max/os
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

refactor: move max into dentritic pattern

Browse Source
This commit is contained in:
Max Koon
2026-05-21 11:26:17 -04:00
parent 5e886ee875
commit 8043068885
90 changed files with 1963 additions and 1586 deletions
Download Patch File Download Diff File Expand all files Collapse all files

BIN
assets/wallpaper2.jpg Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 2.2 MiB

BIN
assets/wallpaper3.jpg Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 696 KiB

BIN
assets/wallpaper4.jpg Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 260 KiB

BIN
assets/wallpaper5.jpg Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 366 KiB

BIN
assets/wallpaper6.jpg Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 11 MiB

167
flake.lock generated
View File

@@ -64,6 +64,24 @@
}
},
"flake-parts": {
"inputs": {
"nixpkgs-lib": "nixpkgs-lib"
},
"locked": {
"lastModified": 1777988971,
"narHash": "sha256-qIoWPDs+0/8JecyYgE3gpKQxW/4bLW/gp45vow9ioCQ=",
"owner": "hercules-ci",
"repo": "flake-parts",
"rev": "0678d8986be1661af6bb555f3489f2fdfc31f6ff",
"type": "github"
},
"original": {
"owner": "hercules-ci",
"repo": "flake-parts",
"type": "github"
}
},
"flake-parts_2": {
"inputs": {
"nixpkgs-lib": [
"nixvim",
@@ -84,7 +102,7 @@
"type": "github"
}
},
"flake-parts_2": {
"flake-parts_3": {
"inputs": {
"nixpkgs-lib": [
"terranix",
@@ -123,6 +141,30 @@
"type": "github"
}
},
"hm-wrapper-modules": {
"inputs": {
"home-manager": [
"home-manager"
],
"nix-wrapper-modules": "nix-wrapper-modules",
"nixpkgs": [
"nixpkgs"
]
},
"locked": {
"lastModified": 1774554164,
"narHash": "sha256-HzYleaTR4n4wejE7nyTcq7F1Kp4Q5ow//k/y0fiHNs0=",
"owner": "sini",
"repo": "hm-wrapper-modules",
"rev": "b28ff211a8cce758a98e0db349c0f3dd77a13373",
"type": "github"
},
"original": {
"owner": "sini",
"repo": "hm-wrapper-modules",
"type": "github"
}
},
"home-manager": {
"inputs": {
"nixpkgs": [
@@ -165,6 +207,21 @@
"type": "github"
}
},
"import-tree": {
"locked": {
"lastModified": 1773693634,
"narHash": "sha256-BtZ2dtkBdSUnFPPFc+n0kcMbgaTxzFNPv2iaO326Ffg=",
"owner": "vic",
"repo": "import-tree",
"rev": "c41e7d58045f9057880b0d85e1152d6a4430dbf1",
"type": "github"
},
"original": {
"owner": "vic",
"repo": "import-tree",
"type": "github"
}
},
"ixx": {
"inputs": {
"flake-utils": [
@@ -193,6 +250,27 @@
"type": "github"
}
},
"nix-wrapper-modules": {
"inputs": {
"nixpkgs": [
"hm-wrapper-modules",
"nixpkgs"
]
},
"locked": {
"lastModified": 1774538285,
"narHash": "sha256-KRDNQDEWjB2O5SRH/oUTzi34cNxlIT8sab0FK2uqZ2g=",
"owner": "BirdeeHub",
"repo": "nix-wrapper-modules",
"rev": "15d740b2bfc545189a569147da7718457c12758e",
"type": "github"
},
"original": {
"owner": "BirdeeHub",
"repo": "nix-wrapper-modules",
"type": "github"
}
},
"nixos-apple-silicon": {
"inputs": {
"flake-compat": "flake-compat",
@@ -213,22 +291,6 @@
"type": "github"
}
},
"nixos-unstable": {
"locked": {
"lastModified": 1768564909,
"narHash": "sha256-Kell/SpJYVkHWMvnhqJz/8DqQg2b6PguxVWOuadbHCc=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "e4bae1bd10c9c57b2cf517953ab70060a828ee6f",
"type": "github"
},
"original": {
"owner": "nixos",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs": {
"locked": {
"lastModified": 1757745802,
@@ -245,6 +307,21 @@
"type": "github"
}
},
"nixpkgs-lib": {
"locked": {
"lastModified": 1777168982,
"narHash": "sha256-GOkGPcboWE9BmGCRMLX3worL4EMnsnG8MyKmXNeYuhQ=",
"owner": "nix-community",
"repo": "nixpkgs.lib",
"rev": "f5901329dade4a6ea039af1433fb087bd9c1fe14",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "nixpkgs.lib",
"type": "github"
}
},
"nixpkgs-unstable": {
"locked": {
"lastModified": 1773628058,
@@ -295,23 +372,23 @@
},
"nixpkgs_4": {
"locked": {
"lastModified": 1764517877,
"narHash": "sha256-pp3uT4hHijIC8JUK5MEqeAWmParJrgBVzHLNfJDZxg4=",
"lastModified": 1778274207,
"narHash": "sha256-I4puXmX1iovcCHZlRmztO3vW0mAbbRvq4F8wgIMQ1MM=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "2d293cbfa5a793b4c50d17c05ef9e385b90edf6c",
"rev": "b3da656039dc7a6240f27b2ef8cc6a3ef3bccae7",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-unstable",
"ref": "nixpkgs-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixvim": {
"inputs": {
"flake-parts": "flake-parts",
"flake-parts": "flake-parts_2",
"nixpkgs": [
"nixpkgs"
],
@@ -368,37 +445,21 @@
"url": "https://devimages-cdn.apple.com/design/resources/download/NY.dmg"
}
},
"proton-pass-cli": {
"inputs": {
"nixpkgs": "nixpkgs_4"
},
"locked": {
"lastModified": 1766050030,
"narHash": "sha256-+jAjk7HyJ4aBo+JQODETpFFtpaXnUakcNx7ckBKhUkY=",
"owner": "yuxqiu",
"repo": "proton-pass-cli-nix",
"rev": "db5bd21dfe19b31d62fb62a7441a4d4c35bdf747",
"type": "github"
},
"original": {
"owner": "yuxqiu",
"repo": "proton-pass-cli-nix",
"type": "github"
}
},
"root": {
"inputs": {
"apple-fonts": "apple-fonts",
"firefox-addons": "firefox-addons",
"flake-parts": "flake-parts",
"hm-wrapper-modules": "hm-wrapper-modules",
"home-manager": "home-manager",
"import-tree": "import-tree",
"nixos-apple-silicon": "nixos-apple-silicon",
"nixos-unstable": "nixos-unstable",
"nixpkgs": "nixpkgs_3",
"nixpkgs-unstable": "nixpkgs-unstable",
"nixvim": "nixvim",
"proton-pass-cli": "proton-pass-cli",
"sops-nix": "sops-nix",
"terranix": "terranix",
"wrapper-modules": "wrapper-modules",
"zen-browser": "zen-browser"
}
},
@@ -553,7 +614,7 @@
},
"terranix": {
"inputs": {
"flake-parts": "flake-parts_2",
"flake-parts": "flake-parts_3",
"nixpkgs": [
"nixpkgs"
],
@@ -573,11 +634,29 @@
"type": "github"
}
},
"wrapper-modules": {
"inputs": {
"nixpkgs": "nixpkgs_4"
},
"locked": {
"lastModified": 1778520701,
"narHash": "sha256-qEA/vR6fKwnW3lqwy7f+Ds1iPgdotKpksQIk6UZotlM=",
"owner": "BirdeeHub",
"repo": "nix-wrapper-modules",
"rev": "5660d8cada6c2c5eb6c034577f3893f579526804",
"type": "github"
},
"original": {
"owner": "BirdeeHub",
"repo": "nix-wrapper-modules",
"type": "github"
}
},
"zen-browser": {
"inputs": {
"home-manager": "home-manager_2",
"nixpkgs": [
"nixos-unstable"
"nixpkgs-unstable"
]
},
"locked": {

180
flake.nix
View File

@@ -6,7 +6,10 @@
nixpkgs-unstable.url = "github:nixos/nixpkgs/nixpkgs-unstable";
nixos-unstable.url = "github:nixos/nixpkgs?ref=nixos-unstable";
flake-parts.url = "github:hercules-ci/flake-parts";
import-tree.url = "github:vic/import-tree";
wrapper-modules.url = "github:BirdeeHub/nix-wrapper-modules";
nixos-apple-silicon.url =
"github:nix-community/nixos-apple-silicon?ref=release-2025-11-18";
@@ -15,6 +18,9 @@
url = "github:nix-community/home-manager?ref=release-25.11";
inputs.nixpkgs.follows = "nixpkgs";
};
hm-wrapper-modules.url = "github:sini/hm-wrapper-modules";
hm-wrapper-modules.inputs.nixpkgs.follows = "nixpkgs";
hm-wrapper-modules.inputs.home-manager.follows = "home-manager";
nixvim = {
url = "github:nix-community/nixvim?ref=nixos-25.11";
@@ -35,7 +41,7 @@
url = "github:0xc000022070/zen-browser-flake";
# IMPORTANT: we're using "libgbm" and is only available in unstable so ensure
# to have it up-to-date or simply don't specify the nixpkgs input
inputs.nixpkgs.follows = "nixos-unstable";
inputs.nixpkgs.follows = "nixpkgs-unstable";
};
firefox-addons = {
@@ -44,116 +50,70 @@
};
apple-fonts.url= "github:Lyndeno/apple-fonts.nix";
proton-pass-cli.url = "github:yuxqiu/proton-pass-cli-nix";
};
outputs = { self, nixpkgs, nixpkgs-unstable, nixos-unstable, nixos-apple-silicon, home-manager
, nixvim, sops-nix, terranix, zen-browser, apple-fonts, proton-pass-cli, firefox-addons, ... }:
let
forAllSystems = function:
nixpkgs.lib.genAttrs nixpkgs.lib.systems.flakeExposed
(system: function nixpkgs.legacyPackages.${system});
in {
packages.aarch64-linux =
let
system = "aarch64-linux";
outputs = inputs: inputs.flake-parts.lib.mkFlake { inherit inputs;} (inputs.import-tree ./modules);
pkgs = import nixpkgs-unstable {
inherit system;
config = {
allowUnfree = true;
};
};
terraform = pkgs.terraform.withPlugins (p: [
p.pocketid
p.local
]);
terraformConfiguration = terranix.lib.terranixConfiguration {
inherit system;
modules = [ ./infra/config.nix ];
};
in {
deploy = pkgs.writeShellScriptBin "deploy" ''
echo Deploying Infrastructure...
export TF_VAR_pocketid_api_token=$(${pkgs.sops}/bin/sops -d --extract '["pocketid-api-token"]' secrets/secrets.yaml)
cd infra
cp ${terraformConfiguration} config.tf.json
${terraform}/bin/terraform init
${terraform}/bin/terraform apply
rm -f config.tf.json
echo Done
echo Encrypting secrets
cd ../secrets
${pkgs.sops}/bin/sops -e -i sops/oauth.yaml
echo Done
'';
};
nixosConfigurations = {
max = let
system = "aarch64-linux";
pkgs-unstable = import nixpkgs-unstable { inherit system; };
secrets = import ./secrets;
in nixpkgs.lib.nixosSystem {
inherit system;
specialArgs = { inherit pkgs-unstable secrets zen-browser apple-fonts proton-pass-cli; };
modules = [
./host/max/default.nix
nixos-apple-silicon.nixosModules.apple-silicon-support
sops-nix.nixosModules.sops
home-manager.nixosModules.home-manager
{
home-manager.useGlobalPkgs = true;
home-manager.useUserPackages = true;
home-manager.extraSpecialArgs = { inherit secrets zen-browser firefox-addons system pkgs-unstable; };
home-manager.users.max = { config, pkgs, lib, ... }: {
imports = [
sops-nix.homeManagerModules.sops
nixvim.homeModules.nixvim
zen-browser.homeModules.beta
./host/max/home.nix # Import your home.nix here
];
};
}
];
};
ark = let
system = "x86_64-linux";
secrets = import ./secrets;
in nixos-unstable.lib.nixosSystem {
inherit system;
specialArgs = { inherit secrets; };
modules = [
./host/ark/default.nix
sops-nix.nixosModules.sops
];
};
};
devShells = forAllSystems (pkgs: {
default = pkgs.mkShell {
packages = with pkgs; [
age
ssh-to-age
sops
just
];
};
});
};
# outputs = { self, nixpkgs, nixpkgs-unstable, nixos-unstable, nixos-apple-silicon, home-manager
# , nixvim, sops-nix, terranix, zen-browser, apple-fonts, proton-pass-cli, firefox-addons, ... }:
# let
# forAllSystems = function:
# nixpkgs.lib.genAttrs nixpkgs.lib.systems.flakeExposed
# (system: function nixpkgs.legacyPackages.${system});
# in {
#
# nixosConfigurations = {
# max = let
# system = "aarch64-linux";
# pkgs-unstable = import nixpkgs-unstable { inherit system; };
# secrets = import ./secrets;
# in nixpkgs.lib.nixosSystem {
# inherit system;
# specialArgs = { inherit pkgs-unstable secrets zen-browser apple-fonts proton-pass-cli; };
# modules = [
# ./host/max/default.nix
# nixos-apple-silicon.nixosModules.apple-silicon-support
# sops-nix.nixosModules.sops
# home-manager.nixosModules.home-manager
# {
# home-manager.useGlobalPkgs = true;
# home-manager.useUserPackages = true;
# home-manager.extraSpecialArgs = { inherit secrets zen-browser firefox-addons system pkgs-unstable; };
# home-manager.users.max = { config, pkgs, lib, ... }: {
# imports = [
# sops-nix.homeManagerModules.sops
# nixvim.homeModules.nixvim
# zen-browser.homeModules.beta
# ./host/max/home.nix # Import your home.nix here
# ];
# };
# }
# ];
# };
#
# ark = let
# system = "x86_64-linux";
# secrets = import ./secrets;
# in nixos-unstable.lib.nixosSystem {
# inherit system;
# specialArgs = { inherit secrets; };
# modules = [
# ./host/ark/default.nix
# sops-nix.nixosModules.sops
# ];
# };
# };
#
# devShells = forAllSystems (pkgs: {
# default = pkgs.mkShell {
# packages = with pkgs; [
# age
# ssh-to-age
# sops
# just
# ];
# };
# });
# };
}

