summaryrefslogtreecommitdiff
path: root/accounts/gkleen@sif/systemd.nix
diff options
context:
space:
mode:
Diffstat (limited to 'accounts/gkleen@sif/systemd.nix')
-rw-r--r--accounts/gkleen@sif/systemd.nix339
1 files changed, 255 insertions, 84 deletions
diff --git a/accounts/gkleen@sif/systemd.nix b/accounts/gkleen@sif/systemd.nix
index cefcf4ea..c21514ea 100644
--- a/accounts/gkleen@sif/systemd.nix
+++ b/accounts/gkleen@sif/systemd.nix
@@ -6,7 +6,7 @@ let
6 cfg = config.home-manager.users.${userName}; 6 cfg = config.home-manager.users.${userName};
7 7
8 autossh-socks-script = pkgs.writeScript "autossh" '' 8 autossh-socks-script = pkgs.writeScript "autossh" ''
9 #!${pkgs.zsh}/bin/zsh -xe 9 #!${lib.getExe pkgs.zsh} -xe
10 10
11 host="''${1%:*}" 11 host="''${1%:*}"
12 port="''${1#*:}" 12 port="''${1#*:}"
@@ -15,31 +15,29 @@ let
15 cmd=() 15 cmd=()
16 16
17 if [[ -n "''${SSHPASS_SECRET}" ]]; then 17 if [[ -n "''${SSHPASS_SECRET}" ]]; then
18 cmd+=(${pkgs.sshpassSecret}/bin/sshpass-secret) 18 cmd+=(${lib.getExe' pkgs.sshpassSecret "sshpass-secret"})
19 cmd+=("''${(@s/:/)SSHPASS_SECRET}") 19 cmd+=("''${(@s/:/)SSHPASS_SECRET}")
20 cmd+=(--) 20 cmd+=(--)
21 fi 21 fi
22 22
23 cmd+=(${pkgs.openssh}/bin/ssh -vN -D localhost:''${port} "''${host}") 23 cmd+=(${lib.getExe' pkgs.openssh "ssh"} -vN -D 127.0.0.1:''${port} "''${host}")
24 24
25 ( exec -a "''${cmd[1]}" -- ''${cmd} ) & 25 ( exec -a "''${cmd[1]}" -- ''${cmd} ) &
26 pid=$! 26 pid=$!
27 27
28 newpid="" 28 newpid=""
29 i=200 29 i=200
30 while ! newpid=$(${pkgs.lsof}/bin/lsof -Pi @localhost:"''${port}" -sTCP:LISTEN -t); do 30 while ! newpid=$(${lib.getExe pkgs.lsof} -Pi @localhost:"''${port}" -sTCP:LISTEN -t); do
31 if ! kill -0 "''${pid}"; then 31 if ! kill -0 "''${pid}"; then
32 wait "''${pid}" 32 wait "''${pid}"
33 exit $? 33 exit $?
34 fi 34 fi
35 [[ "''${i}" -gt 0 ]] || exit 1 35 [[ "''${i}" -gt 0 ]] || exit 1
36 i=$((''${i} - 1)) 36 i=$((''${i} - 1))
37 ${pkgs.coreutils}/bin/sleep 0.1 37 ${lib.getExe' pkgs.coreutils "sleep"} 0.1
38 done 38 done
39 39
40 ${config.systemd.package}/bin/systemd-notify --ready 40 ${lib.getExe' config.systemd.package "systemd-notify"} --pid=''${newpid} --ready
41
42 wait "''${pid}" "''${newpid}"
43 ''; 41 '';
44in { 42in {
45 tmpfiles.rules = [ 43 tmpfiles.rules = [
@@ -48,11 +46,11 @@ in {
48 ]; 46 ];
49 47
50 services = { 48 services = {
51 sync-keepass = { 49 "sync-keepass@" = {
52 Service = { 50 Service = {
53 Type = "oneshot"; 51 Type = "oneshot";
54 WorkingDirectory = "~"; 52 WorkingDirectory = "~";
55 ExecStart = toString (pkgs.writers.writePython3 "sync-keepass" { 53 ExecStart = "${pkgs.writers.writePython3 "sync-keepass" {
56 libraries = with pkgs.python3Packages; [ python-dateutil ]; 54 libraries = with pkgs.python3Packages; [ python-dateutil ];
57 } '' 55 } ''
58 import json 56 import json
@@ -61,13 +59,13 @@ in {
61 from datetime import datetime 59 from datetime import datetime
62 from dateutil.tz import tzlocal 60 from dateutil.tz import tzlocal
63 from dateutil.parser import isoparse 61 from dateutil.parser import isoparse
64 from sys import stderr 62 from sys import stderr, argv
