diff --git a/home/default.nix b/home/default.nix index 795639d..d9d8743 100644 --- a/home/default.nix +++ b/home/default.nix @@ -1,7 +1,6 @@ # This file contains default settings used across different systems { imports = [ - ./hypridle ./hyprland ./hyprlock ./foot.nix @@ -9,5 +8,6 @@ ./terminal ./rofi ./sway + ./sway/swayidle.nix ]; } diff --git a/home/sway/swayidle.nix b/home/sway/swayidle.nix index d1fa0d7..d7010aa 100644 --- a/home/sway/swayidle.nix +++ b/home/sway/swayidle.nix @@ -1,26 +1,34 @@ -{ pkgs, ... }: { - services.swayidle = { - enable = true; - events = [ - { - event = "before-sleep"; - command = "${pkgs.swaylock}/bin/swaylock"; - } - { - event = "lock"; - command = "${pkgs.swaylock}/bin/swaylock"; - } - ]; - timeouts = [ - { - timeout = 300; - command = "${pkgs.swaylock}/bin/swaylock"; - } - { - timeout = 1200; - command = "${pkgs.systemd}/bin/systemctl hibernate"; - } - ]; - }; + pkgs, + lib, + config, + ... +}: +lib.mkIf config.services.swayidle.enable { + services.swayidle = + let + locker = "${pkgs.hyprlock}/bin/hyprlock"; + in + { + events = [ + { + event = "before-sleep"; + command = locker; + } + { + event = "lock"; + command = locker; + } + ]; + timeouts = [ + { + timeout = 300; + command = locker; + } + { + timeout = 1200; + command = "${pkgs.systemd}/bin/systemctl hibernate"; + } + ]; + }; } diff --git a/hosts/brontes/home.nix b/hosts/brontes/home.nix index b5938ab..d09a6f7 100644 --- a/hosts/brontes/home.nix +++ b/hosts/brontes/home.nix @@ -13,6 +13,7 @@ ../../home/hyprpaper ../../home/themes/catppuccin.nix ../../home + ../../home/sway/swayidle.nix ]; programs.direnv = { @@ -24,7 +25,10 @@ waybar.enable = true; }; - services.blueman-applet.enable = true; + services = { + blueman-applet.enable = true; + swayidle.enable = true; + }; home = { stateVersion = config.system.stateVersion; diff --git a/hosts/raptus/headscale.nix b/hosts/raptus/headscale.nix new file mode 100644 index 0000000..346e3f9 --- /dev/null +++ b/hosts/raptus/headscale.nix @@ -0,0 +1,61 @@ +{ + config, + pkgs, + inputs, + ... + +}: +{ + environment.systemPackages = [ config.services.headscale.package ]; + + services = { + headscale = { + enable = true; + address = "127.0.0.1"; + port = 8521; + + server_url = "https://hs.notashelf.dev"; + tls_cert_path = null; + tls_key_path = null; + + ephemeral_node_inactivity_timeout = "30m"; + node_update_check_interval = "10s"; + metrics_listen_addr = "127.0.0.1:8086"; + # logging + log = { + format = "text"; + level = "info"; + }; + + logtail.enabled = false; + }; + }; + + nginx.virtualHosts."hs.ccnlc.eu" = { + forceSSL = true; + enableACME = true; + quic = true; + http3 = true; + + locations = { + "/" = { + proxyPass = "http://localhost:${toString config.services.headscale.port}"; + proxyWebsockets = true; + }; + + "/metrics" = { + proxyPass = "http://${toString config.services.headscale.settings.metrics_listen_addr}/metrics"; + }; + + # see before + # possibly using the web frontend + "/web" = { + root = "${inputs.nyxexprs.packages.headscale-ui}/share"; + }; + }; + + extraConfig = '' + add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always; + ''; + }; +}