diff --git a/flake.lock b/flake.lock
index 7bfda666..0715d670 100644
--- a/flake.lock
+++ b/flake.lock
@@ -16,11 +16,11 @@
"uv2nix": "uv2nix"
},
"locked": {
- "lastModified": 1757676906,
- "narHash": "sha256-2Zbde5orbGsYdzroe51P1AW8pFMCNyqHgLjmHYJvOmE=",
+ "lastModified": 1759322529,
+ "narHash": "sha256-yiv/g/tiJI3PI95F7vhTnaf1TDsIkFLrmmFTjWfb6pQ=",
"owner": "nix-community",
"repo": "authentik-nix",
- "rev": "04db807ac00ba6d62808ffab18b3b6d500b6f7cb",
+ "rev": "69fac057b2e553ee17c9a09b822d735823d65a6c",
"type": "github"
},
"original": {
@@ -32,16 +32,16 @@
"authentik-src": {
"flake": false,
"locked": {
- "lastModified": 1755873658,
- "narHash": "sha256-5l1g55b0xozGg0NaZFimiO5JbHGcudaNSEn1/XsweaU=",
+ "lastModified": 1759190535,
+ "narHash": "sha256-pIzDaoDWc58cY/XhsyweCwc4dfRvkaT/zqsV1gDSnCI=",
"owner": "goauthentik",
"repo": "authentik",
- "rev": "dd7c6b29d950664deadbcf5390272619a8bf9a5e",
+ "rev": "8d3a289d12c7de2f244c76493af7880f70d08af2",
"type": "github"
},
"original": {
"owner": "goauthentik",
- "ref": "version/2025.8.1",
+ "ref": "version/2025.8.4",
"repo": "authentik",
"type": "github"
}
@@ -98,11 +98,11 @@
"nixpkgs-lib": "nixpkgs-lib"
},
"locked": {
- "lastModified": 1754487366,
- "narHash": "sha256-pHYj8gUBapuUzKV/kN/tR3Zvqc7o6gdFB9XKXIp1SQ8=",
+ "lastModified": 1756770412,
+ "narHash": "sha256-+uWLQZccFHwqpGqr2Yt5VsW/PbeJVTn9Dk6SHWhNRPw=",
"owner": "hercules-ci",
"repo": "flake-parts",
- "rev": "af66ad14b28a127c5c0f3bbb298218fc63528a18",
+ "rev": "4524271976b625a4a605beefd893f270620fd751",
"type": "github"
},
"original": {
@@ -222,11 +222,11 @@
"rust-overlay": "rust-overlay"
},
"locked": {
- "lastModified": 1757982959,
- "narHash": "sha256-b2a0ikawsIBcqwM05mv4tjsn0YfptAEcdEcTNhOD8Pk=",
+ "lastModified": 1759759529,
+ "narHash": "sha256-t+fUXdpBv3r/nhciqJpkALCWdXGIeGfUshm1KfC69KM=",
"owner": "helix-editor",
"repo": "helix",
- "rev": "c0921202a0a9f9e3003a845824d3365e2f08467f",
+ "rev": "c599e4e7ee5222692c6c2a2de1edc1994afb39ee",
"type": "github"
},
"original": {
@@ -242,11 +242,11 @@
]
},
"locked": {
- "lastModified": 1757997814,
- "narHash": "sha256-F+1aoG+3NH4jDDEmhnDUReISyq6kQBBuktTUqCUWSiw=",
+ "lastModified": 1759761710,
+ "narHash": "sha256-6ZG7VZZsbg39gtziGSvCJKurhIahIuiCn+W6TGB5kOU=",
"owner": "nix-community",
"repo": "home-manager",
- "rev": "5820376beb804de9acf07debaaff1ac84728b708",
+ "rev": "929535c3082afdf0b18afec5ea1ef14d7689ff1c",
"type": "github"
},
"original": {
@@ -343,11 +343,11 @@
"mobile-nixos": {
"flake": false,
"locked": {
- "lastModified": 1757174863,
- "narHash": "sha256-PFu4TTHm/GSbrBBl6waxSNyQfpMoC4YkL1RMXkb2gyE=",
+ "lastModified": 1759261417,
+ "narHash": "sha256-TjuoBb8+isL3KTdGgtYh90XPyeUMFbgNAOG9l23CB3A=",
"owner": "mobile-nixos",
"repo": "mobile-nixos",
- "rev": "c3164daaf62a81d0c4bfab67e6763a4319212557",
+ "rev": "e6f6d527bf6abf94dd52fbba3143a720cef96431",
"type": "github"
},
"original": {
@@ -359,11 +359,11 @@
"mtxclient": {
"flake": false,
"locked": {
- "lastModified": 1754164950,
- "narHash": "sha256-v/TaaGrCO3M86pF1P0O25iN0+s2t84iPKhgOtxZT0wQ=",
+ "lastModified": 1758395358,
+ "narHash": "sha256-zxpvRDKpp8sWSmf/xLgoHDWMzmdkQenZepXg+CoGtcg=",
"owner": "Nheko-Reborn",
"repo": "mtxclient",
- "rev": "fa181521c2300d57ac4d3a833a059317b1ea6dc3",
+ "rev": "d6f10427d1c5e5b1a45f426274f8d2e8dd0b64be",
"type": "github"
},
"original": {
@@ -422,11 +422,11 @@
"rust-overlay": "rust-overlay_3"
},
"locked": {
- "lastModified": 1758000903,
- "narHash": "sha256-FyfB40rl2mbRGIvF2/6Iwv9xHDxOmhaE1MhlV6Efsg4=",
+ "lastModified": 1759395653,
+ "narHash": "sha256-sv9J1z6CrTPf9lRJLyCN90fZVdQz7LFeX7pIlInH8BQ=",
"owner": "YaLTeR",
"repo": "niri",
- "rev": "c30e5c91851d77d48ff2120f0e710501b19d61b4",
+ "rev": "ba6e5e082a79901dc89b0d49c5da1b769d652aec",
"type": "github"
},
"original": {
@@ -437,11 +437,11 @@
},
"nixos-hardware": {
"locked": {
- "lastModified": 1757943327,
- "narHash": "sha256-w6cDExPBqbq7fTLo4dZ1ozDGeq3yV6dSN4n/sAaS6OM=",
+ "lastModified": 1759582739,
+ "narHash": "sha256-spZegilADH0q5OngM86u6NmXxduCNv5eX9vCiUPhOYc=",
"owner": "NixOS",
"repo": "nixos-hardware",
- "rev": "67a709cfe5d0643dafd798b0b613ed579de8be05",
+ "rev": "3441b5242af7577230a78ffb03542add264179ab",
"type": "github"
},
"original": {
@@ -453,11 +453,11 @@
},
"nixpkgs": {
"locked": {
- "lastModified": 1757745802,
- "narHash": "sha256-hLEO2TPj55KcUFUU1vgtHE9UEIOjRcH/4QbmfHNF820=",
+ "lastModified": 1759381078,
+ "narHash": "sha256-gTrEEp5gEspIcCOx9PD8kMaF1iEmfBcTbO0Jag2QhQs=",
"owner": "nixos",
"repo": "nixpkgs",
- "rev": "c23193b943c6c689d70ee98ce3128239ed9e32d1",
+ "rev": "7df7ff7d8e00218376575f0acdcc5d66741351ee",
"type": "github"
},
"original": {
@@ -469,11 +469,11 @@
},
"nixpkgs-lib": {
"locked": {
- "lastModified": 1753579242,
- "narHash": "sha256-zvaMGVn14/Zz8hnp4VWT9xVnhc8vuL3TStRqwk22biA=",
+ "lastModified": 1754788789,
+ "narHash": "sha256-x2rJ+Ovzq0sCMpgfgGaaqgBSwY+LST+WbZ6TytnT9Rk=",
"owner": "nix-community",
"repo": "nixpkgs.lib",
- "rev": "0f36c44e01a6129be94e3ade315a5883f0228a6e",
+ "rev": "a73b9c743612e4244d865a2fdee11865283c04e6",
"type": "github"
},
"original": {
@@ -484,11 +484,11 @@
},
"nixpkgs-master": {
"locked": {
- "lastModified": 1758007619,
- "narHash": "sha256-ADv63t4pEj5zhTAggwzyCbSpQosDtxKy0qg9cB9a1Eo=",
+ "lastModified": 1759769540,
+ "narHash": "sha256-s77ilbEVvMAjxjjWStsExk1vzBXCPsnQa1tKjGYo85M=",
"owner": "nixos",
"repo": "nixpkgs",
- "rev": "64334fda8d632bec7c80c9bef668ad9633a8dd64",
+ "rev": "dbe62f817c129a464d33bbae02bb36fb04871fa6",
"type": "github"
},
"original": {
@@ -557,11 +557,11 @@
]
},
"locked": {
- "lastModified": 1756087852,
- "narHash": "sha256-4jc3JDQt75fYXFrglgqyzF6C6zLU0QGLymzian4aP+U=",
+ "lastModified": 1757296493,
+ "narHash": "sha256-6nzSZl28IwH2Vx8YSmd3t6TREHpDbKlDPK+dq1LKIZQ=",
"owner": "pyproject-nix",
"repo": "build-system-pkgs",
- "rev": "6edb3ae27395cd88be3d64b732d1539957dad59c",
+ "rev": "5b8e37fe0077db5c1df3a5ee90a651345f085d38",
"type": "github"
},
"original": {
@@ -578,11 +578,11 @@
]
},
"locked": {
