Feat/audit improvements #24
@@ -1,11 +1,13 @@
|
|||||||
# Declarative Sway window manager, status bar, lock, idle and notifications.
|
# Declarative Sway window manager, status bar, lock, idle and notifications.
|
||||||
# Imported via ./desktop.nix, so only graphical hosts get it.
|
# Imported via ./desktop.nix, so only graphical hosts get it.
|
||||||
#
|
#
|
||||||
# The compositor binary, PAM and polkit integration come from the system-level
|
# The compositor binary, PAM and the polkit *daemon* come from the system-level
|
||||||
# programs.sway (see ../swaywm.nix); package = null below reuses it instead of
|
# programs.sway (see ../swaywm.nix); package = null below reuses it instead of
|
||||||
# pulling a second Sway. home-manager owns the user config (~/.config/sway) and
|
# pulling a second Sway. The polkit authentication *agent* (the thing that draws
|
||||||
# wires the systemd user session (sway-session.target), which is what lets the
|
# the GUI auth dialog) is a user service started here. home-manager owns the user
|
||||||
# swayidle/dunst user services start with the desktop.
|
# config (~/.config/sway) and wires the systemd user session (sway-session.target),
|
||||||
|
# which is what lets the agent/swayidle/dunst/kanshi user services start with the
|
||||||
|
# desktop.
|
||||||
{
|
{
|
||||||
pkgs,
|
pkgs,
|
||||||
lib,
|
lib,
|
||||||
@@ -99,6 +101,16 @@ in
|
|||||||
criteria.app_id = "launcher";
|
criteria.app_id = "launcher";
|
||||||
command = "floating enable, resize set 800 500";
|
command = "floating enable, resize set 800 500";
|
||||||
}
|
}
|
||||||
|
# Don't let swayidle blank/lock during fullscreen video. Two rules cover
|
||||||
|
# native Wayland (app_id) and XWayland (class) clients.
|
||||||
|
{
|
||||||
|
criteria.app_id = ".*";
|
||||||
|
command = "inhibit_idle fullscreen";
|
||||||
|
}
|
||||||
|
{
|
||||||
|
criteria.class = ".*";
|
||||||
|
command = "inhibit_idle fullscreen";
|
||||||
|
}
|
||||||
];
|
];
|
||||||
|
|
||||||
# Binding modes (submenus). Entered from keybindings below; each action
|
# Binding modes (submenus). Entered from keybindings below; each action
|
||||||
@@ -277,6 +289,64 @@ in
|
|||||||
# an old entry through fuzzel.
|
# an old entry through fuzzel.
|
||||||
services.clipman.enable = true;
|
services.clipman.enable = true;
|
||||||
|
|
||||||
|
# Polkit authentication agent. programs.sway (system) enables the polkit
|
||||||
|
# daemon but no agent, so GUI privilege prompts (nemo mounting a disk,
|
||||||
|
# NetworkManager/blueman editing a system resource) would otherwise fail
|
||||||
|
# silently. lxqt-policykit is a small, toolkit-light agent; bind it to the
|
||||||
|
# Sway session so it starts and stops with the desktop.
|
||||||
|
systemd.user.services.polkit-lxqt = {
|
||||||
|
Unit = {
|
||||||
|
Description = "lxqt-policykit polkit authentication agent";
|
||||||
|
PartOf = [ "graphical-session.target" ];
|
||||||
|
After = [ "graphical-session.target" ];
|
||||||
|
};
|
||||||
|
Service = {
|
||||||
|
ExecStart = "${pkgs.lxqt.lxqt-policykit}/bin/lxqt-policykit-agent";
|
||||||
|
Restart = "on-failure";
|
||||||
|
};
|
||||||
|
Install.WantedBy = [ "sway-session.target" ];
|
||||||
|
};
|
||||||
|
|
||||||
|
# Output/display management. Reacts to hotplug and applies per-display
|
||||||
|
# mode/scale/position. Profiles are hardware-specific: the safe default below
|
||||||
|
# just enables the internal laptop panel; add docked/desktop profiles with the
|
||||||
|
# real identifiers from `swaymsg -t get_outputs` (e.g. the Mac Pro's Apple
|
||||||
|
# Cinema Display with its scale, or a docked laptop + external monitor).
|
||||||
|
services.kanshi = {
|
||||||
|
enable = true;
|
||||||
|
settings = [
|
||||||
|
{
|
||||||
|
profile.name = "undocked";
|
||||||
|
profile.outputs = [
|
||||||
|
{
|
||||||
|
criteria = "eDP-1";
|
||||||
|
status = "enable";
|
||||||
|
}
|
||||||
|
];
|
||||||
|
}
|
||||||
|
# Example to copy per host (fill in real criteria/mode/scale/position):
|
||||||
|
# {
|
||||||
|
# profile.name = "desktop";
|
||||||
|
# profile.outputs = [
|
||||||
|
# { criteria = "Apple Computer Inc Cinema HD ..."; mode = "2560x1600"; scale = 1.0; position = "0,0"; status = "enable"; }
|
||||||
|
# ];
|
||||||
|
# }
|
||||||
|
];
|
||||||
|
};
|
||||||
|
|
||||||
|
# Night light. Manual location (no geoclue dependency); adjust the coordinates
|
||||||
|
# to taste. Warmer at night, neutral by day.
|
||||||
|
services.gammastep = {
|
||||||
|
enable = true;
|
||||||
|
provider = "manual";
|
||||||
|
latitude = 51.5;
|
||||||
|
longitude = -0.13; # London-ish; set to your actual location
|
||||||
|
temperature = {
|
||||||
|
day = 6500;
|
||||||
|
night = 3700;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
# fuzzel: the dmenu picker used by clipman, themed Catppuccin Mocha to match
|
# fuzzel: the dmenu picker used by clipman, themed Catppuccin Mocha to match
|
||||||
# (fuzzel colours are RRGGBBAA -- 8 hex digits).
|
# (fuzzel colours are RRGGBBAA -- 8 hex digits).
|
||||||
programs.fuzzel = {
|
programs.fuzzel = {
|
||||||
|
|||||||
@@ -13,6 +13,13 @@
|
|||||||
settings.General.EnableNetworkConfiguration = true;
|
settings.General.EnableNetworkConfiguration = true;
|
||||||
};
|
};
|
||||||
|
|
||||||
|
# Lid behaviour: suspend on battery, lock on external power (swayidle's
|
||||||
|
# before-sleep hook locks before the suspend completes either way).
|
||||||
|
services.logind.settings.Login = {
|
||||||
|
HandleLidSwitch = "suspend";
|
||||||
|
HandleLidSwitchExternalPower = "lock";
|
||||||
|
};
|
||||||
|
|
||||||
# Bluetooth. The Asahi MBP loads Apple's BT firmware (see its host config) and
|
# Bluetooth. The Asahi MBP loads Apple's BT firmware (see its host config) and
|
||||||
# the T400 has an optional BT module; enable bluez on both, with blueman as the
|
# the T400 has an optional BT module; enable bluez on both, with blueman as the
|
||||||
# GUI/tray manager for the Sway session.
|
# GUI/tray manager for the Sway session.
|
||||||
|
|||||||
Reference in New Issue
Block a user