phundrak/nix-config
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: phundrak/nix-config:a7214db68c8b39a76ea7de8c9e69b55a89a91067
Branches Tags
phundrak/nix-config:main phundrak/nix-config:feature/steamdeck
...
compare: phundrak/nix-config:feature/steamdeck
Branches Tags
phundrak/nix-config:feature/steamdeck phundrak/nix-config:main

109 Commits
a7214db68c ... feature/steamdeck

Author SHA1 Message Date
phundrak d1c066e592 feat(hosts): add home config for steamdeck 2026-06-17 22:48:08 +02:00
phundrak c2485cc0db feat(naromk3): open ports for email server 2026-06-17 22:47:53 +02:00
phundrak 8e3d2fe850 feat(packages): added chatterino 2026-06-14 01:18:43 +02:00
phundrak 00b44d3041 fix(hyprland): remove unused and deprecated settings 2026-06-14 01:18:43 +02:00
phundrak 05a42f74db chore(deps): update lockfile 2026-06-14 01:17:23 +02:00
phundrak 971ce23e49 feat(streamlink): add streamlink 2026-06-07 19:04:53 +02:00
phundrak 88e31d3ce4 feat(opencode): add opencode configuration 2026-06-07 18:28:59 +02:00
phundrak 773d28e40b chore(nix): update flakes 2026-06-07 16:31:43 +02:00
phundrak 35856afcad feat(inkdrop): remove inkdrop package 2026-06-07 14:12:38 +02:00
phundrak 77b908c4bb feat(eww): remove eww config 2026-06-07 14:09:37 +02:00
phundrak 6d14f79d4a feat(modules): add ncmpcpp configuration 2026-06-03 17:49:40 +02:00
phundrak 89e98df9e5 feat(obs): add image-reaction OBS plugin packaging 2026-06-03 17:49:40 +02:00
phundrak f0a1793889 feat(hyprland): make workspace 9 vertical 2026-06-03 17:49:40 +02:00
phundrak 98f6c0ea21 feat(hyprland): add main monitor resolution for streaming 2026-06-03 17:49:40 +02:00
phundrak 84219edfc9 feat(caelestia): remove annoying toasts 2026-06-03 17:49:40 +02:00
phundrak 626d2682ae feat(mousewrap): better mousewrap config 2026-06-03 17:49:40 +02:00
phundrak 1337c9d44f feat(sounds): make noisetorch optional 2026-06-03 17:49:40 +02:00
phundrak dc6229aaac refactor(flatpak): simplify flatpak module 2026-06-03 17:49:40 +02:00
phundrak 8282295824 refactor: enable modules to add groups to users themselves 2026-06-03 17:49:40 +02:00
phundrak 91dc8e5070 feat(jujutsu): enable jujutsu shell autocompletion 2026-05-24 10:48:41 +02:00
phundrak 206b170d3e refactor(kitty): refactor kitty config with prefix for keybinds 2026-05-24 10:48:41 +02:00
phundrak a5836d3637 fix(caelestia): fix incorrect settings name for marpa’s caelestia 2026-05-24 10:11:37 +02:00
phundrak af888d5838 fix: enable my Wacom tablet to work properly 2026-05-24 10:10:56 +02:00
phundrak 84d7137aa5 feat(hosts): add PineTab2 config 2026-05-24 10:10:52 +02:00
phundrak 673b32c33b feat(wlr-which-key): use caelestia launcher when available 2026-05-13 00:10:38 +02:00
phundrak d27f63a0f7 feat(caelestia): increase timeout from 5m to 1h 2026-05-06 23:50:55 +02:00
phundrak 90f6102481 feat(packages): add KiCad to phundrak packages 2026-05-06 23:50:19 +02:00
phundrak e44acd9b06 refactor(firefox): move phundrak firefox config to separate file 
For better readability
 2026-05-06 23:49:40 +02:00
phundrak 177ce475a9 refactor(tmux): declare keybinds with Nix syntax 2026-05-06 23:49:23 +02:00
phundrak 1411f6c47e feat(jj-cz): use develop branch for jj-cz 2026-05-06 23:49:23 +02:00
phundrak d1bee6c14d fix(waydroid): use package that won’t error out 2026-05-03 15:37:16 +02:00
phundrak 5514d347c7 feat(nix): add marpa as binary cache for Nix 2026-05-01 16:27:56 +02:00
phundrak 06519d555b feat(packages): add QGIS 2026-05-01 15:24:44 +02:00
phundrak ce94f09dd4 feat(i18n): proper multilingual input 
Use fcitx5 to switch between different inputs. Installed mozc-ut for
Japanese input with the bepo layout, as well as fcitx5-chinese to load
table-defined layouts for the IPA/X-SAMPA input method.

Currently, mozc_server and fcitx5 need to be launched by the
compositor (only Hyprland for now), auto-launching from module options
needs to be implemented in the future.
 2026-05-01 15:24:44 +02:00
phundrak 171d635b72 fix(gampo): refer to proper home config 2026-04-28 10:47:38 +02:00
phundrak 3bc4e3dd15 feat(vcs): jj config for Creug 2026-04-12 18:07:33 +02:00
phundrak 4b7a64c8ac fix(copyparty): disable copyparty for elcafe for now 2026-04-12 15:18:38 +02:00
phundrak 9024d2c744 fix(kernel): remove reference to deprecated hardened kernel 2026-04-12 15:09:52 +02:00
phundrak d13d81c60a feat(devshell): add jj and git to dev environment 2026-04-12 15:02:17 +02:00
phundrak 88cf103332 chore(lockfile): update lockfile 2026-04-12 15:00:14 +02:00
phundrak 9431a71539 feat(ai): add opencode to AI packages 2026-04-12 15:00:14 +02:00
phundrak 6fa865644a feat(wl-kbptr): package wl-kbptr for NixOS as home module 2026-04-12 14:58:02 +02:00
phundrak 154d0e4ddb chore(flake): update flake lock, remove devenv input 2026-04-12 14:58:02 +02:00
phundrak cae0357dbe feat(claude-code): add sox for voice mode 2026-04-12 14:58:02 +02:00
phundrak 477a0b7372 feat(firefox): dedicated module and tridactyl config 2026-04-12 14:57:58 +02:00
phundrak 5b12250fd5 feat(handy): upgrade to handy 0.8.0 2026-03-28 22:32:47 +01:00
phundrak b8c88cae25 chore(flakes): update flakes 2026-03-28 22:32:47 +01:00
phundrak 63bd1471d8 feat(system): add additional substituters 2026-03-26 11:24:49 +01:00
phundrak 647432314d feat(jujutsu): add jj-cz options to jujutsu module 2026-03-26 11:24:49 +01:00
phundrak bfaaee0f36 feat(zellij): add zellij configuration 2026-03-26 11:24:49 +01:00
phundrak ab089afefd feat(spotify): re-enable Spicetify 2026-03-14 14:21:52 +01:00
phundrak 79e3156bb3 feat(copyparty): create copyparty service for elcafe 2026-03-07 18:50:58 +01:00
phundrak 5e8db88008 chore(packages): update signal desktop name and remove gplates 2026-03-07 18:03:33 +01:00
phundrak ff39f983f9 chore(mpv): update mpv script name 2026-03-07 18:03:33 +01:00
phundrak 6088946973 chore(handy): update Handy from 0.7.6 to 0.7.7 2026-03-07 18:03:33 +01:00
phundrak 0f213ed01f chore(flake): update flake lockfile 2026-03-07 18:03:33 +01:00
phundrak 097ce13793 feat(packages): package inkdrop 2026-02-26 19:42:40 +01:00
phundrak efa9be4314 fix(sunshine): automatically set screen resolution for sunshine 2026-02-24 13:04:10 +01:00
phundrak 7223b63fca chore(flake): update flakes 2026-02-24 01:46:26 +01:00
phundrak 32b3c81b46 feat(handy): package Handy for Nix 2026-02-22 19:31:27 +01:00
phundrak 5e934f87a3 feat(spotify): disable spicetify for now 2026-02-22 19:31:27 +01:00
phundrak 0927313f6d fix(hyprland): fix cursor size on XWayland windows 2026-02-22 19:31:27 +01:00
phundrak 8fa1d2e111 style: formatting 2026-02-22 19:31:27 +01:00
phundrak 54e8beecfd feat(caelestia): improve configuration for caelestia 2026-02-22 19:31:27 +01:00
phundrak 21e85fc77b feat: improve GPU support for modules 2026-02-22 19:31:27 +01:00
phundrak b4a57a8f64 feat: improve v4l2loopback support 2026-02-22 19:31:23 +01:00
phundrak b8ed5984df feat(scripts): enable plock to use Caelestia’s lock screen 
This commit also adds the wlr-which-key shortcut for plock.
 2026-02-22 18:01:45 +01:00
phundrak a35d536b75 feat: add possibility to use fingerprint reader 2026-02-22 18:01:42 +01:00
phundrak 0815dd3a30 feat(elcafe): add creug user 2026-02-13 09:08:21 +01:00
phundrak 35541ea5ae feat(elcafe): add new server configuration 2026-02-08 16:45:58 +01:00
phundrak e90fb1fa0d feat(user/email): add Eittlandic translation to email signature 2026-02-08 00:19:15 +01:00
phundrak c8fd643085 feat(user/jj): improve jj configuration 2026-02-08 00:18:53 +01:00
phundrak 5d9efbb651 feat(shell): improve shell completion 2026-02-08 00:18:30 +01:00
phundrak 582460d8f4 docs(README): nicer Readme header 2026-02-05 20:51:33 +01:00
phundrak 76d1a33a78 feat: prefer XDG directories 2026-01-25 05:03:53 +01:00
phundrak f5fa1683b4 feat(emacs): improve configuration 2026-01-25 05:03:30 +01:00
phundrak 36d5c90017 fix(gampo): early video drivers load 2026-01-25 05:03:13 +01:00
phundrak 5c9c3d199b fix(hosts): temporarily fix hosts file issue 2026-01-25 05:03:13 +01:00
phundrak be51aa7cc5 feat(theme): better theming 2026-01-25 05:03:09 +01:00
phundrak f6fe7945bb chore(flakes): update flakes lockfile 2026-01-24 20:08:19 +01:00
phundrak f0398f4d9c feat(spotify): use Spicetify with Spotify 2026-01-24 13:24:12 +01:00
phundrak a1842b22db feat(starship): remove most git info in jj repos 2026-01-24 13:23:38 +01:00
phundrak 615909867e feat(AI): replace opencode with LM Studio 2026-01-24 12:57:37 +01:00
phundrak a632ebbf07 fix(wlr-which-key): add forgotten logout command 2026-01-24 12:57:04 +01:00
phundrak 51f2c77c02 feat(hyprland): adapt to new Hyprland config and caelestia 2026-01-24 12:56:33 +01:00
phundrak e0226af16a feat(marpa): auto login on Marpa’s startup 2026-01-24 12:56:08 +01:00
phundrak 7a1465bc3b refactor: some code cleanup 2026-01-24 12:55:52 +01:00
phundrak 87a7fc00fe feat(secrets): update secrets 2026-01-24 12:54:48 +01:00
phundrak c6b3abd1a7 chore(flakes): update flake lockfile 2026-01-24 12:54:13 +01:00
phundrak 32c57b0671 feat: switch frow waybar to quickshell and caelestia 2025-12-24 19:22:58 +01:00
phundrak 22bd5c7b2a feat(packages): remove some GNOME stuff, add bun and nixfmt 2025-12-22 01:50:07 +01:00
phundrak 813fc3026c feat(shell): better handling of additional shell aliases/abbreviations 2025-12-22 01:49:21 +01:00
phundrak 5497d6df51 fix(AI): remove claude desktop, fixes for ollama 2025-12-22 01:48:48 +01:00
phundrak 1a43dcdad4 fix(gpg): fix password requests when signing with SSH keys 2025-12-22 01:42:22 +01:00
phundrak 93f009852f feat(tailscale): better defaults 2025-12-22 01:38:20 +01:00
phundrak 9071957b4c feat(hosts): add NaroMk3 to the existing hosts 2025-12-07 13:31:57 +01:00
phundrak 473a6f5b75 feat(home): switch to nemo with extensions 2025-12-04 14:11:30 +01:00
phundrak 521193d91d feat(wlr-which-key): add logout option to power menu 2025-12-04 14:11:30 +01:00
phundrak 8adeeff9eb chore: remove unused hyprland keybinds 2025-12-04 14:11:30 +01:00
phundrak 57788942b2 feat(hyprland): enable US keyboard layout as second layout 
Also add it to my Waybar config
 2025-12-04 14:11:16 +01:00
phundrak 6261e4f490 feat(phundrak): additional groups 2025-12-04 14:10:46 +01:00
phundrak e975e069d1 fix(hyprland): enable polkit on login 2025-12-04 14:10:46 +01:00
phundrak 6936ebeaf7 feat(ollama): better Ollama configuration 2025-12-04 14:10:46 +01:00
phundrak 5952720feb feat(system): disable orca, enable envfs 
envfs enables compatibility on NixOS for scripts which assume the prensence
of some files, such as /bin/bash, which are usually present on other *Nix
systems.
 2025-12-04 14:10:46 +01:00
phundrak 299d08a16a feat(steam): better steam installation 2025-12-04 14:10:42 +01:00
phundrak ea0af9342c feat: update secrets 2025-12-04 14:00:36 +01:00
phundrak 7780f62cb5 refactor(flakes): nicer helper functions 2025-12-04 13:57:40 +01:00
phundrak d98bb6cbdd feat(marpa): update and add disk mountpoints 2025-12-04 13:56:44 +01:00
phundrak 405485f122 chore(flakes): update flake.lock file 2025-12-04 13:55:53 +01:00
125 changed files with 5464 additions and 1155 deletions
Expand all files Collapse all files
.envrc
+1 -5
View File
@@ -1,11 +1,7 @@
# -*- mode: sh; -*-
if ! has nix_direnv_version || ! nix_direnv_version 2.2.1; then
source_url "https://raw.githubusercontent.com/nix-community/nix-direnv/2.2.1/direnvrc" "sha256-zelF0vLbEl5uaqrfIzbgNzJWGmLzCmYAkInj/LNxvKs="
fi
watch_file flake.nix
watch_file flake.lock
if ! use flake . --no-pure-eval
then
echo "devenv could not be built. The devenv environment was not loaded. Make the necessary changes to devenv.nix and hit enter to try again." >&2
echo "dev shell could not be built. The environment was not loaded. Make the necessary changes to flake.nix and hit enter to try again." >&2
fi
.sops.yaml
+10
View File
@@ -1,10 +1,15 @@
keys:
- &elcafe age1tkywsvddjj6r6ukuqgz9aql92jfx85rz57dhmkkndysh6yx6p5rs0zj0qr
- &elcafe-host age17p69ktg7yfzgdsk00f32mupe4n4fevdpw2wsv7ft30yvpeseau6s7t0zdg
- &gampo age1ajemtm502nn2n4q7v4j8meyd5mxtcqngkkedxq2pqzuwu78zp93qnw8q48
- &gampo-host age197lfdanym647wdaz9uy8hrfqjwj9fs8rm7vs3fsrctceu8mr9gms2jedhz
- &marpa age17pn6suvz2f7zmrm9zxj5hr0putvcvdamqxqt7ewhncgg6ccgmp2qr00xm2
- &marpa-host age1cnnpnglkvgw5ffv8qpgwpqvj203lh4uwt698y9mxjwklxt8nysmsa8hepn
- &tilo age1g68hxv73llkyc7etzh499ztcrt93pwawy0n8p93px4taqu58mehsp88vjq
- &tilo-host age1awytvphvty4f9wmdn86xnjg9kgetqjx8qlwj5d2882t4fyyzy58s3vg5k4
- &NaroMk3 age1erkn7dd022e90ktyj66aux9j9xvl0uzd6ru5cmrjsvcm5rtr5pfs7q6k9h
- &NaroMk3-host age16crkeglm3j3f6rveylytuerptjf9mwtv3hl89ywkmnnvdkntfchsuvrsk5
- &steamdeck age1ztuc996dapd7gpw5g7t4k3e9egv3dj6czxyslhnwula97w3cuytqlgzru0
creation_rules:
- path_regex: secrets/secrets.yaml$
key_groups:
@@ -15,3 +20,8 @@ creation_rules:
- *marpa-host
- *tilo
- *tilo-host
- *NaroMk3
- *NaroMk3-host
- *elcafe
- *elcafe-host
- *steamdeck
README.md
+14 -3
View File
@@ -1,6 +1,18 @@
# NixOS Configuration
<h1 align="center">NixOS Configuration</h1>
<div align="center">
<strong>
Personal NixOS configuration for my machines, using Nix Flakes for reproducible and shareable setups.
</strong>
</div>
<br/>
<div align="center">
<!-- Wakapi -->
<img alt="Coding Time Badge" src="https://clock.phundrak.com/api/badge/phundrak/interval:any/project:.dotfiles">
<!-- Emacs -->
<a href="https://www.gnu.org/software/emacs/"><img src="https://img.shields.io/badge/Emacs-30.2-blueviolet.svg?style=flat-square&logo=GNU%20Emacs&logoColor=white" /></a>
</div>
## Repository Structure
@@ -8,7 +20,6 @@ Personal NixOS configuration for my machines, using Nix Flakes for reproducible
- **hosts/**: Contains the host-specific NixOS configurations.
- **system/**: Holds system-wide configuration modules that can be shared across different hosts. This includes things like boot settings, desktop environments, hardware configurations, networking, packages, security, and system services.
- **users/**: Manages user-specific configurations. It's split into `modules` for reusable home-manager configurations and `phundrak` for my personal configuration.
- **keys/**: Public keys for various machines.
- **secrets/**: Encrypted secrets managed with `sops-nix`.
