From e39f07eac124ccd7fff4bdbd657f099225f0597f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Leon=20Schwarz=C3=A4ugl?= Date: Sun, 29 Jun 2025 15:27:14 +0200 Subject: [PATCH] chore: update flake --- SwarselSystems.org | 185 +++++++------ flake.lock | 251 ++++++++++-------- flake.nix | 1 + .../nbl-imba-2/hardware-configuration.nix | 5 +- modules/home/common/desktop.nix | 8 + modules/home/common/packages.nix | 7 +- modules/home/common/sharedsetup.nix | 42 ++- modules/home/optional/work.nix | 2 +- modules/nixos/common/packages.nix | 1 - modules/nixos/common/pipewire.nix | 3 +- modules/nixos/common/syncthing.nix | 25 +- modules/nixos/optional/gaming.nix | 46 ++-- modules/nixos/optional/work.nix | 20 +- modules/nixos/server/syncthing.nix | 14 +- overlays/default.nix | 8 + 15 files changed, 329 insertions(+), 289 deletions(-) diff --git a/SwarselSystems.org b/SwarselSystems.org index 29f08e8..27e1b7b 100644 --- a/SwarselSystems.org +++ b/SwarselSystems.org @@ -235,6 +235,7 @@ When setting this option normally, the password would normally be written world- #+begin_src nix :tangle no :noweb-ref flakeinputs nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable"; + nixpkgs-kernel.url = "github:NixOS/nixpkgs/063f43f2dbdef86376cc29ad646c45c46e93234c?narHash=sha256-6m1Y3/4pVw1RWTsrkAK2VMYSzG4MMIj7sqUy7o8th1o%3D"; #specifically pinned for kernel version nixpkgs-stable.url = "github:NixOS/nixpkgs/nixos-25.05"; nixpkgs-stable24_05.url = "github:NixOS/nixpkgs/nixos-24.05"; nixpkgs-stable24_11.url = "github:NixOS/nixpkgs/nixos-24.11"; @@ -896,7 +897,7 @@ My work machine. Built for more security, this is the gold standard of my config :END: #+begin_src nix :tangle hosts/nixos/nbl-imba-2/hardware-configuration.nix - { config, lib, modulesPath, ... }: + { config, lib, pkgs, modulesPath, ... }: { imports = [ @@ -920,8 +921,11 @@ My work machine. Built for more security, this is the gold standard of my config # ''; boot = { + kernelPackages = lib.mkDefault pkgs.kernel.linuxPackages; + binfmt.emulatedSystems = [ "aarch64-linux" ]; initrd = { availableKernelModules = [ "nvme" "xhci_pci" "thunderbolt" "usb_storage" "cryptd" "usbhid" "sd_mod" "r8152" ]; + # allow to remote build on arm (needed for moonside) kernelModules = [ "sg" ]; luks.devices."cryptroot" = { # improve performance on ssds @@ -4309,6 +4313,13 @@ When adding a new entry here, do not forget to add it in the default output of t }; }; + nixpkgs-kernel = final: _: { + kernel = import inputs.nixpkgs-kernel { + inherit (final) system; + config.allowUnfree = true; + }; + }; + nixpkgs-stable24_05 = final: _: { stable24_05 = import inputs.nixpkgs-stable24_05 { inherit (final) system; @@ -4335,6 +4346,7 @@ When adding a new entry here, do not forget to add it in the default output of t (additions final prev) // (modifications final prev) // (nixpkgs-stable final prev) + // (nixpkgs-kernel final prev) // (nixpkgs-stable24_05 final prev) // (nixpkgs-stable24_11 final prev) // (zjstatus final prev) @@ -5713,7 +5725,6 @@ Mostly used to install some compilers and lsp's that I want to have available wh # yubikey packages gnupg yubikey-personalization - yubikey-personalization-gui yubico-pam yubioath-flutter yubikey-manager @@ -6066,7 +6077,7 @@ This is only used on systems not running Pipewire. Pipewire handles communication on Wayland. This enables several sound tools as well as screen sharing in combinaton with =xdg-desktop-portal-wlr=. #+begin_src nix :tangle modules/nixos/common/pipewire.nix - { lib, config, ... }: + { lib, config, pkgs, ... }: { options.swarselsystems.modules.pipewire = lib.mkEnableOption "pipewire config"; config = lib.mkIf config.swarselsystems.modules.pipewire { @@ -6074,6 +6085,7 @@ Pipewire handles communication on Wayland. This enables several sound tools as w services.pipewire = { enable = true; + package = pkgs.stable.pipewire; pulse.enable = true; jack.enable = true; audio.enable = true; @@ -6647,7 +6659,7 @@ Here I disable global completion to prevent redundant compinit calls and cache i :END: #+begin_src nix :tangle modules/nixos/common/syncthing.nix - { lib, config, ... }: + { lib, config, pkgs, ... }: let inherit (config.swarselsystems) mainUser homeDir; in @@ -6656,51 +6668,52 @@ Here I disable global completion to prevent redundant compinit calls and cache i config = lib.mkIf config.swarselsystems.modules.syncthing { services.syncthing = { enable = true; + package = pkgs.stable.syncthing; user = mainUser; dataDir = homeDir; configDir = "${homeDir}/.config/syncthing"; openDefaultPorts = true; + overrideDevices = true; + overrideFolders = true; settings = { + options = { + urAccepted = -1; + }; devices = { "magicant" = { id = "VMWGEE2-4HDS2QO-KNQOVGN-LXLX6LA-666E4EK-ZBRYRRO-XFEX6FB-6E3XLQO"; }; - "sync (@oracle)" = { + "sync@oracle" = { id = "ETW6TST-NPK7MKZ-M4LXMHA-QUPQHDT-VTSHH5X-CR5EIN2-YU7E55F-MGT7DQB"; }; "winters" = { id = "O7RWDMD-AEAHPP7-7TAVLKZ-BSWNBTU-2VA44MS-EYGUNBB-SLHKB3C-ZSLMOAA"; }; - "moonside (@oracle)" = { + "moonside@oracle" = { id = "VPCDZB6-MGVGQZD-Q6DIZW3-IZJRJTO-TCC3QUQ-2BNTL7P-AKE7FBO-N55UNQE"; }; }; folders = { "Default Folder" = lib.mkDefault { path = "${homeDir}/Sync"; - devices = [ "sync (@oracle)" "magicant" "winters" "moonside (@oracle)" ]; + devices = [ "sync@oracle" "magicant" "winters" "moonside@oracle" ]; id = "default"; }; "Obsidian" = { path = "${homeDir}/Nextcloud/Obsidian"; - devices = [ "sync (@oracle)" "magicant" "winters" "moonside (@oracle)" ]; + devices = [ "sync@oracle" "magicant" "winters" "moonside@oracle" ]; id = "yjvni-9eaa7"; }; "Org" = { path = "${homeDir}/Nextcloud/Org"; - devices = [ "sync (@oracle)" "magicant" "winters" "moonside (@oracle)" ]; + devices = [ "sync@oracle" "magicant" "winters" "moonside@oracle" ]; id = "a7xnl-zjj3d"; }; "Vpn" = { path = "${homeDir}/Vpn"; - devices = [ "sync (@oracle)" "magicant" "winters" "moonside (@oracle)" ]; + devices = [ "sync@oracle" "magicant" "winters" "moonside@oracle" ]; id = "hgp9s-fyq3p"; }; - ".elfeed" = { - path = "${homeDir}/.elfeed"; - devices = [ "sync (@oracle)" "magicant" "winters" "moonside (@oracle)" ]; - id = "h7xbs-fs9v1"; - }; }; }; }; @@ -9091,13 +9104,13 @@ Also I install Tika and Gotenberg, which are needed to create PDFs out of =.eml= "magicant" = { id = "VMWGEE2-4HDS2QO-KNQOVGN-LXLX6LA-666E4EK-ZBRYRRO-XFEX6FB-6E3XLQO"; }; - "sync (@oracle)" = { + "sync@oracle" = { id = "ETW6TST-NPK7MKZ-M4LXMHA-QUPQHDT-VTSHH5X-CR5EIN2-YU7E55F-MGT7DQB"; }; "${workHostName}" = { id = "YAPV4BV-I26WPTN-SIP32MV-SQP5TBZ-3CHMTCI-Z3D6EP2-MNDQGLP-53FT3AB"; }; - "moonside (@oracle)" = { + "moonside@oracle" = { id = "VPCDZB6-MGVGQZD-Q6DIZW3-IZJRJTO-TCC3QUQ-2BNTL7P-AKE7FBO-N55UNQE"; }; }; @@ -9106,7 +9119,7 @@ Also I install Tika and Gotenberg, which are needed to create PDFs out of =.eml= path = "/Vault/data/syncthing/Sync"; type = "receiveonly"; versioning = null; - devices = [ "sync (@oracle)" "magicant" "${workHostName}" "moonside (@oracle)" ]; + devices = [ "sync@oracle" "magicant" "${workHostName}" "moonside@oracle" ]; id = "default"; }; "Obsidian" = { @@ -9116,7 +9129,7 @@ Also I install Tika and Gotenberg, which are needed to create PDFs out of =.eml= type = "simple"; params.keep = "5"; }; - devices = [ "sync (@oracle)" "magicant" "${workHostName}" "moonside (@oracle)" ]; + devices = [ "sync@oracle" "magicant" "${workHostName}" "moonside@oracle" ]; id = "yjvni-9eaa7"; }; "Org" = { @@ -9126,7 +9139,7 @@ Also I install Tika and Gotenberg, which are needed to create PDFs out of =.eml= type = "simple"; params.keep = "5"; }; - devices = [ "sync (@oracle)" "magicant" "${workHostName}" "moonside (@oracle)" ]; + devices = [ "sync@oracle" "magicant" "${workHostName}" "moonside@oracle" ]; id = "a7xnl-zjj3d"; }; "Vpn" = { @@ -9136,7 +9149,7 @@ Also I install Tika and Gotenberg, which are needed to create PDFs out of =.eml= type = "simple"; params.keep = "5"; }; - devices = [ "sync (@oracle)" "magicant" "${workHostName}" "moonside (@oracle)" ]; + devices = [ "sync@oracle" "magicant" "${workHostName}" "moonside@oracle" ]; id = "hgp9s-fyq3p"; }; # "Documents" = { @@ -9146,7 +9159,7 @@ Also I install Tika and Gotenberg, which are needed to create PDFs out of =.eml= # type = "simple"; # params.keep = "5"; # }; - # devices = [ "magicant" "${workHostName}" "moonside (@oracle)" ]; + # devices = [ "magicant" "${workHostName}" "moonside@oracle" ]; # id = "hgr3d-pfu3w"; # }; }; @@ -10650,32 +10663,32 @@ This opens a few gaming ports and installs the steam configuration suite for gam pkgs.proton-ge-bin ]; }; - specialisation = { - gaming.configuration = { - networking = { - firewall.enable = lib.mkForce false; - firewall = { - allowedUDPPorts = [ 4380 27036 14242 34197 ]; # 34197: factorio; 4380 27036 14242: barotrauma; - allowedTCPPorts = [ ]; # 34197: factorio; 4380 27036 14242: barotrauma; 51820: wireguard - allowedTCPPortRanges = [ - { from = 27015; to = 27030; } # barotrauma - { from = 27036; to = 27037; } # barotrauma - ]; - allowedUDPPortRanges = [ - { from = 27000; to = 27031; } # barotrauma - { from = 58962; to = 58964; } # barotrauma - ]; - }; - }; + # specialisation = { + # gaming.configuration = { + # networking = { + # firewall.enable = lib.mkForce false; + # firewall = { + # allowedUDPPorts = [ 4380 27036 14242 34197 ]; # 34197: factorio; 4380 27036 14242: barotrauma; + # allowedTCPPorts = [ ]; # 34197: factorio; 4380 27036 14242: barotrauma; 51820: wireguard + # allowedTCPPortRanges = [ + # { from = 27015; to = 27030; } # barotrauma + # { from = 27036; to = 27037; } # barotrauma + # ]; + # allowedUDPPortRanges = [ + # { from = 27000; to = 27031; } # barotrauma + # { from = 58962; to = 58964; } # barotrauma + # ]; + # }; + # }; - hardware.xone.enable = true; + # hardware.xone.enable = true; - environment.systemPackages = [ - pkgs.linuxKernel.packages.linux_6_12.xone - ]; - }; - }; + # environment.systemPackages = [ + # pkgs.linuxKernel.packages.linux_6_12.xone + # ]; + # }; + # }; }; } @@ -11083,13 +11096,13 @@ Options that I need specifically at work. There are more options at [[#h:f0b2ea9 "winters" = { id = "O7RWDMD-AEAHPP7-7TAVLKZ-BSWNBTU-2VA44MS-EYGUNBB-SLHKB3C-ZSLMOAA"; }; - "moonside (@oracle)" = { + "moonside@oracle" = { id = "VPCDZB6-MGVGQZD-Q6DIZW3-IZJRJTO-TCC3QUQ-2BNTL7P-AKE7FBO-N55UNQE"; }; folders = { "Documents" = { path = "${homeDir}/Documents"; - devices = [ "magicant" "winters" "moonside (@oracle)" ]; + devices = [ "magicant" "winters" "moonside@oracle" ]; id = "hgr3d-pfu3w"; }; }; @@ -11111,14 +11124,14 @@ Options that I need specifically at work. There are more options at [[#h:f0b2ea9 ]; # cgroups v1 is required for centos7 dockers - specialisation = { - cgroup_v1.configuration = { - boot.kernelParams = [ - "SYSTEMD_CGROUP_ENABLE_LEGACY_FORCE=1" - "systemd.unified_cgroup_hierarchy=0" - ]; - }; - }; + # specialisation = { + # cgroup_v1.configuration = { + # boot.kernelParams = [ + # "SYSTEMD_CGROUP_ENABLE_LEGACY_FORCE=1" + # "systemd.unified_cgroup_hierarchy=0" + # ]; + # }; + # }; }; } @@ -11230,7 +11243,7 @@ This section sets up all the imports that are used in the home-manager section. } #+end_src -**** Shared Configuration Options +**** Shared Configuration Options (hold firefox config parts) :PROPERTIES: :CUSTOM_ID: h:79f7150f-b162-4f57-abdf-07f40dffd932 :END: @@ -11242,16 +11255,6 @@ Set in firefox =about:config > toolkit.legacyUserProfileCustomizations.styleshee #+begin_src nix :noweb yes :tangle modules/home/common/sharedsetup.nix { self, lib, pkgs, ... }: - let - lock-false = { - Value = false; - Status = "locked"; - }; - lock-true = { - Value = true; - Status = "locked"; - }; - in { options.swarselsystems = { isLaptop = lib.mkEnableOption "laptop host"; @@ -11406,22 +11409,22 @@ Set in firefox =about:config > toolkit.legacyUserProfileCustomizations.styleshee settings = { "extensions.autoDisableScopes" = 0; - "browser.bookmarks.showMobileBookmarks" = lock-true; - "toolkit.legacyUserProfileCustomizations.stylesheets" = lock-true; - "browser.search.suggest.enabled" = lock-false; - "browser.search.suggest.enabled.private" = lock-false; - "browser.urlbar.suggest.searches" = lock-false; - "browser.urlbar.showSearchSuggestionsFirst" = lock-false; - "browser.topsites.contile.enabled" = lock-false; - "browser.newtabpage.activity-stream.feeds.section.topstories" = lock-false; - "browser.newtabpage.activity-stream.feeds.snippets" = lock-false; - "browser.newtabpage.activity-stream.section.highlights.includePocket" = lock-false; - "browser.newtabpage.activity-stream.section.highlights.includeBookmarks" = lock-false; - "browser.newtabpage.activity-stream.section.highlights.includeDownloads" = lock-false; - "browser.newtabpage.activity-stream.section.highlights.includeVisited" = lock-false; - "browser.newtabpage.activity-stream.showSponsored" = lock-false; - "browser.newtabpage.activity-stream.system.showSponsored" = lock-false; - "browser.newtabpage.activity-stream.showSponsoredTopSites" = lock-false; + "browser.bookmarks.showMobileBookmarks" = true; + "toolkit.legacyUserProfileCustomizations.stylesheets" = true; + "browser.search.suggest.enabled" = false; + "browser.search.suggest.enabled.private" = false; + "browser.urlbar.suggest.searches" = false; + "browser.urlbar.showSearchSuggestionsFirst" = false; + "browser.topsites.contile.enabled" = false; + "browser.newtabpage.activity-stream.feeds.section.topstories" = false; + "browser.newtabpage.activity-stream.feeds.snippets" = false; + "browser.newtabpage.activity-stream.section.highlights.includePocket" = false; + "browser.newtabpage.activity-stream.section.highlights.includeBookmarks" = false; + "browser.newtabpage.activity-stream.section.highlights.includeDownloads" = false; + "browser.newtabpage.activity-stream.section.highlights.includeVisited" = false; + "browser.newtabpage.activity-stream.showSponsored" = false; + "browser.newtabpage.activity-stream.system.showSponsored" = false; + "browser.newtabpage.activity-stream.showSponsoredTopSites" = false; }; search = { @@ -11785,9 +11788,9 @@ This holds packages that I can use as provided, or with small modifications (as slurp # the following packages are used (in some way) by waybar - playerctl - pavucontrol - stable.pamixer + # playerctl + stable.pavucontrol + # stable.pamixer # gnome.gnome-clocks # wlogout # jdiskreport @@ -12034,6 +12037,14 @@ TODO: Non-NixOS machines (=sp3) should not use these by default, but instead the categories = [ "Application" ]; }; + teamsNoGpu = { + name = "Microsoft Teams (no GPU)"; + genericName = "Teams (no GPU)"; + exec = "teams-for-linux --disableGpu=true --trayIconEnabled=true"; + terminal = false; + categories = [ "Application" ]; + }; + rustdesk-vbc = { name = "Rustdesk VBC"; genericName = "rustdesk-vbc"; @@ -12198,7 +12209,7 @@ Sets environment variables. Here I am only setting the EDITOR variable, most var } #+end_src -**** General Programs: bottom, imv, sioyek, bat, carapace, wlogout, swayr, yt-dlp, mpv, jq, nix-index, ripgrep, pandoc, fzf +**** General Programs: bottom, imv, sioyek, bat, carapace, wlogout, swayr, yt-dlp, mpv, jq, nix-index, ripgrep, pandoc, fzf, zoxide :PROPERTIES: :CUSTOM_ID: h:f0e0b580-2e1c-4ca6-a983-f05d3ebbbcde :END: @@ -14791,7 +14802,7 @@ The rest of the settings is at [[#h:bbf2ecb6-c8ff-4462-b5d5-d45b28604ddf][work]] "firefox_${user1}" = { name = "Firefox (${user1})"; genericName = "Firefox ${user1}"; - exec = "firefox -p ${user4}"; + exec = "firefox -p ${user1}"; inherit terminal categories icon; }; diff --git a/flake.lock b/flake.lock index cc8d472..8da79c5 100644 --- a/flake.lock +++ b/flake.lock @@ -37,11 +37,11 @@ "base16-helix": { "flake": false, "locked": { - "lastModified": 1736852337, - "narHash": "sha256-esD42YdgLlEh7koBrSqcT7p2fsMctPAcGl/+2sYJa2o=", + "lastModified": 1748408240, + "narHash": "sha256-9M2b1rMyMzJK0eusea0x3lyh3mu5nMeEDSc4RZkGm+g=", "owner": "tinted-theming", "repo": "base16-helix", - "rev": "03860521c40b0b9c04818f2218d9cc9efc21e7a5", + "rev": "6c711ab1a9db6f51e2f6887cc3345530b33e152e", "type": "github" }, "original": { @@ -69,11 +69,11 @@ }, "crane": { "locked": { - "lastModified": 1746291859, - "narHash": "sha256-DdWJLA+D5tcmrRSg5Y7tp/qWaD05ATI4Z7h22gd1h7Q=", + "lastModified": 1750266157, + "narHash": "sha256-tL42YoNg9y30u7zAqtoGDNdTyXTi8EALDeCB13FtbQA=", "owner": "ipetkov", "repo": "crane", - "rev": "dfd9a8dfd09db9aad544c4d3b6c47b12562544a5", + "rev": "e37c943371b73ed87faf33f7583860f81f1d5a48", "type": "github" }, "original": { @@ -84,11 +84,11 @@ }, "crane_2": { "locked": { - "lastModified": 1743700120, - "narHash": "sha256-8BjG/P0xnuCyVOXlYRwdI1B8nVtyYLf3oDwPSimqREY=", + "lastModified": 1748970125, + "narHash": "sha256-UDyigbDGv8fvs9aS95yzFfOKkEjx1LO3PL3DsKopohA=", "owner": "ipetkov", "repo": "crane", - "rev": "e316f19ee058e6db50075115783be57ac549c389", + "rev": "323b5746d89e04b22554b061522dfce9e4c49b18", "type": "github" }, "original": { @@ -125,11 +125,11 @@ ] }, "locked": { - "lastModified": 1747742835, - "narHash": "sha256-kYL4GCwwznsypvsnA20oyvW8zB/Dvn6K5G/tgMjVMT4=", + "lastModified": 1750903843, + "narHash": "sha256-Ng9+f0H5/dW+mq/XOKvB9uwvGbsuiiO6HrPdAcVglCs=", "owner": "nix-community", "repo": "disko", - "rev": "df522e787fdffc4f32ed3e1fca9ed0968a384d62", + "rev": "83c4da299c1d7d300f8c6fd3a72ac46cb0d59aae", "type": "github" }, "original": { @@ -146,11 +146,11 @@ "nixpkgs-stable": "nixpkgs-stable" }, "locked": { - "lastModified": 1748107096, - "narHash": "sha256-PmQY/yDSlxxma3RBW2v+yWSvpJTubcmXUdoAlaJv7Dk=", + "lastModified": 1750930065, + "narHash": "sha256-BRkcx5a0RUv3su63lMWRVlKUPCrwukeigdkyF+VeXT4=", "owner": "nix-community", "repo": "emacs-overlay", - "rev": "5e55769b7a39ab810f761874aff5787c74e981da", + "rev": "b4529390e2e53bae6bfa7a6884dcfa5583b5b858", "type": "github" }, "original": { @@ -162,11 +162,11 @@ "firefox-gnome-theme": { "flake": false, "locked": { - "lastModified": 1744642301, - "narHash": "sha256-5A6LL7T0lttn1vrKsNOKUk9V0ittdW0VEqh6AtefxJ4=", + "lastModified": 1748383148, + "narHash": "sha256-pGvD/RGuuPf/4oogsfeRaeMm6ipUIznI2QSILKjKzeA=", "owner": "rafaelmardojai", "repo": "firefox-gnome-theme", - "rev": "59e3de00f01e5adb851d824cf7911bd90c31083a", + "rev": "4eb2714fbed2b80e234312611a947d6cb7d70caf", "type": "github" }, "original": { @@ -194,11 +194,11 @@ "flake-compat_2": { "flake": false, "locked": { - "lastModified": 1733328505, - "narHash": "sha256-NeCCThCEP3eCl2l/+27kNNK7QrwZB1IJCrXfrbv5oqU=", + "lastModified": 1747046372, + "narHash": "sha256-CIVLLkVgvHYbgI2UpXvIIBJ12HWgX+fjA8Xf8PUmqCY=", "owner": "edolstra", "repo": "flake-compat", - "rev": "ff81ac966bb2cae68946d5ed5fc4994f96d0ffec", + "rev": "9100a0f413b0c601e0533d1d94ffd501ce2e7885", "type": "github" }, "original": { @@ -256,11 +256,11 @@ }, "flake-compat_6": { "locked": { - "lastModified": 1733328505, - "narHash": "sha256-NeCCThCEP3eCl2l/+27kNNK7QrwZB1IJCrXfrbv5oqU=", + "lastModified": 1747046372, + "narHash": "sha256-CIVLLkVgvHYbgI2UpXvIIBJ12HWgX+fjA8Xf8PUmqCY=", "owner": "edolstra", "repo": "flake-compat", - "rev": "ff81ac966bb2cae68946d5ed5fc4994f96d0ffec", + "rev": "9100a0f413b0c601e0533d1d94ffd501ce2e7885", "type": "github" }, "original": { @@ -277,11 +277,11 @@ ] }, "locked": { - "lastModified": 1743550720, - "narHash": "sha256-hIshGgKZCgWh6AYJpJmRgFdR3WUbkY04o82X05xqQiY=", + "lastModified": 1749398372, + "narHash": "sha256-tYBdgS56eXYaWVW3fsnPQ/nFlgWi/Z2Ymhyu21zVM98=", "owner": "hercules-ci", "repo": "flake-parts", - "rev": "c621e8422220273271f52058f618c94e405bb0f5", + "rev": "9305fe4e5c2a6fcf5ba6a3ff155720fbe4076569", "type": "github" }, "original": { @@ -336,11 +336,11 @@ ] }, "locked": { - "lastModified": 1733312601, - "narHash": "sha256-4pDvzqnegAfRkPwO3wmwBhVi/Sye1mzps0zHWYnP88c=", + "lastModified": 1743550720, + "narHash": "sha256-hIshGgKZCgWh6AYJpJmRgFdR3WUbkY04o82X05xqQiY=", "owner": "hercules-ci", "repo": "flake-parts", - "rev": "205b12d8b7cd4802fbcb8e8ef6a0f1408781a4f9", + "rev": "c621e8422220273271f52058f618c94e405bb0f5", "type": "github" }, "original": { @@ -451,11 +451,11 @@ ] }, "locked": { - "lastModified": 1742649964, - "narHash": "sha256-DwOTp7nvfi8mRfuL1escHDXabVXFGT1VlPD1JHrtrco=", + "lastModified": 1747372754, + "narHash": "sha256-2Y53NGIX2vxfie1rOW0Qb86vjRZ7ngizoo+bnXU9D9k=", "owner": "cachix", "repo": "git-hooks.nix", - "rev": "dcf5072734cb576d2b0c59b2ac44f5050b5eac82", + "rev": "80479b6ec16fefd9c1db3ea13aeb038c60530f46", "type": "github" }, "original": { @@ -575,11 +575,11 @@ ] }, "locked": { - "lastModified": 1747978958, - "narHash": "sha256-pQQnbxWpY3IiZqgelXHIe/OAE/Yv4NSQq7fch7M6nXQ=", + "lastModified": 1750798083, + "narHash": "sha256-DTCCcp6WCFaYXWKFRA6fiI2zlvOLCf5Vwx8+/0R8Wc4=", "owner": "nix-community", "repo": "home-manager", - "rev": "7419250703fd5eb50e99bdfb07a86671939103ea", + "rev": "ff31a4677c1a8ae506aa7e003a3dba08cb203f82", "type": "github" }, "original": { @@ -617,11 +617,11 @@ ] }, "locked": { - "lastModified": 1747763032, - "narHash": "sha256-9j3oCbemeH7bTVXJ3pDWxOptbxDx2SdK1jY2AHpjQiw=", + "lastModified": 1748737919, + "narHash": "sha256-5kvBbLYdp+n7Ftanjcs6Nv+UO6sBhelp6MIGJ9nWmjQ=", "owner": "nix-community", "repo": "home-manager", - "rev": "29dda415f5b2178278283856c6f9f7b48a2a4353", + "rev": "5675a9686851d9626560052a032c4e14e533c1fa", "type": "github" }, "original": { @@ -655,11 +655,11 @@ "rust-overlay": "rust-overlay" }, "locked": { - "lastModified": 1747056319, - "narHash": "sha256-qSKcBaISBozadtPq6BomnD+wIYTZIkiua3UuHLaD52c=", + "lastModified": 1750866260, + "narHash": "sha256-fo5NvfutMEw9OV+5rGYuCKjlNNjcnD3cKMbOfzusO/E=", "owner": "nix-community", "repo": "lanzaboote", - "rev": "2e425f3da6ce7f5b34fa6eaf7a2a7f78dbabcc85", + "rev": "f40a3401f86d117affeeb8ca6f0ce5cd1ca3cc24", "type": "github" }, "original": { @@ -675,11 +675,11 @@ "nixpkgs": "nixpkgs_2" }, "locked": { - "lastModified": 1747908601, - "narHash": "sha256-cSzec5IT7Imx9g+Rhpt4GxrLiNF++V+guzYCnWUjhAI=", + "lastModified": 1749976779, + "narHash": "sha256-Mjb4qsu+Fma1cXe1lGo0GqisvsiUeW0LfacziI7C7oM=", "owner": "thiagokokada", "repo": "nix-alien", - "rev": "798541edff98cfa895941abe35f3e056f319a193", + "rev": "f8716e36f8864e2f50663fde364ddd8dce5d937f", "type": "github" }, "original": { @@ -695,11 +695,11 @@ ] }, "locked": { - "lastModified": 1748065210, - "narHash": "sha256-dFqlLNW6UW19m0vg5FHWLH2G2LGkqYyPs/4YqfoZMoM=", + "lastModified": 1750618568, + "narHash": "sha256-w9EG5FOXrjXGfbqCcQg9x1lMnTwzNDW5BMXp8ddy15E=", "owner": "lnl7", "repo": "nix-darwin", - "rev": "acd6aa5a9065c6695212be313e06f08f7184cb25", + "rev": "1dd19f19e4b53a1fd2e8e738a08dd5fe635ec7e5", "type": "github" }, "original": { @@ -739,11 +739,11 @@ ] }, "locked": { - "lastModified": 1746934494, - "narHash": "sha256-3n6i+F0sDASjkhbvgFDpPDZGp7z19IrRtjfF9TwJpCA=", + "lastModified": 1749960154, + "narHash": "sha256-EWlr9MZDd+GoGtZB4QsDzaLyaDQPGnRY03MFp6u2wSg=", "owner": "nix-community", "repo": "nix-index-database", - "rev": "e9b21b01e4307176b9718a29ac514838e7f6f4ff", + "rev": "424a40050cdc5f494ec45e46462d288f08c64475", "type": "github" }, "original": { @@ -759,11 +759,11 @@ ] }, "locked": { - "lastModified": 1747540584, - "narHash": "sha256-cxCQ413JTUuRv9Ygd8DABJ1D6kuB/nTfQqC0Lu9C0ls=", + "lastModified": 1750565152, + "narHash": "sha256-A6ZIoIgaPPkzIVxKuaxwEJicPOeTwC/MD9iuC3FVhDM=", "owner": "nix-community", "repo": "nix-index-database", - "rev": "ec179dd13fb7b4c6844f55be91436f7857226dce", + "rev": "78cd697acc2e492b4e92822a4913ffad279c20e6", "type": "github" }, "original": { @@ -894,11 +894,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1747900541, - "narHash": "sha256-dn64Pg9xLETjblwZs9Euu/SsjW80pd6lr5qSiyLY1pg=", + "lastModified": 