From 8d8644e2165d9b14bb2aeac94c804b4ac4639bea Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Leon=20Schwarz=C3=A4ugl?= Date: Sun, 29 Dec 2024 02:20:32 +0100 Subject: [PATCH] chore: reflect renamed installer command on ISO --- SwarselSystems.org | 2 +- hosts/nixos/iso/default.nix | 2 +- index.html | 4028 ++++++++++++++++++++--------------- 3 files changed, 2361 insertions(+), 1671 deletions(-) diff --git a/SwarselSystems.org b/SwarselSystems.org index 84354e9..91593f4 100644 --- a/SwarselSystems.org +++ b/SwarselSystems.org @@ -1888,7 +1888,7 @@ swarsel-install -n chaostheatre }; programs.bash.shellAliases = { - "swarsel-install" = "nix run github:Swarsel/.dotfiles#install --"; + "swarsel-install" = "nix run github:Swarsel/.dotfiles#swarsel-install --"; }; system.activationScripts.cache = { diff --git a/hosts/nixos/iso/default.nix b/hosts/nixos/iso/default.nix index 61c07d8..d105ca8 100644 --- a/hosts/nixos/iso/default.nix +++ b/hosts/nixos/iso/default.nix @@ -81,7 +81,7 @@ in }; programs.bash.shellAliases = { - "swarsel-install" = "nix run github:Swarsel/.dotfiles#install --"; + "swarsel-install" = "nix run github:Swarsel/.dotfiles#swarsel-install --"; }; system.activationScripts.cache = { diff --git a/index.html b/index.html index 8895fdf..2e8ab76 100644 --- a/index.html +++ b/index.html @@ -3,7 +3,7 @@ "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> - + SwarselSystems: NixOS + Emacs Configuration @@ -202,490 +202,515 @@
- -
  • 5. Emacs -
    • +
  • 5. Appendix A: Noweb-Ref blocks + +
    • +
  • 6. Appendix B: Supplementary Files + +

    • -This file has 58383 words spanning 14864 lines and was last revised on 2024-12-28 18:15:25 +0100. +This file has 60522 words spanning 15453 lines and was last revised on 2024-12-29 02:23:09 +0100.

    @@ -738,7 +763,7 @@ This section defines my Emacs configuration. For a while, I considered to use ry

    -My emacs is built using the emacs-overlay nix flake, which builds a bleeding edge emacs on wayland (pgtk) with utilities like treesitter support. By executing the below source block, the current build setting can be updated at any time, and you can see my most up-to-date build options (last updated: 2024-12-28 18:15:25 +0100) +My emacs is built using the emacs-overlay nix flake, which builds a bleeding edge emacs on wayland (pgtk) with utilities like treesitter support. By executing the below source block, the current build setting can be updated at any time, and you can see my most up-to-date build options (last updated: 2024-12-29 02:23:09 +0100)

    @@ -818,589 +843,19 @@ The rest of this file will now contain actual code that is used in the configura

    -
    -

    2. Noweb-Ref blocks and supplementary files

    -
    -

    -These blocks are used in several places throughout the configurations, but not on all machines necessarily. For example, the theming section needs to be in a NixOS block on NixOS machines but in a home-manager block on non-NixOS. -

    - -

    -Originally, I used this method a lot throughout my configuration. However, as my knowledge of NixOS grew, I have been weeding these snippets out more and more as I find more efficient native solutions. Now, only the theming block remains. -

    - -

    -This serves only to reduce code duplication in this file. The tangled files experience no size reduction, since noweb-ref only substitutes these blocks in. -

    - -

    -Also, this section now holds some of the longer configuration files that cannot be defined directly within NixOS configuration. These files are usually symlinked using home.file. -

    -
    -
    -

    2.1. Theme (stylix)

    -
    -

    -For styling, I am using the stylix NixOS module, loaded by flake. This package is really great, as it adds nix expressions for basically everything. Ever since switching to this, I did not have to play around with theming anywhere else. -

    - -

    -The full list of nerd-fonts can be found here: https://github.com/NixOS/nixpkgs/blob/nixos-unstable/pkgs/data/fonts/nerd-fonts/manifests/fonts.json -

    - -

    -This is where the theme for the whole OS is defined. Originally, this noweb-ref section could not be copied to the general NixOS config since they are on different folder structure levels in the config, which would have made the flake impure. By now, I have found out that using the ${self} method for referencing the flake root, I could circumvent this problem. Also, the noweb-ref block could in general be replaced by a custom attribute set (see for example firefox). The difference here is, however, that this block is used in a NixOS and a home-manager-only configuration, verbatim. If I were to use an attribute set, I would have to duplicate this block once each for NixOS and home-manager. Alas, this block stays (for now). -

    - - -
    -
    -enable = true;
-base16Scheme = "${self}/wallpaper/swarsel.yaml";
-# base16Scheme = "${pkgs.base16-schemes}/share/themes/shapeshifter.yaml";
-polarity = "dark";
-opacity.popups = 0.5;
-cursor = {
-  package = pkgs.capitaine-cursors;
-  name = "capitaine-cursors";
-  size = 16;
-};
-fonts = {
-  sizes = {
-    terminal = 10;
-    applications = 11;
-  };
-  serif = {
-    # package = (pkgs.nerdfonts.override { fonts = [ "FiraMono" "FiraCode"]; });
-    package = pkgs.cantarell-fonts;
-    # package = pkgs.montserrat;
-    name = "Cantarell";
-    # name = "FiraCode Nerd Font Propo";
-    # name = "Montserrat";
-  };
-
-  sansSerif = {
-    # package = (pkgs.nerdfonts.override { fonts = [ "FiraMono" "FiraCode"]; });
-    package = pkgs.cantarell-fonts;
-    # package = pkgs.montserrat;
-    name = "Cantarell";
-    # name = "FiraCode Nerd Font Propo";
-    # name = "Montserrat";
-  };
-
-  monospace = {
-    package = pkgs.nerd-fonts.fira-mono; # has overrides
-
-    name = "FiraCode Nerd Font Mono";
-  };
-
-  emoji = {
-    package = pkgs.noto-fonts-emoji;
-    name = "Noto Color Emoji";
-  };
-};
-
-
    -
    -
    -
    -
    -

    2.2. Server Emacs config

    -
    -

    -On my server, I use a reduced, self-contained emacs configuration that only serves as an elfeed sync server. This is currently unused, however, I am keeping this in here for now as a reference. The big problem here was the bidirectional syncing using bjm/elfeed-updater. As I am using this both on a laptop client (using elfeed) as well as on a mobile phone (using elfeed-cljsrn over elfeed-web), I set up a Syncthing service to take care of the feeds as well as the db state. However, I could only either achieve changes propagating properly from the laptop to the server or from the phone to the server. Both would not work. This current state represents the state where from-laptop changes would propagate. To allow from-phone changes, change (elfeed-db-load) in bjm/elfeed-updater to (elfeed-db-save). -

    - - -
    -
    (require 'package)
-
-(package-initialize nil)
-(setq package-enable-at-startup nil)
-
-(add-to-list 'package-archives '("org" . "http://orgmode.org/elpa/") t)
-
-(add-to-list 'package-archives
-             '("melpa" . "https://melpa.org/packages/") t)
-
-
-(package-initialize)
-
-(let ((default-directory  "~/.emacs.d/elpa/"))
-  (normal-top-level-add-subdirs-to-load-path))
-
-(unless (package-installed-p 'use-package)
-  (package-refresh-contents)
-  (package-install 'use-package))
-
-(require 'use-package)
-
-(use-package elfeed
-  :ensure t
-  :bind (:map elfeed-search-mode-map
-              ("q" . bjm/elfeed-save-db-and-bury)))
-
-(require 'elfeed)
-
-(use-package elfeed-org
-  :ensure t
-  :config
-  (elfeed-org)
-  (setq rmh-elfeed-org-files (list "/var/lib/syncthing/.elfeed/elfeed.org")))
-
-(use-package elfeed-goodies
-  :ensure t)
-
-(elfeed-goodies/setup)
-
-(use-package elfeed-web
-  :ensure t)
-
-(global-set-key (kbd "C-x w") 'bjm/elfeed-load-db-and-open)
-
-(define-key elfeed-show-mode-map (kbd "j") 'elfeed-goodies/split-show-next)
-(define-key elfeed-show-mode-map (kbd "k") 'elfeed-goodies/split-show-prev)
-(define-key elfeed-search-mode-map (kbd "j") 'next-line)
-(define-key elfeed-search-mode-map (kbd "k") 'previous-line)
-(define-key elfeed-show-mode-map (kbd "S-SPC") 'scroll-down-command)
-
-
-(defun bjm/elfeed-save-db-and-bury ()
-  "Wrapper to save the elfeed db to disk before burying buffer"
-  (interactive)
-  (elfeed-db-save)
-  (quit-window))
-
-(defun bjm/elfeed-load-db-and-open ()
-  "Wrapper to load the elfeed db from disk before opening"
-  (interactive)
-  (elfeed-db-load)
-  (elfeed)
-  (elfeed-search-update--force)
-  (elfeed-update))
-
-(defun bjm/elfeed-updater ()
-  "Wrapper to load the elfeed db from disk before opening"
-  (interactive)
-  (elfeed-db-load))
-
-(run-with-timer 0 (* 1 60) 'bjm/elfeed-updater)
-
-(setq httpd-port 9812)
-(setq httpd-host "0.0.0.0")
-(setq httpd-root "/root/.emacs.d/elpa/elfeed-web-20240729.1741/")
-(setq elfeed-db-directory "/var/lib/syncthing/.elfeed/db/")
-
-(httpd-start)
-(elfeed-web-start)
-
-
    -
    -
    -
    -
    -

    2.3. tridactylrc

    -
    -

    -This is the configuration file for tridactyl, which provides keyboard-driven navigation in firefox. Pay attention to the warnings in this file; depending on your browsing behaviour, you might expose yourself to some vulnerabilities by copying this configuration. -

    - - -
    -
    -sanitise tridactyllocal tridactylsync
-
-colourscheme base16-codeschool
-
-" General Settings
-set update.lastchecktime 1720629386560
-set update.lastnaggedversion 1.24.1
-set update.nag true
-set update.nagwait 7
-set update.checkintervalsecs 86400
-set configversion 2.0
-set searchurls.no https://search.nixos.org/options?query=
-set searchurls.np https://search.nixos.org/packages?query=
-set searchurls.hm https://home-manager-options.extranix.com/?query=
-set completions.Tab.statusstylepretty true
-set hintfiltermode vimperator-reflow
-set hintnames numeric
-
-" Binds
-bind <C-m> buffer #
-bind gd tabdetach
-bind gD composite tabduplicate; tabdetach
-bind d composite tabprev; tabclose #
-bind D tabclose
-bind c hint
-bindurl ^http(s)?://www\.google\.com c hint -Jc [class="LC20lb MBeuO DKV0Md"],[class="YmvwI"],[class="YyVfkd"],[class="fl"]
-bindurl ^http(s)?://news\.ycombinator\.com c hint -Jc [class="titleline"],[class="age"]
-bindurl ^http(s)?://lobste\.rs c hint -Jc [class="u-url"],[class="comments_label"]
-bindurl ^http(s)?://www\.google\.com gi composite focusinput -l ; text.end_of_line
-
-" Search in page
-set findcase smart
-bind / fillcmdline find
-bind ? fillcmdline find -?
-bind n findnext 1
-bind N findnext -1
-
-bind j scrollline 4
-bind k scrollline -4
-
-
-" WARNING: This file defines and runs a command called fixamo_quiet. If you
-" also have a malicious addon that operates on `<all_urls>` installed this
-" will allow it to steal your firefox account credentials!
-"
-" With those credentials, an attacker can read anything in your sync account,
-" publish addons to the AMO, etc, etc.
-"
-" Without this command a malicious addon can steal credentials from any site
-" that you visit that is not in the restrictedDomains list.
-"
-" You should comment out the fixamo lines unless you are entirely sure that
-" they are what you want.
-command fixamo_quiet jsb tri.excmds.setpref("privacy.resistFingerprinting.block_mozAddonManager", "true").then(tri.excmds.setpref("extensions.webextensions.restrictedDomains", '""'))
-command fixamo js tri.excmds.setpref("privacy.resistFingerprinting.block_mozAddonManager", "true").then(tri.excmds.setpref("extensions.webextensions.restrictedDomains", '""').then(tri.excmds.fillcmdline_tmp(3000, "Permissions added to user.js. Please restart Firefox to make them take affect.")))
-
-fixamo_quiet
-set allowautofocus false
-
-" The following modification allows Tridactyl to function on more pages, e.g. raw GitHub pages.
-" You may not wish to run this. Mozilla strongly feels that you shouldn't.
-" Read https://wiki.mozilla.org/Security/CSP#Goals for more information.
-"
-" Equivalent to `set csp clobber` before it was removed.
-" This weakens your defences against cross-site-scripting attacks
-" and other types of code-injection by reducing the strictness
-" of Content Security Policy on all sites in a couple of ways.
-"
-" We remove the sandbox directive
-" https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/sandbox
-" which allows our iframe (and anyone else's) to run on any website.
-"
-" We weaken the style-src directive
-" https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/style-src
-" to allow us to theme our elements.
-" This exposes you to 'cross site styling' attacks
-jsb browser.webRequest.onHeadersReceived.addListener(tri.request.clobberCSP,{urls:["<all_urls>"],types:["main_frame"]},["blocking","responseHeaders"])
-
-" default is 300ms
-set hintdelay 100
-
-" Some pages like github break on the tridactyl quick search. have this as a fallback
-unbind <C-f>
-
-" Subconfig Settings
-seturl www.google.com followpagepatterns.next Next
-seturl www.google.com followpagepatterns.prev Previous
-
-" Autocmds
-autocmd DocStart undefined mode ignore
-autocmd DocStart pokerogue.net mode ignore
-autocmd DocStart typelit.io mode ignore
-autocmd DocStart vc-impimba-1.m.imp.ac.at/ui/webconsole mode ignore
-
-" For syntax highlighting see https://github.com/tridactyl/vim-tridactyl
-" vim: set filetype=tridactyl
-
-
    -
    -
    -
    -
    -

    2.4. Waybar style.css

    -
    -

    -This is the stylesheet used by waybar. -

    - -
    -
    @define-color foreground #fdf6e3;
-@define-color background #1a1a1a;
-@define-color background-alt #292b2e;
-@define-color foreground-warning #268bd2;
-@define-color background-warning @background;
-@define-color foreground-error red;
-@define-color background-error @background;
-@define-color foreground-critical gold;
-@define-color background-critical blue;
-
-
- * {
-    border: none;
-    border-radius: 0;
-    font-family: "FiraCode Nerd Font Propo", "Font Awesome 5 Free";
-    font-size: 14px;
-    min-height: 0;
-    margin: -1px 0px;
-}
-
-window#waybar {
-        background: transparent;
-        color: @foreground;
-        transition-duration: .5s;
-}
-
-window#waybar.hidden {
-    opacity: 0.2;
-}
-
-
-#mpris {
-    padding: 0 10px;
-    background-color: transparent;
-    color: #1DB954;
-    font-family: Monospace;
-    font-size: 12px;
-}
-
-#custom-right-arrow-dark,
-#custom-left-arrow-dark {
-        color: @background;
-        background: @background-alt;
-        font-size: 24px;
-}
-
-#window {
-        font-size: 12px;
-        padding: 0 20px;
-}
-
-#mode {
-    background: @background-critical;
-    color: @foreground-critical;
-    padding: 0 3px;
-}
-
-#privacy,
-#custom-configwarn {
-    color: black;
-    padding: 0 3px;
-    animation-name: configblink;
-    animation-duration: 0.5s;
-    animation-timing-function: linear;
-    animation-iteration-count: infinite;
-    animation-direction: alternate;
-}
-
-#custom-nix-updates {
-    color: white;
-    padding: 0 3px;
-}
-
-#custom-outer-right-arrow-dark,
-#custom-outer-left-arrow-dark {
-        color: @background;
-        font-size: 24px;
-}
-
-#custom-outer-left-arrow-dark,
-#custom-left-arrow-dark,
-#custom-left-arrow-light {
-        margin: 0 -1px;
-}
-
-#custom-right-arrow-light,
-#custom-left-arrow-light {
-        color: @background-alt;
-        background: @background;
-        font-size: 24px;
-}
-
-#workspaces,
-#clock.1,
-#clock.2,
-#clock.3,
-#pulseaudio,
-#memory,
-#cpu,
-#temperature,
-#custom-scratchpad-indicator,
-#power-profiles-daemon,
-#idle_inhibitor,
-#backlight-slider,
-#mpris,
-#tray {
-    background: @background;
-}
-
-#network,
-#custom-vpn,
-#clock.2,
-#battery,
-#cpu,
-#custom-pseudobat,
-#disk {
-    background: @background-alt;
-}
-
-
-#workspaces button {
-        padding: 0 2px;
-        color: #fdf6e3;
-}
-#workspaces button.focused {
-        color: @foreground-warning;
-}
-
-#workspaces button:hover {
-    background: @foreground;
-    color: @background;
-        border: @foreground;
-        padding: 0 2px;
-        box-shadow: inherit;
-        text-shadow: inherit;
-}
-
-#workspaces button.urgent {
-    color: @background-critical;
-    background: @foreground-critical;
-}
-
-#custom-vpn,
-#network {
-    color: #cc99c9;
-}
-
-#temperature,
-#power-profiles-daemon {
-    color: #9ec1cf;
-}
-
-#disk {
-    /*color: #b58900;*/
-    color: #9ee09e;
-}
-
-#custom-scratchpad-indicator {
-    color: #ffffff;
-}
-
-#disk.warning {
-    color:            @foreground-error;
-    background-color: @background-error;
-}
-#disk.critical,
-#temperature.critical {
-    color:            @foreground-critical;
-    background-color: @background-critical;
-    animation-name: blink;
-    animation-duration: 0.5s;
-    animation-timing-function: linear;
-    animation-iteration-count: infinite;
-    animation-direction: alternate;
-}
-#pulseaudio.muted {
-    color: @foreground-error;
-}
-#memory {
-        /*color: #2aa198;*/
-        color: #fdfd97;
-}
-#cpu {
-    /*color: #6c71c4;*/
-    color: #feb144;
-}
-
-#pulseaudio {
-    /*color: #268bd2;*/
-    color: #ff6663;
-}
-
-#battery,
-#custom-pseudobat {
-        color: cyan;
-}
-#battery.discharging {
-    color:      #859900;
-}
-
-@keyframes blink {
-    to {
-        color:            @foreground-error;
-        background-color: @background-error;
-    }
-}
-@keyframes configblink {
-    to {
-        color:            @foreground-error;
-        background-color: transparent;
-    }
-}
-
-#battery.critical:not(.charging) {
-    color:            @foreground-critical;
-    background-color: @background-critical;
-    animation-name: blink;
-    animation-duration: 0.5s;
-    animation-timing-function: linear;
-    animation-iteration-count: infinite;
-    animation-direction: alternate;
-}
-
-#backlight-slider slider {
-    min-height: 0px;
-    min-width: 0px;
-    opacity: 0;
-    background-image: none;
-    border: none;
-    box-shadow: none;
-}
-#backlight-slider trough {
-    min-height: 5px;
-    min-width: 80px;
-    border-radius: 5px;
-    background-color: black;
-}
-#backlight-slider highlight {
-    min-width: 0px;
-    border-radius: 5px;
-    background-color: grey;
-}
-
-#clock.1,
-#clock.2,
-#clock.3 {
-    font-family: Monospace;
-}
-
-#clock,
-#pulseaudio,
-#memory,
-#cpu,
-#tray,
-#temperature,
-#power-profiles-daemon,
-#network,
-#custom-vpn,
-#mpris,
-#battery,
-#custom-scratchpad-indicator,
-#custom-pseudobat,
-#disk {
-    padding: 0 3px;
-}
-
-
    -
    -
    -
    -
    -

    3. flake.nix

    +

    2. flake.nix

    Handling the flake.nix file used to be a bit of a chore, since it felt like writing so much boilerplate code just to define new systems. The noweb-approach here makes this a little bit less painful.

    -These blocks are later inserted here: flake.nix template. Adding new flake inputs is very easy, you just add them to Inputs & Inputs@Outputs first by name in the first source-block, and then the path in the second source-block. Any variables to be set for the host configuration are done in let, and the specific setup is done in either nixosConfigurations (for NixOS systems), homeConfigurations (for home-manager systems), or nixOnDroidConfigurations (for Nix on Android) and darwinConfigurations (for Darwin systems, also known as Macs). There also used to be a [BROKEN LINK: h:6a08495a-8566-4bb5-9fac-b03df01f6c81] section that used to define a Proxmox LXC image when I was still using Proxmox as my main server. An example of the repository at that time would be acc0ad6 main Add several NixOS hosts on Proxmox and Oracle Cloud. +These blocks are later inserted here: flake.nix template. Adding new flake inputs is very easy, you just add them to Inputs & Inputs@Outputs first by name in the first source-block, and then the path in the second source-block. Any variables to be set for the host configuration are done in let, and the specific setup is done in either nixosConfigurations (for NixOS systems), homeConfigurations (for home-manager systems), or nixOnDroidConfigurations (for Nix on Android) and darwinConfigurations (for Darwin systems, also known as Macs). There also used to be a [BROKEN LINK: h:6a08495a-8566-4bb5-9fac-b03df01f6c81] section that used to define a Proxmox LXC image when I was still using Proxmox as my main server. An example of the repository at that time would be acc0ad6: Add several NixOS hosts on Proxmox and Oracle Cloud.

