tux/nix-config
1
0
Fork 0
mirror of https://github.com/tuxdotrs/nix-config.git synced 2026-05-06 18:16:31 +05:30
Code Issues Actions Packages Projects Releases Wiki Activity

Compare commits

base: tux:fe607efaf1c5b848102e3206765bff647da99168
Branches Tags
tux:main tux:dev tux:old
tux:25.11.2025
..
compare: tux:dev
Branches Tags
tux:dev tux:main tux:old
tux:25.11.2025

189 Commits
fe607efaf1 ... dev

Author SHA1 Message Date
tux
a62346367f start fresh rewrite 2026-05-02 14:48:41 +05:30
tux
31d65fafa8 feat(canopus): switch supergfxd mode to Integrated 2026-05-01 16:30:49 +05:30
tux
7194dbdaf6 chore: update flake 2026-04-27 14:32:13 +05:30
tux
428c5c5717 feat: restore config path 2026-04-27 14:31:43 +05:30
tux
5971087593 feat: add zed to persist dir 2026-04-27 01:37:25 +05:30
tux
e3bafff8f8 feat: update flake 2026-04-26 15:19:25 +05:30
tux
6e78c0b6c2 feat: switch default browser to brave 2026-04-21 15:18:51 +05:30
tux
99863948b4 feat(canopus): increase max freq 2026-03-27 21:38:01 +05:30
tux
1b526b5633 feat(hyprland): add brightness gesture 2026-03-27 21:35:16 +05:30
tux
489e7e6e2a feat: switch to integrated mode 2026-03-27 21:35:05 +05:30
tux
da97041c2a style: format code 2026-03-27 21:34:50 +05:30
tux
595cf577b4 feat: add davinci resolve 2026-02-28 01:24:11 +05:30
tux
214d86c1c6 chore: update tnvim flake input 2026-02-26 18:38:10 +05:30
tux
e95a103952 chore: update tpanel flake input 2026-02-26 07:46:59 +05:30
tux
6403fab5af feat(obs): add source record plugin 2026-02-25 13:24:36 +05:30
tux
51ed6c6d2c chore(hyprland): update keybind for pin action 2026-02-24 21:51:47 +05:30
tux
77edbf47ad feat: launch easyeffect on startup 2026-02-24 21:05:22 +05:30
tux
f7e6b47cb3 feat: add easyeffects to persist dir 2026-02-24 20:12:29 +05:30
tux
fd3651b398 feat(hyprland): update config 2026-02-24 15:15:21 +05:30
tux
8e1a543fd7 feat(hyprland): add extra workspace 2026-02-24 14:54:49 +05:30
tux
ea7b6bcdef feat: add mangowc 2026-02-24 14:51:35 +05:30
tux
5f72ba716d feat(hyprland): performance/battery optimizations 2026-02-23 12:41:14 +05:30
tux
990081328a feat(alacritty): update background color 2026-02-22 15:56:07 +05:30
tux
9eeac2741c feat(hyprland): update animation and blur settings 2026-02-22 14:53:35 +05:30
tux
b20f3ab5bc feat: setup obs from nixos module 2026-02-18 22:39:00 +05:30
tux
d95f88d61d fix(vicinae): awww-switcher name 2026-02-17 19:30:41 +05:30
tux
cbfe9205c7 feat: setup vicinae silverbullet extension 2026-02-17 19:19:10 +05:30
tux
981a986139 feat(vicinae): setup extensions 2026-02-17 19:18:20 +05:30
tux
ea718e56c6 feat(silverbullet): set auth token 2026-02-17 19:16:25 +05:30
tux
b989269dcc chore: update tpanel flake input 2026-02-17 17:59:11 +05:30
tux
860423356c feat(desktop): setup awww 2026-02-17 17:47:35 +05:30
tux
db8bdfb9c6 chore(hyprland): modify workspace management setting 2026-02-17 17:46:32 +05:30
tux
1a5e5b0c14 chore: update tpanel flake input 2026-02-12 11:47:02 +05:30
tux
a944ca11c7 feat(hyprland): add extra workspace 2026-02-12 11:46:50 +05:30
tux
75e172dd06 fix: steam path for persistence 2026-02-10 09:36:49 +05:30
tux
e2ab75f095 fix(xdg): default apps 2026-02-07 06:55:32 +05:30
tux
a61b0b40c8 chore: update tnvim flake input 2026-02-07 06:19:05 +05:30
tux
1e43a360d3 chore: add lsof 2026-02-07 06:18:54 +05:30
tux
378793245d chore(arcturus): remove commented-out kasmweb import 2026-02-07 05:12:50 +05:30
tux
7b8116644a feat(canopus): remove nextcloud 2026-02-07 05:11:54 +05:30
tux
d158d3e10d chore: add aiostreams to persist dir 2026-02-07 05:10:11 +05:30
tux
c4f96accc9 feat(aiostreams): enable persistent data storage via dataDir 2026-02-07 05:10:00 +05:30
tux
2b632b6bef chore(hyprland): update screenshot tool to hypr-screenshot 2026-02-06 20:57:45 +05:30
tux
54ebce7e53 chore: add vivaldi lib folder to persist dir 2026-02-06 20:29:01 +05:30
tux
2381dc907f chore(spotifyd): set volume 2026-02-05 03:25:26 +05:30
tux
502493a053 Revert "chore(hyprland): focus on activate" 
This reverts commit 7e8039488a.
 2026-02-05 03:24:33 +05:30
tux
2d023bdfba feat: add screen shot/record scripts 2026-02-04 18:08:01 +05:30
tux
7f18b96cdd feat: setup spotifyd 2026-02-04 06:55:07 +05:30
tux
3a46142f6f feat(vicinae): disable close on focus loss 2026-02-04 06:31:45 +05:30
tux
78e8aaf4e0 chore(hyprland): adjust keybindings for launcher 2026-02-04 05:53:50 +05:30
tux
7e8039488a chore(hyprland): focus on activate 2026-02-04 05:48:28 +05:30
tux
8aa79d767a chore: add pulseaudio 2026-02-04 05:48:08 +05:30
tux
705b6c8cf9 feat: add vicinae 2026-02-04 05:46:19 +05:30
tux
759874689f chore: update tpanel flake input 2026-02-04 03:40:46 +05:30
tux
dba0beefbd feat: set vivaldi as default browser 2026-02-04 03:40:27 +05:30
tux
063dd3b580 feat(terminal): adjust font sizes 2026-02-04 03:39:59 +05:30
tux
5f0c07204e feat: add vivaldi browser 2026-02-01 06:47:18 +05:30
tux
7069de5b41 feat: add antigravity 2026-02-01 06:29:56 +05:30
tux
048cb87087 feat(hyprland): update window and workspace rules 2026-01-27 19:32:31 +05:30
tux
f0417f10f0 chore: update trok flake input 2026-01-27 19:29:13 +05:30
tux
4a4f2430b8 style: format code 2026-01-21 20:08:38 +05:30
tux
62eee0efac feat(wezterm): disable check for updates 2026-01-21 19:10:14 +05:30
tux
f46e092f2e chore: update flake inputs 2026-01-21 16:01:24 +05:30
tux
a049a66619 feat: update flake inputs 2026-01-15 20:20:26 +05:30
tux
2d055ab10d feat(fastfetch): remove package count 2026-01-05 23:53:38 +05:30
tux
7d36194e59 feat: use iGPU 2025-12-30 15:32:42 +05:30
tux
206ff0b1c8 chore: update tpanel flake input 2025-12-29 21:53:38 +05:30
tux
42b938cdb0 feat(hyprland): add workspace swipe using gesture's 2025-12-29 11:56:49 +05:30
tux
8e31454fa0 chore: update tpanel flake input 2025-12-29 11:56:16 +05:30
tux
0b68021269 chore: update flake inputs 2025-12-27 16:21:28 +05:30
tux
fb750000a0 feat: add steam to persist dir 2025-12-26 21:45:04 +05:30
tux
0f7bb90600 feat: add moonlight 2025-12-26 03:35:29 +05:30
tux
83513b3b1a feat: rustdesl use unstable pkg 2025-12-26 03:35:08 +05:30
tux
f71dcfb43c feat(hyprland): use iGPU 2025-12-25 16:54:07 +05:30
tux
61f4af216e feat(canopus): add vfio kernel modules 2025-12-25 16:53:26 +05:30
tux
bb1dce3b3a feat: add libvirt to persist dir 2025-12-25 16:51:14 +05:30
tux
8667f72e87 feat: enable spice usb redirection 2025-12-25 16:49:15 +05:30
tux
87f3d1eacd chore: update flake inputs 2025-12-25 06:55:14 +05:30
tux
3c846d6c59 feat(hyprland): migrate window rules 2025-12-19 00:30:40 +05:30
tux
5580c22673 chore: update flake inputs 2025-12-19 00:30:21 +05:30
tux
33f7944296 feat: remove depreciated options 2025-12-17 14:30:10 +05:30
tux
86feafcc82 feat(sirius): enable interop 2025-12-17 03:01:41 +05:30
tux
7b085aa127 feat: update depreciated options 2025-12-17 02:53:16 +05:30
tux
8c17353315 chore: update flake inputs 2025-12-17 02:52:31 +05:30
tux
7772514fce feat: setup distrobox module 2025-11-22 06:13:15 +05:30
tux
71cc3c3e7f feat(node): enable firewall for additional ports 2025-11-14 20:37:51 +05:30
tux
f3063dd250 feat: add umami 2025-11-14 14:13:37 +05:30
tux
abd2134a2a feat: add aiostreams 2025-11-14 12:36:34 +05:30
tux
f033f3406a feat(canopus): change wallpaper 2025-11-14 04:05:04 +05:30
tux
eb95321b42 feat: add steam to persist dir 2025-11-14 04:04:52 +05:30
tux
50549a7ab3 feat: migrate node 2025-11-04 15:00:36 +05:30
tux
7b25ac4f30 feat: upgrade to nextcloud 32 2025-11-03 20:17:52 +05:30
tux
dbb226713d docs: update README.md 2025-10-29 23:29:15 +05:30
tux
b59a134631 feat(hosts): enable user linger for services 2025-10-29 13:37:35 +05:30
tux
b8209290f7 refactor(hosts): consolidate nvidia-container-toolkit configuration 2025-10-29 12:31:26 +05:30
tux
41a4eaa375 docs(readme): update host details in readme 2025-10-27 22:45:31 +05:30
tux
0f50de8d9a feat(node): add new host 2025-10-27 22:39:46 +05:30
tux
315b6f4c8f feat: update flake inputs 2025-10-27 21:43:16 +05:30
tux
da3f7101c0 feat: remove barrier 2025-10-27 21:42:57 +05:30
tux
967a163ae0 feat(sirius): add nvidia-container-toolkit support for driver assertion 2025-10-16 16:07:00 +05:30
tux
a793ff14c4 feat(docker): add nvidia-container-toolkit support 2025-10-15 18:28:21 +05:30
tux
19f271b4f9 feat(homelab): add api keys 2025-10-14 13:15:06 +05:30
tux
6a7decf5be docs: update installation instructions 2025-10-12 22:17:23 +05:30
tux
820e69f53c feat: set cursor size 2025-10-12 17:47:26 +05:30
tux
892f30dabe feat: add lan-mouse 2025-10-12 17:19:53 +05:30
tux
572ae61b3a chore: update tpanel flake input 2025-10-12 06:15:12 +05:30
tux
8a0383d327 feat: remove xserver configuration 2025-10-11 23:46:36 +05:30
tux
fbc415ee1b feat: update options 2025-10-11 23:46:04 +05:30
tux
c8e02ba847 refactor: remove unused modules 2025-10-11 23:45:49 +05:30
tux
0c69443c36 fix(brave): revert scale factor to default 2025-10-11 03:20:49 +05:30
tux
0bf00fc3c3 feat(sirius): add api keys for hyperbolic, gemini, and openrouter 2025-10-11 03:20:20 +05:30
tux
474901aa65 refactor(shell): replace aichat with opencode 2025-10-11 02:52:28 +05:30
tux
767b2f601a feat(hyrpland): bind workspaces to monitor 2025-10-10 19:42:45 +05:30
tux
e5091a1e00 feat(hyprland): resize floating windows 2025-10-10 16:45:19 +05:30
tux
0aa20a37bc feat(canopus): update age public key 2025-10-10 16:44:47 +05:30
tux
94e3785df0 chore: update sha256 hash 2025-10-10 16:43:57 +05:30
tux
5e33aadcd3 feat: update disk config 2025-10-10 10:23:08 +05:30
tux
0934d3235d fix(input): adjust mouse sensitivity 2025-10-08 15:01:13 +05:30
tux
e55e55ddbf feat(input): configure mouse acceleration profile 2025-10-08 04:03:22 +05:30
tux
7006670315 chore: update tpanel flake input 2025-10-07 03:26:22 +05:30
tux
f180bf98fb feat(hyprland): update bindings for tpanel 2025-10-07 01:52:38 +05:30
tux
26c20eb13f feat(hyprland): add mouse bindings 2025-10-07 01:51:44 +05:30
tux
6f53a88817 fix: mouse sensitivity 2025-10-06 22:49:24 +05:30
tux
b7c1c5880d doc: update README 2025-10-06 19:04:17 +05:30
tux
4db41c2842 chore(assets): remove unused 2025-10-06 18:59:39 +05:30
tux
b330c11e90 chore(readme): update UI element references 2025-10-06 18:41:33 +05:30
tux
a43bea05f2 doc(assets): Organize assets by window manager 2025-10-06 18:38:53 +05:30
tux
5d9c95e7ca chore: update sha256 hash 2025-10-04 16:38:09 +05:30
tux
8d89b88b08 chore: update tnvim flake input 2025-10-04 16:31:13 +05:30
tux
e3e742b0ee fix(superfile): set default directory to home 2025-10-04 04:33:24 +05:30
tux
69d22c9be3 feat(hyprland): replace thunar with superfile 2025-10-03 21:53:39 +05:30
tux
4dbd7264a2 feat: update asusd config 2025-10-02 13:54:25 +05:30
tux
4a88e9bd60 style(editor): increase font size 2025-09-30 11:15:12 +05:30
tux
db81a357c9 feat(hyprland): add window centering shortcut 2025-09-30 11:14:48 +05:30
tux
410a202b3d feat(canopus): reduce battery charge threshold 2025-09-30 11:14:34 +05:30
tux
6e069ea386 chore: update tpanel flake input 2025-09-30 11:14:10 +05:30
tux
776b469267 chore: add iwd to persist dir 2025-09-28 05:12:02 +05:30
tux
6c5627e919 feat: add impala 2025-09-28 05:11:58 +05:30
tux
e869984a81 chore(hyprland): refine window floating toggle 2025-09-28 03:01:40 +05:30
tux
8d6e94b059 fix(mopidy): remove unused visualizer sync interval 2025-09-28 01:43:29 +05:30
tux
03fb51dd03 chore: update tpanel flake input 2025-09-28 01:30:02 +05:30
tux
5b76e660dd feat: add bluetui 2025-09-27 21:03:31 +05:30
tux
01c7859436 chore: update tpanel flake input 2025-09-26 13:29:25 +05:30
tux
3efd26e126 feat(hyprland): add tpanel control-center binding 2025-09-25 20:11:27 +05:30
tux
dce1b54011 chore: update tpanel flake input 2025-09-25 20:11:27 +05:30
tux
ba3adc4989 chore: add bigblue-terminal nerd font 2025-09-25 19:32:15 +05:30
tux
6b592db797 chore: update tpanel flake input 2025-09-24 17:52:19 +05:30
tux
7ce463a1b9 feat: migrate tpanel to ags v3 2025-09-24 16:42:10 +05:30
tux
333e87796e chore: correct typo 2025-09-23 15:57:23 +05:30
tux
386ecf0b24 refactor(qt): consolidate qt configuration options 2025-09-23 15:51:20 +05:30
tux
f74b3c6d3c refactor(hyprland): improve floating window rules 2025-09-23 15:50:40 +05:30
tux
bc8618512d feat(hyprland): setup window rules for kde connect 2025-09-23 15:48:19 +05:30
tux
ccbbcbde46 feat(hyprland): launch kde connect on startup 2025-09-23 14:33:03 +05:30
tux
f899f921e0 feat: add kdeconnect to persist dir 2025-09-23 14:32:46 +05:30
tux
1a8e7a2b27 feat: enable firmware update and filesystem trim 2025-09-23 13:56:25 +05:30
tux
91b2810464 feat: add optimisations 2025-09-23 13:55:24 +05:30
tux
f89d27db2e chore: update sha256 hash 2025-09-23 13:36:48 +05:30
tux
6b44e284b0 feat(hyprland): replace swaybg with hyprpaper 2025-09-23 13:36:38 +05:30
tux
da69c4b543 doc: update components 2025-09-22 19:00:32 +05:30
tux
88e4d73968 feat(hyprland): add hyprlock configuration 2025-09-22 18:38:07 +05:30
tux
3c330385d7 feat: add zed editor 2025-09-22 14:21:24 +05:30
tux
04663412b0 feat(boot): increase boot entry limit 2025-09-22 13:08:14 +05:30
tux
b06c8e48bc chore: change wallpaper 2025-09-21 23:37:29 +05:30
tux
3b64438b58 chore: update tnvim flake input 2025-09-18 16:12:01 +05:30
tux
64b8c3a296 feat: setup opencode 2025-09-18 15:55:30 +05:30
tux
4c98e05ec8 feat(hyprland): add display docking script 2025-09-18 15:29:25 +05:30
tux
f11851c6bc feat: add to persist dir 2025-09-17 21:39:28 +05:30
tux
3d5d81f551 feat: update flake inputs 2025-09-17 18:34:39 +05:30
tux
af60797e75 feat: replace spotify with spotify_player 2025-09-17 18:08:03 +05:30
tux
441f39e3c6 chore(ly): set session log to null 2025-09-17 14:41:12 +05:30
tux
82b0dbb27b feat: add superfile 2025-09-17 00:00:07 +05:30
tux
9eb052ff02 feat: add shell aliases for monitor 2025-09-16 23:22:34 +05:30
tux
28f764372b fix(flameshot): configure flameshot to use grim 2025-09-16 15:36:22 +05:30
tux
a4ce82e410 feat: update flake inputs 2025-09-16 14:02:55 +05:30
tux
17c7a507fd chore(hyprland): decrease animation time 2025-09-16 14:01:56 +05:30
tux
725a2a3dd3 refactor: remove unused file 2025-09-09 18:42:02 +05:30
tux
548913d088 feat: update flake inputs 2025-09-09 18:37:41 +05:30
tux
a59383ff91 refactor(ly): persist ly settings 2025-09-07 19:57:40 +05:30
tux
bf5cc15137 chore: update tnvim flake input 2025-09-06 04:53:43 +05:30
tux
9980483650 chore: update tawm flake input 2025-09-03 18:53:17 +05:30
tux
f627239c72 feat(desktop): specify display refresh rate 2025-09-02 02:41:05 +05:30
tux
067b11f0c0 chore: update sha256 hash 2025-08-29 16:16:31 +05:30
tux
d57ff4fe13 chore(deps): update nix flake inputs 2025-08-22 17:10:57 +05:30
tux
3fce605902 chore(deps): bump dependencies in flake.lock 2025-08-19 18:41:58 +05:30
tux
021f07a8b1 refactor(browser): apply scaling for Brave 2025-08-19 18:15:44 +05:30
tux
d397284704 chore: update package 2025-08-13 12:26:50 +05:30
tux
32febe5604 feat: update flake inputs 2025-08-13 12:26:25 +05:30
tux
d3a7405291 feat(browser): switch default browser to Brave 2025-08-13 11:54:18 +05:30
tux
cf9dddfbeb feat: update tnvim flake input 2025-08-12 18:49:11 +05:30
203 changed files with 126 additions and 8323 deletions
Expand all files Collapse all files

55
.sops.yaml
View File

@@ -1,55 +0,0 @@
keys:
- &users
- &tux age14vktfes95f33vuefwnmuvryas7az04u76dsgyhfvsx73czkvmp2q7njkl4
- &hosts
- &sirius age1f860dfewlx5jtt9ejr47gywx70p3dmyc8mat29gpr75psljwjv8q5xyxkq
- &canopus age1udt3cssu7ahdrhsvckt8450rswrr6mknn36xpq74dkfp9lpajvnq84kdzj
- &homelab age1jg642q775gmnmxeu29gcf3lph8vem4xr8t84cxe809dpd0myrussh49h60
- &arcturus age1zsl5d4vj6gl3h96y5p53sq5y4vr4vtlwp727h7rp9a4xfkxm53lqrh6r50
- &alpha age1zujp5gxy7suv8ysnygv43cmzuvv36nxfg0ch7r3xg2emc6fz3vmqqujheq
- &vega age1ydkclhk9kwqdq74utesqdfupt43lz64d5k65gz2z9uyljcqq9fcq3hv28l
- &capella age1y4luzn2jls7rvgphej23srvdlx563lxq29tvf66vhwwzaf7c3f3qzvresh
creation_rules:
- path_regex: hosts/common/secrets.yaml$
key_groups:
- age:
- *tux
- *sirius
- *canopus
- *homelab
- *arcturus
- *alpha
- *vega
- *capella
- path_regex: hosts/sirius/secrets.yaml$
key_groups:
- age:
- *tux
- *sirius
- path_regex: hosts/canopus/secrets.yaml$
key_groups:
- age:
- *tux
- *canopus
- path_regex: hosts/arcturus/secrets.yaml$
key_groups:
- age:
- *tux
- *arcturus
- path_regex: hosts/alpha/secrets.yaml$
key_groups:
- age:
- *tux
- *alpha
- path_regex: hosts/capella/secrets.yaml$
key_groups:
- age:
- *tux
- *capella
- path_regex: hosts/homelab/secrets.yaml$
key_groups:
- age:
- *tux
- *homelab

136
README.md
View File

@@ -23,7 +23,7 @@
## Hosts ## Hosts
| | Hostname | Board | CPU | RAM | GPU | Purpose | | | Hostname | Board | CPU | RAM | GPU | Purpose |
| --- | ---------- | ----------------- | ------------------ | ---- | ------------------------- | ---------------------------------------------------------------------------------- | | --- | ---------- | ----------------- | ------------------ | ----- | ------------------------- | -------------------------------------------------------------------------------- |
| 🖥️ | `sirius` | MSI X570-A Pro | Ryzen 7 5700X3D | 64GB | RTX 3080 TI + RTX 3060 TI | Triple-monitor desktop running Windows Subsystem for Linux. | | 🖥️ | `sirius` | MSI X570-A Pro | Ryzen 7 5700X3D | 64GB | RTX 3080 TI + RTX 3060 TI | Triple-monitor desktop running Windows Subsystem for Linux. |
| 💻 | `canopus` | Asus Zephyrus G15 | Ryzen 9 5900HS | 16GB | RTX 3060 | Optimized for productivity on the go and some gaming. | | 💻 | `canopus` | Asus Zephyrus G15 | Ryzen 9 5900HS | 16GB | RTX 3060 | Optimized for productivity on the go and some gaming. |
| ☁️ | `homelab` | Minisforum MS-A1 | Ryzen 7 8700G | 32GB | Radeon 780M | WIP | | ☁️ | `homelab` | Minisforum MS-A1 | Ryzen 7 8700G | 32GB | Radeon 780M | WIP |
@@ -32,38 +32,122 @@
| 🥔 | `vega` | Raspberry Pi 3B+ | Cortex A53 | 1GB | | Running AdGuard Home for network-wide ad blocking. | | 🥔 | `vega` | Raspberry Pi 3B+ | Cortex A53 | 1GB | | Running AdGuard Home for network-wide ad blocking. |
| 📱 | `capella` | Samsung S25 Ultra | Snapdragon 8 Elite | 12GB | Adreno 830 | Primary mobile for daily usage. (Locked) | | 📱 | `capella` | Samsung S25 Ultra | Snapdragon 8 Elite | 12GB | Adreno 830 | Primary mobile for daily usage. (Locked) |
| 📱 | `rigel` | Motorola Edge 30 | Snapdragon 778G+ | 8GB | Adreno 642L | Secondary mobile for some fun. (Rooted) | | 📱 | `rigel` | Motorola Edge 30 | Snapdragon 778G+ | 8GB | Adreno 642L | Secondary mobile for some fun. (Rooted) |
| ☁️ | `node` | KVM | i9-13900 | 64GB | | Running Ethereum and BSC nodes. Currently in the process of migrating from Ubuntu. | | ☁️ | `node` | ASRock B565D4 | Ryzen 9 5950X | 128GB | | Running Ethereum and BSC nodes. |
## Installation ## Installation
Boot into NixOS bootable USB and then enter the following commands > [!NOTE]
> This will get your base system ready, but keep in mind that many things might not work correctly — such as monitor resolution, font size, and more.
