From 40ccc0a9e94bfe39a7363791d32ea1c0f9ee0b63 Mon Sep 17 00:00:00 2001 From: Swarsel Date: Sat, 10 Aug 2024 19:22:58 +0200 Subject: [PATCH] fix: broken links in index.html, broken link marks --- SwarselSystems.org | 9 +- index.html | 4922 ++++++++++++++++++---------------------- programs/emacs/init.el | 2 + 3 files changed, 2188 insertions(+), 2745 deletions(-) diff --git a/SwarselSystems.org b/SwarselSystems.org index 9db67f9..0b151fe 100644 --- a/SwarselSystems.org +++ b/SwarselSystems.org @@ -5848,7 +5848,6 @@ It makes sense to house these settings in their own section, since they are all The exception is the system packages, since that cannot be defined twice in the same file (common.nix). The comment is left in as a remider for that. -The rest of the gpg-agent related settings are here: [[#h:66fd578f-d4a0-4e17-bf3d-a9eb64bc7103][gpg-agent]] Also, this is a good place to setup the udev rules. #+begin_src nix :tangle profiles/common/nixos/hardwarecompatibility.nix @@ -7565,9 +7564,9 @@ Lastly, I am defining some more packages here that the parser has problems findi Again I am just using the first bar option here that I was able to find good understandable documentation for. Of note is that the `cpu` section's `format` is not defined here, but in section 1 (since not every machine has the same number of cores) -The rest of this configuration is found here: -- [[#h:47749e76-3f25-485a-9e98-c7ce3a4ad444][Waybar items - PC]] -- [[#h:f3cf9bdc-6826-4d8e-ba5a-253ef098a9b8][Waybar items - LAPTOPS]] +The rest of the related configuration is found here: +- [[#h:a9530c81-1976-442b-b597-0b4bed6baf25][Waybar]] +- [[#h:f93f66f9-6b8b-478e-b139-b2f382c1f25e][waybarupdate]] #+begin_src nix :tangle profiles/common/home/waybar.nix { config, lib, pkgs, ... }: @@ -10323,6 +10322,8 @@ It also offers a very useful utility of exporting org-mode buffers to different (push '("conf-unix" . conf-unix) org-src-lang-modes) + (setq org-export-with-broken-links mark) + #+end_src ***** old easy structure templates diff --git a/index.html b/index.html index 1900bdd..6d4af23 100644 --- a/index.html +++ b/index.html @@ -3,7 +3,7 @@ "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> - + SwarselSystems: NixOS + Emacs Configuration @@ -207,24 +207,19 @@
  • 2.1. Non-NixOS
  • 2.2. NixOS
  • 2.3. flake.nix @@ -433,7 +412,7 @@ system-configuration-options 
    ---prefix=/nix/store/6y05k2rmg7xfinnaglr0js84qi0cl7lv-emacs-pgtk-20240717.0 --disable-build-details --with-modules --with-pgtk --with-compress-install --with-toolkit-scroll-bars --with-native-compilation --without-imagemagick --with-mailutils --without-small-ja-dic --with-tree-sitter --without-xinput2 --with-xwidgets --with-dbus --with-selinux
+--prefix=/nix/store/jpzmfjay3cyza16ay1fn550l8dhdqwgm-emacs-pgtk-20240717.0 --disable-build-details --with-modules --with-pgtk --with-compress-install --with-toolkit-scroll-bars --with-native-compilation --without-imagemagick --with-mailutils --without-small-ja-dic --with-tree-sitter --without-xinput2 --with-xwidgets --with-dbus --with-selinux
    @@ -483,6 +462,10 @@ new Darkmode().showWidget(); } window.addEventListener('load', addDarkmodeWidget); + +

    +The rest of this file will now contain actual code that is used in the configuration. +

    @@ -546,7 +529,7 @@ fonts = { }; monospace = { - package = pkgs.nerdfonts.override { fonts = [ "FiraCode" ]; }; + package = pkgs.nerdfonts; # has overrides name = "FiraCode Nerd Font Mono"; }; @@ -560,141 +543,13 @@ fonts = {
    -
    -

    2.1.2. Waybar items - LAPTOPS

    -
    +
    +

    2.1.2. firefox profile

    +

    -This noweb-ref block defines some aspects of my waybar configuration. Mainly, it adds the battery module to the waybar, which is no needed on PCs. +At work I am using several services that are using SSO login - however, as I am using four different accounts at work, this becomes a chore here. Hence, I have defined multiple profiles in Work that are all practically using the same configuration. To save screen space, I template that profile here.

    -

    -The most part of this configuration is done here: Waybar -

    - -
    -
    -programs.waybar.settings.mainBar.modules-right = [
-  "custom/outer-left-arrow-dark"
-  "mpris"
-  "custom/left-arrow-light"
-  "network"
-  "custom/left-arrow-dark"
-  "pulseaudio"
-  "custom/left-arrow-light"
-  "custom/pseudobat"
-  "battery"
-  "custom/left-arrow-dark"
-  "group/hardware"
-  "custom/left-arrow-light"
-  "clock#2"
-  "custom/left-arrow-dark"
-  "clock#1"
-];
-
-
    -
    -
    -
    -
    -

    2.1.3. Waybar items - PC

    -
    -

    -As stated above, this is the waybar configuration for PCs now. Here we do not need the battery module. However, this leads to a slight problem with theming: my waybar modules alternate their background-color between black and grey. The battery module is usually on grey background. If I were to simply delete that, I would now have two modules on black background. To avoid this, I define a pseudo-module custom/pseudobat that simply shows a static image and calls wlogout on right click. This wastes a little bit of screen space, but that is a price I am willing to pay for consistency. -

    - -

    -The most part of this configuration is done here: Waybar -

    - -
    -
    -programs.waybar.settings.mainBar."custom/pseudobat" = {
-  format = "";
-  on-click-right = "wlogout -p layer-shell";
-};
-programs.waybar.settings.mainBar.modules-right = [
-  "custom/outer-left-arrow-dark"
-  "mpris"
-  "custom/left-arrow-light"
-  "network"
-  "custom/left-arrow-dark"
-  "pulseaudio"
-  "custom/left-arrow-light"
-  "custom/pseudobat"
-  "battery"
-  "custom/left-arrow-dark"
-  "group/hardware"
-  "custom/left-arrow-light"
-  "clock#2"
-  "custom/left-arrow-dark"
-  "clock#1"
-];
-
-
    -
    -
    -
    -
    -

    2.1.4. Sway Startup commands

    -
    -

    -This defines programs I want to have starting when I start the system -

    - -

    -Part of the startup is also defined in Sway. The distinction is as follows. As this configuration also needs to work on systems that are running only home manager, I probably need to run nixGL or something similar on those systems to get these graphic apps to display properly. In this section we only define such graphical programs, in the other location we only put shell applications and such. -

    - -

    -These other apps currently include: -

    -
      -
    • spotifytui
      • -
    • kitty
      • -
    - -

    -Do not that syncthingtray is also not mentioned here. It is installed as a home manager package that automatically starts at system start. -

    - -
    -
    -{ command = "nextcloud --background"; }
-{ command = "discord --start-minimized"; }
-{ command = "element-desktop --hidden  -enable-features=UseOzonePlatform -ozone-platform=wayland --disable-gpu-driver-bug-workarounds"; }
-{ command = "ANKI_WAYLAND=1 anki"; }
-{ command = "OBSIDIAN_USE_WAYLAND=1 obsidian"; }
-{ command = "nm-applet"; }
-
-
    -
    -
    -
    -
    -

    2.1.5. gpg-agent

    -
    -

    -This section holds most of the configuration needed for the gpg-agent. This allows me to use my Yubikey during normal system operation as well in Emacs (with some extra configuration here: Magit) -

    - -

    -Also, there are some more NixOS related options here: Yubikey settings -

    - -

    -I also enable the extra socket here for ssh agent forwarding. But I have not fully gotten it to work yet. -

    - -
    -
    -
-
    -
    -
    -
    -
    -

    2.1.6. firefox profile

    -
     isDefault = false;
@@ -711,6 +566,7 @@ extensions = with pkgs.nur.repos.rycee.firefox-addons; [
   reddit-enhancement-suite
   sponsorblock
   web-archives
+  onepassword-password-manager
   single-file
   widegithub
   enhanced-github
@@ -781,30 +637,8 @@ search.force = true; # this is required because otherwise the search.json.mozlz4
 These settings are to be used only on full NixOS setups.
    -
    -

    2.2.1. Wrap with hardware-configuration

    -
    -

    -This handles the automactically generated /etc/nixos/hardware-configuration.nix file that sets some hardware specific settings automatically upon creating the NixOS system. -

    - -

    -This sections used to handle more imports, but at the moment, it is now pretty useless really. -

    - -
    -
    -imports =
-  [
-    ./hardware-configuration.nix
-  ];
-
-
    -
    -
    -
    -

    2.2.2. Virtual hosts init

    +

    2.2.1. Virtual hosts init

    This sections is for common NixoS settings that I use for my NixoS LXC images that I run on Proxmox. Proxmox requires special attention to run along with NixOS in any capacity. @@ -969,6 +803,8 @@ Allows auto injection of payloads upon connecting a Nintendo Switch.

    • This provides a database for nix-index that is updated weekly. This allows for declarative management, without needing to run the nix-index command for database assembly.
  • disko disko provides declarative disk partitioning, which I use for impermanence as well as nixos-anywhere.
    • +
  • Impermanence +Some of my machines are using a btrfs filesystem that wipes the root directory on each reboot. This forces me to pay more attention in keeping my system declarative as well as helping me keeping the system uncluttered. However, it is a chore to make sure that important files are not deleted. This flake helps with this problem, allowing me to select files and directories for persisting.
    • @@ -1077,21 +913,7 @@ pkgsFor = lib.genAttrs (import systems) ( } ); -# pkgs for home-manager builds -# homepkgs = import nixpkgs { system = "x86_64-linux"; -# overlays = [ inputs.emacs-overlay.overlay -# inputs.nur.overlay -# inputs.nixgl.overlay -# (final: _prev: { -# stable = import inputs.nixpkgs-stable { -# inherit (final) system config; -# }; -# }) -# ]; -# config.allowUnfree = true; -# }; - -# # NixOS modules that can only be used on NixOS systems +# NixOS modules that can only be used on NixOS systems nixModules = [ inputs.stylix.nixosModules.stylix inputs.lanzaboote.nixosModules.lanzaboote @@ -1118,9 +940,27 @@ mixedModules = [ -
    -

    2.3.3. General (outputs)

    +
    +

    2.3.3. General (outputs)

    +

    +In this section I am creating some attributes that define general concepts of my configuration: +

    + +
      +
    • nixosModules imports self-defined options that I only want to use on NixOS systems. All modules are held as separately as possible, to allow for easier sharing with other people mostly.
      • +
    • homeManagerModules imports modules that are to be used on NixOS and non-NixOS systems. These are mostly used to define outputs (monitors), keyboards and special commands for machines.
      • +
    • packages holds packages that I am building myself. These are mostly shell scripts, but also a few others such as AppImages and firefox addons.
      • +
    • devShells provides a development shell that can be used as a bootstrap for new installs using nix develop while inside the flake directory.
      • +
    • formatter provides the formatter that is to be used on .nix files. At the moment this is not used anywhere.
      • +
    • overlays imports a few community overlays (such as the emacs-overlay) and also three overlays of my own: +
        +
      1. additions holds derivations that I am adding myself to nixpkgs - i.e. this is where the packages defined in /pkgs get added to nixpkgs.
        2. +
      2. modifications holds derivations that I have performed overrides on. The list of interesting attribute overrides can be found by looking at the source code of a derivation and looking at the start of the file for lines of the form <name> ? <val>. But this can also be used to, for example, fetch a different version of a package instead.
        3. +
      3. nixpkgs-stable holds the newest version of stable nixpkgs. I only use this on packages that seem broken on unstable, which are not many.
        4. +
      • +
    + 
     inherit lib;
@@ -1133,7 +973,6 @@ devShells = forEachSystem
   (pkgs:
     {
       default = pkgs.mkShell {
-        # Enable experimental features without having to specify the argument
         NIX_CONFIG = "experimental-features = nix-command flakes";
         nativeBuildInputs = [ pkgs.nix pkgs.home-manager pkgs.git ];
       };
@@ -1148,8 +987,6 @@ overlays = [
   inputs.nixgl.overlay
 ];
 
-
-
    @@ -1158,144 +995,130 @@ overlays = [

    2.3.4. nixosConfigurations

    -This section is the biggest pain point of the configuration. For every system, I have one of these. I know there are better ways to go about this, but I did not find the time yet to look into this further. For now, enjoy this meter-long list +This section used to be much longer, since I performed all of my imports right here in the past. Since then, I have however refactored and now my important hosts can be defined in little space. Once I have fully transitioned my server to NixOS too this section will become even smaller once more. 

     
-sandbox = nixpkgs.lib.nixosSystem {
-  specialArgs = { inherit inputs; };
-  modules = [
-    inputs.disko.nixosModules.disko
-    ./profiles/sandbox/disk-config.nix
-    inputs.sops-nix.nixosModules.sops
-    ./profiles/sandbox/nixos.nix
-  ];
-};
+  sandbox = nixpkgs.lib.nixosSystem {
+    specialArgs = { inherit inputs; };
+    modules = [
+      inputs.disko.nixosModules.disko
+      ./profiles/sandbox/disk-config.nix
+      inputs.sops-nix.nixosModules.sops
+      ./profiles/sandbox/nixos.nix
+    ];
+  };
 
-threed = nixpkgs.lib.nixosSystem {
-  specialArgs = { inherit inputs; };
-  modules = nixModules ++ [
-    inputs.lanzaboote.nixosModules.lanzaboote
-    ./profiles/threed/nixos.nix
-    inputs.home-manager.nixosModules.home-manager
-    {
-      home-manager.users.swarsel.imports = mixedModules ++ [
-        ./profiles/threed/home.nix
-      ];
-    }
-  ];
-};
+  threed = nixpkgs.lib.nixosSystem {
+    specialArgs = { inherit inputs; };
+    modules = nixModules ++ [
+      inputs.lanzaboote.nixosModules.lanzaboote
+      ./profiles/threed/nixos.nix
+      inputs.home-manager.nixosModules.home-manager
+      {
+        home-manager.users.swarsel.imports = mixedModules ++ [
+          ./profiles/threed/home.nix
+        ];
+      }
+    ];
+  };
 
-fourside = lib.nixosSystem {
-  specialArgs = { inherit inputs outputs; };
-  modules = nixModules ++ [
-    ./profiles/fourside
-  ];
-};
+  fourside = lib.nixosSystem {
+    specialArgs = { inherit inputs outputs; };
+    modules = nixModules ++ [
+      ./profiles/fourside
+    ];
+  };
 
-nbl-imba-2 = lib.nixosSystem {
-  specialArgs = { inherit inputs outputs; };
-  modules = nixModules ++ [
-    ./profiles/nbl-imba-2
-  ];
-};
-
-# winters = nixpkgs.lib.nixosSystem {
-#   specialArgs = { inherit inputs; };
-#   modules = nixModules ++ [
-#     inputs.nixos-hardware.nixosModules.framework-16-inch-7040-amd
-#     ./profiles/winters/nixos.nix
-#     inputs.home-manager.nixosModules.home-manager
-#     {
-#       home-manager.users.swarsel.imports = mixedModules ++ [
-#         ./profiles/winters/home.nix
-#       ];
-#     }
-#   ];
-# };
+  nbl-imba-2 = lib.nixosSystem {
+    specialArgs = { inherit inputs outputs; };
+    modules = nixModules ++ [
+      ./profiles/nbl-imba-2
+    ];
+  };
 
 nginx = nixpkgs.lib.nixosSystem {
-  specialArgs = { inherit inputs; };
-  modules = [
-    inputs.sops-nix.nixosModules.sops
-    ./profiles/server1/nginx/nixos.nix
-  ];
-};
+    specialArgs = { inherit inputs; };
+    modules = [
+      inputs.sops-nix.nixosModules.sops
+      ./profiles/server1/nginx/nixos.nix
+    ];
+  };
 
-calibre = nixpkgs.lib.nixosSystem {
-  specialArgs = { inherit inputs; };
-  modules = [
-    inputs.sops-nix.nixosModules.sops
-    ./profiles/server1/calibre/nixos.nix
-  ];
-};
+  calibre = nixpkgs.lib.nixosSystem {
+    specialArgs = { inherit inputs; };
+    modules = [
+      inputs.sops-nix.nixosModules.sops
+      ./profiles/server1/calibre/nixos.nix
+    ];
+  };
 
-jellyfin = nixpkgs.lib.nixosSystem {
-  specialArgs = { inherit inputs; };
-  modules = [
-    ./profiles/server1/jellyfin/nixos.nix
-  ];
-};
+  jellyfin = nixpkgs.lib.nixosSystem {
+    specialArgs = { inherit inputs; };
+    modules = [
+      ./profiles/server1/jellyfin/nixos.nix
+    ];
+  };
 
-transmission = nixpkgs.lib.nixosSystem {
-  specialArgs = { inherit inputs; };
-  modules = [
-    inputs.sops-nix.nixosModules.sops
-    ./profiles/server1/transmission/nixos.nix
-  ];
-};
+  transmission = nixpkgs.lib.nixosSystem {
+    specialArgs = { inherit inputs; };
+    modules = [
+      inputs.sops-nix.nixosModules.sops
+      ./profiles/server1/transmission/nixos.nix
+    ];
+  };
 
-matrix = nixpkgs.lib.nixosSystem {
-  specialArgs = { inherit inputs; };
-  modules = [
-    inputs.sops-nix.nixosModules.sops
-    ./profiles/server1/matrix/nixos.nix
-  ];
-};
+  matrix = nixpkgs.lib.nixosSystem {
+    specialArgs = { inherit inputs; };
+    modules = [
+      inputs.sops-nix.nixosModules.sops
+      ./profiles/server1/matrix/nixos.nix
+    ];
+  };
 
-sound = nixpkgs.lib.nixosSystem {
-  specialArgs = { inherit inputs; };
-  modules = [
-    inputs.sops-nix.nixosModules.sops
-    ./profiles/server1/sound/nixos.nix
-  ];
-};
+  sound = nixpkgs.lib.nixosSystem {
+    specialArgs = { inherit inputs; };
+    modules = [
+      inputs.sops-nix.nixosModules.sops
+      ./profiles/server1/sound/nixos.nix
+    ];
+  };
 
-spotifyd = nixpkgs.lib.nixosSystem {
-  specialArgs = { inherit inputs; };
-  modules = [
-    inputs.sops-nix.nixosModules.sops
-    ./profiles/server1/spotifyd/nixos.nix
-  ];
-};
+  spotifyd = nixpkgs.lib.nixosSystem {
+    specialArgs = { inherit inputs; };
+    modules = [
+      inputs.sops-nix.nixosModules.sops
+      ./profiles/server1/spotifyd/nixos.nix
+    ];
+  };
 
-paperless = nixpkgs.lib.nixosSystem {
-  specialArgs = { inherit inputs; };
-  modules = [
-    inputs.sops-nix.nixosModules.sops
-    ./profiles/server1/paperless/nixos.nix
-  ];
-};
+  paperless = nixpkgs.lib.nixosSystem {
+    specialArgs = { inherit inputs; };
+    modules = [
+      inputs.sops-nix.nixosModules.sops
+      ./profiles/server1/paperless/nixos.nix
+    ];
+  };
 
-#ovm swarsel
-sync = nixpkgs.lib.nixosSystem {
-  specialArgs = { inherit inputs; };
-  modules = [
-    inputs.sops-nix.nixosModules.sops
-    ./profiles/remote/oracle/sync/nixos.nix
-  ];
-};
+  #ovm swarsel
+  sync = nixpkgs.lib.nixosSystem {
+    specialArgs = { inherit inputs; };
+    modules = [
+      inputs.sops-nix.nixosModules.sops
+      ./profiles/remote/oracle/sync/nixos.nix
+    ];
+  };
 
-#ovm swarsel
-swatrix = nixpkgs.lib.nixosSystem {
-  specialArgs = { inherit inputs; };
-  modules = [
-    inputs.sops-nix.nixosModules.sops
-    ./profiles/remote/oracle/matrix/nixos.nix
-  ];
-};
+  #ovm swarsel
+  swatrix = nixpkgs.lib.nixosSystem {
+    specialArgs = { inherit inputs; };
+    modules = [
+      inputs.sops-nix.nixosModules.sops
+      ./profiles/remote/oracle/matrix/nixos.nix
+    ];
+  };
    @@ -1304,7 +1127,7 @@ swatrix = nixpkgs.lib.nixosSystem {

    2.3.5. homeConfigurations

    -In contrast, this defines home-manager systems, which I only have one of. +In contrast, this defines home-manager systems, which I only have one of, that serves as a template mostly.

    @@ -1344,7 +1167,7 @@ default = inputs.nix-on-droid.lib.nixOnDroidConfiguration {

    2.3.7. nixos-generators

    -This builds my proxmox template. It is defined as a separate output so that I can already apply some rudimentary configuration before even setting up the system. +This builds my Proxmox template. It is defined as a separate output so that I can already apply some rudimentary configuration before even setting up the system.

    @@ -1393,286 +1216,83 @@ This section mainly exists house different `configuration.nix` files for system Important: Think about if a settings really needs to go into this area - chances are that the settings can also go to the general settings, which is to be preferred in order to reduce code duplication.

