Lithospherical/nix-config
1
0
Fork 0
forked from jan-leila/nix-config
Code Pull requests Activity

Compare commits

base: Lithospherical:eve
Branches Tags
Lithospherical:main
Lithospherical:eve
Lithospherical:469ba567
jan-leila:main
..
compare: jan-leila:main
Branches Tags
jan-leila:main
Lithospherical:main
Lithospherical:eve
Lithospherical:469ba567

281 commits
eve ... main

Author SHA1 Message Date
Leyla Becker
e1a5ddde95 feat: added storj to README.md 2025-10-30 22:28:02 -05:00
Leyla Becker
c0e2e7ba4a feat: updated flake.lock 2025-10-30 17:43:52 -05:00
Leyla Becker
69ccbffd86 chore: removed incorrect task 2025-10-27 11:02:42 -05:00
Leyla Becker
f9c27c82b6 feat: refactored database configuration 2025-10-27 03:55:09 -05:00
Leyla Becker
e57c1df6e5 chore:added task for qbittorent directory 2025-10-27 02:52:56 -05:00
Leyla Becker
df663e5438 chore: added task to README.md 2025-10-27 02:34:53 -05:00
Leyla Becker
f91f20be7c chore: added more tasks to README.md 2025-10-27 01:13:42 -05:00
Leyla Becker
ec802a2462 chore: updated README.md 2025-10-27 00:56:56 -05:00
Leyla Becker
bb5c94ec2c feat: added catch all route to reverse proxy that blocks connections on non specified hosts 2025-10-27 00:53:59 -05:00
Leyla Becker
81a6588537 feat: updated flack lock 2025-10-26 23:35:54 -05:00
Leyla Becker
758cbd17f7 refactor: removed unused var 2025-10-26 14:43:50 -05:00
Leyla Becker
f72a6da013 feat: fixed actual install 2025-10-26 14:24:18 -05:00
Leyla Becker
7ad6a83dfa feat: broke leyla firefox config into submodules 2025-10-26 13:17:48 -05:00
Leyla Becker
c97d43957d feat: enabled actual 2025-10-26 13:06:08 -05:00
Leyla Becker
5114f52607 feat: added rust-analyzer vscode package 2025-10-25 15:11:25 -05:00
Leyla Becker
30a042d709 refactor: moved server module configs out of default.nix files 2025-10-25 02:56:07 -05:00
Leyla Becker
89793fca6a feat: added per service enable options for impermanence configs 2025-10-25 02:41:00 -05:00
Leyla Becker
a8af8930fa feat: added per service enable options for fail2ban configs 2025-10-25 02:37:53 -05:00
Leyla Becker
ecec04a9ce feat: added per service enable options for reverseProxy configs 2025-10-25 02:31:11 -05:00
Leyla Becker
7f74060713 chore: updated task list in README.md 2025-10-25 01:55:58 -05:00
Leyla Becker
c2435883f1 fix: fixed domains for searx and paperless 2025-10-24 15:01:16 -05:00
Leyla Becker
0f5507c328 refactor: split configurations for fail2ban, postgres, and qbittorent into folders 2025-10-24 13:08:13 -05:00
Leyla Becker
ad04be6534 feat: removed unused podman module 2025-10-24 12:49:36 -05:00
Leyla Becker
4dd285c122 feat: refactored reverse proxy to be a normally named module 2025-10-24 12:45:17 -05:00
Leyla Becker
466926b919 refactor: updated git configuration 2025-10-21 20:44:53 -05:00
Leyla Becker
db8d36dadc build: updated mapillary uploader hash 2025-10-21 20:39:16 -05:00
Leyla Becker
b17f8d49d5 build: updated flake.lock 2025-10-21 20:32:24 -05:00
Leyla Becker
455a98810a feat: enabled crab-hole 2025-10-21 20:03:52 -05:00
Leyla Becker
3f107f8d1e fix: fixed home manager impermanence activation on defiant 2025-10-21 19:35:56 -05:00
Leyla Becker
539af51473 disabled crab-hole 2025-10-21 18:52:38 -05:00
Leyla Becker
f21777b1fb fix: fixed pre and post commit hook behavior 2025-10-20 20:55:35 -05:00
Leyla Becker
290c0692bb feat: added block list to crab-hole 2025-10-20 20:24:28 -05:00
Leyla Becker
d19d535d85 fix: made crab-hole dns accessible from other devices 2025-10-20 20:01:07 -05:00
Leyla Becker
e8f7331b6c feat: enabled ai for emergent and claude code for eve 2025-10-19 20:52:46 -05:00
Leyla Becker
ebf7ea3cf7 feat: added impermanence for more applications 2025-10-19 20:32:38 -05:00
Leyla Becker
dd165d48fe feat: installed vmware for eve home manager user 2025-10-19 19:14:34 -05:00
Leyla Becker
260e37e016 feat: supported branching for commit checking 2025-10-19 18:50:26 -05:00
Leyla Becker
0c88746da1 feat: stubbed out configs for eve home manager user 2025-10-19 17:24:29 -05:00
Leyla Becker
46890110f8 feat: created crab-hole service 2025-10-19 16:32:10 -05:00
Leyla Becker
290db94f42 chore: organized tasks in README.md 2025-10-19 11:31:15 -05:00
Leyla Becker
b05bfc31fe feat: removed TODO for provisioning drives 2025-10-18 17:33:50 -05:00
Leyla Becker
85a6f4a006 chore: removed completed tasks from README.md 2025-10-18 16:29:16 -05:00
Leyla Becker
69ec14ef79 chore: added task to README.md 2025-10-18 16:26:14 -05:00
Leyla Becker
5ccfe1a337 feat: installed lidarr 2025-10-18 13:30:08 -05:00
Leyla Becker
62bb650878 fix: fixed mapillary build 2025-10-17 16:09:37 -05:00
Leyla Becker
488ef1e94a build: updated flake.lock 2025-10-17 15:58:17 -05:00
Leyla Becker
59dc4a7ee1 feat: installed flaresolverr 2025-10-17 15:12:19 -05:00
Leyla Becker
6afdcce951 feat: installed jackett 2025-10-17 14:58:49 -05:00
Leyla Becker
e895fa5edd feat: removed filebot 2025-10-17 13:15:41 -05:00
Leyla Becker
f02cb08570 feat: disabled filebot-cleanup 2025-10-16 23:29:37 -05:00
Leyla Becker
352ca6fccf feat: disabled open dyslexic 2025-10-13 19:30:33 -05:00
Leyla Becker
c953571f2f feat: decrease letter spacing on open dyslexia vscode 2025-10-13 17:11:59 -05:00
Leyla Becker
d87462981e feat: enabled open dyslexia 2025-10-13 17:00:30 -05:00
Leyla Becker
75dcac8d17 feat: drafted out open dyslexic font for vscode 2025-10-13 16:51:26 -05:00
Leyla Becker
80ad498f94 style: removed unused vars 2025-10-13 09:40:02 -05:00
Leyla Becker
6d5a07e08f feat: refactored impermanence to be enableable for users on a system 2025-10-13 09:36:48 -05:00
Leyla Becker
337f03b4e7 Merge remote-tracking branch 'refs/remotes/origin/main' 2025-10-12 21:14:21 -05:00
Leyla Becker
a51a364ce9 fix: enabled extensions installed via config options 2025-10-12 21:10:40 -05:00
Leyla Becker
ee6d48fe49 feat: added night light as a dconf option 2025-10-11 23:34:16 -05:00
Leyla Becker
c81fa77a29 feat: simplified gnome configurations with more options 2025-10-11 23:26:24 -05:00
Leyla Becker
32c7086394 feat: added display scaling for eve 2025-10-11 23:06:54 -05:00
Lithospherical
f80ae02e47 Merge pull request 'main' (#8) from Lithospherical/nix-config:main into main 
Reviewed-on: jan-leila/nix-config#8
 2025-10-12 03:41:59 +00:00
Lithospherical
28a962d712 Merge branch 'main' into main 2025-10-12 03:41:34 +00:00
Leyla Becker
76d3c488db feat: pinned mapilary version downloader 
feat: created user ivy
 2025-10-08 13:05:08 -05:00
Leyla Becker
44922dfcd5 feat: re enabled lix 2025-10-05 14:58:41 -05:00
Leyla Becker
884d11d0a3 chore: updated host map in README 2025-10-04 12:12:45 -05:00
Leyla Becker
0730cc6594 feat: updated polycule package 2025-10-04 11:15:53 -05:00
Leyla Becker
2935d43bcb feat: moved filebot cleanup to jellyfin persistence 2025-10-03 21:10:20 -05:00
Leyla Becker
bc705098d6 chore: removed completed task from README.md 2025-10-03 14:23:26 -05:00
Leyla Becker
7483c2c01c feat: fixed polyclue package 2025-10-03 13:59:12 -05:00
Leyla Becker
2c918478ab feat: enabled filebot-cleanup task 2025-10-02 18:53:32 -05:00
Leyla Becker
03149db7ea build: updated flake lock 2025-10-02 17:53:07 -05:00
Leyla Becker
c9bb9380b5 feat: fixed vpn on defiant 2025-10-02 15:45:21 -05:00
Leyla Becker
21edda5fe6 feat: added auto aproval for nixos mcp server settings 2025-10-02 12:55:49 -05:00
Leyla Becker
d4615fc435 chore: updated README 2025-10-02 12:51:20 -05:00
Leyla Becker
c10c610034 feat: started to create polycule package 2025-10-02 12:49:29 -05:00
Leyla Becker
6dfe3ac326 build: updated flake lock 2025-10-01 15:14:36 -05:00
Leyla Becker
0cb4c25467 fat: disabled filebot-cleanup service 2025-09-26 20:21:58 -05:00
Leyla Becker
178b414a0a chore: removed already completed task from README.md 2025-09-25 22:41:10 -05:00
Leyla Becker
c8d994814f chore: added note to readme 2025-09-25 22:35:28 -05:00
Leyla Becker
1d940fd8d8 feat: disabled sonarr, radarr, and bazarr 2025-09-25 22:33:14 -05:00
Leyla Becker
24def1e3d3 chore: added tasks to README.md 2025-09-25 22:31:29 -05:00
Leyla Becker
a8dfcb02c8 feat: created filebot cleanup service to run in background 2025-09-25 22:28:04 -05:00
Leyla Becker
d2be5c7e24 feat: added radarr, sonarr, and bazarr to the jellyfin_media group 2025-09-25 20:14:07 -05:00
Leyla Becker
a8139f4265 feat: installed filebot 2025-09-25 20:04:51 -05:00
Leyla Becker
f9fe74cc8a feat: installed bazarr, radarr, and sonarr 2025-09-25 19:36:34 -05:00
Leyla Becker
4d52c58f79 feat: instealled media editing programs for defiant 2025-09-25 14:58:51 -05:00
Leyla Becker
ee80636b2b build: updated flake lock 2025-09-24 09:54:51 -05:00
Leyla Becker
d35e2c93c1 feat: added option for auto aprove set root for vitest mcp server 2025-09-21 21:04:47 -05:00
Leyla Becker
ca6de5c0cd chore: added talk to readme 2025-09-18 23:40:13 -05:00
Leyla Becker
2cdc39f3dc fix: disabled broken panoramax config 2025-09-18 14:19:57 -05:00
Leyla Becker
333c68a8cd feat: created db config for panoramax 2025-09-17 22:18:15 -05:00
Leyla Becker
7e6fa744af fix: wrapped prostudiomasters in --in-process-gpu flag 2025-09-17 19:42:15 -05:00
Leyla Becker
3bee0c7402 fix: fixed pkg dependencies for panoramax 2025-09-17 15:15:07 -05:00
Leyla Becker
1b1a3f7219 fix: fixed database timezone alter not working 2025-09-16 12:40:19 -05:00
Leyla Becker
e2e07c9a70 feat: reworked databse config for panoramax 2025-09-16 12:09:41 -05:00
Leyla Becker
9b02e30080 refactor: moved subdomain options into proxy file 2025-09-16 10:44:00 -05:00
Leyla Becker
dfdd6bcc82 chore: removed resolved item from research topics 2025-09-16 10:20:00 -05:00
Leyla Becker
cdeb4e108b refactor: split server modules into smaller more manageable files 2025-09-16 10:14:33 -05:00
Leyla Becker
b2e5ae1f98 build: updated flake lock 2025-09-16 09:58:35 -05:00
Leyla Becker
01325c3068 feat: drafted out database configuration and sgblur config 2025-09-15 15:25:05 -05:00
Leyla Becker
dbd5d36913 feat: drafted out reverse proxy config for panoramax 2025-09-15 14:54:31 -05:00
Leyla Becker
0f87d78271 feat: updated flake lock 2025-09-15 14:02:16 -05:00
Leyla Becker
c0579f55dc feat: created sgblur package 2025-09-15 13:36:07 -05:00
Leyla Becker
1d0f51c70a chore: addede panoramax.nix to server modules 2025-09-15 11:36:12 -05:00
Leyla Becker
376cb934c3 refactor: added asseration for db config 2025-09-15 11:29:43 -05:00
Leyla Becker
84b204f8b1 feat: created env config for panoramax 2025-09-15 10:40:34 -05:00
Leyla Becker
52801b4bb7 refactor: moved reverse proxy into own section in server modules 2025-09-14 22:10:57 -05:00
Leyla Becker
663bdcc012 chore: stubed out section for fail2ban for panoramax 2025-09-14 21:48:10 -05:00
Leyla Becker
88dcba346f feat: started to create panoramax config 2025-09-14 21:42:34 -05:00
Leyla Becker
22b9c5b3f9 chore: added items to task list 2025-09-14 17:34:19 -05:00
Leyla Becker
3bf3391eb9 feat: created mapillary desktop uploader program config and installed for leyla 2025-09-13 18:15:43 -05:00
Leyla Becker
ffcba0d714 feat: created mapillary desktop uploader dirivation 2025-09-13 18:03:04 -05:00
Leyla Becker
0f8faadd80 feat: added more config options for mcp servers 2025-09-12 10:47:31 -05:00
Leyla Becker
cf330b1cbb feat: installed sleep-mcp server 2025-09-12 10:18:06 -05:00
Leyla Becker
ca9f54d795 feat: installed mcp servers for vitest and eslint 2025-09-12 00:41:17 -05:00
Leyla Becker
2745af9443 feat: updated flake.lock 2025-09-08 16:47:05 -05:00
Leyla Becker
487dc21550 refactor: removed eslint mcp server 2025-09-07 20:15:39 -05:00
Leyla Becker
58fec3f132 refactor: switched to using mkEnableOption 2025-09-07 15:58:54 -05:00
Leyla Becker
09d2588406 feat: added config options to hte conventional commit extension to disable emoji and scopes propts 2025-09-06 23:42:13 -05:00
Leyla Becker
68b791f7c1 feat: installed conventional commits plugin 2025-09-06 23:11:22 -05:00
Leyla Becker
1831fea96a updated flake lock 2025-09-04 15:40:22 -05:00
Leyla Becker
2aad75a334 moved more packages to modules 2025-09-04 15:23:59 -05:00
Leyla Becker
c31eb38229 installed direnv extension 2025-09-04 14:33:17 -05:00
Leyla Becker
fab03391fc updated flake.lock 2025-09-04 00:33:53 -05:00
Eve
8b3e0e296e Merge remote-tracking branch 'leyla' 2025-09-03 20:56:50 -05:00
Leyla Becker
2d396228c7 moved krita to programs folder 2025-09-02 23:27:26 -05:00
Leyla Becker
b7dd5328d0 moved piper to module with enable option 2025-09-02 23:20:24 -05:00
Leyla Becker
afcf415621 enabled power management from twilight and emergent 2025-09-02 23:11:29 -05:00
Leyla Becker
d89d085409 updated flake lock 2025-09-02 23:05:27 -05:00
Leyla Becker
6e0650f73b installed the eslint mcp server 2025-08-31 13:56:20 -05:00
Leyla Becker
5a53a7bac4 installed nix mcp server 2025-08-28 14:14:05 -05:00
Leyla Becker
9f94a218cc disabled nfs mounts 2025-08-28 14:11:29 -05:00
Leyla Becker
0d57fb08b1 set up nix mcp server 2025-08-28 11:48:00 -05:00
Leyla Becker
0d2a3e26a8 moved network mounts out of main config and into their own file 2025-08-27 21:21:39 -05:00
Leyla Becker
4a7b57df99 removed invalid config option 2025-08-27 21:19:04 -05:00
Leyla Becker
ca2b188560 fixed nfs mounts 2025-08-27 17:51:11 -05:00
Leyla Becker
1c079fa479 installed vitest 2025-08-27 13:37:31 -05:00
Eve
9c8de12ad3 installed tailscale 2025-08-27 10:52:24 -05:00
Lithospherical
348fa835b8 Merge pull request 'main' (#5) from jan-leila/nix-config:main into main 
Reviewed-on: #5
 2025-08-27 15:36:38 +00:00
Leyla Becker
dbe4b674d7 set zfs auth and tls to true 2025-08-26 18:00:12 -05:00
Leyla Becker
060e6ef037 installed fonts 2025-08-26 15:53:45 -05:00
Leyla Becker
d128b54a05 removed redundant part of config 2025-08-24 23:01:04 -05:00
Leyla Becker
19bd67afe5 installed claudeDev 2025-08-24 15:55:07 -05:00
Leyla Becker
bf07bbdb1b updated flake lock 2025-08-23 13:26:04 -05:00
Leyla Becker
d12f4b5327 installed actual on defiant 2025-08-21 22:02:10 -05:00
Leyla Becker
102a61b38e updated flake lock 2025-08-16 11:32:03 -05:00
Leyla Becker
c1926f6256 updated flake lock 2025-08-13 18:34:13 -05:00
Leyla Becker
ee6ab1c0eb installed printer drivers 2025-08-09 23:32:32 -05:00
Leyla Becker
93b8582734 installed tab session manager 2025-08-06 22:12:42 -05:00
Leyla Becker
7e1e1f357f updated scrub email settings 2025-08-05 00:15:58 -05:00
Leyla Becker
3f897fae25 updated ai code plugin 2025-08-04 20:08:45 -05:00
Leyla Becker
b7a4f63ddd further refined and documents issues with wire guard config 2025-08-04 17:46:56 -05:00
Leyla Becker
7b9d1ee390 added qwen3:235b-a22b 2025-08-01 21:20:52 -05:00
Leyla Becker
5658a39249 added ACL to syncthing mnt folder 2025-08-01 18:30:28 -05:00
Leyla Becker
7b3d4bc021 added acl rules to defiant media_directory 2025-08-01 18:24:45 -05:00
Leyla Becker
22f2052ccf updated flake lock 2025-08-01 17:53:31 -05:00
Leyla Becker
53c0526c4d removed completed task from README.md 2025-07-27 18:27:46 -05:00
Leyla Becker
b5cfb5ec77 moved all extensions other then spell check into their own modules 2025-07-27 18:22:08 -05:00
Leyla Becker
0fd54a5494 added more options to aiCode 2025-07-26 17:53:37 -05:00
Leyla Becker
1f0a147a42 moved more extensions into extension modules 2025-07-26 17:40:01 -05:00
Leyla Becker
e58f08b723 move nix extensions into vscode extensions folders 2025-07-26 16:19:41 -05:00
Leyla Becker
99fb7b8a62 started to move extensions into configurable options 2025-07-26 12:50:21 -05:00
Leyla Becker
dfcd16fdd2 updated user words 2025-07-25 21:33:18 -05:00
Leyla Becker
3131d264d3 updated flake lock 2025-07-25 20:50:53 -05:00
Leyla Becker
9b5ccf6cc9 updated aiCode extension 2025-07-24 01:12:31 -05:00
Leyla Becker
1ac0b89935 fixed cname words 2025-07-23 18:47:46 -05:00
Leyla Becker
e14d1387dc updated user-words in vscode config 2025-07-23 18:15:58 -05:00
Leyla Becker
358f039460 created custom vscode extension 2025-07-21 19:35:11 -05:00
Leyla Becker
3f3ae74fac enabled ollama on horizon 2025-07-18 21:19:18 -05:00
Leyla Becker
c8f163ed0c fixed paperless 2025-07-14 19:38:24 -05:00
Leyla Becker
3a875e0c1f drafted out paperless config 2025-07-14 11:43:45 -05:00
Leyla Becker
1e5eed80c1 installed more home assistant components 2025-07-14 10:49:04 -05:00
Leyla Becker
2fb56dc296 moved home-assistant fail2ban config to its own module 2025-07-13 19:00:16 -05:00
Leyla Becker
92839b4603 got hass app config closer to working 2025-07-13 18:30:45 -05:00
Leyla Becker
2188954b79 installed open wake word 2025-07-13 17:39:25 -05:00
Leyla Becker
2e8eba7709 installed wyoming 2025-07-13 17:22:46 -05:00
Leyla Becker
0e8a148517 started to break up home-assistant config 2025-07-13 16:10:30 -05:00
Leyla Becker
b8e21e6c61 organized README.md 2025-07-12 22:44:49 -05:00
Leyla Becker
035089be38 updated README.md 2025-07-12 19:14:32 -05:00
Leyla Becker
776bf8f744 updated readme 2025-07-12 18:25:53 -05:00
Leyla Becker
9699472b1e update readme 2025-07-12 15:36:02 -05:00
Leyla Becker
3631ba11a8 removed unused parts of configuration 2025-07-12 15:06:32 -05:00
Leyla Becker
644f9371eb added home assistant to fail2ban 2025-07-12 15:04:44 -05:00
Leyla Becker
3ce9b625d1 fixed home assistant 2025-07-12 15:00:59 -05:00
Leyla Becker
1d7e0d11f0 removed continue vscode plugin 2025-07-12 11:53:53 -05:00
Leyla Becker
c863b8c4b5 removed copilot 2025-07-11 18:08:06 -05:00
Leyla Becker
9650c7335a installed copilot for vscode 2025-07-11 18:02:05 -05:00
Leyla Becker
56ef83b4ba updated flake lock and fixed vscode extensions 2025-07-11 17:01:37 -05:00
Leyla Becker
84dfcfddbd updated flake lock 2025-07-05 00:18:00 -05:00
Leyla Becker
43ce007033 moved impermanence config for var lib private into impermanence module 2025-07-05 00:01:28 -05:00
Leyla Becker
4db136d527 updated flake lock 2025-06-30 22:37:38 -05:00
Leyla Becker
b6ce78b35c updated nix flake 2025-06-28 10:33:59 -05:00
Leyla Becker
4c0c443048 fixed hotkeys 2025-06-25 18:35:51 -05:00
Leyla Becker
b3f992f001 added more options to gnome.nix 2025-06-25 17:42:37 -05:00
Leyla Becker
f8aa299e16 fixed hotkey config 2025-06-25 17:27:18 -05:00
Leyla Becker
7c61f8617b created hotkey generator 2025-06-25 14:30:12 -05:00
Leyla Becker
4825c5ec5e made common configuration place for gnome extensions 2025-06-25 13:32:07 -05:00
jan-leila
4ded22c2f5 Merge pull request 'main' (#7) from Lithospherical/nix-config:main into main 
Reviewed-on: jan-leila/nix-config#7
 2025-06-25 02:48:37 +00:00
Lithospherical
db9d0fff09 Merge pull request 'main' (#4) from jan-leila/nix-config:main into main 
Reviewed-on: #4
 2025-06-25 02:46:33 +00:00
Eve
117b30f855 created module to add dconf changes. tried to add dash-to-panel in this module, unsure if it worked 2025-06-24 21:43:43 -05:00
Leyla Becker
5ac103230a updated flake lock 2025-06-24 10:53:51 -05:00
Leyla Becker
fb757e9d1c switched to JDK for gdx 2025-06-23 17:01:25 -05:00
Leyla Becker
b4755365ba removed unused param 2025-06-23 15:42:07 -05:00
Leyla Becker
5c4e677fe8 added gdx-liftoff package 2025-06-23 15:40:03 -05:00
Leyla Becker
b5d292f20e made horizon use models from defiant 2025-06-22 21:03:23 -05:00
Leyla Becker
b7cfcfef7d limit zfs arc to 50gb 2025-06-22 20:10:25 -05:00
Leyla Becker
025eaa935a enabled ollama on defiant 2025-06-22 18:48:59 -05:00
Leyla Becker
9daa44c873 added baobab to excluded packages 2025-06-21 06:09:58 -05:00
Leyla Becker
173b1e3050 added comments to excluded packages 2025-06-21 06:01:53 -05:00
Leyla Becker
317ca75119 fixed environment.gnome.excludePackages 2025-06-21 05:59:34 -05:00
Leyla Becker
394355b2fb Merge remote-tracking branch 'origin' 2025-06-19 10:16:28 -05:00
Leyla Becker
4aa9778a72 merged with main 2025-06-19 10:13:21 -05:00
Leyla Becker
a482a3bfce updated flake.lock 2025-06-19 10:08:42 -05:00
Leyla Becker
dbad92ac75 updated flake lock 2025-06-11 23:39:07 -05:00
Leyla Becker
52a1d97fd4 drafted out entangled worlds mod 2025-06-11 23:36:29 -05:00
Leyla Becker
0476afb471 switched ollama persistence directory 2025-06-11 20:07:39 -05:00
Leyla Becker
1e0eda06b6 switched ollama persistence directory 2025-06-11 19:52:25 -05:00
jan-leila
a2b076e2e5 Merge pull request 'main' (#3) from jan-leila/nix-config:main into main 
Reviewed-on: #3
 2025-06-08 16:51:33 +00:00
Leyla Becker
95e500593e enabled wacom on emergent 2025-06-08 11:48:18 -05:00
jan-leila
7e595d4fc0 Merge pull request 'main' (#6) from Lithospherical/nix-config:main into main 
Reviewed-on: jan-leila/nix-config#6
 2025-06-08 16:43:47 +00:00
jan-leila
703f35d52c Merge branch 'main' into main 2025-06-08 16:43:03 +00:00
Eve
616baf3baf disabled wayland in theory 2025-06-06 03:46:45 +00:00
Leyla Becker
b3918c8105 added dconf-editor to devShell 2025-06-05 14:04:52 -05:00
jan-leila
d3761aa11c Merge pull request 'pulled in eves changes' (#4) from Lithospherical/nix-config:main into main 
Reviewed-on: jan-leila/nix-config#4
 2025-06-05 04:58:20 +00:00
Eve
98a1d1da60 added piper for user eve 2025-06-05 04:53:30 +00:00
Eve
6c7b40e10e fixed eve not importing packages.nix 2025-06-05 04:40:13 +00:00
Lithospherical
198e4c4c5b Merge pull request 'main' (#2) from jan-leila/nix-config:main into main 
Reviewed-on: #2
 2025-06-05 04:13:46 +00:00
Leyla Becker
fc294686ba added steam impermanence config 2025-06-04 22:57:14 -05:00
Leyla Becker
8c4bd4291d updated paths to be based on xdg configurations 2025-06-04 21:00:04 -05:00
Leyla Becker
28ac8a4fa4 fixed home directory starts 2025-06-04 20:54:47 -05:00
Leyla Becker
ca01e667a1 added more application persistence configurations 2025-06-04 20:50:15 -05:00
Leyla Becker
033cc6bc22 removed outdated note 2025-06-04 18:43:22 -05:00
Leyla Becker
0f26b73f6a set up makemkv persistence 2025-06-04 18:37:53 -05:00
Leyla Becker
7363fc97bc updated application key file structure 2025-06-04 13:19:44 -05:00
Leyla Becker
50aca7b170 added applications key file 2025-06-04 13:14:11 -05:00
Leyla Becker
4e94731d9c added impermanence for jetbrains idea-community 2025-06-04 12:30:40 -05:00
Leyla Becker
89373ac243 set up firefox impermanence 2025-06-04 12:16:21 -05:00
Leyla Becker
8d86de4a2d drafted out firefox impermanence 2025-06-03 21:17:08 -05:00
Leyla Becker
17cb9bbaf5 set up more continue agents for horizon 2025-06-03 21:15:26 -05:00
Leyla Becker
54722eff61 set up impermanence configurations for applications 2025-06-03 21:12:51 -05:00
Leyla Becker
ef03167d23 added TODO note 2025-06-03 20:22:35 -05:00
Leyla Becker
2c011fda87 moved steam config out of nix configurations 2025-06-03 16:32:44 -05:00
Leyla Becker
9c7cc3e3a7 drafted out home manager steam configuration 2025-06-03 16:23:20 -05:00
Leyla Becker
7473ad5415 moved more packages to module 2025-06-03 11:19:34 -05:00
Leyla Becker
eca8dfcf69 removed extra packages 2025-06-02 23:15:17 -05:00
Leyla Becker
d741c25291 moved some packages under desktop + direct access 2025-06-02 22:50:35 -05:00
Leyla Becker
9fe35e74ad created program option entries for all packages that needs continual state 2025-06-02 22:47:01 -05:00
Leyla Becker
5484f9ba04 Merge remote-tracking branch 'refs/remotes/origin/main' 2025-06-02 21:15:37 -05:00
Leyla Becker
666504a63a added notes for leyla packages 2025-06-02 21:13:45 -05:00
Leyla Becker
dd53735354 refactored leyla packages into several folders 2025-06-02 21:07:09 -05:00
Leyla Becker
e6a640abfc fixed warning in nvida-drivers 2025-06-01 23:52:13 -05:00
Leyla Becker
a7b738eae3 made twilight hardware-configuration.nix match what is automatically generated 2025-06-01 22:10:29 -05:00
Leyla Becker
1a4c2b2f95 stripped down twilight configuration.nix 2025-06-01 21:06:54 -05:00
Leyla Becker
42e2ce9258 fixed warnings on defiant 2025-06-01 20:58:30 -05:00
Leyla Becker
9664eeb38d updated flakes 2025-06-01 18:19:03 -05:00
Leyla Becker
ac7c2e6de6 switched to lix 2025-06-01 18:11:27 -05:00
Leyla Becker
5e0bf9f068 re enabled ssh agent IdentityFile 2025-06-01 17:37:56 -05:00
Leyla Becker
2e41153c43 reverted nixos-anywhere devshell 2025-06-01 16:37:12 -05:00
Leyla Becker
35d6c1a634 enabled fwupd on horizon 2025-06-01 16:04:13 -05:00
Leyla Becker
2475170d0a moved user set configurations out of hardware-configuration.nix 2025-06-01 15:28:06 -05:00
Leyla Becker
ba2a31a80e removed unused variable 2025-06-01 15:16:27 -05:00
Leyla Becker
6ce718ab09 moved emergent to common disko configuration 2025-06-01 15:07:13 -05:00
Leyla Becker
795b9b010f made zfs mode settable 2025-06-01 15:04:37 -05:00
Leyla Becker
99ea355472 made boot disko partition configurable 2025-06-01 14:59:24 -05:00
Leyla Becker
a68f81cf3b moved disko needed configuration to disko.nix 2025-06-01 14:41:55 -05:00
Leyla Becker
7979b4ed17 installed prostudiomasters for leyla only 2025-06-01 14:29:39 -05:00
Leyla Becker
b1e7be48b3 moved packages to common-modules 2025-06-01 14:27:50 -05:00
Leyla Becker
36382ebfe0 switched to using nixos-anywhere flake in dev shell 2025-06-01 14:19:31 -05:00
jan-leila
254edf2d4a Merge pull request 'main' (#3) from Lithospherical/nix-config:main into main 
Reviewed-on: jan-leila/nix-config#3
 2025-06-01 18:40:54 +00:00
Eve
54d03b280c increase size of boot partiton for emergent 2025-06-01 13:36:50 -05:00
Eve
93793f2f1c set nvidia drivers to open 2025-06-01 13:36:44 -05:00
Lithospherical
51b7a18449 Merge pull request 'main' (#1) from jan-leila/nix-config:main into main 
Reviewed-on: #1
 2025-06-01 18:15:14 +00:00
Leyla Becker
21eff1d083 moved Eve configurations into their own package 2025-06-01 13:07:56 -05:00
Leyla Becker
2820252c54 made leyla configs optional 2025-06-01 13:00:34 -05:00
jan-leila
4f195245ce Merge pull request 'main' (#2) from Lithospherical/nix-config:main into main 
Reviewed-on: jan-leila/nix-config#2
 2025-06-01 17:52:54 +00:00
Eve
7acf6a1c13 added nvidia-drivers as a seperate file and imported to config file 2025-06-01 12:22:42 -05:00
Eve
c54210411d added steam + dependencies 2025-06-01 11:59:56 -05:00
Eve
327a5ce55f added vscodium 2025-06-01 16:31:08 +00:00
Eve Halfmann
5d055c6a88 updated git username 2025-06-01 16:20:33 +00:00
jan-leila
1225e41d8b Merge pull request 'eve' (#1) from eve into main 
Reviewed-on: jan-leila/nix-config#1
 2025-06-01 00:47:02 +00:00
256 changed files with 11117 additions and 2727 deletions
Download patch file Download diff file Expand all files Collapse all files