### Prerequisites
Boot into the NixOS bootable USB before proceeding with the installation steps.
### Installation Steps
#### 1. Clone the repository
```bash
git clone https://github.com/tuxdotrs/nix-config.git
cd nix-config
```
#### 2. Gain root privileges
```bash
sudo su
``` ```
# Clone this repositry
git clone https://github.com/tuxdotrs/nix-config.git
# Navigate to the repository directory #### 3. Set up disk partitioning
cd nix-config
# Install disko for disk partitioning Install the required tools:
nix-shell -p disko
# Partition the disk and make sure to replace DISK_PATH (eg. /dev/vda) ```bash
nix-shell -p disko neovim
```
Partition your disk using disko. **This will wipe your drive.** Replace `DISK_PATH` with your actual disk path (e.g., `/dev/vda` or `/dev/nvme0n1`):
```bash
disko --mode disko ./hosts/canopus/disko.nix --arg device '"DISK_PATH"' disko --mode disko ./hosts/canopus/disko.nix --arg device '"DISK_PATH"'
```
# Generate the hardware.nix file for your system #### 4. Configure your disk
Edit the configuration file:
```bash
nvim ./hosts/canopus/default.nix
```
In the imports statement, replace:
```nix
(import ./disko.nix {device = "/dev/nvme0n1";})
```
with:
```nix
(import ./disko.nix {device = "DISK_PATH";})
```
Make sure to replace `DISK_PATH` with your actual disk path.
#### 5. Generate hardware configuration
```bash
nixos-generate-config --no-filesystems --root /mnt nixos-generate-config --no-filesystems --root /mnt
```
# Replace the hardware.nix with generated one Copy the generated hardware configuration to the repository:
```bash
cp /mnt/etc/nixos/hardware-configuration.nix ./hosts/canopus/hardware.nix cp /mnt/etc/nixos/hardware-configuration.nix ./hosts/canopus/hardware.nix
```
# Install #### 6. Install NixOS
```bash
nixos-install --root /mnt --flake .#canopus nixos-install --root /mnt --flake .#canopus
```
# Reboot to your beautiful DE #### 7. Enter into the new system
```bash
nixos-enter --root /mnt
```
#### 8. Set up directories and permissions
```bash
mkdir -p /persist/home
chown -R tux:users /persist/home
```
#### 9. Set passwords
Set the root password:
```bash
passwd root
```
Set the user password:
```bash
passwd tux
```
#### 10. Reboot
```bash
reboot reboot
``` ```
Your NixOS system should now boot into a beautiful DE.
## Components ## Components
| | Wayland | Xorg | | | Wayland | Xorg |
@@ -71,16 +155,30 @@ reboot
| DM | ly | ly | | DM | ly | ly |
| WM/DE | Hyprland | AwesomeWM | | WM/DE | Hyprland | AwesomeWM |
| Compositor | Hyprland | Picom (Jonaburg) | | Compositor | Hyprland | Picom (Jonaburg) |
| Bar | Astal | Wibar | | Bar | tPanel | Wibar |
| Hotkeys | Hyprland | Awful | | Hotkeys | Hyprland | Awful |
| Launcher | Astal | Rofi | | Launcher | tPanel | Rofi |
| Notifications | Astal | Naughty | | Notifications | tPanel | Naughty |
| Terminal | Ghostty | Wezterm | | Terminal | Wezterm | Wezterm |
| Editor | Neovim | Neovim | | Editor | Neovim | Neovim |
## Showcase ## Showcase
### Desktop ### Desktop Hyprland
![Desktop](https://raw.githubusercontent.com/tuxdotrs/nix-config/refs/heads/main/assets/hyprland/desktop.png)
### tPanel
![tPanel](https://raw.githubusercontent.com/tuxdotrs/nix-config/refs/heads/main/assets/hyprland/tPanel.png)
### Workflow
![Workflow](https://raw.githubusercontent.com/tuxdotrs/nix-config/refs/heads/main/assets/hyprland/workflow.png)
## Showcase
### Desktop AwesomeWM
![2024-08-08_18-33](https://github.com/user-attachments/assets/1cdcc387-0f68-486c-a76c-a36ad2acb78d) ![2024-08-08_18-33](https://github.com/user-attachments/assets/1cdcc387-0f68-486c-a76c-a36ad2acb78d)

0
assets/desktop.png → assets/awesomeWM/desktop.png
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 3.2 MiB

After

Width:  |  Height:  |  Size: 3.2 MiB

0
assets/firefox.png → assets/awesomeWM/firefox.png
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 2.6 MiB

After

Width:  |  Height:  |  Size: 2.6 MiB

0
assets/floating-term-neovim.png → assets/awesomeWM/floating-term-neovim.png
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 439 KiB

After

Width:  |  Height:  |  Size: 439 KiB

0
assets/lazygit.png → assets/awesomeWM/lazygit.png
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 487 KiB

After

Width:  |  Height:  |  Size: 487 KiB

0
assets/neovim.png → assets/awesomeWM/neovim.png
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 559 KiB

After

Width:  |  Height:  |  Size: 559 KiB

0
assets/telescope.png → assets/awesomeWM/telescope.png
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 574 KiB

After

Width:  |  Height:  |  Size: 574 KiB

0
assets/workflow.png → assets/awesomeWM/workflow.png
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 645 KiB

After

Width:  |  Height:  |  Size: 645 KiB

BIN
assets/hyprland/desktop.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 1.6 MiB

BIN
assets/hyprland/tPanel.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 1.9 MiB

BIN
assets/hyprland/workflow.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 642 KiB

1829
flake.lock generated
View File

File diff suppressed because it is too large Load Diff

170
flake.nix
View File

@@ -1,170 +0,0 @@
{
description = "tux's Nix Flake";
outputs = {
self,
nixpkgs,
deploy-rs,
...
} @ inputs: let
inherit (self) outputs;
inherit (inputs.nixpkgs.lib) nixosSystem;
inherit (inputs.nix-on-droid.lib) nixOnDroidConfiguration;
forAllSystems = nixpkgs.lib.genAttrs [
"x86_64-linux"
"aarch64-linux"
];
username = "tux";
email = "t@tux.rs";
mkNixOSConfig = host: {
specialArgs = {inherit inputs outputs username email;};
modules = [./hosts/${host}];
};
mkDroidConfig = host: {
pkgs = import nixpkgs {system = "aarch64-linux";};
extraSpecialArgs = {inherit inputs outputs username email;};
modules = [./hosts/${host}];
};
mkNixOSNode = hostname: {
inherit hostname;
profiles.system = {
user = "root";
path = deploy-rs.lib.x86_64-linux.activate.nixos self.nixosConfigurations.${hostname};
};
};
activateNixOnDroid = configuration:
deploy-rs.lib.aarch64-linux.activate.custom
configuration.activationPackage
"${configuration.activationPackage}/activate";
mkDroidNode = hostname: {
inherit hostname;
profiles.system = {
sshUser = "nix-on-droid";
user = "nix-on-droid";
magicRollback = true;
sshOpts = ["-p" "8033"];
path = activateNixOnDroid self.nixOnDroidConfigurations.${hostname};
};
};
in {
packages = forAllSystems (system: import ./pkgs nixpkgs.legacyPackages.${system});
formatter = forAllSystems (system: nixpkgs.legacyPackages.${system}.alejandra);
# Custom packages and modifications, exported as overlays
overlays = import ./overlays {inherit inputs;};
# NixOS configuration entrypoint
# 'nixos-rebuild switch --flake .#your-hostname'
nixosConfigurations = {
arcturus = nixosSystem (mkNixOSConfig "arcturus");
canopus = nixosSystem (mkNixOSConfig "canopus");
alpha = nixosSystem (mkNixOSConfig "alpha");
sirius = nixosSystem (mkNixOSConfig "sirius");
vega = nixosSystem (mkNixOSConfig "vega");
vps = nixosSystem (mkNixOSConfig "vps");
isoImage = nixosSystem (mkNixOSConfig "isoImage");
homelab = nixosSystem (mkNixOSConfig "homelab");
};
# NixOnDroid configuration entrypoint
# 'nix-on-droid switch --flake .#your-hostname'
nixOnDroidConfigurations = {
capella = nixOnDroidConfiguration (mkDroidConfig "capella");
rigel = nixOnDroidConfiguration (mkDroidConfig "rigel");
};
deploy = {
nodes = {
arcturus = mkNixOSNode "arcturus";
canopus = mkNixOSNode "canopus";
alpha = mkNixOSNode "alpha";
sirius = mkNixOSNode "sirius";
vega = mkNixOSNode "vega";
homelab = mkNixOSNode "homelab";
capella = mkDroidNode "capella";
rigel = mkDroidNode "rigel";
};
};
checks = builtins.mapAttrs (system: deployLib: deployLib.deployChecks self.deploy) deploy-rs.lib;
};
inputs = {
nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable";
nixpkgs-stable.url = "github:nixos/nixpkgs/release-24.11";
nixos-wsl = {
url = "github:nix-community/nixos-wsl";
inputs.nixpkgs.follows = "nixpkgs";
};
home-manager = {
url = "github:nix-community/home-manager";
inputs.nixpkgs.follows = "nixpkgs";
};
nix-vscode-extensions = {
url = "github:nix-community/nix-vscode-extensions";
inputs.nixpkgs.follows = "nixpkgs";
};
wezterm-flake = {
url = "github:wez/wezterm/main?dir=nix";
inputs.nixpkgs.follows = "nixpkgs";
};
disko = {
url = "github:nix-community/disko";
inputs.nixpkgs.follows = "nixpkgs";
};
nix-secrets = {
url = "git+ssh://git@github.com/tuxdotrs/nix-secrets.git?shallow=1";
inputs.nixpkgs.follows = "nixpkgs";
};
nix-on-droid = {
url = "github:nix-community/nix-on-droid/release-24.05";
inputs.nixpkgs.follows = "nixpkgs";
inputs.home-manager.follows = "home-manager";
};
tawm = {
url = "github:tuxdotrs/tawm";
inputs.nixpkgs.follows = "nixpkgs";
};
tnvim = {
url = "github:tuxdotrs/tnvim";
inputs.nixpkgs.follows = "nixpkgs";
};
trok = {
url = "github:tuxdotrs/trok";
inputs.nixpkgs.follows = "nixpkgs";
};
tpanel = {
url = "github:tuxdotrs/tpanel";
inputs.nixpkgs.follows = "nixpkgs";
};
tfolio = {
url = "git+ssh://git@github.com/tuxdotrs/tfolio.git";
inputs.nixpkgs.follows = "nixpkgs";
};
cyber-tux = {
url = "git+ssh://git@github.com/tuxdotrs/cyber-tux.git";
inputs.nixpkgs.follows = "nixpkgs";
};
nix-index-database = {
url = "github:nix-community/nix-index-database";
inputs.nixpkgs.follows = "nixpkgs";
};
hyprland.url = "github:hyprwm/Hyprland";
hyprland-plugins = {
url = "github:hyprwm/hyprland-plugins";
inputs.hyprland.follows = "hyprland";
};
ghostty.url = "github:ghostty-org/ghostty";
nixos-hardware.url = "github:nixos/nixos-hardware";
nixpkgs-f2k.url = "github:moni-dz/nixpkgs-f2k";
nur.url = "github:nix-community/nur";
sops-nix.url = "github:Mic92/sops-nix";
impermanence.url = "github:nix-community/impermanence";
deploy-rs.url = "github:serokell/deploy-rs";
nixcord.url = "github:kaylorben/nixcord";
};
}

163
hosts/alpha/default.nix
View File

@@ -1,163 +0,0 @@
{
modulesPath,
inputs,
username,
lib,
email,
config,
...
}: {
imports = [
(modulesPath + "/installer/scan/not-detected.nix")
(modulesPath + "/profiles/qemu-guest.nix")
inputs.disko.nixosModules.default
(import ./disko.nix {device = "/dev/vda";})
../common
../../modules/nixos/selfhosted/uptime-kuma.nix
];
tux.services.openssh.enable = true;
tux.services.openssh.ports = [23];
tux.services.tfolio.enable = true;
tux.services.nginxStreamProxy = {
enable = true;
upstreamServers = inputs.nix-secrets.proxy-servers;
};
sops.secrets = {
borg_encryption_key = {
sopsFile = ./secrets.yaml;
};
"cloudflare_credentials/email" = {
sopsFile = ./secrets.yaml;
};
"cloudflare_credentials/dns_api_token" = {
sopsFile = ./secrets.yaml;
};
};
nixpkgs = {
hostPlatform = "x86_64-linux";
};
boot = {
initrd.systemd = {
enable = lib.mkForce true;
services.wipe-my-fs = {
wantedBy = ["initrd.target"];
after = ["initrd-root-device.target"];
before = ["sysroot.mount"];
unitConfig.DefaultDependencies = "no";
serviceConfig.Type = "oneshot";
script = ''
mkdir /btrfs_tmp
mount /dev/disk/by-partlabel/disk-primary-root /btrfs_tmp
if [[ -e /btrfs_tmp/root ]]; then
mkdir -p /btrfs_tmp/old_roots
timestamp=$(date --date="@$(stat -c %Y /btrfs_tmp/root)" "+%Y-%m-%-d_%H:%M:%S")
mv /btrfs_tmp/root "/btrfs_tmp/old_roots/$timestamp"
fi
delete_subvolume_recursively() {
IFS=$'\n'
for i in $(btrfs subvolume list -o "$1" | cut -f 9- -d ' '); do
delete_subvolume_recursively "/btrfs_tmp/$i"
done
btrfs subvolume delete "$1"
}
for i in $(find /btrfs_tmp/old_roots/ -maxdepth 1 -mtime +30); do
delete_subvolume_recursively "$i"
done
btrfs subvolume create /btrfs_tmp/root
umount /btrfs_tmp
'';
};
};
loader = {
grub = {
efiSupport = true;
efiInstallAsRemovable = true;
};
};
};
networking = {
hostName = "alpha";
firewall = {
enable = true;
allowedTCPPorts = [80 443 22 23];
};
};
security = {
acme = {
acceptTerms = true;
defaults.email = "${email}";
certs = {
"tux.rs" = {
group = "nginx";
domain = "*.tux.rs";
extraDomainNames = ["tux.rs"];
dnsProvider = "cloudflare";
credentialFiles = {
CLOUDFLARE_EMAIL_FILE = config.sops.secrets."cloudflare_credentials/email".path;
CLOUDFLARE_DNS_API_TOKEN_FILE = config.sops.secrets."cloudflare_credentials/dns_api_token".path;
};
};
};
};
};
users.users.nginx.extraGroups = ["acme"];
services = {
nginx = {
recommendedGzipSettings = true;
recommendedOptimisation = true;
recommendedProxySettings = true;
recommendedTlsSettings = true;
};
};
programs = {
zsh.enable = true;
dconf.enable = true;
};
programs.fuse.userAllowOther = true;
fileSystems."/persist".neededForBoot = true;
environment.persistence."/persist" = {
hideMounts = true;
directories = [
"/var/log"
"/var/lib/acme"
"/var/lib/nixos"
"/var/lib/private"
];
files = [
"/etc/ssh/ssh_host_ed25519_key"
"/etc/ssh/ssh_host_ed25519_key.pub"
"/etc/ssh/ssh_host_rsa_key"
"/etc/ssh/ssh_host_rsa_key.pub"
];
};
home-manager.users.${username} = {
imports = [
./home.nix
];
};
system.stateVersion = "24.11";
}

53
hosts/alpha/disko.nix
View File

@@ -1,53 +0,0 @@
{device ? throw "Set this to the disk device, e.g. /dev/nvme0n1", ...}: {
disko.devices.disk.primary = {
inherit device;
type = "disk";
content = {
type = "gpt"; # GPT partitioning scheme
partitions = {
boot = {
name = "boot";
size = "1M";
type = "EF02";
};
# EFI Partition
ESP = {
size = "512M";
type = "EF00";
content = {
type = "filesystem";
format = "vfat";
mountpoint = "/boot";
mountOptions = ["defaults" "umask=0077"];
};
};
# Btrfs Root Partition
root = {
size = "100%"; # Use remaining space
type = "8300"; # Linux filesystem type
content = {
type = "btrfs";
subvolumes = {
"/root" = {
mountOptions = ["compress=zstd"]; # Compression for better performance
mountpoint = "/"; # Root subvolume
};
"/persist" = {
mountOptions = ["compress=zstd"]; # Compression for persistent data
mountpoint = "/persist"; # Persistent subvolume
};
"/nix" = {
mountOptions = [
"compress=zstd"
"noatime"
"noacl"
]; # Optimize for Nix store
mountpoint = "/nix"; # Nix subvolume
};
};
};
};
};
};
};
}

12
hosts/alpha/home.nix
View File

@@ -1,12 +0,0 @@
{username, ...}: {
home.persistence."/persist/home/${username}" = {
directories = [
"Projects"
".ssh"
".local/share/zsh"
];
allowOther = true;
};
home.stateVersion = "24.11";
}

28
hosts/alpha/secrets.yaml
View File

@@ -1,28 +0,0 @@
borg_encryption_key: ENC[AES256_GCM,data:EK1f7J4ea80K7LO16pPmkh246xmXoJEiCKzPbiRCmjQ=,iv:3vae+IAAgDx+0NPgml07kbT9kc4RpzDd1oj2Qb6ZqdM=,tag:aXj3IwzfeQ8+tGjSpq76bw==,type:str]
cloudflare_credentials:
email: ENC[AES256_GCM,data:w9ghChGxgV7OVeM=,iv:Qtl/pMmXGjhZ9dMRkxeyEDncGfY/YPy51eJrZ6mOgGg=,tag:oi7OoTf4TnUknblZ3lPDzQ==,type:str]
dns_api_token: ENC[AES256_GCM,data:lMoqQs9MZ646ESJUxN2dtIopNS8P55JARk6wyfaJ8ad9ABvk268oWQ==,iv:Ez4y/kKPsRuIH9mEcpS3IU4j3kK8F6iBBFOnIf9Ck60=,tag:7I0eE8PoohH9KtiHziagrg==,type:str]
sops:
age:
- recipient: age14vktfes95f33vuefwnmuvryas7az04u76dsgyhfvsx73czkvmp2q7njkl4
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB3NjIrVVlPVW9qTU9vMlMw
K3BtRHZaS0h0WmlmMjF3YjhHSFZtNmFzdjNZCjRKQ0UwWTc2L3NOY1AyZnR2K2hF
QkQ4blQvd0paRHd6c3dWaU5XbmV4S28KLS0tIExtWnR0djB5WU9lajVJeU5udlBQ
eDlMemQ1c1FkazlRaDhPUzNBcVh2bWsK544MNSGooJPKL7hxQ+yvPRROw3RER7p8
jbUVxMp4ZD/0ut/qFrKdyvfSPDcDkUR5eBoeaeUBkMAAPL+YeIxKhQ==
-----END AGE ENCRYPTED FILE-----
- recipient: age1zujp5gxy7suv8ysnygv43cmzuvv36nxfg0ch7r3xg2emc6fz3vmqqujheq
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBvWlN0bWNMZTlMM3Mvdmdn
M2M1RzBaNUl3Qkc4Sm5QbmE3cFpuODBNakZzCk9SbjBvM25pK2pGdmRqMXd4eTJu
ZU8vTmtSN1RYK2RmQ01QempKUG43eHMKLS0tIHVINVgvNTluS1grSm1YSHkzalMx
SGM4ditJZFducVNEaDlJSkhuUnpxQzAKvvHbDuTQUpW+O/qtgjAFZlYc4iRRj4G1
BP/QyzuTnpP6PuAG9pJYHx164+uS2Ftog/QnCFD0YAJdJtxaoUHzOw==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2025-07-09T19:44:56Z"
mac: ENC[AES256_GCM,data:1sXY3aEfbsit5hGBdE7x0pbdSLnW67NRNNDTEjS1fI85TaPpMmcgrxxvEDsg1A6psRMdBwFMUIVHH/rf4rkZ9tXSmHZBFTZrTQGn09bPF9yNC0MnJXKkcNcQiQJveg986LMWFwT/WE8PWbeDh7o+ASJF+IgT+5ikq8DMBgoyK/E=,iv:Ssy66et65Oq2WwbF12ubLGk87bSv/KSruf49T7v04NY=,tag:Y89PxwRFlJUBZniS2clybw==,type:str]
unencrypted_suffix: _unencrypted
version: 3.10.2

217
hosts/arcturus/default.nix
View File

@@ -1,217 +0,0 @@
{
modulesPath,
inputs,
username,
lib,
email,
config,
...