    -
    -

    3.1.1. Template (for new machines)

    -
    -

    -This section holds the minimum configuration that is needed on a new host. These assume a NixOS machine (so not standalone home-manager on a non-NixOS host), as this is the setting that I will most likely use in the future now. All of these blocks need to be updated, with entries called TEMPLATE mostly needed to be filled with host-/user-specific values or other inputs. If TEMPLATE is given in a comment section, see the provided values as likely defaults. The TEMPLATE comments should afterwards be deleted for clarity. -

    - -

    -If a non-NixOS host must be used, check the Surface configuration for pointers. Most likely the waybar settings need to be adjusted, since non-NixOS (as of writing this) fails to display drawers in the waybar properly. -

    - -

    -No matter what you do, check the initial /etc/nixos/configuration.nix for notable changes that might emerge in future versions of nix. -

    -
    -
      -
    1. NixOS
      -
      -
      -
      { pkgs, ... }:
-
-{
-
-
-  imports =
-    [
-      ./hardware-configuration.nix
-    ];
-
-
-  services = {
-    getty.autologinUser = "TEMPLATE";
-    greetd.settings.initial_session.user = "TEMPLATE";
-  };
-
-  # Bootloader
-  boot.loader.grub = {
-    enable = true;
-    device = "/dev/sda"; # TEMPLATE - if only one disk, this will work
-    useOSProber = true;
-  };
-
-  # --------------------------------------
-  # you might need a configuration like this instead:
-  # Bootloader
-  # boot = {
-  #   kernelPackages = pkgs.linuxPackages_latest;
-  #   loader.grub = {
-  #     enable = true;
-  #     devices = ["nodev" ];
-  #     useOSProber = true;
-  #   };
-  # };
-  # --------------------------------------
-
-  networking.hostName = "TEMPLATE"; # Define your hostname.
-
-  stylix.image = ../../wallpaper/TEMPLATEwp.png;
-
-  enable = true;
-  base16Scheme = ../../../wallpaper/swarsel.yaml;
-  # base16Scheme = "${pkgs.base16-schemes}/share/themes/shapeshifter.yaml";
-  polarity = "dark";
-  opacity.popups = 0.5;
-  cursor = {
-    package = pkgs.capitaine-cursors;
-    name = "capitaine-cursors";
-    size = 16;
-  };
-  fonts = {
-    sizes = {
-      terminal = 10;
-      applications = 11;
-    };
-    serif = {
-      # package = (pkgs.nerdfonts.override { fonts = [ "FiraMono" "FiraCode"]; });
-      package = pkgs.cantarell-fonts;
-      # package = pkgs.montserrat;
-      name = "Cantarell";
-      # name = "FiraCode Nerd Font Propo";
-      # name = "Montserrat";
-    };
-
-    sansSerif = {
-      # package = (pkgs.nerdfonts.override { fonts = [ "FiraMono" "FiraCode"]; });
-      package = pkgs.cantarell-fonts;
-      # package = pkgs.montserrat;
-      name = "Cantarell";
-      # name = "FiraCode Nerd Font Propo";
-      # name = "Montserrat";
-    };
-
-    monospace = {
-      package = pkgs.nerdfonts.override { fonts = [ "FiraCode" ]; };
-      name = "FiraCode Nerd Font Mono";
-    };
-
-    emoji = {
-      package = pkgs.noto-fonts-emoji;
-      name = "Noto Color Emoji";
-    };
-  };
-
-
-  # Configure keymap in X11 (only used for login)
-  services.xserver.xkb = {
-    layout = "us";
-    variant = "altgr-intl";
-  };
-
-  users.users.TEMPLATE = {
-    isNormalUser = true;
-    description = "TEMPLATE";
-    extraGroups = [ "networkmanager" "wheel" "lp" "audio" "video" ];
-    packages = with pkgs; [ ];
-  };
-
-  environment.systemPackages = with pkgs; [
-  ];
-
-  system.stateVersion = "23.05"; # TEMPLATE - but probably no need to change
-
-}
-
-
      -
      -
      -
      2. -
    2. Home Manager
      -
      -
      -
      { config, pkgs, ... }:
-
-{
-
-
-
-  home = {
-    username = "TEMPLATE";
-    homeDirectory = "/home/TEMPLATE";
-    stateVersion = "23.05"; # TEMPLATE -- Please read the comment before changing.
-    keyboard.layout = "us"; # TEMPLATE
-    home.packages = with pkgs; [
-      # ---------------------------------------------------------------
-      # if schildichat works on this machine, use it, otherwise go for element
-      # element-desktop
-      # ---------------------------------------------------------------
-    ];
-  };
-  # update path if the sops private key is stored somewhere else
-  sops.age.sshKeyPaths = [ "${config.home.homeDirectory}/.ssh/sops" ];
-
-  # waybar config - TEMPLATE - update for cores and temp
-  programs.waybar.settings.mainBar = {
-    #cpu.format = "{icon0} {icon1} {icon2} {icon3}";
-    cpu.format = "{icon0} {icon1} {icon2} {icon3} {icon4} {icon5} {icon6} {icon7}";
-    temperature.hwmon-path = "/sys/devices/platform/coretemp.0/hwmon/hwmon1/temp3_input";
-  };
-
-  # -----------------------------------------------------------------
-  # is this machine always connected to power? If yes, use this block:
-  # 
-  # programs.waybar.settings.mainBar."custom/pseudobat" = {
-  #   format = "";
-  #   on-click-right = "wlogout -p layer-shell";
-  # };
-  # programs.waybar.settings.mainBar.modules-right = [
-  #   "custom/outer-left-arrow-dark"
-  #   "mpris"
-  #   "custom/left-arrow-light"
-  #   "network"
-  #   "custom/left-arrow-dark"
-  #   "pulseaudio"
-  #   "custom/left-arrow-light"
-  #   "custom/pseudobat"
-  #   "battery"
-  #   "custom/left-arrow-dark"
-  #   "group/hardware"
-  #   "custom/left-arrow-light"
-  #   "clock#2"
-  #   "custom/left-arrow-dark"
-  #   "clock#1"
-  # ];
-  # 
-  # -----------------------------------------------------------------
-
-  # -----------------------------------------------------------------
-  # if not always connected to power (laptop), use this (default):
-
-  programs.waybar.settings.mainBar.modules-right = [
-    "custom/outer-left-arrow-dark"
-    "mpris"
-    "custom/left-arrow-light"
-    "network"
-    "custom/left-arrow-dark"
-    "pulseaudio"
-    "custom/left-arrow-light"
-    "custom/pseudobat"
-    "battery"
-    "custom/left-arrow-dark"
-    "group/hardware"
-    "custom/left-arrow-light"
-    "clock#2"
-    "custom/left-arrow-dark"
-    "clock#1"
-  ];
-
-  # -----------------------------------------------------------------
-
-  wayland.windowManager.sway = {
-    config = rec {
-      # update for actual inputs here,
-      input = {
-        "36125:53060:splitkb.com_Kyria_rev3" = {
-          xkb_layout = "us";
-          xkb_variant = "altgr-intl";
-        };
-        "1:1:AT_Translated_Set_2_keyboard" = {
-          # TEMPLATE
-          xkb_layout = "us";
-          xkb_options = "grp:win_space_toggle";
-          # xkb_options = "ctrl:nocaps,grp:win_space_toggle";
-          xkb_variant = "altgr-intl";
-        };
-        "type:touchpad" = {
-          dwt = "enabled";
-          tap = "enabled";
-          natural_scroll = "enabled";
-          middle_emulation = "enabled";
-        };
-
-      };
-
-      output = {
-        DP-1 = {
-          mode = "2560x1440"; # TEMPLATE
-          scale = "1";
-          bg = "~/.dotfiles/wallpaper/TEMPLATE.png fill";
-        };
-      };
-
-      keybindings =
-        let
-          inherit (config.wayland.windowManager.sway.config) modifier;
-        in
-        {
-          # TEMPLATE
-          "${modifier}+w" = "exec \"bash ~/.dotfiles/scripts/checkschildi.sh\"";
-          # "${modifier}+w" = "exec \"bash ~/.dotfiles/scripts/checkelement.sh\"";
-        };
-
-      startup = [
-
-        { command = "nextcloud --background"; }
-        { command = "discord --start-minimized"; }
-        { command = "element-desktop --hidden  -enable-features=UseOzonePlatform -ozone-platform=wayland --disable-gpu-driver-bug-workarounds"; }
-        { command = "ANKI_WAYLAND=1 anki"; }
-        { command = "OBSIDIAN_USE_WAYLAND=1 obsidian"; }
-        { command = "nm-applet"; }
-
-      ];
-    };
-  };
-}
-
-
      -
      -
      -
      3. -
    -
    -

    3.1.2. Physical hosts

    +

    3.1.1. Physical hosts

      +
    1. Home-manager only
      +
      +

      +This is the "reference implementation" of a setup that runs without NixOS, only relying on home-manager. I try to test this every now and then and keep it supported. However, manual steps are needed to get the system to work fully, depending on what distribution you are running on. +

      + +
      +
      { inputs, outputs, config, ... }:
+{
+
+  imports = builtins.attrValues outputs.homeManagerModules;
+
+  nixpkgs = {
+    inherit (outputs) overlays;
+    config = {
+      allowUnfree = true;
+    };
+  };
+
+  services.xcape = {
+    enable = true;
+    mapExpression = {
+      Control_L = "Escape";
+    };
+  };
+
+  programs.zsh.initExtra = "
+  export GPG_TTY=\"$(tty)\"
+  export SSH_AUTH_SOCK=$(gpgconf --list-dirs agent-ssh-socket)
+  gpgconf --launch gpg-agent
+        ";
+
+  swarselsystems = {
+    isLaptop = true;
+    isNixos = false;
+    wallpaper = ../../wallpaper/surfacewp.png;
+    temperatureHwmon = {
+      isAbsolutePath = true;
+      path = "/sys/devices/platform/thinkpad_hwmon/hwmon/";
+      input-filename = "temp1_input";
+    };
+    monitors = {
+      main = {
+        name = "California Institute of Technology 0x1407 Unknown";
+        mode = "1920x1080"; # TEMPLATE
+        scale = "1";
+        position = "2560,0";
+        workspace = "2:二";
+        output = "eDP-1";
+      };
+    };
+    inputs = {
+      "1:1:AT_Translated_Set_2_keyboard" = {
+        xkb_layout = "us";
+        xkb_options = "grp:win_space_toggle";
+        xkb_variant = "altgr-intl";
+      };
+    };
+    keybindings = { };
+  };
+
+}
+
+
+
      +
      +
      +
    2. Sandbox (Lenovo Y510P)

      -My old laptop, replaced by a new one, since most basic functions have stopped to work lately. However, it is still good as a dummy server for testing things out before having them go live. +My old laptop, replaced by a new one, since most basic functions have stopped to work lately. However, it is still good as a dummy server for testing things out before having them go live. This configuration often changes when I am testing things - at the moment it is not even transitioned to the new module system however.

        @@ -1694,7 +1314,7 @@ in supportedFilesystems = [ "zfs" ]; kernelModules = [ "tun" ]; kernel.sysctl = { - "net.ipv4.conf.all.rp_filter" = 2; + "net.ipv4.conf.all.rp_filter" = 2; "net.ipv4.conf.default.rp_filter" = 2; "net.ipv4.conf.enp7s0.rp_filter" = 2; }; @@ -2506,83 +2126,14 @@ in
      3. -
    3. Home-manager only
      -
      -
      -
      -{ inputs, outputs, config, ... }:
-{
-
-  imports = builtins.attrValues outputs.homeManagerModules;
-
-  nixpkgs = {
-    inherit (outputs) overlays;
-    config = {
-      allowUnfree = true;
-    };
-  };
-
-  services.xcape = {
-    enable = true;
-    mapExpression = {
-      Control_L = "Escape";
-    };
-  };
-
-  programs.zsh.initExtra = "
-export GPG_TTY=\"$(tty)\"
-export SSH_AUTH_SOCK=$(gpgconf --list-dirs agent-ssh-socket)
-gpgconf --launch gpg-agent
-      ";
-
-  swarselsystems = {
-    isLaptop = true;
-    isNixos = false;
-    wallpaper = ../../wallpaper/surfacewp.png;
-    temperatureHwmon = {
-      isAbsolutePath = true;
-      path = "/sys/devices/platform/thinkpad_hwmon/hwmon/";
-      input-filename = "temp1_input";
-    };
-    monitors = {
-      main = {
-        name = "California Institute of Technology 0x1407 Unknown";
-        mode = "1920x1080"; # TEMPLATE
-        scale = "1";
-        position = "2560,0";
-        workspace = "2:二";
-        output = "eDP-1";
-      };
-    };
-    inputs =  {
-      "1:1:AT_Translated_Set_2_keyboard" = {
-        xkb_layout = "us";
-        xkb_options = "grp:win_space_toggle";
-        xkb_variant = "altgr-intl";
-      };
-    };
-    keybindings = {
-    };
-  };
-
-}
-
-
-
      -
      -
      -
    4. Fourside (Lenovo Thinkpad P14s Gen2)

      -My new main machine. -This is basically just adjusted to the core count, path to the hwmon (this was very bothersome on this machine due to changing address), as well as making use of the top-row function keys. +This is my private main machine. I am not using hardware encryption here as I personally do not really care. However, I want to setup impermanence on this one as soon as I get the chance.

      -
      -
      -{ inputs, outputs, config, pkgs, ... }:
+
      { inputs, outputs, config, pkgs, ... }:
 {
 
   imports = [
@@ -2652,9 +2203,9 @@ This is basically just adjusted to the core count, path to the hwmonhwmonhwmonnbl-imba-2 (Framework Laptop 16)
      
 
      
 
      
-My work machine.
+My work machine. Built for more security, this is the gold standard of my configurations at the moment.
 
      
 
 
 
      
-
      -{ inputs, outputs, config, pkgs, lib, ... }:
+
      { inputs, outputs, config, pkgs, lib, ... }:
 {
 
   imports = [
@@ -2772,7 +2322,7 @@ My work machine.
   services = {
     fwupd.enable = true;
     udev.extraRules = ''
-       ACTION=="add", SUBSYSTEM=="usb", ATTR{idVendor}=="0bda", ATTR{idProduct}=="8156", ATTR{power/autosuspend}="20"
+      ACTION=="add", SUBSYSTEM=="usb", ATTR{idVendor}=="0bda", ATTR{idProduct}=="8156", ATTR{power/autosuspend}="20"
     '';
   };
 
@@ -2794,9 +2344,9 @@ My work machine.
     #   path = "/sys/devices/platform/thinkpad_hwmon/hwmon/";
     #   input-filename = "temp1_input";
     # };
-  #  ------   -----
-  # | DP-4 | |eDP-1|
-  #  ------   -----
+    #  ------   -----
+    # | DP-4 | |eDP-1|
+    #  ------   -----
     monitors = {
       main = {
         name = "BOE 0x0BC9 Unknown";
@@ -2830,13 +2380,26 @@ My work machine.
         workspace = "1:一";
         output = "DP-7";
       };
+      work_back_right = {
+        name = "HP Inc. HP Z32 CN41212T55";
+        mode = "3840x2160";
+        scale = "1";
+        position = "5120,0";
+        workspace = "1:一";
+        output = "DP-3";
+      };
     };
-    inputs =  {
+    inputs = {
       "12972:18:Framework_Laptop_16_Keyboard_Module_-_ANSI_Keyboard" = {
         xkb_layout = "us";
         xkb_options = "grp:win_space_toggle";
         xkb_variant = "altgr-intl";
       };
+      "1133:45081:MX_Master_2S_Keyboard" = {
+        xkb_layout = "us";
+        xkb_options = "grp:win_space_toggle";
+        xkb_variant = "altgr-intl";
+      };
       "2362:628:PIXA3854:00_093A:0274_Touchpad" = {
         dwt = "enabled";
         tap = "enabled";
@@ -2858,7 +2421,7 @@ My work machine.
    -

    3.1.3. Virtual hosts

    +

    3.1.2. Virtual hosts

    My server setup is built on Proxmox VE; back when I started, I created all kinds of wild Debian/Ubuntu/etc. KVMs and LXCs on there. However, the root disk has suffered a weird failure where it has become unable to be cloned, but it is still functional for now. I am currently rewriting all machines on there to use NixOS instead; this is a ongoing process. @@ -4949,9 +4512,9 @@ in

    -
    -

    3.2. Overlays, packages, and modules

    -
    +
    +

    3.2. Overlays, packages, and modules

    +

    In this section I define packages that I manually want to nixpkgs. This can be useful for packages that are currently awaiting a PR or public packages that I do not want to maintain.

    @@ -4969,12 +4532,15 @@ These are for packages that are on nixpkgs, but do not fit my usecase, meaning I This is simply a mirror of the most recent stable branch of nixpkgs. Useful for packages that are broken on nixpkgs, but do not need to be on bleeding edge anyways.
    -
    -

    3.2.1. Packages

    -
    +
    +

    3.2.1. Packages

    +
    +

    +This is the central station for self-defined packages. These are all referenced in default.nix. Wherever possible, I am keeping the shell version of these scripts in this file as well and then read it using builtin.readFile in the NixOS configurations. This lets me keep full control in this one file but also keep the separate files uncluttered. +

    +
    -
    -{pkgs, ...}:
+
    { pkgs, ... }:
 let
   inherit (pkgs) callPackage;
 in
@@ -4990,14 +4556,19 @@ in
   waybarupdate = callPackage ./waybarupdate { };
   opacitytoggle = callPackage ./opacitytoggle { };
   fs-diff = callPackage ./fs-diff { };
+  update-checker = callPackage ./update-checker { };
 }
      -
    1. pass-fuzzel
      -
      +
    2. pass-fuzzel
      +
      +

      +This app allows me, in conjunction with my Yubikey, to quickly enter passwords when the need arises. Normal and TOTP passwords are supported, and they can either be printed directly or copied to the clipboard. +

      + 
      # Adapted from https://code.kulupu.party/thesuess/home-manager/src/branch/main/modules/river.nix
 shopt -s nullglob globstar
@@ -5046,7 +4617,7 @@ notify-send -u critical -a pass -t 1000 "Copied/Typed Password"
      -
      {writeShellApplication, libnotify, pass, fuzzel, wtype}:
+
      { writeShellApplication, libnotify, pass, fuzzel, wtype }:
 
 writeShellApplication {
   name = "pass-fuzzel";
@@ -5058,11 +4629,15 @@ writeShellApplication {
      3. -
    3. cura5
      -
      +
    4. cura5
      +
      +

      +The version of cura used to be quite outdated in nixpkgs. I am fetching a newer AppImage here and use that instead. +

      + +
      -
      -{appimageTools, fetchurl, writeScriptBin, pkgs}:
+
      { appimageTools, fetchurl, writeScriptBin, pkgs }:
 
 
 let
@@ -5077,36 +4652,40 @@ let
   };
 in
 writeScriptBin "cura" ''
-    #! ${pkgs.bash}/bin/bash
-    # AppImage version of Cura loses current working directory and treats all paths relative to $HOME.
-    # So we convert each of the files passed as argument to an absolute path.
-    # This fixes use cases like `cd /path/to/my/files; cura mymodel.stl anothermodel.stl`.
-    args=()
-    for a in "$@"; do
-        if [ -e "$a" ]; then
-           a="$(realpath "$a")"
-        fi
-        args+=("$a")
-    done
-    exec "${cura5}/bin/cura5" "''${args[@]}"
-  ''
+  #! ${pkgs.bash}/bin/bash
+  # AppImage version of Cura loses current working directory and treats all paths relative to $HOME.
+  # So we convert each of the files passed as argument to an absolute path.
+  # This fixes use cases like `cd /path/to/my/files; cura mymodel.stl anothermodel.stl`.
+  args=()
+  for a in "$@"; do
+      if [ -e "$a" ]; then
+         a="$(realpath "$a")"
+      fi
+      args+=("$a")
+  done
+  exec "${cura5}/bin/cura5" "''${args[@]}"
+''
      5. -
    5. cdw
      -
      +
    6. cdw
      +
      +

      +This script allows for quick git worktree switching. +

      + +
      -
      -{writeShellApplication, fzf}:
+
      { writeShellApplication, fzf }:
 
 writeShellApplication {
   name = "cdw";
   runtimeInputs = [ fzf ];
   text = ''
-        cd "$(git worktree list | fzf | awk '{print $1}')"
-      '';
+    cd "$(git worktree list | fzf | awk '{print $1}')"
+  '';
 }
 
 
@@ -5114,35 +4693,42 @@ writeShellApplication {
      7. -
    7. cdb
      -
      +
    8. cdb
      +
      +

      +This script allows for quick git branch switching. +

      +
      -
      -{writeShellApplication, fzf}:
+
      { writeShellApplication, fzf }:
 
 writeShellApplication {
   name = "cdb";
   runtimeInputs = [ fzf ];
   text = ''
-        git checkout "$(git branch --list | grep -v "^\*" | fzf | awk '{print $1}')"
-      '';
+    git checkout "$(git branch --list | grep -v "^\*" | fzf | awk '{print $1}')"
+  '';
 }
      9. -
    9. bak
      -
      +
    10. bak
      +
      +

      +This script lets me quickly backup files by appending .bak to the filename. +

      + +
      -
      -{writeShellApplication}:
+
      { writeShellApplication }:
 
 writeShellApplication {
   name = "bak";
   text = ''
-        cp "$1"{,.bak}
-      '';
+    cp "$1"{,.bak}
+  '';
 }
 
 
@@ -5150,26 +4736,34 @@ writeShellApplication {
      11. -
    11. timer
      -
      +
    12. timer
      +
      +

      +This app starts a configuratble timer and uses TTS to say something once the timer runs out. +

      + +
      -
      -{writeShellApplication, speechd}:
+
      { writeShellApplication, speechd }:
 
 writeShellApplication {
   name = "timer";
   runtimeInputs = [ speechd ];
   text = ''
     sleep "$1"; while true; do spd-say "$2"; sleep 0.5; done;
-      '';
+  '';
 }
      13. -
    13. e
      -
      +
    14. e
      +
      +

      +This is a shorthand for calling emacsclient mostly. Also, it hides the kittyterm scratchpad window that I sometimes use for calling a command quickly, in case it is on the screen. After emacs closes, the kittyterm window is then shown again if it was visible earlier. +

      + 
      wait=0
 while :; do
@@ -5197,7 +4791,7 @@ fi
      -
      { writeShellApplication, emacs-pgtk, sway, jq}:
+
      { writeShellApplication, emacs-pgtk, sway, jq }:
 
 writeShellApplication {
   name = "e";
@@ -5209,8 +4803,13 @@ writeShellApplication {
      15. -
    15. command-not-found
      -
      +
    16. command-not-found
      +
      +

      +The normal command-not-found.sh uses the outdated nix-shell commands as suggestions. This version supplies me with the more modern nixpkgs#<name> version. +

      + + 
      # Adapted from https://github.com/bennofs/nix-index/blob/master/command-not-found.sh
 command_not_found_handle () {
@@ -5248,12 +4847,16 @@ command_not_found_handler () {
      17. -
    17. swarselcheck
      -
      +
    18. swarselcheck
      +
      +

      +This app checks for different apps that I keep around in the scratchpad for quick viewing and hiding (messengers and music players mostly) and then behaves like the kittyterm hider that I described in e. +

      + 
      kitty=0
 element=0
-discord=0
+vesktop=0
 spotifyplayer=0
 while :; do
     case ${1:-} in
@@ -5261,7 +4864,7 @@ while :; do
                    ;;
         -e|--element) element=1
                    ;;
-        -d|--discord) discord=1
+        -d|--vesktop) vesktop=1
                    ;;
         -s|--spotifyplayer) spotifyplayer=1
                    ;;
@@ -5288,12 +4891,12 @@ elif [[ $element -eq 1 ]]; then
     else
         exec swaymsg '[app_id=Element]' kill
     fi
-elif [[ $discord -eq 1 ]]; then
-    STR=$(swaymsg -t get_tree | grep discord || true)
+elif [[ $vesktop -eq 1 ]]; then
+    STR=$(swaymsg -t get_tree | grep vesktop || true)
     if [ "$STR" == "" ]; then
-        exec discord
+        exec vesktop
     else
-        exec swaymsg '[app_id=discord]' kill
+        exec swaymsg '[app_id=vesktop]' kill
     fi
 elif [[ $spotifyplayer -eq 1 ]]; then
     STR=$(swaymsg -t get_tree | jq -r 'recurse(.nodes[]) | select(.name == "__i3_scratch")' | grep spotifytui || true)
@@ -5311,11 +4914,11 @@ fi
      -
      { writeShellApplication, kitty, element-desktop-wayland, discord, spotify-player, sway, jq}:
+
      { writeShellApplication, kitty, element-desktop-wayland, vesktop, spotify-player, sway, jq }:
 
 writeShellApplication {
   name = "swarselcheck";
-  runtimeInputs = [ kitty element-desktop-wayland discord spotify-player jq ];
+  runtimeInputs = [ kitty element-desktop-wayland vesktop spotify-player jq ];
   text = builtins.readFile ../../scripts/swarselcheck.sh;
 }
 
@@ -5323,8 +4926,12 @@ writeShellApplication {
      19. -
    19. waybarupdate
      -
      +
    20. waybarupdate
      +
      +

      +This scripts checks if there are uncommited changes in either my dotfile repo, my university repo, or my passfile repo. In that case a warning will be shown in waybar. +

      + 
      CFG=$(git --git-dir="$HOME"/.dotfiles/.git --work-tree="$HOME"/.dotfiles/ status -s | wc -l)
 CSE=$(git --git-dir="$HOME"/Documents/GitHub/CSE_TUWIEN/.git --work-tree="$HOME"/Documents/GitHub/CSE_TUWIEN/ status -s | wc -l)
@@ -5355,7 +4962,7 @@ echo "$OUT"
      -
      { writeShellApplication, git}:
+
      { writeShellApplication, git }:
 
 writeShellApplication {
   name = "waybarupdate";
@@ -5367,8 +4974,12 @@ writeShellApplication {
      21. -
    21. opacitytoggle
      -
      +
    22. opacitytoggle
      +
      +

      +This app quickly toggles between 5% and 0% transparency. +

      + 
      if swaymsg opacity plus 0.01 -q; then
         swaymsg opacity 1
@@ -5379,7 +4990,7 @@ fi
      -
      { writeShellApplication, sway}:
+
      { writeShellApplication, sway }:
 
 writeShellApplication {
   name = "opacitytoggle";
@@ -5390,8 +5001,12 @@ writeShellApplication {
      23. -
    23. fs-diff
      -
      +
    24. fs-diff
      +
      +

      +This utility is used to compare the current state of the root directory with the blanket state that is stored in /root-blank (the snapshot that is restored on each reboot of an impermanence machine). Using this, I can find files that I will lose once I reboot - if there are important files in that list, I can then easily add them to the persist options. +

      + 
      set -euo pipefail
 
@@ -5417,7 +5032,7 @@ done
      -
      { writeShellApplication, sway}:
+
      { writeShellApplication, sway }:
 
 writeShellApplication {
   name = "fs-diff";
@@ -5427,19 +5042,70 @@ writeShellApplication {
      25. +
    25. update-checker
      +
      +

      +This utility checks if there are updated packages in nixpkgs-unstable. It does so by fully building the most recent configuration, which I do not love, but it has its merits once I am willing to switch to the newer version. +

      + +
      +
      +updates="$(cd ~/.dotfiles && nix flake lock --update-input nixpkgs && nix build .#nixosConfigurations."$HOSTNAME".config.system.build.toplevel && nvd diff /run/current-system ./result | grep -c '\[U')"
+
+tooltip="System updated"
+if [[ $updates != 0 ]]; then
+  tooltip=$(cd ~/.dotfiles && nvd diff /run/current-system ./result | grep -e '\[U' | awk '{ for (i=3; i<NF; i++) printf $i " "; if (NF >= 3) print $NF; }' ORS='\\n' )
+fi
+
+echo "{ \"text\":\"$updates\", \"tooltip\":\"$tooltip\" }"
+
+
      +
      + +
      +
      { writeShellApplication, nvd }:
+
+writeShellApplication {
+  name = "update-checker";
+  runtimeInputs = [ nvd ];
+  text = builtins.readFile ../../scripts/update-checker.sh;
+}
+
      +
      +
      +
    -
    -

    3.2.2. Overlays

    -
    +
    +

    3.2.2. Overlays (additions, overrides, nixpkgs-stable)

    +
    +

    +This file now holds all of the "nixpkgs-changes" that I am using across the configurations. Most notable here are the modifications, where I am editing derivations according to my needs. +

    +
    -
    -  { inputs, ... }: {
+
    { inputs, ... }: {
   additions = final: _prev: import ../pkgs { pkgs = final; };
   modifications = final: _prev: {
-    # example = prev.example.overrideAttrs (oldAttrs: rec {
-    # ...
-    # });
+    vesktop = _prev.vesktop.override {
+      withSystemVencord = true;
+    };
+
+    nerdfonts = _prev.nerdfonts.override {
+      fonts = [ "FiraMono" "FiraCode" "NerdFontsSymbolsOnly" ];
+    };
+
+    firefox = _prev.firefox.override {
+      nativeMessagingHosts = [
+        _prev.tridactyl-native
+        _prev.browserpass
+        _prev.plasma5Packages.plasma-browser-integration
+      ];
+    };
+
+    prismlauncher = _prev.prismlauncher.override {
+      glfw = _prev.glfw-wayland-minecraft;
+    };
 
     # river = prev.river.overrideAttrs (oldAttrs: rec {
     #   pname = "river";
@@ -5463,16 +5129,16 @@ writeShellApplication {
    -
    -

    3.2.3. Modules

    -
    +
    +

    3.2.3. Modules

    +

    In this section I define custom modules under the swarsel attribute. These are mostly used to define settings specific to a host. I keep these settings confined to either home-manager or nixos to maintain compatibility with non-NixOS machines.

