = "strict"; + DevicePolicy = "closed"; + LockPersonality = true; + MemoryDenyWriteExecute = true; + #RestrictAddressFamilies="AF_UNIX AF_INET AF_INET6"; + RestrictAddressFamilies = "AF_UNIX"; + RestrictRealtime = true; + RestrictSUIDSGID = true; + SystemCallArchitectures = "native"; + }; + + # Install = {WantedBy = [swayTgt];}; + Install = {WantedBy = ["default.target"];}; + }; + + ff_nn = { + Unit = { + Description = "sh*tbrowser"; + PartOf = swayTgt; + After = swayTgt; + }; + + Service = { + # Type = "simple"; + Environment = [ + "MOZ_ENABLE_WAYLAND=1" + "MOZ_DBUS_REMOTE=1" + "MOZ_USE_XINPUT2=1" + "QT_QPA_PLATFORM=wayland" + "XDG_SESSION_TYPE=wayland" + "SDL_VIDEODRIVER=wayland" + "NO_AT_BRIDGE=1" + ]; + ExecStart = "-%h/Downloads/firefox-nightly/firefox-bin -desktop"; + Restart = "on-failure"; + RestartSec = "5s"; + StartLimitBurst = 3; + StartLimitInterval = "60s"; + TimeoutStopFailureMode = "abort"; + # RestrictNamespaces=true; + DevicePolicy = "closed"; + ProtectHome = true; + ProtectSystem = "strict"; + ReadWritePaths = [ + "-%h/Downloads/firefox-nightly" + "-%h/Downloads" + ]; + NoNewPrivileges = true; + ProtectProc = "invisible"; + # ProcSubset = "pid"; + PrivateTmp = "yes"; + LockPersonality = true; + SystemCallFilter = "~@reboot @obsolete"; + SystemCallArchitectures = "native"; + }; + + Install = {WantedBy = [swayTgt];}; + }; + + battery = { + Unit = { + Description = "Power Profiles service"; + PartOf = swayTgt; + }; + + Service = { + Type = "simple"; + ExecStart = "%h/.local/bin/battery.sh"; + Restart = "on-failure"; + RestartSec = "15s"; + TimeoutStopFailureMode = "abort"; + LockPersonality = true; + PrivateTmp = "yes"; + DevicePolicy = "closed"; + }; + }; + + nextcloud = { + Unit = { + Description = "Podman container Nextcloud"; + PartOf = swayTgt; + Wants = "network-online.target"; + After = "network-online.target"; + RequiresMountsFor = "/run/user/1000/containers"; + }; + + Service = { + CPUQuota = "2%"; + Slice = "nextcloud.slice"; + Environment = "PODMAN_SYSTEMD_UNIT=%n"; + Restart = "on-failure"; + RestartSec = 5; + TimeoutStartSec = 600; + # TimeoutStopSec=10; + ExecStartPre = "/usr/bin/podman-compose -f %h/.nextcloud/docker-compose.yml -p nextcloud down"; + ExecStart = "/usr/bin/podman-compose -f %h/.nextcloud/docker-compose.yml -p nextcloud up --remove-orphans"; + ExecStop = "/usr/bin/podman-compose -f %h/.nextcloud/docker-compose.yml -p nextcloud down"; + Type = "simple"; + Delegate = "no"; + ProtectSystem = "strict"; + ProtectProc = "invisible"; + ProcSubset = "pid"; + DevicePolicy = "closed"; + NoNewPrivileges = true; + LockPersonality = true; + InaccessiblePaths = [ + "-/lost+found" + "/dev/shm" + "-%h/.ssh" + ]; + KeyringMode = "private"; + SystemCallFilter = "~memfd_create @reboot"; + TimeoutStopFailureMode = "abort"; + }; + + Install = { + WantedBy = ["default.target"]; + }; + }; + + trackerMask = { + Unit = {Description = "";}; + + Service = { + Type = "oneshot"; + ExecStart = "bash -c 'systemctl --user mask tracker-extract-3.service tracker-miner-fs-3.service tracker-miner-rss-3.service