- "lastModified": 1756395552,
- "narHash": "sha256-5aJM14MpoLk2cdZAetu60OkLQrtFLWTICAyn1EP7ZpM=",
+ "lastModified": 1757246327,
+ "narHash": "sha256-6pNlGhwOIMfhe/RLjHdpXveKS4FyLHvlGe+KtjDild4=",
"owner": "pyproject-nix",
"repo": "pyproject.nix",
- "rev": "030dffc235dcf240d918c651c78dc5f158067b51",
+ "rev": "8d77f342d66ad1601cdb9d97e9388b69f64d4c8e",
"type": "github"
},
"original": {
@@ -620,11 +620,11 @@
]
},
"locked": {
- "lastModified": 1740623427,
- "narHash": "sha256-3SdPQrZoa4odlScFDUHd4CUPQ/R1gtH4Mq9u8CBiK8M=",
+ "lastModified": 1759631821,
+ "narHash": "sha256-V8A1L0FaU/aSXZ1QNJScxC12uP4hANeRBgI4YdhHeRM=",
"owner": "oxalica",
"repo": "rust-overlay",
- "rev": "d342e8b5fd88421ff982f383c853f0fc78a847ab",
+ "rev": "1d7cbdaad90f8a5255a89a6eddd8af24dc89cafe",
"type": "github"
},
"original": {
@@ -662,11 +662,11 @@
]
},
"locked": {
- "lastModified": 1752374969,
- "narHash": "sha256-Ky3ynEkJXih7mvWyt9DWoiSiZGqPeHLU1tlBU4b0mcc=",
+ "lastModified": 1757989933,
+ "narHash": "sha256-9cpKYWWPCFhgwQTww8S94rTXgg8Q8ydFv9fXM6I8xQM=",
"owner": "oxalica",
"repo": "rust-overlay",
- "rev": "75fb000638e6d0f57cb1e8b7a4550cbdd8c76f1d",
+ "rev": "8249aa3442fb9b45e615a35f39eca2fe5510d7c3",
"type": "github"
},
"original": {
@@ -703,11 +703,11 @@
]
},
"locked": {
- "lastModified": 1758007585,
- "narHash": "sha256-HYnwlbY6RE5xVd5rh0bYw77pnD8lOgbT4mlrfjgNZ0c=",
+ "lastModified": 1759635238,
+ "narHash": "sha256-UvzKi02LMFP74csFfwLPAZ0mrE7k6EiYaKecplyX9Qk=",
"owner": "Mic92",
"repo": "sops-nix",
- "rev": "f77d4cfa075c3de66fc9976b80e0c4fc69e2c139",
+ "rev": "6e5a38e08a2c31ae687504196a230ae00ea95133",
"type": "github"
},
"original": {
@@ -795,11 +795,11 @@
]
},
"locked": {
- "lastModified": 1756466761,
- "narHash": "sha256-ALXRHIMXQ4qVNfCbcWykC23MjMwUoHn9BreoBfqmq0Y=",
+ "lastModified": 1757925761,
+ "narHash": "sha256-7Hwz0vfHuFqCo5v7Q07GQgLBWuPvZCuf/5/pk4NoADg=",
"owner": "pyproject-nix",
"repo": "uv2nix",
- "rev": "0529e6d8227517205afcd1b37eee3088db745730",
+ "rev": "780494c40895bb7419a73d942bee326291e80b3b",
"type": "github"
},
"original": {
@@ -817,11 +817,11 @@
"rust-overlay": "rust-overlay_4"
},
"locked": {
- "lastModified": 1757179758,
- "narHash": "sha256-TIvyWzRt1miQj6Cf5Wy8Qz43XIZX7c4vTVwRLAT5S4Y=",
+ "lastModified": 1759707084,
+ "narHash": "sha256-0pkftKs6/LReNvxw7DVTN2AJEheZVgyeK0Aarbagi70=",
"owner": "Supreeeme",
"repo": "xwayland-satellite",
- "rev": "970728d0d9d1eada342bb8860af214b601139e58",
+ "rev": "a9188e70bd748118b4d56a529871b9de5adb9988",
"type": "github"
},
"original": {
@@ -838,11 +838,11 @@
]
},
"locked": {
- "lastModified": 1757999874,
- "narHash": "sha256-kgV3ms4hR86tIxaNAYJI8NNgkmEygN+JwkXCPAx2P2U=",
+ "lastModified": 1759724568,
+ "narHash": "sha256-i/+YcMMMFXeUKWbR683eoxyz+4Jcb01MHVCjj6OHl0Y=",
"owner": "0xc000022070",
"repo": "zen-browser-flake",
- "rev": "7dcbd22ca3943e4cfb3122f96cf515f028b3236a",
+ "rev": "b63e1644c96baaaccb78f8d3101f39fbfee733cb",
"type": "github"
},
"original": {
diff --git a/hm-modules/firefox.nix b/hm-modules/firefox.nix
index 638007d6..b88ec901 100644
--- a/hm-modules/firefox.nix
+++ b/hm-modules/firefox.nix
@@ -42,12 +42,28 @@ in
moz = name: "https://addons.mozilla.org/firefox/downloads/latest/${name}/latest.xpi";
in
{
+ "{d07ccf11-c0cd-4938-a265-2a4d6ad01189}" = {
+ # web archives
+ default_area = "navbar";
+ install_url = moz "view_page_archive";
+ installation_mode = "force_installed";
+ private_browsing = true;
+ };
+ "de_DE@dicts.j3e.de" = {
+ install_url = moz "german_dictionary_de_de_for_sp";
+ };
"uBlock0@raymondhill.net" = {
default_area = "menupanel";
install_url = moz "ublock-origin";
installation_mode = "force_installed";
private_browsing = true;
};
+ "uMatrix@raymondhill.net" = {
+ default_area = "menupanel";
+ install_url = moz "umatrix";
+ installation_mode = "force_installed";
+ private_browsing = true;
+ };
"vimium-c@gdh1995.cn" = {
default_area = "navbar";
install_url = moz "vimium-c";
@@ -154,10 +170,21 @@ in
"privacy.trackingprotection.enabled" = true;
"privacy.trackingprotection.socialtracking.enabled" = true;
"privacy.trackingprotection.emailtracking.enabled" = true;
+ "privacy.fingerprintingProtection" = true;
+ "privacy.clearOnShutdown_v2.formdata" = true;
+ "privacy.history.custom" = true;
+ "privacy.query_stripping.enabled" = true;
+
+ "extensions.formautofill.addresses.enabled" = false;
+ "extensions.formautofill.creditCards.enabled" = false;
"zen.view.use-single-toolbar" = false;
"zen.welcome-screen.seen" = true;
+ "browser.translations.neverTranslateLanguages" = "de";
+ "dom.security.https_only_mode" = true;
+ "dom.security.https_only_mode_ever_enabled" = true;
+
# things ripped from https://github.com/yokoffing/Betterfox/blob/main/Fastfox.js
"media.memory_cache_max_size" = 65536;
"media.cache_readahead_limit" = 7200;
@@ -225,6 +252,13 @@ in
];
url = "https://nixos.org/manual/nixos/stable/#sec-option-declarations";
}
+ {
+ name = "Home Manager Options";
+ tags = [
+ "nix"
+ ];
+ url = "https://nix-community.github.io/home-manager/options.xhtml";
+ }
{
name = "homepage";
url = "https://nixos.org/";
@@ -244,6 +278,34 @@ in
extensions.force = true;
extensions.settings = {
+ "{d07ccf11-c0cd-4938-a265-2a4d6ad01189}".settings = {
+ engines = [
+ "archiveIs"
+ "archiveOrg"
+ "archiveOrgAll"
+ "yandex"
+ "archiveIsAll"
+ "memento"
+ "permacc"
+ "megalodon"
+ "ghostarchive"
+ "webcite"
+ ];
+ menuItems = [
+ "openCurrentDoc_1"
+ "sep_1"
+ "search_allEngines_1"
+ "sep_2"
+ "search_archiveIs_1"
+ "search_archiveOrg_1"
+ "search_yandex_1"
+ "search_memento_1"
+ "search_permacc_1"
+ "search_megalodon_1"
+ "search_ghostarchive_1"
+ "search_webcite_1"
+ ];
+ };
"vimium-c@gdh1995.cn".settings = {
searchEngines = ''
g|go|gg|google|Google: https://www.google.com/search?q=%s \\
diff --git a/hm-modules/helix.nix b/hm-modules/helix.nix
index db7fcdb9..fe243c55 100644
--- a/hm-modules/helix.nix
+++ b/hm-modules/helix.nix
@@ -1,4 +1,10 @@
-{ pkgs, config, lib, inputs, ... }:
+{
+ pkgs,
+ config,
+ lib,
+ inputs,
+ ...