      -
    1. NixOS
      -
      +
    2. NixOS
      +

      Modules that need to be loaded on the NixOS level. Note that these will not be available on systems that are not running NixOS

      @@ -5489,24 +5155,32 @@ Modules that need to be loaded on the NixOS level. Note that these will not be a
      -
    1. Wallpaper
      -
      +
    2. Wallpaper
      +
      +

      +This lets me set the wallpaper that I want to use. Duplicated with home-manager options because mixing system and user level configuration is not a good idea. +

      + 
      { lib, ... }:
 
 {
   options.swarselsystems.wallpaper = lib.mkOption {
-      type = lib.types.path;
-      default = "";
-    };
-  }
+    type = lib.types.path;
+    default = "";
+  };
+}
      3. -
    3. Hardware
      -
      +
    4. Hardware
      +
      +

      +This lets me set some basic flags about the hardware of the configured systems. +

      + 
      { lib, ... }:
 
@@ -5518,13 +5192,17 @@ Modules that need to be loaded on the NixOS level. Note that these will not be a
     type = lib.types.str;
     default = "";
   };
-  }
+}
      5. -
    5. Setup
      -
      +
    6. Setup
      +
      +

      +I usually use mutableUsers = false in my NixOS configuration. However, on a new system where sops-keys have not been deployed, this would immediately lock me out of the system. Hence this flag can be used until sops-keys are created. +

      + 
      { lib, ... }:
 
@@ -5535,8 +5213,12 @@ Modules that need to be loaded on the NixOS level. Note that these will not be a
      7. -
    7. Impermanence
      -
      +
    8. Impermanence
      +
      +

      +Option to enable impermanence configurations. This could also be done via optional imports, but impermanence is a "big enough" change to warrant a line in the machine default.nix. +

      + 
      { lib, ... }:
 
@@ -5547,8 +5229,12 @@ Modules that need to be loaded on the NixOS level. Note that these will not be a
      9. -
    9. Filesystem
      -
      +
    10. Filesystem
      +
      +

      +This lets me quickly set flags for "special" file systems. These options mostly function in conjunction with other settings (for example, the isBtrfs function is mostly used for impermanence configuration). +

      + 
      { lib, ... }:
 
@@ -5561,8 +5247,12 @@ Modules that need to be loaded on the NixOS level. Note that these will not be a
    -
  • home-manager
    -
    +
  • home-manager
    +
    +

    +This holds modules that are to be used on most hosts. These are also the most important options to configure, as these allow me easy access to monitor, keyboard, and other setups. +

    + 
    {
   laptop = import ./laptop.nix;
@@ -5579,8 +5269,12 @@ Modules that need to be loaded on the NixOS level. Note that these will not be a
      -
    1. Laptop
      -
      +
    2. Laptop
      +
      +

      +Laptops are not always plugged in, so they should show a battery icon in Waybar. Also, most laptops have a touchpad which usually needs to be configured. +

      + 
      { lib, config, ... }:
 {
@@ -5598,6 +5292,7 @@ Modules that need to be loaded on the NixOS level. Note that these will not be a
     "mpris"
     "custom/left-arrow-light"
     "network"
+    "custom/vpn"
     "custom/left-arrow-dark"
     "pulseaudio"
     "custom/left-arrow-light"
@@ -5614,72 +5309,89 @@ Modules that need to be loaded on the NixOS level. Note that these will not be a
      3. -
    3. Hardware
      -
      +
    4. Hardware
      +
      +

      +This section is mostly used to deliver the correct information to Waybar. AMD systems have changing hwmon paths that can be specifically set here. Also the cpu count can be set here for Waybars cpu module, but 8 is usually a good setting to show +

      + 
      { lib, ... }:
 
 {
   options.swarselsystems.cpuCount = lib.mkOption {
-      type = lib.types.int;
-      default = 8;
-    };
+    type = lib.types.int;
+    default = 8;
+  };
   options.swarselsystems.temperatureHwmon.isAbsolutePath = lib.mkEnableOption "absolute temperature path";
   options.swarselsystems.temperatureHwmon.path = lib.mkOption {
-      type = lib.types.str;
-      default = "";
-    };
+    type = lib.types.str;
+    default = "";
+  };
   options.swarselsystems.temperatureHwmon.input-filename = lib.mkOption {
-      type = lib.types.str;
-      default = "";
-    };
-  }
+    type = lib.types.str;
+    default = "";
+  };
+}
      5. -
    5. Waybar
      -
      +
    6. Waybar
      +
      +

      +These are explicit waybar options. Laptops do not need the battery module. However, this leads to a slight problem with theming: my waybar modules alternate their background-color between black and grey. The battery module is usually on grey background. If I were to simply delete that, I would now have two modules on black background. To avoid this, I define a pseudo-module custom/pseudobat that simply shows a static image and calls wlogout on right click. This wastes a little bit of screen space, but that is a price I am willing to pay for consistency. +

      + +

      +The most part of this configuration is done here: Waybar +

      +
      -
        { lib, config, ... }:
+
      { lib, config, ... }:
 
 let
   generateIcons = n: lib.concatStringsSep " " (builtins.map (x: "{icon" + toString x + "}") (lib.range 0 (n - 1)));
 in
-  {
-    options.swarselsystems.cpuString = lib.mkOption {
-        type = lib.types.str;
-        default = generateIcons config.swarselsystems.cpuCount;
-        description = "The generated icons string for use by Waybar.";
-        internal = true;
-      };
-    options.swarselsystems.waybarModules = lib.mkOption {
-      type = lib.types.listOf lib.types.str;
-      default = [
-  "custom/outer-left-arrow-dark"
-  "mpris"
-  "custom/left-arrow-light"
-  "network"
-  "custom/left-arrow-dark"
-  "pulseaudio"
-  "custom/left-arrow-light"
-  "custom/pseudobat"
-  "battery"
-  "custom/left-arrow-dark"
-  "group/hardware"
-  "custom/left-arrow-light"
-  "clock#2"
-  "custom/left-arrow-dark"
-  "clock#1"
-      ];
-    };
-  }
+{
+  options.swarselsystems.cpuString = lib.mkOption {
+    type = lib.types.str;
+    default = generateIcons config.swarselsystems.cpuCount;
+    description = "The generated icons string for use by Waybar.";
+    internal = true;
+  };
+  options.swarselsystems.waybarModules = lib.mkOption {
+    type = lib.types.listOf lib.types.str;
+    default = [
+      "custom/outer-left-arrow-dark"
+      "mpris"
+      "custom/left-arrow-light"
+      "network"
+      "custom/vpn"
+      "custom/left-arrow-dark"
+      "pulseaudio"
+      "custom/left-arrow-light"
+      "custom/pseudobat"
+      "battery"
+      "custom/left-arrow-dark"
+      "group/hardware"
+      "custom/left-arrow-light"
+      "clock#2"
+      "custom/left-arrow-dark"
+      "clock#1"
+    ];
+  };
+}
      7. -
    7. Monitors
      -
      +
    8. Monitors
      +
      +

      +This allows me to define my monitors in the machine's default.nix. +

      + 
      { lib, ... }:
 let
@@ -5687,7 +5399,7 @@ let
 in
 {
   options.swarselsystems.monitors = mkOption {
-    type = types.attrsOf (types.attrsOf types.str );
+    type = types.attrsOf (types.attrsOf types.str);
     default = { };
   };
 }
@@ -5695,8 +5407,12 @@ in
      9. -
    9. Input
      -
      +
    10. Input
      +
      +

      +This allows me to configure input options. Here, I am globally defining my split keyboards. Then, I am joining some attribute sets so that they can be easier used in the rest of the configurations. +

      + 
      { lib, config, ... }:
 let
@@ -5704,11 +5420,11 @@ let
 in
 {
   options.swarselsystems.inputs = mkOption {
-    type = types.attrsOf (types.attrsOf types.str );
+    type = types.attrsOf (types.attrsOf types.str);
     default = { };
   };
   options.swarselsystems.kyria = mkOption {
-    type = types.attrsOf (types.attrsOf types.str );
+    type = types.attrsOf (types.attrsOf types.str);
     default = {
       "36125:53060:splitkb.com_splitkb.com_Kyria_rev3" = {
         xkb_layout = "us";
@@ -5717,11 +5433,11 @@ in
     };
   };
   options.swarselsystems.touchpad = mkOption {
-    type = types.attrsOf (types.attrsOf types.str );
+    type = types.attrsOf (types.attrsOf types.str);
     default = { };
   };
   options.swarselsystems.standardinputs = mkOption {
-    type = types.attrsOf (types.attrsOf types.str );
+    type = types.attrsOf (types.attrsOf types.str);
     default = lib.recursiveUpdate (lib.recursiveUpdate config.swarselsystems.touchpad config.swarselsystems.kyria) config.swarselsystems.inputs;
     internal = true;
   };
@@ -5735,34 +5451,39 @@ in
      11. -
    11. Nixos
      -
      +
    12. Nixos
      +
      +

      +These are some extra options that will be used if the machine also runs NixOS. For example, non-NixOS hosts need nixGL prepended to most graphic commands, and swayfx works less nicely on these machines. +

      + 
      { lib, config, ... }:
 {
   options.swarselsystems.isNixos = lib.mkEnableOption "nixos host";
   config.swarselsystems.startup = lib.mkIf (!config.swarselsystems.isNixos) [
-      { command = "sleep 60 && nixGL nextcloud --background";
+    {
+      command = "sleep 60 && nixGL nextcloud --background";
     }
-    { command = "sleep 60 && nixGL discord --start-minimized -enable-features=UseOzonePlatform -ozone-platform=wayland"; }
+    { command = "sleep 60 && nixGL vesktop --start-minimized -enable-features=UseOzonePlatform -ozone-platform=wayland"; }
     { command = "sleep 60 && nixGL syncthingtray --wait"; }
     { command = "sleep 60 && ANKI_WAYLAND=1 nixGL anki"; }
     { command = "nm-applet --indicator"; }
     { command = "sleep 60 && OBSIDIAN_USE_WAYLAND=1 nixGL obsidian -enable-features=UseOzonePlatform -ozone-platform=wayland"; }
     { command = "sleep 60 && element-desktop --hidden  -enable-features=UseOzonePlatform -ozone-platform=wayland --disable-gpu-driver-bug-workarounds"; }
-    ];
+  ];
   options.swarselsystems.swayfxConfig = lib.mkOption {
     type = lib.types.str;
     default = "
-          blur enable
-          blur_xray disable
-          blur_passes 1
-          blur_radius 1
-          shadows enable
-          corner_radius 2
-          titlebar_separator disable
-          default_dim_inactive 0.02
-      ";
+            blur enable
+            blur_xray disable
+            blur_passes 1
+            blur_radius 1
+            shadows enable
+            corner_radius 2
+            titlebar_separator disable
+            default_dim_inactive 0.02
+        ";
     internal = true;
   };
   config.swarselsystems.swayfxConfig = lib.mkIf (!config.swarselsystems.isNixos) " ";
@@ -5771,8 +5492,28 @@ in
      13. -
    13. System startup
      -
      +
    14. System startup
      +
      +

      +This defines programs I want to have starting when I start the system +

      + +

      +Part of the startup is also defined in Sway. The distinction is as follows. As this configuration also needs to work on systems that are running only home manager, I probably need to run nixGL or something similar on those systems to get these graphic apps to display properly. In this section we only define such graphical programs, in the other location we only put shell applications and such. +

      + +

      +These other apps currently include: +

      +
        +
      • spotifytui
        • +
      • kitty
        • +
      + +

      +Do not that syncthingtray is also not mentioned here. It is installed as a home manager package that automatically starts at system start. +

      + 
      { lib, ... }:
 let
@@ -5784,7 +5525,7 @@ in
     type = types.listOf (types.attrsOf types.str);
     default = [
       { command = "nextcloud --background"; }
-      { command = "discord --start-minimized"; }
+      { command = "vesktop --start-minimized"; }
       { command = "element-desktop --hidden  -enable-features=UseOzonePlatform -ozone-platform=wayland --disable-gpu-driver-bug-workarounds"; }
       { command = "ANKI_WAYLAND=1 anki"; }
       { command = "OBSIDIAN_USE_WAYLAND=1 obsidian"; }
@@ -5796,24 +5537,32 @@ in
      15. -
    15. Wallpaper
      -
      +
    16. Wallpaper
      +
      +

      +Again, I set the wallpaper here for stylix. +

      + 
      { lib, ... }:
 
 {
   options.swarselsystems.wallpaper = lib.mkOption {
-      type = lib.types.path;
-      default = "";
-    };
-  }
+    type = lib.types.path;
+    default = "";
+  };
+}
      17. -
    17. Filesystem
      -
      +
    18. Filesystem
      +
      +

      +Another duplicated option for the filesystem. +

      + 
      { lib, ... }:
 
@@ -5829,9 +5578,12 @@ in
    • -
    -

    3.3. NixOS

    -
    +
    +

    3.3. NixOS

    +
    +

    +Here we have NixOS options. All options are split into smaller files that are loaded by the general default.nix. Common files are used by all user hosts equally, optionals need to be added to the machine's default.nix on a case-by-case basis. +

    3.3.1. Common

    @@ -5841,19 +5593,26 @@ These are system-level settings specific to NixOS machines. All settings that ar

      -
    1. Imports, enable home-manager module, stateVersion
      -
      +
    2. Imports, enable home-manager module, stateVersion
      +

      :CUSTOMID: h:45e4315b-0929-4c47-b65a-c8f0a685f4df

      -First, we enable the use of home-manager as a NixoS module +First, we enable the use of home-manager as a NixoS module. +

      + +

      +Also, we disable the warnings that trigger when rebuilding with a dirty flake. At this point, I am also disabling channels and pinning the flake registry - the latter lets me use the local version of nixpkgs for commands like nix shell (without it, we will always download the newest version of nixpkgs for these commands). +

      + +

      +Also, the system state version is set here. No need to touch it.

      -
      -{ lib, ... }:
+
      { lib, inputs, ... }:
 {
   imports = [
     ./xserver.nix
@@ -5867,12 +5626,14 @@ First, we enable the use of home-manager as a NixoS module
     ./network.nix
     ./time.nix
     ./hardware.nix
+    ./pipewire.nix
     ./sops.nix
     ./packages.nix
     ./programs.nix
     ./zsh.nix
     ./syncthing.nix
     ./blueman.nix
+    ./safeeyes.nix
     ./networkdevices.nix
     ./gvfs.nix
     ./interceptiontools.nix
@@ -5881,10 +5642,32 @@ First, we enable the use of home-manager as a NixoS module
     ./stylix.nix
     ./power-profiles-daemon.nix
     # ./impermanence.nix
+    ./nvd-rebuild.nix
     ./nix-ld.nix
+    ./gnome-keyring.nix
+    ./sway.nix
+    ./xdg-portal.nix
   ];
 
-  nix.settings.trusted-users = [ "swarsel" ];
+  nix =
+    let
+      flakeInputs = lib.filterAttrs (_: lib.isType "flake") inputs;
+    in
+    {
+      settings = {
+        experimental-features = [
+          "nix-command"
+          "flakes"
+          "ca-derivations"
+        ];
+        trusted-users = [ "swarsel" ];
+        flake-registry = "";
+        warn-dirty = false;
+      };
+      channel.enable = false;
+      registry = lib.mapAttrs (_: flake: { inherit flake; }) flakeInputs;
+      nixPath = lib.mapAttrsToList (n: _: "${n}=flake:${n}") flakeInputs;
+    };
 
   home-manager = {
     useGlobalPkgs = true;
@@ -5905,7 +5688,7 @@ Next, we setup the keymap in case we are not in a graphical session. At this poi
 
      
 
 
      
-
      _ :
+
      _:
 {
   services.xserver = {
     xkb = {
@@ -5969,16 +5752,24 @@ Next, we will setup some environment variables that need to be set on the system
      3. -
    3. Enable PolicyKit
      +
    4. Security

      Needed for control over system-wide privileges etc.

      -
      _ :
+
      _:
 {
+
+  security.pam.services = {
+    login.u2fAuth = true;
+    sudo.u2fAuth = true;
+    swaylock.u2fAuth = true;
+    swaylock.fprintAuth = false;
+  };
   security.polkit.enable = true;
+
 }
      @@ -5991,7 +5782,7 @@ The nix store fills up over time, until /boot/efi is filled. This s

      -
      _ :
+
      _:
 {
   nix.gc = {
     automatic = true;
@@ -6011,7 +5802,7 @@ This enables hardlinking identical files in the nix store, to save on disk space
 
      
 
 
      
-
      _ :
+
      _:
 {
   nix.optimise = {
     automatic = true;
@@ -6030,13 +5821,13 @@ There is a persistent bug over Linux kernels that makes the user wait 1m30s on s
 
      
 
 
      
-
      _ :
+
      _:
 {
   # systemd
   systemd.extraConfig = ''
-      DefaultTimeoutStartSec=60s
-      DefaultTimeoutStopSec=15s
-    '';
+    DefaultTimeoutStartSec=60s
+    DefaultTimeoutStopSec=15s
+  '';
 }
 
      
 
      
@@ -6049,7 +5840,7 @@ Enable OpenGL, Sound, Bluetooth and various drivers.
 
      
 
 
      
-
      { pkgs, config, lib, ...}:
+
      { pkgs, config, lib, ... }:
 {
 
   hardware = {
@@ -6065,8 +5856,10 @@ Enable OpenGL, Sound, Bluetooth and various drivers.
 
     keyboard.qmk.enable = true;
 
-    pulseaudio= {
-      enable = true;
+
+
+    pulseaudio = {
+      enable = lib.mkIf (!config.services.pipewire.enable) true;
       package = pkgs.pulseaudioFull;
     };
 
@@ -6089,6 +5882,31 @@ Enable OpenGL, Sound, Bluetooth and various drivers.
      5. +
    5. Pipewire
      +
      +

      +Pipewire handles communication on Wayland. This enables several sound tools as well as screen sharing in combinaton with xdg-desktop-portal-wlr. +

      + +
      +
      _: {
+  security.rtkit.enable = true; # this is required for pipewire real-time access
+
+  services.pipewire = {
+    enable = true;
+    pulse.enable = true;
+    jack.enable = true;
+    audio.enable = true;
+    alsa = {
+      enable = true;
+      support32Bit = true;
+    };
+  };
+}
+
      +
      +
      +
    6. Common network settings

      @@ -6096,7 +5914,7 @@ Here I only enable networkmanager. Most of the 'real' network confi

      -
      { lib, config, ...}:
+
      { lib, config, ... }:
 {
   networking = {
     nftables.enable = lib.mkDefault true;
@@ -6108,208 +5926,208 @@ Here I only enable networkmanager. Most of the 'real' network confi
     };
 
     networkmanager = {
-    enable = true;
-    ensureProfiles = {
-      environmentFiles = [
-        "${config.sops.templates."network-manager.env".path}"
-      ];
-      profiles = {
-        "Ernest Routerford" = {
-          connection = {
-            id = "Ernest Routerford";
-            permissions = "";
-            type = "wifi";
+      enable = true;
+      ensureProfiles = {
+        environmentFiles = [
+          "${config.sops.templates."network-manager.env".path}"
+        ];
+        profiles = {
+          "Ernest Routerford" = {
+            connection = {
+              id = "Ernest Routerford";
+              permissions = "";
+              type = "wifi";
+            };
+            ipv4 = {
+              dns-search = "";
+              method = "auto";
+            };
+            ipv6 = {
+              addr-gen-mode = "stable-privacy";
+              dns-search = "";
+              method = "auto";
+            };
+            wifi = {
+              mac-address-blacklist = "";
+              mode = "infrastructure";
+              ssid = "Ernest Routerford";
+            };
+            wifi-security = {
+              auth-alg = "open";
+              key-mgmt = "wpa-psk";
+              psk = "$ERNEST";
+            };
           };
-          ipv4 = {
-            dns-search = "";
-            method = "auto";
-          };
-          ipv6 = {
-            addr-gen-mode = "stable-privacy";
-            dns-search = "";
-            method = "auto";
-          };
-          wifi = {
-            mac-address-blacklist = "";
-            mode = "infrastructure";
-            ssid = "Ernest Routerford";
-          };
-          wifi-security = {
-            auth-alg = "open";
-            key-mgmt = "wpa-psk";
-            psk = "$ERNEST";
-          };
-        };
 
-        LAN-Party = {
-          connection = {
-            autoconnect = "false";
-            id = "LAN-Party";
-            type = "ethernet";
+          LAN-Party = {
+            connection = {
+              autoconnect = "false";
+              id = "LAN-Party";
+              type = "ethernet";
+            };
+            ethernet = {
+              auto-negotiate = "true";
+              cloned-mac-address = "preserve";
+              mac-address = "90:2E:16:D0:A1:87";
+            };
+            ipv4 = { method = "shared"; };
+            ipv6 = {
+              addr-gen-mode = "stable-privacy";
+              method = "auto";
+            };
+            proxy = { };
           };
-          ethernet = {
-            auto-negotiate = "true";
-            cloned-mac-address = "preserve";
-            mac-address = "90:2E:16:D0:A1:87";
-          };
-          ipv4 = { method = "shared"; };
-          ipv6 = {
-            addr-gen-mode = "stable-privacy";
-            method = "auto";
-          };
-          proxy = { };
-        };
 
-        eduroam = {
-          "802-1x" = {
-            eap = "ttls;";
-            identity = "$EDUID";
-            password = "$EDUPASS";
-            phase2-auth = "mschapv2";
+          eduroam = {
+            "802-1x" = {
+              eap = "ttls;";
+              identity = "$EDUID";
+              password = "$EDUPASS";
+              phase2-auth = "mschapv2";
+            };
+            connection = {
+              id = "eduroam";
+              type = "wifi";
+            };
+            ipv4 = { method = "auto"; };
+            ipv6 = {
+              addr-gen-mode = "default";
+              method = "auto";
+            };
+            proxy = { };
+            wifi = {
+              mode = "infrastructure";
+              ssid = "eduroam";
+            };
+            wifi-security = {
+              auth-alg = "open";
+              key-mgmt = "wpa-eap";
+            };
           };
-          connection = {
-            id = "eduroam";
-            type = "wifi";
-          };
-          ipv4 = { method = "auto"; };
-          ipv6 = {
-            addr-gen-mode = "default";
-            method = "auto";
-          };
-          proxy = { };
-          wifi = {
-            mode = "infrastructure";
-            ssid = "eduroam";
-          };
-          wifi-security = {
-            auth-alg = "open";
-            key-mgmt = "wpa-eap";
-          };
-        };
 
