xyno/nix-configs
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

meow

Browse source
This commit is contained in:
Lucy Hochkamp 2025-07-23 14:24:23 +02:00
parent 93a675c06a
commit 9ca7a8d8f6
No known key found for this signature in database
20 changed files with 631 additions and 194 deletions
Download patch file Download diff file Expand all files Collapse all files

194
flake.lock generated
View file

@ -23,11 +23,11 @@
]
},
"locked": {
"lastModified": 1746967469,
"narHash": "sha256-FRpU/uwwqS9v/ehoZ2FPvm7TNVS4/kDnXVWEvBKBuAc=",
"lastModified": 1753107457,
"narHash": "sha256-Hh4/gCQ1rymD3TSlyyZA4vO9hx3uVX9MPi0o3luWYlI=",
"owner": "sofusa",
"repo": "csharp-language-server",
"rev": "dd210e8300ef03ce70dcbee5e7c441cee6e71795",
"rev": "485d3a5602ca18554d8739aee69283e0164590d9",
"type": "github"
},
"original": {
@ -109,24 +109,6 @@
"type": "github"
}
},
"flake-utils_3": {
"inputs": {
"systems": "systems_3"
},
"locked": {
"lastModified": 1731533236,
"narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "11707dc2f618dd54ca8739b309ec4fc024de578b",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
},
"flakey-profile": {
"locked": {
"lastModified": 1712898590,
@ -166,18 +148,17 @@
},
"helix": {
"inputs": {
"flake-utils": "flake-utils_2",
"nixpkgs": [
"nixpkgs-master"
],
"rust-overlay": "rust-overlay"
},
"locked": {
"lastModified": 1746686948,
"narHash": "sha256-w61Wo6vlkPXEiuqd19AIwvlVA77siY1oVXfK3o+buOU=",
"lastModified": 1753258147,
"narHash": "sha256-hCYSMxW9pAB8jP+PdDBzVxdU2w12ZgsGUf6JJh90dqI=",
"owner": "sofusa",
"repo": "helix-pull-diagnostics",
"rev": "b99c77b7898ebc0b2b6d40e728abb513e6a9fa6a",
"rev": "0831043ffa4fa7097a54681d6ed5d6b7dc2a6a10",
"type": "github"
},
"original": {
@ -193,11 +174,11 @@
]
},
"locked": {
"lastModified": 1746981801,
"narHash": "sha256-+Bfr0KqZV6gZdA7e2kupeoawozaLIHLuiPtC54uxbFc=",
"lastModified": 1753181343,
"narHash": "sha256-CLQfNtUqirNVSYoW/kYbvL4PeeNasmZonaPnjO3+1YQ=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "ff915842e4a2e63c4c8c5c08c6870b9d5b3c3ee9",
"rev": "0cdfcdbb525b77b951c889b6131047bc374f48fe",
"type": "github"
},
"original": {
@ -214,11 +195,11 @@
]
},
"locked": {
"lastModified": 1743604125,
"narHash": "sha256-ZD61DNbsBt1mQbinAaaEqKaJk2RFo9R/j+eYWeGMx7A=",
"lastModified": 1752603129,
"narHash": "sha256-S+wmHhwNQ5Ru689L2Gu8n1OD6s9eU9n9mD827JNR+kw=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "180fd43eea296e62ae68e079fcf56aba268b9a1a",
"rev": "e8c19a3cec2814c754f031ab3ae7316b64da085b",
"type": "github"
},
"original": {
@ -235,11 +216,11 @@
},
"locked": {
"dir": "nix",
"lastModified": 1739976554,
"narHash": "sha256-iBsa9Gyc9q1pBxpvwBkZWFPx3aNZgqtqtehuTjymZ20=",
"lastModified": 1751398458,
"narHash": "sha256-EHg2Z0EbsFN5zU1WrLc1sFszbUsLLpqZgFim7Zi8dRc=",
"ref": "feat-tap-overlap",
"rev": "900ef1359ea5f632f490be2e259aa3b409f5855e",
"revCount": 942,
"rev": "fb0334cbd16ec64c5ebcc10f7982a9857bd97d27",
"revCount": 986,
"type": "git",
"url": "https://github.com/jokesper/kmonad"
},
@ -279,46 +260,44 @@
"lix": {
"flake": false,
"locked": {
"lastModified": 1746827285,
"narHash": "sha256-hsFe4Tsqqg4l+FfQWphDtjC79WzNCZbEFhHI8j2KJzw=",
"rev": "47aad376c87e2e65967f17099277428e4b3f8e5a",
"lastModified": 1751235704,
"narHash": "sha256-J4ycLoXHPsoBoQtEXFCelL4xlq5pT8U9tNWNKm43+YI=",
"rev": "1d7368585eebaa2c4bdbcb88fe600cfb2239b2c6",
"type": "tarball",
"url": "https://git.lix.systems/api/v1/repos/lix-project/lix/archive/47aad376c87e2e65967f17099277428e4b3f8e5a.tar.gz?rev=47aad376c87e2e65967f17099277428e4b3f8e5a"
"url": "https://git.lix.systems/api/v1/repos/lix-project/lix/archive/1d7368585eebaa2c4bdbcb88fe600cfb2239b2c6.tar.gz?rev=1d7368585eebaa2c4bdbcb88fe600cfb2239b2c6"
},
"original": {
"type": "tarball",
"url": "https://git.lix.systems/lix-project/lix/archive/2.93.0.tar.gz"
"url": "https://git.lix.systems/lix-project/lix/archive/release-2.93.tar.gz"
}
},
"lix-module": {
"inputs": {
"flake-utils": "flake-utils_3",
"flake-utils": "flake-utils_2",
"flakey-profile": "flakey-profile",
"lix": "lix",
"nixpkgs": [
"nixpkgs"
]
"nixpkgs": "nixpkgs"
},
"locked": {
"lastModified": 1746838955,
"narHash": "sha256-11R4K3iAx4tLXjUs+hQ5K90JwDABD/XHhsM9nkeS5N8=",
"rev": "cd2a9c028df820a83ca2807dc6c6e7abc3dfa7fc",
"lastModified": 1751240025,
"narHash": "sha256-SXUAlxpjPRkArRMHy5+Hdi+PiC+ND9yzzIjiaHmTvQU=",
"rev": "8b1094356f4723d6e89d3f8a95b333ee16d9ab02",
"type": "tarball",
"url": "https://git.lix.systems/api/v1/repos/lix-project/nixos-module/archive/cd2a9c028df820a83ca2807dc6c6e7abc3dfa7fc.tar.gz?rev=cd2a9c028df820a83ca2807dc6c6e7abc3dfa7fc"
"url": "https://git.lix.systems/api/v1/repos/lix-project/nixos-module/archive/8b1094356f4723d6e89d3f8a95b333ee16d9ab02.tar.gz?rev=8b1094356f4723d6e89d3f8a95b333ee16d9ab02"
