Kabbone/nixos-config
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compare commits

base: Kabbone:d66b67ba4c165d461271e0e4646e25181599c089
Branches Tags
Kabbone:main Kabbone:refactor
...
compare: Kabbone:12ad8a7dfab0e2cf03fec8748f68c55bac94b072
Branches Tags
Kabbone:main Kabbone:refactor

8 Commits
d66b67ba4c ... 12ad8a7dfa

Author SHA1 Message Date
Kabbone
12ad8a7dfa update flake 2026-04-25 18:03:21 +02:00
Kabbone
f50a5caee5 add persistence to gid/uid services of microvm and set vsock.cid 2026-04-25 17:38:42 +02:00
Kabbone
f7035e0daf cleanups and move steamdeck to desktop module 2026-04-25 17:09:23 +02:00
Kabbone
c8806e3676 add templates for host specific and global overlays 2026-04-25 10:59:21 +02:00
Kabbone
6ce78e164c remove gnome and hyprland 2026-04-25 10:37:31 +02:00
Kabbone
2c70c8281e add keyboardbindings to desktop module for niri 2026-04-25 10:33:58 +02:00
Kabbone
62b68a333f create users desktop module 2026-04-25 10:20:16 +02:00
Kabbone
5fb7ab4ee0 claude restructure 2026-04-23 20:08:25 +02:00
51 changed files with 1794 additions and 2583 deletions
Expand all files Collapse all files

66
flake.lock generated
View File

@@ -25,11 +25,11 @@
}, },
"crane": { "crane": {
"locked": { "locked": {
"lastModified": 1773189535, "lastModified": 1776635034,
"narHash": "sha256-E1G/Or6MWeP+L6mpQ0iTFLpzSzlpGrITfU2220Gq47g=", "narHash": "sha256-OEOJrT3ZfwbChzODfIH4GzlNTtOFuZFWPtW7jIeR8xU=",
"owner": "ipetkov", "owner": "ipetkov",
"repo": "crane", "repo": "crane",
"rev": "6fa2fb4cf4a89ba49fc9dd5a3eb6cde99d388269", "rev": "dc7496d8ea6e526b1254b55d09b966e94673750f",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -126,11 +126,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1776373306, "lastModified": 1777086106,
"narHash": "sha256-iAJIzHngGZeLIkjzuuWI6VBsYJ1n89a/Esq0m8R1vjs=", "narHash": "sha256-hlNpIN18pw3xo34Lsrp6vAMUPn0aB/zFBqL0QXI1Pmk=",
"owner": "nix-community", "owner": "nix-community",
"repo": "home-manager", "repo": "home-manager",
"rev": "d401492e2acd4fea42f7705a3c266cea739c9c36", "rev": "5826802354a74af18540aef0b01bc1320f82cc17",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -208,11 +208,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1776335039, "lastModified": 1776962372,
"narHash": "sha256-2lkQhrv6YUCeMlC/lclzq9vkTALv/ptv7d0jIhZnrPQ=", "narHash": "sha256-Y2imW4kyIhupx8myNSeNCzDbEx2X+h+AmhNjWXA/7Yw=",
"owner": "Jovian-Experiments", "owner": "Jovian-Experiments",
"repo": "Jovian-NixOS", "repo": "Jovian-NixOS",
"rev": "cbdf76c063b48d5d755fb26540367b8c2457c2ca", "rev": "ee3a1184a978e311194a2d3d352c5e6aba67a4b5",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -231,11 +231,11 @@
"rust-overlay": "rust-overlay" "rust-overlay": "rust-overlay"
}, },
"locked": { "locked": {
"lastModified": 1776248416, "lastModified": 1776797459,
"narHash": "sha256-TC6yzbCAex1pDfqUZv9u8fVm8e17ft5fNrcZ0JRDOIQ=", "narHash": "sha256-utv296Xwk0PwjONe9dsyKx+9Z5xAB70aAsMI//aakpg=",
"owner": "nix-community", "owner": "nix-community",
"repo": "lanzaboote", "repo": "lanzaboote",
"rev": "18e9e64bae15b828c092658335599122a6db939b", "rev": "4eda91dd5abd2157a2c7bfb33142fc64da668b0a",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -290,11 +290,11 @@
}, },
"nixos-hardware": { "nixos-hardware": {
"locked": { "locked": {
"lastModified": 1775490113, "lastModified": 1776983936,
"narHash": "sha256-2ZBhDNZZwYkRmefK5XLOusCJHnoeKkoN95hoSGgMxWM=", "narHash": "sha256-ZOQyNqSvJ8UdrrqU1p7vaFcdL53idK+LOM8oRWEWh6o=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixos-hardware", "repo": "nixos-hardware",
"rev": "c775c2772ba56e906cbeb4e0b2db19079ef11ff7", "rev": "2096f3f411ce46e88a79ae4eafcfc9df8ed41c61",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -322,11 +322,11 @@
}, },
"nixpkgs-unstable": { "nixpkgs-unstable": {
"locked": { "locked": {
"lastModified": 1776169885, "lastModified": 1776877367,
"narHash": "sha256-l/iNYDZ4bGOAFQY2q8y5OAfBBtrDAaPuRQqWaFHVRXM=", "narHash": "sha256-EHq1/OX139R1RvBzOJ0aMRT3xnWyqtHBRUBuO1gFzjI=",
"owner": "nixos", "owner": "nixos",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "4bd9165a9165d7b5e33ae57f3eecbcb28fb231c9", "rev": "0726a0ecb6d4e08f6adced58726b95db924cef57",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -338,11 +338,11 @@
}, },
"nixpkgs_2": { "nixpkgs_2": {
"locked": { "locked": {
"lastModified": 1776221942, "lastModified": 1776734388,
"narHash": "sha256-FbQAeVNi7G4v3QCSThrSAAvzQTmrmyDLiHNPvTF2qFM=", "narHash": "sha256-vl3dkhlE5gzsItuHoEMVe+DlonsK+0836LIRDnm6MXQ=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "1766437c5509f444c1b15331e82b8b6a9b967000", "rev": "10e7ad5bbcb421fe07e3a4ad53a634b0cd57ffac",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -360,11 +360,11 @@
"noctalia-qs": "noctalia-qs" "noctalia-qs": "noctalia-qs"
}, },
"locked": { "locked": {
"lastModified": 1776302695, "lastModified": 1777079905,
"narHash": "sha256-xZc9o1JLQpmWn2Dqui323+Tq2Ai4sSdtdvbFZCs4qLo=", "narHash": "sha256-TvYEXwkZnRFQRuFyyqTNSfPnU2tMdhtiBOXSk2AWLJA=",
"owner": "noctalia-dev", "owner": "noctalia-dev",
"repo": "noctalia-shell", "repo": "noctalia-shell",
"rev": "a7c724181fca5d1aff2d47b18fa733504cfdbda2", "rev": "a50c92167c8d438000270f7eca36f6eea74f388e",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -383,11 +383,11 @@
"treefmt-nix": "treefmt-nix" "treefmt-nix": "treefmt-nix"
}, },
"locked": { "locked": {
"lastModified": 1775957204, "lastModified": 1776585574,
"narHash": "sha256-d4CVRtAty2GzDYXx4xYQmR+nlOjjKovyprQfZhgLckU=", "narHash": "sha256-j35EWhKoGhKrfcXcAOpoRVgXEPQt41Eukji/h59cnjk=",
"owner": "noctalia-dev", "owner": "noctalia-dev",
"repo": "noctalia-qs", "repo": "noctalia-qs",
"rev": "68e82fe34c68ee839a9c37e3466820e266af0c86", "rev": "75d180c28a9ab4470e980f3d6f706ad6c5213add",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -406,11 +406,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1772893680, "lastModified": 1775585728,
"narHash": "sha256-JDqZMgxUTCq85ObSaFw0HhE+lvdOre1lx9iI6vYyOEs=", "narHash": "sha256-8Psjt+TWvE4thRKktJsXfR6PA/fWWsZ04DVaY6PUhr4=",
"owner": "cachix", "owner": "cachix",
"repo": "pre-commit-hooks.nix", "repo": "pre-commit-hooks.nix",
"rev": "8baab586afc9c9b57645a734c820e4ac0a604af9", "rev": "580633fa3fe5fc0379905986543fd7495481913d",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -442,11 +442,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1773544328, "lastModified": 1776741231,
"narHash": "sha256-Iv+qez54LAz+isij4APBk31VWA//Go81hwFOXr5iWTw=", "narHash": "sha256-k9G98qzn+7npROUaks8VqCFm7cFtEG8ulQLBBo5lItg=",
"owner": "oxalica", "owner": "oxalica",
"repo": "rust-overlay", "repo": "rust-overlay",
"rev": "4f977d776793c8bfbfdd7eca7835847ccc48874e", "rev": "02061303f7c4c964f7b4584dabd9e985b4cd442b",
"type": "github" "type": "github"
}, },
"original": { "original": {

27
flake.nix
View File

@@ -7,7 +7,7 @@
# │ └─ default.nix # │ └─ default.nix
{ {
description = "Kabbone's peronal NixOS Flake config"; description = "Kabbone's personal NixOS Flake config";
inputs = { inputs = {
nixpkgs-unstable.url = "github:nixos/nixpkgs/nixos-unstable"; # Nix Packages nixpkgs-unstable.url = "github:nixos/nixpkgs/nixos-unstable"; # Nix Packages
@@ -66,18 +66,17 @@
impermanence, impermanence,
lanzaboote, lanzaboote,
... ...
} @ inputs: rec { } @ inputs:
inherit (self) outputs; let
systems = [ systems = [
# "aarch64-linux" # "aarch64-linux"
"x86_64-linux" "x86_64-linux"
]; ];
forAllSystems = nixpkgs.lib.genAttrs systems; forAllSystems = nixpkgs.lib.genAttrs systems;
#in { in {
# Your custom packages # Your custom packages
# Accessible through 'nix build', 'nix shell', etc # Accessible through 'nix build', 'nix shell', etc
packages = forAllSystems (system: import ./packages nixpkgs.legacyPackages.${system}); packages = forAllSystems (system: import ./packages { pkgs = nixpkgs.legacyPackages.${system}; });
# Formatter for your nix files, available through 'nix fmt' # Formatter for your nix files, available through 'nix fmt'
# Other options beside 'alejandra' include 'nixpkgs-fmt' # Other options beside 'alejandra' include 'nixpkgs-fmt'
formatter = forAllSystems (system: nixpkgs.legacyPackages.${system}.alejandra); formatter = forAllSystems (system: nixpkgs.legacyPackages.${system}.alejandra);
@@ -96,19 +95,17 @@
import ./hosts { # Imports ./hosts/default.nix import ./hosts { # Imports ./hosts/default.nix
inherit (nixpkgs) lib; inherit (nixpkgs) lib;
inherit inputs nixpkgs nixpkgs-unstable nixos-hardware home-manager home-manager-unstable agenix jovian-nixos microvm impermanence lanzaboote; # Also inherit home-manager so it does not need to be defined here. inherit inputs nixpkgs nixpkgs-unstable nixos-hardware home-manager home-manager-unstable agenix jovian-nixos microvm impermanence lanzaboote; # Also inherit home-manager so it does not need to be defined here.
nix.allowedUsers = [ "@wheel" ];
security.sudo.execWheelOnly = true;
} }
); );
hydraJobs = { hydraJobs = {
"steamdeck" = nixosConfigurations.steamdeck.config.system.build.toplevel; "steamdeck" = self.nixosConfigurations.steamdeck.config.system.build.toplevel;
"hades" = nixosConfigurations.hades.config.system.build.toplevel; "hades" = self.nixosConfigurations.hades.config.system.build.toplevel;
"nasbak" = nixosConfigurations.nasbak.config.system.build.toplevel; "nasbak" = self.nixosConfigurations.nasbak.config.system.build.toplevel;
"jupiter" = nixosConfigurations.jupiter.config.system.build.toplevel; "jupiter" = self.nixosConfigurations.jupiter.config.system.build.toplevel;
"lifebook" = nixosConfigurations.lifebook.config.system.build.toplevel; "lifebook" = self.nixosConfigurations.lifebook.config.system.build.toplevel;
"kabtop" = nixosConfigurations.kabtop.config.system.build.toplevel; "kabtop" = self.nixosConfigurations.kabtop.config.system.build.toplevel;
"dmz" = nixosConfigurations.dmz.config.system.build.toplevel; "dmz" = self.nixosConfigurations.dmz.config.system.build.toplevel;
}; };
}; };
} }

126
hosts/configuration_common.nix Normal file
View File

@@ -0,0 +1,126 @@
#
# Common configuration shared by all hosts (desktop and server).
# Imported by configuration_desktop.nix and configuration_server.nix.
#
{ config, lib, pkgs, inputs, user, location, agenix, ... }:
{
imports = [
../modules/hardware/hydraCache.nix
];
users.users.${user} = {
shell = pkgs.zsh;
openssh.authorizedKeys.keys = [
"sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIANmaraVJ/o20c4dqVnGLp/wGck9QNHFPvO9jcEbKS29AAAABHNzaDo= kabbone@kabc"
"sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIIgo4IP8ISUohyAMiDc3zEe6ESUE3un7eN5FhVtxZHmcAAAABHNzaDo= kabbone@kabc"
"sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIKVDApb3vZ+i97V4xLJh8rUF6z5OVYfORlXYbLhdQO15AAAABHNzaDo= kabbone@hades.home.opel-online.de"
"sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIB0q++epdX7feQxvmC2m/CJEoJbkqtAJy6Ml6WKHxryZAAAABHNzaDo= kabbone@hades.home.opel-online.de"
];
};
time.timeZone = "Europe/Berlin";
i18n = {
defaultLocale = "en_US.UTF-8";
extraLocaleSettings = {
LC_TIME = "de_DE.UTF-8";
LC_MONETARY = "de_DE.UTF-8";
};
};
console = {
font = "Lat2-Terminus16";
keyMap = "us";
};
fonts.packages = with pkgs; [
carlito
vegur
source-code-pro
font-awesome
hack-font
corefonts
intel-one-mono
cascadia-code
];
environment = {
variables = {
TERMINAL = "alacritty";
EDITOR = "nvim";
VISUAL = "nvim";
BROWSER = "firefox";
};
systemPackages = with pkgs; [
vim
git
killall
pciutils
usbutils
wget
bind
dig
agenix.packages.${pkgs.system}.default
cryptsetup
powerline
powerline-fonts
powerline-symbols
tree
direnv
linuxPackages_latest.cpupower
btop
];
};
services.openssh = {
enable = true;
settings = {
PasswordAuthentication = false;
PermitRootLogin = "no";
};
};
programs.zsh.enable = true;
nix = {
settings = {
auto-optimise-store = true;
allowed-users = [ "@wheel" ];
};
gc = {
automatic = true;
dates = "weekly";
options = "--delete-older-than 7d";
};
package = pkgs.nixVersions.stable;
extraOptions = ''
experimental-features = nix-command flakes
'';
};
nixpkgs.config.allowUnfree = true;
nixpkgs.config.permittedInsecurePackages = [
"olm-3.2.16"
];
security = {
sudo.execWheelOnly = true;
pki.certificateFiles = [
./rootCA.pem
];
};
system = {
stateVersion = "23.05";
autoUpgrade = {
flake = "git+https://git.kabtop.de/Kabbone/nixos-config";
randomizedDelaySec = "5m";
allowReboot = true;
rebootWindow = {
lower = "02:00";
upper = "05:00";
};
};
};
}

201
hosts/configuration_desktop.nix
View File

@@ -1,201 +0,0 @@
#
# Main system configuration. More information available in configuration.nix(5) man page.
#
# flake.nix
# ├─ ./hosts
# │ └─ configuration.nix *
# └─ ./modules
# └─ ./editors
# └─ ./nvim
# └─ default.nix
#
{ config, lib, pkgs, pkgs-stable, inputs, user, location, agenix, ... }:
{
imports = # Import window or display manager.
[
#../modules/editors/nvim # ! Comment this out on first install !
];
users.users.${user} = { # System User
isNormalUser = true;
extraGroups = [ "wheel" "video" "audio" "camera" "networkmanager" "lp" "kvm" "libvirtd" "adb" "dialout" "tss" ];
shell = pkgs.zsh; # Default shell
uid = 2000;
# initialPassword = "password95";
openssh.authorizedKeys.keys = [
"sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIANmaraVJ/o20c4dqVnGLp/wGck9QNHFPvO9jcEbKS29AAAABHNzaDo= kabbone@kabc"
"sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIIgo4IP8ISUohyAMiDc3zEe6ESUE3un7eN5FhVtxZHmcAAAABHNzaDo= kabbone@kabc"
"sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIKVDApb3vZ+i97V4xLJh8rUF6z5OVYfORlXYbLhdQO15AAAABHNzaDo= kabbone@hades.home.opel-online.de"
"sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIB0q++epdX7feQxvmC2m/CJEoJbkqtAJy6Ml6WKHxryZAAAABHNzaDo= kabbone@hades.home.opel-online.de"
];
};
time.timeZone = "Europe/Berlin"; # Time zone and internationalisation
i18n = {
defaultLocale = "en_US.UTF-8";
extraLocaleSettings = { # Extra locale settings that need to be overwritten
LC_TIME = "de_DE.UTF-8";
LC_MONETARY = "de_DE.UTF-8";
};
};
console = {
font = "Lat2-Terminus16";
keyMap = "us"; # or us/azerty/etc
};
security = {
pam.services.login.enableGnomeKeyring = true;
rtkit.enable = true;
pki.certificateFiles = [
./rootCA.pem
];
#tpm2 = {
# enable = true;
# pkcs11.enable = true;
# tctiEnvironment.enable = true;
# };
};
#sound = { # ALSA sound enable
## #enable = true;
# mediaKeys = { # Keyboard Media Keys (for minimal desktop) enable = true;
# enable = true;
# };
#};
fonts.packages = with pkgs; [ # Fonts
carlito # NixOS
vegur # NixOS
source-code-pro
font-awesome # Icons
hack-font
corefonts # MS
intel-one-mono
cascadia-code
];
environment = {
variables = {
TERMINAL = "alacritty";
EDITOR = "nvim";
VISUAL = "nvim";
BROWSER = "firefox";
};
systemPackages = (with pkgs; [ # Default packages install system-wide
vim
git
killall
pciutils
usbutils
wget
file
powertop
cpufrequtils
lm_sensors
libva-utils
at-spi2-core
bind
dig
qmk-udev-rules
gptfdisk
agenix.packages.x86_64-linux.default
age-plugin-yubikey
pwgen
cryptsetup
powerline
powerline-fonts
powerline-symbols
tree
direnv
linuxPackages_latest.cpupower
linuxPackages_latest.turbostat
btop
sbctl
ausweisapp
e2fsprogs
])
++
(with pkgs-stable; [
orca-slicer
]);
};
services = {
pipewire = { # Sound
enable = true;
alsa = {
enable = true;
# support32Bit = true;
};
pulse.enable = true;
wireplumber.enable = true;
};
openssh = { # SSH: secure shell (remote connection to shell of server)
enable = true; # local: $ ssh <user>@<ip>
settings = {
PasswordAuthentication = false;
PermitRootLogin = "no";
};
# extraConfig = ''
# HostKeyAlgorithms +ssh-rsa
# ''; # Temporary extra config so ssh will work in guacamole
};
pcscd.enable = true;
yubikey-agent.enable = true;
udev.packages = [ pkgs.yubikey-personalization pkgs.nitrokey-udev-rules ];
flatpak.enable = true; # download flatpak file from website - sudo flatpak install <path> - reboot if not showing up
# sudo flatpak uninstall --delete-data <app-id> (> flatpak list --app) - flatpak uninstall --unused
# List:
# com.obsproject.Studio
# com.parsecgaming.parsec
# com.usebottles.bottles
gvfs.enable = true;
fwupd.enable = true;
};
programs = { # No xbacklight, this is the alterantive
zsh.enable = true;
dconf.enable = true;
};
nix = { # Nix Package Manager settings
settings ={
auto-optimise-store = true; # Optimise syslinks
};
gc = { # Automatic garbage collection
automatic = true;
dates = "weekly";
options = "--delete-older-than 7d";
};
package = pkgs.nixVersions.stable; # Enable nixFlakes on system
extraOptions = ''
experimental-features = nix-command flakes
'';
};
nixpkgs.config.allowUnfree = true; # Allow proprietary software.
nixpkgs.config.permittedInsecurePackages = [
"olm-3.2.16"
"mbedtls-2.28.10"
];
system = { # NixOS settings
autoUpgrade = { # Allow auto update
enable = false;
flake = "git+https://git.kabtop.de/Kabbone/nixos-config";
randomizedDelaySec = "5m";
allowReboot = true;
rebootWindow = {
lower = "02:00";
upper = "05:00";
};
#channel = "https://nixos.org/channels/nixos-unstable";
};
stateVersion = "23.05";
};
}

