Put always hibernate behind a flag

Hibernation is now a core option:
```
pub-solar.core.hibernation.enable = true;
```

And there's a paranoia mode, that keeps the disk encrypted as much as
possible by enabling hibernation and removing the options for sleep,
screen locking.

Idle locking now hibernates, and it does it on very short notice.

modules/core/boot.nix

@@ -16,6 +16,14 @@ in
     description = "Whether it should be assumed that there is a cryptroot device";
   };
 
+  options.pub-solar.core.hibernation = {
+    enable = mkOption {
+      type = types.bool;
+      default = false;
+      description = "Whether the device can hibernate. This creates a swapfile at /swapfile.";
+    };
+  };
+
   config = {
     boot = {
       # Enable plymouth for better experience of booting
@@ -30,7 +38,7 @@ in
         };
       };
 
-      resumeDevice = "/swapfile";
+      resumeDevice = mkIf cfg.core.hibernation.enable "/swapfile";
 
       loader.systemd-boot.enable = true;
 

modules/paranoia/default.nix

@@ -0,0 +1,24 @@
+{ config, lib, ... }:
+
+with lib;
+let
+  psCfg = config.pub-solar;
+  cfg = config.pub-solar.paranoia;
+in
+{
+  options.pub-solar.paranoia = {
+    enable = mkOption {
+      description = ''
+        Only offer hibernation instead of screen locking and sleeping. This only makes sense
+        if your hard drive is encrypted, and ensures that the contents of your drive are
+        encrypted if you are not actively using the device.
+      '';
+      default = false;
+      type = types.bool;
+    };
+  };
+
+  config = mkIf cfg.enable {
+    pub-solar.core.allow-hibernation = true;
+  };
+}

modules/sway/config/config.d/custom-keybindings.conf

@@ -31,22 +31,3 @@ bindsym $mod+Ctrl+f exec "( pkill flameshot || true && flameshot & ) && ( sleep
 # Launcher
 set $menu exec alacritty --class launcher -e env TERMINAL_COMMAND="alacritty -e" sway-launcher
 bindsym $mod+Space exec $menu
-
-# Set shut down, restart and locking features
-set $mode_system (e)xit, (h)ibernate, (r)eboot, (Shift+s)hutdown
-bindsym $mod+0 mode "$mode_system"
-mode "$mode_system" {
-    bindsym e exec swaymsg exit, mode "default"
-#=======
-    bindsym l exec swaylock-bg, mode "default"
-    bindsym e exec systemctl --user stop graphical-session.target, mode "default"
-    bindsym s exec systemctl suspend, mode "default"
-#>>>>>>> main
-    bindsym h exec systemctl hibernate, mode "default"
-    bindsym r exec systemctl reboot, mode "default"
-    bindsym Shift+s exec systemctl poweroff, mode "default"
-
-    # exit system mode: "Enter" or "Escape"
-    bindsym Return mode "default"
-    bindsym Escape mode "default"
-}

modules/sway/config/config.d/mode_system.conf.nix

@@ -0,0 +1,21 @@
+{ psCfg, ... }: ''
+# Set shut down, restart and locking features
+set $mode_system (e)xit, (h)ibernate, (r)eboot, (Shift+s)hutdown
+bindsym $mod+0 mode "$mode_system"
+mode "$mode_system" {
+    bindsym e exec swaymsg exit, mode "default"
+'' + (if !psCfg.core.allow-hibernation then ''
+    bindsym h exec systemctl hibernate, mode "default"
+'' else "")
+   + (if !psCfg.paranoia.enable then ''
+    bindsym l exec swaylock-bg, mode "default"
+    bindsym s exec systemctl suspend, mode "default"
+'' else "") + ''
+    bindsym r exec systemctl reboot, mode "default"
+    bindsym Shift+s exec systemctl poweroff, mode "default"
+
+    # exit system mode: "Enter" or "Escape"
+    bindsym Return mode "default"
+    bindsym Escape mode "default"
+}
+''

