tux/nix-config
1
0
Fork 0
mirror of https://github.com/tuxdotrs/nix-config.git synced 2026-05-06 18:16:31 +05:30
Code Issues Actions Packages Projects Releases Wiki Activity

Compare commits

base: tux:25.11.2025
Branches Tags
tux:main tux:dev tux:old
tux:25.11.2025
..
compare: tux:7194dbdaf6da77dcf6eefee79125784ada92ff8b
Branches Tags
tux:dev tux:main tux:old
tux:25.11.2025

104 Commits
25.11.2025 ... 7194dbdaf6

Author SHA1 Message Date
tux
7194dbdaf6 chore: update flake 2026-04-27 14:32:13 +05:30
tux
428c5c5717 feat: restore config path 2026-04-27 14:31:43 +05:30
tux
5971087593 feat: add zed to persist dir 2026-04-27 01:37:25 +05:30
tux
e3bafff8f8 feat: update flake 2026-04-26 15:19:25 +05:30
tux
6e78c0b6c2 feat: switch default browser to brave 2026-04-21 15:18:51 +05:30
tux
99863948b4 feat(canopus): increase max freq 2026-03-27 21:38:01 +05:30
tux
1b526b5633 feat(hyprland): add brightness gesture 2026-03-27 21:35:16 +05:30
tux
489e7e6e2a feat: switch to integrated mode 2026-03-27 21:35:05 +05:30
tux
da97041c2a style: format code 2026-03-27 21:34:50 +05:30
tux
595cf577b4 feat: add davinci resolve 2026-02-28 01:24:11 +05:30
tux
214d86c1c6 chore: update tnvim flake input 2026-02-26 18:38:10 +05:30
tux
e95a103952 chore: update tpanel flake input 2026-02-26 07:46:59 +05:30
tux
6403fab5af feat(obs): add source record plugin 2026-02-25 13:24:36 +05:30
tux
51ed6c6d2c chore(hyprland): update keybind for pin action 2026-02-24 21:51:47 +05:30
tux
77edbf47ad feat: launch easyeffect on startup 2026-02-24 21:05:22 +05:30
tux
f7e6b47cb3 feat: add easyeffects to persist dir 2026-02-24 20:12:29 +05:30
tux
fd3651b398 feat(hyprland): update config 2026-02-24 15:15:21 +05:30
tux
8e1a543fd7 feat(hyprland): add extra workspace 2026-02-24 14:54:49 +05:30
tux
ea7b6bcdef feat: add mangowc 2026-02-24 14:51:35 +05:30
tux
5f72ba716d feat(hyprland): performance/battery optimizations 2026-02-23 12:41:14 +05:30
tux
990081328a feat(alacritty): update background color 2026-02-22 15:56:07 +05:30
tux
9eeac2741c feat(hyprland): update animation and blur settings 2026-02-22 14:53:35 +05:30
tux
b20f3ab5bc feat: setup obs from nixos module 2026-02-18 22:39:00 +05:30
tux
d95f88d61d fix(vicinae): awww-switcher name 2026-02-17 19:30:41 +05:30
tux
cbfe9205c7 feat: setup vicinae silverbullet extension 2026-02-17 19:19:10 +05:30
tux
981a986139 feat(vicinae): setup extensions 2026-02-17 19:18:20 +05:30
tux
ea718e56c6 feat(silverbullet): set auth token 2026-02-17 19:16:25 +05:30
tux
b989269dcc chore: update tpanel flake input 2026-02-17 17:59:11 +05:30
tux
860423356c feat(desktop): setup awww 2026-02-17 17:47:35 +05:30
tux
db8bdfb9c6 chore(hyprland): modify workspace management setting 2026-02-17 17:46:32 +05:30
tux
1a5e5b0c14 chore: update tpanel flake input 2026-02-12 11:47:02 +05:30
tux
a944ca11c7 feat(hyprland): add extra workspace 2026-02-12 11:46:50 +05:30
tux
75e172dd06 fix: steam path for persistence 2026-02-10 09:36:49 +05:30
tux
e2ab75f095 fix(xdg): default apps 2026-02-07 06:55:32 +05:30
tux
a61b0b40c8 chore: update tnvim flake input 2026-02-07 06:19:05 +05:30
tux
1e43a360d3 chore: add lsof 2026-02-07 06:18:54 +05:30
tux
378793245d chore(arcturus): remove commented-out kasmweb import 2026-02-07 05:12:50 +05:30
tux
7b8116644a feat(canopus): remove nextcloud 2026-02-07 05:11:54 +05:30
tux
d158d3e10d chore: add aiostreams to persist dir 2026-02-07 05:10:11 +05:30
tux
c4f96accc9 feat(aiostreams): enable persistent data storage via dataDir 2026-02-07 05:10:00 +05:30
tux
2b632b6bef chore(hyprland): update screenshot tool to hypr-screenshot 2026-02-06 20:57:45 +05:30
tux
54ebce7e53 chore: add vivaldi lib folder to persist dir 2026-02-06 20:29:01 +05:30
tux
2381dc907f chore(spotifyd): set volume 2026-02-05 03:25:26 +05:30
tux
502493a053 Revert "chore(hyprland): focus on activate" 
This reverts commit 7e8039488a.
 2026-02-05 03:24:33 +05:30
tux
2d023bdfba feat: add screen shot/record scripts 2026-02-04 18:08:01 +05:30
tux
7f18b96cdd feat: setup spotifyd 2026-02-04 06:55:07 +05:30
tux
3a46142f6f feat(vicinae): disable close on focus loss 2026-02-04 06:31:45 +05:30
tux
78e8aaf4e0 chore(hyprland): adjust keybindings for launcher 2026-02-04 05:53:50 +05:30
tux
7e8039488a chore(hyprland): focus on activate 2026-02-04 05:48:28 +05:30
tux
8aa79d767a chore: add pulseaudio 2026-02-04 05:48:08 +05:30
tux
705b6c8cf9 feat: add vicinae 2026-02-04 05:46:19 +05:30
tux
759874689f chore: update tpanel flake input 2026-02-04 03:40:46 +05:30
tux
dba0beefbd feat: set vivaldi as default browser 2026-02-04 03:40:27 +05:30
tux
063dd3b580 feat(terminal): adjust font sizes 2026-02-04 03:39:59 +05:30
tux
5f0c07204e feat: add vivaldi browser 2026-02-01 06:47:18 +05:30
tux
7069de5b41 feat: add antigravity 2026-02-01 06:29:56 +05:30
tux
048cb87087 feat(hyprland): update window and workspace rules 2026-01-27 19:32:31 +05:30
tux
f0417f10f0 chore: update trok flake input 2026-01-27 19:29:13 +05:30
tux
4a4f2430b8 style: format code 2026-01-21 20:08:38 +05:30
tux
62eee0efac feat(wezterm): disable check for updates 2026-01-21 19:10:14 +05:30
tux
f46e092f2e chore: update flake inputs 2026-01-21 16:01:24 +05:30
tux
a049a66619 feat: update flake inputs 2026-01-15 20:20:26 +05:30
tux
2d055ab10d feat(fastfetch): remove package count 2026-01-05 23:53:38 +05:30
tux
7d36194e59 feat: use iGPU 2025-12-30 15:32:42 +05:30
tux
206ff0b1c8 chore: update tpanel flake input 2025-12-29 21:53:38 +05:30
tux
42b938cdb0 feat(hyprland): add workspace swipe using gesture's 2025-12-29 11:56:49 +05:30
tux
8e31454fa0 chore: update tpanel flake input 2025-12-29 11:56:16 +05:30
tux
0b68021269 chore: update flake inputs 2025-12-27 16:21:28 +05:30
tux
fb750000a0 feat: add steam to persist dir 2025-12-26 21:45:04 +05:30
tux
0f7bb90600 feat: add moonlight 2025-12-26 03:35:29 +05:30
tux
83513b3b1a feat: rustdesl use unstable pkg 2025-12-26 03:35:08 +05:30
tux
f71dcfb43c feat(hyprland): use iGPU 2025-12-25 16:54:07 +05:30
tux
61f4af216e feat(canopus): add vfio kernel modules 2025-12-25 16:53:26 +05:30
tux
bb1dce3b3a feat: add libvirt to persist dir 2025-12-25 16:51:14 +05:30
tux
8667f72e87 feat: enable spice usb redirection 2025-12-25 16:49:15 +05:30
tux
87f3d1eacd chore: update flake inputs 2025-12-25 06:55:14 +05:30
tux
3c846d6c59 feat(hyprland): migrate window rules 2025-12-19 00:30:40 +05:30
tux
5580c22673 chore: update flake inputs 2025-12-19 00:30:21 +05:30
tux
33f7944296 feat: remove depreciated options 2025-12-17 14:30:10 +05:30
tux
86feafcc82 feat(sirius): enable interop 2025-12-17 03:01:41 +05:30
tux
7b085aa127 feat: update depreciated options 2025-12-17 02:53:16 +05:30
tux
8c17353315 chore: update flake inputs 2025-12-17 02:52:31 +05:30
tux
7772514fce feat: setup distrobox module 2025-11-22 06:13:15 +05:30
tux
71cc3c3e7f feat(node): enable firewall for additional ports 2025-11-14 20:37:51 +05:30
tux
f3063dd250 feat: add umami 2025-11-14 14:13:37 +05:30
tux
abd2134a2a feat: add aiostreams 2025-11-14 12:36:34 +05:30
tux
f033f3406a feat(canopus): change wallpaper 2025-11-14 04:05:04 +05:30
tux
eb95321b42 feat: add steam to persist dir 2025-11-14 04:04:52 +05:30
tux
50549a7ab3 feat: migrate node 2025-11-04 15:00:36 +05:30
tux
7b25ac4f30 feat: upgrade to nextcloud 32 2025-11-03 20:17:52 +05:30
tux
dbb226713d docs: update README.md 2025-10-29 23:29:15 +05:30
tux
b59a134631 feat(hosts): enable user linger for services 2025-10-29 13:37:35 +05:30
tux
b8209290f7 refactor(hosts): consolidate nvidia-container-toolkit configuration 2025-10-29 12:31:26 +05:30
tux
41a4eaa375 docs(readme): update host details in readme 2025-10-27 22:45:31 +05:30
tux
0f50de8d9a feat(node): add new host 2025-10-27 22:39:46 +05:30
tux
315b6f4c8f feat: update flake inputs 2025-10-27 21:43:16 +05:30
tux
da3f7101c0 feat: remove barrier 2025-10-27 21:42:57 +05:30
tux
967a163ae0 feat(sirius): add nvidia-container-toolkit support for driver assertion 2025-10-16 16:07:00 +05:30
tux
a793ff14c4 feat(docker): add nvidia-container-toolkit support 2025-10-15 18:28:21 +05:30
tux
19f271b4f9 feat(homelab): add api keys 2025-10-14 13:15:06 +05:30
tux
6a7decf5be docs: update installation instructions 2025-10-12 22:17:23 +05:30
tux
820e69f53c feat: set cursor size 2025-10-12 17:47:26 +05:30
tux
892f30dabe feat: add lan-mouse 2025-10-12 17:19:53 +05:30
tux
572ae61b3a chore: update tpanel flake input 2025-10-12 06:15:12 +05:30
59 changed files with 2038 additions and 657 deletions
Expand all files Collapse all files

2
.sops.yaml
View File

@@ -9,6 +9,7 @@ keys:
- &arcturus age1zsl5d4vj6gl3h96y5p53sq5y4vr4vtlwp727h7rp9a4xfkxm53lqrh6r50
- &alpha age1zujp5gxy7suv8ysnygv43cmzuvv36nxfg0ch7r3xg2emc6fz3vmqqujheq
- &vega age1ydkclhk9kwqdq74utesqdfupt43lz64d5k65gz2z9uyljcqq9fcq3hv28l
- &node age1put942dyhly8nk9c8n0h8tq0x6xplrg3uw5q0d2jmvwez3zq79qsapl7he
- &capella age1y4luzn2jls7rvgphej23srvdlx563lxq29tvf66vhwwzaf7c3f3qzvresh
creation_rules:
@@ -22,6 +23,7 @@ creation_rules:
- *arcturus
- *alpha
- *vega
- *node
- *capella
- path_regex: hosts/sirius/secrets.yaml$
key_groups:

