diff --git a/flake.lock b/flake.lock index f6d55f54..1878beb8 100644 --- a/flake.lock +++ b/flake.lock @@ -23,11 +23,11 @@ ] }, "locked": { - "lastModified": 1746967469, - "narHash": "sha256-FRpU/uwwqS9v/ehoZ2FPvm7TNVS4/kDnXVWEvBKBuAc=", + "lastModified": 1753107457, + "narHash": "sha256-Hh4/gCQ1rymD3TSlyyZA4vO9hx3uVX9MPi0o3luWYlI=", "owner": "sofusa", "repo": "csharp-language-server", - "rev": "dd210e8300ef03ce70dcbee5e7c441cee6e71795", + "rev": "485d3a5602ca18554d8739aee69283e0164590d9", "type": "github" }, "original": { @@ -109,24 +109,6 @@ "type": "github" } }, - "flake-utils_3": { - "inputs": { - "systems": "systems_3" - }, - "locked": { - "lastModified": 1731533236, - "narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=", - "owner": "numtide", - "repo": "flake-utils", - "rev": "11707dc2f618dd54ca8739b309ec4fc024de578b", - "type": "github" - }, - "original": { - "owner": "numtide", - "repo": "flake-utils", - "type": "github" - } - }, "flakey-profile": { "locked": { "lastModified": 1712898590, @@ -166,18 +148,17 @@ }, "helix": { "inputs": { - "flake-utils": "flake-utils_2", "nixpkgs": [ "nixpkgs-master" ], "rust-overlay": "rust-overlay" }, "locked": { - "lastModified": 1746686948, - "narHash": "sha256-w61Wo6vlkPXEiuqd19AIwvlVA77siY1oVXfK3o+buOU=", + "lastModified": 1753258147, + "narHash": "sha256-hCYSMxW9pAB8jP+PdDBzVxdU2w12ZgsGUf6JJh90dqI=", "owner": "sofusa", "repo": "helix-pull-diagnostics", - "rev": "b99c77b7898ebc0b2b6d40e728abb513e6a9fa6a", + "rev": "0831043ffa4fa7097a54681d6ed5d6b7dc2a6a10", "type": "github" }, "original": { @@ -193,11 +174,11 @@ ] }, "locked": { - "lastModified": 1746981801, - "narHash": "sha256-+Bfr0KqZV6gZdA7e2kupeoawozaLIHLuiPtC54uxbFc=", + "lastModified": 1753181343, + "narHash": "sha256-CLQfNtUqirNVSYoW/kYbvL4PeeNasmZonaPnjO3+1YQ=", "owner": "nix-community", "repo": "home-manager", - "rev": "ff915842e4a2e63c4c8c5c08c6870b9d5b3c3ee9", + "rev": "0cdfcdbb525b77b951c889b6131047bc374f48fe", "type": "github" }, "original": { @@ -214,11 +195,11 @@ ] }, "locked": { - "lastModified": 1743604125, - "narHash": "sha256-ZD61DNbsBt1mQbinAaaEqKaJk2RFo9R/j+eYWeGMx7A=", + "lastModified": 1752603129, + "narHash": "sha256-S+wmHhwNQ5Ru689L2Gu8n1OD6s9eU9n9mD827JNR+kw=", "owner": "nix-community", "repo": "home-manager", - "rev": "180fd43eea296e62ae68e079fcf56aba268b9a1a", + "rev": "e8c19a3cec2814c754f031ab3ae7316b64da085b", "type": "github" }, "original": { @@ -235,11 +216,11 @@ }, "locked": { "dir": "nix", - "lastModified": 1739976554, - "narHash": "sha256-iBsa9Gyc9q1pBxpvwBkZWFPx3aNZgqtqtehuTjymZ20=", + "lastModified": 1751398458, + "narHash": "sha256-EHg2Z0EbsFN5zU1WrLc1sFszbUsLLpqZgFim7Zi8dRc=", "ref": "feat-tap-overlap", - "rev": "900ef1359ea5f632f490be2e259aa3b409f5855e", - "revCount": 942, + "rev": "fb0334cbd16ec64c5ebcc10f7982a9857bd97d27", + "revCount": 986, "type": "git", "url": "https://github.com/jokesper/kmonad" }, @@ -279,46 +260,44 @@ "lix": { "flake": false, "locked": { - "lastModified": 1746827285, - "narHash": "sha256-hsFe4Tsqqg4l+FfQWphDtjC79WzNCZbEFhHI8j2KJzw=", - "rev": "47aad376c87e2e65967f17099277428e4b3f8e5a", + "lastModified": 1751235704, + "narHash": "sha256-J4ycLoXHPsoBoQtEXFCelL4xlq5pT8U9tNWNKm43+YI=", + "rev": "1d7368585eebaa2c4bdbcb88fe600cfb2239b2c6", "type": "tarball", - "url": "https://git.lix.systems/api/v1/repos/lix-project/lix/archive/47aad376c87e2e65967f17099277428e4b3f8e5a.tar.gz?rev=47aad376c87e2e65967f17099277428e4b3f8e5a" + "url": "https://git.lix.systems/api/v1/repos/lix-project/lix/archive/1d7368585eebaa2c4bdbcb88fe600cfb2239b2c6.tar.gz?rev=1d7368585eebaa2c4bdbcb88fe600cfb2239b2c6" }, "original": { "type": "tarball", - "url": "https://git.lix.systems/lix-project/lix/archive/2.93.0.tar.gz" + "url": "https://git.lix.systems/lix-project/lix/archive/release-2.93.tar.gz" } }, "lix-module": { "inputs": { - "flake-utils": "flake-utils_3", + "flake-utils": "flake-utils_2", "flakey-profile": "flakey-profile", "lix": "lix", - "nixpkgs": [ - "nixpkgs" - ] + "nixpkgs": "nixpkgs" }, "locked": { - "lastModified": 1746838955, - "narHash": "sha256-11R4K3iAx4tLXjUs+hQ5K90JwDABD/XHhsM9nkeS5N8=", - "rev": "cd2a9c028df820a83ca2807dc6c6e7abc3dfa7fc", + "lastModified": 1751240025, + "narHash": "sha256-SXUAlxpjPRkArRMHy5+Hdi+PiC+ND9yzzIjiaHmTvQU=", + "rev": "8b1094356f4723d6e89d3f8a95b333ee16d9ab02", "type": "tarball", - "url": "https://git.lix.systems/api/v1/repos/lix-project/nixos-module/archive/cd2a9c028df820a83ca2807dc6c6e7abc3dfa7fc.tar.gz?rev=cd2a9c028df820a83ca2807dc6c6e7abc3dfa7fc" + "url": "https://git.lix.systems/api/v1/repos/lix-project/nixos-module/archive/8b1094356f4723d6e89d3f8a95b333ee16d9ab02.tar.gz?rev=8b1094356f4723d6e89d3f8a95b333ee16d9ab02" }, "original": { "type": "tarball", - "url": "https://git.lix.systems/lix-project/nixos-module/archive/2.93.0.tar.gz" + "url": "https://git.lix.systems/lix-project/nixos-module/archive/2.93.2-1.tar.gz" } }, "mobile-nixos": { "flake": false, "locked": { - "lastModified": 