65 63
66 64
67 remote_fs = 'surtr' 65 remote_fs = 'surtr' if argv[1] == 'store.kdbx' else 'mathcloud'
68 remote_file = 'store.kdbx' 66 remote_file = argv[1]
69 target_file = expanduser('~/store.kdbx') 67 target_file = expanduser(f'~/{argv[1]}')
70 meta_file = expanduser('~/.store.kdbx.json') 68 meta_file = expanduser(f'~/.{argv[1]}.json')
71 69
72 upload_time = None 70 upload_time = None
73 our_last_upload_time = None 71 our_last_upload_time = None
@@ -117,13 +115,14 @@ in {
117 do_upload() 115 do_upload()
118 elif upload_time is not None and (mod_time is None or upload_time > mod_time) and (our_last_upload_time is None or upload_time > our_last_upload_time): # noqa: E501 116 elif upload_time is not None and (mod_time is None or upload_time > mod_time) and (our_last_upload_time is None or upload_time > our_last_upload_time): # noqa: E501
119 do_download() 117 do_download()
120 ''); 118 ''} \"%I\"";
121 Environment = [ "RCLONE_PASSWORD_COMMAND=\"${pkgs.coreutils}/bin/cat ${config.sops.secrets.gkleen-rclone.path}\"" "PATH=${pkgs.rclone}/bin" ]; 119 Environment = [ "RCLONE_PASSWORD_COMMAND=\"${pkgs.coreutils}/bin/cat ${config.sops.secrets.gkleen-rclone.path}\"" "PATH=${pkgs.rclone}/bin" ];
122 }; 120 };
123 }; 121 };
124 emacs = { 122 emacs = {
125 Unit = { 123 Unit = {
126 After = ["graphical-session-pre.target"]; 124 After = [ "graphical-session.target" ];
125 BindsTo = [ "graphical-session.target" ];
127 }; 126 };
128 }; 127 };
129 keepassxc = { 128 keepassxc = {
@@ -135,8 +134,8 @@ in {
135 Environment = [ "QT_QPA_PLATFORM=wayland" ]; 134 Environment = [ "QT_QPA_PLATFORM=wayland" ];
136 }; 135 };
137 Unit = { 136 Unit = {
138 Requires = ["graphical-session-pre.target"]; 137 After = [ "graphical-session.target" ];
139 After = ["graphical-session-pre.target"]; 138 BindsTo = [ "graphical-session.target" ];
140 }; 139 };
141 }; 140 };
142 mpris-proxy = { 141 mpris-proxy = {
@@ -145,7 +144,7 @@ in {
145 Service.ExecStart = "${pkgs.bluez}/bin/mpris-proxy"; 144 Service.ExecStart = "${pkgs.bluez}/bin/mpris-proxy";
146 Install.WantedBy = [ "default.target" ]; 145 Install.WantedBy = [ "default.target" ];
147 }; 146 };
148 "autossh-socks@proxy.mathw0h:8119" = { 147 "autossh-socks@proxy.ssh.math.lmu.de:8119" = {
149 Service = { 148 Service = {
150 Type = "notify"; 149 Type = "notify";
151 NotifyAccess = "all"; 150 NotifyAccess = "all";
@@ -153,7 +152,7 @@ in {
153 Restart = "always"; 152 Restart = "always";
154 RestartSec = "23s"; 153 RestartSec = "23s";
155 ExecStart = "${autossh-socks-script} \"%I\""; 154 ExecStart = "${autossh-socks-script} \"%I\"";
156 Environment = [ "SSHPASS_SECRET=gkleen@mathw0g.math.lmu.de" ]; 155 Environment = [ "SSHPASS_SECRET=gkleen@ssh.math.lmu.de" ];
157 }; 156 };
158 Unit = { 157 Unit = {
159 StopWhenUnneeded = true; 158 StopWhenUnneeded = true;
@@ -172,11 +171,56 @@ in {
172 }; 171 };
173 Unit = { 172 Unit = {
174 StopWhenUnneeded = true; 173 StopWhenUnneeded = true;
174 StartLimitInterval = "2s";
175 StartLimitBurst = 25;
175 }; 176 };
176 }; 177 };
177 swayidle = { 178 "autossh-socks@proxy.mathw0h:8123" = {
178 Service = { 179 Service = {
