Lithospherical/nix-config
1
0
Fork 0
forked from jan-leila/nix-config
Code Pull requests Activity

Compare commits

merge into: Lithospherical:eve
Branches Tags
Lithospherical:main
Lithospherical:eve
Lithospherical:469ba567
jan-leila:main
...
pull from: jan-leila:main
Branches Tags
jan-leila:main
Lithospherical:main
Lithospherical:eve
Lithospherical:469ba567
Sign in to create a new pull request.

167 commits
eve ... main

Author SHA1 Message Date
Leyla Becker
3bf3391eb9 feat: created mapillary desktop uploader program config and installed for leyla 2025-09-13 18:15:43 -05:00
Leyla Becker
ffcba0d714 feat: created mapillary desktop uploader dirivation 2025-09-13 18:03:04 -05:00
Leyla Becker
0f8faadd80 feat: added more config options for mcp servers 2025-09-12 10:47:31 -05:00
Leyla Becker
cf330b1cbb feat: installed sleep-mcp server 2025-09-12 10:18:06 -05:00
Leyla Becker
ca9f54d795 feat: installed mcp servers for vitest and eslint 2025-09-12 00:41:17 -05:00
Leyla Becker
2745af9443 feat: updated flake.lock 2025-09-08 16:47:05 -05:00
Leyla Becker
487dc21550 refactor: removed eslint mcp server 2025-09-07 20:15:39 -05:00
Leyla Becker
58fec3f132 refactor: switched to using mkEnableOption 2025-09-07 15:58:54 -05:00
Leyla Becker
09d2588406 feat: added config options to hte conventional commit extension to disable emoji and scopes propts 2025-09-06 23:42:13 -05:00
Leyla Becker
68b791f7c1 feat: installed conventional commits plugin 2025-09-06 23:11:22 -05:00
Leyla Becker
1831fea96a updated flake lock 2025-09-04 15:40:22 -05:00
Leyla Becker
2aad75a334 moved more packages to modules 2025-09-04 15:23:59 -05:00
Leyla Becker
c31eb38229 installed direnv extension 2025-09-04 14:33:17 -05:00
Leyla Becker
fab03391fc updated flake.lock 2025-09-04 00:33:53 -05:00
Leyla Becker
2d396228c7 moved krita to programs folder 2025-09-02 23:27:26 -05:00
Leyla Becker
b7dd5328d0 moved piper to module with enable option 2025-09-02 23:20:24 -05:00
Leyla Becker
afcf415621 enabled power management from twilight and emergent 2025-09-02 23:11:29 -05:00
Leyla Becker
d89d085409 updated flake lock 2025-09-02 23:05:27 -05:00
Leyla Becker
6e0650f73b installed the eslint mcp server 2025-08-31 13:56:20 -05:00
Leyla Becker
5a53a7bac4 installed nix mcp server 2025-08-28 14:14:05 -05:00
Leyla Becker
9f94a218cc disabled nfs mounts 2025-08-28 14:11:29 -05:00
Leyla Becker
0d57fb08b1 set up nix mcp server 2025-08-28 11:48:00 -05:00
Leyla Becker
0d2a3e26a8 moved network mounts out of main config and into their own file 2025-08-27 21:21:39 -05:00
Leyla Becker
4a7b57df99 removed invalid config option 2025-08-27 21:19:04 -05:00
Leyla Becker
ca2b188560 fixed nfs mounts 2025-08-27 17:51:11 -05:00
Leyla Becker
1c079fa479 installed vitest 2025-08-27 13:37:31 -05:00
Leyla Becker
dbe4b674d7 set zfs auth and tls to true 2025-08-26 18:00:12 -05:00
Leyla Becker
060e6ef037 installed fonts 2025-08-26 15:53:45 -05:00
Leyla Becker
d128b54a05 removed redundant part of config 2025-08-24 23:01:04 -05:00
Leyla Becker
19bd67afe5 installed claudeDev 2025-08-24 15:55:07 -05:00
Leyla Becker
bf07bbdb1b updated flake lock 2025-08-23 13:26:04 -05:00
Leyla Becker
d12f4b5327 installed actual on defiant 2025-08-21 22:02:10 -05:00
Leyla Becker
102a61b38e updated flake lock 2025-08-16 11:32:03 -05:00
Leyla Becker
c1926f6256 updated flake lock 2025-08-13 18:34:13 -05:00
Leyla Becker
ee6ab1c0eb installed printer drivers 2025-08-09 23:32:32 -05:00
Leyla Becker
93b8582734 installed tab session manager 2025-08-06 22:12:42 -05:00
Leyla Becker
7e1e1f357f updated scrub email settings 2025-08-05 00:15:58 -05:00
Leyla Becker
3f897fae25 updated ai code plugin 2025-08-04 20:08:45 -05:00
Leyla Becker
b7a4f63ddd further refined and documents issues with wire guard config 2025-08-04 17:46:56 -05:00
Leyla Becker
7b9d1ee390 added qwen3:235b-a22b 2025-08-01 21:20:52 -05:00
Leyla Becker
5658a39249 added ACL to syncthing mnt folder 2025-08-01 18:30:28 -05:00
Leyla Becker
7b3d4bc021 added acl rules to defiant media_directory 2025-08-01 18:24:45 -05:00
Leyla Becker
22f2052ccf updated flake lock 2025-08-01 17:53:31 -05:00
Leyla Becker
53c0526c4d removed completed task from README.md 2025-07-27 18:27:46 -05:00
Leyla Becker
b5cfb5ec77 moved all extensions other then spell check into their own modules 2025-07-27 18:22:08 -05:00
Leyla Becker
0fd54a5494 added more options to aiCode 2025-07-26 17:53:37 -05:00
Leyla Becker
1f0a147a42 moved more extensions into extension modules 2025-07-26 17:40:01 -05:00
Leyla Becker
e58f08b723 move nix extensions into vscode extensions folders 2025-07-26 16:19:41 -05:00
Leyla Becker
99fb7b8a62 started to move extensions into configurable options 2025-07-26 12:50:21 -05:00
Leyla Becker
dfcd16fdd2 updated user words 2025-07-25 21:33:18 -05:00
Leyla Becker
3131d264d3 updated flake lock 2025-07-25 20:50:53 -05:00
Leyla Becker
9b5ccf6cc9 updated aiCode extension 2025-07-24 01:12:31 -05:00
Leyla Becker
1ac0b89935 fixed cname words 2025-07-23 18:47:46 -05:00
Leyla Becker
e14d1387dc updated user-words in vscode config 2025-07-23 18:15:58 -05:00
Leyla Becker
358f039460 created custom vscode extension 2025-07-21 19:35:11 -05:00
Leyla Becker
3f3ae74fac enabled ollama on horizon 2025-07-18 21:19:18 -05:00
Leyla Becker
c8f163ed0c fixed paperless 2025-07-14 19:38:24 -05:00
Leyla Becker
3a875e0c1f drafted out paperless config 2025-07-14 11:43:45 -05:00
Leyla Becker
1e5eed80c1 installed more home assistant components 2025-07-14 10:49:04 -05:00
Leyla Becker
2fb56dc296 moved home-assistant fail2ban config to its own module 2025-07-13 19:00:16 -05:00
Leyla Becker
92839b4603 got hass app config closer to working 2025-07-13 18:30:45 -05:00
Leyla Becker
2188954b79 installed open wake word 2025-07-13 17:39:25 -05:00
Leyla Becker
2e8eba7709 installed wyoming 2025-07-13 17:22:46 -05:00
Leyla Becker
0e8a148517 started to break up home-assistant config 2025-07-13 16:10:30 -05:00
Leyla Becker
b8e21e6c61 organized README.md 2025-07-12 22:44:49 -05:00
Leyla Becker
035089be38 updated README.md 2025-07-12 19:14:32 -05:00
Leyla Becker
776bf8f744 updated readme 2025-07-12 18:25:53 -05:00
Leyla Becker
9699472b1e update readme 2025-07-12 15:36:02 -05:00
Leyla Becker
3631ba11a8 removed unused parts of configuration 2025-07-12 15:06:32 -05:00
Leyla Becker
644f9371eb added home assistant to fail2ban 2025-07-12 15:04:44 -05:00
Leyla Becker
3ce9b625d1 fixed home assistant 2025-07-12 15:00:59 -05:00
Leyla Becker
1d7e0d11f0 removed continue vscode plugin 2025-07-12 11:53:53 -05:00
Leyla Becker
c863b8c4b5 removed copilot 2025-07-11 18:08:06 -05:00
Leyla Becker
9650c7335a installed copilot for vscode 2025-07-11 18:02:05 -05:00
Leyla Becker
56ef83b4ba updated flake lock and fixed vscode extensions 2025-07-11 17:01:37 -05:00
Leyla Becker
84dfcfddbd updated flake lock 2025-07-05 00:18:00 -05:00
Leyla Becker
43ce007033 moved impermanence config for var lib private into impermanence module 2025-07-05 00:01:28 -05:00
Leyla Becker
4db136d527 updated flake lock 2025-06-30 22:37:38 -05:00
Leyla Becker
b6ce78b35c updated nix flake 2025-06-28 10:33:59 -05:00
Leyla Becker
4c0c443048 fixed hotkeys 2025-06-25 18:35:51 -05:00
Leyla Becker
b3f992f001 added more options to gnome.nix 2025-06-25 17:42:37 -05:00
Leyla Becker
f8aa299e16 fixed hotkey config 2025-06-25 17:27:18 -05:00
Leyla Becker
7c61f8617b created hotkey generator 2025-06-25 14:30:12 -05:00
Leyla Becker
4825c5ec5e made common configuration place for gnome extensions 2025-06-25 13:32:07 -05:00
jan-leila
4ded22c2f5 Merge pull request 'main' (#7) from Lithospherical/nix-config:main into main 
Reviewed-on: jan-leila/nix-config#7
 2025-06-25 02:48:37 +00:00
Lithospherical
db9d0fff09 Merge pull request 'main' (#4) from jan-leila/nix-config:main into main 
Reviewed-on: #4
 2025-06-25 02:46:33 +00:00
Eve
117b30f855 created module to add dconf changes. tried to add dash-to-panel in this module, unsure if it worked 2025-06-24 21:43:43 -05:00
Leyla Becker
5ac103230a updated flake lock 2025-06-24 10:53:51 -05:00
Leyla Becker
fb757e9d1c switched to JDK for gdx 2025-06-23 17:01:25 -05:00
Leyla Becker
b4755365ba removed unused param 2025-06-23 15:42:07 -05:00
Leyla Becker
5c4e677fe8 added gdx-liftoff package 2025-06-23 15:40:03 -05:00
Leyla Becker
b5d292f20e made horizon use models from defiant 2025-06-22 21:03:23 -05:00
Leyla Becker
b7cfcfef7d limit zfs arc to 50gb 2025-06-22 20:10:25 -05:00
Leyla Becker
025eaa935a enabled ollama on defiant 2025-06-22 18:48:59 -05:00
Leyla Becker
9daa44c873 added baobab to excluded packages 2025-06-21 06:09:58 -05:00
Leyla Becker
173b1e3050 added comments to excluded packages 2025-06-21 06:01:53 -05:00
Leyla Becker
317ca75119 fixed environment.gnome.excludePackages 2025-06-21 05:59:34 -05:00
Leyla Becker
394355b2fb Merge remote-tracking branch 'origin' 2025-06-19 10:16:28 -05:00
Leyla Becker
4aa9778a72 merged with main 2025-06-19 10:13:21 -05:00
Leyla Becker
a482a3bfce updated flake.lock 2025-06-19 10:08:42 -05:00
Leyla Becker
dbad92ac75 updated flake lock 2025-06-11 23:39:07 -05:00
Leyla Becker
52a1d97fd4 drafted out entangled worlds mod 2025-06-11 23:36:29 -05:00
Leyla Becker
0476afb471 switched ollama persistence directory 2025-06-11 20:07:39 -05:00
Leyla Becker
1e0eda06b6 switched ollama persistence directory 2025-06-11 19:52:25 -05:00
jan-leila
a2b076e2e5 Merge pull request 'main' (#3) from jan-leila/nix-config:main into main 
Reviewed-on: #3
 2025-06-08 16:51:33 +00:00
Leyla Becker
95e500593e enabled wacom on emergent 2025-06-08 11:48:18 -05:00
jan-leila
7e595d4fc0 Merge pull request 'main' (#6) from Lithospherical/nix-config:main into main 
Reviewed-on: jan-leila/nix-config#6
 2025-06-08 16:43:47 +00:00
jan-leila
703f35d52c Merge branch 'main' into main 2025-06-08 16:43:03 +00:00
Eve
616baf3baf disabled wayland in theory 2025-06-06 03:46:45 +00:00
Leyla Becker
b3918c8105 added dconf-editor to devShell 2025-06-05 14:04:52 -05:00
jan-leila
d3761aa11c Merge pull request 'pulled in eves changes' (#4) from Lithospherical/nix-config:main into main 
Reviewed-on: jan-leila/nix-config#4
 2025-06-05 04:58:20 +00:00
Eve
98a1d1da60 added piper for user eve 2025-06-05 04:53:30 +00:00
Eve
6c7b40e10e fixed eve not importing packages.nix 2025-06-05 04:40:13 +00:00
Lithospherical
198e4c4c5b Merge pull request 'main' (#2) from jan-leila/nix-config:main into main 
Reviewed-on: #2
 2025-06-05 04:13:46 +00:00
Leyla Becker
fc294686ba added steam impermanence config 2025-06-04 22:57:14 -05:00
Leyla Becker
8c4bd4291d updated paths to be based on xdg configurations 2025-06-04 21:00:04 -05:00
Leyla Becker
28ac8a4fa4 fixed home directory starts 2025-06-04 20:54:47 -05:00
Leyla Becker
ca01e667a1 added more application persistence configurations 2025-06-04 20:50:15 -05:00
Leyla Becker
033cc6bc22 removed outdated note 2025-06-04 18:43:22 -05:00
Leyla Becker
0f26b73f6a set up makemkv persistence 2025-06-04 18:37:53 -05:00
Leyla Becker
7363fc97bc updated application key file structure 2025-06-04 13:19:44 -05:00
Leyla Becker
50aca7b170 added applications key file 2025-06-04 13:14:11 -05:00
Leyla Becker
4e94731d9c added impermanence for jetbrains idea-community 2025-06-04 12:30:40 -05:00
Leyla Becker
89373ac243 set up firefox impermanence 2025-06-04 12:16:21 -05:00
Leyla Becker
8d86de4a2d drafted out firefox impermanence 2025-06-03 21:17:08 -05:00
Leyla Becker
17cb9bbaf5 set up more continue agents for horizon 2025-06-03 21:15:26 -05:00
Leyla Becker
54722eff61 set up impermanence configurations for applications 2025-06-03 21:12:51 -05:00
Leyla Becker
ef03167d23 added TODO note 2025-06-03 20:22:35 -05:00
Leyla Becker
2c011fda87 moved steam config out of nix configurations 2025-06-03 16:32:44 -05:00
Leyla Becker
9c7cc3e3a7 drafted out home manager steam configuration 2025-06-03 16:23:20 -05:00
Leyla Becker
7473ad5415 moved more packages to module 2025-06-03 11:19:34 -05:00
Leyla Becker
eca8dfcf69 removed extra packages 2025-06-02 23:15:17 -05:00
Leyla Becker
d741c25291 moved some packages under desktop + direct access 2025-06-02 22:50:35 -05:00
Leyla Becker
9fe35e74ad created program option entries for all packages that needs continual state 2025-06-02 22:47:01 -05:00
Leyla Becker
5484f9ba04 Merge remote-tracking branch 'refs/remotes/origin/main' 2025-06-02 21:15:37 -05:00
Leyla Becker
666504a63a added notes for leyla packages 2025-06-02 21:13:45 -05:00
Leyla Becker
dd53735354 refactored leyla packages into several folders 2025-06-02 21:07:09 -05:00
Leyla Becker
e6a640abfc fixed warning in nvida-drivers 2025-06-01 23:52:13 -05:00
Leyla Becker
a7b738eae3 made twilight hardware-configuration.nix match what is automatically generated 2025-06-01 22:10:29 -05:00
Leyla Becker
1a4c2b2f95 stripped down twilight configuration.nix 2025-06-01 21:06:54 -05:00
Leyla Becker
42e2ce9258 fixed warnings on defiant 2025-06-01 20:58:30 -05:00
Leyla Becker
9664eeb38d updated flakes 2025-06-01 18:19:03 -05:00
Leyla Becker
ac7c2e6de6 switched to lix 2025-06-01 18:11:27 -05:00
Leyla Becker
5e0bf9f068 re enabled ssh agent IdentityFile 2025-06-01 17:37:56 -05:00
Leyla Becker
2e41153c43 reverted nixos-anywhere devshell 2025-06-01 16:37:12 -05:00
Leyla Becker
35d6c1a634 enabled fwupd on horizon 2025-06-01 16:04:13 -05:00
Leyla Becker
2475170d0a moved user set configurations out of hardware-configuration.nix 2025-06-01 15:28:06 -05:00
Leyla Becker
ba2a31a80e removed unused variable 2025-06-01 15:16:27 -05:00
Leyla Becker
6ce718ab09 moved emergent to common disko configuration 2025-06-01 15:07:13 -05:00
Leyla Becker
795b9b010f made zfs mode settable 2025-06-01 15:04:37 -05:00
Leyla Becker
99ea355472 made boot disko partition configurable 2025-06-01 14:59:24 -05:00
Leyla Becker
a68f81cf3b moved disko needed configuration to disko.nix 2025-06-01 14:41:55 -05:00
Leyla Becker
7979b4ed17 installed prostudiomasters for leyla only 2025-06-01 14:29:39 -05:00
Leyla Becker
b1e7be48b3 moved packages to common-modules 2025-06-01 14:27:50 -05:00
Leyla Becker
36382ebfe0 switched to using nixos-anywhere flake in dev shell 2025-06-01 14:19:31 -05:00
jan-leila
254edf2d4a Merge pull request 'main' (#3) from Lithospherical/nix-config:main into main 
Reviewed-on: jan-leila/nix-config#3
 2025-06-01 18:40:54 +00:00
Eve
54d03b280c increase size of boot partiton for emergent 2025-06-01 13:36:50 -05:00
Eve
93793f2f1c set nvidia drivers to open 2025-06-01 13:36:44 -05:00
Lithospherical
51b7a18449 Merge pull request 'main' (#1) from jan-leila/nix-config:main into main 
Reviewed-on: #1
 2025-06-01 18:15:14 +00:00
Leyla Becker
21eff1d083 moved Eve configurations into their own package 2025-06-01 13:07:56 -05:00
Leyla Becker
2820252c54 made leyla configs optional 2025-06-01 13:00:34 -05:00
jan-leila
4f195245ce Merge pull request 'main' (#2) from Lithospherical/nix-config:main into main 
Reviewed-on: jan-leila/nix-config#2
 2025-06-01 17:52:54 +00:00
Eve
7acf6a1c13 added nvidia-drivers as a seperate file and imported to config file 2025-06-01 12:22:42 -05:00
Eve
c54210411d added steam + dependencies 2025-06-01 11:59:56 -05:00
Eve
327a5ce55f added vscodium 2025-06-01 16:31:08 +00:00
Eve Halfmann
5d055c6a88 updated git username 2025-06-01 16:20:33 +00:00
jan-leila
1225e41d8b Merge pull request 'eve' (#1) from eve into main 
Reviewed-on: jan-leila/nix-config#1
 2025-06-01 00:47:02 +00:00
142 changed files with 4409 additions and 1874 deletions
Download patch file Download diff file Expand all files Collapse all files

4
.sops.yaml
View file

@ -13,3 +13,7 @@ creation_rules:
key_groups:
- age:
- *leyla
- path_regex: secrets/application-keys.yaml$
key_groups:
- age:
- *leyla