    -

    3.1. flake.nix template

    +

    2.1. flake.nix template

    This sections puts together the flake.nix file from the Noweb-Ref blocks section. This tangles the flake.nix file; This block only needs to be touched when updating the general structure of the flake. For everything else, see the respective noweb-ref block. @@ -1582,90 +1037,94 @@ In outputs = inputs@ [...], the inputs@ makes it so th in { - inherit lib; - inherit mixedModules; - inherit nixModules; + inherit lib nixModules mixedModules homeModules; - nixosModules = import ./modules/nixos; - homeManagerModules = import ./modules/home; + nixosModules = import ./modules/nixos { inherit lib; }; + homeManagerModules = import ./modules/home { inherit lib; }; + packages = lib.swarselsystems.forEachSystem (pkgs: import ./pkgs { inherit lib pkgs; }); + formatter = lib.swarselsystems.forEachSystem (pkgs: pkgs.nixpkgs-fmt); + overlays = import ./overlays { inherit self lib inputs; }; - packages = lib.swarselsystems.forEachSystem (pkgs: import ./pkgs { inherit lib; }); + apps = lib.swarselsystems.forAllSystems (system: + let + appNames = [ + "swarsel-bootstrap" + "swarsel-install" + "swarsel-rebuild" + "swarsel-postinstall" + ]; + appSet = lib.swarselsystems.mkApps system appNames self; + in + { + inherit appSet; + default = appSet.bootstrap; + }); - apps = lib.swarselsystems.forAllSystems (system: let - appNames = [ - "swarsel-bootstrap" - "swarsel-install" - "swarsel-rebuild" - "swarsel-postinstall" - ]; - appSet = lib.swarselsystems.mkApps system appNames self; - in { - inherit appSet; - default = appSet.bootstrap; - }); - - devShells = lib.swarselsystems.forAllSystems ( - system: + devShells = lib.swarselsystems.forAllSystems (system: let pkgs = nixpkgs.legacyPackages.${system}; checks = self.checks.${system}; in - { - default = pkgs.mkShell { - NIX_CONFIG = "experimental-features = nix-command flakes"; - inherit (checks.pre-commit-check) shellHook; - buildInputs = checks.pre-commit-check.enabledPackages; - nativeBuildInputs = [ - pkgs.nix - pkgs.home-manager - pkgs.git - pkgs.just - pkgs.age - pkgs.ssh-to-age - pkgs.sops - ]; - }; - }); - - formatter = lib.swarselsystems.forEachSystem (pkgs: pkgs.nixpkgs-fmt); - checks = lib.swarselsystems.forAllSystems ( - system: - let - pkgs = nixpkgs.legacyPackages.${system}; - in - import ./checks { inherit self inputs system pkgs; } + { + default = pkgs.mkShell { + NIX_CONFIG = "experimental-features = nix-command flakes"; + inherit (checks.pre-commit-check) shellHook; + buildInputs = checks.pre-commit-check.enabledPackages; + nativeBuildInputs = with pkgs; [ + nix + home-manager + git + just + age + ssh-to-age + sops + statix + deadnix + nixpkgs-fmt + ]; + }; + } + ); + + checks = lib.swarselsystems.forAllSystems (system: + let + pkgs = nixpkgs.legacyPackages.${system}; + in + import ./checks { inherit self inputs system pkgs; } ); - overlays = import ./overlays { inherit pkgs; }; nixosConfigurations = - lib.swarselsystems.mkFullHostConfigs (lib.swarselsystems.readHosts "nixos") true; + lib.swarselsystems.mkFullHostConfigs (lib.swarselsystems.readHosts "nixos") "nixos"; - homeConfigurations = { + homeConfigurations = - "swarsel@home-manager" = inputs.home-manager.lib.homeManagerConfiguration { - pkgs = lib.swarselsystems.pkgsFor.x86_64-linux; - extraSpecialArgs = { inherit inputs outputs; }; - modules = homeModules ++ mixedModules ++ [ - ./hosts/home-manager - ]; - }; + # "swarsel@home-manager" = inputs.home-manager.lib.homeManagerConfiguration { + # pkgs = lib.swarselsystems.pkgsFor.x86_64-linux; + # extraSpecialArgs = { inherit inputs outputs; }; + # modules = homeModules ++ mixedModules ++ [ + # ./hosts/home-manager + # ]; + # }; + + lib.swarselsystems.mkHalfHostConfigs (lib.swarselsystems.readHosts "home") "home" lib.swarselsystems.pkgsFor.x86_64-linux; - }; darwinConfigurations = - lib.swarselsystems.mkFullHostConfigs (lib.swarselsystems.readHosts "darwin") false; + lib.swarselsystems.mkFullHostConfigs (lib.swarselsystems.readHosts "darwin") "darwin"; - nixOnDroidConfigurations = { + nixOnDroidConfigurations = + + # magicant = inputs.nix-on-droid.lib.nixOnDroidConfiguration { + # pkgs = lib.swarselsystems.pkgsFor.aarch64-linux; + # modules = [ + # ./hosts/magicant + # ]; + # }; + + lib.swarselsystems.mkHalfHostConfigs (lib.swarselsystems.readHosts "android") "android" lib.swarselsystems.pkgsFor.aarch64-linux; - magicant = inputs.nix-on-droid.lib.nixOnDroidConfiguration { - pkgs = lib.swarselsystems.pkgsFor.aarch64-linux; - modules = [ - ./hosts/magicant - ]; - }; - }; topology = @@ -1689,7 +1148,7 @@ In outputs = inputs@ [...], the inputs@ makes it so th

    -

    3.2. Pre-commit-hooks (Checks)

    +

    2.2. Pre-commit-hooks (Checks)

    This file defines a number of checks that can either be run by calling nix flake check or while in a nix-shell or nix develop. This helps me make sure that my flake confirms to my self-imposed standards. The GitHub actions perform less checks than are being done here (they are only checking the formatting, as well as statix and deadnix) @@ -1740,7 +1199,7 @@ This file defines a number of checks that can either be run by calling nix

    -

    3.3. Inputs

    +

    2.3. Inputs

    Here we define inputs and outputs of the flake. First, the following list is for the outputs of the flake. @@ -1919,7 +1378,7 @@ nix-topology.url = "github:oddlama/nix-topology";

    -

    3.4. let

    +

    2.4. let

    Here I define a few variables that I need for my system specifications. First and foremost, pkgs, which gets passed the emacs-overlay, nur, and nixgl modules to it. With this, I can grab all these packages by referencing pkgs.<name> instead of having to put e.g. nixgl.auto.nixGLDefault. @@ -1975,7 +1434,7 @@ mixedModules = [

    -

    3.5. General (outputs)

    +

    2.5. General (outputs)

    In this section I am creating some attributes that define general concepts of my configuration: @@ -2004,67 +1463,68 @@ They are defined in Overlays ( 

    -inherit lib;
-inherit mixedModules;
-inherit nixModules;
+inherit lib nixModules mixedModules homeModules;
 
-nixosModules = import ./modules/nixos;
-homeManagerModules = import ./modules/home;
+nixosModules = import ./modules/nixos { inherit lib; };
+homeManagerModules = import ./modules/home { inherit lib; };
+packages = lib.swarselsystems.forEachSystem (pkgs: import ./pkgs { inherit lib pkgs; });
+formatter = lib.swarselsystems.forEachSystem (pkgs: pkgs.nixpkgs-fmt);
+overlays = import ./overlays { inherit self lib inputs; };
 
-packages = lib.swarselsystems.forEachSystem (pkgs: import ./pkgs { inherit lib; });
+apps = lib.swarselsystems.forAllSystems (system:
+  let
+    appNames = [
+      "swarsel-bootstrap"
+      "swarsel-install"
+      "swarsel-rebuild"
+      "swarsel-postinstall"
+    ];
+    appSet = lib.swarselsystems.mkApps system appNames self;
+  in
+  {
+    inherit appSet;
+    default = appSet.bootstrap;
+  });
 
-apps = lib.swarselsystems.forAllSystems (system: let
-  appNames = [
-    "swarsel-bootstrap"
-    "swarsel-install"
-    "swarsel-rebuild"
-    "swarsel-postinstall"
-  ];
-  appSet = lib.swarselsystems.mkApps system appNames self;
-in {
-  inherit appSet;
-  default = appSet.bootstrap;
-});
-
-devShells = lib.swarselsystems.forAllSystems (
-  system:
+devShells = lib.swarselsystems.forAllSystems (system:
   let
     pkgs = nixpkgs.legacyPackages.${system};
     checks = self.checks.${system};
   in
-    {
-      default = pkgs.mkShell {
-        NIX_CONFIG = "experimental-features = nix-command flakes";
-        inherit (checks.pre-commit-check) shellHook;
-        buildInputs = checks.pre-commit-check.enabledPackages;
-        nativeBuildInputs = [
-          pkgs.nix
-          pkgs.home-manager
-          pkgs.git
-          pkgs.just
-          pkgs.age
-          pkgs.ssh-to-age
-          pkgs.sops
-        ];
-      };
-    });
-
-formatter = lib.swarselsystems.forEachSystem (pkgs: pkgs.nixpkgs-fmt);
-checks = lib.swarselsystems.forAllSystems (
-      system:
-      let
-        pkgs = nixpkgs.legacyPackages.${system};
-      in
-        import ./checks { inherit self inputs system pkgs; }
+  {
+    default = pkgs.mkShell {
+      NIX_CONFIG = "experimental-features = nix-command flakes";
+      inherit (checks.pre-commit-check) shellHook;
+      buildInputs = checks.pre-commit-check.enabledPackages;
+      nativeBuildInputs = with pkgs; [
+        nix
+        home-manager
+        git
+        just
+        age
+        ssh-to-age
+        sops
+        statix
+        deadnix
+        nixpkgs-fmt
+      ];
+    };
+  }
+);
+
+checks = lib.swarselsystems.forAllSystems (system:
+  let
+    pkgs = nixpkgs.legacyPackages.${system};
+  in
+  import ./checks { inherit self inputs system pkgs; }
 );
-overlays = import ./overlays { inherit pkgs; };
    -

    3.8. homeConfigurations

    +

    2.8. homeConfigurations

    In contrast, this defines home-manager systems, which I only have one of, that serves as a template mostly. @@ -2109,20 +1569,21 @@ In contrast, this defines home-manager systems, which I only have one of, that s 

    -"swarsel@home-manager" = inputs.home-manager.lib.homeManagerConfiguration {
- pkgs = lib.swarselsystems.pkgsFor.x86_64-linux;
- extraSpecialArgs = { inherit inputs outputs; };
-  modules = homeModules ++ mixedModules ++ [
-    ./hosts/home-manager
-  ];
-};
+# "swarsel@home-manager" = inputs.home-manager.lib.homeManagerConfiguration {
+#  pkgs = lib.swarselsystems.pkgsFor.x86_64-linux;
+#  extraSpecialArgs = { inherit inputs outputs; };
+#   modules = homeModules ++ mixedModules ++ [
+#     ./hosts/home-manager
+#   ];
+# };
 
+lib.swarselsystems.mkHalfHostConfigs (lib.swarselsystems.readHosts "home") "home" lib.swarselsystems.pkgsFor.x86_64-linux;
    -

    3.9. nixOnDroidConfigurations

    +

    2.9. nixOnDroidConfigurations

    Nix on Android also demands an own flake output, which is provided here. @@ -2130,20 +1591,22 @@ Nix on Android also demands an own flake output, which is provided here. 

    -magicant = inputs.nix-on-droid.lib.nixOnDroidConfiguration {
- pkgs = lib.swarselsystems.pkgsFor.aarch64-linux;
-  modules = [
-    ./hosts/magicant
-  ];
-};
+# magicant = inputs.nix-on-droid.lib.nixOnDroidConfiguration {
+#  pkgs = lib.swarselsystems.pkgsFor.aarch64-linux;
+#   modules = [
+#     ./hosts/magicant
+#   ];
+# };
+
+lib.swarselsystems.mkHalfHostConfigs (lib.swarselsystems.readHosts "android") "android" lib.swarselsystems.pkgsFor.aarch64-linux;
    -
    -

    3.10. topologyConfigurations

    -
    +
    +

    2.10. topologyConfigurations

    +
     lib.swarselsystems.forEachSystem (pkgs: import inputs.nix-topology {
@@ -2161,35 +1624,265 @@ lib.swarselsystems.forEachSystem (pkgs: import inputs.nix-topology {
    -

    4. System

    +

    3. System

    This holds most of the NixOS side of configuration.

    -

    4.1. System specific configuration

    +

    3.1. System specific configuration

    This section mainly exists house different `default.nix` files to define some modules that should be loaded on respective systems. Every host is housed in the hosts/ directory, which is then subdivided by each respective system (nixos/, home-manager/, nix-on-droid/, darwin/). As described earlier, some of these configurations (nixos and darwin) can be defined automatically in this flake. For home-manager and nix-on-droid, the system architecture must be defined manually.

    +
    +

    3.1.1. Template

    +
    +

    +This is the template that I use for new deployments of personal machines. Servers are usually highly tailored to their specific task and I do not consider it worth a time to craft a template for that. Also, at least at the current time, I only provide a template for NixOS hosts, as I rarely ever use anything else. +

    +
    +
    +
    3.1.1.1. Main Configuration
    +
    +
    +
    { self, inputs, outputs, config, pkgs, lib, ... }:
+let
+  profilesPath = "${self}/profiles";
+  sharedOptions = {
+    isBtrfs = true;
+  };
+in
+{
+
+  imports = outputs.nixModules ++ [
+    # ---- nixos-hardware here ----
+
+    ./hardware-configuration.nix
+    ./disk-config.nix
+
+    "${profilesPath}/optional/nixos/virtualbox.nix"
+    # "${profilesPath}/optional/nixos/vmware.nix"
+    "${profilesPath}/optional/nixos/autologin.nix"
+    "${profilesPath}/optional/nixos/nswitch-rcm.nix"
+    "${profilesPath}/optional/nixos/gaming.nix"
+
+    inputs.home-manager.nixosModules.home-manager
+    {
+      home-manager.users.swarsel.imports = outputs.mixedModules ++ [
+        "${profilesPath}/optional/home/gaming.nix"
+      ] ++ (builtins.attrValues outputs.homeManagerModules);
+    }
+  ] ++ (builtins.attrValues outputs.nixosModules);
+
+
+  nixpkgs = {
+    overlays = [ outputs.overlays.default ];
+    config = {
+      allowUnfree = true;
+    };
+  };
+
+  boot = {
+    kernelPackages = lib.mkDefault pkgs.linuxPackages_latest;
+  };
+
+  networking = {
+    hostName = "TEMPLATE";
+    firewall.enable = true;
+  };
+
+  swarselsystems = lib.recursiveUpdate
+    {
+      wallpaper = self + /wallpaper/lenovowp.png;
+      hasBluetooth = true;
+      hasFingerprint = true;
+      isImpermanence = true;
+      isSecureBoot = true;
+      isCrypted = true;
+      isSwap = true;
+      swapSize = "32G";
+      rootDisk = "TEMPLATE";
+    }
+    sharedOptions;
+
+  home-manager.users.swarsel.swarselsystems = lib.recursiveUpdate
+    {
+      isLaptop = true;
+      isNixos = true;
+      flakePath = "/home/swarsel/.dotfiles";
+      cpuCount = 16;
+      startup = [
+        { command = "nextcloud --background"; }
+        { command = "vesktop --start-minimized --enable-speech-dispatcher --ozone-platform-hint=auto --enable-features=WaylandWindowDecorations --enable-wayland-ime"; }
+        { command = "element-desktop --hidden  --enable-features=UseOzonePlatform --ozone-platform=wayland --disable-gpu-driver-bug-workarounds"; }
+        { command = "ANKI_WAYLAND=1 anki"; }
+        { command = "OBSIDIAN_USE_WAYLAND=1 obsidian"; }
+        { command = "nm-applet"; }
+        { command = "feishin"; }
+      ];
+    }
+    sharedOptions;
+}
+
    +
    +
    +
    +
    +
    3.1.1.2. disko
    +
    +

    +Acceptance of arbitraty argumments is here needed because disko passes diskoFile to this file. +

    + +
    +
    { lib, pkgs, config, rootDisk, ... }:
+let
+  type = "btrfs";
+  extraArgs = [ "-L" "nixos" "-f" ]; # force overwrite
+  subvolumes = {
+    "/root" = {
+      mountpoint = "/";
+      mountOptions = [
+        "subvol=root"
+        "compress=zstd"
+        "noatime"
+      ];
+    };
+    "/home" = lib.mkIf config.swarselsystems.isImpermanence {
+      mountpoint = "/home";
+      mountOptions = [
+        "subvol=home"
+        "compress=zstd"
+        "noatime"
+      ];
+    };
+    "/persist" = lib.mkIf config.swarselsystems.isImpermanence {
+      mountpoint = "/persist";
+      mountOptions = [
+        "subvol=persist"
+        "compress=zstd"
+        "noatime"
+      ];
+    };
+    "/log" = lib.mkIf config.swarselsystems.isImpermanence {
+      mountpoint = "/var/log";
+      mountOptions = [
+        "subvol=log"
+        "compress=zstd"
+        "noatime"
+      ];
+    };
+    "/nix" = {
+      mountpoint = "/nix";
+      mountOptions = [
+        "subvol=nix"
+        "compress=zstd"
+        "noatime"
+      ];
+    };
+    "/swap" = lib.mkIf config.swarselsystems.isSwap {
+      mountpoint = "/.swapvol";
+      swap.swapfile.size = config.swarselsystems.swapSize;
+    };
+  };
+in
+{
+  disko.devices = {
+    disk = {
+      disk0 = {
+        type = "disk";
+        device = config.swarselsystems.rootDisk;
+        content = {
+          type = "gpt";
+          partitions = {
+            ESP = {
+              priority = 1;
+              name = "ESP";
+              size = "512M";
+              type = "EF00";
+              content = {
+                type = "filesystem";
+                format = "vfat";
+                mountpoint = "/boot";
+                mountOptions = [ "defaults" ];
+              };
+            };
+            root = lib.mkIf (!config.swarselsystems.isCrypted) {
+              size = "100%";
+              content = {
+                inherit type subvolumes extraArgs;
+                postCreateHook = lib.mkIf config.swarselsystems.isImpermanence ''
+                  MNTPOINT=$(mktemp -d)
+                  mount "/dev/disk/by-label/nixos" "$MNTPOINT" -o subvolid=5
+                  trap 'umount $MNTPOINT; rm -rf $MNTPOINT' EXIT
+                  btrfs subvolume snapshot -r $MNTPOINT/root $MNTPOINT/root-blank
+                '';
+              };
+            };
+            luks = lib.mkIf config.swarselsystems.isCrypted {
+              size = "100%";
+              content = {
+                type = "luks";
+                name = "cryptroot";
+                passwordFile = "/tmp/disko-password"; # this is populated by bootstrap.sh
+                settings = {
+                  allowDiscards = true;
+                  # https://github.com/hmajid2301/dotfiles/blob/a0b511c79b11d9b4afe2a5e2b7eedb2af23e288f/systems/x86_64-linux/framework/disks.nix#L36
+                  crypttabExtraOpts = [
+                    "fido2-device=auto"
+                    "token-timeout=10"
+                  ];
+                };
+                content = {
+                  inherit type subvolumes extraArgs;
+                  postCreateHook = lib.mkIf config.swarselsystems.isImpermanence ''
+                    MNTPOINT=$(mktemp -d)
+                    mount "/dev/mapper/cryptroot" "$MNTPOINT" -o subvolid=5
+                    trap 'umount $MNTPOINT; rm -rf $MNTPOINT' EXIT
+                    btrfs subvolume snapshot -r $MNTPOINT/root $MNTPOINT/root-blank
+                  '';
+                };
+              };
+            };
+          };
+        };
+      };
+    };
+  };
+
+  fileSystems."/persist".neededForBoot = lib.mkIf config.swarselsystems.isImpermanence true;
+  fileSystems."/home".neededForBoot = lib.mkIf config.swarselsystems.isImpermanence true;
+
+  environment.systemPackages = [
+    pkgs.yubikey-manager
+  ];
+}
+
    +
    +
    +
    +
    -

    4.1.1. Physical hosts

    +

    3.1.2. Physical hosts

    This is a list of all physical machines that I maintain.

    -
    4.1.1.1. nbl-imba-2 (Framework Laptop 16)
    +
    3.1.2.1. nbl-imba-2 (Framework Laptop 16)

    My work machine. Built for more security, this is the gold standard of my configurations at the moment.

    - - +
    +
    +
    3.1.2.1.1. Main Configuration
    +
    { self, inputs, outputs, config, pkgs, lib, ... }:
 let
@@ -2412,13 +2105,151 @@ in
    +
    +
    3.1.2.1.2. hardware-configuration
    +
    +
    +
    { config, lib, modulesPath, ... }:
+{
+  imports =
+    [
+      (modulesPath + "/installer/scan/not-detected.nix")
+    ];
+
+  boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" "thunderbolt" "usb_storage" "cryptd" "usbhid" "sd_mod" "r8152" ];
+  boot.initrd.kernelModules = [ ];
+  boot.kernelModules = [ "kvm-amd" ];
+
+  # Fix screen flickering issue at the cost of battery life (disable PSR and PSR-SU, keep PR enabled)
+  # TODO: figure out if this is worth it
+  # test PSR/PR state with 'sudo grep '' /sys/kernel/debug/dri/0000*/eDP-2/*_capability'
+  # ref:
+  # https://old.reddit.com/r/framework/comments/1goh7hc/anyone_else_get_this_screen_flickering_issue/
+  # https://www.reddit.com/r/NixOS/comments/1hjruq1/graphics_corruption_on_kernel_6125_and_up/
+  # https://gitlab.freedesktop.org/drm/amd/-/issues/3797
+  boot.kernelParams = [ "amdgpu.dcdebugmask=0x410" ];
+
+  boot.extraModulePackages = [ ];
+  boot.initrd.luks.devices."cryptroot" = {
+    # improve performance on ssds
+    bypassWorkqueues = true;
+    preLVM = true;
+  };
+
+  # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
+  # (the default) this is the recommended approach. When using systemd-networkd it's
+  # still possible to use this option, but it's recommended to use it in conjunction
+  # with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
+  networking.useDHCP = lib.mkDefault true;
+  # networking.interfaces.enp196s0f3u1c2.useDHCP = lib.mkDefault true;
+  # networking.interfaces.wlp4s0.useDHCP = lib.mkDefault true;
+
+  nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
+  hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
+}
+
+
+
    +
    +
    +
    +
    +
    3.1.2.1.3. disko
    +
    +
    +
    {
+  disko.devices = {
+    disk = {
+      nvme0n1 = {
+        type = "disk";
+        device = "/dev/nvme0n1";
+        content = {
+          type = "gpt";
+          partitions = {
+            ESP = {
+              label = "boot";
+              name = "ESP";
+              size = "512M";
+              type = "EF00";
+              content = {
+                type = "filesystem";
+                format = "vfat";
+                mountpoint = "/boot";
+                mountOptions = [
+                  "defaults"
+                ];
+              };
+            };
+            luks = {
+              size = "100%";
+              label = "luks";
+              content = {
+                type = "luks";
+                name = "cryptroot";
+                extraOpenArgs = [
+                  "--allow-discards"
+                  "--perf-no_read_workqueue"
+                  "--perf-no_write_workqueue"
+                ];
+                # https://0pointer.net/blog/unlocking-luks2-volumes-with-tpm2-fido2-pkcs11-security-hardware-on-systemd-248.html
+                settings = { crypttabExtraOpts = [ "fido2-device=auto" "token-timeout=10" ]; };
+                content = {
+                  type = "btrfs";
+                  extraArgs = [ "-L" "nixos" "-f" ];
+                  subvolumes = {
+                    "/root" = {
+                      mountpoint = "/";
+                      mountOptions = [ "subvol=root" "compress=zstd" "noatime" ];
+                    };
+                    "/home" = {
+                      mountpoint = "/home";
+                      mountOptions = [ "subvol=home" "compress=zstd" "noatime" ];
+                    };
+                    "/nix" = {
+                      mountpoint = "/nix";
+                      mountOptions = [ "subvol=nix" "compress=zstd" "noatime" ];
+                    };
+                    "/persist" = {
+                      mountpoint = "/persist";
+                      mountOptions = [ "subvol=persist" "compress=zstd" "noatime" ];
+                    };
+                    "/log" = {
+                      mountpoint = "/var/log";
+                      mountOptions = [ "subvol=log" "compress=zstd" "noatime" ];
+                    };
+                    "/swap" = {
+                      mountpoint = "/swap";
+                      swap.swapfile.size = "64G";
+                    };
+                  };
+                };
+              };
+            };
+          };
+        };
+      };
+    };
+  };
+
+  fileSystems."/persist".neededForBoot = true;
+  fileSystems."/var/log".neededForBoot = true;
+}
+
+
    +
    +
    +
    +
    -
    4.1.1.2. Winters (Server)
    +
    3.1.2.2. Winters (Server)

    This is my main server that I run at home. It handles most tasks that require bigger amounts of storage than I can receive for free at OCI. Also it houses some data that I find too sensitive to hand over to Oracle.

    - +
    +
    +
    3.1.2.2.1. Main Configuration
    +
    { self, inputs, outputs, config, ... }:
 let
@@ -2496,8 +2327,58 @@ in
    +
    +
    3.1.2.2.2. hardware-configuration
    +
    +
    +
    { config, lib, modulesPath, ... }:
+
+{
+  imports =
+    [
+      (modulesPath + "/installer/scan/not-detected.nix")
+    ];
+
+  boot.initrd.availableKernelModules = [ "ahci" "xhci_pci" "usbhid" "usb_storage" "sd_mod" ];
+  boot.initrd.kernelModules = [ ];
+  boot.kernelModules = [ "kvm-intel" ];
+  boot.extraModulePackages = [ ];
+
+  boot.supportedFilesystems = [ "zfs" ];
+  boot.zfs.extraPools = [ "Vault" ];
+
+  fileSystems."/" =
+    {
+      device = "/dev/disk/by-uuid/30e2f96a-b01d-4c27-9ebb-d5d7e9f0031f";
+      fsType = "ext4";
+    };
+
+  fileSystems."/boot" =
+    {
+      device = "/dev/disk/by-uuid/F0D8-8BD1";
+      fsType = "vfat";
+    };
+
+  swapDevices =
+    [{ device = "/dev/disk/by-uuid/a8eb6f3b-69bf-4160-90aa-9247abc108e0"; }];
+
+  # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
+  # (the default) this is the recommended approach. When using systemd-networkd it's
+  # still possible to use this option, but it's recommended to use it in conjunction
+  # with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
+  networking.useDHCP = lib.mkDefault true;
+  # networking.interfaces.enp3s0.useDHCP = lib.mkDefault true;
+
+  nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
+  hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
+}
+
    +
    +
    +
    +
    -
    4.1.1.3. nbm-imba-166 (MacBook Pro)
    +
    3.1.2.3. nbm-imba-166 (MacBook Pro)

    A Mac notebook that I have received from work. I use this machine for getting accustomed to the Apple ecosystem as well as as a sandbox for nix-darwin configurations. @@ -2534,15 +2415,13 @@ in isBtrfs = false; }; }; - - }

    -
    4.1.1.4. Magicant (Phone)
    +
    3.1.2.4. Magicant (Phone)

    My phone. I use only a minimal config for remote debugging here. @@ -2602,7 +2481,7 @@ My phone. I use only a minimal config for remote debugging here.

    -

    4.1.2. Virtual hosts

    +

    3.1.3. Virtual hosts

    My server setup was originally built on Proxmox VE; back when I started, I created all kinds of wild Debian/Ubuntu/etc. KVMs and LXCs on there. However, the root disk has suffered a weird failure where it has become unable to be cloned, but it is still functional for now. I was for a long time rewriting all machines on there to use NixOS instead; this process is now finished. @@ -2613,7 +2492,7 @@ I have removed most of the machines from this section. What remains are some hos

    -
    4.1.2.1. Sync (OCI)
    +
    3.1.3.1. Sync (OCI)

    This machine mainly acts as an external sync helper. It manages the following things: @@ -2630,10 +2509,7 @@ Syncthing backup of replaceable data All of these are processes that use little cpu but can take a lot of storage. For this I use a free Ampere instance from OCI with 50G of space. In case my account gets terminated, all of this data is easily replaceable or backed up regularly anyways.