7
home/common/optional/desktop/hyprland.nix
View File

@@ -11,15 +11,8 @@ in
./hyprland/notifications.nix
];
home.file.".config/waybar/config.jsonc".source = ./hyprland/waybar/config.jsonc;
home.file.".config/waybar/style.css".source = ./hyprland/waybar/style.css;
services.swayosd = {
enable = true;
};
home.file.".config/swayosd/style.css".source = ./hyprland/swayosd/style.css;
home.file.".config/walker/config.toml".source = ./hyprland/walker/config.toml;
}

27
home/common/optional/desktop/hyprland/hypridle.nix
View File

@@ -1,27 +0,0 @@
{ pkgs, scripts, ... }:
{
services.hypridle = {
enable = true;
settings = {
general = {
lock_cmd = "${scripts.lock}";
before_sleep_cmd = "${pkgs.systemd}/bin/loginctl lock-session"; # lock before suspend.
after_sleep_cmd = "${pkgs.hyprland}/bin/hyprctl dispatch dpms on"; # to avoid having to press a key twice to turn on the display.
inhibit_sleep = 3; # wait until screen is locked
};
listener = [
{
timeout = 60 * 5; # 5min
on-timeout = "${pkgs.systemd}/bin/loginctl lock-session"; # lock screen when timeout has passed
}
{
timeout = 60 * 5.5; # 5.5min
on-timeout = "${pkgs.hyprland}/bin/hyprctl dispatch dpms off"; # screen off when timeout has passed
on-resume = "${pkgs.hyprland}/bin/hyprctl dispatch dpms on && brightnessctl -r"; # screen on when activity is detected
}
];
};
};
}

58
home/common/optional/desktop/hyprland/hyprlock.nix
View File

@@ -1,58 +0,0 @@
{ ... }:
{
programs.hyprlock = {
enable = true;
settings = {
"$color" = "rgba(26,27,38,1.0)";
"$inner_color" = "rgba(26,27,38,0.8)";
"$outer_color" = "rgba(205,214,244,1.0)";
"$font_color" = "rgba(205,214,244,1.0)";
"$check_color" = "rgba(68, 157, 171, 1.0)";
general = {
ignore_empty_input = true;
};
background = {
monitor = "";
color = "$color";
# path = "~/Downloads/wallpaper.png";
blur_passes = 3;
};
animations = {
enabled = true;
};
input-field = {
monitor = "";
size = "650, 100";
position = "0, 0";
halign = "center";
valign = "center";
inner_color = "$inner_color";
outer_color = "$outer_color";
outline_thickness = 4;
font_family = "JetBrainsMono Nerd Font";
font_color = "$font_color";
placeholder_text = "Enter Password";
check_color = "$check_color";
fail_text = "<i>$FAIL ($ATTEMPTS)</i>";
rounding = 0;
shadow_passes = 0;
fade_on_empty = false;
};
auth = {
"fingerprint:enabled" = true;
};
};
};
}

31
home/common/optional/desktop/hyprland/notifications.nix
View File

@@ -1,31 +0,0 @@
{
services.swaync = {
enable = true;
settings = {
notification-window-width = 350;
};
# Taken from:
# https://github.com/ErikReider/SwayNotificationCenter/blob/2083415ee6441acc272f46f8a43ebccae215f69a/data/style/style.scss#L4
style = ''
:root {
--cc-bg: rgba(46, 46, 46, 0.7);
--noti-border-color: rgba(255, 255, 255, 0.15);
--noti-bg: 48, 48, 48;
--noti-bg-alpha: 1;
--border-radius: 0;
--font-size-body: 13px;
--font-size-summary: 14px;
}
.close-button {
min-width: 18px;
min-height: 18px;
}
'';
};
}

19
home/common/optional/desktop/hyprland/wallpaper.nix
View File

@@ -1,19 +0,0 @@
{ ... }:
let
wallpaper = builtins.toString ../../../../../assets/wallpaper.jpg;
in
{
services.hyprpaper = {
enable = true;
settings = {
spash = false;
preload = [ wallpaper ];
wallpaper = [
"eDP-1,${wallpaper}"
"HDMI-A-1,${wallpaper}"
];
};
};
}

16
home/common/optional/desktop/plasma.nix
View File

@@ -1,16 +0,0 @@
{ ... }: {
programs.plasma = {
enable = true;
workspace = { wallpaper = "/home/max/bg.jpg"; };
kwin = { virtualDesktops = { number = 4; }; };
input = {
keyboard = {
options = [ "caps:escape" ];
layouts = [ { layout = "us"; } { layout = "cn"; } ];
};
};
};
}

7
host/common/core/default.nix
View File

@@ -1,7 +0,0 @@
{ ... }: {
time.timeZone = "America/New_York";
# security.sudo.wheelNeedsPassword = false;
nix.settings.experimental-features = [ "nix-command" "flakes" ];
}

68
host/common/optional/browser.nix
View File

@@ -1,68 +0,0 @@
{ lib, ... }: {
programs.chromium = {
enable = true;
};
programs.firefox = let
lock-false = {
Value = false;
Status = "locked";
};
lock-true = {
Value = true;
Status = "locked";
};
lock-empty-string = {
Value = "";
Status = "locked";
};
in {
enable = true;
policies = {
DisableTelemetry = true;
DisableFirefoxStudies = true;
DontCheckDefaultBrowser = true;
DisablePocket = true;
DisableAccounts = true;
Preferences = {
"extensions.pocket.enabled" = lock-false;
"browser.topsites.contile.enabled" = lock-false;
"browser.newtabpage.pinned" = lock-empty-string;
"browser.newtabpage.activity-stream.showSponsored" = lock-false;
"browser.newtabpage.activity-stream.system.showSponsored" = lock-false;
"browser.newtabpage.activity-stream.showSponsoredTopSites" = lock-false;
};
ExtensionSettings = {
"uBlock0@raymondhill.net" = {
install_url =
"https://addons.mozilla.org/firefox/downloads/latest/ublock-origin/latest.xpi";
installation_mode = "force_installed";
};
"{446900e4-71c2-419f-a6a7-df9c091e268b}" = {
install_url =
"https://addons.mozilla.org/firefox/downloads/latest/bitwarden-password-manager/latest.xpi";
installation_mode = "force_installed";
};
"{d7742d87-e61d-4b78-b8a1-b469842139fa}" = {
install_url =
"https://addons.mozilla.org/firefox/downloads/latest/vimium-ff/latest.xpi";
installation_mode = "force_installed";
};
"myallychou@gmail.com" = {
install_url =
"https://addons.mozilla.org/firefox/downloads/latest/youtube-recommended-videos/latest.xpi";
installation_mode = "force_installed";
};
};
UserMessaging = {
UrlbarInterventions = false;
SkipOnboarding = true;
};
};
};
}

6
host/common/optional/desktop/cosmic.nix
View File

@@ -1,6 +0,0 @@
{ ... }:
{
services.displayManager.cosmic-greeter.enable = true;
services.desktopManager.cosmic.enable = true;
}

17
host/common/optional/desktop/hyprland.nix
View File

@@ -1,17 +0,0 @@
{ ... }:
{
imports = [
./hyprland/cursor.nix
./hyprland/packages.nix
./hyprland/greeter.nix
./hyprland/hyprlock.nix
];
programs.hyprland = {
enable = true;
withUWSM = true;
xwayland.enable = true;
};
programs.ydotool.enable = true;
}

10
host/common/optional/desktop/hyprland/cursor.nix
View File

@@ -1,10 +0,0 @@
{ pkgs, lib, ... }:
{
nixpkgs.config.allowUnfreePredicate = pkg: builtins.elem (lib.getName pkg) [
"apple_cursor"
];
environment.systemPackages = with pkgs; [
apple-cursor
];
}

12
host/common/optional/desktop/hyprland/greeter.nix
View File

@@ -1,12 +0,0 @@
{ pkgs, ... }:
{
services.greetd = {
enable = true;
settings = {
default_session = {
command = "${pkgs.tuigreet}/bin/tuigreet --time --remember --cmd 'uwsm start hyprland-uwsm.desktop'";
user = "greeter";
};
};
};
}

4
host/common/optional/desktop/hyprland/hyprlock.nix
View File

@@ -1,4 +0,0 @@
{ ... }:
{
security.pam.services.hyprlock = {};
}

22
host/common/optional/desktop/hyprland/packages.nix
View File

@@ -1,22 +0,0 @@
{ pkgs, ... }:
{
environment.systemPackages = with pkgs; [
hyprpaper
hypridle
hyprpicker
hyprsunset
hyprshot
waybar
walker
swayosd
playerctl
brightnessctl
wl-clipboard
wdisplays
bluetui
kdePackages.dolphin
];
}

29
host/common/optional/desktop/plasma.nix
View File

@@ -1,29 +0,0 @@
{ pkgs, ... }: {
services = {
desktopManager.plasma6.enable = true;
displayManager.sddm.enable = true;
displayManager.sddm.wayland.enable = true;
};
environment.systemPackages = with pkgs; [
kdePackages.discover # Optional: Install if you use Flatpak or fwupd firmware update sevice
kdePackages.kcalc # Calculator
kdePackages.kcharselect # Tool to select and copy special characters from all installed fonts
kdePackages.kcolorchooser # A small utility to select a color
kdePackages.kolourpaint # Easy-to-use paint program
kdePackages.ksystemlog # KDE SystemLog Application
kdePackages.sddm-kcm # Configuration module for SDDM
kdiff3 # Compares and merges 2 or 3 files or directories
kdePackages.isoimagewriter # Optional: Program to write hybrid ISO files onto USB disks
kdePackages.partitionmanager # Optional Manage the disk devices, partitions and file systems on your computer
kdePackages.merkuro
kdePackages.korganizer
kdePackages.kdepim-addons
hardinfo2 # System information and benchmarks for Linux systems
haruna # Open source video player built with Qt/QML and libmpv
wayland-utils # Wayland utilities
wl-clipboard # Command-line copy/paste utilities for Wayland
];
}

1
host/common/optional/email.nix
View File

@@ -1 +0,0 @@
{ ... }: { programs.thunderbird.enable = true; }

29
host/common/optional/font.nix
View File

@@ -1,29 +0,0 @@
{ pkgs, apple-fonts, ... }: {
fonts = {
fontconfig.defaultFonts = {
sansSerif = [ "SF Pro" ];
serif = [ "SF Pro" ];
monospace = [ "JetBrainsMono Nerd Font" ];
emoji = [ "Apple Color Emoji" ];
};
packages = with pkgs; [
monocraft
noto-fonts-cjk-sans
nerd-fonts.jetbrains-mono
(apple-fonts.packages.${pkgs.system}.sf-pro)
(stdenv.mkDerivation {
name = "apple-color-emoji";
src = fetchurl {
url =
"https://github.com/samuelngs/apple-emoji-linux/releases/download/v17.4/AppleColorEmoji.ttf";
sha256 = "1wahjmbfm1xgm58madvl21451a04gxham5vz67gqz1cvpi0cjva8";
};
dontUnpack = true;
installPhase = ''
install -Dm644 $src $out/share/fonts/truetype/AppleColorEmoji.ttf
'';
})
];
};
}

