monolith: remove old gpu config

Revert "monolith: add static ip address"
This reverts commit 05e3958eed.
2025-12-12 21:53:22 -03:00 · 2025-12-08 08:46:34 -03:00 · 2025-12-08 08:46:34 -03:00 · 2025-12-08 08:46:34 -03:00 · 2025-11-27 23:18:47 -03:00 · 2025-11-27 13:06:32 -03:00
72 changed files with 1261 additions and 567 deletions
--- a/.gitattributes
+++ b/.gitattributes
@ -0,0 +1,2 @@
 flake.lock binary
 *.gpg binary
--- a/.sops.yaml
+++ b/.sops.yaml
@ -2,24 +2,33 @@ keys:
  - &lelgenio-gpg 0FECE8316E74BA6F44EFC21A2F8F21CE8721456B
  - &lelgenio-ssh age1zrgu7w8059xydagm60phnffghvfe9h2ca58cx8qwagqpyfuvs9fqw79c8h
  - &monolith-ssh age1ecyynwv93lfu7crjjp8l47defv07quzfzaktwurpep7jc9eha5pscg7lrw
  - &double-rainbow-ssh age1026d4c8nqyapcsy4jz57szt6zw3ejcgv3ecyvz0s89t7w7z964fqdqv52h
  - &phantom-ssh age1m4mqcd2kmuhfr8a22rvh02c68jkakhdfmuqgtusuv0czk4jvna7sz79p3y
 creation_rules:
-  - path_regex: secrets/[^/]+\.(yaml|json|env|ini)$
+  - path_regex: secrets/[^/]+\.(yaml|json|env|ini|gpg)$
    key_groups:
    - pgp:
      - *lelgenio-gpg
      age:
      - *lelgenio-ssh
      - *monolith-ssh
-  - path_regex: secrets/monolith/[^/]+\.(yaml|json|env|ini)$
+  - path_regex: secrets/monolith/[^/]+\.(yaml|json|env|ini|gpg)$
    key_groups:
    - pgp:
      - *lelgenio-gpg
      age:
      - *lelgenio-ssh
      - *monolith-ssh
-  - path_regex: secrets/phantom/[^/]+\.(yaml|json|env|ini)$
+  - path_regex: secrets/double-rainbow/[^/]+\.(yaml|json|env|ini|gpg)$
    key_groups:
    - pgp:
      - *lelgenio-gpg
      age:
      - *lelgenio-ssh
      - *monolith-ssh
      - *double-rainbow-ssh
  - path_regex: secrets/phantom/[^/]+\.(yaml|json|env|ini|gpg)$
    key_groups:
    - pgp:
      - *lelgenio-gpg
--- a/flake.lock
+++ b/flake.lock
@ -28,11 +28,11 @@
        "systems": "systems"
      },
      "locked": {
-        "lastModified": 1736955230,
+        "lastModified": 1762618334,
-        "narHash": "sha256-uenf8fv2eG5bKM8C/UvFaiJMZ4IpUFaQxk9OH5t/1gA=",
+        "narHash": "sha256-wyT7Pl6tMFbFrs8Lk/TlEs81N6L+VSybPfiIgzU8lbQ=",
        "owner": "ryantm",
        "repo": "agenix",
-        "rev": "e600439ec4c273cf11e06fe4d9d906fb98fa097c",
+        "rev": "fcdea223397448d35d9b31f798479227e80183f6",
        "type": "github"
      },
      "original": {
@ -76,11 +76,11 @@
    "contador-da-viagem": {
      "flake": false,
      "locked": {
-        "lastModified": 1742597480,
+        "lastModified": 1742610036,
-        "narHash": "sha256-aN+Kioc4AWPMyJxfz/zFCo2YdP4YxcPqoUcp46z9KcA=",
+        "narHash": "sha256-sY1iheemazmIVJAnoFtut6cN7HX/C5OMDY54UrmCoqE=",
        "ref": "refs/heads/main",
-        "rev": "29dde9d1965b1f8c1b870185a95859c050ba847d",
+        "rev": "efe5ac4a16de7f78824ac89dc987ef635afa5267",
-        "revCount": 3,
+        "revCount": 4,
        "type": "git",
        "url": "https://git.lelgenio.com/lelgenio/contador-da-viagem"
      },
@ -163,11 +163,11 @@
        ]
      },
      "locked": {
-        "lastModified": 1700795494,
+        "lastModified": 1744478979,
-        "narHash": "sha256-gzGLZSiOhf155FW7262kdHo2YDeugp3VuIFb4/GGng0=",
+        "narHash": "sha256-dyN+teG9G82G+m+PX/aSAagkC+vUv0SgUw3XkPhQodQ=",
        "owner": "lnl7",
        "repo": "nix-darwin",
-        "rev": "4b9b83d5a92e8c1fbfd8eb27eda375908c11ec4d",
+        "rev": "43975d782b418ebf4969e9ccba82466728c2851b",
        "type": "github"
      },
      "original": {
@ -225,11 +225,11 @@
        ]
      },
      "locked": {
-        "lastModified": 1741786315,
+        "lastModified": 1764350888,
-        "narHash": "sha256-VT65AE2syHVj6v/DGB496bqBnu1PXrrzwlw07/Zpllc=",
+        "narHash": "sha256-6Rp18zavTlnlZzcoLoBTJMBahL2FycVkw2rAEs3cQvo=",
        "owner": "nix-community",
        "repo": "disko",
-        "rev": "0d8c6ad4a43906d14abd5c60e0ffe7b587b213de",
+        "rev": "2055a08fd0e2fd41318279a5355eb8a161accf26",
        "type": "github"
      },
      "original": {
@ -243,11 +243,11 @@
        "nixpkgs": "nixpkgs_3"
      },
      "locked": {
-        "lastModified": 1742179690,
+        "lastModified": 1749410315,
-        "narHash": "sha256-s/q3OWRe5m7kwDcAs1BhJEj6aHc5bsBxRnLP7DM77xE=",
+        "narHash": "sha256-5H8MuMMSq1WnQcvb1FiDNkKP+uyeZ8HX5GRTMfEOyLI=",
        "owner": "lelgenio",
        "repo": "dzgui-nix",
-        "rev": "a6d68720c932ac26d549b24f17c776bd2aeb73b4",
+        "rev": "49adbb1edfb3c25b0cd8256d35673394386065e7",
        "type": "github"
      },
      "original": {
@ -297,11 +297,11 @@
    "flake-compat_2": {
      "flake": false,
      "locked": {
-        "lastModified": 1696426674,
+        "lastModified": 1747046372,
-        "narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=",
+        "narHash": "sha256-CIVLLkVgvHYbgI2UpXvIIBJ12HWgX+fjA8Xf8PUmqCY=",
        "owner": "edolstra",
        "repo": "flake-compat",
-        "rev": "0f9255e01c2351cc7d116c072cb317785dd33b33",
+        "rev": "9100a0f413b0c601e0533d1d94ffd501ce2e7885",
        "type": "github"
      },
      "original": {
@ -433,6 +433,54 @@
        "type": "github"
      }
    },
    "git-hooks": {
      "inputs": {
        "flake-compat": [
          "nixos-mailserver",
          "flake-compat"
        ],
        "gitignore": "gitignore",
        "nixpkgs": [
          "nixos-mailserver",
          "nixpkgs"
        ]
      },
      "locked": {
        "lastModified": 1742649964,
        "narHash": "sha256-DwOTp7nvfi8mRfuL1escHDXabVXFGT1VlPD1JHrtrco=",
        "owner": "cachix",
        "repo": "git-hooks.nix",
        "rev": "dcf5072734cb576d2b0c59b2ac44f5050b5eac82",
        "type": "github"
      },
      "original": {
        "owner": "cachix",
        "repo": "git-hooks.nix",
        "type": "github"
      }
    },
    "gitignore": {
      "inputs": {
        "nixpkgs": [
          "nixos-mailserver",
          "git-hooks",
          "nixpkgs"
        ]
      },
      "locked": {
        "lastModified": 1709087332,
        "narHash": "sha256-HG2cCnktfHsKV0s4XW83gU3F57gaTljL9KNSuG6bnQs=",
        "owner": "hercules-ci",
        "repo": "gitignore.nix",
        "rev": "637db329424fd7e46cf4185293b9cc8c88c95394",
        "type": "github"
      },
      "original": {
        "owner": "hercules-ci",
        "repo": "gitignore.nix",
        "type": "github"
      }
    },
    "hello-fonts": {
      "flake": false,
      "locked": {
@ -456,20 +504,40 @@
        ]
      },
      "locked": {
-        "lastModified": 1742234739,
+        "lastModified": 1763992789,
-        "narHash": "sha256-zFL6zsf/5OztR1NSNQF33dvS1fL/BzVUjabZq4qrtY4=",
+        "narHash": "sha256-WHkdBlw6oyxXIra/vQPYLtqY+3G8dUVZM8bEXk0t8x4=",
        "owner": "nix-community",
        "repo": "home-manager",
-        "rev": "f6af7280a3390e65c2ad8fd059cdc303426cbd59",
+        "rev": "44831a7eaba4360fb81f2acc5ea6de5fde90aaa3",
        "type": "github"
      },
      "original": {
        "owner": "nix-community",
-        "ref": "release-24.11",
+        "ref": "release-25.05",
        "repo": "home-manager",
        "type": "github"
      }
    },
    "lsfg-vk-flake": {
      "inputs": {
        "nixpkgs": [
          "nixpkgs"
        ]
      },
      "locked": {
        "lastModified": 1756367273,
        "narHash": "sha256-u7/qG5xQxW+o51R2lBPj0NxU3oFrUwj78UlCKKNHGAc=",
        "owner": "pabloaul",
        "repo": "lsfg-vk-flake",
        "rev": "62aadfc844b2002abe47cbbc9dfd028033376248",
        "type": "github"
      },
      "original": {
        "owner": "pabloaul",
        "repo": "lsfg-vk-flake",
        "type": "github"
      }
    },
    "made-you-look": {
      "inputs": {
        "crane": "crane_2",
@ -497,11 +565,11 @@
        ]
      },
      "locked": {
-        "lastModified": 1742174123,
+        "lastModified": 1763870992,
-        "narHash": "sha256-pDNzMoR6m1ZSJToZQ6XDTLVSdzIzmFl1b8Pc3f7iV6Y=",
+        "narHash": "sha256-NPyc76Wxmv/vAsXJ8F+/8fXECHYcv2YGSqdiSHp/F/A=",
        "owner": "Mic92",
        "repo": "nix-index-database",
-        "rev": "2cfb4e1ca32f59dd2811d7a6dd5d4d1225f0955c",
+        "rev": "d7423982c7a26586aa237d130b14c8b302c7a367",
        "type": "github"
      },
      "original": {
@ -514,22 +582,23 @@
      "inputs": {
        "blobs": "blobs",
        "flake-compat": "flake-compat_2",
        "git-hooks": "git-hooks",
        "nixpkgs": [
          "nixpkgs"
        ],
-        "nixpkgs-24_11": "nixpkgs-24_11"
+        "nixpkgs-25_05": "nixpkgs-25_05"
      },
      "locked": {
-        "lastModified": 1742413977,
+        "lastModified": 1763302796,
-        "narHash": "sha256-NkhM9GVu3HL+MiXtGD0TjuPCQ4GFVJPBZ8KyI2cFDGU=",
+        "narHash": "sha256-mEc3SBjRYfMcbNFLxmCc5tRtlu3j+1q7zRz+nRraSFE=",
        "owner": "simple-nixos-mailserver",
        "repo": "nixos-mailserver",
-        "rev": "b4fbffe79c00f19be94b86b4144ff67541613659",
+        "rev": "5b38fb599f50e9d78325d1d2706e36303c166047",
        "type": "gitlab"
      },
      "original": {
        "owner": "simple-nixos-mailserver",
-        "ref": "master",
+        "ref": "nixos-25.05",
        "repo": "nixos-mailserver",
        "type": "gitlab"
      }
@ -550,28 +619,29 @@
        "type": "github"
      }
    },
-    "nixpkgs-24_11": {
+    "nixpkgs-25_05": {
      "locked": {
-        "lastModified": 1734083684,
+        "lastModified": 1747610100,
-        "narHash": "sha256-5fNndbndxSx5d+C/D0p/VF32xDiJCJzyOqorOYW4JEo=",
+        "narHash": "sha256-rpR5ZPMkWzcnCcYYo3lScqfuzEw5Uyfh+R0EKZfroAc=",
        "owner": "NixOS",
        "repo": "nixpkgs",
-        "rev": "314e12ba369ccdb9b352a4db26ff419f7c49fa84",
+        "rev": "ca49c4304acf0973078db0a9d200fd2bae75676d",
        "type": "github"
      },
      "original": {
-        "id": "nixpkgs",
+        "owner": "NixOS",
-        "ref": "nixos-24.11",
+        "ref": "nixos-25.05",
-        "type": "indirect"
+        "repo": "nixpkgs",
        "type": "github"
      }
    },
    "nixpkgs-unstable": {
      "locked": {
-        "lastModified": 1742422364,
+        "lastModified": 1764242076,
-        "narHash": "sha256-mNqIplmEohk5jRkqYqG19GA8MbQ/D4gQSK0Mu4LvfRQ=",
+        "narHash": "sha256-sKoIWfnijJ0+9e4wRvIgm/HgE27bzwQxcEmo2J/gNpI=",
        "owner": "NixOS",
        "repo": "nixpkgs",
-        "rev": "a84ebe20c6bc2ecbcfb000a50776219f48d134cc",
+        "rev": "2fad6eac6077f03fe109c4d4eb171cf96791faa4",
        "type": "github"
      },
      "original": {
@ -628,26 +698,26 @@
    },
    "nixpkgs_5": {
      "locked": {
-        "lastModified": 1742388435,
+        "lastModified": 1764316264,
-        "narHash": "sha256-GheQGRNYAhHsvPxWVOhAmg9lZKkis22UPbEHlmZMthg=",
+        "narHash": "sha256-82L+EJU+40+FIdeG4gmUlOF1jeSwlf2AwMarrpdHF6o=",
        "owner": "NixOS",
        "repo": "nixpkgs",
-        "rev": "b75693fb46bfaf09e662d09ec076c5a162efa9f6",
+        "rev": "9a7b80b6f82a71ea04270d7ba11b48855681c4b0",
        "type": "github"
      },
      "original": {
        "id": "nixpkgs",
-        "ref": "nixos-24.11",
+        "ref": "nixos-25.05",
        "type": "indirect"
      }
    },
    "nixpkgs_6": {
      "locked": {
-        "lastModified": 1735554305,
+        "lastModified": 1761236834,
-        "narHash": "sha256-zExSA1i/b+1NMRhGGLtNfFGXgLtgo+dcuzHzaWA6w3Q=",
+        "narHash": "sha256-+pthv6hrL5VLW2UqPdISGuLiUZ6SnAXdd2DdUE+fV2Q=",
        "owner": "nixos",
        "repo": "nixpkgs",
-        "rev": "0e82ab234249d8eee3e8c91437802b32c74bb3fd",
+        "rev": "d5faa84122bc0a1fd5d378492efce4e289f8eac1",
        "type": "github"
      },
      "original": {
@ -708,11 +778,11 @@
    "ranger-icons": {
      "flake": false,
      "locked": {
-        "lastModified": 1736375293,
+        "lastModified": 1749128401,
-        "narHash": "sha256-ck53eG+mGIQ706sUnEHbJ6vY1/LYnRcpq94JXzwnGTQ=",
+        "narHash": "sha256-qvWqKVS4C5OO6bgETBlVDwcv4eamGlCUltjsBU3gAbA=",
        "owner": "alexanderjeurissen",
        "repo": "ranger_devicons",
-        "rev": "f227f212e14996fbb366f945ec3ecaf5dc5f44b0",
+        "rev": "1bcaff0366a9d345313dc5af14002cfdcddabb82",
        "type": "github"
      },
      "original": {
@ -732,6 +802,7 @@
        "dzgui-nix": "dzgui-nix",
        "hello-fonts": "hello-fonts",
        "home-manager": "home-manager",
        "lsfg-vk-flake": "lsfg-vk-flake",
        "made-you-look": "made-you-look",
        "nix-index-database": "nix-index-database",
        "nixos-mailserver": "nixos-mailserver",
@ -800,11 +871,11 @@
        ]
      },
      "locked": {
-        "lastModified": 1742406979,
+        "lastModified": 1764021963,
-        "narHash": "sha256-r0aq70/3bmfjTP+JZs4+XV5SgmCtk1BLU4CQPWGtA7o=",
+        "narHash": "sha256-1m84V2ROwNEbqeS9t37/mkry23GBhfMt8qb6aHHmjuc=",
        "owner": "Mic92",
        "repo": "sops-nix",
-        "rev": "1770be8ad89e41f1ed5a60ce628dd10877cb3609",
+        "rev": "c482a1c1bbe030be6688ed7dc84f7213f304f1ec",
        "type": "github"
      },
      "original": {
@ -932,11 +1003,11 @@
        "rev": "6a68f2cda0aa2fbb399a4c43b445e8c1a2df0634",
        "revCount": 4,
        "type": "git",
-        "url": "https://git.lelgenio.xyz/lelgenio/tlauncher-nix"
+        "url": "https://git.lelgenio.com/lelgenio/tlauncher-nix"
      },
      "original": {
        "type": "git",
-        "url": "https://git.lelgenio.xyz/lelgenio/tlauncher-nix"
+        "url": "https://git.lelgenio.com/lelgenio/tlauncher-nix"
      }
    },
    "tomater": {
@ -960,11 +1031,11 @@
        "nixpkgs": "nixpkgs_6"
      },
      "locked": {
-        "lastModified": 1742370146,
+        "lastModified": 1762938485,
-        "narHash": "sha256-XRE8hL4vKIQyVMDXykFh4ceo3KSpuJF3ts8GKwh5bIU=",
+        "narHash": "sha256-AlEObg0syDl+Spi4LsZIBrjw+snSVU4T8MOeuZJUJjM=",
        "owner": "numtide",
        "repo": "treefmt-nix",