28
README.md
View file

@ -41,30 +41,30 @@ nix multi user, multi system, configuration with `sops` secret management, `home
## Research topics
- Look into this for auto rotating sops keys `https://technotim.live/posts/rotate-sops-encryption-keys/`
- Look into this for flake templates https://nix.dev/manual/nix/2.22/command-ref/new-cli/nix3-flake-init
- Look into this for npins https://jade.fyi/blog/pinning-nixos-with-npins/
- https://nixos-and-flakes.thiscute.world/
- nix config mcp https://github.com/utensils/mcp-nixos
# Tasks:
## Tech Debt
- monitor configuration in `~/.config/monitors.xml` should be sym linked to `/run/gdm/.config/monitors.xml` (https://www.reddit.com/r/NixOS/comments/u09cz9/home_manager_create_my_own_symlinks_automatically/)
- syncthing folder passwords
- nfs export should be backed by the same values for server and client
## New Features
- offline access for nfs mounts (overlay with rsync might be a good option here? https://www.spinics.net/lists/linux-unionfs/msg07105.html note about nfs4 and overlay fs)
- samba mounts
- crab-hole
- figure out why syncthing and jellyfins permissions don't propagate downwards
- figure out steam vr things?
- Open GL?
- rotate sops encryption keys periodically (and somehow sync between devices?)
- auto turn off on power loss - nut
- zfs email after scrubbing # TODO: test this
- wake on LAN for updates
- ISO target that contains authorized keys for nixos-anywhere https://github.com/diegofariasm/yggdrasil/blob/4acc43ebc7bcbf2e41376d14268e382007e94d78/hosts/bootstrap/default.nix
- SMART test with email results
- samba mounts
- offline access for nfs mounts (overlay with rsync might be a good option here? https://www.spinics.net/lists/linux-unionfs/msg07105.html note about nfs4 and overlay fs)
- Create Tor guard/relay server
- migrate away from flakes and move to npins
- whisper
- zfs encryption FIDO2 2fa (look into shavee)
- Secure Boot - https://github.com/nix-community/lanzaboote
- SMART test with email results
- Create Tor guard/relay server
- rotate sops encryption keys periodically (and somehow sync between devices?)
- wake on LAN for updates
- remote distributed builds - https://nix.dev/tutorials/nixos/distributed-builds-setup.html
- migrate away from flakes and move to npins
- fix nfs
- fix home assistant
- create adguard server
- ISO target that contains authorized keys for nixos-anywhere https://github.com/diegofariasm/yggdrasil/blob/4acc43ebc7bcbf2e41376d14268e382007e94d78/hosts/bootstrap/default.nix

47
configurations/home-manager/eve/default.nix
View file

@ -1,15 +1,10 @@
{
pkgs,
lib,
config,
osConfig,
...
}: let
{osConfig, ...}: let
userConfig = osConfig.host.users.eve;
in {
nixpkgs.config = {
allowUnfree = true;
};
imports = [
./packages.nix
./gnomeconf.nix
];
home = {
username = userConfig.name;
@ -57,37 +52,5 @@ in {
sessionVariables = {
# EDITOR = "emacs";
};
packages = lib.lists.optionals userConfig.isDesktopUser (
with pkgs; [
firefox
bitwarden
discord
makemkv
signal-desktop-bin
ungoogled-chromium
]
);
};
programs = {
# Let Home Manager install and manage itself.
home-manager.enable = true;
git = {
enable = true;
userName = "Eve Halfmann";
userEmail = "evesnrobins@gmail.com";
extraConfig.init.defaultBranch = "main";
};
openssh = {
hostKeys = [
{
type = "ed25519";
path = "${config.home.username}_${osConfig.networking.hostName}_ed25519";
}
];
};
};
}

12
configurations/home-manager/eve/gnomeconf.nix Normal file
View file

@ -0,0 +1,12 @@
{pkgs, ...}: {
config = {
dconf = {
enable = true;
settings = {
"org/gnome/shell".enabled-extensions = [
pkgs.gnomeExtensions.dash-to-panel.extensionUuid
];
};
};
};
}

67
configurations/home-manager/eve/packages.nix Normal file
View file

@ -0,0 +1,67 @@
{
lib,
pkgs,
config,
osConfig,
...
}: let
userConfig = osConfig.host.users.eve;
hardware = osConfig.host.hardware;
in {
config = {
nixpkgs.config = {
allowUnfree = true;
};
# Packages that can be installed without any extra configuration
# See https://search.nixos.org/packages for all options
home.packages = lib.lists.optionals userConfig.isDesktopUser (
with pkgs; [
gnomeExtensions.dash-to-panel
]
);
# Packages that need to be installed with some extra configuration
# See https://home-manager-options.extranix.com/ for all options
programs = lib.mkMerge [
{
# Let Home Manager install and manage itself.
home-manager.enable = true;
}
(lib.mkIf (config.user.isDesktopUser || config.user.isTerminalUser) {
git = {
enable = true;
userName = "Eve";
userEmail = "evesnrobins@gmail.com";
extraConfig.init.defaultBranch = "main";
};
openssh = {
enable = true;
hostKeys = [
{
type = "ed25519";
path = "${config.home.username}_${osConfig.networking.hostName}_ed25519";
}
];
};
})
(lib.mkIf config.user.isDesktopUser {
vscode = {
enable = true;
package = pkgs.vscodium;
};
firefox.enable = true;
bitwarden.enable = true;
discord.enable = true;
makemkv.enable = true;
signal-desktop-bin.enable = true;
steam.enable = true;
piper.enable = hardware.piperMouse.enable;
krita.enable = true;
ungoogled-chromium.enable = true;
})
];
};
}

45
configurations/home-manager/leyla/dconf.nix
View file

@ -1,26 +1,23 @@
{pkgs, ...}: {
config = {
gnome = {
extraWindowControls = true;
colorScheme = "prefer-dark";
clockFormat = "24h";
extensions = [
pkgs.gnomeExtensions.dash-to-dock
];
hotkeys = {
"Open Terminal" = {
binding = "<Super>t";
command = "kgx";
};
};
};
dconf = {
enable = true;
settings = {
"org/gnome/desktop/interface".color-scheme = "prefer-dark";
"org/gnome/desktop/wm/preferences".button-layout = ":minimize,maximize,close";
"org/gnome/shell" = {
disable-user-extensions = false; # enables user extensions
enabled-extensions = [
# Put UUIDs of extensions that you want to enable here.
# If the extension you want to enable is packaged in nixpkgs,
# you can easily get its UUID by accessing its extensionUuid
# field (look at the following example).
pkgs.gnomeExtensions.dash-to-dock.extensionUuid
# Alternatively, you can manually pass UUID as a string.
# "dash-to-dock@micxgx.gmail.com"
];
};
"org/gnome/shell/extensions/dash-to-dock" = {
"dock-position" = "LEFT";
"intellihide-mode" = "ALL_WINDOWS";
@ -29,18 +26,6 @@
"show-mounts" = false;
};
"org/gnome/settings-daemon/plugins/media-keys" = {
custom-keybindings = [
"/org/gnome/settings-daemon/plugins/media-keys/custom-keybindings/custom0/"
];
};
"org/gnome/settings-daemon/plugins/media-keys/custom-keybindings/custom0" = {
binding = "<Super>t";
command = "kgx";
name = "Open Terminal";
};
"org/gnome/shell" = {
favorite-apps = ["org.gnome.Nautilus.desktop" "firefox.desktop" "codium.desktop" "steam.desktop" "org.gnome.Console.desktop"];
# app-picker-layout =

75
configurations/home-manager/leyla/default.nix
View file

@ -1,11 +1,12 @@
{
osConfig,
pkgs,
config,
osConfig,
...
}: {
imports = [
./packages
./i18n.nix
./packages.nix
./impermanence.nix
./dconf.nix
];
@ -39,7 +40,7 @@
# org.gradle.console=verbose
# org.gradle.daemon.idletimeout=3600000
# '';
".config/user-dirs.dirs" = {
"${config.xdg.configHome}/user-dirs.dirs" = {
force = true;
text = ''
# This file is written by xdg-user-dirs-update
@ -83,69 +84,11 @@
};
};
user = {
continue = {
enable = true;
docs = {
"Continue Docs" = {
startUrl = "https://docs.continue.dev";
};
"Nixpkgs" = {
startUrl = "https://ryantm.github.io/nixpkgs/#preface";
};
"Nix Manual" = {
startUrl = "https://nixos.org/manual/nixos/stable/";
};
"Home manager Manual" = {
startUrl = "https://nix-community.github.io/home-manager/";
};
"Nix Docs" = {
startUrl = "https://nix.dev/index.html";
};
"Linux Man Page" = {
startUrl = "https://linux.die.net/man/";
};
};
};
};
programs = {
# Let Home Manager install and manage itself.
home-manager.enable = true;
# set up git defaults
git = {
enable = true;
userName = "Leyla Becker";
userEmail = "git@jan-leila.com";
extraConfig.init.defaultBranch = "main";
};
# add direnv to auto load flakes for development
direnv = {
enable = true;
enableBashIntegration = true;
nix-direnv.enable = true;
config = {
global.hide_env_diff = true;
whitelist.exact = ["/home/leyla/documents/code/nix-config"];
};
};
bash.enable = true;
openssh = {
authorizedKeys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJHeItmt8TRW43uNcOC+eIurYC7Eunc0V3LGocQqLaYj leyla@horizon"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIILimFIW2exEH/Xo7LtXkqgE04qusvnPNpPWSCeNrFkP leyla@defiant"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKBiZkg1c2aaNHiieBX4cEziqvJVj9pcDfzUrKU/mO0I leyla@twilight"
# TODO: move this into a fonts module
home.packages = with pkgs; [
aileron
nerd-fonts.open-dyslexic
];
hostKeys = [
{
type = "ed25519";
path = "${config.home.username}_${osConfig.networking.hostName}_ed25519";
}
];
};
};
fonts.fontconfig.enable = true;
};
}

342
configurations/home-manager/leyla/firefox.nix
View file

@ -1,342 +0,0 @@
{
lib,
pkgs,
inputs,
...
}: {
programs.firefox = {
enable = true;
profiles.leyla = {
settings = {
"browser.search.defaultenginename" = "Searx";
"browser.search.order.1" = "Searx";
};
search = {
force = true;
default = "Searx";
engines = {
"Nix Packages" = {
urls = [
{
template = "https://search.nixos.org/packages";
params = [
{
name = "type";
value = "packages";
}
{
name = "query";
value = "{searchTerms}";
}
];
}
];
icon = "''${pkgs.nixos-icons}/share/icons/hicolor/scalable/apps/nix-snowflake.svg";
definedAliases = ["@np"];
};
"NixOS Wiki" = {
urls = [{template = "https://nixos.wiki/index.php?search={searchTerms}";}];
icon = "https://nixos.wiki/favicon.png";
updateInterval = 24 * 60 * 60 * 1000; # every day
definedAliases = ["@nw"];
};
"Searx" = {
urls = [{template = "https://search.jan-leila.com/?q={searchTerms}";}];
icon = "https://nixos.wiki/favicon.png";
updateInterval = 24 * 60 * 60 * 1000; # every day
definedAliases = ["@searx"];
};
};
};
extensions.packages = with inputs.firefox-addons.packages.${pkgs.system}; [
bitwarden
terms-of-service-didnt-read
multi-account-containers
shinigami-eyes
ublock-origin
sponsorblock
dearrow
df-youtube
return-youtube-dislikes
privacy-badger
decentraleyes
clearurls
localcdn
snowflake
deutsch-de-language-pack
dictionary-german
# (
# buildFirefoxXpiAddon rec {
# pname = "italiano-it-language-pack";
# version = "132.0.20241110.231641";
# addonId = "langpack-it@firefox.mozilla.org";
# url = "https://addons.mozilla.org/firefox/downloads/file/4392453/italiano_it_language_pack-${version}.xpi";
# sha256 = "";
# meta = with lib;
# {
# description = "Firefox Language Pack for Italiano (it) Italian";
# license = licenses.mpl20;
# mozPermissions = [];
# platforms = platforms.all;
# };
# }
# )
# (
# buildFirefoxXpiAddon rec {
# pname = "dizionario-italiano";
# version = "5.1";
# addonId = "it-IT@dictionaries.addons.mozilla.org";
# url = "https://addons.mozilla.org/firefox/downloads/file/1163874/dizionario_italiano-${version}.xpi";
# sha256 = "";
# meta = with lib;
# {
# description = "Add support for Italian to spellchecking";
# license = licenses.gpl3;
# mozPermissions = [];
# platforms = platforms.all;
# };
# }
# )
];
settings = {
# Disable irritating first-run stuff
"browser.disableResetPrompt" = true;
"browser.download.panel.shown" = true;
"browser.feeds.showFirstRunUI" = false;
"browser.messaging-system.whatsNewPanel.enabled" = false;
"browser.rights.3.shown" = true;
"browser.shell.checkDefaultBrowser" = false;
"browser.shell.defaultBrowserCheckCount" = 1;
"browser.startup.homepage_override.mstone" = "ignore";
"browser.uitour.enabled" = false;
"startup.homepage_override_url" = "";
"trailhead.firstrun.didSeeAboutWelcome" = true;
"browser.bookmarks.restore_default_bookmarks" = false;
"browser.bookmarks.addedImportButton" = true;
"browser.newtabpage.activity-stream.feeds.section.topstories" = false;
# Usage Experience
"browser.startup.homepage" = "about:home";
"browser.download.useDownloadDir" = false;
"browser.uiCustomization.state" = builtins.toJSON {
"currentVersion" = 20;
"newElementCount" = 6;
"dirtyAreaCache" = [
"nav-bar"
"PersonalToolbar"
"toolbar-menubar"
"TabsToolbar"
"unified-extensions-area"
"vertical-tabs"
];
"placements" = {
"widget-overflow-fixed-list" = [];
"unified-extensions-area" = [
"privacy_privacy_com-browser-action"
# bitwarden
"_446900e4-71c2-419f-a6a7-df9c091e268b_-browser-action"
"ublock0_raymondhill_net-browser-action"
"sponsorblocker_ajay_app-browser-action"
"dearrow_ajay_app-browser-action"
"jid1-mnnxcxisbpnsxq_jetpack-browser-action"
"_testpilot-containers-browser-action"
"addon_simplelogin-browser-action"
"_74145f27-f039-47ce-a470-a662b129930a_-browser-action"
"jid1-bofifl9vbdl2zq_jetpack-browser-action"
"dfyoutube_example_com-browser-action"
"_b86e4813-687a-43e6-ab65-0bde4ab75758_-browser-action"
"_762f9885-5a13-4abd-9c77-433dcd38b8fd_-browser-action"
"_b11bea1f-a888-4332-8d8a-cec2be7d24b9_-browse-action"
"jid0-3guet1r69sqnsrca5p8kx9ezc3u_jetpack-browser-action"
];
"nav-bar" = [
"back-button"
"forward-button"
"stop-reload-button"
"urlbar-container"
"downloads-button"
"unified-extensions-button"
"reset-pbm-toolbar-button"
];
"toolbar-menubar" = [
"menubar-items"
];
"TabsToolbar" = [
"firefox-view-button"
"tabbrowser-tabs"
"new-tab-button"
"alltabs-button"
];
"vertical-tabs" = [];
"PersonalToolbar" = [
"import-button"
"personal-bookmarks"
];
};
"seen" = [
"save-to-pocket-button"
"developer-button"
"privacy_privacy_com-browser-action"
"sponsorblocker_ajay_app-browser-action"
"ublock0_raymondhill_net-browser-action"
"addon_simplelogin-browser-action"
"dearrow_ajay_app-browser-action"
"_446900e4-71c2-419f-a6a7-df9c091e268b_-browser-action"
"_74145f27-f039-47ce-a470-a662b129930a_-browser-action"
"jid1-bofifl9vbdl2zq_jetpack-browser-action"
"dfyoutube_example_com-browser-action"
"_testpilot-containers-browser-action"
"_b86e4813-687a-43e6-ab65-0bde4ab75758_-browser-action"
"jid1-mnnxcxisbpnsxq_jetpack-browser-action"
"_762f9885-5a13-4abd-9c77-433dcd38b8fd_-browser-action"
"_b11bea1f-a888-4332-8d8a-cec2be7d24b9_-browser-action"
"jid0-3guet1r69sqnsrca5p8kx9ezc3u_jetpack-browser-action"
];
};
"browser.newtabpage.activity-stream.feeds.topsites" = false;
"browser.newtabpage.activity-stream.showSponsoredTopSites" = false;
"browser.newtabpage.activity-stream.improvesearch.topSiteSearchShortcuts" = false;
"browser.newtabpage.blocked" = lib.genAttrs [
# Facebook
"4gPpjkxgZzXPVtuEoAL9Ig=="
# Reddit
"gLv0ja2RYVgxKdp0I5qwvA=="
# Amazon
"K00ILysCaEq8+bEqV/3nuw=="
# Twitter
"T9nJot5PurhJSy8n038xGA=="
] (_: 1);
"identity.fxaccounts.enabled" = false;
# Security
"privacy.trackingprotection.enabled" = true;
"dom.security.https_only_mode" = true;
"extensions.formautofill.addresses.enabled" = false;
"extensions.formautofill.creditCards.enabled" = false;
"signon.rememberSignons" = false;
"privacy.sanitize.sanitizeOnShutdown" = true;
"privacy.clearOnShutdown_v2.cache" = true;
"privacy.clearOnShutdown_v2.cookiesAndStorage" = true;
"privacy.clearOnShutdown_v2.historyFormDataAndDownloads" = true;
"urlclassifier.trackingSkipURLs" = "";
"urlclassifier.features.socialtracking.skipURLs" = "";
"dom.security.https_only_mode_pbm" = true;
"dom.security.https_only_mode_error_page_user_suggestions" = true;
# Disable telemetry
"app.shield.optoutstudies.enabled" = false;
"browser.discovery.enabled" = false;
"browser.newtabpage.activity-stream.feeds.telemetry" = false;
"browser.newtabpage.activity-stream.telemetry" = false;
"browser.ping-centre.telemetry" = false;
"datareporting.healthreport.service.enabled" = false;
"datareporting.healthreport.uploadEnabled" = false;
"datareporting.policy.dataSubmissionEnabled" = false;
"datareporting.sessions.current.clean" = true;
"devtools.onboarding.telemetry.logged" = false;
"toolkit.telemetry.archive.enabled" = false;
"toolkit.telemetry.bhrPing.enabled" = false;
"toolkit.telemetry.enabled" = false;
"toolkit.telemetry.firstShutdownPing.enabled" = false;
"toolkit.telemetry.hybridContent.enabled" = false;
"toolkit.telemetry.newProfilePing.enabled" = false;
"toolkit.telemetry.prompted" = 2;
"toolkit.telemetry.rejected" = true;
"toolkit.telemetry.reportingpolicy.firstRun" = false;
"toolkit.telemetry.server" = "";
"toolkit.telemetry.shutdownPingSender.enabled" = false;
"toolkit.telemetry.unified" = false;
"toolkit.telemetry.unifiedIsOptIn" = false;
"toolkit.telemetry.updatePing.enabled" = false;
};
bookmarks = {
force = true;
settings = [
{
name = "Media";
url = "https://media.jan-leila.com/";
keyword = "";
tags = [""];
}
{
name = "Photos";
url = "https://photos.jan-leila.com";
keyword = "";
tags = [""];
}
{
name = "Git";
url = "https://git.jan-leila.com/";
keyword = "";
tags = [""];
}
{
name = "Home Automation";
url = "https://home.jan-leila.com/";
keyword = "";
tags = [""];
}
{
name = "Mail";
url = "https://mail.protonmail.com";
keyword = "";
tags = [""];
}
{
name = "Open Street Map";
url = "https://www.openstreetmap.org/";
keyword = "";
tags = [""];
}
{
name = "Password Manager";
url = "https://vault.bitwarden.com/";
keyword = "";
tags = [""];
}
{
name = "Mastodon";
url = "https://mspsocial.net";
keyword = "";
tags = [""];
}
{
name = "Linked In";
url = "https://www.linkedin.com/";
keyword = "";
tags = [""];
}
{
name = "Job Search";
url = "https://www.jobsinnetwork.com/?state=cleaned_history&language%5B%5D=en&query=react&locations.countryCode%5B%5D=IT&locations.countryCode%5B%5D=DE&locations.countryCode%5B%5D=NL&experience%5B%5D=medior&experience%5B%5D=junior&page=1";
keyword = "";
tags = [""];
}
{
name = "React Docs";
url = "https://react.dev/";
keyword = "";
tags = [""];
}
# Template
# {
# name = "";
# url = "";
# keyword = "";
# tags = [""];
# }
];
};
};
};
}