modules/sway/default.nix

@@ -2,25 +2,26 @@
 with lib;
 let
   psCfg = config.pub-solar;
-  cfg = config.pub-solar.sway;
 in
 {
   options.pub-solar.sway = {
     enable = mkEnableOption "Life in boxes";
-  };
+
-  options.pub-solar.sway.terminal = mkOption {
+    terminal = mkOption {
-    type = types.nullOr types.str;
+      type = types.nullOr types.str;
-    default = "alacritty";
+      default = "alacritty";
-    description = "Choose sway's default terminal";
+      description = "Choose sway's default terminal";
-  };
+    };
-  options.pub-solar.sway.v4l2loopback.enable = mkOption {
+
-    type = types.bool;
+    v4l2loopback.enable = mkOption {
-    default = true;
+      type = types.bool;
-    description = "WebCam streaming tool";
+      default = true;
+      description = "WebCam streaming tool";
+    };
   };
 
-  config = mkIf cfg.enable (mkMerge [
+  config = mkIf psCfg.sway.enable (mkMerge [
-    (mkIf (cfg.v4l2loopback.enable) {
+    (mkIf (psCfg.sway.v4l2loopback.enable) {
       boot.extraModulePackages = with config.boot.kernelPackages; [ v4l2loopback ];
       boot.kernelModules = [ "v4l2loopback" ];
       boot.extraModprobeConfig = ''
@@ -84,18 +85,19 @@ in
         programs.waybar.enable = true;
         #programs.waybar.systemd.enable = true;
 
-        systemd.user.services.mako = import ./mako.service.nix pkgs;
+        systemd.user.services.mako = import ./mako.service.nix { inherit pkgs psCfg; };
-        systemd.user.services.sway = import ./sway.service.nix pkgs;
+        systemd.user.services.sway = import ./sway.service.nix { inherit pkgs psCfg; };
-        systemd.user.services.swayidle = import ./swayidle.service.nix pkgs;
+        systemd.user.services.swayidle = import ./swayidle.service.nix { inherit pkgs psCfg; };
-        systemd.user.services.xsettingsd = import ./xsettingsd.service.nix pkgs;
+        systemd.user.services.xsettingsd = import ./xsettingsd.service.nix { inherit pkgs psCfg; };
-        systemd.user.services.waybar = import ./waybar.service.nix pkgs;
+        systemd.user.services.waybar = import ./waybar.service.nix { inherit pkgs psCfg; };
-        systemd.user.targets.sway-session = import ./sway-session.target.nix pkgs;
+        systemd.user.targets.sway-session = import ./sway-session.target.nix { inherit pkgs psCfg; };
 
         xdg.configFile."sway/config".text = import ./config/config.nix { inherit config pkgs; };
         xdg.configFile."sway/config.d/colorscheme.conf".source = ./config/config.d/colorscheme.conf;
         xdg.configFile."sway/config.d/theme.conf".source = ./config/config.d/theme.conf;
         xdg.configFile."sway/config.d/gaps.conf".source = ./config/config.d/gaps.conf;
         xdg.configFile."sway/config.d/custom-keybindings.conf".source = ./config/config.d/custom-keybindings.conf;
+        xdg.configFile."sway/config.d/mode_system.conf".text = import ./config/config.d/mode_system.config.nix { inherit psCfg; };
         xdg.configFile."sway/config.d/applications.conf".source = ./config/config.d/applications.conf;
         xdg.configFile."sway/config.d/systemd.conf".source = ./config/config.d/systemd.conf;
       };

modules/sway/gammastep.service.nix

@@ -1,4 +1,4 @@
-pkgs:
+{ pkgs, ... }:
 {
   Unit = {
     Description = "set color temperature of display according to time of day";

modules/sway/libinput-gestures.service.nix

@@ -1,4 +1,4 @@
-pkgs:
+{ pkgs, ... }:
 {
   Unit = {
     Description = "Actions gestures on your touchpad using libinput";

