tux/nix-config
1
0
Fork 0
mirror of https://github.com/tuxdotrs/nix-config.git synced 2026-05-06 18:16:31 +05:30
Code Issues Actions Packages Projects Releases Wiki Activity

Compare commits

base: tux:87e065c6599d85e09a738dd125564cdd865e796e
Branches Tags
tux:main tux:dev tux:old
tux:25.11.2025
...
compare: tux:dev
Branches Tags
tux:dev tux:main tux:old
tux:25.11.2025

112 Commits
87e065c659 ... dev

Author SHA1 Message Date
tux
a62346367f start fresh rewrite 2026-05-02 14:48:41 +05:30
tux
31d65fafa8 feat(canopus): switch supergfxd mode to Integrated 2026-05-01 16:30:49 +05:30
tux
7194dbdaf6 chore: update flake 2026-04-27 14:32:13 +05:30
tux
428c5c5717 feat: restore config path 2026-04-27 14:31:43 +05:30
tux
5971087593 feat: add zed to persist dir 2026-04-27 01:37:25 +05:30
tux
e3bafff8f8 feat: update flake 2026-04-26 15:19:25 +05:30
tux
6e78c0b6c2 feat: switch default browser to brave 2026-04-21 15:18:51 +05:30
tux
99863948b4 feat(canopus): increase max freq 2026-03-27 21:38:01 +05:30
tux
1b526b5633 feat(hyprland): add brightness gesture 2026-03-27 21:35:16 +05:30
tux
489e7e6e2a feat: switch to integrated mode 2026-03-27 21:35:05 +05:30
tux
da97041c2a style: format code 2026-03-27 21:34:50 +05:30
tux
595cf577b4 feat: add davinci resolve 2026-02-28 01:24:11 +05:30
tux
214d86c1c6 chore: update tnvim flake input 2026-02-26 18:38:10 +05:30
tux
e95a103952 chore: update tpanel flake input 2026-02-26 07:46:59 +05:30
tux
6403fab5af feat(obs): add source record plugin 2026-02-25 13:24:36 +05:30
tux
51ed6c6d2c chore(hyprland): update keybind for pin action 2026-02-24 21:51:47 +05:30
tux
77edbf47ad feat: launch easyeffect on startup 2026-02-24 21:05:22 +05:30
tux
f7e6b47cb3 feat: add easyeffects to persist dir 2026-02-24 20:12:29 +05:30
tux
fd3651b398 feat(hyprland): update config 2026-02-24 15:15:21 +05:30
tux
8e1a543fd7 feat(hyprland): add extra workspace 2026-02-24 14:54:49 +05:30
tux
ea7b6bcdef feat: add mangowc 2026-02-24 14:51:35 +05:30
tux
5f72ba716d feat(hyprland): performance/battery optimizations 2026-02-23 12:41:14 +05:30
tux
990081328a feat(alacritty): update background color 2026-02-22 15:56:07 +05:30
tux
9eeac2741c feat(hyprland): update animation and blur settings 2026-02-22 14:53:35 +05:30
tux
b20f3ab5bc feat: setup obs from nixos module 2026-02-18 22:39:00 +05:30
tux
d95f88d61d fix(vicinae): awww-switcher name 2026-02-17 19:30:41 +05:30
tux
cbfe9205c7 feat: setup vicinae silverbullet extension 2026-02-17 19:19:10 +05:30
tux
981a986139 feat(vicinae): setup extensions 2026-02-17 19:18:20 +05:30
tux
ea718e56c6 feat(silverbullet): set auth token 2026-02-17 19:16:25 +05:30
tux
b989269dcc chore: update tpanel flake input 2026-02-17 17:59:11 +05:30
tux
860423356c feat(desktop): setup awww 2026-02-17 17:47:35 +05:30
tux
db8bdfb9c6 chore(hyprland): modify workspace management setting 2026-02-17 17:46:32 +05:30
tux
1a5e5b0c14 chore: update tpanel flake input 2026-02-12 11:47:02 +05:30
tux
a944ca11c7 feat(hyprland): add extra workspace 2026-02-12 11:46:50 +05:30
tux
75e172dd06 fix: steam path for persistence 2026-02-10 09:36:49 +05:30
tux
e2ab75f095 fix(xdg): default apps 2026-02-07 06:55:32 +05:30
tux
a61b0b40c8 chore: update tnvim flake input 2026-02-07 06:19:05 +05:30
tux
1e43a360d3 chore: add lsof 2026-02-07 06:18:54 +05:30
tux
378793245d chore(arcturus): remove commented-out kasmweb import 2026-02-07 05:12:50 +05:30
tux
7b8116644a feat(canopus): remove nextcloud 2026-02-07 05:11:54 +05:30
tux
d158d3e10d chore: add aiostreams to persist dir 2026-02-07 05:10:11 +05:30
tux
c4f96accc9 feat(aiostreams): enable persistent data storage via dataDir 2026-02-07 05:10:00 +05:30
tux
2b632b6bef chore(hyprland): update screenshot tool to hypr-screenshot 2026-02-06 20:57:45 +05:30
tux
54ebce7e53 chore: add vivaldi lib folder to persist dir 2026-02-06 20:29:01 +05:30
tux
2381dc907f chore(spotifyd): set volume 2026-02-05 03:25:26 +05:30
tux
502493a053 Revert "chore(hyprland): focus on activate" 
This reverts commit 7e8039488a.
 2026-02-05 03:24:33 +05:30
tux
2d023bdfba feat: add screen shot/record scripts 2026-02-04 18:08:01 +05:30
tux
7f18b96cdd feat: setup spotifyd 2026-02-04 06:55:07 +05:30
tux
3a46142f6f feat(vicinae): disable close on focus loss 2026-02-04 06:31:45 +05:30
tux
78e8aaf4e0 chore(hyprland): adjust keybindings for launcher 2026-02-04 05:53:50 +05:30
tux
7e8039488a chore(hyprland): focus on activate 2026-02-04 05:48:28 +05:30
tux
8aa79d767a chore: add pulseaudio 2026-02-04 05:48:08 +05:30
tux
705b6c8cf9 feat: add vicinae 2026-02-04 05:46:19 +05:30
tux
759874689f chore: update tpanel flake input 2026-02-04 03:40:46 +05:30
tux
dba0beefbd feat: set vivaldi as default browser 2026-02-04 03:40:27 +05:30
tux
063dd3b580 feat(terminal): adjust font sizes 2026-02-04 03:39:59 +05:30
tux
5f0c07204e feat: add vivaldi browser 2026-02-01 06:47:18 +05:30
tux
7069de5b41 feat: add antigravity 2026-02-01 06:29:56 +05:30
tux
048cb87087 feat(hyprland): update window and workspace rules 2026-01-27 19:32:31 +05:30
tux
f0417f10f0 chore: update trok flake input 2026-01-27 19:29:13 +05:30
tux
4a4f2430b8 style: format code 2026-01-21 20:08:38 +05:30
tux
62eee0efac feat(wezterm): disable check for updates 2026-01-21 19:10:14 +05:30
tux
f46e092f2e chore: update flake inputs 2026-01-21 16:01:24 +05:30
tux
a049a66619 feat: update flake inputs 2026-01-15 20:20:26 +05:30
tux
2d055ab10d feat(fastfetch): remove package count 2026-01-05 23:53:38 +05:30
tux
7d36194e59 feat: use iGPU 2025-12-30 15:32:42 +05:30
tux
206ff0b1c8 chore: update tpanel flake input 2025-12-29 21:53:38 +05:30
tux
42b938cdb0 feat(hyprland): add workspace swipe using gesture's 2025-12-29 11:56:49 +05:30
tux
8e31454fa0 chore: update tpanel flake input 2025-12-29 11:56:16 +05:30
tux
0b68021269 chore: update flake inputs 2025-12-27 16:21:28 +05:30
tux
fb750000a0 feat: add steam to persist dir 2025-12-26 21:45:04 +05:30
tux
0f7bb90600 feat: add moonlight 2025-12-26 03:35:29 +05:30
tux
83513b3b1a feat: rustdesl use unstable pkg 2025-12-26 03:35:08 +05:30
tux
f71dcfb43c feat(hyprland): use iGPU 2025-12-25 16:54:07 +05:30
tux
61f4af216e feat(canopus): add vfio kernel modules 2025-12-25 16:53:26 +05:30
tux
bb1dce3b3a feat: add libvirt to persist dir 2025-12-25 16:51:14 +05:30
tux
8667f72e87 feat: enable spice usb redirection 2025-12-25 16:49:15 +05:30
tux
87f3d1eacd chore: update flake inputs 2025-12-25 06:55:14 +05:30
tux
3c846d6c59 feat(hyprland): migrate window rules 2025-12-19 00:30:40 +05:30
tux
5580c22673 chore: update flake inputs 2025-12-19 00:30:21 +05:30
tux
33f7944296 feat: remove depreciated options 2025-12-17 14:30:10 +05:30
tux
86feafcc82 feat(sirius): enable interop 2025-12-17 03:01:41 +05:30
tux
7b085aa127 feat: update depreciated options 2025-12-17 02:53:16 +05:30
tux
8c17353315 chore: update flake inputs 2025-12-17 02:52:31 +05:30
tux
7772514fce feat: setup distrobox module 2025-11-22 06:13:15 +05:30
tux
71cc3c3e7f feat(node): enable firewall for additional ports 2025-11-14 20:37:51 +05:30
tux
f3063dd250 feat: add umami 2025-11-14 14:13:37 +05:30
tux
abd2134a2a feat: add aiostreams 2025-11-14 12:36:34 +05:30
tux
f033f3406a feat(canopus): change wallpaper 2025-11-14 04:05:04 +05:30
tux
eb95321b42 feat: add steam to persist dir 2025-11-14 04:04:52 +05:30
tux
50549a7ab3 feat: migrate node 2025-11-04 15:00:36 +05:30
tux
7b25ac4f30 feat: upgrade to nextcloud 32 2025-11-03 20:17:52 +05:30
tux
dbb226713d docs: update README.md 2025-10-29 23:29:15 +05:30
tux
b59a134631 feat(hosts): enable user linger for services 2025-10-29 13:37:35 +05:30
tux
b8209290f7 refactor(hosts): consolidate nvidia-container-toolkit configuration 2025-10-29 12:31:26 +05:30
tux
41a4eaa375 docs(readme): update host details in readme 2025-10-27 22:45:31 +05:30
tux
0f50de8d9a feat(node): add new host 2025-10-27 22:39:46 +05:30
tux
315b6f4c8f feat: update flake inputs 2025-10-27 21:43:16 +05:30
tux
da3f7101c0 feat: remove barrier 2025-10-27 21:42:57 +05:30
tux
967a163ae0 feat(sirius): add nvidia-container-toolkit support for driver assertion 2025-10-16 16:07:00 +05:30
tux
a793ff14c4 feat(docker): add nvidia-container-toolkit support 2025-10-15 18:28:21 +05:30
tux
19f271b4f9 feat(homelab): add api keys 2025-10-14 13:15:06 +05:30
tux
6a7decf5be docs: update installation instructions 2025-10-12 22:17:23 +05:30
tux
820e69f53c feat: set cursor size 2025-10-12 17:47:26 +05:30
tux
892f30dabe feat: add lan-mouse 2025-10-12 17:19:53 +05:30
tux
572ae61b3a chore: update tpanel flake input 2025-10-12 06:15:12 +05:30
tux
8a0383d327 feat: remove xserver configuration 2025-10-11 23:46:36 +05:30
tux
fbc415ee1b feat: update options 2025-10-11 23:46:04 +05:30
tux
c8e02ba847 refactor: remove unused modules 2025-10-11 23:45:49 +05:30
tux
0c69443c36 fix(brave): revert scale factor to default 2025-10-11 03:20:49 +05:30
tux
0bf00fc3c3 feat(sirius): add api keys for hyperbolic, gemini, and openrouter 2025-10-11 03:20:20 +05:30
tux
474901aa65 refactor(shell): replace aichat with opencode 2025-10-11 02:52:28 +05:30
198 changed files with 107 additions and 8639 deletions
Expand all files Collapse all files

55
.sops.yaml
View File

@@ -1,55 +0,0 @@
keys:
- &users
- &tux age14vktfes95f33vuefwnmuvryas7az04u76dsgyhfvsx73czkvmp2q7njkl4
- &hosts
- &sirius age1f860dfewlx5jtt9ejr47gywx70p3dmyc8mat29gpr75psljwjv8q5xyxkq
- &canopus age1x36yr8h993srfj29sfpzt4wyz52nztvncpmhgmfs0j26qvfecq3qvcm0an
- &homelab age1jg642q775gmnmxeu29gcf3lph8vem4xr8t84cxe809dpd0myrussh49h60
- &arcturus age1zsl5d4vj6gl3h96y5p53sq5y4vr4vtlwp727h7rp9a4xfkxm53lqrh6r50
- &alpha age1zujp5gxy7suv8ysnygv43cmzuvv36nxfg0ch7r3xg2emc6fz3vmqqujheq
- &vega age1ydkclhk9kwqdq74utesqdfupt43lz64d5k65gz2z9uyljcqq9fcq3hv28l
- &capella age1y4luzn2jls7rvgphej23srvdlx563lxq29tvf66vhwwzaf7c3f3qzvresh
creation_rules:
- path_regex: hosts/common/secrets.yaml$
key_groups:
- age:
- *tux
- *sirius
- *canopus
- *homelab
- *arcturus
- *alpha
- *vega
- *capella
- path_regex: hosts/sirius/secrets.yaml$
key_groups:
- age:
- *tux
- *sirius
- path_regex: hosts/canopus/secrets.yaml$
key_groups:
- age:
- *tux
- *canopus
- path_regex: hosts/arcturus/secrets.yaml$
key_groups:
- age:
- *tux
- *arcturus
- path_regex: hosts/alpha/secrets.yaml$
key_groups:
- age:
- *tux
- *alpha
- path_regex: hosts/capella/secrets.yaml$
key_groups:
- age:
- *tux
- *capella
- path_regex: hosts/homelab/secrets.yaml$
key_groups:
- age:
- *tux
- *homelab

130
README.md
View File

@@ -22,48 +22,132 @@
## Hosts
| | Hostname | Board | CPU | RAM | GPU | Purpose |
| --- | ---------- | ----------------- | ------------------ | ---- | ------------------------- | ---------------------------------------------------------------------------------- |
| 🖥️ | `sirius` | MSI X570-A Pro | Ryzen 7 5700X3D | 64GB | RTX 3080 TI + RTX 3060 TI | Triple-monitor desktop running Windows Subsystem for Linux. |
| 💻 | `canopus` | Asus Zephyrus G15 | Ryzen 9 5900HS | 16GB | RTX 3060 | Optimized for productivity on the go and some gaming. |
| ☁️ | `homelab` | Minisforum MS-A1 | Ryzen 7 8700G | 32GB | Radeon 780M | WIP |
| ☁️ | `arcturus` | KVM | 4 Core | 8GB | | Primary server responsible for exposing my homelab applications to the internet. |
| ☁️ | `alpha` | KVM | 4 Core | 4GB | | Monitors uptime and health status of all services across the infrastructure. |
| 🥔 | `vega` | Raspberry Pi 3B+ | Cortex A53 | 1GB | | Running AdGuard Home for network-wide ad blocking. |
| 📱 | `capella` | Samsung S25 Ultra | Snapdragon 8 Elite | 12GB | Adreno 830 | Primary mobile for daily usage. (Locked) |
| 📱 | `rigel` | Motorola Edge 30 | Snapdragon 778G+ | 8GB | Adreno 642L | Secondary mobile for some fun. (Rooted) |
| ☁️ | `node` | KVM | i9-13900 | 64GB | | Running Ethereum and BSC nodes. Currently in the process of migrating from Ubuntu. |
| | Hostname | Board | CPU | RAM | GPU | Purpose |
| --- | ---------- | ----------------- | ------------------ | ----- | ------------------------- | -------------------------------------------------------------------------------- |
| 🖥️ | `sirius` | MSI X570-A Pro | Ryzen 7 5700X3D | 64GB | RTX 3080 TI + RTX 3060 TI | Triple-monitor desktop running Windows Subsystem for Linux. |
| 💻 | `canopus` | Asus Zephyrus G15 | Ryzen 9 5900HS | 16GB | RTX 3060 | Optimized for productivity on the go and some gaming. |
| ☁️ | `homelab` | Minisforum MS-A1 | Ryzen 7 8700G | 32GB | Radeon 780M | WIP |
| ☁️ | `arcturus` | KVM | 4 Core | 8GB | | Primary server responsible for exposing my homelab applications to the internet. |
| ☁️ | `alpha` | KVM | 4 Core | 4GB | | Monitors uptime and health status of all services across the infrastructure. |
| 🥔 | `vega` | Raspberry Pi 3B+ | Cortex A53 | 1GB | | Running AdGuard Home for network-wide ad blocking. |
| 📱 | `capella` | Samsung S25 Ultra | Snapdragon 8 Elite | 12GB | Adreno 830 | Primary mobile for daily usage. (Locked) |
| 📱 | `rigel` | Motorola Edge 30 | Snapdragon 778G+ | 8GB | Adreno 642L | Secondary mobile for some fun. (Rooted) |
| ☁️ | `node` | ASRock B565D4 | Ryzen 9 5950X | 128GB | | Running Ethereum and BSC nodes. |
## Installation
Boot into NixOS bootable USB and then enter the following commands
> [!NOTE]
> This will get your base system ready, but keep in mind that many things might not work correctly — such as monitor resolution, font size, and more.
### Prerequisites
Boot into the NixOS bootable USB before proceeding with the installation steps.
### Installation Steps
#### 1. Clone the repository
```bash
git clone https://github.com/tuxdotrs/nix-config.git
cd nix-config
```
#### 2. Gain root privileges
```bash
sudo su
```
# Clone this repositry
git clone https://github.com/tuxdotrs/nix-config.git
# Navigate to the repository directory
cd nix-config
#### 3. Set up disk partitioning
# Install disko for disk partitioning
nix-shell -p disko
Install the required tools:
# Partition the disk and make sure to replace DISK_PATH (eg. /dev/vda)
```bash
nix-shell -p disko neovim
```
Partition your disk using disko. **This will wipe your drive.** Replace `DISK_PATH` with your actual disk path (e.g., `/dev/vda` or `/dev/nvme0n1`):
```bash
disko --mode disko ./hosts/canopus/disko.nix --arg device '"DISK_PATH"'
```
# Generate the hardware.nix file for your system
#### 4. Configure your disk
Edit the configuration file:
```bash
nvim ./hosts/canopus/default.nix
```
In the imports statement, replace:
```nix
(import ./disko.nix {device = "/dev/nvme0n1";})
```
with:
```nix
(import ./disko.nix {device = "DISK_PATH";})
```
Make sure to replace `DISK_PATH` with your actual disk path.
#### 5. Generate hardware configuration
```bash
nixos-generate-config --no-filesystems --root /mnt
```
# Replace the hardware.nix with generated one
Copy the generated hardware configuration to the repository:
```bash
cp /mnt/etc/nixos/hardware-configuration.nix ./hosts/canopus/hardware.nix
```
# Install
#### 6. Install NixOS
```bash
nixos-install --root /mnt --flake .#canopus
```
# Reboot to your beautiful DE
#### 7. Enter into the new system
```bash
nixos-enter --root /mnt
```
#### 8. Set up directories and permissions
```bash
mkdir -p /persist/home
chown -R tux:users /persist/home
```
#### 9. Set passwords
Set the root password:
```bash
passwd root
```
Set the user password:
```bash
passwd tux
```
#### 10. Reboot
```bash
reboot
```
Your NixOS system should now boot into a beautiful DE.
## Components
| | Wayland | Xorg |

1813
flake.lock generated
View File

File diff suppressed because it is too large Load Diff

170
flake.nix
View File

@@ -1,170 +0,0 @@
{
description = "tux's Nix Flake";
outputs = {
self,
nixpkgs,
deploy-rs,
...
} @ inputs: let
inherit (self) outputs;
inherit (inputs.nixpkgs.lib) nixosSystem;
inherit (inputs.nix-on-droid.lib) nixOnDroidConfiguration;
forAllSystems = nixpkgs.lib.genAttrs [
"x86_64-linux"
"aarch64-linux"
];
username = "tux";
email = "t@tux.rs";
mkNixOSConfig = host: {
specialArgs = {inherit inputs outputs username email;};
modules = [./hosts/${host}];
};
mkDroidConfig = host: {
pkgs = import nixpkgs {system = "aarch64-linux";};
extraSpecialArgs = {inherit inputs outputs username email;};
modules = [./hosts/${host}];
};
mkNixOSNode = hostname: {
inherit hostname;
profiles.system = {
user = "root";
path = deploy-rs.lib.x86_64-linux.activate.nixos self.nixosConfigurations.${hostname};
};
};
activateNixOnDroid = configuration:
deploy-rs.lib.aarch64-linux.activate.custom
configuration.activationPackage
"${configuration.activationPackage}/activate";
mkDroidNode = hostname: {
inherit hostname;
profiles.system = {
sshUser = "nix-on-droid";
user = "nix-on-droid";
magicRollback = true;
sshOpts = ["-p" "8033"];
path = activateNixOnDroid self.nixOnDroidConfigurations.${hostname};
};
};
in {
packages = forAllSystems (system: import ./pkgs nixpkgs.legacyPackages.${system});
formatter = forAllSystems (system: nixpkgs.legacyPackages.${system}.alejandra);
# Custom packages and modifications, exported as overlays
overlays = import ./overlays {inherit inputs;};
# NixOS configuration entrypoint
# 'nixos-rebuild switch --flake .#your-hostname'
nixosConfigurations = {
arcturus = nixosSystem (mkNixOSConfig "arcturus");
canopus = nixosSystem (mkNixOSConfig "canopus");
alpha = nixosSystem (mkNixOSConfig "alpha");
sirius = nixosSystem (mkNixOSConfig "sirius");
vega = nixosSystem (mkNixOSConfig "vega");
vps = nixosSystem (mkNixOSConfig "vps");
isoImage = nixosSystem (mkNixOSConfig "isoImage");
homelab = nixosSystem (mkNixOSConfig "homelab");
};
# NixOnDroid configuration entrypoint
# 'nix-on-droid switch --flake .#your-hostname'
nixOnDroidConfigurations = {
capella = nixOnDroidConfiguration (mkDroidConfig "capella");
rigel = nixOnDroidConfiguration (mkDroidConfig "rigel");
};
deploy = {
nodes = {
arcturus = mkNixOSNode "arcturus";
canopus = mkNixOSNode "canopus";
alpha = mkNixOSNode "alpha";
sirius = mkNixOSNode "sirius";
vega = mkNixOSNode "vega";
homelab = mkNixOSNode "homelab";
capella = mkDroidNode "capella";
rigel = mkDroidNode "rigel";
};
};
checks = builtins.mapAttrs (system: deployLib: deployLib.deployChecks self.deploy) deploy-rs.lib;
};
inputs = {
nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable";
nixpkgs-stable.url = "github:nixos/nixpkgs/release-24.11";
nixos-wsl = {
url = "github:nix-community/nixos-wsl";
inputs.nixpkgs.follows = "nixpkgs";
};
home-manager = {
url = "github:nix-community/home-manager";
inputs.nixpkgs.follows = "nixpkgs";
};
nix-vscode-extensions = {
url = "github:nix-community/nix-vscode-extensions";
inputs.nixpkgs.follows = "nixpkgs";
};
wezterm-flake = {
url = "github:wez/wezterm/main?dir=nix";
inputs.nixpkgs.follows = "nixpkgs";
};
disko = {
url = "github:nix-community/disko";
inputs.nixpkgs.follows = "nixpkgs";
};
nix-secrets = {
url = "git+ssh://git@github.com/tuxdotrs/nix-secrets.git?shallow=1";
inputs.nixpkgs.follows = "nixpkgs";
};
nix-on-droid = {
url = "github:nix-community/nix-on-droid/release-24.05";
inputs.nixpkgs.follows = "nixpkgs";
inputs.home-manager.follows = "home-manager";
};
tawm = {
url = "github:tuxdotrs/tawm";
inputs.nixpkgs.follows = "nixpkgs";
};
tnvim = {
url = "github:tuxdotrs/tnvim";
inputs.nixpkgs.follows = "nixpkgs";
};
trok = {
url = "github:tuxdotrs/trok";
inputs.nixpkgs.follows = "nixpkgs";
};
tpanel = {
url = "github:tuxdotrs/tpanel";
inputs.nixpkgs.follows = "nixpkgs";
};
tfolio = {
url = "git+ssh://git@github.com/tuxdotrs/tfolio.git";
inputs.nixpkgs.follows = "nixpkgs";
};
cyber-tux = {
url = "git+ssh://git@github.com/tuxdotrs/cyber-tux.git";
inputs.nixpkgs.follows = "nixpkgs";
};
nix-index-database = {
url = "github:nix-community/nix-index-database";
inputs.nixpkgs.follows = "nixpkgs";
};
hyprland.url = "github:hyprwm/Hyprland";
hyprland-plugins = {
url = "github:hyprwm/hyprland-plugins";
inputs.hyprland.follows = "hyprland";
};
ghostty.url = "github:ghostty-org/ghostty";
nixos-hardware.url = "github:nixos/nixos-hardware";
nixpkgs-f2k.url = "github:moni-dz/nixpkgs-f2k";
nur.url = "github:nix-community/nur";
sops-nix.url = "github:Mic92/sops-nix";
impermanence.url = "github:nix-community/impermanence";
deploy-rs.url = "github:serokell/deploy-rs";
nixcord.url = "github:kaylorben/nixcord";
};
}

