pianonix: multiple improvements, improve secrets, add wireguard, use sheetless in browser

hosts/pianonix/default.nix

@@ -22,21 +22,41 @@
     ../common/optional/pcmanfm.nix
     ../common/optional/redshift.nix
     ../common/optional/authentication.nix
+
+    ../common/optional/avahi.nix
   ];
 
   # disko.devices.disk.main.device = "/dev/mmcblk1";
 
+  # enabled by fish, disabling speeds up builds
+  documentation.man.generateCaches = false;
+
+  networking.enableIPv6 = false; # This only leads to issues with avahi
+
+  hardware.bluetooth.enable = true;
+  services.blueman.enable = true; # bluetooth gui
+  # raspberry pi specific
+  # systemd.services.btattach = {
+  #   before = [ "bluetooth.service" ];
+  #   after = [ "dev-ttyAMA0.device" ];
+  #   wantedBy = [ "multi-user.target" ];
+  #   serviceConfig = {
+  #     ExecStart = "${pkgs.bluez}/bin/btattach -B /dev/ttyAMA0 -P bcm -S 3000000";
+  #   };
+  # };
   # networking.wireless.enable = true;
   # networking.wireless.environmentFile = config.sops.secrets."wifi/pianonix".path;
   # networking.wireless.networks = {
   #   "@SSID@".psk = "@PSK@";
   # };
+  services.gnome.at-spi2-core.enable = true; # for onboard
+
   networking.hostName = "pianonix";
   system.stateVersion = "22.11";
 
   sops.secrets."vnc-passwd" = {
     owner = config.users.users.julian.name;
-    sopsFile = ./vnc-passwd;
+    sopsFile = ./secrets-vnc-passwd.bin;
     format = "binary";
   };
   sops.secrets."wifi/pianonix" = {};
@@ -45,6 +65,18 @@
   # sops.secrets."syncthing/public-keys/aspi-nix" = { };
   # sops.secrets."syncthing/public-keys/pianonix" = { };
 
+  sops.secrets."wg-config" = {
+    sopsFile = ./secrets-wg-config.bin;
+    format = "binary";
+  };
+
+  networking.wg-quick.interfaces = {
+    home = {
+      configFile = config.sops.secrets."wg-config".path;
+      autostart = true; # This interface is started on boot
+    };
+  };
+
   modules = {
     syncthing = {
       enable = true;
@@ -54,6 +86,7 @@
 
   # Enable the Desktop Environment.
   # services.xserver.displayManager.lightdm.enable = true;
+  services.displayManager.defaultSession = "xfce";
   services.displayManager.autoLogin = {
     enable = true;
     user = "julian";
@@ -73,10 +106,11 @@
     };
   };
 
-  boot.loader.timeout = 1; # Set boot loader timeout to 1s
+  boot.loader.timeout = lib.mkForce 1; # Set boot loader timeout to 1s
 
   # De-facto disable network manager, which is enabled by gnome
   # networking.networkmanager.unmanaged = [ "*" ];
+  services.xserver.enable = true;
   services.xserver.desktopManager = {
     xfce = {
       enable = true;