## Usage
flake.lock
Generated
+325 -167
View File
@@ -1,39 +1,77 @@
{
"nodes": {
"cachix": {
"alejandra": {
"inputs": {
"devenv": [
"devenv"
],
"flake-compat": [
"devenv",
"flake-compat"
],
"git-hooks": [
"devenv",
"git-hooks"
],
"fenix": "fenix",
"flakeCompat": "flakeCompat",
"nixpkgs": [
"devenv",
"jj-cz",
"nixpkgs"
]
},
"locked": {
"lastModified": 1760971495,
"narHash": "sha256-IwnNtbNVrlZIHh7h4Wz6VP0Furxg9Hh0ycighvL5cZc=",
"owner": "cachix",
"repo": "cachix",
"rev": "c5bfd933d1033672f51a863c47303fc0e093c2d2",
"lastModified": 1744324181,
"narHash": "sha256-Oi1n2ncF4/AWeY6X55o2FddIRICokbciqFYK64XorYk=",
"owner": "kamadorueda",
"repo": "alejandra",
"rev": "3e2a85506627062313e131bf8a85315f3387c8e0",
"type": "github"
},
"original": {
"owner": "cachix",
"ref": "latest",
"repo": "cachix",
"owner": "kamadorueda",
"ref": "4.0.0",
"repo": "alejandra",
"type": "github"
}
},
"claude-desktop": {
"caelestia-cli": {
"inputs": {
"caelestia-shell": [
"caelestia-shell"
],
"nixpkgs": [
"caelestia-shell",
"nixpkgs"
]
},
"locked": {
"lastModified": 1780375472,
"narHash": "sha256-Q8RAJoYlakA6B2I5DVcuxzNbhCNU1nnIjqQZYP1KGrM=",
"owner": "caelestia-dots",
"repo": "cli",
"rev": "d1c8c8fc09738d1b40576e97c274b4a11a2e0ac7",
"type": "github"
},
"original": {
"owner": "caelestia-dots",
"repo": "cli",
"type": "github"
}
},
"caelestia-shell": {
"inputs": {
"caelestia-cli": "caelestia-cli",
"m3shapes": "m3shapes",
"nixpkgs": [
"nixpkgs"
],
"quickshell": "quickshell"
},
"locked": {
"lastModified": 1781178648,
"narHash": "sha256-z6V1T7MHShM7TfFIMCDp94Bi1Wk9LJfK96vm8YFGY5M=",
"owner": "caelestia-dots",
"repo": "shell",
"rev": "a16c957a8bd13e0cfd09928ca0a22fecd3681e44",
"type": "github"
},
"original": {
"owner": "caelestia-dots",
"repo": "shell",
"type": "github"
}
},
"copyparty": {
"inputs": {
"flake-utils": "flake-utils",
"nixpkgs": [
@@ -41,82 +79,58 @@
]
},
"locked": {
"lastModified": 1761825061,
"narHash": "sha256-AeRQZKr8+1XQer+WmbwtQaQBy05UDgeNNE7YZjNLuS0=",
"owner": "k3d3",
"repo": "claude-desktop-linux-flake",
"rev": "791cd93cfe216ad06ab740f0fdc142119b1d6ec2",
"lastModified": 1781307432,
"narHash": "sha256-96fOVwSAFEoZNZtJM10E4Fz1kr59CwzYfUFidypPkKY=",
"owner": "9001",
"repo": "copyparty",
"rev": "a00bc93fe1b6f71afffa43fab4efb88dceddea62",
"type": "github"
},
"original": {
"owner": "k3d3",
"repo": "claude-desktop-linux-flake",
"owner": "9001",
"repo": "copyparty",
"type": "github"
}
},
"devenv": {
"fenix": {
"inputs": {
"cachix": "cachix",
"flake-compat": "flake-compat",
"flake-parts": "flake-parts",
"git-hooks": "git-hooks",
"nix": "nix",
"nixpkgs": [
"jj-cz",
"alejandra",
"nixpkgs"
]
],
"rust-analyzer-src": "rust-analyzer-src"
},
"locked": {
"lastModified": 1761922975,
"narHash": "sha256-j4EB5ku/gDm7h7W7A+k70RYj5nUiW/l9wQtXMJUD2hg=",
"owner": "cachix",
"repo": "devenv",
"rev": "c9f0b47815a4895fadac87812de8a4de27e0ace1",
"lastModified": 1730615655,
"narHash": "sha256-2HBR3zLn57LXKNRtxBb+O+uDqHM4n0pz51rPayMl4cg=",
"owner": "nix-community",
"repo": "fenix",
"rev": "efeb50e2535b17ffd4a135e6e3e5fd60a525180c",
"type": "github"
},
"original": {
"owner": "cachix",
"repo": "devenv",
"type": "github"
}
},
"flake-compat": {
"flake": false,
"locked": {
"lastModified": 1761588595,
"narHash": "sha256-XKUZz9zewJNUj46b4AJdiRZJAvSZ0Dqj2BNfXvFlJC4=",
"owner": "edolstra",
"repo": "flake-compat",
"rev": "f387cd2afec9419c8ee37694406ca490c3f34ee5",
"type": "github"
},
"original": {
"owner": "edolstra",
"repo": "flake-compat",
"type": "github"
}
},
"flake-parts": {
"inputs": {
"nixpkgs-lib": [
"devenv",
"nixpkgs"
]
},
"locked": {
"lastModified": 1760948891,
"narHash": "sha256-TmWcdiUUaWk8J4lpjzu4gCGxWY6/Ok7mOK4fIFfBuU4=",
"owner": "hercules-ci",
"repo": "flake-parts",
"rev": "864599284fc7c0ba6357ed89ed5e2cd5040f0c04",
"type": "github"
},
"original": {
"owner": "hercules-ci",
"repo": "flake-parts",
"owner": "nix-community",
"repo": "fenix",
"type": "github"
}
},
"flake-utils": {
"locked": {
"lastModified": 1678901627,
"narHash": "sha256-U02riOqrKKzwjsxc/400XnElV+UtPUQWpANPlyazjH0=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "93a2b84fc4b70d9e089d029deacc3583435c2ed6",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
},
"flake-utils_2": {
"inputs": {
"systems": "systems"
},
@@ -134,7 +148,7 @@
"type": "github"
}
},
"flake-utils_2": {
"flake-utils_3": {
"inputs": {
"systems": "systems_2"
},
@@ -152,51 +166,37 @@
"type": "github"
}
},
"git-hooks": {
"flake-utils_4": {
"inputs": {
"flake-compat": [
"devenv",
"flake-compat"
],
"gitignore": "gitignore",
"nixpkgs": [
"devenv",
"nixpkgs"
]
"systems": "systems_3"
},
"locked": {
"lastModified": 1760663237,
"narHash": "sha256-BflA6U4AM1bzuRMR8QqzPXqh8sWVCNDzOdsxXEguJIc=",
"owner": "cachix",
"repo": "git-hooks.nix",
"rev": "ca5b894d3e3e151ffc1db040b6ce4dcc75d31c37",
"lastModified": 1731533236,
"narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "11707dc2f618dd54ca8739b309ec4fc024de578b",
"type": "github"
},
"original": {
"owner": "cachix",
"repo": "git-hooks.nix",
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
},
"gitignore": {
"inputs": {
"nixpkgs": [
"devenv",
"git-hooks",
"nixpkgs"
]
},
"flakeCompat": {
"flake": false,
"locked": {
"lastModified": 1709087332,
"narHash": "sha256-HG2cCnktfHsKV0s4XW83gU3F57gaTljL9KNSuG6bnQs=",
"owner": "hercules-ci",
"repo": "gitignore.nix",
"rev": "637db329424fd7e46cf4185293b9cc8c88c95394",
"lastModified": 1696426674,
"narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=",
"owner": "edolstra",
"repo": "flake-compat",
"rev": "0f9255e01c2351cc7d116c072cb317785dd33b33",
"type": "github"
},
"original": {
"owner": "hercules-ci",
"repo": "gitignore.nix",
"owner": "edolstra",
"repo": "flake-compat",
"type": "github"
}
},
@@ -207,11 +207,11 @@
]
},
"locked": {
"lastModified": 1761878381,
"narHash": "sha256-lCRaipHgszaFZ1Cs8fdGJguVycCisBAf2HEFgip5+xU=",
"lastModified": 1781305496,
"narHash": "sha256-g8Vv4Qfc7n+lgov97REu3X6BeJtvYY0hlSUZR1GrGQQ=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "4ac96eb21c101a3e5b77ba105febc5641a8959aa",
"rev": "c87a39aa979acc4848016d2220c6238390d84779",
"type": "github"
},
"original": {
@@ -220,43 +220,44 @@
"type": "github"
}
},
"nix": {
"jj-cz": {
"inputs": {
"flake-compat": [
"devenv",
"flake-compat"
],
"flake-parts": [
"devenv",
"flake-parts"
],
"git-hooks-nix": [
"devenv",
"git-hooks"
],
"alejandra": "alejandra",
"flake-utils": "flake-utils_3",
"nixpkgs": [
"devenv",
"nixpkgs"
],
"nixpkgs-23-11": [
"devenv"
],
"nixpkgs-regression": [
"devenv"
]
"rust-overlay": "rust-overlay"
},
"locked": {
"lastModified": 1761648602,
"narHash": "sha256-H97KSB/luq/aGobKRuHahOvT1r7C03BgB6D5HBZsbN8=",
"owner": "cachix",
"repo": "nix",
"rev": "3e5644da6830ef65f0a2f7ec22830c46285bfff6",
"lastModified": 1781450428,
"narHash": "sha256-EWQpPImWpq0RHgyqa/lBoiMsjRjNdJCYa9fU2q+7nOg=",
"ref": "develop",
"rev": "4ad6e944b22a1d9990d43ac02650fc4d90fb1b4c",
"revCount": 49,
"type": "git",
"url": "https://labs.phundrak.com/phundrak/jj-cz"
},
"original": {
"ref": "develop",
"type": "git",
"url": "https://labs.phundrak.com/phundrak/jj-cz"
}
},
"m3shapes": {
"flake": false,
"locked": {
"lastModified": 1781017666,
"narHash": "sha256-kfHyzZaPHgqZML48OA+5JwBOsLdQJ2ci/aGPShvUB4Y=",
"owner": "soramanew",
"repo": "m3shapes",
"rev": "bdc327b29f95394a732baf3c9b19658ba23755b6",
"type": "github"
},
"original": {
"owner": "cachix",
"ref": "devenv-2.30.6",
"repo": "nix",
"owner": "soramanew",
"repo": "m3shapes",
"rev": "bdc327b29f95394a732baf3c9b19658ba23755b6",
"type": "github"
}
},
@@ -267,11 +268,11 @@
]
},
"locked": {
"lastModified": 1761451000,
"narHash": "sha256-qBJL6xEIjqYq9zOcG2vf2nPTeVBppNJzvO0LuQWMwMo=",
"lastModified": 1780816331,
"narHash": "sha256-0BYqs8yKWkOz2Q7+SP18N5E5gmDKSo6LSxIVIa0wWes=",
"owner": "nix-community",
"repo": "nix-index-database",
"rev": "ed6b293161b378a7368cda38659eb8d3d9a0dac4",
"rev": "1a2ea89c917781e88508d9fd2b507f2d2a0e173c",
"type": "github"
},
"original": {
@@ -282,11 +283,11 @@
},
"nixpkgs": {
"locked": {
"lastModified": 1761907660,
"narHash": "sha256-kJ8lIZsiPOmbkJypG+B5sReDXSD1KGu2VEPNqhRa/ew=",
"lastModified": 1781074563,
"narHash": "sha256-md8WlXOlfnIeHeOScMTTHFyf2d6iaTwPl2apR5EQ3P4=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "2fb006b87f04c4d3bdf08cfdbc7fab9c13d94a15",
"rev": "9ae611a455b90cf061d8f332b977e387bda8e1ca",
"type": "github"
},
"original": {
@@ -296,13 +297,28 @@
"type": "github"
}
},
"nixpkgsStable": {
"locked": {
"lastModified": 1780952837,
"narHash": "sha256-Fwd1+spDtQ0hDyBwme6ufG3n4mY0UrjjFdYHv+G/Hds=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "e820eb4a444b46a19b2e03e8dfd2359439ff30fe",
"type": "github"
},
"original": {
"id": "nixpkgs",
"ref": "nixos-25.11",
"type": "indirect"
}
},
"pumo-system-info": {
"inputs": {
"flake-utils": "flake-utils_2",
"flake-utils": "flake-utils_4",
"nixpkgs": [
"nixpkgs"
],
"rust-overlay": "rust-overlay"
"rust-overlay": "rust-overlay_2"
},
"locked": {
"lastModified": 1748984111,
@@ -321,37 +337,108 @@
"quickshell": {
"inputs": {
"nixpkgs": [
"caelestia-shell",
"nixpkgs"
]
},
"locked": {
"lastModified": 1761897390,
"narHash": "sha256-er4gYrIoThYLjlsOMTysoRfn67d1Gci+ZpqDrtQxrA0=",
"lastModified": 1780303737,
"narHash": "sha256-7HgdJBG4BgAPDyHKKxWtxj7nziqsQo6zQCXtwy+L9fs=",
"ref": "refs/heads/master",
"rev": "fc704e6b5d445899a1565955268c91942a4f263f",
"revCount": 700,
"rev": "b66495fcc5022681b56b61f928c7acbe910e722c",
"revCount": 821,
"type": "git",
"url": "https://git.outfoxxed.me/quickshell/quickshell"
"url": "https://git.outfoxxed.me/outfoxxed/quickshell"
},
"original": {
"type": "git",
"url": "https://git.outfoxxed.me/quickshell/quickshell"
"url": "https://git.outfoxxed.me/outfoxxed/quickshell"
}
},
"rockchip": {
"inputs": {
"nixpkgsStable": [
"nixpkgsStable"
],
"nixpkgsUnstable": [
"nixpkgs"
],
"utils": [
"flake-utils"
]
},
"locked": {
"lastModified": 1778273074,
"narHash": "sha256-gPbn0KjsgS2cJa/ENSMtjN0h8dIEy+2N6g8tw9915pM=",
"owner": "raboof",
"repo": "nixos-rockchip",
"rev": "2aab433a41cc9ba862ae73012acdd2eec3547667",
"type": "github"
},
"original": {
"owner": "raboof",
"ref": "pinetab-linux-7.0",
"repo": "nixos-rockchip",
"type": "github"
}
},
"root": {
"inputs": {
"claude-desktop": "claude-desktop",
"devenv": "devenv",
"caelestia-shell": "caelestia-shell",
"copyparty": "copyparty",
"flake-utils": "flake-utils_2",
"home-manager": "home-manager",
"jj-cz": "jj-cz",
"nix-index-database": "nix-index-database",
"nixpkgs": "nixpkgs",
"nixpkgsStable": "nixpkgsStable",
"pumo-system-info": "pumo-system-info",
"quickshell": "quickshell",
"rockchip": "rockchip",
"sops-nix": "sops-nix",
"spicetify": "spicetify",
"srvos": "srvos",
"zen-browser": "zen-browser"
}
},
"rust-analyzer-src": {
"flake": false,
"locked": {
"lastModified": 1730555913,
"narHash": "sha256-KNHZUlqsEibg3YtfUyOFQSofP8hp1HKoY+laoesBxRM=",
"owner": "rust-lang",
"repo": "rust-analyzer",
"rev": "f17a5bbfd0969ba2e63a74505a80e55ecb174ed9",
"type": "github"
},
"original": {
"owner": "rust-lang",
"ref": "nightly",
"repo": "rust-analyzer",
"type": "github"
}
},
"rust-overlay": {
"inputs": {
"nixpkgs": [
"jj-cz",
"nixpkgs"
]
},
"locked": {
"lastModified": 1779992051,
"narHash": "sha256-4YWGv/0NkAdtTW1MXfaLYpfC9BhpCy9k1pWkR0xI9uw=",
"owner": "oxalica",
"repo": "rust-overlay",
"rev": "e93ad0df1073b2c969a8f0c1f10b84e870469d40",
"type": "github"
},
"original": {
"owner": "oxalica",
"repo": "rust-overlay",
"type": "github"
}
},
"rust-overlay_2": {
"inputs": {
"nixpkgs": [
"pumo-system-info",
@@ -379,11 +466,11 @@
]
},
"locked": {
"lastModified": 1760998189,
"narHash": "sha256-ee2e1/AeGL5X8oy/HXsZQvZnae6XfEVdstGopKucYLY=",
"lastModified": 1780547341,
"narHash": "sha256-Gq8KNx5A7hBB3uGJaj6eQfLDIz5YdLu92gqBcvHvoUo=",
"owner": "Mic92",
"repo": "sops-nix",
"rev": "5a7d18b5c55642df5c432aadb757140edfeb70b3",
"rev": "9ed65852b6257fbeae4355bc24ecfea307ca759a",
"type": "github"
},
"original": {
@@ -392,6 +479,47 @@
"type": "github"
}
},
"spicetify": {
"inputs": {
"nixpkgs": [
"nixpkgs"
],
"systems": "systems_4"
},
"locked": {
"lastModified": 1781101834,
"narHash": "sha256-gNVY6SYglFe37FpD+NnOjTipsqvVMM2vh/uc22KDEsA=",
"owner": "Gerg-L",
"repo": "spicetify-nix",
"rev": "0243dd6707c969fc8440216c811b3f2e4a4cceb7",
"type": "github"
},
"original": {
"owner": "Gerg-L",
"repo": "spicetify-nix",
"type": "github"
}
},
"srvos": {
"inputs": {
"nixpkgs": [
"nixpkgs"
]
},
"locked": {
"lastModified": 1781149687,
"narHash": "sha256-TanScAdzeSOcaVDN4V4rnTAlbuizMJlrVSSt9QkkPEA=",
"owner": "nix-community",
"repo": "srvos",
"rev": "7a66d11f03dd0588229af7a2b7018a435638dbf5",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "srvos",
"type": "github"
}
},
"systems": {
"locked": {
"lastModified": 1681028828,
@@ -422,6 +550,36 @@
"type": "github"
}
},
"systems_3": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "default",
"type": "github"
}
},
"systems_4": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "default",
"type": "github"
}
},
"zen-browser": {
"inputs": {
"nixpkgs": [
@@ -429,11 +587,11 @@
]
},
"locked": {
"lastModified": 1761883599,
"narHash": "sha256-ntnfAAqSuXI/+uqXAWUjbY5arB7sRK9cpgFbHbCZgK8=",
"lastModified": 1781242638,
"narHash": "sha256-n0s/QM5ZJl3/v4tgDLsATIHR2dC+4+Aa2BT6FnthGy4=",
"owner": "youwen5",
"repo": "zen-browser-flake",
"rev": "5355c0dc6857a2aa34b126fb4a93a454ed702f52",
"rev": "79f7cca35f9e4e38d1f8767bac130159f60866cc",
"type": "github"
},
"original": {
flake.nix
+119 -72
View File
@@ -2,12 +2,9 @@
description = "Home Manager configuration of phundrak";
inputs = {
nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable";
devenv = {
url = "github:cachix/devenv";
inputs.nixpkgs.follows = "nixpkgs";
};
nixpkgsStable.url = "nixpkgs/nixos-25.11";
nixpkgs.url = "github:nixos/nixpkgs?ref=nixos-unstable";
flake-utils.url = "github:numtide/flake-utils";
home-manager = {
url = "github:nix-community/home-manager";
@@ -19,14 +16,31 @@
inputs.nixpkgs.follows = "nixpkgs";
};
caelestia-shell = {
url = "github:caelestia-dots/shell";
inputs.nixpkgs.follows = "nixpkgs";
};
copyparty = {
url = "github:9001/copyparty";
inputs.nixpkgs.follows = "nixpkgs";
};
jj-cz = {
url = "git+https://labs.phundrak.com/phundrak/jj-cz?ref=develop";
inputs.nixpkgs.follows = "nixpkgs";
};
pumo-system-info = {
url = "git+https://labs.phundrak.com/phundrak/pumo-system-info";
inputs.nixpkgs.follows = "nixpkgs";
};
quickshell = {
url = "git+https://git.outfoxxed.me/quickshell/quickshell";
inputs.nixpkgs.follows = "nixpkgs";
rockchip = {
url = "github:raboof/nixos-rockchip/pinetab-linux-7.0";
inputs.utils.follows = "flake-utils";
inputs.nixpkgsStable.follows = "nixpkgsStable";
inputs.nixpkgsUnstable.follows = "nixpkgs";
};
sops-nix = {
@@ -34,8 +48,13 @@
inputs.nixpkgs.follows = "nixpkgs";
};
claude-desktop = {
url = "github:k3d3/claude-desktop-linux-flake";
spicetify = {
url = "github:Gerg-L/spicetify-nix";
inputs.nixpkgs.follows = "nixpkgs";
};
srvos = {
url = "github:nix-community/srvos";
inputs.nixpkgs.follows = "nixpkgs";
};
@@ -46,113 +65,141 @@
};
nixConfig = {
extra-trusted-public-keys = "devenv.cachix.org-1:w1cLUi8dv3hnoSPGAuibQv+f9TZLr6cv/Hm9XgU50cw=";
extra-substituters = "https://devenv.cachix.org";
extra-trusted-public-keys = [
"marpa-local:XoO+dFN4PeauF52pYuy3Vh4Sdtl2qIdxu5aUasWKv6Q="
"phundrak.cachix.org-1:osJAkYO0ioTOPqaQCIXMfIRz1/+YYlVFkup3R2KSexk="
"nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
"cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY="
];
extra-substituters = [
"http://marpa:5000?priority=5"
"https://phundrak.cachix.org?priority=10"
"https://nix-community.cachix.org?priority=20"
"https://cache.nixos.org?priority=40"
];
extra-experimental-features = [
"nix-command"
"flakes"
];
http-connections = 128;
};
outputs = {
self,
nixpkgs,
flake-utils,
home-manager,
devenv,
rockchip,
srvos,
...
} @ inputs: let
} @ inputs:
flake-utils.lib.eachDefaultSystem (
system: let
inherit (self) outputs;
system = "x86_64-linux";
pkgs = nixpkgs.legacyPackages.${system};
in {
formatter.${system} = pkgs.alejandra;
packages.${system} = {
devenv-up = self.devShells.${system}.default.config.procfileScript;
devenv-test = self.devShells.${system}.default.config.test;
};
devShells.${system}.default = devenv.lib.mkShell {
inherit inputs pkgs;
modules = [
(
{pkgs, ...}: {
packages = [pkgs.nh];
git-hooks.hooks = {
alejandra.enable = true;
commitizen.enable = true;
detect-private-keys.enable = true;
end-of-file-fixer.enable = true;
deadnix.enable = true;
ripsecrets.enable = true;
statix.enable = true;
};
}
)
formatter = pkgs.alejandra;
devShells.default = pkgs.mkShell {
buildInputs = [
pkgs.nh
pkgs.jujutsu
pkgs.git
];
};
packages = {
homeConfigurations = let
extraSpecialArgs = {inherit inputs outputs system;};
pkgs = nixpkgs.legacyPackages.x86_64-linux;
defaultUserModules = [
inputs.sops-nix.homeManagerModules.sops
inputs.spicetify.homeManagerModules.default
inputs.caelestia-shell.homeManagerModules.default
];
withUserModules = modules: nixpkgs.lib.lists.flatten (defaultUserModules ++ [modules]);
in {
"phundrak@alys" = home-manager.lib.homeManagerConfiguration {
inherit extraSpecialArgs pkgs;
modules = [
./users/phundrak/host/alys.nix
inputs.sops-nix.homeManagerModules.sops
];
modules = withUserModules ./users/phundrak/host/alys.nix;
};
"phundrak@marpa" = home-manager.lib.homeManagerConfiguration {
"creug@elcafe" = home-manager.lib.homeManagerConfiguration {
inherit extraSpecialArgs pkgs;
modules = [
./users/phundrak/host/marpa.nix
inputs.sops-nix.homeManagerModules.sops
];
modules = withUserModules ./users/creug/host/elcafe.nix;
};
"phundrak@elcafe" = home-manager.lib.homeManagerConfiguration {
inherit extraSpecialArgs pkgs;
modules = withUserModules ./users/phundrak/host/elcafe.nix;
};
"phundrak@gampo" = home-manager.lib.homeManagerConfiguration {
inherit extraSpecialArgs pkgs;
modules = [
./users/phundrak/host/gampo.nix
inputs.sops-nix.homeManagerModules.sops
];
modules = withUserModules ./users/phundrak/host/gampo.nix;
};
"phundrak@marpa" = home-manager.lib.homeManagerConfiguration {
inherit extraSpecialArgs pkgs;
modules = withUserModules ./users/phundrak/host/marpa.nix;
};
"phundrak@NaroMk3" = home-manager.lib.homeManagerConfiguration {
inherit extraSpecialArgs pkgs;
modules = withUserModules ./users/phundrak/host/naromk3.nix;
};
"phundrak@pinetab2" = home-manager.lib.homeManagerConfiguration {
inherit extraSpecialArgs pkgs;
modules = withUserModules ./users/phundrak/host/pinetab2.nix;
};
"deck@steamdeck" = home-manager.lib.homeManagerConfiguration {
inherit extraSpecialArgs pkgs;
modules = withUserModules ./users/phundrak/host/steamdeck.nix;
};
"phundrak@tilo" = home-manager.lib.homeManagerConfiguration {
inherit extraSpecialArgs pkgs;
modules = [
./users/phundrak/host/tilo.nix
inputs.sops-nix.homeManagerModules.sops
];
modules = withUserModules ./users/phundrak/host/tilo.nix;
};
};
nixosConfigurations = let
specialArgs = {inherit inputs outputs;};
defaultSystemModules = [
inputs.sops-nix.nixosModules.sops
inputs.copyparty.nixosModules.default
];
withSystemModules = modules: nixpkgs.lib.lists.flatten (defaultSystemModules ++ [modules]);
pinetabConfig = import ./utils/pinetab.nix {
inherit nixpkgs rockchip specialArgs;
additionalModules = defaultSystemModules;
};
in {
alys = nixpkgs.lib.nixosSystem {
inherit specialArgs;
modules = [
./hosts/alys/configuration.nix
inputs.sops-nix.nixosModules.sops
];
modules = withSystemModules ./hosts/alys/configuration.nix;
};
elcafe = nixpkgs.lib.nixosSystem {
inherit specialArgs;
modules = withSystemModules ./hosts/elcafe/configuration.nix;
};
gampo = nixpkgs.lib.nixosSystem {
inherit specialArgs;
modules = [
./hosts/gampo/configuration.nix
inputs.sops-nix.nixosModules.sops
];
modules = withSystemModules ./hosts/gampo/configuration.nix;
};
marpa = nixpkgs.lib.nixosSystem {
inherit specialArgs;
modules = [
./hosts/marpa/configuration.nix
inputs.sops-nix.nixosModules.sops
modules = withSystemModules ./hosts/marpa;
};
NaroMk3 = nixpkgs.lib.nixosSystem {
inherit specialArgs;
modules = withSystemModules [
srvos.nixosModules.server
srvos.nixosModules.hardware-hetzner-cloud
srvos.nixosModules.mixins-terminfo
./hosts/naromk3
];
};
pinetab2 = pinetabConfig "x86_64-linux" ./hosts/pinetab2/gnome.nix;
tilo = nixpkgs.lib.nixosSystem {
inherit specialArgs;
modules = [
./hosts/tilo/configuration.nix
inputs.sops-nix.nixosModules.sops
];
modules = withSystemModules ./hosts/tilo/configuration.nix;
};
};
};
}
);
}
hosts/alys/configuration.nix
+5 -5
View File
@@ -20,10 +20,7 @@
domain = "phundrak.com";
id = "41157110";
};
packages.nix = {
gc.automatic = true;
trusted-users = ["root" "phundrak"];
};
packages.nix.gc.automatic = true;
services = {
endlessh.enable = true;
ssh = {
@@ -34,7 +31,10 @@
};
users = {
root.disablePassword = true;
phundrak.enable = true;
phundrak = {
enable = true;
trusted = true;
};
};
};
system.stateVersion = "23.11";
hosts/elcafe/configuration.nix
+90
View File
@@ -0,0 +1,90 @@
{
inputs,
config,
...
}: {
imports = [
./hardware-configuration.nix
inputs.home-manager.nixosModules.default
../../system
];
sops.secrets = {
"elcafe/traefik/env".restartUnits = ["traefik.service"];
"elcafe/traefik/dynamic".restartUnits = ["traefik.service"];
# "elcafe/copyparty/passwords/creug" = {
# restartUnits = ["copyparty.service"];
# owner = "creug";
# };
# "elcafe/copyparty/passwords/phundrak" = {
# restartUnits = ["copyparty.service"];
# owner = "phundrak";
# };
};
mySystem = {
boot = {
kernel = {
hardened = true;
cpuVendor = "intel";
};
grub = {
enable = true;
device = "/dev/sdh";
};
zfs = {
enable = true;
pools = ["tank"];
};
};
dev.docker = {
enable = true;
storage = "/tank/docker/";
};
misc.keymap = "fr";
networking = {
hostname = "elcafe";
id = "501c7fb9";
};
packages.nix.gc.automatic = true;
services = {
endlessh.enable = true;
ssh = {
enable = true;
allowedUsers = ["phundrak"];
passwordAuthentication = true;
};
traefik = {
enable = false;
environmentFiles = [config.sops.secrets."elcafe/traefik/env".path];
dynamicConfigFile = config.sops.secrets."elcafe/traefik/dynamic".path;
};
};
users = {
root.disablePassword = true;
phundrak = {
enable = true;
trusted = true;
};
creug = {
enable = true;
sudo = true;
};
};
};
# services.copyparty = import ./copyparty.nix {
# passwordFiles = {
# creug = config.sops.secrets."elcafe/copyparty/passwords/creug".path;
# phundrak = config.sops.secrets."elcafe/copyparty/passwords/phundrak".path;
# };
# };
# This value determines the NixOS release from which the default
# settings for stateful data, like file locations and database versions
# on your system were taken. It's perfectly fine and recommended to leave
# this value at the release version of the first install of this system.
# Before changing this value read the documentation for this option
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
system.stateVersion = "23.11"; # Did you read the comment?
