From 94c6d717b0e5d35556e5686b0b2677eb1fbb7753 Mon Sep 17 00:00:00 2001 From: Evie Litherland-Smith Date: Mon, 8 Jul 2024 08:58:32 +0100 Subject: [PATCH] Use libsecret for mbsync and git-credential-helper Add gnome-keyring as libsecret backend, swap git-credential-helper and mbsync to using libsecret/secret-tool. Add helper script to check for and request mbsync passwords if missing. Add GNOME Seahorse for viewing passwords graphically. Remove email/work.nix and merge back into default.nix Don't auto start protonmail-bridge, use the GUI instead so it doesn't need to unlock all my keychains immediately Move 3D modelling software to Vanguard only, instead of all personal devices. Move waybar back to top of screen and adjust all corner radii to 5px from 10px Re-enable swayfx blur_ignore_transparent now that it's added to nixpkgs, re-enable shadows --- README.org | 35 +++------ home/Vanguard.nix | 5 ++ home/default.nix | 8 +- home/desktop/default.nix | 78 ++++++++++--------- home/desktop/fuzzel/default.nix | 2 +- home/desktop/mako/default.nix | 2 +- home/desktop/mimeapps.nix | 4 +- home/desktop/rofi/default.nix | 8 +- home/desktop/sway/default.nix | 35 +++++---- home/desktop/swaync/default.nix | 12 +-- home/desktop/waybar/default.nix | 9 +-- home/personal.nix | 11 +-- home/scripts/shell/rsync-local-config.sh | 2 +- home/services/email/default.nix | 92 ++++++++++++++++++++--- home/services/email/mbsync-ensure-pass.sh | 15 ++++ home/services/email/work.nix | 77 ------------------- home/services/password-store/default.nix | 3 - home/shell/git.nix | 7 +- system/desktop.nix | 21 +++++- 19 files changed, 221 insertions(+), 205 deletions(-) create mode 100644 home/services/email/mbsync-ensure-pass.sh delete mode 100644 home/services/email/work.nix diff --git a/README.org b/README.org index 07bd4bcb..ba035666 100644 --- a/README.org +++ b/README.org @@ -22,38 +22,25 @@ NixOS system), run: #+end_src ** Clone password-store repository #+begin_src bash - git -c credential.helper='' clone https://git.xenia.me.uk/pixelifytica/pass $PASSWORD_STORE_DIR + git clone https://git.xenia.me.uk/pixelifytica/pass $PASSWORD_STORE_DIR #+end_src * Email setup +** Passwords for mbsync +Run src_bash{mbsync-ensure-pass} to check for passwords required by +~mbsync~, and query for missing passwords. + +Static app-specific passwords are stored in ~password-store~, fetch from +there to add to secret service. ** Proton *** Bridge Start Proton Mail Bridge application, if needed configure to store using =SecretService= and log in. Application will auto-start with -plasma session. -*** Password -Get password from ~protonmail-bridge~, save to ~password-store~: -#+begin_src bash - pass insert mbsync/$(hostname)/proton - # Insert pass at prompt -#+end_src -** iCloud -*** Password -If not already done, save password to ~password-store~: -#+begin_src bash - pass insert mbsync/$(hostname)/icloud - # Insert pass at prompt -#+end_src -This will be synced across devices so only needs doing once +desktop session. + +Use password from Bridge for ~mbsync~. ** Outlook -*** Password -If not already done, save password to ~password-store~: -#+begin_src bash - pass insert mbsync/$(hostname)/outlook - # Insert pass at prompt -#+end_src -This will be synced across devices so only needs doing once -*** Configuration +*** Davmail Run src_bash{davmail-setup} to automate this process. On first run (or if token expires), stop systemd service and run manually to complete manual auth. Token will stay valid for a little while (no idea how long specifically). diff --git a/home/Vanguard.nix b/home/Vanguard.nix index c0661e12..4a2eaa9a 100644 --- a/home/Vanguard.nix +++ b/home/Vanguard.nix @@ -4,6 +4,11 @@ ./games/default.nix ./streaming/default.nix ]; + home.packages = with pkgs; [ + blender + freecad + prusa-slicer + ]; wayland.windowManager.sway.config = { output = { "Microstep MSI G27CQ4 E2 Unknown" = { diff --git a/home/default.nix b/home/default.nix index 9a1527f1..3c807c7e 100644 --- a/home/default.nix +++ b/home/default.nix @@ -1,8 +1,4 @@ -{ - config, - lib, - ... -}: { +{...}: { imports = [ # Programs ./desktop/default.nix @@ -10,7 +6,7 @@ ./emacs/default.nix ./browser/default.nix # Services - ./services/email/work.nix # TODO combine again at some point + ./services/email/default.nix ./services/password-store/default.nix # Additional Scripts ./scripts/default.nix diff --git a/home/desktop/default.nix b/home/desktop/default.nix index 67d7068d..04ee4530 100644 --- a/home/desktop/default.nix +++ b/home/desktop/default.nix @@ -6,7 +6,6 @@ }: { imports = [ ./sway/default.nix - ./foot/default.nix ./alacritty/default.nix ./avizo/default.nix ./fuzzel/default.nix @@ -16,34 +15,51 @@ ./waybar/default.nix ./wlogout/default.nix ]; - home.packages = with pkgs; [ - pinentry - ffmpeg - evince - libreoffice-fresh - inkscape - webcord - teams-for-linux - swayimg - swaybg - (writeShellScriptBin "set-background" '' - ${swaybg}/bin/swaybg -m fill -i ${./wallpapers/landscapes/tropic_island_day.jpg} - '') - (writeShellScriptBin "protonmail-setup-bridge" '' - pkill -9 -f protonmail-bridge - ${protonmail-bridge}/bin/protonmail-bridge -c - swaymsg exec "${protonmail-bridge}/bin/protonmail-bridge -n" - '') - (writeShellScriptBin "davmail-setup" '' - systemctl --user restart davmail # Ensure config file is present - systemctl --user stop davmail - ${davmail}/bin/davmail -n ~/.davmail.properties - systemctl --user restart davmail - '') - ]; + home = { + pointerCursor = let + name = + if config.scheme.variant == "light" + then "volantes_cursors" + else "volantes_light_cursors"; + in { + inherit name; + package = pkgs.volantes-cursors; + size = 32; + gtk.enable = true; + x11 = { + enable = true; + defaultCursor = name; + }; + }; + packages = with pkgs; [ + pinentry-gnome3 + gnome.seahorse + ffmpeg + evince + libreoffice-fresh + inkscape + webcord + teams-for-linux + grim + slurp + swayimg + swaybg + (writeShellScriptBin "protonmail-setup-bridge" '' + pkill -9 -f protonmail-bridge + ${protonmail-bridge}/bin/protonmail-bridge -c + swaymsg exec "${protonmail-bridge}/bin/protonmail-bridge -n" + '') + (writeShellScriptBin "davmail-setup" '' + systemctl --user restart davmail # Ensure config file is present + systemctl --user stop davmail + ${davmail}/bin/davmail -n ~/.davmail.properties + systemctl --user restart davmail + '') + ]; + }; services = { avizo.enable = true; - gpg-agent.pinentryPackage = pkgs.pinentry-gtk2; + gpg-agent.pinentryPackage = pkgs.pinentry-gnome3; syncthing.enable = true; kdeconnect = { enable = true; @@ -66,14 +82,6 @@ then "Papirus-Light" else "Papirus-Dark"; }; - cursorTheme = { - package = pkgs.volantes-cursors; - name = - if config.scheme.variant == "light" - then "volantes_cursors" - else "volantes_light_cursors"; - size = 32; - }; theme = { package = pkgs.gnome.gnome-themes-extra; name = diff --git a/home/desktop/fuzzel/default.nix b/home/desktop/fuzzel/default.nix index ebbd5975..0279039c 100644 --- a/home/desktop/fuzzel/default.nix +++ b/home/desktop/fuzzel/default.nix @@ -39,7 +39,7 @@ }; border = { width = 1; - radius = 10; + radius = 5; }; }; }; diff --git a/home/desktop/mako/default.nix b/home/desktop/mako/default.nix index 1161bb88..264ab892 100644 --- a/home/desktop/mako/default.nix +++ b/home/desktop/mako/default.nix @@ -19,7 +19,7 @@ progressColor = "over ${sc.red}ff"; backgroundColor = "${sc.base00}cc"; borderColor = "${sc.${accentColourName}}ff"; - borderRadius = 10; + borderRadius = 5; borderSize = 1; defaultTimeout = 0; }; diff --git a/home/desktop/mimeapps.nix b/home/desktop/mimeapps.nix index 5f1aa6c9..213ba5e2 100644 --- a/home/desktop/mimeapps.nix +++ b/home/desktop/mimeapps.nix @@ -72,6 +72,6 @@ in { "x-scheme-handler/ms-powerpoint" = ["impress.desktop"]; "x-scheme-handler/ms-excel" = ["calc.desktop"]; "x-scheme-handler/msteams" = ["teams-for-linux.desktop"] ++ browser; - "x-scheme-handler/zoomus" = ["Zoom.desktop"] ++ browser; - "x-scheme-handler/zoommtg" = ["Zoom.desktop"] ++ browser; + "x-scheme-handler/zoomus" = browser; + "x-scheme-handler/zoommtg" = browser; } diff --git a/home/desktop/rofi/default.nix b/home/desktop/rofi/default.nix index fc1174fd..429fbb08 100644 --- a/home/desktop/rofi/default.nix +++ b/home/desktop/rofi/default.nix @@ -57,7 +57,7 @@ width = mkLiteral "75%"; border = mkLiteral "1px"; border-color = border; - border-radius = mkLiteral "10px"; + border-radius = mkLiteral "5px"; background-color = bg; }; @@ -70,7 +70,7 @@ background-color = bg2; padding = mkLiteral "6px"; text-color = blue; - border-radius = mkLiteral "10px"; + border-radius = mkLiteral "5px"; margin = mkLiteral "20px 0px 0px 20px"; }; @@ -103,7 +103,7 @@ "element selected" = { background-color = bg2; text-color = blue; - border-radius = mkLiteral "10px"; + border-radius = mkLiteral "5px"; }; mode-switcher = { @@ -113,7 +113,7 @@ button = { padding = mkLiteral "10px"; text-color = fg2; - border-radius = mkLiteral "10px"; + border-radius = mkLiteral "5px"; vertical-align = mkLiteral "0.5"; horizontal-align = mkLiteral "0.5"; }; diff --git a/home/desktop/sway/default.nix b/home/desktop/sway/default.nix index 535a0404..aafbeb41 100644 --- a/home/desktop/sway/default.nix +++ b/home/desktop/sway/default.nix @@ -5,7 +5,12 @@ fonts, accentColourName, ... -}: { +}: let + set-background = pkgs.writeShellScriptBin "set-background" '' + ${pkgs.swaybg}/bin/swaybg -m fill -i ${./wallpapers/landscapes/tropic_island_day.jpg} + ''; +in { + home.packages = [set-background]; programs.waybar.systemd.target = "sway-session.target"; services.kanshi.systemdTarget = "sway-session.target"; wayland.windowManager.sway = { @@ -81,8 +86,7 @@ }; startup = [ {command = "${pkgs.libsForQt5.polkit-kde-agent}/libexec/polkit-kde-authentication-agent-1";} - {command = "${pkgs.protonmail-bridge}/bin/protonmail-bridge -n";} - {command = "set-background";} + {command = "${set-background}/bin/set-background";} ]; window = { border = 1; @@ -159,23 +163,22 @@ extraConfig = '' bindgesture swipe:right workspace prev bindgesture swipe:left workspace next - corner_radius 10 + corner_radius 5 blur enable blur_xray disable blur_passes 3 blur_radius 5 - corner_radius 10 - shadows disable - shadow_blur_radius 0 - layer_effects "system-menu" blur enable; shadows disable - layer_effects "gtk-layer-shell" blur enable; shadows disable - layer_effects "notifications" blur enable; shadows disable - layer_effects "launcher" blur enable; shadows disable - layer_effects "logout_dialog" blur enable; shadows disable - layer_effects "waybar" blur enable; shadows disable - layer_effects "avizo" blur enable; shadows disable - layer_effects "swaync-notification-window" blur enable; shadows disable - layer_effects "swaync-control-center" blur enable; shadows disable + shadows enable + shadow_blur_radius 5 + layer_effects "system-menu" blur enable; blur_ignore_transparent enable; shadows enable + layer_effects "gtk-layer-shell" blur enable; blur_ignore_transparent enable; shadows enable + layer_effects "notifications" blur enable; blur_ignore_transparent enable; shadows enable + layer_effects "launcher" blur enable; blur_ignore_transparent enable; shadows enable + layer_effects "logout_dialog" blur enable; blur_ignore_transparent enable; shadows enable + layer_effects "waybar" blur enable; blur_ignore_transparent enable; shadows enable + layer_effects "avizo" blur enable; blur_ignore_transparent enable; shadows enable + layer_effects "swaync-notification-window" blur enable; blur_ignore_transparent enable; shadows enable + layer_effects "swaync-control-center" blur enable; blur_ignore_transparent enable; shadows enable titlebar_separator enable ''; }; diff --git a/home/desktop/swaync/default.nix b/home/desktop/swaync/default.nix index 102a9836..42f78b1c 100644 --- a/home/desktop/swaync/default.nix +++ b/home/desktop/swaync/default.nix @@ -20,7 +20,7 @@ } .floating-notifications.background .notification-row .notification-background { - border-radius: 10px; + border-radius: 5px; border: 1px solid ${sc.${accentColourName}}; margin: 18px; background-color: ${alpha-background}; @@ -33,7 +33,7 @@ .notification-background .notification { padding: 7px; - border-radius: 10px; + border-radius: 5px; } .floating-notifications.background @@ -87,7 +87,7 @@ > *:last-child > * .notification-action { - border-radius: 10px; + border-radius: 5px; background-color: ${sc.base01}; color: ${sc.base05}; margin: 7px; @@ -121,7 +121,7 @@ .close-button { margin: 7px; padding: 2px; - border-radius: 10px; + border-radius: 5px; background-color: ${sc.red}; color: ${sc.base00}; } @@ -143,7 +143,7 @@ } .control-center { - border-radius: 10px; + border-radius: 5px; border: 1px solid ${sc.${accentColourName}}; margin: 18px; background-color: ${alpha-background}; @@ -174,7 +174,7 @@ } .control-center .notification-row .notification-background { - border-radius: 10px; + border-radius: 5px; background-color: ${sc.base01}; color: ${sc.base05}; margin-top: 14px; diff --git a/home/desktop/waybar/default.nix b/home/desktop/waybar/default.nix index 907a39c6..b0035bba 100644 --- a/home/desktop/waybar/default.nix +++ b/home/desktop/waybar/default.nix @@ -15,7 +15,7 @@ settings.main = { name = "main"; layer = "top"; - position = "bottom"; + position = "top"; # Layout "modules-left" = [ "sway/workspaces" @@ -64,7 +64,6 @@ "rewrite" = { "(.