diff options
| -rw-r--r-- | KEYBINDS.md | 2 | ||||
| -rw-r--r-- | dot_config/sway/config | 2 | ||||
| -rw-r--r-- | dot_config/waybar/config.jsonc | 11 | ||||
| -rw-r--r-- | dot_config/waybar/executable_vpn-status.sh | 12 | ||||
| -rw-r--r-- | dot_config/waybar/executable_vpn-toggle.sh | 21 | ||||
| -rw-r--r-- | dot_config/waybar/style.css | 8 | ||||
| -rw-r--r-- | etc/polkit-1/rules.d/50-networkd-wheel.rules | 13 |
7 files changed, 69 insertions, 0 deletions
diff --git a/KEYBINDS.md b/KEYBINDS.md index 5e42365..f9460bf 100644 --- a/KEYBINDS.md +++ b/KEYBINDS.md @@ -322,6 +322,8 @@ Mod key: `Super` (Mod4). Only personal additions beyond sway defaults listed. | `XF86Sleep` | Suspend system (systemctl suspend) | | `XF86WLAN` | Toggle Wi-Fi (rfkill) | | `XF86RFKill` | Toggle all radios (rfkill) | +| `Super+Shift+Return` | Open ghostty with yazi (file manager) | +| `Super+Shift+b` | Launch librewolf | | `Print` | Region screenshot (grim+slurp) | | `Shift+Print` | Full screenshot (grim) | | `Super+i` | Dictate toggle (whisper.cpp → wtype + clipboard) | diff --git a/dot_config/sway/config b/dot_config/sway/config index 73d505c..39d1e31 100644 --- a/dot_config/sway/config +++ b/dot_config/sway/config @@ -51,8 +51,10 @@ for_window [shell=".*"] inhibit_idle fullscreen # ── Standard keybinds (sway defaults) ───────────────────────────────────────── bindsym $mod+Return exec $term +bindsym $mod+Shift+Return exec $term -e yazi bindsym $mod+Shift+q kill bindsym $mod+d exec $menu +bindsym $mod+Shift+b exec librewolf # Navigation bindsym $mod+h focus left diff --git a/dot_config/waybar/config.jsonc b/dot_config/waybar/config.jsonc index 2270b42..95aa17e 100644 --- a/dot_config/waybar/config.jsonc +++ b/dot_config/waybar/config.jsonc @@ -9,6 +9,7 @@ "cpu", "temperature", "custom/memory", + "custom/vpn", "network#bond", "custom/dock", "battery", @@ -46,6 +47,7 @@ }, "interval": 5, "tooltip": false, + "on-click": "ghostty --class=floating -e htop", }, "custom/memory": { @@ -53,6 +55,7 @@ "return-type": "json", "interval": 10, "tooltip": false, + "on-click": "ghostty --class=floating -e htop", }, "disk": { @@ -103,6 +106,14 @@ "tooltip-format": "{ifname}: {ipaddr}/{cidr}", }, + "custom/vpn": { + "exec": "~/.config/waybar/vpn-status.sh", + "return-type": "json", + "interval": 5, + "signal": 8, + "on-click": "~/.config/waybar/vpn-toggle.sh", + }, + "battery": { "format": "{icon} {capacity}%", "format-charging": " {capacity}%", diff --git a/dot_config/waybar/executable_vpn-status.sh b/dot_config/waybar/executable_vpn-status.sh new file mode 100644 index 0000000..37fea84 --- /dev/null +++ b/dot_config/waybar/executable_vpn-status.sh @@ -0,0 +1,12 @@ +#!/bin/sh +# Waybar custom/vpn module: report whether the wireguard interface +# (managed by systemd-networkd) is admin-up. Output is a single line of +# JSON so waybar can style it via the .up / .down classes. + +iface=hodor + +if ip link show "$iface" 2>/dev/null | grep -qE '<[^>]*\<UP\>'; then + printf '{"text":"VPN","class":"up","tooltip":"%s up"}\n' "$iface" +else + printf '{"text":"VPN","class":"down","tooltip":"%s down"}\n' "$iface" +fi diff --git a/dot_config/waybar/executable_vpn-toggle.sh b/dot_config/waybar/executable_vpn-toggle.sh new file mode 100644 index 0000000..df13a3d --- /dev/null +++ b/dot_config/waybar/executable_vpn-toggle.sh @@ -0,0 +1,21 @@ +#!/bin/sh +# Toggle the wireguard interface managed by systemd-networkd. Polkit +# rule (etc/polkit-1/rules.d/50-networkd-wheel.rules) lets wheel-group +# members invoke networkctl up/down without a password prompt. +# +# After the state change, send SIGRTMIN+8 to waybar so the custom/vpn +# module refreshes immediately instead of waiting for the next interval. + +set -eu + +iface=hodor + +if ip link show "$iface" 2>/dev/null | grep -qE '<[^>]*\<UP\>'; then + networkctl down "$iface" +else + networkctl up "$iface" +fi + +# Refresh waybar's custom/vpn module right away. +pid=$(pidof waybar || true) +[ -n "$pid" ] && kill -SIGRTMIN+8 "$pid" 2>/dev/null || true diff --git a/dot_config/waybar/style.css b/dot_config/waybar/style.css index f0d764d..86e546a 100644 --- a/dot_config/waybar/style.css +++ b/dot_config/waybar/style.css @@ -28,6 +28,14 @@ window#waybar { background-color: #fb4934; } +#custom-vpn.up { + color: #b8bb26; +} + +#custom-vpn.down { + color: #928374; +} + #mode { color: #fabd2f; font-weight: bold; diff --git a/etc/polkit-1/rules.d/50-networkd-wheel.rules b/etc/polkit-1/rules.d/50-networkd-wheel.rules new file mode 100644 index 0000000..089616a --- /dev/null +++ b/etc/polkit-1/rules.d/50-networkd-wheel.rules @@ -0,0 +1,13 @@ +// Allow members of the `wheel` group to manage systemd-networkd links +// (e.g. `networkctl up/down <iface>`) without a polkit password prompt. +// This single-user system already trusts wheel for administrative work +// via sudo-rs; networkd's polkit gate is a separate path that does not +// honour sudoers, so a polkit rule is the idiomatic fix. +polkit.addRule(function (action, subject) { + if ( + action.id.indexOf("org.freedesktop.network1.") === 0 && + subject.isInGroup("wheel") + ) { + return polkit.Result.YES; + } +}); |