13 changed files with 80 additions and 69 deletions
--- a/flake.lock
+++ b/flake.lock
@ -7,16 +7,16 @@
        ]
      },
      "locked": {
-        "lastModified": 1700814205,
-        "narHash": "sha256-lWqDPKHRbQfi+zNIivf031BUeyciVOtwCwTjyrhDB5g=",
+        "lastModified": 1700392168,
+        "narHash": "sha256-v5LprEFx3u4+1vmds9K0/i7sHjT0IYGs7u9v54iz/OA=",
        "owner": "nix-community",
        "repo": "home-manager",
-        "rev": "aeb2232d7a32530d3448318790534d196bf9427a",
+        "rev": "28535c3a34d79071f2ccb68671971ce0c0984d7e",
        "type": "github"
      },
      "original": {
        "owner": "nix-community",
-        "ref": "release-23.11",
+        "ref": "release-23.05",
        "repo": "home-manager",
        "type": "github"
      }
@ -28,11 +28,11 @@
        ]
      },
      "locked": {
-        "lastModified": 1701433070,
-        "narHash": "sha256-Gf9JStfENaUQ7YWFz3V7x/srIwr4nlnVteqaAxtwpgM=",
+        "lastModified": 1701071203,
+        "narHash": "sha256-lQywA7QU/vzTdZ1apI0PfgCWNyQobXUYghVrR5zuIeM=",
        "owner": "nix-community",
        "repo": "home-manager",
-        "rev": "4a8545f5e737a6338814a4676dc8e18c7f43fc57",
+        "rev": "db1878f013b52ba5e4034db7c1b63e8d04173a86",
        "type": "github"
      },
      "original": {
@ -79,11 +79,11 @@
    },
    "nixos-hardware": {
      "locked": {
-        "lastModified": 1701250978,
-        "narHash": "sha256-ohu3cz4edjpGxs2qUTgbs0WrnewOX4crnUJNEB6Jox4=",
+        "lastModified": 1701020860,
+        "narHash": "sha256-NwnRn04C8s+hH+KdVtGmVB1FFNIG7DtPJmQSCBDaET4=",
        "owner": "NixOS",
        "repo": "nixos-hardware",
-        "rev": "8772491ed75f150f02552c60694e1beff9f46013",
+        "rev": "b006ec52fce23b1d57f6ab4a42d7400732e9a0a2",
        "type": "github"
      },
      "original": {
@ -95,27 +95,27 @@
    },
    "nixpkgs": {
      "locked": {
-        "lastModified": 1701263465,
-        "narHash": "sha256-lNXUIlkfyDyp9Ox21hr+wsEf/IBklLvb6bYcyeXbdRc=",
+        "lastModified": 1701053011,
+        "narHash": "sha256-8QQ7rFbKFqgKgLoaXVJRh7Ik5LtI3pyBBCfOnNOGkF0=",
        "owner": "NixOS",
        "repo": "nixpkgs",
-        "rev": "50aa30a13c4ab5e7ba282da460a3e3d44e9d0eb3",
+        "rev": "5b528f99f73c4fad127118a8c1126b5e003b01a9",
        "type": "github"
      },
      "original": {
        "owner": "NixOS",
-        "ref": "nixos-23.11",
+        "ref": "nixos-23.05",
        "repo": "nixpkgs",
        "type": "github"
      }
    },
    "nixpkgs-unstable": {
      "locked": {
-        "lastModified": 1701253981,
-        "narHash": "sha256-ztaDIyZ7HrTAfEEUt9AtTDNoCYxUdSd6NrRHaYOIxtk=",
+        "lastModified": 1700794826,
+        "narHash": "sha256-RyJTnTNKhO0yqRpDISk03I/4A67/dp96YRxc86YOPgU=",
        "owner": "NixOS",
        "repo": "nixpkgs",
-        "rev": "e92039b55bcd58469325ded85d4f58dd5a4eaf58",
+        "rev": "5a09cb4b393d58f9ed0d9ca1555016a8543c2ac8",
        "type": "github"
      },
      "original": {
--- a/flake.nix
+++ b/flake.nix
@ -3,7 +3,7 @@