7
configurations/home-manager/leyla/impermanence.nix
View file

@ -1,5 +1,6 @@
{
lib,
config,
osConfig,
...
}: {
@ -9,14 +10,10 @@
"desktop"
"downloads"
"documents"
{
directory = ".local/share/Steam";
method = "symlink";
}
];
files = [
".bash_history" # keep shell history around
".local/share/recently-used.xbel" # gnome recently viewed files
"${config.xdg.dataHome}/recently-used.xbel" # gnome recently viewed files
];
allowOther = true;
};

95
configurations/home-manager/leyla/packages.nix
View file

@ -1,95 +0,0 @@
{
lib,
osConfig,
pkgs,
...
}: let
userConfig = osConfig.host.users.leyla;
hardware = osConfig.host.hardware;
in {
imports = [
./vscode/default.nix
./firefox.nix
];
nixpkgs.config = {
allowUnfree = true;
};
home = {
packages =
lib.lists.optionals userConfig.isTerminalUser (
with pkgs; [
# command line tools
sox
yt-dlp
ffmpeg
imagemagick
]
)
++ (
lib.lists.optionals userConfig.isDesktopUser (
(with pkgs; [
# helvetica font
aileron
gnomeExtensions.dash-to-dock
# development tools
dbeaver-bin
bruno
proxmark3
])
++ (
lib.lists.optionals hardware.directAccess.enable (with pkgs; [
#foss platforms
signal-desktop-bin
bitwarden
ungoogled-chromium
libreoffice
inkscape
gimp
krita
freecad
# cura
# kicad-small
makemkv
onionshare
# rhythmbox
(lib.mkIf hardware.graphicsAcceleration.enable obs-studio)
# wireshark
# rpi-imager
# fritzing
mfoc
tor-browser
anki
pdfarranger
calibre
qbittorrent
picard
# proprietary platforms
discord
obsidian
(lib.mkIf hardware.graphicsAcceleration.enable davinci-resolve)
# development tools
# androidStudioPackages.canary
jetbrains.idea-community
qFlipper
# system tools
protonvpn-gui
openvpn
noisetorch
# hardware management tools
(lib.mkIf hardware.piperMouse.enable piper)
(lib.mkIf hardware.openRGB.enable openrgb)
(lib.mkIf hardware.viaKeyboard.enable via)
])
)
)
);
};
}

91
configurations/home-manager/leyla/packages/default.nix Normal file
View file

@ -0,0 +1,91 @@
{
lib,
pkgs,
config,
osConfig,
...
}: let
hardware = osConfig.host.hardware;
in {
imports = [
./vscode
./firefox.nix
./direnv.nix
./openssh.nix
./git.nix
./makemkv.nix
];
config = lib.mkMerge [
{
programs = lib.mkMerge [
{
# Let Home Manager install and manage itself.
home-manager.enable = true;
}
(lib.mkIf (config.user.isTerminalUser || config.user.isDesktopUser) {
bash.enable = true;
git.enable = true;
openssh.enable = true;
})
(lib.mkIf config.user.isDesktopUser {
bitwarden.enable = true;
obs-studio.enable = hardware.graphicsAcceleration.enable;
qbittorrent.enable = true;
prostudiomasters.enable = true;
protonvpn-gui.enable = true;
dbeaver-bin.enable = true;
bruno.enable = true;
piper.enable = hardware.piperMouse.enable;
proxmark3.enable = true;
openrgb.enable = hardware.openRGB.enable;
via.enable = hardware.viaKeyboard.enable;
claude-code.enable = osConfig.host.ai.enable;
davinci-resolve.enable = hardware.graphicsAcceleration.enable;
mfoc.enable = true;
})
(lib.mkIf (hardware.directAccess.enable && config.user.isDesktopUser) {
anki.enable = true;
makemkv.enable = true;
discord.enable = true;
signal-desktop-bin.enable = true;
calibre.enable = true;
obsidian.enable = true;
jetbrains.idea-community.enable = true;
vscode.enable = true;
firefox.enable = true;
steam.enable = true;
krita.enable = true;
ungoogled-chromium.enable = true;
libreoffice.enable = true;
mapillary-uploader.enable = true;
inkscape.enable = true;
gimp.enable = true;
freecad.enable = true;
onionshare.enable = true;
pdfarranger.enable = true;
picard.enable = true;
qflipper.enable = true;
openvpn.enable = true;
noisetorch.enable = true;
tor-browser.enable = true;
gdx-liftoff.enable = true;
})
];
}
(lib.mkIf config.user.isTerminalUser {
home.packages = with pkgs; [
# command line tools
sox
yt-dlp
ffmpeg
imagemagick
];
})
(lib.mkIf config.user.isDesktopUser {
nixpkgs.config = {
allowUnfree = true;
};
})
];
}

22
configurations/home-manager/leyla/packages/direnv.nix Normal file
View file

@ -0,0 +1,22 @@
{
lib,
config,
osConfig,
...
}: let
userConfig = osConfig.host.users.leyla;
in {
config = lib.mkIf userConfig.isDesktopUser {
programs = {
direnv = {
enable = true;
enableBashIntegration = true;
nix-direnv.enable = true;
config = {
global.hide_env_diff = true;
whitelist.exact = ["${config.home.homeDirectory}/documents/code/nix-config"];
};
};
};
};
}

344
configurations/home-manager/leyla/packages/firefox.nix Normal file
View file

@ -0,0 +1,344 @@
{
lib,
pkgs,
inputs,
...
}: {
config = {
programs.firefox = {
profiles.leyla = {
settings = {
"browser.search.defaultenginename" = "Searx";
"browser.search.order.1" = "Searx";
};
search = {
force = true;
default = "Searx";
engines = {
"Nix Packages" = {
urls = [
{
template = "https://search.nixos.org/packages";
params = [
{
name = "type";
value = "packages";
}
{
name = "query";
value = "{searchTerms}";
}
];
}
];
icon = "''${pkgs.nixos-icons}/share/icons/hicolor/scalable/apps/nix-snowflake.svg";
definedAliases = ["@np"];
};
"NixOS Wiki" = {
urls = [{template = "https://nixos.wiki/index.php?search={searchTerms}";}];
icon = "https://nixos.wiki/favicon.png";
updateInterval = 24 * 60 * 60 * 1000; # every day
definedAliases = ["@nw"];
};
"Searx" = {
urls = [{template = "https://search.jan-leila.com/?q={searchTerms}";}];
icon = "https://nixos.wiki/favicon.png";
updateInterval = 24 * 60 * 60 * 1000; # every day
definedAliases = ["@searx"];
};
};
};
extensions.packages = with inputs.firefox-addons.packages.${pkgs.system}; [
bitwarden
terms-of-service-didnt-read
multi-account-containers
shinigami-eyes
ublock-origin
sponsorblock
dearrow
df-youtube
return-youtube-dislikes
privacy-badger
decentraleyes
clearurls
localcdn
snowflake
deutsch-de-language-pack
dictionary-german
tab-session-manager
# (
# buildFirefoxXpiAddon rec {
# pname = "italiano-it-language-pack";
# version = "132.0.20241110.231641";
# addonId = "langpack-it@firefox.mozilla.org";
# url = "https://addons.mozilla.org/firefox/downloads/file/4392453/italiano_it_language_pack-${version}.xpi";
# sha256 = "";
# meta = with lib;
# {
# description = "Firefox Language Pack for Italiano (it) Italian";
# license = licenses.mpl20;
# mozPermissions = [];
# platforms = platforms.all;
# };
# }
# )
# (
# buildFirefoxXpiAddon rec {
# pname = "dizionario-italiano";
# version = "5.1";
# addonId = "it-IT@dictionaries.addons.mozilla.org";
# url = "https://addons.mozilla.org/firefox/downloads/file/1163874/dizionario_italiano-${version}.xpi";
# sha256 = "";
# meta = with lib;
# {
# description = "Add support for Italian to spellchecking";
# license = licenses.gpl3;
# mozPermissions = [];
# platforms = platforms.all;
# };
# }
# )
];
settings = {
# Disable irritating first-run stuff
"browser.disableResetPrompt" = true;
"browser.download.panel.shown" = true;
"browser.feeds.showFirstRunUI" = false;
"browser.messaging-system.whatsNewPanel.enabled" = false;
"browser.rights.3.shown" = true;
"browser.shell.checkDefaultBrowser" = false;
"browser.shell.defaultBrowserCheckCount" = 1;
"browser.startup.homepage_override.mstone" = "ignore";
"browser.uitour.enabled" = false;
"startup.homepage_override_url" = "";
"trailhead.firstrun.didSeeAboutWelcome" = true;
"browser.bookmarks.restore_default_bookmarks" = false;
"browser.bookmarks.addedImportButton" = true;
"browser.newtabpage.activity-stream.feeds.section.topstories" = false;
# Usage Experience
"browser.startup.homepage" = "about:home";
"browser.download.useDownloadDir" = false;
"browser.uiCustomization.state" = builtins.toJSON {
"currentVersion" = 20;
"newElementCount" = 6;
"dirtyAreaCache" = [
"nav-bar"
"PersonalToolbar"
"toolbar-menubar"
"TabsToolbar"
"unified-extensions-area"
"vertical-tabs"
];
"placements" = {
"widget-overflow-fixed-list" = [];
"unified-extensions-area" = [
# bitwarden
"_446900e4-71c2-419f-a6a7-df9c091e268b_-browser-action"
"ublock0_raymondhill_net-browser-action"
"sponsorblocker_ajay_app-browser-action"
"dearrow_ajay_app-browser-action"
"jid1-mnnxcxisbpnsxq_jetpack-browser-action"
"_testpilot-containers-browser-action"
"addon_simplelogin-browser-action"
"_74145f27-f039-47ce-a470-a662b129930a_-browser-action"
"jid1-bofifl9vbdl2zq_jetpack-browser-action"
"dfyoutube_example_com-browser-action"
"_b86e4813-687a-43e6-ab65-0bde4ab75758_-browser-action"
"_762f9885-5a13-4abd-9c77-433dcd38b8fd_-browser-action"
"_b11bea1f-a888-4332-8d8a-cec2be7d24b9_-browse-action"
"jid0-3guet1r69sqnsrca5p8kx9ezc3u_jetpack-browser-action"
];
"nav-bar" = [
"back-button"
"forward-button"
"stop-reload-button"
"urlbar-container"
"downloads-button"
"unified-extensions-button"
"reset-pbm-toolbar-button"
];
"toolbar-menubar" = [
"menubar-items"
];
"TabsToolbar" = [
"firefox-view-button"
"tabbrowser-tabs"
"new-tab-button"
"alltabs-button"
];
"vertical-tabs" = [];
"PersonalToolbar" = [
"import-button"
"personal-bookmarks"
];
};
"seen" = [
"save-to-pocket-button"
"developer-button"
"privacy_privacy_com-browser-action"
"sponsorblocker_ajay_app-browser-action"
"ublock0_raymondhill_net-browser-action"
"addon_simplelogin-browser-action"
"dearrow_ajay_app-browser-action"
"_446900e4-71c2-419f-a6a7-df9c091e268b_-browser-action"
"_74145f27-f039-47ce-a470-a662b129930a_-browser-action"
"jid1-bofifl9vbdl2zq_jetpack-browser-action"
"dfyoutube_example_com-browser-action"
"_testpilot-containers-browser-action"
"_b86e4813-687a-43e6-ab65-0bde4ab75758_-browser-action"
"jid1-mnnxcxisbpnsxq_jetpack-browser-action"
"_762f9885-5a13-4abd-9c77-433dcd38b8fd_-browser-action"
"_b11bea1f-a888-4332-8d8a-cec2be7d24b9_-browser-action"
"jid0-3guet1r69sqnsrca5p8kx9ezc3u_jetpack-browser-action"
];
};
"browser.newtabpage.activity-stream.feeds.topsites" = false;
"browser.newtabpage.activity-stream.showSponsoredTopSites" = false;
"browser.newtabpage.activity-stream.improvesearch.topSiteSearchShortcuts" = false;
"browser.newtabpage.blocked" = lib.genAttrs [
# Facebook
"4gPpjkxgZzXPVtuEoAL9Ig=="
# Reddit
"gLv0ja2RYVgxKdp0I5qwvA=="
# Amazon
"K00ILysCaEq8+bEqV/3nuw=="
# Twitter
"T9nJot5PurhJSy8n038xGA=="
] (_: 1);
"identity.fxaccounts.enabled" = false;
# Security
"privacy.trackingprotection.enabled" = true;
"dom.security.https_only_mode" = true;
"extensions.formautofill.addresses.enabled" = false;
"extensions.formautofill.creditCards.enabled" = false;
"signon.rememberSignons" = false;
"privacy.sanitize.sanitizeOnShutdown" = true;
"privacy.clearOnShutdown_v2.cache" = true;
"privacy.clearOnShutdown_v2.cookiesAndStorage" = true;
"privacy.clearOnShutdown_v2.historyFormDataAndDownloads" = true;
"urlclassifier.trackingSkipURLs" = "";
"urlclassifier.features.socialtracking.skipURLs" = "";
"dom.security.https_only_mode_pbm" = true;
"dom.security.https_only_mode_error_page_user_suggestions" = true;
# Disable telemetry
"app.shield.optoutstudies.enabled" = false;
"browser.discovery.enabled" = false;
"browser.newtabpage.activity-stream.feeds.telemetry" = false;
"browser.newtabpage.activity-stream.telemetry" = false;
"browser.ping-centre.telemetry" = false;
"datareporting.healthreport.service.enabled" = false;
"datareporting.healthreport.uploadEnabled" = false;
"datareporting.policy.dataSubmissionEnabled" = false;
"datareporting.sessions.current.clean" = true;
"devtools.onboarding.telemetry.logged" = false;
"toolkit.telemetry.archive.enabled" = false;
"toolkit.telemetry.bhrPing.enabled" = false;
"toolkit.telemetry.enabled" = false;
"toolkit.telemetry.firstShutdownPing.enabled" = false;
"toolkit.telemetry.hybridContent.enabled" = false;
"toolkit.telemetry.newProfilePing.enabled" = false;
"toolkit.telemetry.prompted" = 2;
"toolkit.telemetry.rejected" = true;
"toolkit.telemetry.reportingpolicy.firstRun" = false;
"toolkit.telemetry.server" = "";
"toolkit.telemetry.shutdownPingSender.enabled" = false;
"toolkit.telemetry.unified" = false;
"toolkit.telemetry.unifiedIsOptIn" = false;
"toolkit.telemetry.updatePing.enabled" = false;
};
bookmarks = {
force = true;
settings = [
{
name = "Media";
url = "https://media.jan-leila.com/";
keyword = "";
tags = [""];
}
{
name = "Photos";
url = "https://photos.jan-leila.com";
keyword = "";
tags = [""];
}
{
name = "Git";
url = "https://git.jan-leila.com/";
keyword = "";
tags = [""];
}
{
name = "Home Automation";
url = "https://home.jan-leila.com/";
keyword = "";
tags = [""];
}
{
name = "Mail";
url = "https://mail.protonmail.com";
keyword = "";
tags = [""];
}
{
name = "Open Street Map";
url = "https://www.openstreetmap.org/";
keyword = "";
tags = [""];
}
{
name = "Password Manager";
url = "https://vault.bitwarden.com/";
keyword = "";
tags = [""];
}
{
name = "Mastodon";
url = "https://mspsocial.net";
keyword = "";
tags = [""];
}
{
name = "Linked In";
url = "https://www.linkedin.com/";
keyword = "";
tags = [""];
}
{
name = "Job Search";
url = "https://www.jobsinnetwork.com/?state=cleaned_history&language%5B%5D=en&query=react&locations.countryCode%5B%5D=IT&locations.countryCode%5B%5D=DE&locations.countryCode%5B%5D=NL&experience%5B%5D=medior&experience%5B%5D=junior&page=1";
keyword = "";
tags = [""];
}
{
name = "React Docs";
url = "https://react.dev/";
keyword = "";
tags = [""];
}
# Template
# {
# name = "";
# url = "";
# keyword = "";
# tags = [""];
# }
];
};
};
};
};
}

11
configurations/home-manager/leyla/packages/git.nix Normal file
View file

@ -0,0 +1,11 @@
{...}: {
config = {
programs = {
git = {
userName = "Leyla Becker";
userEmail = "git@jan-leila.com";
extraConfig.init.defaultBranch = "main";
};
};
};
}

17
configurations/home-manager/leyla/packages/makemkv.nix Normal file
View file

@ -0,0 +1,17 @@
{
config,
inputs,
...
}: {
config = {
sops.secrets = {
"application-keys/makemkv" = {
sopsFile = "${inputs.secrets}/application-keys.yaml";
};
};
programs.makemkv = {
appKeyFile = config.sops.placeholder."application-keys/makemkv";
destinationDir = "/home/leyla/downloads/makemkv";
};
};
}

23
configurations/home-manager/leyla/packages/openssh.nix Normal file
View file

@ -0,0 +1,23 @@
{
config,
osConfig,
...
}: {
config = {
programs = {
openssh = {
authorizedKeys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJHeItmt8TRW43uNcOC+eIurYC7Eunc0V3LGocQqLaYj leyla@horizon"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIILimFIW2exEH/Xo7LtXkqgE04qusvnPNpPWSCeNrFkP leyla@defiant"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKBiZkg1c2aaNHiieBX4cEziqvJVj9pcDfzUrKU/mO0I leyla@twilight"
];
hostKeys = [
{
type = "ed25519";
path = "${config.home.username}_${osConfig.networking.hostName}_ed25519";
}
];
};
};
};
}

119
configurations/home-manager/leyla/packages/vscode/default.nix Normal file
View file

@ -0,0 +1,119 @@
{
lib,
pkgs,
config,
osConfig,
...
}: let
nix-development-enabled = osConfig.host.nix-development.enable;
ai-tooling-enabled = osConfig.host.ai.enable;
in {
imports = [
./user-words.nix
];
config = lib.mkIf config.user.isDesktopUser {
programs = {
bash.shellAliases = {
code = "codium";
};
vscode = {
package = pkgs.vscodium;
mutableExtensionsDir = false;
profiles.default = {
enableUpdateCheck = false;
enableExtensionUpdateCheck = false;
userSettings = lib.mkMerge [
{
"javascript.updateImportsOnFileMove.enabled" = "always";
"editor.tabSize" = 2;
"editor.insertSpaces" = false;
}
];
extraExtensions = {
# vs code feel
oneDark.enable = true;
atomKeybindings.enable = true;
openRemoteSsh.enable = true;
# html development
autoRenameTag.enable = true;
liveServer.enable = true;
# js development
es7ReactJsSnippets.enable = true;
tauriVscode.enable = true;
vscodeEslint.enable = true;
vscodeJest.enable = true;
vitest.enable = true;
vscodeStandard.enable = true;
vscodeStylelint.enable = true;
nearley.enable = true;
# astro development
vscodeMdx.enable = true;
astroVscode.enable = true;
# nix development
alejandra.enable = nix-development-enabled;
nixIde.enable = nix-development-enabled;
# go development
go.enable = true;
# claude development
claudeDev = lib.mkIf ai-tooling-enabled {
enable = true;
mcp = {
nixos.enable = true;
eslint = {
enable = true;
autoApprove = {
lint-files = true;
};
};
vitest = {
enable = true;
autoApprove = {
list_tests = true;
run_tests = true;
analyze_coverage = true;
};
};
sleep = {
enable = true;
timeout = 18000; # 5 hours to match claude codes timeout
autoApprove = {
sleep = true;
};
};
};
};
# misc extensions
evenBetterToml.enable = true;
direnv.enable = config.programs.direnv.enable;
conventionalCommits.enable = true;
};
extensions = let
extension-pkgs = pkgs.nix-vscode-extensions.forVSCodeVersion config.programs.vscode.package.version;
in (
with extension-pkgs.open-vsx; [
# vs code feel extensions
streetsidesoftware.code-spell-checker
streetsidesoftware.code-spell-checker-german
streetsidesoftware.code-spell-checker-italian
]
);
};
};
};
};
}