15
host/common/optional/locale.nix
View File

@@ -1,15 +0,0 @@
{ pkgs, ... }: {
i18n.defaultLocale = "en_US.UTF-8";
i18n.supportedLocales = [ "en_US.UTF-8/UTF-8" "zh_CN.UTF-8/UTF-8" ];
i18n.inputMethod = {
enable = true;
type = "fcitx5";
fcitx5.addons = with pkgs; [
# fcitx5-gtk # alternatively, kdePackages.fcitx5-qt
kdePackages.fcitx5-qt # alternatively, kdePackages.fcitx5-qt
qt6Packages.fcitx5-chinese-addons # table input method support
fcitx5-nord # a color theme
];
};
}

32
host/common/optional/proton.nix
View File

@@ -1,32 +0,0 @@
{ pkgs, proton-pass-cli, config, ... }:
let
cache-path = "$HOME/.cache/pass";
proton-pass = pkgs.writeShellScriptBin "pass-cli" ''
export PROTON_PASS_KEY_PROVIDER="env"
export PROTON_PASS_ENCRYPTION_KEY="${config.sops.secrets.proton_key.path}"
exec ${proton-pass-cli.packages.${pkgs.system}.default}/bin/pass-cli "$@"
'';
pass-sync = pkgs.writeShellScriptBin "pass-sync" ''
mkdir -p "${cache-path}"
vaults=$(${proton-pass}/bin/pass-cli vault list --output json | ${pkgs.jq}/bin/jq '.vaults[].name' -r)
for vault in $vaults; do
${proton-pass}/bin/pass-cli item list $vault --filter-state active --output json | ${pkgs.jq}/bin/jq '.items[].content.title' -r > "${cache-path}/$vault"
done
'';
pass-fzf = pkgs.writeShellScriptBin "pass-fzf" ''
selected=$(for f in ~/.cache/pass/*; do while IFS= read -r line; do echo "$(basename "$f"): $line"; done < "$f"; done | fzf)
vault=$(echo "$selected" | cut -d':' -f1)
item=$(echo "$selected" | cut -d':' -f2- | sed 's/^ //')
${proton-pass}/bin/pass-cli item view --vault-name "$vault" --item-title "$item" --output json | ${pkgs.jq}/bin/jq '.item.content.content.Login.password' | ${pkgs.wl-clipboard}/bin/wl-copy
'';
in {
environment.systemPackages = [
proton-pass
pass-sync
pass-fzf
];
}

20
host/common/optional/syncthing.nix
View File

@@ -1,20 +0,0 @@
{ ... }:
{
services.syncthing = {
enable = true;
openDefaultPorts = true;
settings = {
devices = {
"phone" = { id = "DBTMZ3P-VONFNYH-LDDNIO3-ZZ2TKO5-QFVV5D4-W4FMV67-HUTIJQB-UHNF3QM"; };
};
folders = {
"Music" = {
path = "/home/max/media/music";
devices = [ "phone" ];
};
};
};
};
}

32
host/common/optional/yubikey.nix
View File

@@ -1,32 +0,0 @@
{ lib, pkgs, ... }:
{
environment.systemPackages = with pkgs; [
yubioath-flutter # gui
yubikey-manager # `ykman`
pam_u2f # yubikey with sudo
];
services.pcscd.enable = true;
services.udev.packages = [ pkgs.yubikey-personalization ];
services.yubikey-agent.enable = true;
security.pam = {
sshAgentAuth.enable = true;
u2f = {
enable = true;
settings = {
cue = true;
authFile = "/home/max/.config/Yubico/u2f_keys";
};
};
services = {
login.u2fAuth = true;
sudo = {
u2fAuth = true;
sshAgentAuth = true;
};
};
};
}

1
host/max/default.nix
View File

@@ -15,7 +15,6 @@
../common/optional/locale.nix
../common/optional/email.nix
../common/optional/proton.nix
../common/optional/syncthing.nix
];
# Use the systemd-boot EFI boot loader.

157
host/max/home/browser.nix
View File

@@ -1,157 +0,0 @@
{ config, zen-browser, system, pkgs, firefox-addons, ... }:
{
xdg.mimeApps = let
value = let
browser = zen-browser.packages.${system}.beta; # or twilight
in
browser.meta.desktopFileName;
associations = builtins.listToAttrs (map (name: {
inherit name value;
}) [
"application/x-extension-shtml"
"application/x-extension-xhtml"
"application/x-extension-html"
"application/x-extension-xht"
"application/x-extension-htm"
"x-scheme-handler/unknown"
"x-scheme-handler/mailto"
"x-scheme-handler/chrome"
"x-scheme-handler/about"
"x-scheme-handler/https"
"x-scheme-handler/http"
"application/xhtml+xml"
"application/json"
"text/plain"
"text/html"
]);
in {
enable = true;
associations.added = associations;
defaultApplications = associations;
};
programs.zen-browser = {
enable = true;
policies = {
AutofillAddressEnabled = false;
AutofillCreditCardEnabled = false;
DisableAppUpdate = true;
DisableFeedbackCommands = true;
DisableFirefoxStudies = true;
DisablePocket = true;
DisableTelemetry = true;
DontCheckDefaultBrowser = true;
NoDefaultBookmarks = true;
OfferToSaveLogins = false;
EnableTrackingProtection = {
Value = true;
Locked = true;
Cryptomining = true;
Fingerprinting = true;
};
# ID's can be collected from this command:
# nix run github:tupakkatapa/mozid -- "https://addons.mozilla.org/en-US/firefox/addon/<example>/"
ExtensionSettings = {
# The default behaviour of ctrl+click, shift+click, cmd+click (on macOS) and middle-click when clicking on links is to open the link in a new tab (or new window in the case of shift).
# This behaviour is sometimes broken by silly developers.
"{18b670e2-67df-4b26-b9b0-34835d1f062a}" = {
install_url = "https://addons.mozilla.org/firefox/downloads/latest/link-fixer/latest.xpi";
installation_mode = "force_installed";
};
};
};
profiles.default = let
containers = {
Personal = {
color = "yellow";
icon = "circle";
id = 1;
};
School = {
color = "red";
icon = "fruit";
id = 2;
};
Work = {
color = "blue";
icon = "briefcase";
id = 3;
};
};
spaces = {
Personal = {
id = "c6de089c-410d-4206-961d-ab11f988d40a";
icon = "";
container = containers."Personal".id;
position = 1000;
};
School = {
id = "78aabdad-8aae-4fe0-8ff0-2a0c6c4ccc24";
icon = "🍎";
container = containers."School".id;
position = 2000;
};
Work = {
id = "cdd10fab-4fc5-494b-9041-325e5759195b";
icon = "💼";
container = containers."Work".id;
position = 3000;
};
};
pins = {
# Personal Pins
"Proton Mail" = {
id = "d9942e0a-0997-418d-b357-91727300d184";
container = containers.Personal.id;
url = "https://mail.proton.me";
isEssential = true;
position = 1;
};
"Proton Calendar" = {
id = "6557e03f-c0ab-4656-ac94-acfb1fe19f3c";
container = containers.Personal.id;
url = "https://calendar.proton.me";
isEssential = true;
position = 2;
};
"YNAB" = {
id = "10cb5609-fcd5-4ed6-a48d-24eb22f2d624";
container = containers.Personal.id;
url = "https://app.ynab.com";
isEssential = true;
position = 3;
};
# # School Pins
# "Canvas" = {
# id = "cfbdc143-6a16-46d7-b33e-e9c964725e59";
# workspace = spaces.School.id;
# container = containers.School.id;
# url = "https://clemson.instructure.com/calendar";
# isEssential = true;
# position = 104;
# };
};
in {
containersForce = true;
spacesForce = true;
pinsForce = true;
inherit containers spaces pins;
# This is awesome :)
# https://nur.nix-community.org/repos/rycee/
extensions.packages = with firefox-addons.packages.${pkgs.stdenv.hostPlatform.system}; [
ublock-origin
proton-pass
istilldontcareaboutcookies
better-canvas
darkreader
];
};
};
}

6
host/max/home/browser/userChrome.css
View File

@@ -1,6 +0,0 @@
.browserContainer > findbar {
top: 0 !important;
position: fixed !important;
width: 1000px !important;
right: 0 !important;
}

31
host/max/home/git.nix
View File

@@ -1,31 +0,0 @@
{ lib, ... }:
let
publicGitEmail = "22125083+k2on@users.noreply.github.com";
publicKey = "/home/max/.ssh/id_maxkey.pub";
in
{
programs.git = {
enable = true;
settings = {
init.defaultBranch = "main";
push.autoSetupRemote = true;
commit.gpgsign = true;
gpg.format = "ssh";
user.name = "Max Koon";
user.email = publicGitEmail;
user.signing.key = publicKey;
gpg.ssh.allowedSignersFile = "/home/max/.ssh/allowed_signers";
};
signing = {
signByDefault = true;
key = publicKey;
};
};
home.file.".ssh/allowed_signers".text = ''
${publicGitEmail} ${lib.fileContents ../keys/id_maxkey.pub}
'';
}

26
host/max/home/image-viewer.nix
View File

@@ -1,26 +0,0 @@
{ pkgs, ... }:
{
xdg.desktopEntries.imv = {
name = "imv";
exec = "${pkgs.imv}/bin/imv %F";
icon = "imv";
};
xdg.mimeApps = let
value = "imv.desktop";
associations = builtins.listToAttrs (map (name: {
inherit name value;
}) [
"image/png"
"image/jpeg"
"image/gif"
"image/bmp"
"image/webp"
]);
in {
enable = true;
associations.added = associations;
defaultApplications = associations;
};
}

45
host/max/home/music.nix
View File

@@ -1,45 +0,0 @@
{ pkgs, ... }:
{
home.packages = with pkgs; [
mpc
];
services.mpd = {
enable = true;
musicDirectory = "/home/max/media/music";
# extraConfig = ''
# audio_output {
# type "pipewire"
# name "pipewire"
# }
# '';
extraConfig = ''
audio_output {
type "alsa"
name "My ALSA"
mixer_type "hardware"
mixer_device "default"
mixer_control "PCM"
}
'';
};
services.mpd-mpris.enable = true;
programs.ncmpcpp = {
enable = true;
bindings = [
{ key = "j"; command = "scroll_down"; }
{ key = "k"; command = "scroll_up"; }
{ key = "h"; command = "previous_column"; }
{ key = "l"; command = "next_column"; }
{ key = "J"; command = [ "select_item" "scroll_down" ]; }
{ key = "K"; command = [ "select_item" "scroll_up" ]; }
];
};
}