10
.hooks/post-commit
View file

@ -3,4 +3,12 @@
echo "restoring stashed changes"
git stash pop -q
# Find the most recent pre-commit stash and restore it
recent_stash=$(git stash list | grep "pre-commit-stash-" | head -n 1 | cut -d: -f1)
if [ -n "$recent_stash" ]; then
echo "Found recent pre-commit stash: $recent_stash"
git stash pop -q "$recent_stash"
else
echo "No pre-commit stash found to restore"
fi

32
.hooks/post-merge Executable file
View file

@ -0,0 +1,32 @@
#!/usr/bin/env nix-shell
#! nix-shell -i bash ../shell.nix
# Get current branch name
current_branch=$(git branch --show-current)
# Only perform actions if we're on main branch and a merge just completed
if [ "$current_branch" = "main" ]; then
echo "Post-merge on main branch - running nix flake check"
# Run nix flake check after merge into main
nix flake check
if [ ! $? -eq 0 ]; then
echo "Warning: nix flake check failed after merge into main"
echo "Please fix the issues as soon as possible"
else
echo "nix flake check passed after merge"
fi
# Check if there are any pre-commit stashes to restore
recent_stash=$(git stash list | grep "pre-commit-stash-" | head -n 1 | cut -d: -f1)
if [ -n "$recent_stash" ]; then
echo "Post-merge: restoring pre-commit stash on main branch"
git stash pop -q "$recent_stash"
else
echo "Post-merge: no pre-commit stash to restore on main branch"
fi
else
echo "Post-merge: no action needed on branch '$current_branch'"
fi

20
.hooks/pre-commit
View file

@ -1,14 +1,24 @@
#!/usr/bin/env nix-shell
#! nix-shell -i bash ../shell.nix
echo "stashing all uncommitted changes"
git stash -q --keep-index
# Get current branch name
current_branch=$(git branch --show-current)
echo "checking flakes all compile"
nix flake check
echo "stashing all uncommitted changes with named stash (excluding hooks)"
git stash push -q --keep-index -m "pre-commit-stash-$(date +%s)" -- ':!.hooks/'
if [ ! $? -eq 0 ]; then
# Only run nix flake check if we're on main branch
if [ "$current_branch" = "main" ]; then
echo "On main branch - checking flakes all compile"
nix flake check
if [ ! $? -eq 0 ]; then
echo "Error: nix flake check failed on main branch"
exit 1
fi
echo "nix flake check passed"
else
echo "Not on main branch - skipping nix flake check"
fi
echo "running linter"

37
.hooks/pre-merge-commit Executable file
View file

@ -0,0 +1,37 @@
#!/usr/bin/env nix-shell
#! nix-shell -i bash ../shell.nix
# Get the target branch (the branch being merged into)
target_branch=""
# Check if we're in the middle of a merge
if [ -f .git/MERGE_HEAD ]; then
# We're in a merge, check if the current branch is main
current_branch=$(git branch --show-current)
if [ "$current_branch" = "main" ]; then
target_branch="main"
fi
fi
# If we're merging into main, run nix flake check
if [ "$target_branch" = "main" ]; then
echo "Merging into main branch - running nix flake check..."
echo "stashing all uncommitted changes with named stash (excluding hooks)"
git stash push -q --keep-index -m "pre-merge-stash-$(date +%s)" -- ':!.hooks/'
echo "checking flakes all compile"
nix flake check
if [ ! $? -eq 0 ]; then
echo "Error: nix flake check failed. Merge aborted."
echo "Please fix the issues and try merging again."
exit 1
fi
echo "nix flake check passed. Merge can proceed."
else
echo "Not merging into main branch, skipping nix flake check."
fi
exit 0

4
.sops.yaml
View file

@ -13,3 +13,7 @@ creation_rules:
key_groups:
- age:
- *leyla
- path_regex: secrets/application-keys.yaml$
key_groups:
- age:
- *leyla

108
README.md
View file

@ -7,19 +7,19 @@ nix multi user, multi system, configuration with `sops` secret management, `home
# Hosts
## Host Map
| Hostname | Device Description | Primary User | Role |
| :---------: | :------------------------: | :--------------: | :-------: |
| `twilight` | Desktop Computer | Leyla | Desktop |
| `horizon` | 13 inch Framework Laptop | Leyla | Laptop |
| `defiant` | NAS Server | Leyla | Server |
| `hesperium` | Mac | ????? | ??? |
| `emergent` | Desktop Computer | Eve | Desktop |
| `threshold` | Laptop | Eve | Laptop |
| `wolfram` | Steam Deck | House | Handheld |
| `ceder` | A5 Tablet (not using nix) | Leyla | Tablet |
| `skate` | A6 Tablet (not using nix) | Leyla | Tablet |
| `shale` | A6 Tablet (not using nix) | Eve | Tablet |
| `coven` | Pixel 8 (not using nix) | Leyla | Android |
| Hostname | Device Description | Primary User | Role | Provisioned | Using Nix |
| :---------: | :------------------------: | :--------------: | :-------: | :---------: | :-------: |
| `twilight` | Desktop Computer | Leyla | Desktop | ✅ | ✅ |
| `horizon` | 13 inch Framework Laptop | Leyla | Laptop | ✅ | ✅ |
| `defiant` | NAS Server | Leyla | Server | ✅ | ✅ |
| `hesperium` | Mac | ????? | Mac | ❌ | ❌ |
| `emergent` | Desktop Computer | Eve | Desktop | ✅ | ✅ |
| `threshold` | Laptop | Eve | Laptop | ❌ | ❌ |
| `wolfram` | Steam Deck | House | Handheld | ✅ | ❌ |
| `ceder` | A5 Tablet | Leyla | Tablet | ✅ | ❌ |
| `skate` | A6 Tablet | Leyla | Tablet | ❌ | ❌ |
| `shale` | A6 Tablet | Eve | Tablet | ✅ | ❌ |
| `coven` | Pixel 8 | Leyla | Android | ✅ | ❌ |
# Tooling
## Rebuilding
@ -41,30 +41,68 @@ nix multi user, multi system, configuration with `sops` secret management, `home
## Research topics
- Look into this for auto rotating sops keys `https://technotim.live/posts/rotate-sops-encryption-keys/`
- Look into this for flake templates https://nix.dev/manual/nix/2.22/command-ref/new-cli/nix3-flake-init
- Look into this for npins https://jade.fyi/blog/pinning-nixos-with-npins/
- https://nixos-and-flakes.thiscute.world/
- proton mail now has an smtp server we could use that for our zfs and SMART test emails
# Tasks:
## Chores:
- [ ] test out crab hole service
## Tech Debt
- monitor configuration in `~/.config/monitors.xml` should be sym linked to `/run/gdm/.config/monitors.xml` (https://www.reddit.com/r/NixOS/comments/u09cz9/home_manager_create_my_own_symlinks_automatically/)
- syncthing folder passwords
- nfs export should be backed by the same values for server and client
## New Features
- offline access for nfs mounts (overlay with rsync might be a good option here? https://www.spinics.net/lists/linux-unionfs/msg07105.html note about nfs4 and overlay fs)
- samba mounts
- figure out steam vr things?
- Open GL?
- rotate sops encryption keys periodically (and somehow sync between devices?)
- zfs email after scrubbing # TODO: test this
- wake on LAN for updates
- ISO target that contains authorized keys for nixos-anywhere https://github.com/diegofariasm/yggdrasil/blob/4acc43ebc7bcbf2e41376d14268e382007e94d78/hosts/bootstrap/default.nix
- zfs encryption FIDO2 2fa (look into shavee)
- Secure Boot - https://github.com/nix-community/lanzaboote
- SMART test with email results
- Create Tor guard/relay server
- remote distributed builds - https://nix.dev/tutorials/nixos/distributed-builds-setup.html
- migrate away from flakes and move to npins
- fix nfs
- fix home assistant
- create adguard server
- [ ] monitor configuration in `~/.config/monitors.xml` should be sym linked to `/run/gdm/.config/monitors.xml` (https://www.reddit.com/r/NixOS/comments/u09cz9/home_manager_create_my_own_symlinks_automatically/)
- [ ] migrate away from flakes and move to npins
## Broken things
- [ ] figure out steam vr things?
- [ ] whisper was having issues
## Data Integrity
- [ ] zfs email after scrubbing # TODO: test this
- [ ] SMART test with email results
- [ ] zfs encryption FIDO2 2fa (look into shavee)
- [ ] rotate sops encryption keys periodically (and somehow sync between devices?)
- [ ] Secure Boot - https://github.com/nix-community/lanzaboote
- [ ] auto turn off on power loss - nut
- [ ] secondary server with data sync. Maybe a Pi with a usb hdd enclosure and use rtcwake to only turn on once a week to sync data over tailscale with connection initiated from pi's side. We could probably put this at LZ. Hoping for it to draw only like $1 of power a month. Initial sync should probably be done here before we move it over because that will take a while. Data should be encrypted so that devices doesn't have access to it. Project will prob cost like $1800
## Data Access
- [ ] nfs export should be backed by the same values for server and client
- [ ] samba mounts
- [ ] offline access for nfs mounts (overlay with rsync might be a good option here? https://www.spinics.net/lists/linux-unionfs/msg07105.html note about nfs4 and overlay fs)
- [ ] figure out why syncthing and jellyfins permissions don't propagate downwards
- [ ] make radarr, sonarr, and bazarr accessible over vpn
- [ ] move searx, home-assistant, actual, vikunja, jellyfin, paperless, and immich to only be accessible via vpn
## Services
- [ ] vikunja service for project management
- [ ] Penpot services (need to make this custom)
- [ ] minecraft server with old world file
- [ ] Create Tor guard/relay server
- [ ] mastodon instance
- [ ] screeps server
- [ ] storj server
## DevOps
- [ ] wake on LAN for updates
- [ ] remote distributed builds - https://nix.dev/tutorials/nixos/distributed-builds-setup.html
- [ ] ISO target that contains authorized keys for nixos-anywhere https://github.com/diegofariasm/yggdrasil/blob/4acc43ebc7bcbf2e41376d14268e382007e94d78/hosts/bootstrap/default.nix
- [ ] fix panoramax package
- [ ] claude code MCP servers should bundle node with them so they work in all environments
## Observability
- [ ] graphana for dashboards
- [ ] prometheus and loki for metric and log collection
- [ ] zfs storage usage
- [ ] zfs drive health status
- [ ] service version lag
- [ ] network/cpu/ram utilization
- [ ] http latency
- [ ] postgres db load
- [ ] nginx queries
- [ ] ntfy.sh for push notifications
- [ ] kuma for uptime visualization
## Packages
- [ ] Custom private fork of MultiMC

1
configurations/home-manager/default.nix
View file

@ -8,5 +8,6 @@
in {
leyla = lib.mkIf users.leyla.isNormalUser (import ./leyla);
eve = lib.mkIf users.eve.isNormalUser (import ./eve);
ivy = lib.mkIf users.ivy.isNormalUser (import ./ivy);
git = lib.mkIf (osConfig.services.forgejo.enable or false) (import ./git);
}

47
configurations/home-manager/eve/default.nix
View file

@ -1,15 +1,10 @@
{
pkgs,
lib,
config,
osConfig,
...
}: let
{osConfig, ...}: let
userConfig = osConfig.host.users.eve;
in {
nixpkgs.config = {
allowUnfree = true;
};
imports = [
./packages.nix
./gnomeconf.nix
];
home = {
username = userConfig.name;
@ -57,37 +52,5 @@ in {
sessionVariables = {
# EDITOR = "emacs";
};
packages = lib.lists.optionals userConfig.isDesktopUser (
with pkgs; [
firefox
bitwarden
discord
makemkv
signal-desktop-bin
ungoogled-chromium
]
);
};
programs = {
# Let Home Manager install and manage itself.
home-manager.enable = true;
git = {
enable = true;
userName = "Eve Halfmann";
userEmail = "evesnrobins@gmail.com";
extraConfig.init.defaultBranch = "main";
};
openssh = {
hostKeys = [
{
type = "ed25519";
path = "${config.home.username}_${osConfig.networking.hostName}_ed25519";
}
];
};
};
}

