comparing 7de4729e3d743ef42932a721671e32ceb7ed03a9 and main on aylac.top/nixcfg-own-knot

+15

.github/workflows/tangled.yaml

···

       1
       +
       name: Tangle

     

       2
       +
       

     

       3
       +
       on:

     

       4
       +
         push:

     

       5
       +
           branches: [main]

     

       6
       +
         workflow_dispatch:

     

       7
       +
       

     

       8
       +
       jobs:

     

       9
       +
         tangle:

     

       10
       +
           runs-on: ubuntu-latest

     

       11
       +
           steps:

     

       12
       +
             - uses: gwennlbh/to-tangled@v0.3

     

       13
       +
               with:

     

       14
       +
                 repo: aylac.top/nixcfg

     

       15
       +
                 ssh-key: ${{ secrets.TANGLED_KEY }}

+251 -105

flake.lock

···

       28
        
             "inputs": {

     

       29
        
               "flake-parts": "flake-parts_3",

     

       30
        
               "git-hooks": "git-hooks",

     

       31
       -
               "nixpkgs": "nixpkgs_2"

     

       32
        
             },

     

       33
        
             "locked": {

     

       34
        
               "lastModified": 1753483837,

     
···

       54
        
               "systems": "systems"

     

       55
        
             },

     

       56
        
             "locked": {

     

       57
       -
               "lastModified": 1754433428,

     

       58
       -
               "narHash": "sha256-NA/FT2hVhKDftbHSwVnoRTFhes62+7dxZbxj5Gxvghs=",

     

       59
        
               "owner": "ryantm",

     

       60
        
               "repo": "agenix",

     

       61
       -
               "rev": "9edb1787864c4f59ae5074ad498b6272b3ec308d",

     

       62
        
               "type": "github"

     

       63
        
             },

     

       64
        
             "original": {

     
···

       67
        
               "type": "github"

     

       68
        
             }

     

       69
        
           },

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       70
        
           "copyparty": {

     

       71
        
             "inputs": {

     

       72
        
               "flake-utils": "flake-utils",

     

       73
       -
               "nixpkgs": "nixpkgs"

     

       74
        
             },

     

       75
        
             "locked": {

     

       76
       -
               "lastModified": 1756412699,

     

       77
       -
               "narHash": "sha256-0zntPGPK18f5Jcw88f+ibF7BdrHqrGn2vxb6ClpMYZs=",

     

       78
        
               "owner": "9001",

     

       79
        
               "repo": "copyparty",

     

       80
       -
               "rev": "3e90abbf6f24b3bcc4459bda32f0471f51722b65",

     

       81
        
               "type": "github"

     

       82
        
             },

     

       83
        
             "original": {

     
···

       130
        
               ]

     

       131
        
             },

     

       132
        
             "locked": {

     

       133
       -
               "lastModified": 1756115622,

     

       134
       -
               "narHash": "sha256-iv8xVtmLMNLWFcDM/HcAPLRGONyTRpzL9NS09RnryRM=",

     

       135
        
               "owner": "nix-community",

     

       136
        
               "repo": "disko",

     

       137
       -
               "rev": "bafad29f89e83b2d861b493aa23034ea16595560",

     

       138
        
               "type": "github"

     

       139
        
             },

     

       140
        
             "original": {

     
···

       173
        
               "type": "github"

     

       174
        
             }

     

       175
        
           },

     

       176
       -
           "firefox-onebar": {

     

       177
       -
             "flake": false,

     

       178
       -
             "locked": {

     

       179
       -
               "narHash": "sha256-kkg+wplvJvOmO2FseZuF/P2HBh+r/uSEEb9TD6RSA54=",

     

       180
       -
               "type": "file",

     

       181
       -
               "url": "https://git.gay/freeplay/Firefox-Onebar/raw/branch/waf/onebar.css"

     

       182
       -
             },

     

       183
       -
             "original": {

     

       184
       -
               "type": "file",

     

       185
       -
               "url": "https://git.gay/freeplay/Firefox-Onebar/raw/branch/waf/onebar.css"

     

       186
       -
             }

     

       187
       -
           },

     

       188
        
           "flake-compat": {

     

       189
        
             "flake": false,

     

       190
        
             "locked": {

     
···

       249
        
               "type": "github"

     

       250
        
             }

     

       251
        
           },

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       252
        
           "flake-parts": {

     

       253
        
             "inputs": {

     

       254
        
               "nixpkgs-lib": [

     
···

       275
        
               "nixpkgs-lib": "nixpkgs-lib"

     

       276
        
             },

     

       277
        
             "locked": {

     

       278
       -
               "lastModified": 1754487366,

     

       279
       -
               "narHash": "sha256-pHYj8gUBapuUzKV/kN/tR3Zvqc7o6gdFB9XKXIp1SQ8=",

     

       280
        
               "owner": "hercules-ci",

     

       281
        
               "repo": "flake-parts",

     

       282
       -
               "rev": "af66ad14b28a127c5c0f3bbb298218fc63528a18",

     

       283
        
               "type": "github"

     

       284
        
             },

     

       285
        
             "original": {

     
···

       370
        
               "type": "github"

     

       371
        
             }

     

       372
        
           },

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       373
        
           "flake-utils": {

     

       374
        
             "locked": {

     

       375
        
               "lastModified": 1678901627,

     
···

       409
        
               "files": "files_2",

     

       410
        
               "flake-parts": "flake-parts_4",

     

       411
        
               "git-hooks-nix": "git-hooks-nix",

     

       412
       -
               "home-manager": "home-manager_2",

     

       413
        
               "nix-darwin": "nix-darwin",

     

       414
        
               "nixpkgs": [

     

       415
        
                 "nixpkgs"

     
···

       486
        
               ]

     

       487
        
             },

     

       488
        
             "locked": {

     

       489
       -
               "lastModified": 1755960406,

     

       490
       -
               "narHash": "sha256-RF7j6C1TmSTK9tYWO6CdEMtg6XZaUKcvZwOCD2SICZs=",

     

       491
        
               "owner": "cachix",

     

       492
        
               "repo": "git-hooks.nix",

     

       493
       -
               "rev": "e891a93b193fcaf2fc8012d890dc7f0befe86ec2",

     

       494
        
               "type": "github"

     

       495
        
             },

     

       496
        
             "original": {

     
···

       633
        
           "home-manager_2": {

     

       634
        
             "inputs": {

     

       635
        
               "nixpkgs": [

     

       636
       -
                 "fontix",

     

       637
        
                 "nixpkgs"

     

       638
        
               ]

     

       639
        
             },

     

       640
        
             "locked": {

     

       641
       -
               "lastModified": 1754174776,

     

       642
       -
               "narHash": "sha256-Sp3FRM6xNwNtGzYH/HByjzJYHSQvwsW+lDMMZNF43PQ=",

     

       643
        
               "owner": "nix-community",

     

       644
        
               "repo": "home-manager",

     

       645
       -
               "rev": "e6e2f43a62b7dbc8aa8b1adb7101b0d8b9395445",

     

       646
        
               "type": "github"

     

       647
        
             },

     

       648
        
             "original": {

     

       649
        
               "owner": "nix-community",

     

       650
       -
               "ref": "master",

     

       651
        
               "repo": "home-manager",

     

       652
        
               "type": "github"

     

       653
        
             }

     
···

       655
        
           "home-manager_3": {

     

       656
        
             "inputs": {

     

       657
        
               "nixpkgs": [

     

       0
        
       
     

       658
        
                 "nixpkgs"

     

       659
        
               ]

     

       660
        
             },

     

       661
        
             "locked": {

     

       662
       -
               "lastModified": 1756261190,

     

       663
       -
               "narHash": "sha256-eiy0klFK5EVJLNilutR7grsZN/7Itj9DyD75eyOf83k=",

     

       664
        
               "owner": "nix-community",

     

       665
        
               "repo": "home-manager",

     

       666
       -
               "rev": "77f348da3176dc68b20a73dab94852a417daf361",

     

       667
        
               "type": "github"

     

       668
        
             },

     

       669
        
             "original": {

     
···

       676
        
           "home-manager_4": {

     

       677
        
             "inputs": {

     

       678
        
               "nixpkgs": [

     

       679
       -
                 "zen-browser",

     

       680
        
                 "nixpkgs"

     

       681
        
               ]

     

       682
        
             },

     

       683
        
             "locked": {

     

       684
       -
               "lastModified": 1752603129,

     

       685
       -
               "narHash": "sha256-S+wmHhwNQ5Ru689L2Gu8n1OD6s9eU9n9mD827JNR+kw=",

     

       686
        
               "owner": "nix-community",

     

       687
        
               "repo": "home-manager",

     

       688
       -
               "rev": "e8c19a3cec2814c754f031ab3ae7316b64da085b",

     

       689
        
               "type": "github"

     

       690
        
             },

     

       691
        
             "original": {

     

       692
        
               "owner": "nix-community",

     

       0
        
       
     

       693
        
               "repo": "home-manager",

     

       694
        
               "type": "github"

     

       695
        
             }

     
···

       724
        
               "lastModified": 1731402384,

     

       725
        
               "narHash": "sha256-OwUmrPfEehLDz0fl2ChYLK8FQM2p0G1+EMrGsYEq+6g=",

     

       726
        
               "type": "tarball",

     

       727
       -
               "url": "https://github.com/IBM/plex/releases/download/@ibm/plex-mono@1.1.0/ibm-plex-mono.zip"

     

       728
        
             },

     

       729
        
             "original": {

     

       730
        
               "type": "tarball",

     

       731
       -
               "url": "https://github.com/IBM/plex/releases/download/@ibm/plex-mono@1.1.0/ibm-plex-mono.zip"

     

       732
        
             }

     

       733
        
           },

     

       734
        
           "indigo": {

     
···

       760
        
               "url": "https://github.com/rsms/inter/releases/download/v4.1/Inter-4.1.zip"

     

       761
        
             }

     

       762
        
           },

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       763
        
           "lanzaboote": {

     

       764
        
             "inputs": {

     

       765
        
               "crane": "crane",

     
···

       769
        
                 "nixpkgs"

     

       770
        
               ],

     

       771
        
               "pre-commit-hooks-nix": "pre-commit-hooks-nix",

     

       772
       -
               "rust-overlay": "rust-overlay"

     

       773
        
             },

     

       774
        
             "locked": {

     

       775
        
               "lastModified": 1737639419,

     
···

       837
        
               "type": "github"

     

       838
        
             }

     

       839
        
           },

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       840
        
           "nixpkgs": {

     

       841
        
             "locked": {

     

       842
       -
               "lastModified": 1748162331,

     

       843
       -
               "narHash": "sha256-rqc2RKYTxP3tbjA+PB3VMRQNnjesrT0pEofXQTrMsS8=",

     

       844
        
               "owner": "NixOS",

     

       845
        
               "repo": "nixpkgs",

     

       846
       -
               "rev": "7c43f080a7f28b2774f3b3f43234ca11661bf334",

     

       847
        
               "type": "github"

     

       848
        
             },

     

       849
        
             "original": {

     

       850
       -
               "id": "nixpkgs",

     

       851
       -
               "ref": "nixos-25.05",

     

       852
       -
               "type": "indirect"

     

       0
        
       
     

       853
        
             }

     

       854
        
           },

     

       855
        
           "nixpkgs-lib": {

     

       856
        
             "locked": {

     

       857
       -
               "lastModified": 1753579242,

     

       858
       -
               "narHash": "sha256-zvaMGVn14/Zz8hnp4VWT9xVnhc8vuL3TStRqwk22biA=",

     

       859
        
               "owner": "nix-community",

     

       860
        
               "repo": "nixpkgs.lib",

     

       861
       -
               "rev": "0f36c44e01a6129be94e3ade315a5883f0228a6e",

     

       862
        
               "type": "github"

     

       863
        
             },

     

       864
        
             "original": {

     
···

       898
        
               "type": "github"

     

       899
        
             }

     

       900
        
           },

     

       901
       -
           "nixpkgs-unstable": {

     

       902
        
             "locked": {

     

       903
       -
               "lastModified": 1756381814,

     

       904
       -
               "narHash": "sha256-tzo7YvAsGlzo4WiIHT0ooR59VHu+aKRQdHk7sIyoia4=",

     

       905
        
               "owner": "NixOS",

     

       906
        
               "repo": "nixpkgs",

     

       907
       -
               "rev": "aca2499b79170038df0dbaec8bf2f689b506ad32",

     

       908
        
               "type": "github"

     

       909
        
             },

     

       910
        
             "original": {

     

       911
       -
               "owner": "NixOS",

     

       912
       -
               "ref": "nixpkgs-unstable",

     

       913
       -
               "repo": "nixpkgs",

     

       914
       -
               "type": "github"

     

       915
        
             }

     

       916
        
           },

     

       917
       -
           "nixpkgs_2": {

     

       918
        
             "locked": {

     

       919
        
               "lastModified": 1740126099,

     

       920
        
               "narHash": "sha256-ozoOtE2hGsqh4XkTJFsrTkNxkRgShxpQxDynaPZUGxk=",

     
···

       930
        
               "type": "github"

     

       931
        
             }

     

       932
        
           },

     

       933
       -
           "nixpkgs_3": {

     

       934
        
             "locked": {

     

       935
       -
               "lastModified": 1756266583,

     

       936
       -
               "narHash": "sha256-cr748nSmpfvnhqSXPiCfUPxRz2FJnvf/RjJGvFfaCsM=",

     

       937
        
               "owner": "NixOS",

     

       938
        
               "repo": "nixpkgs",

     

       939
       -
               "rev": "8a6d5427d99ec71c64f0b93d45778c889005d9c2",

     

       940
        
               "type": "github"

     

       941
        
             },

     

       942
        
             "original": {

     
···

       946
        
               "type": "github"

     

       947
        
             }

     

       948
        
           },

     

       949
       -
           "nixpkgs_4": {

     

       950
        
             "locked": {

     

       951
       -
               "lastModified": 1756266583,

     

       952
       -
               "narHash": "sha256-cr748nSmpfvnhqSXPiCfUPxRz2FJnvf/RjJGvFfaCsM=",

     

       953
        
               "owner": "nixos",

     

       954
        
               "repo": "nixpkgs",

     

       955
       -
               "rev": "8a6d5427d99ec71c64f0b93d45778c889005d9c2",

     

       956
        
               "type": "github"

     

       957
        
             },

     

       958
        
             "original": {

     
···

       965
        
           "nur": {

     

       966
        
             "inputs": {

     

       967
        
               "flake-parts": "flake-parts_6",

     

       968
       -
               "nixpkgs": "nixpkgs_4"

     

       969
        
             },

     

       970
        
             "locked": {

     

       971
       -
               "lastModified": 1756438231,

     

       972
       -
               "narHash": "sha256-ygHQWiCuNWjHky4+0+CNOmcyvOZHgX9a/UgaXp8JEpU=",

     

       973
        
               "owner": "nix-community",

     

       974
        
               "repo": "NUR",

     

       975
       -
               "rev": "8df9a54900dfd3573d77845ede54bc1414226511",

     

       976
        
               "type": "github"

     

       977
        
             },

     

       978
        
             "original": {

     
···

       1012
        
             "inputs": {

     

       1013
        
               "actions-nix": "actions-nix",

     

       1014
        
               "agenix": "agenix",

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       1015
        
               "copyparty": "copyparty",

     

       1016
        
               "disko": "disko",

     

       1017
        
               "files": "files",

     

       1018
       -
               "firefox-onebar": "firefox-onebar",

     

       1019
        
               "flake-parts": "flake-parts_2",

     

       1020
        
               "fontix": "fontix",

     

       1021
        
               "git-hooks-nix": "git-hooks-nix_2",

     

       1022
       -
               "home-manager": "home-manager_3",

     

       1023
        
               "lanzaboote": "lanzaboote",

     

       1024
        
               "nix-flatpak": "nix-flatpak",

     

       1025
       -
               "nixpkgs": "nixpkgs_3",

     

       1026
       -
               "nixpkgs-unstable": "nixpkgs-unstable",

     

       1027
        
               "nur": "nur",

     

       1028
        
               "secrets": "secrets",

     

       1029
        
               "tangled-core": "tangled-core",

     

       1030
       -
               "zen-browser": "zen-browser"

     

       1031
        
             }

     

       1032
        
           },

     

       1033
        
           "rust-overlay": {

     

       1034
        
             "inputs": {

     

       1035
        
               "nixpkgs": [

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       1036
        
                 "lanzaboote",

     

       1037
        
                 "nixpkgs"

     

       1038
        
               ]

     
···

       1054
        
           "secrets": {

     

       1055
        
             "flake": false,

     

       1056
        
             "locked": {

     

       1057
       -
               "lastModified": 1756518813,

     

       1058
       -
               "narHash": "sha256-tuhglLbJSQzfWeOYYMnbx4XhwFQp8cF1GdtmznPiKTQ=",

     

       1059
        
               "owner": "ayla6",

     

       1060
        
               "repo": "secrets",

     

       1061
       -
               "rev": "646cbc68c306569c502e78a31be22e6c2919b5ae",

     

       1062
        
               "type": "github"

     

       1063
        
             },

     

       1064
        
             "original": {

     
···

       1112
        
           },

     

       1113
        
           "tangled-core": {

     

       1114
        
             "inputs": {

     

       0
        
       
     

       1115
        
               "gomod2nix": "gomod2nix",

     

       1116
        
               "htmx-src": "htmx-src",

     

       1117
        
               "htmx-ws-src": "htmx-ws-src",

     
···

       1125
        
               "sqlite-lib-src": "sqlite-lib-src"

     

       1126
        
             },

     

       1127
        
             "locked": {

     

       1128
       -
               "lastModified": 1756414897,

     

       1129
       -
               "narHash": "sha256-rHqfIHS64zWS9F0e4QGO9WEQVrx93JeicS1wzHu+izY=",

     

       1130
        
               "ref": "refs/heads/master",

     

       1131
       -
               "rev": "07b009bd6b986875352905b395e672b53cdf945e",

     

       1132
       -
               "revCount": 1272,

     

       1133
        
               "type": "git",

     

       1134
        
               "url": "https://tangled.sh/@tangled.sh/core"

     

       1135
        
             },

     
···

       1138
        
               "url": "https://tangled.sh/@tangled.sh/core"

     

       1139
        
             }

     

       1140
        
           },

     

       1141
       -
           "treefmt-nix": {

     

       1142
        
             "inputs": {

     

       1143
        
               "nixpkgs": [

     

       1144
       -
                 "fontix",

     

       1145
        
                 "nixpkgs"

     

       1146
        
               ]

     

       1147
        
             },

     

       1148
        
             "locked": {

     

       1149
       -
               "lastModified": 1754061284,

     

       1150
       -
               "narHash": "sha256-ONcNxdSiPyJ9qavMPJYAXDNBzYobHRxw0WbT38lKbwU=",

     

       1151
       -
               "owner": "numtide",

     

       1152
       -
               "repo": "treefmt-nix",

     

       1153
       -
               "rev": "58bd4da459f0a39e506847109a2a5cfceb837796",

     

       1154
        
               "type": "github"

     

       1155
        
             },

     

       1156
        
             "original": {

     

       1157
       -
               "owner": "numtide",

     

       1158
       -
               "repo": "treefmt-nix",

     

       1159
        
               "type": "github"

     

       1160
        
             }

     

       1161
        
           },

     

       1162
       -
           "zen-browser": {

     

       1163
        
             "inputs": {

     

       1164
       -
               "home-manager": "home-manager_4",

     

       1165
        
               "nixpkgs": [

     

       0
        
       
     

       1166
        
                 "nixpkgs"

     

       1167
        
               ]

     

       1168
        
             },

     

       1169
        
             "locked": {

     

       1170
       -
               "lastModified": 1756417617,

     

       1171
       -
               "narHash": "sha256-3xiEX9TvXfkEePL6rY1n6WpEEY0tBCxCTy3Evv6Oe+8=",

     

       1172
       -
               "owner": "0xc000022070",

     

       1173
       -
               "repo": "zen-browser-flake",

     

       1174
       -
               "rev": "fa97a393b3b7444d5d84f4cdd788d7c49d5dc60d",

     

       1175
        
               "type": "github"

     

       1176
        
             },

     

       1177
        
             "original": {

     

       1178
       -
               "owner": "0xc000022070",

     

       1179
       -
               "repo": "zen-browser-flake",

     

       1180
        
               "type": "github"

     

       1181
        
             }

     

       1182
        
           }

···

       28
        
             "inputs": {

     

       29
        
               "flake-parts": "flake-parts_3",

     

       30
        
               "git-hooks": "git-hooks",

     

       31
       +
               "nixpkgs": "nixpkgs_3"

     

       32
        
             },

     

       33
        
             "locked": {

     

       34
        
               "lastModified": 1753483837,

     
···

       54
        
               "systems": "systems"

     

       55
        
             },

     

       56
        
             "locked": {

     

       57
       +
               "lastModified": 1760836749,

     

       58
       +
               "narHash": "sha256-wyT7Pl6tMFbFrs8Lk/TlEs81N6L+VSybPfiIgzU8lbQ=",

     

       59
        
               "owner": "ryantm",

     

       60
        
               "repo": "agenix",

     

       61
       +
               "rev": "2f0f812f69f3eb4140157fe15e12739adf82e32a",

     

       62
        
               "type": "github"

     

       63
        
             },

     

       64
        
             "original": {

     
···

       67
        
               "type": "github"

     

       68
        
             }

     

       69
        
           },

     

       70
       +
           "atproto-basic-notifications": {

     

       71
       +
             "inputs": {

     

       72
       +
               "nixpkgs": [

     

       73
       +
                 "nixpkgs"

     

       74
       +
               ]

     

       75
       +
             },

     

       76
       +
             "locked": {

     

       77
       +
               "lastModified": 1757484495,

     

       78
       +
               "narHash": "sha256-G29d81P8wOCyXZuCyvPp8ed99ZUFFLVUVvuAdccIyFE=",

     

       79
       +
               "owner": "ayla6",

     

       80
       +
               "repo": "atproto-basic-notifications",

     

       81
       +
               "rev": "10657d1a1ddb9dc8ade8fa4eb9f2641b3b4d55f2",

     

       82
       +
               "type": "github"

     

       83
       +
             },

     

       84
       +
             "original": {

     

       85
       +
               "owner": "ayla6",

     

       86
       +
               "repo": "atproto-basic-notifications",

     

       87
       +
               "type": "github"

     

       88
       +
             }

     

       89
       +
           },

     

       90
       +
           "aylapkgs": {

     

       91
       +
             "inputs": {

     

       92
       +
               "nixpkgs": [

     

       93
       +
                 "nixpkgs"

     

       94
       +
               ]

     

       95
       +
             },

     

       96
       +
             "locked": {

     

       97
       +
               "lastModified": 1761266351,

     

       98
       +
               "narHash": "sha256-oiwTRHvdcXEB7ywt4pSUfxEeteCM24bx1InVdvygz1Q=",

     

       99
       +
               "owner": "ayla6",

     

       100
       +
               "repo": "pkgs",

     

       101
       +
               "rev": "49dc2b7b9c37be118c9675e9c80df8bc48558b52",

     

       102
       +
               "type": "github"

     

       103
       +
             },

     

       104
       +
             "original": {

     

       105
       +
               "owner": "ayla6",

     

       106
       +
               "repo": "pkgs",

     

       107
       +
               "type": "github"

     

       108
       +
             }

     

       109
       +
           },

     

       110
       +
           "chaotic": {

     

       111
       +
             "inputs": {

     

       112
       +
               "flake-schemas": "flake-schemas",

     

       113
       +
               "home-manager": "home-manager_2",

     

       114
       +
               "jovian": "jovian",

     

       115
       +
               "nixpkgs": "nixpkgs",

     

       116
       +
               "rust-overlay": "rust-overlay"

     

       117
       +
             },

     

       118
       +
             "locked": {

     

       119
       +
               "lastModified": 1761548673,

     

       120
       +
               "narHash": "sha256-/513FfwpfbeppPdGDbmLhgcctLqEHdx8Rs92jImKA3M=",

     

       121
       +
               "owner": "chaotic-cx",

     

       122
       +
               "repo": "nyx",

     

       123
       +
               "rev": "25ef687b6a0a13e9d39c3949e7de05873f5571a9",

     

       124
       +
               "type": "github"

     

       125
       +
             },

     

       126
       +
             "original": {

     

       127
       +
               "owner": "chaotic-cx",

     

       128
       +
               "ref": "nyxpkgs-unstable",

     

       129
       +
               "repo": "nyx",

     

       130
       +
               "type": "github"

     

       131
       +
             }

     

       132
       +
           },

     

       133
        
           "copyparty": {

     

       134
        
             "inputs": {

     

       135
        
               "flake-utils": "flake-utils",

     

       136
       +
               "nixpkgs": "nixpkgs_2"

     

       137
        
             },

     

       138
        
             "locked": {

     

       139
       +
               "lastModified": 1761517857,

     

       140
       +
               "narHash": "sha256-1xYv73nGA+Lm/hKRqjiUyuBzabaRwmeDxBCIMve5CWU=",

     

       141
        
               "owner": "9001",

     

       142
        
               "repo": "copyparty",

     

       143
       +
               "rev": "e9ab040ce8e72e299a3d8fbd109865b1e218eb57",

     

       144
        
               "type": "github"

     

       145
        
             },

     

       146
        
             "original": {

     
···

       193
        
               ]

     

       194
        
             },

     

       195
        
             "locked": {

     

       196
       +
               "lastModified": 1760701190,

     

       197
       +
               "narHash": "sha256-y7UhnWlER8r776JsySqsbTUh2Txf7K30smfHlqdaIQw=",

     

       198
        
               "owner": "nix-community",

     

       199
        
               "repo": "disko",

     

       200
       +
               "rev": "3a9450b26e69dcb6f8de6e2b07b3fc1c288d85f5",

     

       201
        
               "type": "github"

     

       202
        
             },

     

       203
        
             "original": {

     
···

       236
        
               "type": "github"

     

       237
        
             }

     

       238
        
           },

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       239
        
           "flake-compat": {

     

       240
        
             "flake": false,

     

       241
        
             "locked": {

     
···

       300
        
               "type": "github"

     

       301
        
             }

     

       302
        
           },

     

       303
       +
           "flake-compat_5": {

     

       304
       +
             "flake": false,

     

       305
       +
             "locked": {

     

       306
       +
               "lastModified": 1751685974,

     

       307
       +
               "narHash": "sha256-NKw96t+BgHIYzHUjkTK95FqYRVKB8DHpVhefWSz/kTw=",

     

       308
       +
               "rev": "549f2762aebeff29a2e5ece7a7dc0f955281a1d1",

     

       309
       +
               "type": "tarball",

     

       310
       +
               "url": "https://git.lix.systems/api/v1/repos/lix-project/flake-compat/archive/549f2762aebeff29a2e5ece7a7dc0f955281a1d1.tar.gz?rev=549f2762aebeff29a2e5ece7a7dc0f955281a1d1"

     

       311
       +
             },

     

       312
       +
             "original": {

     

       313
       +
               "type": "tarball",

     

       314
       +
               "url": "https://git.lix.systems/lix-project/flake-compat/archive/main.tar.gz"

     

       315
       +
             }

     

       316
       +
           },

     

       317
        
           "flake-parts": {

     

       318
        
             "inputs": {

     

       319
        
               "nixpkgs-lib": [

     
···

       340
        
               "nixpkgs-lib": "nixpkgs-lib"

     

       341
        
             },

     

       342
        
             "locked": {

     

       343
       +
               "lastModified": 1760948891,

     

       344
       +
               "narHash": "sha256-TmWcdiUUaWk8J4lpjzu4gCGxWY6/Ok7mOK4fIFfBuU4=",

     

       345
        
               "owner": "hercules-ci",

     

       346
        
               "repo": "flake-parts",

     

       347
       +
               "rev": "864599284fc7c0ba6357ed89ed5e2cd5040f0c04",

     

       348
        
               "type": "github"

     

       349
        
             },

     

       350
        
             "original": {

     
···

       435
        
               "type": "github"

     

       436
        
             }

     

       437
        
           },

     

       438
       +
           "flake-schemas": {

     

       439
       +
             "locked": {

     

       440
       +
               "lastModified": 1721999734,

     

       441
       +
               "narHash": "sha256-G5CxYeJVm4lcEtaO87LKzOsVnWeTcHGKbKxNamNWgOw=",

     

       442
       +
               "rev": "0a5c42297d870156d9c57d8f99e476b738dcd982",

     

       443
       +
               "revCount": 75,

     

       444
       +
               "type": "tarball",

     

       445
       +
               "url": "https://api.flakehub.com/f/pinned/DeterminateSystems/flake-schemas/0.1.5/0190ef2f-61e0-794b-ba14-e82f225e55e6/source.tar.gz"

     

       446
       +
             },

     

       447
       +
             "original": {

     

       448
       +
               "type": "tarball",

     

       449
       +
               "url": "https://flakehub.com/f/DeterminateSystems/flake-schemas/%3D0.1.5.tar.gz"

     

       450
       +
             }

     

       451
       +
           },

     

       452
        
           "flake-utils": {

     

       453
        
             "locked": {

     

       454
        
               "lastModified": 1678901627,

     
···

       488
        
               "files": "files_2",

     

       489
        
               "flake-parts": "flake-parts_4",

     

       490
        
               "git-hooks-nix": "git-hooks-nix",

     

       491
       +
               "home-manager": "home-manager_3",

     

       492
        
               "nix-darwin": "nix-darwin",

     

       493
        
               "nixpkgs": [

     

       494
        
                 "nixpkgs"

     
···

       565
        
               ]

     

       566
        
             },

     

       567
        
             "locked": {

     

       568
       +
               "lastModified": 1760663237,

     

       569
       +
               "narHash": "sha256-BflA6U4AM1bzuRMR8QqzPXqh8sWVCNDzOdsxXEguJIc=",

     

       570
        
               "owner": "cachix",

     

       571
        
               "repo": "git-hooks.nix",

     

       572
       +
               "rev": "ca5b894d3e3e151ffc1db040b6ce4dcc75d31c37",

     

       573
        
               "type": "github"

     

       574
        
             },

     

       575
        
             "original": {

     
···

       712
        
           "home-manager_2": {

     

       713
        
             "inputs": {

     

       714
        
               "nixpkgs": [

     

       715
       +
                 "chaotic",

     

       716
        
                 "nixpkgs"

     

       717
        
               ]

     

       718
        
             },

     

       719
        
             "locked": {

     

       720
       +
               "lastModified": 1761513701,

     

       721
       +
               "narHash": "sha256-w7qOcQb1FSMZASvWe01r99QqZ5LnHO0k3rgs5ryyig0=",

     

       722
        
               "owner": "nix-community",

     

       723
        
               "repo": "home-manager",

     

       724
       +
               "rev": "255b6a0ef2f488a2fad051361699cc67db57338c",

     

       725
        
               "type": "github"

     

       726
        
             },

     

       727
        
             "original": {

     

       728
        
               "owner": "nix-community",

     

       0
        
       
     

       729
        
               "repo": "home-manager",

     

       730
        
               "type": "github"

     

       731
        
             }

     
···

       733
        
           "home-manager_3": {

     

       734
        
             "inputs": {

     

       735
        
               "nixpkgs": [

     

       736
       +
                 "fontix",

     

       737
        
                 "nixpkgs"

     

       738
        
               ]

     

       739
        
             },

     

       740
        
             "locked": {

     

       741
       +
               "lastModified": 1754174776,

     

       742
       +
               "narHash": "sha256-Sp3FRM6xNwNtGzYH/HByjzJYHSQvwsW+lDMMZNF43PQ=",

     

       743
        
               "owner": "nix-community",

     

       744
        
               "repo": "home-manager",

     

       745
       +
               "rev": "e6e2f43a62b7dbc8aa8b1adb7101b0d8b9395445",

     

       746
        
               "type": "github"

     

       747
        
             },

     

       748
        
             "original": {

     
···

       755
        
           "home-manager_4": {

     

       756
        
             "inputs": {

     

       757
        
               "nixpkgs": [

     

       0
        
       
     

       758
        
                 "nixpkgs"

     

       759
        
               ]

     

       760
        
             },

     

       761
        
             "locked": {

     

       762
       +
               "lastModified": 1761584077,

     

       763
       +
               "narHash": "sha256-dISPEZahlfs5K6d58zR4akRRyogfE9P4WSyPPNT7HiE=",

     

       764
        
               "owner": "nix-community",

     

       765
        
               "repo": "home-manager",

     

       766
       +
               "rev": "e82585308aef3d4cc2c36c7b6946051c8cdf24ef",

     

       767
        
               "type": "github"

     

       768
        
             },

     

       769
        
             "original": {

     

       770
        
               "owner": "nix-community",

     

       771
       +
               "ref": "master",

     

       772
        
               "repo": "home-manager",

     

       773
        
               "type": "github"

     

       774
        
             }

     
···

       803
        
               "lastModified": 1731402384,

     

       804
        
               "narHash": "sha256-OwUmrPfEehLDz0fl2ChYLK8FQM2p0G1+EMrGsYEq+6g=",

     

       805
        
               "type": "tarball",

     

       806
       +
               "url": "https://github.com/IBM/plex/releases/download/@ibm%2Fplex-mono@1.1.0/ibm-plex-mono.zip"

     

       807
        
             },

     

       808
        
             "original": {

     

       809
        
               "type": "tarball",

     

       810
       +
               "url": "https://github.com/IBM/plex/releases/download/@ibm%2Fplex-mono@1.1.0/ibm-plex-mono.zip"

     

       811
        
             }

     

       812
        
           },

     

       813
        
           "indigo": {

     
···

       839
        
               "url": "https://github.com/rsms/inter/releases/download/v4.1/Inter-4.1.zip"

     

       840
        
             }

     

       841
        
           },

     

       842
       +
           "jovian": {

     

       843
       +
             "inputs": {

     

       844
       +
               "nix-github-actions": "nix-github-actions",

     

       845
       +
               "nixpkgs": [

     

       846
       +
                 "chaotic",

     

       847
       +
                 "nixpkgs"

     

       848
       +
               ]

     

       849
       +
             },

     

       850
       +
             "locked": {

     

       851
       +
               "lastModified": 1761376732,

     

       852
       +
               "narHash": "sha256-wavx9gROyuRZKSvPCCBh78gOur7o88ndRi545njNRrM=",

     

       853
       +
               "owner": "Jovian-Experiments",

     

       854
       +
               "repo": "Jovian-NixOS",

     

       855
       +
               "rev": "8bef482d65425d0cff6b20c11a5f054f85569a38",

     

       856
       +
               "type": "github"

     

       857
       +
             },

     

       858
       +
             "original": {

     

       859
       +
               "owner": "Jovian-Experiments",

     

       860
       +
               "repo": "Jovian-NixOS",

     

       861
       +
               "type": "github"

     

       862
       +
             }

     

       863
       +
           },

     

       864
        
           "lanzaboote": {

     

       865
        
             "inputs": {

     

       866
        
               "crane": "crane",

     
···

       870
        
                 "nixpkgs"

     

       871
        
               ],

     

       872
        
               "pre-commit-hooks-nix": "pre-commit-hooks-nix",

     

       873
       +
               "rust-overlay": "rust-overlay_2"

     

       874
        
             },

     

       875
        
             "locked": {

     