-        "rev": "adc195eef5da3606891cedf80c0d9ce2d3190808",
+        "rev": "5b4ee75aeefd1e2d5a1cc43cf6ba65eba75e83e4",
        "type": "github"
      },
      "original": {
@ -975,11 +1046,11 @@
    },
    "vpsadminos": {
      "locked": {
-        "lastModified": 1742222981,
+        "lastModified": 1764110872,
-        "narHash": "sha256-EDhfWimpzUnpH5h/FQ3oYw/Kaq4Cx1E5nRofDQyI3aE=",
+        "narHash": "sha256-uZhVLzNVXEEztyG5okuH8DVbWYVPDGSiAapRmerueZY=",
        "owner": "vpsfreecz",
        "repo": "vpsadminos",
-        "rev": "14da38b9a49bf156e06f20ed02533a0549e6d487",
+        "rev": "f6919d00dfd15faec276d6a0ac95668b2c1e3a28",
        "type": "github"
      },
      "original": {
@ -995,11 +1066,11 @@
        "nixpkgs": "nixpkgs_7"
      },
      "locked": {
-        "lastModified": 1719076817,
+        "lastModified": 1758999384,
-        "narHash": "sha256-B6NTomYXL50j6fabZrAGvTPp3zv5oFxNUhwvLhDNoMw=",
+        "narHash": "sha256-n1RiAhVtPxhjHmKoOBfEleTAMwz9JSvLmZyCQYpwXSQ=",
        "ref": "refs/heads/main",
-        "rev": "406d6646970191c016a375f25a35aa00dfa0d4aa",
+        "rev": "0949b2fe4f54f74bf880c2034f6fc3a7d15b7cef",
-        "revCount": 4,
+        "revCount": 6,
        "type": "git",
        "url": "https://git.lelgenio.com/lelgenio/warthunder-leak-counter"
      },
@ -1014,11 +1085,11 @@
        "nixpkgs": "nixpkgs_8"
      },
      "locked": {
-        "lastModified": 1715216838,
+        "lastModified": 1762293940,
-        "narHash": "sha256-q5key9BWJjJQqECrhflso9ZTzULBeScvromo0S4fjqE=",
+        "narHash": "sha256-KfieW/NePLvh/5sEpoPW2jkaETSAeEFZsz8580YwbBE=",
        "owner": "lelgenio",
        "repo": "wl-crosshair",
-        "rev": "39b716cf410a1b45006f50f32f8d63de5c43aedb",
+        "rev": "233b6db7b39c80a92ac116c4ef4d88de4b49cbce",
        "type": "github"
      },
      "original": {
--- a/flake.nix
+++ b/flake.nix
@ -1,10 +1,10 @@
 {
  description = "My system config";
  inputs = {
-    nixpkgs.url = "nixpkgs/nixos-24.11";
+    nixpkgs.url = "nixpkgs/nixos-25.05";
    nixpkgs-unstable.url = "nixpkgs/nixos-unstable";
-    home-manager.url = "github:nix-community/home-manager/release-24.11";
+    home-manager.url = "github:nix-community/home-manager/release-25.05";
    home-manager.inputs.nixpkgs.follows = "nixpkgs";
    vpsadminos.url = "github:vpsfreecz/vpsadminos";
@ -32,14 +32,19 @@
    };
    nixos-mailserver = {
-      url = "gitlab:simple-nixos-mailserver/nixos-mailserver/master";
+      url = "gitlab:simple-nixos-mailserver/nixos-mailserver/nixos-25.05";
      inputs.nixpkgs.follows = "nixpkgs";
    };
    dzgui-nix.url = "github:lelgenio/dzgui-nix";
    tlauncher = {
-      url = "git+https://git.lelgenio.xyz/lelgenio/tlauncher-nix";
+      url = "git+https://git.lelgenio.com/lelgenio/tlauncher-nix";
      inputs.nixpkgs.follows = "nixpkgs";
    };
    lsfg-vk-flake = {
      url = "github:pabloaul/lsfg-vk-flake";
      inputs.nixpkgs.follows = "nixpkgs";
    };
@ -100,8 +105,7 @@
      specialArgs = {
        inherit inputs;
      };
-      common_modules =
+      common_modules = [
        [
        { nixpkgs.pkgs = pkgs; }
        ./system/configuration.nix
        ./system/secrets.nix
@ -122,6 +126,7 @@
              my = config.my;
              imports = [
                ./user/home.nix
                inputs.sops-nix.homeManagerModules.sops
              ];
            };
            home-manager.backupFileExtension = "bkp";
@ -150,21 +155,23 @@
          modules = [
            ./hosts/monolith
            ./system/monolith-gitlab-runner.nix
            ./system/monolith-bitbucket-runner.nix
            ./system/monolith-forgejo-runner.nix
            ./system/nix-serve.nix
-          ] ++ common_modules;
+          ]
          ++ common_modules;
        };
        double-rainbow = lib.nixosSystem {
          inherit system specialArgs;
          modules = [
-            ./hosts/double-rainbow.nix
+            ./hosts/double-rainbow
-          ] ++ common_modules;
+          ]
          ++ common_modules;
        };
        pixie = lib.nixosSystem {
          inherit system specialArgs;
-          modules =
+          modules = [
-            [ ./hosts/pixie.nix ]
+            ./hosts/pixie.nix
          ]
          ++ common_modules
          ++ [
            {
--- a/hosts/double-rainbow/default.nix
+++ b/hosts/double-rainbow/default.nix
@ -17,7 +17,11 @@ let
  ];
 in
 {
-  imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];
+  imports = [
    (modulesPath + "/installer/scan/not-detected.nix")
    ./gitlab-runner.nix
    ./nebula-vpn.nix
  ];
  my.nix-ld.enable = true;
--- a/hosts/double-rainbow/gitlab-runner.nix
+++ b/hosts/double-rainbow/gitlab-runner.nix
@ -0,0 +1,36 @@
 {
  config,
  pkgs,
  ...
 }:
 let
  inherit (pkgs.callPackage ../../system/gitlab-runner.nix { }) mkNixRunnerFull;
 in
 {
  boot.kernel.sysctl."net.ipv4.ip_forward" = true;
  virtualisation.docker.enable = true;
  services.gitlab-runner = {
    enable = true;
    settings.concurrent = 4;
    services = {
      wopus-gitlab-nix = mkNixRunnerFull {
        authenticationTokenConfigFile = config.sops.secrets."gitlab-runners/wopus-gitlab-nix".path;
        # nixCacheSshPrivateKeyPath = config.sops.secrets."gitlab-runners/wopus-ssh-nix-cache-pk".path;
        # nixCacheSshPublicKeyPath = config.sops.secrets."gitlab-runners/wopus-ssh-nix-cache-pub".path;
      };
    };
  };
  systemd.services.gitlab-runner.serviceConfig.Nice = 10;
  sops.secrets = {
    "gitlab-runners/wopus-gitlab-nix" = {
      sopsFile = ../../secrets/double-rainbow/default.yaml;
    };
    "gitlab-runners/wopus-ssh-nix-cache-pk" = {
      sopsFile = ../../secrets/double-rainbow/default.yaml;
    };
    "gitlab-runners/wopus-ssh-nix-cache-pub" = {
      sopsFile = ../../secrets/double-rainbow/default.yaml;
    };
  };
 }
--- a/hosts/double-rainbow/nebula-vpn.nix
+++ b/hosts/double-rainbow/nebula-vpn.nix
@ -0,0 +1,51 @@
 { pkgs, config, ... }:
 let
  s = config.sops.secrets;
  secretConfig = {
    owner = "nebula-wopus";
    group = "nebula-wopus";
    restartUnits = [ "nebula@wopus.service" ];
    sopsFile = ../../secrets/double-rainbow/default.yaml;
  };
 in
 {
  environment.systemPackages = with pkgs; [ nebula ];
  services.nebula.networks.wopus = {
    enable = true;
    isLighthouse = false;
    lighthouses = [ "192.168.88.1" ];
    settings = {
      cipher = "aes";
    };
    cert = s."nebula-wopus-vpn/double-rainbow-crt".path;
    key = s."nebula-wopus-vpn/double-rainbow-key".path;
    ca = s."nebula-wopus-vpn/ca-crt".path;
    staticHostMap = {
      "192.168.88.1" = [
        "neubla-vpn.wopus.dev:4242"
      ];
    };
    firewall.outbound = [
      {
        host = "any";
        port = "any";
        proto = "any";
      }
    ];
    firewall.inbound = [
      {
        host = "any";
        port = "any";
        proto = "any";
      }
    ];
  };
  sops.secrets = {
    "nebula-wopus-vpn/ca-crt" = secretConfig;
    "nebula-wopus-vpn/double-rainbow-crt" = secretConfig;
    "nebula-wopus-vpn/double-rainbow-key" = secretConfig;
  };
 }
--- a/hosts/monolith/amdgpu.nix
+++ b/hosts/monolith/amdgpu.nix
@ -1,30 +1,15 @@
-{ pkgs, lib, ... }:
+{ pkgs, ... }:
 let
  undervoltGpu = pkgs.writeShellScript "undervolt-gpu" ''
    set -xe
    cd $1
    echo "manual" > power_dpm_force_performance_level
    echo "1" > pp_power_profile_mode
    test -e pp_od_clk_voltage
    echo "vo -120" > pp_od_clk_voltage
    echo "c" > pp_od_clk_voltage
  '';
 in
 {
  boot.initrd.kernelModules = [ "amdgpu" ];
  boot.kernelParams = [
    "video=DP-1:1920x1080@144"
  ];
-  systemd.services.amd-fan-control = {
+  hardware.amdgpu = {
-    script = ''
+    overdrive = {
-      ${lib.getExe pkgs.amd-fan-control} /sys/class/drm/card1/device 60 90 0 80
+      enable = true;
-    '';
+      ppfeaturemask = "0xffffffff";
    serviceConfig = {
      Restart = "always";
      RestartSec = 10;
    };
    wantedBy = [ "multi-user.target" ];
  };
  hardware.graphics.enable32Bit = true;
@ -32,8 +17,4 @@ in
  hardware.graphics.extraPackages = with pkgs; [
    libva
  ];
  services.udev.extraRules = ''
    ACTION=="add", SUBSYSTEM=="hwmon", ATTR{name}=="amdgpu", ATTR{power1_cap}="186000000", RUN+="${undervoltGpu} %S%p/device"
  '';
 }
--- a/hosts/monolith/default.nix
+++ b/hosts/monolith/default.nix
@ -25,6 +25,8 @@ in
    ./partition.nix
    ./amdgpu.nix
    ./factorio-server.nix
    ./nebula-vpn.nix
    ./minio.nix
  ];
  boot.initrd.availableKernelModules = [
    "nvme"
@ -94,7 +96,8 @@ in
    options = [
      "subvol=@games"
      "nofail"
-    ] ++ btrfs_options;
+    ]
    ++ btrfs_options;
  };
  fileSystems."/home/lelgenio/Downloads/Torrents" = {
    device = "/dev/disk/by-label/BTRFS_DATA";
@ -102,7 +105,8 @@ in
    options = [
      "subvol=@torrents"
      "nofail"
-    ] ++ btrfs_options;
+    ]
    ++ btrfs_options;
  };
  fileSystems."/home/lelgenio/Música" = {
    device = "/dev/disk/by-label/BTRFS_DATA";
@ -110,7 +114,8 @@ in
    options = [
      "subvol=@music"
      "nofail"
-    ] ++ btrfs_options;
+    ]
    ++ btrfs_options;
  };
  fileSystems."/home/lelgenio/.local/mount/data" = {
    device = "/dev/disk/by-label/BTRFS_DATA";
@ -118,7 +123,8 @@ in
    options = [
      "subvol=@data"
      "nofail"
-    ] ++ btrfs_options;
+    ]
    ++ btrfs_options;
  };
  fileSystems."/home/lelgenio/.local/mount/old" = {
    device = "/dev/disk/by-label/BTRFS_ROOT";
@ -142,9 +148,9 @@ in
    # Fix broken suspend with Logitech USB dongle
    # `lsusb | grep Logitech` will return "vendor:product"
    ACTION=="add" SUBSYSTEM=="usb" ATTR{idVendor}=="046d" ATTR{idProduct}=="c547" ATTR{power/wakeup}="disabled"
-    # Force all disks to use mq-deadline scheduler
+    # Force all disks to use kyber scheduler
    # For some reason "noop" is used by default which is kinda bad when io is saturated
-    ACTION=="add|change", KERNEL=="sd[a-z]*[0-9]*|mmcblk[0-9]*p[0-9]*|nvme[0-9]*n[0-9]*p[0-9]*", ATTR{../queue/scheduler}="mq-deadline"
+    ACTION=="add|change", KERNEL=="sd[a-z]*[0-9]*|mmcblk[0-9]*p[0-9]*|nvme[0-9]*n[0-9]*p[0-9]*", ATTR{../queue/scheduler}="kyber"
  '';
  boot.tmp = {
--- a/hosts/monolith/factorio-server.nix
+++ b/hosts/monolith/factorio-server.nix
@ -7,7 +7,7 @@
 {
  services.factorio = {
    enable = true;
-    package = pkgs.factorio-headless; # I override this in ./pkgs
+    package = pkgs.my-factorio-headless;
    public = true;
    lan = true;
    openFirewall = true;
--- a/hosts/monolith/minio.nix
+++ b/hosts/monolith/minio.nix
@ -0,0 +1,43 @@
 {
  pkgs,
  config,
  lib,
  ...
 }:
 let
  s = config.sops.secrets;
  dataDir = "/var/lib/minio";
  s3Port = 14749;
  consolePort = 10601;
  secretConfig = {
    owner = "minio";
    group = "minio";
    restartUnits = [ "minio.service" ];
    sopsFile = ../../secrets/monolith/default.yaml;
  };
 in
 {
  services.minio = {
    enable = true;
    dataDir = [ dataDir ];
    listenAddress = "0.0.0.0:${toString s3Port}";
    consoleAddress = "127.0.0.1:${toString consolePort}";
    rootCredentialsFile = config.sops.secrets."minio/root-credentials".path;
  };
  systemd.tmpfiles.rules = [
    "d ${dataDir} 0755 minio minio -"
  ];
  networking.firewall.allowedTCPPorts = [ s3Port ];
  sops.secrets = {
    "minio/root-credentials" = secretConfig;
  };
 }
--- a/hosts/monolith/nebula-vpn.nix
+++ b/hosts/monolith/nebula-vpn.nix
@ -0,0 +1,61 @@
 { pkgs, config, ... }:
 let
  s = config.sops.secrets;
  secretConfig = {
    owner = "nebula-wopus";
    group = "nebula-wopus";
    restartUnits = [ "nebula@wopus.service" ];
    sopsFile = ../../secrets/monolith/default.yaml;
  };
 in
 {
  environment.systemPackages = with pkgs; [ nebula ];
  services.nebula.networks.wopus = {
    enable = true;
    isLighthouse = false;
    lighthouses = [
      "192.168.88.1"
      "192.168.88.2"
      "192.168.88.3"
    ];
    settings = {
      cipher = "aes";
    };
    cert = s."nebula-wopus-vpn/monolith-crt".path;
    key = s."nebula-wopus-vpn/monolith-key".path;
    ca = s."nebula-wopus-vpn/ca-crt".path;
    staticHostMap = {
      "192.168.88.1" = [
        "neubla-vpn.wopus.dev:4242"
      ];
      "192.168.88.2" = [
        "82.25.77.78:4242"
      ];
      "192.168.88.3" = [
        "72.60.60.221:4242"
      ];
    };
    firewall.outbound = [
      {
        host = "any";
        port = "any";
        proto = "any";
      }
    ];
    firewall.inbound = [
      {
        host = "any";
        port = "any";
        proto = "any";
      }
    ];
  };
  sops.secrets = {
    "nebula-wopus-vpn/ca-crt" = secretConfig;
    "nebula-wopus-vpn/monolith-crt" = secretConfig;
    "nebula-wopus-vpn/monolith-key" = secretConfig;
  };
 }
--- a/hosts/phantom/default.nix
+++ b/hosts/phantom/default.nix
@ -53,7 +53,7 @@
  # Set your time zone.
  time.timeZone = "America/Sao_Paulo";
  # Select internationalisation properties.
-  i18n.defaultLocale = "pt_BR.utf8";
+  i18n.defaultLocale = "pt_BR.UTF-8";
  boot.kernel.sysctl."fs.inotify.max_user_watches" = 1048576;
--- a/hosts/phantom/email.nix
+++ b/hosts/phantom/email.nix
@ -36,6 +36,8 @@
        hashedPassword = "$2b$05$DcA9xMdvHqqQMZw2.zybI.vfKsQAJtaQ/JB.t9AHu6psstWq97m2C";
      };
    };
    enableManageSieve = true;
  };
  # Prefer ipv4 and use main ipv6 to avoid reverse DNS issues
@ -52,7 +54,7 @@
      $config['smtp_host'] = "tls://${config.mailserver.fqdn}:587";
      $config['smtp_user'] = "%u";
      $config['smtp_pass'] = "%p";
-      $config['plugins'] = [ "carddav", "archive" ];
+      $config['plugins'] = [ "carddav", "archive", "managesieve" ];
    '';
  };
 }
--- a/hosts/phantom/nextcloud.nix
+++ b/hosts/phantom/nextcloud.nix
@ -1,7 +1,6 @@
 {
  config,
  pkgs,
  inputs,
  ...
