From c1517c1ae1c5d3141175df1c2ac8f2aeabf04eb7 Mon Sep 17 00:00:00 2001 From: Swarsel Date: Tue, 10 Dec 2024 23:56:13 +0100 Subject: [PATCH] docs: improve readability of SwarselSystems.org --- SwarselSystems.org | 242 +- index.html | 3734 +++++++++++++++--------------- modules/home/darwin.nix | 1 + profiles/common/home/stylix.nix | 4 +- profiles/common/nixos/stylix.nix | 4 +- 5 files changed, 2030 insertions(+), 1955 deletions(-) diff --git a/SwarselSystems.org b/SwarselSystems.org index c4ba986..e9b1c55 100644 --- a/SwarselSystems.org +++ b/SwarselSystems.org @@ -97,30 +97,28 @@ The rest of this file will now contain actual code that is used in the configura :CUSTOM_ID: h:d39b8dfb-536d-414f-9fc0-7d67df48cee4 :END: -These blocks are used in several places throughout the configurations, but not on all machines necessarily. For example, the theming section needs to be in a NixOS block on NixOS machines but in a home-manager block on non-NixOS. This serves to reduce code duplication. +These blocks are used in several places throughout the configurations, but not on all machines necessarily. For example, the theming section needs to be in a NixOS block on NixOS machines but in a home-manager block on non-NixOS. -** Non-NixOS -:PROPERTIES: -:CUSTOM_ID: h:237b9f25-1fa3-484e-952e-99175dbb91c5 -:END: +Originally, I used this method a lot throughout my configuration. However, as my knowledge of NixOS grew, I have been weeding these snippets out more and more as I find more efficient native solutions. Now, only the theming block remains. -These blocks are to be used on systems that are not running NixOS. For example, one such system would be a Fedora system running home manager, where the respective NixOS features might not be available. +This serves only to reduce code duplication in this file. The tangled files experience no size reduction, since noweb-ref only substitutes these blocks in. -*** Theme (stylix) +** Theme (stylix) :PROPERTIES: :CUSTOM_ID: h:5bc1b0c9-dc59-4c81-b5b5-e60699deda78 :END: -This is where the theme for the whole OS is defined. This noweb-ref section cannot be copied to the general NixOS config for now since they are on different folder structure levels in the config, which would make the flake impure. - For styling, I am using the [[https://github.com/danth/stylix][stylix]] NixOS module, loaded by flake. This package is really great, as it adds nix expressions for basically everything. Ever since switching to this, I did not have to play around with theming anywhere else. The full list of nerd-fonts can be found here: https://github.com/NixOS/nixpkgs/blob/nixos-unstable/pkgs/data/fonts/nerd-fonts/manifests/fonts.json +This is where the theme for the whole OS is defined. Originally, this noweb-ref section could not be copied to the general NixOS config since they are on different folder structure levels in the config, which would have made the flake impure. By now, I have found out that using the =${self}= method for referencing the flake root, I could circumvent this problem. Also, the noweb-ref block could in general be replaced by a custom attribute set (see for example [[#h:e7f98ad8-74a6-4860-a368-cce154285ff0][firefox]]). The difference here is, however, that this block is used in a NixOS and a home-manager-only configuration, verbatim. If I were to use an attribute set, I would have to duplicate this block once each for NixOS and home-manager. Alas, this block stays (for now). + + #+begin_src nix :tangle no :noweb-ref theme enable = true; - base16Scheme = ../../../wallpaper/swarsel.yaml; + base16Scheme = "${self}/wallpaper/swarsel.yaml"; # base16Scheme = "${pkgs.base16-schemes}/share/themes/shapeshifter.yaml"; polarity = "dark"; opacity.popups = 0.5; @@ -311,14 +309,13 @@ Set in firefox `about:config > toolkit.legacyUserProfileCustomizations.styleshee #+end_src -** NixOS :PROPERTIES: :CUSTOM_ID: h:996e9c5f-ed65-4f4f-b043-5a901ed74358 :END: These settings are to be used only on full NixOS setups. -** flake.nix +* flake.nix :PROPERTIES: :CUSTOM_ID: h:c7588c0d-2528-485d-b2df-04d6336428d7 :END: @@ -369,16 +366,8 @@ This sections puts together the =flake.nix= file from the [[#h:d39b8dfb-536d-414 in { <> - # NixOS setups - run home-manager as a NixOS module for better compatibility - # another benefit - full rebuild on nixos-rebuild switch - # run rebuild using `nswitch` - - # NEW HOSTS: For a new host, decide whether a NixOS (nixosConfigurations) or non-NixOS (homeConfigurations) is used. - # Make sure to move hardware-configuration to the appropriate location, by default it is found in /etc/nixos/. nixosConfigurations = <> - # pure Home Manager setups - for non-NixOS machines - # run rebuild using `hmswitch` homeConfigurations = { <> @@ -445,7 +434,7 @@ This file defines a number of checks that can either be run by calling =nix flak } #+end_src -*** Inputs +** Inputs :PROPERTIES: :CUSTOM_ID: h:8a411ee2-a58e-4b5b-99bd-4ba772f8f0a2 :END: @@ -594,7 +583,7 @@ A short overview over each input and what it does: }; #+end_src -*** let +** let :PROPERTIES: :CUSTOM_ID: h:df0072bc-853f-438f-bd85-bfc869501015 :END: @@ -667,7 +656,7 @@ Lastly I define some common module lists that I can simply load depending on the # ]; #+end_src -*** General (outputs) +** General (outputs) :PROPERTIES: :CUSTOM_ID: h:54cd8f65-a3ba-43c3-ae37-5f04383fe720 :END: @@ -724,13 +713,17 @@ In this section I am creating some attributes that define general concepts of my #+end_src -*** nixosConfigurations +** nixosConfigurations :PROPERTIES: :CUSTOM_ID: h:9c9b9e3b-8771-44fa-ba9e-5056ae809655 :END: This section used to be much longer, since I performed all of my imports right here in the past. Since then, I have however refactored and now my important hosts can be defined in little space. Once I have fully transitioned my server to NixOS too this section will become even smaller once more. +Note: The preceding =nixosConfigurations= is found in [[#h:aee5ec75-7ca6-40d8-b6ac-a3e7e33a474b][flake.nix template]]. Also, the method of generating the hosts was changed in commit +=3a272b1 feat!: dynamically create hosts=, and the deprecated system definitions removed in =7457109 main chore: remove deprecated static host config=. See those commits for a state with a simpler config. + + #+begin_src nix :tangle no :noweb-ref flakenixosconf mkFullHostConfigs (readHosts "nixos") true; @@ -743,13 +736,16 @@ This section used to be much longer, since I performed all of my imports right h And this defines darwin systems (MacOS), which I only have one of, that serves as a template mostly. +Note: The preceding =darwinConfigurations= is found in [[#h:aee5ec75-7ca6-40d8-b6ac-a3e7e33a474b][flake.nix template]]. Also, the method of generating the hosts was changed in commit +=3a272b1 feat!: dynamically create hosts=, and the deprecated system definitions removed in =7457109 main chore: remove deprecated static host config=. See those commits for a state with a simpler config. + #+begin_src nix :tangle no :noweb-ref flakedarwinconf mkFullHostConfigs (readHosts "darwin") false; #+end_src -*** homeConfigurations +** homeConfigurations :PROPERTIES: :CUSTOM_ID: h:f881aa05-a670-48dd-a57b-2916abdcb692 :END: @@ -768,7 +764,7 @@ In contrast, this defines home-manager systems, which I only have one of, that s #+end_src -*** nixOnDroidConfigurations +** nixOnDroidConfigurations :PROPERTIES: :CUSTOM_ID: h:5f6ef553-59f9-4239-b6f3-63d33b57f335 :END: @@ -803,6 +799,9 @@ This section mainly exists house different `configuration.nix` files for system :CUSTOM_ID: h:58dc6384-0d19-4f71-9043-4014bd033ba2 :END: **** live (ISO) +:PROPERTIES: +:CUSTOM_ID: h:8583371d-5d47-468b-84ba-210aad7e2c90 +:END: @@ -1178,6 +1177,9 @@ My work machine. Built for more security, this is the gold standard of my config #+end_src **** Winters (Server) +:PROPERTIES: +:CUSTOM_ID: h:932ef6b0-4c14-4200-8e3f-2e208e748746 +:END: #+begin_src nix :tangle hosts/nixos/winters/default.nix @@ -1258,6 +1260,9 @@ My work machine. Built for more security, this is the gold standard of my config #+end_src **** nbm-imba-166 (MacBook Pro) +:PROPERTIES: +:CUSTOM_ID: h:28e1a7eb-356b-4015-83f7-9c552c8c0e9d +:END: #+begin_src nix :tangle hosts/darwin/nbm-imba-166/default.nix @@ -1297,6 +1302,9 @@ My work machine. Built for more security, this is the gold standard of my config #+end_src **** Magicant (Phone) +:PROPERTIES: +:CUSTOM_ID: h:729af373-37e7-4379-9a3d-b09792219415 +:END: #+begin_src nix :tangle hosts/nix-on-droid/magicant/default.nix @@ -1533,7 +1541,6 @@ I have removed most of the machines from this section. What remains are some hos #+end_src - ** Overlays, packages, and modules :PROPERTIES: :CUSTOM_ID: h:ab272ab4-3c93-48b1-8f1e-f710aa9aae5d @@ -1557,6 +1564,8 @@ As such, I also define three additional overlays: This is the central station for self-defined packages. These are all referenced in =default.nix=. Wherever possible, I am keeping the shell version of these scripts in this file as well and then read it using =builtin.readFile= in the NixOS configurations. This lets me keep full control in this one file but also keep the separate files uncluttered. +Note: The structure of generating the packages was changed in commit =2cf03a3 refactor: package and module generation=. That commit can be checked out in order to see a simpler version of achieving the same thing. + #+begin_src nix :tangle pkgs/default.nix { pkgs, ... }: let @@ -1701,6 +1710,9 @@ The version of =cura= used to be quite outdated in nixpkgs. I am fetching a newe #+end_src **** hm-specialisation +:PROPERTIES: +:CUSTOM_ID: h:e6612cff-0804-47ef-9f2b-d2cc6d81a896 +:END: This script allows for quick git home-manager specialisation switching. @@ -2144,6 +2156,9 @@ This utility checks if there are updated packages in nixpkgs-unstable. It does s #+end_src **** screenshare +:PROPERTIES: +:CUSTOM_ID: h:960e539c-2a5a-4e21-b3d4-bcdfc8be8fda +:END: #+begin_src shell :tangle scripts/screenshare.sh @@ -2178,6 +2193,9 @@ This utility checks if there are updated packages in nixpkgs-unstable. It does s #+end_src **** bootstrap +:PROPERTIES: +:CUSTOM_ID: h:74db57ae-0bb9-4257-84be-eddbc85130dd +:END: This program sets up a new NixOS host. @@ -2374,6 +2392,8 @@ This file now holds all of the "nixpkgs-changes" that I am using across the conf In this section I define custom modules under the =swarsel= attribute. These are mostly used to define settings specific to a host. I keep these settings confined to either home-manager or nixos to maintain compatibility with non-NixOS machines. +Note: The structure of generating the packages was changed in commit =2cf03a3 refactor: package and module generation=. That commit can be checked out in order to see a simpler version of achieving the same thing. + **** NixOS :PROPERTIES: :CUSTOM_ID: h:14e68518-8ec7-48ec-b208-0e3d6d49954d @@ -2482,6 +2502,9 @@ I usually use =mutableUsers = false= in my NixOS configuration. However, on a ne #+end_src ***** Input +:PROPERTIES: +:CUSTOM_ID: h:45188d3c-9910-480b-beec-d5fd713b05fb +:END: #+begin_src nix :tangle modules/nixos/input.nix @@ -2527,7 +2550,6 @@ This lets me quickly set flags for "special" file systems. These options mostly } #+end_src - **** home-manager :PROPERTIES: :CUSTOM_ID: h:ced5841f-c088-4d88-b3a1-7d62aad8837b @@ -2795,6 +2817,9 @@ These are some extra options that will be used if the machine also runs NixOS. F #+end_src ***** darwin +:PROPERTIES: +:CUSTOM_ID: h:79f7150f-b162-4f57-abdf-07f40dffd932 +:END: #+begin_src nix :noweb yes :tangle modules/home/darwin.nix { lib, ... }: @@ -2876,6 +2901,9 @@ Another duplicated option for the filesystem. #+end_src ***** firefox +:PROPERTIES: +:CUSTOM_ID: h:e7f98ad8-74a6-4860-a368-cce154285ff0 +:END: #+begin_src nix :noweb yes :tangle modules/home/firefox.nix { lib, pkgs, ... }: @@ -3033,7 +3061,6 @@ Another duplicated option for the filesystem. } #+end_src - ** NixOS :PROPERTIES: :CUSTOM_ID: h:6da812f5-358c-49cb-aff2-0a94f20d70b3 @@ -3048,6 +3075,9 @@ Here we have NixOS options. All options are split into smaller files that are lo These are system-level settings specific to NixOS machines. All settings that are required on all machines go here. **** Imports, non-server settings +:PROPERTIES: +:CUSTOM_ID: h:4acbe063-188b-42e7-b75c-b6d2e232e784 +:END: This section is for setting things that should be used on hosts that are using the default NixOS configuration. This means that servers should NOT import this, as much of these imported modules are user-configured. @@ -3104,6 +3134,9 @@ This section is for setting things that should be used on hosts that are using t #+end_src **** General NixOS settings (enable home-manager module, stateVersion) +:PROPERTIES: +:CUSTOM_ID: h:24c9146f-2147-4fd5-bafc-d5853e15cf12 +:END: Also, we disable the warnings that trigger when rebuilding with a dirty flake. At this point, I am also disabling channels and pinning the flake registry - the latter lets me use the local version of nixpkgs for commands like =nix shell= (without it, we will always download the newest version of nixpkgs for these commands). @@ -3256,6 +3289,9 @@ Mostly used to install some compilers and lsp's that I want to have available wh #+end_src **** Setup home-manager +:PROPERTIES: +:CUSTOM_ID: h:7f6d6908-4d02-4907-9c70-f802f4358520 +:END: First, we enable the use of =home-manager= as a NixoS modul. @@ -3864,7 +3900,7 @@ By default, [[https://github.com/danth/stylix][stylix]] wants to style GRUB as w =theme= is defined in [[#h:5bc1b0c9-dc59-4c81-b5b5-e60699deda78][Theme (stylix)]]. #+begin_src nix :noweb yes :tangle profiles/common/nixos/stylix.nix - { pkgs, home-manager, config, ... }: + { self, pkgs, home-manager, config, ... }: { stylix = { <> @@ -4537,6 +4573,9 @@ A friend of mine used this service and I used to make fun of him. But I have to #+end_src **** Podmam (distrobox) +:PROPERTIES: +:CUSTOM_ID: h:1bef3914-a258-4585-b232-e0fbe9e7a9b5 +:END: I am using distrobox to quickly circumvent isses that I cannot immediately solve on NixOS. It is always the goal to quickly get things working on NixOS, but this prevents me from getting completely stuck. @@ -4556,6 +4595,9 @@ I am using distrobox to quickly circumvent isses that I cannot immediately solve #+end_src **** Handle lid switch correctly +:PROPERTIES: +:CUSTOM_ID: h:a5a0d84e-c7b3-4164-a4c7-2e2d8ada69cd +:END: This turns off the display when the lid is closed. @@ -4589,7 +4631,13 @@ This turns off the display when the lid is closed. #+end_src *** Server +:PROPERTIES: +:CUSTOM_ID: h:e492c24a-83a0-4bcb-a084-706f49318651 +:END: **** Imports +:PROPERTIES: +:CUSTOM_ID: h:4e64e564-b7cb-469f-bd79-cd3efb3caa62 +:END: First, we enable the use of =home-manager= as a NixoS module. @@ -4639,6 +4687,9 @@ Also, the system state version is set here. No need to touch it. #+end_src **** General NixOS Server settings +:PROPERTIES: +:CUSTOM_ID: h:dc365e83-f6c8-4d05-a390-b5f2d01649b4 +:END: #+begin_src nix :tangle profiles/server/nixos/settings.nix { lib, config, ... }: @@ -4664,6 +4715,9 @@ Also, the system state version is set here. No need to touch it. #+end_src **** System Packages +:PROPERTIES: +:CUSTOM_ID: h:6f2967d9-7e32-4605-bb5c-5e27770bec0f +:END: #+begin_src nix :tangle profiles/server/nixos/packages.nix { pkgs, ... }: @@ -4679,6 +4733,9 @@ Also, the system state version is set here. No need to touch it. #+end_src **** sops +:PROPERTIES: +:CUSTOM_ID: h:313f7940-e8bb-4b5d-97cb-e2fea4e665e4 +:END: #+begin_src nix :tangle profiles/server/nixos/sops.nix { config, ... }: @@ -4693,6 +4750,9 @@ Also, the system state version is set here. No need to touch it. #+end_src **** nfs/samba (smb) +:PROPERTIES: +:CUSTOM_ID: h:d6840d31-110c-465f-93fa-0306f755de28 +:END: #+begin_src nix :tangle profiles/server/nixos/nfs.nix { pkgs, ... }: @@ -4747,6 +4807,9 @@ Also, the system state version is set here. No need to touch it. #+end_src **** NGINX +:PROPERTIES: +:CUSTOM_ID: h:302468d2-106a-41c8-b2bc-9fdc40064a9c +:END: #+begin_src nix :tangle profiles/server/nixos/nginx.nix { pkgs, config, ... }: @@ -4787,6 +4850,9 @@ Also, the system state version is set here. No need to touch it. #+end_src **** ssh +:PROPERTIES: +:CUSTOM_ID: h:f3db197d-1d03-4bf8-b59f-f9891b358f0b +:END: #+begin_src nix :tangle profiles/server/nixos/ssh.nix { self, ... }: @@ -4807,6 +4873,9 @@ Also, the system state version is set here. No need to touch it. #+end_src **** kavita +:PROPERTIES: +:CUSTOM_ID: h:d33f5982-dfe6-42d0-9cf2-2cd8c7b04295 +:END: #+begin_src nix :tangle profiles/server/nixos/kavita.nix { pkgs, lib, config, ... }: @@ -4854,6 +4923,9 @@ Also, the system state version is set here. No need to touch it. #+end_src **** jellyfin +:PROPERTIES: +:CUSTOM_ID: h:e0d4c16e-ab64-48ac-9734-1ab62953ad4b +:END: #+begin_src nix :tangle profiles/server/nixos/jellyfin.nix { pkgs, lib, config, ... }: @@ -4903,6 +4975,9 @@ Also, the system state version is set here. No need to touch it. #+end_src **** navidrome +:PROPERTIES: +:CUSTOM_ID: h:f347f3ad-5100-4c4f-8616-cfd7f8e14a72 +:END: #+begin_src nix :tangle profiles/server/nixos/navidrome.nix { pkgs, lib, inputs, config, ... }: @@ -5004,6 +5079,9 @@ Also, the system state version is set here. No need to touch it. #+end_src **** spotifyd +:PROPERTIES: +:CUSTOM_ID: h:ec9c5a7d-ea8b-46d5-809c-163c917f5c41 +:END: #+begin_src nix :tangle profiles/server/nixos/spotifyd.nix { lib, config, ... }: @@ -5043,6 +5121,9 @@ Also, the system state version is set here. No need to touch it. #+end_src **** mpd +:PROPERTIES: +:CUSTOM_ID: h:baa4149b-3788-4b05-87ec-0ee9d0726117 +:END: #+begin_src nix :tangle profiles/server/nixos/mpd.nix { pkgs, lib, config, ... }: @@ -5099,6 +5180,9 @@ Also, the system state version is set here. No need to touch it. #+end_src **** matrix +:PROPERTIES: +:CUSTOM_ID: h:1e68d84a-8f99-422f-89ac-78f664ac0013 +:END: #+begin_src nix :tangle profiles/server/nixos/matrix.nix { config, lib, pkgs, sops, ... }: @@ -5422,6 +5506,9 @@ Also, the system state version is set here. No need to touch it. #+end_src **** nextcloud +:PROPERTIES: +:CUSTOM_ID: h:d11ad8d5-25d7-4691-b319-61c16ccef715 +:END: #+begin_src nix :tangle profiles/server/nixos/nextcloud.nix { pkgs, lib, config, ... }: @@ -5470,6 +5557,9 @@ Also, the system state version is set here. No need to touch it. #+end_src **** immich +:PROPERTIES: +:CUSTOM_ID: h:33bad8ad-b362-4bf1-8a49-b9df92329aed +:END: #+begin_src nix :tangle profiles/server/nixos/immich.nix { lib, config, ... }: @@ -5524,6 +5614,9 @@ Also, the system state version is set here. No need to touch it. #+end_src **** paperless +:PROPERTIES: +:CUSTOM_ID: h:89638fb5-0593-4420-9567-f85f0223e341 +:END: #+begin_src nix :tangle profiles/server/nixos/paperless.nix { lib, config, ... }: @@ -5579,6 +5672,9 @@ Also, the system state version is set here. No need to touch it. #+end_src **** transmission +:PROPERTIES: +:CUSTOM_ID: h:5afeb311-ab86-4029-be53-2160f6d836c3 +:END: #+begin_src nix :tangle profiles/server/nixos/transmission.nix { pkgs, lib, config, ... }: @@ -5717,6 +5813,9 @@ Also, the system state version is set here. No need to touch it. #+end_src **** syncthing +:PROPERTIES: +:CUSTOM_ID: h:ad2787a2-7b1c-4326-aeff-9d8d6c3f591d +:END: #+begin_src nix :tangle profiles/server/nixos/syncthing.nix { lib, config, ... }: @@ -5832,6 +5931,9 @@ Also, the system state version is set here. No need to touch it. #+end_src **** restic +:PROPERTIES: +:CUSTOM_ID: h:b73ac8bf-b721-4563-9eff-973925c99a39 +:END: #+begin_src nix :tangle profiles/server/nixos/restic.nix { lib, config, ... }: @@ -5845,6 +5947,9 @@ Also, the system state version is set here. No need to touch it. #+end_src **** monitoring +:PROPERTIES: +:CUSTOM_ID: h:a31c7192-e11d-4a26-915d-1bbc38e373d3 +:END: #+begin_src nix :tangle profiles/server/nixos/monitoring.nix { self, lib, config, ... }: @@ -6010,6 +6115,9 @@ Also, the system state version is set here. No need to touch it. #+end_src **** Jenkins +:PROPERTIES: +:CUSTOM_ID: h:23452a18-a0a1-4515-8612-ceb19bb5fc22 +:END: #+begin_src nix :tangle profiles/server/nixos/jenkins.nix { pkgs, lib, config, ... }: @@ -6050,6 +6158,9 @@ Also, the system state version is set here. No need to touch it. #+end_src **** Emacs (RSS Server) +:PROPERTIES: +:CUSTOM_ID: h:4e6824bc-c3db-485d-b543-4072e6283b62 +:END: #+begin_src nix :tangle profiles/server/nixos/emacs.nix { lib, config, ... }: @@ -6087,7 +6198,13 @@ Also, the system state version is set here. No need to touch it. #+end_src *** Darwin +:PROPERTIES: +:CUSTOM_ID: h:ac0cd8b3-06cf-4dca-ba73-6100c8fedb47 +:END: **** Imports +:PROPERTIES: +:CUSTOM_ID: h:25a95a30-8e4f-4fe3-9b8e-508a82e0a1b4 +:END: This section sets up all the imports that are used in the home-manager section. @@ -6206,6 +6323,9 @@ This sets the VirtualBox configuration. Guest should not be enabled if not direl #+end_src **** VmWare +:PROPERTIES: +:CUSTOM_ID: h:34db28fb-62f7-4597-a9ff-0de2991a8415 +:END: This sets the VirtualBox configuration. Guest should not be enabled if not direly needed, it will make rebuilds unbearably slow. @@ -6394,6 +6514,9 @@ Options that I need specifically at work. There are more options at [[#h:f0b2ea9 #+end_src **** Minimal Install +:PROPERTIES: +:CUSTOM_ID: h:3fc1d301-7bae-4678-9085-d12c23eed8ac +:END: These options are really only to be used on the iso image in order to run nixos-anywhere. @@ -6521,6 +6644,9 @@ This section sets up all the imports that are used in the home-manager section. #+end_src **** General home-manager-settings +:PROPERTIES: +:CUSTOM_ID: h:4af4f67f-7c48-4754-b4bd-6800e3a66664 +:END: Again, we adapt =nix= to our needs, enable the home-manager command for non-NixOS machines (NixOS machines are using it as a module) and setting user information that I always keep the same. @@ -6902,7 +7028,7 @@ This section has been notably empty ever since switching to stylix. Only Emacs i =theme= is defined in [[#h:5bc1b0c9-dc59-4c81-b5b5-e60699deda78][Theme (stylix)]]. #+begin_src nix :noweb yes :tangle profiles/common/home/stylix.nix - { lib, config, pkgs, ... }: + { self, lib, config, pkgs, ... }: { stylix = lib.mkIf (!config.swarselsystems.isNixos) { <> @@ -7542,6 +7668,9 @@ Here we set some aliases (some of them should be shellApplications instead) as w #+end_src **** zellij +:PROPERTIES: +:CUSTOM_ID: h:00de4901-631c-4b4c-86ce-d9d6e62ed8c7 +:END: #+begin_src nix :tangle profiles/common/home/zellij.nix _: # { pkgs, config, ... }: @@ -7746,6 +7875,9 @@ Here we set some aliases (some of them should be shellApplications instead) as w } #+end_src **** tmux +:PROPERTIES: +:CUSTOM_ID: h:45de9430-f925-4df6-9db6-bffb5b8f1604 +:END: #+begin_src nix :tangle profiles/common/home/tmux.nix { pkgs, ... }: @@ -9115,8 +9247,14 @@ This service changes the screen hue at night. I am not sure if that really does #+end_src *** Server +:PROPERTIES: +:CUSTOM_ID: h:b1a00339-6e9b-4ae4-b5dc-6fd5669a2ddb +:END: **** Imports +:PROPERTIES: +:CUSTOM_ID: h:7b4ee01a-b505-47da-8fb9-0b41285d0eab +:END: This section sets up all the imports that are used in the home-manager section. @@ -9134,6 +9272,9 @@ This section sets up all the imports that are used in the home-manager section. #+end_src **** Linking dotfiles +:PROPERTIES: +:CUSTOM_ID: h:9fac0904-b615-4d9d-9bae-54a6691999c3 +:END: This section should be used in order to symlink already existing configuration files using `home.file` and setting session variables using `home.sessionVariables`. @@ -9152,8 +9293,14 @@ As for the `home.sessionVariables`, it should be noted that environment variable #+end_src *** Darwin +:PROPERTIES: +:CUSTOM_ID: h:e0536bff-2552-4ac4-a34a-a23937a2c30f +:END: **** Imports +:PROPERTIES: +:CUSTOM_ID: h:cff37bdf-4f22-419a-af4e-2665ede9add0 +:END: This section sets up all the imports that are used in the home-manager section. @@ -9997,6 +10144,9 @@ This formats the org code block at =point= in accordance to the =nixpkgs-fmt= fo #+end_src **** Disable garbace collection while minibuffer is active +:PROPERTIES: +:CUSTOM_ID: h:3c436647-71e6-441c-b452-d817ad2f8331 +:END: #+begin_src emacs-lisp @@ -10342,6 +10492,9 @@ When Emacs compiles stuff, it often shows a bunch of warnings that I do not need #+end_src *** Better garbage collection +:PROPERTIES: +:CUSTOM_ID: h:1667913c-2272-4010-bf3a-356455b97c83 +:END: #+begin_src emacs-lisp (setq garbage-collection-messages t) (defmacro k-time (&rest body) @@ -11478,6 +11631,9 @@ This adds a rudimentary nix-mode to Emacs. I have not really tried this out, as :mode "\\.nix\\'") #+end_src *** HCL Mode +:PROPERTIES: +:CUSTOM_ID: h:e8074881-3441-4abd-b25b-358a87e7984f +:END: This adds support for Hashicorp Configuration Language. I need this at work. @@ -11490,6 +11646,9 @@ This adds support for Hashicorp Configuration Language. I need this at work. #+end_src *** Jenkinsfile/Groovy +:PROPERTIES: +:CUSTOM_ID: h:c9e3ffd7-4fb1-4a04-8563-92ceec4b4410 +:END: This adds support for Groovy, which I specifically need to work with Jenkinsfiles. I need this at work. @@ -11502,6 +11661,9 @@ This adds support for Groovy, which I specifically need to work with Jenkinsfile #+end_src *** Dockerfile +:PROPERTIES: +:CUSTOM_ID: h:534d8729-4422-4f0c-9ae6-d3737d4a6dd3 +:END: This adds support for Dockerfiles. I need this at work. @@ -11512,6 +11674,9 @@ This adds support for Dockerfiles. I need this at work. #+end_src *** Terraform Mode +:PROPERTIES: +:CUSTOM_ID: h:7834adb0-fbd3-4136-bdb7-6dbc9a083296 +:END: This adds support for Terraform configuration files. I need this at work. @@ -11540,6 +11705,9 @@ Adds functions for formatting nix code. #+end_src *** shfmt +:PROPERTIES: +:CUSTOM_ID: h:489a71c4-38af-44a3-a9ef-8b1ed1ee4ac4 +:END: Adds functions for formatting shellscripts. @@ -11608,6 +11776,9 @@ This mode is not automatically activated anywhere because I only rarely need it. #+end_src *** elfeed +:PROPERTIES: +:CUSTOM_ID: h:a83c5820-2016-44ae-90a0-4756bb471c01 +:END: #+begin_src emacs-lisp @@ -12288,6 +12459,9 @@ The following block is mostly inspired from [[https://code.kulupu.party/thesuess #+end_src *** eglot +:PROPERTIES: +:CUSTOM_ID: h:6cf0310b-2fdf-45f0-9845-4704649777eb +:END: After having tried out =lsp-mode= and =lsp-bridge= for a while each, I must say that =eglot= feels the most clean and fast to me. @@ -12338,6 +12512,9 @@ After having tried out =lsp-mode= and =lsp-bridge= for a while each, I must say #+end_src *** sideline-flymake +:PROPERTIES: +:CUSTOM_ID: h:d9cd31ea-6c8c-4f1f-83b8-7853bab53857 +:END: This brings back warnings and errors on the sideline for eglot; a feature that I have been missing from lsp-mode for a while. @@ -12905,6 +13082,9 @@ This sets up the =dashboard=, which is really quite useless. But, it looks cool #+end_src *** vterm +:PROPERTIES: +:CUSTOM_ID: h:a81fb9de-6b6b-4a4a-b758-5107c6e7f0cb +:END: #+begin_src emacs-lisp diff --git a/index.html b/index.html index f6f4d0d..e58a874 100644 --- a/index.html +++ b/index.html @@ -3,7 +3,7 @@ "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> - + SwarselSystems: NixOS + Emacs Configuration @@ -204,155 +204,147 @@
  • 1. Introduction (no code)
  • 2. Noweb-Ref blocks
    • -
  • 3. System +
  • 3. flake.nix @@ -423,7 +415,7 @@ system-configuration-options 
    ---prefix=/nix/store/b9fzqsndbrp844c1c6mkwd6qg6l6nnj3-emacs-pgtk-20241013.0 --disable-build-details --with-modules --with-pgtk --with-compress-install --with-toolkit-scroll-bars --with-native-compilation --without-imagemagick --with-mailutils --without-small-ja-dic --with-tree-sitter --without-xinput2 --without-xwidgets --with-dbus --with-selinux
+--prefix=/nix/store/qg96jwf3hwpzyydpibyg6vz1dk525cmj-emacs-pgtk-20241209.0 --disable-build-details --with-modules --with-pgtk --with-compress-install --with-toolkit-scroll-bars --with-native-compilation --without-imagemagick --with-mailutils --without-small-ja-dic --with-tree-sitter --without-xinput2 --without-xwidgets --with-dbus --with-selinux
    @@ -483,31 +475,37 @@ The rest of this file will now contain actual code that is used in the configura

