tux/nix-config
1
0
Fork 0
mirror of https://github.com/tuxdotrs/nix-config.git synced 2026-05-06 18:16:31 +05:30
Code Issues Actions Packages Projects Releases Wiki Activity

Compare commits

base: tux:51ed6c6d2c0db42e0fb4e156f24217650ddded19
Branches Tags
tux:main tux:dev tux:old
tux:25.11.2025
..
compare: tux:dev
Branches Tags
tux:dev tux:main tux:old
tux:25.11.2025

15 Commits
51ed6c6d2c ... dev

Author SHA1 Message Date
tux
a62346367f start fresh rewrite 2026-05-02 14:48:41 +05:30
tux
31d65fafa8 feat(canopus): switch supergfxd mode to Integrated 2026-05-01 16:30:49 +05:30
tux
7194dbdaf6 chore: update flake 2026-04-27 14:32:13 +05:30
tux
428c5c5717 feat: restore config path 2026-04-27 14:31:43 +05:30
tux
5971087593 feat: add zed to persist dir 2026-04-27 01:37:25 +05:30
tux
e3bafff8f8 feat: update flake 2026-04-26 15:19:25 +05:30
tux
6e78c0b6c2 feat: switch default browser to brave 2026-04-21 15:18:51 +05:30
tux
99863948b4 feat(canopus): increase max freq 2026-03-27 21:38:01 +05:30
tux
1b526b5633 feat(hyprland): add brightness gesture 2026-03-27 21:35:16 +05:30
tux
489e7e6e2a feat: switch to integrated mode 2026-03-27 21:35:05 +05:30
tux
da97041c2a style: format code 2026-03-27 21:34:50 +05:30
tux
595cf577b4 feat: add davinci resolve 2026-02-28 01:24:11 +05:30
tux
214d86c1c6 chore: update tnvim flake input 2026-02-26 18:38:10 +05:30
tux
e95a103952 chore: update tpanel flake input 2026-02-26 07:46:59 +05:30
tux
6403fab5af feat(obs): add source record plugin 2026-02-25 13:24:36 +05:30
208 changed files with 0 additions and 9914 deletions
Expand all files Collapse all files

57
.sops.yaml
View File

@@ -1,57 +0,0 @@
keys:
- &users
- &tux age14vktfes95f33vuefwnmuvryas7az04u76dsgyhfvsx73czkvmp2q7njkl4
- &hosts
- &sirius age1f860dfewlx5jtt9ejr47gywx70p3dmyc8mat29gpr75psljwjv8q5xyxkq
- &canopus age1x36yr8h993srfj29sfpzt4wyz52nztvncpmhgmfs0j26qvfecq3qvcm0an
- &homelab age1jg642q775gmnmxeu29gcf3lph8vem4xr8t84cxe809dpd0myrussh49h60
- &arcturus age1zsl5d4vj6gl3h96y5p53sq5y4vr4vtlwp727h7rp9a4xfkxm53lqrh6r50
- &alpha age1zujp5gxy7suv8ysnygv43cmzuvv36nxfg0ch7r3xg2emc6fz3vmqqujheq
- &vega age1ydkclhk9kwqdq74utesqdfupt43lz64d5k65gz2z9uyljcqq9fcq3hv28l
- &node age1put942dyhly8nk9c8n0h8tq0x6xplrg3uw5q0d2jmvwez3zq79qsapl7he
- &capella age1y4luzn2jls7rvgphej23srvdlx563lxq29tvf66vhwwzaf7c3f3qzvresh
creation_rules:
- path_regex: hosts/common/secrets.yaml$
key_groups:
- age:
- *tux
- *sirius
- *canopus
- *homelab
- *arcturus
- *alpha
- *vega
- *node
- *capella
- path_regex: hosts/sirius/secrets.yaml$
key_groups:
- age:
- *tux
- *sirius
- path_regex: hosts/canopus/secrets.yaml$
key_groups:
- age:
- *tux
- *canopus
- path_regex: hosts/arcturus/secrets.yaml$
key_groups:
- age:
- *tux
- *arcturus
- path_regex: hosts/alpha/secrets.yaml$
key_groups:
- age:
- *tux
- *alpha
- path_regex: hosts/capella/secrets.yaml$
key_groups:
- age:
- *tux
- *capella
- path_regex: hosts/homelab/secrets.yaml$
key_groups:
- age:
- *tux
- *homelab

2163
flake.lock generated
View File

File diff suppressed because it is too large Load Diff

183
flake.nix
View File

@@ -1,183 +0,0 @@
{
description = "tux's Nix Flake";
outputs = {
self,
nixpkgs,
deploy-rs,
...
} @ inputs: let
inherit (self) outputs;
inherit (inputs.nixpkgs.lib) nixosSystem;
inherit (inputs.nix-on-droid.lib) nixOnDroidConfiguration;
forAllSystems = nixpkgs.lib.genAttrs [
"x86_64-linux"
"aarch64-linux"
];
username = "tux";
email = "t@tux.rs";
mkNixOSConfig = host: {
specialArgs = {inherit inputs outputs username email;};
modules = [./hosts/${host}];
};
mkDroidConfig = host: {
pkgs = import nixpkgs {system = "aarch64-linux";};
extraSpecialArgs = {inherit inputs outputs username email;};
modules = [./hosts/${host}];
};
mkNixOSNode = hostname: {
inherit hostname;
profiles.system = {
user = "root";
path = deploy-rs.lib.x86_64-linux.activate.nixos self.nixosConfigurations.${hostname};
};
};
activateNixOnDroid = configuration:
deploy-rs.lib.aarch64-linux.activate.custom
configuration.activationPackage
"${configuration.activationPackage}/activate";
mkDroidNode = hostname: {
inherit hostname;
profiles.system = {
sshUser = "nix-on-droid";
user = "nix-on-droid";
magicRollback = true;
sshOpts = ["-p" "8033"];
path = activateNixOnDroid self.nixOnDroidConfigurations.${hostname};
};
};
in {
packages = forAllSystems (system: import ./pkgs nixpkgs.legacyPackages.${system});
formatter = forAllSystems (system: nixpkgs.legacyPackages.${system}.alejandra);
# Custom packages and modifications, exported as overlays
overlays = import ./overlays {inherit inputs;};
# NixOS configuration entrypoint
# 'nixos-rebuild switch --flake .#your-hostname'
nixosConfigurations = {
arcturus = nixosSystem (mkNixOSConfig "arcturus");
canopus = nixosSystem (mkNixOSConfig "canopus");
alpha = nixosSystem (mkNixOSConfig "alpha");
sirius = nixosSystem (mkNixOSConfig "sirius");
vega = nixosSystem (mkNixOSConfig "vega");
node = nixosSystem (mkNixOSConfig "node");
vps = nixosSystem (mkNixOSConfig "vps");
isoImage = nixosSystem (mkNixOSConfig "isoImage");
homelab = nixosSystem (mkNixOSConfig "homelab");
};
# NixOnDroid configuration entrypoint
# 'nix-on-droid switch --flake .#your-hostname'
nixOnDroidConfigurations = {
capella = nixOnDroidConfiguration (mkDroidConfig "capella");
rigel = nixOnDroidConfiguration (mkDroidConfig "rigel");
};
deploy = {
nodes = {
arcturus = mkNixOSNode "arcturus";
canopus = mkNixOSNode "canopus";
alpha = mkNixOSNode "alpha";
sirius = mkNixOSNode "sirius";
vega = mkNixOSNode "vega";
node = mkNixOSNode "node";
homelab = mkNixOSNode "homelab";
capella = mkDroidNode "capella";
rigel = mkDroidNode "rigel";
};
};
checks = builtins.mapAttrs (system: deployLib: deployLib.deployChecks self.deploy) deploy-rs.lib;
};
inputs = {
nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable";
nixpkgs-stable.url = "github:nixos/nixpkgs/release-24.11";
nixos-wsl = {
url = "github:nix-community/nixos-wsl";
inputs.nixpkgs.follows = "nixpkgs";
};
home-manager = {
url = "github:nix-community/home-manager";
inputs.nixpkgs.follows = "nixpkgs";
};
nix-vscode-extensions = {
url = "github:nix-community/nix-vscode-extensions";
inputs.nixpkgs.follows = "nixpkgs";
};
wezterm-flake = {
url = "github:wez/wezterm/main?dir=nix";
inputs.nixpkgs.follows = "nixpkgs";
};
disko = {
url = "github:nix-community/disko";
inputs.nixpkgs.follows = "nixpkgs";
};
nix-secrets = {
url = "git+ssh://git@github.com/tuxdotrs/nix-secrets.git?shallow=1";
inputs.nixpkgs.follows = "nixpkgs";
};
nix-on-droid = {
url = "github:nix-community/nix-on-droid/release-24.05";
inputs.nixpkgs.follows = "nixpkgs";
inputs.home-manager.follows = "home-manager";
};
tawm = {
url = "github:tuxdotrs/tawm";
inputs.nixpkgs.follows = "nixpkgs";
};
tnvim = {
url = "github:tuxdotrs/tnvim";
inputs.nixpkgs.follows = "nixpkgs";
};
trok = {
url = "github:tuxdotrs/trok";
inputs.nixpkgs.follows = "nixpkgs";
};
tpanel = {
url = "github:tuxdotrs/tpanel";
inputs.nixpkgs.follows = "nixpkgs";
};
tfolio = {
url = "git+ssh://git@github.com/tuxdotrs/tfolio.git";
inputs.nixpkgs.follows = "nixpkgs";
};
cyber-tux = {
url = "git+ssh://git@github.com/tuxdotrs/cyber-tux.git";
inputs.nixpkgs.follows = "nixpkgs";
};
nix-index-database = {
url = "github:nix-community/nix-index-database";
inputs.nixpkgs.follows = "nixpkgs";
};
hyprland.url = "github:hyprwm/Hyprland";
hyprland-plugins = {
url = "github:hyprwm/hyprland-plugins";
inputs.hyprland.follows = "hyprland";
};
mango = {
url = "github:DreamMaoMao/mango";
inputs.nixpkgs.follows = "nixpkgs";
};
vicinae-extensions = {
url = "github:vicinaehq/extensions";
inputs.nixpkgs.follows = "nixpkgs";
};
awww.url = "git+https://codeberg.org/LGFae/awww";
ghostty.url = "github:ghostty-org/ghostty";
nixos-hardware.url = "github:nixos/nixos-hardware";
nixpkgs-f2k.url = "github:moni-dz/nixpkgs-f2k";
nur.url = "github:nix-community/nur";
sops-nix.url = "github:Mic92/sops-nix";
impermanence.url = "github:nix-community/impermanence";
deploy-rs.url = "github:serokell/deploy-rs";
nixcord.url = "github:kaylorben/nixcord";
lan-mouse.url = "github:feschber/lan-mouse";
};
}

164
hosts/alpha/default.nix
View File

@@ -1,164 +0,0 @@
{
modulesPath,
inputs,
username,
lib,
email,
config,
...
}: {
imports = [
(modulesPath + "/installer/scan/not-detected.nix")
(modulesPath + "/profiles/qemu-guest.nix")
inputs.disko.nixosModules.default
(import ./disko.nix {device = "/dev/vda";})
../common
../../modules/nixos/selfhosted/uptime-kuma.nix
];
tux.services.openssh.enable = true;
tux.services.openssh.ports = [23];
tux.services.tfolio.enable = true;
tux.services.nginxStreamProxy = {
enable = true;
upstreamServers = inputs.nix-secrets.proxy-servers;
};
sops.secrets = {
borg_encryption_key = {
sopsFile = ./secrets.yaml;
};
"cloudflare_credentials/email" = {
sopsFile = ./secrets.yaml;
};
"cloudflare_credentials/dns_api_token" = {
sopsFile = ./secrets.yaml;
};
};
nixpkgs = {
hostPlatform = "x86_64-linux";
};
boot = {
initrd.systemd = {
enable = lib.mkForce true;
services.wipe-my-fs = {
wantedBy = ["initrd.target"];
after = ["initrd-root-device.target"];
before = ["sysroot.mount"];
unitConfig.DefaultDependencies = "no";
serviceConfig.Type = "oneshot";
script = ''
mkdir /btrfs_tmp
mount /dev/disk/by-partlabel/disk-primary-root /btrfs_tmp
if [[ -e /btrfs_tmp/root ]]; then
mkdir -p /btrfs_tmp/old_roots
timestamp=$(date --date="@$(stat -c %Y /btrfs_tmp/root)" "+%Y-%m-%-d_%H:%M:%S")
mv /btrfs_tmp/root "/btrfs_tmp/old_roots/$timestamp"
fi
delete_subvolume_recursively() {
IFS=$'\n'
for i in $(btrfs subvolume list -o "$1" | cut -f 9- -d ' '); do
delete_subvolume_recursively "/btrfs_tmp/$i"
done
btrfs subvolume delete "$1"
}
for i in $(find /btrfs_tmp/old_roots/ -maxdepth 1 -mtime +30); do
delete_subvolume_recursively "$i"
done
btrfs subvolume create /btrfs_tmp/root
umount /btrfs_tmp
'';
};
};
loader = {
grub = {
efiSupport = true;
efiInstallAsRemovable = true;
};
};
};
networking = {
hostName = "alpha";
firewall = {
enable = true;
allowedTCPPorts = [80 443 22 23];
};
};
security = {
acme = {
acceptTerms = true;
defaults.email = "${email}";
certs = {
"tux.rs" = {
group = "nginx";
domain = "*.tux.rs";
extraDomainNames = ["tux.rs"];
dnsProvider = "cloudflare";
credentialFiles = {
CLOUDFLARE_EMAIL_FILE = config.sops.secrets."cloudflare_credentials/email".path;
CLOUDFLARE_DNS_API_TOKEN_FILE = config.sops.secrets."cloudflare_credentials/dns_api_token".path;
};
};
};
};
};
users.users.nginx.extraGroups = ["acme"];
services = {
nginx = {
recommendedGzipSettings = true;
recommendedOptimisation = true;
recommendedProxySettings = true;
recommendedTlsSettings = true;
};
};
programs = {
zsh.enable = true;
dconf.enable = true;
};
programs.fuse.userAllowOther = true;
fileSystems."/persist".neededForBoot = true;
environment.persistence."/persist" = {
hideMounts = true;
directories = [
"/var/log"
"/var/lib/acme"
"/var/lib/nixos"
"/var/lib/private"
];
files = [
"/etc/ssh/ssh_host_ed25519_key"
"/etc/ssh/ssh_host_ed25519_key.pub"
"/etc/ssh/ssh_host_rsa_key"
"/etc/ssh/ssh_host_rsa_key.pub"
];
};
users.users.${username} = {linger = true;};
home-manager.users.${username} = {
imports = [
./home.nix
];
};
system.stateVersion = "24.11";
}

53
hosts/alpha/disko.nix
View File

@@ -1,53 +0,0 @@
{device ? throw "Set this to the disk device, e.g. /dev/nvme0n1", ...}: {
disko.devices.disk.primary = {
inherit device;
type = "disk";
content = {
type = "gpt"; # GPT partitioning scheme
partitions = {
boot = {
name = "boot";
size = "1M";
type = "EF02";
};
# EFI Partition
ESP = {
size = "512M";
type = "EF00";
content = {
type = "filesystem";
format = "vfat";
mountpoint = "/boot";
mountOptions = ["defaults" "umask=0077"];
};
};
# Btrfs Root Partition
root = {
size = "100%"; # Use remaining space
type = "8300"; # Linux filesystem type
content = {
type = "btrfs";
subvolumes = {
"/root" = {
mountOptions = ["compress=zstd"]; # Compression for better performance
mountpoint = "/"; # Root subvolume
};
"/persist" = {
mountOptions = ["compress=zstd"]; # Compression for persistent data
mountpoint = "/persist"; # Persistent subvolume
};
"/nix" = {
mountOptions = [
"compress=zstd"
"noatime"
"noacl"
]; # Optimize for Nix store
mountpoint = "/nix"; # Nix subvolume
};
};
};
};
};
};
};
}

11
hosts/alpha/home.nix
View File

@@ -1,11 +0,0 @@
{...}: {
home.persistence."/persist" = {
directories = [
"Projects"
".ssh"
".local/share/zsh"
];
};
home.stateVersion = "24.11";
}

28
hosts/alpha/secrets.yaml
View File

@@ -1,28 +0,0 @@
borg_encryption_key: ENC[AES256_GCM,data:EK1f7J4ea80K7LO16pPmkh246xmXoJEiCKzPbiRCmjQ=,iv:3vae+IAAgDx+0NPgml07kbT9kc4RpzDd1oj2Qb6ZqdM=,tag:aXj3IwzfeQ8+tGjSpq76bw==,type:str]
cloudflare_credentials:
email: ENC[AES256_GCM,data:w9ghChGxgV7OVeM=,iv:Qtl/pMmXGjhZ9dMRkxeyEDncGfY/YPy51eJrZ6mOgGg=,tag:oi7OoTf4TnUknblZ3lPDzQ==,type:str]
dns_api_token: ENC[AES256_GCM,data:lMoqQs9MZ646ESJUxN2dtIopNS8P55JARk6wyfaJ8ad9ABvk268oWQ==,iv:Ez4y/kKPsRuIH9mEcpS3IU4j3kK8F6iBBFOnIf9Ck60=,tag:7I0eE8PoohH9KtiHziagrg==,type:str]
sops:
age:
- recipient: age14vktfes95f33vuefwnmuvryas7az04u76dsgyhfvsx73czkvmp2q7njkl4
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB3NjIrVVlPVW9qTU9vMlMw
K3BtRHZaS0h0WmlmMjF3YjhHSFZtNmFzdjNZCjRKQ0UwWTc2L3NOY1AyZnR2K2hF
QkQ4blQvd0paRHd6c3dWaU5XbmV4S28KLS0tIExtWnR0djB5WU9lajVJeU5udlBQ
eDlMemQ1c1FkazlRaDhPUzNBcVh2bWsK544MNSGooJPKL7hxQ+yvPRROw3RER7p8
jbUVxMp4ZD/0ut/qFrKdyvfSPDcDkUR5eBoeaeUBkMAAPL+YeIxKhQ==
-----END AGE ENCRYPTED FILE-----
- recipient: age1zujp5gxy7suv8ysnygv43cmzuvv36nxfg0ch7r3xg2emc6fz3vmqqujheq
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBvWlN0bWNMZTlMM3Mvdmdn
M2M1RzBaNUl3Qkc4Sm5QbmE3cFpuODBNakZzCk9SbjBvM25pK2pGdmRqMXd4eTJu
ZU8vTmtSN1RYK2RmQ01QempKUG43eHMKLS0tIHVINVgvNTluS1grSm1YSHkzalMx
SGM4ditJZFducVNEaDlJSkhuUnpxQzAKvvHbDuTQUpW+O/qtgjAFZlYc4iRRj4G1
BP/QyzuTnpP6PuAG9pJYHx164+uS2Ftog/QnCFD0YAJdJtxaoUHzOw==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2025-07-09T19:44:56Z"
mac: ENC[AES256_GCM,data:1sXY3aEfbsit5hGBdE7x0pbdSLnW67NRNNDTEjS1fI85TaPpMmcgrxxvEDsg1A6psRMdBwFMUIVHH/rf4rkZ9tXSmHZBFTZrTQGn09bPF9yNC0MnJXKkcNcQiQJveg986LMWFwT/WE8PWbeDh7o+ASJF+IgT+5ikq8DMBgoyK/E=,iv:Ssy66et65Oq2WwbF12ubLGk87bSv/KSruf49T7v04NY=,tag:Y89PxwRFlJUBZniS2clybw==,type:str]
unencrypted_suffix: _unencrypted
version: 3.10.2

240
hosts/arcturus/default.nix
View File

@@ -1,240 +0,0 @@
{
modulesPath,
inputs,
username,
lib,
email,
config,
...
}: {
imports = [
(modulesPath + "/installer/scan/not-detected.nix")
(modulesPath + "/profiles/qemu-guest.nix")
inputs.disko.nixosModules.default
(import ./disko.nix {device = "/dev/vda";})
../common
../../modules/nixos/virtualisation/docker.nix
../../modules/nixos/selfhosted/postgresql.nix
../../modules/nixos/selfhosted/headscale.nix
../../modules/nixos/selfhosted/vaultwarden.nix
../../modules/nixos/selfhosted/gitea.nix
../../modules/nixos/selfhosted/umami.nix
../../modules/nixos/selfhosted/monitoring/grafana.nix
../../modules/nixos/selfhosted/monitoring/loki.nix
../../modules/nixos/selfhosted/monitoring/promtail.nix
../../modules/nixos/selfhosted/ntfy-sh.nix
../../modules/nixos/selfhosted/searx.nix
../../modules/nixos/selfhosted/wakapi.nix
../../modules/nixos/selfhosted/silver-bullet.nix
../../modules/nixos/selfhosted/rustdesk-server.nix
../../modules/nixos/selfhosted/open-webui.nix
../../modules/nixos/selfhosted/glance
];
tux.services.openssh.enable = true;
tux.containers.aiostreams = {
enable = true;
port = 4567;
environment = {
ADDON_ID = "aiostreams.tux.rs";
BASE_URL = "https://aiostreams.tux.rs";
};
environmentFiles = [
config.sops.secrets."aiostreams".path
];
};
sops.secrets = {
borg_encryption_key = {
sopsFile = ./secrets.yaml;
};
searx_secret_key = {
sopsFile = ./secrets.yaml;
};
"cloudflare_credentials/email" = {
sopsFile = ./secrets.yaml;
};
"cloudflare_credentials/dns_api_token" = {
sopsFile = ./secrets.yaml;
};
plausible_key = {
sopsFile = ./secrets.yaml;
};
wakapi_salt = {
sopsFile = ./secrets.yaml;
};
silver_bullet = {
sopsFile = ./secrets.yaml;
};
"cs2_secrets/SRCDS_TOKEN" = {
sopsFile = ./secrets.yaml;
};
"cs2_secrets/CS2_RCONPW" = {
sopsFile = ./secrets.yaml;
};
"cs2_secrets/CS2_PW" = {
sopsFile = ./secrets.yaml;
};
aiostreams = {
sopsFile = ./secrets.yaml;
};
umami = {
sopsFile = ./secrets.yaml;
};
};
nixpkgs = {
hostPlatform = "x86_64-linux";
};
boot = {
kernel.sysctl = {
"vm.swappiness" = 10;
};
initrd.systemd = {
enable = lib.mkForce true;
services.wipe-my-fs = {
wantedBy = ["initrd.target"];
after = ["initrd-root-device.target"];
before = ["sysroot.mount"];
unitConfig.DefaultDependencies = "no";
serviceConfig.Type = "oneshot";
script = ''
mkdir /btrfs_tmp
mount /dev/disk/by-partlabel/disk-primary-root /btrfs_tmp
if [[ -e /btrfs_tmp/root ]]; then
mkdir -p /btrfs_tmp/old_roots
timestamp=$(date --date="@$(stat -c %Y /btrfs_tmp/root)" "+%Y-%m-%-d_%H:%M:%S")
mv /btrfs_tmp/root "/btrfs_tmp/old_roots/$timestamp"
fi
delete_subvolume_recursively() {
IFS=$'\n'
for i in $(btrfs subvolume list -o "$1" | cut -f 9- -d ' '); do
delete_subvolume_recursively "/btrfs_tmp/$i"
done
btrfs subvolume delete "$1"
}
for i in $(find /btrfs_tmp/old_roots/ -maxdepth 1 -mtime +30); do
delete_subvolume_recursively "$i"
done
btrfs subvolume create /btrfs_tmp/root
umount /btrfs_tmp
'';
};
};
loader = {
grub = {
efiSupport = true;
efiInstallAsRemovable = true;
configurationLimit = 10;
};
timeout = 1;
};
};
networking = {
hostName = "arcturus";
firewall = {
enable = true;
allowedTCPPorts = [
80
443
22
3333
8081
];
};
};
security = {
acme = {
acceptTerms = true;
defaults.email = "${email}";
certs = {
"tux.rs" = {
group = "nginx";
domain = "*.tux.rs";
extraDomainNames = ["tux.rs"];
dnsProvider = "cloudflare";
credentialFiles = {
CLOUDFLARE_EMAIL_FILE = config.sops.secrets."cloudflare_credentials/email".path;
CLOUDFLARE_DNS_API_TOKEN_FILE = config.sops.secrets."cloudflare_credentials/dns_api_token".path;
};
};
};
};
};
users.users.nginx.extraGroups = ["acme"];
services = {
nginx = {
recommendedTlsSettings = true;
recommendedBrotliSettings = true;
recommendedOptimisation = true;
recommendedGzipSettings = true;
recommendedProxySettings = true;
};
};
programs.fuse.userAllowOther = true;
fileSystems."/persist".neededForBoot = true;
environment.persistence."/persist" = {
hideMounts = true;
directories = [
"/var/log"
"/var/lib/nixos"
"/var/lib/acme"
"/var/lib/postgresql"
"/var/lib/headscale"
"/var/lib/vaultwarden"
"/var/lib/gitea"
"/var/lib/clickhouse"
"/var/lib/grafana"
"/var/lib/promtail"
"/var/lib/private"
"/var/lib/nextcloud"
"/var/lib/silverbullet"
"/var/lib/kasmweb"
"/var/lib/aiostreams"
];
files = [
"/etc/ssh/ssh_host_ed25519_key"
"/etc/ssh/ssh_host_ed25519_key.pub"
"/etc/ssh/ssh_host_rsa_key"
"/etc/ssh/ssh_host_rsa_key.pub"
];
};
users.users.${username} = {
linger = true;
};
home-manager.users.${username} = {
imports = [
./home.nix
];
};
system.stateVersion = "24.11";
}