 }:
 {
@ -11,6 +10,7 @@
    hostName = "cloud.lelgenio.com";
    https = true;
    config = {
      dbtype = "sqlite"; # TODO: move to single postgres db
      adminpassFile = config.age.secrets.phantom-nextcloud.path;
    };
  };
--- a/overlays/default.nix
+++ b/overlays/default.nix
@ -28,14 +28,6 @@ rec {
          ];
        }
      );
      nerdfonts_fira_hack = (
        final.nerdfonts.override {
          fonts = [
            "FiraCode"
            "Hack"
          ];
        }
      );
    }
  );
@ -43,6 +35,8 @@ rec {
    final: prev:
    packages
    // {
      lsfg-vk = inputs.lsfg-vk-flake.packages.${prev.system}.lsfg-vk;
      lsfg-vk-ui = inputs.lsfg-vk-flake.packages.${prev.system}.lsfg-vk-ui;
      dhist = inputs.dhist.packages.${prev.system}.dhist;
      demoji = inputs.demoji.packages.${prev.system}.default;
      tlauncher = inputs.tlauncher.packages.${prev.system}.tlauncher;
--- a/pkgs/caffeinated/default.nix
+++ b/pkgs/caffeinated/default.nix
@ -0,0 +1,51 @@
 {
  stdenv,
  lib,
  fetchFromGitHub,
  pkgconf,
  pkg-config,
  wayland-scanner,
  systemd,
  libbsd,
  wayland,
  wayland-protocols,
 }:
 stdenv.mkDerivation {
  pname = "caffeinated";
  version = "2022-12-08";
  src = fetchFromGitHub {
    owner = "electrickite";
    repo = "caffeinated";
    rev = "5a8eff054bdce225a19cf3ab785dc1bbc9bd3265";
    hash = "sha256-X1w/YWljcwb5ZH8Nt92CDhPU/yqBLH3lBS7yVJUeyzY=";
  };
  nativeBuildInputs = [
    pkgconf
    pkg-config
    wayland-scanner
  ];
  buildInputs = [
    systemd
    libbsd
    wayland
    wayland-protocols
  ];
  makeFlags = [ "WAYLAND=1" ];
  installFlags = [ "PREFIX=$(out)" ];
  meta = {
    description = "Utility to prevent the system from entering an idle state";
    homepage = "https://github.com/electrickite/caffeinated";
    license = lib.licenses.mit;
    platforms = lib.platforms.linux;
    maintainers = with lib.maintainers; [ lelgenio ];
  };
 }
--- a/pkgs/default.nix
+++ b/pkgs/default.nix
@ -3,12 +3,13 @@
 { pkgs, inputs }:
 rec {
  caffeinated = pkgs.callPackage ./caffeinated { };
  cargo-checkmate = pkgs.callPackage ./cargo-checkmate.nix { };
  lipsum = pkgs.callPackage ./lipsum.nix { };
  emmet-cli = pkgs.callPackage ./emmet-cli.nix { };
  material-wifi-icons = pkgs.callPackage ./material-wifi-icons.nix { };
  gnome-pass-search-provider = pkgs.callPackage ./gnome-pass-search-provider.nix { };
-  factorio-headless = pkgs.callPackage ./factorio-headless {
+  my-factorio-headless = pkgs.callPackage ./factorio-headless {
    inherit (pkgs.unstable) factorio-headless;
  };
 }
--- a/pkgs/factorio-headless/default.nix
+++ b/pkgs/factorio-headless/default.nix
@ -1,10 +1,10 @@
 { factorio-headless, pkgs }:
 factorio-headless.overrideAttrs (_: rec {
-  version = "2.0.39";
+  version = "2.0.66";
  src = pkgs.fetchurl {
    name = "factorio_headless_x64-${version}.tar.xz";
    url = "https://www.factorio.com/get-download/${version}/headless/linux64";
-    hash = "sha256-D4o9DkN5e1/02LhdfDNLCVo/B9mqf4Cx6H+Uk5qT3zQ=";
+    hash = "sha256-8bOXbqzE4jOADTmdkABsNW+jZvXWQ0HFBMlcDLoyHAY=";
  };
 })
--- a/scripts/_sway_idle_toggle
+++ b/scripts/_sway_idle_toggle
@ -1,11 +0,0 @@
 #!/bin/sh
 swayidlectl() {
  systemctl --user $1 swayidle.service
 }
 if swayidlectl status > /dev/null; then
    swayidlectl stop
 else
    swayidlectl start
 fi
--- a/scripts/amd-fan-control
+++ b/scripts/amd-fan-control
@ -1,86 +0,0 @@
 #!/usr/bin/env bash
 set -e
 DEVICE="$1" # eg: /sys/class/drm/card1/device
 HWMON=$(echo "$DEVICE"/hwmon/hwmon*)
 exit() {
    echo "Setting controll to auto" >&2
    echo 2 > "$HWMON/pwm1_enable"
 }
 trap exit EXIT INT
 bail() {
    echo "Error: $@" >&2
    echo "Exiting..." >&2
    exit 1
 }
 if ! [ -d "$HWMON" ]; then
    bail "Invalid HWMON"
 fi
 TEMP_INPUT="$HWMON/temp2_input"
 if ! [ -f $TEMP_INPUT ]; then
    bail "Invalid TEMP_INPUT"
 fi
 TEMP_MIN="$2"
 TEMP_MAX="$3"
 if [ -z "$TEMP_MIN" ];then
  bail "No minimum temperature provided"
 fi
 if [ -z "$TEMP_MAX" ];then
  bail "No maximum temperature provided"
 fi
 PWM_MIN_PCT="$4"
 PWM_MAX_PCT="$5"
 if [ -z "$PWM_MIN_PCT" ];then
  bail "No minimum fan speed % not provided"
 fi
 if [ -z "$PWM_MAX_PCT" ];then
  bail "No maximum fan speed % not provided"
 fi
 PWM_MIN="$(( $PWM_MIN_PCT * 255 / 100))"
 PWM_MAX="$(( $PWM_MAX_PCT * 255 / 100))"
 echo "Running..." >&2
 echo "TEMP_MIN=$TEMP_MIN°C"
 echo "TEMP_MAX=$TEMP_MAX°C"
 echo "FAN_MIN=$PWM_MIN_PCT%"
 echo "FAN_MAX=$PWM_MAX_PCT%"
 echo 1 > "$HWMON/pwm1_enable"
 PREV=0
 while true; do
    TEMPERATURE_RAW=$(cat "$TEMP_INPUT")
    TEMPERATURE="$(( $TEMPERATURE_RAW / 1000 ))"
    # Remap from a number between 60_000..90_000 to 0..255
    PWM=$(( ($TEMPERATURE - $TEMP_MIN) * $PWM_MAX / ($TEMP_MAX - $TEMP_MIN) ))
    if [ "$PWM" -gt $PWM_MAX ]; then
        PWM=$PWM_MAX
    elif [ "$PWM" -lt $PWM_MIN ]; then
        PWM=$PWM_MIN
    fi
    AVG="$(( ($PWM * 20 + $PREV * 80) / 100 ))"
    echo "$AVG"
    echo "$AVG" > "$HWMON/pwm1"
    PREV="$AVG"
    sleep .1s
 done
--- a/scripts/bcrypt
+++ b/scripts/bcrypt
@ -0,0 +1,17 @@
 #!/bin/sh
 set -euo pipefail
 if [ "$#" = 0 ]; then
    echo "Usage: $0 [passwords...] | $0 - < passwords.txt" >&2
    exit 1
 fi
 if [ "$1" = '-' ]; then
    xargs -x -n1 -d'\n' htpasswd -bnBC 10 "" | tr -d ':' | sed '/^$/d'
 else
    for pass in "$@"; do
        htpasswd -bnBC 10 "" "$pass" | tr -d ':' | sed '/^$/d'
    done
 fi
--- a/scripts/bmenu
+++ b/scripts/bmenu
@ -8,13 +8,10 @@
 if test "$argv[1]" = "run"
    test -n "$argv[2]" && set t "$argv[2]" || set t "terminal"
    test -n "$i3SOCK" && set wrapper 'i3-msg exec --'
    test -n "$SWAYSOCK" && set wrapper 'swaymsg exec --'
    exec j4-dmenu-desktop \
        --dmenu="bmenu start -p Iniciar:" \
        --term "$t" \
-        --wrapper="$wrapper" \
+        --i3-ipc \
        --no-generic
 end
--- a/scripts/controller-battery
+++ b/scripts/controller-battery
@ -10,29 +10,20 @@ if test -z "$CONTROLLER"; then
 fi
 CAPACITY=$(cat "$CONTROLLER/capacity")
 STATUS=$(cat "$CONTROLLER/status")
 echo -n '󰊴 '
-if test "$CAPACITY" -ge 90; then
+if test "$STATUS" = "Charging"; then
-    echo '󰁹'
+    echo -n "󰂄"
 elif test "$CAPACITY" -ge 90; then
    echo '󰂂'
 elif test "$CAPACITY" -ge 80; then
    echo '󰂁'
 elif test "$CAPACITY" -ge 70; then
    echo '󰂀'
 elif test "$CAPACITY" -ge 60; then
    echo '󰁿'
 elif test "$CAPACITY" -ge 50; then
    echo '󰁾'
 elif test "$CAPACITY" -ge 40; then
    echo '󰁽'
 elif test "$CAPACITY" -ge 30; then
    echo '󰁼'
 elif test "$CAPACITY" -ge 20; then
    echo '󰁻'
 elif test "$CAPACITY" -ge 10; then
    echo '󰁺'
 else
-    echo '󰂎'
+    print-battery-icon "$CAPACITY"
 fi
 # Add terminating newline
 echo
 # Tooltip
 echo -n '󰊴'
 print-battery-icon "$CAPACITY"
 echo " $CAPACITY%"
--- a/scripts/default.nix
+++ b/scripts/default.nix
@ -23,7 +23,6 @@
  in
  with final;
  createScripts {
    amd-fan-control = [ bash ];
    br = [ ];
    bmenu = [
      bemenu
@ -35,7 +34,7 @@
    ];
    down_meme = [
      wl-clipboard
-      yt-dlp
+      unstable.yt-dlp
      libnotify
    ];
    wl-copy-file = [
@ -44,7 +43,6 @@
    ];
    _diffr = [ diffr ];
    _thunar-terminal = [ terminal ];
    _sway_idle_toggle = [ swayidle ];
    kak-pager = [
      fish
      _diffr
@ -55,6 +53,7 @@
      _diffr
    ];
    helix-man-pager = [ helix-pager ];
    bcrypt = [ apacheHttpd ];
    musmenu = [
      mpc-cli
      wdmenu
@ -74,6 +73,7 @@
    ];
    wpass = [
      wdmenu
      ripgrep
      fd
      myPass
      sd
@ -137,7 +137,17 @@
      libinput
      libratbag
    ];
-    controller-battery = [ ];
+    sway-sync-xkbmap = [
      xorg.setxkbmap
      jq
    ];
    print-battery-icon = [ ];
    controller-battery = [ print-battery-icon ];
    mouse-battery = [ print-battery-icon ];
    nix-prefetch-firefox-extension = [
      nix
    ];
    _docker-block-external-connections = [
      iptables
      gawk
--- a/scripts/down_meme
+++ b/scripts/down_meme
@ -1,10 +1,19 @@
 #!/bin/sh
 set -euo pipefail
 cleanup() {
    if test "$?" != 0; then
        notify-send "Failed to download"
    fi
 }
 trap cleanup EXIT INT
 DIR=$(mktemp -d)
 cd "$DIR"
-yt-dlp --merge-output-format mp4 "$(wl-paste)"
+yt-dlp --cookies-from-browser firefox --merge-output-format mp4 "$(wl-paste)"
 FILENAME="$(ls | head -n1)"
--- a/scripts/mouse-battery
+++ b/scripts/mouse-battery
@ -0,0 +1,39 @@
 #!/bin/sh
 set -e
 MODEL_NAME_FILE=$(rg --files-with-matches G502 /sys/class/power_supply/*/model_name | head -n1)
 if test -z "$MODEL_NAME_FILE"; then
    echo
    exit 0
 fi
 MOUSE=$(dirname "$MODEL_NAME_FILE")
 if test -z "$MOUSE"; then
    echo
    exit 0
 fi
 CAPACITY=$(cat "$MOUSE/capacity")
 STATUS=$(cat "$MOUSE/status")
 echo -n '🖱️'
 if test "$STATUS" = "Charging"; then
    echo -n "󰂄"
 else
    print-battery-icon "$CAPACITY"
 fi
 if test "$CAPACITY" -lt 50; then
    echo -n "$CAPACITY%"
 fi
 echo
 # Tooltip
 echo -n '🖱️'
 print-battery-icon "$CAPACITY"
 echo " $CAPACITY%"
--- a/scripts/nix-prefetch-firefox-extension
+++ b/scripts/nix-prefetch-firefox-extension
@ -0,0 +1,7 @@
 #!/bin/sh
 set -euo pipefail
 hash="$(nix-prefetch-url --type sha256 "$@")"
 nix-hash --to-sri --type sha256 "$hash" 2>/dev/null
--- a/scripts/print-battery-icon
+++ b/scripts/print-battery-icon
@ -0,0 +1,33 @@
 #!/bin/sh
 set -e
 if test $# -ne 1; then
    echo "Usage $0" >&2
    exit 1
 fi
 CAPACITY="$1"
 if test "$CAPACITY" -ge 90; then
    echo -n '󰁹'
 elif test "$CAPACITY" -ge 90; then
    echo -n '󰂂'
 elif test "$CAPACITY" -ge 80; then
    echo -n '󰂁'
 elif test "$CAPACITY" -ge 70; then
    echo -n '󰂀'
 elif test "$CAPACITY" -ge 60; then
    echo -n '󰁿'
 elif test "$CAPACITY" -ge 50; then
    echo -n '󰁾'
 elif test "$CAPACITY" -ge 40; then
    echo -n '󰁽'
 elif test "$CAPACITY" -ge 30; then
    echo -n '󰁼'
 elif test "$CAPACITY" -ge 20; then
    echo -n '󰁻'
 elif test "$CAPACITY" -ge 10; then
    echo -n '󰁺'
 else
    echo -n '󰂎'
 fi
--- a/scripts/screenshotsh
+++ b/scripts/screenshotsh
@ -46,4 +46,13 @@ case $1 in
            $screenshot -o "$cur_output" - | $copy ||
            $screenshot - | $copy
        ;;
    edit)
        # Focused monitor to clipboard
        cur_output=$(swaymsg -t get_outputs |
            jq -r '.[] | select(.focused) | .name')
        test -n "$cur_output" &&