    -
    -
    -
    4.1.2.1.1. NixOS
    -
    + 
    { self, inputs, outputs, lib, ... }:
 let
@@ -2733,18 +2609,20 @@ in
    +
    +

    3.1.4. Utility hosts

    +
    -
    -

    4.1.3. Utility hosts

    -
    -
    -
    -
    4.1.3.1. Toto (Physical/VM)
    -
    +
    +
    3.1.4.1. Toto (Physical/VM)
    +

    -This is a slim setup for developing base configuration. +This is a slim setup for developing base configuration. I do not track the hardware-configuration for this host here because I often switch this configuration between running on a QEMU VM and a physical laptop and do not want to constantly adapt the config here to reflect the current state.

    - +
    +
    +
    3.1.4.1.1. Main Configuration
    +
    { self, inputs, outputs, config, pkgs, lib, ... }:
 let
@@ -2843,8 +2721,147 @@ in
    +
    +
    3.1.4.1.2. disko
    +
    +
    +
    # NOTE: ... is needed because dikso passes diskoFile
+{ lib
+, pkgs
+, config
+, rootDisk
+, ...
+}:
+let
+  type = "btrfs";
+  extraArgs = [ "-L" "nixos" "-f" ]; # force overwrite
+  subvolumes = {
+    "/root" = {
+      mountpoint = "/";
+      mountOptions = [
+        "subvol=root"
+        "compress=zstd"
+        "noatime"
+      ];
+    };
+    "/home" = lib.mkIf config.swarselsystems.isImpermanence {
+      mountpoint = "/home";
+      mountOptions = [
+        "subvol=home"
+        "compress=zstd"
+        "noatime"
+      ];
+    };
+    "/persist" = lib.mkIf config.swarselsystems.isImpermanence {
+      mountpoint = "/persist";
+      mountOptions = [
+        "subvol=persist"
+        "compress=zstd"
+        "noatime"
+      ];
+    };
+    "/log" = lib.mkIf config.swarselsystems.isImpermanence {
+      mountpoint = "/var/log";
+      mountOptions = [
+        "subvol=log"
+        "compress=zstd"
+        "noatime"
+      ];
+    };
+    "/nix" = {
+      mountpoint = "/nix";
+      mountOptions = [
+        "subvol=nix"
+        "compress=zstd"
+        "noatime"
+      ];
+    };
+    "/swap" = lib.mkIf config.swarselsystems.isSwap {
+      mountpoint = "/.swapvol";
+      swap.swapfile.size = config.swarselsystems.swapSize;
+    };
+  };
+in
+{
+  disko.devices = {
+    disk = {
+      disk0 = {
+        type = "disk";
+        device = config.swarselsystems.rootDisk;
+        content = {
+          type = "gpt";
+          partitions = {
+            ESP = {
+              priority = 1;
+              name = "ESP";
+              size = "512M";
+              type = "EF00";
+              content = {
+                type = "filesystem";
+                format = "vfat";
+                mountpoint = "/boot";
+                mountOptions = [ "defaults" ];
+              };
+            };
+            root = lib.mkIf (!config.swarselsystems.isCrypted) {
+              size = "100%";
+              content = {
+                inherit type subvolumes extraArgs;
+                postCreateHook = lib.mkIf config.swarselsystems.isImpermanence ''
+                  MNTPOINT=$(mktemp -d)
+                  mount "/dev/disk/by-label/nixos" "$MNTPOINT" -o subvolid=5
+                  trap 'umount $MNTPOINT; rm -rf $MNTPOINT' EXIT
+                  btrfs subvolume snapshot -r $MNTPOINT/root $MNTPOINT/root-blank
+                '';
+              };
+            };
+            luks = lib.mkIf config.swarselsystems.isCrypted {
+              size = "100%";
+              content = {
+                type = "luks";
+                name = "cryptroot";
+                passwordFile = "/tmp/disko-password"; # this is populated by bootstrap.sh
+                settings = {
+                  allowDiscards = true;
+                  # https://github.com/hmajid2301/dotfiles/blob/a0b511c79b11d9b4afe2a5e2b7eedb2af23e288f/systems/x86_64-linux/framework/disks.nix#L36
+                  crypttabExtraOpts = [
+                    "fido2-device=auto"
+                    "token-timeout=10"
+                  ];
+                };
+                content = {
+                  inherit type subvolumes extraArgs;
+                  postCreateHook = lib.mkIf config.swarselsystems.isImpermanence ''
+                    MNTPOINT=$(mktemp -d)
+                    mount "/dev/mapper/cryptroot" "$MNTPOINT" -o subvolid=5
+                    trap 'umount $MNTPOINT; rm -rf $MNTPOINT' EXIT
+                    btrfs subvolume snapshot -r $MNTPOINT/root $MNTPOINT/root-blank
+                  '';
+                };
+              };
+            };
+          };
+        };
+      };
+    };
+  };
+
+  fileSystems."/persist".neededForBoot = lib.mkIf config.swarselsystems.isImpermanence true;
+  fileSystems."/home".neededForBoot = lib.mkIf config.swarselsystems.isImpermanence true;
+
+  environment.systemPackages = [
+    pkgs.yubikey-manager
+  ];
+}
+
+
+
    +
    +
    +
    +
    -
    4.1.3.2. drugstore (ISO)
    +
    3.1.4.2. drugstore (ISO)

    This is a live environment ISO that I use to bootstrap new systems. It only loads a minimal configuration and no graphical interface. After booting this image on a host, find out its IP and bootstrap the system using the bootstrap utility. @@ -2958,7 +2975,7 @@ in }; programs.bash.shellAliases = { - "swarsel-install" = "nix run github:Swarsel/.dotfiles#install --"; + "swarsel-install" = "nix run github:Swarsel/.dotfiles#swarsel-install --"; }; system.activationScripts.cache = { @@ -2996,7 +3013,7 @@ in

    -
    4.1.3.3. Home-manager only (non-NixOS)
    +
    3.1.4.3. Home-manager only (non-NixOS)

    This is the "reference implementation" of a setup that runs without NixOS, only relying on home-manager. I try to test this every now and then and keep it supported. However, manual steps are needed to get the system to work fully, depending on what distribution you are running on. @@ -3006,7 +3023,7 @@ This is the "reference implementation" of a setup that runs without NixOS, only 

    { self, inputs, outputs, config, ... }:
 {
 
-  imports = builtins.attrValues outputs.homeManagerModules;
+  imports = outputs.homeModules ++ outputs.mixedModules ++ (builtins.attrValues outputs.homeManagerModules);
 
   nixpkgs = {
     overlays = [ outputs.overlays.default ];
@@ -3032,29 +3049,6 @@ This is the "reference implementation" of a setup that runs without NixOS, only
     isLaptop = true;
     isNixos = false;
     wallpaper = self + /wallpaper/surfacewp.png;
-    temperatureHwmon = {
-      isAbsolutePath = true;
-      path = "/sys/devices/platform/thinkpad_hwmon/hwmon/";
-      input-filename = "temp1_input";
-    };
-    monitors = {
-      main = {
-        name = "California Institute of Technology 0x1407 Unknown";
-        mode = "1920x1080"; # TEMPLATE
-        scale = "1";
-        position = "2560,0";
-        workspace = "2:二";
-        output = "eDP-1";
-      };
-    };
-    inputs = {
-      "1:1:AT_Translated_Set_2_keyboard" = {
-        xkb_layout = "us";
-        xkb_options = "grp:win_space_toggle";
-        xkb_variant = "altgr-intl";
-      };
-    };
-    keybindings = { };
   };
 
 }
@@ -3064,9 +3058,9 @@ This is the "reference implementation" of a setup that runs without NixOS, only
    -
    -
    4.1.3.4. ChaosTheatre (Demo Physical/VM)
    -
    +
    +
    3.1.4.4. ChaosTheatre (Demo Physical/VM)
    +

    This is just a demo host. It applies all the configuration found in the common parts of the flake, but disables all secrets-related features (as they would not work without the proper SSH keys).

    @@ -3142,7 +3136,7 @@ in
    -

    4.2. Additions and modifications

    +

    3.2. Additions and modifications

    In this section I define packages that I manually want to nixpkgs. This can be useful for packages that are currently awaiting a PR or public packages that I do not want to maintain. @@ -3160,9 +3154,17 @@ These are for packages that are on nixpkgs, but do not fit my usecase, meaning I

  • nixpkgs-stable This is simply a mirror of the most recent stable branch of nixpkgs. Useful for packages that are broken on nixpkgs, but do not need to be on bleeding edge anyways.
    • + +

    +Also, this is where I define all of my own modules. These are mostly used for setting some host-specifics directly than opposed to through multiple options. +

    + +

    +Lastly, I add some of my own library functions to be used alongside the functions provided by nixpkgs and home-manager. +

    -

    4.2.1. Packages

    +

    3.2.1. Packages

    This is the central station for self-defined packages. These are all referenced in default.nix. Wherever possible, I am keeping the shell version of these scripts in this file as well and then read it using builtin.readFile in the NixOS configurations. This lets me keep full control in this one file but also keep the separate files uncluttered. @@ -3173,7 +3175,7 @@ Note: The structure of generating the packages was changed in commit 2cf03

    -
    { lib, ... }:
+
    { lib, pkgs, ... }:
 let
   packageNames = [
     "pass-fuzzel"
@@ -3201,14 +3203,14 @@ let
     "eontimer"
   ];
   in
- lib.swarselsystems.mkPackages packageNames
+ lib.swarselsystems.mkPackages packageNames pkgs
    -
    4.2.1.1. pass-fuzzel
    +
    3.2.1.1. pass-fuzzel

    This app allows me, in conjunction with my Yubikey, to quickly enter passwords when the need arises. Normal and TOTP passwords are supported, and they can either be printed directly or copied to the clipboard. @@ -3270,12 +3272,11 @@ notify-send -u critical -a pass -t 1000 "Copied/Typed Password"

    -
    { writeShellApplication, libnotify, pass, fuzzel, wtype }:
-
+
    { self, name, writeShellApplication, libnotify, pass, fuzzel, wtype }:
 writeShellApplication {
-  name = "pass-fuzzel";
+  inherit name;
   runtimeInputs = [ libnotify (pass.withExtensions (exts: [ exts.pass-otp ])) fuzzel wtype ];
-  text = builtins.readFile ../../scripts/pass-fuzzel.sh;
+  text = builtins.readFile "${self}/scripts/${name}.sh";
 }
 
 
    
@@ -3283,7 +3284,7 @@ writeShellApplication {
    -
    4.2.1.2. cura5
    +
    3.2.1.2. cura5

    The version of cura used to be quite outdated in nixpkgs. I am fetching a newer AppImage here and use that instead. @@ -3292,7 +3293,7 @@ The version of cura used to be quite outdated in nixpkgs. I am fetc 

    # taken from https://github.com/NixOS/nixpkgs/issues/186570#issuecomment-1627797219
-{ appimageTools, fetchurl, writeScriptBin, pkgs }:
+{ appimageTools, fetchurl, writeScriptBin, pkgs, ... }:
 
 
 let
@@ -3326,7 +3327,7 @@ writeScriptBin "cura" ''
    -
    4.2.1.3. hm-specialisation
    +
    3.2.1.3. hm-specialisation

    This script allows for quick git home-manager specialisation switching. @@ -3334,10 +3335,10 @@ This script allows for quick git home-manager specialisation switching.

    -
    { writeShellApplication, fzf, findutils, home-manager }:
+
    { name, writeShellApplication, fzf, findutils, home-manager, ... }:
 
 writeShellApplication {
-  name = "hm-specialisation";
+  inherit name;
   runtimeInputs = [ fzf findutils home-manager ];
   text = ''
     genpath=$(home-manager generations | head -1 | awk '{print $7}')
@@ -3352,7 +3353,7 @@ writeShellApplication {
    -
    4.2.1.4. cdw
    +
    3.2.1.4. cdw

    This script allows for quick git worktree switching. @@ -3360,10 +3361,10 @@ This script allows for quick git worktree switching.

    -
    { writeShellApplication, fzf }:
+
    { name, writeShellApplication, fzf, ... }:
 
 writeShellApplication {
-  name = "cdw";
+  inherit name;
   runtimeInputs = [ fzf ];
   text = ''
     cd "$(git worktree list | fzf | awk '{print $1}')"
@@ -3376,17 +3377,17 @@ writeShellApplication {
    -
    4.2.1.5. cdb
    +
    3.2.1.5. cdb

    This script allows for quick git branch switching.

    -
    { writeShellApplication, fzf }:
+
    { name, writeShellApplication, fzf, ... }:
 
 writeShellApplication {
-  name = "cdb";
+  inherit name;
   runtimeInputs = [ fzf ];
   text = ''
     git checkout "$(git branch --list | grep -v "^\*" | fzf | awk '{print $1}')"
@@ -3398,7 +3399,7 @@ writeShellApplication {
    -
    4.2.1.6. bak
    +
    3.2.1.6. bak

    This script lets me quickly backup files by appending .bak to the filename. @@ -3406,12 +3407,12 @@ This script lets me quickly backup files by appending .bak to the f

    -
    { writeShellApplication }:
+
    { name, writeShellApplication, ... }:
 
 writeShellApplication {
-  name = "bak";
+  inherit name;
   text = ''
-    cp "$1"{,.bak}
+    cp -r "$1"{,.bak}
   '';
 }
 
@@ -3421,7 +3422,7 @@ writeShellApplication {
    -
    4.2.1.7. timer
    +
    3.2.1.7. timer

    This app starts a configuratble timer and uses TTS to say something once the timer runs out. @@ -3429,10 +3430,10 @@ This app starts a configuratble timer and uses TTS to say something once the tim

    -
    { writeShellApplication, speechd }:
+
    { name, writeShellApplication, speechd, ... }:
 
 writeShellApplication {
-  name = "timer";
+  inherit name;
   runtimeInputs = [ speechd ];
   text = ''
     sleep "$1"; while true; do spd-say "$2"; sleep 0.5; done;
@@ -3444,7 +3445,7 @@ writeShellApplication {
    -
    4.2.1.8. e
    +
    3.2.1.8. e

    This is a shorthand for calling emacsclient mostly. Also, it hides the kittyterm scratchpad window that I sometimes use for calling a command quickly, in case it is on the screen. After emacs closes, the kittyterm window is then shown again if it was visible earlier. @@ -3478,12 +3479,11 @@ fi

    -
    { writeShellApplication, emacs30-pgtk, sway, jq }:
-
+
    { self, name, writeShellApplication, emacs30-pgtk, sway, jq }:
 writeShellApplication {
-  name = "e";
+  inherit name;
   runtimeInputs = [ emacs30-pgtk sway jq ];
-  text = builtins.readFile ../../scripts/e.sh;
+  text = builtins.readFile "${self}/scripts/${name}.sh";
 }
 
 
    
@@ -3491,7 +3491,7 @@ writeShellApplication {
    -
    4.2.1.9. command-not-found
    +
    3.2.1.9. command-not-found

    The normal command-not-found.sh uses the outdated nix-shell commands as suggestions. This version supplies me with the more modern nixpkgs#<name> version. @@ -3537,7 +3537,7 @@ command_not_found_handler() {

    -
    4.2.1.10. swarselcheck
    +
    3.2.1.10. swarselcheck

    This app checks for different apps that I keep around in the scratchpad for quick viewing and hiding (messengers and music players mostly) and then behaves like the kittyterm hider that I described in e. @@ -3610,12 +3610,11 @@ fi

    -
    { writeShellApplication, kitty, element-desktop-wayland, vesktop, spotify-player, jq }:
-
+
    { self, name, writeShellApplication, kitty, element-desktop-wayland, vesktop, spotify-player, jq }:
 writeShellApplication {
-  name = "swarselcheck";
+  inherit name;
   runtimeInputs = [ kitty element-desktop-wayland vesktop spotify-player jq ];
-  text = builtins.readFile ../../scripts/swarselcheck.sh;
+  text = builtins.readFile "${self}/scripts/${name}.sh";
 }
 
 
    
@@ -3623,7 +3622,7 @@ writeShellApplication {
    -
    4.2.1.11. waybarupdate
    +
    3.2.1.11. waybarupdate

    This scripts checks if there are uncommited changes in either my dotfile repo, my university repo, or my passfile repo. In that case a warning will be shown in waybar. @@ -3658,12 +3657,11 @@ echo "$OUT"

    -
    { writeShellApplication, git }:
-
+
    { self, name, writeShellApplication, git }:
 writeShellApplication {
-  name = "waybarupdate";
+  inherit name;
   runtimeInputs = [ git ];
-  text = builtins.readFile ../../scripts/waybarupdate.sh;
+  text = builtins.readFile "${self}/scripts/${name}.sh";
 }
 
 
    
@@ -3671,7 +3669,7 @@ writeShellApplication {
    -
    4.2.1.12. opacitytoggle
    +
    3.2.1.12. opacitytoggle

    This app quickly toggles between 5% and 0% transparency. @@ -3687,19 +3685,18 @@ fi

    -
    { writeShellApplication, sway }:
-
+
    { self, name, writeShellApplication, sway }:
 writeShellApplication {
-  name = "opacitytoggle";
+  inherit name;
   runtimeInputs = [ sway ];
-  text = builtins.readFile ../../scripts/opacitytoggle.sh;
+  text = builtins.readFile "${self}/scripts/${name}.sh";
 }
    -
    4.2.1.13. fs-diff
    +
    3.2.1.13. fs-diff

    This utility is used to compare the current state of the root directory with the blanket state that is stored in /root-blank (the snapshot that is restored on each reboot of an impermanence machine). Using this, I can find files that I will lose once I reboot - if there are important files in that list, I can then easily add them to the persist options. @@ -3730,18 +3727,17 @@ sudo btrfs subvolume find-new "/mnt/root" "$OLD_TRANSID" |

    -
    { writeShellApplication }:
-
+
    { self, name, writeShellApplication }:
 writeShellApplication {
-  name = "fs-diff";
-  text = builtins.readFile ../../scripts/fs-diff.sh;
+  inherit name;
+  text = builtins.readFile "${self}/scripts/${name}.sh";
 }
    -
    4.2.1.14. update-checker
    +
    3.2.1.14. update-checker

    This utility checks if there are updated packages in nixpkgs-unstable. It does so by fully building the most recent configuration, which I do not love, but it has its merits once I am willing to switch to the newer version. @@ -3766,19 +3762,18 @@ fi

    -
    { writeShellApplication, nvd }:
-
+
    { self, name, writeShellApplication, nvd }:
 writeShellApplication {
-  name = "update-checker";
+  inherit name;
   runtimeInputs = [ nvd ];
-  text = builtins.readFile ../../scripts/update-checker.sh;
+  text = builtins.readFile "${self}/scripts/${name}.sh";
 }
    -
    4.2.1.15. github-notifications
    +
    3.2.1.15. github-notifications

    This utility checks if there are updated packages in nixpkgs-unstable. It does so by fully building the most recent configuration, which I do not love, but it has its merits once I am willing to switch to the newer version. @@ -3786,10 +3781,10 @@ This utility checks if there are updated packages in nixpkgs-unstable. It does s

    -
    { writeShellApplication, jq }:
+
    { name, writeShellApplication, jq, ... }:
 
 writeShellApplication {
-  name = "github-notifications";
+  inherit name;
   runtimeInputs = [ jq ];
   text = ''
     count=$(curl -u Swarsel:"$(cat /run/user/1000/secrets/github_notif)" https://api.github.com/notifications | jq '. | length')
@@ -3804,7 +3799,7 @@ writeShellApplication {
    -
    4.2.1.16. screenshare
    +
    3.2.1.16. screenshare
    SHARESCREEN="$(nix eval --raw ~/.dotfiles#nixosConfigurations."$(hostname)".config.home-manager.users."$(whoami)".swarselsystems.sharescreen)"
@@ -3829,19 +3824,18 @@ fi
 
 
 
    
-
    { writeShellApplication, sway }:
-
+
    { self, name, writeShellApplication, sway }:
 writeShellApplication {
-  name = "screenshare";
+  inherit name;
   runtimeInputs = [ sway ];
-  text = builtins.readFile ../../scripts/screenshare.sh;
+  text = builtins.readFile "${self}/scripts/${name}.sh";
 }
    -
    4.2.1.17. swarsel-bootstrap
    +
    3.2.1.17. swarsel-bootstrap

    This program sets up a new NixOS host remotely. It also takes care of secret management on the new host. @@ -4192,20 +4186,19 @@ fi

    -
    { writeShellApplication, openssh }:
-
+
    { self, name, writeShellApplication, openssh }:
 writeShellApplication {
-  name = "swarsel-bootstrap";
+  inherit name;
   runtimeInputs = [ openssh ];
-  text = builtins.readFile ../../scripts/swarsel-bootstrap.sh;
+  text = builtins.readFile "${self}/scripts/${name}.sh";
 }
    -
    -
    4.2.1.18. swarsel-rebuild
    -
    +
    +
    3.2.1.18. swarsel-rebuild
    +

    This program builds a configuration locally.

    @@ -4304,20 +4297,19 @@ yellow "Please keep in mind that this is only a demo of the configuration. Thing
    -
    { writeShellApplication, git }:
-
+
    { self, name, writeShellApplication, git }:
 writeShellApplication {
-  name = "swarsel-rebuild";
+  inherit name;
   runtimeInputs = [ git ];
-  text = builtins.readFile ../../scripts/swarsel-rebuild.sh;
+  text = builtins.readFile "${self}/scripts/${name}.sh";
 }
    -
    -
    4.2.1.19. swarsel-install
    -
    +
    +
    3.2.1.19. swarsel-install
    +

    This program sets up a new NixOS host locally.

    @@ -4492,20 +4484,19 @@ green "Installation finished! Reboot to see changes"
    -
    { writeShellApplication, git }:
-
+
    { self, name, writeShellApplication, git }:
 writeShellApplication {
-  name = "swarsel-install";
+  inherit name;
   runtimeInputs = [ git ];
-  text = builtins.readFile ../../scripts/swarsel-install.sh;
+  text = builtins.readFile "${self}/scripts/${name}.sh";
 }
    -
    -
    4.2.1.20. swarsel-postinstall
    -
    +
    +
    3.2.1.20. swarsel-postinstall
    +

    This program sets up a new NixOS host locally.

    @@ -4592,29 +4583,28 @@ green "Post-install finished!"
    -
    { writeShellApplication, git }:
-
+
    { self, name, writeShellApplication, git }:
 writeShellApplication {
-  name = "swarsel-postinstall";
+  inherit name;
   runtimeInputs = [ git ];
-  text = builtins.readFile ../../scripts/swarsel-postinstall.sh;
+  text = builtins.readFile "${self}/scripts/${name}.sh";
 }
    -
    4.2.1.21. t2ts
    +
    3.2.1.21. t2ts

    This script allows for quick git branch switching.

    -
    { writeShellApplication }:
+
    { name, writeShellApplication, ... }:
 
 writeShellApplication {
-  name = "t2ts";
+  inherit name;
   runtimeInputs = [ ];
   text = ''
     date -d"$1" +%s
@@ -4626,17 +4616,17 @@ writeShellApplication {
    -
    4.2.1.22. ts2t
    +
    3.2.1.22. ts2t

    This script allows for quick git branch switching.

    -
    { writeShellApplication }:
+
    { name, writeShellApplication, ... }:
 
 writeShellApplication {
-  name = "ts2t";
+  inherit name;
   runtimeInputs = [ ];
   text = ''
     date -d @"$1" 2>/dev/null || date -r "$1"
@@ -4647,18 +4637,18 @@ writeShellApplication {
    -
    -
    4.2.1.23. vershell
    -
    +
    +
    3.2.1.23. vershell
    +

    This script allows for quick git branch switching.

    -
    { writeShellApplication }:
+
    { name, writeShellApplication, ... }:
 
 writeShellApplication {
-  name = "vershell";
+  inherit name;
   runtimeInputs = [ ];
   text = ''
     nix shell github:nixos/nixpkgs/"$1"#"$2";
@@ -4669,15 +4659,15 @@ writeShellApplication {
    -
    -
    4.2.1.24. eontimer
    -
    +
    +
    3.2.1.24. eontimer
    +

    This script allows for quick git branch switching.