126
configurations/home-manager/leyla/packages/vscode/user-words.nix Normal file
View file

@ -0,0 +1,126 @@
{
pkgs,
lib,
...
}: {
config.programs.vscode.profiles.default.userSettings = {
"cSpell.userWords" = [
"leyla"
];
"cSpell.languageSettings" = [
{
"languageId" = "nix";
"locale" = "*";
"dictionaries" = [
"applications"
"ai-words"
"nix-words"
# We need to include all other dictionaries in the nix language settings because they exist in this file
# TODO: see if there is a way to make this only apply for this file
"js-words"
];
}
{
"languageId" = "javascript,typescript,js,ts";
"locale" = "*";
"dictionaries" = [
"js-words"
];
}
];
"cSpell.customDictionaries" = {
applications = {
name = "applications";
description = "application names";
path = pkgs.writeText "applications.txt" (lib.strings.concatLines [
"ollama"
"syncthing"
"immich"
"sonos"
"makemkv"
"hass"
"qbittorent"
"prostudiomasters"
"protonmail"
"pulseaudio"
]);
};
ai-words = {
name = "ai-words";
description = "common words used for ai development";
path = pkgs.writeText "ai-words.txt" (lib.strings.concatLines [
"ollama"
"deepseek"
"qwen"
]);
};
nix-words = {
name = "nix-words";
description = "words used in nix configurations";
path = pkgs.writeText "nix-words.txt" (lib.strings.concatLines [
"pname"
"direnv"
"tmpfiles"
"Networkd"
"networkmanager"
"dialout"
"adbusers"
"authkey"
"netdevs"
"atomix"
"geary"
"gedit"
"hitori"
"iagno"
"alsa"
"timezoned"
"pipewire"
"rtkit"
"disko"
"ashift"
"autotrim"
"canmount"
"mountpoint"
"xattr"
"acltype"
"relatime"
"keyformat"
"keylocation"
"vdevs"
# codium extensions
"akamud"
"onedark"
"jeanp"
"dsznajder"
"dbaeumer"
"orta"
"tauri"
"unifiedjs"
"tamasfe"
"pinage"
"jnoortheen"
"kamadorueda"
"karyfoundation"
"nearley"
# nix.optimise is spelled wrong
"optimise"
]);
};
js-words = {
name = "js-words";
description = "words used in js development";
path = pkgs.writeText "js-words.txt" (lib.strings.concatLines [
"webdav"
]);
};
};
};
}

118
configurations/home-manager/leyla/vscode/default.nix
View file

@ -1,118 +0,0 @@
{
lib,
pkgs,
inputs,
config,
osConfig,
...
}: let
nix-development-enabled = osConfig.host.nix-development.enable;
ai-tooling-enabled = config.user.continue.enable && osConfig.host.ai.enable;
in {
nixpkgs = {
overlays = [
inputs.nix-vscode-extensions.overlays.default
];
};
programs = {
bash.shellAliases = {
code = "codium";
};
vscode = let
extensions = inputs.nix-vscode-extensions.extensions.${pkgs.system};
open-vsx = extensions.open-vsx;
vscode-marketplace = extensions.vscode-marketplace;
in {
enable = true;
package = pkgs.vscodium;
mutableExtensionsDir = false;
profiles.default = {
enableUpdateCheck = false;
enableExtensionUpdateCheck = false;
userSettings = lib.mkMerge [
{
"workbench.colorTheme" = "Atom One Dark";
"cSpell.userWords" = import ./user-words.nix;
"javascript.updateImportsOnFileMove.enabled" = "always";
"editor.tabSize" = 2;
"editor.insertSpaces" = false;
}
(lib.mkIf nix-development-enabled {
"nix.enableLanguageServer" = true;
"nix.serverPath" = "nil";
"[nix]" = {
"editor.defaultFormatter" = "kamadorueda.alejandra";
"editor.formatOnPaste" = true;
"editor.formatOnSave" = true;
"editor.formatOnType" = true;
};
"alejandra.program" = "alejandra";
"nixpkgs" = {
"expr" = "import <nixpkgs> {}";
};
})
(lib.mkIf ai-tooling-enabled {
"continue.telemetryEnabled" = false;
})
];
extensions = (
with open-vsx;
[
# vs code feel extensions
ms-vscode.atom-keybindings
akamud.vscode-theme-onedark
streetsidesoftware.code-spell-checker
streetsidesoftware.code-spell-checker-german
streetsidesoftware.code-spell-checker-italian
jeanp413.open-remote-ssh
# html extensions
formulahendry.auto-rename-tag
ms-vscode.live-server
# js extensions
dsznajder.es7-react-js-snippets
dbaeumer.vscode-eslint
standard.vscode-standard
firsttris.vscode-jest-runner
stylelint.vscode-stylelint
tauri-apps.tauri-vscode
# go extensions
golang.go
# astro blog extensions
astro-build.astro-vscode
unifiedjs.vscode-mdx
# misc extensions
tamasfe.even-better-toml
]
++ (lib.lists.optionals nix-development-enabled [
# nix extensions
pinage404.nix-extension-pack
jnoortheen.nix-ide
kamadorueda.alejandra
])
++ (
with vscode-marketplace;
[
# js extensions
karyfoundation.nearley
]
++ (lib.lists.optionals ai-tooling-enabled [
continue.continue
])
)
);
};
};
};
}

6
configurations/home-manager/leyla/vscode/user-words.nix
View file

@ -1,6 +0,0 @@
[
"leyla"
"webdav"
"ollama"
"optimise"
]

107
configurations/nixos/defiant/configuration.nix
View file

@ -17,6 +17,12 @@
"services/zfs_smtp_token" = {
sopsFile = "${inputs.secrets}/defiant-services.yaml";
};
"services/paperless_password" = {
sopsFile = "${inputs.secrets}/defiant-services.yaml";
mode = "0700";
owner = "paperless";
group = "paperless";
};
};
host = {
@ -36,10 +42,12 @@
host = "smtp.protonmail.ch";
port = 587;
to = "leyla@jan-leila.com";
user = "leyla@jan-leila.com";
user = "noreply@jan-leila.com";
tokenFile = config.sops.secrets."services/zfs_smtp_token".path;
};
pool = {
# We are having to boot off of the nvm cache drive because I cant figure out how to boot via the HBA
bootDrives = ["nvme-Samsung_SSD_990_PRO_4TB_S7KGNU0X907881F"];
vdevs = [
[
"ata-ST18000NE000-3G6101_ZVTCXVEB"
@ -107,24 +115,11 @@
};
};
};
# home-assistant = {
# enable = false;
# subdomain = "home";
# };
adguardhome = {
enable = false;
};
};
systemd.network = {
enable = true;
# config = {
# routeTables = {
# p2p = 1;
# };
# };
netdevs = {
"10-bond0" = {
netdevConfig = {
@ -137,23 +132,20 @@
};
};
# "15-p2p0" = {
# "20-wg0" = {
# netdevConfig = {
# Kind = "wireguard";
# Name = "p2p0";
# MTUBytes = "1280";
# Name = "wg0";
# };
# wireguardConfig = {
# PrivateKeyFile = config.sops.secrets."vpn-keys/proton-wireguard/defiant-p2p".path;
# ListenPort = 51820;
# # RouteTable = "p2p";
# };
# wireguardPeers = [
# {
# PublicKey = "rRO6yJim++Ezz6scCLMaizI+taDjU1pzR2nfW6qKbW0=";
# Endpoint = "185.230.126.146:51820";
# AllowedIPs = ["0.0.0.0/0"];
# RouteTable = "off";
# }
# ];
# };
@ -175,32 +167,36 @@
dns = ["192.168.1.1"];
};
# "45-p2p0" = {
# matchConfig.Name = "p2p0";
# For some reason this isn't working. It looks like traffic goes out and comes back but doesn't get correctly routed back to the wg interface on the return trip
# debugging steps:
# try sending data on the interface `ping -I wg0 8.8.8.8`
# view all traffic on the interface `sudo tshark -i wg0`
# see what applications are listening to port 14666 (thats what we currently have qbittorent set up to use) `ss -tuln | grep 14666`
# "50-wg0" = {
# matchConfig.Name = "wg0";
# networkConfig = {
# DHCP = "no";
# };
# address = [
# "10.2.0.2/32"
# ];
# routes = [
# {
# Destination = "0.0.0.0/0";
# }
# ];
# linkConfig.RequiredForOnline = false;
# # routes = [
# # {
# # Destination = "10.2.0.2/32";
# # Gateway = "10.2.0.1";
# # }
# # ];
# };
};
};
services = {
# TODO: move zfs scrubbing into module
zfs = {
autoScrub.enable = true;
autoSnapshot.enable = true;
};
# limit arc usage to 50gb because ollama doesn't play nice with zfs using up all of the memory
boot.kernelParams = ["zfs.zfs_arc_max=53687091200"];
# temp enable desktop enviroment for setup
services = {
# temp enable desktop environment for setup
# Enable the X11 windowing system.
xserver = {
enable = true;
xserver.enable = true;
# Enable the GNOME Desktop Environment.
displayManager = {
@ -209,12 +205,17 @@
desktopManager = {
gnome.enable = true;
};
};
ollama = {
enable = true;
exposePort = true;
acceleration = false;
environmentVariables = {
OLLAMA_KEEP_ALIVE = "24h";
};
loadModels = [
# conversation models
"llama3.1:8b"
@ -231,6 +232,10 @@
# agent models
"qwen3:8b"
"qwen3:32b"
"qwen3:235b-a22b"
"qwen3-coder:30b"
"qwen3-coder:30b-a3b-fp16"
# embedding models
"nomic-embed-text:latest"
@ -277,17 +282,35 @@
subdomain = "search";
};
virt-home-assistant = {
actual = {
enable = false;
networkBridge = "bond0";
hostDevice = "0x10c4:0xea60";
subdomain = "budget";
};
home-assistant = {
enable = true;
subdomain = "home";
openFirewall = true;
database = "postgres";
extensions = {
sonos.enable = true;
jellyfin.enable = true;
wyoming.enable = false; # Temporarily disabled due to dependency conflict in wyoming-piper
};
};
paperless = {
enable = true;
subdomain = "documents";
passwordFile = config.sops.secrets."services/paperless_password".path;
};
qbittorrent = {
enable = true;
mediaDir = "/srv/qbittorent";
openFirewall = true;
webPort = 8084;
webuiPort = 8084;
};
};
@ -298,7 +321,7 @@
hibernate.enable = false;
hybrid-sleep.enable = false;
};
services.xserver.displayManager.gdm.autoSuspend = false;
services.displayManager.gdm.autoSuspend = false;
# This value determines the NixOS release from which the default
# settings for stateful data, like file locations and database versions

39
configurations/nixos/emergent/configuration.nix
View file

@ -2,12 +2,12 @@
# your system. Help is available in the configuration.nix(5) man page, on
# https://search.nixos.org/options and in the NixOS manual (`nixos-help`).
{
config,
lib,
pkgs,
...
}: {
imports = [
./nvidia-drivers.nix
];
# Use the systemd-boot EFI boot loader.
@ -36,10 +36,15 @@
# Enable the X11 windowing system.
services.xserver.enable = true;
# Enable wacom touchscreen device
services.xserver.wacom.enable = true;
# installed opentabletdriver
hardware.opentabletdriver.enable = true;
# Enable the GNOME Desktop Environment.
services.xserver.displayManager.gdm.enable = true;
services.xserver.desktopManager.gnome.enable = true;
services.displayManager.gdm.enable = true;
services.desktopManager.gnome.enable = true;
host = {
users = {
@ -49,6 +54,17 @@
isPrincipleUser = true;
};
};
hardware = {
piperMouse.enable = true;
};
storage = {
enable = true;
pool = {
mode = "";
drives = ["wwn-0x5000039fd0cf05eb"];
};
};
};
# Configure keymap in X11
@ -80,12 +96,17 @@
# programs.firefox.enable = true;
# List packages installed in system profile.
# You can use https://search.nixos.org/ to find more packages (and options).
# environment.systemPackages = with pkgs; [
# vim # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default.
# wget
# ];
nixpkgs.config.allowUnfree = true;
# Packages that can be installed without any extra configuration
# See https://search.nixos.org/packages for all options
environment.systemPackages = with pkgs; [
wget
];
# Packages that need to be installed with some extra configuration
# See https://search.nixos.org/options for all options
programs = {};
# Some programs need SUID wrappers, can be configured further or are
# started in user sessions.

1
configurations/nixos/emergent/default.nix
View file

@ -3,6 +3,5 @@
imports = [
./configuration.nix
./hardware-configuration.nix
./disco-configuration.nix
];
}

57
configurations/nixos/emergent/disco-configuration.nix
View file

@ -1,57 +0,0 @@
{...}: {
disko.devices = {
disk = {
disk1 = {
type = "disk";
device = "/dev/disk/by-id/wwn-0x5000039fd0cf05eb";
content = {
type = "gpt";
partitions = {
ESP = {
size = "64M";
type = "EF00";
content = {
type = "filesystem";
format = "vfat";
mountpoint = "/boot";
mountOptions = ["umask=0077"];
};
};
zfs = {
size = "100%";
content = {
type = "zfs";
pool = "zroot";
};
};
};
};
};
};
zpool = {
zroot = {
type = "zpool";
mode = "";
options.cachefile = "none";
rootFsOptions = {
compression = "zstd";
"com.sun:auto-snapshot" = "true";
};
mountpoint = "/";
postCreateHook = "zfs list -t snapshot -H -o name | grep -E '^zroot@blank$' || zfs snapshot zroot@blank";
datasets = {
"system/nix" = {
type = "zfs_fs";
mountpoint = "/nix";
options = {
atime = "off";
relatime = "off";
canmount = "on";
};
};
};
};
};
};
}

51
configurations/nixos/emergent/nvidia-drivers.nix Normal file
View file

@ -0,0 +1,51 @@
{
config,
lib,
pkgs,
...
}: {
# Enable OpenGL
hardware.graphics = {
enable = true;
};
# Load nvidia driver for Xorg and Wayland
services = {
xserver = {
# Load nvidia driver for Xorg and Wayland
videoDrivers = ["nvidia"];
};
# Use X instead of wayland
displayManager.gdm.wayland = false;
};
hardware.nvidia = {
# Modesetting is required.
modesetting.enable = true;
# Nvidia power management. Experimental, and can cause sleep/suspend to fail.
# Enable this if you have graphical corruption issues or application crashes after waking
# up from sleep. This fixes it by saving the entire VRAM memory to /tmp/ instead
# of just the bare essentials.
powerManagement.enable = true;
# Fine-grained power management. Turns off GPU when not in use.
# Experimental and only works on modern Nvidia GPUs (Turing or newer).
powerManagement.finegrained = false;
# Use the NVidia open source kernel module (not to be confused with the
# independent third-party "nouveau" open source driver).
# Support is limited to the Turing and later architectures. Full list of
# supported GPUs is at:
# https://github.com/NVIDIA/open-gpu-kernel-modules#compatible-gpus
# Only available from driver 515.43.04+
open = true;
# Enable the Nvidia settings menu,
# accessible via `nvidia-settings`.
nvidiaSettings = true;
# Optionally, you may need to select the appropriate driver version for your specific GPU.
package = config.boot.kernelPackages.nvidiaPackages.stable;
};
}

76
configurations/nixos/horizon/configuration.nix
View file

@ -1,7 +1,8 @@
{
lib,
pkgs,
config,
inputs,
pkgs,
...
}: {
imports = [
@ -10,6 +11,19 @@
nixpkgs.config.allowUnfree = true;
boot = {
initrd = {
availableKernelModules = ["usb_storage" "sd_mod"];
};
kernelModules = ["sg"];
# Bootloader.
loader = {
systemd-boot.enable = true;
efi.canTouchEfiVariables = true;
};
};
host = {
users = {
leyla = {
@ -28,38 +42,66 @@
enable = true;
models = {
"Llama 3.1 8B" = {
model = "lamma3.1:8b";
model = "llama3.1:8b";
roles = ["chat" "edit" "apply"];
apiBase = "http://twilight:11434";
apiBase = "http://defiant:11434";
};
"Deepseek Coder:6.7B" = {
model = "deepseek-coder:6.7b";
roles = ["chat" "edit" "apply"];
apiBase = "http://defiant:11434";
};
"Deepseek Coder:33B" = {
model = "deepseek-coder:33b";
roles = ["chat" "edit" "apply"];
apiBase = "http://defiant:11434";
};
"Deepseek r1:8B" = {
model = "deepseek-r1:8b";
roles = ["chat"];
apiBase = "http://defiant:11434";
};
"Deepseek r1:32B" = {
model = "deepseek-r1:32b";
roles = ["chat"];
apiBase = "http://defiant:11434";
};
"qwen2.5-coder:1.5b-base" = {
model = "qwen2.5-coder:1.5b-base";
roles = ["autocomplete"];
apiBase = "http://twilight:11434";
apiBase = "http://defiant:11434";
};
"nomic-embed-text:latest" = {
model = "nomic-embed-text:latest";
roles = ["embed"];
apiBase = "http://twilight:11434";
apiBase = "http://defiant:11434";
};
};
};
};
environment.systemPackages = with pkgs; [
cachefilesd
webtoon-dl
prostudiomasters
];
services.cachefilesd.enable = true;
programs = {
adb.enable = true;
steam = {
enable = true;
remotePlay.openFirewall = true; # Open ports in the firewall for Steam Remote Play
dedicatedServer.openFirewall = true; # Open ports in the firewall for Source Dedicated Server
};
networking = {
networkmanager.enable = true;
hostName = "horizon"; # Define your hostname.
};
powerManagement.cpuFreqGovernor = lib.mkDefault "powersave";
hardware = {
graphics.enable = true;
};
sops.secrets = {
@ -73,6 +115,10 @@
fprintd = {
enable = true;
};
# firmware update tool
fwupd = {
enable = true;
};
tailscale = {
enable = true;
authKeyFile = config.sops.secrets."vpn-keys/tailscale-authkey/horizon".path;
@ -80,7 +126,17 @@
};
syncthing.enable = true;
ollama = {
enable = true;
loadModels = [
"llama3.1:8b"
];
};
};
# Enable network-online.target for better network dependency handling
systemd.services.NetworkManager-wait-online.enable = true;
# Enable touchpad support (enabled default in most desktopManager).
# services.xserver.libinput.enable = true;

1
configurations/nixos/horizon/default.nix
View file

@ -3,5 +3,6 @@
imports = [
./configuration.nix
./hardware-configuration.nix
# ./network-mount.nix
];
}