53
hosts/arcturus/disko.nix
View File

@@ -1,53 +0,0 @@
{device ? throw "Set this to the disk device, e.g. /dev/nvme0n1", ...}: {
disko.devices.disk.primary = {
inherit device;
type = "disk";
content = {
type = "gpt"; # GPT partitioning scheme
partitions = {
boot = {
name = "boot";
size = "1M";
type = "EF02";
};
# EFI Partition
ESP = {
size = "512M";
type = "EF00";
content = {
type = "filesystem";
format = "vfat";
mountpoint = "/boot";
mountOptions = ["defaults" "umask=0077"];
};
};
# Btrfs Root Partition
root = {
size = "100%"; # Use remaining space
type = "8300"; # Linux filesystem type
content = {
type = "btrfs";
subvolumes = {
"/root" = {
mountOptions = ["compress=zstd"]; # Compression for better performance
mountpoint = "/"; # Root subvolume
};
"/persist" = {
mountOptions = ["compress=zstd"]; # Compression for persistent data
mountpoint = "/persist"; # Persistent subvolume
};
"/nix" = {
mountOptions = [
"compress=zstd"
"noatime"
"noacl"
]; # Optimize for Nix store
mountpoint = "/nix"; # Nix subvolume
};
};
};
};
};
};
};
}

12
hosts/arcturus/home.nix
View File

@@ -1,12 +0,0 @@
{...}: {
home.persistence."/persist" = {
directories = [
"Projects"
"Stuff"
".ssh"
".local/share/zsh"
];
};
home.stateVersion = "24.11";
}

39
hosts/arcturus/secrets.yaml
View File

@@ -1,39 +0,0 @@
borg_encryption_key: ENC[AES256_GCM,data:7DZQaoS2a5mPjTej25vr1aO1yAAPyXT2tf/VxKrLxF0=,iv:it8JlyEj4r4Z+qDvoEWMQlGkbVh08M/BCkGLVzRCVKQ=,tag:81gRhru8J3hkQhIbgUOgBg==,type:str]
searx_secret_key: ENC[AES256_GCM,data:Z49PJ2gNI5CI0IfzOta+r67VNUvjoPpMVv5lajGhUMPzSy1KWZC5wIM3d02jWwCOsNjXdU5hE3j9W0rkoy5ZhFPXBJRUEv5b6IcaLA==,iv:364zGZkD2LO189nkvizl8yjedi1IgYEEQMA67SexSSI=,tag:qPqefG6jUaBOpUy6d7E++w==,type:str]
plausible_key: ENC[AES256_GCM,data:Ynf2aJ6RLRdAkT9ltLpCXTl8zg/VESDchlf67PmKjc93rSfDgq9tFqv1q55Km2lDo7y9iLu5WyLLg24CSSwy8Q==,iv:yW5hgP4dhfkvunv3iYmXGEH9w29OOmrG4ourPagslVg=,tag:C5PVfEseP5gJdoQQL4gERQ==,type:str]
wakapi_salt: ENC[AES256_GCM,data:Vk5Lezv0f/0ehHqXXBCsQxWFYE2KFujTfII0r7Gd1BXFrwiPEdX62aZ+9LQx7s1RTHh0n+LP/5t0cmHO/fJhGw==,iv:ZUlRwNXUCQ53Lymi9fO4qoBWjLpHVWfTnYM0Z1I6F5o=,tag:dadkEKV7paH4+qAz7Bxxqg==,type:str]
cloudflare_credentials:
email: ENC[AES256_GCM,data:qesgxkzUglKdYPI=,iv:2XDEoQzmtagSiILWZzJPswdhkQ+qjdZfNd+LL1nHPx8=,tag:K1F23Za2Zq78tzf0fl5zEw==,type:str]
dns_api_token: ENC[AES256_GCM,data:ibSL4KWYhqgHjo27fiSqB1iN9NWU3/qGGuLpmiMpBf+qCuh8uxR7Yw==,iv:NapMvfUSm5rgeROK7KuxGyog8s2PW9CCKtjRG87FoCQ=,tag:/Oah7PRCe4XPts0IYt83zw==,type:str]
nextcloud_password: ENC[AES256_GCM,data:o37mq4YHQT5pbi+cXrk=,iv:8HiDwdHTozNM2lHpgqVhdsspuifppsL2I6Z31xEnYFI=,tag:xTnfn8HcubfiQwLYIkpxjw==,type:str]
silver_bullet: ENC[AES256_GCM,data:tI3Anq2V0Bttw/kN0DYtjdLUB24Q+JiymJt001ie3HfhEVcV3aQhQACTKJ2DbikCZWiet3ve9yqqktudlNTkXk2tk7D1/HQ30ToPzFLSPq6ZY0cxRCMFha9a,iv:gdG59nXnCA7x24vh1xqxocLfAi2/wpFGodCZTJb6Uvg=,tag:Ib1QpryROo6PKWohvLiMVQ==,type:str]
cs2_secrets:
SRCDS_TOKEN: ENC[AES256_GCM,data:SzPz4sHDgEoioX8ylLFM6AUUS60gWYpR3ifxUD8A8IQga24t6GM0dyGDryc=,iv:XefIn9yCLPLKVRA+rZiSGUH3l6ZANIJoGRuM/3vFLIw=,tag:flEjl9c7i3XBlHJaq41QYQ==,type:str]
CS2_RCONPW: ENC[AES256_GCM,data:ZyVeoOngZjxKR/ObYo5yJC1ViCNufuA=,iv:+fJK0sY39V/iH7OjT0AzQq6RefVzLZCDETYcAMFnZNU=,tag:IOhRUQRdffNMXa2cKZvi/w==,type:str]
CS2_PW: ENC[AES256_GCM,data:W1Cur7YT1F/+45vmqif2JbpjVURfnfo=,iv:sBNDM2N+QWDAMculBBZtYZcM7ILEfpwkwOd7ErORQhI=,tag:XFsxTUjctZKU38RQUfJ8HQ==,type:str]
aiostreams: ENC[AES256_GCM,data:2U2EoRUsKr4OIkqrudmIUEp2bABNlSlNUTzR3vtvTfSJVemIGK31iu0SG8aR4tLSQFEZyhIP9M22zZJVWY5hX1UcMEJ1rmtXnaRjTiurRSpTj76pT9plnrjp0NWDcSWY+uhDrAsEko4oPPJEECTT3qMYLXipnzqpPeWsTrNYiuxmfDPcZw==,iv:tHKbtnLMNfY7B2ssE8x0dri9XhA2M6jIj2KOxOsmG2o=,tag:8hjqmniL/P+PfwfYiAdAwA==,type:str]
umami: ENC[AES256_GCM,data:BJN9VpwknBaX+mz6xjq1GX9epM2bukplraPw67TttnLhM9JTmZiela5oFWZiaGjG3Oss3n4WPsPvhC4m28Ah+TQLCoiDFCFqervk228=,iv:YwbJ2/1hXs5Jbqx1dNj1t4ExFS27PWbA4NT9h8/tyU8=,tag:+R1aRF/TaMSGbLDi9GnYwA==,type:str]
sops:
age:
- recipient: age14vktfes95f33vuefwnmuvryas7az04u76dsgyhfvsx73czkvmp2q7njkl4
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB6TGpVMzNDZjNQSkNDQmM3
eXpvZDRPZW9Kbm81Z2VVUVZIckFNUC9zTEZzCmliUkNWS01YMHVRaUoxTS84VmxQ
UDZtbkhmZmdZVWVsaHN3djkwSERGQ1kKLS0tIEh0ckhDTkQvcEM0UFI2MUVXVHI5
WnhEdnRqazdZWmczYXYxNy9BMHdwdEUKYgB34OOezF3iF706pIfDmQ0FJEHXBbGF
EJRNmA4Zl1AwyzkN3NSlctzvxx201T1GWL4qZeyVafRv5jQ9oSfK7g==
-----END AGE ENCRYPTED FILE-----
- recipient: age1zsl5d4vj6gl3h96y5p53sq5y4vr4vtlwp727h7rp9a4xfkxm53lqrh6r50
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBHeXNrT3c1bENOK0lNZWNT
eFBqYm1BRHBhakFQMVVIKzR0SDRDOW9jUXdBCmFIQWZRSnBlOFBralVFakQ2clNY
Q1Nma0pRVHh4L3IwQm1GbTdqb1BUcWsKLS0tIFRQOVIxb1FRc29WSVVERWsxSDhq
NGprRGVyZ2plWVNrM3drM3JSUjM2L0UKuNk5DqYn2DIfRpY72zDRP5BKoVAXtNv9
uLI//8wc7f4I3uBdARQdpRE1fapY1UOJOn3i0yndrZARPEbdohRK1Q==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2026-02-17T13:21:46Z"
mac: ENC[AES256_GCM,data:7OcwTCe7MMFPUlqOIs0PxiJndtcWR1LbgSQ+69VXCCkewiee8suDuSMxn6sF+zb402uqSUitKWWySMEyL42ym0uyKB7+fi46sBj8O7T9uYM6F/wiH7S9Q7nuNaGP6zxj5TlvB//Dkp4n31Oqtg8xCTK+xGsV9mR17Ai0fjCxUBI=,iv:WvnNPF76Oi9vE2fgocvnOJmhuAdKjsoQeVZuFa0KU6Q=,tag:UHA+FhQr+BASkSyPTWHpaQ==,type:str]
unencrypted_suffix: _unencrypted
version: 3.11.0

431
hosts/canopus/default.nix
View File

@@ -1,431 +0,0 @@
{
inputs,
username,
pkgs,
lib,
config,
...
}: {
imports = [
inputs.nixos-hardware.nixosModules.asus-zephyrus-ga503
inputs.disko.nixosModules.default
(import ./disko.nix {device = "/dev/nvme0n1";})
./hardware.nix
../common
../../modules/nixos/desktop
../../modules/nixos/desktop/awesome
../../modules/nixos/desktop/hyprland
../../modules/nixos/desktop/mango
../../modules/nixos/virtualisation
../../modules/nixos/steam.nix
../../modules/nixos/obs-studio.nix
];
hardware.nvidia-container-toolkit.enable = true;
tux.services.openssh.enable = true;
tux.packages.distrobox.enable = true;
nixpkgs.config.cudaSupport = true;
sops.secrets = {
hyperbolic_api_key = {
sopsFile = ./secrets.yaml;
owner = "${username}";
};
gemini_api_key = {
sopsFile = ./secrets.yaml;
owner = "${username}";
};
open_router_api_key = {
sopsFile = ./secrets.yaml;
owner = "${username}";
};
"vicinae.json" = {
sopsFile = ./secrets.yaml;
owner = username;
};
};
networking = {
hostName = "canopus";
networkmanager = {
enable = true;
wifi.powersave = false;
};
firewall = {
enable = true;
allowedTCPPorts = [
80
443
22
3000
6666
8081
];
# Facilitate firewall punching
allowedUDPPorts = [41641 4242];
allowedTCPPortRanges = [
{
from = 1714;
to = 1764;
}
];
allowedUDPPortRanges = [
{
from = 1714;
to = 1764;
}
];
};
};
boot = {
binfmt.emulatedSystems = ["aarch64-linux"];
plymouth = {
enable = true;
theme = "spinner-monochrome";
themePackages = [
(pkgs.plymouth-spinner-monochrome.override {inherit (config.boot.plymouth) logo;})
];
};
kernelParams = [
"quiet"
"loglevel=3"
"systemd.show_status=auto"
"udev.log_level=3"
"rd.udev.log_level=3"
"vt.global_cursor_default=0"
];
consoleLogLevel = 0;
initrd.verbose = false;
kernelPackages = pkgs.linuxPackages_zen;
supportedFilesystems = ["ntfs"];
initrd = {
kernelModules = [
"vfio_pci"
"vfio"
"vfio_iommu_type1"
];
systemd = {
enable = lib.mkForce true;
services.wipe-my-fs = {
wantedBy = ["initrd.target"];
after = ["initrd-root-device.target"];
before = ["sysroot.mount"];
unitConfig.DefaultDependencies = "no";
serviceConfig.Type = "oneshot";
script = ''
mkdir /btrfs_tmp
mount /dev/disk/by-partlabel/disk-primary-root /btrfs_tmp
if [[ -e /btrfs_tmp/root ]]; then
mkdir -p /btrfs_tmp/old_roots
timestamp=$(date --date="@$(stat -c %Y /btrfs_tmp/root)" "+%Y-%m-%-d_%H:%M:%S")
mv /btrfs_tmp/root "/btrfs_tmp/old_roots/$timestamp"
fi
delete_subvolume_recursively() {
IFS=$'\n'
for i in $(btrfs subvolume list -o "$1" | cut -f 9- -d ' '); do
delete_subvolume_recursively "/btrfs_tmp/$i"
done
btrfs subvolume delete "$1"
}
for i in $(find /btrfs_tmp/old_roots/ -maxdepth 1 -mtime +30); do
delete_subvolume_recursively "$i"
done
btrfs subvolume create /btrfs_tmp/root
umount /btrfs_tmp
'';
};
};
};
loader = {
systemd-boot = {
enable = true;
configurationLimit = 10;
};
efi.canTouchEfiVariables = true;
timeout = 1;
};
};
hardware = {
bluetooth.enable = true;
bluetooth.powerOnBoot = true;
graphics.enable32Bit = true;
};
security = {
polkit.enable = true;
rtkit.enable = true;
};
systemd = {
enableEmergencyMode = false;
user = {
services.polkit-gnome-authentication-agent-1 = {
description = "polkit-gnome-authentication-agent-1";
wantedBy = ["graphical-session.target"];
wants = ["graphical-session.target"];
after = ["graphical-session.target"];
serviceConfig = {
Type = "simple";
ExecStart = "${pkgs.polkit_gnome}/libexec/polkit-gnome-authentication-agent-1";
Restart = "on-failure";
RestartSec = 1;
TimeoutStopSec = 10;
};
};
};
};
programs = {
ssh.startAgent = true;
xfconf.enable = true;
thunar = {
enable = true;
plugins = with pkgs; [
thunar-archive-plugin
thunar-volman
];
};
nix-ld = {
enable = true;
package = pkgs.nix-ld;
};
nm-applet.enable = true;
noisetorch.enable = true;
};
services = {
fwupd.enable = true;
fstrim.enable = true;
resolved.enable = true;
flatpak.enable = true;
pipewire = {
enable = true;
alsa.enable = true;
alsa.support32Bit = true;
pulse.enable = true;
wireplumber.enable = true;
};
logind = {
settings.Login = {
HandlePowerKey = "suspend";
HanldeLidSwitch = "suspend";
HandleLidSwitchExternalPower = "suspend";
};
};
xrdp = {
enable = true;
openFirewall = true;
defaultWindowManager = "awesome";
audio.enable = true;
};
syncthing = {
enable = true;
user = "tux";
dataDir = "/home/tux/";
openDefaultPorts = true;
};
libinput.touchpad.naturalScrolling = true;
libinput.mouse.accelProfile = "flat";
# To use Auto-cpufreq we need to
# disable TLP because it's enabled by nixos-hardware
tlp.enable = false;
auto-cpufreq = {
enable = true;
settings = {
battery = {
platform_profile = "balanced";
governor = "powersave";
energy_performance_preference = "performance";
turbo = "never";
scaling_min_freq = 400000;
scaling_max_freq = 3800000;
};
charger = {
platform_profile = "performance";
governor = "performance";
energy_performance_preference = "performance";
turbo = "auto";
scaling_min_freq = 400000;
scaling_max_freq = 3800000;
};
};
};
blueman.enable = true;
supergfxd = {
enable = true;
settings = {
mode = "Hybrid";
vfio_enable = false;
vfio_save = false;
always_reboot = false;
no_logind = false;
logout_timeout_s = 180;
hotplug_type = "None";
};
};
asusd = {
enable = true;
enableUserService = true;
asusdConfig.text = ''
(
charge_control_end_threshold: 80,
disable_nvidia_powerd_on_battery: true,
ac_command: "",
bat_command: "",
platform_profile_linked_epp: true,
platform_profile_on_battery: Quiet,
platform_profile_on_ac: Performance,
change_platform_profile_on_battery: true,
change_platform_profile_on_ac: true,
profile_quiet_epp: Power,
profile_balanced_epp: BalancePower,
profile_custom_epp: Performance,
profile_performance_epp: Performance,
ac_profile_tunings: {},
dc_profile_tunings: {},
armoury_settings: {},
)
'';
profileConfig.text = ''
(
active_profile: Quiet,
)
'';
fanCurvesConfig.text = ''
(
profiles: (
balanced: [
(
fan: CPU,
pwm: (2, 22, 45, 68, 91, 153, 153, 153),
temp: (55, 62, 66, 70, 74, 78, 78, 78),
enabled: false,
),
(
fan: GPU,
pwm: (2, 25, 48, 71, 94, 165, 165, 165),
temp: (55, 62, 66, 70, 74, 78, 78, 78),
enabled: false,
),
],
performance: [
(
fan: CPU,
pwm: (35, 68, 79, 91, 114, 175, 175, 175),
temp: (58, 62, 66, 70, 74, 78, 78, 78),
enabled: false,
),
(
fan: GPU,
pwm: (35, 71, 84, 94, 119, 188, 188, 188),
temp: (58, 62, 66, 70, 74, 78, 78, 78),
enabled: false,
),
],
quiet: [
(
fan: CPU,
pwm: (2, 12, 22, 35, 45, 58, 79, 79),
temp: (55, 62, 66, 70, 74, 78, 82, 82),
enabled: true,
),
(
fan: GPU,
pwm: (2, 12, 25, 35, 48, 61, 84, 84),
temp: (55, 62, 66, 70, 74, 78, 82, 82),
enabled: true,
),
],
custom: [],
),
)
'';
};
gvfs.enable = true;
tumbler.enable = true;
# @FIX gnome gcr agent conflicts with programs.ssh.startAgent;
# gnome.gnome-keyring.enable = true;
tailscale = {
enable = true;
extraUpFlags = ["--login-server https://hs.tux.rs"];
};
mullvad-vpn = {
enable = true;
package = pkgs.mullvad-vpn;
};
};
fonts.packages = with pkgs.nerd-fonts; [
fira-code
jetbrains-mono
bigblue-terminal
];
programs.fuse.userAllowOther = true;
fileSystems."/persist".neededForBoot = true;
environment.persistence."/persist" = {
hideMounts = true;
directories = [
"/var/log"
"/var/lib/bluetooth"
"/var/lib/tailscale"
"/var/lib/nixos"
"/var/lib/docker"
"/var/lib/waydroid"
"/var/lib/iwd"
"/var/lib/libvirt"
"/etc/NetworkManager/system-connections"
];
files = [
# "/etc/machine-id"
"/etc/ly/save.ini"
"/etc/ssh/ssh_host_ed25519_key"
"/etc/ssh/ssh_host_ed25519_key.pub"
"/etc/ssh/ssh_host_rsa_key"
"/etc/ssh/ssh_host_rsa_key.pub"
];
};
home-manager.users.${username} = {
imports = [
./home.nix
];
};
system.stateVersion = "24.11";
}

69
hosts/canopus/disko.nix
View File

@@ -1,69 +0,0 @@
{device ? throw "Set this to the disk device, e.g. /dev/nvme0n1", ...}: {
disko.devices.disk.primary = {
inherit device;
type = "disk";
content = {
type = "gpt"; # GPT partitioning scheme
partitions = {
# EFI Partition
ESP = {
size = "1G";
type = "EF00";
content = {
type = "filesystem";
format = "vfat";
mountpoint = "/boot";
mountOptions = [
"defaults"
"umask=0077"
];
};
};
# Swap Partition
swap = {
size = "32G";
content = {
type = "swap";
discardPolicy = "both";
resumeDevice = true; # Enable hibernation
};
};
# Btrfs Root Partition
root = {
size = "100%"; # Use remaining space
type = "8300"; # Linux filesystem type
content = {
type = "btrfs";
subvolumes = {
"/root" = {
mountOptions = [
"compress=zstd"
"noatime"
"space_cache=v2"
]; # Compression for better performance
mountpoint = "/"; # Root subvolume
};
"/persist" = {
mountOptions = [
"compress=zstd"
"noatime"
"space_cache=v2"
]; # Compression for persistent data
mountpoint = "/persist"; # Persistent subvolume
};
"/nix" = {
mountOptions = [
"compress=zstd"
"noatime"
"noacl"
"space_cache=v2"
]; # Optimize for Nix store
mountpoint = "/nix"; # Nix subvolume
};
};
};
};
};
};
};
}

30
hosts/canopus/hardware.nix
View File

@@ -1,30 +0,0 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{
config,
lib,
pkgs,
modulesPath,
...
}: {
imports = [
(modulesPath + "/installer/scan/not-detected.nix")
];
boot.initrd.availableKernelModules = ["nvme" "xhci_pci" "usbhid" "usb_storage" "sd_mod" "sdhci_pci"];
boot.initrd.kernelModules = [];
boot.kernelModules = ["kvm-amd"];
boot.extraModulePackages = [];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's
# still possible to use this option, but it's recommended to use it in conjunction
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
networking.useDHCP = lib.mkDefault true;
# networking.interfaces.enp3s0.useDHCP = lib.mkDefault true;
# networking.interfaces.wlp4s0.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
}

