Some lsp refactor. Made webdav finally work with some internet search

.sops.yaml

@@ -1,2 +1,19 @@
+# Documentation https://github.com/Mic92/sops-nix
+# For example see here https://github.com/Mic92/dotfiles/blob/d6114726d859df36ccaa32891c4963ae5717ef7f/nixos/.sops.yaml
+
+# Get the public host key with
+# nix-shell -p ssh-to-age --run 'cat /etc/ssh/ssh_host_ed25519_key.pub | ssh-to-age'
+
+# The user key should be in ~/.config/sops/age/keys.txt
+
 keys:
-  - &primary age1a2kpues0gayampkn9pn2czhk24r0yl4jnw84qg4gh5l72dflx95qkmyqzv
+  - &jonas age1a2kpues0gayampkn9pn2czhk24r0yl4jnw84qg4gh5l72dflx95qkmyqzv
+  - &minoxy age1qddfn6apphafe4muvvv3vguxewa03ay2jlgqkng3uwwzfjw204dsfpt0uu
+
+creation_rules:
+  - path_regex: secrets.yaml
+    key_groups:
+      - age:
+        - *jonas
+        - *minoxy
+

flake.nix

@@ -1,52 +1,55 @@
 {
-	description = "Main nixos system configuration management by Jonas Hahn";
+  description = "Main nixos system configuration management by Jonas Hahn";
 
-	inputs = {
-		nixpkgs.url = "nixpkgs/nixos-25.05";
-		nixpkgs-unstable.url = "nixpkgs/nixos-unstable";
-		sops-nix = {
-			url = "github:Mic92/sops-nix";
-			inputs.nixpkgs.follows = "nixpkgs";
-		};
-		home-manager = {
-			url = "github:nix-community/home-manager/release-25.05";
-			inputs.nixpkgs.follows = "nixpkgs";
-		};
-		xremap-flake.url = "github:xremap/nix-flake?rev=8001f37b1ffe86e76b62f36afadee2f4acf90e70"; # One commit behind head
-	};
+  inputs = {
+    nixpkgs.url = "nixpkgs/nixos-25.05";
+    nixpkgs-unstable.url = "nixpkgs/nixos-unstable";
 
-	outputs = { self, nixpkgs, nixpkgs-unstable, sops-nix, home-manager, ... }@inputs:
-		let
-			system = "x86_64-linux";
+    sops-nix = {
+      url = "github:Mic92/sops-nix";
+      inputs.nixpkgs.follows = "nixpkgs";
+    };
 
-			overlay-unstable = final: prev: {
-				unstable = nixpkgs-unstable.legacyPackages.${prev.system};
-			};
+    home-manager = {
+      url = "github:nix-community/home-manager/release-25.05";
+      inputs.nixpkgs.follows = "nixpkgs";
+    };
 
-			helperModules = [
-				({ config, pkgs, ... }: {
-					nixpkgs.overlays = [ overlay-unstable ];
-				})
-				home-manager.nixosModules.home-manager
-				{
-					home-manager.useGlobalPkgs = true;
-					home-manager.useUserPackages = true;
-					home-manager.extraSpecialArgs = { inherit inputs; };
-					home-manager.users.jonas = import ./user/home.nix;
-				}
-			];
+    xremap-flake.url =
+      "github:xremap/nix-flake?rev=8001f37b1ffe86e76b62f36afadee2f4acf90e70"; # One commit behind head
+  };
 
-			mkHost = name: path:
-				nixpkgs.lib.nixosSystem {
-					inherit system;
-					specialArgs = { inherit inputs; };
-					modules = [ path ] ++ helperModules;
-				};
-		in {
-			nixosConfigurations = {
-				thinix = mkHost "thinix" ./hosts/thinix-thinkpad/configuration.nix;
-				nixyos = mkHost "nixyos" ./hosts/nixyos-asus/configuration.nix;
-				minoxy = mkHost "minoxy" ./hosts/minoxy-workstation/configuration.nix;
-			};
-		};
+  outputs =
+    { self, nixpkgs, nixpkgs-unstable, sops-nix, home-manager, ... }@inputs:
+    let
+      system = "x86_64-linux";
+
+      overlay-unstable = final: prev: {
+        unstable = nixpkgs-unstable.legacyPackages.${prev.system};
+      };
+
+      helperModules = [
+        ({ config, pkgs, ... }: { nixpkgs.overlays = [ overlay-unstable ]; })
+        home-manager.nixosModules.home-manager
+        {
+          home-manager.useGlobalPkgs = true;
+          home-manager.useUserPackages = true;
+          home-manager.extraSpecialArgs = { inherit inputs; };
+          home-manager.users.jonas = import ./user/home.nix;
+        }
+      ];
+
+      mkHost = name: path:
+        nixpkgs.lib.nixosSystem {
+          inherit system;
+          specialArgs = { inherit inputs; };
+          modules = [ path sops-nix.nixosModules.sops ] ++ helperModules;
+        };
+    in {
+      nixosConfigurations = {
+        thinix = mkHost "thinix" ./hosts/thinix-thinkpad/configuration.nix;
+        nixyos = mkHost "nixyos" ./hosts/nixyos-asus/configuration.nix;
+        minoxy = mkHost "minoxy" ./hosts/minoxy-workstation/configuration.nix;
+      };
+    };
 }