       876
        
               "lastModified": 1737639419,

     
···

       938
        
               "type": "github"

     

       939
        
             }

     

       940
        
           },

     

       941
       +
           "nix-github-actions": {

     

       942
       +
             "inputs": {

     

       943
       +
               "nixpkgs": [

     

       944
       +
                 "chaotic",

     

       945
       +
                 "jovian",

     

       946
       +
                 "nixpkgs"

     

       947
       +
               ]

     

       948
       +
             },

     

       949
       +
             "locked": {

     

       950
       +
               "lastModified": 1729697500,

     

       951
       +
               "narHash": "sha256-VFTWrbzDlZyFHHb1AlKRiD/qqCJIripXKiCSFS8fAOY=",

     

       952
       +
               "owner": "zhaofengli",

     

       953
       +
               "repo": "nix-github-actions",

     

       954
       +
               "rev": "e418aeb728b6aa5ca8c5c71974e7159c2df1d8cf",

     

       955
       +
               "type": "github"

     

       956
       +
             },

     

       957
       +
             "original": {

     

       958
       +
               "owner": "zhaofengli",

     

       959
       +
               "ref": "matrix-name",

     

       960
       +
               "repo": "nix-github-actions",

     

       961
       +
               "type": "github"

     

       962
       +
             }

     

       963
       +
           },

     

       964
        
           "nixpkgs": {

     

       965
        
             "locked": {

     

       966
       +
               "lastModified": 1761373498,

     

       967
       +
               "narHash": "sha256-Q/uhWNvd7V7k1H1ZPMy/vkx3F8C13ZcdrKjO7Jv7v0c=",

     

       968
        
               "owner": "NixOS",

     

       969
        
               "repo": "nixpkgs",

     

       970
       +
               "rev": "6a08e6bb4e46ff7fcbb53d409b253f6bad8a28ce",

     

       971
        
               "type": "github"

     

       972
        
             },

     

       973
        
             "original": {

     

       974
       +
               "owner": "NixOS",

     

       975
       +
               "ref": "nixos-unstable",

     

       976
       +
               "repo": "nixpkgs",

     

       977
       +
               "type": "github"

     

       978
        
             }

     

       979
        
           },

     

       980
        
           "nixpkgs-lib": {

     

       981
        
             "locked": {

     

       982
       +
               "lastModified": 1754788789,

     

       983
       +
               "narHash": "sha256-x2rJ+Ovzq0sCMpgfgGaaqgBSwY+LST+WbZ6TytnT9Rk=",

     

       984
        
               "owner": "nix-community",

     

       985
        
               "repo": "nixpkgs.lib",

     

       986
       +
               "rev": "a73b9c743612e4244d865a2fdee11865283c04e6",

     

       987
        
               "type": "github"

     

       988
        
             },

     

       989
        
             "original": {

     
···

       1023
        
               "type": "github"

     

       1024
        
             }

     

       1025
        
           },

     

       1026
       +
           "nixpkgs_2": {

     

       1027
        
             "locked": {

     

       1028
       +
               "lastModified": 1748162331,

     

       1029
       +
               "narHash": "sha256-rqc2RKYTxP3tbjA+PB3VMRQNnjesrT0pEofXQTrMsS8=",

     

       1030
        
               "owner": "NixOS",

     

       1031
        
               "repo": "nixpkgs",

     

       1032
       +
               "rev": "7c43f080a7f28b2774f3b3f43234ca11661bf334",

     

       1033
        
               "type": "github"

     

       1034
        
             },

     

       1035
        
             "original": {

     

       1036
       +
               "id": "nixpkgs",

     

       1037
       +
               "ref": "nixos-25.05",

     

       1038
       +
               "type": "indirect"

     

       0
        
       
     

       1039
        
             }

     

       1040
        
           },

     

       1041
       +
           "nixpkgs_3": {

     

       1042
        
             "locked": {

     

       1043
        
               "lastModified": 1740126099,

     

       1044
        
               "narHash": "sha256-ozoOtE2hGsqh4XkTJFsrTkNxkRgShxpQxDynaPZUGxk=",

     
···

       1054
        
               "type": "github"

     

       1055
        
             }

     

       1056
        
           },

     

       1057
       +
           "nixpkgs_4": {

     

       1058
        
             "locked": {

     

       1059
       +
               "lastModified": 1761373498,

     

       1060
       +
               "narHash": "sha256-Q/uhWNvd7V7k1H1ZPMy/vkx3F8C13ZcdrKjO7Jv7v0c=",

     

       1061
        
               "owner": "NixOS",

     

       1062
        
               "repo": "nixpkgs",

     

       1063
       +
               "rev": "6a08e6bb4e46ff7fcbb53d409b253f6bad8a28ce",

     

       1064
        
               "type": "github"

     

       1065
        
             },

     

       1066
        
             "original": {

     
···

       1070
        
               "type": "github"

     

       1071
        
             }

     

       1072
        
           },

     

       1073
       +
           "nixpkgs_5": {

     

       1074
        
             "locked": {

     

       1075
       +
               "lastModified": 1761373498,

     

       1076
       +
               "narHash": "sha256-Q/uhWNvd7V7k1H1ZPMy/vkx3F8C13ZcdrKjO7Jv7v0c=",

     

       1077
        
               "owner": "nixos",

     

       1078
        
               "repo": "nixpkgs",

     

       1079
       +
               "rev": "6a08e6bb4e46ff7fcbb53d409b253f6bad8a28ce",

     

       1080
        
               "type": "github"

     

       1081
        
             },

     

       1082
        
             "original": {

     
···

       1089
        
           "nur": {

     

       1090
        
             "inputs": {

     

       1091
        
               "flake-parts": "flake-parts_6",

     

       1092
       +
               "nixpkgs": "nixpkgs_5"

     

       1093
        
             },

     

       1094
        
             "locked": {

     

       1095
       +
               "lastModified": 1761614117,

     

       1096
       +
               "narHash": "sha256-E2o2Ztrp9oK+ftcfyBCqDAB/DivvPwngzob37oIUkew=",

     

       1097
        
               "owner": "nix-community",

     

       1098
        
               "repo": "NUR",

     

       1099
       +
               "rev": "1a19c6942bc8f113090d21b6d017a728cb265e5a",

     

       1100
        
               "type": "github"

     

       1101
        
             },

     

       1102
        
             "original": {

     
···

       1136
        
             "inputs": {

     

       1137
        
               "actions-nix": "actions-nix",

     

       1138
        
               "agenix": "agenix",

     

       1139
       +
               "atproto-basic-notifications": "atproto-basic-notifications",

     

       1140
       +
               "aylapkgs": "aylapkgs",

     

       1141
       +
               "chaotic": "chaotic",

     

       1142
        
               "copyparty": "copyparty",

     

       1143
        
               "disko": "disko",

     

       1144
        
               "files": "files",

     

       0
        
       
     

       1145
        
               "flake-parts": "flake-parts_2",

     

       1146
        
               "fontix": "fontix",

     

       1147
        
               "git-hooks-nix": "git-hooks-nix_2",

     

       1148
       +
               "home-manager": "home-manager_4",

     

       1149
        
               "lanzaboote": "lanzaboote",

     

       1150
        
               "nix-flatpak": "nix-flatpak",

     

       1151
       +
               "nixpkgs": "nixpkgs_4",

     

       0
        
       
     

       1152
        
               "nur": "nur",

     

       1153
        
               "secrets": "secrets",

     

       1154
        
               "tangled-core": "tangled-core",

     

       1155
       +
               "tgirlpkgs": "tgirlpkgs"

     

       1156
        
             }

     

       1157
        
           },

     

       1158
        
           "rust-overlay": {

     

       1159
        
             "inputs": {

     

       1160
        
               "nixpkgs": [

     

       1161
       +
                 "chaotic",

     

       1162
       +
                 "nixpkgs"

     

       1163
       +
               ]

     

       1164
       +
             },

     

       1165
       +
             "locked": {

     

       1166
       +
               "lastModified": 1761446259,

     

       1167
       +
               "narHash": "sha256-JNNOtIIVIX+yBIsh1rq1Nxhc1LZq168vuQB5sqrZbCY=",

     

       1168
       +
               "owner": "oxalica",

     

       1169
       +
               "repo": "rust-overlay",

     

       1170
       +
               "rev": "95098bb4d55ebe167c082fc40705a73ef76b58e4",

     

       1171
       +
               "type": "github"

     

       1172
       +
             },

     

       1173
       +
             "original": {

     

       1174
       +
               "owner": "oxalica",

     

       1175
       +
               "repo": "rust-overlay",

     

       1176
       +
               "type": "github"

     

       1177
       +
             }

     

       1178
       +
           },

     

       1179
       +
           "rust-overlay_2": {

     

       1180
       +
             "inputs": {

     

       1181
       +
               "nixpkgs": [

     

       1182
        
                 "lanzaboote",

     

       1183
        
                 "nixpkgs"

     

       1184
        
               ]

     
···

       1200
        
           "secrets": {

     

       1201
        
             "flake": false,

     

       1202
        
             "locked": {

     

       1203
       +
               "lastModified": 1760740637,

     

       1204
       +
               "narHash": "sha256-ZMBSooid+ECg63h+tYYbAXaS/rTZlcVuUNxCEmtoL1Y=",

     

       1205
        
               "owner": "ayla6",

     

       1206
        
               "repo": "secrets",

     

       1207
       +
               "rev": "909f53bbd69b1a44f1c99b2d759e7b47191f5a5d",

     

       1208
        
               "type": "github"

     

       1209
        
             },

     

       1210
        
             "original": {

     
···

       1258
        
           },

     

       1259
        
           "tangled-core": {

     

       1260
        
             "inputs": {

     

       1261
       +
               "flake-compat": "flake-compat_5",

     

       1262
        
               "gomod2nix": "gomod2nix",

     

       1263
        
               "htmx-src": "htmx-src",

     

       1264
        
               "htmx-ws-src": "htmx-ws-src",

     
···

       1272
        
               "sqlite-lib-src": "sqlite-lib-src"

     

       1273
        
             },

     

       1274
        
             "locked": {

     

       1275
       +
               "lastModified": 1761563708,

     

       1276
       +
               "narHash": "sha256-Q74UiisPJpqr3808Jp2Qbl/uEDxSoj2tIJQ5MLFoWx0=",

     

       1277
        
               "ref": "refs/heads/master",

     

       1278
       +
               "rev": "bfdcfc5f77733c782f289091de53bb1b315f84be",

     

       1279
       +
               "revCount": 1555,

     

       1280
        
               "type": "git",

     

       1281
        
               "url": "https://tangled.sh/@tangled.sh/core"

     

       1282
        
             },

     
···

       1285
        
               "url": "https://tangled.sh/@tangled.sh/core"

     

       1286
        
             }

     

       1287
        
           },

     

       1288
       +
           "tgirlpkgs": {

     

       1289
        
             "inputs": {

     

       1290
        
               "nixpkgs": [

     

       0
        
       
     

       1291
        
                 "nixpkgs"

     

       1292
        
               ]

     

       1293
        
             },

     

       1294
        
             "locked": {

     

       1295
       +
               "lastModified": 1761612240,

     

       1296
       +
               "narHash": "sha256-EFwi77fxHVgh2HzbV4IfxrM4ZfGp0tnDjsNOFHK/fls=",

     

       1297
       +
               "owner": "tgirlcloud",

     

       1298
       +
               "repo": "pkgs",

     

       1299
       +
               "rev": "c8ba164e52c05487d4a1d1003b21b179f858e0fd",

     

       1300
        
               "type": "github"

     

       1301
        
             },

     

       1302
        
             "original": {

     

       1303
       +
               "owner": "tgirlcloud",

     

       1304
       +
               "repo": "pkgs",

     

       1305
        
               "type": "github"

     

       1306
        
             }

     

       1307
        
           },

     

       1308
       +
           "treefmt-nix": {

     

       1309
        
             "inputs": {

     

       0
        
       
     

       1310
        
               "nixpkgs": [

     

       1311
       +
                 "fontix",

     

       1312
        
                 "nixpkgs"

     

       1313
        
               ]

     

       1314
        
             },

     

       1315
        
             "locked": {

     

       1316
       +
               "lastModified": 1754061284,

     

       1317
       +
               "narHash": "sha256-ONcNxdSiPyJ9qavMPJYAXDNBzYobHRxw0WbT38lKbwU=",

     

       1318
       +
               "owner": "numtide",

     

       1319
       +
               "repo": "treefmt-nix",

     

       1320
       +
               "rev": "58bd4da459f0a39e506847109a2a5cfceb837796",

     

       1321
        
               "type": "github"

     

       1322
        
             },

     

       1323
        
             "original": {

     

       1324
       +
               "owner": "numtide",

     

       1325
       +
               "repo": "treefmt-nix",

     

       1326
        
               "type": "github"

     

       1327
        
             }

     

       1328
        
           }

+19 -8

flake.nix

···

       1
        
       {

     

       2
       -
         description = "Aly's NixOS flake with flake-parts";

     

       3
        
       

     

       4
        
         inputs = {

     

       5
        
           nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable";

     

       6
       -
           nixpkgs-unstable.url = "github:NixOS/nixpkgs/nixpkgs-unstable";

     

       7
        
       

     

       8
        
           actions-nix = {

     

       9
        
             url = "github:alyraffauf/actions.nix";

     
···

       18
        
             url = "github:ryantm/agenix";

     

       19
        
             inputs.nixpkgs.follows = "nixpkgs";

     

       20
        
           };

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       21
        
       

     

       22
        
           copyparty.url = "github:9001/copyparty";

     

       23
        
       

     
···

       59
        
             inputs.nixpkgs.follows = "nixpkgs";

     

       60
        
           };

     

       61
        
       

     

       62
       -
           zen-browser = {

     

       63
       -
             url = "github:0xc000022070/zen-browser-flake";

     

       64
        
             inputs.nixpkgs.follows = "nixpkgs";

     

       65
        
           };

     

       66
        
       

     

       67
       -
           firefox-onebar = {

     

       68
       -
             url = "https://git.gay/freeplay/Firefox-Onebar/raw/branch/waf/onebar.css";

     

       69
       -
             flake = false;

     

       70
       -
           };

     

       71
        
       

     

       72
        
           secrets = {

     

       73
        
             url = "github:ayla6/secrets";

···

       1
        
       {

     

       2
       +
         description = "ayla's nix config";

     

       3
        
       

     

       4
        
         inputs = {

     

       5
        
           nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable";

     

       0
        
       
     

       6
        
       

     

       7
        
           actions-nix = {

     

       8
        
             url = "github:alyraffauf/actions.nix";

     
···

       17
        
             url = "github:ryantm/agenix";

     

       18
        
             inputs.nixpkgs.follows = "nixpkgs";

     

       19
        
           };

     

       20
       +
       

     

       21
       +
           atproto-basic-notifications = {

     

       22
       +
             url = "github:ayla6/atproto-basic-notifications";

     

       23
       +
             inputs.nixpkgs.follows = "nixpkgs";

     

       24
       +
           };

     

       25
       +
       

     

       26
       +
           aylapkgs = {

     

       27
       +
             url = "github:ayla6/pkgs";

     

       28
       +
             inputs.nixpkgs.follows = "nixpkgs";

     

       29
       +
           };

     

       30
       +
       

     

       31
       +
           chaotic.url = "github:chaotic-cx/nyx/nyxpkgs-unstable";

     

       32
        
       

     

       33
        
           copyparty.url = "github:9001/copyparty";

     

       34
        
       

     
···

       70
        
             inputs.nixpkgs.follows = "nixpkgs";

     

       71
        
           };

     

       72
        
       

     

       73
       +
           tgirlpkgs = {

     

       74
       +
             url = "github:tgirlcloud/pkgs";

     

       75
        
             inputs.nixpkgs.follows = "nixpkgs";

     

       76
        
           };

     

       77
        
       

     

       78
       +
           #firefox-onebar = {

     

       79
       +
           #  url = "https://git.gay/freeplay/Firefox-Onebar/raw/branch/waf/onebar.css";

     

       80
       +
           #  flake = false;

     

       81
       +
           #};

     

       82
        
       

     

       83
        
           secrets = {

     

       84
        
             url = "github:ayla6/secrets";

+21 -29

homes/ayla/default.nix

···

       19
        
                 ffmpeg-full

     

       20
        
                 love

     

       21
        
                 luajit

     

       22
       -
                 nodejs

     

       23
       -
                 pnpm

     

       24
        
                 typescript

     

       25
        
       

     

       26
        
                 # applications

     

       27
        
                 aseprite

     

       28
        
                 rclone

     

       29
       -
                 rclone-browser

     

       0
        
       
     

       0
        
       
     

       30
        
                 yt-dlp

     

       0
        
       
     

       31
        
               ];

     

       32
        
       

     

       33
        
               username = "ayla";

     
···

       39
        
       

     

       40
        
             myHome = {

     

       41
        
               programs = {

     

       42
       -
                 chromium.enable = true;

     

       43
        
                 fastfetch.enable = true;

     

       44
        
                 firefox = {

     

       45
        
                   enable = true;

     
···

       47
        
                 };

     

       48
        
                 git.enable = true;

     

       49
        
                 helix.enable = true;

     

       0
        
       
     

       50
        
                 micro.enable = true;

     

       51
        
                 mpv.enable = true;

     

       52
        
                 ssh.enable = true;

     

       53
        
                 zed-editor.enable = true;

     

       54
       -
                 zen-browser.enable = false;

     

       55
        
               };

     

       56
        
       

     

       57
        
               profiles = {

     

       58
        
                 betterLocations.enable = true;

     

       59
        
                 shell.enable = true;

     

       0
        
       
     

       60
        
                 defaultApps = {

     

       61
        
                   enable = true;

     

       62
        
                   forceMimeAssociations = true;

     

       63
       -
                   archiveViewer.package = pkgs.file-roller;

     

       64
       -
                   audioPlayer.package = config.programs.mpv.finalPackage;

     

       65
       -
                   videoPlayer.package = config.programs.mpv.finalPackage;

     

       66
       -
                   editor.package = pkgs.gnome-text-editor;

     

       67
       -
                   fileManager.package = pkgs.nautilus;

     

       68
       -
                   imageViewer.package = pkgs.loupe;

     

       69
       -
                   pdfViewer.package = pkgs.papers;

     

       70
       -
                   #terminal.package = pkgs.ptyxis;

     

       71
        
                   terminalEditor.package = config.programs.helix.package;

     

       72
       -
                   webBrowser.package = config.programs.firefox.finalPackage;

     

       73
       -
                   #webBrowser = {

     

       74
       -
                   #  exec = lib.getExe config.programs.zen-browser.finalPackage;

     

       75
       -
                   #  package = config.programs.zen-browser.finalPackage;

     

       76
       -
                   #};

     

       77
        
                 };

     

       78
        
               };

     

       79
       -
       

     

       80
       -
               services = {

     

       81
       -
                 aria2.enable = true;

     

       82
       -
               };

     

       83
        
             };

     

       84
        
       

     

       85
        
             fontix = {

     
···

       139
        
             };

     

       140
        
       

     

       141
        
             myHome = {

     

       142
       -
               desktop = {

     

       143
       -
                 gnome.enable = true;

     

       144
       -
               };

     

       145
        
       

     

       146
        
               programs = {

     

       147
        
                 lutris.enable = true;

     
···

       157
        
                 "org.inkscape.Inkscape"

     

       158
        
                 "org.kde.kdenlive"

     

       159
        
                 "org.kde.krita"

     

       0
        
       
     

       160
        
       

     

       161
        
                 # gaming

     

       162
        
                 "com.github.Anuken.Mindustry"

     
···

       174
        
                 "org.atheme.audacious"

     

       175
        
                 "org.freac.freac"

     

       176
        
                 "org.musicbrainz.Picard"

     

       177
       -
                 "org.tenacityaudio.Tenacity"

     

       178
        
       

     

       179
        
                 # productivity

     

       180
        
                 "com.calibre_ebook.calibre"

     

       181
       -
                 "md.obsidian.Obsidian"

     

       182
        
                 "net.ankiweb.Anki"

     

       183
        
       

     

       184
        
                 # social (basically useless but)

     

       185
        
                 "im.dino.Dino"

     

       186
       -
                 "de.schmidhuberj.Flare"

     

       187
        
                 "org.gnome.Fractal"

     

       188
        
                 "org.squidowl.halloy"

     

       189
        
       

     

       190
        
                 # utilities

     

       191
       -
                 "com.bitwarden.desktop"

     

       192
        
                 "com.github.tchx84.Flatseal"

     

       193
        
                 "org.keepassxc.KeePassXC"

     

       194
        
               ];

···

       19
        
                 ffmpeg-full

     

       20
        
                 love

     

       21
        
                 luajit

     

       22
       +
                 #nodejs

     

       23
       +
                 bun

     

       24
        
                 typescript

     

       25
        
       

     

       26
        
                 # applications

     

       27
        
                 aseprite

     

       28
        
                 rclone

     

       29
       +
                 #rclone-browser

     

       30
       +
                 signal-desktop-bin

     

       31
       +
                 bitwarden-desktop

     

       32
        
                 yt-dlp

     

       33
       +
                 obsidian

     

       34
        
               ];

     

       35
        
       

     

       36
        
               username = "ayla";

     
···

       42
        
       

     

       43
        
             myHome = {

     

       44
        
               programs = {

     

       45
       +
                 helium.enable = true;

     

       46
        
                 fastfetch.enable = true;

     

       47
        
                 firefox = {

     

       48
        
                   enable = true;

     
···

       50
        
                 };

     

       51
        
                 git.enable = true;

     

       52
        
                 helix.enable = true;

     

       53
       +
                 jujutsu.enable = true;

     

       54
        
                 micro.enable = true;

     

       55
        
                 mpv.enable = true;

     

       56
        
                 ssh.enable = true;

     

       57
        
                 zed-editor.enable = true;

     

       0
        
       
     

       58
        
               };

     

       59
        
       

     

       60
        
               profiles = {

     

       61
        
                 betterLocations.enable = true;

     

       62
        
                 shell.enable = true;

     

       63
       +
                 fixMimeTypes.enable = true;

     

       64
        
                 defaultApps = {

     

       65
        
                   enable = true;

     

       66
        
                   forceMimeAssociations = true;

     

       67
       +
                   editor = {

     

       68
       +
                     package = config.programs.helix.package;

     

       69
       +
                     terminal = true;

     

       70
       +
                     icon = "helix";

     

       71
       +
                   };

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       72
        
                   terminalEditor.package = config.programs.helix.package;

     

       73
       +
                   webBrowser = {

     

       74
       +
                     package = config.programs.helium.package;

     

       75
       +
                     icon = "helium";

     

       76
       +
                   };

     

       0
        
       
     

       77
        
                 };

     

       78
        
               };

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       79
        
             };

     

       80
        
       

     

       81
        
             fontix = {

     
···

       135
        
             };

     

       136
        
       

     

       137
        
             myHome = {

     

       138
       +
               desktop.gnome.enable = true;

     

       0
        
       
     

       0
        
       
     

       139
        
       

     

       140
        
               programs = {

     

       141
        
                 lutris.enable = true;

     
···

       151
        
                 "org.inkscape.Inkscape"

     

       152
        
                 "org.kde.kdenlive"

     

       153
        
                 "org.kde.krita"

     

       154
       +
                 "com.obsproject.Studio"

     

       155
        
       

     

       156
        
                 # gaming

     

       157
        
                 "com.github.Anuken.Mindustry"

     
···

       169
        
                 "org.atheme.audacious"

     

       170
        
                 "org.freac.freac"

     

       171
        
                 "org.musicbrainz.Picard"

     

       172
       +
                 "org.audacityteam.Audacity"

     

       173
        
       

     

       174
        
                 # productivity

     

       175
        
                 "com.calibre_ebook.calibre"

     

       0
        
       
     

       176
        
                 "net.ankiweb.Anki"

     

       177
        
       

     

       178
        
                 # social (basically useless but)

     

       179
        
                 "im.dino.Dino"

     

       0
        
       
     

       180
        
                 "org.gnome.Fractal"

     

       181
        
                 "org.squidowl.halloy"

     

       182
        
       

     

       183
        
                 # utilities

     

       0
        
       
     

       184
        
                 "com.github.tchx84.Flatseal"

     

       185
        
                 "org.keepassxc.KeePassXC"

     

       186
        
               ];

+1 -5

hosts/jezebel/default.nix

···

       31
        
             server.enable = true;

     

       32
        
             backups.enable = true;

     

       33
        
             vps.enable = true;

     

       34
       -
             autoUpgrade = {

     

       35
       -
               enable = true;

     

       36
       -
               operation = "switch";

     

       37
       -
             };

     

       38
        
             swap = {

     

       39
        
               enable = true;

     

       40
        
               size = 2048;

     

       41
        
             };

     

       42
        
           };

     

       43
        
           services = {

     

       0
        
       
     

       44
        
             caddy.enable = true;

     

       45
        
             dnsmasq.enable = true;

     

       46
        
             tailscale = {

     

       47
        
               enable = true;

     

       48
        
               enableCaddy = true;

     

       49
        
             };

     

       50
       -
             tangled-knot.enable = true;

     

       51
        
             uptime-kuma.enable = true;

     

       52
        
           };

     

       53
        
         };

···

       31
        
             server.enable = true;

     

       32
        
             backups.enable = true;

     

       33
        
             vps.enable = true;

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       34
        
             swap = {

     

       35
        
               enable = true;

     

       36
        
               size = 2048;

     

       37
        
             };

     

       38
        
           };

     

       39
        
           services = {

     

       40
       +
             atproto-basic-notifications.enable = true;

     

       41
        
             caddy.enable = true;

     

       42
        
             dnsmasq.enable = true;

     

       43
        
             tailscale = {

     

       44
        
               enable = true;

     

       45
        
               enableCaddy = true;

     

       46
        
             };

     

       0
        
       
     

       47
        
             uptime-kuma.enable = true;

     

       48
        
           };

     

       49
        
         };

hosts/jezebel/secrets.nix

···

       4
        
           resticPassword.file = "${self.inputs.secrets}/restic-passwd.age";

     

       5
        
           rclone.file = "${self.inputs.secrets}/rclone.age";

     

       6
        
           ntfyAuto.file = "${self.inputs.secrets}/ntfyAuto.age";

     

       0
        
       
     

       7
        
         };

     

       8
        
       }

···

       4
        
           resticPassword.file = "${self.inputs.secrets}/restic-passwd.age";

     

       5
        
           rclone.file = "${self.inputs.secrets}/rclone.age";

     

       6
        
           ntfyAuto.file = "${self.inputs.secrets}/ntfyAuto.age";

     

       7
       +
           atp-notif.file = "${self.inputs.secrets}/atproto-notif.age";

     

       8
        
         };

     

       9
        
       }

+72 -11

hosts/morgana/default.nix

···

       1
        
       {

     

       2
        
         self,

     

       3
        
         config,

     

       0
        
       
     

       4
        
         ...

     

       5
        
       }: {

     

       6
        
         imports = [

     

       7
        
           ./home.nix

     

       8
        
           ./secrets.nix

     

       9
       -
           self.nixosModules.locale-en-gb

     

       10
        
         ];

     

       11
        
       

     

       12
        
         networking.hostName = "morgana";

     
···

       31
        
               snapshots = true;

     

       32
        
             };

     

       33
        
             tmpOnTmpfs.enable = true;

     

       34
       -
             swap = {

     

       35
       -
               enable = true;

     

       36
       -
               size = 8192;

     

       37
       -
               location = "/data/.swap";

     

       38
       -
             };

     

       39
        
       

     

       40
       -
             autoUpgrade = {

     

       41
        
               enable = true;

     

       42
       -
               allowReboot = false;

     

       43
       -
               operation = "switch";

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       44
        
             };

     

       45
        
           };

     

       46
        
           desktop.gnome.enable = true;

     

       47
        
           services = {

     

       0
        
       
     

       48
        
             dnsmasq = {

     

       49
        
               enable = true;

     

       50
        
               longCaches = false;

     
···

       55
        
               enableCaddy = false;

     

       56
        
               operator = "ayla";

     

       57
        
             };

     

       58
       -
             aria2.enable = true;

     

       59
        
             syncthing = {

     

       60
        
               enable = true;

     

       61
        
               certFile = config.age.secrets.syncthingCert.path;

     
···

       65
        
           };

     

       66
        
         };

     

       67
        
       

     

       0
        
       
     

       0
        
       
     

       68
        
         myUsers = {

     

       69
        
           ayla = {

     

       70
        
             enable = true;

     

       71
       -
             password = "REDACTED";

     

       72
        
           };

     

       73
        
         };

     

       74
        
       

     
···

       122
        
             device = "/dev/disk/by-uuid/e5cf35fa-55bc-499f-a39b-e844a442e0f0";

     

       123
        
             fsType = "btrfs";

     

       124
        
             options = ["subvol=@data" "compress=zstd" "noatime"];

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       125
        
           };

     

       126
        
         };

     

       127
        
       }

···

       1
        
       {

     

       2
        
         self,

     

       3
        
         config,

     

       4
       +
         lib,

     

       5
        
         ...

     

       6
        
       }: {

     

       7
        
         imports = [

     

       8
        
           ./home.nix

     

       9
        
           ./secrets.nix

     

       10
       +
           self.nixosModules.locale-en-ca

     

       11
        
         ];

     

       12
        
       

     

       13
        
         networking.hostName = "morgana";

     
···

       32
        
               snapshots = true;

     

       33
        
             };

     

       34
        
             tmpOnTmpfs.enable = true;

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       35
        
       

     

       36
       +
             hibernation = {

     

       37
        
               enable = true;

     

       38
       +
               swap = {

     

       39
       +
                 size = 24576;

     

       40
       +
                 location = "/data/.swapfile";

     

       41
       +
                 keyFile = "/.swapkey";

     

       42
       +
                 blkDev = "/dev/disk/by-uuid/e88969b5-98a0-4d46-a059-8e07ebf2689e";

     

       43
       +
               };

     

       44
        
             };

     

       45
        
           };

     

       46
        
           desktop.gnome.enable = true;

     

       47
        
           services = {

     

       48
       +
             gdm.enable = true;

     

       49
        
             dnsmasq = {

     

       50
        
               enable = true;

     

       51
        
               longCaches = false;

     
···

       56
        
               enableCaddy = false;

     

       57
        
               operator = "ayla";

     

       58
        
             };

     

       0
        
       
     

       59
        
             syncthing = {

     

       60
        
               enable = true;

     

       61
        
               certFile = config.age.secrets.syncthingCert.path;

     
···

       65
        
           };

     

       66
        
         };

     

       67
        
       

     

       68
       +
         security.sudo-rs.wheelNeedsPassword = lib.mkForce true;

     

       69
       +
       

     

       70
        
         myUsers = {

     

       71
        
           ayla = {

     

       72
        
             enable = true;

     

       73
       +
             passwordFile = config.age.secrets.aylaPassword.path;

     

       74
        
           };

     

       75
        
         };

     

       76
        
       

     
···

       124
        
             device = "/dev/disk/by-uuid/e5cf35fa-55bc-499f-a39b-e844a442e0f0";

     

       125
        
             fsType = "btrfs";

     

       126
        
             options = ["subvol=@data" "compress=zstd" "noatime"];

     

       127
       +
           };

     

       128
       +
         };

     

       129
       +
       

     

       130
       +
         # samba for ps2 opl

     

       131
       +
         services.samba = {

     

       132
       +
           enable = true;

     

       133
       +
           openFirewall = true;

     

       134
       +
           winbindd.enable = false;

     

       135
       +
           nmbd.enable = false;

     

       136
       +
           settings = {

     

       137
       +
             global = {

     

       138
       +
               "workgroup" = "WORKGROUP";

     

       139
       +
               "server string" = "smbnix";

     

       140
       +
               "netbios name" = "smbnix";

     

       141
       +
               "security" = "user";

     

       142
       +
       

     

       143
       +
               "bind interfaces only" = "yes";

     

       144
       +
               "interfaces" = "lo enp2s0f1";

     

       145
       +
       

     

       146
       +
               "client min protocol" = "CORE";

     

       147
       +
               "client max protocol" = "NT1";

     

       148
       +
               "server max protocol" = "SMB3";

     

       149
       +
               "server min protocol" = "LANMAN1";

     

       150
       +
               "strict sync" = "no";

     

       151
       +
               "keepalive" = "0";

     

       152
       +
       

     

       153
       +
               "getwd cache" = "yes";

     

       154
       +
               "large readwrite" = "yes";

     

       155
       +
               "aio read size" = "0";

     

       156
       +
               "aio write size" = "0";

     

       157
       +
               "strict locking" = "no";

     

       158
       +
               "strict allocate" = "no";

     

       159
       +
               "read raw" = "no";

     

       160
       +
               "write raw" = "no";

     

       161
       +
       

     

       162
       +
               "server signing" = "disabled";

     

       163
       +
               "smb encrypt" = "disabled";

     

       164
       +
               "socket options" = "TCP_NODELAY IPTOS_LOWDELAY SO_KEEPALIVE";

     

       165
       +
       

     

       166
       +
               "load printers" = "no";

     

       167
       +
               "disable spoolss" = "yes";

     

       168
       +
       

     

       169
       +
               "map to guest" = "bad user";

     

       170
       +
       

     

       171
       +
               "available" = "yes";

     

       172
       +
               "create mask" = "0777";

     

       173
       +
               "directory mask" = "0777";

     

       174
       +
               "force user" = "ayla";

     

       175
       +
               "force group" = "users";

     

       176
       +
             };

     

       177
       +
             "PS2SMB" = {

     

       178
       +
               "comment" = "PS2 SMB";

     

       179
       +
               "path" = "/data/PS2SMB";

     

       180
       +
               "browseable" = "yes";

     

       181
       +
               "read only" = "no";

     

       182
       +
               "guest ok" = "yes";

     

       183
       +
               "public" = "yes";

     

       184
       +
               "strict sync" = "no";

     

       185
       +
             };

     

       186
        
           };

     

       187
        
         };

     

       188
        
       }

hosts/morgana/secrets.nix

···

       1
        
       {self, ...}: {

     

       2
        
         age.secrets = {

     

       0
        
       
     

       3
        
           tailscaleAuthKey.file = "${self.inputs.secrets}/tailscale/auth.age";

     

       4
        
           syncthingCert.file = "${self.inputs.secrets}/ayla/syncthing/morgana/cert.age";

     

       5
        
           syncthingKey.file = "${self.inputs.secrets}/ayla/syncthing/morgana/key.age";

···

       1
        
       {self, ...}: {

     

       2
        
         age.secrets = {

     

       3
       +
           aylaPassword.file = "${self.inputs.secrets}/ayla/passwordHash.age";

     

       4
        
           tailscaleAuthKey.file = "${self.inputs.secrets}/tailscale/auth.age";

     

       5
        
           syncthingCert.file = "${self.inputs.secrets}/ayla/syncthing/morgana/cert.age";

     

       6
        
           syncthingKey.file = "${self.inputs.secrets}/ayla/syncthing/morgana/key.age";

+7 -13

hosts/nanpi/default.nix

···

       24
        
           profiles = {

     

       25
        
             base.enable = true;

     

       26
        
             server.enable = true;

     

       27
       -
             autoUpgrade = {

     

       28
       -
               enable = true;

     