138
hosts/canopus/home.nix
View File

@@ -1,138 +0,0 @@
{pkgs, ...}: {
imports = [
../../modules/home/desktop/awesome
../../modules/home/desktop/hyprland
../../modules/home/desktop/mango
../../modules/home/desktop/vicinae
../../modules/home/desktop/utils
../../modules/home/picom
../../modules/home/alacritty
../../modules/home/wezterm
../../modules/home/ghostty
../../modules/home/desktop/rofi
../../modules/home/lan-mouse
../../modules/home/firefox
../../modules/home/brave
../../modules/home/vs-code
../../modules/home/zed
../../modules/home/mopidy
../../modules/home/thunderbird
../../modules/home/easyeffects
../../modules/home/discord
../../modules/home/kdeconnect
../../modules/home/spotify
];
home.pointerCursor = {
package = pkgs.bibata-cursors;
name = "Bibata-Modern-Ice";
size = 28;
};
qt = {
enable = true;
platformTheme.name = "gtk";
style = {
name = "adwaita-dark";
package = pkgs.adwaita-qt;
};
};
gtk = {
enable = true;
theme = {
name = "Materia-dark";
package = pkgs.materia-theme;
};
iconTheme = {
package = pkgs.tela-icon-theme;
name = "Tela-black";
};
};
services.flameshot = {
enable = true;
package = pkgs.flameshot.override {enableWlrSupport = true;};
settings = {
General = {
useGrimAdapter = true;
};
};
};
home.packages = with pkgs; [
antigravity
telegram-desktop
anydesk
rustdesk-flutter
moonlight-qt
rawtherapee
stable.beekeeper-studio
libreoffice-qt
spotify
# @TODO Enable when qt5 webengine patched
# https://github.com/NixOS/nixpkgs/blob/b599843bad24621dcaa5ab60dac98f9b0eb1cabe/pkgs/development/libraries/qt-5/modules/qtwebengine.nix#L466
# stremio
galaxy-buds-client
copyq
vlc
tor-browser
vivaldi
bluetui
impala
pulseaudio
];
home.persistence."/persist" = {
directories = [
"Downloads"
"Music"
"Wallpapers"
"Documents"
"Videos"
"Projects"
"Stuff"
"Distrobox"
"go"
".mozilla"
".ssh"
".wakatime"
".rustup"
".cargo"
".steam"
".cache/awww"
".cache/spotifyd"
".cache/spotify-player"
".config/BraveSoftware"
".config/vivaldi"
".config/Antigravity"
".config/copyq"
".config/discord"
".config/Vencord"
".config/vesktop"
".config/sops"
".config/obs-studio"
".config/easyeffects"
".config/rustdesk"
".config/kdeconnect"
".config/Moonlight\ Game\ Streaming\ Project"
".local/lib/vivaldi"
".local/share/nvim"
".local/share/opencode"
".local/share/zsh"
".local/share/zoxide"
".local/share/Smart\ Code\ ltd"
".local/share/GalaxyBudsClient"
".local/share/TelegramDesktop"
".local/state/lazygit"
".local/share/Steam"
".local/share/vicinae"
];
files = [
".wakatime.cfg"
".config/aichat/.env"
];
};
home.stateVersion = "24.11";
}

28
hosts/canopus/secrets.yaml
View File

@@ -1,28 +0,0 @@
hyperbolic_api_key: ENC[AES256_GCM,data:WGvF0PPbMd7zWiO8GfmgluV7dW+ZpzLMO31uI5xo+nekvTBkXiAuHFDK/SXKEUFDMEboNkA/a6JUNsCRhuA4N7qhIZgyQ2bc1iafsj7c4F4X/py63Z4bMx8+byScOSoW+RKAvSFOLDGXQ4s9dKc3XNW7G15QyzTRYUFDbXxsSQ6n6DMJk4jr,iv:o+Shbpl3tXmefpdQB5sod3bNQHHsBnEEP0Bk3C1H5Yo=,tag:fi+7K3nAjVoavqy2Mt8W3Q==,type:str]
gemini_api_key: ENC[AES256_GCM,data:ToQn6NiBpebcSPIHbnAyTJm092Xv24pb7Q09hW/Qb0qZC0ORJGG5,iv:/VIw5hTKlZLaWYdEyaEvIv/ZPTBhq5OkguPL6wFs8A8=,tag:44tNJTBeHYW1ug+z+yKTrw==,type:str]
open_router_api_key: ENC[AES256_GCM,data:QLXIEqsUe8HQobJMvqh8fZi7azXjnz7B524kDPWB8Dk5tAv6EVvM0KHAa6aTGmeMB8LJiUPcLmPU0ifU07s2OyB3Q9w+IFvlfQ==,iv:pBr8SJG8FHP1oYrXrHG0gRMPfdXXoBNPGcYEXF3IJGg=,tag:Yf2FuncT3/9pcBIEN+irGQ==,type:str]
vicinae.json: ENC[AES256_GCM,data:VZ3Z3Q3/KSmqE20Jt91y7XnO8LjKKFg8PUFiFuj2aW3kf/dl40lNWATQxa5AmggGViOf2R+1Q2r4cyGQFUWiOww5gcUT3Op+Z+zqPTE+Heu8/Sst0Vi7ZjL8vvmc6HYpT4t6JvYCEr4jjnBwLIvaxNwxCArEfga5lMgOzDQqhnZeOkBCTGdCp4nN7eBaWBFK4Jsm905mm+N2yMD4/rlkFNA6EBEJ4j5A5DnFF3ooZKSqi0VUhvagZ0JsaGdHpn124hnKkVwLejcWlKYpmXu+5gYRh1F5sADR8BpubMeCoEnGB5zUuxd7v/8m8siYbYzJEMtoBLNVlFcfgdI7/tGfd5aj5S+/ZEHbL9UrSLpKiw==,iv:xayL9aZgak0y3hxwcijMSMslaLCMsVvkXm1Fefs652k=,tag:BE804jVdu1poJmoGPjwsqA==,type:str]
sops:
age:
- recipient: age14vktfes95f33vuefwnmuvryas7az04u76dsgyhfvsx73czkvmp2q7njkl4
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAwZ1V0UE0vT3FoZDhKYXBi
ODRvNGRmZzZQY2t0VDNYTzgzUW5TMlFRQzBnCm9sZEJ1WmY0QU1KR1AwS3R0NXlh
cHhYNjA2TWM3Z1JZM2E1UHluNzdBYXcKLS0tIFRwQm10VlJEUVFyemRGYXpUNHhq
eWNJdzc2dlNlR1N1THAzSVlDNEZZMUUK7kacPvAuwbl0hggMuKJS/hjy0j+i1Oeh
tw7bdZ6do30sf9uY8TWDCeOiK1uOJGATLcDd14VhHl968By8n/5pDw==
-----END AGE ENCRYPTED FILE-----
- recipient: age1x36yr8h993srfj29sfpzt4wyz52nztvncpmhgmfs0j26qvfecq3qvcm0an
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSByZk42NzVUMXV0ZDVWR3Q2
N3NUN1B3blNZS1lKbEU1VmhaTDVOMmFESm1FCi9VeEFXVkRjUnFxYUxERUg0ODY4
eFhFMXhOek1wWTRwOEd6Zk82Sm9VM0UKLS0tIGVBMHpQSWJzMVUxU09XeS8yVXFW
UVM3a1VIMWZGRGNxaUNwbStKekd4N28KvouH73cSd9xMUzDX3ib5tsR8deXGaGTB
N36MxnZcv9AhX7YErc18OkUv+lHZf2MoJ+x5+XOMCjhlUOlvqcBrAg==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2026-02-17T13:38:15Z"
mac: ENC[AES256_GCM,data:KYa/c921oDF2JKEEO0Fdvh8J1qkuQDH2biaS79v1qRr4AUd1yRpyZ75NvHmeIrYNsXgcgzqCi7vtaCF7v/ucirruf20ZeNmCpVb0BfesNko+0PrjWpwnNbabVCVIJFZiGbe35ENcM0DPECvb7vBJ2QKvqMCot6Zys9TgeXRcmGk=,iv:BPEE3KEg7y0BvVkd+aNMRK8xk4JNKgk8R+AR94rCFiM=,tag:y7rrugvI7XmjDP0Dj7GwBQ==,type:str]
unencrypted_suffix: _unencrypted
version: 3.11.0

63
hosts/capella/default.nix
View File

@@ -1,63 +0,0 @@
{
pkgs,
username,
outputs,
inputs,
email,
...
}: {
imports = [
../../modules/droid/sshd.nix
];
android-integration.am.enable = true;
android-integration.termux-open-url.enable = true;
android-integration.xdg-open.enable = true;
android-integration.termux-setup-storage.enable = true;
android-integration.termux-reload-settings.enable = true;
terminal.font = let
firacode = pkgs.nerd-fonts.fira-code;
fontPath = "share/fonts/truetype/NerdFonts/FiraCode/FiraCodeNerdFont-Regular.ttf";
in "${firacode}/${fontPath}";
time.timeZone = "Asia/Kolkata";
tux.services.openssh = {
enable = true;
ports = [8033];
authorizedKeys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIL+OzPUe2ECPC929DqpkM39tl/vdNAXfsRnmrGfR+X3D ${email}"
];
};
user = {
uid = 10479;
gid = 10479;
shell = "${pkgs.zsh}/bin/zsh";
};
environment.etcBackupExtension = ".backup";
environment.motd = '''';
environment.packages = with pkgs; [
nano
git
neovim
openssh
inputs.trok.packages."aarch64-linux".default
];
home-manager = {
config = ./home.nix;
backupFileExtension = "backup";
extraSpecialArgs = {inherit inputs outputs username email;};
useGlobalPkgs = true;
};
# Set up nix for flakes
nix.extraOptions = ''
experimental-features = nix-command flakes
'';
system.stateVersion = "24.05";
}

35
hosts/capella/home.nix
View File

@@ -1,35 +0,0 @@
{pkgs, ...}: {
imports = [
../../modules/home/git
../../modules/home/starship
../../modules/home/fastfetch
];
programs = {
bat.enable = true;
zoxide = {
enable = true;
options = ["--cmd cd"];
};
zsh = {
enable = true;
shellAliases = {
ls = "lsd";
};
syntaxHighlighting.enable = true;
autosuggestion.enable = true;
initContent = ''
fastfetch
'';
};
};
home.packages = with pkgs; [
neovim
busybox
lsd
fastfetch
];
home.stateVersion = "24.05";
}

67
hosts/common/default.nix
View File

@@ -1,67 +0,0 @@
{
username,
outputs,
inputs,
email,
...
}: {
imports = [
inputs.impermanence.nixosModules.impermanence
inputs.home-manager.nixosModules.home-manager
inputs.nix-index-database.nixosModules.nix-index
../../modules/base
../../modules/nixos/fail2ban.nix
../../modules/nixos/selfhosted/upstream-proxy.nix
../../modules/nixos/selfhosted/tfolio.nix
../../modules/nixos/selfhosted/cyber-tux.nix
../../modules/nixos/selfhosted/containers/aiostreams.nix
../../modules/nixos/networking/ssh.nix
../../modules/nixos/distrobox.nix
];
sops.secrets.tux-password = {
sopsFile = ./secrets.yaml;
neededForUsers = true;
};
time.timeZone = "Asia/Kolkata";
i18n = {
defaultLocale = "en_US.UTF-8";
extraLocaleSettings = {
LC_ADDRESS = "en_IN";
LC_IDENTIFICATION = "en_IN";
LC_MEASUREMENT = "en_IN";
LC_MONETARY = "en_IN";
LC_NAME = "en_IN";
LC_NUMERIC = "en_IN";
LC_PAPER = "en_IN";
LC_TELEPHONE = "en_IN";
LC_TIME = "en_IN";
};
};
security.sudo.wheelNeedsPassword = false;
programs = {
zsh.enable = true;
};
home-manager = {
backupFileExtension = "hm-backup";
useUserPackages = true;
extraSpecialArgs = {
inherit
inputs
outputs
username
email
;
};
users.${username} = {
imports = [
./home.nix
];
};
};
}

44
hosts/common/home.nix
View File

@@ -1,44 +0,0 @@
{
outputs,
username,
inputs,
...
}: {
imports = [
inputs.nix-index-database.homeModules.nix-index
../../modules/home/shell
../../modules/home/git
../../modules/home/starship
../../modules/home/fastfetch
../../modules/home/nvim
../../modules/home/tmux
../../modules/home/helix
../../modules/home/aria2
];
nixpkgs = {
overlays = [
outputs.overlays.additions
outputs.overlays.modifications
outputs.overlays.stable-packages
outputs.overlays.nur
outputs.overlays.nix-vscode-extensions
];
config = {
allowUnfree = true;
allowUnfreePredicate = _: true;
joypixels.acceptLicense = true;
};
};
home = {
username = "${username}";
homeDirectory = "/home/${username}";
};
programs.home-manager.enable = true;
systemd.user.startServices = "sd-switch";
}

88
hosts/common/secrets.yaml
View File

@@ -1,88 +0,0 @@
tux-password: ENC[AES256_GCM,data:yAqMKsk7uz0F0k32PdYnqAmn+tdLyXl2krvMstdgFCvIUZH8TlATWCUMPUtnxQiTQqCUY+Q8LE+yYcFFGC3r5TskbF98igZTDA==,iv:hkE/21gdD2bCEdIITrhm9lhKRTHhCPeo8YaYS61/dEM=,tag:/tz2Xvy2ro9gGwKHrJuuzw==,type:str]
sops:
age:
- recipient: age14vktfes95f33vuefwnmuvryas7az04u76dsgyhfvsx73czkvmp2q7njkl4
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBXaTFZSENQZDcvczUrVFF6
Mm1GV3pqSzVPd2pQaUp3ZGRJS0kzMExXSmtJCkVwR1VxbUhCTTlKVHlLR0kvWkFO
R2VmQWhzSEsya3I4b1JRWnFSbXdUanMKLS0tIFR5bkU3cEVHL3BlUFRjL2l2ZDBK
WUVaZzFCQkc0KzRNQlRRdGNvWFdQNkUKhxAV3VavBzjSQHJPNn+Ghspi1scCq7dS
Qu81Q24kMK9sL7ddTjB7UqCgZ3LHq+Izzw5cSYVy+nq150oCBURnoA==
-----END AGE ENCRYPTED FILE-----
- recipient: age1f860dfewlx5jtt9ejr47gywx70p3dmyc8mat29gpr75psljwjv8q5xyxkq
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBNVGdJQTdBVHAxTmFoeThj
RWE0QjBiQUt5UkdDZzBRQm5vTUtGZmRxQ2xvCkRiUDIxUkV3ZW5Jd1ZoZWRzeE03
T0VPZE9pYXJGclVZSTJRM1JaVjM3VU0KLS0tIGFXQ3pRWXFYYWkrYngyZDJST2Jr
UlAzTFdxMENxckVpL05ReENjZHk3b1UK1NEgbZ5AMf9h6zlfIHL7ugNSyQ156T5r
x3l7nFrvxAWE9aTzn03hFjgRP72If6k/3pHJmT8h2494+K20qAmx6g==
-----END AGE ENCRYPTED FILE-----
- recipient: age1x36yr8h993srfj29sfpzt4wyz52nztvncpmhgmfs0j26qvfecq3qvcm0an
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBwZE16cm5vNzhVSkY5K2hV
MWRaMHNIL1Q2cDZ0eHozbTJJWklKb09BK213CkFSazJGdnBWQnRvQ2Zlc1JQazZV
VWVMb1FpcUZMeURQSXJBTkJGeVdCeUkKLS0tIG1uRDJ4T2pRaVY1aERQOWhZdGl0
b3JVbHNpY1B5ekpodHp3ZXlrZFplNFEKiRPqPKh3g33a2/fQVrj8qGOcXheVaLgA
CAShzomubIQNFZUnl12hjH+ZcKlAwYFXzCrHUNdkEUWRIASqGa5oMA==
-----END AGE ENCRYPTED FILE-----
- recipient: age1jg642q775gmnmxeu29gcf3lph8vem4xr8t84cxe809dpd0myrussh49h60
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAvQ3UybGxJaUU5ckdDak5F
d3RJdlR3VHNHZTJ0UXhXc08wSVVXZVFZb2lvClZGSzV6QmhqL01rYjhjdjNKT2RT
V3k1QUF4VXBNb2d6dnA0N2lNNnpXS00KLS0tICs3bWRHMGZiMmM4S3YyY0ttRWZ1
Snd1QTlRUndzK0RSUld1TlRkNU13cHMKTZsBN/4nBfEndip/vCUNtFZF89MKT8uA
C/hKD33ycaLNzmgxz3VRSCxeALMspeobeOLfRHJLflusD9xGgXn73A==
-----END AGE ENCRYPTED FILE-----
- recipient: age1zsl5d4vj6gl3h96y5p53sq5y4vr4vtlwp727h7rp9a4xfkxm53lqrh6r50
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBQWmkrNXJvUjR5anlUcFVE
NExQTnAwZDVmWEl3c3B2bis1N00wQzF6MFFvCnpENVNJU1JWLyswNnZoUTBZNE16
V2ZtLzIzanZEOWhkYXFxaWVLaDZoUDAKLS0tIEs3SXRZU283dERkZEFabmtFZTEx
aUIwRTgzQklUZmlnS05MQ2o5QmJSQk0KVrx1ZHqnS3KQ9jB7yqVIWbrQAdqDt/c4
i3mst4a/rKjgZGUYugHMctJppPIpqqVZTpBHPgY5OiAGESMrUZE+Ig==
-----END AGE ENCRYPTED FILE-----
- recipient: age1zujp5gxy7suv8ysnygv43cmzuvv36nxfg0ch7r3xg2emc6fz3vmqqujheq
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBvdUhKNU5BYmNEdllkWU1R
QVIxMExuYit6ekNwVHFmd2dGNEJtTTlHd0IwCkxiZnAvSURQY2RyWnRVVGxtdlUv
bmNpNFB6OENqOFJSakQ2NGJ0cVJTQlkKLS0tIEt5QXBXNC9WaDdIdklTeTA3ZEp6
Y212bDZSRkttWjBqTEdkbjY4WHd5RTgK1Y779ogFUcr89gosqh7rra7Wg6G/Ez1o
/+48kxF2DTKZLJYX2AFEP5H0JjBDtt+isiO7H1644LjdAwO/sgFMSQ==
-----END AGE ENCRYPTED FILE-----
- recipient: age1ydkclhk9kwqdq74utesqdfupt43lz64d5k65gz2z9uyljcqq9fcq3hv28l
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBwQXFScVBqUDZHc3BDK3N4
T3BnSWk5SElzZllYRHdlMStPS2ZyMDZoZ3pnCm5KVnBYb1R6anRWd04rNllPSW1G
ZVMwMTQ5NjQvaEYwZUhOOE56ckJHb00KLS0tIEpCWmNQZzFlK3ZrRGFPMFVwZndG
ZStueWovUmtKdTk2enRJa3NSbFpJL1UKtzKYPJ6vy6+VjPkrsRvNTwUtV198oglr
cMqBSuwkqzgjDC09sRMnW5PRfJo8hG+5gkd6EPZ8uAbUhGC+kAyLrg==
-----END AGE ENCRYPTED FILE-----
- recipient: age1put942dyhly8nk9c8n0h8tq0x6xplrg3uw5q0d2jmvwez3zq79qsapl7he
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB0ZU93NCtxODQ2YjA4TUcr
aWEyaW4zREZtVUpuZWhZSUw3TWhpMXBYWEVVCitDNGx1eWZQZGsvUDl0UzNCd0Zp
QndpMys5OVg1WXMrdXRDUkFZWDErcjAKLS0tIDBOZTBxM09INTIxZm9tQk10ZUc2
emExUmJZZk00WmxYK2Y3WCtmQXhSUmsKwMxI9I6kQYkvZ4TzJtv/MdGLwTbQdePx
XB+oFbc9Rp3IAEZfH1+VEtJRjyKk5hE7HQoIh92XxJvmbDIswOe/Rg==
-----END AGE ENCRYPTED FILE-----
- recipient: age1y4luzn2jls7rvgphej23srvdlx563lxq29tvf66vhwwzaf7c3f3qzvresh
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBwNUhPQThmWjJROW95SWsw
aFk4dGR3c0RJZTkwSHFXaWp2UCtQWS9xYjFnCnAxa0RMV0xsNnZ2cnVMbmRzRFYv
QmRZQVY1ME9zTmZtT1RxUmFQc2JYc2cKLS0tIGxUTjYwYXZUMU9FY3BFS04zQk1G
bFJwRno1a0pwVHpaV0haZjlZazNtZDAKxTvzsmLtx50sI2bZ3fFcB6j9ZLas4KmL
5bu9Z75hFi+N1sjvMpcK7oIFypGLIWU3xpTP//jv6RuiyjGuR2Dq2w==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2025-11-04T09:28:17Z"
mac: ENC[AES256_GCM,data:A+xfYhnoq/JWYGZOleieF5vjrsPOtkKnXPbd94iBAbnuuBKx8Vgkpuum+hJzVIBdDSCVm8hl2Tpcw7NqWLSkXtBR/NKixzk6eIwFvOZz4h7Qe1Zue10pB25IkIzR34sLnWSHtsxuRRG6fZnf0CNtp7baf4XU3doyDwy5A384Jf0=,iv:i0y0UEY7SSCOBIBc+97qIiq4obpUJYb3gFo1yEc5eUI=,tag:c5zONd6zTv3sq4bPqT73OQ==,type:str]
unencrypted_suffix: _unencrypted
version: 3.11.0

169
hosts/homelab/default.nix
View File

@@ -1,169 +0,0 @@
{
inputs,
username,
pkgs,
lib,
config,
...
}: {
imports = [
inputs.disko.nixosModules.default
(import ./disko.nix {device = "/dev/nvme0n1";})
./hardware.nix
../common
../../modules/nixos/desktop
../../modules/nixos/virtualisation/docker.nix
];
tux.services.openssh.enable = true;
sops.secrets = {
discord_token = {
sopsFile = ./secrets.yaml;
};
hyperbolic_api_key = {
sopsFile = ./secrets.yaml;
owner = "${username}";
};
gemini_api_key = {
sopsFile = ./secrets.yaml;
owner = "${username}";
};
open_router_api_key = {
sopsFile = ./secrets.yaml;
owner = "${username}";
};
};
tux.services.cyber-tux = {
enable = true;
environmentFile = config.sops.secrets.discord_token.path;
};
networking = {
hostName = "homelab";
networkmanager = {
enable = true;
wifi.powersave = false;
};
firewall = {
enable = true;
allowedTCPPorts = [22];
# Facilitate firewall punching
allowedUDPPorts = [41641];
};
};
boot = {
consoleLogLevel = 0;
initrd.verbose = false;
kernelPackages = pkgs.linuxPackages_zen;
initrd.systemd = {
enable = lib.mkForce true;
services.wipe-my-fs = {
wantedBy = ["initrd.target"];
after = ["initrd-root-device.target"];
before = ["sysroot.mount"];
unitConfig.DefaultDependencies = "no";
serviceConfig.Type = "oneshot";
script = ''
mkdir /btrfs_tmp
mount /dev/disk/by-partlabel/disk-primary-root /btrfs_tmp
if [[ -e /btrfs_tmp/root ]]; then
mkdir -p /btrfs_tmp/old_roots
timestamp=$(date --date="@$(stat -c %Y /btrfs_tmp/root)" "+%Y-%m-%-d_%H:%M:%S")
mv /btrfs_tmp/root "/btrfs_tmp/old_roots/$timestamp"
fi
delete_subvolume_recursively() {
IFS=$'\n'
for i in $(btrfs subvolume list -o "$1" | cut -f 9- -d ' '); do
delete_subvolume_recursively "/btrfs_tmp/$i"
done
btrfs subvolume delete "$1"
}
for i in $(find /btrfs_tmp/old_roots/ -maxdepth 1 -mtime +30); do
delete_subvolume_recursively "$i"
done
btrfs subvolume create /btrfs_tmp/root
umount /btrfs_tmp
'';
};
};
loader = {
systemd-boot = {
enable = true;
configurationLimit = 10;
};
efi.canTouchEfiVariables = true;
timeout = 1;
};
};
hardware = {
graphics.enable32Bit = true;
};
security = {
rtkit.enable = true;
};
programs = {
nix-ld = {
enable = true;
package = pkgs.nix-ld;
};
};
services = {
fwupd.enable = true;
fstrim.enable = true;
tailscale = {
enable = true;
extraUpFlags = ["--login-server https://hs.tux.rs"];
};
};
programs.fuse.userAllowOther = true;
fileSystems."/persist".neededForBoot = true;
environment.persistence."/persist" = {
hideMounts = true;
directories = [
"/var/log"
"/var/lib/tailscale"
"/var/lib/nixos"
"/etc/NetworkManager/system-connections"
];
files = [
"/etc/ssh/ssh_host_ed25519_key"
"/etc/ssh/ssh_host_ed25519_key.pub"
"/etc/ssh/ssh_host_rsa_key"
"/etc/ssh/ssh_host_rsa_key.pub"
];
};
users.users.${username} = {linger = true;};
home-manager.users.${username} = {
imports = [
./home.nix
];
};
environment.systemPackages = with pkgs; [go-wol];
system.stateVersion = "24.11";
}