    2. Noweb-Ref blocks

    -These blocks are used in several places throughout the configurations, but not on all machines necessarily. For example, the theming section needs to be in a NixOS block on NixOS machines but in a home-manager block on non-NixOS. This serves to reduce code duplication. -

    -
    -
    -

    2.1. Non-NixOS

    -
    -

    -These blocks are to be used on systems that are not running NixOS. For example, one such system would be a Fedora system running home manager, where the respective NixOS features might not be available. -

    -
    -
    -

    2.1.1. Theme (stylix)

    -
    -

    -This is where the theme for the whole OS is defined. This noweb-ref section cannot be copied to the general NixOS config for now since they are on different folder structure levels in the config, which would make the flake impure. +These blocks are used in several places throughout the configurations, but not on all machines necessarily. For example, the theming section needs to be in a NixOS block on NixOS machines but in a home-manager block on non-NixOS.

    +

    +Originally, I used this method a lot throughout my configuration. However, as my knowledge of NixOS grew, I have been weeding these snippets out more and more as I find more efficient native solutions. Now, only the theming block remains. +

    + +

    +This serves only to reduce code duplication in this file. The tangled files experience no size reduction, since noweb-ref only substitutes these blocks in. +

    +
    +
    +

    2.1. Theme (stylix)

    +

    For styling, I am using the stylix NixOS module, loaded by flake. This package is really great, as it adds nix expressions for basically everything. Ever since switching to this, I did not have to play around with theming anywhere else.

    +

    +The full list of nerd-fonts can be found here: https://github.com/NixOS/nixpkgs/blob/nixos-unstable/pkgs/data/fonts/nerd-fonts/manifests/fonts.json +

    + +

    +This is where the theme for the whole OS is defined. Originally, this noweb-ref section could not be copied to the general NixOS config since they are on different folder structure levels in the config, which would have made the flake impure. By now, I have found out that using the ${self} method for referencing the flake root, I could circumvent this problem. Also, the noweb-ref block could in general be replaced by a custom attribute set (see for example firefox). The difference here is, however, that this block is used in a NixOS and a home-manager-only configuration, verbatim. If I were to use an attribute set, I would have to duplicate this block once each for NixOS and home-manager. Alas, this block stays (for now). +

    + + 
     enable = true;
-base16Scheme = ../../../wallpaper/swarsel.yaml;
+base16Scheme = "${self}/wallpaper/swarsel.yaml";
 # base16Scheme = "${pkgs.base16-schemes}/share/themes/shapeshifter.yaml";
 polarity = "dark";
 opacity.popups = 0.5;
@@ -540,7 +538,8 @@ fonts = {
   };
 
   monospace = {
-    package = pkgs.nerdfonts; # has overrides
+    package = pkgs.nerd-fonts.fira-mono; # has overrides
+
     name = "FiraCode Nerd Font Mono";
   };
 
@@ -553,9 +552,8 @@ fonts = {
    -
    -

    2.1.2. firefox profile

    +

    2.1.1. firefox profile

    At work I am using several services that are using SSO login - however, as I am using four different accounts at work, this becomes a chore here. Hence, I have defined multiple profiles in Work that are all practically using the same configuration. To save screen space, I template that profile here. @@ -568,6 +566,8 @@ isDefault = false; userChrome = builtins.readFile ../../../programs/firefox/chrome/userChrome.css; extensions = with pkgs.nur.repos.rycee.firefox-addons; [ tridactyl + tampermonkey + sidebery browserpass clearurls darkreader @@ -585,179 +585,134 @@ extensions = with pkgs.nur.repos.rycee.firefox-addons; [ unpaywall don-t-fuck-with-paste plasma-integration + (buildFirefoxXpiAddon { + pname = "shortkeys"; + version = "4.0.2"; + addonId = "Shortkeys@Shortkeys.com"; + url = "https://addons.mozilla.org/firefox/downloads/file/3673761/shortkeys-4.0.2.xpi"; + sha256 = "c6fe12efdd7a871787ac4526eea79ecc1acda8a99724aa2a2a55c88a9acf467c"; + meta = with lib; + { + description = "Easily customizable custom keyboard shortcuts for Firefox. To configure this addon go to Addons (ctrl+shift+a) ->Shortkeys ->Options. Report issues here (please specify that the issue is found in Firefox): https://github.com/mikecrittenden/shortkeys"; + mozPermissions = [ + "tabs" + "downloads" + "clipboardWrite" + "browsingData" + "storage" + "bookmarks" + "sessions" + "<all_urls>" + ]; + platforms = platforms.all; + }; + }) ]; -search.engines = { - "Nix Packages" = { - urls = [{ - template = "https://search.nixos.org/packages"; - params = [ - { name = "type"; value = "packages"; } - { name = "query"; value = "{searchTerms}"; } - ]; - }]; - icon = "${pkgs.nixos-icons}/share/icons/hicolor/scalable/apps/nix-snowflake.svg"; - definedAliases = [ "@np" ]; +settings = + { + "extensions.autoDisableScopes" = 0; + "browser.bookmarks.showMobileBookmarks" = lock-true; + "toolkit.legacyUserProfileCustomizations.stylesheets" = lock-true; + "browser.search.suggest.enabled" = lock-false; + "browser.search.suggest.enabled.private" = lock-false; + "browser.urlbar.suggest.searches" = lock-false; + "browser.urlbar.showSearchSuggestionsFirst" = lock-false; + "browser.topsites.contile.enabled" = lock-false; + "browser.newtabpage.activity-stream.feeds.section.topstories" = lock-false; + "browser.newtabpage.activity-stream.feeds.snippets" = lock-false; + "browser.newtabpage.activity-stream.section.highlights.includePocket" = lock-false; + "browser.newtabpage.activity-stream.section.highlights.includeBookmarks" = lock-false; + "browser.newtabpage.activity-stream.section.highlights.includeDownloads" = lock-false; + "browser.newtabpage.activity-stream.section.highlights.includeVisited" = lock-false; + "browser.newtabpage.activity-stream.showSponsored" = lock-false; + "browser.newtabpage.activity-stream.system.showSponsored" = lock-false; + "browser.newtabpage.activity-stream.showSponsoredTopSites" = lock-false; }; - "NixOS Wiki" = { - urls = [{ - template = "https://nixos.wiki/index.php?search={searchTerms}"; - }]; - iconUpdateURL = "https://nixos.wiki/favicon.png"; - updateInterval = 24 * 60 * 60 * 1000; # every day - definedAliases = [ "@nw" ]; +search = { + default = "Kagi"; + privateDefault = "Kagi"; + engines = { + "Kagi" = { + urls = [{ + template = "https://kagi.com/search"; + params = [ + { name = "q"; value = "{searchTerms}"; } + ]; + }]; + iconUpdateURL = "https://kagi.com/favicon.ico"; + updateInterval = 24 * 60 * 60 * 1000; # every day + definedAliases = [ "@k" ]; + }; + + "Nix Packages" = { + urls = [{ + template = "https://search.nixos.org/packages"; + params = [ + { name = "type"; value = "packages"; } + { name = "query"; value = "{searchTerms}"; } + ]; + }]; + icon = "${pkgs.nixos-icons}/share/icons/hicolor/scalable/apps/nix-snowflake.svg"; + definedAliases = [ "@np" ]; + }; + + "NixOS Wiki" = { + urls = [{ + template = "https://nixos.wiki/index.php?search={searchTerms}"; + }]; + iconUpdateURL = "https://nixos.wiki/favicon.png"; + updateInterval = 24 * 60 * 60 * 1000; # every day + definedAliases = [ "@nw" ]; + }; + + "NixOS Options" = { + urls = [{ + template = "https://search.nixos.org/options"; + params = [ + { name = "query"; value = "{searchTerms}"; } + ]; + }]; + + icon = "${pkgs.nixos-icons}/share/icons/hicolor/scalable/apps/nix-snowflake.svg"; + definedAliases = [ "@no" ]; + }; + + "Home Manager Options" = { + urls = [{ + template = "https://home-manager-options.extranix.com/"; + params = [ + { name = "query"; value = "{searchTerms}"; } + ]; + }]; + + icon = "${pkgs.nixos-icons}/share/icons/hicolor/scalable/apps/nix-snowflake.svg"; + definedAliases = [ "@hm" "@ho" "@hmo" ]; + }; + + "Google".metaData.alias = "@g"; }; - - "NixOS Options" = { - urls = [{ - template = "https://search.nixos.org/options"; - params = [ - { name = "query"; value = "{searchTerms}"; } - ]; - }]; - - icon = "${pkgs.nixos-icons}/share/icons/hicolor/scalable/apps/nix-snowflake.svg"; - definedAliases = [ "@no" ]; - }; - - "Home Manager Options" = { - urls = [{ - template = "https://home-manager-options.extranix.com/"; - params = [ - { name = "query"; value = "{searchTerms}"; } - ]; - }]; - - icon = "${pkgs.nixos-icons}/share/icons/hicolor/scalable/apps/nix-snowflake.svg"; - definedAliases = [ "@hm" "@ho" "@hmo" ]; - }; - - "Google".metaData.alias = "@g"; + force = true; # this is required because otherwise the search.json.mozlz4 symlink gets replaced on every firefox restart }; -search.force = true; # this is required because otherwise the search.json.mozlz4 symlink gets replaced on every firefox restart

    -
    -
    -
    -
    -

    2.2. NixOS

    -
    + +

    +:CUSTOMID: h:996e9c5f-ed65-4f4f-b043-5a901ed74358 +

    +

    These settings are to be used only on full NixOS setups.

    -
    -

    2.2.1. Virtual hosts init

    -
    -

    -This sections is for common NixoS settings that I use for my NixoS LXC images that I run on Proxmox. Proxmox requires special attention to run along with NixOS in any capacity. -

    - -
    -
    -
-services = {
-  xserver.xkb = {
-    layout = "us";
-    variant = "altgr-intl";
-  };
-  openssh = {
-    enable = true;
-    settings.PermitRootLogin = "yes";
-    listenAddresses = [{
-      port = 22;
-      addr = "0.0.0.0";
-    }];
-  };
-};
-
-nix.settings.experimental-features = [ "nix-command" "flakes" ];
-
-proxmoxLXC = {
-  manageNetwork = true; # manage network myself
-  manageHostName = false; # manage hostname myself
-};
-
-networking = {
-  useDHCP = true;
-  enableIPv6 = false;
-};
-
-users.users.root.openssh.authorizedKeys.keyFiles = [
-  ../../../secrets/keys/authorized_keys
-];
-
-system.stateVersion = "23.05"; # TEMPLATE - but probably no need to change
-
-environment.shellAliases = {
-  nswitch = "cd /.dotfiles; git pull; nixos-rebuild --flake .#$(hostname) switch; cd -;";
-};
-
-
    -
    - -

    -This is again the hardware-configuration.nix wrap that you saw earlier, however for Proxmox systems we need to add some more NixOS modules for compatibility. -

    - -
    -
    -imports = [
-  (modulesPath + "/virtualisation/proxmox-lxc.nix")
-  ./hardware-configuration.nix
-];
-
-
-
-services = {
-  xserver.xkb = {
-    layout = "us";
-    variant = "altgr-intl";
-  };
-  openssh = {
-    enable = true;
-    settings.PermitRootLogin = "yes";
-    listenAddresses = [{
-      port = 22;
-      addr = "0.0.0.0";
-    }];
-  };
-};
-
-nix.settings.experimental-features = [ "nix-command" "flakes" ];
-
-proxmoxLXC = {
-  manageNetwork = true; # manage network myself
-  manageHostName = false; # manage hostname myself
-};
-
-networking = {
-  useDHCP = true;
-  enableIPv6 = false;
-};
-
-users.users.root.openssh.authorizedKeys.keyFiles = [
-  ../../../secrets/keys/authorized_keys
-];
-
-system.stateVersion = "23.05"; # TEMPLATE - but probably no need to change
-
-environment.shellAliases = {
-  nswitch = "cd /.dotfiles; git pull; nixos-rebuild --flake .#$(hostname) switch; cd -;";
-};
-
-
-
    -
    -
    -

    2.3. flake.nix

    -
    +
    +

    3. flake.nix

    +

    Handling the flake.nix file used to be a bit of a chore, since it felt like writing so much boilerplate code just to define new systems. The noweb-approach here makes this a little bit less painful.

    @@ -766,9 +721,340 @@ Handling the flake.nix file used to be a bit of a chore, since it felt like writ These blocks are later inserted here: flake.nix template. Adding new flake inputs is very easy, you just add them to Inputs & Inputs@Outputs first by name in the first source-block, and then the path in the second source-block. Any variables to be set for the host configuration are done in let, and the specific setup is done in either nixosConfigurations (for NixOS systems), homeConfigurations (for home-manager systems), or nixOnDroidConfigurations (for Nix on Android). There is also the [BROKEN LINK: h:6a08495a-8566-4bb5-9fac-b03df01f6c81] section that currently just defines a Proxmox LXC image.

