unexplrd/nixos-blueprint
2
2
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

1769288238

Browse Source
This commit is contained in:
unexplrd
2026-01-24 22:57:18 +02:00
parent fa32ae5510
commit 84020b1572
94 changed files with 1428 additions and 1024 deletions
Download Patch File Download Diff File Expand all files Collapse all files

91
flake.lock generated
View File

@@ -130,14 +130,14 @@
"mypackages",
"nixpkgs"
],
"systems": "systems_2"
"systems": "systems"
},
"locked": {
"lastModified": 1763308703,
"narHash": "sha256-O9Y+Wer8wOh+N+4kcCK5p/VLrXyX+ktk0/s3HdZvJzk=",
"lastModified": 1767386128,
"narHash": "sha256-BJDu7dIMauO2nYRSL4aI8wDNtEm2KOb7lDKP3hxdrpo=",
"owner": "numtide",
"repo": "blueprint",
"rev": "5a9bba070f801d63e2af3c9ef00b86b212429f4f",
"rev": "0ed984d51a3031065925ab08812a5434f40b93d4",
"type": "github"
},
"original": {
@@ -548,22 +548,26 @@
"type": "gitlab"
}
},
"helium-browser": {
"helium": {
"inputs": {
"nixpkgs": [
"mypackages",
"nixpkgs"
],
"utils": "utils"
},
"locked": {
"lastModified": 1766767872,
"narHash": "sha256-3CkM0Wm8Bq3081SjfWTZ99KDlbn4qoH8TTjZ47EvHX4=",
"path": "/storage/git/helium-browser-nix-flake",
"type": "path"
"lastModified": 1769267506,
"narHash": "sha256-P3fTCv97DfUk7n3k6CCRiY7htypmIX0nZ49VGmtuCYE=",
"owner": "vikingnope",
"repo": "helium-browser-nix-flake",
"rev": "55e98df9fdaf731667d0667f64b9dda0fbbdbe14",
"type": "github"
},
"original": {
"path": "/storage/git/helium-browser-nix-flake",
"type": "path"
"owner": "vikingnope",
"repo": "helium-browser-nix-flake",
"type": "github"
}
},
"home-manager": {
@@ -1055,6 +1059,7 @@
"mypackages": {
"inputs": {
"blueprint": "blueprint_2",
"helium": "helium",
"nix-bwrapper": "nix-bwrapper",
"nixpkgs": [
"nixpkgs"
@@ -1062,8 +1067,8 @@
"zen-browser": "zen-browser"
},
"locked": {
"lastModified": 1767081883,
"narHash": "sha256-L8+rA/HCaJaDrVLRbifRyQoFANN96Y2Sq8E8Fbx+Qkc=",
"lastModified": 1769288111,
"narHash": "sha256-SC+2KCiCpWbCBiIVmqIn6NHUevuFnzy5SCEeOjMSays=",
"path": "/storage/git/packages-blueprint",
"type": "path"
},
@@ -1276,21 +1281,6 @@
"type": "github"
}
},
"nixos-facter-modules": {
"locked": {
"lastModified": 1766558141,
"narHash": "sha256-Ud9v49ZPsoDBFuyJSQ2Mpw1ZgAH/aMwUwwzrVoetNus=",
"owner": "numtide",
"repo": "nixos-facter-modules",
"rev": "e796d536e3d83de74267069e179dc620a608ed7d",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "nixos-facter-modules",
"type": "github"
}
},
"nixpkgs": {
"locked": {
"lastModified": 1766651565,
@@ -1323,22 +1313,6 @@
"type": "github"
}
},
"nixpkgs_2": {
"locked": {
"lastModified": 1766070988,
"narHash": "sha256-G/WVghka6c4bAzMhTwT2vjLccg/awmHkdKSd2JrycLc=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "c6245e83d836d0433170a16eb185cefe0572f8b8",
"type": "github"
},
"original": {
"owner": "nixos",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nur": {
"inputs": {
"flake-parts": [
@@ -1484,7 +1458,6 @@
"disko": "disko",
"dms": "dms",
"ghostty": "ghostty",
"helium-browser": "helium-browser",
"home-manager": "home-manager",
"hyprland": "hyprland",
"hyprsunset": "hyprsunset",
@@ -1496,14 +1469,12 @@
"nix-flatpak": "nix-flatpak",
"nix-index-database": "nix-index-database",
"nixos-cosmic": "nixos-cosmic",
"nixos-facter-modules": "nixos-facter-modules",
"nixpkgs": "nixpkgs",
"nixpkgs-stable": "nixpkgs-stable",
"sops-nix": "sops-nix",
"stylix": "stylix",
"systems": "systems_5",
"vicinae": "vicinae",
"zen-browser": "zen-browser_2",
"zmx": "zmx"
}
},
@@ -1840,7 +1811,7 @@
},
"utils": {
"inputs": {
"systems": "systems"
"systems": "systems_2"
},
"locked": {
"lastModified": 1731533236,
@@ -1961,29 +1932,11 @@
]
},
"locked": {
"lastModified": 1766377218,
"narHash": "sha256-y3g3OqPB0tmRjbHJNnJKivSQRtAJR+/9S1xbxBWEatg=",
"lastModified": 1769228180,
"narHash": "sha256-94KY0JNjdd3CcSyKlHPCPswlqmUrWT6+MfOHektsdB8=",
"owner": "youwen5",
"repo": "zen-browser-flake",
"rev": "2f61341b32dd69c07e147188e67e09ba2bb99c33",
"type": "github"
},
"original": {
"owner": "youwen5",
"repo": "zen-browser-flake",
"type": "github"
}
},
"zen-browser_2": {
"inputs": {
"nixpkgs": "nixpkgs_2"
},
"locked": {
"lastModified": 1766377218,
"narHash": "sha256-y3g3OqPB0tmRjbHJNnJKivSQRtAJR+/9S1xbxBWEatg=",
"owner": "youwen5",
"repo": "zen-browser-flake",
"rev": "2f61341b32dd69c07e147188e67e09ba2bb99c33",
"rev": "ef1663c14b7c3c2b84bcf140232534be5a2a0257",
"type": "github"
},
"original": {