       29
       -
               operation = "boot";

     

       30
       -
               allowReboot = false;

     

       31
       -
             };

     

       32
        
             backups.enable = true;

     

       33
        
             btrfs = {

     

       34
        
               enable = true;

     
···

       42
        
             arr.enable = true;

     

       43
        
           };

     

       44
        
           services = {

     

       45
       -
             audiobookshelf.enable = true;

     

       46
        
             caddy.enable = true;

     

       47
        
             cloudflared.enable = true;

     

       48
       -
             copyparty.enable = true;

     

       49
        
             dnsmasq.enable = true;

     

       50
       -
             forgejo = {

     

       51
       -
               enable = true;

     

       52
       -
               db = "postgresql";

     

       53
       -
             };

     

       54
        
             glance.enable = true;

     

       55
        
             jellyfin.enable = true;

     

       56
        
             jellyseerr.enable = true;

     

       57
       -
             karakeep.enable = true;

     

       58
        
             miniflux.enable = true;

     

       59
        
             ntfy.enable = true;

     

       60
        
             pds.enable = true;

     

       0
        
       
     

       61
        
             qbittorrent = {

     

       62
        
               enable = true;

     

       63
        
               webuiPort = config.mySnippets.tailnet.networkMap.qbittorrent.port;

     
···

       78
        
             };

     

       79
        
             vaultwarden.enable = true;

     

       80
        
             webdav.enable = true;

     

       0
        
       
     

       81
        
           };

     

       82
        
         };

     

       83
        
       

     

       84
        
         myUsers = {

     

       85
        
           ayla = {

     

       86
        
             enable = true;

     

       87
       -
             password = "REDACTED";

     

       88
        
           };

     

       89
        
         };

     

       90

···

       24
        
           profiles = {

     

       25
        
             base.enable = true;

     

       26
        
             server.enable = true;

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       27
        
             backups.enable = true;

     

       28
        
             btrfs = {

     

       29
        
               enable = true;

     
···

       37
        
             arr.enable = true;

     

       38
        
           };

     

       39
        
           services = {

     

       40
       +
             audiobookshelf.enable = false;

     

       41
        
             caddy.enable = true;

     

       42
        
             cloudflared.enable = true;

     

       43
       +
             copyparty.enable = false;

     

       44
        
             dnsmasq.enable = true;

     

       45
       +
             forgejo.enable = true;

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       46
        
             glance.enable = true;

     

       47
        
             jellyfin.enable = true;

     

       48
        
             jellyseerr.enable = true;

     

       49
       +
             karakeep.enable = false;

     

       50
        
             miniflux.enable = true;

     

       51
        
             ntfy.enable = true;

     

       52
        
             pds.enable = true;

     

       53
       +
             privatebin.enable = true;

     

       54
        
             qbittorrent = {

     

       55
        
               enable = true;

     

       56
        
               webuiPort = config.mySnippets.tailnet.networkMap.qbittorrent.port;

     
···

       71
        
             };

     

       72
        
             vaultwarden.enable = true;

     

       73
        
             webdav.enable = true;

     

       74
       +
             tangled-knot.enable = true;

     

       75
        
           };

     

       76
        
         };

     

       77
        
       

     

       78
        
         myUsers = {

     

       79
        
           ayla = {

     

       80
        
             enable = true;

     

       81
       +
             passwordFile = config.age.secrets.aylaPassword.path;

     

       82
        
           };

     

       83
        
         };

     

       84

hosts/nanpi/secrets.nix

···

       1
        
       {self, ...}: {

     

       2
        
         age.secrets = {

     

       0
        
       
     

       3
        
           pds.file = "${self.inputs.secrets}/pds.age";

     

       4
        
           resticPassword.file = "${self.inputs.secrets}/restic-passwd.age";

     

       5
        
           rclone.file = "${self.inputs.secrets}/rclone.age";

···

       1
        
       {self, ...}: {

     

       2
        
         age.secrets = {

     

       3
       +
           aylaPassword.file = "${self.inputs.secrets}/ayla/crazierPasswordHash.age";

     

       4
        
           pds.file = "${self.inputs.secrets}/pds.age";

     

       5
        
           resticPassword.file = "${self.inputs.secrets}/restic-passwd.age";

     

       6
        
           rclone.file = "${self.inputs.secrets}/rclone.age";

+5 -1

modules/flake/files/helix.nix

···

       15
        
                     name = "nix";

     

       16
        
                     auto-format = true;

     

       17
        
                     formatter = {command = lib.getExe pkgs.alejandra;};

     

       18
       -
                     language-servers = ["nixd"];

     

       19
        
                   }

     

       20
        
                   {

     

       21
        
                     name = "bash";

     
···

       39
        
       

     

       40
        
                   nixd = {

     

       41
        
                     command = lib.getExe pkgs.nixd;

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       42
        
                   };

     

       43
        
                 };

     

       44
        
               };

···

       15
        
                     name = "nix";

     

       16
        
                     auto-format = true;

     

       17
        
                     formatter = {command = lib.getExe pkgs.alejandra;};

     

       18
       +
                     language-servers = ["nixd" "nil"];

     

       19
        
                   }

     

       20
        
                   {

     

       21
        
                     name = "bash";

     
···

       39
        
       

     

       40
        
                   nixd = {

     

       41
        
                     command = lib.getExe pkgs.nixd;

     

       42
       +
                   };

     

       43
       +
       

     

       44
       +
                   nil = {

     

       45
       +
                     command = lib.getExe pkgs.nil;

     

       46
        
                   };

     

       47
        
                 };

     

       48
        
               };

+56 -23

modules/flake/files/zed.nix

···

       3
        
           lib,

     

       4
        
           pkgs,

     

       5
        
           ...

     

       6
       -
         }: {

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       7
        
           files.files = [

     

       8
        
             {

     

       9
        
               checkFile = false;

     
···

       13
        
                 auto_install_extensions = {

     

       14
        
                   basher = true;

     

       15
        
                   nix = true;

     

       0
        
       
     

       16
        
                 };

     

       17
        
       

     

       18
        
                 languages = {

     

       19
       -
                   JSON = {

     

       20
       -
                     format_on_save = "on";

     

       21
        
       

     

       22
       -
                     formatter = {

     

       23
       -
                       external = {

     

       24
       -
                         command = lib.getExe pkgs.prettier;

     

       25
       -
                         arguments = ["--stdin-filepath" "{buffer_path}"];

     

       26
       -
                       };

     

       27
       -
                     };

     

       28
       -
                   };

     

       29
        
       

     

       30
        
                   Markdown = {

     

       31
        
                     format_on_save = "on";

     

       32
       -
       

     

       33
       -
                     formatter.external = {

     

       34
       -
                       command = lib.getExe pkgs.prettier;

     

       35
       -
                       arguments = ["--stdin-filepath" "{buffer_path}"];

     

       36
       -
                     };

     

       37
        
                   };

     

       38
        
       

     

       39
        
                   Nix = {

     

       40
        
                     format_on_save = "on";

     

       41
        
                     formatter = "language_server";

     

       42
       -
                     language_servers = ["nixd"];

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       43
        
                   };

     

       44
        
       

     

       45
        
                   "Shell Script" = {

     
···

       58
        
       

     

       59
        
                   YAML = {

     

       60
        
                     format_on_save = "on";

     

       61
       -
                     formatter.external = {

     

       62
       -
                       command = lib.getExe pkgs.prettier;

     

       63
       -
                       arguments = ["--stdin-filepath" "{buffer_path}"];

     

       64
       -
                     };

     

       65
        
                   };

     

       66
        
                 };

     

       67
        
       

     

       68
       -
                 lsp.nixd = {

     

       69
       -
                   binary.path = lib.getExe pkgs.nixd;

     

       70
       -
                   settings.formatting.command = [(lib.getExe pkgs.alejandra) "--quiet" "--"];

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       71
        
                 };

     

       72
        
               };

     

       73
        
             }

···

       3
        
           lib,

     

       4
        
           pkgs,

     

       5
        
           ...

     

       6
       +
         }: let

     

       7
       +
           prettier = {

     

       8
       +
             external = {

     

       9
       +
               command = pkgs.writeScript "prettier-bun" ''

     

       10
       +
                 #! ${pkgs.bash}/bin/bash -e

     

       11
       +
                 exec ${lib.getExe pkgs.bun} ${pkgs.prettier}/bin/prettier.cjs "$@"

     

       12
       +
               '';

     

       13
       +
               arguments = ["--stdin-filepath" "{buffer_path}"];

     

       14
       +
             };

     

       15
       +
           };

     

       16
       +
           biome = {

     

       17
       +
             format_on_save = "on";

     

       18
       +
       

     

       19
       +
             formatter = {language_server = {name = "biome";};};

     

       20
       +
             code_actions_on_format = {

     

       21
       +
               "source.fixAll.biome" = true;

     

       22
       +
               "source.organizeImports.biome" = true;

     

       23
       +
             };

     

       24
       +
           };

     

       25
       +
         in {

     

       26
        
           files.files = [

     

       27
        
             {

     

       28
        
               checkFile = false;

     
···

       32
        
                 auto_install_extensions = {

     

       33
        
                   basher = true;

     

       34
        
                   nix = true;

     

       35
       +
                   marksman = true;

     

       36
        
                 };

     

       37
        
       

     

       38
        
                 languages = {

     

       39
       +
                   JSON = biome // {language_servers = ["json-language-server" "biome"];};

     

       0
        
       
     

       40
        
       

     

       41
       +
                   JSONC = biome // {language_servers = ["json-language-server" "biome"];};

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       42
        
       

     

       43
        
                   Markdown = {

     

       44
        
                     format_on_save = "on";

     

       45
       +
                     formatter = prettier;

     

       46
       +
                     language_servers = ["marksman"];

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       47
        
                   };

     

       48
        
       

     

       49
        
                   Nix = {

     

       50
        
                     format_on_save = "on";

     

       51
        
                     formatter = "language_server";

     

       52
       +
                     language_servers = [

     

       53
       +
                       "nixd"

     

       54
       +
                       "nil"

     

       55
       +
                     ];

     

       56
        
                   };

     

       57
        
       

     

       58
        
                   "Shell Script" = {

     
···

       71
        
       

     

       72
        
                   YAML = {

     

       73
        
                     format_on_save = "on";

     

       74
       +
                     formatter = prettier;

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       75
        
                   };

     

       76
        
                 };

     

       77
        
       

     

       78
       +
                 lsp = {

     

       79
       +
                   nixd = {

     

       80
       +
                     binary.path = lib.getExe pkgs.nixd;

     

       81
       +
                     settings.formatting.command = [(lib.getExe pkgs.alejandra) "--quiet" "--"];

     

       82
       +
                   };

     

       83
       +
                   nil = {

     

       84
       +
                     binary = {

     

       85
       +
                       path = lib.getExe pkgs.nil;

     

       86
       +
                       arguments = ["--stdio"];

     

       87
       +
                     };

     

       88
       +
                   };

     

       89
       +
                   json-language-server = {

     

       90
       +
                     binary = {

     

       91
       +
                       path = pkgs.writeScript "vscode-json-languageserver-bun" ''

     

       92
       +
                         #! ${pkgs.bash}/bin/bash -e

     

       93
       +
                         exec ${lib.getExe pkgs.bun} ${pkgs.vscode-json-languageserver}/lib/node_modules/vscode-json-languageserver/./bin/vscode-json-languageserver "$@"

     

       94
       +
                       '';

     

       95
       +
                       arguments = ["--stdio"];

     

       96
       +
                     };

     

       97
       +
                   };

     

       98
       +
                   marksman = {

     

       99
       +
                     binary = {

     

       100
       +
                       path = lib.getExe pkgs.marksman;

     

       101
       +
                       arguments = ["server"];

     

       102
       +
                     };

     

       103
       +
                   };

     

       104
        
                 };

     

       105
        
               };

     

       106
        
             }

+6 -1

modules/flake/nixos.nix

···

       13
        
       

     

       14
        
           nixosModules = {

     

       15
        
             hardware = ../hardware;

     

       0
        
       
     

       16
        
             locale-en-gb = ../locale/en-gb;

     

       17
        
             nixos = ../nixos;

     

       18
        
             snippets = ../snippets;

     
···

       32
        
                   modules = [

     

       33
        
                     ../../hosts/${host}

     

       34
        
                     inputs.agenix.nixosModules.default

     

       0
        
       
     

       35
        
                     inputs.copyparty.nixosModules.default

     

       36
        
                     inputs.disko.nixosModules.disko

     

       37
        
                     inputs.home-manager.nixosModules.home-manager

     

       38
        
                     inputs.lanzaboote.nixosModules.lanzaboote

     

       39
        
                     inputs.tangled-core.nixosModules.knot

     

       0
        
       
     

       0
        
       
     

       40
        
                     modules.hardware

     

       41
        
                     modules.nixos

     

       42
        
                     modules.snippets

     
···

       54
        
                         overlays = [

     

       55
        
                           self.inputs.nur.overlays.default

     

       56
        
                           self.inputs.copyparty.overlays.default

     

       0
        
       
     

       57
        
                         ];

     

       58
        
                         config.allowUnfree = true;

     

       59
        
                       };

     

       60
        
                     }

     

       61
        
                   ];

     

       62
       -
                   specialArgs = {inherit self;};

     

       63
        
                 }

     

       64
        
             );

     

       65
        
         };

···

       13
        
       

     

       14
        
           nixosModules = {

     

       15
        
             hardware = ../hardware;

     

       16
       +
             locale-en-ca = ../locale/en-ca;

     

       17
        
             locale-en-gb = ../locale/en-gb;

     

       18
        
             nixos = ../nixos;

     

       19
        
             snippets = ../snippets;

     
···

       33
        
                   modules = [

     

       34
        
                     ../../hosts/${host}

     

       35
        
                     inputs.agenix.nixosModules.default

     

       36
       +
                     inputs.atproto-basic-notifications.nixosModules.default

     

       37
        
                     inputs.copyparty.nixosModules.default

     

       38
        
                     inputs.disko.nixosModules.disko

     

       39
        
                     inputs.home-manager.nixosModules.home-manager

     

       40
        
                     inputs.lanzaboote.nixosModules.lanzaboote

     

       41
        
                     inputs.tangled-core.nixosModules.knot

     

       42
       +
                     inputs.tgirlpkgs.nixosModules.default

     

       43
       +
                     inputs.chaotic.nixosModules.default

     

       44
        
                     modules.hardware

     

       45
        
                     modules.nixos

     

       46
        
                     modules.snippets

     
···

       58
        
                         overlays = [

     

       59
        
                           self.inputs.nur.overlays.default

     

       60
        
                           self.inputs.copyparty.overlays.default

     

       61
       +
                           self.inputs.aylapkgs.overlays.default

     

       62
        
                         ];

     

       63
        
                         config.allowUnfree = true;

     

       64
        
                       };

     

       65
        
                     }

     

       66
        
                   ];

     

       67
       +
                   specialArgs = {inherit self inputs;};

     

       68
        
                 }

     

       69
        
             );

     

       70
        
         };

+2 -2

modules/hardware/profiles/base/default.nix

···

       23
        
             fstrim.enable = true;

     

       24
        
       

     

       25
        
             logind.settings.Login = {

     

       26
       -
               HandlePowerKey = "suspend";

     

       27
       -
               HandlePowerKeyLongPress = "poweroff";

     

       28
        
             };

     

       29
        
       

     

       30
        
             xserver.xkb = {

···

       23
        
             fstrim.enable = true;

     

       24
        
       

     

       25
        
             logind.settings.Login = {

     

       26
       +
               HandlePowerKey = lib.mkDefault "suspend";

     

       27
       +
               HandlePowerKeyLongPress = lib.mkDefault "poweroff";

     

       28
        
             };

     

       29
        
       

     

       30
        
             xserver.xkb = {

+1 -1

modules/home/default.nix

···

       5
        
           ./profiles

     

       6
        
           ./snippets

     

       7
        
           inputs.agenix.homeManagerModules.default

     

       8
       -
           inputs.zen-browser.homeModules.beta

     

       9
        
         ];

     

       10
        
       

     

       11
        
         home = {

···

       5
        
           ./profiles

     

       6
        
           ./snippets

     

       7
        
           inputs.agenix.homeManagerModules.default

     

       8
       +
           inputs.aylapkgs.homeModules.default

     

       9
        
         ];

     

       10
        
       

     

       11
        
         home = {

+51

modules/home/desktop/cosmic/default.nix

···

       1
       +
       {

     

       2
       +
         lib,

     

       3
       +
         config,

     

       4
       +
         pkgs,

     

       5
       +
         ...

     

       6
       +
       }: {

     

       7
       +
         options.myHome.desktop.cosmic = {

     

       8
       +
           enable = lib.mkEnableOption "COSMIC desktop environment";

     

       9
       +
         };

     

       10
       +
       

     

       11
       +
         config = lib.mkIf config.myHome.desktop.cosmic.enable {

     

       12
       +
           dconf = {

     

       13
       +
             enable = true;

     

       14
       +
       

     

       15
       +
             settings = {

     

       16
       +
               "org/gnome/desktop/wm/preferences".button-layout = "appmenu:close";

     

       17
       +
             };

     

       18
       +
           };

     

       19
       +
       

     

       20
       +
           myHome.profiles.defaultApps = {

     

       21
       +
             audioPlayer = {

     

       22
       +
               package = lib.mkDefault config.programs.mpv.finalPackage;

     

       23
       +
               icon = lib.mkDefault "mpv";

     

       24
       +
             };

     

       25
       +
             editor = {

     

       26
       +
               package = lib.mkDefault pkgs.cosmic-edit;

     

       27
       +
               icon = lib.mkDefault "com.system76.CosmicEdit";

     

       28
       +
             };

     

       29
       +
             fileManager = {

     

       30
       +
               package = lib.mkDefault pkgs.cosmic-files;

     

       31
       +
               icon = lib.mkDefault "com.system76.CosmicFiles";

     

       32
       +
             };

     

       33
       +
             imageViewer = {

     

       34
       +
               package = lib.mkDefault pkgs.loupe;

     

       35
       +
               icon = lib.mkDefault "org.gnome.Loupe";

     

       36
       +
             };

     

       37
       +
             pdfViewer = {

     

       38
       +
               package = lib.mkDefault pkgs.papers;

     

       39
       +
               icon = lib.mkDefault "org.gnome.Papers";

     

       40
       +
             };

     

       41
       +
             terminal = {

     

       42
       +
               package = lib.mkDefault pkgs.cosmic-term;

     

       43
       +
               icon = lib.mkDefault "com.system76.CosmicTerm";

     

       44
       +
             };

     

       45
       +
             videoPlayer = {

     

       46
       +
               package = lib.mkDefault config.programs.mpv.finalPackage;

     

       47
       +
               icon = lib.mkDefault "mpv";

     

       48
       +
             };

     

       49
       +
           };

     

       50
       +
         };

     

       51
       +
       }

+3 -1

modules/home/desktop/default.nix

···

       6
        
       }: {

     

       7
        
         imports = [

     

       8
        
           ./gnome

     

       0
        
       
     

       0
        
       
     

       9
        
         ];

     

       10
        
       

     

       11
        
         options.myHome.desktop.enable = lib.mkOption {

     

       12
       -
           default = config.myHome.desktop.gnome.enable;

     

       13
        
           description = "Desktop environment configuration.";

     

       14
        
           type = lib.types.bool;

     

       15
        
         };

···

       6
        
       }: {

     

       7
        
         imports = [

     

       8
        
           ./gnome

     

       9
       +
           ./plasma

     

       10
       +
           ./cosmic

     

       11
        
         ];

     

       12
        
       

     

       13
        
         options.myHome.desktop.enable = lib.mkOption {

     

       14
       +
           default = config.myHome.desktop.gnome.enable or config.myHome.desktop.plasma.enable;

     

       15
        
           description = "Desktop environment configuration.";

     

       16
        
           type = lib.types.bool;

     

       17
        
         };

+40 -35

modules/home/desktop/gnome/default.nix

···

       63
        
               "org/gnome/system/location".enabled = false;

     

       64
        
       

     

       65
        
               "org/gnome/desktop/wm/keybindings" = {

     

       66
       -
                 move-to-monitor-down = [

     

       67
       -
                   "<Ctrl><Shift><Super>e"

     

       68
       -
                   "<Ctrl><Shift><Super>Down"

     

       69
       -
                 ];

     

       70
       -
                 move-to-monitor-left = [

     

       71
       -
                   "<Ctrl><Shift><Super>n"

     

       72
       -
                   "<Ctrl><Shift><Super>Left"

     

       73
       -
                 ];

     

       74
       -
                 move-to-monitor-right = [

     

       75
       -
                   "<Ctrl><Shift><Super>o"

     

       76
       -
                   "<Ctrl><Shift><Super>Right"

     

       77
       -
                 ];

     

       78
       -
                 move-to-monitor-up = [

     

       79
       -
                   "<Ctrl><Shift><Super>i"

     

       80
       -
                   "<Ctrl><Shift><Super>Up"

     

       81
       -
                 ];

     

       82
        
                 move-to-workspace-1 = ["<Shift><Super>1"];

     

       83
        
                 move-to-workspace-10 = ["<Shift><Super>0"];

     

       84
        
                 move-to-workspace-2 = ["<Shift><Super>2"];

     
···

       89
        
                 move-to-workspace-7 = ["<Shift><Super>7"];

     

       90
        
                 move-to-workspace-8 = ["<Shift><Super>8"];

     

       91
        
                 move-to-workspace-9 = ["<Shift><Super>9"];

     

       92
       -
                 move-to-workspace-down = ["<Shift><Super>j"];

     

       93
       -
                 move-to-workspace-left = [

     

       94
       -
                   "<Shift><Super>n"

     

       95
       -
                   "<Shift><Super>Comma"

     

       96
       -
                 ];

     

       97
       -
                 move-to-workspace-right = [

     

       98
       -
                   "<Shift><Super>o"

     

       99
       -
                   "<Shift><Super>Period"

     

       100
       -
                 ];

     

       101
       -
                 move-to-workspace-up = ["<Shift><Super>k"];

     

       102
        
                 switch-to-workspace-1 = ["<Super>1"];

     

       103
        
                 switch-to-workspace-10 = ["<Super>0"];

     

       104
        
                 switch-to-workspace-2 = ["<Super>2"];

     
···

       110
        
                 switch-to-workspace-8 = ["<Super>8"];

     

       111
        
                 switch-to-workspace-9 = ["<Super>9"];

     

       112
        
                 switch-to-workspace-down = [];

     

       113
       -
                 switch-to-workspace-left = ["<Super>Comma"];

     

       114
       -
                 switch-to-workspace-right = ["<Super>Period"];

     

       115
        
                 switch-to-workspace-up = [];

     

       116
        
                 toggle-fullscreen = ["<Super>w"];

     

       117
        
               };

     

       0
        
       
     

       0
        
       
     

       118
        
             };

     

       119
        
           };

     

       120
        
       

     
···

       142
        
           ];

     

       143
        
       

     

       144
        
           myHome.profiles.defaultApps = {

     

       145
       -
             audioPlayer.package = lib.mkDefault pkgs.mpv;

     

       146
       -
             editor.package = lib.mkDefault pkgs.gnome-text-editor;

     

       147
       -
             fileManager.package = lib.mkDefault pkgs.nautilus;

     

       148
       -
             imageViewer.package = lib.mkDefault pkgs.loupe;

     

       149
       -
             pdfViewer.package = lib.mkDefault pkgs.papers;

     

       150
       -
             terminal.package = lib.mkDefault pkgs.gnome-console;

     

       151
       -
             videoPlayer.package = lib.mkDefault pkgs.mpv;

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       152
        
           };

     

       153
        
         };

     

       154
        
       }

···

       63
        
               "org/gnome/system/location".enabled = false;

     

       64
        
       

     

       65
        
               "org/gnome/desktop/wm/keybindings" = {

     

       66
       +
                 move-to-monitor-down = ["<Ctrl><Shift><Super>Down"];

     

       67
       +
                 move-to-monitor-left = ["<Ctrl><Shift><Super>Left"];

     

       68
       +
                 move-to-monitor-right = ["<Ctrl><Shift><Super>Right"];

     

       69
       +
                 move-to-monitor-up = ["<Ctrl><Shift><Super>Up"];

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       70
        
                 move-to-workspace-1 = ["<Shift><Super>1"];

     

       71
        
                 move-to-workspace-10 = ["<Shift><Super>0"];

     

       72
        
                 move-to-workspace-2 = ["<Shift><Super>2"];

     
···

       77
        
                 move-to-workspace-7 = ["<Shift><Super>7"];

     

       78
        
                 move-to-workspace-8 = ["<Shift><Super>8"];

     

       79
        
                 move-to-workspace-9 = ["<Shift><Super>9"];

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       80
        
                 switch-to-workspace-1 = ["<Super>1"];

     

       81
        
                 switch-to-workspace-10 = ["<Super>0"];

     

       82
        
                 switch-to-workspace-2 = ["<Super>2"];

     
···

       88
        
                 switch-to-workspace-8 = ["<Super>8"];

     

       89
        
                 switch-to-workspace-9 = ["<Super>9"];

     

       90
        
                 switch-to-workspace-down = [];

     

       91
       +
                 switch-to-workspace-left = ["<Ctrl><Super>Left"];

     

       92
       +
                 switch-to-workspace-right = ["<Ctrl><Super>Right"];

     

       93
        
                 switch-to-workspace-up = [];

     

       94
        
                 toggle-fullscreen = ["<Super>w"];

     

       95
        
               };

     

       96
       +
       

     

       97
       +
               "org/gnome/desktop/wm/preferences".button-layout = "appmenu:close";

     

       98
        
             };

     

       99
        
           };

     

       100
        
       

     
···

       122
        
           ];

     

       123
        
       

     

       124
        
           myHome.profiles.defaultApps = {

     

       125
       +
             archiveViewer = {

     

       126
       +
               package = lib.mkDefault pkgs.file-roller;

     

       127
       +
               icon = lib.mkDefault "org.gnome.FileRoller";

     

       128
       +
             };

     

       129
       +
             audioPlayer = {

     

       130
       +
               package = lib.mkDefault config.programs.mpv.finalPackage;

     

       131
       +
               icon = lib.mkDefault "mpv";

     

       132
       +
             };

     

       133
       +
             editor = {

     

       134
       +
               package = lib.mkDefault pkgs.gnome-text-editor;

     

       135
       +
               icon = lib.mkDefault "org.gnome.TextEditor";

     

       136
       +
             };

     

       137
       +
             fileManager = {

     

       138
       +
               package = lib.mkDefault pkgs.nautilus;

     

       139
       +
               icon = lib.mkDefault "org.gnome.Nautilus";

     

       140
       +
             };

     

       141
       +
             imageViewer = {

     

       142
       +
               package = lib.mkDefault pkgs.loupe;

     

       143
       +
               icon = lib.mkDefault "org.gnome.Loupe";

     

       144
       +
             };

     

       145
       +
             pdfViewer = {

     

       146
       +
               package = lib.mkDefault pkgs.papers;

     

       147
       +
               icon = lib.mkDefault "org.gnome.Papers";

     

       148
       +
             };

     

       149
       +
             terminal = {

     

       150
       +
               package = lib.mkDefault pkgs.gnome-console;

     

       151
       +
               icon = lib.mkDefault "org.gnome.Terminal";

     

       152
       +
             };

     

       153
       +
             videoPlayer = {

     

       154
       +
               package = lib.mkDefault config.programs.mpv.finalPackage;

     

       155
       +
               icon = lib.mkDefault "mpv";

     

       156
       +
             };

     

       157
        
           };

     

       158
        
         };

     

       159
        
       }

+52

modules/home/desktop/plasma/default.nix

···

       1
       +
       {

     

       2
       +
         lib,

     

       3
       +
         config,

     

       4
       +
         pkgs,

     

       5
       +
         ...

     

       6
       +
       }: {

     

       7
       +
         options.myHome.desktop.plasma = {

     

       8
       +
           enable = lib.mkEnableOption "KDE Plasma desktop environment";

     

       9
       +
         };

     

       10
       +
       

     

       11
       +
         config = lib.mkIf config.myHome.desktop.plasma.enable {

     

       12
       +
           dconf = {

     

       13
       +
             enable = true;

     

       14
       +
       

     

       15
       +
             settings = {

     

       16
       +
               "org/gnome/desktop/wm/preferences".button-layout = "appmenu:minimize,maximize,close";

     

       17
       +
             };

     

       18
       +
           };

     

       19
       +
       

     

       20
       +
           myHome.profiles.defaultApps = {

     

       21
       +
             audioPlayer = {

     

       22
       +
               package = lib.mkDefault config.programs.mpv.finalPackage;

     

       23
       +
               icon = lib.mkDefault "mpv";

     

       24
       +
             };

     

       25
       +
             editor = {

     

       26
       +
               package = lib.mkDefault pkgs.kdePackages.kate;

     

       27
       +
               icon = lib.mkDefault "org.kde.kate";

     

       28
       +
             };

     

       29
       +
             fileManager = {

     

       30
       +
               package = lib.mkDefault pkgs.kdePackages.dolphin;

     

       31
       +
               exec = lib.mkDefault (lib.getExe config.myHome.profiles.defaultApps.fileManager.package);

     

       32
       +
               icon = lib.mkDefault "org.kde.dolphin";

     

       33
       +
             };

     

       34
       +
             imageViewer = {

     

       35
       +
               package = lib.mkDefault pkgs.kdePackages.gwenview;

     

       36
       +
               icon = lib.mkDefault "org.kde.gwenview";

     

       37
       +
             };

     

       38
       +
             pdfViewer = {

     

       39
       +
               package = lib.mkDefault pkgs.kdePackages.okular;

     

       40
       +
               icon = lib.mkDefault "org.kde.okular";

     

       41
       +
             };

     

       42
       +
             terminal = {

     

       43
       +
               package = lib.mkDefault pkgs.kdePackages.konsole;

     

       44
       +
               icon = lib.mkDefault "org.kde.konsole";

     

       45
       +
             };

     

       46
       +
             videoPlayer = {

     

       47
       +
               package = lib.mkDefault config.programs.mpv.finalPackage;

     

       48
       +
               icon = lib.mkDefault "mpv";

     

       49
       +
             };

     

       50
       +
           };

     

       51
       +
         };

     

       52
       +
       }

modules/home/profiles/default.nix

···

       3
        
           ./betterLocations

     

       4
        
           ./defaultApps

     

       5
        
           ./shell

     

       0
        
       
     

       6
        
         ];

     

       7
        
       }

···

       3
        
           ./betterLocations

     

       4
        
           ./defaultApps

     

       5
        
           ./shell

     

       6
       +
           ./fixMimeTypes

     

       7
        
         ];

     

       8
        
       }

+100 -11

modules/home/profiles/defaultApps/default.nix

···

       23
        
               default = lib.getExe cfg.archiveViewer.package;

     

       24
        
               description = "The executable path for the default archive viewer.";

     

       25
        
             };

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       26
        
           };

     

       27
        
       

     

       28
        
           audioPlayer = {

     
···

       37
        
               default = lib.getExe cfg.audioPlayer.package;

     

       38
        
               description = "The executable path for the default audio player.";

     

       39
        
             };

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       40
        
           };

     

       41
        
       

     

       42
        
           editor = {

     
···

       51
        
               default = lib.getExe cfg.editor.package;

     

       52
        
               description = "The executable path for the default text editor.";

     

       53
        
             };

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       54
        
           };

     

       55
        
       

     

       56
        
           fileManager = {

     
···

       64
        
               type = lib.types.str;

     

       65
        
               default = lib.getExe cfg.fileManager.package;

     

       66
        
               description = "The executable path for the default file manager.";

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       67
        
             };

     

       68
        
           };

     

       69
        
       

     
···

       79
        
               default = lib.getExe cfg.imageViewer.package;

     

       80
        
               description = "The executable path for the default image viewer.";

     

       81
        
             };

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       82
        
           };

     

       83
        
       

     

       84
        
           pdfViewer = {

     
···

       93
        
               default = lib.getExe cfg.pdfViewer.package;

     

       94
        
               description = "The executable path for the default PDF viewer.";

     

       95
        
             };

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       96
        
           };

     

       97
        
       

     

       98
        
           terminal = {

     
···

       106
        
               type = lib.types.str;

     

       107
        
               default = lib.getExe cfg.terminal.package;

     

       108
        
               description = "The executable path for the default terminal emulator.";

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       109
        
             };

     

       110
        
           };

     

       111
        
       

     
···

       135
        
               default = lib.getExe cfg.videoPlayer.package;

     

       136
        
               description = "The executable path for the default video player.";

     

       137
        
             };

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       138
        
           };

     

       139
        
       

     

       140
        
           webBrowser = {

     
···

       148
        
               type = lib.types.str;

     

       149
        
               default = lib.getExe cfg.webBrowser.package;

     

       150
        
               description = "The executable path for the default web browser.";

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       151
        
             };

     

       152
        
           };

     

       153
        
         };

     
···

       228
        
             };

     

       229
        
       

     

       230
        
             desktopEntries = let

     

       231
       -
               mkDefaultEntry = name: exec: {

     

       232
        
                 exec = "${exec} %U";

     

       233
       -
                 icon = "${builtins.baseNameOf exec}";

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       234
        
                 name = "Default ${name}";

     

       235
       -
                 terminal = false;

     

       236
        
       

     

       237
        
                 settings = {

     

       238
        
                   NoDisplay = "true";

     
···

       240
        
               };

     

       241
        
             in

     

       242
        
               lib.mkIf cfg.forceMimeAssociations {

     

       243
       -
                 defaultAudioPlayer = mkDefaultEntry "Audio Player" cfg.audioPlayer.exec;

     

       244
       -
                 defaultEditor = mkDefaultEntry "Editor" cfg.editor.exec;

     

       245
       -
                 defaultFileManager = mkDefaultEntry "File Manager" cfg.fileManager.exec;

     

       246
       -
                 defaultImageViewer = mkDefaultEntry "Image Viewer" cfg.imageViewer.exec;

     

       247
       -
                 defaultPdfViewer = mkDefaultEntry "PDF Viewer" cfg.pdfViewer.exec;

     

       248
       -
                 defaultVideoPlayer = mkDefaultEntry "Video Player" cfg.videoPlayer.exec;

     

       249
       -
                 defaultWebBrowser = mkDefaultEntry "Web Browser" cfg.webBrowser.exec;

     

       250
       -
                 defaultArchiveViewer = mkDefaultEntry "Archive Viewer" cfg.archiveViewer.exec;

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       251
        
               };

     

       252
        
           };

     

       253
        
         };

···

       23
        
               default = lib.getExe cfg.archiveViewer.package;

     

       24
        
               description = "The executable path for the default archive viewer.";

     

       25
        
             };

     

       26
       +
       

     

       27
       +
             icon = lib.mkOption {

     

       28
       +
               type = lib.types.str;

     

       29
       +
               default = "";

     

       30
       +
               description = "The icon name for the default archive viewer.";

     

       31
       +
             };

     

       32
        
           };

     

       33
        
       

     

       34
        
           audioPlayer = {

     
···

       43
        
               default = lib.getExe cfg.audioPlayer.package;

     

       44
        
               description = "The executable path for the default audio player.";

     

       45
        
             };

     

       46
       +
       

     

       47
       +
             terminal = lib.mkOption {

     