            $screenshot -o "$cur_output" - | satty --filename - --output-filename "$DESTFILE" ||
            $screenshot - | satty --filename - --output-filename "$DESTFILE"
        ;;
 esac
--- a/scripts/sway-sync-xkbmap
+++ b/scripts/sway-sync-xkbmap
@ -0,0 +1,22 @@
 #!/bin/sh
 set -euo pipefail
 LAST_LAYOUT=""
 while sleep 1s; do
    CURRENT_LAYOUT=$(swaymsg -t get_inputs | jq -r '.[]|.xkb_active_layout_name|select(.)' | head -n1)
    if test "$LAST_LAYOUT" = "$CURRENT_LAYOUT"; then
        true
    elif test "$CURRENT_LAYOUT" = "English (Colemak)"; then
        echo "Setting layout to colemak"
        setxkbmap us colemak
    elif test "$CURRENT_LAYOUT" = "Portuguese (Brazil)"; then
        echo "Setting layout to br"
        setxkbmap br
    fi
    LAST_LAYOUT="$CURRENT_LAYOUT"
 done
--- a/scripts/wpass
+++ b/scripts/wpass
@ -29,8 +29,8 @@ main() {
    test -n "$entry" || exit 0
-    username=`pass show "$entry" 2>/dev/null | perl -ne 'print $2 if /^(login|user|email): (.*)/'`
+    username=`pass show "$entry" 2>/dev/null | rg -m1 '(login|user|email): (.*)' -r '$2'` || true
-    password=`pass show "$entry" 2>/dev/null | head -n 1`
+    password=`pass show "$entry" 2>/dev/null | head -n 1` || true
    otp=`pass otp "$entry" 2>/dev/null` || true
    action="$(print_actions_for_entry | wdmenu -p Action)"
@ -50,8 +50,10 @@ main() {
 }
 autotype(){
    if test -n "$username"; then
        env wtype -s 100 "$username"
        env wtype -s 100 -k tab
    fi
    env wtype -s 100 "$password"
 }
--- a/secrets/double-rainbow/default.yaml
+++ b/secrets/double-rainbow/default.yaml
@ -0,0 +1,57 @@
 gitlab-runners:
    wopus-gitlab-nix: ENC[AES256_GCM,data:n/bm5W5Q/h7MxMZX7yz4qeUBpfZDrI7A7/PlnLncMto5V5itVTXRvfd3+D/d2r9PVuJSogfMgMAh0cwuvPspjlm9ToPxrmgGdYbnAkhnFeTHdCfcF1x2DG2JkHe54wUhcQa9QEJkWZ5jJM//2jU=,iv:63lrYCCBMSr5toulba7Rni+iun0Bl2vMFbIsTVvOWQs=,tag:Z1GHj91q09sOWCaLPIKJ4Q==,type:str]
    wopus-ssh-nix-cache-pk: ENC[AES256_GCM,data:+5I7INvMNfegjjC0xPNOSj+vFakXe6V4N/S5wvL64DOxfPXhSQAjVtdMslp/LlJXH4XWbkQ8ErLbySB3WMDMRDnDRY+6+UKXsP6MFpvEtho0lN+8ZeAGC25ehadYDSFTX43wz6cLRuoAqRQdhPKM96wcYif7nF40cStgaAQhkNemK7AenSA9LQ4J72dWovFuwfTZml8qH6W/O+YEqfOgZsyJ/LobcM1fiuN1S4NnCOJSWB2Ahsu0tiMOSRxKWeUS9+ewh+x1xnZL3y4vax5GgtS2KojtXq0U4qgNi4Gwnmef7HmH1tVgeMO2ykCsuCCZ9iJR0IOqTHU2l+U6hTzf5vehpgK5/tsthkXRsLUmVRnjUaQwaEq9JYltGpEdk6U0UnD+Mf0f5BsDw23lHgannLeduhrSFrPFj+BVodnPxjyYJTPXwXfbWrKIQ8s5kWfIq9x0VePsteIgEH4xLL0yFtyZzrYeCq9WF3j5xTvJsOlG0ehQzX22orrM4RzrFVmeLYOIc/V4bQeyIf1lWemr,iv:UNaUnlVayrzF7qpgIVi9gxPFGCzIP24jNUpO295JPog=,tag:a5OlD+AJH3u6y+Lo3lOQWw==,type:str]
    wopus-ssh-nix-cache-pub: ENC[AES256_GCM,data:aknblYwAAGaso/Vhr9f1RX64tA3uOh3qxc1dBI7DQmk4TUlQn/AYrKF7wanIhhydrasRulDEam3CBiiyeW/ejcXG07wKIUyZ94TOYfcyRd1yo+PGkmb1yycU6PdjaP5/zwUPAnjMhR2quW+8iwADaUMYKXIJkdQaqUW9a845vBKIxgNgBskWMGMzldb+aUnr2eCb,iv:MQdEUrNugzv+QL6f/MNUqh9M+nFVsWI4VHlMrgQOTEg=,tag:olNTQyCSOhv3sgSjuIXKBA==,type:str]
 nebula-wopus-vpn:
    ca-crt: ENC[AES256_GCM,data:zNESDEqeRPBsaY53cDKx6DMYdHIdEjxAsX7rLMrGkd0+aw2zOEJDJ5jb/zIeatf7xBj5DkJa+CDWmWsu5v9p0QUu0LEEvdin3utuGa5GQEYR+1LCCrlB52klTvKEK6ck5cYewVR5bmq0NTvw4aVxZJoMKMXICYhNEs20ZMCIrbX8UOddXKt6OxeOzVZ/9uFg1gY9qkHe3Wn5mmNLwvXoHvzwtr+Oc9xT+SRMPYkGUkbyxQ5zRjJUKS79aPQ8R6ZgZVJqUmr9wS58D2To1Sfk4Ykrd4Q2lIlbTXdswp1im3LSTy0YosHu5P6mmBq9u3M=,iv:hnCrHDkQiUsoaFTImtWlvM+tuSplU5p4s6kkm/ysLZ0=,tag:5vH6oEWwUOA/QsiW0XvBag==,type:str]
    double-rainbow-crt: ENC[AES256_GCM,data:gdR79bE2RdE8cc9HdIxoiTCbyzsaTrSRg8uouVLmq6IRnb8B7tltIitli0SRXzMWqfg1IUIQbXHbIvPgeQ+puCHqr1ghYK1GzrDLz6GIGTn8g+9MnDbRTghdlWKKrKVxJnrSecJvV0qEkDr2/WEAsXalstxcDEPNq2Rb+c7bv/P2oFNjKN1eeWsE5TgpFj61RLEWx/wPzQKyNx2ZFu1l4r63II6npvlZ8rwdrJAeZIT8oaU53zQzMMs0tHGYTJeaZcPgdBKfVSCmzGxrE2kuwR0bxSSB2knqdBmtl1aVxs3bF2Fkm1+wovCadCze+Ta6Vgtk4v8d3Ta+wE5qzek8shb2m7lXTixki356wOG0r3B+180Kzk5B7q4tIycrk9ggKPKAA+2XNHVFM9L8PojflK3BY+U=,iv:wNoELN2y8QrFGPJYQdrAVsaLrhMzD8ep313o/jpT9fM=,tag:8sRBtkfd1TVMK7R64sMXqw==,type:str]
    double-rainbow-key: ENC[AES256_GCM,data:I0LGhV9biErwZw4PzOX6mbqyh+8n2XbpikwOqLe70g9+pfO72e8qdXvzYko8zLGIL0x8ZUYn6XCP63ZYzP866cLHCgglZ0+PQeBbqzp3lgfYDd7zBHDJE0NQobPtV6n1enbpzRtBe+ROeYQxCV5sZmEoxbzUyR0aSJ3JaGgZNw==,iv:Y5Iy32zHnQgqIH3d9U81FlsW+Mg8u06fk+AMnTcGejk=,tag:1ojEKwVALA9grJRzyNc+9g==,type:str]
 sops:
    age:
        - recipient: age1zrgu7w8059xydagm60phnffghvfe9h2ca58cx8qwagqpyfuvs9fqw79c8h
          enc: |
            -----BEGIN AGE ENCRYPTED FILE-----
            YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA0eTBFdVM5OFlQTi9JMmFw
            QWpIU2dSdDMzQTVJOWJCUU03QXR1QVZoeXc4CkljdHNKQ0tUczMrNys5eXNGMnVa
            K003QjdRaWY4RmNtaEw4cEsxSEJwZlEKLS0tIFZpbGUyaHh0RndkVlpQVlVucHJa
            TndIUUhsY2xSR3E1WlJXV3ZFN0lIMncKjjf1yt4XhfguzYoCNmHYSmetMDnoz4cr
            frbZdy4hl9w9EZO5JUeC/n7QMYTZLC2/Zk2PXRUvwyQglrGoUVK2Bg==
            -----END AGE ENCRYPTED FILE-----
        - recipient: age1ecyynwv93lfu7crjjp8l47defv07quzfzaktwurpep7jc9eha5pscg7lrw
          enc: |
            -----BEGIN AGE ENCRYPTED FILE-----
            YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBHbHd4L0NEZW55OWd3SWlv
            U3dEcDNKZUJid2VsZ1lQdy9NRnIyVDRPRm1VCnZDcCs0S1BLNjJLZTFpSHVpNVRj
            OFpMK0ZjWTJkcWJoUFk2YnBCK3JKcFUKLS0tIEtqRkF4Q0FobXhPVTF6eWN2d0Nx
            eVAwSi9LaVNEcHIvQnhhZmZLbHRPOUUK6A91L8YCpi/sM9FiXcJ1sLmW3U4KadYL
            uw07mobP1Rf0RUdAuSK+42ErFgmS+OTDze/mT/PXg6Dfk+vhTjbfGA==
            -----END AGE ENCRYPTED FILE-----
        - recipient: age1026d4c8nqyapcsy4jz57szt6zw3ejcgv3ecyvz0s89t7w7z964fqdqv52h
          enc: |
            -----BEGIN AGE ENCRYPTED FILE-----
            YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBEaUpLU1ZxQWNCNFNGeEpl
            dEpVbzBFbk1XaVoxMXIzMWFmTkZWS05GOFFvCmJGamVGK2pCeTJROVloMGdYK3Mx
            cGF1elFSbjJ3UmUyc1FsUkh6b2JNWTgKLS0tIFRzbHZIL25tK1dnWm90QVFueWZM
            WUZrTkg0cklJSUg5MndsN0ZPcVk4U0kKPsj787kDFDMxsBt5qk4Bp121AMTE++99
            m2X4lL6ona9fUe8e8wGhdgxZmqvJL2RCaVWJJy5SAbJ/skP3y7i2mw==
            -----END AGE ENCRYPTED FILE-----
    lastmodified: "2025-11-12T16:38:27Z"
    mac: ENC[AES256_GCM,data:XMsrBwV2G1jRA2c/T3y4015p6bJdggfrbI62bHZ1PQtbOImQUpxChVI9JhZqOIzWpyYB32HavRHwCe5nfam+L2tWNlVMRSogKBpDuanxyf3o2EHHStQqZYUuJrYtOL5cdeYMIXKRWS6LmHdHkcI2ixHsL+NXIG5o3XIYMaEBufo=,iv:G20hevYygnonf5l4qGZqs+b9f1FC+cfnYIKZcs+mUP4=,tag:p5rITlVoOwqdrG8Kcmjieg==,type:str]
    pgp:
        - created_at: "2025-09-09T20:27:32Z"
          enc: |-
            -----BEGIN PGP MESSAGE-----
            hQEMAzy6JxafzLr5AQf/a5v/AIIsdE9WawM710HCLQwEJXskDXfN7UP055gDBJer
            96qny8cKC833OhTPLqWCUpAVgJ1JQ8EDLvj2YvXLiq/NmMFs+mBwjPdzNIUKzK6E
            QgtjRJuQfOGSW0i44b+nkmWLSi1PhxVbIFt27Nl4I+mrvkhztIZcTwht+be3mMrp
            z1hEn/BbXsin6JOB6EuyFbsRZ3wYFUlr23NiKVI/JSo39ifbtGqgWn68GN+tYYYs
            mZ5tJykyRZxTU6qEKBaW9veClxs0FW2shQpp6Go/u6u/ghhHeB99trauPFL2rypT
            IaLGWruFwHMsd+rSTcw+YrTbL7bfkqx/4xj5dxJaFNJeAfo5F5ddr1odeAHeSQmh
            pfStJmy83SHhyDw8wLKMeF9d7dPKIyU4cXbLjSv1w86bDpDw8LBJSYEjJPVjLONV
            F6AXCJxNckDXmshGUejC09abAcMzzTsEJK7ocqEoMg==
            =XAWM
            -----END PGP MESSAGE-----
          fp: 0FECE8316E74BA6F44EFC21A2F8F21CE8721456B
    unencrypted_suffix: _unencrypted
    version: 3.10.2
--- a/secrets/lsfg.dll.gpg
+++ b/secrets/lsfg.dll.gpg
--- a/secrets/monolith/default.yaml
+++ b/secrets/monolith/default.yaml
@ -4,16 +4,16 @@ gitlab-runners:
    thoreb-telemetria-nix: ENC[AES256_GCM,data:zrZvG4be08ulpo7itbrprKK5csCMLvzZjrszfMw1XiJP0FyRTUd9nHgHpbAzbjj2KyT7kKngoZAyengvaTEhkT9sUi1pdGnvajAH8BDDOD0g4LJIHFl4,iv:3bSsTzU7gHx+MchuPg9kmb5xEDugmGPje8Jw74NpRJI=,tag:zffRr77lWbyLt7o/mywb5A==,type:str]
    thoreb-itinerario-nix: ENC[AES256_GCM,data:UdAAD0V895sFoEYR56sCG2LlpZugJ0K/nwkTygzWOnbTSmBRAcIQ8qVFPZGw+K+XMSLiCyio6Jp7k8AYP0K1VYm+6aEP3OkqR9FCLQTJgXo=,iv:UGUby50BYkn13OzItk6zZmxc5+SnbZZa4bebQHIow2A=,tag:LjDg3deWwdH2T71EtPo6jA==,type:str]
    docker-images-token: ENC[AES256_GCM,data:GGB/KSkjdAyhFKEspAh91ItbqEDf7K/LZSGSn+Jp7SxRfXpDzHIiMD8XJ9PTkGLeQGN4ug1i2nTYPS7d/P5OALWDU+1NPiV9nPdG0w7GERfu4g==,iv:6roabdOKX9xFMf0hWlECd73+943R+hFLos0e2dOpzns=,tag:LrASFc4DtN7aQ+3oOW/p/w==,type:str]
-bitbucket-runners:
+    wopus-gitlab-nix: ENC[AES256_GCM,data:asE7J0d58x9VfQFWc07f5T4s5NZ+/VqMQo66EX93J0LbJ4iI5YjvrrIE4pSI1e4Nz/SRQhltaJ0DfSH0+qgjD4wnAONPRi3UlFbSdGWS2bwwRtWe+Nci2krrUFxV2i/ZVE3CwCkNe4mqtII=,iv:gKrD/LhzI+jnDnX6CdxoHfjpiRdrsuRYJF9rTc8SffM=,tag:TczDGSU3gdKmERjBJ7tP/A==,type:str]
-    wopus-runner-1: ENC[AES256_GCM,data:gtH0T5n8qMYpvSv5ciN8+ScGlFDf9xE0FTxNP97vT/qsOCcaItTE+5P+DFcWw46onLED+1c+u0sArFbEsT3f8lyco9b+0l99uOQAxLZQzAXYH8zGye1UnwUtytkci2PHu5c8kTpIWHXyZ1IOYNGWkermeab57ANzOkM1LbkHyAjS6VTh0I60LfAOdHOw5FDFL8d1d9oWxLloOe9USLPqHjC023EpCUT2YuyHoPCTpBu8Kb/2HfV0wkAKaB3dvVrKwXCj+bfP6+bjQ3uMzVO/7jxPmnSGBfvyZ+Hlg5goJ6bSAqQWmnPPnQ96FgQfe8su5ML9qNIp9/7eNiL6Rv6Vhxe0hHbE5wsZ/58grcg/LrugeWJvUJ9THhwcTwO8Pkvwlq0XM9seUY2NV+LCK3bLQ4IWDjWkU1IHg6+nihTcvl1iD6UIGMgqGoB/v05WVzHb+GcE2fFuSuhVHfa5RMyboELOJoFrqZiXGhY=,iv:ZakLafxYQCDd1Zw8T83Xfj+YwAQKna9LC6ognJqtifA=,tag:bwBObfdMIvJfRrOG04NtxA==,type:str]
+    wopus-ssh-nix-cache-pk: ENC[AES256_GCM,data:MtYDK6P7nwBzr6p+lRX/dkosBfeDUAj/slf/a5SgVXNIbQlkEk7gvfW5iL+C2HgMwowqWx4F+3q2W+kGweqEYzEYAoZ9pR08a7Jci3Szyy49hkamxJXF+Qwhb5VQKxDppESne7DARCF0iYeUjgeXxCYyuWlGpisnkN3HCWrIYCqbk0LS+yqgkNhDxtxMaThGYztfPnLMEV/P5vuge9sRKu3Xi3iX2uDKtx4FTBsX30Lmd8kngOVnP/GaEHDa5ECO+/yW6ZRg3fIaqJ4RV+Vz79ovFUuZV/VE8eY3JOdK5tKIBWb31YUOjP7ccBes7mMhFLO3ceNeh+a6KAJbQ4pCojJwf/cLz663FKr5f/uWDicOBbL64l3+zV5zvSDzFls0ImXMNL6Fe3SaKP7ZcC5rVrRD8P+UN/OSFmbN5LM7uYY8nNsLxTH7MYsRHgTBUmTsFEhLGJIUjtf6J3/NWIlxjBq1MmpgxN0bD6gwVAxDPP489v918tsZtKdG8SJhLUPE4LWKsU7LHpgUBroKlbGE,iv:1jnF2TTlyTR59xM8Bgaz6bubDOwFexHBJipNVa0VPXY=,tag:VsDb6C6wYa9p4Yey3iG4eA==,type:str]
-    wopus-runner-2: ENC[AES256_GCM,data:gg8merZMFbf396hdJY7zmKQndT3GzB7NeGZAs3C0au8Zd7OFAg9vcQcFcxNA3kZGJZqmFTR/ycWJwhYr9fhlfFuPhDynVvgJAqoYtvC2MUDiOMD/d3DlfwFjQ6cOGTrvFuY1kkgSFb4OFdrVC1eiTDrGygFmYnYcqTKn/t5Ttqi+cHZNzFzVzdVLvaLCYxltM5g45zn+fXYxYwCfqyb32/M1XTnnwIGiataGxEX5oWhVV4zqeLO4ZIYPSby5AVvIMJ/zqvqaeVVY52GLDcTKrj3thbZxMQLWN3/lOA0uYhi3L/WM8Gx+JMEIbSICcuT7QXu4w4PA+opcx9GnsMCK2/egzS+cNPJ4vGZCdVD/jh6A9zVEJAgXdsHXNXFHmMPt7DcgrCQiub62og4kBY4G/Rcg4UN7sb3v3qyBpGbCGHGRjCFc+wdHpom0yDOG2cwcqfN49pC2R7Ag2BisFQ/5A+DPmKnvGG3kt9s=,iv:5g5XiDecYqi4JNRkZubgPJECBQdZ6rBeojgFe6Etebk=,tag:HRy5bFSbfxKTb5e13lGtgg==,type:str]