*) - GNU Emacs at (.*)" = " $1 [$2]"; "(alacritty.*)" = " $1"; - "(foot.*)" = " $1"; "(.*) - mpv" = "󰦟 $1"; "swayimg: (.*)" = "󰋩 $1"; "(btm)" = " Resource Usage [$1]"; @@ -260,16 +259,16 @@ window > box { color: ${sc.base05}; background: alpha(${sc.base00}, ${alpha}); - margin: 0px 5px 5px; + margin: 5px 5px 0px; padding: 0px; border-top: 1px solid ${sc.base04}; - border-radius: 10px; + border-radius: 5px; } tooltip { background: ${sc.base00}; border: 1px solid ${sc.${accentColourName}}; - border-radius: 10px; + border-radius: 5px; box-shadow: none; } diff --git a/home/personal.nix b/home/personal.nix index fcf7666d..64629674 100644 --- a/home/personal.nix +++ b/home/personal.nix @@ -1,10 +1 @@ -{pkgs, ...}: { - home.packages = with pkgs; - with kdePackages; [ - blender - freecad - prusa-slicer - ktorrent - noson - ]; -} +{...}: {} diff --git a/home/scripts/shell/rsync-local-config.sh b/home/scripts/shell/rsync-local-config.sh index d7184e70..021a906b 100755 --- a/home/scripts/shell/rsync-local-config.sh +++ b/home/scripts/shell/rsync-local-config.sh @@ -1,6 +1,6 @@ HOSTS=("$@") # Config files -for TARGET in bat bottom git starship.toml; do +for TARGET in bat starship.toml; do SOURCE="$HOME/.config/$TARGET" echo "--- $SOURCE ---" TMP_TARGET=/tmp/rsync-local-config diff --git a/home/services/email/default.nix b/home/services/email/default.nix index 7bb80c47..da40c664 100644 --- a/home/services/email/default.nix +++ b/home/services/email/default.nix @@ -1,19 +1,30 @@ { + config, pkgs, - hostname, ... }: { - home.packages = with pkgs; [protonmail-bridge-gui]; + home.packages = with pkgs; [ + protonmail-bridge-gui + (writeShellScriptBin "mbsync-ensure-pass" + (builtins.readFile ./mbsync-ensure-pass.sh)) + (writeShellScriptBin "davmail-setup" '' + systemctl --user restart davmail # Ensure config file is present + systemctl --user stop davmail + ${davmail}/bin/davmail -n ~/.davmail.properties + systemctl --user restart davmail + '') + ]; accounts.email = { maildirBasePath = "Mail"; accounts = let realName = "Evie Litherland-Smith"; in { proton = let + address = "e.litherlandsmith@proton.me"; host = "127.0.0.1"; tls.enable = false; - in rec { - inherit realName; + in { + inherit realName address; primary = true; maildir.path = "Proton"; imap = { @@ -24,10 +35,9 @@ inherit host tls; port = 1025; }; - address = "e.litherlandsmith@proton.me"; aliases = ["evie@xenia.me.uk" "evie@litherlandsmith.slmail.me"]; userName = address; - passwordCommand = "${pkgs.pass}/bin/pass show mbsync/${hostname}/proton | head -n1"; + passwordCommand = "${pkgs.libsecret}/bin/secret-tool lookup email ${address}"; mu.enable = true; msmtp = { enable = true; @@ -46,15 +56,16 @@ extraConfig.account.AuthMechs = "LOGIN"; }; }; - icloud = rec { - inherit realName; + icloud = let + address = "e.litherlandsmith@icloud.com"; + in { + inherit realName address; primary = false; maildir.path = "iCloud"; imap.host = "imap.mail.me.com"; smtp.host = "smtp.mail.me.com"; - address = "e.litherlandsmith@icloud.com"; userName = address; - passwordCommand = "${pkgs.pass}/bin/pass show mbsync/${hostname}/icloud | head -n1"; + passwordCommand = "${pkgs.libsecret}/bin/secret-tool lookup email ${address}"; mu.enable = true; msmtp.enable = true; mbsync = { @@ -66,6 +77,50 @@ subFolders = "Verbatim"; }; }; + outlook = let + address = "evie.litherland-smith@ukaea.uk"; + host = "127.0.0.1"; + tls.enable = false; + in { + inherit realName address; + primary = false; + maildir.path = "Outlook"; + imap = { + inherit host tls; + port = 1144; + }; + smtp = { + inherit host tls; + port = 1026; + }; + aliases = ["elitherl@jet.uk"]; + userName = address; + passwordCommand = "${pkgs.libsecret}/bin/secret-tool lookup email ${address}"; + mu.enable = true; + msmtp = { + enable = true; + extraConfig = { + tls = "off"; + auth = "login"; + }; + }; + mbsync = { + enable = true; + create = "both"; + expunge = "both"; + remove = "both"; + patterns = [ + "*" + "!Conversation History" + "!Snoozed" + "!Social Activity Notifications" + "!Sync Issues*" + "!Unsent Messages" + ]; + subFolders = "Verbatim"; + extraConfig.account.AuthMechs = "LOGIN"; + }; + }; }; }; programs = { @@ -76,7 +131,24 @@ groups.inboxes = { proton = ["INBOX"]; icloud = ["INBOX"]; + outlook = ["INBOX"]; }; }; }; + systemd.user.services.davmail = { + Unit = { + Description = "Davmail server"; + Wants = ["network-online.target"]; + After = ["network-online.target"]; + }; + Service = { + Environment = ["PATH=/run/current-system/sw/bin/:$PATH"]; + Restart = "always"; + ExecStartPre = with config.home; '' + /bin/sh -c "if [ ! -f ${homeDirectory}/.davmail.properties ]; then cp ${./davmail.properties} ${homeDirectory}/.davmail.properties; fi; chmod 644 ${homeDirectory}/.davmail.properties" + ''; + ExecStart = "${pkgs.davmail}/bin/davmail -notray ${config.home.homeDirectory}/.davmail.properties"; + }; + Install.WantedBy = ["default.target"]; + }; } diff --git a/home/services/email/mbsync-ensure-pass.sh b/home/services/email/mbsync-ensure-pass.sh new file mode 100644 index 00000000..71ac03f5 --- /dev/null +++ b/home/services/email/mbsync-ensure-pass.sh @@ -0,0 +1,15 @@ +EMAIL_ADDRESSES=( + e.litherlandsmith@proton.me + e.litherlandsmith@icloud.com + evie.litherland-smith@ukaea.uk +) +LABELS=("Proton" "iCloud" "Outlook") + +for i in "${!EMAIL_ADDRESSES[@]}"; do + ADDRESS="${EMAIL_ADDRESSES[$i]}" + LABEL="${LABELS[$i]}" + secret-tool lookup email "$ADDRESS" >/dev/null || ( + echo "Setup $LABEL" + secret-tool store --label="$LABEL mail mbsync" email "$ADDRESS" + ) +done diff --git a/home/services/email/work.nix b/home/services/email/work.nix deleted file mode 100644 index f7b0d307..00000000 --- a/home/services/email/work.nix +++ /dev/null @@ -1,77 +0,0 @@ -{ - config, - pkgs, - hostname, - ... -}: { - imports = [./default.nix]; - home.packages = with pkgs; [ - (writeShellScriptBin "davmail-setup" '' - systemctl --user restart davmail # Ensure config file is present - systemctl --user stop davmail - ${davmail}/bin/davmail -n ~/.davmail.properties - systemctl --user restart davmail - '') - ]; - accounts.email.accounts.outlook = let - host = "127.0.0.1"; - tls.enable = false; - in rec { - inherit (config.accounts.email.accounts.proton) realName; - primary = false; - maildir.path = "Outlook"; - imap = { - inherit host tls; - port = 1144; - }; - smtp = { - inherit host tls; - port = 1026; - }; - address = "evie.litherland-smith@ukaea.uk"; - aliases = ["elitherl@jet.uk"]; - userName = address; - passwordCommand = "${pkgs.pass}/bin/pass show mbsync/${hostname}/outlook | head -n1"; - mu.enable = true; - msmtp = { - enable = true; - extraConfig = { - tls = "off"; - auth = "login"; - }; - }; - mbsync = { - enable = true; - create = "both"; - expunge = "both"; - remove = "both"; - patterns = [ - "*" - "!Conversation History" - "!Snoozed" - "!Social Activity Notifications" - "!Sync Issues*" - "!Unsent Messages" - ]; - subFolders = "Verbatim"; - extraConfig.account.AuthMechs = "LOGIN"; - }; - }; - programs.mbsync.groups.inboxes.outlook = ["INBOX"]; - systemd.user.services.davmail = { - Unit = { - Description = "Davmail server"; - Wants = ["network-online.target"]; - After = ["network-online.target"]; - }; - Service = { - Environment = ["PATH=/run/current-system/sw/bin/:$PATH"]; - Restart = "always"; - ExecStartPre = with config.home; '' - /bin/sh -c "if [ ! -f ${homeDirectory}/.davmail.properties ]; then cp ${./davmail.properties} ${homeDirectory}/.davmail.properties; fi; chmod 644 ${homeDirectory}/.davmail.properties" - ''; - ExecStart = "${pkgs.davmail}/bin/davmail -notray ${config.home.homeDirectory}/.davmail.properties"; - }; - Install.WantedBy = ["default.target"]; - }; -} diff --git a/home/services/password-store/default.nix b/home/services/password-store/default.nix index 0c340257..0eec40d8 100644 --- a/home/services/password-store/default.nix +++ b/home/services/password-store/default.nix @@ -18,9 +18,6 @@ PASSWORD_STORE_ENABLE_EXTENSIONS = "true"; }; }; - git.extraConfig.credential = { - helper = "${pkgs.pass-git-helper}/bin/pass-git-helper"; - }; }; services = { gpg-agent = rec { diff --git a/home/shell/git.nix b/home/shell/git.nix index 60f3b223..9a44ce07 100644 --- a/home/shell/git.nix +++ b/home/shell/git.nix @@ -1,10 +1,14 @@ { config, lib, + pkgs, ... }: { services.git-sync.enable = false; # Can't find pass for some reason... - programs.git = { + programs.git = let + package = pkgs.gitFull; + in { + inherit package; enable = true; userName = "Evie Litherland-Smith"; userEmail = lib.mkDefault "evie@xenia.me.uk"; @@ -30,6 +34,7 @@ pull.rebase = false; init.defaultBranch = "main"; merge.conflictstyle = "diff3"; + credential.helper = "${package}/bin/git-credential-libsecret"; diff = { colorMoved = "default"; gpg.textconv = "gpg --no-tty --decrypt"; diff --git a/system/desktop.nix b/system/desktop.nix index e7ee77a1..75f7d468 100644 --- a/system/desktop.nix +++ b/system/desktop.nix @@ -1,4 +1,5 @@ { + config, lib, pkgs, ... @@ -11,6 +12,7 @@ sessionVariables = { NIXOS_OZONE_WL = "1"; GRIM_DEFAULT_DIR = "$HOME/Pictures/Grim"; + QT_QPA_PLATFORM = lib.mkIf config.programs.sway.enable "wayland"; }; systemPackages = with pkgs; [ xdg-utils @@ -31,7 +33,17 @@ }; security = { polkit.enable = true; - pam.services.swaylock = {}; + pam = { + services.swaylock = {}; + loginLimits = [ + { + domain = "@users"; + item = "rtprio"; + type = "-"; + value = 1; + } + ]; + }; }; programs = { dconf.enable = true; @@ -41,7 +53,10 @@ file-roller.enable = true; thunar = { enable = true; - plugins = with pkgs.xfce; [thunar-archive-plugin thunar-volman]; + plugins = with pkgs.xfce; [ + thunar-archive-plugin + thunar-volman + ]; }; sway = { enable = true; @@ -59,8 +74,8 @@ gtk.iconCache.enable = true; qt = { enable = true; - platformTheme = "gnome"; style = "adwaita"; + platformTheme = "gnome"; }; services = { dbus.packages = with pkgs; [gcr];