    -
    -

    2.3.1. Inputs

    -
    +
    +

    3.1. flake.nix template

    +
    +

    +This sections puts together the flake.nix file from the Noweb-Ref blocks section. This tangles the flake.nix file; This block only needs to be touched when updating the general structure of the flake. For everything else, see the respective noweb-ref block. +

    + +
    +
    +{
+  description = "SwarseFlake - Nix Flake for all SwarselSystems";
+
+  nixConfig = {
+    extra-substituters = [
+      "https://nix-community.cachix.org"
+      "https://cache.ngi0.nixos.org/"
+    ];
+
+    extra-trusted-public-keys = [
+      "nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
+      "cache.ngi0.nixos.org-1:KqH5CBLNSyX184S9BKZJo1LxrxJ9ltnY2uAs5c/f1MA="
+    ];
+  };
+
+  inputs = {
+
+    nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable";
+
+    nixpkgs-stable.url = "github:NixOS/nixpkgs/nixos-24.05";
+
+    systems.url = "github:nix-systems/default-linux";
+
+    # user-level configuration
+    home-manager = {
+      url = "github:nix-community/home-manager";
+      inputs.nixpkgs.follows = "nixpkgs";
+    };
+
+    # overlay to access bleeding edge emacs
+    emacs-overlay = {
+      url = "github:nix-community/emacs-overlay";
+      inputs.nixpkgs.follows = "nixpkgs";
+    };
+
+    # nix user repository
+    # i use this mainly to not have to build all firefox extensions
+    # myself as well as for the emacs-init package (tbd)
+    nur.url = "github:nix-community/NUR";
+
+    # provides GL to non-NixOS hosts
+    nixgl.url = "github:guibou/nixGL";
+
+    # manages all theming using Home-Manager
+    stylix.url = "github:danth/stylix";
+
+    # nix secrets management
+    sops-nix.url = "github:Mic92/sops-nix";
+
+    # enable secure boot on NixOS
+    lanzaboote.url = "github:nix-community/lanzaboote";
+
+    # nix for android
+    nix-on-droid = {
+      url = "github:nix-community/nix-on-droid/release-24.05";
+      inputs.nixpkgs.follows = "nixpkgs";
+    };
+
+    # generate NixOS images
+    nixos-generators = {
+      url = "github:nix-community/nixos-generators";
+      inputs.nixpkgs.follows = "nixpkgs";
+    };
+
+    # hardware quirks on nix
+    nixos-hardware = {
+      url = "github:NixOS/nixos-hardware/master";
+    };
+
+    # dynamic library loading
+    nix-alien = {
+      url = "github:thiagokokada/nix-alien";
+    };
+
+    # automatic nintendo switch payload injection
+    nswitch-rcm-nix = {
+      url = "github:Swarsel/nswitch-rcm-nix";
+    };
+
+    # weekly updated nix-index database
+    nix-index-database = {
+      url = "github:nix-community/nix-index-database";
+      inputs.nixpkgs.follows = "nixpkgs";
+    };
+
+    disko = {
+       url =  "github:nix-community/disko";
+       inputs.nixpkgs.follows = "nixpkgs";
+    };
+
+    impermanence.url = "github:nix-community/impermanence";
+
+    zjstatus = {
+      url = "github:dj95/zjstatus";
+    };
+
+    fw-fanctrl = {
+      url = "github:TamtamHero/fw-fanctrl/packaging/nix";
+      inputs.nixpkgs.follows = "nixpkgs";
+    };
+
+    nix-darwin = {
+      url = "github:lnl7/nix-darwin";
+      inputs.nixpkgs.follows = "nixpkgs";
+    };
+
+    pre-commit-hooks = {
+      url = "github:cachix/git-hooks.nix";
+      inputs.nixpkgs.follows = "nixpkgs";
+    };
+
+    nix-secrets = {
+      url = "git+ssh://git@github.com/Swarsel/nix-secrets.git?ref=main&shallow=1";
+      flake = false;
+      inputs = { };
+    };
+
+  };
+
+  outputs =
+    inputs@{ self
+    , nixpkgs
+    , nixpkgs-stable
+    , home-manager
+    , nix-darwin
+    , systems
+    , ...
+    }:
+    let
+
+      inherit (self) outputs;
+      lib = nixpkgs.lib // home-manager.lib;
+
+      forEachSystem = f: lib.genAttrs (import systems) (system: f pkgsFor.${system});
+      forAllSystems = lib.genAttrs [
+        "x86_64-linux"
+        "aarch64-linux"
+        "x86_64-darwin"
+        "aarch64-darwin"
+      ];
+      pkgsFor = lib.genAttrs (import systems) (
+        system:
+        import nixpkgs {
+          inherit system;
+          config.allowUnfree = true;
+        }
+      );
+      mkFullHost = host: isNixos: {
+        ${host} =
+          let
+            func = if isNixos then lib.nixosSystem else inputs.nix-darwin.lib.darwinSystem;
+            systemFunc = func;
+          in
+          systemFunc {
+            specialArgs = { inherit inputs outputs self; };
+            modules = [ ./hosts/${if isNixos then "nixos" else "darwin"}/${host} ];
+          };
+      };
+      mkFullHostConfigs = hosts: isNixos: lib.foldl (acc: set: acc // set) { } (lib.map (host: mkFullHost host isNixos) hosts);
+      readHosts = folder: lib.attrNames (builtins.readDir ./hosts/${folder});
+
+      # NixOS modules that can only be used on NixOS systems
+      nixModules = [
+        inputs.stylix.nixosModules.stylix
+        inputs.lanzaboote.nixosModules.lanzaboote
+        inputs.disko.nixosModules.disko
+        # inputs.impermanence.nixosModules.impermanence
+        inputs.sops-nix.nixosModules.sops
+        inputs.nswitch-rcm-nix.nixosModules.nswitch-rcm
+        ./profiles/common/nixos
+      ];
+
+      # Home-Manager modules wanted on non-NixOS systems
+      homeModules = [
+        inputs.stylix.homeManagerModules.stylix
+      ];
+
+      # Home-Manager modules wanted on both NixOS and non-NixOS systems
+      mixedModules = [
+        inputs.sops-nix.homeManagerModules.sops
+        inputs.nix-index-database.hmModules.nix-index
+        ./profiles/common/home
+      ];
+
+      # For adding things to _module.args (making arguments available globally)
+      # moduleArgs = [
+      #   {
+      #     _module.args = { inherit self; };
+      #   }
+      # ];
+
+    in
+    {
+
+      inherit lib;
+      inherit mixedModules;
+      inherit nixModules;
+
+      nixosModules = import ./modules/nixos;
+      homeManagerModules = import ./modules/home;
+
+      packages = forEachSystem (pkgs: import ./pkgs { inherit pkgs; });
+      devShells = forEachSystem
+        (pkgs:
+          {
+            default = pkgs.mkShell {
+              NIX_CONFIG = "experimental-features = nix-command flakes";
+              nativeBuildInputs = [ pkgs.nix pkgs.home-manager pkgs.git ];
+            };
+          });
+
+      # this sets the formatter that is going to be used by nix fmt
+      formatter = forEachSystem (pkgs: pkgs.nixpkgs-fmt);
+      checks = forAllSystems (
+            system:
+            let
+              pkgs = nixpkgs.legacyPackages.${system};
+            in
+              import ./checks { inherit self inputs system pkgs; }
+      );
+      overlaysList = [
+        (import ./overlays { inherit inputs; }).additions
+        (import ./overlays { inherit inputs; }).modifications
+        (import ./overlays { inherit inputs; }).nixpkgs-stable
+        (import ./overlays { inherit inputs; }).zjstatus
+        inputs.nur.overlays.default
+        inputs.emacs-overlay.overlay
+        inputs.nixgl.overlay
+      ];
+
+
+      nixosConfigurations = 
+      nixosConfigurations = mkFullHostConfigs (readHosts "nixos") true;
+      nixosConfigurations = 
+
+      homeConfigurations = {
+
+         "swarsel@home-manager" = inputs.home-manager.lib.homeManagerConfiguration {
+          pkgs = pkgsFor.x86_64-linux;
+          extraSpecialArgs = { inherit inputs outputs; };
+           modules = homeModules ++ mixedModules ++ [
+             ./hosts/home-manager
+           ];
+         };
+
+      };
+
+      darwinConfigurations = 
+      darwinConfigurations = mkFullHostConfigs (readHosts "darwin") false;
+      darwinConfigurations = 
+
+      nixOnDroidConfigurations = {
+
+        magicant = inputs.nix-on-droid.lib.nixOnDroidConfiguration {
+         pkgs = pkgsFor.aarch64-linux;
+          modules = [
+            ./hosts/magicant
+          ];
+        };
+
+      };
+
+    };
+}
+
+
+
+
    +
    +
    +
    +
    +

    3.2. Pre-commit-hooks (Checks)

    +
    +

    +This file defines a number of checks that can either be run by calling nix flake check or +

    + +
    +
    { self, inputs, pkgs, system, ... }:
+{
+  pre-commit-check = inputs.pre-commit-hooks.lib.${system}.run {
+    src = "${self}";
+    hooks = {
+      check-added-large-files.enable = true;
+      check-case-conflicts.enable = true;
+      check-executables-have-shebangs.enable = true;
+      check-shebang-scripts-are-executable.enable = false;
+      check-merge-conflicts.enable = true;
+      deadnix.enable = true;
+      detect-private-keys.enable = true;
+      end-of-file-fixer.enable = true;
+      fix-byte-order-marker.enable = true;
+      flake-checker.enable = true;
+      forbid-new-submodules.enable = true;
+      mixed-line-endings.enable = true;
+      nixpkgs-fmt.enable = true;
+      statix.enable = true;
+      trim-trailing-whitespace.enable = true;
+
+      destroyed-symlinks = {
+        enable = true;
+        entry = "${inputs.pre-commit-hooks.checks.${system}.pre-commit-hooks}/bin/destroyed-symlinks";
+      };
+
+      shellcheck = {
+        enable = true;
+        entry = "${pkgs.shellcheck}/bin/shellcheck --shell=bash";
+      };
+
+      shfmt = {
+        enable = true;
+        entry = "${pkgs.shfmt}/bin/shfmt -i 4 -sr -d -s -l";
+      };
+
+    };
+  };
+}
+
    +
    +
    +
    +
    +

    3.3. Inputs

    +

    Here we define inputs and outputs of the flake. First, the following list is for the outputs of the flake.

    @@ -911,13 +1197,24 @@ nix-darwin = { inputs.nixpkgs.follows = "nixpkgs"; }; +pre-commit-hooks = { + url = "github:cachix/git-hooks.nix"; + inputs.nixpkgs.follows = "nixpkgs"; +}; + +nix-secrets = { + url = "git+ssh://git@github.com/Swarsel/nix-secrets.git?ref=main&shallow=1"; + flake = false; + inputs = { }; +}; +
    -
    -

    2.3.2. let

    -
    +
    +

    3.4. let

    +

    Here I define a few variables that I need for my system specifications. First and foremost, pkgs, which gets passed the emacs-overlay, nur, and nixgl modules to it. With this, I can grab all these packages by referencing pkgs.<name> instead of having to put e.g. nixgl.auto.nixGLDefault.

    @@ -927,10 +1224,17 @@ Lastly I define some common module lists that I can simply load depending on the

    -
    inherit (self) outputs;
+
    +inherit (self) outputs;
 lib = nixpkgs.lib // home-manager.lib;
 
 forEachSystem = f: lib.genAttrs (import systems) (system: f pkgsFor.${system});
+forAllSystems = lib.genAttrs [
+  "x86_64-linux"
+  "aarch64-linux"
+  "x86_64-darwin"
+  "aarch64-darwin"
+];
 pkgsFor = lib.genAttrs (import systems) (
   system:
   import nixpkgs {
@@ -938,6 +1242,19 @@ pkgsFor = lib.genAttrs (import systems) (
     config.allowUnfree = true;
   }
 );
+mkFullHost = host: isNixos: {
+  ${host} =
+    let
+      func = if isNixos then lib.nixosSystem else inputs.nix-darwin.lib.darwinSystem;
+      systemFunc = func;
+    in
+    systemFunc {
+      specialArgs = { inherit inputs outputs self; };
+      modules = [ ./hosts/${if isNixos then "nixos" else "darwin"}/${host} ];
+    };
+};
+mkFullHostConfigs = hosts: isNixos: lib.foldl (acc: set: acc // set) { } (lib.map (host: mkFullHost host isNixos) hosts);
+readHosts = folder: lib.attrNames (builtins.readDir ./hosts/${folder});
 
 # NixOS modules that can only be used on NixOS systems
 nixModules = [
@@ -968,13 +1285,14 @@ mixedModules = [
 #     _module.args = { inherit self; };
 #   }
 # ];
+
    -
    -

    2.3.3. General (outputs)

    -
    +
    +

    3.5. General (outputs)

    +

    In this section I am creating some attributes that define general concepts of my configuration:

    @@ -997,7 +1315,8 @@ In this section I am creating some attributes that define general concepts of my 
     inherit lib;
 inherit mixedModules;
-# inherit moduleArgs;
+inherit nixModules;
+
 nixosModules = import ./modules/nixos;
 homeManagerModules = import ./modules/home;
 
@@ -1010,13 +1329,22 @@ devShells = forEachSystem
         nativeBuildInputs = [ pkgs.nix pkgs.home-manager pkgs.git ];
       };
     });
+
+# this sets the formatter that is going to be used by nix fmt
 formatter = forEachSystem (pkgs: pkgs.nixpkgs-fmt);
-overlays = [
+checks = forAllSystems (
+      system:
+      let
+        pkgs = nixpkgs.legacyPackages.${system};
+      in
+        import ./checks { inherit self inputs system pkgs; }
+);
+overlaysList = [
   (import ./overlays { inherit inputs; }).additions
   (import ./overlays { inherit inputs; }).modifications
   (import ./overlays { inherit inputs; }).nixpkgs-stable
   (import ./overlays { inherit inputs; }).zjstatus
-  inputs.nur.overlay
+  inputs.nur.overlays.default
   inputs.emacs-overlay.overlay
   inputs.nixgl.overlay
 ];
@@ -1025,63 +1353,50 @@ overlays = [
    -
    -

    2.3.4. nixosConfigurations

    -
    +
    +

    3.6. nixosConfigurations

    +

    This section used to be much longer, since I performed all of my imports right here in the past. Since then, I have however refactored and now my important hosts can be defined in little space. Once I have fully transitioned my server to NixOS too this section will become even smaller once more.

    +

    +Note: The preceding nixosConfigurations is found in flake.nix template. Also, the method of generating the hosts was changed in commit +3a272b1 feat!: dynamically create hosts, and the deprecated system definitions removed in 7457109 main chore: remove deprecated static host config. See those commits for a state with a simpler config. +

    + + 
    +mkFullHostConfigs (readHosts "nixos") true;
 
-live = lib.nixosSystem {
-  specialArgs = { inherit inputs outputs; };
-  system = "x86_64-linux";
-  modules = nixModules ++ [
-    (nixpkgs + "/nixos/modules/installer/cd-dvd/installation-cd-minimal.nix")
-    ./profiles/live
-  ];
-};
-
-nbl-imba-2 = lib.nixosSystem {
-  specialArgs = { inherit self inputs outputs; };
-  modules = nixModules ++ [
-    ./profiles/nbl-imba-2
-  ];
-};
-
-winters = lib.nixosSystem {
-  specialArgs = { inherit self inputs outputs; };
-  modules = [
-    ./profiles/server/winters
-  ];
-};
-
-#ovm swarsel
-sync = nixpkgs.lib.nixosSystem {
-  specialArgs = { inherit inputs; };
-  modules = [
-    inputs.sops-nix.nixosModules.sops
-    ./profiles/remote/oracle/sync/nixos.nix
-  ];
-};
-
-#ovm swarsel
-swatrix = nixpkgs.lib.nixosSystem {
-  specialArgs = { inherit inputs; };
-  modules = [
-    inputs.sops-nix.nixosModules.sops
-    ./profiles/remote/oracle/matrix/nixos.nix
-  ];
-};
    -
    -

    2.3.5. homeConfigurations

    -
    +
    +

    3.7. darwinConfigurations

    +
    +

    +And this defines darwin systems (MacOS), which I only have one of, that serves as a template mostly. +

    + +

    +Note: The preceding darwinConfigurations is found in flake.nix template. Also, the method of generating the hosts was changed in commit +3a272b1 feat!: dynamically create hosts, and the deprecated system definitions removed in 7457109 main chore: remove deprecated static host config. See those commits for a state with a simpler config. +

    + +
    +
    +mkFullHostConfigs (readHosts "darwin") false;
+
+
    +
    +
    +
    +
    +

    3.8. homeConfigurations

    +

    In contrast, this defines home-manager systems, which I only have one of, that serves as a template mostly.

    @@ -1092,7 +1407,7 @@ In contrast, this defines home-manager systems, which I only have one of, that s pkgs = pkgsFor.x86_64-linux; extraSpecialArgs = { inherit inputs outputs; }; modules = homeModules ++ mixedModules ++ [ - ./profiles/home-manager + ./hosts/home-manager ]; }; @@ -1100,29 +1415,9 @@ In contrast, this defines home-manager systems, which I only have one of, that s
    -
    -

    2.3.6. darwinConfigurations

    -
    -

    -In contrast, this defines home-manager systems, which I only have one of, that serves as a template mostly. -

    - -
    -
    -"nbm-imba-166" = inputs.nix-darwin.lib.darwinSystem {
- specialArgs = { inherit inputs outputs; };
-  modules = [
-    ./profiles/nbm-imba-166
-  ];
-};
-
-
    -
    -
    -
    -
    -

    2.3.7. nixOnDroidConfigurations

    -
    +
    +

    3.9. nixOnDroidConfigurations

    +

    Nix on Android also demands an own flake output, which is provided here.

    @@ -1132,7 +1427,7 @@ Nix on Android also demands an own flake output, which is provided here. magicant = inputs.nix-on-droid.lib.nixOnDroidConfiguration { pkgs = pkgsFor.aarch64-linux; modules = [ - ./profiles/magicant + ./hosts/magicant ]; }; @@ -1141,101 +1436,94 @@ magicant = inputs.nix-on-droid.lib.nixOnDroidConfiguration {
    -
    -

    3. System

    +

    4. System

    -

    3.1. System specific configuration

    +

    4.1. System specific configuration

    This section mainly exists house different `configuration.nix` files for system level configurations of NixOS systems as well as `home.nix` for user level configurations on all systems.

    -

    3.1.1. Physical hosts

    +

    4.1.1. Physical hosts

      -
    1. live (ISO)
      -
      +
    2. live (ISO)
      +
      -
      { inputs, outputs, config, pkgs, lib, ... }:
+
      { self, inputs, config, pkgs, lib, modulesPath, ... }:
+let
+  pubKeys = lib.filesystem.listFilesRecursive "${self}/secrets/keys/ssh";
+in
 {
 
   imports = [
 
-    # ../optional/nixos/steam.nix
-    # ../optional/nixos/virtualbox.nix
-    # ../optional/nixos/vmware.nix
-    ../optional/nixos/autologin.nix
-    ../optional/nixos/nswitch-rcm.nix
-    # ../optional/nixos/work.nix
+  inputs.lanzaboote.nixosModules.lanzaboote
+  inputs.disko.nixosModules.disko
+  inputs.impermanence.nixosModules.impermanence
+  inputs.sops-nix.nixosModules.sops
+  "${modulesPath}/installer/cd-dvd/installation-cd-minimal.nix"
+  "${modulesPath}/installer/cd-dvd/channel.nix"
 
-    inputs.home-manager.nixosModules.home-manager
-    {
-      home-manager.users.swarsel.imports = outputs.mixedModules ++ [
-        ../optional/home/gaming.nix
-        # ../optional/home/work.nix
-      ] ++ (builtins.attrValues outputs.homeManagerModules);
-    }
-  ] ++ (builtins.attrValues outputs.nixosModules);
+  "${self}/profiles/iso//minimal.nix"
 
+  ];
+
+
+  isoImage = {
+    makeEfiBootable = true;
+    makeUsbBootable = true;
+    squashfsCompression = "zstd -Xcompression-level 3";
+  };
 
   nixpkgs = {
-    inherit (outputs) overlays;
-    config = {
-      allowUnfree = true;
-      allowBroken = true;
+    hostPlatform = lib.mkDefault "x86_64-linux";
+    config.allowUnfree = true;
+  };
+
+  services.getty.autologinUser = lib.mkForce "swarsel";
+
+  users = {
+    groups.swarsel = {};
+    users = {
+      swarsel = {
+        name = "swarsel";
+        group = "swarsel";
+        isNormalUser = true;
+        shell = pkgs.zsh;
+        password = "setup"; # this is overwritten after install
+        openssh.authorizedKeys.keys = lib.lists.forEach pubKeys (key: builtins.readFile key);
+      };
+      root = {
+        shell = pkgs.zsh;
+        password = lib.mkForce config.users.users.swarsel.password; # this is overwritten after install
+        openssh.authorizedKeys.keys = config.users.users.swarsel.openssh.authorizedKeys.keys;
+      };
     };
   };
 
-  isoImage.makeEfiBootable = true;
-  isoImage.makeUsbBootable = true;
-
-  networking.networkmanager.wifi.scanRandMacAddress = false;
-
-  boot = {
-    loader.efi.canTouchEfiVariables = true;
-    kernelPackages = pkgs.linuxPackages_latest;
+  systemd = {
+    services.sshd.wantedBy = lib.mkForce [ "multi-user.target" ];
+    targets = {
+      sleep.enable = false;
+      suspend.enable = false;
+      hibernate.enable = false;
+      hybrid-sleep.enable = false;
+    };
   };
 
   system.stateVersion = lib.mkForce "23.05";
-  services.getty.autologinUser = lib.mkForce "swarsel";
 
   networking = {
     hostName = "live";
-    wireless.enable = lib.mkForce false;
-    firewall.enable = true;
+    wireless.enable = false;
   };
 
-
-  swarselsystems = {
-    wallpaper = ../../wallpaper/lenovowp.png;
-    hasBluetooth = true;
-    hasFingerprint = true;
-    impermanence = false;
-    initialSetup = true;
-    isBtrfs = false;
-  };
-
-  home-manager.users.swarsel.swarselsystems = {
-    isLaptop = false;
-    isNixos = true;
-    isBtrfs = false;
-    startup = [
-      { command = "nextcloud --background"; }
-      { command = "vesktop --start-minimized --enable-speech-dispatcher --ozone-platform-hint=auto --enable-features=WaylandWindowDecorations --enable-wayland-ime"; }
-      { command = "element-desktop --hidden  --enable-features=UseOzonePlatform --ozone-platform=wayland --disable-gpu-driver-bug-workarounds"; }
-      { command = "ANKI_WAYLAND=1 anki"; }
-      { command = "OBSIDIAN_USE_WAYLAND=1 obsidian"; }
-      { command = "nm-applet"; }
-      { command = "teams-for-linux"; }
-      { command = "1password"; }
-      { command = "feishin"; }
-    ];
-  };
 }
 
 
@@ -1243,20 +1531,20 @@ This section mainly exists house different `configuration.nix` files for system
      3. -
    3. Home-manager only
      +
    4. Home-manager only (non-NixOS)

      This is the "reference implementation" of a setup that runs without NixOS, only relying on home-manager. I try to test this every now and then and keep it supported. However, manual steps are needed to get the system to work fully, depending on what distribution you are running on.