  inputs = {
    nixpkgs = {
-      url = "github:NixOS/nixpkgs/nixos-23.11";
+      url = "github:NixOS/nixpkgs/nixos-23.05";
    };
    nixpkgs-unstable = {
      url = "github:NixOS/nixpkgs/nixos-unstable";
@ -23,7 +23,7 @@
      inputs.nixpkgs.follows = "nixpkgs"; # use the same nixpkgs as the system
    };
    home-manager = {
-      url = "github:nix-community/home-manager/release-23.11";
+      url = "github:nix-community/home-manager/release-23.05";
      inputs.nixpkgs.follows = "nixpkgs"; # use the same nixpkgs as the system
    };
    home-manager-unstable = {
--- a/hosts/mu/default.nix
+++ b/hosts/mu/default.nix
@ -28,7 +28,7 @@
  # this value at the release version of the first install of this system.
  # Before changing this value read the documentation for this option
  # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
-  system.stateVersion = "23.11"; # Did you read the comment?
+  system.stateVersion = "23.05"; # Did you read the comment?

  # This value determines the Home Manager release that your
  # configuration is compatible with. This helps avoid breakage
@ -37,5 +37,5 @@
  # You can update Home Manager without changing this value. See
  # the Home Manager release notes for a list of state version
  # changes in each release.
-  home-manager.users.caspervk.home.stateVersion = "23.11"; # Did you read the comment?
+  home-manager.users.caspervk.home.stateVersion = "23.05"; # Did you read the comment?
 }
--- a/hosts/omega/default.nix
+++ b/hosts/omega/default.nix
@ -24,7 +24,7 @@
  # this value at the release version of the first install of this system.
  # Before changing this value read the documentation for this option
  # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
-  system.stateVersion = "23.11"; # Did you read the comment?
+  system.stateVersion = "23.05"; # Did you read the comment?

  # This value determines the Home Manager release that your
  # configuration is compatible with. This helps avoid breakage
@ -33,5 +33,5 @@
  # You can update Home Manager without changing this value. See
  # the Home Manager release notes for a list of state version
  # changes in each release.
-  home-manager.users.caspervk.home.stateVersion = "23.11"; # Did you read the comment?
+  home-manager.users.caspervk.home.stateVersion = "23.05"; # Did you read the comment?
 }
--- a/hosts/tor/default.nix
+++ b/hosts/tor/default.nix
@ -41,7 +41,7 @@
  # this value at the release version of the first install of this system.
  # Before changing this value read the documentation for this option
  # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
-  system.stateVersion = "23.11"; # Did you read the comment?
+  system.stateVersion = "23.05"; # Did you read the comment?

  # This value determines the Home Manager release that your
  # configuration is compatible with. This helps avoid breakage
@ -50,5 +50,5 @@
  # You can update Home Manager without changing this value. See
  # the Home Manager release notes for a list of state version
  # changes in each release.
-  home-manager.users.caspervk.home.stateVersion = "23.11"; # Did you read the comment?
+  home-manager.users.caspervk.home.stateVersion = "23.05"; # Did you read the comment?
 }
--- a/hosts/zeta/default.nix
+++ b/hosts/zeta/default.nix
@ -24,7 +24,7 @@
  # this value at the release version of the first install of this system.
  # Before changing this value read the documentation for this option
  # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
-  system.stateVersion = "23.11"; # Did you read the comment?
+  system.stateVersion = "23.05"; # Did you read the comment?