163
hosts/alpha/default.nix
View File

@@ -1,163 +0,0 @@
{
modulesPath,
inputs,
username,
lib,
email,
config,
...
}: {
imports = [
(modulesPath + "/installer/scan/not-detected.nix")
(modulesPath + "/profiles/qemu-guest.nix")
inputs.disko.nixosModules.default
(import ./disko.nix {device = "/dev/vda";})
../common
../../modules/nixos/selfhosted/uptime-kuma.nix
];
tux.services.openssh.enable = true;
tux.services.openssh.ports = [23];
tux.services.tfolio.enable = true;
tux.services.nginxStreamProxy = {
enable = true;
upstreamServers = inputs.nix-secrets.proxy-servers;
};
sops.secrets = {
borg_encryption_key = {
sopsFile = ./secrets.yaml;
};
"cloudflare_credentials/email" = {
sopsFile = ./secrets.yaml;
};
"cloudflare_credentials/dns_api_token" = {
sopsFile = ./secrets.yaml;
};
};
nixpkgs = {
hostPlatform = "x86_64-linux";
};
boot = {
initrd.systemd = {
enable = lib.mkForce true;
services.wipe-my-fs = {
wantedBy = ["initrd.target"];
after = ["initrd-root-device.target"];
before = ["sysroot.mount"];
unitConfig.DefaultDependencies = "no";
serviceConfig.Type = "oneshot";
script = ''
mkdir /btrfs_tmp
mount /dev/disk/by-partlabel/disk-primary-root /btrfs_tmp
if [[ -e /btrfs_tmp/root ]]; then
mkdir -p /btrfs_tmp/old_roots
timestamp=$(date --date="@$(stat -c %Y /btrfs_tmp/root)" "+%Y-%m-%-d_%H:%M:%S")
mv /btrfs_tmp/root "/btrfs_tmp/old_roots/$timestamp"
fi
delete_subvolume_recursively() {
IFS=$'\n'
for i in $(btrfs subvolume list -o "$1" | cut -f 9- -d ' '); do
delete_subvolume_recursively "/btrfs_tmp/$i"
done
btrfs subvolume delete "$1"
}
for i in $(find /btrfs_tmp/old_roots/ -maxdepth 1 -mtime +30); do
delete_subvolume_recursively "$i"
done
btrfs subvolume create /btrfs_tmp/root
umount /btrfs_tmp
'';
};
};
loader = {
grub = {
efiSupport = true;
efiInstallAsRemovable = true;
};
};
};
networking = {
hostName = "alpha";
firewall = {
enable = true;
allowedTCPPorts = [80 443 22 23];
};
};
security = {
acme = {
acceptTerms = true;
defaults.email = "${email}";
certs = {
"tux.rs" = {
group = "nginx";
domain = "*.tux.rs";
extraDomainNames = ["tux.rs"];
dnsProvider = "cloudflare";
credentialFiles = {
CLOUDFLARE_EMAIL_FILE = config.sops.secrets."cloudflare_credentials/email".path;
CLOUDFLARE_DNS_API_TOKEN_FILE = config.sops.secrets."cloudflare_credentials/dns_api_token".path;
};
};
};
};
};
users.users.nginx.extraGroups = ["acme"];
services = {
nginx = {
recommendedGzipSettings = true;
recommendedOptimisation = true;
recommendedProxySettings = true;
recommendedTlsSettings = true;
};
};
programs = {
zsh.enable = true;
dconf.enable = true;
};
programs.fuse.userAllowOther = true;
fileSystems."/persist".neededForBoot = true;
environment.persistence."/persist" = {
hideMounts = true;
directories = [
"/var/log"
"/var/lib/acme"
"/var/lib/nixos"
"/var/lib/private"
];
files = [
"/etc/ssh/ssh_host_ed25519_key"
"/etc/ssh/ssh_host_ed25519_key.pub"
"/etc/ssh/ssh_host_rsa_key"
"/etc/ssh/ssh_host_rsa_key.pub"
];
};
home-manager.users.${username} = {
imports = [
./home.nix
];
};
system.stateVersion = "24.11";
}

53
hosts/alpha/disko.nix
View File

@@ -1,53 +0,0 @@
{device ? throw "Set this to the disk device, e.g. /dev/nvme0n1", ...}: {
disko.devices.disk.primary = {
inherit device;
type = "disk";
content = {
type = "gpt"; # GPT partitioning scheme
partitions = {
boot = {
name = "boot";
size = "1M";
type = "EF02";
};
# EFI Partition
ESP = {
size = "512M";
type = "EF00";
content = {
type = "filesystem";
format = "vfat";
mountpoint = "/boot";
mountOptions = ["defaults" "umask=0077"];
};
};
# Btrfs Root Partition
root = {
size = "100%"; # Use remaining space
type = "8300"; # Linux filesystem type
content = {
type = "btrfs";
subvolumes = {
"/root" = {
mountOptions = ["compress=zstd"]; # Compression for better performance
mountpoint = "/"; # Root subvolume
};
"/persist" = {
mountOptions = ["compress=zstd"]; # Compression for persistent data
mountpoint = "/persist"; # Persistent subvolume
};
"/nix" = {
mountOptions = [
"compress=zstd"
"noatime"
"noacl"
]; # Optimize for Nix store
mountpoint = "/nix"; # Nix subvolume
};
};
};
};
};
};
};
}

12
hosts/alpha/home.nix
View File

@@ -1,12 +0,0 @@
{username, ...}: {
home.persistence."/persist/home/${username}" = {
directories = [
"Projects"
".ssh"
".local/share/zsh"
];
allowOther = true;
};
home.stateVersion = "24.11";
}

28
hosts/alpha/secrets.yaml
View File

@@ -1,28 +0,0 @@
borg_encryption_key: ENC[AES256_GCM,data:EK1f7J4ea80K7LO16pPmkh246xmXoJEiCKzPbiRCmjQ=,iv:3vae+IAAgDx+0NPgml07kbT9kc4RpzDd1oj2Qb6ZqdM=,tag:aXj3IwzfeQ8+tGjSpq76bw==,type:str]
cloudflare_credentials:
email: ENC[AES256_GCM,data:w9ghChGxgV7OVeM=,iv:Qtl/pMmXGjhZ9dMRkxeyEDncGfY/YPy51eJrZ6mOgGg=,tag:oi7OoTf4TnUknblZ3lPDzQ==,type:str]
dns_api_token: ENC[AES256_GCM,data:lMoqQs9MZ646ESJUxN2dtIopNS8P55JARk6wyfaJ8ad9ABvk268oWQ==,iv:Ez4y/kKPsRuIH9mEcpS3IU4j3kK8F6iBBFOnIf9Ck60=,tag:7I0eE8PoohH9KtiHziagrg==,type:str]
sops:
age:
- recipient: age14vktfes95f33vuefwnmuvryas7az04u76dsgyhfvsx73czkvmp2q7njkl4
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB3NjIrVVlPVW9qTU9vMlMw
K3BtRHZaS0h0WmlmMjF3YjhHSFZtNmFzdjNZCjRKQ0UwWTc2L3NOY1AyZnR2K2hF
QkQ4blQvd0paRHd6c3dWaU5XbmV4S28KLS0tIExtWnR0djB5WU9lajVJeU5udlBQ
eDlMemQ1c1FkazlRaDhPUzNBcVh2bWsK544MNSGooJPKL7hxQ+yvPRROw3RER7p8
jbUVxMp4ZD/0ut/qFrKdyvfSPDcDkUR5eBoeaeUBkMAAPL+YeIxKhQ==
-----END AGE ENCRYPTED FILE-----
- recipient: age1zujp5gxy7suv8ysnygv43cmzuvv36nxfg0ch7r3xg2emc6fz3vmqqujheq
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBvWlN0bWNMZTlMM3Mvdmdn
M2M1RzBaNUl3Qkc4Sm5QbmE3cFpuODBNakZzCk9SbjBvM25pK2pGdmRqMXd4eTJu
ZU8vTmtSN1RYK2RmQ01QempKUG43eHMKLS0tIHVINVgvNTluS1grSm1YSHkzalMx
SGM4ditJZFducVNEaDlJSkhuUnpxQzAKvvHbDuTQUpW+O/qtgjAFZlYc4iRRj4G1
BP/QyzuTnpP6PuAG9pJYHx164+uS2Ftog/QnCFD0YAJdJtxaoUHzOw==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2025-07-09T19:44:56Z"
mac: ENC[AES256_GCM,data:1sXY3aEfbsit5hGBdE7x0pbdSLnW67NRNNDTEjS1fI85TaPpMmcgrxxvEDsg1A6psRMdBwFMUIVHH/rf4rkZ9tXSmHZBFTZrTQGn09bPF9yNC0MnJXKkcNcQiQJveg986LMWFwT/WE8PWbeDh7o+ASJF+IgT+5ikq8DMBgoyK/E=,iv:Ssy66et65Oq2WwbF12ubLGk87bSv/KSruf49T7v04NY=,tag:Y89PxwRFlJUBZniS2clybw==,type:str]
unencrypted_suffix: _unencrypted
version: 3.10.2

217
hosts/arcturus/default.nix
View File

@@ -1,217 +0,0 @@
{
modulesPath,
inputs,
username,
lib,
email,
config,
...
}: {
imports = [
(modulesPath + "/installer/scan/not-detected.nix")
(modulesPath + "/profiles/qemu-guest.nix")
inputs.disko.nixosModules.default
(import ./disko.nix {device = "/dev/vda";})
../common
../../modules/nixos/virtualisation/docker.nix
../../modules/nixos/selfhosted/postgresql.nix
../../modules/nixos/selfhosted/headscale.nix
../../modules/nixos/selfhosted/vaultwarden.nix
../../modules/nixos/selfhosted/gitea.nix
../../modules/nixos/selfhosted/plausible.nix
../../modules/nixos/selfhosted/monitoring/grafana.nix
../../modules/nixos/selfhosted/monitoring/loki.nix
../../modules/nixos/selfhosted/monitoring/promtail.nix
../../modules/nixos/selfhosted/ntfy-sh.nix
../../modules/nixos/selfhosted/searx.nix
../../modules/nixos/selfhosted/wakapi.nix
../../modules/nixos/selfhosted/nextcloud.nix
../../modules/nixos/selfhosted/silver-bullet.nix
../../modules/nixos/selfhosted/rustdesk-server.nix
../../modules/nixos/selfhosted/kasmweb.nix
../../modules/nixos/selfhosted/open-webui.nix
../../modules/nixos/selfhosted/glance
];
tux.services.openssh.enable = true;
sops.secrets = {
borg_encryption_key = {
sopsFile = ./secrets.yaml;
};
searx_secret_key = {
sopsFile = ./secrets.yaml;
};
"cloudflare_credentials/email" = {
sopsFile = ./secrets.yaml;
};
"cloudflare_credentials/dns_api_token" = {
sopsFile = ./secrets.yaml;
};
plausible_key = {
sopsFile = ./secrets.yaml;
};
wakapi_salt = {
sopsFile = ./secrets.yaml;
};
nextcloud_password = {
sopsFile = ./secrets.yaml;
owner = "nextcloud";
};
silver_bullet = {
sopsFile = ./secrets.yaml;
};
"cs2_secrets/SRCDS_TOKEN" = {
sopsFile = ./secrets.yaml;
};
"cs2_secrets/CS2_RCONPW" = {
sopsFile = ./secrets.yaml;
};
"cs2_secrets/CS2_PW" = {
sopsFile = ./secrets.yaml;
};
};
nixpkgs = {
hostPlatform = "x86_64-linux";
};
boot = {
kernel.sysctl = {
"vm.swappiness" = 10;
};
initrd.systemd = {
enable = lib.mkForce true;
services.wipe-my-fs = {
wantedBy = ["initrd.target"];
after = ["initrd-root-device.target"];
before = ["sysroot.mount"];
unitConfig.DefaultDependencies = "no";
serviceConfig.Type = "oneshot";
script = ''
mkdir /btrfs_tmp
mount /dev/disk/by-partlabel/disk-primary-root /btrfs_tmp
if [[ -e /btrfs_tmp/root ]]; then
mkdir -p /btrfs_tmp/old_roots
timestamp=$(date --date="@$(stat -c %Y /btrfs_tmp/root)" "+%Y-%m-%-d_%H:%M:%S")
mv /btrfs_tmp/root "/btrfs_tmp/old_roots/$timestamp"
fi
delete_subvolume_recursively() {
IFS=$'\n'
for i in $(btrfs subvolume list -o "$1" | cut -f 9- -d ' '); do
delete_subvolume_recursively "/btrfs_tmp/$i"
done
btrfs subvolume delete "$1"
}
for i in $(find /btrfs_tmp/old_roots/ -maxdepth 1 -mtime +30); do
delete_subvolume_recursively "$i"
done
btrfs subvolume create /btrfs_tmp/root
umount /btrfs_tmp
'';
};
};
loader = {
grub = {
efiSupport = true;
efiInstallAsRemovable = true;
configurationLimit = 10;
};
timeout = 1;
};
};
networking = {
hostName = "arcturus";
firewall = {
enable = true;
allowedTCPPorts = [80 443 22 3333 8081];
};
};
security = {
acme = {
acceptTerms = true;
defaults.email = "${email}";
certs = {
"tux.rs" = {
group = "nginx";
domain = "*.tux.rs";
extraDomainNames = ["tux.rs"];
dnsProvider = "cloudflare";
credentialFiles = {
CLOUDFLARE_EMAIL_FILE = config.sops.secrets."cloudflare_credentials/email".path;
CLOUDFLARE_DNS_API_TOKEN_FILE = config.sops.secrets."cloudflare_credentials/dns_api_token".path;
};
};
};
};
};
users.users.nginx.extraGroups = ["acme"];
services = {
nginx = {
recommendedTlsSettings = true;
recommendedBrotliSettings = true;
recommendedOptimisation = true;
recommendedGzipSettings = true;
recommendedProxySettings = true;
};
};
programs.fuse.userAllowOther = true;
fileSystems."/persist".neededForBoot = true;
environment.persistence."/persist" = {
hideMounts = true;
directories = [
"/var/log"
"/var/lib/nixos"
"/var/lib/acme"
"/var/lib/postgresql"
"/var/lib/headscale"
"/var/lib/vaultwarden"
"/var/lib/gitea"
"/var/lib/clickhouse"
"/var/lib/grafana"
"/var/lib/promtail"
"/var/lib/private"
"/var/lib/nextcloud"
"/var/lib/silverbullet"
"/var/lib/kasmweb"
];
files = [
"/etc/ssh/ssh_host_ed25519_key"
"/etc/ssh/ssh_host_ed25519_key.pub"
"/etc/ssh/ssh_host_rsa_key"
"/etc/ssh/ssh_host_rsa_key.pub"
];
};
home-manager.users.${username} = {
imports = [
./home.nix
];
};
system.stateVersion = "24.11";
}

53
hosts/arcturus/disko.nix
View File

@@ -1,53 +0,0 @@
{device ? throw "Set this to the disk device, e.g. /dev/nvme0n1", ...}: {
disko.devices.disk.primary = {
inherit device;
type = "disk";
content = {
type = "gpt"; # GPT partitioning scheme
partitions = {
boot = {
name = "boot";
size = "1M";
type = "EF02";
};
# EFI Partition
ESP = {
size = "512M";
type = "EF00";
content = {
type = "filesystem";
format = "vfat";
mountpoint = "/boot";
mountOptions = ["defaults" "umask=0077"];
};
};
# Btrfs Root Partition
root = {
size = "100%"; # Use remaining space
type = "8300"; # Linux filesystem type
content = {
type = "btrfs";
subvolumes = {
"/root" = {
mountOptions = ["compress=zstd"]; # Compression for better performance
mountpoint = "/"; # Root subvolume
};
"/persist" = {
mountOptions = ["compress=zstd"]; # Compression for persistent data
mountpoint = "/persist"; # Persistent subvolume
};
"/nix" = {
mountOptions = [
"compress=zstd"
"noatime"
"noacl"
]; # Optimize for Nix store
mountpoint = "/nix"; # Nix subvolume
};
};
};
};
};
};
};
}

13
hosts/arcturus/home.nix
View File

@@ -1,13 +0,0 @@
{username, ...}: {
home.persistence."/persist/home/${username}" = {
directories = [
"Projects"
"Stuff"
".ssh"
".local/share/zsh"
];
allowOther = true;
};
home.stateVersion = "24.11";
}

42
hosts/arcturus/secrets.yaml
View File

@@ -1,42 +0,0 @@
borg_encryption_key: ENC[AES256_GCM,data:7DZQaoS2a5mPjTej25vr1aO1yAAPyXT2tf/VxKrLxF0=,iv:it8JlyEj4r4Z+qDvoEWMQlGkbVh08M/BCkGLVzRCVKQ=,tag:81gRhru8J3hkQhIbgUOgBg==,type:str]
searx_secret_key: ENC[AES256_GCM,data:Z49PJ2gNI5CI0IfzOta+r67VNUvjoPpMVv5lajGhUMPzSy1KWZC5wIM3d02jWwCOsNjXdU5hE3j9W0rkoy5ZhFPXBJRUEv5b6IcaLA==,iv:364zGZkD2LO189nkvizl8yjedi1IgYEEQMA67SexSSI=,tag:qPqefG6jUaBOpUy6d7E++w==,type:str]
plausible_key: ENC[AES256_GCM,data:Ynf2aJ6RLRdAkT9ltLpCXTl8zg/VESDchlf67PmKjc93rSfDgq9tFqv1q55Km2lDo7y9iLu5WyLLg24CSSwy8Q==,iv:yW5hgP4dhfkvunv3iYmXGEH9w29OOmrG4ourPagslVg=,tag:C5PVfEseP5gJdoQQL4gERQ==,type:str]
wakapi_salt: ENC[AES256_GCM,data:Vk5Lezv0f/0ehHqXXBCsQxWFYE2KFujTfII0r7Gd1BXFrwiPEdX62aZ+9LQx7s1RTHh0n+LP/5t0cmHO/fJhGw==,iv:ZUlRwNXUCQ53Lymi9fO4qoBWjLpHVWfTnYM0Z1I6F5o=,tag:dadkEKV7paH4+qAz7Bxxqg==,type:str]
cloudflare_credentials:
email: ENC[AES256_GCM,data:qesgxkzUglKdYPI=,iv:2XDEoQzmtagSiILWZzJPswdhkQ+qjdZfNd+LL1nHPx8=,tag:K1F23Za2Zq78tzf0fl5zEw==,type:str]
dns_api_token: ENC[AES256_GCM,data:ibSL4KWYhqgHjo27fiSqB1iN9NWU3/qGGuLpmiMpBf+qCuh8uxR7Yw==,iv:NapMvfUSm5rgeROK7KuxGyog8s2PW9CCKtjRG87FoCQ=,tag:/Oah7PRCe4XPts0IYt83zw==,type:str]
nextcloud_password: ENC[AES256_GCM,data:o37mq4YHQT5pbi+cXrk=,iv:8HiDwdHTozNM2lHpgqVhdsspuifppsL2I6Z31xEnYFI=,tag:xTnfn8HcubfiQwLYIkpxjw==,type:str]
silver_bullet: ENC[AES256_GCM,data:waEPGskjkkdX98PKzgZG1bzS+NwL6GR8kok=,iv:8a8IeXla8XSHFzjKcVY3QYUK5aFk2kPHVIRvs1y7So0=,tag:p++o6wvLtG5DbDmUusRQLg==,type:str]
cs2_secrets:
SRCDS_TOKEN: ENC[AES256_GCM,data:SzPz4sHDgEoioX8ylLFM6AUUS60gWYpR3ifxUD8A8IQga24t6GM0dyGDryc=,iv:XefIn9yCLPLKVRA+rZiSGUH3l6ZANIJoGRuM/3vFLIw=,tag:flEjl9c7i3XBlHJaq41QYQ==,type:str]
CS2_RCONPW: ENC[AES256_GCM,data:ZyVeoOngZjxKR/ObYo5yJC1ViCNufuA=,iv:+fJK0sY39V/iH7OjT0AzQq6RefVzLZCDETYcAMFnZNU=,tag:IOhRUQRdffNMXa2cKZvi/w==,type:str]
CS2_PW: ENC[AES256_GCM,data:W1Cur7YT1F/+45vmqif2JbpjVURfnfo=,iv:sBNDM2N+QWDAMculBBZtYZcM7ILEfpwkwOd7ErORQhI=,tag:XFsxTUjctZKU38RQUfJ8HQ==,type:str]
sops:
kms: []
gcp_kms: []
azure_kv: []
hc_vault: []
age:
- recipient: age14vktfes95f33vuefwnmuvryas7az04u76dsgyhfvsx73czkvmp2q7njkl4
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB6TGpVMzNDZjNQSkNDQmM3
eXpvZDRPZW9Kbm81Z2VVUVZIckFNUC9zTEZzCmliUkNWS01YMHVRaUoxTS84VmxQ
UDZtbkhmZmdZVWVsaHN3djkwSERGQ1kKLS0tIEh0ckhDTkQvcEM0UFI2MUVXVHI5
WnhEdnRqazdZWmczYXYxNy9BMHdwdEUKYgB34OOezF3iF706pIfDmQ0FJEHXBbGF
EJRNmA4Zl1AwyzkN3NSlctzvxx201T1GWL4qZeyVafRv5jQ9oSfK7g==
-----END AGE ENCRYPTED FILE-----
- recipient: age1zsl5d4vj6gl3h96y5p53sq5y4vr4vtlwp727h7rp9a4xfkxm53lqrh6r50
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBHeXNrT3c1bENOK0lNZWNT
eFBqYm1BRHBhakFQMVVIKzR0SDRDOW9jUXdBCmFIQWZRSnBlOFBralVFakQ2clNY
Q1Nma0pRVHh4L3IwQm1GbTdqb1BUcWsKLS0tIFRQOVIxb1FRc29WSVVERWsxSDhq
NGprRGVyZ2plWVNrM3drM3JSUjM2L0UKuNk5DqYn2DIfRpY72zDRP5BKoVAXtNv9
uLI//8wc7f4I3uBdARQdpRE1fapY1UOJOn3i0yndrZARPEbdohRK1Q==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2025-01-24T12:59:25Z"
mac: ENC[AES256_GCM,data:WGWGvbqu07XZ5oU2HBGUbP/9oNCavPBXb2SIm10CG2s377QAWZmpdOC2AGAX8J3NfLtyWEHm8WUQSKjNKvKWARsXU24lNnY+BTSIkF8ymrAU/rRMX8VJi92IYjregAfVBIaYomxqJFhNuAhmsQ75ZYMpRBTusxiEFEdl/H9obiY=,iv:VXIVkpnOY2gZ/xDX/oFvZn08K5Gp49tpiJQGK20blro=,tag:Hkk92ZQWTRY9oQb3Mm6R3w==,type:str]
pgp: []
unencrypted_suffix: _unencrypted
version: 3.9.3