+}:
with lib;
let
cfg = config.xyno.helix;
@@ -7,26 +13,30 @@ in
options.xyno.helix.enable = mkOption { default = false; };
options.xyno.helix.withLargeLSPs = mkOption { default = false; };
config = mkIf cfg.enable {
- home.packages = with pkgs; [
- nixpkgs-fmt
- # omnisharp-roslyn
- ## ts
- # nodePackages_latest.prettier
- dprint
- markdown-oxide
- ## python
- # ruff-lsp
- # nodePackages_latest.pyright
- # inputs.csharp-language-server.packages.${pkgs.system}.csharp-language-server
- ] ++ (optionals cfg.withLargeLSPs [
- netcoredbg
- nodePackages_latest.typescript-language-server
- nodePackages_latest.vscode-langservers-extracted
- typescript
- jsonnet-language-server
- jsonnet
-
- ]);
+ home.packages =
+ with pkgs;
+ [
+ nixpkgs-fmt
+ # omnisharp-roslyn
+ ## ts
+ # nodePackages_latest.prettier
+ dprint
+ markdown-oxide
+ ## python
+ # ruff-lsp
+ # nodePackages_latest.pyright
+ # inputs.csharp-language-server.packages.${pkgs.system}.csharp-language-server
+ ]
+ ++ (optionals cfg.withLargeLSPs [
+ netcoredbg
+ nodePackages_latest.typescript-language-server
+ nodePackages_latest.vscode-langservers-extracted
+ typescript
+ jsonnet-language-server
+ jsonnet
+ lazygit
+
+ ]);
programs.helix = {
package = inputs.helix.packages.${pkgs.system}.default;
enable = true;
@@ -94,6 +104,13 @@ in
keys = {
normal = {
space."=" = ":fmt";
+ "C-g" =
+ ":sh tmux popup -d \"#{pane_current_path}\" -xC -yC -w80%% -h80%% -E lazygit";
+ "C-t" = ":sh tmux split-window -v -l '35%%'";
+ "C-h" = ":sh tmux select-pane -t '{left-of}'";
+ "C-l" = ":sh tmux select-pane -t '{right-of}'";
+ "C-j" = ":sh tmux select-pane -t '{down-of}'";
+ "C-k" = ":sh tmux select-pane -t '{up-of}'";
# smart tab++
tab = "move_parent_node_end";
@@ -110,13 +127,15 @@ in
};
};
-
};
languages = {
language-server.pyright.config.python.analysis.typeCheckingMode = "basic";
language-server.ruff = {
command = "ruff-lsp";
- config.settings.args = [ "--ignore" "E501" ];
+ config.settings.args = [
+ "--ignore"
+ "E501"
+ ];
};
language-server.csharp = {
command = "csharp-language-server";
@@ -125,22 +144,40 @@ in
(map
(x: {
name = x;
- language-servers = [ "typescript-language-server" "eslint" ];
+ language-servers = [
+ "typescript-language-server"
+ "eslint"
+ ];
#formatter = { command = "dprint"; args = [ "fmt" "--stdin" x ]; };
# formatter = { command = "prettier"; args = [ "--parser" "typescript" ]; };
- }) [ "typescript" "javascript" "jsx" "tsx" ])
+ })
+ [
+ "typescript"
+ "javascript"
+ "jsx"
+ "tsx"
+ ]
+ )
{
name = "nix";
- formatter = { command = "nixpkgs-fmt"; };
+ formatter = {
+ command = "nixpkgs-fmt";
+ };
}
{
name = "python";
- language-servers = [ "pyright" "ruff" ];
+ language-servers = [
+ "pyright"
+ "ruff"
+ ];
}
{
name = "c-sharp";
language-servers = [ "csharp" ];
- formatter = { command = "dotnet"; args = [ "csharpier" ]; };
+ formatter = {
+ command = "dotnet";
+ args = [ "csharpier" ];
+ };
}
];
diff --git a/instances/ds9/services/woodpecker.nix b/instances/ds9/services/woodpecker.nix
index 99f347db..2c052e8a 100644
--- a/instances/ds9/services/woodpecker.nix
+++ b/instances/ds9/services/woodpecker.nix
@@ -52,7 +52,7 @@
WOODPECKER_SERVER = "[::1]:19000";
WOODPECKER_BACKEND = "docker";
WOODPECKER_MAX_WORKFLOWS = 4;
- DOCKER_HOST = "unix:///run/podman/podman.sock";
+ DOCKER_HOST = "unix:///run/podman/podman.sock"; # the woodpecker can have a little podman. as a treat
};
environmentFile = [
config.sops.secrets."woodpecker/agent_secret".path
diff --git a/instances/theseus/configuration.nix b/instances/theseus/configuration.nix
index 6b2b138c..f8067c29 100644
--- a/instances/theseus/configuration.nix
+++ b/instances/theseus/configuration.nix
@@ -15,7 +15,10 @@ in
nixpkgs.system = "x86_64-linux";
imports = [ ./hardware-configuration.nix ];
boot.binfmt.emulatedSystems = [ "aarch64-linux" ];
- services.fido2-hid-bridge.enable = true;
+
+ # TODO: remove when turning on impermanence
+ sops.gnupg.sshKeyPaths = [ "/etc/ssh/ssh_host_rsa_key" ];
+
home-manager.users.${config.xyno.system.user.name} = (
{ ... }:
{
@@ -25,8 +28,6 @@ in
nixpkgs.config.permittedInsecurePackages = [
"olm-3.2.16"
];
- services.vsmartcard-vpcd.enable = true;
- hardware.gpgSmartcards.enable = true;
networking.firewall.interfaces."tailscale0".allowedTCPPorts = [ 35963 ];
security.wrappers.unfuck-wifi = {
owner = "root";
@@ -47,7 +48,7 @@ in
pandoc
tectonic
rquickshare
- supersonic
+ supersonic-wayland
nheko
anki-bin
gimp3
@@ -59,10 +60,15 @@ in
pencil2d
python311Packages.brother-ql
ptouch-print
+ hledger
];
+ environment.variables."LEDGER_FILE" = "~/docs/hledger/main.journal";
time.timeZone = "Europe/Berlin";
+
+
+ # orcaslicer
networking.firewall.allowedTCPPorts = [
1880
2021
@@ -77,6 +83,7 @@ in
xyno.common.enable = true;
xyno.desktop.common-programs.enable = true;
xyno.hardware.kmonad.enable = true;
+ xyno.hardware.smartcard.enable = true;
xyno.presets.cli.enable = true;
xyno.presets.gui.enable = true;
xyno.presets.development.enable = true;
diff --git a/instances/theseus/default.nix b/instances/theseus/default.nix
index eec9edd0..9a769c61 100644
--- a/instances/theseus/default.nix
+++ b/instances/theseus/default.nix
@@ -1,6 +1,7 @@
{
modules = [ ./configuration.nix ];
hostName = "theseus";
+ sopsKey = "4019fd893bba15618c2f93a38ef418ce360bc418";
wg = {
pubKey = "";
};
diff --git a/instances/theseus/hardware-configuration.nix b/instances/theseus/hardware-configuration.nix
index 100ae330..8f595bdc 100644
--- a/instances/theseus/hardware-configuration.nix
+++ b/instances/theseus/hardware-configuration.nix
@@ -60,9 +60,11 @@
];
};
- swapDevices = [
- { device = "/dev/disk/by-uuid/96c380b3-4498-4eb8-8a18-5eebe2a41428"; }
- ];
+ # swapDevices = [
+ # { device = "/dev/disk/by-uuid/96c380b3-4498-4eb8-8a18-5eebe2a41428"; }
+ # ];
+ zramSwap.enable = true;
+ zramSwap.writebackDevice = "/dev/disk/by-uuid/96c380b3-4498-4eb8-8a18-5eebe2a41428";
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's
diff --git a/modules/cli/fish.nix b/modules/cli/fish.nix
index d9c3105c..429bfc76 100644
--- a/modules/cli/fish.nix
+++ b/modules/cli/fish.nix
@@ -13,7 +13,7 @@ in
programs.bash = {
# auto spawn fish if interactive
interactiveShellInit = ''
- if [[ $(${pkgs.procps}/bin/ps --no-header --pid=$PPID --format=comm) != "fish" && -z ''${BASH_EXECUTION_STRING} ]]
+ if [[ ($(${pkgs.procps}/bin/ps --no-header --pid=$PPID --format=comm) != "fish" && -z ''${BASH_EXECUTION_STRING}) || -n "$IN_NIX_SHELL" ]]
then
shopt -q login_shell && LOGIN_OPTION='--login' || LOGIN_OPTION=""
exec ${pkgs.fish}/bin/fish $LOGIN_OPTION
@@ -26,8 +26,11 @@ in
fzf # needed for reverse history search
];
programs.direnv.enableFishIntegration = true;
+ programs.fish.generateCompletions = true;
programs.fish.interactiveShellInit = ''
set -g fish_key_bindings fish_vi_key_bindings
+ function fish_greeting
+ end
function y
set tmp (mktemp -t "yazi-cwd.XXXXXX")
yazi $argv --cwd-file="$tmp"
diff --git a/modules/cli/tmux.nix b/modules/cli/tmux.nix
index a41315f3..2423624e 100644
--- a/modules/cli/tmux.nix
+++ b/modules/cli/tmux.nix
@@ -17,15 +17,17 @@ in
historyLimit = 10000;
plugins = with pkgs.tmuxPlugins; [
vim-tmux-navigator
+ gruvbox
];
+ escapeTime = 0;
+ terminal = "tmux-256color";
+ # newSession = true;
extraConfig = ''
- set -sg escape-time 0 # makes vim esc usable
new-session -s main
bind-key -n C-e send-prefix
bind '"' split-window -c "#{pane_current_path}"
bind % split-window -h -c "#{pane_current_path}"
bind c new-window -c "#{pane_current_path}"
- # set-option -g default-terminal "tmux-256color"
# set -as terminal-overrides ',xterm*:Tc:sitm=\E[3m'
'';
};
diff --git a/modules/desktop/foot.nix b/modules/desktop/foot.nix
index 43e9d2a6..26835538 100644
--- a/modules/desktop/foot.nix
+++ b/modules/desktop/foot.nix
@@ -29,7 +29,8 @@ in
theme = "gruvbox-dark";
settings = {
main = {
- font = "JetBrainsMono Nerd Font:size=11";
+ font = "JetBrainsMono Nerd Font:size=11, Noto Color Emoji:size=10";
+ term = "foot";
};
scrollback = {
lines = 100000;
diff --git a/modules/desktop/niri.nix b/modules/desktop/niri.nix
index 4c0174c8..fd4115fd 100644
--- a/modules/desktop/niri.nix
+++ b/modules/desktop/niri.nix
@@ -102,8 +102,9 @@ in
binds {
Mod+D { spawn "${cfg.launcher}"; }
Mod+Alt+L { spawn "lock"; }
- Mod+T { spawn "${cfg.term}"; }
- Mod+Y { spawn "${cfg.term}" "--app-id" "floating-alacritty" "yazi"; }
+ Mod+T { spawn "${cfg.term}" "tmux" "new-session" "-t" "main"; }
+ Mod+Shift+T { spawn "${cfg.term}"; }
+ Mod+Y { spawn "${cfg.term}" "--app-id" "floating-alacritty" "-W" "120x37" "yazi"; }
Mod+P { spawn "keepassxc"; }
Mod+S { spawn "qalculate-qt"; }
Mod+Shift+N { spawn "makoctl" "dismiss" "-a"; }
@@ -417,7 +418,7 @@ in
keyboard {
xkb {
layout "eu"
- // options "compose:lalt"
+ options "compose:caps,mod_led:compose"
}
}
touchpad {
diff --git a/modules/desktop/waybar.nix b/modules/desktop/waybar.nix
deleted file mode 100644
index ff59deb3..00000000
--- a/modules/desktop/waybar.nix
+++ /dev/null
@@ -1,451 +0,0 @@
-{
- pkgs,
- config,
- lib,
- ...