130
README.md
View File

@@ -22,48 +22,132 @@
## Hosts
| | Hostname | Board | CPU | RAM | GPU | Purpose |
| --- | ---------- | ----------------- | ------------------ | ---- | ------------------------- | ---------------------------------------------------------------------------------- |
| 🖥️ | `sirius` | MSI X570-A Pro | Ryzen 7 5700X3D | 64GB | RTX 3080 TI + RTX 3060 TI | Triple-monitor desktop running Windows Subsystem for Linux. |
| 💻 | `canopus` | Asus Zephyrus G15 | Ryzen 9 5900HS | 16GB | RTX 3060 | Optimized for productivity on the go and some gaming. |
| ☁️ | `homelab` | Minisforum MS-A1 | Ryzen 7 8700G | 32GB | Radeon 780M | WIP |
| ☁️ | `arcturus` | KVM | 4 Core | 8GB | | Primary server responsible for exposing my homelab applications to the internet. |
| ☁️ | `alpha` | KVM | 4 Core | 4GB | | Monitors uptime and health status of all services across the infrastructure. |
| 🥔 | `vega` | Raspberry Pi 3B+ | Cortex A53 | 1GB | | Running AdGuard Home for network-wide ad blocking. |
| 📱 | `capella` | Samsung S25 Ultra | Snapdragon 8 Elite | 12GB | Adreno 830 | Primary mobile for daily usage. (Locked) |
| 📱 | `rigel` | Motorola Edge 30 | Snapdragon 778G+ | 8GB | Adreno 642L | Secondary mobile for some fun. (Rooted) |
| ☁️ | `node` | KVM | i9-13900 | 64GB | | Running Ethereum and BSC nodes. Currently in the process of migrating from Ubuntu. |
| | Hostname | Board | CPU | RAM | GPU | Purpose |
| --- | ---------- | ----------------- | ------------------ | ----- | ------------------------- | -------------------------------------------------------------------------------- |
| 🖥️ | `sirius` | MSI X570-A Pro | Ryzen 7 5700X3D | 64GB | RTX 3080 TI + RTX 3060 TI | Triple-monitor desktop running Windows Subsystem for Linux. |
| 💻 | `canopus` | Asus Zephyrus G15 | Ryzen 9 5900HS | 16GB | RTX 3060 | Optimized for productivity on the go and some gaming. |
| ☁️ | `homelab` | Minisforum MS-A1 | Ryzen 7 8700G | 32GB | Radeon 780M | WIP |
| ☁️ | `arcturus` | KVM | 4 Core | 8GB | | Primary server responsible for exposing my homelab applications to the internet. |
| ☁️ | `alpha` | KVM | 4 Core | 4GB | | Monitors uptime and health status of all services across the infrastructure. |
| 🥔 | `vega` | Raspberry Pi 3B+ | Cortex A53 | 1GB | | Running AdGuard Home for network-wide ad blocking. |
| 📱 | `capella` | Samsung S25 Ultra | Snapdragon 8 Elite | 12GB | Adreno 830 | Primary mobile for daily usage. (Locked) |
| 📱 | `rigel` | Motorola Edge 30 | Snapdragon 778G+ | 8GB | Adreno 642L | Secondary mobile for some fun. (Rooted) |
| ☁️ | `node` | ASRock B565D4 | Ryzen 9 5950X | 128GB | | Running Ethereum and BSC nodes. |
## Installation
Boot into NixOS bootable USB and then enter the following commands
> [!NOTE]
> This will get your base system ready, but keep in mind that many things might not work correctly — such as monitor resolution, font size, and more.
### Prerequisites
Boot into the NixOS bootable USB before proceeding with the installation steps.
### Installation Steps
#### 1. Clone the repository
```bash
git clone https://github.com/tuxdotrs/nix-config.git
cd nix-config
```
#### 2. Gain root privileges
```bash
sudo su
```
# Clone this repositry
git clone https://github.com/tuxdotrs/nix-config.git
# Navigate to the repository directory
cd nix-config
#### 3. Set up disk partitioning
# Install disko for disk partitioning
nix-shell -p disko
Install the required tools:
# Partition the disk and make sure to replace DISK_PATH (eg. /dev/vda)
```bash
nix-shell -p disko neovim
```
Partition your disk using disko. **This will wipe your drive.** Replace `DISK_PATH` with your actual disk path (e.g., `/dev/vda` or `/dev/nvme0n1`):
```bash
disko --mode disko ./hosts/canopus/disko.nix --arg device '"DISK_PATH"'
```
# Generate the hardware.nix file for your system
#### 4. Configure your disk
Edit the configuration file:
```bash
nvim ./hosts/canopus/default.nix
```
In the imports statement, replace:
```nix
(import ./disko.nix {device = "/dev/nvme0n1";})
```
with:
```nix
(import ./disko.nix {device = "DISK_PATH";})
```
Make sure to replace `DISK_PATH` with your actual disk path.
#### 5. Generate hardware configuration
```bash
nixos-generate-config --no-filesystems --root /mnt
```
# Replace the hardware.nix with generated one
Copy the generated hardware configuration to the repository:
```bash
cp /mnt/etc/nixos/hardware-configuration.nix ./hosts/canopus/hardware.nix
```
# Install
#### 6. Install NixOS
```bash
nixos-install --root /mnt --flake .#canopus
```
# Reboot to your beautiful DE
#### 7. Enter into the new system
```bash
nixos-enter --root /mnt
```
#### 8. Set up directories and permissions
```bash
mkdir -p /persist/home
chown -R tux:users /persist/home
```
#### 9. Set passwords
Set the root password:
```bash
passwd root
```
Set the user password:
```bash
passwd tux
```
#### 10. Reboot
```bash
reboot
```
Your NixOS system should now boot into a beautiful DE.
## Components
| | Wayland | Xorg |

1030
flake.lock generated
View File

File diff suppressed because it is too large Load Diff

13
flake.nix
View File

@@ -66,6 +66,7 @@
alpha = nixosSystem (mkNixOSConfig "alpha");
sirius = nixosSystem (mkNixOSConfig "sirius");
vega = nixosSystem (mkNixOSConfig "vega");
node = nixosSystem (mkNixOSConfig "node");
vps = nixosSystem (mkNixOSConfig "vps");
isoImage = nixosSystem (mkNixOSConfig "isoImage");
homelab = nixosSystem (mkNixOSConfig "homelab");
@@ -85,6 +86,7 @@
alpha = mkNixOSNode "alpha";
sirius = mkNixOSNode "sirius";
vega = mkNixOSNode "vega";
node = mkNixOSNode "node";
homelab = mkNixOSNode "homelab";
capella = mkDroidNode "capella";
rigel = mkDroidNode "rigel";
@@ -158,6 +160,16 @@
url = "github:hyprwm/hyprland-plugins";
inputs.hyprland.follows = "hyprland";
};
mango = {
url = "github:DreamMaoMao/mango";
inputs.nixpkgs.follows = "nixpkgs";
};
vicinae-extensions = {
url = "github:vicinaehq/extensions";
inputs.nixpkgs.follows = "nixpkgs";
};
awww.url = "git+https://codeberg.org/LGFae/awww";
ghostty.url = "github:ghostty-org/ghostty";
nixos-hardware.url = "github:nixos/nixos-hardware";
nixpkgs-f2k.url = "github:moni-dz/nixpkgs-f2k";
@@ -166,5 +178,6 @@
impermanence.url = "github:nix-community/impermanence";
deploy-rs.url = "github:serokell/deploy-rs";
nixcord.url = "github:kaylorben/nixcord";
lan-mouse.url = "github:feschber/lan-mouse";
};
}

1
hosts/alpha/default.nix
View File

@@ -153,6 +153,7 @@
];
};
users.users.${username} = {linger = true;};
home-manager.users.${username} = {
imports = [
./home.nix

5
hosts/alpha/home.nix
View File

@@ -1,11 +1,10 @@
{username, ...}: {
home.persistence."/persist/home/${username}" = {
{...}: {
home.persistence."/persist" = {
directories = [
"Projects"
".ssh"
".local/share/zsh"
];
allowOther = true;
};
home.stateVersion = "24.11";

41
hosts/arcturus/default.nix
View File

@@ -19,22 +19,32 @@
../../modules/nixos/selfhosted/headscale.nix
../../modules/nixos/selfhosted/vaultwarden.nix
../../modules/nixos/selfhosted/gitea.nix
../../modules/nixos/selfhosted/plausible.nix
../../modules/nixos/selfhosted/umami.nix
../../modules/nixos/selfhosted/monitoring/grafana.nix
../../modules/nixos/selfhosted/monitoring/loki.nix
../../modules/nixos/selfhosted/monitoring/promtail.nix
../../modules/nixos/selfhosted/ntfy-sh.nix
../../modules/nixos/selfhosted/searx.nix
../../modules/nixos/selfhosted/wakapi.nix
../../modules/nixos/selfhosted/nextcloud.nix
../../modules/nixos/selfhosted/silver-bullet.nix
../../modules/nixos/selfhosted/rustdesk-server.nix
../../modules/nixos/selfhosted/kasmweb.nix
../../modules/nixos/selfhosted/open-webui.nix
../../modules/nixos/selfhosted/glance
];
tux.services.openssh.enable = true;
tux.containers.aiostreams = {
enable = true;
port = 4567;
environment = {
ADDON_ID = "aiostreams.tux.rs";
BASE_URL = "https://aiostreams.tux.rs";
};
environmentFiles = [
config.sops.secrets."aiostreams".path
];
};
sops.secrets = {
borg_encryption_key = {
@@ -61,11 +71,6 @@
sopsFile = ./secrets.yaml;
};
nextcloud_password = {
sopsFile = ./secrets.yaml;
owner = "nextcloud";
};
silver_bullet = {
sopsFile = ./secrets.yaml;
};
@@ -81,6 +86,14 @@
"cs2_secrets/CS2_PW" = {
sopsFile = ./secrets.yaml;
};
aiostreams = {
sopsFile = ./secrets.yaml;
};
umami = {
sopsFile = ./secrets.yaml;
};
};
nixpkgs = {
@@ -144,7 +157,13 @@
firewall = {
enable = true;
allowedTCPPorts = [80 443 22 3333 8081];
allowedTCPPorts = [
80
443
22
3333
8081
];
};
};
@@ -198,6 +217,7 @@
"/var/lib/nextcloud"
"/var/lib/silverbullet"
"/var/lib/kasmweb"
"/var/lib/aiostreams"
];
files = [
"/etc/ssh/ssh_host_ed25519_key"
@@ -207,6 +227,9 @@
];
};
users.users.${username} = {
linger = true;
};
home-manager.users.${username} = {
imports = [
./home.nix

5
hosts/arcturus/home.nix
View File

@@ -1,12 +1,11 @@
{username, ...}: {
home.persistence."/persist/home/${username}" = {
{...}: {
home.persistence."/persist" = {
directories = [
"Projects"
"Stuff"
".ssh"
".local/share/zsh"
];
allowOther = true;
};
home.stateVersion = "24.11";

15
hosts/arcturus/secrets.yaml
View File

@@ -6,16 +6,14 @@ cloudflare_credentials:
email: ENC[AES256_GCM,data:qesgxkzUglKdYPI=,iv:2XDEoQzmtagSiILWZzJPswdhkQ+qjdZfNd+LL1nHPx8=,tag:K1F23Za2Zq78tzf0fl5zEw==,type:str]
dns_api_token: ENC[AES256_GCM,data:ibSL4KWYhqgHjo27fiSqB1iN9NWU3/qGGuLpmiMpBf+qCuh8uxR7Yw==,iv:NapMvfUSm5rgeROK7KuxGyog8s2PW9CCKtjRG87FoCQ=,tag:/Oah7PRCe4XPts0IYt83zw==,type:str]
nextcloud_password: ENC[AES256_GCM,data:o37mq4YHQT5pbi+cXrk=,iv:8HiDwdHTozNM2lHpgqVhdsspuifppsL2I6Z31xEnYFI=,tag:xTnfn8HcubfiQwLYIkpxjw==,type:str]
silver_bullet: ENC[AES256_GCM,data:waEPGskjkkdX98PKzgZG1bzS+NwL6GR8kok=,iv:8a8IeXla8XSHFzjKcVY3QYUK5aFk2kPHVIRvs1y7So0=,tag:p++o6wvLtG5DbDmUusRQLg==,type:str]
silver_bullet: ENC[AES256_GCM,data:tI3Anq2V0Bttw/kN0DYtjdLUB24Q+JiymJt001ie3HfhEVcV3aQhQACTKJ2DbikCZWiet3ve9yqqktudlNTkXk2tk7D1/HQ30ToPzFLSPq6ZY0cxRCMFha9a,iv:gdG59nXnCA7x24vh1xqxocLfAi2/wpFGodCZTJb6Uvg=,tag:Ib1QpryROo6PKWohvLiMVQ==,type:str]
cs2_secrets:
SRCDS_TOKEN: ENC[AES256_GCM,data:SzPz4sHDgEoioX8ylLFM6AUUS60gWYpR3ifxUD8A8IQga24t6GM0dyGDryc=,iv:XefIn9yCLPLKVRA+rZiSGUH3l6ZANIJoGRuM/3vFLIw=,tag:flEjl9c7i3XBlHJaq41QYQ==,type:str]
CS2_RCONPW: ENC[AES256_GCM,data:ZyVeoOngZjxKR/ObYo5yJC1ViCNufuA=,iv:+fJK0sY39V/iH7OjT0AzQq6RefVzLZCDETYcAMFnZNU=,tag:IOhRUQRdffNMXa2cKZvi/w==,type:str]
CS2_PW: ENC[AES256_GCM,data:W1Cur7YT1F/+45vmqif2JbpjVURfnfo=,iv:sBNDM2N+QWDAMculBBZtYZcM7ILEfpwkwOd7ErORQhI=,tag:XFsxTUjctZKU38RQUfJ8HQ==,type:str]
aiostreams: ENC[AES256_GCM,data:2U2EoRUsKr4OIkqrudmIUEp2bABNlSlNUTzR3vtvTfSJVemIGK31iu0SG8aR4tLSQFEZyhIP9M22zZJVWY5hX1UcMEJ1rmtXnaRjTiurRSpTj76pT9plnrjp0NWDcSWY+uhDrAsEko4oPPJEECTT3qMYLXipnzqpPeWsTrNYiuxmfDPcZw==,iv:tHKbtnLMNfY7B2ssE8x0dri9XhA2M6jIj2KOxOsmG2o=,tag:8hjqmniL/P+PfwfYiAdAwA==,type:str]
umami: ENC[AES256_GCM,data:BJN9VpwknBaX+mz6xjq1GX9epM2bukplraPw67TttnLhM9JTmZiela5oFWZiaGjG3Oss3n4WPsPvhC4m28Ah+TQLCoiDFCFqervk228=,iv:YwbJ2/1hXs5Jbqx1dNj1t4ExFS27PWbA4NT9h8/tyU8=,tag:+R1aRF/TaMSGbLDi9GnYwA==,type:str]
sops:
kms: []
gcp_kms: []
azure_kv: []
hc_vault: []
age:
- recipient: age14vktfes95f33vuefwnmuvryas7az04u76dsgyhfvsx73czkvmp2q7njkl4
enc: |
@@ -35,8 +33,7 @@ sops:
NGprRGVyZ2plWVNrM3drM3JSUjM2L0UKuNk5DqYn2DIfRpY72zDRP5BKoVAXtNv9
uLI//8wc7f4I3uBdARQdpRE1fapY1UOJOn3i0yndrZARPEbdohRK1Q==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2025-01-24T12:59:25Z"
mac: ENC[AES256_GCM,data:WGWGvbqu07XZ5oU2HBGUbP/9oNCavPBXb2SIm10CG2s377QAWZmpdOC2AGAX8J3NfLtyWEHm8WUQSKjNKvKWARsXU24lNnY+BTSIkF8ymrAU/rRMX8VJi92IYjregAfVBIaYomxqJFhNuAhmsQ75ZYMpRBTusxiEFEdl/H9obiY=,iv:VXIVkpnOY2gZ/xDX/oFvZn08K5Gp49tpiJQGK20blro=,tag:Hkk92ZQWTRY9oQb3Mm6R3w==,type:str]
pgp: []
lastmodified: "2026-02-17T13:21:46Z"
mac: ENC[AES256_GCM,data:7OcwTCe7MMFPUlqOIs0PxiJndtcWR1LbgSQ+69VXCCkewiee8suDuSMxn6sF+zb402uqSUitKWWySMEyL42ym0uyKB7+fi46sBj8O7T9uYM6F/wiH7S9Q7nuNaGP6zxj5TlvB//Dkp4n31Oqtg8xCTK+xGsV9mR17Ai0fjCxUBI=,iv:WvnNPF76Oi9vE2fgocvnOJmhuAdKjsoQeVZuFa0KU6Q=,tag:UHA+FhQr+BASkSyPTWHpaQ==,type:str]
unencrypted_suffix: _unencrypted
version: 3.9.3
version: 3.11.0

