Refactorings and cleanups

defaults/user-configuration/fhauser/applications/android-studio.nix

@@ -1,7 +1,4 @@
-{ pkgs, ... }:
+{ pkgs, ... }: {
-{
+  programs.adb.enable = true;
-  #home-manager.users.fhauser = {
+  users.users.fhauser.extraGroups = [ "adbusers" ];
-  #  home.packages = with pkgs; [ androidStudioPackages.beta ];
-  #  pam.sessionVariables.STUDIO_JDK = "${pkgs.jdk14}/lib/openjdk";
-  #}; # TODO: This was extracted into a shell.nix
 }

defaults/user-configuration/fhauser/applications/default.nix

@@ -19,8 +19,21 @@
     ./shell.nix
     ./swaylock.nix
     ./kanshi.nix
+    ./sway.nix
+    ./android-studio.nix
   ];
   home-manager.users.fhauser = { config, pkgs, ... }: {
+    services = {
+      network-manager-applet.enable = true;
+      nextcloud-client = {
+        enable = true;
+        startInBackground = true;
+      };
+      owncloud-client.enable = true;
+      pasystray.enable = true;
+      blueman-applet.enable = true;
+    };
+
     home = {
       packages = with pkgs;
         [ # Networking

defaults/user-configuration/fhauser/applications/sway.nix

@@ -135,19 +135,11 @@
       '';
     };
 
-    # TODO: Move these services elsewhere
-    services.network-manager-applet.enable = true;
-    services.nextcloud-client.enable = true;
-    services.owncloud-client.enable = true;
-    services.pasystray.enable = true;
-
     systemd.user.services.network-manager-applet = adhereTheSwayTarget;
     systemd.user.services.nextcloud-client = adhereTheSwayTarget // {
       # For trayicon to work:
       Unit.After = [ "waybar.service" ];
       Service = {
-        ExecStart =
-          lib.mkForce "${pkgs.nextcloud-client}/bin/nextcloud --background";
         ExecStartPre = "${pkgs.coreutils}/bin/sleep 3";
         Environment = lib.mkForce
           "PATH=${homeManagerConfig.home.profileDirectory}/bin XDG_CURRENT_DESKTOP=Unity";

defaults/user-configuration/fhauser/applications/waybar.nix

@@ -374,9 +374,13 @@
         }
       '';
     };
-    systemd.user.services.waybar.Unit = {
+    systemd.user.services.waybar = with lib; {
-      Requisite = lib.mkForce [ ];
+      #      Install.WantedBy = mkForce [ "sway-session.target" ]; # TODO: Set as systemd.target with 22.05
-      After = lib.mkForce [ ];
+      Unit = {
+        Requisite = mkForce [ ];
+        After = mkForce [ ];
+        PartOf = [ "tray.target" ];
+      };
     };
   };
 }

defaults/user-configuration/fhauser/default.nix

@@ -1,12 +1,5 @@
 { config, pkgs, lib, ... }: {
-  imports = [
+  imports =
-    ./sway.nix
+    [ ./multimedia.nix ./security.nix ./applications ./work ./mimetypes.nix ];
-    ./multimedia.nix
-    ./security.nix
-    ./applications
-    ./work
-    ./i3.nix
-    ./mimetypes.nix
-  ];
   home-manager.users.fhauser.home.stateVersion = config.system.stateVersion;
 }

defaults/user-configuration/fhauser/i3.nix

@@ -1,18 +0,0 @@
-{ pkgs, lib, config, ... }: {
-
-  home-manager.users.fhauser = let
-    adhereTheSwayTarget = {
-      Install.WantedBy = lib.mkForce [ "sway-session.target" ];
-      Unit.PartOf = lib.mkForce [ "sway-session.target" ];
-    };
-  in rec {
-    programs.i3status = {
-      enable = true;
-      enableDefault = true;
-    };
-    xsession.windowManager.i3 = {
-      enable = true;
-
-    };
-  };
-}

defaults/user-configuration/fhauser/work/.gitignore

@@ -0,0 +1 @@
+openvpn.nix

defaults/user-configuration/fhauser/work/android-studio.nix

@@ -1,4 +0,0 @@
-{ pkgs, ... }: {
-  programs.adb.enable = true;
-  users.users.fhauser.extraGroups = [ "adbusers" ];
-}

defaults/user-configuration/fhauser/work/default.nix

@@ -1,6 +1,6 @@
 { config, pkgs, lib, ... }:
 
 {
-
+  # Note: Some of these files might not be provided by this repository.
-  imports = [ ./android-studio.nix ./openvpn.nix ];
+  imports = [ ./openvpn.nix ];
 }