139
hosts/configuration_server.nix
View File

@@ -1,155 +1,38 @@
# #
# Main system configuration. More information available in configuration.nix(5) man page. # Server configuration. Imports configuration_common.nix for shared settings.
# # Service modules are imported per-host.
# flake.nix
# ├─ ./hosts
# │ └─ configuration.nix *
# └─ ./modules
# └─ ./editors
# └─ ./nvim
# └─ default.nix
# #
{ config, lib, pkgs, inputs, user, location, agenix, ... }: { config, lib, pkgs, inputs, user, location, agenix, ... }:
{ {
imports = # Import window or display manager. imports = [
[ ./configuration_common.nix
#../modules/editors/nvim # ! Comment this out on first install !
]; ];
users.users.${user} = { # System User users.users.${user} = {
isNormalUser = true; isNormalUser = true;
extraGroups = [ "wheel" "networkmanager" "kvm" "libvirtd" ];
shell = pkgs.zsh; # Default shell
uid = 3000; uid = 3000;
# initialPassword = "password95"; extraGroups = [ "wheel" "networkmanager" "kvm" "libvirtd" ];
openssh.authorizedKeys.keys = [
"sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIANmaraVJ/o20c4dqVnGLp/wGck9QNHFPvO9jcEbKS29AAAABHNzaDo= kabbone@kabc"
"sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIIgo4IP8ISUohyAMiDc3zEe6ESUE3un7eN5FhVtxZHmcAAAABHNzaDo= kabbone@kabc"
"sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIKVDApb3vZ+i97V4xLJh8rUF6z5OVYfORlXYbLhdQO15AAAABHNzaDo= kabbone@hades.home.opel-online.de"
"sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIB0q++epdX7feQxvmC2m/CJEoJbkqtAJy6Ml6WKHxryZAAAABHNzaDo= kabbone@hades.home.opel-online.de"
];
};
security.sudo.wheelNeedsPassword = true; # User does not need to give password when using sudo.
time.timeZone = "Europe/Berlin"; # Time zone and internationalisation
i18n = {
defaultLocale = "en_US.UTF-8";
extraLocaleSettings = { # Extra locale settings that need to be overwritten
LC_TIME = "de_DE.UTF-8";
LC_MONETARY = "de_DE.UTF-8";
};
}; };
console = { security.sudo.wheelNeedsPassword = true;
font = "Lat2-Terminus16";
keyMap = "us"; # or us/azerty/etc
};
security = { environment.systemPackages = with pkgs; [
rtkit.enable = true;
pki.certificateFiles = [
./rootCA.pem
];
};
fonts.packages = with pkgs; [ # Fonts
carlito # NixOS
vegur # NixOS
source-code-pro
font-awesome # Icons
hack-font
corefonts # MS
intel-one-mono
cascadia-code
];
environment = {
variables = {
TERMINAL = "alacritty";
EDITOR = "nvim";
VISUAL = "nvim";
BROWSER = "firefox";
};
systemPackages = with pkgs; [ # Default packages install system-wide
vim
git
killall
pciutils
usbutils
wget
powertop
cpufrequtils
lm_sensors
bind
dig
agenix.packages.x86_64-linux.default
ffmpeg ffmpeg
smartmontools smartmontools
cryptsetup
powerline
powerline-fonts
powerline-symbols
tree
direnv
linuxPackages_latest.cpupower
btop
htop htop
]; ];
};
services = { services.openssh = {
openssh = { # SSH: secure shell (remote connection to shell of server)
enable = true; # local: $ ssh <user>@<ip>
settings = {
PasswordAuthentication = false;
PermitRootLogin = "no";
};
ports = [ 2220 ]; ports = [ 2220 ];
openFirewall = true; openFirewall = true;
}; };
#flatpak.enable = true; # download flatpak file from website - sudo flatpak install <path> - reboot if not showing up nix.extraOptions = ''
# sudo flatpak uninstall --delete-data <app-id> (> flatpak list --app) - flatpak uninstall --unused
};
programs = {
zsh.enable = true;
};
nix = { # Nix Package Manager settings
settings ={
auto-optimise-store = true; # Optimise syslinks
};
gc = { # Automatic garbage collection
automatic = true;
dates = "weekly";
options = "--delete-older-than 7d";
};
package = pkgs.nixVersions.stable; # Enable nixFlakes on system
extraOptions = ''
experimental-features = nix-command flakes
keep-outputs = true keep-outputs = true
keep-derivations = true keep-derivations = true
''; '';
};
nixpkgs.config.allowUnfree = true; # Allow proprietary software.
nixpkgs.config.permittedInsecurePackages = [
"olm-3.2.16"
];
system = { # NixOS settings system.autoUpgrade.enable = true;
autoUpgrade = { # Allow auto update
enable = true;
flake = "git+https://git.kabtop.de/Kabbone/nixos-config";
randomizedDelaySec = "5m";
allowReboot = true;
rebootWindow = {
lower = "02:00";
upper = "05:00";
};
};
stateVersion = "23.05";
};
} }

222
hosts/default.nix
View File

@@ -4,7 +4,9 @@
# flake.nix # flake.nix
# └─ ./hosts # └─ ./hosts
# ├─ default.nix * # ├─ default.nix *
# ├─ configuration.nix # ├─ configuration_common.nix
# ├─ configuration_desktop.nix
# ├─ configuration_server.nix
# ├─ home.nix # ├─ home.nix
# └─ ./desktop OR ./laptop OR ./vm # └─ ./desktop OR ./laptop OR ./vm
# ├─ ./default.nix # ├─ ./default.nix
@@ -14,242 +16,161 @@
{ lib, inputs, nixpkgs, nixpkgs-unstable, nixos-hardware, home-manager, home-manager-unstable, agenix, jovian-nixos, microvm, impermanence, lanzaboote, ... }: { lib, inputs, nixpkgs, nixpkgs-unstable, nixos-hardware, home-manager, home-manager-unstable, agenix, jovian-nixos, microvm, impermanence, lanzaboote, ... }:
let let
user = "kabbone"; # Default user — desktop hosts share this; server hosts may override per-host
userdmz = "diablo"; # by passing a different `user` value in their own specialArgs block.
userserver = "mephisto"; defaultUser = "kabbone";
location = "$HOME/.setup"; location = builtins.getEnv "HOME" + "/.setup";
system = "x86_64-linux"; # System architecture system = "x86_64-linux";
pkgs = import nixpkgs {
inherit system;
config.allowUnfree = true; # Allow proprietary software
};
pkgs-unstable = import nixpkgs-unstable { pkgs-unstable = import nixpkgs-unstable {
inherit system; inherit system;
config.allowUnfree = true; # Allow proprietary software config.allowUnfree = true;
};
pkgs-stable = import nixpkgs {
inherit system;
config.allowUnfree = true; # Allow proprietary software
}; };
pkgs-kabbone = import ../packages { pkgs-kabbone = import ../packages {
inherit system; inherit system;
inherit pkgs; pkgs = import nixpkgs { inherit system; config.allowUnfree = true; };
}; };
lib = nixpkgs.lib; pkgs = import nixpkgs {
users.defaultShell = "pkgs.zsh"; inherit system;
config.allowUnfree = true;
# Prefer host-specific overlays over a global one here.
# Set nixpkgs.overlays inside the host's own module (e.g. hosts/desktop/default.nix)
# so only that host's pkgs is affected. Packages can be imported inline —
# no specialArgs needed. See hosts/desktop/default.nix for an example.
};
# Helper: returns [hm-module, config-attrset] for the modules list.
# hm - the home-manager flake input to use (stable or unstable)
# user - the username whose home-manager config to build
# hmImports - list of home.nix paths for this host
mkHM = hm: user: hmImports: [
hm.nixosModules.home-manager
{
home-manager.useGlobalPkgs = true;
home-manager.useUserPackages = true;
home-manager.extraSpecialArgs = { inherit user; };
home-manager.users.${user}.imports = hmImports;
}
];
in in
{ {
hades = lib.nixosSystem { # Desktop profile hades = lib.nixosSystem { # Desktop profile
inherit system; inherit system;
specialArgs = { inherit inputs pkgs-stable user location nixos-hardware agenix microvm nixpkgs lanzaboote pkgs-kabbone; }; specialArgs = { inherit inputs location nixos-hardware agenix microvm nixpkgs lanzaboote; user = defaultUser; };
modules = [ modules = [
agenix.nixosModules.default agenix.nixosModules.default
microvm.nixosModules.host microvm.nixosModules.host
lanzaboote.nixosModules.lanzaboote lanzaboote.nixosModules.lanzaboote
./desktop ./desktop # myDesktop options set inside
./configuration_desktop.nix ./configuration_common.nix
../modules/hardware/hydraCache.nix
../modules/hardware/remoteBuilder.nix ../modules/hardware/remoteBuilder.nix
nixos-hardware.nixosModules.common-cpu-amd nixos-hardware.nixosModules.common-cpu-amd
nixos-hardware.nixosModules.common-gpu-amd nixos-hardware.nixosModules.common-gpu-amd
nixos-hardware.nixosModules.common-pc-ssd nixos-hardware.nixosModules.common-pc-ssd
] ++ (mkHM home-manager defaultUser [ ./home.nix ./desktop/home.nix ]);
home-manager.nixosModules.home-manager {
home-manager.useGlobalPkgs = true;
home-manager.useUserPackages = true;
home-manager.extraSpecialArgs = { inherit user; };
home-manager.users.${user} = {
imports = [(import ./home.nix)] ++ [(import ./desktop/home.nix)];
};
}
];
}; };
lifebook = lib.nixosSystem { # Laptop profile lifebook = lib.nixosSystem { # Laptop profile
inherit system; inherit system;
specialArgs = { inherit inputs pkgs-stable user location nixos-hardware agenix lanzaboote; }; specialArgs = { inherit inputs location nixos-hardware agenix lanzaboote; user = defaultUser; };
modules = [ modules = [
agenix.nixosModules.default agenix.nixosModules.default
lanzaboote.nixosModules.lanzaboote lanzaboote.nixosModules.lanzaboote
./lifebook ./lifebook # myDesktop options set inside
./configuration_desktop.nix ./configuration_common.nix
../modules/hardware/hydraCache.nix
nixos-hardware.nixosModules.common-cpu-intel nixos-hardware.nixosModules.common-cpu-intel
nixos-hardware.nixosModules.common-pc-ssd nixos-hardware.nixosModules.common-pc-ssd
] ++ (mkHM home-manager defaultUser [ ./home.nix ./lifebook/home.nix ]);
home-manager.nixosModules.home-manager {
home-manager.useGlobalPkgs = true;
home-manager.useUserPackages = true;
home-manager.extraSpecialArgs = { inherit user; };
home-manager.users.${user} = {
imports = [(import ./home.nix)] ++ [(import ./lifebook/home.nix)];
};
}
];
}; };
steamdeck = nixpkgs-unstable.lib.nixosSystem { # steamdeck profile steamdeck = nixpkgs-unstable.lib.nixosSystem { # steamdeck profile
inherit system; inherit system;
specialArgs = { inherit inputs pkgs-stable user location nixos-hardware agenix jovian-nixos lanzaboote; }; specialArgs = { inherit inputs location nixos-hardware agenix jovian-nixos lanzaboote; user = defaultUser; };
modules = [ modules = [
agenix.nixosModules.default agenix.nixosModules.default
jovian-nixos.nixosModules.default jovian-nixos.nixosModules.default
lanzaboote.nixosModules.lanzaboote lanzaboote.nixosModules.lanzaboote
./steamdeck ./steamdeck
./configuration_desktop.nix ./configuration_common.nix
../modules/hardware/hydraCache.nix ] ++ (mkHM home-manager-unstable defaultUser [ ./home.nix ./steamdeck/home.nix ]);
home-manager-unstable.nixosModules.home-manager {
home-manager.useGlobalPkgs = true;
home-manager.useUserPackages = true;
home-manager.extraSpecialArgs = { inherit user; };
home-manager.users.${user} = {
imports = [(import ./home.nix)] ++ [(import ./steamdeck/home.nix)];
};
}
];
}; };
kabtop = lib.nixosSystem { # Desktop profile kabtop = lib.nixosSystem { # Server profile
inherit system; inherit system;
specialArgs = { inherit inputs user location nixos-hardware agenix nixpkgs pkgs-unstable impermanence; }; specialArgs = { inherit inputs location nixos-hardware agenix impermanence; user = defaultUser; };
modules = [ modules = [
agenix.nixosModules.default agenix.nixosModules.default
microvm.nixosModules.host microvm.nixosModules.host
./kabtop ./kabtop
./configuration_server.nix ./configuration_common.nix
../modules/hardware/hydraCache.nix
nixos-hardware.nixosModules.common-cpu-amd nixos-hardware.nixosModules.common-cpu-amd
nixos-hardware.nixosModules.common-pc-ssd nixos-hardware.nixosModules.common-pc-ssd
] ++ (mkHM home-manager defaultUser [ ./home_server.nix ./kabtop/home.nix ]);
home-manager.nixosModules.home-manager {
home-manager.useGlobalPkgs = true;
home-manager.useUserPackages = true;
home-manager.extraSpecialArgs = { inherit user; };
home-manager.users.${user} = {
imports = [(import ./home_server.nix)] ++ [(import ./kabtop/home.nix)];
};
}
];
}; };
nasbak = lib.nixosSystem { # Desktop profile nasbak = lib.nixosSystem { # Server profile
inherit system; inherit system;
specialArgs = { inherit inputs user location nixos-hardware agenix; }; specialArgs = { inherit inputs location nixos-hardware agenix; user = defaultUser; };
modules = [ modules = [
agenix.nixosModules.default agenix.nixosModules.default
./nasbackup ./nasbackup
./configuration_server.nix ./configuration_common.nix
../modules/hardware/hydraCache.nix
nixos-hardware.nixosModules.common-cpu-intel nixos-hardware.nixosModules.common-cpu-intel
nixos-hardware.nixosModules.common-pc-ssd nixos-hardware.nixosModules.common-pc-ssd
] ++ (mkHM home-manager defaultUser [ ./home_server.nix ./nasbackup/home.nix ]);
home-manager.nixosModules.home-manager {
home-manager.useGlobalPkgs = true;
home-manager.useUserPackages = true;
home-manager.extraSpecialArgs = { inherit user; };
home-manager.users.${user} = {
imports = [(import ./home_server.nix)] ++ [(import ./nasbackup/home.nix)];
};
}
];
}; };
jupiter = lib.nixosSystem { # Desktop profile jupiter = lib.nixosSystem { # Server profile
inherit system; inherit system;
specialArgs = { inherit inputs user location nixos-hardware agenix pkgs-kabbone; }; specialArgs = { inherit inputs location nixos-hardware agenix; user = defaultUser; };
modules = [ modules = [
agenix.nixosModules.default agenix.nixosModules.default
./jupiter ./jupiter
./configuration_server.nix ./configuration_common.nix
../modules/hardware/hydraCache.nix
nixos-hardware.nixosModules.common-cpu-intel nixos-hardware.nixosModules.common-cpu-intel
nixos-hardware.nixosModules.common-pc-ssd nixos-hardware.nixosModules.common-pc-ssd
] ++ (mkHM home-manager defaultUser [ ./home_server.nix ./jupiter/home.nix ]);
home-manager.nixosModules.home-manager {
home-manager.useGlobalPkgs = true;
home-manager.useUserPackages = true;
home-manager.extraSpecialArgs = { inherit user; };
home-manager.users.${user} = {
imports = [(import ./home_server.nix)] ++ [(import ./jupiter/home.nix)];
};
}
];
}; };
kabtopci = lib.nixosSystem { # Desktop profile kabtopci = lib.nixosSystem { # Server profile
inherit system; inherit system;
specialArgs = { inherit inputs user location nixos-hardware agenix nixpkgs impermanence; }; specialArgs = { inherit inputs location nixos-hardware agenix impermanence; user = defaultUser; };
modules = [ modules = [
agenix.nixosModules.default agenix.nixosModules.default
microvm.nixosModules.host microvm.nixosModules.host
./kabtopci ./kabtopci
./configuration_server.nix ./configuration_common.nix
../modules/hardware/hydraCache.nix
nixos-hardware.nixosModules.common-pc-ssd nixos-hardware.nixosModules.common-pc-ssd
] ++ (mkHM home-manager defaultUser [ ./home_server.nix ./kabtopci/home.nix ]);
home-manager.nixosModules.home-manager {
home-manager.useGlobalPkgs = true;
home-manager.useUserPackages = true;
home-manager.extraSpecialArgs = { inherit user; };
home-manager.users.${user} = {
imports = [(import ./home_server.nix)] ++ [(import ./kabtopci/home.nix)];
};
}
];
}; };
kubemaster-1 = lib.nixosSystem { # Desktop profile kubemaster-1 = lib.nixosSystem { # Server profile
inherit system; inherit system;
specialArgs = { inherit inputs user location nixos-hardware agenix nixpkgs impermanence; }; specialArgs = { inherit inputs location nixos-hardware agenix impermanence; user = defaultUser; };
modules = [ modules = [
agenix.nixosModules.default agenix.nixosModules.default
microvm.nixosModules.host microvm.nixosModules.host
./kubemaster-1 ./kubemaster-1
./configuration_server.nix ./configuration_common.nix
../modules/hardware/hydraCache.nix
nixos-hardware.nixosModules.common-cpu-intel nixos-hardware.nixosModules.common-cpu-intel
nixos-hardware.nixosModules.common-pc-ssd nixos-hardware.nixosModules.common-pc-ssd
] ++ (mkHM home-manager defaultUser [ ./home_server.nix ./kubemaster-1/home.nix ]);
home-manager.nixosModules.home-manager {
home-manager.useGlobalPkgs = true;
home-manager.useUserPackages = true;
home-manager.extraSpecialArgs = { inherit user; };
home-manager.users.${user} = {
imports = [(import ./home_server.nix)] ++ [(import ./kubemaster-1/home.nix)];
};
}
];
}; };
dmz = lib.nixosSystem { # Desktop profile dmz = lib.nixosSystem { # Server profile
inherit system; inherit system;
specialArgs = { inherit inputs user location nixos-hardware agenix nixpkgs impermanence; }; specialArgs = { inherit inputs location nixos-hardware agenix impermanence; user = defaultUser; };
modules = [ modules = [
agenix.nixosModules.default agenix.nixosModules.default
microvm.nixosModules.host microvm.nixosModules.host
./dmz ./dmz
./configuration_server.nix ./configuration_common.nix
../modules/hardware/hydraCache.nix
nixos-hardware.nixosModules.common-pc-ssd nixos-hardware.nixosModules.common-pc-ssd
] ++ (mkHM home-manager defaultUser [ ./home_server.nix ./dmz/home.nix ]);
home-manager.nixosModules.home-manager {
home-manager.useGlobalPkgs = true;
home-manager.useUserPackages = true;
home-manager.extraSpecialArgs = { inherit user; };
home-manager.users.${user} = {
imports = [(import ./home_server.nix)] ++ [(import ./dmz/home.nix)];
};
}
];
}; };
# vm = lib.nixosSystem { # VM profile # vm = lib.nixosSystem { # VM profile
@@ -259,14 +180,7 @@ in
# ./vm # ./vm
# ./configuration.nix # ./configuration.nix
# #
# home-manager.nixosModules.home-manager { # (mkHM home-manager [ ./home.nix ./vm/home.nix ])
# home-manager.useGlobalPkgs = true;
# home-manager.useUserPackages = true;
# home-manager.extraSpecialArgs = { inherit user; };
# home-manager.users.${user} = {
# imports = [(import ./home.nix)] ++ [(import ./vm/home.nix)];
# };
# }
# ]; # ];
# }; # };
} }