-        local = {
-          connection = {
-            autoconnect = "false";
-            id = "local";
-            type = "ethernet";
+          local = {
+            connection = {
+              autoconnect = "false";
+              id = "local";
+              type = "ethernet";
+            };
+            ethernet = { };
+            ipv4 = {
+              address1 = "10.42.1.1/24";
+              method = "shared";
+            };
+            ipv6 = {
+              addr-gen-mode = "stable-privacy";
+              method = "auto";
+            };
+            proxy = { };
           };
-          ethernet = { };
-          ipv4 = {
-            address1 = "10.42.1.1/24";
-            method = "shared";
-          };
-          ipv6 = {
-            addr-gen-mode = "stable-privacy";
-            method = "auto";
-          };
-          proxy = { };
-        };
 
-        HH40V_39F5 = {
-          connection = {
-            id = "HH40V_39F5";
-            type = "wifi";
+          HH40V_39F5 = {
+            connection = {
+              id = "HH40V_39F5";
+              type = "wifi";
+            };
+            ipv4 = { method = "auto"; };
+            ipv6 = {
+              addr-gen-mode = "stable-privacy";
+              method = "auto";
+            };
+            proxy = { };
+            wifi = {
+              band = "bg";
+              mode = "infrastructure";
+              ssid = "HH40V_39F5";
+            };
+            wifi-security = {
+              key-mgmt = "wpa-psk";
+              psk = "$FRAUNS";
+            };
           };
-          ipv4 = { method = "auto"; };
-          ipv6 = {
-            addr-gen-mode = "stable-privacy";
-            method = "auto";
-          };
-          proxy = { };
-          wifi = {
-            band = "bg";
-            mode = "infrastructure";
-            ssid = "HH40V_39F5";
-          };
-          wifi-security = {
-            key-mgmt = "wpa-psk";
-            psk = "$FRAUNS";
-          };
-        };
 
-        magicant = {
-          connection = {
-            id = "magicant";
-            type = "wifi";
+          magicant = {
+            connection = {
+              id = "magicant";
+              type = "wifi";
+            };
+            ipv4 = { method = "auto"; };
+            ipv6 = {
+              addr-gen-mode = "default";
+              method = "auto";
+            };
+            proxy = { };
+            wifi = {
+              mode = "infrastructure";
+              ssid = "magicant";
+            };
+            wifi-security = {
+              auth-alg = "open";
+              key-mgmt = "wpa-psk";
+              psk = "$HANDYHOTSPOT";
+            };
           };
-          ipv4 = { method = "auto"; };
-          ipv6 = {
-            addr-gen-mode = "default";
-            method = "auto";
-          };
-          proxy = { };
-          wifi = {
-            mode = "infrastructure";
-            ssid = "magicant";
-          };
-          wifi-security = {
-            auth-alg = "open";
-            key-mgmt = "wpa-psk";
-            psk = "$HANDYHOTSPOT";
-          };
-        };
 
-        "sweden-aes-128-cbc-udp-dns" = {
-          connection = {
-            autoconnect = "false";
-            id = "PIA Sweden";
-            type = "vpn";
+          "sweden-aes-128-cbc-udp-dns" = {
+            connection = {
+              autoconnect = "false";
+              id = "PIA Sweden";
+              type = "vpn";
+            };
+            ipv4 = { method = "auto"; };
+            ipv6 = {
+              addr-gen-mode = "stable-privacy";
+              method = "auto";
+            };
+            proxy = { };
+            vpn = {
+              auth = "sha1";
+              ca =
+                "${config.users.users.swarsel.home}/.dotfiles/secrets/certs/sweden-aes-128-cbc-udp-dns-ca.pem";
+              challenge-response-flags = "2";
+              cipher = "aes-128-cbc";
+              compress = "yes";
+              connection-type = "password";
+              crl-verify-file = "${config.users.users.swarsel.home}/.dotfiles/secrets/certs/sweden-aes-128-cbc-udp-dns-crl-verify.pem";
+              dev = "tun";
+              password-flags = "0";
+              remote = "sweden.privacy.network:1198";
+              remote-cert-tls = "server";
+              reneg-seconds = "0";
+              service-type = "org.freedesktop.NetworkManager.openvpn";
+              username = "$VPNUSER";
+            };
+            vpn-secrets = { password = "$VPNPASS"; };
           };
-          ipv4 = { method = "auto"; };
-          ipv6 = {
-            addr-gen-mode = "stable-privacy";
-            method = "auto";
-          };
-          proxy = { };
-          vpn = {
-            auth = "sha1";
-            ca =
-              "${config.users.users.swarsel.home}/.dotfiles/secrets/certs/sweden-aes-128-cbc-udp-dns-ca.pem";
-            challenge-response-flags = "2";
-            cipher = "aes-128-cbc";
-            compress = "yes";
-            connection-type = "password";
-            crl-verify-file = "${config.users.users.swarsel.home}/.dotfiles/secrets/certs/sweden-aes-128-cbc-udp-dns-crl-verify.pem";
-            dev = "tun";
-            password-flags = "0";
-            remote = "sweden.privacy.network:1198";
-            remote-cert-tls = "server";
-            reneg-seconds = "0";
-            service-type = "org.freedesktop.NetworkManager.openvpn";
-            username = "$VPNUSER";
-          };
-          vpn-secrets = { password = "$VPNPASS"; };
-        };
 
-        Hotspot = {
-          connection = {
-            autoconnect = "false";
-            id = "Hotspot";
-            type = "wifi";
+          Hotspot = {
+            connection = {
+              autoconnect = "false";
+              id = "Hotspot";
+              type = "wifi";
+            };
+            ipv4 = { method = "shared"; };
+            ipv6 = {
+              addr-gen-mode = "default";
+              method = "ignore";
+            };
+            proxy = { };
+            wifi = {
+              mode = "ap";
+              ssid = "Hotspot-fourside";
+            };
+            wifi-security = {
+              group = "ccmp;";
+              key-mgmt = "wpa-psk";
+              pairwise = "ccmp;";
+              proto = "rsn;";
+              psk = "$HOTSPOT";
+            };
           };
-          ipv4 = { method = "shared"; };
-          ipv6 = {
-            addr-gen-mode = "default";
-            method = "ignore";
-          };
-          proxy = { };
-          wifi = {
-            mode = "ap";
-            ssid = "Hotspot-fourside";
-          };
-          wifi-security = {
-            group = "ccmp;";
-            key-mgmt = "wpa-psk";
-            pairwise = "ccmp;";
-            proto = "rsn;";
-            psk = "$HOTSPOT";
-          };
-        };
 
+        };
       };
     };
   };
-  };
 
   systemd.services.NetworkManager-ensure-profiles.after = [ "NetworkManager.service" ];
 }
@@ -6324,7 +6142,7 @@ Setup timezone and locale. I want to use the US layout, but have the rest adapte
 
      
 
 
      
-
      _ :
+
      _:
 {
   time = {
     timeZone = "Europe/Vienna";
@@ -6374,7 +6192,7 @@ in
 {
   sops = {
 
-    age.sshKeyPaths = [ "${config.users.users.swarsel.home}/.ssh/sops" ];
+    age.sshKeyPaths = mkIfElse config.swarselsystems.isBtrfs [ "/persist/.ssh/sops" ] [ "${config.users.users.swarsel.home}/.ssh/sops" ];
     defaultSopsFile = mkIfElse config.swarselsystems.isBtrfs "/persist/.dotfiles/secrets/general/secrets.yaml" "${config.users.users.swarsel.home}/.dotfiles/secrets/general/secrets.yaml";
 
     validateSopsFiles = false;
@@ -6408,8 +6226,8 @@ in
      7. -
    7. Theme (stylix)
      -
      +
    8. Theme (stylix)
      +

      By default, stylix wants to style GRUB as well. However, I think that looks horrible. theme is defined in Theme (stylix). @@ -6454,7 +6272,7 @@ By default, stylix wants to style }; monospace = { - package = pkgs.nerdfonts.override { fonts = [ "FiraCode" ]; }; + package = pkgs.nerdfonts; # has overrides name = "FiraCode Nerd Font Mono"; }; @@ -6468,7 +6286,7 @@ By default, stylix wants to style image = config.swarselsystems.wallpaper; }; home-manager.users.swarsel = { - stylix= { + stylix = { targets = { emacs.enable = false; waybar.enable = false; @@ -6498,6 +6316,7 @@ Mostly used to install some compilers and lsp's that I want to have available wh yubioath-flutter yubikey-manager yubikey-manager-qt + yubikey-touch-detector yubico-piv-tool cfssl pcsctools @@ -6507,6 +6326,8 @@ Mostly used to install some compilers and lsp's that I want to have available wh ledger-live-desktop # pinentry + dbus + swaylock-effects # secure boot sbctl @@ -6523,6 +6344,7 @@ Mostly used to install some compilers and lsp's that I want to have available wh # kde-connect xdg-desktop-portal + xdg-desktop-portal-wlr # bluetooth bluez @@ -6548,6 +6370,8 @@ Mostly used to install some compilers and lsp's that I want to have available wh clang-tools # + cuda cudatoolkit + # ansible + ansible-language-server #lsp-bridge / python gcc gdb @@ -6569,10 +6393,10 @@ Mostly used to install some compilers and lsp's that I want to have available wh ]; unpackPhase = '' - mkdir -p $out/bin - tar xvf $src -C $out/ - mv $out/oama-0.13.1-Linux-x86_64-static/oama $out/bin/ - ''; + mkdir -p $out/bin + tar xvf $src -C $out/ + mv $out/oama-0.13.1-Linux-x86_64-static/oama $out/bin/ + ''; }) @@ -6589,7 +6413,7 @@ Some programs profit from being installed through dedicated NixOS settings on sy

      -
      _ :
+
      _:
 {
   programs = {
     dconf.enable = true;
@@ -6601,8 +6425,8 @@ Some programs profit from being installed through dedicated NixOS settings on sy
        -
      1. zsh
        -
        +
      2. zsh
        +

        Do not touch this.

        @@ -6619,11 +6443,11 @@ Do not touch this.
    -
  • syncthing
    -
    +
  • syncthing
    +
    -_ :
+_:
 {
   services.syncthing = {
     enable = true;
@@ -6646,22 +6470,22 @@ _ :
       folders = {
         "Default Folder" = {
           path = "/home/swarsel/Sync";
-          devices = [ "sync (@oracle)" ];
+          devices = [ "sync (@oracle) magicant" ];
           id = "default";
         };
         "Obsidian" = {
           path = "/home/swarsel/Nextcloud/Obsidian";
-          devices = [ "sync (@oracle)" ];
+          devices = [ "sync (@oracle) magicant" ];
           id = "yjvni-9eaa7";
         };
         "Org" = {
           path = "/home/swarsel/Nextcloud/Org";
-          devices = [ "sync (@oracle)" ];
+          devices = [ "sync (@oracle) magicant" ];
           id = "a7xnl-zjj3d";
         };
         "Vpn" = {
           path = "/home/swarsel/Vpn";
-          devices = [ "sync (@oracle)" ];
+          devices = [ "sync (@oracle) magicant" ];
           id = "hgp9s-fyq3p";
         };
       };
@@ -6688,7 +6512,7 @@ Enables the blueman service including the nice system tray icon.
 
    
 
 
    
-
    _ :
+
    _:
 {
   services.blueman.enable = true;
 }
@@ -6696,8 +6520,23 @@ Enables the blueman service including the nice system tray icon.
    • -
  • Network devices
    -
    +
  • safeeyes
    +
    +

    +A friend of mine used this service and I used to make fun of him. But I have to admit this is actually a nice program. It forces you to look away from the screen from time to time, reducing eye strain. +

    + +
    +
    _:
+{
+  services.safeeyes.enable = true;
+}
+
    +
    +
    +
    • +
  • Network devices
    +

    In this section we enable compatibility with several network devices I have at home, mainly printers and scanners.

    @@ -6710,7 +6549,7 @@ This allows me to use my big scanner/printer's scanning function over the networ

    -
    {pkgs, ...}:
+
    { pkgs, ... }:
 {
   # enable scanners over network
   hardware.sane = {
@@ -6729,7 +6568,8 @@ This allows me to use my big scanner/printer's printing function over the networ
 
    
 
 
    
-
    # enable discovery and usage of network devices (esp. printers)
+
    +# enable discovery and usage of network devices (esp. printers)
 services.printing = {
   enable = true;
   drivers = [
@@ -6744,12 +6584,13 @@ services.printing = {
     BrowseProtocols all
   '';
 };
+
    • -
  • Avahi (device discovery)
    -
    +
  • Avahi (device discovery)
    +

    Avahi is the service used for the network discovery.

    @@ -6775,7 +6616,7 @@ This is being set to allow myself to use all functions of nautilus in NixOS

    -
    _ :
+
    _:
 {
   services.gvfs.enable = true;
 }
@@ -6790,8 +6631,7 @@ This is a super-convenient package that lets my remap my CAPS key t
 
    
 
 
    
-
    -{ pkgs, ... }:
+
    { pkgs, ... }:
 {
   # Make CAPS work as a dual function ESC/CTRL key
   services.interception-tools = {
@@ -6809,7 +6649,7 @@ This is a super-convenient package that lets my remap my CAPS key t
               HOLD: KEY_LEFTCTRL
         '';
       in
-        ''
+      ''
         - JOB: |
             ${pkgs.interception-tools}/bin/intercept -g $DEVNODE \
               | ${pkgs.interception-tools-plugins.dual-function-keys}/bin/dual-function-keys -c ${dualFunctionKeysConfig} \
@@ -6824,10 +6664,24 @@ This is a super-convenient package that lets my remap my CAPS key t
    • -
  • power-profiles-daemon
    -
    +
  • power-profiles-daemon
    +
    +

    +This enables power profile management. The available modes are: +

    + +
      +
    • power-saver
      • +
    • balanced
      • +
    • performance
      • +
    + +

    +Most of the time I am using power-saver, however, it is good to be able to choose. +

    +
    -
    _ :
+
    _:
 {
   services.power-profiles-daemon.enable = true;
 }
@@ -6852,7 +6706,6 @@ The exception is the system packages, since that cannot be defined twice in the
 
    
 
 
    
-The rest of the gpg-agent related settings are here: gpg-agent
 Also, this is a good place to setup the udev rules.
 
    
 
@@ -6909,8 +6762,20 @@ This section houses the greetd related settings. I do not really want to use a d
    • -
  • nix-ld
    -
    +
  • nix-ld
    +
    +

    +This provides libraries for binaries that are not patched for use on NixOS. This really makes the biggest gripe with NixOS go away, that being having to run a binary that is only found in a single spot. It is most of the times possible to patch such a file, but this makes such a situation take much less time to resolve. +

    + +

    +Only some binaries that touch system settings might still not work, apart from that, the list of libraries I have curated here should be quite exhaustive. +

    + +

    +When a program does not work, start with nix-ldd <program>. This will tell you which library is missing. Afterwards, continue with nix-locate <program> to find which packages provide that library. Add it to libraries below and rebuild. After a reboot, it will be visible using nix-ldd. It can also be useful to take a look at ldd to see which libraries are needed in general. +

    + 
    { pkgs, ... }:
 {
@@ -7025,8 +6890,16 @@ This section houses the greetd related settings. I do not really want to use a d
    • -
  • Impermanence
    -
    +
  • Impermanence
    +
    +

    +This is where the impermanence magic happens. When this is enabled, the root directory is rolled back to a blanket state on each reboot. +

    + +

    +Normally, doing that also resets the lecture that happens on the first use of sudo, so we disable that at this point. Also, here we can set files to be persisted. Do note that you should still pay attention to files that need sudo access, as these need to be copied manually. +

    + 
    { config, lib, ... }:
 {
@@ -7036,18 +6909,18 @@ This section houses the greetd related settings. I do not really want to use a d
     Defaults lecture = never
   '';
 
-   # This script does the actual wipe of the system
+  # This script does the actual wipe of the system
   # So if it doesn't run, the btrfs system effectively acts like a normal system
   # Taken from https://github.com/NotAShelf/nyx/blob/2a8273ed3f11a4b4ca027a68405d9eb35eba567b/modules/core/common/system/impermanence/default.nix
 
   boot.initrd.systemd.services.rollback = lib.mkIf config.swarselsystems.impermanence {
     description = "Rollback BTRFS root subvolume to a pristine state";
-    wantedBy = ["initrd.target"];
+    wantedBy = [ "initrd.target" ];
     # make sure it's done after encryption
     # i.e. LUKS/TPM process
-    after = ["systemd-cryptsetup@enc.service"];
+    after = [ "systemd-cryptsetup@enc.service" ];
     # mount the root fs before clearing
-    before = ["sysroot.mount"];
+    before = [ "sysroot.mount" ];
     unitConfig.DefaultDependencies = "no";
     serviceConfig.Type = "oneshot";
     script = ''
@@ -7106,14 +6979,117 @@ This section houses the greetd related settings. I do not really want to use a d
     files = [
       # ssh stuff
       /*
-      "/etc/ssh/ssh_host_ed25519_key"
-      "/etc/ssh/ssh_host_ed25519_key.pub"
-      "/etc/ssh/ssh_host_rsa_key"
-      "/etc/ssh/ssh_host_rsa_key.pub"
-      */
+        "/etc/ssh/ssh_host_ed25519_key"
+        "/etc/ssh/ssh_host_ed25519_key.pub"
+        "/etc/ssh/ssh_host_rsa_key"
+        "/etc/ssh/ssh_host_rsa_key.pub"
+        */
     ];
   };
 
+}
+
    +
    +
    +
    • +
  • Summary of nixos-rebuild diff
    +
    +

    +This snipped is added to the activation script that is run after every rebuild and shows what packages have been added and removed. This is actually not the optimal place to add that snipped, but the correct spot is in some perl file that I have not had the leisure to take a look at yet. +

    + +
    +
    { pkgs, ... }:
+{
+  system.activationScripts.diff = {
+    supportsDryActivation = true;
+    text = ''
+      ${pkgs.nvd}/bin/nvd --nix-bin-dir=${pkgs.nix}/bin diff \
+           /run/current-system "$systemConfig"
+    '';
+  };
+}
+
    +
    +
    +
    • +
  • gnome-keyring
    +
    +

    +Used for storing sessions in e.g. Nextcloud. Using this on a system level keeps the login information when logging out of the session as well. +

    + +
    +
    _:
+{
+  services.gnome.gnome-keyring = {
+    enable = true;
+  };
+
+  programs.seahorse.enable = true;
+}
+
    +
    +
    +
    • +
  • Sway
    +
    +

    +This is used to better integrate Sway into the system on NixOS hosts. On the home-manager side, the package attribute will be null for such an host, using the systems derivation instead. +

    + +
    +
    { pkgs, ... }:
+{
+
+  programs.sway = {
+    enable = true;
+    package = pkgs.swayfx;
+    wrapperFeatures = {
+      base = true;
+      gtk = true;
+    };
+
+    extraSessionCommands = ''
+      export XDG_SESSION_DESKTOP=sway
+      export SDL_VIDEODRIVER=wayland
+      export QT_QPA_PLATFORM=wayland-egl
+      export QT_WAYLAND_DISABLE_WINDOWDECORATION=1
+      export MOZ_ENABLE_WAYLAND=1
+      export MOZ_DISABLE_RDD_SANDBOX=1
+    '';
+  };
+
+}
+
    +
    +
    +
    • +
  • xdg-portal
    +
    +

    +This allows me to use screen sharing on Wayland. The implementation is a bit crude and only the whole screen can be shared. However, most of the time that is all I need to do anyways. +

    + +
    +
    { pkgs, ... }:
+{
+
+  xdg.portal = {
+    enable = true;
+    config = {
+      common = {
+        default = "wlr";
+      };
+    };
+    wlr.enable = true;
+    wlr.settings.screencast = {
+      output_name = "eDP-1";
+      chooser_type = "simple";
+      chooser_cmd = "${pkgs.slurp}/bin/slurp -f %o -or";
+    };
+  };
+
 }
    @@ -7121,13 +7097,28 @@ This section houses the greetd related settings. I do not really want to use a d
    • -
    -

    3.3.2. Optional

    -
    +
    +

    3.3.2. Optional

    +
    +

    +These sets of configuration do not need to be deployed on every host, for a multitude of reasons. +

    + +
      +
    • The gaming set is not needed on weak machines, and also not on my work machine.
      • +
    • The VirtualBox package takes forever to build, and I do not need virtual machines on every host.
      • +
    • There are some hosts that I do not want to autologin to.
      • +
    • nswitch-rcm is a tool I wrote for easy payload flashing of a Nintendo Switch in RCM mode. However, that is not needed on every machine.
      • +
    • The work profile is only used on my work laptop.
      • +
      -
    1. gaming
      -
      +
    2. gaming
      +
      +

      +This opens a few gaming ports and installs the steam configuration suite for gaming. There are more options in Gaming (home-manager side). +

      + 
      { pkgs, ... }:
 {
@@ -7159,30 +7150,38 @@ This section houses the greetd related settings. I do not really want to use a d
      3. -
    3. VirtualBox
      -
      +
    4. VirtualBox
      +
      +

      +This sets the VirtualBox configuration. Guest should not be enabled if not direly needed, it will make rebuilds unbearably slow. +

      +
      -
        _ :
-  {
-      virtualisation.virtualbox = {
-        host = {
-          enable = true;
-          enableExtensionPack = true;
-        };
-        # leaving this here for future notice. setting guest.enable = true will make 'restarting sysinit-reactivation.target' take till timeout on nixos-rebuild switch
-        guest = {
-          enable = false;
-        };
-      };
+
      _:
+{
+  virtualisation.virtualbox = {
+    host = {
+      enable = true;
+      enableExtensionPack = true;
+    };
+    # leaving this here for future notice. setting guest.enable = true will make 'restarting sysinit-reactivation.target' take till timeout on nixos-rebuild switch
+    guest = {
+      enable = false;
+    };
+  };
 }
      5. -
    5. Auto-login
      -
      +
    6. Auto-login
      +
      +

      +Auto login for the initial session. +

      +
      -
      _ :
+
      _:
 {
   services = {
     getty.autologinUser = "swarsel";
@@ -7193,8 +7192,12 @@ This section houses the greetd related settings. I do not really want to use a d
      7. -
    7. nswitch-rcm
      -
      +
    8. nswitch-rcm
      +
      +

      +This smashes Atmosphere 1.3.2 on the switch, which is what I am currenty using. +

      + 
      { pkgs, ... }:
 {
@@ -7210,16 +7213,26 @@ This section houses the greetd related settings. I do not really want to use a d
      9. -
    9. work
      -
      +
    10. work
      +
      +

      +Integrates 1password mostly. There are more options at Work (home-manager side). +

      + 
      { pkgs, ... }:
 {
+  # boot.initrd.luks.yubikeySupport = true;
   programs._1password.enable = true;
-  programs._1password-gui.enable = true;
+  programs._1password-gui = {
+    enable = true;
+    polkitPolicyOwners = [ "swarsel" ];
+  };
+
   environment.systemPackages = with pkgs; [
   ];
 
+
 }
      @@ -7228,19 +7241,22 @@ This section houses the greetd related settings. I do not really want to use a d
    -
    -

    3.4. Home-manager

    -
    +
    +

    3.4. Home-manager

    +
    +

    +The general structure is the same as in the NixOS section. +

    3.4.1. Common

      -
    1. Imports
      -
      +
    2. Imports
      +

      -This section sets up all the imports that are used in the home-manager section. +This section sets up all the imports that are used in the home-manager section. Again, we adapt nix to our needs, enable the home-manager command for non-NixOS machines (NixOS machines are using it as a module) and setting user information that I always keep the same.

