nix-configs/hosts/theseus/default.nix

{ config, inputs, pkgs, lib, ... }:
{
  imports =
    [
      ./hardware-configuration.nix
      ./kmonad.nix

      ../../nixos-modules/networking/tailscale.nix
      ../../nixos-modules/services/ssh.nix
      ../../nixos-modules/system/agenix.nix
      ../../nixos-modules/system/persist.nix
      ../../nixos-modules/user
    ];

  # For mount.cifs, required unless domain name resolution is not needed.
  environment.systemPackages = [ pkgs.cifs-utils ];

  ragon.agenix.secrets.smbSecrets = { };
  fileSystems."/data" = {
    device = "//ds9.kangaroo-galaxy.ts.net/data";
    fsType = "cifs";
    options = let
      automount_opts = "x-systemd.automount,noauto,x-systemd.idle-timeout=60,x-systemd.device-timeout=5s,x-systemd.mount-timeout=5s,user,users";

      in ["${automount_opts},credentials=${config.age.secrets.smbSecrets.path},uid=1000,gid=100"];
  };
  # Don't Use the systemd-boot EFI boot loader.
  boot.loader.systemd-boot.enable = true;
  boot.initrd.luks.devices.cryptroot.device = "/dev/disk/by-uuid/4cd8dbb3-8eea-48ff-87b1-92945be291ac";
  programs.fuse.userAllowOther = true;
  programs.sway.enable = true;
  programs.nix-ld.enable = true;
  programs.gamescope.enable = true;
  services.gnome.sushi.enable = true;
  services.gnome.gnome-settings-daemon.enable = true; 
  services.gvfs.enable = true;
  services.logind.extraConfig = ''
    # supspend on pw button press
    HandlePowerKey=suspend
  '';
  programs.kdeconnect.enable = true;
  services.power-profiles-daemon.enable = true;
  services.printing.enable = true;
  services.printing.drivers = with pkgs; [ gutenprint hplip splix ];
  services.avahi.enable = true;
  programs.sway.extraSessionCommands = ''
    export NIXOS_OZONE_WL=1
  '';
  xdg.portal = {
    wlr.enable = true;
    enable = true;
    extraPortals = [ pkgs.xdg-desktop-portal-gtk ];
    configPackages = [ pkgs.xdg-desktop-portal-gtk ];
  };
  # start bt
  hardware.bluetooth.enable = true;
  services.blueman.enable = true;

  # end bt
  programs.light.enable = true;
  networking.networkmanager.enable = true;
  networking.networkmanager.wifi.backend = "iwd";
  services.xserver.displayManager.gdm.enable = true;
  services.xserver.enable = true;
  services.xserver.displayManager.gdm.wayland = true;
  programs.seahorse.enable = true;
  services.gnome.gnome-keyring.enable = true;
  services.gnome.gnome-online-accounts.enable = true;
  services.gnome.core-utilities.enable = true;
  services.displayManager.defaultSession = "river";
  programs.river.enable = true;
  services.upower.enable = true;
  users.users.ragon.extraGroups = [ "networkmanager" "video" ];
  fonts.packages = with pkgs; [
    nerdfonts
    cantarell-fonts
    dejavu_fonts
    source-code-pro # Default monospace font in 3.32
    source-sans
  ];
  services.pipewire = {
    enable = true;
    pulse.enable = true;
  };
  services.fwupd.enable = true;

  programs.ssh.startAgent = true;

  programs.evolution.enable = true;
  services.gnome.evolution-data-server.enable = true;
  services.flatpak.enable = true;

  programs.steam = {
    enable = true;
    remotePlay.openFirewall = true; # Open ports in the firewall for Steam Remote Play
    # dedicatedServer.openFirewall = true; # Open ports in the firewall for Source Dedicated Server
    localNetworkGameTransfers.openFirewall = true; # Open ports in the firewall for Steam Local Network Game Transfers
  };