39
configurations/home-manager/eve/gnomeconf.nix Normal file
View file

@ -0,0 +1,39 @@
{
osConfig,
lib,
...
}: {
config = {
gnome = lib.mkMerge [
{
colorScheme = "prefer-dark";
accentColor = "slate";
clockFormat = "24h";
nightLight = {
enable = true;
automatic = false;
fromTime = 12.0;
toTime = 11.999999999999;
temperature = 2700;
};
extraWindowControls = true;
extensions = {
dash-to-panel = {
enable = true;
};
};
}
(lib.mkIf (osConfig.networking.hostName == "horizon") {
displayScaling = 125;
experimentalFeatures = {
scaleMonitorFramebuffer = true;
};
})
];
dconf = {
enable = true;
};
};
}

86
configurations/home-manager/eve/packages.nix Normal file
View file

@ -0,0 +1,86 @@
{
lib,
pkgs,
config,
osConfig,
...
}: let
userConfig = osConfig.host.users.eve;
hardware = osConfig.host.hardware;
in {
config = {
nixpkgs.config = {
allowUnfree = true;
};
# Packages that can be installed without any extra configuration
# See https://search.nixos.org/packages for all options
home.packages = lib.lists.optionals userConfig.isDesktopUser (
with pkgs; [
gnomeExtensions.dash-to-panel
claude-code
]
);
# Packages that need to be installed with some extra configuration
# See https://home-manager-options.extranix.com/ for all options
programs = lib.mkMerge [
{
# Let Home Manager install and manage itself.
home-manager.enable = true;
}
(lib.mkIf (config.user.isDesktopUser || config.user.isTerminalUser) {
git = {
enable = true;
settings = {
user.name = "Eve";
user.email = "evesnrobins@gmail.com";
init.defaultBranch = "main";
};
};
openssh = {
enable = true;
hostKeys = [
{
type = "ed25519";
path = "${config.home.username}_${osConfig.networking.hostName}_ed25519";
}
];
};
})
(lib.mkIf config.user.isDesktopUser {
vscode = {
enable = true;
package = pkgs.vscodium;
};
firefox.enable = true;
bitwarden.enable = true;
discord.enable = true;
makemkv.enable = true;
signal-desktop-bin.enable = true;
steam.enable = true;
piper.enable = hardware.piperMouse.enable;
krita.enable = true;
ungoogled-chromium.enable = true;
inkscape.enable = true;
obsidian.enable = true;
obs-studio.enable = true;
kdenlive.enable = true;
tor-browser.enable = true;
olympus.enable = true;
libreoffice.enable = true;
claude-code.enable = osConfig.host.ai.enable;
# Windows applications that we need to figure out how to install
guild-wars-2.enable = false;
vortex.enable = false;
dungeon-draft.enable = false;
vmware-workstation.enable = true;
})
];
};
}

2
configurations/home-manager/git/default.nix
View file

@ -1,4 +1,6 @@
{osConfig, ...}: {
impermanence.fallbackPersistence.enable = false;
home = {
username = osConfig.users.users.git.name;
homeDirectory = osConfig.users.users.git.home;

55
configurations/home-manager/ivy/default.nix Normal file
View file

@ -0,0 +1,55 @@
{osConfig, ...}: let
userConfig = osConfig.host.users.ivy;
in {
imports = [
./packages.nix
];
home = {
username = userConfig.name;
homeDirectory = osConfig.users.users.ivy.home;
# This value determines the Home Manager release that your configuration is
# compatible with. This helps avoid breakage when a new Home Manager release
# introduces backwards incompatible changes.
#
# You should not change this value, even if you update Home Manager. If you do
# want to update the value, then make sure to first check the Home Manager
# release notes.
stateVersion = "23.11"; # Please read the comment before changing.
# Home Manager is pretty good at managing dotfiles. The primary way to manage
# plain files is through 'home.file'.
file = {
# # Building this configuration will create a copy of 'dotfiles/screenrc' in
# # the Nix store. Activating the configuration will then make '~/.screenrc' a
# # symlink to the Nix store copy.
# ".screenrc".source = dotfiles/screenrc;
# # You can also set the file content immediately.
# ".gradle/gradle.properties".text = ''
# org.gradle.console=verbose
# org.gradle.daemon.idletimeout=3600000
# '';
};
# Home Manager can also manage your environment variables through
# 'home.sessionVariables'. If you don't want to manage your shell through Home
# Manager then you have to manually source 'hm-session-vars.sh' located at
# either
#
# ~/.nix-profile/etc/profile.d/hm-session-vars.sh
#
# or
#
# ~/.local/state/nix/profiles/profile/etc/profile.d/hm-session-vars.sh
#
# or
#
# /etc/profiles/per-user/ivy/etc/profile.d/hm-session-vars.sh
#
sessionVariables = {
# EDITOR = "emacs";
};
};
}

73
configurations/home-manager/ivy/packages.nix Normal file
View file

@ -0,0 +1,73 @@
{
lib,
pkgs,
config,
osConfig,
...
}: {
config = {
nixpkgs.config = {
allowUnfree = true;
};
# Programs that need to be installed with some extra configuration
programs = lib.mkMerge [
{
# Let Home Manager install and manage itself.
home-manager.enable = true;
}
(lib.mkIf (config.user.isDesktopUser || config.user.isTerminalUser) {
# git = {
# enable = true;
# userName = "Ivy";
# userEmail = "ivy@example.com"; # Update this with actual email
# extraConfig.init.defaultBranch = "main";
# };
openssh = {
enable = true;
hostKeys = [
{
type = "ed25519";
path = "${config.home.username}_${osConfig.networking.hostName}_ed25519";
}
];
};
})
(lib.mkIf config.user.isDesktopUser {
vscode = {
enable = true;
package = pkgs.vscodium;
mutableExtensionsDir = false;
profiles.default = {
enableUpdateCheck = false;
enableExtensionUpdateCheck = false;
extraExtensions = {
# Cline extension (Claude AI assistant)
claudeDev.enable = true;
# Auto Rename Tag
autoRenameTag.enable = true;
# Live Server
liveServer.enable = true;
};
extensions = let
extension-pkgs = pkgs.nix-vscode-extensions.forVSCodeVersion config.programs.vscode.package.version;
in (
with extension-pkgs.open-vsx; [
streetsidesoftware.code-spell-checker
]
);
};
};
firefox.enable = true;
discord.enable = true;
signal-desktop-bin.enable = true;
claude-code.enable = true;
})
];
};
}

55
configurations/home-manager/leyla/dconf.nix
View file

@ -1,46 +1,43 @@
{pkgs, ...}: {
{...}: {
config = {
dconf = {
gnome = {
extraWindowControls = true;
colorScheme = "prefer-dark";
clockFormat = "24h";
nightLight = {
enable = true;
settings = {
"org/gnome/desktop/interface".color-scheme = "prefer-dark";
"org/gnome/desktop/wm/preferences".button-layout = ":minimize,maximize,close";
"org/gnome/shell" = {
disable-user-extensions = false; # enables user extensions
enabled-extensions = [
# Put UUIDs of extensions that you want to enable here.
# If the extension you want to enable is packaged in nixpkgs,
# you can easily get its UUID by accessing its extensionUuid
# field (look at the following example).
pkgs.gnomeExtensions.dash-to-dock.extensionUuid
# Alternatively, you can manually pass UUID as a string.
# "dash-to-dock@micxgx.gmail.com"
];
automatic = false;
fromTime = 12.0;
toTime = 11.999999999999;
temperature = 2700;
};
"org/gnome/shell/extensions/dash-to-dock" = {
extensions = {
dash-to-dock = {
enable = true;
options = {
"dock-position" = "LEFT";
"intellihide-mode" = "ALL_WINDOWS";
"show-trash" = false;
"require-pressure-to-show" = false;
"show-mounts" = false;
};
"org/gnome/settings-daemon/plugins/media-keys" = {
custom-keybindings = [
"/org/gnome/settings-daemon/plugins/media-keys/custom-keybindings/custom0/"
];
};
"org/gnome/settings-daemon/plugins/media-keys/custom-keybindings/custom0" = {
};
hotkeys = {
"Open Terminal" = {
binding = "<Super>t";
command = "kgx";
name = "Open Terminal";
};
"Open Firefox" = {
binding = "<Super>f";
command = "firefox";
};
};
};
dconf = {
enable = true;
settings = {
"org/gnome/shell" = {
favorite-apps = ["org.gnome.Nautilus.desktop" "firefox.desktop" "codium.desktop" "steam.desktop" "org.gnome.Console.desktop"];
# app-picker-layout =

76
configurations/home-manager/leyla/default.nix
View file

@ -1,16 +1,19 @@
{
osConfig,
pkgs,
config,
osConfig,
...
}: {
imports = [
./packages
./i18n.nix
./packages.nix
./impermanence.nix
./dconf.nix
];
config = {
impermanence.enable = osConfig.host.impermanence.enable;
# Home Manager needs a bit of information about you and the paths it should
# manage.
home = {
@ -39,7 +42,7 @@
# org.gradle.console=verbose
# org.gradle.daemon.idletimeout=3600000
# '';
".config/user-dirs.dirs" = {
"${config.xdg.configHome}/user-dirs.dirs" = {
force = true;
text = ''
# This file is written by xdg-user-dirs-update
@ -83,69 +86,10 @@
};
};
user = {
continue = {
enable = true;
docs = {
"Continue Docs" = {
startUrl = "https://docs.continue.dev";
};
"Nixpkgs" = {
startUrl = "https://ryantm.github.io/nixpkgs/#preface";
};
"Nix Manual" = {
startUrl = "https://nixos.org/manual/nixos/stable/";
};
"Home manager Manual" = {
startUrl = "https://nix-community.github.io/home-manager/";
};
"Nix Docs" = {
startUrl = "https://nix.dev/index.html";
};
"Linux Man Page" = {
startUrl = "https://linux.die.net/man/";
};
};
};
};
programs = {
# Let Home Manager install and manage itself.
home-manager.enable = true;
# set up git defaults
git = {
enable = true;
userName = "Leyla Becker";
userEmail = "git@jan-leila.com";
extraConfig.init.defaultBranch = "main";
};
# add direnv to auto load flakes for development
direnv = {
enable = true;
enableBashIntegration = true;
nix-direnv.enable = true;
config = {
global.hide_env_diff = true;
whitelist.exact = ["/home/leyla/documents/code/nix-config"];
};
};
bash.enable = true;
openssh = {
authorizedKeys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJHeItmt8TRW43uNcOC+eIurYC7Eunc0V3LGocQqLaYj leyla@horizon"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIILimFIW2exEH/Xo7LtXkqgE04qusvnPNpPWSCeNrFkP leyla@defiant"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKBiZkg1c2aaNHiieBX4cEziqvJVj9pcDfzUrKU/mO0I leyla@twilight"
# TODO: move this into a fonts module
home.packages = with pkgs; [
aileron
];
hostKeys = [
{
type = "ed25519";
path = "${config.home.username}_${osConfig.networking.hostName}_ed25519";
}
];
};
};
fonts.fontconfig.enable = true;
};
}

10
configurations/home-manager/leyla/impermanence.nix
View file

@ -1,22 +1,18 @@
{
lib,
osConfig,
config,
...
}: {
config = lib.mkIf osConfig.host.impermanence.enable {
config = lib.mkIf (config.impermanence.enable) {
home.persistence."/persist/home/leyla" = {
directories = [
"desktop"
"downloads"
"documents"
{
directory = ".local/share/Steam";
method = "symlink";
}
];
files = [
".bash_history" # keep shell history around
".local/share/recently-used.xbel" # gnome recently viewed files
"${config.xdg.dataHome}/recently-used.xbel" # gnome recently viewed files
];
allowOther = true;
};

95
configurations/home-manager/leyla/packages.nix
View file

@ -1,95 +0,0 @@
{
lib,
osConfig,
pkgs,
...
}: let
userConfig = osConfig.host.users.leyla;
hardware = osConfig.host.hardware;
in {
imports = [
./vscode/default.nix
./firefox.nix
];
nixpkgs.config = {
allowUnfree = true;
};
home = {
packages =
lib.lists.optionals userConfig.isTerminalUser (
with pkgs; [
# command line tools
sox
yt-dlp
ffmpeg
imagemagick
]
)
++ (
lib.lists.optionals userConfig.isDesktopUser (
(with pkgs; [
# helvetica font
aileron
gnomeExtensions.dash-to-dock
# development tools
dbeaver-bin
bruno
proxmark3
])
++ (
lib.lists.optionals hardware.directAccess.enable (with pkgs; [
#foss platforms
signal-desktop-bin
bitwarden
ungoogled-chromium
libreoffice
inkscape
gimp
krita
freecad
# cura
# kicad-small
makemkv
onionshare
# rhythmbox
(lib.mkIf hardware.graphicsAcceleration.enable obs-studio)
# wireshark
# rpi-imager
# fritzing
mfoc
tor-browser
anki
pdfarranger
calibre
qbittorrent
picard
# proprietary platforms
discord
obsidian
(lib.mkIf hardware.graphicsAcceleration.enable davinci-resolve)
# development tools
# androidStudioPackages.canary
jetbrains.idea-community
qFlipper
# system tools
protonvpn-gui
openvpn
noisetorch
# hardware management tools
(lib.mkIf hardware.piperMouse.enable piper)
(lib.mkIf hardware.openRGB.enable openrgb)
(lib.mkIf hardware.viaKeyboard.enable via)
])
)
)
);
};
}

93
configurations/home-manager/leyla/packages/default.nix Normal file
View file

@ -0,0 +1,93 @@
{
lib,
pkgs,
config,
osConfig,
...
}: let
hardware = osConfig.host.hardware;
in {
imports = [
./vscode
./firefox
./direnv.nix
./openssh.nix
./git.nix
./makemkv.nix
];
config = lib.mkMerge [
{
programs = lib.mkMerge [
{
# Let Home Manager install and manage itself.
home-manager.enable = true;
}
(lib.mkIf (config.user.isTerminalUser || config.user.isDesktopUser) {
bash.enable = true;
git.enable = true;
openssh.enable = true;
})
(lib.mkIf config.user.isDesktopUser {
bitwarden.enable = true;
obs-studio.enable = hardware.graphicsAcceleration.enable;
qbittorrent.enable = true;
prostudiomasters.enable = true;
protonvpn-gui.enable = true;
dbeaver-bin.enable = true;
bruno.enable = true;
piper.enable = hardware.piperMouse.enable;
proxmark3.enable = true;
openrgb.enable = hardware.openRGB.enable;
via.enable = hardware.viaKeyboard.enable;
claude-code.enable = osConfig.host.ai.enable;
davinci-resolve.enable = hardware.graphicsAcceleration.enable;
mfoc.enable = true;
})
(lib.mkIf (hardware.directAccess.enable && config.user.isDesktopUser) {
anki.enable = true;
makemkv.enable = true;
discord.enable = true;
signal-desktop-bin.enable = true;
calibre.enable = true;
obsidian.enable = true;
jetbrains.idea-community.enable = true;
vscode.enable = true;
firefox.enable = true;
steam.enable = true;
krita.enable = true;
ungoogled-chromium.enable = true;
libreoffice.enable = true;
mapillary-uploader.enable = true;
inkscape.enable = true;
gimp.enable = true;
freecad.enable = true;
onionshare.enable = true;
pdfarranger.enable = true;
picard.enable = true;
qflipper.enable = true;
openvpn.enable = true;
noisetorch.enable = true;
tor-browser.enable = true;
gdx-liftoff.enable = true;
# polycule package is now working with Flutter 3.29
polycule.enable = true;
})
];
}
(lib.mkIf config.user.isTerminalUser {
home.packages = with pkgs; [
# command line tools
sox
yt-dlp
ffmpeg
imagemagick
];
})
(lib.mkIf config.user.isDesktopUser {
nixpkgs.config = {
allowUnfree = true;
};
})
];
}

22
configurations/home-manager/leyla/packages/direnv.nix Normal file
View file

@ -0,0 +1,22 @@
{
lib,
config,
osConfig,
...
}: let
userConfig = osConfig.host.users.leyla;
in {
config = lib.mkIf userConfig.isDesktopUser {
programs = {
direnv = {
enable = true;
enableBashIntegration = true;
nix-direnv.enable = true;
config = {
global.hide_env_diff = true;
whitelist.exact = ["${config.home.homeDirectory}/documents/code/nix-config"];
};
};
};
};
}

149
configurations/home-manager/leyla/packages/firefox/bookmarks.nix Normal file
View file

@ -0,0 +1,149 @@
{...}: {
programs.firefox = {
profiles.leyla = {
bookmarks = {
force = true;
settings = [
# Personal Services
{
name = "Media";
url = "https://media.jan-leila.com/";
keyword = "";
tags = [""];
}
{
name = "Photos";
url = "https://photos.jan-leila.com";
keyword = "";
tags = [""];
}
{
name = "Git";
url = "https://git.jan-leila.com/";
keyword = "";
tags = [""];
}
{
name = "Home Automation";
url = "https://home.jan-leila.com/";
keyword = "";
tags = [""];
}
{
name = "Search";
url = "https://search.jan-leila.com/";
keyword = "";
tags = [""];
}
{
name = "Budget";
url = "https://budget.jan-leila.com/";
keyword = "";
tags = [""];
}
{
name = "Documents";
url = "https://documents.jan-leila.com/";
keyword = "";
tags = [""];
}
# Defiant Server Services
{
name = "QBittorrent";
url = "http://defiant:8084";
keyword = "";
tags = ["defiant"];
}
{
name = "Sonarr";
url = "http://defiant:8989";
keyword = "";
tags = ["defiant"];
}
{
name = "Radarr";
url = "http://defiant:7878";
keyword = "";
tags = ["defiant"];
}
{
name = "Bazarr";
url = "http://defiant:6767";
keyword = "";
tags = ["defiant"];
}
{
name = "Lidarr";
url = "http://defiant:8686";
keyword = "";
tags = ["defiant"];
}
{
name = "Jackett";
url = "http://defiant:9117";
keyword = "";
tags = ["defiant"];
}
{
name = "Crab-hole DNS";
url = "http://defiant:8085";
keyword = "";
tags = ["defiant"];
}
# External Services
{
name = "Mail";
url = "https://mail.protonmail.com";
keyword = "";
tags = [""];
}
{
name = "Open Street Map";
url = "https://www.openstreetmap.org/";
keyword = "";
tags = [""];
}
{
name = "Password Manager";
url = "https://vault.bitwarden.com/";
keyword = "";
tags = [""];
}
{
name = "Mastodon";
url = "https://mspsocial.net";
keyword = "";
tags = [""];
}
{
name = "Linked In";
url = "https://www.linkedin.com/";
keyword = "";
tags = [""];
}
{
name = "Job Search";
url = "https://www.jobsinnetwork.com/?state=cleaned_history&language%5B%5D=en&query=react&locations.countryCode%5B%5D=IT&locations.countryCode%5B%5D=DE&locations.countryCode%5B%5D=NL&experience%5B%5D=medior&experience%5B%5D=junior&page=1";
keyword = "";
tags = [""];
}
{
name = "React Docs";
url = "https://react.dev/";
keyword = "";
tags = [""];
}
# Template
# {
# name = "";
# url = "";
# keyword = "";
# tags = [""];
# }
];
};
};
};
}

18
configurations/home-manager/leyla/packages/firefox/default.nix Normal file
View file

@ -0,0 +1,18 @@
{
lib,
pkgs,
inputs,
...
}: {
imports = [
./firefox.nix
./bookmarks.nix
./harden.nix
];
config = {
programs.firefox = {
enable = true;
};
};
}

191
configurations/home-manager/leyla/firefox.nix → configurations/home-manager/leyla/packages/firefox/firefox.nix
View file