5
flake.nix
View File

@@ -20,16 +20,14 @@
nix-flatpak.url = "github:gmodena/nix-flatpak";
nix-index-database.url = "github:nix-community/nix-index-database";
nixos-cosmic.url = "github:lilyinstarlight/nixos-cosmic";
nixos-facter-modules.url = "github:numtide/nixos-facter-modules";
# nixos-facter-modules.url = "github:numtide/nixos-facter-modules";
nixpkgs-stable.url = "github:nixos/nixpkgs/nixos-25.11";
nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable";
sops-nix.url = "github:mic92/sops-nix";
stylix.url = "github:danth/stylix";
systems.url = "github:nix-systems/default";
vicinae.url = "github:vicinaehq/vicinae";
zen-browser.url = "github:youwen5/zen-browser-flake";
zmx.url = "github:brittonr/zmx";
helium-browser.url = "path:/storage/git/helium-browser-nix-flake";
# the absolute horror of input deduplication
blueprint.inputs.nixpkgs.follows = "nixpkgs";
@@ -67,7 +65,6 @@
vicinae.inputs.nixpkgs.follows = "nixpkgs";
vicinae.inputs.systems.follows = "systems";
zmx.inputs.zig2nix.inputs.nixpkgs.follows = "nixpkgs";
helium-browser.inputs.nixpkgs.follows = "nixpkgs";
};
outputs = inputs: inputs.blueprint {inherit inputs;};

