diff options
Diffstat (limited to 'accounts/gkleen@sif/systemd.nix')
| -rw-r--r-- | accounts/gkleen@sif/systemd.nix | 277 |
1 files changed, 186 insertions, 91 deletions
diff --git a/accounts/gkleen@sif/systemd.nix b/accounts/gkleen@sif/systemd.nix index 119d8cc3..51671b20 100644 --- a/accounts/gkleen@sif/systemd.nix +++ b/accounts/gkleen@sif/systemd.nix | |||
| @@ -6,7 +6,7 @@ let | |||
| 6 | cfg = config.home-manager.users.${userName}; | 6 | cfg = config.home-manager.users.${userName}; |
| 7 | 7 | ||
| 8 | autossh-socks-script = pkgs.writeScript "autossh" '' | 8 | autossh-socks-script = pkgs.writeScript "autossh" '' |
| 9 | #!${pkgs.zsh}/bin/zsh -xe | 9 | #!${lib.getExe pkgs.zsh} -xe |
| 10 | 10 | ||
| 11 | host="''${1%:*}" | 11 | host="''${1%:*}" |
| 12 | port="''${1#*:}" | 12 | port="''${1#*:}" |
| @@ -15,31 +15,29 @@ let | |||
| 15 | cmd=() | 15 | cmd=() |
| 16 | 16 | ||
| 17 | if [[ -n "''${SSHPASS_SECRET}" ]]; then | 17 | if [[ -n "''${SSHPASS_SECRET}" ]]; then |
| 18 | cmd+=(${pkgs.sshpassSecret}/bin/sshpass-secret) | 18 | cmd+=(${lib.getExe' pkgs.sshpassSecret "sshpass-secret"}) |
| 19 | cmd+=("''${(@s/:/)SSHPASS_SECRET}") | 19 | cmd+=("''${(@s/:/)SSHPASS_SECRET}") |
| 20 | cmd+=(--) | 20 | cmd+=(--) |
| 21 | fi | 21 | fi |
| 22 | 22 | ||
| 23 | cmd+=(${pkgs.openssh}/bin/ssh -vN -D localhost:''${port} "''${host}") | 23 | cmd+=(${lib.getExe' pkgs.openssh "ssh"} -vN -D 127.0.0.1:''${port} "''${host}") |
| 24 | 24 | ||
| 25 | ( exec -a "''${cmd[1]}" -- ''${cmd} ) & | 25 | ( exec -a "''${cmd[1]}" -- ''${cmd} ) & |
| 26 | pid=$! | 26 | pid=$! |
| 27 | 27 | ||
| 28 | newpid="" | 28 | newpid="" |
| 29 | i=200 | 29 | i=200 |
| 30 | while ! newpid=$(${pkgs.lsof}/bin/lsof -Pi @localhost:"''${port}" -sTCP:LISTEN -t); do | 30 | while ! newpid=$(${lib.getExe pkgs.lsof} -Pi @localhost:"''${port}" -sTCP:LISTEN -t); do |
| 31 | if ! kill -0 "''${pid}"; then | 31 | if ! kill -0 "''${pid}"; then |
| 32 | wait "''${pid}" | 32 | wait "''${pid}" |
| 33 | exit $? | 33 | exit $? |
| 34 | fi | 34 | fi |
| 35 | [[ "''${i}" -gt 0 ]] || exit 1 | 35 | [[ "''${i}" -gt 0 ]] || exit 1 |
| 36 | i=$((''${i} - 1)) | 36 | i=$((''${i} - 1)) |
| 37 | ${pkgs.coreutils}/bin/sleep 0.1 | 37 | ${lib.getExe' pkgs.coreutils "sleep"} 0.1 |
| 38 | done | 38 | done |
| 39 | 39 | ||
| 40 | ${config.systemd.package}/bin/systemd-notify --ready | 40 | ${lib.getExe' config.systemd.package "systemd-notify"} --pid=''${newpid} --ready |
| 41 | |||
| 42 | wait "''${pid}" "''${newpid}" | ||
| 43 | ''; | 41 | ''; |
| 44 | in { | 42 | in { |
| 45 | tmpfiles.rules = [ | 43 | tmpfiles.rules = [ |
| @@ -48,11 +46,11 @@ in { | |||
| 48 | ]; | 46 | ]; |
| 49 | 47 | ||
| 50 | services = { | 48 | services = { |
| 51 | sync-keepass = { | 49 | "sync-keepass@" = { |
| 52 | Service = { | 50 | Service = { |
| 53 | Type = "oneshot"; | 51 | Type = "oneshot"; |
| 54 | WorkingDirectory = "~"; | 52 | WorkingDirectory = "~"; |
| 55 | ExecStart = toString (pkgs.writers.writePython3 "sync-keepass" { | 53 | ExecStart = "${pkgs.writers.writePython3 "sync-keepass" { |