@ -5,7 +5,6 @@
...
}: {
programs.firefox = {
enable = true;
profiles.leyla = {
settings = {
"browser.search.defaultenginename" = "Searx";
@ -32,7 +31,7 @@
];
}
];
icon = "''${pkgs.nixos-icons}/share/icons/hicolor/scalable/apps/nix-snowflake.svg";
icon = "${pkgs.nixos-icons}/share/icons/hicolor/scalable/apps/nix-snowflake.svg";
definedAliases = ["@np"];
};
"NixOS Wiki" = {
@ -72,38 +71,40 @@
deutsch-de-language-pack
dictionary-german
# (
# buildFirefoxXpiAddon rec {
# pname = "italiano-it-language-pack";
# version = "132.0.20241110.231641";
# addonId = "langpack-it@firefox.mozilla.org";
# url = "https://addons.mozilla.org/firefox/downloads/file/4392453/italiano_it_language_pack-${version}.xpi";
# sha256 = "";
# meta = with lib;
# {
# description = "Firefox Language Pack for Italiano (it) Italian";
# license = licenses.mpl20;
# mozPermissions = [];
# platforms = platforms.all;
# };
# }
# )
# (
# buildFirefoxXpiAddon rec {
# pname = "dizionario-italiano";
# version = "5.1";
# addonId = "it-IT@dictionaries.addons.mozilla.org";
# url = "https://addons.mozilla.org/firefox/downloads/file/1163874/dizionario_italiano-${version}.xpi";
# sha256 = "";
# meta = with lib;
# {
# description = "Add support for Italian to spellchecking";
# license = licenses.gpl3;
# mozPermissions = [];
# platforms = platforms.all;
# };
# }
# )
tab-session-manager
# (\
# buildFirefoxXpiAddon rec {\
# pname = "italiano-it-language-pack";\
# version = "132.0.20241110.231641";\
# addonId = "langpack-it@firefox.mozilla.org";\
# url = "https://addons.mozilla.org/firefox/downloads/file/4392453/italiano_it_language_pack-${version}.xpi";\
# sha256 = "";\
# meta = with lib;\
# {\
# description = "Firefox Language Pack for Italiano (it) Italian";\
# license = licenses.mpl20;\
# mozPermissions = [];\
# platforms = platforms.all;\
# };\
# }\
# )\
# (\
# buildFirefoxXpiAddon rec {\
# pname = "dizionario-italiano";\
# version = "5.1";\
# addonId = "it-IT@dictionaries.addons.mozilla.org";\
# url = "https://addons.mozilla.org/firefox/downloads/file/1163874/dizionario_italiano-${version}.xpi";\
# sha256 = "";\
# meta = with lib;\
# {\
# description = "Add support for Italian to spellchecking";\
# license = licenses.gpl3;\
# mozPermissions = [];\
# platforms = platforms.all;\
# };\
# }\
# )\
];
settings = {
@ -140,7 +141,6 @@
"placements" = {
"widget-overflow-fixed-list" = [];
"unified-extensions-area" = [
"privacy_privacy_com-browser-action"
# bitwarden
"_446900e4-71c2-419f-a6a7-df9c091e268b_-browser-action"
"ublock0_raymondhill_net-browser-action"
@ -215,127 +215,6 @@
"T9nJot5PurhJSy8n038xGA=="
] (_: 1);
"identity.fxaccounts.enabled" = false;
# Security
"privacy.trackingprotection.enabled" = true;
"dom.security.https_only_mode" = true;
"extensions.formautofill.addresses.enabled" = false;
"extensions.formautofill.creditCards.enabled" = false;
"signon.rememberSignons" = false;
"privacy.sanitize.sanitizeOnShutdown" = true;
"privacy.clearOnShutdown_v2.cache" = true;
"privacy.clearOnShutdown_v2.cookiesAndStorage" = true;
"privacy.clearOnShutdown_v2.historyFormDataAndDownloads" = true;
"urlclassifier.trackingSkipURLs" = "";
"urlclassifier.features.socialtracking.skipURLs" = "";
"dom.security.https_only_mode_pbm" = true;
"dom.security.https_only_mode_error_page_user_suggestions" = true;
# Disable telemetry
"app.shield.optoutstudies.enabled" = false;
"browser.discovery.enabled" = false;
"browser.newtabpage.activity-stream.feeds.telemetry" = false;
"browser.newtabpage.activity-stream.telemetry" = false;
"browser.ping-centre.telemetry" = false;
"datareporting.healthreport.service.enabled" = false;
"datareporting.healthreport.uploadEnabled" = false;
"datareporting.policy.dataSubmissionEnabled" = false;
"datareporting.sessions.current.clean" = true;
"devtools.onboarding.telemetry.logged" = false;
"toolkit.telemetry.archive.enabled" = false;
"toolkit.telemetry.bhrPing.enabled" = false;
"toolkit.telemetry.enabled" = false;
"toolkit.telemetry.firstShutdownPing.enabled" = false;
"toolkit.telemetry.hybridContent.enabled" = false;
"toolkit.telemetry.newProfilePing.enabled" = false;
"toolkit.telemetry.prompted" = 2;
"toolkit.telemetry.rejected" = true;
"toolkit.telemetry.reportingpolicy.firstRun" = false;
"toolkit.telemetry.server" = "";
"toolkit.telemetry.shutdownPingSender.enabled" = false;
"toolkit.telemetry.unified" = false;
"toolkit.telemetry.unifiedIsOptIn" = false;
"toolkit.telemetry.updatePing.enabled" = false;
};
bookmarks = {
force = true;
settings = [
{
name = "Media";
url = "https://media.jan-leila.com/";
keyword = "";
tags = [""];
}
{
name = "Photos";
url = "https://photos.jan-leila.com";
keyword = "";
tags = [""];
}
{
name = "Git";
url = "https://git.jan-leila.com/";
keyword = "";
tags = [""];
}
{
name = "Home Automation";
url = "https://home.jan-leila.com/";
keyword = "";
tags = [""];
}
{
name = "Mail";
url = "https://mail.protonmail.com";
keyword = "";
tags = [""];
}
{
name = "Open Street Map";
url = "https://www.openstreetmap.org/";
keyword = "";
tags = [""];
}
{
name = "Password Manager";
url = "https://vault.bitwarden.com/";
keyword = "";
tags = [""];
}
{
name = "Mastodon";
url = "https://mspsocial.net";
keyword = "";
tags = [""];
}
{
name = "Linked In";
url = "https://www.linkedin.com/";
keyword = "";
tags = [""];
}
{
name = "Job Search";
url = "https://www.jobsinnetwork.com/?state=cleaned_history&language%5B%5D=en&query=react&locations.countryCode%5B%5D=IT&locations.countryCode%5B%5D=DE&locations.countryCode%5B%5D=NL&experience%5B%5D=medior&experience%5B%5D=junior&page=1";
keyword = "";
tags = [""];
}
{
name = "React Docs";
url = "https://react.dev/";
keyword = "";
tags = [""];
}
# Template
# {
# name = "";
# url = "";
# keyword = "";
# tags = [""];
# }
];
};
};
};

50
configurations/home-manager/leyla/packages/firefox/harden.nix Normal file
View file

@ -0,0 +1,50 @@
{...}: {
programs.firefox = {
profiles.leyla = {
settings = {
# Security
"privacy.trackingprotection.enabled" = true;
"dom.security.https_only_mode" = true;
"dom.security.https_only_mode_pbm" = true;
"dom.security.https_only_mode_error_page_user_suggestions" = true;
# Privacy & Data Protection
"extensions.formautofill.addresses.enabled" = false;
"extensions.formautofill.creditCards.enabled" = false;
"signon.rememberSignons" = false;
"privacy.sanitize.sanitizeOnShutdown" = true;
"privacy.clearOnShutdown_v2.cache" = true;
"privacy.clearOnShutdown_v2.cookiesAndStorage" = true;
"privacy.clearOnShutdown_v2.historyFormDataAndDownloads" = true;
"urlclassifier.trackingSkipURLs" = "";
"urlclassifier.features.socialtracking.skipURLs" = "";
# Disable telemetry and data collection
"app.shield.optoutstudies.enabled" = false;
"browser.discovery.enabled" = false;
"browser.newtabpage.activity-stream.feeds.telemetry" = false;
"browser.newtabpage.activity-stream.telemetry" = false;
"browser.ping-centre.telemetry" = false;
"datareporting.healthreport.service.enabled" = false;
"datareporting.healthreport.uploadEnabled" = false;
"datareporting.policy.dataSubmissionEnabled" = false;
"datareporting.sessions.current.clean" = true;
"devtools.onboarding.telemetry.logged" = false;
"toolkit.telemetry.archive.enabled" = false;
"toolkit.telemetry.bhrPing.enabled" = false;
"toolkit.telemetry.enabled" = false;
"toolkit.telemetry.firstShutdownPing.enabled" = false;
"toolkit.telemetry.hybridContent.enabled" = false;
"toolkit.telemetry.newProfilePing.enabled" = false;
"toolkit.telemetry.prompted" = 2;
"toolkit.telemetry.rejected" = true;
"toolkit.telemetry.reportingpolicy.firstRun" = false;
"toolkit.telemetry.server" = "";
"toolkit.telemetry.shutdownPingSender.enabled" = false;
"toolkit.telemetry.unified" = false;
"toolkit.telemetry.unifiedIsOptIn" = false;
"toolkit.telemetry.updatePing.enabled" = false;
};
};
};
}

13
configurations/home-manager/leyla/packages/git.nix Normal file
View file

@ -0,0 +1,13 @@
{...}: {
config = {
programs = {
git = {
settings = {
user.name = "Leyla Becker";
user.email = "git@jan-leila.com";
init.defaultBranch = "main";
};
};
};
};
}

17
configurations/home-manager/leyla/packages/makemkv.nix Normal file
View file

@ -0,0 +1,17 @@
{
config,
inputs,
...
}: {
config = {
sops.secrets = {
"application-keys/makemkv" = {
sopsFile = "${inputs.secrets}/application-keys.yaml";
};
};
programs.makemkv = {
appKeyFile = config.sops.placeholder."application-keys/makemkv";
destinationDir = "/home/leyla/downloads/makemkv";
};
};
}

23
configurations/home-manager/leyla/packages/openssh.nix Normal file
View file

@ -0,0 +1,23 @@
{
config,
osConfig,
...
}: {
config = {
programs = {
openssh = {
authorizedKeys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJHeItmt8TRW43uNcOC+eIurYC7Eunc0V3LGocQqLaYj leyla@horizon"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIILimFIW2exEH/Xo7LtXkqgE04qusvnPNpPWSCeNrFkP leyla@defiant"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKBiZkg1c2aaNHiieBX4cEziqvJVj9pcDfzUrKU/mO0I leyla@twilight"
];
hostKeys = [
{
type = "ed25519";
path = "${config.home.username}_${osConfig.networking.hostName}_ed25519";
}
];
};
};
};
}

136
configurations/home-manager/leyla/packages/vscode/default.nix Normal file
View file

@ -0,0 +1,136 @@
{
lib,
pkgs,
config,
osConfig,
...
}: let
nix-development-enabled = osConfig.host.nix-development.enable;
ai-tooling-enabled = osConfig.host.ai.enable;
in {
imports = [
./user-words.nix
];
config = lib.mkIf config.user.isDesktopUser {
programs = {
bash.shellAliases = {
code = "codium";
};
vscode = {
package = pkgs.vscodium;
mutableExtensionsDir = false;
profiles.default = {
enableUpdateCheck = false;
enableExtensionUpdateCheck = false;
userSettings = lib.mkMerge [
{
"javascript.updateImportsOnFileMove.enabled" = "always";
"editor.tabSize" = 2;
"editor.insertSpaces" = false;
# "terminal.integrated.fontFamily" = "'Droid Sans Mono', 'monospace', monospace";
}
];
extraExtensions = {
# vs code feel
oneDark.enable = true;
atomKeybindings.enable = true;
openRemoteSsh.enable = true;
# openDyslexicFont.enable = false;
# html development
autoRenameTag.enable = true;
liveServer.enable = true;
# js development
es7ReactJsSnippets.enable = true;
tauriVscode.enable = true;
vscodeEslint.enable = true;
vscodeJest.enable = true;
vitest.enable = true;
vscodeStandard.enable = true;
vscodeStylelint.enable = true;
nearley.enable = true;
# astro development
vscodeMdx.enable = true;
astroVscode.enable = true;
# nix development
alejandra.enable = nix-development-enabled;
nixIde.enable = nix-development-enabled;
# go development
go.enable = true;
# rust development
rustAnalyzer.enable = true;
# claude development
claudeDev = lib.mkIf ai-tooling-enabled {
enable = true;
mcp = {
nixos = {
enable = true;
autoApprove = {
nixos_search = true;
nixos_info = true;
home_manager_search = true;
home_manager_info = true;
darwin_search = true;
darwin_info = true;
nixos_flakes_search = true;
};
};
eslint = {
enable = true;
autoApprove = {
lint-files = true;
};
};
vitest = {
enable = true;
autoApprove = {
list_tests = true;
run_tests = true;
analyze_coverage = true;
set_project_root = true;
};
};
sleep = {
enable = true;
timeout = 18000; # 5 hours to match claude codes timeout
autoApprove = {
sleep = true;
};
};
};
};
# misc extensions
evenBetterToml.enable = true;
direnv.enable = config.programs.direnv.enable;
conventionalCommits.enable = true;
};
extensions = let
extension-pkgs = pkgs.nix-vscode-extensions.forVSCodeVersion config.programs.vscode.package.version;
in (
with extension-pkgs.open-vsx; [
# vs code feel extensions
streetsidesoftware.code-spell-checker
streetsidesoftware.code-spell-checker-german
streetsidesoftware.code-spell-checker-italian
]
);
};
};
};
};
}

126
configurations/home-manager/leyla/packages/vscode/user-words.nix Normal file
View file

@ -0,0 +1,126 @@
{
pkgs,
lib,
...
}: {
config.programs.vscode.profiles.default.userSettings = {
"cSpell.userWords" = [
"leyla"
];
"cSpell.languageSettings" = [
{
"languageId" = "nix";
"locale" = "*";
"dictionaries" = [
"applications"
"ai-words"
"nix-words"
# We need to include all other dictionaries in the nix language settings because they exist in this file
# TODO: see if there is a way to make this only apply for this file
"js-words"
];
}
{
"languageId" = "javascript,typescript,js,ts";
"locale" = "*";
"dictionaries" = [
"js-words"
];
}
];
"cSpell.customDictionaries" = {
applications = {
name = "applications";
description = "application names";
path = pkgs.writeText "applications.txt" (lib.strings.concatLines [
"ollama"
"syncthing"
"immich"
"sonos"
"makemkv"
"hass"
"qbittorent"
"prostudiomasters"
"protonmail"
"pulseaudio"
]);
};
ai-words = {
name = "ai-words";
description = "common words used for ai development";
path = pkgs.writeText "ai-words.txt" (lib.strings.concatLines [
"ollama"
"deepseek"
"qwen"
]);
};
nix-words = {
name = "nix-words";
description = "words used in nix configurations";
path = pkgs.writeText "nix-words.txt" (lib.strings.concatLines [
"pname"
"direnv"
"tmpfiles"
"Networkd"
"networkmanager"
"dialout"
"adbusers"
"authkey"
"netdevs"
"atomix"
"geary"
"gedit"
"hitori"
"iagno"
"alsa"
"timezoned"
"pipewire"
"rtkit"
"disko"
"ashift"
"autotrim"
"canmount"
"mountpoint"
"xattr"
"acltype"
"relatime"
"keyformat"
"keylocation"
"vdevs"
# codium extensions
"akamud"
"onedark"
"jeanp"
"dsznajder"
"dbaeumer"
"orta"
"tauri"
"unifiedjs"
"tamasfe"
"pinage"
"jnoortheen"
"kamadorueda"
"karyfoundation"
"nearley"
# nix.optimise is spelled wrong
"optimise"
]);
};
js-words = {
name = "js-words";
description = "words used in js development";
path = pkgs.writeText "js-words.txt" (lib.strings.concatLines [
"webdav"
]);
};
};
};
}

118
configurations/home-manager/leyla/vscode/default.nix
View file

@ -1,118 +0,0 @@
{
lib,
pkgs,
inputs,
config,
osConfig,
...
}: let
nix-development-enabled = osConfig.host.nix-development.enable;
ai-tooling-enabled = config.user.continue.enable && osConfig.host.ai.enable;
in {
nixpkgs = {
overlays = [
inputs.nix-vscode-extensions.overlays.default
];
};
programs = {
bash.shellAliases = {
code = "codium";
};
vscode = let
extensions = inputs.nix-vscode-extensions.extensions.${pkgs.system};
open-vsx = extensions.open-vsx;
vscode-marketplace = extensions.vscode-marketplace;
in {
enable = true;
package = pkgs.vscodium;
mutableExtensionsDir = false;
profiles.default = {
enableUpdateCheck = false;
enableExtensionUpdateCheck = false;
userSettings = lib.mkMerge [
{
"workbench.colorTheme" = "Atom One Dark";
"cSpell.userWords" = import ./user-words.nix;
"javascript.updateImportsOnFileMove.enabled" = "always";
"editor.tabSize" = 2;
"editor.insertSpaces" = false;
}
(lib.mkIf nix-development-enabled {
"nix.enableLanguageServer" = true;
"nix.serverPath" = "nil";
"[nix]" = {
"editor.defaultFormatter" = "kamadorueda.alejandra";
"editor.formatOnPaste" = true;
"editor.formatOnSave" = true;
"editor.formatOnType" = true;
};
"alejandra.program" = "alejandra";
"nixpkgs" = {
"expr" = "import <nixpkgs> {}";
};
})
(lib.mkIf ai-tooling-enabled {
"continue.telemetryEnabled" = false;
})
];
extensions = (
with open-vsx;
[
# vs code feel extensions
ms-vscode.atom-keybindings
akamud.vscode-theme-onedark
streetsidesoftware.code-spell-checker
streetsidesoftware.code-spell-checker-german
streetsidesoftware.code-spell-checker-italian
jeanp413.open-remote-ssh
# html extensions
formulahendry.auto-rename-tag
ms-vscode.live-server
# js extensions
dsznajder.es7-react-js-snippets
dbaeumer.vscode-eslint
standard.vscode-standard
firsttris.vscode-jest-runner
stylelint.vscode-stylelint
tauri-apps.tauri-vscode
# go extensions
golang.go
# astro blog extensions
astro-build.astro-vscode
unifiedjs.vscode-mdx
# misc extensions
tamasfe.even-better-toml
]
++ (lib.lists.optionals nix-development-enabled [
# nix extensions
pinage404.nix-extension-pack
jnoortheen.nix-ide
kamadorueda.alejandra
])
++ (
with vscode-marketplace;
[
# js extensions
karyfoundation.nearley
]
++ (lib.lists.optionals ai-tooling-enabled [
continue.continue
])
)
);
};
};
};
}

6
configurations/home-manager/leyla/vscode/user-words.nix
View file

@ -1,6 +0,0 @@
[
"leyla"
"webdav"
"ollama"
"optimise"
]

257
configurations/nixos/defiant/configuration.nix
View file

@ -17,6 +17,12 @@
"services/zfs_smtp_token" = {
sopsFile = "${inputs.secrets}/defiant-services.yaml";
};
"services/paperless_password" = {
sopsFile = "${inputs.secrets}/defiant-services.yaml";
mode = "0700";
owner = "paperless";
group = "paperless";
};
};
host = {
@ -36,10 +42,12 @@
host = "smtp.protonmail.ch";
port = 587;
to = "leyla@jan-leila.com";
user = "leyla@jan-leila.com";
user = "noreply@jan-leila.com";
tokenFile = config.sops.secrets."services/zfs_smtp_token".path;
};
pool = {
# We are having to boot off of the nvm cache drive because I cant figure out how to boot via the HBA
bootDrives = ["nvme-Samsung_SSD_990_PRO_4TB_S7KGNU0X907881F"];
vdevs = [
[
"ata-ST18000NE000-3G6101_ZVTCXVEB"
@ -49,7 +57,6 @@
"ata-ST18000NT001-3NF101_ZVTEF27J"
"ata-ST18000NE000-3G6101_ZVTJ7359"
]
# TODO: this needs to be configured manually
[
"ata-ST4000NE001-2MA101_WS2275P3"
"ata-ST4000NE001-2MA101_WS227B9F"
@ -95,36 +102,11 @@
directories = ["leyla_documents" "eve_documents" "users_documents" "media"];
};
};
reverse_proxy = {
enable = true;
enableACME = true;
hostname = "jan-leila.com";
};
postgres = {
extraUsers = {
leyla = {
isAdmin = true;
};
};
};
# home-assistant = {
# enable = false;
# subdomain = "home";
# };
adguardhome = {
enable = false;
};
};
systemd.network = {
enable = true;
# config = {
# routeTables = {
# p2p = 1;
# };
# };
netdevs = {
"10-bond0" = {
netdevConfig = {
@ -137,26 +119,24 @@
};
};
# "15-p2p0" = {
# netdevConfig = {
# Kind = "wireguard";
# Name = "p2p0";
# MTUBytes = "1280";
# };
# wireguardConfig = {
# PrivateKeyFile = config.sops.secrets."vpn-keys/proton-wireguard/defiant-p2p".path;
# ListenPort = 51820;
# # RouteTable = "p2p";
# };
# wireguardPeers = [
# {
# PublicKey = "rRO6yJim++Ezz6scCLMaizI+taDjU1pzR2nfW6qKbW0=";
# Endpoint = "185.230.126.146:51820";
# AllowedIPs = ["0.0.0.0/0"];
# RouteTable = "off";
# }
# ];
# };
"20-wg0" = {
netdevConfig = {
Kind = "wireguard";
Name = "wg0";
};
wireguardConfig = {
PrivateKeyFile = config.sops.secrets."vpn-keys/proton-wireguard/defiant-p2p".path;
ListenPort = 51820;
};
wireguardPeers = [
{
PublicKey = "rRO6yJim++Ezz6scCLMaizI+taDjU1pzR2nfW6qKbW0=";
Endpoint = "185.230.126.146:51820";
# Allow all traffic but use policy routing to prevent system-wide VPN
AllowedIPs = ["0.0.0.0/0"];
}
];
};
};
networks = {
"40-bond0" = {
@ -171,36 +151,77 @@
"192.168.1.10/32"
];
gateway = ["192.168.1.1"];
# Set lower priority for default gateway to allow WireGuard interface binding
routes = [
{
Destination = "0.0.0.0/0";
Gateway = "192.168.1.1";
Metric = 100;
}
];
dns = ["192.168.1.1"];
};
# "45-p2p0" = {
# matchConfig.Name = "p2p0";
# address = [
# "10.2.0.2/32"
# ];
# routes = [
# {
# Destination = "0.0.0.0/0";
# }
# ];
# linkConfig.RequiredForOnline = false;
# };
"50-wg0" = {
matchConfig.Name = "wg0";
networkConfig = {
DHCP = "no";
};
address = [
"10.2.0.2/32"
];
# Configure routing for application binding
routingPolicyRules = [
{
# Route traffic from VPN interface through VPN table
From = "10.2.0.2/32";
Table = 200;
Priority = 100;
}
];
routes = [
{
# Direct route to VPN gateway
Destination = "10.2.0.1/32";
Scope = "link";
}
{
# Route VPN subnet through VPN gateway in custom table
Destination = "10.2.0.0/16";
Gateway = "10.2.0.1";
Table = 200;
}
{
# Route all traffic through VPN gateway in custom table
Destination = "0.0.0.0/0";
Gateway = "10.2.0.1";
Table = 200;
}
];
};
};
};
# limit arc usage to 50gb because ollama doesn't play nice with zfs using up all of the memory
boot.kernelParams = ["zfs.zfs_arc_max=53687091200"];
# Enable policy routing and source routing for application-specific VPN binding
boot.kernel.sysctl = {
"net.ipv4.conf.all.rp_filter" = 2;
"net.ipv4.conf.default.rp_filter" = 2;
"net.ipv4.conf.wg0.rp_filter" = 2;
};
services = {
# TODO: move zfs scrubbing into module
zfs = {
autoScrub.enable = true;
autoSnapshot.enable = true;
# PostgreSQL database server
postgresql = {
enable = true;
adminUsers = ["leyla"];
};
# temp enable desktop enviroment for setup
# temp enable desktop environment for setup
# Enable the X11 windowing system.
xserver = {
enable = true;
xserver.enable = true;
# Enable the GNOME Desktop Environment.
displayManager = {
@ -209,12 +230,27 @@
desktopManager = {
gnome.enable = true;
};
# Enable new reverse proxy system
reverseProxy = {
enable = true;
openFirewall = true;
acme = {
enable = true;
email = "jan-leila@protonmail.com";
};
};
ollama = {
enable = true;
exposePort = true;
acceleration = false;
environmentVariables = {
OLLAMA_KEEP_ALIVE = "24h";
};
loadModels = [
# conversation models
"llama3.1:8b"
@ -231,6 +267,10 @@
# agent models
"qwen3:8b"
"qwen3:32b"
"qwen3:235b-a22b"
"qwen3-coder:30b"
"qwen3-coder:30b-a3b-fp16"
# embedding models
"nomic-embed-text:latest"
@ -258,36 +298,99 @@
jellyfin = {
enable = true;
subdomain = "media";
extraSubdomains = ["jellyfin"];
domain = "media.jan-leila.com";
extraDomains = ["jellyfin.jan-leila.com"];
};
immich = {
enable = true;
subdomain = "photos";
domain = "photos.jan-leila.com";
};
forgejo = {
enable = true;
subdomain = "git";
reverseProxy.domain = "git.jan-leila.com";
};
searx = {
enable = true;
subdomain = "search";
domain = "search.jan-leila.com";
};
virt-home-assistant = {
actual = {
enable = true;
domain = "budget.jan-leila.com";
};
home-assistant = {
enable = true;
domain = "home.jan-leila.com";
openFirewall = true;
postgres.enable = true;
extensions = {
sonos.enable = true;
jellyfin.enable = true;
wyoming.enable = false; # Temporarily disabled due to dependency conflict in wyoming-piper
};
};
paperless = {
enable = true;
domain = "documents.jan-leila.com";
passwordFile = config.sops.secrets."services/paperless_password".path;
};
panoramax = {
enable = false;
networkBridge = "bond0";
hostDevice = "0x10c4:0xea60";
openFirewall = true;
};
crab-hole = {
enable = true;
port = 8085;
openFirewall = true;
show_doc = true;
downstreams = {
host = {
enable = true;
openFirewall = true;
};
};
upstreams.cloudFlare.enable = true;
blocklists.ad_malware.enable = true;
};
qbittorrent = {
enable = true;
mediaDir = "/srv/qbittorent";
openFirewall = true;
webPort = 8084;
webuiPort = 8084;
};
sonarr = {
enable = true;
openFirewall = true;
};
radarr = {
enable = true;
openFirewall = true;
};
bazarr = {
enable = true;
openFirewall = true;
};
lidarr = {
enable = true;
openFirewall = true;
};
jackett = {
enable = true;
openFirewall = true;
};
flaresolverr = {
enable = true;
openFirewall = true;
};
};
@ -298,7 +401,7 @@
hibernate.enable = false;
hybrid-sleep.enable = false;
};
services.xserver.displayManager.gdm.autoSuspend = false;
services.displayManager.gdm.autoSuspend = false;
# This value determines the NixOS release from which the default
# settings for stateful data, like file locations and database versions