}: {
imports = [
(modulesPath + "/installer/scan/not-detected.nix")
(modulesPath + "/profiles/qemu-guest.nix")
inputs.disko.nixosModules.default
(import ./disko.nix {device = "/dev/vda";})
../common
../../modules/nixos/virtualisation/docker.nix
../../modules/nixos/selfhosted/postgresql.nix
../../modules/nixos/selfhosted/headscale.nix
../../modules/nixos/selfhosted/vaultwarden.nix
../../modules/nixos/selfhosted/gitea.nix
../../modules/nixos/selfhosted/plausible.nix
../../modules/nixos/selfhosted/monitoring/grafana.nix
../../modules/nixos/selfhosted/monitoring/loki.nix
../../modules/nixos/selfhosted/monitoring/promtail.nix
../../modules/nixos/selfhosted/ntfy-sh.nix
../../modules/nixos/selfhosted/searx.nix
../../modules/nixos/selfhosted/wakapi.nix
../../modules/nixos/selfhosted/nextcloud.nix
../../modules/nixos/selfhosted/silver-bullet.nix
../../modules/nixos/selfhosted/rustdesk-server.nix
../../modules/nixos/selfhosted/kasmweb.nix
../../modules/nixos/selfhosted/open-webui.nix
../../modules/nixos/selfhosted/glance
];
tux.services.openssh.enable = true;
sops.secrets = {
borg_encryption_key = {
sopsFile = ./secrets.yaml;
};
searx_secret_key = {
sopsFile = ./secrets.yaml;
};
"cloudflare_credentials/email" = {
sopsFile = ./secrets.yaml;
};
"cloudflare_credentials/dns_api_token" = {
sopsFile = ./secrets.yaml;
};
plausible_key = {
sopsFile = ./secrets.yaml;
};
wakapi_salt = {
sopsFile = ./secrets.yaml;
};
nextcloud_password = {
sopsFile = ./secrets.yaml;
owner = "nextcloud";
};
silver_bullet = {
sopsFile = ./secrets.yaml;
};
"cs2_secrets/SRCDS_TOKEN" = {
sopsFile = ./secrets.yaml;
};
"cs2_secrets/CS2_RCONPW" = {
sopsFile = ./secrets.yaml;
};
"cs2_secrets/CS2_PW" = {
sopsFile = ./secrets.yaml;
};
};
nixpkgs = {
hostPlatform = "x86_64-linux";
};
boot = {
kernel.sysctl = {
"vm.swappiness" = 10;
};
initrd.systemd = {
enable = lib.mkForce true;
services.wipe-my-fs = {
wantedBy = ["initrd.target"];
after = ["initrd-root-device.target"];
before = ["sysroot.mount"];
unitConfig.DefaultDependencies = "no";
serviceConfig.Type = "oneshot";
script = ''
mkdir /btrfs_tmp
mount /dev/disk/by-partlabel/disk-primary-root /btrfs_tmp
if [[ -e /btrfs_tmp/root ]]; then
mkdir -p /btrfs_tmp/old_roots
timestamp=$(date --date="@$(stat -c %Y /btrfs_tmp/root)" "+%Y-%m-%-d_%H:%M:%S")
mv /btrfs_tmp/root "/btrfs_tmp/old_roots/$timestamp"
fi
delete_subvolume_recursively() {
IFS=$'\n'
for i in $(btrfs subvolume list -o "$1" | cut -f 9- -d ' '); do
delete_subvolume_recursively "/btrfs_tmp/$i"
done
btrfs subvolume delete "$1"
}
for i in $(find /btrfs_tmp/old_roots/ -maxdepth 1 -mtime +30); do
delete_subvolume_recursively "$i"
done
btrfs subvolume create /btrfs_tmp/root
umount /btrfs_tmp
'';
};
};
loader = {
grub = {
efiSupport = true;
efiInstallAsRemovable = true;
configurationLimit = 10;
};
timeout = 1;
};
};
networking = {
hostName = "arcturus";
firewall = {
enable = true;
allowedTCPPorts = [80 443 22 3333 8081];
};
};
security = {
acme = {
acceptTerms = true;
defaults.email = "${email}";
certs = {
"tux.rs" = {
group = "nginx";
domain = "*.tux.rs";
extraDomainNames = ["tux.rs"];
dnsProvider = "cloudflare";
credentialFiles = {
CLOUDFLARE_EMAIL_FILE = config.sops.secrets."cloudflare_credentials/email".path;
CLOUDFLARE_DNS_API_TOKEN_FILE = config.sops.secrets."cloudflare_credentials/dns_api_token".path;
};
};
};
};
};
users.users.nginx.extraGroups = ["acme"];
services = {
nginx = {
recommendedTlsSettings = true;
recommendedBrotliSettings = true;
recommendedOptimisation = true;
recommendedGzipSettings = true;
recommendedProxySettings = true;
};
};
programs.fuse.userAllowOther = true;
fileSystems."/persist".neededForBoot = true;
environment.persistence."/persist" = {
hideMounts = true;
directories = [
"/var/log"
"/var/lib/nixos"
"/var/lib/acme"
"/var/lib/postgresql"
"/var/lib/headscale"
"/var/lib/vaultwarden"
"/var/lib/gitea"
"/var/lib/clickhouse"
"/var/lib/grafana"
"/var/lib/promtail"
"/var/lib/private"
"/var/lib/nextcloud"
"/var/lib/silverbullet"
"/var/lib/kasmweb"
];
files = [
"/etc/ssh/ssh_host_ed25519_key"
"/etc/ssh/ssh_host_ed25519_key.pub"
"/etc/ssh/ssh_host_rsa_key"
"/etc/ssh/ssh_host_rsa_key.pub"
];
};
home-manager.users.${username} = {
imports = [
./home.nix
];
};
system.stateVersion = "24.11";
}

53
hosts/arcturus/disko.nix
View File

@@ -1,53 +0,0 @@
{device ? throw "Set this to the disk device, e.g. /dev/nvme0n1", ...}: {
disko.devices.disk.primary = {
inherit device;
type = "disk";
content = {
type = "gpt"; # GPT partitioning scheme
partitions = {
boot = {
name = "boot";
size = "1M";
type = "EF02";
};
# EFI Partition
ESP = {
size = "512M";
type = "EF00";
content = {
type = "filesystem";
format = "vfat";
mountpoint = "/boot";
mountOptions = ["defaults" "umask=0077"];
};
};
# Btrfs Root Partition
root = {
size = "100%"; # Use remaining space
type = "8300"; # Linux filesystem type
content = {
type = "btrfs";
subvolumes = {
"/root" = {
mountOptions = ["compress=zstd"]; # Compression for better performance
mountpoint = "/"; # Root subvolume
};
"/persist" = {
mountOptions = ["compress=zstd"]; # Compression for persistent data
mountpoint = "/persist"; # Persistent subvolume
};
"/nix" = {
mountOptions = [
"compress=zstd"
"noatime"
"noacl"
]; # Optimize for Nix store
mountpoint = "/nix"; # Nix subvolume
};
};
};
};
};
};
};
}

13
hosts/arcturus/home.nix
View File

@@ -1,13 +0,0 @@
{username, ...}: {
home.persistence."/persist/home/${username}" = {
directories = [
"Projects"
"Stuff"
".ssh"
".local/share/zsh"
];
allowOther = true;
};
home.stateVersion = "24.11";
}

42
hosts/arcturus/secrets.yaml
View File

@@ -1,42 +0,0 @@
borg_encryption_key: ENC[AES256_GCM,data:7DZQaoS2a5mPjTej25vr1aO1yAAPyXT2tf/VxKrLxF0=,iv:it8JlyEj4r4Z+qDvoEWMQlGkbVh08M/BCkGLVzRCVKQ=,tag:81gRhru8J3hkQhIbgUOgBg==,type:str]
searx_secret_key: ENC[AES256_GCM,data:Z49PJ2gNI5CI0IfzOta+r67VNUvjoPpMVv5lajGhUMPzSy1KWZC5wIM3d02jWwCOsNjXdU5hE3j9W0rkoy5ZhFPXBJRUEv5b6IcaLA==,iv:364zGZkD2LO189nkvizl8yjedi1IgYEEQMA67SexSSI=,tag:qPqefG6jUaBOpUy6d7E++w==,type:str]
plausible_key: ENC[AES256_GCM,data:Ynf2aJ6RLRdAkT9ltLpCXTl8zg/VESDchlf67PmKjc93rSfDgq9tFqv1q55Km2lDo7y9iLu5WyLLg24CSSwy8Q==,iv:yW5hgP4dhfkvunv3iYmXGEH9w29OOmrG4ourPagslVg=,tag:C5PVfEseP5gJdoQQL4gERQ==,type:str]
wakapi_salt: ENC[AES256_GCM,data:Vk5Lezv0f/0ehHqXXBCsQxWFYE2KFujTfII0r7Gd1BXFrwiPEdX62aZ+9LQx7s1RTHh0n+LP/5t0cmHO/fJhGw==,iv:ZUlRwNXUCQ53Lymi9fO4qoBWjLpHVWfTnYM0Z1I6F5o=,tag:dadkEKV7paH4+qAz7Bxxqg==,type:str]
cloudflare_credentials:
email: ENC[AES256_GCM,data:qesgxkzUglKdYPI=,iv:2XDEoQzmtagSiILWZzJPswdhkQ+qjdZfNd+LL1nHPx8=,tag:K1F23Za2Zq78tzf0fl5zEw==,type:str]
dns_api_token: ENC[AES256_GCM,data:ibSL4KWYhqgHjo27fiSqB1iN9NWU3/qGGuLpmiMpBf+qCuh8uxR7Yw==,iv:NapMvfUSm5rgeROK7KuxGyog8s2PW9CCKtjRG87FoCQ=,tag:/Oah7PRCe4XPts0IYt83zw==,type:str]
nextcloud_password: ENC[AES256_GCM,data:o37mq4YHQT5pbi+cXrk=,iv:8HiDwdHTozNM2lHpgqVhdsspuifppsL2I6Z31xEnYFI=,tag:xTnfn8HcubfiQwLYIkpxjw==,type:str]
silver_bullet: ENC[AES256_GCM,data:waEPGskjkkdX98PKzgZG1bzS+NwL6GR8kok=,iv:8a8IeXla8XSHFzjKcVY3QYUK5aFk2kPHVIRvs1y7So0=,tag:p++o6wvLtG5DbDmUusRQLg==,type:str]
cs2_secrets:
SRCDS_TOKEN: ENC[AES256_GCM,data:SzPz4sHDgEoioX8ylLFM6AUUS60gWYpR3ifxUD8A8IQga24t6GM0dyGDryc=,iv:XefIn9yCLPLKVRA+rZiSGUH3l6ZANIJoGRuM/3vFLIw=,tag:flEjl9c7i3XBlHJaq41QYQ==,type:str]
CS2_RCONPW: ENC[AES256_GCM,data:ZyVeoOngZjxKR/ObYo5yJC1ViCNufuA=,iv:+fJK0sY39V/iH7OjT0AzQq6RefVzLZCDETYcAMFnZNU=,tag:IOhRUQRdffNMXa2cKZvi/w==,type:str]
CS2_PW: ENC[AES256_GCM,data:W1Cur7YT1F/+45vmqif2JbpjVURfnfo=,iv:sBNDM2N+QWDAMculBBZtYZcM7ILEfpwkwOd7ErORQhI=,tag:XFsxTUjctZKU38RQUfJ8HQ==,type:str]
sops:
kms: []
gcp_kms: []
azure_kv: []
hc_vault: []
age:
- recipient: age14vktfes95f33vuefwnmuvryas7az04u76dsgyhfvsx73czkvmp2q7njkl4
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB6TGpVMzNDZjNQSkNDQmM3
eXpvZDRPZW9Kbm81Z2VVUVZIckFNUC9zTEZzCmliUkNWS01YMHVRaUoxTS84VmxQ
UDZtbkhmZmdZVWVsaHN3djkwSERGQ1kKLS0tIEh0ckhDTkQvcEM0UFI2MUVXVHI5
WnhEdnRqazdZWmczYXYxNy9BMHdwdEUKYgB34OOezF3iF706pIfDmQ0FJEHXBbGF
EJRNmA4Zl1AwyzkN3NSlctzvxx201T1GWL4qZeyVafRv5jQ9oSfK7g==
-----END AGE ENCRYPTED FILE-----
- recipient: age1zsl5d4vj6gl3h96y5p53sq5y4vr4vtlwp727h7rp9a4xfkxm53lqrh6r50
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBHeXNrT3c1bENOK0lNZWNT
eFBqYm1BRHBhakFQMVVIKzR0SDRDOW9jUXdBCmFIQWZRSnBlOFBralVFakQ2clNY
Q1Nma0pRVHh4L3IwQm1GbTdqb1BUcWsKLS0tIFRQOVIxb1FRc29WSVVERWsxSDhq
NGprRGVyZ2plWVNrM3drM3JSUjM2L0UKuNk5DqYn2DIfRpY72zDRP5BKoVAXtNv9
uLI//8wc7f4I3uBdARQdpRE1fapY1UOJOn3i0yndrZARPEbdohRK1Q==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2025-01-24T12:59:25Z"
mac: ENC[AES256_GCM,data:WGWGvbqu07XZ5oU2HBGUbP/9oNCavPBXb2SIm10CG2s377QAWZmpdOC2AGAX8J3NfLtyWEHm8WUQSKjNKvKWARsXU24lNnY+BTSIkF8ymrAU/rRMX8VJi92IYjregAfVBIaYomxqJFhNuAhmsQ75ZYMpRBTusxiEFEdl/H9obiY=,iv:VXIVkpnOY2gZ/xDX/oFvZn08K5Gp49tpiJQGK20blro=,tag:Hkk92ZQWTRY9oQb3Mm6R3w==,type:str]
pgp: []
unencrypted_suffix: _unencrypted
version: 3.9.3

395
hosts/canopus/default.nix
View File

@@ -1,395 +0,0 @@
{
inputs,
username,
pkgs,
lib,
config,
...
}: {
imports = [
inputs.nixos-hardware.nixosModules.asus-zephyrus-ga503
inputs.disko.nixosModules.default
(import ./disko.nix {device = "/dev/nvme0n1";})
./hardware.nix
../common
../../modules/nixos/desktop
../../modules/nixos/desktop/awesome
../../modules/nixos/desktop/hyprland
../../modules/nixos/virtualisation
../../modules/nixos/steam.nix
];
tux.services.openssh.enable = true;
nixpkgs.config.cudaSupport = true;
sops.secrets = {
hyperbolic_api_key = {
sopsFile = ./secrets.yaml;
owner = "${username}";
};
gemini_api_key = {
sopsFile = ./secrets.yaml;
owner = "${username}";
};
};
networking = {
hostName = "canopus";
networkmanager = {
enable = true;
wifi.powersave = false;
};
firewall = {
enable = true;
allowedTCPPorts = [80 443 22 3000 6666 8081];
# Facilitate firewall punching
allowedUDPPorts = [41641];
allowedTCPPortRanges = [
{
from = 1714;
to = 1764;
}
];
allowedUDPPortRanges = [
{
from = 1714;
to = 1764;
}
];
};
};
boot = {
binfmt.emulatedSystems = ["aarch64-linux"];
plymouth = {
enable = true;
theme = "spinner-monochrome";
themePackages = [
(pkgs.plymouth-spinner-monochrome.override {inherit (config.boot.plymouth) logo;})
];
};
kernelParams = [
"quiet"
"loglevel=3"
"systemd.show_status=auto"
"udev.log_level=3"
"rd.udev.log_level=3"
"vt.global_cursor_default=0"
];
consoleLogLevel = 0;
initrd.verbose = false;
kernelPackages = pkgs.linuxPackages_zen;
supportedFilesystems = ["ntfs"];
initrd.systemd = {
enable = lib.mkForce true;
services.wipe-my-fs = {
wantedBy = ["initrd.target"];
after = ["initrd-root-device.target"];
before = ["sysroot.mount"];
unitConfig.DefaultDependencies = "no";
serviceConfig.Type = "oneshot";
script = ''
mkdir /btrfs_tmp
mount /dev/disk/by-partlabel/disk-primary-root /btrfs_tmp
if [[ -e /btrfs_tmp/root ]]; then
mkdir -p /btrfs_tmp/old_roots
timestamp=$(date --date="@$(stat -c %Y /btrfs_tmp/root)" "+%Y-%m-%-d_%H:%M:%S")
mv /btrfs_tmp/root "/btrfs_tmp/old_roots/$timestamp"
fi
delete_subvolume_recursively() {
IFS=$'\n'
for i in $(btrfs subvolume list -o "$1" | cut -f 9- -d ' '); do
delete_subvolume_recursively "/btrfs_tmp/$i"
done
btrfs subvolume delete "$1"
}
for i in $(find /btrfs_tmp/old_roots/ -maxdepth 1 -mtime +30); do
delete_subvolume_recursively "$i"
done
btrfs subvolume create /btrfs_tmp/root
umount /btrfs_tmp
'';
};
};
loader = {
systemd-boot = {
enable = true;
configurationLimit = 5;
};
efi.canTouchEfiVariables = true;
timeout = 1;
};
};
hardware = {
bluetooth.enable = true;
bluetooth.powerOnBoot = true;
graphics.enable32Bit = true;
};
security = {
polkit.enable = true;
rtkit.enable = true;
};
systemd = {
enableEmergencyMode = false;
user = {
services.polkit-gnome-authentication-agent-1 = {
description = "polkit-gnome-authentication-agent-1";
wantedBy = ["graphical-session.target"];
wants = ["graphical-session.target"];
after = ["graphical-session.target"];
serviceConfig = {
Type = "simple";
ExecStart = "${pkgs.polkit_gnome}/libexec/polkit-gnome-authentication-agent-1";
Restart = "on-failure";
RestartSec = 1;
TimeoutStopSec = 10;
};
};
};
};
programs = {
ssh.startAgent = true;
xfconf.enable = true;
file-roller.enable = true;
thunar = {
enable = true;
plugins = with pkgs.xfce; [thunar-archive-plugin thunar-volman];
};
nix-ld = {
enable = true;
package = pkgs.nix-ld-rs;
};
nm-applet.enable = true;
noisetorch.enable = true;
};
services = {
resolved.enable = true;
flatpak.enable = true;
pipewire = {
enable = true;
alsa.enable = true;
alsa.support32Bit = true;
pulse.enable = true;
wireplumber.enable = true;
};
logind = {
extraConfig = "HandlePowerKey=suspend";
lidSwitch = "suspend";
lidSwitchExternalPower = "suspend";
};
xrdp = {
enable = true;
openFirewall = true;
defaultWindowManager = "awesome";
audio.enable = true;
};
syncthing = {
enable = true;
user = "tux";
dataDir = "/home/tux/";
openDefaultPorts = true;
};
xserver = {
enable = true;
xkb = {
layout = "in";
variant = "eng";
};
};
libinput.touchpad.naturalScrolling = true;
# To use Auto-cpufreq we need to
# disable TLP because it's enabled by nixos-hardware
tlp.enable = false;
auto-cpufreq = {
enable = true;
settings = {
battery = {
platform_profile = "balanced";
governor = "powersave";
energy_performance_preference = "performance";
turbo = "never";
scaling_min_freq = 400000;
scaling_max_freq = 3800000;
};
charger = {
platform_profile = "performance";
governor = "performance";
energy_performance_preference = "performance";
turbo = "auto";
scaling_min_freq = 400000;
scaling_max_freq = 3800000;
};
};
};
blueman.enable = true;
supergfxd = {
enable = true;
settings = {
mode = "Integrated";
vfio_enable = false;
vfio_save = false;
always_reboot = false;
no_logind = false;
logout_timeout_s = 180;
hotplug_type = "None";
};
};
asusd = {
enable = true;
enableUserService = true;
asusdConfig.text = ''
(
charge_control_end_threshold: 100,
panel_od: false,
mini_led_mode: false,
disable_nvidia_powerd_on_battery: true,
ac_command: "",
bat_command: "",
platform_policy_on_battery: Quiet,
platform_policy_on_ac: Quiet,
ppt_pl1_spl: None,
ppt_pl2_sppt: None,
ppt_fppt: None,
ppt_apu_sppt: None,
ppt_platform_sppt: None,
nv_dynamic_boost: None,
nv_temp_target: None,
)
'';
profileConfig.text = ''
(
active_profile: Balanced,
)
'';
fanCurvesConfig.text = ''
(
profiles: (
balanced: [
(
fan: CPU,
pwm: (2, 22, 45, 68, 91, 153, 153, 153),
temp: (55, 62, 66, 70, 74, 78, 78, 78),
enabled: true,
),
(
fan: GPU,
pwm: (2, 25, 48, 71, 94, 165, 165, 165)
temp: (55, 62, 66, 70, 74, 78, 78, 78),
enabled: true,
),
],
performance: [
(
fan: CPU,
pwm: (35, 68, 79, 91, 114, 175, 175, 175),
temp: (58, 62, 66, 70, 74, 78, 78, 78),
enabled: true,
),
(
fan: GPU,
pwm: (35, 71, 84, 94, 119, 188, 188, 188),
temp: (58, 62, 66, 70, 74, 78, 78, 78),
enabled: true,
),
],
quiet: [
(
fan: CPU,
pwm: (2, 12, 25, 35, 48, 61, 84, 90),
temp: (55, 62, 66, 70, 74, 78, 82, 82),
enabled: true,
),
(
fan: GPU,
pwm: (2, 12, 25, 35, 48, 61, 84, 84),
temp: (55, 62, 66, 70, 74, 78, 82, 82),
enabled: true,
),
],
custom: [],
),
)
'';
};
gvfs.enable = true;
tumbler.enable = true;
# @FIX gnome gcr agent conflicts with programs.ssh.startAgent;
# gnome.gnome-keyring.enable = true;
tailscale = {
enable = true;
extraUpFlags = ["--login-server https://hs.tux.rs"];
};
mullvad-vpn = {
enable = true;
package = pkgs.mullvad-vpn;
};
};
fonts.packages = with pkgs.nerd-fonts; [
fira-code
jetbrains-mono
];
programs.fuse.userAllowOther = true;
fileSystems."/persist".neededForBoot = true;
environment.persistence."/persist" = {
hideMounts = true;
directories = [
"/var/log"
"/var/lib/bluetooth"
"/var/lib/tailscale"
"/var/lib/nixos"
"/var/lib/docker"
"/var/lib/waydroid"
"/etc/NetworkManager/system-connections"
];
files = [
# "/etc/machine-id"
"/etc/ssh/ssh_host_ed25519_key"
"/etc/ssh/ssh_host_ed25519_key.pub"
"/etc/ssh/ssh_host_rsa_key"
"/etc/ssh/ssh_host_rsa_key.pub"
];
};
home-manager.users.${username} = {
imports = [
./home.nix
];
};
system.stateVersion = "24.11";
}

48
hosts/canopus/disko.nix
View File

@@ -1,48 +0,0 @@
{device ? throw "Set this to the disk device, e.g. /dev/nvme0n1", ...}: {
disko.devices.disk.primary = {
inherit device;
type = "disk";
content = {
type = "gpt"; # GPT partitioning scheme
partitions = {
# EFI Partition
ESP = {
size = "512M";
type = "EF00";
content = {
type = "filesystem";
format = "vfat";
mountpoint = "/boot";
mountOptions = ["defaults" "umask=0077"];
};
};
# Btrfs Root Partition
root = {
size = "100%"; # Use remaining space
type = "8300"; # Linux filesystem type
content = {
type = "btrfs";
subvolumes = {
"/root" = {
mountOptions = ["compress=zstd"]; # Compression for better performance
mountpoint = "/"; # Root subvolume
};
"/persist" = {
mountOptions = ["compress=zstd"]; # Compression for persistent data
mountpoint = "/persist"; # Persistent subvolume
};
"/nix" = {
mountOptions = [
"compress=zstd"
"noatime"
"noacl"
]; # Optimize for Nix store
mountpoint = "/nix"; # Nix subvolume
};
};
};
};
};
};
};
}

26
hosts/canopus/hardware.nix
View File

@@ -1,26 +0,0 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }:
{
imports =
[ (modulesPath + "/installer/scan/not-detected.nix")
];
boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" "usbhid" "usb_storage" "sd_mod" "sdhci_pci" ];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-amd" ];
boot.extraModulePackages = [ ];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's
# still possible to use this option, but it's recommended to use it in conjunction
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
networking.useDHCP = lib.mkDefault true;
# networking.interfaces.enp3s0.useDHCP = lib.mkDefault true;
# networking.interfaces.wlp4s0.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
}

110
hosts/canopus/home.nix
View File

@@ -1,110 +0,0 @@
{
pkgs,
username,
...