282
host/max/home/nvim.nix
View File

@@ -1,282 +0,0 @@
{ pkgs, ... }: {
programs.nixvim = {
enable = true;
colorschemes.tokyonight.enable = true;
globals = {
mapleader = " ";
maplocalleader = " ";
};
clipboard = {
providers.wl-copy.enable = true;
register = "unnamedplus";
};
opts = {
background = "dark";
relativenumber = true;
cursorline = true;
number = true;
tabstop = 2;
expandtab = true;
signcolumn = "yes";
updatetime = 250;
list = true;
listchars.__raw = "{ tab = '» ', trail = '·', nbsp = '' }";
};
extraConfigLua = ''
vim.g.transparent_enabled = true
require('transparent').setup({ exclude_groups = { "CursorLine" } })
require('stay-centered').setup({ enable = true })
require('mini.ai').setup()
'';
keymaps = [
{
mode = "n";
key = "<Esc>";
action = "<cmd>nohlsearch<CR>";
}
{
mode = "n";
key = "<leader>a";
action.__raw = "function() require'harpoon':list():add() end";
}
{
mode = "n";
key = "<C-e>";
action.__raw =
"function() require'harpoon'.ui:toggle_quick_menu(require'harpoon':list()) end";
}
{
mode = "n";
key = "<C-j>";
action.__raw = "function() require'harpoon':list():select(1) end";
}
{
mode = "n";
key = "<C-k>";
action.__raw = "function() require'harpoon':list():select(2) end";
}
{
mode = "n";
key = "<C-l>";
action.__raw = "function() require'harpoon':list():select(3) end";
}
{
mode = "n";
key = "<C-;>";
action.__raw = "function() require'harpoon':list():select(4) end";
}
{
mode = "n";
key = "<leader>b";
action = "<cmd>Neotree<CR>";
}
{
mode = "n";
key = "<leader>l";
action = "<cmd>Neotree reveal<CR>";
}
];
autoCmd = [
{
event = [ "BufWritePre" ];
pattern = "*";
command = "lua vim.lsp.buf.format()";
}
];
diagnostic.settings.virtual_text = true;
userCommands.W.command = "w";
plugins = {
web-devicons.enable = true;
sleuth.enable = true;
lastplace.enable = true;
gitsigns.enable = true;
highlight-colors.enable = true;
todo-comments.enable = true;
goyo.enable = true;
treesitter = {
enable = true;
settings = {
ensureInstalled =
[ "typescript" "rust" "php" "blade" "python" "nix" ];
highlight = { enable = true; };
indent = { enable = true; };
};
};
lsp = {
enable = true;
servers = {
tsgo.enable = true;
tailwindcss.enable = false;
biome.enable = false;
rust_analyzer = {
enable = true;
installCargo = true;
installRustc = true;
};
clangd.enable = true;
phpactor.enable = true;
pylsp.enable = true;
pyright.enable = true;
nixd.enable = true;
};
keymaps = {
extra = [
{
mode = "n";
key = "gd";
action.__raw = "require('telescope.builtin').lsp_definitions";
options = { desc = "LSP: [G]oto [D]efinition"; };
}
{
mode = "n";
key = "gr";
action.__raw = "require('telescope.builtin').lsp_references";
options = { desc = "LSP: [G]oto [R]eferences"; };
}
];
lspBuf = {
"<leader>." = {
mode = [ "n" "x" ];
action = "code_action";
desc = "Code action";
};
};
};
};
lazydev.enable = true;
luasnip.enable = true;
telescope = {
enable = true;
extensions = {
fzf-native.enable = true;
ui-select.enable = true;
};
keymaps = {
"<leader>sf" = {
mode = "n";
action = "find_files";
options = { desc = "[S]earch [F]iles"; };
};
"<leader>sk" = {
mode = "n";
action = "live_grep";
options = { desc = "[S]earch [S]tring"; };
};
};
settings = {
extensions.__raw =
"{ ['ui-select'] = { require('telescope.themes').get_dropdown() } }";
};
};
cmp = {
enable = true;
settings = {
snippet = {
expand = ''
function(args)
require('luasnip').lsp_expand(args.body)
end
'';
};
completion = { completeopt = "menu,menuone,noinsert"; };
formatting = {
format = ''require("nvim-highlight-colors").format'';
};
mapping = {
"<CR>" = "cmp.mapping.confirm { select = true }";
"<Tab>" = "cmp.mapping.select_next_item()";
"<S-Tab>" = "cmp.mapping.select_prev_item()";
"<Down>" = "cmp.mapping.select_next_item()";
"<Up>" = "cmp.mapping.select_prev_item()";
"<C-j>" = "cmp.mapping.select_next_item()";
"<C-k>" = "cmp.mapping.select_prev_item()";
};
sources = [
{
name = "lazydev";
group_index = 0;
}
{ name = "nvim_lsp"; }
{ name = "luasnip"; }
{ name = "path"; }
{ name = "nvim_lsp_signature_help"; }
];
};
};
harpoon = {
enable = true;
settings.settings = { save_on_toggle = true; };
};
neo-tree = {
enable = true;
settings = {
window.width = 25;
filesystem = {
filtered_items = {
visible = true;
};
};
};
};
wakatime.enable = true;
autoclose.enable = true;
ts-autotag.enable = true;
bullets.enable = true;
spider = {
enable = true;
settings = {
subwordMovement = true;
skipInsignificantPunctuation = false;
};
keymaps = {
motions = {
"w" = "w";
"e" = "e";
"b" = "b";
};
};
};
transparent.enable = true;
};
extraPlugins = with pkgs.vimPlugins; [
stay-centered-nvim
mini-ai
];
};
}

19
host/max/home/sops.nix
View File

@@ -1,19 +0,0 @@
{ ... }:
{
sops = {
age.keyFile = "/home/max/.config/sops/age/keys.txt";
defaultSopsFile = ../../../secrets/sops/host/max/default.yaml;
validateSopsFiles = false;
secrets = {
"ssh_keys/max" = {
path = "/home/max/.ssh/id_maxkey";
};
"waka_config" = {
path = "/home/max/.wakatime.cfg";
};
};
};
}

45
host/max/home/ssh.nix
View File

@@ -1,45 +0,0 @@
{ ... }:
{
programs.ssh = {
enable = true;
extraConfig = ''
Host m1
HostName m1
User admin
Host surface
HostName surface
User admin
Host ark
HostName ark
User admin
Host pi
HostName 192.168.0.143
User admin
Host ssh.koon.us
HostName ssh.koon.us
ProxyCommand cloudflared access ssh --hostname %h
User git
AddKeysToAgent yes
'';
matchBlocks = {
"git" = {
host = "github.com";
user = "git";
identityFile = [
"~/.ssh/id_maxkey"
];
};
};
};
home.file = {
".ssh/id_maxkey.pub".source = ../keys/id_maxkey.pub;
};
}

137
host/max/home/terminal.nix
View File

@@ -1,137 +0,0 @@
{ pkgs, config, ... }: {
programs.alacritty = {
enable = true;
theme = "tokyo_night";
settings = {
window = {
padding = { x = 14; y = 14; };
};
font = {
normal.family = "JetBrainsMono Nerd Font";
size = 10;
};
keyboard.bindings = [
{ key = "Insert"; mods = "Shift"; action = "Paste"; }
{ key = "Insert"; mods = "Control"; action = "Copy"; }
];
};
};
programs.lf = { enable = true; };
programs.tmux = {
enable = true;
mouse = true;
keyMode = "vi";
shell = "${pkgs.zsh}/bin/zsh";
extraConfig = ''
set -g status-style bg=default
bind h select-pane -L
bind j select-pane -D
bind k select-pane -U
bind l select-pane -R
set -g default-terminal "tmux-256color"
set -ga terminal-overrides ",alacritty:Tc"
'';
};
programs.zsh = {
enable = true;
enableCompletion = true;
autosuggestion = {
enable = true;
};
syntaxHighlighting.enable = true;
dotDir = "${config.home.homeDirectory}/.config/zsh";
autocd = true;
initContent = ''
zstyle ':completion:*' matcher-list 'm:{a-z}={A-Z}'
zstyle ':completion:*' menu select
fzf-project() {
selected=$(find ~/dev -mindepth 2 -maxdepth 2 | sed 's|/home/max/dev/||' | fzf --delimiter '/' --nth 2)
if [[ -n $selected ]]; then
cd ~/dev/$selected
zle reset-prompt
fi
zle redisplay
}
zle -N fzf-project
bindkey '^G' fzf-project
fzf-files() {
local selected
selected=$(${pkgs.ripgrep}/bin/rg --files | ${pkgs.fzf}/bin/fzf) || return
if [[ -n $selected ]]; then
BUFFER="v $selected"
print -s -- "$BUFFER"
zle accept-line
fi
}
zle -N fzf-files
bindkey '^V' fzf-files
open() {
xdg-open "$@" >/dev/null 2>&1 &
}
'';
envExtra = ''
export PER_DIRECTORY_HISTORY_TOGGLE="^H"
export HISTORY_BASE="$HOME/.local/share/directory_history"
'';
shellAliases = {
ll = "ls -alh";
v = "nvim";
vi = "nvim";
vim = "nvim";
p = "pnpm";
g = "pnpm run build && ~/dev/personal/genesis/packages/genesis/dist/bin.js";
ns = "nix-shell --run zsh -p";
tt = "tt -notheme -n 10";
bible = "nvim ~/bible.txt -R";
notes = "nvim ~/notes";
home = "sudo nvim /etc/nixos/home.nix";
wttr = "curl wttr.in/Clemson";
docx-to-pdf = "libreoffice --headless --convert-to pdf";
};
plugins = [
{
name = "vi-mode";
src = pkgs.zsh-vi-mode;
file = "share/zsh-vi-mode/zsh-vi-mode.plugin.zsh";
}
{
name = "per-directory-history";
src = pkgs.fetchFromGitHub {
owner = "jimhester";
repo = "per-directory-history";
rev = "95f06973e9f2ff0ff75f3cebd0a2ee5485e27834";
sha256 = "sha256-EV9QPBndwAWzdOcghDXrIIgP0oagVMOTyXzoyt8tXRo=";
};
}
];
};
programs.direnv = {
enable = true;
enableZshIntegration = true;
nix-direnv.enable = true;
silent = true;
};
programs.starship = { enable = true; };
}

8
host/max/home/zathura.nix
View File

@@ -1,8 +0,0 @@
{ ... }: {
programs.zathura = {
enable = true;
options = {
selection-clipboard = "clipboard";
};
};
}

29
host/max/sops.nix
View File

@@ -1,29 +0,0 @@
{ config, lib, ... }:
{
sops = {
age.keyFile = if builtins.pathExists /var/lib/sops-nix/key.txt then
"/var/lib/sops-nix/key.txt"
else
"/home/max/.config/sops/age/keys.txt" # temp decrypt key
;
defaultSopsFile = ../../secrets/sops/host/max/default.yaml;
validateSopsFiles = false;
secrets = {
"host_age_key" = {
path = "/var/lib/sops-nix/key.txt";
};
"yubico/u2f_keys" = {
owner = config.users.users.max.name;
inherit (config.users.users.max) group;
path = "/home/max/.config/Yubico/u2f_keys";
};
"proton_key" = {};
};
};
environment.sessionVariables.PROTON_PASS_ENCRYPTION_KEY = config.sops.secrets.proton_key.path;
}

16
host/max/tailscale.nix
View File

@@ -1,16 +0,0 @@
{ pkgs, ... }:
{
services.tailscale.enable = true;
systemd.services.tailscale-restart = {
description = "Restart Tailscale after waking up";
after = [ "suspend.target" ];
wantedBy = [ "suspend.target" ];
serviceConfig = {
Type = "simple";
ExecStart = "${pkgs.systemd}/bin/systemctl restart tailscaled.service";
};
};
}

24
host/max/user.nix
View File

@@ -1,24 +0,0 @@
{ pkgs, config, ... }: {
sops.secrets.max-password.neededForUsers = true;
users.mutableUsers = false;
users.users.max = {
isNormalUser = true;
hashedPasswordFile = config.sops.secrets.max-password.path;
extraGroups = [ "wheel" "networkmanager" "video" "kvm" "docker" "ydotool" ];
packages = with pkgs; [ tree ];
shell = pkgs.zsh;
};
programs.adb.enable = true;
virtualisation.docker = {
enable = true;
rootless = {
enable = true;
setSocketVariable = true;
};
};
}

31
host/max/work.nix
View File

@@ -1,31 +0,0 @@
{ config, secrets, ... }: {
services.openvpn.servers = {
ris = {
config = "config /etc/openvpn/ris/config.ovpn ";
updateResolvConf = true;
autoStart = false;
};
};
sops.secrets = {
"ris-vpn/key" = {
sopsFile = ../../secrets/sops/host/max/work.yaml;
owner = config.users.users.root.name;
inherit (config.users.users.root) group;
path = "/etc/openvpn/ris/vpnclient.rismedia.com.key";
};
};
environment.etc."openvpn/ris/config.ovpn" = {
text = secrets.work.ris.vpn.config;
};
environment.etc."openvpn/ris/vpnclient.rismedia.com.crt" = {
text = secrets.work.ris.vpn.crt;
};
networking.extraHosts = ''
${secrets.work.ris.extraHosts}
'';
}

16
infra/.terraform.lock.hcl generated
View File

@@ -1,16 +0,0 @@
# This file is maintained automatically by "terraform init".
# Manual edits may be lost in future updates.
provider "registry.terraform.io/hashicorp/local" {
version = "2.5.3"
hashes = [
"h1:6ADVoHtXiWFhClkKa1vnBycJxqnL0GjHMZAQipa4SEU=",
]
}
provider "registry.terraform.io/trozz/pocketid" {
version = "0.1.5"
hashes = [
"h1:egwnwPepmLF/OAE96D7RxGlsXYlUVZi3CuFhAH69iVE=",
]
}

93
infra/config.nix
View File

@@ -1,93 +0,0 @@
{
terraform = {
required_providers = {
pocketid = {
source = "trozz/pocketid";
};
};
};
provider.pocketid = {
base_url = "https://auth.koon.us";
api_token = "\${var.pocketid_api_token}";
};
variable.pocketid_api_token = {
type = "string";
sensitive = true;
description = "PocketID API token";
};
resource.pocketid_client.photos = {
name = "Photos";
callback_urls = [
"https://photos.koon.us/auth/login"
"https://photos.koon.us/user-settings"
"app.immich:///oauth-callback"
];
is_public = false;
pkce_enabled = false;
};
resource.pocketid_client.git = {
name = "Git";
callback_urls = [
"https://git.koon.us/user/oauth2/KoonFamily/callback"
];
is_public = false;
pkce_enabled = false;
};
resource.pocketid_client.docs = {
name = "Docs";
callback_urls = [
"https://docs.koon.us/*"
];
is_public = false;
pkce_enabled = false;
};
output = {
photos_client_id = {
value = "\${pocketid_client.photos.id}";
};
photos_client_secret = {
value = "\${pocketid_client.photos.client_secret}";
sensitive = true;
};
git_client_id = {
value = "\${pocketid_client.git.id}";
};
git_client_secret = {
value = "\${pocketid_client.git.client_secret}";
sensitive = true;
};
docs_client_id = {
value = "\${pocketid_client.docs.id}";
};
docs_client_secret = {
value = "\${pocketid_client.docs.client_secret}";
sensitive = true;
};
};
resource.local_file.oauth_config = {
filename = "\${path.module}/../secrets/sops/oauth.yaml";
content = ''
photos:
clientId: ''${pocketid_client.photos.id}
clientSecret: ''${pocketid_client.photos.client_secret}
git:
clientId: ''${pocketid_client.git.id}
clientSecret: ''${pocketid_client.git.client_secret}
docs:
clientId: ''${pocketid_client.docs.id}
clientSecret: ''${pocketid_client.docs.client_secret}
'';
file_permission = "0600";
};
}