}
hosts/elcafe/copyparty.nix
+23
View File
@@ -0,0 +1,23 @@
{passwordFiles}: {
enable = true;
user = "creug";
group = "users";
accounts = {
creug.passwordFile = passwordFiles.creug;
phundrak.passwordFile = passwordFiles.phundrak;
};
volumes = {
"/plex" = {
path = "/plex";
access.rwmd = ["creug" "phundrak"];
flags = {
e2dsa = true;
e2ts = true;
xdev = true;
xvol = true;
dedup = true;
nohash = "\\.iso$";
};
};
};
}
hosts/elcafe/hardware-configuration.nix
+42
View File
@@ -0,0 +1,42 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{
config,
lib,
modulesPath,
...
}: {
imports = [
(modulesPath + "/installer/scan/not-detected.nix")
];
boot = {
initrd = {
availableKernelModules = ["ahci" "xhci_pci" "ehci_pci" "megaraid_sas" "usbhid" "usb_storage" "sd_mod" "sr_mod"];
kernelModules = [];
};
kernelModules = ["kvm-intel"];
extraModulePackages = [];
};
fileSystems."/" = {
device = "/dev/disk/by-uuid/d2e703f7-90e0-43e7-9872-ce036f201c4b";
fsType = "ext4";
};
swapDevices = [];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's
# still possible to use this option, but it's recommended to use it in conjunction
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
networking.useDHCP = lib.mkDefault true;
# networking.interfaces.eno1.useDHCP = lib.mkDefault true;
# networking.interfaces.eno2.useDHCP = lib.mkDefault true;
# networking.interfaces.eno3.useDHCP = lib.mkDefault true;
# networking.interfaces.eno4.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
}
hosts/gampo/configuration.nix
+7 -4
View File
@@ -16,7 +16,6 @@
kernel = {
cpuVendor = "intel";
package = pkgs.linuxPackages;
modules = ["i915"];
};
systemd-boot = true;
};
@@ -34,6 +33,7 @@
};
hardware = {
bluetooth.enable = true;
fingerprint.enable = true;
input = {
corne.allowHidAccess = true;
ibmTrackpoint.disable = true;
@@ -41,18 +41,18 @@
};
sound.enable = true;
};
i18n.input.enable = true;
misc.keymap = "fr-bepo";
networking = {
hostname = "gampo";
id = "0630b33f";
hostFiles = [config.sops.secrets.extraHosts.path];
};
packages = {
appimage.enable = true;
flatpak.enable = true;
nix = {
gc.automatic = true;
nix-ld.enable = true;
trusted-users = ["root" "phundrak"];
};
};
programs.steam.enable = true;
@@ -62,7 +62,10 @@
};
users = {
root.disablePassword = true;
phundrak.enable = true;
phundrak = {
enable = true;
trusted = true;
};
};
};
hosts/marpa/configuration.nix → hosts/marpa/default.nix
+56 -15
View File
@@ -9,13 +9,51 @@
../../system
];
fileSystems = {
"/home".options = [
"compress=zstd:3" # Good balance of compression vs speed
"space_cache=v2" # Better performance
"noatime" # Don't update access times (less writes)
];
"/mnt/ai" = {
device = "/dev/disk/by-uuid/47e87286-caaa-4e43-b2fd-b9eceac90fe9";
fsType = "btrfs";
options = [
"compress=zstd:3" # Good balance of compression vs speed
"space_cache=v2" # Better performance
"noatime" # Don't update access times (less writes)
];
};
"/mnt/games" = {
device = "/dev/disk/by-uuid/a8453133-76dc-44bd-a825-444c3305fd9b";
fsType = "btrfs";
options = [
"compress=zstd:3" # Good balance of compression vs speed
"space_cache=v2" # Better performance
"noatime" # Don't update access times (less writes)
];
};
"/games" = {
device = "/dev/disk/by-uuid/77d32db8-2e85-4593-b6b8-55d4f9d14e1a";
fsType = "ext4";
};
};
services.displayManager.autoLogin = {
user = "phundrak";
enable = true;
};
mySystem = {
boot = {
plymouth.enable = true;
kernel = {
cpuVendor = "amd";
v4l2loopback.enable = true;
extraModprobeConfig = ''
options snd_usb_audio vid=0x1235 pid=0x8212 device_setup=1
'';
plymouth.enable = true;
kernel.cpuVendor = "amd";
};
systemd-boot = true;
};
desktop = {
@@ -44,15 +82,16 @@
};
sound = {
enable = true;
noisetorch = true;
jack = true;
scarlett.enable = true;
};
};
i18n.input.enable = true;
misc.keymap = "fr-bepo";
networking = {
hostname = "marpa";
id = "7EA4A111";
hostFiles = [config.sops.secrets.extraHosts.path];
firewall.openPortRanges = [
{
# Sunshine
@@ -64,33 +103,40 @@
packages = {
appimage.enable = true;
flatpak.enable = true;
nix = {
nix-ld.enable = true;
trusted-users = ["root" "phundrak"];
};
nix.nix-ld.enable = true;
};
programs.steam.enable = true;
services = {
fwupd.enable = true;
harmonia = {
enable = true;
signKeyPaths = [config.sops.secrets."marpa/nix-cache-priv-key".path];
};
languagetool.enable = true;
printing.enable = true;
ssh.enable = true;
sunshine = {
enable = true;
autostart = true;
};
languagetool.enable = true;
};
users = {
root.disablePassword = true;
phundrak.enable = true;
phundrak = {
enable = true;
trusted = true;
};
};
};
sops.secrets.extraHosts = {
sops.secrets = {
"marpa/nix-cache-priv-key" = {};
extraHosts = {
inherit (config.users.users.root) group;
owner = config.users.users.phundrak.name;
mode = "0440";
};
};
services.udev.extraHwdb = ''
mouse:usb:047d:80a6:*
@@ -102,11 +148,6 @@
rtkit.enable = true;
};
fileSystems."/games" = {
device = "/dev/disk/by-uuid/77d32db8-2e85-4593-b6b8-55d4f9d14e1a";
fsType = "ext4";
};
# This value determines the NixOS release from which the default
# settings for stateful data, like file locations and database versions
# on your system were taken. Its perfectly fine and recommended to leave
hosts/naromk3/default.nix
+78
View File
@@ -0,0 +1,78 @@
{inputs, ...}: {
imports = [
./hardware-configuration.nix
inputs.home-manager.nixosModules.default
../../system
];
mySystem = {
boot = {
kernel = {
hardened = true;
cpuVendor = "amd";
};
grub = {
enable = true;
device = "/dev/sdb";
};
};
dev.docker.enable = true;
misc.keymap = "fr-bepo";
networking = {
hostname = "NaroMk3";
id = "0003beef";
firewall = {
openPorts = [
22 # Gitea SSH
25 # SMTP
80 # HTTP
443 # HTTPS
465 # SMTPS
993 # IMAPS
];
};
};
packages.nix.gc.automatic = true;
services = {
endlessh.enable = false;
ssh = {
enable = true;
allowedUsers = ["phundrak"];
passwordAuthentication = false;
port = 2222; # port 22 will be used by Gitea
};
};
users = {
root.disablePassword = true;
phundrak = {
enable = true;
trusted = true;
};
};
};
# This option defines the first version of NixOS you have installed
# on this particular machine, and is used to maintain compatibility
# with application data (e.g. databases) created on older NixOS
# versions.
#
# Most users should NEVER change this value after the initial
# install, for any reason, even if you've upgraded your system to a
# new NixOS release.
#
# This value does NOT affect the Nixpkgs version your packages and
# OS are pulled from, so changing it will NOT upgrade your system -
# see https://nixos.org/manual/nixos/stable/#sec-upgrading for how
# to actually do that.
#
# This value being lower than the current NixOS release does NOT
# mean your system is out of date, out of support, or vulnerable.
#
# Do NOT change this value unless you have manually inspected all
# the changes it would make to your configuration, and migrated your
# data accordingly.
#
# For more information, see `man configuration.nix` or
# https://nixos.org/manual/nixos/stable/options#opt-system.stateVersion
system.stateVersion = "25.05"; # Did you read the comment?
}
hosts/naromk3/hardware-configuration.nix
+50
View File
@@ -0,0 +1,50 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{
lib,
modulesPath,
...
}: {
imports = [
(modulesPath + "/profiles/qemu-guest.nix")
];
boot = {
initrd = {
availableKernelModules = ["ahci" "xhci_pci" "virtio_pci" "virtio_scsi" "sd_mod" "sr_mod"];
kernelModules = [];
};
kernelModules = [];
extraModulePackages = [];
};
fileSystems = {
"/" = {
device = "/dev/disk/by-uuid/28b965a5-940b-4990-87fe-039c9f373bf0";
fsType = "ext4";
};
"/boot" = {
device = "/dev/disk/by-uuid/EBAD-6B85";
fsType = "vfat";
options = ["fmask=0022" "dmask=0022"];
};
"/tank" = {
device = "/dev/disk/by-uuid/ed00871e-a14a-428f-b6e4-5b56febd756a";
fsType = "ext4";
};
};
swapDevices = [];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's
# still possible to use this option, but it's recommended to use it in conjunction
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
networking.useDHCP = lib.mkDefault true;
# networking.interfaces.enp1s0.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
}
hosts/pinetab2/default.nix
+74
View File
@@ -0,0 +1,74 @@
{
config,
inputs,
...
}: {
imports = [
inputs.sops-nix.nixosModules.sops
../../system/desktop
../../system/dev
../../system/hardware
../../system/i18n
../../system/misc.nix
../../system/network
../../system/packages
../../system/security
../../system/services
../../system/users
];
system.stateVersion = "25.11";
# documentation.nixos.enable = false;
# nix.settings.trusted-users = ["root" "@wheel"];
mySystem = {
desktop = {
hyprland.enable = true;
niri.enable = true;
waydroid.enable = true;
xserver = {
enable = true;
de = "gnome";
};
};
dev.docker = {
enable = true;
podman.enable = true;
autoprune.enable = true;
};
hardware = {
bluetooth.enable = true;
input.opentablet.enable = true;
sound.enable = true;
};
i18n.input.enable = true;
misc.keymap = "fr-bepo";
networking = {
hostname = "pinetab2";
id = "99a11b15";
wifi.disablePowersave = true;
};
packages = {
appimage.enable = true;
flatpak.enable = true;
nix = {
gc.automatic = true;
nix-ld.enable = true;
};
};
services.ssh.enable = true;
users = {
root.disablePassword = true;
phundrak = {
enable = true;
trusted = true;
};
};
};
sops.secrets.extraHosts = {
inherit (config.users.users.root) group;
owner = config.users.users.phundrak.name;
mode = "0440";
};
}
hosts/pinetab2/gnome.nix
+37
View File
@@ -0,0 +1,37 @@
{
pkgs,
config,
...
}: {
# https://github.com/systemd/systemd/pull/35304#issuecomment-3855146191
# gnome autorotate expects 'normal' is the _display panel_ normal, but
# mutter autoconfiguration rotates by 90deg.
# compensating with gdctl for now, though it would be better to 'properly'
# fix this.
services.udev = {
extraHwdb = ''
sensor:modalias:*sc7a20:*
ACCEL_MOUNT_MATRIX=1, 0, 0; 0, 0, 1; 0, 1, 0
'';
extraRules = ''
ACTION=="add", SUBSYSTEM=="usb", ATTRS{idVendor}=="1018", ATTRS{idProduct}=="1006", ENV{SYSTEMD_WANTS}+="landscape.service", TAG+="systemd"
'';
};
systemd.services.landscape = {
script = ''
${pkgs.mutter}/bin/gdctl set --logical-monitor --primary --monitor=DSI-1 --transform normal
'';
serviceConfig.User = "phundrak";
serviceConfig.Type = "oneshot";
environment = {
"DBUS_SESSION_BUS_ADDRESS" = "unix:path=/run/user/${toString config.users.users."phundrak".uid}/bus";
};
};
environment.systemPackages = with pkgs; [
gnomeExtensions.arc-menu
gnomeExtensions.dash-to-dock
gnomeExtensions.dash-to-panel
gnomeExtensions.gjs-osk
gnomeExtensions.one-window-wonderland
];
}
hosts/tilo/configuration.nix
+5 -8
View File
@@ -1,6 +1,3 @@
# Edit this configuration file to define what should be installed on your
# system. Help is available in the configuration.nix(5) man page and in
# the NixOS manual (accessible by running nixos-help).
{inputs, ...}: {
imports = [
./hardware-configuration.nix
@@ -33,10 +30,7 @@
];
};
};
packages.nix = {
gc.automatic = true;
trusted-users = ["root" "phundrak"];
};
packages.nix.gc.automatic = true;
services = {
calibre.enable = true;
endlessh.enable = true;
@@ -53,7 +47,10 @@
};
users = {
root.disablePassword = true;
phundrak.enable = true;
phundrak = {
enable = true;
trusted = true;
};
};
};
packages/handy.nix
+24
View File
@@ -0,0 +1,24 @@
# https://handy.computer/
{
appimageTools,
fetchurl,
lib,
}: let
name = "Handy";
pname = lib.strings.toLower name;
version = "0.8.0";
src = fetchurl {
url = "https://github.com/cjpais/${name}/releases/download/v${version}/${name}_${version}_amd64.AppImage";
hash = "sha256-PLcssfd6iMx51mglAJ7D4+67HFazwfhJMImgU9WiNDk=";
};
appimageContent = appimageTools.extractType2 {inherit pname version src;};
in
appimageTools.wrapType2 {
inherit pname version src;
extraPkgs = pkgs: [pkgs.wtype];
extraInstallCommands = ''
install -m 444 -D ${appimageContent}/${name}.desktop $out/share/applications/${name}.desktop
install -m 444 -D ${appimageContent}/${name}.png $out/share/icons/hicolor/256x256/apps/${name}.png
install -m 444 -D ${appimageContent}/${pname}.png $out/share/icons/hicolor/256x256/apps/${pname}.png
'';
}
packages/obs-image-reaction.nix
+29
View File
@@ -0,0 +1,29 @@
{
lib,
stdenv,
obs-studio,
fetchFromGitHub,
cmake,
...
}:
stdenv.mkDerivation (finalAttrs: rec {
pname = "obs-image-reaction";
version = "0.1.0";
# https://github.com/scaledteam/obs-image-reaction
src = fetchFromGitHub {
owner = "scaledteam";
repo = pname;
rev = "4cd345e78c714e80e894cfb51c72b94135a6014d";
hash = "sha256-mC1B8tveHx35pfbAcOlosB8YKaBVg87MjXbr79sf7+k=";
};
nativeBuildInputs = [cmake];
buildInputs = [obs-studio];
postInstall = "rm -rf $out/obs-plugins $out/data";
meta = {
description = "OBS Plugin with image that reacts to sound source";
homepage = "https://github.com/scaledteam/obs-image-reaction";
license = lib.licenses.gpl2;
platforms = lib.platforms.linux;
};
})
secrets/secrets.yaml
+107 -50
View File
@@ -1,67 +1,124 @@
extraHosts: ENC[AES256_GCM,data:YRHvHINgAQv4z+8awMzHY1uZS/K9qSaFsk8G5J2zF5P5YOt4x62eefXgmhWeKZzJI5AIi0312iMQl5qGv+lAkP+VC7j/h1rh7peBDEBU6LvcMgFU2XqxidM/CoKfMkJF8+/4bb+3r1LC/rEeXITTUQsOmoacdyCeKe5yxLaHyic/FaZIJq13wCg/QQSLfenc2Db0Pbxv5/cbRILhKT+ssElVipA40aZpgL7QmD542vObSEa6K4fZd0rawF/nOyibfpPN7Ak8DrYvfygNMw/QAGKY2XosxC86tjxhrIBHRakqmWpV+smoUO6XBFjU2sbwalafYVFdrvYL9BVAPtMZ25Sc5QMm87RCHqzqYdQHKs8C3JpVBHWnyL+0e5DNQrFrml0/FD5nFYsT6zDKVb/rN3YmxvTvKl7FpPKpv3Kke9WG+HnPs90hPy8Jpmg52vLMhaybx6dpJxzcF+ctBSI3J78hfweOCGvNGshCKpME1dujMPctH/kfYcm2j/ixKLjl0ZSbYeI9+l9oURBDwKzmKjAqhwnjuo3sL++ZsRU5Ue1zz9gsxS40R9eYevbq7JiQPX331pY2du1SRoKOxvPpXsDqe+CY5pW2RgPszjEIuDxyoveZolXg/zjlk0Ic/cOxrbflp7bTfQCQqEC7YJ5tRmtctk2lRGQkOFIg9Tn8ReifFxfhDrPFzc8X5vZgH73aqZSd/OkVybI3vEILV5uas0fPL7AHAKnBmeDV3mBNvF8aoZhD5CG8iRd1otta/3AQ660QV8IDoauq8fySC8Kee5B3kG75sqHvwF4Gu6CpSChXkjpiIqVmW0PntJueVHifuGJYkvhkX/CTHK7xm1HhtANnGrk6cr2APjWk1vpOaCmjFNqKTOV9d1HjaNWYTz4AZ+Uq2Za3UzN3oZCtZb96,iv:Z64+4oR/AfSgA7oZ/NPDLOtcmcXO5B4OQIGjOEK1Pf4=,tag:0I/1gXnBH7u6HTbQUz5Fpw==,type:str]
elcafe:
copyparty:
passwords:
creug: ENC[AES256_GCM,data:7qzpipXxKVEGRnXkkD/HRSH82gqA0qviwWw1TwFqsoc=,iv:OvMwxY/zyljUNn8UiwxCQ904z43RakuImxh4RP2G0G4=,tag:gKGDkVuecktMg31HjdYMIQ==,type:str]
phundrak: ENC[AES256_GCM,data:vN/MCJi6SH8jZ89C1DTQvDJ+GkscXRo/Puhm0LwbZ0M=,iv:2IBTdy+hMCeDH4P3E2fz82ZQB0jM/t5GPDbPYhsEHSs=,tag:zUBLCkbdkwG4IJSMV+9DMg==,type:str]
traefik:
env: ENC[AES256_GCM,data:VUS9oF/HLcxQ2QPLnQA14z0kokTuJVGNBfrS2KHWlBaJbqd/nxxWwHYIga7bK1dop1hznPyKVIZ/7A==,iv:0BKkKL6q5KANiu7PSxp0uGeRTXbnPN6HMYxMGnyijok=,tag:iBQupkVQTOqgp5z+tN726A==,type:str]
dynamic: ENC[AES256_GCM,data:5puwmhKtG8YxMVtOOBh957CiEKoUqn282YfuPBdJOWLBOmO1ksomZmxVguuAUg46JlvdbKeeK2HUiL7UUWwqHsQHLUkxN1dO6AY2eaJbzFVmm7J9tDoQ2vb+j2OxnXdznzv0dYFsRYaJZsQvdGdsRVXCtUsdxlmqn8ccsKvPCL/r+JSzsXzM76rKBL32T214q77cMdG+FavK0BzkteCDvQEldpwhBJJo8xXdPEd0wLvwOCnVt8M/j5dp4Y0F9puEa86kMhomFuO/c1EdevBLYL5gIh/zmyGFjbLtL6BE5CCLZyhI13VxIBCo188pDPcN3PjmZtsZxIb7BF5wBMny4igQHcvVzr5GXvPDcmKrUBCpxjZapMZmghKqnLzRVs6PWPQzpG1mqnn9YFQDcQD2kw+Y5IO2qepnt8teOBfK7gf2Yg/GdXPsmXFfeM9TnzXLiTfPGXL5fyEcq8oPc9UOZ7salDWQEP6iQOILHKcsMd7yFGiMvB4oCveRBbgMaOLPuxAGTVCXIX2G6aPR+rtH+2VBZf9qFpmqo1nJpFESIzwdYJbSbO6bz0a4Wcjrpx8fijdSBARa9NJ04/74DDYrE93EPknQmhThTdGkjm90wPqsYJ0AI2RKpp4/uDbxRvc9GeR2zFi/eJyXUMO75um/DfzEur6ixDrN+o3CRU5e6TOYjay86jkAYrkVRBYDndU7MRTiT65pCWvDzVS20ahaObvO9eOWSwJOK7sNHfEZ9bJJrQFfgh1/YWrTOVCYk1CSdQ4MwKglb2bUhWT69AcdOHzwKan/9YEgOE0/RYaPVv4tKzwVJcMUlYN78u8m/6ZJrj1F9KdDuCiqDUxz1nx843tddM27s1RAq9ia6ReOUcaNIEzSSJ7FHfbp8/bNPUPNkQx+LeOzR8+uyOtGtK/iwlcVTinqHEkaHHtk7LKiYS2tvB4lnGwFzDTG3HvzTTSvkC4T3YfRjgz9OZu8qTCvexMvy7IWCCMAFGLPIBb1peyA1VWVpcYDYkg9XGgRqlnbkgeIJHpoyd+Ac5EO3yjwWDawjK2hZmzPhLxbmcn2pAz8JqzbYKiYglM4E5K6cmzn1ex3CQqBYK6LtELys2rmye6Gwy0jmR90CbtTUbobkJMbitfjPyOW0W5LLW4hrkM/SSKDrKizI+gOBToc+1MVwkIQ4/ekbIk2Q6/XxKwEeXfo1/kTlWcS2FSADj231GtneYmwGQSJzIxTz4H+L2YUHM1zsgy7h6lI4GMGo85HTU+WhRSDQ2SlS7Jd2hSmRB1V6qYqIrCQsEqeN80IzPeTsqOv/HI/k7lezgzdPJFF8Vs/nbscmOrdlhAvRRi4rBYdHDtI+CApL6thvGHkbOJDu0csj1l185BAnJuoHrNDH6B3hfa+s1TiNvcJBE7Kg+2oaQqtd+8VjCbbh3AGRfnQjljnRpVDr8ePppaWnMP/6iNyZ2WX8rY6Y9SpdI5pOOhTWfKCWgsDWIyzP5OGgggqo/vukPi5p3ixRlrBTl7ZPTM+f7WAQRijm4VKww2MLyjYZTkuC7Sqkv1iXYUpMltZgRrsD2bt9jHiqz2m3EgrgmNZkuvG16DOOHQfAvaImWkv7F+3fSMIwIc3jF3HO3/yppMaGFiRFthlWL9Zg7PLtMP3B2gY5TQpSVhPQjZO02w1HPS7/HaZ6cPwcbMObRzsjA4wQTwnCCTmnKhtaOJkCjejYOQpf8DAltHYjjekTODk5EgJDIBw91Co9/Z1blVI3WORnQWFbuF9vQziERW/wPqso423gWk68P/bIizxVHbVCK167qunHlyCm21G/XVMkSRP3V3fBdgLG0F/Zg5rRyvnCj9gftV7aNZw0BEI/X6oZ13Pw90uSYlZhtGMpZ+tnH4KUYs34fjt13gb2OSvFeARHiyyGgrQWeRRfGUKSm8thAoWLR9myjlTpOetciY0Jv/FNkeMj8HOZFN3W4EidZ2PPtcWhY8zhkCYWzhvdz8f3g18iQ8EKNnRU5+xXwXnV4/jv1zpGvi8O1UlLhcFTybON5Q3zG1WtxX5vg2hb71QE4kJX2FfGee0Zunj45ZlJAJRllKu6VtumR5WvGQMWo2vXe89bu7oqY06SVGBVTr7MgaAzSw7tRShoBq2AV2Ui4geuApYDrrsTr36LAe1QehBx2Yf1d5QGvZxdTdH8N55Qss2dM9XV5eYv0L1nKSy7pBuKMf+g+1MeuGyCBbSGoPO9tfwx7e3phpypD4iq2B8AeFoYNfrymReCd92wDt6IRY7o7nfs4vg09u/bpEKUP9s14lP0FcEMzpBCEzPTSwnQECRfitq2FsS/nZHZcfnaa/QDspBocpK3lFKpoSbDAxJd4dvPct1BkSspltY7LDxN9aB1GxWjduCIvpHgcjBBq/n+V3pa3k=,iv:8JtxoykF20VZ0exOq3fSQ9JiK97yhSTbvEtFkCXU6RI=,tag:dAkgklzWAI2NvOre4BTo7A==,type:str]