      @@ -7248,6 +7264,7 @@ This section sets up all the imports that are used in the home-manager section. { imports = [ ./packages.nix + ./custom-packages.nix ./sops.nix ./ssh.nix ./stylix.nix @@ -7321,6 +7338,10 @@ Programming languages and default lsp's are defined here:
    3. Packaged
      +

      +This holds packages that I can use as provided, or with small modifications (as in the texlive package that needs special configuration). +

      + 
      { pkgs, ... }:
 
@@ -7330,7 +7351,7 @@ Programming languages and default lsp's are defined here:
    4. Self-defined
      -
      -
      -  pass-fuzzel
-  cura5
-  cdw
-  cdb
-  bak
-  timer
-  e
-  swarselcheck
-  waybarupdate
-  opacitytoggle
-  fs-diff
+
      
+This is just a separate container for derivations defined in Packages. This is a good idea so that I do not lose track of package names I have defined myself, as this was once a problem in the past already.
+
      
 
-  (pkgs.writeScriptBin "project" ''
-    #! ${pkgs.bash}/bin/bash
-    if [ "$1" == "rust" ]; then
-    cp ~/.dotfiles/templates/rust_flake.nix ./flake.nix
-    cp ~/.dotfiles/templates/toolchain.toml .
-    elif [ "$1" == "cpp" ]; then
-    cp ~/.dotfiles/templates/cpp_flake.nix ./flake.nix
-    elif [ "$1" == "python" ]; then
-    cp ~/.dotfiles/templates/py_flake.nix ./flake.nix
-    elif [ "$1" == "cuda" ]; then
-    cp ~/.dotfiles/templates/cu_flake.nix ./flake.nix
-    elif [ "$1" == "other" ]; then
-    cp ~/.dotfiles/templates/other_flake.nix ./flake.nix
-    elif [ "$1" == "latex" ]; then
-      if [ "$2" == "" ]; then
-      echo "No filename specified, usage: 'project latex <NAME>'"
+
      
+
      { pkgs, ... }:
+
+{
+  home.packages = with pkgs; [
+    pass-fuzzel
+    cura5
+    cdw
+    cdb
+    bak
+    timer
+    e
+    swarselcheck
+    waybarupdate
+    opacitytoggle
+    fs-diff
+    update-checker
+
+    (pkgs.writeScriptBin "project" ''
+      #! ${pkgs.bash}/bin/bash
+      if [ "$1" == "rust" ]; then
+      cp ~/.dotfiles/templates/rust_flake.nix ./flake.nix
+      cp ~/.dotfiles/templates/toolchain.toml .
+      elif [ "$1" == "cpp" ]; then
+      cp ~/.dotfiles/templates/cpp_flake.nix ./flake.nix
+      elif [ "$1" == "python" ]; then
+      cp ~/.dotfiles/templates/py_flake.nix ./flake.nix
+      elif [ "$1" == "cuda" ]; then
+      cp ~/.dotfiles/templates/cu_flake.nix ./flake.nix
+      elif [ "$1" == "other" ]; then
+      cp ~/.dotfiles/templates/other_flake.nix ./flake.nix
+      elif [ "$1" == "latex" ]; then
+        if [ "$2" == "" ]; then
+        echo "No filename specified, usage: 'project latex <NAME>'"
+        exit 0
+        fi
+      cp ~/.dotfiles/templates/tex_standard.tex ./"$2".tex
+      exit 0
+      else
+      echo "No valid argument given. Valid arguments are rust cpp python, cuda"
       exit 0
       fi
-    cp ~/.dotfiles/templates/tex_standard.tex ./"$2".tex
-    exit 0
-    else
-    echo "No valid argument given. Valid arguments are rust cpp python, cuda"
-    exit 0
-    fi
-    echo "use flake" >> .envrc
-    direnv allow
-  '')
+      echo "use flake" >> .envrc
+      direnv allow
+    '')
 
 
 
 
 
 
-];
- }
+  ];
+}
      @@ -7553,27 +7584,27 @@ Since we are using the home-manager implementation here, we need to specify the
      -
        { config, lib, ... }:
+
      { config, lib, ... }:
 let
   mkIfElse = p: yes: no: lib.mkMerge [
     (lib.mkIf p yes)
     (lib.mkIf (!p) no)
   ];
 in
-  {
-    sops = {
-      age.sshKeyPaths = [ "${config.home.homeDirectory}/.ssh/sops" ];
-      defaultSopsFile = mkIfElse config.swarselsystems.isBtrfs "/persist/.dotfiles/secrets/general/secrets.yaml" "${config.home.homeDirectory}/.dotfiles/secrets/general/secrets.yaml";
+{
+  sops = {
+    age.sshKeyPaths = [ "${config.home.homeDirectory}/.ssh/sops" ];
+    defaultSopsFile = mkIfElse config.swarselsystems.isBtrfs "/persist/.dotfiles/secrets/general/secrets.yaml" "${config.home.homeDirectory}/.dotfiles/secrets/general/secrets.yaml";
 
-      validateSopsFiles = false;
-      secrets = {
-        mrswarsel = { path = "/run/user/1000/secrets/mrswarsel"; };
-        nautilus = { path = "/run/user/1000/secrets/nautilus"; };
-        leon = { path = "/run/user/1000/secrets/leon"; };
-        swarselmail = { path = "/run/user/1000/secrets/swarselmail"; };
-        caldav = { path = "${config.home.homeDirectory}/.emacs.d/.caldav"; };
-      };
+    validateSopsFiles = false;
+    secrets = {
+      mrswarsel = { path = "/run/user/1000/secrets/mrswarsel"; };
+      nautilus = { path = "/run/user/1000/secrets/nautilus"; };
+      leon = { path = "/run/user/1000/secrets/leon"; };
+      swarselmail = { path = "/run/user/1000/secrets/swarselmail"; };
+      caldav = { path = "${config.home.homeDirectory}/.emacs.d/.caldav"; };
     };
+  };
 }
      @@ -7586,102 +7617,102 @@ It is very convenient to have SSH aliases in place for machines that I use. This

      -
        _ :
-  {
-    programs.ssh = {
-      enable = true;
-      forwardAgent = true;
-      extraConfig = ''
-        SetEnv TERM=xterm-256color
-      '';
-      matchBlocks = {
-        "nginx" = {
-          hostname = "192.168.1.14";
-          user = "root";
-        };
-        "jellyfin" = {
-          hostname = "192.168.1.16";
-          user = "root";
-        };
-        "pfsense" = {
-          hostname = "192.168.1.1";
-          user = "root";
-        };
-        "proxmox" = {
-          hostname = "192.168.1.2";
-          user = "root";
-        };
-        "transmission" = {
-          hostname = "192.168.1.6";
-          user = "root";
-        };
-        "fetcher" = {
-          hostname = "192.168.1.7";
-          user = "root";
-        };
-        "omv" = {
-          hostname = "192.168.1.3";
-          user = "root";
-        };
-        "webbot" = {
-          hostname = "192.168.1.11";
-          user = "root";
-        };
-        "nextcloud" = {
-          hostname = "192.168.1.5";
-          user = "root";
-        };
-        "sound" = {
-          hostname = "192.168.1.13";
-          user = "root";
-        };
-        "spotify" = {
-          hostname = "192.168.1.17";
-          user = "root";
-        };
-        "wordpress" = {
-          hostname = "192.168.1.9";
-          user = "root";
-        };
-        "turn" = {
-          hostname = "192.168.1.18";
-          user = "root";
-        };
-        "hugo" = {
-          hostname = "192.168.1.19";
-          user = "root";
-        };
-        "matrix" = {
-          hostname = "192.168.1.23";
-          user = "root";
-        };
-        "scroll" = {
-          hostname = "192.168.1.22";
-          user = "root";
-        };
-        "minecraft" = {
-          hostname = "130.61.119.129";
-          user = "opc";
-        };
-        "sync" = {
-          hostname = "193.122.53.173";
-          user = "root"; #this is a oracle vm server but needs root due to nixos-infect
-        };
-        "songdiver" = {
-          hostname = "89.168.100.65";
-          user = "ubuntu";
-        };
-        "pkv" = {
-          hostname = "46.232.248.161";
-          user = "root";
-        };
-        "efficient" = {
-          hostname = "g0.complang.tuwien.ac.at";
-          forwardAgent = true;
-          user = "ep01427399";
-        };
+
      _:
+{
+  programs.ssh = {
+    enable = true;
+    forwardAgent = true;
+    extraConfig = ''
+      SetEnv TERM=xterm-256color
+    '';
+    matchBlocks = {
+      "nginx" = {
+        hostname = "192.168.1.14";
+        user = "root";
+      };
+      "jellyfin" = {
+        hostname = "192.168.1.16";
+        user = "root";
+      };
+      "pfsense" = {
+        hostname = "192.168.1.1";
+        user = "root";
+      };
+      "proxmox" = {
+        hostname = "192.168.1.2";
+        user = "root";
+      };
+      "transmission" = {
+        hostname = "192.168.1.6";
+        user = "root";
+      };
+      "fetcher" = {
+        hostname = "192.168.1.7";
+        user = "root";
+      };
+      "omv" = {
+        hostname = "192.168.1.3";
+        user = "root";
+      };
+      "webbot" = {
+        hostname = "192.168.1.11";
+        user = "root";
+      };
+      "nextcloud" = {
+        hostname = "192.168.1.5";
+        user = "root";
+      };
+      "sound" = {
+        hostname = "192.168.1.13";
+        user = "root";
+      };
+      "spotify" = {
+        hostname = "192.168.1.17";
+        user = "root";
+      };
+      "wordpress" = {
+        hostname = "192.168.1.9";
+        user = "root";
+      };
+      "turn" = {
+        hostname = "192.168.1.18";
+        user = "root";
+      };
+      "hugo" = {
+        hostname = "192.168.1.19";
+        user = "root";
+      };
+      "matrix" = {
+        hostname = "192.168.1.23";
+        user = "root";
+      };
+      "scroll" = {
+        hostname = "192.168.1.22";
+        user = "root";
+      };
+      "minecraft" = {
+        hostname = "130.61.119.129";
+        user = "opc";
+      };
+      "sync" = {
+        hostname = "193.122.53.173";
+        user = "root"; #this is a oracle vm server but needs root due to nixos-infect
+      };
+      "songdiver" = {
+        hostname = "89.168.100.65";
+        user = "ubuntu";
+      };
+      "pkv" = {
+        hostname = "46.232.248.161";
+        user = "root";
+      };
+      "efficient" = {
+        hostname = "g0.complang.tuwien.ac.at";
+        forwardAgent = true;
+        user = "ep01427399";
       };
     };
+  };
 }
      @@ -7704,58 +7735,58 @@ This section has been notably empty ever since switching to stylix. Only Emacs i 
      { lib, config, pkgs, ... }:
 {
- stylix = lib.mkIf (!config.swarselsystems.isNixos) {
+  stylix = lib.mkIf (!config.swarselsystems.isNixos) {
 
-   enable = true;
-   base16Scheme = ../../../wallpaper/swarsel.yaml;
-   # base16Scheme = "${pkgs.base16-schemes}/share/themes/shapeshifter.yaml";
-   polarity = "dark";
-   opacity.popups = 0.5;
-   cursor = {
-     package = pkgs.capitaine-cursors;
-     name = "capitaine-cursors";
-     size = 16;
-   };
-   fonts = {
-     sizes = {
-       terminal = 10;
-       applications = 11;
-     };
-     serif = {
-       # package = (pkgs.nerdfonts.override { fonts = [ "FiraMono" "FiraCode"]; });
-       package = pkgs.cantarell-fonts;
-       # package = pkgs.montserrat;
-       name = "Cantarell";
-       # name = "FiraCode Nerd Font Propo";
-       # name = "Montserrat";
-     };
+    enable = true;
+    base16Scheme = ../../../wallpaper/swarsel.yaml;
+    # base16Scheme = "${pkgs.base16-schemes}/share/themes/shapeshifter.yaml";
+    polarity = "dark";
+    opacity.popups = 0.5;
+    cursor = {
+      package = pkgs.capitaine-cursors;
+      name = "capitaine-cursors";
+      size = 16;
+    };
+    fonts = {
+      sizes = {
+        terminal = 10;
+        applications = 11;
+      };
+      serif = {
+        # package = (pkgs.nerdfonts.override { fonts = [ "FiraMono" "FiraCode"]; });
+        package = pkgs.cantarell-fonts;
+        # package = pkgs.montserrat;
+        name = "Cantarell";
+        # name = "FiraCode Nerd Font Propo";
+        # name = "Montserrat";
+      };
 
-     sansSerif = {
-       # package = (pkgs.nerdfonts.override { fonts = [ "FiraMono" "FiraCode"]; });
-       package = pkgs.cantarell-fonts;
-       # package = pkgs.montserrat;
-       name = "Cantarell";
-       # name = "FiraCode Nerd Font Propo";
-       # name = "Montserrat";
-     };
+      sansSerif = {
+        # package = (pkgs.nerdfonts.override { fonts = [ "FiraMono" "FiraCode"]; });
+        package = pkgs.cantarell-fonts;
+        # package = pkgs.montserrat;
+        name = "Cantarell";
+        # name = "FiraCode Nerd Font Propo";
+        # name = "Montserrat";
+      };
 
-     monospace = {
-       package = pkgs.nerdfonts.override { fonts = [ "FiraCode" ]; };
-       name = "FiraCode Nerd Font Mono";
-     };
+      monospace = {
+        package = pkgs.nerdfonts; # has overrides
+        name = "FiraCode Nerd Font Mono";
+      };
 
-     emoji = {
-       package = pkgs.noto-fonts-emoji;
-       name = "Noto Color Emoji";
-     };
-   };
+      emoji = {
+        package = pkgs.noto-fonts-emoji;
+        name = "Noto Color Emoji";
+      };
+    };
 
-   image = config.swarselsystems.wallpaper;
- targets = {
-   emacs.enable = false;
-   waybar.enable = false;
- };
- };
+    image = config.swarselsystems.wallpaper;
+    targets = {
+      emacs.enable = false;
+      waybar.enable = false;
+    };
+  };
 }
      @@ -7772,8 +7803,7 @@ TODO: Non-NixOS machines (=sp3) should not use these by default, but instead the

      -
      -_ :
+
      _:
 {
   xdg.desktopEntries = {
 
@@ -7793,14 +7823,6 @@ _ :
       categories = [ "Application" ];
     };
 
-    # schlidichat = {
-    #   name = "SchildiChat Matrix Client";
-    #   genericName = "SchildiChat";
-    #   exec = "schildichat-desktop -enable-features=UseOzonePlatform -ozone-platform=wayland --disable-gpu-driver-bug-workarounds";
-    #   terminal = false;
-    #   categories = [ "Application"];
-    # };
-
     element = {
       name = "Element Matrix Client";
       genericName = "Element";
@@ -7835,28 +7857,27 @@ As for the `home.sessionVariables`, it should be noted that environment variable
 
      
 
 
      
-
      -_ :
+
      _:
 {
-home.file = {
-  "init.el" = {
-    source = ../../../programs/emacs/init.el;
-    target = ".emacs.d/init.el";
+  home.file = {
+    "init.el" = {
+      source = ../../../programs/emacs/init.el;
+      target = ".emacs.d/init.el";
+    };
+    "early-init.el" = {
+      source = ../../../programs/emacs/early-init.el;
+      target = ".emacs.d/early-init.el";
+    };
+    # on NixOS, Emacs does not find the aspell dicts easily. Write the configuration manually
+    ".aspell.conf" = {
+      source = ../../../programs/config/.aspell.conf;
+      target = ".aspell.conf";
+    };
+    ".gitmessage" = {
+      source = ../../../programs/git/.gitmessage;
+      target = ".gitmessage";
+    };
   };
-  "early-init.el" = {
-    source = ../../../programs/emacs/early-init.el;
-    target = ".emacs.d/early-init.el";
-  };
-  # on NixOS, Emacs does not find the aspell dicts easily. Write the configuration manually
-  ".aspell.conf" = {
-    source = ../../../programs/config/.aspell.conf;
-    target = ".aspell.conf";
-  };
-  ".gitmessage" = {
-    source = ../../../programs/git/.gitmessage;
-    target = ".gitmessage";
-  };
-};
 
 
      
 
      
@@ -7866,10 +7887,9 @@ Also, we link some files to the users XDG configuration home:
 
      
 
 
      
-
      -  xdg.configFile = {
+
        xdg.configFile = {
     "tridactyl/tridactylrc".source = ../../../programs/firefox/tridactyl/tridactylrc;
-    "tridactyl/themes/base16-codeschool.css".source = ../../../programs/firefox/tridactyl/themes/base16-codeschool.css;
+  "tridactyl/themes/base16-codeschool.css".source = ../../../programs/firefox/tridactyl/themes/base16-codeschool.css;
   };
 }
 
      
@@ -7878,8 +7898,12 @@ Also, we link some files to the users XDG configuration home:
    5. Sourcing environment variables
      +

      +Sets environment variables. Here I am only setting the EDITOR variable, most variables are set in the Sway section. +

      +
      -
      _ :
+
      _:
 {
   home.sessionVariables = {
     EDITOR = "e -w";
@@ -7889,21 +7913,14 @@ Also, we link some files to the users XDG configuration home:
      6. -
    6. Programs
      -
      -

      -This houses the configurations for all programs managed by home-manager. -

      -
      -
      1. General Programs: bottom, imv, sioyek, bat, carapace, wlogout, swayr, yt-dlp, mpv, jq, nix-index, ripgrep, pandoc, fzf
        -
        +

        This section is for programs that require no further configuration. zsh Integration is enabled by default for these.

        -
        _ :
+
        _:
 {
   programs = {
     bottom.enable = true;
@@ -7926,19 +7943,17 @@ This section is for programs that require no further configuration. zsh Integrat
        2. -
      -
      7. -
    7. nix-index
      -
      +
    8. nix-index
      +

      nix-index provides a way to find out which packages are provided by which derivations. By default it also comes with a replacement for command-not-found.sh, however, the implementation is based on a channel based setup. I like consistency, so I replace the command with one that provides a flakes-based output.

      -
      {pkgs, ...}:
+
      { pkgs, ... }:
 {
   programs.nix-index =
-  let
+    let
       commandNotFound = pkgs.runCommandLocal "command-not-found.sh" { } ''
         mkdir -p $out/etc/profile.d
         substitute ${../../../scripts/command-not-found.sh}                  \
@@ -7967,15 +7982,15 @@ Enables password store with the pass-otp extension which allows me
 
      
 
 
      
-
        { pkgs, ... }:
-  {
-    programs.password-store = {
-      enable = true;
-      settings = {
-        PASSWORD_STORE_DIR = "$HOME/.local/share/password-store";
-      };
-      package = pkgs.pass.withExtensions (exts: [ exts.pass-otp ]);
+
      { pkgs, ... }:
+{
+  programs.password-store = {
+    enable = true;
+    settings = {
+      PASSWORD_STORE_DIR = "$HOME/.local/share/password-store";
     };
+    package = pkgs.pass.withExtensions (exts: [ exts.pass-otp ]);
+  };
 }
 
      
 
      
@@ -7988,7 +8003,7 @@ Enables direnv, which I use for nearly all of my nix dev flakes.
 
      
 
 
      
-
      _ :
+
      _:
 {
   programs.direnv = {
     enable = true;
@@ -8006,7 +8021,7 @@ Eza provides me with a better ls command and some other useful alia
 
      
 
 
      
-
      _ :
+
      _:
 {
   programs.eza = {
     enable = true;
@@ -8029,7 +8044,7 @@ Here I set up my git config, automatic signing of commits, useful aliases for my
 
      
 
 
      
-
      _ :
+
      _:
 {
   programs.git = {
     enable = true;
@@ -8079,7 +8094,7 @@ Here I only need to set basic layout options - the rest is being managed by styl
 
      
 
 
      
-
      _ :
+
      _:
 {
   programs.fuzzel = {
     enable = true;
@@ -8104,111 +8119,111 @@ Starship makes my zsh look cooler! I have symbols for most programm
 
      
 
 
      
-
        _ :
-  {
-    programs.starship = {
-      enable = true;
-      enableZshIntegration = true;
-      settings = {
-        add_newline = false;
-        format = "$character";
-        right_format = "$all";
-        command_timeout = 3000;
+
      _:
+{
+  programs.starship = {
+    enable = true;
+    enableZshIntegration = true;
+    settings = {
+      add_newline = false;
+      format = "$character";
+      right_format = "$all";
+      command_timeout = 3000;
 
-        directory.substitutions = {
-          "Documents" = "󰈙 ";
-          "Downloads" = " ";
-          "Music" = " ";
-          "Pictures" = " ";
-        };
-
-        git_status = {
-          style = "bg:#394260";
-          format = "[[($all_status$ahead_behind )](fg:#769ff0 bg:#394260)]($style)";
-        };
-
-        character = {
-          success_symbol = "[λ](bold green)";
-          error_symbol = "[λ](bold red)";
-        };
-
-        aws.symbol = "  ";
-        buf.symbol = " ";
-        c.symbol = " ";
-        conda.symbol = " ";
-        dart.symbol = " ";
-        directory.read_only = " 󰌾";
-        docker_context.symbol = " ";
-        elixir.symbol = " ";
-        elm.symbol = " ";
-        fossil_branch.symbol = " ";
-        git_branch.symbol = " ";
-        golang.symbol = " ";
-        guix_shell.symbol = " ";
-        haskell.symbol = " ";
-        haxe.symbol = " ";
-        hg_branch.symbol = " ";
-        hostname.ssh_symbol = " ";
-        java.symbol = " ";
-        julia.symbol = " ";
-        lua.symbol = " ";
-        memory_usage.symbol = "󰍛 ";
-        meson.symbol = "󰔷 ";
-        nim.symbol = "󰆥 ";
-        nix_shell.symbol = " ";
-        nodejs.symbol = " ";
-
-        os.symbols = {
-          Alpaquita = " ";
-          Alpine = " ";
-          Amazon = " ";
-          Android = " ";
-          Arch = " ";
-          Artix = " ";
-          CentOS = " ";
-          Debian = " ";
-          DragonFly = " ";
-          Emscripten = " ";
-          EndeavourOS = " ";
-          Fedora = " ";
-          FreeBSD = " ";
-          Garuda = "󰛓 ";
-          Gentoo = " ";
-          HardenedBSD = "󰞌 ";
-          Illumos = "󰈸 ";
-          Linux = " ";
-          Mabox = " ";
-          Macos = " ";
-          Manjaro = " ";
-          Mariner = " ";
-          MidnightBSD = " ";
-          Mint = " ";
-          NetBSD = " ";
-          NixOS = " ";
-          OpenBSD = "󰈺 ";
-          openSUSE = " ";
-          OracleLinux = "󰌷 ";
-          Pop = " ";
-          Raspbian = " ";
-          Redhat = " ";
-          RedHatEnterprise = " ";
-          Redox = "󰀘 ";
-          Solus = "󰠳 ";
-          SUSE = " ";
-          Ubuntu = " ";
-          Unknown = " ";
-          Windows = "󰍲 ";
-        };
-
-        package.symbol = "󰏗 ";
-        pijul_channel.symbol = " ";
-        python.symbol = " ";
-        rlang.symbol = "󰟔 ";
-        ruby.symbol = " ";
-        rust.symbol = " ";
-        scala.symbol = " ";
+      directory.substitutions = {
+        "Documents" = "󰈙 ";
+        "Downloads" = " ";
+        "Music" = " ";
+        "Pictures" = " ";
       };
+
+      git_status = {
+        style = "bg:#394260";
+        format = "[[($all_status$ahead_behind )](fg:#769ff0 bg:#394260)]($style)";
+      };
+
+      character = {
+        success_symbol = "[λ](bold green)";
+        error_symbol = "[λ](bold red)";
+      };
+
+      aws.symbol = "  ";
+      buf.symbol = " ";
+      c.symbol = " ";
+      conda.symbol = " ";
+      dart.symbol = " ";
+      directory.read_only = " 󰌾";
+      docker_context.symbol = " ";
+      elixir.symbol = " ";
+      elm.symbol = " ";
+      fossil_branch.symbol = " ";
+      git_branch.symbol = " ";
+      golang.symbol = " ";
+      guix_shell.symbol = " ";
+      haskell.symbol = " ";
+      haxe.symbol = " ";
+      hg_branch.symbol = " ";
+      hostname.ssh_symbol = " ";
+      java.symbol = " ";
+      julia.symbol = " ";
+      lua.symbol = " ";
+      memory_usage.symbol = "󰍛 ";
+      meson.symbol = "󰔷 ";
+      nim.symbol = "󰆥 ";
+      nix_shell.symbol = " ";
+      nodejs.symbol = " ";
+
+      os.symbols = {
+        Alpaquita = " ";
+        Alpine = " ";
+        Amazon = " ";
+        Android = " ";
+        Arch = " ";
+        Artix = " ";
+        CentOS = " ";
+        Debian = " ";
+        DragonFly = " ";
+        Emscripten = " ";
+        EndeavourOS = " ";
+        Fedora = " ";
+        FreeBSD = " ";
+        Garuda = "󰛓 ";
+        Gentoo = " ";
+        HardenedBSD = "󰞌 ";
+        Illumos = "󰈸 ";
+        Linux = " ";
+        Mabox = " ";
+        Macos = " ";
+        Manjaro = " ";
+        Mariner = " ";
+        MidnightBSD = " ";
+        Mint = " ";
+        NetBSD = " ";
+        NixOS = " ";
+        OpenBSD = "󰈺 ";
+        openSUSE = " ";
+        OracleLinux = "󰌷 ";
+        Pop = " ";
+        Raspbian = " ";
+        Redhat = " ";
+        RedHatEnterprise = " ";
+        Redox = "󰀘 ";
+        Solus = "󰠳 ";
+        SUSE = " ";
+        Ubuntu = " ";
+        Unknown = " ";
+        Windows = "󰍲 ";
+      };
+
+      package.symbol = "󰏗 ";
+      pijul_channel.symbol = " ";
+      python.symbol = " ";
+      rlang.symbol = "󰟔 ";
+      ruby.symbol = " ";
+      rust.symbol = " ";
+      scala.symbol = " ";
     };
+  };
 }
 
      
 
      
@@ -8225,7 +8240,7 @@ The theme is handled by stylix.
 