115
configurations/nixos/horizon/hardware-configuration.nix
View file

@ -4,7 +4,6 @@
{
config,
lib,
pkgs,
modulesPath,
...
}: {
@ -12,22 +11,10 @@
(modulesPath + "/installer/scan/not-detected.nix")
];
boot = {
initrd = {
availableKernelModules = ["xhci_pci" "thunderbolt" "nvme" "usb_storage" "sd_mod"];
kernelModules = [];
};
kernelModules = ["kvm-intel" "sg"];
extraModulePackages = [];
# Bootloader.
loader = {
systemd-boot.enable = true;
efi.canTouchEfiVariables = true;
};
supportedFilesystems = ["nfs"];
};
boot.initrd.availableKernelModules = ["xhci_pci" "thunderbolt" "nvme"];
boot.initrd.kernelModules = [];
boot.kernelModules = ["kvm-intel"];
boot.extraModulePackages = [];
fileSystems = {
"/" = {
@ -39,98 +26,20 @@
device = "/dev/disk/by-uuid/E138-65B5";
fsType = "vfat";
};
"/mnt/leyla_documents" = {
device = "defiant:/export/leyla_documents";
fsType = "nfs";
options = [
"vers=4"
"x-systemd.automount"
"noauto"
"user"
"noatime"
"nofail"
"x-systemd.idle-timeout=600"
"fsc"
"timeo=600"
"retrans=2"
];
};
"/mnt/eve_documents" = {
device = "defiant:/export/eve_documents";
fsType = "nfs";
options = [
"vers=4"
"x-systemd.automount"
"noauto"
"user"
"nofail"
"x-systemd.idle-timeout=600"
"fsc"
"timeo=600"
"retrans=2"
];
};
"/mnt/users_documents" = {
device = "defiant:/export/users_documents";
fsType = "nfs";
options = [
"vers=4"
"x-systemd.automount"
"noauto"
"user"
"nofail"
"x-systemd.idle-timeout=600"
"fsc"
"timeo=600"
"retrans=2"
];
};
"/mnt/media" = {
device = "defiant:/export/media";
fsType = "nfs";
options = [
"vers=4"
"x-systemd.automount"
"noauto"
"user"
"noatime"
"nofail"
"x-systemd.idle-timeout=600"
"noatime"
"nodiratime"
"relatime"
"fsc"
"timeo=600"
"retrans=2"
];
};
};
environment.systemPackages = with pkgs; [
cachefilesd
];
services.cachefilesd.enable = true;
swapDevices = [
{device = "/dev/disk/by-uuid/be98e952-a072-4c3a-8c12-69500b5a2fff";}
];
networking = {
networkmanager.enable = true;
useDHCP = lib.mkDefault true;
hostName = "horizon"; # Define your hostname.
};
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's
# still possible to use this option, but it's recommended to use it in conjunction
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
networking.useDHCP = lib.mkDefault true;
# networking.interfaces.tailscale0.useDHCP = lib.mkDefault true;
# networking.interfaces.wlp170s0.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
powerManagement.cpuFreqGovernor = lib.mkDefault "powersave";
hardware = {
graphics.enable = true;
cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
};
hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
}

76
configurations/nixos/horizon/network-mount.nix Normal file
View file

@ -0,0 +1,76 @@
{...}: {
boot.supportedFilesystems = ["nfs"];
fileSystems = {
"/mnt/leyla_documents" = {
device = "defiant:/exports/leyla_documents";
fsType = "nfs";
options = [
"x-systemd.automount"
"noauto"
"noatime"
"nofail"
"soft"
"intr" # Allow interruption of NFS calls
"timeo=30" # 3 second timeout (30 deciseconds)
"retrans=2" # Only 2 retries before giving up
"x-systemd.idle-timeout=300" # 5 minute idle timeout for mobile
"x-systemd.device-timeout=15" # 15 second device timeout
"bg" # Background mount - don't block boot
"fsc" # Enable caching
"_netdev" # Network device - wait for network
"x-systemd.requires=network-online.target" # Require network to be online
"x-systemd.after=network-online.target" # Start after network is online
"x-systemd.mount-timeout=30" # 30 second mount timeout
];
};
"/mnt/users_documents" = {
device = "defiant:/exports/users_documents";
fsType = "nfs";
options = [
"x-systemd.automount"
"noauto"
"nofail"
"soft"
"intr"
"timeo=30"
"retrans=2"
"x-systemd.idle-timeout=300"
"x-systemd.device-timeout=15"
"bg"
"fsc"
"_netdev"
"x-systemd.requires=network-online.target"
"x-systemd.after=network-online.target"
"x-systemd.mount-timeout=30"
];
};
"/mnt/media" = {
device = "defiant:/exports/media";
fsType = "nfs";
options = [
"x-systemd.automount"
"noauto"
"noatime"
"nofail"
"soft"
"intr"
"timeo=30"
"retrans=2"
"x-systemd.idle-timeout=300"
"x-systemd.device-timeout=15"
"bg"
# Mobile-optimized read settings
"rsize=8192" # Smaller read size for mobile
"wsize=8192" # Smaller write size for mobile
"fsc"
"_netdev"
"x-systemd.requires=network-online.target"
"x-systemd.after=network-online.target"
"x-systemd.mount-timeout=30"
];
};
};
}

26
configurations/nixos/twilight/configuration.nix
View file

@ -1,6 +1,7 @@
{
inputs,
config,
pkgs,
...
}: {
imports = [
@ -9,6 +10,14 @@
nixpkgs.config.allowUnfree = true;
boot.initrd.availableKernelModules = ["usb_storage"];
boot.kernelModules = ["sg"];
boot.loader = {
systemd-boot.enable = true;
efi.canTouchEfiVariables = true;
};
sops.secrets = {
"vpn-keys/tailscale-authkey/twilight" = {
sopsFile = "${inputs.secrets}/vpn-keys.yaml";
@ -121,13 +130,20 @@
syncthing.enable = true;
};
programs.steam = {
enable = true;
remotePlay.openFirewall = true; # Open ports in the firewall for Steam Remote Play
dedicatedServer.openFirewall = true; # Open ports in the firewall for Source Dedicated Server
};
# Enable network-online.target for better network dependency handling
systemd.services.NetworkManager-wait-online.enable = true;
environment.systemPackages = with pkgs; [
cachefilesd
];
hardware.steam-hardware.enable = true; # Provides udev rules for controller, HTC vive, and Valve Index
networking = {
networkmanager.enable = true;
hostName = "twilight"; # Define your hostname.
};
# enabled virtualisation for docker
# virtualisation.docker.enable = true;

2
configurations/nixos/twilight/default.nix
View file

@ -3,5 +3,7 @@
imports = [
./configuration.nix
./hardware-configuration.nix
./nvidia-drivers.nix
# ./network-mount.nix
];
}

128
configurations/nixos/twilight/hardware-configuration.nix
View file

@ -4,7 +4,6 @@
{
config,
lib,
pkgs,
modulesPath,
...
}: {
@ -12,30 +11,10 @@
(modulesPath + "/installer/scan/not-detected.nix")
];
boot = {
initrd = {
availableKernelModules = ["nvme" "xhci_pci" "ahci" "usb_storage" "usbhid" "sd_mod"];
kernelModules = [];
};
kernelModules = ["kvm-amd" "sg"];
extraModulePackages = [];
# Bootloader.
loader = {
systemd-boot.enable = true;
efi.canTouchEfiVariables = true;
};
supportedFilesystems = ["nfs"];
};
services.xserver = {
# Load nvidia driver for Xorg and Wayland
videoDrivers = ["nvidia"];
# Use X instead of wayland for gaming reasons
displayManager.gdm.wayland = false;
};
boot.initrd.availableKernelModules = ["nvme" "xhci_pci" "ahci" "usbhid" "sd_mod"];
boot.initrd.kernelModules = [];
boot.kernelModules = ["kvm-amd"];
boot.extraModulePackages = [];
fileSystems = {
"/" = {
@ -48,111 +27,16 @@
fsType = "vfat";
options = ["fmask=0022" "dmask=0022"];
};
"/mnt/leyla_documents" = {
device = "defiant:/exports/leyla_documents";
fsType = "nfs";
options = [
"x-systemd.automount"
"noauto"
"user"
"noatime"
"nofail"
"soft"
"x-systemd.idle-timeout=600"
"fsc"
];
};
"/mnt/users_documents" = {
device = "defiant:/exports/users_documents";
fsType = "nfs";
options = [
"x-systemd.automount"
"noauto"
"user"
"nofail"
"soft"
"x-systemd.idle-timeout=600"
"fsc"
];
};
"/mnt/media" = {
device = "defiant:/exports/media";
fsType = "nfs";
options = [
"x-systemd.automount"
"noauto"
"user"
"noatime"
"nofail"
"soft"
"x-systemd.idle-timeout=600"
"noatime"
"nodiratime"
"relatime"
"rsize=32768"
"wsize=32768"
"fsc"
];
};
};
environment.systemPackages = with pkgs; [
cachefilesd
];
swapDevices = [];
networking = {
networkmanager.enable = true;
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's
# still possible to use this option, but it's recommended to use it in conjunction
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
useDHCP = lib.mkDefault true;
hostName = "twilight"; # Define your hostname.
};
networking.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
hardware = {
# Enable OpenGL
graphics.enable = true;
# install graphics drivers
nvidia = {
# Modesetting is required.
modesetting.enable = true;
# Nvidia power management. Experimental, and can cause sleep/suspend to fail.
# Enable this if you have graphical corruption issues or application crashes after waking
# up from sleep. This fixes it by saving the entire VRAM memory to /tmp/ instead
# of just the bare essentials.
powerManagement.enable = false;
# Fine-grained power management. Turns off GPU when not in use.
# Experimental and only works on modern Nvidia GPUs (Turing or newer).
powerManagement.finegrained = false;
# Use the NVidia open source kernel module (not to be confused with the
# independent third-party "nouveau" open source driver).
# Support is limited to the Turing and later architectures. Full list of
# supported GPUs is at:
# https://github.com/NVIDIA/open-gpu-kernel-modules#compatible-gpus
# Only available from driver 515.43.04+
# Currently alpha-quality/buggy, so false is currently the recommended setting.
open = false;
# Enable the Nvidia settings menu,
# accessible via `nvidia-settings`.
nvidiaSettings = true;
# Optionally, you may need to select the appropriate driver version for your specific GPU.
package = config.boot.kernelPackages.nvidiaPackages.production;
};
cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
};
hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
}

72
configurations/nixos/twilight/network-mount.nix Normal file
View file

@ -0,0 +1,72 @@
{...}: {
boot.supportedFilesystems = ["nfs"];
fileSystems = {
"/mnt/leyla_documents" = {
device = "defiant:/exports/leyla_documents";
fsType = "nfs";
options = [
"x-systemd.automount"
"noauto"
"noatime"
"nofail"
"soft"
"intr" # Allow interruption of NFS calls
"timeo=50" # 5 second timeout (50 deciseconds) - longer than mobile
"retrans=3" # 3 retries for desktop
"x-systemd.idle-timeout=600" # 10 minute idle timeout for desktop
"x-systemd.device-timeout=30" # 30 second device timeout
"bg" # Background mount - don't block boot
"fsc" # Enable caching
"_netdev" # Network device - wait for network
"x-systemd.requires=network-online.target" # Require network to be online
"x-systemd.after=network-online.target" # Start after network is online
];
};
"/mnt/users_documents" = {
device = "defiant:/exports/users_documents";
fsType = "nfs";
options = [
"x-systemd.automount"
"noauto"
"nofail"
"soft"
"intr"
"timeo=50"
"retrans=3"
"x-systemd.idle-timeout=600"
"bg"
"fsc"
"_netdev"
"x-systemd.requires=network-online.target"
"x-systemd.after=network-online.target"
];
};
"/mnt/media" = {
device = "defiant:/exports/media";
fsType = "nfs";
options = [
"x-systemd.automount"
"noauto"
"noatime"
"nofail"
"soft"
"intr"
"timeo=50"
"retrans=3"
"x-systemd.idle-timeout=600"
"x-systemd.device-timeout=30"
"bg"
# Desktop-optimized read settings
"rsize=32768" # Larger read size for desktop
"wsize=32768" # Larger write size for desktop
"fsc"
"_netdev"
"x-systemd.requires=network-online.target"
"x-systemd.after=network-online.target"
];
};
};
}

47
configurations/nixos/twilight/nvidia-drivers.nix Normal file
View file

@ -0,0 +1,47 @@
{config, ...}: {
services = {
xserver = {
# Load nvidia driver for Xorg and Wayland
videoDrivers = ["nvidia"];
};
# Use X instead of wayland for gaming reasons
displayManager.gdm.wayland = false;
};
hardware = {
# Enable OpenGL
graphics.enable = true;
# install graphics drivers
nvidia = {
# Modesetting is required.
modesetting.enable = true;
# Nvidia power management. Experimental, and can cause sleep/suspend to fail.
# Enable this if you have graphical corruption issues or application crashes after waking
# up from sleep. This fixes it by saving the entire VRAM memory to /tmp/ instead
# of just the bare essentials.
powerManagement.enable = true;
# Fine-grained power management. Turns off GPU when not in use.
# Experimental and only works on modern Nvidia GPUs (Turing or newer).
powerManagement.finegrained = false;
# Use the NVidia open source kernel module (not to be confused with the
# independent third-party "nouveau" open source driver).
# Support is limited to the Turing and later architectures. Full list of
# supported GPUs is at:
# https://github.com/NVIDIA/open-gpu-kernel-modules#compatible-gpus
# Only available from driver 515.43.04+
# Currently alpha-quality/buggy, so false is currently the recommended setting.
open = true;
# Enable the Nvidia settings menu,
# accessible via `nvidia-settings`.
nvidiaSettings = true;
# Optionally, you may need to select the appropriate driver version for your specific GPU.
package = config.boot.kernelPackages.nvidiaPackages.production;
};
};
}

173
flake.lock generated
View file

@ -1,5 +1,23 @@
{
"nodes": {
"devshell": {
"inputs": {
"nixpkgs": "nixpkgs"
},
"locked": {
"lastModified": 1741473158,
"narHash": "sha256-kWNaq6wQUbUMlPgw8Y+9/9wP0F8SHkjy24/mN3UAppg=",
"owner": "numtide",
"repo": "devshell",
"rev": "7c9e793ebe66bcba8292989a68c0419b737a22a0",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "devshell",
"type": "github"
}
},
"disko": {
"inputs": {
"nixpkgs": [
@ -7,11 +25,11 @@
]
},
"locked": {
"lastModified": 1748225455,
"narHash": "sha256-AzlJCKaM4wbEyEpV3I/PUq5mHnib2ryEy32c+qfj6xk=",
"lastModified": 1757255839,
"narHash": "sha256-XH33B1X888Xc/xEXhF1RPq/kzKElM0D5C9N6YdvOvIc=",
"owner": "nix-community",
"repo": "disko",
"rev": "a894f2811e1ee8d10c50560551e50d6ab3c392ba",
"rev": "c8a0e78d86b12ea67be6ed0f7cae7f9bfabae75a",
"type": "github"
},
"original": {
@ -28,11 +46,11 @@
},
"locked": {
"dir": "pkgs/firefox-addons",
"lastModified": 1748405006,
"narHash": "sha256-pmt0SFjACJJAI8g8QU5arg2c9BXNZG9/okVwRSDJkG8=",
"lastModified": 1757304222,
"narHash": "sha256-s070stByAXxeCLgftTXxFxZ2ynJhghne4Y6cTuqGAaw=",
"owner": "rycee",
"repo": "nur-expressions",
"rev": "f9801a86d6603260940890c36650275090d1dceb",
"rev": "fa312c0175ffb82bc67da095439b9cb683ac52bd",
"type": "gitlab"
},
"original": {
@ -75,6 +93,24 @@
"type": "github"
}
},
"flake-utils_2": {
"inputs": {
"systems": "systems_2"
},
"locked": {
"lastModified": 1731533236,
"narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "11707dc2f618dd54ca8739b309ec4fc024de578b",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
},
"home-manager": {
"inputs": {
"nixpkgs": [
@ -82,11 +118,11 @@
]
},
"locked": {
"lastModified": 1748455938,
"narHash": "sha256-mQ/iNzPra2WtDQ+x2r5IadcWNr0m3uHvLMzJkXKAG/8=",
"lastModified": 1757256385,
"narHash": "sha256-WK7tOhWwr15mipcckhDg2no/eSpM1nIh4C9le8HgHhk=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "02077149e2921014511dac2729ae6dadb4ec50e2",
"rev": "f35703b412c67b48e97beb6e27a6ab96a084cd37",
"type": "github"
},
"original": {
@ -110,6 +146,28 @@
"type": "github"
}
},
"mcp-nixos": {
"inputs": {
"devshell": "devshell",
"flake-utils": "flake-utils",
"nixpkgs": [
"nixpkgs"
]
},
"locked": {
"lastModified": 1755372538,
"narHash": "sha256-iWhsf1Myk6RyQ7IuNf4bWI3Sqq9pgmhKvEisCXtkxyw=",
"owner": "utensils",
"repo": "mcp-nixos",
"rev": "46b4d4d3d6421bfbadc415532ef74433871e1cda",
"type": "github"
},
"original": {
"owner": "utensils",
"repo": "mcp-nixos",
"type": "github"
}
},
"nix-darwin": {
"inputs": {
"nixpkgs": [
@ -117,11 +175,11 @@
]
},
"locked": {
"lastModified": 1748352827,
"narHash": "sha256-sNUUP6qxGkK9hXgJ+p362dtWLgnIWwOCmiq72LAWtYo=",
"lastModified": 1757130842,
"narHash": "sha256-4i7KKuXesSZGUv0cLPLfxbmF1S72Gf/3aSypgvVkwuA=",
"owner": "LnL7",
"repo": "nix-darwin",
"rev": "44a7d0e687a87b73facfe94fba78d323a6686a90",
"rev": "15f067638e2887c58c4b6ba1bdb65a0b61dc58c5",
"type": "github"
},
"original": {
@ -153,17 +211,17 @@
},
"nix-vscode-extensions": {
"inputs": {
"flake-utils": "flake-utils",
"flake-utils": "flake-utils_2",
"nixpkgs": [
"nixpkgs"
]
},
"locked": {
"lastModified": 1748397853,
"narHash": "sha256-tudGoP5caIJ5TzkV6wnsmUk7Spx21oWMKpkmPbjRNZc=",
"lastModified": 1757296711,
"narHash": "sha256-7u9/tXUdmTj8x7ofet8aELLBlCHSoA+QOhYKheRdacM=",
"owner": "nix-community",
"repo": "nix-vscode-extensions",
"rev": "ac4fc8eb9a1ee5eeb3c0a30f57652e4c5428d3a5",
"rev": "ab9374ac8c162dacffcd4400e668fd7f9b6f173a",
"type": "github"
},
"original": {
@ -174,11 +232,11 @@
},
"nixos-hardware": {
"locked": {
"lastModified": 1747900541,
"narHash": "sha256-dn64Pg9xLETjblwZs9Euu/SsjW80pd6lr5qSiyLY1pg=",
"lastModified": 1757103352,
"narHash": "sha256-PtT7ix43ss8PONJ1VJw3f6t2yAoGH+q462Sn8lrmWmk=",
"owner": "NixOS",
"repo": "nixos-hardware",
"rev": "11f2d9ea49c3e964315215d6baa73a8d42672f06",
"rev": "11b2a10c7be726321bb854403fdeec391e798bf0",
"type": "github"
},
"original": {
@ -190,11 +248,27 @@
},
"nixpkgs": {
"locked": {
"lastModified": 1748370509,
"narHash": "sha256-QlL8slIgc16W5UaI3w7xHQEP+Qmv/6vSNTpoZrrSlbk=",
"lastModified": 1722073938,
"narHash": "sha256-OpX0StkL8vpXyWOGUD6G+MA26wAXK6SpT94kLJXo6B4=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "e36e9f57337d0ff0cf77aceb58af4c805472bfae",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixpkgs-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_2": {
"locked": {
"lastModified": 1757068644,
"narHash": "sha256-NOrUtIhTkIIumj1E/Rsv1J37Yi3xGStISEo8tZm3KW4=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "4faa5f5321320e49a78ae7848582f684d64783e9",
"rev": "8eb28adfa3dc4de28e792e3bf49fcf9007ca8ac9",
"type": "github"
},
"original": {
@ -211,23 +285,25 @@
"flake-compat": "flake-compat",
"home-manager": "home-manager",
"impermanence": "impermanence",
"mcp-nixos": "mcp-nixos",
"nix-darwin": "nix-darwin",
"nix-syncthing": "nix-syncthing",
"nix-vscode-extensions": "nix-vscode-extensions",
"nixos-hardware": "nixos-hardware",
"nixpkgs": "nixpkgs",
"nixpkgs": "nixpkgs_2",
"secrets": "secrets",
"sops-nix": "sops-nix"
"sops-nix": "sops-nix",
"steam-fetcher": "steam-fetcher"
}
},
"secrets": {
"flake": false,
"locked": {
"lastModified": 1743538790,
"narHash": "sha256-QXmvyxfAhpifxAWcYTvuGfzv9I+9gHw0bq4WYtGEB9A=",
"lastModified": 1752531440,
"narHash": "sha256-04tQ3EUrtmZ7g6fVUkZC4AbAG+Z7lng79qU3jsiqWJY=",
"ref": "refs/heads/main",
"rev": "3d63dff77f8eda1667e3586169642cf256c4aa34",
"revCount": 17,
"rev": "f016767c13aa36dde91503f7a9f01bdd02468045",
"revCount": 20,
"type": "git",
"url": "ssh://git@git.jan-leila.com/jan-leila/nix-config-secrets.git"
},
@ -243,11 +319,11 @@
]
},
"locked": {
"lastModified": 1747603214,
"narHash": "sha256-lAblXm0VwifYCJ/ILPXJwlz0qNY07DDYdLD+9H+Wc8o=",
"lastModified": 1754988908,
"narHash": "sha256-t+voe2961vCgrzPFtZxha0/kmFSHFobzF00sT8p9h0U=",
"owner": "Mic92",
"repo": "sops-nix",
"rev": "8d215e1c981be3aa37e47aeabd4e61bb069548fd",
"rev": "3223c7a92724b5d804e9988c6b447a0d09017d48",
"type": "github"
},
"original": {
@ -256,6 +332,26 @@
"type": "github"
}
},
"steam-fetcher": {
"inputs": {
"nixpkgs": [
"nixpkgs"
]
},
"locked": {
"lastModified": 1714795926,
"narHash": "sha256-PkgC9jqoN6cJ8XYzTA2PlrWs7aPJkM3BGiTxNqax0cA=",
"owner": "nix-community",
"repo": "steam-fetcher",
"rev": "12f66eafb7862d91b3e30c14035f96a21941bd9c",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "steam-fetcher",
"type": "github"
}
},
"systems": {
"locked": {
"lastModified": 1681028828,
@ -270,6 +366,21 @@
"repo": "default",
"type": "github"
}
},
"systems_2": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "default",
"type": "github"
}
}
},
"root": "root",