marpa:
nix-cache-priv-key: ENC[AES256_GCM,data:aOHqvU2O9dN+NZ4qPF8RdFVK2OyrMUDsy95AXCcvyQcTgT+79e3Gv2zuWAXwW1O7E4BDzlzbBYYFd3F9uCo7f4gd5I4gKu1cI1Nr8BUvyQdSy8uSa2FeasmNEdAFg1HE7ZJtYHk=,iv:aLizbDMFACYiBXthlKsFDvYIpf0Eb2x1rlWBP5xT4zE=,tag:OL/x9nS67Z0y2LoZ3B7szw==,type:str]
opencode:
cors: ENC[AES256_GCM,data:DTKTN48/uE8GcdbqnCtCLmtQUX0Y3NW0cTLtIAU=,iv:A5wahOtJweVvWTp2C3QzIr0spKPXBMygUwDMPSHmriA=,tag:ao7XkG9N8nC6yFwT6pNs7Q==,type:str]
extraHosts: ENC[AES256_GCM,data:bAHBFj3RbrDrTyIaq8RZ7peqxZS23gRu5lhiu3DXlfY8seSaN7BXU1+XKXPPRJRGoYRCpH0MaskAlz1r3vc3mItzUPmOU4Vqqo/7CCMLb4ezIRhqpA/Q7MGnIj9m5V9pQZjgk+BTiMHdb/qOeG6VGv42dhYKUvxGcFIGoM5pjCaCGkM840Xb1XR9rMOY7wqtaE0kPpM355nTSAJqAM9NZ+CpNASpodRvXPPEhmbC0UrL93OCl/w8Ltvm2bDiB00jOKG2QukrWYdkGhigVweejiHz3+GHoDgY4fuRX/C78RW40PehnyqOd3S0dw6IwcnYK/Bx1dlk1UXydl4kYWgdAN0XO7YwoAM9fB4ESwjLop/xJXp4lFOxeiHi3TO9d0R0DqFEWuUpLmu7EKltQ44Xngz+EmJTBK0UhWfUqr/wRb4cVuchCxjvG9NFFwOTKzy8JJYI0oOgmJ9CqgCfmOp/KTV/I98HhHqykRCTTp4fYtXTQTxMrK5RAlovAnzEAaV8EWgwNDoDU62ChOT/o47xoj2bG481huyOT8dQWoKCWllPrYKu1bzH6/8klrDT9i3xVgRVWTlsnMYxrNhmP9dg5QrHn/4wfne+BfuUONoUjWkNHre11DdkQxIiMK+4,iv:bnTicEoQsjPbfyISHts+J8s/DC++khcuAainlvIViI8=,tag:8b/WGsIaGGQDqaoTRw9a8g==,type:str]
mopidy:
spotify: ENC[AES256_GCM,data:SaDT0iSWhsgVOi1s+Nzbr0Mur3t2Zd9z/KIUshGWtbPfkXXIoiJeJFtoZIz5NL/t5FooYsNfU1mGYgDeVYSD4BPibW8hiCYrX6L6OX+Q6ZEWXXx/1eBEs2/q0BrWGvy7frcurq/Px4R3ax0dXJe/YKbpAtU7+bQl,iv:F2zT+uMVBMnSEZqgcRmV8/fc3G/g2fKDuHuBzkyBRN0=,tag:CD8fuOQfe6QCrj4BUh0/xw==,type:str]
bandcamp: ENC[AES256_GCM,data:diEx2fbkOR1oUav81jU5bNt/KNmbOaVzLV+G3zBUVXE7nEQpZNqVom0rgNrEVDGzH3u/IaA5eqG5ce9lE0BomeY8Z4MWI1xujhX5KsXdv21aw4UwsNgyLPuWhkN2POUMfCJlvekc/TFfFvJHyysx8aKxeI4dsg==,iv:cxx0cVkjOPG+hMD8JctJHdcICJt7ozpfRBVSCDBo6Ro=,tag:JRjwwvieGaGZJ+k56HWFaw==,type:str]
emailPassword: ENC[AES256_GCM,data:LALAvyuNN9bfa8D6ZK1YiFXRfxLOBi9kXA0N0Kr7h18eAI4hWQ==,iv:WtidILFfWCMKylax52JP+X57GfZyYlxJtiwrC6SADik=,tag:NvOrsL3fbmxQZp06GZhUZA==,type:str]
spotify: ENC[AES256_GCM,data:YdqncyUBw1UaXbVYBMZHWEP4iFoRtUSBnKosYirvyq2tjx/d16L6hLzWiGILir6hSE9x0Kmwq+qm91m4AuwJUZgg2Qfp+8A3hfCaCWk4NKP8mKRsV5yUrO5ruP9GOEJBOaoZV61AO/dQDIFdgAnKsMWrwofy/J52,iv:wdFUL3RKw2gMKJ25BKBdEs+p8kluigpaNbY7e0ZPono=,tag:fbOF4haBjxm8zcQD0GKB8g==,type:str]
bandcamp: ENC[AES256_GCM,data:RZWVvqUM/oR81OI7VNhX9cq6r22UrZvx1mkcOQqcLWFh3+a9YpSaeNljoJszmIyGnApt2MR1L/vyX9apcWY4NEIPAsWfaSMUecXIA/LdVDN7fnvCjxBZqO9SjpKb9eW1MEImL/vkpaEd84BXVelcX2sgzSbJYA==,iv:a+0Owxtz5GWrnt9geuPOPZ9ab/J5lFHp/0nyiYYekNs=,tag:pdvBhNNvSnPR4nMHy1C8Fw==,type:str]
emailPassword: ENC[AES256_GCM,data:jUEhu/wBhp25K0w14i/+p2H9F2fcVz/TtUZ8gl85oKAXeJR7/Q==,iv:h0N/smryCKp1ZgXlxQZplQ3wXYBXxL2rTgqJUMdWsZY=,tag:7dwQ0U5wefw9dTTIrYJ5NQ==,type:str]
ssh:
hosts: ENC[AES256_GCM,data:Z+ODSCeKqt2ipgR9ZMV13kHZSZrwr7pY+kXM2Ej2Mc7WrBXoN25T+OWPJ6uf70yBGMID1faaWtbMUCjsp6gjqIVR7UH59yVfuKGDQIw5FSy3bdyvADITjASJMFIfO1xsu8iY0h18PdUBqNNYnt27c+3Bxn5SP0r6OCUC48SkSeCVhxtFIIMR4ZiVHZwQ2pD1GwLjmdUPPSpEJg5vpjFhFKB6Ab8z+qN5GaYMov2NKivMNVTBQUHpgmf58D6MI/AnjUbVsLuOmp0V3lhy8/qX33tgogpVv/RA6gAITVlAf9rGwaF+axZ0iy0T/gF7VJEGX6RUHbVUJoX1j8szDq/P4oqczFubrZdmRIbutG4tEcnYXltMu2NELFP+bl/G4y1gIV2b+s0k+UQJXn4KaiyXbtQXvOJ91+s7iMyTDi4QQd07l7nFqGGgzoKTYVfQK0e5ilEofRQrXwAb+p6Pwkvth8ktONFgD0sQHL75a8lS//8Mzvqopy5Vp0FQJ+OSW89Eeu2wrw9yNP2yuMDX9tvgDuZV4hgvDa9tTxvfGoMDXWARhSBt/F/a4ZkrNV9unjgEXbkrewezn1Jk+XWtAlussbTEXkKG87v2Q0V8zBa8gsB/5g514dIP6+UJdc3GEJzMLkQNcHYn9r3Ou8n+YgXD8zu5OnZXtNZ/x+J6NxH7tudiO5O0XctRwJQibidS2ONUhdkQGBt1JrAysGbNTuXC8Sn391rc11lsH+wIGpZg4zR+rdP4FWs68v/o9WtCJDCejnlyQ1DQ+avLc0aT4xxJZh8uM2iSsfi/TzRr9w0wVe2y3xAxsQMCfvhFcl9agfmAgGZcfVPCU9nc4dIfdGW1kTN7s3Izvy4mYaqd9mv0xxYARf7roJDGWie0VNxXQVt2o1tIQCqAhZ/bbgPG5VDyD15LGDI8BZCFaAOKlXn+beVMt6E1JJPlHa0vOwnbMVVKcUS/d5jA9nnb20Pwz4F3b532/ERmSkVlcZmCKqQOxo0YADb7Cm1fFBj6Eum0+F+jspg9QQmMjPPsb+NbMqnFd5DNDY+e95hr7tUEy4/yxiXiM0cu1w==,iv:I4TtUJdQFOVik5L26XHukxix0FCm/JNi6nVZg5qRMqs=,tag:vnO6DlUW5XnougyiJzwNdg==,type:str]
hosts: ENC[AES256_GCM,data:dwJ0cC+y2o+fK0eNBbpo/TAEqWgRSWPida7CHTTziVgxvRPVLprdjb2cfntgb9JCCNo7dA9onRzkOqVDnWOz9mvCGa6W8QYJSbAcc9mpXCv0+5FKllLXE/c/i86VgW1qlCNQCtMzFtnTWWurOIG/dR546jzYoy0BYUA8ZUYKHWLRuUM7K00WtNgYyZ1O5QK+SbekkGFeBj4oSuzHB5Ik/dzuETULggZ5kTb4YTx9lePXUWf9zgeCi3+m2Za2bTngj9cxNDtepgJUPGFKvwaWq3nh+miW97ZcZEFCReYGHhRGiZe+SOJHMOFcvRBdek5Jce6SOZ/MYbHaOiXRwt94V2WaIX3jQtlvrEZ86cErC3kfWrW9J42x1r9gFtagXSGq20phcPEq/dAMkJyFviAtsRgIEAQL0Z7B1xGYlq8Pqqswu2HKrLNUxVMVpTZn/815Ii73sJ5TbHKiXq1iNSBeIH7dlzhM1t4OhH4gYbz7z1vT+fcfHQ4ocOzXNcH0X2uUXZPZLFLPJ4VZgZSPFjLXevkoeboHMWh21+u0R0pMPdRX3q46+iO4muMpiLbCgvDeNSk6oRFIr7J1sHpCj0alIh3QPRFT8Lk59MDsz4RrzD+8Xx4KXdfrhH3cl14XZQ0MZylruZY5QiewpvPt77JzRThVglMcrCjDYYYjp9TsXg==,iv:ctBJG65M/UDS3p4CAeYa3wvFoinyiY261FASJz0XkiY=,tag:XGFgIq49kDjetpLCQs4n2A==,type:str]
sops:
age:
- recipient: age1ajemtm502nn2n4q7v4j8meyd5mxtcqngkkedxq2pqzuwu78zp93qnw8q48
enc: |
- enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBiYU1MR2w4Njh2cVBocmJq
YkxvSmVsWDdGT0h0S3NSbDYxb21EVTlxT21nCjB3WlVmK0hkR1B6Z2lhbndvNFdC
aE9YMHphU1JoV2hwZ0RITXhHZnJmeTAKLS0tIDk4akc0T1FvbURLRFpXNHlRQ3Vx
TUZMTENMbVNjeVFxMGVSc2FpZ0dXcDgKcacaFS2diAKeKwmVz7KghKjkNI2ij4Ns
fYSd8sq/bEDTvn1wNpF1zLmzX9jmoXc5iORuRKaYcT8OaoUX7SsFvQ==
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBPdzBQVG9DM0JEODVPMHYy
dXhJcG8ydG9BSEJYRmpCMzNXRUNtQjhWRFZZCjdDelozdzZWbmkzWG8xZFRwVVVx
ZmMxWGF6b3R1Z2RlNjRuOExoUlNWa2sKLS0tIDRJWEw0ZmltUWYrT09ESndFa3RD
ait2ZUpTMXpkQitUaWp3eGRldDZDNzAKw5ud8Zrs/OVnJVF4rNcFVYsaJpKP5sVG
Q9v3d6pFqDg04WTcompVOeYOxKiQeDiBYLplrI0L5L4ykcBoWH11Qw==
-----END AGE ENCRYPTED FILE-----
- recipient: age197lfdanym647wdaz9uy8hrfqjwj9fs8rm7vs3fsrctceu8mr9gms2jedhz
enc: |
recipient: age1ajemtm502nn2n4q7v4j8meyd5mxtcqngkkedxq2pqzuwu78zp93qnw8q48
- enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBUNlhkZzFoa21tR244dVJ0
cXJWbDA0eVBrZWU4QVRVQm85bVVScFdYbHdnCjRWQWRNajIyQ0JoYTFFQ3RsOFA4
cTZGNVhCN2k0NHBMb1Z4VmVqRzNjbEkKLS0tIFhJTVBCM0E4dTkweld6WUx5Z1hQ
WXdwVFJ3cXQzUnFPUnV2NzdqcWwwZkkKqS9IQpB/MjnsVQ4IfIRtH6FESzLkdHq/
GJnMHt0VcLt/gYrz+lrPc1ecQwNvVGH2Qt++BbSJxUFftoDLdEMlig==
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB2cjNBcksvZ3BJTyt1S0Zs
VGxkL0phMXlrL09NNjRRTkM5UFROZVNheVZzCld0eTcwcGQwMCs1dmdpcGE3Y05F
Q2ErNG1hemNMbGVOOFRrN3ZMOTNOSU0KLS0tIGcvd0duODlpUC9RMGl4QkdsOGVn
ZkhCUmRCZUhnWjY3K3llQUR3cVYxYWcKb6gKRIjcVksT4gdSKSvl+U3yJ9osrnVp
X9ToceiCN0DnSLRK1njH1U0LIGs5zyDE0iSejJY3Pp/6lID44Ary7A==
-----END AGE ENCRYPTED FILE-----
- recipient: age17pn6suvz2f7zmrm9zxj5hr0putvcvdamqxqt7ewhncgg6ccgmp2qr00xm2
enc: |
recipient: age197lfdanym647wdaz9uy8hrfqjwj9fs8rm7vs3fsrctceu8mr9gms2jedhz
- enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBtcVZPWVNBc1pFWm8zN3hm
M1RtenlCbGl3Q0xhWlRWN1BmOUNDK3I0cVQwCk82Vm5IcmZZeVRBdlVUb0NtTXdz
QTlVMEhCWkpJN0JOM09mSGtqbzl5ZUkKLS0tIE4vTGhEQlRDZ1Vma0VEQ0xtcU9V
MitPc29VYUV3UmJSNXdmMUhwck9MOXMKLXHEKpNvzModiTR1Q6cE1xKSGewV/9PJ
rEbTgsa0E9C4vm5sDKjSjuvpSF9tNOSByf5So5kzX0ZTxgjdTjsFbw==
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBuRDlaZjRNSkNyV1pOZkh2
Ti9UYldsdGlVdmFnTUlvcWRVRjRZYXh6WlhNClpOVlRpU3c4T0FkTUo5MytFK21i
RnZQVE9SYUJ3Z2g1N3RKbHh4em5ITWsKLS0tICtNNWVyYjdaYkR5dW9PejlGSmNP
NDFybGZZazFZa1RnV1hhclRXZS82bkUKb4ZYkZw1lQbwUQ+nz2pHvrLmKk03lEzu
FQOLoBer82Xvv2X12UZBKUGydGT6kenCK9Cxdp2CptnvCKQPUmhk/A==
-----END AGE ENCRYPTED FILE-----
- recipient: age1cnnpnglkvgw5ffv8qpgwpqvj203lh4uwt698y9mxjwklxt8nysmsa8hepn
enc: |
recipient: age17pn6suvz2f7zmrm9zxj5hr0putvcvdamqxqt7ewhncgg6ccgmp2qr00xm2
- enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBkeUlIL2QxQlhGN3RqOFZR
K1p1bjc5R00yclEzL0hYY0c2OFJhRmN4Y0JvCkpIL0Q4Y1Nic3pFYjNIM1hMK2w2
cFNGNVhHcW85R2loZ3JveVVZNGptd1kKLS0tIGYvYjlTMzRzUUNlM3padDJHNkFm
VGJHL2c4Z05pTWlxellFMG4rRlp1MkUK4mwb2jMlfHb0ISInZKwbm9+EqBzWfZNU
+L/WahvTo4Fe9uSOJffpSMleH0ZJS35loCJE5WIdmGnRQB6Mw7LWag==
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA5anY1ZG9zaUo3bEozUXo2
T0hVK1dUQzVIbnZ4ZnA0dUhHQ3ZONWNoZXlNCnB1ZU1mTjYwSTdNN09KWTc2WU9N
NUVCQkkxM2hXNFU0eEJpRU5QelN1UlUKLS0tIFF2c1lueVQzY1hsRWptR3N2UzFz
RUsxTkZVRzFoelNqeDRVVDM4R3JlNnMKUvGEbBmA7hRcmeXk0zJhJGvBPWKKtgp3
Vhk7+E0zMmlzDoTcZyaeNDozzT6RGTmNS3q5h0biIutK/6FLKreWlQ==
-----END AGE ENCRYPTED FILE-----
- recipient: age1g68hxv73llkyc7etzh499ztcrt93pwawy0n8p93px4taqu58mehsp88vjq
enc: |
recipient: age1cnnpnglkvgw5ffv8qpgwpqvj203lh4uwt698y9mxjwklxt8nysmsa8hepn
- enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBIR3FWcElFL2RBRmdFS1cy
emRTM201a1ltWndUcDJ5RXptd1RTNHdvWXpNCkxBTXZCNUxvd1dXMDhHK0ZFVUI1
c2VkRlJJbDNYSzF0djJXN0J4YXltam8KLS0tIEFTZjdWd0NQTVEyU1Q4UCtQVGhy
K3VUdlpjd0M3RVBHOVVjc04yZzV4UkUKcB8r+FiqZqwsxj40hCtVePnfIZ3S8DFR
tgSRDMp8eEm6vXHbbf49E/cpV4iBwVel9zAe64tYs7atk9dcgMmOpw==
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBCZUo1ZDh6cTM0VTREMFIz
OWRJNW1aL2RyKysxTDA5RVNjOHFjb2hvalNZCllYeTJjTWZONmd3RWxhdi9udTJC
elFCdStNZE96Q2d3cjhiREtwb1ZnRGsKLS0tIGhoZXdpMW1Qa3Z0Yk9zU1ZmUGJj
YlRkTWlmSE9TNWNmMkNmbHJEWEFrNXcKxwFWZ1qtfudrjB4pxHW0wmBsmpKAvQSm
q9t7SiFKqRPZKEPqDQo3G+xoXsjt0nC0iKKikYF5XcFHHXWFb5sepA==
-----END AGE ENCRYPTED FILE-----
- recipient: age1awytvphvty4f9wmdn86xnjg9kgetqjx8qlwj5d2882t4fyyzy58s3vg5k4
enc: |
recipient: age1g68hxv73llkyc7etzh499ztcrt93pwawy0n8p93px4taqu58mehsp88vjq
- enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB0TkVLUnFDMnVoT3BUM0kr
ZU5hZE1teGF1M21SbmY5MHZTMytKeWpkYnk0CmkwNXlBMDR1cEp2MkZPeWUyU0hZ
Wlp4SFIwZUNQa25BRENsYWNoZmZoNjQKLS0tIEtIU3NRVS94SW80VXVGZy9hRkNQ
QmJKNDJUY0RSakhwNWlkOVpib0trc1kK0tQxD9I82pjfs54eruu+IjzVUmcVBCPw
9mp1xKiYRRMXt3YQn6MPiyuuX3l3UB5MH0RJMNtRq0D961rs+iiS5A==
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBQVEczOHNXaVdzdExpWnRQ
bElRbGpHdm90Z2FxRWNkanBjbVJFbHFQWmlNCjNhZFNMa25kTGVCcEFWeXV1Vnlv
TytRbklGRkNENEtaeDMxN0t0NGp6SjQKLS0tIG9YNWhPWjhWd2VXWlNUaGhuVWpi
dE9EUTNVaTgyMWFNZ3FzOUhFUHZmeHMKuiICVTlhhHOAqr+t2g8VEWmjQ7OEr6x/
1FOEAjGif5qrYK2JAkYRCTz6DnxZRcpWCgc51lvrbjVtP9ehLHdhAg==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2025-11-02T16:19:20Z"
mac: ENC[AES256_GCM,data:2UFvzqhsR9OecqRX/n2O5wJ1fcdhetNE37Vj56rL6tRxT42uU8SKy7hxROS0LcrwKs59Km7P1oO/mYW6eyuLAZ7R5MAm18R5UYIYpKV8oevNUYMl0bsJkMnzl+nxz2i0ceg38rsioS9frK9a29hbJiV6Vr9yubHNdtZF4YqRmH0=,iv:Cx2nN4Gm0L+aWi6jbLuSuzhhzD8W5PzCLmJajyb/oEo=,tag:6wM1m8LB+7Rd/F9h62C4gg==,type:str]
recipient: age1awytvphvty4f9wmdn86xnjg9kgetqjx8qlwj5d2882t4fyyzy58s3vg5k4
- enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAybWd4SnU0N1ZPZ3JJUkFr
MUl2ejVRUGZ6eGU1Q1NVZktuOXcwUlBpakNJCkdwaEtPYzlqSlN3WU5zYVB2QVB0
aDZVOWpCOGppeU1lYUJhVS95bFVUbHcKLS0tIFJNRzc3VStlblRmYXZma1MzY01p
RzlZNFg5d2tVTVoxbDA1RStjMk9JYkkKf09NyGYpu/LszVrIXVpRzmFFkY3L4wmH
3b7Iev9HCVTzcRqxUpXXcL8pRKjLEOAI+HcFZUQiBmD4+xOCYMfuGw==
-----END AGE ENCRYPTED FILE-----
recipient: age1erkn7dd022e90ktyj66aux9j9xvl0uzd6ru5cmrjsvcm5rtr5pfs7q6k9h
- enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBwUGZOM1U1NlEzL0N0VjBM
TFJpUTJuNmtEMUxTZno4M2dUVkZVZGdNeEFvCmQ3Q21vM0xoSnFuUTIwNFZGUjJz
bTlBUzhKZ2FZYVJMSjdzT3R5WmxzRncKLS0tIDNVYlUvM29sMFdIaGhwSkJUOG81
L2ExYktQVkw3WU9pYk9haktKd3R1UW8Kuqh/4fmHmBNJKkotCau2gTHx+CEj7L0f
HuRVxbC8smhRNhM7x8jRJ0ui/SF05A4qwvC/LMv6P3W7W42bCRxErQ==
-----END AGE ENCRYPTED FILE-----
recipient: age16crkeglm3j3f6rveylytuerptjf9mwtv3hl89ywkmnnvdkntfchsuvrsk5
- enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBUMzdDa2ROL0h3MExRY2tp
RGM0cmdXMlhGSDFob1FycVVHN0ozUTBudjM0ClF4a2JQT3pNbmZKL1BCNC95R0lm
Q0VOdUI4Z0hHcEpwREE0NW02QVVRbzAKLS0tIFVqbFBVNDJ3eTBsZFNNSEpDak1y
c2h6eWxKN3FramxGNGZsRlcrL1VpUnMK4nUJnjktSe94uGXGU/aw/SP5X/EPiQjz
97j0nMDIc1cxnh0oB7dK9xq4s1LpBOJWGCUSVkBYU9pAWgcQVtHOSg==
-----END AGE ENCRYPTED FILE-----
recipient: age1tkywsvddjj6r6ukuqgz9aql92jfx85rz57dhmkkndysh6yx6p5rs0zj0qr
- enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBxKzhoOEVjdkNBaUl5dW1i
aktGWm9ZTDNTWGcvK2xJZDVMMk44S0UrdG5ZCjV0WUw2YndHdXM2b1lCSGhxbHRn
TEM5cVRHZXQzS2poeWZ4azVlWXNqVzAKLS0tIDRSV2hEWGMwa1FXOG1jaGwxR2Y5
Z1h1R3hVMWc1WmVRSENtekdhOVhMWlkKPxcztky7YjMEcMMvjis52VsS6OyxqT5r
WHZ4l41AZQZg59QYvA29L8G2YWJHnOHKd83LsFw627/eR2c2pAHS9w==
-----END AGE ENCRYPTED FILE-----
recipient: age17p69ktg7yfzgdsk00f32mupe4n4fevdpw2wsv7ft30yvpeseau6s7t0zdg
- enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBMclFDR0wxNm0xYUNydE43
VjkrREZGWFk5Si9MYjY4ZU1JVW1kT2VwZG0wCmdJT3ZoOGRxd3lqUGdPUG1sa25W
RjZ1Ymc3RGFEaEZoNnY4NmV4TGYzaWsKLS0tIEcwdDl2aWtyWTNsa1F6bzg3Vmx4
MEV0cnJoWVcxVktwY05yUUNvbGNpZlEK2LbBLBooezdoNvUCwjGNp5TbAl5duIP8
QUd0alW52eTCpVBWsXU2JbXIwfc3HY7fl2dbPgD38mcCsoFBQ3hH7w==
-----END AGE ENCRYPTED FILE-----
recipient: age1ztuc996dapd7gpw5g7t4k3e9egv3dj6czxyslhnwula97w3cuytqlgzru0
lastmodified: "2026-06-13T23:40:11Z"
mac: ENC[AES256_GCM,data:a4PQgcTV86va1Ht4ZyG40XGEbV+P5bwgSIWmnaqTKHaRSQTvmUhRzwU7VSCPwNhOr2FqeGWpSl6QcI8p/RrthP1s43FwNo57T+3ZEjLB+AjywLENDu64wv9RFVK+mYSPzUsZwq2X98Lq6ygmHLHohDJFhZIDjq+WqYB4m2gf3uQ=,iv:ZdgwbsKscihqApFz8BSvW673UJsJAjPWPFPSN0xKRSA=,tag:vGa7CV6yXWRmpSMsW0yQkw==,type:str]
unencrypted_suffix: _unencrypted
version: 3.11.0
version: 3.13.1
system/boot/boot.nix
+30 -19
View File
@@ -8,13 +8,6 @@ with lib; let
cfg = config.mySystem.boot;
in {
options.mySystem.boot = {
extraModprobeConfig = mkOption {
type = types.lines;
default = "";
example = ''
options snd_usb_audio vid=0x1235 pid=0x8212 device_setup=1
'';
};
kernel = {
package = mkOption {
type = types.raw;
@@ -29,18 +22,29 @@ in {
type = types.enum ["intel" "amd"];
default = "amd";
};
v4l2loopback = mkOption {
description = "Enables v4l2loopback";
type = types.bool;
default = true;
};
v4l2loopback.enable = mkEnableOption "Enables v4l2loopback kernel module";
hardened = mkEnableOption "Enables hardened Linux kernel";
extraModprobeConfig = mkOption {
type = types.lines;
default = "";
example = ''
options snd_usb_audio vid=0x1235 pid=0x8212 device_setup=1
'';
};
};
systemd-boot = mkOption {
type = types.bool;
default = true;
default = !cfg.grub.enable;
description = "Does the system use systemd-boot?";
};
grub = {
enable = mkEnableOption "Does the system use GRUB? (Disables systemd-boot)";
device = mkOption {
type = types.path;
description = "The GRUB device";
default = "";
};
};
zfs = {
enable = mkEnableOption "Enables ZFS";
pools = mkOption {
@@ -51,21 +55,28 @@ in {
};
config.boot = {
initrd.kernelModules = lists.optional config.mySystem.hardware.amdgpu.enable "amdgpu";
initrd.kernelModules = lib.lists.singleton (
if config.mySystem.hardware.amdgpu.enable
then "amdgpu"
else "i915"
);
extraModprobeConfig =
strings.concatLines
([cfg.kernel.extraModprobeConfig]
++ lists.optional cfg.kernel.v4l2loopback.enable ''options v4l2loopback exclusive_caps=1 devices=1 video_nr=0 card_label="OBS Studio"'');
loader = {
systemd-boot.enable = cfg.systemd-boot;
efi.canTouchEfiVariables = cfg.systemd-boot;
grub = mkIf cfg.grub.enable {
inherit (cfg.grub) enable device;
};
};
supportedFilesystems = mkIf cfg.zfs.enable ["zfs"];
zfs.extraPools = mkIf cfg.zfs.enable cfg.zfs.pools;
kernelPackages =
if cfg.kernel.hardened
then pkgs.linuxPackages_hardened
else cfg.kernel.package;
kernelPackages = cfg.kernel.package;
kernelModules =
cfg.kernel.modules
++ ["kvm-${cfg.kernel.cpuVendor}"]
++ lists.optional cfg.kernel.v4l2loopback "v4l2loopback"
++ lists.optional cfg.kernel.hardened "tcp_bbr";
kernel.sysctl = mkIf cfg.kernel.hardened {
"kernel.sysrq" = 0; # Disable magic SysRq key
system/default.nix
+1 -26
View File
@@ -1,40 +1,15 @@
{
lib,
config,
...
