5 files changed, 67 insertions, 163 deletions
diff --git a/accounts/gkleen@sif/default.nix b/accounts/gkleen@sif/default.nix
index 05cfc2c8..5b463f12 100644
--- a/accounts/gkleen@sif/default.nix
+++ b/accounts/gkleen@sif/default.nix
@@ -83,9 +83,8 @@ in {
  ];
  config = {
+    services.displayManager.defaultSession = "none+xmonad";
    services.xserver = {
-      displayManager.defaultSession = "none+xmonad";
      windowManager.session = [{
        name = "xmonad";
        start = ''
diff --git a/hosts/sif/default.nix b/hosts/sif/default.nix
index 96cd66cc..610d990d 100644
--- a/hosts/sif/default.nix
+++ b/hosts/sif/default.nix
@@ -187,12 +187,10 @@ in {
            # FirewallMark = 1;
          };
          wireguardPeers = [
-            { wireguardPeerConfig = {
+            { AllowedIPs = [ "10.200.116.1/32" "10.163.88.40/32" ] ++ mwnSubnetsPrivate ++ mwnSubnetsPublic;
-                AllowedIPs = [ "10.200.116.1/32" "10.163.88.40/32" ] ++ mwnSubnetsPrivate ++ mwnSubnetsPublic;
+              PublicKey = "YlRFLc+rD2k2KXl7pIJbOKbcPgdJCl8ZTsv0xlK4VEI=";
-                PublicKey = "YlRFLc+rD2k2KXl7pIJbOKbcPgdJCl8ZTsv0xlK4VEI=";
+              PersistentKeepalive = 25;
-                PersistentKeepalive = 25;
+              Endpoint = "wg.math.lmu.de:51820";
-                Endpoint = "wg.math.lmu.de:51820";
-              };
            }
          ];
        };
@@ -211,43 +209,34 @@ in {
            Name = "wgrz";
          };
          address = ["10.200.116.128/24"];
-          routes = map (Destination: { routeConfig = {
+          routes = map (Destination: {
            inherit Destination;
            Gateway = "10.200.116.1";
            GatewayOnLink = true;
            Table = "wgrz";
-          };}) (mwnSubnetsPrivate ++ mwnSubnetsPublic ++ ["10.163.88.40/32"]);
+          }) (mwnSubnetsPrivate ++ mwnSubnetsPublic ++ ["10.163.88.40/32"]);
          routingPolicyRules = [
-            { routingPolicyRuleConfig = {
+            { Table = "main";
-                Table = "main";
+              # FirewallMark = 1;
-                # FirewallMark = 1;
+              To = "129.187.111.225";
-                To = "129.187.111.225";
+              Priority = 100;
-                Priority = 100;
-              };
            }
-            { routingPolicyRuleConfig = {
+            { Table = "main";
-                Table = "main";
+              To = "10.153.91.204";
-                To = "10.153.91.204";
+              Priority = 100;
-                Priority = 100;
-              };
            }
-            { routingPolicyRuleConfig = {
+            { Table = "wgrz";
-                Table = "wgrz";
+              From = "10.200.116.128";
-                From = "10.200.116.128";
+              Priority = 200;
-                Priority = 200;
-              };
            }
-            { routingPolicyRuleConfig = {
+            { Table = "wgrz";
-                Table = "wgrz";
+              To = "10.163.88.40";
-                To = "10.163.88.40";
+              Priority = 200;
-                Priority = 200;
-              };
            }
-          ] ++ map (To: { routingPolicyRuleConfig = {
+          ] ++ map (To: { Table = "wgrz";
-                            Table = "wgrz";
+                          inherit To;
-                            inherit To;
+                          Priority = 200;
-                            Priority = 200;
+                        }) (mwnSubnetsPrivate ++ mwnSubnetsPublic);
-                          };}) (mwnSubnetsPrivate ++ mwnSubnetsPublic);
          linkConfig = {
            RequiredForOnline = false;
          };
@@ -328,7 +317,7 @@ in {
    };
    environment.systemPackages = with pkgs; [
-      nvtop brightnessctl config.boot.kernelPackages.v4l2loopback s-tui uhk-agent
+      nvtopPackages.full brightnessctl config.boot.kernelPackages.v4l2loopback s-tui uhk-agent
    ];
    services = {
@@ -375,9 +364,27 @@ in {
      xserver = {
        enable = true;
-        layout = "us";