21
flake.nix
View file

@ -6,7 +6,7 @@
nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable";
# lix-module = {
# url = "https://git.lix.systems/lix-project/nixos-module/archive/stable.tar.gz";
# url = "https://git.lix.systems/lix-project/nixos-module/archive/2.93.3-1.tar.gz";
# inputs.nixpkgs.follows = "nixpkgs";
# };
@ -71,6 +71,17 @@
flake-compat = {
url = "github:edolstra/flake-compat";
};
steam-fetcher = {
url = "github:nix-community/steam-fetcher";
inputs.nixpkgs.follows = "nixpkgs";
};
# MCP NixOS server for Claude Dev
mcp-nixos = {
url = "github:utensils/mcp-nixos";
inputs.nixpkgs.follows = "nixpkgs";
};
};
outputs = {
@ -131,11 +142,11 @@
systemsHomes
// homeSystems;
in {
formatter = forEachPkgs (pkgs: pkgs.alejandra);
formatter = forEachPkgs (system: pkgs: pkgs.alejandra);
# templates = import ./templates;
devShells = forEachPkgs (pkgs: {
devShells = forEachPkgs (system: pkgs: {
default = pkgs.mkShell {
packages = with pkgs; [
# for version controlling this repo
@ -150,6 +161,10 @@
nixos-anywhere
# for updating disko configurations
disko
# for viewing dconf entries
dconf-editor
# for MCP NixOS server support in development
inputs.mcp-nixos.packages.${system}.default
];
SOPS_AGE_KEY_DIRECTORY = import ./const/sops_age_key_directory.nix;

6
modules/common-modules/overlays/default.nix
View file

@ -1,3 +1,7 @@
# this folder is for derivation overlays
{...}: {
{inputs, ...}: {
nixpkgs.overlays = [
inputs.steam-fetcher.overlays.default
inputs.nix-vscode-extensions.overlays.default
];
}

42
modules/common-modules/pkgs/codium-extensions/ai-code.nix Normal file
View file

@ -0,0 +1,42 @@
{
buildNpmPackage,
vscode-utils,
pkgs,
...
}: let
version = "0.0.1";
pname = "ai-code";
publisher = "jan-leila";
vsix = buildNpmPackage {
inherit version pname;
src = builtins.fetchGit {
url = "ssh://git@git.jan-leila.com/jan-leila/ai-code.git";
rev = "d48e01713021dbb30de0ebbee2cfaf99e4e9b5a6";
};
npmDepsHash = "sha256-kjMyEnT3dz0yH5Ydh+aGoFDocKpBYGRmfnwbEdvvgpY=";
nativeBuildInputs = with pkgs; [
vsce
];
buildPhase = ''
${pkgs.vsce}/bin/vsce package -o ${pname}.zip
'';
installPhase = ''
mkdir -p $out
mv ${pname}.zip $out/${pname}.zip
'';
};
in
vscode-utils.buildVscodeExtension {
inherit pname version;
src = "${vsix}/${pname}.zip";
vscodeExtUniqueId = "${publisher}.${pname}";
vscodeExtPublisher = publisher;
vscodeExtName = pname;
}

3
modules/common-modules/pkgs/codium-extensions/default.nix Normal file
View file

@ -0,0 +1,3 @@
{pkgs, ...}: {
ai-code = pkgs.callPackage ./ai-code.nix {};
}

31
modules/common-modules/pkgs/default.nix
View file

@ -1,4 +1,29 @@
# this folder is for custom derivations
{...}: {
# package = pkgs.callPackage ./package.nix {};
{pkgs, ...}: {
nixpkgs.overlays = [
(final: prev: {
webtoon-dl =
pkgs.callPackage
./webtoon-dl.nix
{};
})
# TODO: this package always needs to be called with the --in-process-gpu flag for some reason, can we automate that?
(final: prev: {
prostudiomasters =
pkgs.callPackage
./prostudiomasters.nix
{};
})
(final: prev: {
noita_entangled_worlds = pkgs.callPackage ./noita-entangled-worlds.nix {};
})
(final: prev: {
gdx-liftoff = pkgs.callPackage ./gdx-liftoff.nix {};
})
(final: prev: {
codium-extensions = pkgs.callPackage ./codium-extensions {};
})
(final: prev: {
mapillary-uploader = pkgs.callPackage ./mapillary-uploader.nix {};
})
];
}

44
modules/common-modules/pkgs/gdx-liftoff.nix Normal file
View file

@ -0,0 +1,44 @@
{
stdenv,
fetchurl,
makeWrapper,
jdk,
lib,
xorg,
libGL,
...
}:
stdenv.mkDerivation rec {
pname = "gdx-liftoff";
version = "1.13.5.1";
src = fetchurl {
url = "https://github.com/libgdx/gdx-liftoff/releases/download/v${version}/gdx-liftoff-${version}.jar";
hash = "sha256-9vCXGNGwI/P4VmcdIzTv2GPAX8bZb7nkfopaRAf6yMA=";
};
dontUnpack = true;
nativeBuildInputs = [makeWrapper];
runtimeDependencies = lib.makeLibraryPath [
# glfw
libGL
xorg.libX11
xorg.libXcursor
xorg.libXext
xorg.libXrandr
xorg.libXxf86vm
];
installPhase = ''
runHook preInstall
install -Dm644 $src $out/lib/gdx-liftoff-${version}.jar
makeWrapper ${lib.getExe jdk} $out/bin/gdx-liftoff-${version} \
--append-flags "-jar $out/lib/gdx-liftoff-${version}.jar"\
${lib.optionalString stdenv.hostPlatform.isLinux "--prefix LD_LIBRARY_PATH : ${runtimeDependencies}"}
runHook postInstall
'';
}

42
modules/common-modules/pkgs/mapillary-uploader.nix Normal file
View file

@ -0,0 +1,42 @@
{
lib,
fetchurl,
appimageTools,
}: let
pname = "mapillary-uploader";
version = "4.7.2"; # Based on the application output
src = fetchurl {
url = "https://tools.mapillary.com/uploader/download/linux";
name = "mapillary-uploader.AppImage";
sha256 = "sha256-Oyx7AIdA/2mwBaq7UzXOoyq/z2SU2sViMN40sY2RCQw=";
};
appimageContents = appimageTools.extractType2 {
inherit pname version src;
};
in
appimageTools.wrapType2 {
inherit pname version src;
extraInstallCommands = ''
# Install desktop file
install -Dm644 ${appimageContents}/mapillary-desktop-uploader.desktop $out/share/applications/mapillary-uploader.desktop
# Install icon
install -Dm644 ${appimageContents}/usr/share/icons/hicolor/0x0/apps/mapillary-desktop-uploader.png $out/share/pixmaps/mapillary-uploader.png
# Fix desktop file paths
substituteInPlace $out/share/applications/mapillary-uploader.desktop \
--replace 'Exec=AppRun' 'Exec=${pname}'
'';
meta = with lib; {
description = "Mapillary Desktop Uploader - Upload street-level imagery to Mapillary";
homepage = "https://www.mapillary.com/";
license = licenses.unfree; # Mapillary's license terms
maintainers = [];
platforms = ["x86_64-linux"];
sourceProvenance = with sourceTypes; [binaryNativeCode];
};
}

46
modules/common-modules/pkgs/noita-entangled-worlds.nix Normal file
View file

@ -0,0 +1,46 @@
# not working yet
{
pkgs,
rustPlatform,
fetchFromGitHub,
...
}: let
version = "1.5.3";
repo = fetchFromGitHub {
owner = "IntQuant";
repo = "noita_entangled_worlds";
rev = "v${version}";
hash = "sha256-frrpD0aWTeDbZYtp15R+quUUAZf7OvHlbSLtGJJtAqk=";
};
in
rustPlatform.buildRustPackage {
name = "noita-proxy-${version}";
src = repo + "/noita-proxy";
prePatch = ''
substituteInPlace Cargo.toml \
--replace "path = \"../shared\"" "path = \"${repo + "/shared"}\""
'';
nativeBuildInputs = with pkgs; [
pkg-config
python3
cmake
];
buildInputs = with pkgs; [
openssl
openssl.dev
libpulseaudio
libjack2
alsa-lib
xorg.libxcb
xorg.libxcb.dev
libopus
];
propagatedBuildInputs = with pkgs; [
steamworks-sdk-redist
];
runtimeDependencies = with pkgs; [
steamworks-sdk-redist
];
doCheck = false;
cargoHash = "sha256-TzUS6d6PopgGf2i1yVaXaXdzNrvfSz+Gv67BAtxYmb4=";
}

0
modules/nixos-modules/packages/prostudiomasters.nix → modules/common-modules/pkgs/prostudiomasters.nix
View file

0
modules/nixos-modules/packages/webtoon-dl.nix → modules/common-modules/pkgs/webtoon-dl.nix
View file

75
modules/home-manager-modules/continue.nix
View file

@ -1,75 +0,0 @@
{
lib,
pkgs,
config,
osConfig,
...
}: let
ai-tooling-enabled = config.user.continue.enable && osConfig.host.ai.enable;
in {
options = {
user.continue = {
enable = lib.mkEnableOption "should continue be enabled on this machine";
docs = lib.mkOption {
type = lib.types.attrsOf (lib.types.submodule ({name, ...}: {
options = {
name = lib.mkOption {
type = lib.types.str;
default = name;
};
startUrl = lib.mkOption {
type = lib.types.str;
};
};
}));
};
context = lib.mkOption {
type = lib.types.attrsOf (lib.types.submodule ({name, ...}: {
options = {
provider = lib.mkOption {
type = lib.types.str;
default = name;
};
};
}));
default = {
"code" = {};
"docs" = {};
"diff" = {};
"terminal" = {};
"problems" = {};
"folder" = {};
"codebase" = {};
};
};
};
};
config =
lib.mkIf ai-tooling-enabled
(lib.mkMerge [
{
home = {
file = {
".continue/config.yaml".source = (pkgs.formats.yaml {}).generate "continue-config" {
name = "Assistant";
version = "1.0.0";
schema = "v1";
models = lib.attrsets.attrValues osConfig.host.ai.models;
context = lib.attrsets.attrValues config.user.continue.context;
docs = lib.attrsets.attrValues config.user.continue.docs;
};
};
};
}
(lib.mkIf osConfig.host.impermanence.enable {
home.persistence."/persist${config.home.homeDirectory}" = {
directories = [
".continue/index"
".continue/sessions"
];
allowOther = true;
};
})
]);
}

5
modules/home-manager-modules/default.nix
View file

@ -1,9 +1,12 @@
# this folder container modules that are for home manager only
{...}: {
imports = [
./sops.nix
./user.nix
./flipperzero.nix
./i18n.nix
./openssh.nix
./continue.nix
./gnome.nix
./programs
];
}

106
modules/home-manager-modules/gnome.nix Normal file
View file

@ -0,0 +1,106 @@
{
lib,
config,
...
}: {
options.gnome = {
extraWindowControls = lib.mkEnableOption "Should we add back in the minimize and maximize window controls?";
clockFormat = lib.mkOption {
type = lib.types.enum [
"12h"
"24h"
];
default = "24h";
};
colorScheme = lib.mkOption {
type = lib.types.enum [
"default"
"prefer-dark"
"prefer-light"
];
default = "default";
};
accentColor = lib.mkOption {
type = lib.types.enum [
"blue"
"teal"
"green"
"yellow"
"orange"
"red"
"pink"
"purple"
"slate"
];
default = "blue";
};
extensions = lib.mkOption {
type = lib.types.listOf lib.types.package;
default = [];
description = "The set of extensions to install and enable in the user environment.";
};
hotkeys = lib.mkOption {
type = lib.types.attrsOf (lib.types.submodule ({name, ...}: {
options = {
key = lib.mkOption {
type = lib.types.strMatching "[a-zA-Z0-9-]+";
default = builtins.replaceStrings [" " "/" "_"] ["-" "-" "-"] name;
};
name = lib.mkOption {
type = lib.types.str;
default = name;
};
binding = lib.mkOption {
type = lib.types.str;
};
command = lib.mkOption {
type = lib.types.str;
};
};
}));
default = {};
};
};
config = {
home.packages = config.gnome.extensions;
dconf = {
settings = lib.mkMerge [
{
"org/gnome/shell" = {
disable-user-extensions = false; # enables user extensions
enabled-extensions = builtins.map (extension: extension.extensionUuid) config.gnome.extensions;
};
"org/gnome/desktop/wm/preferences".button-layout = lib.mkIf config.gnome.extraWindowControls ":minimize,maximize,close";
"org/gnome/desktop/interface".color-scheme = config.gnome.colorScheme;
"org/gnome/desktop/interface".accent-color = config.gnome.accentColor;
"org/gnome/desktop/interface".clock-format = config.gnome.clockFormat;
}
(
lib.mkMerge (
builtins.map (value: let
entry = "org/gnome/settings-daemon/plugins/media-keys/custom-keybindings/${value.key}";
in {
${entry} = {
binding = value.binding;
command = value.command;
name = value.name;
};
"org/gnome/settings-daemon/plugins/media-keys" = {
custom-keybindings = [
"/${entry}/"
];
};
})
(
lib.attrsets.mapAttrsToList (_: value: value) config.gnome.hotkeys
)
)
)
];
};
};
}

12
modules/home-manager-modules/openssh.nix
View file

@ -6,6 +6,7 @@
...
}: {
options.programs.openssh = {
enable = lib.mkEnableOption "should we enable openssh";
authorizedKeys = lib.mkOption {
type = lib.types.listOf lib.types.str;
default = [];
@ -37,14 +38,20 @@
};
};
config = lib.mkMerge [
config = lib.mkIf config.programs.openssh.enable (
lib.mkMerge [
(
lib.mkIf ((builtins.length config.programs.openssh.hostKeys) != 0) {
services.ssh-agent.enable = true;
programs.ssh = {
enable = true;
enableDefaultConfig = false;
matchBlocks = {
"*" = {
compression = true;
addKeysToAgent = "confirm";
};
};
extraConfig = lib.strings.concatLines (
builtins.map (hostKey: "IdentityFile ~/.ssh/${hostKey.path}") config.programs.openssh.hostKeys
);
@ -95,5 +102,6 @@
);
};
})
];
]
);
}

15
modules/home-manager-modules/programs/anki.nix Normal file
View file

@ -0,0 +1,15 @@
{
lib,
config,
osConfig,
...
}: {
config = lib.mkIf (config.programs.anki.enable && osConfig.host.impermanence.enable) {
home.persistence."/persist${config.home.homeDirectory}" = {
directories = [
"${config.xdg.dataHome}/Anki2/"
];
allowOther = true;
};
};
}

29
modules/home-manager-modules/programs/bitwarden.nix Normal file
View file

@ -0,0 +1,29 @@
{
lib,
pkgs,
config,
osConfig,
...
}: {
options.programs.bitwarden = {
enable = lib.mkEnableOption "enable bitwarden";
};
config = lib.mkIf config.programs.bitwarden.enable (lib.mkMerge [
{
home.packages = with pkgs; [
bitwarden
];
}
(
lib.mkIf osConfig.host.impermanence.enable {
home.persistence."/persist${config.home.homeDirectory}" = {
directories = [
"${config.xdg.configHome}/Bitwarden"
];
allowOther = true;
};
}
)
]);
}

29
modules/home-manager-modules/programs/bruno.nix Normal file
View file

@ -0,0 +1,29 @@
{
lib,
pkgs,
config,
osConfig,
...
}: {
options.programs.bruno = {
enable = lib.mkEnableOption "enable bruno";
};
config = lib.mkIf config.programs.bruno.enable (lib.mkMerge [
{
home.packages = with pkgs; [
bruno
];
}
(
lib.mkIf osConfig.host.impermanence.enable {
home.persistence."/persist${config.home.homeDirectory}" = {
directories = [
"${config.xdg.configHome}/bruno/"
];
allowOther = true;
};
}
)
]);
}

29
modules/home-manager-modules/programs/calibre.nix Normal file
View file

@ -0,0 +1,29 @@
{
lib,
pkgs,
config,
osConfig,
...
}: {
options.programs.calibre = {
enable = lib.mkEnableOption "enable calibre";
};
config = lib.mkIf config.programs.calibre.enable (lib.mkMerge [
{
home.packages = with pkgs; [
calibre
];
}
(
lib.mkIf osConfig.host.impermanence.enable {
home.persistence."/persist${config.home.homeDirectory}" = {
directories = [
"${config.xdg.configHome}/calibre"
];
allowOther = true;
};
}
)
]);
}

30
modules/home-manager-modules/programs/davinci-resolve.nix Normal file
View file