179 RuntimeDirectory = "swayidle"; 180 Type = "notify";
181 NotifyAccess = "all";
182 WorkingDirectory = "~";
183 Restart = "always";
184 RestartSec = "23s";
185 ExecStart = "${autossh-socks-script} \"%I\"";
186 Environment = [ "SSHPASS_SECRET=gkleen@mathw0h.mathinst.loc" ];
187 };
188 Unit = {
189 StopWhenUnneeded = true;
190 StartLimitInterval = "180s";
191 StartLimitBurst = 7;
192 };
193 };
194 "autossh-socks@proxy.mathw0e:8125" = {
195 Service = {
196 Type = "notify";
197 NotifyAccess = "all";
198 WorkingDirectory = "~";
199 Restart = "always";
200 RestartSec = "23s";
201 ExecStart = "${autossh-socks-script} \"%I\"";
202 Environment = [ "SSHPASS_SECRET=gkleen@mathw0e.mathinst.loc" ];
203 };
204 Unit = {
205 StopWhenUnneeded = true;
206 StartLimitInterval = "180s";
207 StartLimitBurst = 7;
208 };
209 };
210 "autossh-socks@proxy.cip04:8127" = {
211 Service = {
212 Type = "notify";
213 NotifyAccess = "all";
214 WorkingDirectory = "~";
215 Restart = "always";
216 RestartSec = "23s";
217 ExecStart = "${autossh-socks-script} \"%I\"";
218 Environment = [ "SSHPASS_SECRET=gkleen@cip04.cipmath.loc" ];
219 };
220 Unit = {
221 StopWhenUnneeded = true;
222 StartLimitInterval = "180s";
223 StartLimitBurst = 7;
180 }; 224 };
181 }; 225 };
182 psi-notify = { 226 psi-notify = {
@@ -184,8 +228,8 @@ in {
184 WantedBy = ["graphical-session.target"]; 228 WantedBy = ["graphical-session.target"];
185 }; 229 };
186 Unit = { 230 Unit = {
187 Requires = ["graphical-session-pre.target"]; 231 After = [ "graphical-session.target" ];
188 After = ["graphical-session-pre.target"]; 232 PartOf = [ "graphical-session.target" ];
189 }; 233 };
190 Service = { 234 Service = {
191 ExecStart = lib.getExe pkgs.psi-notify; 235 ExecStart = lib.getExe pkgs.psi-notify;
@@ -198,6 +242,7 @@ in {
198 gtklock = { 242 gtklock = {
199 Unit = { 243 Unit = {
200 Requisite = ["graphical-session.target"]; 244 Requisite = ["graphical-session.target"];
245 After = [ "graphical-session.target" ];
201 PartOf = ["graphical-session.target"]; 246 PartOf = ["graphical-session.target"];
202 }; 247 };
203 Service = { 248 Service = {
@@ -205,53 +250,55 @@ in {
205 RuntimeDirectory = "gtklock"; 250 RuntimeDirectory = "gtklock";
206 CacheDirectory = "gtklock"; 251 CacheDirectory = "gtklock";
207 ExecStartPre = [ 252 ExecStartPre = [
208 "${pkgs.libsForQt5.qt5.qttools.bin}/bin/qdbus org.keepassxc.KeePassXC.MainWindow /keepassxc org.keepassxc.KeePassXC.MainWindow.lockAllDatabases" 253 "-${lib.getExe' pkgs.libsForQt5.qt5.qttools.bin "qdbus"} org.keepassxc.KeePassXC.MainWindow /keepassxc org.keepassxc.KeePassXC.MainWindow.lockAllDatabases"
209 "${config.systemd.package}/bin/systemctl --user stop gpg-agent.service" 254 "-${lib.getExe' config.systemd.package "systemctl"} --user stop gpg-agent.service"
210 (pkgs.writeShellScript "generate-css" '' 255 "-${lib.getExe pkgs.playerctl} -a pause"
211 set -x 256 "-${lib.getExe (pkgs.writeShellApplication {
212 export PATH="${lib.makeBinPath [cfg.programs.wpaperd.package pkgs.jq pkgs.coreutils pkgs.imagemagick pkgs.findutils]}:$PATH" 257 name = "generate-css";
