From 1ca50f486fae97ba502c7085c14ae6d2226c8176 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Leonardo=20Eug=C3=AAnio?= <lelgenio@disroot.org>
Date: Wed, 3 Sep 2025 00:35:02 -0300
Subject: [PATCH 1/6] sway: add scratchpad binds

---
 user/sway/sway-binds.nix | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/user/sway/sway-binds.nix b/user/sway/sway-binds.nix
index 27a27b4..af11268 100644
--- a/user/sway/sway-binds.nix
+++ b/user/sway/sway-binds.nix
@@ -125,9 +125,8 @@ let
     "${mod}+v" = "splitv";
     "${mod}+a" = "focus parent";
 
-    ## TODO:
-    # "${mod}+Shift+minus" = "move scratchpad";
-    # "${mod}+minus" = "scratchpad show";
+    "${mod}+Shift+z" = "move scratchpad";
+    "${mod}+z" = "scratchpad show";
   };
 
   audio_binds = {

From 437da46c4e9a1e4eb3733e0c75c66156cdc27e9d Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Leonardo=20Eug=C3=AAnio?= <lelgenio@disroot.org>
Date: Wed, 3 Sep 2025 00:35:21 -0300
Subject: [PATCH 2/6] greetd: fix gtkgreet slow startup

---
 system/greetd.nix | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/system/greetd.nix b/system/greetd.nix
index 2b5f22f..3e8eed0 100644
--- a/system/greetd.nix
+++ b/system/greetd.nix
@@ -74,7 +74,7 @@ in
             user = "lelgenio";
           };
           default_session = {
-            command = "${pkgs.sway}/bin/sway --config ${swayConfig}";
+            command = "dbus-run-session -- ${pkgs.sway}/bin/sway --config ${swayConfig}";
           };
         };
       };

From e72e9a26884f4dfecd681eec9285874156477028 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Leonardo=20Eug=C3=AAnio?= <lelgenio@disroot.org>
Date: Wed, 3 Sep 2025 00:35:43 -0300
Subject: [PATCH 3/6] sway: add multimonitor settings

---
 system/greetd.nix        |  2 --
 user/sway/default.nix    | 11 ++++++++++-
 user/sway/kanshi.nix     | 18 ++++++++++++++++++
 user/sway/sway-binds.nix |  2 ++
 4 files changed, 30 insertions(+), 3 deletions(-)

diff --git a/system/greetd.nix b/system/greetd.nix
index 3e8eed0..73ea5c3 100644
--- a/system/greetd.nix
+++ b/system/greetd.nix
@@ -37,8 +37,6 @@ in
     xdg.portal = {
       enable = true;
       wlr.enable = true;
-      # Always pick the first monitor, this is fine since I only ever use a single monitor
-      wlr.settings.screencast.chooser_type = "none";
       # gtk portal needed to make gtk apps happy
       extraPortals = [ pkgs.xdg-desktop-portal-gtk ];
     };
diff --git a/user/sway/default.nix b/user/sway/default.nix
index bc53b36..dfe7de9 100644
--- a/user/sway/default.nix
+++ b/user/sway/default.nix
@@ -76,10 +76,19 @@ in
           };
         output = {
           "*" = {
-            adaptive_sync = "on";
             bg = "${theme.background} fill";
+          };
+          "AOC 24G2W1G4 ATNM6XA004804" = {
+            position = "0,0";
+            adaptive_sync = "on";
             mode = "1920x1080@144.000Hz";
           };
+          "LG Electronics 25UM58G 0x01010101" = {
+            position = "1920,215";
+            adaptive_sync = "on";
+            scale = "1.2";
+            mode = "2560x1080@74.991Hz";
+          };
         };
         fonts = {
           names = [ font.interface ];
diff --git a/user/sway/kanshi.nix b/user/sway/kanshi.nix
index 486a209..ea42826 100644
--- a/user/sway/kanshi.nix
+++ b/user/sway/kanshi.nix
@@ -8,6 +8,24 @@ in
   config.services.kanshi = lib.mkIf cfg.enable {
     enable = true;
     settings = [
+      {
+        profile = {
+          name = "home";
+          outputs = [
+            {
+              criteria = "AOC 24G2W1G4 ATNM6XA004804";
+              position = "0,0";
+            }
+            {
+              criteria = "LG Electronics 25UM58G 0x01010101";
+              position = "1920,215";
+              scale = 1.2;
+              mode = "2560x1080@74.991Hz";
+            }
+          ];
+          exec = [ "xrdb .Xresources" ];
+        };
+      }
       {
         profile = {
           name = "sedetary";
diff --git a/user/sway/sway-binds.nix b/user/sway/sway-binds.nix
index af11268..74cd842 100644
--- a/user/sway/sway-binds.nix
+++ b/user/sway/sway-binds.nix
@@ -110,6 +110,8 @@ let
             "${mod}+Control+${keyBind}" = "resize ${resize_cmd}";
             #  focus output
             "${mod}+mod1+${keyBind}" = "focus output ${direction}";
+            #  Move window to output
+            "${mod}+mod1+Control+${keyBind}" = "move window output ${direction}; focus output ${direction}";
             #  Move workspace to output
             "${mod}+mod1+Shift+${keyBind}" = "move workspace output ${direction}";
           }