  # This value determines the Home Manager release that your
  # configuration is compatible with. This helps avoid breakage
@ -33,5 +33,5 @@
  # You can update Home Manager without changing this value. See
  # the Home Manager release notes for a list of state version
  # changes in each release.
-  home-manager.users.caspervk.home.stateVersion = "23.11"; # Did you read the comment?
+  home-manager.users.caspervk.home.stateVersion = "23.05"; # Did you read the comment?
 }
--- a/modules/base/users.nix
+++ b/modules/base/users.nix
@ -8,15 +8,15 @@
        # TODO: The passwordfile is manually generated during the initial setup
        # to avoid (hashed) secrets in the public git repo. It should replaced
        # with a proper secret management scheme, such as agenix.
-        hashedPasswordFile = "/nix/persist/passwordfile";
+        passwordFile = "/nix/persist/passwordfile";
      };
      caspervk = {
        isNormalUser = true;
        description = "Casper V. Kristensen";
-        # TODO: The hashedPasswordFile is manually generated during the initial
-        # setup to avoid (hashed) secrets in the public git repo. It should
-        # replaced with a proper secret management scheme, such as agenix.
-        hashedPasswordFile = "/nix/persist/passwordfile";
+        # TODO: The passwordfile is manually generated during the initial setup
+        # to avoid (hashed) secrets in the public git repo. It should replaced
+        # with a proper secret management scheme, such as agenix.
+        passwordFile = "/nix/persist/passwordfile";
        extraGroups = [
          "wheel" # allows sudo
          "video" # allows controlling brightness
--- a/modules/desktop/network.nix
+++ b/modules/desktop/network.nix
@ -17,4 +17,12 @@
      { directory = "/etc/NetworkManager/system-connections"; user = "root"; group = "root"; mode = "0700"; }
    ];
  };
+
+  # systemd-networkd-wait-online can timeout and fail if there are no network
+  # interfaces available for it to manage. When systemd-networkd is enabled but
+  # a different service is responsible for managing the system's internet
+  # connection (for example, NetworkManager), this service is unnecessary and
+  # can be disabled.
+  # https://search.nixos.org/options?channel=23.05&show=systemd.network.wait-online.enable
+  systemd.network.wait-online.enable = false;
 }
--- a/modules/desktop/sway.nix
+++ b/modules/desktop/sway.nix
@ -1,11 +1,6 @@
 { home-manager, lib, pkgs, ... }: {
  # https://nixos.wiki/wiki/Sway

-  programs.sway = {
-    enable = true;
-    wrapperFeatures.gtk = true;
-  };
-
  # Polkit is required to configure sway with home-manager
  security.polkit.enable = true;

@ -247,13 +242,13 @@

  # https://nixos.wiki/wiki/Fonts
  fonts = {
-    enableDefaultPackages = true;
-    packages = with pkgs; [
+    fonts = with pkgs; [
      # Nerd Fonts patches glyph icons, such as from Font Awesome, into existing fonts
      (nerdfonts.override { fonts = [ "JetBrainsMono" ]; })
      font-awesome # waybar uses Font Awesome icons directly
    ];
    fontDir.enable = true; # TODO?
+    enableDefaultFonts = true;
    fontconfig.defaultFonts = {
      monospace = [ "JetBrainsMonoNL Nerd Font" ]; # NL = NoLigatures
    };
@ -273,16 +268,14 @@
  ];

  # xdg portal allows applications secure access to resources outside their
-  # sandbox through a D-Bus interface. In particular, this allows screen
-  # sharing on Wayland via PipeWire and file open/save dialogues in Firefox.
+  # sandbox. In particular, this allows screen sharing on Wayland via PipeWire
+  # and file open/save dialogues in Firefox.
  # https://wiki.archlinux.org/title/XDG_Desktop_Portal
  # https://mozilla.github.io/webrtc-landing/gum_test.html
-  services.dbus.enable = true;
  xdg.portal = {
    enable = true;
    wlr.enable = true;
    extraPortals = with pkgs; [
-      xdg-desktop-portal-wlr
      xdg-desktop-portal-gtk
    ];
  };
--- a/modules/desktop/virtd.nix
+++ b/modules/desktop/virtd.nix
@ -1,8 +1,11 @@
-{ home-manager, ... }: {
+{ home-manager, pkgs, ... }: {
  # https://nixos.wiki/wiki/Virt-manager

  virtualisation.libvirtd.enable = true;
-  programs.virt-manager.enable = true;
+  environment.systemPackages = with pkgs; [ virt-manager ];
+
+  # Virt-manager requires dconf to remember settings
+  programs.dconf.enable = true;