423
hosts/canopus/default.nix
View File

@@ -1,423 +0,0 @@
{
inputs,
username,
pkgs,
lib,
config,
...
}: {
imports = [
inputs.nixos-hardware.nixosModules.asus-zephyrus-ga503
inputs.disko.nixosModules.default
(import ./disko.nix {device = "/dev/nvme0n1";})
./hardware.nix
../common
../../modules/nixos/desktop
../../modules/nixos/desktop/awesome
../../modules/nixos/desktop/hyprland
../../modules/nixos/virtualisation
../../modules/nixos/steam.nix
];
tux.services.openssh.enable = true;
nixpkgs.config.cudaSupport = true;
sops.secrets = {
hyperbolic_api_key = {
sopsFile = ./secrets.yaml;
owner = "${username}";
};
gemini_api_key = {
sopsFile = ./secrets.yaml;
owner = "${username}";
};
open_router_api_key = {
sopsFile = ./secrets.yaml;
owner = "${username}";
};
};
networking = {
hostName = "canopus";
networkmanager = {
enable = true;
wifi.powersave = false;
};
firewall = {
enable = true;
allowedTCPPorts = [
80
443
22
3000
6666
8081
];
# Facilitate firewall punching
allowedUDPPorts = [41641];
allowedTCPPortRanges = [
{
from = 1714;
to = 1764;
}
];
allowedUDPPortRanges = [
{
from = 1714;
to = 1764;
}
];
};
};
boot = {
binfmt.emulatedSystems = ["aarch64-linux"];
plymouth = {
enable = true;
theme = "spinner-monochrome";
themePackages = [
(pkgs.plymouth-spinner-monochrome.override {inherit (config.boot.plymouth) logo;})
];
};
kernelParams = [
"quiet"
"loglevel=3"
"systemd.show_status=auto"
"udev.log_level=3"
"rd.udev.log_level=3"
"vt.global_cursor_default=0"
];
consoleLogLevel = 0;
initrd.verbose = false;
kernelPackages = pkgs.linuxPackages_zen;
supportedFilesystems = ["ntfs"];
initrd.systemd = {
enable = lib.mkForce true;
services.wipe-my-fs = {
wantedBy = ["initrd.target"];
after = ["initrd-root-device.target"];
before = ["sysroot.mount"];
unitConfig.DefaultDependencies = "no";
serviceConfig.Type = "oneshot";
script = ''
mkdir /btrfs_tmp
mount /dev/disk/by-partlabel/disk-primary-root /btrfs_tmp
if [[ -e /btrfs_tmp/root ]]; then
mkdir -p /btrfs_tmp/old_roots
timestamp=$(date --date="@$(stat -c %Y /btrfs_tmp/root)" "+%Y-%m-%-d_%H:%M:%S")
mv /btrfs_tmp/root "/btrfs_tmp/old_roots/$timestamp"
fi
delete_subvolume_recursively() {
IFS=$'\n'
for i in $(btrfs subvolume list -o "$1" | cut -f 9- -d ' '); do
delete_subvolume_recursively "/btrfs_tmp/$i"
done
btrfs subvolume delete "$1"
}
for i in $(find /btrfs_tmp/old_roots/ -maxdepth 1 -mtime +30); do
delete_subvolume_recursively "$i"
done
btrfs subvolume create /btrfs_tmp/root
umount /btrfs_tmp
'';
};
};
loader = {
systemd-boot = {
enable = true;
configurationLimit = 10;
};
efi.canTouchEfiVariables = true;
timeout = 1;
};
};
hardware = {
bluetooth.enable = true;
bluetooth.powerOnBoot = true;
graphics.enable32Bit = true;
};
security = {
polkit.enable = true;
rtkit.enable = true;
};
systemd = {
enableEmergencyMode = false;
user = {
services.polkit-gnome-authentication-agent-1 = {
description = "polkit-gnome-authentication-agent-1";
wantedBy = ["graphical-session.target"];
wants = ["graphical-session.target"];
after = ["graphical-session.target"];
serviceConfig = {
Type = "simple";
ExecStart = "${pkgs.polkit_gnome}/libexec/polkit-gnome-authentication-agent-1";
Restart = "on-failure";
RestartSec = 1;
TimeoutStopSec = 10;
};
};
};
};
programs = {
ssh.startAgent = true;
xfconf.enable = true;
file-roller.enable = true;
thunar = {
enable = true;
plugins = with pkgs.xfce; [
thunar-archive-plugin
thunar-volman
];
};
nix-ld = {
enable = true;
package = pkgs.nix-ld-rs;
};
nm-applet.enable = true;
noisetorch.enable = true;
};
services = {
fwupd.enable = true;
fstrim.enable = true;
resolved.enable = true;
flatpak.enable = true;
pipewire = {
enable = true;
alsa.enable = true;
alsa.support32Bit = true;
pulse.enable = true;
wireplumber.enable = true;
};
logind = {
settings.Login = {
HandlePowerKey = "suspend";
HanldeLidSwitch = "suspend";
HandleLidSwitchExternalPower = "suspend";
};
};
xrdp = {
enable = true;
openFirewall = true;
defaultWindowManager = "awesome";
audio.enable = true;
};
syncthing = {
enable = true;
user = "tux";
dataDir = "/home/tux/";
openDefaultPorts = true;
};
xserver = {
enable = true;
xkb = {
layout = "in";
variant = "eng";
};
};
libinput.touchpad.naturalScrolling = true;
libinput.mouse.accelProfile = "flat";
# To use Auto-cpufreq we need to
# disable TLP because it's enabled by nixos-hardware
tlp.enable = false;
auto-cpufreq = {
enable = true;
settings = {
battery = {
platform_profile = "balanced";
governor = "powersave";
energy_performance_preference = "performance";
turbo = "never";
scaling_min_freq = 400000;
scaling_max_freq = 3800000;
};
charger = {
platform_profile = "performance";
governor = "performance";
energy_performance_preference = "performance";
turbo = "auto";
scaling_min_freq = 400000;
scaling_max_freq = 3800000;
};
};
};
blueman.enable = true;
supergfxd = {
enable = true;
settings = {
mode = "Integrated";
vfio_enable = false;
vfio_save = false;
always_reboot = false;
no_logind = false;
logout_timeout_s = 180;
hotplug_type = "None";
};
};
asusd = {
enable = true;
enableUserService = true;
asusdConfig.text = ''
(
charge_control_end_threshold: 80,
disable_nvidia_powerd_on_battery: true,
ac_command: "",
bat_command: "",
platform_profile_linked_epp: true,
platform_profile_on_battery: Quiet,
platform_profile_on_ac: Performance,
change_platform_profile_on_battery: true,
change_platform_profile_on_ac: true,
profile_quiet_epp: Power,
profile_balanced_epp: BalancePower,
profile_custom_epp: Performance,
profile_performance_epp: Performance,
ac_profile_tunings: {},
dc_profile_tunings: {},
armoury_settings: {},
)
'';
profileConfig.text = ''
(
active_profile: Quiet,
)
'';
fanCurvesConfig.text = ''
(
profiles: (
balanced: [
(
fan: CPU,
pwm: (2, 22, 45, 68, 91, 153, 153, 153),
temp: (55, 62, 66, 70, 74, 78, 78, 78),
enabled: false,
),
(
fan: GPU,
pwm: (2, 25, 48, 71, 94, 165, 165, 165),
temp: (55, 62, 66, 70, 74, 78, 78, 78),
enabled: false,
),
],
performance: [
(
fan: CPU,
pwm: (35, 68, 79, 91, 114, 175, 175, 175),
temp: (58, 62, 66, 70, 74, 78, 78, 78),
enabled: false,
),
(
fan: GPU,
pwm: (35, 71, 84, 94, 119, 188, 188, 188),
temp: (58, 62, 66, 70, 74, 78, 78, 78),
enabled: false,
),
],
quiet: [
(
fan: CPU,
pwm: (2, 12, 22, 35, 45, 58, 79, 79),
temp: (55, 62, 66, 70, 74, 78, 82, 82),
enabled: true,
),
(
fan: GPU,
pwm: (2, 12, 25, 35, 48, 61, 84, 84),
temp: (55, 62, 66, 70, 74, 78, 82, 82),
enabled: true,
),
],
custom: [],
),
)
'';
};
gvfs.enable = true;
tumbler.enable = true;
# @FIX gnome gcr agent conflicts with programs.ssh.startAgent;
# gnome.gnome-keyring.enable = true;
tailscale = {
enable = true;
extraUpFlags = ["--login-server https://hs.tux.rs"];
};
mullvad-vpn = {
enable = true;
package = pkgs.mullvad-vpn;
};
};
fonts.packages = with pkgs.nerd-fonts; [
fira-code
jetbrains-mono
bigblue-terminal
];
programs.fuse.userAllowOther = true;
fileSystems."/persist".neededForBoot = true;
environment.persistence."/persist" = {
hideMounts = true;
directories = [
"/var/log"
"/var/lib/bluetooth"
"/var/lib/tailscale"
"/var/lib/nixos"
"/var/lib/docker"
"/var/lib/waydroid"
"/var/lib/iwd"
"/etc/NetworkManager/system-connections"
];
files = [
# "/etc/machine-id"
"/etc/ly/save.ini"
"/etc/ssh/ssh_host_ed25519_key"
"/etc/ssh/ssh_host_ed25519_key.pub"
"/etc/ssh/ssh_host_rsa_key"
"/etc/ssh/ssh_host_rsa_key.pub"
];
};
home-manager.users.${username} = {
imports = [
./home.nix
];
};
system.stateVersion = "24.11";
}

69
hosts/canopus/disko.nix
View File

@@ -1,69 +0,0 @@
{device ? throw "Set this to the disk device, e.g. /dev/nvme0n1", ...}: {
disko.devices.disk.primary = {
inherit device;
type = "disk";
content = {
type = "gpt"; # GPT partitioning scheme
partitions = {
# EFI Partition
ESP = {
size = "1G";
type = "EF00";
content = {
type = "filesystem";
format = "vfat";
mountpoint = "/boot";
mountOptions = [
"defaults"
"umask=0077"
];
};
};
# Swap Partition
swap = {
size = "32G";
content = {
type = "swap";
discardPolicy = "both";
resumeDevice = true; # Enable hibernation
};
};
# Btrfs Root Partition
root = {
size = "100%"; # Use remaining space
type = "8300"; # Linux filesystem type
content = {
type = "btrfs";
subvolumes = {
"/root" = {
mountOptions = [
"compress=zstd"
"noatime"
"space_cache=v2"
]; # Compression for better performance
mountpoint = "/"; # Root subvolume
};
"/persist" = {
mountOptions = [
"compress=zstd"
"noatime"
"space_cache=v2"
]; # Compression for persistent data
mountpoint = "/persist"; # Persistent subvolume
};
"/nix" = {
mountOptions = [
"compress=zstd"
"noatime"
"noacl"
"space_cache=v2"
]; # Optimize for Nix store
mountpoint = "/nix"; # Nix subvolume
};
};
};
};
};
};
};
}

26
hosts/canopus/hardware.nix
View File

@@ -1,26 +0,0 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }:
{
imports =
[ (modulesPath + "/installer/scan/not-detected.nix")
];
boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" "usbhid" "usb_storage" "sd_mod" "sdhci_pci" ];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-amd" ];
boot.extraModulePackages = [ ];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's
# still possible to use this option, but it's recommended to use it in conjunction
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
networking.useDHCP = lib.mkDefault true;
# networking.interfaces.enp3s0.useDHCP = lib.mkDefault true;
# networking.interfaces.wlp4s0.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
}

126
hosts/canopus/home.nix
View File

@@ -1,126 +0,0 @@
{
pkgs,
username,
...
}: {
imports = [
../../modules/home/desktop/awesome
../../modules/home/desktop/hyprland
../../modules/home/picom
../../modules/home/alacritty
../../modules/home/wezterm
../../modules/home/ghostty
../../modules/home/desktop/rofi
../../modules/home/barrier
../../modules/home/firefox
../../modules/home/brave
../../modules/home/vs-code
../../modules/home/zed
../../modules/home/mopidy
../../modules/home/thunderbird
../../modules/home/easyeffects
../../modules/home/discord
../../modules/home/kdeconnect
../../modules/home/obs-studio
../../modules/home/spotify
];
home.pointerCursor = {
package = pkgs.bibata-cursors;
name = "Bibata-Modern-Ice";
};
qt = {
enable = true;
platformTheme.name = "gtk";
style = {
name = "adwaita-dark";
package = pkgs.adwaita-qt;
};
};
gtk = {
enable = true;
theme = {
name = "Materia-dark";
package = pkgs.materia-theme;
};
iconTheme = {
package = pkgs.tela-icon-theme;
name = "Tela-black";
};
};
services.flameshot = {
enable = true;
package = pkgs.flameshot.override {enableWlrSupport = true;};
settings = {
General = {
useGrimAdapter = true;
};
};
};
home.packages = with pkgs; [
telegram-desktop
anydesk
stable.rustdesk-flutter
rawtherapee
stable.beekeeper-studio
libreoffice-qt
spotify
# @TODO Enable when qt5 webengine patched
# https://github.com/NixOS/nixpkgs/blob/b599843bad24621dcaa5ab60dac98f9b0eb1cabe/pkgs/development/libraries/qt-5/modules/qtwebengine.nix#L466
# stremio
galaxy-buds-client
copyq
vlc
tor-browser
distrobox
bluetui
impala
];
home.persistence."/persist/home/${username}" = {
directories = [
"Downloads"
"Music"
"Wallpapers"
"Documents"
"Videos"
"Projects"
"Stuff"
"go"
".mozilla"
".ssh"
".wakatime"
".rustup"
".cargo"
".cache/spotify-player"
".config/BraveSoftware"
".config/copyq"
".config/discord"
".config/Vencord"
".config/vesktop"
".config/sops"
".config/obs-studio"
".config/rustdesk"
".config/kdeconnect"
".local/share/nvim"
".local/share/opencode"
".local/share/zsh"
".local/share/zoxide"
".local/share/Smart\ Code\ ltd"
".local/share/GalaxyBudsClient"
".local/share/TelegramDesktop"
".local/state/lazygit"
];
files = [
".wakatime.cfg"
".config/aichat/.env"
];
allowOther = true;
};
home.stateVersion = "24.11";
}

27
hosts/canopus/secrets.yaml
View File

@@ -1,27 +0,0 @@
hyperbolic_api_key: ENC[AES256_GCM,data:WGvF0PPbMd7zWiO8GfmgluV7dW+ZpzLMO31uI5xo+nekvTBkXiAuHFDK/SXKEUFDMEboNkA/a6JUNsCRhuA4N7qhIZgyQ2bc1iafsj7c4F4X/py63Z4bMx8+byScOSoW+RKAvSFOLDGXQ4s9dKc3XNW7G15QyzTRYUFDbXxsSQ6n6DMJk4jr,iv:o+Shbpl3tXmefpdQB5sod3bNQHHsBnEEP0Bk3C1H5Yo=,tag:fi+7K3nAjVoavqy2Mt8W3Q==,type:str]
gemini_api_key: ENC[AES256_GCM,data:ToQn6NiBpebcSPIHbnAyTJm092Xv24pb7Q09hW/Qb0qZC0ORJGG5,iv:/VIw5hTKlZLaWYdEyaEvIv/ZPTBhq5OkguPL6wFs8A8=,tag:44tNJTBeHYW1ug+z+yKTrw==,type:str]
open_router_api_key: ENC[AES256_GCM,data:QLXIEqsUe8HQobJMvqh8fZi7azXjnz7B524kDPWB8Dk5tAv6EVvM0KHAa6aTGmeMB8LJiUPcLmPU0ifU07s2OyB3Q9w+IFvlfQ==,iv:pBr8SJG8FHP1oYrXrHG0gRMPfdXXoBNPGcYEXF3IJGg=,tag:Yf2FuncT3/9pcBIEN+irGQ==,type:str]
sops:
age:
- recipient: age14vktfes95f33vuefwnmuvryas7az04u76dsgyhfvsx73czkvmp2q7njkl4
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAwZ1V0UE0vT3FoZDhKYXBi
ODRvNGRmZzZQY2t0VDNYTzgzUW5TMlFRQzBnCm9sZEJ1WmY0QU1KR1AwS3R0NXlh
cHhYNjA2TWM3Z1JZM2E1UHluNzdBYXcKLS0tIFRwQm10VlJEUVFyemRGYXpUNHhq
eWNJdzc2dlNlR1N1THAzSVlDNEZZMUUK7kacPvAuwbl0hggMuKJS/hjy0j+i1Oeh
tw7bdZ6do30sf9uY8TWDCeOiK1uOJGATLcDd14VhHl968By8n/5pDw==
-----END AGE ENCRYPTED FILE-----
- recipient: age1x36yr8h993srfj29sfpzt4wyz52nztvncpmhgmfs0j26qvfecq3qvcm0an
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSByZk42NzVUMXV0ZDVWR3Q2
N3NUN1B3blNZS1lKbEU1VmhaTDVOMmFESm1FCi9VeEFXVkRjUnFxYUxERUg0ODY4
eFhFMXhOek1wWTRwOEd6Zk82Sm9VM0UKLS0tIGVBMHpQSWJzMVUxU09XeS8yVXFW
UVM3a1VIMWZGRGNxaUNwbStKekd4N28KvouH73cSd9xMUzDX3ib5tsR8deXGaGTB
N36MxnZcv9AhX7YErc18OkUv+lHZf2MoJ+x5+XOMCjhlUOlvqcBrAg==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2025-10-10T10:15:15Z"
mac: ENC[AES256_GCM,data:ZkWoHKbfC9xqShgOy3KCDPzziQq6hHc6h/o+3MGd31juW2OLlkk4skyxF/u5Eoq6hAeMU27mKu3TnyvCQA3gv1trP5CObs5Cc/Rp8odN+B6549Ec5ljojQbmwwsTti3vo6CbbZXjBZyy6WzJqKWm6yotzp3AFC0CMe+GhsmKY30=,iv:JWWwy5mYdLOHQQ0f2mtRiAkG1LF0ckIe8ndrZfXuZ7Y=,tag:b3DCwgBBBmcJAEnL2qOH5g==,type:str]
unencrypted_suffix: _unencrypted
version: 3.10.2

63
hosts/capella/default.nix
View File

@@ -1,63 +0,0 @@
{
pkgs,
username,
outputs,
inputs,
email,
...
}: {
imports = [
../../modules/droid/sshd.nix
];
android-integration.am.enable = true;
android-integration.termux-open-url.enable = true;
android-integration.xdg-open.enable = true;
android-integration.termux-setup-storage.enable = true;
android-integration.termux-reload-settings.enable = true;
terminal.font = let
firacode = pkgs.nerd-fonts.fira-code;
fontPath = "share/fonts/truetype/NerdFonts/FiraCode/FiraCodeNerdFont-Regular.ttf";
in "${firacode}/${fontPath}";
time.timeZone = "Asia/Kolkata";
tux.services.openssh = {
enable = true;
ports = [8033];
authorizedKeys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIL+OzPUe2ECPC929DqpkM39tl/vdNAXfsRnmrGfR+X3D ${email}"
];
};
user = {
uid = 10479;
gid = 10479;
shell = "${pkgs.zsh}/bin/zsh";
};
environment.etcBackupExtension = ".backup";
environment.motd = '''';
environment.packages = with pkgs; [
nano
git
neovim
openssh
inputs.trok.packages."aarch64-linux".default
];
home-manager = {
config = ./home.nix;
backupFileExtension = "backup";
extraSpecialArgs = {inherit inputs outputs username email;};
useGlobalPkgs = true;
};
# Set up nix for flakes
nix.extraOptions = ''
experimental-features = nix-command flakes
'';
system.stateVersion = "24.05";
}

35
hosts/capella/home.nix
View File

@@ -1,35 +0,0 @@
{pkgs, ...}: {
imports = [
../../modules/home/git
../../modules/home/starship
../../modules/home/fastfetch
];
programs = {
bat.enable = true;
zoxide = {
enable = true;
options = ["--cmd cd"];
};
zsh = {
enable = true;
shellAliases = {
ls = "lsd";
};
syntaxHighlighting.enable = true;
autosuggestion.enable = true;
initContent = ''
fastfetch
'';
};
};
home.packages = with pkgs; [
neovim
busybox
lsd
fastfetch
];
home.stateVersion = "24.05";
}

58
hosts/common/default.nix
View File

@@ -1,58 +0,0 @@
{
username,
outputs,
inputs,
email,
...
}: {
imports = [
inputs.impermanence.nixosModules.impermanence
inputs.home-manager.nixosModules.home-manager
inputs.nix-index-database.nixosModules.nix-index
../../modules/base
../../modules/nixos/fail2ban.nix
../../modules/nixos/selfhosted/upstream-proxy.nix
../../modules/nixos/selfhosted/tfolio.nix
../../modules/nixos/selfhosted/cyber-tux.nix
../../modules/nixos/networking/ssh.nix
];
sops.secrets.tux-password = {
sopsFile = ./secrets.yaml;
neededForUsers = true;
};
time.timeZone = "Asia/Kolkata";
i18n = {
defaultLocale = "en_US.UTF-8";
extraLocaleSettings = {
LC_ADDRESS = "en_IN";
LC_IDENTIFICATION = "en_IN";
LC_MEASUREMENT = "en_IN";
LC_MONETARY = "en_IN";
LC_NAME = "en_IN";
LC_NUMERIC = "en_IN";
LC_PAPER = "en_IN";
LC_TELEPHONE = "en_IN";
LC_TIME = "en_IN";
};
};
security.sudo.wheelNeedsPassword = false;
programs = {
zsh.enable = true;
};
home-manager = {
backupFileExtension = "hm-backup";
useUserPackages = true;
extraSpecialArgs = {inherit inputs outputs username email;};
users.${username} = {
imports = [
./home.nix
];
};
};
}

