From 8165e5a2b0388a37ba9b0b0631a830c8b19936b6 Mon Sep 17 00:00:00 2001
From: Kopatz <7265381+Kropatz@users.noreply.github.com>
Date: Sun, 14 Apr 2024 13:41:09 +0200
Subject: [PATCH] syncthing

---
 flake.lock                      |  48 ++++++++++++++++----------------
 home-manager/syncthing.nix      |   4 ---
 modules/collections/desktop.nix |   7 ++---
 modules/graphical/audio.nix     |  10 ++-----
 modules/graphical/plasma.nix    |  32 ++++++++++++++++++++-
 modules/services/syncthing.nix  |  47 ++++++++++++++++++-------------
 secrets/secrets.nix             |   2 --
 secrets/syncthing-cert.age      | Bin 1116 -> 0 bytes
 secrets/syncthing-key.age       | Bin 610 -> 0 bytes
 systems/pc/configuration.nix    |   1 +
 10 files changed, 88 insertions(+), 63 deletions(-)
 delete mode 100644 home-manager/syncthing.nix
 delete mode 100644 secrets/syncthing-cert.age
 delete mode 100644 secrets/syncthing-key.age

diff --git a/flake.lock b/flake.lock
index b64b5ba..8b7b5f0 100644
--- a/flake.lock
+++ b/flake.lock
@@ -80,11 +80,11 @@
         "systems": "systems_2"
       },
       "locked": {
-        "lastModified": 1705309234,
-        "narHash": "sha256-uNRRNRKmJyCRC/8y1RqBkqWBLM034y4qN7EprSdmgyA=",
+        "lastModified": 1710146030,
+        "narHash": "sha256-SZ5L6eA7HJ/nmkzGG7/ISclqe6oZdOZTNoesiInkXPQ=",
         "owner": "numtide",
         "repo": "flake-utils",
-        "rev": "1ef2e671c3b0c19053962c07dbda38332dcebf26",
+        "rev": "b1d9ab70662946ef0850d488da1c9019f3a9752a",
         "type": "github"
       },
       "original": {
@@ -121,11 +121,11 @@
         ]
       },
       "locked": {
-        "lastModified": 1712212014,
-        "narHash": "sha256-s+lbaf3nLRn1++/X2eXwY9mYCA/m9l8AvyG8beeOaXE=",
+        "lastModified": 1713077896,
+        "narHash": "sha256-Noot8H0EZEAFRQWyGxh9ryvhK96xpIqKbh78X447JWs=",
         "owner": "nix-community",
         "repo": "home-manager",
-        "rev": "7e91f2a0ba4b62b88591279d54f741a13e36245b",
+        "rev": "630a0992b3627c64e34f179fab68e3d48c6991c0",
         "type": "github"
       },
       "original": {
@@ -142,11 +142,11 @@
         ]
       },
       "locked": {
-        "lastModified": 1710888565,
-        "narHash": "sha256-s9Hi4RHhc6yut4EcYD50sZWRDKsugBJHSbON8KFwoTw=",
+        "lastModified": 1712386041,
+        "narHash": "sha256-dA82pOMQNnCJMAsPG7AXG35VmCSMZsJHTFlTHizpKWQ=",
         "owner": "nix-community",
         "repo": "home-manager",
-        "rev": "f33900124c23c4eca5831b9b5eb32ea5894375ce",
+        "rev": "d6bb9f934f2870e5cbc5b94c79e9db22246141ff",
         "type": "github"
       },
       "original": {
@@ -177,11 +177,11 @@
     },
     "nixos-hardware": {
       "locked": {
-        "lastModified": 1711352745,
-        "narHash": "sha256-luvqik+i3HTvCbXQZgB6uggvEcxI9uae0nmrgtXJ17U=",
+        "lastModified": 1712909959,
+        "narHash": "sha256-7/5ubuwdEbQ7Z+Vqd4u0mM5L2VMNDsBh54visp27CtQ=",
         "owner": "NixOS",
         "repo": "nixos-hardware",
-        "rev": "9a763a7acc4cfbb8603bb0231fec3eda864f81c0",
+        "rev": "f58b25254be441cd2a9b4b444ed83f1e51244f1f",
         "type": "github"
       },
       "original": {
@@ -200,11 +200,11 @@
         ]
       },
       "locked": {
-        "lastModified": 1710519878,
-        "narHash": "sha256-0dbc10OBFUVYyXC+C+N6vRUd8xyBSRxkcZ4Egipbx0M=",
+        "lastModified": 1712984363,
+        "narHash": "sha256-VgCqYB+ymQuZmno8B82L8piyENo5xTNuqubnACYoBRk=",
         "owner": "nix-community",
         "repo": "NixOS-WSL",
-        "rev": "aef95bdb6800a3a2af7aa7083d6df03067da6592",
+        "rev": "0479d4c1ebeb314c5281b4aa7109def821a1b27b",
         "type": "github"
       },
       "original": {
@@ -246,11 +246,11 @@
     },
     "nixpkgs-unstable": {