}: {
imports = [
../../modules/home/desktop/awesome
../../modules/home/desktop/hyprland
../../modules/home/picom
../../modules/home/alacritty
../../modules/home/wezterm
../../modules/home/ghostty
../../modules/home/desktop/rofi
../../modules/home/barrier
../../modules/home/firefox
../../modules/home/brave
../../modules/home/vs-code
../../modules/home/mopidy
../../modules/home/thunderbird
../../modules/home/easyeffects
../../modules/home/discord
../../modules/home/kdeconnect
../../modules/home/obs-studio
];
home.pointerCursor = {
package = pkgs.bibata-cursors;
name = "Bibata-Modern-Ice";
};
qt.enable = true;
qt.platformTheme.name = "gtk";
qt.style.name = "adwaita-dark";
qt.style.package = pkgs.adwaita-qt;
gtk = {
enable = true;
theme = {
name = "Materia-dark";
package = pkgs.materia-theme;
};
iconTheme = {
package = pkgs.tela-icon-theme;
name = "Tela-black";
};
};
services.flameshot = {
enable = true;
package = pkgs.flameshot.override {enableWlrSupport = true;};
};
home.packages = with pkgs; [
telegram-desktop
anydesk
stable.rustdesk-flutter
rawtherapee
stable.beekeeper-studio
libreoffice-qt
spotify
stremio
galaxy-buds-client
copyq
vlc
tor-browser
distrobox
];
home.persistence."/persist/home/${username}" = {
directories = [
"Downloads"
"Music"
"Wallpapers"
"Documents"
"Videos"
"Projects"
"Stuff"
"go"
".mozilla"
".ssh"
".wakatime"
".rustup"
".cargo"
".config/BraveSoftware"
".config/copyq"
".config/discord"
".config/Vencord"
".config/vesktop"
".config/sops"
".config/obs-studio"
".config/rustdesk"
".config/spotify"
".local/share/nvim"
".local/share/zsh"
".local/share/zoxide"
".local/share/Smart\ Code\ ltd"
".local/share/GalaxyBudsClient"
".local/share/TelegramDesktop"
".local/state/lazygit"
".cache/spotify"
];
files = [
".wakatime.cfg"
".config/aichat/.env"
];
allowOther = true;
};
home.stateVersion = "24.11";
}

26
hosts/canopus/secrets.yaml
View File

@@ -1,26 +0,0 @@
hyperbolic_api_key: ENC[AES256_GCM,data:FjDSbdutLa9hnVGRR+k2MznVfDGAx1/rNfjY/vaBuvKoBRj7aHqGpQ1cvhfxjyLMqPLqLnmimEtZeykvgkIIjKGzw5PewE23+lrN3oQyoYJvK+b8PRStjSaxOfzOnuLXi+YVnsU939nStLwnmSYKDabNWgFcWYsHwtHDafuWyovM9sVwasTn,iv:bxseG6GLKBL/CJOS8SrhgiLEyvMGSNQIMJSYLk2MqEo=,tag:4wxmkUwlcu23d7pMHbvIoQ==,type:str]
gemini_api_key: ENC[AES256_GCM,data:HiseQDB9nJBynCvdqLx0NcJZHB71uEvBlA3l/Lw2EMHFUXSHqPoS,iv:4C5EGUdfwxhT6ExDYNcbc+MFE+rGvLRsZjbo9L/o/Eo=,tag:hvaODOzhFoywgsXZSQKeKA==,type:str]
sops:
age:
- recipient: age14vktfes95f33vuefwnmuvryas7az04u76dsgyhfvsx73czkvmp2q7njkl4
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBwUnhkNzR0TnNzL29xV3cv
R3lqYUtVWWlNOVFTZHhTMWJZL1ZJUDIxaG0wCnIvQnkxSWJxWTZYVEkvS1ZWSEhk
YmhuK2JtS3lmUjV6MW50SGZrTnpkeDAKLS0tIDkvbk5abnhkNlA0dmgwV0Z0L1BS
UUduZUV3OGcvaFdBOFFsc0xzVCtQcUUKrmZvR2onMD0snqPw8okxaK6Tz5sA/cmR
1ZczgwLslJA7kwGKYOslUGA7aGB4jyP+M74wBAVa71BqWatypp0RfA==
-----END AGE ENCRYPTED FILE-----
- recipient: age1udt3cssu7ahdrhsvckt8450rswrr6mknn36xpq74dkfp9lpajvnq84kdzj
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBEOE0xbDN0UmdVdE1DR1lo
dmNudDk2TjNQdHFGc0lJTSt0dVVRU3BPRlg0ClV1ZUdxRVNpSmhYQm80QjdhdFc5
SVI4bi93WDBDWHQvejJIV21Bc2NsMjgKLS0tIEduZ2hHSnI3UXlGU2ZFZkpTRDJo
K0tiZ0swMmpuVW02OHMrRThlOXBWUjQKYHyJZuvQABh+gJ+THQ5SakVEqsKkyBMb
k6KnjRATpdZlmm0GjbD4aasF/j/V2fuH327Z72jPWQuI1y5ZfbDhSg==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2025-08-08T13:20:36Z"
mac: ENC[AES256_GCM,data:WvY1VWONZarkRNjArqa2ASPLLRsUgOxA+QX2YPcUPvoAdpwuFS9Fs2kIaU61lOKQLKDwcR3XvtB2BhnwhUltF0OPSNY3651fc/HFQx3eIJaSAL8Qqa8OywCe897fcrNyvHROhi/h4HX6RI+NakTR1UVS8fR769IIkafE/Zbbn+8=,iv:wAg/ea6ScBK7kPYKjgfMMtACCxIh5agNIqv42iCwycg=,tag:tsWH1E+ulsLquT1TqtmN0A==,type:str]
unencrypted_suffix: _unencrypted
version: 3.10.2

63
hosts/capella/default.nix
View File

@@ -1,63 +0,0 @@
{
pkgs,
username,
outputs,
inputs,
email,
...
}: {
imports = [
../../modules/droid/sshd.nix
];
android-integration.am.enable = true;
android-integration.termux-open-url.enable = true;
android-integration.xdg-open.enable = true;
android-integration.termux-setup-storage.enable = true;
android-integration.termux-reload-settings.enable = true;
terminal.font = let
firacode = pkgs.nerd-fonts.fira-code;
fontPath = "share/fonts/truetype/NerdFonts/FiraCode/FiraCodeNerdFont-Regular.ttf";
in "${firacode}/${fontPath}";
time.timeZone = "Asia/Kolkata";
tux.services.openssh = {
enable = true;
ports = [8033];
authorizedKeys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIL+OzPUe2ECPC929DqpkM39tl/vdNAXfsRnmrGfR+X3D ${email}"
];
};
user = {
uid = 10479;
gid = 10479;
shell = "${pkgs.zsh}/bin/zsh";
};
environment.etcBackupExtension = ".backup";
environment.motd = '''';
environment.packages = with pkgs; [
nano
git
neovim
openssh
inputs.trok.packages."aarch64-linux".default
];
home-manager = {
config = ./home.nix;
backupFileExtension = "backup";
extraSpecialArgs = {inherit inputs outputs username email;};
useGlobalPkgs = true;
};
# Set up nix for flakes
nix.extraOptions = ''
experimental-features = nix-command flakes
'';
system.stateVersion = "24.05";
}

35
hosts/capella/home.nix
View File

@@ -1,35 +0,0 @@
{pkgs, ...}: {
imports = [
../../modules/home/git
../../modules/home/starship
../../modules/home/fastfetch
];
programs = {
bat.enable = true;
zoxide = {
enable = true;
options = ["--cmd cd"];
};
zsh = {
enable = true;
shellAliases = {
ls = "lsd";
};
syntaxHighlighting.enable = true;
autosuggestion.enable = true;
initContent = ''
fastfetch
'';
};
};
home.packages = with pkgs; [
neovim
busybox
lsd
fastfetch
];
home.stateVersion = "24.05";
}

58
hosts/common/default.nix
View File

@@ -1,58 +0,0 @@
{
username,
outputs,
inputs,
email,
...
}: {
imports = [
inputs.impermanence.nixosModules.impermanence
inputs.home-manager.nixosModules.home-manager
inputs.nix-index-database.nixosModules.nix-index
../../modules/base
../../modules/nixos/fail2ban.nix
../../modules/nixos/selfhosted/upstream-proxy.nix
../../modules/nixos/selfhosted/tfolio.nix
../../modules/nixos/selfhosted/cyber-tux.nix
../../modules/nixos/networking/ssh.nix
];
sops.secrets.tux-password = {
sopsFile = ./secrets.yaml;
neededForUsers = true;
};
time.timeZone = "Asia/Kolkata";
i18n = {
defaultLocale = "en_US.UTF-8";
extraLocaleSettings = {
LC_ADDRESS = "en_IN";
LC_IDENTIFICATION = "en_IN";
LC_MEASUREMENT = "en_IN";
LC_MONETARY = "en_IN";
LC_NAME = "en_IN";
LC_NUMERIC = "en_IN";
LC_PAPER = "en_IN";
LC_TELEPHONE = "en_IN";
LC_TIME = "en_IN";
};
};
security.sudo.wheelNeedsPassword = false;
programs = {
zsh.enable = true;
};
home-manager = {
backupFileExtension = "hm-backup";
useUserPackages = true;
extraSpecialArgs = {inherit inputs outputs username email;};
users.${username} = {
imports = [
./home.nix
];
};
};
}

45
hosts/common/home.nix
View File

@@ -1,45 +0,0 @@
{
outputs,
username,
inputs,
...
}: {
imports = [
inputs.impermanence.nixosModules.home-manager.impermanence
inputs.nix-index-database.homeModules.nix-index
../../modules/home/shell
../../modules/home/git
../../modules/home/starship
../../modules/home/fastfetch
../../modules/home/nvim
../../modules/home/tmux
../../modules/home/helix
../../modules/home/aria2
];
nixpkgs = {
overlays = [
outputs.overlays.additions
outputs.overlays.modifications
outputs.overlays.stable-packages
outputs.overlays.nur
outputs.overlays.nix-vscode-extensions
];
config = {
allowUnfree = true;
allowUnfreePredicate = _: true;
joypixels.acceptLicense = true;
};
};
home = {
username = "${username}";
homeDirectory = "/home/${username}";
};
programs.home-manager.enable = true;
systemd.user.startServices = "sd-switch";
}

79
hosts/common/secrets.yaml
View File

@@ -1,79 +0,0 @@
tux-password: ENC[AES256_GCM,data:ysw9mJef/l7WdXP9cCSM88GX019UMr8od80rSwZBftN8tWDGPe0/mdRmePXxaEY9yEXhvRON/4IaFIPVQ3VnbExcGrnbV5+u9A==,iv:P+BnLLJs7ePJvsBHgsaISvjy33KtLFQENS+YB2eroGI=,tag:D4dTQXzmBkeCkdFu2Ozlcg==,type:str]
sops:
age:
- recipient: age14vktfes95f33vuefwnmuvryas7az04u76dsgyhfvsx73czkvmp2q7njkl4
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSByVkUyUU8wbXNqY0JVb2RD
N3NiNXJ3Tzc0bjU2QnJrbDcxTDVQeUJUYVhFCnNud3lXWmh5azByaEk0dkIyT1dP
V0NKMzlpdTZaM2JpTyt4L1V1M2l1MGsKLS0tIDlzbjVHNUw4ci9mZ0tBaVhSNjJS
MFdDa3hHMTlmU05TN2UxY3dhdGVFdU0KQ+hjPwBpv8g3x/N+Yd4kwUtiIxXDcZRx
EFjLnDiOA5gkZqXCo05E1lXJN17wU59pYs1+1pfBYbGKc2oV+3oquw==
-----END AGE ENCRYPTED FILE-----
- recipient: age1f860dfewlx5jtt9ejr47gywx70p3dmyc8mat29gpr75psljwjv8q5xyxkq
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBqM1Z4MlNwY1VxdXF6RG1P
cWQ0S0hMOWh0aUUrdVF5VDVWZVNDYi82NERjCmZFSEdyNXNLMXBHeUp4NUNpZnp4
UEVWZEJhZC9YSzgzb1VVMDNsdUk2K00KLS0tIGpqaS92NmJzVXRRb09SSGhJYTlE
ZmpXd09Eam5EN1ExZFdYVXUxUEp5S0UKWZG87YOWIZR/eIFRjyZt4Jf8St+NEk/L
obwyOlDnRJ9wI30g9VXMoYTUdZcebY6t6tmRvIKL4pbadua2JXwamg==
-----END AGE ENCRYPTED FILE-----
- recipient: age1udt3cssu7ahdrhsvckt8450rswrr6mknn36xpq74dkfp9lpajvnq84kdzj
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBQelFwUGIzc1RuVFpGYzd6
cjZOM3FGUDlPVTVuRkxqalEwamhlVjNFdVVBCjBiWFN0RVArYWNoL2ZuYXhSN0Y0
eTFEWFdYUFJVWU53cmNURS9jNEJTSDgKLS0tIHd3SFlISGdVSTBJSmd3UUp0VVBE
MCt6ZnMzRDNEK3I3ZXFucjRXRDJ3Wm8KltIXRrGVkr3AOvQ44/nlsqmGW6s/hlHF
84elOBidwgb95RIhetUppD6jUJz2p0GHIsIvEc9AuZRbPkntmVjHkA==
-----END AGE ENCRYPTED FILE-----
- recipient: age1jg642q775gmnmxeu29gcf3lph8vem4xr8t84cxe809dpd0myrussh49h60
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAxQXR2QVJCSk92WGF1dGxK
K0o3V3dPTS9ZZHBDUEcrVWxKMzZpem5uL0VFCnB2c2hIcmxQTWdmTHhnVFhLQXhT
b3V4Y01JSUdYMThqNy8zVEI4QXc3SmcKLS0tIDBuekhnaWRGUVF4a0tseUQxZW55
L1VsWHljZ3VaMjNkbHhhYlVTU0dTL1UKXe4osbjCyMzBuJoD8bnhnAJSmaeOmtpr
Gee9MSubfgxXKN+GNOjMF0DBB3SDlJTXjF7LpqqkiSbg0Jy4W6b+mA==
-----END AGE ENCRYPTED FILE-----
- recipient: age1zsl5d4vj6gl3h96y5p53sq5y4vr4vtlwp727h7rp9a4xfkxm53lqrh6r50
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBmT3hudFJ5QTVLbHh1Zjg3
elA1VEw4TzdhNTJqSVk3MWdwUnhUZ0V3ZmgwCkdOKzJ4RlVuR1VJL0NhbTc0SnZY
MlFrbnhuN1UwYmE2ZlhpWnZVTWc4RncKLS0tIFdLT2k3dWdwQXJlSHQxWWJUd3Yx
UHJ1aDhWVXprMUcyVHQxTlJEV21MMjQKveI0EjbGWwsBlIzHUIvjrTM5G7ZtulM/
AuhqsH3qkDU4L3FdkVR5oG8yaCDbBxLDFhCDnXAGKrGCwOr1KB5hmQ==
-----END AGE ENCRYPTED FILE-----
- recipient: age1zujp5gxy7suv8ysnygv43cmzuvv36nxfg0ch7r3xg2emc6fz3vmqqujheq
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBkZlhyVVh6K2tvd2ZGODhY
ODRLbFFiYmlPM3F5L3VwNS9EVGtuSWQ1VHlvCk1GTWlRUk9WVURWOEdBVlVHb1Rw
c09EYlhFWFZHQmV3MUU5eU1ZYVE2MlEKLS0tIEFMV1FDTnBNMTEvTWREY3VFZjJ6
QVV5U3dvTDFBT2s4bTQ1SXQ4U2RaYnMKs8q7OeaK188bTvVmAia0oF5SnpMOPKTd
V31tngEgvmI7MxH9BrgjWneJye91Q/hCED0/aK0AuXIRapWgi1hGlA==
-----END AGE ENCRYPTED FILE-----
- recipient: age1ydkclhk9kwqdq74utesqdfupt43lz64d5k65gz2z9uyljcqq9fcq3hv28l
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBESVVPNGpGYnB0aFAzYnF3
aUhkZkI1a2dWd2txSm9aWnpOKzBPdzg0VGdzCkJkeDJlZDdSZUVGTHVwQ2M2UjBj
MjRnM2lNMWNVNFF1bTA0NGI3SGNPdFUKLS0tIGV6UkRQUWFYWjBrMzhhTmd4QlBV
RTkvRVBSeUFUVXpyVHhHTFpZNzR3NlkKOksXAReInUnFJPuFsfu08MRQoA5J0j/H
3cUt2jBIheWXBtg1Plz9UcXdjPaUEROadFcRveiGBaBEVz0LyBs8WA==
-----END AGE ENCRYPTED FILE-----
- recipient: age1y4luzn2jls7rvgphej23srvdlx563lxq29tvf66vhwwzaf7c3f3qzvresh
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA0UVY1a1JFRTBZalRDeFll
aHVNTnQ0MEtpN0pObnhaMlYwaXp2b2tKM2gwCmIrL2dzb0xGR0NCZzFIL0o2SS8w
YnE2OE9rZFFWakgrYkNVcFpjUXJpbXMKLS0tIE9rZEoxNjdJbG9adVAydk1DVnhK
WGhPaC96dk9qUzNxT1hadTZZSGZKQ28KiNhLhLaUSTVltWzyYHWLk6M8M3lxgvHj
rPgFNVEcpVKN9f2v4N+XJipDaVgnP1YwwIlT0XSRQNrGWcO2JL6nmg==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2025-07-09T22:50:12Z"
mac: ENC[AES256_GCM,data:xf2fW1ajcrAx/oPwYvZmNKNJ6yHF/v3aVt3bIyENyfmB90yPDhHiw9twj7MYy1hVJyKE1Iy+1bmEgERBwaum2sROvzpCzuKbB8avJfBfeqpwBPob2yRdoAKFN29xgiJVJjtw2zKFf8NzMnv9Y5sLxgnhq5VB7aCavZ9+o0603kI=,iv:8aS9jVOm4rZpU/JTi9uUKoEfvo44Zhy43e6/GsIM7CE=,tag:D9I31EQwI6bCAN3tU4jGJg==,type:str]
unencrypted_suffix: _unencrypted
version: 3.10.2

150
hosts/homelab/default.nix
View File

@@ -1,150 +0,0 @@
{
inputs,
username,
pkgs,
lib,
config,
...
}: {
imports = [
inputs.disko.nixosModules.default
(import ./disko.nix {device = "/dev/nvme0n1";})
./hardware.nix
../common
../../modules/nixos/desktop
../../modules/nixos/virtualisation/docker.nix
];
tux.services.openssh.enable = true;
sops.secrets = {
discord_token = {
sopsFile = ./secrets.yaml;
};
};
tux.services.cyber-tux = {
enable = true;
environmentFile = config.sops.secrets.discord_token.path;
};
networking = {
hostName = "homelab";
networkmanager = {
enable = true;
wifi.powersave = false;
};
firewall = {
enable = true;
allowedTCPPorts = [22];
# Facilitate firewall punching
allowedUDPPorts = [41641];
};
};
boot = {
consoleLogLevel = 0;
initrd.verbose = false;
kernelPackages = pkgs.linuxPackages_zen;
initrd.systemd = {
enable = lib.mkForce true;
services.wipe-my-fs = {
wantedBy = ["initrd.target"];
after = ["initrd-root-device.target"];
before = ["sysroot.mount"];
unitConfig.DefaultDependencies = "no";
serviceConfig.Type = "oneshot";
script = ''
mkdir /btrfs_tmp
mount /dev/disk/by-partlabel/disk-primary-root /btrfs_tmp
if [[ -e /btrfs_tmp/root ]]; then
mkdir -p /btrfs_tmp/old_roots
timestamp=$(date --date="@$(stat -c %Y /btrfs_tmp/root)" "+%Y-%m-%-d_%H:%M:%S")
mv /btrfs_tmp/root "/btrfs_tmp/old_roots/$timestamp"
fi
delete_subvolume_recursively() {
IFS=$'\n'
for i in $(btrfs subvolume list -o "$1" | cut -f 9- -d ' '); do
delete_subvolume_recursively "/btrfs_tmp/$i"
done
btrfs subvolume delete "$1"
}
for i in $(find /btrfs_tmp/old_roots/ -maxdepth 1 -mtime +30); do
delete_subvolume_recursively "$i"
done
btrfs subvolume create /btrfs_tmp/root
umount /btrfs_tmp
'';
};
};
loader = {
systemd-boot = {
enable = true;
configurationLimit = 5;
};
efi.canTouchEfiVariables = true;
timeout = 1;
};
};
hardware = {
graphics.enable32Bit = true;
};
security = {
rtkit.enable = true;
};
programs = {
nix-ld = {
enable = true;
package = pkgs.nix-ld-rs;
};
};
services = {
tailscale = {
enable = true;
extraUpFlags = ["--login-server https://hs.tux.rs"];
};
};
programs.fuse.userAllowOther = true;
fileSystems."/persist".neededForBoot = true;
environment.persistence."/persist" = {
hideMounts = true;
directories = [
"/var/log"
"/var/lib/tailscale"
"/var/lib/nixos"
"/etc/NetworkManager/system-connections"
];
files = [
"/etc/ssh/ssh_host_ed25519_key"
"/etc/ssh/ssh_host_ed25519_key.pub"
"/etc/ssh/ssh_host_rsa_key"
"/etc/ssh/ssh_host_rsa_key.pub"
];
};
home-manager.users.${username} = {
imports = [
./home.nix
];
};
environment.systemPackages = with pkgs; [go-wol];
system.stateVersion = "24.11";
}

48
hosts/homelab/disko.nix
View File

@@ -1,48 +0,0 @@
{device ? throw "Set this to the disk device, e.g. /dev/nvme0n1", ...}: {
disko.devices.disk.primary = {
inherit device;
type = "disk";
content = {
type = "gpt"; # GPT partitioning scheme
partitions = {
# EFI Partition
ESP = {
size = "512M";
type = "EF00";
content = {
type = "filesystem";
format = "vfat";
mountpoint = "/boot";
mountOptions = ["defaults" "umask=0077"];
};
};
# Btrfs Root Partition
root = {
size = "100%"; # Use remaining space
type = "8300"; # Linux filesystem type
content = {
type = "btrfs";
subvolumes = {
"/root" = {
mountOptions = ["compress=zstd"]; # Compression for better performance
mountpoint = "/"; # Root subvolume
};
"/persist" = {
mountOptions = ["compress=zstd"]; # Compression for persistent data
mountpoint = "/persist"; # Persistent subvolume
};
"/nix" = {
mountOptions = [
"compress=zstd"
"noatime"
"noacl"
]; # Optimize for Nix store
mountpoint = "/nix"; # Nix subvolume
};
};
};
};
};
};
};
}

26
hosts/homelab/hardware.nix
View File

@@ -1,26 +0,0 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }:
{
imports =
[ (modulesPath + "/installer/scan/not-detected.nix")
];
boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" "usbhid" "usb_storage" "sd_mod" "sdhci_pci" ];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-amd" ];
boot.extraModulePackages = [ ];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's
# still possible to use this option, but it's recommended to use it in conjunction
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
networking.useDHCP = lib.mkDefault true;
# networking.interfaces.enp3s0.useDHCP = lib.mkDefault true;
# networking.interfaces.wlp4s0.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
}

22
hosts/homelab/home.nix
View File

@@ -1,22 +0,0 @@
{username, ...}: {
home.persistence."/persist/home/${username}" = {
directories = [
"Projects"
"Stuff"
".ssh"
".wakatime"
".config/sops"
".config/go-wol"
".local/share/nvim"
".local/share/zsh"
".local/share/zoxide"
".local/state/lazygit"
];
files = [
".wakatime.cfg"
];
allowOther = true;
};
home.stateVersion = "24.11";
}

30
hosts/homelab/secrets.yaml
View File

@@ -1,30 +0,0 @@
discord_token: ENC[AES256_GCM,data:fZqz6LD3+Svtton5gNCXO5ddWAqW1IyxP3M2DAIXZEIYRHUfAq8h9LES2IHWepjl5qKimxB35zacE/TYK2fitngWtRGVoMDBzzU6VTKNulNV3yFWrPA=,iv:YOplYld+c9vHVC0Srfm89qrh4yUygDiW67X2TdwHKMc=,tag:Ioc2wNLX818fRQ/2PSO7Sw==,type:str]
sops:
kms: []
gcp_kms: []
azure_kv: []
hc_vault: []
age:
- recipient: age14vktfes95f33vuefwnmuvryas7az04u76dsgyhfvsx73czkvmp2q7njkl4
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB2YktFRE9KS0h0T0hDTlpF
ZEk0VzNTcVE0ampsWVRtSzJ3UHBXL2NlUUh3Cjk5ZnFKVENmTTJHQjgrVWlyOUE1
THUrTUFzdWhKejNUNXpsNVpvZVdJWm8KLS0tIDZ5bmYzSVBUVlVORHAzSGtCQmVo
a2JuSWVtMi9FMkova3BCd2F0U2VCRzQKonG/AkEn2X2l3vyr0UlJprGW2ZSwrczq
xHafyGiU/I1AO/HoB3BXyP8t/Sgn/dy42lspqZ3MoLLlmx7dQeTd+g==
-----END AGE ENCRYPTED FILE-----
- recipient: age1jg642q775gmnmxeu29gcf3lph8vem4xr8t84cxe809dpd0myrussh49h60
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBxWUowUlB2cWVOclpRMENn
TU5za0Y2UHZ5eFNZMEdQWm9xdTZFYkVwS2hNCnRBUU1ndFdiQ09sQjBDb1greC93
ejl2OVZTTEtIcWpxUk5RRngrbjRWREEKLS0tIDVrSHhxbmJFdWwyQS9xeWlFZitJ
Y1RHaFdXaE9DODJtSTFCSVZWb0xVeUEK4qeBKg3u+vhBIM1dQ7BaOWi/C7Q8hk60
vu9Zr075n0+kb5Ab+RH24ZmEoP5PJXjwEfbAnmRTjn0reYn1nfcNYA==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2025-02-15T12:45:59Z"
mac: ENC[AES256_GCM,data:NLGe7L/oiG62x4PmQ6FobnuisFmMxYoGhxfqQ4qZdy9emYL/+FnrtFsKTKqZ9IHjrNnCmbk7y+Cds/azC1xGVcaj50jEox87vtqIZ3z0XsD1mJjCAdHkBVzzpQGwHas/5y0Inyj+oKsvQrqVacqYHVA/ES+zMvou8nD+EWIH2LE=,iv:fBVOnwih+QFkYZ8IfMBpQiT1XwSZtzo3VYaBOL3I5o4=,tag:p+ePQsrmcLcnLr2fgWQXQg==,type:str]
pgp: []
unencrypted_suffix: _unencrypted
version: 3.9.4

92
hosts/isoImage/default.nix
View File

@@ -1,92 +0,0 @@
{
pkgs,
modulesPath,
inputs,
username,
lib,
...