1743812405, - "narHash": "sha256-BedQ9Z3+nqtp9BRjHjJNPUeLIMVbTsP3Udbz0b1cUn0=", + "lastModified": 1752497937, + "narHash": "sha256-xBkxB3KGDUQRpd2nSqJvw6vJhse4Lee4OaeJH6WvNDM=", "owner": "mobile-nixos", "repo": "mobile-nixos", - "rev": "6679fd7a8dd4ccf4aa538b82216723861cfe61a2", + "rev": "7a5fb89f4d2f08829f3fa1078108ceb40e8c8a67", "type": "github" }, "original": { @@ -327,6 +306,27 @@ "type": "github" } }, + "niri": { + "inputs": { + "nixpkgs": [ + "nixpkgs-master" + ], + "rust-overlay": "rust-overlay_3" + }, + "locked": { + "lastModified": 1752870529, + "narHash": "sha256-23DJk5EfEDCq7Xy1QELcayG0VxbbWpdQ6t7jbhae1Ok=", + "owner": "YaLTeR", + "repo": "niri", + "rev": "fefc0bc0a71556eb75352e2b611e50eb5d3bf9c2", + "type": "github" + }, + "original": { + "owner": "YaLTeR", + "repo": "niri", + "type": "github" + } + }, "nix-flatpak": { "locked": { "lastModified": 1739444422, @@ -345,11 +345,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1746814339, - "narHash": "sha256-hf2lICJzwACWuzHCmZn5NI6LUAOgGdR1yh8ip+duyhk=", + "lastModified": 1753122741, + "narHash": "sha256-nFxE8lk9JvGelxClCmwuJYftbHqwnc01dRN4DVLUroM=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "3c5e12673265dfb0de3d9121420c0c2153bf21e0", + "rev": "cc66fddc6cb04ab479a1bb062f4d4da27c936a22", "type": "github" }, "original": { @@ -361,11 +361,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1746904237, - "narHash": "sha256-3e+AVBczosP5dCLQmMoMEogM57gmZ2qrVSrmq9aResQ=", + "lastModified": 1746663147, + "narHash": "sha256-Ua0drDHawlzNqJnclTJGf87dBmaO/tn7iZ+TCkTRpRc=", "owner": "nixos", "repo": "nixpkgs", - "rev": "d89fc19e405cb2d55ce7cc114356846a0ee5e956", + "rev": "dda3dcd3fe03e991015e9a74b22d35950f264a54", "type": "github" }, "original": { @@ -377,11 +377,11 @@ }, "nixpkgs-master": { "locked": { - "lastModified": 1747003416, - "narHash": "sha256-AT1E41SQNY19vQ9L+RDSGkall2fEjLptBc6DSLJ0U5E=", + "lastModified": 1753264108, + "narHash": "sha256-8p2/JVY9NZJBJYhKqHrnniheqIYKEWqbfb3njExFEKE=", "owner": "nixos", "repo": "nixpkgs", - "rev": "5d35e620053b041a4e04f09b21adf058408994c9", + "rev": "54066a57598ff5d22ed30a746603a524667250fc", "type": "github" }, "original": { @@ -407,6 +407,22 @@ "type": "github" } }, + "nixpkgs_2": { + "locked": { + "lastModified": 1752950548, + "narHash": "sha256-NS6BLD0lxOrnCiEOcvQCDVPXafX1/ek1dfJHX1nUIzc=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "c87b95e25065c028d31a94f06a62927d18763fdf", + "type": "github" + }, + "original": { + "owner": "nixos", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, "pre-commit-hooks-nix": { "inputs": { "flake-compat": [ @@ -435,17 +451,12 @@ } }, "quadlet": { - "inputs": { - "nixpkgs": [ - "nixpkgs" - ] - }, "locked": { - "lastModified": 1746457417, - "narHash": "sha256-Eno9poUcLhWfMvs4H9Eb8JnXT5LFVhQ6G3UiEb0iKoA=", + "lastModified": 1752618481, + "narHash": "sha256-8132xTqalZxJZbznHDNoia1UqjNdL/hIQD4IXnI9F58=", "owner": "SEIAROTg", "repo": "quadlet-nix", - "rev": "11315f2c85e7ef9022115ce73386852e60de2c11", + "rev": "0c1d64f360c1a3c3534f6b592ca3ed5d46cf8429", "type": "github" }, "original": { @@ -463,9 +474,10 @@ "lanzaboote": "lanzaboote", "lix-module": "lix-module", "mobile-nixos": "mobile-nixos", + "niri": "niri", "nix-flatpak": "nix-flatpak", "nixos-hardware": "nixos-hardware", - "nixpkgs": "nixpkgs", + "nixpkgs": "nixpkgs_2", "nixpkgs-master": "nixpkgs-master", "quadlet": "quadlet", "zen-browser": "zen-browser" @@ -513,6 +525,27 @@ "type": "github" } }, + "rust-overlay_3": { + "inputs": { + "nixpkgs": [ + "niri", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1752374969, + "narHash": "sha256-Ky3ynEkJXih7mvWyt9DWoiSiZGqPeHLU1tlBU4b0mcc=", + "owner": "oxalica", + "repo": "rust-overlay", + "rev": "75fb000638e6d0f57cb1e8b7a4550cbdd8c76f1d", + "type": "github" + }, + "original": { + "owner": "oxalica", + "repo": "rust-overlay", + "type": "github" + } + }, "systems": { "locked": { "lastModified": 1681028828, @@ -543,21 +576,6 @@ "type": "github" } }, - "systems_3": { - "locked": { - "lastModified": 1681028828, - "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", - "owner": "nix-systems", - "repo": "default", - "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", - "type": "github" - }, - "original": { - "owner": "nix-systems", - "repo": "default", - "type": "github" - } - }, "zen-browser": { "inputs": { "home-manager": "home-manager_2", @@ -566,11 +584,11 @@ ] }, "locked": { - "lastModified": 