132
hosts/desktop/default.nix
View File

@@ -1,104 +1,60 @@
# #
# Specific system configuration settings for desktop # Hades desktop — system configuration
#
# flake.nix
# ├─ ./hosts
# │ └─ ./laptop
# │ ├─ default.nix *
# │ └─ hardware-configuration.nix
# └─ ./modules
# ├─ ./desktop
# │ └─ ./hyprland
# │ └─ hyprland.nix
# ├─ ./modules
# │ └─ ./programs
# │ └─ waybar.nix
# └─ ./hardware
# └─ default.nix
# #
{ inputs, lib, config, pkgs, user, nixpkgs, pkgs-kabbone, ... }: { lib, pkgs, inputs, ... }:
{ {
imports = # For now, if applying to other system, swap files # Example: host-specific overlays — only hades gets these packages in its pkgs.
[(import ./hardware-configuration.nix)] ++ # Current system hardware config @ /etc/nixos/hardware-configuration.nix # nixpkgs.overlays = [
[(import ../../modules/wm/niri/default.nix)] ++ # Window Manager # (final: prev: {
(import ../../modules/wm/virtualisation) ++ # libvirt + Docker # # pull a single package from unstable (no specialArgs needed)
[(import ../../modules/wm/virtualisation/kvm-amd.nix)] ++ # kvm module options # firefox = inputs.nixpkgs-unstable.legacyPackages.${prev.system}.firefox;
#[(import ../../modules/kabbone/corosync-qdevice.nix)] ++ # corosync qdevice quorum # # pull a package from pkgs-kabbone (inline import, no specialArgs needed)
(import ../../modules/hardware); # Hardware devices # corosync-qdevice = (import ../../packages { pkgs = prev; }).corosync-qdevice;
# })
# ];
boot = { # Boot options imports = [
./hardware-configuration.nix
../../modules/desktop
];
# ── Desktop module options ──────────────────────────────────────────────
myDesktop.windowManager = "niri";
myDesktop.cpu = "amd";
myDesktop.virtualisation.enable = true;
myDesktop.openrgb.enable = true;
myDesktop.openrgb.motherboard = "amd";
myDesktop.syncthing.enable = true;
myDesktop.syncthing.devices = {
"jupiter.home.opel-online.de" = { id = "T53WU6Z-3NT74ZE-PZVZB2N-7FBTZ5K-HESC2ZM-W4ABDAS-NWXHTGI-ST4CDQR"; };
"lifebook.home.opel-online.de" = { id = "RKPZG3H-BDUZID3-DV26MKR-UOARIQC-JBCAFXP-J5QFM4H-5EGBSM5-VEGXHQ4"; };
};
myDesktop.syncthing.folders = {
"Sync" = {
path = "/home/kabbone/Sync";
devices = [ "jupiter.home.opel-online.de" "lifebook.home.opel-online.de" ];
ignorePerms = false;
};
};
# ── Host-specific settings ──────────────────────────────────────────────
boot = {
kernelPackages = pkgs.linuxPackages_latest; kernelPackages = pkgs.linuxPackages_latest;
loader = {
loader = { # EFI Boot
systemd-boot.enable = lib.mkForce false; systemd-boot.enable = lib.mkForce false;
efi = { efi.canTouchEfiVariables = true;
canTouchEfiVariables = true; efi.efiSysMountPoint = "/boot";
efiSysMountPoint = "/boot"; timeout = 1;
}; };
timeout = 1; # Grub auto select time
};
lanzaboote = { lanzaboote = {
enable = true; enable = true;
pkiBundle = "/etc/secureboot"; pkiBundle = "/etc/secureboot";
}; };
}; };
# hardware.sane = { # Used for scanning with Xsane environment.systemPackages = [ pkgs.linux-firmware ];
# enable = false;
# extraBackends = [ pkgs.sane-airscan ];
# };
# hardware = {
# nitrokey.enable = true;
# };
environment = {
systemPackages = [
pkgs.linux-firmware
#pkgs-kabbone.corosync-qdevice
];
};
services = {
#auto-cpufreq.enable = true;
blueman.enable = true;
avahi = { # Needed to find wireless printer
enable = true;
nssmdns4 = true;
publish = { # Needed for detecting the scanner
enable = true;
addresses = true;
userServices = true;
};
};
hardware.openrgb = {
enable = true;
motherboard = "amd";
};
syncthing = {
enable = true;
group = "users";
user = "kabbone";
dataDir = "/home/${config.services.syncthing.user}/Sync";
configDir = "/home/${config.services.syncthing.user}/.config/syncthing";
overrideDevices = true; # overrides any devices added or deleted through the WebUI
overrideFolders = true; # overrides any folders added or deleted through the WebUI
openDefaultPorts = true;
settings = {
devices = {
"jupiter.home.opel-online.de" = { id = "T53WU6Z-3NT74ZE-PZVZB2N-7FBTZ5K-HESC2ZM-W4ABDAS-NWXHTGI-ST4CDQR"; };
"lifebook.home.opel-online.de" = { id = "RKPZG3H-BDUZID3-DV26MKR-UOARIQC-JBCAFXP-J5QFM4H-5EGBSM5-VEGXHQ4"; };
};
folders = {
"Sync" = { # Name of folder in Syncthing, also the folder ID
path = "/home/${config.services.syncthing.user}/Sync"; # Which folder to add to Syncthing
devices = [ "jupiter.home.opel-online.de" "lifebook.home.opel-online.de" ]; # Which devices to share the folder with
ignorePerms = false; # By default, Syncthing doesn't sync file permissions. This line enables it for this folder.
};
};
};
};
};
} }

39
hosts/desktop/home.nix
View File

@@ -1,52 +1,29 @@
# #
# Home-manager configuration for laptop # Hades desktop — home-manager host-specific additions
# # (WM home config is loaded by modules/desktop based on myDesktop.windowManager)
# flake.nix
# ├─ ./hosts
# │ └─ ./laptop
# │ └─ home.nix *
# └─ ./modules
# └─ ./desktop
# └─ ./hyprland
# └─ hyprland.nix
# #
{ pkgs, ... }: { pkgs, ... }:
{ {
imports = imports = [
[ ../../modules/home.nix # cmds / theme options
#../../modules/wm/hyprland/home.nix # Window Manager
../../modules/wm/niri/home.nix # Window Manager
../../modules/home.nix # Window Manager
]; ];
home = { # Specific packages for laptop home.packages = with pkgs; [
packages = with pkgs; [
# Applications
#freecad # Office packages
#firefox
chromium chromium
thunderbird thunderbird
streamlink streamlink
streamlink-twitch-gui-bin streamlink-twitch-gui-bin
#nheko
pulsemixer pulsemixer
#yubioath-flutter
nitrokey-app nitrokey-app
kicad kicad
# Power Management
#auto-cpufreq # Power management
#tlp # Power management
]; ];
};
services = { # Applets services = {
blueman-applet.enable = true; # Bluetooth blueman-applet.enable = true;
network-manager-applet.enable = true; # Network network-manager-applet.enable = true;
}; };
xsession.preferStatusNotifierItems = true; xsession.preferStatusNotifierItems = true;
} }

53
hosts/dmz/default.nix
View File

@@ -1,59 +1,40 @@
# #
# Specific system configuration settings for desktop # DMZ — demilitarised zone server configuration
#
# flake.nix
# ├─ ./hosts
# │ └─ ./laptop
# │ ├─ default.nix *
# │ └─ hardware-configuration.nix
# └─ ./modules
# ├─ ./desktop
# │ └─ ./hyprland
# │ └─ hyprland.nix
# ├─ ./modules
# │ └─ ./programs
# │ └─ waybar.nix
# └─ ./hardware
# └─ default.nix
# #
{ config, pkgs, user, agenix, impermanence, ... }: { config, pkgs, user, agenix, impermanence, ... }:
{ {
imports = # For now, if applying to other system, swap files imports = [
[(import ./hardware-configuration.nix)] ++ # Current system hardware config @ /etc/nixos/hardware-configuration.nix ./hardware-configuration.nix
[(import ../../modules/wm/virtualisation/docker.nix)] ++ # Docker ../../modules/server
[(import ../../modules/wm/virtualisation/kvm-intel.nix)] ++ # Docker ] ++ (import ../../modules/services/dmz);
(import ../../modules/services/dmz); # Server Services
boot = { # Boot options # ── Server module options ───────────────────────────────────────────────
myServer.virtualisation.enable = true;
myServer.virtualisation.cpu = "intel";
# ── Host-specific settings ──────────────────────────────────────────────
boot = {
kernelPackages = pkgs.linuxPackages_latest; kernelPackages = pkgs.linuxPackages_latest;
loader = {
loader = { # EFI Boot
systemd-boot.enable = true; systemd-boot.enable = true;
efi = { efi.canTouchEfiVariables = true;
canTouchEfiVariables = true; efi.efiSysMountPoint = "/boot";
efiSysMountPoint = "/boot"; timeout = 1;
}; };
timeout = 1; # Grub auto select time
};
};
programs = {
zsh.enable = true;
}; };
services = { services = {
qemuGuest.enable = true; qemuGuest.enable = true;
avahi = { # Needed to find wireless printer avahi = {
enable = true; enable = true;
nssmdns4 = true; nssmdns4 = true;
publish = { # Needed for detecting the scanner publish = {
enable = true; enable = true;
addresses = true; addresses = true;
userServices = true; userServices = true;
}; };
}; };
}; };
} }

3
hosts/home.nix
View File

@@ -15,7 +15,7 @@
# └─ default.nix # └─ default.nix
# #
{ config, lib, pkgs, user, pkgs-stable, ... }: { config, lib, pkgs, user, ... }:
{ {
imports = imports =
@@ -47,6 +47,7 @@
screen screen
yubioath-flutter yubioath-flutter
nitrokey-app nitrokey-app
claude-code
tailscale tailscale
wireguard-tools wireguard-tools

72
hosts/jupiter/default.nix
View File

@@ -1,55 +1,39 @@
# #
# Specific system configuration settings for desktop # Jupiter — NAS server configuration
#
# flake.nix
# ├─ ./hosts
# │ └─ ./laptop
# │ ├─ default.nix *
# │ └─ hardware-configuration.nix
# └─ ./modules
# ├─ ./desktop
# │ └─ ./hyprland
# │ └─ hyprland.nix
# ├─ ./modules
# │ └─ ./programs
# │ └─ waybar.nix
# └─ ./hardware
# └─ default.nix
# #
{ config, pkgs, user, pkgs-kabbone, ... }: { config, pkgs, inputs, user, ... }:
{ {
imports = # For now, if applying to other ssystem, swap files imports = [
[(import ./hardware-configuration.nix)] ++ # Current system hardware config @ /etc/nixos/hardware-configuration.nix ./hardware-configuration.nix
#(import ../../modules/wm/virtualisation) ++ # Docker ../../modules/server
(import ../../modules/services/nas) ++ # Server Services ] ++ (import ../../modules/services/nas);
(import ../../modules/hardware); # Hardware devices
boot = { # Boot options # ── Server module options ───────────────────────────────────────────────
kernelPackages = pkgs.linuxPackages_latest; # No virtualisation on the NAS
loader = { # EFI Boot # ── Host-specific settings ──────────────────────────────────────────────
systemd-boot.enable = true;
efi = {
canTouchEfiVariables = true;
efiSysMountPoint = "/boot";
};
timeout = 1; # Grub auto select time
};
};
# environment = { # Example: host-specific overlay — only jupiter gets these packages in its pkgs.
# systemPackages = with pkgs-kabbone; [ # nixpkgs.overlays = [
# corosync-qdevice # (final: prev: {
### simple-scan # corosync-qdevice = (import ../../packages { pkgs = prev; }).corosync-qdevice;
### intel-media-driver # firefox = inputs.nixpkgs-unstable.legacyPackages.${prev.system}.firefox;
### alacritty # })
# ]; # ];
# };
boot = {
kernelPackages = pkgs.linuxPackages_latest;
loader = {
systemd-boot.enable = true;
efi.canTouchEfiVariables = true;
efi.efiSysMountPoint = "/boot";
timeout = 1;
};
};
programs = { programs = {
zsh.enable = true;
ssh.startAgent = false; ssh.startAgent = false;
gnupg.agent = { gnupg.agent = {
enable = false; enable = false;
@@ -60,16 +44,14 @@
services = { services = {
qemuGuest.enable = true; qemuGuest.enable = true;
avahi = { # Needed to find wireless printer avahi = {
enable = true; enable = true;
nssmdns4 = true; nssmdns4 = true;
publish = { # Needed for detecting the scanner publish = {
enable = true; enable = true;
addresses = true; addresses = true;
userServices = true; userServices = true;
}; };
}; };
}; };
} }

90
hosts/kabtop/default.nix
View File

@@ -1,45 +1,33 @@
# #
# Specific system configuration settings for desktop # Kabtop — server configuration
#
# flake.nix
# ├─ ./hosts
# │ └─ ./laptop
# │ ├─ default.nix *
# │ └─ hardware-configuration.nix
# └─ ./modules
# ├─ ./desktop
# │ └─ ./hyprland
# │ └─ hyprland.nix
# ├─ ./modules
# │ └─ ./programs
# │ └─ waybar.nix
# └─ ./hardware
# └─ default.nix
# #
{ config, pkgs, pkgs-unstable, user, agenix, impermanence, ... }: { config, pkgs, user, agenix, impermanence, ... }:
{ {
imports = # For now, if applying to other system, swap files imports = [
[(import ./hardware-configuration.nix)] ++ # Current system hardware config @ /etc/nixos/hardware-configuration.nix ./hardware-configuration.nix
[(import ../../modules/wm/virtualisation/docker.nix)] ++ # Docker ../../modules/server
[(import ../../modules/wm/virtualisation/kvm-amd.nix)] ++ # kvm module options ] ++ (import ../../modules/services/server);
(import ../../modules/services/server); # Server Services
boot = { # Boot options # ── Server module options ───────────────────────────────────────────────
myServer.virtualisation.enable = true;
myServer.virtualisation.cpu = "amd";
myServer.fail2ban.enable = true;
# ── Host-specific settings ──────────────────────────────────────────────
boot = {
kernelPackages = pkgs.linuxPackages_latest; kernelPackages = pkgs.linuxPackages_latest;
loader = {
loader = { # EFI Boot
grub = { grub = {
enable = true; enable = true;
device = "/dev/sda"; device = "/dev/sda";
}; };
timeout = 1; # Grub auto select time timeout = 1;
}; };
}; };
environment = { environment.etc = {
etc = {
"fail2ban/filter.d/open-webui.conf" = { "fail2ban/filter.d/open-webui.conf" = {
source = ../../modules/services/server/fail2ban/filter/open-webui.conf; source = ../../modules/services/server/fail2ban/filter/open-webui.conf;
mode = "0444"; mode = "0444";
@@ -53,10 +41,8 @@
mode = "0444"; mode = "0444";
}; };
}; };
};
programs = { programs = {
zsh.enable = true;
ssh.startAgent = false; ssh.startAgent = false;
gnupg.agent = { gnupg.agent = {
enable = true; enable = true;
@@ -65,47 +51,5 @@
}; };
}; };
services = { services.qemuGuest.enable = true;
#auto-cpufreq.enable = true;
qemuGuest.enable = true;
#avahi = { # Needed to find wireless printer
# enable = true;
# nssmdns = true;
# publish = { # Needed for detecting the scanner
# enable = true;
# addresses = true;
# userServices = true;
# };
#};
fail2ban = {
enable = true;
maxretry = 5;
jails.DEFAULT.settings = {
findtime = "15m";
};
jails = {
open-webui = ''
enabled = true
filter = open-webui
backend = systemd
action = iptables-allports
'';
gitea = ''
enabled = true
filter = gitea
backend = systemd
action = iptables-allports
'';
nextcloud = ''
backend = auto
enabled = true
filter = nextcloud
logpath = /var/lib/nextcloud/data/nextcloud.log
action = iptables-allports
'';
};
};
};
} }

43
hosts/kabtopci/default.nix
View File

@@ -1,45 +1,28 @@
# #
# Specific system configuration settings for desktop # Kabtopci — CI server configuration
#
# flake.nix
# ├─ ./hosts
# │ └─ ./laptop
# │ ├─ default.nix *
# │ └─ hardware-configuration.nix
# └─ ./modules
# ├─ ./desktop
# │ └─ ./hyprland
# │ └─ hyprland.nix
# ├─ ./modules
# │ └─ ./programs
# │ └─ waybar.nix
# └─ ./hardware
# └─ default.nix
# #
{ config, pkgs, user, agenix, impermanence, ... }: { config, pkgs, user, agenix, impermanence, ... }:
{ {
imports = # For now, if applying to other system, swap files imports = [
[(import ./hardware-configuration.nix)] ++ # Current system hardware config @ /etc/nixos/hardware-configuration.nix ./hardware-configuration.nix
[(import ../../modules/wm/virtualisation/docker.nix)] ++ # Docker ../../modules/server
[(import ../../modules/wm/virtualisation/kvm-amd.nix)] ++ # Docker ] ++ (import ../../modules/services/kabtopci);
(import ../../modules/services/kabtopci); # Server Services
boot = { # Boot options # ── Server module options ───────────────────────────────────────────────
myServer.virtualisation.enable = true;
myServer.virtualisation.cpu = "amd";
# ── Host-specific settings ──────────────────────────────────────────────
boot = {
kernelPackages = pkgs.linuxPackages_latest; kernelPackages = pkgs.linuxPackages_latest;
loader = {
loader = { # EFI Boot
grub = { grub = {
enable = true; enable = true;
device = "/dev/vda"; device = "/dev/vda";
}; };
timeout = 1; # Grub auto select time timeout = 1;
}; };
}; };
programs = {
zsh.enable = true;
};
} }

55
hosts/kubemaster-1/default.nix
View File

@@ -1,58 +1,37 @@
# #
# Specific system configuration settings for desktop # Kubemaster-1 — Kubernetes master server configuration
#
# flake.nix
# ├─ ./hosts
# │ └─ ./laptop
# │ ├─ default.nix *
# │ └─ hardware-configuration.nix
# └─ ./modules
# ├─ ./desktop
# │ └─ ./hyprland
# │ └─ hyprland.nix
# ├─ ./modules
# │ └─ ./programs
# │ └─ waybar.nix
# └─ ./hardware
# └─ default.nix
# #
{ config, pkgs, user, agenix, impermanence, ... }: { config, pkgs, user, agenix, impermanence, ... }:
{ {
imports = # For now, if applying to other system, swap files imports = [
[(import ./hardware-configuration.nix)] ++ # Current system hardware config @ /etc/nixos/hardware-configuration.nix ./hardware-configuration.nix
[(import ../../modules/wm/virtualisation/docker.nix)] ++ # Docker ../../modules/server
[(import ../../modules/wm/virtualisation/kvm-intel.nix)] ++ # Docker ] ++ (import ../../modules/services/kubemaster);
(import ../../modules/services/kubemaster); # Server Services
boot = { # Boot options # ── Server module options ───────────────────────────────────────────────
myServer.virtualisation.enable = true;
myServer.virtualisation.cpu = "intel";
# ── Host-specific settings ──────────────────────────────────────────────
boot = {
kernelPackages = pkgs.linuxPackages_latest; kernelPackages = pkgs.linuxPackages_latest;
loader = {
loader = { # EFI Boot
systemd-boot.enable = true; systemd-boot.enable = true;
efi = { efi.canTouchEfiVariables = true;
canTouchEfiVariables = true; efi.efiSysMountPoint = "/boot";
efiSysMountPoint = "/boot"; timeout = 1;
};
timeout = 1; # Grub auto select time
}; };
}; };
programs = { services.avahi = {
zsh.enable = true;
};
services = {
avahi = { # Needed to find wireless printer
enable = true; enable = true;
nssmdns4 = true; nssmdns4 = true;
publish = { # Needed for detecting the scanner publish = {
enable = true; enable = true;
addresses = true; addresses = true;
userServices = true; userServices = true;
}; };
}; };
};
} }