-}:
-let
- cfg = config.xyno.desktop.waybar;
- json = pkgs.formats.json { };
- waybarCfg = {
- layer = "top";
- position = "top";
- height = 20;
- modules-left =
- (lib.optionals (cfg.mode == "river") [
- "river/tags"
- "river/layout"
- "river/window"
- ])
- ++ (lib.optionals (cfg.mode == "niri") [
- "niri/workspaces"
- "niri/window"
- ]);
- modules-right = [
- "tray"
- "idle_inhibitor"
- "wireplumber"
- "battery"
- "power-profiles-daemon"
- "backlight"
- "temperature"
- "cpu"
- "memory"
- "disk"
- "network"
- "clock"
- ];
- "power-profiles-daemon" = {
- format = "{icon} ";
- tooltip-format = "Power profile: {profile}\nDriver: {driver}";
- tooltip = true;
- format-icons = {
- "default" = "";
- "performance" = "";
- "balanced" = "";
- "power-saver" = "";
- };
- };
- "river/window" = {
- max-length = 40;
- };
- "niri/window" = {
- max-length = 80;
- };
- wireplumber = {
- "format" = "{icon} {volume:.2f} dB";
- "format-muted" = " -inf dB";
- # "on-click" = "${pkgs.pwvucontrol}/bin/pwvucontrol";
- "on-click" = "${pkgs.pavucontrol}/bin/pavucontrol";
- "on-click-right" = "${pkgs.wireplumber}/bin/wpctl set-mute @DEFAULT_AUDIO_SINK@ toggle";
- "on-scroll-up" = "${pkgs.wireplumber}/bin/wpctl set-volume @DEFAULT_AUDIO_SINK@ -l 1 1%+";
- "on-scroll-down" = "${pkgs.wireplumber}/bin/wpctl set-volume @DEFAULT_AUDIO_SINK@ -l 1 1%-";
- "format-icons" = [
- ""
- ""
- ""
- ];
- };
- "backlight" = {
- "device" = "amdgpu_bl1";
- "format" = "{icon} {percent}%";
- "format-icons" = [
- ""
- ""
- ""
- ""
- ""
- ""
- ""
- ];
- "on-scroll-up" = "${pkgs.light}/bin/light -A 5";
- "on-scroll-down" = "${pkgs.light}/bin/light -U 5";
- };
- "idle_inhibitor" = {
- format = "{icon} ";
- format-icons = {
- "activated" = "";
- "deactivated" = "";
- };
- };
- battery = {
- "states" = {
- "warning" = 30;
- "critical" = 15;
- };
- "format" = "{icon} {capacity}%";
- "format-icons" = [
- ""
- ""
- ""
- ""
- ""
- ];
- "tooltip-format" = "Capacity: {capacity}%\nPower Draw: {power:0.2f}W\n{timeTo}\nCycles: {cycles}";
- "max-length" = 25;
- };
- "cpu" = {
- "interval" = 10;
- "format" = " {:0.0f}%";
- "max-length" = 10;
- };
- "temperature" = {
- "format" = " {temperatureC}°C";
- };
- memory = {
- interval = 30;
- format = " {used:0.0f}/{total:0.0f}GB";
- };
- clock = {
- interval = 1;
- format = "{:%a %Y-%m-%dT%H:%M:%S%z}";
- "tooltip-format" = "{calendar}";
- "calendar" = {
- "mode" = "year";
- "mode-mon-col" = 3;
- "weeks-pos" = "right";
- "on-scroll" = 1;
- "format" = {
- "months" = "{}";
- "days" = "{}";
- "weeks" = "W{}";
- "weekdays" = "{}";
- "today" = "{}";
- };
- };
- "actions" = {
- "on-click-right" = "mode";
- "on-scroll-up" = "shift_up";
- "on-scroll-down" = "shift_down";
- };
- };
- disk = {
- format = " {specific_used:0.1f}/{specific_total:0.1f}TB";
- unit = "TB";
- path = "/";
- };
- "network" = {
- "on-click" =
- "${pkgs.alacritty}/bin/alacritty --class floating-alacritty -e ${pkgs.impala}/bin/impala";
- "format" = "{ifname}";
- "format-wifi" = " {essid}";
- "format-ethernet" = " {ifname}";
- "format-disconnected" = " ";
- "tooltip-format" = "{ifname} via {gwaddr}\n{ipaddr}/{cidr}";
- "tooltip-format-wifi" = "{essid} ({signaldBm} dBm) {frequency} GHz\n{ipaddr}/{cidr}";
- "tooltip-format-ethernet" = "{ifname}\n{ipaddr}/{cidr}";
- "tooltip-format-disconnected" = "Disconnected";
- "max-length" = 50;
- };
- };
- waybarCfgFile = json.generate "waybar-config.json" waybarCfg;
- waybarStyleCss = ''
-
- * {
- /* `otf-font-awesome` is required to be installed for icons */
- font-family: "Source Sans 3";
- font-size: 11px;
- }
-
-
- window#waybar {
- color: #a89984;
- background-color: #1d2021;
- }
-
- window#waybar.hidden {
- opacity: 0.2;
- }
-
- /*
- window#waybar.empty {
- background-color: transparent;
- }
- window#waybar.solo {
- background-color: #FFFFFF;
- }
- */
-
- /*window#waybar.termite {
- background-color: #3F3F3F;
- }
-
- window#waybar.chromium {
- background-color: #000000;
- border: none;
- }*/
-
- #workspaces button {
- padding: 0 2px;
- background-color: #1d2021;
- color: #ebdbb2;
- /* Use box-shadow instead of border so the text isn't offset */
- box-shadow: inset 0 -3px transparent;
- /* Avoid rounded borders under each workspace name */
- border: none;
- border-radius: 0;
- }
-
- /* https://github.com/Alexays/Waybar/wiki/FAQ#the-workspace-buttons-have-a-strange-hover-effect */
- #workspaces button:hover {
- background: rgba(0, 0, 0, 0.2);
- /* box-shadow: inset 0 -3px #fbf1c7;
- */
- background-color: #3c3836;
- }
-
- #workspaces button.focused {
- /* box-shadow: inset 0 -3px #fbf1c7;
- */
- background-color: #3c3836;
- color: #ebdbb2;
- }
-
- #workspaces button.occupied {
- color: #d3869b;
- }
- #workspaces button.urgent {
- background-color: #cc241d;
- color: #ebdbb2;
- }
-
- #mode {
- background-color: #64727D;
- border-bottom: 3px solid #fbf1c7;
- }
-
- #clock,
- #battery,
- #cpu,
- #memory,
- #disk,
- #temperature,
- #backlight,
- #network,
- #pulseaudio,
- #custom-media,
- #tray,
- #mode,
- #idle_inhibitor,
- #custom-poweroff,
- #custom-suspend,
- #mpd {
- padding: 0 2px;
- background-color: #1d2021;
- color: #ebdbb2;
- }
-
- #window,
- #workspaces,
- #tags {
- margin: 0 2px;
- }
-
- /* If workspaces is the leftmost module, omit left margin */
- .modules-left > widget:first-child > #workspaces {
- margin-left: 0;
- }
-
- /* If workspaces is the rightmost module, omit right margin */
- .modules-right > widget:last-child > #workspaces {
- margin-right: 0;
- }
-
-
- #battery {
- color: #d3869b;
- }
-
- #battery.charging, #battery.plugged {
- color: #98971a;
- }
-
- @keyframes blink {
- to {
- background-color: #fbf1c7;
- color: #df3f71;
- }
- }
-
- #battery.critical:not(.charging) {
- background-color: #1d2021;
- color: #d3869b;
- animation-name: blink;
- animation-duration: 0.5s;
- animation-timing-function: linear;
- animation-iteration-count: infinite;
- animation-direction: alternate;
- }
-
- label:focus {
- background-color: #000000;
- }
-
- #backlight {
- color: #458588;
- }
-
- #temperature {
- color: #fabd2f;
- }
-
- #temperature.critical {
- background-color: #fbf1c7;
- color: #b57614;
- }
-
- #memory {
- color: #FCF434; /* enby yellow */
- }
- #disk {
- color: #FFFFFF; /* enby white */
- }
- #network {
- color: #b8bb26; /* enby green */
- }
- #clock {
- color: #9C59D1; /* enby purple */
- /*color: #2C2C2C; enby black */
- }
-
-
- #network.disconnected {
- background-color: #fbf1c7;
- color: #9d0006;
- }
-
-
- #wireplumber {
- color: #fe8019;
- }
-
- #tray {
- }
-
- #tray > .needs-attention {
- background-color: #fbf1c7;
- color: #3c3836;
- }
-
- #idle_inhibitor {
- background-color: #1d2021;
- color: #ebdbb2;
- }
-
- #idle_inhibitor.activated {
- background-color: #fbf1c7;
- color: #3c3836;
- }
-
- #custom-media {
- background-color: #66cc99;
- color: #2a5c45;
- min-width: 100px;
- }
-
- #custom-media.custom-spotify {
- background-color: #66cc99;
- }
-
- #custom-media.custom-vlc {
- background-color: #ffa000;
- }
-
- #mpd {
- background-color: #66cc99;
- color: #2a5c45;
- }
-
- #mpd.disconnected {
- background-color: #f53c3c;
- }
-
- #mpd.stopped {
- background-color: #90b1b1;
- }
-
- #mpd.paused {
- background-color: #51a37a;
- }
-
- #language {
- background: #00b093;
- color: #740864;
- padding: 0 5px;
- margin: 0 5px;
- min-width: 16px;
- }
-
- #keyboard-state {
- background: #97e1ad;
- color: #000000;
- padding: 0 0px;
- margin: 0 5px;
- min-width: 16px;
- }
-
- #keyboard-state > label {
- padding: 0 5px;
- }
-
- #keyboard-state > label.locked {
- background: rgba(0, 0, 0, 0.2);
- }
- '';
- waybarCssFile = pkgs.writeText "waybar.css" waybarStyleCss;
-
-in
-{
- options.xyno.desktop.waybar.enable = lib.mkEnableOption "enable mako notification daemon";
- options.xyno.desktop.waybar.wantedBy = lib.mkOption {
- type = lib.types.str;
- default = "niri.service";
- };
- options.xyno.desktop.waybar.package = lib.mkOption {
- type = lib.types.package;
- default = pkgs.unstable.waybar;
- };
- options.xyno.desktop.waybar.mode = lib.mkOption {
- type = lib.types.str;
- default = "niri";
- };
- config = lib.mkIf cfg.enable {
- programs.waybar.enable = true;
- programs.waybar.package = cfg.package.overrideAttrs (super: {
- # version = super.version + "-patched";
- patches = [
- ./waybar-wireplumber-db.patch
- ];
- });
- programs.light.enable = true;
-
- systemd.user.services.waybar.wantedBy = lib.mkForce [ cfg.wantedBy ];
- systemd.user.services.waybar.restartTriggers = [
- waybarCfgFile
- waybarCssFile
- ];
- environment.etc."xdg/waybar/config".source = waybarCfgFile;
- environment.etc."xdg/waybar/style.css".source = waybarCssFile;
-
- };
-}
diff --git a/modules/desktop/waybar/cal.nix b/modules/desktop/waybar/cal.nix
new file mode 100644
index 00000000..1c854ef9
--- /dev/null
+++ b/modules/desktop/waybar/cal.nix
@@ -0,0 +1,93 @@
+{
+ pkgs,
+ config,
+ lib,
+ ...