1746998207, - "narHash": "sha256-q+3L52wIBNoUPPWGw55O2+WstZCgBVRGdKpYRxt60Rw=", + "lastModified": 1753069499, + "narHash": "sha256-YtgY0ueqKNrBma4Euu8WH23BhUkBujirJDMDE1KujnU=", "owner": "0xc000022070", "repo": "zen-browser-flake", - "rev": "37077d385abbf4358621948df86b37f618c5b338", + "rev": "c64b94235ae24e3b9e01a08f0331d8bb0e5b037a", "type": "github" }, "original": { diff --git a/flake.nix b/flake.nix index aedb09e4..345e933f 100644 --- a/flake.nix +++ b/flake.nix @@ -11,7 +11,6 @@ home-manager.inputs.nixpkgs.follows = "nixpkgs"; nixos-hardware.url = "github:NixOS/nixos-hardware/master"; quadlet.url = "github:SEIAROTg/quadlet-nix"; - quadlet.inputs.nixpkgs.follows = "nixpkgs"; # software lanzaboote = { @@ -21,8 +20,8 @@ inputs.nixpkgs.follows = "nixpkgs"; }; lix-module = { - url = "https://git.lix.systems/lix-project/nixos-module/archive/2.93.0.tar.gz"; - inputs.nixpkgs.follows = "nixpkgs"; + url = "https://git.lix.systems/lix-project/nixos-module/archive/2.93.2-1.tar.gz"; + # inputs.nixpkgs.follows = "nixpkgs"; }; zen-browser.url = "github:0xc000022070/zen-browser-flake"; zen-browser.inputs.nixpkgs.follows = "nixpkgs-master"; @@ -30,6 +29,10 @@ url = "git+https://github.com/jokesper/kmonad?dir=nix&ref=feat-tap-overlap"; inputs.nixpkgs.follows = "nixpkgs"; }; + niri.url = "github:YaLTeR/niri"; + niri.inputs.nixpkgs.follows = "nixpkgs-master"; + # nheko.url = "github:Nheko-Reborn/nheko"; + # nheko.flake = false; # helix helix.url = "github:sofusa/helix-pull-diagnostics"; @@ -55,7 +58,27 @@ }; } ); - overlays = [ self.overlays.default ]; + overlays = [ self.overlays.default + # lix-module.overlays.default + (final: prev: let + versionSuffix = "-horribly-patched"; + lix = final.applyPatches { + name = "lix${versionSuffix}"; + src = inputs.lix-module.inputs.lix; + patches = [ + (final.fetchpatch { + name = "lix-2.93-structuredAttrs.patch"; + url = "https://gerrit.lix.systems/changes/lix~3668/revisions/2/patch?download&raw"; + hash = "sha256-JQlAU0texMa7DMrqk447SXJUEu1k4IP9z8mjCHyskVc="; + }) + ]; + }; + patchedOverlay = import (inputs.lix-module + "/overlay.nix") { + inherit versionSuffix lix; + }; + in + patchedOverlay final prev) + ]; genPkgs = system: import nixpkgs { @@ -72,7 +95,7 @@ }; nixosConfigurations = lib.xyno.loadInstances ./instances ( [ - inputs.lix-module.nixosModules.default + # inputs.lix-module.nixosModules.default inputs.kmonad.nixosModules.default inputs.home-manager.nixosModules.default inputs.lanzaboote.nixosModules.lanzaboote diff --git a/hm-modules/helix.nix b/hm-modules/helix.nix index 7f466c9e..7e3bedd9 100644 --- a/hm-modules/helix.nix +++ b/hm-modules/helix.nix @@ -16,6 +16,7 @@ in dprint nodePackages_latest.typescript-language-server nodePackages_latest.vscode-langservers-extracted + markdown-oxide ## python # ruff-lsp # nodePackages_latest.pyright diff --git a/instances/theseus/configuration.nix b/instances/theseus/configuration.nix index f1675406..338a1095 100644 --- a/instances/theseus/configuration.nix +++ b/instances/theseus/configuration.nix @@ -8,8 +8,7 @@ { nixpkgs.system = "x86_64-linux"; imports = [ ./hardware-configuration.nix ]; - hardware.keyboard.zsa.enable = true; - boot.binfmt.emulatedSystems = [ "aarch64-linux" ]; + boot.binfmt.emulatedSystems = [ "aarch64-linux" ]; home-manager.users.${config.xyno.system.user.name} = ( { ... }: { @@ -17,7 +16,7 @@ xyno.borgmatic.enable = true; home.packages = [ # work - pkgs.jetbrains.rider + (pkgs.unstable.jetbrains.rider.override { jdk = pkgs.unstable.openjdk21; }) (pkgs.firefox-devedition.overrideAttrs (super: self: { meta.priority = 1; })) ]; services.flatpak.update.auto.enable = true; @@ -39,20 +38,43 @@ }; } ); + nixpkgs.config.permittedInsecurePackages = [ + "olm-3.2.16" + ]; + environment.systemPackages = with pkgs; [ aerc + oama # required for aerc + libsecret # required for oama + easyeffects jabref glib # rider wants gsettings - (pkgs.writeShellScriptBin "sudo" "run0 $@") krita + strawberry + pandoc + tectonic + rquickshare + supersonic + # (nheko.overrideAttrs ( + # super: self: { + # src = inputs.nheko; + # } + # )) ]; time.timeZone = "Europe/Berlin"; - networking.firewall.allowedTCPPorts = [ 1880 2021 ]; - networking.firewall.allowedUDPPorts = [ 1880 2021 ]; + networking.firewall.allowedTCPPorts = [ + 1880 + 2021 + ]; + networking.firewall.allowedUDPPorts = [ + 1880 + 2021 + ]; services.tailscale.enable = true; services.tailscale.useRoutingFeatures = "client"; + xyno.common.enable = true; xyno.desktop.common-programs.enable = true; xyno.hardware.kmonad.enable = true; xyno.presets.cli.enable = true; @@ -67,7 +89,7 @@ enable = true; enableWifi = true; }; - xyno.desktop.easyeffects.enable = true; + # xyno.desktop.easyeffects.enable = true; # xyno.desktop.fcitx5.enable = true; hardware.bluetooth.enable = true; services.blueman.enable = true; @@ -76,5 +98,4 @@ services.flatpak.enable = true; system.stateVersion = "24.11"; - programs.nh.enable = true; } diff --git a/modules/desktop/audio.nix b/modules/desktop/audio.nix index 7a2523c4..ccc5abb8 100644 --- a/modules/desktop/audio.nix +++ b/modules/desktop/audio.nix @@ -10,26 +10,41 @@ in { options.xyno.desktop.audio.enable = lib.mkEnableOption "enable pipewire and stuff"; config = lib.mkIf cfg.enable { - services.pipewire = { - enable = true; - # raopOpenFirewall = true; # airplay - pulse.enable = true; - extraConfig.pipewire = { - "9-clock-allow-higher" = { - "context.properties" = { - "default.clock.allowed-rates" = [ "44100" "48000" "96000" "192000" ]; + services.pipewire = { + enable = true; + # raopOpenFirewall = true; # airplay + pulse.enable = true; + extraConfig.pipewire = { + "9-clock-allow-higher" = { + "context.properties" = { + "default.clock.allowed-rates" = [ + "44100" + "48000" + "96000" + "192000" + ]; + }; + }; + # "10-raop-discover" = { + # "context.modules" = [ + # { + # name = "libpipewire-module-raop-discover"; + # args = { }; + # } + # ]; + # }; + }; + extraConfig.pipewire-pulse = { + "10-zeroconf" = { + "pulse.cmd" = [ + { + cmd = "load-module"; + args = "module-zeroconf-discover"; + } + ]; }; }; - # "10-raop-discover" = { - # "context.modules" = [ - # { - # name = "libpipewire-module-raop-discover"; - # args = { }; - # } - # ]; - # }; }; - }; }; } diff --git a/modules/desktop/common-programs.nix b/modules/desktop/common-programs.nix index 4d9b6a4d..d78922c6 100644 --- a/modules/desktop/common-programs.nix +++ b/modules/desktop/common-programs.nix @@ -13,7 +13,7 @@ in lib.mkEnableOption "install some commonly used programs"; config = lib.mkIf cfg.enable { home-manager.users.${config.xyno.system.user.name} = lib.mkIf config.xyno.presets.home-manager.enable ({...}: { - xyno.alacritty.enable = true; + # xyno.alacritty.enable = true; xyno.helix.enable = true; }); programs.steam = { @@ -37,14 +37,17 @@ in signal-desktop obsidian diebahn - vlc + mpv lutris libreoffice-qt6-fresh inkscape - easyeffects appimage-run unstable.keepassxc inputs.zen-browser.packages."${pkgs.system}".default + qalculate-qt + wl-clipboard-rs + wdisplays + ]; diff --git a/modules/desktop/foot.nix b/modules/desktop/foot.nix index f4d26b87..43e9d2a6 100644 --- a/modules/desktop/foot.nix +++ b/modules/desktop/foot.nix @@ -13,14 +13,14 @@ in type = lib.types.str; default = "niri.service"; }; - options.xyno.desktop.foot.package= lib.mkOption { + options.xyno.desktop.foot.package = lib.mkOption { type = lib.types.package; default = pkgs.foot; }; config = lib.mkIf cfg.enable { # should be socket activated tm - # systemd.user.services.foot.wantedBy = lib.mkForce [ cfg.wantedBy ]; - # systemd.user.sockets.foot.wantedBy = lib.mkForce [ cfg.wantedBy ]; + # systemd.user.services.foot-server.wantedBy = lib.mkForce [ cfg.wantedBy ]; + systemd.user.sockets.foot-server.wantedBy = lib.mkForce [ cfg.wantedBy ]; systemd.packages = [ cfg.package ]; xyno.desktop.niri.term = lib.mkDefault "footclient"; programs.foot = { diff --git a/modules/desktop/mate-polkit.nix b/modules/desktop/mate-polkit.nix deleted file mode 100644 index 640ef49e..00000000 --- a/modules/desktop/mate-polkit.nix +++ /dev/null @@ -1,32 +0,0 @@ - -{ - pkgs, - config, - lib, - ... -}: -let - cfg = config.xyno.desktop.mate-polkit; -in -{ - options.xyno.desktop.mate-polkit.enable = lib.mkEnableOption "enable mate-polkit as the gui polkit thing"; - options.xyno.desktop.mate-polkit.wantedBy = lib.mkOption { - type = lib.types.str; - default = "niri.service"; - }; - options.xyno.desktop.mate-polkit.package = lib.mkOption { - type = lib.types.package; - default = pkgs.mate.mate-polkit; # we're using mate polkit as it seems to be the only maintained gtk polkit thing (and we're using all the other gtk shit anyways) - }; - config = lib.mkIf cfg.enable { - environment.systemPackages = [ cfg.package ]; - systemd.user.services.mate-polkit = { - unitConfig.PartOf = "graphical-session.target"; - unitConfig.After = "graphical-session.target"; - unitConfig.Requisite = "graphical-session.target"; - serviceConfig.Restart = "on-failure"; - wantedBy = [ cfg.wantedBy ]; - script = "exec ${cfg.package}/libexec/polkit-mate-authentication-agent-1"; - }; - }; -} diff --git a/modules/desktop/niri.nix b/modules/desktop/niri.nix index a48c8054..394d2522 100644 --- a/modules/desktop/niri.nix +++ b/modules/desktop/niri.nix @@ -1,4 +1,5 @@ { + inputs, pkgs, config, lib, @@ -11,6 +12,7 @@ let "org.pulseaudio.pavucontrol" "KeePassXC" "org.gnome.NautilusPreviewer" + "io.github.Qalculate.qalculate-qt" ]; matchFloat = lib.concatStringsSep "\n" ( map (x: '' @@ -42,32 +44,72 @@ in { ... }: { xyno.dark-theme.enable = true; + home.file.".config/xdg-desktop-portal-termfilechooser/config".text = '' + [filechooser] + cmd=${pkgs.xdg-desktop-portal-termfilechooser}/share/xdg-desktop-portal-termfilechooser/yazi-wrapper.sh + default_dir=$HOME + env=TERMCMD=footclient --app-id floating-alacritty + open_mode = suggested + save_mode = suggested + ''; } ); + xdg.portal = { + extraPortals = [ + pkgs.xdg-desktop-portal-termfilechooser + ]; + config.niri.default = [ + "gnome" + "gtk" + ]; + # config.niri."org.freedesktop.impl.portal.FileChooser" = [ "termfilechooser" ]; + config.niri."org.freedesktop.impl.portal.Access" = [ "gtk" ]; + config.niri."org.freedesktop.impl.portal.Notification" = [ "gtk" ]; + config.niri."org.freedesktop.impl.portal.Secret" = [ "gnome-keyring" ]; + }; # xdg.portal = { # enable = true; # wlr.enable = true; # }; + environment.systemPackages = with pkgs;[ + playerctl + xwayland-satellite + ]; programs.niri.enable = true; + programs.niri.package = inputs.niri.packages.${pkgs.system}.default.overrideAttrs (prev: { + patches = prev.patches ++ [ + (pkgs.fetchurl { + url = "https://patch-diff.githubusercontent.com/raw/YaLTeR/niri/pull/1907.patch"; + hash = "sha256-XhG8Ga1/QMPXrF0FjQuBk8KZISbof4Md4kM73cG1SYQ="; + }) + ]; + + }); environment.etc."niri/config.kdl".mode = "444"; # copy file so niri detects changes environment.etc."niri/config.kdl".text = '' - // xwayland - spawn-at-startup "${pkgs.xwayland-satellite}/bin/xwayland-satellite" - environment { - DISPLAY ":0" + animations { + off } // keybinds binds { Mod+D { spawn "${cfg.launcher}"; } Mod+Alt+L { spawn "lock"; } Mod+T { spawn "${cfg.term}"; } - Mod+Y { spawn "${cfg.term} yazi"; } + Mod+Y { spawn "${cfg.term}" "--app-id" "floating-alacritty" "yazi"; } Mod+P { spawn "keepassxc"; } - XF86AudioRaiseVolume allow-when-locked=true { spawn "wpctl" "set-volume" "@DEFAULT_AUDIO_SINK@" "0.1+"; } - XF86AudioLowerVolume allow-when-locked=true { spawn "wpctl" "set-volume" "@DEFAULT_AUDIO_SINK@" "0.1-"; } + Mod+S { spawn "qalculate-qt"; } + Mod+Shift+N { spawn "makoctl" "dismiss" "-a"; } + Mod+N { spawn "makoctl" "dismiss"; } + Mod+E { spawn "makoctl" "menu" "fuzzel -d"; } + XF86AudioRaiseVolume allow-when-locked=true { spawn "wpctl" "set-volume" "@DEFAULT_AUDIO_SINK@" "0.03+"; } + XF86AudioLowerVolume allow-when-locked=true { spawn "wpctl" "set-volume" "@DEFAULT_AUDIO_SINK@" "0.03-"; } XF86AudioMute allow-when-locked=true { spawn "wpctl" "set-mute" "@DEFAULT_AUDIO_SINK@" "toggle"; } XF86AudioMicMute allow-when-locked=true { spawn "wpctl" "set-mute" "@DEFAULT_AUDIO_SOURCE@" "toggle"; } + XF86AudioNext allow-when-locked=true { spawn "playerctl" "next"; } + XF86AudioPrev allow-when-locked=true { spawn "playerctl" "previous"; } + XF86AudioPlay allow-when-locked=true { spawn "playerctl" "play-pause"; } + XF86AudioPause allow-when-locked=true { spawn "playerctl" "pause"; } Mod+Q { close-window; } @@ -284,10 +326,19 @@ in Super+Backslash { focus-workspace "scratchpad"; } } layout { - gaps 12 + // center-focused-column "always" + gaps 8 shadow { on } + background-color "transparent" + struts { + right 16 + left 16 + } + + default-column-width { proportion 0.33333; } + tab-indicator { hide-when-single-tab position "top" @@ -300,6 +351,11 @@ in // scratchpad // workspace "scratchpad" + // Put swaybg inside the overview backdrop. + layer-rule { + match namespace="^wpaperd.*$" + place-within-backdrop true + } screenshot-path "~/Pictures/screenshots/screenshot-%Y-%m-%d %H-%M-%S.png" // Indicate screencasted windows with red colors. @@ -353,11 +409,13 @@ in } input { - workspace-auto-back-and-forth - focus-follows-mouse + // workspace-auto-back-and-forth + focus-follows-mouse max-scroll-amount="10%" + keyboard { xkb { layout "eu" + // options "compose:lalt" } } touchpad { diff --git a/modules/desktop/waybar.nix b/modules/desktop/waybar.nix index 78ea4182..75368195 100644 --- a/modules/desktop/waybar.nix +++ b/modules/desktop/waybar.nix @@ -424,7 +424,7 @@ in }; options.xyno.desktop.waybar.package = lib.mkOption { type = lib.types.package; - default = pkgs.unstable.waybar.override { hyprlandSupport = false; }; # we don't use it and hyprland seems to not build on current master + default = pkgs.unstable.waybar; }; options.xyno.desktop.waybar.mode = lib.mkOption { type = lib.types.str; diff --git a/modules/hardware/kmonad.nix b/modules/hardware/kmonad.nix index 5f194943..7bf65015 100644 --- a/modules/hardware/kmonad.nix +++ b/modules/hardware/kmonad.nix @@ -26,6 +26,11 @@ in config = builtins.readFile ./kmonad/k70.kbd; }; + wire = { + device = "/dev/input/by-id/usb-Razer_Razer_BlackWidow_Chroma_V2-event-kbd"; + config = builtins.readFile ./kmonad/chroma_v2.kbd; + + }; }; }; }; diff --git a/modules/hardware/kmonad/chroma_v2.kbd b/modules/hardware/kmonad/chroma_v2.kbd new file mode 100644 index 00000000..06b1331b --- /dev/null +++ b/modules/hardware/kmonad/chroma_v2.kbd @@ -0,0 +1,89 @@ +(defcfg + ;; ** For Linux ** + input (device-file "/dev/input/by-id/usb-Razer_Razer_BlackWidow_Chroma_V2-event-kbd") + ;; input (device-file "/dev/input/by-path/platform-i8042-serio-0-event-kbd") + output (uinput-sink "KMonad output") + + ;; ** For Windows ** + ;; input (low-level-hook) + ;; output (send-event-sink) + + ;; ** For MacOS ** + ;; input (iokit-name "my-keyboard-product-string") + ;; output (kext) + + fallthrough true +) + +(defsrc + esc f1 f2 f3 f4 f5 f6 f7 f8 f9 f10 f11 f12 + grv 1 2 3 4 5 6 7 8 9 0 - = bspc + tab q w e r t y u i o p [ ] + caps a s d f g h j k l ; ' \ ret + lsft 102d z x c v b n m , . / rsft + lctl lmet lalt spc ralt rmet cmp rctl +) + +(defalias + ext (layer-toggle extend) ;; Bind 'ext' to the Extend Layer +) + +(defalias + cpy C-c + pst C-v + cut C-x + udo C-z + all C-a + fnd C-f + bk Back + fw Forward +) +(defalias + num (layer-toggle num) +) + +(deflayer colemak-dh + esc f1 f2 f3 f4 f5 f6 f7 f8 f9 f10 f11 f12 + grv 1 2 3 4 5 6 7 8 9 0 - = bspc + tab q w f p b j l u y ; [ ] + esc (tap-hold-next-release 200 a lctrl) (tap-hold-next-release 200 r ralt) (tap-hold-next-release 200 s lmet) t g m n (tap-hold-next-release 200 e rmet) (tap-hold-next-release 200 i lalt) (tap-hold-next-release 200 o rctrl) ' \\ ret + lsft z x c d v 102d k h , . / rsft + lctl lmet lalt spc ralt rmet _ _ +) +(deflayer num + esc f1 f2 f3 f4 f5 f6 f7 f8 f9 f10 f11 f12 + grv 1 2 3 4 5 6 7 8 9 0 - = bspc + tab q w f p b j l u y ; [ ] + esc 1 2 3 4 5 6 7 8 9 0 ' \\ ret + lsft z x c d v 102d k h , . / rsft + lctl lmet lalt spc ralt rmet _ _ +) + +(deflayer colemak-dhk + esc f1 f2 f3 f4 f5 f6 f7 f8 f9 f10 f11 f12 + grv 1 2 3 4 5 6 7 8 9 0 - = bspc + tab q w f p b j l u y ; [ ] + @ext a r s t g k n e i o ' \\ ret + lsft z x c d v 102d m h , . / rsft + lctl lmet lalt spc ralt rmet _ _ +) + +(deflayer extend + _ play rewind previoussong nextsong ejectcd refresh brdn brup www mail prog1 prog2 + _ f1 f2 f3 f4 f5 f6 f7 f8 f9 f10 f11 f12 _ + _ esc @bk @fnd @fw ins pgup home up end menu prnt slck + _ lalt lmet lsft lctl ralt pgdn lft down rght del caps _ _ + _ @udo @cut @cpy tab @pst _ pgdn bks lsft lctl comp _ + _ _ _ ret _ _ _ _ +) + + +(deflayer empty + _ _ _ _ _ _ _ _ _ _ _ _ _ + _ _ _ _ _ _ _ _ _ _ _ _ _ _ + _ _ _ _ _ _ _ _ _ _ _ _ _ + _ _ _ _ _ _ _ _ _ _ _ _ _ _ + _ _ _ _ _ _ _ _ _ _ _ _ _ + _ _ _ _ _ _ _ _ +) + diff --git a/modules/module-list.nix b/modules/module-list.nix index 902774e2..b01aec65 100644 --- a/modules/module-list.nix +++ b/modules/module-list.nix @@ -8,7 +8,6 @@ ./desktop/foot.nix ./desktop/fuzzel.nix ./desktop/mako.nix - ./desktop/mate-polkit.nix ./desktop/niri.nix ./desktop/shikane.nix ./desktop/swayidle.nix @@ -17,6 +16,7 @@ ./hardware/kmonad.nix ./networking/networkd.nix ./presets/cli.nix + ./presets/common.nix ./presets/gui.nix ./presets/home-manager.nix ./system/user.nix diff --git a/modules/networking/networkd.nix b/modules/networking/networkd.nix index b5b8d1ec..b55a07df 100644 --- a/modules/networking/networkd.nix +++ b/modules/networking/networkd.nix @@ -13,6 +13,50 @@ in config = lib.mkIf cfg.enable { systemd.network.enable = true; networking.useNetworkd = true; + networking = { + dhcpcd.enable = false; + useDHCP = true; + useHostResolvConf = false; + }; + # systemd.network.networks."60-wifi-client" = { + # matchConfig = { + # WLANInterfaceType = "station"; + # }; + # networkConfig = { + # DHCP = "yes"; + # # IPv6AcceptRA = true; + # KeepConfiguration = "no"; + # IPv6PrivacyExtensions = "kernel"; + # }; + # linkConfig.RequiredForOnline = "routable"; + # dhcpV4Config = { + # RouteMetric = 1025; + # # IPv6OnlyMode = "yes"; + # }; + # ipv6AcceptRAConfig = { + # # UsePREF64 = true; + # RouteMetric = 1025; + # }; + # }; + # systemd.network.networks."60-ethernet-dhcp" = { + # matchConfig = { + # Kind = "!