125
hosts/lifebook/default.nix
View File

@@ -1,99 +1,58 @@
# #
# Specific system configuration settings for desktop # Lifebook laptop — system configuration
#
# flake.nix
# ├─ ./hosts
# │ └─ ./laptop
# │ ├─ default.nix *
# │ └─ hardware-configuration.nix
# └─ ./modules
# ├─ ./desktop
# │ └─ ./hyprland
# │ └─ hyprland.nix
# ├─ ./modules
# │ └─ ./programs
# │ └─ waybar.nix
# └─ ./hardware
# └─ default.nix
# #
{ inputs, lib, config, pkgs, user, ... }: { lib, pkgs, ... }:
{ {
imports = # For now, if applying to other system, swap files imports = [
[(import ./hardware-configuration.nix)] ++ # Current system hardware config @ /etc/nixos/hardware-configuration.nix ./hardware-configuration.nix
[(import ../../modules/wm/niri/default.nix)] ++ # Window Manager ../../modules/desktop
(import ../../modules/wm/virtualisation) ++ # libvirt + Docker ];
[(import ../../modules/wm/virtualisation/kvm-intel.nix)] ++ # kvm module options
(import ../../modules/hardware); # Hardware devices
boot = { # Boot options # ── Desktop module options ──────────────────────────────────────────────
myDesktop.windowManager = "niri";
myDesktop.niri.hotkeyVariant = "lifebook";
myDesktop.cpu = "intel";
myDesktop.virtualisation.enable = true;
myDesktop.laptop.enable = true;
myDesktop.laptop.lidSwitch = "suspend-then-hibernate";
myDesktop.laptop.hibernateDelaySec = "1h";
myDesktop.nitrokey.enable = true;
myDesktop.syncthing.enable = true;
myDesktop.syncthing.devices = {
"jupiter.home.opel-online.de" = { id = "T53WU6Z-3NT74ZE-PZVZB2N-7FBTZ5K-HESC2ZM-W4ABDAS-NWXHTGI-ST4CDQR"; };
"hades.home.opel-online.de" = { id = "3VPCBVW-RH7XKFM-TWJGQHC-ZRAQ575-CQKGGKP-NAB4VXE-KCKJFUT-AMCUQQA"; };
};
myDesktop.syncthing.folders = {
"Sync" = {
path = "/home/kabbone/Sync";
devices = [ "jupiter.home.opel-online.de" "hades.home.opel-online.de" ];
ignorePerms = false;
};
};
myDesktop.extraSystemPackages = with pkgs; [
intel-media-driver
intel-compute-runtime
];
# ── Host-specific settings ──────────────────────────────────────────────
boot = {
kernelPackages = pkgs.linuxPackages_latest; kernelPackages = pkgs.linuxPackages_latest;
initrd.prepend = [ "${./patched-SSDT4}" ]; initrd.prepend = [ "${./patched-SSDT4}" ];
loader = {
loader = { # EFI Boot
systemd-boot.enable = lib.mkForce false; systemd-boot.enable = lib.mkForce false;
efi = { efi.canTouchEfiVariables = true;
canTouchEfiVariables = true; efi.efiSysMountPoint = "/boot";
efiSysMountPoint = "/boot"; timeout = 1;
}; };
timeout = 1; # Grub auto select time
};
lanzaboote = { lanzaboote = {
enable = true; enable = true;
pkiBundle = "/etc/secureboot"; pkiBundle = "/etc/secureboot";
}; };
}; };
hardware = {
nitrokey.enable = true;
};
environment = {
systemPackages = with pkgs; [
linux-firmware
intel-media-driver
intel-compute-runtime
];
};
systemd.sleep.extraConfig = "HibernateDelaySec=1h";
services = {
logind.settings.Login.HandleLidSwitch = "suspend-then-hibernate"; # Laptop does not go to sleep when lid is closed
blueman.enable = true;
avahi = { # Needed to find wireless printer
enable = true;
nssmdns4 = true;
publish = { # Needed for detecting the scanner
enable = true;
addresses = true;
userServices = true;
};
};
#tailscale.enable = true;
syncthing = {
enable = true;
group = "users";
user = "kabbone";
dataDir = "/home/${config.services.syncthing.user}/Sync";
configDir = "/home/${config.services.syncthing.user}/.config/syncthing";
overrideDevices = true; # overrides any devices added or deleted through the WebUI
overrideFolders = true; # overrides any folders added or deleted through the WebUI
openDefaultPorts = true;
settings = {
devices = {
"jupiter.home.opel-online.de" = { id = "T53WU6Z-3NT74ZE-PZVZB2N-7FBTZ5K-HESC2ZM-W4ABDAS-NWXHTGI-ST4CDQR"; };
"hades.home.opel-online.de" = { id = "3VPCBVW-RH7XKFM-TWJGQHC-ZRAQ575-CQKGGKP-NAB4VXE-KCKJFUT-AMCUQQA"; };
};
folders = {
"Sync" = { # Name of folder in Syncthing, also the folder ID
path = "/home/${config.services.syncthing.user}/Sync"; # Which folder to add to Syncthing
devices = [ "jupiter.home.opel-online.de" "hades.home.opel-online.de" ]; # Which devices to share the folder with
ignorePerms = false; # By default, Syncthing doesn't sync file permissions. This line enables it for this folder.
};
};
};
};
};
} }

38
hosts/lifebook/home.nix
View File

@@ -1,49 +1,29 @@
# #
# Home-manager configuration for laptop # Lifebook laptop — home-manager host-specific additions
# # (WM home config is loaded by modules/desktop based on myDesktop.windowManager)
# flake.nix
# ├─ ./hosts
# │ └─ ./laptop
# │ └─ home.nix *
# └─ ./modules
# └─ ./desktop
# └─ ./hyprland
# └─ hyprland.nix
# #
{ pkgs, ... }: { pkgs, ... }:
{ {
imports = imports = [
[ ../../modules/home.nix # cmds / theme options
#../../modules/wm/hyprland/home.nix # Window Manager
../../modules/wm/niri/home.nix # Window Manager
../../modules/home.nix # Window Manager
]; ];
home = { # Specific packages for laptop home.packages = with pkgs; [
packages = with pkgs; [ libreoffice
# Applications
libreoffice # Office packages
#firefox
chromium chromium
thunderbird thunderbird
streamlink streamlink
streamlink-twitch-gui-bin streamlink-twitch-gui-bin
intel-gpu-tools intel-gpu-tools
pulsemixer pulsemixer
# Power Management
#auto-cpufreq # Power management
#tlp # Power management
]; ];
};
services = { # Applets services = {
blueman-applet.enable = true; # Bluetooth blueman-applet.enable = true;
network-manager-applet.enable = true; # Network network-manager-applet.enable = true;
}; };
xsession.preferStatusNotifierItems = true; xsession.preferStatusNotifierItems = true;
} }

50
hosts/nasbackup/default.nix
View File

@@ -1,46 +1,30 @@
# #
# Specific system configuration settings for desktop # Nasbak — NAS backup server configuration
#
# flake.nix
# ├─ ./hosts
# │ └─ ./laptop
# │ ├─ default.nix *
# │ └─ hardware-configuration.nix
# └─ ./modules
# ├─ ./desktop
# │ └─ ./hyprland
# │ └─ hyprland.nix
# ├─ ./modules
# │ └─ ./programs
# │ └─ waybar.nix
# └─ ./hardware
# └─ default.nix
# #
{ config, pkgs, user, ... }: { config, pkgs, user, ... }:
{ {
imports = # For now, if applying to other system, swap files imports = [
[(import ./hardware-configuration.nix)] ++ # Current system hardware config @ /etc/nixos/hardware-configuration.nix ./hardware-configuration.nix
#[(import ../../modules/wm/virtualisation/docker.nix)] ++ # Docker ../../modules/server
(import ../../modules/services/nasbackup) ++ # Server Services ] ++ (import ../../modules/services/nasbackup);
(import ../../modules/hardware); # Hardware devices
boot = { # Boot options # ── Server module options ───────────────────────────────────────────────
# No virtualisation on the backup NAS
# ── Host-specific settings ──────────────────────────────────────────────
boot = {
kernelPackages = pkgs.linuxPackages_latest; kernelPackages = pkgs.linuxPackages_latest;
loader = {
loader = { # EFI Boot
systemd-boot.enable = true; systemd-boot.enable = true;
efi = { efi.canTouchEfiVariables = true;
canTouchEfiVariables = true; efi.efiSysMountPoint = "/boot";
efiSysMountPoint = "/boot"; timeout = 1;
};
timeout = 1; # Grub auto select time
}; };
}; };
programs = { programs = {
zsh.enable = true;
ssh.startAgent = false; ssh.startAgent = false;
gnupg.agent = { gnupg.agent = {
enable = false; enable = false;
@@ -51,16 +35,14 @@
services = { services = {
qemuGuest.enable = true; qemuGuest.enable = true;
avahi = { # Needed to find wireless printer avahi = {
enable = true; enable = true;
nssmdns4 = true; nssmdns4 = true;
publish = { # Needed for detecting the scanner publish = {
enable = true; enable = true;
addresses = true; addresses = true;
userServices = true; userServices = true;
}; };
}; };
}; };
} }

78
hosts/steamdeck/default.nix
View File

@@ -1,80 +1,50 @@
# #
# Specific system configuration settings for desktop # Steamdeck — system configuration
#
# flake.nix
# ├─ ./hosts
# │ └─ ./laptop
# │ ├─ default.nix *
# │ └─ hardware-configuration.nix
# └─ ./modules
# ├─ ./desktop
# │ └─ ./hyprland
# │ └─ hyprland.nix
# ├─ ./modules
# │ └─ ./programs
# │ └─ waybar.nix
# └─ ./hardware
# └─ default.nix
# #
{ config, pkgs, user, jovian-nixos, lib, ... }: { lib, pkgs, user, jovian-nixos, ... }:
{ {
imports = [
./hardware-configuration.nix
../../modules/desktop
../../modules/wm/steam
];
# ── Desktop module options ──────────────────────────────────────────────
myDesktop.windowManager = "kde";
myDesktop.cpu = "amd";
myDesktop.virtualisation.enable = true;
myDesktop.nitrokey.enable = true;
specialisation = { specialisation = {
sway.configuration = { sway.configuration = {
imports = imports = [ (import ../../modules/wm/sway) ];
[(import ../../modules/wm/sway)];
jovian.steam.enable = lib.mkForce false; jovian.steam.enable = lib.mkForce false;
services.desktopManager.plasma6.enable = lib.mkForce false; services.desktopManager.plasma6.enable = lib.mkForce false;
}; };
}; };
imports = # For now, if applying to other system, swap files # ── Host-specific settings ──────────────────────────────────────────────
[(import ./hardware-configuration.nix)] ++ # Current system hardware config @ /etc/nixos/hardware-configuration.nix boot = {
(import ../../modules/wm/virtualisation) ++ # libvirt + Docker loader = {
[(import ../../modules/wm/virtualisation/kvm-amd.nix)] ++ # kvm module options
[(import ../../modules/wm/steam)] ++
[(import ../../modules/wm/kde)] ++
(import ../../modules/hardware); # Hardware devices
boot = { # Boot options
loader = { # EFI Boot
systemd-boot.enable = lib.mkForce false; systemd-boot.enable = lib.mkForce false;
efi = { efi.canTouchEfiVariables = true;
canTouchEfiVariables = true; efi.efiSysMountPoint = "/boot";
efiSysMountPoint = "/boot"; timeout = 1;
}; };
timeout = 1; # Grub auto select time
};
lanzaboote = { lanzaboote = {
enable = true; enable = true;
pkiBundle = "/etc/secureboot"; pkiBundle = "/etc/secureboot";
}; };
}; };
hardware = { services.printing = {
nitrokey.enable = true;
};
services = {
# blueman.enable = true;
printing = { # Printing and drivers for TS5300
enable = true; enable = true;
drivers = [ pkgs.gutenprint ]; drivers = [ pkgs.gutenprint ];
}; };
avahi = { # Needed to find wireless printer
enable = true;
nssmdns4 = true;
publish = { # Needed for detecting the scanner
enable = true;
addresses = true;
userServices = true;
};
};
tailscale.enable = true;
}; services.tailscale.enable = true;
security.pam.sshAgentAuth.enable = true; security.pam.sshAgentAuth.enable = true;
} }

34
hosts/steamdeck/home.nix
View File

@@ -1,14 +1,5 @@
# #
# Home-manager configuration for laptop # Home-manager configuration for steamdeck
#
# flake.nix
# ├─ ./hosts
# │ └─ ./laptop
# │ └─ home.nix *
# └─ ./modules
# └─ ./desktop
# └─ ./hyprland
# └─ hyprland.nix
# #
{ pkgs, ... }: { pkgs, ... }:
@@ -16,37 +7,24 @@
{ {
specialisation = { specialisation = {
sway.configuration = { sway.configuration = {
imports = imports = [ (import ../../modules/wm/sway/home.nix) ];
[(import ../../modules/wm/sway/home.nix)];
}; };
}; };
imports = imports =
[(import ../../modules/home.nix)] ++ # Window Manager [ (import ../../modules/home.nix) ] ++
[(import ../../modules/wm/steam/home.nix)] ++ [ (import ../../modules/wm/steam/home.nix) ];
[(import ../../modules/wm/kde/home.nix)];
home = { # Specific packages for laptop home = {
packages = with pkgs; [ packages = with pkgs; [
# Applications libreoffice
libreoffice # Office packages
#firefox
chromium chromium
thunderbird thunderbird
streamlink streamlink
streamlink-twitch-gui-bin streamlink-twitch-gui-bin
pulsemixer pulsemixer
#yuzu-early-access
# Power Management
#auto-cpufreq # Power management
#tlp # Power management
]; ];
}; };
services = { # Applets
};
xsession.preferStatusNotifierItems = true; xsession.preferStatusNotifierItems = true;
} }

522
modules/desktop/default.nix Normal file
View File

@@ -0,0 +1,522 @@
#
# Desktop module — import this instead of manual WM/virtualisation imports.
#
# Usage in hosts/<hostname>/default.nix:
#
# imports = [
# ./hardware-configuration.nix
# ../../modules/desktop
# ];
#
# myDesktop.windowManager = "niri"; # niri (default) | sway | kde
# myDesktop.cpu = "amd"; # amd | intel | none (default)
#
# myDesktop.virtualisation.enable = true;
#
# myDesktop.syncthing.enable = true;
# myDesktop.syncthing.devices = { "jupiter.home.example.de" = { id = "XXXXX-..."; }; };
# myDesktop.syncthing.folders = { "Sync" = { path = "/home/user/Sync"; devices = [...]; }; };
#
# myDesktop.openrgb.enable = true;
# myDesktop.openrgb.motherboard = "amd"; # or "intel"
#
# myDesktop.laptop.enable = true;
# myDesktop.laptop.lidSwitch = "suspend-then-hibernate";
# myDesktop.laptop.hibernateDelaySec = "1h";
#
# myDesktop.nitrokey.enable = true;
#
# myDesktop.extraSystemPackages = with pkgs; [ some-tool ];
#
{ config, lib, pkgs, inputs, user, ... }:
let
cfg = config.myDesktop;
in
{
# Hardware modules that are always useful on desktops (bluetooth, …)
imports = (import ../hardware);
# ── Options ──────────────────────────────────────────────────────────────
options.myDesktop = with lib; {
windowManager = mkOption {
type = types.enum [ "niri" "sway" "kde" ];
default = "niri";
description = "Window manager / desktop environment for this host.";
};
cpu = mkOption {
type = types.enum [ "amd" "intel" "none" ];
default = "none";
description = "CPU type selects the matching KVM kernel parameters.";
};
virtualisation.enable =
mkEnableOption "virtualisation stack (podman/docker-compat, qemu/libvirt, virt-manager)";
syncthing = {
enable = mkEnableOption "syncthing continuous file synchronisation";
devices = mkOption {
type = types.attrs;
default = {};
example = literalExpression
''{ "jupiter.home.example.de" = { id = "XXXXX-XXXXX-XXXXX-..."; }; }'';
description = "Syncthing peer devices.";
};
folders = mkOption {
type = types.attrs;
default = {};
example = literalExpression
''{ "Sync" = { path = "/home/user/Sync"; devices = [ "jupiter" ]; ignorePerms = false; }; }'';
description = "Syncthing shared folders.";
};
};
openrgb = {
enable = mkEnableOption "OpenRGB RGB motherboard control";
motherboard = mkOption {
type = types.str;
default = "amd";
description = "Motherboard vendor string passed to OpenRGB (amd or intel).";
};
};
laptop = {
enable = mkEnableOption "laptop-specific settings (lid-switch, hibernate delay)";
lidSwitch = mkOption {
type = types.str;
default = "suspend-then-hibernate";
description = "systemd-logind action on lid close.";
};
hibernateDelaySec = mkOption {
type = types.str;
default = "1h";
description = "Delay before transitioning from suspend to hibernate.";
};
};
nitrokey.enable = mkEnableOption "Nitrokey hardware security key support";
niri.hotkeyVariant = mkOption {
type = types.enum [ "default" "lifebook" ];
default = "default";
description = "Niri hotkey variant to deploy selects binds/<variant>.kdl.";
};
git.signingKey = mkOption {
type = types.str;
default = "/home/${user}/.ssh/id_ed25519_sk_rk_red";
description = "SSH key used for git commit signing on this host.";
};
extraSystemPackages = mkOption {
type = types.listOf types.package;
default = [];
description = "Additional system packages specific to this host.";
};
};
# ── Configuration ────────────────────────────────────────────────────────
config = lib.mkMerge [
# ── Base desktop config (replaces configuration_desktop.nix) ───────────
{
users.users.${user} = {
isNormalUser = true;
uid = 2000;
extraGroups = [
"wheel" "video" "audio" "camera" "networkmanager"
"lp" "kvm" "libvirtd" "adb" "dialout" "tss"
];
};
security = {
pam.services.login.enableGnomeKeyring = true;
# swaylock PAM is harmless on non-sway WMs
pam.services.swaylock = {};
rtkit.enable = true;
};
environment.systemPackages = with pkgs;
[
file
powertop
cpufrequtils
lm_sensors
libva-utils
at-spi2-core
qmk-udev-rules
gptfdisk
age-plugin-yubikey
pwgen
sbctl
ausweisapp
e2fsprogs
orca-slicer
]
++ cfg.extraSystemPackages;
nixpkgs.config.permittedInsecurePackages = [ "mbedtls-2.28.10" ];
services = {
pipewire = {
enable = true;
alsa.enable = true;
pulse.enable = true;
wireplumber.enable = true;
};
pcscd.enable = true;
yubikey-agent.enable = true;
udev.packages = with pkgs; [ yubikey-personalization nitrokey-udev-rules ];
flatpak.enable = true;
gvfs.enable = true;
fwupd.enable = true;
blueman.enable = true;
avahi = {
enable = true;
nssmdns4 = true;
publish = {
enable = true;
addresses = true;
userServices = true;
};
};
};
programs.dconf.enable = true;
system.autoUpgrade.enable = false;
home-manager.users.${user}.programs.git.signing.key =
cfg.git.signingKey;
}
# ── Niri ───────────────────────────────────────────────────────────────
(lib.mkIf (cfg.windowManager == "niri") {
environment = {
systemPackages = with pkgs; [
alacritty
xdg-desktop-portal-gnome
xdg-desktop-portal-gtk
swaylock
swayidle
slurp
grim
lxqt.lxqt-openssh-askpass
clinfo
glib
brightnessctl
playerctl
xwayland-satellite
breeze-hacked-cursor-theme
pwvucontrol
];
loginShellInit = ''
export GTK_IM_MODULE="simple"
export ELECTRON_OZONE_PLATFORM_HINT="auto"
export NIXOS_OZONE_WL="1"
export WLR_RENDERER="vulkan"
export _JAVA_AWT_WM_NONREPARENTING="1"
'';
};
services = {
iio-niri.enable = false;
greetd = {
enable = true;
useTextGreeter = true;
settings.default_session.command =
"${pkgs.tuigreet}/bin/tuigreet --time --cmd niri-session";
};
tuned.enable = true;
upower.enable = true;
};
programs = {
niri.enable = true;
ssh.enableAskPassword = true;
ssh.askPassword =
"${pkgs.lxqt.lxqt-openssh-askpass}/bin/lxqt-openssh-askpass";
};
# Noctalia shell + niri home config via home-manager
home-manager.users.${user} = {
imports = [
inputs.noctalia.homeModules.default
../wm/niri/home.nix
];
xdg.configFile."niri/binds.kdl".source =
../wm/niri/binds/${cfg.niri.hotkeyVariant}.kdl;
services = {
mako.enable = true;
polkit-gnome.enable = true;
};
programs = {
fuzzel.enable = true;
noctalia-shell = {
enable = true;
settings = {
appLauncher.terminalCommand = "alacritty -e";
bar = {
density = "compact";
position = "top";
showCapsule = false;
widgets = {
left = [
{ id = "ControlCenter"; useDistroLogo = true; }
{ hideUnoccupied = false; id = "Workspace";
labelMode = "index"; showApplications = true; }
{ id = "ActiveWindow"; }
];
center = [
{ formatHorizontal = "HH:mm\\ndd-MM-yy";
formatVertical = "HH mm";
id = "Clock";
useMonospacedFont = true;
usePrimaryColor = true; }
];
right = [
{ id = "MediaMini"; }
{ id = "SystemMonitor"; showNetworkStats = true; compactMode = false; }
{ id = "WiFi"; }
{ id = "Bluetooth"; }
{ id = "Battery"; displayMode = "icon-always"; hideIfNotDetected = true; }
{ id = "Volume"; displayMode = "alwaysShow"; }
{ id = "NotificationHistory"; hideWhenZero = true; }
{ id = "Tray"; }
];
};
};
colorSchemes.predefinedScheme = "Catppuccin";
general = {
avatarImage = "/home/${user}/.face";
radiusRatio = 0.2;
lockOnSusepnd = true;
};
location = {
monthBeforeDay = true;
name = "Munich, Germany";
showWeekNumberInCalendar = true;
firstDayOfWeek = 0;
};
wallpaper = {
enabled = true;
overviewEnabled = false;
directory = "/home/${user}/.setup/modules/themes/";
};
brightness = {
enforceMinimum = true;
brightnessStep = 5;
};
controlCenter.shortcuts.left = [
{ id = "WiFi"; }
{ id = "Bluetooth"; }
{ id = "ScreenRecorder"; }
{ id = "PowerProfile"; }
{ id = "KeepAwake"; }
];
dock.enabled = false;
sessionMenu.enableCountdown = false;
templates = {
fuzzel = true;
alacritty = true;
qt = true;
gtk = true;
discord = true;
code = true;
telegram = true;
niri = true;
firefox = true;
};
};
};
};
home.file.".cache/noctalia/wallpapers.json".text = builtins.toJSON {
defaultWallpaper = "/home/${user}/.setup/modules/themes/wall.jpg";
};
};
})
# ── Sway ───────────────────────────────────────────────────────────────
(lib.mkIf (cfg.windowManager == "sway") {
environment = {
loginShellInit = ''
if [ -z $DISPLAY ] && [ $UID != 0 ] && [ "$(tty)" = "/dev/tty1" ]; then
exec sway
fi
'';
systemPackages = with pkgs; [
xdg-desktop-portal-wlr
sway
swaylock
swayidle
slurp
grim
bemenu
lxqt.lxqt-openssh-askpass
clinfo
waybar
glib
];
};
programs = {
sway = {
enable = true;
extraSessionCommands = ''
export MOZ_ENABLE_WAYLAND="1"
export MOZ_WEBRENDER="1"
export WLR_RENDERER="vulkan"
export XDG_SESSION_TYPE="wayland"
export GTK_THEME="Arc"
export _JAVA_AWT_WM_NONREPARENTING="1"
'';
};
ssh.enableAskPassword = true;
ssh.askPassword =
"${pkgs.lxqt.lxqt-openssh-askpass}/bin/lxqt-openssh-askpass";
};
xdg.portal = {
enable = true;
wlr.enable = true;
extraPortals = [ pkgs.xdg-desktop-portal-gtk ];
};
home-manager.users.${user}.imports = [
../wm/sway/home.nix
../wm/waybar.nix # sway uses waybar for the bar
];
})
# ── KDE Plasma ─────────────────────────────────────────────────────────
(lib.mkIf (cfg.windowManager == "kde") {
environment.systemPackages = with pkgs; [
kdePackages.discover
maliit-keyboard
maliit-framework
kdePackages.ksshaskpass
];
programs.ssh = {
enableAskPassword = true;
askPassword = lib.mkDefault "${pkgs.kdePackages.ksshaskpass}/bin/ksshaskpass";
};
services = {
packagekit.enable = true;
desktopManager.plasma6.enable = true;
udev.packages = with pkgs; [ gnome-settings-daemon ];
};
qt.platformTheme = "kde";
home-manager.users.${user}.imports = [ ../wm/kde/home.nix ];
})
# ── Virtualisation (podman/docker-compat + qemu/libvirt) ───────────────
(lib.mkIf cfg.virtualisation.enable {
users.groups = {
docker.members = [ user ];
libvirtd.members = [ "root" user ];
};
virtualisation = {
podman = {
enable = true;
autoPrune.enable = true;
dockerCompat = true;
};
libvirtd = {
enable = true;
onShutdown = "shutdown";
qemu.runAsRoot = false;
};
spiceUSBRedirection.enable = true;
};
environment.systemPackages = with pkgs; [
virt-manager
virt-viewer
qemu
OVMF
OVMF-cloud-hypervisor
gvfs
cloud-hypervisor
];
})
# ── KVM AMD ──────────────────────────────────────────────────────────
(lib.mkIf (cfg.virtualisation.enable && cfg.cpu == "amd") {
boot.extraModprobeConfig = ''
options kvm_amd nested=0 avic=1 npt=1
'';
})
# ── KVM Intel ────────────────────────────────────────────────────────
(lib.mkIf (cfg.virtualisation.enable && cfg.cpu == "intel") {
boot.extraModprobeConfig = ''
options kvm_intel nested=1
options kvm_intel emulate_invalid_guest_state=0
options kvm ignore_nsrs=1
'';
})
# ── Syncthing ──────────────────────────────────────────────────────────
(lib.mkIf cfg.syncthing.enable {
services.syncthing = {
enable = true;
group = "users";
user = user;
dataDir = "/home/${user}/Sync";
configDir = "/home/${user}/.config/syncthing";
overrideDevices = true;
overrideFolders = true;
openDefaultPorts = true;
settings = {
devices = cfg.syncthing.devices;
folders = cfg.syncthing.folders;
};
};
})
# ── OpenRGB ────────────────────────────────────────────────────────────
(lib.mkIf cfg.openrgb.enable {
services.hardware.openrgb = {
enable = true;
motherboard = cfg.openrgb.motherboard;
};
})
# ── Laptop ─────────────────────────────────────────────────────────────
(lib.mkIf cfg.laptop.enable {
systemd.sleep.extraConfig =
"HibernateDelaySec=${cfg.laptop.hibernateDelaySec}";
services.logind.settings.Login.HandleLidSwitch =
cfg.laptop.lidSwitch;
})
# ── Nitrokey ───────────────────────────────────────────────────────────
(lib.mkIf cfg.nitrokey.enable {
hardware.nitrokey.enable = true;
})
];
}