hosts/minoxy-workstation/configuration.nix

@@ -6,7 +6,8 @@
 
 		./../../user/users.nix
 
-		./../../modules/common.nix
+		./../../modules/essential.nix
+		./../../modules/common/sops.nix
 
 		./../../modules/services/webdav.nix
 

hosts/nixyos-asus/configuration.nix

@@ -6,7 +6,8 @@
 
 		./../../user/users.nix
 
-		./../../modules/common.nix
+		./../../modules/essential.nix
+		./../../modules/common/sops.nix
 
 		./../../modules/hardware/xremap.nix
 		./../../modules/hardware/boot.nix

hosts/thinix-thinkpad/configuration.nix

@@ -6,7 +6,8 @@
 
 		./../../user/users.nix
 
-		./../../modules/common.nix
+		./../../modules/essential.nix
+		./../../modules/common/sops.nix
 
 		./../../modules/hardware/xremap.nix
 		./../../modules/hardware/boot.nix

modules/common/sops.nix

@@ -0,0 +1,8 @@
+{ ... }:
+
+{
+  sops.defaultSopsFile = ./../../secrets.yaml;
+  sops.age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ];
+  sops.age.keyFile = "/var/lib/sops-nix/key.txt";
+  sops.age.generateKey = true;
+}

modules/essential.nix

@@ -3,6 +3,7 @@
 {
 	# Basic services
 	services.locate.enable  = true;
+	services.openssh.enable  = true;
 
 	# Nix fun
 	nixpkgs.config.allowUnfree = true;

modules/hardware/nvidia.nix

@@ -1,26 +1,26 @@
 { config, ... }:
 
 {
-	hardware.graphics = {
-		enable = true;
-	};
-	services.xserver.videoDrivers = ["nvidia"];
-	hardware.nvidia = {
-		modesetting.enable = true;
-		powerManagement.enable = false;
-		open = false;
-		nvidiaSettings = true;
-		package = config.boot.kernelPackages.nvidiaPackages.stable;
-	};
+  hardware.graphics = { enable = true; };
+
+  services.xserver.videoDrivers = [ "nvidia" ];
+
+  hardware.nvidia = {
+    modesetting.enable = true;
+    powerManagement.enable = false;
+    open = false;
+    nvidiaSettings = true;
+    package = config.boot.kernelPackages.nvidiaPackages.stable;
+  };
 
   # Cuda for blender long build times
-	#environment.systemPackages = with pkgs; [
-	#	(blender.override {
-	#		cudaSupport = true;
-	#	})
-	#];
+  #environment.systemPackages = with pkgs; [
+  #	(blender.override {
+  #		cudaSupport = true;
+  #	})
+  #];
 
-	# This causes very long build times
-	#nixpkgs.config.cudaSupport = true;
-	#hardware.enableAllFirmware = true;
+  # This causes very long build times
+  #nixpkgs.config.cudaSupport = true;
+  #hardware.enableAllFirmware = true;
 }

modules/hardware/xremap.nix

@@ -1,39 +1,37 @@
 { inputs, ... }:
 
 {
-	imports = [
-		inputs.xremap-flake.nixosModules.default
-	];
+  imports = [ inputs.xremap-flake.nixosModules.default ];
 