From 2f7572839f748a2e70937b252ef1ed5b5220b34d Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Leonardo=20Eug=C3=AAnio?= <lelgenio@disroot.org>
Date: Thu, 4 Sep 2025 00:28:29 -0300
Subject: [PATCH 4/6] sway: only open current monitor for satty screenshot
 editor

---
 scripts/screenshotsh     | 9 +++++++++
 user/sway/sway-binds.nix | 4 +---
 2 files changed, 10 insertions(+), 3 deletions(-)

diff --git a/scripts/screenshotsh b/scripts/screenshotsh
index 98aa17e..439d132 100755
--- a/scripts/screenshotsh
+++ b/scripts/screenshotsh
@@ -46,4 +46,13 @@ case $1 in
             $screenshot -o "$cur_output" - | $copy ||
             $screenshot - | $copy
         ;;
+    edit)
+        # Focused monitor to clipboard
+        cur_output=$(swaymsg -t get_outputs |
+            jq -r '.[] | select(.focused) | .name')
+
+        test -n "$cur_output" &&
+            $screenshot -o "$cur_output" - | satty --filename - --output-filename "$DESTFILE" ||
+            $screenshot - | satty --filename - --output-filename "$DESTFILE"
+        ;;
 esac
diff --git a/user/sway/sway-binds.nix b/user/sway/sway-binds.nix
index 74cd842..a68a31b 100644
--- a/user/sway/sway-binds.nix
+++ b/user/sway/sway-binds.nix
@@ -173,9 +173,7 @@ let
     "${mod}+c" = "exec ${pkgs.color_picker}/bin/color_picker";
     "${mod}+Return" = "exec ${terminal}";
     "${mod}+Ctrl+Return" = "exec thunar";
-    "${mod}+Shift+s" = ''
-      exec grim - | satty --filename - --output-filename "$(xdg-user-dir PICTURES)"/Screenshots/satty-$(date '+%Y%m%d-%H:%M:%S').png
-    '';
+    "${mod}+Shift+s" = "exec ${pkgs.screenshotsh}/bin/screenshotsh edit";
     "${mod}+Ctrl+v" = "exec wl-paste | tesseract -l por - - | wl-copy";
     "${mod}+k" = "exec showkeys";
     "${mod}+Alt+x" = "exec pkill wl-crosshair || exec wl-crosshair";

From 74de7c937f678daa2aec82048fdc2bc5eef39f2b Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Leonardo=20Eug=C3=AAnio?= <lelgenio@disroot.org>
Date: Fri, 5 Sep 2025 19:18:35 -0300
Subject: [PATCH 5/6] monolith: update gitlab concurrent runners

---
 system/monolith-gitlab-runner.nix | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/system/monolith-gitlab-runner.nix b/system/monolith-gitlab-runner.nix
index dc50068..8aff086 100644
--- a/system/monolith-gitlab-runner.nix
+++ b/system/monolith-gitlab-runner.nix
@@ -11,7 +11,7 @@ in
   virtualisation.docker.enable = true;
   services.gitlab-runner = {
     enable = true;
-    settings.concurrent = 4;
+    settings.concurrent = 8;
     services = {
       # runner for building in docker via host's nix-daemon
       # nix store will be readable in runner, might be insecure

From e0a8b9e791d2c25bbdd0587b99909d6c177003ef Mon Sep 17 00:00:00 2001
From: lelgenio <lelgenio@lelgenio.com>
Date: Tue, 9 Sep 2025 18:15:48 -0300
Subject: [PATCH 6/6] wip