       "locked": {
-        "lastModified": 1712122226,
-        "narHash": "sha256-pmgwKs8Thu1WETMqCrWUm0CkN1nmCKX3b51+EXsAZyY=",
+        "lastModified": 1712791164,
+        "narHash": "sha256-3sbWO1mbpWsLepZGbWaMovSO7ndZeFqDSdX0hZ9nVyw=",
         "owner": "NixOS",
         "repo": "nixpkgs",
-        "rev": "08b9151ed40350725eb40b1fe96b0b86304a654b",
+        "rev": "1042fd8b148a9105f3c0aca3a6177fd1d9360ba5",
         "type": "github"
       },
       "original": {
@@ -261,11 +261,11 @@
     },
     "nixpkgs_2": {
       "locked": {
-        "lastModified": 1711668574,
-        "narHash": "sha256-u1dfs0ASQIEr1icTVrsKwg2xToIpn7ZXxW3RHfHxshg=",
+        "lastModified": 1712867921,
+        "narHash": "sha256-edTFV4KldkCMdViC/rmpJa7oLIU8SE/S35lh/ukC7bg=",
         "owner": "nixos",
         "repo": "nixpkgs",
-        "rev": "219951b495fc2eac67b1456824cc1ec1fd2ee659",
+        "rev": "51651a540816273b67bc4dedea2d37d116c5f7fe",
         "type": "github"
       },
       "original": {
@@ -277,11 +277,11 @@
     },
     "nur": {
       "locked": {
-        "lastModified": 1712594810,
-        "narHash": "sha256-YP5daMtfEmbhuZGZbFBjvGQIO0EeVnlhw6L+5IfANws=",
+        "lastModified": 1713080250,
+        "narHash": "sha256-cAO7BUGZcN9Nd4j2cqA/gJxjwieWXYB/oIAA0GRKn2o=",
         "owner": "nix-community",
         "repo": "NUR",
-        "rev": "8216f5247f695e7648f9735177870071061700f8",
+        "rev": "d97e32e6a989752e2e19833a8b1dd263f8dcaef5",
         "type": "github"
       },
       "original": {
diff --git a/home-manager/syncthing.nix b/home-manager/syncthing.nix
deleted file mode 100644
index 0d67e90..0000000
--- a/home-manager/syncthing.nix
+++ /dev/null
@@ -1,4 +0,0 @@
-{ pkgs, ... }:
-{
-  services.syncthing.enable = true;
-}
diff --git a/modules/collections/desktop.nix b/modules/collections/desktop.nix
index 0d61c30..bf57d5a 100644
--- a/modules/collections/desktop.nix
+++ b/modules/collections/desktop.nix
@@ -1,7 +1,7 @@
 {pkgs, ...}:
 {
   imports = [
-    ### System modules ###
+    #../graphical/lxqt.nix
     ../cli-tools.nix
     ../docker.nix
     ../fh/scanning.nix
@@ -15,10 +15,8 @@
     ../graphical/ime.nix
     ../graphical/obs.nix
     ../graphical/openrgb.nix
-    #../graphical/lxqt.nix
     ../graphical/plasma.nix
     ../graphical/shared.nix
-    ../fh/scanning.nix
     ../hardware/firmware.nix
     ../hardware/nvidia.nix
     ../hardware/ssd.nix
@@ -29,10 +27,11 @@
     ../nix/ld.nix
     ../nix/settings.nix
     ../noise-supression.nix
+    ../services/syncthing.nix
+    ../static-ip.nix
     ../support/ntfs.nix
     ../tmpfs.nix
     ../virt-manager.nix
-    ../static-ip.nix
     ../wireshark.nix
     #../fh/forensik.nix
     #../graphical/hyprland.nix
diff --git a/modules/graphical/audio.nix b/modules/graphical/audio.nix
index 9c363b8..c5d192d 100644
--- a/modules/graphical/audio.nix
+++ b/modules/graphical/audio.nix
@@ -1,20 +1,14 @@
 { pkgs, ...} :
 {
   # Enable sound with pipewire.
-  sound.enable = true;
+  sound.enable = false;
   hardware.pulseaudio.enable = false;
   security.rtkit.enable = true;
+
   services.pipewire = {
     enable = true;
     alsa.enable = true;
     alsa.support32Bit = true;
     pulse.enable = true;
-    package = pkgs.unstable.pipewire;
-    # If you want to use JACK applications, uncomment this
-    #jack.enable = true;
-
-    # use the example session manager (no others are packaged yet so this is enabled by default,
-    # no need to redefine it in your config for now)
-    #media-session.enable = true;
   };
 }
diff --git a/modules/graphical/plasma.nix b/modules/graphical/plasma.nix
index 97b00e8..251be8a 100644
--- a/modules/graphical/plasma.nix
+++ b/modules/graphical/plasma.nix
@@ -2,12 +2,42 @@
 