}:
with lib; let
cfg = config.mySystem.misc;
in {
imports = [
./boot
./desktop
./dev
./hardware
./i18n
./misc.nix
./network
./packages
./security
./services
./users
];
options.mySystem.misc = {
timezone = mkOption {
type = types.str;
default = "Europe/Paris";
};
keymap = mkOption {
type = types.str;
default = "fr";
example = "fr-bepo";
description = "Keymap to use in the TTY console";
};
};
config = {
boot.tmp.cleanOnBoot = true;
time.timeZone = cfg.timezone;
console.keyMap = cfg.keymap;
};
}
system/desktop/waydroid.nix
+4 -1
View File
@@ -9,7 +9,10 @@ with lib; let
in {
options.mySystem.desktop.waydroid.enable = mkEnableOption "Enables Waydroid";
config = mkIf cfg.enable {
virtualisation.waydroid.enable = cfg.enable;
virtualisation.waydroid = {
enable = cfg.enable;
package = pkgs.waydroid-nftables;
};
environment.systemPackages = [pkgs.waydroid-helper];
};
}
system/dev/docker.nix
+12 -1
View File
@@ -12,9 +12,17 @@ in {
podman.enable = mkEnableOption "Enable Podman rather than Docker";
nvidia.enable = mkEnableOption "Activate Nvidia support";
autoprune.enable = mkEnableOption "Enable autoprune";
storage = mkOption {
type = types.nullOr types.path;
default = null;
example = "/path/to/docker/storage";
};
};
config = mkIf cfg.enable {
mySystem.users.phundrak = mkIf config.mySystem.users.phundrak.enable {
extraGroups = ["docker"] ++ lists.optional cfg.podman.enable "podman";
};
environment.systemPackages = with pkgs;
[
dive # A tool for exploring each layer in a docker image
@@ -24,11 +32,14 @@ in {
podman-compose
podman-desktop
];
virtualisation = mkIf cfg.enable {
virtualisation = {
docker = mkIf (!cfg.podman.enable) {
enable = true;
enableNvidia = cfg.nvidia.enable;
autoPrune.enable = cfg.autoprune.enable;
daemon.settings = mkIf (cfg.storage != null) {
"data-root" = cfg.storage;
};
};
podman = mkIf cfg.podman.enable {
enable = true;
system/hardware/default.nix
+6 -2
View File
@@ -1,8 +1,12 @@
{
{lib, ...}: {
imports = [
./amdgpu.nix
./bluetooth.nix
./sound.nix
./fingerprint.nix
./input
./pinetab2.nix
./sound.nix
];
hardware.enableAllFirmware = lib.mkDefault true;
}
system/hardware/fingerprint.nix
+13
View File
@@ -0,0 +1,13 @@
{
lib,
config,
...
}:
with lib; let
cfg = config.mySystem.hardware.fingerprint;
in {
options.mySystem.hardware.fingerprint.enable = mkEnableOption "Enable fingerprint reader";
config = mkIf cfg.enable {
hardware.facter.detected.fingerprint.enable = cfg.enable;
};
}
system/hardware/input/opentablet.nix
+4 -1
View File
@@ -7,8 +7,11 @@ with lib; let
cfg = config.mySystem.hardware.input.opentablet;
in {
options.mySystem.hardware.input.opentablet.enable = mkEnableOption "Enables OpenTablet drivers";
config.hardware.opentabletdriver = mkIf cfg.enable {
config = mkIf cfg.enable {
hardware.opentabletdriver = {
inherit (cfg) enable;
daemon.enable = true;
};
boot.kernelModules = ["wacom"];
};
}
system/hardware/pinetab2.nix
+18
View File
@@ -0,0 +1,18 @@
{
lib,
config,
...
}:
with lib; let
cfg = config.mySystem.hardware.pinetab2;
in {
options.mySystem.hardware.pinetab2.enable = mkEnableOption "Activate support for the PineTab2";
config = {
boot.kernelParams = ["console=tty0" "console=ttyS2,1500000n8" "rootwait" "root=LABEL=NIXOS_SD" "rw"];
hardware.sensor.iio.enable = true;
services.avahi = {
enable = true;
openFirewall = true;
};
};
}
system/hardware/sound.nix
+6 -2
View File
@@ -9,6 +9,7 @@ with lib; let
in {
options.mySystem.hardware.sound = {
enable = mkEnableOption "Whether to enable sounds with Pipewire";
noisetorch = mkEnableOption "Whether to activate noisetorch support";
scarlett.enable = mkEnableOption "Activate support for Scarlett sound card";
alsa = mkOption {
type = types.bool;
@@ -32,7 +33,8 @@ in {
config = {
environment.systemPackages = mkIf cfg.scarlett.enable [pkgs.alsa-scarlett-gui];
services.pipewire = mkIf cfg.enable {
services = {
pipewire = mkIf cfg.enable {
enable = true;
alsa = mkIf cfg.alsa {
enable = mkDefault true;
@@ -40,8 +42,10 @@ in {
};
jack.enable = mkDefault cfg.jack;
};
pulseaudio.enable = false;
};
programs.noisetorch = mkIf cfg.enable {
inherit (cfg) enable;
enable = cfg.noisetorch;
};
};
}
system/i18n/default.nix
+1
View File
@@ -1,5 +1,6 @@
{
imports = [
./input.nix
./locale.nix
];
}
system/i18n/input.nix
+25
View File
@@ -0,0 +1,25 @@
{
lib,
config,
pkgs,
...
}:
with lib; let
cfg = config.mySystem.i18n.input;
in {
options.mySystem.i18n.input.enable = mkEnableOption "Enable i18n input with fcitx5";
config.i18n.inputMethod = mkIf cfg.enable {
enable = true;
type = "fcitx5";
fcitx5.addons = with pkgs; [
fcitx5-gtk
fcitx5-mozc-ut # Japanese input support
fcitx5-nord
fcitx5-table-other # X-SAMPA to IPA support
qt6Packages.fcitx5-chinese-addons # allow to load table addons
qt6Packages.fcitx5-configtool
qt6Packages.fcitx5-with-addons
];
};
}
system/misc.nix
+55
View File
@@ -0,0 +1,55 @@
{
lib,
config,
...
}:
with lib; let
cfg = config.mySystem.misc;
in {
options.mySystem.misc = {
timezone = mkOption {
type = types.str;
default = "Europe/Paris";
};
keymap = mkOption {
type = types.str;
default = "fr";
example = "fr-bepo";
description = "Keymap to use in the TTY console";
};
};
config = {
boot.tmp.cleanOnBoot = true;
console.keyMap = cfg.keymap;
time.timeZone = cfg.timezone;
environment.pathsToLink = [
"/share/bash-completion"
"/share/zsh"
];
services = {
orca.enable = false;
envfs.enable = true;
};
nix.settings = {
substituters = [
"http://marpa:5000?priority=5"
"https://phundrak.cachix.org?priority=10"
"https://nix-community.cachix.org?priority=20"
"https://cache.nixos.org?priority=40"
];
trusted-public-keys = [
"marpa-local:XoO+dFN4PeauF52pYuy3Vh4Sdtl2qIdxu5aUasWKv6Q="
"phundrak.cachix.org-1:osJAkYO0ioTOPqaQCIXMfIRz1/+YYlVFkup3R2KSexk="
"nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
"cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY="
];
http-connections = 128;
experimental-features = [
"nix-command"
"flakes"
];
};
};
}
system/network/networking.nix
+9 -1
View File
@@ -51,12 +51,20 @@ in {
default = null;
};
};
wifi.disablePowersave = mkEnableOption ''
Disables powersave for Wifi.
Used mainly for the PineTab2, as leaving WiFi powersave with the bes2600 can cause stability issues.
'';
};
config.networking = {
hostName = cfg.hostname; # Define your hostname.
hostId = cfg.id;
networkmanager.enable = true;
networkmanager = {
enable = true;
wifi.powersave = ! cfg.wifi.disablePowersave;
};
inherit (cfg) hostFiles domain;
firewall = {
enable = true;
system/network/tailscale.nix
+8 -1
View File
@@ -12,5 +12,12 @@ in {
default = true;
};
};
config.services.tailscale.enable = cfg.enable;
config.services.tailscale = {
inherit (cfg) enable;
extraSetFlags = [
"--accept-dns"
"--accept-routes"
"--ssh"
];
};
}
system/packages/flatpak.nix
+3 -7
View File
@@ -11,12 +11,8 @@ in {
enable = mkEnableOption "Enable Flatpak support";
builder.enable = mkEnableOption "Enable Flatpak builder";
};
config = {
services.flatpak = mkIf cfg.enable {
inherit (cfg) enable;
};
environment.systemPackages = mkIf cfg.builder.enable [
pkgs.flatpak-buildR
];
config = mkIf cfg.enable {
environment.systemPackages = lists.optional cfg.builder.enable pkgs.flatpak-builder;
services.flatpak.enable = true;
};
}
system/packages/nix.nix
+1 -1
View File
@@ -27,7 +27,7 @@ in {
trusted-users = mkOption {
type = types.listOf types.str;
example = ["alice" "bob"];
default = [];
default = ["@wheel" "root"];
};
};
system/packages/steam.nix
+14
View File
@@ -17,6 +17,20 @@ in {
localNetworkGameTransfers.openFirewall = true;
gamescopeSession.enable = true;
extraCompatPackages = [pkgs.proton-ge-bin];
package = pkgs.steam.override {
extraEnv = {
MANGOHUD = true;
OBS_VKCAPTURE = true;
RADV_TEX_ANISO = 16;
};
extraLibraries = p: with p; [atk];
extraPkgs = pkgs:
with pkgs; [
qt5.qtmultimedia
qt5.qtbase
libpulseaudio
];
};
};
gamescope = {
enable = true;
system/security/default.nix
+1
View File
@@ -2,4 +2,5 @@
imports = [
./sops.nix
];
security.rtkit.enable = true;
}
system/services/default.nix
+2
View File
@@ -3,11 +3,13 @@
./calibre.nix
./endlessh.nix
./fwupd.nix
./harmonia.nix
./jellyfin.nix
./languagetool.nix
./plex.nix
./printing.nix
./ssh.nix
./sunshine.nix
./traefik.nix
];
}
system/services/harmonia.nix
+36
View File
@@ -0,0 +1,36 @@
{
config,
lib,
...
}:
with lib; let
cfg = config.mySystem.services.harmonia;
in {
options.mySystem.services.harmonia = {
enable = mkEnableOption "Harmonia Nix binary cache server";
port = mkOption {
type = types.port;
default = 5000;
description = "Port to listen on";
};
priority = mkOption {
type = types.ints.between 0 100;
default = 50;
description = "Cache priority (lower = higher priority, 0-100)";
};
signKeyPaths = mkOption {
type = types.listOf types.path;
description = "Paths to the signing keys to use for signing the cache.";
};
};
config = mkIf cfg.enable {
services.harmonia.cache = {
enable = true;
inherit (cfg) signKeyPaths;
settings = {
inherit (cfg) priority;
bind = "[::]:${toString cfg.port}";
};
};
};
}
system/services/ssh.nix
+5
View File
@@ -18,9 +18,14 @@ in {
example = true;
default = false;
};
port = mkOption {
type = types.int;
default = 22;
};
};
config.services.openssh = mkIf cfg.enable {
inherit (cfg) enable;
ports = [cfg.port];
settings = {
AllowUsers = cfg.allowedUsers;
PermitRootLogin = "no";
system/services/sunshine.nix
+26 -6
View File
@@ -15,33 +15,53 @@ in {
autoStart = cfg.autostart;
capSysAdmin = true;
openFirewall = true;
settings.sunshine_name = config.mySystem.networking.hostname;
applications.apps = [
settings = {
sunshine_name = config.mySystem.networking.hostname;
locale = "en_GB";
system_tray = "enabled";
output_name = 1;
};
applications.apps = let
defaultPrep = [
{
do = "sh -c \"hyprctl -i 0 keyword monitor \\\"DP-2,\${SUNSHINE_CLIENT_WIDTH}x\${SUNSHINE_CLIENT_HEIGHT}@\${SUNSHINE_CLIENT_FPS},0x0,1\\\"\"";
undo = "sh -c \"hyprctl -i 0 keyword monitor 'DP-2,2560x1080@60,0x0,1,transform,1'\"";
}
];
in [
{
name = "Desktop";
image-path = "desktop.png";
prep-cmd = defaultPrep;
}
{
name = "Low Res Desktop";
image-path = "desktop.png";
prep-cmd = defaultPrep;
}
{
name = "Steam Big Picture";
detached = ["setsid steam steam://open/bigpicture"];
prep-cmd = {
do = "";
undo = "setsid steam steam://close/bigpicture";
};
prep-cmd = defaultPrep;
image-path = "steam.png";
}
{
name = "OpenTTD";
cmd = "openttd";
image-path = "/home/phundrak/.config/sunshine/covers/igdb_18074.png";
prep-cmd = defaultPrep;
}
{
name = "OpenMW";
cmd = "openmw";
image-path = "/home/phundrak/.config/sunshine/covers/igdb_24775.png";
prep-cmd = defaultPrep;
}
{
name = "Vintage Story";
cmd = "flatpak run at.vintagestory.VintageStory";
image-path = "/home/phundrak/.config/sunshine/covers/igdb_69547.png";
prep-cmd = defaultPrep;
}
];
};
system/services/traefik.nix
+71
View File
@@ -0,0 +1,71 @@
{
config,
lib,
...
}:
with lib; let
cfg = config.mySystem.services.traefik;
in {
options.mySystem.services.traefik = {
enable = mkEnableOption "Enable Traefik";
email = mkOption {
type = types.str;
default = "";
};
dataDir = mkOption {
type = types.path;
default = "/tank/traefik";
example = "/path/to/traefik/data";
};
environmentFiles = mkOption {
type = types.listOf types.path;
example = ["/var/traefik/traefik.env"];
default = [];
};
dynamicConfigFile = mkOption {
type = types.path;
default = "${cfg.dataDir}/traefik.yaml";
example = "/var/traefik/dynamic.yaml";
};
};
config.services.traefik = {
inherit (cfg) enable dynamicConfigFile environmentFiles;
staticConfigOptions = {
api.dashboard = true;
log = {
level = "INFO";
filePath = "${cfg.dataDir}/traefik.log";
format = "json";
};
accessLog.filePath = "${cfg.dataDir}/access.log";
entryPoints = {
web = {
address = ":80";
asDefault = true;
http.redirections.entrypoint = {
to = "websecure";
scheme = "https";
};
};
websecure = {
address = ":443";
asDefault = true;
httpChallenge.entryPoint = "websecure";
};
};
providers.docker = {
endpoint = "unix:///var/run/docker.sock";
exposedByDefault = false;
};
certificatesResolvers.cloudflare.acme = {
inherit (cfg) email;
storage = "${cfg.dataDir}/acme.json";
dnsChallenge = {
provider = "cloudflare";
resolvers = ["1.1.1.1:53" "1.0.0.1:53"];
propagation.delayBeforeChecks = 60;
};
};
};
};
}
system/users/creug.nix
+36
View File
@@ -0,0 +1,36 @@
{
lib,
config,
pkgs,
...
}:
with lib; let
cfg = config.mySystem.users.creug;
in {
options.mySystem.users.creug = {
enable = mkEnableOption "Enables user creug";
sudo = mkEnableOption "Make the user a superuser";
trusted = mkOption {
description = "Mark the user as trusted by Nix";
default = cfg.sudo;
example = true;
};
};
config = {
users.users.creug = mkIf cfg.enable {
isNormalUser = true;
description = "Greg";
extraGroups =
["networkmanager" "dialout" "games" "audio" "input"]
++ lists.optional config.mySystem.dev.docker.enable "docker"
++ lists.optional config.mySystem.dev.docker.podman.enable "podman"
++ lists.optional cfg.sudo "wheel";
shell = pkgs.zsh;
openssh.authorizedKeys.keyFiles = lib.filesystem.listFilesRecursive ../../users/creug/keys;
};
nix.settings = mkIf cfg.trusted {
trusted-users = ["creug"];
};
};
}
system/users/default.nix
+3
View File
@@ -1,5 +1,8 @@
{
imports = [
./creug.nix
./phundrak.nix
./root.nix
];
programs.zsh.enable = true;
}
system/users/phundrak.nix
+16 -13
View File
@@ -5,27 +5,30 @@
...
}:
with lib; let
cfg = config.mySystem.users;
cfg = config.mySystem.users.phundrak;
in {
options.mySystem.users = {
root.disablePassword = mkEnableOption "Disables root password";
phundrak.enable = mkEnableOption "Enables users phundrak";
options.mySystem.users.phundrak = {
enable = mkEnableOption "Enables user phundrak";
trusted = mkEnableOption "Mark the user as trusted by Nix";
extraGroups = mkOption {
type = types.listOf types.str;
default = [];
example = ["feedbackd"];
};
};
config = {
users.users = {
root = {
hashedPassword = mkIf cfg.root.disablePassword "*";
shell = pkgs.zsh;
};
phundrak = mkIf cfg.phundrak.enable {
users.users.phundrak = mkIf cfg.enable {
isNormalUser = true;
description = "Lucien Cartier-Tilet";
extraGroups = ["networkmanager" "wheel" "docker" "dialout" "podman"];
extraGroups =
["networkmanager" "wheel" "dialout" "plugdev" "games" "audio" "input"]
++ cfg.extraGroups;
shell = pkgs.zsh;
openssh.authorizedKeys.keyFiles = lib.filesystem.listFilesRecursive ../../keys;
openssh.authorizedKeys.keyFiles = lib.filesystem.listFilesRecursive ../../users/phundrak/keys;
};
nix.settings = mkIf cfg.trusted {
trusted-users = ["phundrak"];
};
programs.zsh.enable = true;
};
}
system/users/root.nix
+17
View File
@@ -0,0 +1,17 @@
{
lib,
config,
pkgs,
...