---
 .sops.yaml                                    |  9 ++++
 flake.nix                                     |  2 +-
 .../default.nix}                              |  5 +-
 hosts/double-rainbow/gitlab-runner.nix        | 36 +++++++++++++
 secrets/double-rainbow/default.yaml           | 53 +++++++++++++++++++
 5 files changed, 103 insertions(+), 2 deletions(-)
 rename hosts/{double-rainbow.nix => double-rainbow/default.nix} (95%)
 create mode 100644 hosts/double-rainbow/gitlab-runner.nix
 create mode 100644 secrets/double-rainbow/default.yaml

diff --git a/.sops.yaml b/.sops.yaml
index 192020e..b93a6e2 100644
--- a/.sops.yaml
+++ b/.sops.yaml
@@ -2,6 +2,7 @@ keys:
   - &lelgenio-gpg 0FECE8316E74BA6F44EFC21A2F8F21CE8721456B
   - &lelgenio-ssh age1zrgu7w8059xydagm60phnffghvfe9h2ca58cx8qwagqpyfuvs9fqw79c8h
   - &monolith-ssh age1ecyynwv93lfu7crjjp8l47defv07quzfzaktwurpep7jc9eha5pscg7lrw
+  - &double-rainbow-ssh age1026d4c8nqyapcsy4jz57szt6zw3ejcgv3ecyvz0s89t7w7z964fqdqv52h
   - &phantom-ssh age1m4mqcd2kmuhfr8a22rvh02c68jkakhdfmuqgtusuv0czk4jvna7sz79p3y
 
 creation_rules:
@@ -19,6 +20,14 @@ creation_rules:
       age:
       - *lelgenio-ssh
       - *monolith-ssh
+  - path_regex: secrets/double-rainbow/[^/]+\.(yaml|json|env|ini|gpg)$
+    key_groups:
+    - pgp:
+      - *lelgenio-gpg
+      age:
+      - *lelgenio-ssh
+      - *monolith-ssh
+      - *double-rainbow-ssh
   - path_regex: secrets/phantom/[^/]+\.(yaml|json|env|ini|gpg)$
     key_groups:
     - pgp:
diff --git a/flake.nix b/flake.nix
index 5680e55..35073f9 100644
--- a/flake.nix
+++ b/flake.nix
@@ -166,7 +166,7 @@
         double-rainbow = lib.nixosSystem {
           inherit system specialArgs;
           modules = [
-            ./hosts/double-rainbow.nix
+            ./hosts/double-rainbow
           ]
           ++ common_modules;
         };
diff --git a/hosts/double-rainbow.nix b/hosts/double-rainbow/default.nix
similarity index 95%
rename from hosts/double-rainbow.nix
rename to hosts/double-rainbow/default.nix
index 2270198..fe58c97 100644
--- a/hosts/double-rainbow.nix
+++ b/hosts/double-rainbow/default.nix
@@ -17,7 +17,10 @@ let
   ];
 in
 {
-  imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];
+  imports = [
+    (modulesPath + "/installer/scan/not-detected.nix")
+    ./gitlab-runner.nix
+  ];
 
   my.nix-ld.enable = true;
 