@ -0,0 +1,30 @@
{
lib,
pkgs,
config,
osConfig,
...
}: {
options.programs.davinci-resolve = {
enable = lib.mkEnableOption "enable davinci-resolve";
};
config = lib.mkIf config.programs.davinci-resolve.enable (lib.mkMerge [
{
home.packages = with pkgs; [
davinci-resolve
];
}
(
lib.mkIf osConfig.host.impermanence.enable {
home.persistence."/persist${config.home.homeDirectory}" = {
directories = [
"${config.xdg.dataHome}/DaVinciResolve"
"${config.xdg.configHome}/blackmagic"
];
allowOther = true;
};
}
)
]);
}

29
modules/home-manager-modules/programs/dbeaver.nix Normal file
View file

@ -0,0 +1,29 @@
{
lib,
pkgs,
config,
osConfig,
...
}: {
options.programs.dbeaver-bin = {
enable = lib.mkEnableOption "enable dbeaver";
};
config = lib.mkIf config.programs.dbeaver-bin.enable (lib.mkMerge [
{
home.packages = with pkgs; [
dbeaver-bin
];
}
(
lib.mkIf osConfig.host.impermanence.enable {
home.persistence."/persist${config.home.homeDirectory}" = {
directories = [
"${config.xdg.dataHome}/DBeaverData/"
];
allowOther = true;
};
}
)
]);
}

42
modules/home-manager-modules/programs/default.nix Normal file
View file

@ -0,0 +1,42 @@
{...}: {
imports = [
./firefox.nix
./signal.nix
./bitwarden.nix
./makemkv.nix
./obs.nix
./anki.nix
./piper.nix
./qbittorrent.nix
./discord.nix
./obsidian.nix
./prostudiomasters.nix
./idea.nix
./krita.nix
./protonvpn.nix
./calibre.nix
./bruno.nix
./dbeaver.nix
./steam.nix
./vscode
./ungoogled-chromium.nix
./libreoffice.nix
./mapillary-uploader.nix
./inkscape.nix
./gimp.nix
./proxmark3.nix
./freecad.nix
./onionshare.nix
./mfoc.nix
./pdfarranger.nix
./picard.nix
./qflipper.nix
./openvpn.nix
./noisetorch.nix
./openrgb.nix
./via.nix
./davinci-resolve.nix
./gdx-liftoff.nix
./tor-browser.nix
];
}

29
modules/home-manager-modules/programs/discord.nix Normal file
View file

@ -0,0 +1,29 @@
{
lib,
pkgs,
config,
osConfig,
...
}: {
options.programs.discord = {
enable = lib.mkEnableOption "enable discord";
};
config = lib.mkIf config.programs.discord.enable (lib.mkMerge [
{
home.packages = with pkgs; [
discord
];
}
(
lib.mkIf osConfig.host.impermanence.enable {
home.persistence."/persist${config.home.homeDirectory}" = {
directories = [
"${config.xdg.configHome}/discord/"
];
allowOther = true;
};
}
)
]);
}

43
modules/home-manager-modules/programs/firefox.nix Normal file
View file

@ -0,0 +1,43 @@
{
lib,
config,
osConfig,
...
}: let
buildProfilePersistence = profile: {
directories = [
".mozilla/firefox/${profile}/extensions"
];
files = [
".mozilla/firefox/${profile}/cookies.sqlite"
".mozilla/firefox/${profile}/favicons.sqlite"
# Permissions and ${profileName} levels for each site
".mozilla/firefox/${profile}/permissions.sqlite"
".mozilla/firefox/${profile}/content-prefs.sqlite"
# Browser history and bookmarks
".mozilla/firefox/${profile}/places.sqlite"
# I guess this is useful?
# https://bugzilla.mozilla.org/show_bug.cgi?id=1511384
# https://developer.mozilla.org/en-US/docs/Web/API/Storage_API/Storage_quotas_and_eviction_criteria
".mozilla/firefox/${profile}/storage.sqlite"
# Extension configuration
".mozilla/firefox/${profile}/extension-settings.json"
];
allowOther = true;
};
in {
config = lib.mkIf (config.programs.firefox.enable && osConfig.host.impermanence.enable) {
home.persistence."/persist${config.home.homeDirectory}" = lib.mkMerge (
(
lib.attrsets.mapAttrsToList
(profile: _: buildProfilePersistence profile)
config.programs.firefox.profiles
)
++ (
lib.lists.optional
((builtins.length (lib.attrsets.mapAttrsToList (key: value: value) config.programs.firefox.profiles)) == 0)
(buildProfilePersistence "default")
)
);
};
}

29
modules/home-manager-modules/programs/freecad.nix Normal file
View file

@ -0,0 +1,29 @@
{
lib,
pkgs,
config,
osConfig,
...
}: {
options.programs.freecad = {
enable = lib.mkEnableOption "enable freecad";
};
config = lib.mkIf config.programs.freecad.enable (lib.mkMerge [
{
home.packages = with pkgs; [
freecad
];
}
(
lib.mkIf osConfig.host.impermanence.enable {
home.persistence."/persist${config.home.homeDirectory}" = {
directories = [
"${config.xdg.configHome}/FreeCAD"
];
allowOther = true;
};
}
)
]);
}

17
modules/home-manager-modules/programs/gdx-liftoff.nix Normal file
View file

@ -0,0 +1,17 @@
{
lib,
pkgs,
config,
osConfig,
...
}: {
options.programs.gdx-liftoff = {
enable = lib.mkEnableOption "enable gdx-liftoff";
};
config = lib.mkIf config.programs.gdx-liftoff.enable {
home.packages = with pkgs; [
gdx-liftoff
];
};
}

29
modules/home-manager-modules/programs/gimp.nix Normal file
View file

@ -0,0 +1,29 @@
{
lib,
pkgs,
config,
osConfig,
...
}: {
options.programs.gimp = {
enable = lib.mkEnableOption "enable gimp";
};
config = lib.mkIf config.programs.gimp.enable (lib.mkMerge [
{
home.packages = with pkgs; [
gimp
];
}
(
lib.mkIf osConfig.host.impermanence.enable {
home.persistence."/persist${config.home.homeDirectory}" = {
directories = [
"${config.xdg.configHome}/GIMP"
];
allowOther = true;
};
}
)
]);
}

33
modules/home-manager-modules/programs/idea.nix Normal file
View file

@ -0,0 +1,33 @@
{
lib,
pkgs,
config,
osConfig,
...
}: {
options.programs.jetbrains.idea-community = {
enable = lib.mkEnableOption "enable idea-community";
};
config = lib.mkIf config.programs.jetbrains.idea-community.enable (lib.mkMerge [
{
home.packages = with pkgs; [
jetbrains.idea-community
];
}
(
lib.mkIf osConfig.host.impermanence.enable {
home.persistence."/persist${config.home.homeDirectory}" = {
directories = [
# configuration
"${config.xdg.configHome}/JetBrains/"
# plugins
"${config.xdg.dataHome}/JetBrains/"
# System and Logs
"${config.xdg.cacheHome}/JetBrains/"
];
};
}
)
]);
}

29
modules/home-manager-modules/programs/inkscape.nix Normal file
View file

@ -0,0 +1,29 @@
{
lib,
pkgs,
config,
osConfig,
...
}: {
options.programs.inkscape = {
enable = lib.mkEnableOption "enable inkscape";
};
config = lib.mkIf config.programs.inkscape.enable (lib.mkMerge [
{
home.packages = with pkgs; [
inkscape
];
}
(
lib.mkIf osConfig.host.impermanence.enable {
home.persistence."/persist${config.home.homeDirectory}" = {
directories = [
"${config.xdg.configHome}/inkscape"
];
allowOther = true;
};
}
)
]);
}

30
modules/home-manager-modules/programs/krita.nix Normal file
View file

@ -0,0 +1,30 @@
{
lib,
pkgs,
config,
osConfig,
...
}: {
options.programs.krita = {
enable = lib.mkEnableOption "enable krita";
};
config = lib.mkIf config.programs.krita.enable (lib.mkMerge [
{
home.packages = with pkgs; [
krita
];
}
(
lib.mkIf osConfig.host.impermanence.enable {
home.persistence."/persist${config.home.homeDirectory}" = {
directories = [
"${config.xdg.configHome}/kritarc"
"${config.xdg.dataHome}/krita"
];
allowOther = true;
};
}
)
]);
}

29
modules/home-manager-modules/programs/libreoffice.nix Normal file
View file

@ -0,0 +1,29 @@
{
lib,
pkgs,
config,
osConfig,
...
}: {
options.programs.libreoffice = {
enable = lib.mkEnableOption "enable libreoffice";
};
config = lib.mkIf config.programs.libreoffice.enable (lib.mkMerge [
{
home.packages = with pkgs; [
libreoffice
];
}
(
lib.mkIf osConfig.host.impermanence.enable {
home.persistence."/persist${config.home.homeDirectory}" = {
directories = [
"${config.xdg.configHome}/libreoffice"
];
allowOther = true;
};
}
)
]);
}

42
modules/home-manager-modules/programs/makemkv.nix Normal file
View file

@ -0,0 +1,42 @@
{
lib,
pkgs,
config,
osConfig,
...
}: {
options.programs.makemkv = {
enable = lib.mkEnableOption "enable makemkv";
appKeyFile = lib.mkOption {
type = lib.types.str;
};
destinationDir = lib.mkOption {
type = lib.types.str;
};
};
config = lib.mkIf config.programs.makemkv.enable (lib.mkMerge [
{
home.packages = with pkgs; [
makemkv
];
sops.templates."MakeMKV.settings.conf".content = ''
app_DestinationDir = "${config.programs.makemkv.destinationDir}"
app_DestinationType = "2"
app_Key = "${config.programs.makemkv.appKeyFile}"
'';
home.file.".MakeMKV/settings.conf".source = config.lib.file.mkOutOfStoreSymlink config.sops.templates."MakeMKV.settings.conf".path;
}
(
lib.mkIf osConfig.host.impermanence.enable {
home.persistence."/persist${config.home.homeDirectory}" = {
directories = [
".MakeMKV"
];
};
}
)
]);
}

17
modules/home-manager-modules/programs/mapillary-uploader.nix Normal file
View file

@ -0,0 +1,17 @@
{
config,
lib,
pkgs,
...
}:
with lib; let
cfg = config.programs.mapillary-uploader;
in {
options.programs.mapillary-uploader = {
enable = mkEnableOption "Mapillary Desktop Uploader";
};
config = mkIf cfg.enable {
home.packages = [pkgs.mapillary-uploader];
};
}

17
modules/home-manager-modules/programs/mfoc.nix Normal file
View file

@ -0,0 +1,17 @@
{
lib,
pkgs,
config,
osConfig,
...
}: {
options.programs.mfoc = {
enable = lib.mkEnableOption "enable mfoc";
};
config = lib.mkIf config.programs.mfoc.enable {
home.packages = with pkgs; [
mfoc
];
};
}

17
modules/home-manager-modules/programs/noisetorch.nix Normal file
View file

@ -0,0 +1,17 @@
{
lib,
pkgs,
config,
osConfig,
...
}: {
options.programs.noisetorch = {
enable = lib.mkEnableOption "enable noisetorch";
};
config = lib.mkIf config.programs.noisetorch.enable {
home.packages = with pkgs; [
noisetorch
];
};
}

14
modules/home-manager-modules/programs/obs.nix Normal file
View file

@ -0,0 +1,14 @@
{
lib,
config,
osConfig,
...
}: {
config = lib.mkIf config.programs.obs-studio.enable (lib.mkMerge [
(
lib.mkIf osConfig.host.impermanence.enable {
# TODO: map impermanence for obs
}
)
]);
}

18
modules/home-manager-modules/programs/obsidian.nix Normal file
View file

@ -0,0 +1,18 @@
{
lib,
config,
osConfig,
...
}: {
config = lib.mkIf config.programs.obsidian.enable (lib.mkMerge [
(
lib.mkIf osConfig.host.impermanence.enable {
home.persistence."/persist${config.home.homeDirectory}" = {
directories = [
"${config.xdg.configHome}/obsidian"
];
};
}
)
]);
}

17
modules/home-manager-modules/programs/onionshare.nix Normal file
View file

@ -0,0 +1,17 @@
{
lib,
pkgs,
config,
osConfig,
...
}: {
options.programs.onionshare = {
enable = lib.mkEnableOption "enable onionshare";
};
config = lib.mkIf config.programs.onionshare.enable {
home.packages = with pkgs; [
onionshare
];
};
}

17
modules/home-manager-modules/programs/openrgb.nix Normal file
View file

@ -0,0 +1,17 @@
{
lib,
pkgs,
config,
osConfig,
...
}: {
options.programs.openrgb = {
enable = lib.mkEnableOption "enable openrgb";
};
config = lib.mkIf config.programs.openrgb.enable {
home.packages = with pkgs; [
openrgb
];
};
}

17
modules/home-manager-modules/programs/openvpn.nix Normal file
View file

@ -0,0 +1,17 @@
{
lib,
pkgs,
config,
osConfig,
...
}: {
options.programs.openvpn = {
enable = lib.mkEnableOption "enable openvpn";
};
config = lib.mkIf config.programs.openvpn.enable {
home.packages = with pkgs; [
openvpn
];
};
}

17
modules/home-manager-modules/programs/pdfarranger.nix Normal file
View file

@ -0,0 +1,17 @@
{
lib,
pkgs,
config,
osConfig,
...
}: {
options.programs.pdfarranger = {
enable = lib.mkEnableOption "enable pdfarranger";
};
config = lib.mkIf config.programs.pdfarranger.enable {
home.packages = with pkgs; [
pdfarranger
];
};
}

29
modules/home-manager-modules/programs/picard.nix Normal file
View file

@ -0,0 +1,29 @@
{
lib,
pkgs,
config,
osConfig,
...
}: {
options.programs.picard = {
enable = lib.mkEnableOption "enable picard";
};
config = lib.mkIf config.programs.picard.enable (lib.mkMerge [
{
home.packages = with pkgs; [
picard
];
}
(
lib.mkIf osConfig.host.impermanence.enable {
home.persistence."/persist${config.home.homeDirectory}" = {
directories = [
"${config.xdg.configHome}/MusicBrainz"
];
allowOther = true;
};
}
)
]);
}

17
modules/home-manager-modules/programs/piper.nix Normal file
View file

@ -0,0 +1,17 @@
{
lib,
pkgs,
config,
osConfig,
...
}: {
options.programs.piper = {
enable = lib.mkEnableOption "enable piper";
};
config = lib.mkIf config.programs.piper.enable {
home.packages = with pkgs; [
piper
];
};
}

28
modules/home-manager-modules/programs/prostudiomasters.nix Normal file
View file

@ -0,0 +1,28 @@
{
lib,
pkgs,
config,
osConfig,
...
}: {
options.programs.prostudiomasters = {
enable = lib.mkEnableOption "enable prostudiomasters";
};
config = lib.mkIf config.programs.prostudiomasters.enable (lib.mkMerge [
{
home.packages = with pkgs; [
prostudiomasters
];
}
(
lib.mkIf osConfig.host.impermanence.enable {
home.persistence."/persist${config.home.homeDirectory}" = {
directories = [
"${config.xdg.configHome}/ProStudioMasters"
];
};
}
)
]);
}

29
modules/home-manager-modules/programs/protonvpn.nix Normal file
View file

@ -0,0 +1,29 @@
{
lib,
pkgs,
config,
osConfig,
...
}: {
options.programs.protonvpn-gui = {
enable = lib.mkEnableOption "enable protonvpn";
};
config = lib.mkIf config.programs.protonvpn-gui.enable (lib.mkMerge [
{
home.packages = with pkgs; [
protonvpn-gui
];
}
(
lib.mkIf osConfig.host.impermanence.enable {
home.persistence."/persist${config.home.homeDirectory}" = {
directories = [
"${config.xdg.configHome}/protonvpn"
"${config.xdg.configHome}/Proton"
];
};
}
)
]);
}

17
modules/home-manager-modules/programs/proxmark3.nix Normal file
View file

@ -0,0 +1,17 @@
{
lib,
pkgs,
config,
osConfig,
...
}: {
options.programs.proxmark3 = {
enable = lib.mkEnableOption "enable proxmark3";
};
config = lib.mkIf config.programs.proxmark3.enable {
home.packages = with pkgs; [
proxmark3
];
};
}

28
modules/home-manager-modules/programs/qbittorrent.nix Normal file
View file

@ -0,0 +1,28 @@
{
lib,
pkgs,
config,
osConfig,
...
}: {
options.programs.qbittorrent = {
enable = lib.mkEnableOption "enable qbittorrent";
};
config = lib.mkIf config.programs.qbittorrent.enable (lib.mkMerge [
{
home.packages = with pkgs; [
qbittorrent
];
}
(
lib.mkIf osConfig.host.impermanence.enable {
home.persistence."/persist${config.home.homeDirectory}" = {
directories = [
"${config.xdg.configHome}/qBittorrent"
];
};
}
)
]);
}

29
modules/home-manager-modules/programs/qflipper.nix Normal file
View file

@ -0,0 +1,29 @@
{
lib,
pkgs,
config,
osConfig,
...
}: {
options.programs.qflipper = {
enable = lib.mkEnableOption "enable qflipper";
};
config = lib.mkIf config.programs.qflipper.enable (lib.mkMerge [
{
home.packages = with pkgs; [
qFlipper
];
}
(
lib.mkIf osConfig.host.impermanence.enable {
home.persistence."/persist${config.home.homeDirectory}" = {
directories = [
"${config.xdg.configHome}/qFlipper"
];
allowOther = true;
};
}
)
]);
}

28
modules/home-manager-modules/programs/signal.nix Normal file
View file

@ -0,0 +1,28 @@
{
lib,
pkgs,
config,
osConfig,
...
}: {
options.programs.signal-desktop-bin = {
enable = lib.mkEnableOption "enable signal";
};
config = lib.mkIf config.programs.signal-desktop-bin.enable (lib.mkMerge [
{
home.packages = with pkgs; [
signal-desktop-bin
];
}
(
lib.mkIf osConfig.host.impermanence.enable {
home.persistence."/persist${config.home.homeDirectory}" = {
directories = [
"${config.xdg.configHome}/Signal"
];
};
}
)
]);
}

37
modules/home-manager-modules/programs/steam.nix Normal file
View file

@ -0,0 +1,37 @@
{
lib,
pkgs,
config,
osConfig,
...
}: {
options.programs.steam = {
enable = lib.mkEnableOption "enable steam";
};
config = lib.mkIf config.programs.steam.enable (
lib.mkMerge [
{
home.packages = with pkgs; [
steam
steam.run
];
}
(
lib.mkIf osConfig.host.impermanence.enable {
home.persistence."/persist${config.home.homeDirectory}" = {
directories = [
{
directory = "${config.xdg.dataHome}/Steam";
method = "symlink";
}
];
allowOther = true;
};
}
)
]
);
# TODO: bind impermanence config
}

29
modules/home-manager-modules/programs/tor-browser.nix Normal file
View file

@ -0,0 +1,29 @@
{
lib,
pkgs,
config,
osConfig,
...
}: {
options.programs.tor-browser = {
enable = lib.mkEnableOption "enable tor-browser";
};
config = lib.mkIf config.programs.tor-browser.enable (lib.mkMerge [
{
home.packages = with pkgs; [
tor-browser
];
}
(
lib.mkIf osConfig.host.impermanence.enable {
home.persistence."/persist${config.home.homeDirectory}" = {
directories = [
"${config.xdg.dataHome}/torbrowser"
];
allowOther = true;
};
}
)
]);
}

29
modules/home-manager-modules/programs/ungoogled-chromium.nix Normal file
View file

@ -0,0 +1,29 @@
{
lib,
pkgs,
config,
osConfig,
...
}: {
options.programs.ungoogled-chromium = {
enable = lib.mkEnableOption "enable ungoogled-chromium";
};
config = lib.mkIf config.programs.ungoogled-chromium.enable (lib.mkMerge [
{
home.packages = with pkgs; [
ungoogled-chromium
];
}
(
lib.mkIf osConfig.host.impermanence.enable {
home.persistence."/persist${config.home.homeDirectory}" = {
directories = [
"${config.xdg.configHome}/chromium"
];
allowOther = true;
};
}
)
]);
}