2
modules/editors/nvim/default.nix
View File

@@ -17,6 +17,8 @@
vimAlias = true; vimAlias = true;
vimdiffAlias = true; vimdiffAlias = true;
withNodeJs = true; withNodeJs = true;
withRuby = true;
withPython3 = true;
# plugins = with pkgs.vimPlugins; [ # plugins = with pkgs.vimPlugins; [
# #

28
modules/programs/alacritty.nix
View File

@@ -1,28 +0,0 @@
#
# Terminal Emulator
#
# Hardcoded as terminal for rofi and doom emacs
{ pkgs, ... }:
{
home.packages = [ pkgs.alacritty ];
programs = {
alacritty = {
enable = true;
#settings = {
# env.term = "screen-256color";
# font = rec { # Font - Laptop has size manually changed at home.nix
# #normal.family = "FiraCode Nerd Font";
# normal.family = "Cascadia Code";
# #normal.family = "Intel One Mono";
# #bold = { style = "Bold"; };
# # size = 8;
# };
#};
};
};
}

18
modules/programs/default.nix
View File

@@ -1,21 +1,3 @@
#
# Apps
#
# flake.nix
# ├─ ./hosts
# │ └─ home.nix
# └─ ./modules
# └─ ./apps
# └─ default.nix *
# └─ ...
#
[ [
# ./alacritty.nix
# ./rofi.nix
./firefox.nix ./firefox.nix
#./waybar.nix
#./games.nix
] ]
# Waybar.nix is pulled from modules/wm/..
# Games.nix is pulled from desktop/default.nix

3
modules/programs/firefox.nix
View File

@@ -3,7 +3,7 @@
# #
{ pkgs, ... }: { pkgs, config, ... }:
{ {
@@ -12,6 +12,7 @@
programs = { programs = {
firefox = { firefox = {
enable = true; enable = true;
configPath = "${config.xdg.configHome}/mozilla/firefox";
#package = pkgs.wrapFirefox pkgs.firefox-unwrapped { #package = pkgs.wrapFirefox pkgs.firefox-unwrapped {
#forceWayland = true; #forceWayland = true;
# extraPolicies = { # extraPolicies = {

119
modules/programs/rofi.nix
View File

@@ -1,119 +0,0 @@
#
# System Menu
#
{ config, lib, pkgs, ... }:
let
inherit (config.lib.formats.rasi) mkLiteral; # Theme.rasi alternative. Add Theme here
colors = import ../themes/colors.nix;
in
{
programs = {
rofi = {
enable = true;
terminal = "${pkgs.alacritty}/bin/alacritty"; # Alacritty is default terminal emulator
location = "center";
theme = with colors.scheme.doom; {
"*" = {
bg0 = mkLiteral "#${bg}";
bg1 = mkLiteral "#414868";
fg0 = mkLiteral "#${text}";
fg1 = mkLiteral "#${text-alt}";
background-color = mkLiteral "transparent";
text-color = mkLiteral "@fg0";
margin = 0;
padding = 0;
spacing = 0;
};
"element-icon, element-text, scrollbar" = {
cursor = mkLiteral "pointer";
};
"window" = {
location = mkLiteral "northwest";
width = mkLiteral "280px";
x-offset = mkLiteral "8px";
y-offset = mkLiteral "24px";
background-color = mkLiteral "@bg0";
border = mkLiteral "1px";
border-color = mkLiteral "@bg1";
border-radius = mkLiteral "6px";
};
"inputbar" = {
spacing = mkLiteral "8px";
padding = mkLiteral "4px 8px";
children = mkLiteral "[ icon-search, entry ]";
#background-color = mkLiteral "@bg0";
background-color = mkLiteral "@bg0";
};
"icon-search, entry, element-icon, element-text" = {
vertical-align = mkLiteral "0.5";
};
"icon-search" = {
expand = false;
filename = mkLiteral "[ search-symbolic ]";
size = mkLiteral "14px";
};
"textbox" = {
padding = mkLiteral "4px 8px";
background-color = mkLiteral "@bg0";
};
"listview" = {
padding = mkLiteral "4px 0px";
lines = 12;
columns = 1;
scrollbar = true;
fixed-height = false;
dynamic = true;
};
"element" = {
padding = mkLiteral "4px 8px";
spacing = mkLiteral "8px";
};
"element normal urgent" = {
text-color = mkLiteral "@fg1";
};
"element normal active" = {
text-color = mkLiteral "@fg1";
};
"element selected" = {
text-color = mkLiteral "@bg0"; #1
background-color = mkLiteral "@fg1";
};
"element selected urgent" = {
background-color = mkLiteral "@fg1";
};
"element-icon" = {
size = mkLiteral "0.8em";
};
"element-text" = {
text-color = mkLiteral "inherit";
};
"scrollbar" = {
handle-width = mkLiteral "4px";
handle-color = mkLiteral "@fg1";
padding = mkLiteral "0 4px";
};
};
};
};
}

151
modules/server/default.nix Normal file
View File

@@ -0,0 +1,151 @@
#
# Server module — import this instead of configuration_server.nix + manual virtualisation imports.
#
# Usage in hosts/<hostname>/default.nix:
#
# imports = [
# ./hardware-configuration.nix
# ../../modules/server
# ];
#
# myServer.virtualisation.enable = true;
# myServer.virtualisation.cpu = "amd"; # amd | intel | none (default)
#
# myServer.sshPort = 2220; # default
# myServer.fail2ban.enable = true;
#
# myServer.extraSystemPackages = with pkgs; [ some-tool ];
#
{ config, lib, pkgs, user, ... }:
let
cfg = config.myServer;
in
{
# ── Options ──────────────────────────────────────────────────────────────
options.myServer = with lib; {
uid = mkOption {
type = types.int;
default = 3000;
description = "UID for the server user.";
};
sshPort = mkOption {
type = types.port;
default = 2220;
description = "Port openssh listens on.";
};
sudoRequiresPassword = mkOption {
type = types.bool;
default = true;
description = "Whether wheel users must enter a password for sudo.";
};
autoUpgrade.enable = mkOption {
type = types.bool;
default = true;
description = "Enable automatic NixOS upgrades (inherits flake URL from configuration_common.nix).";
};
virtualisation = {
enable = mkEnableOption "container/VM stack (podman with docker-compat, KVM tuning)";
cpu = mkOption {
type = types.enum [ "amd" "intel" "none" ];
default = "none";
description = "CPU type selects KVM kernel parameters when virtualisation is enabled.";
};
};
extraGroups = mkOption {
type = types.listOf types.str;
default = [];
description = "Additional groups for the server user beyond the defaults.";
};
extraSystemPackages = mkOption {
type = types.listOf types.package;
default = [];
description = "Additional system packages specific to this host.";
};
fail2ban = {
enable = mkEnableOption "fail2ban intrusion prevention";
};
};
# ── Configuration ────────────────────────────────────────────────────────
config = lib.mkMerge [
# ── Base server config ────────────────────────────────────────────────
{
users.users.${user} = {
isNormalUser = true;
uid = cfg.uid;
extraGroups = [ "wheel" "networkmanager" "kvm" "libvirtd" ] ++ cfg.extraGroups;
};
security.sudo.wheelNeedsPassword = cfg.sudoRequiresPassword;
environment.systemPackages = with pkgs; [
ffmpeg
smartmontools
htop
] ++ cfg.extraSystemPackages;
services.openssh = {
ports = [ cfg.sshPort ];
openFirewall = true;
};
nix.extraOptions = ''
keep-outputs = true
keep-derivations = true
'';
system.autoUpgrade.enable = cfg.autoUpgrade.enable;
}
# ── Virtualisation (podman/docker-compat) ─────────────────────────────
(lib.mkIf cfg.virtualisation.enable {
virtualisation.podman = {
enable = true;
autoPrune.enable = true;
dockerCompat = true;
};
users.groups.docker.members = [ user ];
})
# ── KVM AMD ─────────────────────────────────────────────────────────
(lib.mkIf (cfg.virtualisation.enable && cfg.virtualisation.cpu == "amd") {
boot.extraModprobeConfig = ''
options kvm_amd nested=0 avic=1 npt=1
'';
})
# ── KVM Intel ───────────────────────────────────────────────────────
(lib.mkIf (cfg.virtualisation.enable && cfg.virtualisation.cpu == "intel") {
boot.extraModprobeConfig = ''
options kvm_intel nested=1
options kvm_intel emulate_invalid_guest_state=0
options kvm ignore_nsrs=1
'';
})
# ── Fail2ban ──────────────────────────────────────────────────────────
(lib.mkIf cfg.fail2ban.enable {
services.fail2ban = {
enable = true;
maxretry = 5;
jails.DEFAULT.settings.findtime = "15m";
};
})
];
}

23
modules/services/default.nix
View File

@@ -1,26 +1,3 @@
#
# Services
#
# flake.nix
# ├─ ./hosts
# │ └─ home.nix
# └─ ./modules
# └─ ./services
# └─ default.nix *
# └─ ...
#
[ [
#./dunst.nix
#./flameshot.nix
#./picom.nix
#./polybar.nix
#./sxhkd.nix
#./udiskie.nix
#./redshift.nix
#./kanshi.nix
./keyring.nix ./keyring.nix
] ]
# picom, polybar and sxhkd are pulled from desktop module
# redshift temporarely disables

2
modules/services/dmz/microvm.nix
View File

@@ -84,6 +84,7 @@ in
persistence."/persist" = { persistence."/persist" = {
directories = [ directories = [
"/var/log" "/var/log"
"/var/lib/nixos"
"/var/lib/private" "/var/lib/private"
]; ];
@@ -95,6 +96,7 @@ in
microvm = { microvm = {
hypervisor = "cloud-hypervisor"; hypervisor = "cloud-hypervisor";
vsock.cid = 3;
vcpu = 4; vcpu = 4;
mem = 4096; mem = 4096;
interfaces = [ interfaces = [

76
modules/services/dunst.nix
View File

@@ -1,76 +0,0 @@
#
# System notifications
#
{ config, lib, pkgs, ... }:
let
colors = import ../themes/colors.nix; # Import colors theme
dunst-volume-notification = pkgs.writeShellScriptBin "volume-notify" ''
if [ "$(pulsemixer --get-mute)" = "0" ]; then dunstify -u low -r 1 " 🔊 $(pulsemixer --get-volume | awk '{print $1}')%"
else dunstify -u low -r 1 "🔈 Muted"; fi
'';
dunst-brightness-notification = pkgs.writeShellScriptBin "brightness-notify" ''
dunstify -u low -r 1 " $(light -G)%"
'';
in
{
cmds.notifications.volume = "volume-notify";
cmds.notifications.brightness = "brightness-notify";
home.packages = [
dunst-volume-notification
dunst-brightness-notification
pkgs.libnotify
];
services.dunst = {
enable = true;
settings = {
global = {
monitor = 0;
follow = "keyboard";
indicate_hidden = "yes";
shrink = true;
transparency = 0;
origin = "top-center";
offset = "0x20";
seperator_height = 0;
padding = 12;
horizontal_padding = 20;
frame_width = 4;
seperator_color = "auto";
font = "${config.theme.font}";
markup = "full";
format = "<span foreground='#b3cfa7'><b>%s</b>%p</span>\n%b";
alignment = "center";
show_age_threshold = 60;
word_wrap = "yes";
ellipsize = "middle";
ignore_newline = "no";
stack_duplicates = true;
hide_duplicate_count = true;
show_indicators = "yes";
icon_position = "off";
sticky_history = "yes";
history_length = 20;
always_run_script = true;
browser = "/usr/bin/xdg-open";
corner_radius = 12;
force_xinerama = false;
mouse_left_click = "close_current";
mouse_middle_click = "do_action";
mouse_right_click = "close_all";
progress_bar_min_width = "200";
enable_recursive_icon_lookup = true;
};
urgency_low.timeout = 4;
urgency_normal.timeout = 8;
urgency_critical.timeout = 0;
};
};
xdg.dataFile."dbus-1/services/org.knopwob.dunst.service".source = "${pkgs.dunst}/share/dbus-1/services/org.knopwob.dunst.service";
}

22
modules/services/flameshot.nix
View File

@@ -1,22 +0,0 @@
#
# Screenshots
#
{ pkgs, user, ... }:
{
services = { # sxhkd shortcut = Printscreen button (Print)
flameshot = {
enable = true;
settings = {
General = { # Settings
savePath = "/home/${user}/";
saveAsFileExtension = ".png";
uiColor = "#2d0096";
showHelp = "false";
disabledTrayIcon = "true"; # Hide from systray
};
};
};
};
}

1
modules/services/kabtopci/microvm.nix
View File

@@ -84,6 +84,7 @@ in
persistence."/persist" = { persistence."/persist" = {
directories = [ directories = [
"/var/log" "/var/log"
"/var/lib/nixos"
"/var/lib/private" "/var/lib/private"
]; ];

40
modules/services/kanshi.nix
View File

@@ -1,40 +0,0 @@
#
# System notifications
#
{ config, lib, pkgs, ... }:
{
services.kanshi = {
enable = true;
settings = [
{
profile = {
name = "undocked";
outputs = [
{ criteria = "eDP-1"; status = "enable"; mode = "1920x1080"; position = "0,0"; }
];
};
}
{
profile = {
name = "docked_c";
outputs = [
{ criteria = "eDP-1"; status = "enable"; mode = "1920x1080"; position = "0,0"; scale = 1.5; }
{ criteria = "DP-1"; status = "enable"; mode = "2560x1080"; position = "1920,0"; }
];
};
}
{
profile = {
name = "docked_triple";
outputs = [
{ criteria = "eDP-1"; status = "disable"; mode = "1920x1080"; position = "4480,0"; }
{ criteria = "HDMI-A-1"; status = "enable"; mode = "1920x1080"; position = "0,0"; }
{ criteria = "DP-1"; status = "enable"; mode = "2560x1080"; position = "1920,0"; }
];
};
}
];
};
}