diff --git a/hosts/double-rainbow/gitlab-runner.nix b/hosts/double-rainbow/gitlab-runner.nix
new file mode 100644
index 0000000..ba4fe27
--- /dev/null
+++ b/hosts/double-rainbow/gitlab-runner.nix
@@ -0,0 +1,36 @@
+{
+  config,
+  pkgs,
+  ...
+}:
+let
+  inherit (pkgs.callPackage ../../system/gitlab-runner.nix { }) mkNixRunnerFull;
+in
+{
+  boot.kernel.sysctl."net.ipv4.ip_forward" = true;
+  virtualisation.docker.enable = true;
+  services.gitlab-runner = {
+    enable = true;
+    settings.concurrent = 4;
+    services = {
+      wopus-gitlab-nix = mkNixRunnerFull {
+        authenticationTokenConfigFile = config.sops.secrets."gitlab-runners/wopus-gitlab-nix".path;
+        nixCacheSshPrivateKeyPath = config.sops.secrets."gitlab-runners/wopus-ssh-nix-cache-pk".path;
+        nixCacheSshPublicKeyPath = config.sops.secrets."gitlab-runners/wopus-ssh-nix-cache-pub".path;
+      };
+    };
+  };
+  systemd.services.gitlab-runner.serviceConfig.Nice = 10;
+
+  sops.secrets = {
+    "gitlab-runners/wopus-gitlab-nix" = {
+      sopsFile = ../../secrets/double-rainbow/default.yaml;
+    };
+    "gitlab-runners/wopus-ssh-nix-cache-pk" = {
+      sopsFile = ../../secrets/double-rainbow/default.yaml;
+    };
+    "gitlab-runners/wopus-ssh-nix-cache-pub" = {
+      sopsFile = ../../secrets/double-rainbow/default.yaml;
+    };
+  };
+}
diff --git a/secrets/double-rainbow/default.yaml b/secrets/double-rainbow/default.yaml
new file mode 100644
index 0000000..cf28a34
--- /dev/null
+++ b/secrets/double-rainbow/default.yaml
@@ -0,0 +1,53 @@
+gitlab-runners:
+    wopus-gitlab-nix: ENC[AES256_GCM,data:n/bm5W5Q/h7MxMZX7yz4qeUBpfZDrI7A7/PlnLncMto5V5itVTXRvfd3+D/d2r9PVuJSogfMgMAh0cwuvPspjlm9ToPxrmgGdYbnAkhnFeTHdCfcF1x2DG2JkHe54wUhcQa9QEJkWZ5jJM//2jU=,iv:63lrYCCBMSr5toulba7Rni+iun0Bl2vMFbIsTVvOWQs=,tag:Z1GHj91q09sOWCaLPIKJ4Q==,type:str]
+    wopus-ssh-nix-cache-pk: ENC[AES256_GCM,data:+5I7INvMNfegjjC0xPNOSj+vFakXe6V4N/S5wvL64DOxfPXhSQAjVtdMslp/LlJXH4XWbkQ8ErLbySB3WMDMRDnDRY+6+UKXsP6MFpvEtho0lN+8ZeAGC25ehadYDSFTX43wz6cLRuoAqRQdhPKM96wcYif7nF40cStgaAQhkNemK7AenSA9LQ4J72dWovFuwfTZml8qH6W/O+YEqfOgZsyJ/LobcM1fiuN1S4NnCOJSWB2Ahsu0tiMOSRxKWeUS9+ewh+x1xnZL3y4vax5GgtS2KojtXq0U4qgNi4Gwnmef7HmH1tVgeMO2ykCsuCCZ9iJR0IOqTHU2l+U6hTzf5vehpgK5/tsthkXRsLUmVRnjUaQwaEq9JYltGpEdk6U0UnD+Mf0f5BsDw23lHgannLeduhrSFrPFj+BVodnPxjyYJTPXwXfbWrKIQ8s5kWfIq9x0VePsteIgEH4xLL0yFtyZzrYeCq9WF3j5xTvJsOlG0ehQzX22orrM4RzrFVmeLYOIc/V4bQeyIf1lWemr,iv:UNaUnlVayrzF7qpgIVi9gxPFGCzIP24jNUpO295JPog=,tag:a5OlD+AJH3u6y+Lo3lOQWw==,type:str]
+    wopus-ssh-nix-cache-pub: ENC[AES256_GCM,data:aknblYwAAGaso/Vhr9f1RX64tA3uOh3qxc1dBI7DQmk4TUlQn/AYrKF7wanIhhydrasRulDEam3CBiiyeW/ejcXG07wKIUyZ94TOYfcyRd1yo+PGkmb1yycU6PdjaP5/zwUPAnjMhR2quW+8iwADaUMYKXIJkdQaqUW9a845vBKIxgNgBskWMGMzldb+aUnr2eCb,iv:MQdEUrNugzv+QL6f/MNUqh9M+nFVsWI4VHlMrgQOTEg=,tag:olNTQyCSOhv3sgSjuIXKBA==,type:str]
+sops:
+    age:
+        - recipient: age1zrgu7w8059xydagm60phnffghvfe9h2ca58cx8qwagqpyfuvs9fqw79c8h