       48
       +
               type = lib.types.bool;

     

       49
       +
               default = false;

     

       50
       +
               description = "Whether the editor is a terminal-based application.";

     

       51
       +
             };

     

       52
       +
       

     

       53
       +
             icon = lib.mkOption {

     

       54
       +
               type = lib.types.str;

     

       55
       +
               default = "";

     

       56
       +
               description = "The icon name for the default audio player.";

     

       57
       +
             };

     

       58
        
           };

     

       59
        
       

     

       60
        
           editor = {

     
···

       69
        
               default = lib.getExe cfg.editor.package;

     

       70
        
               description = "The executable path for the default text editor.";

     

       71
        
             };

     

       72
       +
       

     

       73
       +
             terminal = lib.mkOption {

     

       74
       +
               type = lib.types.bool;

     

       75
       +
               default = false;

     

       76
       +
               description = "Whether the editor is a terminal-based application.";

     

       77
       +
             };

     

       78
       +
       

     

       79
       +
             icon = lib.mkOption {

     

       80
       +
               type = lib.types.str;

     

       81
       +
               default = "";

     

       82
       +
               description = "The icon name for the default text editor.";

     

       83
       +
             };

     

       84
        
           };

     

       85
        
       

     

       86
        
           fileManager = {

     
···

       94
        
               type = lib.types.str;

     

       95
        
               default = lib.getExe cfg.fileManager.package;

     

       96
        
               description = "The executable path for the default file manager.";

     

       97
       +
             };

     

       98
       +
       

     

       99
       +
             terminal = lib.mkOption {

     

       100
       +
               type = lib.types.bool;

     

       101
       +
               default = false;

     

       102
       +
               description = "Whether the editor is a terminal-based application.";

     

       103
       +
             };

     

       104
       +
       

     

       105
       +
             icon = lib.mkOption {

     

       106
       +
               type = lib.types.str;

     

       107
       +
               default = "";

     

       108
       +
               description = "The icon name for the default file manager.";

     

       109
        
             };

     

       110
        
           };

     

       111
        
       

     
···

       121
        
               default = lib.getExe cfg.imageViewer.package;

     

       122
        
               description = "The executable path for the default image viewer.";

     

       123
        
             };

     

       124
       +
       

     

       125
       +
             icon = lib.mkOption {

     

       126
       +
               type = lib.types.str;

     

       127
       +
               default = "";

     

       128
       +
               description = "The icon name for the default image viewer.";

     

       129
       +
             };

     

       130
        
           };

     

       131
        
       

     

       132
        
           pdfViewer = {

     
···

       141
        
               default = lib.getExe cfg.pdfViewer.package;

     

       142
        
               description = "The executable path for the default PDF viewer.";

     

       143
        
             };

     

       144
       +
       

     

       145
       +
             terminal = lib.mkOption {

     

       146
       +
               type = lib.types.bool;

     

       147
       +
               default = false;

     

       148
       +
               description = "Whether the editor is a terminal-based application.";

     

       149
       +
             };

     

       150
       +
       

     

       151
       +
             icon = lib.mkOption {

     

       152
       +
               type = lib.types.str;

     

       153
       +
               default = "";

     

       154
       +
               description = "The icon name for the default PDF viewer.";

     

       155
       +
             };

     

       156
        
           };

     

       157
        
       

     

       158
        
           terminal = {

     
···

       166
        
               type = lib.types.str;

     

       167
        
               default = lib.getExe cfg.terminal.package;

     

       168
        
               description = "The executable path for the default terminal emulator.";

     

       169
       +
             };

     

       170
       +
       

     

       171
       +
             icon = lib.mkOption {

     

       172
       +
               type = lib.types.str;

     

       173
       +
               default = "";

     

       174
       +
               description = "The icon name for the default terminal emulator.";

     

       175
        
             };

     

       176
        
           };

     

       177
        
       

     
···

       201
        
               default = lib.getExe cfg.videoPlayer.package;

     

       202
        
               description = "The executable path for the default video player.";

     

       203
        
             };

     

       204
       +
       

     

       205
       +
             icon = lib.mkOption {

     

       206
       +
               type = lib.types.str;

     

       207
       +
               default = "";

     

       208
       +
               description = "The icon name for the default video player.";

     

       209
       +
             };

     

       210
        
           };

     

       211
        
       

     

       212
        
           webBrowser = {

     
···

       220
        
               type = lib.types.str;

     

       221
        
               default = lib.getExe cfg.webBrowser.package;

     

       222
        
               description = "The executable path for the default web browser.";

     

       223
       +
             };

     

       224
       +
       

     

       225
       +
             icon = lib.mkOption {

     

       226
       +
               type = lib.types.str;

     

       227
       +
               default = lib.getIcon cfg.webBrowser.package;

     

       228
       +
               description = "The icon name for the default web browser.";

     

       229
        
             };

     

       230
        
           };

     

       231
        
         };

     
···

       306
        
             };

     

       307
        
       

     

       308
        
             desktopEntries = let

     

       309
       +
               mkDefaultEntry = name: exec: terminal: icon: {

     

       310
        
                 exec = "${exec} %U";

     

       311
       +
                 icon =

     

       312
       +
                   if icon != ""

     

       313
       +
                   then icon

     

       314
       +
                   else "${builtins.baseNameOf exec}";

     

       315
        
                 name = "Default ${name}";

     

       316
       +
                 inherit terminal;

     

       317
        
       

     

       318
        
                 settings = {

     

       319
        
                   NoDisplay = "true";

     
···

       321
        
               };

     

       322
        
             in

     

       323
        
               lib.mkIf cfg.forceMimeAssociations {

     

       324
       +
                 defaultAudioPlayer =

     

       325
       +
                   mkDefaultEntry "Audio Player" cfg.audioPlayer.exec cfg.audioPlayer.terminal cfg.audioPlayer.icon;

     

       326
       +
                 defaultEditor =

     

       327
       +
                   mkDefaultEntry "Editor" cfg.editor.exec cfg.editor.terminal cfg.editor.icon;

     

       328
       +
                 defaultFileManager =

     

       329
       +
                   mkDefaultEntry "File Manager" cfg.fileManager.exec cfg.fileManager.terminal cfg.fileManager.icon;

     

       330
       +
                 defaultImageViewer =

     

       331
       +
                   mkDefaultEntry "Image Viewer" cfg.imageViewer.exec false cfg.imageViewer.icon;

     

       332
       +
                 defaultPdfViewer =

     

       333
       +
                   mkDefaultEntry "PDF Viewer" cfg.pdfViewer.exec cfg.pdfViewer.terminal cfg.pdfViewer.icon;

     

       334
       +
                 defaultVideoPlayer =

     

       335
       +
                   mkDefaultEntry "Video Player" cfg.videoPlayer.exec false cfg.videoPlayer.icon;

     

       336
       +
                 defaultWebBrowser =

     

       337
       +
                   mkDefaultEntry "Web Browser" cfg.webBrowser.exec false cfg.webBrowser.icon;

     

       338
       +
                 defaultArchiveViewer =

     

       339
       +
                   mkDefaultEntry "Archive Viewer" cfg.archiveViewer.exec false cfg.archiveViewer.icon;

     

       340
        
               };

     

       341
        
           };

     

       342
        
         };

+30 -10

modules/home/profiles/defaultApps/mimeTypes.nix

···

       82
        
         ];

     

       83
        
       

     

       84
        
         browserFiles = [

     

       85
       -
           "application/vnd.mozilla.xul+xml"

     

       86
       -
           "application/x-extension-htm"

     

       87
       -
           "application/x-extension-html"

     

       88
       -
           "application/x-extension-shtml"

     

       89
       -
           "application/x-extension-xht"

     

       90
       -
           "application/x-extension-xhtml"

     

       91
       -
           "application/xhtml+xml"

     

       92
       -
           "text/html"

     

       93
       -
           "text/xml"

     

       94
        
           "x-scheme-handler/chrome"

     

       95
        
           "x-scheme-handler/ftp"

     

       96
        
           "x-scheme-handler/http"

     
···

       136
        
         ];

     

       137
        
       

     

       138
        
         editorFiles = [

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       139
        
           "application/json"

     

       140
       -
           "application/x-shellscript"

     

       141
        
           "application/x-shellscript"

     

       142
        
           "text/markdown"

     

       143
        
           "text/plain"

     

       144
        
           "text/x-python"

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       145
        
         ];

     

       146
        
       

     

       147
        
         imageFiles = [

···

       82
        
         ];

     

       83
        
       

     

       84
        
         browserFiles = [

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       85
        
           "x-scheme-handler/chrome"

     

       86
        
           "x-scheme-handler/ftp"

     

       87
        
           "x-scheme-handler/http"

     
···

       127
        
         ];

     

       128
        
       

     

       129
        
         editorFiles = [

     

       130
       +
           "application/vnd.mozilla.xul+xml"

     

       131
       +
           "application/x-extension-htm"

     

       132
       +
           "application/x-extension-html"

     

       133
       +
           "application/x-extension-shtml"

     

       134
       +
           "application/x-extension-xht"

     

       135
       +
           "application/x-extension-xhtml"

     

       136
       +
           "application/xhtml+xml"

     

       137
       +
           "text/html"

     

       138
       +
           "text/xml"

     

       139
       +
       

     

       140
        
           "application/json"

     

       0
        
       
     

       141
        
           "application/x-shellscript"

     

       142
        
           "text/markdown"

     

       143
        
           "text/plain"

     

       144
        
           "text/x-python"

     

       145
       +
           "text/x-typescript"

     

       146
       +
           "text/x-javascript"

     

       147
       +
           "text/x-svelte"

     

       148
       +
           "text/css"

     

       149
       +
           "text/x-lua"

     

       150
       +
           "text/x-nix"

     

       151
       +
           "text/x-scss"

     

       152
       +
           "application/toml"

     

       153
       +
           "text/x-zig"

     

       154
       +
           "text/x-gleam"

     

       155
       +
           "text/x-glsl"

     

       156
       +
           "text/x-gdscript"

     

       157
       +
           "text/x-vue"

     

       158
       +
           "text/x-go"

     

       159
       +
           "text/x-rust"

     

       160
       +
           "text/x-makefile"

     

       161
       +
           "text/x-fish"

     

       162
       +
           "text/x-elixir"

     

       163
       +
           "text/html"

     

       164
       +
           "application/x-yaml"

     

       165
        
         ];

     

       166
        
       

     

       167
        
         imageFiles = [

+47

modules/home/profiles/fixMimeTypes/default.nix

···

       1
       +
       {

     

       2
       +
         lib,

     

       3
       +
         pkgs,

     

       4
       +
         config,

     

       5
       +
         ...

     

       6
       +
       }: let

     

       7
       +
         cfg = config.myHome.profiles.fixMimeTypes;

     

       8
       +
       

     

       9
       +
         xml = pkgs.formats.xml {};

     

       10
       +
       

     

       11
       +
         # thank you chatgpt ig

     

       12
       +
         makeMimeFile = {

     

       13
       +
           type, # e.g. "text/x-typescript"

     

       14
       +
           comment, # e.g. "TypeScript source file"

     

       15
       +
           globs, # list of patterns: [ "*.ts" "*.tsx" ]

     

       16
       +
         }:

     

       17
       +
           xml.generate (builtins.replaceStrings ["/"] ["_"] "${type}.xml") {

     

       18
       +
             "mime-info" = {

     

       19
       +
               "@xmlns" = "http://www.freedesktop.org/standards/shared-mime-info";

     

       20
       +
               "mime-type" = {

     

       21
       +
                 "@type" = type;

     

       22
       +
                 comment = comment;

     

       23
       +
                 glob = map (pattern: {"@pattern" = pattern;}) globs;

     

       24
       +
               };

     

       25
       +
             };

     

       26
       +
           };

     

       27
       +
       in {

     

       28
       +
         options.myHome.profiles.fixMimeTypes = {

     

       29
       +
           enable = lib.mkEnableOption "mimetypes are dumb and they don't always register the right formats";

     

       30
       +
         };

     

       31
       +
       

     

       32
       +
         config = lib.mkIf cfg.enable {

     

       33
       +
           xdg.dataFile = {

     

       34
       +
             "mime/packages/typescript.xml".source = makeMimeFile {

     

       35
       +
               type = "text/x-typescript";

     

       36
       +
               comment = "TypeScript source file";

     

       37
       +
               globs = ["*.ts" "*.tsx" "*.mts" "*.cts"];

     

       38
       +
             };

     

       39
       +
       

     

       40
       +
             "mime/packages/svelte.xml".source = makeMimeFile {

     

       41
       +
               type = "text/x-svelte";

     

       42
       +
               comment = "Svelte source file";

     

       43
       +
               globs = ["*.svelte" "*.svelte.ts" "*.svelte.js"];

     

       44
       +
             };

     

       45
       +
           };

     

       46
       +
         };

     

       47
       +
       }

+6 -1

modules/home/profiles/shell/default.nix

···

       20
        
               l = "eza -lah";

     

       21
        
               tree = "eza --tree";

     

       22
        
               top = "btop";

     

       23
       -
               npm = "pnpm";

     

       24
        
               ytmusic = "yt-dlp -f 251 --remux-video opus --embed-metadata --embed-thumbnail -o \"%(album)s/%(disc_number>0)s%(disc_number)02d-%(track_number)02d %(title)s.%(ext)s\"";

     

       25
        
             };

     

       26
        
           };

     
···

       78
        
             zellij = {

     

       79
        
               enable = true;

     

       80
        
               enableFishIntegration = false;

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       81
        
             };

     

       82
        
       

     

       83
        
             zoxide = {

···

       20
        
               l = "eza -lah";

     

       21
        
               tree = "eza --tree";

     

       22
        
               top = "btop";

     

       23
       +
               cat = "bat -p -P";

     

       24
        
               ytmusic = "yt-dlp -f 251 --remux-video opus --embed-metadata --embed-thumbnail -o \"%(album)s/%(disc_number>0)s%(disc_number)02d-%(track_number)02d %(title)s.%(ext)s\"";

     

       25
        
             };

     

       26
        
           };

     
···

       78
        
             zellij = {

     

       79
        
               enable = true;

     

       80
        
               enableFishIntegration = false;

     

       81
       +
               settings = {

     

       82
       +
                 theme = "onedark";

     

       83
       +
                 default_shell = "fish";

     

       84
       +
                 show_startup_tips = false;

     

       85
       +
               };

     

       86
        
             };

     

       87
        
       

     

       88
        
             zoxide = {

-181

modules/home/programs/chromium/default.nix

···

       1
       -
       # https://github.com/isabelroses/dotfiles/blob/ed6d3765ffb7dcfe67540f111f23d51a0d9617d5/modules/home/programs/chromium.nix#L16

     

       2
       -
       {

     

       3
       -
         config,

     

       4
       -
         lib,

     

       5
       -
         pkgs,

     

       6
       -
         ...

     

       7
       -
       }: let

     

       8
       -
         inherit

     

       9
       -
           (lib)

     

       10
       -
           concatLists

     

       11
       -
           concatMapStrings

     

       12
       -
           enableFeature

     

       13
       -
           ;

     

       14
       -
       in {

     

       15
       -
         options.myHome.programs.chromium.enable = lib.mkEnableOption "chromium web browser";

     

       16
       -
       

     

       17
       -
         config = lib.mkIf config.myHome.programs.chromium.enable {

     

       18
       -
           programs.chromium = {

     

       19
       -
             enable = true;

     

       20
       -
       

     

       21
       -
             extensions = [

     

       22
       -
               {id = "ddkjiahejlhfcafbddmgiahcphecmpfh";} # ublock origin lite

     

       23
       -
               {id = "mdjildafknihdffpkfmmpnpoiajfjnjd";} # consent-o-matic

     

       24
       -
               {id = "clngdbkpkpeebahjckkjfobafhncgmne";} # stylus

     

       25
       -
               {id = "oboonakemofpalcgghocfoadofidjkkk";} # keepassxc

     

       26
       -
               {id = "jinjaccalgkegednnccohejagnlnfdag";} # violentmonkey

     

       27
       -
               {id = "nngceckbapebfimnlniiiahkandclblb";} # bitwarden

     

       28
       -
       

     

       29
       -
               rec {

     

       30
       -
                 id = "oladmjdebphlnjjcnomfhhbfdldiimaf"; # libredirect

     

       31
       -
                 version = "3.2.0";

     

       32
       -
       

     

       33
       -
                 crxPath = pkgs.fetchurl {

     

       34
       -
                   url = "https://github.com/libredirect/browser_extension/releases/download/v${version}/libredirect-${version}.crx";

     

       35
       -
                   sha256 = "sha256-Neja0pJ7rMV+riINeMcWxU2SzZ+ZETp6bV1MaYLHz1Y=";

     

       36
       -
                 };

     

       37
       -
               }

     

       38
       -
       

     

       39
       -
               rec {

     

       40
       -
                 id = "lkbebcjgcmobigpeffafkodonchffocl"; # bypass-paywalls-clean

     

       41
       -
                 version = "4.1.8.0";

     

       42
       -
       

     

       43
       -
                 crxPath = pkgs.fetchurl {

     

       44
       -
                   url = "https://gitflic.ru/project/magnolia1234/bpc_uploads/blob/raw?file=bypass-paywalls-chrome-clean-${version}.crx";

     

       45
       -
                   sha256 = "sha256-BRpwrV8AN1eOG2IXfk24gyEd8OzwK1BJqDdoxlgX8o4=";

     

       46
       -
                 };

     

       47
       -
               }

     

       48
       -
             ];

     

       49
       -
       

     

       50
       -
             package = pkgs.chromium.override {

     

       51
       -
               enableWideVine = true;

     

       52
       -
       

     

       53
       -
               # https://github.com/secureblue/hardened-chromium

     

       54
       -
               # https://github.com/secureblue/secureblue/blob/e500f078efc5748d5033a881bbbcdcd2de95a813/files/system/usr/etc/chromium/chromium.conf.md

     

       55
       -
               commandLineArgs = concatLists [

     

       56
       -
                 # Aesthetics

     

       57
       -
                 [

     

       58
       -
                   "--gtk-version=4"

     

       59
       -
                 ]

     

       60
       -
       

     

       61
       -
                 # Performance

     

       62
       -
                 [

     

       63
       -
                   (enableFeature true "gpu-rasterization")

     

       64
       -
                   (enableFeature true "oop-rasterization")

     

       65
       -
                   (enableFeature true "zero-copy")

     

       66
       -
                   "--ignore-gpu-blocklist"

     

       67
       -
                 ]

     

       68
       -
       

     

       69
       -
                 # Wayland

     

       70
       -
                 [

     

       71
       -
                   "--ozone-platform=wayland"

     

       72
       -
                   "--enable-features=UseOzonePlatform"

     

       73
       -
                 ]

     

       74
       -
       

     

       75
       -
                 # Etc

     

       76
       -
                 [

     

       77
       -
                   "--disk-cache=$XDG_RUNTIME_DIR/chromium-cache"

     

       78
       -
                   (enableFeature false "reading-from-canvas")

     

       79
       -
                   "--no-first-run"

     

       80
       -
                   "--disable-wake-on-wifi"

     

       81
       -
                   "--disable-breakpad"

     

       82
       -
       

     

       83
       -
                   # please stop asking me to be the default browser

     

       84
       -
                   "--no-default-browser-check"

     

       85
       -
       

     

       86
       -
                   # I don't need these, thus I disable them

     

       87
       -
                   (enableFeature false "speech-api")

     

       88
       -
                   (enableFeature false "speech-synthesis-api")

     

       89
       -
                 ]

     

       90
       -
       

     

       91
       -
                 # Security

     

       92
       -
                 [

     

       93
       -
                   # Use strict extension verification

     

       94
       -
                   "--extension-content-verification=enforce_strict"

     

       95
       -
                   "--extensions-install-verification=enforce_strict"

     

       96
       -
                   # Disable pings

     

       97
       -
                   "--no-pings"

     

       98
       -
                   # Require HTTPS for component updater

     

       99
       -
                   "--component-updater=require_encryption"

     

       100
       -
                   # Disable crash upload

     

       101
       -
                   "--no-crash-upload"

     

       102
       -
                   # don't run things without asking

     

       103
       -
                   "--no-service-autorun"

     

       104
       -
                   # Disable sync

     

       105
       -
                   "--disable-sync"

     

       106
       -
       

     

       107
       -
                   (

     

       108
       -
                     "--enable-features="

     

       109
       -
                     + concatMapStrings (x: x + ",") [

     

       110
       -
                       # Enable visited link database partitioning

     

       111
       -
                       "PartitionVisitedLinkDatabase"

     

       112
       -
                       # Enable prefetch privacy changes

     

       113
       -
                       "PrefetchPrivacyChanges"

     

       114
       -
                       # Enable split cache

     

       115
       -
                       "SplitCacheByNetworkIsolationKey"

     

       116
       -
                       "SplitCodeCacheByNetworkIsolationKey"

     

       117
       -
                       # Enable partitioning connections

     

       118
       -
                       "EnableCrossSiteFlagNetworkIsolationKey"

     

       119
       -
                       "HttpCacheKeyingExperimentControlGroup"

     

       120
       -
                       "PartitionConnectionsByNetworkIsolationKey"

     

       121
       -
                       # Enable strict origin isolation

     

       122
       -
                       "StrictOriginIsolation"

     

       123
       -
                       # Enable reduce accept language header

     

       124
       -
                       "ReduceAcceptLanguage"

     

       125
       -
                       # Enable content settings partitioning

     

       126
       -
                       "ContentSettingsPartitioning"

     

       127
       -
                       # i like moving pages with my touchpad...

     

       128
       -
                       "TouchpadOverscrollHistoryNavigation"

     

       129
       -
                     ]

     

       130
       -
                   )

     

       131
       -
       

     

       132
       -
                   (

     

       133
       -
                     "--disable-features="

     

       134
       -
                     + concatMapStrings (x: x + ",") [

     

       135
       -
                       # Disable autofill

     

       136
       -
                       "AutofillPaymentCardBenefits"

     

       137
       -
                       "AutofillPaymentCvcStorage"

     

       138
       -
                       "AutofillPaymentCardBenefits"

     

       139
       -
                       # Disable third-party cookie deprecation bypasses

     

       140
       -
                       "TpcdHeuristicsGrants"

     

       141
       -
                       "TpcdMetadataGrants"

     

       142
       -
                       # Disable hyperlink auditing

     

       143
       -
                       "EnableHyperlinkAuditing"

     

       144
       -
                       # Disable showing popular sites

     

       145
       -
                       "NTPPopularSitesBakedInContent"

     

       146
       -
                       "UsePopularSitesSuggestions"

     

       147
       -
                       # Disable article suggestions

     

       148
       -
                       "EnableSnippets"

     

       149
       -
                       "ArticlesListVisible"

     

       150
       -
                       "EnableSnippetsByDse"

     

       151
       -
                       # Disable content feed suggestions

     

       152
       -
                       "InterestFeedV2"

     

       153
       -
                       # Disable media DRM preprovisioning

     

       154
       -
                       "MediaDrmPreprovisioning"

     

       155
       -
                       # Disable autofill server communication

     

       156
       -
                       "AutofillServerCommunication"

     

       157
       -
                       # Disable new privacy sandbox features

     

       158
       -
                       "PrivacySandboxSettings4"

     

       159
       -
                       "BrowsingTopics"

     

       160
       -
                       "BrowsingTopicsDocumentAPI"

     

       161
       -
                       "BrowsingTopicsParameters"

     

       162
       -
                       # Disable translate button

     

       163
       -
                       "AdaptiveButtonInTopToolbarTranslate"

     

       164
       -
                       # Disable detailed language settings

     

       165
       -
                       "DetailedLanguageSettings"

     

       166
       -
                       # Disable fetching optimization guides

     

       167
       -
                       "OptimizationHintsFetching"

     

       168
       -
                       # Partition third-party storage

     

       169
       -
                       "DisableThirdPartyStoragePartitioningDeprecationTrial2"

     

       170
       -
       

     

       171
       -
                       # Disable media engagement

     

       172
       -
                       "PreloadMediaEngagementData"

     

       173
       -
                       "MediaEngagementBypassAutoplayPolicies"

     

       174
       -
                     ]

     

       175
       -
                   )

     

       176
       -
                 ]

     

       177
       -
               ];

     

       178
       -
             };

     

       179
       -
           };

     

       180
       -
         };

     

       181
       -
       }

+2 -2

modules/home/programs/default.nix

···

       2
        
         imports = [

     

       3
        
           ./anki

     

       4
        
           ./aria2

     

       5
       -
           ./chromium

     

       6
        
           ./fastfetch

     

       7
        
           ./firefox

     

       0
        
       
     

       8
        
           ./helix

     

       0
        
       
     

       9
        
           ./lutris

     

       10
        
           ./git

     

       11
        
           ./micro

     

       12
        
           ./mpv

     

       13
        
           ./ssh

     

       14
        
           ./zed-editor

     

       15
       -
           ./zen-browser

     

       16
        
         ];

     

       17
        
       }

···

       2
        
         imports = [

     

       3
        
           ./anki

     

       4
        
           ./aria2

     

       0
        
       
     

       5
        
           ./fastfetch

     

       6
        
           ./firefox

     

       7
       +
           ./helium

     

       8
        
           ./helix

     

       9
       +
           ./jujutsu

     

       10
        
           ./lutris

     

       11
        
           ./git

     

       12
        
           ./micro

     

       13
        
           ./mpv

     

       14
        
           ./ssh

     

       15
        
           ./zed-editor

     

       0
        
       
     

       16
        
         ];

     

       17
        
       }

+21 -21

modules/home/programs/firefox/default.nix

···

       1
        
       {

     

       2
        
         lib,

     

       3
        
         config,

     

       4
       -
         pkgs,

     

       5
       -
         self,

     

       6
        
         ...

     

       7
        
       }: {

     

       8
        
         options.myHome.programs.firefox = {

     

       9
        
           enable = lib.mkEnableOption "firefox web browser";

     

       10
        
           mode = lib.mkOption {

     

       11
       -
             type = lib.types.enum ["onebar" "sidebar" "default"];

     

       12
       -
             default = "onebar";

     

       13
        
             description = "Firefox UI mode";

     

       14
        
           };

     

       15
        
         };

     
···

       21
        
             config.mySnippets.firefox-based.userConfig

     

       22
        
           )

     

       23
        
       

     

       24
       -
           (lib.mkIf

     

       25
       -
             (config.myHome.programs.firefox.mode == "onebar")

     

       26
       -
             {

     

       27
       -
               profiles.default = {

     

       28
       -
                 settings = {

     

       29
       -
                   "onebar.collapse-URLbar" = true;

     

       30
       -
                   "onebar.conditional-navigation-buttons" = false;

     

       31
       -
                   "onebar.hide-all-URLbar-icons" = true;

     

       32
       -
                 };

     

       33
       -
       

     

       34
       -
                 userChrome = builtins.readFile self.inputs.firefox-onebar;

     

       35
       -
       

     

       36
       -
                 extensions.packages = with pkgs.nur.repos.rycee.firefox-addons; [

     

       37
       -
                   adaptive-tab-bar-colour

     

       38
       -
                 ];

     

       39
       -
               };

     

       40
       -
             })

     

       41
        
       

     

       42
        
           (

     

       43
        
             if (config.myHome.programs.firefox.mode == "sidebar")

···

       1
        
       {

     

       2
        
         lib,

     

       3
        
         config,

     

       4
       +
         #pkgs,

     

       5
       +
         #self,

     

       6
        
         ...

     

       7
        
       }: {

     

       8
        
         options.myHome.programs.firefox = {

     

       9
        
           enable = lib.mkEnableOption "firefox web browser";

     

       10
        
           mode = lib.mkOption {

     

       11
       +
             type = lib.types.enum ["sidebar" "default"];

     

       12
       +
             default = "sidebar";

     

       13
        
             description = "Firefox UI mode";

     

       14
        
           };

     

       15
        
         };

     
···

       21
        
             config.mySnippets.firefox-based.userConfig

     

       22
        
           )

     

       23
        
       

     

       24
       +
           #(lib.mkIf

     

       25
       +
           #  (config.myHome.programs.firefox.mode == "onebar")

     

       26
       +
           #  {

     

       27
       +
           #    profiles.default = {

     

       28
       +
           #      settings = {

     

       29
       +
           #        "onebar.collapse-URLbar" = true;

     

       30
       +
           #        "onebar.conditional-navigation-buttons" = false;

     

       31
       +
           #        "onebar.hide-all-URLbar-icons" = true;

     

       32
       +
           #      };

     

       33
       +
           #

     

       34
       +
           #      userChrome = builtins.readFile self.inputs.firefox-onebar;

     

       35
       +
           #

     

       36
       +
           #      extensions.packages = with pkgs.nur.repos.rycee.firefox-addons; [

     

       37
       +
           #        adaptive-tab-bar-colour

     

       38
       +
           #      ];

     

       39
       +
           #    };

     

       40
       +
           #  })

     

       41
        
       

     

       42
        
           (

     

       43
        
             if (config.myHome.programs.firefox.mode == "sidebar")

+2 -3

modules/home/programs/git/default.nix

···

       9
        
         config = lib.mkIf config.myHome.programs.git.enable {

     

       10
        
           programs.git = {

     

       11
        
             enable = true;

     

       12
       -
             userName = "ayla";

     

       13
       -
             userEmail = "ayla-git.barcode041@silomails.com";

     

       14
        
             signing = {

     

       15
        
               format = "ssh";

     

       16
        
               key = "~/.ssh/id_ed25519";

     

       17
        
               signByDefault = true;

     

       18
        
             };

     

       19
       -
             extraConfig = {

     

       0
        
       
     

       20
        
               color.ui = true;

     

       21
        
               github.user = "ayla6";

     

       22
        
               init = {

···

       9
        
         config = lib.mkIf config.myHome.programs.git.enable {

     

       10
        
           programs.git = {

     

       11
        
             enable = true;

     

       0
        
       
     

       0
        
       
     

       12
        
             signing = {

     

       13
        
               format = "ssh";

     

       14
        
               key = "~/.ssh/id_ed25519";

     

       15
        
               signByDefault = true;

     

       16
        
             };

     

       17
       +
             settings = {

     

       18
       +
               inherit (config.mySnippets.git) user;

     

       19
        
               color.ui = true;

     

       20
        
               github.user = "ayla6";

     

       21
        
               init = {

+85

modules/home/programs/helium/default.nix

···

       1
       +
       # https://github.com/isabelroses/dotfiles/blob/ed6d3765ffb7dcfe67540f111f23d51a0d9617d5/modules/home/programs/chromium.nix#L16

     

       2
       +
       {

     

       3
       +
         config,

     

       4
       +
         lib,

     

       5
       +
         pkgs,

     

       6
       +
         ...

     

       7
       +
       }: let

     

       8
       +
         inherit

     

       9
       +
           (lib)

     

       10
       +
           concatLists

     

       11
       +
           enableFeature

     

       12
       +
           ;

     

       13
       +
       in {

     

       14
       +
         options.myHome.programs.helium.enable = lib.mkEnableOption "helium web browser";

     

       15
       +
       

     

       16
       +
         config = lib.mkIf config.myHome.programs.helium.enable {

     

       17
       +
           programs.helium = {

     

       18
       +
             enable = true;

     

       19
       +
       

     

       20
       +
             extensions = [

     

       21
       +
               {id = "mdjildafknihdffpkfmmpnpoiajfjnjd";} # consent-o-matic

     

       22
       +
               {id = "clngdbkpkpeebahjckkjfobafhncgmne";} # stylus

     

       23
       +
               {id = "jinjaccalgkegednnccohejagnlnfdag";} # violentmonkey

     

       24
       +
               {id = "nngceckbapebfimnlniiiahkandclblb";} # bitwarden

     

       25
       +
               {id = "mnjggcdmjocbbbhaepdhchncahnbgone";} # sponsorblock

     

       26
       +
               {id = "pncfbmialoiaghdehhbnbhkkgmjanfhe";} # ublacklist

     

       27
       +
       

     

       28
       +
               rec {

     

       29
       +
                 id = "oladmjdebphlnjjcnomfhhbfdldiimaf"; # libredirect

     

       30
       +
                 version = "3.2.0";

     

       31
       +
       

     

       32
       +
                 crxPath = pkgs.fetchurl {

     

       33
       +
                   url = "https://github.com/libredirect/browser_extension/releases/download/v${version}/libredirect-${version}.crx";

     

       34
       +
                   sha256 = "sha256-Neja0pJ7rMV+riINeMcWxU2SzZ+ZETp6bV1MaYLHz1Y=";

     

       35
       +
                 };

     

       36
       +
               }

     

       37
       +
       

     

       38
       +
               rec {

     

       39
       +
                 id = "lkbebcjgcmobigpeffafkodonchffocl"; # bypass-paywalls-clean

     

       40
       +
                 version = "4.2.0.0";

     

       41
       +
       

     

       42
       +
                 crxPath = pkgs.fetchurl {

     

       43
       +
                   url = "https://gitflic.ru/project/magnolia1234/bpc_uploads/blob/raw?file=bypass-paywalls-chrome-clean-${version}.crx";

     

       44
       +
                   sha256 = "sha256-B++3RussuUv3AtDi2MnZH+SojCPOMnOXWW8GI3pI8lk=";

     

       45
       +
                 };

     

       46
       +
               }

     

       47
       +
             ];

     

       48
       +
       

     

       49
       +
             package = pkgs.helium.override {

     

       50
       +
               # https://github.com/secureblue/hardened-chromium

     

       51
       +
               # https://github.com/secureblue/secureblue/blob/e500f078efc5748d5033a881bbbcdcd2de95a813/files/system/usr/etc/chromium/chromium.conf.md

     

       52
       +
               commandLineArgs = concatLists [

     

       53
       +
                 # Aesthetics

     

       54
       +
                 [

     

       55
       +
                   "--gtk-version=4"

     

       56
       +
                 ]

     

       57
       +
       

     

       58
       +
                 # Wayland

     

       59
       +
                 [

     

       60
       +
                   "--ozone-platform=wayland"

     

       61
       +
                   "--enable-features=UseOzonePlatform"

     

       62
       +
                 ]

     

       63
       +
       

     

       64
       +
                 # Performance

     

       65
       +
                 [

     

       66
       +
                   (enableFeature true "gpu-rasterization")

     

       67
       +
                   (enableFeature true "oop-rasterization")

     

       68
       +
                   (enableFeature true "zero-copy")

     

       69
       +
                   "--ignore-gpu-blocklist"

     

       70
       +
                 ]

     

       71
       +
       

     

       72
       +
                 # Etc

     

       73
       +
                 [

     

       74
       +
                   "--disk-cache=$XDG_RUNTIME_DIR/helium-cache"

     

       75
       +
                   "--no-first-run"

     

       76
       +
                   "--disable-wake-on-wifi"

     

       77
       +
                   "--disable-breakpad"

     

       78
       +
                   "--no-default-browser-check"

     

       79
       +
                   "--enable-features=TouchpadOverscrollHistoryNavigation"

     

       80
       +
                 ]

     

       81
       +
               ];

     

       82
       +
             };

     

       83
       +
           };

     

       84
       +
         };

     

       85
       +
       }

+60 -115

modules/home/programs/helix/default.nix

···

       1
        
       {

     

       2
        
         config,

     

       3
        
         lib,

     

       4
       -
         pkgs,

     

       5
        
         ...