+}:
+with lib;
+let
+ calwatcher =
+ (pkgs.writeShellApplication {
+ name = "calwatcher";
+ runtimeInputs = [
+ pkgs.inotify-tools
+ pkgs.khal
+ pkgs.jq
+ ];
+ text = ''
+ # in parts ripped from https://git.sr.ht/~whynothugo/dotfiles/tree/3768ec57/item/home/.local/lib/waybar-khal
+ render() {
+ # Find events starting in two minutes.
+ # So if my current event ends in two minutes and another one starts, the
+ # widget is already updated with what's upcoming.
+ SINCE="$(date -d 'now +2 min' '+%FT%H:%M:%S')"
+ UNTIL="1d"
+
+ EVENT="$(
+ khal list "$SINCE" "$UNTIL" \
+ --day-format 'SKIPME' \
+ --format "{start-end-time-style} {title:.31}{repeat-symbol}" |
+ grep -v SKIPME | # filter out headers
+ grep -v -P '↦|↔ |⇥' | # filter out continuing all day events
+ grep -v '^ ' | # exclude full-day events
+ head -n 1 # show just the first
+ )"
+
+ if [ -z "$EVENT" ]; then
+ TEXT=" (nothing upcoming)"
+ CLASS="no-event"
+ else
+ TEXT=" $EVENT"
+ CLASS="event"
+ fi
+
+ jq --compact-output \
+ --null-input \
+ --arg text "$TEXT" \
+ --arg class "$CLASS" \
+ --arg tooltip "$(khal list today 7d --day-format '{name} {date-long}')" \
+ '{"text": $text, "class": $class, "tooltip": $tooltip}'
+ }
+
+ render # Render once for initial state.
+
+ # In order to make sure events are updated as time passes, this re-renderes
+ # every two minutes. That aside, whenever a calendar event changes, we alreays
+ # re-render immediately.
+ #
+ # It would be ideal to determine _when_ the current event ends, and set the
+ # timeout accordinly. That would require parsing khal's output a bit more.
+ while true; do
+ (inotifywait \
+ --event modify \
+ --event create \
+ --event delete \
+ --event close_write \
+ --event moved_to \
+ --event move \
+ --monitor \
+ --timeout 120 \
+ --recursive \
+ "$HOME/.calendars" 2> /dev/null) || true | \
+ while read -r _; do
+ render
+ timeout 3 cat || true # debounce for 3s, https://stackoverflow.com/a/69945839
+ done
+ done
+ '';
+
+ })
+ + "/bin/calwatcher";
+in
+lib.mkIf (config.xyno.user-services.khal.enable) {
+ xyno.desktop.waybar.config = {
+ "custom/cal" = {
+ exec = calwatcher;
+ restart-interval = 5;
+ return-type = "json";
+ "on-click" = "${pkgs.foot}/bin/footclient --app-id floating-alacritty ${pkgs.khal}/bin/ikhal";
+ };
+ modules-right = mkOrder 1999 [ "custom/cal" ]; # left of clock, right of everything else
+ };
+
+}
diff --git a/modules/desktop/waybar/default.nix b/modules/desktop/waybar/default.nix
new file mode 100644
index 00000000..63ed8a19
--- /dev/null
+++ b/modules/desktop/waybar/default.nix
@@ -0,0 +1,250 @@
+{
+ pkgs,
+ config,
+ lib,
+ ...
+}:
+with lib;
+let
+ cfg = config.xyno.desktop.waybar;
+ json = pkgs.formats.json { };
+
+in
+{
+ options.xyno.desktop.waybar.enable = mkEnableOption "enable mako notification daemon";
+ options.xyno.desktop.waybar.wantedBy = mkOption {
+ type = types.str;
+ default = "niri.service";
+ };
+ options.xyno.desktop.waybar.package = mkOption {
+ type = types.package;
+ default = pkgs.unstable.waybar;
+ };
+ options.xyno.desktop.waybar.config = mkOption {
+ type = json.type;
+ default = { modules-left = []; modules-right = []; };
+ };
+ options.xyno.desktop.waybar.style = mkOption {
+ type = types.lines;
+ default = "";
+ };
+ imports = [
+ ./cal.nix
+ ./kmonad.nix
+ ./laptop.nix
+ ./niri.nix
+ ];
+ config = mkIf cfg.enable {
+ programs.waybar.enable = true;
+ programs.waybar.package = cfg.package.overrideAttrs (super: {
+ # version = super.version + "-patched";
+ patches = [
+ ./waybar-wireplumber-db.patch
+ ];
+ });
+
+ systemd.user.services.waybar.wantedBy = mkForce [ cfg.wantedBy ];
+ environment.etc."xdg/waybar/config".source = json.generate "waybar-config.json" cfg.config;
+ environment.etc."xdg/waybar/style.css".source = pkgs.writeText "waybar.css" cfg.style;
+
+ xyno.desktop.waybar.config = {
+ layer = "top";
+ position = "top";
+ height = 20;
+ modules-right = mkMerge [
+ (mkBefore [
+ "tray"
+ "idle_inhibitor"
+ "wireplumber"
+ ])
+ (mkAfter [
+ "temperature"
+ "cpu"
+ "memory"
+ "disk"
+ "network"
+ ])
+ (mkOrder 2000 [ "clock" ])
+ ];
+ wireplumber = {
+ "format" = "{icon} {volume:.2f} dB";
+ "format-muted" = " -inf dB";
+ # "on-click" = "${pkgs.pwvucontrol}/bin/pwvucontrol";
+ "on-click" = "${pkgs.pavucontrol}/bin/pavucontrol";
+ "on-click-right" = "${pkgs.wireplumber}/bin/wpctl set-mute @DEFAULT_AUDIO_SINK@ toggle";
+ "on-scroll-up" = "${pkgs.wireplumber}/bin/wpctl set-volume @DEFAULT_AUDIO_SINK@ -l 1 1%+";
+ "on-scroll-down" = "${pkgs.wireplumber}/bin/wpctl set-volume @DEFAULT_AUDIO_SINK@ -l 1 1%-";
+ "format-icons" = [
+ ""
+ ""
+ ""
+ ];
+ };
+ "idle_inhibitor" = {
+ format = "{icon} ";
+ format-icons = {
+ "activated" = "";
+ "deactivated" = "";
+ };
+ };
+ "cpu" = {
+ "interval" = 10;
+ "format" = " {:0.0f}%";
+ "max-length" = 10;
+ };
+ "temperature" = {
+ "format" = " {temperatureC}°C";
+ };
+ memory = {
+ interval = 30;
+ format = " {used:0.0f}/{total:0.0f}GB";
+ };
+ clock = {
+ interval = 1;
+ format = "{:%a %Y-%m-%dT%H:%M:%S%z}";
+ "tooltip-format" = "{calendar}";
+ "calendar" = {
+ "mode" = "year";
+ "mode-mon-col" = 3;
+ "weeks-pos" = "right";
+ "on-scroll" = 1;
+ "format" = {
+ "months" = "{}";
+ "days" = "{}";
+ "weeks" = "W{}";
+ "weekdays" = "{}";
+ "today" = "{}";
+ };
+ };
+ "actions" = {
+ "on-click-right" = "mode";
+ "on-scroll-up" = "shift_up";
+ "on-scroll-down" = "shift_down";
+ };
+ };
+ disk = {
+ format = " {specific_used:0.1f}/{specific_total:0.1f}TB";
+ unit = "TB";
+ path = "/";
+ };
+ "network" = {
+ "on-click" = "${pkgs.foot}/bin/footclient --app-id floating-alacritty ${pkgs.impala}/bin/impala";
+ "format" = "{ifname}";
+ "format-wifi" = " {essid}";
+ "format-ethernet" = " {ifname}";
+ "format-disconnected" = " ";
+ "tooltip-format" = "{ifname} via {gwaddr}\n{ipaddr}/{cidr}";
+ "tooltip-format-wifi" = "{essid} ({signaldBm} dBm) {frequency} GHz\n{ipaddr}/{cidr}";
+ "tooltip-format-ethernet" = "{ifname}\n{ipaddr}/{cidr}";
+ "tooltip-format-disconnected" = "Disconnected";
+ "max-length" = 50;
+ };
+ };
+ xyno.desktop.waybar.style = ''
+ * {
+ /* `otf-font-awesome` is required to be installed for icons */
+ font-family: "Source Sans 3";
+ font-size: 11px;
+ }
+
+ window#waybar {
+ color: #a89984;
+ background-color: #1d2021;
+ }
+
+ window#waybar.hidden {
+ opacity: 0.2;
+ }
+
+ /*
+ window#waybar.empty {
+ background-color: transparent;
+ }
+ window#waybar.solo {
+ background-color: #FFFFFF;
+ }
+ */
+
+ /*window#waybar.termite {
+ background-color: #3F3F3F;
+ }
+
+ window#waybar.chromium {
+ background-color: #000000;
+ border: none;
+ }*/
+
+ #clock,
+ #battery,
+ #cpu,
+ #memory,
+ #disk,
+ #temperature,
+ #backlight,
+ #network,
+ #pulseaudio,
+ #tray,
+ #mode,
+ #idle_inhibitor,
+ #mpd {
+ padding: 0 2px;
+ background-color: #1d2021;
+ color: #ebdbb2;
+ }
+
+ label:focus {
+ background-color: #000000;
+ }
+
+
+ #temperature {
+ color: #fabd2f;
+ }
+
+ #temperature.critical {
+ background-color: #fbf1c7;
+ color: #b57614;
+ }
+
+ #memory {
+ color: #FCF434; /* enby yellow */
+ }
+ #disk {
+ color: #FFFFFF; /* enby white */
+ }
+ #network {
+ color: #b8bb26; /* enby green */
+ }
+ #clock {
+ color: #9C59D1; /* enby purple */
+ /*color: #2C2C2C; enby black */
+ }
+
+
+ #network.disconnected {
+ background-color: #fbf1c7;
+ color: #9d0006;
+ }
+
+
+ #wireplumber {
+ color: #fe8019;
+ }
+
+ #tray > .needs-attention {
+ background-color: #fbf1c7;
+ color: #3c3836;
+ }
+
+ #idle_inhibitor {
+ background-color: #1d2021;
+ color: #ebdbb2;
+ }
+
+ #idle_inhibitor.activated {
+ background-color: #fbf1c7;
+ color: #3c3836;
+ }
+ '';
+ };
+}
diff --git a/modules/desktop/waybar/kmonad.nix b/modules/desktop/waybar/kmonad.nix
new file mode 100644
index 00000000..607595c6
--- /dev/null
+++ b/modules/desktop/waybar/kmonad.nix
@@ -0,0 +1,35 @@
+{
+ pkgs,
+ config,
+ lib,
+ ...