6
justfile
View File

@@ -11,19 +11,19 @@ rebuild:
just add-secrets
git add .
sudo nixos-rebuild switch --flake '.?submodules=1#max'
sudo nixos-rebuild switch --flake '.?submodules=1#koonMax'
rebuild-boot:
just add-secrets
git add .
sudo nixos-rebuild boot --flake '.?submodules=1#max'
sudo nixos-rebuild boot --flake '.?submodules=1#koonMax'
rebuild-offline:
just add-secrets
git add .
sudo nixos-rebuild switch --flake '.?submodules=1#max' --offline
sudo nixos-rebuild switch --flake '.?submodules=1#koonMax' --offline
rebuild-ark:
just add-secrets

21
modules/common/features/development/alacritty.nix Normal file
View File

@@ -0,0 +1,21 @@
{ ... }: {
flake.homeModules.commonFeatureAlacritty = { ... }: {
programs.alacritty = {
enable = true;
theme = "tokyo_night";
settings = {
window = {
padding = { x = 14; y = 14; };
};
font = {
normal.family = "JetBrainsMono Nerd Font";
size = 10;
};
keyboard.bindings = [
{ key = "Insert"; mods = "Shift"; action = "Paste"; }
{ key = "Insert"; mods = "Control"; action = "Copy"; }
];
};
};
};
}

10
modules/common/features/development/direnv.nix Normal file
View File

@@ -0,0 +1,10 @@
{ ... }: {
flake.homeModules.commonFeatureDirenv = { ... }: {
programs.direnv = {
enable = true;
enableZshIntegration = true;
nix-direnv.enable = true;
silent = true;
};
};
}

5
modules/common/features/development/lf.nix Normal file
View File

@@ -0,0 +1,5 @@
{ ... }: {
flake.homeModules.commonFeatureLf = { ... }: {
programs.lf = { enable = true; };
};
}

6
modules/common/features/development/starship.nix Normal file
View File

@@ -0,0 +1,6 @@
{ ... }: {
flake.homeModules.commonFeatureStarship = { ... }: {
programs.starship.enable = true;
};
}

21
modules/common/features/development/tmux.nix Normal file
View File

@@ -0,0 +1,21 @@
{ ... }: {
flake.homeModules.commonFeatureTmux = { pkgs, ... }: {
programs.tmux = {
enable = true;
mouse = true;
keyMode = "vi";
shell = "${pkgs.zsh}/bin/zsh";
extraConfig = ''
set -g status-style bg=default
bind h select-pane -L
bind j select-pane -D
bind k select-pane -U
bind l select-pane -R
set -g default-terminal "tmux-256color"
set -ga terminal-overrides ",alacritty:Tc"
'';
};
};
}

92
modules/common/features/development/zsh.nix Normal file
View File

@@ -0,0 +1,92 @@
{ ... }: {
flake.homeModules.commonFeatureZsh = { pkgs, config, ... }: {
programs.zsh = {
enable = true;
enableCompletion = true;
autosuggestion = {
enable = true;
};
syntaxHighlighting.enable = true;
dotDir = "${config.home.homeDirectory}/.config/zsh";
autocd = true;
initContent = ''
zstyle ':completion:*' matcher-list 'm:{a-z}={A-Z}'
zstyle ':completion:*' menu select
fzf-project() {
selected=$(find ~/dev -mindepth 2 -maxdepth 2 | sed 's|/home/max/dev/||' | fzf --delimiter '/' --nth 2)
if [[ -n $selected ]]; then
cd ~/dev/$selected
zle reset-prompt
fi
zle redisplay
}
zle -N fzf-project
bindkey '^G' fzf-project
fzf-files() {
local selected
selected=$(${pkgs.ripgrep}/bin/rg --files | ${pkgs.fzf}/bin/fzf) || return
if [[ -n $selected ]]; then
BUFFER="v $selected"
print -s -- "$BUFFER"
zle accept-line
fi
}
zle -N fzf-files
bindkey '^V' fzf-files
open() {
xdg-open "$@" >/dev/null 2>&1 &
}
'';
envExtra = ''
export PER_DIRECTORY_HISTORY_TOGGLE="^H"
export HISTORY_BASE="$HOME/.local/share/directory_history"
'';
shellAliases = {
ll = "ls -alh";
v = "nvim";
vi = "nvim";
vim = "nvim";
p = "pnpm";
g = "pnpm run build && ~/dev/personal/genesis/packages/genesis/dist/bin.js";
ns = "nix-shell --run zsh -p";
tt = "tt -notheme -n 10";
bible = "nvim ~/bible.txt -R";
notes = "nvim ~/notes";
home = "sudo nvim /etc/nixos/home.nix";
wttr = "curl wttr.in/Clemson";
docx-to-pdf = "libreoffice --headless --convert-to pdf";
};
plugins = [
{
name = "vi-mode";
src = pkgs.zsh-vi-mode;
file = "share/zsh-vi-mode/zsh-vi-mode.plugin.zsh";
}
{
name = "per-directory-history";
src = pkgs.fetchFromGitHub {
owner = "jimhester";
repo = "per-directory-history";
rev = "95f06973e9f2ff0ff75f3cebd0a2ee5485e27834";
sha256 = "sha256-EV9QPBndwAWzdOcghDXrIIgP0oagVMOTyXzoyt8tXRo=";
};
}
];
};
};
}

6
modules/common/features/email.nix Normal file
View File

@@ -0,0 +1,6 @@
{ ... }: {
flake.nixosModules.commonFeatureEmail = { ... }: {
programs.thunderbird.enable = true;
};
}

32
modules/common/features/font.nix Normal file
View File

@@ -0,0 +1,32 @@
{ ... }: {
flake.nixosModules.commonFeatureFont = { pkgs, ... }: {
fonts = {
fontconfig.defaultFonts = {
sansSerif = [ "SF Pro" ];
serif = [ "SF Pro" ];
monospace = [ "JetBrainsMono Nerd Font" ];
emoji = [ "Apple Color Emoji" ];
};
packages = with pkgs; [
monocraft
noto-fonts-cjk-sans
nerd-fonts.jetbrains-mono
# (apple-fonts.packages.${pkgs.system}.sf-pro)
(stdenv.mkDerivation {
name = "apple-color-emoji";
src = fetchurl {
url =
"https://github.com/samuelngs/apple-emoji-linux/releases/download/v17.4/AppleColorEmoji.ttf";
sha256 = "1wahjmbfm1xgm58madvl21451a04gxham5vz67gqz1cvpi0cjva8";
};
dontUnpack = true;
installPhase = ''
install -Dm644 $src $out/share/fonts/truetype/AppleColorEmoji.ttf
'';
})
];
};
};
}