48
hosts/homelab/disko.nix
View File

@@ -1,48 +0,0 @@
{device ? throw "Set this to the disk device, e.g. /dev/nvme0n1", ...}: {
disko.devices.disk.primary = {
inherit device;
type = "disk";
content = {
type = "gpt"; # GPT partitioning scheme
partitions = {
# EFI Partition
ESP = {
size = "512M";
type = "EF00";
content = {
type = "filesystem";
format = "vfat";
mountpoint = "/boot";
mountOptions = ["defaults" "umask=0077"];
};
};
# Btrfs Root Partition
root = {
size = "100%"; # Use remaining space
type = "8300"; # Linux filesystem type
content = {
type = "btrfs";
subvolumes = {
"/root" = {
mountOptions = ["compress=zstd"]; # Compression for better performance
mountpoint = "/"; # Root subvolume
};
"/persist" = {
mountOptions = ["compress=zstd"]; # Compression for persistent data
mountpoint = "/persist"; # Persistent subvolume
};
"/nix" = {
mountOptions = [
"compress=zstd"
"noatime"
"noacl"
]; # Optimize for Nix store
mountpoint = "/nix"; # Nix subvolume
};
};
};
};
};
};
};
}

30
hosts/homelab/hardware.nix
View File

@@ -1,30 +0,0 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{
config,
lib,
pkgs,
modulesPath,
...
}: {
imports = [
(modulesPath + "/installer/scan/not-detected.nix")
];
boot.initrd.availableKernelModules = ["nvme" "xhci_pci" "usbhid" "usb_storage" "sd_mod" "sdhci_pci"];
boot.initrd.kernelModules = [];
boot.kernelModules = ["kvm-amd"];
boot.extraModulePackages = [];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's
# still possible to use this option, but it's recommended to use it in conjunction
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
networking.useDHCP = lib.mkDefault true;
# networking.interfaces.enp3s0.useDHCP = lib.mkDefault true;
# networking.interfaces.wlp4s0.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
}

21
hosts/homelab/home.nix
View File

@@ -1,21 +0,0 @@
{...}: {
home.persistence."/persist" = {
directories = [
"Projects"
"Stuff"
".ssh"
".wakatime"
".config/sops"
".config/go-wol"
".local/share/nvim"
".local/share/zsh"
".local/share/zoxide"
".local/state/lazygit"
];
files = [
".wakatime.cfg"
];
};
home.stateVersion = "24.11";
}

28
hosts/homelab/secrets.yaml
View File

@@ -1,28 +0,0 @@
discord_token: ENC[AES256_GCM,data:fZqz6LD3+Svtton5gNCXO5ddWAqW1IyxP3M2DAIXZEIYRHUfAq8h9LES2IHWepjl5qKimxB35zacE/TYK2fitngWtRGVoMDBzzU6VTKNulNV3yFWrPA=,iv:YOplYld+c9vHVC0Srfm89qrh4yUygDiW67X2TdwHKMc=,tag:Ioc2wNLX818fRQ/2PSO7Sw==,type:str]
hyperbolic_api_key: ENC[AES256_GCM,data:t8xjjzhgvM9BXiB5jDc2RR384d+mL5zXr+/obDLMm2J+IN+Xw9fr4iz50CTQ5ZMWWMoPjxzY5vgiJ+h71BsDRM0TvBMWuXd2ihKOIZOVo6OQmCX/SeKUgkjunFqz+YKcxsLsF7ZG/tOgWGqMmxom8iGV7LELKG/8MLDCF50YgJNO568MJMUU,iv:Cf+mSG2dxsRclDy8k7gK+hi+Qd5J7wqfS9SQztRob80=,tag:Io4aAFa29SUsfuPFI2/+DA==,type:str]
gemini_api_key: ENC[AES256_GCM,data:GJWo7dXSaUbl2Q9h+Sc1sRF0g+82LyHk3mKFqDaBmRdalvyGwMvp,iv:odLpACXHVqxWIj7e/u6AY1pxjYX+e10Lezne1BlHl60=,tag:qO3zcz/93eHuEzG66zwwdA==,type:str]
open_router_api_key: ENC[AES256_GCM,data:ETiZEngQRnOrJtDXSDfBanzbUyThTAu9BSQCL1tuVv07CCWJaXUui9Y0kS9oIO5to655FON3C0RxovTGx6rWQwOMKeEn5bHUHA==,iv:ePJzHKFWddkLGfydPi6uEzvksm7Djln/DBV88Jc1ugA=,tag:Eb7eYPMC0DlqtT7OFK4UuA==,type:str]
sops:
age:
- recipient: age14vktfes95f33vuefwnmuvryas7az04u76dsgyhfvsx73czkvmp2q7njkl4
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB2YktFRE9KS0h0T0hDTlpF
ZEk0VzNTcVE0ampsWVRtSzJ3UHBXL2NlUUh3Cjk5ZnFKVENmTTJHQjgrVWlyOUE1
THUrTUFzdWhKejNUNXpsNVpvZVdJWm8KLS0tIDZ5bmYzSVBUVlVORHAzSGtCQmVo
a2JuSWVtMi9FMkova3BCd2F0U2VCRzQKonG/AkEn2X2l3vyr0UlJprGW2ZSwrczq
xHafyGiU/I1AO/HoB3BXyP8t/Sgn/dy42lspqZ3MoLLlmx7dQeTd+g==
-----END AGE ENCRYPTED FILE-----
- recipient: age1jg642q775gmnmxeu29gcf3lph8vem4xr8t84cxe809dpd0myrussh49h60
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBxWUowUlB2cWVOclpRMENn
TU5za0Y2UHZ5eFNZMEdQWm9xdTZFYkVwS2hNCnRBUU1ndFdiQ09sQjBDb1greC93
ejl2OVZTTEtIcWpxUk5RRngrbjRWREEKLS0tIDVrSHhxbmJFdWwyQS9xeWlFZitJ
Y1RHaFdXaE9DODJtSTFCSVZWb0xVeUEK4qeBKg3u+vhBIM1dQ7BaOWi/C7Q8hk60
vu9Zr075n0+kb5Ab+RH24ZmEoP5PJXjwEfbAnmRTjn0reYn1nfcNYA==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2025-10-14T06:52:16Z"
mac: ENC[AES256_GCM,data:/p5Mbonr1YcrDgBIi+wFFPnNKsn74kuWf/EloNDnVWg59LuBy3nhrfXHUvbwlX7vLbSLozbuAHKTDcQ0+OUXJTYvMRApAGVh9HrvQFEQuOPOkwN8/qtdvwduInetX3t7PLWu4vbCVhl1v2BzJyEVQ9tzn7+8zEJhDDS7cPsZ9Is=,iv:GPJxjmOQPAqh0TulLhhX4UX+5FrZizCtDOkQa9xxaXY=,tag:Vv33D3wubWBDVOxdKOMENQ==,type:str]
unencrypted_suffix: _unencrypted
version: 3.10.2

91
hosts/isoImage/default.nix
View File

@@ -1,91 +0,0 @@
{
pkgs,
modulesPath,
inputs,
username,
lib,
...
}: {
imports = [
"${modulesPath}/installer/cd-dvd/installation-cd-minimal.nix"
inputs.home-manager.nixosModules.home-manager
../common
../../modules/nixos/desktop
../../modules/nixos/desktop/awesome
../../modules/nixos/desktop/hyprland
];
nixpkgs.hostPlatform = "x86_64-linux";
networking = {
hostName = "iso";
};
hardware = {
bluetooth.enable = true;
bluetooth.powerOnBoot = true;
};
security = {
rtkit.enable = true;
};
programs = {
ssh.startAgent = true;
thunar = {
enable = true;
plugins = with pkgs; [
thunar-archive-plugin
thunar-volman
];
};
nm-applet.enable = true;
};
services = {
resolved.enable = true;
pipewire = {
enable = true;
alsa.enable = true;
alsa.support32Bit = true;
pulse.enable = true;
};
logind = {
settings.Login = {
HandlePowerKey = "suspend";
HanldeLidSwitch = "suspend";
HandleLidSwitchExternalPower = "suspend";
};
};
libinput.touchpad.naturalScrolling = true;
libinput.mouse.accelProfile = "flat";
blueman.enable = true;
gvfs.enable = true;
tumbler.enable = true;
};
fonts.packages = with pkgs.nerd-fonts; [
fira-code
jetbrains-mono
bigblue-terminal
];
home-manager.users.${username} = {
imports = [
./home.nix
];
};
users.users.${username} = {
hashedPasswordFile = lib.mkForce null;
initialPassword = username;
};
system.stateVersion = "23.11";
}

19
hosts/isoImage/home.nix
View File

@@ -1,19 +0,0 @@
{pkgs, ...}: {
imports = [
../../modules/home/desktop/awesome
../../modules/home/desktop/hyprland
../../modules/home/picom
../../modules/home/wezterm
../../modules/home/desktop/rofi
../../modules/home/firefox
../../modules/home/brave
];
home.pointerCursor = {
package = pkgs.bibata-cursors;
name = "Bibata-Modern-Ice";
size = 28;
};
home.stateVersion = "24.11";
}

54
hosts/node/default.nix
View File

@@ -1,54 +0,0 @@
{
inputs,
username,
...
}: {
imports = [
inputs.disko.nixosModules.default
(import ./disko.nix {
device = "/dev/nvme0n1";
device2 = "/dev/nvme1n1";
device3 = "/dev/sda";
})
./hardware.nix
../common
];
tux.services.openssh.enable = true;
boot.loader.grub.enable = true;
networking = {
hostName = "node";
networkmanager = {
enable = true;
wifi.powersave = false;
};
firewall = {
enable = true;
allowedTCPPorts = [
22
8545
8546
9545
9546
];
};
};
security.rtkit.enable = true;
environment.persistence."/persist" = {
enable = false;
};
home-manager.users.${username} = {
imports = [
./home.nix
];
};
system.stateVersion = "25.05";
}

87
hosts/node/disko.nix
View File

@@ -1,87 +0,0 @@
{
device ? throw "Set this to the disk device, e.g. /dev/nvme0n1",
device2 ? throw "Set this to the disk device2, e.g. /dev/nvme1n1",
device3 ? throw "Set this to the disk device3, e.g. /dev/nvme1n1",
...
}: {
disko.devices = {
disk = {
disk1 = {
type = "disk";
device = "${device}";
content = {
type = "gpt";
partitions = {
boot = {
size = "1M";
type = "EF02"; # for grub MBR
};
mdadm = {
size = "100%";
content = {
type = "mdraid";
name = "raid0";
};
};
};
};
};
disk2 = {
type = "disk";
device = "${device2}";
content = {
type = "gpt";
partitions = {
boot = {
size = "1M";
type = "EF02"; # for grub MBR
};
mdadm = {
size = "100%";
content = {
type = "mdraid";
name = "raid0";
};
};
};
};
};
hdd = {
type = "disk";
device = "${device3}";
content = {
type = "gpt";
partitions = {
data = {
size = "100%";
content = {
type = "filesystem";
format = "ext4";
mountpoint = "/mnt/hdd";
};
};
};
};
};
};
mdadm = {
raid0 = {
type = "mdadm";
level = 0;
content = {
type = "gpt";
partitions = {
primary = {
size = "100%";
content = {
type = "filesystem";
format = "ext4";
mountpoint = "/";
};
};
};
};
};
};
};
}

29
hosts/node/hardware.nix
View File

@@ -1,29 +0,0 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{
config,
lib,
pkgs,
modulesPath,
...
}: {
imports = [
(modulesPath + "/installer/scan/not-detected.nix")
];
boot.initrd.availableKernelModules = ["xhci_pci" "ahci" "nvme" "usbhid"];
boot.initrd.kernelModules = [];
boot.kernelModules = ["kvm-amd"];
boot.extraModulePackages = [];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's
# still possible to use this option, but it's recommended to use it in conjunction
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
networking.useDHCP = lib.mkDefault true;
# networking.interfaces.enp41s0.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
}

3
hosts/node/home.nix
View File

@@ -1,3 +0,0 @@
{...}: {
home.stateVersion = "25.05";
}

63
hosts/rigel/default.nix
View File

@@ -1,63 +0,0 @@
{
pkgs,
username,
outputs,
inputs,
email,
...
}: {
imports = [
../../modules/droid/sshd.nix
];
android-integration.am.enable = true;
android-integration.termux-open-url.enable = true;
android-integration.xdg-open.enable = true;
android-integration.termux-setup-storage.enable = true;
android-integration.termux-reload-settings.enable = true;
terminal.font = let
firacode = pkgs.nerd-fonts.fira-code;
fontPath = "share/fonts/truetype/NerdFonts/FiraCode/FiraCodeNerdFont-Regular.ttf";
in "${firacode}/${fontPath}";
time.timeZone = "Asia/Kolkata";
tux.services.openssh = {
enable = true;
ports = [8033];
authorizedKeys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIL+OzPUe2ECPC929DqpkM39tl/vdNAXfsRnmrGfR+X3D ${email}"
];
};
user = {
uid = 10225;
gid = 10225;
shell = "${pkgs.zsh}/bin/zsh";
};
environment.etcBackupExtension = ".backup";
environment.motd = '''';
environment.packages = with pkgs; [
nano
git
neovim
openssh
inputs.trok.packages."aarch64-linux".default
];
home-manager = {
config = ./home.nix;
backupFileExtension = "backup";
extraSpecialArgs = {inherit inputs outputs username email;};
useGlobalPkgs = true;
};
# Set up nix for flakes
nix.extraOptions = ''
experimental-features = nix-command flakes
'';
system.stateVersion = "24.05";
}

35
hosts/rigel/home.nix
View File

@@ -1,35 +0,0 @@
{pkgs, ...}: {
imports = [
../../modules/home/git
../../modules/home/starship
../../modules/home/fastfetch
];
programs = {
bat.enable = true;
zoxide = {
enable = true;
options = ["--cmd cd"];
};
zsh = {
enable = true;
shellAliases = {
ls = "lsd";
};
syntaxHighlighting.enable = true;
autosuggestion.enable = true;
initContent = ''
fastfetch
'';
};
};
home.packages = with pkgs; [
neovim
busybox
lsd
fastfetch
];
home.stateVersion = "24.05";
}

79
hosts/sirius/default.nix
View File

@@ -1,79 +0,0 @@
{
pkgs,
inputs,
username,
config,
...
}: {
imports = [
inputs.nixos-wsl.nixosModules.wsl
../common
../../modules/nixos/virtualisation/docker.nix
];
hardware.nvidia-container-toolkit = {
enable = true;
suppressNvidiaDriverAssertion = true;
};
tux.services.openssh.enable = true;
sops.secrets = {
hyperbolic_api_key = {
sopsFile = ./secrets.yaml;
owner = "${username}";
};
gemini_api_key = {
sopsFile = ./secrets.yaml;
owner = "${username}";
};
open_router_api_key = {
sopsFile = ./secrets.yaml;
owner = "${username}";
};
};
boot.binfmt.emulatedSystems = ["aarch64-linux"];
nixpkgs = {
config.cudaSupport = true;
hostPlatform = "x86_64-linux";
};
wsl = {
enable = true;
defaultUser = "${username}";
useWindowsDriver = true;
interop.register = true;
};
networking.hostName = "sirius";
programs = {
ssh.startAgent = true;
zsh.enable = true;
nix-ld = {
enable = true;
libraries = config.hardware.graphics.extraPackages;
package = pkgs.nix-ld;
};
dconf.enable = true;
};
environment.persistence."/persist" = {
enable = false;
};
home-manager.users.${username} = {
imports = [
./home.nix
];
};
system.stateVersion = "23.11";
}

3
hosts/sirius/home.nix
View File

@@ -1,3 +0,0 @@
{...}: {
home.stateVersion = "23.11";
}

27
hosts/sirius/secrets.yaml
View File

@@ -1,27 +0,0 @@
hyperbolic_api_key: ENC[AES256_GCM,data:3E4oWt65AU3anVUEU52r7vpRddDgXdqKgvc/URQmJGbA0nu6sbRmw3lD44SG0L5tMubi20+gkKlyFV3i8q2U148eo582Sxh8eXshvvjZ+gr9W9Eg0Tk9kQWycrE+N3r3g1AC+CWtbkRFDxQLuVAYf9W4mTw2Yg1VLV7H3BUCSYv3Rg5EPb9c,iv:Z+72Bk+5ZnHVR+SHXgM5mwfsIp4zZf9Iv8cAaZQB3Mg=,tag:phqWkpOCKnfiCBvR/f3flw==,type:str]
gemini_api_key: ENC[AES256_GCM,data:S9DEgF4xIDXaOqs+3vdRbFb4Z8eAV1hVg8PwEfasWu9XGH3CTXV8,iv:LvUFg6dzlzC3feGh//d2rmxvVq5TJQDEBQWfxNa259Y=,tag:juLXnsiXz7OmYvyKfAv66Q==,type:str]
open_router_api_key: ENC[AES256_GCM,data:tUtkVER9ZlhSeb0bDbA1nRi1lkRX/ofosV+mcHnaNQmAZXWXiyn8WDfemxxNuvU86YctURxL4TckfsQv7RmMjY7esB1Pmmwf9Q==,iv:elT8JJu48cgu4Q1YWxiL4ePNkP+EGhI8blqfUB/nmz8=,tag:bMvUXUegE+GJ6WdypTxLyw==,type:str]
sops:
age:
- recipient: age14vktfes95f33vuefwnmuvryas7az04u76dsgyhfvsx73czkvmp2q7njkl4
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBtVUx5VWlHekQ1ZlBWb1cv
aWpXQ0NUaDVudENNRWhPdXlhekhwZW9zbjNNCkRzTlVOZm53MnJmckp6d3FsTU9D
M2pZYUs2aHJzWjQzM01BMUVaZHlsdm8KLS0tIG04Rjc3VXM1eFhvTGhpMVlJdE9K
dkYwdGZMRmZ1MFFTVlI4T0MrNytsV00KmdCXJ/EBZhLN/NXuOf36LjwmGTze46Ou
kQtKSpdzLdo/bdS6sbUGVHqDLeS7GwGtVciMh9zBHCsGBCAAkQHxIA==
-----END AGE ENCRYPTED FILE-----
- recipient: age1f860dfewlx5jtt9ejr47gywx70p3dmyc8mat29gpr75psljwjv8q5xyxkq
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBiSXhQdEpJZHBGbjlZTnhD
U0Zwc1pwbGtHdkRFbWJRVzRNWUdqakhzM2pJCmYyYlMwQVZEbzkxcnRKVERyeExB
Z0hXcTdyMHMwREExdlJmR3JHTldvRnMKLS0tIFNMczN6QmI3cUR6clBDU2dKQTVF
U1dpRkttaURwSkgySVdiR25iZk50b2cKrrNfeAV73W3+kWM0diIFj08+koBVySVx
U3tYYrePi7qQxDSrNo4a14yOopjktj/ABKpxI5cfza6aS5NQxErq2Q==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2025-10-10T21:30:12Z"
mac: ENC[AES256_GCM,data:IxGSaYj3PLV+RA4G+A3yep0RkcPr9xd6X7yKJP3QVthzGinm0KRNs8wyMdDgdSrK/e0AlzN594VOMTRRgxLV9oPqEPqufWDGGCpiKuW+q2mJSv3i3f1dUbO/l+OSTEFqeeKb8rWEhbJ3qcjEhI/eFB+RNkDtJvSzDlJsS4uDB9A=,iv:VlvTI3AHyBKpwr9b29YqN8V1Tjq2E8oAOAPA7LuAKps=,tag:+BFt/T4ep66WFz9Y2a7a9w==,type:str]
unencrypted_suffix: _unencrypted
version: 3.10.2

67
hosts/vega/default.nix
View File

@@ -1,67 +0,0 @@
{
pkgs,
username,
...
}: {
imports = [
./hardware.nix
../common
../../modules/nixos/selfhosted/adguard.nix
];
tux.services.openssh.enable = true;
boot.initrd.availableKernelModules = [
"usbhid"
"usb_storage"
"vc4"
"pcie_brcmstb" # required for the pcie bus to work
"reset-raspberrypi" # required for vl805 firmware to load
];
# Use the extlinux boot loader. (NixOS wants to enable GRUB by default)
boot.loader.grub.enable = false;
# Enables the generation of /boot/extlinux/extlinux.conf
boot.loader.generic-extlinux-compatible.enable = true;
hardware.enableRedistributableFirmware = true;
powerManagement.cpuFreqGovernor = "ondemand";
networking = {
hostName = "vega";
networkmanager = {
enable = true;
wifi.powersave = false;
};
firewall = {
enable = true;
allowedTCPPorts = [22];
# Facilitate firewall punching
allowedUDPPorts = [41641];
};
};
services = {
tailscale = {
enable = true;
extraUpFlags = ["--login-server https://hs.tux.rs"];
};
};
environment.systemPackages = with pkgs; [go-wol];
environment.persistence."/persist" = {
enable = false;
};
users.users.${username} = {linger = true;};
home-manager.users.${username} = {
imports = [
./home.nix
];
};
system.stateVersion = "24.11";
}

36
hosts/vega/hardware.nix
View File

@@ -1,36 +0,0 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{
config,
lib,
pkgs,
modulesPath,
...
}: {
imports = [
(modulesPath + "/installer/scan/not-detected.nix")
];
boot.initrd.availableKernelModules = [];
boot.initrd.kernelModules = [];
boot.kernelModules = [];
boot.extraModulePackages = [];
fileSystems."/" = {
device = "/dev/disk/by-uuid/44444444-4444-4444-8888-888888888888";
fsType = "ext4";
};
swapDevices = [];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's
# still possible to use this option, but it's recommended to use it in conjunction
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
networking.useDHCP = lib.mkDefault true;
# networking.interfaces.enu1u1.useDHCP = lib.mkDefault true;
# networking.interfaces.wlan0.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "aarch64-linux";
}