},
"original": {
"type": "tarball",
"url": "https://git.lix.systems/lix-project/nixos-module/archive/2.93.0.tar.gz"
"url": "https://git.lix.systems/lix-project/nixos-module/archive/2.93.2-1.tar.gz"
}
},
"mobile-nixos": {
"flake": false,
"locked": {
"lastModified": 1743812405,
"narHash": "sha256-BedQ9Z3+nqtp9BRjHjJNPUeLIMVbTsP3Udbz0b1cUn0=",
"lastModified": 1752497937,
"narHash": "sha256-xBkxB3KGDUQRpd2nSqJvw6vJhse4Lee4OaeJH6WvNDM=",
"owner": "mobile-nixos",
"repo": "mobile-nixos",
"rev": "6679fd7a8dd4ccf4aa538b82216723861cfe61a2",
"rev": "7a5fb89f4d2f08829f3fa1078108ceb40e8c8a67",
"type": "github"
},
"original": {
@ -327,6 +306,27 @@
"type": "github"
}
},
"niri": {
"inputs": {
"nixpkgs": [
"nixpkgs-master"
],
"rust-overlay": "rust-overlay_3"
},
"locked": {
"lastModified": 1752870529,
"narHash": "sha256-23DJk5EfEDCq7Xy1QELcayG0VxbbWpdQ6t7jbhae1Ok=",
"owner": "YaLTeR",
"repo": "niri",
"rev": "fefc0bc0a71556eb75352e2b611e50eb5d3bf9c2",
"type": "github"
},
"original": {
"owner": "YaLTeR",
"repo": "niri",
"type": "github"
}
},
"nix-flatpak": {
"locked": {
"lastModified": 1739444422,
@ -345,11 +345,11 @@
},
"nixos-hardware": {
"locked": {
"lastModified": 1746814339,
"narHash": "sha256-hf2lICJzwACWuzHCmZn5NI6LUAOgGdR1yh8ip+duyhk=",
"lastModified": 1753122741,
"narHash": "sha256-nFxE8lk9JvGelxClCmwuJYftbHqwnc01dRN4DVLUroM=",
"owner": "NixOS",
"repo": "nixos-hardware",
"rev": "3c5e12673265dfb0de3d9121420c0c2153bf21e0",
"rev": "cc66fddc6cb04ab479a1bb062f4d4da27c936a22",
"type": "github"
},
"original": {
@ -361,11 +361,11 @@
},
"nixpkgs": {
"locked": {
"lastModified": 1746904237,
"narHash": "sha256-3e+AVBczosP5dCLQmMoMEogM57gmZ2qrVSrmq9aResQ=",
"lastModified": 1746663147,
"narHash": "sha256-Ua0drDHawlzNqJnclTJGf87dBmaO/tn7iZ+TCkTRpRc=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "d89fc19e405cb2d55ce7cc114356846a0ee5e956",
"rev": "dda3dcd3fe03e991015e9a74b22d35950f264a54",
"type": "github"
},
"original": {
@ -377,11 +377,11 @@
},
"nixpkgs-master": {
"locked": {
"lastModified": 1747003416,
"narHash": "sha256-AT1E41SQNY19vQ9L+RDSGkall2fEjLptBc6DSLJ0U5E=",
"lastModified": 1753264108,
"narHash": "sha256-8p2/JVY9NZJBJYhKqHrnniheqIYKEWqbfb3njExFEKE=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "5d35e620053b041a4e04f09b21adf058408994c9",
"rev": "54066a57598ff5d22ed30a746603a524667250fc",
"type": "github"
},
"original": {
@ -407,6 +407,22 @@
"type": "github"
}
},
"nixpkgs_2": {
"locked": {
"lastModified": 1752950548,
"narHash": "sha256-NS6BLD0lxOrnCiEOcvQCDVPXafX1/ek1dfJHX1nUIzc=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "c87b95e25065c028d31a94f06a62927d18763fdf",
"type": "github"
},
"original": {
"owner": "nixos",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"pre-commit-hooks-nix": {
"inputs": {
"flake-compat": [
@ -435,17 +451,12 @@
}
},
"quadlet": {
"inputs": {
"nixpkgs": [
"nixpkgs"
]
},
"locked": {
"lastModified": 1746457417,
"narHash": "sha256-Eno9poUcLhWfMvs4H9Eb8JnXT5LFVhQ6G3UiEb0iKoA=",
"lastModified": 1752618481,
"narHash": "sha256-8132xTqalZxJZbznHDNoia1UqjNdL/hIQD4IXnI9F58=",
"owner": "SEIAROTg",
"repo": "quadlet-nix",
"rev": "11315f2c85e7ef9022115ce73386852e60de2c11",
"rev": "0c1d64f360c1a3c3534f6b592ca3ed5d46cf8429",
"type": "github"
},
"original": {
@ -463,9 +474,10 @@
"lanzaboote": "lanzaboote",
"lix-module": "lix-module",
"mobile-nixos": "mobile-nixos",
"niri": "niri",
"nix-flatpak": "nix-flatpak",
"nixos-hardware": "nixos-hardware",
"nixpkgs": "nixpkgs",
"nixpkgs": "nixpkgs_2",
"nixpkgs-master": "nixpkgs-master",
"quadlet": "quadlet",
"zen-browser": "zen-browser"
@ -513,6 +525,27 @@
"type": "github"
}
},
"rust-overlay_3": {
"inputs": {
"nixpkgs": [
"niri",
"nixpkgs"
]
},
"locked": {
"lastModified": 1752374969,
"narHash": "sha256-Ky3ynEkJXih7mvWyt9DWoiSiZGqPeHLU1tlBU4b0mcc=",
"owner": "oxalica",
"repo": "rust-overlay",
"rev": "75fb000638e6d0f57cb1e8b7a4550cbdd8c76f1d",
"type": "github"
},
"original": {
"owner": "oxalica",
"repo": "rust-overlay",
"type": "github"
}
},
"systems": {
"locked": {
"lastModified": 1681028828,
@ -543,21 +576,6 @@
"type": "github"
}
},
"systems_3": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "default",
"type": "github"
}
},
"zen-browser": {
"inputs": {
"home-manager": "home-manager_2",
@ -566,11 +584,11 @@
]
},
"locked": {
"lastModified": 1746998207,
"narHash": "sha256-q+3L52wIBNoUPPWGw55O2+WstZCgBVRGdKpYRxt60Rw=",
"lastModified": 1753069499,
"narHash": "sha256-YtgY0ueqKNrBma4Euu8WH23BhUkBujirJDMDE1KujnU=",
"owner": "0xc000022070",
"repo": "zen-browser-flake",
"rev": "37077d385abbf4358621948df86b37f618c5b338",
"rev": "c64b94235ae24e3b9e01a08f0331d8bb0e5b037a",
"type": "github"
},
"original": {