      -
      { inputs, outputs, config, ... }:
+
      { self, inputs, outputs, config, ... }:
 {
 
   imports = builtins.attrValues outputs.homeManagerModules;
 
   nixpkgs = {
-    inherit (outputs) overlays;
+    overlays = outputs.overlaysList;
     config = {
       allowUnfree = true;
     };
@@ -1278,7 +1566,7 @@ This is the "reference implementation" of a setup that runs without NixOS, only
   swarselsystems = {
     isLaptop = true;
     isNixos = false;
-    wallpaper = ../../wallpaper/surfacewp.png;
+    wallpaper = self + /wallpaper/surfacewp.png;
     temperatureHwmon = {
       isAbsolutePath = true;
       path = "/sys/devices/platform/thinkpad_hwmon/hwmon/";
@@ -1325,18 +1613,18 @@ let
 in
 {
 
-  imports = [
+  imports = outputs.nixModules ++ [
     inputs.nixos-hardware.nixosModules.framework-16-7040-amd
     inputs.fw-fanctrl.nixosModules.default
 
     ./hardware-configuration.nix
     ./disk-config.nix
 
-    "${profilesPath}/optional/nixos/steam.nix"
     "${profilesPath}/optional/nixos/virtualbox.nix"
-    # ../optional/nixos/vmware.nix
+    # "${profilesPath}/optional/nixos/vmware.nix"
     "${profilesPath}/optional/nixos/autologin.nix"
     "${profilesPath}/optional/nixos/nswitch-rcm.nix"
+    "${profilesPath}/optional/nixos/gaming.nix"
     "${profilesPath}/optional/nixos/work.nix"
 
     inputs.home-manager.nixosModules.home-manager
@@ -1350,7 +1638,7 @@ in
 
 
   nixpkgs = {
-    inherit (outputs) overlays;
+    overlays = outputs.overlaysList;
     config = {
       allowUnfree = true;
     };
@@ -1366,7 +1654,7 @@ in
       pkiBundle = "/etc/secureboot";
     };
     supportedFilesystems = [ "btrfs" ];
-    kernelPackages = pkgs.linuxPackages_latest;
+    kernelPackages = lib.mkDefault pkgs.linuxPackages_latest;
     kernelParams = [
       "resume_offset=533760"
     ];
@@ -1541,8 +1829,8 @@ in
      5. -
    5. Winters (Server)
      -
      +
    6. Winters (Server)
      +
      { self, inputs, outputs, config, ... }:
 let
@@ -1556,12 +1844,12 @@ in
     ./hardware-configuration.nix
 
     "${profilesPath}/optional/nixos/autologin.nix"
-    "${profilesPath}/server/common/nixos"
+    "${profilesPath}/server/nixos"
 
     inputs.home-manager.nixosModules.home-manager
     {
       home-manager.users.swarsel.imports = [
-    "${profilesPath}/server/common/home"
+    "${profilesPath}/server/home"
       ] ++ (builtins.attrValues outputs.homeManagerModules);
     }
 
@@ -1569,7 +1857,7 @@ in
 
 
   nixpkgs = {
-    inherit (outputs) overlays;
+    overlays = outputs.overlaysList;
     config = {
       allowUnfree = true;
     };
@@ -1622,8 +1910,8 @@ in
      7. -
    7. nbm-imba-166 (MacBook Pro)
      -
      +
    8. nbm-imba-166 (MacBook Pro)
      +
      { self, inputs, outputs, ... }:
 let
@@ -1662,8 +1950,8 @@ in
      9. -
    9. Magicant (Phone)
      -
      +
    10. Magicant (Phone)
      +
       { pkgs, ... }: {
@@ -1715,7 +2003,7 @@ in
    -

    3.1.2. Virtual hosts

    +

    4.1.2. Virtual hosts

    My server setup was originally built on Proxmox VE; back when I started, I created all kinds of wild Debian/Ubuntu/etc. KVMs and LXCs on there. However, the root disk has suffered a weird failure where it has become unable to be cloned, but it is still functional for now. I was for a long time rewriting all machines on there to use NixOS instead; this process is now finished. @@ -1733,10 +2021,12 @@ I have removed most of the machines from this section. What remains are some hos

  • NixOS
    -
    { config, pkgs, ... }:
+
    { self, config, inputs, pkgs, ... }:
 
 {
   imports = [
+
+     inputs.sops-nix.nixosModules.sops
     ./hardware-configuration.nix
   ];
 
@@ -1843,10 +2133,10 @@ I have removed most of the machines from this section. What remains are some hos
   };
   services.openssh = {
     enable = true;
-    settings.PermitRootLogin = "yes";
+    # settings.PermitRootLogin = "yes";
   };
   users.users.root.openssh.authorizedKeys.keyFiles = [
-    ../../../../secrets/keys/authorized_keys
+    "${self}/secrets/keys/ssh/nbl-imba-2.pub"
   ];
 
   system.stateVersion = "23.11"; # TEMPLATE - but probably no need to change
@@ -1898,414 +2188,6 @@ I have removed most of the machines from this section. What remains are some hos
 
 }
 
-
    
-
    -
    -
    • - - -
  • [Manual steps required] Swatrix (OCI)
    -
    -
    -
      -
    1. NixOS
      -
      -

      -This is a backup matrix server that is meant to be deployed on OCI. I have not gotten to that yet. -

      - -
      -
      -settings.app_service_config_files = [
-  "/var/lib/matrix-synapse/telegram-registration.yaml"
-  "/var/lib/matrix-synapse/whatsapp-registration.yaml"
-  "/var/lib/matrix-synapse/signal-registration.yaml"
-  "/var/lib/matrix-synapse/doublepuppet.yaml"
-]
-
-
      -
      - -

      -need to be moved to the corresponding location. The below files are created as soon as the appservice is run once. This means that matrix will crash on the first startup; afterwards run these commands and restart the service. -

      - -
      -
      -cp /var/lib/mautrix-telegram/telegram-registration.yaml /var/lib/matrix-synapse/
-chown matrix-synapse:matrix-synapse /var/lib/matrix-synapse/telegram-registration.yaml
-cp /var/lib/mautrix-signal/signal-registration.yaml /var/lib/matrix-synapse/
-chown matrix-synapse:matrix-synapse /var/lib/matrix-synapse/signal-registration.yaml
-cp /var/lib/mautrix-whatsapp/whatsapp-registration.yaml /var/lib/matrix-synapse/
-chown matrix-synapse:matrix-synapse /var/lib/matrix-synapse/whatsapp-registration.yaml
-
-
      -
      - -

      -as for the contents of doublepuppet.yaml: -

      - -
      -
      id: doublepuppet
-url:
-as_token: doublepuppet
-hs_token: notused
-sender_localpart: notused
-rate_limited: false
-namespaces:
-  users:
-  - regex: '@.*:matrix2\.swarsel\.win'
-    exclusive: false
-
      -
      - -

      -Lastly, the machine that runs matrix needs to regularly update, as otherwise you will lose connectivity to the bridges. -

      - -
      -
      { config, pkgs, sops, ... }:
-let
-  matrixDomain = "swatrix.swarsel.win";
-in
-{
-
-  imports = [
-    ./hardware-configuration.nix
-  ];
-
-  environment.systemPackages = with pkgs; [
-    git
-    gnupg
-    ssh-to-age
-    matrix-synapse
-    lottieconverter
-    ffmpeg
-  ];
-
-  services.xserver.xkb = {
-    layout = "us";
-    variant = "altgr-intl";
-  };
-
-  nix.settings.experimental-features = [ "nix-command" "flakes" ];
-
-  sops = {
-    age.sshKeyPaths = [ "/etc/ssh/sops" ];
-    defaultSopsFile = "/root/.dotfiles/secrets/omatrix/secrets.yaml";
-    validateSopsFiles = false;
-    secrets = {
-      dnstokenfull = { owner = "acme"; };
-      matrixsharedsecret = { owner = "matrix-synapse"; };
-      mautrixtelegram_as = { owner = "matrix-synapse"; };
-      mautrixtelegram_hs = { owner = "matrix-synapse"; };
-      mautrixtelegram_api_id = { owner = "matrix-synapse"; };
-      mautrixtelegram_api_hash = { owner = "matrix-synapse"; };
-    };
-    templates = {
-      "certs.secret".content = ''
-        CF_DNS_API_TOKEN=${config.sops.placeholder.dnstokenfull}
-      '';
-      "matrix_user_register.sh".content = ''
-        register_new_matrix_user -k ${config.sops.placeholder.matrixsharedsecret} http://localhost:8008
-      '';
-      mautrixtelegram = {
-        owner = "matrix-synapse";
-        content = ''
-          MAUTRIX_TELEGRAM_APPSERVICE_AS_TOKEN=${config.sops.placeholder.mautrixtelegram_as}
-          MAUTRIX_TELEGRAM_APPSERVICE_HS_TOKEN=${config.sops.placeholder.mautrixtelegram_hs}
-          MAUTRIX_TELEGRAM_TELEGRAM_API_ID=${config.sops.placeholder.mautrixtelegram_api_id}
-          MAUTRIX_TELEGRAM_TELEGRAM_API_HASH=${config.sops.placeholder.mautrixtelegram_api_hash}
-        '';
-      };
-      matrixshared = {
-        owner = "matrix-synapse";
-        content = ''
-          registration_shared_secret: ${config.sops.placeholder.matrixsharedsecret}
-        '';
-      };
-    };
-  };
-
-  documentation = {
-    enable = false;
-  };
-
-  security.acme = {
-    acceptTerms = true;
-    preliminarySelfsigned = false;
-    defaults.email = "mrswarsel@gmail.com";
-    defaults.dnsProvider = "cloudflare";
-    defaults.environmentFile = "${config.sops.templates."certs.secret".path}";
-  };
-
-  services.nginx = {
-    enable = true;
-    recommendedProxySettings = true;
-    recommendedTlsSettings = true;
-    recommendedOptimisation = true;
-    recommendedGzipSettings = true;
-    virtualHosts = {
-
-      "swatrix.swarsel.win" = {
-        enableACME = true;
-        forceSSL = true;
-        acmeRoot = null;
-        locations = {
-          "~ ^(/_matrix|/_synapse/client)" = {
-            proxyPass = "http://localhost:8008";
-            extraConfig = ''
-              client_max_body_size 0;
-            '';
-          };
-        };
-      };
-    };
-  };
-
-  boot.tmp.cleanOnBoot = true;
-  zramSwap.enable = false;
-  networking = {
-    hostName = "swatrix";
-    enableIPv6 = false;
-    domain = "swarsel.win";
-    firewall.extraCommands = ''
-      iptables -I INPUT -m state --state NEW -p tcp --dport 80 -j ACCEPT
-      iptables -I INPUT -m state --state NEW -p tcp --dport 443 -j ACCEPT
-      iptables -I INPUT -m state --state NEW -p tcp --dport 8008 -j ACCEPT
-      iptables -I INPUT -m state --state NEW -p tcp --dport 29317 -j ACCEPT
-      iptables -I INPUT -m state --state NEW -p tcp --dport 29318 -j ACCEPT
-      iptables -I INPUT -m state --state NEW -p tcp --dport 29328 -j ACCEPT
-    '';
-  };
-  services.openssh = {
-    enable = true;
-    settings.PermitRootLogin = "yes";
-  };
-  users.users.root.openssh.authorizedKeys.keyFiles = [
-    ../../../../secrets/keys/authorized_keys
-  ];
-
-  system.stateVersion = "23.11"; # TEMPLATE - but probably no need to change
-
-  environment.shellAliases = {
-    nswitch = "cd ~/.dotfiles; git pull; nixos-rebuild --flake .#$(hostname) switch; cd -;";
-  };
-
-  boot.loader.grub.device = "nodev";
-
-  services.postgresql = {
-    enable = true;
-    initialScript = pkgs.writeText "synapse-init.sql" ''
-      CREATE ROLE "matrix-synapse" WITH LOGIN PASSWORD 'synapse';
-      CREATE DATABASE "matrix-synapse" WITH OWNER "matrix-synapse"
-        TEMPLATE template0
-        LC_COLLATE = "C"
-        LC_CTYPE = "C";
-      CREATE ROLE "mautrix-telegram" WITH LOGIN PASSWORD 'telegram';
-      CREATE DATABASE "mautrix-telegram" WITH OWNER "mautrix-telegram"
-        TEMPLATE template0
-        LC_COLLATE = "C"
-        LC_CTYPE = "C";
-      CREATE ROLE "mautrix-whatsapp" WITH LOGIN PASSWORD 'whatsapp';
-      CREATE DATABASE "mautrix-whatsapp" WITH OWNER "mautrix-whatsapp"
-        TEMPLATE template0
-        LC_COLLATE = "C"
-        LC_CTYPE = "C";
-      CREATE ROLE "mautrix-signal" WITH LOGIN PASSWORD 'signal';
-      CREATE DATABASE "mautrix-signal" WITH OWNER "mautrix-signal"
-        TEMPLATE template0
-        LC_COLLATE = "C"
-        LC_CTYPE = "C";
-    '';
-  };
-  services.matrix-synapse = {
-    settings.app_service_config_files = [
-      "/var/lib/matrix-synapse/telegram-registration.yaml"
-      "/var/lib/matrix-synapse/whatsapp-registration.yaml"
-      "/var/lib/matrix-synapse/signal-registration.yaml"
-      "/var/lib/matrix-synapse/doublepuppet.yaml"
-    ];
-    enable = true;
-    settings = {
-      server_name = matrixDomain;
-      public_baseurl = "https://${matrixDomain}";
-    };
-    listeners = [
-      {
-        port = 8008;
-        bind_addresses = [ "0.0.0.0" ];
-        type = "http";
-        tls = false;
-        x_forwarded = true;
-        resources = [
-          {
-            names = [ "client" "federation" ];
-            compress = true;
-          }
-        ];
-      }
-    ];
-    extraConfigFiles = [
-      config.sops.templates.matrixshared.path
-    ];
-  };
-
-  services.mautrix-telegram = {
-    enable = true;
-    environmentFile = config.sops.templates.mautrixtelegram.path;
-    settings = {
-      homeserver = {
-        address = "http://localhost:8008";
-        domain = matrixDomain;
-      };
-      appservice = {
-        address = "http://localhost:29317";
-        hostname = "0.0.0.0";
-        port = "29317";
-        provisioning.enabled = true;
-        id = "telegram";
-        # ephemeral_events = true; # not needed due to double puppeting
-        public = {
-          enabled = false;
-        };
-        database = "postgresql:///mautrix-telegram?host=/run/postgresql";
-      };
-      bridge = {
-        relaybot.authless_portals = true;
-        allow_avatar_remove = true;
-        allow_contact_info = true;
-        sync_channel_members = true;
-        startup_sync = true;
-        sync_create_limit = 0;
-        sync_direct_chats = true;
-        telegram_link_preview = true;
-        permissions = {
-          "*" = "relaybot";
-          "@swarsel:${matrixDomain}" = "admin";
-        };
-        animated_sticker = {
-          target = "gif";
-          args = {
-            width = 256;
-            height = 256;
-            fps = 30; # only for webm
-            background = "020202"; # only for gif, transparency not supported
-          };
-        };
-      };
-    };
-  };
-  systemd.services.mautrix-telegram.path = with pkgs; [
-    lottieconverter # for animated stickers conversion, unfree package
-    ffmpeg # if converting animated stickers to webm (very slow!)
-  ];
-
-  services.mautrix-whatsapp = {
-    enable = true;
-    settings = {
-      homeserver = {
-        address = "http://localhost:8008";
-        domain = matrixDomain;
-      };
-      appservice = {
-        address = "http://localhost:29318";
-        hostname = "0.0.0.0";
-        port = 29318;
-        database = {
-          type = "postgres";
-          uri = "postgresql:///mautrix-whatsapp?host=/run/postgresql";
-        };
-      };
-      bridge = {
-        displayname_template = "{{or .FullName .PushName .JID}} (WA)";
-        history_sync = {
-          backfill = true;
-          max_initial_conversations = -1;
-          message_count = -1;
-          request_full_sync = true;
-          full_sync_config = {
-            days_limit = 900;
-            size_mb_limit = 5000;
-            storage_quota_mb = 5000;
-          };
-        };
-        login_shared_secret_map = {
-          matrixDomain = "as_token:doublepuppet";
-        };
-        sync_manual_marked_unread = true;
-        send_presence_on_typing = true;
-        parallel_member_sync = true;
-        url_previews = true;
-        caption_in_message = true;
-        extev_polls = true;
-        permissions = {
-          "*" = "relaybot";
-          "@swarsel:${matrixDomain}" = "admin";
-        };
-      };
-    };
-  };
-
-  services.mautrix-signal = {
-    enable = true;
-    registerToSynapse = false; # this has the same effect as registering to app_service_config_file above
-    settings = {
-      homeserver = {
-        address = "http://localhost:8008";
-        domain = matrixDomain;
-      };
-      appservice = {
-
-        address = "http://localhost:29328";
-        hostname = "0.0.0.0";
-        port = 29328;
-        database = {
-          type = "postgres";
-          uri = "postgresql:///mautrix-signal?host=/run/postgresql";
-        };
-      };
-      bridge = {
-        displayname_template = "{{or .ContactName .ProfileName .PhoneNumber}} (Signal)";
-        login_shared_secret_map = {
-          matrixDomain = "as_token:doublepuppet";
-        };
-        caption_in_message = true;
-        permissions = {
-          "*" = "relaybot";
-          "@swarsel:${matrixDomain}" = "admin";
-        };
-      };
-    };
-  };
-
-  # restart the bridges daily. this is done for the signal bridge mainly which stops carrying
-  # messages out after a while.
-
-  systemd.timers."restart-bridges" = {
-    wantedBy = [ "timers.target" ];
-    timerConfig = {
-      OnBootSec = "1d";
-      OnUnitActiveSec = "1d";
-      Unit = "restart-bridges.service";
-    };
-  };
-
-  systemd.services."restart-bridges" = {
-    script = ''
-      systemctl restart mautrix-whatsapp.service
-      systemctl restart mautrix-signal.service
-      systemctl restart mautrix-telegram.service
-    '';
-    serviceConfig = {
-      Type = "oneshot";
-      User = "root";
-    };
-  };
-
-}
-
      @@ -2316,7 +2198,7 @@ in
      -

      3.2. Overlays, packages, and modules

      +

      4.2. Overlays, packages, and modules

      In this section I define packages that I manually want to nixpkgs. This can be useful for packages that are currently awaiting a PR or public packages that I do not want to maintain. @@ -2336,33 +2218,44 @@ This is simply a mirror of the most recent stable branch of nixpkgs. Useful for

    -

    3.2.1. Packages

    +

    4.2.1. Packages

    This is the central station for self-defined packages. These are all referenced in default.nix. Wherever possible, I am keeping the shell version of these scripts in this file as well and then read it using builtin.readFile in the NixOS configurations. This lets me keep full control in this one file but also keep the separate files uncluttered.

    +

    +Note: The structure of generating the packages was changed in commit 2cf03a3 refactor: package and module generation. That commit can be checked out in order to see a simpler version of achieving the same thing. +

    + 
    { pkgs, ... }:
 let
-  inherit (pkgs) callPackage;
-in
-{
-  pass-fuzzel = callPackage ./pass-fuzzel { };
-  cura5 = callPackage ./cura5 { };
-  cdw = callPackage ./cdw { };
-  cdb = callPackage ./cdb { };
-  bak = callPackage ./bak { };
-  timer = callPackage ./timer { };
-  e = callPackage ./e { };
-  swarselcheck = callPackage ./swarselcheck { };
-  waybarupdate = callPackage ./waybarupdate { };
-  opacitytoggle = callPackage ./opacitytoggle { };
-  fs-diff = callPackage ./fs-diff { };
-  update-checker = callPackage ./update-checker { };
-  github-notifications = callPackage ./github-notifications { };
-  screenshare = callPackage ./screenshare { };
-}
+  packageNames = [
+    "pass-fuzzel"
+    "cura5"
+    "hm-specialisation"
+    "cdw"
+    "cdb"
+    "bak"
+    "timer"
+    "e"
+    "swarselcheck"
+    "waybarupdate"
+    "opacitytoggle"
+    "fs-diff"
+    "update-checker"
+    "github-notifications"
+    "screenshare"
+    "bootstrap"
+  ];
+  mkPackages = names: builtins.listToAttrs (map (name: {
+    inherit name;
+    value = pkgs.callPackage ./${name} { };
+  }) names);
+  in
+  mkPackages packageNames
+
    @@ -2382,11 +2275,13 @@ otp=0 typeit=0 while :; do case ${1:-} in - -t|--type) typeit=1 - ;; - -o|--otp) otp=1 - ;; - *) break + -t | --type) + typeit=1 + ;; + -o | --otp) + otp=1 + ;; + *) break ;; esac shift done @@ -2394,27 +2289,33 @@ done export PASSWORD_STORE_DIR=~/.local/share/password-store prefix=${PASSWORD_STORE_DIR-~/.local/share/password-store} if [[ $otp -eq 0 ]]; then - password_files=( "$prefix"/**/*.gpg ) + password_files=("$prefix"/**/*.gpg) else - password_files=( "$prefix"/otp/**/*.gpg ) + password_files=("$prefix"/otp/**/*.gpg) fi -password_files=( "${password_files[@]#"$prefix"/}" ) -password_files=( "${password_files[@]%.gpg}" ) +password_files=("${password_files[@]#"$prefix"/}") +password_files=("${password_files[@]%.gpg}") password=$(printf '%s\n' "${password_files[@]}" | fuzzel --dmenu "$@") [[ -n $password ]] || exit if [[ $otp -eq 0 ]]; then if [[ $typeit -eq 0 ]]; then - pass show -c "$password" &>/tmp/pass-fuzzel + pass show -c "$password" &> /tmp/pass-fuzzel else - pass show "$password" | { IFS= read -r pass; printf %s "$pass"; } | wtype - + pass show "$password" | { + IFS= read -r pass + printf %s "$pass" + } | wtype - fi else if [[ $typeit -eq 0 ]]; then - pass otp -c "$password" &>/tmp/pass-fuzzel + pass otp -c "$password" &> /tmp/pass-fuzzel else - pass otp "$password" | { IFS= read -r pass; printf %s "$pass"; } | wtype - + pass otp "$password" | { + IFS= read -r pass + printf %s "$pass" + } | wtype - fi fi notify-send -u critical -a pass -t 1000 "Copied/Typed Password" @@ -2447,11 +2348,11 @@ The version of cura used to be quite outdated in nixpkgs. I am fetc let cura5 = appimageTools.wrapType2 rec { - name = "cura5"; - version = "5.4.0"; + pname = "cura5"; + version = "5.9.0"; src = fetchurl { - url = "https://github.com/Ultimaker/Cura/releases/download/${version}/UltiMaker-Cura-${version}-linux-modern.AppImage"; - hash = "sha256-QVv7Wkfo082PH6n6rpsB79st2xK2+Np9ivBg/PYZd74="; + url = "https://github.com/Ultimaker/Cura/releases/download/${version}/UltiMaker-Cura-${version}-linux-X64.AppImage"; + hash = "sha256-STtVeM4Zs+PVSRO3cI0LxnjRDhOxSlttZF+2RIXnAp4="; }; extraPkgs = pkgs: with pkgs; [ ]; }; @@ -2471,6 +2372,31 @@ writeScriptBin "cura" '' exec "${cura5}/bin/cura5" "''${args[@]}" '' + +
    +
    +
    • +
  • hm-specialisation
    +
    +

    +This script allows for quick git home-manager specialisation switching. +

    + + +
    +
    { writeShellApplication, fzf, findutils, home-manager }:
+
+writeShellApplication {
+  name = "hm-specialisation";
+  runtimeInputs = [ fzf findutils home-manager ];
+  text = ''
+    genpath=$(home-manager generations | head -1 | awk '{print $7}')
+    dirs=$(find "$genpath/specialisation" -type l 2>/dev/null; [ -d "$genpath" ] && echo "$genpath")
+    "$(echo "$dirs" | fzf --prompt="Choose home-manager specialisation to activate")"/activate
+  '';
+}
+
+
    @@ -2573,14 +2499,15 @@ This is a shorthand for calling emacsclient mostly. Also, it hides the kittyterm 
    wait=0
 while :; do
     case ${1:-} in
-        -w|--wait) wait=1
-                   ;;
-        *) break
+    -w | --wait)
+        wait=1
+        ;;
+    *) break ;;
     esac
     shift
 done
 