+        xkb = {
-        xkbVariant = "dvp";
+          layout = "us";
-        xkbOptions = "compose:caps";
+          variant = "dvp";
+          options = "compose:caps";
+        };
+        wacom.enable = true;
+        dpi = 282;
+        videoDrivers = [ "nvidia" ];
+        screenSection = ''
+          Option "metamodes" "nvidia-auto-select +0+0 { ForceCompositionPipeline = On }"
+        '';
+        deviceSection = ''
+          Option "TearFree" "True"
+        '';
+        exportConfiguration = true;
        displayManager.lightdm = {
          enable = true;
@@ -403,24 +410,8 @@ in {
            '';
          };
        };
-        wacom.enable = true;
-        libinput.enable = true;
-        dpi = 282;
-        videoDrivers = [ "nvidia" ];
-        screenSection = ''
-          Option "metamodes" "nvidia-auto-select +0+0 { ForceCompositionPipeline = On }"
-        '';
-        deviceSection = ''
-          Option "TearFree" "True"
-        '';
-        exportConfiguration = true;
      };
+      libinput.enable = true;
    };
    systemd.tmpfiles.rules = [
@@ -549,9 +540,9 @@ in {
        };
      };
-      opengl = {
+      graphics = {
        enable = true;
-        driSupport32Bit = true;
+        enable32Bit = true;
        # setLdLibraryPath = true;
      };
@@ -647,7 +638,10 @@ in {
      group = "users";
    };
-    i18n.inputMethod.enabled = "ibus";
+    i18n.inputMethod = {
+      enable = true;
+      type = "ibus";
+    };
    environment.sessionVariables."GTK_USE_PORTAL" = "1";
    xdg.portal = {
diff --git a/modules/ibus.nix b/modules/ibus.nix
deleted file mode 100644
index bb9b3765..00000000
--- a/modules/ibus.nix
+++ /dev/null
@@ -1,79 +0,0 @@
-{ config, pkgs, lib, ... }:
-with lib;
-let
-  cfg = config.i18n.inputMethod.ibus;
-  ibusPackage = pkgs.ibus-with-plugins.override { plugins = cfg.engines; };
-  ibusEngine = types.package // {
-    name  = "ibus-engine";
-    check = x: (lib.types.package.check x) && (attrByPath ["meta" "isIbusEngine"] false x);
-  };
-in
-{
-  disabledModules = [ "i18n/input-method/ibus.nix" ];
-  imports = [
-    (mkRenamedOptionModule [ "programs" "ibus" "plugins" ] [ "i18n" "inputMethod" "ibus" "engines" ])
-  ];
-  options = {
-    i18n.inputMethod.ibus = {
-      engines = mkOption {
-        type    = with types; listOf ibusEngine;
-        default = [];
-        example = literalExpression "with pkgs.ibus-engines; [ mozc hangul ]";
-        description =
-          let
-            enginesDrv = filterAttrs (const isDerivation) pkgs.ibus-engines;
-            engines = concatStringsSep ", "
-              (map (name: "<literal>${name}</literal>") (attrNames enginesDrv));
-          in
-            "Enabled IBus engines. Available engines are: ${engines}.";
-      };
-      panel = mkOption {
-        type = with types; nullOr path;
-        default = null;
-        example = literalExpression ''"''${pkgs.plasma5Packages.plasma-desktop}/lib/libexec/kimpanel-ibus-panel"'';
-        description = "Replace the IBus panel with another panel.";
-      };
-    };
-  };
-  config = mkIf (config.i18n.inputMethod.enabled == "ibus") {
-    i18n.inputMethod.package = ibusPackage;
-    # Without dconf enabled it is impossible to use IBus
-    programs.dconf.enable = true;
-    programs.dconf.packages = [ ibusPackage ];
-    environment.variables = {
-      GTK_IM_MODULE = "ibus";
-      QT_IM_MODULE = "ibus";
-      XMODIFIERS = "@im=ibus";
-    };
-    xdg.portal.extraPortals = mkIf config.xdg.portal.enable [
-      ibusPackage
-    ];
-    systemd.user.services.ibus = {
-      description = "Intelligent Input Bus";
-      documentation = ["man:ibus-daemon(1)"];
-      after = ["graphical-session-pre.target"];
-      wantedBy = ["graphical-session.target"];
-      
-      serviceConfig = {
-        Type = "dbus";
-        BusName = "org.freedesktop.IBus";
-        ExecStart = "${ibusPackage}/bin/ibus-daemon --xim ${optionalString (cfg.panel != null) "--panel ${cfg.panel}"}";