      
 
 
      
-
      _ :
+
      _:
 {
   programs.kitty = {
     enable = true;
@@ -8260,6 +8275,7 @@ Here we set some aliases (some of them should be shellApplications instead) as w
       hg = "history | grep";
       hmswitch = "cd ~/.dotfiles; home-manager --flake .#$(whoami)@$(hostname) switch; cd -;";
       nswitch = "cd ~/.dotfiles; sudo nixos-rebuild --flake .#$(hostname) switch; cd -;";
+      nswitch-stay = "cd ~/.dotfiles; git restore flake.lock; sudo nixos-rebuild --flake .#$(hostname) switch; cd -;";
       edithome = "e -w ~/.dotfiles/SwarselSystems.org";
       magit = "emacsclient -nc -e \"(magit-status)\"";
       config = "git --git-dir=$HOME/.cfg/ --work-tree=$HOME";
@@ -8316,139 +8332,138 @@ Normally I use 4 mail accounts - here I set them all up. Three of them are Googl
 
      
 
 
      
-
      -{ config, ...}:
+
      { config, ... }:
 {
-programs.mbsync = {
-  enable = true;
-};
-services.mbsync = {
-  enable = true;
-};
-# this is needed so that mbsync can use the passwords from sops
-systemd.user.services.mbsync.Unit.After = [ "sops-nix.service" ];
+  programs.mbsync = {
+    enable = true;
+  };
+  services.mbsync = {
+    enable = true;
+  };
+  # this is needed so that mbsync can use the passwords from sops
+  systemd.user.services.mbsync.Unit.After = [ "sops-nix.service" ];
 
-programs.msmtp = {
-  enable = true;
-};
-
-programs.mu = {
-  enable = true;
-};
-
-accounts.email = {
-  maildirBasePath = "Mail";
-  accounts.leon = {
-    primary = true;
-    address = "leon.schwarzaeugl@gmail.com";
-    userName = "leon.schwarzaeugl@gmail.com";
-    realName = "Leon Schwarzäugl";
-    passwordCommand = "cat ${config.sops.secrets.leon.path}";
-    # passwordCommand = "gpg --quiet --for-your-eyes-only --no-tty --decrypt ~/.local/share/password-store/mail/mbsync/leon.schwarzaeugl@gmail.com.gpg";
-    gpg = {
-      key = "0x76FD3810215AE097";
-      signByDefault = true;
-    };
-    imap.host = "imap.gmail.com";
-    smtp.host = "smtp.gmail.com";
-    mu.enable = true;
-    msmtp = {
-      enable = true;
-    };
-    mbsync = {
-      enable = true;
-      create = "maildir";
-      expunge = "both";
-      patterns = [ "*" "![Gmail]*" "[Gmail]/Sent Mail" "[Gmail]/Starred" "[Gmail]/All Mail" ];
-      extraConfig = {
-        channel = {
-          Sync = "All";
-        };
-        account = {
-          Timeout = 120;
-          PipelineDepth = 1;
-        };
-      };
-    };
+  programs.msmtp = {
+    enable = true;
   };
 
-  accounts.swarsel = {
-    address = "leon@swarsel.win";
-    userName = "8227dc594dd515ce232eda1471cb9a19";
-    realName = "Leon Schwarzäugl";
-    passwordCommand = "cat ${config.sops.secrets.swarselmail.path}";
-    smtp = {
-      host = "in-v3.mailjet.com";
-      port = 587;
-      tls = {
+  programs.mu = {
+    enable = true;
+  };
+
+  accounts.email = {
+    maildirBasePath = "Mail";
+    accounts.leon = {
+      primary = true;
+      address = "leon.schwarzaeugl@gmail.com";
+      userName = "leon.schwarzaeugl@gmail.com";
+      realName = "Leon Schwarzäugl";
+      passwordCommand = "cat ${config.sops.secrets.leon.path}";
+      # passwordCommand = "gpg --quiet --for-your-eyes-only --no-tty --decrypt ~/.local/share/password-store/mail/mbsync/leon.schwarzaeugl@gmail.com.gpg";
+      gpg = {
+        key = "0x76FD3810215AE097";
+        signByDefault = true;
+      };
+      imap.host = "imap.gmail.com";
+      smtp.host = "smtp.gmail.com";
+      mu.enable = true;
+      msmtp = {
         enable = true;
-        useStartTls = true;
+      };
+      mbsync = {
+        enable = true;
+        create = "maildir";
+        expunge = "both";
+        patterns = [ "*" "![Gmail]*" "[Gmail]/Sent Mail" "[Gmail]/Starred" "[Gmail]/All Mail" ];
+        extraConfig = {
+          channel = {
+            Sync = "All";
+          };
+          account = {
+            Timeout = 120;
+            PipelineDepth = 1;
+          };
+        };
       };
     };
-    mu.enable = false;
-    msmtp = {
-      enable = true;
-    };
-    mbsync = {
-      enable = false;
-    };
-  };
 
-  accounts.nautilus = {
-    primary = false;
-    address = "nautilus.dw@gmail.com";
-    userName = "nautilus.dw@gmail.com";
-    realName = "Nautilus";
-    passwordCommand = "cat ${config.sops.secrets.nautilus.path}";
-    # passwordCommand = "gpg --quiet --for-your-eyes-only --no-tty --decrypt ~/.local/share/password-store/mail/mbsync/nautilus.dw@gmail.com.gpg";
-    imap.host = "imap.gmail.com";
-    smtp.host = "smtp.gmail.com";
-    msmtp.enable = true;
-    mu.enable = true;
-    mbsync = {
-      enable = true;
-      create = "maildir";
-      expunge = "both";
-      patterns = [ "*" "![Gmail]*" "[Gmail]/Sent Mail" "[Gmail]/Starred" "[Gmail]/All Mail" ];
-      extraConfig = {
-        channel = {
-          Sync = "All";
+    accounts.swarsel = {
+      address = "leon@swarsel.win";
+      userName = "8227dc594dd515ce232eda1471cb9a19";
+      realName = "Leon Schwarzäugl";
+      passwordCommand = "cat ${config.sops.secrets.swarselmail.path}";
+      smtp = {
+        host = "in-v3.mailjet.com";
+        port = 587;
+        tls = {
+          enable = true;
+          useStartTls = true;
         };
-        account = {
-          Timeout = 120;
-          PipelineDepth = 1;
+      };
+      mu.enable = false;
+      msmtp = {
+        enable = true;
+      };
+      mbsync = {
+        enable = false;
+      };
+    };
+
+    accounts.nautilus = {
+      primary = false;
+      address = "nautilus.dw@gmail.com";
+      userName = "nautilus.dw@gmail.com";
+      realName = "Nautilus";
+      passwordCommand = "cat ${config.sops.secrets.nautilus.path}";
+      # passwordCommand = "gpg --quiet --for-your-eyes-only --no-tty --decrypt ~/.local/share/password-store/mail/mbsync/nautilus.dw@gmail.com.gpg";
+      imap.host = "imap.gmail.com";
+      smtp.host = "smtp.gmail.com";
+      msmtp.enable = true;
+      mu.enable = true;
+      mbsync = {
+        enable = true;
+        create = "maildir";
+        expunge = "both";
+        patterns = [ "*" "![Gmail]*" "[Gmail]/Sent Mail" "[Gmail]/Starred" "[Gmail]/All Mail" ];
+        extraConfig = {
+          channel = {
+            Sync = "All";
+          };
+          account = {
+            Timeout = 120;
+            PipelineDepth = 1;
+          };
+        };
+      };
+    };
+    accounts.mrswarsel = {
+      primary = false;
+      address = "mrswarsel@gmail.com";
+      userName = "mrswarsel@gmail.com";
+      realName = "Swarsel";
+      # passwordCommand = "gpg --quiet --for-your-eyes-only --no-tty --decrypt ~/.local/share/password-store/mail/mbsync/mrswarsel@gmail.com.gpg";
+      passwordCommand = "cat ${config.sops.secrets.mrswarsel.path}";
+      imap.host = "imap.gmail.com";
+      smtp.host = "smtp.gmail.com";
+      msmtp.enable = true;
+      mu.enable = true;
+      mbsync = {
+        enable = true;
+        create = "maildir";
+        expunge = "both";
+        patterns = [ "*" "![Gmail]*" "[Gmail]/Sent Mail" "[Gmail]/Starred" "[Gmail]/All Mail" ];
+        extraConfig = {
+          channel = {
+            Sync = "All";
+          };
+          account = {
+            Timeout = 120;
+            PipelineDepth = 1;
+          };
         };
       };
     };
   };
-  accounts.mrswarsel = {
-    primary = false;
-    address = "mrswarsel@gmail.com";
-    userName = "mrswarsel@gmail.com";
-    realName = "Swarsel";
-    # passwordCommand = "gpg --quiet --for-your-eyes-only --no-tty --decrypt ~/.local/share/password-store/mail/mbsync/mrswarsel@gmail.com.gpg";
-    passwordCommand = "cat ${config.sops.secrets.mrswarsel.path}";
-    imap.host = "imap.gmail.com";
-    smtp.host = "smtp.gmail.com";
-    msmtp.enable = true;
-    mu.enable = true;
-    mbsync = {
-      enable = true;
-      create = "maildir";
-      expunge = "both";
-      patterns = [ "*" "![Gmail]*" "[Gmail]/Sent Mail" "[Gmail]/Starred" "[Gmail]/All Mail" ];
-      extraConfig = {
-        channel = {
-          Sync = "All";
-        };
-        account = {
-          Timeout = 120;
-          PipelineDepth = 1;
-        };
-      };
-    };
-  };
-};
 }
 
      
 
      
@@ -8530,219 +8545,239 @@ Again I am just using the first bar option here that I was able to find good und
 
      
 
 
      
-The rest of this configuration is found here:
+The rest of the related configuration is found here:
 
      
 
 
 
      
-
      -{ config, lib,  ... }:
+
      { config, lib, pkgs, ... }:
 {
-programs.waybar = {
+  programs.waybar = {
 
-  enable = true;
-  # systemd.enable = true;
-  settings = {
-    mainBar = {
-      layer = "top";
-      position = "top";
-      modules-left = [ "sway/workspaces" "custom/outer-right-arrow-dark" "sway/window" ];
-      modules-center = [ "sway/mode" "custom/configwarn" ];
-      "sway/mode" = {
-        format = "<span style=\"italic\" font-weight=\"bold\">{}</span>";
-      };
-
-      modules-right = config.swarselsystems.waybarModules;
-
-      "custom/pseudobat" = lib.mkIf (!config.swarselsystems.isLaptop) {
-        format = "";
-        on-click-right = "wlogout -p layer-shell";
-      };
-
-      "custom/configwarn" = {
-        exec = "waybarupdate";
-        interval = 60;
-      };
-
-      "group/hardware" = {
-        orientation = "inherit";
-        drawer = {
-          "transition-left-to-right" = false;
+    enable = true;
+    systemd = {
+      enable = true;
+      target = "sway-sessions.target";
+    };
+    settings = {
+      mainBar = {
+        layer = "top";
+        position = "top";
+        modules-left = [ "sway/workspaces" "custom/outer-right-arrow-dark" "sway/window" ];
+        modules-center = [ "sway/mode" "custom/configwarn" "custom/nix-updates" ];
+        "sway/mode" = {
+          format = "<span style=\"italic\" font-weight=\"bold\">{}</span>";
         };
-        modules = [
-          "tray"
-          "temperature"
-          "power-profiles-daemon"
-          "custom/left-arrow-light"
-          "disk"
-          "custom/left-arrow-dark"
-          "memory"
-          "custom/left-arrow-light"
-          "cpu"
-          "custom/left-arrow-dark"
-        ];
-      };
 
-      power-profiles-daemon = {
-        format = "{icon}";
-        tooltip-format = "Power profile: {profile}\nDriver: {driver}";
-        tooltip = true;
-        format-icons = {
-          "default" = "";
-          "performance" = "";
-          "balanced" = "";
-          "power-saver" = "";
+        modules-right = config.swarselsystems.waybarModules;
+
+        "custom/pseudobat" = lib.mkIf (!config.swarselsystems.isLaptop) {
+          format = "";
+          on-click-right = "wlogout -p layer-shell";
         };
-      };
 
-      temperature = {
-        hwmon-path = lib.mkIf (!config.swarselsystems.temperatureHwmon.isAbsolutePath) config.swarselsystems.temperatureHwmon.path ;
-        hwmon-path-abs = lib.mkIf config.swarselsystems.temperatureHwmon.isAbsolutePath config.swarselsystems.temperatureHwmon.path ;
-        input-filename = lib.mkIf config.swarselsystems.temperatureHwmon.isAbsolutePath config.swarselsystems.temperatureHwmon.input-filename;
-        critical-threshold = 80;
-        format-critical = " {temperatureC}°C";
-        format = " {temperatureC}°C";
-
-      };
-
-      mpris = {
-        format = "{player_icon} {title} <small>[{position}/{length}]</small>";
-        format-paused = "{player_icon}  <i>{title} <small>[{position}/{length}]</small></i>";
-        player-icons = {
-          "default" = "▶ ";
-          "mpv" = "🎵 ";
-          "spotify" = " ";
+        "custom/configwarn" = {
+          exec = "waybarupdate";
+          interval = 60;
         };
-        status-icons = {
-          "paused" = " ";
+
+        "custom/nix-updates" = {
+          exec = "update-checker";
+          on-click = "update-checker && notify-send 'The system has been updated'";
+          interval = 3600;
+          tooltip = true;
+          return-type = "json";
+          format = "{} ";
         };
-        interval = 1;
-        title-len = 20;
-        artist-len = 20;
-        album-len = 10;
-      };
-      "custom/left-arrow-dark" = {
-        format = "";
-        tooltip = false;
-      };
-      "custom/outer-left-arrow-dark" = {
-        format = "";
-        tooltip = false;
-      };
-      "custom/left-arrow-light" = {
-        format = "";
-        tooltip = false;
-      };
-      "custom/right-arrow-dark" = {
-        format = "";
-        tooltip = false;
-      };
-      "custom/outer-right-arrow-dark" = {
-        format = "";
-        tooltip = false;
-      };
-      "custom/right-arrow-light" = {
-        format = "";
-        tooltip = false;
-      };
-      "sway/workspaces" = {
-        disable-scroll = true;
-        format = "{name}";
-      };
 
-      "clock#1" = {
-        min-length = 8;
-        interval = 1;
-        format = "{:%H:%M:%S}";
-        # on-click-right= "gnome-clocks";
-        tooltip-format = "<big>{:%Y %B}</big>\n<tt><small>{calendar}</small></tt>";
-      };
-
-      "clock#2" = {
-        format = "{:%d. %B %Y}";
-        # on-click-right= "gnome-clocks";
-        tooltip-format = "<big>{:%Y %B}</big>\n<tt><small>{calendar}</small></tt>";
-      };
-
-      pulseaudio = {
-        format = "{icon} {volume:2}%";
-        format-bluetooth = "{icon} {volume}%";
-        format-muted = "MUTE";
-        format-icons = {
-          headphones = "";
-          default = [
-            ""
-            ""
+        "group/hardware" = {
+          orientation = "inherit";
+          drawer = {
+            "transition-left-to-right" = false;
+          };
+          modules = [
+            "tray"
+            "temperature"
+            "power-profiles-daemon"
+            "custom/left-arrow-light"
+            "custom/left-arrow-dark"
+            "custom/left-arrow-light"
+            "disk"
+            "custom/left-arrow-dark"
+            "memory"
+            "custom/left-arrow-light"
+            "cpu"
+            "custom/left-arrow-dark"
           ];
         };
-        scroll-step = 1;
-        on-click = "pamixer -t";
-        on-click-right = "pavucontrol";
-      };
 
-      memory = {
-        interval = 5;
-        format = " {}%";
-        tooltip-format = "Memory: {used:0.1f}G/{total:0.1f}G\nSwap: {swapUsed}G/{swapTotal}G";
-      };
-      cpu = {
-        format = config.swarselsystems.cpuString;
-        min-length = 6;
-        interval = 5;
-        format-icons = [ "▁" "▂" "▃" "▄" "▅" "▆" "▇" "█" ];
-        # on-click-right= "com.github.stsdc.monitor";
-        on-click-right = "kitty -o confirm_os_window_close=0 btm";
+        power-profiles-daemon = {
+          format = "{icon}";
+          tooltip-format = "Power profile: {profile}\nDriver: {driver}";
+          tooltip = true;
+          format-icons = {
+            "default" = "";
+            "performance" = "";
+            "balanced" = "";
+            "power-saver" = "";
+          };
+        };
+
+        temperature = {
+          hwmon-path = lib.mkIf (!config.swarselsystems.temperatureHwmon.isAbsolutePath) config.swarselsystems.temperatureHwmon.path;
+          hwmon-path-abs = lib.mkIf config.swarselsystems.temperatureHwmon.isAbsolutePath config.swarselsystems.temperatureHwmon.path;
+          input-filename = lib.mkIf config.swarselsystems.temperatureHwmon.isAbsolutePath config.swarselsystems.temperatureHwmon.input-filename;
+          critical-threshold = 80;
+          format-critical = " {temperatureC}°C";
+          format = " {temperatureC}°C";
 
-      };
-      battery = {
-        states = {
-          "warning" = 60;
-          "error" = 30;
-          "critical" = 15;
         };
-        interval = 5;
-        format = "{icon} {capacity}%";
-        format-charging = "{capacity}% ";
-        format-plugged = "{capacity}% ";
-        format-icons = [
-          ""
-          ""
-          ""
-          ""
-          ""
-        ];
-        on-click-right = "wlogout -p layer-shell";
-      };
-      disk = {
-        interval = 30;
-        format = "Disk {percentage_used:2}%";
-        path = "/";
-        states = {
-          "warning" = 80;
-          "critical" = 90;
+
+        mpris = {
+          format = "{player_icon} {title} <small>[{position}/{length}]</small>";
+          format-paused = "{player_icon}  <i>{title} <small>[{position}/{length}]</small></i>";
+          player-icons = {
+            "default" = "▶ ";
+            "mpv" = "🎵 ";
+            "spotify" = " ";
+          };
+          status-icons = {
+            "paused" = " ";
+          };
+          interval = 1;
+          title-len = 20;
+          artist-len = 20;
+          album-len = 10;
+        };
+        "custom/left-arrow-dark" = {
+          format = "";
+          tooltip = false;
+        };
+        "custom/outer-left-arrow-dark" = {
+          format = "";
+          tooltip = false;
+        };
+        "custom/left-arrow-light" = {
+          format = "";
+          tooltip = false;
+        };
+        "custom/right-arrow-dark" = {
+          format = "";
+          tooltip = false;
+        };
+        "custom/outer-right-arrow-dark" = {
+          format = "";
+          tooltip = false;
+        };
+        "custom/right-arrow-light" = {
+          format = "";
+          tooltip = false;
+        };
+        "sway/workspaces" = {
+          disable-scroll = true;
+          format = "{name}";
+        };
+
+        "clock#1" = {
+          min-length = 8;
+          interval = 1;
+          format = "{:%H:%M:%S}";
+          # on-click-right= "gnome-clocks";
+          tooltip-format = "<big>{:%Y %B}</big>\n<tt><small>{calendar}</small></tt>";
+        };
+
+        "clock#2" = {
+          format = "{:%d. %B %Y}";
+          # on-click-right= "gnome-clocks";
+          tooltip-format = "<big>{:%Y %B}</big>\n<tt><small>{calendar}</small></tt>";
+        };
+
+        pulseaudio = {
+          format = "{icon} {volume:2}%";
+          format-bluetooth = "{icon} {volume}%";
+          format-muted = "MUTE";
+          format-icons = {
+            headphones = "";
+            default = [
+              ""
+              ""
+            ];
+          };
+          scroll-step = 1;
+          on-click = "pamixer -t";
+          on-click-right = "pavucontrol";
+        };
+
+        memory = {
+          interval = 5;
+          format = " {}%";
+          tooltip-format = "Memory: {used:0.1f}G/{total:0.1f}G\nSwap: {swapUsed}G/{swapTotal}G";
+        };
+        cpu = {
+          format = config.swarselsystems.cpuString;
+          min-length = 6;
+          interval = 5;
+          format-icons = [ "▁" "▂" "▃" "▄" "▅" "▆" "▇" "█" ];
+          # on-click-right= "com.github.stsdc.monitor";
+          on-click-right = "kitty -o confirm_os_window_close=0 btm";
+
+        };
+        "custom/vpn" = {
+          format = "()";
+          exec = "echo '{\"class\": \"connected\"}'";
+          exec-if = "test -d /proc/sys/net/ipv4/conf/tun0";
+          return-type = "json";
+          interval = 5;
+        };
+        battery = {
+          states = {
+            "warning" = 60;
+            "error" = 30;
+            "critical" = 15;
+          };
+          interval = 5;
+          format = "{icon} {capacity}%";
+          format-charging = "{capacity}% ";
+          format-plugged = "{capacity}% ";
+          format-icons = [
+            ""
+            ""
+            ""
+            ""
+            ""
+          ];
+          on-click-right = "wlogout -p layer-shell";
+        };
+        disk = {
+          interval = 30;
+          format = "Disk {percentage_used:2}%";
+          path = "/";
+          states = {
+            "warning" = 80;
+            "critical" = 90;
+          };
+          tooltip-format = "{used} used out of {total} on {path} ({percentage_used}%)\n{free} free on {path} ({percentage_free}%)";
+        };
+        tray = {
+          icon-size = 20;
+        };
+        network = {
+          interval = 5;
+          format-wifi = "{signalStrength}% ";
+          format-ethernet = "";
+          format-linked = "{ifname} (No IP) ";
+          format-disconnected = "Disconnected ⚠";
+          format-alt = "{ifname}: {ipaddr}/{cidr}";
+          tooltip-format-ethernet = "{ifname} via {gwaddr}: {essid} {ipaddr}/{cidr}\n\n⇡{bandwidthUpBytes} ⇣{bandwidthDownBytes}";
+          tooltip-format-wifi = "{ifname} via {gwaddr}: {essid} {ipaddr}/{cidr} \n{signaldBm}dBm @ {frequency}MHz\n\n⇡{bandwidthUpBytes} ⇣{bandwidthDownBytes}";
         };
-        tooltip-format = "{used} used out of {total} on {path} ({percentage_used}%)\n{free} free on {path} ({percentage_free}%)";
-      };
-      tray = {
-        icon-size = 20;
-      };
-      network = {
-        interval = 5;
-        format-wifi = "{signalStrength}% ";
-        format-ethernet = "";
-        format-linked = "{ifname} (No IP) ";
-        format-disconnected = "Disconnected ⚠";
-        format-alt = "{ifname}: {ipaddr}/{cidr}";
-        tooltip-format-ethernet = "{ifname} via {gwaddr}: {essid} {ipaddr}/{cidr}\n\n⇡{bandwidthUpBytes} ⇣{bandwidthDownBytes}";
-        tooltip-format-wifi = "{ifname} via {gwaddr}: {essid} {ipaddr}/{cidr} \n{signaldBm}dBm @ {frequency}MHz\n\n⇡{bandwidthUpBytes} ⇣{bandwidthDownBytes}";
       };
     };
+    style = builtins.readFile ../../../programs/waybar/style.css;
   };
-  style = builtins.readFile ../../../programs/waybar/style.css;
-};
 }
 
      
 
      
@@ -8771,13 +8806,7 @@ I used to build the firefox addon bypass-paywalls-clean myself here
 {
   programs.firefox = {
     enable = true;
-    package = pkgs.firefox.override {
-      nativeMessagingHosts = [
-        pkgs.tridactyl-native
-        pkgs.browserpass
-        pkgs.plasma5Packages.plasma-browser-integration
-      ];
-    };
+    package = pkgs.firefox; # uses overrides
     policies = {
       CaptivePortal = false;
       DisableFirefoxStudies = true;
@@ -8883,12 +8912,11 @@ Used for storing sessions in e.g. Nextcloud
 
      
 
 
      
-
      -_ :
+
      { lib, config, ... }:
 {
-services.gnome-keyring = {
-  enable = true;
-};
+  services.gnome-keyring = lib.mkIf (!config.swarselsystems.isNixos) {
+    enable = true;
+  };
 }
 
      
 
      
@@ -8901,7 +8929,7 @@ This enables phone/computer communication, including sending clipboard, files et
 
      
 
 
      