-STR=$(swaymsg -t get_tree | jq -r 'recurse(.nodes[]) | select(.name == "__i3_scratch")' | grep kittyterm || true )
+STR=$(swaymsg -t get_tree | jq -r 'recurse(.nodes[]) | select(.name == "__i3_scratch")' | grep kittyterm || true)
 if [ "$STR" == "" ]; then
     swaymsg '[title="kittyterm"]' scratchpad show
     emacsclient -c -a "" "$@"
@@ -2596,11 +2523,11 @@ fi
 
 
 
    
-
    { writeShellApplication, emacs-pgtk, sway, jq }:
+
    { writeShellApplication, emacs30-pgtk, sway, jq }:
 
 writeShellApplication {
   name = "e";
-  runtimeInputs = [ emacs-pgtk sway jq ];
+  runtimeInputs = [ emacs30-pgtk sway jq ];
   text = builtins.readFile ../../scripts/e.sh;
 }
 
@@ -2617,7 +2544,7 @@ The normal command-not-found.sh uses the outdated nix-shell
 
    # Adapted from https://github.com/bennofs/nix-index/blob/master/command-not-found.sh
-command_not_found_handle () {
+command_not_found_handle() {
     if [ -n "${MC_SID-}" ] || ! [ -t 1 ]; then
         >&2 echo "$1: command not found"
         return 127
@@ -2627,24 +2554,25 @@ command_not_found_handle () {
     ATTRS=$(@nix-locate@ --minimal --no-group --type x --type s --top-level --whole-name --at-root "/bin/$1")
 
     case $(echo -n "$ATTRS" | grep -c "^") in
-        0)
-            >&2 echo -ne "$(@tput@ el1)\r"
-            >&2 echo "$1: command not found"
-            ;;
-        *)
-            >&2 echo -ne "$(@tput@ el1)\r"
-            >&2 echo "The program ‘$(@tput@ setaf 4)$1$(@tput@ sgr0)’ is currently not installed."
-            >&2 echo "It is provided by the following derivation(s):"
-            while read -r ATTR; do
-                ATTR=${ATTR%.out}
-                >&2 echo "  $(@tput@ setaf 12)nixpkgs#$(@tput@ setaf 4)$ATTR$(@tput@ sgr0)"
-            done <<< "$ATTRS"
+    0)
+        >&2 echo -ne "$(@tput@ el1)\r"
+        >&2 echo "$1: command not found"
+        ;;
+    *)
+        >&2 echo -ne "$(@tput@ el1)\r"
+        >&2 echo "The program ‘$(@tput@ setaf 4)$1$(@tput@ sgr0)’ is currently not installed."
+        >&2 echo "It is provided by the following derivation(s):"
+        while read -r ATTR; do
+            ATTR=${ATTR%.out}
+            >&2 echo "  $(@tput@ setaf 12)nixpkgs#$(@tput@ setaf 4)$ATTR$(@tput@ sgr0)"
+        done <<< "$ATTRS"
+        ;;
     esac
 
     return 127
 }
 
-command_not_found_handler () {
+command_not_found_handler() {
     command_not_found_handle "$@"
     return $?
 }
@@ -2665,15 +2593,19 @@ vesktop=0
 spotifyplayer=0
 while :; do
     case ${1:-} in
-        -k|--kitty) kitty=1
-                   ;;
-        -e|--element) element=1
-                   ;;
-        -d|--vesktop) vesktop=1
-                   ;;
-        -s|--spotifyplayer) spotifyplayer=1
-                   ;;
-        *) break
+    -k | --kitty)
+        kitty=1
+        ;;
+    -e | --element)
+        element=1
+        ;;
+    -d | --vesktop)
+        vesktop=1
+        ;;
+    -s | --spotifyplayer)
+        spotifyplayer=1
+        ;;
+    *) break ;;
     esac
     shift
 done
@@ -2682,7 +2614,8 @@ if [[ $kitty -eq 1 ]]; then
     STR=$(swaymsg -t get_tree | jq -r 'recurse(.nodes[]) | select(.name == "__i3_scratch")' | grep kittyterm || true)
     CHECK=$(swaymsg -t get_tree | grep kittyterm || true)
     if [ "$CHECK" == "" ]; then
-        exec kitty -T kittyterm & sleep 1
+        exec kitty -T kittyterm &
+        sleep 1
     fi
     if [ "$STR" == "" ]; then
         exec swaymsg '[title="kittyterm"]' scratchpad show
@@ -2707,7 +2640,8 @@ elif [[ $spotifyplayer -eq 1 ]]; then
     STR=$(swaymsg -t get_tree | jq -r 'recurse(.nodes[]) | select(.name == "__i3_scratch")' | grep spotifytui || true)
     CHECK=$(swaymsg -t get_tree | grep spotifytui || true)
     if [ "$CHECK" == "" ]; then
-        exec kitty -T spotifytui -o confirm_os_window_close=0 spotify_player & sleep 1
+        exec kitty -T spotifytui -o confirm_os_window_close=0 spotify_player &
+        sleep 1
     fi
     if [ "$STR" == "" ]; then
         exec swaymsg '[title="spotifytui"]' scratchpad show
@@ -2740,7 +2674,7 @@ This scripts checks if there are uncommited changes in either my dotfile repo, m
 
    
 
    CFG=$(git --git-dir="$HOME"/.dotfiles/.git --work-tree="$HOME"/.dotfiles/ status -s | wc -l)
 CSE=$(git --git-dir="$HOME"/Documents/GitHub/CSE_TUWIEN/.git --work-tree="$HOME"/Documents/GitHub/CSE_TUWIEN/ status -s | wc -l)
-PASS=$(( $(git --git-dir="$HOME"/.local/share/password-store/.git --work-tree="$HOME"/.local/share/password-store/ status -s | wc -l) + $(git --git-dir="$HOME"/.local/share/password-store/.git --work-tree="$HOME"/.local/share/password-store/ diff origin/main..HEAD | wc -l) ))
+PASS=$(($(git --git-dir="$HOME"/.local/share/password-store/.git --work-tree="$HOME"/.local/share/password-store/ status -s | wc -l) + $(git --git-dir="$HOME"/.local/share/password-store/.git --work-tree="$HOME"/.local/share/password-store/ diff origin/main..HEAD | wc -l)))
 
 if [[ $CFG != 0 ]]; then
     CFG_STR='CONFIG'
@@ -2762,7 +2696,6 @@ fi
 
 OUT="$CFG_STR""$CSE_STR""$PASS_STR"
 echo "$OUT"
-
 
    
 
    
 
@@ -2787,9 +2720,9 @@ This app quickly toggles between 5% and 0% transparency.
 
 
    
 
    if swaymsg opacity plus 0.01 -q; then
-        swaymsg opacity 1
+    swaymsg opacity 1
 else
-        swaymsg opacity 0.95
+    swaymsg opacity 0.95
 fi
 
    
 
    
@@ -2819,20 +2752,20 @@ OLD_TRANSID=$(sudo btrfs subvolume find-new /mnt/root-blank 9999999)
 OLD_TRANSID=${OLD_TRANSID#transid marker was }
 
 sudo btrfs subvolume find-new "/mnt/root" "$OLD_TRANSID" |
-sed '$d' |
-cut -f17- -d' ' |
-sort |
-uniq |
-while read -r path; do
-  path="/$path"
-  if [ -L "$path" ]; then
-    : # The path is a symbolic link, so is probably handled by NixOS already
-  elif [ -d "$path" ]; then
-    : # The path is a directory, ignore
-  else
-    echo "$path"
-  fi
-done
+    sed '$d' |
+    cut -f17- -d' ' |
+    sort |
+    uniq |
+    while read -r path; do
+        path="/$path"
+        if [ -L "$path" ]; then
+            : # The path is a symbolic link, so is probably handled by NixOS already
+        elif [ -d "$path" ]; then
+            : # The path is a directory, ignore
+        else
+            echo "$path"
+        fi
+    done
 
    
 
    
 
@@ -2854,8 +2787,7 @@ This utility checks if there are updated packages in nixpkgs-unstable. It does s
 
    
 
 
    
-
    -updates="$( { cd /home/swarsel/.dotfiles && nix flake lock --update-input nixpkgs && nix build .#nixosConfigurations."$(eval hostname)".config.system.build.toplevel &&  nvd diff /run/current-system ./result | grep -c '\[U'; } || true)"
+
    updates="$({ cd /home/swarsel/.dotfiles && nix flake lock --update-input nixpkgs && nix build .#nixosConfigurations."$(eval hostname)".config.system.build.toplevel && nvd diff /run/current-system ./result | grep -c '\[U'; } || true)"
 
 alt="has-updates"
 if [[ $updates -eq 0 ]]; then
@@ -2864,13 +2796,11 @@ fi
 
 tooltip="System updated"
 if [[ $updates != 0 ]]; then
-    tooltip=$(cd ~/.dotfiles && nvd diff /run/current-system ./result | grep -e '\[U' | awk '{ for (i=3; i<NF; i++) printf $i " "; if (NF >= 3) print $NF; }' ORS='\\n' )
+    tooltip=$(cd ~/.dotfiles && nvd diff /run/current-system ./result | grep -e '\[U' | awk '{ for (i=3; i<NF; i++) printf $i " "; if (NF >= 3) print $NF; }' ORS='\\n')
     echo "{ \"text\":\"$updates\", \"alt\":\"$alt\", \"tooltip\":\"$tooltip\" }"
 else
     echo "{ \"text\":\"\", \"alt\":\"$alt\", \"tooltip\":\"\" }"
 fi
-
-
 
    
 
    
 
@@ -2911,17 +2841,17 @@ writeShellApplication {
    • -
  • screenshare
    -
    +
  • screenshare
    +
    -
    -SHARESCREEN="$(nix eval --raw ~/.dotfiles#nixosConfigurations."$(hostname)".config.home-manager.users."$(whoami)".swarselsystems.sharescreen)"
+
    SHARESCREEN="$(nix eval --raw ~/.dotfiles#nixosConfigurations."$(hostname)".config.home-manager.users."$(whoami)".swarselsystems.sharescreen)"
 
 touch /tmp/screenshare.state
-STATE=$(</tmp/screenshare.state)
+STATE=$(< /tmp/screenshare.state)
 
-if [[ "$STATE" != "1" ]]; then
-    wl-mirror "$SHARESCREEN" & sleep 0.1
+if [[ $STATE != "1" ]]; then
+    wl-mirror "$SHARESCREEN" &
+    sleep 0.1
     swaymsg output "$SHARESCREEN" mode "$SWARSEL_LO_RES"
     echo 1 > /tmp/screenshare.state
     swaymsg '[app_id=at.yrlf.wl_mirror] move to workspace 12:S'
@@ -2931,7 +2861,6 @@ else
     echo 0 > /tmp/screenshare.state
     swaymsg '[app_id=at.yrlf.wl_mirror] kill'
 fi
-
    @@ -2948,15 +2877,154 @@ writeShellApplication {
    • +
  • bootstrap
    +
    +

    +This program sets up a new NixOS host. +

    + +
    +
    # highly inspired by https://github.com/EmergentMind/nix-config/blob/dev/scripts/bootstrap-nixos.sh
+set -eo pipefail
+
+target_hostname=""
+target_destination=""
+target_user="swarsel"
+ssh_port="22"
+temp=$(mktemp -d)
+
+function help_and_exit() {
+    echo
+    echo "Remotely installs NixOS on a target machine using this nix-config."
+    echo
+    echo "USAGE: $0 -n <target_hostname> -d <target_destination> [OPTIONS]"
+    echo
+    echo "ARGS:"
+    echo "  -n <target_hostname>                    specify target_hostname of the target host to deploy the nixos config on."
+    echo "  -d <target_destination>                 specify ip or url to the target host."
+    echo "                                          target during install process."
+    echo
+    echo "OPTIONS:"
+    echo "  -u <target_user>                        specify target_user with sudo access. nix-config will be cloned to their home."
+    echo "                                          Default='${target_user}'."
+    echo "  --port <ssh_port>                       specify the ssh port to use for remote access. Default=${ssh_port}."
+    echo "  --impermanence                          Use this flag if the target machine has impermanence enabled. WARNING: Assumes /persist path."
+    echo "  --debug                                 Enable debug mode."
+    echo "  -h | --help                             Print this help."
+    exit 0
+}
+
+function cleanup() {
+    rm -rf "$temp"
+}
+trap cleanup exit
+
+function red() {
+    echo -e "\x1B[31m[!] $1 \x1B[0m"
+    if [ -n "${2-}" ]; then
+        echo -e "\x1B[31m[!] $($2) \x1B[0m"
+    fi
+}
+function green() {
+    echo -e "\x1B[32m[+] $1 \x1B[0m"
+    if [ -n "${2-}" ]; then
+        echo -e "\x1B[32m[+] $($2) \x1B[0m"
+    fi
+}
+function yellow() {
+    echo -e "\x1B[33m[*] $1 \x1B[0m"
+    if [ -n "${2-}" ]; then
+        echo -e "\x1B[33m[*] $($2) \x1B[0m"
+    fi
+}
+
+function yes_or_no() {
+    echo -en "\x1B[32m[+] $* [y/n] (default: y): \x1B[0m"
+    while true; do
+        read -rp "" yn
+        yn=${yn:-y}
+        case $yn in
+        [Yy]*) return 0 ;;
+        [Nn]*) return 1 ;;
+        esac
+    done
+}
+
+while [[ $# -gt 0 ]]; do
+    case "$1" in
+    -n)
+        shift
+        target_hostname=$1
+        ;;
+    -d)
+        shift
+        target_destination=$1
+        ;;
+    -u)
+        shift
+        target_user=$1
+        ;;
+    --port)
+        shift
+        ssh_port=$1
+        ;;
+    --temp-override)
+        shift
+        temp=$1
+        ;;
+    --debug)
+        set -x
+        ;;
+    -h | --help) help_and_exit ;;
+    *)
+        echo "Invalid option detected."
+        help_and_exit
+        ;;
+    esac
+    shift
+done
+
+ssh_cmd="ssh -oport=${ssh_port} -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -t $target_user@$target_destination"
+# ssh_root_cmd=$(echo "$ssh_cmd" | sed "s|${target_user}@|root@|") # uses @ in the sed switch to avoid it triggering on the $ssh_key value
+ssh_root_cmd=${ssh_cmd/${target_user}@/root@}
+
+scp_cmd="scp -oport=${ssh_port} -o StrictHostKeyChecking=no"
+
+git_root=$(git rev-parse --show-toplevel)
+
+green "Wiping known_hosts of $target_destination"
+sed -i "/$target_hostname/d; /$target_destination/d" ~/.ssh/known_hosts
+
+green "Generating hardware-config.nix for $target_hostname and adding it to the nix-config."
+$ssh_root_cmd "nixos-generate-config --no-filesystems --root /mnt"
+mkdir profiles/"$target_hostname"
+$scp_cmd root@"$target_destination":/mnt/etc/nixos/hardware-configuration.nix "${git_root}"/profiles/"$target_hostname"/hardware-configuration.nix
+
    +
    + + +
    +
    { writeShellApplication, openssh }:
+
+writeShellApplication {
+  name = "bootstrap";
+  runtimeInputs = [ openssh ];
+  text = builtins.readFile ../../scripts/bootstrap.sh;
+}
+
    +
    +
    +
    • -

    3.2.2. Overlays (additions, overrides, nixpkgs-stable)

    +

    4.2.2. Overlays (additions, overrides, nixpkgs-stable)

    This file now holds all of the "nixpkgs-changes" that I am using across the configurations. Most notable here are the modifications, where I am editing derivations according to my needs.

    + 
    { inputs, ... }: {
   additions = final: _prev: import ../pkgs { pkgs = final; };
@@ -2965,10 +3033,6 @@ This file now holds all of the "nixpkgs-changes" that I am using across the conf
       withSystemVencord = true;
     };
 
-    nerdfonts = _prev.nerdfonts.override {
-      fonts = [ "FiraMono" "FiraCode" "NerdFontsSymbolsOnly" ];
-    };
-
     firefox = _prev.firefox.override {
       nativeMessagingHosts = [
         _prev.tridactyl-native
@@ -3012,11 +3076,15 @@ This file now holds all of the "nixpkgs-changes" that I am using across the conf
    -

    3.2.3. Modules

    +

    4.2.3. Modules

    In this section I define custom modules under the swarsel attribute. These are mostly used to define settings specific to a host. I keep these settings confined to either home-manager or nixos to maintain compatibility with non-NixOS machines.

    + +

    +Note: The structure of generating the packages was changed in commit 2cf03a3 refactor: package and module generation. That commit can be checked out in order to see a simpler version of achieving the same thing. +

    1. NixOS
      @@ -3026,14 +3094,24 @@ Modules that need to be loaded on the NixOS level. Note that these will not be a

      -
      {
-  wallpaper = import ./wallpaper.nix;
-  hardware = import ./hardware.nix;
-  setup = import ./setup.nix;
-  impermanence = import ./impermanence.nix;
-  filesystem = import ./filesystem.nix;
-  input = import ./input.nix;
-}
+
      let
+  moduleNames = [
+    "wallpaper"
+    "hardware"
+    "setup"
+    "impermanence"
+    "filesystem"
+    "input"
+  ];
+
+  mkImports = names: builtins.listToAttrs (map (name: {
+    inherit name;
+    value = import ./${name}.nix;
+  }) names);
+
+in
+  mkImports moduleNames
+
    @@ -3119,8 +3197,8 @@ in
    -
  • Input
    -
    +
  • Input
    +
    { lib, ... }:
 let
@@ -3177,18 +3255,28 @@ This holds modules that are to be used on most hosts. These are also the most im
 
    
 
 
    
-
    {
-  laptop = import ./laptop.nix;
-  hardware = import ./hardware.nix;
-  monitors = import ./monitors.nix;
-  input = import ./input.nix;
-  nixos = import ./nixos.nix;
-  darwin = import ./darwin.nix;
-  waybar = import ./waybar.nix;
-  startup = import ./startup.nix;
-  wallpaper = import ./wallpaper.nix;
-  filesystem = import ./filesystem.nix;
-}
+
    let
+  moduleNames = [
+    "laptop"
+    "hardware"
+    "monitors"
+    "input"
+    "nixos"
+    "darwin"
+    "waybar"
+    "startup"
+    "wallpaper"
+    "filesystem"
+    "firefox"
+  ];
+
+  mkImports = names: builtins.listToAttrs (map (name: {
+    inherit name;
+    value = import ./${name}.nix;
+  }) names);
+
+in
+  mkImports moduleNames
    @@ -3435,12 +3523,13 @@ These are some extra options that will be used if the machine also runs NixOS. F
    • -
  • darwin
    -
    +
  • darwin
    +
    -
    { lib,  ... }:
+
    { lib, ... }:
 {
   options.swarselsystems.isDarwin = lib.mkEnableOption "darwin host";
+
 }
    @@ -3523,6 +3612,166 @@ Another duplicated option for the filesystem. { options.swarselsystems.isBtrfs = lib.mkEnableOption "use btrfs filesystem"; +} + +
    + +
    • +
  • firefox
    +
    +
    +
    { lib, pkgs, ... }:
+  let
+    lock-false = {
+      Value = false;
+      Status = "locked";
+    };
+    lock-true = {
+      Value = true;
+      Status = "locked";
+    };
+  in
+{
+  options.swarselsystems.firefox = lib.mkOption {
+    type = lib.types.attrs;
+    default = {
+      isDefault = false;
+      userChrome = builtins.readFile ../../programs/firefox/chrome/userChrome.css;
+      extensions = with pkgs.nur.repos.rycee.firefox-addons; [
+        tridactyl
+        tampermonkey
+        sidebery
+        browserpass
+        clearurls
+        darkreader
+        enhancer-for-youtube
+        istilldontcareaboutcookies
+        translate-web-pages
+        ublock-origin
+        reddit-enhancement-suite
+        sponsorblock
+        web-archives
+        onepassword-password-manager
+        single-file
+        widegithub
+        enhanced-github
+        unpaywall
+        don-t-fuck-with-paste
+        plasma-integration
+        (buildFirefoxXpiAddon {
+          pname = "shortkeys";
+          version = "4.0.2";
+          addonId = "Shortkeys@Shortkeys.com";
+          url = "https://addons.mozilla.org/firefox/downloads/file/3673761/shortkeys-4.0.2.xpi";
+          sha256 = "c6fe12efdd7a871787ac4526eea79ecc1acda8a99724aa2a2a55c88a9acf467c";
+          meta = with lib;
+            {
+              description = "Easily customizable custom keyboard shortcuts for Firefox. To configure this addon go to Addons (ctrl+shift+a) ->Shortkeys ->Options. Report issues here (please specify that the issue is found in Firefox): https://github.com/mikecrittenden/shortkeys";
+              mozPermissions = [
+                "tabs"
+                "downloads"
+                "clipboardWrite"
+                "browsingData"
+                "storage"
+                "bookmarks"
+                "sessions"
+                "<all_urls>"
+              ];
+              platforms = platforms.all;
+            };
+        })
+      ];
+
+      settings =
+        {
+          "extensions.autoDisableScopes" = 0;
+          "browser.bookmarks.showMobileBookmarks" = lock-true;
+          "toolkit.legacyUserProfileCustomizations.stylesheets" = lock-true;
+          "browser.search.suggest.enabled" = lock-false;
+          "browser.search.suggest.enabled.private" = lock-false;
+          "browser.urlbar.suggest.searches" = lock-false;
+          "browser.urlbar.showSearchSuggestionsFirst" = lock-false;
+          "browser.topsites.contile.enabled" = lock-false;
+          "browser.newtabpage.activity-stream.feeds.section.topstories" = lock-false;
+          "browser.newtabpage.activity-stream.feeds.snippets" = lock-false;
+          "browser.newtabpage.activity-stream.section.highlights.includePocket" = lock-false;
+          "browser.newtabpage.activity-stream.section.highlights.includeBookmarks" = lock-false;
+          "browser.newtabpage.activity-stream.section.highlights.includeDownloads" = lock-false;
+          "browser.newtabpage.activity-stream.section.highlights.includeVisited" = lock-false;
+          "browser.newtabpage.activity-stream.showSponsored" = lock-false;
+          "browser.newtabpage.activity-stream.system.showSponsored" = lock-false;
+          "browser.newtabpage.activity-stream.showSponsoredTopSites" = lock-false;
+        };
+
+      search = {
+        default = "Kagi";
+        privateDefault = "Kagi";
+        engines = {
+          "Kagi" = {
+            urls = [{
+              template = "https://kagi.com/search";
+              params = [
+                { name = "q"; value = "{searchTerms}"; }
+              ];
+            }];
+            iconUpdateURL = "https://kagi.com/favicon.ico";
+            updateInterval = 24 * 60 * 60 * 1000; # every day
+            definedAliases = [ "@k" ];
+          };
+
+          "Nix Packages" = {
+            urls = [{
+              template = "https://search.nixos.org/packages";
+              params = [
+                { name = "type"; value = "packages"; }
+                { name = "query"; value = "{searchTerms}"; }
+              ];
+            }];
+            icon = "${pkgs.nixos-icons}/share/icons/hicolor/scalable/apps/nix-snowflake.svg";
+            definedAliases = [ "@np" ];
+          };
+
+          "NixOS Wiki" = {
+            urls = [{
+              template = "https://nixos.wiki/index.php?search={searchTerms}";
+            }];
+            iconUpdateURL = "https://nixos.wiki/favicon.png";
+            updateInterval = 24 * 60 * 60 * 1000; # every day
+            definedAliases = [ "@nw" ];
+          };
+
+          "NixOS Options" = {
+            urls = [{
+              template = "https://search.nixos.org/options";
+              params = [
+                { name = "query"; value = "{searchTerms}"; }
+              ];
+            }];
+
+            icon = "${pkgs.nixos-icons}/share/icons/hicolor/scalable/apps/nix-snowflake.svg";
+            definedAliases = [ "@no" ];
+          };
+
+          "Home Manager Options" = {
+            urls = [{
+              template = "https://home-manager-options.extranix.com/";
+              params = [
+                { name = "query"; value = "{searchTerms}"; }
+              ];
+            }];
+
+            icon = "${pkgs.nixos-icons}/share/icons/hicolor/scalable/apps/nix-snowflake.svg";
+            definedAliases = [ "@hm" "@ho" "@hmo" ];
+          };
+
+          "Google".metaData.alias = "@g";
+        };
+        force = true; # this is required because otherwise the search.json.mozlz4 symlink gets replaced on every firefox restart
+      };
+    };
+  };
+
+
 }
    @@ -3534,22 +3783,22 @@ Another duplicated option for the filesystem.
    -

    3.3. NixOS

    +

    4.3. NixOS

    Here we have NixOS options. All options are split into smaller files that are loaded by the general default.nix. Common files are used by all user hosts equally, optionals need to be added to the machine's default.nix on a case-by-case basis.