*"; + # Type = "either"; + # # Name = "en*"; + # }; + # linkConfig.RequiredForOnline = "routable"; + # dhcpV4Config = { + # # IPv6OnlyMode = "yes"; + # }; + # networkConfig = { + # DHCP = "yes"; + # # IPv6AcceptRA = true; + # KeepConfiguration = "no"; + # IPv6PrivacyExtensions = "kernel"; + # }; + # # ipv6AcceptRAConfig.UsePREF64 = true; + # }; networking.wireless.iwd.enable = cfg.enableWifi; + # services.clatd.enable = true; }; } diff --git a/modules/presets/cli.nix b/modules/presets/cli.nix index c1991bd2..5181ea2f 100644 --- a/modules/presets/cli.nix +++ b/modules/presets/cli.nix @@ -15,6 +15,27 @@ in xyno.cli.starship.enable = true; security.sudo.enable = false; + # Opitionally + i18n.defaultLocale = "en_US.UTF-8"; + # i18n.extraLocales = ["de_DE.UTF-8"]; + i18n.extraLocaleSettings = { + LC_CTYPE = "en_US.UTF8"; + LC_ADDRESS = "de_DE.UTF-8"; + LC_MEASUREMENT = "de_DE.UTF-8"; + LC_MESSAGES = "en_US.UTF-8"; + LC_MONETARY = "de_DE.UTF-8"; + LC_NAME = "de_DE.UTF-8"; + LC_NUMERIC = "en_US.UTF-8"; + LC_PAPER = "de_DE.UTF-8"; + LC_TELEPHONE = "de_DE.UTF-8"; + LC_TIME = "de_DE.UTF-8"; + LC_COLLATE = "de_DE.UTF-8"; + }; + home-manager.users.xyno.home.sessionVariables.LOCALE_ARCHIVE_2_27 = + lib.mkForce "/run/current-system/sw/lib/locale/locale-archive"; + home-manager.users.xyno.systemd.user.sessionVariables.LOCALE_ARCHIVE_2_27 = + lib.mkForce "/run/current-system/sw/lib/locale/locale-archive"; + nix.settings = { substituters = [ "https://cache.lix.systems" @@ -51,6 +72,13 @@ in enable = true; }; + services.pcscd.enable = true; +programs.gnupg.agent = { + enable = true; + # pinentrywlavor = "curses"; + # enableSSHSupport = true; +}; + environment.systemPackages = with pkgs; [ jq fd @@ -80,7 +108,7 @@ in programs.mosh.enable = true; environment.variables.EDITOR = "hx"; environment.variables.VISUAL = "hx"; - environment.variables.PAGER= "moar"; + environment.variables.PAGER = "moar"; environment.shellAliases = { l = "ls -alh"; diff --git a/modules/presets/common.nix b/modules/presets/common.nix new file mode 100644 index 00000000..ccb10ea6 --- /dev/null +++ b/modules/presets/common.nix @@ -0,0 +1,17 @@ +{ + pkgs, + config, + lib, + ... +}: +let + cfg = config.xyno.common; +in +{ + options.xyno.common.enable = lib.mkEnableOption "enables common settings"; + config = lib.mkIf cfg.enable { + boot.initrd.systemd.enable = true; + hardware.keyboard.zsa.enable = true; + programs.nh.enable = true; + }; +} diff --git a/modules/presets/gui.nix b/modules/presets/gui.nix index 7a080a5d..bfeaa566 100644 --- a/modules/presets/gui.nix +++ b/modules/presets/gui.nix @@ -16,7 +16,8 @@ in config = lib.mkIf cfg.enable { xyno.desktop.niri.enable = true; xyno.desktop.audio.enable = lib.mkDefault true; - xyno.desktop.mate-polkit.enable = true; + security.soteria.enable = true; + security.rtkit.enable = true; xyno.hardware.kmonad.enable = true; # wayland on electron environment.sessionVariables.NIXOS_OZONE_WL = "1"; @@ -31,7 +32,19 @@ in qt = { enable = true; style = "breeze"; - platformTheme = "kde"; + platformTheme = "lxqt"; + }; + + programs.yazi = { + settings.keymap.manager.prepend_keymap = [ + { + on = "y"; + run = [ + ''shell -- for path in "$@"; do echo "file://$path"; done | ${pkgs.wl-clipboard-rs}/bin/wl-copy -t text/uri-list'' + "yank" + ]; + } + ]; }; # setup printing @@ -42,11 +55,14 @@ in openFirewall = true; }; services.printing.enable = true; + services.printing.stateless = true; + services.system-config-printer.enable = true; # enable the gnome shit services.gnome.gnome-keyring.enable = true; services.gnome.gnome-online-accounts.enable = true; services.gnome.core-utilities.enable = true; + services.gnome.gcr-ssh-agent.enable = lib.mkForce false; services.gnome.sushi.enable = true; services.gnome.gnome-settings-daemon.enable = true; services.gvfs.enable = true; @@ -55,33 +71,34 @@ in enable = true; settings.default = [ "foot.desktop" ]; }; + xdg.portal.xdgOpenUsePortal = true; environment.sessionVariables.GTK_USE_PORTAL = "1"; - home-manager.users.${config.xyno.system.user.name} = - { pkgs, ... }: - { - xdg.mimeApps = { - enable = true; - defaultApplications = { - "x-scheme-handler/mailto" = [ "aerc.desktop" ]; - "inode/directory" = [ "org.gnome.Nautilus.desktop" ]; - "application/x-gnome-saved-search" = [ "org.gnome.Nautilus.desktop" ]; - "x-scheme-handler/http" = "userapp-Zen-D2P132.desktop"; - "x-scheme-handler/https" = "userapp-Zen-D2P132.desktop"; - "x-scheme-handler/chrome" = "userapp-Zen-D2P132.desktop"; - "text/html" = "userapp-Zen-D2P132.desktop"; - "application/x-extension-htm" = "userapp-Zen-D2P132.desktop"; - "application/x-extension-html" = "userapp-Zen-D2P132.desktop"; - "application/x-extension-shtml" = "userapp-Zen-D2P132.desktop"; - "application/xhtml+xml" = "userapp-Zen-D2P132.desktop"; - "application/x-extension-xhtml" = "userapp-Zen-D2P132.desktop"; - "application/x-extension-xht" = "userapp-Zen-D2P132.desktop"; - "application/pdf" = "org.gnome.Evince.desktop"; + # home-manager.users.