1750837715, + "narHash": "sha256-2m1ceZjbmgrJCZ2PuQZaK4in3gcg3o6rZ7WK6dr5vAA=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "11f2d9ea49c3e964315215d6baa73a8d42672f06", + "rev": "98236410ea0fe204d0447149537a924fb71a6d4f", "type": "github" }, "original": { @@ -910,11 +910,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1746916775, - "narHash": "sha256-TGHTAbjauY7kK8tX8HdFh0A9eXhiRIbwZH6vBHLsofc=", + "lastModified": 1750576544, + "narHash": "sha256-8myT+IxNWIB1B66NNDzQCXc5apy6pIXLW49m4qCRHFs=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "7fb53a7bf9a07f97c34910aa45388083c67751e9", + "rev": "e2d9c5bd3cd01115da3fc48c5d46b508a2c5deb1", "type": "github" }, "original": { @@ -956,6 +956,22 @@ "type": "github" } }, + "nixpkgs-kernel": { + "locked": { + "narHash": "sha256-6m1Y3/4pVw1RWTsrkAK2VMYSzG4MMIj7sqUy7o8th1o=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "063f43f2dbdef86376cc29ad646c45c46e93234c", + "type": "github" + }, + "original": { + "narHash": "sha256-6m1Y3/4pVw1RWTsrkAK2VMYSzG4MMIj7sqUy7o8th1o=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "063f43f2dbdef86376cc29ad646c45c46e93234c", + "type": "github" + } + }, "nixpkgs-lib": { "locked": { "lastModified": 1719876945, @@ -970,11 +986,11 @@ }, "nixpkgs-stable": { "locked": { - "lastModified": 1747862697, - "narHash": "sha256-U4HaNZ1W26cbOVm0Eb5OdGSnfQVWQKbLSPrSSa78KC0=", + "lastModified": 1750646418, + "narHash": "sha256-4UAN+W0Lp4xnUiHYXUXAPX18t+bn6c4Btry2RqM9JHY=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "2baa12ff69913392faf0ace833bc54bba297ea95", + "rev": "1f426f65ac4e6bf808923eb6f8b8c2bfba3d18c5", "type": "github" }, "original": { @@ -1002,11 +1018,11 @@ }, "nixpkgs-stable24_11": { "locked": { - "lastModified": 1747862697, - "narHash": "sha256-U4HaNZ1W26cbOVm0Eb5OdGSnfQVWQKbLSPrSSa78KC0=", + "lastModified": 1750646418, + "narHash": "sha256-4UAN+W0Lp4xnUiHYXUXAPX18t+bn6c4Btry2RqM9JHY=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "2baa12ff69913392faf0ace833bc54bba297ea95", + "rev": "1f426f65ac4e6bf808923eb6f8b8c2bfba3d18c5", "type": "github" }, "original": { @@ -1018,11 +1034,11 @@ }, "nixpkgs-stable_2": { "locked": { - "lastModified": 1747953325, - "narHash": "sha256-y2ZtlIlNTuVJUZCqzZAhIw5rrKP4DOSklev6c8PyCkQ=", + "lastModified": 1750838302, + "narHash": "sha256-aVkL3/yu50oQzi2YuKo0ceiCypVZpZXYd2P2p1FMJM4=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "55d1f923c480dadce40f5231feb472e81b0bab48", + "rev": "7284e2decc982b81a296ab35aa46e804baaa1cfe", "type": "github" }, "original": { @@ -1034,11 +1050,11 @@ }, "nixpkgs_10": { "locked": { - "lastModified": 1743689281, - "narHash": "sha256-y7Hg5lwWhEOgflEHRfzSH96BOt26LaYfrYWzZ+VoVdg=", + "lastModified": 1749401433, + "narHash": "sha256-HXIQzULIG/MEUW2Q/Ss47oE3QrjxvpUX7gUl4Xp6lnc=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "2bfc080955153be0be56724be6fa5477b4eefabb", + "rev": "08fcb0dcb59df0344652b38ea6326a2d8271baff", "type": "github" }, "original": { @@ -1050,11 +1066,11 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1747179050, - "narHash": "sha256-qhFMmDkeJX9KJwr5H32f1r7Prs7XbQWtO0h3V0a0rFY=", + "lastModified": 1749794982, + "narHash": "sha256-Kh9K4taXbVuaLC0IL+9HcfvxsSUx8dPB5s5weJcc9pc=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "adaa24fbf46737f3f1b5497bf64bae750f82942e", + "rev": "ee930f9755f58096ac6e8ca94a1887e0534e2d81", "type": "github" }, "original": { @@ -1097,11 +1113,11 @@ }, "nixpkgs_5": { "locked": { - "lastModified": 1748026106, - "narHash": "sha256-6m1Y3/4pVw1RWTsrkAK2VMYSzG4MMIj7sqUy7o8th1o=", + "lastModified": 1750776420, + "narHash": "sha256-/CG+w0o0oJ5itVklOoLbdn2dGB0wbZVOoDm4np6w09A=", "owner": "nixos", "repo": "nixpkgs", - "rev": "063f43f2dbdef86376cc29ad646c45c46e93234c", + "rev": "30a61f056ac492e3b7cdcb69c1e6abdcf00e39cf", "type": "github" }, "original": { @@ -1129,11 +1145,11 @@ }, "nixpkgs_7": { "locked": { - "lastModified": 1748026106, - "narHash": "sha256-6m1Y3/4pVw1RWTsrkAK2VMYSzG4MMIj7sqUy7o8th1o=", + "lastModified": 1750776420, + "narHash": "sha256-/CG+w0o0oJ5itVklOoLbdn2dGB0wbZVOoDm4np6w09A=", "owner": "nixos", "repo": "nixpkgs", - "rev": "063f43f2dbdef86376cc29ad646c45c46e93234c", + "rev": "30a61f056ac492e3b7cdcb69c1e6abdcf00e39cf", "type": "github" }, "original": { @@ -1161,11 +1177,11 @@ }, "nixpkgs_9": { "locked": { - "lastModified": 1747542820, - "narHash": "sha256-GaOZntlJ6gPPbbkTLjbd8BMWaDYafhuuYRNrxCGnPJw=", + "lastModified": 1748460289, + "narHash": "sha256-7doLyJBzCllvqX4gszYtmZUToxKvMUrg45EUWaUYmBg=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "292fa7d4f6519c074f0a50394dbbe69859bb6043", + "rev": "96ec055edbe5ee227f28cdbc3f1ddf1df5965102", "type": "github" }, "original": { @@ -1255,11 +1271,11 @@ "treefmt-nix": "treefmt-nix" }, "locked": { - "lastModified": 1748108751, - "narHash": "sha256-3nny7VjOFPC3geBCQj59qQdKoYE8+bf+tc48YPEL8QU=", + "lastModified": 1750928207, + "narHash": "sha256-Rd0528TViqq1hyWyTLNYngeAXRA+1fsGyU87ZW/yVCM=", "owner": "nix-community", "repo": "NUR", - "rev": "65f929e6e23929e6da5fa6b95ac3c5c4e43d6216", + "rev": "1a83c7bef385585fc29dbd4d18fc2e2ca32eefc3", "type": "github" }, "original": { @@ -1281,11 +1297,11 @@ "treefmt-nix": "treefmt-nix_2" }, "locked": { - "lastModified": 1746056780, - "narHash": "sha256-/emueQGaoT4vu0QjU9LDOG5roxRSfdY0K2KkxuzazcM=", + "lastModified": 1748730660, + "narHash": "sha256-5LKmRYKdPuhm8j5GFe3AfrJL8dd8o57BQ34AGjJl1R0=", "owner": "nix-community", "repo": "NUR", - "rev": "d476cd0972dd6242d76374fcc277e6735715c167", + "rev": "2c0bc52fe14681e9ef60e3553888c4f086e46ecb", "type": "github" }, "original": { @@ -1334,11 +1350,11 @@ ] }, "locked": { - "lastModified": 1746537231, - "narHash": "sha256-Wb2xeSyOsCoTCTj7LOoD6cdKLEROyFAArnYoS+noCWo=", + "lastModified": 1749636823, + "narHash": "sha256-WUaIlOlPLyPgz9be7fqWJA5iG6rHcGRtLERSCfUDne4=", "owner": "cachix", "repo": "pre-commit-hooks.nix", - "rev": "fa466640195d38ec97cf0493d6d6882bc4d14969", + "rev": "623c56286de5a3193aa38891a6991b28f9bab056", "type": "github" }, "original": { @@ -1356,11 +1372,11 @@ ] }, "locked": { - "lastModified": 1747372754, - "narHash": "sha256-2Y53NGIX2vxfie1rOW0Qb86vjRZ7ngizoo+bnXU9D9k=", + "lastModified": 1750779888, + "narHash": "sha256-wibppH3g/E2lxU43ZQHC5yA/7kIKLGxVEnsnVK1BtRg=", "owner": "cachix", "repo": "git-hooks.nix", - "rev": "80479b6ec16fefd9c1db3ea13aeb038c60530f46", + "rev": "16ec914f6fb6f599ce988427d9d94efddf25fe6d", "type": "github" }, "original": { @@ -1387,6 +1403,7 @@ "nixos-generators": "nixos-generators", "nixos-hardware": "nixos-hardware", "nixpkgs": "nixpkgs_5", + "nixpkgs-kernel": "nixpkgs-kernel", "nixpkgs-stable": "nixpkgs-stable_2", "nixpkgs-stable24_05": "nixpkgs-stable24_05", "nixpkgs-stable24_11": "nixpkgs-stable24_11", @@ -1408,11 +1425,11 @@ ] }, "locked": { - "lastModified": 1747017456, - "narHash": "sha256-C/U12fcO+HEF071b5mK65lt4XtAIZyJSSJAg9hdlvTk=", + "lastModified": 1750560265, + "narHash": "sha256-jQCojKl1/TzqE6ANOu6rP2qqxOcGK2xs6hpxZ77wrR8=", "owner": "oxalica", "repo": "rust-overlay", - "rev": "5b07506ae89b025b14de91f697eba23b48654c52", + "rev": "076fdb0d45a9de3f379a626f51a62c78afe7efb1", "type": "github" }, "original": { @@ -1429,11 +1446,11 @@ ] }, "locked": { - "lastModified": 1743682350, - "narHash": "sha256-S/MyKOFajCiBm5H5laoE59wB6w0NJ4wJG53iAPfYW3k=", + "lastModified": 1749436897, + "narHash": "sha256-OkDtaCGQQVwVFz5HWfbmrMJR99sFIMXHCHEYXzUJEJY=", "owner": "oxalica", "repo": "rust-overlay", - "rev": "c4a8327b0f25d1d81edecbb6105f74d7cf9d7382", + "rev": "e7876c387e35dc834838aff254d8e74cf5bd4f19", "type": "github" }, "original": { @@ -1463,11 +1480,11 @@ "nixpkgs": "nixpkgs_8" }, "locked": { - "lastModified": 1747603214, - "narHash": "sha256-lAblXm0VwifYCJ/ILPXJwlz0qNY07DDYdLD+9H+Wc8o=", + "lastModified": 1750119275, + "narHash": "sha256-Rr7Pooz9zQbhdVxux16h7URa6mA80Pb/G07T4lHvh0M=", "owner": "Mic92", "repo": "sops-nix", - "rev": "8d215e1c981be3aa37e47aeabd4e61bb069548fd", + "rev": "77c423a03b9b2b79709ea2cb63336312e78b72e2", "type": "github" }, "original": { @@ -1498,11 +1515,11 @@ "tinted-zed": "tinted-zed" }, "locked": { - "lastModified": 1748028561, - "narHash": "sha256-IgtJU6n9vR3nBUdcXrc7K9E+Y/G/4P6hFifGRr1tXMU=", + "lastModified": 1750902586, + "narHash": "sha256-6m9WvGLL7pX5KHb0hXgmHvS1RHunImrKQ/MUWLs2tk8=", "owner": "danth", "repo": "stylix", - "rev": "34b5930894d8315401d93bd8a9a6635e1cd28eff", + "rev": "0f93e58628596297711954ba5ba6d3a3ef9cf3dd", "type": "github" }, "original": { @@ -1622,11 +1639,11 @@ "tinted-schemes": { "flake": false, "locked": { - "lastModified": 1744974599, - "narHash": "sha256-Fg+rdGs5FAgfkYNCs74lnl8vkQmiZVdBsziyPhVqrlY=", + "lastModified": 1748180480, + "narHash": "sha256-7n0XiZiEHl2zRhDwZd/g+p38xwEoWtT0/aESwTMXWG4=", "owner": "tinted-theming", "repo": "schemes", - "rev": "28c26a621123ad4ebd5bbfb34ab39421c0144bdd", + "rev": "87d652edd26f5c0c99deda5ae13dfb8ece2ffe31", "type": "github" }, "original": { @@ -1638,11 +1655,11 @@ "tinted-tmux": { "flake": false, "locked": { - "lastModified": 1745111349, - "narHash": "sha256-udV+nHdpqgkJI9D0mtvvAzbqubt9jdifS/KhTTbJ45w=", + "lastModified": 1748740859, + "narHash": "sha256-OEM12bg7F4N5WjZOcV7FHJbqRI6jtCqL6u8FtPrlZz4=", "owner": "tinted-theming", "repo": "tinted-tmux", - "rev": "e009f18a01182b63559fb28f1c786eb027c3dee9", + "rev": "57d5f9683ff9a3b590643beeaf0364da819aedda", "type": "github" }, "original": { @@ -1740,11 +1757,11 @@ "rust-overlay": "rust-overlay_2" }, "locked": { - "lastModified": 1745230073, - "narHash": "sha256-OER99U7MiqQ47myvbsiljsax7OsK19NMds4NBM9XXLs=", + "lastModified": 1750360050, + "narHash": "sha256-/BT5MJqy+e0jHjALBNL8YT4kQ9wlaSedxPapYvKyeyw=", "owner": "dj95", "repo": "zjstatus", - "rev": "a819e3bfe6bfef0438d811cdbb1bcfdc29912c62", + "rev": "857ada14fc8f652300571272c6db7c12620c33c0", "type": "github" }, "original": { diff --git a/flake.nix b/flake.nix index 678e5e1..8428200 100644 --- a/flake.nix +++ b/flake.nix @@ -14,6 +14,7 @@ inputs = { nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable"; + nixpkgs-kernel.url = "github:NixOS/nixpkgs/063f43f2dbdef86376cc29ad646c45c46e93234c?narHash=sha256-6m1Y3/4pVw1RWTsrkAK2VMYSzG4MMIj7sqUy7o8th1o%3D"; #specifically pinned for kernel version nixpkgs-stable.url = "github:NixOS/nixpkgs/nixos-25.05"; nixpkgs-stable24_05.url = "github:NixOS/nixpkgs/nixos-24.05"; nixpkgs-stable24_11.url = "github:NixOS/nixpkgs/nixos-24.11"; diff --git a/hosts/nixos/nbl-imba-2/hardware-configuration.nix b/hosts/nixos/nbl-imba-2/hardware-configuration.nix index 511ac6c..6c643e6 100644 --- a/hosts/nixos/nbl-imba-2/hardware-configuration.nix +++ b/hosts/nixos/nbl-imba-2/hardware-configuration.nix @@ -1,4 +1,4 @@ -{ config, lib, modulesPath, ... }: +{ config, lib, pkgs, modulesPath, ... }: { imports = [ @@ -22,8 +22,11 @@ # ''; boot = { + kernelPackages = lib.mkDefault pkgs.kernel.linuxPackages; + binfmt.emulatedSystems = [ "aarch64-linux" ]; initrd = { availableKernelModules = [ "nvme" "xhci_pci" "thunderbolt" "usb_storage" "cryptd" "usbhid" "sd_mod" "r8152" ]; + # allow to remote build on arm (needed for moonside) kernelModules = [ "sg" ]; luks.devices."cryptroot" = { # improve performance on ssds diff --git a/modules/home/common/desktop.nix b/modules/home/common/desktop.nix index 8686d6f..05b03fd 100644 --- a/modules/home/common/desktop.nix +++ b/modules/home/common/desktop.nix @@ -12,6 +12,14 @@ categories = [ "Application" ]; }; + teamsNoGpu = { + name = "Microsoft Teams (no GPU)"; + genericName = "Teams (no GPU)"; + exec = "teams-for-linux --disableGpu=true --trayIconEnabled=true"; + terminal = false; + categories = [ "Application" ]; + }; + rustdesk-vbc = { name = "Rustdesk VBC"; genericName = "rustdesk-vbc"; diff --git a/modules/home/common/packages.nix b/modules/home/common/packages.nix index 3cd4eb0..da64381 100644 --- a/modules/home/common/packages.nix +++ b/modules/home/common/packages.nix @@ -64,6 +64,7 @@ # local file sharing wormhole-rs + croc # b2 backup @backblaze restic @@ -144,9 +145,9 @@ slurp # the following packages are used (in some way) by waybar - playerctl - pavucontrol - stable.pamixer + # playerctl + stable.pavucontrol + # stable.pamixer # gnome.gnome-clocks # wlogout # jdiskreport diff --git a/modules/home/common/sharedsetup.nix b/modules/home/common/sharedsetup.nix index 919d451..2d15169 100644 --- a/modules/home/common/sharedsetup.nix +++ b/modules/home/common/sharedsetup.nix @@ -1,14 +1,4 @@ { self, lib, pkgs, ... }: -let - lock-false = { - Value = false; - Status = "locked"; - }; - lock-true = { - Value = true; - Status = "locked"; - }; -in { options.swarselsystems = { isLaptop = lib.mkEnableOption "laptop host"; @@ -163,22 +153,22 @@ in settings = { "extensions.autoDisableScopes" = 0; - "browser.bookmarks.showMobileBookmarks" = lock-true; - "toolkit.legacyUserProfileCustomizations.stylesheets" = lock-true; - "browser.search.suggest.enabled" = lock-false; - "browser.search.suggest.enabled.private" = lock-false; - "browser.urlbar.suggest.searches" = lock-false; - "browser.urlbar.showSearchSuggestionsFirst" = lock-false; - "browser.topsites.contile.enabled" = lock-false; - "browser.newtabpage.activity-stream.feeds.section.topstories" = lock-false; - "browser.newtabpage.activity-stream.feeds.snippets" = lock-false; - "browser.newtabpage.activity-stream.section.highlights.includePocket" = lock-false; - "browser.newtabpage.activity-stream.section.highlights.includeBookmarks" = lock-false; - "browser.newtabpage.activity-stream.section.highlights.includeDownloads" = lock-false; - "browser.newtabpage.activity-stream.section.highlights.includeVisited" = lock-false; - "browser.newtabpage.activity-stream.showSponsored" = lock-false; - "browser.newtabpage.activity-stream.system.showSponsored" = lock-false; - "browser.newtabpage.activity-stream.showSponsoredTopSites" = lock-false; + "browser.bookmarks.showMobileBookmarks" = true; + "toolkit.legacyUserProfileCustomizations.stylesheets" = true; + "browser.search.suggest.enabled" = false; + "browser.search.suggest.enabled.private" = false; + "browser.urlbar.suggest.searches" = false; + "browser.urlbar.showSearchSuggestionsFirst" = false; + "browser.topsites.contile.enabled" = false; + "browser.newtabpage.activity-stream.feeds.section.topstories" = false; + "browser.newtabpage.activity-stream.feeds.snippets" = false; + "browser.newtabpage.activity-stream.section.highlights.includePocket" = false; + "browser.newtabpage.activity-stream.section.highlights.includeBookmarks" = false; + "browser.newtabpage.activity-stream.section.highlights.includeDownloads" = false; + "browser.newtabpage.activity-stream.section.highlights.includeVisited" = false; + "browser.newtabpage.activity-stream.showSponsored" = false; + "browser.newtabpage.activity-stream.system.showSponsored" = false; + "browser.newtabpage.activity-stream.showSponsoredTopSites" = false; }; search = { diff --git a/modules/home/optional/work.nix b/modules/home/optional/work.nix index dc4eeeb..c36ecb4 100644 --- a/modules/home/optional/work.nix +++ b/modules/home/optional/work.nix @@ -304,7 +304,7 @@ in "firefox_${user1}" = { name = "Firefox (${user1})"; genericName = "Firefox ${user1}"; - exec = "firefox -p ${user4}"; + exec = "firefox -p ${user1}"; inherit terminal categories icon; }; diff --git a/modules/nixos/common/packages.nix b/modules/nixos/common/packages.nix index c54d275..d544617 100644 --- a/modules/nixos/common/packages.nix +++ b/modules/nixos/common/packages.nix @@ -6,7 +6,6 @@ # yubikey packages gnupg yubikey-personalization - yubikey-personalization-gui yubico-pam yubioath-flutter yubikey-manager diff --git a/modules/nixos/common/pipewire.nix b/modules/nixos/common/pipewire.nix index 431e89a..db35a93 100644 --- a/modules/nixos/common/pipewire.nix +++ b/modules/nixos/common/pipewire.nix @@ -1,4 +1,4 @@ -{ lib, config, ... }: +{ lib, config, pkgs, ... }: { options.swarselsystems.modules.pipewire = lib.mkEnableOption "pipewire config"; config = lib.mkIf config.swarselsystems.modules.pipewire { @@ -6,6 +6,7 @@ services.pipewire = { enable = true; + package = pkgs.stable.pipewire; pulse.enable = true; jack.enable = true; audio.enable = true; diff --git a/modules/nixos/common/syncthing.nix b/modules/nixos/common/syncthing.nix index 027beb4..7d7fc94 100644 --- a/modules/nixos/common/syncthing.nix +++ b/modules/nixos/common/syncthing.nix @@ -1,4 +1,4 @@ -{ lib, config, ... }: +{ lib, config, pkgs, ... }: let inherit (config.swarselsystems) mainUser homeDir; in @@ -7,51 +7,52 @@ in config = lib.mkIf config.swarselsystems.modules.syncthing { services.syncthing = { enable = true; + package = pkgs.stable.syncthing; user = mainUser; dataDir = homeDir; configDir = "${homeDir}/.config/syncthing"; openDefaultPorts = true; + overrideDevices = true; + overrideFolders = true; settings = { + options = { + urAccepted = -1; + }; devices = { "magicant" = { id = "VMWGEE2-4HDS2QO-KNQOVGN-LXLX6LA-666E4EK-ZBRYRRO-XFEX6FB-6E3XLQO"; }; - "sync (@oracle)" = { + "sync@oracle" = { id = "ETW6TST-NPK7MKZ-M4LXMHA-QUPQHDT-VTSHH5X-CR5EIN2-YU7E55F-MGT7DQB"; }; "winters" = { id = "O7RWDMD-AEAHPP7-7TAVLKZ-BSWNBTU-2VA44MS-EYGUNBB-SLHKB3C-ZSLMOAA"; }; - "moonside (@oracle)" = { + "moonside@oracle" = { id = "VPCDZB6-MGVGQZD-Q6DIZW3-IZJRJTO-TCC3QUQ-2BNTL7P-AKE7FBO-N55UNQE"; }; }; folders = { "Default Folder" = lib.mkDefault { path = "${homeDir}/Sync"; - devices = [ "sync (@oracle)" "magicant" "winters" "moonside (@oracle)" ]; + devices = [ "sync@oracle" "magicant" "winters" "moonside@oracle" ]; id = "default"; }; "Obsidian" = { path = "${homeDir}/Nextcloud/Obsidian"; - devices = [ "sync (@oracle)" "magicant" "winters" "moonside (@oracle)" ]; + devices = [ "sync@oracle" "magicant" "winters" "moonside@oracle" ]; id = "yjvni-9eaa7"; }; "Org" = { path = "${homeDir}/Nextcloud/Org"; - devices = [ "sync (@oracle)" "magicant" "winters" "moonside (@oracle)" ]; + devices = [ "sync@oracle" "magicant" "winters" "moonside@oracle" ]; id = "a7xnl-zjj3d"; }; "Vpn" = { path = "${homeDir}/Vpn"; - devices = [ "sync (@oracle)" "magicant" "winters" "moonside (@oracle)" ]; + devices = [ "sync@oracle" "magicant" "winters" "moonside@oracle" ]; id = "hgp9s-fyq3p"; }; - ".elfeed" = { - path = "${homeDir}/.elfeed"; - devices = [ "sync (@oracle)" "magicant" "winters" "moonside (@oracle)" ]; - id = "h7xbs-fs9v1"; - }; }; }; }; diff --git a/modules/nixos/optional/gaming.nix b/modules/nixos/optional/gaming.nix index 16f0e55..eafcf65 100644 --- a/modules/nixos/optional/gaming.nix +++ b/modules/nixos/optional/gaming.nix @@ -9,32 +9,32 @@ pkgs.proton-ge-bin ]; }; - specialisation = { - gaming.configuration = { - networking = { - firewall.enable = lib.mkForce false; - firewall = { - allowedUDPPorts = [ 4380 27036 14242 34197 ]; # 34197: factorio; 4380 27036 14242: barotrauma; - allowedTCPPorts = [ ]; # 34197: factorio; 4380 27036 14242: barotrauma; 51820: wireguard - allowedTCPPortRanges = [ - { from = 27015; to = 27030; } # barotrauma - { from = 27036; to = 27037; } # barotrauma - ]; - allowedUDPPortRanges = [ - { from = 27000; to = 27031; } # barotrauma - { from = 58962; to = 58964; } # barotrauma - ]; - }; - }; + # specialisation = { + # gaming.configuration = { + # networking = { + # firewall.enable = lib.mkForce false; + # firewall = { + # allowedUDPPorts = [ 4380 27036 14242 34197 ]; # 34197: factorio; 4380 27036 14242: barotrauma; + # allowedTCPPorts = [ ]; # 34197: factorio; 4380 27036 14242: barotrauma; 51820: wireguard + # allowedTCPPortRanges = [ + # { from = 27015; to = 27030; } # barotrauma + # { from = 27036; to = 27037; } # barotrauma + # ]; + # allowedUDPPortRanges = [ + # { from = 27000; to = 27031; } # barotrauma + # { from = 58962; to = 58964; } # barotrauma + # ]; + # }; + # }; - hardware.xone.enable = true; + # hardware.xone.enable = true; - environment.systemPackages = [ - pkgs.linuxKernel.packages.linux_6_12.xone - ]; - }; - }; + # environment.systemPackages = [ + # pkgs.linuxKernel.packages.linux_6_12.xone + # ]; + # }; + # }; }; } diff --git a/modules/nixos/optional/work.nix b/modules/nixos/optional/work.nix index 3cbc8b4..611b34e 100644 --- a/modules/nixos/optional/work.nix +++ b/modules/nixos/optional/work.nix @@ -174,13 +174,13 @@ in "winters" = { id = "O7RWDMD-AEAHPP7-7TAVLKZ-BSWNBTU-2VA44MS-EYGUNBB-SLHKB3C-ZSLMOAA"; }; - "moonside (@oracle)" = { + "moonside@oracle" = { id = "VPCDZB6-MGVGQZD-Q6DIZW3-IZJRJTO-TCC3QUQ-2BNTL7P-AKE7FBO-N55UNQE"; }; folders = { "Documents" = { path = "${homeDir}/Documents"; - devices = [ "magicant" "winters" "moonside (@oracle)" ]; + devices = [ "magicant" "winters" "moonside@oracle" ]; id = "hgr3d-pfu3w"; }; }; @@ -202,14 +202,14 @@ in ]; # cgroups v1 is required for centos7 dockers - specialisation = { - cgroup_v1.configuration = { - boot.kernelParams = [ - "SYSTEMD_CGROUP_ENABLE_LEGACY_FORCE=1" - "systemd.unified_cgroup_hierarchy=0" - ]; - }; - }; + # specialisation = { + # cgroup_v1.configuration = { + # boot.kernelParams = [ + # "SYSTEMD_CGROUP_ENABLE_LEGACY_FORCE=1" + # "systemd.unified_cgroup_hierarchy=0" + # ]; + # }; + # }; }; } diff --git a/modules/nixos/server/syncthing.nix b/modules/nixos/server/syncthing.nix index 65f8a00..e430474 100644 --- a/modules/nixos/server/syncthing.nix +++ b/modules/nixos/server/syncthing.nix @@ -36,13 +36,13 @@ in "magicant" = { id = "VMWGEE2-4HDS2QO-KNQOVGN-LXLX6LA-666E4EK-ZBRYRRO-XFEX6FB-6E3XLQO"; }; - "sync (@oracle)" = { + "sync@oracle" = { id = "ETW6TST-NPK7MKZ-M4LXMHA-QUPQHDT-VTSHH5X-CR5EIN2-YU7E55F-MGT7DQB"; }; "${workHostName}" = { id = "YAPV4BV-I26WPTN-SIP32MV-SQP5TBZ-3CHMTCI-Z3D6EP2-MNDQGLP-53FT3AB"; }; - "moonside (@oracle)" = { + "moonside@oracle" = { id = "VPCDZB6-MGVGQZD-Q6DIZW3-IZJRJTO-TCC3QUQ-2BNTL7P-AKE7FBO-N55UNQE"; }; }; @@ -51,7 +51,7 @@ in path = "/Vault/data/syncthing/Sync"; type = "receiveonly"; versioning = null; - devices = [ "sync (@oracle)" "magicant" "${workHostName}" "moonside (@oracle)" ]; + devices = [ "sync@oracle" "magicant" "${workHostName}" "moonside@oracle" ]; id = "default"; }; "Obsidian" = { @@ -61,7 +61,7 @@ in type = "simple"; params.keep = "5"; }; - devices = [ "sync (@oracle)" "magicant" "${workHostName}" "moonside (@oracle)" ]; + devices = [ "sync@oracle" "magicant" "${workHostName}" "moonside@oracle" ]; id = "yjvni-9eaa7"; }; "Org" = { @@ -71,7 +71,7 @@ in type = "simple"; params.keep = "5"; }; - devices = [ "sync (@oracle)" "magicant" "${workHostName}" "moonside (@oracle)" ]; + devices = [ "sync@oracle" "magicant" "${workHostName}" "moonside@oracle" ]; id = "a7xnl-zjj3d"; }; "Vpn" = { @@ -81,7 +81,7 @@ in type = "simple"; params.keep = "5"; }; - devices = [ "sync (@oracle)" "magicant" "${workHostName}" "moonside (@oracle)" ]; + devices = [ "sync@oracle" "magicant" "${workHostName}" "moonside@oracle" ]; id = "hgp9s-fyq3p"; }; # "Documents" = { @@ -91,7 +91,7 @@ in # type = "simple"; # params.keep = "5"; # }; - # devices = [ "magicant" "${workHostName}" "moonside (@oracle)" ]; + # devices = [ "magicant" "${workHostName}" "moonside@oracle" ]; # id = "hgr3d-pfu3w"; # }; }; diff --git a/overlays/default.nix b/overlays/default.nix index dadd763..8a64d88 100644 --- a/overlays/default.nix +++ b/overlays/default.nix @@ -40,6 +40,13 @@ let }; }; + nixpkgs-kernel = final: _: { + kernel = import inputs.nixpkgs-kernel { + inherit (final) system; + config.allowUnfree = true; + }; + }; + nixpkgs-stable24_05 = final: _: { stable24_05 = import inputs.nixpkgs-stable24_05 { inherit (final) system; @@ -66,6 +73,7 @@ in (additions final prev) // (modifications final prev) // (nixpkgs-stable final prev) + // (nixpkgs-kernel final prev) // (nixpkgs-stable24_05 final prev) // (nixpkgs-stable24_11 final prev) // (zjstatus final prev)