33
flake.nix
View file

@ -11,7 +11,6 @@
home-manager.inputs.nixpkgs.follows = "nixpkgs";
nixos-hardware.url = "github:NixOS/nixos-hardware/master";
quadlet.url = "github:SEIAROTg/quadlet-nix";
quadlet.inputs.nixpkgs.follows = "nixpkgs";
# software
lanzaboote = {
@ -21,8 +20,8 @@
inputs.nixpkgs.follows = "nixpkgs";
};
lix-module = {
url = "https://git.lix.systems/lix-project/nixos-module/archive/2.93.0.tar.gz";
inputs.nixpkgs.follows = "nixpkgs";
url = "https://git.lix.systems/lix-project/nixos-module/archive/2.93.2-1.tar.gz";
# inputs.nixpkgs.follows = "nixpkgs";
};
zen-browser.url = "github:0xc000022070/zen-browser-flake";
zen-browser.inputs.nixpkgs.follows = "nixpkgs-master";
@ -30,6 +29,10 @@
url = "git+https://github.com/jokesper/kmonad?dir=nix&ref=feat-tap-overlap";
inputs.nixpkgs.follows = "nixpkgs";
};
niri.url = "github:YaLTeR/niri";
niri.inputs.nixpkgs.follows = "nixpkgs-master";
# nheko.url = "github:Nheko-Reborn/nheko";
# nheko.flake = false;
# helix
helix.url = "github:sofusa/helix-pull-diagnostics";
@ -55,7 +58,27 @@
};
}
);
overlays = [ self.overlays.default ];
overlays = [ self.overlays.default
# lix-module.overlays.default
(final: prev: let
versionSuffix = "-horribly-patched";
lix = final.applyPatches {
name = "lix${versionSuffix}";
src = inputs.lix-module.inputs.lix;
patches = [
(final.fetchpatch {
name = "lix-2.93-structuredAttrs.patch";
url = "https://gerrit.lix.systems/changes/lix~3668/revisions/2/patch?download&raw";
hash = "sha256-JQlAU0texMa7DMrqk447SXJUEu1k4IP9z8mjCHyskVc=";
})
];
};
patchedOverlay = import (inputs.lix-module + "/overlay.nix") {
inherit versionSuffix lix;
};
in
patchedOverlay final prev)
];
genPkgs =
system:
import nixpkgs {
@ -72,7 +95,7 @@
};
nixosConfigurations = lib.xyno.loadInstances ./instances (
[
inputs.lix-module.nixosModules.default
# inputs.lix-module.nixosModules.default
inputs.kmonad.nixosModules.default
inputs.home-manager.nixosModules.default
inputs.lanzaboote.nixosModules.lanzaboote

1
hm-modules/helix.nix
View file

@ -16,6 +16,7 @@ in
dprint
nodePackages_latest.typescript-language-server
nodePackages_latest.vscode-langservers-extracted
markdown-oxide
## python
# ruff-lsp
# nodePackages_latest.pyright