tracker-writeback-3.service tracker-xdg-portal-3.service tracker-miner-fs-control-3.service'"; + DevicePolicy = "closed"; + NoNewPrivileges = true; + LockPersonality = true; + InaccessiblePaths = [ + "-/lost+found" + "/dev/shm" + "-%h/.ssh" + ]; + KeyringMode = "private"; + }; + }; + + appr120Mask = { + Unit = {Description = "";}; + + Service = { + Type = "oneshot"; + ExecStart = "bash -c 'systemctl --user mask app-r120@autostart'"; + DevicePolicy = "closed"; + NoNewPrivileges = true; + LockPersonality = true; + InaccessiblePaths = [ + "-/lost+found" + "/dev/shm" + "-%h/.ssh" + ]; + KeyringMode = "private"; + }; + }; + }; + + systemd.user.slices = { + chromium = { + Unit = { + Description = "Slice that limits chromium's resources"; + Before = "slices.target"; + }; + Slice = { + CPUAccounting = "yes"; + CPUQuota = "220%"; + + MemoryAccounting = "yes"; + MemoryHigh = "6G"; + MemoryMax = "6.1G"; + }; + }; + + nextcloud = { + Unit = {Description = "Slice that limits nextcloud's resources";}; + Slice = { + MemoryAccounting = "yes"; + # MemoryHigh works only in "unified" cgroups mode, NOT in "hybrid" mode + MemoryHigh = "250M"; + # MemoryMax works in "hybrid" cgroups mode, too + MemoryMax = "300M"; + + CPUAccounting = "yes"; + # CPUQuota=15%; + CPUQuota = "3%"; + }; + }; + + podman = { + # refs: + # https://baykara.medium.com/docker-resource-management-via-cgroups-and-systemd-633b093a835c + # https://docs.docker.com/engine/reference/commandline/dockerd/#docker-runtime-execution-op> + Unit = { + Description = "Slice that limits podman resources"; + Before = "slices.target"; + }; + + Slice = { + MemoryAccounting = "yes"; + MemoryHigh = "10G"; + MemoryMax = "12G"; + MemorySwapMax = "1G"; + + # 100% is an equivalent of full utilization on a single core + # we allow for 85% here - applies to all docker.service-spawn + # processes cumulatively + CPUAccounting = "yes"; + # CPUQuota=85%; + CPUQuota = "50%"; + }; + }; + }; + + systemd.user.timers = { + battery = { + Unit = { + Description = "Power Profiles timer"; + }; + + Timer = { + OnActiveSec = "20s"; + OnUnitActiveSec = "5m"; + Unit = "battery.service"; + }; + Install = { + WantedBy = ["timers.target"]; + }; + }; + }; + + systemd.user.targets = { + sway-session = { + Unit = { + Description = "Sway compositor session"; + Documentation = "man:systemd.special(7)"; + BindsTo = "graphical-session.target"; + Wants = "graphical-session-pre.target"; + After = "graphical-session-pre.target"; + Before = "xdg-desktop-autostart.target"; + }; + }; + }; + home.file = { ".config/kitty/kitty.conf" = { source = .config/kitty/kitty.conf; @@ -100,6 +476,14 @@ in { source = ./.config/nvim/init.vim; }; + ".config/systemd/user.conf" = { + text = '' + [Manager] + DefaultTimeoutStarSec=15s + DefaultTimeoutStopSec=15s + ''; + }; + ".config/sway/config" = { source = ./.config/sway/config; }; @@ -134,6 +518,10 @@ in { source = ./bin/sway-locker; }; + ".config/albert.conf" = { + source = ./.config/albert/albert.conf; + }; + ".config/direnv/direnv.toml" = { source = ./.config/direnv/direnv.toml; };