-
      _ :
+
      _:
 {
   services.kdeconnect = {
     enable = true;
@@ -8923,7 +8951,7 @@ The `extraConfig` section here CANNOT be reindented. This has something to do wi
 
      
 
 
      
-
      _ :
+
      _:
 {
   services.mako = {
     enable = true;
@@ -8951,7 +8979,7 @@ The `extraConfig` section here CANNOT be reindented. This has something to do wi
       [category=mpd]
       default-timeout=2000
       group-by=category
-      '';
+    '';
   };
 }
 
      
@@ -8972,24 +9000,24 @@ Currently, I am too lazy to explain every option here, but most of it is very se
 
 
      
 
      { config, pkgs, lib, ... }:
-  let
-    inherit (config.swarselsystems) monitors;
-    eachMonitor = _name: monitor: {
-      inherit (monitor) name;
-      value = builtins.removeAttrs monitor [ "workspace" "name" "output" ];
-    };
-    eachOutput = _name: monitor: {
-      inherit (monitor) name;
-      value = builtins.removeAttrs monitor [ "mode" "name" "scale" "position" ];
-    };
-    workplaceSets = lib.mapAttrs' eachOutput monitors;
-    workplaceOutputs = map (key: lib.getAttr key workplaceSets) (lib.attrNames workplaceSets);
-  in
+let
+  inherit (config.swarselsystems) monitors;
+  eachMonitor = _name: monitor: {
+    inherit (monitor) name;
+    value = builtins.removeAttrs monitor [ "workspace" "name" "output" ];
+  };
+  eachOutput = _name: monitor: {
+    inherit (monitor) name;
+    value = builtins.removeAttrs monitor [ "mode" "name" "scale" "position" ];
+  };
+  workplaceSets = lib.mapAttrs' eachOutput monitors;
+  workplaceOutputs = map (key: lib.getAttr key workplaceSets) (lib.attrNames workplaceSets);
+in
 {
   wayland.windowManager.sway = {
     enable = true;
     checkConfig = false; # delete this line once SwayFX is fixed upstream
-    package = lib.mkIf config.swarselsystems.isNixos pkgs.swayfx;
+    package = lib.mkIf config.swarselsystems.isNixos null;
     systemd = {
       enable = true;
       xdgAutostart = true;
@@ -9004,77 +9032,79 @@ Currently, I am too lazy to explain every option here, but most of it is very se
         let
           inherit (config.wayland.windowManager.sway.config) modifier;
         in
-        lib.recursiveUpdate {
-          "${modifier}+q" = "kill";
-          "${modifier}+f" = "exec firefox";
-          "${modifier}+Shift+f" = "exec swaymsg fullscreen";
-          "${modifier}+Space" = "exec fuzzel";
-          "${modifier}+Shift+Space" = "floating toggle";
-          "${modifier}+e" = "exec emacsclient -nquc -a emacs -e \"(dashboard-open)\"";
-          "${modifier}+Shift+m" = "exec emacsclient -nquc -a emacs -e \"(mu4e)\"";
-          "${modifier}+Shift+c" = "exec emacsclient -nquc -a emacs -e \"(swarsel/open-calendar)\"";
-          "${modifier}+m" = "exec swarselcheck -s";
-          "${modifier}+x" = "exec swarselcheck -k";
-          "${modifier}+d" = "exec swarselcheck -d";
-          "${modifier}+w" = "exec swarselcheck -e";
-          "${modifier}+Shift+t" = "exec opacitytoggle";
-          "${modifier}+Shift+F12" = "move scratchpad";
-          "${modifier}+F12" = "scratchpad show";
-          "${modifier}+c" = "exec qalculate-gtk";
-          "${modifier}+p" = "exec pass-fuzzel";
-          "${modifier}+o" = "exec pass-fuzzel --otp";
-          "${modifier}+Shift+p" = "exec pass-fuzzel --type";
-          "${modifier}+Shift+o" = "exec pass-fuzzel --otp --type";
-          "${modifier}+Escape" = "mode $exit";
-          "${modifier}+Shift+Escape" = "exec kitty -o confirm_os_window_close=0 btm";
-          "${modifier}+s" = "exec grim -g \"$(slurp)\" -t png - | wl-copy -t image/png";
-          "${modifier}+1" = "workspace 1:一";
-          "${modifier}+Shift+1" = "move container to workspace 1:一";
-          "${modifier}+2" = "workspace 2:二";
-          "${modifier}+Shift+2" = "move container to workspace 2:二";
-          "${modifier}+3" = "workspace 3:三";
-          "${modifier}+Shift+3" = "move container to workspace 3:三";
-          "${modifier}+4" = "workspace 4:四";
-          "${modifier}+Shift+4" = "move container to workspace 4:四";
-          "${modifier}+5" = "workspace 5:五";
-          "${modifier}+Shift+5" = "move container to workspace 5:五";
-          "${modifier}+6" = "workspace 6:六";
-          "${modifier}+Shift+6" = "move container to workspace 6:六";
-          "${modifier}+7" = "workspace 7:七";
-          "${modifier}+Shift+7" = "move container to workspace 7:七";
-          "${modifier}+8" = "workspace 8:八";
-          "${modifier}+Shift+8" = "move container to workspace 8:八";
-          "${modifier}+9" = "workspace 9:九";
-          "${modifier}+Shift+9" = "move container to workspace 9:九";
-          "${modifier}+0" = "workspace 10:十";
-          "${modifier}+Shift+0" = "move container to workspace 10:十";
-          "${modifier}+Left" = "focus left";
-          "${modifier}+Right" = "focus right";
-          "${modifier}+Down" = "focus down";
-          "${modifier}+Up" = "focus up";
-          "${modifier}+Shift+Left" = "move left 40px";
-          "${modifier}+Shift+Right" = "move right 40px";
-          "${modifier}+Shift+Down" = "move down 40px";
-          "${modifier}+Shift+Up" = "move up 40px";
-          "${modifier}+h" = "focus left";
-          "${modifier}+l" = "focus right";
-          "${modifier}+j" = "focus down";
-          "${modifier}+k" = "focus up";
-          "${modifier}+Shift+h" = "move left 40px";
-          "${modifier}+Shift+l" = "move right 40px";
-          "${modifier}+Shift+j" = "move down 40px";
-          "${modifier}+Shift+k" = "move up 40px";
-          "${modifier}+Ctrl+Shift+c" = "reload";
-          "${modifier}+Shift+e" = "exec swaynag -t warning -m 'You pressed the exit shortcut. Do you really want to exit sway? This will end your Wayland session.' -b 'Yes, exit sway' 'swaymsg exit'";
-          "${modifier}+r" = "mode resize";
-          "${modifier}+Return" = "exec kitty";
-          "XF86AudioRaiseVolume" = "exec pactl set-sink-volume @DEFAULT_SINK@ +5%";
-          "XF86AudioLowerVolume" = "exec pactl set-sink-volume @DEFAULT_SINK@ -5%";
-          "XF86AudioMute" = "exec pactl set-sink-mute @DEFAULT_SINK@ toggle";
-          "XF86MonBrightnessUp" = "exec brightnessctl set +5%";
-          "XF86MonBrightnessDown" = "exec brightnessctl set 5%-";
-          "XF86Display" = "exec wl-mirror eDP-1";
-        } config.swarselsystems.keybindings;
+        lib.recursiveUpdate
+          {
+            "${modifier}+q" = "kill";
+            "${modifier}+f" = "exec firefox";
+            "${modifier}+Shift+f" = "exec swaymsg fullscreen";
+            "${modifier}+Space" = "exec fuzzel";
+            "${modifier}+Shift+Space" = "floating toggle";
+            "${modifier}+e" = "exec emacsclient -nquc -a emacs -e \"(dashboard-open)\"";
+            "${modifier}+Shift+m" = "exec emacsclient -nquc -a emacs -e \"(mu4e)\"";
+            "${modifier}+Shift+c" = "exec emacsclient -nquc -a emacs -e \"(swarsel/open-calendar)\"";
+            "${modifier}+m" = "exec swarselcheck -s";
+            "${modifier}+x" = "exec swarselcheck -k";
+            "${modifier}+d" = "exec swarselcheck -d";
+            "${modifier}+w" = "exec swarselcheck -e";
+            "${modifier}+Shift+t" = "exec opacitytoggle";
+            "${modifier}+Shift+F12" = "move scratchpad";
+            "${modifier}+F12" = "scratchpad show";
+            "${modifier}+c" = "exec qalculate-gtk";
+            "${modifier}+p" = "exec pass-fuzzel";
+            "${modifier}+o" = "exec pass-fuzzel --otp";
+            "${modifier}+Shift+p" = "exec pass-fuzzel --type";
+            "${modifier}+Shift+o" = "exec pass-fuzzel --otp --type";
+            "${modifier}+Escape" = "mode $exit";
+            "${modifier}+Shift+Escape" = "exec kitty -o confirm_os_window_close=0 btm";
+            "${modifier}+s" = "exec grim -g \"$(slurp)\" -t png - | wl-copy -t image/png";
+            "${modifier}+1" = "workspace 1:一";
+            "${modifier}+Shift+1" = "move container to workspace 1:一";
+            "${modifier}+2" = "workspace 2:二";
+            "${modifier}+Shift+2" = "move container to workspace 2:二";
+            "${modifier}+3" = "workspace 3:三";
+            "${modifier}+Shift+3" = "move container to workspace 3:三";
+            "${modifier}+4" = "workspace 4:四";
+            "${modifier}+Shift+4" = "move container to workspace 4:四";
+            "${modifier}+5" = "workspace 5:五";
+            "${modifier}+Shift+5" = "move container to workspace 5:五";
+            "${modifier}+6" = "workspace 6:六";
+            "${modifier}+Shift+6" = "move container to workspace 6:六";
+            "${modifier}+7" = "workspace 7:七";
+            "${modifier}+Shift+7" = "move container to workspace 7:七";
+            "${modifier}+8" = "workspace 8:八";
+            "${modifier}+Shift+8" = "move container to workspace 8:八";
+            "${modifier}+9" = "workspace 9:九";
+            "${modifier}+Shift+9" = "move container to workspace 9:九";
+            "${modifier}+0" = "workspace 10:十";
+            "${modifier}+Shift+0" = "move container to workspace 10:十";
+            "${modifier}+Left" = "focus left";
+            "${modifier}+Right" = "focus right";
+            "${modifier}+Down" = "focus down";
+            "${modifier}+Up" = "focus up";
+            "${modifier}+Shift+Left" = "move left 40px";
+            "${modifier}+Shift+Right" = "move right 40px";
+            "${modifier}+Shift+Down" = "move down 40px";
+            "${modifier}+Shift+Up" = "move up 40px";
+            "${modifier}+h" = "focus left";
+            "${modifier}+l" = "focus right";
+            "${modifier}+j" = "focus down";
+            "${modifier}+k" = "focus up";
+            "${modifier}+Shift+h" = "move left 40px";
+            "${modifier}+Shift+l" = "move right 40px";
+            "${modifier}+Shift+j" = "move down 40px";
+            "${modifier}+Shift+k" = "move up 40px";
+            "${modifier}+Ctrl+Shift+c" = "reload";
+            "${modifier}+Shift+e" = "exec swaynag -t warning -m 'You pressed the exit shortcut. Do you really want to exit sway? This will end your Wayland session.' -b 'Yes, exit sway' 'swaymsg exit'";
+            "${modifier}+r" = "mode resize";
+            "${modifier}+Return" = "exec kitty";
+            "XF86AudioRaiseVolume" = "exec pactl set-sink-volume @DEFAULT_SINK@ +5%";
+            "XF86AudioLowerVolume" = "exec pactl set-sink-volume @DEFAULT_SINK@ -5%";
+            "XF86AudioMute" = "exec pactl set-sink-mute @DEFAULT_SINK@ toggle";
+            "XF86MonBrightnessUp" = "exec brightnessctl set +5%";
+            "XF86MonBrightnessDown" = "exec brightnessctl set 5%-";
+            "XF86Display" = "exec wl-mirror eDP-1";
+          }
+          config.swarselsystems.keybindings;
       modes = {
         resize = {
           Down = "resize grow height 10 px or 10 ppt";
@@ -9083,6 +9113,7 @@ Currently, I am too lazy to explain every option here, but most of it is very se
           Return = "mode default";
           Right = "resize grow width 10 px or 10 ppt";
           Up = "resize shrink height 10 px or 10 ppt";
+          Tab = "move position center, resize set width 50 ppt height 50 ppt";
         };
       };
       defaultWorkspace = "workspace 1:一";
@@ -9118,7 +9149,7 @@ Currently, I am too lazy to explain every option here, but most of it is very se
           { title = "(?:Open|Save) (?:File|Folder|As)"; }
           { title = "^Add$"; }
           { title = "com-jgoodies-jdiskreport-JDiskReport"; }
-          { app_id = "discord"; }
+          { app_id = "vesktop"; }
           { window_role = "pop-up"; }
           { window_role = "bubble"; }
           { window_role = "dialog"; }
@@ -9183,7 +9214,7 @@ Currently, I am too lazy to explain every option here, but most of it is very se
           {
             command = "resize set width 60 ppt height 60 ppt, sticky enable";
             criteria = {
-              app_id = "discord";
+              app_id = "vesktop";
             };
           }
           {
@@ -9225,57 +9256,68 @@ Currently, I am too lazy to explain every option here, but most of it is very se
         swayfxSettings = config.swarselsystems.swayfxConfig;
       in
       "
-        exec_always autotiling
-        set $exit \"exit: [s]leep, [p]oweroff, [r]eboot, [l]ogout\"
-        mode $exit {
+          exec_always autotiling
+          set $exit \"exit: [s]leep, [l]ock, [p]oweroff, [r]eboot, [u]ser logout\"
+          mode $exit {
 
-            bindsym --to-code {
-                s exec \"systemctl suspend\", mode \"default\"
-                p exec \"systemctl poweroff\"
-                r exec \"systemctl reboot\"
-                l exec \"swaymsg exit\"
+              bindsym --to-code {
+                  s exec \"systemctl suspend\", mode \"default\"
+                  l exec \"swaylock --screenshots --clock --effect-blur 7x5 --effect-vignette 0.5:0.5 --fade-in 0.2 --daemonize && systemctl suspend \", mode \"default \"
+                  p exec \"systemctl poweroff\"
+                  r exec \"systemctl reboot\"
+                  u exec \"swaymsg exit\"
 
-                Return mode \"default\"
-                Escape mode \"default\"
-                ${modifier}+x mode \"default\"
-            }
-        }
+                  Return mode \"default\"
+                  Escape mode \"default\"
+                  ${modifier}+Escape mode \"default\"
+              }
+          }
 
-        exec systemctl --user import-environment
+          exec systemctl --user import-environment
 
-        ${swayfxSettings}
 
-        ";
+
+          ${swayfxSettings}
+
+          ";
   };
 }
      9. -
    9. gpg-agent
      -
      +
    10. gpg-agent
      +
      +

      +Settinfs that are needed for the gpg-agent. Also we are enabling emacs support for unlocking my Yubikey here. +

      + 
      { pkgs, ... }:
 {
-services.gpg-agent = {
-  enable = true;
-  enableSshSupport = true;
-  enableExtraSocket = true;
-  pinentryPackage = pkgs.pinentry.gtk2;
-  defaultCacheTtl = 600;
-  maxCacheTtl = 7200;
-  extraConfig = ''
-    allow-loopback-pinentry
-    allow-emacs-pinentry
-  '';
-};
+  services.gpg-agent = {
+    enable = true;
+    enableSshSupport = true;
+    enableExtraSocket = true;
+    pinentryPackage = pkgs.pinentry.gtk2;
+    defaultCacheTtl = 600;
+    maxCacheTtl = 7200;
+    extraConfig = ''
+      allow-loopback-pinentry
+      allow-emacs-pinentry
+    '';
+  };
 }
      11. -
    11. gammastep
      -
      +
    12. gammastep
      +
      +

      +This service changes the screen hue at night. I am not sure if that really does something, but I like the color anyways. +

      + 
      _:
 {
@@ -9292,19 +9334,25 @@ services.gpg-agent = {
    -
    -

    3.4.2. Optional

    -
    +
    +

    3.4.2. Optional

    +
    +

    +Akin to the optional NixOS modules. +

      -
    1. Gaming
      -
      -
      -
      -{ pkgs, ... }:
+
    2. Gaming
      
+
      
+
      
+The rest of the settings is at gaming.
+
      
 
- {
-   home.packages = with pkgs; [
+
      
+
      { pkgs, ... }:
+
+{
+  home.packages = with pkgs; [
     lutris
     wine
     libudev-zero
@@ -9322,22 +9370,23 @@ services.gpg-agent = {
     heroic
 
     # minecraft
+    prismlauncher # has overrides
     temurin-bin-17
-    (prismlauncher.override {
-      glfw = pkgs.glfw-wayland-minecraft;
-    })
-   ];
- }
+  ];
+}
 
 
      
 
      
 
      
 
      3. 
-
    3. Work
      
-
      
+
    4. Work
      
+
      
+
      
+The rest of the settings is at work. Here, I am setting up the different firefox profiles that I need for the SSO sites that I need to access at work as well as a few ssh shorthands.
+
      
+
 
      
-
      -{ pkgs, ... }:
+
      { pkgs, ... }:
 
 {
   home.packages = with pkgs; [
@@ -9375,6 +9424,7 @@ services.gpg-agent = {
           reddit-enhancement-suite
           sponsorblock
           web-archives
+          onepassword-password-manager
           single-file
           widegithub
           enhanced-github
@@ -9451,6 +9501,7 @@ services.gpg-agent = {
           reddit-enhancement-suite
           sponsorblock
           web-archives
+          onepassword-password-manager
           single-file
           widegithub
           enhanced-github
@@ -9527,6 +9578,7 @@ services.gpg-agent = {
           reddit-enhancement-suite
           sponsorblock
           web-archives
+          onepassword-password-manager
           single-file
           widegithub
           enhanced-github
@@ -9589,6 +9641,16 @@ services.gpg-agent = {
     };
   };
 
+  xdg.portal = {
+    enable = true;
+    extraPortals = [ pkgs.xdg-desktop-portal-wlr ];
+    config = {
+      common = {
+        default = "wlr";
+      };
+    };
+  };
+
 }
 
 
      
@@ -9620,10 +9682,12 @@ This tangles the flake.nix file; This block only needs to be touched when updati
   nixConfig = {
     extra-substituters = [
       "https://nix-community.cachix.org"
+      "https://cache.ngi0.nixos.org/"
     ];
 
     extra-trusted-public-keys = [
       "nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
+      "cache.ngi0.nixos.org-1:KqH5CBLNSyX184S9BKZJo1LxrxJ9ltnY2uAs5c/f1MA="
     ];
   };
 
@@ -9726,21 +9790,7 @@ This tangles the flake.nix file; This block only needs to be touched when updati
         }
       );
 
-      # pkgs for home-manager builds
-      # homepkgs = import nixpkgs { system = "x86_64-linux";
-      #                             overlays = [ inputs.emacs-overlay.overlay
-      #                                          inputs.nur.overlay
-      #                                          inputs.nixgl.overlay
-      #                                          (final: _prev: {
-      #                                            stable = import inputs.nixpkgs-stable {
-      #                                              inherit (final) system config;
-      #                                            };
-      #                                          })
-      #                                        ];
-      #                             config.allowUnfree = true;
-      #                           };
-
-      # # NixOS modules that can only be used on NixOS systems
+      # NixOS modules that can only be used on NixOS systems
       nixModules = [
         inputs.stylix.nixosModules.stylix
         inputs.lanzaboote.nixosModules.lanzaboote
@@ -9776,7 +9826,6 @@ This tangles the flake.nix file; This block only needs to be touched when updati
         (pkgs:
           {
             default = pkgs.mkShell {
-              # Enable experimental features without having to specify the argument
               NIX_CONFIG = "experimental-features = nix-command flakes";
               nativeBuildInputs = [ pkgs.nix pkgs.home-manager pkgs.git ];
             };
@@ -9791,8 +9840,6 @@ This tangles the flake.nix file; This block only needs to be touched when updati
         inputs.nixgl.overlay
       ];
 
-
-
       # NixOS setups - run home-manager as a NixOS module for better compatibility
       # another benefit - full rebuild on nixos-rebuild switch
       # run rebuild using `nswitch`
@@ -9803,138 +9850,124 @@ This tangles the flake.nix file; This block only needs to be touched when updati
       nixosConfigurations = {
 
 
-        sandbox = nixpkgs.lib.nixosSystem {
-          specialArgs = { inherit inputs; };
-          modules = [
-            inputs.disko.nixosModules.disko
-            ./profiles/sandbox/disk-config.nix
-            inputs.sops-nix.nixosModules.sops
-            ./profiles/sandbox/nixos.nix
-          ];
-        };
+          sandbox = nixpkgs.lib.nixosSystem {
+            specialArgs = { inherit inputs; };
+            modules = [
+              inputs.disko.nixosModules.disko
+              ./profiles/sandbox/disk-config.nix
+              inputs.sops-nix.nixosModules.sops
+              ./profiles/sandbox/nixos.nix
+            ];
+          };
 
-        threed = nixpkgs.lib.nixosSystem {
-          specialArgs = { inherit inputs; };
-          modules = nixModules ++ [
-            inputs.lanzaboote.nixosModules.lanzaboote
-            ./profiles/threed/nixos.nix
-            inputs.home-manager.nixosModules.home-manager
-            {
-              home-manager.users.swarsel.imports = mixedModules ++ [
-                ./profiles/threed/home.nix
-              ];
-            }
-          ];
-        };
+          threed = nixpkgs.lib.nixosSystem {
+            specialArgs = { inherit inputs; };
+            modules = nixModules ++ [
+              inputs.lanzaboote.nixosModules.lanzaboote
+              ./profiles/threed/nixos.nix
+              inputs.home-manager.nixosModules.home-manager
+              {
+                home-manager.users.swarsel.imports = mixedModules ++ [
+                  ./profiles/threed/home.nix
+                ];
+              }
+            ];
+          };
 
-        fourside = lib.nixosSystem {
-          specialArgs = { inherit inputs outputs; };
-          modules = nixModules ++ [
-            ./profiles/fourside
-          ];
-        };
+          fourside = lib.nixosSystem {
+            specialArgs = { inherit inputs outputs; };
+            modules = nixModules ++ [
+              ./profiles/fourside
+            ];
+          };
 
-        nbl-imba-2 = lib.nixosSystem {
-          specialArgs = { inherit inputs outputs; };
-          modules = nixModules ++ [
-            ./profiles/nbl-imba-2
-          ];
-        };
-
-        # winters = nixpkgs.lib.nixosSystem {
-        #   specialArgs = { inherit inputs; };
-        #   modules = nixModules ++ [
-        #     inputs.nixos-hardware.nixosModules.framework-16-inch-7040-amd
-        #     ./profiles/winters/nixos.nix
-        #     inputs.home-manager.nixosModules.home-manager
-        #     {
-        #       home-manager.users.swarsel.imports = mixedModules ++ [
-        #         ./profiles/winters/home.nix
-        #       ];
-        #     }
-        #   ];
-        # };
+          nbl-imba-2 = lib.nixosSystem {
+            specialArgs = { inherit inputs outputs; };
+            modules = nixModules ++ [
+              ./profiles/nbl-imba-2
+            ];
+          };
 
         nginx = nixpkgs.lib.nixosSystem {
-          specialArgs = { inherit inputs; };
-          modules = [
-            inputs.sops-nix.nixosModules.sops
-            ./profiles/server1/nginx/nixos.nix
-          ];
-        };
+            specialArgs = { inherit inputs; };
+            modules = [
+              inputs.sops-nix.nixosModules.sops
+              ./profiles/server1/nginx/nixos.nix
+            ];
+          };
 
-        calibre = nixpkgs.lib.nixosSystem {
-          specialArgs = { inherit inputs; };
-          modules = [
-            inputs.sops-nix.nixosModules.sops
-            ./profiles/server1/calibre/nixos.nix
-          ];
-        };
+          calibre = nixpkgs.lib.nixosSystem {
+            specialArgs = { inherit inputs; };
+            modules = [
+              inputs.sops-nix.nixosModules.sops
+              ./profiles/server1/calibre/nixos.nix
+            ];
+          };
 
-        jellyfin = nixpkgs.lib.nixosSystem {
-          specialArgs = { inherit inputs; };
-          modules = [
-            ./profiles/server1/jellyfin/nixos.nix
-          ];
-        };
+          jellyfin = nixpkgs.lib.nixosSystem {
+            specialArgs = { inherit inputs; };
+            modules = [
+              ./profiles/server1/jellyfin/nixos.nix
+            ];
+          };
 