  home-manager.users.ragon = { pkgs, lib, inputs, config, ... }: {
    imports = [
      ../../hm-modules/helix
      ../../hm-modules/nushell
      ../../hm-modules/zellij
      ../../hm-modules/cli.nix
      ./swaycfg.nix
      ./work.nix
      ./river.nix
      ../../hm-modules/files.nix
      inputs.wired.homeManagerModules.default
    ];
    ragon.helix.enable = true;
    ragon.nushell.enable = true;
    ragon.nushell.isNixOS = true;
    ragon.zellij.enable = true;
    services.gnome-keyring.enable = true;
    home.file.".config/wezterm/wezterm.lua".text = ''
      local wezterm = require 'wezterm'

      

      -- This will hold the configuration.
      local config = wezterm.config_builder()

      config.default_prog = { 'nu' }
      config.hide_tab_bar_if_only_one_tab = true
      config.max_fps = 144
      config.font = wezterm.font 'Source Code Pro'

      -- This is where you actually apply your config choices

      -- For example, changing the color scheme:
      config.color_scheme = 'Gruvbox Dark (Gogh)'

      -- and finally, return the configuration to wezterm
      return config
    '';

    home.packages = with pkgs; [
      inputs.wezterm.packages.${pkgs.system}.default
      element-desktop # this is not a place of honor
      discord # shitcord
      unstable.signal-desktop
      unstable.feishin
      unstable.plexamp
      firefox
      obsidian
      thunderbird
      orca-slicer
      diebahn
      vlc
      dolphin
      # unstable.kicad
      unstable.devenv
      lutris
      libsecret
      mixxx
      unstable.harsh
      libreoffice-qt6-fresh


      broot
    ];
    home.file.".zshrc".text = lib.mkForce ''
      exec nu
    '';
    programs.nushell.extraConfig = ''
      harsh l
    '';

    services.kdeconnect = {
      enable = true;
      indicator = true;
      package = pkgs.kdePackages.kdeconnect-kde;
    };



    # home.persistence."/persistent/home/ragon" =
    #   {
    #     directories = [
    #       ".mozilla"
    #       ".cache"
    #       ".ssh"
    #       "docs"
    #       "Images"
    #       "Downloads"
    #       "Music"
    #       "Pictures"
    #       "Documents"
    #       "Videos"
    #       "VirtualBox VMs"
    #       ".gnupg"
    #       ".ssh"
    #       ".local/share/keyrings"
    #       ".local/share/direnv"
    #       ".local/share/Steam"
    #     ];
    #     allowOther = true;
    #   };
    programs.home-manager.enable = true;
    home.stateVersion = "24.05";
    programs.borgmatic = {
      enable = true;
      backups.system = {
        location.sourceDirectories = [ "/persistent" ];
        location.repositories = [{ path = "ssh://ragon@ds9//backups/theseus"; }];
        location.extraConfig.exclude_if_present = [ ".nobackup" ];
        storage.encryptionPasscommand = "${pkgs.libsecret}/bin/secret-tool lookup borg-repository system";
        location.extraConfig.before_backup = [ "notify-send -u low -a borgmatic borgmatic \"starting backup\" -t 10000" ];
        location.extraConfig.after_backup = [ "notify-send -u low -a borgmatic borgmatic \"finished backup\" -t 10000" ];
        location.extraConfig.on_error = [ "notify-send -u critical -a borgmatic borgmatic \"backup failed\"" ];
        location.extraConfig.ssh_command = "ssh -i /home/ragon/.ssh/id_ed25519";
        location.extraConfig.one_file_system = true;
        retention = {
          keepHourly = 24;
          keepDaily = 7;
          keepWeekly = 4;
          keepMonthly = 12;
          keepYearly = 2;
        };
      };
    };
    services.borgmatic.enable = true;
  };

  ragon = {
    user.enable = true;
    persist.enable = true;
    persist.extraDirectories = [
      "/var/lib/bluetooth"
    ];
    services = {
      ssh.enable = true;
      tailscale.enable = true;
    };

  };
}