    -
    { pkgs, python3Packages }:
+
    { pkgs, python3Packages, ... }:
 
 python3Packages.buildPythonApplication rec {
   pname = "eontimer";
@@ -4733,7 +4723,7 @@ python3Packages.buildPythonApplication rec {
    -

    4.2.2. Overlays (additions, overrides, nixpkgs-stable)

    +

    3.2.2. Overlays (additions, overrides, nixpkgs-stable)

    This file now holds all of the "nixpkgs-changes" that I am using across the configurations. Most notable here are the modifications, where I am editing derivations according to my needs. @@ -4744,24 +4734,25 @@ When adding a new entry here, do not forget to add it in the default output of t

    -
    { inputs, lib, ... }:
+
    { self, inputs, lib, ... }:
 
 let
-  additions = final: _prev: import ../pkgs { pkgs = final; inherit lib };
-  modifications = _: _prev: {
-    vesktop = _prev.vesktop.override {
+  additions = final: _: import "${self}/pkgs" { pkgs = final; inherit lib; };
+
+  modifications = _: prev: {
+    vesktop = prev.vesktop.override {
       withSystemVencord = true;
     };
 
-    firefox = _prev.firefox.override {
+    firefox = prev.firefox.override {
       nativeMessagingHosts = [
-        _prev.tridactyl-native
-        _prev.browserpass
-        _prev.plasma5Packages.plasma-browser-integration
+        prev.tridactyl-native
+        prev.browserpass
+        prev.plasma5Packages.plasma-browser-integration
       ];
     };
 
-    retroarch = _prev.retroarch.withCores (cores: with cores; [
+    retroarch = prev.retroarch.withCores (cores: with cores; [
         snes9x # snes
         nestopia # nes
         dosbox # dos
@@ -4772,10 +4763,6 @@ let
         dolphin # gc/wii
       ]);
 
-    # prismlauncher = _prev.prismlauncher.override {
-    #   glfw = _prev.glfw-wayland-minecraft;
-    # };
-
     # #river = prev.river.overrideAttrs (oldAttrs: rec {
     #   pname = "river";
     #   version = "git";
@@ -4789,15 +4776,15 @@ let
     # });
   };
 
-  nixpkgs-stable = final: _prev: {
+  nixpkgs-stable = final: _: {
     stable = import inputs.nixpkgs-stable {
       inherit (final) system;
       config.allowUnfree = true;
     };
   };
 
-  zjstatus = _: _prev: {
-    zjstatus = inputs.zjstatus.packages.${_prev.system}.default;
+  zjstatus = _: prev: {
+    zjstatus = inputs.zjstatus.packages.${prev.system}.default;
   };
 
 in
@@ -4821,7 +4808,7 @@ in
    -

    4.2.3. Modules

    +

    3.2.3. Modules

    In this section I define custom modules under the swarsel attribute. These are mostly used to define settings specific to a host. I keep these settings confined to either home-manager or nixos to maintain compatibility with non-NixOS machines. @@ -4832,14 +4819,15 @@ Note: The structure of generating the packages was changed in commit 2cf03

    -
    4.2.3.1. NixOS
    +
    3.2.3.1. NixOS

    Modules that need to be loaded on the NixOS level. Note that these will not be available on systems that are not running NixOS.

    -
    let
+
    { lib, ... }:
+let
   moduleNames = [
     "wallpaper"
     "hardware"
@@ -4847,20 +4835,14 @@ Modules that need to be loaded on the NixOS level. Note that these will not be a
     "server"
     "input"
   ];
-
-  mkImports = names: builtins.listToAttrs (map (name: {
-    inherit name;
-    value = import ./${name}.nix;
-  }) names);
-
 in
-  mkImports moduleNames
+lib.swarselsystems.mkModules moduleNames "nixos"
    -
    4.2.3.1.1. Wallpaper
    +
    3.2.3.1.1. Wallpaper

    This lets me set the wallpaper that I want to use. Duplicated with home-manager options because mixing system and user level configuration is not a good idea. @@ -4881,7 +4863,7 @@ This lets me set the wallpaper that I want to use. Duplicated with home-manager

    -
    4.2.3.1.2. Hardware
    +
    3.2.3.1.2. Hardware

    This lets me set some basic flags about the hardware of the configured systems. @@ -4904,7 +4886,7 @@ This lets me set some basic flags about the hardware of the configured systems.

    -
    4.2.3.1.3. Setup
    +
    3.2.3.1.3. Setup

    I usually use mutableUsers = false in my NixOS configuration. However, on a new system where sops-keys have not been deployed, this would immediately lock me out of the system. Hence this flag can be used until sops-keys are created. @@ -4949,9 +4931,9 @@ I usually use mutableUsers = false in my NixOS configuration. Howev

    -
    -
    4.2.3.1.4. Server
    -
    +
    +
    3.2.3.1.4. Server
    +
    { lib, ... }:
 {
@@ -4980,7 +4962,7 @@ I usually use mutableUsers = false in my NixOS configuration. Howev
    -
    4.2.3.1.5. Input
    +
    3.2.3.1.5. Input

    This section is for everything input-related on the NixOS side. At the moment, this is only used to define shell aliases for servers. @@ -4988,12 +4970,9 @@ This section is for everything input-related on the NixOS side. At the moment, t 

    { lib, ... }:
-let
-  inherit (lib) mkOption types;
-in
 {
-  options.swarselsystems.shellAliases = mkOption {
-    type = types.attrsOf types.str;
+  options.swarselsystems.shellAliases = lib.mkOption {
+    type = lib.types.attrsOf lib.types.str;
     default = { };
   };
 }
@@ -5003,14 +4982,15 @@ in
    -
    4.2.3.2. home-manager
    +
    3.2.3.2. home-manager

    This holds modules that are to be used on most hosts. These are also the most important options to configure, as these allow me easy access to monitor, keyboard, and other setups.

    -
    let
+
    { lib, ... }:
+let
   moduleNames = [
     "laptop"
     "hardware"
@@ -5024,19 +5004,13 @@ This holds modules that are to be used on most hosts. These are also the most im
     "filesystem"
     "firefox"
   ];
-
-  mkImports = names: builtins.listToAttrs (map (name: {
-    inherit name;
-    value = import ./${name}.nix;
-  }) names);
-
 in
-  mkImports moduleNames
+lib.swarselsystems.mkModules moduleNames "home"
    -
    4.2.3.2.1. Laptop
    +
    3.2.3.2.1. Laptop

    Laptops are not always plugged in, so they should show a battery icon in Waybar. Also, most laptops have a touchpad which usually needs to be configured. @@ -5077,7 +5051,7 @@ Laptops are not always plugged in, so they should show a battery icon in Waybar.

    -
    4.2.3.2.2. Hardware
    +
    3.2.3.2.2. Hardware

    This section is mostly used to deliver the correct information to Waybar. AMD systems have changing hwmon paths that can be specifically set here. Also the cpu count can be set here for Waybars cpu module, but 8 is usually a good setting to show @@ -5085,7 +5059,6 @@ This section is mostly used to deliver the correct information to Waybar. AMD sy 

    { lib, ... }:
-
 {
   options.swarselsystems.cpuCount = lib.mkOption {
     type = lib.types.int;
@@ -5106,7 +5079,7 @@ This section is mostly used to deliver the correct information to Waybar. AMD sy
    -
    4.2.3.2.3. Waybar
    +
    3.2.3.2.3. Waybar

    These are explicit waybar options. Laptops do not need the battery module. However, this leads to a slight problem with theming: my waybar modules alternate their background-color between black and grey. The battery module is usually on grey background. If I were to simply delete that, I would now have two modules on black background. To avoid this, I define a pseudo-module custom/pseudobat that simply shows a static image and calls wlogout on right click. This wastes a little bit of screen space, but that is a price I am willing to pay for consistency. @@ -5118,7 +5091,6 @@ The most part of this configuration is done here: 

    { lib, config, ... }:
-
 let
   generateIcons = n: lib.concatStringsSep " " (builtins.map (x: "{icon" + toString x + "}") (lib.range 0 (n - 1)));
 in
@@ -5156,7 +5128,7 @@ in
    -
    4.2.3.2.4. Monitors
    +
    3.2.3.2.4. Monitors

    This allows me to define my monitors in the machine's default.nix. @@ -5164,24 +5136,21 @@ This allows me to define my monitors in the machine's default.nix. 

    { lib, ... }:
-let
-  inherit (lib) mkOption types;
-in
 {
-  options.swarselsystems.monitors = mkOption {
-    type = types.attrsOf (types.attrsOf types.str);
+  options.swarselsystems.monitors = lib.mkOption {
+    type = lib.types.attrsOf (lib.types.attrsOf lib.types.str);
     default = { };
   };
-  options.swarselsystems.sharescreen = mkOption {
-    type = types.str;
+  options.swarselsystems.sharescreen = lib.mkOption {
+    type = lib.types.str;
     default = "";
   };
-  options.swarselsystems.lowResolution = mkOption {
-    type = types.str;
+  options.swarselsystems.lowResolution = lib.mkOption {
+    type = lib.types.str;
     default = "";
   };
-  options.swarselsystems.highResolution = mkOption {
-    type = types.str;
+  options.swarselsystems.highResolution = lib.mkOption {
+    type = lib.types.str;
     default = "";
   };
 }
@@ -5190,7 +5159,7 @@ in
    -
    4.2.3.2.5. Input
    +
    3.2.3.2.5. Input

    This allows me to configure input options. Here, I am globally defining my split keyboards. Then, I am joining some attribute sets so that they can be easier used in the rest of the configurations. @@ -5198,16 +5167,13 @@ This allows me to configure input options. Here, I am globally defining my split 

    { lib, config, ... }:
-let
-  inherit (lib) mkOption types;
-in
 {
-  options.swarselsystems.inputs = mkOption {
-    type = types.attrsOf (types.attrsOf types.str);
+  options.swarselsystems.inputs = lib.mkOption {
+    type = lib.types.attrsOf (lib.types.attrsOf lib.types.str);
     default = { };
   };
-  options.swarselsystems.kyria = mkOption {
-    type = types.attrsOf (types.attrsOf types.str);
+  options.swarselsystems.kyria = lib.mkOption {
+    type = lib.types.attrsOf (lib.types.attrsOf lib.types.str);
     default = {
       "36125:53060:splitkb.com_splitkb.com_Kyria_rev3" = {
         xkb_layout = "us";
@@ -5219,21 +5185,21 @@ in
       };
     };
   };
-  options.swarselsystems.touchpad = mkOption {
-    type = types.attrsOf (types.attrsOf types.str);
+  options.swarselsystems.touchpad = lib.mkOption {
+    type = lib.types.attrsOf (lib.types.attrsOf lib.types.str);
     default = { };
   };
-  options.swarselsystems.standardinputs = mkOption {
-    type = types.attrsOf (types.attrsOf types.str);
+  options.swarselsystems.standardinputs = lib.mkOption {
+    type = lib.types.attrsOf (lib.types.attrsOf lib.types.str);
     default = lib.recursiveUpdate (lib.recursiveUpdate config.swarselsystems.touchpad config.swarselsystems.kyria) config.swarselsystems.inputs;
     internal = true;
   };
-  options.swarselsystems.keybindings = mkOption {
-    type = types.attrsOf types.str;
+  options.swarselsystems.keybindings = lib.mkOption {
+    type = lib.types.attrsOf lib.types.str;
     default = { };
   };
-  options.swarselsystems.shellAliases = mkOption {
-    type = types.attrsOf types.str;
+  options.swarselsystems.shellAliases = lib.mkOption {
+    type = lib.types.attrsOf lib.types.str;
     default = { };
   };
 }
@@ -5242,7 +5208,7 @@ in
    -
    4.2.3.2.6. Nixos
    +
    3.2.3.2.6. Nixos

    These are some extra options that will be used if the machine also runs NixOS. For example, non-NixOS hosts need nixGL prepended to most graphic commands, and swayfx works less nicely on these machines. @@ -5258,9 +5224,7 @@ These are some extra options that will be used if the machine also runs NixOS. F options.swarselsystems.isNixos = lib.mkEnableOption "nixos host"; options.swarselsystems.isPublic = lib.mkEnableOption "is a public machine (no secrets)"; config.swarselsystems.startup = lib.mkIf (!config.swarselsystems.isNixos) [ - { - command = "sleep 60 && nixGL nextcloud --background"; - } + { command = "sleep 60 && nixGL nextcloud --background"; } { command = "sleep 60 && nixGL vesktop --start-minimized -enable-features=UseOzonePlatform -ozone-platform=wayland"; } { command = "sleep 60 && nixGL syncthingtray --wait"; } { command = "sleep 60 && ANKI_WAYLAND=1 nixGL anki"; } @@ -5268,6 +5232,7 @@ These are some extra options that will be used if the machine also runs NixOS. F { command = "sleep 60 && OBSIDIAN_USE_WAYLAND=1 nixGL obsidian -enable-features=UseOzonePlatform -ozone-platform=wayland"; } { command = "sleep 60 && element-desktop --hidden -enable-features=UseOzonePlatform -ozone-platform=wayland --disable-gpu-driver-bug-workarounds"; } ]; + options.swarselsystems.swayfxConfig = lib.mkOption { type = lib.types.str; default = " @@ -5289,7 +5254,7 @@ These are some extra options that will be used if the machine also runs NixOS. F

    -
    4.2.3.2.7. darwin
    +
    3.2.3.2.7. darwin

    Provides settings related to nix-darwin systems. At the moment, I am only making use of a isDarwin flag. @@ -5305,7 +5270,7 @@ Provides settings related to nix-darwin systems. At the moment, I am only making

    -
    4.2.3.2.8. System startup
    +
    3.2.3.2.8. System startup

    This defines programs I want to have starting when I start the system @@ -5329,13 +5294,9 @@ Do not that syncthingtray is also not mentioned here. It is install 

    { lib, ... }:
-let
-  inherit (lib) mkOption types;
-in
 {
-
-  options.swarselsystems.startup = mkOption {
-    type = types.listOf (types.attrsOf types.str);
+  options.swarselsystems.startup = lib.mkOption {
+    type = lib.types.listOf (lib.types.attrsOf lib.types.str);
     default = [
       { command = "nextcloud --background"; }
       { command = "vesktop --start-minimized --enable-speech-dispatcher --ozone-platform-hint=auto --enable-features=WaylandWindowDecorations --enable-wayland-ime"; }
@@ -5352,7 +5313,7 @@ in
    -
    4.2.3.2.9. Wallpaper
    +
    3.2.3.2.9. Wallpaper

    Again, I set the wallpaper here for stylix. @@ -5360,7 +5321,6 @@ Again, I set the wallpaper here for stylix. 

    { lib, ... }:
-
 {
   options.swarselsystems.wallpaper = lib.mkOption {
     type = lib.types.path;
@@ -5373,7 +5333,7 @@ Again, I set the wallpaper here for stylix.
    -
    4.2.3.2.10. Filesystem
    +
    3.2.3.2.10. Filesystem

    Another duplicated option for the filesystem. @@ -5381,7 +5341,6 @@ Another duplicated option for the filesystem. 

    { lib, ... }:
-
 {
   options.swarselsystems.isBtrfs = lib.mkEnableOption "use btrfs filesystem";
 }
@@ -5390,7 +5349,7 @@ Another duplicated option for the filesystem.
    +
    +

    3.2.4. Library functions

    +
    +

    +This section defines all functions of my own that I add to lib. These are used in all places over the config, with many of them being used in flake.nix. +

    + +

    +A breakdown of each function: +

    + +
    +
    { self, lib, systems, inputs, outputs, ... }:
+{
+
+  mkIfElseList = p: yes: no: lib.mkMerge [
+    (lib.mkIf p yes)
+    (lib.mkIf (!p) no)
+  ];
+
+  mkIfElse = p: yes: no: if p then yes else no;
+
+  forAllSystems = lib.genAttrs [
+    "x86_64-linux"
+    "aarch64-linux"
+    "x86_64-darwin"
+    "aarch64-darwin"
+  ];
+
+  pkgsFor = lib.genAttrs (import systems) (system:
+    import inputs.nixpkgs {
+      inherit system;
+      config.allowUnfree = true;
+    }
+  );
+
+  forEachSystem = f: lib.genAttrs (import systems) (system: f lib.swarselsystems.pkgsFor.${system});
+
+  mkFullHost = host: type: {
+    ${host} =
+      let
+        systemFunc = if (type == "nixos") then lib.nixosSystem else inputs.nix-darwin.lib.darwinSystem;
+      in
+      systemFunc {
+        specialArgs = { inherit inputs outputs lib self; };
+        modules = [ "${self}/hosts/${type}/${host}" ];
+      };
+  };
+
+  mkHalfHost = host: type: pkgs: {
+    ${host} =
+      let
+        systemFunc = if (type == "home") then inputs.home-manager.lib.homeManagerConfiguration else inputs.nix-on-droid.lib.nixOnDroidConfiguration;
+      in
+      systemFunc {
+        inherit pkgs;
+        extraSpecialArgs = { inherit inputs outputs; };
+        modules = [ "${self}/hosts/${type}/${host}" ];
+      };
+  };
+
+  mkFullHostConfigs = hosts: type: lib.foldl (acc: set: acc // set) { } (lib.map (host: lib.swarselsystems.mkFullHost host type) hosts);
+
+  mkHalfHostConfigs = hosts: type: pkgs: lib.foldl (acc: set: acc // set) { } (lib.map (host: lib.swarselsystems.mkFullHost host type pkgs) hosts);
+
+  readHosts = type: lib.attrNames (builtins.readDir "${self}/hosts/${type}");
+
+  mkApps = system: names: self: builtins.listToAttrs (map
+    (name: {
+      inherit name;
+      value = {
+        type = "app";
+        program = "${self.packages.${system}.${name}}/bin/${name}";
+      };
+    })
+    names);
+
+  mkPackages = names: pkgs: builtins.listToAttrs (map
+    (name: {
+      inherit name;
+      value = pkgs.callPackage "${self}/pkgs/${name}" { inherit self name; };
+    })
+    names);
+
+
+  mkModules = names: type: builtins.listToAttrs (map
+    (name: {
+      inherit name;
+      value = import "${self}/modules/${type}/${name}.nix";
+    })
+    names);
+
+  eachMonitor = _: monitor: {
+    inherit (monitor) name;
+    value = builtins.removeAttrs monitor [ "workspace" "name" "output" ];
+  };
+
+  eachOutput = _: monitor: {
+    inherit (monitor) name;
+    value = builtins.removeAttrs monitor [ "mode" "name" "scale" "transform" "position" ];
+  };
+
+}
+
    +
    +
    +
    -

    4.3. NixOS

    +

    3.3. NixOS

    Here we have NixOS options. All options are split into smaller files that are loaded by the general default.nix. Common files are used by all user hosts equally, optionals need to be added to the machine's default.nix on a case-by-case basis.

    -

    4.3.1. Common

    +

    3.3.1. Common

    These are system-level settings specific to NixOS machines. All settings that are required on all machines go here.

    -
    4.3.1.1. Imports, non-server settings
    +
    3.3.1.1. Imports, non-server settings

    This section is for setting things that should be used on hosts that are using the default NixOS configuration. This means that servers should NOT import this, as much of these imported modules are user-configured. @@ -5636,7 +5702,7 @@ This section is for setting things that should be used on hosts that are using t

    -
    4.3.1.2. General NixOS settings (stateVersion)
    +
    3.3.1.2. General NixOS settings (stateVersion)

    Also, we disable the warnings that trigger when rebuilding with a dirty flake. At this point, I am also disabling channels and pinning the flake registry - the latter lets me use the local version of nixpkgs for commands like nix shell (without it, we will always download the newest version of nixpkgs for these commands). @@ -5679,7 +5745,7 @@ Also, the system state version is set here. No need to touch it.

    -
    4.3.1.4. Setup home-manager
    +
    3.3.1.4. Setup home-manager

    We enable the use of home-manager as a NixoS module. A nice trick here is the extraSpecialArgs = inputs line, which enables the use of seflf in most parts of the configuration. This is useful to refer to the root of the flake (which is otherwise quite hard while maintaining flake purity). @@ -5826,7 +5892,7 @@ We enable the use of home-manager as a NixoS module. A nice trick h

    -
    4.3.1.5. Setup login keymap
    +
    3.3.1.5. Setup login keymap

    Next, we setup the keymap in case we are not in a graphical session. At this point, I always resort to us/altgr-intl, as it is comfortable to use and I do not write too much German anyways. @@ -5847,7 +5913,7 @@ Next, we setup the keymap in case we are not in a graphical session. At this poi

    -
    4.3.1.6. User setup, Make users non-mutable
    +
    3.3.1.6. User setup, Make users non-mutable

    This ensures that all user-configuration happens here in the config file. @@ -5880,7 +5946,7 @@ For that reason, make sure that sops-nix is properly working before

    -
    4.3.1.7. Environment setup
    +
    3.3.1.7. Environment setup

    Next, we will setup some environment variables that need to be set on the system-side. We apply some compatibility options for chromium apps on wayland, enable the wordlist and make metadata reading possible for my file explorer (nautilus). @@ -5908,7 +5974,7 @@ Next, we will setup some environment variables that need to be set on the system

    -
    4.3.1.8. Security
    +
    3.3.1.8. Security

    Needed for control over system-wide privileges etc. Also I make sure that the root user has access to SSH_AUTH_SOCK (without this, root will not be able to read my nix-secrets repository). @@ -5936,7 +6002,7 @@ Needed for control over system-wide privileges etc. Also I make sure that the ro

    -
    4.3.1.9. Enable automatic garbage collection
    +
    3.3.1.9. Enable automatic garbage collection

    The nix store fills up over time, until /boot/efi is filled. This snippet cleans it automatically on a weekly basis. @@ -5957,7 +6023,7 @@ The nix store fills up over time, until /boot/efi is filled. This s

    -
    4.3.1.10. Enable automatic store optimisation
    +
    3.3.1.10. Enable automatic store optimisation

    This enables hardlinking identical files in the nix store, to save on disk space. I have read this incurs a significant I/O overhead, I need to keep an eye on this. @@ -5977,7 +6043,7 @@ This enables hardlinking identical files in the nix store, to save on disk space

    -
    4.3.1.11. Reduce systemd timeouts
    +
    3.3.1.11. Reduce systemd timeouts

    There is a persistent bug over Linux kernels that makes the user wait 1m30s on system shutdown due to the reason a stop job is running for session 1 of user .... I do not want to wait that long and am confident no important data is lost by doing this. @@ -5997,7 +6063,7 @@ There is a persistent bug over Linux kernels that makes the user wait 1m30s on s

    -
    4.3.1.12. Hardware settings
    +
    3.3.1.12. Hardware settings

    Enable OpenGL, Sound, Bluetooth and various drivers. @@ -6049,7 +6115,7 @@ Enable OpenGL, Sound, Bluetooth and various drivers.

    -
    4.3.1.13. Pipewire
    +
    3.3.1.13. Pipewire

    Pipewire handles communication on Wayland. This enables several sound tools as well as screen sharing in combinaton with xdg-desktop-portal-wlr. @@ -6076,7 +6142,7 @@ Pipewire handles communication on Wayland. This enables several sound tools as w

    -
    4.3.1.14. Common network settings
    +
    3.3.1.14. Common network settings

    Here I only enable networkmanager and a few default networks. The rest of the network config is done separately in System specific configuration. @@ -6279,13 +6345,12 @@ Here I only enable networkmanager and a few default networks. The r proxy = { }; vpn = { auth = "sha1"; - ca = - "${config.users.users.swarsel.home}/.dotfiles/secrets/certs/sweden-aes-128-cbc-udp-dns-ca.pem"; + ca = config.sops.secrets."sweden-aes-128-cbc-udp-dns-ca.pem".path; challenge-response-flags = "2"; cipher = "aes-128-cbc"; compress = "yes"; connection-type = "password"; - crl-verify-file = "${config.users.users.swarsel.home}/.dotfiles/secrets/certs/sweden-aes-128-cbc-udp-dns-crl-verify.pem"; + crl-verify-file = config.sops.secrets."sweden-aes-128-cbc-udp-dns-crl-verify.pem".path; dev = "tun"; password-flags = "0"; remote = "sweden.privacy.network:1198"; @@ -6334,7 +6399,7 @@ Here I only enable networkmanager and a few default networks. The r

    -
    4.3.1.15. Time, locale settings
    +
    3.3.1.15. Time, locale settings

    Setup timezone and locale. I want to use the US layout, but have the rest adapted to my country and timezone. Also, there is an issue with running Windows/Linux dualboot on the same machine where the hardware clock desyncs between the two OS'es. We fix that bug here as well. @@ -6368,7 +6433,7 @@ Setup timezone and locale. I want to use the US layout, but have the rest adapte

    -
    4.3.1.16. sops
    +
    3.3.1.16. sops

    I use sops-nix to handle secrets that I want to have available on my machines at all times. Procedure to add a new machine: @@ -6382,18 +6447,15 @@ I use sops-nix to handle secrets that I want to have available on my machines at

    -
    { config, lib, ... }:
+
    { self, config, lib, ... }:
 let
-  mkIfElse = p: yes: no: lib.mkMerge [
-    (lib.mkIf p yes)
-    (lib.mkIf (!p) no)
-  ];
+  certsSopsFile = self + /secrets/certs/secrets.yaml;
 in
 {
   sops = lib.mkIf (!config.swarselsystems.isPublic) {
 
-    age.sshKeyPaths = mkIfElse config.swarselsystems.isBtrfs [ "/persist/.ssh/sops" "/persist/.ssh/ssh_host_ed25519_key" ] [ "${config.users.users.swarsel.home}/.ssh/sops" "/etc/ssh/ssh_host_ed25519_key" ];
-    defaultSopsFile = mkIfElse config.swarselsystems.isBtrfs "/persist/.dotfiles/secrets/general/secrets.yaml" "${config.users.users.swarsel.home}/.dotfiles/secrets/general/secrets.yaml";
+    age.sshKeyPaths = lib.swarselsystems.mkIfElseList config.swarselsystems.isBtrfs [ "/persist/.ssh/sops" "/persist/.ssh/ssh_host_ed25519_key" ] [ "${config.users.users.swarsel.home}/.ssh/sops" "/etc/ssh/ssh_host_ed25519_key" ];
+    defaultSopsFile = lib.swarselsystems.mkIfElseList config.swarselsystems.isBtrfs "/persist/.dotfiles/secrets/general/secrets.yaml" "${config.users.users.swarsel.home}/.dotfiles/secrets/general/secrets.yaml";
 
     validateSopsFiles = false;
 
@@ -6415,6 +6477,8 @@ in
       githubforgepass = { };
       gitlabforgeuser = { };
       gitlabforgepass = { };
+      "sweden-aes-128-cbc-udp-dns-crl-verify.pem" = { sopsFile = certsSopsFile; owner = "swarsel"; };
+      "sweden-aes-128-cbc-udp-dns-ca.pem" = { sopsFile = certsSopsFile; owner = "swarsel"; };
     };
     templates = {
       "network-manager.env".content = ''
@@ -6447,7 +6511,7 @@ in
    -
    4.3.1.17. Theme (stylix)
    +
    3.3.1.17. Theme (stylix)

    By default, stylix wants to style GRUB as well. However, I think that looks horrible. @@ -6521,7 +6585,7 @@ By default, stylix wants to style

    -
    4.3.1.18. Programs (including zsh setup)
    +
    3.3.1.18. Programs (including zsh setup)

    Some programs profit from being installed through dedicated NixOS settings on system-level; these go here. Notably the zsh setup goes here and cannot be deleted under any circumstances. @@ -6540,7 +6604,7 @@ Some programs profit from being installed through dedicated NixOS settings on sy

    -
    4.3.1.18.1. zsh
    +
    3.3.1.18.1. zsh

    Do not touch this. @@ -6559,7 +6623,7 @@ Do not touch this.