-        transmission = nixpkgs.lib.nixosSystem {
-          specialArgs = { inherit inputs; };
-          modules = [
-            inputs.sops-nix.nixosModules.sops
-            ./profiles/server1/transmission/nixos.nix
-          ];
-        };
+          transmission = nixpkgs.lib.nixosSystem {
+            specialArgs = { inherit inputs; };
+            modules = [
+              inputs.sops-nix.nixosModules.sops
+              ./profiles/server1/transmission/nixos.nix
+            ];
+          };
 
-        matrix = nixpkgs.lib.nixosSystem {
-          specialArgs = { inherit inputs; };
-          modules = [
-            inputs.sops-nix.nixosModules.sops
-            ./profiles/server1/matrix/nixos.nix
-          ];
-        };
+          matrix = nixpkgs.lib.nixosSystem {
+            specialArgs = { inherit inputs; };
+            modules = [
+              inputs.sops-nix.nixosModules.sops
+              ./profiles/server1/matrix/nixos.nix
+            ];
+          };
 
-        sound = nixpkgs.lib.nixosSystem {
-          specialArgs = { inherit inputs; };
-          modules = [
-            inputs.sops-nix.nixosModules.sops
-            ./profiles/server1/sound/nixos.nix
-          ];
-        };
+          sound = nixpkgs.lib.nixosSystem {
+            specialArgs = { inherit inputs; };
+            modules = [
+              inputs.sops-nix.nixosModules.sops
+              ./profiles/server1/sound/nixos.nix
+            ];
+          };
 
-        spotifyd = nixpkgs.lib.nixosSystem {
-          specialArgs = { inherit inputs; };
-          modules = [
-            inputs.sops-nix.nixosModules.sops
-            ./profiles/server1/spotifyd/nixos.nix
-          ];
-        };
+          spotifyd = nixpkgs.lib.nixosSystem {
+            specialArgs = { inherit inputs; };
+            modules = [
+              inputs.sops-nix.nixosModules.sops
+              ./profiles/server1/spotifyd/nixos.nix
+            ];
+          };
 
-        paperless = nixpkgs.lib.nixosSystem {
-          specialArgs = { inherit inputs; };
-          modules = [
-            inputs.sops-nix.nixosModules.sops
-            ./profiles/server1/paperless/nixos.nix
-          ];
-        };
+          paperless = nixpkgs.lib.nixosSystem {
+            specialArgs = { inherit inputs; };
+            modules = [
+              inputs.sops-nix.nixosModules.sops
+              ./profiles/server1/paperless/nixos.nix
+            ];
+          };
 
-        #ovm swarsel
-        sync = nixpkgs.lib.nixosSystem {
-          specialArgs = { inherit inputs; };
-          modules = [
-            inputs.sops-nix.nixosModules.sops
-            ./profiles/remote/oracle/sync/nixos.nix
-          ];
-        };
+          #ovm swarsel
+          sync = nixpkgs.lib.nixosSystem {
+            specialArgs = { inherit inputs; };
+            modules = [
+              inputs.sops-nix.nixosModules.sops
+              ./profiles/remote/oracle/sync/nixos.nix
+            ];
+          };
 
-        #ovm swarsel
-        swatrix = nixpkgs.lib.nixosSystem {
-          specialArgs = { inherit inputs; };
-          modules = [
-            inputs.sops-nix.nixosModules.sops
-            ./profiles/remote/oracle/matrix/nixos.nix
-          ];
-        };
+          #ovm swarsel
+          swatrix = nixpkgs.lib.nixosSystem {
+            specialArgs = { inherit inputs; };
+            modules = [
+              inputs.sops-nix.nixosModules.sops
+              ./profiles/remote/oracle/matrix/nixos.nix
+            ];
+          };
       };
 
       # pure Home Manager setups - for non-NixOS machines
@@ -10633,8 +10666,8 @@ The standard Emacs behaviour for the Python process shell is a bit annoying. Thi
 
      
 
      
 
      5. 
-
    5. Nix common prefix bracketer
      
-
      
+
    6. Nix common prefix bracketer
      
+
      
 
      
 This function searches for common delimiters in region and removes them, summarizing all captured lines by it.
 
      
@@ -10666,8 +10699,8 @@ This function searches for common delimiters in region and removes them, summari
      7. -
    7. Nix formatters
      -
      +
    8. Nix formatters
      +

      This formats the org code block at point in accordance to the nixpkgs-fmt formatter

      @@ -11989,6 +12022,8 @@ It also offers a very useful utility of exporting org-mode buffers to different (push '("conf-unix" . conf-unix) org-src-lang-modes) +(setq org-export-with-broken-links mark) +
    @@ -12239,9 +12274,9 @@ This adds a rudimentary nix-mode to Emacs. I have not really tried this out, as
    -
    -

    4.4.3. nixpkgs-fmt

    -
    +
    +

    4.4.3. nixpkgs-fmt

    +

    Adds functions for formatting nix code.

    @@ -13004,6 +13039,9 @@ After having tried out lsp-mode and lsp-bridge for a w 
     (use-package eglot
   :ensure nil
+  :config
+  (add-to-list 'eglot-server-programs
+       '(yaml-ts-mode . ("ansible-language-server" "--stdio")))
   :hook
   ((python-mode
     python-ts-mode
@@ -13015,6 +13053,7 @@ After having tried out lsp-mode and lsp-bridge for a w
     rustic-mode
     tex-mode
     LaTeX-mode
+    yaml-ts-mode
     ) . (lambda () (progn
                      (eglot-ensure)
                      (add-hook 'before-save-hook 'eglot-format nil 'local))))
@@ -13636,626 +13675,27 @@ This sets up the dashboard, which is really quite useless. But, it
    -
    -
    -
    -

    5. Wiki

    -
    -

    -This houses a few configuration snippets that might be useful if you are new to the nix ecosystem. It will be infrequently updated as I come across things that I deem to be interesting to such a reader. Also, interesting configuration tricks will move here if I happen to obsolete them in my main configuration. -

    -
    -
    -

    5.1. Importing a NixOS module that is not in nixpkgs

    -
    -

    -This requires changes in multiple locations. As an example we will use an early version of the mautrix-signal module by Niklas Korz. -

    - -
      -

    1. -Add the module source to flake.nix: -

      - +
      +

      4.4.39. ansible

      +
      -
      {
-  inputs = {
-    [...]
-      # provides expressions for mautrix-signal
-      nixpkgs-mautrix-signal ={
-      url = github:niklaskorz/nixpkgs/nixos-23.11-mautrix-signal;
-    };
-    [...]
-  };
+
      +(use-package ansible
+    :hook
+    (yaml-ts-mode . ansible))
 
-  outputs = inputs@{
-    self,
-      [...]
-        nixpkgs-mautrix-signal,
-      [...]
-  }: let
-    [...]
-      pkgsmautrix = import nixpkgs-mautrix-signal { inherit system;
-                                                    config.allowUnfree = true;
-                                                  };
-    [...]
-  in {
-    nixosConfigurations = {
-      matrix = nixpkgs.lib.nixosSystem {
-        pkgs = pkgsmautrix;
-        # this is to import a service module that is not on nixpkgs
-        # this way avoids infinite recursion errors
-        specialArgs.unstable = nixpkgs-mautrix-signal;
-        modules = [
-          [...]
-        ];
-      };
-    };
-  }
-}
 
-
      
-
      2. - -

    2. -Import the module in the configuration (configuration.nix) -

      - -
      -
      -[...]
-  imports = [
-  [...]
-  (unstable + "/nixos/modules/services/matrix/mautrix-signal.nix")
-];
-
-[...]
-
      -
      3. -
    -
    -
    -
    -

    5.2. Build a firefox addon

    -
    -
      -
    1. app id can be found in the manifest.json file of the .xpi (.xpi is just a normal archive)
      2. -
    2. url can be found by copy url of the "add extension" button on the addon page
      3. -

    3. -the rest of the information is also found in the manifest.json, but might not be needed -

      - -

      -In configuration.nix: -

      4. -
    - -
    -
    programs.firefox = {
-  [...]
-    profiles.default = {
-    [...]
-      extensions = with pkgs.nur.repos.rycee.firefox-addons; [
-      [...]
-      (buildFirefoxXpiAddon {
-        pname = ":emoji:";
-        version = "0.1.3";
-        addonId = "gonelf@gmail.com";
-        url = "https://addons.mozilla.org/firefox/downloads/file/3365324/emojidots-0.1.3.xpi";
-        sha256 = "4f7cc25c478fe52eb82f37c9ff4978dcaa3f95020398c5b184e517f6efa2c201";
-        meta = with lib;
-          {
-            description = "emoji autocomplete anywhere on the internet";
-            mozPermissions = [ "https://gist.githubusercontent.com/gonelf/d8ae3ccb7902b501c4a5dd625d4089da/raw/5eeda197ba92f8c8139e846a1225d5640077e06f/emoji_pretty.json" "tabs" "storage"];
-            platforms = platforms.all;
-          };
-      })
-      [...]
-
    -
    -
    -
    -
    -

    5.3. Define shell utility as package

    -
    -

    -In configuration.nix (or home.nix): -

    - -
    -
    -home.packages = with pkgs; [ # or for NixOS environment.systemPackages = with pkgs; [
-  [...]
-  (pkgs.writeShellApplication {
-    name = "pass-fuzzel";
-    runtimeInputs = [ pkgs.pass pkgs.fuzzel ];
-    text = ''
-       shopt -s nullglob globstar
-
-       typeit=0
-       if [[ $# -ge 1 && $1 == "--type" ]]; then
-         typeit=1
-         shift
-       fi
-
-       export PASSWORD_STORE_DIR=~/.local/share/password-store
-       prefix=''${PASSWORD_STORE_DIR-~/.local/share/password-store}
-       password_files=( "$prefix"/**/*.gpg )
-       password_files=( "''${password_files[@]#"$prefix"/}" )
-       password_files=( "''${password_files[@]%.gpg}" )
-
-       password=$(printf '%s\n' "''${password_files[@]}" | fuzzel --dmenu "$@")
-
-       [[ -n $password ]] || exit
-
-       if [[ $typeit -eq 0 ]]; then
-         pass show -c "$password" &>/tmp/pass-fuzzel
-       else
-         pass show "$password" | { IFS= read -r pass; printf %s "$pass"; } | wtype -
-       fi
-       notify-send -u critical -a pass -t 1000 "Copied/Typed Password"
-     '';
-  })
-
-  [...]
    -
    -

    5.4. Add program with prebuild binaries to nix store

    -
    -

    -In configuration.nix: -

    - -
    -
    -home.packages = with pkgs; [ # or for NixOS environment.systemPackages = with pkgs; [
-  [...]
-  (stdenv.mkDerivation {
-    name = "oama";
-
-    src = pkgs.fetchurl {
-      name = "oama";
-      url = "https://github.com/pdobsan/oama/releases/download/0.13.1/oama-0.13.1-Linux-x86_64-static.tgz";
-      sha256 = "sha256-OTdCObVfnMPhgZxVtZqehgUXtKT1iyqozdkPIV+i3Gc=";
-    };
-
-    phases = [
-      "unpackPhase"
-    ];
-
-    unpackPhase = ''
-    mkdir -p $out/bin
-    tar xvf $src -C $out/
-    mv $out/oama-0.13.1-Linux-x86_64-static/oama $out/bin/
-    '';
-
-  })
-
-  [...]
-
    -
    -
    -
    -
    -

    5.5. Patch a utilty for nix paths:

    -
    -

    -See https://drakerossman.com/blog/how-to-patch-a-package-source-on-nixos -

    -
    -
    -
    -

    5.6. let-block for overriding a package in nixpkgs (here: replacing airsonic with airsonic-advanced)

    -
    -

    -This can be useful if a module does not let you use your own package yourself. -

    - -

    -In flake.nix: -

    - -
    -
    -pkgs = import nixpkgs { inherit system;
-                        overlays = [ emacs-overlay.overlay
-                                     nur.overlay
-                                     nixgl.overlay
-                                     (self: super: {
-                                       airsonic = super.airsonic.overrideAttrs (_: rec {
-                                         version = "11.0.2-kagemomiji";
-                                         name = "airsonic-advanced-${version}";
-                                         src = super.fetchurl {
-                                           url = "https://github.com/kagemomiji/airsonic-advanced/releases/download/11.0.2/airsonic.war";
-                                           sha256 = "PgErtEizHraZgoWHs5jYJJ5NsliDd9VulQfS64ackFo=";
-                                         };
-                                       });
-                                     })
-                                   ];
-                        config.allowUnfree = true;
-                      };
-
-
    -
    -
    -
    -
    -

    5.7. Reference configurations

    -
    -

    -Configurations that I have retired or are there for the general study. -

    -
    -
    -

    5.7.1. non-nixos

    -
    -

    -My Surface Pro 3, only used for on-the-go university work. Be careful when pushing large changes to this machine, as it easily runs out of memory on large switches. At the moment the only machine running non-NixOS, so special care must be taken not to break this one during updates. -

    -
    -
      -
    1. Channel setup
      -
      -

      -This installs nixGL, which is needed to run GL apps installed through home-manager, since this machine is not using NixOS. -

      - -

      -This is not super clean (because it is not fully replicative), but I do not really care. -

      - -
        -
      1. Install nixGL:
        2. -
      - -
      -
      nix-channel --add https://github.com/guibou/nixGL/archive/main.tar.gz nixgl && nix-channel --update
-  nix-env -iA nixgl.auto.nixGLDefault   # or replace `nixGLDefault` with your desired wrapper
-
      -
      - -

      -This is needed in order to use EGL. Prefix programs that use it with `nixGL` -

      -
      -
      2. -
    2. Home manager
      -
      -

      -Special things to note here: We are running xcape to allow CAPS to act as CTRL and ESC. Also we are using nixGL in most places. -

      - -
      -
      -{ config, pkgs, lib, fetchFromGitHub, ... }:
-
-{
-  programs.home-manager.enable = true;
-  home.username = "leons";
-  home.homeDirectory = "/home/leons";
-
-  home.stateVersion = "23.05"; # Please read the comment before changing.
-
-  stylix.image = ../../wallpaper/surfacewp.png;
-  <<theme>>
-
-  nixpkgs = {
-    config = {
-      allowUnfree = true;
-      allowUnfreePredicate = _: true;
-    };
-  };
-  services.xcape = {
-    enable = true;
-    mapExpression = {
-      Control_L = "Escape";
-    };
-  };
-  #keyboard config
-  home.keyboard.layout = "us";
-
-  sops.age.sshKeyPaths = [ "/etc/ssh/sops" ];
-
-  # waybar config
-  programs.waybar.settings.mainBar.cpu.format = "{icon0} {icon1} {icon2} {icon3}";
-
-  programs.waybar.settings.mainBar.temperature.hwmon-path = "/sys/devices/platform/coretemp.0/hwmon/hwmon3/temp3_input";
-  programs.waybar.settings.mainBar.modules-right = ["custom/outer-left-arrow-dark" "mpris" "custom/left-arrow-light"
-                                                    "network"
-                                                    "custom/left-arrow-dark"
-                                                    "pulseaudio"
-                                                    "custom/left-arrow-light"
-                                                    "battery"
-                                                    "custom/left-arrow-dark"
-                                                    "temperature"
-                                                    "custom/left-arrow-light"
-                                                    "disk"
-                                                    "custom/left-arrow-dark"
-                                                    "memory"
-                                                    "custom/left-arrow-light"
-                                                    "cpu"
-                                                    "custom/left-arrow-dark"
-                                                    "tray"
-                                                    "custom/left-arrow-light"
-                                                    "clock#2"
-                                                    "custom/left-arrow-dark"
-                                                    "clock#1" ];
-  services.blueman-applet.enable = true;
-  home.packages = with pkgs; [
-    # nixgl.auto.nixGLDefault
-    evince
-    # nodejs_20
-
-    # messaging
-    # we use gomuks for RAM preservation, but keep schildi around for files and images
-  ];
-
-  programs.zsh.initExtra = "
-export GPG_TTY=\"$(tty)\"
-export SSH_AUTH_SOCK=$(gpgconf --list-dirs agent-ssh-socket)
-gpgconf --launch gpg-agent
-      ";
-
-  # sway config
-  wayland.windowManager.sway= {
-    config = rec {
-      input = {
-        "*" = {
-          xkb_layout = "us";
-          xkb_options = "ctrl:nocaps,grp:win_space_toggle";
-          xkb_variant = "altgr-intl";
-        };
-        "type:touchpad" = {
-          dwt = "enabled";
-          tap = "enabled";
-          natural_scroll = "enabled";
-          middle_emulation = "enabled";
-        };
-      };
-
-      output = {
-        eDP-1 = {
-          mode = "2160x1440@59.955Hz";
-          scale = "1";
-          bg = "~/.dotfiles/wallpaper/surfacewp.png fill";
-        };
-      };
-
-      keybindings = let
-        inherit (config.wayland.windowManager.sway.config) modifier;
-      in {
-        "${modifier}+F2"  = "exec brightnessctl set +5%";
-        "${modifier}+F1"= "exec brightnessctl set 5%-";
-        "${modifier}+n" = "exec sway output eDP-1 transform normal, splith";
-        "${modifier}+Ctrl+p" = "exec nixGL wl-mirror eDP-1";
-        "${modifier}+t" = "exec sway output eDP-1 transform 90, splitv";
-        "${modifier}+XF86AudioLowerVolume" = "exec grim -g \"$(slurp)\" -t png - | wl-copy -t image/png";
-        "${modifier}+XF86AudioRaiseVolume" = "exec grim -g \"$(slurp)\" -t png - | wl-copy -t image/png";
-      };
-
-      startup = [
-        { command = "sleep 60 && nixGL nextcloud --background";}
-        # { command = "sleep 60 && nixGL spotify";}
-        { command = "sleep 60 && nixGL discord --start-minimized -enable-features=UseOzonePlatform -ozone-platform=wayland";}
-        # { command = "sleep 60 && nixGL schildichat-desktop --hidden";}
-        { command = "sleep 60 && nixGL syncthingtray --wait"; }
-        { command = "sleep 60 && ANKI_WAYLAND=1 nixGL anki";}
-        { command = "nm-applet --indicator";}
-        { command = "sleep 60 && OBSIDIAN_USE_WAYLAND=1 nixGL obsidian -enable-features=UseOzonePlatform -ozone-platform=wayland";}
-      ];
-
-      keycodebindings = {
-        "124" = "exec systemctl suspend";
-      };
-    };
-
-    extraConfig = "
-    exec swaymsg input 7062:6917:NTRG0001:01_1B96:1B05 map_to_output eDP-1
-    exec swaymsg input 7062:6917:NTRG0001:01_1B96:1B05_Stylus map_to_output eDP-1
-    ";
-  };
-}
-
-
      -
      -
      -
      3. -
    -
    -
    -

    5.7.2. nixos

    -
    -
    -
      -
    1. Onett (Lenovo Y510P)
      -
      -

      -My laptop, sadly soon to be replaced by a new one, since most basic functions are stopping to work lately. -

      -
      -
        -
      1. NixOS
        -
        -
        -
        -{ config, lib, pkgs, inputs, ... }:
-
-{
-
-  <<wrap>>
-
-  services = {
-    greetd.settings.initial_session.user ="swarsel";
-    xserver.videoDrivers = ["nvidia"];
-  };
-
-
-  hardware = {
-    nvidia = {
-      modesetting.enable = true;
-      powerManagement.enable = true;
-      prime = {
-        intelBusId = "PCI:0:2:0";
-        nvidiaBusId = "PCI:1:0:0";
-        sync.enable = true;
-      };
-    };
-    pulseaudio.configFile = pkgs.runCommand "default.pa" {} ''
-                 sed 's/module-udev-detect$/module-udev-detect tsched=0/' \
-                   ${pkgs.pulseaudio}/etc/pulse/default.pa > $out
-                 '';
-    bluetooth.enable = true;
-  };
-
-  stylix.image = ../../wallpaper/lenovowp.png;
-  <<theme>>
-
-  boot.loader.grub = {
-    enable = true;
-    device = "/dev/sda";
-    useOSProber = true;
-  };
-
-  networking.hostName = "onett"; # Define your hostname.
-  networking.enableIPv6 = false;
-
-  users.users.swarsel = {
-    isNormalUser = true;
-    description = "Leon S";
-    extraGroups = [ "networkmanager" "wheel" "lp"];
-    packages = with pkgs; [];
-  };
-
-  system.stateVersion = "23.05"; # Did you read the comment?
-
-  environment.systemPackages = with pkgs; [
-  ];
-
-
-}
-
-
        -
        -
        -
        2. -
      2. Home Manager
        -
        -
        -
        -{ config, pkgs, lib, fetchFromGitHub, ... }:
-
-{
-
-  <<gpgagent>>
-
-  home = {
-    username = "swarsel";
-    homeDirectory = "/home/swarsel";
-    stateVersion = "23.05"; # Please read the comment before changing.
-    keyboard.layout = "de";
-    packages = with pkgs; [
-    ];
-  };
-
-  sops.age.sshKeyPaths = [ "${config.home.homeDirectory}/.ssh/sops" ];
-
-  # # waybar config
-  programs.waybar.settings.mainBar = {
-    cpu.format = "{icon0} {icon1} {icon2} {icon3} {icon4} {icon5} {icon6} {icon7}";
-    temperature.hwmon-path = "/sys/devices/platform/coretemp.0/hwmon/hwmon3/temp3_input";
-  };
-  <<waybarlaptop>>
-
-  services.blueman-applet.enable = true;
-
-  wayland.windowManager.sway= {
-    config = rec {
-      input = {
-        "1:1:AT_Translated_Set_2_keyboard" = {
-          xkb_layout = "us";
-          xkb_options = "grp:win_space_toggle";
-          # xkb_options = "ctrl:nocaps,grp:win_space_toggle";
-          xkb_variant = "altgr-intl";
-        };
-        "2362:33538:ipad_keyboard_Keyboard" = {
-          xkb_layout = "us";
-          xkb_options = "altwin:swap_lalt_lwin,ctrl:nocaps,grp:win_space_toggle";
-          xkb_variant = "colemak_dh";
-        };
-        "36125:53060:splitkb.com_Kyria_rev3" = {
-          xkb_layout = "us";
-          xkb_variant = "altgr-intl";
-        };
-
-        "type:touchpad" = {
-          dwt = "enabled";
-          tap = "enabled";
-          natural_scroll = "enabled";
-          middle_emulation = "enabled";
-        };
-      };
-
-      output = {
-        eDP-1 = {
-          mode = "1920x1080";
-          scale = "1";
-          bg = "~/.dotfiles/wallpaper/lenovowp.png fill";
-          position = "1920,0";
-        };
-        VGA-1 = {
-          mode = "1920x1080";
-          scale = "1";
-          bg = "~/.dotfiles/wallpaper/lenovowp.png fill";
-          position = "0,0";
-        };
-      };
-
-      keybindings = let
-        inherit (config.wayland.windowManager.sway.config) modifier;
-      in {
-        "${modifier}+F2"  = "exec brightnessctl set +5%";
-        "${modifier}+F1"= "exec brightnessctl set 5%-";
-        "XF86MonBrightnessUp"  = "exec brightnessctl set +5%";
-        "XF86MonBrightnessDown"= "exec brightnessctl set 5%-";
-        "${modifier}+Ctrl+p" = "exec wl-mirror eDP-1";
-        "XF86HomePage" = "exec wtype -P Escape -p Escape";
-        "${modifier}+w" = "exec \"bash ~/.dotfiles/scripts/checkschildi.sh\"";
-      };
-      keycodebindings = {
-        "94" = "exec wtype c";
-        "Shift+94" = "exec wtype C";
-        "Ctrl+94" = "exec wtype -M ctrl c -m ctrl";
-        "Ctrl+Shift+94" = "exec wtype -M ctrl -M shift c -m ctrl -m shift";
-      };
-
-      startup = [
-        <<startupnixos>>
-      ];
-    };
-
-    extraConfig = "
- ";
-  };
-}
-
-
        -
        -
        -
        3. -
      -
      2. -
    -

    Author: Leon Schwarzäugl

    -

    Created: 2024-08-06 Di 14:08

    +

    Created: 2024-08-10 Sa 19:22

    Validate

    diff --git a/programs/emacs/init.el b/programs/emacs/init.el index cddb75a..2e4cb07 100644 --- a/programs/emacs/init.el +++ b/programs/emacs/init.el @@ -950,6 +950,8 @@ create a new one." (push '("conf-unix" . conf-unix) org-src-lang-modes) +(setq org-export-with-broken-links mark) + (require 'org-tempo) (add-to-list 'org-structure-template-alist '("sh" . "src shell")) (add-to-list 'org-structure-template-alist '("el" . "src emacs-lisp"))