-	services.xremap = {
-		withHypr = true;
-		userName = "jonas";
-		config = {
-			modmap = [
-				{
-					name = "Capslock to esc and ctrl";
-					remap = {
-						"CAPSLOCK" = {
-							"alone" = "ESC";
-							"held" = "CTRL_L";
-						};
-						"ESC" = "CAPSLOCK";
-					};
-				}
-				{
-					name = "Switch super and alt";
-					remap = {
-						"SUPER_L" = {
-							"alone" = "ALT_L";
-							"held" = "ALT_L";
-						};
-						"ALT_L" = {
-							"alone" = "SUPER_L";
-							"held" = "SUPER_L";
-						};
-					};
-				}
-			];
-		};
-	};
+  services.xremap = {
+    withHypr = true;
+    userName = "jonas";
+    config = {
+      modmap = [
+        {
+          name = "Capslock to esc and ctrl";
+          remap = {
+            "CAPSLOCK" = {
+              "alone" = "ESC";
+              "held" = "CTRL_L";
+            };
+            "ESC" = "CAPSLOCK";
+          };
+        }
+        {
+          name = "Switch super and alt";
+          remap = {
+            "SUPER_L" = {
+              "alone" = "ALT_L";
+              "held" = "ALT_L";
+            };
+            "ALT_L" = {
+              "alone" = "SUPER_L";
+              "held" = "SUPER_L";
+            };
+          };
+        }
+      ];
+    };
+  };
 }

modules/laptop/battery.nix

@@ -1,67 +1,65 @@
 { config, lib, ... }:
 
-let
-	inherit (lib) mkOption types;
-in
-	{
+let inherit (lib) mkOption types;
+in {
 
-	options.batMode = mkOption {
-		type = types.enum [ "single" "double" ];
-		default = "single";
-	};
+  options.batMode = mkOption {
+    type = types.enum [ "single" "double" ];
+    default = "single";
+  };
 
-	config = {
-		powerManagement.powertop.enable = true;
-		services.upower = {
-			enable = true;
+  config = {
+    powerManagement.powertop.enable = true;
+    services.upower = {
+      enable = true;
 
-			# In accordance with the waybar battery colors
-			percentageLow = 30;
-			percentageCritical = 20;
-			percentageAction = 10;
+      # In accordance with the waybar battery colors
+      percentageLow = 30;
+      percentageCritical = 20;
+      percentageAction = 10;
 
-			criticalPowerAction = "PowerOff"; # This can destroy work
-			usePercentageForPolicy = true;
-		};
+      criticalPowerAction = "PowerOff"; # This can destroy work
+      usePercentageForPolicy = true;
+    };
 
-		services.tlp = if config.batMode == "single" then {
-			enable = true;
-			settings = {
-				START_CHARGE_THRESH_BAT0 = 65;
-				STOP_CHARGE_THRESH_BAT0 = 85;
+    services.tlp = if config.batMode == "single" then {
+      enable = true;
+      settings = {
+        START_CHARGE_THRESH_BAT0 = 65;
+        STOP_CHARGE_THRESH_BAT0 = 85;
 
-				CPU_SCALING_GOVERNOR_ON_AC = "performance";
-				CPU_ENERGY_PERF_POLICY_ON_AC = "performance";
+        CPU_SCALING_GOVERNOR_ON_AC = "performance";
+        CPU_ENERGY_PERF_POLICY_ON_AC = "performance";
 
-				CPU_MIN_PERF_ON_AC = 0;
-				CPU_MAX_PERF_ON_AC = 100;
-				CPU_MIN_PERF_ON_BAT = 0;
-				CPU_MAX_PERF_ON_BAT = 65;
-			};
-		} else {
-			enable = true;
-			settings = {
-				CPU_SCALING_GOVERNOR_ON_AC = "performance";
-				CPU_SCALING_GOVERNOR_ON_BAT = "powersave";
+        CPU_MIN_PERF_ON_AC = 0;
+        CPU_MAX_PERF_ON_AC = 100;
+        CPU_MIN_PERF_ON_BAT = 0;
+        CPU_MAX_PERF_ON_BAT = 65;
+      };
+    } else {
+      enable = true;
+      settings = {
+        CPU_SCALING_GOVERNOR_ON_AC = "performance";
+        CPU_SCALING_GOVERNOR_ON_BAT = "powersave";
 
-				CPU_ENERGY_PERF_POLICY_ON_BAT = "power";
-				CPU_ENERGY_PERF_POLICY_ON_AC = "performance";
+        CPU_ENERGY_PERF_POLICY_ON_BAT = "power";
+        CPU_ENERGY_PERF_POLICY_ON_AC = "performance";
 