defaults/user-configuration/fhauser/work/openvpn.nix

@@ -1,91 +0,0 @@
-{ pkgs, lib, config, ... }: {
-  services.openvpn.servers.threema = let
-    cafile = pkgs.writeTextFile {
-      name = "threema-vpn-ca.crt";
-      text = ''
-        -----BEGIN CERTIFICATE-----
-        MIIDMjCCAhqgAwIBAgIJANmI9BYPseTxMA0GCSqGSIb3DQEBCwUAMBUxEzARBgNV
-        BAMMCk9wZW5WUE4gQ0EwHhcNMTkwNTE1MTQzOTM0WhcNMjkwNTEyMTQzOTM0WjAV
-        MRMwEQYDVQQDDApPcGVuVlBOIENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
-        CgKCAQEA7NaiObgz2L5wmGIgOWUe1n6Q1g6Y5CYsrMQI8yhIDqKSx0fTL9eT2hvn
-        zThnltxKJRVTn0qGPf/7QF6WzjIXfKSJH5Cb+OKgYmqfRI2TW+ncqyJCaa3Fl9lI
-        VgU4knro6Cp9dhNhrNmRoRFvZ/17noB4+WPds7EgRObDi2ERuwAbONgz56J2Rea6
-        RHVL6HMFY7v8Zp8B/MnzSba/OSJC7RXCuCs6qNOgJOoHnp5PnsB3V40mszy4h/0Q
-        jVbBdZ3K4rEjNiawhCOetXhgHSaVGH4MP5oWrAN4UiI+IIfz6Ywz5mc7F6yBZa/e
-        aCG+r2bMUIepVPE25AUfuZ6O8+0+iwIDAQABo4GEMIGBMB0GA1UdDgQWBBQDHenu
-        05GGgcztJ1FCUWQlbYxGLjBFBgNVHSMEPjA8gBQDHenu05GGgcztJ1FCUWQlbYxG
-        LqEZpBcwFTETMBEGA1UEAwwKT3BlblZQTiBDQYIJANmI9BYPseTxMAwGA1UdEwQF
-        MAMBAf8wCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEBCwUAA4IBAQDTQtMeER20/3r/
-        Zn+IRpIEJh/ITxEE6kKCKo59wwVEFA0Ba+7d+BslFTCPhADM2p0AzPt5OSEo0A2N
-        nWGL3hhBPcnrBTFUma58gGz++v5Oy8GpfaCoXjCqfANjAbApY0JCCSWb1BJWkhXt
-        vDMlVXv6UzfF4HCeEQCof4QcW8ca4csrOceW76S7Cc3Or4iyTXKQrZ5PKy081CfV
-        sTLgGMQX4kZT9MBg13wDj0WkdJaWxQ2C73/me/YypcctN7t1wy7pUx33rEE1xh/o
-        9fsKcFs0qqYKRUY8AnghhuimBrkHoqUcdrG/6WO7+hbipxIDStm4Qbnptde3fhJT
-        rGUhGexA
-        -----END CERTIFICATE-----
-      '';
-    };
-    dhcpIps = [ "185.88.236.100" "212.103.68.20" ];
-    dhcpOptions = with builtins;
-      concatStringsSep "\n" (map (ip: "dhcp-option DNS ${ip}") dhcpIps);
-  in {
-    autoStart = false;
-    config = ''
-      remote vpn.threema.ch 38417 tcp-client
-      remote 5.148.189.116 38417 tcp-client
-      remote 178.209.63.8 38417 tcp-client
-
-      nobind 
-      dev tun
-      persist-tun 
-      persist-key 
-      pull 
-      auth-user-pass 
-      tls-client
-      ca ${cafile}
-      remote-cert-tls server
-
-      route 10.83.0.0 255.255.0.0 default default
-      route 10.90.0.0 255.255.0.0 default default
-      route 192.168.11.0 255.255.255.0 default default
-      route 192.168.13.0 255.255.255.0 default default
-      route 136.243.104.147 255.255.255.255 default default
-      route 188.126.81.131 255.255.255.255 default default
-      route 95.211.228.137 255.255.255.255 default default
-      route 185.88.236.64 255.255.255.192 default default
-      route 212.103.68.0 255.255.255.192 default default
-      route 194.56.189.145 255.255.255.255 default default
-      route 54.38.37.213 255.255.255.255 default default
-      # VPN exclusions: Jitsi and TURN
-      route 185.88.236.76 255.255.255.255 net_gateway default
-      route 185.88.236.77 255.255.255.255 net_gateway default
-      route 185.88.236.98 255.255.255.255 net_gateway default
-      route 185.88.236.113 255.255.255.255 net_gateway default
-      route 185.88.236.114 255.255.255.255 net_gateway default
-      route 212.103.68.7 255.255.255.255 net_gateway default
-      route 212.103.68.8 255.255.255.255 net_gateway default
-      route 212.103.68.40 255.255.255.255 net_gateway default
-      route 212.103.68.41 255.255.255.255 net_gateway default
-
-      ${dhcpOptions}
-      #dhcp-option DOMAIN-ROUTE threema.ch
-
-      reneg-bytes 0
-      auth-nocache
-      tls-cipher DEFAULT
-      reneg-sec 0
-      cipher AES-128-CBC
-      data-ciphers AES-128-CBC
-      data-ciphers-fallback AES-128-CBC
-      remap-usr1 SIGTERM
-      #script-security 2
-      #up ${pkgs.update-systemd-resolved}/libexec/openvpn/update-systemd-resolved
-      #up-restart
-      #down ${pkgs.update-systemd-resolved}/libexec/openvpn/update-systemd-resolved
-      #down-pre
-    '';
-    updateResolvConf = true;
-  };
-
-  systemd.services.openvpn-threema.serviceConfig.Restart = lib.mkForce "no";
-}