93
hosts/canopus/default.nix
View File

@@ -15,14 +15,16 @@
../common
../../modules/nixos/desktop
../../modules/nixos/desktop/awesome
../../modules/nixos/desktop/hyprland
../../modules/nixos/desktop/mango
../../modules/nixos/virtualisation
../../modules/nixos/steam.nix
../../modules/nixos/obs-studio.nix
];
hardware.nvidia-container-toolkit.enable = true;
tux.services.openssh.enable = true;
tux.packages.distrobox.enable = true;
nixpkgs.config.cudaSupport = true;
sops.secrets = {
@@ -40,6 +42,11 @@
sopsFile = ./secrets.yaml;
owner = "${username}";
};
"vicinae.json" = {
sopsFile = ./secrets.yaml;
owner = username;
};
};
networking = {
@@ -60,7 +67,10 @@
];
# Facilitate firewall punching
allowedUDPPorts = [41641];
allowedUDPPorts = [
41641
4242
];
allowedTCPPortRanges = [
{
@@ -102,40 +112,48 @@
kernelPackages = pkgs.linuxPackages_zen;
supportedFilesystems = ["ntfs"];
initrd.systemd = {
enable = lib.mkForce true;
initrd = {
kernelModules = [
"vfio_pci"
"vfio"
"vfio_iommu_type1"
];
services.wipe-my-fs = {
wantedBy = ["initrd.target"];
after = ["initrd-root-device.target"];
before = ["sysroot.mount"];
unitConfig.DefaultDependencies = "no";
serviceConfig.Type = "oneshot";
script = ''
mkdir /btrfs_tmp
mount /dev/disk/by-partlabel/disk-primary-root /btrfs_tmp
systemd = {
enable = lib.mkForce true;
if [[ -e /btrfs_tmp/root ]]; then
mkdir -p /btrfs_tmp/old_roots
timestamp=$(date --date="@$(stat -c %Y /btrfs_tmp/root)" "+%Y-%m-%-d_%H:%M:%S")
mv /btrfs_tmp/root "/btrfs_tmp/old_roots/$timestamp"
fi
services.wipe-my-fs = {
wantedBy = ["initrd.target"];
after = ["initrd-root-device.target"];
before = ["sysroot.mount"];
unitConfig.DefaultDependencies = "no";
serviceConfig.Type = "oneshot";
script = ''
mkdir /btrfs_tmp
mount /dev/disk/by-partlabel/disk-primary-root /btrfs_tmp
delete_subvolume_recursively() {
IFS=$'\n'
for i in $(btrfs subvolume list -o "$1" | cut -f 9- -d ' '); do
delete_subvolume_recursively "/btrfs_tmp/$i"
done
btrfs subvolume delete "$1"
}
if [[ -e /btrfs_tmp/root ]]; then
mkdir -p /btrfs_tmp/old_roots
timestamp=$(date --date="@$(stat -c %Y /btrfs_tmp/root)" "+%Y-%m-%-d_%H:%M:%S")
mv /btrfs_tmp/root "/btrfs_tmp/old_roots/$timestamp"
fi
for i in $(find /btrfs_tmp/old_roots/ -maxdepth 1 -mtime +30); do
delete_subvolume_recursively "$i"
done
delete_subvolume_recursively() {
IFS=$'\n'
for i in $(btrfs subvolume list -o "$1" | cut -f 9- -d ' '); do
delete_subvolume_recursively "/btrfs_tmp/$i"
done
btrfs subvolume delete "$1"
}
btrfs subvolume create /btrfs_tmp/root
umount /btrfs_tmp
'';
for i in $(find /btrfs_tmp/old_roots/ -maxdepth 1 -mtime +30); do
delete_subvolume_recursively "$i"
done
btrfs subvolume create /btrfs_tmp/root
umount /btrfs_tmp
'';
};
};
};
@@ -183,17 +201,16 @@
programs = {
ssh.startAgent = true;
xfconf.enable = true;
file-roller.enable = true;
thunar = {
enable = true;
plugins = with pkgs.xfce; [
plugins = with pkgs; [
thunar-archive-plugin
thunar-volman
];
};
nix-ld = {
enable = true;
package = pkgs.nix-ld-rs;
package = pkgs.nix-ld;
};
nm-applet.enable = true;
noisetorch.enable = true;
@@ -258,7 +275,7 @@
energy_performance_preference = "performance";
turbo = "auto";
scaling_min_freq = 400000;
scaling_max_freq = 3800000;
scaling_max_freq = 4600000;
};
};
};
@@ -268,7 +285,7 @@
supergfxd = {
enable = true;
settings = {
mode = "Integrated";
mode = "Hybrid";
vfio_enable = false;
vfio_save = false;
always_reboot = false;
@@ -280,7 +297,6 @@
asusd = {
enable = true;
enableUserService = true;
asusdConfig.text = ''
(
charge_control_end_threshold: 80,
@@ -393,6 +409,7 @@
"/var/lib/docker"
"/var/lib/waydroid"
"/var/lib/iwd"
"/var/lib/libvirt"
"/etc/NetworkManager/system-connections"
];
files = [

22
hosts/canopus/hardware.nix
View File

@@ -1,17 +1,21 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }:
{
imports =
[ (modulesPath + "/installer/scan/not-detected.nix")
];
config,
lib,
pkgs,
modulesPath,
...
}: {
imports = [
(modulesPath + "/installer/scan/not-detected.nix")
];
boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" "usbhid" "usb_storage" "sd_mod" "sdhci_pci" ];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-amd" ];
boot.extraModulePackages = [ ];
boot.initrd.availableKernelModules = ["nvme" "xhci_pci" "usbhid" "usb_storage" "sd_mod" "sdhci_pci"];
boot.initrd.kernelModules = [];
boot.kernelModules = ["kvm-amd"];
boot.extraModulePackages = [];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's

40
hosts/canopus/home.nix
View File

@@ -1,17 +1,14 @@
{
pkgs,
username,
...
}: {
{pkgs, ...}: {
imports = [
../../modules/home/desktop/awesome
../../modules/home/desktop/hyprland
../../modules/home/picom
../../modules/home/desktop/mango
../../modules/home/desktop/vicinae
../../modules/home/desktop/utils
../../modules/home/alacritty
../../modules/home/wezterm
../../modules/home/ghostty
../../modules/home/desktop/rofi
../../modules/home/barrier
../../modules/home/lan-mouse
../../modules/home/firefox
../../modules/home/brave
../../modules/home/vs-code
@@ -21,13 +18,13 @@
../../modules/home/easyeffects
../../modules/home/discord
../../modules/home/kdeconnect
../../modules/home/obs-studio
../../modules/home/spotify
];
home.pointerCursor = {
package = pkgs.bibata-cursors;
name = "Bibata-Modern-Ice";
size = 28;
};
qt = {
@@ -62,9 +59,12 @@
};
home.packages = with pkgs; [
antigravity
davinci-resolve
telegram-desktop
anydesk
stable.rustdesk-flutter
rustdesk-flutter
moonlight-qt
rawtherapee
stable.beekeeper-studio
libreoffice-qt
@@ -76,12 +76,13 @@
copyq
vlc
tor-browser
distrobox
vivaldi
bluetui
impala
pulseaudio
];
home.persistence."/persist/home/${username}" = {
home.persistence."/persist" = {
directories = [
"Downloads"
"Music"
@@ -90,22 +91,32 @@
"Videos"
"Projects"
"Stuff"
"Distrobox"
"go"
".mozilla"
".ssh"
".wakatime"
".rustup"
".cargo"
".steam"
".mozilla"
".cache/awww"
".cache/spotifyd"
".cache/spotify-player"
".config/BraveSoftware"
".config/vivaldi"
".config/Antigravity"
".config/zed"
".config/copyq"
".config/discord"
".config/Vencord"
".config/vesktop"
".config/sops"
".config/obs-studio"
".config/easyeffects"
".config/rustdesk"
".config/kdeconnect"
".config/Moonlight\ Game\ Streaming\ Project"
".local/lib/vivaldi"
".local/share/nvim"
".local/share/opencode"
".local/share/zsh"
@@ -114,12 +125,13 @@
".local/share/GalaxyBudsClient"
".local/share/TelegramDesktop"
".local/state/lazygit"
".local/share/Steam"
".local/share/vicinae"
];
files = [
".wakatime.cfg"
".config/aichat/.env"
];
allowOther = true;
};
home.stateVersion = "24.11";

7
hosts/canopus/secrets.yaml
View File

@@ -1,6 +1,7 @@
hyperbolic_api_key: ENC[AES256_GCM,data:WGvF0PPbMd7zWiO8GfmgluV7dW+ZpzLMO31uI5xo+nekvTBkXiAuHFDK/SXKEUFDMEboNkA/a6JUNsCRhuA4N7qhIZgyQ2bc1iafsj7c4F4X/py63Z4bMx8+byScOSoW+RKAvSFOLDGXQ4s9dKc3XNW7G15QyzTRYUFDbXxsSQ6n6DMJk4jr,iv:o+Shbpl3tXmefpdQB5sod3bNQHHsBnEEP0Bk3C1H5Yo=,tag:fi+7K3nAjVoavqy2Mt8W3Q==,type:str]
gemini_api_key: ENC[AES256_GCM,data:ToQn6NiBpebcSPIHbnAyTJm092Xv24pb7Q09hW/Qb0qZC0ORJGG5,iv:/VIw5hTKlZLaWYdEyaEvIv/ZPTBhq5OkguPL6wFs8A8=,tag:44tNJTBeHYW1ug+z+yKTrw==,type:str]
open_router_api_key: ENC[AES256_GCM,data:QLXIEqsUe8HQobJMvqh8fZi7azXjnz7B524kDPWB8Dk5tAv6EVvM0KHAa6aTGmeMB8LJiUPcLmPU0ifU07s2OyB3Q9w+IFvlfQ==,iv:pBr8SJG8FHP1oYrXrHG0gRMPfdXXoBNPGcYEXF3IJGg=,tag:Yf2FuncT3/9pcBIEN+irGQ==,type:str]
vicinae.json: ENC[AES256_GCM,data:VZ3Z3Q3/KSmqE20Jt91y7XnO8LjKKFg8PUFiFuj2aW3kf/dl40lNWATQxa5AmggGViOf2R+1Q2r4cyGQFUWiOww5gcUT3Op+Z+zqPTE+Heu8/Sst0Vi7ZjL8vvmc6HYpT4t6JvYCEr4jjnBwLIvaxNwxCArEfga5lMgOzDQqhnZeOkBCTGdCp4nN7eBaWBFK4Jsm905mm+N2yMD4/rlkFNA6EBEJ4j5A5DnFF3ooZKSqi0VUhvagZ0JsaGdHpn124hnKkVwLejcWlKYpmXu+5gYRh1F5sADR8BpubMeCoEnGB5zUuxd7v/8m8siYbYzJEMtoBLNVlFcfgdI7/tGfd5aj5S+/ZEHbL9UrSLpKiw==,iv:xayL9aZgak0y3hxwcijMSMslaLCMsVvkXm1Fefs652k=,tag:BE804jVdu1poJmoGPjwsqA==,type:str]
sops:
age:
- recipient: age14vktfes95f33vuefwnmuvryas7az04u76dsgyhfvsx73czkvmp2q7njkl4
@@ -21,7 +22,7 @@ sops:
UVM3a1VIMWZGRGNxaUNwbStKekd4N28KvouH73cSd9xMUzDX3ib5tsR8deXGaGTB
N36MxnZcv9AhX7YErc18OkUv+lHZf2MoJ+x5+XOMCjhlUOlvqcBrAg==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2025-10-10T10:15:15Z"
mac: ENC[AES256_GCM,data:ZkWoHKbfC9xqShgOy3KCDPzziQq6hHc6h/o+3MGd31juW2OLlkk4skyxF/u5Eoq6hAeMU27mKu3TnyvCQA3gv1trP5CObs5Cc/Rp8odN+B6549Ec5ljojQbmwwsTti3vo6CbbZXjBZyy6WzJqKWm6yotzp3AFC0CMe+GhsmKY30=,iv:JWWwy5mYdLOHQQ0f2mtRiAkG1LF0ckIe8ndrZfXuZ7Y=,tag:b3DCwgBBBmcJAEnL2qOH5g==,type:str]
lastmodified: "2026-02-17T13:38:15Z"
mac: ENC[AES256_GCM,data:KYa/c921oDF2JKEEO0Fdvh8J1qkuQDH2biaS79v1qRr4AUd1yRpyZ75NvHmeIrYNsXgcgzqCi7vtaCF7v/ucirruf20ZeNmCpVb0BfesNko+0PrjWpwnNbabVCVIJFZiGbe35ENcM0DPECvb7vBJ2QKvqMCot6Zys9TgeXRcmGk=,iv:BPEE3KEg7y0BvVkd+aNMRK8xk4JNKgk8R+AR94rCFiM=,tag:y7rrugvI7XmjDP0Dj7GwBQ==,type:str]
unencrypted_suffix: _unencrypted
version: 3.10.2
version: 3.11.0