37
instances/theseus/configuration.nix
View file

@ -8,8 +8,7 @@
{
nixpkgs.system = "x86_64-linux";
imports = [ ./hardware-configuration.nix ];
hardware.keyboard.zsa.enable = true;
boot.binfmt.emulatedSystems = [ "aarch64-linux" ];
boot.binfmt.emulatedSystems = [ "aarch64-linux" ];
home-manager.users.${config.xyno.system.user.name} = (
{ ... }:
{
@ -17,7 +16,7 @@
xyno.borgmatic.enable = true;
home.packages = [
# work
pkgs.jetbrains.rider
(pkgs.unstable.jetbrains.rider.override { jdk = pkgs.unstable.openjdk21; })
(pkgs.firefox-devedition.overrideAttrs (super: self: { meta.priority = 1; }))
];
services.flatpak.update.auto.enable = true;
@ -39,20 +38,43 @@
};
}
);
nixpkgs.config.permittedInsecurePackages = [
"olm-3.2.16"
];
environment.systemPackages = with pkgs; [
aerc
oama # required for aerc
libsecret # required for oama
easyeffects
jabref
glib # rider wants gsettings
(pkgs.writeShellScriptBin "sudo" "run0 $@")
krita
strawberry
pandoc
tectonic
rquickshare
supersonic
# (nheko.overrideAttrs (
# super: self: {
# src = inputs.nheko;
# }
# ))
];
time.timeZone = "Europe/Berlin";
networking.firewall.allowedTCPPorts = [ 1880 2021 ];
networking.firewall.allowedUDPPorts = [ 1880 2021 ];
networking.firewall.allowedTCPPorts = [
1880
2021
];
networking.firewall.allowedUDPPorts = [
1880
2021
];
services.tailscale.enable = true;
services.tailscale.useRoutingFeatures = "client";
xyno.common.enable = true;
xyno.desktop.common-programs.enable = true;
xyno.hardware.kmonad.enable = true;
xyno.presets.cli.enable = true;
@ -67,7 +89,7 @@
enable = true;
enableWifi = true;
};
xyno.desktop.easyeffects.enable = true;
# xyno.desktop.easyeffects.enable = true;
# xyno.desktop.fcitx5.enable = true;
hardware.bluetooth.enable = true;
services.blueman.enable = true;
@ -76,5 +98,4 @@
services.flatpak.enable = true;
system.stateVersion = "24.11";
programs.nh.enable = true;
}

49
modules/desktop/audio.nix
View file

@ -10,26 +10,41 @@ in
{
options.xyno.desktop.audio.enable = lib.mkEnableOption "enable pipewire and stuff";
config = lib.mkIf cfg.enable {
services.pipewire = {
enable = true;
# raopOpenFirewall = true; # airplay
pulse.enable = true;
extraConfig.pipewire = {
"9-clock-allow-higher" = {
"context.properties" = {
"default.clock.allowed-rates" = [ "44100" "48000" "96000" "192000" ];
services.pipewire = {
enable = true;
# raopOpenFirewall = true; # airplay
pulse.enable = true;
extraConfig.pipewire = {
"9-clock-allow-higher" = {
"context.properties" = {
"default.clock.allowed-rates" = [
"44100"
"48000"
"96000"
"192000"
];
};
};
# "10-raop-discover" = {
# "context.modules" = [
# {
# name = "libpipewire-module-raop-discover";
# args = { };
# }
# ];
# };
};
extraConfig.pipewire-pulse = {
"10-zeroconf" = {
"pulse.cmd" = [
{
cmd = "load-module";
args = "module-zeroconf-discover";
}
];
};
};
# "10-raop-discover" = {
# "context.modules" = [
# {
# name = "libpipewire-module-raop-discover";
# args = { };
# }
# ];
# };
};
};
};
}

9
modules/desktop/common-programs.nix
View file

@ -13,7 +13,7 @@ in
lib.mkEnableOption "install some commonly used programs";
config = lib.mkIf cfg.enable {
home-manager.users.${config.xyno.system.user.name} = lib.mkIf config.xyno.presets.home-manager.enable ({...}: {
xyno.alacritty.enable = true;
# xyno.alacritty.enable = true;
xyno.helix.enable = true;
});
programs.steam = {
@ -37,14 +37,17 @@ in
signal-desktop
obsidian
diebahn
vlc
mpv
lutris
libreoffice-qt6-fresh
inkscape
easyeffects
appimage-run
unstable.keepassxc
inputs.zen-browser.packages."${pkgs.system}".default
qalculate-qt
wl-clipboard-rs
wdisplays
];

6
modules/desktop/foot.nix
View file

@ -13,14 +13,14 @@ in
type = lib.types.str;
default = "niri.service";
};
options.xyno.desktop.foot.package= lib.mkOption {
options.xyno.desktop.foot.package = lib.mkOption {
type = lib.types.package;
default = pkgs.foot;
};
config = lib.mkIf cfg.enable {
# should be socket activated tm
# systemd.user.services.foot.wantedBy = lib.mkForce [ cfg.wantedBy ];
# systemd.user.sockets.foot.wantedBy = lib.mkForce [ cfg.wantedBy ];
# systemd.user.services.foot-server.wantedBy = lib.mkForce [ cfg.wantedBy ];
systemd.user.sockets.foot-server.wantedBy = lib.mkForce [ cfg.wantedBy ];
systemd.packages = [ cfg.package ];
xyno.desktop.niri.term = lib.mkDefault "footclient";
programs.foot = {

32
modules/desktop/mate-polkit.nix
View file

@ -1,32 +0,0 @@
{
pkgs,
config,
lib,
...
}:
let
cfg = config.xyno.desktop.mate-polkit;
in
{
options.xyno.desktop.mate-polkit.enable = lib.mkEnableOption "enable mate-polkit as the gui polkit thing";
options.xyno.desktop.mate-polkit.wantedBy = lib.mkOption {
type = lib.types.str;
default = "niri.service";
};
options.xyno.desktop.mate-polkit.package = lib.mkOption {
type = lib.types.package;
default = pkgs.mate.mate-polkit; # we're using mate polkit as it seems to be the only maintained gtk polkit thing (and we're using all the other gtk shit anyways)
};
config = lib.mkIf cfg.enable {
environment.systemPackages = [ cfg.package ];
systemd.user.services.mate-polkit = {
unitConfig.PartOf = "graphical-session.target";
unitConfig.After = "graphical-session.target";
unitConfig.Requisite = "graphical-session.target";
serviceConfig.Restart = "on-failure";
wantedBy = [ cfg.wantedBy ];
script = "exec ${cfg.package}/libexec/polkit-mate-authentication-agent-1";
};
};
}