${config.xyno.system.user.name} = + # { pkgs, ... }: + # { + # xdg.mimeApps = { + # enable = true; + # defaultApplications = { + # "x-scheme-handler/mailto" = [ "aerc.desktop" ]; + # "inode/directory" = [ "org.gnome.Nautilus.desktop" ]; + # "application/x-gnome-saved-search" = [ "org.gnome.Nautilus.desktop" ]; + # "x-scheme-handler/http" = "userapp-Zen-D2P132.desktop"; + # "x-scheme-handler/https" = "userapp-Zen-D2P132.desktop"; + # "x-scheme-handler/chrome" = "userapp-Zen-D2P132.desktop"; + # "text/html" = "userapp-Zen-D2P132.desktop"; + # "application/x-extension-htm" = "userapp-Zen-D2P132.desktop"; + # "application/x-extension-html" = "userapp-Zen-D2P132.desktop"; + # "application/x-extension-shtml" = "userapp-Zen-D2P132.desktop"; + # "application/xhtml+xml" = "userapp-Zen-D2P132.desktop"; + # "application/x-extension-xhtml" = "userapp-Zen-D2P132.desktop"; + # "application/x-extension-xht" = "userapp-Zen-D2P132.desktop"; + # "application/pdf" = "org.gnome.Evince.desktop"; - }; - }; - }; + # }; + # }; + # }; environment.systemPackages = with pkgs; [ kdePackages.breeze-gtk @@ -98,6 +115,7 @@ in source-code-pro # Default monospace font in 3.32 source-sans b612 + lxqt.lxqt-config ]; diff --git a/modules/system/impermanence.nix b/modules/system/impermanence.nix new file mode 100644 index 00000000..dac9409f --- /dev/null +++ b/modules/system/impermanence.nix @@ -0,0 +1,22 @@ +{ + pkgs, + lib, + config, + ... +}: +let + cfg = config.xyno.impermanence; +in +{ + options.xyno.impermanence = { + enable = lib.mkEnableOption "erase all your darlings (they hate you anyways)"; + extraFiles = lib.mkOption { type = lib.types.listOf lib.types.str; }; + extraDirectories = lib.mkOption { type = lib.types.listOf lib.types.str; }; + }; + config = lib.mkIf cfg.enable { + imports = [ ]; # TODO + + impermanence.extraFiles = cfg.extraFiles; + impermanence.extraDirectories = cfg.extraDirectories; + }; +} diff --git a/secrets/deploy-secrets.py b/secrets/deploy-secrets.py new file mode 100644 index 00000000..3bdf1f04 --- /dev/null +++ b/secrets/deploy-secrets.py @@ -0,0 +1,51 @@ +#!/usr/bin/env python + +import subprocess +import sys +import argparse +import json + +parser = argparse.ArgumentParser() +parser.add_argument("flake") +parser.add_argument("-f", "--force", action='store_true') +args = parser.parse_args() + +NIX_OUTPUT_JSON_PATH = subprocess.run(["nix", "build", f"{args.flake}.config.xyno.secret-output", "--no-link") +HOSTNAME = subprocess.run(["nix", "eval", f"{args.flake}.config.networking.hostName", "--raw"]) + +nix_output_json + +with open(NIX_OUTPUT_JSON_PATH, "r") as f: + nix_output_json = json.load(f) + +def run_ssh(command): + return subprocess.run("ssh", HOSTNAME, command) + +def check_tpm(): + return run_ssh("systemd-analyze has-tpm2").returncode == 0 + +def push_secret(secret_name, secret_content): + + if !args.force && secret_name in run_ssh("systemd-creds list"): + print(f"[INFO] secret {secret_name} exists on target, skipping") + print(f"[INFO] run with --force to skip") + return + + command + if secret_content["random"] != null: + command = f"openssl rand -hex {secret_content["random"]} | systemd-creds encrypt - {secret_name}" + else if secret_content["ageFile"] != null: + secret_output = subprocess.run(["rage", "-d", secret_content["ageFile"]]) + command = f"echo '{secret_output}' | systemd-creds encrypt - {secret_name}" + else if secret_content["command"] != null: + secret_output = subprocess.run(["sh", "-c", secret_content["command"]]) + command = f"echo '{secret_output}' | systemd-creds encrypt - {secret_name}" + else: + print(f"[ERROR] no secret content set for {secret_name}: {secret_content}") + return + run_ssh(command) + + + +for secret_name, secret_content in nix_output_json: + push_secret(secret_name,secret_content) diff --git a/secrets/nixos-module.nix b/secrets/nixos-module.nix new file mode 100644 index 00000000..2382ab74 --- /dev/null +++ b/secrets/nixos-module.nix @@ -0,0 +1,56 @@ +{ + pkgs, + config, + lib, + ... +}: +with lib; +let + cfg = config.xyno.secrets; + json = builtins.toJSON cfg; + +in +{ + options.xyno.secret-output = lib.mkOption { + type = types.str; + }; + options.xyno.secrets = mkOption { + type = types.attrsOf ( + types.submodule { + options = { + random = mkOption { + type = types.nullOr types.int; + default = null; + description = '' + have the secret be a random hex string with n bytes + ''; + }; + ageFile = mkOption { + type = types.nullOr types.str; + default = null; + description = '' + have the secret be a age encrypted file + ''; + }; + command = mkOption { + type = types.nullOr types.str; + default = null; + description = '' + have the secret be the output of a command (impure grrrrr) + ''; + }; + }; + } + ); + }; + config = { + systemd.tpm2.enable = true; + boot.initrd.systemd.tpm2.enable = true; + # TODO: ensure secrets are loaded in activation script + + xyno.secret-output = pkgs.writeFile "xyno-secret.json" json; + environment.systemPackages = [ + pkgs.openssl # needed for random secrets + ]; + }; +}