+}:
+with lib;
+mkIf (config.xyno.hardware.kmonad.enable) {
+ xyno.desktop.waybar.config = {
+ "custom/kmonad" = {
+ exec =
+ (pkgs.writeShellApplication {
+ name = "kmonad-layer-watcher";
+ runtimeInputs = [ pkgs.inotify-tools ];
+ text = ''
+ cat /tmp/kmonad-layer;
+ while inotifywait -qq -e modify /tmp/kmonad-layer; do
+ cat /tmp/kmonad-layer;
+ done
+ '';
+ })
+ + "/bin/kmonad-layer-watcher";
+ restart-interval = 5;
+ };
+ modules-left = mkBefore [ "custom/kmonad" ];
+ };
+ xyno.desktop.waybar.style = ''
+ #custom-kmonad {
+ color: #84929D;
+ margin-left: 4px;
+ border-bottom: 3px solid #fbf1c7;
+ }
+ '';
+
+}
diff --git a/modules/desktop/waybar/laptop.nix b/modules/desktop/waybar/laptop.nix
new file mode 100644
index 00000000..105b8f1b
--- /dev/null
+++ b/modules/desktop/waybar/laptop.nix
@@ -0,0 +1,87 @@
+{
+ pkgs,
+ config,
+ lib,
+ ...
+}:
+lib.mkIf (true) {
+ xyno.desktop.waybar.config = {
+ battery = {
+ "states" = {
+ "warning" = 30;
+ "critical" = 15;
+ };
+ "format" = "{icon} {capacity}%";
+ "format-icons" = [
+ ""
+ ""
+ ""
+ ""
+ ""
+ ];
+ "tooltip-format" = "Capacity: {capacity}%\nPower Draw: {power:0.2f}W\n{timeTo}\nCycles: {cycles}";
+ "max-length" = 25;
+ };
+ backlight = {
+ "device" = "amdgpu_bl1";
+ "format" = "{icon} {percent}%";
+ "format-icons" = [
+ ""
+ ""
+ ""
+ ""
+ ""
+ ""
+ ""
+ ];
+ "on-scroll-up" = "${pkgs.light}/bin/light -A 5";
+ "on-scroll-down" = "${pkgs.light}/bin/light -U 5";
+ };
+ "power-profiles-daemon" = {
+ format = "{icon} ";
+ tooltip-format = "Power profile: {profile}\nDriver: {driver}";
+ tooltip = true;
+ format-icons = {
+ "default" = "";
+ "performance" = "";
+ "balanced" = "";
+ "power-saver" = "";
+ };
+ };
+ modules-right = [
+ "battery"
+ "power-profiles-daemon"
+ "backlight"
+ ];
+ };
+ programs.light.enable = true;
+ xyno.desktop.waybar.style = ''
+ #battery {
+ color: #d3869b;
+ }
+ #battery.critical:not(.charging) {
+ background-color: #1d2021;
+ animation-name: blink;
+ animation-duration: 0.5s;
+ animation-timing-function: linear;
+ animation-iteration-count: infinite;
+ animation-direction: alternate;
+ }
+ @keyframes blink {
+ to {
+ background-color: #fbf1c7;
+ color: #df3f71;
+ }
+ }
+ #battery.critical:not(.charging) {
+ background-color: #1d2021;
+ }
+ #battery.charging, #battery.plugged {
+ color: #98971a;
+ }
+ #backlight {
+ color: #458588;
+ }
+ '';
+
+}
diff --git a/modules/desktop/waybar/niri.nix b/modules/desktop/waybar/niri.nix
new file mode 100644
index 00000000..7e5a725c
--- /dev/null
+++ b/modules/desktop/waybar/niri.nix
@@ -0,0 +1,71 @@
+{
+ pkgs,
+ config,
+ lib,
+ ...
+}:
+with lib;
+mkIf (config.xyno.desktop.niri.enable) {
+ xyno.desktop.waybar.config = {
+ "niri/window" = {
+ max-length = 80;
+ };
+ modules-left = [
+ "niri/workspaces"
+ "niri/window"
+ ];
+ };
+ xyno.desktop.waybar.style = ''
+
+ #window,
+ #workspaces,
+ #tags {
+ margin: 0 2px;
+ }
+
+ /* If workspaces is the leftmost module, omit left margin */
+ .modules-left > widget:first-child > #workspaces {
+ margin-left: 0;
+ }
+
+ /* If workspaces is the rightmost module, omit right margin */
+ .modules-right > widget:last-child > #workspaces {
+ margin-right: 0;
+ }
+ #workspaces button {
+ padding: 0 2px;
+ background-color: #1d2021;
+ color: #ebdbb2;
+ /* Use box-shadow instead of border so the text isn't offset */
+ box-shadow: inset 0 -3px transparent;
+ /* Avoid rounded borders under each workspace name */
+ border: none;
+ border-radius: 0;
+ }
+
+
+ /* https://github.com/Alexays/Waybar/wiki/FAQ#the-workspace-buttons-have-a-strange-hover-effect */
+ #workspaces button:hover {
+ background: rgba(0, 0, 0, 0.2);
+ /* box-shadow: inset 0 -3px #fbf1c7;
+ */
+ background-color: #3c3836;
+ }
+
+ #workspaces button.focused {
+ /* box-shadow: inset 0 -3px #fbf1c7;
+ */
+ background-color: #3c3836;
+ color: #ebdbb2;
+ }
+
+ #workspaces button.occupied {
+ color: #d3869b;
+ }
+ #workspaces button.urgent {
+ background-color: #cc241d;
+ color: #ebdbb2;
+ }
+ '';
+
+}
diff --git a/modules/desktop/waybar-wireplumber-db.patch b/modules/desktop/waybar/waybar-wireplumber-db.patch
similarity index 100%
rename from modules/desktop/waybar-wireplumber-db.patch
rename to modules/desktop/waybar/waybar-wireplumber-db.patch
diff --git a/modules/hardware/kmonad.nix b/modules/hardware/kmonad.nix
index 7bf65015..f23347e6 100644
--- a/modules/hardware/kmonad.nix
+++ b/modules/hardware/kmonad.nix
@@ -10,8 +10,10 @@ in
{
options.xyno.hardware.kmonad.enable = lib.mkEnableOption "kmonad with xynos brain damage";
config = lib.mkIf cfg.enable {
+
services.kmonad = {
enable = true;
+ extraArgs = [ "-c" ];
keyboards = {
krane = {
device = "/dev/input/by-id/usb-Google_Inc._Hammer_440041001157415636313920-event-kbd";
@@ -20,6 +22,7 @@ in
builtin = {
device = "/dev/input/by-path/platform-i8042-serio-0-event-kbd";
config = builtins.readFile ./kmonad/builtin.kbd;
+
};
k70-office = {
device = "/dev/input/by-id/usb-Corsair_CORSAIR_K70_CORE_RGB_TKL_Mechanical_Gaming_Keyboard_599A4D472DCAC05584072AFB922E3BFB-event-kbd";
diff --git a/modules/hardware/kmonad/builtin.kbd b/modules/hardware/kmonad/builtin.kbd
index 3e8fec05..86d7807d 100644
--- a/modules/hardware/kmonad/builtin.kbd
+++ b/modules/hardware/kmonad/builtin.kbd
@@ -23,67 +23,26 @@
lsft 102d z x c v b n m , . / rsft
lctl lmet lalt spc ralt rmet cmp rctl
)
-
-(defalias
- ext (layer-toggle extend) ;; Bind 'ext' to the Extend Layer
-)
(defalias
- cpy C-c
- pst C-v
- cut C-x
- udo C-z
- all C-a
- fnd C-f
- bk Back
- fw Forward
-)
-(defalias
- num (layer-toggle num)
+ qwerty-enter (tap-macro (cmd-button "echo qwerty > /tmp/kmonad-layer") (layer-switch qwerty))
+ qwerty-exit (tap-macro (cmd-button "echo colemak > /tmp/kmonad-layer") (layer-switch colemak-dh))
)
(deflayer colemak-dh
- esc f1 f2 f3 f4 f5 f6 f7 f8 f9 f10 f11 f12
+ caps f1 f2 f3 f4 f5 f6 f7 f8 f9 f10 f11 f12
grv 1 2 3 4 5 6 7 8 9 0 - = bspc
tab q w f p b j l u y ; [ ]
esc (tap-hold-next-release 200 a lctrl) (tap-hold-next-release 200 r ralt) (tap-hold-next-release 200 s lmet) t g m n (tap-hold-next-release 200 e rmet) (tap-hold-next-release 200 i lalt) (tap-hold-next-release 200 o rctrl) ' \\ ret
lsft z x c d v 102d k h , . / rsft
- lctl lmet lalt spc ralt rmet _ _
-)
-(deflayer num
- esc f1 f2 f3 f4 f5 f6 f7 f8 f9 f10 f11 f12
- grv 1 2 3 4 5 6 7 8 9 0 - = bspc
- tab q w f p b j l u y ; [ ]
- esc 1 2 3 4 5 6 7 8 9 0 ' \\ ret
- lsft z x c d v 102d k h , . / rsft
- lctl lmet lalt spc ralt rmet _ _
+ lctl lmet lalt spc ralt _ @qwerty-enter @qwerty-enter
)
-(deflayer colemak-dhk
+(deflayer qwerty
esc f1 f2 f3 f4 f5 f6 f7 f8 f9 f10 f11 f12
- grv 1 2 3 4 5 6 7 8 9 0 - = bspc
- tab q w f p b j l u y ; [ ]
- @ext a r s t g k n e i o ' \\ ret
- lsft z x c d v 102d m h , . / rsft
- lctl lmet lalt spc ralt rmet _ _
+ grv 1 2 3 4 5 6 7 8 9 0 - = bspc
+ tab q w e r t y u i o p [ ]
+ caps a s d f g h j k l ; ' \ ret
+ lsft 102d z x c v b n m , . / rsft
+ lctl lmet lalt spc ralt rmet @qwerty-exit @qwerty-exit
)
-
-(deflayer extend
- _ play rewind previoussong nextsong ejectcd refresh brdn brup www mail prog1 prog2
- _ f1 f2 f3 f4 f5 f6 f7 f8 f9 f10 f11 f12 _
- _ esc @bk @fnd @fw ins pgup home up end menu prnt slck
- _ lalt lmet lsft lctl ralt pgdn lft down rght del caps _ _
- _ @udo @cut @cpy tab @pst _ pgdn bks lsft lctl comp _
- _ _ _ ret _ _ _ _
-)
-
-
-(deflayer empty
- _ _ _ _ _ _ _ _ _ _ _ _ _
- _ _ _ _ _ _ _ _ _ _ _ _ _ _
- _ _ _ _ _ _ _ _ _ _ _ _ _
- _ _ _ _ _ _ _ _ _ _ _ _ _ _
- _ _ _ _ _ _ _ _ _ _ _ _ _
- _ _ _ _ _ _ _ _
-)
-
diff --git a/modules/hardware/smartcard.nix b/modules/hardware/smartcard.nix
new file mode 100644
index 00000000..fa528252
--- /dev/null
+++ b/modules/hardware/smartcard.nix
@@ -0,0 +1,20 @@
+{
+ pkgs,
+ lib,
+ config,
+ ...