-				CPU_MIN_PERF_ON_AC = 0;
-				CPU_MAX_PERF_ON_AC = 100;
-				CPU_MIN_PERF_ON_BAT = 0;
-				CPU_MAX_PERF_ON_BAT = 75;
+        CPU_MIN_PERF_ON_AC = 0;
+        CPU_MAX_PERF_ON_AC = 100;
+        CPU_MIN_PERF_ON_BAT = 0;
+        CPU_MAX_PERF_ON_BAT = 75;
 
-				# 0 is first
-				START_CHARGE_THRESH_BAT0 = 60;
-				STOP_CHARGE_THRESH_BAT0 = 85;
+        # 0 is first
+        START_CHARGE_THRESH_BAT0 = 60;
+        STOP_CHARGE_THRESH_BAT0 = 85;
 
-				# 1 is second
-				START_CHARGE_THRESH_BAT1 = 60;
-				STOP_CHARGE_THRESH_BAT1 = 85;
-			};
-		};
+        # 1 is second
+        START_CHARGE_THRESH_BAT1 = 60;
+        STOP_CHARGE_THRESH_BAT1 = 85;
+      };
+    };
 
-	};
+  };
 }
 

modules/laptop/powersave.nix

@@ -1,9 +1,5 @@
 { ... }:
 
 {
-	networking = {
-		networkmanager = {
-			wifi.powersave = true;
-		};
-	};
+  networking = { networkmanager = { wifi.powersave = true; }; };
 }

modules/services/scanning.nix

@@ -1,11 +1,11 @@
 { pkgs, ... }:
 
 {
-	# Scanning over the network support
-	hardware.sane.enable = true;
-	hardware.sane.extraBackends = [ pkgs.sane-airscan ];
-	hardware.sane.disabledDefaultBackends = [ "escl" ];
-	services.udev.packages = [ pkgs.sane-airscan ];
-	services.avahi.enable = true;
-	services.avahi.nssmdns = true;
+  # Scanning over the network support
+  hardware.sane.enable = true;
+  hardware.sane.extraBackends = [ pkgs.sane-airscan ];
+  hardware.sane.disabledDefaultBackends = [ "escl" ];
+  services.udev.packages = [ pkgs.sane-airscan ];
+  services.avahi.enable = true;
+  services.avahi.nssmdns = true;
 }

modules/services/webdav.nix

@@ -1,20 +1,22 @@
-{ inputs, ... }:
+{ ... }:
 
 {
-  imports = [ inputs.sops-nix.nixosModules.sops ];
-
   # For web mounting
   services.davfs2.enable = true;
 
-  # Maybe the failed encryption is due to the btrfs system please remove this in the future
+  # Load the secret
   sops = {
-    defaultSopsFile = ./../../secrets.yaml;
-    age.keyFile = "/home/jonas/.config/sops/age/keys.txt";
-    secrets = { webdav_secret = { path = "/etc/davfs2/secrets"; }; };
+    secrets = {
+      webdav_authstring = {
+        mode = "0600";
+        path = "/etc/davfs2/secrets";
+      };
+    };
   };
 
   systemd.mounts = [{
-    description = "WebDAV mount point";
+    description = "Webdav mount point";
+    after = [ "network-online.target" ];
     wants = [ "network-online.target" ];
     what = "https://dav.hahn1.one";
     where = "/mnt/webdav";
@@ -22,4 +24,12 @@
     options = "uid=1000,gid=1000,file_mode=0664,dir_mode=2775,_netdev";
     mountConfig.TimeoutSec = "5s";
   }];
+
+  # Is this too much power drain?
+  systemd.automounts = [{
+    description = "Webdav automount";
+    where = "/mnt/webdav";
+    wantedBy = [ "multi-user.target" ];
+    automountConfig = { TimeoutIdleSec = "2m"; };
+  }];
 }