}:
with lib; let
cfg = config.mySystem.users.root;
in {
options.mySystem.users.root.disablePassword = mkEnableOption "Disables root password";
config = {
users.users.root = {
hashedPassword = mkIf cfg.disablePassword "*";
shell = pkgs.zsh;
};
};
}
users/creug/home.nix
+66
View File
@@ -0,0 +1,66 @@
{
lib,
pkgs,
config,
...
}:
with lib; let
cfg = config.home.creug;
in {
imports = [../modules];
options.home.creug = {
sshKey = {
content = mkOption {
type = types.nullOr types.str;
example = "ssh-ed25519 AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA";
default = null;
};
file = mkOption {
type = with types; nullOr path;
default = "/home/creug/.ssh/id_ed25519.pub";
};
};
};
config = {
nixpkgs.config.allowUnfree = true;
home = {
username = "creug";
homeDirectory = "/home/creug";
packages = [pkgs.tree pkgs.ncdu];
preferXdgDirectories = true;
creug.sshKey.file = "${config.home.homeDirectory}/.ssh/id_ed25519.pub";
dev.vcs = {
name = "Creug";
email = "gregory.foulachon@gmail.com";
editor = "${pkgs.nano}/bin/nano";
jj = {
enable = true;
cz = {
enable = true;
alias = true;
};
};
git.enable = true;
publicKey = cfg.sshKey;
};
security.ssh.enable = true;
shell = {
bash.enable = true;
zsh.enable = true;
starship.enable = true;
tmux.enable = false;
zoxide.enable = false;
};
stateVersion = "24.11"; # Do not modify!
};
manual.manpages.enable = true;
};
}
users/creug/host/elcafe.nix
+8
View File
@@ -0,0 +1,8 @@
{
imports = [../home.nix];
home = {
cli.nh.flake = "/home/creug/.dotfiles";
dev.editors.emacs.enable = false;
creug.sshKey.content = builtins.readFile ../keys/id_elcafe.pub;
};
}
users/creug/keys/id_elcafe.pub
+1
View File
@@ -0,0 +1 @@
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBdd4cNNhONjhuH4jWZ8Z8K1gbBmeDNqRybKRHMQEvZj gregoryfoulachon@googlemail.com
users/modules/cli/btop.nix
+15 -5
View File
@@ -1,10 +1,20 @@
{pkgs, ...}: {
{
pkgs,
config,
...
}: let
inherit (config.home) gpuType;
in {
programs.btop = {
enable = true;
package = pkgs.btop.override {
rocmSupport = true;
cudaSupport = true;
};
package =
if gpuType != null
then
pkgs.btop.override {
rocmSupport = gpuType == "amd";
cudaSupport = gpuType == "nvidia";
}
else pkgs.btop;
settings = {
color_theme = "${pkgs.btop}/share/btop/themes/nord.theme";
cpu_bottom = false;
users/modules/cli/scripts/launcher.nix
+23
View File
@@ -0,0 +1,23 @@
{pkgs, ...}:
pkgs.writeShellScriptBin "app-launcher" ''
LOG_FILE="$HOME/.local/share/app-launcher.log"
logger() {
local level="$1"
local message="$2"
local timestamp
timestamp=$(date +"%Y-%m-%d %H:%M:%S")
printf "[%s] [%-7s] %s\n" "$timestamp" "''${level^^}" "$message" >> "$LOG_FILE"
}
CAELESTIA_ACTIVE=$(systemctl --user is-active caelestia.service)
logger debug "Caelestia activity: $CAELESTIA_ACTIVE"
if systemctl --user is-active caelestia.service | grep 'active' &> /dev/null ; then
logger info "Using Caelestia app launcher"
caelestia shell drawers toggle launcher || \
logger error "failed to launch Caelestia app launcher"
exit 0
fi
rofi -show drun
''
users/modules/cli/scripts/mp42webm.nix
+1 -1
View File
@@ -1,3 +1,3 @@
{pkgs, ...}:
pkgs.writeShellScriptBin "mp42webm" ''
${pkgs.ffmpeg}/bin/ffmpeg -i "$1" -c:v libvpx -crf 10 -b:v 1M -c:a libvorbis "$1".webm''
${pkgs.ffmpeg}/bin/ffmpeg -i "$1" -c:v libvpx -crf 10 -b:v 1M -c:a -hwaccel=auto libvorbis "$1".webm''
users/modules/cli/scripts/plock.nix
+25 -1
View File
@@ -1,16 +1,40 @@
{pkgs, ...}:
pkgs.writeShellScriptBin "plock" ''
LOG_FILE="$HOME/.local/share/plock.log"
logger() {
local level="$1"
local message="$2"
local timestamp
timestamp=$(date +"%Y-%m-%d %H:%M:%S")
printf "[%s] [%-7s] %s\n" "$timestamp" "''${level^^}" "$message" >> "$LOG_FILE"
}
CAELESTIA_ACTIVE=$(systemctl --user is-active caelestia.service)
logger debug "Caelestia activity: $CAELESTIA_ACTIVE"
if systemctl --user is-active caelestia.service | grep 'active' &> /dev/null ; then
logger info "locking Caelestia session"
caelestia shell lock lock || \
logger error "failed to lock Caelestia session"
exit 0
fi
TMPBG="/tmp/screen.png"
if [ "$XDG_SESSION_TYPE" = "wayland" ]; then
logger info "wayland session detected"
SCREENER=${pkgs.grim}/bin/grim
LOCKER="${pkgs.swaylock}/bin/swaylock -feF"
else
logger info "x11 session detected"
SCREENER=${pkgs.scrot}/bin/scrot
LOCKER="${pkgs.i3lock}/bin/i3lock -ef"
fi
$SCREENER "$TMPBG"
${pkgs.corrupter}/bin/corrupter -add 0 "$TMPBG" "$TMPBG"
logger info "generating lock screen image"
${pkgs.corrupter}/bin/corrupter -add 0 "$TMPBG" "$TMPBG" || logger error "failed to generate lock screen image"
logger info "locking screen"
logger debug "locking screen with command `''${SCREENER}`"
$LOCKER -ti "$TMPBG"
rm "$TMPBG"
''
users/modules/default.nix
+9 -2
View File
@@ -17,13 +17,20 @@ in {
./shell
];
options.home.fullDesktop = mkEnableOption "Enable most modules";
options.home = {
fullDesktop = mkEnableOption "Enable most modules";
gpuType = mkOption {
type = types.nullOr (types.enum ["nvidia" "amd" "intel"]);
default = null;
example = "amd";
};
};
config.home = {
cli.fullDesktop = mkDefault cfg.fullDesktop;
desktop.fullDesktop = mkDefault cfg.fullDesktop;
dev.fullDesktop = mkDefault cfg.fullDesktop;
media.fullDesktop = mkDefault cfg.fullDesktop;
security.fullDesktop = mkDefault cfg.fullDesktop;
services.fullDesktop = mkDefault cfg.fullDesktop;
myServices.fullDesktop = mkDefault cfg.fullDesktop;
};
}
users/modules/desktop/caelestia.nix
+82
View File
@@ -0,0 +1,82 @@
{
config,
lib,
pkgs,
...
}:
with lib; let
cfg = config.home.desktop.caelestia;
in {
options.home.desktop.caelestia.enable = mkEnableOption "Enables Caelestia Shell";
config.programs.caelestia = mkIf cfg.enable {
inherit (cfg) enable;
systemd = {
enable = true;
target = "graphical-session.target";
environment = ["QT3_QPA_PLATFORMTHEME=gtk3"];
};
settings = {
paths.wallpaperDir = "~/Pictures/Wallpapers/nord";
general = {
apps = {
terminal = ["kitty"];
audio = ["pavucontrol"];
playback = ["mpv"];
explorer = ["${pkgs.nemo-with-extensions}/bin/nemo"];
};
idle = {
inhibitWhenAudio = true;
timeouts = [
{
timeout = 3600;
idleAction = "lock";
}
];
};
};
background = {
desktopClock.enabled = true;
visualiser.enabled = true;
};
dashboard = {
enabled = true;
showOnHover = true;
};
launcher = {
enabled = true;
showOnHover = true;
useFuzzy = {
apps = true;
schemes = true;
wallpapers = true;
};
};
osd.enableMicrophone = true;
bar = {
status = {
showAudio = true;
showKbLayout = false;
};
tray.compact = true;
};
services = mkIf (config.home.gpuType != null) {
inherit (config.home) gpuType;
};
session.commands = {
logout = ["uwsm" "stop"];
shutdown = ["systemctl" "poweroff"];
hibernate = ["systemctl" "hibernate"];
reboot = ["systemctl" "reboot"];
};
utilities.toasts = {
capsLockChanged = false;
numLockChanged = false;
kbLayoutChanged = false;
};
};
cli = {
enable = true;
settings.theme.enableGtk = true;
};
};
}
users/modules/desktop/default.nix
+9 -4
View File
@@ -7,28 +7,33 @@ with lib; let
cfg = config.home.desktop;
in {
imports = [
./eww.nix
./caelestia.nix
./firefox.nix
./hyprland.nix
./kdeconnect.nix
./kitty.nix
./obs.nix
./qt.nix
./rofi
./spotify.nix
./swaync.nix
./theme.nix
./waybar.nix
./wl-kbptr.nix
./wlr-which-key.nix
./wlsunset.nix
];
options.home.desktop.fullDesktop = mkEnableOption "Enable options for graphical environments";
config.home.desktop = {
eww.enable = mkDefault cfg.fullDesktop;
firefox.enable = mkDefault cfg.fullDesktop;
hyprland.enable = mkDefault cfg.fullDesktop;
kdeconnect.enable = mkDefault cfg.fullDesktop;
kitty.enable = mkDefault cfg.fullDesktop;
obs.enable = mkDefault cfg.fullDesktop;
qt.enable = mkDefault cfg.fullDesktop;
rofi.enable = mkDefault cfg.fullDesktop;
spotify.enable = mkDefault cfg.fullDesktop;
spotify.spicetify.enable = mkDefault cfg.fullDesktop;
theme.enable = mkDefault cfg.fullDesktop;
wlr-which-key.enable = mkDefault cfg.fullDesktop;
};
}
users/modules/desktop/eww-config/eww.scss
View File
users/modules/desktop/eww-config/eww.yuck
-12
View File
@@ -1,12 +0,0 @@
(defwindow example
:monitor 0
:geometry (geometry :x "0%"
:y "20%"
:width "90%"
:height "30px"
:anchor "top center")
:stacking "fg"
:reserve (struts :distance "40px" :side "top")
:windowtype "dock"
:wm-ignore false
"example content")
users/modules/desktop/eww-config/test
View File
users/modules/desktop/eww.nix
-14
View File
@@ -1,14 +0,0 @@
{
lib,
config,
...
}:
with lib; let
cfg = config.home.desktop.eww;
in {
options.home.desktop.eww.enable = mkEnableOption "Enable eww support";
config.programs.eww = mkIf cfg.enable {
inherit (cfg) enable;
configDir = ./eww-config;
};
}
users/modules/desktop/firefox.nix
+72
View File
@@ -0,0 +1,72 @@
{
config,
lib,
inputs,
pkgs,
...
}:
with lib; let
cfg = config.home.desktop.firefox;
inherit (pkgs.stdenv.hostPlatform) system;
zen = inputs.zen-browser.packages.${system}.default;
settingsToLines = settings:
concatStringsSep "\n" (mapAttrsToList (name: value: "set ${name} ${toString value}") settings);
in {
options.home.desktop.firefox = {
enable = mkEnableOption "enable Firefox";
useZen = mkEnableOption "use Zen instead of Firefox";
tridactyl = {
enable = mkEnableOption "enable Tridactyl";
preConfig = mkOption {
description = "Lines to add to the beginning of tridactylrc";
type = types.lines;
default = "";
};
config = mkOption {
type = with types;
attrsOf (oneOf [
int
str
bool
]);
description = "Tridactyl settings (converted to 'set key value' lines)";
default = {};
example = {
smoothscroll = true;
history = 1000;
};
};
extraConfig = mkOption {
description = "Extra lines to add to tridactylrc (for bindings, autocmds, etc)";
type = types.lines;
default = "";
};
};
};
config = mkIf cfg.enable {
home.sessionVariables.MOZ_ENABLE_WAYLAND = "1";
programs.firefox = {
inherit (cfg) enable;
package =
if cfg.useZen
then zen
else pkgs.firefox;
nativeMessagingHosts = lists.optional cfg.tridactyl.enable pkgs.tridactyl-native;
configPath = ".mozilla/firefox";
};
xdg.configFile."tridactyl/tridactylrc" = mkIf cfg.tridactyl.enable {
text = concatStringsSep "\n" (filter (s: s != "") [
cfg.tridactyl.preConfig
(settingsToLines (cfg.tridactyl.config
// {
browser =
if cfg.useZen
then "zen"
else "firefox";
}))
cfg.tridactyl.extraConfig
]);
};
};
}
users/modules/desktop/hyprland.nix
+35 -131
View File
@@ -7,6 +7,7 @@
with lib; let
cfg = config.home.desktop.hyprland;
laptops = ["gampo"];
caelestiaEnabled = config.home.desktop.caelestia.enable;
in {
imports = [
./swaync.nix
@@ -34,38 +35,43 @@ in {
config = mkIf cfg.enable {
home.desktop = {
hyprpaper.enable = true;
hyprpaper.enable = mkDefault (! caelestiaEnabled);
rofi.enable = mkDefault true;
swaync.enable = mkDefault true;
swaync.enable = mkDefault (! caelestiaEnabled);
waybar = {
enable = mkDefault true;
enable = mkDefault (! caelestiaEnabled);
battery = mkDefault (builtins.elem cfg.host laptops);
};
wlsunset.enable = mkDefault true;
};
services.blueman-applet.enable = true;
services.blueman-applet.enable = ! caelestiaEnabled;
wayland.windowManager.hyprland = {
enable = true;
xwayland.enable = true;
systemd.enable = false;
systemd.enable = true;
importantPrefixes = ["$left" "$right" "$up" "$down" "$menu"];
settings = {
env = [
"XMODIFIERS,@im=fcitx"
"XCURSOR_SIZE,12"
];
input = {
kb_layout = "fr";
kb_variant = "bepo_afnor";
# kb_options = "caps:ctrl_modifier";
kb_layout = "fr,us";
kb_variant = "bepo_afnor,";
numlock_by_default = true;
follow_mouse = 1;
touchpad.natural_scroll = false;
sensitivity = "0";
};
device = {
name = "wacom-usb-bamboo-pad-finger";
sensitivity = 0.5;
};
monitor =
{
"marpa" = [
"DP-1, 3440x1440@144, 1080x550, 1"
# "DP-1, 2560x1440@144, 1080x550, 1" # streaming
"DP-2, 2560x1080@60, 0x0, 1, transform, 1"
# "DP-2, 1366x768@60, 0x0, 1"
# "DP-2, 1829x1143@60, 0x0, 1"
];
"gampo" = [];
}."${cfg.host}";
@@ -82,11 +88,12 @@ in {
new_status = "inherit";
};
workspace = [
"10, layoutopt:orientation:bottom"
"1, layoutopt:orientation:bottom"
"9, layoutopt:orientation:bottom"
"10, layoutopt:orientation:bottom"
];
decoration = {
rounding = 5;
rounding = 20;
};
animations = {
enabled = true;
@@ -99,17 +106,24 @@ in {
"workspaces, 1, 6, default"
];
};
dwindle = {
pseudotile = true;
preserve_split = true;
};
exec-once = [
dwindle.preserve_split = true;
exec-once =
[
"pactl load-module module-switch-on-connect"
"${pkgs.mpc}/bin/mpc stop"
"${pkgs.networkmanagerapplet}/bin/nm-applet"
];
"${pkgs.polkit_gnome}/libexec/polkit-gnome-authentication-agent-1"
"${pkgs.mozc}/lib/mozc/mozc_server"
"${pkgs.fcitx5}/bin/fcitx5 -d"
]
++ lib.lists.optional (! caelestiaEnabled) "${pkgs.networkmanagerapplet}/bin/nm-applet";
};
extraConfig = ''
device {
name = wacom-usb-bamboo-pad-finger
sensitivity = 0.5
accel_profile = adaptive
}
$left = c
$right = r
$up = s
@@ -120,111 +134,6 @@ in {
bind = SUPER, Space, exec, ${pkgs.wlr-which-key}/bin/wlr-which-key
bind = , Print, exec, ${pkgs.wlr-which-key}/bin/wlr-which-key -k s
submap = leader
bind = , l, exec, plock
bind = , l, submap, reset
bind = , a, submap, apps
bind = , b, submap, buffers
bind = , w, submap, windows
bind = , escape, submap, reset
bind = CTRL, g, submap, reset
submap = apps
bind = , b, exec, zen
bind = , b, submap, reset
bind = SHIFT, b, exec, qutebrowser
bind = SHIFT, b, submap, reset
bind = , d, exec, vesktop
bind = , d, submap, reset
bind = , e, exec, ${cfg.emacsPkg}/bin/emacsclient -c -n
bind = , e, submap, reset
bind = , g, exec, ${pkgs.gimp}/bin/gimp
bind = , g, submap, reset
bind = , n, exec, ${pkgs.nemo}/bin/nemo
bind = , n, submap, reset
bind = , r, submap, rofi
bind = , u, exec, $menu
bind = , u, submap, reset
bind = , escape, submap, reset
bind = CTRL, g, submap, reset
submap = buffers
bind = , d, killactive,
bind = , d, submap, reset
bind = , escape, submap, reset
bind = CTRL, g, submap, reset
submap = resize
binde = , $left, resizeactive, -10 0
binde = , $right, resizeactive, 10 0
binde = , $up, resizeactive, 0 -10
binde = , $down, resizeactive, 0 10
bind = , q, submap, reset
bind = , escape, submap, reset
bind = CTRL, g, submap, reset
submap = rofi
bind = , b, exec, rofi-bluetooth
bind = , b, submap, reset
bind = , e, exec, rofi -show emoji
bind = , e, submap, reset
bind = , r, exec, $menu
bind = , r, submap, reset
bind = , s, exec, rofi -show ssh
bind = , r, submap, reset
bind = , y, exec, ytplay
bind = , y, submap, reset
bind = , escape, submap, reset
bind = CTRL, g, submap, reset
submap = screenshot
bind = , Print, exec, screenshot
bind = , Print, submap, reset
bind = , d, exec, screenshot -d 3
bind = , d, submap, reset
bind = Shift, d, exec, screenshot -sced 3
bind = Shift, d, submap, reset
bind = , e, exec, screenshot -sec
bind = , e, submap, reset
bind = , s, exec, screenshot -s
bind = , s, submap, reset
bind = Shift, s, exec, screenshot -sc
bind = Shift, s, submap, reset
bind = , escape, submap, reset
bind = CTRL, g, submap, reset
submap = windows
bind = , period, submap, resize
bind = , $left, movefocus, l
bind = , $left, submap, reset
bind = , $right, movefocus, r
bind = , $right, submap, reset
bind = , $up, movefocus, u
bind = , $up, submap, reset
bind = , $down, movefocus, d
bind = , $down, submap, reset
bind = SHIFT, $left, movewindow, l
bind = SHIFT, $left, submap, reset
bind = SHIFT, $right, movewindow, r
bind = SHIFT, $right, submap, reset
bind = SHIFT, $up, movewindow, u
bind = SHIFT, $up, submap, reset
bind = SHIFT, $down, movewindow, d
bind = SHIFT, $down, submap, reset
bind = CTRL_SHIFT, $left, moveworkspacetomonitor, e+0 +1
bind = CTRL_SHIFT, $left, submap, reset
bind = CTRL_SHIFT, $right, moveworkspacetomonitor, e+0 -1
bind = CTRL_SHIFT, $right, submap, reset
bind = , d, killactive,
bind = , d, submap, reset
bind = , f, fullscreen,
bind = , f, submap, reset
bind = SHIFT, f, togglefloating,
bind = SHIFT, f, submap, reset
bind = , escape, submap, reset
bind = CTRL, g, submap, reset
submap = reset
bindl = , XF86AudioPlay, exec, playerctl play-pause
bindl = , XF86AudioPause, exec, playerctl pause
bindl = , XF86AudioStop, exec, playerctl stop
@@ -238,22 +147,17 @@ in {
bindl = , XF86MonBrightnessDown, exec, xbacklight -perceived -dec 2
bindl = , XF86KbdBrightnessUp, exec, xbacklight -perceived -inc 2
bindl = , XF86KbdBrightnessDown, exec, xbacklight -perceived -dec 2
bind = SUPER, a, exec, hyprctl switchxkblayout glove80-keyboard next
bind = SUPER, $left, movefocus, l
bind = SUPER, $right, movefocus, r
bind = SUPER, $up, movefocus, u
bind = SUPER, $down, movefocus, d
bind = SUPER_SHIFT, $left, movewindow, l
bind = SUPER_SHIFT, $left, submap, reset
bind = SUPER_SHIFT, $right, movewindow, r
bind = SUPER_SHIFT, $right, submap, reset
bind = SUPER_SHIFT, $up, movewindow, u
bind = SUPER_SHIFT, $up, submap, reset
bind = SUPER_SHIFT, $down, movewindow, d
bind = SUPER_SHIFT, $down, submap, reset
bind = SUPER_CTRL_SHIFT, $left, moveworkspacetomonitor, e+0 +1
bind = SUPER_CTRL_SHIFT, $left, submap, reset
bind = SUPER_CTRL_SHIFT, $right, moveworkspacetomonitor, e+0 -1
bind = SUPER_CTRL_SHIFT, $right, submap, reset
bind = SUPER, Tab, cyclenext,
bind = SUPER_SHIFT, Tab, cyclenext, prev
bindm = SUPER, mouse:272, movewindow
users/modules/desktop/kitty.nix
+67 -65
View File
@@ -29,84 +29,86 @@ in {
detect_urls = true;
background_opacity = 0.7;
};
keybindings = {
keybindings = let
prefix = "kitty_mod+space";
in {
"alt+c" = "copy_to_clipboard";
"kitty_mod+c" = "copy_to_clipboard";
"alt+v" = "paste_from_clipboard";
"kitty_mod+v" = "paste_from_clipboard";
"kitty_mod+s>c" = "show_scrollback";
"kitty_mod+s>down" = "scroll_line_down";
"kitty_mod+s>t" = "scroll_line_down";
"kitty_mod+s>up" = "scroll_line_up";
"kitty_mod+s>s" = "scroll_line_up";
"kitty_mod+s>end" = "scroll_end";
"kitty_mod+s>home" = "scroll_home";
"kitty_mod+s>page_down" = "scroll_page_down";
"kitty_mod+s>page_up" = "scroll_page_up";
"${prefix}>s>c" = "show_scrollback";
"${prefix}>s>down" = "scroll_line_down";
"${prefix}>s>t" = "scroll_line_down";
"${prefix}>s>up" = "scroll_line_up";
"${prefix}>s>s" = "scroll_line_up";
"${prefix}>s>end" = "scroll_end";
"${prefix}>s>home" = "scroll_home";
"${prefix}>s>page_down" = "scroll_page_down";
"${prefix}>s>page_up" = "scroll_page_up";
"kitty_mod+enter" = "new_window";
"kitty_mod+w>q" = "close_window";
"kitty_mod+w>p" = "next_window";
"kitty_mod+w>n" = "previous_window";
"kitty_mod+w>f" = "move_window_forward";
"kitty_mod+w>b" = "move_window_backward";
"kitty_mod+w>t" = "move_window_to_top";
"kitty_mod+w>r" = "start_resizing_window";
"kitty_mod+w>1" = "first_window";
"kitty_mod+w>2" = "second_window";
"kitty_mod+w>3" = "third_window";
"kitty_mod+w>4" = "fourth_window";
"kitty_mod+w>5" = "fifth_window";
"kitty_mod+w>6" = "sixth_window";
"kitty_mod+w>7" = "seventh_window";
"kitty_mod+w>8" = "eighth_window";
"kitty_mod+w>9" = "ninth_window";
"kitty_mod+w>0" = "tenth_window";
"${prefix}>enter" = "new_window";
"${prefix}>w>q" = "close_window";
"${prefix}>w>p" = "next_window";
"${prefix}>w>n" = "previous_window";
"${prefix}>w>f" = "move_window_forward";
"${prefix}>w>b" = "move_window_backward";
"${prefix}>w>t" = "move_window_to_top";
"${prefix}>w>r" = "start_resizing_window";
"${prefix}>w>1" = "first_window";
"${prefix}>w>2" = "second_window";
"${prefix}>w>3" = "third_window";
"${prefix}>w>4" = "fourth_window";
"${prefix}>w>5" = "fifth_window";
"${prefix}>w>6" = "sixth_window";
"${prefix}>w>7" = "seventh_window";
"${prefix}>w>8" = "eighth_window";
"${prefix}>w>9" = "ninth_window";
"${prefix}>w>0" = "tenth_window";
"kitty_mod+tab>n" = "next_tab";
"kitty_mod+tab>p" = "previous_tab";
"kitty_mod+tab>c" = "new_tab";
"kitty_mod+tab>q" = "close_tab";
"kitty_mod+tab>shift+n" = "move_tab_backward";
"kitty_mod+tab>shift+p" = "move_tab_forward";
"kitty_mod+tab>t" = "set_tab_title";
"${prefix}>tab>n" = "next_tab";
"${prefix}>tab>p" = "previous_tab";
"${prefix}>tab>c" = "new_tab";
"${prefix}>tab>q" = "close_tab";
"${prefix}>tab>shift+n" = "move_tab_backward";
"${prefix}>tab>shift+p" = "move_tab_forward";
"${prefix}>tab>t" = "set_tab_title";
"kitty_mod+l" = "next_layout";
"${prefix}>l" = "next_layout";
"kitty_mod+f>equal" = "change_font_size all 0";
"kitty_mod+f>kp_add" = "change_font_size all +2.0";
"kitty_mod+f>plus" = "change_font_size all +2.0";
"kitty_mod+f>kp_subtract" = "change_font_size all -2.0";
"kitty_mod+f>minus" = "change_font_size all -2.0";
"${prefix}>f>equal" = "change_font_size all 0";
"${prefix}>f>kp_add" = "change_font_size all +2.0";
"${prefix}>f>plus" = "change_font_size all +2.0";
"${prefix}>f>kp_subtract" = "change_font_size all -2.0";
"${prefix}>f>minus" = "change_font_size all -2.0";
"kitty_mod+shift+h" = "kitten hints";
"kitty_mod+h>p" = "kitten hints --type path --program -";
"kitty_mod+h>shift+p" = "kitten hints --type path";
"kitty_mod+h>l" = "kitten hints --type line --program -";
"kitty_mod+h>w" = "kitten hints --type word --program -";
"kitty_mod+h>h" = "kitten hints --type hash --program -";
"kitty_mod+h>n" = "kitten hints --type linenum";
"kitty_mod+h>y" = "kitten hints --type hyperlink";
"${prefix}>shift+h" = "kitten hints";
"${prefix}>h>p" = "kitten hints --type path --program -";
"${prefix}>h>shift+p" = "kitten hints --type path";
"${prefix}>h>l" = "kitten hints --type line --program -";
"${prefix}>h>w" = "kitten hints --type word --program -";
"${prefix}>h>h" = "kitten hints --type hash --program -";
"${prefix}>h>n" = "kitten hints --type linenum";
"${prefix}>h>y" = "kitten hints --type hyperlink";
"kitty_mod+f10" = "toggle_maximized";
"kitty_mod+f11" = "toggle_fullscreen";
"${prefix}>f10" = "toggle_maximized";
"${prefix}>f11" = "toggle_fullscreen";
"kitty_mod+a>equal" = "set_background_opacity 1";
"kitty_mod+a>d" = "set_background_opacity default";
"kitty_mod+a>plus" = "set_background_opacity +0.1";
"kitty_mod+a>up" = "set_background_opacity +0.1";
"kitty_mod+a>kp_add" = "set_background_opacity +0.1";
"kitty_mod+a>minus" = "set_background_opacity -0.1";
"kitty_mod+a>down" = "set_background_opacity -0.1";
"kitty_mod+a>kp_substract" = "set_background_opacity -0.1";
"${prefix}>a>equal" = "set_background_opacity 1";
"${prefix}>a>d" = "set_background_opacity default";
"${prefix}>a>plus" = "set_background_opacity +0.1";
"${prefix}>a>up" = "set_background_opacity +0.1";
"${prefix}>a>kp_add" = "set_background_opacity +0.1";
"${prefix}>a>minus" = "set_background_opacity -0.1";
"${prefix}>a>down" = "set_background_opacity -0.1";
"${prefix}>a>kp_substract" = "set_background_opacity -0.1";
"kitty_mod+delete" = "clear_terminal reset active";
"kitty_mod+escape" = "kitty_shell window";
"kitty_mod+f2" = "edit_config_file";
"kitty_mod+n" = "new_os_window";
"kitty_mod+o" = "pass_selection_to_program";
"kitty_mod+u" = "kitten unicode_input";
"${prefix}>delete" = "clear_terminal reset active";
"${prefix}>escape" = "kitty_shell window";
"${prefix}>f2" = "edit_config_file";
"${prefix}>n" = "new_os_window";
"${prefix}>o" = "pass_selection_to_program";
"${prefix}>u" = "kitten unicode_input";
};
};
}
users/modules/desktop/obs.nix
+4
View File
@@ -6,6 +6,7 @@
}:
with lib; let
cfg = config.home.desktop.obs;
obs-image-reaction = pkgs.callPackage ../../../packages/obs-image-reaction.nix {};
in {
options.home.desktop.obs.enable = mkEnableOption "Enables OBS Studio";
config.programs.obs-studio = mkIf cfg.enable {
@@ -13,11 +14,14 @@ in {
plugins = with pkgs.obs-studio-plugins; [
input-overlay
obs-backgroundremoval
obs-markdown
obs-mute-filter
obs-pipewire-audio-capture
obs-scale-to-sound
obs-source-clone
obs-source-record
obs-tuna
obs-image-reaction
];
};
}
users/modules/desktop/qt.nix
-11
View File
@@ -1,11 +0,0 @@
{
lib,
config,
...