     

       6
       -
       }: {

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       7
        
         options.myHome.programs.helix.enable = lib.mkEnableOption "helix";

     

       8
        
       

     

       9
        
         config = lib.mkIf config.myHome.programs.helix.enable {

     
···

       74
        
                 };

     

       75
        
               };

     

       76
        
             };

     

       0
        
       
     

       77
        
             languages = {

     

       78
       -
               language-server = {

     

       79
       -
                 bash-language-server = {

     

       80
       -
                   command = "bash-language-server";

     

       81
       -
                   args = ["start"];

     

       82
       -
                 };

     

       83
       -
       

     

       84
       -
                 vscode-css-languageserver = {

     

       85
       -
                   command = lib.getExe pkgs.vscode-css-languageserver;

     

       86
       -
                   args = ["--stdio"];

     

       87
       -
                 };

     

       88
       -
       

     

       89
       -
                 fish-lsp = {

     

       90
       -
                   command = lib.getExe pkgs.fish-lsp;

     

       91
       -
                   args = ["--stdio"];

     

       92
       -
                 };

     

       93
       -
       

     

       94
       -
                 lua-language-server = {

     

       95
       -
                   command = lib.getExe pkgs.lua-language-server;

     

       96
       -
                   args = ["--stdio"];

     

       97
       -
                 };

     

       98
       -
       

     

       99
       -
                 marksman = {

     

       100
       -
                   command = lib.getExe pkgs.marksman;

     

       101
       -
                   args = ["--stdio"];

     

       102
       -
                 };

     

       103
       -
       

     

       104
       -
                 nixd = {

     

       105
       -
                   command = lib.getExe pkgs.nixd;

     

       106
       -
                 };

     

       107
       -
       

     

       108
       -
                 vscode-json-languageserver = {

     

       109
       -
                   command = lib.getExe pkgs.vscode-json-languageserver;

     

       110
       -
                   args = ["--stdio"];

     

       111
       -
                 };

     

       112
       -
       

     

       113
       -
                 typescript-language-server = with pkgs.nodePackages; {

     

       114
       -
                   command = "${typescript-language-server}/bin/typescript-language-server";

     

       115
       -
                   args = ["--stdio" "--tsserver-path=${typescript}/lib/node_modules/typescript/lib"];

     

       116
       -
                 };

     

       117
       -
       

     

       118
       -
                 superhtml = {

     

       119
       -
                   command = lib.getExe pkgs.superhtml;

     

       120
       -
                   args = ["--stdio"];

     

       121
       -
                 };

     

       122
       -
               };

     

       123
       -
       

     

       124
       -
               language = [

     

       125
       -
                 {

     

       126
       -
                   name = "bash";

     

       127
       -
                   auto-format = true;

     

       128
       -
                   file-types = ["sh" "bash" "dash" "ksh" "mksh"];

     

       129
       -
       

     

       130
       -
                   formatter = {

     

       131
       -
                     command = lib.getExe pkgs.shfmt;

     

       132
       -
                     args = ["-i" "2"];

     

       133
       -
                   };

     

       134
       -
       

     

       135
       -
                   language-servers = ["bash-language-server"];

     

       136
       -
                 }

     

       137
       -
                 {

     

       138
       -
                   name = "css";

     

       139
       -
                   auto-format = true;

     

       140
       -
                   formatter = {command = lib.getExe pkgs.prettier;};

     

       141
       -
                   language-servers = ["vscode-css-languageserver"];

     

       142
       -
                 }

     

       143
       -
                 {

     

       144
       -
                   name = "fish";

     

       145
       -
                   auto-format = true;

     

       146
       -
                   language-servers = ["fish-lsp"];

     

       147
       -
                 }

     

       148
       -
                 {

     

       149
       -
                   name = "html";

     

       150
       -
                   auto-format = true;

     

       151
       -
                   formatter = {command = lib.getExe pkgs.prettier;};

     

       152
       -
                   language-servers = ["superhtml"];

     

       153
       -
                 }

     

       154
       -
                 {

     

       155
       -
                   name = "javascript";

     

       156
       -
                   auto-format = true;

     

       157
       -
                   formatter = {command = lib.getExe pkgs.prettier;};

     

       158
       -
                   language-servers = ["typescript-language-server"];

     

       159
       -
                 }

     

       160
       -
                 {

     

       161
       -
                   name = "json";

     

       162
       -
                   auto-format = true;

     

       163
       -
                   formatter = {command = lib.getExe pkgs.prettier;};

     

       164
       -
                   language-servers = ["vscode-json-languageserver"];

     

       165
       -
                 }

     

       166
       -
                 {

     

       167
       -
                   name = "lua";

     

       168
       -
                   auto-format = true;

     

       169
       -
                   formatter = {command = lib.getExe pkgs.stylua;};

     

       170
       -
                   language-servers = ["lua-language-server"];

     

       171
       -
                 }

     

       172
       -
                 {

     

       173
       -
                   name = "markdown";

     

       174
       -
                   auto-format = true;

     

       175
       -
                   formatter = {command = lib.getExe pkgs.mdformat;};

     

       176
       -
                   language-servers = ["marksman"];

     

       177
       -
                 }

     

       178
       -
                 {

     

       179
       -
                   name = "nix";

     

       180
       -
                   auto-format = true;

     

       181
       -
                   formatter = {command = lib.getExe pkgs.alejandra;};

     

       182
       -
                   language-servers = ["nixd"];

     

       183
       -
                 }

     

       184
       -
                 {

     

       185
       -
                   name = "typescript";

     

       186
       -
                   auto-format = true;

     

       187
       -
                   formatter = {command = lib.getExe pkgs.prettier;};

     

       188
       -
                   language-servers = ["typescript-language-server"];

     

       189
       -
                 }

     

       190
       -
               ];

     

       191
        
             };

     

       192
        
           };

     

       193
        
         };

···

       1
        
       {

     

       2
        
         config,

     

       3
        
         lib,

     

       0
        
       
     

       4
        
         ...

     

       5
       +
       }: let

     

       6
       +
         editorCfg = config.mySnippets.editor;

     

       7
       +
       

     

       8
       +
         mkHelixServer = name: srv:

     

       9
       +
           lib.filterAttrs (_: v: v != null) {

     

       10
       +
             inherit name;

     

       11
       +
             command =

     

       12
       +
               if srv.helix-command != null

     

       13
       +
               then srv.helix-command

     

       14
       +
               else srv.command;

     

       15
       +
             args = srv.args or null;

     

       16
       +
             config = srv.config or null;

     

       17
       +
           };

     

       18
       +
       

     

       19
       +
         mkHelixLanguage = name: lang: let

     

       20
       +
           # this shit is so ugly

     

       21
       +
           fmtName = lib.findFirst (x: x != null) null [

     

       22
       +
             (lang.helix-formatter or null)

     

       23
       +
             (lang.formatter or null)

     

       24
       +
           ];

     

       25
       +
       

     

       26
       +
           fmt =

     

       27
       +
             if fmtName != null

     

       28
       +
             then editorCfg.formatters.${fmtName}

     

       29
       +
             else null;

     

       30
       +
       

     

       31
       +
           usesLspFormatter = fmt == null || fmt.type == "lsp";

     

       32
       +
       

     

       33
       +
           formatter =

     

       34
       +
             if fmt != null && fmt.type == "external"

     

       35
       +
             then

     

       36
       +
               lib.filterAttrs (_: v: v != null) {

     

       37
       +
                 command = fmt.command;

     

       38
       +
                 args = fmt.args;

     

       39
       +
               }

     

       40
       +
             else null;

     

       41
       +
       

     

       42
       +
           fullLspList = lang.language-servers ++ lang.helix-only-language-servers;

     

       43
       +
       

     

       44
       +
           languageServers = map (srvName:

     

       45
       +
             lib.filterAttrs (_: v: v != null) {

     

       46
       +
               name = srvName;

     

       47
       +
               except-features =

     

       48
       +
                 if (usesLspFormatter && fmtName != null && srvName != fmtName)

     

       49
       +
                 then ["format"]

     

       50
       +
                 else null;

     

       51
       +
             })

     

       52
       +
           fullLspList;

     

       53
       +
         in

     

       54
       +
           lib.filterAttrs (_: v: v != null) {

     

       55
       +
             name = lang.name;

     

       56
       +
             auto-format = lang.auto-format;

     

       57
       +
             language-servers = languageServers;

     

       58
       +
             file-types = lang.file-types;

     

       59
       +
             inherit formatter;

     

       60
       +
           };

     

       61
       +
       in {

     

       62
        
         options.myHome.programs.helix.enable = lib.mkEnableOption "helix";

     

       63
        
       

     

       64
        
         config = lib.mkIf config.myHome.programs.helix.enable {

     
···

       129
        
                 };

     

       130
        
               };

     

       131
        
             };

     

       132
       +
       

     

       133
        
             languages = {

     

       134
       +
               language-server = lib.mapAttrs mkHelixServer editorCfg.languageServers;

     

       135
       +
               language = lib.attrValues (lib.mapAttrs mkHelixLanguage editorCfg.languages);

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       136
        
             };

     

       137
        
           };

     

       138
        
         };

+24

modules/home/programs/jujutsu/default.nix

···

       1
       +
       {

     

       2
       +
         lib,

     

       3
       +
         config,

     

       4
       +
         ...

     

       5
       +
       }: {

     

       6
       +
         options.myHome.programs.jujutsu.enable = lib.mkEnableOption "jujutsu version control";

     

       7
       +
       

     

       8
       +
         config = lib.mkIf config.myHome.programs.jujutsu.enable {

     

       9
       +
           programs.jjui = {

     

       10
       +
             enable = true;

     

       11
       +
           };

     

       12
       +
           programs.jujutsu = {

     

       13
       +
             enable = true;

     

       14
       +
             settings = {

     

       15
       +
               inherit (config.mySnippets.git) user;

     

       16
       +
               signing = {

     

       17
       +
                 behavior = "own";

     

       18
       +
                 backend = "ssh";

     

       19
       +
                 key = "~/.ssh/id_ed25519.pub";

     

       20
       +
               };

     

       21
       +
             };

     

       22
       +
           };

     

       23
       +
         };

     

       24
       +
       }

modules/home/programs/micro/default.nix

···

       13
        
               scrollspeed = 1;

     

       14
        
               tabsize = 2;

     

       15
        
               tabstospaces = true;

     

       0
        
       
     

       16
        
             };

     

       17
        
           };

     

       18
        
         };

···

       13
        
               scrollspeed = 1;

     

       14
        
               tabsize = 2;

     

       15
        
               tabstospaces = true;

     

       16
       +
               wordwrap = true;

     

       17
        
             };

     

       18
        
           };

     

       19
        
         };

modules/home/programs/ssh/default.nix

···

       20
        
             # in

     

       21
        
             #   rootMe "dewford";

     

       22
        
       

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       23
        
             package = pkgs.openssh;

     

       24
        
           };

     

       25
        
         };

···

       20
        
             # in

     

       21
        
             #   rootMe "dewford";

     

       22
        
       

     

       23
       +
             matchBlocks = {

     

       24
       +
               "knot.aylac.top" = {

     

       25
       +
                 user = "git";

     

       26
       +
                 # dont know if i can just link snippets knot here

     

       27
       +
                 hostname = "nanpi";

     

       28
       +
                 port = 2222;

     

       29
       +
               };

     

       30
       +
             };

     

       31
       +
       

     

       32
        
             package = pkgs.openssh;

     

       33
        
           };

     

       34
        
         };

+114 -64

modules/home/programs/zed-editor/default.nix

···

       1
        
       {

     

       2
        
         lib,

     

       3
        
         config,

     

       4
       -
         pkgs,

     

       5
        
         ...

     

       6
       -
       }: {

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       7
        
         options.myHome.programs.zed-editor.enable = lib.mkEnableOption "zed editor";

     

       8
        
       

     

       9
        
         config = lib.mkIf config.myHome.programs.zed-editor.enable {

     
···

       19
        
               "nix"

     

       20
        
               "scss"

     

       21
        
               "toml"

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       22
        
             ];

     

       23
        
             userSettings = {

     

       24
        
               auto_indent_on_paste = true;

     
···

       32
        
               preferred_line_length = 100;

     

       33
        
               soft_wrap = "preferred_line_length";

     

       34
        
       

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       35
        
               agent = {

     

       36
        
                 default_model = {

     

       37
        
                   provider = "google";

     
···

       44
        
                 default_profile = "ask";

     

       45
        
               };

     

       46
        
       

     

       47
       -
               languages = {

     

       48
       -
                 JavaScript = {

     

       49
       -
                   format_on_save = "on";

     

       0
        
       
     

       50
        
       

     

       51
       -
                   formatter = {

     

       52
       -
                     external = {

     

       53
       -
                       command = lib.getExe pkgs.prettier;

     

       54
       -
                       arguments = ["--stdin-filepath" "{buffer_path}"];

     

       55
       -
                     };

     

       56
       -
                   };

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       57
        
                 };

     

       58
       -
                 TypeScript = {

     

       59
       -
                   format_on_save = "on";

     

       60
       -
       

     

       61
       -
                   formatter = {

     

       62
       -
                     external = {

     

       63
       -
                       command = lib.getExe pkgs.prettier;

     

       64
       -
                       arguments = ["--stdin-filepath" "{buffer_path}"];

     

       65
       -
                     };

     

       66
       -
                   };

     

       0
        
       
     

       67
        
                 };

     

       68
       -
                 TSX = {

     

       69
       -
                   format_on_save = "on";

     

       70
       -
       

     

       71
       -
                   formatter = {

     

       72
       -
                     external = {

     

       73
       -
                       command = lib.getExe pkgs.prettier;

     

       74
       -
                       arguments = ["--stdin-filepath" "{buffer_path}"];

     

       75
       -
                     };

     

       76
       -
                   };

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       77
        
                 };

     

       78
       -
                 Nix = {

     

       79
       -
                   format_on_save = "on";

     

       80
       -
                   formatter = "language_server";

     

       81
       -
                   language_servers = [

     

       82
       -
                     "nixd"

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       83
        
                   ];

     

       84
        
                 };

     

       85
       -
                 JSON = {

     

       86
       -
                   format_on_save = "on";

     

       87
       -
       

     

       88
       -
                   formatter = {

     

       89
       -
                     external = {

     

       90
       -
                       command = lib.getExe pkgs.prettier;

     

       91
       -
                       arguments = ["--stdin-filepath" "{buffer_path}"];

     

       92
       -
                     };

     

       93
       -
                   };

     

       94
       -
                 };

     

       95
       -
                 CSS = {

     

       96
       -
                   format_on_save = "on";

     

       97
       -
       

     

       98
       -
                   formatter = {

     

       99
       -
                     external = {

     

       100
       -
                       command = lib.getExe pkgs.prettier;

     

       101
       -
                       arguments = ["--stdin-filepath" "{buffer_path}"];

     

       102
       -
                     };

     

       103
       -
                   };

     

       104
       -
                 };

     

       105
       -
               };

     

       106
       -
               lsp.nixd = {

     

       107
       -
                 binary.path = lib.getExe pkgs.nixd;

     

       108
       -
                 settings.formatting.command = [(lib.getExe pkgs.alejandra) "--quiet" "--"];

     

       109
       -
               };

     

       110
       -
               telemetry = {

     

       111
       -
                 diagnostics = false;

     

       112
       -
                 metrics = false;

     

       113
       -
               };

     

       114
       -
             };

     

       115
        
           };

     

       116
        
         };

     

       117
        
       }

···

       1
        
       {

     

       2
        
         lib,

     

       3
        
         config,

     

       0
        
       
     

       4
        
         ...

     

       5
       +
       }: let

     

       6
       +
         editorCfg = config.mySnippets.editor;

     

       7
       +
       

     

       8
       +
         mkZedFormatter = fmtName:

     

       9
       +
           if fmtName == null

     

       10
       +
           then "language_server"

     

       11
       +
           else let

     

       12
       +
             f = editorCfg.formatters.${fmtName};

     

       13
       +
           in

     

       14
       +
             if f.type == "external"

     

       15
       +
             then {

     

       16
       +
               external = {

     

       17
       +
                 command = f.command;

     

       18
       +
                 arguments = f.args or [];

     

       19
       +
               };

     

       20
       +
             }

     

       21
       +
             else if f.type == "lsp"

     

       22
       +
             then {language_server = {name = fmtName;};}

     

       23
       +
             else null;

     

       24
       +
       

     

       25
       +
         mkZedLanguage = name: lang:

     

       26
       +
           lib.filterAttrs (_: v: v != null) {

     

       27
       +
             formatter = mkZedFormatter lang.formatter;

     

       28
       +
             language_servers = lang.language-servers ++ lang.zed-only-language-servers;

     

       29
       +
             code_actions_on_format = lang.code-actions-on-format;

     

       30
       +
           };

     

       31
       +
       

     

       32
       +
         mkZedLsp = name: srv:

     

       33
       +
           lib.filterAttrs (_: v: v != null) {

     

       34
       +
             binary = lib.filterAttrs (_: v: v != null) {

     

       35
       +
               path = srv.command;

     

       36
       +
               arguments = srv.args or null;

     

       37
       +
             };

     

       38
       +
             settings = srv.config or null;

     

       39
       +
           };

     

       40
       +
       in {

     

       41
        
         options.myHome.programs.zed-editor.enable = lib.mkEnableOption "zed editor";

     

       42
        
       

     

       43
        
         config = lib.mkIf config.myHome.programs.zed-editor.enable {

     
···

       53
        
               "nix"

     

       54
        
               "scss"

     

       55
        
               "toml"

     

       56
       +
               "biome"

     

       57
       +
               #"superhtml"

     

       58
       +
               "marksman"

     

       59
       +
               "makefile"

     

       60
       +
               "zig"

     

       61
       +
               "gleam"

     

       62
       +
               "glsl"

     

       63
       +
               "gdscript"

     

       64
       +
               "svelte"

     

       65
       +
               "vue"

     

       66
       +
               "basher"

     

       67
       +
               "sql"

     

       68
       +
               #"ruby"

     

       69
       +
               #"elixir"

     

       70
        
             ];

     

       71
        
             userSettings = {

     

       72
        
               auto_indent_on_paste = true;

     
···

       80
        
               preferred_line_length = 100;

     

       81
        
               soft_wrap = "preferred_line_length";

     

       82
        
       

     

       83
       +
               tab_size = 2;

     

       84
       +
               format_on_save = "on";

     

       85
       +
               prettier = {

     

       86
       +
                 allowed = false;

     

       87
       +
               };

     

       88
       +
       

     

       89
        
               agent = {

     

       90
        
                 default_model = {

     

       91
        
                   provider = "google";

     
···

       98
        
                 default_profile = "ask";

     

       99
        
               };

     

       100
        
       

     

       101
       +
               telemetry = {

     

       102
       +
                 diagnostics = false;

     

       103
       +
                 metrics = false;

     

       104
       +
               };

     

       105
        
       

     

       106
       +
               languages = lib.listToAttrs (

     

       107
       +
                 lib.attrValues (

     

       108
       +
                   lib.mapAttrs (name: lang: {

     

       109
       +
                     name = lang.full-name;

     

       110
       +
                     value = mkZedLanguage name lang;

     

       111
       +
                   })

     

       112
       +
                   editorCfg.languages

     

       113
       +
                 )

     

       114
       +
               );

     

       115
       +
               lsp = lib.mapAttrs mkZedLsp editorCfg.languageServers;

     

       116
       +
             };

     

       117
       +
             userTasks = [

     

       118
       +
               {

     

       119
       +
                 label = "jjui";

     

       120
       +
                 command = "jjui";

     

       121
       +
                 hide = "on_success";

     

       122
       +
                 use_new_terminal = true;

     

       123
       +
                 allow_concurrent_runs = false;

     

       124
       +
                 shell = {

     

       125
       +
                   program = "fish";

     

       126
        
                 };

     

       127
       +
               }

     

       128
       +
             ];

     

       129
       +
             userKeymaps = [

     

       130
       +
               {

     

       131
       +
                 context = "(vim_mode == helix_normal || vim_mode == helix_select) && !menu";

     

       132
       +
                 bindings = {

     

       133
       +
                   n = "vim::WrappingLeft";

     

       134
       +
                   e = "vim::Down";

     

       135
       +
                   i = "vim::Up";

     

       136
       +
                   o = "vim::WrappingRight";

     

       137
        
                 };

     

       138
       +
               }

     

       139
       +
               {

     

       140
       +
                 context = "vim_mode == helix_normal && !menu";

     

       141
       +
                 bindings = {

     

       142
       +
                   j = "vim::NextWordEnd";

     

       143
       +
                   J = ["vim::NextWordEnd" {ignore_punctuation = true;}];

     

       144
       +
                   k = "vim::MoveToNextMatch";

     

       145
       +
                   K = "vim::MoveToPreviousMatch";

     

       146
       +
                   l = "vim::HelixInsert";

     

       147
       +
                   L = "vim::InsertFirstNonWhitespace";

     

       148
       +
                   h = "vim::InsertLineBelow";

     

       149
       +
                   H = "vim::InsertLineAbove";

     

       150
        
                 };

     

       151
       +
               }

     

       152
       +
               {

     

       153
       +
                 context = "Workspace";

     

       154
       +
                 bindings = {

     

       155
       +
                   ctrl-g = [

     

       156
       +
                     "task::Spawn"

     

       157
       +
                     {

     

       158
       +
                       task_name = "jjui";

     

       159
       +
                       reveal_target = "center";

     

       160
       +
                     }

     

       161
        
                   ];

     

       162
        
                 };

     

       163
       +
               }

     

       164
       +
             ];

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       165
        
           };

     

       166
        
         };

     

       167
        
       }

-13

modules/home/programs/zen-browser/default.nix

···

       1
       -
       {

     

       2
       -
         lib,

     

       3
       -
         config,

     

       4
       -
         ...

     

       5
       -
       }: {

     

       6
       -
         options.myHome.programs.zen-browser = {

     

       7
       -
           enable = lib.mkEnableOption "zen web browser";

     

       8
       -
         };

     

       9
       -
       

     

       10
       -
         config.programs.zen-browser =

     

       11
       -
           lib.mkIf config.myHome.programs.zen-browser.enable

     

       12
       -
           config.mySnippets.firefox-based.userConfig;

     

       13
       -
       }

modules/home/snippets/default.nix

···

       1
        
       {...}: {

     

       2
        
         imports = [

     

       0
        
       
     

       3
        
           ./firefox-based

     

       0
        
       
     

       4
        
         ];

     

       5
        
       }

···

       1
        
       {...}: {

     

       2
        
         imports = [

     

       3
       +
           ./editor

     

       4
        
           ./firefox-based

     

       5
       +
           ./git

     

       6
        
         ];

     

       7
        
       }

+415

modules/home/snippets/editor/default.nix

···

       1
       +
       {

     

       2
       +
         lib,

     

       3
       +
         pkgs,

     

       4
       +
         ...

     

       5
       +
       }: let

     

       6
       +
         # Helper function to create language server definitions

     

       7
       +
         mkLspServer = name: {

     

       8
       +
           command,

     

       9
       +
           helix-command ? null,

     

       10
       +
           args ? null,

     

       11
       +
           config ? null,

     

       12
       +
         }: {

     

       13
       +
           inherit name command helix-command args config;

     

       14
       +
         };

     

       15
       +
       

     

       16
       +
         # Helper function to create formatter definitions

     

       17
       +
         mkFormatter = name: {

     

       18
       +
           type,

     

       19
       +
           command ? null,

     

       20
       +
           args ? null,

     

       21
       +
           lspName ? null,

     

       22
       +
           config ? null,

     

       23
       +
         }: {

     

       24
       +
           inherit name type command args lspName config;

     

       25
       +
         };

     

       26
       +
       

     

       27
       +
         # Helper function to create language definitions

     

       28
       +
         mkLanguage = name: {

     

       29
       +
           full-name ? name,

     

       30
       +
           auto-format ? true,

     

       31
       +
           file-types ? null,

     

       32
       +
           language-servers ? [],

     

       33
       +
           zed-only-language-servers ? [],

     

       34
       +
           helix-only-language-servers ? [],

     

       35
       +
           formatter ? null,

     

       36
       +
           helix-formatter ? null,

     

       37
       +
           code-actions-on-format ? null,

     

       38
       +
         }: {

     

       39
       +
           inherit name full-name auto-format file-types language-servers zed-only-language-servers helix-only-language-servers formatter helix-formatter code-actions-on-format;

     

       40
       +
         };

     

       41
       +
       in {

     

       42
       +
         options.mySnippets.editor = lib.mkOption {

     

       43
       +
           type = lib.types.attrs;

     

       44
       +
           default = {};

     

       45
       +
           description = "Editor configuration data";

     

       46
       +
         };

     

       47
       +
       

     

       48
       +
         config.mySnippets.editor = {

     

       49
       +
           # Language Servers

     

       50
       +
           languageServers = {

     

       51
       +
             biome = mkLspServer "biome" {

     

       52
       +
               command = lib.getExe pkgs.biome;

     

       53
       +
               args = ["lsp-proxy"];

     

       54
       +
             };

     

       55
       +
       

     

       56
       +
             tailwindcss-language-server = mkLspServer "tailwindcss-language-server" {

     

       57
       +
               command = pkgs.writeScript "tailwindcss-language-server-bun" ''

     

       58
       +
                 #!${lib.getExe pkgs.bash} -e

     

       59
       +
                 exec ${lib.getExe pkgs.bun} ${lib.getExe pkgs.tailwindcss-language-server}

     

       60
       +
               '';

     

       61
       +
               helix-command = let

     

       62
       +
                 fd = lib.getExe pkgs.fd;

     

       63
       +
                 xargs = "${pkgs.uutils-findutils}/bin/xargs";

     

       64
       +
                 grep = lib.getExe pkgs.gnugrep;

     

       65
       +
                 bun = lib.getExe pkgs.bun;

     

       66
       +
                 twls = lib.getExe pkgs.tailwindcss-language-server;

     

       67
       +
               in

     

       68
       +
                 pkgs.writeScript "tailwindcss-language-server-bun-helix" ''

     

       69
       +
                   #!${lib.getExe pkgs.bash} -euo

     

       70
       +
       

     

       71
       +
                   if ! ${fd} -H -I -E "node_modules" "package\\.json$" . | \

     

       72
       +
                     ${xargs} ${grep} -q '"tailwindcss"'; then

     

       73
       +
       

     

       74
       +
                     exit 0

     

       75
       +
                   fi

     

       76
       +
       

     

       77
       +
                   exec ${bun} ${twls}

     

       78
       +
                 '';

     

       79
       +
               args = [];

     

       80
       +
               config = {provideFormatter = false;};

     

       81
       +
             };

     

       82
       +
       

     

       83
       +
             vscode-html-language-server = mkLspServer "vscode-html-language-server" {

     

       84
       +
               command = lib.getExe pkgs.bun;

     

       85
       +
               args = ["${pkgs.vscode-langservers-extracted}/lib/node_modules/vscode-langservers-extracted/bin/vscode-html-language-server" "--stdio"];

     

       86
       +
             };

     

       87
       +
       

     

       88
       +
             superhtml = mkLspServer "superhtml" {

     

       89
       +
               command = lib.getExe pkgs.superhtml;

     

       90
       +
               args = ["lsp"];

     

       91
       +
             };

     

       92
       +
       

     

       93
       +
             css-language-server = mkLspServer "css-language-server" {

     

       94
       +
               command = lib.getExe pkgs.bun;

     

       95
       +
               args = ["${pkgs.vscode-css-languageserver}/lib/node_modules/vscode-css-languageserver/out/node/cssServerMain.js" "--stdio"];

     

       96
       +
             };

     

       97
       +
       

     

       98
       +
             json-language-server = mkLspServer "json-language-server" {

     

       99
       +
               command = lib.getExe pkgs.bun;

     

       100
       +
               args = ["${pkgs.vscode-json-languageserver}/lib/node_modules/vscode-json-languageserver/bin/vscode-json-languageserver" "--stdio"];

     

       101
       +
             };

     

       102
       +
       

     

       103
       +
             vtsls = mkLspServer "vtsls" {

     

       104
       +
               command = lib.getExe pkgs.bun;

     

       105
       +
               args = ["${pkgs.vtsls}/bin/vtsls" "--stdio"];

     

       106
       +
             };

     

       107
       +
       

     

       108
       +
             svelte-language-server = mkLspServer "svelte-language-server" {

     

       109
       +
               command = lib.getExe pkgs.bun;

     

       110
       +
               args = ["${pkgs.svelte-language-server}/lib/node_modules/svelte-language-server/bin/server.js" "--stdio"];

     

       111
       +
             };

     

       112
       +
       

     

       113
       +
             vue-language-server = mkLspServer "vue-language-server" {

     

       114
       +
               command = lib.getExe pkgs.bun;

     

       115
       +
               args = ["${pkgs.vue-language-server}/lib/language-tools/packages/language-server/bin/vue-language-server.js" "--stdio"];

     

       116
       +
             };

     

       117
       +
       

     

       118
       +
             bash-language-server = mkLspServer "bash-language-server" {

     

       119
       +
               command = lib.getExe pkgs.bash-language-server;

     

       120
       +
               args = ["start"];

     

       121
       +
             };

     

       122
       +
       

     

       123
       +
             fish-lsp = mkLspServer "fish-lsp" {

     

       124
       +
               command = lib.getExe pkgs.fish-lsp;

     

       125
       +
               args = ["start"];

     

       126
       +
             };

     

       127
       +
       

     

       128
       +
             nixd = mkLspServer "nixd" {

     

       129
       +
               command = lib.getExe pkgs.nixd;

     

       130
       +
               config.formatting.command = [(lib.getExe pkgs.alejandra) "--quiet" "--"];

     

       131
       +
             };

     

       132
       +
       

     

       133
       +
             nil = mkLspServer "nil" {

     

       134
       +
               command = lib.getExe pkgs.nil;

     

       135
       +
               args = ["--stdio"];

     

       136
       +
             };

     

       137
       +
       

     

       138
       +
             marksman = mkLspServer "marksman" {

     

       139
       +
               command = lib.getExe pkgs.marksman;

     

       140
       +
               args = ["server"];

     

       141
       +
             };

     

       142
       +
       

     

       143
       +
             gopls = mkLspServer "gopls" {

     

       144
       +
               command = lib.getExe pkgs.gopls;

     

       145
       +
               args = ["serve"];

     

       146
       +
             };

     

       147
       +
       

     

       148
       +
             rust-analyzer = mkLspServer "rust-analyzer" {

     

       149
       +
               command = lib.getExe pkgs.rust-analyzer;

     

       150
       +
             };

     

       151
       +
       

     

       152
       +
             zls = mkLspServer "zls" {

     

       153
       +
               command = lib.getExe pkgs.zls;

     

       154
       +
             };

     

       155
       +
       

     

       156
       +
             glsl_analyzer = mkLspServer "glsl_analyzer" {

     

       157
       +
               command = lib.getExe pkgs.glsl_analyzer;

     

       158
       +
             };

     

       159
       +
       

     

       160
       +
             lua-language-server = mkLspServer "lua-language-server" {

     

       161
       +
               command = lib.getExe pkgs.lua-language-server;

     

       162
       +
             };

     

       163
       +
       

     

       164
       +
             gleam = mkLspServer "gleam" {

     

       165
       +
               command = lib.getExe pkgs.gleam;

     

       166
       +
               args = ["lsp"];

     

       167
       +
             };

     

       168
       +
       

     

       169
       +
             gdscript-language-server = mkLspServer "gdscript-language-server" {

     

       170
       +
               command = lib.getExe pkgs.netcat;

     

       171
       +
               args = ["127.0.0.1" "6005"];

     

       172
       +
               config = {language-id = "gdscript";};

     

       173
       +
             };

     

       174
       +
       

     

       175
       +
             solargraph = mkLspServer "solargraph" {

     

       176
       +
               command = lib.getExe pkgs.rubyPackages.solargraph;

     

       177
       +
               args = ["stdio"];

     

       178
       +
             };

     

       179
       +
       

     

       180
       +
             #rubocop = mkLspServer "rubocop" {

     

       181
       +
             #  command = lib.getExe pkgs.rubocop;

     

       182
       +
             #};

     

       183
       +
           };

     

       184
       +
       

     

       185
       +
           # Formatters

     

       186
       +
           formatters = {

     

       187
       +
             biome = mkFormatter "biome" {

     

       188
       +
               type = "lsp";

     

       189
       +
             };

     

       190
       +
       

     

       191
       +
             biomeHtml = mkFormatter "biomeHtml" {

     

       192
       +
               type = "external";

     

       193
       +
               command = lib.getExe pkgs.biome;

     

       194
       +
               args = ["format" "--use-server" "--html-formatter-enabled=true" "--stdin-file-path" "{buffer_path}"];

     

       195
       +
             };

     

       196
       +
       

     

       197
       +
             shfmt = mkFormatter "shfmt" {

     

       198
       +
               type = "external";

     

       199
       +
               command = lib.getExe pkgs.shfmt;

     

       200
       +
               args = ["-i" "2"];

     

       201
       +
             };

     

       202
       +
       

     

       203
       +
             alejandra = mkFormatter "alejandra" {

     

       204
       +
               type = "external";

     

       205
       +
               command = lib.getExe pkgs.alejandra;

     

       206
       +
             };

     

       207
       +
       

     

       208
       +
             mdformat = mkFormatter "mdformat" {

     

       209
       +
               type = "external";

     

       210
       +
               command = lib.getExe pkgs.mdformat;

     

       211
       +
             };

     

       212
       +
       

     

       213
       +
             stylua = mkFormatter "stylua" {

     

       214
       +
               type = "external";

     

       215
       +
               command = lib.getExe pkgs.stylua;

     

       216
       +
             };

     

       217
       +
       

     

       218
       +
             gdscript-formatter = mkFormatter "gdscript-formatter" {

     

       219
       +
               type = "external";

     

       220
       +
               command = lib.getExe pkgs.gdscript-formatter;

     

       221
       +
             };

     

       222
       +
       

     

       223
       +
             prettier = mkFormatter "prettier" {

     

       224
       +
               type = "external";

     

       225
       +
               command = lib.getExe pkgs.bun;

     

       226
       +
               args = ["${pkgs.prettier}/bin/prettier.cjs" "--stdin-filepath" "{buffer_path}"];

     

       227
       +
             };

     

       228
       +
           };

     

       229
       +
       

     

       230
       +
           # Languages

     

       231
       +
           languages = {

     

       232
       +
             html = mkLanguage "html" {

     

       233
       +
               full-name = "HTML";

     

       234
       +
               language-servers = ["vscode-html-language-server" "biome"];

     

       235
       +
               zed-only-language-servers = ["!eslint" "..."];

     

       236
       +
               helix-only-language-servers = ["tailwindcss-language-server"];

     

       237
       +
               formatter = "biome";

     

       238
       +
               helix-formatter = "biomeHtml";

     

       239
       +
               code-actions-on-format = {

     

       240
       +
                 "source.fixAll.biome" = true;

     

       241
       +
                 "html.formatter.enabled.biome" = true;

     

       242
       +
               };

     

       243
       +
             };

     

       244
       +
       

     

       245
       +
             css = mkLanguage "css" {

     

       246
       +
               full-name = "CSS";