1
configurations/nixos/defiant/default.nix
View file

@ -3,5 +3,6 @@
imports = [
./hardware-configuration.nix
./configuration.nix
./packages.nix
];
}

9
configurations/nixos/defiant/packages.nix Normal file
View file

@ -0,0 +1,9 @@
{pkgs, ...}: {
environment.systemPackages = with pkgs; [
ffsubsync
sox
yt-dlp
ffmpeg
imagemagick
];
}

46
configurations/nixos/emergent/configuration.nix
View file

@ -2,12 +2,12 @@
# your system. Help is available in the configuration.nix(5) man page, on
# https://search.nixos.org/options and in the NixOS manual (`nixos-help`).
{
config,
lib,
pkgs,
...
}: {
imports = [
./nvidia-drivers.nix
];
# Use the systemd-boot EFI boot loader.
@ -36,12 +36,19 @@
# Enable the X11 windowing system.
services.xserver.enable = true;
# Enable wacom touchscreen device
services.xserver.wacom.enable = true;
# installed opentabletdriver
hardware.opentabletdriver.enable = true;
hardware.keyboard.qmk.enable = true;
# Enable the GNOME Desktop Environment.
services.xserver.displayManager.gdm.enable = true;
services.xserver.desktopManager.gnome.enable = true;
services.displayManager.gdm.enable = true;
services.desktopManager.gnome.enable = true;
host = {
ai.enable = true;
users = {
eve = {
isDesktopUser = true;
@ -49,8 +56,24 @@
isPrincipleUser = true;
};
};
hardware = {
piperMouse.enable = true;
};
storage = {
enable = true;
pool = {
mode = "";
drives = ["wwn-0x5000039fd0cf05eb"];
};
};
};
services.tailscale.enable = true;
# We were having weird build errors so this is disabled right now
# error: The option `devices.emergent.folders.eve_records.path' was accessed but has no value defined. Try setting the option
services.syncthing.enable = false;
# Configure keymap in X11
# services.xserver.xkb.layout = "us";
# services.xserver.xkb.options = "eurosign:e,caps:escape";
@ -80,12 +103,17 @@
# programs.firefox.enable = true;
# List packages installed in system profile.
# You can use https://search.nixos.org/ to find more packages (and options).
# environment.systemPackages = with pkgs; [
# vim # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default.
# wget
# ];
nixpkgs.config.allowUnfree = true;
# Packages that can be installed without any extra configuration
# See https://search.nixos.org/packages for all options
environment.systemPackages = with pkgs; [
wget
];
# Packages that need to be installed with some extra configuration
# See https://search.nixos.org/options for all options
programs = {};
# Some programs need SUID wrappers, can be configured further or are
# started in user sessions.

1
configurations/nixos/emergent/default.nix
View file

@ -3,6 +3,5 @@
imports = [
./configuration.nix
./hardware-configuration.nix
./disco-configuration.nix
];
}

57
configurations/nixos/emergent/disco-configuration.nix
View file

@ -1,57 +0,0 @@
{...}: {
disko.devices = {
disk = {
disk1 = {
type = "disk";
device = "/dev/disk/by-id/wwn-0x5000039fd0cf05eb";
content = {
type = "gpt";
partitions = {
ESP = {
size = "64M";
type = "EF00";
content = {
type = "filesystem";
format = "vfat";
mountpoint = "/boot";
mountOptions = ["umask=0077"];
};
};
zfs = {
size = "100%";
content = {
type = "zfs";
pool = "zroot";
};
};
};
};
};
};
zpool = {
zroot = {
type = "zpool";
mode = "";
options.cachefile = "none";
rootFsOptions = {
compression = "zstd";
"com.sun:auto-snapshot" = "true";
};
mountpoint = "/";
postCreateHook = "zfs list -t snapshot -H -o name | grep -E '^zroot@blank$' || zfs snapshot zroot@blank";
datasets = {
"system/nix" = {
type = "zfs_fs";
mountpoint = "/nix";
options = {
atime = "off";
relatime = "off";
canmount = "on";
};
};
};
};
};
};
}

51
configurations/nixos/emergent/nvidia-drivers.nix Normal file
View file

@ -0,0 +1,51 @@
{
config,
lib,
pkgs,
...
}: {
# Enable OpenGL
hardware.graphics = {
enable = true;
};
# Load nvidia driver for Xorg and Wayland
services = {
xserver = {
# Load nvidia driver for Xorg and Wayland
videoDrivers = ["nvidia"];
};
# Use X instead of wayland
displayManager.gdm.wayland = false;
};
hardware.nvidia = {
# Modesetting is required.
modesetting.enable = true;
# Nvidia power management. Experimental, and can cause sleep/suspend to fail.
# Enable this if you have graphical corruption issues or application crashes after waking
# up from sleep. This fixes it by saving the entire VRAM memory to /tmp/ instead
# of just the bare essentials.
powerManagement.enable = true;
# Fine-grained power management. Turns off GPU when not in use.
# Experimental and only works on modern Nvidia GPUs (Turing or newer).
powerManagement.finegrained = false;
# Use the NVidia open source kernel module (not to be confused with the
# independent third-party "nouveau" open source driver).
# Support is limited to the Turing and later architectures. Full list of
# supported GPUs is at:
# https://github.com/NVIDIA/open-gpu-kernel-modules#compatible-gpus
# Only available from driver 515.43.04+
open = true;
# Enable the Nvidia settings menu,
# accessible via `nvidia-settings`.
nvidiaSettings = true;
# Optionally, you may need to select the appropriate driver version for your specific GPU.
package = config.boot.kernelPackages.nvidiaPackages.stable;
};
}

77
configurations/nixos/horizon/configuration.nix
View file

@ -1,7 +1,8 @@
{
lib,
pkgs,
config,
inputs,
pkgs,
...
}: {
imports = [
@ -10,6 +11,19 @@
nixpkgs.config.allowUnfree = true;
boot = {
initrd = {
availableKernelModules = ["usb_storage" "sd_mod"];
};
kernelModules = ["sg"];
# Bootloader.
loader = {
systemd-boot.enable = true;
efi.canTouchEfiVariables = true;
};
};
host = {
users = {
leyla = {
@ -18,6 +32,7 @@
isPrincipleUser = true;
};
eve.isDesktopUser = true;
ivy.isDesktopUser = true;
};
hardware = {
@ -28,38 +43,66 @@
enable = true;
models = {
"Llama 3.1 8B" = {
model = "lamma3.1:8b";
model = "llama3.1:8b";
roles = ["chat" "edit" "apply"];
apiBase = "http://twilight:11434";
apiBase = "http://defiant:11434";
};
"Deepseek Coder:6.7B" = {
model = "deepseek-coder:6.7b";
roles = ["chat" "edit" "apply"];
apiBase = "http://defiant:11434";
};
"Deepseek Coder:33B" = {
model = "deepseek-coder:33b";
roles = ["chat" "edit" "apply"];
apiBase = "http://defiant:11434";
};
"Deepseek r1:8B" = {
model = "deepseek-r1:8b";
roles = ["chat"];
apiBase = "http://defiant:11434";
};
"Deepseek r1:32B" = {
model = "deepseek-r1:32b";
roles = ["chat"];
apiBase = "http://defiant:11434";
};
"qwen2.5-coder:1.5b-base" = {
model = "qwen2.5-coder:1.5b-base";
roles = ["autocomplete"];
apiBase = "http://twilight:11434";
apiBase = "http://defiant:11434";
};
"nomic-embed-text:latest" = {
model = "nomic-embed-text:latest";
roles = ["embed"];
apiBase = "http://twilight:11434";
apiBase = "http://defiant:11434";
};
};
};
};
environment.systemPackages = with pkgs; [
cachefilesd
webtoon-dl
prostudiomasters
];
services.cachefilesd.enable = true;
programs = {
adb.enable = true;
steam = {
enable = true;
remotePlay.openFirewall = true; # Open ports in the firewall for Steam Remote Play
dedicatedServer.openFirewall = true; # Open ports in the firewall for Source Dedicated Server
};
networking = {
networkmanager.enable = true;
hostName = "horizon"; # Define your hostname.
};
powerManagement.cpuFreqGovernor = lib.mkDefault "powersave";
hardware = {
graphics.enable = true;
};
sops.secrets = {
@ -73,6 +116,10 @@
fprintd = {
enable = true;
};
# firmware update tool
fwupd = {
enable = true;
};
tailscale = {
enable = true;
authKeyFile = config.sops.secrets."vpn-keys/tailscale-authkey/horizon".path;
@ -80,7 +127,17 @@
};
syncthing.enable = true;
ollama = {
enable = true;
loadModels = [
"llama3.1:8b"
];
};
};
# Enable network-online.target for better network dependency handling
systemd.services.NetworkManager-wait-online.enable = true;
# Enable touchpad support (enabled default in most desktopManager).
# services.xserver.libinput.enable = true;

1
configurations/nixos/horizon/default.nix
View file

@ -3,5 +3,6 @@
imports = [
./configuration.nix
./hardware-configuration.nix
# ./network-mount.nix
];
}

115
configurations/nixos/horizon/hardware-configuration.nix
View file

@ -4,7 +4,6 @@
{
config,
lib,
pkgs,
modulesPath,
...
}: {
@ -12,22 +11,10 @@
(modulesPath + "/installer/scan/not-detected.nix")
];
boot = {
initrd = {
availableKernelModules = ["xhci_pci" "thunderbolt" "nvme" "usb_storage" "sd_mod"];
kernelModules = [];
};
kernelModules = ["kvm-intel" "sg"];
extraModulePackages = [];
# Bootloader.
loader = {
systemd-boot.enable = true;
efi.canTouchEfiVariables = true;
};
supportedFilesystems = ["nfs"];
};
boot.initrd.availableKernelModules = ["xhci_pci" "thunderbolt" "nvme"];
boot.initrd.kernelModules = [];
boot.kernelModules = ["kvm-intel"];
boot.extraModulePackages = [];
fileSystems = {
"/" = {
@ -39,98 +26,20 @@
device = "/dev/disk/by-uuid/E138-65B5";
fsType = "vfat";
};
"/mnt/leyla_documents" = {
device = "defiant:/export/leyla_documents";
fsType = "nfs";
options = [
"vers=4"
"x-systemd.automount"
"noauto"
"user"
"noatime"
"nofail"
"x-systemd.idle-timeout=600"
"fsc"
"timeo=600"
"retrans=2"
];
};
"/mnt/eve_documents" = {
device = "defiant:/export/eve_documents";
fsType = "nfs";
options = [
"vers=4"
"x-systemd.automount"
"noauto"
"user"
"nofail"
"x-systemd.idle-timeout=600"
"fsc"
"timeo=600"
"retrans=2"
];
};
"/mnt/users_documents" = {
device = "defiant:/export/users_documents";
fsType = "nfs";
options = [
"vers=4"
"x-systemd.automount"
"noauto"
"user"
"nofail"
"x-systemd.idle-timeout=600"
"fsc"
"timeo=600"
"retrans=2"
];
};
"/mnt/media" = {
device = "defiant:/export/media";
fsType = "nfs";
options = [
"vers=4"
"x-systemd.automount"
"noauto"
"user"
"noatime"
"nofail"
"x-systemd.idle-timeout=600"
"noatime"
"nodiratime"
"relatime"
"fsc"
"timeo=600"
"retrans=2"
];
};
};
environment.systemPackages = with pkgs; [
cachefilesd
];
services.cachefilesd.enable = true;
swapDevices = [
{device = "/dev/disk/by-uuid/be98e952-a072-4c3a-8c12-69500b5a2fff";}
];
networking = {
networkmanager.enable = true;
useDHCP = lib.mkDefault true;
hostName = "horizon"; # Define your hostname.
};
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's
# still possible to use this option, but it's recommended to use it in conjunction
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
networking.useDHCP = lib.mkDefault true;
# networking.interfaces.tailscale0.useDHCP = lib.mkDefault true;
# networking.interfaces.wlp170s0.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
powerManagement.cpuFreqGovernor = lib.mkDefault "powersave";
hardware = {
graphics.enable = true;
cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
};
hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
}

76
configurations/nixos/horizon/network-mount.nix Normal file
View file

@ -0,0 +1,76 @@
{...}: {
boot.supportedFilesystems = ["nfs"];
fileSystems = {
"/mnt/leyla_documents" = {
device = "defiant:/exports/leyla_documents";
fsType = "nfs";
options = [
"x-systemd.automount"
"noauto"
"noatime"
"nofail"
"soft"
"intr" # Allow interruption of NFS calls
"timeo=30" # 3 second timeout (30 deciseconds)
"retrans=2" # Only 2 retries before giving up
"x-systemd.idle-timeout=300" # 5 minute idle timeout for mobile
"x-systemd.device-timeout=15" # 15 second device timeout
"bg" # Background mount - don't block boot
"fsc" # Enable caching
"_netdev" # Network device - wait for network
"x-systemd.requires=network-online.target" # Require network to be online
"x-systemd.after=network-online.target" # Start after network is online
"x-systemd.mount-timeout=30" # 30 second mount timeout
];
};
"/mnt/users_documents" = {
device = "defiant:/exports/users_documents";
fsType = "nfs";
options = [
"x-systemd.automount"
"noauto"
"nofail"
"soft"
"intr"
"timeo=30"
"retrans=2"
"x-systemd.idle-timeout=300"
"x-systemd.device-timeout=15"
"bg"
"fsc"
"_netdev"
"x-systemd.requires=network-online.target"
"x-systemd.after=network-online.target"
"x-systemd.mount-timeout=30"
];
};
"/mnt/media" = {
device = "defiant:/exports/media";
fsType = "nfs";
options = [
"x-systemd.automount"
"noauto"
"noatime"
"nofail"
"soft"
"intr"
"timeo=30"
"retrans=2"
"x-systemd.idle-timeout=300"
"x-systemd.device-timeout=15"
"bg"
# Mobile-optimized read settings
"rsize=8192" # Smaller read size for mobile
"wsize=8192" # Smaller write size for mobile
"fsc"
"_netdev"
"x-systemd.requires=network-online.target"
"x-systemd.after=network-online.target"
"x-systemd.mount-timeout=30"
];
};
};
}

26
configurations/nixos/twilight/configuration.nix
View file

@ -1,6 +1,7 @@
{
inputs,
config,
pkgs,
...
}: {
imports = [
@ -9,6 +10,14 @@
nixpkgs.config.allowUnfree = true;
boot.initrd.availableKernelModules = ["usb_storage"];
boot.kernelModules = ["sg"];
boot.loader = {
systemd-boot.enable = true;
efi.canTouchEfiVariables = true;
};
sops.secrets = {
"vpn-keys/tailscale-authkey/twilight" = {
sopsFile = "${inputs.secrets}/vpn-keys.yaml";
@ -121,13 +130,20 @@
syncthing.enable = true;
};
programs.steam = {
enable = true;
remotePlay.openFirewall = true; # Open ports in the firewall for Steam Remote Play
dedicatedServer.openFirewall = true; # Open ports in the firewall for Source Dedicated Server
};
# Enable network-online.target for better network dependency handling
systemd.services.NetworkManager-wait-online.enable = true;
environment.systemPackages = with pkgs; [
cachefilesd
];
hardware.steam-hardware.enable = true; # Provides udev rules for controller, HTC vive, and Valve Index
networking = {
networkmanager.enable = true;
hostName = "twilight"; # Define your hostname.
};
# enabled virtualisation for docker
# virtualisation.docker.enable = true;

2
configurations/nixos/twilight/default.nix
View file

@ -3,5 +3,7 @@
imports = [
./configuration.nix
./hardware-configuration.nix
./nvidia-drivers.nix
# ./network-mount.nix
];
}

128
configurations/nixos/twilight/hardware-configuration.nix
View file

@ -4,7 +4,6 @@
{
config,
lib,
pkgs,
modulesPath,
...
}: {
@ -12,30 +11,10 @@
(modulesPath + "/installer/scan/not-detected.nix")
];
boot = {
initrd = {
availableKernelModules = ["nvme" "xhci_pci" "ahci" "usb_storage" "usbhid" "sd_mod"];
kernelModules = [];
};
kernelModules = ["kvm-amd" "sg"];
extraModulePackages = [];
# Bootloader.
loader = {
systemd-boot.enable = true;
efi.canTouchEfiVariables = true;
};
supportedFilesystems = ["nfs"];
};
services.xserver = {
# Load nvidia driver for Xorg and Wayland
videoDrivers = ["nvidia"];
# Use X instead of wayland for gaming reasons
displayManager.gdm.wayland = false;
};
boot.initrd.availableKernelModules = ["nvme" "xhci_pci" "ahci" "usbhid" "sd_mod"];
boot.initrd.kernelModules = [];
boot.kernelModules = ["kvm-amd"];
boot.extraModulePackages = [];
fileSystems = {
"/" = {
@ -48,111 +27,16 @@
fsType = "vfat";
options = ["fmask=0022" "dmask=0022"];
};
"/mnt/leyla_documents" = {
device = "defiant:/exports/leyla_documents";
fsType = "nfs";
options = [
"x-systemd.automount"
"noauto"
"user"
"noatime"
"nofail"
"soft"
"x-systemd.idle-timeout=600"
"fsc"
];
};
"/mnt/users_documents" = {
device = "defiant:/exports/users_documents";
fsType = "nfs";
options = [
"x-systemd.automount"
"noauto"
"user"
"nofail"
"soft"
"x-systemd.idle-timeout=600"
"fsc"
];
};
"/mnt/media" = {
device = "defiant:/exports/media";
fsType = "nfs";
options = [
"x-systemd.automount"
"noauto"
"user"
"noatime"
"nofail"
"soft"
"x-systemd.idle-timeout=600"
"noatime"
"nodiratime"
"relatime"
"rsize=32768"
"wsize=32768"
"fsc"
];
};
};
environment.systemPackages = with pkgs; [
cachefilesd
];
swapDevices = [];
networking = {
networkmanager.enable = true;
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's
# still possible to use this option, but it's recommended to use it in conjunction
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
useDHCP = lib.mkDefault true;
hostName = "twilight"; # Define your hostname.
};
networking.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
hardware = {
# Enable OpenGL
graphics.enable = true;
# install graphics drivers
nvidia = {
# Modesetting is required.
modesetting.enable = true;
# Nvidia power management. Experimental, and can cause sleep/suspend to fail.
# Enable this if you have graphical corruption issues or application crashes after waking
# up from sleep. This fixes it by saving the entire VRAM memory to /tmp/ instead
# of just the bare essentials.
powerManagement.enable = false;
# Fine-grained power management. Turns off GPU when not in use.
# Experimental and only works on modern Nvidia GPUs (Turing or newer).
powerManagement.finegrained = false;
# Use the NVidia open source kernel module (not to be confused with the
# independent third-party "nouveau" open source driver).
# Support is limited to the Turing and later architectures. Full list of
# supported GPUs is at:
# https://github.com/NVIDIA/open-gpu-kernel-modules#compatible-gpus
# Only available from driver 515.43.04+
# Currently alpha-quality/buggy, so false is currently the recommended setting.
open = false;
# Enable the Nvidia settings menu,
# accessible via `nvidia-settings`.
nvidiaSettings = true;
# Optionally, you may need to select the appropriate driver version for your specific GPU.
package = config.boot.kernelPackages.nvidiaPackages.production;
};
cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
};
hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
}

72
configurations/nixos/twilight/network-mount.nix Normal file
View file

@ -0,0 +1,72 @@
{...}: {
boot.supportedFilesystems = ["nfs"];
fileSystems = {
"/mnt/leyla_documents" = {
device = "defiant:/exports/leyla_documents";
fsType = "nfs";
options = [
"x-systemd.automount"
"noauto"
"noatime"
"nofail"
"soft"
"intr" # Allow interruption of NFS calls
"timeo=50" # 5 second timeout (50 deciseconds) - longer than mobile
"retrans=3" # 3 retries for desktop
"x-systemd.idle-timeout=600" # 10 minute idle timeout for desktop
"x-systemd.device-timeout=30" # 30 second device timeout
"bg" # Background mount - don't block boot
"fsc" # Enable caching
"_netdev" # Network device - wait for network
"x-systemd.requires=network-online.target" # Require network to be online
"x-systemd.after=network-online.target" # Start after network is online
];
};
"/mnt/users_documents" = {
device = "defiant:/exports/users_documents";
fsType = "nfs";
options = [
"x-systemd.automount"
"noauto"
"nofail"
"soft"
"intr"
"timeo=50"
"retrans=3"
"x-systemd.idle-timeout=600"
"bg"
"fsc"
"_netdev"
"x-systemd.requires=network-online.target"
"x-systemd.after=network-online.target"
];
};
"/mnt/media" = {
device = "defiant:/exports/media";
fsType = "nfs";
options = [
"x-systemd.automount"
"noauto"
"noatime"
"nofail"
"soft"
"intr"
"timeo=50"
"retrans=3"
"x-systemd.idle-timeout=600"
"x-systemd.device-timeout=30"
"bg"
# Desktop-optimized read settings
"rsize=32768" # Larger read size for desktop
"wsize=32768" # Larger write size for desktop
"fsc"
"_netdev"
"x-systemd.requires=network-online.target"
"x-systemd.after=network-online.target"
];
};
};
}