45
hosts/common/home.nix
View File

@@ -1,45 +0,0 @@
{
outputs,
username,
inputs,
...
}: {
imports = [
inputs.impermanence.nixosModules.home-manager.impermanence
inputs.nix-index-database.homeModules.nix-index
../../modules/home/shell
../../modules/home/git
../../modules/home/starship
../../modules/home/fastfetch
../../modules/home/nvim
../../modules/home/tmux
../../modules/home/helix
../../modules/home/aria2
];
nixpkgs = {
overlays = [
outputs.overlays.additions
outputs.overlays.modifications
outputs.overlays.stable-packages
outputs.overlays.nur
outputs.overlays.nix-vscode-extensions
];
config = {
allowUnfree = true;
allowUnfreePredicate = _: true;
joypixels.acceptLicense = true;
};
};
home = {
username = "${username}";
homeDirectory = "/home/${username}";
};
programs.home-manager.enable = true;
systemd.user.startServices = "sd-switch";
}

79
hosts/common/secrets.yaml
View File

@@ -1,79 +0,0 @@
tux-password: ENC[AES256_GCM,data:68ZXKJMBBLV1mkNP9LFf+xC5arsARqKPFQAtmfag3ftip1suuZ1FmQICqsuCqXgGuwcSfH4ACkuiQ769u4aI7+jPxs0A62hFig==,iv:Yx9EfqChjBtgxxkWmayfKWoE498w4wUYoS353cMUMsI=,tag:Zr3KuIiXsi2VahRZ7Ncpig==,type:str]
sops:
age:
- recipient: age14vktfes95f33vuefwnmuvryas7az04u76dsgyhfvsx73czkvmp2q7njkl4
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBWblJrWjErZC81d1IzTHV6
ZUkwTEhRdVdTTlJQb1pocnpnSkdZSWNTelVFCkJLR3VwT2dwM3IydCtkZ24yLzVF
ei9xMG51djNldnZkSnVqeEtsVFNSMkEKLS0tIGNEdi9OV0ZjVW93SUUyVURpT2tR
U3ZybTNac1JvVW9zTy9ocE5FUkpQTjAK2lAp5MC3B779uSWaOOxbnfdAa9xYDCL2
TloXlxfuYKe0j9Z2TIlYOa6z+/m8upOpE42Ux0qjZprE1LBq3g5uMA==
-----END AGE ENCRYPTED FILE-----
- recipient: age1f860dfewlx5jtt9ejr47gywx70p3dmyc8mat29gpr75psljwjv8q5xyxkq
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBoZGdNSG5ER0JxbWhNanJU
WGlCZlIyT3JLWnFkSnBaakkyMXZBU0o0cjFVCml5VDB2d2dJTGkvVDh5M1NweXl1
ajl3R2RUWmtwWU5RUlpsVFIvM3R0cUUKLS0tIFNkbmtrRGdrcUFibDlldncrbjg2
TWJ1UFh5RnI2VDRocnZ0VVNmd2JRSVEKmqNV4dADO9ZxTjlDgMC5fNdioJrO6vrN
vTg3lTrwOTZ/TCg9PS2T5QEX9fZh2UthCEisPO7p1Q81Gyk7ySg2ow==
-----END AGE ENCRYPTED FILE-----
- recipient: age1x36yr8h993srfj29sfpzt4wyz52nztvncpmhgmfs0j26qvfecq3qvcm0an
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBYZWRuaHIvT3BSZ2M0OUla
YWhSa2Q5SDJNbkRLQUZxaVFISmJENTIxc0hrCjlKTVBCK2g2WWNNNlNJQ25sMjVY
TURsSkNsbTQwRGlyU3NySis5azNvTVUKLS0tIGZHUEh3NHMyVXN5T0pXOWpOT1JP
UmZSM1J0elprbVBUZzU5QjVLRnVxNWsKFVdUQcKiHaSDR2+GqafXvoRQ0yyiKMcy
/UP/yCMoNUYIpiv4ocRhtDj4QrrO6NdJJTUifMkB9I1B6R7B7NG/gw==
-----END AGE ENCRYPTED FILE-----
- recipient: age1jg642q775gmnmxeu29gcf3lph8vem4xr8t84cxe809dpd0myrussh49h60
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBNeEpwakIyMkRYN1c0bUNy
eDFpUGlkTW02NWE1VlYxYnNsQTJ1NHIyWVY4ClI3VHlSWW1IK3I3SHY5YXN5S09q
OU5aSXVXU0FVU1VrNGlCTzFKWm95ZkkKLS0tIGV0Sy9LYlBuTm4xa2Zkc3JoaWo0
ZXllYnMwaXBXTW5vVVhoNXVFcEwvdlEKbuiT2/Isi3nsx/r3whpX6RiLEtsLMm6f
2A3bKpz1+MUupE6umEIBCXc+k58W6VhBkdrMxGtxZt1ZeA8ftz4bVA==
-----END AGE ENCRYPTED FILE-----
- recipient: age1zsl5d4vj6gl3h96y5p53sq5y4vr4vtlwp727h7rp9a4xfkxm53lqrh6r50
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBnbFUwbXoyUnZGMElMdldX
UkJseC9XWEU3Vks2eGdYbHFjUjZMUVVGbkY0ClNIWFMvWEl1eDRncEt1dy9iVS81
ZE1rN25lR0w0Wno2OHZDZTRhSTVXVDgKLS0tIG9jNmFkdGxoRmRCT1RJQjVlOUJa
R0kxbllzMXZML1J6MitXSGhSTkF0MEkK8g7s87t956UTDtQO+IUEXe2B6WNM+KfH
aRobwCjvXcv5I8G+gkNll23MYlLMBRZ1qkeq24R0xA7cMYXj5APUsA==
-----END AGE ENCRYPTED FILE-----
- recipient: age1zujp5gxy7suv8ysnygv43cmzuvv36nxfg0ch7r3xg2emc6fz3vmqqujheq
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA0bTBEck44R2ZxS0M3Ris1
VllxeEgyTjRWcHp3RUdpMytFQ0podkxXT1JrCi9VU2U2SHFrd1dPb3RESkQ4OGhi
RjZVVTZWQUVXSUxqaG5KVkJxQ0RCQncKLS0tIDJiVGpIU0NjelVCZkloOGhxQTdV
eHlaVm9iUFk2YThXZnU5SVpHUVVHbkEKcmUvbINRqmkkvXyyskNJ4eYD7VdQnxqg
7VuWV7zUK5ZVPv9kJiUl3OB3vNU8U15sNIdAjCp8//RtNkRyDJMgEQ==
-----END AGE ENCRYPTED FILE-----
- recipient: age1ydkclhk9kwqdq74utesqdfupt43lz64d5k65gz2z9uyljcqq9fcq3hv28l
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBjVjU1Vy9tMkp5MS96Si9v
bnB4OHpzdktPeStYZHFZTXVmSWphMkxFQkRZCjEvTEpZY1I4TWNlM0c4Wi9nUVhx
dktvOXdXQ0M1YzhVU3BlOUZ4Tjkrd28KLS0tIC9NT0NKZTd0VUVUQTB6UHhDSVVw
eFM1Q1JOVXZoSXltRVZpaTNTUWhNa3MKFoY5bWWQS9qh0j8sgIgRA4jT6sl0xRkC
Tu0WUz344TzkJFuy7MgOpviQMqAijmbyYjaRSdS3CLGHvTKY8GcpOA==
-----END AGE ENCRYPTED FILE-----
- recipient: age1y4luzn2jls7rvgphej23srvdlx563lxq29tvf66vhwwzaf7c3f3qzvresh
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBSYlpXRGNpQVZTQ3hZK2lr
L2xodmhycTlRczN1c2Zib3RoeGlxQTAwTVRRCkJ1aWc3bzAyNnlMbUhuK2YwTXBq
Q1VhUUtWWXU0RXY2NG5jMG90dis4bEUKLS0tIHlkRkdCV0ZvU2pLZDRlN2h6c0JO
TTNtbGY1UWV5K3VQWjk5WlgyNUd1UVkK+XeX8vK4K2DJaWtFE91YGg/58M09rwuj
VVcMIPPPO1+KD16HTe1b8bVPeNfpIj9p3ybew3ILducyrYiRrxzGwg==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2025-10-10T10:14:47Z"
mac: ENC[AES256_GCM,data:fmBWLOOCvJLfKSNG14zd9cBEa9+M4dJ7UtR+SZfGEcoGtBPmX1c6ZR8OgB+I45WkpT+Ho8kwQMcnD0n6IWzg946OEzIZjNuCds/wM1cCd3LjjlqwKnN1QGL5DNSIyi5CFzrjvvFtZCsw2acNjxtK86JujhpOivdVKC/kGkJzF0M=,iv:g0jXzrtU53YpW/NIb8ulmOGSJIXMA1Wady6DlOMA9aU=,tag:zf7WmNNYcFO9Rtynm5vaUg==,type:str]
unencrypted_suffix: _unencrypted
version: 3.10.2

153
hosts/homelab/default.nix
View File

@@ -1,153 +0,0 @@
{
inputs,
username,
pkgs,
lib,
config,
...
}: {
imports = [
inputs.disko.nixosModules.default
(import ./disko.nix {device = "/dev/nvme0n1";})
./hardware.nix
../common
../../modules/nixos/desktop
../../modules/nixos/virtualisation/docker.nix
];
tux.services.openssh.enable = true;
sops.secrets = {
discord_token = {
sopsFile = ./secrets.yaml;
};
};
tux.services.cyber-tux = {
enable = true;
environmentFile = config.sops.secrets.discord_token.path;
};
networking = {
hostName = "homelab";
networkmanager = {
enable = true;
wifi.powersave = false;
};
firewall = {
enable = true;
allowedTCPPorts = [22];
# Facilitate firewall punching
allowedUDPPorts = [41641];
};
};
boot = {
consoleLogLevel = 0;
initrd.verbose = false;
kernelPackages = pkgs.linuxPackages_zen;
initrd.systemd = {
enable = lib.mkForce true;
services.wipe-my-fs = {
wantedBy = ["initrd.target"];
after = ["initrd-root-device.target"];
before = ["sysroot.mount"];
unitConfig.DefaultDependencies = "no";
serviceConfig.Type = "oneshot";
script = ''
mkdir /btrfs_tmp
mount /dev/disk/by-partlabel/disk-primary-root /btrfs_tmp
if [[ -e /btrfs_tmp/root ]]; then
mkdir -p /btrfs_tmp/old_roots
timestamp=$(date --date="@$(stat -c %Y /btrfs_tmp/root)" "+%Y-%m-%-d_%H:%M:%S")
mv /btrfs_tmp/root "/btrfs_tmp/old_roots/$timestamp"
fi
delete_subvolume_recursively() {
IFS=$'\n'
for i in $(btrfs subvolume list -o "$1" | cut -f 9- -d ' '); do
delete_subvolume_recursively "/btrfs_tmp/$i"
done
btrfs subvolume delete "$1"
}
for i in $(find /btrfs_tmp/old_roots/ -maxdepth 1 -mtime +30); do
delete_subvolume_recursively "$i"
done
btrfs subvolume create /btrfs_tmp/root
umount /btrfs_tmp
'';
};
};
loader = {
systemd-boot = {
enable = true;
configurationLimit = 10;
};
efi.canTouchEfiVariables = true;
timeout = 1;
};
};
hardware = {
graphics.enable32Bit = true;
};
security = {
rtkit.enable = true;
};
programs = {
nix-ld = {
enable = true;
package = pkgs.nix-ld-rs;
};
};
services = {
fwupd.enable = true;
fstrim.enable = true;
tailscale = {
enable = true;
extraUpFlags = ["--login-server https://hs.tux.rs"];
};
};
programs.fuse.userAllowOther = true;
fileSystems."/persist".neededForBoot = true;
environment.persistence."/persist" = {
hideMounts = true;
directories = [
"/var/log"
"/var/lib/tailscale"
"/var/lib/nixos"
"/etc/NetworkManager/system-connections"
];
files = [
"/etc/ssh/ssh_host_ed25519_key"
"/etc/ssh/ssh_host_ed25519_key.pub"
"/etc/ssh/ssh_host_rsa_key"
"/etc/ssh/ssh_host_rsa_key.pub"
];
};
home-manager.users.${username} = {
imports = [
./home.nix
];
};
environment.systemPackages = with pkgs; [go-wol];
system.stateVersion = "24.11";
}

48
hosts/homelab/disko.nix
View File

@@ -1,48 +0,0 @@
{device ? throw "Set this to the disk device, e.g. /dev/nvme0n1", ...}: {
disko.devices.disk.primary = {
inherit device;
type = "disk";
content = {
type = "gpt"; # GPT partitioning scheme
partitions = {
# EFI Partition
ESP = {
size = "512M";
type = "EF00";
content = {
type = "filesystem";
format = "vfat";
mountpoint = "/boot";
mountOptions = ["defaults" "umask=0077"];
};
};
# Btrfs Root Partition
root = {
size = "100%"; # Use remaining space
type = "8300"; # Linux filesystem type
content = {
type = "btrfs";
subvolumes = {
"/root" = {
mountOptions = ["compress=zstd"]; # Compression for better performance
mountpoint = "/"; # Root subvolume
};
"/persist" = {
mountOptions = ["compress=zstd"]; # Compression for persistent data
mountpoint = "/persist"; # Persistent subvolume
};
"/nix" = {
mountOptions = [
"compress=zstd"
"noatime"
"noacl"
]; # Optimize for Nix store
mountpoint = "/nix"; # Nix subvolume
};
};
};
};
};
};
};
}

26
hosts/homelab/hardware.nix
View File

@@ -1,26 +0,0 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }:
{
imports =
[ (modulesPath + "/installer/scan/not-detected.nix")
];
boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" "usbhid" "usb_storage" "sd_mod" "sdhci_pci" ];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-amd" ];
boot.extraModulePackages = [ ];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's
# still possible to use this option, but it's recommended to use it in conjunction
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
networking.useDHCP = lib.mkDefault true;
# networking.interfaces.enp3s0.useDHCP = lib.mkDefault true;
# networking.interfaces.wlp4s0.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
}

22
hosts/homelab/home.nix
View File

@@ -1,22 +0,0 @@
{username, ...}: {
home.persistence."/persist/home/${username}" = {
directories = [
"Projects"
"Stuff"
".ssh"
".wakatime"
".config/sops"
".config/go-wol"
".local/share/nvim"
".local/share/zsh"
".local/share/zoxide"
".local/state/lazygit"
];
files = [
".wakatime.cfg"
];
allowOther = true;
};
home.stateVersion = "24.11";
}

30
hosts/homelab/secrets.yaml
View File

@@ -1,30 +0,0 @@
discord_token: ENC[AES256_GCM,data:fZqz6LD3+Svtton5gNCXO5ddWAqW1IyxP3M2DAIXZEIYRHUfAq8h9LES2IHWepjl5qKimxB35zacE/TYK2fitngWtRGVoMDBzzU6VTKNulNV3yFWrPA=,iv:YOplYld+c9vHVC0Srfm89qrh4yUygDiW67X2TdwHKMc=,tag:Ioc2wNLX818fRQ/2PSO7Sw==,type:str]
sops:
kms: []
gcp_kms: []
azure_kv: []
hc_vault: []
age:
- recipient: age14vktfes95f33vuefwnmuvryas7az04u76dsgyhfvsx73czkvmp2q7njkl4
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB2YktFRE9KS0h0T0hDTlpF
ZEk0VzNTcVE0ampsWVRtSzJ3UHBXL2NlUUh3Cjk5ZnFKVENmTTJHQjgrVWlyOUE1
THUrTUFzdWhKejNUNXpsNVpvZVdJWm8KLS0tIDZ5bmYzSVBUVlVORHAzSGtCQmVo
a2JuSWVtMi9FMkova3BCd2F0U2VCRzQKonG/AkEn2X2l3vyr0UlJprGW2ZSwrczq
xHafyGiU/I1AO/HoB3BXyP8t/Sgn/dy42lspqZ3MoLLlmx7dQeTd+g==
-----END AGE ENCRYPTED FILE-----
- recipient: age1jg642q775gmnmxeu29gcf3lph8vem4xr8t84cxe809dpd0myrussh49h60
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBxWUowUlB2cWVOclpRMENn
TU5za0Y2UHZ5eFNZMEdQWm9xdTZFYkVwS2hNCnRBUU1ndFdiQ09sQjBDb1greC93
ejl2OVZTTEtIcWpxUk5RRngrbjRWREEKLS0tIDVrSHhxbmJFdWwyQS9xeWlFZitJ
Y1RHaFdXaE9DODJtSTFCSVZWb0xVeUEK4qeBKg3u+vhBIM1dQ7BaOWi/C7Q8hk60
vu9Zr075n0+kb5Ab+RH24ZmEoP5PJXjwEfbAnmRTjn0reYn1nfcNYA==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2025-02-15T12:45:59Z"
mac: ENC[AES256_GCM,data:NLGe7L/oiG62x4PmQ6FobnuisFmMxYoGhxfqQ4qZdy9emYL/+FnrtFsKTKqZ9IHjrNnCmbk7y+Cds/azC1xGVcaj50jEox87vtqIZ3z0XsD1mJjCAdHkBVzzpQGwHas/5y0Inyj+oKsvQrqVacqYHVA/ES+zMvou8nD+EWIH2LE=,iv:fBVOnwih+QFkYZ8IfMBpQiT1XwSZtzo3VYaBOL3I5o4=,tag:p+ePQsrmcLcnLr2fgWQXQg==,type:str]
pgp: []
unencrypted_suffix: _unencrypted
version: 3.9.4

93
hosts/isoImage/default.nix
View File

@@ -1,93 +0,0 @@
{
pkgs,
modulesPath,
inputs,
username,
lib,
...
}: {
imports = [
"${modulesPath}/installer/cd-dvd/installation-cd-minimal.nix"
inputs.home-manager.nixosModules.home-manager
../common
../../modules/nixos/desktop
../../modules/nixos/desktop/awesome
../../modules/nixos/desktop/hyprland
];
nixpkgs.hostPlatform = "x86_64-linux";
networking = {
hostName = "iso";
};
hardware = {
bluetooth.enable = true;
bluetooth.powerOnBoot = true;
};
security = {
rtkit.enable = true;
};
programs = {
ssh.startAgent = true;
thunar = {
enable = true;
plugins = with pkgs.xfce; [thunar-archive-plugin thunar-volman];
};
nm-applet.enable = true;
};
services = {
resolved.enable = true;
pipewire = {
enable = true;
alsa.enable = true;
alsa.support32Bit = true;
pulse.enable = true;
};
logind = {
extraConfig = "HandlePowerKey=suspend";
lidSwitch = "suspend";
lidSwitchExternalPower = "suspend";
};
xserver = {
enable = true;
xkb = {
layout = "in";
variant = "eng";
};
};
libinput.touchpad.naturalScrolling = true;
libinput.mouse.accelProfile = "flat";
blueman.enable = true;
gvfs.enable = true;
tumbler.enable = true;
};
fonts.packages = with pkgs.nerd-fonts; [
fira-code
jetbrains-mono
];
home-manager.users.${username} = {
imports = [
./home.nix
];
};
users.users.${username} = {
hashedPasswordFile = lib.mkForce null;
initialPassword = username;
};
system.stateVersion = "23.11";
}

24
hosts/isoImage/home.nix
View File

@@ -1,24 +0,0 @@
{pkgs, ...}: {
imports = [
../../modules/home/desktop/awesome
../../modules/home/desktop/hyprland
../../modules/home/picom
../../modules/home/alacritty
../../modules/home/wezterm
../../modules/home/ghostty
../../modules/home/desktop/rofi
../../modules/home/barrier
../../modules/home/firefox
../../modules/home/brave
../../modules/home/vs-code
../../modules/home/mopidy
../../modules/home/thunderbird
];
home.pointerCursor = {
package = pkgs.bibata-cursors;
name = "Bibata-Modern-Ice";
};
home.stateVersion = "24.11";
}

63
hosts/rigel/default.nix
View File

@@ -1,63 +0,0 @@
{
pkgs,
username,
outputs,
inputs,
email,
...
}: {
imports = [
../../modules/droid/sshd.nix
];
android-integration.am.enable = true;
android-integration.termux-open-url.enable = true;
android-integration.xdg-open.enable = true;
android-integration.termux-setup-storage.enable = true;
android-integration.termux-reload-settings.enable = true;
terminal.font = let
firacode = pkgs.nerd-fonts.fira-code;
fontPath = "share/fonts/truetype/NerdFonts/FiraCode/FiraCodeNerdFont-Regular.ttf";
in "${firacode}/${fontPath}";
time.timeZone = "Asia/Kolkata";
tux.services.openssh = {
enable = true;
ports = [8033];
authorizedKeys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIL+OzPUe2ECPC929DqpkM39tl/vdNAXfsRnmrGfR+X3D ${email}"
];
};
user = {
uid = 10225;
gid = 10225;
shell = "${pkgs.zsh}/bin/zsh";
};
environment.etcBackupExtension = ".backup";
environment.motd = '''';
environment.packages = with pkgs; [
nano
git
neovim
openssh
inputs.trok.packages."aarch64-linux".default
];
home-manager = {
config = ./home.nix;
backupFileExtension = "backup";
extraSpecialArgs = {inherit inputs outputs username email;};
useGlobalPkgs = true;
};
# Set up nix for flakes
nix.extraOptions = ''
experimental-features = nix-command flakes
'';
system.stateVersion = "24.05";
}

35
hosts/rigel/home.nix
View File

@@ -1,35 +0,0 @@
{pkgs, ...}: {
imports = [
../../modules/home/git
../../modules/home/starship
../../modules/home/fastfetch
];
programs = {
bat.enable = true;
zoxide = {
enable = true;
options = ["--cmd cd"];
};
zsh = {
enable = true;
shellAliases = {
ls = "lsd";
};
syntaxHighlighting.enable = true;
autosuggestion.enable = true;
initContent = ''
fastfetch
'';
};
};
home.packages = with pkgs; [
neovim
busybox
lsd
fastfetch
];
home.stateVersion = "24.05";
}

56
hosts/sirius/default.nix
View File

@@ -1,56 +0,0 @@
{
pkgs,
inputs,
username,
config,
...
}: {
imports = [
inputs.nixos-wsl.nixosModules.wsl
../common
../../modules/nixos/virtualisation/docker.nix
];
tux.services.openssh.enable = true;
boot.binfmt.emulatedSystems = ["aarch64-linux"];
nixpkgs = {
config.cudaSupport = true;
hostPlatform = "x86_64-linux";
};
wsl = {
enable = true;
defaultUser = "${username}";
useWindowsDriver = true;
};
networking.hostName = "sirius";
programs = {
ssh.startAgent = true;
zsh.enable = true;
nix-ld = {
enable = true;
libraries = config.hardware.graphics.extraPackages;
package = pkgs.nix-ld-rs;
};
dconf.enable = true;
};
environment.persistence."/persist" = {
enable = false;
};
home-manager.users.${username} = {
imports = [
./home.nix
];
};
system.stateVersion = "23.11";
}