+    wopus-ssh-nix-cache-pub: ENC[AES256_GCM,data:F+QHv9wwgyQYobKwyG13tS2OKCZuBPKLe7RLkhxsqYmVEtkCnli9jG+unMp7MC5L0i3puNqfoXP2IC6g4ESHq1yE0ksUpUCHzps4oMZBQK9b5JcqXQs+c//hskTQ/sFmTfGPpdnQ7wAifnQf5Mx2E4RwiRznMgJGQ3RDDjg9xfWUyvw6PlslZH65aGrq3P/iURvj,iv:u34+rXKLcZjBlVJmdbf60I82Fb621lUjOBmR4CTJWGk=,tag:ToPtBIz3bgzAUKc6hh4Oxg==,type:str]
-    wopus-runner-3: ENC[AES256_GCM,data:f9pLYR8t51HtPpLyXysIVaDAhxDrmktJH93E7rb7imtKwK7hRhR8usnvHTcknLfD7BMvStAIYefdGt19u7PrQu6vqc19bEcNbnK5OH4KBP6+X47oMgBYtbIGXH+t3dSDt22fSIoppTwdX7/Kf4vqesfN8K7EunETvFR86oyyKdy15mvXr0XUO4us4HZjnIOBEnOm1P/V8hk5JcCpRuo+8ZYmBe5gzq5pTnqnYlPE1EovM7eDMg72J7ev07h50qvySrAqmNiqDcXfTPQ2TzuHx3XxAYqFybf1L6P9OnLB6RDAlpoFJ0h8dSg2tzC2+amYsBP0UIBK/ZhWvvAjpX+MZrTASjenh/tefDcNdbsXDOr7A4i/261z4rC0r+97INglCN1N/SZg51iBHiRAVV1zibDLfioR5+eBIykWAtjILMoYU+zOcr0E8K0I9jQGMtpnYmvHJqV0DVcdfZpJptrPUUy+lQ/iZVcPpLs=,iv:grzvVsfpUzywjNE4jvTxXKG3TYajrvSsQgfOgtafvIo=,tag:K1B6crN0ckLk0EYBtGHDkw==,type:str]
+nebula-wopus-vpn:
-    wopus-runner-4: ENC[AES256_GCM,data:D1Zq0BtPuACnutAbUcj3gYSMLuIZcMuqc/1mEFmitEG0tBFMWhkabS+8lXcp8sb1DM0LTDMEwgMB9FVyFb670MKQNEncqQtaNJtY1BxS3SolovDAM/I+i6YGvd4X8jX99d+7ZNR6xGBWJ/dW8rz4QnIM8Eh3FDOqaFa/ltfyPKP9IZ2uZi67C/n8Q/OSdgMQkt+QxhgJfSghE1iruPwxyGlqv+E4SZNI/fQQMjX0Lh7z02ms58yyMtjO71YbukV/JXFRsdJrqY2wfH/6NlZbsKideoSxluBRVqmbW6KQd7dUT819KbOSu9CFdgThtVCU8qiv3jbAbn8D5xRy4AAOEfSqRLXJoj7otCqr47R/8+0BdS3aztFBjL3lDmprMWZ4+LD55fvczfpxUF9ox1mhcjIvCvZJJL06XsST1XRXa7i2fr4/a/XhCmQgIzar5IYxSC9OjuHp6jLsTaY3ZUgid5W1L1n8uWSmA98=,iv:O9caRG//brERiIhuMrsFdTz6TnPY0rdQnvHEu0P42yM=,tag:hrmwLX/CRhZfammJ2nfTPw==,type:str]
+    ca-crt: ENC[AES256_GCM,data:sFc9SxfCVaDYxbJqzEK6pRsVoJSFbD1qs/oVKLXXJPrR2y5jVM/ESk/xwaemwEBDPn2VOxLqD62lPF8jP665w/rutskKJ4pMji+Ev2zeryaxDmEwSOL8EbEQtlNxkZZEX3dwVNxykbK5A3bIrcI6vHaOTFeMht6IanO6CdeQOS0KoyYW0fHbW0Dc/YytBMjVWCPQk2VeWCl7X4JBsjj8aVQ8qgupsI16tJmETetO3lHAaYt6dk0Fp51XVaKSuaYGBhnoADXEKA3cIQoPUOaJ1Q0CmdfYk5XWEr0q0OcqjeAn8OERGufHr227tJgYx8A=,iv:G5iq5qeX9NlkOdmj9K0GRQ/6lAU0cBNEO2hQe9kyirY=,tag:b3sW5hs0pkIqqm2j81BIIA==,type:str]
    monolith-crt: ENC[AES256_GCM,data:+0YbGYreXYR2+cu0NwXUuAnfIEUBGXm5J6nUTx2/z25gDTOVx9eI7USX6cQT/3NOt9S8odHcHeWQXChgWU9Xf+avdXmNO9vQGf8bZCybDQltPF+Gb2zRiFWiAy7raQaZc74SMbGCzABdfQBnEnqs+s/y0+ovilzOmcopnu551QEyjojuMLVcpUsvrEoQBx+dLYBjx22xob0wNUmXgBFxLRuDvYHGdehZ4jg8Ihf9kpDyjtjpfa8mF1kmdKZvPI5Y9z4ZOvA8266H+jFSqfx41nIuYcIwi8naKkoRue4kRCv71IXyK5DJNEweZPXD5sCdd005sxGgBnpSJCpSfr7TsCy5FxDcf9ISi3yrXLttcnOt2u1b3FFKNQiwlo5s2PQB2AB2Zf3nvKPqICmcXtGN3w==,iv:Q6izpQw3SymKNjnjO4x3pzqGJo5SxYZkVYdXcHQBi0A=,tag:9tlMYrN+/mMNYifw1F3yZQ==,type:str]
    monolith-key: ENC[AES256_GCM,data:Y8KVQk66dewyeRIF+6HJeufD9EYO55m73LxrtZi4KQU0RbUpsV0eiRMX62rYtw6+uP87f5Tx6kC3fX4+mqNb2ZgDtVvm3/Qnz5Ly112c/h33krNqRpv6pEHRkrS9j01tLkJnxwiyIvq3b03GTAIoCKWgqaaagCXYHArgzRrDIw==,iv:lp3zuD8XWaiJvyxzXHrgpF4qbrCv/uf9l9qyWXVrkkM=,tag:eSlTCa2TrIuga7UUxoloBQ==,type:str]
 minio:
    root-credentials: ENC[AES256_GCM,data:izDiis6BgAubbe91EUcuwMKrSrYEDQFQbaEGzpdjj3Wlt8Z8gzgvGmYCryAK8GBUMbzQvy0do26xMGMl3LxLWz9bgixixPVFTTg5GhfUJw==,iv:hkrkGz+EpVwkWEMQWBrm2u4Jti7azsDtsTmyouDREug=,tag:mDnOKKBwgKOmsxegKcRhpQ==,type:str]
 sops:
    kms: []
    gcp_kms: []
    azure_kv: []
    hc_vault: []
    age:
        - recipient: age1zrgu7w8059xydagm60phnffghvfe9h2ca58cx8qwagqpyfuvs9fqw79c8h
          enc: |
@ -33,8 +33,8 @@ sops:
            aFVxcDFhaGdYekRWRVFIWnRsZndtZFkKgsvxOFHOcO306Z9FkucA1fDOpZA8N1/h
            jYmIgcKTFgWoSCvux67lK30jFsYp7sm5z6WxxDYsGcoQ/+pxoUX2jQ==
            -----END AGE ENCRYPTED FILE-----
-    lastmodified: "2025-03-07T21:28:04Z"
+    lastmodified: "2025-11-27T15:58:01Z"
-    mac: ENC[AES256_GCM,data:4lOafZQ6PP38CByulzA/J86sw+TpQhj40s1lTRXqUtpt72yH8nQK8dXpw0dNYvDBtDpKRvNTHZubzalEua6n2lCQL7rsZ2+fo6FJ4ht2Kb70dddDcWEyrfyZQ2FaKC5L/QjqM0SbIfPszNvyQ8wIaOoMfNJBis5QOjRSGDAcJm8=,iv:LLT0oJW+3KNe1nKphCK0c5FPIuh8GfnDrvNDCFhP4NM=,tag:rPbVY7L1qxNc3aCfv77FAg==,type:str]
+    mac: ENC[AES256_GCM,data:8JemHyxdcDjkg++kgBAGpvGZAyGnQhcAOzs58D8EqjJzTWWf4HgF3uD8od5EGu5i1f7IzUBNio57H/0DC7fWZk/vIRM/Xn7DREuXClBGmBsc32H+K0tOKg8hMb11PDGqviw0qj0qwl1Gs0+j8C4OY9qLupTDzsECUgRXBtsD4cU=,iv:vOV25BV/C3hK/D4bKb26Xi0PaiSlJ5t9bN18ZJQnCRs=,tag:1AZyn4Zj1/e/2dhNzcfPqg==,type:str]
    pgp:
        - created_at: "2025-03-07T22:49:16Z"
          enc: |-
@ -52,4 +52,4 @@ sops:
            -----END PGP MESSAGE-----
          fp: 0FECE8316E74BA6F44EFC21A2F8F21CE8721456B
    unencrypted_suffix: _unencrypted
-    version: 3.9.4-unstable
+    version: 3.11.0
--- a/3
+++ b/3
@ -4,6 +4,9 @@ set -euo pipefail
 nix fmt
 # Allow usage of untracked files in nix code
 git add --intent-to-add .
 git --no-pager diff
 run() {
--- a/system/configuration.nix
+++ b/system/configuration.nix
@ -49,6 +49,7 @@
  services.logind.extraConfig = ''
    HandlePowerKey=suspend
  '';
  services.upower.enable = true;
  # This value determines the NixOS release from which the default
  # settings for stateful data, like file locations and database versions
--- a/system/containers.nix
+++ b/system/containers.nix
@ -33,6 +33,18 @@
    networking.firewall.extraCommands = lib.getExe pkgs._docker-block-external-connections;
    # Docker punches holes in your firewall
    systemd.services.docker-update-firewall = {
      script = lib.getExe pkgs._docker-block-external-connections;
    };
    systemd.timers.docker-update-firewall = {
      timerConfig = {
        OnCalendar = "minutely";
        Unit = "docker-update-firewall.service";
      };
      wantedBy = [ "multi-user.target" ];
    };
    programs.extra-container.enable = true;
    programs.firejail.enable = true;
--- a/system/fonts.nix
+++ b/system/fonts.nix
@ -5,6 +5,7 @@
    noto-fonts
    noto-fonts-cjk-sans
    noto-fonts-emoji
-    nerdfonts_fira_hack
+    nerd-fonts.fira-code
    nerd-fonts.hack
  ];
 }
--- a/system/gaming.nix
+++ b/system/gaming.nix
@ -60,12 +60,6 @@
      };
    };
-    programs.corectrl = {
+    programs.corectrl.enable = true;
      enable = true;
      gpuOverclock = {
        enable = true;
        ppfeaturemask = "0xffffffff";
      };
    };
  };
 }
--- a/system/gitlab-runner.nix
+++ b/system/gitlab-runner.nix
@ -1,21 +1,18 @@
 { pkgs, lib, ... }:
 {
-  mkNixRunner =
+  pkgs,
-    authenticationTokenConfigFile: with lib; rec {
+  lib,
-      # File should contain at least these two variables:
+  inputs ? null,
-      # `CI_SERVER_URL`
+  ...
-      # `REGISTRATION_TOKEN`
+}:
-      inherit authenticationTokenConfigFile; # 2
+let
-      dockerImage = "alpine:3.18.2";
+  installNixScript =
-      dockerAllowedImages = [ dockerImage ];
+    {
-      dockerVolumes = [
+      authenticationTokenConfigFile,
-        "/etc/nix/nix.conf:/etc/nix/nix.conf:ro"
+      nixCacheSshPrivateKeyPath ? null,
-        "/nix/store:/nix/store:ro"
+      nixCacheSshPublicKeyPath ? null,
-        "/nix/var/nix/db:/nix/var/nix/db:ro"
+      ...
-        "/nix/var/nix/daemon-socket:/nix/var/nix/daemon-socket:ro"
+    }:
-      ];
+    pkgs.writeScriptBin "install-nix" ''
      dockerDisableCache = true;
      preBuildScript = pkgs.writeScript "setup-container" ''
      mkdir -p -m 0755 /nix/var/log/nix/drvs
      mkdir -p -m 0755 /nix/var/nix/gcroots
      mkdir -p -m 0755 /nix/var/nix/profiles
@ -29,23 +26,70 @@
      . ${pkgs.nix}/etc/profile.d/nix.sh
      ${pkgs.nix}/bin/nix-env -i ${
-          concatStringsSep " " (
+        lib.concatStringsSep " " (
          with pkgs;
          [
            nix
            cacert
            git
            openssh
            docker
          ]
        )
      }
      ${lib.optionalString (nixCacheSshPrivateKeyPath != null && nixCacheSshPublicKeyPath != null) ''
        NIX_CACHE_SSH_PRIVATE_KEY_PATH="${nixCacheSshPrivateKeyPath}"
        NIX_CACHE_SSH_PUBLIC_KEY_PATH="${nixCacheSshPublicKeyPath}"
        . ${./gitlab-runner/nix-cache-start}
      ''}
    '';
 in
 rec {
  mkNixRunnerFull =
    {
      authenticationTokenConfigFile,
      nixCacheSshPrivateKeyPath ? null,
      nixCacheSshPublicKeyPath ? null,
      ...
    }@args:
    {
      # File should contain at least these two variables:
      # `CI_SERVER_URL`
      # `REGISTRATION_TOKEN`
      inherit authenticationTokenConfigFile; # 2
      dockerImage = "alpine:3.18.2";
      dockerPullPolicy = "if-not-present";
      dockerVolumes = [
        "/etc/nix/nix.conf:/etc/nix/nix.conf:ro"
        "/nix/store:/nix/store:ro"
        "/nix/var/nix/db:/nix/var/nix/db:ro"
        "/nix/var/nix/daemon-socket:/nix/var/nix/daemon-socket:ro"
        "/tmp:/tmp"
        "/var/run/docker.sock:/var/run/docker.sock"
        "/var/lib/docker/containers:/var/lib/docker/containers"
        "/cache"
      ]
      ++ lib.optionals (nixCacheSshPrivateKeyPath != null) [
        "${nixCacheSshPrivateKeyPath}:${nixCacheSshPrivateKeyPath}"
      ]
      ++ lib.optionals (nixCacheSshPublicKeyPath != null) [
        "${nixCacheSshPublicKeyPath}:${nixCacheSshPublicKeyPath}"
      ];
      # dockerDisableCache = true;
      preBuildScript = "\". ${lib.getExe (installNixScript args)}\"";
      environmentVariables = {
        ENV = "/etc/profile";
        USER = "root";
        NIX_REMOTE = "daemon";
        PATH = "/nix/var/nix/profiles/default/bin:/nix/var/nix/profiles/default/sbin:/bin:/sbin:/usr/bin:/usr/sbin";
        NIX_SSL_CERT_FILE = "/nix/var/nix/profiles/default/etc/ssl/certs/ca-bundle.crt";
        NIX_PATH = if inputs != null then "nixpkgs=${inputs.nixpkgs}" else "";
      };
    };
  mkNixRunner =
    authenticationTokenConfigFile:
    mkNixRunnerFull {
      inherit authenticationTokenConfigFile;
    };
 }
--- a/system/gitlab-runner/nix-cache-start
+++ b/system/gitlab-runner/nix-cache-start
@ -0,0 +1,49 @@
 #!/bin/sh
 echo "nix-cache: Setting up ssh key and host" >&2
 STORE_HOST_PUB_KEY="$(cat "$NIX_CACHE_SSH_PUBLIC_KEY_PATH" | base64 | tr -d '\n')"
 STORE_URL="ssh://nix-ssh@nix-cache.wopus.dev?trusted=true&compress=true&ssh-key=$NIX_CACHE_SSH_PRIVATE_KEY_PATH&base64-ssh-public-host-key=$STORE_HOST_PUB_KEY"
 echo STORE_URL="$STORE_URL" >&2
 NIX_EXTRA_CONFIG_FILE=$(mktemp)
 cat > "$NIX_EXTRA_CONFIG_FILE" <<EOF
  extra-substituters = $STORE_URL
 EOF
 echo "nix-cache: Adding remote cache as substituter" >&2
 export NIX_USER_CONF_FILES="$NIX_EXTRA_CONFIG_FILE:$NIX_USER_CONF_FILES"
 echo "nix-cache: Setting up nix hook" >&2
 nix() {
    echo "nix-cache: executing nix hook" >&2
    command nix "$@"
    local STATUS="$?"