20
modules/services/server/mealie.nix
View File

@@ -1,18 +1,15 @@
{ config, pkgs, pkgs-unstable, ... }: { config, pkgs, ... }:
{ {
services.mealie = { services.mealie = {
enable = true; enable = true;
#package = pkgs-unstable.mealie;
listenAddress = "127.0.0.1"; listenAddress = "127.0.0.1";
credentialsFile = config.age.secrets."services/mealie/credentialsFile".path; credentialsFile = config.age.secrets."services/mealie/credentialsFile".path;
settings = { settings = {
ALLOW_SIGNUP = "false"; ALLOW_SIGNUP = "false";
DB_ENGINE = "postgres"; DB_ENGINE = "postgres";
TZ = "Europe/Berlin"; TZ = "Europe/Berlin";
PGID = "911";
PUID = "911";
}; };
}; };
@@ -27,21 +24,6 @@
}; };
}; };
users = {
users = {
mealie = {
uid = 911;
group = "mealie";
isSystemUser = true;
};
};
groups = {
mealie = {
gid = 911;
};
};
};
age.secrets."services/mealie/credentialsFile" = { age.secrets."services/mealie/credentialsFile" = {
file = ../../../secrets/services/mealie/credentialsFile.age; file = ../../../secrets/services/mealie/credentialsFile.age;
owner = "mealie"; owner = "mealie";

1
modules/services/server/microvm.nix
View File

@@ -84,6 +84,7 @@ in
persistence."/persist" = { persistence."/persist" = {
directories = [ directories = [
"/var/log" "/var/log"
"/var/lib/nixos"
"/var/lib/private" "/var/lib/private"
]; ];

15
modules/services/udiskie.nix
View File

@@ -1,15 +0,0 @@
#
# Mounting tool
#
{ config, lib, pkgs, ... }:
{
services = {
udiskie = { # Udiskie wil automatically mount storage devices
enable = true;
automount = true;
tray = "auto"; # Will only show up in systray when active
};
};
}

4
modules/shell/git.nix
View File

@@ -1,7 +1,7 @@
# #
# Git # Git
# #
{ user, ... }: { lib, user, ... }:
{ {
programs = { programs = {
@@ -17,7 +17,7 @@
}; };
signing = { signing = {
format = "ssh"; format = "ssh";
key = "/home/${user}/.ssh/id_ed25519_sk_rk_red"; key = lib.mkDefault "/home/${user}/.ssh/id_ed25519_sk_rk_red";
signByDefault = true; signByDefault = true;
}; };
}; };

48
modules/shell/themes/colors.nix
View File

@@ -1,48 +0,0 @@
#
# System themes
#
{
scheme = {
doom = {
scheme = "Doom One Dark";
black = "000000";
red = "ff6c6b";
orange = "da8548";
yellow = "ecbe7b";
green = "95be65";
teal = "4db5bd";
blue = "6eaafb";
dark-blue = "2257a0";
magenta = "c678dd";
violet = "a9a1e1";
cyan = "6cdcf7";
dark-cyan = "5699af";
emphasis = "50536b";
text = "dfdfdf";
text-alt = "b2b2b2";
fg = "abb2bf";
bg = "282c34";
};
dracula = {
scheme = "Dracula";
base00 = "282936"; #background
base01 = "3a3c4e";
base02 = "4d4f68";
base03 = "626483";
base04 = "62d6e8";
base05 = "e9e9f4"; #foreground
base06 = "f1f2f8";
base07 = "f7f7fb";
base08 = "ea51b2";
base09 = "b45bcf";
base0A = "00f769";
base0B = "ebff87";
base0C = "a1efe4";
base0D = "62d6e8";
base0E = "b45bcf";
base0F = "00f769";
};
};
}

48
modules/themes/colors.nix
View File

@@ -1,48 +0,0 @@
#
# System themes
#
{
scheme = {
doom = {
scheme = "Doom One Dark";
black = "000000";
red = "ff6c6b";
orange = "da8548";
yellow = "ecbe7b";
green = "95be65";
teal = "4db5bd";
blue = "6eaafb";
dark-blue = "2257a0";
magenta = "c678dd";
violet = "a9a1e1";
cyan = "6cdcf7";
dark-cyan = "5699af";
emphasis = "50536b";
text = "dfdfdf";
text-alt = "b2b2b2";
fg = "abb2bf";
bg = "282c34";
};
dracula = {
scheme = "Dracula";
base00 = "282936"; #background
base01 = "3a3c4e";
base02 = "4d4f68";
base03 = "626483";
base04 = "62d6e8";
base05 = "e9e9f4"; #foreground
base06 = "f1f2f8";
base07 = "f7f7fb";
base08 = "ea51b2";
base09 = "b45bcf";
base0A = "00f769";
base0B = "ebff87";
base0C = "a1efe4";
base0D = "62d6e8";
base0E = "b45bcf";
base0F = "00f769";
};
};
}

18
modules/wm/default.nix
View File

@@ -1,16 +1,16 @@
{ pkgs, lib, config, ... }: { pkgs, lib, config, ... }:
with lib;
{ {
# NOTE: Dynamic imports based on option values are not supported in NixOS modules.
# To conditionally load a WM, either import all WM modules and use mkIf in each,
# or select the WM module directly in the host configuration.
imports = [];
options = { options = {
desktop = { desktop = {
wm = lib.mkOption { type = types.str; default = "sway"; }; wm = mkOption { type = types.str; default = "sway"; };
taskbar = lib.mkOption { type = types.str; default = "waybar"; }; taskbar = mkOption { type = types.str; default = "waybar"; };
launcher = lib.mkOption { type = types.str; default = "bemenu"; }; launcher = mkOption { type = types.str; default = "bemenu"; };
}; };
}; };
config = {
imports =
(import ./ + (desktop.wm)) ++
};
} }

48
modules/wm/gnome/default.nix
View File

@@ -1,48 +0,0 @@
#
# Gnome configuration
#
# flake.nix
# ├─ ./hosts
# │ └─ ./laptop
# │ └─ default.nix
# └─ ./modules
# └─ ./desktop
# └─ ./gnome
# └─ default.nix *
#
{ config, lib, user, pkgs, ... }:
{
hardware.pulseaudio.enable = lib.mkForce false;
environment.systemPackages = with pkgs; [
gnome.gnome-terminal
gnomeExtensions.dash-to-dock
gnomeExtensions.appindicator
rocmPackages.clr.icd
rocmPackages.clr
clinfo
];
services = {
xserver = {
enable = true;
desktopManager.gnome.enable = true;
displayManager = {
gdm.wayland = true;
gdm.enable = true;
gdm.autoLogin.delay = 5;
gdm.settings = {
security = {
DisallowTCP=true;
};
};
defaultSession = "steam-wayland";
autoLogin.enable = true;
autoLogin.user = "kabbone";
};
};
#flatpak.enable = true;
udev.packages = with pkgs; [ gnome.gnome-settings-daemon ];
};
}

53
modules/wm/gnome/home.nix
View File

@@ -1,53 +0,0 @@
#
# Gnome NixOS & Home manager configuration
#
# flake.nix
# ├─ ./hosts
# │ └─ ./steamdeck
# │ └─ home.nix
# └─ ./modules
# └─ ./desktop
# └─ ./gnome
# └─ home.nix *
#
{ config, lib, pkgs, ... }:
{
dconf.settings = {
# Enable on-screen keyboard
"org/gnome/desktop/a11y/applications" = {
screen-keyboard-enabled = true;
};
"org/gnome/shell" = {
enabled-extensions = [
"dash-to-dock@micxgx.gmail.com"
];
favorite-apps = [
"firefox.desktop"
"thunderbird.desktop"
"element-desktop.desktop"
"keepassxc"
"yubioath-flutter.desktop"
"alacritty.desktop"
];
};
# Dash to Dock settings for a better touch screen experience
"org/gnome/shell/extensions/dash-to-dock" = {
background-opacity = 0.80000000000000004;
custom-theme-shrink = true;
dash-max-icon-size = 48;
dock-fixed = true;
dock-position = "LEFT";
extend-height = true;
height-fraction = 0.60999999999999999;
hot-keys = false;
preferred-monitor = -2;
preferred-monitor-by-connector = "eDP-1";
scroll-to-focused-application = true;
show-apps-at-top = true;
show-mounts = true;
show-show-apps-button = true;
show-trash = false;
};
};
}

65
modules/wm/hyprland/default.nix
View File

@@ -1,65 +0,0 @@
#
# Sway configuration
#
# flake.nix
# ├─ ./hosts
# │ └─ ./laptop
# │ └─ default.nix
# └─ ./modules
# └─ ./desktop
# └─ ./hyprland
# └─ hyprland.nix *
#
{ config, lib, user, pkgs, ... }:
{
imports = [ ../../programs/waybar.nix ];
hardware.opengl = {
enable = true;
};
environment = {
loginShellInit = ''
if [ -z $DISPLAY ] && [ $UID != 0 ] && [ "$(tty)" = "/dev/tty1" ]; then
exec Hyprland
fi
''; # Will automatically open sway when logged into tty1
variables = {
MOZ_ENABLE_WAYLAND = "1";
MOZ_WEBRENDER = "1";
MOZ_USE_XINPUT2 = "2";
MOZ_DBUS_REMOTE = "1";
#GDK_BACKEND = "wayland";
LIBVA_DRIVER_NAME = "iHD";
VDPAU_DRIVER = "iHD";
XDG_SESSION_TYPE = "wayland";
XDG_CURRENT_DESKTOP = "Unity";
#QT_QPA_PLATFORMTHEME = "wayland-egl";
GST_VAAPI_ALL_DRIVERS = "1";
GTK_THEME = "Arc";
_JAVA_AWT_WM_NONREPARENTING = "1";
#LIBCL_ALWAYS_SOFTWARE = "1"; # For applications in VM like alacritty to work
#WLR_NO_HARDWARE_CURSORS = "1"; # For cursor in VM
};
systemPackages = with pkgs; [
xdg-desktop-portal-wlr
swaylock
swayidle
slurp
grim
];
};
programs = {
hyprland.enable = true;
};
security.pam.services.swaylock = {};
xdg.portal = { # Required for flatpak with windowmanagers
#enable = true;
wlr.enable = true;
};
}

144
modules/wm/hyprland/home.nix
View File

@@ -1,144 +0,0 @@
#
# Hyprland NixOS & Home manager configuration
#
# flake.nix
# ├─ ./hosts
# │ └─ ./laptop
# │ └─ home.nix
# └─ ./modules
# └─ ./desktop
# └─ ./hyprland
# └─ home.nix *
#
{ config, lib, pkgs, ... }:
{
home.file = {
".config/hypr/hyprland.conf".text = ''
monitor=eDP-1,1920x1080@60,0x0,1
# monitor=HDMI-A-2,1920x1080@60,1920x0,1
# monitor=HDMI-A-1,1280x1028@60,3840x0,1
workspace=eDP-1,1
# workspace=HDMI-A-2,2
# workspace=HDMI-A-1,3
general {
main_mod=SUPER
border_size=4
gaps_in=5
gaps_out=7
col.active_border=0x80ffffff
col.inactive_border=0x66333333
damage_tracking=full # leave it on full unless you hate your GPU and want to make it suffer
layout=dwindle
}
decoration {
rounding=5
multisample_edges=true
active_opacity=1
inactive_opacity=1
fullscreen_opacity=1
blur=false
drop_shadow=false
blur_new_optimizations=true
}
animations {
enabled=true
}
misc {
no_vfr=false
}
input {
kb_layout=us
follow_mouse=1
repeat_delay=250
numlock_by_default=0
force_no_accel=1
sensitivity=0
touchpad {
disable_while_typing=1
natural_scroll=0
}
}
dwindle {
pseudotile=0
}
bind=SUPER,Return,exec,${pkgs.alacritty}/bin/alacritty
bind=SUPER,Q,killactive,
bind=SUPER,Escape,exit,
bind=SUPER,E,exec,${pkgs.pcmanfm}/bin/pcmanfm
bind=SUPER,H,togglefloating,
bind=SUPER,Space,exec,${pkgs.rofi}/bin/rofi -show drun
bind=SUPER,P,pseudo,
bind=SUPER,F,fullscreen,
bind=SUPER,left,movefocus,l
bind=SUPER,right,movefocus,r
bind=SUPER,up,movefocus,u
bind=SUPER,down,movefocus,d
bind=ALT,1,workspace,1
bind=ALT,2,workspace,2
bind=ALT,3,workspace,3
bind=ALT,4,workspace,4
bind=ALT,5,workspace,5
bind=ALT,6,workspace,6
bind=ALT,7,workspace,7
bind=ALT,8,workspace,8
bind=ALT,9,workspace,9
bind=ALT,0,workspace,10
bind=ALT,right,workspace,+1
bind=ALT,left,workspace,-1
bind=ALTSHIFT,1,movetoworkspace,1
bind=ALTSHIFT,2,movetoworkspace,2
bind=ALTSHIFT,3,movetoworkspace,3
bind=ALTSHIFT,4,movetoworkspace,4
bind=ALTSHIFT,5,movetoworkspace,5
bind=ALTSHIFT,6,movetoworkspace,6
bind=ALTSHIFT,7,movetoworkspace,7
bind=ALTSHIFT,8,movetoworkspace,8
bind=ALTSHIFT,9,movetoworkspace,9
bind=ALTSHIFT,0,movetoworkspace,10
bind=ALTSHIFT,right,movetoworkspace,+1
bind=ALTSHIFT,left,movetoworkspace,-1
bind=CTRL,right,resizeactive,20 0
bind=CTRL,left,resizeactive,-20 0
bind=CTRL,up,resizeactive,0 -20
bind=CTRL,down,resizeactive,0 20
bind=,print,exec,${pkgs.flameshot}/bin/flameshot gui
bind=,XF86AudioLowerVolume,exec,${pkgs.pamixer}/bin/pamixer -d 10
bind=,XF86AudioRaiseVolume,exec,${pkgs.pamixer}/bin/pamixer -i 10
bind=,XF86AudioMute,exec,${pkgs.pamixer}/bin/pamixer -t
bind=,XF86AudioMicMute,exec,${pkgs.pamixer}/bin/pamixer --default-source -t
bind=,XF86MonBrightnessDown,exec,${pkgs.light}/bin/light -U 5
bind=,XF86MonBrightnessUP,exec,${pkgs.light}/bin/light -A 5
windowrule=float,^(Rofi)$
windowrule=float,title:^(Picture-in-Picture)$
windowrule=float,title:^(Volume Control)$
exec-once=${pkgs.swaybg}/bin/swaybg -m center -i $HOME/.config/wall
exec-once=${pkgs.waybar}/bin/waybar
exec-once=${pkgs.blueman}/bin/blueman-applet
exec-once=${pkgs.swayidle}/bin/swayidle -w timeout 600 "${pkgs.swaylock}/bin/swaylock -f" timeout 300 "${pkgs.hyprland}/bin/hyprctl dispatch dpms off" resume "${pkgs.hyprland}/bin/hyprctl dispatch dpms on" before-sleep "${pkgs.swaylock}/bin/swaylock -f"
exec-once=dbus-update-activation-environment --systemd WAYLAND_DISPLAY XDG_CURRENT_DESKTOP
exec-once=systemctl --user import-environment WAYLAND_DISPLAY XDG_CURRENT_DESKTOP
'';
};
programs.swaylock.settings = {
color = "000000";
image = "$HOME/.config/lockwall";
indicator-caps-lock = true;
show-keyboard-layout = true;
};
services.swayidle = {
enable = false;
events = [
{ event = "before-sleep"; command = "${pkgs.swaylock}/bin/swaylock"; }
{ event = "lock"; command = "${pkgs.swaylock}/bin/swaylock -fF"; }
{ event = "after-resume"; command = "${pkgs.hyprland}/bin/hyprctl dispatch dpms on"; }
];
timeouts = [
{ timeout = 300; command = "${pkgs.swaylock}/bin/swaylock -fF"; }
{ timeout = 600; command = "${pkgs.hyprland}/bin/hyprctl dispatch dpms off"; }
];
};
}

57
modules/wm/kde/default.nix
View File

@@ -1,57 +0,0 @@
#
# Gnome configuration
#
# flake.nix
# ├─ ./hosts
# │ └─ ./laptop
# │ └─ default.nix
# └─ ./modules
# └─ ./desktop
# └─ ./gnome
# └─ default.nix *
#
{ config, lib, user, pkgs, ... }:
{
environment.systemPackages = with pkgs; [
# rocmPackages.clr.icd
# rocmPackages.clr
# clinfo
kdePackages.discover
maliit-keyboard
maliit-framework
kdePackages.ksshaskpass
];
programs = {
ssh.enableAskPassword = true;
ssh.askPassword = lib.mkDefault "${pkgs.kdePackages.ksshaskpass}/bin/ksshaskpass";
};
services = {
packagekit.enable = true;
desktopManager.plasma6.enable = true;
# xserver = {
# enable = true;
# desktopManager.plasma5.enable = true;
# displayManager = {
# gdm.wayland = true;
# gdm.enable = true;
# gdm.autoLogin.delay = 5;
# gdm.settings = {
# security = {
# DisallowTCP=true;
# };
# };
# defaultSession = "steam-wayland";
# autoLogin.enable = true;
# autoLogin.user = "kabbone";
# };
# };
#flatpak.enable = true;
udev.packages = with pkgs; [ gnome-settings-daemon ];
};
qt.platformTheme = "kde";
}