| 56 | libraries = with pkgs.python3Packages; [ python-dateutil ]; | 54 | libraries = with pkgs.python3Packages; [ python-dateutil ]; |
| 57 | } '' | 55 | } '' |
| 58 | import json | 56 | import json |
| @@ -61,13 +59,13 @@ in { | |||
| 61 | from datetime import datetime | 59 | from datetime import datetime |
| 62 | from dateutil.tz import tzlocal | 60 | from dateutil.tz import tzlocal |
| 63 | from dateutil.parser import isoparse | 61 | from dateutil.parser import isoparse |
| 64 | from sys import stderr | 62 | from sys import stderr, argv |
| 65 | 63 | ||
| 66 | 64 | ||
| 67 | remote_fs = 'surtr' | 65 | remote_fs = 'surtr' if argv[1] == 'store.kdbx' else 'mathcloud' |
| 68 | remote_file = 'store.kdbx' | 66 | remote_file = argv[1] |
| 69 | target_file = expanduser('~/store.kdbx') | 67 | target_file = expanduser(f'~/{argv[1]}') |
| 70 | meta_file = expanduser('~/.store.kdbx.json') | 68 | meta_file = expanduser(f'~/.{argv[1]}.json') |
| 71 | 69 | ||
| 72 | upload_time = None | 70 | upload_time = None |
| 73 | our_last_upload_time = None | 71 | our_last_upload_time = None |
| @@ -117,22 +115,14 @@ in { | |||
| 117 | do_upload() | 115 | do_upload() |
| 118 | elif upload_time is not None and (mod_time is None or upload_time > mod_time) and (our_last_upload_time is None or upload_time > our_last_upload_time): # noqa: E501 | 116 | elif upload_time is not None and (mod_time is None or upload_time > mod_time) and (our_last_upload_time is None or upload_time > our_last_upload_time): # noqa: E501 |
| 119 | do_download() | 117 | do_download() |
| 120 | ''); | 118 | ''} \"%I\""; |
| 121 | Environment = [ "RCLONE_PASSWORD_COMMAND=\"${pkgs.coreutils}/bin/cat ${config.sops.secrets.gkleen-rclone.path}\"" "PATH=${pkgs.rclone}/bin" ]; | 119 | Environment = [ "RCLONE_PASSWORD_COMMAND=\"${pkgs.coreutils}/bin/cat ${config.sops.secrets.gkleen-rclone.path}\"" "PATH=${pkgs.rclone}/bin" ]; |
| 122 | }; | 120 | }; |
| 123 | }; | 121 | }; |
| 124 | emacs = { | 122 | emacs = { |
| 125 | Unit = { | 123 | Unit = { |
| 126 | After = ["graphical-session-pre.target"]; | 124 | After = [ "graphical-session.target" ]; |
| 127 | }; | 125 | BindsTo = [ "graphical-session.target" ]; |
| 128 | }; | ||
| 129 | dunst = { | ||
| 130 | Service = { | ||
| 131 | ExecStart = lib.mkForce "${cfg.services.dunst.package}/bin/dunst"; | ||
| 132 | Restart = "always"; | ||
| 133 | }; | ||
| 134 | Install = { | ||
| 135 | WantedBy = ["graphical-session.target"]; | ||
| 136 | }; | 126 | }; |
| 137 | }; | 127 | }; |
| 138 | keepassxc = { | 128 | keepassxc = { |
| @@ -144,8 +134,8 @@ in { | |||
| 144 | Environment = [ "QT_QPA_PLATFORM=wayland" ]; | 134 | Environment = [ "QT_QPA_PLATFORM=wayland" ]; |
| 145 | }; | 135 | }; |
| 146 | Unit = { | 136 | Unit = { |
| 147 | Requires = ["graphical-session-pre.target"]; | 137 | After = [ "graphical-session.target" ]; |
| 148 | After = ["graphical-session-pre.target"]; | 138 | BindsTo = [ "graphical-session.target" ]; |
| 149 | }; | 139 | }; |