11
hosts/common/default.nix
View File

@@ -15,7 +15,9 @@
../../modules/nixos/selfhosted/upstream-proxy.nix
../../modules/nixos/selfhosted/tfolio.nix
../../modules/nixos/selfhosted/cyber-tux.nix
../../modules/nixos/selfhosted/containers/aiostreams.nix
../../modules/nixos/networking/ssh.nix
../../modules/nixos/distrobox.nix
];
sops.secrets.tux-password = {
@@ -48,7 +50,14 @@
home-manager = {
backupFileExtension = "hm-backup";
useUserPackages = true;
extraSpecialArgs = {inherit inputs outputs username email;};
extraSpecialArgs = {
inherit
inputs
outputs
username
email
;
};
users.${username} = {
imports = [
./home.nix

1
hosts/common/home.nix
View File

@@ -5,7 +5,6 @@
...
}: {
imports = [
inputs.impermanence.nixosModules.home-manager.impermanence
inputs.nix-index-database.homeModules.nix-index
../../modules/home/shell

97
hosts/common/secrets.yaml
View File

@@ -1,79 +1,88 @@
tux-password: ENC[AES256_GCM,data:68ZXKJMBBLV1mkNP9LFf+xC5arsARqKPFQAtmfag3ftip1suuZ1FmQICqsuCqXgGuwcSfH4ACkuiQ769u4aI7+jPxs0A62hFig==,iv:Yx9EfqChjBtgxxkWmayfKWoE498w4wUYoS353cMUMsI=,tag:Zr3KuIiXsi2VahRZ7Ncpig==,type:str]
tux-password: ENC[AES256_GCM,data:yAqMKsk7uz0F0k32PdYnqAmn+tdLyXl2krvMstdgFCvIUZH8TlATWCUMPUtnxQiTQqCUY+Q8LE+yYcFFGC3r5TskbF98igZTDA==,iv:hkE/21gdD2bCEdIITrhm9lhKRTHhCPeo8YaYS61/dEM=,tag:/tz2Xvy2ro9gGwKHrJuuzw==,type:str]
sops:
age:
- recipient: age14vktfes95f33vuefwnmuvryas7az04u76dsgyhfvsx73czkvmp2q7njkl4
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBWblJrWjErZC81d1IzTHV6
ZUkwTEhRdVdTTlJQb1pocnpnSkdZSWNTelVFCkJLR3VwT2dwM3IydCtkZ24yLzVF
ei9xMG51djNldnZkSnVqeEtsVFNSMkEKLS0tIGNEdi9OV0ZjVW93SUUyVURpT2tR
U3ZybTNac1JvVW9zTy9ocE5FUkpQTjAK2lAp5MC3B779uSWaOOxbnfdAa9xYDCL2
TloXlxfuYKe0j9Z2TIlYOa6z+/m8upOpE42Ux0qjZprE1LBq3g5uMA==
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBXaTFZSENQZDcvczUrVFF6
Mm1GV3pqSzVPd2pQaUp3ZGRJS0kzMExXSmtJCkVwR1VxbUhCTTlKVHlLR0kvWkFO
R2VmQWhzSEsya3I4b1JRWnFSbXdUanMKLS0tIFR5bkU3cEVHL3BlUFRjL2l2ZDBK
WUVaZzFCQkc0KzRNQlRRdGNvWFdQNkUKhxAV3VavBzjSQHJPNn+Ghspi1scCq7dS
Qu81Q24kMK9sL7ddTjB7UqCgZ3LHq+Izzw5cSYVy+nq150oCBURnoA==
-----END AGE ENCRYPTED FILE-----
- recipient: age1f860dfewlx5jtt9ejr47gywx70p3dmyc8mat29gpr75psljwjv8q5xyxkq
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBoZGdNSG5ER0JxbWhNanJU
WGlCZlIyT3JLWnFkSnBaakkyMXZBU0o0cjFVCml5VDB2d2dJTGkvVDh5M1NweXl1
ajl3R2RUWmtwWU5RUlpsVFIvM3R0cUUKLS0tIFNkbmtrRGdrcUFibDlldncrbjg2
TWJ1UFh5RnI2VDRocnZ0VVNmd2JRSVEKmqNV4dADO9ZxTjlDgMC5fNdioJrO6vrN
vTg3lTrwOTZ/TCg9PS2T5QEX9fZh2UthCEisPO7p1Q81Gyk7ySg2ow==
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBNVGdJQTdBVHAxTmFoeThj
RWE0QjBiQUt5UkdDZzBRQm5vTUtGZmRxQ2xvCkRiUDIxUkV3ZW5Jd1ZoZWRzeE03
T0VPZE9pYXJGclVZSTJRM1JaVjM3VU0KLS0tIGFXQ3pRWXFYYWkrYngyZDJST2Jr
UlAzTFdxMENxckVpL05ReENjZHk3b1UK1NEgbZ5AMf9h6zlfIHL7ugNSyQ156T5r
x3l7nFrvxAWE9aTzn03hFjgRP72If6k/3pHJmT8h2494+K20qAmx6g==
-----END AGE ENCRYPTED FILE-----
- recipient: age1x36yr8h993srfj29sfpzt4wyz52nztvncpmhgmfs0j26qvfecq3qvcm0an
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBYZWRuaHIvT3BSZ2M0OUla
YWhSa2Q5SDJNbkRLQUZxaVFISmJENTIxc0hrCjlKTVBCK2g2WWNNNlNJQ25sMjVY
TURsSkNsbTQwRGlyU3NySis5azNvTVUKLS0tIGZHUEh3NHMyVXN5T0pXOWpOT1JP
UmZSM1J0elprbVBUZzU5QjVLRnVxNWsKFVdUQcKiHaSDR2+GqafXvoRQ0yyiKMcy
/UP/yCMoNUYIpiv4ocRhtDj4QrrO6NdJJTUifMkB9I1B6R7B7NG/gw==
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBwZE16cm5vNzhVSkY5K2hV
MWRaMHNIL1Q2cDZ0eHozbTJJWklKb09BK213CkFSazJGdnBWQnRvQ2Zlc1JQazZV
VWVMb1FpcUZMeURQSXJBTkJGeVdCeUkKLS0tIG1uRDJ4T2pRaVY1aERQOWhZdGl0
b3JVbHNpY1B5ekpodHp3ZXlrZFplNFEKiRPqPKh3g33a2/fQVrj8qGOcXheVaLgA
CAShzomubIQNFZUnl12hjH+ZcKlAwYFXzCrHUNdkEUWRIASqGa5oMA==
-----END AGE ENCRYPTED FILE-----
- recipient: age1jg642q775gmnmxeu29gcf3lph8vem4xr8t84cxe809dpd0myrussh49h60
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBNeEpwakIyMkRYN1c0bUNy
eDFpUGlkTW02NWE1VlYxYnNsQTJ1NHIyWVY4ClI3VHlSWW1IK3I3SHY5YXN5S09q
OU5aSXVXU0FVU1VrNGlCTzFKWm95ZkkKLS0tIGV0Sy9LYlBuTm4xa2Zkc3JoaWo0
ZXllYnMwaXBXTW5vVVhoNXVFcEwvdlEKbuiT2/Isi3nsx/r3whpX6RiLEtsLMm6f
2A3bKpz1+MUupE6umEIBCXc+k58W6VhBkdrMxGtxZt1ZeA8ftz4bVA==
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAvQ3UybGxJaUU5ckdDak5F
d3RJdlR3VHNHZTJ0UXhXc08wSVVXZVFZb2lvClZGSzV6QmhqL01rYjhjdjNKT2RT
V3k1QUF4VXBNb2d6dnA0N2lNNnpXS00KLS0tICs3bWRHMGZiMmM4S3YyY0ttRWZ1
Snd1QTlRUndzK0RSUld1TlRkNU13cHMKTZsBN/4nBfEndip/vCUNtFZF89MKT8uA
C/hKD33ycaLNzmgxz3VRSCxeALMspeobeOLfRHJLflusD9xGgXn73A==
-----END AGE ENCRYPTED FILE-----
- recipient: age1zsl5d4vj6gl3h96y5p53sq5y4vr4vtlwp727h7rp9a4xfkxm53lqrh6r50
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBnbFUwbXoyUnZGMElMdldX
UkJseC9XWEU3Vks2eGdYbHFjUjZMUVVGbkY0ClNIWFMvWEl1eDRncEt1dy9iVS81
ZE1rN25lR0w0Wno2OHZDZTRhSTVXVDgKLS0tIG9jNmFkdGxoRmRCT1RJQjVlOUJa
R0kxbllzMXZML1J6MitXSGhSTkF0MEkK8g7s87t956UTDtQO+IUEXe2B6WNM+KfH
aRobwCjvXcv5I8G+gkNll23MYlLMBRZ1qkeq24R0xA7cMYXj5APUsA==
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBQWmkrNXJvUjR5anlUcFVE
NExQTnAwZDVmWEl3c3B2bis1N00wQzF6MFFvCnpENVNJU1JWLyswNnZoUTBZNE16
V2ZtLzIzanZEOWhkYXFxaWVLaDZoUDAKLS0tIEs3SXRZU283dERkZEFabmtFZTEx
aUIwRTgzQklUZmlnS05MQ2o5QmJSQk0KVrx1ZHqnS3KQ9jB7yqVIWbrQAdqDt/c4
i3mst4a/rKjgZGUYugHMctJppPIpqqVZTpBHPgY5OiAGESMrUZE+Ig==
-----END AGE ENCRYPTED FILE-----
- recipient: age1zujp5gxy7suv8ysnygv43cmzuvv36nxfg0ch7r3xg2emc6fz3vmqqujheq
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA0bTBEck44R2ZxS0M3Ris1
VllxeEgyTjRWcHp3RUdpMytFQ0podkxXT1JrCi9VU2U2SHFrd1dPb3RESkQ4OGhi
RjZVVTZWQUVXSUxqaG5KVkJxQ0RCQncKLS0tIDJiVGpIU0NjelVCZkloOGhxQTdV
eHlaVm9iUFk2YThXZnU5SVpHUVVHbkEKcmUvbINRqmkkvXyyskNJ4eYD7VdQnxqg
7VuWV7zUK5ZVPv9kJiUl3OB3vNU8U15sNIdAjCp8//RtNkRyDJMgEQ==
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBvdUhKNU5BYmNEdllkWU1R
QVIxMExuYit6ekNwVHFmd2dGNEJtTTlHd0IwCkxiZnAvSURQY2RyWnRVVGxtdlUv
bmNpNFB6OENqOFJSakQ2NGJ0cVJTQlkKLS0tIEt5QXBXNC9WaDdIdklTeTA3ZEp6
Y212bDZSRkttWjBqTEdkbjY4WHd5RTgK1Y779ogFUcr89gosqh7rra7Wg6G/Ez1o
/+48kxF2DTKZLJYX2AFEP5H0JjBDtt+isiO7H1644LjdAwO/sgFMSQ==
-----END AGE ENCRYPTED FILE-----
- recipient: age1ydkclhk9kwqdq74utesqdfupt43lz64d5k65gz2z9uyljcqq9fcq3hv28l
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBjVjU1Vy9tMkp5MS96Si9v
bnB4OHpzdktPeStYZHFZTXVmSWphMkxFQkRZCjEvTEpZY1I4TWNlM0c4Wi9nUVhx
dktvOXdXQ0M1YzhVU3BlOUZ4Tjkrd28KLS0tIC9NT0NKZTd0VUVUQTB6UHhDSVVw
eFM1Q1JOVXZoSXltRVZpaTNTUWhNa3MKFoY5bWWQS9qh0j8sgIgRA4jT6sl0xRkC
Tu0WUz344TzkJFuy7MgOpviQMqAijmbyYjaRSdS3CLGHvTKY8GcpOA==
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBwQXFScVBqUDZHc3BDK3N4
T3BnSWk5SElzZllYRHdlMStPS2ZyMDZoZ3pnCm5KVnBYb1R6anRWd04rNllPSW1G
ZVMwMTQ5NjQvaEYwZUhOOE56ckJHb00KLS0tIEpCWmNQZzFlK3ZrRGFPMFVwZndG
ZStueWovUmtKdTk2enRJa3NSbFpJL1UKtzKYPJ6vy6+VjPkrsRvNTwUtV198oglr
cMqBSuwkqzgjDC09sRMnW5PRfJo8hG+5gkd6EPZ8uAbUhGC+kAyLrg==
-----END AGE ENCRYPTED FILE-----
- recipient: age1put942dyhly8nk9c8n0h8tq0x6xplrg3uw5q0d2jmvwez3zq79qsapl7he
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB0ZU93NCtxODQ2YjA4TUcr
aWEyaW4zREZtVUpuZWhZSUw3TWhpMXBYWEVVCitDNGx1eWZQZGsvUDl0UzNCd0Zp
QndpMys5OVg1WXMrdXRDUkFZWDErcjAKLS0tIDBOZTBxM09INTIxZm9tQk10ZUc2
emExUmJZZk00WmxYK2Y3WCtmQXhSUmsKwMxI9I6kQYkvZ4TzJtv/MdGLwTbQdePx
XB+oFbc9Rp3IAEZfH1+VEtJRjyKk5hE7HQoIh92XxJvmbDIswOe/Rg==
-----END AGE ENCRYPTED FILE-----
- recipient: age1y4luzn2jls7rvgphej23srvdlx563lxq29tvf66vhwwzaf7c3f3qzvresh
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBSYlpXRGNpQVZTQ3hZK2lr
L2xodmhycTlRczN1c2Zib3RoeGlxQTAwTVRRCkJ1aWc3bzAyNnlMbUhuK2YwTXBq
Q1VhUUtWWXU0RXY2NG5jMG90dis4bEUKLS0tIHlkRkdCV0ZvU2pLZDRlN2h6c0JO
TTNtbGY1UWV5K3VQWjk5WlgyNUd1UVkK+XeX8vK4K2DJaWtFE91YGg/58M09rwuj
VVcMIPPPO1+KD16HTe1b8bVPeNfpIj9p3ybew3ILducyrYiRrxzGwg==
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBwNUhPQThmWjJROW95SWsw
aFk4dGR3c0RJZTkwSHFXaWp2UCtQWS9xYjFnCnAxa0RMV0xsNnZ2cnVMbmRzRFYv
QmRZQVY1ME9zTmZtT1RxUmFQc2JYc2cKLS0tIGxUTjYwYXZUMU9FY3BFS04zQk1G
bFJwRno1a0pwVHpaV0haZjlZazNtZDAKxTvzsmLtx50sI2bZ3fFcB6j9ZLas4KmL
5bu9Z75hFi+N1sjvMpcK7oIFypGLIWU3xpTP//jv6RuiyjGuR2Dq2w==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2025-10-10T10:14:47Z"
mac: ENC[AES256_GCM,data:fmBWLOOCvJLfKSNG14zd9cBEa9+M4dJ7UtR+SZfGEcoGtBPmX1c6ZR8OgB+I45WkpT+Ho8kwQMcnD0n6IWzg946OEzIZjNuCds/wM1cCd3LjjlqwKnN1QGL5DNSIyi5CFzrjvvFtZCsw2acNjxtK86JujhpOivdVKC/kGkJzF0M=,iv:g0jXzrtU53YpW/NIb8ulmOGSJIXMA1Wady6DlOMA9aU=,tag:zf7WmNNYcFO9Rtynm5vaUg==,type:str]
lastmodified: "2025-11-04T09:28:17Z"
mac: ENC[AES256_GCM,data:A+xfYhnoq/JWYGZOleieF5vjrsPOtkKnXPbd94iBAbnuuBKx8Vgkpuum+hJzVIBdDSCVm8hl2Tpcw7NqWLSkXtBR/NKixzk6eIwFvOZz4h7Qe1Zue10pB25IkIzR34sLnWSHtsxuRRG6fZnf0CNtp7baf4XU3doyDwy5A384Jf0=,iv:i0y0UEY7SSCOBIBc+97qIiq4obpUJYb3gFo1yEc5eUI=,tag:c5zONd6zTv3sq4bPqT73OQ==,type:str]
unencrypted_suffix: _unencrypted
version: 3.10.2
version: 3.11.0