    -
    4.3.1.18.2. syncthing
    +
    3.3.1.18.2. syncthing
    _:
@@ -6618,14 +6682,14 @@ Do not touch this.
    -
    4.3.1.19. Services
    +
    3.3.1.19. Services

    Setting up some hardware services as well as keyboard related settings. Here we make sure that we can use the CAPS key as a ESC/CTRL double key, which is a lifesaver.

    -
    4.3.1.19.1. blueman
    +
    3.3.1.19.1. blueman

    Enables the blueman service including the nice system tray icon. @@ -6642,14 +6706,14 @@ Enables the blueman service including the nice system tray icon.

    -
    4.3.1.19.2. Network devices
    +
    3.3.1.19.2. Network devices

    In this section we enable compatibility with several network devices I have at home, mainly printers and scanners.

    -4.3.1.19.2.1. Scanners +3.3.1.19.2.1. Scanners

    This allows me to use my big scanner/printer's scanning function over the network. @@ -6669,7 +6733,7 @@ This allows me to use my big scanner/printer's scanning function over the networ

    -4.3.1.19.2.2. Printers +3.3.1.19.2.2. Printers

    This allows me to use my big scanner/printer's printing function over the network. Most of the settings are driver related. @@ -6698,7 +6762,7 @@ services.printing = {

    -4.3.1.19.2.3. Avahi (device discovery) +3.3.1.19.2.3. Avahi (device discovery)

    Avahi is the service used for the network discovery. @@ -6718,7 +6782,7 @@ services.avahi = {

    -
    4.3.1.19.3. enable GVfs
    +
    3.3.1.19.3. enable GVfs

    This is being set to allow myself to use all functions of nautilus in NixOS @@ -6734,7 +6798,7 @@ This is being set to allow myself to use all functions of nautilus in NixOS

    -
    4.3.1.19.4. interception-tools: Make CAPS work as ESC/CTRL
    +
    3.3.1.19.4. interception-tools: Make CAPS work as ESC/CTRL

    This is a super-convenient package that lets my remap my CAPS key to ESC if pressed shortly, and CTRL if being held. @@ -6775,7 +6839,7 @@ This is a super-convenient package that lets my remap my CAPS key t

    -
    4.3.1.19.5. power-profiles-daemon
    +
    3.3.1.19.5. power-profiles-daemon

    This enables power profile management. The available modes are: @@ -6802,7 +6866,7 @@ Most of the time I am using power-saver, however, it is good to be

    -
    4.3.1.20. Hardware compatibility settings (Yubikey, Ledger, Keyboards) - udev rules
    +
    3.3.1.20. Hardware compatibility settings (Yubikey, Ledger, Keyboards) - udev rules

    It makes sense to house these settings in their own section, since they are all needed really. Note that the starting of the gpg-agent is done in the sway settings, to also perform this step of the setup for non NixOS-machines at the same time. @@ -6842,7 +6906,7 @@ Also, this is a good place to setup the udev rules.

    -
    4.3.1.21. System Login
    +
    3.3.1.21. System Login

    This section houses the greetd related settings. I do not really want to use a display manager, but it is useful to have setup in some ways - in my case for starting sway on system startup. Notably the default user login setting that is commented out here goes into the system specific settings, make sure to update it there @@ -6875,7 +6939,7 @@ This section houses the greetd related settings. I do not really want to use a d

    -
    4.3.1.22. nix-ld
    +
    3.3.1.22. nix-ld

    This provides libraries for binaries that are not patched for use on NixOS. This really makes the biggest gripe with NixOS go away, that being having to run a binary that is only found in a single spot. It is most of the times possible to patch such a file, but this makes such a situation take much less time to resolve. @@ -7005,7 +7069,7 @@ When a program does not work, start with nix-ldd <program>. T

    -
    4.3.1.23. Impermanence
    +
    3.3.1.23. Impermanence

    This is where the impermanence magic happens. When this is enabled, the root directory is rolled back to a blanket state on each reboot. @@ -7018,10 +7082,8 @@ Normally, doing that also resets the lecture that happens on the first use of 

    { config, lib, ... }:
 let
-  mkIfElse = p: yes: no: if p then yes else no;
-  mapperTarget = mkIfElse config.swarselsystems.isCrypted "/dev/mapper/cryptroot" "/dev/disk/by-label/nixos";
+  mapperTarget = lib.swarselsystems.mkIfElse config.swarselsystems.isCrypted "/dev/mapper/cryptroot" "/dev/disk/by-label/nixos";
 in
-
 {
 
   security.sudo.extraConfig = lib.mkIf config.swarselsystems.isImpermanence ''
@@ -7113,7 +7175,7 @@ in
    -
    4.3.1.24. Summary of nixos-rebuild diff
    +
    3.3.1.24. Summary of nixos-rebuild diff

    This snipped is added to the activation script that is run after every rebuild and shows what packages have been added and removed. This is actually not the optimal place to add that snipped, but the correct spot is in some perl file that I have not had the leisure to take a look at yet. @@ -7135,7 +7197,7 @@ This snipped is added to the activation script that is run after every rebuild a

    -
    4.3.1.25. gnome-keyring
    +
    3.3.1.25. gnome-keyring

    Used for storing sessions in e.g. Nextcloud. Using this on a system level keeps the login information when logging out of the session as well. @@ -7155,7 +7217,7 @@ Used for storing sessions in e.g. Nextcloud. Using this on a system level keeps

    -
    4.3.1.26. Sway
    +
    3.3.1.26. Sway

    This is used to better integrate Sway into the system on NixOS hosts. On the home-manager side, the package attribute will be null for such an host, using the systems derivation instead. @@ -7190,7 +7252,7 @@ This is used to better integrate Sway into the system on NixOS hosts. On the hom

    -
    4.3.1.27. xdg-portal
    +
    3.3.1.27. xdg-portal

    This allows me to use screen sharing on Wayland. The implementation is a bit crude and only the whole screen can be shared. However, most of the time that is all I need to do anyways. @@ -7221,7 +7283,7 @@ This allows me to use screen sharing on Wayland. The implementation is a bit cru

    -
    4.3.1.28. safeeyes
    +
    3.3.1.28. safeeyes

    A friend of mine used this service and I used to make fun of him. But I have to admit this is actually a nice program. It forces you to look away from the screen from time to time, reducing eye strain. @@ -7237,7 +7299,7 @@ A friend of mine used this service and I used to make fun of him. But I have to

    -
    4.3.1.29. Podmam (distrobox)
    +
    3.3.1.29. Podmam (distrobox)

    I am using distrobox to quickly circumvent isses that I cannot immediately solve on NixOS. It is always the goal to quickly get things working on NixOS, but this prevents me from getting completely stuck. @@ -7261,7 +7323,7 @@ I am using distrobox to quickly circumvent isses that I cannot immediately solve

    -
    4.3.1.30. Handle lid switch correctly
    +
    3.3.1.30. Handle lid switch correctly

    This turns off the display when the lid is closed. @@ -7299,7 +7361,7 @@ This turns off the display when the lid is closed.

    -
    4.3.1.31. Low battery notification
    +
    3.3.1.31. Low battery notification

    Since I hide the waybar completely during normal operation, I run the risk of not noticing when my battery is about to run out. This module sends a notification when the battery level falls below 10%. Written by cafkafk. @@ -7336,9 +7398,9 @@ Since I hide the waybar completely during normal operation, I run the risk of no

    -
    -
    4.3.1.32. Lanzaboote
    -
    +
    +
    3.3.1.32. Lanzaboote
    +

    This dynamically uses systemd boot or Lanzaboote depending on `config.swarselsystems.initialSetup` and `config.swarselsystems.isSecureBoot`.

    @@ -7363,11 +7425,11 @@ This dynamically uses systemd boot or Lanzaboote depending on `config.swarselsys
    -

    4.3.2. Server

    +

    3.3.2. Server

    -
    4.3.2.1. Imports
    +
    3.3.2.1. Imports

    First, we enable the use of home-manager as a NixoS module. @@ -7428,7 +7490,7 @@ in

    -
    4.3.2.2. General NixOS Server settings
    +
    3.3.2.2. General NixOS Server settings

    Here we just define some aliases for rebuilding the system, and we allow some insecure packages that are needed by some server derivations. It would be more elegant to define these in the respective module, but nixpkgs needs to be defined before we can evaluate modules within it, so this must be a top-level configuration. @@ -7463,7 +7525,7 @@ Here we just define some aliases for rebuilding the system, and we allow some in

    -
    4.3.2.3. System Packages
    +
    3.3.2.3. System Packages
    { pkgs, ... }:
@@ -7482,7 +7544,7 @@ Here we just define some aliases for rebuilding the system, and we allow some in
    -
    4.3.2.4. sops
    +
    3.3.2.4. sops
    { config, lib, ... }:
@@ -7499,7 +7561,7 @@ Here we just define some aliases for rebuilding the system, and we allow some in
    -
    4.3.2.5. nfs/samba (smb)
    +
    3.3.2.5. nfs/samba (smb)
    { pkgs, ... }:
@@ -7556,7 +7618,7 @@ Here we just define some aliases for rebuilding the system, and we allow some in
    -
    4.3.2.6. NGINX
    +
    3.3.2.6. NGINX
    { pkgs, config, ... }:
@@ -7599,7 +7661,7 @@ Here we just define some aliases for rebuilding the system, and we allow some in
    -
    4.3.2.7. ssh
    +
    3.3.2.7. ssh
    { self, ... }:
@@ -7625,7 +7687,7 @@ Here we just define some aliases for rebuilding the system, and we allow some in
    -
    4.3.2.8. kavita
    +
    3.3.2.8. kavita
    { pkgs, lib, config, ... }:
@@ -7675,7 +7737,7 @@ Here we just define some aliases for rebuilding the system, and we allow some in
    -
    4.3.2.9. jellyfin
    +
    3.3.2.9. jellyfin
    { pkgs, lib, config, ... }:
@@ -7727,7 +7789,7 @@ Here we just define some aliases for rebuilding the system, and we allow some in
    -
    4.3.2.10. navidrome
    +
    3.3.2.10. navidrome
    { pkgs, lib, inputs, config, ... }:
@@ -7831,7 +7893,7 @@ in
    -
    4.3.2.11. spotifyd
    +
    3.3.2.11. spotifyd
    { lib, config, ... }:
@@ -7873,7 +7935,7 @@ in
    -
    4.3.2.12. mpd
    +
    3.3.2.12. mpd
    { pkgs, lib, config, ... }:
@@ -7932,7 +7994,7 @@ in
    -
    4.3.2.13. pipewire
    +
    3.3.2.13. pipewire
    { lib, config, ... }:
@@ -7960,7 +8022,7 @@ in
    -
    4.3.2.14. matrix
    +
    3.3.2.14. matrix
    { config, lib, pkgs, sops, ... }:
@@ -8286,7 +8348,7 @@ in
    -
    4.3.2.15. nextcloud
    +
    3.3.2.15. nextcloud
    { pkgs, lib, config, ... }:
@@ -8337,7 +8399,7 @@ in
    -
    4.3.2.16. immich
    +
    3.3.2.16. immich
    { lib, config, ... }:
@@ -8394,7 +8456,7 @@ in
    -
    4.3.2.17. paperless
    +
    3.3.2.17. paperless
    { lib, config, ... }:
@@ -8452,7 +8514,7 @@ in
    -
    4.3.2.18. transmission
    +
    3.3.2.18. transmission
    { pkgs, lib, config, ... }:
@@ -8593,7 +8655,7 @@ in
    -
    4.3.2.19. syncthing
    +
    3.3.2.19. syncthing
    { lib, config, ... }:
@@ -8711,7 +8773,7 @@ in
    -
    4.3.2.20. restic
    +
    3.3.2.20. restic

    Once this is finished, it will house a restic client that manages automatic backups of my image library. Before I get to this however, I first need to organice my pictures in the first place. @@ -8731,7 +8793,7 @@ Once this is finished, it will house a restic client that manages automatic back

    -
    4.3.2.21. monitoring
    +
    3.3.2.21. monitoring

    This section exposes several metrics that I use to check the health of my server. I need to expand on the exporters section at some point, but for now I have everything I need. @@ -8903,7 +8965,7 @@ This section exposes several metrics that I use to check the health of my server

    -
    4.3.2.22. Jenkins
    +
    3.3.2.22. Jenkins

    This is a WIP Jenkins instance. It is used to automatically build a new system when pushes to the main repository are detected. I have turned this service off for now however, as I actually prefer to start my builds manually. @@ -8950,7 +9012,7 @@ This is a WIP Jenkins instance. It is used to automatically build a new system w

    -
    4.3.2.23. Emacs elfeed (RSS Server)
    +
    3.3.2.23. Emacs elfeed (RSS Server)

    This was an approach of hosting an RSS server from within emacs. That would have been useful as it would have allowed me to allow my feeds from any device. However, it proved impossible to do bidirectional syncing, so I abandoned this configuration in favor of FreshRSS. @@ -8977,7 +9039,7 @@ This was an approach of hosting an RSS server from within emacs. That would have

    -
    4.3.2.24. FreshRSS
    +
    3.3.2.24. FreshRSS

    FreshRSS is a more 'classical' RSS aggregator that I can just host as a distinct service. This also has its upsides because I jave more control over the state this way. @@ -9029,7 +9091,7 @@ It serves both a Greader API at -

    4.3.2.25. forgejo (git server)
    +
    3.3.2.25. forgejo (git server)
    { lib, config, ... }:
@@ -9083,7 +9145,7 @@ It serves both a Greader API at 
-
    4.3.2.26. Anki Sync Server
    
+
    3.3.2.26. Anki Sync Server
    
 
    
 
    
 
    { lib, config, ... }:
@@ -9133,11 +9195,11 @@ It serves both a Greader API at 
-
    4.3.3. Darwin
    
+
    3.3.3. Darwin
    
 
    
 
    
 
    
-
    4.3.3.1. Imports
    
+
    3.3.3.1. Imports
    
 
    
 
    
 This section sets up all the imports that are used in the home-manager section.
@@ -9170,7 +9232,7 @@ in
 
    
 
    
 
    
-
    4.3.4. Optional
    
+
    3.3.4. Optional
    
 
    
 
    
 These sets of configuration do not need to be deployed on every host, for a multitude of reasons.
@@ -9185,7 +9247,7 @@ These sets of configuration do not need to be deployed on every host, for a mult
 
 
    
 
    
-
    4.3.4.1. gaming
    
+
    3.3.4.1. gaming
    
 
    
 
    
 This opens a few gaming ports and installs the steam configuration suite for gaming. There are more options in Gaming (home-manager side).
@@ -9234,7 +9296,7 @@ This opens a few gaming ports and installs the steam configuration suite for gam
 
    
 
    
 
    
-
    4.3.4.2. VirtualBox
    
+
    3.3.4.2. VirtualBox
    
 
    
 
    
 This sets the VirtualBox configuration. Guest should not be enabled if not direly needed, it will make rebuilds unbearably slow. I only use this privately to run an old editor that does not run well under wine, so I put it into it's own specialisation.
@@ -9267,7 +9329,7 @@ This sets the VirtualBox configuration. Guest should not be enabled if not direl
 
    
 
    
 
    
-
    4.3.4.3. VmWare
    
+
    3.3.4.3. VmWare
    
 
    
 
    
 This sets the VirtualBox configuration. Guest should not be enabled if not direly needed, it will make rebuilds unbearably slow.
@@ -9285,7 +9347,7 @@ This sets the VirtualBox configuration. Guest should not be enabled if not direl
 
    
 
    
 
    
-
    4.3.4.4. Auto-login
    
+
    3.3.4.4. Auto-login
    
 
    
 
    
 Auto login for the initial session.
@@ -9304,7 +9366,7 @@ Auto login for the initial session.
 
    
 
    
 
    
-
    4.3.4.5. nswitch-rcm
    
+
    3.3.4.5. nswitch-rcm
    
 
    
 
    
 This smashes Atmosphere 1.3.2 on the switch, which is what I am currenty using.
@@ -9326,7 +9388,7 @@ This smashes Atmosphere 1.3.2 on the switch, which is what I am currenty using.
 
    
 
    
 
    
-
    4.3.4.6. work
    
+
    3.3.4.6. work
    
 
    
 
    
 Options that I need specifically at work. There are more options at Work (home-manager side).
@@ -9465,7 +9527,7 @@ in
 
    
 
    
 
    
-
    4.3.4.7. Minimal Install
    
+
    3.3.4.7. Minimal Install
    
 
    
 
    
 These options are really only to be used on the iso image in order to run nixos-anywhere.
@@ -9547,18 +9609,18 @@ These options are really only to be used on the iso image in order to run nixos-
 
    
 
    
 
    
-
    4.4. Home-manager
    
+
    3.4. Home-manager
    
 
    
 
    
 The general structure is the same as in the NixOS section.
 
    
 
    
 
    
-
    4.4.1. Common
    
+
    3.4.1. Common
    
 
    
 
    
 
    
-
    4.4.1.1. Imports
    
+
    3.4.1.1. Imports
    
 
    
 
    
 This section sets up all the imports that are used in the home-manager section.
@@ -9608,7 +9670,7 @@ This section sets up all the imports that are used in the home-manager section.
 
    
 
    
 
    
-
    4.4.1.2. General home-manager-settings
    
+
    3.4.1.2. General home-manager-settings
    
 
    
 
    
 Again, we adapt nix to our needs, enable the home-manager command for non-NixOS machines (NixOS machines are using it as a module) and setting user information that I always keep the same.
@@ -9646,7 +9708,7 @@ Again, we adapt nix to our needs, enable the home-manager command f
 
    
 
    
 
    
-
    4.4.1.3. Installed packages
    
+
    3.4.1.3. Installed packages
    
 
    
 
    
 Here are defined some packages that I would like to use across all my machines. Most of these should not require further setup. Notably the cura package is severely outdated on nixpkgs, so I just fetch a more recent AppImage and run that instead.
@@ -9661,7 +9723,7 @@ Programming languages and default lsp's are defined here: 
-
    4.4.1.3.1. Packaged
    
+
    3.4.1.3.1. Packaged
    
 
    
 
    
 This holds packages that I can use as provided, or with small modifications (as in the texlive package that needs special configuration).
@@ -9837,7 +9899,7 @@ This holds packages that I can use as provided, or with small modifications (as
 
    
 
    
 
    
-
    4.4.1.3.2. Self-defined
    
+
    3.4.1.3.2. Self-defined
    
 
    
 
    
 This is just a separate container for derivations defined in Packages. This is a good idea so that I do not lose track of package names I have defined myself, as this was once a problem in the past already.
@@ -9911,7 +9973,7 @@ This is just a separate container for derivations defined in 
-
    4.4.1.4. sops
    
+
    3.4.1.4. sops
    
 
    
 
    
 I use sops-nix to handle secrets that I want to have available on my machines at all times. Procedure to add a new machine:
@@ -9932,16 +9994,10 @@ Since we are using the home-manager implementation here, we need to specify the
 
 
    
 
    { config, lib, ... }:
-let
-  mkIfElse = p: yes: no: lib.mkMerge [
-    (lib.mkIf p yes)
-    (lib.mkIf (!p) no)
-  ];
-in
 {
   sops = lib.mkIf (!config.swarselsystems.isPublic) {
     age.sshKeyPaths = [ "${config.home.homeDirectory}/.ssh/sops" "${config.home.homeDirectory}/.ssh/ssh_host_ed25519_key" ];
-    defaultSopsFile = mkIfElse config.swarselsystems.isBtrfs "/persist/.dotfiles/secrets/general/secrets.yaml" "${config.home.homeDirectory}/.dotfiles/secrets/general/secrets.yaml";
+    defaultSopsFile = lib.swarselsystems.mkIfElseList config.swarselsystems.isBtrfs "/persist/.dotfiles/secrets/general/secrets.yaml" "${config.home.homeDirectory}/.dotfiles/secrets/general/secrets.yaml";
 
     validateSopsFiles = false;
     secrets = {
@@ -9959,7 +10015,7 @@ in
 
    
 
    
 
    
-
    4.4.1.5. SSH Machines
    
+
    3.4.1.5. SSH Machines
    
 
    
 
    
 It is very convenient to have SSH aliases in place for machines that I use. This is mainly used for some server machines and some university clusters. We also enable agent forwarding to have our Yubikey SSH key accessible on the remote host.
@@ -10012,7 +10068,7 @@ It is very convenient to have SSH aliases in place for machines that I use. This
 
    
 
    
 
    
-
    4.4.1.6. Theme (stylix)
    
+
    3.4.1.6. Theme (stylix)
    
 
    
 
    
 These section allows home-manager to allow theme settings, and handles some other appearance-related settings like cursor styles. Interestingly, system icons (adwaita) still need to be setup on system-level, and will break if defined here.
@@ -10088,7 +10144,7 @@ This section has been notably empty ever since switching to stylix. Only Emacs i
 
    
 
    
 
    
-
    4.4.1.7. Desktop Entries, MIME types (xdg)
    
+
    3.4.1.7. Desktop Entries, MIME types (xdg)
    
 
    
 
    
 Some programs lack a dmenu launcher - I define them myself here.
@@ -10189,7 +10245,7 @@ _:
 
    
 
    
 
    
-
    4.4.1.8. Linking dotfiles
    
+
    3.4.1.8. Linking dotfiles
    
 
    
 
    
 This section should be used in order to symlink already existing configuration files using `home.file` and setting session variables using `home.sessionVariables`.
@@ -10245,7 +10301,7 @@ Also in firefox `about:config > toolkit.legacyUserProfileCustomizations.style
 
    
 
    
     
 
    
-
    4.4.1.10. General Programs: bottom, imv, sioyek, bat, carapace, wlogout, swayr, yt-dlp, mpv, jq, nix-index, ripgrep, pandoc, fzf
    
+
    3.4.1.10. General Programs: bottom, imv, sioyek, bat, carapace, wlogout, swayr, yt-dlp, mpv, jq, nix-index, ripgrep, pandoc, fzf
    
 
    
 
    
 This section is for programs that require no further configuration. zsh Integration is enabled by default for these.
@@ -10299,7 +10355,7 @@ This section is for programs that require no further configuration. zsh Integrat
 
    
 
    
 
    
-
    4.4.1.11. nix-index
    
+
    3.4.1.11. nix-index
    
 
    
 
    
 nix-index provides a way to find out which packages are provided by which derivations. By default it also comes with a replacement for command-not-found.sh, however, the implementation is based on a channel based setup. I like consistency, so I replace the command with one that provides a flakes-based output.
@@ -10332,7 +10388,7 @@ nix-index provides a way to find out which packages are provided by which deriva
 
    
 
    
 
    
-
    4.4.1.12. password-store
    
+
    3.4.1.12. password-store
    
 
    
 
    
 Enables password store with the pass-otp extension which allows me to store and generate one-time-passwords.
@@ -10354,7 +10410,7 @@ Enables password store with the pass-otp extension which allows me
 
    
 
    
 
    
-
    4.4.1.13. direnv
    
+
    3.4.1.13. direnv
    
 
    
 
    
 Enables direnv, which I use for nearly all of my nix dev flakes.
@@ -10373,7 +10429,7 @@ Enables direnv, which I use for nearly all of my nix dev flakes.
 