secrets.yaml

@@ -1,16 +1,25 @@
-webdav_secret: ENC[AES256_GCM,data:OZyEFW/Aw2dPqZFvZoPWA/BBO7k/lzw0UVffuuEuNBTkjN+eHAxFZw==,iv:Y6kTyMb5wD5iJ1g6OHPiHGuu8qFjiduau0mjcS8KLjs=,tag:97OIL+aegLCMjlJM0SdJBg==,type:str]
+webdav_authstring: ENC[AES256_GCM,data:9Q9hEgwNjKs75/5KDok4DGQZ7EAJakcFYLLjehmVDzgdXJyv8D52oQ==,iv:dWGWgZXyw49zJqIbPdy4zpGzGk5H/m47DV08NB1w9go=,tag:PAVUDk8+6ZXlD8o8MHyD3Q==,type:str]
 sops:
     age:
         - recipient: age1a2kpues0gayampkn9pn2czhk24r0yl4jnw84qg4gh5l72dflx95qkmyqzv
           enc: |
             -----BEGIN AGE ENCRYPTED FILE-----
-            YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBncWNwT2F1ZkxhY3h4UFFs
-            U2lpM3lXdVZqNDFiSTRTaDI4UFFDRk1QNUUwCnpvdjAzNFQ0dnJ5Wm52b1hBUUFL
-            dzdHb0RwbU02Y3FzMkM2eFNPUzg2UGMKLS0tIDZrdXc1RFc5NUJNb0ZhclNuYUNX
-            dmFEc1hrR3czZTBzU2pLQ0ZUL3VPblEKRwy03xI+qiTMJsmG/pe/3WoB8c+vLtXo
-            kaYY18r3tICKfxQQyDWh3Gevo2+CGhblCcgJ3AnyWQBqIZwIudDuHw==
+            YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBGV1BLWnpIWlVCMHRLRFJR
+            UXhBOGFNN2ZMd1JNVGhyOU12b1JaajNBYUh3CkZFNzR6NElhYldQbmtTTlpIK0sx
+            UUVZb3BqYWEwQUxiTklKeGJFYmxUaWcKLS0tIDExc1lqV3BITzA3ME9jM3FWU09V
+            Q2p1UHVBNW54UnIydU5yM25OK0llRkUKnr2SftBM+rBFfakhoHL1UyVm9BIgmW05
+            ARXyD4DR2MF5pPRnE6s1avfocX4IObB0xNHeuOegXUYhKWlSkTztNw==
             -----END AGE ENCRYPTED FILE-----
-    lastmodified: "2025-08-31T02:50:46Z"
-    mac: ENC[AES256_GCM,data:Gl7cLnEJ3TVL4gS4CAZQESJyzVWqm3aSLN/doLBHnAYL/Shu42ygJuuT+jKdFXo4tXKjYJuvw7gmuoVFx0L23lRpqUeU4b9fExmJX/ZVGZwJC3nreFCBqx8LWkF2cGtZJ1HObu97EzlKBxQ8c/QZZ/v3C4pAfwxNNiVavu8BUfg=,iv:qeKjETggLjtCNCyuM2z5WX4JGPcxcN99QBPQmK/a0NE=,tag:NwV56PeRGcxsdn46lre2Sg==,type:str]
+        - recipient: age1qddfn6apphafe4muvvv3vguxewa03ay2jlgqkng3uwwzfjw204dsfpt0uu
+          enc: |
+            -----BEGIN AGE ENCRYPTED FILE-----
+            YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBhQUlLNm5wdHc1Q3VFZFZQ
+            eEN2VzkycStHQUlMK1MrdElrYTFJN0VCUFgwCjlsT1BpZVNWdzBmeDdSbXpTbEtB
+            MEhXVTJ1czRSLzdXQ0l2bzlLMU53ak0KLS0tIG5yUHVQSDk3eTJTenBDNXhGYXk2
+            SnM5V2VDMmxiRExqeFZrcm01ME5FRlUKCq047F8LGPCAdcpLBr66O4FVAt9q7Ug6
+            o5Dpn6Mo5c08tdF2m88Q1fXMSXIpfdTJCffIjk82WiU4M3Ni/8Mmaw==
+            -----END AGE ENCRYPTED FILE-----
+    lastmodified: "2025-08-31T20:35:46Z"
+    mac: ENC[AES256_GCM,data:trZFOIIrxWXpj5+qL1fWGYWBKlnkU+SSqra+k1S7NW3LtSsmx1ZW/qRCSoiFIJeP+jWEQ32S95d53Kt2Fw0hta+7r/rMc9MOwmy4U/ML66p0bj7A57QZQ1sbi3fkEbCSRU3G0es215I8Db7zeyBXBSfqoukBekcs3GsESBDVhkQ=,iv:Z2CNOzLWB/DRPoekiwroU4aftEhm2hYzXx9Vzmz7EA0=,tag:0PsB6B2RHu6l0EZlaYkqKA==,type:str]
     unencrypted_suffix: _unencrypted
     version: 3.10.2