283
modules/wm/niri/binds/default.kdl Normal file
View File

@@ -0,0 +1,283 @@
binds {
// Keys consist of modifiers separated by + signs, followed by an XKB key name
// in the end. To find an XKB name for a particular key, you may use a program
// like wev.
//
// "Mod" is a special modifier equal to Super when running on a TTY, and to Alt
// when running as a winit window.
//
// Most actions that you can bind here can also be invoked programmatically with
// `niri msg action do-something`.
// Mod-Shift-/, which is usually the same as Mod-?,
// shows a list of important hotkeys.
Mod+Shift+Slash { show-hotkey-overlay; }
// Suggested binds for running programs: terminal, app launcher, screen locker.
Mod+Return hotkey-overlay-title="Open a Terminal: alacritty" { spawn "alacritty"; }
Mod+D hotkey-overlay-title="Run an Application: fuzzel" { spawn "fuzzel"; }
XF86AudioPlay allow-when-locked=true { spawn-sh "playerctl play-pause"; }
XF86AudioStop allow-when-locked=true { spawn-sh "playerctl stop"; }
XF86AudioPrev allow-when-locked=true { spawn-sh "playerctl previous"; }
XF86AudioNext allow-when-locked=true { spawn-sh "playerctl next"; }
Mod+Alt+L { spawn-sh "noctalia-shell ipc call lockScreen lock"; }
XF86AudioLowerVolume allow-when-locked=true { spawn-sh "noctalia-shell ipc call volume decrease"; }
XF86AudioRaiseVolume allow-when-locked=true { spawn-sh "noctalia-shell ipc call volume increase"; }
XF86MonBrightnessUp allow-when-locked=true { spawn-sh "noctalia-shell ipc call brightness increase"; }
XF86MonBrightnessDown allow-when-locked=true { spawn-sh "noctalia-shell ipc call brightness decrease"; }
XF86AudioMute allow-when-locked=true { spawn-sh "noctalia-shell ipc call volume muteOutput"; }
XF86AudioMicMute allow-when-locked=true { spawn-sh "noctalia-shell ipc call volume muteInput"; }
// Open/close the Overview: a zoomed-out view of workspaces and windows.
// You can also move the mouse into the top-left hot corner,
// or do a four-finger swipe up on a touchpad.
Mod+O repeat=false { toggle-overview; }
Mod+Q repeat=false { close-window; }
Mod+Left { focus-column-left; }
Mod+Down { focus-window-down; }
Mod+Up { focus-window-up; }
Mod+Right { focus-column-right; }
Mod+H { focus-column-left; }
Mod+J { focus-window-down; }
Mod+K { focus-window-up; }
Mod+L { focus-column-right; }
// colemak-dh
Mod+M { focus-column-left; }
Mod+N { focus-window-down; }
Mod+E { focus-window-up; }
Mod+I { focus-column-right; }
Mod+Ctrl+Left { move-column-left; }
Mod+Ctrl+Down { move-window-down; }
Mod+Ctrl+Up { move-window-up; }
Mod+Ctrl+Right { move-column-right; }
Mod+Ctrl+H { move-column-left; }
Mod+Ctrl+J { move-window-down; }
Mod+Ctrl+K { move-window-up; }
Mod+Ctrl+L { move-column-right; }
// colemak-dh
Mod+Ctrl+M { move-column-left; }
Mod+Ctrl+N { move-window-down; }
Mod+Ctrl+E { move-window-up; }
Mod+Ctrl+I { move-column-right; }
// Alternative commands that move across workspaces when reaching
// the first or last window in a column.
// Mod+J { focus-window-or-workspace-down; }
// Mod+K { focus-window-or-workspace-up; }
// Mod+Ctrl+J { move-window-down-or-to-workspace-down; }
// Mod+Ctrl+K { move-window-up-or-to-workspace-up; }
Mod+Home { focus-column-first; }
Mod+End { focus-column-last; }
Mod+Ctrl+Home { move-column-to-first; }
Mod+Ctrl+End { move-column-to-last; }
Mod+Shift+Left { focus-monitor-left; }
Mod+Shift+Down { focus-monitor-down; }
Mod+Shift+Up { focus-monitor-up; }
Mod+Shift+Right { focus-monitor-right; }
Mod+Shift+H { focus-monitor-left; }
Mod+Shift+J { focus-monitor-down; }
Mod+Shift+K { focus-monitor-up; }
Mod+Shift+L { focus-monitor-right; }
//colemak-dh
Mod+Shift+M { focus-monitor-left; }
Mod+Shift+N { focus-monitor-down; }
Mod+Shift+I { focus-monitor-up; }
Mod+Shift+O { focus-monitor-right; }
Mod+Shift+Ctrl+Left { move-column-to-monitor-left; }
Mod+Shift+Ctrl+Down { move-column-to-monitor-down; }
Mod+Shift+Ctrl+Up { move-column-to-monitor-up; }
Mod+Shift+Ctrl+Right { move-column-to-monitor-right; }
Mod+Shift+Ctrl+H { move-column-to-monitor-left; }
Mod+Shift+Ctrl+J { move-column-to-monitor-down; }
Mod+Shift+Ctrl+K { move-column-to-monitor-up; }
Mod+Shift+Ctrl+L { move-column-to-monitor-right; }
// colemak-dh
Mod+Shift+Ctrl+M { move-column-to-monitor-left; }
Mod+Shift+Ctrl+N { move-column-to-monitor-down; }
Mod+Shift+Ctrl+E { move-column-to-monitor-up; }
Mod+Shift+Ctrl+I { move-column-to-monitor-right; }
// Alternatively, there are commands to move just a single window:
// Mod+Shift+Ctrl+Left { move-window-to-monitor-left; }
// ...
// And you can also move a whole workspace to another monitor:
// Mod+Shift+Ctrl+Left { move-workspace-to-monitor-left; }
// ...
Mod+Page_Down { focus-workspace-down; }
Mod+Page_Up { focus-workspace-up; }
Mod+U { focus-workspace-down; }
//Mod+I { focus-workspace-up; }
Mod+Ctrl+Page_Down { move-column-to-workspace-down; }
Mod+Ctrl+Page_Up { move-column-to-workspace-up; }
Mod+Ctrl+U { move-column-to-workspace-down; }
//Mod+Ctrl+I { move-column-to-workspace-up; }
// Alternatively, there are commands to move just a single window:
// Mod+Ctrl+Page_Down { move-window-to-workspace-down; }
// ...
Mod+Shift+Page_Down { move-workspace-down; }
Mod+Shift+Page_Up { move-workspace-up; }
Mod+Shift+U { move-workspace-down; }
//Mod+Shift+I { move-workspace-up; }
// You can bind mouse wheel scroll ticks using the following syntax.
// These binds will change direction based on the natural-scroll setting.
//
// To avoid scrolling through workspaces really fast, you can use
// the cooldown-ms property. The bind will be rate-limited to this value.
// You can set a cooldown on any bind, but it's most useful for the wheel.
Mod+WheelScrollDown cooldown-ms=150 { focus-workspace-down; }
Mod+WheelScrollUp cooldown-ms=150 { focus-workspace-up; }
Mod+Ctrl+WheelScrollDown cooldown-ms=150 { move-column-to-workspace-down; }
Mod+Ctrl+WheelScrollUp cooldown-ms=150 { move-column-to-workspace-up; }
Mod+WheelScrollRight { focus-column-right; }
Mod+WheelScrollLeft { focus-column-left; }
Mod+Ctrl+WheelScrollRight { move-column-right; }
Mod+Ctrl+WheelScrollLeft { move-column-left; }
// Usually scrolling up and down with Shift in applications results in
// horizontal scrolling; these binds replicate that.
Mod+Shift+WheelScrollDown { focus-column-right; }
Mod+Shift+WheelScrollUp { focus-column-left; }
Mod+Ctrl+Shift+WheelScrollDown { move-column-right; }
Mod+Ctrl+Shift+WheelScrollUp { move-column-left; }
// Similarly, you can bind touchpad scroll "ticks".
// Touchpad scrolling is continuous, so for these binds it is split into
// discrete intervals.
// These binds are also affected by touchpad's natural-scroll, so these
// example binds are "inverted", since we have natural-scroll enabled for
// touchpads by default.
// Mod+TouchpadScrollDown { spawn-sh "wpctl set-volume @DEFAULT_AUDIO_SINK@ 0.02+"; }
// Mod+TouchpadScrollUp { spawn-sh "wpctl set-volume @DEFAULT_AUDIO_SINK@ 0.02-"; }
// You can refer to workspaces by index. However, keep in mind that
// niri is a dynamic workspace system, so these commands are kind of
// "best effort". Trying to refer to a workspace index bigger than
// the current workspace count will instead refer to the bottommost
// (empty) workspace.
//
// For example, with 2 workspaces + 1 empty, indices 3, 4, 5 and so on
// will all refer to the 3rd workspace.
Mod+1 { focus-workspace "browser"; }
Mod+2 { focus-workspace "chat"; }
Mod+3 { focus-workspace "terminal"; }
Mod+4 { focus-workspace 4; }
Mod+5 { focus-workspace 5; }
Mod+6 { focus-workspace 6; }
Mod+7 { focus-workspace 7; }
Mod+8 { focus-workspace 8; }
Mod+9 { focus-workspace 9; }
Mod+Ctrl+1 { move-column-to-workspace "browser"; }
Mod+Ctrl+2 { move-column-to-workspace "chat"; }
Mod+Ctrl+3 { move-column-to-workspace "terminal"; }
Mod+Ctrl+4 { move-column-to-workspace 4; }
Mod+Ctrl+5 { move-column-to-workspace 5; }
Mod+Ctrl+6 { move-column-to-workspace 6; }
Mod+Ctrl+7 { move-column-to-workspace 7; }
Mod+Ctrl+8 { move-column-to-workspace 8; }
Mod+Ctrl+9 { move-column-to-workspace 9; }
// Alternatively, there are commands to move just a single window:
// Mod+Ctrl+1 { move-window-to-workspace 1; }
// Switches focus between the current and the previous workspace.
// Mod+Tab { focus-workspace-previous; }
// The following binds move the focused window in and out of a column.
// If the window is alone, they will consume it into the nearby column to the side.
// If the window is already in a column, they will expel it out.
Mod+BracketLeft { consume-or-expel-window-left; }
Mod+BracketRight { consume-or-expel-window-right; }
// Consume one window from the right to the bottom of the focused column.
Mod+Comma { consume-window-into-column; }
// Expel the bottom window from the focused column to the right.
Mod+Period { expel-window-from-column; }
Mod+R { switch-preset-column-width; }
// Cycling through the presets in reverse order is also possible.
// Mod+R { switch-preset-column-width-back; }
Mod+Shift+R { switch-preset-window-height; }
Mod+Ctrl+R { reset-window-height; }
Mod+F { maximize-column; }
Mod+Shift+F { fullscreen-window; }
// Expand the focused column to space not taken up by other fully visible columns.
// Makes the column "fill the rest of the space".
Mod+Ctrl+F { expand-column-to-available-width; }
Mod+C { center-column; }
// Center all fully visible columns on screen.
Mod+Ctrl+C { center-visible-columns; }
// Finer width adjustments.
// This command can also:
// * set width in pixels: "1000"
// * adjust width in pixels: "-5" or "+5"
// * set width as a percentage of screen width: "25%"
// * adjust width as a percentage of screen width: "-10%" or "+10%"
// Pixel sizes use logical, or scaled, pixels. I.e. on an output with scale 2.0,
// set-column-width "100" will make the column occupy 200 physical screen pixels.
Mod+Minus { set-column-width "-10%"; }
Mod+Equal { set-column-width "+10%"; }
// Finer height adjustments when in column with other windows.
Mod+Shift+Minus { set-window-height "-10%"; }
Mod+Shift+Equal { set-window-height "+10%"; }
// Move the focused window between the floating and the tiling layout.
Mod+V { toggle-window-floating; }
Mod+Shift+V { switch-focus-between-floating-and-tiling; }
// Toggle tabbed column display mode.
// Windows in this column will appear as vertical tabs,
// rather than stacked on top of each other.
Mod+W { toggle-column-tabbed-display; }
// Actions to switch layouts.
// Note: if you uncomment these, make sure you do NOT have
// a matching layout switch hotkey configured in xkb options above.
// Having both at once on the same hotkey will break the switching,
// since it will switch twice upon pressing the hotkey (once by xkb, once by niri).
// Mod+Space { switch-layout "next"; }
// Mod+Shift+Space { switch-layout "prev"; }
Print { screenshot; }
Ctrl+Print { screenshot-screen; }
Alt+Print { screenshot-window; }
// Applications such as remote-desktop clients and software KVM switches may
// request that niri stops processing the keyboard shortcuts defined here
// so they may, for example, forward the key presses as-is to a remote machine.
// It's a good idea to bind an escape hatch to toggle the inhibitor,
// so a buggy application can't hold your session hostage.
//
// The allow-inhibiting=false property can be applied to other binds as well,
// which ensures niri always processes them, even when an inhibitor is active.
Mod+Escape allow-inhibiting=false { toggle-keyboard-shortcuts-inhibit; }
// The quit action will show a confirmation dialog to avoid accidental exits.
Mod+Shift+E { quit; }
Ctrl+Alt+Delete { quit; }
// Powers off the monitors. To turn them back on, do any input like
// moving the mouse or pressing any other key.
Mod+Shift+P { power-off-monitors; }
}

235
modules/wm/niri/binds/lifebook.kdl Normal file
View File

@@ -0,0 +1,235 @@
// Lifebook-specific hotkey variant.
// Customize this file for the Lifebook's keyboard layout differences.
// The default binds are in binds/default.kdl.
binds {
// Keys consist of modifiers separated by + signs, followed by an XKB key name
// in the end. To find an XKB name for a particular key, you may use a program
// like wev.
//
// "Mod" is a special modifier equal to Super when running on a TTY, and to Alt
// when running as a winit window.
//
// Most actions that you can bind here can also be invoked programmatically with
// `niri msg action do-something`.
// Mod-Shift-/, which is usually the same as Mod-?,
// shows a list of important hotkeys.
Mod+Shift+Slash { show-hotkey-overlay; }
// Suggested binds for running programs: terminal, app launcher, screen locker.
Mod+Return hotkey-overlay-title="Open a Terminal: alacritty" { spawn "alacritty"; }
Mod+D hotkey-overlay-title="Run an Application: fuzzel" { spawn "fuzzel"; }
XF86AudioPlay allow-when-locked=true { spawn-sh "playerctl play-pause"; }
XF86AudioStop allow-when-locked=true { spawn-sh "playerctl stop"; }
XF86AudioPrev allow-when-locked=true { spawn-sh "playerctl previous"; }
XF86AudioNext allow-when-locked=true { spawn-sh "playerctl next"; }
Mod+Alt+L { spawn-sh "noctalia-shell ipc call lockScreen lock"; }
XF86AudioLowerVolume allow-when-locked=true { spawn-sh "noctalia-shell ipc call volume decrease"; }
XF86AudioRaiseVolume allow-when-locked=true { spawn-sh "noctalia-shell ipc call volume increase"; }
XF86MonBrightnessUp allow-when-locked=true { spawn-sh "noctalia-shell ipc call brightness increase"; }
XF86MonBrightnessDown allow-when-locked=true { spawn-sh "noctalia-shell ipc call brightness decrease"; }
XF86AudioMute allow-when-locked=true { spawn-sh "noctalia-shell ipc call volume muteOutput"; }
XF86AudioMicMute allow-when-locked=true { spawn-sh "noctalia-shell ipc call volume muteInput"; }
// Open/close the Overview: a zoomed-out view of workspaces and windows.
// You can also move the mouse into the top-left hot corner,
// or do a four-finger swipe up on a touchpad.
Mod+O repeat=false { toggle-overview; }
Mod+Q repeat=false { close-window; }
Mod+Left { focus-column-left; }
Mod+Down { focus-window-down; }
Mod+Up { focus-window-up; }
Mod+Right { focus-column-right; }
Mod+H { focus-column-left; }
Mod+J { focus-window-down; }
Mod+K { focus-window-up; }
Mod+L { focus-column-right; }
// colemak-dh
Mod+M { focus-column-left; }
Mod+N { focus-window-down; }
Mod+E { focus-window-up; }
Mod+I { focus-column-right; }
Mod+Ctrl+Left { move-column-left; }
Mod+Ctrl+Down { move-window-down; }
Mod+Ctrl+Up { move-window-up; }
Mod+Ctrl+Right { move-column-right; }
Mod+Ctrl+H { move-column-left; }
Mod+Ctrl+J { move-window-down; }
Mod+Ctrl+K { move-window-up; }
Mod+Ctrl+L { move-column-right; }
// colemak-dh
Mod+Ctrl+M { move-column-left; }
Mod+Ctrl+N { move-window-down; }
Mod+Ctrl+E { move-window-up; }
Mod+Ctrl+I { move-column-right; }
// Alternative commands that move across workspaces when reaching
// the first or last window in a column.
// Mod+J { focus-window-or-workspace-down; }
// Mod+K { focus-window-or-workspace-up; }
// Mod+Ctrl+J { move-window-down-or-to-workspace-down; }
// Mod+Ctrl+K { move-window-up-or-to-workspace-up; }
Mod+Home { focus-column-first; }
Mod+End { focus-column-last; }
Mod+Ctrl+Home { move-column-to-first; }
Mod+Ctrl+End { move-column-to-last; }
Mod+Shift+Left { focus-monitor-left; }
Mod+Shift+Down { focus-monitor-down; }
Mod+Shift+Up { focus-monitor-up; }
Mod+Shift+Right { focus-monitor-right; }
Mod+Shift+H { focus-monitor-left; }
Mod+Shift+J { focus-monitor-down; }
Mod+Shift+K { focus-monitor-up; }
Mod+Shift+L { focus-monitor-right; }
//colemak-dh
Mod+Shift+M { focus-monitor-left; }
Mod+Shift+N { focus-monitor-down; }
Mod+Shift+I { focus-monitor-up; }
Mod+Shift+O { focus-monitor-right; }
Mod+Shift+Ctrl+Left { move-column-to-monitor-left; }
Mod+Shift+Ctrl+Down { move-column-to-monitor-down; }
Mod+Shift+Ctrl+Up { move-column-to-monitor-up; }
Mod+Shift+Ctrl+Right { move-column-to-monitor-right; }
Mod+Shift+Ctrl+H { move-column-to-monitor-left; }
Mod+Shift+Ctrl+J { move-column-to-monitor-down; }
Mod+Shift+Ctrl+K { move-column-to-monitor-up; }
Mod+Shift+Ctrl+L { move-column-to-monitor-right; }
// colemak-dh
Mod+Shift+Ctrl+M { move-column-to-monitor-left; }
Mod+Shift+Ctrl+N { move-column-to-monitor-down; }
Mod+Shift+Ctrl+E { move-column-to-monitor-up; }
Mod+Shift+Ctrl+I { move-column-to-monitor-right; }
// Alternatively, there are commands to move just a single window:
// Mod+Shift+Ctrl+Left { move-window-to-monitor-left; }
// ...
// And you can also move a whole workspace to another monitor:
// Mod+Shift+Ctrl+Left { move-workspace-to-monitor-left; }
// ...
Mod+Page_Down { focus-workspace-down; }
Mod+Page_Up { focus-workspace-up; }
Mod+U { focus-workspace-down; }
//Mod+I { focus-workspace-up; }
Mod+Ctrl+Page_Down { move-column-to-workspace-down; }
Mod+Ctrl+Page_Up { move-column-to-workspace-up; }
Mod+Ctrl+U { move-column-to-workspace-down; }
//Mod+Ctrl+I { move-column-to-workspace-up; }
// Alternatively, there are commands to move just a single window:
// Mod+Ctrl+Page_Down { move-window-to-workspace-down; }
// ...
Mod+Shift+Page_Down { move-workspace-down; }
Mod+Shift+Page_Up { move-workspace-up; }
Mod+Shift+U { move-workspace-down; }
//Mod+Shift+I { move-workspace-up; }
Mod+WheelScrollDown cooldown-ms=150 { focus-workspace-down; }
Mod+WheelScrollUp cooldown-ms=150 { focus-workspace-up; }
Mod+Ctrl+WheelScrollDown cooldown-ms=150 { move-column-to-workspace-down; }
Mod+Ctrl+WheelScrollUp cooldown-ms=150 { move-column-to-workspace-up; }
Mod+WheelScrollRight { focus-column-right; }
Mod+WheelScrollLeft { focus-column-left; }
Mod+Ctrl+WheelScrollRight { move-column-right; }
Mod+Ctrl+WheelScrollLeft { move-column-left; }
Mod+Shift+WheelScrollDown { focus-column-right; }
Mod+Shift+WheelScrollUp { focus-column-left; }
Mod+Ctrl+Shift+WheelScrollDown { move-column-right; }
Mod+Ctrl+Shift+WheelScrollUp { move-column-left; }
Mod+1 { focus-workspace "browser"; }
Mod+2 { focus-workspace "chat"; }
Mod+3 { focus-workspace "terminal"; }
Mod+4 { focus-workspace 4; }
Mod+5 { focus-workspace 5; }
Mod+6 { focus-workspace 6; }
Mod+7 { focus-workspace 7; }
Mod+8 { focus-workspace 8; }
Mod+9 { focus-workspace 9; }
Mod+Ctrl+1 { move-column-to-workspace "browser"; }
Mod+Ctrl+2 { move-column-to-workspace "chat"; }
Mod+Ctrl+3 { move-column-to-workspace "terminal"; }
Mod+Ctrl+4 { move-column-to-workspace 4; }
Mod+Ctrl+5 { move-column-to-workspace 5; }
Mod+Ctrl+6 { move-column-to-workspace 6; }
Mod+Ctrl+7 { move-column-to-workspace 7; }
Mod+Ctrl+8 { move-column-to-workspace 8; }
Mod+Ctrl+9 { move-column-to-workspace 9; }
// Alternatively, there are commands to move just a single window:
// Mod+Ctrl+1 { move-window-to-workspace 1; }
// Switches focus between the current and the previous workspace.
// Mod+Tab { focus-workspace-previous; }
// The following binds move the focused window in and out of a column.
// If the window is alone, they will consume it into the nearby column to the side.
// If the window is already in a column, they will expel it out.
Mod+BracketLeft { consume-or-expel-window-left; }
Mod+BracketRight { consume-or-expel-window-right; }
// Consume one window from the right to the bottom of the focused column.
Mod+Comma { consume-window-into-column; }
// Expel the bottom window from the focused column to the right.
Mod+Period { expel-window-from-column; }
Mod+R { switch-preset-column-width; }
// Cycling through the presets in reverse order is also possible.
// Mod+R { switch-preset-column-width-back; }
Mod+Shift+R { switch-preset-window-height; }
Mod+Ctrl+R { reset-window-height; }
Mod+F { maximize-column; }
Mod+Shift+F { fullscreen-window; }
// Expand the focused column to space not taken up by other fully visible columns.
// Makes the column "fill the rest of the space".
Mod+Ctrl+F { expand-column-to-available-width; }
Mod+C { center-column; }
// Center all fully visible columns on screen.
Mod+Ctrl+C { center-visible-columns; }
Mod+Minus { set-column-width "-10%"; }
Mod+Equal { set-column-width "+10%"; }
Mod+Shift+Minus { set-window-height "-10%"; }
Mod+Shift+Equal { set-window-height "+10%"; }
// Move the focused window between the floating and the tiling layout.
Mod+V { toggle-window-floating; }
Mod+Shift+V { switch-focus-between-floating-and-tiling; }
// Toggle tabbed column display mode.
Mod+W { toggle-column-tabbed-display; }
Print { screenshot; }
Ctrl+Print { screenshot-screen; }
Alt+Print { screenshot-window; }
Mod+Escape allow-inhibiting=false { toggle-keyboard-shortcuts-inhibit; }
// The quit action will show a confirmation dialog to avoid accidental exits.
Mod+Shift+E { quit; }
Ctrl+Alt+Delete { quit; }
// Powers off the monitors. To turn them back on, do any input like
// moving the mouse or pressing any other key.
Mod+Shift+P { power-off-monitors; }
}