    -

    3.3.1. Common

    +

    4.3.1. Common

    These are system-level settings specific to NixOS machines. All settings that are required on all machines go here.

      -
    1. Imports, non-server settings
      -
      +
    2. Imports, non-server settings
      +

      This section is for setting things that should be used on hosts that are using the default NixOS configuration. This means that servers should NOT import this, as much of these imported modules are user-configured.

      @@ -3592,7 +3841,7 @@ This section is for setting things that should be used on hosts that are using t ./sway.nix ./xdg-portal.nix # ./yubikey-touch-detector.nix - ./safeeyes.nix + # ./safeeyes.nix ./distrobox.nix ./lid.nix ]; @@ -3608,8 +3857,8 @@ This section is for setting things that should be used on hosts that are using t
    • -
  • General NixOS settings (enable home-manager module, stateVersion)
    -
    +
  • General NixOS settings (enable home-manager module, stateVersion)
    +

    Also, we disable the warnings that trigger when rebuilding with a dirty flake. At this point, I am also disabling channels and pinning the flake registry - the latter lets me use the local version of nixpkgs for commands like nix shell (without it, we will always download the newest version of nixpkgs for these commands).

    @@ -3631,6 +3880,7 @@ Also, the system state version is set here. No need to touch it. "nix-command" "flakes" "ca-derivations" + "pipe-operators" ]; trusted-users = [ "swarsel" ]; flake-registry = ""; @@ -3649,8 +3899,124 @@ Also, the system state version is set here. No need to touch it.
    • -
  • Setup home-manager
    -
    +
  • System Packages
    +
    +

    +Mostly used to install some compilers and lsp's that I want to have available when not using a devShell flake. Most other packages should go in Installed packages. +

    + +
    +
    { pkgs, ... }:
+{
+  environment.systemPackages = with pkgs; [
+    # yubikey packages
+    gnupg
+    yubikey-personalization
+    yubikey-personalization-gui
+    yubico-pam
+    yubioath-flutter
+    yubikey-manager
+    yubikey-manager-qt
+    yubikey-touch-detector
+    yubico-piv-tool
+    cfssl
+    pcsctools
+    pcscliteWithPolkit.out
+
+    # ledger packages
+    ledger-live-desktop
+
+    # pinentry
+    dbus
+    swaylock-effects
+    syncthingtray-minimal
+
+    # secure boot
+    sbctl
+
+    nix-index
+
+    # better make for general tasks
+    just
+
+    # keyboards
+    qmk
+    vial
+    via
+
+    # theme related
+    adwaita-icon-theme
+
+    # kde-connect
+    xdg-desktop-portal
+    xdg-desktop-portal-wlr
+
+    # bluetooth
+    bluez
+
+    # lsp-related -------------------------------
+    # nix
+    # latex
+    texlab
+    ghostscript_headless
+    # wireguard
+    wireguard-tools
+    # rust
+    rust-analyzer
+    clippy
+    rustfmt
+    # go
+    go
+    gopls
+    # nix
+    nixd
+    # zig
+    zig
+    zls
+    # cpp
+    clang-tools
+    # + cuda
+    cudatoolkit
+    # ansible
+    ansible-lint
+    ansible-language-server
+    molecule
+    #lsp-bridge / python
+    gcc
+    gdb
+    (python3.withPackages (ps: with ps; [ jupyter ipython pyqt5 epc orjson sexpdata six setuptools paramiko numpy pandas scipy matplotlib requests debugpy flake8 gnureadline python-lsp-server ]))
+    # (python3.withPackages(ps: with ps; [ jupyter ipython pyqt5 numpy pandas scipy matplotlib requests debugpy flake8 gnureadline python-lsp-server]))
+    # --------------------------------------------
+
+    (stdenv.mkDerivation {
+      name = "oama";
+
+      src = pkgs.fetchurl {
+        name = "oama";
+        url = "https://github.com/pdobsan/oama/releases/download/0.13.1/oama-0.13.1-Linux-x86_64-static.tgz";
+        sha256 = "sha256-OTdCObVfnMPhgZxVtZqehgUXtKT1iyqozdkPIV+i3Gc=";
+      };
+
+      phases = [
+        "unpackPhase"
+      ];
+
+      unpackPhase = ''
+        mkdir -p $out/bin
+        tar xvf $src -C $out/
+        mv $out/oama-0.13.1-Linux-x86_64-static/oama $out/bin/
+      '';
+
+    })
+
+  ];
+}
+
    +
    +
    +
    • +
  • Setup home-manager
    +

    First, we enable the use of home-manager as a NixoS modul.

    @@ -3688,7 +4054,7 @@ Next, we setup the keymap in case we are not in a graphical session. At this poi
    • -
  • Make users non-mutable
    +
  • User setup, Make users non-mutable

    This ensures that all user-configuration happens here in the config file. @@ -3705,7 +4071,7 @@ This ensures that all user-configuration happens here in the config file. isNormalUser = true; description = "Leon S"; hashedPasswordFile = lib.mkIf (!config.swarselsystems.initialSetup) config.sops.secrets.swarseluser.path; - extraGroups = [ "networkmanager" "syncthing" "docker" "wheel" "lp" "audio" "video" "vboxusers" "scanner" ]; + extraGroups = [ "networkmanager" "syncthing" "docker" "wheel" "lp" "audio" "video" "vboxusers" "libvirtd" "scanner" ]; packages = with pkgs; [ ]; }; }; @@ -4168,7 +4534,7 @@ Setup timezone and locale. I want to use the US layout, but have the rest adapte { time = { timeZone = "Europe/Vienna"; - hardwareClockInLocalTime = true; + # hardwareClockInLocalTime = true; }; i18n = { @@ -4276,12 +4642,12 @@ By default, stylix wants to style

    -
    { pkgs, home-manager, config, ... }:
+
    { self, pkgs, home-manager, config, ... }:
 {
   stylix = {
 
     enable = true;
-    base16Scheme = ../../../wallpaper/swarsel.yaml;
+    base16Scheme = "${self}/wallpaper/swarsel.yaml";
     # base16Scheme = "${pkgs.base16-schemes}/share/themes/shapeshifter.yaml";
     polarity = "dark";
     opacity.popups = 0.5;
@@ -4314,7 +4680,8 @@ By default, stylix wants to style
       };
 
       monospace = {
-        package = pkgs.nerdfonts; # has overrides
+        package = pkgs.nerd-fonts.fira-mono; # has overrides
+
         name = "FiraCode Nerd Font Mono";
       };
 
@@ -4340,118 +4707,6 @@ By default, stylix wants to style
    • -
  • System Packages
    -
    -

    -Mostly used to install some compilers and lsp's that I want to have available when not using a devShell flake. Most other packages should go in Installed packages. -

    - -
    -
    { pkgs, ... }:
-{
-  environment.systemPackages = with pkgs; [
-    # yubikey packages
-    gnupg
-    yubikey-personalization
-    yubikey-personalization-gui
-    yubico-pam
-    yubioath-flutter
-    yubikey-manager
-    yubikey-manager-qt
-    yubikey-touch-detector
-    yubico-piv-tool
-    cfssl
-    pcsctools
-    pcscliteWithPolkit.out
-
-    # ledger packages
-    ledger-live-desktop
-
-    # pinentry
-    dbus
-    swaylock-effects
-    syncthingtray-minimal
-
-    # secure boot
-    sbctl
-
-    nix-index
-
-    # keyboards
-    qmk
-    vial
-    via
-
-    # theme related
-    adwaita-icon-theme
-
-    # kde-connect
-    xdg-desktop-portal
-    xdg-desktop-portal-wlr
-
-    # bluetooth
-    bluez
-
-    # lsp-related -------------------------------
-    # nix
-    # latex
-    texlab
-    ghostscript_headless
-    # wireguard
-    wireguard-tools
-    # rust
-    rust-analyzer
-    clippy
-    rustfmt
-    # go
-    go
-    gopls
-    # zig
-    zig
-    zls
-    # cpp
-    clang-tools
-    # + cuda
-    cudatoolkit
-    # ansible
-    ansible_2_15
-    ansible-lint
-    ansible-language-server
-    molecule
-    #lsp-bridge / python
-    gcc
-    gdb
-    (python3.withPackages (ps: with ps; [ jupyter ipython pyqt5 epc orjson sexpdata six setuptools paramiko numpy pandas scipy matplotlib requests debugpy flake8 gnureadline python-lsp-server ]))
-    # (python3.withPackages(ps: with ps; [ jupyter ipython pyqt5 numpy pandas scipy matplotlib requests debugpy flake8 gnureadline python-lsp-server]))
-    # --------------------------------------------
-
-    (stdenv.mkDerivation {
-      name = "oama";
-
-      src = pkgs.fetchurl {
-        name = "oama";
-        url = "https://github.com/pdobsan/oama/releases/download/0.13.1/oama-0.13.1-Linux-x86_64-static.tgz";
-        sha256 = "sha256-OTdCObVfnMPhgZxVtZqehgUXtKT1iyqozdkPIV+i3Gc=";
-      };
-
-      phases = [
-        "unpackPhase"
-      ];
-
-      unpackPhase = ''
-        mkdir -p $out/bin
-        tar xvf $src -C $out/
-        mv $out/oama-0.13.1-Linux-x86_64-static/oama $out/bin/
-      '';
-
-    })
-
-  ];
-}
-
    -
    -
    -
  • Programs (including zsh setup)

    @@ -4827,7 +5082,6 @@ When a program does not work, start with nix-ldd <program>. T SDL_mixer SDL_ttf alsa-lib - alsaLib at-spi2-atk at-spi2-core atk @@ -4895,7 +5149,7 @@ When a program does not work, start with nix-ldd <program>. T pixman speex stdenv.cc.cc - steamPackages.steam-fhsenv-without-steam + steam-fhsenv-without-steam systemd tbb vulkan-loader @@ -5149,8 +5403,8 @@ A friend of mine used this service and I used to make fun of him. But I have to

    • -
  • Podmam (distrobox)
    -
    +
  • Podmam (distrobox)
    +

    I am using distrobox to quickly circumvent isses that I cannot immediately solve on NixOS. It is always the goal to quickly get things working on NixOS, but this prevents me from getting completely stuck.

    @@ -5172,8 +5426,8 @@ I am using distrobox to quickly circumvent isses that I cannot immediately solve
    • -
  • Handle lid switch correctly
    -
    +
  • Handle lid switch correctly
    +

    This turns off the display when the lid is closed.

    @@ -5211,13 +5465,13 @@ This turns off the display when the lid is closed.
    • -
    -

    3.3.2. Server

    -
    +
    +

    4.3.2. Server

    +
      -
    1. Imports
      -
      +
    2. Imports
      +

      First, we enable the use of home-manager as a NixoS module.

      @@ -5273,8 +5527,8 @@ in
    -
  • General NixOS Server settings
    -
    +
  • General NixOS Server settings
    +
    { lib, config, ... }:
 {
@@ -5286,7 +5540,13 @@ in
     config.swarselsystems.shellAliases;
 
   nixpkgs.config.permittedInsecurePackages = [
+    # matrix
     "olm-3.2.16"
+    # sonarr
+    "aspnetcore-runtime-wrapped-6.0.36"
+    "aspnetcore-runtime-6.0.36"
+    "dotnet-sdk-wrapped-6.0.428"
+    "dotnet-sdk-6.0.428"
   ];
 
 }
@@ -5294,8 +5554,8 @@ in
    • -
  • System Packages
    -
    +
  • System Packages
    +
    { pkgs, ... }:
 {
@@ -5311,8 +5571,8 @@ in
    • -
  • sops
    -
    +
  • sops
    +
    { config, ... }:
 {
@@ -5327,8 +5587,8 @@ in
    • -
  • nfs/samba (smb)
    -
    +
  • nfs/samba (smb)
    +
    { pkgs, ... }:
 {
@@ -5383,8 +5643,8 @@ in
    • -
  • NGINX
    -
    +
  • NGINX
    +
    { pkgs, config, ... }:
 {
@@ -5425,22 +5685,21 @@ in
    • -
  • ssh
    -
    +
  • ssh
    +
    { self, ... }:
 {
   services.openssh = {
     enable = true;
-    settings.PermitRootLogin = "yes";
   };
   users.users.swarsel.openssh.authorizedKeys.keyFiles = [
-    (self + /secrets/keys/authorized_keys)
-    (self + /secrets/keys/magicant.pub)
+    (self + /secrets/keys/ssh/nbl-imba-2.pub)
+    (self + /secrets/keys/ssh/magicant.pub)
   ];
   users.users.root.openssh.authorizedKeys.keyFiles = [
-    (self + /secrets/keys/authorized_keys)
-    (self + /secrets/keys/magicant.pub)
+    (self + /secrets/keys/ssh/nbl-imba-2.pub)
+    (self + /secrets/keys/ssh/magicant.pub)
   ];
 
 }
@@ -5448,8 +5707,8 @@ in
    • -
  • kavita
    -
    +
  • kavita
    +
    { pkgs, lib, config, ... }:
 {
@@ -5497,8 +5756,8 @@ in
    • -
  • jellyfin
    -
    +
  • jellyfin
    +
    { pkgs, lib, config, ... }:
 {
@@ -5548,10 +5807,13 @@ in
    • -
  • navidrome
    -
    +
  • navidrome
    +
    -
    { pkgs, lib, config, ... }:
+
    { pkgs, lib, inputs, config, ... }:
+let
+  secretsDirectory = builtins.toString inputs.nix-secrets;
+in
 {
   config = lib.mkIf config.swarselsystems.server.navidrome {
     environment.systemPackages = with pkgs; [
@@ -5608,10 +5870,10 @@ in
         };
         # Switch using --impure as these credential files are not stored within the flake
         # sops-nix is not supported for these which is why we need to resort to these
-        LastFM.ApiKey = builtins.readFile /home/swarsel/api/lastfm-secret;
-        LastFM.Secret = builtins.readFile /home/swarsel/api/lastfm-key;
-        Spotify.ID = builtins.readFile /home/swarsel/api/spotify-id;
-        Spotify.Secret = builtins.readFile /home/swarsel/api/spotify-secret;
+        LastFM.ApiKey = builtins.readFile "${secretsDirectory}/navidrome/lastfm-secret";
+        LastFM.Secret = builtins.readFile "${secretsDirectory}/navidrome/lastfm-key";
+        Spotify.ID = builtins.readFile "${secretsDirectory}/navidrome/spotify-id";
+        Spotify.Secret = builtins.readFile "${secretsDirectory}/navidrome/spotify-secret";
         UILoginBackgroundUrl = "https://i.imgur.com/OMLxi7l.png";
         UIWelcomeMessage = "~SwarselSound~";
       };
@@ -5648,8 +5910,8 @@ in
    • -
  • spotifyd
    -
    +
  • spotifyd
    +
    { lib, config, ... }:
 {
@@ -5689,8 +5951,8 @@ in
    • -
  • mpd
    -
    +
  • mpd
    +
    { pkgs, lib, config, ... }:
 {
@@ -5747,8 +6009,8 @@ in
    • -
  • matrix
    -
    +
  • matrix
    +
    { config, lib, pkgs, sops, ... }:
 let
@@ -6072,8 +6334,8 @@ in
    • -
  • nextcloud
    -
    +
  • nextcloud
    +
    { pkgs, lib, config, ... }:
 {
@@ -6122,8 +6384,8 @@ in
    • -
  • immich
    -
    +
  • immich
    +
    { lib, config, ... }:
 {
@@ -6178,8 +6440,8 @@ in
    • -
  • paperless
    -
    +
  • paperless
    +
    { lib, config, ... }:
 {
@@ -6235,8 +6497,8 @@ in
    • -
  • transmission
    -
    +
  • transmission
    +
    { pkgs, lib, config, ... }:
 {
@@ -6375,8 +6637,8 @@ in
    • -
  • syncthing
    -
    +
  • syncthing
    +
    { lib, config, ... }:
 {
@@ -6492,8 +6754,8 @@ in
    • -
  • restic
    -
    +
  • restic
    +
    { lib, config, ... }:
 {
@@ -6507,8 +6769,8 @@ in
    • -
  • monitoring
    -
    +
  • monitoring
    +
    { self, lib, config, ... }:
 {
@@ -6674,8 +6936,8 @@ in
    • -
  • Jenkins
    -
    +
  • Jenkins
    +
    { pkgs, lib, config, ... }:
 {
@@ -6716,8 +6978,8 @@ in
    • -
  • Emacs (RSS Server)
    -
    +
  • Emacs (RSS Server)
    +
    { lib, config, ... }:
 {
@@ -6757,13 +7019,13 @@ in
    • -
    -

    3.3.3. Darwin

    -
    +
    +

    4.3.3. Darwin

    +
      -
    1. Imports
      -
      +
    2. Imports
      +

      This section sets up all the imports that are used in the home-manager section.

      @@ -6775,13 +7037,13 @@ let in { imports = [ - "${profilesPath}/common/nixos/home-manager.nix" + "${profilesPath}/nixos/home-manager.nix" ]; nix.settings.experimental-features = "nix-command flakes"; nixpkgs = { hostPlatform = "x86_64-darwin"; - inherit (outputs) overlays; + overlays = outputs.overlaysList; config = { allowUnfree = true; }; @@ -6796,7 +7058,7 @@ in
    -

    3.3.4. Optional

    +

    4.3.4. Optional

    These sets of configuration do not need to be deployed on every host, for a multitude of reasons. @@ -6820,34 +7082,38 @@ This opens a few gaming ports and installs the steam configuration suite for gam 

    { pkgs, ... }:
 {
-  networking = {
-    firewall = {
-      allowedUDPPorts = [ 4380 27036 14242 34197 ]; # 34197: factorio; 4380 27036 14242: barotrauma;
-      allowedTCPPorts = [ ]; # 34197: factorio; 4380 27036 14242: barotrauma; 51820: wireguard
-      allowedTCPPortRanges = [
-        { from = 27015; to = 27030; } # barotrauma
-        { from = 27036; to = 27037; } # barotrauma
-      ];
-      allowedUDPPortRanges = [
-        { from = 27000; to = 27031; } # barotrauma
-        { from = 58962; to = 58964; } # barotrauma
+  specialisation = {
+    gaming.configuration = {
+      networking = {
+        firewall = {
+          allowedUDPPorts = [ 4380 27036 14242 34197 ]; # 34197: factorio; 4380 27036 14242: barotrauma;
+          allowedTCPPorts = [ ]; # 34197: factorio; 4380 27036 14242: barotrauma; 51820: wireguard
+          allowedTCPPortRanges = [
+            { from = 27015; to = 27030; } # barotrauma
+            { from = 27036; to = 27037; } # barotrauma
+          ];
+          allowedUDPPortRanges = [
+            { from = 27000; to = 27031; } # barotrauma
+            { from = 58962; to = 58964; } # barotrauma
+          ];
+        };
+      };
+
+      programs.steam = {
+        enable = true;
+        extraCompatPackages = [
+          pkgs.proton-ge-bin
+        ];
+      };
+
+      hardware.xone.enable = true;
+
+      environment.systemPackages = [
+        pkgs.linuxKernel.packages.linux_6_12.xone
       ];
     };
   };
 
-  programs.steam = {
-    enable = true;
-    extraCompatPackages = [
-      pkgs.proton-ge-bin
-    ];
-  };
-
-  hardware.xone.enable = true;
-
-  environment.systemPackages = [
-    linuxKernel.packages.linux_6_10.xone
-  ];
-
 }
 
 
@@ -6858,29 +7124,37 @@ This opens a few gaming ports and installs the steam configuration suite for gam
 
  • VirtualBox
    
 
    
 
    
-This sets the VirtualBox configuration. Guest should not be enabled if not direly needed, it will make rebuilds unbearably slow.
+This sets the VirtualBox configuration. Guest should not be enabled if not direly needed, it will make rebuilds unbearably slow. I only use this privately to run an old editor that does not run well under wine, so I put it into it's own specialisation.
 
    
 
 
    
-
    _:
+
    { lib, pkgs, ... }:
 {
-  virtualisation.virtualbox = {
-    host = {
-      enable = true;
-      enableExtensionPack = true;
-    };
-    # leaving this here for future notice. setting guest.enable = true will make 'restarting sysinit-reactivation.target' take till timeout on nixos-rebuild switch
-    guest = {
-      enable = false;
+
+  specialisation = {
+    VBox.configuration = {
+      virtualisation.virtualbox = {
+        host = {
+          enable = true;
+          enableExtensionPack = true;
+        };
+        # leaving this here for future notice. setting guest.enable = true will make 'restarting sysinit-reactivation.target' take till timeout on nixos-rebuild switch
+        guest = {
+          enable = false;
+        };
+      };
+      # run an older kernel to provide compatibility with windows vm
+      boot.kernelPackages = lib.mkForce pkgs.linuxPackages;
     };
   };
+
 }
 
    
 
    
 
    
 
    • 
-
  • VmWare
    
-
    
+
  • VmWare
    
+
    
 
    
 This sets the VirtualBox configuration. Guest should not be enabled if not direly needed, it will make rebuilds unbearably slow.
 