  # Make virt-manager use QEMU/KVM by default
  home-manager.users.caspervk = {
--- a/modules/syncthing.nix
+++ b/modules/syncthing.nix
@ -10,30 +10,28 @@
    group = "users";
    # The directory where synchronised directories will exist
    dataDir = "/home/caspervk";
-    settings = {
-      # Devices ignore their own IDs, allowing for a single configuration.
-      # TODO: Syncthing generates a private key and ID the first time it is
-      # started. On first install, add the devices' ID here and apply to the
-      # other ones. When we get a proper secret management scheme, such as
-      # agenix, the private keys should be managed declaratively as well.
-      devices = {
-        "lambda" = {
-          id = "WES3JH4-S34HTC5-42YZHUJ-MX3Z6PA-PFO72KA-YIJMDOB-GQWZXZ3-I7BBTAS";
-          addresses = [ "tcp://lambda.caspervk.net" ];
-        };
-        "omega" = { id = "EZIQ7SI-Y6BBLUY-QI4EEYU-UNIXPSG-R6X5E77-AA2UC7S-VRV2LKQ-RNBOGQT"; };
-        "S10e" = { id = "DWC6YHB-FRYKFHD-FPOUITV-7GL2WZH-RSFOJXR-PHYXDO7-74NLBUZ-TZENVAC"; };
-        "zeta" = { id = "GQRNHAQ-MMRQYMD-P4RCA6I-5DJ3HXO-J2N2GVP-UGI55YR-HD3EYSO-ERU5QQV"; };
+    # Devices ignore their own IDs, allowing for a single configuration.
+    # TODO: Syncthing generates a private key and ID the first time it is
+    # started. On first install, add the devices' ID here and apply to the
+    # other ones. When we get a proper secret management scheme, such as
+    # agenix, the private keys should be managed declaratively as well.
+    devices = {
+      "lambda" = {
+        id = "WES3JH4-S34HTC5-42YZHUJ-MX3Z6PA-PFO72KA-YIJMDOB-GQWZXZ3-I7BBTAS";
+        addresses = [ "tcp://lambda.caspervk.net" ];
      };
-      folders = {
-        "keepass" = {
-          path = "~/keepass";
-          devices = [ "lambda" "omega" "S10e" "zeta" ];
-        };
-        "sync" = {
-          path = "~/sync";
-          devices = [ "lambda" "omega" "zeta" ];
-        };
+      "omega" = { id = "EZIQ7SI-Y6BBLUY-QI4EEYU-UNIXPSG-R6X5E77-AA2UC7S-VRV2LKQ-RNBOGQT"; };
+      "S10e" = { id = "DWC6YHB-FRYKFHD-FPOUITV-7GL2WZH-RSFOJXR-PHYXDO7-74NLBUZ-TZENVAC"; };
+      "zeta" = { id = "GQRNHAQ-MMRQYMD-P4RCA6I-5DJ3HXO-J2N2GVP-UGI55YR-HD3EYSO-ERU5QQV"; };
+    };
+    folders = {
+      "keepass" = {
+        path = "~/keepass";
+        devices = [ "lambda" "omega" "S10e" "zeta" ];
+      };
+      "sync" = {
+        path = "~/sync";
+        devices = [ "lambda" "omega" "zeta" ];
      };
    };
  };
--- a/overlays/default.nix
+++ b/overlays/default.nix
@ -1,3 +1,5 @@
 { ... }: {
-  imports = [ ];
+  imports = [
+    ./ripgrep.nix
+  ];
 }
--- a/overlays/ripgrep.nix
+++ b/overlays/ripgrep.nix
@ -0,0 +1,7 @@
+{ home-manager, home-manager-unstable, ... }: {
+  # ripgrep isn't in Home Manager v23.05
+
+  home-manager.users.caspervk = {
+    imports = [ "${home-manager-unstable}/modules/programs/ripgrep.nix" ];
+  };
+}