284
modules/wm/niri/config.kdl
View File

@@ -407,287 +407,5 @@ window-rule {
clip-to-geometry true clip-to-geometry true
} }
binds { include "./binds.kdl"
// Keys consist of modifiers separated by + signs, followed by an XKB key name
// in the end. To find an XKB name for a particular key, you may use a program
// like wev.
//
// "Mod" is a special modifier equal to Super when running on a TTY, and to Alt
// when running as a winit window.
//
// Most actions that you can bind here can also be invoked programmatically with
// `niri msg action do-something`.
// Mod-Shift-/, which is usually the same as Mod-?,
// shows a list of important hotkeys.
Mod+Shift+Slash { show-hotkey-overlay; }
// Suggested binds for running programs: terminal, app launcher, screen locker.
Mod+Return hotkey-overlay-title="Open a Terminal: alacritty" { spawn "alacritty"; }
Mod+D hotkey-overlay-title="Run an Application: fuzzel" { spawn "fuzzel"; }
XF86AudioPlay allow-when-locked=true { spawn-sh "playerctl play-pause"; }
XF86AudioStop allow-when-locked=true { spawn-sh "playerctl stop"; }
XF86AudioPrev allow-when-locked=true { spawn-sh "playerctl previous"; }
XF86AudioNext allow-when-locked=true { spawn-sh "playerctl next"; }
Mod+Alt+L { spawn-sh "noctalia-shell ipc call lockScreen lock"; }
XF86AudioLowerVolume allow-when-locked=true { spawn-sh "noctalia-shell ipc call volume decrease"; }
XF86AudioRaiseVolume allow-when-locked=true { spawn-sh "noctalia-shell ipc call volume increase"; }
XF86MonBrightnessUp allow-when-locked=true { spawn-sh "noctalia-shell ipc call brightness increase"; }
XF86MonBrightnessDown allow-when-locked=true { spawn-sh "noctalia-shell ipc call brightness decrease"; }
XF86AudioMute allow-when-locked=true { spawn-sh "noctalia-shell ipc call volume muteOutput"; }
XF86AudioMicMute allow-when-locked=true { spawn-sh "noctalia-shell ipc call volume muteInput"; }
// Open/close the Overview: a zoomed-out view of workspaces and windows.
// You can also move the mouse into the top-left hot corner,
// or do a four-finger swipe up on a touchpad.
Mod+O repeat=false { toggle-overview; }
Mod+Q repeat=false { close-window; }
Mod+Left { focus-column-left; }
Mod+Down { focus-window-down; }
Mod+Up { focus-window-up; }
Mod+Right { focus-column-right; }
Mod+H { focus-column-left; }
Mod+J { focus-window-down; }
Mod+K { focus-window-up; }
Mod+L { focus-column-right; }
// colemak-dh
Mod+M { focus-column-left; }
Mod+N { focus-window-down; }
Mod+E { focus-window-up; }
Mod+I { focus-column-right; }
Mod+Ctrl+Left { move-column-left; }
Mod+Ctrl+Down { move-window-down; }
Mod+Ctrl+Up { move-window-up; }
Mod+Ctrl+Right { move-column-right; }
Mod+Ctrl+H { move-column-left; }
Mod+Ctrl+J { move-window-down; }
Mod+Ctrl+K { move-window-up; }
Mod+Ctrl+L { move-column-right; }
// colemak-dh
Mod+Ctrl+M { move-column-left; }
Mod+Ctrl+N { move-window-down; }
Mod+Ctrl+E { move-window-up; }
Mod+Ctrl+I { move-column-right; }
// Alternative commands that move across workspaces when reaching
// the first or last window in a column.
// Mod+J { focus-window-or-workspace-down; }
// Mod+K { focus-window-or-workspace-up; }
// Mod+Ctrl+J { move-window-down-or-to-workspace-down; }
// Mod+Ctrl+K { move-window-up-or-to-workspace-up; }
Mod+Home { focus-column-first; }
Mod+End { focus-column-last; }
Mod+Ctrl+Home { move-column-to-first; }
Mod+Ctrl+End { move-column-to-last; }
Mod+Shift+Left { focus-monitor-left; }
Mod+Shift+Down { focus-monitor-down; }
Mod+Shift+Up { focus-monitor-up; }
Mod+Shift+Right { focus-monitor-right; }
Mod+Shift+H { focus-monitor-left; }
Mod+Shift+J { focus-monitor-down; }
Mod+Shift+K { focus-monitor-up; }
Mod+Shift+L { focus-monitor-right; }
//colemak-dh
Mod+Shift+M { focus-monitor-left; }
Mod+Shift+N { focus-monitor-down; }
Mod+Shift+I { focus-monitor-up; }
Mod+Shift+O { focus-monitor-right; }
Mod+Shift+Ctrl+Left { move-column-to-monitor-left; }
Mod+Shift+Ctrl+Down { move-column-to-monitor-down; }
Mod+Shift+Ctrl+Up { move-column-to-monitor-up; }
Mod+Shift+Ctrl+Right { move-column-to-monitor-right; }
Mod+Shift+Ctrl+H { move-column-to-monitor-left; }
Mod+Shift+Ctrl+J { move-column-to-monitor-down; }
Mod+Shift+Ctrl+K { move-column-to-monitor-up; }
Mod+Shift+Ctrl+L { move-column-to-monitor-right; }
// colemak-dh
Mod+Shift+Ctrl+M { move-column-to-monitor-left; }
Mod+Shift+Ctrl+N { move-column-to-monitor-down; }
Mod+Shift+Ctrl+E { move-column-to-monitor-up; }
Mod+Shift+Ctrl+I { move-column-to-monitor-right; }
// Alternatively, there are commands to move just a single window:
// Mod+Shift+Ctrl+Left { move-window-to-monitor-left; }
// ...
// And you can also move a whole workspace to another monitor:
// Mod+Shift+Ctrl+Left { move-workspace-to-monitor-left; }
// ...
Mod+Page_Down { focus-workspace-down; }
Mod+Page_Up { focus-workspace-up; }
Mod+U { focus-workspace-down; }
//Mod+I { focus-workspace-up; }
Mod+Ctrl+Page_Down { move-column-to-workspace-down; }
Mod+Ctrl+Page_Up { move-column-to-workspace-up; }
Mod+Ctrl+U { move-column-to-workspace-down; }
//Mod+Ctrl+I { move-column-to-workspace-up; }
// Alternatively, there are commands to move just a single window:
// Mod+Ctrl+Page_Down { move-window-to-workspace-down; }
// ...
Mod+Shift+Page_Down { move-workspace-down; }
Mod+Shift+Page_Up { move-workspace-up; }
Mod+Shift+U { move-workspace-down; }
//Mod+Shift+I { move-workspace-up; }
// You can bind mouse wheel scroll ticks using the following syntax.
// These binds will change direction based on the natural-scroll setting.
//
// To avoid scrolling through workspaces really fast, you can use
// the cooldown-ms property. The bind will be rate-limited to this value.
// You can set a cooldown on any bind, but it's most useful for the wheel.
Mod+WheelScrollDown cooldown-ms=150 { focus-workspace-down; }
Mod+WheelScrollUp cooldown-ms=150 { focus-workspace-up; }
Mod+Ctrl+WheelScrollDown cooldown-ms=150 { move-column-to-workspace-down; }
Mod+Ctrl+WheelScrollUp cooldown-ms=150 { move-column-to-workspace-up; }
Mod+WheelScrollRight { focus-column-right; }
Mod+WheelScrollLeft { focus-column-left; }
Mod+Ctrl+WheelScrollRight { move-column-right; }
Mod+Ctrl+WheelScrollLeft { move-column-left; }
// Usually scrolling up and down with Shift in applications results in
// horizontal scrolling; these binds replicate that.
Mod+Shift+WheelScrollDown { focus-column-right; }
Mod+Shift+WheelScrollUp { focus-column-left; }
Mod+Ctrl+Shift+WheelScrollDown { move-column-right; }
Mod+Ctrl+Shift+WheelScrollUp { move-column-left; }
// Similarly, you can bind touchpad scroll "ticks".
// Touchpad scrolling is continuous, so for these binds it is split into
// discrete intervals.
// These binds are also affected by touchpad's natural-scroll, so these
// example binds are "inverted", since we have natural-scroll enabled for
// touchpads by default.
// Mod+TouchpadScrollDown { spawn-sh "wpctl set-volume @DEFAULT_AUDIO_SINK@ 0.02+"; }
// Mod+TouchpadScrollUp { spawn-sh "wpctl set-volume @DEFAULT_AUDIO_SINK@ 0.02-"; }
// You can refer to workspaces by index. However, keep in mind that
// niri is a dynamic workspace system, so these commands are kind of
// "best effort". Trying to refer to a workspace index bigger than
// the current workspace count will instead refer to the bottommost
// (empty) workspace.
//
// For example, with 2 workspaces + 1 empty, indices 3, 4, 5 and so on
// will all refer to the 3rd workspace.
Mod+1 { focus-workspace "browser"; }
Mod+2 { focus-workspace "chat"; }
Mod+3 { focus-workspace "terminal"; }
Mod+4 { focus-workspace 4; }
Mod+5 { focus-workspace 5; }
Mod+6 { focus-workspace 6; }
Mod+7 { focus-workspace 7; }
Mod+8 { focus-workspace 8; }
Mod+9 { focus-workspace 9; }
Mod+Ctrl+1 { move-column-to-workspace "browser"; }
Mod+Ctrl+2 { move-column-to-workspace "chat"; }
Mod+Ctrl+3 { move-column-to-workspace "terminal"; }
Mod+Ctrl+4 { move-column-to-workspace 4; }
Mod+Ctrl+5 { move-column-to-workspace 5; }
Mod+Ctrl+6 { move-column-to-workspace 6; }
Mod+Ctrl+7 { move-column-to-workspace 7; }
Mod+Ctrl+8 { move-column-to-workspace 8; }
Mod+Ctrl+9 { move-column-to-workspace 9; }
// Alternatively, there are commands to move just a single window:
// Mod+Ctrl+1 { move-window-to-workspace 1; }
// Switches focus between the current and the previous workspace.
// Mod+Tab { focus-workspace-previous; }
// The following binds move the focused window in and out of a column.
// If the window is alone, they will consume it into the nearby column to the side.
// If the window is already in a column, they will expel it out.
Mod+BracketLeft { consume-or-expel-window-left; }
Mod+BracketRight { consume-or-expel-window-right; }
// Consume one window from the right to the bottom of the focused column.
Mod+Comma { consume-window-into-column; }
// Expel the bottom window from the focused column to the right.
Mod+Period { expel-window-from-column; }
Mod+R { switch-preset-column-width; }
// Cycling through the presets in reverse order is also possible.
// Mod+R { switch-preset-column-width-back; }
Mod+Shift+R { switch-preset-window-height; }
Mod+Ctrl+R { reset-window-height; }
Mod+F { maximize-column; }
Mod+Shift+F { fullscreen-window; }
// Expand the focused column to space not taken up by other fully visible columns.
// Makes the column "fill the rest of the space".
Mod+Ctrl+F { expand-column-to-available-width; }
Mod+C { center-column; }
// Center all fully visible columns on screen.
Mod+Ctrl+C { center-visible-columns; }
// Finer width adjustments.
// This command can also:
// * set width in pixels: "1000"
// * adjust width in pixels: "-5" or "+5"
// * set width as a percentage of screen width: "25%"
// * adjust width as a percentage of screen width: "-10%" or "+10%"
// Pixel sizes use logical, or scaled, pixels. I.e. on an output with scale 2.0,
// set-column-width "100" will make the column occupy 200 physical screen pixels.
Mod+Minus { set-column-width "-10%"; }
Mod+Equal { set-column-width "+10%"; }
// Finer height adjustments when in column with other windows.
Mod+Shift+Minus { set-window-height "-10%"; }
Mod+Shift+Equal { set-window-height "+10%"; }
// Move the focused window between the floating and the tiling layout.
Mod+V { toggle-window-floating; }
Mod+Shift+V { switch-focus-between-floating-and-tiling; }
// Toggle tabbed column display mode.
// Windows in this column will appear as vertical tabs,
// rather than stacked on top of each other.
Mod+W { toggle-column-tabbed-display; }
// Actions to switch layouts.
// Note: if you uncomment these, make sure you do NOT have
// a matching layout switch hotkey configured in xkb options above.
// Having both at once on the same hotkey will break the switching,
// since it will switch twice upon pressing the hotkey (once by xkb, once by niri).
// Mod+Space { switch-layout "next"; }
// Mod+Shift+Space { switch-layout "prev"; }
Print { screenshot; }
Ctrl+Print { screenshot-screen; }
Alt+Print { screenshot-window; }
// Applications such as remote-desktop clients and software KVM switches may
// request that niri stops processing the keyboard shortcuts defined here
// so they may, for example, forward the key presses as-is to a remote machine.
// It's a good idea to bind an escape hatch to toggle the inhibitor,
// so a buggy application can't hold your session hostage.
//
// The allow-inhibiting=false property can be applied to other binds as well,
// which ensures niri always processes them, even when an inhibitor is active.
Mod+Escape allow-inhibiting=false { toggle-keyboard-shortcuts-inhibit; }
// The quit action will show a confirmation dialog to avoid accidental exits.
Mod+Shift+E { quit; }
Ctrl+Alt+Delete { quit; }
// Powers off the monitors. To turn them back on, do any input like
// moving the mouse or pressing any other key.
Mod+Shift+P { power-off-monitors; }
}
include "./noctalia.kdl" include "./noctalia.kdl"

67
modules/wm/niri/default.nix
View File

@@ -1,67 +0,0 @@
#
# Sway configuration
#
# flake.nix
# ├─ ./hosts
# │ └─ ./laptop
# │ └─ default.nix
# └─ ./modules
# └─ ./desktop
# └─ ./hyprland
# └─ hyprland.nix *
#
{ config, inputs, lib, user, pkgs, ... }:
{
imports = [ ../noctalia.nix ];
environment = {
systemPackages = with pkgs; [
alacritty
xdg-desktop-portal-gnome
xdg-desktop-portal-gtk
swaylock
swayidle
slurp
grim
lxqt.lxqt-openssh-askpass
clinfo
glib
brightnessctl
playerctl
xwayland-satellite
breeze-hacked-cursor-theme
];
loginShellInit = ''
export GTK_IM_MODULE="simple"
export ELECTRON_OZONE_PLATFORM_HINT="auto"
export NIXOS_OZONE_WL="1"
export WLR_RENDERER="vulkan"
export _JAVA_AWT_WM_NONREPARENTING="1"
'';
};
services = {
iio-niri = {
enable = false;
};
greetd = {
enable = true;
useTextGreeter = true;
settings = {
default_session = {
command = "${pkgs.tuigreet}/bin/tuigreet --time --cmd niri-session";
};
};
};
};
programs = {
niri.enable = true;
ssh.enableAskPassword = true;
ssh.askPassword = "${pkgs.lxqt.lxqt-openssh-askpass}/bin/lxqt-openssh-askpass";
};
security.pam.services.swaylock = {};
}

189
modules/wm/noctalia.nix
View File

@@ -1,189 +0,0 @@
#
# Bar
#
{ config, pkgs, inputs, user, ...}:
{
# install package
environment.systemPackages = with pkgs; [
pwvucontrol
# ... maybe other stuff
];
services = {
tuned.enable = true;
upower.enable = true;
};
home-manager.users.${user} = { # Home-manager waybar config
# import the home manager module
imports = [
inputs.noctalia.homeModules.default
];
services = {
mako.enable = true; # notification daemon
polkit-gnome.enable = true; # polkit
};
# configure options
programs = {
fuzzel = {
enable = true; # Super+D in the default setting (app launcher)
};
noctalia-shell = {
enable = true;
# enable the systemd service
systemd.enable = true;
settings = {
# configure noctalia here
appLauncher = {
terminalCommand = "alacritty -e";
};
bar = {
density = "compact";
position = "top";
showCapsule = false;
widgets = {
left = [
{
id = "ControlCenter";
useDistroLogo = true;
}
{
hideUnoccupied = false;
id = "Workspace";
labelMode = "index";
showApplications = true;
}
{
id = "ActiveWindow";
}
];
center = [
{
formatHorizontal = "HH:mm\\ndd-MM-yy";
formatVertical = "HH mm";
id = "Clock";
useMonospacedFont = true;
usePrimaryColor = true;
}
];
right = [
{
id = "MediaMini";
}
{
id = "SystemMonitor";
showNetworkStats = true;
compactMode = false;
}
{
id = "WiFi";
}
{
id = "Bluetooth";
}
{
id = "Battery";
displayMode = "icon-always";
hideIfNotDetected = true;
}
{
id = "Volume";
displayMode = "alwaysShow";
}
{
id = "NotificationHistory";
hideWhenZero = true;
}
{
id = "Tray";
}
];
};
};
colorSchemes.predefinedScheme = "Catppuccin";
general = {
avatarImage = "/home/kabbone/.face";
radiusRatio = 0.2;
lockOnSusepnd = true;
};
location = {
monthBeforeDay = true;
name = "Munich, Germany";
showWeekNumberInCalendar = true;
firstDayOfWeek = 0;
};
wallpaper = {
enabled = true;
overviewEnabled = false;
directory = "/home/${user}/.setup/modules/themes/";
};
brightness = {
enforceMinimum = true;
brightnessStep = 5;
};
controlCenter = {
shortcuts = {
left = [
{
id = "WiFi";
}
{
id = "Bluetooth";
}
{
id = "ScreenRecorder";
}
{
id = "PowerProfile";
}
{
id = "KeepAwake";
}
];
};
};
dock = {
enabled = false;
};
sessionMenu = {
enableCountdown = false;
};
templates = {
fuzzel = true;
alacritty = true;
qt = true;
gtk = true;
discord = true;
code = true;
telegram = true;
niri = true;
firefox = true;
};
};
};
};
home.file.".cache/noctalia/wallpapers.json" = {
text = builtins.toJSON {
defaultWallpaper = "/home/${user}/.setup/modules/themes/wall.jpg";
};
};
};
}

2
overlays/default.nix
View File

@@ -1,6 +1,6 @@
{inputs, ...}: { {inputs, ...}: {
# This one brings our custom packages from the 'pkgs' directory # This one brings our custom packages from the 'pkgs' directory
additions = final: _prev: import ../pkgs {pkgs = final;}; additions = final: _prev: import ../packages {pkgs = final;};
modifications = final: prev: { modifications = final: prev: {
mealie = final.unstable.mealie; mealie = final.unstable.mealie;

18
systemSettings.nix
View File

@@ -1,18 +0,0 @@
# options for systemsettings
{ pkgs, lib, config, ... }:
{
options = {
systemSettings.enable = lib.mkEnableOption "enables standard systemsettings";
};
config = lib.mkIf config.systemSettings.enable {
system = lib.mkDefault "x86_64-linux";
profile = lib.mkDefault "personal";
timezone = "Europe/Berlin";
locale = "en_US.UTF-8";
bootMode = lib.mkDefault "uefi";
bootMountPath = "/boot";
};
}