18
hosts/homelab/default.nix
View File

@@ -23,6 +23,21 @@
discord_token = {
sopsFile = ./secrets.yaml;
};
hyperbolic_api_key = {
sopsFile = ./secrets.yaml;
owner = "${username}";
};
gemini_api_key = {
sopsFile = ./secrets.yaml;
owner = "${username}";
};
open_router_api_key = {
sopsFile = ./secrets.yaml;
owner = "${username}";
};
};
tux.services.cyber-tux = {
@@ -109,7 +124,7 @@
programs = {
nix-ld = {
enable = true;
package = pkgs.nix-ld-rs;
package = pkgs.nix-ld;
};
};
@@ -141,6 +156,7 @@
];
};
users.users.${username} = {linger = true;};
home-manager.users.${username} = {
imports = [
./home.nix

22
hosts/homelab/hardware.nix
View File

@@ -1,17 +1,21 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }:
{
imports =
[ (modulesPath + "/installer/scan/not-detected.nix")
];
config,
lib,
pkgs,
modulesPath,
...
}: {
imports = [
(modulesPath + "/installer/scan/not-detected.nix")
];
boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" "usbhid" "usb_storage" "sd_mod" "sdhci_pci" ];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-amd" ];
boot.extraModulePackages = [ ];
boot.initrd.availableKernelModules = ["nvme" "xhci_pci" "usbhid" "usb_storage" "sd_mod" "sdhci_pci"];
boot.initrd.kernelModules = [];
boot.kernelModules = ["kvm-amd"];
boot.extraModulePackages = [];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's

5
hosts/homelab/home.nix
View File

@@ -1,5 +1,5 @@
{username, ...}: {
home.persistence."/persist/home/${username}" = {
{...}: {
home.persistence."/persist" = {
directories = [
"Projects"
"Stuff"
@@ -15,7 +15,6 @@
files = [
".wakatime.cfg"
];
allowOther = true;
};
home.stateVersion = "24.11";

14
hosts/homelab/secrets.yaml
View File

@@ -1,9 +1,8 @@
discord_token: ENC[AES256_GCM,data:fZqz6LD3+Svtton5gNCXO5ddWAqW1IyxP3M2DAIXZEIYRHUfAq8h9LES2IHWepjl5qKimxB35zacE/TYK2fitngWtRGVoMDBzzU6VTKNulNV3yFWrPA=,iv:YOplYld+c9vHVC0Srfm89qrh4yUygDiW67X2TdwHKMc=,tag:Ioc2wNLX818fRQ/2PSO7Sw==,type:str]
hyperbolic_api_key: ENC[AES256_GCM,data:t8xjjzhgvM9BXiB5jDc2RR384d+mL5zXr+/obDLMm2J+IN+Xw9fr4iz50CTQ5ZMWWMoPjxzY5vgiJ+h71BsDRM0TvBMWuXd2ihKOIZOVo6OQmCX/SeKUgkjunFqz+YKcxsLsF7ZG/tOgWGqMmxom8iGV7LELKG/8MLDCF50YgJNO568MJMUU,iv:Cf+mSG2dxsRclDy8k7gK+hi+Qd5J7wqfS9SQztRob80=,tag:Io4aAFa29SUsfuPFI2/+DA==,type:str]
gemini_api_key: ENC[AES256_GCM,data:GJWo7dXSaUbl2Q9h+Sc1sRF0g+82LyHk3mKFqDaBmRdalvyGwMvp,iv:odLpACXHVqxWIj7e/u6AY1pxjYX+e10Lezne1BlHl60=,tag:qO3zcz/93eHuEzG66zwwdA==,type:str]
open_router_api_key: ENC[AES256_GCM,data:ETiZEngQRnOrJtDXSDfBanzbUyThTAu9BSQCL1tuVv07CCWJaXUui9Y0kS9oIO5to655FON3C0RxovTGx6rWQwOMKeEn5bHUHA==,iv:ePJzHKFWddkLGfydPi6uEzvksm7Djln/DBV88Jc1ugA=,tag:Eb7eYPMC0DlqtT7OFK4UuA==,type:str]
sops:
kms: []
gcp_kms: []
azure_kv: []
hc_vault: []
age:
- recipient: age14vktfes95f33vuefwnmuvryas7az04u76dsgyhfvsx73czkvmp2q7njkl4
enc: |
@@ -23,8 +22,7 @@ sops:
Y1RHaFdXaE9DODJtSTFCSVZWb0xVeUEK4qeBKg3u+vhBIM1dQ7BaOWi/C7Q8hk60
vu9Zr075n0+kb5Ab+RH24ZmEoP5PJXjwEfbAnmRTjn0reYn1nfcNYA==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2025-02-15T12:45:59Z"
mac: ENC[AES256_GCM,data:NLGe7L/oiG62x4PmQ6FobnuisFmMxYoGhxfqQ4qZdy9emYL/+FnrtFsKTKqZ9IHjrNnCmbk7y+Cds/azC1xGVcaj50jEox87vtqIZ3z0XsD1mJjCAdHkBVzzpQGwHas/5y0Inyj+oKsvQrqVacqYHVA/ES+zMvou8nD+EWIH2LE=,iv:fBVOnwih+QFkYZ8IfMBpQiT1XwSZtzo3VYaBOL3I5o4=,tag:p+ePQsrmcLcnLr2fgWQXQg==,type:str]
pgp: []
lastmodified: "2025-10-14T06:52:16Z"
mac: ENC[AES256_GCM,data:/p5Mbonr1YcrDgBIi+wFFPnNKsn74kuWf/EloNDnVWg59LuBy3nhrfXHUvbwlX7vLbSLozbuAHKTDcQ0+OUXJTYvMRApAGVh9HrvQFEQuOPOkwN8/qtdvwduInetX3t7PLWu4vbCVhl1v2BzJyEVQ9tzn7+8zEJhDDS7cPsZ9Is=,iv:GPJxjmOQPAqh0TulLhhX4UX+5FrZizCtDOkQa9xxaXY=,tag:Vv33D3wubWBDVOxdKOMENQ==,type:str]
unencrypted_suffix: _unencrypted
version: 3.9.4
version: 3.10.2

2
hosts/isoImage/default.nix
View File

@@ -35,7 +35,7 @@
ssh.startAgent = true;
thunar = {
enable = true;
plugins = with pkgs.xfce; [
plugins = with pkgs; [
thunar-archive-plugin
thunar-volman
];

1
hosts/isoImage/home.nix
View File

@@ -12,6 +12,7 @@
home.pointerCursor = {
package = pkgs.bibata-cursors;
name = "Bibata-Modern-Ice";
size = 28;
};
home.stateVersion = "24.11";

54
hosts/node/default.nix Executable file
View File

@@ -0,0 +1,54 @@
{
inputs,
username,
...
}: {
imports = [
inputs.disko.nixosModules.default
(import ./disko.nix {
device = "/dev/nvme0n1";
device2 = "/dev/nvme1n1";
device3 = "/dev/sda";
})
./hardware.nix
../common
];
tux.services.openssh.enable = true;
boot.loader.grub.enable = true;
networking = {
hostName = "node";
networkmanager = {
enable = true;
wifi.powersave = false;
};
firewall = {
enable = true;
allowedTCPPorts = [
22
8545
8546
9545
9546
];
};
};
security.rtkit.enable = true;
environment.persistence."/persist" = {
enable = false;
};
home-manager.users.${username} = {
imports = [
./home.nix
];
};
system.stateVersion = "25.05";
}

87
hosts/node/disko.nix Normal file
View File

@@ -0,0 +1,87 @@
{
device ? throw "Set this to the disk device, e.g. /dev/nvme0n1",
device2 ? throw "Set this to the disk device2, e.g. /dev/nvme1n1",
device3 ? throw "Set this to the disk device3, e.g. /dev/nvme1n1",
...
}: {
disko.devices = {
disk = {
disk1 = {
type = "disk";
device = "${device}";
content = {
type = "gpt";
partitions = {
boot = {
size = "1M";
type = "EF02"; # for grub MBR
};
mdadm = {
size = "100%";
content = {
type = "mdraid";
name = "raid0";
};
};
};
};
};
disk2 = {
type = "disk";
device = "${device2}";
content = {
type = "gpt";
partitions = {
boot = {
size = "1M";
type = "EF02"; # for grub MBR
};
mdadm = {
size = "100%";
content = {
type = "mdraid";
name = "raid0";
};
};
};
};
};
hdd = {
type = "disk";
device = "${device3}";
content = {
type = "gpt";
partitions = {
data = {
size = "100%";
content = {
type = "filesystem";
format = "ext4";
mountpoint = "/mnt/hdd";
};
};
};
};
};
};
mdadm = {
raid0 = {
type = "mdadm";
level = 0;
content = {
type = "gpt";
partitions = {
primary = {
size = "100%";
content = {
type = "filesystem";
format = "ext4";
mountpoint = "/";
};
};
};
};
};
};
};
}