47
configurations/nixos/twilight/nvidia-drivers.nix Normal file
View file

@ -0,0 +1,47 @@
{config, ...}: {
services = {
xserver = {
# Load nvidia driver for Xorg and Wayland
videoDrivers = ["nvidia"];
};
# Use X instead of wayland for gaming reasons
displayManager.gdm.wayland = false;
};
hardware = {
# Enable OpenGL
graphics.enable = true;
# install graphics drivers
nvidia = {
# Modesetting is required.
modesetting.enable = true;
# Nvidia power management. Experimental, and can cause sleep/suspend to fail.
# Enable this if you have graphical corruption issues or application crashes after waking
# up from sleep. This fixes it by saving the entire VRAM memory to /tmp/ instead
# of just the bare essentials.
powerManagement.enable = true;
# Fine-grained power management. Turns off GPU when not in use.
# Experimental and only works on modern Nvidia GPUs (Turing or newer).
powerManagement.finegrained = false;
# Use the NVidia open source kernel module (not to be confused with the
# independent third-party "nouveau" open source driver).
# Support is limited to the Turing and later architectures. Full list of
# supported GPUs is at:
# https://github.com/NVIDIA/open-gpu-kernel-modules#compatible-gpus
# Only available from driver 515.43.04+
# Currently alpha-quality/buggy, so false is currently the recommended setting.
open = true;
# Enable the Nvidia settings menu,
# accessible via `nvidia-settings`.
nvidiaSettings = true;
# Optionally, you may need to select the appropriate driver version for your specific GPU.
package = config.boot.kernelPackages.nvidiaPackages.production;
};
};
}

208
flake.lock generated
View file

@ -1,5 +1,23 @@
{
"nodes": {
"devshell": {
"inputs": {
"nixpkgs": "nixpkgs"
},
"locked": {
"lastModified": 1741473158,
"narHash": "sha256-kWNaq6wQUbUMlPgw8Y+9/9wP0F8SHkjy24/mN3UAppg=",
"owner": "numtide",
"repo": "devshell",
"rev": "7c9e793ebe66bcba8292989a68c0419b737a22a0",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "devshell",
"type": "github"
}
},
"disko": {
"inputs": {
"nixpkgs": [
@ -7,11 +25,11 @@
]
},
"locked": {
"lastModified": 1748225455,
"narHash": "sha256-AzlJCKaM4wbEyEpV3I/PUq5mHnib2ryEy32c+qfj6xk=",
"lastModified": 1760701190,
"narHash": "sha256-y7UhnWlER8r776JsySqsbTUh2Txf7K30smfHlqdaIQw=",
"owner": "nix-community",
"repo": "disko",
"rev": "a894f2811e1ee8d10c50560551e50d6ab3c392ba",
"rev": "3a9450b26e69dcb6f8de6e2b07b3fc1c288d85f5",
"type": "github"
},
"original": {
@ -28,11 +46,11 @@
},
"locked": {
"dir": "pkgs/firefox-addons",
"lastModified": 1748405006,
"narHash": "sha256-pmt0SFjACJJAI8g8QU5arg2c9BXNZG9/okVwRSDJkG8=",
"lastModified": 1761797037,
"narHash": "sha256-OqwAGit+3cdsG02K6+8WJniA2q0rqUVc6zbT5N9C1us=",
"owner": "rycee",
"repo": "nur-expressions",
"rev": "f9801a86d6603260940890c36650275090d1dceb",
"rev": "3d9f4de0988bcfa57e45e16e1ef9326c56bdf891",
"type": "gitlab"
},
"original": {
@ -44,11 +62,11 @@
},
"flake-compat": {
"locked": {
"lastModified": 1747046372,
"narHash": "sha256-CIVLLkVgvHYbgI2UpXvIIBJ12HWgX+fjA8Xf8PUmqCY=",
"lastModified": 1761588595,
"narHash": "sha256-XKUZz9zewJNUj46b4AJdiRZJAvSZ0Dqj2BNfXvFlJC4=",
"owner": "edolstra",
"repo": "flake-compat",
"rev": "9100a0f413b0c601e0533d1d94ffd501ce2e7885",
"rev": "f387cd2afec9419c8ee37694406ca490c3f34ee5",
"type": "github"
},
"original": {
@ -75,6 +93,39 @@
"type": "github"
}
},
"flake-utils_2": {
"inputs": {
"systems": "systems_2"
},
"locked": {
"lastModified": 1731533236,
"narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "11707dc2f618dd54ca8739b309ec4fc024de578b",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
},
"flakey-profile": {
"locked": {
"lastModified": 1712898590,
"narHash": "sha256-FhGIEU93VHAChKEXx905TSiPZKga69bWl1VB37FK//I=",
"owner": "lf-",
"repo": "flakey-profile",
"rev": "243c903fd8eadc0f63d205665a92d4df91d42d9d",
"type": "github"
},
"original": {
"owner": "lf-",
"repo": "flakey-profile",
"type": "github"
}
},
"home-manager": {
"inputs": {
"nixpkgs": [
@ -82,11 +133,11 @@
]
},
"locked": {
"lastModified": 1748455938,
"narHash": "sha256-mQ/iNzPra2WtDQ+x2r5IadcWNr0m3uHvLMzJkXKAG/8=",
"lastModified": 1761845621,
"narHash": "sha256-d+R4MHsGmdebvSMsYUFWONsZSlUbOo8Zq/wjMdMiIac=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "02077149e2921014511dac2729ae6dadb4ec50e2",
"rev": "97e3022a8d2c09313fa49847f6da4d76abcfc72d",
"type": "github"
},
"original": {
@ -110,6 +161,65 @@
"type": "github"
}
},
"lix": {
"flake": false,
"locked": {
"lastModified": 1755787066,
"narHash": "sha256-X2UwkUEban08GRSPXRr+kz8fckHqebr3P77qSvjoeOw=",
"rev": "ac9721a92e8138d29707824dbedb484c76948493",
"type": "tarball",
"url": "https://git.lix.systems/api/v1/repos/lix-project/lix/archive/ac9721a92e8138d29707824dbedb484c76948493.tar.gz?rev=ac9721a92e8138d29707824dbedb484c76948493"
},
"original": {
"type": "tarball",
"url": "https://git.lix.systems/lix-project/lix/archive/main.tar.gz"
}
},
"lix-module": {
"inputs": {
"flake-utils": "flake-utils",
"flakey-profile": "flakey-profile",
"lix": "lix",
"nixpkgs": [
"nixpkgs"
]
},
"locked": {
"lastModified": 1759851320,
"narHash": "sha256-n5dRAIC3/78drQtFxmQRrBLd6TKfotUnX7GWu0mAcSg=",
"ref": "refs/heads/main",
"rev": "7c31a18259b8358ac196cf803a26967c0fa1d3e4",
"revCount": 163,
"type": "git",
"url": "https://git.lix.systems/lix-project/nixos-module.git"
},
"original": {
"type": "git",
"url": "https://git.lix.systems/lix-project/nixos-module.git"
}
},
"mcp-nixos": {
"inputs": {
"devshell": "devshell",
"flake-utils": "flake-utils_2",
"nixpkgs": [
"nixpkgs"
]
},
"locked": {
"lastModified": 1760821194,
"narHash": "sha256-UCsJ8eDuHL14u2GFIYEY/drtZ6jht5zN/G/6QNlEy2g=",
"owner": "utensils",
"repo": "mcp-nixos",
"rev": "0ae453f38d0f088c31d4678da3a12b183165986f",
"type": "github"
},
"original": {
"owner": "utensils",
"repo": "mcp-nixos",
"type": "github"
}
},
"nix-darwin": {
"inputs": {
"nixpkgs": [
@ -117,11 +227,11 @@
]
},
"locked": {
"lastModified": 1748352827,
"narHash": "sha256-sNUUP6qxGkK9hXgJ+p362dtWLgnIWwOCmiq72LAWtYo=",
"lastModified": 1761339987,
"narHash": "sha256-IUaawVwItZKi64IA6kF6wQCLCzpXbk2R46dHn8sHkig=",
"owner": "LnL7",
"repo": "nix-darwin",
"rev": "44a7d0e687a87b73facfe94fba78d323a6686a90",
"rev": "7cd9aac79ee2924a85c211d21fafd394b06a38de",
"type": "github"
},
"original": {
@ -153,17 +263,16 @@
},
"nix-vscode-extensions": {
"inputs": {
"flake-utils": "flake-utils",
"nixpkgs": [
"nixpkgs"
]
},
"locked": {
"lastModified": 1748397853,
"narHash": "sha256-tudGoP5caIJ5TzkV6wnsmUk7Spx21oWMKpkmPbjRNZc=",
"lastModified": 1761789484,
"narHash": "sha256-17gDUWloFXQlavqHRey/urQe6sQ3yP5hsQyYmcNOZyU=",
"owner": "nix-community",
"repo": "nix-vscode-extensions",
"rev": "ac4fc8eb9a1ee5eeb3c0a30f57652e4c5428d3a5",
"rev": "c47e683d236fa6e4c27dbda2af3468cb9aceb813",
"type": "github"
},
"original": {
@ -174,11 +283,11 @@
},
"nixos-hardware": {
"locked": {
"lastModified": 1747900541,
"narHash": "sha256-dn64Pg9xLETjblwZs9Euu/SsjW80pd6lr5qSiyLY1pg=",
"lastModified": 1761827175,
"narHash": "sha256-XdPVSYyIBK4/ruoqujaQmmSGg3J2/EenexV9IEXhr6o=",
"owner": "NixOS",
"repo": "nixos-hardware",
"rev": "11f2d9ea49c3e964315215d6baa73a8d42672f06",
"rev": "43ffe9ac82567512abb83187cb673de1091bdfa8",
"type": "github"
},
"original": {
@ -190,11 +299,27 @@
},
"nixpkgs": {
"locked": {
"lastModified": 1748370509,
"narHash": "sha256-QlL8slIgc16W5UaI3w7xHQEP+Qmv/6vSNTpoZrrSlbk=",
"lastModified": 1722073938,
"narHash": "sha256-OpX0StkL8vpXyWOGUD6G+MA26wAXK6SpT94kLJXo6B4=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "e36e9f57337d0ff0cf77aceb58af4c805472bfae",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixpkgs-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_2": {
"locked": {
"lastModified": 1761672384,
"narHash": "sha256-o9KF3DJL7g7iYMZq9SWgfS1BFlNbsm6xplRjVlOCkXI=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "4faa5f5321320e49a78ae7848582f684d64783e9",
"rev": "08dacfca559e1d7da38f3cf05f1f45ee9bfd213c",
"type": "github"
},
"original": {
@ -211,11 +336,13 @@
"flake-compat": "flake-compat",
"home-manager": "home-manager",
"impermanence": "impermanence",
"lix-module": "lix-module",
"mcp-nixos": "mcp-nixos",
"nix-darwin": "nix-darwin",
"nix-syncthing": "nix-syncthing",
"nix-vscode-extensions": "nix-vscode-extensions",
"nixos-hardware": "nixos-hardware",
"nixpkgs": "nixpkgs",
"nixpkgs": "nixpkgs_2",
"secrets": "secrets",
"sops-nix": "sops-nix"
}
@ -223,11 +350,11 @@
"secrets": {
"flake": false,
"locked": {
"lastModified": 1743538790,
"narHash": "sha256-QXmvyxfAhpifxAWcYTvuGfzv9I+9gHw0bq4WYtGEB9A=",
"lastModified": 1759945215,
"narHash": "sha256-xmUzOuhJl6FtTjR5++OQvSoAnXe7/VA5QFCZDyFwBXo=",
"ref": "refs/heads/main",
"rev": "3d63dff77f8eda1667e3586169642cf256c4aa34",
"revCount": 17,
"rev": "444229a105445339fb028d15a8d866063c5f8141",
"revCount": 21,
"type": "git",
"url": "ssh://git@git.jan-leila.com/jan-leila/nix-config-secrets.git"
},
@ -243,11 +370,11 @@
]
},
"locked": {
"lastModified": 1747603214,
"narHash": "sha256-lAblXm0VwifYCJ/ILPXJwlz0qNY07DDYdLD+9H+Wc8o=",
"lastModified": 1760998189,
"narHash": "sha256-ee2e1/AeGL5X8oy/HXsZQvZnae6XfEVdstGopKucYLY=",
"owner": "Mic92",
"repo": "sops-nix",
"rev": "8d215e1c981be3aa37e47aeabd4e61bb069548fd",
"rev": "5a7d18b5c55642df5c432aadb757140edfeb70b3",
"type": "github"
},
"original": {
@ -270,6 +397,21 @@
"repo": "default",
"type": "github"
}
},
"systems_2": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "default",
"type": "github"
}
}
},
"root": "root",

22
flake.nix
View file

@ -5,10 +5,10 @@
# base packages
nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable";
# lix-module = {
# url = "https://git.lix.systems/lix-project/nixos-module/archive/stable.tar.gz";
# inputs.nixpkgs.follows = "nixpkgs";
# };
lix-module = {
url = "git+https://git.lix.systems/lix-project/nixos-module.git";
inputs.nixpkgs.follows = "nixpkgs";
};
# secret encryption
sops-nix = {
@ -71,6 +71,12 @@
flake-compat = {
url = "github:edolstra/flake-compat";
};
# MCP NixOS server for Claude Dev
mcp-nixos = {
url = "github:utensils/mcp-nixos";
inputs.nixpkgs.follows = "nixpkgs";
};
};
outputs = {
@ -131,11 +137,11 @@
systemsHomes
// homeSystems;
in {
formatter = forEachPkgs (pkgs: pkgs.alejandra);
formatter = forEachPkgs (system: pkgs: pkgs.alejandra);
# templates = import ./templates;
devShells = forEachPkgs (pkgs: {
devShells = forEachPkgs (system: pkgs: {
default = pkgs.mkShell {
packages = with pkgs; [
# for version controlling this repo
@ -150,6 +156,10 @@
nixos-anywhere
# for updating disko configurations
disko
# for viewing dconf entries
dconf-editor
# for MCP NixOS server support in development
inputs.mcp-nixos.packages.${system}.default
];
SOPS_AGE_KEY_DIRECTORY = import ./const/sops_age_key_directory.nix;

5
modules/common-modules/overlays/default.nix
View file

@ -1,3 +1,6 @@
# this folder is for derivation overlays
{...}: {
{inputs, ...}: {
nixpkgs.overlays = [
inputs.nix-vscode-extensions.overlays.default
];
}

42
modules/common-modules/pkgs/codium-extensions/ai-code.nix Normal file
View file

@ -0,0 +1,42 @@
{
buildNpmPackage,
vscode-utils,
pkgs,
...
}: let
version = "0.0.1";
pname = "ai-code";
publisher = "jan-leila";
vsix = buildNpmPackage {
inherit version pname;
src = builtins.fetchGit {
url = "ssh://git@git.jan-leila.com/jan-leila/ai-code.git";
rev = "d48e01713021dbb30de0ebbee2cfaf99e4e9b5a6";
};
npmDepsHash = "sha256-kjMyEnT3dz0yH5Ydh+aGoFDocKpBYGRmfnwbEdvvgpY=";
nativeBuildInputs = with pkgs; [
vsce
];
buildPhase = ''
${pkgs.vsce}/bin/vsce package -o ${pname}.zip
'';
installPhase = ''
mkdir -p $out
mv ${pname}.zip $out/${pname}.zip
'';
};
in
vscode-utils.buildVscodeExtension {
inherit pname version;
src = "${vsix}/${pname}.zip";
vscodeExtUniqueId = "${publisher}.${pname}";
vscodeExtPublisher = publisher;
vscodeExtName = pname;
}

3
modules/common-modules/pkgs/codium-extensions/default.nix Normal file
View file

@ -0,0 +1,3 @@
{pkgs, ...}: {
ai-code = pkgs.callPackage ./ai-code.nix {};
}

47
modules/common-modules/pkgs/default.nix
View file

@ -1,4 +1,45 @@
# this folder is for custom derivations
{...}: {
# package = pkgs.callPackage ./package.nix {};
{pkgs, ...}: {
imports = [
./python
];
nixpkgs.overlays = [
(final: prev: {
webtoon-dl =
pkgs.callPackage
./webtoon-dl.nix
{};
})
(final: prev: {
prostudiomasters =
pkgs.callPackage
./prostudiomasters.nix
{};
})
(final: prev: {
noita_entangled_worlds = pkgs.callPackage ./noita-entangled-worlds.nix {};
})
(final: prev: {
gdx-liftoff = pkgs.callPackage ./gdx-liftoff.nix {};
})
(final: prev: {
codium-extensions = pkgs.callPackage ./codium-extensions {};
})
(final: prev: {
mapillary-uploader = pkgs.callPackage ./mapillary-uploader.nix {};
})
(final: prev: {
panoramax = pkgs.python3.pkgs.callPackage ./panoramax.nix {};
})
(final: prev: {
sgblur = pkgs.python3.pkgs.callPackage ./sgblur.nix {};
})
(final: prev: {
# Override h3 C library to version 4.3.0
h3 = pkgs.callPackage ./h3-c-lib.nix {};
})
(final: prev: {
polycule = pkgs.callPackage ./polycule {};
})
];
}

44
modules/common-modules/pkgs/gdx-liftoff.nix Normal file
View file

@ -0,0 +1,44 @@
{
stdenv,
fetchurl,
makeWrapper,
jdk,
lib,
xorg,
libGL,
...
}:
stdenv.mkDerivation rec {
pname = "gdx-liftoff";
version = "1.13.5.1";
src = fetchurl {
url = "https://github.com/libgdx/gdx-liftoff/releases/download/v${version}/gdx-liftoff-${version}.jar";
hash = "sha256-9vCXGNGwI/P4VmcdIzTv2GPAX8bZb7nkfopaRAf6yMA=";
};
dontUnpack = true;
nativeBuildInputs = [makeWrapper];
runtimeDependencies = lib.makeLibraryPath [
# glfw
libGL
xorg.libX11
xorg.libXcursor
xorg.libXext
xorg.libXrandr
xorg.libXxf86vm
];
installPhase = ''
runHook preInstall
install -Dm644 $src $out/lib/gdx-liftoff-${version}.jar
makeWrapper ${lib.getExe jdk} $out/bin/gdx-liftoff-${version} \
--append-flags "-jar $out/lib/gdx-liftoff-${version}.jar"\
${lib.optionalString stdenv.hostPlatform.isLinux "--prefix LD_LIBRARY_PATH : ${runtimeDependencies}"}
runHook postInstall
'';
}

36
modules/common-modules/pkgs/h3-c-lib.nix Normal file
View file

@ -0,0 +1,36 @@
{
lib,
stdenv,
fetchFromGitHub,
cmake,
doxygen,
}:
stdenv.mkDerivation rec {
pname = "h3";
version = "4.3.0";
src = fetchFromGitHub {
owner = "uber";
repo = "h3";
rev = "v${version}";
hash = "sha256-DUILKZ1QvML6qg+WdOxir6zRsgTvk+En6yjeFf6MQBg=";
};
nativeBuildInputs = [
cmake
doxygen
];
cmakeFlags = [
"-DBUILD_SHARED_LIBS=ON"
"-DBUILD_TESTING=OFF"
];
meta = with lib; {
homepage = "https://github.com/uber/h3";
description = "Hexagonal hierarchical geospatial indexing system";
license = licenses.asl20;
maintainers = [];
platforms = platforms.all;
};
}

39
modules/common-modules/pkgs/mapillary-uploader.nix Normal file
View file

@ -0,0 +1,39 @@
{
lib,
fetchurl,
appimageTools,
}: let
pname = "mapillary-uploader";
version = "4.7.2";
src = fetchurl {
url = "http://tools.mapillary.com/uploader/download/linux/${version}";
name = "mapillary-uploader.AppImage";
sha256 = "sha256-hpWdfeuhYylO+SFD3BsKI0s/xtObCDd5OcuJ6i/aEuI=";
};
appimageContents = appimageTools.extractType2 {
inherit pname version src;
};
in
appimageTools.wrapType2 {
inherit pname version src;
extraInstallCommands = ''
# Install desktop file
install -Dm644 ${appimageContents}/mapillary-desktop-uploader.desktop $out/share/applications/mapillary-uploader.desktop
# Fix desktop file paths
substituteInPlace $out/share/applications/mapillary-uploader.desktop \
--replace 'Exec=AppRun' 'Exec=${pname}'
'';
meta = with lib; {
description = "Mapillary Desktop Uploader - Upload street-level imagery to Mapillary";
homepage = "https://www.mapillary.com/";
license = licenses.unfree; # Mapillary's license terms
maintainers = [];
platforms = ["x86_64-linux"];
sourceProvenance = with sourceTypes; [binaryNativeCode];
};
}

46
modules/common-modules/pkgs/noita-entangled-worlds.nix Normal file
View file

@ -0,0 +1,46 @@
# not working yet
{
pkgs,
rustPlatform,
fetchFromGitHub,
...
}: let
version = "1.5.3";
repo = fetchFromGitHub {
owner = "IntQuant";
repo = "noita_entangled_worlds";
rev = "v${version}";
hash = "sha256-frrpD0aWTeDbZYtp15R+quUUAZf7OvHlbSLtGJJtAqk=";
};
in
rustPlatform.buildRustPackage {
name = "noita-proxy-${version}";
src = repo + "/noita-proxy";
prePatch = ''
substituteInPlace Cargo.toml \
--replace "path = \"../shared\"" "path = \"${repo + "/shared"}\""
'';
nativeBuildInputs = with pkgs; [
pkg-config
python3
cmake
];
buildInputs = with pkgs; [
openssl
openssl.dev
libpulseaudio
libjack2
alsa-lib
xorg.libxcb
xorg.libxcb.dev
libopus
];
propagatedBuildInputs = with pkgs; [
steamworks-sdk-redist
];
runtimeDependencies = with pkgs; [
steamworks-sdk-redist
];
doCheck = false;
cargoHash = "sha256-TzUS6d6PopgGf2i1yVaXaXdzNrvfSz+Gv67BAtxYmb4=";
}