213 258 runtimeInputs = with pkgs; [cfg.services.wpaperd.package jq coreutils imagemagick findutils];
214 declare -A monitors 259 text = ''
215 monitors=() 260 declare -A monitors
216 while IFS= read -r entry; do 261 monitors=()
217 path=$(jq -r ".path" <<<"$entry") 262 while IFS= read -r entry; do
218 [[ -z "$path" || ! -f "$path" ]] && continue 263 path=$(jq -r ".path" <<<"$entry")
219 blurred_path="$CACHE_DIRECTORY"/"$(b2sum -l 128 <<<"$path" | cut -d' ' -f1)"."''${path##*.}" 264 [[ -z "$path" || ! -f "$path" ]] && continue
220 monitor=$(jq -r ".display" <<<"$entry") 265 blurred_path="$CACHE_DIRECTORY"/"$(b2sum -l 128 <<<"$path" | cut -d' ' -f1)"."''${path##*.}"
221 if [[ ! -f "$blurred_path" ]]; then 266 monitor=$(jq -r ".display" <<<"$entry")
222 mkdir -p "$(dirname "$blurred_path")" 267 if [[ ! -f "$blurred_path" ]]; then
223 magick "$path" -filter Gaussian -resize 6.25% -define filter:sigma=2.5 -resize 1600% "$blurred_path" & 268 mkdir -p "$(dirname "$blurred_path")"
224 fi 269 magick "$path" -filter Gaussian -resize 6.25% -define filter:sigma=2.5 -resize 1600% "$blurred_path" &
225 monitors+=([$monitor]="$blurred_path") 270 fi
226 done < <(wpaperctl all-wallpapers -j | jq -c ".[]") 271 monitors+=([$monitor]="$blurred_path")
227 wait 272 done < <(wpaperctl all-wallpapers -j | jq -c ".[]")
228 273 # wait
229 cp --no-preserve=mode ${pkgs.writeText "gtklock.css" '' 274
230 #window-box { 275 cp --no-preserve=mode ${pkgs.writeText "gtklock.css" ''
231 padding: 64px; 276 #window-box {
232 /* border: 1px solid black; */ 277 padding: 64px;
233 border-radius: 4px; 278 /* border: 1px solid black; */
234 box-shadow: rgba(0, 0, 0, 0.8) 0px 4px 12px; 279 border-radius: 4px;
235 /* background-color: white; */ 280 box-shadow: rgba(0, 0, 0, 0.8) 0px 4px 12px;
236 background-color: rgba(0, 0, 0, 0.5); 281 /* background-color: white; */
282 background-color: rgba(0, 0, 0, 0.5);
283 }
284 ''} "$RUNTIME_DIRECTORY"/style.css
285 for monitor in "''${!monitors[@]}"; do
286 cat >>"$RUNTIME_DIRECTORY"/style.css <<EOF
287 window#''${monitor} {
288 background-image: url("''${monitors[$monitor]}");
289 background-repeat: no-repeat;
290 background-size: 100% 100%;
291 background-origin: content-box;
237 } 292 }
238 ''} "$RUNTIME_DIRECTORY"/style.css 293 EOF
239 for monitor in "''${!monitors[@]}"; do 294 done
240 cat >>"$RUNTIME_DIRECTORY"/style.css <<EOF 295 '';
241 window#''${monitor} { 296 })}"
242 background-image: url("''${monitors[$monitor]}");
243 background-repeat: no-repeat;
244 background-size: 100% 100%;
245 background-origin: content-box;
246 }
247 EOF
248 done
249 '')
250 ]; 297 ];
251 NotifyAccess = "all"; 298 NotifyAccess = "all";
252 ExecStart = ''${lib.getExe pkgs.gtklock} -s "''${RUNTIME_DIRECTORY}/style.css" -L ${pkgs.writeShellScript "after-lock" '' 299 ExecStart = ''${lib.getExe pkgs.gtklock} -s "''${RUNTIME_DIRECTORY}/style.css" -L ${pkgs.writeShellScript "after-lock" ''
253 ${cfg.wayland.windowManager.hyprland.package}/bin/hyprctl dispatch dpms off 300 ${lib.getExe cfg.programs.niri.package} msg action power-off-monitors
254 ${config.systemd.package}/bin/systemd-notify --ready 301 ${lib.getExe' config.systemd.package "systemd-notify"} --ready