modules/sway/mako.service.nix

@@ -1,4 +1,4 @@
-pkgs:
+{ pkgs, ... }:
 {
   Unit = {
     Description = "Lightweight Wayland notification daemon";

modules/sway/sway-session.target.nix

@@ -1,4 +1,4 @@
-pkgs:
+{ pkgs, ... }:
 {
   Unit = {
     Description = "sway compositor session";

modules/sway/sway.service.nix

@@ -1,4 +1,4 @@
-pkgs:
+{ pkgs, ... }:
 {
   Unit = {
     Description = "sway - SirCmpwn's Wayland window manager";

modules/sway/swayidle.service.nix

@@ -1,4 +1,4 @@
-pkgs:
+{ pkgs, psCfg, ... }:
 {
   Unit = {
     Description = "Idle manager for Wayland";
@@ -10,9 +10,16 @@ pkgs:
   Service = {
     Type = "simple";
     Environment = "PATH=/run/current-system/sw/bin:${pkgs.sway}/bin";
-    ExecStart = ''${pkgs.swayidle}/bin/swayidle -w \
+    ExecStart = if psCfg.paranoia.enable then ''
-      timeout 150 'swaymsg "output * dpms off"' \
+      ${pkgs.swayidle}/bin/swayidle -w \
-      timeout 300 'systemctl hibernate' \
+      timeout 120 'swaymsg "output * dpms off"' \
+      timeout 150 'systemctl hibernate' \
+    '' else ''
+      ${pkgs.swayidle}/bin/swayidle -w \
+      timeout 600 'swaylock-bg' \
+      timeout 900 'swaymsg "output * dpms off"' \
+      resume 'swaymsg "output * dpms on"' \
+      before-sleep 'swaylock-bg'
     '';
   };
   Install = {

modules/sway/waybar.service.nix

@@ -1,4 +1,4 @@
-pkgs:
+{ pkgs, ... }:
 {
   Unit = {
     Description = "Highly customizable Wayland bar for Sway and Wlroots based compositors.";

modules/sway/xsettingsd.service.nix

@@ -1,4 +1,4 @@
-pkgs:
+{ pkgs, ... }:
 {
   Unit = {
     Description = "X Settings Daemon";

modules/sway/ydotool.service.nix

@@ -1,4 +1,4 @@
-pkgs:
+{ pkgs, ... }:
 {
   Unit = {
     Description = "ydotool - Generic command-line automation tool (no X!)";

pkgs/default.nix

@@ -12,6 +12,7 @@ with final; {
   s = writeShellScriptBin "s" (import ./s.nix final);
   sway-launcher = writeScriptBin "sway-launcher" (import ./sway-launcher.nix final);
   sway-service = writeShellScriptBin "sway-service" (import ./sway-service.nix final);
+  swaylock-bg = writeShellScriptBin "swaylock-bg" (import ./swaylock-bg.nix final);
   toggle-kbd-layout = writeShellScriptBin "toggle-kbd-layout" (import ./toggle-kbd-layout.nix final);
   uhk-agent = import ./uhk-agent.nix final;
   wcwd = writeShellScriptBin "wcwd" (import ./wcwd.nix final);

pkgs/swaylock-bg.nix

@@ -0,0 +1,20 @@
+self: with self; ''
+  # Dependencies:
+  # swaylock
+
+  # Make sure we aren't running twice
+  RUNNING=$(ps -A | grep swaylock | wc -l)
+  if [ $RUNNING -ne 0 ]; then
+    exit 0
+  fi
+
+  IMAGE=$XDG_CONFIG_HOME/wallpaper.jpg
+  LOCKARGS=""
+
+  for OUTPUT in `${sway}/bin/swaymsg -t get_outputs | jq -r '.[].name'`
+  do
+      LOCKARGS="''${LOCKARGS} --image ''${OUTPUT}:''${IMAGE}"
+      IMAGES="''${IMAGES} ''${IMAGE}"
+  done
+  exec ${swaylock}/bin/swaylock $LOCKARGS
+''