    local BUILD=no
    if test "$STATUS" = "0"; then
        for arg in "$@"; do
            echo "nix-cache: evaluating arg '$arg'" >&2
            case "$arg" in
                build)
                    echo "nix-cache: enablig upload" >&2
                    BUILD=yes
                ;;
                -*)
                    echo "nix-cache: ignoring argument '$arg'" >&2
                ;;
                *)
                    if test "$BUILD" = yes; then
                        echo "nix-cache: Sending path $arg" >&2
                        command nix copy --to "$STORE_URL" "$arg" || true
                    else
                        echo "nix-cache: not building, ignoring argument '$arg'" >&2
                    fi
                ;;
            esac
        done
    else
        echo "nix-cache: nix exited with code '$STATUS', ignoring" >&2
    fi
    return "$STATUS"
 }
--- a/system/greetd.nix
+++ b/system/greetd.nix
@ -37,8 +37,6 @@ in
    xdg.portal = {
      enable = true;
      wlr.enable = true;
      # Always pick the first monitor, this is fine since I only ever use a single monitor
      wlr.settings.screencast.chooser_type = "none";
      # gtk portal needed to make gtk apps happy
      extraPortals = [ pkgs.xdg-desktop-portal-gtk ];
    };
@ -74,7 +72,7 @@ in
            user = "lelgenio";
          };
          default_session = {
-            command = "${pkgs.sway}/bin/sway --config ${swayConfig}";
+            command = "dbus-run-session -- ${pkgs.sway}/bin/sway --config ${swayConfig}";
          };
        };
      };
--- a/system/locale.nix
+++ b/system/locale.nix
@ -2,7 +2,7 @@
 {
  time.timeZone = "America/Sao_Paulo";
  environment.variables.TZ = config.time.timeZone;
-  i18n.defaultLocale = "pt_BR.utf8";
+  i18n.defaultLocale = "pt_BR.UTF-8";
  # Configure keymap in X11
  services.xserver.xkb = {
--- a/system/media-packages.nix
+++ b/system/media-packages.nix
@ -14,7 +14,7 @@ in
  config = lib.mkIf cfg.enable {
    environment.systemPackages = with pkgs; [
      down_meme
-      yt-dlp
+      unstable.yt-dlp
      ffmpeg
      obs-studio
      imagemagick
--- a/system/monolith-bitbucket-runner.nix
+++ b/system/monolith-bitbucket-runner.nix
@ -1,50 +0,0 @@
 {
  config,
  pkgs,
  ...
 }:
 let
  mkRunner = secret: {
    image = "docker-public.packages.atlassian.com/sox/atlassian/bitbucket-pipelines-runner:latest";
    volumes = [
      "/tmp:/tmp"
      "/var/run/docker.sock:/var/run/docker.sock"
      "/var/lib/docker/containers:/var/lib/docker/containers:ro"
    ];
    environmentFiles = [ secret ];
  };
  secretConf = {
    sopsFile = ../secrets/monolith/default.yaml;
  };
 in
 {
  virtualisation.docker = {
    enable = true;
    daemon.settings = {
      # needed by bitbucket runner ???
      log-driver = "json-file";
      log-opts = {
        max-size = "10m";
        max-file = "3";
      };
    };
  };
  virtualisation.oci-containers.backend = "docker";
  virtualisation.oci-containers.containers = {
    bitbucket-runner-1 = mkRunner config.sops.secrets."bitbucket-runners/wopus-runner-1".path;
    bitbucket-runner-2 = mkRunner config.sops.secrets."bitbucket-runners/wopus-runner-2".path;
    bitbucket-runner-3 = mkRunner config.sops.secrets."bitbucket-runners/wopus-runner-3".path;
    bitbucket-runner-4 = mkRunner config.sops.secrets."bitbucket-runners/wopus-runner-4".path;
  };
  sops.secrets = {
    "bitbucket-runners/wopus-runner-1" = secretConf;
    "bitbucket-runners/wopus-runner-2" = secretConf;
    "bitbucket-runners/wopus-runner-3" = secretConf;
    "bitbucket-runners/wopus-runner-4" = secretConf;
  };
 }
--- a/system/monolith-gitlab-runner.nix
+++ b/system/monolith-gitlab-runner.nix
@ -1,29 +1,37 @@
 {
  config,
  pkgs,
  inputs,
  ...
 }:
 let
-  inherit (pkgs.callPackage ./gitlab-runner.nix { }) mkNixRunner;
+  inherit (pkgs.callPackage ./gitlab-runner.nix { inherit inputs; }) mkNixRunner mkNixRunnerFull;
 in
 {
  boot.kernel.sysctl."net.ipv4.ip_forward" = true;
  virtualisation.docker.enable = true;
  services.gitlab-runner = {
    enable = true;
-    settings.concurrent = 12;
+    settings.concurrent = 6;
    services = {
      # runner for building in docker via host's nix-daemon
      # nix store will be readable in runner, might be insecure
      thoreb-telemetria-nix = mkNixRunner config.sops.secrets."gitlab-runners/thoreb-telemetria-nix".path;
      thoreb-itinerario-nix = mkNixRunner config.sops.secrets."gitlab-runners/thoreb-itinerario-nix".path;
      wopus-gitlab-nix = mkNixRunnerFull {
        authenticationTokenConfigFile = config.sops.secrets."gitlab-runners/wopus-gitlab-nix".path;
        # nixCacheSshPrivateKeyPath = config.sops.secrets."gitlab-runners/wopus-ssh-nix-cache-pk".path;
        # nixCacheSshPublicKeyPath = config.sops.secrets."gitlab-runners/wopus-ssh-nix-cache-pub".path;
      };
      default = {
        # File should contain at least these two variables:
        # `CI_SERVER_URL`
        # `CI_SERVER_TOKEN`
        authenticationTokenConfigFile = config.sops.secrets."gitlab-runners/docker-images-token".path;
        dockerImage = "debian:stable";
        dockerPullPolicy = "if-not-present";
      };
    };
  };
@ -39,5 +47,14 @@ in
    "gitlab-runners/docker-images-token" = {
      sopsFile = ../secrets/monolith/default.yaml;
    };
    "gitlab-runners/wopus-gitlab-nix" = {
      sopsFile = ../secrets/monolith/default.yaml;
    };
    "gitlab-runners/wopus-ssh-nix-cache-pk" = {
      sopsFile = ../secrets/monolith/default.yaml;
    };
    "gitlab-runners/wopus-ssh-nix-cache-pub" = {
      sopsFile = ../secrets/monolith/default.yaml;
    };
  };
 }
--- a/system/network.nix
+++ b/system/network.nix
@ -26,6 +26,8 @@
    };
  };
  services.fail2ban.enable = true;
  # Workaround for nm-wait-online hanging??
  # Ref: https://github.com/NixOS/nixpkgs/issues/180175
  systemd.services.NetworkManager-wait-online = {
--- a/system/sound.nix
+++ b/system/sound.nix
@ -1,6 +1,6 @@
 { pkgs, ... }:
 {
-  hardware.pulseaudio.enable = false;
+  services.pulseaudio.enable = false;
  services.pipewire = {
    enable = true;
    wireplumber.enable = true;
--- a/user/firefox.nix
+++ b/user/firefox.nix
@ -1,23 +1,15 @@
 {
  config,
  pkgs,
  lib,
  ...
 }:
 let
  inherit (config.my) desktop;
  inherit (config.my.theme) color;
  bugfixedFirefox = pkgs.firefox-devedition-unwrapped // {
    requireSigning = false;
    allowAddonSideload = true;
  };
  swayCustomization = ''
    #titlebar { display: none !important; }
    #TabsToolbar { display: none !important; }
    #sidebar-header { display: none !important; }
  '';
 in
 {
  config = {
@ -35,15 +27,15 @@ in
            url = "https://addons.mozilla.org/firefox/downloads/file/4202411/sponsorblock-5.4.29.xpi";
            hash = "sha256-7Xqc8cyQNylMe5/dgDOx1f2QDVmz3JshDlTueu6AcSg=";
          })
-          (pkgs.fetchFirefoxAddon {
+          # (pkgs.fetchFirefoxAddon {
-            name = "tree-style-tab";
+          #   name = "tree-style-tab";
-            url = "https://addons.mozilla.org/firefox/downloads/file/4197314/tree_style_tab-3.9.19.xpi";
+          #   url = "https://addons.mozilla.org/firefox/downloads/file/4197314/tree_style_tab-3.9.19.xpi";
-            hash = "sha256-u2f0elVPj5N/QXa+5hRJResPJAYwuT9z0s/0nwmFtVo=";
+          #   hash = "sha256-u2f0elVPj5N/QXa+5hRJResPJAYwuT9z0s/0nwmFtVo=";
-          })
+          # })
          (pkgs.fetchFirefoxAddon {
            name = "ublock-origin";
-            url = "https://addons.mozilla.org/firefox/downloads/file/4290466/ublock_origin-1.58.0.xpi";
+            url = "https://addons.mozilla.org/firefox/downloads/file/4492375/ublock_origin-1.64.0.xpi";
-            hash = "sha256-RwxWmUpxdNshV4rc5ZixWKXcCXDIfFz+iJrGMr0wheo=";
+            hash = "sha256-ueHIaL0awd78q/LgF3bRqQ7/ujSwf+aiE1DUXwIuDp8=";
          })
          (pkgs.fetchFirefoxAddon {
            name = "user_agent_string_switcher";
@ -63,10 +55,20 @@ in
            hash = "sha256-lKLX6IWWtliRdH1Ig33rVEB4DVfbeuMw0dfUPV/mSSI=";
          })
          (pkgs.fetchFirefoxAddon {
-            name = "invidious_redirect";
+            name = "unhook";
-            url = "https://addons.mozilla.org/firefox/downloads/file/4292924/invidious_redirect_2-1.16.xpi";
+            url = "https://addons.mozilla.org/firefox/downloads/file/4263531/youtube_recommended_videos-1.6.7.xpi";
-            hash = "sha256-ApCc+MNmW9Wd/5seV6npePQVEaszT/rhD9EB7HGiUb8=";
+            hash = "sha256-u21ouN9IyOzkTkFSeDz+QBp9psJ1F2Nmsvqp6nh0DRU=";
          })
          (pkgs.fetchFirefoxAddon {
            name = "youtube_no_translation";
            url = "https://addons.mozilla.org/firefox/downloads/file/4561536/youtube_no_translation-2.11.0.xpi";
            hash = "sha256-8VpoUDbvZZf0oYGSHnXEiYDjfcPjQqtbDaxp5ndAJ94=";
          })
          # (pkgs.fetchFirefoxAddon {
          #   name = "invidious_redirect";
          #   url = "https://addons.mozilla.org/firefox/downloads/file/4292924/invidious_redirect_2-1.16.xpi";
          #   hash = "sha256-ApCc+MNmW9Wd/5seV6npePQVEaszT/rhD9EB7HGiUb8=";
          # })
          (pkgs.fetchFirefoxAddon {
            name = "substitoot";
@ -91,13 +93,14 @@ in
        dev-edition-default = {
          isDefault = true;
          search.force = true;
-          search.default = "DuckDuckGo";
+          search.default = "ddg";
          settings = {
            "devtools.theme" = "auto";
            "toolkit.legacyUserProfileCustomizations.stylesheets" = true;
            "browser.tabs.inTitlebar" = if desktop == "sway" then 0 else 1;
            "sidebar.position_start" = false; # Move sidebar to the right
            "browser.tabs.groups.enabled" = true;
            # enable media RDD to allow gpu acceleration
            "media.rdd-ffmpeg.enabled" = true;
            "media.rdd-ffvpx.enabled" = true;
@ -114,8 +117,6 @@ in
            "media.ffmpeg.vaapi.enabled" = true;
            "media.ffvpx.enabled" = true;
            "gfx.webrender.all" = true;
            # Enable installing non signed extensions
            "extensions.langpacks.signatures.required" = false;
            "xpinstall.signatures.required" = false;
@ -127,8 +128,6 @@ in
            "devtools.debugger.remote-enabled" = true;
          };
          userChrome = ''
            ${lib.optionalString (desktop == "sway") swayCustomization}
            #sidebar-main {
              background-color: ${color.bg};
            }
@ -140,14 +139,15 @@ in
        };
      };
    };
    home.packages = with pkgs; [
      nix-prefetch-firefox-extension
    ];
    wayland.windowManager.sway = {
      extraConfig = ''
-        exec firefox
+        exec firefox-devedition
      '';
    };
    home.sessionVariables = {
      MOZ_ENABLE_WAYLAND = "1";
      MOZ_DISABLE_RDD_SANDBOX = "1";
    };
  };
 }
--- a/user/fish/default.nix
+++ b/user/fish/default.nix
@ -35,6 +35,14 @@ in
        set_color normal
        bind \cy 'commandline | wl-copy -n'
        function envsource
          for line in (cat $argv | grep -v '^#' |  grep -v '^\s*$' | sed -e 's/=/ /' -e "s/'//g" -e 's/"//g' )
            set export (string split ' ' $line)
            set -gx $export[1] $export[2]
            echo "Exported key $export[1]"
          end
        end
      '';
      shellAliases = {
        rm = "trash";
@ -56,7 +64,7 @@ in
        suv = "systemct --user";
        # docker abbrs
        d = "docker";
-        dc = "docker-compose";
+        dc = "docker compose";
        # git abbrs
        g = "git";
        ga = "git add";
--- a/user/git.nix
+++ b/user/git.nix
@ -16,7 +16,6 @@ in
        user = {
          name = username;
          email = mail.personal.user;
          signingkey = "2F8F21CE8721456B";
        };
        init.defaultBranch = "main";
        core = {
@ -25,11 +24,9 @@ in
        };
        commit = {
          verbose = true;
          gpgsign = true;
        };
        fetch = {
          prune = true;
          pruneTags = true;
          all = true;
        };
        push = {
--- a/user/gnome.nix
+++ b/user/gnome.nix
@ -43,7 +43,7 @@ lib.mkIf (config.my.desktop == "gnome") {
    qt6Packages.qtstyleplugin-kvantum
  ];
-  services.gpg-agent.pinentryPackage = pkgs.pinentry-gnome;
+  services.gpg-agent.pinentry.package = pkgs.pinentry-gnome;
  xdg.defaultApplications = {
    enable = lib.mkForce false;
--- a/user/home.nix
+++ b/user/home.nix
@ -24,6 +24,7 @@
    ./mpv.nix
    ./mangohud.nix
    ./gaming.nix
    ./lsfg-vk
    ./pipewire.nix
    ./mimeapps.nix
    ./desktop-entries.nix
@ -36,13 +37,14 @@
    ./pass.nix
    ./pqiv.nix
    ./zathura.nix
    ./satty
    ./man.nix
    ./mpd.nix
    ./sway
    ./gnome.nix
    ./thunar.nix
    ./xdg-dirs.nix
-    inputs.nix-index-database.hmModules.nix-index
+    inputs.nix-index-database.homeModules.nix-index
    ../settings
    ./powerplay-led-idle.nix
    ./rm-target.nix
@ -77,6 +79,8 @@
    micro
    _diffr
    br # bulk rename
    bcrypt
    semver-tool
    comma
@ -147,12 +151,14 @@
    enable = true;
  };
  sops.age.keyFile = config.home.homeDirectory + "/.ssh/id_ed25519";
  xdg.defaultApplications = {
    enable = true;
    text-editor = lib.mkDefault "kak.desktop";
    image-viewer = lib.mkDefault "pqiv.desktop";
    video-player = lib.mkDefault "mpv.desktop";
-    web-browser = lib.mkDefault "firefox.desktop";
+    web-browser = lib.mkDefault "firefox-devedition.desktop";
    document-viewer = lib.mkDefault "org.pwmt.zathura.desktop";
    file-manager = lib.mkDefault "thunar.desktop";
    archive-manager = "engrampa.desktop";
--- a/user/kakoune/default.nix
+++ b/user/kakoune/default.nix
@ -79,9 +79,12 @@ in
          src = pkgs.fetchFromGitHub {
            owner = "natasky";
            repo = pname;
-            rev = "0cd144841e64124d3c313769a82be2c5f2588ab6";
+            rev = "1cc6baeb14b773916eb9209469aa77b3cfa67a0a";
-            hash = "sha256-ZvtwS3UKHL/KmsekymN3Ou6hK1FqcTsQbZMmrfkwa4w=";
+            sha256 = "sha256-3PLxG9UtT0MMSibvTviXQIgTH3rApZ3WSbNCEH3c7HE=";
          };
          buildInputs = with pkgs; [
            python3Minimal
          ];
        })
      ];
      extraConfig =
@ -107,6 +110,7 @@ in
          set global scrolloff 10,20
          set global autoreload yes
          set global startup_info_version 99999999
          set global grepcmd 'rg -Hn'
        ''
        + (import ./colors.nix {
@ -138,6 +142,8 @@ in
      aspell
      aspellDicts.en
      aspellDicts.pt_BR
      ripgrep
    ];
    home.activation = {
      update_kakoune = lib.hm.dag.entryAfter [ "writeBoundary" ] ''
--- a/user/kakoune/filetypes.kak
+++ b/user/kakoune/filetypes.kak
@ -16,15 +16,15 @@ hook global WinSetOption filetype=nix %{
 }
 hook global BufCreate .*\.json %{
-    set buffer formatcmd 'prettier --parser json'
+    set buffer formatcmd "prettier --stdin-filepath='%val{buffile}'"
 }
 hook global BufCreate .*\.ya?ml %{
-    set buffer formatcmd 'prettier --parser yaml'
+    set buffer formatcmd "prettier --stdin-filepath='%val{buffile}'"
 }
 hook global BufCreate .*\.html %{
-    set buffer formatcmd 'prettier --parser html'
+    set buffer formatcmd "prettier --stdin-filepath='%val{buffile}'"
 }
 hook global BufCreate .*\.component\.html %{
@ -43,11 +43,23 @@ hook global BufCreate .*\.php %{
 }
 hook global BufCreate .*\.js %{
-    set buffer formatcmd 'prettier --parser babel'
+    set buffer formatcmd "prettier --stdin-filepath='%val{buffile}'"
 }
 hook global BufCreate .*\.jsx %{
    set buffer formatcmd "prettier --stdin-filepath='%val{buffile}'"
 }
 hook global BufCreate .*\.ts %{
    set buffer formatcmd "prettier --stdin-filepath='%val{buffile}'"
 }
 hook global BufCreate .*\.tsx %{
    set buffer formatcmd "prettier --stdin-filepath='%val{buffile}'"
 }
 hook global BufCreate .*\.scss %{
-    set buffer formatcmd 'prettier --parser scss'
+    set buffer formatcmd "prettier --stdin-filepath='%val{buffile}'"
 }
 hook global BufCreate .*\.vue %{
--- a/user/lsfg-vk/default.nix
+++ b/user/lsfg-vk/default.nix
@ -0,0 +1,40 @@
 { pkgs, config, ... }:
 let
  LosslessDllPath = config.home.homeDirectory + "/.local/lib/Lossless.dll";
 in
 {
  home.file = {
    ".local/share/vulkan/implicit_layer.d/VkLayer_LS_frame_generation.json".source =
      "${pkgs.lsfg-vk}/share/vulkan/implicit_layer.d/VkLayer_LS_frame_generation.json";
    ".local/lib/liblsfg-vk.so".source = "${pkgs.lsfg-vk}/lib/liblsfg-vk.so";
  };
  home.sessionVariables = {
    # ENABLE_LSFG = 1; # Don't enable session wide, to avoid bugs
    LSFG_DLL_PATH = LosslessDllPath;
  };
  home.packages = with pkgs; [
    lsfg-vk
    lsfg-vk-ui
  ];
  # Put the dll in a reachable location for steam games
  # Secrets normally are a symlink to /run/user/1000/secrets.d/
  # Every time sops-nix.service runs, we copy the dll
  systemd.user.services.copy-lsfg-dll = {
    Service = {
      ExecStart = pkgs.writeShellScript "copy-lsfg-dll" ''
        cp -fv "${config.sops.secrets."lsfg.dll".path}" "${LosslessDllPath}"
      '';
      Type = "oneshot";
    };
    Unit.After = [ "sops-nix.service" ];
    Install.WantedBy = [ "sops-nix.service" ];
  };
  sops.secrets."lsfg.dll" = {
    sopsFile = ../../secrets/lsfg.dll.gpg;
    format = "binary";
  };
 }
--- a/user/mangohud.nix
+++ b/user/mangohud.nix
@ -17,6 +17,9 @@ in
      toggle_preset = "Control_R+F9";
      fps_metrics = "Control_R+F8";
      media_player = false;
      battery = false;