}:
with lib; let
cfg = config.home.desktop.qt;
in {
options.home.desktop.qt.enable = mkEnableOption "Enable Qt support";
config.qt.enable = cfg.enable;
}
users/modules/desktop/spotify.nix
+25
View File
@@ -0,0 +1,25 @@
{
pkgs,
config,
lib,
inputs,
...
}:
with lib; let
inherit (pkgs.stdenv.hostPlatform) system;
cfg = config.home.desktop.spotify;
spicePkgs = inputs.spicetify.legacyPackages.${system};
in {
options.home.desktop.spotify = {
enable = mkEnableOption "Enable Spotify";
spicetify.enable = mkEnableOption "Enable Spicetify";
};
config.programs = mkIf cfg.enable {
spotify-player.enable = cfg.enable;
spicetify = mkIf cfg.spicetify.enable {
inherit (cfg.spicetify) enable;
theme = spicePkgs.themes.sleek;
colorScheme = "Nord";
};
};
}
users/modules/desktop/theme.nix
+34
View File
@@ -0,0 +1,34 @@
{
pkgs,
config,
lib,
...
}:
with lib; let
cfg = config.home.desktop.theme;
in {
options.home.desktop.theme.enable = mkEnableOption "Enable theme options";
config = mkIf cfg.enable {
gtk = {
enable = true;
colorScheme = "dark";
iconTheme = {
name = "Nordzy-icons";
package = pkgs.nordzy-icon-theme;
};
theme = {
package = pkgs.nordic;
name = "Nordic";
};
gtk4.theme = config.gtk.theme;
};
home.pointerCursor = {
enable = true;
gtk.enable = true;
hyprcursor.enable = config.home.desktop.hyprland.enable;
name = "Nordzy-cursors";
package = pkgs.nordzy-cursor-theme;
};
qt.enable = true;
};
}
users/modules/desktop/wl-kbptr.nix
+37
View File
@@ -0,0 +1,37 @@
{
config,
lib,
pkgs,
...
}:
with lib; let
configDir = config.xdg.configHome;
cfg = config.home.desktop.wl-kbptr;
iniFormat = pkgs.formats.ini {};
in {
options.home.desktop.wl-kbptr = {
enable = mkEnableOption "enable wl-kbptr";
config = mkOption {
inherit (iniFormat) type;
default = {};
description = ''
Options to add to the {file}`config` file. See
<https://github.com/moverest/wl-kbptr/blob/main/config.example>
for options.
'';
example = {
general = {
home_row_keys = "abcd";
};
};
};
};
config = mkIf cfg.enable {
home = {
packages = [pkgs.wl-kbptr];
file."${configDir}/wl-kbptr/config" = mkIf (cfg.config != {}) {
source = iniFormat.generate "wl-kbptr-config" cfg.config;
};
};
};
}
users/modules/desktop/wlr-which-key.nix
+1 -1
View File
@@ -21,7 +21,7 @@
# Recursively filter out null values and convert kebab-case keys to snake_case
filterNulls = value:
if lib.isAttrs value
then lib.mapAttrs' (n: v: lib.nameValuePair (toSnakeCase n) (filterNulls v)) (lib.filterAttrs (n: v: v != null) value)
then lib.mapAttrs' (n: v: lib.nameValuePair (toSnakeCase n) (filterNulls v)) (lib.filterAttrs (_: v: v != null) value)
else if lib.isList value
then map filterNulls value
else value;
users/modules/dev/ai/claude.nix
+15 -5
View File
@@ -1,18 +1,28 @@
{
config,
lib,
inputs,
system,
pkgs,
...
}:
with lib; let
cfg = config.home.dev.ai.claude;
jsonFormat = pkgs.formats.json {};
in {
options.home.dev.ai.claude.enable = mkEnableOption "Enables Claude-related packages";
options.home.dev.ai.claude = {
enable = mkEnableOption "Enables Claude-related packages";
mcpServers = mkOption {
inherit (jsonFormat) type;
default = {};
};
};
config = mkIf cfg.enable {
home.packages = [inputs.claude-desktop.packages.${system}.claude-desktop-with-fhs];
home.packages = let
claude-jj = pkgs.writeShellScriptBin "claude-jj" ''
${pkgs.claude-code}/bin/claude --append-system-prompt 'CRITICAL: This repository uses Jujutsu (jj), NOT git. Never use git commands. Use jj equivalents.' "$@"
'';
in [claude-jj pkgs.sox];
programs.claude-code = {
inherit (cfg) enable;
inherit (cfg) enable mcpServers;
};
};
}
users/modules/dev/ai/default.nix
+26 -4
View File
@@ -1,19 +1,41 @@
{
config,
lib,
pkgs,
...
}:
with lib; let
cfg = config.home.dev.ai;
jsonFormat = pkgs.formats.json {};
in {
imports = [
./ollama.nix
./claude.nix
./ollama.nix
./opencode.nix
];
options.home.dev.ai.enable = mkEnableOption "Enables AI features";
config.home.dev.ai = mkIf cfg.enable {
options.home.dev.ai = {
enable = mkEnableOption "Enables AI features";
mcpServers = mkOption {
inherit (jsonFormat) type;
default = {};
};
};
config = {
home = mkIf cfg.enable {
dev.ai = {
claude = {
enable = mkDefault cfg.enable;
mcpServers = mkDefault cfg.mcpServers;
};
ollama.enable = mkDefault cfg.enable;
claude.enable = mkDefault cfg.enable;
opencode.enable = mkDefault cfg.enable;
};
packages = [pkgs.lmstudio];
};
programs.mcp = mkIf (cfg.mcpServers != {}) {
enable = true;
servers = cfg.mcpServers;
};
};
}
users/modules/dev/ai/ollama.nix
+7 -1
View File
@@ -16,11 +16,17 @@ in {
};
};
config.services.ollama = mkIf cfg.enable {
config = {
services.ollama = mkIf cfg.enable {
inherit (cfg) enable;
acceleration = cfg.gpu;
host = "0.0.0.0";
environmentVariables = {
OLLAMA_CONTEXT_LENGTH = "8192";
OLLAMA_MAX_LOADED_MODELS = "1";
OLLAMA_KEEP_ALIVE = "10m";
};
};
home.sessionVariables.OLLAMA_API_BASE = "http://${config.services.ollama.host}:11434/";
};
}
users/modules/dev/ai/opencode.nix
+85
View File
@@ -0,0 +1,85 @@
{
config,
lib,
inputs,
pkgs,
...
}:
with lib; let
inherit (pkgs.stdenv.hostPlatform) system;
cfg = config.home.dev.ai.opencode;
defaultPackageCli = inputs.opencode.packages.${system}.opencode;
defaultPackageDesktop = inputs.opencode.packages.${system}.desktop;
corsList = domains: lists.remove "" (lists.forEach (strings.splitString "," domains) trim);
in {
options.home.dev.ai.opencode = {
enable = mkEnableOption "Enables OpenCode";
package = mkOption {
type = types.package;
default = defaultPackageCli;
description = "The CLI package for OpenCode";
};
settings = mkOption {
type = types.json;
default = {};
};
tui = mkOption {
type = types.json;
default = {};
};
desktop = {
enable = mkEnableOption "Enables the desktop app";
package = mkOption {
type = types.package;
default = defaultPackageDesktop;
description = "The desktop package for OpenCode";
};
};
web = {
enable = mkEnableOption "Enables OpenCode web";
extraArgs = mkOption {
type = types.listOf types.str;
default = [];
example = [
"--hostname"
"0.0.0.0"
];
};
cors = mkOption {
type = types.nullOr (types.either types.str types.path);
default = null;
example = "opencode.example.com,code.example.com";
description = ''
Either a string containing the domain allowed to connect to OpenCodes web instance, or a file containing the target value. The latter is useful when using secret management if you dont want to publicize the hostname of your OpenCode instance.
If you want to use multiple domains, you can separate them with a comma.
'';
};
mdns = {
enable = mkEnableOption "Enables mDNS with OpenCode";
hostname = mkOption {
type = types.nullOr types.str;
default = null;
example = "opencode.local";
};
};
};
};
config.programs.opencode = mkIf cfg.enable {
inherit (cfg) enable tui;
enableMcpIntegration = true;
extraPackages = with pkgs; [uv];
settings =
{
server = mkIf cfg.web.mdns.enable {
mdns = true;
mdnsDomain = mkIf (cfg.web.mdns.hostname != null) cfg.web.mdns.hostname;
cors = corsList cfg.web.cors;
};
}
// cfg.settings;
web = {
inherit (cfg.web) enable extraArgs;
};
};
}
users/modules/dev/editors/emacs.nix
+5
View File
@@ -37,7 +37,12 @@ in {
services.emacs = mkIf cfg.service {
enable = true;
inherit (cfg) package;
defaultEditor = true;
startWithUserSession = "graphical";
client = {
enable = true;
arguments = ["-c" "-a" "${cfg.package}/bin/emacs"];
};
};
xdg.desktopEntries.mu4e = mkIf cfg.mu4eMime {
users/modules/dev/vcs/default.nix
+4
View File
@@ -48,6 +48,10 @@ in {
enable = mkDefault true;
inherit (cfg) name email editor;
signing.sshKey = mkDefault (cfg.publicKey.file or cfg.publicKey.content);
cz = {
enable = mkDefault true;
alias = mkDefault true;
};
};
};
}
users/modules/dev/vcs/git.nix
+8 -3
View File
@@ -127,6 +127,14 @@ in {
"dist/"
];
signing = {
format =
if cfg.publicKeyFile != null
then "ssh"
else "openpgp";
key = cfg.publicKeyFile;
signByDefault = true;
};
settings = {
user = {
inherit (cfg) name email;
@@ -151,8 +159,6 @@ in {
renames = "copy";
interHunkContext = 10;
};
commit.gpgsign = cfg.publicKeyFile != null;
gpg.format = "ssh";
gpg.ssh.allowedSignersFile = "${config.home.homeDirectory}/.ssh/allowed_signers";
init.defaultBranch = "main";
pull.rebase = true;
@@ -168,7 +174,6 @@ in {
updateRefs = true;
};
help.autocorrect = "prompt";
user.signingkey = mkIf (cfg.publicKeyFile != null) cfg.publicKeyFile;
web.browser = mkIf (cfg.browser != null) cfg.browser;
sendemail = mkIf cfg.sendmail.enable {
smtpserver = cfg.sendmail.server;
users/modules/dev/vcs/jujutsu.nix
+39 -5
View File
@@ -2,10 +2,13 @@
lib,
config,
pkgs,
inputs,
...
}:
with lib; let
inherit (pkgs.stdenv.hostPlatform) system;
cfg = config.home.dev.vcs.jj;
jj-cz = inputs.jj-cz.packages.${system}.default;
in {
options.home.dev.vcs.jj = {
enable = mkEnableOption "enables jj";
@@ -33,9 +36,21 @@ in {
description = "Path to the private SSH key for signing.";
};
};
cz = {
enable = mkEnableOption "Enables jj-cz";
alias = mkEnableOption "Enable `jj cz` as an alias to `jj-cz`";
};
# used in my shell .nix files
shellCompletion = mkOption {
description = "Enable Jujutsu shell completion";
type = types.bool;
default = true;
};
};
config.programs.jujutsu = mkIf cfg.enable {
config = mkIf cfg.enable {
home.packages = mkIf cfg.cz.enable [jj-cz];
programs.jujutsu = {
enable = true;
settings = {
user = {
@@ -45,9 +60,8 @@ in {
default-command = "st";
pager = ":builtin";
show-cryptographic-signatures = true;
conflict-marker-style = "git"; # Support for vc-jj.el
diff-formatter = ":git"; # Support for vc-jj.el
diff-editor = ":builtin";
merge-editort = ":builtin";
inherit (cfg) editor;
};
signing = mkIf cfg.signing.enable {
@@ -60,27 +74,45 @@ in {
aliases = {
blame = ["file" "annotate"];
consume = ["squash" "--into" "@" "--from"];
cz = mkIf cfg.cz.alias ["util" "exec" "--" "${jj-cz}/bin/jj-cz"];
eject = ["squash" "--from" "@" "--into"];
d = ["diff"];
dm = ["desc" "-m"];
gc = ["git" "clone"];
gcc = ["git" "clone" "--colocate"];
l = ["log"];
la = ["log" "-r" "::"];
lc = ["log" "-r" "(remote_bookmarks()..@)::"];
ll = ["log" "-T" "builtin_log_detailed"];
open = ["log" "-r" "open()"];
n = ["new"];
nd = ["new" "dev()"];
nt = ["new" "trunk()"];
revlog = ["evolog"];
s = ["show"];
tug = ["bookmark" "move" "--from" "heads(::@- & bookmarks())" "--to" "@-"];
};
colors.working_copy.underline = true;
git = {
private-commits = "blacklist()";
colocate = true;
subprocess = true;
};
revset-aliases = {
"immutable_heads()" = "present(trunk()) | tags()";
# Resolves by default to latest main/master remote bookmarks
"trunk()" = "latest((present(main) | present(master)) & remote_bookmarks())";
# Same as trunk() but for `dev` or `develop` bookmarks
"dev()" = "latest((present(dev) | present(develop)) & remote_bookmarks())";
"user(x)" = "author(x) | committer(x)";
"gh_pages()" = "ancestors(remote_bookmarks(exact:\"gh-pages\"))";
"trunk()" = "latest((present(main) | present(master)) & remote_bookmarks())";
"dev()" = "latest((present(dev) | present(develop)) & remote_bookmarks())";
#Private and WIP commits that should never be pushed
"wip()" = "description(glob:\"wip:*\")";
"private()" = "description(glob:\"private:*\")";
"blacklist()" = "wip() | private()";
# stack(x, n) is the set of mutable commits reachable from
# 'x', with 'n' parents. 'n' is often useful to customize the
# display and return set for certain operations. 'x' can be
@@ -93,6 +125,8 @@ in {
"open()" = "stack(dev().. & mine(), 1)";
"ready()" = "open() ~ blacklist()::";
};
remotes.origin.auto-track-bookmarks = "*";
};
};
};
}
users/modules/media/default.nix
+4
View File
@@ -11,6 +11,8 @@ in {
./mpd.nix
./mpd-mpris.nix
./mpv.nix
./ncmpcpp.nix
./streamlink.nix
];
options.home.media.fullDesktop = mkEnableOption "Enables everything";
@@ -18,5 +20,7 @@ in {
mopidy.enable = mkDefault cfg.fullDesktop;
mpd.enable = mkDefault (cfg.fullDesktop or cfg.mpd-mpris.enable);
mpv.enable = mkDefault cfg.fullDesktop;
ncmpcpp.enable = mkDefault config.home.media.mpd.enable;
streamlink.enable = mkDefault config.home.media.mpv.enable;
};
}
users/modules/media/mpd.nix
+5
View File
@@ -19,6 +19,11 @@ in {
bind_to_address "localhost"
auto_update "yes"
audio_output {
type "pipewire"
name "PipeWire"
}
audio_output {
type "fifo"
name "my_fifo"
users/modules/media/mpv.nix
+2 -2
View File
@@ -15,7 +15,7 @@ in {
force-seekable = true; # force streams to be seekable
slang = "jpn,jp,eng,en,fra,fr";
alang = "eng,en,fra,fr";
gpu-api = "vulkan";
gpu-api = "auto";
osc = true;
profile = "gpu-hq";
# geometry = "50%x50%";
@@ -44,7 +44,7 @@ in {
encode
inhibit-gnome
mpris
mpv-cheatsheet
mpv-cheatsheet-ng
quality-menu
sponsorblock
thumbfast
users/modules/media/ncmpcpp.nix
+87
View File
@@ -0,0 +1,87 @@
{
lib,
config,
...