| 150 | }; | 140 | }; |
| 151 | mpris-proxy = { | 141 | mpris-proxy = { |
| @@ -154,7 +144,7 @@ in { | |||
| 154 | Service.ExecStart = "${pkgs.bluez}/bin/mpris-proxy"; | 144 | Service.ExecStart = "${pkgs.bluez}/bin/mpris-proxy"; |
| 155 | Install.WantedBy = [ "default.target" ]; | 145 | Install.WantedBy = [ "default.target" ]; |
| 156 | }; | 146 | }; |
| 157 | "autossh-socks@proxy.mathw0h:8119" = { | 147 | "autossh-socks@proxy.ssh.math.lmu.de:8119" = { |
| 158 | Service = { | 148 | Service = { |
| 159 | Type = "notify"; | 149 | Type = "notify"; |
| 160 | NotifyAccess = "all"; | 150 | NotifyAccess = "all"; |
| @@ -162,7 +152,7 @@ in { | |||
| 162 | Restart = "always"; | 152 | Restart = "always"; |
| 163 | RestartSec = "23s"; | 153 | RestartSec = "23s"; |
| 164 | ExecStart = "${autossh-socks-script} \"%I\""; | 154 | ExecStart = "${autossh-socks-script} \"%I\""; |
| 165 | Environment = [ "SSHPASS_SECRET=gkleen@mathw0g.math.lmu.de" ]; | 155 | Environment = [ "SSHPASS_SECRET=gkleen@ssh.math.lmu.de" ]; |
| 166 | }; | 156 | }; |
| 167 | Unit = { | 157 | Unit = { |
| 168 | StopWhenUnneeded = true; | 158 | StopWhenUnneeded = true; |
| @@ -181,11 +171,56 @@ in { | |||
| 181 | }; | 171 | }; |
| 182 | Unit = { | 172 | Unit = { |
| 183 | StopWhenUnneeded = true; | 173 | StopWhenUnneeded = true; |
| 174 | StartLimitInterval = "2s"; | ||
| 175 | StartLimitBurst = 25; | ||
| 184 | }; | 176 | }; |
| 185 | }; | 177 | }; |
| 186 | swayidle = { | 178 | "autossh-socks@proxy.mathw0h:8123" = { |
| 187 | Service = { | 179 | Service = { |
| 188 | RuntimeDirectory = "swayidle"; | 180 | Type = "notify"; |
| 181 | NotifyAccess = "all"; | ||
| 182 | WorkingDirectory = "~"; | ||
| 183 | Restart = "always"; | ||
| 184 | RestartSec = "23s"; | ||
| 185 | ExecStart = "${autossh-socks-script} \"%I\""; | ||
| 186 | Environment = [ "SSHPASS_SECRET=gkleen@mathw0h.mathinst.loc" ]; | ||
| 187 | }; | ||
| 188 | Unit = { | ||
| 189 | StopWhenUnneeded = true; | ||
| 190 | StartLimitInterval = "180s"; | ||
| 191 | StartLimitBurst = 7; | ||
| 192 | }; | ||
| 193 | }; | ||
| 194 | "autossh-socks@proxy.mathw0e:8125" = { | ||
| 195 | Service = { | ||
| 196 | Type = "notify"; | ||
| 197 | NotifyAccess = "all"; | ||
| 198 | WorkingDirectory = "~"; | ||
| 199 | Restart = "always"; | ||
| 200 | RestartSec = "23s"; | ||
| 201 | ExecStart = "${autossh-socks-script} \"%I\""; | ||
| 202 | Environment = [ "SSHPASS_SECRET=gkleen@mathw0e.mathinst.loc" ]; | ||
| 203 | }; | ||
| 204 | Unit = { | ||
| 205 | StopWhenUnneeded = true; | ||
| 206 | StartLimitInterval = "180s"; | ||
| 207 | StartLimitBurst = 7; | ||
| 208 | }; | ||
| 209 | }; | ||
| 210 | "autossh-socks@proxy.cip04:8127" = { | ||
| 211 | Service = { | ||
| 212 | Type = "notify"; | ||
| 213 | NotifyAccess = "all"; | ||
| 214 | WorkingDirectory = "~"; | ||
| 215 | Restart = "always"; | ||
| 216 | RestartSec = "23s"; | ||
| 217 | ExecStart = "${autossh-socks-script} \"%I\""; | ||
| 218 | Environment = [ "SSHPASS_SECRET=gkleen@cip04.cipmath.loc" ]; | ||
| 219 | }; | ||