351
modules/common/features/hyprland-config.nix Normal file
View File

@@ -0,0 +1,351 @@
{ ... }: {
flake.homeModules.commonFeatureHyprlandConfig = { pkgs, ... }: {
wayland.windowManager.hyprland = {
enable = true;
systemd.enable = false;
plugins = with pkgs; [
(hyprlandPlugins.mkHyprlandPlugin {
pluginName = "hyprselect";
version = "0.1";
src = fetchFromGitHub {
owner = "jmanc3";
repo = "hyprselect";
rev = "f9651b5fd64c730ee164a6fee6a08d0398dcbe0a";
hash = "sha256-tY8EdfsjlUOuQ9v/POqpyLlkRO5wqEVSE9UeHfXuaGk=";
};
inherit (hyprland) nativeBuildInputs;
meta = with lib; {
homepage = "https://github.com/jmanc3/hyprselect";
description = "A plugin that adds a completely useless desktop selection box to Hyprland";
license = licenses.unlicense;
platforms = platforms.linux;
};
})
hyprlandPlugins.hyprscrolling
# hyprlandPlugins.hyprbars
];
settings = {
# source = [
# "~/.config/koonos/current/performance/hyprland.conf"
# ];
"$terminal" = "${pkgs.uwsm}/bin/uwsm-app -- ${pkgs.alacritty}/bin/alacritty";
"$fileManager" = "${pkgs.uwsm}/bin/uwsm-app -- ${pkgs.pcmanfm}/bin/pcmanfm";
"$browser" = "${pkgs.uwsm}/bin/uwsm-app -- zen-beta";
"$menu" = "${pkgs.walker}/bin/walker";
"$player" = "${pkgs.playerctl}/bin/playerctl";
monitor = [
"eDP-1,preferred,1721x1080,auto"
"HDMI-A-1,preferred,1450x0,auto"
];
exec-once = [
"${pkgs.uwsm}/bin/uwsm-app -- ${pkgs.hypridle}/bin/hypridle"
"${pkgs.uwsm}/bin/uwsm-app -- ${pkgs.waybar}/bin/waybar"
"${pkgs.uwsm}/bin/uwsm-app -- ${pkgs.hyprpaper}/bin/hyprpaper"
"sleep 2 && pw-play --volume=0 ~/Downloads/empty.wav"
];
env = [
"HYPRCURSOR_THEME,macOS"
"HYPRCURSOR_SIZE,20"
];
# env = [
# "XCURSOR_SIZE,20"
# "XCURSOR_THEME,macOS"
# ];
general = {
gaps_in = 0;
gaps_out = 0;
border_size = 2;
"col.active_border" = "rgba(33ccffee) rgba(00ff99ee) 45deg";
"col.inactive_border" = "rgba(595959aa)";
# Set to true enable resizing windows by clicking and dragging on borders and gaps
resize_on_border = true;
# Please see https://wiki.hyprland.org/Configuring/Tearing/ before you turn this on
allow_tearing = false;
layout = "master";
};
decoration = {
# rounding = 10
# rounding_power = 2
# Change transparency of focused and unfocused windows
active_opacity = 1.0;
inactive_opacity = 1.0;
shadow = {
# enabled = false;
range = 4;
render_power = 3;
color = "rgba(1a1a1aee)";
};
# https://wiki.hyprland.org/Configuring/Variables/#blur
blur = {
# enabled = false;
size = 3;
passes = 1;
vibrancy = 0.1696;
};
};
# https://wiki.hyprland.org/Configuring/Variables/#animations
animations = {
enabled = true;
# Default animations, see https://wiki.hyprland.org/Configuring/Animations/ for more
bezier = [
"easeOutQuint,0.23,1,0.32,1"
"easeInOutCubic,0.65,0.05,0.36,1"
"linear,0,0,1,1"
"almostLinear,0.5,0.5,0.75,1.0"
"quick,0.15,0,0.1,1"
];
animation = [
"global, 1, 10, default"
"border, 0, 5.39, easeOutQuint"
"windows, 1, 4.79, easeOutQuint"
"windowsIn, 1, 4.1, easeOutQuint, popin 87%"
"windowsOut, 1, 1.49, linear, popin 87%"
"fadeIn, 1, 1.73, almostLinear"
"fadeOut, 1, 1.46, almostLinear"
"fade, 1, 3.03, quick"
"layers, 1, 3.81, easeOutQuint"
"layersIn, 1, 4, easeOutQuint, fade"
"layersOut, 1, 1.5, linear, fade"
"fadeLayersIn, 1, 1.79, almostLinear"
"fadeLayersOut, 1, 1.39, almostLinear"
"workspaces, 0, 1.94, almostLinear, fade"
"workspacesIn, 0, 1.21, almostLinear, fade"
"workspacesOut, 0, 1.94, almostLinear, fade"
];
};
dwindle = {
pseudotile = true; # Master switch for pseudotiling. Enabling is bound to mainMod + P in the keybinds section below
preserve_split = true; # You probably want this
};
# See https://wiki.hyprland.org/Configuring/Master-Layout/ for more
master = {
new_status = "master";
};
# https://wiki.hyprland.org/Configuring/Variables/#misc
misc = {
force_default_wallpaper = 0; # Set to 0 or 1 to disable the anime mascot wallpapers
disable_hyprland_logo = true;
disable_splash_rendering = true;
};
#############
### INPUT ###
#############
# https://wiki.hyprland.org/Configuring/Variables/#input
input = {
kb_layout = "us";
# kb_variant =
# kb_model =
kb_options = "caps:swapescape";
# kb_rules =
follow_mouse = 1;
sensitivity = 0; # -1.0 - 1.0, 0 means no modification.
repeat_rate = 35;
repeat_delay = 300;
touchpad = {
natural_scroll = true;
tap-to-click = false;
clickfinger_behavior = true;
};
};
# https://wiki.hyprland.org/Configuring/Variables/#gestures
# gestures = {
# workspace_swipe = true;
# };
# See https://wiki.hyprland.org/Configuring/Keywords/
"$mainMod" = "SUPER"; # Sets "Windows" key as main modifier
bind = [
# Example binds, see https://wiki.hyprland.org/Configuring/Binds/ for more
"$mainMod, return, exec, $terminal"
"$mainMod, W, killactive,"
# bind = $mainMod, M, exit,
"$mainMod, E, exec, $fileManager"
"$mainMod, B, exec, $browser"
# "$mainMod, M, exec, $terminal -e ${pkgs-unstable.gurk-rs}/bin/gurk"
"$mainMod, P, exec, $terminal -e ${pkgs.ncmpcpp}/bin/ncmpcpp"
"$mainMod SHIFT, B, exec, $terminal -e \"$EDITOR\" /home/max/bible.txt -R"
"$mainMod SHIFT, R, exec, ${pkgs.hyprshot}/bin/hyprshot -m region --clipboard-only"
# "$mainMod, V, togglefloating,"
"$mainMod, space, exec, $menu"
# "$mainMod, P, pseudo, # dwindle"
"$mainMod, F, fullscreen"
# bind = $mainMod, J, togglesplit, # dwindle
"$mainMod SHIFT, Q, exec, ${pkgs.hyprlock}/bin/hyprlock"
# Move focus with mainMod + arrow keys
"$mainMod, H, movefocus, l"
"$mainMod, L, movefocus, r"
"$mainMod, K, movefocus, u"
"$mainMod, J, movefocus, d"
# Swap window with mainMod + shift + arrow keys
"$mainMod SHIFT, H, swapwindow, l"
"$mainMod SHIFT, L, swapwindow, r"
"$mainMod SHIFT, K, swapwindow, u"
"$mainMod SHIFT, J, swapwindow, d"
# "$mainMod ALT, H, resizeactive, -40 0"
# "$mainMod ALT, L, resizeactive, 40 0"
# Switch workspaces with mainMod + [0-9]
"$mainMod, 1, workspace, 1"
"$mainMod, 2, workspace, 2"
"$mainMod, 3, workspace, 3"
"$mainMod, 4, workspace, 4"
"$mainMod, 5, workspace, 5"
"$mainMod, 6, workspace, 6"
"$mainMod, 7, workspace, 7"
"$mainMod, 8, workspace, 8"
"$mainMod, 9, workspace, 9"
"$mainMod, 0, workspace, 10"
# Move active window to a workspace with mainMod + SHIFT + [0-9]
"$mainMod SHIFT, 1, movetoworkspace, 1"
"$mainMod SHIFT, 2, movetoworkspace, 2"
"$mainMod SHIFT, 3, movetoworkspace, 3"
"$mainMod SHIFT, 4, movetoworkspace, 4"
"$mainMod SHIFT, 5, movetoworkspace, 5"
"$mainMod SHIFT, 6, movetoworkspace, 6"
"$mainMod SHIFT, 7, movetoworkspace, 7"
"$mainMod SHIFT, 8, movetoworkspace, 8"
"$mainMod SHIFT, 9, movetoworkspace, 9"
"$mainMod SHIFT, 0, movetoworkspace, 10"
# Example special workspace (scratchpad)
"$mainMod, S, togglespecialworkspace, magic"
"$mainMod SHIFT, S, movetoworkspace, special:magic"
# Scroll through existing workspaces with mainMod + scroll
# "$mainMod, mouse_down, workspace, e+1"
# "$mainMod, mouse_up, workspace, e-1"
# ", Prior, exec, ${pkgs.ydotool}/bin/ydotool click --next-delay 0 0x40"
# ", Next, exec, ${pkgs.ydotool}/bin/ydotool click --next-delay 0 0x41"
];
# bindr = [
# ", Prior, exec, ${pkgs.ydotool}/bin/ydotool click --next-delay 0 0x80"
# ", Next, exec, ${pkgs.ydotool}/bin/ydotool click --next-delay 0 0x81"
# ];
# Move/resize windows with mainMod + LMB/RMB and dragging
bindm = [
"$mainMod, mouse:272, movewindow"
"$mainMod, mouse:273, resizewindow"
];
"$osdclient" = "swayosd-client --monitor \"$(hyprctl monitors -j | ${pkgs.jq}/bin/jq -r '.[] | select(.focused == true).name')\"";
bindel = [
# Laptop multimedia keys for volume and LCD brightness
# bindel = ,XF86AudioRaiseVolume, exec, wpctl set-volume -l 1 @DEFAULT_AUDIO_SINK@ 5%+
# bindel = ,XF86AudioLowerVolume, exec, wpctl set-volume @DEFAULT_AUDIO_SINK@ 5%-
",XF86AudioRaiseVolume, exec, $osdclient --output-volume=raise"
",XF86AudioLowerVolume, exec, $osdclient --output-volume=lower"
",XF86AudioMute, exec, wpctl set-mute @DEFAULT_AUDIO_SINK@ toggle"
",XF86AudioMicMute, exec, wpctl set-mute @DEFAULT_AUDIO_SOURCE@ toggle"
# bindel = ,XF86MonBrightnessUp, exec, brightnessctl -e4 -n2 set 5%+
# bindel = ,XF86MonBrightnessDown, exec, brightnessctl -e4 -n2 set 5%-
",XF86MonBrightnessUp, exec, $osdclient --brightness=raise"
",XF86MonBrightnessDown, exec, $osdclient --brightness=lower"
];
bindl = [
# Requires playerctl
", XF86AudioNext, exec, $player next"
", XF86AudioPause, exec, $player play-pause" ", XF86AudioPlay, exec, $player play-pause"
", XF86AudioPrev, exec, $player previous"
];
bindd = [
"$mainMod, C, Universal copy, sendshortcut, CTRL, Insert,"
"$mainMod, V, Universal paste, sendshortcut, SHIFT, Insert,"
"$mainMod, X, Universal cut, sendshortcut, CTRL, X,"
"$mainMod, A, Universal select all, sendshortcut, CTRL, A,"
"$mainMod, T, Universal new tab, sendshortcut, CTRL, T,"
"$mainMod ALT, H, Universal left, sendshortcut, , Left,"
"$mainMod ALT, J, Universal down, sendshortcut, , Down,"
"$mainMod ALT, K, Universal up, sendshortcut, , Up,"
"$mainMod ALT, L, Universal right, sendshortcut, , Right,"
"$mainMod SHIFT ALT, H, Universal left, sendshortcut, SHIFT, Left,"
"$mainMod SHIFT ALT, J, Universal down, sendshortcut, SHIFT, Down,"
"$mainMod SHIFT ALT, K, Universal up, sendshortcut, SHIFT, Up,"
"$mainMod SHIFT ALT, L, Universal right, sendshortcut, SHIFT, Right,"
];
windowrule = [
# Just dash of opacity by default
"opacity 0.97 0.9, class:.*"
# Ignore maximize requests from apps. You'll probably like this.
"suppressevent maximize, class:.*"
# Fix some dragging issues with XWayland
"nofocus,class:^$,title:^$,xwayland:1,floating:1,fullscreen:0,pinned:0"
];
plugin = {
hyprselect = {
"col.main" = "rgba(ffffff25)";
"col.border" = "rgba(ffffff88)";
fade_time_ms = 165.0;
border_size = 1.0;
};
hyprscrolling = {
fullscreen_on_one_column = true;
};
# hyprbars = {
# enabled = false;
# };
};
};
};
};
}

41
modules/common/features/hyprland.nix Normal file
View File

@@ -0,0 +1,41 @@
{ self, inputs, ... }: {
flake.nixosModules.commonFeatureHyprland = { pkgs, ... }: {
programs.hyprland = {
enable = true;
withUWSM = true;
xwayland.enable = true;
};
services.greetd = {
enable = true;
settings = {
default_session = {
command = "${pkgs.tuigreet}/bin/tuigreet --time --remember --cmd 'uwsm start hyprland-uwsm.desktop'";
user = "greeter";
};
};
};
security.pam.services.hyprlock = {};
environment.systemPackages = with pkgs; [
hyprpaper
hypridle
hyprpicker
hyprsunset
hyprshot
waybar
walker
swayosd
playerctl
brightnessctl
wl-clipboard
wdisplays
bluetui
kdePackages.dolphin
];
};
}

29
modules/common/features/hyprland/hypridle.nix Normal file
View File

@@ -0,0 +1,29 @@
{ ... }: {
flake.homeModules.commonFeatureHypridle = { pkgs, ... }: {
services.hypridle = {
enable = true;
settings = {
general = {
lock_cmd = "${pkgs.hyprlock}/bin/hyprlock";
before_sleep_cmd = "${pkgs.systemd}/bin/loginctl lock-session"; # lock before suspend.
after_sleep_cmd = "${pkgs.hyprland}/bin/hyprctl dispatch dpms on"; # to avoid having to press a key twice to turn on the display.
inhibit_sleep = 3; # wait until screen is locked
};
listener = [
{
timeout = 60 * 5; # 5min
on-timeout = "${pkgs.systemd}/bin/loginctl lock-session"; # lock screen when timeout has passed
}
{
timeout = 60 * 5.5; # 5.5min
on-timeout = "${pkgs.hyprland}/bin/hyprctl dispatch dpms off"; # screen off when timeout has passed
on-resume = "${pkgs.hyprland}/bin/hyprctl dispatch dpms on && brightnessctl -r"; # screen on when activity is detected
}
];
};
};
};
}

59
modules/common/features/hyprland/hyprlock.nix Normal file
View File

@@ -0,0 +1,59 @@
{ ... }: {
flake.homeModules.commonFeatureHyprlock = { ... }: {
programs.hyprlock = {
enable = true;
settings = {
"$color" = "rgba(26,27,38,1.0)";
"$inner_color" = "rgba(26,27,38,0.8)";
"$outer_color" = "rgba(205,214,244,1.0)";
"$font_color" = "rgba(205,214,244,1.0)";
"$check_color" = "rgba(68, 157, 171, 1.0)";
general = {
ignore_empty_input = true;
};
background = {
monitor = "";
color = "$color";
# path = "~/Downloads/wallpaper.png";
blur_passes = 3;
};
animations = {
enabled = true;
};
input-field = {
monitor = "";
size = "650, 100";
position = "0, 0";
halign = "center";
valign = "center";
inner_color = "$inner_color";
outer_color = "$outer_color";
outline_thickness = 4;
font_family = "JetBrainsMono Nerd Font";
font_color = "$font_color";
placeholder_text = "Enter Password";
check_color = "$check_color";
fail_text = "<i>$FAIL ($ATTEMPTS)</i>";
rounding = 0;
shadow_passes = 0;
fade_on_empty = false;
};
auth = {
"fingerprint:enabled" = true;
};
};
};
};
}

33
modules/common/features/hyprland/notifications.nix Normal file
View File

@@ -0,0 +1,33 @@
{ ... }: {
flake.homeModules.commonFeatureNotifications = { ... }: {
services.swaync = {
enable = true;
settings = {
notification-window-width = 350;
};
# Taken from:
# https://github.com/ErikReider/SwayNotificationCenter/blob/2083415ee6441acc272f46f8a43ebccae215f69a/data/style/style.scss#L4
style = ''
:root {
--cc-bg: rgba(46, 46, 46, 0.7);
--noti-border-color: rgba(255, 255, 255, 0.15);
--noti-bg: 48, 48, 48;
--noti-bg-alpha: 1;
--border-radius: 0;
--font-size-body: 13px;
--font-size-summary: 14px;
}
.close-button {
min-width: 18px;
min-height: 18px;
}
'';
};
};
}

9
modules/common/features/hyprland/osd.nix Normal file
View File

@@ -0,0 +1,9 @@
{ ... }: {
flake.homeModules.commonFeatureOsd = { ... }: {
services.swayosd = {
enable = true;
};
home.file.".config/swayosd/style.css".source = ./swayosd/style.css;
};
}

0
home/common/optional/desktop/hyprland/swayosd/style.css → modules/common/features/hyprland/swayosd/style.css
View File

5
modules/common/features/hyprland/walker.nix Normal file
View File

@@ -0,0 +1,5 @@
{ ... }: {
flake.homeModules.commonFeatureWalker = { ... }: {
home.file.".config/walker/config.toml".source = ./walker/config.toml;
};
}

0
home/common/optional/desktop/hyprland/walker/config.toml → modules/common/features/hyprland/walker/config.toml
View File

21
modules/common/features/hyprland/wallpaper.nix Normal file
View File

@@ -0,0 +1,21 @@
{ self, ... }: {
flake.homeModules.commonFeatureWallpaper = { ... }:
let
wallpaper = builtins.toString "${self}/assets/wallpaper2.jpg";
in {
services.hyprpaper = {
enable = true;
settings = {
spash = false;
preload = [ wallpaper ];
wallpaper = [
"eDP-1,${wallpaper}"
"HDMI-A-1,${wallpaper}"
];
};
};
};
}

6
modules/common/features/hyprland/waybar.nix Normal file
View File

@@ -0,0 +1,6 @@
{ ... }: {
flake.homeModules.commonFeatureWaybar = { ... }: {
home.file.".config/waybar/config.jsonc".source = ./waybar/config.jsonc;
home.file.".config/waybar/style.css".source = ./waybar/style.css;
};
}