+}:
+let
+ cfg = config.xyno.hardware.smartcard;
+in
+{
+ options.xyno.hardware.smartcard.enable =
+ lib.mkEnableOption "enable stuff needed for smartcards to work right";
+ config = lib.mkIf cfg.enable {
+ services.vsmartcard-vpcd.enable = true;
+ hardware.gpgSmartcards.enable = true;
+ services.fido2-hid-bridge.enable = true;
+ services.pcscd.enable = true;
+ };
+
+}
diff --git a/modules/module-list.nix b/modules/module-list.nix
index e4f19646..1faedaaa 100644
--- a/modules/module-list.nix
+++ b/modules/module-list.nix
@@ -1,6 +1,7 @@
[
./cli/fish.nix
./cli/starship.nix
+ ./cli/tmux.nix
./desktop/audio.nix
./desktop/common-programs.nix
./desktop/easyeffects.nix
@@ -11,9 +12,10 @@
./desktop/niri.nix
./desktop/shikane.nix
./desktop/swayidle.nix
- ./desktop/waybar.nix
+ ./desktop/waybar
./desktop/wpaperd.nix
./hardware/kmonad.nix
+ ./hardware/smartcard.nix
./networking/networkd.nix
./presets/cli.nix
./presets/common.nix
@@ -27,6 +29,7 @@
./services/wireguard.nix
./system/impermanence.nix
./system/user.nix
+ ./user-services/khal.nix
./user-services/syncthing.nix
./to-upstream/fido2-hid-bridge.nix
]
diff --git a/modules/presets/cli.nix b/modules/presets/cli.nix
index 2a683663..e737f20e 100644
--- a/modules/presets/cli.nix
+++ b/modules/presets/cli.nix
@@ -24,6 +24,7 @@ in
xyno.cli.fish.enable = true;
xyno.cli.starship.enable = true;
+ xyno.cli.tmux.enable = true;
security.sudo.enable = false;
i18n.defaultLocale = "en_US.UTF-8";
@@ -71,10 +72,32 @@ in
# https://github.com/NixOS/nixpkgs/issues/361592 needed for run0
security.pam.services.systemd-run0 = { };
- programs.tmux.enable = true;
programs.yazi = {
enable = true;
+ initLua = pkgs.writeText "yazi-init.lua" ''
+ function Linemode:size_and_mtime()
+ local time = math.floor(self._file.cha.mtime or 0)
+ if time == 0 then
+ time = ""
+ elseif os.date("%Y", time) == os.date("%Y") then
+ time = os.date("%b %d %H:%M", time)
+ else
+ time = os.date("%b %d %Y", time)
+ end
+
+ local size = self._file:size()
+ return string.format("%s %s", size and ya.readable_size(size) or "-", time)
+ end
+ '';
+ settings.yazi = {
+ mgr = {
+ sort_by = "mtime";
+ linemode = "size_and_mtime";
+ sort_reverse = true;
+ sort_dir_first = true;
+ };
+ };
};
services.pcscd.enable = true;
@@ -92,6 +115,7 @@ in
bottom
curl
croc
+ comma
dig
fd
ffmpeg
@@ -110,7 +134,8 @@ in
pv
ripgrep
w3m
- yt-dlp
+ unstable.yt-dlp
+ gallery-dl
p7zip
ncdu
];
@@ -121,7 +146,7 @@ in
environment.shellAliases = {
l = "ls -alh";
- n = "yazi";
+ n = "y";
gc = "git commit -v";
gpl = "git pull";
gd = "git diff";
diff --git a/modules/presets/development.nix b/modules/presets/development.nix
index c06f739d..fcd46abe 100644
--- a/modules/presets/development.nix
+++ b/modules/presets/development.nix
@@ -25,7 +25,7 @@ in
virtualisation.podman.enable = true;
environment.systemPackages = with pkgs; [
- unstable.jetbrains.rider
+ jetbrains.rider
# android-studio
nixpkgs-manual
nixpkgs-manual.lib-docs
diff --git a/modules/presets/gui.nix b/modules/presets/gui.nix
index 69c4e8de..a1f2f65d 100644
--- a/modules/presets/gui.nix
+++ b/modules/presets/gui.nix
@@ -22,6 +22,7 @@ in
];
xyno.desktop.niri.enable = true;
xyno.desktop.audio.enable = mkDefault true;
+ xyno.user-services.khal.enable = true;
boot.kernelPackages = mkDefault pkgs.linuxPackages_zen;
security.soteria.enable = true;
security.rtkit.enable = true;
@@ -44,7 +45,7 @@ in
};
programs.yazi = {
- settings.keymap.manager.prepend_keymap = [
+ settings.keymap.mgr.prepend_keymap = [
{
on = "y";
run = [
diff --git a/modules/user-services/khal.nix b/modules/user-services/khal.nix
new file mode 100644
index 00000000..d6118646
--- /dev/null
+++ b/modules/user-services/khal.nix
@@ -0,0 +1,63 @@
+{
+ pkgs,
+ config,
+ lib,
+ ...
+}:
+let
+ cfg = config.xyno.user-services.khal;
+in
+{
+ options.xyno.user-services.khal.enable = lib.mkEnableOption "enable khal and vdirsyncer";
+ options.xyno.user-services.khal.wantedBy = lib.mkOption {
+ type = lib.types.str;
+ default = "niri.service";
+ };
+ config = lib.mkIf cfg.enable {
+ environment.systemPackages = [
+ pkgs.khal
+ pkgs.vdirsyncer
+ ];
+ systemd.packages = [ pkgs.vdirsyncer ];
+ environment.etc."xdg/khal/config".text = ''
+ [locale]
+ weeknumbers = right
+ timeformat = "%H:%M"
+ longdatetimeformat = "%Y-%m-%dT%H:%M:%S"
+ datetimeformat = "%Y-%m-%dT%H:%M:%S"
+ dateformat = "%Y-%m-%d"
+ longdateformat = "%Y-%m-%d"
+ [calendars]
+ [[calendars]]
+ path = ~/.calendars/*
+ type = discover
+ '';
+ systemd.user.services.vdirsyncer = {
+ environment.VDIRSYNCER_CONFIG = config.sops.secrets."vdirsyncer".path;
+ unitConfig = {
+ After = "network-online.target";
+ Wants = "network-online.target";
+ };
+ serviceConfig = {
+ Type = "oneshot";
+ };
+ script = ''
+ ${pkgs.vdirsyncer}/bin/vdirsyncer metasync
+ ${pkgs.vdirsyncer}/bin/vdirsyncer sync
+ '';
+ };
+ systemd.user.timers.vdirsyncer = {
+ wantedBy = [ cfg.wantedBy "timers.target" ];
+ timerConfig = {
+ OnCalendar = "*:0/15:00";
+ Unit = "vdirsyncer.service";
+ };
+ };
+ environment.sessionVariables.VDIRSYNCER_CONFIG = config.sops.secrets."vdirsyncer".path;
+ sops.secrets."vdirsyncer" = {
+ sopsFile = ../../secrets/desktop/calendar.yaml;
+ group = "users";
+ owner = config.xyno.system.user.name;
+ };
+ };
+}
diff --git a/overlays/default.nix b/overlays/default.nix
index 136bedbf..8391833c 100644
--- a/overlays/default.nix
+++ b/overlays/default.nix
@@ -8,7 +8,7 @@ inputs: self: super: {
nheko = super.nheko.overrideAttrs (old: {
version = "git-${builtins.substring 0 8 inputs.nheko.rev}-patched";
src = inputs.nheko;
- patches = (old.patches or [ ]) ++ [
+ patches = [
(self.fetchpatch2 {
url = "https://github.com/Nheko-Reborn/nheko/pull/1838/commits/c9f1a449d825d5879735f95ebfb0c7acec101226.patch";