17
modules/home-manager-modules/programs/via.nix Normal file
View file

@ -0,0 +1,17 @@
{
lib,
pkgs,
config,
osConfig,
...
}: {
options.programs.via = {
enable = lib.mkEnableOption "enable via";
};
config = lib.mkIf config.programs.via.enable {
home.packages = with pkgs; [
via
];
};
}

45
modules/home-manager-modules/programs/vscode/aiCode.nix Normal file
View file

@ -0,0 +1,45 @@
{
lib,
pkgs,
...
}: let
pkgsRepository = pkgs.codium-extensions;
in {
options.programs.vscode.profiles = lib.mkOption {
type = lib.types.attrsOf (lib.types.submodule ({config, ...}: {
options = {
extraExtensions.aiCode = {
enable = lib.mkEnableOption "should the ai code extension for vscode be enabled";
extension = lib.mkPackageOption pkgsRepository "ai-code" {};
ollamaHost = lib.mkOption {
type = lib.types.nullOr lib.types.str;
description = "what host should be used for ollama";
default = null;
};
inlineCompletion = {
enable = lib.mkOption {
type = lib.types.bool;
description = "should inline completion be enabled";
default = true;
};
model = lib.mkOption {
type = lib.types.nullOr lib.types.str;
description = "what model should be used for ollama";
default = null;
};
};
};
};
config = lib.mkIf config.extraExtensions.aiCode.enable {
extensions = [
config.extraExtensions.aiCode.extension
];
userSettings = {
"aiCode.ollamaHost" = lib.mkIf (config.extraExtensions.aiCode.ollamaHost != null) config.extraExtensions.aiCode.ollamaHost;
"aiCode.inlineCompletion.enable" = config.extraExtensions.aiCode.inlineCompletion.enable;
"aiCode.inlineCompletion.model" = lib.mkIf (config.extraExtensions.aiCode.inlineCompletion.model != null) config.extraExtensions.aiCode.inlineCompletion.model;
};
};
}));
};
}

34
modules/home-manager-modules/programs/vscode/alejandra.nix Normal file
View file

@ -0,0 +1,34 @@
{
lib,
pkgs,
config,
...
}: let
pkgsRepositories = pkgs.nix-vscode-extensions.forVSCodeVersion config.programs.vscode.package.version;
pkgsRepository = pkgsRepositories.open-vsx;
in {
options.programs.vscode.profiles = lib.mkOption {
type = lib.types.attrsOf (lib.types.submodule ({config, ...}: {
options = {
extraExtensions.alejandra = {
enable = lib.mkEnableOption "Enable Alejandra extension for Nix formatting";
extension = lib.mkPackageOption pkgsRepository "alejandra" {
default = ["kamadorueda" "alejandra"];
};
};
};
config = lib.mkIf config.extraExtensions.alejandra.enable {
extensions = [config.extraExtensions.alejandra.extension];
userSettings = {
"[nix]" = {
"editor.defaultFormatter" = "kamadorueda.alejandra";
"editor.formatOnPaste" = true;
"editor.formatOnSave" = true;
"editor.formatOnType" = true;
};
"alejandra.program" = "alejandra";
};
};
}));
};
}

27
modules/home-manager-modules/programs/vscode/astroVscode.nix Normal file
View file

@ -0,0 +1,27 @@
{
lib,
pkgs,
config,
...
}: let
pkgsRepositories = pkgs.nix-vscode-extensions.forVSCodeVersion config.programs.vscode.package.version;
pkgsRepository = pkgsRepositories.open-vsx;
in {
options.programs.vscode.profiles = lib.mkOption {
type = lib.types.attrsOf (lib.types.submodule ({config, ...}: {
options = {
extraExtensions.astroVscode = {
enable = lib.mkEnableOption "should the astro-vscode extension for vscode be enabled";
extension = lib.mkPackageOption pkgsRepository "astro-vscode" {
default = ["astro-build" "astro-vscode"];
};
};
};
config = lib.mkIf config.extraExtensions.astroVscode.enable {
extensions = [
config.extraExtensions.astroVscode.extension
];
};
}));
};
}

27
modules/home-manager-modules/programs/vscode/atomKeybindings.nix Normal file
View file

@ -0,0 +1,27 @@
{
lib,
pkgs,
config,
...
}: let
pkgsRepositories = pkgs.nix-vscode-extensions.forVSCodeVersion config.programs.vscode.package.version;
pkgsRepository = pkgsRepositories.open-vsx;
in {
options.programs.vscode.profiles = lib.mkOption {
type = lib.types.attrsOf (lib.types.submodule ({config, ...}: {
options = {
extraExtensions.atomKeybindings = {
enable = lib.mkEnableOption "should the atom keybindings extension for vscode be enabled";
extension = lib.mkPackageOption pkgsRepository "atom-keybindings" {
default = ["ms-vscode" "atom-keybindings"];
};
};
};
config = lib.mkIf config.extraExtensions.atomKeybindings.enable {
extensions = [
config.extraExtensions.atomKeybindings.extension
];
};
}));
};
}

27
modules/home-manager-modules/programs/vscode/autoRenameTag.nix Normal file
View file

@ -0,0 +1,27 @@
{
lib,
pkgs,
config,
...
}: let
pkgsRepositories = pkgs.nix-vscode-extensions.forVSCodeVersion config.programs.vscode.package.version;
pkgsRepository = pkgsRepositories.open-vsx;
in {
options.programs.vscode.profiles = lib.mkOption {
type = lib.types.attrsOf (lib.types.submodule ({config, ...}: {
options = {
extraExtensions.autoRenameTag = {
enable = lib.mkEnableOption "should the auto-rename-tag extension for vscode be enabled";
extension = lib.mkPackageOption pkgsRepository "auto-rename-tag" {
default = ["formulahendry" "auto-rename-tag"];
};
};
};
config = lib.mkIf config.extraExtensions.autoRenameTag.enable {
extensions = [
config.extraExtensions.autoRenameTag.extension
];
};
}));
};
}

197
modules/home-manager-modules/programs/vscode/claudeDev.nix Normal file
View file

@ -0,0 +1,197 @@
{
lib,
pkgs,
config,
inputs,
...
}: let
pkgsRepositories = pkgs.nix-vscode-extensions.forVSCodeVersion config.programs.vscode.package.version;
pkgsRepository = pkgsRepositories.open-vsx;
mcp-nixos = inputs.mcp-nixos.packages.${pkgs.stdenv.hostPlatform.system}.default;
anyProfileHasMcpNixos = lib.any (
profile:
profile.extraExtensions.claudeDev.enable
&& profile.extraExtensions.claudeDev.mcp.nixos.enable
) (lib.attrValues config.programs.vscode.profiles);
anyProfileHasMcpEslint = lib.any (
profile:
profile.extraExtensions.claudeDev.enable
&& profile.extraExtensions.claudeDev.mcp.eslint.enable
) (lib.attrValues config.programs.vscode.profiles);
anyProfileHasMcpVitest = lib.any (
profile:
profile.extraExtensions.claudeDev.enable
&& profile.extraExtensions.claudeDev.mcp.vitest.enable
) (lib.attrValues config.programs.vscode.profiles);
anyProfileHasMcpSleep = lib.any (
profile:
profile.extraExtensions.claudeDev.enable
&& profile.extraExtensions.claudeDev.mcp.sleep.enable
) (lib.attrValues config.programs.vscode.profiles);
anyProfileHasMcp = anyProfileHasMcpNixos || anyProfileHasMcpEslint || anyProfileHasMcpVitest || anyProfileHasMcpSleep;
getMcpTimeout = serverName:
lib.findFirst (timeout: timeout != null) null (map (
profile:
if profile.extraExtensions.claudeDev.enable && profile.extraExtensions.claudeDev.mcp.${serverName}.enable
then profile.extraExtensions.claudeDev.mcp.${serverName}.timeout
else null
) (lib.attrValues config.programs.vscode.profiles));
getMcpAutoApprove = serverName:
lib.foldl' (
acc: profile:
if profile.extraExtensions.claudeDev.enable && profile.extraExtensions.claudeDev.mcp.${serverName}.enable
then acc // profile.extraExtensions.claudeDev.mcp.${serverName}.autoApprove
else acc
) {} (lib.attrValues config.programs.vscode.profiles);
getMcpPackage = serverName:
lib.findFirst (package: package != null) null (map (
profile:
if profile.extraExtensions.claudeDev.enable && profile.extraExtensions.claudeDev.mcp.${serverName}.enable
then profile.extraExtensions.claudeDev.mcp.${serverName}.package
else null
) (lib.attrValues config.programs.vscode.profiles));
in {
options.programs.vscode.profiles = lib.mkOption {
type = lib.types.attrsOf (lib.types.submodule ({config, ...}: {
options = {
extraExtensions.claudeDev = {
enable = lib.mkEnableOption "should the claude-dev extension for vscode be enabled";
extension = lib.mkPackageOption pkgsRepository "claude-dev" {
default = ["saoudrizwan" "claude-dev"];
};
mcp = {
nixos = {
enable = lib.mkEnableOption "enable NixOS MCP server for Claude Dev";
};
eslint = {
enable = lib.mkEnableOption "enable ESLint MCP server for Claude Dev";
package = lib.mkOption {
type = lib.types.str;
default = "@eslint/mcp@latest";
description = "NPM package to use for ESLint MCP server";
};
timeout = lib.mkOption {
type = lib.types.nullOr lib.types.int;
default = null;
description = "Timeout in seconds for ESLint MCP server operations";
};
autoApprove = {
lint-files = lib.mkEnableOption "Should the lint-files tool be auto approved for ESLint MCP server";
};
};
vitest = {
enable = lib.mkEnableOption "enable Vitest MCP server for Claude Dev";
package = lib.mkOption {
type = lib.types.str;
default = "@djankies/vitest-mcp";
description = "NPM package to use for Vitest MCP server";
};
timeout = lib.mkOption {
type = lib.types.nullOr lib.types.int;
default = null;
description = "Timeout in seconds for Vitest MCP server operations";
};
autoApprove = {
list_tests = lib.mkEnableOption "Should the list_tests tool be auto approved for Vitest MCP server";
run_tests = lib.mkEnableOption "Should the run_tests tool be auto approved for Vitest MCP server";
analyze_coverage = lib.mkEnableOption "Should the analyze_coverage tool be auto approved for Vitest MCP server";
};
};
sleep = {
enable = lib.mkEnableOption "enable Sleep MCP server for Claude Dev";
package = lib.mkOption {
type = lib.types.str;
default = "sleep-mcp";
description = "NPM package to use for Sleep MCP server";
};
timeout = lib.mkOption {
type = lib.types.nullOr lib.types.int;
default = null;
description = "Timeout in seconds for Sleep MCP server operations";
};
autoApprove = {
sleep = lib.mkEnableOption "Should the sleep tool be auto approved for Sleep MCP server";
};
};
};
};
};
config = lib.mkIf config.extraExtensions.claudeDev.enable {
extensions = [
config.extraExtensions.claudeDev.extension
];
};
}));
};
config = lib.mkMerge [
(lib.mkIf anyProfileHasMcpNixos {
home.packages = [
mcp-nixos
];
})
(lib.mkIf anyProfileHasMcp {
home.file."${config.xdg.configHome}/VSCodium/User/globalStorage/saoudrizwan.claude-dev/settings/cline_mcp_settings.json" = {
text = builtins.toJSON {
mcpServers =
(lib.optionalAttrs anyProfileHasMcpNixos {
nixos = {
command = "${mcp-nixos}/bin/mcp-nixos";
};
})
// (lib.optionalAttrs anyProfileHasMcpEslint {
eslint =
{
command = "${pkgs.nodejs}/bin/npx";
args = ["-y" (getMcpPackage "eslint")];
}
// (lib.optionalAttrs ((getMcpTimeout "eslint") != null) {
timeout = getMcpTimeout "eslint";
})
// (lib.optionalAttrs ((getMcpAutoApprove "eslint") != {}) {
autoApprove = builtins.attrNames (lib.filterAttrs (_: v: v) (getMcpAutoApprove "eslint"));
});
})
// (lib.optionalAttrs anyProfileHasMcpVitest {
vitest =
{
command = "${pkgs.nodejs}/bin/npx";
args = ["-y" (getMcpPackage "vitest")];
}
// (lib.optionalAttrs ((getMcpTimeout "vitest") != null) {
timeout = getMcpTimeout "vitest";
})
// (lib.optionalAttrs ((getMcpAutoApprove "vitest") != {}) {
autoApprove = builtins.attrNames (lib.filterAttrs (_: v: v) (getMcpAutoApprove "vitest"));
});
})
// (lib.optionalAttrs anyProfileHasMcpSleep {
sleep-mcp =
{
command = "${pkgs.nodejs}/bin/npx";
args = ["-y" (getMcpPackage "sleep")];
}
// (lib.optionalAttrs ((getMcpTimeout "sleep") != null) {
timeout = getMcpTimeout "sleep";
})
// (lib.optionalAttrs ((getMcpAutoApprove "sleep") != {}) {
autoApprove = builtins.attrNames (lib.filterAttrs (_: v: v) (getMcpAutoApprove "sleep"));
});
});
};
force = true;
};
})
];
}

34
modules/home-manager-modules/programs/vscode/conventionalCommits.nix Normal file
View file

@ -0,0 +1,34 @@
{
lib,
pkgs,
config,
...
}: let
pkgsRepositories = pkgs.nix-vscode-extensions.forVSCodeVersion config.programs.vscode.package.version;
pkgsRepository = pkgsRepositories.vscode-marketplace;
in {
options.programs.vscode.profiles = lib.mkOption {
type = lib.types.attrsOf (lib.types.submodule ({config, ...}: {
options = {
extraExtensions.conventionalCommits = {
enable = lib.mkEnableOption "Enable VSCode Conventional Commits extension";
extension = lib.mkPackageOption pkgsRepository "conventional-commits" {
default = ["vivaxy" "vscode-conventional-commits"];
};
gitmoji = lib.mkEnableOption "should emoji be prompted for as a part of the commit message./";
promptScopes = lib.mkEnableOption "prompting for scopes in conventional commits";
};
};
config = lib.mkIf config.extraExtensions.conventionalCommits.enable {
extensions = [config.extraExtensions.conventionalCommits.extension];
userSettings = {
"conventionalCommits.gitmoji" = config.extraExtensions.conventionalCommits.gitmoji;
"conventionalCommits.promptScopes" = config.extraExtensions.conventionalCommits.promptScopes;
};
};
}));
};
}

27
modules/home-manager-modules/programs/vscode/default.nix Normal file
View file

@ -0,0 +1,27 @@
{...}: {
imports = [
./oneDark.nix
./atomKeybindings.nix
./aiCode.nix
./alejandra.nix
./nixIde.nix
./autoRenameTag.nix
./es7ReactJsSnippets.nix
./liveServer.nix
./tauriVscode.nix
./vscodeEslint.nix
./vscodeJest.nix
./vscodeStandard.nix
./vscodeStylelint.nix
./go.nix
./evenBetterToml.nix
./openRemoteSsh.nix
./astroVscode.nix
./vscodeMdx.nix
./claudeDev.nix
./nearley.nix
./vitest.nix
./direnv.nix
./conventionalCommits.nix
];
}

25
modules/home-manager-modules/programs/vscode/direnv.nix Normal file
View file

@ -0,0 +1,25 @@
{
lib,
pkgs,
config,
...
}: let
pkgsRepositories = pkgs.nix-vscode-extensions.forVSCodeVersion config.programs.vscode.package.version;
pkgsRepository = pkgsRepositories.vscode-marketplace;
in {
options.programs.vscode.profiles = lib.mkOption {
type = lib.types.attrsOf (lib.types.submodule ({config, ...}: {
options = {
extraExtensions.direnv = {
enable = lib.mkEnableOption "Enable direnv extension";
extension = lib.mkPackageOption pkgsRepository "direnv" {
default = ["mkhl" "direnv"];
};
};
};
config = lib.mkIf config.extraExtensions.direnv.enable {
extensions = [config.extraExtensions.direnv.extension];
};
}));
};
}

27
modules/home-manager-modules/programs/vscode/es7ReactJsSnippets.nix Normal file
View file

@ -0,0 +1,27 @@
{
lib,
pkgs,
config,
...
}: let
pkgsRepositories = pkgs.nix-vscode-extensions.forVSCodeVersion config.programs.vscode.package.version;
pkgsRepository = pkgsRepositories.open-vsx;
in {
options.programs.vscode.profiles = lib.mkOption {
type = lib.types.attrsOf (lib.types.submodule ({config, ...}: {
options = {
extraExtensions.es7ReactJsSnippets = {
enable = lib.mkEnableOption "should the es7-react-js-snippets extension for vscode be enabled";
extension = lib.mkPackageOption pkgsRepository "es7-react-js-snippets" {
default = ["dsznajder" "es7-react-js-snippets"];
};
};
};
config = lib.mkIf config.extraExtensions.es7ReactJsSnippets.enable {
extensions = [
config.extraExtensions.es7ReactJsSnippets.extension
];
};
}));
};
}

27
modules/home-manager-modules/programs/vscode/evenBetterToml.nix Normal file
View file

@ -0,0 +1,27 @@
{
lib,
pkgs,
config,
...
}: let
pkgsRepositories = pkgs.nix-vscode-extensions.forVSCodeVersion config.programs.vscode.package.version;
pkgsRepository = pkgsRepositories.open-vsx;
in {
options.programs.vscode.profiles = lib.mkOption {
type = lib.types.attrsOf (lib.types.submodule ({config, ...}: {
options = {
extraExtensions.evenBetterToml = {
enable = lib.mkEnableOption "should the even-better-toml extension for vscode be enabled";
extension = lib.mkPackageOption pkgsRepository "even-better-toml" {
default = ["tamasfe" "even-better-toml"];
};
};
};
config = lib.mkIf config.extraExtensions.evenBetterToml.enable {
extensions = [
config.extraExtensions.evenBetterToml.extension
];
};
}));
};
}

27
modules/home-manager-modules/programs/vscode/go.nix Normal file
View file

@ -0,0 +1,27 @@
{
lib,
pkgs,
config,
...
}: let
pkgsRepositories = pkgs.nix-vscode-extensions.forVSCodeVersion config.programs.vscode.package.version;
pkgsRepository = pkgsRepositories.open-vsx;
in {
options.programs.vscode.profiles = lib.mkOption {
type = lib.types.attrsOf (lib.types.submodule ({config, ...}: {
options = {
extraExtensions.go = {
enable = lib.mkEnableOption "should the go extension for vscode be enabled";
extension = lib.mkPackageOption pkgsRepository "go" {
default = ["golang" "go"];
};
};
};
config = lib.mkIf config.extraExtensions.go.enable {
extensions = [
config.extraExtensions.go.extension
];
};
}));
};
}

27
modules/home-manager-modules/programs/vscode/liveServer.nix Normal file
View file

@ -0,0 +1,27 @@
{
lib,
pkgs,
config,
...
}: let
pkgsRepositories = pkgs.nix-vscode-extensions.forVSCodeVersion config.programs.vscode.package.version;
pkgsRepository = pkgsRepositories.open-vsx;
in {
options.programs.vscode.profiles = lib.mkOption {
type = lib.types.attrsOf (lib.types.submodule ({config, ...}: {
options = {
extraExtensions.liveServer = {
enable = lib.mkEnableOption "should the live-server extension for vscode be enabled";
extension = lib.mkPackageOption pkgsRepository "live-server" {
default = ["ms-vscode" "live-server"];
};
};
};
config = lib.mkIf config.extraExtensions.liveServer.enable {
extensions = [
config.extraExtensions.liveServer.extension
];
};
}));
};
}

Some files were not shown because too many files have changed in this diff Show more