    
 
    
 
    
-
    4.4.1.14. eza
    
+
    3.4.1.14. eza
    
 
    
 
    
 Eza provides me with a better ls command and some other useful aliases.
@@ -10397,7 +10453,7 @@ Eza provides me with a better ls command and some other useful alia
 
    
 
    
 
    
-
    4.4.1.15. git
    
+
    3.4.1.15. git
    
 
    
 
    
 Here I set up my git config, automatic signing of commits, useful aliases for my ost used commands (for when I am not using Magit) as well as a git template defined in Linking dotfiles.
@@ -10448,7 +10504,7 @@ Here I set up my git config, automatic signing of commits, useful aliases for my
 
    
 
    
 
    
-
    4.4.1.16. Fuzzel
    
+
    3.4.1.16. Fuzzel
    
 
    
 
    
 Here I only need to set basic layout options - the rest is being managed by stylix.
@@ -10474,7 +10530,7 @@ Here I only need to set basic layout options - the rest is being managed by styl
 
    
 
    
 
    
-
    4.4.1.17. Starship
    
+
    3.4.1.17. Starship
    
 
    
 
    
 Starship makes my zsh look cooler! I have symbols for most programming languages and toolchains, also I build my own powerline.
@@ -10592,7 +10648,7 @@ Starship makes my zsh look cooler! I have symbols for most programm
 
    
 
    
 
    
-
    4.4.1.18. Kitty
    
+
    3.4.1.18. Kitty
    
 
    
 
    
 Kitty is the terminal emulator of choice for me, it is nice to configure using nix, fast, and has a nice style.
@@ -10620,7 +10676,7 @@ The theme is handled by stylix.
 
    
 
    
 
    
-
    4.4.1.19. zsh
    
+
    3.4.1.19. zsh
    
 
    
 
    
 zsh is the most convenient shell for me and it happens to be super neat to configure within home manager.
@@ -10760,7 +10816,7 @@ Here we set some aliases (some of them should be shellApplications instead) as w
 
    
 
    
 
    
-
    4.4.1.20. zellij
    
+
    3.4.1.20. zellij
    
 
    
 
    
 
    _:
@@ -10969,7 +11025,7 @@ Here we set some aliases (some of them should be shellApplications instead) as w
 
    
 
    
 
    
-
    4.4.1.21. tmux
    
+
    3.4.1.21. tmux
    
 
    
 
    
 
    @@ -11077,7 +11133,7 @@ in
 
    
 
    
 
    
-
    4.4.1.22. Mail
    
+
    3.4.1.22. Mail
    
 
    
 
    
 Normally I use 4 mail accounts - here I set them all up. Three of them are Google accounts (sadly), which are a chore to setup. The last is just a sender account that I setup SMTP for here.
@@ -11219,7 +11275,7 @@ Normally I use 4 mail accounts - here I set them all up. Three of them are Googl
 
    
 
    
 
    
-
    4.4.1.23. Home-manager: Emacs
    
+
    3.4.1.23. Home-manager: Emacs
    
 
    
 
    
 By using the emacs-overlay NixOS module, I can install all Emacs packages that I want to use right through NixOS. This is done by passing my init.el file to the configuration which will then be parsed upon system rebuild, looking for use-package sections in the Elisp code. Also I define here the style of Emacs that I want to run - I am going with native Wayland Emacs here (emacs-pgtk). All of the nice options such as tree-sitter support are enabled by default, so I do not need to adjust the build process.
@@ -11309,7 +11365,7 @@ Lastly, I am defining some more packages here that the parser has problems findi
 
    
 
    
 
    
-
    4.4.1.24. Waybar
    
+
    3.4.1.24. Waybar
    
 
    
 
    
 Again I am just using the first bar option here that I was able to find good understandable documentation for. Of note is that the `cpu` section's `format` is not defined here, but in section 1 (since not every machine has the same number of cores)
@@ -11595,7 +11651,7 @@ The rest of the related configuration is found here:
 
    
 
    
 
    
-
    4.4.1.25. Firefox
    
+
    3.4.1.25. Firefox
    
 
    
 
    
 Setting up firefox along with some policies that are important to me (mostly disabling telemetry related stuff as well as Pocket). I also enable some integrations that enable super useful packages, namely tridactyl and browserpass.
@@ -11899,14 +11955,14 @@ in
 
    
 
    
 
    
-
    4.4.1.26. Services
    
+
    3.4.1.26. Services
    
 
    
 
    
 Services that can be defined through home-manager should be defined here.
 
    
 
    
 
    
-
    4.4.1.26.1. gnome-keyring
    
+
    3.4.1.26.1. gnome-keyring
    
 
    
 
    
 Used for storing sessions in e.g. Nextcloud
@@ -11924,7 +11980,7 @@ Used for storing sessions in e.g. Nextcloud
 
    
 
    
 
    
-
    4.4.1.26.2. KDE Connect
    
+
    3.4.1.26.2. KDE Connect
    
 
    
 
    
 This enables phone/computer communication, including sending clipboard, files etc. Sadly on Wayland many of the features are broken (like remote control).
@@ -11944,7 +12000,7 @@ This enables phone/computer communication, including sending clipboard, files et
 
    
 
    
 
    
-
    4.4.1.26.3. Mako
    
+
    3.4.1.26.3. Mako
    
 
    
 
    
 Desktop notifications!
@@ -11991,7 +12047,7 @@ The `extraConfig` section here CANNOT be reindented. This has something to do wi
 
    
 
    
 
    
-
    4.4.1.26.4. yubikey-touch-detector
    
+
    3.4.1.26.4. yubikey-touch-detector
    
 
    
 
    
 
    { pkgs, ... }:
@@ -12029,7 +12085,7 @@ The `extraConfig` section here CANNOT be reindented. This has something to do wi
 
    
 
    
 
    
-
    4.4.1.27. Sway
    
+
    3.4.1.27. Sway
    
 
    
 
    
 I am currently using SwayFX, which adds some nice effects to sway, like rounded corners and hiding the separator between title and content of a window.
@@ -12043,15 +12099,7 @@ Currently, I am too lazy to explain every option here, but most of it is very se
 
    { config, lib, ... }:
 let
   inherit (config.swarselsystems) monitors;
-  eachMonitor = _name: monitor: {
-    inherit (monitor) name;
-    value = builtins.removeAttrs monitor [ "workspace" "name" "output" ];
-  };
-  eachOutput = _name: monitor: {
-    inherit (monitor) name;
-    value = builtins.removeAttrs monitor [ "mode" "name" "scale" "transform" "position" ];
-  };
-  workplaceSets = lib.mapAttrs' eachOutput monitors;
+  workplaceSets = lib.mapAttrs' lib.swarselsystems.eachOutput monitors;
   workplaceOutputs = map (key: lib.getAttr key workplaceSets) (lib.attrNames workplaceSets);
 in
 {
@@ -12177,7 +12225,7 @@ in
         };
       };
       defaultWorkspace = "workspace 1:一";
-      output = lib.mapAttrs' eachMonitor monitors;
+      output = lib.mapAttrs' lib.swarselsystems.eachMonitor monitors;
       input = config.swarselsystems.standardinputs;
       workspaceOutputAssign = workplaceOutputs;
       startup = config.swarselsystems.startup ++ [
@@ -12343,7 +12391,7 @@ in
 
    
 
    
 
    
-
    4.4.1.28. gpg-agent
    
+
    3.4.1.28. gpg-agent
    
 
    
 
    
 Settinfs that are needed for the gpg-agent. Also we are enabling emacs support for unlocking my Yubikey here.
@@ -12389,7 +12437,7 @@ Settinfs that are needed for the gpg-agent. Also we are enabling emacs support f
 
    
 
    
 
    
-
    4.4.1.29. gammastep
    
+
    3.4.1.29. gammastep
    
 
    
 
    
 This service changes the screen hue at night. I am not sure if that really does something, but I like the color anyways.
@@ -12411,11 +12459,11 @@ This service changes the screen hue at night. I am not sure if that really does
 
    
 
    
 
    
-
    4.4.2. Server
    
+
    3.4.2. Server
    
 
    
 
    
 
    
-
    4.4.2.1. Imports
    
+
    3.4.2.1. Imports
    
 
    
 
    
 This section sets up all the imports that are used in the home-manager section.
@@ -12437,7 +12485,7 @@ in
 
    
 
    
 
    
-
    4.4.2.2. Linking dotfiles
    
+
    3.4.2.2. Linking dotfiles
    
 
    
 
    
 This section should be used in order to symlink already existing configuration files using `home.file` and setting session variables using `home.sessionVariables`.
@@ -12463,11 +12511,11 @@ As for the `home.sessionVariables`, it should be noted that environment variable
 
    
 
    
 
    
-
    4.4.3. Darwin
    
+
    3.4.3. Darwin
    
 
    
 
    
 
    
-
    4.4.3.1. Imports
    
+
    3.4.3.1. Imports
    
 
    
 
    
 This section sets up all the imports that are used in the home-manager section.
@@ -12489,14 +12537,14 @@ in
 
    
 
    
 
    
-
    4.4.4. Optional
    
+
    3.4.4. Optional
    
 
    
 
    
 Akin to the optional NixOS modules.
 
    
 
    
 
    
-
    4.4.4.1. Gaming
    
+
    3.4.4.1. Gaming
    
 
    
 
    
 The rest of the settings is at gaming.
@@ -12543,7 +12591,7 @@ The rest of the settings is at 
 
    
 
    
-
    4.4.4.2. Work
    
+
    3.4.4.2. Work
    
 
    
 
    
 The rest of the settings is at work. Here, I am setting up the different firefox profiles that I need for the SSO sites that I need to access at work as well as a few ssh shorthands.
@@ -12682,18 +12730,18 @@ The rest of the settings is at 
 
    
 
    
-
    5. Emacs
    
+
    4. Emacs
    
 
    
 
    
 
    
-
    5.1. Initialization (early-init.el)
    
+
    4.1. Initialization (early-init.el)
    
 
    
 
    
 In this section I handle my early init file; it takes care of frame-setup for emacsclient buffers.
 
    
 
    
 
    
-
    5.1.1. Increase startup performance
    
+
    4.1.1. Increase startup performance
    
 
    
 
    
 First, I use some advice from doomemacs regarding garbace collection; here I make sure that during startup, the garbace collectur will not run, which will improve startup times. Now, that might not really be needed since I will usually only start the emacs server once during startup and then not touch it again, however, since I am building my emacs configuration using NixOS, there is some merit to this since I will usually need to restart the server once I rebuild my configuration.
@@ -12739,7 +12787,7 @@ Also packed into the hook function is the line (fset 'epg-wait-for-status
 
    
 
    
 
    
-
    5.1.2. Setup frames
    
+
    4.1.2. Setup frames
    
 
    
 
    
 Next, I will setup the basic frame for my emacs buffers. Note that I use a tiling window manager, so I do not need to hold myself up with sizing the windows myself. I also disable some GUI tools that I (like many others) do not find to be particularly useful. Also I inhibit many startup functions here, even though it does not affect me greatly since I use another solution for that.
@@ -12792,7 +12840,7 @@ For the default-frame-alist, I used to also set '(right-divid
 
    
 
    
 
    
-
    5.1.3. Make C-i, C-m, C-[ available in graphic sessions
    
+
    4.1.3. Make C-i, C-m, C-[ available in graphic sessions
    
 
    
 
    
 By default, emacs binds
@@ -12832,21 +12880,21 @@ NOTE: To use these keybinds, you need to enclose the binding in angled brackets
 
    
 
    
 
    
-
    5.2. Personal settings
    
+
    4.2. Personal settings
    
 
    
 
    
 This section is used to define my own functions, own variables, and own keybindings.
 
    
 
    
 
    
-
    5.2.1. Custom functions
    
+
    4.2.1. Custom functions
    
 
    
 
    
 In this section I define extra functions that I need. Some of these functions I wrote myself, some I found after internet reseach. For functions I found on the internet, I will link the original source I found it in.
 
    
 
    
 
    
-
    5.2.1.1. Emacs/Evil state toggle
    
+
    4.2.1.1. Emacs/Evil state toggle
    
 
    
 
    
 Since I am rebinding the C-z hotkey for emacs-evil-state toggling, I want to have a function that still lets me perform this action quickly.
@@ -12865,7 +12913,7 @@ Since I am rebinding the C-z hotkey for emacs-evil-state toggling,
 
    
 
    
 
    
-
    5.2.1.2. Switching to last used buffer
    
+
    4.2.1.2. Switching to last used buffer
    
 
    
 
    
 I often find myself bouncing between two buffers when I do not want to use a window split. This funnction simply jumps to the last used buffer.
@@ -12880,7 +12928,7 @@ I often find myself bouncing between two buffers when I do not want to use a win
 
    
 
    
     
 
    
-
    5.2.1.4. Create non-existant directories when finding file
    
+
    4.2.1.4. Create non-existant directories when finding file
    
 
    
 
    
 This function will check if a directory for which a file we want to open exists; if not, it will offer to create the directories for me.
@@ -12954,7 +13002,7 @@ This function will check if a directory for which a file we want to open exists;
 
    
 
    
 
    
-
    5.2.1.5. [crux] Duplicate Lines
    
+
    4.2.1.5. [crux] Duplicate Lines
    
 
    
 
    
 When programming, I like to be able to duplicate a line. There are easier functions than the one below, but they either
@@ -13023,7 +13071,7 @@ there's a region, all lines that region covers will be duplicated."
 
    
 
    
 
    
-
    5.2.1.6. [prot] org-id-headings
    
+
    4.2.1.6. [prot] org-id-headings
    
 
    
 
    
 These functions by protesilaos generate heading links in an org-file similar to the normal org-store-link approach when not using properties. This approach has a weakness however - if the heading name is changed, the link breaks. These functions generate a unique identifier for each heading which will not break and also works when exporting the file to html, for example.
@@ -13061,7 +13109,7 @@ create a new one."
 
    
 
    
 
    
-
    5.2.1.7. Inhibit Messages in Echo Area
    
+
    4.2.1.7. Inhibit Messages in Echo Area
    
 
    
 
    
 Emacs likes to send messages to the echo area; this is generally a good thing. However, it bothers me a lot when I am currently working in minibuffer where I receive an echo area message that is actually important and it is then overwritten by e.g. the mu4e update message. This section makes it possible to find the root function calling the message function and disabling it here.
@@ -13133,7 +13181,7 @@ Lastly, individual messages can be reenabled using the (advice-remove '<
 
    
 
    
 
    
-
    5.2.1.8. Move up one directory for find-file
    
+
    4.2.1.8. Move up one directory for find-file
    
 
    
 
    
 I find it very annoying that the standard behavior for M-DEL only deletes one word when using find-file. This function makes it so that we always go up by one directory level instead.
@@ -13162,7 +13210,7 @@ This function was found here: 
-
    5.2.1.9. org-mode: General setup
    
+
    4.2.1.9. org-mode: General setup
    
 
    
 
    
 Sets up the basic settings that I want to have active in org-mode buffers.
@@ -13191,7 +13239,7 @@ Used here: General org-mode
 
    
 
    
-
    5.2.1.10. org-mode: Visual-fill column
    
+
    4.2.1.10. org-mode: Visual-fill column
    
 
    
 
    
 This function sets the width of buffers in org-mode.
@@ -13213,7 +13261,7 @@ Used in: Centered org-mode Buf
 
    
 
    
 
    
-
    5.2.1.11. org-mode: Upon-save actions (Auto-tangle, export to html, formatting)
    
+
    4.2.1.11. org-mode: Upon-save actions (Auto-tangle, export to html, formatting)
    
 
    
 
    
 This section handles everything that shoudld happen when I save SwarselSystems.org. It:
@@ -13255,7 +13303,7 @@ We set a hook that runs everytime we save the file. It would be a bit more effic
 
    
 
    
 
    
-
    5.2.1.12. org-mode: Fold current heading
    
+
    4.2.1.12. org-mode: Fold current heading
    
 
    
 
    
 Normally emacs cycles between three states:
@@ -13286,7 +13334,7 @@ However, I want to be able to fold a single heading consistently.
 
    
 
    
 
    
-
    5.2.1.13. corfu: Do not interrupt navigation
    
+
    4.2.1.13. corfu: Do not interrupt navigation
    
 
    
 
    
 These three functions allow me to keep using the normal navigation keys even when a corfu completion pops up.
@@ -13319,7 +13367,7 @@ These functions are used here: 
 
    
 
    
-
    5.2.1.14. python shell reloading
    
+
    4.2.1.14. python shell reloading
    
 
    
 
    
 The standard Emacs behaviour for the Python process shell is a bit annoying. This is my attempt at making it show automatically on opening a python buffer and making it refresh on its own as well. This does not nicely work yet.
@@ -13361,7 +13409,7 @@ The standard Emacs behaviour for the Python process shell is a bit annoying. Thi
 
    
 
    
 
    
-
    5.2.1.15. Nix common prefix bracketer
    
+
    4.2.1.15. Nix common prefix bracketer
    
 
    
 
    
 This function searches for common delimiters in region and removes them, summarizing all captured lines by it.
@@ -13395,7 +13443,7 @@ This function searches for common delimiters in region and removes them, summari
 
    
 
    
 
    
-
    5.2.1.16. Nix formatters
    
+
    4.2.1.16. Nix formatters
    
 
    
 
    
 This formats the org code block at point in accordance to the nixpkgs-fmt formatter
@@ -13432,7 +13480,7 @@ This formats the org code block at point in accordance to the 
 
    
 
    
-
    5.2.1.17. Disable garbace collection while minibuffer is active
    
+
    4.2.1.17. Disable garbace collection while minibuffer is active
    
 
    
 
    
 
    @@ -13452,7 +13500,7 @@ This formats the org code block at point in accordance to the 
 
    
 
    
-
    5.2.2. Custom Keybindings
    
+
    4.2.2. Custom Keybindings
    
 
    
 
    
 This defines a set of keybinds that I want to have available globally. I have one set of keys that is globally available through the C-SPC prefix. This set is used mostly for functions that I have trouble remembering the original keybind for, or that I just want to have gathered in a common space.
@@ -13591,7 +13639,7 @@ I also define some keybinds to some combinations directly. Those are used mostly
 
    
 
    
 
    
-
    5.2.3. Directory setup / File structure
    
+
    4.2.3. Directory setup / File structure
    
 
    
 
    
 In this section I setup some aliases that I use for various directories on my system. Some of these are actually used for magit repository finding etc., but many of them serve no real use and I need to clean this up someday.
@@ -13640,7 +13688,7 @@ In this section I setup some aliases that I use for various directories on my sy
 
    
 
    
 
    
-
    5.2.4. Unclutter .emacs.d
    
+
    4.2.4. Unclutter .emacs.d
    
 
    
 
    
 In this section I move the custom.el out of it's standard location in .emacs.d. Firstly, I dislike using this file at all since I would rather have fully stateful configuration as commanded by this file. Secondly, this file is too easily permanently changed. Recently I figured out the last bits that I needed to remove from custom.el to no longer be reliant on it, so I now just write it to a temporary file (through make-temp=file) which will be cleaned on shutdown. However, I like to retain the custom framework because it is nice for testing out theme customizations, hence why I still load the file.
@@ -13666,7 +13714,7 @@ This section also sets the emacs directory to the ~/.cache/ directo
 
    
 
    
 
    
-
    5.2.5. Move backup files to another location
    
+
    4.2.5. Move backup files to another location
    
 
    
 
    
 Many people dislike the Emacs backup files; I do enjoy them, but have to admit that they clutter the filesystem a little too much. Also, I rarely need to access these over different sessions. Hence I move them to /tmp - if Emacs unexpectedly crashes, the files can be recovered, but the backup files will not gather everywhere and will be deleted upon shutdown.
@@ -13697,14 +13745,14 @@ Many people dislike the Emacs backup files; I do enjoy them, but have to admit t
 
    
 
    
 
    
-
    5.3. General init.el setup + UI
    
+
    4.3. General init.el setup + UI
    
 
    
 
    
 In this general section I have settings that I either consider to be integral to my experience when using emacs or have no other section that I feel they belong to.
 
    
 
    
 
    
-
    5.3.1. General setup
    
+
    4.3.1. General setup
    
 
    
 
    
 Here I set up some things that are too minor to put under other categories.
@@ -13775,7 +13823,7 @@ Here I set up some things that are too minor to put under other categories.
 
    
 
    
 
    
-
    5.3.2. Mark all themes as safe
    
+
    4.3.2. Mark all themes as safe
    
 
    
 
    
 Normally when switching themes in emacs, the user will be warned that themes can run malicious code. I only run one theme really and deem it safe. It is however annoying to be asked this on every new system and it also creates lines in custom.el to answer that query, so here I declare all themes as safe.
@@ -13790,7 +13838,7 @@ Normally when switching themes in emacs, the user will be warned that themes can
 
    
 
    
 
    
-
    5.3.3. Show less compilation warnings
    
+
    4.3.3. Show less compilation warnings
    
 
    
 
    
 When Emacs compiles stuff, it often shows a bunch of warnings that I do not need to deal with. Here we silence those. Some will be disabled completely, and some only when we have native compilation available (which should be most of the time, however).
@@ -13809,7 +13857,7 @@ When Emacs compiles stuff, it often shows a bunch of warnings that I do not need
 
    
 
    
 
    
-
    5.3.4. Better garbage collection
    
+
    4.3.4. Better garbage collection
    
 
    
 
    
 This sets up automatic garbage collection when the frame is unused.
@@ -13837,7 +13885,7 @@ This sets up automatic garbage collection when the frame is unused.
 
    
 
    
 
    
-
    5.3.5. Indentation
    
+
    4.3.5. Indentation
    
 
    
 
    
 Here I define several options related to indentation; I first make it so that only whitespace will be used instead of tab characters for indentation, and I also set a small standard indent.
@@ -13880,7 +13928,7 @@ Lastly, I load the highlight-indent-guides package. This adds a nea
 
    
 
    
 
    
-
    5.3.6. Scrolling
    
+
    4.3.6. Scrolling
    
 
    
 
    
 By default, emacs scrolls half a page when reaching the bottom of the buffer. This is extremely annoying. This sets up more granular scrolling that allows scrolling with a mouse wheel or the two-finger touchscreen gesture. This now also works in buffers with a very small frame.
@@ -13910,11 +13958,11 @@ By default, emacs scrolls half a page when reaching the bottom of the buffer. Th
 
    
 
    
 
    
-
    5.3.7. Evil
    
+
    4.3.7. Evil
    
 
    
 
    
     
 
    
-
    5.3.7.2. evil-collection
    
+
    4.3.7.2. evil-collection
    
 
    
 
    
 This gives support for many different modes, and works beautifully out of the box.
@@ -13990,7 +14038,7 @@ This gives support for many different modes, and works beautifully out of the bo
 
    
 
    
 
    
-
    5.3.7.3. evil-snipe
    
+
    4.3.7.3. evil-snipe
    
 
    
 
    
 This package changes the char-search commands like f by showing the results in a more visual manner. It also gives a 2-character search using s and S.
@@ -14010,7 +14058,7 @@ This package changes the char-search commands like f by showing the
 
    
 
    
 
    
-
    5.3.7.4. evil-cleverparens
    
+
    4.3.7.4. evil-cleverparens
    
 
    
 
    
 This helps keeping parentheses balanced which is useful when writing in languages like Elisp. I do not activate this by default, as most languages do not profit from this enough in my eyes.
@@ -14025,7 +14073,7 @@ This helps keeping parentheses balanced which is useful when writing in language
 
    
 
    
 
    
-
    5.3.7.5. evil-surround
    
+
    4.3.7.5. evil-surround
    
 
    
 
    
 This minor-mode adds functionality for doing better surround-commands; for example ci[ will let you change the word within square brackets.
@@ -14044,7 +14092,7 @@ This minor-mode adds functionality for doing better surround-commands; for examp
 
    
 
    
 
    
-
    5.3.8. ispell
    
+
    4.3.8. ispell
    
 
    
 
    
 This should setup a wordlist that can be used as a dictionary. However, for some reason this does not work, and I will need to further investigate this issue.
@@ -14060,7 +14108,7 @@ This should setup a wordlist that can be used as a dictionary. However, for some
 
    
 
    
 
    
-
    5.3.9. Font Configuration
    
+
    4.3.9. Font Configuration
    
 
    
 
    
 Here I define my fonts to be used. Honestly I do not understand the face-attributes and pitches of emacs all too well. It seems this configuration works fine, but I might have to revisit this at some point in the future.
@@ -14088,7 +14136,7 @@ Here I define my fonts to be used. Honestly I do not understand the face-attribu
 
    
 
    
 
    
-
    5.3.10. Theme
    
+
    4.3.10. Theme
    
 
    
 
    
 I have grown to love the doom-citylights theme and have modeled my whole system after it. Also solaire-mode is a nice mode that inverts the alt-faces with the normal faces for specific 'minor' buffers (like Help-buffers).
@@ -14114,7 +14162,7 @@ I have grown to love the doom-citylights theme and have modeled my
 
    
 
    
 
    
-
    5.3.11. Icons
    
+
    4.3.11. Icons
    
 
    
 
    
 This section loads the base icons used in my configuration. I am using nerd-icons over all-the-icons since the former seems to have more integrations with different packages than the latter.
@@ -14137,7 +14185,7 @@ Used in:
 
    
 
    
 
    
-
    5.3.12. Variable Pitch Mode
    
+
    4.3.12. Variable Pitch Mode
    
 
    
 
    
 This minor mode allows mixing fixed and variable pitch fonts within the same buffer.
@@ -14158,7 +14206,7 @@ This minor mode allows mixing fixed and variable pitch fonts within the same buf
 
    
 
    
 
    
-
    5.3.13. Modeline
    
+
    4.3.13. Modeline
    
 
    
 
    
 Here I set up the modeline with some information that I find useful. Specficially I am using the doom modeline. Most informations I disable for it, except for the cursor information (row + column) as well as a widget for mu4e and git information.
@@ -14185,7 +14233,7 @@ I have currently disabled this in favor of 
-
    5.3.14. mini-modeline
    
+
    4.3.14. mini-modeline
    
 
    
 
    
 I have found that the doom-modeline, while very useful, consumes too much screen space for my liking. This modeline takes a more minimalistic approach.
@@ -14225,11 +14273,11 @@ I have found that the doom-modeline, while very useful, consumes too much screen
 
    
 
    
 
    
-
    5.3.15. Helper Modes
    
+
    4.3.15. Helper Modes
    
 
    
 
    
 
    
-
    5.3.15.1. Vertico, Orderless, Marginalia, Consult, Embark
    
+
    4.3.15.1. Vertico, Orderless, Marginalia, Consult, Embark
    
 
    
 
    
 This set of packages uses the default emacs completion framework and works together to provide a very nice user experience:
@@ -14248,7 +14296,7 @@ Nerd icons is originally enabled here: 
-
    5.3.15.1.1. vertico
    
+
    4.3.15.1.1. vertico
    
 
    
 
    
 
    @@ -14270,7 +14318,7 @@ Nerd icons is originally enabled here: 
-
    5.3.15.1.2. vertico-directory
    
+
    4.3.15.1.2. vertico-directory
    
 
    
 
    
 This package allows for Ido-like directory navigation.
@@ -14292,7 +14340,7 @@ This package allows for Ido-like directory navigation.
 