}: {
imports = [
"${modulesPath}/installer/cd-dvd/installation-cd-minimal.nix"
inputs.home-manager.nixosModules.home-manager
../common
../../modules/nixos/desktop
../../modules/nixos/desktop/awesome
../../modules/nixos/desktop/hyprland
];
nixpkgs.hostPlatform = "x86_64-linux";
networking = {
hostName = "iso";
};
hardware = {
bluetooth.enable = true;
bluetooth.powerOnBoot = true;
};
security = {
rtkit.enable = true;
};
programs = {
ssh.startAgent = true;
thunar = {
enable = true;
plugins = with pkgs.xfce; [thunar-archive-plugin thunar-volman];
};
nm-applet.enable = true;
};
services = {
resolved.enable = true;
pipewire = {
enable = true;
alsa.enable = true;
alsa.support32Bit = true;
pulse.enable = true;
};
logind = {
extraConfig = "HandlePowerKey=suspend";
lidSwitch = "suspend";
lidSwitchExternalPower = "suspend";
};
xserver = {
enable = true;
xkb = {
layout = "in";
variant = "eng";
};
};
libinput.touchpad.naturalScrolling = true;
blueman.enable = true;
gvfs.enable = true;
tumbler.enable = true;
};
fonts.packages = with pkgs.nerd-fonts; [
fira-code
jetbrains-mono
];
home-manager.users.${username} = {
imports = [
./home.nix
];
};
users.users.${username} = {
hashedPasswordFile = lib.mkForce null;
initialPassword = username;
};
system.stateVersion = "23.11";
}

24
hosts/isoImage/home.nix
View File

@@ -1,24 +0,0 @@
{pkgs, ...}: {
imports = [
../../modules/home/desktop/awesome
../../modules/home/desktop/hyprland
../../modules/home/picom
../../modules/home/alacritty
../../modules/home/wezterm
../../modules/home/ghostty
../../modules/home/desktop/rofi
../../modules/home/barrier
../../modules/home/firefox
../../modules/home/brave
../../modules/home/vs-code
../../modules/home/mopidy
../../modules/home/thunderbird
];
home.pointerCursor = {
package = pkgs.bibata-cursors;
name = "Bibata-Modern-Ice";
};
home.stateVersion = "24.11";
}

63
hosts/rigel/default.nix
View File

@@ -1,63 +0,0 @@
{
pkgs,
username,
outputs,
inputs,
email,
...
}: {
imports = [
../../modules/droid/sshd.nix
];
android-integration.am.enable = true;
android-integration.termux-open-url.enable = true;
android-integration.xdg-open.enable = true;
android-integration.termux-setup-storage.enable = true;
android-integration.termux-reload-settings.enable = true;
terminal.font = let
firacode = pkgs.nerd-fonts.fira-code;
fontPath = "share/fonts/truetype/NerdFonts/FiraCode/FiraCodeNerdFont-Regular.ttf";
in "${firacode}/${fontPath}";
time.timeZone = "Asia/Kolkata";
tux.services.openssh = {
enable = true;
ports = [8033];
authorizedKeys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIL+OzPUe2ECPC929DqpkM39tl/vdNAXfsRnmrGfR+X3D ${email}"
];
};
user = {
uid = 10225;
gid = 10225;
shell = "${pkgs.zsh}/bin/zsh";
};
environment.etcBackupExtension = ".backup";
environment.motd = '''';
environment.packages = with pkgs; [
nano
git
neovim
openssh
inputs.trok.packages."aarch64-linux".default
];
home-manager = {
config = ./home.nix;
backupFileExtension = "backup";
extraSpecialArgs = {inherit inputs outputs username email;};
useGlobalPkgs = true;
};
# Set up nix for flakes
nix.extraOptions = ''
experimental-features = nix-command flakes
'';
system.stateVersion = "24.05";
}

35
hosts/rigel/home.nix
View File

@@ -1,35 +0,0 @@
{pkgs, ...}: {
imports = [
../../modules/home/git
../../modules/home/starship
../../modules/home/fastfetch
];
programs = {
bat.enable = true;
zoxide = {
enable = true;
options = ["--cmd cd"];
};
zsh = {
enable = true;
shellAliases = {
ls = "lsd";
};
syntaxHighlighting.enable = true;
autosuggestion.enable = true;
initContent = ''
fastfetch
'';
};
};
home.packages = with pkgs; [
neovim
busybox
lsd
fastfetch
];
home.stateVersion = "24.05";
}

56
hosts/sirius/default.nix
View File

@@ -1,56 +0,0 @@
{
pkgs,
inputs,
username,
config,
...
}: {
imports = [
inputs.nixos-wsl.nixosModules.wsl
../common
../../modules/nixos/virtualisation/docker.nix
];
tux.services.openssh.enable = true;
boot.binfmt.emulatedSystems = ["aarch64-linux"];
nixpkgs = {
config.cudaSupport = true;
hostPlatform = "x86_64-linux";
};
wsl = {
enable = true;
defaultUser = "${username}";
useWindowsDriver = true;
};
networking.hostName = "sirius";
programs = {
ssh.startAgent = true;
zsh.enable = true;
nix-ld = {
enable = true;
libraries = config.hardware.graphics.extraPackages;
package = pkgs.nix-ld-rs;
};
dconf.enable = true;
};
environment.persistence."/persist" = {
enable = false;
};
home-manager.users.${username} = {
imports = [
./home.nix
];
};
system.stateVersion = "23.11";
}

3
hosts/sirius/home.nix
View File

@@ -1,3 +0,0 @@
{...}: {
home.stateVersion = "23.11";
}

66
hosts/vega/default.nix
View File

@@ -1,66 +0,0 @@
{
pkgs,
username,
...
}: {
imports = [
./hardware.nix
../common
../../modules/nixos/selfhosted/adguard.nix
];
tux.services.openssh.enable = true;
boot.initrd.availableKernelModules = [
"usbhid"
"usb_storage"
"vc4"
"pcie_brcmstb" # required for the pcie bus to work
"reset-raspberrypi" # required for vl805 firmware to load
];
# Use the extlinux boot loader. (NixOS wants to enable GRUB by default)
boot.loader.grub.enable = false;
# Enables the generation of /boot/extlinux/extlinux.conf
boot.loader.generic-extlinux-compatible.enable = true;
hardware.enableRedistributableFirmware = true;
powerManagement.cpuFreqGovernor = "ondemand";
networking = {
hostName = "vega";
networkmanager = {
enable = true;
wifi.powersave = false;
};
firewall = {
enable = true;
allowedTCPPorts = [22];
# Facilitate firewall punching
allowedUDPPorts = [41641];
};
};
services = {
tailscale = {
enable = true;
extraUpFlags = ["--login-server https://hs.tux.rs"];
};
};
environment.systemPackages = with pkgs; [go-wol];
environment.persistence."/persist" = {
enable = false;
};
home-manager.users.${username} = {
imports = [
./home.nix
];
};
system.stateVersion = "24.11";
}

32
hosts/vega/hardware.nix
View File

@@ -1,32 +0,0 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }:
{
imports =
[ (modulesPath + "/installer/scan/not-detected.nix")
];
boot.initrd.availableKernelModules = [ ];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ ];
boot.extraModulePackages = [ ];
fileSystems."/" =
{ device = "/dev/disk/by-uuid/44444444-4444-4444-8888-888888888888";
fsType = "ext4";
};
swapDevices = [ ];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's
# still possible to use this option, but it's recommended to use it in conjunction
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
networking.useDHCP = lib.mkDefault true;
# networking.interfaces.enu1u1.useDHCP = lib.mkDefault true;
# networking.interfaces.wlan0.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "aarch64-linux";
}

3
hosts/vega/home.nix
View File

@@ -1,3 +0,0 @@
{...}: {
home.stateVersion = "24.11";
}

101
hosts/vps/default.nix
View File

@@ -1,101 +0,0 @@
{
modulesPath,
inputs,
username,
lib,
...
}: {
imports = [
(modulesPath + "/installer/scan/not-detected.nix")
(modulesPath + "/profiles/qemu-guest.nix")
inputs.disko.nixosModules.default
(import ./disko.nix {device = "/dev/sda";})
../common
];
tux.services.openssh.enable = true;
nixpkgs = {
hostPlatform = "x86_64-linux";
};
boot = {
initrd.systemd = {
enable = lib.mkForce true;
services.wipe-my-fs = {
wantedBy = ["initrd.target"];
after = ["initrd-root-device.target"];
before = ["sysroot.mount"];
unitConfig.DefaultDependencies = "no";
serviceConfig.Type = "oneshot";
script = ''
mkdir /btrfs_tmp
mount /dev/disk/by-partlabel/disk-primary-root /btrfs_tmp
if [[ -e /btrfs_tmp/root ]]; then
mkdir -p /btrfs_tmp/old_roots
timestamp=$(date --date="@$(stat -c %Y /btrfs_tmp/root)" "+%Y-%m-%-d_%H:%M:%S")
mv /btrfs_tmp/root "/btrfs_tmp/old_roots/$timestamp"
fi
delete_subvolume_recursively() {
IFS=$'\n'
for i in $(btrfs subvolume list -o "$1" | cut -f 9- -d ' '); do
delete_subvolume_recursively "/btrfs_tmp/$i"
done
btrfs subvolume delete "$1"
}
for i in $(find /btrfs_tmp/old_roots/ -maxdepth 1 -mtime +30); do
delete_subvolume_recursively "$i"
done
btrfs subvolume create /btrfs_tmp/root
umount /btrfs_tmp
'';
};
};
loader = {
grub = {
efiSupport = true;
efiInstallAsRemovable = true;
};
};
};
networking.hostName = "vps";
users = {
users.${username} = {
password = "${username}";
hashedPasswordFile = lib.mkForce null;
};
};
programs.fuse.userAllowOther = true;
fileSystems."/persist".neededForBoot = true;
environment.persistence."/persist" = {
hideMounts = true;
directories = [
"/var/log"
"/var/lib/nixos"
];
files = [
"/etc/ssh/ssh_host_ed25519_key"
"/etc/ssh/ssh_host_ed25519_key.pub"
"/etc/ssh/ssh_host_rsa_key"
"/etc/ssh/ssh_host_rsa_key.pub"
];
};
home-manager.users.${username} = {
imports = [
./home.nix
];
};
system.stateVersion = "24.11";
}

53
hosts/vps/disko.nix
View File

@@ -1,53 +0,0 @@
{device ? throw "Set this to the disk device, e.g. /dev/nvme0n1", ...}: {
disko.devices.disk.primary = {
inherit device;
type = "disk";
content = {
type = "gpt"; # GPT partitioning scheme
partitions = {
boot = {
name = "boot";
size = "1M";
type = "EF02";
};
# EFI Partition
ESP = {
size = "512M";
type = "EF00";
content = {
type = "filesystem";
format = "vfat";
mountpoint = "/boot";
mountOptions = ["defaults" "umask=0077"];
};
};
# Btrfs Root Partition
root = {
size = "100%"; # Use remaining space
type = "8300"; # Linux filesystem type
content = {
type = "btrfs";
subvolumes = {
"/root" = {
mountOptions = ["compress=zstd"]; # Compression for better performance
mountpoint = "/"; # Root subvolume
};
"/persist" = {
mountOptions = ["compress=zstd"]; # Compression for persistent data
mountpoint = "/persist"; # Persistent subvolume
};
"/nix" = {
mountOptions = [
"compress=zstd"
"noatime"
"noacl"
]; # Optimize for Nix store
mountpoint = "/nix"; # Nix subvolume
};
};
};
};
};
};
};
}

12
hosts/vps/home.nix
View File

@@ -1,12 +0,0 @@
{username, ...}: {
home.persistence."/persist/home/${username}" = {
directories = [
"Projects"
".ssh"
".local/share/zsh"
];
allowOther = true;
};
home.stateVersion = "24.11";
}

11
modules/base/default.nix
View File

@@ -1,11 +0,0 @@
{
imports = [
./nix.nix
./nixpkgs.nix
./nh.nix
./overlays.nix
./sops.nix
./substituters.nix
./user.nix
];
}

16
modules/base/nh.nix
View File

@@ -1,16 +0,0 @@
{
config,
username,
...
}: {
programs.nh = {
enable = true;
clean = {
enable = !config.nix.gc.automatic;
dates = "weekly";
};
flake = "/home/${username}/Projects/nixos-config";
};
}

27
modules/base/nix.nix
View File

@@ -1,27 +0,0 @@
{
pkgs,
username,
...
}: {
nix = {
package = pkgs.lix;
gc = {
automatic = true;
options = "--delete-older-than 3d";
};
channel.enable = false;
settings = {
extra-platforms = ["aarch64-linux" "arm-linux"];
auto-optimise-store = true;
allowed-users = ["${username}"];
trusted-users = ["${username}"];
experimental-features = "nix-command flakes";
keep-going = true;
warn-dirty = false;
http-connections = 50;
};
};
}

8
modules/base/nixpkgs.nix
View File

@@ -1,8 +0,0 @@
{
nixpkgs = {
config = {
allowUnfree = true;
joypixels.acceptLicense = true;
};
};
}

9
modules/base/overlays.nix
View File

@@ -1,9 +0,0 @@
{outputs, ...}: {
nixpkgs.overlays = [
outputs.overlays.additions
outputs.overlays.modifications
outputs.overlays.stable-packages
outputs.overlays.nur
outputs.overlays.nix-vscode-extensions
];
}

20
modules/base/sops.nix
View File

@@ -1,20 +0,0 @@
{
inputs,
config,
pkgs,
...
}: let
isEd25519 = k: k.type == "ed25519";
getKeyPath = k: k.path;
keys = builtins.filter isEd25519 config.services.openssh.hostKeys;
in {
imports = [inputs.sops-nix.nixosModules.sops];
sops.age = {
sshKeyPaths = map getKeyPath keys;
keyFile = "/var/lib/sops-nix/key.txt";
generateKey = true;
};
environment.systemPackages = with pkgs; [sops];
}

27
modules/base/substituters.nix
View File

@@ -1,27 +0,0 @@
{
nix.settings = {
substituters = [
"https://cache.nixos.org?priority=10"
"https://anyrun.cachix.org"
"https://fufexan.cachix.org"
"https://helix.cachix.org"
"https://hyprland.cachix.org"
"https://nix-community.cachix.org"
"https://nix-gaming.cachix.org"
"https://yazi.cachix.org"
"https://nix-on-droid.cachix.org"
];
trusted-substituters = ["https://nix-on-droid.cachix.org"];
trusted-public-keys = [
"cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY="
"anyrun.cachix.org-1:pqBobmOjI7nKlsUMV25u9QHa9btJK65/C8vnO3p346s="
"fufexan.cachix.org-1:LwCDjCJNJQf5XD2BV+yamQIMZfcKWR9ISIFy5curUsY="
"helix.cachix.org-1:ejp9KQpR1FBI2onstMQ34yogDm4OgU2ru6lIwPvuCVs="
"hyprland.cachix.org-1:a7pgxzMz7+chwVL3/pzj6jIBMioiJM7ypFP8PwtkuGc="
"nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
"nix-gaming.cachix.org-1:nbjlureqMbRAxR1gJ/f3hxemL9svXaZF/Ees8vCUUs4="
"yazi.cachix.org-1:Dcdz63NZKfvUCbDGngQDAZq6kOroIrFoyO064uvLh8k="
"nix-on-droid.cachix.org-1:56snoMJTXmDRC1Ei24CmKoUqvHJ9XCp+nidK7qkMQrU="
];
};
}

20
modules/base/user.nix
View File

@@ -1,20 +0,0 @@
{
config,
pkgs,
username,
email,
...
}: {
users = {
mutableUsers = false;
defaultUserShell = pkgs.zsh;
users.${username} = {
hashedPasswordFile = config.sops.secrets.tux-password.path;
isNormalUser = true;
extraGroups = ["networkmanager" "wheel" "storage"];
openssh.authorizedKeys.keys = [
''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIL+OzPUe2ECPC929DqpkM39tl/vdNAXfsRnmrGfR+X3D ${email}''
];
};
};
}

106
modules/droid/sshd.nix
View File

@@ -1,106 +0,0 @@
{
config,
lib,
pkgs,
...
}: let
# utility functions
concatLines = list: builtins.concatStringsSep "\n" list;
prefixLines = mapper: list: concatLines (map mapper list);
# could be put in the config
configPath = "ssh/sshd_config";
keysFolder = "/etc/ssh";
authorizedKeysFolder = "/etc/ssh/authorized_keys.d";
supportedKeysTypes = [
"rsa"
"ed25519"
];
sshd-start-bin = "sshd-start";
# real config
cfg = config.tux.services.openssh;
pathOfKeyOf = type: "${keysFolder}/ssh_host_${type}_key";
generateKeyOf = type: ''
${lib.getExe' pkgs.openssh "ssh-keygen"} \
-t "${type}" \
-f "${pathOfKeyOf type}" \
-N ""
'';
generateKeyWhenNeededOf = type: ''
if [ ! -f ${pathOfKeyOf type} ]; then
mkdir --parents ${keysFolder}
${generateKeyOf type}
fi
'';
sshd-start = pkgs.writeScriptBin sshd-start-bin ''
#!${pkgs.runtimeShell}
${prefixLines generateKeyWhenNeededOf supportedKeysTypes}
mkdir --parents "${authorizedKeysFolder}"
echo "${lib.concatStringsSep "\n" cfg.authorizedKeys}" > ${authorizedKeysFolder}/${config.user.userName}
echo "Starting sshd in non-daemonized way on port ${lib.concatMapStrings toString cfg.ports}"
${lib.getExe' pkgs.openssh "sshd"} \
-f "/etc/${configPath}" \
-D # don't detach into a daemon process
'';
in {
options = {
tux.services.openssh = {
enable = lib.mkEnableOption ''
Whether to enable the OpenSSH secure shell daemon, which
allows secure remote logins.
'';
ports = lib.mkOption {
type = lib.types.listOf lib.types.port;
default = [22];
description = ''
Specifies on which ports the SSH daemon listens.
'';
};
authorizedKeys = lib.mkOption {
type = lib.types.listOf lib.types.str;
default = [];
description = ''
Specify a list of public keys to be added to the authorized_keys file.