255 ''}''; 302 ''}'';
256 }; 303 };
257 }; 304 };
@@ -259,15 +306,19 @@ in {
259 Service = { 306 Service = {
260 Type = "notify"; 307 Type = "notify";
261 CacheDirectory = "yt-dlp/%N"; 308 CacheDirectory = "yt-dlp/%N";
309 RuntimeDirectory = "yt-dlp/%N";
262 StandardInput = "socket"; 310 StandardInput = "socket";
263 StandardOutput = "journal"; 311 StandardOutput = "journal";
264 WatchdogSec = "30min"; 312 WatchdogSec = "30min";
313 CPUSchedulingPolicy = "idle";
314 IOSchedulingClass = "idle";
265 Environment = [ 315 Environment = [
266 "PATH=${lib.makeBinPath (with pkgs; [atomicparsley ffmpeg-headless rtmpdump])}" 316 "PATH=${lib.makeBinPath (with pkgs; [atomicparsley ffmpeg-headless rtmpdump])}"
267 "DSCP=8" 317 "DSCP=8"
268 ]; 318 ];
269 ExecStart = ''${lib.getExe pkgs.dscp} ${pkgs.writers.writePython3 "yt-dlp" { 319 ExecStart = ''${lib.getExe pkgs.dscp} ${pkgs.writers.writePython3 "yt-dlp" {
270 libraries = with pkgs.python3Packages; [ yt-dlp sdnotify ]; 320 libraries = with pkgs.python3Packages; [ yt-dlp sdnotify ];
321 flakeIgnore = [ "E501" ];
271 } '' 322 } ''
272 import json 323 import json
273 from yt_dlp import YoutubeDL, parse_options 324 from yt_dlp import YoutubeDL, parse_options
@@ -275,14 +326,46 @@ in {
275 from sdnotify import SystemdNotifier 326 from sdnotify import SystemdNotifier
276 from os import environ 327 from os import environ
277 from pathlib import Path 328 from pathlib import Path
329 import threading
330 import socketserver
331
332
333 status = None
334 status_notifier = threading.Condition()
335
336
337 class StatusRequestHandler(socketserver.BaseRequestHandler):
338 def handle(self):
339 with self.request.makefile('w', encoding='utf-8') as fh:
340 while True:
341 with status_notifier:
342 json.dump(status, fh)
343 fh.write('\n')
344 fh.flush()
345 status_notifier.wait()
346
347
348 class ThreadedUnixStreamServer(socketserver.ThreadingMixIn, socketserver.UnixStreamServer):
349 pass
350
278 351
352 def progress_hook(d):
353 global status
354 n.notify('WATCHDOG=1\nSTATUS=' + d['status'])
355 with status_notifier:
356 status = {
357 **{k: v for k, v in d.items() if k in {'status', 'downloaded_bytes', 'total_bytes', 'total_bytes_estimate', 'fragment_count', 'fragment_index'}},
358 **{k: v for k, v in (d['info_dict'] if 'info_dict' in d else {}).items() if k in {'title', 'filename'}},
359 }
360 status_notifier.notify_all()
279 361
280 n = SystemdNotifier() 362
363 n = SystemdNotifier(debug=True)
281 args = json.load(stdin) 364 args = json.load(stdin)
282 ydl_opts = { 365 ydl_opts = {
283 **parse_options().ydl_opts, 366 **parse_options().ydl_opts,
284 'progress_hooks': [lambda _d: n.notify('WATCHDOG=1')], 367 'progress_hooks': [progress_hook],
285 'postprocessor_hooks': [lambda _d: n.notify('WATCHDOG=1')], 368 'postprocessor_hooks': [progress_hook],
286 'progress_with_newline': True, 369 'progress_with_newline': True,
287 'progress_delta': 5, 370 'progress_delta': 5,
288 'paths': { 371 'paths': {
@@ -292,6 +375,9 @@ in {
292 'noplaylist': True, 375 'noplaylist': True,