hash = "sha256-RhyP8HrGtT6gYMc9mI4I8snrHCN8f0YYzFbAoMKweyc=";
@@ -28,4 +28,15 @@ inputs: self: super: {
python-uhid = super.callPackage ../packages/uhid.nix {};
caddy-desec = super.callPackage ../packages/caddy-desec.nix {};
+ # todo: remove on next supersonic release
+ supersonic-wayland = super.supersonic-wayland.overrideAttrs (old: {
+ patches = (if old?patches then old.patches else []) ++ [
+ (self.fetchpatch2 {
+ url = "https://github.com/dweymouth/supersonic/commit/ee742cf34ef7225d345c16354d9c21d72a41bf4a.patch";
+ hash = "sha256-kSeEbzrfJ4Pe8JC4rIWlSmADOcjrCRBNWlcO8VfVnn4=";
+ })
+ ];
+ vendorHash = "sha256-Sh3PxRwb6ElSeWzdvIQ+nD9VVGlpUDwxG7nAoGWPTRQ=";
+ });
+
}
diff --git a/secrets/desktop/calendar.yaml b/secrets/desktop/calendar.yaml
new file mode 100644
index 00000000..aa6acbba
--- /dev/null
+++ b/secrets/desktop/calendar.yaml
@@ -0,0 +1,40 @@
+vdirsyncer: ENC[AES256_GCM,data:4UoJJ86MMYWiwdQTcpgTayVMkASjrXCZgQHfm9m1OMEmHvOLhejlp6snz+nD0D8W1uA30KQPVRzP2ICtEgetOm70KaMXQkk22qtzCxkPZcZNk62K7zT7AB84CPfdwJNXEFw9d4SXQvvhyL1DEyp//yPs9oYiRtENwaPDWTw1FZkJpw85jniPGrUGekDNao/4TGxFLH6AWoYVmXokRlfFwee7BwG/5+5A16+IFk3Le2VhGlLAqz74DaJcC3k6q7HM1vx51IV/aZX5KszVOfFnmQgNKieV1zMkwMEXaMgWopnzlnhKscFbWov6mcVa3tdFLDFTwyjCbWpShcGUyXOEzhmhyapfhCrJeqItM/iuXVkldzVkW6pHWA4rNLNzzssYw0L8W4+IfhCq+NN1sExHoZIE+EfBMi48jI6beuMCYQ3FX9mV+Y0HopSV00lI1rQv5WZzPXxhKMAd6nWUtVtYdVERaB8mozm0ItCVRwtLuW9cUwNSfz4dIcHaRkllgAOmVF/P1rGE4xzVUJcgMefbKNLjdakt2CjYMMou8AwrIDl3hedqqdvbhlMqkzOYyGT7Dq0RS3FExW4ozJcLCPiYl9H5MfMl9C0Ye5kU6ejxD+z70fS6evX5CM5kHlEyDBB+5UnNHorCQhVhlIjv6cHMLUlpWsur39zsegGwTQuG06xk3hDiwUy5SgXD9YWDTOJDxxxRl328ihs2tyK6i7m47MLJqh1LZnZZOaTogh24NVCd+r0Se6xAzQr3cvijgVLi3XAZuhSbisU3dE/pw/17eJUY9MzP+DvY5+u4FFATLoi6BZKDv4ZM34BIxIa626b/Q6/dYQT1dzHCcIn6/cv9lnLQE33joj4tEFGA5oLCgXb/Y7kVmrQg6aAFVLuOLfvlA61pwPDX5hQPZVc2Hom/j7OGhvNoE27rNlMkeiWvkR1i0z5jeZpcgqWlJYR9Ny++fMeI2t1o9u6WKUeTRGKfdu+UCJlgD1U/yc86bE/3rXPmi6OV/enxCLMHVtczWSjd2NW4LTzG50LVnipUGYXhsS53tx2aHQHBtZDjoo4zTTlDlpXHg95J2toxJI3gnXNqdPnK0BUQCeREKn8l7Ckj8GPoo+y6nf40EMT9BQZisZYSrW6wjetC7v0igqRgPPvrAoidnVTH6PVByQRdlRbH/PBa6QcANz9wBbL8RD8DX8wvMY0qZZLgM+0KlicIeHrhaGiALKl2jn0AxbjlV5CMf7ZxDDJT/hGq1UUp2VQ1Nmauj87aLBqNWFRxHYMr0mnFPcNpYkKyvHx1KjZYCdTQn8CZ1GVC7XVcdPZk/F3znPN8dNWzoin80sWNRdjkO8mtARmq8k+cuGhbQ4l4J+3b3AsXH6/zmSoGud/cG6WDd811O30K/9qqpnzeHLFJXueU5rerCzYZJseDHWpOhdEDxYPl0eVzfL+VAMXEJgwnJ3iLKWDm7HvKtfWWIzckQJ56eQcFGmALAc1MBxrpEghCZ0pikm3gv1aGOwrB94i8he1ssasSMDg4VFTY2kAt0Kbph59ewkEWoMLIfsOWvAP/TBGZt23yh4wSNgKJPqUutTYHJ5rUal6afcY4ZPdJFxFwPeRxpxAhqInu0jJCCJbVtucj3tVkqMla/MBKk1Os1n5Ge7GJfog=,iv:xWlbxnn7Pgc88J6dFGrhRywXo6MekfSXbLQp3rKSI4k=,tag:c+7ebUU4BsCJFO1aqyN4Tw==,type:str]
+sops:
+ lastmodified: "2025-10-06T17:49:51Z"
+ mac: ENC[AES256_GCM,data:5vEUwE8lHVj0GSgoD7G7YKWq0O3Isz7gLDjn7+wYjcGDB2JhcFcuBECtXB24VbcAYjf0ARKZiZwdVqdXfEXyWtHErBhNlCVX3JAHQx/jx6v7x6/8XbDDvuSf7oUXHJ0NOQWpn656nsvIi3pD5F4k1uDixNW6pLPZodp14y4sdFU=,iv:2Tn/l1nWSrWdu6WTHqhpEXQxfKHpJeqKN9Drzcx91kg=,tag:V8hd6IKPlgeE+SFRCOPmGQ==,type:str]
+ pgp:
+ - created_at: "2025-10-06T16:51:38Z"
+ enc: |-
+ -----BEGIN PGP MESSAGE-----
+
+ hL4DAAAAAAAAAAASBAMEAHAJzr07bCD9inqyANqbuf6JlJIgd6yH4bA3xe8zZJC8
+ tGWUMVlZJwsuAyGeAlsQvaHzg6ce/sowI6rgqPiXd2Bea0VY5pTIrbKUi5uxq/sK
+ HeUCZPPCdvaR45Bbkf+GTrvCjOrMJRcaLqG+Sgzy4hKdWkdNwRoVQeqk2JHJsVEw
+ zfVOwBd+rMHQ7CsUHgHSDvTh7BtUYDS0S65gR7VNh+yk9pod0J+PXNY+nqyBcqPu
+ 0l4Bdxo2Y2cg9GQiSL6ZGW7Dp6OtkF5CDwk7RmU26pA46OePtN21eiCiFQ6yg25n
+ AYXsBdqeH3580/Vety6MWSZZIaLtVaIPabGHpiKv+tVjzTkrF/2lHUKpDhoQ5Sye
+ =oEYU
+ -----END PGP MESSAGE-----
+ fp: 0D98D5964AC8BB1CA034CE4EC456133700066642
+ - created_at: "2025-10-06T16:51:38Z"
+ enc: |-
+ -----BEGIN PGP MESSAGE-----
+
+ hQIMAwAAAAAAAAAAARAAlCZXnkzHGj0bUqBzOzxBX3neGc6pyQQUyGEQfAUw40m9
+ 6zxzYyXIwAaYOWpFjU5nwVuLpIImv63N55VLXejlk0IyT7yOcY/XlUdZ5gITX19J
+ uCCdEAAr4S4cbW9bul9URNAQyKI9FFqWXfrq1zzFTRlMODBECkjTbTlrr9yggB4v
+ BCCx6WqIAbmGAyXSTPMroat6pnv+x3VUd3VOeWEsmSL3qG3tqbWZc2Y061b3d9oA
+ uykKKcwhgNv9ubZ+qLh1Szw7NLIAVAxVDFc3iugTeu7PkleQYGXlSagZOWw/EkAt
+ wsqxsgccqFwb1DjHUwcaz48raylcCNIhKRtINGbYlNIHtFRIc1rTHwn4l344zwQp
+ CjxiWXxhwW42eoHYLt3b//EmOhWOasbRlg6LT3Wz01jBylahuqjDaAgQjOHPLUvO
+ v9/TbAIsmb7zrnoT4bISgbrPbO2hPETR9N1tVmgR1w58hrX455Uo3f4O8FY7TMVB
+ 9A+8+Pg5WKANKxyws4TyM3xZfSuxOIZgaI3IwZ6/7eiVcaz5aCEbt22MjzuwsCgQ
+ N1/Jld0VJGeg9jDChFgGF9YUelheyBAiuSx4G0+NA4ir6H/MbK2Ej5zUDJec4Fd7
+ eqxFxcxWJxVtSMKZy+LmCRoe2gJRXFh86qXwkGJEIKBFfuQk7EF7KgUnf32AQwfS
+ WAHRf/20A+2kTjAmumVOHOY3PD3pS6fvQVwr0yliYQeYVJP8eUjRgjHuPaRwp9FQ
+ 4NlTKfVQGyyvoB1z8I0bMTVa1pkZhLs5dI290uk124LeQG6A93w+ajQ=
+ =VFO8
+ -----END PGP MESSAGE-----
+ fp: 4019fd893bba15618c2f93a38ef418ce360bc418
+ unencrypted_suffix: _unencrypted
+ version: 3.11.0
diff --git a/sops.nix b/sops.nix
index 86386e9e..af34e3b3 100644
--- a/sops.nix
+++ b/sops.nix
@@ -11,10 +11,15 @@ let
adminKeys = [
"0D98D5964AC8BB1CA034CE4EC456133700066642" # xyno main gpg key
];
- keysPerHost = (mapAttrs (n: v: (toList v.sopsKey)) (
- filterAttrs (n: v: v ? sopsKey) instanceConfigs
- ));
+ keysPerHost = (
+ mapAttrs (n: v: (toList v.sopsKey)) (filterAttrs (n: v: v ? sopsKey) instanceConfigs)
+ );
+ desktopHostNames = [ "theseus" ];
+
hostKeys = flatten (attrValues keysPerHost);
+ desktopKeys = flatten (
+ attrValues (filterAttrs (n: v: any (x: x == n) desktopHostNames) keysPerHost)
+ );
sopsCfg = {
keys = adminKeys ++ hostKeys;
@@ -23,6 +28,10 @@ let
path_regex = "secrets/[^/]+\.(yaml|json|env|ini)$";
key_groups = [ { pgp = adminKeys ++ hostKeys; } ];
}
+ {
+ path_regex = "secrets/desktop/[^/]+\.(yaml|json|env|ini)$";
+ key_groups = [ { pgp = adminKeys ++ desktopKeys; } ];
+ }
]
++ (mapAttrsToList (n: v: {
# path_regex = "instances/${n}/secrets/[^/]+\.(yaml|json|env|ini)$";
@@ -33,4 +42,5 @@ let
};
sopsCfgFile = writeText ".sops.yaml" (builtins.toJSON sopsCfg);
-in sopsCfgFile
+in
+sopsCfgFile