}:
with lib; let
cfg = config.home.media.ncmpcpp;
in {
options.home.media.ncmpcpp.enable = mkEnableOption "Enable ncmpcpp";
config.programs.ncmpcpp = let
musicDir = config.services.mpd.musicDirectory;
in
mkIf cfg.enable {
inherit (cfg) enable;
mpdMusicDir = musicDir;
settings = {
# directories
ncmpcpp_directory = "${config.home.homeDirectory}/.config/ncmpcpp";
lyrics_directory = "${musicDir}/.lyrics";
# MPD
mpd_host = "localhost";
mpd_port = 6600;
mpd_connection_timeout = 5;
mpd_crossfade_time = 0;
# music visualizer
visualizer_output_name = "my_fifo";
visualizer_in_stereo = "yes";
# visualizer_type = "spectrum";
visualizer_look = "+|";
visualizer_color = "blue, cyan, green, yellow, magenta, red";
system_encoding = "UTF-8";
# song format
song_list_format = "(6)[]{} (23)[red]{a} (26)[yellow]{t|f} (40)[green]{b} (4)[blue]{l}";
now_playing_prefix = "$b";
now_playing_suffix = "$8$/b";
# columns settings
song_columns_list_format = "(6)[]{} (23)[red]{a} (26)[yellow]{t|f} (40)[green]{b} (4)[blue]{l}";
playlist_shorten_total_times = "yes";
playlist_display_mode = "columns";
browser_display_mode = "columns";
search_engine_display_mode = "columns";
playlist_editor_display_mode = "columns";
autocenter_mode = "yes";
centered_cursor = "yes";
progressbar_look = "> ";
header_visibility = "no";
statusbar_visibility = "no";
titles_visibility = "no";
allow_for_physical_item_deletion = "yes";
lastfm_preferred_language = "en";
space_add_mode = "add_remove";
locked_screen_width_part = "50";
ask_for_locked_screen_width_part = "yes";
jump_to_now_playing_song_at_start = "yes";
ask_before_clearing_playlists = "yes";
clock_display_seconds = "no";
display_volume_level = "yes";
display_bitrate = "no";
display_remaining_time = "yes";
regular_expressions = "extended";
ignore_leading_the = "yes";
ignore_diacritics = "yes";
mouse_support = "no";
tags_separator = ";";
enable_window_title = "yes";
search_engine_default_search_mode = 1;
external_editor = "emacsclient -c";
use_console_editor = "yes";
# colours
colors_enabled = "yes";
volume_color = "default";
progressbar_color = "black";
progressbar_elapsed_color = "white";
statusbar_color = "white";
};
};
}
users/modules/media/streamlink.nix
+17
View File
@@ -0,0 +1,17 @@
{
lib,
config,
pkgs,
...
}:
with lib; let
cfg = config.home.media.streamlink;
in {
options.home.media.streamlink.enable = mkEnableOption "Enable Streamlink";
config.programs.streamlink = mkIf cfg.enable {
enable = true;
settings = {
player = "${pkgs.mpv}/bin/mpv";
};
};
}
users/modules/security/gpg.nix
+2 -5
View File
@@ -11,10 +11,7 @@ in {
enable = mkEnableOption "Enable GPG";
pinentry.package = mkOption {
type = types.package;
default =
if config.home.dev.editors.emacs.enable
then pkgs.pinentry-emacs
else pkgs.pinentry-gtk2;
default = pkgs.pinentry-gnome3;
};
};
config = mkIf cfg.enable {
@@ -25,7 +22,7 @@ in {
};
services.gpg-agent = {
enable = true;
enableSshSupport = true;
enableSshSupport = false;
pinentry.package = cfg.pinentry.package;
};
};
users/modules/services/blanket.nix
+2 -2
View File
@@ -4,8 +4,8 @@
...
}:
with lib; let
cfg = config.home.services.blanket;
cfg = config.home.myServices.blanket;
in {
options.home.services.blanket.enable = mkEnableOption "Enable blanket";
options.home.myServices.blanket.enable = mkEnableOption "Enable blanket";
config.services.blanket.enable = cfg.enable;
}
users/modules/services/default.nix
+7 -3
View File
@@ -4,7 +4,7 @@
...
}:
with lib; let
cfg = config.home.services;
cfg = config.home.myServices;
in {
imports = [
./blanket.nix
@@ -12,8 +12,12 @@ in {
./mpris-proxy.nix
./playerctld.nix
];
options.home.services.fullDesktop = mkEnableOption "Enable all modules";
config.home.services = {
options.home.myServices.fullDesktop = mkOption {
description = "Enable all modules";
type = types.bool;
default = config.home.fullDesktop;
};
config.home.myServices = {
blanket.enable = mkDefault cfg.fullDesktop;
mbsync.enable = mkDefault cfg.fullDesktop;
mpris-proxy.enable = mkDefault cfg.fullDesktop;
users/modules/services/mbsync.nix
+2 -2
View File
@@ -4,9 +4,9 @@
...
}:
with lib; let
cfg = config.home.services.mbsync;
cfg = config.home.myServices.mbsync;
in {
options.home.services.mbsync = {
options.home.myServices.mbsync = {
enable = mkEnableOption "Enables mbsync";
service.enable = mkOption {
type = types.bool;
users/modules/services/mpris-proxy.nix
+2 -2
View File
@@ -4,8 +4,8 @@
...
}:
with lib; let
cfg = config.home.services.mpris-proxy;
cfg = config.home.myServices.mpris-proxy;
in {
options.home.services.mpris-proxy.enable = mkEnableOption "Enable MPRIS forwarding towards bluetooth and MIDI";
options.home.myServices.mpris-proxy.enable = mkEnableOption "Enable MPRIS forwarding towards bluetooth and MIDI";
config.services.mpris-proxy.enable = cfg.enable;
}
users/modules/services/playerctld.nix
+2 -2
View File
@@ -4,8 +4,8 @@
...
}:
with lib; let
cfg = config.home.services.playerctld;
cfg = config.home.myServices.playerctld;
in {
options.home.services.playerctld.enable = mkEnableOption "Enable playerctld daemon";
options.home.myServices.playerctld.enable = mkEnableOption "Enable playerctld daemon";
config.services.playerctld.enable = cfg.enable;
}
users/modules/shell/bash.nix
+7
View File
@@ -16,6 +16,11 @@ in {
lns = "ln -si";
};
};
autocompletion = mkOption {
type = types.bool;
default = config.home.shell.autocompletion;
example = true;
};
eatIntegration = mkEnableOption "Enable Emacs Eat integration";
bashrcExtra = mkOption {
type = types.lines;
@@ -31,8 +36,10 @@ in {
concatLines
[
(strings.optionalString cfg.eatIntegration ''[ -n "$EAT_SHELL_INTEGRATION_DIR" ] && source "$EAT_SHELL_INTEGRATION_DIR/bash"'')
(strings.optionalString config.home.dev.vcs.jj.shellCompletion "source <(jj util completion bash)")
cfg.bashrcExtra
];
enableCompletion = cfg.autocompletion;
shellAliases = cfg.aliases;
shellOptions = [
"histappend"
users/modules/shell/default.nix
+17 -5
View File
@@ -4,7 +4,7 @@
...
}:
with lib; let
aliases = {
defaultAliases = {
df = "df -H";
diskspace = "sudo df -h | grep -E \"sd|lv|Size\"";
du = "du -ch";
@@ -78,22 +78,34 @@ in {
./fish.nix
./starship.nix
./tmux.nix
./zellij.nix
./zsh.nix
./zoxide.nix
];
options.home.shell.fullDesktop = mkEnableOption "Enable all shells";
options.home.shell = {
fullDesktop = mkEnableOption "Enable all shells";
aliases = mkOption {
type = types.attrsOf types.str;
default = {};
example = {la = "ls -a";};
};
autocompletion = mkOption {
type = types.bool;
default = true;
};
};
config.home.shell = {
enableShellIntegration = cfg.bash.enable or cfg.zsh.enable or cfg.fish.enable;
bash = {
aliases = mkDefault aliases;
aliases = defaultAliases // cfg.aliases;
enable = mkDefault cfg.fullDesktop;
};
fish = {
abbrs = mkDefault aliases;
abbrs = defaultAliases // cfg.aliases;
enable = mkDefault cfg.fullDesktop;
};
zsh = {
abbrs = mkDefault aliases;
abbrs = defaultAliases // cfg.aliases;
enable = mkDefault cfg.fullDesktop;
};
};
users/modules/shell/fish.nix
+7
View File
@@ -17,6 +17,11 @@ in {
lns = "ln -si";
};
};
autocompletion = mkOption {
type = types.bool;
default = config.home.shell.autocompletion;
example = true;
};
extraShellInit = mkOption {
type = types.lines;
default = "";
@@ -26,6 +31,7 @@ in {
config = lib.mkIf cfg.enable {
programs.fish = {
enable = true;
generateCompletions = cfg.autocompletion;
shellAbbrs = cfg.abbrs;
preferAbbrs = true;
shellInit = with lib;
@@ -35,6 +41,7 @@ in {
__fish_default_command_not_found_handler $argv
end
''
(strings.optionalString config.home.dev.vcs.jj.shellCompletion "jj util completion fish | source")
cfg.extraShellInit
];
plugins = [
users/modules/shell/starship.nix
+29 -1
View File
@@ -19,7 +19,34 @@ in {
inherit (cfg) enable;
enableTransience = true;
settings = mkIf cfg.jjIntegration {
custom.jj = {
# Disabling these so they can be enabled conditionally
# See https://github.com/jj-vcs/jj/wiki/Starship
git_status.disabled = true;
git_commit.disabled = true;
git_metrics.disabled = true;
git_branch.disabled = true;
custom = let
when = "! jj --ignore-working-copy-root";
description = "Only show if were not in a jj repository";
style = "";
in {
git_status = {
inherit when description style;
command = "starship module git_status";
};
git_commit = {
inherit when description style;
command = "starship module git_commit";
};
git_metrics = {
inherit when description style;
command = "starship module git_metrics";
};
git_branch = {
inherit when description style;
command = "starship module git_branch";
};
jj = {
description = "The current jj status";
detect_folders = [".jj"];
symbol = "🥋 ";
@@ -46,4 +73,5 @@ in {
};
};
};
};
}
users/modules/shell/tmux.nix
+51 -65
View File
@@ -6,8 +6,42 @@
}:
with lib; let
cfg = config.home.shell.tmux;
keyType = types.submodule {
options = {
key = mkOption {
type = types.str;
example = "C-b";
};
action = mkOption {
type = types.str;
example = "resize-pane -Z";
};
};
};
in {
options.home.shell.tmux.enable = mkEnableOption "Enable tmux";
options.home.shell.tmux = with types; {
enable = mkEnableOption "Enable tmux";
bind = mkOption {
type = attrsOf (listOf keyType);
default = {};
example = {
"prefix" = [
{
key = "C-r";
action = "resize-pane -R";
}
];
};
};
unbind = mkOption {
type = listOf (either str (attrsOf (listOf str)));
default = [];
};
extraConfig = mkOption {
type = types.lines;
default = "";
};
};
config.programs.tmux = mkIf cfg.enable {
inherit (cfg) enable;
baseIndex = 1;
@@ -25,71 +59,23 @@ in {
sensible
yank
];
extraConfig = ''
set-option -sa terminal-overrides ",xterm*:Tc"
extraConfig = let
generateBinds = concatLines (
mapAttrsToList (table: keys: concatMapStrings (key: "bind -T ${table} ${key.key} ${key.action}\n") keys) cfg.bind
);
generateUnbind =
concatMapStrings (
entry:
if builtins.isString entry
then "unbind ${entry}\n"
else concatStrings (mapAttrsToList (table: keys: concatMapStrings (key: "unbind -T ${table} ${key}\n") keys) entry)
)
cfg.unbind;
in ''
${cfg.extraConfig}
unbind C-b
bind-key -T prefix « select-window -p
bind-key -T prefix » select-window -n
bind-key -T prefix Tab switch-client -T windows
bind-key -T prefix w switch-client -T pane
bind-key -T prefix y switch-client -T copy-mode
bind-key -T pane / split-window -h -c "#{pane-current_path}"
bind-key -T pane - split-window -v -c "#{pane-current_path}"
bind-key -T pane c select-pane -L
bind-key -T pane t select-pane -D
bind-key -T pane s select-pane -U
bind-key -T pane r select-pane -R
bind-key -T pane f resize-pane -Z
bind-key -T pane . switch-client -T pane-resize
bind-key -T pane-resize c resize-pane -L 5\; switch-client -T pane-resize
bind-key -T pane-resize t resize-pane -D 5\; switch-client -T pane-resize
bind-key -T pane-resize s resize-pane -U 5\; switch-client -T pane-resize
bind-key -T pane-resize r resize-pane -R 5\; switch-client -T pane-resize
bind-key -T pane-resize C resize-pane -L\; switch-client -T pane-resize
bind-key -T pane-resize T resize-pane -D\; switch-client -T pane-resize
bind-key -T pane-resize S resize-pane -U\; switch-client -T pane-resize
bind-key -T pane-resize R resize-pane -R\; switch-client -T pane-resize
bind-key -T windows c new-window
bind-key -T windows n next-window
bind-key -T windows p previous-window
bind-key -T windows \" select-window -t :=1
bind-key -T windows « select-window -t :=2
bind-key -T windows » select-window -t :=3
bind-key -T windows ( select-window -t :=4
bind-key -T windows ) select-window -t :=5
bind-key -T windows @ select-window -t :=6
bind-key -T windows + select-window -t :=7
bind-key -T windows - select-window -t :=8
bind-key -T windows / select-window -t :=9
bind-key -T windows * select-window -t :=10
unbind -T copy-mode-vi H
unbind -T copy-mode-vi J
unbind -T copy-mode-vi K
unbind -T copy-mode-vi L
unbind -T copy-mode-vi h
unbind -T copy-mode-vi j
unbind -T copy-mode-vi k
unbind -T copy-mode-vi l
bind-key -T copy-mode-vi v send-keys -X begin-selection
bind-key -T copy-mode-vi C-v send-keys -X rectangle-toggle
bind-key -T copy-mode-vi y send-keys -X copy-selection-and-cancel
bind-key -T copy-mode-vi C send-keys -X top-line
bind-key -T copy-mode-vi J send-keys -X jump-to-backward
bind-key -T copy-mode-vi S send-keys -X scroll-up
bind-key -T copy-mode-vi R send-keys -X bottom-line
bind-key -T copy-mode-vi T send-keys -X scroll-down
bind-key -T copy-mode-vi c send-keys -X cursor-left
bind-key -T copy-mode-vi t send-keys -X cursor-down
bind-key -T copy-mode-vi s send-keys -X cursor-up
bind-key -T copy-mode-vi r send-keys -X cursor-right
${generateUnbind}
${generateBinds}
'';
};
}
users/modules/shell/zellij.nix
+173
View File
@@ -0,0 +1,173 @@
{
pkgs,
lib,
config,
...
}:
with lib; let
cfg = config.home.shell.zellij;
isEmpty = list: list == [];
keybind = {
options = {
bind = mkOption {
type = types.either types.str (types.listOf types.str);
example = "Alt j";
description = "Value used as a string after `bind` in zellij config";
};
actions = mkOption {
type = with types; let
allowed = oneOf [int str];
in
attrsOf (either (listOf allowed) allowed);
default = {};
example = {
SwitchToMode = ["normal"];
SwitchFocus = [];
PaneNameInput = [0];
};
};
useUnlockFirst = mkOption {
type = types.bool;
default = false;
description = ''
Go back to locked mode after the actions are done.
Only works when `config.home.shell.zellij.useUnlockFirst` is true.
'';
};
};
};
convertBind = item: {
bind = let
useUnlockFirst = cfg.useUnlockFirst && item.useUnlockFirst;
children =
mapAttrsToList (action: args: let
actualArgs =
if isEmpty args
then {}
else {_args = lists.toList args;};
in {"${action}" = actualArgs;})
(item.actions
// (
if useUnlockFirst
then {SwitchToMode = ["locked"];}
else {}
));
in {
_args = lists.toList item.bind;
_children = children;
};
};
keybindsModule = {
options = mergeAttrsList (forEach [
"normal"
"locked"
"resize"
"pane"
"move"
"tab"
"scroll"
"search"
"entersearch"
"renametab"
"renamepane"
"session"
"tmux"
]
(x: {
"${x}" = mkOption {
type = types.listOf (types.submodule keybind);
default = [];
};
}));
};
makeKeybinds = keybinds: let
values =
attrsets.concatMapAttrs (
mode: binds:
if (isEmpty binds)
then {}
else {
"${mode}"._children = lists.forEach binds convertBind;
}
)
keybinds;
in
if values == {}
then {}
else {
keybinds = values;
};
in {
options.home.shell.zellij = let
jsonFormat = pkgs.formats.yaml {};
in {
enable = mkEnableOption "Enable Zellij";
clearDefaultKeybinds = mkEnableOption "Clear default keybinds";
settings = mkOption {
inherit (jsonFormat) type;
default = {};
};
layouts = mkOption {
inherit (jsonFormat) type;
default = {};
};
extraSettings = mkOption {
type = types.lines;
default = "";
description = ''
Extra configuration lines to add to `$XDG_CONFIG_HOME/zellij/config.kdl`
'';
};
useUnlockFirst = mkEnableOption "Use Unlock-First (non-colliding) behaviour by default";
plugins = mkOption {
type = types.listOf (types.submodule plugin);
default = {};
example = [
{name = "about";}
{
name = "filepicker";
location = "zellij:strider";
options = {
cwd = "/";
};
}
];
};
keybinds = mkOption {
type = types.submodule keybindsModule;
default = {};
example = {
pane = [
{
bind = "c";
actions = [
{
action = "SwitchToMode";
args = ["renamepane"];
}
{
action = "PaneNameInput";
args = [0];
}
];
}
];
};
};
};
config.programs.zellij = mkIf cfg.enable {
inherit (cfg) enable layouts;
extraConfig = cfg.extraSettings;
settings = let
resetKeybinds =
if cfg.clearDefaultKeybinds
then {
keybinds._props.clear-defaults = true;
}
else {};
keybinds = makeKeybinds cfg.keybinds;
in
cfg.settings // resetKeybinds // keybinds;
};
}
users/modules/shell/zsh.nix
+11 -1
View File
@@ -17,6 +17,11 @@ in {
lns = "ln -si";
};
};
autocompletion = mkOption {
type = types.bool;
default = config.home.shell.autocompletion;
example = true;
};
eatIntegration = mkEnableOption "Enable Emacs Eat integration";
zshrcExtra = lib.mkOption {
type = types.lines;
@@ -32,7 +37,7 @@ in {
enable = true;
strategy = ["match_prev_cmd" "completion"];
};
enableCompletion = true;
enableCompletion = cfg.autocompletion;
enableVteIntegration = true;
history = {
findNoDups = true;
@@ -57,6 +62,11 @@ in {
zstyle ':fzf-tab:complete:cd:*' fzf-preview '${pkgs.eza}/bin/eza $realpath'
''
(strings.optionalString cfg.eatIntegration ''[ -n "$EAT_SHELL_INTEGRATION_DIR" ] && source "$EAT_SHELL_INTEGRATION_DIR/zsh"'')
(strings.optionalString config.home.dev.vcs.jj.shellCompletion ''
autoload -U compinit
compinit
source <(jj util completion zsh)
'')
cfg.zshrcExtra
];
oh-my-zsh = {
users/phundrak/XCompose
+1673
View File
File diff suppressed because it is too large Load Diff
users/phundrak/ai.nix
+56
View File
@@ -0,0 +1,56 @@
{config, lib, ...}: {
home.dev.ai = {
enable = lib.mkDefault true;
opencode = {
tui = {
mouse = true;
theme = "nord";
attention = {
enabled = true;
notifications = true;
};
keybinds = {
leader = "ctrl+x";
"command_list" = "<leader><leader>";
};
};
settings = {
autoupdate = false;
provider = {
ollama = {
name = "Ollama (marpa)";
options.baseURL = "http://marpa:11434";
};
models = {
"qwen3.5:9b".name = "Qwen 3.5 Medium";
"gemma4:e4b".name = "Gemma E4B";
"qwen2.5-coder:1.5b-base".name = "Qwen 2.5 Coder Light";
};
};
permission = {
"*" = "ask";
glob = "allow";
grep = "allow";
skill = "allow";
question = "allow";
read = {
"*" = "allow";
"*.env" = "deny";
"*.env.*" = "deny";
"*.env.example" = "allow";
};
"doom_loop" = "deny";
};
formatter.nixfmt = {
command = ["nix" "fmt" "$FILE"];
extensions = [".nix"];
};
};
web = {
enable = true;
cors = config.sops.secrets."opencode/cors".path;
mdns.enable = true;
};
};
};
}
users/phundrak/config/waybar/config
+5 -9
View File
@@ -6,7 +6,7 @@
// "width": 1280, // Waybar width
"spacing": 2, // Gaps between modules (4px)
// Choose the order of the modules
"modules-left": ["hyprland/workspaces", "hyprland/submap", "hyprland/window"],
"modules-left": ["hyprland/workspaces", "hyprland/language", "hyprland/submap", "hyprland/window"],
"modules-center": [],
"modules-right": ["idle_inhibitor", "mpd", "pulseaudio", "network", "cpu",
"memory", "temperature", "battery", "clock", "tray"],
@@ -35,15 +35,11 @@
"unlocked": ""
}
},
"sway/mode": {
"format": "<span style=\"italic\">{}</span>"
{
"hyprland/language": {
"format": "Lang: {}",
"format-en": "gaming",
},
"sway/scratchpad": {
"format": "{icon} {count}",
"show-empty": false,
"format-icons": ["", ""],
"tooltip": true,
"tooltip-format": "{app}: {title}"
},
"mpd": {
"format": "{stateIcon} {consumeIcon}{randomIcon}{repeatIcon}{singleIcon}{artist} - {album} - {title} ({elapsedTime:%M:%S}/{totalTime:%M:%S}) ⸨{songPosition}|{queueLength}⸩ {volume}% ",
users/phundrak/email.nix
+1
View File
@@ -8,6 +8,7 @@
@@@ Sauvez un arbre, mangez un castor @@@
@@@ Save a tree, eat a beaver @@@
@@@ Bjarg tré, et bjórr @@@
'';
in {
home.file.".signature" = {
users/phundrak/firefox.nix
+89
View File
@@ -0,0 +1,89 @@
{pkgs, ...}: {
config.home.desktop.firefox = {
enable = true;
useZen = true;
tridactyl = {
enable = true;
preConfig = "sanitise tridactyllocal tridactylsync";
config = {
editorcmd = "emacsclient -c";
keyboardlayoutbase = "bepo";
keyboardlayoutforce = "true";
hintchars = "auiectsr";
smothscroll = "true";
};
extraConfig = ''
command openTwitchInMpv js -d@\
const url = new URL(document.location.href);\
const cleanUrl = url.hostname + url.pathname;\
const token = document.cookie.split("; ")\
.find(item => item.startsWith("auth-token="))?.split("=")[1];\
const auth = "--twitch-api-header=Authorization=OAuth " + token;\
const cmd = `${pkgs.streamlink}/bin/streamlink "''${auth}" "''${cleanUrl}" best`;\
tri.native.run(cmd)\
@
unbind h
unbind j
unbind k
unbind l
unbind c
unbind t
unbind s
unbind r
unbind H
unbind J
unbind K
unbind L
unbind C
unbind T
unbind S
unbind R
" === Bépo layout scrolling (ctsr = hjkl) ===
bind c scrollpx -300 0
bind t scrollline 5
bind s scrollline -5
bind r scrollpx 300 0
" Half/full page scroll (replacing C-f/C-b/C-d/C-u)
bind <C-t> scrollpage 0.5
bind <C-s> scrollpage -0.5
" === History navigation (C/R = H/L) ===
bind C back
bind R forward
" === Tab navigation ===
bind T tabnext
bind S tabprev
" === Displaced commands ===
" reload was on r move to h (bépo's 'replace' position)
bind h reload
bind H reloadhard
" tabopen was on t move to j (bépo's 'find char to' position)
bind j fillcmdline tabopen
unbind ^http(s?)://(www\.)?youtube\.com c
unbind ^http(s?)://(www\.)?youtube\.com f
unbind ^http(s?)://(www\.)?youtube\.com t
unbind ^http(s?)://(www\.)?youtube\.com l
unbind ^http(s?)://(www\.)?youtube\.com j
unbind ^http(s?)://twitch\.tv f
bind n findnext
bind N findnext -f
bind p findnext --reverse
bind P findnext -f --reverse
bind < urlincrement -1
bind > urlincrement 1
bind ypt openTwitchInMpv
bind ypv js tri.native.run(`mpv --ytdl-format="[height >=? 480]" --ontop --fs "''${document.location.href}"`)
bind ypm hint -JF e => tri.native.run(`mpv --ytdl-format="[height >=? 480]" --ontop --fs "''${e.href}"`)
'';
};
};
}

Some files were not shown because too many files have changed in this diff Show More