 {
   services.xserver = {
+    enable = true;
     xkb.layout = config.mainUser.layout; 
     xkb.variant = config.mainUser.variant;
-    enable = true;
     displayManager.sddm.enable = true;
+    displayManager.sddm.settings.Wayland.SessionDir = "${pkgs.plasma5Packages.plasma-workspace}/share/wayland-sessions";
     #displayManager.sddm.wayland.enable = true;
+
+    libinput = {
+      enable = true;
+
+      # disabling mouse acceleration
+      mouse = {
+        accelProfile = "flat";
+      };
+    };
   };
   services.desktopManager.plasma6.enable = true;
   environment.plasma6.excludePackages = with pkgs.kdePackages; [ ocean-sound-theme spectacle ];
+
+  environment.sessionVariables = {
+    MOZ_ENABLE_WAYLAND = "1";
+    NIXOS_OZONE_WL = "1";
+  };
+
+  xdg = {
+    portal = {
+      enable = true;
+      extraPortals = with pkgs; [
+        xdg-desktop-portal-wlr
+        #xdg-desktop-portal-gtk
+      ];
+    };
+  };
+
+
+  environment.systemPackages = with pkgs; [
+    wayland-utils
+  ];
 }
diff --git a/modules/services/syncthing.nix b/modules/services/syncthing.nix
index 9d468fe..32a42bd 100644
--- a/modules/services/syncthing.nix
+++ b/modules/services/syncthing.nix
@@ -1,38 +1,45 @@
 { config, pkgs, lib, vars, ... }:
 let
-  basePath = "/mnt/1tbssd/syncthing";
+  basePath = "/synced";
 in 
 {
-  age.secrets.syncthing-key = {
-    file = ../../secrets/syncthing-key.age;
-    owner = "syncthing";
-    group = "syncthing";
-  };
-  age.secrets.syncthing-cert = {
-    file = ../../secrets/syncthing-cert.age;
-    owner = "syncthing";
-    group = "syncthing";
-  };
+  systemd.tmpfiles.rules = [
+      "d ${basePath} 0700 ${config.mainUser.name} users -"
+  ];
+  
+  # check device id: syncthing cli --gui-address=/synced/gui-socket --gui-apikey=<key> show system
+  environment.systemPackages = [ syncthing ];
+
   services.syncthing = {
     enable = true;
     dataDir = basePath;
-    openDefaultPorts = true;
-    cert = "/run/agenix/syncthing-cert";
-    key = "/run/agenix/syncthing-key";
-    guiAddress = "0.0.0.0:8384";
+    user = config.mainUser.name;
+    group = "users";
+    guiAddress = "${basePath}/gui-socket";
+    overrideDevices = true;
+    overrideFolders = true;
 
     settings = {
       options.urAccepted = -1;
       options.relaysEnabled = false;
-      devices.kop-pc.id = "2IEILKO-R6UVES4-N27PZRT-YLPOPR3-LTD5SXA-C65FWF3-RYD2B2Y-PEZLTAR";
-      devices.kop-pc.adresses = [ "tcp://192.168.0.11:51820"];
+      options.globalAnnounceEnabled = false;
+      options.gui.enabled = false;
 