    
 
    
 
    
-
    5.3.15.1.3. orderless
    
+
    4.3.15.1.3. orderless
    
 
    
 
    
 When first installing orderless, I often times faced the problem, that when editing long files and calling consult-line, Emacs would hang when changing a search term in the middle (e.g. from servicse.xserver to servic.xserver in order to fix the typo). The below orderless rules have a more strict matching that has a positive impact on performance.
@@ -14322,7 +14370,7 @@ When first installing orderless, I often times faced the problem, that when edit
 
    
 
    
 
    
-
    5.3.15.1.4. consult
    
+
    4.3.15.1.4. consult
    
 
    
 
    
 The big winner here are the convenient keybinds being setup here for general use. Also, I setup vim-navigation for minibuffer completions. consult-buffer is set twice because I am still used to that weird C-M-j command that I chose for ivy-switch-buffer when I first started using Emacs. I want to move to the other command but for now it is not feasible to delete the other one.
@@ -14352,7 +14400,7 @@ The big winner here are the convenient keybinds being setup here for general use
 
    
 
    
 
    
-
    5.3.15.1.5. embark
    
+
    4.3.15.1.5. embark
    
 
    
 
    
 I have stripped down the embark keybinds heavily. It is very useful to me even in it's current state, but it quickly becomes overwhelming. embark-dwim acts on a candidate without closing the minibuffer, which is very useful. embark-act lets the user choose from all actions, but has an overwhelming interface.
@@ -14380,7 +14428,7 @@ I have stripped down the embark keybinds heavily. It is very useful to me even i
 
    
 
    
 
    
-
    5.3.15.1.6. embark-consult
    
+
    4.3.15.1.6. embark-consult
    
 
    
 
    
 Provides previews for embark.
@@ -14400,7 +14448,7 @@ Provides previews for embark.
 
    
 
    
 
    
-
    5.3.15.1.7. marginalia
    
+
    4.3.15.1.7. marginalia
    
 
    
 
    
 I set the annotation-mode of marginalia to heavy. This gives even more information on the stuff that you are looking at. One thing I am missing from ivy is the highlighting on mode-commands based on the current state of the mode. Also, I do not understand all the shorthands used by marginalia yet.
@@ -14418,7 +14466,7 @@ I set the annotation-mode of marginalia to heavy. This gives even m
 
    
 
    
 
    
-
    5.3.15.1.8. nerd-icons-completion
    
+
    4.3.15.1.8. nerd-icons-completion
    
 
    
 
    
 As stated above, this simply provides nerd-icons to the completion framework.
@@ -14439,7 +14487,7 @@ As stated above, this simply provides nerd-icons to the completion framework.
 
    
 
    
 
    
-
    5.3.15.2. Helpful + which-key: Better help defaults
    
+
    4.3.15.2. Helpful + which-key: Better help defaults
    
 
    
 
    
 This pair of packages provides information on keybinds in addition to function names, which makes it easier to remember keybinds (which-key). The helpful package provides a better Help framework for Emacs. For some reason, the Help windows are always being focused by the cursor even though I have set help-window-select to nil. I do not understand why.
@@ -14467,7 +14515,7 @@ This pair of packages provides information on keybinds in addition to function n
 
    
 
    
 
    
-
    5.3.16. Ligatures
    
+
    4.3.16. Ligatures
    
 
    
 
    
 Personally, I think ligatures are fancy. With this mode, they stay 'cursorable'. However, I do not need them in all modes, so I only use them in programming modes.
@@ -14499,7 +14547,7 @@ Personally, I think ligatures are fancy. With this mode, they stay 'cursorable'.
 
    
 
    
 
    
-
    5.3.17. Popup (popper) + Shackle Buffers
    
+
    4.3.17. Popup (popper) + Shackle Buffers
    
 
    
 
    
 The popper package allows to declare different buffers as 'popup-type', which sort of acts like a scratchpad. It can be toggled at any time using popper-toggle and the resulting frame can be freely customized (with shackle) to a certain size. It is also possible to prevent a buffer from appearing - I do this for example to the *Warnings* buffer, since usually I am not interested in it's output.
@@ -14552,7 +14600,7 @@ The popper package allows to declare different buffers as 'popup-type', which so
 
    
 
    
 
    
-
    5.3.18. Indicate first and last line of buffer
    
+
    4.3.18. Indicate first and last line of buffer
    
 
    
 
    
 This places little angled indicators on the fringe of a window which indicate buffer boundaries. This is not super useful, but makes use of a space that I want to keep for aesthetic reasons anyways and makes it a bit more useful in the process.
@@ -14567,7 +14615,7 @@ This places little angled indicators on the fringe of a window which indicate bu
 
    
 
    
 
    
-
    5.3.19. Authentication
    
+
    4.3.19. Authentication
    
 
    
 
    
 This defines the authentication sources used by org-calfw (Calendar) and Forge.
@@ -14586,7 +14634,7 @@ This defines the authentication sources used by org-calfw (
 
    
 
    
-
    5.4. Modules
    
+
    4.4. Modules
    
 
    
 
    
 This section houses all configuration bits that are related to a specific package that is not fundamental to my Emacs experience.
@@ -14597,7 +14645,7 @@ At some point this will receive further sorting, but for now this is good enough
 
    
 
    
 
    
-
    5.4.1. Org Mode
    
+
    4.4.1. Org Mode
    
 
    
 
    
 org-mode is probably my most-used mode in Emcas. It acts as my organizer, config management tool and calender even.
@@ -14608,7 +14656,7 @@ Note that nearly all headings within the Org-mode heading are coded
 
    
 
    
     
 
    
-
    5.4.1.2. org-agenda
    
+
    4.4.1.2. org-agenda
    
 
    
 
    
 Here I setup a plethora of keywords, keybinds and paths to give my org-agenda more power.
@@ -14716,7 +14764,7 @@ Here I setup a plethora of keywords, keybinds and paths to give my org-agenda mo
 
    
 
    
 
    
-
    5.4.1.3. org capture templates
    
+
    4.4.1.3. org capture templates
    
 
    
 
    
 I wrote these capture templates to allow myself to quickly create Anki cards from within Emacs. I nearly never use this feature, but it cannot hurt to have.
@@ -14745,7 +14793,7 @@ I wrote these capture templates to allow myself to quickly create Anki cards fro
 
    
 
    
 
    
-
    5.4.1.4. Font Faces
    
+
    4.4.1.4. Font Faces
    
 
    
 
    
 Again, my understanding of the font-faces in Emacs is limited. This is mostly just tuned so that my org-files look acceptable.
@@ -14781,7 +14829,7 @@ Again, my understanding of the font-faces in Emacs is limited. This is mostly ju
 
    
 
    
 
    
-
    5.4.1.5. org-appear
    
+
    4.4.1.5. org-appear
    
 
    
 
    
 This package makes emphasis-markers appear when the cursor moves over them. Very useful as I enjoy the clean look of not always seeing them, but it is annoying not to be able to edit them properly.
@@ -14802,7 +14850,7 @@ This package makes emphasis-markers appear when the cursor moves over them. Very
 
    
 
    
     
 
    
-
    5.4.1.7. Fix headings not folding sometimes
    
+
    4.4.1.7. Fix headings not folding sometimes
    
 
    
 
    
 There is a weird bug in org-mode that makes it so that headings were not folding correctly sometimes. This setting seems to fix it.
@@ -14837,7 +14885,7 @@ There is a weird bug in org-mode that makes it so that headings were not folding
 
    
 
    
 
    
-
    5.4.1.8. Babel
    
+
    4.4.1.8. Babel
    
 
    
 
    
 org-babel allows to run blocks in other programming languages within an org-mode buffer, similar to what e.g. jupyterhub offers for python.
@@ -14848,7 +14896,7 @@ It also offers a very useful utility of exporting org-mode buffers to different
 
    
 
    
 
    
-
    5.4.1.8.1. Language Configuration
    
+
    4.4.1.8.1. Language Configuration
    
 
    
 
      
 
    • This configures the languages that babel recognizes.
      • 
@@ -14875,7 +14923,7 @@ It also offers a very useful utility of exporting org-mode buffers to different
 
    
 
    
 
    
-
    5.4.1.8.2. old easy structure templates
    
+
    4.4.1.8.2. old easy structure templates
    
 
    
 
      
 
    • 
@@ -14901,7 +14949,7 @@ Usage: Type <, followed by one of the below keywords and press <
 
    
 
    
 
    
-
    5.4.1.9. aucTex
    
+
    4.4.1.9. aucTex
    
 
    
 
    
 This provides several utilities for LaTeX in Emacs, including many completions and convenience functions for math-mode.
@@ -14929,7 +14977,7 @@ This provides several utilities for LaTeX in Emacs, including many completions a
 
    
 
    
 
    
-
    5.4.1.10. org-download
    
+
    4.4.1.10. org-download
    
 
    
 
    
 This package allows to download and copy images into org-mode buffers. Sadly it does not work in a very stable manner - if you copy images that are also links to another page (like is often the case in a Google image search), Emacs might crash from this.
@@ -14957,7 +15005,7 @@ This package allows to download and copy images into org-mode buffers. Sadly it
 
    
 
    
 
    
-
    5.4.1.11. org-fragtog
    
+
    4.4.1.11. org-fragtog
    
 
    
 
    
 This package automatically toggles LaTeX-fragments in org-files. It seems to also work in markdown-files which is a nice addition, as my Obsidian notes are held in markdown.
@@ -14974,7 +15022,7 @@ This package automatically toggles LaTeX-fragments in org-files. It seems to als
 
    
 
    
 
    
-
    5.4.1.12. org-modern
    
+
    4.4.1.12. org-modern
    
 
    
 
    
 This just makes org-mode a little bit more beautiful, mostly by making the begin_src and end_src tags in source-blocks turn into more beautiful icons, as well as hiding #+ tags before them, as well as in the properties section of the file.
@@ -14993,7 +15041,7 @@ This just makes org-mode a little bit more beautiful, mostly by making the 
 
    
 
    
-
    5.4.1.13. Presentations
    
+
    4.4.1.13. Presentations
    
 
    
 
    
 Recently I have grown fond of holding presentations using Emacs :)
@@ -15109,7 +15157,7 @@ Recently I have grown fond of holding presentations using Emacs :)
 
    
 
    
 
    
-
    5.4.2. Nix Mode
    
+
    4.4.2. Nix Mode
    
 
    
 
    
 This adds a rudimentary nix-mode to Emacs. I have not really tried this out, as I am mostly editing nix-files in org-mode anyways.
@@ -15126,7 +15174,7 @@ This adds a rudimentary nix-mode to Emacs. I have not really tried this out, as
 
    
 
    
 
    
-
    5.4.3. HCL Mode
    
+
    4.4.3. HCL Mode
    
 
    
 
    
 This adds support for Hashicorp Configuration Language. I need this at work.
@@ -15144,7 +15192,7 @@ This adds support for Hashicorp Configuration Language. I need this at work.
 
    
 
    
 
    
-
    5.4.4. Jenkinsfile/Groovy
    
+
    4.4.4. Jenkinsfile/Groovy
    
 
    
 
    
 This adds support for Groovy, which I specifically need to work with Jenkinsfiles. I need this at work.
@@ -15162,7 +15210,7 @@ This adds support for Groovy, which I specifically need to work with Jenkinsfile
 
    
 
    
 
    
-
    5.4.5. Dockerfile
    
+
    4.4.5. Dockerfile
    
 
    
 
    
 This adds support for Dockerfiles. I need this at work.
@@ -15178,7 +15226,7 @@ This adds support for Dockerfiles. I need this at work.
 
    
 
    
 
    
-
    5.4.6. Terraform Mode
    
+
    4.4.6. Terraform Mode
    
 
    
 
    
 This adds support for Terraform configuration files. I need this at work.
@@ -15199,7 +15247,7 @@ This adds support for Terraform configuration files. I need this at work.
 
    
 
    
 
    
-
    5.4.7. nixpkgs-fmt
    
+
    4.4.7. nixpkgs-fmt
    
 
    
 
    
 Adds functions for formatting nix code.
@@ -15214,7 +15262,7 @@ Adds functions for formatting nix code.
 
    
 
    
 
    
-
    5.4.8. shfmt
    
+
    4.4.8. shfmt
    
 
    
 
    
 Adds functions for formatting shellscripts.
@@ -15232,11 +15280,11 @@ Adds functions for formatting shellscripts.
 
    
 
    
 
    
-
    5.4.9. Markdown Mode
    
+
    4.4.9. Markdown Mode
    
 
    
 
    
 
    
-
    5.4.9.1. Mode
    
+
    4.4.9.1. Mode
    
 
    
 
    
 
    @@ -15254,7 +15302,7 @@ Adds functions for formatting shellscripts.
 
    
 
    
 
    
-
    5.4.9.2. LaTeX in Markdown
    
+
    4.4.9.2. LaTeX in Markdown
    
 
    
 
    
 
    @@ -15270,7 +15318,7 @@ Adds functions for formatting shellscripts.
 
    
 
    
 
    
-
    5.4.10. Olivetti
    
+
    4.4.10. Olivetti
    
 
    
 
    
 Olivetti is a mode specialized for writing prose in Emacs. I went for a very simple setup with little distractions.
@@ -15292,7 +15340,7 @@ This mode is not automatically activated anywhere because I only rarely need it.
 
    
 
    
 
    
-
    5.4.11. elfeed
    
+
    4.4.11. elfeed
    
 
    
 
    
 
    @@ -15329,7 +15377,7 @@ This mode is not automatically activated anywhere because I only rarely need it.
 
    
 
    
 
    
-
    5.4.12. darkroom
    
+
    4.4.12. darkroom
    
 
    
 
    
 Darkroom is package that reduces all forms of distraction to a minimum - this can be useful when simply reading a file for example. For this mode I have increased the text scale by a large margin to make for comfortable reading
@@ -15347,7 +15395,7 @@ This mode is not automatically activated anywhere because I only rarely need it.
 
    
 
    
 
    
-
    5.4.13. Ripgrep
    
+
    4.4.13. Ripgrep
    
 
    
 
    
 This is the ripgrep command for Emacs.
@@ -15362,7 +15410,7 @@ This is the ripgrep command for Emacs.
 
    
 
    
 
    
-
    5.4.14. Tree-sitter
    
+
    4.4.14. Tree-sitter
    
 
    
 
    
 Tree-sitter is a parsing library integrated into Emacs to provide better syntax highlighting and code analysis. It generates concrete syntax trees for source code, enabling more accurate and efficient text processing. Emacs' tree-sitter integration enhances language support, offering features like incremental parsing and precise syntax-aware editing. This improves the development experience by providing robust and dynamic syntax features, making it easier for me to navigate and manipulate code.
@@ -15421,7 +15469,7 @@ In order to update the language grammars, run the next command below.
 
    
 
    
 
    
-
    5.4.15. direnv (envrc)
    
+
    4.4.15. direnv (envrc)
    
 
    
 
    
 
    @@ -15434,7 +15482,7 @@ In order to update the language grammars, run the next command below.
 
    
 
    
 
    
-
    5.4.16. avy
    
+
    4.4.16. avy
    
 
    
 
    
 avy provides the ability to search for any character on the screen (not only in the current buffer!) - I enjoy this utility a lot and use it possibly even more often than the native vim commands.
@@ -15453,7 +15501,7 @@ In order to update the language grammars, run the next command below.
 
    
 
    
 
    
-
    5.4.17. crdt (Collaborative Editing)
    
+
    4.4.17. crdt (Collaborative Editing)
    
 
    
 
    
 With this it is possible to work on the same file collaboratively. I have never tried it out, but it sounds cool.
@@ -15468,7 +15516,7 @@ With this it is possible to work on the same file collaboratively. I have never
 
    
 
    
     
 
    
-
    5.4.19. Projectile
    
+
    4.4.19. Projectile
    
 
    
 
    
 projectile is useful for keeping track of your git projects within Emacs. I mostly use it to quickly switch between projects.
@@ -15529,7 +15577,7 @@ projectile is useful for keeping track of your git projects within Emacs. I most
 
    
 
    
 
    
-
    5.4.20. Magit
    
+
    4.4.20. Magit
    
 
    
 
    
 magit is the best git utility I have ever used - it has a beautiful interface and is very verbose. Here I mostly just setup the list of repositories that I want to expost to magit.
@@ -15554,7 +15602,7 @@ Also, Emacs needs a little extra love to accept my Yubikey for git commits etc.
 
    
 
    
 
    
-
    5.4.21. Yubikey support
    
+
    4.4.21. Yubikey support
    
 
    
 
    
 The following settings are needed to make sure emacs works for magit commits and pushes. It is not a beautiful solution since commiting uses pinentry-emacs and pushing uses pinentry-gtk2, but it works for now at least.
@@ -15574,7 +15622,7 @@ The following settings are needed to make sure emacs works for magit commits and
 
    
 
    
 
    
-
    5.4.22. Forge
    
+
    4.4.22. Forge
    
 
    
 
    
 NOTE: Make sure to configure a GitHub token before using this package!
@@ -15612,7 +15660,7 @@ machine api.github.com login USERNAMEforge password 012345abcdef 
 
    
 
    
 
    
-
    5.4.23. git-timemachine
    
+
    4.4.23. git-timemachine
    
 
    
 
    
 This is just a nice utility to browse different versions of a file of a git project within Emacs.
@@ -15629,7 +15677,7 @@ This is just a nice utility to browse different versions of a file of a git proj
 
    
 
    
 
    
-
    5.4.24. Delimiters (brackets): rainbow-delimiters, highlight-parentheses
    
+
    4.4.24. Delimiters (brackets): rainbow-delimiters, highlight-parentheses
    
 
    
 
      
 
    • rainbow-delimiters colors all delimiters, also ones not in current selection
      • 
@@ -15672,7 +15720,7 @@ I am not completely sure on electric-pair-mode yet, sometimes it is very helpful
 
    
 
    
 
    
-
    5.4.25. rainbow-mode
    
+
    4.4.25. rainbow-mode
    
 
    
 
    
 Complimentary to the delimiters-packages above, this package sets the background color of the delimiters, which makes it easier to see at a glance where we are in a delimiter-tree.
@@ -15688,7 +15736,7 @@ Complimentary to the delimiters-packages above, this package sets the background
 
    
 
    
 
    
-
    5.4.26. Corfu
    
+
    4.4.26. Corfu
    
 
    
 
    
 This is the company equivalent to the vertico gang.
@@ -15757,7 +15805,7 @@ Navigation functions defined here: 
-
    5.4.27. cape
    
+
    4.4.27. cape
    
 
    
 
    
 cape adds even more completion capabilities by adding a lot of completion logic that is exposed as separate functions. I tried out adding these to the completion-at-points-functions alist, but I felt like it cluttered my suggestions too much. Hence I now just call the respective functions when I need them. For this I setup the C-z keybinding in General evil.
@@ -15811,7 +15859,7 @@ I leave the commented out alist extensions here in case I want to try them out a
 
    
 
    
 
    
-
    5.4.28. rust
    
+
    4.4.28. rust
    
 
    
 
    
 This sets up rustic-mode with tree-sitter support - there is still one issue to iron out with automatic adding of dependency crates, but everything else works fine now.
@@ -15838,7 +15886,7 @@ This sets up rustic-mode with tree-sitter support - there is still one issue to
 
    
 
    
 
    
-
    5.4.29. Tramp
    
+
    4.4.29. Tramp
    
 
    
 
    
 Tramp allows for SSH access of files over Emacs. I have no ideas what the options here mean, but this is a recommended configuration that I found (sadly I lost the link). I need to research more what these options really do.
@@ -15878,7 +15926,7 @@ Tramp allows for SSH access of files over Emacs. I have no ideas what the option
 
    
 
    
 
    
-
    5.4.30. diff-hl
    
+
    4.4.30. diff-hl
    
 
    
 
    
 This is a simple highlighting utility that uses the margin to visually show the differences since the last git commit.
@@ -15900,7 +15948,7 @@ This is a simple highlighting utility that uses the margin to visually show the
 
    
 
    
 
    
-
    5.4.31. Commenting
    
+
    4.4.31. Commenting
    
 
    
 
    
 This package allows for swift commenting out and in of code snippets. For some reason, it is a bit broken in my config, as it sometimes comments out too much, sometimes too little, and sometimes it splits lines during commenting. Also, in org-mode when inside a src-block, it often times jumps to the top of the block.
@@ -15920,7 +15968,7 @@ Still, this is avery convenient package.
 
    
 
    
 
    
-
    5.4.32. yasnippet
    
+
    4.4.32. yasnippet
    
 
    
 
    
 yasnippet allows to define snippets that can be quickly expanded by hitting the TAB key after inputting a keyword.
@@ -15941,7 +15989,7 @@ I used to run this together with the yasnippet-snippets package, bu
 
    
 
    
 
    
-
    5.4.32.0.1. yasnippet math-snippets
    
+
    4.4.32.0.1. yasnippet math-snippets
    
 
    
 
    
 The following block is mostly inspired from https://code.kulupu.party/thesuess/WTFmacs/ and sets up a few prefixes that make LaTeX-math-mode nicer to use even with auctex and cape enabled.
@@ -16006,7 +16054,7 @@ The following block is mostly inspired from 
-
    5.4.33. eglot
    
+
    4.4.33. eglot
    
 
    
 
    
 After having tried out lsp-mode and lsp-bridge for a while each, I must say that eglot feels the most clean and fast to me.
@@ -16061,7 +16109,7 @@ After having tried out lsp-mode and lsp-bridge for a w
 
    
 
    
 
    
-
    5.4.34. sideline-flymake
    
+
    4.4.34. sideline-flymake
    
 
    
 
    
 This brings back warnings and errors on the sideline for eglot; a feature that I have been missing from lsp-mode for a while.
@@ -16081,7 +16129,7 @@ This brings back warnings and errors on the sideline for eglot; a feature that I
 
    
 
    
 
    
-
    5.4.35. Breadcrumb
    
+
    4.4.35. Breadcrumb
    
 
    
 
    
 This simple shows the path to the current file on the top of the buffer - I just think it looks kind of neat, even though it is not extremely useful :)
@@ -16098,7 +16146,7 @@ This simple shows the path to the current file on the top of the buffer - I just
 
    
 
    
 
    
-
    5.4.36. Prevent breaking of hardlinks
    
+
    4.4.36. Prevent breaking of hardlinks
    
 
    
 
    
 This setting ensures that hard links are preserved during the backup process, which is useful for maintaining the integrity of files that are linked in multiple locations.
@@ -16113,7 +16161,7 @@ This setting ensures that hard links are preserved during the backup process, wh
 
    
 
    
 
    
-
    5.4.37. Dirvish
    
+
    4.4.37. Dirvish
    
 
    
 
    
 Dirvish is an improvement upon the dired-framework and has more features like file preview etc. Sadly it has an incompatibility with openwith which is why I have disabled that package.
@@ -16177,7 +16225,7 @@ Dirvish is an improvement upon the dired-framework and has more features like fi
 
    
 
    
 
    
-
    5.4.38. pdf-tools: pdf-viewer and support for dirvish
    
+
    4.4.38. pdf-tools: pdf-viewer and support for dirvish
    
 
    
 
    
 This enables pdf-previewing in dirvish and gives a much better pdf-viewer than is shipped normally by emacs.
@@ -16196,7 +16244,7 @@ This enables pdf-previewing in dirvish and gives a much better pdf-viewer than i
 
    
 
    
 
    
-
    5.4.39. Jupyter
    
+
    4.4.39. Jupyter
    
 
    
 
    
 This is a jupyter client. Using it is a bit cumbersome though, so I have not fully explored all features.
@@ -16211,7 +16259,7 @@ This is a jupyter client. Using it is a bit cumbersome though, so I have not ful
 
    
 
    
 
    
-
    5.4.40. undo-tree
    
+
    4.4.40. undo-tree
    
 
    
 
    
 Base emacs undo logic is very useful, but not easy to understand for me. I prefer undo-tree, which makes switching between branches easier and also allows quickly switching back to a much older state using the visualizer.
@@ -16250,7 +16298,7 @@ While we are at it, we are also setting up a persistent undo-file for every file
 
    
 
    
 
    
-
    5.4.41. Hydra
    
+
    4.4.41. Hydra
    
 
    
 
    
 Hydra allows for the writing of macro-style functions. I have not yet looked into this all too much, but it seems to be a potent feature.
@@ -16264,7 +16312,7 @@ Hydra allows for the writing of macro-style functions. I have not yet looked int
 
    
 
    
 
    
-
    5.4.41.1. Text scaling
    
+
    4.4.41.1. Text scaling
    
 
    
 
    
 I only wrote this in order to try out hydra; rarely do I really need this. However, it can be useful for Presentations. It simply scales the text size.
@@ -16286,11 +16334,11 @@ I only wrote this in order to try out hydra; rarely do I really need this. Howev
 
    
 
    
 
    
-
    5.4.42. External Applications
    
+
    4.4.42. External Applications
    
 
    
 
    
 
    
-
    5.4.42.1. Obsidian
    
+
    4.4.42.1. Obsidian
    
 
    
 
    
 This provides an interface to Obsidian for Emacs - as much as I want to like it, I actually enjoy using the official Obsidian app more - even though that cannot be used by Emacs directly.
@@ -16336,14 +16384,14 @@ I hope that this package will improve, then I will come back to it one day.
 