3
hosts/vega/home.nix
View File

@@ -1,3 +0,0 @@
{...}: {
home.stateVersion = "24.11";
}

102
hosts/vps/default.nix
View File

@@ -1,102 +0,0 @@
{
modulesPath,
inputs,
username,
lib,
...
}: {
imports = [
(modulesPath + "/installer/scan/not-detected.nix")
(modulesPath + "/profiles/qemu-guest.nix")
inputs.disko.nixosModules.default
(import ./disko.nix {device = "/dev/sda";})
../common
];
tux.services.openssh.enable = true;
nixpkgs = {
hostPlatform = "x86_64-linux";
};
boot = {
initrd.systemd = {
enable = lib.mkForce true;
services.wipe-my-fs = {
wantedBy = ["initrd.target"];
after = ["initrd-root-device.target"];
before = ["sysroot.mount"];
unitConfig.DefaultDependencies = "no";
serviceConfig.Type = "oneshot";
script = ''
mkdir /btrfs_tmp
mount /dev/disk/by-partlabel/disk-primary-root /btrfs_tmp
if [[ -e /btrfs_tmp/root ]]; then
mkdir -p /btrfs_tmp/old_roots
timestamp=$(date --date="@$(stat -c %Y /btrfs_tmp/root)" "+%Y-%m-%-d_%H:%M:%S")
mv /btrfs_tmp/root "/btrfs_tmp/old_roots/$timestamp"
fi
delete_subvolume_recursively() {
IFS=$'\n'
for i in $(btrfs subvolume list -o "$1" | cut -f 9- -d ' '); do
delete_subvolume_recursively "/btrfs_tmp/$i"
done
btrfs subvolume delete "$1"
}
for i in $(find /btrfs_tmp/old_roots/ -maxdepth 1 -mtime +30); do
delete_subvolume_recursively "$i"
done
btrfs subvolume create /btrfs_tmp/root
umount /btrfs_tmp
'';
};
};
loader = {
grub = {
efiSupport = true;
efiInstallAsRemovable = true;
};
};
};
networking.hostName = "vps";
users = {
users.${username} = {
password = "${username}";
hashedPasswordFile = lib.mkForce null;
};
};
programs.fuse.userAllowOther = true;
fileSystems."/persist".neededForBoot = true;
environment.persistence."/persist" = {
hideMounts = true;
directories = [
"/var/log"
"/var/lib/nixos"
];
files = [
"/etc/ssh/ssh_host_ed25519_key"
"/etc/ssh/ssh_host_ed25519_key.pub"
"/etc/ssh/ssh_host_rsa_key"
"/etc/ssh/ssh_host_rsa_key.pub"
];
};
users.users.${username} = {linger = true;};
home-manager.users.${username} = {
imports = [
./home.nix
];
};
system.stateVersion = "24.11";
}

53
hosts/vps/disko.nix
View File

@@ -1,53 +0,0 @@
{device ? throw "Set this to the disk device, e.g. /dev/nvme0n1", ...}: {
disko.devices.disk.primary = {
inherit device;
type = "disk";
content = {
type = "gpt"; # GPT partitioning scheme
partitions = {
boot = {
name = "boot";
size = "1M";
type = "EF02";
};
# EFI Partition
ESP = {
size = "512M";
type = "EF00";
content = {
type = "filesystem";
format = "vfat";
mountpoint = "/boot";
mountOptions = ["defaults" "umask=0077"];
};
};
# Btrfs Root Partition
root = {
size = "100%"; # Use remaining space
type = "8300"; # Linux filesystem type
content = {
type = "btrfs";
subvolumes = {
"/root" = {
mountOptions = ["compress=zstd"]; # Compression for better performance
mountpoint = "/"; # Root subvolume
};
"/persist" = {
mountOptions = ["compress=zstd"]; # Compression for persistent data
mountpoint = "/persist"; # Persistent subvolume
};
"/nix" = {
mountOptions = [
"compress=zstd"
"noatime"
"noacl"
]; # Optimize for Nix store
mountpoint = "/nix"; # Nix subvolume
};
};
};
};
};
};
};
}

11
hosts/vps/home.nix
View File

@@ -1,11 +0,0 @@
{...}: {
home.persistence."/persist" = {
directories = [
"Projects"
".ssh"
".local/share/zsh"
];
};
home.stateVersion = "24.11";
}

11
modules/base/default.nix
View File

@@ -1,11 +0,0 @@
{
imports = [
./nix.nix
./nixpkgs.nix
./nh.nix
./overlays.nix
./sops.nix
./substituters.nix
./user.nix
];
}

16
modules/base/nh.nix
View File

@@ -1,16 +0,0 @@
{
config,
username,
...
}: {
programs.nh = {
enable = true;
clean = {
enable = !config.nix.gc.automatic;
dates = "weekly";
};
flake = "/home/${username}/Projects/nixos-config";
};
}

37
modules/base/nix.nix
View File

@@ -1,37 +0,0 @@
{
pkgs,
username,
...
}: {
nix = {
# @TODO enable when lix is patched
# package = pkgs.lix;
gc = {
automatic = true;
dates = "weekly";
options = "--delete-older-than 7d";
};
optimise = {
automatic = true;
dates = ["weekly"];
};
channel.enable = false;
settings = {
extra-platforms = [
"aarch64-linux"
"arm-linux"
];
auto-optimise-store = true;
allowed-users = ["${username}"];
trusted-users = ["${username}"];
experimental-features = "nix-command flakes";
keep-going = true;
warn-dirty = false;
http-connections = 50;
};
};
}

8
modules/base/nixpkgs.nix
View File

@@ -1,8 +0,0 @@
{
nixpkgs = {
config = {
allowUnfree = true;
joypixels.acceptLicense = true;
};
};
}

9
modules/base/overlays.nix
View File

@@ -1,9 +0,0 @@
{outputs, ...}: {
nixpkgs.overlays = [
outputs.overlays.additions
outputs.overlays.modifications
outputs.overlays.stable-packages
outputs.overlays.nur
outputs.overlays.nix-vscode-extensions
];
}

20
modules/base/sops.nix
View File

@@ -1,20 +0,0 @@
{
inputs,
config,
pkgs,
...
}: let
isEd25519 = k: k.type == "ed25519";
getKeyPath = k: k.path;
keys = builtins.filter isEd25519 config.services.openssh.hostKeys;
in {
imports = [inputs.sops-nix.nixosModules.sops];
sops.age = {
sshKeyPaths = map getKeyPath keys;
keyFile = "/var/lib/sops-nix/key.txt";
generateKey = true;
};
environment.systemPackages = with pkgs; [sops];
}

27
modules/base/substituters.nix
View File

@@ -1,27 +0,0 @@
{
nix.settings = {
substituters = [
"https://cache.nixos.org?priority=10"
"https://anyrun.cachix.org"
"https://fufexan.cachix.org"
"https://helix.cachix.org"
"https://hyprland.cachix.org"
"https://nix-community.cachix.org"
"https://nix-gaming.cachix.org"
"https://yazi.cachix.org"
"https://nix-on-droid.cachix.org"
];
trusted-substituters = ["https://nix-on-droid.cachix.org"];
trusted-public-keys = [
"cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY="
"anyrun.cachix.org-1:pqBobmOjI7nKlsUMV25u9QHa9btJK65/C8vnO3p346s="
"fufexan.cachix.org-1:LwCDjCJNJQf5XD2BV+yamQIMZfcKWR9ISIFy5curUsY="
"helix.cachix.org-1:ejp9KQpR1FBI2onstMQ34yogDm4OgU2ru6lIwPvuCVs="
"hyprland.cachix.org-1:a7pgxzMz7+chwVL3/pzj6jIBMioiJM7ypFP8PwtkuGc="
"nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
"nix-gaming.cachix.org-1:nbjlureqMbRAxR1gJ/f3hxemL9svXaZF/Ees8vCUUs4="
"yazi.cachix.org-1:Dcdz63NZKfvUCbDGngQDAZq6kOroIrFoyO064uvLh8k="
"nix-on-droid.cachix.org-1:56snoMJTXmDRC1Ei24CmKoUqvHJ9XCp+nidK7qkMQrU="
];
};
}

20
modules/base/user.nix
View File

@@ -1,20 +0,0 @@
{
config,
pkgs,
username,
email,
...
}: {
users = {
mutableUsers = false;
defaultUserShell = pkgs.zsh;
users.${username} = {
hashedPasswordFile = config.sops.secrets.tux-password.path;
isNormalUser = true;
extraGroups = ["networkmanager" "wheel" "storage"];
openssh.authorizedKeys.keys = [
''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIL+OzPUe2ECPC929DqpkM39tl/vdNAXfsRnmrGfR+X3D ${email}''
];
};
};
}

106
modules/droid/sshd.nix
View File

@@ -1,106 +0,0 @@
{
config,
lib,
pkgs,
...
}: let
# utility functions
concatLines = list: builtins.concatStringsSep "\n" list;
prefixLines = mapper: list: concatLines (map mapper list);
# could be put in the config
configPath = "ssh/sshd_config";
keysFolder = "/etc/ssh";
authorizedKeysFolder = "/etc/ssh/authorized_keys.d";
supportedKeysTypes = [
"rsa"
"ed25519"
];
sshd-start-bin = "sshd-start";
# real config
cfg = config.tux.services.openssh;
pathOfKeyOf = type: "${keysFolder}/ssh_host_${type}_key";
generateKeyOf = type: ''
${lib.getExe' pkgs.openssh "ssh-keygen"} \
-t "${type}" \
-f "${pathOfKeyOf type}" \
-N ""
'';
generateKeyWhenNeededOf = type: ''
if [ ! -f ${pathOfKeyOf type} ]; then
mkdir --parents ${keysFolder}
${generateKeyOf type}
fi
'';
sshd-start = pkgs.writeScriptBin sshd-start-bin ''
#!${pkgs.runtimeShell}
${prefixLines generateKeyWhenNeededOf supportedKeysTypes}
mkdir --parents "${authorizedKeysFolder}"
echo "${lib.concatStringsSep "\n" cfg.authorizedKeys}" > ${authorizedKeysFolder}/${config.user.userName}
echo "Starting sshd in non-daemonized way on port ${lib.concatMapStrings toString cfg.ports}"
${lib.getExe' pkgs.openssh "sshd"} \
-f "/etc/${configPath}" \
-D # don't detach into a daemon process
'';
in {
options = {
tux.services.openssh = {
enable = lib.mkEnableOption ''
Whether to enable the OpenSSH secure shell daemon, which
allows secure remote logins.
'';
ports = lib.mkOption {
type = lib.types.listOf lib.types.port;
default = [22];
description = ''
Specifies on which ports the SSH daemon listens.
'';
};
authorizedKeys = lib.mkOption {
type = lib.types.listOf lib.types.str;
default = [];
description = ''
Specify a list of public keys to be added to the authorized_keys file.
'';
};
};
};
config = lib.mkIf cfg.enable {
environment.etc = {
"${configPath}".text = ''
${prefixLines (port: "Port ${toString port}") cfg.ports}
AuthorizedKeysFile ${authorizedKeysFolder}/%u
LogLevel VERBOSE
'';
};
environment.packages = [
sshd-start
pkgs.openssh
];
build.activationAfter.sshd = ''
SERVER_PID=$(${lib.getExe' pkgs.procps "ps"} -a | ${lib.getExe' pkgs.toybox "grep"} sshd || true)
if [ -z "$SERVER_PID" ]; then
$DRY_RUN_CMD ${lib.getExe sshd-start}
fi
'';
};
}

69
modules/home/alacritty/default.nix
View File

@@ -1,69 +0,0 @@
{...}: {
programs.alacritty = {
enable = true;
settings = {
font = {
normal.family = "JetBrainsMono Nerd Font";
bold.family = "JetBrainsMono Nerd Font";
italic.family = "JetBrainsMono Nerd Font";
bold_italic.family = "JetBrainsMono Nerd Font";
size = 12;
};
window = {
padding = {
x = 15;
y = 15;
};
decorations = "none";
opacity = 1.0;
dynamic_title = true;
};
selection.save_to_clipboard = false;
general.live_config_reload = true;
colors = {
primary = {
background = "#0f0f0f";
foreground = "#a5b6cf";
};
normal = {
black = "#1c1e27";
blue = "#8baff1";
cyan = "#98d3ee";
green = "#95d3af";
magenta = "#c79bf0";
red = "#e26c7c";
white = "#d0d3d8";
yellow = "#f1d8a5";
};
bright = {
black = "#151720";
blue = "#86aaec";
cyan = "#93cee9";
green = "#90ceaa";
magenta = "#c296eb";
red = "#dd6777";
white = "#cbced3";
yellow = "#ecd3a0";
};
cursor = {
cursor = "#a5b6cf";
text = "CellForeground";
};
selection = {
text = "CellForeground";
background = "0x303340";
};
vi_mode_cursor = {
text = "CellBackground";
cursor = "CellForeground";
};
};
};
};
}

44
modules/home/aria2/default.nix
View File

@@ -1,44 +0,0 @@
{...}: {
programs.aria2 = {
enable = true;
settings = {
file-allocation = "none";
log-level = "warn";
max-connection-per-server = 16;
min-split-size = "1M";
human-readable = true;
reuse-uri = true;
rpc-save-upload-metadata = true;
max-file-not-found = 0;
remote-time = true;
async-dns = true;
stop = 0;
allow-piece-length-change = true;
optimize-concurrent-downloads = true;
deferred-input = true;
continue = true;
check-integrity = true;
realtime-chunk-checksum = true;
piece-length = "1M";
split = 16;
# Seconds:
save-session-interval = 60;
# Caches in memory
disk-cache = "32M";
save-not-found = true;
download-result = "full";
truncate-console-readout = true;
retry-wait = 30;
max-tries = 15;
enable-color = true;
enable-http-keep-alive = true;
enable-http-pipelining = true;
http-accept-gzip = true;
follow-torrent = true;
bt-save-metadata = true;
seed-time = 0;
bt-load-saved-metadata = true;
metalink-preferred-protocol = "https";
};
};
}

17
modules/home/bitwarden/default.nix
View File

@@ -1,17 +0,0 @@
{
pkgs,
email,
...
}: {
programs.rbw = {
enable = true;
settings = {
base_url = "https://bw.tux.rs";
email = "${email}";
};
};
home.packages = with pkgs; [
bitwarden
];
}

33
modules/home/brave/default.nix
View File

@@ -1,33 +0,0 @@
{
pkgs,
config,
...
}: let
configDir = "${config.xdg.configHome}/BraveSoftware/Brave-Browser";
extensionJson = ext: {
name = "${configDir}/External Extensions/${ext.id}.json";
value.text = builtins.toJSON {
external_update_url = "https://clients2.google.com/service/update2/crx";
};
};
extensions = [
{id = "nkbihfbeogaeaoehlefnkodbefgpgknn";} # Metamask
{id = "gppongmhjkpfnbhagpmjfkannfbllamg";} # Wappalyzer
{id = "nngceckbapebfimnlniiiahkandclblb";} # Bitwarden
{id = "bfnaelmomeimhlpmgjnjophhpkkoljpa";} # Phantom
{id = "eimadpbcbfnmbkopoojfekhnkhdbieeh";} # DarkReader
];
in {
programs.chromium = {
enable = true;
package = pkgs.brave;
commandLineArgs = [
"--disable-features=WebRtcAllowInputVolumeAdjustment"
"--force-device-scale-factor=1.0"
];
};
home.file = builtins.listToAttrs (map extensionJson extensions);
}

8
modules/home/desktop/awesome/default.nix
View File

@@ -1,8 +0,0 @@
{pkgs, ...}: {
home.file = {
".config/awesome" = {
recursive = true;
source = "${pkgs.tawm}";
};
};
}

298
modules/home/desktop/hyprland/default.nix
View File

@@ -1,298 +0,0 @@
{pkgs, ...}: {
imports = [
./hyprlock.nix
];
home.packages = with pkgs; [ags awww];
wayland.windowManager.hyprland = {
enable = true;
package = null;
portalPackage = null;
xwayland.enable = true;
systemd.variables = ["--all"];
plugins = with pkgs.hyprland-plugins; [
hyprexpo
];
settings = let
# Hyprland
border_size = 0;
gaps_in = 5;
gaps_out = 10;
gaps_ws = -10;
rounding = 8;
active_border_col = "rgba(90ceaaff) rgba(ecd3a0ff) 45deg";
inactive_border_col = "rgba(86aaeccc) rgba(93cee9cc) 45deg";
# Apps
terminal = "wezterm";
floating_terminal = "wezterm start --class wezterm-floating";
editor = "wezterm -e nvim";
browser = "brave --new-window";
spotify = "wezterm start --class wezterm-floating -e spotify_player";
filemanager = "wezterm -e superfile";
in {
# See https://wiki.hyprland.org/Configuring/Multi-GPU
env = "AQ_DRM_DEVICES,/dev/dri/card2";
#-- Output
# See https://wiki.hyprland.org/Configuring/Monitors
monitor = [
"eDP-1,2560x1440@90,0x0,1"
"HDMI-A-1,preferred,0x-1440,1"
];
#-- Input: Keyboard, Mouse, Touchpad
input = {
sensitivity = -0.7;
scroll_method = "2 fg";
touchpad = {
natural_scroll = true;
clickfinger_behavior = false;
};
};
device = {
name = "asue1209:00-04f3:319f-touchpad";
sensitivity = 0;
};
#-- General
# See https://wiki.hyprland.org/Configuring/Variables
general = {
border_size = border_size;
gaps_in = gaps_in;
gaps_out = gaps_out;
gaps_workspaces = gaps_ws;
layout = "master";
resize_on_border = true;
"col.active_border" = active_border_col;
"col.inactive_border" = inactive_border_col;
};
misc = {
disable_hyprland_logo = true;
force_default_wallpaper = 1;
vfr = true;
vrr = 1;
};
ecosystem = {
no_update_news = true;
no_donation_nag = true;
};
#-- Decoration
# See https://wiki.hyprland.org/Configuring/Variables/#decoration
decoration = {
rounding = rounding;
active_opacity = 1.0;
inactive_opacity = 1.0;
fullscreen_opacity = 1.0;
blur = {
enabled = false;
size = 4;
passes = 3;
new_optimizations = true;
xray = false;
special = true;
brightness = 1;
noise = 0.02;
contrast = 1;
popups = true;
popups_ignorealpha = 0.6;
};
shadow = {
enabled = false;
};
};
#-- Animations
# See https://wiki.hyprland.org/Configuring/Animations
animations = {
enabled = true;
bezier = [
"zoom, 0.05, 0.7, 0.1, 1.0"
];
animation = [
"windows, 1, 1, zoom, slide"
"windowsIn, 1, 1, zoom, slide"
"windowsOut, 1, 1, zoom, slidevert"
"windowsMove, 1, 1, zoom, slide"
"fade, 1, 2, zoom"
"workspaces, 1, 1, zoom, slide"
];
};
#-- Layout : Master
# See https://wiki.hyprland.org/Configuring/Master-Layout
master = {
allow_small_split = false;
special_scale_factor = 0.8;
mfact = 0.5;
new_on_top = false;
orientation = "left";
smart_resizing = true;
drop_at_cursor = true;
};
#-- Window Rules
# See https://wiki.hyprland.org/Configuring/Window-Rules
windowrule = [
"float on, center on, size 800 600, match:class org.pulseaudio.pavucontrol"
# Wezterm and Ghostty floating terminal
"float on, center on, size 1200 800, match:class (com.ghostty.floating|wezterm-floating)"
"float on, center on, size 900 700, match:class GalaxyBudsClient"
# KDE Connect
"float on, center on, size 900 700, match:class (org.kde.kdeconnect.sms|org.kde.kdeconnect.app)"
"workspace 7 silent, match:class (discord|org.telegram.desktop)"
];
plugin = {
hyprexpo = {
columns = 3;
gap_size = 5;
bg_col = "rgb(111111)";
workspace_method = "first 1";
gesture_distance = 300;
};
};
gesture = [
"3, horizontal, workspace"
];
bindm = [
"SUPER,mouse:273,resizewindow"
"SUPER,mouse:272,movewindow"
];
bind = [
# apps
"SUPER, Return, exec, ${terminal}"
"SUPER, Space, exec, vicinae toggle"
"SUPER, F, exec, ${filemanager}"
"SUPER, E, exec, ${editor}"
"SUPER, B, exec, ${browser}"
"SUPER, G, exec, GalaxyBudsClient"
"SUPER, D, exec, discord"
"SUPER, T, exec, Telegram"
"SUPER, S, exec, ${spotify}"
"SUPER, V, exec, vicinae vicinae://extensions/vicinae/clipboard/history"
"SUPER_SHIFT, Return, exec, ${floating_terminal}"
"SUPER_SHIFT, S, exec, hypr-screenshot"
"SUPER_SHIFT, W, exec, vicinae vicinae://extensions/sovereign/awww-switcher/wpgrid"
# tpanel
"SUPER_SHIFT, B, exec, ags toggle bar"
"SUPER_SHIFT, C, exec, ags toggle control-center"
"SUPER_SHIFT, R, exec, ags quit; ${pkgs.tpanel}/bin/tpanel"
# hyprland
"SUPER, Q, killactive"
"SUPER, grave, hyprexpo:expo, toggle"
"SUPER_SHIFT, Q, forcekillactive"
"SUPER_SHIFT, F, fullscreen, 0"
"SUPER_SHIFT, Space, exec, hyprctl dispatch togglefloating; hyprctl dispatch resizeactive exact 1200 800; hyprctl dispatch centerwindow;"
"SUPER_SHIFT, P, exec, hyprctl dispatch pin"
# lock
"SUPER_SHIFT, L, exec, hyprlock"
# change focus
"SUPER, left, movefocus, l"
"SUPER, right, movefocus, r"
"SUPER, up, movefocus, u"
"SUPER, down, movefocus, d"
# move active
"SUPER_SHIFT, left, movewindow, l"
"SUPER_SHIFT, right, movewindow, r"
"SUPER_SHIFT, up, movewindow, u"
"SUPER_SHIFT, down, movewindow, d"
# workspaces
"SUPER, 1, workspace, 1"
"SUPER, 2, workspace, 2"
"SUPER, 3, workspace, 3"
"SUPER, 4, workspace, 4"
"SUPER, 5, workspace, 5"
"SUPER, 6, workspace, 6"
"SUPER, 7, workspace, 7"
# send to workspaces
"SUPER_SHIFT, 1, movetoworkspacesilent, 1"
"SUPER_SHIFT, 2, movetoworkspacesilent, 2"
"SUPER_SHIFT, 3, movetoworkspacesilent, 3"
"SUPER_SHIFT, 4, movetoworkspacesilent, 4"
"SUPER_SHIFT, 5, movetoworkspacesilent, 5"
"SUPER_SHIFT, 6, movetoworkspacesilent, 6"
"SUPER_SHIFT, 7, movetoworkspacesilent, 7"
];
workspace = [
"1, monitor:HDMI-A-1, default:true"
"2, monitor:HDMI-A-1"
"3, monitor:HDMI-A-1"
"4, monitor:HDMI-A-1"
"5, monitor:HDMI-A-1"
"6, monitor:eDP-1"
"7, monitor:eDP-1"
];
binde = [
# resize active
"SUPER_CTRL, left, resizeactive, -20 0"
"SUPER_CTRL, right, resizeactive, 20 0"
"SUPER_CTRL, up, resizeactive, 0 -20"
"SUPER_CTRL, down, resizeactive, 0 20"
"SUPER_CTRL, equal, exec, hyprctl dispatch layoutmsg mfact exact 0.5;"
# move active (Floating Only)
"SUPER_ALT, left, moveactive, -20 0"
"SUPER_ALT, right, moveactive, 20 0"
"SUPER_ALT, up, moveactive, 0 -20"
"SUPER_ALT, down, moveactive, 0 20"
"SUPER_ALT, equal, exec, hyprctl dispatch centerwindow;"
# speaker and mic volume control
" , XF86AudioRaiseVolume, exec, wpctl set-volume -l 1 @DEFAULT_AUDIO_SINK@ 10%+"
" , XF86AudioLowerVolume, exec, wpctl set-volume -l 1 @DEFAULT_AUDIO_SINK@ 10%-"
" , XF86AudioMute, exec, wpctl set-mute @DEFAULT_AUDIO_SINK@ toggle"
" , XF86AudioMicMute, exec, wpctl set-mute @DEFAULT_AUDIO_SOURCE@ toggle"
# display and keyboard brightness control
" , XF86MonBrightnessUp, exec, brightnessctl s +20%"
" , XF86MonBrightnessDown, exec, brightnessctl s 20%-"
" , XF86KbdBrightnessUp, exec, asusctl -n"
" , XF86KbdBrightnessDown, exec, asusctl -p"
# performance
" , XF86Launch4, exec, asusctl profile -n"
];
"exec-once" = [
# load hyprland plugins
"hyprctl plugin load '$HYPR_PLUGIN_DIR/lib/libhyprexpo.so'"
"easyeffects --w"
"awww-daemon"
"${pkgs.tpanel}/bin/tpanel"
"kdeconnectd"
"kdeconnect-indicator"
];
};
};
}