-      folders."~/sync" = {
-        id = "sync";
+      devices = {
+        kop-pc = {
+          id = "DZKIUS7-WCGTYEV-4OKVSZU-MIVL2NC-N45AKZL-ABT3VN2-I7RXUMF-RF4CYAU";
+          adresses = [ "tcp://192.168.0.11:51820"];
+        };
+      };
+
+      folders."${basePath}/default" = {
+        id = "default";
         devices = [ "kop-pc" ];
+        ignorePerms = false;
       };
     };
   };
 
-  networking.firewall.allowedTCPPorts = [ 8384 ];
+  networking.firewall.allowedTCPPorts = [ 8384 22000 ];
+  networking.firewall.allowedUDPPorts = [ 22000 21027 ];
 }
diff --git a/secrets/secrets.nix b/secrets/secrets.nix
index 310b339..52e7af6 100644
--- a/secrets/secrets.nix
+++ b/secrets/secrets.nix
@@ -22,7 +22,5 @@ in
   "kavita.age".publicKeys = [ nix-test-vm server kop ];
   "step-ca-pw.age".publicKeys = [ nix-test-vm server kop ];
   "step-ca-key.age".publicKeys = [ nix-test-vm server kop ];
-  "syncthing-key.age".publicKeys = [ server kop ];
-  "syncthing-cert.age".publicKeys = [ server kop ];
   "grafana-contact-points.age".publicKeys = [ server kop];
 }
diff --git a/secrets/syncthing-cert.age b/secrets/syncthing-cert.age
deleted file mode 100644
index ae005b4812959c42795e3cddf1b5370bab4c67a3..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 1116
zcmYdHPt{G$OD?J`D9Oyv)5|YP*Do{V(zR14F3!+RO))YxHMCUl3^R7g4pb=3%c$}$
z$<5bJO-sqHjM5MF&MR^>%*qZkbJEUmbt)?kb9Rh!)%Pm)Naw1`b@y>D33d$449yA7
zstEUR2~8;t$}~?jsB+KscFs&rE6Of2@iNYKDn_@>#knfe&`}|@(kwqXFk3q@C_SXe
z#UsqzH#p2PPd~DtEX~n5FQYuvDA_$IAh$p}GoQ<~sKPkeKgTjNDJ{***gv4c%|FG^
z$RxMiBiO<>%+x&D(!$l;H6+U2#e_>&S63lFxxm7-%Gs<SEXAzML)*_h$VA^KIoZN2
z!n?}TG26wfpft*_DnBGE&ynkd-Tvfj|N9U0sn&Kc|9JMphyJtNvSyNH?x{toYwfyQ
zeVPpJ-_30()IA|<_LNJuTIg(<yhmx--5<tIy*H-J)xNbjRn{(8K74ah)8;p<GXi2I
z@?~dzzj`(BZqkap=e~W?PMLSkOku10^I=ba^$N}~mDSESgs#eFGFKjYm3;l4PFqpV
zx@r2qf_8@f<^OiKN~YVOdXIvrxXkSQ*9zS4H#>ixId6KS^6GWIseO&+Ue8@bo=5x)
zJ2hE~QG>brNb-3@-Xl`?HO~1(SG}xnOn7r7*MMt<g`3yu3H!5(cWEt|Q?j{vI^TCK
zfkPfQv}$_|A6{L&{i5)#Mw6${v*iCwOH<k{@k?N;YSVi`W5rjK_oU~1EB+|faVz1*
zTjzTH<42bJY}>%nX_v{qtxD{{YPnU5jz3>;>-gyj`i36`8WVHabRzRlb??q8ju%}i
zxais1`~4HbyUz7ITGczhTjX>1eLMZN=620DT^{F#Ye(j5>t0&T_fX4!uhLD`_zMn_
zYPY02(w4tqz3_aS`_!HHP10GKqjuGmPgng?eCp@&y&bj=vmRWVEBodYxAB%A5%&9y
zPm9^IKJ5E^vG>+v^JAGVz7~7ZPBfT_>Y6`FsolskE7@3WO;TPj+v#1;I8}UYzu%3U
z`)Bbl1GdIbzb@R^(`4{kWBWwgr)<~D>{iBTOuKTOL+e=dOqT1bSEzk%S*yG1dzgDs
zVq?T7`Bj;0KWD7)p3irLDYU^Zf-7n9of`L=iMCN;`wK2ec~n2WrPumi_tn*;O{Ljx
zw;q)|_un|9{$B>a+s-KwPbM+OIq+^iCTY<ay*cCbcF|&vSDP3;XI&_FE!`$H-Imq$
z@XcB6tjt`SL^s@Oi_;crRou1lYR5L$IPKtX6ZV{LOz!x0Pq!eUbCs{4;Sz49GGV(9
z3^fb&x3l?(uK4ERwN$@S^2tMf?=3r)F)ug2tbF*Dba_O@yV)<^x4zIgCebhLCGe$U
zUZeFS)!Xy0q(%0viFq&FlGB}PwzG0k=ACagxrJHpm)O^D>RuLjJ5n^|cv;<l`y-Y4
z2U%mZ#6#O!7x39FPG-8Z{&IfoT`AQF0hQhWtvi3_*O{2`gmb%j%{h{w<}A4IzQCRi
H7cL6`Ej{lt