29
hosts/node/hardware.nix Normal file
View File

@@ -0,0 +1,29 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{
config,
lib,
pkgs,
modulesPath,
...
}: {
imports = [
(modulesPath + "/installer/scan/not-detected.nix")
];
boot.initrd.availableKernelModules = ["xhci_pci" "ahci" "nvme" "usbhid"];
boot.initrd.kernelModules = [];
boot.kernelModules = ["kvm-amd"];
boot.extraModulePackages = [];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's
# still possible to use this option, but it's recommended to use it in conjunction
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
networking.useDHCP = lib.mkDefault true;
# networking.interfaces.enp41s0.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
}

3
hosts/node/home.nix Normal file
View File

@@ -0,0 +1,3 @@
{...}: {
home.stateVersion = "25.05";
}

8
hosts/sirius/default.nix
View File

@@ -12,6 +12,11 @@
../../modules/nixos/virtualisation/docker.nix
];
hardware.nvidia-container-toolkit = {
enable = true;
suppressNvidiaDriverAssertion = true;
};
tux.services.openssh.enable = true;
sops.secrets = {
@@ -42,6 +47,7 @@
enable = true;
defaultUser = "${username}";
useWindowsDriver = true;
interop.register = true;
};
networking.hostName = "sirius";
@@ -53,7 +59,7 @@
nix-ld = {
enable = true;
libraries = config.hardware.graphics.extraPackages;
package = pkgs.nix-ld-rs;
package = pkgs.nix-ld;
};
dconf.enable = true;

1
hosts/vega/default.nix
View File

@@ -56,6 +56,7 @@
enable = false;
};
users.users.${username} = {linger = true;};
home-manager.users.${username} = {
imports = [
./home.nix

32
hosts/vega/hardware.nix
View File

@@ -1,24 +1,28 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }:
{
imports =
[ (modulesPath + "/installer/scan/not-detected.nix")
];
config,
lib,
pkgs,
modulesPath,
...
}: {
imports = [
(modulesPath + "/installer/scan/not-detected.nix")
];
boot.initrd.availableKernelModules = [ ];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ ];
boot.extraModulePackages = [ ];
boot.initrd.availableKernelModules = [];
boot.initrd.kernelModules = [];
boot.kernelModules = [];
boot.extraModulePackages = [];
fileSystems."/" =
{ device = "/dev/disk/by-uuid/44444444-4444-4444-8888-888888888888";
fsType = "ext4";
};
fileSystems."/" = {
device = "/dev/disk/by-uuid/44444444-4444-4444-8888-888888888888";
fsType = "ext4";
};
swapDevices = [ ];
swapDevices = [];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's

1
hosts/vps/default.nix
View File

@@ -91,6 +91,7 @@
];
};
users.users.${username} = {linger = true;};
home-manager.users.${username} = {
imports = [
./home.nix

5
hosts/vps/home.nix
View File

@@ -1,11 +1,10 @@
{username, ...}: {
home.persistence."/persist/home/${username}" = {
{...}: {
home.persistence."/persist" = {
directories = [
"Projects"
".ssh"
".local/share/zsh"
];
allowOther = true;
};
home.stateVersion = "24.11";

4
modules/home/alacritty/default.nix
View File

@@ -8,7 +8,7 @@
bold.family = "JetBrainsMono Nerd Font";
italic.family = "JetBrainsMono Nerd Font";
bold_italic.family = "JetBrainsMono Nerd Font";
size = 16;
size = 12;
};
window = {
@@ -28,7 +28,7 @@
colors = {
primary = {
background = "#0d0f18";
background = "#0f0f0f";
foreground = "#a5b6cf";
};
normal = {

7
modules/home/barrier/default.nix
View File

@@ -1,7 +0,0 @@
{pkgs, ...}: {
# services.barrier.client.enable = true;
home.packages = with pkgs; [
barrier
];
}

150
modules/home/desktop/hyprland/default.nix
View File

@@ -1,10 +1,12 @@
{pkgs, ...}: {
imports = [
./hyprlock.nix
./hyprpaper.nix
];
home.packages = with pkgs; [ags];
home.packages = with pkgs; [
ags
awww
];
wayland.windowManager.hyprland = {
enable = true;
@@ -14,7 +16,7 @@
systemd.variables = ["--all"];
plugins = with pkgs.hyprland-plugins; [
hyprexpo
# hyprexpo
];
settings = let
@@ -31,13 +33,19 @@
terminal = "wezterm";
floating_terminal = "wezterm start --class wezterm-floating";
editor = "wezterm -e nvim";
browser = "brave";
browser = "brave --new-window";
spotify = "wezterm start --class wezterm-floating -e spotify_player";
filemanager = "wezterm start --class wezterm-floating -e superfile";
filemanager = "wezterm -e superfile";
in {
# See https://wiki.hyprland.org/Configuring/Multi-GPU
env = "AQ_DRM_DEVICES,/dev/dri/card2";
#-- Output
# See https://wiki.hyprland.org/Configuring/Monitors
monitor = "eDP-1,2560x1440@90,0x0,1";
monitor = [
"eDP-1,2560x1440@90,0x0,1"
"HDMI-A-1,preferred,0x-1440,1"
];
#-- Input: Keyboard, Mouse, Touchpad
input = {
@@ -71,6 +79,11 @@
misc = {
disable_hyprland_logo = true;
force_default_wallpaper = 1;
vrr = 0;
};
cursor = {
no_hardware_cursors = 1;
};
ecosystem = {
@@ -82,19 +95,19 @@
# See https://wiki.hyprland.org/Configuring/Variables/#decoration
decoration = {
rounding = rounding;
active_opacity = 0.95;
inactive_opacity = 0.95;
active_opacity = 1.0;
inactive_opacity = 1.0;
fullscreen_opacity = 1.0;
blur = {
enabled = true;
size = 6;
enabled = false;
size = 4;
passes = 3;
new_optimizations = true;
xray = true;
xray = false;
special = true;
brightness = 1;
noise = 0.01;
noise = 0.02;
contrast = 1;
popups = true;
popups_ignorealpha = 0.6;
@@ -111,34 +124,16 @@
enabled = true;
bezier = [
"linear, 0, 0, 1, 1"
"md3_standard, 0.2, 0, 0, 1"
"md3_decel, 0.05, 0.7, 0.1, 1"
"md3_accel, 0.3, 0, 0.8, 0.15"
"overshot, 0.05, 0.9, 0.1, 1.1"
"crazyshot, 0.1, 1.5, 0.76, 0.92"
"hyprnostretch, 0.05, 0.9, 0.1, 1.0"
"menu_decel, 0.1, 1, 0, 1"
"menu_accel, 0.38, 0.04, 1, 0.07"
"easeInOutCirc, 0.85, 0, 0.15, 1"
"easeOutCirc, 0, 0.55, 0.45, 1"
"easeOutExpo, 0.16, 1, 0.3, 1"
"softAcDecel, 0.26, 0.26, 0.15, 1"
"md2, 0.4, 0, 0.2, 1" # use with .2s duration
"zoom, 0.05, 0.7, 0.1, 1.0"
];
animation = [
"windows, 1, 3, md3_decel, popin 60%"
"windowsIn, 1, 3, md3_decel, popin 60%"
"windowsOut, 1, 3, md3_accel, popin 60%"
"border, 1, 10, default"
"fade, 1, 3, md3_decel"
"layersIn, 1, 3, menu_decel, slide"
"layersOut, 1, 1.6, menu_accel"
"fadeLayersIn, 1, 3, menu_decel"
"fadeLayersOut, 1, 1.6, menu_accel"
"workspaces, 1, 3, menu_decel, slide"
"specialWorkspace, 1, 3, md3_decel, slidevert"
"windows, 1, 1, zoom, slide"
"windowsIn, 1, 1, zoom, slide"
"windowsOut, 1, 1, zoom, slidevert"
"windowsMove, 1, 1, zoom, slide"
"fade, 1, 2, zoom"
"workspaces, 1, 1, zoom, slide"
];
};
@@ -150,48 +145,41 @@
mfact = 0.5;
new_on_top = false;
orientation = "left";
inherit_fullscreen = true;
smart_resizing = true;
drop_at_cursor = true;
};
#-- Window Rules
# See https://wiki.hyprland.org/Configuring/Window-Rules
windowrulev2 = [
"float, class:com.github.hluk.copyq"
"size 800 600, class:com.github.hluk.copyq"
"float, class:org.pulseaudio.pavucontrol"
"size 800 600, class:org.pulseaudio.pavucontrol"
windowrule = [
"float on, center on, size 800 600, match:class org.pulseaudio.pavucontrol"
# Wezterm and Ghostty floating terminal
"float, class:(com.ghostty.floating|wezterm-floating)"
"size 1200 800, class:(com.ghostty.floating|wezterm-floating)"
"float on, center on, size 1200 800, match:class (com.ghostty.floating|wezterm-floating)"
"float, class:GalaxyBudsClient"
"size 900 700, class:GalaxyBudsClient"
"float on, center on, size 900 700, match:class GalaxyBudsClient"
# KDE Connect
"float, class:(org.kde.kdeconnect.sms|org.kde.kdeconnect.app)"
"size 900 700, class:(org.kde.kdeconnect.sms|org.kde.kdeconnect.app)"
"float on, center on, size 900 700, match:class (org.kde.kdeconnect.sms|org.kde.kdeconnect.app)"
"workspace 3 silent, class:(firefox|Brave-browser)"
"workspace 5 silent, class:(discord|org.telegram.desktop)"
"workspace 7 silent, match:class (discord|org.telegram.desktop)"
];
plugin = {
hyprexpo = {
columns = 3;
gap_size = 5;
bg_col = "rgb(111111)";
workspace_method = "center current";
# plugin = {
# hyprexpo = {
# columns = 3;
# gap_size = 5;
# bg_col = "rgb(111111)";
# workspace_method = "first 1";
# gesture_distance = 300;
# };
# };
enable_gesture = true;
gesture_fingers = 3;
gesture_distance = 300;
gesture_positive = true;
};
};
gesture = [
"3, horizontal, workspace"
"3, up, dispatcher, exec, brightnessctl s +20%"
"3, down, dispatcher, exec, brightnessctl s +20%-"
];
bindm = [
"SUPER,mouse:273,resizewindow"
@@ -201,33 +189,32 @@
bind = [
# apps
"SUPER, Return, exec, ${terminal}"
"SUPER, Space, exec, vicinae toggle"
"SUPER, F, exec, ${filemanager}"
"SUPER, E, exec, ${editor}"
"SUPER, B, exec, ${browser}"
"SUPER, G, exec, GalaxyBudsClient"
"SUPER, D, exec, discord"
"SUPER, T, exec, Telegram"
"SUPER, S, exec, ${spotify}"
"SUPER, V, exec, copyq show"
"SUPER, V, exec, vicinae vicinae://extensions/vicinae/clipboard/history"
"SUPER_SHIFT, Return, exec, ${floating_terminal}"
"SUPER_SHIFT, S, exec, flameshot gui"
"SUPER_SHIFT, S, exec, hypr-screenshot"
"SUPER_SHIFT, W, exec, vicinae vicinae://extensions/sovereign/awww-switcher/wpgrid"
# tpanel
"SUPER, A, exec, ags toggle launcher"
"SUPER_SHIFT, B, exec, ags toggle bar"
"SUPER_SHIFT, C, exec, ags toggle control-center"
"SUPER_SHIFT, W, exec, ags toggle wallpaper-manager"
"SUPER_SHIFT, R, exec, ags quit; ${pkgs.tpanel}/bin/tpanel"
# hyprland
"SUPER, Q, killactive"
"SUPER, grave, hyprexpo:expo, toggle"
# "SUPER, grave, hyprexpo:expo, toggle"
"SUPER_SHIFT, Q, forcekillactive"
"SUPER_SHIFT, F, fullscreen, 0"
"SUPER_SHIFT, Space, exec, hyprctl dispatch togglefloating; hyprctl dispatch resizeactive exact 1200 800; hyprctl dispatch centerwindow;"
# shutdown
"SUPER_SHIFT, P, exec, poweroff"
"SUPER_SHIFT, P, exec, hyprctl dispatch pin"
# lock
"SUPER_SHIFT, L, exec, hyprlock"
@@ -250,6 +237,8 @@
"SUPER, 3, workspace, 3"
"SUPER, 4, workspace, 4"
"SUPER, 5, workspace, 5"
"SUPER, 6, workspace, 6"
"SUPER, 7, workspace, 7"
# send to workspaces
"SUPER_SHIFT, 1, movetoworkspacesilent, 1"
@@ -257,14 +246,18 @@
"SUPER_SHIFT, 3, movetoworkspacesilent, 3"
"SUPER_SHIFT, 4, movetoworkspacesilent, 4"
"SUPER_SHIFT, 5, movetoworkspacesilent, 5"
"SUPER_SHIFT, 6, movetoworkspacesilent, 6"
"SUPER_SHIFT, 7, movetoworkspacesilent, 7"
];
workspace = [
"1, monitor:HDMI-A-1"
"1, monitor:HDMI-A-1, default:true"
"2, monitor:HDMI-A-1"
"3, monitor:HDMI-A-1"
"4, monitor:eDP-1"
"5, monitor:eDP-1"
"4, monitor:HDMI-A-1"
"5, monitor:HDMI-A-1"
"6, monitor:eDP-1"
"7, monitor:eDP-1"
];
binde = [
@@ -273,6 +266,7 @@
"SUPER_CTRL, right, resizeactive, 20 0"
"SUPER_CTRL, up, resizeactive, 0 -20"
"SUPER_CTRL, down, resizeactive, 0 20"
"SUPER_CTRL, equal, exec, hyprctl dispatch layoutmsg mfact exact 0.5;"
# move active (Floating Only)
"SUPER_ALT, left, moveactive, -20 0"
@@ -299,11 +293,11 @@
"exec-once" = [
# load hyprland plugins
"hyprctl plugin load '$HYPR_PLUGIN_DIR/lib/libhyprexpo.so'"
# "hyprctl plugin load '$HYPR_PLUGIN_DIR/lib/libhyprexpo.so'"
"hyprpaper"
"easyeffects --w"
"awww-daemon"
"${pkgs.tpanel}/bin/tpanel"
"copyq"
"kdeconnectd"
"kdeconnect-indicator"
];