    
@@ -6986,17 +7260,21 @@ in
     };
   };
 
+  networking.firewall.trustedInterfaces = [ "virbr0" ];
+
   virtualisation = {
     docker.enable = true;
+    spiceUSBRedirection.enable = true;
     libvirtd = {
       enable = true;
       qemu = {
         package = pkgs.qemu_kvm;
         runAsRoot = true;
         swtpm.enable = true;
+        vhostUserPackages = with pkgs; [ virtiofsd ];
         ovmf = {
           enable = true;
-          packages = [(pkgs.OVMF.override {
+          packages = [(pkgs.OVMFFull.override {
             secureBoot = true;
             tpmSupport = true;
           }).fd];
@@ -7017,10 +7295,21 @@ in
     libisoburn
     govc
     terraform
+
+    # vm
+    virt-manager
+    virt-viewer
+    virtiofsd
+    spice
+    spice-gtk
+    spice-protocol
+    win-virtio
+    win-spice
   ];
 
 
   services = {
+    spice-vdagentd.enable = true;
     openssh = {
       enable = true;
       extraConfig = ''
@@ -7053,6 +7342,78 @@ in
     };
   };
 
+}
+
    • +
    +
    + +
  • Minimal Install
    +
    +

    +These options are really only to be used on the iso image in order to run nixos-anywhere. +

    + +
    +
    { lib, pkgs, ... }:
+{
+
+  nix.settings = {
+    experimental-features = [ "nix-command" "flakes" ];
+    warn-dirty = false;
+  };
+
+  boot = {
+    # initrd.systemd.enable = true;
+    kernelPackages = pkgs.linuxPackages_latest;
+    supportedFilesystems = lib.mkForce [ "brtfs" "vfat" ];
+    loader = {
+      efi.canTouchEfiVariables = true;
+      systemd-boot = {
+        enable = true;
+        configurationLimit = lib.mkDefault 5;
+        consoleMode = lib.mkDefault "max";
+      };
+    };
+  };
+
+  services = {
+    qemuGuest.enable = true;
+    openssh = {
+      enable = true;
+      ports = lib.mkDefault [ 22 ];
+      settings.PermitRootLogin = "yes";
+      authorizedKeysFiles = lib.mkForce [
+        "/etc/ssh/authorized_keys.d/%u"
+      ];
+    };
+  };
+
+  security.pam = {
+    sshAgentAuth.enable = true;
+    services = {
+      sudo.u2fAuth = true;
+    };
+  };
+
+  environment.systemPackages = with pkgs; [
+    curl
+    rsync
+    ssh-to-age
+    sops
+    vim
+    just
+  ];
+
+  programs = {
+    git.enable = true;
+    zsh.enable = lib.mkDefault true;
+  };
+
+  fileSystems."/boot".options = [ "umask=0077" ];
+
+  networking.networkmanager.enable = true;
+
+
 }
    @@ -7062,14 +7423,14 @@ in
    • -

    3.4. Home-manager

    +

    4.4. Home-manager

    The general structure is the same as in the NixOS section.

    -

    3.4.1. Common

    +

    4.4.1. Common

      @@ -7122,8 +7483,8 @@ This section sets up all the imports that are used in the home-manager section.
    -
  • General home-manager-settings
    -
    +
  • General home-manager-settings
    +

    Again, we adapt nix to our needs, enable the home-manager command for non-NixOS machines (NixOS machines are using it as a module) and setting user information that I always keep the same.

    @@ -7138,6 +7499,7 @@ Again, we adapt nix to our needs, enable the home-manager command f "nix-command" "flakes" "ca-derivations" + "pipe-operators" ]; }; }; @@ -7208,7 +7570,10 @@ This holds packages that I can use as provided, or with small modifications (as nmap lsof nvd + nh + nix-output-monitor hyprpicker # color picker + findutils # nix alejandra @@ -7217,6 +7582,9 @@ This holds packages that I can use as provided, or with small modifications (as statix nix-tree + # shellscripts + shfmt + # local file sharing wormhole-rs @@ -7325,7 +7693,9 @@ This holds packages that I can use as provided, or with small modifications (as }) # font stuff - nerdfonts # has overrides + nerd-fonts.fira-mono + nerd-fonts.fira-code + nerd-fonts.symbols-only noto-fonts-emoji font-awesome_5 noto-fonts @@ -7361,6 +7731,7 @@ This is just a separate container for derivations defined in
    -
    { lib, config, pkgs, ... }:
+
    { self, lib, config, pkgs, ... }:
 {
   stylix = lib.mkIf (!config.swarselsystems.isNixos) {
 
     enable = true;
-    base16Scheme = ../../../wallpaper/swarsel.yaml;
+    base16Scheme = "${self}/wallpaper/swarsel.yaml";
     # base16Scheme = "${pkgs.base16-schemes}/share/themes/shapeshifter.yaml";
     polarity = "dark";
     opacity.popups = 0.5;
@@ -7555,7 +7926,8 @@ This section has been notably empty ever since switching to stylix. Only Emacs i
       };
 
       monospace = {
-        package = pkgs.nerdfonts; # has overrides
+        package = pkgs.nerd-fonts.fira-mono; # has overrides
+
         name = "FiraCode Nerd Font Mono";
       };
 
@@ -7862,7 +8234,7 @@ Eza provides me with a better ls command and some other useful alia
 {
   programs.eza = {
     enable = true;
-    icons = true;
+    icons = "auto";
     git = true;
     extraOptions = [
       "-l"
@@ -8226,8 +8598,8 @@ Here we set some aliases (some of them should be shellApplications instead) as w
    • -
  • zellij
    -
    +
  • zellij
    +
    _:
 # { pkgs, config, ... }:
@@ -8434,8 +8806,8 @@ Here we set some aliases (some of them should be shellApplications instead) as w
    • -
  • tmux
    -
    +
  • tmux
    +
       { pkgs, ... }:
@@ -8712,10 +9084,26 @@ Lastly, I am defining some more packages here that the parser has problems findi
         epkgs.use-package
         # epkgs.lsp-bridge
         epkgs.doom-themes
+        epkgs.vterm
+        epkgs.treesit-grammars.with-all-grammars
 
         # build the rest of the packages myself
         # org-calfw is severely outdated on MELPA and throws many warnings on emacs startup
         # build the package from the haji-ali fork, which is well-maintained
+
+        (epkgs.trivialBuild rec {
+          pname = "eglot-booster";
+          version = "main-29-10-2024";
+
+          src = pkgs.fetchFromGitHub {
+            owner = "jdtsmith";
+            repo = "eglot-booster";
+            rev = "e6daa6bcaf4aceee29c8a5a949b43eb1b89900ed";
+            hash = "sha256-PLfaXELkdX5NZcSmR1s/kgmU16ODF8bn56nfTh9g6bs=";
+          };
+
+          packageRequires = [ epkgs.jsonrpc epkgs.eglot ];
+        })
         (epkgs.trivialBuild rec {
           pname = "calfw";
           version = "1.0.0-20231002";
@@ -9207,6 +9595,7 @@ in
       extensions = with pkgs.nur.repos.rycee.firefox-addons; [
         tridactyl
         tampermonkey
+        sidebery
         browserpass
         clearurls
         darkreader
@@ -9819,13 +10208,13 @@ This service changes the screen hue at night. I am not sure if that really does
    • -
    -

    3.4.2. Server

    -
    +
    +

    4.4.2. Server

    +
      -
    1. Imports
      -
      +
    2. Imports
      +

      This section sets up all the imports that are used in the home-manager section.

      @@ -9845,8 +10234,8 @@ in
    -
  • Linking dotfiles
    -
    +
  • Linking dotfiles
    +

    This section should be used in order to symlink already existing configuration files using `home.file` and setting session variables using `home.sessionVariables`.

    @@ -9871,13 +10260,13 @@ As for the `home.sessionVariables`, it should be noted that environment variable
    • -
    -

    3.4.3. Darwin

    -
    +
    +

    4.4.3. Darwin

    +
      -
    1. Imports
      -
      +
    2. Imports
      +

      This section sets up all the imports that are used in the home-manager section.

      @@ -9899,7 +10288,7 @@ in
    -

    3.4.4. Optional

    +

    4.4.4. Optional

    Akin to the optional NixOS modules. @@ -9915,28 +10304,32 @@ The rest of the settings is at 

    { pkgs, ... }:
 {
-  home.packages = with pkgs; [
-    stable.lutris
-    wine
-    libudev-zero
-    dwarfs
-    fuse-overlayfs
-    # steam
-    # steam-run
-    patchelf
-    gamescope
-    vulkan-tools
-    moonlight-qt
-    ns-usbloader
+  # specialisation = {
+  #   gaming.configuration = {
+      home.packages = with pkgs; [
+        stable.lutris
+        wine
+        libudev-zero
+        dwarfs
+        fuse-overlayfs
+        # steam
+        # steam-run
+        patchelf
+        gamescope
+        vulkan-tools
+        moonlight-qt
+        ns-usbloader
 
-    quark-goldleaf
-    # gog games installing
-    heroic
+        quark-goldleaf
+        # gog games installing
+        heroic
 
-    # minecraft
-    prismlauncher # has overrides
-    temurin-bin-17
-  ];
+        # minecraft
+        prismlauncher # has overrides
+        temurin-bin-17
+      ];
+  #   };
+  # };
 }
    @@ -9950,8 +10343,7 @@ The rest of the settings is at
    -
    { pkgs, ... }:
-
+
    { config, pkgs, lib, ... }:
 {
   home.packages = with pkgs; [
     stable.teams-for-linux
@@ -10007,237 +10399,9 @@ The rest of the settings is at
    -
    -

    3.5. flake.nix template

    -
    -

    -This sections puts together the flake.nix file from the Noweb-Ref blocks section. -

    -
    -
    -

    3.5.1. flake.nix

    -
    -

    -This tangles the flake.nix file; This block only needs to be touched when updating the general structure of the flake. For everything else, see the respective noweb-ref block. -

    - -
    -
    -{
-  description = "SwarseFlake - Nix Flake for all SwarselSystems";
-
-  nixConfig = {
-    extra-substituters = [
-      "https://nix-community.cachix.org"
-      "https://cache.ngi0.nixos.org/"
-    ];
-
-    extra-trusted-public-keys = [
-      "nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
-      "cache.ngi0.nixos.org-1:KqH5CBLNSyX184S9BKZJo1LxrxJ9ltnY2uAs5c/f1MA="
-    ];
-  };
-
-  inputs = {
-
-    nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable";
-
-    nixpkgs-stable.url = "github:NixOS/nixpkgs/nixos-24.05";
-
-    systems.url = "github:nix-systems/default-linux";
-
-    # user-level configuration
-    home-manager = {
-      url = "github:nix-community/home-manager";
-      inputs.nixpkgs.follows = "nixpkgs";
-    };
-
-    # overlay to access bleeding edge emacs
-    emacs-overlay = {
-      url = "github:nix-community/emacs-overlay";
-      inputs.nixpkgs.follows = "nixpkgs";
-    };
-
-    # nix user repository
-    # i use this mainly to not have to build all firefox extensions
-    # myself as well as for the emacs-init package (tbd)
-    nur.url = "github:nix-community/NUR";
-
-    # provides GL to non-NixOS hosts
-    nixgl.url = "github:guibou/nixGL";
-
-    # manages all theming using Home-Manager
-    stylix.url = "github:danth/stylix";
-
-    # nix secrets management
-    sops-nix.url = "github:Mic92/sops-nix";
-
-    # enable secure boot on NixOS
-    lanzaboote.url = "github:nix-community/lanzaboote";
-
-    # nix for android
-    nix-on-droid = {
-      url = "github:nix-community/nix-on-droid/release-24.05";
-      inputs.nixpkgs.follows = "nixpkgs";
-    };
-
-    # generate NixOS images
-    nixos-generators = {
-      url = "github:nix-community/nixos-generators";
-      inputs.nixpkgs.follows = "nixpkgs";
-    };
-
-    # hardware quirks on nix
-    nixos-hardware = {
-      url = "github:NixOS/nixos-hardware/master";
-    };
-
-    # dynamic library loading
-    nix-alien = {
-      url = "github:thiagokokada/nix-alien";
-    };
-
-    # automatic nintendo switch payload injection
-    nswitch-rcm-nix = {
-      url = "github:Swarsel/nswitch-rcm-nix";
-    };
-
-    # weekly updated nix-index database
-    nix-index-database = {
-      url = "github:nix-community/nix-index-database";
-      inputs.nixpkgs.follows = "nixpkgs";
-    };
-
-    disko = {
-       url =  "github:nix-community/disko";
-       inputs.nixpkgs.follows = "nixpkgs";
-    };
-
-    impermanence.url = "github:nix-community/impermanence";
-
-    zjstatus = {
-      url = "github:dj95/zjstatus";
-    };
-
-    fw-fanctrl = {
-      url = "github:TamtamHero/fw-fanctrl/packaging/nix";
-      inputs.nixpkgs.follows = "nixpkgs";
-    };
-
-    nix-darwin = {
-      url = "github:lnl7/nix-darwin";
-      inputs.nixpkgs.follows = "nixpkgs";
-    };
-
-  };
-
-  outputs =
-    inputs@{ self
-    , nixpkgs
-    , nixpkgs-stable
-    , home-manager
-    , nix-darwin
-    , systems
-    , ...
-    }:
-    let
-      inherit (self) outputs;
-      lib = nixpkgs.lib // home-manager.lib;
-
-      forEachSystem = f: lib.genAttrs (import systems) (system: f pkgsFor.${system});
-      pkgsFor = lib.genAttrs (import systems) (
-        system:
-        import nixpkgs {
-          inherit system;
-          config.allowUnfree = true;
-        }
-      );
-
-      # NixOS modules that can only be used on NixOS systems
-      nixModules = [
-        inputs.stylix.nixosModules.stylix
-        inputs.lanzaboote.nixosModules.lanzaboote
-        inputs.disko.nixosModules.disko
-        # inputs.impermanence.nixosModules.impermanence
-        inputs.sops-nix.nixosModules.sops
-        inputs.nswitch-rcm-nix.nixosModules.nswitch-rcm
-        ./profiles/common/nixos
-      ];
-
-      # Home-Manager modules wanted on non-NixOS systems
-      homeModules = [
-        inputs.stylix.homeManagerModules.stylix
-      ];
-
-      # Home-Manager modules wanted on both NixOS and non-NixOS systems
-      mixedModules = [
-        inputs.sops-nix.homeManagerModules.sops
-        inputs.nix-index-database.hmModules.nix-index
-        ./profiles/common/home
-      ];
-
-      # For adding things to _module.args (making arguments available globally)
-      # moduleArgs = [
-      #   {
-      #     _module.args = { inherit self; };
-      #   }
-      # ];
-    in
-    {
-
-      inherit lib;
-      inherit mixedModules;
-      # inherit moduleArgs;
-      nixosModules = import ./modules/nixos;
-      homeManagerModules = import ./modules/home;
-
-      packages = forEachSystem (pkgs: import ./pkgs { inherit pkgs; });
-      devShells = forEachSystem
-        (pkgs:
-          {
-            default = pkgs.mkShell {
-              NIX_CONFIG = "experimental-features = nix-command flakes";
-              nativeBuildInputs = [ pkgs.nix pkgs.home-manager pkgs.git ];
-            };
-          });
-      formatter = forEachSystem (pkgs: pkgs.nixpkgs-fmt);
-      overlays = [
-        (import ./overlays { inherit inputs; }).additions
-        (import ./overlays { inherit inputs; }).modifications
-        (import ./overlays { inherit inputs; }).nixpkgs-stable
-        (import ./overlays { inherit inputs; }).zjstatus
-        inputs.nur.overlay
-        inputs.emacs-overlay.overlay
-        inputs.nixgl.overlay
-      ];
-
-      # NixOS setups - run home-manager as a NixOS module for better compatibility
-      # another benefit - full rebuild on nixos-rebuild switch
-      # run rebuild using `nswitch`
-
-      # NEW HOSTS: For a new host, decide whether a NixOS (nixosConfigurations) or non-NixOS (homeConfigurations) is used.
-      # Make sure to move hardware-configuration to the appropriate location, by default it is found in /etc/nixos/.
-
-      nixosConfigurations = {
-
-
-        live = lib.nixosSystem {
-          specialArgs = { inherit inputs outputs; };
-          system = "x86_64-linux";
-          modules = nixModules ++ [
-            (nixpkgs + "/nixos/modules/installer/cd-dvd/installation-cd-minimal.nix")
-            ./profiles/live
-          ];
-        };
-
-        nbl-imba-2 = lib.nixosSystem {
-          specialArgs = { inherit self inputs outputs; };
-          modules = nixModules ++ [
-            ./profiles/nbl-imba-2
-          ];
-        };
-
-        winters = lib.nixosSystem {
-          specialArgs = { inherit self inputs outputs; };
-          modules = [
-            ./profiles/server/winters
-          ];
-        };
-
-        #ovm swarsel
-        sync = nixpkgs.lib.nixosSystem {
-          specialArgs = { inherit inputs; };
-          modules = [
-            inputs.sops-nix.nixosModules.sops
-            ./profiles/remote/oracle/sync/nixos.nix
-          ];
-        };
-
-        #ovm swarsel
-        swatrix = nixpkgs.lib.nixosSystem {
-          specialArgs = { inherit inputs; };
-          modules = [
-            inputs.sops-nix.nixosModules.sops
-            ./profiles/remote/oracle/matrix/nixos.nix
-          ];
-        };
-      };
-
-      # pure Home Manager setups - for non-NixOS machines
-      # run rebuild using `hmswitch`
-
-      homeConfigurations = {
-
-         "swarsel@home-manager" = inputs.home-manager.lib.homeManagerConfiguration {
-          pkgs = pkgsFor.x86_64-linux;
-          extraSpecialArgs = { inherit inputs outputs; };
-           modules = homeModules ++ mixedModules ++ [
-             ./profiles/home-manager
-           ];
-         };
-
-      };
-
-      darwinConfigurations = {
-
-        "nbm-imba-166" = inputs.nix-darwin.lib.darwinSystem {
-         specialArgs = { inherit inputs outputs; };
-          modules = [
-            ./profiles/nbm-imba-166
-          ];
-        };
-
-      };
-
-      nixOnDroidConfigurations = {
-
-        magicant = inputs.nix-on-droid.lib.nixOnDroidConfiguration {
-         pkgs = pkgsFor.aarch64-linux;
-          modules = [
-            ./profiles/magicant
-          ];
-        };
-
-      };
-
-    };
-}
-
-
-
-
    -
    -
    -
    -
    -

    4. Emacs

    +

    5. Emacs

    -

    4.1. Initialization (early-init.el)

    +

    5.1. Initialization (early-init.el)

    In this section I handle my early init file; it takes care of frame-setup for emacsclient buffers.

    -

    4.1.1. Increase startup performance

    +

    5.1.1. Increase startup performance

    First, I use some advice from doomemacs regarding garbace collection; here I make sure that during startup, the garbace collectur will not run, which will improve startup times. Now, that might not really be needed since I will usually only start the emacs server once during startup and then not touch it again, however, since I am building my emacs configuration using NixOS, there is some merit to this since I will usually need to restart the server once I rebuild my configuration. @@ -10668,7 +10529,7 @@ Also packed into the hook function is the line (fset 'epg-wait-for-status

    -

    4.1.2. Setup frames

    +

    5.1.2. Setup frames

    Next, I will setup the basic frame for my emacs buffers. Note that I use a tiling window manager, so I do not need to hold myself up with sizing the windows myself. I also disable some GUI tools that I (like many others) do not find to be particularly useful. Also I inhibit many startup functions here, even though it does not affect me greatly since I use another solution for that. @@ -10721,7 +10582,7 @@ For the default-frame-alist, I used to also set '(right-divid

    -

    4.1.3. Make C-i, C-m, C-[ available in graphic sessions

    +

    5.1.3. Make C-i, C-m, C-[ available in graphic sessions

    By default, emacs binds @@ -10761,14 +10622,14 @@ NOTE: To use these keybinds, you need to enclose the binding in angled brackets

    -

    4.2. Personal settings

    +

    5.2. Personal settings

    This section is used to define my own functions, own variables, and own keybindings.

    -

    4.2.1. Custom functions

    +

    5.2.1. Custom functions

    In this section I define extra functions that I need. Some of these functions I wrote myself, some I found after internet reseach. For functions I found on the internet, I will link the original source I found it in. @@ -11345,8 +11206,8 @@ This formats the org code block at point in accordance to the

    -
  • Disable garbace collection while minibuffer is active
    -
    +
  • Disable garbace collection while minibuffer is active
    +
     (defun swarsel/minibuffer-setup-hook ()
@@ -11366,7 +11227,7 @@ This formats the org code block at point in accordance to the
    -

    4.2.2. Custom Keybindings

    +

    5.2.2. Custom Keybindings

    This defines a set of keybinds that I want to have available globally. I have one set of keys that is globally available through the C-SPC prefix. This set is used mostly for functions that I have trouble remembering the original keybind for, or that I just want to have gathered in a common space. @@ -11414,7 +11275,8 @@ I also define some keybinds to some combinations directly. Those are used mostly "oa" '((lambda () (interactive) (org-refile)) :which-key "org-refile") "ob" '((lambda () (interactive) (org-babel-mark-block)) :which-key "Mark whole src-block") "ol" '((lambda () (interactive) (org-insert-link)) :which-key "insert link") - "os" '((lambda () (interactive) (org-store-link)) :which-key "store link") + "oc" '((lambda () (interactive) (org-store-link)) :which-key "copy (=store) link") + "os" '(shfmt-region :which-key "format sh-block") "od" '((lambda () (interactive) (org-babel-demarcate-block)) :which-key "demarcate (split) src-block") "on" '(nixpkgs-fmt-region :which-key "format nix-block") "ot" '(swarsel/org-babel-tangle-config :which-key "tangle file") @@ -11500,7 +11362,7 @@ I also define some keybinds to some combinations directly. Those are used mostly

    -

    4.2.3. Directory setup / File structure

    +

    5.2.3. Directory setup / File structure

    In this section I setup some aliases that I use for various directories on my system. Some of these are actually used for magit repository finding etc., but many of them serve no real use and I need to clean this up someday. @@ -11549,7 +11411,7 @@ In this section I setup some aliases that I use for various directories on my sy

    -

    4.2.4. Unclutter .emacs.d

    +

    5.2.4. Unclutter .emacs.d

    In this section I move the custom.el out of it's standard location in .emacs.d. Firstly, I dislike using this file at all since I would rather have fully stateful configuration as commanded by this file. Secondly, this file is too easily permanently changed. Recently I figured out the last bits that I needed to remove from custom.el to no longer be reliant on it, so I now just write it to a temporary file (through make-temp=file) which will be cleaned on shutdown. However, I like to retain the custom framework because it is nice for testing out theme customizations, hence why I still load the file. @@ -11575,7 +11437,7 @@ This section also sets the emacs directory to the ~/.cache/ directo

    -

    4.2.5. Move backup files to another location

    +

    5.2.5. Move backup files to another location

    Many people dislike the Emacs backup files; I do enjoy them, but have to admit that they clutter the filesystem a little too much. Also, I rarely need to access these over different sessions. Hence I move them to /tmp - if Emacs unexpectedly crashes, the files can be recovered, but the backup files will not gather everywhere and will be deleted upon shutdown. @@ -11606,14 +11468,14 @@ Many people dislike the Emacs backup files; I do enjoy them, but have to admit t

    -

    4.3. General init.el setup + UI

    +

    5.3. General init.el setup + UI

    In this general section I have settings that I either consider to be integral to my experience when using emacs or have no other section that I feel they belong to.