78
modules/desktop/niri.nix
View file

@ -1,4 +1,5 @@
{
inputs,
pkgs,
config,
lib,
@ -11,6 +12,7 @@ let
"org.pulseaudio.pavucontrol"
"KeePassXC"
"org.gnome.NautilusPreviewer"
"io.github.Qalculate.qalculate-qt"
];
matchFloat = lib.concatStringsSep "\n" (
map (x: ''
@ -42,32 +44,72 @@ in
{ ... }:
{
xyno.dark-theme.enable = true;
home.file.".config/xdg-desktop-portal-termfilechooser/config".text = ''
[filechooser]
cmd=${pkgs.xdg-desktop-portal-termfilechooser}/share/xdg-desktop-portal-termfilechooser/yazi-wrapper.sh
default_dir=$HOME
env=TERMCMD=footclient --app-id floating-alacritty
open_mode = suggested
save_mode = suggested
'';
}
);
xdg.portal = {
extraPortals = [
pkgs.xdg-desktop-portal-termfilechooser
];
config.niri.default = [
"gnome"
"gtk"
];
# config.niri."org.freedesktop.impl.portal.FileChooser" = [ "termfilechooser" ];
config.niri."org.freedesktop.impl.portal.Access" = [ "gtk" ];
config.niri."org.freedesktop.impl.portal.Notification" = [ "gtk" ];
config.niri."org.freedesktop.impl.portal.Secret" = [ "gnome-keyring" ];
};
# xdg.portal = {
# enable = true;
# wlr.enable = true;
# };
environment.systemPackages = with pkgs;[
playerctl
xwayland-satellite
];
programs.niri.enable = true;
programs.niri.package = inputs.niri.packages.${pkgs.system}.default.overrideAttrs (prev: {
patches = prev.patches ++ [
(pkgs.fetchurl {
url = "https://patch-diff.githubusercontent.com/raw/YaLTeR/niri/pull/1907.patch";
hash = "sha256-XhG8Ga1/QMPXrF0FjQuBk8KZISbof4Md4kM73cG1SYQ=";
})
];
});
environment.etc."niri/config.kdl".mode = "444"; # copy file so niri detects changes
environment.etc."niri/config.kdl".text = ''
// xwayland
spawn-at-startup "${pkgs.xwayland-satellite}/bin/xwayland-satellite"
environment {
DISPLAY ":0"
animations {
off
}
// keybinds
binds {
Mod+D { spawn "${cfg.launcher}"; }
Mod+Alt+L { spawn "lock"; }
Mod+T { spawn "${cfg.term}"; }
Mod+Y { spawn "${cfg.term} yazi"; }
Mod+Y { spawn "${cfg.term}" "--app-id" "floating-alacritty" "yazi"; }
Mod+P { spawn "keepassxc"; }
XF86AudioRaiseVolume allow-when-locked=true { spawn "wpctl" "set-volume" "@DEFAULT_AUDIO_SINK@" "0.1+"; }
XF86AudioLowerVolume allow-when-locked=true { spawn "wpctl" "set-volume" "@DEFAULT_AUDIO_SINK@" "0.1-"; }
Mod+S { spawn "qalculate-qt"; }
Mod+Shift+N { spawn "makoctl" "dismiss" "-a"; }
Mod+N { spawn "makoctl" "dismiss"; }
Mod+E { spawn "makoctl" "menu" "fuzzel -d"; }
XF86AudioRaiseVolume allow-when-locked=true { spawn "wpctl" "set-volume" "@DEFAULT_AUDIO_SINK@" "0.03+"; }
XF86AudioLowerVolume allow-when-locked=true { spawn "wpctl" "set-volume" "@DEFAULT_AUDIO_SINK@" "0.03-"; }
XF86AudioMute allow-when-locked=true { spawn "wpctl" "set-mute" "@DEFAULT_AUDIO_SINK@" "toggle"; }
XF86AudioMicMute allow-when-locked=true { spawn "wpctl" "set-mute" "@DEFAULT_AUDIO_SOURCE@" "toggle"; }
XF86AudioNext allow-when-locked=true { spawn "playerctl" "next"; }
XF86AudioPrev allow-when-locked=true { spawn "playerctl" "previous"; }
XF86AudioPlay allow-when-locked=true { spawn "playerctl" "play-pause"; }
XF86AudioPause allow-when-locked=true { spawn "playerctl" "pause"; }
Mod+Q { close-window; }
@ -284,10 +326,19 @@ in
Super+Backslash { focus-workspace "scratchpad"; }
}
layout {
gaps 12
// center-focused-column "always"
gaps 8
shadow {
on
}
background-color "transparent"
struts {
right 16
left 16
}
default-column-width { proportion 0.33333; }
tab-indicator {
hide-when-single-tab
position "top"
@ -300,6 +351,11 @@ in
// scratchpad
// workspace "scratchpad"
// Put swaybg inside the overview backdrop.
layer-rule {
match namespace="^wpaperd.*$"
place-within-backdrop true
}
screenshot-path "~/Pictures/screenshots/screenshot-%Y-%m-%d %H-%M-%S.png"
// Indicate screencasted windows with red colors.
@ -353,11 +409,13 @@ in
}
input {
workspace-auto-back-and-forth
focus-follows-mouse
// workspace-auto-back-and-forth
focus-follows-mouse max-scroll-amount="10%"
keyboard {
xkb {
layout "eu"
// options "compose:lalt"
}
}
touchpad {