| 220 | Unit = { | ||
| 221 | StopWhenUnneeded = true; | ||
| 222 | StartLimitInterval = "180s"; | ||
| 223 | StartLimitBurst = 7; | ||
| 189 | }; | 224 | }; |
| 190 | }; | 225 | }; |
| 191 | psi-notify = { | 226 | psi-notify = { |
| @@ -193,8 +228,8 @@ in { | |||
| 193 | WantedBy = ["graphical-session.target"]; | 228 | WantedBy = ["graphical-session.target"]; |
| 194 | }; | 229 | }; |
| 195 | Unit = { | 230 | Unit = { |
| 196 | Requires = ["graphical-session-pre.target"]; | 231 | After = [ "graphical-session.target" ]; |
| 197 | After = ["graphical-session-pre.target"]; | 232 | PartOf = [ "graphical-session.target" ]; |
| 198 | }; | 233 | }; |
| 199 | Service = { | 234 | Service = { |
| 200 | ExecStart = lib.getExe pkgs.psi-notify; | 235 | ExecStart = lib.getExe pkgs.psi-notify; |
| @@ -207,6 +242,7 @@ in { | |||
| 207 | gtklock = { | 242 | gtklock = { |
| 208 | Unit = { | 243 | Unit = { |
| 209 | Requisite = ["graphical-session.target"]; | 244 | Requisite = ["graphical-session.target"]; |
| 245 | After = [ "graphical-session.target" ]; | ||
| 210 | PartOf = ["graphical-session.target"]; | 246 | PartOf = ["graphical-session.target"]; |
| 211 | }; | 247 | }; |
| 212 | Service = { | 248 | Service = { |
| @@ -214,53 +250,55 @@ in { | |||
| 214 | RuntimeDirectory = "gtklock"; | 250 | RuntimeDirectory = "gtklock"; |
| 215 | CacheDirectory = "gtklock"; | 251 | CacheDirectory = "gtklock"; |
| 216 | ExecStartPre = [ | 252 | ExecStartPre = [ |
| 217 | "${pkgs.libsForQt5.qt5.qttools.bin}/bin/qdbus org.keepassxc.KeePassXC.MainWindow /keepassxc org.keepassxc.KeePassXC.MainWindow.lockAllDatabases" | 253 | "-${lib.getExe' pkgs.libsForQt5.qt5.qttools.bin "qdbus"} org.keepassxc.KeePassXC.MainWindow /keepassxc org.keepassxc.KeePassXC.MainWindow.lockAllDatabases" |
| 218 | "${config.systemd.package}/bin/systemctl --user stop gpg-agent.service" | 254 | "-${lib.getExe' config.systemd.package "systemctl"} --user stop gpg-agent.service" |
| 219 | (pkgs.writeShellScript "generate-css" '' | 255 | "-${lib.getExe pkgs.playerctl} -a pause" |
| 220 | set -x | 256 | "-${lib.getExe (pkgs.writeShellApplication { |
| 221 | export PATH="${lib.makeBinPath [cfg.programs.wpaperd.package pkgs.jq pkgs.coreutils pkgs.imagemagick pkgs.findutils]}:$PATH" | 257 | name = "generate-css"; |
| 222 | 258 | runtimeInputs = with pkgs; [cfg.services.wpaperd.package jq coreutils imagemagick findutils]; | |
| 223 | declare -A monitors | 259 | text = '' |
| 224 | monitors=() | 260 | declare -A monitors |
| 225 | while IFS= read -r entry; do | 261 | monitors=() |
| 226 | path=$(jq -r ".path" <<<"$entry") | 262 | while IFS= read -r entry; do |
| 227 | [[ -z "$path" || ! -f "$path" ]] && continue | 263 | path=$(jq -r ".path" <<<"$entry") |
| 228 | blurred_path="$CACHE_DIRECTORY"/"$(b2sum -l 128 <<<"$path" | cut -d' ' -f1)"."''${path##*.}" | 264 | [[ -z "$path" || ! -f "$path" ]] && continue |
| 229 | monitor=$(jq -r ".display" <<<"$entry") | 265 | blurred_path="$CACHE_DIRECTORY"/"$(b2sum -l 128 <<<"$path" | cut -d' ' -f1)"."''${path##*.}" |