    -

    4.3.1. General setup

    +

    5.3.1. General setup

    Here I set up some things that are too minor to put under other categories. @@ -11684,7 +11546,7 @@ Here I set up some things that are too minor to put under other categories.

    -

    4.3.2. Mark all themes as safe

    +

    5.3.2. Mark all themes as safe

    Normally when switching themes in emacs, the user will be warned that themes can run malicious code. I only run one theme really and deem it safe. It is however annoying to be asked this on every new system and it also creates lines in custom.el to answer that query, so here I declare all themes as safe. @@ -11699,7 +11561,7 @@ Normally when switching themes in emacs, the user will be warned that themes can

    -

    4.3.3. Show less compilation warnings

    +

    5.3.3. Show less compilation warnings

    When Emacs compiles stuff, it often shows a bunch of warnings that I do not need to deal with. Here we silence those. Some will be disabled completely, and some only when we have native compilation available (which should be most of the time, however). @@ -11717,9 +11579,9 @@ When Emacs compiles stuff, it often shows a bunch of warnings that I do not need

    -
    -

    4.3.4. Better garbage collection

    -
    +
    +

    5.3.4. Better garbage collection

    +
    (setq garbage-collection-messages t)
 (defmacro k-time (&rest body)
@@ -11741,7 +11603,7 @@ When Emacs compiles stuff, it often shows a bunch of warnings that I do not need
    -

    4.3.5. Indentation

    +

    5.3.5. Indentation

    Here I define several options related to indentation; I first make it so that only whitespace will be used instead of tab characters for indentation, and I also set a small standard indent. @@ -11784,7 +11646,7 @@ Lastly, I load the highlight-indent-guides package. This adds a nea

    -

    4.3.6. Scrolling

    +

    5.3.6. Scrolling

    By default, emacs scrolls half a page when reaching the bottom of the buffer. This is extremely annoying. This sets up more granular scrolling that allows scrolling with a mouse wheel or the two-finger touchscreen gesture. This now also works in buffers with a very small frame. @@ -11814,7 +11676,7 @@ By default, emacs scrolls half a page when reaching the bottom of the buffer. Th

    -

    4.3.7. Evil

    +

    5.3.7. Evil

      @@ -11945,7 +11807,7 @@ This minor-mode adds functionality for doing better surround-commands; for examp
    -

    4.3.8. ispell

    +

    5.3.8. ispell

    This should setup a wordlist that can be used as a dictionary. However, for some reason this does not work, and I will need to further investigate this issue. @@ -11961,7 +11823,7 @@ This should setup a wordlist that can be used as a dictionary. However, for some

    -

    4.3.9. Font Configuration

    +

    5.3.9. Font Configuration

    Here I define my fonts to be used. Honestly I do not understand the face-attributes and pitches of emacs all too well. It seems this configuration works fine, but I might have to revisit this at some point in the future. @@ -11989,7 +11851,7 @@ Here I define my fonts to be used. Honestly I do not understand the face-attribu

    -

    4.3.10. Theme

    +

    5.3.10. Theme

    I have grown to love the doom-citylights theme and have modeled my whole system after it. Also solaire-mode is a nice mode that inverts the alt-faces with the normal faces for specific 'minor' buffers (like Help-buffers). @@ -12015,7 +11877,7 @@ I have grown to love the doom-citylights theme and have modeled my

    -

    4.3.11. Icons

    +

    5.3.11. Icons

    This section loads the base icons used in my configuration. I am using nerd-icons over all-the-icons since the former seems to have more integrations with different packages than the latter. @@ -12038,7 +11900,7 @@ Used in:

    -

    4.3.12. Variable Pitch Mode

    +

    5.3.12. Variable Pitch Mode

    This minor mode allows mixing fixed and variable pitch fonts within the same buffer. @@ -12059,7 +11921,7 @@ This minor mode allows mixing fixed and variable pitch fonts within the same buf

    -

    4.3.13. Modeline

    +

    5.3.13. Modeline

    Here I set up the modeline with some information that I find useful. Specficially I am using the doom modeline. Most informations I disable for it, except for the cursor information (row + column) as well as a widget for mu4e and git information. @@ -12082,7 +11944,7 @@ Here I set up the modeline with some information that I find useful. Specficiall

    -

    4.3.14. Helper Modes

    +

    5.3.14. Helper Modes

      @@ -12318,7 +12180,7 @@ This pair of packages provides information on keybinds in addition to function n
    -

    4.3.15. Ligatures

    +

    5.3.15. Ligatures

    Personally, I think ligatures are fancy. With this mode, they stay 'cursorable'. However, I do not need them in all modes, so I only use them in programming modes. @@ -12350,7 +12212,7 @@ Personally, I think ligatures are fancy. With this mode, they stay 'cursorable'.

    -

    4.3.16. Popup (popper) + Shackle Buffers

    +

    5.3.16. Popup (popper) + Shackle Buffers

    The popper package allows to declare different buffers as 'popup-type', which sort of acts like a scratchpad. It can be toggled at any time using popper-toggle and the resulting frame can be freely customized (with shackle) to a certain size. It is also possible to prevent a buffer from appearing - I do this for example to the *Warnings* buffer, since usually I am not interested in it's output. @@ -12403,7 +12265,7 @@ The popper package allows to declare different buffers as 'popup-type', which so

    -

    4.3.17. Indicate first and last line of buffer

    +

    5.3.17. Indicate first and last line of buffer

    This places little angled indicators on the fringe of a window which indicate buffer boundaries. This is not super useful, but makes use of a space that I want to keep for aesthetic reasons anyways and makes it a bit more useful in the process. @@ -12418,7 +12280,7 @@ This places little angled indicators on the fringe of a window which indicate bu

    -

    4.3.18. Authentication

    +

    5.3.18. Authentication

    This defines the authentication sources used by org-calfw (Calendar) and Forge. @@ -12437,7 +12299,7 @@ This defines the authentication sources used by org-calfw (

    -

    4.4. Modules

    +

    5.4. Modules

    This section houses all configuration bits that are related to a specific package that is not fundamental to my Emacs experience. @@ -12448,7 +12310,7 @@ At some point this will receive further sorting, but for now this is good enough

    -

    4.4.1. Org Mode

    +

    5.4.1. Org Mode

    org-mode is probably my most-used mode in Emcas. It acts as my organizer, config management tool and calender even. @@ -12948,7 +12810,7 @@ Recently I have grown fond of holding presentations using Emacs :)

    -

    4.4.2. Nix Mode

    +

    5.4.2. Nix Mode

    This adds a rudimentary nix-mode to Emacs. I have not really tried this out, as I am mostly editing nix-files in org-mode anyways. @@ -12956,16 +12818,17 @@ This adds a rudimentary nix-mode to Emacs. I have not really tried this out, as 

    -(use-package nix-mode
-  :mode "\\.nix\\'")
+(use-package nix-mode)
 
+(use-package nix-ts-mode
+  :mode "\\.nix\\'")
    -
    -

    4.4.3. HCL Mode

    -
    +
    +

    5.4.3. HCL Mode

    +

    This adds support for Hashicorp Configuration Language. I need this at work.

    @@ -12981,9 +12844,9 @@ This adds support for Hashicorp Configuration Language. I need this at work.
    -
    -

    4.4.4. Jenkinsfile/Groovy

    -
    +
    +

    5.4.4. Jenkinsfile/Groovy

    +

    This adds support for Groovy, which I specifically need to work with Jenkinsfiles. I need this at work.

    @@ -12999,9 +12862,9 @@ This adds support for Groovy, which I specifically need to work with Jenkinsfile
    -
    -

    4.4.5. Dockerfile

    -
    +
    +

    5.4.5. Dockerfile

    +

    This adds support for Dockerfiles. I need this at work.

    @@ -13015,9 +12878,9 @@ This adds support for Dockerfiles. I need this at work.
    -
    -

    4.4.6. Terraform Mode

    -
    +
    +

    5.4.6. Terraform Mode

    +

    This adds support for Terraform configuration files. I need this at work.

    @@ -13037,7 +12900,7 @@ This adds support for Terraform configuration files. I need this at work.
    -

    4.4.7. nixpkgs-fmt

    +

    5.4.7. nixpkgs-fmt

    Adds functions for formatting nix code. @@ -13047,12 +12910,30 @@ Adds functions for formatting nix code. 

     (use-package nixpkgs-fmt)
 
+
    +
    +
    +
    +
    +

    5.4.8. shfmt

    +
    +

    +Adds functions for formatting shellscripts. +

    + +
    +
    +(use-package shfmt
+  :config
+  (setq shfmt-command "shfmt")
+  (setq shfmt-arguments '("-i" "4" "-s" "-sr")))
+
    -

    4.4.8. Markdown Mode

    +

    5.4.9. Markdown Mode

      @@ -13090,7 +12971,7 @@ Adds functions for formatting nix code.
    -

    4.4.9. Olivetti

    +

    5.4.10. Olivetti

    Olivetti is a mode specialized for writing prose in Emacs. I went for a very simple setup with little distractions. @@ -13111,9 +12992,9 @@ This mode is not automatically activated anywhere because I only rarely need it.

    -
    -

    4.4.10. elfeed

    -
    +
    +

    5.4.11. elfeed

    +
     ;; (setq elfeed-feeds
@@ -13185,7 +13066,7 @@ This mode is not automatically activated anywhere because I only rarely need it.
    -

    4.4.11. darkroom

    +

    5.4.12. darkroom

    Darkroom is package that reduces all forms of distraction to a minimum - this can be useful when simply reading a file for example. For this mode I have increased the text scale by a large margin to make for comfortable reading @@ -13203,7 +13084,7 @@ This mode is not automatically activated anywhere because I only rarely need it.

    -

    4.4.12. Ripgrep

    +

    5.4.13. Ripgrep

    This is the ripgrep command for Emacs. @@ -13218,7 +13099,7 @@ This is the ripgrep command for Emacs.

    -

    4.4.13. Tree-sitter

    +

    5.4.14. Tree-sitter

    Tree-sitter is a parsing library integrated into Emacs to provide better syntax highlighting and code analysis. It generates concrete syntax trees for source code, enabling more accurate and efficient text processing. Emacs' tree-sitter integration enhances language support, offering features like incremental parsing and precise syntax-aware editing. This improves the development experience by providing robust and dynamic syntax features, making it easier for me to navigate and manipulate code. @@ -13255,6 +13136,7 @@ In order to update the language grammars, run the next command below. (latex . ("https://github.com/latex-lsp/tree-sitter-latex")) (make . ("https://github.com/alemuller/tree-sitter-make")) (markdown . ("https://github.com/ikatyang/tree-sitter-markdown")) + (nix . ("https://github.com/nix-community/tree-sitter-nix")) (R . ("https://github.com/r-lib/tree-sitter-r")) (python . ("https://github.com/tree-sitter/tree-sitter-python")) (typescript . ("https://github.com/tree-sitter/tree-sitter-typescript" "typescript/src" "typescript")) @@ -13276,7 +13158,7 @@ In order to update the language grammars, run the next command below.

    -

    4.4.14. direnv (envrc)

    +

    5.4.15. direnv (envrc)

    @@ -13289,7 +13171,7 @@ In order to update the language grammars, run the next command below.
    -

    4.4.15. avy

    +

    5.4.16. avy

    avy provides the ability to search for any character on the screen (not only in the current buffer!) - I enjoy this utility a lot and use it possibly even more often than the native vim commands. @@ -13308,7 +13190,7 @@ In order to update the language grammars, run the next command below.

    -

    4.4.16. crdt (Collaborative Editing)

    +

    5.4.17. crdt (Collaborative Editing)

    With this it is possible to work on the same file collaboratively. I have never tried it out, but it sounds cool. @@ -13323,7 +13205,7 @@ With this it is possible to work on the same file collaboratively. I have never

    -

    4.4.17. devdocs

    +

    5.4.18. devdocs

    devdocs is a very nice package that provides documentation from https:devdocs.io. This is very useful since e.g. pyright provides only a very bad documentation and I do not want to leave Emacs all the time just to read documentation. @@ -13359,7 +13241,7 @@ To install a documentation, use the devdocs=install command and sel

    -

    4.4.18. Projectile

    +

    5.4.19. Projectile

    projectile is useful for keeping track of your git projects within Emacs. I mostly use it to quickly switch between projects. @@ -13384,7 +13266,7 @@ projectile is useful for keeping track of your git projects within Emacs. I most

    -

    4.4.19. Magit

    +

    5.4.20. Magit

    magit is the best git utility I have ever used - it has a beautiful interface and is very verbose. Here I mostly just setup the list of repositories that I want to expost to magit. @@ -13409,7 +13291,7 @@ Also, Emacs needs a little extra love to accept my Yubikey for git commits etc.

    -

    4.4.20. Yubikey support

    +

    5.4.21. Yubikey support

    The following settings are needed to make sure emacs works for magit commits and pushes. It is not a beautiful solution since commiting uses pinentry-emacs and pushing uses pinentry-gtk2, but it works for now at least. @@ -13429,7 +13311,7 @@ The following settings are needed to make sure emacs works for magit commits and

    -

    4.4.21. Forge

    +

    5.4.22. Forge

    NOTE: Make sure to configure a GitHub token before using this package! @@ -13467,7 +13349,7 @@ machine api.github.com login USERNAMEforge password 012345abcdef

    -

    4.4.22. git-timemachine

    +

    5.4.23. git-timemachine

    This is just a nice utility to browse different versions of a file of a git project within Emacs. @@ -13484,7 +13366,7 @@ This is just a nice utility to browse different versions of a file of a git proj

    -

    4.4.23. Delimiters (brackets): rainbow-delimiters, highlight-parentheses

    +

    5.4.24. Delimiters (brackets): rainbow-delimiters, highlight-parentheses

    • rainbow-delimiters colors all delimiters, also ones not in current selection
      • @@ -13527,7 +13409,7 @@ I am not completely sure on electric-pair-mode yet, sometimes it is very helpful
    -

    4.4.24. rainbow-mode

    +

    5.4.25. rainbow-mode

    Complimentary to the delimiters-packages above, this package sets the background color of the delimiters, which makes it easier to see at a glance where we are in a delimiter-tree. @@ -13543,7 +13425,7 @@ Complimentary to the delimiters-packages above, this package sets the background

    -

    4.4.25. Corfu

    +

    5.4.26. Corfu

    This is the company equivalent to the vertico gang. @@ -13612,7 +13494,7 @@ Navigation functions defined here: -

    4.4.26. cape

    +

    5.4.27. cape

    cape adds even more completion capabilities by adding a lot of completion logic that is exposed as separate functions. I tried out adding these to the completion-at-points-functions alist, but I felt like it cluttered my suggestions too much. Hence I now just call the respective functions when I need them. For this I setup the C-z keybinding in General evil. @@ -13666,7 +13548,7 @@ I leave the commented out alist extensions here in case I want to try them out a

    -

    4.4.27. rust

    +

    5.4.28. rust

    This sets up rustic-mode with tree-sitter support - there is still one issue to iron out with automatic adding of dependency crates, but everything else works fine now. @@ -13693,7 +13575,7 @@ This sets up rustic-mode with tree-sitter support - there is still one issue to

    -

    4.4.28. Tramp

    +

    5.4.29. Tramp

    Tramp allows for SSH access of files over Emacs. I have no ideas what the options here mean, but this is a recommended configuration that I found (sadly I lost the link). I need to research more what these options really do. @@ -13733,7 +13615,7 @@ Tramp allows for SSH access of files over Emacs. I have no ideas what the option

    -

    4.4.29. diff-hl

    +

    5.4.30. diff-hl

    This is a simple highlighting utility that uses the margin to visually show the differences since the last git commit. @@ -13755,7 +13637,7 @@ This is a simple highlighting utility that uses the margin to visually show the

    -

    4.4.30. Commenting

    +

    5.4.31. Commenting

    This package allows for swift commenting out and in of code snippets. For some reason, it is a bit broken in my config, as it sometimes comments out too much, sometimes too little, and sometimes it splits lines during commenting. Also, in org-mode when inside a src-block, it often times jumps to the top of the block. @@ -13775,7 +13657,7 @@ Still, this is avery convenient package.

    -

    4.4.31. yasnippet

    +

    5.4.32. yasnippet

    yasnippet allows to define snippets that can be quickly expanded by hitting the TAB key after inputting a keyword. @@ -13861,9 +13743,9 @@ The following block is mostly inspired from -

    4.4.32. eglot

    -
    +
    +

    5.4.33. eglot

    +

    After having tried out lsp-mode and lsp-bridge for a while each, I must say that eglot feels the most clean and fast to me.

    @@ -13872,7 +13754,6 @@ After having tried out lsp-mode and lsp-bridge for a w 
     (use-package eglot
-  :ensure nil
   :config
   (add-to-list 'eglot-server-programs
        '(yaml-ts-mode . ("ansible-language-server" "--stdio")))
@@ -13894,19 +13775,32 @@ After having tried out lsp-mode and lsp-bridge for a w
   :custom
   (eldoc-echo-area-use-multiline-p nil)
   (completion-category-defaults nil)
+  (fset #'jsonrpc--log-event #'ignore)
+  (eglot-events-buffer-size 0)
+  (eglot-sync-connect nil)
+  (eglot-connect-timeout nil)
+  (eglot-autoshutdown t)
+  (eglot-send-changes-idle-time 3)
+  (flymake-no-changes-timeout 5)
   :bind (:map eglot-mode-map
               ("M-(" . flymake-goto-next-error)
               ("C-c ," . eglot-code-actions)))
 
+(use-package eglot-booster
+  :ensure nil
+  :after eglot
+  :config
+  (eglot-booster-mode))
+
 (defalias 'start-lsp-server #'eglot)
    -
    -

    4.4.33. sideline-flymake

    -
    +
    +

    5.4.34. sideline-flymake

    +

    This brings back warnings and errors on the sideline for eglot; a feature that I have been missing from lsp-mode for a while.

    @@ -13925,7 +13819,7 @@ This brings back warnings and errors on the sideline for eglot; a feature that I
    -

    4.4.34. Breadcrumb

    +

    5.4.35. Breadcrumb

    This simple shows the path to the current file on the top of the buffer - I just think it looks kind of neat, even though it is not extremely useful :) @@ -13942,7 +13836,7 @@ This simple shows the path to the current file on the top of the buffer - I just

    -

    4.4.35. Prevent breaking of hardlinks

    +

    5.4.36. Prevent breaking of hardlinks

    This setting ensures that hard links are preserved during the backup process, which is useful for maintaining the integrity of files that are linked in multiple locations. @@ -13957,7 +13851,7 @@ This setting ensures that hard links are preserved during the backup process, wh

    -

    4.4.36. Dirvish

    +

    5.4.37. Dirvish

    Dirvish is an improvement upon the dired-framework and has more features like file preview etc. Sadly it has an incompatibility with openwith which is why I have disabled that package. @@ -14021,7 +13915,7 @@ Dirvish is an improvement upon the dired-framework and has more features like fi

    -

    4.4.37. pdf-tools: pdf-viewer and support for dirvish

    +

    5.4.38. pdf-tools: pdf-viewer and support for dirvish

    This enables pdf-previewing in dirvish and gives a much better pdf-viewer than is shipped normally by emacs. @@ -14040,7 +13934,7 @@ This enables pdf-previewing in dirvish and gives a much better pdf-viewer than i

    -

    4.4.38. Jupyter

    +

    5.4.39. Jupyter

    This is a jupyter client. Using it is a bit cumbersome though, so I have not fully explored all features. @@ -14055,7 +13949,7 @@ This is a jupyter client. Using it is a bit cumbersome though, so I have not ful

    -

    4.4.39. undo-tree

    +

    5.4.40. undo-tree

    Base emacs undo logic is very useful, but not easy to understand for me. I prefer undo-tree, which makes switching between branches easier and also allows quickly switching back to a much older state using the visualizer. @@ -14094,7 +13988,7 @@ While we are at it, we are also setting up a persistent undo-file for every file

    -

    4.4.40. Hydra

    +

    5.4.41. Hydra

    Hydra allows for the writing of macro-style functions. I have not yet looked into this all too much, but it seems to be a potent feature. @@ -14131,7 +14025,7 @@ I only wrote this in order to try out hydra; rarely do I really need this. Howev

    -

    4.4.41. External Applications

    +

    5.4.42. External Applications

      @@ -14280,7 +14174,7 @@ This section is here to make Anki usable from within Emacs - an endeavour that I
    -

    4.4.42. Email

    +

    5.4.43. Email

      @@ -14390,7 +14284,7 @@ This adds the simple utility of sending desktop notifications whenever a new mai
    -

    4.4.43. Calendar

    +

    5.4.44. Calendar

    This provides a beautiful calender to emacs. @@ -14458,7 +14352,7 @@ Yes, I am aware that I am exposing my university-calendar to the public here. I

    -

    4.4.44. Dashboard: emacs startup screen

    +

    5.4.45. Dashboard: emacs startup screen

    This sets up the dashboard, which is really quite useless. But, it looks cool and makes me happy whenever I start an emacsclient without a file name as argument :) @@ -14530,9 +14424,9 @@ This sets up the dashboard, which is really quite useless. But, it

    -
    -

    4.4.45. vterm

    -
    +
    +

    5.4.46. vterm

    +
     (use-package vterm
@@ -14654,7 +14548,7 @@ Prints a reasuring message to proove good faith."
    diff --git a/modules/home/darwin.nix b/modules/home/darwin.nix index 69cb513..d5f19ba 100644 --- a/modules/home/darwin.nix +++ b/modules/home/darwin.nix @@ -1,4 +1,5 @@ { lib, ... }: { options.swarselsystems.isDarwin = lib.mkEnableOption "darwin host"; + } diff --git a/profiles/common/home/stylix.nix b/profiles/common/home/stylix.nix index d2bfe09..ca45688 100644 --- a/profiles/common/home/stylix.nix +++ b/profiles/common/home/stylix.nix @@ -1,9 +1,9 @@ -{ lib, config, pkgs, ... }: +{ self, lib, config, pkgs, ... }: { stylix = lib.mkIf (!config.swarselsystems.isNixos) { enable = true; - base16Scheme = ../../../wallpaper/swarsel.yaml; + base16Scheme = "${self}/wallpaper/swarsel.yaml"; # base16Scheme = "${pkgs.base16-schemes}/share/themes/shapeshifter.yaml"; polarity = "dark"; opacity.popups = 0.5; diff --git a/profiles/common/nixos/stylix.nix b/profiles/common/nixos/stylix.nix index 39833e3..6754089 100644 --- a/profiles/common/nixos/stylix.nix +++ b/profiles/common/nixos/stylix.nix @@ -1,9 +1,9 @@ -{ pkgs, home-manager, config, ... }: +{ self, pkgs, home-manager, config, ... }: { stylix = { enable = true; - base16Scheme = ../../../wallpaper/swarsel.yaml; + base16Scheme = "${self}/wallpaper/swarsel.yaml"; # base16Scheme = "${pkgs.base16-schemes}/share/themes/shapeshifter.yaml"; polarity = "dark"; opacity.popups = 0.5;