     

       247
       +
               language-servers = ["css-language-server" "biome"];

     

       248
       +
               zed-only-language-servers = ["..."];

     

       249
       +
               helix-only-language-servers = ["tailwindcss-language-server"];

     

       250
       +
               formatter = "biome";

     

       251
       +
               code-actions-on-format = {

     

       252
       +
                 "source.fixAll.biome" = true;

     

       253
       +
                 "source.organizeImports.biome" = true;

     

       254
       +
               };

     

       255
       +
             };

     

       256
       +
       

     

       257
       +
             javascript = mkLanguage "javascript" {

     

       258
       +
               full-name = "JavaScript";

     

       259
       +
               language-servers = ["vtsls" "biome"];

     

       260
       +
               zed-only-language-servers = ["!eslint" "!typescript-language-server" "..."];

     

       261
       +
               helix-only-language-servers = ["tailwindcss-language-server"];

     

       262
       +
               formatter = "biome";

     

       263
       +
               code-actions-on-format = {

     

       264
       +
                 "source.fixAll.biome" = true;

     

       265
       +
                 "source.organizeImports.biome" = true;

     

       266
       +
               };

     

       267
       +
             };

     

       268
       +
       

     

       269
       +
             typescript = mkLanguage "typescript" {

     

       270
       +
               full-name = "TypeScript";

     

       271
       +
               language-servers = ["vtsls" "biome"];

     

       272
       +
               zed-only-language-servers = ["!eslint" "!typescript-language-server" "..."];

     

       273
       +
               helix-only-language-servers = ["tailwindcss-language-server"];

     

       274
       +
               formatter = "biome";

     

       275
       +
               code-actions-on-format = {

     

       276
       +
                 "source.fixAll.biome" = true;

     

       277
       +
                 "source.organizeImports.biome" = true;

     

       278
       +
               };

     

       279
       +
             };

     

       280
       +
       

     

       281
       +
             jsx = mkLanguage "jsx" {

     

       282
       +
               full-name = "JSX";

     

       283
       +
               language-servers = ["vtsls" "biome"];

     

       284
       +
               zed-only-language-servers = ["!eslint" "!typescript-language-server" "..."];

     

       285
       +
               helix-only-language-servers = ["tailwindcss-language-server"];

     

       286
       +
               formatter = "biome";

     

       287
       +
               code-actions-on-format = {

     

       288
       +
                 "source.fixAll.biome" = true;

     

       289
       +
                 "source.organizeImports.biome" = true;

     

       290
       +
               };

     

       291
       +
             };

     

       292
       +
       

     

       293
       +
             tsx = mkLanguage "tsx" {

     

       294
       +
               full-name = "TSX";

     

       295
       +
               language-servers = ["vtsls" "biome"];

     

       296
       +
               zed-only-language-servers = ["!eslint" "!typescript-language-server" "..."];

     

       297
       +
               helix-only-language-servers = ["tailwindcss-language-server"];

     

       298
       +
               formatter = "biome";

     

       299
       +
               code-actions-on-format = {

     

       300
       +
                 "source.fixAll.biome" = true;

     

       301
       +
                 "source.organizeImports.biome" = true;

     

       302
       +
               };

     

       303
       +
             };

     

       304
       +
       

     

       305
       +
             svelte = mkLanguage "svelte" {

     

       306
       +
               full-name = "Svelte";

     

       307
       +
               language-servers = ["svelte-language-server" "vtsls" "biome"];

     

       308
       +
               zed-only-language-servers = ["!eslint" "!typescript-language-server" "..."];

     

       309
       +
               helix-only-language-servers = ["tailwindcss-language-server"];

     

       310
       +
               formatter = "biome";

     

       311
       +
               code-actions-on-format = {

     

       312
       +
                 "source.fixAll.biome" = true;

     

       313
       +
                 "source.organizeImports.biome" = true;

     

       314
       +
               };

     

       315
       +
             };

     

       316
       +
       

     

       317
       +
             vue = mkLanguage "vue" {

     

       318
       +
               full-name = "Vue.js";

     

       319
       +
               language-servers = ["vue-language-server" "biome"];

     

       320
       +
               zed-only-language-servers = ["!eslint" "!typescript-language-server" "..."];

     

       321
       +
               helix-only-language-servers = ["tailwindcss-language-server"];

     

       322
       +
               formatter = "biome";

     

       323
       +
               code-actions-on-format = {

     

       324
       +
                 "source.fixAll.biome" = true;

     

       325
       +
                 "source.organizeImports.biome" = true;

     

       326
       +
               };

     

       327
       +
             };

     

       328
       +
       

     

       329
       +
             json = mkLanguage "json" {

     

       330
       +
               full-name = "JSON";

     

       331
       +
               language-servers = ["json-language-server" "biome"];

     

       332
       +
               formatter = "biome";

     

       333
       +
               code-actions-on-format = {

     

       334
       +
                 "source.fixAll.biome" = true;

     

       335
       +
               };

     

       336
       +
             };

     

       337
       +
       

     

       338
       +
             jsonc = mkLanguage "jsonc" {

     

       339
       +
               full-name = "JSONC";

     

       340
       +
               language-servers = ["json-language-server" "biome"];

     

       341
       +
               formatter = "biome";

     

       342
       +
               code-actions-on-format = {

     

       343
       +
                 "source.fixAll.biome" = true;

     

       344
       +
                 "source.organizeImports.biome" = true;

     

       345
       +
               };

     

       346
       +
             };

     

       347
       +
       

     

       348
       +
             bash = mkLanguage "bash" {

     

       349
       +
               full-name = "Shell Script";

     

       350
       +
               file-types = ["sh" "bash" "dash" "ksh" "mksh"];

     

       351
       +
               language-servers = ["bash-language-server"];

     

       352
       +
               formatter = "shfmt";

     

       353
       +
             };

     

       354
       +
       

     

       355
       +
             fish = mkLanguage "fish" {

     

       356
       +
               full-name = "Fish";

     

       357
       +
               language-servers = ["fish-lsp"];

     

       358
       +
             };

     

       359
       +
       

     

       360
       +
             nix = mkLanguage "nix" {

     

       361
       +
               full-name = "Nix";

     

       362
       +
               language-servers = ["nixd" "nil"];

     

       363
       +
               formatter = "alejandra";

     

       364
       +
             };

     

       365
       +
       

     

       366
       +
             markdown = mkLanguage "markdown" {

     

       367
       +
               full-name = "Markdown";

     

       368
       +
               language-servers = ["marksman"];

     

       369
       +
               formatter = "prettier";

     

       370
       +
             };

     

       371
       +
       

     

       372
       +
             go = mkLanguage "go" {

     

       373
       +
               full-name = "Go";

     

       374
       +
               language-servers = ["gopls"];

     

       375
       +
             };

     

       376
       +
       

     

       377
       +
             rust = mkLanguage "rust" {

     

       378
       +
               full-name = "Rust";

     

       379
       +
               language-servers = ["rust-analyzer"];

     

       380
       +
             };

     

       381
       +
       

     

       382
       +
             zig = mkLanguage "zig" {

     

       383
       +
               full-name = "Zig";

     

       384
       +
               language-servers = ["zls"];

     

       385
       +
             };

     

       386
       +
       

     

       387
       +
             glsl = mkLanguage "glsl" {

     

       388
       +
               full-name = "GLSL";

     

       389
       +
               language-servers = ["glsl_analyzer"];

     

       390
       +
             };

     

       391
       +
       

     

       392
       +
             lua = mkLanguage "lua" {

     

       393
       +
               full-name = "Lua";

     

       394
       +
               language-servers = ["lua-language-server"];

     

       395
       +
               formatter = "stylua";

     

       396
       +
             };

     

       397
       +
       

     

       398
       +
             gleam = mkLanguage "gleam" {

     

       399
       +
               full-name = "Gleam";

     

       400
       +
               language-servers = ["gleam"];

     

       401
       +
             };

     

       402
       +
       

     

       403
       +
             gdscript = mkLanguage "gdscript" {

     

       404
       +
               full-name = "GDScript";

     

       405
       +
               language-servers = ["gdscript-language-server"];

     

       406
       +
               formatter = "gdscript-formatter";

     

       407
       +
             };

     

       408
       +
       

     

       409
       +
             #ruby = mkLanguage "ruby" {

     

       410
       +
             #  full-name = "Ruby";

     

       411
       +
             #  language-servers = ["solargraph" "rubocop"];

     

       412
       +
             #};

     

       413
       +
           };

     

       414
       +
         };

     

       415
       +
       }

+2 -2

modules/home/snippets/firefox-based/default.nix

···

       128
        
       

     

       129
        
               #nativeMessagingHosts = lib.optionals pkgs.stdenv.isLinux [pkgs.bitwarden-desktop];

     

       130
        
               languagePacks = [

     

       131
       -
                 "en-GB"

     

       132
        
                 "en"

     

       133
        
                 "en-US"

     

       134
        
               ];

     
···

       165
        
                     steam-database

     

       166
        
                     snowflake

     

       167
        
                     sponsorblock

     

       168
       -
                     karakeep

     

       169
        
                     bitwarden

     

       170
        
                   ];

     

       171

···

       128
        
       

     

       129
        
               #nativeMessagingHosts = lib.optionals pkgs.stdenv.isLinux [pkgs.bitwarden-desktop];

     

       130
        
               languagePacks = [

     

       131
       +
                 "en-CA"

     

       132
        
                 "en"

     

       133
        
                 "en-US"

     

       134
        
               ];

     
···

       165
        
                     steam-database

     

       166
        
                     snowflake

     

       167
        
                     sponsorblock

     

       168
       +
                     #karakeep

     

       169
        
                     bitwarden

     

       170
        
                   ];

     

       171

+11

modules/home/snippets/git/default.nix

···

       1
       +
       {lib, ...}: {

     

       2
       +
         options.mySnippets.git = {

     

       3
       +
           user = lib.mkOption {

     

       4
       +
             type = lib.types.attrs;

     

       5
       +
             default = {

     

       6
       +
               name = "ayla";

     

       7
       +
               email = "ayla-git.barcode041@silomails.com";

     

       8
       +
             };

     

       9
       +
           };

     

       10
       +
         };

     

       11
       +
       }

+23

modules/locale/en-ca/default.nix

···

       1
       +
       {

     

       2
       +
         config,

     

       3
       +
         lib,

     

       4
       +
         ...

     

       5
       +
       }: {

     

       6
       +
         config = {

     

       7
       +
           i18n = {

     

       8
       +
             defaultLocale = lib.mkDefault "en_CA.UTF-8";

     

       9
       +
       

     

       10
       +
             extraLocaleSettings = {

     

       11
       +
               LC_ADDRESS = config.i18n.defaultLocale;

     

       12
       +
               LC_IDENTIFICATION = config.i18n.defaultLocale;

     

       13
       +
               LC_MEASUREMENT = config.i18n.defaultLocale;

     

       14
       +
               LC_MONETARY = config.i18n.defaultLocale;

     

       15
       +
               LC_NAME = config.i18n.defaultLocale;

     

       16
       +
               LC_NUMERIC = config.i18n.defaultLocale;

     

       17
       +
               LC_PAPER = config.i18n.defaultLocale;

     

       18
       +
               LC_TELEPHONE = config.i18n.defaultLocale;

     

       19
       +
               LC_TIME = config.i18n.defaultLocale;

     

       20
       +
             };

     

       21
       +
           };

     

       22
       +
         };

     

       23
       +
       }

modules/nixos/default.nix

+24

modules/nixos/desktop/cosmic/default.nix

···

       1
       +
       {

     

       2
       +
         config,

     

       3
       +
         lib,

     

       4
       +
         pkgs,

     

       5
       +
         ...

     

       6
       +
       }: {

     

       7
       +
         options.myNixOS.desktop.cosmic.enable = lib.mkEnableOption "COSMIC desktop environment";

     

       8
       +
       

     

       9
       +
         config = lib.mkIf config.myNixOS.desktop.cosmic.enable {

     

       10
       +
           home-manager.sharedModules = [

     

       11
       +
             {

     

       12
       +
               config.myHome.desktop.cosmic.enable = true;

     

       13
       +
             }

     

       14
       +
           ];

     

       15
       +
       

     

       16
       +
           environment.cosmic.excludePackages = with pkgs; [

     

       17
       +
             cosmic-store

     

       18
       +
           ];

     

       19
       +
       

     

       20
       +
           services.desktopManager.cosmic.enable = true;

     

       21
       +
           system.nixos.tags = ["cosmic"];

     

       22
       +
           myNixOS.desktop.enable = true;

     

       23
       +
         };

     

       24
       +
       }

+24 -3

modules/nixos/desktop/default.nix

···

       4
        
         lib,

     

       5
        
         ...

     

       6
        
       }: {

     

       7
       -
         imports = [./gnome];

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       8
        
       

     

       9
        
         options.myNixOS.desktop.enable = lib.mkOption {

     

       10
        
           default =

     
···

       35
        
           fonts = {

     

       36
        
             fontconfig = {

     

       37
        
               enable = true;

     

       38
       -
               includeUserConf = false;

     

       39
       -
               useEmbeddedBitmaps = true;

     

       40
        
               subpixel = {

     

       41
        
                 lcdfilter = "none";

     

       42
        
                 rgba = "none";

     
···

       47
        
                 style = "slight";

     

       48
        
                 autohint = false;

     

       49
        
               };

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       50
        
             };

     

       51
        
       

     

       52
        
             packages = with pkgs; [

···

       4
        
         lib,

     

       5
        
         ...

     

       6
        
       }: {

     

       7
       +
         imports = [

     

       8
       +
           ./gnome

     

       9
       +
           ./plasma

     

       10
       +
           ./cosmic

     

       11
       +
         ];

     

       12
        
       

     

       13
        
         options.myNixOS.desktop.enable = lib.mkOption {

     

       14
        
           default =

     
···

       39
        
           fonts = {

     

       40
        
             fontconfig = {

     

       41
        
               enable = true;

     

       42
       +
               includeUserConf = true;

     

       0
        
       
     

       43
        
               subpixel = {

     

       44
        
                 lcdfilter = "none";

     

       45
        
                 rgba = "none";

     
···

       50
        
                 style = "slight";

     

       51
        
                 autohint = false;

     

       52
        
               };

     

       53
       +
       

     

       54
       +
               # have i told you how much i despise fontconfig. literally zero reason to pick bitmap fonts over noto fonts but it always does.

     

       55
       +
               localConf = ''

     

       56
       +
                 <?xml version="1.0"?>

     

       57
       +
                 <!DOCTYPE fontconfig SYSTEM "urn:fontconfig:fonts.dtd">

     

       58
       +
                 <fontconfig>

     

       59
       +
                   <description>Reject bitmap fonts except bitmap emoji fonts</description>

     

       60
       +
                   <!-- Reject bitmap fonts -->

     

       61
       +
                   <selectfont>

     

       62
       +
                     <rejectfont>

     

       63
       +
                       <pattern>

     

       64
       +
                         <patelt name="outline"><bool>false</bool></patelt>

     

       65
       +
                         <patelt name="scalable"><bool>false</bool></patelt>

     

       66
       +
                       </pattern>

     

       67
       +
                     </rejectfont>

     

       68
       +
                   </selectfont>

     

       69
       +
                 </fontconfig>

     

       70
       +
               '';

     

       71
        
             };

     

       72
        
       

     

       73
        
             packages = with pkgs; [

+9 -11

modules/nixos/desktop/gnome/default.nix

···

       13
        
             }

     

       14
        
           ];

     

       15
        
       

     

       16
       -
           services = {

     

       17
       -
             desktopManager.gnome.enable = true;

     

       18
       -
           };

     

       19
        
       

     

       20
        
           environment.gnome.excludePackages = with pkgs; [

     

       21
        
             decibels

     

       22
        
             epiphany

     

       23
        
             geary # email reader

     

       24
        
             gedit # text editor

     

       25
       -
             gnome-characters

     

       26
        
             gnome-console # in case im using something else

     

       27
        
             gnome-music

     

       28
        
             gnome-software # i like the idea but i really hate how much resources it uses

     
···

       34
        
           i18n.inputMethod.type = "ibus";

     

       35
        
       

     

       36
        
           security.pam.services.greetd.enableGnomeKeyring = true;

     

       37
       -
           services.gnome.gcr-ssh-agent.enable = true;

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       38
        
       

     

       39
        
           programs = {

     

       40
        
             kdeconnect = {

     

       41
       -
               enable = true;

     

       42
       -
               package = pkgs.gnomeExtensions.gsconnect;

     

       43
        
             };

     

       44
        
           };

     

       45
        
       

     
···

       51
        
             ];

     

       52
        
           };

     

       53
        
       

     

       54
       -
           myNixOS = {

     

       55
       -
             desktop.enable = true;

     

       56
       -
             services.gdm.enable = true;

     

       57
       -
           };

     

       58
        
       

     

       59
        
           #qt = {

     

       60
        
           #  enable = true;

···

       13
        
             }

     

       14
        
           ];

     

       15
        
       

     

       16
       +
           services.desktopManager.gnome.enable = true;

     

       0
        
       
     

       0
        
       
     

       17
        
       

     

       18
        
           environment.gnome.excludePackages = with pkgs; [

     

       19
        
             decibels

     

       20
        
             epiphany

     

       21
        
             geary # email reader

     

       22
        
             gedit # text editor

     

       0
        
       
     

       23
        
             gnome-console # in case im using something else

     

       24
        
             gnome-music

     

       25
        
             gnome-software # i like the idea but i really hate how much resources it uses

     
···

       31
        
           i18n.inputMethod.type = "ibus";

     

       32
        
       

     

       33
        
           security.pam.services.greetd.enableGnomeKeyring = true;

     

       34
       +
           services.gnome = {

     

       35
       +
             gcr-ssh-agent.enable = true;

     

       36
       +
             gnome-remote-desktop.enable = lib.mkForce false;

     

       37
       +
           };

     

       38
        
       

     

       39
        
           programs = {

     

       40
        
             kdeconnect = {

     

       41
       +
               enable = lib.mkDefault true;

     

       42
       +
               package = lib.mkDefault pkgs.gnomeExtensions.gsconnect;

     

       43
        
             };

     

       44
        
           };

     

       45
        
       

     
···

       51
        
             ];

     

       52
        
           };

     

       53
        
       

     

       54
       +
           myNixOS.desktop.enable = true;

     

       55
       +
           system.nixos.tags = ["gnome"];

     

       0
        
       
     

       0
        
       
     

       56
        
       

     

       57
        
           #qt = {

     

       58
        
           #  enable = true;

+27

modules/nixos/desktop/plasma/default.nix

···

       1
       +
       {

     

       2
       +
         pkgs,

     

       3
       +
         lib,

     

       4
       +
         config,

     

       5
       +
         ...

     

       6
       +
       }: {

     

       7
       +
         options.myNixOS.desktop.plasma.enable = lib.mkEnableOption "use kde plasma desktop environment";

     

       8
       +
       

     

       9
       +
         config = lib.mkIf config.myNixOS.desktop.plasma.enable {

     

       10
       +
           home-manager.sharedModules = [

     

       11
       +
             {

     

       12
       +
               config.myHome.desktop.plasma.enable = true;

     

       13
       +
             }

     

       14
       +
           ];

     

       15
       +
       

     

       16
       +
           environment.plasma6.excludePackages = with pkgs; [

     

       17
       +
             kdePackages.kwallet

     

       18
       +
             kdePackages.kwallet-pam

     

       19
       +
             kdePackages.kwalletmanager

     

       20
       +
             kdePackages.wacomtablet

     

       21
       +
           ];

     

       22
       +
       

     

       23
       +
           services.desktopManager.plasma6.enable = true;

     

       24
       +
           system.nixos.tags = ["plasma"];

     

       25
       +
           myNixOS.desktop.enable = true;

     

       26
       +
         };

     

       27
       +
       }

+14 -14

modules/nixos/profiles/arr/default.nix

···

       37
        
                   reverse_proxy ${netMap.autobrr.hostName}:${toString netMap.autobrr.port}

     

       38
        
                 '';

     

       39
        
       

     

       40
       -
                 "${netMap.bazarr.vHost}".extraConfig = ''

     

       41
       -
                   bind tailscale/bazarr

     

       42
       -
                   encode zstd gzip

     

       43
       -
                   reverse_proxy ${netMap.bazarr.hostName}:${toString netMap.bazarr.port}

     

       44
       -
                 '';

     

       45
        
       

     

       46
        
                 "${netMap.prowlarr.vHost}".extraConfig = ''

     

       47
        
                   bind tailscale/prowlarr

     
···

       64
        
       

     

       65
        
               autobrr = {

     

       66
        
                 enable = true;

     

       67
       -
                 openFirewall = true; # Port: 7474

     

       68
        
                 secretFile = config.age.secrets.autobrr.path;

     

       69
        
                 settings = {

     

       70
        
                   host = "0.0.0.0";

     
···

       72
        
                 };

     

       73
        
               };

     

       74
        
       

     

       75
       -
               bazarr = {

     

       76
       -
                 enable = false;

     

       77
       -
                 dataDir = "${cfg.dataDir}/bazarr";

     

       78
       -
                 openFirewall = true; # Port: 6767

     

       79
       -
               };

     

       80
        
       

     

       81
        
               #lidarr = {

     

       82
        
               #  enable = true;

     
···

       87
        
               prowlarr = {

     

       88
        
                 enable = true;

     

       89
        
                 # dataDir = "${cfg.dataDir}/prowlarr";

     

       90
       -
                 openFirewall = true; # Port: 9696

     

       91
        
               };

     

       92
        
       

     

       93
        
               radarr = {

     

       94
        
                 enable = true;

     

       95
        
                 dataDir = "${cfg.dataDir}/radarr/.config/Radarr/";

     

       96
       -
                 openFirewall = true; # Port: 7878

     

       97
        
               };

     

       98
        
       

     

       99
        
               sonarr = {

     

       100
        
                 enable = true;

     

       101
        
                 dataDir = "${cfg.dataDir}/sonarr/.config/NzbDrone/";

     

       102
       -
                 openFirewall = true; # Port: 8989

     

       103
        
               };

     

       104
        
       

     

       105
        
               #flaresolverr = {

···

       37
        
                   reverse_proxy ${netMap.autobrr.hostName}:${toString netMap.autobrr.port}

     

       38
        
                 '';

     

       39
        
       

     

       40
       +
                 #"${netMap.bazarr.vHost}".extraConfig = ''

     

       41
       +
                 #  bind tailscale/bazarr

     

       42
       +
                 #  encode zstd gzip

     

       43
       +
                 #  reverse_proxy ${netMap.bazarr.hostName}:${toString netMap.bazarr.port}

     

       44
       +
                 #'';

     

       45
        
       

     

       46
        
                 "${netMap.prowlarr.vHost}".extraConfig = ''

     

       47
        
                   bind tailscale/prowlarr

     
···

       64
        
       

     

       65
        
               autobrr = {

     

       66
        
                 enable = true;

     

       67
       +
                 openFirewall = false; # Port: 7474

     

       68
        
                 secretFile = config.age.secrets.autobrr.path;

     

       69
        
                 settings = {

     

       70
        
                   host = "0.0.0.0";

     
···

       72
        
                 };

     

       73
        
               };

     

       74
        
       

     

       75
       +
               #bazarr = {

     

       76
       +
               #  enable = true;

     

       77
       +
               #  dataDir = "${cfg.dataDir}/bazarr";

     

       78
       +
               #  openFirewall = true; # Port: 6767

     

       79
       +
               #};

     

       80
        
       

     

       81
        
               #lidarr = {

     

       82
        
               #  enable = true;

     
···

       87
        
               prowlarr = {

     

       88
        
                 enable = true;

     

       89
        
                 # dataDir = "${cfg.dataDir}/prowlarr";

     

       90
       +
                 openFirewall = false; # Port: 9696

     

       91
        
               };

     

       92
        
       

     

       93
        
               radarr = {

     

       94
        
                 enable = true;

     

       95
        
                 dataDir = "${cfg.dataDir}/radarr/.config/Radarr/";

     

       96
       +
                 openFirewall = false; # Port: 7878

     

       97
        
               };

     

       98
        
       

     

       99
        
               sonarr = {

     

       100
        
                 enable = true;

     

       101
        
                 dataDir = "${cfg.dataDir}/sonarr/.config/NzbDrone/";

     

       102
       +
                 openFirewall = false; # Port: 8989

     

       103
        
               };

     

       104
        
       

     

       105
        
               #flaresolverr = {

+7 -10

modules/nixos/profiles/backups/default.nix

···

       142
        
               paths = [config.services.couchdb.databaseDir];

     

       143
        
             }

     

       144
        
             {

     

       145
       -
               # damn this is ugly

     

       146
        
               name = "forgejo";

     

       147
       -
               containerised = true;

     

       148
       -
               inherit (config.myNixOS.services.forgejo) enable;

     

       149
       -
               paths = ["/var/lib/nixos-containers/forgejo${config.containers.forgejo.config.services.forgejo.stateDir}"];

     

       150
       -
               backupMode = "none";

     

       151
        
             }

     

       152
        
             # {

     

       153
        
             #   name = "immich";

     
···

       192
        
               };

     

       193
        
             }

     

       194
        
             {

     

       195
       -
               # damn this is ugly

     

       196
        
               name = "postgresql";

     

       197
        
               containerised = true;

     

       198
       -
               inherit (config.myNixOS.services.postgresql) enable;

     

       199
       -
               paths = ["/var/lib/nixos-containers/postgresql${config.containers.postgresql.config.services.postgresql.dataDir}"];

     

       200
        
               backupMode = "quiet";

     

       201
        
             }

     

       202
        
             {

     
···

       273
        
             }

     

       274
        
             {

     

       275
        
               name = "tangled-knot";

     

       276
       -
               inherit (config.services.tangled-knot) enable;

     

       277
       -
               paths = [config.services.tangled-knot.stateDir];

     

       0
        
       
     

       278
        
             }

     

       279
        
           ];

     

       280
        
         };

···

       142
        
               paths = [config.services.couchdb.databaseDir];

     

       143
        
             }

     

       144
        
             {

     

       0
        
       
     

       145
        
               name = "forgejo";

     

       146
       +
               inherit (config.services.forgejo) enable;

     

       147
       +
               paths = [config.services.forgejo.stateDir];

     

       0
        
       
     

       0
        
       
     

       148
        
             }

     

       149
        
             # {

     

       150
        
             #   name = "immich";

     
···

       189
        
               };

     

       190
        
             }

     

       191
        
             {

     

       0
        
       
     

       192
        
               name = "postgresql";

     

       193
        
               containerised = true;

     

       194
       +
               inherit (config.services.postgresql) enable;

     

       195
       +
               paths = [config.services.postgresql.dataDir];

     

       196
        
               backupMode = "quiet";

     

       197
        
             }

     

       198
        
             {

     
···

       269
        
             }

     

       270
        
             {

     

       271
        
               name = "tangled-knot";

     

       272
       +
               containerised = true;

     

       273
       +
               inherit (config.myNixOS.services.tangled-knot) enable;

     

       274
       +
               paths = ["/var/lib/nixos-containers/tangled-knot${config.containers.tangled-knot.config.services.tangled-knot.stateDir}"];

     

       275
        
             }

     

       276
        
           ];

     

       277
        
         };

-6

modules/nixos/profiles/base/default.nix

···

       42
        
           networking.networkmanager.enable = true;

     

       43
        
       

     

       44
        
           security = {

     

       45
       -
             polkit.enable = true;

     

       46
        
             rtkit.enable = true;

     

       47
       -
       

     

       48
       -
             sudo-rs = {

     

       49
       -
               enable = true;

     

       50
       -
               wheelNeedsPassword = false;

     

       51
       -
             };

     

       52
        
           };

     

       53
        
       

     

       54
        
           services = {

···

       42
        
           networking.networkmanager.enable = true;

     

       43
        
       

     

       44
        
           security = {

     

       0
        
       
     

       45
        
             rtkit.enable = true;

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       46
        
           };

     

       47
        
       

     

       48
        
           services = {

+2 -1

modules/nixos/profiles/default.nix

···

       1
        
       {...}: {

     

       2
        
         imports = [

     

       3
        
           ./arr

     

       0
        
       
     

       4
        
           ./base

     

       5
        
           ./btrfs

     

       6
       -
           ./backups

     

       7
        
           ./workstation

     

       8
        
           ./server

     

       9
        
           ./autoUpgrade

···

       1
        
       {...}: {

     

       2
        
         imports = [

     

       3
        
           ./arr

     

       4
       +
           ./backups

     

       5
        
           ./base

     

       6
        
           ./btrfs

     

       7
       +
           ./hibernation

     

       8
        
           ./workstation

     

       9
        
           ./server

     

       10
        
           ./autoUpgrade

+53

modules/nixos/profiles/hibernation/default.nix

···

       1
       +
       {

     

       2
       +
         config,

     

       3
       +
         lib,

     

       4
       +
         ...

     

       5
       +
       }: {

     

       6
       +
         options.myNixOS.profiles.hibernation = {

     

       7
       +
           enable = lib.mkEnableOption "enable hibernation";

     

       8
       +
           swap = {

     

       9
       +
             size = lib.mkOption {

     

       10
       +
               default = 0;

     

       11
       +
               description = "Swap size in megabytes.";

     

       12
       +
               type = lib.types.int;

     

       13
       +
             };

     

       14
       +
       

     

       15
       +
             location = lib.mkOption {

     

       16
       +
               default = "/.swap";

     

       17
       +
               description = "Swap file location.";

     

       18
       +
               type = lib.types.path;

     

       19
       +
             };

     

       20
       +
       

     

       21
       +
             keyFile = lib.mkOption {

     

       22
       +
               default = "/.swapkey";

     

       23
       +
               description = "Location of the encryption key.";

     

       24
       +
               type = lib.types.path;

     

       25
       +
             };

     

       26
       +
       

     

       27
       +
             blkDev = lib.mkOption {

     

       28
       +
               default = "/dev/sda1";

     

       29
       +
               description = "Block device for swap file.";

     

       30
       +
               type = lib.types.path;

     

       31
       +
             };

     

       32
       +
           };

     

       33
       +
         };

     

       34
       +
       

     

       35
       +
         config = lib.mkIf (config.myNixOS.profiles.hibernation.enable && config.myNixOS.profiles.hibernation.swap.size > 0) {

     

       36
       +
           myNixOS.profiles.swap = {

     

       37
       +
             enable = true;

     

       38
       +
             random = false;

     

       39
       +
             inherit (config.myNixOS.profiles.hibernation.swap) size location keyFile blkDev;

     

       40
       +
           };

     

       41
       +
       

     

       42
       +
           services.logind.settings.Login = {

     

       43
       +
             HandleLidSwitch = "suspend-then-hibernate";

     

       44
       +
             HandlePowerKey = "suspend-then-hibernate";

     

       45
       +
           };

     

       46
       +
       

     

       47
       +
           systemd.sleep.extraConfig = ''

     

       48
       +
             HibernateDelaySec=15m

     

       49
       +
             AllowSuspendThenHibernate=yes

     

       50
       +
             HibernateOnACPower=no

     

       51
       +
           '';

     

       52
       +
         };

     

       53
       +
       }

+24 -1

modules/nixos/profiles/swap/default.nix

···

       17
        
             description = "Swap file location.";

     

       18
        
             type = lib.types.path;

     

       19
        
           };

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       20
        
         };

     

       21
        
       

     

       22
        
         config = lib.mkIf config.myNixOS.profiles.swap.enable {

     
···

       24
        
             {

     

       25
        
               device = config.myNixOS.profiles.swap.location;

     

       26
        
               priority = 0;

     

       27
       -
               randomEncryption.enable = true;

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       28
        
               inherit (config.myNixOS.profiles.swap) size;

     

       29
        
             }

     

       30
        
           ];

···

       17
        
             description = "Swap file location.";

     

       18
        
             type = lib.types.path;

     

       19
        
           };

     

       20
       +
       

     

       21
       +
           random = lib.mkOption {

     

       22
       +
             default = true;

     

       23
       +
             description = "Enable random encryption for swap file.";

     

       24
       +
             type = lib.types.bool;

     

       25
       +
           };

     

       26
       +
       

     

       27
       +
           keyFile = lib.mkOption {

     

       28
       +
             default = "/.swapkey";

     

       29
       +
             description = "Location of the encryption key.";

     

       30
       +
             type = lib.types.path;

     

       31
       +
           };

     

       32
       +
       

     

       33
       +
           blkDev = lib.mkOption {

     

       34
       +
             default = "/dev/sda1";

     

       35
       +
             description = "Block device for swap file.";

     

       36
       +
             type = lib.types.path;

     

       37
       +
           };

     

       38
        
         };

     

       39
        
       

     

       40
        
         config = lib.mkIf config.myNixOS.profiles.swap.enable {

     
···

       42
        
             {

     

       43
        
               device = config.myNixOS.profiles.swap.location;

     

       44
        
               priority = 0;

     

       45
       +
               randomEncryption.enable = config.myNixOS.profiles.swap.random;

     

       46
       +
               encrypted = lib.mkIf (!config.myNixOS.profiles.swap.random) {

     

       47
       +
                 label = "swapfile";

     

       48
       +
                 enable = true;

     

       49
       +
                 inherit (config.myNixOS.profiles.swap) keyFile blkDev;

     

       50
       +
               };

     

       51
        
               inherit (config.myNixOS.profiles.swap) size;

     

       52
        
             }

     

       53
        
           ];

+1 -3

modules/nixos/profiles/workstation/default.nix

···

       60
        
             };

     

       61
        
       

     

       62
        
             # kernelModules = ["ntsync"];

     

       63
       -
             kernelPackages = pkgs.linuxPackages_latest;

     

       64
        
           };

     

       65
        
       

     

       66
        
           services = {

     
···

       111
        
               enableSystemSlice = true;

     

       112
        
               enableUserSlices = true;

     

       113
        
             };

     

       114
       -
             # i hate these guys

     

       115
       -
             coredump.enable = false;

     

       116
        
           };

     

       117
        
       

     

       118
        
           zramSwap = {

···

       60
        
             };

     

       61
        
       

     

       62
        
             # kernelModules = ["ntsync"];

     

       63
       +
             kernelPackages = pkgs.linuxPackages_cachyos;

     

       64
        
           };

     

       65
        
       

     

       66
        
           services = {

     
···

       111
        
               enableSystemSlice = true;

     

       112
        
               enableUserSlices = true;

     

       113
        
             };

     

       0
        
       
     

       0
        
       
     

       114
        
           };

     

       115
        
       

     

       116
        
           zramSwap = {

+13 -1

modules/nixos/programs/nix/default.nix

···

       2
        
         config,

     

       3
        
         lib,

     

       4
        
         pkgs,

     

       0
        
       
     

       5
        
         ...

     

       6
       -
       }: {

     

       0
        
       
     

       0
        
       
     

       7
        
         options.myNixOS.programs.nix.enable = lib.mkEnableOption "sane nix configuration";

     

       8
        
       

     

       9
        
         config = lib.mkIf config.myNixOS.programs.nix.enable {

     
···

       24
        
               persistent = true;

     

       25
        
               randomizedDelaySec = "60min";

     

       26
        
             };

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       27
        
       

     

       28
        
             inherit (config.mySnippets.nix) settings;

     

       29
        
           };

···

       2
        
         config,

     

       3
        
         lib,

     

       4
        
         pkgs,

     

       5
       +
         inputs,

     

       6
        
         ...