0
home/common/optional/desktop/hyprland/waybar/config.jsonc → modules/common/features/hyprland/waybar/config.jsonc
View File

0
home/common/optional/desktop/hyprland/waybar/style.css → modules/common/features/hyprland/waybar/style.css
View File

27
modules/common/features/image-viewer.nix Normal file
View File

@@ -0,0 +1,27 @@
{ ... }: {
flake.homeModules.commonFeatureImageViewer = { pkgs, ... }: {
xdg.desktopEntries.imv = {
name = "imv";
exec = "${pkgs.imv}/bin/imv %F";
icon = "imv";
};
xdg.mimeApps = let
value = "imv.desktop";
associations = builtins.listToAttrs (map (name: {
inherit name value;
}) [
"image/png"
"image/jpeg"
"image/gif"
"image/bmp"
"image/webp"
]);
in {
enable = true;
associations.added = associations;
defaultApplications = associations;
};
};
}

16
modules/common/features/locale.nix Normal file
View File

@@ -0,0 +1,16 @@
{ ... }: {
flake.nixosModules.commonFeatureLocale = { pkgs, ... }: {
i18n.defaultLocale = "en_US.UTF-8";
i18n.supportedLocales = [ "en_US.UTF-8/UTF-8" "zh_CN.UTF-8/UTF-8" ];
i18n.inputMethod = {
enable = true;
type = "fcitx5";
fcitx5.addons = with pkgs; [
# fcitx5-gtk # alternatively, kdePackages.fcitx5-qt
kdePackages.fcitx5-qt # alternatively, kdePackages.fcitx5-qt
qt6Packages.fcitx5-chinese-addons # table input method support
fcitx5-nord # a color theme
];
};
};
}

47
modules/common/features/music.nix Normal file
View File

@@ -0,0 +1,47 @@
{ ... }: {
flake.homeModules.commonFeatureMusic = { pkgs, ... }: {
home.packages = with pkgs; [
mpc
];
services.mpd = {
enable = true;
musicDirectory = "/home/max/media/music";
# extraConfig = ''
# audio_output {
# type "pipewire"
# name "pipewire"
# }
# '';
extraConfig = ''
audio_output {
type "alsa"
name "My ALSA"
mixer_type "hardware"
mixer_device "default"
mixer_control "PCM"
}
'';
};
services.mpd-mpris.enable = true;
programs.ncmpcpp = {
enable = true;
bindings = [
{ key = "j"; command = "scroll_down"; }
{ key = "k"; command = "scroll_up"; }
{ key = "h"; command = "previous_column"; }
{ key = "l"; command = "next_column"; }
{ key = "J"; command = [ "select_item" "scroll_down" ]; }
{ key = "K"; command = [ "select_item" "scroll_up" ]; }
];
};
};
}

11
modules/common/features/pkgs-unstable.nix Normal file
View File

@@ -0,0 +1,11 @@
{ inputs, ... }: {
flake.nixosModules.commonUnstablePkgsOverlay = { ... }: {
nixpkgs.overlays = [
(final: prev: {
pkgs-unstable = import inputs.nixpkgs-unstable {
inherit (prev.stdenv.hostPlatform) system;
};
})
];
};
}

32
modules/common/features/yubikey.nix Normal file
View File

@@ -0,0 +1,32 @@
{ ... }: {
flake.nixosModules.commonFeatureYubikey = { pkgs, ... }: {
environment.systemPackages = with pkgs; [
yubioath-flutter # gui
yubikey-manager # `ykman`
pam_u2f # yubikey with sudo
];
services.pcscd.enable = true;
services.udev.packages = [ pkgs.yubikey-personalization ];
services.yubikey-agent.enable = true;
security.pam = {
sshAgentAuth.enable = true;
u2f = {
enable = true;
settings = {
cue = true;
authFile = "/home/max/.config/Yubico/u2f_keys";
};
};
services = {
login.u2fAuth = true;
sudo = {
u2fAuth = true;
sshAgentAuth = true;
};
};
};
};
}

10
modules/common/features/zathura.nix Normal file
View File

@@ -0,0 +1,10 @@
{ ... }: {
flake.homeModules.commonFeatureZathura = { ... }: {
programs.zathura = {
enable = true;
options = {
selection-clipboard = "clipboard";
};
};
};
}

17
modules/koon/feature/tailscale.nix Normal file
View File

@@ -0,0 +1,17 @@
{ ... }: {
flake.nixosModules.koonFeatureTailscale = { pkgs, ... }: {
services.tailscale.enable = true;
systemd.services.tailscale-restart = {
description = "Restart Tailscale after waking up";
after = [ "suspend.target" ];
wantedBy = [ "suspend.target" ];
serviceConfig = {
Type = "simple";
ExecStart = "${pkgs.systemd}/bin/systemctl restart tailscaled.service";
};
};
};
}

0
host/max/hardware-configuration.nix → modules/koon/host/max/_hardware-configuration.nix
View File

184
modules/koon/host/max/browser.nix Normal file
View File

@@ -0,0 +1,184 @@
{ self, ... }: {
flake.homeModules.koonMaxBrowser = { pkgs, ... }: {
imports = [
self.inputs.zen-browser.homeModules.beta
];
xdg.mimeApps = let
value = let
browser = self.inputs.zen-browser.packages.${pkgs.stdenv.hostPlatform.system}.beta; # or twilight
in
browser.meta.desktopFileName;
associations = builtins.listToAttrs (map (name: {
inherit name value;
}) [
"application/x-extension-shtml"
"application/x-extension-xhtml"
"application/x-extension-html"
"application/x-extension-xht"
"application/x-extension-htm"
"x-scheme-handler/unknown"
"x-scheme-handler/mailto"
"x-scheme-handler/chrome"
"x-scheme-handler/about"
"x-scheme-handler/https"
"x-scheme-handler/http"
"application/xhtml+xml"
"application/json"
"text/plain"
"text/html"
]);
in {
enable = true;
associations.added = associations;
defaultApplications = associations;
};
programs.zen-browser = {
enable = true;
policies = {
AutofillAddressEnabled = false;
AutofillCreditCardEnabled = false;
DisableAppUpdate = true;
DisableFeedbackCommands = true;
DisableFirefoxStudies = true;
DisablePocket = true;
DisableTelemetry = true;
DontCheckDefaultBrowser = true;
NoDefaultBookmarks = true;
OfferToSaveLogins = false;
EnableTrackingProtection = {
Value = true;
Locked = true;
Cryptomining = true;
Fingerprinting = true;
};
Preferences = {
"privacy.resistFingerprinting" = {
Value = true;
Status = "locked";
};
"privacy.resistFingerprinting.randomization.canvas.use_siphash" = {
Value = true;
Status = "locked";
};
"privacy.resistFingerprinting.randomization.daily_reset.enabled" = {
Value = true;
Status = "locked";
};
"privacy.resistFingerprinting.randomization.daily_reset.private.enabled" = {
Value = true;
Status = "locked";
};
"privacy.resistFingerprinting.block_mozAddonManager" = {
Value = true;
Status = "locked";
};
};
# ID's can be collected from this command:
# nix run github:tupakkatapa/mozid -- "https://addons.mozilla.org/en-US/firefox/addon/<example>/"
ExtensionSettings = {
# The default behaviour of ctrl+click, shift+click, cmd+click (on macOS) and middle-click when clicking on links is to open the link in a new tab (or new window in the case of shift).
# This behaviour is sometimes broken by silly developers.
"{18b670e2-67df-4b26-b9b0-34835d1f062a}" = {
install_url = "https://addons.mozilla.org/firefox/downloads/latest/link-fixer/latest.xpi";
installation_mode = "force_installed";
};
};
};
profiles.default = let
containers = {
Personal = {
color = "yellow";
icon = "circle";
id = 1;
};
School = {
color = "red";
icon = "fruit";
id = 2;
};
Work = {
color = "blue";
icon = "briefcase";
id = 3;
};
};
spaces = {
Personal = {
id = "c6de089c-410d-4206-961d-ab11f988d40a";
icon = "";
container = containers."Personal".id;
position = 1000;
};
School = {
id = "78aabdad-8aae-4fe0-8ff0-2a0c6c4ccc24";
icon = "🍎";
container = containers."School".id;
position = 2000;
};
Work = {
id = "cdd10fab-4fc5-494b-9041-325e5759195b";
icon = "💼";
container = containers."Work".id;
position = 3000;
};
};
pins = {
# Personal Pins
"Proton Mail" = {
id = "d9942e0a-0997-418d-b357-91727300d184";
container = containers.Personal.id;
url = "https://mail.proton.me";
isEssential = true;
position = 1;
};
"Proton Calendar" = {
id = "6557e03f-c0ab-4656-ac94-acfb1fe19f3c";
container = containers.Personal.id;
url = "https://calendar.proton.me";
isEssential = true;
position = 2;
};
"YNAB" = {
id = "10cb5609-fcd5-4ed6-a48d-24eb22f2d624";
container = containers.Personal.id;
url = "https://app.ynab.com";
isEssential = true;
position = 3;
};
# # School Pins
# "Canvas" = {
# id = "cfbdc143-6a16-46d7-b33e-e9c964725e59";
# workspace = spaces.School.id;
# container = containers.School.id;
# url = "https://clemson.instructure.com/calendar";
# isEssential = true;
# position = 104;
# };
};
in {
containersForce = true;
spacesForce = true;
pinsForce = true;
inherit containers spaces pins;
# This is awesome :)
# https://nur.nix-community.org/repos/rycee/
extensions.packages = with self.inputs.firefox-addons.packages.${pkgs.stdenv.hostPlatform.system}; [
ublock-origin
proton-pass
istilldontcareaboutcookies
darkreader
];
};
};
};
}

152
modules/koon/host/max/configuration.nix Normal file
View File

@@ -0,0 +1,152 @@
{ self, ... }: {
flake.nixosModules.koonMaxConfiguration = { pkgs, lib, modulesPath, ... }: {
imports = [
./_hardware-configuration.nix
self.nixosModules.commonUnstablePkgsOverlay
self.nixosModules.commonFeatureEmail
self.nixosModules.commonFeatureFont
self.nixosModules.commonFeatureLocale
self.nixosModules.commonFeatureYubikey
self.nixosModules.commonFeatureHyprland
self.nixosModules.koonFeatureTailscale
self.nixosModules.koonMaxSops
self.nixosModules.koonMaxUser
self.nixosModules.koonMaxHomeManager
];
# Use the systemd-boot EFI boot loader.
boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = false;
boot.m1n1CustomLogo = ../../../../assets/logo.png;
hardware = {
asahi = {
peripheralFirmwareDirectory = ./firmware;
setupAsahiSound = true;
};
graphics = {
enable = true;
extraPackages = with pkgs; [
mesa.opencl
];
};
};
services.upower.enable = true;
services.logind.settings.Login.HandlePowerKey = "ignore";
networking.networkmanager = {
enable = true;
plugins = with pkgs; [
networkmanager-openconnect
];
};
hardware.bluetooth = {
enable = true;
powerOnBoot = true;
};
environment.variables = {
XDG_DATA_HOME = "/home/max/.local/share";
GSK_RENDERER = "ngl";
EDITOR = "nvim";
};
environment.sessionVariables.NIXOS_OZONE_WL = "1";
programs.kdeconnect.enable = true;
environment.systemPackages = with pkgs; [
networkmanager
vim
git
wget
file
just
libreoffice-qt
pkgs-unstable.signal-desktop
pkgs-unstable.gurk-rs
gnupg
(pass.withExtensions (exts: [ exts.pass-otp ]))
pinentry-curses
pinentry-qt
fzf
zip
jq
ffmpeg
ripgrep
unzip
zbar
tt
sc-im
libqalculate
librespeed-cli
gparted
tea
cloudflared
# gcc
prismlauncher
gimp
inkscape
# arm support
pkgs-unstable.sparrow
(writeShellScriptBin "radio" ''
list="
WIOP http://s4.yesstreaming.net:7119/;audio.mp3
FamilyAlter https://usa17.fastcast4u.com/proxy/roloffev?mp=/1
"
choice=$(echo "$list" | awk '{print $1}' | ${fzf}/bin/fzf)
if [[ -n "$choice" ]]; then
url=$(echo "$list" | awk -v name="$choice" '$1==name {print $2}')
${mpg123}/bin/mpg123 "$url"
fi
'')
(pkgs.writeShellScriptBin "battery-graph" ''
${pkgs.coreutils}/bin/tail -n 20 /var/lib/upower/history-charge-bq40z651-69-F8Y3262H468Q1LTA1.dat | ${pkgs.coreutils}/bin/cut -f1,2 | RUBYOPT='-W0' ${pkgs.youplot}/bin/uplot line -w 70
'')
(pkgs.writeShellScriptBin "ocr-clip" ''
${pkgs.grimblast}/bin/grimblast -f save area - | ${pkgs.tesseract}/bin/tesseract stdin stdout | ${pkgs.wl-clipboard}/bin/wl-copy
'')
];
programs.zsh.enable = true;
programs.gnupg.agent = {
enable = true;
pinentryPackage = pkgs.pinentry-qt;
enableSSHSupport = true;
};
time.timeZone = "America/New_York";
nix.settings.experimental-features = [ "nix-command" "flakes" ];
system.stateVersion = "25.05";
};
}