+          enc: |
+            -----BEGIN AGE ENCRYPTED FILE-----
+            YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA0eTBFdVM5OFlQTi9JMmFw
+            QWpIU2dSdDMzQTVJOWJCUU03QXR1QVZoeXc4CkljdHNKQ0tUczMrNys5eXNGMnVa
+            K003QjdRaWY4RmNtaEw4cEsxSEJwZlEKLS0tIFZpbGUyaHh0RndkVlpQVlVucHJa
+            TndIUUhsY2xSR3E1WlJXV3ZFN0lIMncKjjf1yt4XhfguzYoCNmHYSmetMDnoz4cr
+            frbZdy4hl9w9EZO5JUeC/n7QMYTZLC2/Zk2PXRUvwyQglrGoUVK2Bg==
+            -----END AGE ENCRYPTED FILE-----
+        - recipient: age1ecyynwv93lfu7crjjp8l47defv07quzfzaktwurpep7jc9eha5pscg7lrw
+          enc: |
+            -----BEGIN AGE ENCRYPTED FILE-----
+            YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBHbHd4L0NEZW55OWd3SWlv
+            U3dEcDNKZUJid2VsZ1lQdy9NRnIyVDRPRm1VCnZDcCs0S1BLNjJLZTFpSHVpNVRj
+            OFpMK0ZjWTJkcWJoUFk2YnBCK3JKcFUKLS0tIEtqRkF4Q0FobXhPVTF6eWN2d0Nx
+            eVAwSi9LaVNEcHIvQnhhZmZLbHRPOUUK6A91L8YCpi/sM9FiXcJ1sLmW3U4KadYL
+            uw07mobP1Rf0RUdAuSK+42ErFgmS+OTDze/mT/PXg6Dfk+vhTjbfGA==
+            -----END AGE ENCRYPTED FILE-----
+        - recipient: age1026d4c8nqyapcsy4jz57szt6zw3ejcgv3ecyvz0s89t7w7z964fqdqv52h
+          enc: |
+            -----BEGIN AGE ENCRYPTED FILE-----
+            YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBEaUpLU1ZxQWNCNFNGeEpl
+            dEpVbzBFbk1XaVoxMXIzMWFmTkZWS05GOFFvCmJGamVGK2pCeTJROVloMGdYK3Mx
+            cGF1elFSbjJ3UmUyc1FsUkh6b2JNWTgKLS0tIFRzbHZIL25tK1dnWm90QVFueWZM
+            WUZrTkg0cklJSUg5MndsN0ZPcVk4U0kKPsj787kDFDMxsBt5qk4Bp121AMTE++99
+            m2X4lL6ona9fUe8e8wGhdgxZmqvJL2RCaVWJJy5SAbJ/skP3y7i2mw==
+            -----END AGE ENCRYPTED FILE-----
+    lastmodified: "2025-09-09T20:29:01Z"
+    mac: ENC[AES256_GCM,data:forfO9i1DJvf38Q2B6ETUuOmGB3XVNQEURlUH4h6+6qEZqpZb/c7yUlMpXTUk9kgXn+IcfUhymFN3lrS7KVhSG5SxOTqwpOLF39+XFXcam3X4jf1/H4uBVqmntWAFG2+SvPxvL5jUKw9j8O0xBPWlbnx6BOQU4ifjcoPMOWanBQ=,iv:wj6F/5AV4oieoASZXb6oBtDYA0cA+1ujPWkziMTAhQ0=,tag:29lR7wsFT3vhp2ztMHBlsA==,type:str]
+    pgp:
+        - created_at: "2025-09-09T20:27:32Z"
+          enc: |-
+            -----BEGIN PGP MESSAGE-----
+
+            hQEMAzy6JxafzLr5AQf/a5v/AIIsdE9WawM710HCLQwEJXskDXfN7UP055gDBJer
+            96qny8cKC833OhTPLqWCUpAVgJ1JQ8EDLvj2YvXLiq/NmMFs+mBwjPdzNIUKzK6E
+            QgtjRJuQfOGSW0i44b+nkmWLSi1PhxVbIFt27Nl4I+mrvkhztIZcTwht+be3mMrp
+            z1hEn/BbXsin6JOB6EuyFbsRZ3wYFUlr23NiKVI/JSo39ifbtGqgWn68GN+tYYYs
+            mZ5tJykyRZxTU6qEKBaW9veClxs0FW2shQpp6Go/u6u/ghhHeB99trauPFL2rypT
+            IaLGWruFwHMsd+rSTcw+YrTbL7bfkqx/4xj5dxJaFNJeAfo5F5ddr1odeAHeSQmh
+            pfStJmy83SHhyDw8wLKMeF9d7dPKIyU4cXbLjSv1w86bDpDw8LBJSYEjJPVjLONV
+            F6AXCJxNckDXmshGUejC09abAcMzzTsEJK7ocqEoMg==
+            =XAWM
+            -----END PGP MESSAGE-----
+          fp: 0FECE8316E74BA6F44EFC21A2F8F21CE8721456B
+    unencrypted_suffix: _unencrypted
+    version: 3.10.2