      # legacy_layout = "false";
      # gpu_stats = true;
      # gpu_temp = true;
--- a/user/ranger/rc.conf
+++ b/user/ranger/rc.conf
@ -27,10 +27,10 @@ set confirm_on_delete multiple
 # Use non-default path for file preview script?
 # ranger ships with scope.sh, a script that calls external programs (see
 # README.md for dependencies) to preview images, archives, etc.
-set preview_script ~/.config/ranger/scope.sh
+# set preview_script ~/.config/ranger/scope.sh
 # Use the external preview script or display simple plain text or image previews?
-set use_preview_script true
+# set use_preview_script true
 # Automatically count files in the directory, even before entering them?
 set automatically_count_files true
@ -40,7 +40,7 @@ set automatically_count_files true
 set open_all_images true
 # Be aware of version control systems and display information.
-set vcs_aware true
+set vcs_aware false
 # State of the four backends git, hg, bzr, svn. The possible states are
 # disabled, local (only show local info), enabled (show local and remote
--- a/user/satty/config.toml
+++ b/user/satty/config.toml
@ -0,0 +1,63 @@
 [general]
 # Start Satty in fullscreen mode
 fullscreen = true
 # Exit directly after copy/save action
 early-exit = true
 # Draw corners of rectangles round if the value is greater than 0 (0 disables rounded corners)
 corner-roundness = 12
 # Select the tool on startup [possible values: pointer, crop, line, arrow, rectangle, text, marker, blur, brush]
 initial-tool = "brush"
 # Configure the command to be called on copy, for example `wl-copy`
 copy-command = "wl-copy"
 # Increase or decrease the size of the annotations
 # annotation-size-factor = 2
 # Filename to use for saving action. Omit to disable saving to file. Might contain format specifiers: https://docs.rs/chrono/latest/chrono/format/strftime/index.html
 # output-filename = "/tmp/test-%Y-%m-%d_%H:%M:%S.png"
 # After copying the screenshot, save it to a file as well
 # save-after-copy = false
 # Hide toolbars by default
 # default-hide-toolbars = false
 # Experimental: whether window focus shows/hides toolbars. This does not affect initial state of toolbars, see default-hide-toolbars.
 # focus-toggles-toolbars = false
 # The primary highlighter to use, the other is accessible by holding CTRL at the start of a highlight [possible values: block, freehand]
 primary-highlighter = "block"
 # Disable notifications
 disable-notifications = true
 # Actions to trigger on right click (order is important)
 # [possible values: save-to-clipboard, save-to-file, exit]
 # actions-on-right-click = []
 # Actions to trigger on Enter key (order is important)
 # [possible values: save-to-clipboard, save-to-file, exit]
 # actions-on-enter = ["save-to-clipboard"]
 # Actions to trigger on Escape key (order is important)
 # [possible values: save-to-clipboard, save-to-file, exit]
 # actions-on-escape = ["exit"]
 # Action to perform when the Enter key is pressed [possible values: save-to-clipboard, save-to-file]
 # Deprecated: use actions-on-enter instead
 action-on-enter = "save-to-clipboard"
 # Right click to copy
 # Deprecated: use actions-on-right-click instead
 # right-click-copy = false
 # request no window decoration. Please note that the compositor has the final say in this. At this point. requires xdg-decoration-unstable-v1.
 # no-window-decoration = true
 # experimental feature: adjust history size for brush input smooting (0: disabled, default: 0, try e.g. 5 or 10)
 # brush-smooth-history-size = 10
 # Font to use for text annotations
 [font]
 family = "Roboto"
 style = "Bold"
 # Custom colours for the colour palette
 [color-palette]
 # These will be shown in the toolbar for quick selection
 palette = [
    "#ff0000",
    "#00ffff",
    "#a52a2a",
    "#dc143c",
    "#ff1493",
    "#ffd700",
    "#008000",
 ]
--- a/user/satty/default.nix
+++ b/user/satty/default.nix
@ -0,0 +1,22 @@
 {
  pkgs,
  lib,
  config,
  ...
 }:
 let
  cfg = config.my.satty;
 in
 {
  options.my.satty.enable = lib.mkEnableOption { };
  config = lib.mkIf cfg.enable {
    xdg.configFile."satty/config.toml" = {
      source = ./config.toml;
    };
    home.packages = with pkgs; [
      satty
    ];
  };
 }
--- a/user/sway/default.nix
+++ b/user/sway/default.nix
@ -14,6 +14,7 @@ in
  imports = [
    ./kanshi.nix
    ./mako.nix
    ./sway-sync-xkbmap.nix
    ./sway-binds.nix
    ./sway-modes.nix
    ./sway-assigns.nix
@ -32,6 +33,7 @@ in
    my.swaylock.enable = true;
    my.mpd.enable = true;
    my.zathura.enable = true;
    my.satty.enable = true;
    my.waybar.enable = true;
    my.gammastep.enable = true;
@ -75,10 +77,19 @@ in
          };
        output = {
          "*" = {
            adaptive_sync = "on";
            bg = "${theme.background} fill";
          };
          "AOC 24G2W1G4 ATNM6XA004804" = {
            position = "0,0";
            adaptive_sync = "on";
            mode = "1920x1080@144.000Hz";
          };
          "LG Electronics 25UM58G 0x01010101" = {
            position = "1920,215";
            adaptive_sync = "on";
            scale = "1.2";
            mode = "2560x1080@74.991Hz";
          };
        };
        fonts = {
          names = [ font.interface ];
@ -123,9 +134,12 @@ in
      indicator = true;
    };
-    services.gpg-agent.pinentryPackage = pkgs.pinentry-all;
+    services.gpg-agent.pinentry.package = pkgs.pinentry-all;
-    xdg.configFile."OpenTabletDriver/settings.json".source = ./open-tablet-driver.json;
+    xdg.configFile."OpenTabletDriver/settings.json" = {
      force = true;
      source = ./open-tablet-driver.json;
    };
    home.packages = with pkgs; [
      mySway
@ -150,6 +164,7 @@ in
      wl-clipboard
      wtype
      wl-crosshair
      caffeinated
      grim
      satty
--- a/user/sway/kanshi.nix
+++ b/user/sway/kanshi.nix
@ -8,6 +8,24 @@ in
  config.services.kanshi = lib.mkIf cfg.enable {
    enable = true;
    settings = [
      {
        profile = {
          name = "home";
          outputs = [
            {
              criteria = "AOC 24G2W1G4 ATNM6XA004804";
              position = "0,0";
            }
            {
              criteria = "LG Electronics 25UM58G 0x01010101";
              position = "1920,215";
              scale = 1.2;
              mode = "2560x1080@74.991Hz";
            }
          ];
          exec = [ "xrdb .Xresources" ];
        };
      }
      {
        profile = {
          name = "sedetary";
--- a/user/sway/mako.nix
+++ b/user/sway/mako.nix
@ -20,26 +20,28 @@ in
  config = lib.mkIf cfg.enable {
    services.mako = {
      enable = true;
-      borderSize = 2;
+
      settings = {
        border-size = 2;
        padding = "5";
        margin = "15";
        layer = "overlay";
        font = "${font.interface} ${toString font.size.small}";
-      textColor = color.txt;
+        text-color = color.txt;
-      backgroundColor = color.bg;
+        background-color = color.bg;
-      borderColor = accent.color;
+        border-color = accent.color;
-      progressColor = "over ${accent.color}88";
+        progress-color = "over ${accent.color}88";
-      defaultTimeout = 10000;
+        default-timeout = 10000;
-      extraConfig = ''
+        "app-name=volumesh" = {
-        [app-name=volumesh]
+          "default-timeout" = "5000";
-        default-timeout=5000
+          "group-by" = "app-name";
-        group-by=app-name
+          "format" = "<b>%s</b>\\n%b";
-        format=<b>%s</b>\n%b
+        };
-      '';
+      };
      # # {{@@ header() @@}}
      # # text
--- a/user/sway/sway-binds.nix
+++ b/user/sway/sway-binds.nix
@ -14,12 +14,13 @@ let
  terminal = "alacritty";
  _lock = pkgs.writeShellScriptBin "_lock" ''
    pkill caffeinated || true
    ${pkgs.sway}/bin/swaymsg mode default
    ${pkgs.swaylock}/bin/swaylock -f
  '';
  _suspend = pkgs.writeShellScriptBin "_suspend" ''
    ${pkgs.sway}/bin/swaymsg mode default
-    systemctl --user start swayidle.service
+    pkill caffeinated || true
    systemctl suspend
  '';
@ -109,6 +110,8 @@ let
            "${mod}+Control+${keyBind}" = "resize ${resize_cmd}";
            #  focus output
            "${mod}+mod1+${keyBind}" = "focus output ${direction}";
            #  Move window to output
            "${mod}+mod1+Control+${keyBind}" = "move window output ${direction}; focus output ${direction}";
            #  Move workspace to output
            "${mod}+mod1+Shift+${keyBind}" = "move workspace output ${direction}";
          }
@ -124,9 +127,8 @@ let
    "${mod}+v" = "splitv";
    "${mod}+a" = "focus parent";
-    ## TODO:
+    "${mod}+Shift+z" = "move scratchpad";
-    # "${mod}+Shift+minus" = "move scratchpad";
+    "${mod}+z" = "scratchpad show";
    # "${mod}+minus" = "scratchpad show";
  };
  audio_binds = {
@ -143,7 +145,7 @@ let
  system_binds = {
    "--locked Ctrl+${mod}+z" = "exec ${_suspend}/bin/_suspend";
-    "${mod}+Alt+c" = "exec ${pkgs._sway_idle_toggle}/bin/_sway_idle_toggle";
+    "${mod}+Alt+c" = "exec pkill caffeinated || exec caffeinated";
  };
  screenshot_binds = {
@ -160,7 +162,7 @@ let
  screen_binds = {
    "XF86MonBrightnessDown" = "exec brightnessctl --min-value=1 set 5%-";
    "XF86MonBrightnessUp" = "exec brightnessctl --min-value=1 set 5%+";
-    "${mod}+l" = lib.getExe _lock;
+    "${mod}+l" = "exec ${lib.getExe _lock}";
  };
  other_binds = {
@ -171,9 +173,7 @@ let
    "${mod}+c" = "exec ${pkgs.color_picker}/bin/color_picker";
    "${mod}+Return" = "exec ${terminal}";
    "${mod}+Ctrl+Return" = "exec thunar";
-    "${mod}+Shift+s" = ''
+    "${mod}+Shift+s" = "exec ${pkgs.screenshotsh}/bin/screenshotsh edit";
      exec grim - | satty --filename - --fullscreen --output-filename "$(xdg-user-dir PICTURES)"/Screenshots/satty-$(date '+%Y%m%d-%H:%M:%S').png
    '';
    "${mod}+Ctrl+v" = "exec wl-paste | tesseract -l por - - | wl-copy";
    "${mod}+k" = "exec showkeys";
    "${mod}+Alt+x" = "exec pkill wl-crosshair || exec wl-crosshair";
--- a/user/sway/sway-sync-xkbmap.nix
+++ b/user/sway/sway-sync-xkbmap.nix
@ -0,0 +1,27 @@
 {
  config,
  pkgs,
  lib,
  ...
 }:
 let
  cfg = config.my.sway;
 in
 {
  config = lib.mkIf cfg.enable {
    systemd.user.services.sway-sync-xkbmap = {
      Unit = {
        Description = "Sync xkbmap with sway keyboard layout";
        PartOf = [ "graphical-session.target" ];
        After = [ "graphical-session.target" ];
      };
      Service = {
        ExecStart = lib.getExe pkgs.sway-sync-xkbmap;
        Restart = "on-failure";
      };
      Install = {
        WantedBy = [ "sway-session.target" ];
      };
    };
  };
 }
--- a/user/sway/theme.nix
+++ b/user/sway/theme.nix
@ -21,8 +21,7 @@ lib.mkIf (desktop == "sway") {
    package = pkgs.bibata-cursors;
    gtk.enable = true;
  };
-  gtk =
+  gtk = {
    {
    enable = true;
    font = {
      name = font.interface;
@ -55,7 +54,7 @@ lib.mkIf (desktop == "sway") {
  qt = {
    enable = true;
    platformTheme.name = "gtk3";
-    style.name = "qt5ct";
+    style.name = "kvantum";
  };
  dconf.settings = {
@ -70,28 +69,6 @@ lib.mkIf (desktop == "sway") {
    };
  };
  # fonts.fontconfig.enable = true;
  xdg.configFile = {
    "qt5ct/qt5ct.conf".text = ''
      [Appearance]
      # color_scheme_path=/nix/store/f07mk0vrm47jxw3y5v99hxncy0w4vcyq-qt5ct-1.5/share/qt5ct/colors/darker.conf
      custom_palette=false
      icon_theme=${icon_theme}
      standard_dialogs=default
      style=kvantum-dark
      # [Fonts]
      # fixed=@Variant(\0\0\0@\0\0\0\x1c\0H\0\x61\0\x63\0k\0 \0N\0\x65\0r\0\x64\0 \0\x46\0o\0n\0t@(\0\0\0\0\0\0\xff\xff\xff\xff\x5\x1\0\x32\x10)
      # general=@Variant(\0\0\0@\0\0\0\x1e\0L\0i\0\x62\0\x65\0r\0\x61\0t\0i\0o\0n\0 \0S\0\x61\0n\0s@(\0\0\0\0\0\0\xff\xff\xff\xff\x5\x1\0\x32\x10)
    '';
    "kdedefaults/kdeglobals".text = ''
      [General]
      ColorScheme=BreezeDark
      [Icons]
      Theme=${icon_theme}
    '';
  };
  services.xsettingsd = {
    enable = true;
    settings = {
@ -105,11 +82,6 @@ lib.mkIf (desktop == "sway") {
  };
  home.packages = with pkgs; [
    libsForQt5.qt5ct
    libsForQt5.qtstyleplugin-kvantum
    qt6Packages.qt6ct
    qt6Packages.qtstyleplugin-kvantum
    pkgs.bibata-cursors
    pkgs.orchis_theme_compact
    pkgs.papirus_red
@ -119,7 +91,6 @@ lib.mkIf (desktop == "sway") {
    hack-font
    font-awesome_5
    fira-code
    nerdfonts_fira_hack
    material-wifi-icons
  ];
 }
--- a/user/variables.nix
+++ b/user/variables.nix
@ -116,6 +116,6 @@ rec {
  dmenu = "bmenu";
  desktop = "sway";
-  browser = "firefox";
+  browser = "firefox-devedition";
  editor = "kakoune";
 }
--- a/user/vscode/default.nix
+++ b/user/vscode/default.nix
@ -4,7 +4,7 @@
  programs.vscode = {
    enable = true;
    package = pkgs.vscodium;
-    extensions = with pkgs.vscode-extensions; [
+    profiles.default.extensions = with pkgs.vscode-extensions; [
      jnoortheen.nix-ide
      github.github-vscode-theme
      rust-lang.rust-analyzer
--- a/user/waybar/default.nix
+++ b/user/waybar/default.nix
@ -3,12 +3,10 @@
  osConfig,
  pkgs,
  lib,
  font,
  ...