'';
};
};
};
config = lib.mkIf cfg.enable {
environment.etc = {
"${configPath}".text = ''
${prefixLines (port: "Port ${toString port}") cfg.ports}
AuthorizedKeysFile ${authorizedKeysFolder}/%u
LogLevel VERBOSE
'';
};
environment.packages = [
sshd-start
pkgs.openssh
];
build.activationAfter.sshd = ''
SERVER_PID=$(${lib.getExe' pkgs.procps "ps"} -a | ${lib.getExe' pkgs.toybox "grep"} sshd || true)
if [ -z "$SERVER_PID" ]; then
$DRY_RUN_CMD ${lib.getExe sshd-start}
fi
'';
};
}

69
modules/home/alacritty/default.nix
View File

@@ -1,69 +0,0 @@
{...}: {
programs.alacritty = {
enable = true;
settings = {
font = {
normal.family = "JetBrainsMono Nerd Font";
bold.family = "JetBrainsMono Nerd Font";
italic.family = "JetBrainsMono Nerd Font";
bold_italic.family = "JetBrainsMono Nerd Font";
size = 16;
};
window = {
padding = {
x = 15;
y = 15;
};
decorations = "none";
opacity = 1.0;
dynamic_title = true;
};
selection.save_to_clipboard = false;
general.live_config_reload = true;
colors = {
primary = {
background = "#0d0f18";
foreground = "#a5b6cf";
};
normal = {
black = "#1c1e27";
blue = "#8baff1";
cyan = "#98d3ee";
green = "#95d3af";
magenta = "#c79bf0";
red = "#e26c7c";
white = "#d0d3d8";
yellow = "#f1d8a5";
};
bright = {
black = "#151720";
blue = "#86aaec";
cyan = "#93cee9";
green = "#90ceaa";
magenta = "#c296eb";
red = "#dd6777";
white = "#cbced3";
yellow = "#ecd3a0";
};
cursor = {
cursor = "#a5b6cf";
text = "CellForeground";
};
selection = {
text = "CellForeground";
background = "0x303340";
};
vi_mode_cursor = {
text = "CellBackground";
cursor = "CellForeground";
};
};
};
};
}

44
modules/home/aria2/default.nix
View File

@@ -1,44 +0,0 @@
{...}: {
programs.aria2 = {
enable = true;
settings = {
file-allocation = "none";
log-level = "warn";
max-connection-per-server = 16;
min-split-size = "1M";
human-readable = true;
reuse-uri = true;
rpc-save-upload-metadata = true;
max-file-not-found = 0;
remote-time = true;
async-dns = true;
stop = 0;
allow-piece-length-change = true;
optimize-concurrent-downloads = true;
deferred-input = true;
continue = true;
check-integrity = true;
realtime-chunk-checksum = true;
piece-length = "1M";
split = 16;
# Seconds:
save-session-interval = 60;
# Caches in memory
disk-cache = "32M";
save-not-found = true;
download-result = "full";
truncate-console-readout = true;
retry-wait = 30;
max-tries = 15;
enable-color = true;
enable-http-keep-alive = true;
enable-http-pipelining = true;
http-accept-gzip = true;
follow-torrent = true;
bt-save-metadata = true;
seed-time = 0;
bt-load-saved-metadata = true;
metalink-preferred-protocol = "https";
};
};
}

7
modules/home/barrier/default.nix
View File

@@ -1,7 +0,0 @@
{pkgs, ...}: {
# services.barrier.client.enable = true;
home.packages = with pkgs; [
barrier
];
}

17
modules/home/bitwarden/default.nix
View File

@@ -1,17 +0,0 @@
{
pkgs,
email,
...
}: {
programs.rbw = {
enable = true;
settings = {
base_url = "https://bw.tux.rs";
email = "${email}";
};
};
home.packages = with pkgs; [
bitwarden
];
}

16
modules/home/brave/default.nix
View File

@@ -1,16 +0,0 @@
{pkgs, ...}: {
programs.chromium = {
enable = true;
package = pkgs.brave;
extensions = [
{id = "nkbihfbeogaeaoehlefnkodbefgpgknn";} # Metamask
{id = "gppongmhjkpfnbhagpmjfkannfbllamg";} # Wappalyzer
{id = "nngceckbapebfimnlniiiahkandclblb";} # Bitwarden
{id = "bfnaelmomeimhlpmgjnjophhpkkoljpa";} # Phantom
{id = "eimadpbcbfnmbkopoojfekhnkhdbieeh";} # DarkReader
];
commandLineArgs = [
"--disable-features=WebRtcAllowInputVolumeAdjustment"
];
};
}

8
modules/home/desktop/awesome/default.nix
View File

@@ -1,8 +0,0 @@
{pkgs, ...}: {
home.file = {
".config/awesome" = {
recursive = true;
source = "${pkgs.tawm}";
};
};
}

271
modules/home/desktop/hyprland/default.nix
View File

@@ -1,271 +0,0 @@
{pkgs, ...}: {
home.packages = with pkgs; [astal];
wayland.windowManager.hyprland = {
enable = true;
package = null;
portalPackage = null;
xwayland.enable = true;
systemd.variables = ["--all"];
plugins = with pkgs.hyprland-plugins; [
hyprexpo
];
settings = let
# Hyprland
border_size = 0;
gaps_in = 5;
gaps_out = 10;
gaps_ws = -10;
rounding = 8;
active_border_col = "rgba(90ceaaff) rgba(ecd3a0ff) 45deg";
inactive_border_col = "rgba(86aaeccc) rgba(93cee9cc) 45deg";
# Apps
terminal = "wezterm";
floating_terminal = "wezterm start --class wezterm-floating";
editor = "wezterm -e nvim";
browser = "firefox";
filemanager = "thunar";
in {
#-- Output
# See https://wiki.hyprland.org/Configuring/Monitors
monitor = ",preferred,auto,1";
#-- Input: Keyboard, Mouse, Touchpad
input = {
sensitivity = 0;
scroll_method = "2 fg";
natural_scroll = true;
touchpad = {
natural_scroll = true;
clickfinger_behavior = false;
};
};
#-- General
# See https://wiki.hyprland.org/Configuring/Variables
general = {
border_size = border_size;
gaps_in = gaps_in;
gaps_out = gaps_out;
gaps_workspaces = gaps_ws;
layout = "master";
resize_on_border = true;
"col.active_border" = active_border_col;
"col.inactive_border" = inactive_border_col;
};
ecosystem = {
no_update_news = true;
no_donation_nag = true;
};
#-- Decoration
# See https://wiki.hyprland.org/Configuring/Variables/#decoration
decoration = {
rounding = rounding;
active_opacity = 0.95;
inactive_opacity = 0.95;
fullscreen_opacity = 1.0;
blur = {
enabled = true;
size = 6;
passes = 3;
new_optimizations = true;
xray = true;
special = true;
brightness = 1;
noise = 0.01;
contrast = 1;
popups = true;
popups_ignorealpha = 0.6;
};
shadow = {
enabled = false;
};
};
#-- Animations
# See https://wiki.hyprland.org/Configuring/Animations
animations = {
enabled = true;
bezier = [
"linear, 0, 0, 1, 1"
"md3_standard, 0.2, 0, 0, 1"
"md3_decel, 0.05, 0.7, 0.1, 1"
"md3_accel, 0.3, 0, 0.8, 0.15"
"overshot, 0.05, 0.9, 0.1, 1.1"
"crazyshot, 0.1, 1.5, 0.76, 0.92"
"hyprnostretch, 0.05, 0.9, 0.1, 1.0"
"menu_decel, 0.1, 1, 0, 1"
"menu_accel, 0.38, 0.04, 1, 0.07"
"easeInOutCirc, 0.85, 0, 0.15, 1"
"easeOutCirc, 0, 0.55, 0.45, 1"
"easeOutExpo, 0.16, 1, 0.3, 1"
"softAcDecel, 0.26, 0.26, 0.15, 1"
"md2, 0.4, 0, 0.2, 1" # use with .2s duration
];
animation = [
"windows, 1, 3, md3_decel, popin 60%"
"windowsIn, 1, 3, md3_decel, popin 60%"
"windowsOut, 1, 3, md3_accel, popin 60%"
"border, 1, 10, default"
"fade, 1, 3, md3_decel"
"layersIn, 1, 3, menu_decel, slide"
"layersOut, 1, 1.6, menu_accel"
"fadeLayersIn, 1, 3, menu_decel"
"fadeLayersOut, 1, 1.6, menu_accel"
"workspaces, 1, 7, menu_decel, slide"
"specialWorkspace, 1, 3, md3_decel, slidevert"
];
};
#-- Layout : Master
# See https://wiki.hyprland.org/Configuring/Master-Layout
master = {
allow_small_split = false;
special_scale_factor = 0.8;
mfact = 0.5;
new_on_top = false;
orientation = "left";
inherit_fullscreen = true;
smart_resizing = true;
drop_at_cursor = true;
};
#-- Window Rules
# See https://wiki.hyprland.org/Configuring/Window-Rules
windowrulev2 = [
"float, class:com.github.hluk.copyq"
"size 800 600, class:com.github.hluk.copyq"
"float, class:org.pulseaudio.pavucontrol"
"size 800 600, class:org.pulseaudio.pavucontrol"
"float, class:com.ghostty.floating"
"size 900 700, class:com.ghostty.floating"
"float, class:GalaxyBudsClient"
"size 900 700, class:GalaxyBudsClient"
"workspace 3 silent, class:(firefox|Brave-browser)"
"workspace 5 silent, class:(discord|Spotify|org.telegram.desktop)"
];
plugin = {
hyprexpo = {
columns = 3;
gap_size = 5;
bg_col = "rgb(111111)";
workspace_method = "center current";
enable_gesture = true;
gesture_fingers = 3;
gesture_distance = 300;
gesture_positive = true;
};
};
bind = [
# apps
"SUPER, Return, exec, ${terminal}"
"SUPER, A, exec, astal -t app-launcher"
"SUPER, F, exec, ${filemanager}"
"SUPER, E, exec, ${editor}"
"SUPER, B, exec, ${browser}"
"SUPER, G, exec, GalaxyBudsClient"
"SUPER, D, exec, discord"
"SUPER, S, exec, spotify"
"SUPER, V, exec, copyq show"
"SUPER_SHIFT, Return, exec, ${floating_terminal}"
"SUPER_SHIFT, S, exec, flameshot gui"
# astal
"SUPER_SHIFT, R, exec, astal -q; ${pkgs.tpanel}/bin/tpanel"
"SUPER_SHIFT, B, exec, astal toggle-bar"
# hyprland
"SUPER, Q, killactive"
"SUPER, grave, hyprexpo:expo, toggle"
"SUPER_SHIFT, Q, forcekillactive"
"SUPER_SHIFT, F, fullscreen, 0"
"SUPER_SHIFT, Space, togglefloating"
# shutdown
"SUPER_SHIFT, P, exec, poweroff"
# change focus
"SUPER, left, movefocus, l"
"SUPER, right, movefocus, r"
"SUPER, up, movefocus, u"
"SUPER, down, movefocus, d"
# move active
"SUPER_SHIFT, left, movewindow, l"
"SUPER_SHIFT, right, movewindow, r"
"SUPER_SHIFT, up, movewindow, u"
"SUPER_SHIFT, down, movewindow, d"
# workspaces
"SUPER, 1, workspace, 1"
"SUPER, 2, workspace, 2"
"SUPER, 3, workspace, 3"
"SUPER, 4, workspace, 4"
"SUPER, 5, workspace, 5"
# send to workspaces
"SUPER_SHIFT, 1, movetoworkspacesilent, 1"
"SUPER_SHIFT, 2, movetoworkspacesilent, 2"
"SUPER_SHIFT, 3, movetoworkspacesilent, 3"
"SUPER_SHIFT, 4, movetoworkspacesilent, 4"
"SUPER_SHIFT, 5, movetoworkspacesilent, 5"
];
binde = [
# resize active
"SUPER_CTRL, left, resizeactive, -20 0"
"SUPER_CTRL, right, resizeactive, 20 0"
"SUPER_CTRL, up, resizeactive, 0 -20"
"SUPER_CTRL, down, resizeactive, 0 20"
# move active (Floating Only)
"SUPER_ALT, left, moveactive, -20 0"
"SUPER_ALT, right, moveactive, 20 0"
"SUPER_ALT, up, moveactive, 0 -20"
"SUPER_ALT, down, moveactive, 0 20"
# speaker and mic volume control
" , XF86AudioRaiseVolume, exec, wpctl set-volume -l 1 @DEFAULT_AUDIO_SINK@ 10%+"
" , XF86AudioLowerVolume, exec, wpctl set-volume -l 1 @DEFAULT_AUDIO_SINK@ 10%-"
" , XF86AudioMute, exec, wpctl set-mute @DEFAULT_AUDIO_SINK@ toggle"
" , XF86AudioMicMute, exec, wpctl set-mute @DEFAULT_AUDIO_SOURCE@ toggle"
# display and keyboard brightness control
" , XF86MonBrightnessUp, exec, brightnessctl s +20%"
" , XF86MonBrightnessDown, exec, brightnessctl s 20%-"
" , XF86KbdBrightnessUp, exec, asusctl -n"
" , XF86KbdBrightnessDown, exec, asusctl -p"
# performance
" , XF86Launch4, exec, asusctl profile -n"
];
"exec-once" = [
# load hyprland plugins
"hyprctl plugin load '$HYPR_PLUGIN_DIR/lib/libhyprexpo.so'"
"${pkgs.swaybg}/bin/swaybg -i ~/Wallpapers/city.png"
"${pkgs.tpanel}/bin/tpanel"
"copyq"
];
};
};
}

317
modules/home/desktop/rofi/default.nix
View File

@@ -1,317 +0,0 @@
{config, ...}: {
programs.rofi = {
enable = true;
extraConfig = {
terminal = "alacritty";
modes = "combi,keys";
display-window = "window";
display-drun = "run";
display-windowcd = "windowcd";
display-run = "run";
display-ssh = "ssh";
display-combi = "combi";
display-keys = "keys";
display-filebrowser = "filebrowser";
combi-modes = "window,drun";
combi-hide-mode-prefix = false;
combi-display-format = "<i>{mode}</i> {text}";
window-format = "<span fgalpha='65%'>[{w=-1}] </span><b>{c=-1}</b> <span weight='light' fgalpha='65%' size='small'>{t=-1}</span>";
window-thumbnail = false;
drun-url-launcher = "xdg-open";
drun-match-fields = "name,generic,exec,categories,keywords";
drun-display-format = "<b>{name}</b>[ <span weight='light' size='small'><i>({generic})</i></span>][ <span weight='light' fgalpha='65%' size='small'>{exec}</span>]";
drun-show-actions = true;
run-command = "{cmd}";
run-list-command = "";
run-shell-command = "{terminal} -e {cmd}";
matching = "normal";
font = "JetBrains Mono 11";
show-icons = true;
scroll-method = 0;
cycle = false;
fixed-num-lines = false;
};
theme = let
inherit (config.lib.formats.rasi) mkLiteral;
in {
"*" = {
font = "JetBrains Mono 11";
black = mkLiteral "#1d1f21";
white = mkLiteral "#c5c8c6";
red = mkLiteral "#cc6666";
orange = mkLiteral "#de935f";
yellow = mkLiteral "#f0c674";
green = mkLiteral "#7cb36b";
cyan = mkLiteral "#78bab9";
blue = mkLiteral "#81a2be";
magenta = mkLiteral "#b294bb";
black-bright = mkLiteral "#3c4044";
white-bright = mkLiteral "#eaeaea";
red-bright = mkLiteral "#d54e53";
orange-bright = mkLiteral "#e78c45";
yellow-bright = mkLiteral "#e7c547";
green-bright = mkLiteral "#71c464";
cyan-bright = mkLiteral "#6acdcc";
blue-bright = mkLiteral "#7aa6da";
magenta-bright = mkLiteral "#c397d8";
black-66 = mkLiteral "#131415";
white-66 = mkLiteral "#828382";
red-66 = mkLiteral "#864343";
orange-66 = mkLiteral "#92613e";
yellow-66 = mkLiteral "#9e824c";
green-66 = mkLiteral "#517646";
cyan-66 = mkLiteral "#4f7a7a";
blue-66 = mkLiteral "#556a7d";
magenta-66 = mkLiteral "#75617b";
black-33 = mkLiteral "#090a0a";
white-33 = mkLiteral "#414141";
red-33 = mkLiteral "#432121";
orange-33 = mkLiteral "#49301f";
yellow-33 = mkLiteral "#4f4126";
green-33 = mkLiteral "#283b23";
cyan-33 = mkLiteral "#273d3d";
blue-33 = mkLiteral "#2a353e";
magenta-33 = mkLiteral "#3a303d";
common-background = mkLiteral "@black";
common-background-bright = mkLiteral "@black-bright";
common-background-66 = " @black-66";
common-foreground = mkLiteral "@white";
common-foreground-bright = mkLiteral "@white-bright";
common-foreground-66 = mkLiteral "@white-66";
common-primary = mkLiteral "@yellow";
common-primary-bright = mkLiteral "@yellow-bright";
common-primary-66 = mkLiteral "@yellow-66";
common-primary-33 = mkLiteral "@yellow-33";
common-secondary = mkLiteral "@blue";
common-secondary-bright = mkLiteral "@blue-bright";
common-secondary-66 = mkLiteral "@blue-66";
common-secondary-33 = mkLiteral "@blue-33";
common-urgent = mkLiteral "@red";
common-urgent-bright = mkLiteral "@red-bright";
common-urgent-66 = mkLiteral "@red-66";
common-urgent-33 = mkLiteral "@red-33";
background-color = mkLiteral "transparent";
normal-normal-background = mkLiteral "transparent";
normal-normal-foreground = mkLiteral "@common-foreground";
normal-normal-border-color = mkLiteral "transparent";
normal-active-background = mkLiteral "transparent";
normal-active-foreground = mkLiteral "@common-secondary-bright";
normal-active-border-color = mkLiteral "transparent";
normal-urgent-background = mkLiteral "transparent";
normal-urgent-foreground = mkLiteral "@common-urgent-bright";
normal-urgent-border-color = mkLiteral "transparent";
selected-normal-background = mkLiteral "@common-primary-33";
selected-normal-foreground = mkLiteral "@common-primary-bright";
selected-normal-border-color = mkLiteral "@common-primary-66";
selected-active-background = mkLiteral "@common-secondary-33";
selected-active-foreground = mkLiteral "@common-secondary-bright";
selected-active-border-color = mkLiteral "@common-secondary-66";
selected-urgent-background = mkLiteral "@common-urgent-33";
selected-urgent-foreground = mkLiteral "@common-urgent-bright";
selected-urgent-border-color = mkLiteral "@common-urgent-66";
alternate-normal-background = mkLiteral "@normal-normal-background";
alternate-normal-foreground = mkLiteral "@normal-normal-foreground";
alternate-normal-border-color = mkLiteral "@normal-normal-border-color";
alternate-active-background = mkLiteral "@normal-active-background";
alternate-active-foreground = mkLiteral "@normal-active-foreground";
alternate-active-border-color = mkLiteral "@normal-active-border-color";
alternate-urgent-background = mkLiteral "@normal-urgent-background";
alternate-urgent-foreground = mkLiteral "@normal-urgent-foreground";
alternate-urgent-border-color = mkLiteral "@normal-urgent-border-color";
};
"window" = {
background-color = mkLiteral "#1d1f21e6"; #// @black + 0.85 alpha
border = 3;
border-color = mkLiteral "@black-bright";
border-radius = 16;
width = 1024;
height = 460;
};
"mainbox" = {
padding = 16;
spacing = 16;
};
"inputbar" = {
background-color = mkLiteral "#333537"; #// @black-110
border = 1;
border-color = mkLiteral "#606263"; #// @black-130
border-radius = 8;
padding = mkLiteral "12 16";
spacing = 0;
text-color = mkLiteral "@common-foreground";
children = mkLiteral "[ entry, case-indicator, num-filtered-rows, textbox-num-sep, num-rows ]";
};
"prompt" = {
background-color = mkLiteral "transparent";
text-color = mkLiteral "@common-foreground-bright";
spacing = 0;
text-transform = mkLiteral "bold";
};
"textbox-prompt-colon" = {
background-color = mkLiteral "transparent";
text-color = mkLiteral "inherit";
margin = mkLiteral "0 0.3em 0 0";
expand = false;
str = "=";
};
"entry" = {
background-color = mkLiteral "transparent";
text-color = mkLiteral "@common-foreground-bright";
cursor = "text";
placeholder-color = mkLiteral "@common-foreground-66";
placeholder = "Type to filter";
};
"case-indicator" = {
background-color = mkLiteral "transparent";
text-color = mkLiteral "inherit";
};
"num-filtered-rows" = {
background-color = mkLiteral "transparent";
text-color = mkLiteral "inherit";
expand = false;
};
"textbox-num-sep" = {
background-color = mkLiteral "transparent";
text-color = mkLiteral "inherit";
expand = false;
str = "/";
};
"num-rows" = {
background-color = mkLiteral "transparent";
text-color = mkLiteral "inherit";
expand = false;
};
"message" = {
background-color = mkLiteral "@cyan-33";
border = 1;
border-color = mkLiteral "@cyan-66";
border-radius = 8;
padding = 16;
};
"textbox" = {
background-color = mkLiteral "transparent";
text-color = mkLiteral "@cyan-bright";
};
"listview" = {
dynamic = true;
scrollbar = true;
spacing = 0;
};
"scrollbar" = {
background-color = mkLiteral "transparent";
padding = 0;
margin = mkLiteral "0 0 0 4";
handle-width = 8;
border = 0;
handle-color = mkLiteral "#626463"; #// @white-50
};
"element" = {
border = 1;
border-radius = 8;
padding = mkLiteral "6 12";
margin = mkLiteral "1 0";
spacing = 12;
children = mkLiteral "[ element-icon, element-text ]";
};
"element-icon" = {
background-color = mkLiteral "transparent";
text-color = mkLiteral "inherit";
size = mkLiteral "1.0em";
cursor = mkLiteral "inherit";
};
"element-text" = {
background-color = mkLiteral "transparent";
text-color = mkLiteral "inherit";
highlight = mkLiteral "inherit";
cursor = mkLiteral "inherit";
};
"element normal.normal" = {
background-color = mkLiteral "@normal-normal-background";
text-color = mkLiteral "@normal-normal-foreground";
border-color = mkLiteral "@normal-normal-border-color";
};
"element normal.urgent" = {
background-color = mkLiteral "@normal-urgent-background";
text-color = mkLiteral "@normal-urgent-foreground";
border-color = mkLiteral "@normal-urgent-border-color";
};
"element normal.active" = {
background-color = mkLiteral "@normal-active-background";
text-color = mkLiteral "@normal-active-foreground";
border-color = mkLiteral "@normal-active-border-color";
};
"element selected.normal" = {
background-color = mkLiteral "@selected-normal-background";
text-color = mkLiteral "@selected-normal-foreground";
border-color = mkLiteral "@selected-normal-border-color";
};
"element selected.urgent" = {
background-color = mkLiteral "@selected-urgent-background";
text-color = mkLiteral "@selected-urgent-foreground";
border-color = mkLiteral "@selected-urgent-border-color";
};
"element selected.active" = {
background-color = mkLiteral "@selected-active-background";
text-color = mkLiteral "@selected-active-foreground";
border-color = mkLiteral "@selected-active-border-color";
};
"element alternate.normal" = {
background-color = mkLiteral "@alternate-normal-background";
text-color = mkLiteral "@alternate-normal-foreground";
border-color = mkLiteral "@alternate-normal-border-color";
};
"element alternate.urgent" = {
background-color = mkLiteral "@alternate-urgent-background";
text-color = mkLiteral "@alternate-urgent-foreground";
border-color = mkLiteral "@alternate-urgent-border-color";
};
"element alternate.active" = {
background-color = mkLiteral "@alternate-active-background";
text-color = mkLiteral "@alternate-active-foreground";
border-color = mkLiteral "@alternate-active-border-color";
};
};
};
}

338
modules/home/desktop/waybar/default.nix
View File

@@ -1,338 +0,0 @@
{...}: {
programs = {
waybar = {
enable = true;
settings = {
mainBar = {
position = "top";
layer = "top";
height = 35;
margin-top = 0;
margin-bottom = 0;
margin-left = 0;
margin-right = 0;
exclusive = true;
passthrough = false;
modules-left = [
"custom/l_end"
"cpu"
"memory"
"custom/r_end"
];
modules-center = [
"custom/l_end"
"hyprland/workspaces"
"custom/r_end"
];
modules-right = [
"custom/l_end"
"network"
"bluetooth"
"battery"
"tray"
"custom/r_end"
];
"hyprland/workspaces" = {
"disable-scroll" = true;
"all-outputs" = true;
"active-only" = false;
"on-click" = "activate";
"persistent-workspaces" = {
"1" = [];
"2" = [];
"3" = [];
"4" = [];
};
};
"network" = {
"tooltip" = true;
"format-wifi" = " <span foreground='#99ffdd'> {bandwidthDownBytes}</span> <span foreground='#ffcc66'> {bandwidthUpBytes}</span>";
"format-ethernet" = "󰈀 <span foreground='#99ffdd'> {bandwidthDownBytes}</span> <span foreground='#ffcc66'> {bandwidthUpBytes}</span>";
"tooltip-format" = "Network= <big><b>{essid}</b></big>\nSignal strength= <b>{signaldBm}dBm ({signalStrength}%)</b>\nFrequency= <b>{frequency}MHz</b>\nInterface= <b>{ifname}</b>\nIP= <b>{ipaddr}/{cidr}</b>\nGateway= <b>{gwaddr}</b>\nNetmask= <b>{netmask}</b>";
"format-linked" = "󰈀 {ifname} (No IP)";
"format-disconnected" = "󰖪 ";
"tooltip-format-disconnected" = "Disconnected";
"interval" = 2;
};
"battery" = {
"states" = {
"good" = 95;
"warning" = 30;
"critical" = 20;
};
"format" = "{icon} {capacity}%";
"format-charging" = " {capacity}%";
"format-plugged" = " {capacity}%";
"format-alt" = "{time} {icon}";
"format-icons" = ["󰂎" "󰁺" "󰁻" "󰁼" "󰁽" "󰁾" "󰁿" "󰂀" "󰂁" "󰂂" "󰁹"];
};
"bluetooth" = {
"format" = "";
"format-disabled" = "";
"format-connected" = " {num_connections}";
"format-connected-battery" = "{icon} {num_connections}";
# "format-connected-battery"= "{icon} {device_alias}-{device_battery_percentage}%";
"format-icons" = ["󰥇" "󰤾" "󰤿" "󰥀" "󰥁" "󰥂" "󰥃" "󰥄" "󰥅" "󰥆" "󰥈"];
# "format-device-preference"= [ "device1"; "device2" ]; // preference list deciding the displayed device If this config option is not defined or none of the devices in the list are connected; it will fall back to showing the last connected device.