47
modules/home/desktop/hyprland/hyprlock.nix
View File

@@ -1,47 +0,0 @@
{
programs.hyprlock = {
enable = true;
settings = {
general = {
hide_cursor = true;
ignore_empty_input = true;
};
animations = {
enabled = true;
fade_in = {
duration = 300;
bezier = "easeOutQuint";
};
fade_out = {
duration = 300;
bezier = "easeOutQuint";
};
};
background = [
{
path = "screenshot";
blur_passes = 3;
blur_size = 8;
}
];
input-field = [
{
size = "200, 50";
position = "0, -80";
monitor = "";
dots_center = true;
fade_on_empty = false;
font_color = "rgb(202, 211, 245)";
inner_color = "rgb(91, 96, 120)";
outer_color = "rgb(24, 25, 38)";
outline_thickness = 5;
placeholder_text = "Password";
shadow_passes = 2;
}
];
};
};
}

19
modules/home/desktop/hyprland/hyprpaper.nix
View File

@@ -1,19 +0,0 @@
{pkgs, ...}: {
services.hyprpaper = {
enable = true;
settings = {
ipc = "on";
splash = false;
splash_offset = 20;
wallpaper = {
monitor = "";
path = "~/Wallpapers/new/sunset-pixel.png";
fit_mode = "";
};
};
};
home.packages = with pkgs; [hyprpaper];
}

214
modules/home/desktop/mango/default.nix
View File

@@ -1,214 +0,0 @@
{inputs, ...}: {
imports = [
inputs.mango.hmModules.mango
];
wayland.windowManager.mango = {
enable = true;
settings = ''
# Monitors
monitorrule = name:eDP-1, width:2560, height:1440, refresh:165, x:0, y:10, vrr:1
monitorrule = name:HDMI-A-1, width:2560, height:1440, refresh:100, x:0, y:-1440, vrr:1
# Keyboard
repeat_rate = 25
repeat_delay = 600
numlockon = 0
xkb_rules_layout = us
# Trackpad
disable_trackpad = 0
tap_to_click = 1
tap_and_drag = 1
drag_lock = 1
trackpad_natural_scrolling = 1
disable_while_typing = 1
left_handed = 0
middle_button_emulation = 0
swipe_min_threshold = 1
# Mouse
mouse_natural_scrolling = 0
accel_profile = 0
# Theme
border_radius = 8
no_radius_when_single = 0
focused_opacity = 1.0
unfocused_opacity = 1.0
# Scroller Layout Setting
scroller_structs = 0
scroller_default_proportion = 0.5
scroller_ignore_proportion_single = 0
scroller_default_proportion_single = 1.0
# Master-Stack Layout Setting
new_is_master = 0
default_mfact = 0.5
default_nmaster = 1
smartgaps = 0
# Overview Setting
hotarea_size = 10
enable_hotarea = 1
ov_tab_mode = 0
overviewgappi = 15
overviewgappo = 15
# layouts
tagrule = id:1, layout_name:tile
tagrule = id:2, layout_name:tile
tagrule = id:3, layout_name:tile
tagrule = id:4, layout_name:tile
tagrule = id:5, layout_name:tile
tagrule = id:6, layout_name:scroller
# Keybindings
mousebind = SUPER, btn_left, moveresize, curmove
mousebind = SUPER, btn_right, moveresize, curresize
gesturebind = none, left, 3, viewtoright_have_client
gesturebind = none, right, 3, viewtoleft_have_client
gesturebind = none, up, 3, toggleoverview
gesturebind = none, down, 3, toggleoverview
# apps
bind = SUPER, Return, spawn, wezterm
bind = SUPER, Space, spawn, vicinae toggle
bind = SUPER, B, spawn, brave
bind = SUPER, V, spawn, vicinae vicinae://extensions/vicinae/clipboard/history
bind = SUPER+SHIFT, W, spawn, vicinae vicinae://extensions/sovereign/awww-switcher/wpgrid
# WM
bind = SUPER, Q, killclient
bind = SUPER+SHIFT, R, reload_config
bind = SUPER+SHIFT, F, togglefullscreen
bind = SUPER+SHIFT, Space, togglefloating
bind = ALT, Tab, toggleoverview
bind = ALT+SHIFT, minus, incgaps, -1
bind = ALT+SHIFT, equal, incgaps, 1
bind = ALT+SHIFT, R, togglegaps
# switch layout
bind = SUPER+SHIFT, H, setlayout, tile
bind = SUPER+SHIFT, V, setlayout, vertical_tile
bind = SUPER+SHIFT, S, setlayout, scroller
# resize client
bind = SUPER+CTRL, Up, resizewin, +0, -50
bind = SUPER+CTRL, Down, resizewin, +0, +50
bind = SUPER+CTRL, Left, resizewin, -50, +0
bind = SUPER+CTRL, Right, resizewin, +50, +0
# swap client
bind = SUPER+SHIFT, Up, exchange_client, up
bind = SUPER+SHIFT, Down, exchange_client, down
bind = SUPER+SHIFT, Left, exchange_client, left
bind = SUPER+SHIFT, Right, exchange_client, right
# switch client focus
bind = SUPER, Tab, focusstack, next
bind = SUPER, Left, focusdir, left
bind = SUPER, Right, focusdir, right
bind = SUPER, Up, focusdir, up
bind = SUPER, Down, focusdir, down
# switch view
bind = SUPER, 1, view, 1, 0
bind = SUPER, 2, view, 2, 0
bind = SUPER, 3, view, 3, 0
bind = SUPER, 4, view, 4, 0
bind = SUPER, 5, view, 5, 0
bind = SUPER, 6, view, 6, 0
# move client to the tag with focus
bind = SUPER+SHIFT, 1, tagsilent, 1, 0
bind = SUPER+SHIFT, 2, tagsilent, 2, 0
bind = SUPER+SHIFT, 3, tagsilent, 3, 0
bind = SUPER+SHIFT, 4, tagsilent, 4, 0
bind = SUPER+SHIFT, 5, tagsilent, 5, 0
bind = SUPER+SHIFT, 6, tagsilent, 6, 0
# move client to the tag without focus
bind = SUPER+ALT, 1, tag, 1, 0
bind = SUPER+ALT, 2, tag, 2, 0
bind = SUPER+ALT, 3, tag, 3, 0
bind = SUPER+ALT, 4, tag, 4, 0
bind = SUPER+ALT, 5, tag, 5, 0
bind = SUPER+ALT, 6, tag, 6, 0
# Window effect
blur = 0
blur_layer = 0
blur_optimized = 1
blur_params_num_passes = 2
blur_params_radius = 5
blur_params_noise = 0.02
blur_params_brightness = 0.9
blur_params_contrast = 0.9
blur_params_saturation = 1.2
shadows = 0
layer_shadows = 0
shadow_only_floating = 1
shadows_size = 10
shadows_blur = 15
shadows_position_x = 0
shadows_position_y = 0
shadowscolor = 0x000000ff
# Animation
animations = 1
layer_animations = 1
animation_type_open = slide
animation_type_close = fade
animation_fade_in = 1
animation_fade_out = 1
tag_animation_direction = 1
zoom_initial_ratio = 0.3
zoom_end_ratio = 0.8
fadein_begin_opacity = 0.5
fadeout_begin_opacity = 0.8
animation_duration_move = 100
animation_duration_open = 100
animation_duration_close = 100
animation_duration_tag = 200
animation_duration_focus = 0
animation_curve_open = 0.46, 1.0, 0.29, 1
animation_curve_move = 0.46, 1.0, 0.29, 1
animation_curve_tag = 0.46, 1.0, 0.29, 1
animation_curve_close = 0.08, 0.92, 0, 1
animation_curve_focus = 0.46, 1.0, 0.29, 1
animation_curve_opafadeout = 0.5, 0.5, 0.5, 0.5
animation_curve_opafadein = 0.46, 1.0, 0.29, 1
# Appearance
borderpx = 0
gappih = 10
gappiv = 10
gappoh = 10
gappov = 10
rootcolor = 0x201b14ff
bordercolor = 0x444444ff
focuscolor = 0xc9b890ff
maximizescreencolor = 0x89aa61ff
urgentcolor = 0xad401fff
scratchpadcolor = 0x516c93ff
globalcolor = 0xb153a7ff
overlaycolor = 0x14a57cff
# Misc
adaptive_sync = 1
syncobj_enable = 1
exec-once = awww-daemon
exec-once = kdeconnectd
exec-once = kdeconnect-indicator
exec-once = dbus-update-activation-environment --systemd --all; systemctl --user reset-failed && systemctl --user start mango-session.target
'';
};
}

317
modules/home/desktop/rofi/default.nix
View File

@@ -1,317 +0,0 @@
{config, ...}: {
programs.rofi = {
enable = true;
extraConfig = {
terminal = "alacritty";
modes = "combi,keys";
display-window = "window";
display-drun = "run";
display-windowcd = "windowcd";
display-run = "run";
display-ssh = "ssh";
display-combi = "combi";
display-keys = "keys";
display-filebrowser = "filebrowser";
combi-modes = "window,drun";
combi-hide-mode-prefix = false;
combi-display-format = "<i>{mode}</i> {text}";
window-format = "<span fgalpha='65%'>[{w=-1}] </span><b>{c=-1}</b> <span weight='light' fgalpha='65%' size='small'>{t=-1}</span>";
window-thumbnail = false;
drun-url-launcher = "xdg-open";
drun-match-fields = "name,generic,exec,categories,keywords";
drun-display-format = "<b>{name}</b>[ <span weight='light' size='small'><i>({generic})</i></span>][ <span weight='light' fgalpha='65%' size='small'>{exec}</span>]";
drun-show-actions = true;
run-command = "{cmd}";
run-list-command = "";
run-shell-command = "{terminal} -e {cmd}";
matching = "normal";
font = "JetBrains Mono 11";
show-icons = true;
scroll-method = 0;
cycle = false;
fixed-num-lines = false;
};
theme = let
inherit (config.lib.formats.rasi) mkLiteral;
in {
"*" = {
font = "JetBrains Mono 11";
black = mkLiteral "#1d1f21";
white = mkLiteral "#c5c8c6";
red = mkLiteral "#cc6666";
orange = mkLiteral "#de935f";
yellow = mkLiteral "#f0c674";
green = mkLiteral "#7cb36b";
cyan = mkLiteral "#78bab9";
blue = mkLiteral "#81a2be";
magenta = mkLiteral "#b294bb";
black-bright = mkLiteral "#3c4044";
white-bright = mkLiteral "#eaeaea";
red-bright = mkLiteral "#d54e53";
orange-bright = mkLiteral "#e78c45";
yellow-bright = mkLiteral "#e7c547";
green-bright = mkLiteral "#71c464";
cyan-bright = mkLiteral "#6acdcc";
blue-bright = mkLiteral "#7aa6da";
magenta-bright = mkLiteral "#c397d8";
black-66 = mkLiteral "#131415";
white-66 = mkLiteral "#828382";
red-66 = mkLiteral "#864343";
orange-66 = mkLiteral "#92613e";
yellow-66 = mkLiteral "#9e824c";
green-66 = mkLiteral "#517646";
cyan-66 = mkLiteral "#4f7a7a";
blue-66 = mkLiteral "#556a7d";
magenta-66 = mkLiteral "#75617b";
black-33 = mkLiteral "#090a0a";
white-33 = mkLiteral "#414141";
red-33 = mkLiteral "#432121";
orange-33 = mkLiteral "#49301f";
yellow-33 = mkLiteral "#4f4126";
green-33 = mkLiteral "#283b23";
cyan-33 = mkLiteral "#273d3d";
blue-33 = mkLiteral "#2a353e";
magenta-33 = mkLiteral "#3a303d";
common-background = mkLiteral "@black";
common-background-bright = mkLiteral "@black-bright";
common-background-66 = " @black-66";
common-foreground = mkLiteral "@white";
common-foreground-bright = mkLiteral "@white-bright";
common-foreground-66 = mkLiteral "@white-66";
common-primary = mkLiteral "@yellow";
common-primary-bright = mkLiteral "@yellow-bright";
common-primary-66 = mkLiteral "@yellow-66";
common-primary-33 = mkLiteral "@yellow-33";
common-secondary = mkLiteral "@blue";
common-secondary-bright = mkLiteral "@blue-bright";
common-secondary-66 = mkLiteral "@blue-66";
common-secondary-33 = mkLiteral "@blue-33";
common-urgent = mkLiteral "@red";
common-urgent-bright = mkLiteral "@red-bright";
common-urgent-66 = mkLiteral "@red-66";
common-urgent-33 = mkLiteral "@red-33";
background-color = mkLiteral "transparent";
normal-normal-background = mkLiteral "transparent";
normal-normal-foreground = mkLiteral "@common-foreground";
normal-normal-border-color = mkLiteral "transparent";
normal-active-background = mkLiteral "transparent";
normal-active-foreground = mkLiteral "@common-secondary-bright";
normal-active-border-color = mkLiteral "transparent";
normal-urgent-background = mkLiteral "transparent";
normal-urgent-foreground = mkLiteral "@common-urgent-bright";
normal-urgent-border-color = mkLiteral "transparent";
selected-normal-background = mkLiteral "@common-primary-33";
selected-normal-foreground = mkLiteral "@common-primary-bright";
selected-normal-border-color = mkLiteral "@common-primary-66";
selected-active-background = mkLiteral "@common-secondary-33";
selected-active-foreground = mkLiteral "@common-secondary-bright";
selected-active-border-color = mkLiteral "@common-secondary-66";
selected-urgent-background = mkLiteral "@common-urgent-33";
selected-urgent-foreground = mkLiteral "@common-urgent-bright";
selected-urgent-border-color = mkLiteral "@common-urgent-66";
alternate-normal-background = mkLiteral "@normal-normal-background";
alternate-normal-foreground = mkLiteral "@normal-normal-foreground";
alternate-normal-border-color = mkLiteral "@normal-normal-border-color";
alternate-active-background = mkLiteral "@normal-active-background";
alternate-active-foreground = mkLiteral "@normal-active-foreground";
alternate-active-border-color = mkLiteral "@normal-active-border-color";
alternate-urgent-background = mkLiteral "@normal-urgent-background";
alternate-urgent-foreground = mkLiteral "@normal-urgent-foreground";
alternate-urgent-border-color = mkLiteral "@normal-urgent-border-color";
};
"window" = {
background-color = mkLiteral "#1d1f21e6"; #// @black + 0.85 alpha
border = 3;
border-color = mkLiteral "@black-bright";
border-radius = 16;
width = 1024;
height = 460;
};
"mainbox" = {
padding = 16;
spacing = 16;
};
"inputbar" = {
background-color = mkLiteral "#333537"; #// @black-110
border = 1;
border-color = mkLiteral "#606263"; #// @black-130
border-radius = 8;
padding = mkLiteral "12 16";
spacing = 0;
text-color = mkLiteral "@common-foreground";
children = mkLiteral "[ entry, case-indicator, num-filtered-rows, textbox-num-sep, num-rows ]";
};
"prompt" = {
background-color = mkLiteral "transparent";
text-color = mkLiteral "@common-foreground-bright";
spacing = 0;
text-transform = mkLiteral "bold";
};
"textbox-prompt-colon" = {
background-color = mkLiteral "transparent";
text-color = mkLiteral "inherit";
margin = mkLiteral "0 0.3em 0 0";
expand = false;
str = "=";
};
"entry" = {
background-color = mkLiteral "transparent";
text-color = mkLiteral "@common-foreground-bright";
cursor = "text";
placeholder-color = mkLiteral "@common-foreground-66";
placeholder = "Type to filter";
};
"case-indicator" = {
background-color = mkLiteral "transparent";
text-color = mkLiteral "inherit";
};
"num-filtered-rows" = {
background-color = mkLiteral "transparent";
text-color = mkLiteral "inherit";
expand = false;
};
"textbox-num-sep" = {
background-color = mkLiteral "transparent";
text-color = mkLiteral "inherit";
expand = false;
str = "/";
};
"num-rows" = {
background-color = mkLiteral "transparent";
text-color = mkLiteral "inherit";
expand = false;
};
"message" = {
background-color = mkLiteral "@cyan-33";
border = 1;
border-color = mkLiteral "@cyan-66";
border-radius = 8;
padding = 16;
};
"textbox" = {
background-color = mkLiteral "transparent";
text-color = mkLiteral "@cyan-bright";
};
"listview" = {
dynamic = true;
scrollbar = true;
spacing = 0;
};
"scrollbar" = {
background-color = mkLiteral "transparent";
padding = 0;
margin = mkLiteral "0 0 0 4";
handle-width = 8;
border = 0;
handle-color = mkLiteral "#626463"; #// @white-50
};
"element" = {
border = 1;
border-radius = 8;
padding = mkLiteral "6 12";
margin = mkLiteral "1 0";
spacing = 12;
children = mkLiteral "[ element-icon, element-text ]";
};
"element-icon" = {
background-color = mkLiteral "transparent";
text-color = mkLiteral "inherit";
size = mkLiteral "1.0em";
cursor = mkLiteral "inherit";
};
"element-text" = {
background-color = mkLiteral "transparent";
text-color = mkLiteral "inherit";
highlight = mkLiteral "inherit";
cursor = mkLiteral "inherit";
};
"element normal.normal" = {
background-color = mkLiteral "@normal-normal-background";
text-color = mkLiteral "@normal-normal-foreground";
border-color = mkLiteral "@normal-normal-border-color";
};
"element normal.urgent" = {
background-color = mkLiteral "@normal-urgent-background";
text-color = mkLiteral "@normal-urgent-foreground";
border-color = mkLiteral "@normal-urgent-border-color";
};
"element normal.active" = {
background-color = mkLiteral "@normal-active-background";
text-color = mkLiteral "@normal-active-foreground";
border-color = mkLiteral "@normal-active-border-color";
};
"element selected.normal" = {
background-color = mkLiteral "@selected-normal-background";
text-color = mkLiteral "@selected-normal-foreground";
border-color = mkLiteral "@selected-normal-border-color";
};
"element selected.urgent" = {
background-color = mkLiteral "@selected-urgent-background";
text-color = mkLiteral "@selected-urgent-foreground";
border-color = mkLiteral "@selected-urgent-border-color";
};
"element selected.active" = {
background-color = mkLiteral "@selected-active-background";
text-color = mkLiteral "@selected-active-foreground";
border-color = mkLiteral "@selected-active-border-color";
};
"element alternate.normal" = {
background-color = mkLiteral "@alternate-normal-background";
text-color = mkLiteral "@alternate-normal-foreground";
border-color = mkLiteral "@alternate-normal-border-color";
};
"element alternate.urgent" = {
background-color = mkLiteral "@alternate-urgent-background";
text-color = mkLiteral "@alternate-urgent-foreground";
border-color = mkLiteral "@alternate-urgent-border-color";
};
"element alternate.active" = {
background-color = mkLiteral "@alternate-active-background";
text-color = mkLiteral "@alternate-active-foreground";
border-color = mkLiteral "@alternate-active-border-color";
};
};
};
}

32
modules/home/desktop/utils/default.nix
View File

@@ -1,32 +0,0 @@
{pkgs, ...}: {
programs.satty = {
enable = true;
settings = {
general = {
corner-roundness = 12;
initial-tool = "arrow";
early-exit = true;
copy-command = "wl-copy";
};
font = {
family = "JetBrainsMono NerdFont";
};
};
};
home.packages = with pkgs; [
grim
slurp
hyprshot
wl-clipboard
wl-screenrec
(writeShellScriptBin "hypr-screenshot" ''
hyprshot -m region -r ppm - | satty --filename -
'')
(writeShellScriptBin "hypr-screenrecord" ''
wl-screenrec -g "$(slurp)"
'')
];
}

70
modules/home/desktop/vicinae/default.nix
View File

@@ -1,70 +0,0 @@
{
pkgs,
config,
...
}: {
programs.vicinae = {
enable = true;
systemd = {
enable = true;
autoStart = true;
};
useLayerShell = true;
extensions = with pkgs.vicinae-extensions; [
bluetooth
nix
ssh
awww-switcher
process-manager
pulseaudio
wifi-commander
port-killer
silverbullet
];
settings = {
close_on_focus_loss = false;
consider_preedit = true;
pop_to_root_on_close = true;
favicon_service = "twenty";
search_files_in_root = true;
font = {
normal = {
size = 10;
family = "JetBrainsMono Nerd Font";
};
};
theme = {
light = {
name = "vicinae-light";
icon_theme = "default";
};
dark = {
name = "vicinae-dark";
icon_theme = "default";
};
};
launcher_window = {
opacity = 0.98;
};
imports = ["/run/secrets/vicinae.json"];
providers = {
"@samlinville/store.raycast.tailscale" = {
"preferences" = {
"tailscalePath" = "${pkgs.tailscale}/bin/tailscale";
};
};
"@sovereign/vicinae-extension-awww-switcher-0" = {
"preferences" = {
"transitionDuration" = "1";
"transitionType" = "center";
"wallpaperPath" = "/home/tux/Wallpapers/";
};
};
};
};
};
}