| 230 | if [[ ! -f "$blurred_path" ]]; then | 266 | monitor=$(jq -r ".display" <<<"$entry") |
| 231 | mkdir -p "$(dirname "$blurred_path")" | 267 | if [[ ! -f "$blurred_path" ]]; then |
| 232 | magick "$path" -filter Gaussian -resize 6.25% -define filter:sigma=2.5 -resize 1600% "$blurred_path" & | 268 | mkdir -p "$(dirname "$blurred_path")" |
| 233 | fi | 269 | magick "$path" -filter Gaussian -resize 6.25% -define filter:sigma=2.5 -resize 1600% "$blurred_path" & |
| 234 | monitors+=([$monitor]="$blurred_path") | 270 | fi |
| 235 | done < <(wpaperctl all-wallpapers -j | jq -c ".[]") | 271 | monitors+=([$monitor]="$blurred_path") |
| 236 | wait | 272 | done < <(wpaperctl all-wallpapers -j | jq -c ".[]") |
| 273 | # wait | ||
| 237 | 274 | ||
| 238 | cp --no-preserve=mode ${pkgs.writeText "gtklock.css" '' | 275 | cp --no-preserve=mode ${pkgs.writeText "gtklock.css" '' |
| 239 | #window-box { | 276 | #window-box { |
| 240 | padding: 64px; | 277 | padding: 64px; |
| 241 | /* border: 1px solid black; */ | 278 | /* border: 1px solid black; */ |
| 242 | border-radius: 4px; | 279 | border-radius: 4px; |
| 243 | box-shadow: rgba(0, 0, 0, 0.8) 0px 4px 12px; | 280 | box-shadow: rgba(0, 0, 0, 0.8) 0px 4px 12px; |
| 244 | /* background-color: white; */ | 281 | /* background-color: white; */ |
| 245 | background-color: rgba(0, 0, 0, 0.5); | 282 | background-color: rgba(0, 0, 0, 0.5); |
| 283 | } | ||
| 284 | ''} "$RUNTIME_DIRECTORY"/style.css | ||
| 285 | for monitor in "''${!monitors[@]}"; do | ||
| 286 | cat >>"$RUNTIME_DIRECTORY"/style.css <<EOF | ||
| 287 | window#''${monitor} { | ||
| 288 | background-image: url("''${monitors[$monitor]}"); | ||
| 289 | background-repeat: no-repeat; | ||
| 290 | background-size: 100% 100%; | ||
| 291 | background-origin: content-box; | ||
| 246 | } | 292 | } |
| 247 | ''} "$RUNTIME_DIRECTORY"/style.css | 293 | EOF |
| 248 | for monitor in "''${!monitors[@]}"; do | 294 | done |
| 249 | cat >>"$RUNTIME_DIRECTORY"/style.css <<EOF | 295 | ''; |
| 250 | window#''${monitor} { | 296 | })}" |
| 251 | background-image: url("''${monitors[$monitor]}"); | ||
| 252 | background-repeat: no-repeat; | ||
| 253 | background-size: 100% 100%; | ||
| 254 | background-origin: content-box; | ||
| 255 | } | ||
| 256 | EOF | ||
| 257 | done | ||
| 258 | '') | ||
| 259 | ]; | 297 | ]; |
| 260 | NotifyAccess = "all"; | 298 | NotifyAccess = "all"; |
| 261 | ExecStart = ''${lib.getExe pkgs.gtklock} -s "''${RUNTIME_DIRECTORY}/style.css" -L ${pkgs.writeShellScript "after-lock" '' | 299 | ExecStart = ''${lib.getExe pkgs.gtklock} -s "''${RUNTIME_DIRECTORY}/style.css" -L ${pkgs.writeShellScript "after-lock" '' |
| 262 | ${cfg.wayland.windowManager.hyprland.package}/bin/hyprctl dispatch dpms off | 300 | ${lib.getExe cfg.programs.niri.package} msg action power-off-monitors |
| 263 | ${config.systemd.package}/bin/systemd-notify --ready | 301 | ${lib.getExe' config.systemd.package "systemd-notify"} --ready |
| 264 | ''}''; | 302 | ''}''; |