105
modules/common-modules/pkgs/panoramax.nix Normal file
View file

@ -0,0 +1,105 @@
{
lib,
fetchFromGitLab,
buildPythonPackage,
flit-core,
flask,
pillow,
requests,
python-dotenv,
authlib,
sentry-sdk,
python-dateutil,
dateparser,
croniter,
pydantic,
flask-cors,
flask-compress,
flask-babel,
flasgger,
yoyo-migrations,
psycopg,
psycopg-pool,
tzdata,
email-validator,
pydantic-extra-types,
python-multipart,
fs,
fs-s3fs,
geopic-tag-reader,
pygeofilter,
pygeoif,
rfeed,
geojson-pydantic,
...
}: let
pname = "geovisio";
version = "2.10.0";
repo = fetchFromGitLab {
owner = "panoramax";
repo = "server/api";
rev = version;
hash = "sha256-kCLcrOe7jJdIfmWWOmxQ5dOj8ZG2B7s0qFpHXs02B/E=";
};
in
buildPythonPackage {
inherit pname version;
pyproject = true;
src = repo;
build-system = [
flit-core
];
dependencies = [
flask
pillow
requests
python-dotenv
authlib
sentry-sdk
python-dateutil
dateparser
croniter
pydantic
flask-cors
flask-compress
flask-babel
flasgger
yoyo-migrations
psycopg
psycopg-pool
tzdata
email-validator
pydantic-extra-types
python-multipart
fs
fs-s3fs
geopic-tag-reader
pygeofilter
pygeoif
rfeed
geojson-pydantic
# Missing from nixpkgs - may need custom packages:
# flask-executor
];
# Skip tests as they may require network access or specific setup
doCheck = false;
# Disable runtime dependencies check as many dependencies are not available in nixpkgs
dontCheckRuntimeDeps = true;
# Disable imports check as many dependencies are not available in nixpkgs
pythonImportsCheck = [];
meta = with lib; {
description = "Panoramax API client and tools for street-level imagery platform";
homepage = "https://gitlab.com/panoramax/server/api";
license = licenses.mit;
maintainers = [];
platforms = platforms.all;
};
}

149
modules/common-modules/pkgs/polycule/default.nix Normal file
View file

@ -0,0 +1,149 @@
{
lib,
flutter332,
fetchFromGitLab,
pkg-config,
wrapGAppsHook3,
gtk3,
glib,
glib-networking,
webkitgtk_4_1,
libsecret,
libnotify,
dbus,
sqlcipher,
openssl,
mpv,
alsa-lib,
libass,
ffmpeg-full,
libplacebo,
libunwind,
shaderc,
vulkan-headers,
vulkan-loader,
lcms2,
libdovi,
libdvdnav,
libdvdread,
mujs,
libbluray,
lua,
rubberband,
libuchardet,
zimg,
openal,
pipewire,
libpulseaudio,
libcaca,
libdrm,
libdisplay-info,
libgbm,
xorg,
nv-codec-headers-11,
libva,
libvdpau,
}:
flutter332.buildFlutterApplication rec {
pname = "polycule";
version = "0.3.4";
src = fetchFromGitLab {
owner = "polycule_client";
repo = "polycule";
rev = "v${version}";
hash = "sha256-RUu8DKuX2NUU5Ce5WLHtDaORkn7CSrgTj3KhM/z+yHc=";
};
pubspecLock = lib.importJSON ./polycule-pubspec.lock.json;
gitHashes = {
matrix = "sha256-w/QB5nYJ9Lh77TcYKEN/DnNQjWfp+9NX0dwQ9GOzWE8=";
media_kit = "sha256-1sVX+aHFLFJBtrNZrR6tWkb80vFELW2N9EejyQKlBPg=";
media_kit_libs_android_video = "sha256-N6QoktM8u9NYF8MAXLsxM9RlV8nICM4NbnmABHTRkZg=";
};
nativeBuildInputs = [
pkg-config
wrapGAppsHook3
];
buildInputs = [
gtk3
glib
glib-networking
webkitgtk_4_1
libsecret
libnotify
dbus
sqlcipher
openssl
mpv
alsa-lib
libass
ffmpeg-full
libplacebo
libunwind
shaderc
vulkan-headers
vulkan-loader
lcms2
libdovi
libdvdnav
libdvdread
mujs
libbluray
lua
rubberband
libuchardet
zimg
openal
pipewire
libpulseaudio
libcaca
libdrm
libdisplay-info
libgbm
xorg.libXScrnSaver
xorg.libXpresent
nv-codec-headers-11
libva
libvdpau
];
flutterBuildFlags = [
"--release"
"--target"
"lib/main.dart"
"--dart-define=POLYCULE_VERSION=v${version}"
"--dart-define=POLYCULE_IS_STABLE=true"
"--no-tree-shake-icons"
];
postInstall = ''
# Install desktop files and icons from the source
install -Dm644 linux/business.braid.polycule.desktop $out/share/applications/polycule.desktop
install -Dm644 assets/logo/logo-circle.png $out/share/pixmaps/polycule.png
# Update desktop file to use correct executable name
substituteInPlace $out/share/applications/polycule.desktop \
--replace 'Exec=business.braid.polycule' 'Exec=polycule'
# Create a symlink with the expected name
ln -sf $out/bin/polycule $out/bin/business.braid.polycule
'';
meta = with lib; {
description = "A geeky and efficient [matrix] client for power users";
longDescription = ''
Polycule is a modern Matrix client built with Flutter, designed for power users
who want a fast, efficient, and feature-rich Matrix experience.
'';
homepage = "https://polycule.im/";
license = licenses.eupl12;
maintainers = [];
platforms = ["x86_64-linux" "aarch64-linux"];
sourceProvenance = with sourceTypes; [fromSource];
mainProgram = "polycule";
};
}

2459
modules/common-modules/pkgs/polycule/polycule-pubspec.lock.json Normal file
View file

File diff suppressed because it is too large Load diff

33
modules/common-modules/pkgs/prostudiomasters.nix Normal file
View file

@ -0,0 +1,33 @@
{
fetchurl,
appimageTools,
writeShellScript,
}: let
pname = "prostudiomasters";
version = "2.5.6";
src = fetchurl {
url = "https://download.prostudiomasters.com/linux/ProStudioMasters-${version}.AppImage";
hash = "sha256-7owOwdcucFfl+JsVj+Seau2KOz0J4P/ep7WrBSNSmbs=";
};
# Create the base AppImage wrapper
baseApp = appimageTools.wrapType2 {
inherit pname version src;
};
# Create a wrapper script that automatically adds the --in-process-gpu flag
wrapper = writeShellScript "prostudiomasters-wrapper" ''
exec ${baseApp}/bin/prostudiomasters --in-process-gpu "$@"
'';
in
# Override the base app to use our wrapper script
baseApp.overrideAttrs (oldAttrs: {
buildCommand =
oldAttrs.buildCommand
+ ''
# Replace the original binary with our wrapper
rm $out/bin/prostudiomasters
cp ${wrapper} $out/bin/prostudiomasters
chmod +x $out/bin/prostudiomasters
'';
})

18
modules/common-modules/pkgs/python/default.nix Normal file
View file

@ -0,0 +1,18 @@
{...}: {
nixpkgs.overlays = [
(final: prev: {
python3 = prev.python3.override {
packageOverrides = pythonPrev: pythonFinal: {
h3 = pythonPrev.callPackage ./h3.nix {h3 = final.h3;};
pygeofilter = pythonPrev.callPackage ./pygeofilter.nix {};
pygeoif = pythonPrev.callPackage ./pygeoif.nix {};
rfeed = pythonPrev.callPackage ./rfeed.nix {};
pyexiv2 = pythonPrev.callPackage ./pyexiv2.nix {};
geojson-pydantic = pythonPrev.callPackage ./geojson-pydantic.nix {};
geopic-tag-reader = pythonPrev.callPackage ./geopic-tag-reader.nix {};
};
};
python3Packages = final.python3.pkgs;
})
];
}

48
modules/common-modules/pkgs/python/geojson-pydantic.nix Normal file
View file

@ -0,0 +1,48 @@
{
lib,
fetchPypi,
buildPythonPackage,
flit-core,
pydantic,
geojson,
...
}: let
pname = "geojson_pydantic";
version = "2.0.0";
in
buildPythonPackage {
inherit pname version;
pyproject = true;
src = fetchPypi {
inherit pname version;
hash = "sha256-ti6LRFAt0a1Ri19zkDWoGSSnb5gMvbOk6JFu+RO+JC4=";
};
build-system = [
flit-core
];
dependencies = [
pydantic
geojson
];
# Skip tests as they may require specific setup
doCheck = false;
# Disable runtime dependencies check
dontCheckRuntimeDeps = true;
# Basic imports check
pythonImportsCheck = ["geojson_pydantic"];
meta = with lib; {
description = "Pydantic models for GeoJSON objects";
homepage = "https://github.com/developmentseed/geojson-pydantic";
license = licenses.mit;
maintainers = [];
platforms = platforms.all;
};
}

70
modules/common-modules/pkgs/python/geopic-tag-reader.nix Normal file
View file

@ -0,0 +1,70 @@
{
lib,
fetchFromGitLab,
buildPythonPackage,
flit-core,
typer,
xmltodict,
timezonefinder,
pytz,
types-pytz,
types-python-dateutil,
rtree,
python-dateutil,
pyexiv2,
...
}: let
pname = "geopic-tag-reader";
version = "1.8.0";
in
buildPythonPackage {
inherit pname version;
pyproject = true;
src = fetchFromGitLab {
owner = "panoramax";
repo = "server/geo-picture-tag-reader";
rev = version;
sha256 = "0lzf5xxxcdqmq28bpvgpkxf5jxmh2nawwa4rl4yg04bdsi16rf1j";
};
build-system = [
flit-core
];
dependencies = [
typer
xmltodict
pyexiv2
timezonefinder
pytz
types-pytz
types-python-dateutil
rtree
];
optional-dependencies = {
write-exif = [
python-dateutil
types-python-dateutil
];
};
# Skip tests as they may require network access or specific setup
doCheck = false;
# Disable runtime dependencies check as some dependencies might have issues
dontCheckRuntimeDeps = true;
# Disable imports check initially to avoid dependency issues
pythonImportsCheck = [];
meta = with lib; {
description = "GeoPic Tag Reader - Python library to read and write standardized metadata from geolocated pictures EXIF metadata";
homepage = "https://gitlab.com/panoramax/server/geo-picture-tag-reader";
license = licenses.mit;
maintainers = [];
platforms = platforms.all;
};
}

81
modules/common-modules/pkgs/python/h3.nix Normal file
View file

@ -0,0 +1,81 @@
{
autoPatchelfHook,
buildPythonPackage,
cmake,
cython,
fetchFromGitHub,
h3,
lib,
ninja,
numpy,
pytestCheckHook,
pytest-cov-stub,
scikit-build-core,
stdenv,
}:
buildPythonPackage rec {
pname = "h3";
version = "4.3.1";
pyproject = true;
# pypi version does not include tests
src = fetchFromGitHub {
owner = "uber";
repo = "h3-py";
tag = "v${version}";
hash = "sha256-zt7zbBgSp2P9q7mObZeQZpW9Szip62dAYdPZ2cGTmi4=";
};
dontConfigure = true;
nativeCheckInputs = [
pytestCheckHook
pytest-cov-stub
];
build-system =
[
scikit-build-core
cmake
cython
ninja
]
++ lib.optionals stdenv.hostPlatform.isLinux [
# On Linux the .so files ends up referring to libh3.so instead of the full
# Nix store path. I'm not sure why this is happening! On Darwin it works
# fine.
autoPatchelfHook
];
# This is not needed per-se, it's only added for autoPatchelfHook to work
# correctly. See the note above ^^
buildInputs = lib.optionals stdenv.hostPlatform.isLinux [h3];
dependencies = [numpy];
# The following prePatch replaces the h3lib compilation with using the h3 packaged in nixpkgs.
#
# - Remove the h3lib submodule.
# - Patch CMakeLists to avoid building h3lib, and use h3 instead.
prePatch = let
cmakeCommands = ''
include_directories(${lib.getDev h3}/include/h3)
link_directories(${h3}/lib)
'';
in ''
rm -r src/h3lib
substituteInPlace CMakeLists.txt \
--replace-fail "add_subdirectory(src/h3lib)" "${cmakeCommands}" \
--replace-fail "\''${CMAKE_CURRENT_BINARY_DIR}/src/h3lib/src/h3lib/include/h3api.h" "${lib.getDev h3}/include/h3/h3api.h"
'';
# Extra check to make sure we can import it from Python
pythonImportsCheck = ["h3"];
meta = {
homepage = "https://github.com/uber/h3-py";
description = "Hierarchical hexagonal geospatial indexing system";
license = lib.licenses.asl20;
maintainers = [lib.maintainers.kalbasit];
};
}

49
modules/common-modules/pkgs/python/pyexiv2.nix Normal file
View file

@ -0,0 +1,49 @@
{
lib,
fetchFromGitHub,
buildPythonPackage,
exiv2,
boost,
pybind11,
setuptools,
...
}: let
pname = "pyexiv2";
version = "2.15.3";
in
buildPythonPackage {
inherit pname version;
pyproject = true;
build-system = [setuptools];
src = fetchFromGitHub {
owner = "LeoHsiao1";
repo = "pyexiv2";
rev = "v${version}";
sha256 = "sha256-83bFMaoXncvhRJNcCgkkC7B29wR5pjuLO/EdkQdqxxo=";
};
buildInputs = [
exiv2
boost
];
nativeBuildInputs = [
pybind11
];
# Skip tests as they may require specific test images
doCheck = false;
# Disable runtime dependencies check initially
dontCheckRuntimeDeps = true;
meta = with lib; {
description = "Python binding to the library exiv2";
homepage = "https://github.com/LeoHsiao1/pyexiv2";
license = licenses.gpl3Plus;
maintainers = [];
platforms = platforms.linux;
};
}

52
modules/common-modules/pkgs/python/pygeofilter.nix Normal file
View file

@ -0,0 +1,52 @@
{
lib,
fetchPypi,
buildPythonPackage,
setuptools,
wheel,
lark,
python-dateutil,
shapely,
...
}: let
pname = "pygeofilter";
version = "0.3.1";
in
buildPythonPackage {
inherit pname version;
pyproject = true;
src = fetchPypi {
inherit pname version;
hash = "sha256-+SvAYiCZ+H/os23nq92GBZ1hWontYIInNwgiI6V44VA=";
};
build-system = [
setuptools
wheel
];
dependencies = [
lark
python-dateutil
shapely
];
# Skip tests as they may require specific setup
doCheck = false;
# Disable runtime dependencies check
dontCheckRuntimeDeps = true;
# Basic imports check
pythonImportsCheck = ["pygeofilter"];
meta = with lib; {
description = "A pure Python parser implementation of OGC filtering standards";
homepage = "https://github.com/geopython/pygeofilter";
license = licenses.mit;
maintainers = [];
platforms = platforms.all;
};
}

48
modules/common-modules/pkgs/python/pygeoif.nix Normal file
View file

@ -0,0 +1,48 @@
{
lib,
fetchPypi,
buildPythonPackage,
setuptools,
wheel,
typing-extensions,
...
}: let
pname = "pygeoif";
version = "1.5.1";
in
buildPythonPackage {
inherit pname version;
pyproject = true;
src = fetchPypi {
inherit pname version;
hash = "sha256-8nprah7Lh66swrUbzFnKeb5w7RKgEE3oYBR4shPdXYE=";
};
build-system = [
setuptools
wheel
];
dependencies = [
typing-extensions
];
# Skip tests as they may require specific setup
doCheck = false;
# Disable runtime dependencies check
dontCheckRuntimeDeps = true;
# Basic imports check
pythonImportsCheck = ["pygeoif"];
meta = with lib; {
description = "A basic implementation of the __geo_interface__";
homepage = "https://github.com/cleder/pygeoif";
license = licenses.lgpl21Plus;
maintainers = [];
platforms = platforms.all;
};
}

40
modules/common-modules/pkgs/python/rfeed.nix Normal file
View file

@ -0,0 +1,40 @@
{
lib,
fetchPypi,
buildPythonPackage,
setuptools,
python-dateutil,
}:
buildPythonPackage rec {
pname = "rfeed";
version = "1.1.1";
pyproject = true;
src = fetchPypi {
inherit pname version;
hash = "sha256-qpUG8oZrdPWjItOUoUpjwZpoJcLZR1X/GdRt0eJDSBk=";
};
build-system = [
setuptools
];
dependencies = [
python-dateutil
];
# No tests available in the package
doCheck = false;
pythonImportsCheck = [
"rfeed"
];
meta = with lib; {
description = "RSS feed generation library for Python";
homepage = "https://pypi.org/project/rfeed/";
license = licenses.mit;
maintainers = [];
platforms = platforms.all;
};
}

65
modules/common-modules/pkgs/sgblur.nix Normal file
View file

@ -0,0 +1,65 @@
{
lib,
python3Packages,
fetchFromGitHub,
pkg-config,
libjpeg_turbo,
exiftran ? libjpeg_turbo,
}:
python3Packages.buildPythonPackage {
pname = "sgblur";
version = "1.0.0";
pyproject = true;
src = fetchFromGitHub {
owner = "cquest";
repo = "sgblur";
rev = "master";
hash = "sha256-17wpif2sa021kaa1pbkry4l1967la1qd7knhngvxblrvd7jqqz4y=";
};
nativeBuildInputs = [
pkg-config
];
buildInputs = [
libjpeg_turbo
exiftran
];
build-system = with python3Packages; [
setuptools
wheel
];
dependencies = with python3Packages; [
# Core dependencies from pyproject.toml
ultralytics
# pyturbojpeg # May need special handling
pillow
# uuid # Built into Python
# exifread
python-multipart
fastapi
uvicorn
requests
# piexif
pydantic-settings
pydantic
];
# Skip tests as they may require GPU or specific setup
doCheck = false;
# The package may have import issues due to system dependencies
pythonImportsCheck = [];
meta = with lib; {
description = "Panoramax Speedy Gonzales Blurring Algorithm - AI-powered face and license plate blurring API";
homepage = "https://github.com/cquest/sgblur";
license = licenses.mit;
maintainers = [];
platforms = platforms.unix;
};
}

0
modules/nixos-modules/packages/webtoon-dl.nix → modules/common-modules/pkgs/webtoon-dl.nix
View file

75
modules/home-manager-modules/continue.nix
View file

@ -1,75 +0,0 @@
{
lib,
pkgs,
config,
osConfig,
...
}: let
ai-tooling-enabled = config.user.continue.enable && osConfig.host.ai.enable;
in {
options = {
user.continue = {
enable = lib.mkEnableOption "should continue be enabled on this machine";
docs = lib.mkOption {
type = lib.types.attrsOf (lib.types.submodule ({name, ...}: {
options = {
name = lib.mkOption {
type = lib.types.str;
default = name;
};
startUrl = lib.mkOption {
type = lib.types.str;
};
};
}));
};
context = lib.mkOption {
type = lib.types.attrsOf (lib.types.submodule ({name, ...}: {
options = {
provider = lib.mkOption {
type = lib.types.str;
default = name;
};
};
}));
default = {
"code" = {};
"docs" = {};
"diff" = {};
"terminal" = {};
"problems" = {};
"folder" = {};
"codebase" = {};
};
};
};
};
config =
lib.mkIf ai-tooling-enabled
(lib.mkMerge [
{
home = {
file = {
".continue/config.yaml".source = (pkgs.formats.yaml {}).generate "continue-config" {
name = "Assistant";
version = "1.0.0";
schema = "v1";
models = lib.attrsets.attrValues osConfig.host.ai.models;
context = lib.attrsets.attrValues config.user.continue.context;
docs = lib.attrsets.attrValues config.user.continue.docs;
};
};
};
}
(lib.mkIf osConfig.host.impermanence.enable {
home.persistence."/persist${config.home.homeDirectory}" = {
directories = [
".continue/index"
".continue/sessions"
];
allowOther = true;
};
})
]);
}

6
modules/home-manager-modules/default.nix
View file

@ -1,9 +1,13 @@
# this folder container modules that are for home manager only
{...}: {
imports = [
./sops.nix
./user.nix
./flipperzero.nix
./i18n.nix
./impermanence.nix
./openssh.nix
./continue.nix
./gnome.nix
./programs
];
}