338
modules/home/desktop/waybar/default.nix
View File

@@ -1,338 +0,0 @@
{...}: {
programs = {
waybar = {
enable = true;
settings = {
mainBar = {
position = "top";
layer = "top";
height = 35;
margin-top = 0;
margin-bottom = 0;
margin-left = 0;
margin-right = 0;
exclusive = true;
passthrough = false;
modules-left = [
"custom/l_end"
"cpu"
"memory"
"custom/r_end"
];
modules-center = [
"custom/l_end"
"hyprland/workspaces"
"custom/r_end"
];
modules-right = [
"custom/l_end"
"network"
"bluetooth"
"battery"
"tray"
"custom/r_end"
];
"hyprland/workspaces" = {
"disable-scroll" = true;
"all-outputs" = true;
"active-only" = false;
"on-click" = "activate";
"persistent-workspaces" = {
"1" = [];
"2" = [];
"3" = [];
"4" = [];
};
};
"network" = {
"tooltip" = true;
"format-wifi" = " <span foreground='#99ffdd'> {bandwidthDownBytes}</span> <span foreground='#ffcc66'> {bandwidthUpBytes}</span>";
"format-ethernet" = "󰈀 <span foreground='#99ffdd'> {bandwidthDownBytes}</span> <span foreground='#ffcc66'> {bandwidthUpBytes}</span>";
"tooltip-format" = "Network= <big><b>{essid}</b></big>\nSignal strength= <b>{signaldBm}dBm ({signalStrength}%)</b>\nFrequency= <b>{frequency}MHz</b>\nInterface= <b>{ifname}</b>\nIP= <b>{ipaddr}/{cidr}</b>\nGateway= <b>{gwaddr}</b>\nNetmask= <b>{netmask}</b>";
"format-linked" = "󰈀 {ifname} (No IP)";
"format-disconnected" = "󰖪 ";
"tooltip-format-disconnected" = "Disconnected";
"interval" = 2;
};
"battery" = {
"states" = {
"good" = 95;
"warning" = 30;
"critical" = 20;
};
"format" = "{icon} {capacity}%";
"format-charging" = " {capacity}%";
"format-plugged" = " {capacity}%";
"format-alt" = "{time} {icon}";
"format-icons" = ["󰂎" "󰁺" "󰁻" "󰁼" "󰁽" "󰁾" "󰁿" "󰂀" "󰂁" "󰂂" "󰁹"];
};
"bluetooth" = {
"format" = "";
"format-disabled" = "";
"format-connected" = " {num_connections}";
"format-connected-battery" = "{icon} {num_connections}";
# "format-connected-battery"= "{icon} {device_alias}-{device_battery_percentage}%";
"format-icons" = ["󰥇" "󰤾" "󰤿" "󰥀" "󰥁" "󰥂" "󰥃" "󰥄" "󰥅" "󰥆" "󰥈"];
# "format-device-preference"= [ "device1"; "device2" ]; // preference list deciding the displayed device If this config option is not defined or none of the devices in the list are connected; it will fall back to showing the last connected device.
"tooltip-format" = "{controller_alias}\n{num_connections} connected";
"tooltip-format-connected" = "{controller_alias}\n{num_connections} connected\n\n{device_enumerate}";
"tooltip-format-enumerate-connected" = "{device_alias}";
"tooltip-format-enumerate-connected-battery" = "{device_alias}\t{icon} {device_battery_percentage}%";
};
"memory" = {
"states" = {
"c" = 90; # critical
"h" = 60; # high
"m" = 30; # medium
};
"interval" = 30;
"format" = "󰾆 {used}GB";
"format-m" = "󰾅 {used}GB";
"format-h" = "󰓅 {used}GB";
"format-c" = " {used}GB";
"format-alt" = "󰾆 {percentage}%";
"max-length" = 10;
"tooltip" = true;
"tooltip-format" = "󰾆 {percentage}%\n {used=0.1f}GB/{total=0.1f}GB";
};
"cpu" = {
"interval" = 10;
"format" = "󰍛 {usage}%";
"format-alt" = "{icon0}{icon1}{icon2}{icon3}";
"format-icons" = ["" "" "" "" "" "" "" ""];
};
"tray" = {
"icon-size" = 14;
"spacing" = 5;
};
"custom/l_end" = {
"format" = " ";
"interval" = "once";
"tooltip" = false;
};
"custom/r_end" = {
"format" = " ";
"interval" = "once";
"tooltip" = false;
};
"custom/sl_end" = {
"format" = " ";
"interval" = "once";
"tooltip" = false;
};
"custom/sr_end" = {
"format" = " ";
"interval" = "once";
"tooltip" = false;
};
"custom/rl_end" = {
"format" = " ";
"interval" = "once";
"tooltip" = false;
};
"custom/rr_end" = {
"format" = " ";
"interval" = "once";
"tooltip" = false;
};
"custom/padd" = {
"format" = " ";
"interval" = "once";
"tooltip" = false;
};
};
};
style = let
bar_bg = "rgba(23, 28, 34, 0.95)";
main_bg = "#101419";
main_fg = "#93cee9";
wb_act_bg = "#90ceaa";
wb_act_fg = "#1f2328";
wb_hvr_bg = "#90ceaa";
wb_hvr_fg = "#1f2328";
in ''
* {
border: none;
border-radius: 0px;
font-family: "JetBrainsMono Nerd Font";
font-weight: bold;
font-size: 20px;
min-height: 10px;
}
window#waybar {
background: ${bar_bg};
}
tooltip {
background: ${main_bg};
color: ${main_fg};
border-radius: 7px;
border-width: 0px;
}
#workspaces button {
box-shadow: none;
text-shadow: none;
padding: 0px;
border-radius: 9px;
margin-top: 3px;
margin-bottom: 3px;
margin-left: 0px;
padding-left: 3px;
padding-right: 3px;
margin-right: 0px;
color: ${main_fg};
animation: ws_normal 20s ease-in-out 1;
}
#workspaces button.active {
background: ${wb_act_bg};
color: ${wb_act_fg};
margin-left: 3px;
padding-left: 12px;
padding-right: 12px;
margin-right: 3px;
animation: ws_active 20s ease-in-out 1;
transition: all 0.4s cubic-bezier(.55,-0.68,.48,1.682);
}
#workspaces button:hover {
background: ${wb_hvr_bg};
color: ${wb_hvr_fg};
animation: ws_hover 20s ease-in-out 1;
transition: all 0.3s cubic-bezier(.55,-0.68,.48,1.682);
}
#taskbar button {
box-shadow: none;
text-shadow: none;
padding: 0px;
border-radius: 9px;
margin-top: 3px;
margin-bottom: 3px;
margin-left: 0px;
padding-left: 3px;
padding-right: 3px;
margin-right: 0px;
color: @wb-color;
animation: tb_normal 20s ease-in-out 1;
}
#taskbar button.active {
background: ${wb_act_bg};
color: @wb-act-color;
margin-left: 3px;
padding-left: 12px;
padding-right: 12px;
margin-right: 3px;
animation: tb_active 20s ease-in-out 1;
transition: all 0.4s cubic-bezier(.55,-0.68,.48,1.682);
}
#taskbar button:hover {
background: ${wb_hvr_bg};
color: @wb-hvr-color;
animation: tb_hover 20s ease-in-out 1;
transition: all 0.3s cubic-bezier(.55,-0.68,.48,1.682);
}
#backlight,
#battery,
#bluetooth,
#custom-cliphist,
#clock,
#custom-cpuinfo,
#cpu,
#custom-gpuinfo,
#idle_inhibitor,
#language,
#memory,
#custom-mode,
#mpris,
#network,
#custom-power,
#pulseaudio,
#custom-spotify,
#taskbar,
#tray,
#custom-updates,
#custom-wallchange,
#custom-wbar,
#window,
#workspaces,
#custom-l_end,
#custom-r_end,
#custom-sl_end,
#custom-sr_end,
#custom-rl_end,
#custom-rr_end {
color: ${main_fg};
background: ${main_bg};
opacity: 1;
margin: 4px 0px 4px 0px;
padding-left: 4px;
padding-right: 4px;
}
#workspaces,
#taskbar {
padding: 0px;
}
#custom-r_end {
border-radius: 0px 21px 21px 0px;
margin-right: 9px;
padding-right: 3px;
}
#custom-l_end {
border-radius: 21px 0px 0px 21px;
margin-left: 9px;
padding-left: 3px;
}
#custom-sr_end {
border-radius: 0px;
margin-right: 9px;
padding-right: 3px;
}
#custom-sl_end {
border-radius: 0px;
margin-left: 9px;
padding-left: 3px;
}
#custom-rr_end {
border-radius: 0px 7px 7px 0px;
margin-right: 9px;
padding-right: 3px;
}
#custom-rl_end {
border-radius: 7px 0px 0px 7px;
margin-left: 9px;
padding-left: 3px;
}
'';
};
};
}

40
modules/home/discord/default.nix
View File

@@ -1,40 +0,0 @@
{inputs, ...}: {
imports = [
inputs.nixcord.homeModules.nixcord
];
programs.nixcord = {
enable = true;
vesktop.enable = true;
dorion.enable = true;
config = {
themeLinks = [
"https://raw.githubusercontent.com/refact0r/system24/refs/heads/main/archive/flavors/spotify-text.theme.css"
];
frameless = true;
plugins = {
hideMedia.enable = true;
ignoreActivities = {
enable = true;
ignorePlaying = true;
ignoreWatching = true;
};
};
};
dorion = {
theme = "dark";
zoom = "1.1";
blur = "acrylic";
sysTray = true;
openOnStartup = true;
autoClearCache = true;
disableHardwareAccel = false;
rpcServer = true;
rpcProcessScanner = true;
pushToTalk = true;
pushToTalkKeys = ["RControl"];
desktopNotifications = true;
unreadBadge = true;
};
};
}

3
modules/home/easyeffects/default.nix
View File

@@ -1,3 +0,0 @@
{...}: {
services.easyeffects.enable = true;
}

69
modules/home/fastfetch/default.nix
View File

@@ -1,69 +0,0 @@
{...}: {
home.file.".config/fastfetch/config.jsonc".text = ''
{
"$schema": "https://github.com/fastfetch-cli/fastfetch/raw/dev/doc/json_schema.json",
"logo": {
"type": "none",
},
"display": {
"separator": " ",
"key": {
"width": 18,
},
},
"modules": [
{
"key": " ",
"type": "custom",
},
{
"key": " \u001b[11D{#31} user",
"type": "title",
"format": "{1}",
},
{
"key": " \u001b[11D{#34} hname",
"type": "command",
"text": "hostname",
},
{
"key": " \u001b[11D{#34}󰻀 distro",
"type": "os",
},
{
"key": " \u001b[11D{#35}󰌢 kernel",
"type": "kernel",
},
{
"key": " \u001b[11D{#31} uptime",
"type": "uptime",
},
{
"key": " \u001b[11D{#32} shell",
"type": "shell",
},
{
"key": " \u001b[11D{#35} memory",
"type": "memory",
},
{
"key": " ",
"type": "custom",
},
{
"key": " \u001b[11D{#39} colors",
"type": "colors",
"symbol": "circle",
},
{
"key": " ",
"type": "custom",
},
],
}
'';
programs.fastfetch = {
enable = true;
};
}

73
modules/home/firefox/default.nix
View File

@@ -1,73 +0,0 @@
{
pkgs,
username,
...
}: {
home.file.".mozilla/firefox/${username}/chrome".source = pkgs.firefox-mod-blur;
programs.firefox = {
enable = true;
package = pkgs.firefox.override {
extraPolicies = {
CaptivePortal = false;
DisableFirefoxStudies = true;
DisablePocket = true;
DisableTelemetry = true;
DisableFirefoxAccounts = false;
NoDefaultBookmarks = true;
OfferToSaveLogins = false;
OfferToSaveLoginsDefault = false;
PasswordManagerEnabled = false;
FirefoxHome = {
Search = true;
Pocket = false;
Snippets = false;
TopSites = false;
Highlights = false;
};
UserMessaging = {
ExtensionRecommendations = false;
SkipOnboarding = true;
};
};
};
profiles = {
${username} = {
id = 0;
name = "tux";
search = {
force = true;
default = "google";
};
settings = {
"general.smoothScroll" = true;
"extensions.activeThemeID" = "firefox-compact-dark@mozilla.org";
"layout.css.prefers-color-scheme.content-override" = 0;
"browser.compactmode.show" = true;
"browser.tabs.firefox-view" = false;
"browser.bookmarks.addedImportButton" = false;
"extensions.pocket.enabled" = false;
"browser.fullscreen.autohide" = false;
};
extraConfig = ''
user_pref("toolkit.legacyUserProfileCustomizations.stylesheets", true);
user_pref("full-screen-api.ignore-widgets", true);
user_pref("media.ffmpeg.vaapi.enabled", true);
user_pref("media.rdd-vpx.enabled", true);
'';
extensions.packages = with pkgs.nur.repos.rycee.firefox-addons; [
ublock-origin
facebook-container
metamask
darkreader
bitwarden
wappalyzer
clearurls
];
};
};
};
}

46
modules/home/floorp/default.nix
View File

@@ -1,46 +0,0 @@
{
username,
pkgs,
...
}: {
programs.floorp = {
enable = true;
profiles = {
${username} = {
id = 0;
name = "${username}";
search = {
force = true;
default = "Google";
};
settings = {
"general.smoothScroll" = true;
"extensions.activeThemeID" = "firefox-compact-dark@mozilla.org";
"layout.css.prefers-color-scheme.content-override" = 0;
"browser.compactmode.show" = true;
"browser.tabs.firefox-view" = false;
"browser.bookmarks.addedImportButton" = false;
"extensions.pocket.enabled" = false;
"browser.fullscreen.autohide" = false;
};
extraConfig = ''
user_pref("toolkit.legacyUserProfileCustomizations.stylesheets", true);
user_pref("full-screen-api.ignore-widgets", true);
user_pref("media.ffmpeg.vaapi.enabled", true);
user_pref("media.rdd-vpx.enabled", true);
'';
extensions.packages = with pkgs.nur.repos.rycee.firefox-addons; [
ublock-origin
facebook-container
metamask
darkreader
bitwarden
wappalyzer
clearurls
];
};
};
};
}

40
modules/home/ghostty/default.nix
View File

@@ -1,40 +0,0 @@
{pkgs, ...}: {
home.file = {
".config/ghostty/config" = {
text = ''
confirm-close-surface = false
gtk-titlebar = false
window-padding-x = 10
window-padding-y = 10
background-opacity = 0.9
font-size = 12
palette = 0=#252b37
palette = 1=#d0679d
palette = 2=#5de4c7
palette = 3=#fffac2
palette = 4=#89ddff
palette = 5=#fae4fc
palette = 6=#add7ff
palette = 7=#ffffff
palette = 8=#a6accd
palette = 9=#d0679d
palette = 10=#5de4c7
palette = 11=#fffac2
palette = 12=#add7ff
palette = 13=#89ddff
palette = 14=#fcc5e9
palette = 15=#ffffff
background = #0f0f0f
foreground = #a6accd
cursor-color = #f2eacf
selection-background = #1a1a1a
selection-foreground = #f1f1f1
'';
};
};
home.packages = with pkgs; [
ghostty
];
}

22
modules/home/git/default.nix
View File

@@ -1,22 +0,0 @@
{
email,
username,
...
}: {
programs.git = {
enable = true;
signing = {
key = "~/.ssh/id_ed25519.pub";
signByDefault = true;
};
settings = {
user = {
name = "${username}";
email = "${email}";
};
init.defaultBranch = "main";
commit.gpgSign = true;
gpg.format = "ssh";
};
};
}

37
modules/home/helix/default.nix
View File

@@ -1,37 +0,0 @@
{pkgs, ...}: {
programs.helix = {
enable = true;
settings = {
theme = "gruvbox";
editor = {
line-number = "relative";
cursorline = true;
color-modes = true;
bufferline = "multiple";
"cursor-shape" = {
insert = "bar";
normal = "block";
select = "underline";
};
};
};
languages = {
language = [
{
name = "nix";
auto-format = true;
}
];
language-server = {
nil = {
command = "${pkgs.nil}/bin/nil";
config.nil.formatting = {
command = "${pkgs.alejandra}/bin/alejandra";
};
};
};
};
};
}

6
modules/home/kdeconnect/default.nix
View File

@@ -1,6 +0,0 @@
{...}: {
services.kdeconnect = {
enable = true;
indicator = true;
};
}

19
modules/home/lan-mouse/default.nix
View File

@@ -1,19 +0,0 @@
{inputs, ...}: {
imports = [
inputs.lan-mouse.homeManagerModules.default
];
programs.lan-mouse = {
enable = true;
systemd = true;
settings = {
# release_bind = ["KeyA" "KeyS" "KeyD" "KeyF"];
port = 4242;
authorized_fingerprints = {
"30:66:b3:95:dc:6b:55:a4:9f:30:31:9c:3e:4d:70:03:33:c3:f0:6f:df:31:35:58:36:6e:80:2f:32:b2:ce:48" = "pc";
};
};
};
}

5
modules/home/librewolf/default.nix
View File

@@ -1,5 +0,0 @@
{...}: {
programs.librewolf = {
enable = true;
};
}

38
modules/home/mopidy/default.nix
View File

@@ -1,38 +0,0 @@
{pkgs, ...}: {
programs.ncmpcpp = {
enable = true;
package = pkgs.ncmpcpp.override {
visualizerSupport = true;
clockSupport = true;
};
mpdMusicDir = "~/Music/";
settings = {
mpd_host = "127.0.0.1";
mpd_port = 6600;
mpd_connection_timeout = 20;
visualizer_data_source = "localhost:5555";
visualizer_fps = 60;
visualizer_output_name = "feed";
visualizer_in_stereo = "yes";
visualizer_type = "spectrum";
visualizer_look = "";
visualizer_spectrum_smooth_look = "yes";
song_status_format = "$b$7 $2%a $4$3 $8%t $4$3 $5%b ";
header_visibility = "no";
color1 = "white";
color2 = "green";
};
};
services.mopidy = {
enable = true;
extensionPackages = with pkgs; [
mopidy-mpd
mopidy-spotify
mopidy-soundcloud
mopidy-iris
];
};
}

40
modules/home/nvim/default.nix
View File

@@ -1,40 +0,0 @@
{pkgs, ...}: {
home.file = {
".config/nvim" = {
recursive = true;
source = "${pkgs.tnvim}";
};
};
programs = {
neovim = {
enable = true;
defaultEditor = true;
vimAlias = true;
withPython3 = true;
withNodeJs = true;
};
};
home = {
packages = with pkgs; [
gcc
neovide
# nix
nil # Language Server
statix # Lints and suggestions
deadnix # Find and remove unused
alejandra # Code Formatter
# lua
luarocks
# ts
typescript
gdu
ripgrep
];
};
}

64
modules/home/picom/default.nix
View File

@@ -1,64 +0,0 @@
{pkgs, ...}: {
services.picom = {
enable = true;
package = pkgs.picom;
backend = "glx";
vSync = true;
fade = true;
fadeDelta = 10;
fadeSteps = [0.05 0.05];
fadeExclude = [
"window_type *= 'menu'"
];
activeOpacity = 1;
inactiveOpacity = 1;
opacityRules = [
"90:class_g = 'rofi'"
"90:class_g = 'thunar'"
"90:class_g = 'spotify'"
"90:class_g = 'discord'"
"90:class_g = 'code'"
"90:class_g = 'org.wezfurlong.wezterm'"
"90:class_g = 'wezterm-floating'"
];
settings = {
glx-no-stencil = true;
glx-copy-from-font = false;
use-damage = false;
frame-opacity = 1;
blur-background = true;
blur-method = "dual_kawase";
blur-strength = 10;
corner-radius = 8;
rounded-corners-exclude = [
"window_type = 'dock'"
];
# pijulius specifics
animations = true;
animation-stiffness = 500;
animation-window-mass = 1.0;
animation-dampening = 26;
animation-delta = 10;
animation-force_steps = false;
animation-clamping = true;
animation-for-open-window = "slide-up";
animation-for-menu-window = "slide-down";
animation-for-transient-window = "slide-down";
animation-for-unmap-window = "slide-up";
animation-for-next-tag = "slide-right";
animation-for-prev-tag = "slide-left";
enable-fading-next-tag = true;
enable-fading-prev-tag = true;
};
};
}

100
modules/home/shell/default.nix
View File

@@ -1,100 +0,0 @@
{pkgs, ...}: {
imports = [
./lazygit.nix
./superfile.nix
./open-code.nix
];
programs = {
bat.enable = true;
zsh = {
enable = true;
history = {
append = true;
share = true;
expireDuplicatesFirst = true;
ignoreDups = true;
size = 1000000;
save = 1000000;
path = "$HOME/.local/share/zsh/.zsh_history";
};
syntaxHighlighting.enable = true;
autosuggestion.enable = true;
initContent = ''
fastfetch
export WINIT_X11_SCALE_FACTOR=1
PATH=$PATH:~/.cargo/bin:~/.local/bin
bindkey "^A" vi-beginning-of-line
bindkey "^E" vi-end-of-line
bindkey '^R' fzf-history-widget
'';
};
zoxide = {
enable = true;
options = ["--cmd cd"];
enableZshIntegration = true;
};
ripgrep.enable = true;
btop = {
enable = true;
settings = {
theme_background = false;
update_ms = 1000;
presets = "cpu:0:default mem:0:default net:0:default";
};
};
go.enable = true;
yazi = {
enable = true;
enableZshIntegration = true;
};
fzf = {
enable = true;
enableZshIntegration = true;
};
lsd = {
enable = true;
enableZshIntegration = true;
};
};
home.packages = with pkgs; [
systemctl-tui
ranger
wget
portal
bore-cli
zip
unzip
pciutils
gnumake
nvtopPackages.full
zellij
nix-output-monitor
duf
jq
atac
termshark
solc
dig
lsof
python312
python312Packages.pipx
nodejs
nodePackages.pnpm
nodePackages.yarn
rustup
bun
nixpkgs-fmt
hunspell
hunspellDicts.en_US
air
templ
ffmpeg
deploy-rs
trok
];
}

171
modules/home/shell/lazygit.nix
View File

@@ -1,171 +0,0 @@
{...}: {
programs.lazygit = {
enable = true;
settings = {
gui = {
showIcons = true;
nerdFontsVersion = "3";
};
customCommands = [
{
key = "<c-a>";
description = "AI-powered conventional commit";
context = "global";
command = "git commit -m \"{{.Form.CommitMsg}}\"";
loadingText = "Generating commit messages...";
prompts = [
{
type = "menu";
key = "Type";
title = "Type of change";
options = [
{
name = "AI defined";
description = "Let AI analyze and determine the best commit type";
value = "ai-defined";
}
{
name = "build";
description = "Changes that affect the build system or external dependencies";
value = "build";
}
{
name = "feat";
description = "A new feature";
value = "feat";
}
{
name = "fix";
description = "A bug fix";
value = "fix";
}
{
name = "chore";
description = "Other changes that don't modify src or test files";
value = "chore";
}
{
name = "ci";
description = "Changes to CI configuration files and scripts";
value = "ci";
}
{
name = "docs";
description = "Documentation only changes";
value = "docs";
}
{
name = "perf";
description = "A code change that improves performance";
value = "perf";
}
{
name = "refactor";
description = "A code change that neither fixes a bug nor adds a feature";
value = "refactor";
}
{
name = "revert";
description = "Reverts a previous commit";
value = "revert";
}
{
name = "style";
description = "Changes that do not affect the meaning of the code";
value = "style";
}
{
name = "test";
description = "Adding missing tests or correcting existing tests";
value = "test";
}
];
}
{
type = "menuFromCommand";
title = "AI Generated Commit Messages";
key = "CommitMsg";
command = ''
bash -c "
# Check for staged changes
diff=\$(git diff --cached | head -n 10)
if [ -z \"\$diff\" ]; then
echo \"No changes in staging. Add changes first.\"
exit 1
fi
SELECTED_TYPE=\"{{.Form.Type}}\"
COMMITS_TO_SUGGEST=8
opencode run -m \"google/gemini-2.5-flash-lite\" \"
You are an expert at writing Git commits. Your job is to write commit messages that follow the Conventional Commits format.
The user has selected: \$SELECTED_TYPE
Your task is to:
1. Analyze the code changes
2. Determine the most appropriate commit type (if user selected 'ai-defined')
3. Determine an appropriate scope (component/area affected)
4. Decide if this is a breaking change
5. Write clear, concise commit messages
Available commit types:
- feat: A new feature
- fix: A bug fix
- docs: Documentation only changes
- style: Changes that do not affect the meaning of the code
- refactor: A code change that neither fixes a bug nor adds a feature
- perf: A code change that improves performance
- test: Adding missing tests or correcting existing tests
- build: Changes that affect the build system or external dependencies
- ci: Changes to CI configuration files and scripts
- chore: Other changes that don't modify src or test files
- revert: Reverts a previous commit
Follow these guidelines:
- Structure: <type>(<scope>): <description>
- If user selected 'ai-defined', analyze the changes and pick the most suitable type
- If user selected a specific type, use that type: \$SELECTED_TYPE
- Add scope in parentheses if applicable (e.g., auth, api, ui, config)
- Use exclamation mark (!) after type/scope for breaking changes: type(scope)!: description
- Use lowercase for description (except proper nouns)
- Use imperative mood (\\\"add\\\", not \\\"added\\\")
- Keep description under 50 characters when possible
- No period at the end of subject line
Examples:
- feat(auth): add OAuth login support
- fix(api): handle null response in user endpoint
- docs(readme): update installation instructions
- style(ui): improve button spacing consistency
- refactor(database): simplify query builder logic
- test(auth): add unit tests for login flow
- build(deps): upgrade React to version 18
- ci(github): fix deployment workflow
- chore(config): update ESLint rules
- perf(api)!: optimize database queries
IMPORTANT:
- Generate exactly \$COMMITS_TO_SUGGEST different commit message options
- If user selected 'ai-defined', you can use different types for different options
- If user selected a specific type, all messages must use that type
- Only return commit messages, no explanations
- Do not use markdown code blocks
- One message per line
Previous commits for context:
\$(git log --oneline -10)
Changes to analyze:
\$(git diff --cached --stat)
\$(git diff --cached)
\"
"
'';
}
];
}
];
};
};
}