| 265 | }; | 303 | }; |
| 266 | }; | 304 | }; |
| @@ -308,38 +346,82 @@ in { | |||
| 308 | ExecStopPost = "${pkgs.coreutils}/bin/rm -rfv \"$CACHE_DIRECTORY\""; | 346 | ExecStopPost = "${pkgs.coreutils}/bin/rm -rfv \"$CACHE_DIRECTORY\""; |
| 309 | }; | 347 | }; |
| 310 | }; | 348 | }; |
| 311 | wpaperd = { | 349 | # wpaperd = { |
| 312 | Install = { | 350 | # Install = { |
| 313 | WantedBy = ["graphical-session.target"]; | 351 | # WantedBy = ["graphical-session.target"]; |
| 352 | # }; | ||
| 353 | # Unit = { | ||
| 354 | # After = [ "graphical-session.target" ]; | ||
| 355 | # PartOf = [ "graphical-session.target" ]; | ||
| 356 | # }; | ||
| 357 | # Service = { | ||
| 358 | # ExecStart = lib.getExe cfg.services.wpaperd.package; | ||
| 359 | # Type = "simple"; | ||
| 360 | # Restart = "always"; | ||
| 361 | # RestartSec = "2s"; | ||
| 362 | # }; | ||
| 363 | # }; | ||
| 364 | xembed-sni-proxy = { | ||
| 365 | Unit = { | ||
| 366 | PartOf = lib.mkForce ["tray.target"]; | ||
| 314 | }; | 367 | }; |
| 368 | }; | ||
| 369 | poweralertd = { | ||
| 315 | Unit = { | 370 | Unit = { |
| 316 | BindsTo = ["graphical-session-pre.target"]; | 371 | After = ["graphical-session.target"]; |
| 317 | After = ["graphical-session-pre.target"]; | ||
| 318 | }; | 372 | }; |
| 319 | Service = { | 373 | }; |
| 320 | ExecStart = lib.getExe cfg.programs.wpaperd.package; | 374 | network-manager-applet = { |
| 321 | Type = "simple"; | 375 | Unit = { |
| 322 | Restart = "always"; | 376 | PartOf = lib.mkForce ["tray.target"]; |
| 323 | RestartSec = "2s"; | 377 | }; |
| 378 | }; | ||
| 379 | udiskie = { | ||
| 380 | Unit = { | ||
| 381 | PartOf = lib.mkForce ["tray.target"]; | ||
| 382 | }; | ||
| 383 | }; | ||
| 384 | blueman-applet = { | ||
| 385 | Unit = { | ||
| 386 | PartOf = lib.mkForce ["tray.target"]; | ||
| 387 | }; | ||
| 388 | Install = { | ||
| 389 | WantedBy = lib.mkForce ["tray.target"]; | ||
| 324 | }; | 390 | }; |
| 325 | }; | 391 | }; |
| 326 | } // listToAttrs (map ({host, port}: nameValuePair "proxy-to-autossh-socks@${toString port}" { | 392 | } // listToAttrs (map ({host, port}: nameValuePair "proxy-to-autossh-socks@${toString port}" { |
| 327 | Unit = { | 393 | Unit = { |
| 328 | Requires = ["autossh-socks@${host}:${toString (port + 1)}.service" "proxy-to-autossh-socks@${toString port}.socket"]; | 394 | BindsTo = ["autossh-socks@${host}:${toString (port + 1)}.service" "proxy-to-autossh-socks@${toString port}.socket"]; |
| 329 | After = ["autossh-socks@${host}:${toString (port + 1)}.service" "proxy-to-autossh-socks@${toString port}.socket"]; | 395 | After = ["autossh-socks@${host}:${toString (port + 1)}.service" "proxy-to-autossh-socks@${toString port}.socket"]; |
| 330 | }; | 396 | }; |
| 331 | Service = { | 397 | Service = { |
| 332 | ExecStart = "${config.systemd.package}/lib/systemd/systemd-socket-proxyd --exit-idle-time=10s localhost:${toString (port + 1)}"; | 398 | ExecStart = "${config.systemd.package}/lib/systemd/systemd-socket-proxyd --exit-idle-time=60s 127.0.0.1:${toString (port + 1)}"; |