     

       7
       +
       }: let

     

       8
       +
         flakeInputs = lib.filterAttrs (name: value: (lib.isType "flake" value) && (name != "self")) inputs;

     

       9
       +
       in {

     

       10
        
         options.myNixOS.programs.nix.enable = lib.mkEnableOption "sane nix configuration";

     

       11
        
       

     

       12
        
         config = lib.mkIf config.myNixOS.programs.nix.enable {

     
···

       27
        
               persistent = true;

     

       28
        
               randomizedDelaySec = "60min";

     

       29
        
             };

     

       30
       +
       

     

       31
       +
             # https://github.com/isabelroses/dotfiles/blob/main/modules/base/nix/nix.nix#L34-L38

     

       32
       +
             # pin the registry to avoid downloading and evaluating a new nixpkgs version everytime

     

       33
       +
             registry =

     

       34
       +
               (lib.mapAttrs (_: flake: {inherit flake;}) flakeInputs)

     

       35
       +
               // {

     

       36
       +
                 # https://github.com/NixOS/nixpkgs/pull/388090

     

       37
       +
                 nixpkgs = lib.mkForce {flake = inputs.nixpkgs;};

     

       38
       +
               };

     

       39
        
       

     

       40
        
             inherit (config.mySnippets.nix) settings;

     

       41
        
           };

+55

modules/nixos/security/apparmor.nix

···

       1
       +
       # https://github.com/isabelroses/dotfiles/blob/14a191bd583b34e242ad13a0164a3c32c506c655/modules/nixos/security/apparmor.nix

     

       2
       +
       {

     

       3
       +
         lib,

     

       4
       +
         pkgs,

     

       5
       +
         config,

     

       6
       +
         ...

     

       7
       +
       }: let

     

       8
       +
         inherit (lib) getExe;

     

       9
       +
       in {

     

       10
       +
         services.dbus.apparmor = "disabled";

     

       11
       +
       

     

       12
       +
         # apparmor configuration

     

       13
       +
         security.apparmor = {

     

       14
       +
           enable = true;

     

       15
       +
       

     

       16
       +
           # whether to enable the AppArmor cache

     

       17
       +
           # in /var/cache/apparmore

     

       18
       +
           enableCache = true;

     

       19
       +
       

     

       20
       +
           # whether to kill processes which have an AppArmor profile enabled

     

       21
       +
           # but are not confined

     

       22
       +
           killUnconfinedConfinables = true;

     

       23
       +
       

     

       24
       +
           # packages to be added to AppArmor’s include path

     

       25
       +
           packages = [pkgs.apparmor-profiles];

     

       26
       +
       

     

       27
       +
           # apparmor policies

     

       28
       +
           policies = {

     

       29
       +
             "default_deny" = {

     

       30
       +
               state = "disable";

     

       31
       +
               profile = ''

     

       32
       +
                 profile default_deny /** { }

     

       33
       +
               '';

     

       34
       +
             };

     

       35
       +
       

     

       36
       +
             "sudo" = {

     

       37
       +
               state = "disable";

     

       38
       +
               profile = ''

     

       39
       +
                 ${getExe pkgs.sudo} {

     

       40
       +
                   file /** rwlkUx,

     

       41
       +
                 }

     

       42
       +
               '';

     

       43
       +
             };

     

       44
       +
       

     

       45
       +
             "nix" = {

     

       46
       +
               state = "disable";

     

       47
       +
               profile = ''

     

       48
       +
                 ${getExe config.nix.package} {

     

       49
       +
                   unconfined,

     

       50
       +
                 }

     

       51
       +
               '';

     

       52
       +
             };

     

       53
       +
           };

     

       54
       +
         };

     

       55
       +
       }

+67

modules/nixos/security/default.nix

···

       1
       +
       {...}: {

     

       2
       +
         imports = [

     

       3
       +
           ./apparmor.nix

     

       4
       +
           ./pam.nix

     

       5
       +
           ./polkit.nix

     

       6
       +
           ./sudo.nix

     

       7
       +
         ];

     

       8
       +
       

     

       9
       +
         boot.blacklistedKernelModules = [

     

       10
       +
           # Obscure network protocols

     

       11
       +
           "ax25"

     

       12
       +
           "netrom"

     

       13
       +
           "rose"

     

       14
       +
           "dccp"

     

       15
       +
           "sctp"

     

       16
       +
           "rds"

     

       17
       +
           "tipc"

     

       18
       +
           "n-hdlc"

     

       19
       +
           "x25"

     

       20
       +
           "decnet"

     

       21
       +
           "econet"

     

       22
       +
           "af_802154"

     

       23
       +
           "ipx"

     

       24
       +
           "appletalk"

     

       25
       +
           "psnap"

     

       26
       +
           "p8023"

     

       27
       +
           "p8022"

     

       28
       +
           "can"

     

       29
       +
           "atm"

     

       30
       +
       

     

       31
       +
           # Old or rare or insufficiently audited filesystems

     

       32
       +
           "adfs"

     

       33
       +
           "affs"

     

       34
       +
           "bfs"

     

       35
       +
           "befs"

     

       36
       +
           "cramfs"

     

       37
       +
           "efs"

     

       38
       +
           "erofs"

     

       39
       +
           "exofs"

     

       40
       +
           "freevxfs"

     

       41
       +
           "f2fs"

     

       42
       +
           "hfs"

     

       43
       +
           "hpfs"

     

       44
       +
           "jfs"

     

       45
       +
           "minix"

     

       46
       +
           "nilfs2"

     

       47
       +
           #"ntfs"

     

       48
       +
           "omfs"

     

       49
       +
           "qnx4"

     

       50
       +
           "qnx6"

     

       51
       +
           "sysv"

     

       52
       +
           "ufs"

     

       53
       +
           # Various rare filesystems

     

       54
       +
           "jffs2"

     

       55
       +
           "hfsplus"

     

       56
       +
           #"squashfs"

     

       57
       +
           "udf"

     

       58
       +
           "cifs"

     

       59
       +
           "nfs"

     

       60
       +
           "nfsv3"

     

       61
       +
           "nfsv4"

     

       62
       +
           "gfs2"

     

       63
       +
           # vivid driver is only useful for testing purposes and has been the cause

     

       64
       +
           # of privilege escalation vulnerabilities

     

       65
       +
           "vivid"

     

       66
       +
         ];

     

       67
       +
       }

modules/nixos/security/pam.nix

···

       1
       +
       {

     

       2
       +
         security.pam = {

     

       3
       +
           services.login = {

     

       4
       +
             failDelay.enable = true;

     

       5
       +
           };

     

       6
       +
         };

     

       7
       +
       }

modules/nixos/security/polkit.nix

···

       1
       +
       {

     

       2
       +
         security.polkit.enable = true;

     

       3
       +
       }

+13

modules/nixos/security/sudo.nix

···

       1
       +
       {

     

       2
       +
         security.sudo-rs = {

     

       3
       +
           enable = true;

     

       4
       +
           wheelNeedsPassword = false;

     

       5
       +
           execWheelOnly = true;

     

       6
       +
       

     

       7
       +
           extraConfig = ''

     

       8
       +
             Defaults !lecture

     

       9
       +
             Defaults env_keep += "EDITOR PATH DISPLAY"

     

       10
       +
             Defaults timestamp_timeout = 30

     

       11
       +
           '';

     

       12
       +
         };

     

       13
       +
       }

+22

modules/nixos/services/atproto-basic-notifications/default.nix

···

       1
       +
       {

     

       2
       +
         config,

     

       3
       +
         lib,

     

       4
       +
         ...

     

       5
       +
       }: let

     

       6
       +
         name = "atproto-basic-notifications";

     

       7
       +
         cfg = config.myNixOS.services.${name};

     

       8
       +
       in {

     

       9
       +
         options.myNixOS.services.${name} = {

     

       10
       +
           enable = lib.mkEnableOption "${name}";

     

       11
       +
         };

     

       12
       +
       

     

       13
       +
         config = lib.mkIf cfg.enable {

     

       14
       +
           services.atproto-basic-notifications = {

     

       15
       +
             enable = true;

     

       16
       +
             environmentFiles = [config.age.secrets.atp-notif.path];

     

       17
       +
             settings = {

     

       18
       +
               TARGET_DID = "did:plc:3c6vkaq7xf5kz3va3muptjh5";

     

       19
       +
             };

     

       20
       +
           };

     

       21
       +
         };

     

       22
       +
       }

+6 -1

modules/nixos/services/caddy/default.nix

···

       12
        
           age.secrets.caddy.file = "${self.inputs.secrets}/caddy.age";

     

       13
        
           networking.firewall.allowedTCPPorts = [80 443];

     

       14
        
       

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       15
        
           services = {

     

       16
        
             caddy = {

     

       17
        
               enable = true;

     
···

       26
        
       

     

       27
        
               package = pkgs.caddy.withPlugins {

     

       28
        
                 plugins = ["github.com/tailscale/caddy-tailscale@v0.0.0-20250508175905-642f61fea3cc"];

     

       29
       -
                 hash = "sha256-r68btTv8N7X/pKwGkP8FWg371rt+bZETXdEN0/ZlFJI=";

     

       30
        
               };

     

       31
        
             };

     

       32
        
             tailscale.permitCertUid = "caddy";

···

       12
        
           age.secrets.caddy.file = "${self.inputs.secrets}/caddy.age";

     

       13
        
           networking.firewall.allowedTCPPorts = [80 443];

     

       14
        
       

     

       15
       +
           boot.kernel.sysctl = {

     

       16
       +
             "net.core.rmem_max" = 7500000;

     

       17
       +
             "net.core.wmem_max" = 7500000;

     

       18
       +
           };

     

       19
       +
       

     

       20
        
           services = {

     

       21
        
             caddy = {

     

       22
        
               enable = true;

     
···

       31
        
       

     

       32
        
               package = pkgs.caddy.withPlugins {

     

       33
        
                 plugins = ["github.com/tailscale/caddy-tailscale@v0.0.0-20250508175905-642f61fea3cc"];

     

       34
       +
                 hash = "sha256-r9EDkhcgwK11dB46AV+Em8ZE6Aa7IDMwibDGkg3e/rc=";

     

       35
        
               };

     

       36
        
             };

     

       37
        
             tailscale.permitCertUid = "caddy";

+3 -1

modules/nixos/services/default.nix

···

       1
        
       {...}: {

     

       2
        
         imports = [

     

       0
        
       
     

       3
        
           ./audiobookshelf

     

       4
        
           ./aria2

     

       5
        
           ./couchdb

     
···

       16
        
           ./jellyseerr

     

       17
        
           ./karakeep

     

       18
        
           ./miniflux

     

       19
       -
           ./monitoring

     

       20
        
           ./nitter

     

       21
        
           ./ntfy

     

       22
        
           ./pds

     

       23
        
           ./postgresql

     

       0
        
       
     

       24
        
           ./qbittorrent

     

       25
        
           ./radicale

     

       26
        
           ./redlib

     

       0
        
       
     

       27
        
           ./syncthing

     

       28
        
           ./tailscale

     

       29
        
           ./tangled-knot

···

       1
        
       {...}: {

     

       2
        
         imports = [

     

       3
       +
           ./atproto-basic-notifications

     

       4
        
           ./audiobookshelf

     

       5
        
           ./aria2

     

       6
        
           ./couchdb

     
···

       17
        
           ./jellyseerr

     

       18
        
           ./karakeep

     

       19
        
           ./miniflux

     

       0
        
       
     

       20
        
           ./nitter

     

       21
        
           ./ntfy

     

       22
        
           ./pds

     

       23
        
           ./postgresql

     

       24
       +
           ./privatebin

     

       25
        
           ./qbittorrent

     

       26
        
           ./radicale

     

       27
        
           ./redlib

     

       28
       +
           ./sddm

     

       29
        
           ./syncthing

     

       30
        
           ./tailscale

     

       31
        
           ./tangled-knot

+17

modules/nixos/services/fail2ban/default.nix

···

       29
        
               source = config.age.secrets.cloudflareFail2ban.path;

     

       30
        
             };

     

       31
        
       

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       32
        
             "fail2ban/action.d/ntfy.conf".text = ''

     

       33
        
               [Definition]

     

       34
        
               actionban = ${mkNotify {

     
···

       71
        
             bantime-increment.enable = true;

     

       72
        
             extraPackages = [pkgs.curl pkgs.jq pkgs.uutils-coreutils-noprefix];

     

       73
        
             jails = {

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       74
        
               # HTTP basic-auth failures, 5 tries → 1-day ban

     

       75
        
               nginx-http-auth = {

     

       76
        
                 settings = {

···

       29
        
               source = config.age.secrets.cloudflareFail2ban.path;

     

       30
        
             };

     

       31
        
       

     

       32
       +
             "fail2ban/filter.d/forgejo.conf".text = ''

     

       33
       +
               [Definition]

     

       34
       +
               failregex =  .*(Failed authentication attempt|invalid credentials|Attempted access of unknown user).* from <HOST>

     

       35
       +
               journalmatch = _SYSTEMD_UNIT=forgejo.service

     

       36
       +
             '';

     

       37
       +
       

     

       38
        
             "fail2ban/action.d/ntfy.conf".text = ''

     

       39
        
               [Definition]

     

       40
        
               actionban = ${mkNotify {

     
···

       77
        
             bantime-increment.enable = true;

     

       78
        
             extraPackages = [pkgs.curl pkgs.jq pkgs.uutils-coreutils-noprefix];

     

       79
        
             jails = {

     

       80
       +
               forgejo.settings = {

     

       81
       +
                 action = ''

     

       82
       +
                   mycloudflare

     

       83
       +
                     iptables-allports

     

       84
       +
                     ntfy'';

     

       85
       +
                 bantime = 900;

     

       86
       +
                 filter = "forgejo";

     

       87
       +
                 findtime = 3600;

     

       88
       +
                 maxretry = 4;

     

       89
       +
               };

     

       90
       +
       

     

       91
        
               # HTTP basic-auth failures, 5 tries → 1-day ban

     

       92
        
               nginx-http-auth = {

     

       93
        
                 settings = {

+63 -162

modules/nixos/services/forgejo/default.nix

···

       1
       -
       # damn this is really messy

     

       2
        
       {

     

       3
        
         config,

     

       4
        
         lib,

     
···

       11
        
       

     

       12
        
         network = config.mySnippets.aylac-top;

     

       13
        
         service = network.networkMap.${name};

     

       14
       -
       

     

       15
       -
         mkNotify = {

     

       16
       -
           message,

     

       17
       -
           channel,

     

       18
       -
           priority ? 1,

     

       19
       -
         }: ''

     

       20
       -
           curl -u $(cat "${config.age.secrets.ntfyAuto.path}") \

     

       21
       -
             -H "X-Priority: ${toString priority}" \

     

       22
       -
             -d '${message}' \

     

       23
       -
             https://${config.mySnippets.aylac-top.networkMap.ntfy.vHost}/${channel}

     

       24
       -
         '';

     

       25
        
       in {

     

       26
        
         options.myNixOS.services.${name} = {

     

       27
        
           enable = lib.mkEnableOption "forgejo git forge";

     

       28
        
       

     

       29
       -
           db = lib.mkOption {

     

       30
       -
             description = "Database to use (sqlite or postgresql).";

     

       31
       -
             default = "sqlite";

     

       32
       -
             type = lib.types.str;

     

       33
       -
           };

     

       34
       -
       

     

       35
        
           autoProxy = lib.mkOption {

     

       36
        
             default = true;

     

       37
        
             example = false;

     
···

       43
        
         config = lib.mkIf cfg.enable {

     

       44
        
           age.secrets.cloudflareFail2ban.file = "${self.inputs.secrets}/cloudflare/fail2ban.age";

     

       45
        
       

     

       46
       -
           services.cloudflared.tunnels."${network.cloudflareTunnel}".ingress = lib.mkIf cfg.autoProxy {

     

       47
       -
             "${service.vHost}" = "http://${service.hostName}:${toString service.port}";

     

       48
       -
           };

     

       49
       -
       

     

       50
       -
           myNixOS.services.postgresql = lib.mkIf (cfg.db == "postgresql") {

     

       51
       -
             enable = true;

     

       52
       -
             databases = ["forgejo"];

     

       53
       -
           };

     

       54
       -
       

     

       55
       -
           containers.forgejo = {

     

       56
       -
             autoStart = true;

     

       57
       -
             bindMounts = {

     

       58
       -
               "${config.age.secrets.cloudflareFail2ban.path}".isReadOnly = true;

     

       59
       -
               "${config.age.secrets.ntfyAuto.path}".isReadOnly = true;

     

       60
        
             };

     

       61
        
       

     

       62
       -
             config = {

     

       63
       -
               services = {

     

       64
       -
                 postgresql.enable = lib.mkForce false;

     

       65
        
       

     

       66
       -
                 forgejo = {

     

       67
       -
                   enable = true;

     

       68
        
       

     

       69
       -
                   database = lib.mkIf (cfg.db

     

       70
       -
                     == "postgresql") {

     

       71
       -
                     host = "127.0.0.1";

     

       72
       -
                     name = "forgejo";

     

       73
       -
                     type = "postgres";

     

       74
       -
                     user = "forgejo";

     

       75
       -
                     socket = null;

     

       76
       -
                   };

     

       77
        
       

     

       78
       -
                   lfs.enable = true;

     

       79
       -
                   package = pkgs.forgejo;

     

       0
        
       
     

       0
        
       
     

       80
        
       

     

       81
       -
                   settings = {

     

       82
       -
                     actions = {

     

       83
       -
                       ARTIFACT_RETENTION_DAYS = 15;

     

       84
       -
                       DEFAULT_ACTIONS_URL = "https://github.com";

     

       85
       -
                       ENABLED = false;

     

       86
       -
                     };

     

       87
        
       

     

       88
       -
                     cron = {

     

       89
       -
                       ENABLED = true;

     

       90
       -
                       RUN_AT_START = false;

     

       91
       -
                     };

     

       92
        
       

     

       93
       -
                     DEFAULT.APP_NAME = "git.aylac.top";

     

       94
       -
                     federation.ENABLED = true;

     

       95
       -
                     indexer.REPO_INDEXER_ENABLED = true;

     

       96
        
       

     

       97
       -
                     log = {

     

       98
       -
                       ENABLE_SSH_LOG = true;

     

       99
       -
                       LEVEL = "Debug";

     

       100
       -
                     };

     

       101
        
       

     

       102
       -
                     mailer = {

     

       103
       -
                       ENABLED = false;

     

       104
       -
                     };

     

       0
        
       
     

       105
        
       

     

       106
       -
                     migrations = {

     

       107
       -
                       ALLOW_LOCALNETWORKS = true;

     

       108
       -
                     };

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       109
        
       

     

       110
       -
                     picture = {

     

       111
       -
                       AVATAR_MAX_FILE_SIZE = 5242880;

     

       112
       -
                       ENABLE_FEDERATED_AVATAR = true;

     

       113
       -
                     };

     

       114
       -
       

     

       115
       -
                     repository = {

     

       116
       -
                       DEFAULT_BRANCH = "main";

     

       117
       -
                       ENABLE_PUSH_CREATE_ORG = true;

     

       118
       -
                       ENABLE_PUSH_CREATE_USER = true;

     

       119
       -
                       PREFERRED_LICENSES = "GPL-3.0";

     

       120
       -
                     };

     

       121
       -
       

     

       122
       -
                     security.PASSWORD_CHECK_PWN = true;

     

       123
       -
       

     

       124
       -
                     server = {

     

       125
       -
                       DOMAIN = service.vHost;

     

       126
       -
                       HTTP_PORT = service.port;

     

       127
       -
                       LANDING_PAGE = "explore";

     

       128
       -
                       LFS_START_SERVER = true;

     

       129
       -
                       ROOT_URL = "https://${service.vHost}/";

     

       130
       -
                       DISABLE_SSH = true;

     

       131
       -
                     };

     

       132
       -
       

     

       133
       -
                     service = {

     

       134
       -
                       ALLOW_ONLY_INTERNAL_REGISTRATION = true;

     

       135
       -
                       DISABLE_REGISTRATION = true;

     

       136
       -
                       ENABLE_NOTIFY_MAIL = true;

     

       137
       -
                     };

     

       138
       -
       

     

       139
       -
                     session.COOKIE_SECURE = true;

     

       140
        
       

     

       141
       -
                     storage = {

     

       142
       -
                       STORAGE_TYPE = "local";

     

       143
       -
                       PATH = "/var/lib/forgejo/data";

     

       144
       -
                     };

     

       145
       -
       

     

       146
       -
                     ui.DEFAULT_THEME = "forgejo-auto";

     

       147
       -
       

     

       148
       -
                     "ui.meta" = {

     

       149
       -
                       AUTHOR = "Ayla";

     

       150
       -
                       DESCRIPTION = "i can't set up ssh via cloudflare tunnels!";

     

       151
       -
                       KEYWORDS = "git,source code,forge,forgejo,aylac";

     

       152
       -
                     };

     

       153
       -
                   };

     

       154
        
                 };

     

       155
        
       

     

       156
       -
                 fail2ban = {

     

       157
       -
                   enable = true;

     

       158
       -
                   ignoreIP = ["100.64.0.0/10"];

     

       159
       -
                   bantime = "24h";

     

       160
       -
                   bantime-increment.enable = true;

     

       161
       -
                   extraPackages = [pkgs.curl pkgs.jq pkgs.uutils-coreutils-noprefix];

     

       162
       -
                   jails.forgejo.settings = {

     

       163
       -
                     action = ''

     

       164
       -
                       mycloudflare

     

       165
       -
                         iptables-allports

     

       166
       -
                         ntfy'';

     

       167
       -
                     bantime = 900;

     

       168
       -
                     filter = "forgejo";

     

       169
       -
                     findtime = 3600;

     

       170
       -
                     maxretry = 4;

     

       171
       -
                   };

     

       172
        
                 };

     

       173
       -
               };

     

       174
        
       

     

       175
       -
               environment.etc = {

     

       176
       -
                 "fail2ban/action.d/mycloudflare.conf" = {

     

       177
       -
                   user = "root";

     

       178
       -
                   group = "root";

     

       179
       -
                   mode = "0640";

     

       180
       -
                   source = config.age.secrets.cloudflareFail2ban.path;

     

       181
       -
                 };

     

       182
        
       

     

       183
       -
                 "fail2ban/action.d/ntfy.conf".text = ''

     

       184
       -
                   [Definition]

     

       185
       -
                   actionban = ${mkNotify {

     

       186
       -
                     message = "Arrested <ip> for trying to rob <name> at ${config.networking.hostName}";

     

       187
       -
                     channel = "fail2ban";

     

       188
       -
                     priority = 3;

     

       189
       -
                   }}

     

       190
       -
                   actionunban = ${mkNotify {

     

       191
       -
                     message = "Released <ip> from the jail at ${config.networking.hostName}";

     

       192
       -
                     channel = "fail2ban";

     

       193
       -
                     priority = 2;

     

       194
       -
                   }}

     

       195
       -
                 '';

     

       196
        
       

     

       197
       -
                 "fail2ban/filter.d/forgejo.conf".text = ''

     

       198
       -
                   [Definition]

     

       199
       -
                   failregex =  .*(Failed authentication attempt|invalid credentials|Attempted access of unknown user).* from <HOST>

     

       200
       -
                   journalmatch = _SYSTEMD_UNIT=forgejo.service

     

       201
       -
                 '';

     

       202
       -
               };

     

       203
        
       

     

       204
       -
               systemd.services.forgejo = lib.mkIf (cfg.db

     

       205
       -
                 == "postgresql") {

     

       206
       -
                 after = lib.mkForce ["network.target" "forgejo-secrets.service"];

     

       207
       -
                 requires = lib.mkForce ["forgejo-secrets.service"];

     

       0
        
       
     

       208
        
               };

     

       209
       -
       

     

       210
       -
               system.stateVersion = "25.11";

     

       211
        
             };

     

       212
        
           };

     

       213
        
         };

···

       0
        
       
     

       1
        
       {

     

       2
        
         config,

     

       3
        
         lib,

     
···

       10
        
       

     

       11
        
         network = config.mySnippets.aylac-top;

     

       12
        
         service = network.networkMap.${name};

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       13
        
       in {

     

       14
        
         options.myNixOS.services.${name} = {

     

       15
        
           enable = lib.mkEnableOption "forgejo git forge";

     

       16
        
       

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       17
        
           autoProxy = lib.mkOption {

     

       18
        
             default = true;

     

       19
        
             example = false;

     
···

       25
        
         config = lib.mkIf cfg.enable {

     

       26
        
           age.secrets.cloudflareFail2ban.file = "${self.inputs.secrets}/cloudflare/fail2ban.age";

     

       27
        
       

     

       28
       +
           services = {

     

       29
       +
             cloudflared.tunnels."${network.cloudflareTunnel}".ingress = lib.mkIf cfg.autoProxy {

     

       30
       +
               "${service.vHost}" = "http://${service.hostName}:${toString service.port}";

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       31
        
             };

     

       32
        
       

     

       33
       +
             forgejo = {

     

       34
       +
               enable = true;

     

       0
        
       
     

       35
        
       

     

       36
       +
               lfs.enable = true;

     

       37
       +
               package = pkgs.forgejo;

     

       38
        
       

     

       39
       +
               settings = {

     

       40
       +
                 actions = {

     

       41
       +
                   ARTIFACT_RETENTION_DAYS = 15;

     

       42
       +
                   DEFAULT_ACTIONS_URL = "https://github.com";

     

       43
       +
                   ENABLED = false;

     

       44
       +
                 };

     

       0
        
       
     

       0
        
       
     

       45
        
       

     

       46
       +
                 cron = {

     

       47
       +
                   ENABLED = true;

     

       48
       +
                   RUN_AT_START = false;

     

       49
       +
                 };

     

       50
        
       

     

       51
       +
                 DEFAULT.APP_NAME = "git.aylac.top";

     

       52
       +
                 federation.ENABLED = true;

     

       53
       +
                 indexer.REPO_INDEXER_ENABLED = true;

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       54
        
       

     

       55
       +
                 log = {

     

       56
       +
                   ENABLE_SSH_LOG = true;

     

       57
       +
                   LEVEL = "Debug";

     

       58
       +
                 };

     

       59
        
       

     

       60
       +
                 mailer = {

     

       61
       +
                   ENABLED = false;

     

       62
       +
                 };

     

       63
        
       

     

       64
       +
                 migrations = {

     

       65
       +
                   ALLOW_LOCALNETWORKS = true;

     

       66
       +
                 };

     

       0
        
       
     

       67
        
       

     

       68
       +
                 picture = {

     

       69
       +
                   AVATAR_MAX_FILE_SIZE = 5242880;

     

       70
       +
                   ENABLE_FEDERATED_AVATAR = true;

     

       71
       +
                 };

     

       72
        
       

     

       73
       +
                 repository = {

     

       74
       +
                   DEFAULT_BRANCH = "main";

     

       75
       +
                   ENABLE_PUSH_CREATE_ORG = true;

     

       76
       +
                   ENABLE_PUSH_CREATE_USER = true;

     

       77
       +
                   PREFERRED_LICENSES = "GPL-3.0";

     

       78
       +
                 };

     

       79
        
       

     

       80
       +
                 security.PASSWORD_CHECK_PWN = true;

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       81
        
       

     

       82
       +
                 server = {

     

       83
       +
                   DOMAIN = service.vHost;

     

       84
       +
                   HTTP_PORT = service.port;

     

       85
       +
                   LANDING_PAGE = "explore";

     

       86
       +
                   LFS_START_SERVER = true;

     

       87
       +
                   ROOT_URL = "https://${service.vHost}/";

     

       88
       +
                   DISABLE_SSH = true;

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       89
        
                 };

     

       90
        
       

     

       91
       +
                 service = {

     

       92
       +
                   ALLOW_ONLY_INTERNAL_REGISTRATION = true;

     

       93
       +
                   DISABLE_REGISTRATION = true;

     

       94
       +
                   ENABLE_NOTIFY_MAIL = true;

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       95
        
                 };

     

       0
        
       
     

       96
        
       

     

       97
       +
                 session.COOKIE_SECURE = true;

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       98
        
       

     

       99
       +
                 storage = {

     

       100
       +
                   STORAGE_TYPE = "local";

     

       101
       +
                   PATH = "/var/lib/forgejo/data";

     

       102
       +
                 };

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       103
        
       

     

       104
       +
                 ui.DEFAULT_THEME = "forgejo-auto";

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       105
        
       

     

       106
       +
                 "ui.meta" = {

     

       107
       +
                   AUTHOR = "Ayla";

     

       108
       +
                   DESCRIPTION = "i can't set up ssh via cloudflare tunnels!";

     

       109
       +
                   KEYWORDS = "git,source code,forge,forgejo,aylac";

     

       110
       +
                 };

     

       111
        
               };

     

       0
        
       
     

       0
        
       
     

       112
        
             };

     

       113
        
           };

     

       114
        
         };

+42 -19

modules/nixos/services/glance/default.nix

···

       33
        
       

     

       34
        
             glance = {

     

       35
        
               enable = true;

     

       36
       -
               openFirewall = true;

     

       37
        
       

     

       38
        
               settings = {

     

       39
        
                 pages = [

     
···

       84
        
                                 check-url = "http://${tailnet.networkMap.vaultwarden.hostName}:${toString tailnet.networkMap.vaultwarden.port}/";

     

       85
        
                                 icon = "di:vaultwarden";

     

       86
        
                               }

     

       87
       -
                               {

     

       88
       -
                                 title = "Karakeep";

     

       89
       -
                                 url = "https://${tailnet.networkMap.karakeep.vHost}/";

     

       90
       -
                                 check-url = "http://${tailnet.networkMap.karakeep.hostName}:${toString tailnet.networkMap.karakeep.port}/";

     

       91
       -
                                 icon = "di:karakeep";

     

       92
       -
                               }

     

       93
        
                               {

     

       94
        
                                 title = "Jellyfin";

     

       95
        
                                 url = "https://${tailnet.networkMap.jellyfin.vHost}/";

     
···

       114
        
                                 check-url = "http://${tailnet.networkMap.radarr.hostName}:${toString tailnet.networkMap.radarr.port}/";

     

       115
        
                                 icon = "di:radarr";

     

       116
        
                               }

     

       117
       -
                               #{

     

       118
       -
                               #  title = "Lidarr";

     

       119
       -
                               #  url = "https://${tailnet.networkMap.lidarr.vHost}/";

     

       120
       -
                               #  check-url = "http://${tailnet.networkMap.lidarr.hostName}:${toString tailnet.networkMap.lidarr.port}/";

     

       121
       -
                               #  icon = "di:lidarr";

     

       122
       -
                               #}

     

       123
        
                               {

     

       124
        
                                 title = "Prowlarr";

     

       125
        
                                 url = "https://${tailnet.networkMap.prowlarr.vHost}/";

     

       126
        
                                 check-url = "http://${tailnet.networkMap.prowlarr.hostName}:${toString tailnet.networkMap.prowlarr.port}/";

     

       127
        
                                 icon = "di:prowlarr";

     

       128
        
                               }

     

       129
       -
                               {

     

       130
       -
                                 title = "Bazarr";

     

       131
       -
                                 url = "https://${tailnet.networkMap.bazarr.vHost}/";

     

       132
       -
                                 check-url = "http://${tailnet.networkMap.bazarr.hostName}:${toString tailnet.networkMap.bazarr.port}/";

     

       133
       -
                                 icon = "di:bazarr";

     

       134
       -
                               }

     

       135
        
                               {

     

       136
        
                                 title = "Autobrr";

     

       137
        
                                 url = "https://${tailnet.networkMap.autobrr.vHost}/";

     
···

       180
        
                                 url = "https://${tailnet.networkMap.audiobookshelf.vHost}/";

     

       181
        
                                 check-url = "http://${tailnet.networkMap.audiobookshelf.hostName}:${toString tailnet.networkMap.audiobookshelf.port}/";

     

       182
        
                                 icon = "di:audiobookshelf";

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       183
        
                               }

     

       184
        
                             ];

     

       185
        
                           }

···

       33
        
       

     

       34
        
             glance = {

     

       35
        
               enable = true;

     

       36
       +
               openFirewall = false;

     

       37
        
       

     

       38
        
               settings = {

     

       39
        
                 pages = [

     
···

       84
        
                                 check-url = "http://${tailnet.networkMap.vaultwarden.hostName}:${toString tailnet.networkMap.vaultwarden.port}/";

     

       85
        
                                 icon = "di:vaultwarden";

     

       86
        
                               }

     

       87
       +
                               #{

     

       88
       +
                               #  title = "Karakeep";

     

       89
       +
                               #  url = "https://${tailnet.networkMap.karakeep.vHost}/";

     

       90
       +
                               #  check-url = "http://${tailnet.networkMap.karakeep.hostName}:${toString tailnet.networkMap.karakeep.port}/";

     

       91
       +
                               #  icon = "di:karakeep";

     

       92
       +
                               #}

     

       93
        
                               {

     

       94
        
                                 title = "Jellyfin";

     

       95
        
                                 url = "https://${tailnet.networkMap.jellyfin.vHost}/";

     
···

       114
        
                                 check-url = "http://${tailnet.networkMap.radarr.hostName}:${toString tailnet.networkMap.radarr.port}/";

     

       115
        
                                 icon = "di:radarr";

     

       116
        
                               }

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       117
        
                               {

     

       118
        
                                 title = "Prowlarr";

     

       119
        
                                 url = "https://${tailnet.networkMap.prowlarr.vHost}/";

     

       120
        
                                 check-url = "http://${tailnet.networkMap.prowlarr.hostName}:${toString tailnet.networkMap.prowlarr.port}/";

     

       121
        
                                 icon = "di:prowlarr";

     

       122
        
                               }

     

       123
       +
                               #{

     

       124
       +
                               #  title = "Bazarr";

     

       125
       +
                               #  url = "https://${tailnet.networkMap.bazarr.vHost}/";

     

       126
       +
                               #  check-url = "http://${tailnet.networkMap.bazarr.hostName}:${toString tailnet.networkMap.bazarr.port}/";

     

       127
       +
                               #  icon = "di:bazarr";

     

       128
       +
                               #}

     

       129
        
                               {

     

       130
        
                                 title = "Autobrr";

     

       131
        
                                 url = "https://${tailnet.networkMap.autobrr.vHost}/";

     
···

       174
        
                                 url = "https://${tailnet.networkMap.audiobookshelf.vHost}/";

     

       175
        
                                 check-url = "http://${tailnet.networkMap.audiobookshelf.hostName}:${toString tailnet.networkMap.audiobookshelf.port}/";

     

       176
        
                                 icon = "di:audiobookshelf";

     

       177
       +
                               }

     

       178
       +
                             ];

     

       179
       +
                           }

     

       180
       +
                           {

     

       181
       +
                             type = "split-column";

     

       182
       +
                             max-columns = 3;

     

       183
       +
                             widgets = [

     

       184
       +
                               {

     

       185
       +
                                 type = "hacker-news";

     

       186
       +
                                 limit = 30;

     

       187
       +
                                 collapse-after = 10;

     

       188
       +
                               }

     

       189
       +
                               {

     

       190
       +
                                 type = "lobsters";

     

       191
       +
                                 limit = 30;

     

       192
       +
                                 collapse-after = 10;

     

       193
       +
                               }

     

       194
       +
                               {

     

       195
       +
                                 type = "rss";

     

       196
       +
                                 title = "Tildes";

     

       197
       +
                                 limit = 30;

     

       198
       +
                                 collapse-after = 10;

     

       199
       +
                                 cache = "1h";

     

       200
       +
                                 feeds = [

     

       201
       +
                                   {

     

       202
       +
                                     url = "https://tildes.net/topics.rss";

     

       203
       +
                                     title = "tildes.net";

     

       204
       +
                                   }

     

       205
       +
                                 ];

     

       206
        
                               }

     

       207
        
                             ];

     

       208
        
                           }

+2 -6

modules/nixos/services/miniflux/default.nix

···

       23
        
         config = lib.mkIf cfg.enable {

     

       24
        
           age.secrets.miniflux.file = "${self.inputs.secrets}/miniflux.age";

     

       25
        
       

     

       26
       -
           myNixOS.services.postgresql = {

     

       27
       -
             enable = true;

     

       28
       -
             databases = ["miniflux"];

     

       29
       -
           };

     

       30
        
       

     

       31
        
           services = {

     

       32
        
             caddy.virtualHosts."${service.vHost}".extraConfig = lib.mkIf cfg.autoProxy ''

     
···

       38
        
             miniflux = {

     

       39
        
               enable = true;

     

       40
        
               adminCredentialsFile = config.age.secrets.miniflux.path;

     

       41
       -
               createDatabaseLocally = false;

     

       42
        
               config = {

     

       43
        
                 BATCH_SIZE = 100;

     

       44
        
                 CLEANUP_FREQUENCY_HOURS = 48;

     

       45
        
                 LISTEN_ADDR = "${service.hostName}:${toString service.port}";

     

       46
        
                 BASE_URL = "https://${service.vHost}";

     

       47
       -
                 DATABASE_URL = ''user=miniflux dbname=miniflux sslmode=disable'';

     

       48
        
               };

     

       49
        
             };

     

       50
        
           };

···

       23
        
         config = lib.mkIf cfg.enable {

     

       24
        
           age.secrets.miniflux.file = "${self.inputs.secrets}/miniflux.age";

     

       25
        
       

     

       26
       +
           myNixOS.services.postgresql.enable = true;

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       27
        
       

     

       28
        
           services = {

     

       29
        
             caddy.virtualHosts."${service.vHost}".extraConfig = lib.mkIf cfg.autoProxy ''

     
···

       35
        
             miniflux = {

     

       36
        
               enable = true;

     

       37
        
               adminCredentialsFile = config.age.secrets.miniflux.path;

     

       38
       +
               createDatabaseLocally = true;

     

       39
        
               config = {

     

       40
        
                 BATCH_SIZE = 100;

     

       41
        
                 CLEANUP_FREQUENCY_HOURS = 48;

     

       42
        
                 LISTEN_ADDR = "${service.hostName}:${toString service.port}";

     

       43
        
                 BASE_URL = "https://${service.vHost}";

     

       0
        
       
     

       44
        
               };

     

       45
        
             };

     

       46
        
           };

-43

modules/nixos/services/monitoring/default.nix

···

       1
       -
       {

     

       2
       -
         config,

     

       3
       -
         pkgs,

     

       4
       -
         ...