2
modules/desktop/waybar.nix
View file

@ -424,7 +424,7 @@ in
};
options.xyno.desktop.waybar.package = lib.mkOption {
type = lib.types.package;
default = pkgs.unstable.waybar.override { hyprlandSupport = false; }; # we don't use it and hyprland seems to not build on current master
default = pkgs.unstable.waybar;
};
options.xyno.desktop.waybar.mode = lib.mkOption {
type = lib.types.str;

5
modules/hardware/kmonad.nix
View file

@ -26,6 +26,11 @@ in
config = builtins.readFile ./kmonad/k70.kbd;
};
wire = {
device = "/dev/input/by-id/usb-Razer_Razer_BlackWidow_Chroma_V2-event-kbd";
config = builtins.readFile ./kmonad/chroma_v2.kbd;
};
};
};
};

89
modules/hardware/kmonad/chroma_v2.kbd Normal file
View file

@ -0,0 +1,89 @@
(defcfg
;; ** For Linux **
input (device-file "/dev/input/by-id/usb-Razer_Razer_BlackWidow_Chroma_V2-event-kbd")
;; input (device-file "/dev/input/by-path/platform-i8042-serio-0-event-kbd")
output (uinput-sink "KMonad output")
;; ** For Windows **
;; input (low-level-hook)
;; output (send-event-sink)
;; ** For MacOS **
;; input (iokit-name "my-keyboard-product-string")
;; output (kext)
fallthrough true
)
(defsrc
esc f1 f2 f3 f4 f5 f6 f7 f8 f9 f10 f11 f12
grv 1 2 3 4 5 6 7 8 9 0 - = bspc
tab q w e r t y u i o p [ ]
caps a s d f g h j k l ; ' \ ret
lsft 102d z x c v b n m , . / rsft
lctl lmet lalt spc ralt rmet cmp rctl
)
(defalias
ext (layer-toggle extend) ;; Bind 'ext' to the Extend Layer
)
(defalias
cpy C-c
pst C-v
cut C-x
udo C-z
all C-a
fnd C-f
bk Back
fw Forward
)
(defalias
num (layer-toggle num)
)
(deflayer colemak-dh
esc f1 f2 f3 f4 f5 f6 f7 f8 f9 f10 f11 f12
grv 1 2 3 4 5 6 7 8 9 0 - = bspc
tab q w f p b j l u y ; [ ]
esc (tap-hold-next-release 200 a lctrl) (tap-hold-next-release 200 r ralt) (tap-hold-next-release 200 s lmet) t g m n (tap-hold-next-release 200 e rmet) (tap-hold-next-release 200 i lalt) (tap-hold-next-release 200 o rctrl) ' \\ ret
lsft z x c d v 102d k h , . / rsft
lctl lmet lalt spc ralt rmet _ _
)
(deflayer num
esc f1 f2 f3 f4 f5 f6 f7 f8 f9 f10 f11 f12
grv 1 2 3 4 5 6 7 8 9 0 - = bspc
tab q w f p b j l u y ; [ ]
esc 1 2 3 4 5 6 7 8 9 0 ' \\ ret
lsft z x c d v 102d k h , . / rsft
lctl lmet lalt spc ralt rmet _ _
)
(deflayer colemak-dhk
esc f1 f2 f3 f4 f5 f6 f7 f8 f9 f10 f11 f12
grv 1 2 3 4 5 6 7 8 9 0 - = bspc
tab q w f p b j l u y ; [ ]
@ext a r s t g k n e i o ' \\ ret
lsft z x c d v 102d m h , . / rsft
lctl lmet lalt spc ralt rmet _ _
)
(deflayer extend
_ play rewind previoussong nextsong ejectcd refresh brdn brup www mail prog1 prog2
_ f1 f2 f3 f4 f5 f6 f7 f8 f9 f10 f11 f12 _
_ esc @bk @fnd @fw ins pgup home up end menu prnt slck
_ lalt lmet lsft lctl ralt pgdn lft down rght del caps _ _
_ @udo @cut @cpy tab @pst _ pgdn bks lsft lctl comp _
_ _ _ ret _ _ _ _
)
(deflayer empty
_ _ _ _ _ _ _ _ _ _ _ _ _
_ _ _ _ _ _ _ _ _ _ _ _ _ _
_ _ _ _ _ _ _ _ _ _ _ _ _
_ _ _ _ _ _ _ _ _ _ _ _ _ _
_ _ _ _ _ _ _ _ _ _ _ _ _
_ _ _ _ _ _ _ _
)

2
modules/module-list.nix
View file

@ -8,7 +8,6 @@
./desktop/foot.nix
./desktop/fuzzel.nix
./desktop/mako.nix
./desktop/mate-polkit.nix
./desktop/niri.nix
./desktop/shikane.nix
./desktop/swayidle.nix
@ -17,6 +16,7 @@
./hardware/kmonad.nix
./networking/networkd.nix
./presets/cli.nix
./presets/common.nix
./presets/gui.nix
./presets/home-manager.nix
./system/user.nix