diff --git a/secrets/syncthing-key.age b/secrets/syncthing-key.age
deleted file mode 100644
index b3889ae237f98abc7400108d72ff604e4b400b53..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 610
zcmYdHPt{G$OD?J`D9Oyv)5|YP*Do{V(zR14F3!+RO))YxHMCUl3^R7g4phi8Ee{GT
z^f3%dHAoLg%=4_OtgO^e%d99X)(+GTkE}FLsdNlT4$V#px8TaoNihs@O9?O!3oa?k
zP1i1}a7;;b^707?clUF#C`b<}GD~&~HYhKtibS`~#knfe&`}{NAh0we-z&$^*x%bM
z&oQy0sv@`|EhFE!BGoY?*f%gNKP@}QBt6PKu$U{oIK{s(+`FPYGSt|@tEkN1x3btX
zD>Kx>xWGR>C?w4=C(^_`$<WEL*p*9HS69Ks*elp0BFnR~*v%-r%*-G=!^@<^BiFYo
zBR4Ii(!()0yDCCID5)^Fz<`T$<;@MTI%?BBBK$qW{&Bdi&)&a+lVjJxjs^X~O9M-a
z_D$^dlFfQ;#@Ov}H0Eqje*Yb%aPNDC_x%bUG1ksIx~0A-wdXE_lZB+H)9ySOmvd8s
zKR2_V(epKYmmD1+>GN{+G&|Q@4;N=lIP=3{s;;}Xk~y16ZR_r1!dIGE)<-SPy12G;
z-Qs;E_RRmTmawUJJ$(6f&Dl3{&6~r&SuVCK=+>&+yHI`3ZMM%Hn!<g1p6;2w>uT_<
zO#(8HElna)<JqS)HJVJ<v)ZlIe&&;*ab-ervtOKo>TJKs4|T3PZ98aldA6gfxp}3)
zJ=J4ZuXH{C(2}@x#;j=@zAS7$`f*9bY}x$%txe6>6*j9^Ki+)&h((!)WI$z@&@My%
vst=;Am2P+2(j-Ka*RKl9sFXazxy55cC;O#`;w(Ru!#iGH`QW7(p2rRVqjvZt

diff --git a/systems/pc/configuration.nix b/systems/pc/configuration.nix
index 9d1bfad..ef4eb32 100644
--- a/systems/pc/configuration.nix
+++ b/systems/pc/configuration.nix
@@ -12,6 +12,7 @@
 
   mainUser.layout = "de";
   mainUser.variant = "us";
+  age.identityPaths = [ /home/kopatz/.ssh/id_rsa ];
 
   # Bootloader.
   boot.loader.systemd-boot.enable = true;