3
hosts/sirius/home.nix
View File

@@ -1,3 +0,0 @@
{...}: {
home.stateVersion = "23.11";
}

66
hosts/vega/default.nix
View File

@@ -1,66 +0,0 @@
{
pkgs,
username,
...
}: {
imports = [
./hardware.nix
../common
../../modules/nixos/selfhosted/adguard.nix
];
tux.services.openssh.enable = true;
boot.initrd.availableKernelModules = [
"usbhid"
"usb_storage"
"vc4"
"pcie_brcmstb" # required for the pcie bus to work
"reset-raspberrypi" # required for vl805 firmware to load
];
# Use the extlinux boot loader. (NixOS wants to enable GRUB by default)
boot.loader.grub.enable = false;
# Enables the generation of /boot/extlinux/extlinux.conf
boot.loader.generic-extlinux-compatible.enable = true;
hardware.enableRedistributableFirmware = true;
powerManagement.cpuFreqGovernor = "ondemand";
networking = {
hostName = "vega";
networkmanager = {
enable = true;
wifi.powersave = false;
};
firewall = {
enable = true;
allowedTCPPorts = [22];
# Facilitate firewall punching
allowedUDPPorts = [41641];
};
};
services = {
tailscale = {
enable = true;
extraUpFlags = ["--login-server https://hs.tux.rs"];
};
};
environment.systemPackages = with pkgs; [go-wol];
environment.persistence."/persist" = {
enable = false;
};
home-manager.users.${username} = {
imports = [
./home.nix
];
};
system.stateVersion = "24.11";
}

32
hosts/vega/hardware.nix
View File

@@ -1,32 +0,0 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }:
{
imports =
[ (modulesPath + "/installer/scan/not-detected.nix")
];
boot.initrd.availableKernelModules = [ ];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ ];
boot.extraModulePackages = [ ];
fileSystems."/" =
{ device = "/dev/disk/by-uuid/44444444-4444-4444-8888-888888888888";
fsType = "ext4";
};
swapDevices = [ ];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's
# still possible to use this option, but it's recommended to use it in conjunction
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
networking.useDHCP = lib.mkDefault true;
# networking.interfaces.enu1u1.useDHCP = lib.mkDefault true;
# networking.interfaces.wlan0.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "aarch64-linux";
}

3
hosts/vega/home.nix
View File

@@ -1,3 +0,0 @@
{...}: {
home.stateVersion = "24.11";
}

101
hosts/vps/default.nix
View File

@@ -1,101 +0,0 @@
{
modulesPath,
inputs,
username,
lib,
...
}: {
imports = [
(modulesPath + "/installer/scan/not-detected.nix")
(modulesPath + "/profiles/qemu-guest.nix")
inputs.disko.nixosModules.default
(import ./disko.nix {device = "/dev/sda";})
../common
];
tux.services.openssh.enable = true;
nixpkgs = {
hostPlatform = "x86_64-linux";
};
boot = {
initrd.systemd = {
enable = lib.mkForce true;
services.wipe-my-fs = {
wantedBy = ["initrd.target"];
after = ["initrd-root-device.target"];
before = ["sysroot.mount"];
unitConfig.DefaultDependencies = "no";
serviceConfig.Type = "oneshot";
script = ''
mkdir /btrfs_tmp
mount /dev/disk/by-partlabel/disk-primary-root /btrfs_tmp
if [[ -e /btrfs_tmp/root ]]; then
mkdir -p /btrfs_tmp/old_roots
timestamp=$(date --date="@$(stat -c %Y /btrfs_tmp/root)" "+%Y-%m-%-d_%H:%M:%S")
mv /btrfs_tmp/root "/btrfs_tmp/old_roots/$timestamp"
fi
delete_subvolume_recursively() {
IFS=$'\n'
for i in $(btrfs subvolume list -o "$1" | cut -f 9- -d ' '); do
delete_subvolume_recursively "/btrfs_tmp/$i"
done
btrfs subvolume delete "$1"
}
for i in $(find /btrfs_tmp/old_roots/ -maxdepth 1 -mtime +30); do
delete_subvolume_recursively "$i"
done
btrfs subvolume create /btrfs_tmp/root
umount /btrfs_tmp
'';
};
};
loader = {
grub = {
efiSupport = true;
efiInstallAsRemovable = true;
};
};
};
networking.hostName = "vps";
users = {
users.${username} = {
password = "${username}";
hashedPasswordFile = lib.mkForce null;
};
};
programs.fuse.userAllowOther = true;
fileSystems."/persist".neededForBoot = true;
environment.persistence."/persist" = {
hideMounts = true;
directories = [
"/var/log"
"/var/lib/nixos"
];
files = [
"/etc/ssh/ssh_host_ed25519_key"
"/etc/ssh/ssh_host_ed25519_key.pub"
"/etc/ssh/ssh_host_rsa_key"
"/etc/ssh/ssh_host_rsa_key.pub"
];
};
home-manager.users.${username} = {
imports = [
./home.nix
];
};
system.stateVersion = "24.11";
}

53
hosts/vps/disko.nix
View File

@@ -1,53 +0,0 @@
{device ? throw "Set this to the disk device, e.g. /dev/nvme0n1", ...}: {
disko.devices.disk.primary = {
inherit device;
type = "disk";
content = {
type = "gpt"; # GPT partitioning scheme
partitions = {
boot = {
name = "boot";
size = "1M";
type = "EF02";
};
# EFI Partition
ESP = {
size = "512M";
type = "EF00";
content = {
type = "filesystem";
format = "vfat";
mountpoint = "/boot";
mountOptions = ["defaults" "umask=0077"];
};
};
# Btrfs Root Partition
root = {
size = "100%"; # Use remaining space
type = "8300"; # Linux filesystem type
content = {
type = "btrfs";
subvolumes = {
"/root" = {
mountOptions = ["compress=zstd"]; # Compression for better performance
mountpoint = "/"; # Root subvolume
};
"/persist" = {
mountOptions = ["compress=zstd"]; # Compression for persistent data
mountpoint = "/persist"; # Persistent subvolume
};
"/nix" = {
mountOptions = [
"compress=zstd"
"noatime"
"noacl"
]; # Optimize for Nix store
mountpoint = "/nix"; # Nix subvolume
};
};
};
};
};
};
};
}

12
hosts/vps/home.nix
View File

@@ -1,12 +0,0 @@
{username, ...}: {
home.persistence."/persist/home/${username}" = {
directories = [
"Projects"
".ssh"
".local/share/zsh"
];
allowOther = true;
};
home.stateVersion = "24.11";
}

11
modules/base/default.nix
View File

@@ -1,11 +0,0 @@
{
imports = [
./nix.nix
./nixpkgs.nix
./nh.nix
./overlays.nix
./sops.nix
./substituters.nix
./user.nix
];
}

16
modules/base/nh.nix
View File

@@ -1,16 +0,0 @@
{
config,
username,
...
}: {
programs.nh = {
enable = true;
clean = {
enable = !config.nix.gc.automatic;
dates = "weekly";
};
flake = "/home/${username}/Projects/nixos-config";
};
}

37
modules/base/nix.nix
View File

@@ -1,37 +0,0 @@
{
pkgs,
username,
...
}: {
nix = {
# @TODO enable when lix is patched
# package = pkgs.lix;
gc = {
automatic = true;
dates = "weekly";
options = "--delete-older-than 7d";
};
optimise = {
automatic = true;
dates = ["weekly"];
};
channel.enable = false;
settings = {
extra-platforms = [
"aarch64-linux"
"arm-linux"
];
auto-optimise-store = true;
allowed-users = ["${username}"];
trusted-users = ["${username}"];
experimental-features = "nix-command flakes";
keep-going = true;
warn-dirty = false;
http-connections = 50;
};
};
}

8
modules/base/nixpkgs.nix
View File

@@ -1,8 +0,0 @@
{
nixpkgs = {
config = {
allowUnfree = true;
joypixels.acceptLicense = true;
};
};
}

9
modules/base/overlays.nix
View File

@@ -1,9 +0,0 @@
{outputs, ...}: {
nixpkgs.overlays = [
outputs.overlays.additions
outputs.overlays.modifications
outputs.overlays.stable-packages
outputs.overlays.nur
outputs.overlays.nix-vscode-extensions
];
}

20
modules/base/sops.nix
View File

@@ -1,20 +0,0 @@
{
inputs,
config,
pkgs,
...
}: let
isEd25519 = k: k.type == "ed25519";
getKeyPath = k: k.path;
keys = builtins.filter isEd25519 config.services.openssh.hostKeys;
in {
imports = [inputs.sops-nix.nixosModules.sops];
sops.age = {
sshKeyPaths = map getKeyPath keys;
keyFile = "/var/lib/sops-nix/key.txt";
generateKey = true;
};
environment.systemPackages = with pkgs; [sops];
}

27
modules/base/substituters.nix
View File

@@ -1,27 +0,0 @@
{
nix.settings = {
substituters = [
"https://cache.nixos.org?priority=10"
"https://anyrun.cachix.org"
"https://fufexan.cachix.org"
"https://helix.cachix.org"
"https://hyprland.cachix.org"
"https://nix-community.cachix.org"
"https://nix-gaming.cachix.org"
"https://yazi.cachix.org"
"https://nix-on-droid.cachix.org"
];
trusted-substituters = ["https://nix-on-droid.cachix.org"];
trusted-public-keys = [
"cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY="
"anyrun.cachix.org-1:pqBobmOjI7nKlsUMV25u9QHa9btJK65/C8vnO3p346s="
"fufexan.cachix.org-1:LwCDjCJNJQf5XD2BV+yamQIMZfcKWR9ISIFy5curUsY="
"helix.cachix.org-1:ejp9KQpR1FBI2onstMQ34yogDm4OgU2ru6lIwPvuCVs="
"hyprland.cachix.org-1:a7pgxzMz7+chwVL3/pzj6jIBMioiJM7ypFP8PwtkuGc="
"nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
"nix-gaming.cachix.org-1:nbjlureqMbRAxR1gJ/f3hxemL9svXaZF/Ees8vCUUs4="
"yazi.cachix.org-1:Dcdz63NZKfvUCbDGngQDAZq6kOroIrFoyO064uvLh8k="
"nix-on-droid.cachix.org-1:56snoMJTXmDRC1Ei24CmKoUqvHJ9XCp+nidK7qkMQrU="
];
};
}

20
modules/base/user.nix
View File

@@ -1,20 +0,0 @@
{
config,
pkgs,
username,
email,
...
}: {
users = {
mutableUsers = false;
defaultUserShell = pkgs.zsh;
users.${username} = {
hashedPasswordFile = config.sops.secrets.tux-password.path;
isNormalUser = true;
extraGroups = ["networkmanager" "wheel" "storage"];
openssh.authorizedKeys.keys = [
''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIL+OzPUe2ECPC929DqpkM39tl/vdNAXfsRnmrGfR+X3D ${email}''
];
};
};
}

106
modules/droid/sshd.nix
View File

@@ -1,106 +0,0 @@
{
config,
lib,
pkgs,
...
}: let
# utility functions
concatLines = list: builtins.concatStringsSep "\n" list;
prefixLines = mapper: list: concatLines (map mapper list);
# could be put in the config
configPath = "ssh/sshd_config";
keysFolder = "/etc/ssh";
authorizedKeysFolder = "/etc/ssh/authorized_keys.d";
supportedKeysTypes = [
"rsa"
"ed25519"
];
sshd-start-bin = "sshd-start";
# real config
cfg = config.tux.services.openssh;
pathOfKeyOf = type: "${keysFolder}/ssh_host_${type}_key";
generateKeyOf = type: ''
${lib.getExe' pkgs.openssh "ssh-keygen"} \
-t "${type}" \
-f "${pathOfKeyOf type}" \
-N ""
'';
generateKeyWhenNeededOf = type: ''
if [ ! -f ${pathOfKeyOf type} ]; then
mkdir --parents ${keysFolder}
${generateKeyOf type}
fi
'';
sshd-start = pkgs.writeScriptBin sshd-start-bin ''
#!${pkgs.runtimeShell}
${prefixLines generateKeyWhenNeededOf supportedKeysTypes}
mkdir --parents "${authorizedKeysFolder}"
echo "${lib.concatStringsSep "\n" cfg.authorizedKeys}" > ${authorizedKeysFolder}/${config.user.userName}
echo "Starting sshd in non-daemonized way on port ${lib.concatMapStrings toString cfg.ports}"
${lib.getExe' pkgs.openssh "sshd"} \
-f "/etc/${configPath}" \
-D # don't detach into a daemon process
'';
in {
options = {
tux.services.openssh = {
enable = lib.mkEnableOption ''
Whether to enable the OpenSSH secure shell daemon, which
allows secure remote logins.
'';
ports = lib.mkOption {
type = lib.types.listOf lib.types.port;
default = [22];
description = ''
Specifies on which ports the SSH daemon listens.
'';
};
authorizedKeys = lib.mkOption {
type = lib.types.listOf lib.types.str;
default = [];
description = ''
Specify a list of public keys to be added to the authorized_keys file.
'';
};
};
};
config = lib.mkIf cfg.enable {
environment.etc = {
"${configPath}".text = ''
${prefixLines (port: "Port ${toString port}") cfg.ports}
AuthorizedKeysFile ${authorizedKeysFolder}/%u
LogLevel VERBOSE
'';
};
environment.packages = [
sshd-start
pkgs.openssh
];
build.activationAfter.sshd = ''
SERVER_PID=$(${lib.getExe' pkgs.procps "ps"} -a | ${lib.getExe' pkgs.toybox "grep"} sshd || true)
if [ -z "$SERVER_PID" ]; then
$DRY_RUN_CMD ${lib.getExe sshd-start}
fi
'';
};
}

69
modules/home/alacritty/default.nix
View File

@@ -1,69 +0,0 @@
{...}: {
programs.alacritty = {
enable = true;
settings = {
font = {
normal.family = "JetBrainsMono Nerd Font";
bold.family = "JetBrainsMono Nerd Font";
italic.family = "JetBrainsMono Nerd Font";
bold_italic.family = "JetBrainsMono Nerd Font";
size = 16;
};
window = {
padding = {
x = 15;
y = 15;
};
decorations = "none";
opacity = 1.0;
dynamic_title = true;
};
selection.save_to_clipboard = false;
general.live_config_reload = true;
colors = {
primary = {
background = "#0d0f18";
foreground = "#a5b6cf";
};
normal = {
black = "#1c1e27";
blue = "#8baff1";
cyan = "#98d3ee";
green = "#95d3af";
magenta = "#c79bf0";
red = "#e26c7c";
white = "#d0d3d8";
yellow = "#f1d8a5";
};
bright = {
black = "#151720";
blue = "#86aaec";
cyan = "#93cee9";
green = "#90ceaa";
magenta = "#c296eb";
red = "#dd6777";
white = "#cbced3";
yellow = "#ecd3a0";
};
cursor = {
cursor = "#a5b6cf";
text = "CellForeground";
};
selection = {
text = "CellForeground";
background = "0x303340";
};
vi_mode_cursor = {
text = "CellBackground";
cursor = "CellForeground";
};
};
};
};
}

44
modules/home/aria2/default.nix
View File

@@ -1,44 +0,0 @@
{...}: {
programs.aria2 = {
enable = true;
settings = {
file-allocation = "none";
log-level = "warn";
max-connection-per-server = 16;
min-split-size = "1M";
human-readable = true;
reuse-uri = true;
rpc-save-upload-metadata = true;
max-file-not-found = 0;
remote-time = true;
async-dns = true;
stop = 0;
allow-piece-length-change = true;
optimize-concurrent-downloads = true;
deferred-input = true;
continue = true;
check-integrity = true;
realtime-chunk-checksum = true;
piece-length = "1M";
split = 16;
# Seconds:
save-session-interval = 60;
# Caches in memory
disk-cache = "32M";
save-not-found = true;
download-result = "full";
truncate-console-readout = true;
retry-wait = 30;
max-tries = 15;
enable-color = true;
enable-http-keep-alive = true;
enable-http-pipelining = true;
http-accept-gzip = true;
follow-torrent = true;
bt-save-metadata = true;
seed-time = 0;
bt-load-saved-metadata = true;
metalink-preferred-protocol = "https";
};
};
}

7
modules/home/barrier/default.nix
View File

@@ -1,7 +0,0 @@
{pkgs, ...}: {
# services.barrier.client.enable = true;
home.packages = with pkgs; [
barrier
];
}

17
modules/home/bitwarden/default.nix
View File

@@ -1,17 +0,0 @@
{
pkgs,
email,
...
}: {
programs.rbw = {
enable = true;
settings = {
base_url = "https://bw.tux.rs";
email = "${email}";
};
};
home.packages = with pkgs; [
bitwarden
];
}

33
modules/home/brave/default.nix
View File

@@ -1,33 +0,0 @@
{
pkgs,
config,
...
}: let
configDir = "${config.xdg.configHome}/BraveSoftware/Brave-Browser";
extensionJson = ext: {
name = "${configDir}/External Extensions/${ext.id}.json";
value.text = builtins.toJSON {
external_update_url = "https://clients2.google.com/service/update2/crx";
};
};
extensions = [
{id = "nkbihfbeogaeaoehlefnkodbefgpgknn";} # Metamask
{id = "gppongmhjkpfnbhagpmjfkannfbllamg";} # Wappalyzer
{id = "nngceckbapebfimnlniiiahkandclblb";} # Bitwarden
{id = "bfnaelmomeimhlpmgjnjophhpkkoljpa";} # Phantom
{id = "eimadpbcbfnmbkopoojfekhnkhdbieeh";} # DarkReader
];
in {
programs.chromium = {
enable = true;
package = pkgs.brave;
commandLineArgs = [
"--disable-features=WebRtcAllowInputVolumeAdjustment"
"--force-device-scale-factor=1.05"
];
};
home.file = builtins.listToAttrs (map extensionJson extensions);
}

8
modules/home/desktop/awesome/default.nix
View File

@@ -1,8 +0,0 @@
{pkgs, ...}: {
home.file = {
".config/awesome" = {
recursive = true;
source = "${pkgs.tawm}";
};
};
}

312
modules/home/desktop/hyprland/default.nix
View File

@@ -1,312 +0,0 @@
{pkgs, ...}: {
imports = [
./hyprlock.nix
./hyprpaper.nix
];
home.packages = with pkgs; [ags];
wayland.windowManager.hyprland = {
enable = true;
package = null;
portalPackage = null;
xwayland.enable = true;
systemd.variables = ["--all"];
plugins = with pkgs.hyprland-plugins; [
hyprexpo
];
settings = let
# Hyprland
border_size = 0;
gaps_in = 5;
gaps_out = 10;
gaps_ws = -10;
rounding = 8;
active_border_col = "rgba(90ceaaff) rgba(ecd3a0ff) 45deg";
inactive_border_col = "rgba(86aaeccc) rgba(93cee9cc) 45deg";
# Apps
terminal = "wezterm";
floating_terminal = "wezterm start --class wezterm-floating";
editor = "wezterm -e nvim";
browser = "brave";
spotify = "wezterm start --class wezterm-floating -e spotify_player";
filemanager = "wezterm start --class wezterm-floating -e superfile";
in {
#-- Output
# See https://wiki.hyprland.org/Configuring/Monitors
monitor = "eDP-1,2560x1440@90,0x0,1";
#-- Input: Keyboard, Mouse, Touchpad
input = {
sensitivity = -0.7;
scroll_method = "2 fg";
touchpad = {
natural_scroll = true;
clickfinger_behavior = false;
};
};
device = {
name = "asue1209:00-04f3:319f-touchpad";
sensitivity = 0;
};
#-- General
# See https://wiki.hyprland.org/Configuring/Variables
general = {
border_size = border_size;
gaps_in = gaps_in;
gaps_out = gaps_out;
gaps_workspaces = gaps_ws;
layout = "master";
resize_on_border = true;
"col.active_border" = active_border_col;
"col.inactive_border" = inactive_border_col;
};
misc = {
disable_hyprland_logo = true;
force_default_wallpaper = 1;
};
ecosystem = {
no_update_news = true;
no_donation_nag = true;
};
#-- Decoration
# See https://wiki.hyprland.org/Configuring/Variables/#decoration
decoration = {
rounding = rounding;
active_opacity = 0.95;
inactive_opacity = 0.95;
fullscreen_opacity = 1.0;
blur = {
enabled = true;
size = 6;
passes = 3;
new_optimizations = true;
xray = true;
special = true;
brightness = 1;
noise = 0.01;
contrast = 1;
popups = true;
popups_ignorealpha = 0.6;
};
shadow = {
enabled = false;
};
};
#-- Animations
# See https://wiki.hyprland.org/Configuring/Animations
animations = {
enabled = true;
bezier = [
"linear, 0, 0, 1, 1"
"md3_standard, 0.2, 0, 0, 1"
"md3_decel, 0.05, 0.7, 0.1, 1"
"md3_accel, 0.3, 0, 0.8, 0.15"
"overshot, 0.05, 0.9, 0.1, 1.1"
"crazyshot, 0.1, 1.5, 0.76, 0.92"
"hyprnostretch, 0.05, 0.9, 0.1, 1.0"
"menu_decel, 0.1, 1, 0, 1"
"menu_accel, 0.38, 0.04, 1, 0.07"
"easeInOutCirc, 0.85, 0, 0.15, 1"
"easeOutCirc, 0, 0.55, 0.45, 1"
"easeOutExpo, 0.16, 1, 0.3, 1"
"softAcDecel, 0.26, 0.26, 0.15, 1"
"md2, 0.4, 0, 0.2, 1" # use with .2s duration
];
animation = [
"windows, 1, 3, md3_decel, popin 60%"
"windowsIn, 1, 3, md3_decel, popin 60%"
"windowsOut, 1, 3, md3_accel, popin 60%"
"border, 1, 10, default"
"fade, 1, 3, md3_decel"
"layersIn, 1, 3, menu_decel, slide"
"layersOut, 1, 1.6, menu_accel"
"fadeLayersIn, 1, 3, menu_decel"
"fadeLayersOut, 1, 1.6, menu_accel"
"workspaces, 1, 3, menu_decel, slide"
"specialWorkspace, 1, 3, md3_decel, slidevert"
];
};
#-- Layout : Master
# See https://wiki.hyprland.org/Configuring/Master-Layout
master = {
allow_small_split = false;
special_scale_factor = 0.8;
mfact = 0.5;
new_on_top = false;
orientation = "left";
inherit_fullscreen = true;
smart_resizing = true;
drop_at_cursor = true;
};
#-- Window Rules
# See https://wiki.hyprland.org/Configuring/Window-Rules
windowrulev2 = [
"float, class:com.github.hluk.copyq"
"size 800 600, class:com.github.hluk.copyq"
"float, class:org.pulseaudio.pavucontrol"
"size 800 600, class:org.pulseaudio.pavucontrol"
# Wezterm and Ghostty floating terminal
"float, class:(com.ghostty.floating|wezterm-floating)"
"size 1200 800, class:(com.ghostty.floating|wezterm-floating)"
"float, class:GalaxyBudsClient"
"size 900 700, class:GalaxyBudsClient"
# KDE Connect
"float, class:(org.kde.kdeconnect.sms|org.kde.kdeconnect.app)"
"size 900 700, class:(org.kde.kdeconnect.sms|org.kde.kdeconnect.app)"
"workspace 3 silent, class:(firefox|Brave-browser)"
"workspace 5 silent, class:(discord|org.telegram.desktop)"
];
plugin = {
hyprexpo = {
columns = 3;
gap_size = 5;
bg_col = "rgb(111111)";
workspace_method = "center current";
enable_gesture = true;
gesture_fingers = 3;
gesture_distance = 300;
gesture_positive = true;
};
};
bindm = [
"SUPER,mouse:273,resizewindow"
"SUPER,mouse:272,movewindow"
];
bind = [
# apps
"SUPER, Return, exec, ${terminal}"
"SUPER, F, exec, ${filemanager}"
"SUPER, E, exec, ${editor}"
"SUPER, B, exec, ${browser}"
"SUPER, G, exec, GalaxyBudsClient"
"SUPER, D, exec, discord"
"SUPER, S, exec, ${spotify}"
"SUPER, V, exec, copyq show"
"SUPER_SHIFT, Return, exec, ${floating_terminal}"
"SUPER_SHIFT, S, exec, flameshot gui"
# tpanel
"SUPER, A, exec, ags toggle launcher"
"SUPER_SHIFT, B, exec, ags toggle bar"
"SUPER_SHIFT, C, exec, ags toggle control-center"
"SUPER_SHIFT, W, exec, ags toggle wallpaper-manager"
"SUPER_SHIFT, R, exec, ags quit; ${pkgs.tpanel}/bin/tpanel"
# hyprland
"SUPER, Q, killactive"
"SUPER, grave, hyprexpo:expo, toggle"
"SUPER_SHIFT, Q, forcekillactive"
"SUPER_SHIFT, F, fullscreen, 0"
"SUPER_SHIFT, Space, exec, hyprctl dispatch togglefloating; hyprctl dispatch resizeactive exact 1200 800; hyprctl dispatch centerwindow;"
# shutdown
"SUPER_SHIFT, P, exec, poweroff"
# lock
"SUPER_SHIFT, L, exec, hyprlock"
# change focus
"SUPER, left, movefocus, l"
"SUPER, right, movefocus, r"
"SUPER, up, movefocus, u"
"SUPER, down, movefocus, d"
# move active
"SUPER_SHIFT, left, movewindow, l"
"SUPER_SHIFT, right, movewindow, r"
"SUPER_SHIFT, up, movewindow, u"
"SUPER_SHIFT, down, movewindow, d"
# workspaces
"SUPER, 1, workspace, 1"
"SUPER, 2, workspace, 2"
"SUPER, 3, workspace, 3"
"SUPER, 4, workspace, 4"
"SUPER, 5, workspace, 5"
# send to workspaces
"SUPER_SHIFT, 1, movetoworkspacesilent, 1"
"SUPER_SHIFT, 2, movetoworkspacesilent, 2"
"SUPER_SHIFT, 3, movetoworkspacesilent, 3"
"SUPER_SHIFT, 4, movetoworkspacesilent, 4"
"SUPER_SHIFT, 5, movetoworkspacesilent, 5"
];
workspace = [
"1, monitor:HDMI-A-1"
"2, monitor:HDMI-A-1"
"3, monitor:HDMI-A-1"
"4, monitor:eDP-1"
"5, monitor:eDP-1"
];
binde = [
# resize active
"SUPER_CTRL, left, resizeactive, -20 0"
"SUPER_CTRL, right, resizeactive, 20 0"
"SUPER_CTRL, up, resizeactive, 0 -20"
"SUPER_CTRL, down, resizeactive, 0 20"
# move active (Floating Only)
"SUPER_ALT, left, moveactive, -20 0"
"SUPER_ALT, right, moveactive, 20 0"
"SUPER_ALT, up, moveactive, 0 -20"
"SUPER_ALT, down, moveactive, 0 20"
"SUPER_ALT, equal, exec, hyprctl dispatch centerwindow;"
# speaker and mic volume control
" , XF86AudioRaiseVolume, exec, wpctl set-volume -l 1 @DEFAULT_AUDIO_SINK@ 10%+"
" , XF86AudioLowerVolume, exec, wpctl set-volume -l 1 @DEFAULT_AUDIO_SINK@ 10%-"
" , XF86AudioMute, exec, wpctl set-mute @DEFAULT_AUDIO_SINK@ toggle"
" , XF86AudioMicMute, exec, wpctl set-mute @DEFAULT_AUDIO_SOURCE@ toggle"
# display and keyboard brightness control
" , XF86MonBrightnessUp, exec, brightnessctl s +20%"
" , XF86MonBrightnessDown, exec, brightnessctl s 20%-"
" , XF86KbdBrightnessUp, exec, asusctl -n"
" , XF86KbdBrightnessDown, exec, asusctl -p"
# performance
" , XF86Launch4, exec, asusctl profile -n"
];
"exec-once" = [
# load hyprland plugins
"hyprctl plugin load '$HYPR_PLUGIN_DIR/lib/libhyprexpo.so'"
"hyprpaper"
"${pkgs.tpanel}/bin/tpanel"
"copyq"
"kdeconnectd"
"kdeconnect-indicator"
];
};
};
}