-        ExecReload = "${ibusPackage}/bin/ibus restart";
-        ExecStop = "${ibusPackage}/bin/ibus exit";
-      };
-    };
-  };
-  # uses attributes of the linked package
-  meta.buildDocsInSandbox = false;
-}
diff --git a/modules/network-interfaces-systemd.nix b/modules/network-interfaces-systemd.nix
index a3a49f5e..f62c6b86 100644
--- a/modules/network-interfaces-systemd.nix
+++ b/modules/network-interfaces-systemd.nix
@@ -60,10 +60,8 @@ in
            ++ optional (cfg.defaultGateway6 != null && (cfg.defaultGateway6.address or "") != "") cfg.defaultGateway6.address;
          in optionalAttrs (gateway != [ ]) {
            routes = override (map (gateway: {
-                routeConfig = {
+              Gateway = gateway;
-                  Gateway = gateway;
+              GatewayOnLink = false;
-                  GatewayOnLink = false;
-                };
            }) gateway);
          } // optionalAttrs (domains != [ ]) {
            domains = override domains;
diff --git a/modules/yggdrasil-wg/default.nix b/modules/yggdrasil-wg/default.nix
index 8525cea0..8b190651 100644
--- a/modules/yggdrasil-wg/default.nix
+++ b/modules/yggdrasil-wg/default.nix
@@ -135,7 +135,7 @@ let
      PrivateKeyFile = "/run/credentials/systemd-networkd.service/yggdrasil-wg-${family}.priv";
      ListenPort = listenPort.${family};
    };
-    wireguardPeers = map (opts@{to, from, ...}: { wireguardPeerConfig = linkToPeer family opts; }) hostLinks.${family};
+    wireguardPeers = map (opts@{to, from, ...}: linkToPeer family opts) hostLinks.${family};
  };
  familyToLoadCred = family: "yggdrasil-wg-${family}.priv:${config.sops.secrets."yggdrasil-wg-${family}.priv".path}";
  familyToYggdrasilNetwork = family: nameValuePair "yggdrasil-wg-${family}" {
@@ -145,9 +145,7 @@ let
    };
    address = [wgHostIPs.${family}.${hostName}];
    routes = [
-      { routeConfig = {
+      { Destination = "${wgSubnet.${family}}::/${toString wgSubnetLength}";
-          Destination = "${wgSubnet.${family}}::/${toString wgSubnetLength}";
-        };
      }
    ];
    linkConfig = {
@@ -203,25 +201,19 @@ in {
          dns = ["2a03:4000:52:ada:1:1::"];
          domains = ["yggdrasil"];
          routes = [
-            { routeConfig = {
+            { Destination = "${batSubnet}::/${toString batSubnetLength}";
-                Destination = "${batSubnet}::/${toString batSubnetLength}";
+              GatewayOnLink = true;
-                GatewayOnLink = true;
-              };
            }
-            { routeConfig = {
+            { Destination = "${batSubnet}::/${toString batSubnetLength}";
-                Destination = "${batSubnet}::/${toString batSubnetLength}";
+              GatewayOnLink = true;
-                GatewayOnLink = true;
+              Table = "yggdrasil";
-                Table = "yggdrasil";
-              };
            }
-            { routeConfig = {
+            { Destination = batHostIPs.${hostName};
-                Destination = batHostIPs.${hostName};
+              GatewayOnLink = true;
-                GatewayOnLink = true;
+              Table = "yggdrasil";
-                Table = "yggdrasil";
-              };
            }
-          ] ++ (concatMap (router: map (rAddr: { routeConfig = { Destination = "::/0"; Gateway = stripSubnet rAddr; GatewayOnLink = true; Table = "yggdrasil"; }; }) batHostIPs.${router}) (filter (router: router != hostName) routers));
+          ] ++ (concatMap (router: map (rAddr: { Destination = "::/0"; Gateway = stripSubnet rAddr; GatewayOnLink = true; Table = "yggdrasil"; }) batHostIPs.${router}) (filter (router: router != hostName) routers));
-          routingPolicyRules = map (addr: { routingPolicyRuleConfig = { Table = "yggdrasil"; From = addr; Priority = 1; }; }) batHostIPs.${hostName};
+          routingPolicyRules = map (addr: { Table = "yggdrasil"; From = addr; Priority = 1; }) batHostIPs.${hostName};
          linkConfig = {
            MACAddress = "${batHostMACs.${hostName}}";
            RequiredForOnline = false;