293 **(args['params'] if 'params' in args else {}), 376 **(args['params'] if 'params' in args else {}),
294 } 377 }
378 status_server = ThreadedUnixStreamServer(str(Path(environ['RUNTIME_DIRECTORY']) / 'status.sock'), StatusRequestHandler)
379 status_server.daemon_threads = True
380 threading.Thread(target=status_server.serve_forever, daemon=True).start()
295 with YoutubeDL(ydl_opts) as ytdl: 381 with YoutubeDL(ydl_opts) as ytdl:
296 n.notify('READY=1') 382 n.notify('READY=1')
297 ytdl.download(args['urls']) 383 ytdl.download(args['urls'])
@@ -299,38 +385,101 @@ in {
299 ExecStopPost = "${pkgs.coreutils}/bin/rm -rfv \"$CACHE_DIRECTORY\""; 385 ExecStopPost = "${pkgs.coreutils}/bin/rm -rfv \"$CACHE_DIRECTORY\"";
300 }; 386 };
301 }; 387 };
302 wpaperd = { 388 # wpaperd = {
389 # Install = {
390 # WantedBy = ["graphical-session.target"];
391 # };
392 # Unit = {
393 # After = [ "graphical-session.target" ];
394 # PartOf = [ "graphical-session.target" ];
395 # };
396 # Service = {
397 # ExecStart = lib.getExe cfg.services.wpaperd.package;
398 # Type = "simple";
399 # Restart = "always";
400 # RestartSec = "2s";
401 # };
402 # };
403 xembed-sni-proxy = {
404 Unit = {
405 PartOf = lib.mkForce ["tray.target"];
406 };
407 };
408 poweralertd = {
409 Unit = {
410 After = ["graphical-session.target"];
411 };
412 };
413 network-manager-applet = {
414 Unit = {
415 PartOf = lib.mkForce ["tray.target"];
416 };
417 };
418 udiskie = {
419 Unit = {
420 PartOf = lib.mkForce ["tray.target"];
421 };
422 };
423 blueman-applet = {
424 Unit = {
425 PartOf = lib.mkForce ["tray.target"];
426 };
303 Install = { 427 Install = {
304 WantedBy = ["graphical-session.target"]; 428 WantedBy = lib.mkForce ["tray.target"];
305 }; 429 };
430 };
431 alacritty = {
306 Unit = { 432 Unit = {
307 BindsTo = ["graphical-session-pre.target"]; 433 Requisite = ["graphical-session.target"];
308 After = ["graphical-session-pre.target"]; 434 After = [ "graphical-session.target" ];
309 }; 435 };
310 Service = { 436 Service = {
311 ExecStart = lib.getExe cfg.programs.wpaperd.package; 437 ExecStart = "${lib.getExe pkgs.alacritty} --daemon --socket %t/alacritty-activated.sock";
312 Type = "simple"; 438 };
313 Restart = "always"; 439 };
314 RestartSec = "2s"; 440 alacritty-proxy = {
441 Unit = {
442 Requires = ["alacritty.service" "alacritty-proxy.socket"];
443 After = ["alacritty.service" "alacritty-proxy.socket"];
444 };
445 Service = {
446 Type = "notify";
447 ExecStart = "${config.systemd.package}/lib/systemd/systemd-socket-proxyd %t/alacritty-activated.sock";
315 }; 448 };
316 }; 449 };
317 } // listToAttrs (map ({host, port}: nameValuePair "proxy-to-autossh-socks@${toString port}" { 450 } // listToAttrs (map ({host, port}: nameValuePair "proxy-to-autossh-socks@${toString port}" {
318 Unit = { 451 Unit = {
319 Requires = ["autossh-socks@${host}:${toString (port + 1)}.service" "proxy-to-autossh-socks@${toString port}.socket"]; 452 BindsTo = ["autossh-socks@${host}:${toString (port + 1)}.service" "proxy-to-autossh-socks@${toString port}.socket"];