47
modules/home/desktop/hyprland/hyprlock.nix
View File

@@ -1,47 +0,0 @@
{
programs.hyprlock = {
enable = true;
settings = {
general = {
hide_cursor = true;
ignore_empty_input = true;
};
animations = {
enabled = true;
fade_in = {
duration = 300;
bezier = "easeOutQuint";
};
fade_out = {
duration = 300;
bezier = "easeOutQuint";
};
};
background = [
{
path = "screenshot";
blur_passes = 3;
blur_size = 8;
}
];
input-field = [
{
size = "200, 50";
position = "0, -80";
monitor = "";
dots_center = true;
fade_on_empty = false;
font_color = "rgb(202, 211, 245)";
inner_color = "rgb(91, 96, 120)";
outer_color = "rgb(24, 25, 38)";
outline_thickness = 5;
placeholder_text = "Password";
shadow_passes = 2;
}
];
};
};
}

21
modules/home/desktop/hyprland/hyprpaper.nix
View File

@@ -1,21 +0,0 @@
{pkgs, ...}: {
services.hyprpaper = {
enable = true;
settings = {
ipc = "on";
splash = false;
splash_offset = 2.0;
preload = [
"~/Wallpapers/mountain.jpg"
];
wallpaper = [
", ~/Wallpapers/mountain.jpg"
];
};
};
home.packages = with pkgs; [hyprpaper];
}

317
modules/home/desktop/rofi/default.nix
View File

@@ -1,317 +0,0 @@
{config, ...}: {
programs.rofi = {
enable = true;
extraConfig = {
terminal = "alacritty";
modes = "combi,keys";
display-window = "window";
display-drun = "run";
display-windowcd = "windowcd";
display-run = "run";
display-ssh = "ssh";
display-combi = "combi";
display-keys = "keys";
display-filebrowser = "filebrowser";
combi-modes = "window,drun";
combi-hide-mode-prefix = false;
combi-display-format = "<i>{mode}</i> {text}";
window-format = "<span fgalpha='65%'>[{w=-1}] </span><b>{c=-1}</b> <span weight='light' fgalpha='65%' size='small'>{t=-1}</span>";
window-thumbnail = false;
drun-url-launcher = "xdg-open";
drun-match-fields = "name,generic,exec,categories,keywords";
drun-display-format = "<b>{name}</b>[ <span weight='light' size='small'><i>({generic})</i></span>][ <span weight='light' fgalpha='65%' size='small'>{exec}</span>]";
drun-show-actions = true;
run-command = "{cmd}";
run-list-command = "";
run-shell-command = "{terminal} -e {cmd}";
matching = "normal";
font = "JetBrains Mono 11";
show-icons = true;
scroll-method = 0;
cycle = false;
fixed-num-lines = false;
};
theme = let
inherit (config.lib.formats.rasi) mkLiteral;
in {
"*" = {
font = "JetBrains Mono 11";
black = mkLiteral "#1d1f21";
white = mkLiteral "#c5c8c6";
red = mkLiteral "#cc6666";
orange = mkLiteral "#de935f";
yellow = mkLiteral "#f0c674";
green = mkLiteral "#7cb36b";
cyan = mkLiteral "#78bab9";
blue = mkLiteral "#81a2be";
magenta = mkLiteral "#b294bb";
black-bright = mkLiteral "#3c4044";
white-bright = mkLiteral "#eaeaea";
red-bright = mkLiteral "#d54e53";
orange-bright = mkLiteral "#e78c45";
yellow-bright = mkLiteral "#e7c547";
green-bright = mkLiteral "#71c464";
cyan-bright = mkLiteral "#6acdcc";
blue-bright = mkLiteral "#7aa6da";
magenta-bright = mkLiteral "#c397d8";
black-66 = mkLiteral "#131415";
white-66 = mkLiteral "#828382";
red-66 = mkLiteral "#864343";
orange-66 = mkLiteral "#92613e";
yellow-66 = mkLiteral "#9e824c";
green-66 = mkLiteral "#517646";
cyan-66 = mkLiteral "#4f7a7a";
blue-66 = mkLiteral "#556a7d";
magenta-66 = mkLiteral "#75617b";
black-33 = mkLiteral "#090a0a";
white-33 = mkLiteral "#414141";
red-33 = mkLiteral "#432121";
orange-33 = mkLiteral "#49301f";
yellow-33 = mkLiteral "#4f4126";
green-33 = mkLiteral "#283b23";
cyan-33 = mkLiteral "#273d3d";
blue-33 = mkLiteral "#2a353e";
magenta-33 = mkLiteral "#3a303d";
common-background = mkLiteral "@black";
common-background-bright = mkLiteral "@black-bright";
common-background-66 = " @black-66";
common-foreground = mkLiteral "@white";
common-foreground-bright = mkLiteral "@white-bright";
common-foreground-66 = mkLiteral "@white-66";
common-primary = mkLiteral "@yellow";
common-primary-bright = mkLiteral "@yellow-bright";
common-primary-66 = mkLiteral "@yellow-66";
common-primary-33 = mkLiteral "@yellow-33";
common-secondary = mkLiteral "@blue";
common-secondary-bright = mkLiteral "@blue-bright";
common-secondary-66 = mkLiteral "@blue-66";
common-secondary-33 = mkLiteral "@blue-33";
common-urgent = mkLiteral "@red";
common-urgent-bright = mkLiteral "@red-bright";
common-urgent-66 = mkLiteral "@red-66";
common-urgent-33 = mkLiteral "@red-33";
background-color = mkLiteral "transparent";
normal-normal-background = mkLiteral "transparent";
normal-normal-foreground = mkLiteral "@common-foreground";
normal-normal-border-color = mkLiteral "transparent";
normal-active-background = mkLiteral "transparent";
normal-active-foreground = mkLiteral "@common-secondary-bright";
normal-active-border-color = mkLiteral "transparent";
normal-urgent-background = mkLiteral "transparent";
normal-urgent-foreground = mkLiteral "@common-urgent-bright";
normal-urgent-border-color = mkLiteral "transparent";
selected-normal-background = mkLiteral "@common-primary-33";
selected-normal-foreground = mkLiteral "@common-primary-bright";
selected-normal-border-color = mkLiteral "@common-primary-66";
selected-active-background = mkLiteral "@common-secondary-33";
selected-active-foreground = mkLiteral "@common-secondary-bright";
selected-active-border-color = mkLiteral "@common-secondary-66";
selected-urgent-background = mkLiteral "@common-urgent-33";
selected-urgent-foreground = mkLiteral "@common-urgent-bright";
selected-urgent-border-color = mkLiteral "@common-urgent-66";
alternate-normal-background = mkLiteral "@normal-normal-background";
alternate-normal-foreground = mkLiteral "@normal-normal-foreground";
alternate-normal-border-color = mkLiteral "@normal-normal-border-color";
alternate-active-background = mkLiteral "@normal-active-background";
alternate-active-foreground = mkLiteral "@normal-active-foreground";
alternate-active-border-color = mkLiteral "@normal-active-border-color";
alternate-urgent-background = mkLiteral "@normal-urgent-background";
alternate-urgent-foreground = mkLiteral "@normal-urgent-foreground";
alternate-urgent-border-color = mkLiteral "@normal-urgent-border-color";
};
"window" = {
background-color = mkLiteral "#1d1f21e6"; #// @black + 0.85 alpha
border = 3;
border-color = mkLiteral "@black-bright";
border-radius = 16;
width = 1024;
height = 460;
};
"mainbox" = {
padding = 16;
spacing = 16;
};
"inputbar" = {
background-color = mkLiteral "#333537"; #// @black-110
border = 1;
border-color = mkLiteral "#606263"; #// @black-130
border-radius = 8;
padding = mkLiteral "12 16";
spacing = 0;
text-color = mkLiteral "@common-foreground";
children = mkLiteral "[ entry, case-indicator, num-filtered-rows, textbox-num-sep, num-rows ]";
};
"prompt" = {
background-color = mkLiteral "transparent";
text-color = mkLiteral "@common-foreground-bright";
spacing = 0;
text-transform = mkLiteral "bold";
};
"textbox-prompt-colon" = {
background-color = mkLiteral "transparent";
text-color = mkLiteral "inherit";
margin = mkLiteral "0 0.3em 0 0";
expand = false;
str = "=";
};
"entry" = {
background-color = mkLiteral "transparent";
text-color = mkLiteral "@common-foreground-bright";
cursor = "text";
placeholder-color = mkLiteral "@common-foreground-66";
placeholder = "Type to filter";
};
"case-indicator" = {
background-color = mkLiteral "transparent";
text-color = mkLiteral "inherit";
};
"num-filtered-rows" = {
background-color = mkLiteral "transparent";
text-color = mkLiteral "inherit";
expand = false;
};
"textbox-num-sep" = {
background-color = mkLiteral "transparent";
text-color = mkLiteral "inherit";
expand = false;
str = "/";
};
"num-rows" = {
background-color = mkLiteral "transparent";
text-color = mkLiteral "inherit";
expand = false;
};
"message" = {
background-color = mkLiteral "@cyan-33";
border = 1;
border-color = mkLiteral "@cyan-66";
border-radius = 8;
padding = 16;
};
"textbox" = {
background-color = mkLiteral "transparent";
text-color = mkLiteral "@cyan-bright";
};
"listview" = {
dynamic = true;
scrollbar = true;
spacing = 0;
};
"scrollbar" = {
background-color = mkLiteral "transparent";
padding = 0;
margin = mkLiteral "0 0 0 4";
handle-width = 8;
border = 0;
handle-color = mkLiteral "#626463"; #// @white-50
};
"element" = {
border = 1;
border-radius = 8;
padding = mkLiteral "6 12";
margin = mkLiteral "1 0";
spacing = 12;
children = mkLiteral "[ element-icon, element-text ]";
};
"element-icon" = {
background-color = mkLiteral "transparent";
text-color = mkLiteral "inherit";
size = mkLiteral "1.0em";
cursor = mkLiteral "inherit";
};
"element-text" = {
background-color = mkLiteral "transparent";
text-color = mkLiteral "inherit";
highlight = mkLiteral "inherit";
cursor = mkLiteral "inherit";
};
"element normal.normal" = {
background-color = mkLiteral "@normal-normal-background";
text-color = mkLiteral "@normal-normal-foreground";
border-color = mkLiteral "@normal-normal-border-color";
};
"element normal.urgent" = {
background-color = mkLiteral "@normal-urgent-background";
text-color = mkLiteral "@normal-urgent-foreground";
border-color = mkLiteral "@normal-urgent-border-color";
};
"element normal.active" = {
background-color = mkLiteral "@normal-active-background";
text-color = mkLiteral "@normal-active-foreground";
border-color = mkLiteral "@normal-active-border-color";
};
"element selected.normal" = {
background-color = mkLiteral "@selected-normal-background";
text-color = mkLiteral "@selected-normal-foreground";
border-color = mkLiteral "@selected-normal-border-color";
};
"element selected.urgent" = {
background-color = mkLiteral "@selected-urgent-background";
text-color = mkLiteral "@selected-urgent-foreground";
border-color = mkLiteral "@selected-urgent-border-color";
};
"element selected.active" = {
background-color = mkLiteral "@selected-active-background";
text-color = mkLiteral "@selected-active-foreground";
border-color = mkLiteral "@selected-active-border-color";
};
"element alternate.normal" = {
background-color = mkLiteral "@alternate-normal-background";
text-color = mkLiteral "@alternate-normal-foreground";
border-color = mkLiteral "@alternate-normal-border-color";
};
"element alternate.urgent" = {
background-color = mkLiteral "@alternate-urgent-background";
text-color = mkLiteral "@alternate-urgent-foreground";
border-color = mkLiteral "@alternate-urgent-border-color";
};
"element alternate.active" = {
background-color = mkLiteral "@alternate-active-background";
text-color = mkLiteral "@alternate-active-foreground";
border-color = mkLiteral "@alternate-active-border-color";
};
};
};
}

338
modules/home/desktop/waybar/default.nix
View File

@@ -1,338 +0,0 @@
{...}: {
programs = {
waybar = {
enable = true;
settings = {
mainBar = {
position = "top";
layer = "top";
height = 35;
margin-top = 0;
margin-bottom = 0;
margin-left = 0;
margin-right = 0;
exclusive = true;
passthrough = false;
modules-left = [
"custom/l_end"
"cpu"
"memory"
"custom/r_end"
];
modules-center = [
"custom/l_end"
"hyprland/workspaces"
"custom/r_end"
];
modules-right = [
"custom/l_end"
"network"
"bluetooth"
"battery"
"tray"
"custom/r_end"
];
"hyprland/workspaces" = {
"disable-scroll" = true;
"all-outputs" = true;
"active-only" = false;
"on-click" = "activate";
"persistent-workspaces" = {
"1" = [];
"2" = [];
"3" = [];
"4" = [];
};
};
"network" = {
"tooltip" = true;
"format-wifi" = " <span foreground='#99ffdd'> {bandwidthDownBytes}</span> <span foreground='#ffcc66'> {bandwidthUpBytes}</span>";
"format-ethernet" = "󰈀 <span foreground='#99ffdd'> {bandwidthDownBytes}</span> <span foreground='#ffcc66'> {bandwidthUpBytes}</span>";
"tooltip-format" = "Network= <big><b>{essid}</b></big>\nSignal strength= <b>{signaldBm}dBm ({signalStrength}%)</b>\nFrequency= <b>{frequency}MHz</b>\nInterface= <b>{ifname}</b>\nIP= <b>{ipaddr}/{cidr}</b>\nGateway= <b>{gwaddr}</b>\nNetmask= <b>{netmask}</b>";
"format-linked" = "󰈀 {ifname} (No IP)";
"format-disconnected" = "󰖪 ";
"tooltip-format-disconnected" = "Disconnected";
"interval" = 2;
};
"battery" = {
"states" = {
"good" = 95;
"warning" = 30;
"critical" = 20;
};
"format" = "{icon} {capacity}%";
"format-charging" = " {capacity}%";
"format-plugged" = " {capacity}%";
"format-alt" = "{time} {icon}";
"format-icons" = ["󰂎" "󰁺" "󰁻" "󰁼" "󰁽" "󰁾" "󰁿" "󰂀" "󰂁" "󰂂" "󰁹"];
};
"bluetooth" = {
"format" = "";
"format-disabled" = "";
"format-connected" = " {num_connections}";
"format-connected-battery" = "{icon} {num_connections}";
# "format-connected-battery"= "{icon} {device_alias}-{device_battery_percentage}%";
"format-icons" = ["󰥇" "󰤾" "󰤿" "󰥀" "󰥁" "󰥂" "󰥃" "󰥄" "󰥅" "󰥆" "󰥈"];
# "format-device-preference"= [ "device1"; "device2" ]; // preference list deciding the displayed device If this config option is not defined or none of the devices in the list are connected; it will fall back to showing the last connected device.
"tooltip-format" = "{controller_alias}\n{num_connections} connected";
"tooltip-format-connected" = "{controller_alias}\n{num_connections} connected\n\n{device_enumerate}";
"tooltip-format-enumerate-connected" = "{device_alias}";
"tooltip-format-enumerate-connected-battery" = "{device_alias}\t{icon} {device_battery_percentage}%";
};
"memory" = {
"states" = {
"c" = 90; # critical
"h" = 60; # high
"m" = 30; # medium
};
"interval" = 30;
"format" = "󰾆 {used}GB";
"format-m" = "󰾅 {used}GB";
"format-h" = "󰓅 {used}GB";
"format-c" = " {used}GB";
"format-alt" = "󰾆 {percentage}%";
"max-length" = 10;
"tooltip" = true;
"tooltip-format" = "󰾆 {percentage}%\n {used=0.1f}GB/{total=0.1f}GB";
};
"cpu" = {
"interval" = 10;
"format" = "󰍛 {usage}%";
"format-alt" = "{icon0}{icon1}{icon2}{icon3}";
"format-icons" = ["" "" "" "" "" "" "" ""];
};
"tray" = {
"icon-size" = 14;
"spacing" = 5;
};
"custom/l_end" = {
"format" = " ";
"interval" = "once";
"tooltip" = false;
};
"custom/r_end" = {
"format" = " ";
"interval" = "once";
"tooltip" = false;
};
"custom/sl_end" = {
"format" = " ";
"interval" = "once";
"tooltip" = false;
};
"custom/sr_end" = {
"format" = " ";
"interval" = "once";
"tooltip" = false;
};
"custom/rl_end" = {
"format" = " ";
"interval" = "once";
"tooltip" = false;
};
"custom/rr_end" = {
"format" = " ";
"interval" = "once";
"tooltip" = false;
};
"custom/padd" = {
"format" = " ";
"interval" = "once";
"tooltip" = false;
};
};
};
style = let
bar_bg = "rgba(23, 28, 34, 0.95)";
main_bg = "#101419";
main_fg = "#93cee9";
wb_act_bg = "#90ceaa";
wb_act_fg = "#1f2328";
wb_hvr_bg = "#90ceaa";
wb_hvr_fg = "#1f2328";
in ''
* {
border: none;
border-radius: 0px;
font-family: "JetBrainsMono Nerd Font";
font-weight: bold;
font-size: 20px;
min-height: 10px;
}
window#waybar {
background: ${bar_bg};
}
tooltip {
background: ${main_bg};
color: ${main_fg};
border-radius: 7px;
border-width: 0px;
}
#workspaces button {
box-shadow: none;
text-shadow: none;
padding: 0px;
border-radius: 9px;
margin-top: 3px;
margin-bottom: 3px;
margin-left: 0px;
padding-left: 3px;
padding-right: 3px;
margin-right: 0px;
color: ${main_fg};
animation: ws_normal 20s ease-in-out 1;
}
#workspaces button.active {
background: ${wb_act_bg};
color: ${wb_act_fg};
margin-left: 3px;
padding-left: 12px;
padding-right: 12px;
margin-right: 3px;
animation: ws_active 20s ease-in-out 1;
transition: all 0.4s cubic-bezier(.55,-0.68,.48,1.682);
}
#workspaces button:hover {
background: ${wb_hvr_bg};
color: ${wb_hvr_fg};
animation: ws_hover 20s ease-in-out 1;
transition: all 0.3s cubic-bezier(.55,-0.68,.48,1.682);
}
#taskbar button {
box-shadow: none;
text-shadow: none;
padding: 0px;
border-radius: 9px;
margin-top: 3px;
margin-bottom: 3px;
margin-left: 0px;
padding-left: 3px;
padding-right: 3px;
margin-right: 0px;
color: @wb-color;
animation: tb_normal 20s ease-in-out 1;
}
#taskbar button.active {
background: ${wb_act_bg};
color: @wb-act-color;
margin-left: 3px;
padding-left: 12px;
padding-right: 12px;
margin-right: 3px;
animation: tb_active 20s ease-in-out 1;
transition: all 0.4s cubic-bezier(.55,-0.68,.48,1.682);
}
#taskbar button:hover {
background: ${wb_hvr_bg};
color: @wb-hvr-color;
animation: tb_hover 20s ease-in-out 1;
transition: all 0.3s cubic-bezier(.55,-0.68,.48,1.682);
}
#backlight,
#battery,
#bluetooth,
#custom-cliphist,
#clock,
#custom-cpuinfo,
#cpu,
#custom-gpuinfo,
#idle_inhibitor,
#language,
#memory,
#custom-mode,
#mpris,
#network,
#custom-power,
#pulseaudio,
#custom-spotify,
#taskbar,
#tray,
#custom-updates,
#custom-wallchange,
#custom-wbar,
#window,
#workspaces,
#custom-l_end,
#custom-r_end,
#custom-sl_end,
#custom-sr_end,
#custom-rl_end,
#custom-rr_end {
color: ${main_fg};
background: ${main_bg};
opacity: 1;
margin: 4px 0px 4px 0px;
padding-left: 4px;
padding-right: 4px;
}
#workspaces,
#taskbar {
padding: 0px;
}
#custom-r_end {
border-radius: 0px 21px 21px 0px;
margin-right: 9px;
padding-right: 3px;
}
#custom-l_end {
border-radius: 21px 0px 0px 21px;
margin-left: 9px;
padding-left: 3px;
}
#custom-sr_end {
border-radius: 0px;
margin-right: 9px;
padding-right: 3px;
}
#custom-sl_end {
border-radius: 0px;
margin-left: 9px;
padding-left: 3px;
}
#custom-rr_end {
border-radius: 0px 7px 7px 0px;
margin-right: 9px;
padding-right: 3px;
}
#custom-rl_end {
border-radius: 7px 0px 0px 7px;
margin-left: 9px;
padding-left: 3px;
}
'';
};
};
}