20
modules/home/shell/open-code.nix
View File

@@ -1,20 +0,0 @@
{
programs.opencode = {
enable = true;
settings = {
theme = "system";
provider = {
google = {
options = {
apiKey = "{file:/run/secrets/gemini_api_key}";
};
};
openrouter = {
options = {
apiKey = "{file:/run/secrets/open_router_api_key}";
};
};
};
};
};
}

41
modules/home/shell/superfile.nix
View File

@@ -1,41 +0,0 @@
{
programs.superfile = {
enable = true;
settings = {
theme = "poimandres";
editor = "";
dir_editor = "";
auto_check_update = false;
cd_on_quit = false;
default_open_file_preview = true;
show_image_preview = true;
show_panel_footer_info = true;
default_directory = "~";
file_size_use_si = false;
default_sort_type = 0;
sort_order_reversed = false;
case_sensitive_sort = false;
shell_close_on_success = false;
debug = false;
ignore_missing_fields = false;
nerdfont = true;
transparent_background = true;
file_preview_width = 0;
code_previewer = "bat";
sidebar_width = 20;
border_top = "";
border_bottom = "";
border_left = "";
border_right = "";
border_top_left = "";
border_top_right = "";
border_bottom_left = "";
border_bottom_right = "";
border_middle_left = "";
border_middle_right = "";
metadata = true;
zoxide_support = true;
enable_md5_checksum = false;
};
};
}

32
modules/home/spotify/default.nix
View File

@@ -1,32 +0,0 @@
{
services.spotifyd = {
enable = true;
settings = {
global = {
device_name = "canopus";
device_type = "computer";
bitrate = 320;
initial_volume = 100;
autoplay = true;
};
};
};
programs.spotify-player = {
enable = true;
settings = {
theme = "default";
client_id = "c54c06bacd3642c68d981474dadd3a53";
login_redirect_uri = "http://127.0.0.1:8989/login";
device = {
name = "spotify-player";
device_type = "speaker";
volume = 100;
bitrate = 320;
audio_cache = false;
normalization = false;
autoplay = false;
};
};
};
}

50
modules/home/starship/default.nix
View File

@@ -1,50 +0,0 @@
{...}: {
programs.starship = {
enable = true;
settings = {
format = ''$os$hostname$directory$rust$golang$solidity$nodejs(bold blue)$git_branch$git_status[](bold yellow)[](bold purple)[](bold blue) '';
scan_timeout = 60;
add_newline = false;
line_break.disabled = true;
os = {
format = "[$symbol ]($style)";
style = "bold green";
disabled = false;
symbols.NixOS = "󰊠";
symbols.Linux = "󰊠";
symbols.Arch = "󰣇";
symbols.Ubuntu = "󰕈";
};
directory = {
format = "[$path]($style)[$read_only ]($read_only_style)";
read_only = " 󰌾";
style = "bold blue";
};
git_branch.format = "[$symbol$branch]($style) ";
hostname = {
ssh_only = false;
format = "[$ssh_symbol$hostname]($style) ";
style = "bold green";
ssh_symbol = "󰇧 ";
disabled = false;
};
rust = {
format = "[$symbol]($style)";
symbol = " ";
};
golang = {
format = "[$symbol]($style)";
symbol = " ";
};
solidity = {
format = "[$symbol]($style)";
symbol = "󰡪 ";
};
nodejs = {
format = "[$symbol]($style)";
symbol = "󰎙 ";
};
};
};
}

9
modules/home/thunderbird/default.nix
View File

@@ -1,9 +0,0 @@
{username, ...}: {
programs.thunderbird = {
enable = true;
profiles."${username}" = {
isDefault = true;
};
};
}

136
modules/home/tmux/default.nix
View File

@@ -1,136 +0,0 @@
{pkgs, ...}: let
bg = "default";
fg = "default";
bg2 = "brightblack";
fg2 = "white";
color = c: "#{@${c}}";
indicator = let
accent = color "indicator_color";
content = " ";
in "#[reverse,fg=${accent}]#{?client_prefix,${content},}";
current_window = let
accent = color "main_accent";
index = "#[reverse,fg=${accent},bg=${fg}] #I ";
name = "#[fg=${bg2},bg=${fg2}] #W ";
# flags = "#{?window_flags,#{window_flags}, }";
in "${index}${name}";
window_status = let
accent = color "window_color";
index = "#[reverse,fg=${accent},bg=${fg}] #I ";
name = "#[fg=${bg2},bg=${fg2}] #W ";
# flags = "#{?window_flags,#{window_flags}, }";
in "${index}${name}";
battery = let
percentage = pkgs.writeShellScript "percentage" (
if pkgs.stdenv.isDarwin
then ''
echo $(pmset -g batt | grep -o "[0-9]\+%" | tr '%' ' ')
''
else ''
path="/org/freedesktop/UPower/devices/DisplayDevice"
echo $(${pkgs.upower}/bin/upower -i $path | grep -o "[0-9]\+%" | tr '%' ' ')
''
);
state = pkgs.writeShellScript "state" (
if pkgs.stdenv.isDarwin
then ''
echo $(pmset -g batt | awk '{print $4}')
''
else ''
path="/org/freedesktop/UPower/devices/DisplayDevice"
echo $(${pkgs.upower}/bin/upower -i $path | grep state | awk '{print $2}')
''
);
icon = pkgs.writeShellScript "icon" ''
percentage=$(${percentage})
state=$(${state})
if [ "$state" == "charging" ] || [ "$state" == "fully-charged" ]; then echo "󰂄"
elif [ $percentage -ge 75 ]; then echo "󱊣"
elif [ $percentage -ge 50 ]; then echo "󱊢"
elif [ $percentage -ge 25 ]; then echo "󱊡"
elif [ $percentage -ge 0 ]; then echo "󰂎"
fi
'';
color = pkgs.writeShellScript "color" ''
percentage=$(${percentage})
state=$(${state})
if [ "$state" == "charging" ] || [ "$state" == "fully-charged" ]; then echo "green"
elif [ $percentage -ge 75 ]; then echo "green"
elif [ $percentage -ge 50 ]; then echo "${fg2}"
elif [ $percentage -ge 30 ]; then echo "yellow"
elif [ $percentage -ge 0 ]; then echo "red"
fi
'';
in "#[fg=#(${color})]#(${icon}) #[fg=${fg}]#(${percentage})%";
pwd = let
accent = color "main_accent";
icon = "#[fg=${accent}] ";
format = "#[fg=${fg}]#{b:pane_current_path}";
in "${icon}${format}";
git = let
icon = pkgs.writeShellScript "branch" ''
git -C "$1" branch && echo " "
'';
branch = pkgs.writeShellScript "branch" ''
git -C "$1" rev-parse --abbrev-ref HEAD
'';
in "#[fg=magenta]#(${icon} #{pane_current_path})#(${branch} #{pane_current_path})";
separator = "#[fg=${fg}]|";
in {
programs.tmux = {
enable = true;
baseIndex = 1;
escapeTime = 0;
mouse = true;
extraConfig = ''
set-option -sa terminal-overrides ",xterm*:Tc"
set-option -g status-position top
unbind r
bind r source-file ~/.config/tmux/tmux.conf
# remap prefix from C-b to C-Space
# unbind C-b
# set -g prefix C-Space
# bind C-Space send-prefix
# split panes using | and -
unbind '"'
unbind %
bind | split-window -h
bind - split-window -v
# Start windows and panes at 1, not 0
set -g base-index 1
set -g pane-base-index 1
set-window-option -g pane-base-index 1
set-option -g renumber-windows on
# switch panes using Alt-arrow without prefix
bind -n M-Left select-pane -L
bind -n M-Right select-pane -R
bind -n M-Up select-pane -U
bind -n M-Down select-pane -D
set-option -g default-terminal "screen-256color"
set-option -g status-right-length 100
set-option -g @indicator_color "yellow"
set-option -g @window_color "magenta"
set-option -g @main_accent "blue"
set-option -g pane-active-border fg=black
set-option -g pane-border-style fg=black
set-option -g status-style "bg=${bg} fg=${fg}"
set-option -g status-left "${indicator}"
set-option -g status-right "${git} ${pwd} ${separator} ${battery}"
set-option -g window-status-current-format "${current_window}"
set-option -g window-status-format "${window_status}"
set-option -g window-status-separator ""
'';
};
}

76
modules/home/vs-code/default.nix
View File

@@ -1,76 +0,0 @@
{pkgs, ...}: {
programs.vscode = {
enable = true;
package = pkgs.vscodium;
profiles.default = {
keybindings = [
{
"key" = "f7";
"command" = "-editor.action.wordHighlight.next";
"when" = "editorTextFocus && hasWordHighlights";
}
{
"key" = "f7";
"command" = "-editor.action.accessibleDiffViewer.next";
"when" = "isInDiffEditor";
}
{
"key" = "f7";
"command" = "workbench.action.terminal.toggleTerminal";
"when" = "terminal.active";
}
{
"key" = "ctrl+`";
"command" = "-workbench.action.terminal.toggleTerminal";
"when" = "terminal.active";
}
];
userSettings = {
"window.zoomLevel" = 2;
"window.menuBarVisibility" = "toggle";
"workbench.colorTheme" = "Poimandres Alternate";
"workbench.startupEditor" = "none";
"editor.fontFamily" = "FiraCode NF, FiraCode Nerd Font";
"editor.fontLigatures" = true;
"editor.cursorBlinking" = "smooth";
"editor.minimap.enabled" = false;
"terminal.integrated.fontFamily" = "FiraCode NF, FiraCode Nerd Font , FiraCode";
};
extensions =
(with pkgs.vscode-extensions; [
wakatime.vscode-wakatime
ms-dotnettools.csharp
naumovs.color-highlight
ms-vscode-remote.remote-containers
ms-azuretools.vscode-docker
mikestead.dotenv
golang.go
wix.vscode-import-cost
sumneko.lua
yzhang.markdown-all-in-one
jnoortheen.nix-ide
esbenp.prettier-vscode
prisma.prisma
ms-python.python
ms-vscode-remote.remote-ssh
humao.rest-client
bradlc.vscode-tailwindcss
gruntfuggly.todo-tree
])
++ (with pkgs.vscode-marketplace; [
danielpriestley.poimandres-alternate
pufferbommy.pretty-poimandres
yoavbls.pretty-ts-errors
formulahendry.auto-rename-tag
chakrounanas.turbo-console-log
streetsidesoftware.code-spell-checker
]);
};
};
}

29
modules/home/wezterm/default.nix
View File

@@ -1,29 +0,0 @@
{pkgs, ...}: {
programs.wezterm = {
enable = true;
package = pkgs.wezterm-git;
enableZshIntegration = false;
extraConfig = ''
local wezterm = require 'wezterm'
local config = {}
config.check_for_updates = false
config.window_close_confirmation = 'NeverPrompt'
config.color_scheme = 'Poimandres'
config.colors = {
background = "#0f0f0f"
}
config.enable_tab_bar = false
config.font = wezterm.font_with_fallback {
'JetBrainsMono Nerd Font',
}
config.font_size = 12.0
config.window_background_opacity = 1
config.audible_bell = "Disabled"
return config
'';
};
}

28
modules/home/zed/default.nix
View File

@@ -1,28 +0,0 @@
{
programs.zed-editor = {
enable = true;
extensions = ["lua" "nix" "C#" "solidity"];
userKeymaps = [
{
context = "Workspace";
bindings = {
F7 = "workspace::NewTerminal";
};
}
];
userSettings = {
ui_font_size = 18;
buffer_font_size = 18;
theme = {
mode = "dark";
light = "Ayu Light";
dark = "Ayu Dark";
};
vim_mode = true;
telemetry = {
diagnostics = false;
metrics = false;
};
};
};
}

70
modules/nixos/desktop/awesome/default.nix
View File

@@ -1,70 +0,0 @@
{
lib,
pkgs,
...
}: {
services = {
displayManager = {
defaultSession = "none+awesome";
ly = {
enable = true;
settings = {
session_log = "null";
};
};
};
xserver = {
enable = true;
windowManager.awesome = {
enable = true;
luaModules = lib.attrValues {
inherit
(pkgs.luajitPackages)
lgi
ldbus
luadbi-mysql
luaposix
dkjson
;
};
};
};
acpid.enable = true;
picom.enable = true;
upower.enable = true;
blueman.enable = true;
};
programs.dconf.enable = true;
environment.systemPackages = with pkgs; [
luajit
acpi
linuxKernel.packages.linux_zen.acpi_call
lxappearance
inotify-tools
polkit_gnome
xdotool
xclip
xorg.xbacklight
gpick
alsa-utils
pavucontrol
brightnessctl
libnotify
feh
maim
mpdris2
python311Packages.mutagen
xdg-utils
playerctl
pulsemixer
easyeffects
procps
sct
slop
sddm-sugar-dark
];
}

13
modules/nixos/desktop/default.nix
View File

@@ -1,13 +0,0 @@
{...}: {
xdg.mime = {
enable = true;
defaultApplications = {
"application/pdf" = ["vivaldi-stable.desktop"];
"text/html" = ["vivaldi-stable.desktop"];
"x-scheme-handler/http" = ["vivaldi-stable.desktop"];
"x-scheme-handler/https" = ["vivaldi-stable.desktop"];
"x-scheme-handler/about" = ["vivaldi-stable.desktop"];
"x-scheme-handler/unknown" = ["vivaldi-stable.desktop"];
};
};
}

28
modules/nixos/desktop/hyprland/default.nix
View File

@@ -1,28 +0,0 @@
{pkgs, ...}: {
programs.hyprland = {
enable = true;
package = pkgs.hyprland-git.hyprland;
portalPackage = pkgs.hyprland-git.xdg-desktop-portal-hyprland;
};
environment.systemPackages = [
(pkgs.writeShellScriptBin "mirror-display" ''
hyprctl keyword monitor "eDP-1,2560x1440@90,0x0,1" \
&& hyprctl keyword monitor "HDMI-A-1,preferred,0x0,1,mirror,eDP-1" \
&& ags quit \
&& ${pkgs.tpanel}/bin/tpanel &
'')
(pkgs.writeShellScriptBin "extend-display" ''
hyprctl keyword monitor "eDP-1,2560x1440@90,0x0,1" \
&& hyprctl keyword monitor "HDMI-A-1,preferred,0x-1440,1" \
&& ags quit \
&& ${pkgs.tpanel}/bin/tpanel &
'')
(pkgs.writeShellScriptBin "dock-display" ''
hyprctl keyword monitor "eDP-1,disable" \
&& hyprctl keyword monitor "HDMI-A-1,preferred,0x0,1" \
&& ags quit \
&& ${pkgs.tpanel}/bin/tpanel &
'')
];
}

26
modules/nixos/desktop/mango/default.nix
View File

@@ -1,26 +0,0 @@
{
inputs,
pkgs,
lib,
...
}: {
imports = [
inputs.mango.nixosModules.mango
];
programs.mango.enable = true;
xdg.portal = {
enable = lib.mkDefault true;
extraPortals = with pkgs; [
hyprland-git.xdg-desktop-portal-hyprland
xdg-desktop-portal-wlr
xdg-desktop-portal-gtk
];
config.mango = {
default = lib.mkForce ["hyprland" "gtk"];
"org.freedesktop.impl.portal.ScreenCast" = lib.mkForce ["hyprland"];
"org.freedesktop.impl.portal.ScreenShot" = lib.mkForce ["hyprland"];
};
};
}

112
modules/nixos/distrobox.nix
View File

@@ -1,112 +0,0 @@
{
config,
pkgs,
lib,
...
}:
with lib; let
cfg = config.tux.packages.distrobox;
in {
options.tux.packages.distrobox = {
enable = mkEnableOption "Enable DistroBox";
};
config = mkIf cfg.enable {
environment.systemPackages = with pkgs; [
distrobox
(writeShellScriptBin "dbox-create" ''
#!/usr/bin/env bash
# 1. Initialize variables
IMAGE=""
NAME=""
# Array to hold optional arguments (like volumes)
declare -a EXTRA_ARGS
# 2. Parse arguments
while [[ $# -gt 0 ]]; do
case $1 in
-i|--image)
IMAGE="$2"
shift 2
;;
-n|--name)
NAME="$2"
shift 2
;;
-p|--profile)
echo ":: Profile mode enabled: Mounting Nix store and user profiles (Read-Only)"
# Add volume flags to the array
EXTRA_ARGS+=( "--volume" "/nix/store:/nix/store:ro" )
EXTRA_ARGS+=( "--volume" "/etc/profiles/per-user:/etc/profiles/per-user:ro" )
EXTRA_ARGS+=( "--volume" "/etc/static/profiles/per-user:/etc/static/profiles/per-user:ro" )
shift 1
;;
*)
echo "Unknown option $1"
exit 1
;;
esac
done
if [ -z "$IMAGE" ] || [ -z "$NAME" ]; then
echo "Usage: dbox-create -i <image> -n <name> [-p]"
exit 1
fi
# 3. Define the custom home path
CUSTOM_HOME="$HOME/Distrobox/$NAME"
echo "------------------------------------------------"
echo "Creating Distrobox: $NAME"
echo "Location: $CUSTOM_HOME"
echo "------------------------------------------------"
# 4. Run Distrobox Create
# We expand "''${EXTRA_ARGS[@]}" to properly pass the volume arguments
${pkgs.distrobox}/bin/distrobox create \
--image "$IMAGE" \
--name "$NAME" \
--home "$CUSTOM_HOME" \
"''${EXTRA_ARGS[@]}"
# Check exit code
if [ $? -ne 0 ]; then
echo "Error: Distrobox creation failed."
exit 1
fi
# 5. Post-Creation: Symlink Config Files
echo "--> Linking configurations to $NAME..."
# Helper function to symlink
link_config() {
SRC="$1"
DEST="$2"
DEST_DIR=$(dirname "$DEST")
# Create parent directory if it doesn't exist
mkdir -p "$DEST_DIR"
if [ -e "$SRC" ]; then
# ln -sf: symbolic link, force overwrite
ln -sf "$SRC" "$DEST"
echo " [LINK] $DEST -> $SRC"
else
echo " [SKIP] $SRC not found on host"
fi
}
# Create Symlinks
link_config "$HOME/.zshrc" "$CUSTOM_HOME/.zshrc"
link_config "$HOME/.zshenv" "$CUSTOM_HOME/.zshenv"
link_config "$HOME/.config/fastfetch" "$CUSTOM_HOME/.config/fastfetch"
link_config "$HOME/.config/starship.toml" "$CUSTOM_HOME/.config/starship.toml"
echo "--> Done! Enter via: distrobox enter $NAME"
'')
];
};
}

32
modules/nixos/fail2ban.nix
View File

@@ -1,32 +0,0 @@
{config, ...}: let
isFirewallEnabled = config.networking.firewall.enable;
in {
services.fail2ban = {
enable = isFirewallEnabled;
maxretry = 5;
banaction = "iptables-multiport[blocktype=DROP]";
ignoreIP = [
"127.0.0.0/8"
"10.0.0.0/8"
"192.168.0.0/16"
];
bantime = "24h";
bantime-increment = {
enable = true;
rndtime = "12m";
overalljails = true;
multipliers = "4 8 16 32 64 128 256 512 1024 2048";
maxtime = "192h";
};
jails = {
sshd.settings = {
enabled = true;
port = toString config.services.openssh.ports;
mode = "aggressive";
filter = "sshd";
};
};
};
}

69
modules/nixos/networking/ssh.nix
View File

@@ -1,69 +0,0 @@
{
config,
lib,
...
}:
with lib; let
cfg = config.tux.services.openssh;
# Sops needs acess to the keys before the persist dirs are even mounted; so
# just persisting the keys won't work, we must point at /persist
hasOptinPersistence = config.environment.persistence."/persist".enable;
in {
options.tux.services.openssh = {
enable = mkEnableOption "Enable OpenSSH server";
ports = mkOption {
type = types.listOf types.port;
default = [22];
description = ''
Specifies on which ports the SSH daemon listens.
'';
};
};
config = mkIf cfg.enable {
services.openssh = {
enable = true;
startWhenNeeded = true;
allowSFTP = true;
ports = cfg.ports;
settings = {
PermitRootLogin = "no";
PasswordAuthentication = false;
KbdInteractiveAuthentication = false;
AuthenticationMethods = "publickey";
PubkeyAuthentication = "yes";
ChallengeResponseAuthentication = "no";
UsePAM = false;
UseDns = false;
X11Forwarding = false;
KexAlgorithms = [
"curve25519-sha256"
"curve25519-sha256@libssh.org"
"diffie-hellman-group16-sha512"
"diffie-hellman-group18-sha512"
"sntrup761x25519-sha512@openssh.com"
"diffie-hellman-group-exchange-sha256"
"mlkem768x25519-sha256"
"sntrup761x25519-sha512"
];
Macs = [
"hmac-sha2-512-etm@openssh.com"
"hmac-sha2-256-etm@openssh.com"
"umac-128-etm@openssh.com"
];
ClientAliveCountMax = 5;
ClientAliveInterval = 60;
};
hostKeys = [
{
path = "${lib.optionalString hasOptinPersistence "/persist"}/etc/ssh/ssh_host_ed25519_key";
type = "ed25519";
}
];
};
};
}

7
modules/nixos/obs-studio.nix
View File

@@ -1,7 +0,0 @@
{pkgs, ...}: {
programs.obs-studio = {
enable = true;
enableVirtualCamera = true;
plugins = with pkgs.obs-studio-plugins; [obs-vaapi wlrobs];
};
}

8
modules/nixos/selfhosted/adguard.nix
View File

@@ -1,8 +0,0 @@
{...}: {
services = {
adguardhome = {
enable = true;
openFirewall = true;
};
};
}

61
modules/nixos/selfhosted/containers/aiostreams.nix
View File

@@ -1,61 +0,0 @@
{
config,
lib,
...
}:
with lib; let
cfg = config.tux.containers.aiostreams;
in {
options.tux.containers.aiostreams = {
enable = mkEnableOption "Enable AIOStreams";
port = mkOption {
type = types.int;
default = 3000;
};
dataDir = mkOption {
type = types.path;
default = "/var/lib/aiostreams";
description = "Directory to store persistent AIOStreams data";
};
environment = mkOption {
type = with types; attrsOf str;
default = {};
};
environmentFiles = mkOption {
type = with types; listOf path;
default = [];
};
};
config = mkIf cfg.enable {
virtualisation.oci-containers.containers.aiostreams = {
autoStart = true;
image = "ghcr.io/viren070/aiostreams:latest";
ports = [
"${toString cfg.port}:3000"
];
environment = cfg.environment;
environmentFiles = cfg.environmentFiles;
volumes = [
"${cfg.dataDir}:/app/data"
];
};
services.nginx.virtualHosts = {
"${cfg.environment.ADDON_ID}" = {
forceSSL = true;
useACMEHost = "tux.rs";
locations = {
"/" = {
proxyPass = "http://localhost:${toString cfg.port}";
};
};
};
};
};
}

Some files were not shown because too many files have changed in this diff Show More