11
modules/koon/host/max/default.nix Normal file
View File

@@ -0,0 +1,11 @@
{ self, inputs, ... }: {
flake.nixosConfigurations.koonMax = inputs.nixpkgs.lib.nixosSystem {
modules = [
self.inputs.nixos-apple-silicon.nixosModules.apple-silicon-support
self.inputs.sops-nix.nixosModules.sops
self.inputs.home-manager.nixosModules.home-manager
self.nixosModules.koonMaxConfiguration
];
};
}

33
modules/koon/host/max/development/git.nix Normal file
View File

@@ -0,0 +1,33 @@
{ ... }: {
flake.homeModules.koonMaxGit = { lib, ... }:
let
publicGitEmail = "22125083+k2on@users.noreply.github.com";
publicKey = "/home/max/.ssh/id_maxkey.pub";
in {
programs.git = {
enable = true;
settings = {
init.defaultBranch = "main";
push.autoSetupRemote = true;
commit.gpgsign = true;
gpg.format = "ssh";
user.name = "Max Koon";
user.email = publicGitEmail;
user.signing.key = publicKey;
gpg.ssh.allowedSignersFile = "/home/max/.ssh/allowed_signers";
};
signing = {
signByDefault = true;
key = publicKey;
};
};
home.file.".ssh/allowed_signers".text = ''
${publicGitEmail} ${lib.fileContents ./id_maxkey.pub}
'';
};
}

0
host/max/keys/id_maxkey.pub → modules/koon/host/max/development/id_maxkey.pub
View File

288
modules/koon/host/max/development/neovim.nix Normal file
View File

@@ -0,0 +1,288 @@
{ self, ... }: {
flake.homeModules.koonMaxNeovim = { pkgs, ... }: {
imports = [
self.inputs.nixvim.homeModules.nixvim
];
programs.nixvim = {
enable = true;
colorschemes.tokyonight.enable = true;
globals = {
mapleader = " ";
maplocalleader = " ";
};
clipboard = {
providers.wl-copy.enable = true;
register = "unnamedplus";
};
opts = {
background = "dark";
relativenumber = true;
cursorline = true;
number = true;
tabstop = 2;
expandtab = true;
signcolumn = "yes";
updatetime = 250;
list = true;
listchars.__raw = "{ tab = '» ', trail = '·', nbsp = '' }";
};
extraConfigLua = ''
vim.g.transparent_enabled = true
require('transparent').setup({ exclude_groups = { "CursorLine" } })
require('stay-centered').setup({ enable = true })
require('mini.ai').setup()
'';
keymaps = [
{
mode = "n";
key = "<Esc>";
action = "<cmd>nohlsearch<CR>";
}
{
mode = "n";
key = "<leader>a";
action.__raw = "function() require'harpoon':list():add() end";
}
{
mode = "n";
key = "<C-e>";
action.__raw =
"function() require'harpoon'.ui:toggle_quick_menu(require'harpoon':list()) end";
}
{
mode = "n";
key = "<C-j>";
action.__raw = "function() require'harpoon':list():select(1) end";
}
{
mode = "n";
key = "<C-k>";
action.__raw = "function() require'harpoon':list():select(2) end";
}
{
mode = "n";
key = "<C-l>";
action.__raw = "function() require'harpoon':list():select(3) end";
}
{
mode = "n";
key = "<C-;>";
action.__raw = "function() require'harpoon':list():select(4) end";
}
{
mode = "n";
key = "<leader>b";
action = "<cmd>Neotree<CR>";
}
{
mode = "n";
key = "<leader>l";
action = "<cmd>Neotree reveal<CR>";
}
];
autoCmd = [
{
event = [ "BufWritePre" ];
pattern = "*";
command = "lua vim.lsp.buf.format()";
}
];
diagnostic.settings.virtual_text = true;
userCommands.W.command = "w";
plugins = {
web-devicons.enable = true;
sleuth.enable = true;
lastplace.enable = true;
gitsigns.enable = true;
highlight-colors.enable = true;
todo-comments.enable = true;
goyo.enable = true;
treesitter = {
enable = true;
settings = {
ensureInstalled =
[ "typescript" "rust" "php" "blade" "python" "nix" ];
highlight = { enable = true; };
indent = { enable = true; };
};
};
lsp = {
enable = true;
servers = {
tsgo.enable = true;
tailwindcss.enable = false;
biome.enable = false;
rust_analyzer = {
enable = true;
installCargo = true;
installRustc = true;
};
clangd.enable = true;
phpactor.enable = true;
pylsp.enable = true;
pyright.enable = true;
nixd.enable = true;
};
keymaps = {
extra = [
{
mode = "n";
key = "gd";
action.__raw = "require('telescope.builtin').lsp_definitions";
options = { desc = "LSP: [G]oto [D]efinition"; };
}
{
mode = "n";
key = "gr";
action.__raw = "require('telescope.builtin').lsp_references";
options = { desc = "LSP: [G]oto [R]eferences"; };
}
];
lspBuf = {
"<leader>." = {
mode = [ "n" "x" ];
action = "code_action";
desc = "Code action";
};
};
};
};
lazydev.enable = true;
luasnip.enable = true;
telescope = {
enable = true;
extensions = {
fzf-native.enable = true;
ui-select.enable = true;
};
keymaps = {
"<leader>sf" = {
mode = "n";
action = "find_files";
options = { desc = "[S]earch [F]iles"; };
};
"<leader>sk" = {
mode = "n";
action = "live_grep";
options = { desc = "[S]earch [S]tring"; };
};
};
settings = {
extensions.__raw =
"{ ['ui-select'] = { require('telescope.themes').get_dropdown() } }";
};
};
cmp = {
enable = true;
settings = {
snippet = {
expand = ''
function(args)
require('luasnip').lsp_expand(args.body)
end
'';
};
completion = { completeopt = "menu,menuone,noinsert"; };
formatting = {
format = ''require("nvim-highlight-colors").format'';
};
mapping = {
"<CR>" = "cmp.mapping.confirm { select = true }";
"<Tab>" = "cmp.mapping.select_next_item()";
"<S-Tab>" = "cmp.mapping.select_prev_item()";
"<Down>" = "cmp.mapping.select_next_item()";
"<Up>" = "cmp.mapping.select_prev_item()";
"<C-j>" = "cmp.mapping.select_next_item()";
"<C-k>" = "cmp.mapping.select_prev_item()";
};
sources = [
{
name = "lazydev";
group_index = 0;
}
{ name = "nvim_lsp"; }
{ name = "luasnip"; }
{ name = "path"; }
{ name = "nvim_lsp_signature_help"; }
];
};
};
harpoon = {
enable = true;
settings.settings = { save_on_toggle = true; };
};
neo-tree = {
enable = true;
settings = {
window.width = 25;
filesystem = {
filtered_items = {
visible = true;
};
};
};
};
wakatime.enable = true;
autoclose.enable = true;
ts-autotag.enable = true;
bullets.enable = true;
spider = {
enable = true;
settings = {
subwordMovement = true;
skipInsignificantPunctuation = false;
};
keymaps = {
motions = {
"w" = "w";
"e" = "e";
"b" = "b";
};
};
};
transparent.enable = true;
};
extraPlugins = with pkgs.vimPlugins; [
stay-centered-nvim
mini-ai
];
};
};
}

38
modules/koon/host/max/development/ssh.nix Normal file
View File

@@ -0,0 +1,38 @@
{ ... }: {
flake.homeModules.koonMaxSsh = { pkgs, ... }: {
programs.ssh = {
enable = true;
enableDefaultConfig = false;
matchBlocks = {
"*" = {
addKeysToAgent = "yes";
};
"m1" = {
host = "m1";
user = "admin";
};
"ark" = {
host = "ark";
user = "admin";
};
"ssh.koon.us" = {
host = "ssh.koon.us";
user = "git";
proxyCommand = "${pkgs.cloudflared}/bin/cloudflared access ssh --hostname %h";
};
"git" = {
host = "github.com";
user = "git";
identityFile = [
"~/.ssh/id_maxkey"
];
};
};
};
home.file = {
".ssh/id_maxkey.pub".source = ./id_maxkey.pub;
};
};
}

0
host/max/firmware/all_firmware.tar.gz → modules/koon/host/max/firmware/all_firmware.tar.gz
View File

0
host/max/firmware/kernelcache.release.mac14j → modules/koon/host/max/firmware/kernelcache.release.mac14j
View File

54
modules/koon/host/max/home.nix Normal file
View File

@@ -0,0 +1,54 @@
{ self, inputs, ... }: {
flake.nixosModules.koonMaxHomeManager = { ... }: {
imports = [
inputs.home-manager.nixosModules.home-manager
];
home-manager = {
useGlobalPkgs = true;
useUserPackages = true;
extraSpecialArgs = { inherit inputs self; };
users.max = {
imports = [ self.homeModules.koonMaxHome ];
};
};
};
flake.homeModules.koonMaxHome = { ... }: {
imports = [
self.homeModules.commonFeatureHyprlandConfig
self.homeModules.commonFeatureHypridle
self.homeModules.commonFeatureHyprlock
self.homeModules.commonFeatureNotifications
self.homeModules.commonFeatureOsd
self.homeModules.commonFeatureWalker
self.homeModules.commonFeatureWallpaper
self.homeModules.commonFeatureWaybar
self.homeModules.commonFeatureZathura
self.homeModules.commonFeatureAlacritty
self.homeModules.commonFeatureLf
self.homeModules.commonFeatureTmux
self.homeModules.commonFeatureStarship
self.homeModules.commonFeatureDirenv
self.homeModules.commonFeatureImageViewer
self.homeModules.commonFeatureMusic
self.homeModules.commonFeatureZsh
self.homeModules.koonMaxBrowser
self.homeModules.koonMaxNeovim
self.homeModules.koonMaxGit
self.homeModules.koonMaxSsh
];
gtk = {
enable = true;
colorScheme = "dark";
};
home.username = "max";
home.homeDirectory = "/home/max";
home.stateVersion = "25.05";
};
}

34
modules/koon/host/max/sops.nix Normal file
View File

@@ -0,0 +1,34 @@
{ self, ... }: {
flake.nixosModules.koonMaxSops = { config, ... }: {
sops = {
age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ];
defaultSopsFile = "${self}/secrets/koon/max/default.yaml";
validateSopsFiles = false;
secrets = {
"yubico/u2f_keys" = {
owner = config.users.users.max.name;
inherit (config.users.users.max) group;
path = "/home/max/.config/Yubico/u2f_keys";
};
"ssh_keys/max" = {
owner = config.users.users.max.name;
inherit (config.users.users.max) group;
path = "/home/max/.ssh/id_maxkey";
mode = "0600";
};
"waka_config" = {
owner = config.users.users.max.name;
inherit (config.users.users.max) group;
path = "/home/max/.wakatime.cfg";
};
"proton_key" = {};
};
};
environment.sessionVariables.PROTON_PASS_ENCRYPTION_KEY = config.sops.secrets.proton_key.path;
};
}

31
modules/koon/host/max/user.nix Normal file
View File

@@ -0,0 +1,31 @@
{ ... }: {
flake.nixosModules.koonMaxUser = { pkgs, config, ... }: {
sops.secrets.max-password.neededForUsers = true;
users.mutableUsers = true;
users.users.max = {
isNormalUser = true;
# hashedPasswordFile = config.sops.secrets.max-password.path;
password = "password";
extraGroups = [ "wheel" "networkmanager" "video" "kvm" "docker" "ydotool" ];
packages = with pkgs; [ tree ];
shell = pkgs.zsh;
};
programs.adb.enable = true;
virtualisation.docker = {
enable = true;
rootless = {
enable = true;
setSocketVariable = true;
};
};
};
}

15
modules/parts.nix Normal file
View File

@@ -0,0 +1,15 @@
{ inputs, ... }: {
imports = [
inputs.home-manager.flakeModules.home-manager
];
config = {
systems = [
"x86_64-linux"
"x86_64-darwin"
"aarch64-linux"
"aarch64-darwin"
];
};
}

19
modules/shell.nix Normal file
View File

@@ -0,0 +1,19 @@
{ ... }: {
perSystem = { pkgs, ... }: {
devShells.default = pkgs.mkShell {
shellHook = ''
export SOPS_AGE_KEY="$(${pkgs.age-plugin-yubikey}/bin/age-plugin-yubikey --identity)"
'';
packages = with pkgs; [
age
ssh-to-age
sops
just
nix-inspect
age-plugin-yubikey
];
};
};
}

2
secrets

Submodule secrets updated: 78d7d95fd0...c4f9e7bd98