14
modules/home/desktop/hyprland/hyprpaper.nix
View File

@@ -5,15 +5,13 @@
settings = {
ipc = "on";
splash = false;
splash_offset = 2.0;
splash_offset = 20;
preload = [
"~/Wallpapers/mountain.jpg"
];
wallpaper = [
", ~/Wallpapers/mountain.jpg"
];
wallpaper = {
monitor = "";
path = "~/Wallpapers/new/sunset-pixel.png";
fit_mode = "";
};
};
};

225
modules/home/desktop/mango/default.nix Normal file
View File

@@ -0,0 +1,225 @@
{inputs, ...}: {
imports = [
inputs.mango.hmModules.mango
];
wayland.windowManager.mango = {
enable = true;
settings = {
# Monitors
monitorrule = [
"name:eDP-1, width:2560, height:1440, refresh:165, x:0, y:10, vrr:1"
"name:HDMI-A-1, width:2560, height:1440, refresh:100, x:0, y:-1440, vrr:1"
];
# Keyboard
repeat_rate = 25;
repeat_delay = 600;
numlockon = 0;
xkb_rules_layout = "us";
# Trackpad
disable_trackpad = 0;
tap_to_click = 1;
tap_and_drag = 1;
drag_lock = 1;
trackpad_natural_scrolling = 1;
disable_while_typing = 1;
left_handed = 0;
middle_button_emulation = 0;
swipe_min_threshold = 1;
# Mouse
mouse_natural_scrolling = 0;
accel_profile = 0;
# Theme
border_radius = 8;
no_radius_when_single = 0;
focused_opacity = 1.0;
unfocused_opacity = 1.0;
# Scroller Layout Setting
scroller_structs = 0;
scroller_default_proportion = 0.5;
scroller_ignore_proportion_single = 0;
scroller_default_proportion_single = 1.0;
# Master-Stack Layout Setting
new_is_master = 0;
default_mfact = 0.5;
default_nmaster = 1;
smartgaps = 0;
# Overview Setting
hotarea_size = 10;
enable_hotarea = 1;
ov_tab_mode = 0;
overviewgappi = 15;
overviewgappo = 15;
# layouts
tagrule = [
"id:1, layout_name:tile"
"id:2, layout_name:tile"
"id:3, layout_name:tile"
"id:4, layout_name:tile"
"id:5, layout_name:tile"
"id:6, layout_name:scroller"
];
# Keybindings
mousebind = [
"SUPER, btn_left, moveresize, curmove"
"SUPER, btn_right, moveresize, curresize"
];
gesturebind = [
"none, right, 3, viewtoleft_have_client"
"none, up, 3, toggleoverview"
"none, down, 3, toggleoverview"
];
bind = [
# apps
"SUPER, Return, spawn, wezterm"
"SUPER, Space, spawn, vicinae toggle"
"SUPER, B, spawn, brave"
"SUPER, V, spawn, vicinae vicinae://extensions/vicinae/clipboard/history"
"SUPER+SHIFT, W, spawn, vicinae vicinae://extensions/sovereign/awww-switcher/wpgrid"
# WM
"SUPER, Q, killclient"
"SUPER+SHIFT, R, reload_config"
"SUPER+SHIFT, F, togglefullscreen"
"SUPER+SHIFT, Space, togglefloating"
"ALT, Tab, toggleoverview"
"ALT+SHIFT, minus, incgaps, -1"
"ALT+SHIFT, equal, incgaps, 1"
"ALT+SHIFT, R, togglegaps"
# switch layout
"SUPER+SHIFT, H, setlayout, tile"
"SUPER+SHIFT, V, setlayout, vertical_tile"
"SUPER+SHIFT, S, setlayout, scroller"
# resize client
"SUPER+CTRL, Up, resizewin, +0, -50"
"SUPER+CTRL, Down, resizewin, +0, +50"
"SUPER+CTRL, Left, resizewin, -50, +0"
"SUPER+CTRL, Right, resizewin, +50, +0"
# swap client
"SUPER+SHIFT, Up, exchange_client, up"
"SUPER+SHIFT, Down, exchange_client, down"
"SUPER+SHIFT, Left, exchange_client, left"
"SUPER+SHIFT, Right, exchange_client, right"
# switch client focus
"SUPER, Tab, focusstack, next"
"SUPER, Left, focusdir, left"
"SUPER, Right, focusdir, right"
"SUPER, Up, focusdir, up"
"SUPER, Down, focusdir, down"
# switch view
"SUPER, 1, view, 1, 0"
"SUPER, 2, view, 2, 0"
"SUPER, 3, view, 3, 0"
"SUPER, 4, view, 4, 0"
"SUPER, 5, view, 5, 0"
"SUPER, 6, view, 6, 0"
# move client to the tag with focus
"SUPER+SHIFT, 1, tagsilent, 1, 0"
"SUPER+SHIFT, 2, tagsilent, 2, 0"
"SUPER+SHIFT, 3, tagsilent, 3, 0"
"SUPER+SHIFT, 4, tagsilent, 4, 0"
"SUPER+SHIFT, 5, tagsilent, 5, 0"
"SUPER+SHIFT, 6, tagsilent, 6, 0"
# move client to the tag without focus
"SUPER+ALT, 1, tag, 1, 0"
"SUPER+ALT, 2, tag, 2, 0"
"SUPER+ALT, 3, tag, 3, 0"
"SUPER+ALT, 4, tag, 4, 0"
"SUPER+ALT, 5, tag, 5, 0"
"SUPER+ALT, 6, tag, 6, 0"
];
# Window effect
blur = 0;
blur_layer = 0;
blur_optimized = 1;
blur_params_num_passes = 2;
blur_params_radius = 5;
blur_params_noise = 0.02;
blur_params_brightness = 0.9;
blur_params_contrast = 0.9;
blur_params_saturation = 1.2;
shadows = 0;
layer_shadows = 0;
shadow_only_floating = 1;
shadows_size = 10;
shadows_blur = 15;
shadows_position_x = 0;
shadows_position_y = 0;
shadowscolor = "0x000000ff";
# Animation
animations = 1;
layer_animations = 1;
animation_type_open = "slide";
animation_type_close = "fade";
animation_fade_in = 1;
animation_fade_out = 1;
tag_animation_direction = 1;
zoom_initial_ratio = 0.3;
zoom_end_ratio = 0.8;
fadein_begin_opacity = 0.5;
fadeout_begin_opacity = 0.8;
animation_duration_move = 100;
animation_duration_open = 100;
animation_duration_close = 100;
animation_duration_tag = 200;
animation_duration_focus = 0;
animation_curve_open = "0.46, 1.0, 0.29, 1";
animation_curve_move = "0.46, 1.0, 0.29, 1";
animation_curve_tag = "0.46, 1.0, 0.29, 1";
animation_curve_close = "0.08, 0.92, 0, 1";
animation_curve_focus = "0.46, 1.0, 0.29, 1";
animation_curve_opafadeout = "0.5, 0.5, 0.5, 0.5";
animation_curve_opafadein = "0.46, 1.0, 0.29, 1";
# Appearance
borderpx = 0;
gappih = 10;
gappiv = 10;
gappoh = 10;
gappov = 10;
rootcolor = "0x201b14ff";
bordercolor = "0x444444ff";
focuscolor = "0xc9b890ff";
maximizescreencolor = "0x89aa61ff";
urgentcolor = "0xad401fff";
scratchpadcolor = "0x516c93ff";
globalcolor = "0xb153a7ff";
overlaycolor = "0x14a57cff";
# Misc
syncobj_enable = 1;
exec-once = [
"awww-daemon"
"kdeconnectd"
"kdeconnect-indicator"
"dbus-update-activation-environment --systemd --all; systemctl --user reset-failed && systemctl --user start mango-session.target"
];
};
};
}

32
modules/home/desktop/utils/default.nix Normal file
View File

@@ -0,0 +1,32 @@
{pkgs, ...}: {
programs.satty = {
enable = true;
settings = {
general = {
corner-roundness = 12;
initial-tool = "arrow";
early-exit = true;
copy-command = "wl-copy";
};
font = {
family = "JetBrainsMono NerdFont";
};
};
};
home.packages = with pkgs; [
grim
slurp
hyprshot
wl-clipboard
wl-screenrec
(writeShellScriptBin "hypr-screenshot" ''
hyprshot -m region -r ppm - | satty --filename -
'')
(writeShellScriptBin "hypr-screenrecord" ''
wl-screenrec -g "$(slurp)"
'')
];
}

70
modules/home/desktop/vicinae/default.nix Normal file
View File

@@ -0,0 +1,70 @@
{
pkgs,
config,
...
}: {
programs.vicinae = {
enable = true;
systemd = {
enable = true;
autoStart = true;
};
useLayerShell = true;
extensions = with pkgs.vicinae-extensions; [
bluetooth
nix
ssh
awww-switcher
process-manager
pulseaudio
wifi-commander
port-killer
silverbullet
];
settings = {
close_on_focus_loss = false;
consider_preedit = true;
pop_to_root_on_close = true;
favicon_service = "twenty";
search_files_in_root = true;
font = {
normal = {
size = 10;
family = "JetBrainsMono Nerd Font";
};
};
theme = {
light = {
name = "vicinae-light";
icon_theme = "default";
};
dark = {
name = "vicinae-dark";
icon_theme = "default";
};
};
launcher_window = {
opacity = 0.98;
};
imports = ["/run/secrets/vicinae.json"];
providers = {
"@samlinville/store.raycast.tailscale" = {
"preferences" = {
"tailscalePath" = "${pkgs.tailscale}/bin/tailscale";
};
};
"@sovereign/vicinae-extension-awww-switcher-0" = {
"preferences" = {
"transitionDuration" = "1";
"transitionType" = "center";
"wallpaperPath" = "/home/tux/Wallpapers/";
};
};
};
};
};
}

4
modules/home/fastfetch/default.nix
View File

@@ -42,10 +42,6 @@
"key": " \u001b[11D{#32} shell",
"type": "shell",
},
{
"key": " \u001b[11D{#35}󰏖 pkgs",
"type": "packages",
},
{
"key": " \u001b[11D{#35} memory",
"type": "memory",

2
modules/home/ghostty/default.nix
View File

@@ -7,7 +7,7 @@
window-padding-x = 10
window-padding-y = 10
background-opacity = 0.9
font-size = 14
font-size = 12
palette = 0=#252b37
palette = 1=#d0679d

8
modules/home/git/default.nix
View File

@@ -5,13 +5,15 @@
}: {
programs.git = {
enable = true;
userName = "${username}";
userEmail = "${email}";
signing = {
key = "~/.ssh/id_ed25519.pub";
signByDefault = true;
};
extraConfig = {
settings = {
user = {
name = "${username}";
email = "${email}";
};
init.defaultBranch = "main";
commit.gpgSign = true;
gpg.format = "ssh";

19
modules/home/lan-mouse/default.nix Normal file
View File

@@ -0,0 +1,19 @@
{inputs, ...}: {
imports = [
inputs.lan-mouse.homeManagerModules.default
];
programs.lan-mouse = {
enable = true;
systemd = true;
settings = {
# release_bind = ["KeyA" "KeyS" "KeyD" "KeyF"];
port = 4242;
authorized_fingerprints = {
"30:66:b3:95:dc:6b:55:a4:9f:30:31:9c:3e:4d:70:03:33:c3:f0:6f:df:31:35:58:36:6e:80:2f:32:b2:ce:48" = "pc";
};
};
};
}

6
modules/home/obs-studio/default.nix
View File

@@ -1,6 +0,0 @@
{pkgs, ...}: {
programs.obs-studio = {
enable = true;
plugins = with pkgs.obs-studio-plugins; [obs-vaapi];
};
}

2
modules/home/picom/default.nix
View File

@@ -1,7 +1,7 @@
{pkgs, ...}: {
services.picom = {
enable = true;
package = pkgs.picom-next;
package = pkgs.picom;
backend = "glx";
vSync = true;