320 After = ["autossh-socks@${host}:${toString (port + 1)}.service" "proxy-to-autossh-socks@${toString port}.socket"]; 453 After = ["autossh-socks@${host}:${toString (port + 1)}.service" "proxy-to-autossh-socks@${toString port}.socket"];
321 }; 454 };
322 Service = { 455 Service = {
323 ExecStart = "${config.systemd.package}/lib/systemd/systemd-socket-proxyd --exit-idle-time=10s localhost:${toString (port + 1)}"; 456 ExecStart = "${config.systemd.package}/lib/systemd/systemd-socket-proxyd --exit-idle-time=60s 127.0.0.1:${toString (port + 1)}";
457 Restart = "always";
458 RestartSec = "23s";
324 }; 459 };
325 }) [{ host = "proxy.mathw0h"; port = 8118; } { host = "proxy.vidhar"; port = 8120; }]); 460 }) [{ host = "proxy.ssh.math.lmu.de"; port = 8118; } { host = "proxy.vidhar"; port = 8120; } { host = "proxy.mathw0h"; port = 8122; } { host = "proxy.mathw0e"; port = 8124; } { host = "proxy.cip04"; port = 8126; }]);
326 sockets = listToAttrs (map (port: nameValuePair "proxy-to-autossh-socks@${toString port}" { 461 sockets = listToAttrs (map (port: nameValuePair "proxy-to-autossh-socks@${toString port}" {
327 Socket = { 462 Socket = {
328 ListenStream = "%I"; 463 ListenStream = "%I";
464 TriggerLimitIntervalSec = 0;
465 PollLimitIntervalSec = "180s";
466 PollLimitBurst = 6;
329 }; 467 };
330 Install = { 468 Install = {
331 WantedBy = ["default.target"]; 469 WantedBy = ["default.target"];
332 }; 470 };
333 }) [8118 8120]) // { 471 }) [8118 8122 8124 8126]) // {
472 "proxy-to-autossh-socks@8120" = {
473 Socket = {
474 ListenStream = "%I";
475 TriggerLimitIntervalSec = 0;
476 PollLimitIntervalSec = "2s";
477 PollLimitBurst = 20;
478 };
479 Install = {
480 WantedBy = ["default.target"];
481 };
482 };
334 "yt-dlp" = { 483 "yt-dlp" = {
335 Socket = { 484 Socket = {
336 SocketMode = "0600"; 485 SocketMode = "0600";
@@ -342,9 +491,18 @@ in {
342 WantedBy = ["sockets.target"]; 491 WantedBy = ["sockets.target"];
343 }; 492 };
344 }; 493 };
494 "alacritty-proxy" = {
495 Socket = {
496 SocketMode = "0600";
497 ListenStream = "%t/alacritty.sock";
498 };
499 Install = {
500 WantedBy = ["sockets.target"];
501 };
502 };
345 }; 503 };
346 timers = { 504 timers = {
347 sync-keepass = { 505 "sync-keepass@store.kdbx" = {
348 Timer = { 506 Timer = {
349 OnActiveSec = "1m"; 507 OnActiveSec = "1m";
350 OnUnitActiveSec = "1m"; 508 OnUnitActiveSec = "1m";
@@ -354,6 +512,16 @@ in {
354 WantedBy = ["default.target"]; 512 WantedBy = ["default.target"];
355 }; 513 };
356 }; 514 };
515 "sync-keepass@rz.kdbx" = {
516 Timer = {
517 OnActiveSec = "1d";
518 OnUnitActiveSec = "1d";
519 };
520
521 Install = {
522 WantedBy = ["default.target"];
523 };
524 };
357 }; 525 };
358 targets = { 526 targets = {
359 graphical-session = { 527 graphical-session = {
@@ -364,6 +532,9 @@ in {
364 }; 532 };
365 tray = { 533 tray = {
366 Unit = { 534 Unit = {
535 PartOf = [ "graphical-session.target" ];
536 # Requires = [ "waybar.service" ];
537 After = [ "graphical-session.target" ]; # "waybar.service" ];
367 Wants = ["blueman-applet.service" "udiskie.service" "network-manager-applet.service"]; 538 Wants = ["blueman-applet.service" "udiskie.service" "network-manager-applet.service"];
368 }; 539 };
369 }; 540 };