40
modules/home/discord/default.nix
View File

@@ -1,40 +0,0 @@
{inputs, ...}: {
imports = [
inputs.nixcord.homeModules.nixcord
];
programs.nixcord = {
enable = true;
vesktop.enable = true;
dorion.enable = true;
config = {
themeLinks = [
"https://raw.githubusercontent.com/refact0r/system24/refs/heads/main/archive/flavors/spotify-text.theme.css"
];
frameless = true;
plugins = {
hideMedia.enable = true;
ignoreActivities = {
enable = true;
ignorePlaying = true;
ignoreWatching = true;
};
};
};
dorion = {
theme = "dark";
zoom = "1.1";
blur = "acrylic";
sysTray = true;
openOnStartup = true;
autoClearCache = true;
disableHardwareAccel = false;
rpcServer = true;
rpcProcessScanner = true;
pushToTalk = true;
pushToTalkKeys = ["RControl"];
desktopNotifications = true;
unreadBadge = true;
};
};
}

3
modules/home/easyeffects/default.nix
View File

@@ -1,3 +0,0 @@
{...}: {
services.easyeffects.enable = true;
}

73
modules/home/fastfetch/default.nix
View File

@@ -1,73 +0,0 @@
{...}: {
home.file.".config/fastfetch/config.jsonc".text = ''
{
"$schema": "https://github.com/fastfetch-cli/fastfetch/raw/dev/doc/json_schema.json",
"logo": {
"type": "none",
},
"display": {
"separator": " ",
"key": {
"width": 18,
},
},
"modules": [
{
"key": " ",
"type": "custom",
},
{
"key": " \u001b[11D{#31} user",
"type": "title",
"format": "{1}",
},
{
"key": " \u001b[11D{#34} hname",
"type": "command",
"text": "hostname",
},
{
"key": " \u001b[11D{#34}󰻀 distro",
"type": "os",
},
{
"key": " \u001b[11D{#35}󰌢 kernel",
"type": "kernel",
},
{
"key": " \u001b[11D{#31} uptime",
"type": "uptime",
},
{
"key": " \u001b[11D{#32} shell",
"type": "shell",
},
{
"key": " \u001b[11D{#35}󰏖 pkgs",
"type": "packages",
},
{
"key": " \u001b[11D{#35} memory",
"type": "memory",
},
{
"key": " ",
"type": "custom",
},
{
"key": " \u001b[11D{#39} colors",
"type": "colors",
"symbol": "circle",
},
{
"key": " ",
"type": "custom",
},
],
}
'';
programs.fastfetch = {
enable = true;
};
}

73
modules/home/firefox/default.nix
View File

@@ -1,73 +0,0 @@
{
pkgs,
username,
...
}: {
home.file.".mozilla/firefox/${username}/chrome".source = pkgs.firefox-mod-blur;
programs.firefox = {
enable = true;
package = pkgs.firefox.override {
extraPolicies = {
CaptivePortal = false;
DisableFirefoxStudies = true;
DisablePocket = true;
DisableTelemetry = true;
DisableFirefoxAccounts = false;
NoDefaultBookmarks = true;
OfferToSaveLogins = false;
OfferToSaveLoginsDefault = false;
PasswordManagerEnabled = false;
FirefoxHome = {
Search = true;
Pocket = false;
Snippets = false;
TopSites = false;
Highlights = false;
};
UserMessaging = {
ExtensionRecommendations = false;
SkipOnboarding = true;
};
};
};
profiles = {
${username} = {
id = 0;
name = "tux";
search = {
force = true;
default = "google";
};
settings = {
"general.smoothScroll" = true;
"extensions.activeThemeID" = "firefox-compact-dark@mozilla.org";
"layout.css.prefers-color-scheme.content-override" = 0;
"browser.compactmode.show" = true;
"browser.tabs.firefox-view" = false;
"browser.bookmarks.addedImportButton" = false;
"extensions.pocket.enabled" = false;
"browser.fullscreen.autohide" = false;
};
extraConfig = ''
user_pref("toolkit.legacyUserProfileCustomizations.stylesheets", true);
user_pref("full-screen-api.ignore-widgets", true);
user_pref("media.ffmpeg.vaapi.enabled", true);
user_pref("media.rdd-vpx.enabled", true);
'';
extensions.packages = with pkgs.nur.repos.rycee.firefox-addons; [
ublock-origin
facebook-container
metamask
darkreader
bitwarden
wappalyzer
clearurls
];
};
};
};
}

46
modules/home/floorp/default.nix
View File

@@ -1,46 +0,0 @@
{
username,
pkgs,
...
}: {
programs.floorp = {
enable = true;
profiles = {
${username} = {
id = 0;
name = "${username}";
search = {
force = true;
default = "Google";
};
settings = {
"general.smoothScroll" = true;
"extensions.activeThemeID" = "firefox-compact-dark@mozilla.org";
"layout.css.prefers-color-scheme.content-override" = 0;
"browser.compactmode.show" = true;
"browser.tabs.firefox-view" = false;
"browser.bookmarks.addedImportButton" = false;
"extensions.pocket.enabled" = false;
"browser.fullscreen.autohide" = false;
};
extraConfig = ''
user_pref("toolkit.legacyUserProfileCustomizations.stylesheets", true);
user_pref("full-screen-api.ignore-widgets", true);
user_pref("media.ffmpeg.vaapi.enabled", true);
user_pref("media.rdd-vpx.enabled", true);
'';
extensions.packages = with pkgs.nur.repos.rycee.firefox-addons; [
ublock-origin
facebook-container
metamask
darkreader
bitwarden
wappalyzer
clearurls
];
};
};
};
}

40
modules/home/ghostty/default.nix
View File

@@ -1,40 +0,0 @@
{pkgs, ...}: {
home.file = {
".config/ghostty/config" = {
text = ''
confirm-close-surface = false
gtk-titlebar = false
window-padding-x = 10
window-padding-y = 10
background-opacity = 0.9
font-size = 14
palette = 0=#252b37
palette = 1=#d0679d
palette = 2=#5de4c7
palette = 3=#fffac2
palette = 4=#89ddff
palette = 5=#fae4fc
palette = 6=#add7ff
palette = 7=#ffffff
palette = 8=#a6accd
palette = 9=#d0679d
palette = 10=#5de4c7
palette = 11=#fffac2
palette = 12=#add7ff
palette = 13=#89ddff
palette = 14=#fcc5e9
palette = 15=#ffffff
background = #0f0f0f
foreground = #a6accd
cursor-color = #f2eacf
selection-background = #1a1a1a
selection-foreground = #f1f1f1
'';
};
};
home.packages = with pkgs; [
ghostty
];
}

20
modules/home/git/default.nix
View File

@@ -1,20 +0,0 @@
{
email,
username,
...
}: {
programs.git = {
enable = true;
userName = "${username}";
userEmail = "${email}";
signing = {
key = "~/.ssh/id_ed25519.pub";
signByDefault = true;
};
extraConfig = {
init.defaultBranch = "main";
commit.gpgSign = true;
gpg.format = "ssh";
};
};
}

37
modules/home/helix/default.nix
View File

@@ -1,37 +0,0 @@
{pkgs, ...}: {
programs.helix = {
enable = true;
settings = {
theme = "gruvbox";
editor = {
line-number = "relative";
cursorline = true;
color-modes = true;
bufferline = "multiple";
"cursor-shape" = {
insert = "bar";
normal = "block";
select = "underline";
};
};
};
languages = {
language = [
{
name = "nix";
auto-format = true;
}
];
language-server = {
nil = {
command = "${pkgs.nil}/bin/nil";
config.nil.formatting = {
command = "${pkgs.alejandra}/bin/alejandra";
};
};
};
};
};
}

6
modules/home/kdeconnect/default.nix
View File

@@ -1,6 +0,0 @@
{...}: {
services.kdeconnect = {
enable = true;
indicator = true;
};
}

5
modules/home/librewolf/default.nix
View File

@@ -1,5 +0,0 @@
{...}: {
programs.librewolf = {
enable = true;
};
}

38
modules/home/mopidy/default.nix
View File

@@ -1,38 +0,0 @@
{pkgs, ...}: {
programs.ncmpcpp = {
enable = true;
package = pkgs.ncmpcpp.override {
visualizerSupport = true;
clockSupport = true;
};
mpdMusicDir = "~/Music/";
settings = {
mpd_host = "127.0.0.1";
mpd_port = 6600;
mpd_connection_timeout = 20;
visualizer_data_source = "localhost:5555";
visualizer_fps = 60;
visualizer_output_name = "feed";
visualizer_in_stereo = "yes";
visualizer_type = "spectrum";
visualizer_look = "";
visualizer_spectrum_smooth_look = "yes";
song_status_format = "$b$7 $2%a $4$3 $8%t $4$3 $5%b ";
header_visibility = "no";
color1 = "white";
color2 = "green";
};
};
services.mopidy = {
enable = true;
extensionPackages = with pkgs; [
mopidy-mpd
mopidy-spotify
mopidy-soundcloud
mopidy-iris
];
};
}

40
modules/home/nvim/default.nix
View File

@@ -1,40 +0,0 @@
{pkgs, ...}: {
home.file = {
".config/nvim" = {
recursive = true;
source = "${pkgs.tnvim}";
};
};
programs = {
neovim = {
enable = true;
defaultEditor = true;
vimAlias = true;
withPython3 = true;
withNodeJs = true;
};
};
home = {
packages = with pkgs; [
gcc
neovide
# nix
nil # Language Server
statix # Lints and suggestions
deadnix # Find and remove unused
alejandra # Code Formatter
# lua
luarocks
# ts
typescript
gdu
ripgrep
];
};
}

6
modules/home/obs-studio/default.nix
View File

@@ -1,6 +0,0 @@
{pkgs, ...}: {
programs.obs-studio = {
enable = true;
plugins = with pkgs.obs-studio-plugins; [obs-vaapi];
};
}

64
modules/home/picom/default.nix
View File

@@ -1,64 +0,0 @@
{pkgs, ...}: {
services.picom = {
enable = true;
package = pkgs.picom-next;
backend = "glx";
vSync = true;
fade = true;
fadeDelta = 10;
fadeSteps = [0.05 0.05];
fadeExclude = [
"window_type *= 'menu'"
];
activeOpacity = 1;
inactiveOpacity = 1;
opacityRules = [
"90:class_g = 'rofi'"
"90:class_g = 'thunar'"
"90:class_g = 'spotify'"
"90:class_g = 'discord'"
"90:class_g = 'code'"
"90:class_g = 'org.wezfurlong.wezterm'"
"90:class_g = 'wezterm-floating'"
];
settings = {
glx-no-stencil = true;
glx-copy-from-font = false;
use-damage = false;
frame-opacity = 1;
blur-background = true;
blur-method = "dual_kawase";
blur-strength = 10;
corner-radius = 8;
rounded-corners-exclude = [
"window_type = 'dock'"
];
# pijulius specifics
animations = true;
animation-stiffness = 500;
animation-window-mass = 1.0;
animation-dampening = 26;
animation-delta = 10;
animation-force_steps = false;
animation-clamping = true;
animation-for-open-window = "slide-up";
animation-for-menu-window = "slide-down";
animation-for-transient-window = "slide-down";
animation-for-unmap-window = "slide-up";
animation-for-next-tag = "slide-right";
animation-for-prev-tag = "slide-left";
enable-fading-next-tag = true;
enable-fading-prev-tag = true;
};
};
}

15
modules/home/shell/aichat.nix
View File

@@ -1,15 +0,0 @@
{...}: {
programs = {
aichat = {
enable = true;
settings = {
model = "gemini:gemini-2.0-flash-lite";
clients = [
{
type = "gemini";
}
];
};
};
};
}

100
modules/home/shell/default.nix
View File

@@ -1,100 +0,0 @@
{pkgs, ...}: {
imports = [
./lazygit.nix
./aichat.nix
./superfile.nix
./open-code.nix
];
programs = {
bat.enable = true;
zsh = {
enable = true;
history = {
append = true;
share = true;
expireDuplicatesFirst = true;
ignoreDups = true;
size = 1000000;
save = 1000000;
path = "$HOME/.local/share/zsh/.zsh_history";
};
syntaxHighlighting.enable = true;
autosuggestion.enable = true;
initContent = ''
fastfetch
export WINIT_X11_SCALE_FACTOR=1
PATH=$PATH:~/.cargo/bin:~/.local/bin
bindkey "^A" vi-beginning-of-line
bindkey "^E" vi-end-of-line
bindkey '^R' fzf-history-widget
'';
};
zoxide = {
enable = true;
options = ["--cmd cd"];
enableZshIntegration = true;
};
ripgrep.enable = true;
btop = {
enable = true;
settings = {
theme_background = false;
update_ms = 1000;
presets = "cpu:0:default mem:0:default net:0:default";
};
};
go.enable = true;
yazi = {
enable = true;
enableZshIntegration = true;
};
fzf = {
enable = true;
enableZshIntegration = true;
};
lsd = {
enable = true;
enableZshIntegration = true;
};
};
home.packages = with pkgs; [
systemctl-tui
ranger
wget
portal
bore-cli
zip
unzip
pciutils
gnumake
nvtopPackages.full
zellij
nix-output-monitor
duf
jq
atac
termshark
solc
dig
python312
python312Packages.pipx
nodejs
nodePackages.pnpm
nodePackages.yarn
rustup
bun
nixpkgs-fmt
hunspell
hunspellDicts.en_US
air
templ
ffmpeg
deploy-rs
trok
];
}

79
modules/home/shell/lazygit.nix
View File

@@ -1,79 +0,0 @@
{...}: {
programs.lazygit = {
enable = true;
settings = {
gui = {
showIcons = true;
nerdFontsVersion = "3";
};
customCommands = [
{
key = "<c-a>";
description = "Pick AI commit";
command = ''
aichat "Please suggest 10 commit messages, given the following diff:
\`\`\`diff
$(git diff --cached)
\`\`\`
**Criteria:**
1. **Format:** Each commit message must follow the conventional commits format, which is \`<type>(<scope>): <description>\`.
2. **Relevance:** Avoid mentioning a module name unless it's directly relevant to the change.
3. **Enumeration:** List the commit messages from 1 to 10.
4. **Clarity and Conciseness:** Each message should clearly and concisely convey the change made.
**Commit Message Examples:**
- fix(app): add password regex pattern
- test(unit): add new test cases
- style: remove unused imports
- refactor(pages): extract common code to \`utils/wait.ts\`
**Recent Commits on Repo for Reference:**
\`\`\`
$(git log -n 10 --pretty=format:'%h %s')
\`\`\`
**Output Template**
Follow this output template and ONLY output raw commit messages without spacing, numbers or other decorations.
fix(app): add password regex pattern
test(unit): add new test cases
style: remove unused imports
refactor(pages): extract common code to \`utils/wait.ts\`
**Instructions:**
- Take a moment to understand the changes made in the diff.
- Think about the impact of these changes on the project (e.g., bug fixes, new features, performance improvements, code refactoring, documentation updates). It's critical to my career you abstract the changes to a higher level and not just describe the code changes.
- Generate commit messages that accurately describe these changes, ensuring they are helpful to someone reading the project's history.
- Remember, a well-crafted commit message can significantly aid in the maintenance and understanding of the project over time.
- If multiple changes are present, make sure you capture them all in each commit message.
Keep in mind you will suggest 10 commit messages. Only 1 will be used. It's better to push yourself (esp to synthesize to a higher level) and maybe wrong about some of the 10 commits because only one needs to be good. I'm looking for your best commit, not the best average commit. It's better to cover more scenarios than include a lot of overlap.
Write your 10 commit messages below in the format shown in Output Template section above." \
| fzf --height 40% --border --ansi --preview "echo {}" --preview-window=up:wrap \
| xargs -I {} bash -c '
COMMIT_MSG_FILE=$(mktemp)
echo "{}" > "$COMMIT_MSG_FILE"
''${EDITOR:-vim} "$COMMIT_MSG_FILE"
if [ -s "$COMMIT_MSG_FILE" ]; then
git commit -F "$COMMIT_MSG_FILE"
else
echo "Commit message is empty, commit aborted."
fi
rm -f "$COMMIT_MSG_FILE"'
'';
context = "files";
output = "terminal";
}
];
};
};
}

20
modules/home/shell/open-code.nix
View File

@@ -1,20 +0,0 @@
{
programs.opencode = {
enable = true;
settings = {
theme = "system";
provider = {
google = {
options = {
apiKey = "{file:/run/secrets/gemini_api_key}";
};
};
openrouter = {
options = {
apiKey = "{file:/run/secrets/open_router_api_key}";
};
};
};
};
};
}

41
modules/home/shell/superfile.nix
View File

@@ -1,41 +0,0 @@
{
programs.superfile = {
enable = true;
settings = {
theme = "poimandres";
editor = "";
dir_editor = "";
auto_check_update = false;
cd_on_quit = false;
default_open_file_preview = true;
show_image_preview = true;
show_panel_footer_info = true;
default_directory = "~";
file_size_use_si = false;
default_sort_type = 0;
sort_order_reversed = false;
case_sensitive_sort = false;
shell_close_on_success = false;
debug = false;
ignore_missing_fields = false;
nerdfont = true;
transparent_background = true;
file_preview_width = 0;
code_previewer = "bat";
sidebar_width = 20;
border_top = "";
border_bottom = "";
border_left = "";
border_right = "";
border_top_left = "";
border_top_right = "";
border_bottom_left = "";
border_bottom_right = "";
border_middle_left = "";
border_middle_right = "";
metadata = true;
zoxide_support = true;
enable_md5_checksum = false;
};
};
}

19
modules/home/spotify/default.nix
View File

@@ -1,19 +0,0 @@
{
programs.spotify-player = {
enable = true;
settings = {
theme = "default";
client_id = "c54c06bacd3642c68d981474dadd3a53";
login_redirect_uri = "http://127.0.0.1:8989/login";
device = {
name = "spotify-player";
device_type = "speaker";
volume = 100;
bitrate = 320;
audio_cache = false;
normalization = false;
autoplay = false;
};
};
};
}

50
modules/home/starship/default.nix
View File

@@ -1,50 +0,0 @@
{...}: {
programs.starship = {
enable = true;
settings = {
format = ''$os$hostname$directory$rust$golang$solidity$nodejs(bold blue)$git_branch$git_status[](bold yellow)[](bold purple)[](bold blue) '';
scan_timeout = 60;
add_newline = false;
line_break.disabled = true;
os = {
format = "[$symbol ]($style)";
style = "bold green";
disabled = false;
symbols.NixOS = "󰊠";
symbols.Linux = "󰊠";
symbols.Arch = "󰣇";
symbols.Ubuntu = "󰕈";
};
directory = {
format = "[$path]($style)[$read_only ]($read_only_style)";
read_only = " 󰌾";
style = "bold blue";
};
git_branch.format = "[$symbol$branch]($style) ";
hostname = {
ssh_only = false;
format = "[$ssh_symbol$hostname]($style) ";
style = "bold green";
ssh_symbol = "󰇧 ";
disabled = false;
};
rust = {
format = "[$symbol]($style)";
symbol = " ";
};
golang = {
format = "[$symbol]($style)";
symbol = " ";
};
solidity = {
format = "[$symbol]($style)";
symbol = "󰡪 ";
};
nodejs = {
format = "[$symbol]($style)";
symbol = "󰎙 ";
};
};
};
}

9
modules/home/thunderbird/default.nix
View File

@@ -1,9 +0,0 @@
{username, ...}: {
programs.thunderbird = {
enable = true;
profiles."${username}" = {
isDefault = true;
};
};
}