     

       5
       -
       }: let

     

       6
       -
         # idk how to share this across files :(

     

       7
       -
         mkNotify = {

     

       8
       -
           message,

     

       9
       -
           channel,

     

       10
       -
           priority ? 1,

     

       11
       -
         }: ''

     

       12
       -
           LOGIN=$(cat "${config.age.secrets.ntfyAuto.path}")

     

       13
       -
           ${pkgs.curl}/bin/curl -u $LOGIN \

     

       14
       -
             -H "X-Priority: ${toString priority}" \

     

       15
       -
             -d '${message}' \

     

       16
       -
             https://${config.mySnippets.aylac-top.networkMap.ntfy.vHost}/${channel}

     

       17
       -
         '';

     

       18
       -
       in {

     

       19
       -
         systemd.services.disk-space-check = {

     

       20
       -
           description = "Check for low disk space";

     

       21
       -
           script = ''

     

       22
       -
             #!${pkgs.bash}/bin/bash

     

       23
       -
             THRESHOLD=80

     

       24
       -
             USAGE=$(df --output=pcent / | tail -n 1 | tr -d ' %')

     

       25
       -
             if [ "$USAGE" -gt "$THRESHOLD" ]; then

     

       26
       -
               ${mkNotify {

     

       27
       -
               message = "CRITICAL: Disk space on / is at $USAGE% on ${config.networking.hostName}";

     

       28
       -
               channel = "network-status";

     

       29
       -
               priority = 5;

     

       30
       -
             }}

     

       31
       -
             fi

     

       32
       -
           '';

     

       33
       -
         };

     

       34
       -
       

     

       35
       -
         systemd.timers.disk-space-check = {

     

       36
       -
           description = "Run disk space check every hour";

     

       37
       -
           wantedBy = ["timers.target"];

     

       38
       -
           timerConfig = {

     

       39
       -
             OnCalendar = "hourly";

     

       40
       -
             Persistent = true;

     

       41
       -
           };

     

       42
       -
         };

     

       43
       -
       }

+59 -8

modules/nixos/services/pds/default.nix

···

       0
        
       
     

       1
        
       {

     

       2
        
         config,

     

       3
        
         lib,

     

       0
        
       
     

       0
        
       
     

       4
        
         ...

     

       5
        
       }: let

     

       6
        
         name = "pds";

     

       7
        
         cfg = config.myNixOS.services.${name};

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       8
        
       

     

       9
        
         network = config.mySnippets.aylac-top;

     

       10
        
         service = network.networkMap.${name};

     
···

       40
        
                 respond "${pdsHomePage}"

     

       41
        
               }

     

       42
        
       

     

       0
        
       
     

       43
        
               handle /xrpc/app.bsky.unspecced.getAgeAssuranceState {

     

       44
        
               	header content-type "application/json"

     

       45
        
               	header access-control-allow-headers "authorization,dpop,atproto-accept-labelers,atproto-proxy"

     
···

       47
        
               	respond `{"lastInitiatedAt":"2025-07-14T14:22:43.912Z","status":"assured"}` 200

     

       48
        
               }

     

       49
        
       

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       50
        
               handle {

     

       51
        
                 reverse_proxy ${service.hostName}:${toString service.port}

     

       52
        
               }

     
···

       57
        
             autoStart = true;

     

       58
        
             bindMounts."${config.age.secrets.pds.path}".isReadOnly = true;

     

       59
        
             config = {

     

       60
       -
               services.bluesky-pds = {

     

       61
       -
                 enable = true;

     

       62
       -
                 environmentFiles = [config.age.secrets.pds.path];

     

       63
       -
                 pdsadmin.enable = true;

     

       64
       -
                 settings = {

     

       65
       -
                   PDS_HOSTNAME = service.vHost;

     

       66
       -
                   # PDS_BSKY_APP_VIEW_URL = "https://bsky.zeppelin.social";

     

       67
       -
                   # PDS_BSKY_APP_VIEW_DID = "did:web:bsky.zeppelin.social";

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       68
        
                 };

     

       69
        
               };

     

       70

···

       1
       +
       # for the pds-gatekeeper https://tangled.sh/@isabelroses.com/dotfiles/blob/61ad925dc8b4537b568784971589b137df5cb948/modules/nixos/services/pds.nix

     

       2
        
       {

     

       3
        
         config,

     

       4
        
         lib,

     

       5
       +
         pkgs,

     

       6
       +
         self,

     

       7
        
         ...

     

       8
        
       }: let

     

       9
        
         name = "pds";

     

       10
        
         cfg = config.myNixOS.services.${name};

     

       11
       +
       

     

       12
       +
         gk = config.containers.pds.config.services.pds-gatekeeper.settings;

     

       13
       +
         gkurl = "http://${gk.GATEKEEPER_HOST}:${toString gk.GATEKEEPER_PORT}";

     

       14
        
       

     

       15
        
         network = config.mySnippets.aylac-top;

     

       16
        
         service = network.networkMap.${name};

     
···

       46
        
                 respond "${pdsHomePage}"

     

       47
        
               }

     

       48
        
       

     

       49
       +
               # https://gist.github.com/mary-ext/6e27b24a83838202908808ad528b3318

     

       50
        
               handle /xrpc/app.bsky.unspecced.getAgeAssuranceState {

     

       51
        
               	header content-type "application/json"

     

       52
        
               	header access-control-allow-headers "authorization,dpop,atproto-accept-labelers,atproto-proxy"

     
···

       54
        
               	respond `{"lastInitiatedAt":"2025-07-14T14:22:43.912Z","status":"assured"}` 200

     

       55
        
               }

     

       56
        
       

     

       57
       +
               # hijack the links for pds-gatekeeper

     

       58
       +
               #@gatekeeper {

     

       59
       +
               #  path /xrpc/com.atproto.server.getSession

     

       60
       +
               #  path /xrpc/com.atproto.server.updateEmail

     

       61
       +
               #  path /xrpc/com.atproto.server.createSession

     

       62
       +
               #  path /@atproto/oauth-provider/~api/sign-in

     

       63
       +
               #}

     

       64
       +
       

     

       65
       +
               #handle @gatekeeper {

     

       66
       +
               #  reverse_proxy ${gkurl}

     

       67
       +
               #}

     

       68
       +
       

     

       69
        
               handle {

     

       70
        
                 reverse_proxy ${service.hostName}:${toString service.port}

     

       71
        
               }

     
···

       76
        
             autoStart = true;

     

       77
        
             bindMounts."${config.age.secrets.pds.path}".isReadOnly = true;

     

       78
        
             config = {

     

       79
       +
               imports = [self.inputs.tgirlpkgs.nixosModules.default];

     

       80
       +
       

     

       81
       +
               services = {

     

       82
       +
                 bluesky-pds = {

     

       83
       +
                   enable = true;

     

       84
       +
                   environmentFiles = [config.age.secrets.pds.path];

     

       85
       +
                   pdsadmin.enable = true;

     

       86
       +
                   settings = {

     

       87
       +
                     PDS_HOSTNAME = service.vHost;

     

       88
       +
                     PDS_PORT = service.port;

     

       89
       +
                     # PDS_BSKY_APP_VIEW_URL = "https://bsky.zeppelin.social";

     

       90
       +
                     # PDS_BSKY_APP_VIEW_DID = "did:web:bsky.zeppelin.social";

     

       91
       +
       

     

       92
       +
                     # crawlers taken from the following post

     

       93
       +
                     # <https://bsky.app/profile/billy.wales/post/3lxpd67hnks2e>

     

       94
       +
                     PDS_CRAWLERS = lib.concatStringsSep "," [

     

       95
       +
                       "https://bsky.network"

     

       96
       +
                       "https://relay.cerulea.blue"

     

       97
       +
                       "https://relay.fire.hose.cam"

     

       98
       +
                       "https://relay2.fire.hose.cam"

     

       99
       +
                       "https://relay3.fr.hose.cam"

     

       100
       +
                       "https://relay.hayescmd.net"

     

       101
       +
                     ];

     

       102
       +
                   };

     

       103
       +
                 };

     

       104
       +
       

     

       105
       +
                 pds-gatekeeper = {

     

       106
       +
                   enable = false;

     

       107
       +
                   # we need to share a lot of secrets between pds and gatekeeper

     

       108
       +
                   environmentFiles = [config.age.secrets.pds.path];

     

       109
       +
       

     

       110
       +
                   settings = {

     

       111
       +
                     GATEKEEPER_PORT = 3602;

     

       112
       +
                     PDS_BASE_URL = "http://${service.hostName}:${toString service.port}";

     

       113
       +
                     GATEKEEPER_TRUST_PROXY = "true";

     

       114
       +
       

     

       115
       +
                     # make an empty file to prevent early errors due to no pds env

     

       116
       +
                     # it really wants to load this file but with nix we don't really do it that way

     

       117
       +
                     PDS_ENV_LOCATION = toString (pkgs.writeText "gatekeeper-pds-env" "");

     

       118
       +
                   };

     

       119
        
                 };

     

       120
        
               };

     

       121

+13 -28

modules/nixos/services/postgresql/default.nix

···

       2
        
         lib,

     

       3
        
         config,

     

       4
        
         pkgs,

     

       5
       -
         self,

     

       6
        
         ...

     

       7
        
       }: let

     

       8
        
         name = "postgresql";

     
···

       12
        
           enable = lib.mkEnableOption "${name} server";

     

       13
        
           databases = lib.mkOption {

     

       14
        
             type = lib.types.listOf lib.types.str;

     

       15
       -
             default = {};

     

       16
        
             description = "PostgreSQL databases.";

     

       17
        
           };

     

       18
        
         };

     

       19
        
       

     

       20
       -
         config.containers.postgresql = lib.mkIf cfg.enable {

     

       21
       -
           autoStart = true;

     

       22
       -
           config = {

     

       23
       -
             imports = [self.nixosModules.locale-en-gb];

     

       0
        
       
     

       24
        
       

     

       25
       -
             services.postgresql = {

     

       26
       -
               enable = true;

     

       27
       -
               enableTCPIP = true;

     

       28
       -
               package = pkgs.postgresql_16;

     

       29
       -
       

     

       30
       -
               ensureDatabases = cfg.databases;

     

       31
       -
               ensureUsers =

     

       32
       -
                 lib.map (dbName: {

     

       33
       -
                   name = dbName;

     

       34
       -
                   ensureDBOwnership = true;

     

       35
       -
                 })

     

       36
       -
                 cfg.databases;

     

       37
       -
       

     

       38
       -
               authentication = lib.concatStringsSep "\n" (

     

       39
       -
                 lib.map (dbName: ''

     

       40
       -
                   host ${dbName} ${dbName} samehost trust

     

       41
       -
                 '')

     

       42
       -
                 cfg.databases

     

       43
       -
               );

     

       44
       -
             };

     

       45
       -
       

     

       46
       -
             system.stateVersion = "25.11";

     

       47
        
           };

     

       48
        
         };

     

       49
        
       }

···

       2
        
         lib,

     

       3
        
         config,

     

       4
        
         pkgs,

     

       0
        
       
     

       5
        
         ...

     

       6
        
       }: let

     

       7
        
         name = "postgresql";

     
···

       11
        
           enable = lib.mkEnableOption "${name} server";

     

       12
        
           databases = lib.mkOption {

     

       13
        
             type = lib.types.listOf lib.types.str;

     

       14
       +
             default = [];

     

       15
        
             description = "PostgreSQL databases.";

     

       16
        
           };

     

       17
        
         };

     

       18
        
       

     

       19
       +
         config = lib.mkIf cfg.enable {

     

       20
       +
           services.postgresql = {

     

       21
       +
             enable = true;

     

       22
       +
             enableTCPIP = true;

     

       23
       +
             package = pkgs.postgresql_16;

     

       24
        
       

     

       25
       +
             ensureDatabases = cfg.databases;

     

       26
       +
             ensureUsers =

     

       27
       +
               lib.map (dbName: {

     

       28
       +
                 name = dbName;

     

       29
       +
                 ensureDBOwnership = true;

     

       30
       +
               })

     

       31
       +
               cfg.databases;

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       32
        
           };

     

       33
        
         };

     

       34
        
       }

+94

modules/nixos/services/privatebin/default.nix

···

       1
       +
       {

     

       2
       +
         config,

     

       3
       +
         lib,

     

       4
       +
         pkgs,

     

       5
       +
         ...

     

       6
       +
       }: let

     

       7
       +
         name = "privatebin";

     

       8
       +
         cfg = config.myNixOS.services.${name};

     

       9
       +
       

     

       10
       +
         network = config.mySnippets.aylac-top;

     

       11
       +
         service = network.networkMap.${name};

     

       12
       +
       

     

       13
       +
         package = pkgs.privatebin-ayla;

     

       14
       +
       in {

     

       15
       +
         options.myNixOS.services.${name} = {

     

       16
       +
           enable = lib.mkEnableOption "${name} server";

     

       17
       +
           autoProxy = lib.mkOption {

     

       18
       +
             default = true;

     

       19
       +
             example = false;

     

       20
       +
             description = "${name} auto proxy";

     

       21
       +
             type = lib.types.bool;

     

       22
       +
           };

     

       23
       +
         };

     

       24
       +
       

     

       25
       +
         config = lib.mkIf cfg.enable {

     

       26
       +
           services = {

     

       27
       +
             cloudflared.tunnels."${network.cloudflareTunnel}".ingress = lib.mkIf cfg.autoProxy {

     

       28
       +
               "${service.vHost}" = "http://localhost:${toString service.port}";

     

       29
       +
             };

     

       30
       +
       

     

       31
       +
             nginx = {

     

       32
       +
               enable = true;

     

       33
       +
               recommendedTlsSettings = lib.mkDefault true;

     

       34
       +
               recommendedOptimisation = lib.mkDefault true;

     

       35
       +
               recommendedGzipSettings = lib.mkDefault true;

     

       36
       +
               virtualHosts."${config.services.privatebin.virtualHost}" = {

     

       37
       +
                 root = "${package}";

     

       38
       +
                 locations = {

     

       39
       +
                   "/" = {

     

       40
       +
                     tryFiles = "$uri $uri/ /index.php?$query_string";

     

       41
       +
                     index = "index.php";

     

       42
       +
                     extraConfig = ''

     

       43
       +
                       sendfile off;

     

       44
       +
                     '';

     

       45
       +
                   };

     

       46
       +
                   "~ \\.php$" = {

     

       47
       +
                     extraConfig = ''

     

       48
       +
                       include ${config.services.nginx.package}/conf/fastcgi_params ;

     

       49
       +
                       fastcgi_param SCRIPT_FILENAME $request_filename;

     

       50
       +
                       fastcgi_param modHeadersAvailable true; #Avoid sending the security headers twice

     

       51
       +
                       fastcgi_pass unix:${config.services.phpfpm.pools.privatebin.socket};

     

       52
       +
                     '';

     

       53
       +
                   };

     

       54
       +
                 };

     

       55
       +
                 listen = [

     

       56
       +
                   {

     

       57
       +
                     addr = "localhost";

     

       58
       +
                     inherit (service) port;

     

       59
       +
                   }

     

       60
       +
                 ];

     

       61
       +
               };

     

       62
       +
             };

     

       63
       +
       

     

       64
       +
             privatebin = {

     

       65
       +
               inherit package;

     

       66
       +
               enable = true;

     

       67
       +
               group = "nginx";

     

       68
       +
               settings = {

     

       69
       +
                 main = {

     

       70
       +
                   name = "ayla's trashbin";

     

       71
       +
                   basepath = "https://${service.vHost}/";

     

       72
       +
                   discussion = true;

     

       73
       +
                   opendiscussion = false;

     

       74
       +
                   discussiondatedisplay = true;

     

       75
       +
                   password = true;

     

       76
       +
                   fileupload = true;

     

       77
       +
                   burnafterreadingselected = false;

     

       78
       +
                   defaultformatter = "plaintext";

     

       79
       +
                   syntaxhighlightingtheme = "sons-of-obsidian";

     

       80
       +
                   qrcode = true;

     

       81
       +
                   template = "bootstrap-dark";

     

       82
       +
                 };

     

       83
       +
                 model.class = "Database";

     

       84
       +
                 model_options = {

     

       85
       +
                   dsn = "sqlite:/var/lib/privatebin/data/db.sq3";

     

       86
       +
                   usr = null;

     

       87
       +
                   pwd = null;

     

       88
       +
                   "opt[12]" = true;

     

       89
       +
                 };

     

       90
       +
               };

     

       91
       +
             };

     

       92
       +
           };

     

       93
       +
         };

     

       94
       +
       }

+1 -1

modules/nixos/services/redlib/default.nix

···

       29
        
       

     

       30
        
             redlib = {

     

       31
        
               enable = true;

     

       32
       -
               openFirewall = true;

     

       33
        
               inherit (service) port;

     

       34
        
               settings = {

     

       35
        
                 ENABLE_RSS = "on";

···

       29
        
       

     

       30
        
             redlib = {

     

       31
        
               enable = true;

     

       32
       +
               openFirewall = false;

     

       33
        
               inherit (service) port;

     

       34
        
               settings = {

     

       35
        
                 ENABLE_RSS = "on";

+40

modules/nixos/services/sddm/default.nix

···

       1
       +
       {

     

       2
       +
         config,

     

       3
       +
         lib,

     

       4
       +
         ...

     

       5
       +
       }: {

     

       6
       +
         options.myNixOS.services.sddm = {

     

       7
       +
           enable = lib.mkEnableOption "use sddm";

     

       8
       +
       

     

       9
       +
           autoLogin = lib.mkOption {

     

       10
       +
             description = "User to autologin.";

     

       11
       +
             default = null;

     

       12
       +
             type = lib.types.nullOr lib.types.str;

     

       13
       +
           };

     

       14
       +
         };

     

       15
       +
       

     

       16
       +
         config = lib.mkIf config.myNixOS.services.sddm.enable {

     

       17
       +
           security.pam.services.sddm = {

     

       18
       +
             enableGnomeKeyring = true;

     

       19
       +
             gnupg.enable = true;

     

       20
       +
             kwallet.enable = false;

     

       21
       +
           };

     

       22
       +
       

     

       23
       +
           services = {

     

       24
       +
             displayManager = {

     

       25
       +
               autoLogin = lib.mkIf (config.myNixOS.services.sddm.autoLogin != null) {

     

       26
       +
                 enable = true;

     

       27
       +
                 user = config.myNixOS.services.sddm.autoLogin;

     

       28
       +
               };

     

       29
       +
       

     

       30
       +
               sddm = {

     

       31
       +
                 enable = true;

     

       32
       +
                 wayland = {

     

       33
       +
                   enable = true;

     

       34
       +
                   compositor = "kwin";

     

       35
       +
                 };

     

       36
       +
               };

     

       37
       +
             };

     

       38
       +
           };

     

       39
       +
         };

     

       40
       +
       }

+38 -21

modules/nixos/services/tangled-knot/default.nix

···

       1
        
       {

     

       2
        
         config,

     

       3
        
         lib,

     

       0
        
       
     

       4
        
         ...

     

       5
        
       }: let

     

       6
        
         name = "tangled-knot";

     
···

       21
        
       

     

       22
        
         config = lib.mkIf cfg.enable {

     

       23
        
           services = {

     

       24
       -
             caddy.virtualHosts = lib.mkIf cfg.autoProxy {

     

       25
       -
               "${service.vHost}" = {

     

       26
       -
                 extraConfig = ''

     

       27
       -
                   encode gzip zstd

     

       28
       -
                   reverse_proxy ${service.hostName}:${toString service.port}

     

       29
       -
                 '';

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       30
        
               };

     

       31
        
       

     

       32
       -
               "ssh.${service.vHost}" = {

     

       33
       -
                 extraConfig = ''

     

       34
       -
                   encode gzip zstd

     

       35
       -
                   reverse_proxy ${service.hostName}:22

     

       36
       -
                 '';

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       37
        
               };

     

       38
       -
             };

     

       39
        
       

     

       40
       -
             tangled-knot = {

     

       41
       -
               enable = false;

     

       42
       -
               openFirewall = true;

     

       43
       -
               stateDir = "/home/git";

     

       44
       -
               server = {

     

       45
       -
                 owner = "did:plc:3c6vkaq7xf5kz3va3muptjh5";

     

       46
       -
                 hostname = service.vHost;

     

       47
       -
                 listenAddr = "0.0.0.0:${toString service.port}";

     

       48
       -
               };

     

       49
        
             };

     

       50
        
           };

     

       51
        
         };

···

       1
        
       {

     

       2
        
         config,

     

       3
        
         lib,

     

       4
       +
         self,

     

       5
        
         ...

     

       6
        
       }: let

     

       7
        
         name = "tangled-knot";

     
···

       22
        
       

     

       23
        
         config = lib.mkIf cfg.enable {

     

       24
        
           services = {

     

       25
       +
             cloudflared.tunnels."${network.cloudflareTunnel}".ingress = lib.mkIf cfg.autoProxy {

     

       26
       +
               "${service.vHost}" = "http://localhost:${toString service.port}";

     

       27
       +
             };

     

       28
       +
           };

     

       29
       +
       

     

       30
       +
           containers.tangled-knot = {

     

       31
       +
             autoStart = true;

     

       32
       +
             config = {

     

       33
       +
               imports = [self.inputs.tangled-core.nixosModules.knot];

     

       34
       +
       

     

       35
       +
               programs.ssh.knownHosts = config.mySnippets.ssh.knownHosts;

     

       36
       +
       

     

       37
       +
               services.openssh = {

     

       38
       +
                 ports = [service.sshPort];

     

       39
       +
                 settings = {

     

       40
       +
                   PasswordAuthentication = false;

     

       41
       +
                   PubkeyAuthentication = true;

     

       42
       +
                 };

     

       43
        
               };

     

       44
        
       

     

       45
       +
               users.users.git.openssh.authorizedKeys.keyFiles =

     

       46
       +
                 lib.map (file: "${self.inputs.secrets}/publicKeys/${file}")

     

       47
       +
                 # right now this config is fine but if i ever get another machine i daily drive or a build server i need to do something else here

     

       48
       +
                 (lib.filter (file:

     

       49
       +
                   if config.networking.hostName == "morgana"

     

       50
       +
                   then "ayla_m23.pub" == file

     

       51
       +
                   else (lib.elem file ["ayla_morgana.pub" "ayla_23.pub"]))

     

       52
       +
                 (builtins.attrNames (builtins.readDir "${self.inputs.secrets}/publicKeys")));

     

       53
       +
       

     

       54
       +
               services.tangled-knot = {

     

       55
       +
                 enable = true;

     

       56
       +
                 openFirewall = cfg.autoProxy;

     

       57
       +
                 stateDir = "/var/lib/knot";

     

       58
       +
                 server = {

     

       59
       +
                   owner = "did:plc:3c6vkaq7xf5kz3va3muptjh5";

     

       60
       +
                   hostname = service.vHost;

     

       61
       +
                   listenAddr = "localhost:${toString service.port}";

     

       62
       +
                 };

     

       63
        
               };

     

       0
        
       
     

       64
        
       

     

       65
       +
               system.stateVersion = "25.11";

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       66
        
             };

     

       67
        
           };

     

       68
        
         };

+8 -1

modules/snippets/aylac-top/default.nix

···

       46
        
               };

     

       47
        
       

     

       48
        
               tangled-knot = {

     

       49
       -
                 hostName = "jezebel";

     

       50
        
                 port = 5555;

     

       0
        
       
     

       51
        
                 vHost = "knot.aylac.top";

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       52
        
               };

     

       53
        
             };

     

       54
        
           };

···

       46
        
               };

     

       47
        
       

     

       48
        
               tangled-knot = {

     

       49
       +
                 hostName = "nanpi";

     

       50
        
                 port = 5555;

     

       51
       +
                 sshPort = 2222;

     

       52
        
                 vHost = "knot.aylac.top";

     

       53
       +
               };

     

       54
       +
       

     

       55
       +
               privatebin = {

     

       56
       +
                 hostName = "nanpi";

     

       57
       +
                 port = 7748;

     

       58
       +
                 vHost = "bin.aylac.top";

     

       59
        
               };

     

       60
        
             };

     

       61
        
           };

+53

modules/snippets/nix/settings.nix

···

       0
        
       
     

       1
        
       {lib, ...}: {

     

       2
        
         options = {

     

       3
        
           mySnippets.nix.settings = lib.mkOption {

     
···

       13
        
                 "flakes"

     

       14
        
                 "nix-command"

     

       15
        
                 "recursive-nix"

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       16
        
               ];

     

       17
        
       

     

       18
        
               substituters = [

     
···

       23
        
               ];

     

       24
        
       

     

       25
        
               trusted-users = ["@admin" "@wheel" "nixbuild"];

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       26
        
             };

     

       27
        
           };

     

       28
        
         };

···

       1
       +
       # https://github.com/isabelroses/dotfiles/blob/main/modules/base/nix/nix.nix

     

       2
        
       {lib, ...}: {

     

       3
        
         options = {

     

       4
        
           mySnippets.nix.settings = lib.mkOption {

     
···

       14
        
                 "flakes"

     

       15
        
                 "nix-command"

     

       16
        
                 "recursive-nix"

     

       17
       +
       

     

       18
       +
                 # Allows Nix to automatically pick UIDs for builds, rather than creating nixbld* user accounts

     

       19
       +
                 # which is BEYOND annoying, which makes this a really nice feature to have

     

       20
       +
                 "auto-allocate-uids"

     

       21
       +
       

     

       22
       +
                 # allows Nix to execute builds inside cgroups

     

       23
       +
                 # remember you must also enable use-cgroups in the nix.conf or settings

     

       24
       +
                 "cgroups"

     

       25
       +
       

     

       26
       +
                 # enable the use of the fetchClosure built-in function in the Nix language.

     

       27
       +
                 "fetch-closure"

     

       28
        
               ];

     

       29
        
       

     

       30
        
               substituters = [

     
···

       35
        
               ];

     

       36
        
       

     

       37
        
               trusted-users = ["@admin" "@wheel" "nixbuild"];

     

       38
       +
       

     

       39
       +
               # Free up to 20GiB whenever there is less than 5GB left.

     

       40
       +
               # this setting is in bytes, so we multiply with 1024 by 3

     

       41
       +
               min-free = 5 * 1024 * 1024 * 1024;

     

       42
       +
               max-free = 20 * 1024 * 1024 * 1024;

     

       43
       +
       

     

       44
       +
               # automatically optimise symlinks

     

       45
       +
               # Disable auto-optimise-store because of this issue:

     

       46
       +
               # https://github.com/NixOS/nix/issues/7273

     

       47
       +
               # but we use lix which has a fix for this issue:

     

       48
       +
               # https://gerrit.lix.systems/c/lix/+/2100

     

       49
       +
               auto-optimise-store = true;

     

       50
       +
       

     

       51
       +
               # we don't want to track the registry, but we do want to allow the usage

     

       52
       +
               # of the `flake:` references, so we need to enable use-registries

     

       53
       +
               use-registries = true;

     

       54
       +
               flake-registry = "";

     

       55
       +
       

     

       56
       +
               # let the system decide the number of max jobs

     

       57
       +
               max-jobs = "auto";

     

       58
       +
       

     

       59
       +
               # this defaults to true, however it slows down evaluation so maybe we should disable it

     

       60
       +
               # some day, but we do need it for catppuccin/nix so maybe not too soon

     

       61
       +
               allow-import-from-derivation = true;

     

       62
       +
       

     

       63
       +
               # for direnv GC roots

     

       64
       +
               keep-derivations = true;

     

       65
       +
               keep-outputs = true;

     

       66
       +
       

     

       67
       +
               # use xdg base directories for all the nix things

     

       68
       +
               use-xdg-base-directories = true;

     

       69
       +
               # don't warn me if the current working tree is dirty

     

       70
       +
               # i don't need the warning because i'm working on it right now

     

       71
       +
               warn-dirty = false;

     

       72
       +
       

     

       73
       +
               # maximum number of parallel TCP connections used to fetch imports and binary caches, 0 means no limit

     

       74
       +
               http-connections = 50;

     

       75
       +
       

     

       76
       +
               # whether to accept nix configuration from a flake without prompting

     

       77
       +
               # littrally a CVE waiting to happen <https://x.com/puckipedia/status/1693927716326703441>

     

       78
       +
               accept-flake-config = false;

     

       79
        
             };

     

       80
        
           };

     

       81
        
         };

+20

modules/snippets/syncthing/folders.nix

···

       90
        
                 id = "obsidian";

     

       91
        
                 path = "/home/ayla/Documents/Obsidian";

     

       92
        
               };

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       93
        
             };

     

       94
        
           };

     

       95
        
         };

···

       90
        
                 id = "obsidian";

     

       91
        
                 path = "/home/ayla/Documents/Obsidian";

     

       92
        
               };

     

       93
       +
       

     

       94
       +
               "Phone ROMs" = {

     

       95
       +
                 devices = [

     

       96
       +
                   "morgana"

     

       97
       +
                   "m23"

     

       98
       +
                 ];

     

       99
       +
       

     

       100
       +
                 id = "2jcyv-esxcu";

     

       101
       +
                 path = "/data/Phone ROMs";

     

       102
       +
               };

     

       103
       +
       

     

       104
       +
               "RetroArch Saves" = {

     

       105
       +
                 devices = [

     

       106
       +
                   "morgana"

     

       107
       +
                   "m23"

     

       108
       +
                 ];

     

       109
       +
       

     

       110
       +
                 id = "guhfs-4e5qf";

     

       111
       +
                 path = "/home/ayla/.var/app/org.libretro.RetroArch/config/retroarch/saves";

     

       112
       +
               };

     

       113
        
             };

     

       114
        
           };

     

       115
        
         };

+1 -1

modules/snippets/tailnet/default.nix

···

       5
        
       }: {

     

       6
        
         options.mySnippets.tailnet = {

     

       7
        
           name = lib.mkOption {

     

       8
       -
             default = "cinnamon-in.ts.net";

     

       9
        
             description = "Tailnet name.";

     

       10
        
             type = lib.types.str;

     

       11
        
           };

···

       5
        
       }: {

     

       6
        
         options.mySnippets.tailnet = {

     

       7
        
           name = lib.mkOption {

     

       8
       +
             default = "miku-chimaera.ts.net";

     

       9
        
             description = "Tailnet name.";

     

       10
        
             type = lib.types.str;

     

       11
        
           };

+1 -1

modules/users/ayla/default.nix

···

       10
        
             description = "Ayla";

     

       11
        
             isNormalUser = true;

     

       12
        
             extraGroups = config.myUsers.defaultGroups;

     

       13
       -
             hashedPassword = config.myUsers.ayla.password;

     

       14
        
       

     

       15
        
             openssh.authorizedKeys.keyFiles =

     

       16
        
               lib.map (file: "${self.inputs.secrets}/publicKeys/${file}")

···

       10
        
             description = "Ayla";

     

       11
        
             isNormalUser = true;

     

       12
        
             extraGroups = config.myUsers.defaultGroups;

     

       13
       +
             hashedPasswordFile = config.myUsers.ayla.passwordFile;

     

       14
        
       

     

       15
        
             openssh.authorizedKeys.keyFiles =

     

       16
        
               lib.map (file: "${self.inputs.secrets}/publicKeys/${file}")

modules/users/options.nix

···

       8
        
               description = "Hashed password for ${user}.";

     

       9
        
               type = lib.types.nullOr lib.types.str;

     

       10
        
             };

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       11
        
           };

     

       12
        
         in {

     

       13
        
           defaultGroups = lib.mkOption {

···

       8
        
               description = "Hashed password for ${user}.";

     

       9
        
               type = lib.types.nullOr lib.types.str;

     

       10
        
             };

     

       11
       +
       

     

       12
       +
             passwordFile = lib.mkOption {

     

       13
       +
               default = null;

     

       14
       +
               description = "Hashed password file for ${user}.";

     

       15
       +
               type = lib.types.nullOr lib.types.path;

     

       16
       +
             };

     

       17
        
           };

     

       18
        
         in {

     

       19
        
           defaultGroups = lib.mkOption {

Compare changes