"tooltip-format" = "{controller_alias}\n{num_connections} connected";
"tooltip-format-connected" = "{controller_alias}\n{num_connections} connected\n\n{device_enumerate}";
"tooltip-format-enumerate-connected" = "{device_alias}";
"tooltip-format-enumerate-connected-battery" = "{device_alias}\t{icon} {device_battery_percentage}%";
};
"memory" = {
"states" = {
"c" = 90; # critical
"h" = 60; # high
"m" = 30; # medium
};
"interval" = 30;
"format" = "󰾆 {used}GB";
"format-m" = "󰾅 {used}GB";
"format-h" = "󰓅 {used}GB";
"format-c" = " {used}GB";
"format-alt" = "󰾆 {percentage}%";
"max-length" = 10;
"tooltip" = true;
"tooltip-format" = "󰾆 {percentage}%\n {used=0.1f}GB/{total=0.1f}GB";
};
"cpu" = {
"interval" = 10;
"format" = "󰍛 {usage}%";
"format-alt" = "{icon0}{icon1}{icon2}{icon3}";
"format-icons" = ["" "" "" "" "" "" "" ""];
};
"tray" = {
"icon-size" = 14;
"spacing" = 5;
};
"custom/l_end" = {
"format" = " ";
"interval" = "once";
"tooltip" = false;
};
"custom/r_end" = {
"format" = " ";
"interval" = "once";
"tooltip" = false;
};
"custom/sl_end" = {
"format" = " ";
"interval" = "once";
"tooltip" = false;
};
"custom/sr_end" = {
"format" = " ";
"interval" = "once";
"tooltip" = false;
};
"custom/rl_end" = {
"format" = " ";
"interval" = "once";
"tooltip" = false;
};
"custom/rr_end" = {
"format" = " ";
"interval" = "once";
"tooltip" = false;
};
"custom/padd" = {
"format" = " ";
"interval" = "once";
"tooltip" = false;
};
};
};
style = let
bar_bg = "rgba(23, 28, 34, 0.95)";
main_bg = "#101419";
main_fg = "#93cee9";
wb_act_bg = "#90ceaa";
wb_act_fg = "#1f2328";
wb_hvr_bg = "#90ceaa";
wb_hvr_fg = "#1f2328";
in ''
* {
border: none;
border-radius: 0px;
font-family: "JetBrainsMono Nerd Font";
font-weight: bold;
font-size: 20px;
min-height: 10px;
}
window#waybar {
background: ${bar_bg};
}
tooltip {
background: ${main_bg};
color: ${main_fg};
border-radius: 7px;
border-width: 0px;
}
#workspaces button {
box-shadow: none;
text-shadow: none;
padding: 0px;
border-radius: 9px;
margin-top: 3px;
margin-bottom: 3px;
margin-left: 0px;
padding-left: 3px;
padding-right: 3px;
margin-right: 0px;
color: ${main_fg};
animation: ws_normal 20s ease-in-out 1;
}
#workspaces button.active {
background: ${wb_act_bg};
color: ${wb_act_fg};
margin-left: 3px;
padding-left: 12px;
padding-right: 12px;
margin-right: 3px;
animation: ws_active 20s ease-in-out 1;
transition: all 0.4s cubic-bezier(.55,-0.68,.48,1.682);
}
#workspaces button:hover {
background: ${wb_hvr_bg};
color: ${wb_hvr_fg};
animation: ws_hover 20s ease-in-out 1;
transition: all 0.3s cubic-bezier(.55,-0.68,.48,1.682);
}
#taskbar button {
box-shadow: none;
text-shadow: none;
padding: 0px;
border-radius: 9px;
margin-top: 3px;
margin-bottom: 3px;
margin-left: 0px;
padding-left: 3px;
padding-right: 3px;
margin-right: 0px;
color: @wb-color;
animation: tb_normal 20s ease-in-out 1;
}
#taskbar button.active {
background: ${wb_act_bg};
color: @wb-act-color;
margin-left: 3px;
padding-left: 12px;
padding-right: 12px;
margin-right: 3px;
animation: tb_active 20s ease-in-out 1;
transition: all 0.4s cubic-bezier(.55,-0.68,.48,1.682);
}
#taskbar button:hover {
background: ${wb_hvr_bg};
color: @wb-hvr-color;
animation: tb_hover 20s ease-in-out 1;
transition: all 0.3s cubic-bezier(.55,-0.68,.48,1.682);
}
#backlight,
#battery,
#bluetooth,
#custom-cliphist,
#clock,
#custom-cpuinfo,
#cpu,
#custom-gpuinfo,
#idle_inhibitor,
#language,
#memory,
#custom-mode,
#mpris,
#network,
#custom-power,
#pulseaudio,
#custom-spotify,
#taskbar,
#tray,
#custom-updates,
#custom-wallchange,
#custom-wbar,
#window,
#workspaces,
#custom-l_end,
#custom-r_end,
#custom-sl_end,
#custom-sr_end,
#custom-rl_end,
#custom-rr_end {
color: ${main_fg};
background: ${main_bg};
opacity: 1;
margin: 4px 0px 4px 0px;
padding-left: 4px;
padding-right: 4px;
}
#workspaces,
#taskbar {
padding: 0px;
}
#custom-r_end {
border-radius: 0px 21px 21px 0px;
margin-right: 9px;
padding-right: 3px;
}
#custom-l_end {
border-radius: 21px 0px 0px 21px;
margin-left: 9px;
padding-left: 3px;
}
#custom-sr_end {
border-radius: 0px;
margin-right: 9px;
padding-right: 3px;
}
#custom-sl_end {
border-radius: 0px;
margin-left: 9px;
padding-left: 3px;
}
#custom-rr_end {
border-radius: 0px 7px 7px 0px;
margin-right: 9px;
padding-right: 3px;
}
#custom-rl_end {
border-radius: 7px 0px 0px 7px;
margin-left: 9px;
padding-left: 3px;
}
'';
};
};
}

40
modules/home/discord/default.nix
View File

@@ -1,40 +0,0 @@
{inputs, ...}: {
imports = [
inputs.nixcord.homeModules.nixcord
];
programs.nixcord = {
enable = true;
vesktop.enable = true;
dorion.enable = true;
config = {
themeLinks = [
"https://raw.githubusercontent.com/refact0r/system24/refs/heads/main/archive/flavors/spotify-text.theme.css"
];
frameless = true;
plugins = {
hideAttachments.enable = true;
ignoreActivities = {
enable = true;
ignorePlaying = true;
ignoreWatching = true;
};
};
};
dorion = {
theme = "dark";
zoom = "1.1";
blur = "acrylic";
sysTray = true;
openOnStartup = true;
autoClearCache = true;
disableHardwareAccel = false;
rpcServer = true;
rpcProcessScanner = true;
pushToTalk = true;
pushToTalkKeys = ["RControl"];
desktopNotifications = true;
unreadBadge = true;
};
};
}

3
modules/home/easyeffects/default.nix
View File

@@ -1,3 +0,0 @@
{...}: {
services.easyeffects.enable = true;
}

73
modules/home/fastfetch/default.nix
View File

@@ -1,73 +0,0 @@
{...}: {
home.file.".config/fastfetch/config.jsonc".text = ''
{
"$schema": "https://github.com/fastfetch-cli/fastfetch/raw/dev/doc/json_schema.json",
"logo": {
"type": "none",
},
"display": {
"separator": " ",
"key": {
"width": 18,
},
},
"modules": [
{
"key": " ",
"type": "custom",
},
{
"key": " \u001b[11D{#31} user",
"type": "title",
"format": "{1}",
},
{
"key": " \u001b[11D{#34} hname",
"type": "command",
"text": "hostname",
},
{
"key": " \u001b[11D{#34}󰻀 distro",
"type": "os",
},
{
"key": " \u001b[11D{#35}󰌢 kernel",
"type": "kernel",
},
{
"key": " \u001b[11D{#31} uptime",
"type": "uptime",
},
{
"key": " \u001b[11D{#32} shell",
"type": "shell",
},
{
"key": " \u001b[11D{#35}󰏖 pkgs",
"type": "packages",
},
{
"key": " \u001b[11D{#35} memory",
"type": "memory",
},
{
"key": " ",
"type": "custom",
},
{
"key": " \u001b[11D{#39} colors",
"type": "colors",
"symbol": "circle",
},
{
"key": " ",
"type": "custom",
},
],
}
'';
programs.fastfetch = {
enable = true;
};
}

73
modules/home/firefox/default.nix
View File

@@ -1,73 +0,0 @@
{
pkgs,
username,
...
}: {
home.file.".mozilla/firefox/${username}/chrome".source = pkgs.firefox-mod-blur;
programs.firefox = {
enable = true;
package = pkgs.firefox.override {
extraPolicies = {
CaptivePortal = false;
DisableFirefoxStudies = true;
DisablePocket = true;
DisableTelemetry = true;
DisableFirefoxAccounts = false;
NoDefaultBookmarks = true;
OfferToSaveLogins = false;
OfferToSaveLoginsDefault = false;
PasswordManagerEnabled = false;
FirefoxHome = {
Search = true;
Pocket = false;
Snippets = false;
TopSites = false;
Highlights = false;
};
UserMessaging = {
ExtensionRecommendations = false;
SkipOnboarding = true;
};
};
};
profiles = {
${username} = {
id = 0;
name = "tux";
search = {
force = true;
default = "google";
};
settings = {
"general.smoothScroll" = true;
"extensions.activeThemeID" = "firefox-compact-dark@mozilla.org";
"layout.css.prefers-color-scheme.content-override" = 0;
"browser.compactmode.show" = true;
"browser.tabs.firefox-view" = false;
"browser.bookmarks.addedImportButton" = false;
"extensions.pocket.enabled" = false;
"browser.fullscreen.autohide" = false;
};
extraConfig = ''
user_pref("toolkit.legacyUserProfileCustomizations.stylesheets", true);
user_pref("full-screen-api.ignore-widgets", true);
user_pref("media.ffmpeg.vaapi.enabled", true);
user_pref("media.rdd-vpx.enabled", true);
'';
extensions.packages = with pkgs.nur.repos.rycee.firefox-addons; [
ublock-origin
facebook-container
metamask
darkreader
bitwarden
wappalyzer
clearurls
];
};
};
};
}

46
modules/home/floorp/default.nix
View File

@@ -1,46 +0,0 @@
{
username,
pkgs,
...
}: {
programs.floorp = {
enable = true;
profiles = {
${username} = {
id = 0;
name = "${username}";
search = {
force = true;
default = "Google";
};
settings = {
"general.smoothScroll" = true;
"extensions.activeThemeID" = "firefox-compact-dark@mozilla.org";
"layout.css.prefers-color-scheme.content-override" = 0;
"browser.compactmode.show" = true;
"browser.tabs.firefox-view" = false;
"browser.bookmarks.addedImportButton" = false;
"extensions.pocket.enabled" = false;
"browser.fullscreen.autohide" = false;
};
extraConfig = ''
user_pref("toolkit.legacyUserProfileCustomizations.stylesheets", true);
user_pref("full-screen-api.ignore-widgets", true);
user_pref("media.ffmpeg.vaapi.enabled", true);
user_pref("media.rdd-vpx.enabled", true);
'';
extensions.packages = with pkgs.nur.repos.rycee.firefox-addons; [
ublock-origin
facebook-container
metamask
darkreader
bitwarden
wappalyzer
clearurls
];
};
};
};
}

40
modules/home/ghostty/default.nix
View File

@@ -1,40 +0,0 @@
{pkgs, ...}: {
home.file = {
".config/ghostty/config" = {
text = ''
confirm-close-surface = false
gtk-titlebar = false
window-padding-x = 10
window-padding-y = 10
background-opacity = 0.9
font-size = 14
palette = 0=#252b37
palette = 1=#d0679d
palette = 2=#5de4c7
palette = 3=#fffac2
palette = 4=#89ddff
palette = 5=#fae4fc
palette = 6=#add7ff
palette = 7=#ffffff
palette = 8=#a6accd
palette = 9=#d0679d
palette = 10=#5de4c7
palette = 11=#fffac2
palette = 12=#add7ff
palette = 13=#89ddff
palette = 14=#fcc5e9
palette = 15=#ffffff
background = #0f0f0f
foreground = #a6accd
cursor-color = #f2eacf
selection-background = #1a1a1a
selection-foreground = #f1f1f1
'';
};
};
home.packages = with pkgs; [
ghostty
];
}

20
modules/home/git/default.nix
View File

@@ -1,20 +0,0 @@
{
email,
username,
...
}: {
programs.git = {
enable = true;
userName = "${username}";
userEmail = "${email}";
signing = {
key = "~/.ssh/id_ed25519.pub";
signByDefault = true;
};
extraConfig = {
init.defaultBranch = "main";
commit.gpgSign = true;
gpg.format = "ssh";
};
};
}

37
modules/home/helix/default.nix
View File

@@ -1,37 +0,0 @@
{pkgs, ...}: {
programs.helix = {
enable = true;
settings = {
theme = "gruvbox";
editor = {
line-number = "relative";
cursorline = true;
color-modes = true;
bufferline = "multiple";
"cursor-shape" = {
insert = "bar";
normal = "block";
select = "underline";
};
};
};
languages = {
language = [
{
name = "nix";
auto-format = true;
}
];
language-server = {
nil = {
command = "${pkgs.nil}/bin/nil";
config.nil.formatting = {
command = "${pkgs.alejandra}/bin/alejandra";
};
};
};
};
};
}

6
modules/home/kdeconnect/default.nix
View File

@@ -1,6 +0,0 @@
{...}: {
services.kdeconnect = {
enable = true;
indicator = true;
};
}

5
modules/home/librewolf/default.nix
View File

@@ -1,5 +0,0 @@
{...}: {
programs.librewolf = {
enable = true;
};
}

39
modules/home/mopidy/default.nix
View File

@@ -1,39 +0,0 @@
{pkgs, ...}: {
programs.ncmpcpp = {
enable = true;
package = pkgs.ncmpcpp.override {
visualizerSupport = true;
clockSupport = true;
};
mpdMusicDir = "~/Music/";
settings = {
mpd_host = "127.0.0.1";
mpd_port = 6600;
mpd_connection_timeout = 20;
visualizer_data_source = "localhost:5555";
visualizer_fps = 60;
visualizer_output_name = "feed";
visualizer_in_stereo = "yes";
visualizer_type = "spectrum";
visualizer_look = "";
visualizer_spectrum_smooth_look = "yes";
visualizer_sync_interval = 0;
song_status_format = "$b$7 $2%a $4$3 $8%t $4$3 $5%b ";
header_visibility = "no";
color1 = "white";
color2 = "green";
};
};
services.mopidy = {
enable = true;
extensionPackages = with pkgs; [
mopidy-mpd
mopidy-spotify
mopidy-soundcloud
mopidy-iris
];
};
}

40
modules/home/nvim/default.nix
View File

@@ -1,40 +0,0 @@
{pkgs, ...}: {
home.file = {
".config/nvim" = {
recursive = true;
source = "${pkgs.tnvim}";
};
};
programs = {
neovim = {
enable = true;
defaultEditor = true;
vimAlias = true;
withPython3 = true;
withNodeJs = true;
};
};
home = {
packages = with pkgs; [
gcc
neovide
# nix
nil # Language Server
statix # Lints and suggestions
deadnix # Find and remove unused
alejandra # Code Formatter
# lua
luarocks
# ts
typescript
gdu
ripgrep
];
};
}

6
modules/home/obs-studio/default.nix
View File

@@ -1,6 +0,0 @@
{pkgs, ...}: {
programs.obs-studio = {
enable = true;
plugins = with pkgs.obs-studio-plugins; [obs-vaapi];
};
}

64
modules/home/picom/default.nix
View File

@@ -1,64 +0,0 @@
{pkgs, ...}: {
services.picom = {
enable = true;
package = pkgs.picom-next;
backend = "glx";
vSync = true;
fade = true;
fadeDelta = 10;
fadeSteps = [0.05 0.05];
fadeExclude = [
"window_type *= 'menu'"
];
activeOpacity = 1;
inactiveOpacity = 1;
opacityRules = [
"90:class_g = 'rofi'"
"90:class_g = 'thunar'"
"90:class_g = 'spotify'"
"90:class_g = 'discord'"
"90:class_g = 'code'"
"90:class_g = 'org.wezfurlong.wezterm'"
"90:class_g = 'wezterm-floating'"
];
settings = {
glx-no-stencil = true;
glx-copy-from-font = false;
use-damage = false;
frame-opacity = 1;
blur-background = true;
blur-method = "dual_kawase";
blur-strength = 10;
corner-radius = 8;
rounded-corners-exclude = [
"window_type = 'dock'"
];
# pijulius specifics
animations = true;
animation-stiffness = 500;
animation-window-mass = 1.0;
animation-dampening = 26;
animation-delta = 10;
animation-force_steps = false;
animation-clamping = true;
animation-for-open-window = "slide-up";
animation-for-menu-window = "slide-down";
animation-for-transient-window = "slide-down";
animation-for-unmap-window = "slide-up";
animation-for-next-tag = "slide-right";
animation-for-prev-tag = "slide-left";
enable-fading-next-tag = true;
enable-fading-prev-tag = true;
};
};
}

15
modules/home/shell/aichat.nix
View File

@@ -1,15 +0,0 @@
{...}: {
programs = {
aichat = {
enable = true;
settings = {
model = "gemini:gemini-2.0-flash-lite";
clients = [
{
type = "gemini";
}
];
};
};
};
}

98
modules/home/shell/default.nix
View File

@@ -1,98 +0,0 @@
{pkgs, ...}: {
imports = [
./lazygit.nix
./aichat.nix
];
programs = {
bat.enable = true;
zsh = {
enable = true;
history = {
append = true;
share = true;
expireDuplicatesFirst = true;
ignoreDups = true;
size = 1000000;
save = 1000000;
path = "$HOME/.local/share/zsh/.zsh_history";
};
syntaxHighlighting.enable = true;
autosuggestion.enable = true;
initContent = ''
fastfetch
export WINIT_X11_SCALE_FACTOR=1
PATH=$PATH:~/.cargo/bin:~/.local/bin
bindkey "^A" vi-beginning-of-line
bindkey "^E" vi-end-of-line
bindkey '^R' fzf-history-widget
'';
};
zoxide = {
enable = true;
options = ["--cmd cd"];
enableZshIntegration = true;
};
ripgrep.enable = true;
btop = {
enable = true;
settings = {
theme_background = false;
update_ms = 1000;
presets = "cpu:0:default mem:0:default net:0:default";
};
};
go.enable = true;
yazi = {
enable = true;
enableZshIntegration = true;
};
fzf = {
enable = true;
enableZshIntegration = true;
};
lsd = {
enable = true;
enableZshIntegration = true;
};
};
home.packages = with pkgs; [
systemctl-tui
ranger
wget
portal
bore-cli
zip
unzip
pciutils
gnumake
nvtopPackages.full
zellij
nix-output-monitor
duf
jq
atac
termshark
solc
dig
python312
python312Packages.pipx
nodejs
nodePackages.pnpm
nodePackages.yarn
rustup
bun
nixpkgs-fmt
hunspell
hunspellDicts.en_US
air
templ
ffmpeg
deploy-rs
trok
];
}

79
modules/home/shell/lazygit.nix
View File

@@ -1,79 +0,0 @@
{...}: {
programs.lazygit = {
enable = true;
settings = {
gui = {
showIcons = true;
nerdFontsVersion = "3";
};
customCommands = [
{
key = "<c-a>";
description = "Pick AI commit";
command = ''
aichat "Please suggest 10 commit messages, given the following diff:
\`\`\`diff
$(git diff --cached)
\`\`\`
**Criteria:**
1. **Format:** Each commit message must follow the conventional commits format, which is \`<type>(<scope>): <description>\`.
2. **Relevance:** Avoid mentioning a module name unless it's directly relevant to the change.
3. **Enumeration:** List the commit messages from 1 to 10.
4. **Clarity and Conciseness:** Each message should clearly and concisely convey the change made.