44
modules/networking/networkd.nix
View file

@ -13,6 +13,50 @@ in
config = lib.mkIf cfg.enable {
systemd.network.enable = true;
networking.useNetworkd = true;
networking = {
dhcpcd.enable = false;
useDHCP = true;
useHostResolvConf = false;
};
# systemd.network.networks."60-wifi-client" = {
# matchConfig = {
# WLANInterfaceType = "station";
# };
# networkConfig = {
# DHCP = "yes";
# # IPv6AcceptRA = true;
# KeepConfiguration = "no";
# IPv6PrivacyExtensions = "kernel";
# };
# linkConfig.RequiredForOnline = "routable";
# dhcpV4Config = {
# RouteMetric = 1025;
# # IPv6OnlyMode = "yes";
# };
# ipv6AcceptRAConfig = {
# # UsePREF64 = true;
# RouteMetric = 1025;
# };
# };
# systemd.network.networks."60-ethernet-dhcp" = {
# matchConfig = {
# Kind = "!*";
# Type = "either";
# # Name = "en*";
# };
# linkConfig.RequiredForOnline = "routable";
# dhcpV4Config = {
# # IPv6OnlyMode = "yes";
# };
# networkConfig = {
# DHCP = "yes";
# # IPv6AcceptRA = true;
# KeepConfiguration = "no";
# IPv6PrivacyExtensions = "kernel";
# };
# # ipv6AcceptRAConfig.UsePREF64 = true;
# };
networking.wireless.iwd.enable = cfg.enableWifi;
# services.clatd.enable = true;
};
}

30
modules/presets/cli.nix
View file

@ -15,6 +15,27 @@ in
xyno.cli.starship.enable = true;
security.sudo.enable = false;
# Opitionally
i18n.defaultLocale = "en_US.UTF-8";
# i18n.extraLocales = ["de_DE.UTF-8"];
i18n.extraLocaleSettings = {
LC_CTYPE = "en_US.UTF8";
LC_ADDRESS = "de_DE.UTF-8";
LC_MEASUREMENT = "de_DE.UTF-8";
LC_MESSAGES = "en_US.UTF-8";
LC_MONETARY = "de_DE.UTF-8";
LC_NAME = "de_DE.UTF-8";
LC_NUMERIC = "en_US.UTF-8";
LC_PAPER = "de_DE.UTF-8";
LC_TELEPHONE = "de_DE.UTF-8";
LC_TIME = "de_DE.UTF-8";
LC_COLLATE = "de_DE.UTF-8";
};
home-manager.users.xyno.home.sessionVariables.LOCALE_ARCHIVE_2_27 =
lib.mkForce "/run/current-system/sw/lib/locale/locale-archive";
home-manager.users.xyno.systemd.user.sessionVariables.LOCALE_ARCHIVE_2_27 =
lib.mkForce "/run/current-system/sw/lib/locale/locale-archive";
nix.settings = {
substituters = [
"https://cache.lix.systems"
@ -51,6 +72,13 @@ in
enable = true;
};
services.pcscd.enable = true;
programs.gnupg.agent = {
enable = true;
# pinentrywlavor = "curses";
# enableSSHSupport = true;
};
environment.systemPackages = with pkgs; [
jq
fd
@ -80,7 +108,7 @@ in
programs.mosh.enable = true;
environment.variables.EDITOR = "hx";
environment.variables.VISUAL = "hx";
environment.variables.PAGER= "moar";
environment.variables.PAGER = "moar";
environment.shellAliases = {
l = "ls -alh";

17
modules/presets/common.nix Normal file
View file

@ -0,0 +1,17 @@
{
pkgs,
config,
lib,
...
}:
let
cfg = config.xyno.common;
in
{
options.xyno.common.enable = lib.mkEnableOption "enables common settings";
config = lib.mkIf cfg.enable {
boot.initrd.systemd.enable = true;
hardware.keyboard.zsa.enable = true;
programs.nh.enable = true;
};
}

68
modules/presets/gui.nix
View file

@ -16,7 +16,8 @@ in
config = lib.mkIf cfg.enable {
xyno.desktop.niri.enable = true;
xyno.desktop.audio.enable = lib.mkDefault true;
xyno.desktop.mate-polkit.enable = true;
security.soteria.enable = true;
security.rtkit.enable = true;
xyno.hardware.kmonad.enable = true;
# wayland on electron
environment.sessionVariables.NIXOS_OZONE_WL = "1";
@ -31,7 +32,19 @@ in
qt = {
enable = true;
style = "breeze";
platformTheme = "kde";
platformTheme = "lxqt";
};
programs.yazi = {
settings.keymap.manager.prepend_keymap = [
{
on = "y";
run = [
''shell -- for path in "$@"; do echo "file://$path"; done | ${pkgs.wl-clipboard-rs}/bin/wl-copy -t text/uri-list''
"yank"
];
}
];
};
# setup printing
@ -42,11 +55,14 @@ in
openFirewall = true;
};
services.printing.enable = true;
services.printing.stateless = true;
services.system-config-printer.enable = true;
# enable the gnome shit
services.gnome.gnome-keyring.enable = true;
services.gnome.gnome-online-accounts.enable = true;
services.gnome.core-utilities.enable = true;
services.gnome.gcr-ssh-agent.enable = lib.mkForce false;
services.gnome.sushi.enable = true;
services.gnome.gnome-settings-daemon.enable = true;
services.gvfs.enable = true;
@ -55,33 +71,34 @@ in
enable = true;
settings.default = [ "foot.desktop" ];
};
xdg.portal.xdgOpenUsePortal = true;
environment.sessionVariables.GTK_USE_PORTAL = "1";
home-manager.users.${config.xyno.system.user.name} =
{ pkgs, ... }:
{
xdg.mimeApps = {
enable = true;
defaultApplications = {
"x-scheme-handler/mailto" = [ "aerc.desktop" ];
"inode/directory" = [ "org.gnome.Nautilus.desktop" ];
"application/x-gnome-saved-search" = [ "org.gnome.Nautilus.desktop" ];
"x-scheme-handler/http" = "userapp-Zen-D2P132.desktop";
"x-scheme-handler/https" = "userapp-Zen-D2P132.desktop";
"x-scheme-handler/chrome" = "userapp-Zen-D2P132.desktop";
"text/html" = "userapp-Zen-D2P132.desktop";
"application/x-extension-htm" = "userapp-Zen-D2P132.desktop";
"application/x-extension-html" = "userapp-Zen-D2P132.desktop";
"application/x-extension-shtml" = "userapp-Zen-D2P132.desktop";
"application/xhtml+xml" = "userapp-Zen-D2P132.desktop";
"application/x-extension-xhtml" = "userapp-Zen-D2P132.desktop";
"application/x-extension-xht" = "userapp-Zen-D2P132.desktop";
"application/pdf" = "org.gnome.Evince.desktop";
# home-manager.users.${config.xyno.system.user.name} =
# { pkgs, ... }:
# {
# xdg.mimeApps = {
# enable = true;
# defaultApplications = {
# "x-scheme-handler/mailto" = [ "aerc.desktop" ];
# "inode/directory" = [ "org.gnome.Nautilus.desktop" ];
# "application/x-gnome-saved-search" = [ "org.gnome.Nautilus.desktop" ];
# "x-scheme-handler/http" = "userapp-Zen-D2P132.desktop";
# "x-scheme-handler/https" = "userapp-Zen-D2P132.desktop";
# "x-scheme-handler/chrome" = "userapp-Zen-D2P132.desktop";
# "text/html" = "userapp-Zen-D2P132.desktop";
# "application/x-extension-htm" = "userapp-Zen-D2P132.desktop";
# "application/x-extension-html" = "userapp-Zen-D2P132.desktop";
# "application/x-extension-shtml" = "userapp-Zen-D2P132.desktop";
# "application/xhtml+xml" = "userapp-Zen-D2P132.desktop";
# "application/x-extension-xhtml" = "userapp-Zen-D2P132.desktop";
# "application/x-extension-xht" = "userapp-Zen-D2P132.desktop";
# "application/pdf" = "org.gnome.Evince.desktop";
};
};
};
# };
# };
# };
environment.systemPackages = with pkgs; [
kdePackages.breeze-gtk
@ -98,6 +115,7 @@ in
source-code-pro # Default monospace font in 3.32
source-sans
b612
lxqt.lxqt-config
];