203
modules/home-manager-modules/gnome.nix Normal file
View file

@ -0,0 +1,203 @@
{
lib,
config,
pkgs,
...
}: let
enabledExtensions =
[]
++ lib.optional config.gnome.extensions.dash-to-dock.enable pkgs.gnomeExtensions.dash-to-dock
++ lib.optional config.gnome.extensions.dash-to-panel.enable pkgs.gnomeExtensions.dash-to-panel;
extensions = config.gnome.extraExtensions ++ enabledExtensions;
in {
options.gnome = {
extraWindowControls = lib.mkEnableOption "Should we add back in the minimize and maximize window controls?";
clockFormat = lib.mkOption {
type = lib.types.enum [
"12h"
"24h"
];
default = "24h";
};
colorScheme = lib.mkOption {
type = lib.types.enum [
"default"
"prefer-dark"
"prefer-light"
];
default = "default";
};
accentColor = lib.mkOption {
type = lib.types.enum [
"blue"
"teal"
"green"
"yellow"
"orange"
"red"
"pink"
"purple"
"slate"
];
default = "blue";
};
extraExtensions = lib.mkOption {
type = lib.types.listOf lib.types.package;
default = [];
description = "The set of extensions to install and enable in the user environment.";
};
hotkeys = lib.mkOption {
type = lib.types.attrsOf (lib.types.submodule ({name, ...}: {
options = {
key = lib.mkOption {
type = lib.types.strMatching "[a-zA-Z0-9-]+";
default = builtins.replaceStrings [" " "/" "_"] ["-" "-" "-"] name;
};
name = lib.mkOption {
type = lib.types.str;
default = name;
};
binding = lib.mkOption {
type = lib.types.str;
};
command = lib.mkOption {
type = lib.types.str;
};
};
}));
default = {};
};
displayScaling = lib.mkOption {
type = lib.types.nullOr (lib.types.enum [100 125 150 175 200]);
default = null;
description = "Display scaling percentage for GNOME";
};
experimentalFeatures = lib.mkOption {
type = lib.types.submodule {
options = {
scaleMonitorFramebuffer = lib.mkEnableOption "scale-monitor-framebuffer experimental feature";
};
};
default = {};
description = "GNOME experimental features to enable";
};
nightLight = lib.mkOption {
type = lib.types.submodule {
options = {
enable = lib.mkEnableOption "night light (blue light filter)";
automatic = lib.mkOption {
type = lib.types.bool;
default = true;
description = "Whether to automatically schedule night light based on sunset/sunrise";
};
fromTime = lib.mkOption {
type = lib.types.float;
default = 20.0;
description = "Start time for night light in 24-hour format (e.g., 20.0 for 8:00 PM)";
};
toTime = lib.mkOption {
type = lib.types.float;
default = 6.0;
description = "End time for night light in 24-hour format (e.g., 6.0 for 6:00 AM)";
};
temperature = lib.mkOption {
type = lib.types.int;
default = 4000;
description = "Color temperature for night light (1000-10000K, lower is warmer)";
};
};
};
default = {};
description = "Night light configuration";
};
extensions = {
dash-to-dock = {
enable = lib.mkEnableOption "Dash to Dock extension";
options = lib.mkOption {
type = lib.types.nullOr lib.types.attrs;
default = null;
description = "Dash to Dock configuration options. If null, no custom configuration will be applied.";
};
};
dash-to-panel = {
enable = lib.mkEnableOption "Dash to Panel extension";
options = lib.mkOption {
type = lib.types.nullOr lib.types.attrs;
default = null;
description = "Dash to Panel configuration options. If null, no custom configuration will be applied.";
};
};
};
};
config = {
home.packages = extensions;
dconf = {
settings = lib.mkMerge [
{
"org/gnome/shell" = {
disable-user-extensions = false; # enables user extensions
enabled-extensions = builtins.map (extension: extension.extensionUuid) extensions;
};
"org/gnome/desktop/wm/preferences".button-layout = lib.mkIf config.gnome.extraWindowControls ":minimize,maximize,close";
"org/gnome/desktop/interface".color-scheme = config.gnome.colorScheme;
"org/gnome/desktop/interface".accent-color = config.gnome.accentColor;
"org/gnome/desktop/interface".clock-format = config.gnome.clockFormat;
"org/gnome/desktop/interface".text-scaling-factor = lib.mkIf (config.gnome.displayScaling != null) (config.gnome.displayScaling / 100.0);
"org/gnome/mutter".experimental-features = lib.mkIf (builtins.any (x: x) (builtins.attrValues config.gnome.experimentalFeatures)) (
lib.optional config.gnome.experimentalFeatures.scaleMonitorFramebuffer "scale-monitor-framebuffer"
);
}
# Night light configuration
(lib.mkIf config.gnome.nightLight.enable {
"org/gnome/settings-daemon/plugins/color" = {
night-light-enabled = true;
night-light-schedule-automatic = config.gnome.nightLight.automatic;
night-light-schedule-from = lib.mkIf (!config.gnome.nightLight.automatic) config.gnome.nightLight.fromTime;
night-light-schedule-to = lib.mkIf (!config.gnome.nightLight.automatic) config.gnome.nightLight.toTime;
night-light-temperature = config.gnome.nightLight.temperature;
};
})
(
lib.mkMerge (
builtins.map (value: let
entry = "org/gnome/settings-daemon/plugins/media-keys/custom-keybindings/${value.key}";
in {
${entry} = {
binding = value.binding;
command = value.command;
name = value.name;
};
"org/gnome/settings-daemon/plugins/media-keys" = {
custom-keybindings = [
"/${entry}/"
];
};
})
(
lib.attrsets.mapAttrsToList (_: value: value) config.gnome.hotkeys
)
)
)
# Extension configurations
(lib.mkIf (config.gnome.extensions.dash-to-dock.enable && config.gnome.extensions.dash-to-dock.options != null) {
"org/gnome/shell/extensions/dash-to-dock" = config.gnome.extensions.dash-to-dock.options;
})
(lib.mkIf (config.gnome.extensions.dash-to-panel.enable && config.gnome.extensions.dash-to-panel.options != null) {
"org/gnome/shell/extensions/dash-to-panel" = config.gnome.extensions.dash-to-panel.options;
})
];
};
};
}

35
modules/home-manager-modules/impermanence.nix Normal file
View file

@ -0,0 +1,35 @@
{
config,
lib,
osConfig,
...
}: let
cfg = config.impermanence;
in {
options.impermanence = {
enable = lib.mkEnableOption "impermanence for home directory";
fallbackPersistence.enable = lib.mkOption {
type = lib.types.bool;
default = true;
};
};
config = lib.mkMerge [
(lib.mkIf config.impermanence.enable {
assertions = [
{
assertion = osConfig.host.impermanence.enable;
message = "impermanence can not be enabled for a user when it is not enabled for the system";
}
];
})
# If impermanence is not enabled for this user but system impermanence is enabled,
# persist the entire home directory as fallback
(lib.mkIf (osConfig.host.impermanence.enable && !cfg.enable && cfg.fallbackPersistence.enable) {
home.persistence."/persist/home/${config.home.username}" = {
directories = ["."];
allowOther = true;
};
})
];
}

14
modules/home-manager-modules/openssh.nix
View file

@ -6,6 +6,7 @@
...
}: {
options.programs.openssh = {
enable = lib.mkEnableOption "should we enable openssh";
authorizedKeys = lib.mkOption {
type = lib.types.listOf lib.types.str;
default = [];
@ -37,14 +38,20 @@
};
};
config = lib.mkMerge [
config = lib.mkIf config.programs.openssh.enable (
lib.mkMerge [
(
lib.mkIf ((builtins.length config.programs.openssh.hostKeys) != 0) {
services.ssh-agent.enable = true;
programs.ssh = {
enable = true;
enableDefaultConfig = false;
matchBlocks = {
"*" = {
compression = true;
addKeysToAgent = "confirm";
};
};
extraConfig = lib.strings.concatLines (
builtins.map (hostKey: "IdentityFile ~/.ssh/${hostKey.path}") config.programs.openssh.hostKeys
);
@ -88,12 +95,13 @@
);
}
)
(lib.mkIf osConfig.host.impermanence.enable {
(lib.mkIf config.impermanence.enable {
home.persistence."/persist${config.home.homeDirectory}" = {
files = lib.lists.flatten (
builtins.map (hostKey: [".ssh/${hostKey.path}" ".ssh/${hostKey.path}.pub"]) config.programs.openssh.hostKeys
);
};
})
];
]
);
}

15
modules/home-manager-modules/programs/anki.nix Normal file
View file

@ -0,0 +1,15 @@
{
lib,
config,
osConfig,
...
}: {
config = lib.mkIf (config.programs.anki.enable && osConfig.host.impermanence.enable) {
home.persistence."/persist${config.home.homeDirectory}" = {
directories = [
"${config.xdg.dataHome}/Anki2/"
];
allowOther = true;
};
};
}

28
modules/home-manager-modules/programs/bitwarden.nix Normal file
View file

@ -0,0 +1,28 @@
{
lib,
pkgs,
config,
...
}: {
options.programs.bitwarden = {
enable = lib.mkEnableOption "enable bitwarden";
};
config = lib.mkIf config.programs.bitwarden.enable (lib.mkMerge [
{
home.packages = with pkgs; [
bitwarden-desktop
];
}
(
lib.mkIf config.impermanence.enable {
home.persistence."/persist${config.home.homeDirectory}" = {
directories = [
"${config.xdg.configHome}/Bitwarden"
];
allowOther = true;
};
}
)
]);
}

28
modules/home-manager-modules/programs/bruno.nix Normal file
View file

@ -0,0 +1,28 @@
{
lib,
pkgs,
config,
...
}: {
options.programs.bruno = {
enable = lib.mkEnableOption "enable bruno";
};
config = lib.mkIf config.programs.bruno.enable (lib.mkMerge [
{
home.packages = with pkgs; [
bruno
];
}
(
lib.mkIf config.impermanence.enable {
home.persistence."/persist${config.home.homeDirectory}" = {
directories = [
"${config.xdg.configHome}/bruno/"
];
allowOther = true;
};
}
)
]);
}

28
modules/home-manager-modules/programs/calibre.nix Normal file
View file

@ -0,0 +1,28 @@
{
lib,
pkgs,
config,
...
}: {
options.programs.calibre = {
enable = lib.mkEnableOption "enable calibre";
};
config = lib.mkIf config.programs.calibre.enable (lib.mkMerge [
{
home.packages = with pkgs; [
calibre
];
}
(
lib.mkIf config.impermanence.enable {
home.persistence."/persist${config.home.homeDirectory}" = {
directories = [
"${config.xdg.configHome}/calibre"
];
allowOther = true;
};
}
)
]);
}

29
modules/home-manager-modules/programs/davinci-resolve.nix Normal file
View file

@ -0,0 +1,29 @@
{
lib,
pkgs,
config,
...
}: {
options.programs.davinci-resolve = {
enable = lib.mkEnableOption "enable davinci-resolve";
};
config = lib.mkIf config.programs.davinci-resolve.enable (lib.mkMerge [
{
home.packages = with pkgs; [
davinci-resolve
];
}
(
lib.mkIf config.impermanence.enable {
home.persistence."/persist${config.home.homeDirectory}" = {
directories = [
"${config.xdg.dataHome}/DaVinciResolve"
"${config.xdg.configHome}/blackmagic"
];
allowOther = true;
};
}
)
]);
}

28
modules/home-manager-modules/programs/dbeaver.nix Normal file
View file

@ -0,0 +1,28 @@
{
lib,
pkgs,
config,
...
}: {
options.programs.dbeaver-bin = {
enable = lib.mkEnableOption "enable dbeaver";
};
config = lib.mkIf config.programs.dbeaver-bin.enable (lib.mkMerge [
{
home.packages = with pkgs; [
dbeaver-bin
];
}
(
lib.mkIf config.impermanence.enable {
home.persistence."/persist${config.home.homeDirectory}" = {
directories = [
"${config.xdg.dataHome}/DBeaverData/"
];
allowOther = true;
};
}
)
]);
}

49
modules/home-manager-modules/programs/default.nix Normal file
View file

@ -0,0 +1,49 @@
{...}: {
imports = [
./firefox.nix
./signal.nix
./bitwarden.nix
./makemkv.nix
./obs.nix
./anki.nix
./piper.nix
./qbittorrent.nix
./discord.nix
./obsidian.nix
./prostudiomasters.nix
./idea.nix
./kdenlive.nix
./krita.nix
./protonvpn.nix
./calibre.nix
./bruno.nix
./dbeaver.nix
./dungeon-draft.nix
./steam.nix
./vscode
./ungoogled-chromium.nix
./libreoffice.nix
./mapillary-uploader.nix
./inkscape.nix
./gimp.nix
./guild-wars-2.nix
./proxmark3.nix
./freecad.nix
./onionshare.nix
./mfoc.nix
./pdfarranger.nix
./picard.nix
./qflipper.nix
./openvpn.nix
./noisetorch.nix
./olympus.nix
./openrgb.nix
./via.nix
./vortex.nix
./davinci-resolve.nix
./gdx-liftoff.nix
./tor-browser.nix
./polycule.nix
./vmware-workstation.nix
];
}

28
modules/home-manager-modules/programs/discord.nix Normal file
View file

@ -0,0 +1,28 @@
{
lib,
pkgs,
config,
...
}: {
options.programs.discord = {
enable = lib.mkEnableOption "enable discord";
};
config = lib.mkIf config.programs.discord.enable (lib.mkMerge [
{
home.packages = with pkgs; [
discord
];
}
(
lib.mkIf config.impermanence.enable {
home.persistence."/persist${config.home.homeDirectory}" = {
directories = [
"${config.xdg.configHome}/discord/"
];
allowOther = true;
};
}
)
]);
}

24
modules/home-manager-modules/programs/dungeon-draft.nix Normal file
View file

@ -0,0 +1,24 @@
{
config,
lib,
...
}: let
cfg = config.programs.dungeon-draft;
in {
options.programs.dungeon-draft = {
enable = lib.mkEnableOption "Dungeon Draft";
};
config = {
assertions = [
{
assertion = !cfg.enable;
message = ''
Dungeon Draft module is not yet fully configured.
Please download the Dungeon Draft executable (.exe) from the official website,
then configure the Wine environment and executable path as needed.
'';
}
];
};
}

42
modules/home-manager-modules/programs/firefox.nix Normal file
View file

@ -0,0 +1,42 @@
{
lib,
config,
...
}: let
buildProfilePersistence = profile: {
directories = [
".mozilla/firefox/${profile}/extensions"
];
files = [
".mozilla/firefox/${profile}/cookies.sqlite"
".mozilla/firefox/${profile}/favicons.sqlite"
# Permissions and ${profileName} levels for each site
".mozilla/firefox/${profile}/permissions.sqlite"
".mozilla/firefox/${profile}/content-prefs.sqlite"
# Browser history and bookmarks
".mozilla/firefox/${profile}/places.sqlite"
# I guess this is useful?
# https://bugzilla.mozilla.org/show_bug.cgi?id=1511384
# https://developer.mozilla.org/en-US/docs/Web/API/Storage_API/Storage_quotas_and_eviction_criteria
".mozilla/firefox/${profile}/storage.sqlite"
# Extension configuration
".mozilla/firefox/${profile}/extension-settings.json"
];
allowOther = true;
};
in {
config = lib.mkIf (config.programs.firefox.enable && config.impermanence.enable) {
home.persistence."/persist${config.home.homeDirectory}" = lib.mkMerge (
(
lib.attrsets.mapAttrsToList
(profile: _: buildProfilePersistence profile)
config.programs.firefox.profiles
)
++ (
lib.lists.optional
((builtins.length (lib.attrsets.mapAttrsToList (key: value: value) config.programs.firefox.profiles)) == 0)
(buildProfilePersistence "default")
)
);
};
}

28
modules/home-manager-modules/programs/freecad.nix Normal file
View file

@ -0,0 +1,28 @@
{
lib,
pkgs,
config,
...
}: {
options.programs.freecad = {
enable = lib.mkEnableOption "enable freecad";
};
config = lib.mkIf config.programs.freecad.enable (lib.mkMerge [
{
home.packages = with pkgs; [
freecad
];
}
(
lib.mkIf config.impermanence.enable {
home.persistence."/persist${config.home.homeDirectory}" = {
directories = [
"${config.xdg.configHome}/FreeCAD"
];
allowOther = true;
};
}
)
]);
}

16
modules/home-manager-modules/programs/gdx-liftoff.nix Normal file
View file

@ -0,0 +1,16 @@
{
lib,
pkgs,
config,
...
}: {
options.programs.gdx-liftoff = {
enable = lib.mkEnableOption "enable gdx-liftoff";
};
config = lib.mkIf config.programs.gdx-liftoff.enable {
home.packages = with pkgs; [
gdx-liftoff
];
};
}

28
modules/home-manager-modules/programs/gimp.nix Normal file
View file

@ -0,0 +1,28 @@
{
lib,
pkgs,
config,
...
}: {
options.programs.gimp = {
enable = lib.mkEnableOption "enable gimp";
};
config = lib.mkIf config.programs.gimp.enable (lib.mkMerge [
{
home.packages = with pkgs; [
gimp
];
}
(
lib.mkIf config.impermanence.enable {
home.persistence."/persist${config.home.homeDirectory}" = {
directories = [
"${config.xdg.configHome}/GIMP"
];
allowOther = true;
};
}
)
]);
}

24
modules/home-manager-modules/programs/guild-wars-2.nix Normal file
View file

@ -0,0 +1,24 @@
{
config,
lib,
...
}: let
cfg = config.programs.guild-wars-2;
in {
options.programs.guild-wars-2 = {
enable = lib.mkEnableOption "Guild Wars 2";
};
config = {
assertions = [
{
assertion = !cfg.enable;
message = ''
Guild Wars 2 module is not yet fully configured.
Please install Guild Wars 2 manually via Steam or the official client,
then configure the Wine environment as needed.
'';
}
];
};
}

32
modules/home-manager-modules/programs/idea.nix Normal file
View file

@ -0,0 +1,32 @@
{
lib,
pkgs,
config,
...
}: {
options.programs.jetbrains.idea-community = {
enable = lib.mkEnableOption "enable idea-community";
};
config = lib.mkIf config.programs.jetbrains.idea-community.enable (lib.mkMerge [
{
home.packages = with pkgs; [
jetbrains.idea-community
];
}
(
lib.mkIf config.impermanence.enable {
home.persistence."/persist${config.home.homeDirectory}" = {
directories = [
# configuration
"${config.xdg.configHome}/JetBrains/"
# plugins
"${config.xdg.dataHome}/JetBrains/"
# System and Logs
"${config.xdg.cacheHome}/JetBrains/"
];
};
}
)
]);
}

28
modules/home-manager-modules/programs/inkscape.nix Normal file
View file

@ -0,0 +1,28 @@
{
lib,
pkgs,
config,
...
}: {
options.programs.inkscape = {
enable = lib.mkEnableOption "enable inkscape";
};
config = lib.mkIf config.programs.inkscape.enable (lib.mkMerge [
{
home.packages = with pkgs; [
inkscape
];
}
(
lib.mkIf config.impermanence.enable {
home.persistence."/persist${config.home.homeDirectory}" = {
directories = [
"${config.xdg.configHome}/inkscape"
];
allowOther = true;
};
}
)
]);
}

36
modules/home-manager-modules/programs/kdenlive.nix Normal file
View file

@ -0,0 +1,36 @@
{
config,
lib,
pkgs,
...
}: let
cfg = config.programs.kdenlive;
in {
options.programs.kdenlive = {
enable = lib.mkEnableOption "kdenlive";
package = lib.mkOption {
type = lib.types.package;
default = pkgs.kdePackages.kdenlive;
description = "The kdenlive package to install.";
};
};
config = lib.mkIf cfg.enable (lib.mkMerge [
{
home.packages = [
cfg.package
];
}
(
lib.mkIf config.impermanence.enable {
home.persistence."/persist${config.home.homeDirectory}" = {
directories = [
"${config.xdg.configHome}/kdenliverc"
"${config.xdg.dataHome}/kdenlive"
];
allowOther = true;
};
}
)
]);
}

29
modules/home-manager-modules/programs/krita.nix Normal file
View file

@ -0,0 +1,29 @@
{
lib,
pkgs,
config,
...
}: {
options.programs.krita = {
enable = lib.mkEnableOption "enable krita";
};
config = lib.mkIf config.programs.krita.enable (lib.mkMerge [
{
home.packages = with pkgs; [
krita
];
}
(
lib.mkIf config.impermanence.enable {
home.persistence."/persist${config.home.homeDirectory}" = {
directories = [
"${config.xdg.configHome}/kritarc"
"${config.xdg.dataHome}/krita"
];
allowOther = true;
};
}
)
]);
}

28
modules/home-manager-modules/programs/libreoffice.nix Normal file
View file

@ -0,0 +1,28 @@
{
lib,
pkgs,
config,
...
}: {
options.programs.libreoffice = {
enable = lib.mkEnableOption "enable libreoffice";
};
config = lib.mkIf config.programs.libreoffice.enable (lib.mkMerge [
{
home.packages = with pkgs; [
libreoffice
];
}
(
lib.mkIf config.impermanence.enable {
home.persistence."/persist${config.home.homeDirectory}" = {
directories = [
"${config.xdg.configHome}/libreoffice"
];
allowOther = true;
};
}
)
]);
}

41
modules/home-manager-modules/programs/makemkv.nix Normal file
View file

@ -0,0 +1,41 @@
{
lib,
pkgs,
config,
...
}: {
options.programs.makemkv = {
enable = lib.mkEnableOption "enable makemkv";
appKeyFile = lib.mkOption {
type = lib.types.str;
};
destinationDir = lib.mkOption {
type = lib.types.str;
};
};
config = lib.mkIf config.programs.makemkv.enable (lib.mkMerge [
{
home.packages = with pkgs; [
makemkv
];
sops.templates."MakeMKV.settings.conf".content = ''
app_DestinationDir = "${config.programs.makemkv.destinationDir}"
app_DestinationType = "2"
app_Key = "${config.programs.makemkv.appKeyFile}"
'';
home.file.".MakeMKV/settings.conf".source = config.lib.file.mkOutOfStoreSymlink config.sops.templates."MakeMKV.settings.conf".path;
}
(
lib.mkIf config.impermanence.enable {
home.persistence."/persist${config.home.homeDirectory}" = {
directories = [
".MakeMKV"
];
};
}
)
]);
}

30
modules/home-manager-modules/programs/mapillary-uploader.nix Normal file
View file

@ -0,0 +1,30 @@
{
config,
lib,
pkgs,
...
}:
with lib; let
cfg = config.programs.mapillary-uploader;
in {
options.programs.mapillary-uploader = {
enable = mkEnableOption "Mapillary Desktop Uploader";
};
config = mkIf cfg.enable (mkMerge [
{
home.packages = [pkgs.mapillary-uploader];
}
(
mkIf config.impermanence.enable {
home.persistence."/persist${config.home.homeDirectory}" = {
directories = [
"${config.xdg.configHome}/mapillary-uploader"
"${config.xdg.dataHome}/mapillary-uploader"
];
allowOther = true;
};
}
)
]);
}

16
modules/home-manager-modules/programs/mfoc.nix Normal file
View file

@ -0,0 +1,16 @@
{
lib,
pkgs,
config,
...
}: {
options.programs.mfoc = {
enable = lib.mkEnableOption "enable mfoc";
};
config = lib.mkIf config.programs.mfoc.enable {
home.packages = with pkgs; [
mfoc
];
};
}

16
modules/home-manager-modules/programs/noisetorch.nix Normal file
View file

@ -0,0 +1,16 @@
{
lib,
pkgs,
config,
...
}: {
options.programs.noisetorch = {
enable = lib.mkEnableOption "enable noisetorch";
};
config = lib.mkIf config.programs.noisetorch.enable {
home.packages = with pkgs; [
noisetorch
];
};
}

18
modules/home-manager-modules/programs/obs.nix Normal file
View file

@ -0,0 +1,18 @@
{
lib,
config,
...
}: {
config = lib.mkIf config.programs.obs-studio.enable (lib.mkMerge [
(
lib.mkIf config.impermanence.enable {
home.persistence."/persist${config.home.homeDirectory}" = {
directories = [
"${config.xdg.configHome}/obs-studio"
];
allowOther = true;
};
}
)
]);
}

17
modules/home-manager-modules/programs/obsidian.nix Normal file
View file

@ -0,0 +1,17 @@
{
lib,
config,
...
}: {
config = lib.mkIf config.programs.obsidian.enable (lib.mkMerge [
(
lib.mkIf config.impermanence.enable {
home.persistence."/persist${config.home.homeDirectory}" = {
directories = [
"${config.xdg.configHome}/obsidian"
];
};
}
)
]);
}

Some files were not shown because too many files have changed in this diff Show more