5
modules/home/shell/default.nix
View File

@@ -78,12 +78,13 @@
termshark
solc
dig
lsof
python312
python312Packages.pipx
nodejs
nodePackages.pnpm
nodePackages.yarn
pnpm
yarn
rustup
bun
nixpkgs-fmt

4
modules/home/shell/open-code.nix
View File

@@ -1,8 +1,10 @@
{
programs.opencode = {
enable = true;
settings = {
tui = {
theme = "system";
};
settings = {
provider = {
google = {
options = {

13
modules/home/spotify/default.nix
View File

@@ -1,4 +1,17 @@
{
services.spotifyd = {
enable = true;
settings = {
global = {
device_name = "canopus";
device_type = "computer";
bitrate = 320;
initial_volume = 100;
autoplay = true;
};
};
};
programs.spotify-player = {
enable = true;
settings = {

12
modules/home/wezterm/default.nix
View File

@@ -1,17 +1,15 @@
{
inputs,
pkgs,
...
}: {
{pkgs, ...}: {
programs.wezterm = {
enable = true;
package = inputs.wezterm-flake.packages."${pkgs.system}".default;
package = pkgs.wezterm-git;
enableZshIntegration = false;
extraConfig = ''
local wezterm = require 'wezterm'
local config = {}
config.check_for_updates = false
config.window_close_confirmation = 'NeverPrompt'
config.color_scheme = 'Poimandres'
config.colors = {
@@ -21,7 +19,7 @@
config.font = wezterm.font_with_fallback {
'JetBrainsMono Nerd Font',
}
config.font_size = 14.0
config.font_size = 12.0
config.window_background_opacity = 1
config.audible_bell = "Disabled"

2
modules/nixos/desktop/awesome/default.nix
View File

@@ -48,7 +48,7 @@
polkit_gnome
xdotool
xclip
xorg.xbacklight
xbacklight
gpick
alsa-utils
pavucontrol

44
modules/nixos/desktop/default.nix
View File

@@ -1,4 +1,23 @@
{...}: {
{pkgs, ...}: {
services = {
displayManager = {
defaultSession = "none+awesome";
ly = {
enable = true;
settings = {
session_log = "null";
};
};
};
acpid.enable = true;
picom.enable = true;
upower.enable = true;
blueman.enable = true;
};
programs.dconf.enable = true;
xdg.mime = {
enable = true;
defaultApplications = {
@@ -10,4 +29,27 @@
"x-scheme-handler/unknown" = ["brave-browser.desktop"];
};
};
environment.systemPackages = with pkgs; [
acpi
linuxKernel.packages.linux_zen.acpi_call
inotify-tools
polkit_gnome
xdotool
xclip
xbacklight
gpick
alsa-utils
pavucontrol
brightnessctl
libnotify
feh
maim
mpdris2
xdg-utils
playerctl
pulsemixer
easyeffects
procps
];
}

26
modules/nixos/desktop/mango/default.nix Normal file
View File

@@ -0,0 +1,26 @@
{
inputs,
pkgs,
lib,
...
}: {
imports = [
inputs.mango.nixosModules.mango
];
programs.mango.enable = true;
xdg.portal = {
enable = lib.mkDefault true;
extraPortals = with pkgs; [
hyprland-git.xdg-desktop-portal-hyprland
xdg-desktop-portal-wlr
xdg-desktop-portal-gtk
];
config.mango = {
default = lib.mkForce ["hyprland" "gtk"];
"org.freedesktop.impl.portal.ScreenCast" = lib.mkForce ["hyprland"];
"org.freedesktop.impl.portal.ScreenShot" = lib.mkForce ["hyprland"];
};
};
}

112
modules/nixos/distrobox.nix Normal file
View File

@@ -0,0 +1,112 @@
{
config,
pkgs,
lib,
...
}:
with lib; let
cfg = config.tux.packages.distrobox;
in {
options.tux.packages.distrobox = {
enable = mkEnableOption "Enable DistroBox";
};
config = mkIf cfg.enable {
environment.systemPackages = with pkgs; [
distrobox
(writeShellScriptBin "dbox-create" ''
#!/usr/bin/env bash
# 1. Initialize variables
IMAGE=""
NAME=""
# Array to hold optional arguments (like volumes)
declare -a EXTRA_ARGS
# 2. Parse arguments
while [[ $# -gt 0 ]]; do
case $1 in
-i|--image)
IMAGE="$2"
shift 2
;;
-n|--name)
NAME="$2"
shift 2
;;
-p|--profile)
echo ":: Profile mode enabled: Mounting Nix store and user profiles (Read-Only)"
# Add volume flags to the array
EXTRA_ARGS+=( "--volume" "/nix/store:/nix/store:ro" )
EXTRA_ARGS+=( "--volume" "/etc/profiles/per-user:/etc/profiles/per-user:ro" )
EXTRA_ARGS+=( "--volume" "/etc/static/profiles/per-user:/etc/static/profiles/per-user:ro" )
shift 1
;;
*)
echo "Unknown option $1"
exit 1
;;
esac
done
if [ -z "$IMAGE" ] || [ -z "$NAME" ]; then
echo "Usage: dbox-create -i <image> -n <name> [-p]"
exit 1
fi
# 3. Define the custom home path
CUSTOM_HOME="$HOME/Distrobox/$NAME"
echo "------------------------------------------------"
echo "Creating Distrobox: $NAME"
echo "Location: $CUSTOM_HOME"
echo "------------------------------------------------"
# 4. Run Distrobox Create
# We expand "''${EXTRA_ARGS[@]}" to properly pass the volume arguments
${pkgs.distrobox}/bin/distrobox create \
--image "$IMAGE" \
--name "$NAME" \
--home "$CUSTOM_HOME" \
"''${EXTRA_ARGS[@]}"
# Check exit code
if [ $? -ne 0 ]; then
echo "Error: Distrobox creation failed."
exit 1
fi
# 5. Post-Creation: Symlink Config Files
echo "--> Linking configurations to $NAME..."
# Helper function to symlink
link_config() {
SRC="$1"
DEST="$2"
DEST_DIR=$(dirname "$DEST")
# Create parent directory if it doesn't exist
mkdir -p "$DEST_DIR"
if [ -e "$SRC" ]; then
# ln -sf: symbolic link, force overwrite
ln -sf "$SRC" "$DEST"
echo " [LINK] $DEST -> $SRC"
else
echo " [SKIP] $SRC not found on host"
fi
}
# Create Symlinks
link_config "$HOME/.zshrc" "$CUSTOM_HOME/.zshrc"
link_config "$HOME/.zshenv" "$CUSTOM_HOME/.zshenv"
link_config "$HOME/.config/fastfetch" "$CUSTOM_HOME/.config/fastfetch"
link_config "$HOME/.config/starship.toml" "$CUSTOM_HOME/.config/starship.toml"
echo "--> Done! Enter via: distrobox enter $NAME"
'')
];
};
}

7
modules/nixos/obs-studio.nix Normal file
View File

@@ -0,0 +1,7 @@
{pkgs, ...}: {
programs.obs-studio = {
enable = true;
enableVirtualCamera = true;
plugins = with pkgs.obs-studio-plugins; [obs-vaapi wlrobs obs-source-record];
};
}

61
modules/nixos/selfhosted/containers/aiostreams.nix Normal file
View File

@@ -0,0 +1,61 @@
{
config,
lib,
...
}:
with lib; let
cfg = config.tux.containers.aiostreams;
in {
options.tux.containers.aiostreams = {
enable = mkEnableOption "Enable AIOStreams";
port = mkOption {
type = types.int;
default = 3000;
};
dataDir = mkOption {
type = types.path;
default = "/var/lib/aiostreams";
description = "Directory to store persistent AIOStreams data";
};
environment = mkOption {
type = with types; attrsOf str;
default = {};
};
environmentFiles = mkOption {
type = with types; listOf path;
default = [];
};
};
config = mkIf cfg.enable {
virtualisation.oci-containers.containers.aiostreams = {
autoStart = true;
image = "ghcr.io/viren070/aiostreams:latest";
ports = [
"${toString cfg.port}:3000"
];
environment = cfg.environment;
environmentFiles = cfg.environmentFiles;
volumes = [
"${cfg.dataDir}:/app/data"
];
};
services.nginx.virtualHosts = {
"${cfg.environment.ADDON_ID}" = {
forceSSL = true;
useACMEHost = "tux.rs";
locations = {
"/" = {
proxyPass = "http://localhost:${toString cfg.port}";
};
};
};
};
};
}

6
modules/nixos/selfhosted/nextcloud.nix
View File

@@ -19,7 +19,7 @@
nextcloud = {
enable = true;
hostName = "cloud.tux.rs";
package = pkgs.nextcloud31;
package = pkgs.nextcloud32;
database.createLocally = true;
configureRedis = true;
maxUploadSize = "16G";
@@ -44,5 +44,7 @@
};
};
environment.systemPackages = with pkgs; [nextcloud31];
environment.systemPackages = with pkgs; [
nextcloud32
];
}

32
modules/nixos/selfhosted/umami.nix Normal file
View File

@@ -0,0 +1,32 @@
{
lib,
config,
...
}: {
services = {
umami = {
enable = true;
settings = {
APP_SECRET_FILE = config.sops.secrets.umami.path;
PORT = 4645;
};
createPostgresqlDatabase = true;
};
nginx = {
enable = lib.mkForce true;
virtualHosts = {
"umami.tux.rs" = {
forceSSL = true;
useACMEHost = "tux.rs";
locations = {
"/" = {
proxyPass = "http://localhost:${toString config.services.umami.settings.PORT}";
proxyWebsockets = true;
};
};
};
};
};
};
}

3
modules/nixos/virtualisation/qemu.nix
View File

@@ -8,10 +8,9 @@
enable = true;
qemu = {
swtpm.enable = true;
ovmf.enable = true;
ovmf.packages = [pkgs.OVMFFull.fd];
};
};
spiceUSBRedirection.enable = true;
};
users.users.${username}.extraGroups = ["libvirtd"];

27
overlays/default.nix
View File

@@ -2,24 +2,27 @@
additions = final: _prev: import ../pkgs {pkgs = final;};
modifications = final: prev: {
awesome = inputs.nixpkgs-f2k.packages.${prev.system}.awesome-git;
ghostty = inputs.ghostty.packages.${prev.system}.default;
tawm = inputs.tawm.packages.${prev.system}.default;
tnvim = inputs.tnvim.packages.${prev.system}.default;
tpanel = inputs.tpanel.packages.${prev.system}.default;
ags = inputs.tpanel.packages.${prev.system}.ags.default;
tfolio = inputs.tfolio.packages.${prev.system}.default;
trok = inputs.trok.packages.${prev.system}.default;
cyber-tux = inputs.cyber-tux.packages.${prev.system}.default;
hyprland-git = inputs.hyprland.packages.${prev.system};
hyprland-plugins = inputs.hyprland-plugins.packages.${prev.system};
awesome = inputs.nixpkgs-f2k.packages.${prev.stdenv.hostPlatform.system}.awesome-git;
ghostty = inputs.ghostty.packages.${prev.stdenv.hostPlatform.system}.default;
tawm = inputs.tawm.packages.${prev.stdenv.hostPlatform.system}.default;
tnvim = inputs.tnvim.packages.${prev.stdenv.hostPlatform.system}.default;
tpanel = inputs.tpanel.packages.${prev.stdenv.hostPlatform.system}.default;
ags = inputs.tpanel.packages.${prev.stdenv.hostPlatform.system}.ags.default;
tfolio = inputs.tfolio.packages.${prev.stdenv.hostPlatform.system}.default;
trok = inputs.trok.packages.${prev.stdenv.hostPlatform.system}.default;
cyber-tux = inputs.cyber-tux.packages.${prev.stdenv.hostPlatform.system}.default;
hyprland-git = inputs.hyprland.packages.${prev.stdenv.hostPlatform.system};
hyprland-plugins = inputs.hyprland-plugins.packages.${prev.stdenv.hostPlatform.system};
wezterm-git = inputs.wezterm-flake.packages.${prev.stdenv.hostPlatform.system}.default;
awww = inputs.awww.packages.${prev.stdenv.hostPlatform.system}.awww;
vicinae-extensions = inputs.vicinae-extensions.packages.${prev.stdenv.hostPlatform.system};
};
# When applied, the stable nixpkgs set (declared in the flake inputs) will
# be accessible through 'pkgs.stable'
stable-packages = final: _prev: {
stable = import inputs.nixpkgs-stable {
system = final.system;
system = final.stdenv.hostPlatform.system;
config.allowUnfree = true;
};
};

3
pkgs/firefox-mod-blur/default.nix
View File

@@ -11,14 +11,13 @@ stdenv.mkDerivation {
owner = "datguypiko";
repo = "Firefox-Mod-Blur";
rev = "refs/heads/master";
sha256 = "sha256-BZ1NvKQwUDTMxQHEKX61PvD99cTDmBURSUKEKZNQDR4=";
sha256 = "sha256-PX26cPYKU5ERgmcMrpCyFGwLE2a2w80z2zPn28xJq/U=";
};
installPhase = ''
mkdir $out
cp -r * "$out/"
cp -r "$out/EXTRA MODS/Bookmarks Bar Mods/Bookmarks bar same color as toolbar/bookmarks_bar_same_color_as_toolbar.css" "$out/"
cp -r "$out/EXTRA MODS/Search Bar Mods/Search box - No search engine buttons/no_search_engines_in_url_bar.css" "$out/"
'';
meta = with lib; {