feat: inital public commit

host/common/core/default.nix

@@ -0,0 +1,9 @@
+{ inputs, ... }: {
+  time.timeZone = "America/New_York";
+
+  services.tailscale.enable = true;
+
+  # security.sudo.wheelNeedsPassword = false;
+
+  nix.settings.experimental-features = [ "nix-command" "flakes" ];
+}

host/common/optional/browser.nix

@@ -0,0 +1,63 @@
+{ lib, ... }: {
+  programs.firefox = let
+    lock-false = {
+      Value = false;
+      Status = "locked";
+    };
+    lock-true = {
+      Value = true;
+      Status = "locked";
+    };
+    lock-empty-string = {
+      Value = "";
+      Status = "locked";
+    };
+  in {
+    enable = true;
+    policies = {
+      DisableTelemetry = true;
+      DisableFirefoxStudies = true;
+      DontCheckDefaultBrowser = true;
+      DisablePocket = true;
+      DisableAccounts = true;
+
+      Preferences = {
+        "extensions.pocket.enabled" = lock-false;
+        "browser.topsites.contile.enabled" = lock-false;
+        "browser.newtabpage.pinned" = lock-empty-string;
+        "browser.newtabpage.activity-stream.showSponsored" = lock-false;
+        "browser.newtabpage.activity-stream.system.showSponsored" = lock-false;
+        "browser.newtabpage.activity-stream.showSponsoredTopSites" = lock-false;
+      };
+
+      ExtensionSettings = {
+        "uBlock0@raymondhill.net" = {
+          install_url =
+            "https://addons.mozilla.org/firefox/downloads/latest/ublock-origin/latest.xpi";
+          installation_mode = "force_installed";
+        };
+        "{446900e4-71c2-419f-a6a7-df9c091e268b}" = {
+          install_url =
+            "https://addons.mozilla.org/firefox/downloads/latest/bitwarden-password-manager/latest.xpi";
+          installation_mode = "force_installed";
+        };
+        "{d7742d87-e61d-4b78-b8a1-b469842139fa}" = {
+          install_url =
+            "https://addons.mozilla.org/firefox/downloads/latest/vimium-ff/latest.xpi";
+          installation_mode = "force_installed";
+        };
+        "myallychou@gmail.com" = {
+          install_url =
+            "https://addons.mozilla.org/firefox/downloads/latest/youtube-recommended-videos/latest.xpi";
+          installation_mode = "force_installed";
+        };
+
+      };
+
+      UserMessaging = {
+        UrlbarInterventions = false;
+        SkipOnboarding = true;
+      };
+    };
+  };
+}

host/common/optional/desktop.nix

@@ -0,0 +1,28 @@
+{ pkgs, ... }: {
+  services = {
+    desktopManager.plasma6.enable = true;
+
+    displayManager.sddm.enable = true;
+    displayManager.sddm.wayland.enable = true;
+  };
+
+  environment.systemPackages = with pkgs; [
+    kdePackages.discover # Optional: Install if you use Flatpak or fwupd firmware update sevice
+    kdePackages.kcalc # Calculator
+    kdePackages.kcharselect # Tool to select and copy special characters from all installed fonts
+    kdePackages.kcolorchooser # A small utility to select a color
+    kdePackages.kolourpaint # Easy-to-use paint program
+    kdePackages.ksystemlog # KDE SystemLog Application
+    kdePackages.sddm-kcm # Configuration module for SDDM
+    kdiff3 # Compares and merges 2 or 3 files or directories
+    kdePackages.isoimagewriter # Optional: Program to write hybrid ISO files onto USB disks
+    kdePackages.partitionmanager # Optional Manage the disk devices, partitions and file systems on your computer
+    kdePackages.merkuro
+    kdePackages.korganizer
+    kdePackages.kdepim-addons
+    hardinfo2 # System information and benchmarks for Linux systems
+    haruna # Open source video player built with Qt/QML and libmpv
+    wayland-utils # Wayland utilities
+    wl-clipboard # Command-line copy/paste utilities for Wayland
+  ];
+}

host/common/optional/email.nix

@@ -0,0 +1 @@
+{ ... }: { programs.thunderbird.enable = true; }

host/common/optional/fonts.nix

@@ -0,0 +1,18 @@
+{ pkgs, ... }: {
+  fonts.packages = with pkgs; [
+    monocraft
+
+    (stdenv.mkDerivation {
+      name = "apple-color-emoji";
+      src = fetchurl {
+        url =
+          "https://github.com/samuelngs/apple-emoji-linux/releases/download/v17.4/AppleColorEmoji.ttf";
+        sha256 = "1wahjmbfm1xgm58madvl21451a04gxham5vz67gqz1cvpi0cjva8";
+      };
+      dontUnpack = true;
+      installPhase = ''
+        install -Dm644 $src $out/share/fonts/truetype/AppleColorEmoji.ttf
+      '';
+    })
+  ];
+}

host/common/optional/locale.nix

@@ -0,0 +1,14 @@
+{ pkgs, ... }: {
+  i18n.defaultLocale = "en_US.UTF-8";
+  i18n.supportedLocales = [ "en_US.UTF-8/UTF-8" "zh_CN.UTF-8/UTF-8" ];
+  i18n.inputMethod = {
+    enabled = "fcitx5";
+    fcitx5.addons = with pkgs; [
+      # fcitx5-gtk             # alternatively, kdePackages.fcitx5-qt
+      kdePackages.fcitx5-qt # alternatively, kdePackages.fcitx5-qt
+      fcitx5-chinese-addons # table input method support
+      fcitx5-nord # a color theme
+    ];
+  };
+
+}

host/common/optional/yubikey.nix

@@ -0,0 +1,32 @@
+{ lib, pkgs, ... }:
+{
+  environment.systemPackages = with pkgs; [
+      yubioath-flutter # gui
+      yubikey-manager  # `ykman`
+      pam_u2f          # yubikey with sudo
+  ];
+
+  services.pcscd.enable = true;
+  services.udev.packages = [ pkgs.yubikey-personalization ];
+
+  services.yubikey-agent.enable = true;
+
+  security.pam = {
+    sshAgentAuth.enable = true;
+    u2f = {
+      enable = true;
+      settings = {
+        cue = true;
+        authFile = "/home/max/.config/Yubico/u2f_keys";
+      };
+    };
+    services = {
+      login.u2fAuth = true;
+      sudo = {
+        u2fAuth = true;
+        sshAgentAuth = true;
+      };
+    };
+
+  };
+}