    
 
    
 
    
-
    5.4.42.2. Anki
    
+
    4.4.42.2. Anki
    
 
    
 
    
 This section is here to make Anki usable from within Emacs - an endeavour that I have mostly given up on.
 
    
 
    
 
    
-
    5.4.42.2.1. Basic Anki setup
    
+
    4.4.42.2.1. Basic Anki setup
    
 
    
 
    
 
    @@ -16390,7 +16438,7 @@ This section is here to make Anki usable from within Emacs - an endeavour that I
 
    
 
    
 
    
-
    5.4.42.2.2. Own Anki functions
    
+
    4.4.42.2.2. Own Anki functions
    
 
    
 
      
 
    • These functions enable you to quickly set the destination note type and deck
      • 
@@ -16435,11 +16483,11 @@ This section is here to make Anki usable from within Emacs - an endeavour that I
 
    
 
    
 
    
-
    5.4.43. Email
    
+
    4.4.43. Email
    
 
    
 
    
 
    
-
    5.4.43.1. make sure mu4e is found
    
+
    4.4.43.1. make sure mu4e is found
    
 
    
 
    
 This seems not to be needed - I do not yet dare to delete it though.
@@ -16463,7 +16511,7 @@ This seems not to be needed - I do not yet dare to delete it though.
 
    
 
    
 
    
-
    5.4.43.2. mu4e
    
+
    4.4.43.2. mu4e
    
 
    
 
    
 In this section we are setting up mu4e, a mail client for emacs using mu with mbsync as backend. The mail accounts themselves are setup in the NixOS configuration, so we only need to add Emacs specific settings here.
@@ -16525,7 +16573,7 @@ The hook functions are defined here: 
-
    5.4.43.3. mu4e-alert
    
+
    4.4.43.3. mu4e-alert
    
 
    
 
    
 This adds the simple utility of sending desktop notifications whenever a new mail is received. I am using libnotify because I want to use this with notify-send.
@@ -16546,7 +16594,7 @@ This adds the simple utility of sending desktop notifications whenever a new mai
 
    
 
    
 
    
-
    5.4.44. Calendar
    
+
    4.4.44. Calendar
    
 
    
 
    
 This provides a beautiful calender to emacs.
@@ -16614,7 +16662,7 @@ Yes, I am aware that I am exposing my university-calendar to the public here. I
 
    
 
    
 
    
-
    5.4.45. Dashboard: emacs startup screen
    
+
    4.4.45. Dashboard: emacs startup screen
    
 
    
 
    
 This sets up the dashboard, which is really quite useless. But, it looks cool and makes me happy whenever I start an emacsclient without a file name as argument :)
@@ -16687,7 +16735,7 @@ This sets up the dashboard, which is really quite useless. But, it
 
    
 
    
 
    
-
    5.4.46. vterm
    
+
    4.4.46. vterm
    
 
    
 
    
 
    @@ -16806,7 +16854,7 @@ Prints a reasuring message to proove good faith."
 
    
 
    
 
    
-
    5.4.47. multiple cursors
    
+
    4.4.47. multiple cursors
    
 
    
 
    
 
    @@ -16818,10 +16866,652 @@ Prints a reasuring message to proove good faith."
 
    
 
    
 
    
+
    
+
    5. Appendix A: Noweb-Ref blocks
    
+
    
+
    
+These blocks are used in several places throughout the configurations, but not on all machines necessarily. For example, the theming section needs to be in a NixOS block on NixOS machines but in a home-manager block on non-NixOS.
+
    
+
+
    
+Originally, I used this method a lot throughout my configuration. However, as my knowledge of NixOS grew, I have been weeding these snippets out more and more as I find more efficient native solutions. Now, only the theming block remains.
+
    
+
+
    
+This serves only to reduce code duplication in this file. The tangled files experience no size reduction, since noweb-ref only substitutes these blocks in.
+
    
+
    
+
    
+
    5.1. Theme (stylix)
    
+
    
+
    
+For styling, I am using the stylix NixOS module, loaded by flake. This package is really great, as it adds nix expressions for basically everything. Ever since switching to this, I did not have to play around with theming anywhere else.
+
    
+
+
    
+The full list of nerd-fonts can be found here: https://github.com/NixOS/nixpkgs/blob/nixos-unstable/pkgs/data/fonts/nerd-fonts/manifests/fonts.json
+
    
+
+
    
+This is where the theme for the whole OS is defined. Originally, this noweb-ref section could not be copied to the general NixOS config since they are on different folder structure levels in the config, which would have made the flake impure. By now, I have found out that using the ${self} method for referencing the flake root, I could circumvent this problem. Also, the noweb-ref block could in general be replaced by a custom attribute set (see for example firefox). The difference here is, however, that this block is used in a NixOS and a home-manager-only configuration, verbatim. If I were to use an attribute set, I would have to duplicate this block once each for NixOS and home-manager. Alas, this block stays (for now).
+
    
+
+
+
    
+
    +enable = true;
+base16Scheme = "${self}/wallpaper/swarsel.yaml";
+# base16Scheme = "${pkgs.base16-schemes}/share/themes/shapeshifter.yaml";
+polarity = "dark";
+opacity.popups = 0.5;
+cursor = {
+  package = pkgs.capitaine-cursors;
+  name = "capitaine-cursors";
+  size = 16;
+};
+fonts = {
+  sizes = {
+    terminal = 10;
+    applications = 11;
+  };
+  serif = {
+    # package = (pkgs.nerdfonts.override { fonts = [ "FiraMono" "FiraCode"]; });
+    package = pkgs.cantarell-fonts;
+    # package = pkgs.montserrat;
+    name = "Cantarell";
+    # name = "FiraCode Nerd Font Propo";
+    # name = "Montserrat";
+  };
+
+  sansSerif = {
+    # package = (pkgs.nerdfonts.override { fonts = [ "FiraMono" "FiraCode"]; });
+    package = pkgs.cantarell-fonts;
+    # package = pkgs.montserrat;
+    name = "Cantarell";
+    # name = "FiraCode Nerd Font Propo";
+    # name = "Montserrat";
+  };
+
+  monospace = {
+    package = pkgs.nerd-fonts.fira-mono; # has overrides
+
+    name = "FiraCode Nerd Font Mono";
+  };
+
+  emoji = {
+    package = pkgs.noto-fonts-emoji;
+    name = "Noto Color Emoji";
+  };
+};
+
+
    
+
    
+
    
+
    
+
    
+
    
+
    6. Appendix B: Supplementary Files
    
+
    
+
    
+This section now holds some of the configuration files that cannot be defined directly within NixOS configuration. These files are usually symlinked using home.file.
+
    
+
    
+
    
+
    6.1. Server Emacs config
    
+
    
+
    
+On my server, I use a reduced, self-contained emacs configuration that only serves as an elfeed sync server. This is currently unused, however, I am keeping this in here for now as a reference. The big problem here was the bidirectional syncing using bjm/elfeed-updater. As I am using this both on a laptop client (using elfeed) as well as on a mobile phone (using elfeed-cljsrn over elfeed-web), I set up a Syncthing service to take care of the feeds as well as the db state. However, I could only either achieve changes propagating properly from the laptop to the server or from the phone to the server. Both would not work. This current state represents the state where from-laptop changes would propagate. To allow from-phone changes, change (elfeed-db-load) in bjm/elfeed-updater to (elfeed-db-save).
+
    
+
+
+
    
+
    (require 'package)
+
+(package-initialize nil)
+(setq package-enable-at-startup nil)
+
+(add-to-list 'package-archives '("org" . "http://orgmode.org/elpa/") t)
+
+(add-to-list 'package-archives
+             '("melpa" . "https://melpa.org/packages/") t)
+
+
+(package-initialize)
+
+(let ((default-directory  "~/.emacs.d/elpa/"))
+  (normal-top-level-add-subdirs-to-load-path))
+
+(unless (package-installed-p 'use-package)
+  (package-refresh-contents)
+  (package-install 'use-package))
+
+(require 'use-package)
+
+(use-package elfeed
+  :ensure t
+  :bind (:map elfeed-search-mode-map
+              ("q" . bjm/elfeed-save-db-and-bury)))
+
+(require 'elfeed)
+
+(use-package elfeed-org
+  :ensure t
+  :config
+  (elfeed-org)
+  (setq rmh-elfeed-org-files (list "/var/lib/syncthing/.elfeed/elfeed.org")))
+
+(use-package elfeed-goodies
+  :ensure t)
+
+(elfeed-goodies/setup)
+
+(use-package elfeed-web
+  :ensure t)
+
+(global-set-key (kbd "C-x w") 'bjm/elfeed-load-db-and-open)
+
+(define-key elfeed-show-mode-map (kbd "j") 'elfeed-goodies/split-show-next)
+(define-key elfeed-show-mode-map (kbd "k") 'elfeed-goodies/split-show-prev)
+(define-key elfeed-search-mode-map (kbd "j") 'next-line)
+(define-key elfeed-search-mode-map (kbd "k") 'previous-line)
+(define-key elfeed-show-mode-map (kbd "S-SPC") 'scroll-down-command)
+
+
+(defun bjm/elfeed-save-db-and-bury ()
+  "Wrapper to save the elfeed db to disk before burying buffer"
+  (interactive)
+  (elfeed-db-save)
+  (quit-window))
+
+(defun bjm/elfeed-load-db-and-open ()
+  "Wrapper to load the elfeed db from disk before opening"
+  (interactive)
+  (elfeed-db-load)
+  (elfeed)
+  (elfeed-search-update--force)
+  (elfeed-update))
+
+(defun bjm/elfeed-updater ()
+  "Wrapper to load the elfeed db from disk before opening"
+  (interactive)
+  (elfeed-db-load))
+
+(run-with-timer 0 (* 1 60) 'bjm/elfeed-updater)
+
+(setq httpd-port 9812)
+(setq httpd-host "0.0.0.0")
+(setq httpd-root "/root/.emacs.d/elpa/elfeed-web-20240729.1741/")
+(setq elfeed-db-directory "/var/lib/syncthing/.elfeed/db/")
+
+(httpd-start)
+(elfeed-web-start)
+
+
    
+
    
+
    
+
    
+
    
+
    6.2. tridactylrc
    
+
    
+
    
+This is the configuration file for tridactyl, which provides keyboard-driven navigation in firefox. Pay attention to the warnings in this file; depending on your browsing behaviour, you might expose yourself to some vulnerabilities by copying this configuration.
+
    
+
+
+
    
+
    +sanitise tridactyllocal tridactylsync
+
+colourscheme base16-codeschool
+
+" General Settings
+set update.lastchecktime 1720629386560
+set update.lastnaggedversion 1.24.1
+set update.nag true
+set update.nagwait 7
+set update.checkintervalsecs 86400
+set configversion 2.0
+set searchurls.no https://search.nixos.org/options?query=
+set searchurls.np https://search.nixos.org/packages?query=
+set searchurls.hm https://home-manager-options.extranix.com/?query=
+set completions.Tab.statusstylepretty true
+set hintfiltermode vimperator-reflow
+set hintnames numeric
+
+" Binds
+bind <C-m> buffer #
+bind gd tabdetach
+bind gD composite tabduplicate; tabdetach
+bind d composite tabprev; tabclose #
+bind D tabclose
+bind c hint
+bindurl ^http(s)?://www\.google\.com c hint -Jc [class="LC20lb MBeuO DKV0Md"],[class="YmvwI"],[class="YyVfkd"],[class="fl"]
+bindurl ^http(s)?://news\.ycombinator\.com c hint -Jc [class="titleline"],[class="age"]
+bindurl ^http(s)?://lobste\.rs c hint -Jc [class="u-url"],[class="comments_label"]
+bindurl ^http(s)?://www\.google\.com gi composite focusinput -l ; text.end_of_line
+
+" Search in page
+set findcase smart
+bind / fillcmdline find
+bind ? fillcmdline find -?
+bind n findnext 1
+bind N findnext -1
+
+bind j scrollline 4
+bind k scrollline -4
+
+
+" WARNING: This file defines and runs a command called fixamo_quiet. If you
+" also have a malicious addon that operates on `<all_urls>` installed this
+" will allow it to steal your firefox account credentials!
+"
+" With those credentials, an attacker can read anything in your sync account,
+" publish addons to the AMO, etc, etc.
+"
+" Without this command a malicious addon can steal credentials from any site
+" that you visit that is not in the restrictedDomains list.
+"
+" You should comment out the fixamo lines unless you are entirely sure that
+" they are what you want.
+command fixamo_quiet jsb tri.excmds.setpref("privacy.resistFingerprinting.block_mozAddonManager", "true").then(tri.excmds.setpref("extensions.webextensions.restrictedDomains", '""'))
+command fixamo js tri.excmds.setpref("privacy.resistFingerprinting.block_mozAddonManager", "true").then(tri.excmds.setpref("extensions.webextensions.restrictedDomains", '""').then(tri.excmds.fillcmdline_tmp(3000, "Permissions added to user.js. Please restart Firefox to make them take affect.")))
+
+fixamo_quiet
+set allowautofocus false
+
+" The following modification allows Tridactyl to function on more pages, e.g. raw GitHub pages.
+" You may not wish to run this. Mozilla strongly feels that you shouldn't.
+" Read https://wiki.mozilla.org/Security/CSP#Goals for more information.
+"
+" Equivalent to `set csp clobber` before it was removed.
+" This weakens your defences against cross-site-scripting attacks
+" and other types of code-injection by reducing the strictness
+" of Content Security Policy on all sites in a couple of ways.
+"
+" We remove the sandbox directive
+" https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/sandbox
+" which allows our iframe (and anyone else's) to run on any website.
+"
+" We weaken the style-src directive
+" https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/style-src
+" to allow us to theme our elements.
+" This exposes you to 'cross site styling' attacks
+jsb browser.webRequest.onHeadersReceived.addListener(tri.request.clobberCSP,{urls:["<all_urls>"],types:["main_frame"]},["blocking","responseHeaders"])
+
+" default is 300ms
+set hintdelay 100
+
+" Some pages like github break on the tridactyl quick search. have this as a fallback
+unbind <C-f>
+
+" Subconfig Settings
+seturl www.google.com followpagepatterns.next Next
+seturl www.google.com followpagepatterns.prev Previous
+
+" Autocmds
+autocmd DocStart undefined mode ignore
+autocmd DocStart pokerogue.net mode ignore
+autocmd DocStart typelit.io mode ignore
+autocmd DocStart vc-impimba-1.m.imp.ac.at/ui/webconsole mode ignore
+
+" For syntax highlighting see https://github.com/tridactyl/vim-tridactyl
+" vim: set filetype=tridactyl
+
+
    
+
    
+
    
+
    
+
    
+
    6.3. Waybar style.css
    
+
    
+
    
+This is the stylesheet used by waybar.
+
    
+
+
    
+
    @define-color foreground #fdf6e3;
+@define-color background #1a1a1a;
+@define-color background-alt #292b2e;
+@define-color foreground-warning #268bd2;
+@define-color background-warning @background;
+@define-color foreground-error red;
+@define-color background-error @background;
+@define-color foreground-critical gold;
+@define-color background-critical blue;
+
+
+ * {
+    border: none;
+    border-radius: 0;
+    font-family: "FiraCode Nerd Font Propo", "Font Awesome 5 Free";
+    font-size: 14px;
+    min-height: 0;
+    margin: -1px 0px;
+}
+
+window#waybar {
+        background: transparent;
+        color: @foreground;
+        transition-duration: .5s;
+}
+
+window#waybar.hidden {
+    opacity: 0.2;
+}
+
+
+#mpris {
+    padding: 0 10px;
+    background-color: transparent;
+    color: #1DB954;
+    font-family: Monospace;
+    font-size: 12px;
+}
+
+#custom-right-arrow-dark,
+#custom-left-arrow-dark {
+        color: @background;
+        background: @background-alt;
+        font-size: 24px;
+}
+
+#window {
+        font-size: 12px;
+        padding: 0 20px;
+}
+
+#mode {
+    background: @background-critical;
+    color: @foreground-critical;
+    padding: 0 3px;
+}
+
+#privacy,
+#custom-configwarn {
+    color: black;
+    padding: 0 3px;
+    animation-name: configblink;
+    animation-duration: 0.5s;
+    animation-timing-function: linear;
+    animation-iteration-count: infinite;
+    animation-direction: alternate;
+}
+
+#custom-nix-updates {
+    color: white;
+    padding: 0 3px;
+}
+
+#custom-outer-right-arrow-dark,
+#custom-outer-left-arrow-dark {
+        color: @background;
+        font-size: 24px;
+}
+
+#custom-outer-left-arrow-dark,
+#custom-left-arrow-dark,
+#custom-left-arrow-light {
+        margin: 0 -1px;
+}
+
+#custom-right-arrow-light,
+#custom-left-arrow-light {
+        color: @background-alt;
+        background: @background;
+        font-size: 24px;
+}
+
+#workspaces,
+#clock.1,
+#clock.2,
+#clock.3,
+#pulseaudio,
+#memory,
+#cpu,
+#temperature,
+#custom-scratchpad-indicator,
+#power-profiles-daemon,
+#idle_inhibitor,
+#backlight-slider,
+#mpris,
+#tray {
+    background: @background;
+}
+
+#network,
+#custom-vpn,
+#clock.2,
+#battery,
+#cpu,
+#custom-pseudobat,
+#disk {
+    background: @background-alt;
+}
+
+
+#workspaces button {
+        padding: 0 2px;
+        color: #fdf6e3;
+}
+#workspaces button.focused {
+        color: @foreground-warning;
+}
+
+#workspaces button:hover {
+    background: @foreground;
+    color: @background;
+        border: @foreground;
+        padding: 0 2px;
+        box-shadow: inherit;
+        text-shadow: inherit;
+}
+
+#workspaces button.urgent {
+    color: @background-critical;
+    background: @foreground-critical;
+}
+
+#custom-vpn,
+#network {
+    color: #cc99c9;
+}
+
+#temperature,
+#power-profiles-daemon {
+    color: #9ec1cf;
+}
+
+#disk {
+    /*color: #b58900;*/
+    color: #9ee09e;
+}
+
+#custom-scratchpad-indicator {
+    color: #ffffff;
+}
+
+#disk.warning {
+    color:            @foreground-error;
+    background-color: @background-error;
+}
+#disk.critical,
+#temperature.critical {
+    color:            @foreground-critical;
+    background-color: @background-critical;
+    animation-name: blink;
+    animation-duration: 0.5s;
+    animation-timing-function: linear;
+    animation-iteration-count: infinite;
+    animation-direction: alternate;
+}
+#pulseaudio.muted {
+    color: @foreground-error;
+}
+#memory {
+        /*color: #2aa198;*/
+        color: #fdfd97;
+}
+#cpu {
+    /*color: #6c71c4;*/
+    color: #feb144;
+}
+
+#pulseaudio {
+    /*color: #268bd2;*/
+    color: #ff6663;
+}
+
+#battery,
+#custom-pseudobat {
+        color: cyan;
+}
+#battery.discharging {
+    color:      #859900;
+}
+
+@keyframes blink {
+    to {
+        color:            @foreground-error;
+        background-color: @background-error;
+    }
+}
+@keyframes configblink {
+    to {
+        color:            @foreground-error;
+        background-color: transparent;
+    }
+}
+
+#battery.critical:not(.charging) {
+    color:            @foreground-critical;
+    background-color: @background-critical;
+    animation-name: blink;
+    animation-duration: 0.5s;
+    animation-timing-function: linear;
+    animation-iteration-count: infinite;
+    animation-direction: alternate;
+}
+
+#backlight-slider slider {
+    min-height: 0px;
+    min-width: 0px;
+    opacity: 0;
+    background-image: none;
+    border: none;
+    box-shadow: none;
+}
+#backlight-slider trough {
+    min-height: 5px;
+    min-width: 80px;
+    border-radius: 5px;
+    background-color: black;
+}
+#backlight-slider highlight {
+    min-width: 0px;
+    border-radius: 5px;
+    background-color: grey;
+}
+
+#clock.1,
+#clock.2,
+#clock.3 {
+    font-family: Monospace;
+}
+
+#clock,
+#pulseaudio,
+#memory,
+#cpu,
+#tray,
+#temperature,
+#power-profiles-daemon,
+#network,
+#custom-vpn,
+#mpris,
+#battery,
+#custom-scratchpad-indicator,
+#custom-pseudobat,
+#disk {
+    padding: 0 3px;
+}
+
+
    
+
    
+
    
+
    
+
    
+
    6.4. justfile
    
+
    
+
    
+This file defines a few workflows that I often need to run when working on my configuration. This works similar to make, but is geared towards general tasks and as such requires no extra handling (as long as there are no dependencies involved) or .PHONY recipes.
+
    
+
+
    
+(In the org-src block I still call it a Makefile in order to get syntax highlighting)
+
    
+
+
    
+
    +default:
+  @just --list
+
+check:
+  nix flake check --keep-going
+
+check-trace:
+  nix flake check --show-trace
+
+update:
+  nix flake update
+
+iso:
+  rm -rf result
+  nix build .#nixosConfigurations.iso.config.system.build.isoImage && ln -sf result/iso/*.iso latest.iso
+
+iso-flake FLAKE SYSTEM="x86_64" FORMAT="iso":
+  nixos-generate --flake .#{{FLAKE}} -f {{FORMAT}} --system {{SYSTEM}}
+
+iso-install DRIVE: iso
+  sudo dd if=$(eza --sort changed result/iso/*.iso | tail -n1) of={{DRIVE}} bs=4M status=progress oflag=sync
+
+dd DRIVE ISO:
+  sudo dd if=$(eza --sort changed {{ISO}} | tail -n1) of={{DRIVE}} bs=4M status=progress oflag=sync
+
+sync USER HOST:
+  rsync -av --filter=':- .gitignore' -e "ssh -l {{USER}}" . {{USER}}@{{HOST}}:.dotfiles/
+
+
    
+
    
+
    
+
    
+
    
+
    6.5. statix.toml
    
+
    
+
    
+This file is used to tell statix which checks and folders/fiels to ignore, as well as to specify the nix version that it should use.
+
    
+
+
    
+I need this mainly to disable the repeated_keys check, which checks if there is an attribute set called twice without stepping into it. While in general this should be avoided, since I am tangling some files and need to use the top-level attribute in each org-src block, the check would fail for all these cases.
+
    
+
+
    
+
    +disabled = [
+  "repeated_keys"
+]
+nix_version = '2.4'
+ignore = ['.direnv']
+
+
    
+
    
+
    
+
    
+
    
 
    
 
    
 
    Author: Leon Schwarzäugl
    
-
    Created: 2024-12-28 Sa 18:15
    
+
    Created: 2024-12-29 So 02:23
    
 
    Validate