22
modules/system/impermanence.nix Normal file
View file

@ -0,0 +1,22 @@
{
pkgs,
lib,
config,
...
}:
let
cfg = config.xyno.impermanence;
in
{
options.xyno.impermanence = {
enable = lib.mkEnableOption "erase all your darlings (they hate you anyways)";
extraFiles = lib.mkOption { type = lib.types.listOf lib.types.str; };
extraDirectories = lib.mkOption { type = lib.types.listOf lib.types.str; };
};
config = lib.mkIf cfg.enable {
imports = [ ]; # TODO
impermanence.extraFiles = cfg.extraFiles;
impermanence.extraDirectories = cfg.extraDirectories;
};
}

51
secrets/deploy-secrets.py Normal file
View file

@ -0,0 +1,51 @@
#!/usr/bin/env python
import subprocess
import sys
import argparse
import json
parser = argparse.ArgumentParser()
parser.add_argument("flake")
parser.add_argument("-f", "--force", action='store_true')
args = parser.parse_args()
NIX_OUTPUT_JSON_PATH = subprocess.run(["nix", "build", f"{args.flake}.config.xyno.secret-output", "--no-link")
HOSTNAME = subprocess.run(["nix", "eval", f"{args.flake}.config.networking.hostName", "--raw"])
nix_output_json
with open(NIX_OUTPUT_JSON_PATH, "r") as f:
nix_output_json = json.load(f)
def run_ssh(command):
return subprocess.run("ssh", HOSTNAME, command)
def check_tpm():
return run_ssh("systemd-analyze has-tpm2").returncode == 0
def push_secret(secret_name, secret_content):
if !args.force && secret_name in run_ssh("systemd-creds list"):
print(f"[INFO] secret {secret_name} exists on target, skipping")
print(f"[INFO] run with --force to skip")
return
command
if secret_content["random"] != null:
command = f"openssl rand -hex {secret_content["random"]} | systemd-creds encrypt - {secret_name}"
else if secret_content["ageFile"] != null:
secret_output = subprocess.run(["rage", "-d", secret_content["ageFile"]])
command = f"echo '{secret_output}' | systemd-creds encrypt - {secret_name}"
else if secret_content["command"] != null:
secret_output = subprocess.run(["sh", "-c", secret_content["command"]])
command = f"echo '{secret_output}' | systemd-creds encrypt - {secret_name}"
else:
print(f"[ERROR] no secret content set for {secret_name}: {secret_content}")
return
run_ssh(command)
for secret_name, secret_content in nix_output_json:
push_secret(secret_name,secret_content)

56
secrets/nixos-module.nix Normal file
View file

@ -0,0 +1,56 @@
{
pkgs,
config,
lib,
...
}:
with lib;
let
cfg = config.xyno.secrets;
json = builtins.toJSON cfg;
in
{
options.xyno.secret-output = lib.mkOption {
type = types.str;
};
options.xyno.secrets = mkOption {
type = types.attrsOf (
types.submodule {
options = {
random = mkOption {
type = types.nullOr types.int;
default = null;
description = ''
have the secret be a random hex string with n bytes
'';
};
ageFile = mkOption {
type = types.nullOr types.str;
default = null;
description = ''
have the secret be a age encrypted file
'';
};
command = mkOption {
type = types.nullOr types.str;
default = null;
description = ''
have the secret be the output of a command (impure grrrrr)
'';
};
};
}
);
};
config = {
systemd.tpm2.enable = true;
boot.initrd.systemd.tpm2.enable = true;
# TODO: ensure secrets are loaded in activation script
xyno.secret-output = pkgs.writeFile "xyno-secret.json" json;
environment.systemPackages = [
pkgs.openssl # needed for random secrets
];
};
}