**Commit Message Examples:**
- fix(app): add password regex pattern
- test(unit): add new test cases
- style: remove unused imports
- refactor(pages): extract common code to \`utils/wait.ts\`
**Recent Commits on Repo for Reference:**
\`\`\`
$(git log -n 10 --pretty=format:'%h %s')
\`\`\`
**Output Template**
Follow this output template and ONLY output raw commit messages without spacing, numbers or other decorations.
fix(app): add password regex pattern
test(unit): add new test cases
style: remove unused imports
refactor(pages): extract common code to \`utils/wait.ts\`
**Instructions:**
- Take a moment to understand the changes made in the diff.
- Think about the impact of these changes on the project (e.g., bug fixes, new features, performance improvements, code refactoring, documentation updates). It's critical to my career you abstract the changes to a higher level and not just describe the code changes.
- Generate commit messages that accurately describe these changes, ensuring they are helpful to someone reading the project's history.
- Remember, a well-crafted commit message can significantly aid in the maintenance and understanding of the project over time.
- If multiple changes are present, make sure you capture them all in each commit message.
Keep in mind you will suggest 10 commit messages. Only 1 will be used. It's better to push yourself (esp to synthesize to a higher level) and maybe wrong about some of the 10 commits because only one needs to be good. I'm looking for your best commit, not the best average commit. It's better to cover more scenarios than include a lot of overlap.
Write your 10 commit messages below in the format shown in Output Template section above." \
| fzf --height 40% --border --ansi --preview "echo {}" --preview-window=up:wrap \
| xargs -I {} bash -c '
COMMIT_MSG_FILE=$(mktemp)
echo "{}" > "$COMMIT_MSG_FILE"
''${EDITOR:-vim} "$COMMIT_MSG_FILE"
if [ -s "$COMMIT_MSG_FILE" ]; then
git commit -F "$COMMIT_MSG_FILE"
else
echo "Commit message is empty, commit aborted."
fi
rm -f "$COMMIT_MSG_FILE"'
'';
context = "files";
output = "terminal";
}
];
};
};
}

50
modules/home/starship/default.nix
View File

@@ -1,50 +0,0 @@
{...}: {
programs.starship = {
enable = true;
settings = {
format = ''$os$hostname$directory$rust$golang$solidity$nodejs(bold blue)$git_branch$git_status[](bold yellow)[](bold purple)[](bold blue) '';
scan_timeout = 60;
add_newline = false;
line_break.disabled = true;
os = {
format = "[$symbol ]($style)";
style = "bold green";
disabled = false;
symbols.NixOS = "󰊠";
symbols.Linux = "󰊠";
symbols.Arch = "󰣇";
symbols.Ubuntu = "󰕈";
};
directory = {
format = "[$path]($style)[$read_only ]($read_only_style)";
read_only = " 󰌾";
style = "bold blue";
};
git_branch.format = "[$symbol$branch]($style) ";
hostname = {
ssh_only = false;
format = "[$ssh_symbol$hostname]($style) ";
style = "bold green";
ssh_symbol = "󰇧 ";
disabled = false;
};
rust = {
format = "[$symbol]($style)";
symbol = " ";
};
golang = {
format = "[$symbol]($style)";
symbol = " ";
};
solidity = {
format = "[$symbol]($style)";
symbol = "󰡪 ";
};
nodejs = {
format = "[$symbol]($style)";
symbol = "󰎙 ";
};
};
};
}

9
modules/home/thunderbird/default.nix
View File

@@ -1,9 +0,0 @@
{username, ...}: {
programs.thunderbird = {
enable = true;
profiles."${username}" = {
isDefault = true;
};
};
}

136
modules/home/tmux/default.nix
View File

@@ -1,136 +0,0 @@
{pkgs, ...}: let
bg = "default";
fg = "default";
bg2 = "brightblack";
fg2 = "white";
color = c: "#{@${c}}";
indicator = let
accent = color "indicator_color";
content = " ";
in "#[reverse,fg=${accent}]#{?client_prefix,${content},}";
current_window = let
accent = color "main_accent";
index = "#[reverse,fg=${accent},bg=${fg}] #I ";
name = "#[fg=${bg2},bg=${fg2}] #W ";
# flags = "#{?window_flags,#{window_flags}, }";
in "${index}${name}";
window_status = let
accent = color "window_color";
index = "#[reverse,fg=${accent},bg=${fg}] #I ";
name = "#[fg=${bg2},bg=${fg2}] #W ";
# flags = "#{?window_flags,#{window_flags}, }";
in "${index}${name}";
battery = let
percentage = pkgs.writeShellScript "percentage" (
if pkgs.stdenv.isDarwin
then ''
echo $(pmset -g batt | grep -o "[0-9]\+%" | tr '%' ' ')
''
else ''
path="/org/freedesktop/UPower/devices/DisplayDevice"
echo $(${pkgs.upower}/bin/upower -i $path | grep -o "[0-9]\+%" | tr '%' ' ')
''
);
state = pkgs.writeShellScript "state" (
if pkgs.stdenv.isDarwin
then ''
echo $(pmset -g batt | awk '{print $4}')
''
else ''
path="/org/freedesktop/UPower/devices/DisplayDevice"
echo $(${pkgs.upower}/bin/upower -i $path | grep state | awk '{print $2}')
''
);
icon = pkgs.writeShellScript "icon" ''
percentage=$(${percentage})
state=$(${state})
if [ "$state" == "charging" ] || [ "$state" == "fully-charged" ]; then echo "󰂄"
elif [ $percentage -ge 75 ]; then echo "󱊣"
elif [ $percentage -ge 50 ]; then echo "󱊢"
elif [ $percentage -ge 25 ]; then echo "󱊡"
elif [ $percentage -ge 0 ]; then echo "󰂎"
fi
'';
color = pkgs.writeShellScript "color" ''
percentage=$(${percentage})
state=$(${state})
if [ "$state" == "charging" ] || [ "$state" == "fully-charged" ]; then echo "green"
elif [ $percentage -ge 75 ]; then echo "green"
elif [ $percentage -ge 50 ]; then echo "${fg2}"
elif [ $percentage -ge 30 ]; then echo "yellow"
elif [ $percentage -ge 0 ]; then echo "red"
fi
'';
in "#[fg=#(${color})]#(${icon}) #[fg=${fg}]#(${percentage})%";
pwd = let
accent = color "main_accent";
icon = "#[fg=${accent}] ";
format = "#[fg=${fg}]#{b:pane_current_path}";
in "${icon}${format}";
git = let
icon = pkgs.writeShellScript "branch" ''
git -C "$1" branch && echo " "
'';
branch = pkgs.writeShellScript "branch" ''
git -C "$1" rev-parse --abbrev-ref HEAD
'';
in "#[fg=magenta]#(${icon} #{pane_current_path})#(${branch} #{pane_current_path})";
separator = "#[fg=${fg}]|";
in {
programs.tmux = {
enable = true;
baseIndex = 1;
escapeTime = 0;
mouse = true;
extraConfig = ''
set-option -sa terminal-overrides ",xterm*:Tc"
set-option -g status-position top
unbind r
bind r source-file ~/.config/tmux/tmux.conf
# remap prefix from C-b to C-Space
# unbind C-b
# set -g prefix C-Space
# bind C-Space send-prefix
# split panes using | and -
unbind '"'
unbind %
bind | split-window -h
bind - split-window -v
# Start windows and panes at 1, not 0
set -g base-index 1
set -g pane-base-index 1
set-window-option -g pane-base-index 1
set-option -g renumber-windows on
# switch panes using Alt-arrow without prefix
bind -n M-Left select-pane -L
bind -n M-Right select-pane -R
bind -n M-Up select-pane -U
bind -n M-Down select-pane -D
set-option -g default-terminal "screen-256color"
set-option -g status-right-length 100
set-option -g @indicator_color "yellow"
set-option -g @window_color "magenta"
set-option -g @main_accent "blue"
set-option -g pane-active-border fg=black
set-option -g pane-border-style fg=black
set-option -g status-style "bg=${bg} fg=${fg}"
set-option -g status-left "${indicator}"
set-option -g status-right "${git} ${pwd} ${separator} ${battery}"
set-option -g window-status-current-format "${current_window}"
set-option -g window-status-format "${window_status}"
set-option -g window-status-separator ""
'';
};
}

76
modules/home/vs-code/default.nix
View File

@@ -1,76 +0,0 @@
{pkgs, ...}: {
programs.vscode = {
enable = true;
package = pkgs.vscodium;
profiles.default = {
keybindings = [
{
"key" = "f7";
"command" = "-editor.action.wordHighlight.next";
"when" = "editorTextFocus && hasWordHighlights";
}
{
"key" = "f7";
"command" = "-editor.action.accessibleDiffViewer.next";
"when" = "isInDiffEditor";
}
{
"key" = "f7";
"command" = "workbench.action.terminal.toggleTerminal";
"when" = "terminal.active";
}
{
"key" = "ctrl+`";
"command" = "-workbench.action.terminal.toggleTerminal";
"when" = "terminal.active";
}
];
userSettings = {
"window.zoomLevel" = 2;
"window.menuBarVisibility" = "toggle";
"workbench.colorTheme" = "Poimandres Alternate";
"workbench.startupEditor" = "none";
"editor.fontFamily" = "FiraCode NF, FiraCode Nerd Font";
"editor.fontLigatures" = true;
"editor.cursorBlinking" = "smooth";
"editor.minimap.enabled" = false;
"terminal.integrated.fontFamily" = "FiraCode NF, FiraCode Nerd Font , FiraCode";
};
extensions =
(with pkgs.vscode-extensions; [
wakatime.vscode-wakatime
ms-dotnettools.csharp
naumovs.color-highlight
ms-vscode-remote.remote-containers
ms-azuretools.vscode-docker
mikestead.dotenv
golang.go
wix.vscode-import-cost
sumneko.lua
yzhang.markdown-all-in-one
jnoortheen.nix-ide
esbenp.prettier-vscode
prisma.prisma
ms-python.python
ms-vscode-remote.remote-ssh
humao.rest-client
bradlc.vscode-tailwindcss
gruntfuggly.todo-tree
])
++ (with pkgs.vscode-marketplace; [
danielpriestley.poimandres-alternate
pufferbommy.pretty-poimandres
yoavbls.pretty-ts-errors
formulahendry.auto-rename-tag
chakrounanas.turbo-console-log
streetsidesoftware.code-spell-checker
]);
};
};
}

31
modules/home/wezterm/default.nix
View File

@@ -1,31 +0,0 @@
{
inputs,
pkgs,
...
}: {
programs.wezterm = {
enable = true;
package = inputs.wezterm-flake.packages."${pkgs.system}".default;
enableZshIntegration = false;
extraConfig = ''
local wezterm = require 'wezterm'
local config = {}
config.window_close_confirmation = 'NeverPrompt'
config.color_scheme = 'Poimandres'
config.colors = {
background = "#0f0f0f"
}
config.enable_tab_bar = false
config.font = wezterm.font_with_fallback {
'JetBrainsMono Nerd Font',
}
config.font_size = 14.0
config.window_background_opacity = 1
config.audible_bell = "Disabled"
return config
'';
};
}

65
modules/nixos/desktop/awesome/default.nix
View File

@@ -1,65 +0,0 @@
{
lib,
pkgs,
...
}: {
services = {
displayManager = {
defaultSession = "none+awesome";
ly.enable = true;
};
xserver = {
enable = true;
windowManager.awesome = {
enable = true;
luaModules = lib.attrValues {
inherit
(pkgs.luajitPackages)
lgi
ldbus
luadbi-mysql
luaposix
dkjson
;
};
};
};
acpid.enable = true;
picom.enable = true;
upower.enable = true;
blueman.enable = true;
};
programs.dconf.enable = true;
environment.systemPackages = with pkgs; [
luajit
acpi
linuxKernel.packages.linux_zen.acpi_call
lxappearance
inotify-tools
polkit_gnome
xdotool
xclip
xorg.xbacklight
gpick
alsa-utils
pavucontrol
brightnessctl
libnotify
feh
maim
mpdris2
python311Packages.mutagen
xdg-utils
playerctl
pulsemixer
easyeffects
procps
sct
slop
sddm-sugar-dark
];
}

14
modules/nixos/desktop/default.nix
View File

@@ -1,14 +0,0 @@
{...}: {
xdg.mime = {
enable = true;
defaultApplications = {
"application/pdf" = ["firefox.desktop"];
"default-web-browser" = ["firefox.desktop"];
"text/html" = ["firefox.desktop"];
"x-scheme-handler/http" = ["firefox.desktop"];
"x-scheme-handler/https" = ["firefox.desktop"];
"x-scheme-handler/about" = ["firefox.desktop"];
"x-scheme-handler/unknown" = ["firefox.desktop"];
};
};
}

7
modules/nixos/desktop/hyprland/default.nix
View File

@@ -1,7 +0,0 @@
{pkgs, ...}: {
programs.hyprland = {
enable = true;
package = pkgs.hyprland-git.hyprland;
portalPackage = pkgs.hyprland-git.xdg-desktop-portal-hyprland;
};
}

32
modules/nixos/fail2ban.nix
View File

@@ -1,32 +0,0 @@
{config, ...}: let
isFirewallEnabled = config.networking.firewall.enable;
in {
services.fail2ban = {
enable = isFirewallEnabled;
maxretry = 5;
banaction = "iptables-multiport[blocktype=DROP]";
ignoreIP = [
"127.0.0.0/8"
"10.0.0.0/8"
"192.168.0.0/16"
];
bantime = "24h";
bantime-increment = {
enable = true;
rndtime = "12m";
overalljails = true;
multipliers = "4 8 16 32 64 128 256 512 1024 2048";
maxtime = "192h";
};
jails = {
sshd.settings = {
enabled = true;
port = toString config.services.openssh.ports;
mode = "aggressive";
filter = "sshd";
};
};
};
}

69
modules/nixos/networking/ssh.nix
View File

@@ -1,69 +0,0 @@
{
config,
lib,
...
}:
with lib; let
cfg = config.tux.services.openssh;
# Sops needs acess to the keys before the persist dirs are even mounted; so
# just persisting the keys won't work, we must point at /persist
hasOptinPersistence = config.environment.persistence."/persist".enable;
in {
options.tux.services.openssh = {
enable = mkEnableOption "Enable OpenSSH server";
ports = mkOption {
type = types.listOf types.port;
default = [22];
description = ''
Specifies on which ports the SSH daemon listens.
'';
};
};
config = mkIf cfg.enable {
services.openssh = {
enable = true;
startWhenNeeded = true;
allowSFTP = true;
ports = cfg.ports;
settings = {
PermitRootLogin = "no";
PasswordAuthentication = false;
KbdInteractiveAuthentication = false;
AuthenticationMethods = "publickey";
PubkeyAuthentication = "yes";
ChallengeResponseAuthentication = "no";
UsePAM = false;
UseDns = false;
X11Forwarding = false;
KexAlgorithms = [
"curve25519-sha256"
"curve25519-sha256@libssh.org"
"diffie-hellman-group16-sha512"
"diffie-hellman-group18-sha512"
"sntrup761x25519-sha512@openssh.com"
"diffie-hellman-group-exchange-sha256"
"mlkem768x25519-sha256"
"sntrup761x25519-sha512"
];
Macs = [
"hmac-sha2-512-etm@openssh.com"
"hmac-sha2-256-etm@openssh.com"
"umac-128-etm@openssh.com"
];
ClientAliveCountMax = 5;
ClientAliveInterval = 60;
};
hostKeys = [
{
path = "${lib.optionalString hasOptinPersistence "/persist"}/etc/ssh/ssh_host_ed25519_key";
type = "ed25519";
}
];
};
};
}

8
modules/nixos/selfhosted/adguard.nix
View File

@@ -1,8 +0,0 @@
{...}: {
services = {
adguardhome = {
enable = true;
openFirewall = true;
};
};
}

61
modules/nixos/selfhosted/containers/cs2.nix
View File

@@ -1,61 +0,0 @@
{config, ...}: {
virtualisation.oci-containers.containers.cs2-server = {
image = "joedwards32/cs2";
environmentFiles = [
config.sops.secrets."cs2_secrets/SRCDS_TOKEN".path
config.sops.secrets."cs2_secrets/CS2_RCONPW".path
config.sops.secrets."cs2_secrets/CS2_PW".path
];
environment = {
# Server configuration
STEAMAPPVALIDATE = "0";
CS2_SERVERNAME = "tux's CS-2 Server";
CS2_CHEATS = "0";
CS2_PORT = "27015";
CS2_SERVER_HIBERNATE = "1";
CS2_RCON_PORT = "";
CS2_LAN = "0";
CS2_MAXPLAYERS = "10";
CS2_ADDITIONAL_ARGS = "";
CS2_CFG_URL = "";
# Game modes
CS2_GAMEALIAS = "competitive";
CS2_GAMETYPE = "0";
CS2_GAMEMODE = "1";
CS2_MAPGROUP = "mg_active";
CS2_STARTMAP = "de_mirage";
# Workshop Maps
CS2_HOST_WORKSHOP_COLLECTION = "";
CS2_HOST_WORKSHOP_MAP = "";
# Bots
CS2_BOT_DIFFICULTY = "3";
CS2_BOT_QUOTA = "";
CS2_BOT_QUOTA_MODE = "";
# TV
TV_AUTORECORD = "0";
TV_ENABLE = "0";
TV_PORT = "27020";
TV_PW = "changeme";
TV_RELAY_PW = "changeme";
TV_MAXRATE = "0";
TV_DELAY = "0";
# Logs
CS2_LOG = "on";
CS2_LOG_MONEY = "0";
CS2_LOG_DETAIL = "0";
CS2_LOG_ITEMS = "0";
};
volumes = [
"cs2:/home/steam/cs2-dedicated"
];
ports = [
"27015:27015/tcp"
"27015:27015/udp"
"27020:27020/udp"
];
extraOptions = [
"--interactive"
];
};
}

86
modules/nixos/selfhosted/cyber-tux.nix
View File

@@ -1,86 +0,0 @@
{
config,
lib,
pkgs,
...
}:
with lib; let
cfg = config.tux.services.cyber-tux;
in {
options.tux.services.cyber-tux = {
enable = mkEnableOption "Enable CyberTux Discord bot";
user = mkOption {
type = types.str;
default = "cyber-tux";
description = "User under which the CyberTux service runs.";
};
group = mkOption {
type = types.str;
default = "cyber-tux";
description = "Group under which the CyberTux service runs.";
};
environmentFile = mkOption {
type = types.path;
description = "Environment file containing DISCORD_TOKEN";
};
};
config = mkIf cfg.enable {
systemd.services = {
cyber-tux = {
description = "A discord bot for my server";
after = ["network.target"];
wantedBy = ["multi-user.target"];
serviceConfig = {
Type = "simple";
User = "cyber-tux";
Group = "cyber-tux";
EnvironmentFile = cfg.environmentFile;
ExecStart = getExe pkgs.cyber-tux;
Restart = "always";
LockPersonality = true;
MemoryDenyWriteExecute = true;
NoNewPrivileges = true;
PrivateDevices = true;
PrivateIPC = true;
PrivateTmp = true;
PrivateUsers = true;
ProtectClock = true;
ProtectControlGroups = true;
ProtectHome = true;
ProtectHostname = true;
ProtectKernelLogs = true;
ProtectKernelModules = true;
ProtectKernelTunables = true;
ProtectProc = "invisible";
ProtectSystem = "strict";
RestrictNamespaces = "uts ipc pid user cgroup";
RestrictRealtime = true;
RestrictSUIDSGID = true;
SystemCallArchitectures = "native";
SystemCallFilter = ["@system-service"];
UMask = "0077";
};
};
};
# Ensure the user and group exist
users.users = mkIf (cfg.user == "cyber-tux") {
${cfg.user} = {
isSystemUser = true;
group = cfg.group;
description = "CyberTux service user";
home = "/var/lib/cyber-tux";
createHome = true;
};
};
users.groups = mkIf (cfg.group == "cyber-tux") {
${cfg.group} = {};
};
};
}

29
modules/nixos/selfhosted/gitea.nix
View File

@@ -1,29 +0,0 @@
{lib, ...}: {
services = {
gitea = {
enable = true;
settings = {
service.DISABLE_REGISTRATION = true;
server = {
DOMAIN = "git.tux.rs";
ROOT_URL = "https://git.tux.rs";
};
};
};
nginx = {
enable = lib.mkForce true;
virtualHosts = {
"git.tux.rs" = {
forceSSL = true;
useACMEHost = "tux.rs";
locations = {
"/" = {
proxyPass = "http://localhost:3000";
};
};
};
};
};
};
}

43
modules/nixos/selfhosted/glance/default.nix
View File

@@ -1,43 +0,0 @@
{
username,
lib,
config,
...
}: let
home = import ./home.nix;
in {
services = {
glance = {
enable = true;
openFirewall = true;
settings = {
server = {
host = "0.0.0.0";
port = 5678;
};
branding = {
custom-footer = "<p><a href='https://tux.rs'>${username}</a></p>";
};
pages = [
home.page
];
};
};
nginx = {
enable = lib.mkForce true;
virtualHosts = {
"home.tux.rs" = {
forceSSL = true;
useACMEHost = "tux.rs";
locations = {
"/" = {
proxyPass = "http://${config.services.glance.settings.server.host}:${toString config.services.glance.settings.server.port}";
proxyWebsockets = true;
};
};
};
};
};
};
}

86
modules/nixos/selfhosted/glance/home.nix
View File

@@ -1,86 +0,0 @@
{
page = {
name = "Dashboard - tux";
width = "slim";
hide-desktop-navigation = true;
center-vertically = true;
columns = [
{
size = "full";
widgets = [
{
type = "search";
autofocus = true;
}
{
type = "markets";
markets = [
{
symbol = "BTC-USD";
name = "Bitcoin";
chart-link = "https://www.tradingview.com/chart/?symbol=INDEX:BTCUSD";
}
{
symbol = "ETH-USD";
name = "Ethereum";
chart-link = "https://www.tradingview.com/chart/?symbol=INDEX:ETHUSD";
}
{
symbol = "SOL-USD";
name = "Solana";
chart-link = "https://www.tradingview.com/chart/?symbol=INDEX:SOLUSD";
}
];
}
{
type = "monitor";
cache = "1m";
title = "Services";
sites = [
{
title = "Gitea";
url = "https://git.tux.rs";
icon = "si:gitea";
}
{
title = "Vaultwarden";
url = "https://bw.tux.rs";
icon = "si:vaultwarden";
}
{
title = "Ntfy";
url = "https://ntfy.tux.rs";
icon = "si:ntfy";
}
{
title = "Grafana";
url = "https://grafana.tux.rs";
icon = "si:grafana";
}
{
title = "SearXNG";
url = "https://sx.tux.rs";
icon = "si:searxng";
}
{
title = "Wakapi";
url = "https://wakapi.tux.rs";
icon = "si:wakatime";
}
];
}
{
type = "reddit";
subreddit = "selfhosted";
style = "horizontal-cards";
}
{
type = "reddit";
subreddit = "homelab";
style = "horizontal-cards";
}
];
}
];
};
}

Some files were not shown because too many files have changed in this diff Show More