 }:
 let
  inherit (config.my)
    key
    theme
    accent
    font
@ -40,6 +38,7 @@ in
            "custom/playerctl"
            "tray"
            "custom/controller-battery"
            "custom/mouse-battery"
            "custom/caffeine"
            "pulseaudio"
            (lib.optional (osConfig.services.vpn.enable or false) "custom/vpn")
@ -166,12 +165,16 @@ in
            format = "{}";
            exec = lib.getExe pkgs.controller-battery;
            interval = 1;
-            tooltip = false;
+          };
          "custom/mouse-battery" = {
            format = "{}";
            exec = lib.getExe pkgs.mouse-battery;
            interval = 1;
          };
          "custom/caffeine" = {
            format = "{}";
-            exec = "systemctl --user status swayidle > /dev/null && echo 󰒲 || echo 󰒳";
+            exec = "pgrep caffeinated > /dev/null && echo '󰒳' || echo '󰒲' ";
-            on-click = "${pkgs._sway_idle_toggle}/bin/_sway_idle_toggle";
+            on-click = "pkill caffeinated || exec caffeinated";
            interval = 1;
            tooltip = false;
          };
@ -234,10 +237,7 @@ in
          };
        }
      ];
-      style = builtins.readFile (
+      style = pkgs.replaceVars ./style.css {
        pkgs.substituteAll {
          src = ./style.css;
        accent_color = accent.color;
        color_bg = color.bg;
@ -249,8 +249,7 @@ in
        font_size_big = "${toString font.size.big}px";
        font_size_medium = "${toString font.size.medium}px";
-        }
+      };
      );
    };
    home.packages = with pkgs; [ waybar ];
  };
--- a/user/waybar/style.css
+++ b/user/waybar/style.css
@ -38,6 +38,7 @@ window#waybar.solo {
 #custom-mpd,
 #custom-playerctl,
 #custom-controller-battery,
 #custom-mouse-battery,
 #tray,
 #clock,
 #network,
--- a/user/xdg-dirs.nix
+++ b/user/xdg-dirs.nix
@ -1,8 +1,5 @@
 {
  config,
  pkgs,
  lib,
  inputs,
  ...
 }:
 let
@ -24,9 +21,4 @@ in
      videos = "${HOME}/Vídeos";
    };
  };
  home.sessionVariables = {
    CARGO_HOME = "${config.xdg.dataHome}/cargo";
    RUSTUP_HOME = "${config.xdg.dataHome}/rustup";
  };
 }
Author	SHA1	Message	Date
Leonardo Eugênio	5296996bc9	monolith: remove old gpu config	2025-12-12 21:53:22 -03:00
Leonardo Eugênio	aa408b45f2	Revert "monolith: add static ip address" This reverts commit `05e3958eed`.	2025-12-08 08:46:34 -03:00
Leonardo Eugênio	b7f4ddf77e	update	2025-12-08 08:46:34 -03:00
Leonardo Eugênio	fd8180ce67	firefox: add nix-prefetch-firefox-extension script	2025-12-08 08:46:34 -03:00
Leonardo Eugênio	80a42cc578	monolith: install minio	2025-11-27 23:18:47 -03:00
Leonardo Eugênio	19c97a81e0	monolith: add nebula lighthouses	2025-11-27 13:06:32 -03:00
Leonardo Eugênio	6892829a35	fish: add envsource function for exporting environment variables	2025-11-23 14:55:55 -03:00
Leonardo Eugênio	510c5d9f05	gitlab-runner: disable nix cache	2025-11-16 15:59:22 -03:00
Leonardo Eugênio	1130fa3784	git: don't prune tags	2025-11-15 22:07:24 -03:00
Leonardo Eugênio	05e3958eed	monolith: add static ip address	2025-11-15 20:34:46 -03:00
Leonardo Eugênio	e1890bbd68	cli: install semver-tool	2025-11-13 01:07:23 -03:00
lelgenio	cf9059013c	double-rainbow: add wopus nebula vpn connection	2025-11-12 15:47:27 -03:00
Leonardo Eugênio	b8e05ad8a2	monolith: add wopus nebula vpn	2025-11-10 00:09:52 -03:00
Leonardo Eugênio	67b82351a6	monolith: reduce concurrent gitlab runners	2025-11-06 23:05:36 -03:00
Leonardo Eugênio	9f04dda7e6	monolith: use stable kernel	2025-11-06 23:05:25 -03:00
Leonardo Eugênio	acf1ca6908	monolith: fix documentation	2025-11-06 23:05:06 -03:00
Leonardo Eugênio	f21f36718a	update unstable	2025-11-06 23:04:54 -03:00
Leonardo Eugênio	a064128e6e	update: use unstable yt-dlp	2025-11-06 23:04:26 -03:00
Leonardo Eugênio	aead1f4c94	update	2025-10-26 17:00:59 -03:00
Leonardo Eugênio	dc9efd4906	gitlab-runner: pin nixpkgs version in jobs	2025-10-26 17:00:43 -03:00
Leonardo Eugênio	481af4f88c	sway: sync Xwayland keyboard layout	2025-10-24 20:41:44 -03:00
Leonardo Eugênio	28850abd5b	fish: prefer `docker compose` over `docker-compose`	2025-10-17 14:08:26 -03:00
Leonardo Eugênio	ba83751fee	update	2025-10-10 20:55:51 -03:00
Leonardo Eugênio	4cab0e1e7a	scripts: fix video downloader	2025-10-03 20:59:55 -03:00
Leonardo Eugênio	a1a6df8eac	update warthunder-leak-counter	2025-09-27 15:59:11 -03:00
Leonardo Eugênio	38a8e21904	factorio: update 2.0.60 -> 2.0.66	2025-09-26 22:20:23 -03:00
Leonardo Eugênio	bec17ba1e9	update	2025-09-18 13:06:25 -03:00
lelgenio	99d57ba005	scripts: add bcrypt script	2025-09-17 17:47:38 -03:00
lelgenio	7a95706af2	kakoune: fix prettier file path handling	2025-09-16 13:36:44 -03:00
lelgenio	2fa47a81a7	rainbow: add gitlab runner	2025-09-16 13:31:10 -03:00
Leonardo Eugênio	74de7c937f	monolith: update gitlab concurrent runners	2025-09-05 19:18:35 -03:00
Leonardo Eugênio	2f7572839f	sway: only open current monitor for satty screenshot editor	2025-09-04 00:28:29 -03:00
Leonardo Eugênio	e72e9a2688	sway: add multimonitor settings	2025-09-03 00:35:43 -03:00
Leonardo Eugênio	437da46c4e	greetd: fix gtkgreet slow startup	2025-09-03 00:35:21 -03:00
Leonardo Eugênio	1ca50f486f	sway: add scratchpad binds	2025-09-03 00:35:02 -03:00
Leonardo Eugênio	b8cd22e425	waybar: add mouse baterry indicator	2025-09-01 01:09:19 -03:00
Leonardo Eugênio	910670ba0b	flake: use intent-to-add	2025-09-01 01:08:38 -03:00
Leonardo Eugênio	2ddf5b9f0f	kakoune: use ripgrep as grep program	2025-09-01 01:08:16 -03:00
Leonardo Eugênio	4d144fa836	sway: fix lock keybind	2025-09-01 01:07:29 -03:00
Leonardo Eugênio	32e696428d	firefox: update youtube_no_translation	2025-08-28 19:00:53 -03:00
Leonardo Eugênio	1c28932e84	flake: fix warnings	2025-08-13 00:51:32 -03:00
Leonardo Eugênio	be8d98d6f4	amdgpu: refactor fan controller	2025-08-13 00:47:31 -03:00
Leonardo Eugênio	2057831d36	monolith: reduce parallel ci jobs	2025-08-12 09:51:56 -03:00
Leonardo Eugênio	53996693ad	wpass: correctly autofill when no username is present	2025-08-11 00:20:30 -03:00
Leonardo Eugênio	1eca28f39c	wpass: don't error out on entries without username	2025-08-11 00:19:25 -03:00
Leonardo Eugênio	6f074851e5	factorio: update	2025-08-09 12:45:03 -03:00
Leonardo Eugênio	4e8a3bd000	git: disable gpg signed commits	2025-08-07 20:33:40 -03:00
Leonardo Eugênio	0dcc8811bb	update, fmt	2025-08-06 12:57:58 -03:00
Leonardo Eugênio	cc6110dcac	sway: use caffeinated instead of disabling swayidle	2025-08-02 16:44:36 -03:00
Leonardo Eugênio	9f4328a73a	update lsfg-vk	2025-08-01 23:22:37 -03:00
Leonardo Eugênio	2d04cee148	update	2025-07-25 10:23:19 -03:00
Leonardo Eugênio	58085e592c	lsfg: remove default 2x multiplier	2025-07-25 10:22:39 -03:00
Leonardo Eugênio	b3e0af1da6	gitlab-runner: get nix ssh cache as pub key	2025-07-19 16:53:59 -03:00
Leonardo Eugênio	734a94fa8d	update nix ssh cache	2025-07-16 12:14:16 -03:00
Leonardo Eugênio	2b6edc0d73	monolith: enable nix cache over ssh	2025-07-16 12:08:47 -03:00
Leonardo Eugênio	3156f59c26	home: add lsfg-vk module	2025-07-14 19:38:20 -03:00
Leonardo Eugênio	ef01024a9f	firefox: add youtube_no_translation extension	2025-07-14 08:18:39 -03:00
Leonardo Eugênio	1ae76003c4	docker: add script to fix firewall settings periodically	2025-07-11 14:41:23 -03:00
Leonardo Eugênio	960d6a87a5	waybar: rollback version to fix network icon	2025-07-04 23:04:14 -03:00
Leonardo Eugênio	bf61296482	update	2025-07-04 22:37:06 -03:00
Leonardo Eugênio	9c7d41c8b1	mangohud: disable unused modules	2025-07-03 12:58:11 -03:00
Leonardo Eugênio	76a88ae74c	gitlab-runner: set dockerPullPolicy	2025-07-03 12:57:59 -03:00
Leonardo Eugênio	c997b03f4f	network: add fail2ban service	2025-07-02 22:58:24 -03:00
Leonardo Eugênio	412388a5a2	wpass: fix duplicate password fields being incorrectly filled	2025-06-25 13:07:14 -03:00
Leonardo Eugênio	211b5b41a9	monolith: remove bitbucket runners	2025-06-24 08:53:42 -03:00
Leonardo Eugênio	d531c24808	Revert "kak: work around for rust-analyzer currupting ~/.cargo" This reverts commit `ffe90ab90d`.	2025-06-23 11:21:48 -03:00
Leonardo Eugênio	dc89b61ff7	waybar: fix use of deprecated function substituteAll	2025-06-22 23:57:12 -03:00
Leonardo Eugênio	48ca243d3b	make: update to new settings format	2025-06-22 23:56:58 -03:00
Leonardo Eugênio	6ff8646af3	25.05: update renamed options	2025-06-22 23:56:31 -03:00
Leonardo Eugênio	0fa0d0b7a9	satty: add config	2025-06-22 23:56:09 -03:00
Leonardo Eugênio	f410503e66	phantom: add support for managing email filters (managesieve)	2025-06-22 21:55:46 -03:00
Leonardo Eugênio	ffe90ab90d	kak: work around for rust-analyzer currupting ~/.cargo	2025-06-16 13:03:20 -03:00
Leonardo Eugênio	96e9fd098f	monolith: remove docker-images gitlab runner	2025-06-16 10:05:57 -03:00
Leonardo Eugênio	6f4642531c	update	2025-06-16 10:02:46 -03:00
Leonardo Eugênio	61040aa0a7	firefox: update ublock	2025-06-16 09:56:43 -03:00
Leonardo Eugênio	51fd376c1b	kak: add formatter for tsx and jsx	2025-06-16 09:56:42 -03:00
Leonardo Eugênio	22dc422b63	gitlab-runner: fix broken cache config	2025-05-30 17:05:29 -03:00
Leonardo Eugênio	1d7c1bf0e9	monolith: switch to kyber io scheduler	2025-05-30 01:31:19 -03:00
Leonardo Eugênio	218d32153f	Revert "firefox: remove pinned extensions" This reverts commit `6102f2283a`.	2025-05-29 01:16:47 -03:00
Leonardo Eugênio	53a3cb0a0e	monolith: fix gitlab-runner config to not override PATH	2025-05-28 20:56:59 -03:00
Leonardo Eugênio	93c88db929	home: don't set CARGO_HOME and RUSTUP_HOME This was causing issues with using different rust versions in different projects	2025-05-28 11:45:38 -03:00
Leonardo Eugênio	72ddcec77e	monolith: add wopus gitlab runners	2025-05-28 00:07:44 -03:00
Leonardo Eugênio	a4b900582a	25.05: fix nextcloud dbtype	2025-05-24 19:12:22 -03:00
Leonardo Eugênio	451aeb6725	25.05: firefox-devedition fix executable and .desktop name	2025-05-24 19:12:22 -03:00
Leonardo Eugênio	fba64d3863	firefox: remove unused config	2025-05-24 19:12:22 -03:00
Leonardo Eugênio	2c70a0e7de	25.05: mako use settings instead of extraConfig	2025-05-24 19:12:22 -03:00
Leonardo Eugênio	dc734b6d62	25.05: fix firefox search engine names	2025-05-24 19:12:22 -03:00
Leonardo Eugênio	d353be3ce8	25.05: j4-dmenu-desktop use '--i3-ipc' flag	2025-05-24 19:12:22 -03:00
Leonardo Eugênio	707e8143a0	25.05: fix defaultLocale string	2025-05-24 19:12:22 -03:00
Leonardo Eugênio	ce66f177fb	25.05: split nerd fonts	2025-05-24 01:09:18 -03:00
Leonardo Eugênio	68568255cb	update: 24.11 -> 25.05	2025-05-24 01:08:45 -03:00
Leonardo Eugênio	8c5847ff33	update	2025-05-24 00:08:40 -03:00
Leonardo Eugênio	18ec0369d7	flake: mark flake.lock as binary to git, don't show diffs	2025-05-24 00:05:30 -03:00
Leonardo Eugênio	6102f2283a	firefox: remove pinned extensions	2025-05-24 00:03:16 -03:00
Leonardo Eugênio	e4b2f1cb14	tablet: force replacing OpenTabletDriver config	2025-05-24 00:02:46 -03:00
Leonardo Eugênio	bce7c36693	factorio: update server	2025-05-21 20:14:08 -03:00
Leonardo Eugênio	4c67c260a7	kakoune: fix prettier formatter config	2025-05-15 12:57:15 -03:00
Leonardo Eugênio	5dcf7259ed	update	2025-05-13 23:42:43 -03:00
lelgenio	fde4835a77	update	2025-05-13 23:42:43 -03:00
lelgenio	7eeb06fbb7	firefox: remove buggy config	2025-04-08 21:43:04 -03:00
Leonardo Eugênio	310f3b192c	qt: cleanup theme config	2025-04-08 21:42:08 -03:00
lelgenio	2d2c3d2007	kak: fix multiline-edit extension	2025-04-05 14:02:55 -03:00
Leonardo Eugênio	caffa85ba0	ranger: disable preview scripts and vcs support, making it very fast	2025-04-04 21:15:12 -03:00
Leonardo Eugênio	1054e831d8	update	2025-04-04 21:15:12 -03:00