136
modules/home/tmux/default.nix
View File

@@ -1,136 +0,0 @@
{pkgs, ...}: let
bg = "default";
fg = "default";
bg2 = "brightblack";
fg2 = "white";
color = c: "#{@${c}}";
indicator = let
accent = color "indicator_color";
content = " ";
in "#[reverse,fg=${accent}]#{?client_prefix,${content},}";
current_window = let
accent = color "main_accent";
index = "#[reverse,fg=${accent},bg=${fg}] #I ";
name = "#[fg=${bg2},bg=${fg2}] #W ";
# flags = "#{?window_flags,#{window_flags}, }";
in "${index}${name}";
window_status = let
accent = color "window_color";
index = "#[reverse,fg=${accent},bg=${fg}] #I ";
name = "#[fg=${bg2},bg=${fg2}] #W ";
# flags = "#{?window_flags,#{window_flags}, }";
in "${index}${name}";
battery = let
percentage = pkgs.writeShellScript "percentage" (
if pkgs.stdenv.isDarwin
then ''
echo $(pmset -g batt | grep -o "[0-9]\+%" | tr '%' ' ')
''
else ''
path="/org/freedesktop/UPower/devices/DisplayDevice"
echo $(${pkgs.upower}/bin/upower -i $path | grep -o "[0-9]\+%" | tr '%' ' ')
''
);
state = pkgs.writeShellScript "state" (
if pkgs.stdenv.isDarwin
then ''
echo $(pmset -g batt | awk '{print $4}')
''
else ''
path="/org/freedesktop/UPower/devices/DisplayDevice"
echo $(${pkgs.upower}/bin/upower -i $path | grep state | awk '{print $2}')
''
);
icon = pkgs.writeShellScript "icon" ''
percentage=$(${percentage})
state=$(${state})
if [ "$state" == "charging" ] || [ "$state" == "fully-charged" ]; then echo "󰂄"
elif [ $percentage -ge 75 ]; then echo "󱊣"
elif [ $percentage -ge 50 ]; then echo "󱊢"
elif [ $percentage -ge 25 ]; then echo "󱊡"
elif [ $percentage -ge 0 ]; then echo "󰂎"
fi
'';
color = pkgs.writeShellScript "color" ''
percentage=$(${percentage})
state=$(${state})
if [ "$state" == "charging" ] || [ "$state" == "fully-charged" ]; then echo "green"
elif [ $percentage -ge 75 ]; then echo "green"
elif [ $percentage -ge 50 ]; then echo "${fg2}"
elif [ $percentage -ge 30 ]; then echo "yellow"
elif [ $percentage -ge 0 ]; then echo "red"
fi
'';
in "#[fg=#(${color})]#(${icon}) #[fg=${fg}]#(${percentage})%";
pwd = let
accent = color "main_accent";
icon = "#[fg=${accent}] ";
format = "#[fg=${fg}]#{b:pane_current_path}";
in "${icon}${format}";
git = let
icon = pkgs.writeShellScript "branch" ''
git -C "$1" branch && echo " "
'';
branch = pkgs.writeShellScript "branch" ''
git -C "$1" rev-parse --abbrev-ref HEAD
'';
in "#[fg=magenta]#(${icon} #{pane_current_path})#(${branch} #{pane_current_path})";
separator = "#[fg=${fg}]|";
in {
programs.tmux = {
enable = true;
baseIndex = 1;
escapeTime = 0;
mouse = true;
extraConfig = ''
set-option -sa terminal-overrides ",xterm*:Tc"
set-option -g status-position top
unbind r
bind r source-file ~/.config/tmux/tmux.conf
# remap prefix from C-b to C-Space
# unbind C-b
# set -g prefix C-Space
# bind C-Space send-prefix
# split panes using | and -
unbind '"'
unbind %
bind | split-window -h
bind - split-window -v
# Start windows and panes at 1, not 0
set -g base-index 1
set -g pane-base-index 1
set-window-option -g pane-base-index 1
set-option -g renumber-windows on
# switch panes using Alt-arrow without prefix
bind -n M-Left select-pane -L
bind -n M-Right select-pane -R
bind -n M-Up select-pane -U
bind -n M-Down select-pane -D
set-option -g default-terminal "screen-256color"
set-option -g status-right-length 100
set-option -g @indicator_color "yellow"
set-option -g @window_color "magenta"
set-option -g @main_accent "blue"
set-option -g pane-active-border fg=black
set-option -g pane-border-style fg=black
set-option -g status-style "bg=${bg} fg=${fg}"
set-option -g status-left "${indicator}"
set-option -g status-right "${git} ${pwd} ${separator} ${battery}"
set-option -g window-status-current-format "${current_window}"
set-option -g window-status-format "${window_status}"
set-option -g window-status-separator ""
'';
};
}

76
modules/home/vs-code/default.nix
View File

@@ -1,76 +0,0 @@
{pkgs, ...}: {
programs.vscode = {
enable = true;
package = pkgs.vscodium;
profiles.default = {
keybindings = [
{
"key" = "f7";
"command" = "-editor.action.wordHighlight.next";
"when" = "editorTextFocus && hasWordHighlights";
}
{
"key" = "f7";
"command" = "-editor.action.accessibleDiffViewer.next";
"when" = "isInDiffEditor";
}
{
"key" = "f7";
"command" = "workbench.action.terminal.toggleTerminal";
"when" = "terminal.active";
}
{
"key" = "ctrl+`";
"command" = "-workbench.action.terminal.toggleTerminal";
"when" = "terminal.active";
}
];
userSettings = {
"window.zoomLevel" = 2;
"window.menuBarVisibility" = "toggle";
"workbench.colorTheme" = "Poimandres Alternate";
"workbench.startupEditor" = "none";
"editor.fontFamily" = "FiraCode NF, FiraCode Nerd Font";
"editor.fontLigatures" = true;
"editor.cursorBlinking" = "smooth";
"editor.minimap.enabled" = false;
"terminal.integrated.fontFamily" = "FiraCode NF, FiraCode Nerd Font , FiraCode";
};
extensions =
(with pkgs.vscode-extensions; [
wakatime.vscode-wakatime
ms-dotnettools.csharp
naumovs.color-highlight
ms-vscode-remote.remote-containers
ms-azuretools.vscode-docker
mikestead.dotenv
golang.go
wix.vscode-import-cost
sumneko.lua
yzhang.markdown-all-in-one
jnoortheen.nix-ide
esbenp.prettier-vscode
prisma.prisma
ms-python.python
ms-vscode-remote.remote-ssh
humao.rest-client
bradlc.vscode-tailwindcss
gruntfuggly.todo-tree
])
++ (with pkgs.vscode-marketplace; [
danielpriestley.poimandres-alternate
pufferbommy.pretty-poimandres
yoavbls.pretty-ts-errors
formulahendry.auto-rename-tag
chakrounanas.turbo-console-log
streetsidesoftware.code-spell-checker
]);
};
};
}

31
modules/home/wezterm/default.nix
View File

@@ -1,31 +0,0 @@
{
inputs,
pkgs,
...
}: {
programs.wezterm = {
enable = true;
package = inputs.wezterm-flake.packages."${pkgs.system}".default;
enableZshIntegration = false;
extraConfig = ''
local wezterm = require 'wezterm'
local config = {}
config.window_close_confirmation = 'NeverPrompt'
config.color_scheme = 'Poimandres'
config.colors = {
background = "#0f0f0f"
}
config.enable_tab_bar = false
config.font = wezterm.font_with_fallback {
'JetBrainsMono Nerd Font',
}
config.font_size = 14.0
config.window_background_opacity = 1
config.audible_bell = "Disabled"
return config
'';
};
}

28
modules/home/zed/default.nix
View File

@@ -1,28 +0,0 @@
{
programs.zed-editor = {
enable = true;
extensions = ["lua" "nix" "C#" "solidity"];
userKeymaps = [
{
context = "Workspace";
bindings = {
F7 = "workspace::NewTerminal";
};
}
];
userSettings = {
ui_font_size = 18;
buffer_font_size = 18;
theme = {
mode = "dark";
light = "Ayu Light";
dark = "Ayu Dark";
};
vim_mode = true;
telemetry = {
diagnostics = false;
metrics = false;
};
};
};
}

70
modules/nixos/desktop/awesome/default.nix
View File

@@ -1,70 +0,0 @@
{
lib,
pkgs,
...
}: {
services = {
displayManager = {
defaultSession = "none+awesome";
ly = {
enable = true;
settings = {
session_log = "null";
};
};
};
xserver = {
enable = true;
windowManager.awesome = {
enable = true;
luaModules = lib.attrValues {
inherit
(pkgs.luajitPackages)
lgi
ldbus
luadbi-mysql
luaposix
dkjson
;
};
};
};
acpid.enable = true;
picom.enable = true;
upower.enable = true;
blueman.enable = true;
};
programs.dconf.enable = true;
environment.systemPackages = with pkgs; [
luajit
acpi
linuxKernel.packages.linux_zen.acpi_call
lxappearance
inotify-tools
polkit_gnome
xdotool
xclip
xorg.xbacklight
gpick
alsa-utils
pavucontrol
brightnessctl
libnotify
feh
maim
mpdris2
python311Packages.mutagen
xdg-utils
playerctl
pulsemixer
easyeffects
procps
sct
slop
sddm-sugar-dark
];
}

13
modules/nixos/desktop/default.nix
View File

@@ -1,13 +0,0 @@
{...}: {
xdg.mime = {
enable = true;
defaultApplications = {
"application/pdf" = ["brave-browser.desktop"];
"text/html" = ["brave-browser.desktop"];
"x-scheme-handler/http" = ["brave-browser.desktop"];
"x-scheme-handler/https" = ["brave-browser.desktop"];
"x-scheme-handler/about" = ["brave-browser.desktop"];
"x-scheme-handler/unknown" = ["brave-browser.desktop"];
};
};
}

28
modules/nixos/desktop/hyprland/default.nix
View File

@@ -1,28 +0,0 @@
{pkgs, ...}: {
programs.hyprland = {
enable = true;
package = pkgs.hyprland-git.hyprland;
portalPackage = pkgs.hyprland-git.xdg-desktop-portal-hyprland;
};
environment.systemPackages = [
(pkgs.writeShellScriptBin "mirror-display" ''
hyprctl keyword monitor "eDP-1,2560x1440@90,0x0,1" \
&& hyprctl keyword monitor "HDMI-A-1,preferred,0x0,1,mirror,eDP-1" \
&& ags quit \
&& ${pkgs.tpanel}/bin/tpanel &
'')
(pkgs.writeShellScriptBin "extend-display" ''
hyprctl keyword monitor "eDP-1,2560x1440@90,0x0,1" \
&& hyprctl keyword monitor "HDMI-A-1,preferred,0x-1440,1" \
&& ags quit \
&& ${pkgs.tpanel}/bin/tpanel &
'')
(pkgs.writeShellScriptBin "dock-display" ''
hyprctl keyword monitor "eDP-1,disable" \
&& hyprctl keyword monitor "HDMI-A-1,preferred,0x0,1" \
&& ags quit \
&& ${pkgs.tpanel}/bin/tpanel &
'')
];
}

32
modules/nixos/fail2ban.nix
View File

@@ -1,32 +0,0 @@
{config, ...}: let
isFirewallEnabled = config.networking.firewall.enable;
in {
services.fail2ban = {
enable = isFirewallEnabled;
maxretry = 5;
banaction = "iptables-multiport[blocktype=DROP]";
ignoreIP = [
"127.0.0.0/8"
"10.0.0.0/8"
"192.168.0.0/16"
];
bantime = "24h";
bantime-increment = {
enable = true;
rndtime = "12m";
overalljails = true;
multipliers = "4 8 16 32 64 128 256 512 1024 2048";
maxtime = "192h";
};
jails = {
sshd.settings = {
enabled = true;
port = toString config.services.openssh.ports;
mode = "aggressive";
filter = "sshd";
};
};
};
}

69
modules/nixos/networking/ssh.nix
View File

@@ -1,69 +0,0 @@
{
config,
lib,
...
}:
with lib; let
cfg = config.tux.services.openssh;
# Sops needs acess to the keys before the persist dirs are even mounted; so
# just persisting the keys won't work, we must point at /persist
hasOptinPersistence = config.environment.persistence."/persist".enable;
in {
options.tux.services.openssh = {
enable = mkEnableOption "Enable OpenSSH server";
ports = mkOption {
type = types.listOf types.port;
default = [22];
description = ''
Specifies on which ports the SSH daemon listens.
'';
};
};
config = mkIf cfg.enable {
services.openssh = {
enable = true;
startWhenNeeded = true;
allowSFTP = true;
ports = cfg.ports;
settings = {
PermitRootLogin = "no";
PasswordAuthentication = false;
KbdInteractiveAuthentication = false;
AuthenticationMethods = "publickey";
PubkeyAuthentication = "yes";
ChallengeResponseAuthentication = "no";
UsePAM = false;
UseDns = false;
X11Forwarding = false;
KexAlgorithms = [
"curve25519-sha256"
"curve25519-sha256@libssh.org"
"diffie-hellman-group16-sha512"
"diffie-hellman-group18-sha512"
"sntrup761x25519-sha512@openssh.com"
"diffie-hellman-group-exchange-sha256"
"mlkem768x25519-sha256"
"sntrup761x25519-sha512"
];
Macs = [
"hmac-sha2-512-etm@openssh.com"
"hmac-sha2-256-etm@openssh.com"
"umac-128-etm@openssh.com"
];
ClientAliveCountMax = 5;
ClientAliveInterval = 60;
};
hostKeys = [
{
path = "${lib.optionalString hasOptinPersistence "/persist"}/etc/ssh/ssh_host_ed25519_key";
type = "ed25519";
}
];
};
};
}

8
modules/nixos/selfhosted/adguard.nix
View File

@@ -1,8 +0,0 @@
{...}: {
services = {
adguardhome = {
enable = true;
openFirewall = true;
};
};
}

61
modules/nixos/selfhosted/containers/cs2.nix
View File

@@ -1,61 +0,0 @@
{config, ...}: {
virtualisation.oci-containers.containers.cs2-server = {
image = "joedwards32/cs2";
environmentFiles = [
config.sops.secrets."cs2_secrets/SRCDS_TOKEN".path
config.sops.secrets."cs2_secrets/CS2_RCONPW".path
config.sops.secrets."cs2_secrets/CS2_PW".path
];
environment = {
# Server configuration
STEAMAPPVALIDATE = "0";
CS2_SERVERNAME = "tux's CS-2 Server";
CS2_CHEATS = "0";
CS2_PORT = "27015";
CS2_SERVER_HIBERNATE = "1";
CS2_RCON_PORT = "";
CS2_LAN = "0";
CS2_MAXPLAYERS = "10";
CS2_ADDITIONAL_ARGS = "";
CS2_CFG_URL = "";
# Game modes
CS2_GAMEALIAS = "competitive";
CS2_GAMETYPE = "0";
CS2_GAMEMODE = "1";
CS2_MAPGROUP = "mg_active";
CS2_STARTMAP = "de_mirage";
# Workshop Maps
CS2_HOST_WORKSHOP_COLLECTION = "";
CS2_HOST_WORKSHOP_MAP = "";
# Bots
CS2_BOT_DIFFICULTY = "3";
CS2_BOT_QUOTA = "";
CS2_BOT_QUOTA_MODE = "";
# TV
TV_AUTORECORD = "0";
TV_ENABLE = "0";
TV_PORT = "27020";
TV_PW = "changeme";
TV_RELAY_PW = "changeme";
TV_MAXRATE = "0";
TV_DELAY = "0";
# Logs
CS2_LOG = "on";
CS2_LOG_MONEY = "0";
CS2_LOG_DETAIL = "0";
CS2_LOG_ITEMS = "0";
};
volumes = [
"cs2:/home/steam/cs2-dedicated"
];
ports = [
"27015:27015/tcp"
"27015:27015/udp"
"27020:27020/udp"
];
extraOptions = [
"--interactive"
];
};
}

86
modules/nixos/selfhosted/cyber-tux.nix
View File

@@ -1,86 +0,0 @@
{
config,
lib,
pkgs,
...
}:
with lib; let
cfg = config.tux.services.cyber-tux;
in {
options.tux.services.cyber-tux = {
enable = mkEnableOption "Enable CyberTux Discord bot";
user = mkOption {
type = types.str;
default = "cyber-tux";
description = "User under which the CyberTux service runs.";
};
group = mkOption {
type = types.str;
default = "cyber-tux";
description = "Group under which the CyberTux service runs.";
};
environmentFile = mkOption {
type = types.path;
description = "Environment file containing DISCORD_TOKEN";
};
};
config = mkIf cfg.enable {
systemd.services = {
cyber-tux = {
description = "A discord bot for my server";
after = ["network.target"];
wantedBy = ["multi-user.target"];
serviceConfig = {
Type = "simple";
User = "cyber-tux";
Group = "cyber-tux";
EnvironmentFile = cfg.environmentFile;
ExecStart = getExe pkgs.cyber-tux;
Restart = "always";
LockPersonality = true;
MemoryDenyWriteExecute = true;
NoNewPrivileges = true;
PrivateDevices = true;
PrivateIPC = true;
PrivateTmp = true;
PrivateUsers = true;
ProtectClock = true;
ProtectControlGroups = true;
ProtectHome = true;
ProtectHostname = true;
ProtectKernelLogs = true;
ProtectKernelModules = true;
ProtectKernelTunables = true;
ProtectProc = "invisible";
ProtectSystem = "strict";
RestrictNamespaces = "uts ipc pid user cgroup";
RestrictRealtime = true;
RestrictSUIDSGID = true;
SystemCallArchitectures = "native";
SystemCallFilter = ["@system-service"];
UMask = "0077";
};
};
};
# Ensure the user and group exist
users.users = mkIf (cfg.user == "cyber-tux") {
${cfg.user} = {
isSystemUser = true;
group = cfg.group;
description = "CyberTux service user";
home = "/var/lib/cyber-tux";
createHome = true;
};
};
users.groups = mkIf (cfg.group == "cyber-tux") {
${cfg.group} = {};
};
};
}

29
modules/nixos/selfhosted/gitea.nix
View File

@@ -1,29 +0,0 @@
{lib, ...}: {
services = {
gitea = {
enable = true;
settings = {
service.DISABLE_REGISTRATION = true;
server = {
DOMAIN = "git.tux.rs";
ROOT_URL = "https://git.tux.rs";
};
};
};
nginx = {
enable = lib.mkForce true;
virtualHosts = {
"git.tux.rs" = {
forceSSL = true;
useACMEHost = "tux.rs";
locations = {
"/" = {
proxyPass = "http://localhost:3000";
};
};
};
};
};
};
}

43
modules/nixos/selfhosted/glance/default.nix
View File

@@ -1,43 +0,0 @@
{
username,
lib,
config,
...
}: let
home = import ./home.nix;
in {
services = {
glance = {
enable = true;
openFirewall = true;
settings = {
server = {
host = "0.0.0.0";
port = 5678;
};
branding = {
custom-footer = "<p><a href='https://tux.rs'>${username}</a></p>";
};
pages = [
home.page
];
};
};
nginx = {
enable = lib.mkForce true;
virtualHosts = {
"home.tux.rs" = {
forceSSL = true;
useACMEHost = "tux.rs";
locations = {
"/" = {
proxyPass = "http://${config.services.glance.settings.server.host}:${toString config.services.glance.settings.server.port}";
proxyWebsockets = true;
};
};
};
};
};
};
}

86
modules/nixos/selfhosted/glance/home.nix
View File

@@ -1,86 +0,0 @@
{
page = {
name = "Dashboard - tux";
width = "slim";
hide-desktop-navigation = true;
center-vertically = true;
columns = [
{
size = "full";
widgets = [
{
type = "search";
autofocus = true;
}
{
type = "markets";
markets = [
{
symbol = "BTC-USD";
name = "Bitcoin";
chart-link = "https://www.tradingview.com/chart/?symbol=INDEX:BTCUSD";
}
{
symbol = "ETH-USD";
name = "Ethereum";
chart-link = "https://www.tradingview.com/chart/?symbol=INDEX:ETHUSD";
}
{
symbol = "SOL-USD";
name = "Solana";
chart-link = "https://www.tradingview.com/chart/?symbol=INDEX:SOLUSD";
}
];
}
{
type = "monitor";
cache = "1m";
title = "Services";
sites = [
{
title = "Gitea";
url = "https://git.tux.rs";
icon = "si:gitea";
}
{
title = "Vaultwarden";
url = "https://bw.tux.rs";
icon = "si:vaultwarden";
}
{
title = "Ntfy";
url = "https://ntfy.tux.rs";
icon = "si:ntfy";
}
{
title = "Grafana";
url = "https://grafana.tux.rs";
icon = "si:grafana";
}
{
title = "SearXNG";
url = "https://sx.tux.rs";
icon = "si:searxng";
}
{
title = "Wakapi";
url = "https://wakapi.tux.rs";
icon = "si:wakatime";
}
];
}
{
type = "reddit";
subreddit = "selfhosted";
style = "horizontal-cards";
}
{
type = "reddit";
subreddit = "homelab";
style = "horizontal-cards";
}
];
}
];
};
}

65
modules/nixos/selfhosted/headscale.nix
View File

@@ -1,65 +0,0 @@
{
config,
pkgs,
lib,
email,
...
}: {
security = {
acme = {
defaults.email = "${email}";
acceptTerms = true;
};
};
services = {
headscale = {
enable = true;
port = 8080;
address = "0.0.0.0";
settings = {
dns = {
base_domain = "hs.tux.rs";
search_domains = ["tux.rs"];
magic_dns = true;
nameservers.global = [
"9.9.9.9"
];
};
# server_url = "https://hs.tux.rs:443";
metrics_listen_addr = "0.0.0.0:8095";
logtail = {
enabled = false;
};
log = {
level = "warn";
};
ip_prefixes = [
"100.64.0.0/10"
"fd7a:115c:a1e0::/48"
];
};
};
nginx = {
enable = lib.mkForce true;
virtualHosts = {
"hs.tux.rs" = {
forceSSL = true;
useACMEHost = "tux.rs";
locations = {
"/" = {
proxyPass = "http://localhost:${toString config.services.headscale.port}";
proxyWebsockets = true;
};
"/metrics" = {
proxyPass = "http://${config.services.headscale.settings.metrics_listen_addr}/metrics";
};
};
};
};
};
};
environment.systemPackages = with pkgs; [headscale];
}

24
modules/nixos/selfhosted/kasmweb.nix
View File

@@ -1,24 +0,0 @@
{lib, ...}: {
services = {
kasmweb = {
enable = true;
listenPort = 8843;
};
nginx = {
enable = lib.mkForce true;
virtualHosts = {
"kasm.tux.rs" = {
forceSSL = true;
useACMEHost = "tux.rs";
locations = {
"/" = {
proxyPass = "https://127.0.0.1:8843";
proxyWebsockets = true;
};
};
};
};
};
};
}

45
modules/nixos/selfhosted/monitoring/grafana.nix
View File

@@ -1,45 +0,0 @@
{
lib,
username,
email,
...
}: {
services = {
grafana = {
enable = true;
settings = {
server.http_port = 8888;
security = {
admin_user = "${username}";
admin_email = "${email}";
};
};
};
nginx = {
enable = lib.mkForce true;
virtualHosts = {
"grafana.tux.rs" = {
forceSSL = true;
useACMEHost = "tux.rs";
locations = {
"/" = {
proxyPass = "http://localhost:8888";
proxyWebsockets = true;
};
"/api/live/" = {
proxyPass = "http://localhost:8888";
extraConfig = ''
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
proxy_set_header Host $host;
'';
};
};
};
};
};
};
}

77
modules/nixos/selfhosted/monitoring/loki.nix
View File

@@ -1,77 +0,0 @@
{lib, ...}: {
services = {
loki = {
enable = true;
configuration = {
auth_enabled = false;
server = {
http_listen_port = 3100;
};
common = {
ring = {
instance_addr = "127.0.0.1";
kvstore = {
store = "inmemory";
};
};
replication_factor = 1;
path_prefix = "/tmp/loki";
};
schema_config = {
configs = [
{
from = "2020-05-15";
store = "tsdb";
object_store = "filesystem";
schema = "v13";
index = {
prefix = "index_";
period = "24h";
};
}
];
};
storage_config = {
filesystem = {
directory = "/tmp/loki/chunks";
};
};
};
};
nginx = {
enable = lib.mkForce true;
virtualHosts = {
"loki.tux.rs" = {
forceSSL = true;
useACMEHost = "tux.rs";
locations = {
"/" = {
proxyPass = "http://localhost:3100";
extraConfig = ''
proxy_http_version 1.1;
proxy_read_timeout 1800s;
proxy_connect_timeout 1600s;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
proxy_set_header Connection "Keep-Alive";
proxy_set_header Proxy-Connection "Keep-Alive";
proxy_redirect off;
'';
};
"/ready" = {
proxyPass = "http://localhost:3100";
extraConfig = ''
proxy_http_version 1.1;
proxy_set_header Connection "Keep-Alive";
proxy_set_header Proxy-Connection "Keep-Alive";
proxy_redirect off;
'';
};
};
};
};
};
};
}

Some files were not shown because too many files have changed in this diff Show More