| 399 | Restart = "always"; | ||
| 400 | RestartSec = "23s"; | ||
| 333 | }; | 401 | }; |
| 334 | }) [{ host = "proxy.mathw0h"; port = 8118; } { host = "proxy.vidhar"; port = 8120; }]); | 402 | }) [{ host = "proxy.ssh.math.lmu.de"; port = 8118; } { host = "proxy.vidhar"; port = 8120; } { host = "proxy.mathw0h"; port = 8122; } { host = "proxy.mathw0e"; port = 8124; } { host = "proxy.cip04"; port = 8126; }]); |
| 335 | sockets = listToAttrs (map (port: nameValuePair "proxy-to-autossh-socks@${toString port}" { | 403 | sockets = listToAttrs (map (port: nameValuePair "proxy-to-autossh-socks@${toString port}" { |
| 336 | Socket = { | 404 | Socket = { |
| 337 | ListenStream = "%I"; | 405 | ListenStream = "%I"; |
| 406 | TriggerLimitIntervalSec = 0; | ||
| 407 | PollLimitIntervalSec = "180s"; | ||
| 408 | PollLimitBurst = 6; | ||
| 338 | }; | 409 | }; |
| 339 | Install = { | 410 | Install = { |
| 340 | WantedBy = ["default.target"]; | 411 | WantedBy = ["default.target"]; |
| 341 | }; | 412 | }; |
| 342 | }) [8118 8120]) // { | 413 | }) [8118 8122 8124 8126]) // { |
| 414 | "proxy-to-autossh-socks@8120" = { | ||
| 415 | Socket = { | ||
| 416 | ListenStream = "%I"; | ||
| 417 | TriggerLimitIntervalSec = 0; | ||
| 418 | PollLimitIntervalSec = "2s"; | ||
| 419 | PollLimitBurst = 20; | ||
| 420 | }; | ||
| 421 | Install = { | ||
| 422 | WantedBy = ["default.target"]; | ||
| 423 | }; | ||
| 424 | }; | ||
| 343 | "yt-dlp" = { | 425 | "yt-dlp" = { |
| 344 | Socket = { | 426 | Socket = { |
| 345 | SocketMode = "0600"; | 427 | SocketMode = "0600"; |
| @@ -353,7 +435,7 @@ in { | |||
| 353 | }; | 435 | }; |
| 354 | }; | 436 | }; |
| 355 | timers = { | 437 | timers = { |
| 356 | sync-keepass = { | 438 | "sync-keepass@store.kdbx" = { |
| 357 | Timer = { | 439 | Timer = { |
| 358 | OnActiveSec = "1m"; | 440 | OnActiveSec = "1m"; |
| 359 | OnUnitActiveSec = "1m"; | 441 | OnUnitActiveSec = "1m"; |
| @@ -363,6 +445,16 @@ in { | |||
| 363 | WantedBy = ["default.target"]; | 445 | WantedBy = ["default.target"]; |
| 364 | }; | 446 | }; |
| 365 | }; | 447 | }; |
| 448 | "sync-keepass@rz.kdbx" = { | ||
| 449 | Timer = { | ||
| 450 | OnActiveSec = "1d"; | ||
| 451 | OnUnitActiveSec = "1d"; | ||
| 452 | }; | ||
| 453 | |||
| 454 | Install = { | ||
| 455 | WantedBy = ["default.target"]; | ||
| 456 | }; | ||
| 457 | }; | ||
| 366 | }; | 458 | }; |
| 367 | targets = { | 459 | targets = { |
| 368 | graphical-session = { | 460 | graphical-session = { |
| @@ -373,6 +465,9 @@ in { | |||
| 373 | }; | 465 | }; |
| 374 | tray = { | 466 | tray = { |
| 375 | Unit = { | 467 | Unit = { |
| 468 | PartOf = [ "graphical-session.target" ]; | ||
| 469 | # Requires = [ "waybar.service" ]; | ||
| 470 | After = [ "graphical-session.target" ]; # "waybar.service" ]; | ||
| 376 | Wants = ["blueman-applet.service" "udiskie.service" "network-manager-applet.service"]; | 471 | Wants = ["blueman-applet.service" "udiskie.service" "network-manager-applet.service"]; |
| 377 | }; | 472 | }; |
| 378 | }; | 473 | }; |