59
hosts/dunamis/configuration.nix
View File

@@ -4,12 +4,40 @@
lib,
...
}: {
imports = with inputs.self;
[modules.shared.nixos nixosModules.desktop nixosModules.system]
++ [./disko ./misc];
imports = with inputs; [
nix-bwrapper.nixosModules.default
self.modules.nixosPrograms.libvirt
# self.modules.nixosPrograms.opentabletdriver
self.modules.nixosPrograms.podman
# self.modules.nixosPrograms.qmk-vial
# self.modules.nixosPrograms.steam-bwrapped
self.nixosModules.desktop
self.nixosModules.shared
./disk.nix
./misc
./steam.nix
];
# overlays = [
# nix-bwrapper.overlays.default # provides `mkBwrapper`
# ];
# time.hardwareClockInLocalTime = true;
#
networking.firewall.allowedTCPPortRanges = [
{
from = 30000;
to = 65000;
}
];
desktop.dms.enable = true;
programs.corectrl.enable = true;
# programs.ydotool.enable = true;
# users.users.user.extraGroups = ["ydotool"];
services.displayManager.autoLogin = {
enable = true;
user = "user";
@@ -20,19 +48,16 @@
package = pkgs.mullvad-vpn;
};
module = (
lib.attrsets.recursiveUpdate
(builtins.fromTOML (builtins.readFile ./host.toml))
{
stylix = {
enable = true;
theme = "ashes";
polarity = "dark";
};
misc.opentabletdriver.enable = false;
misc.qmk-vial.enable = true;
virt.libvirt.enable = true;
virt.podman.enable = true;
}
unexplrd = (
lib.mkMerge [
(builtins.fromTOML (builtins.readFile ./host.toml))
{
stylix = {
enable = true;
theme = "tomorrow";
polarity = "dark";
};
}
]
);
}

45
hosts/dunamis/disk.nix Normal file
View File

@@ -0,0 +1,45 @@
{
config,
# inputs,
...
}: let
disk = "/dev/disk/by-uuid/fe586da4-b164-4362-bcdf-9c5dd6c69a2b";
luksName = "luks-${config.networking.hostId}";
in rec {
boot.initrd.luks.devices."${luksName}".device = disk;
fileSystems = {
"/boot" = {
device = "/dev/disk/by-uuid/976C-7EE6";
fsType = "vfat";
options = ["fmask=0077" "dmask=0077"];
};
"/tmp" = {
device = "none";
fsType = "tmpfs";
options = ["rw" "nosuid" "nodev"];
};
"/" = {
device = "/dev/mapper/${luksName}";
fsType = "btrfs";
options = ["subvol=@nixos-root"];
};
"/nix" = {
inherit (fileSystems."/") device fsType;
options = ["subvol=@nix" "noatime"];
};
"/storage" = {
inherit (fileSystems."/") device fsType;
options = ["subvol=@storage"];
};
"/home" = {
inherit (fileSystems."/") device fsType;
options = ["subvol=@home"];
};
};
}

19
hosts/dunamis/disko/default.nix
View File

@@ -1,19 +0,0 @@
{
config,
inputs,
...
}: let
inherit (config.networking) hostId;
disk = "/dev/disk/by-id/nvme-eui.000000000000000100a075244b5d6185";
in {
imports = with inputs; [
disko.nixosModules.disko
];
disko.devices.nodev = {
"/tmp" = {
fsType = "tmpfs";
mountOptions = ["rw" "nosuid" "nodev"];
};
};
disko.devices.disk.main = import ./disk-main.nix {inherit disk hostId;};
}

62
hosts/dunamis/disko/disk-main.nix
View File

@@ -1,62 +0,0 @@
{
disk,
hostId,
}: {
type = "disk";
device = disk;
content = {
type = "gpt";
partitions = {
ESP = {
size = "2G";
type = "EF00";
content = {
type = "filesystem";
format = "vfat";
mountpoint = "/boot";
mountOptions = [
"umask=0077"
"fmask=0022"
"dmask=0022"
"noexec"
"nosuid"
"nodev"
];
};
};
luks = {
size = "100%";
content = {
type = "luks";
name = "luks-" + hostId;
initrdUnlock = true;
settings.allowDiscards = true;
content = let
mountOptions = ["autodefrag" "compress-force=zstd" "noatime"];
in {
type = "btrfs";
extraArgs = ["-f"];
subvolumes = {
"@nixos-root" = {
mountpoint = "/";
mountOptions = mountOptions ++ ["noexec"];
};
"@home" = {
mountpoint = "/home";
inherit mountOptions;
};
"@storage" = {
mountpoint = "/storage";
inherit mountOptions;
};
"@nix" = {
mountpoint = "/nix";
inherit mountOptions;
};
};
};
};
};
};
};
}

2
hosts/dunamis/host.toml
View File

@@ -7,6 +7,6 @@ stateVersion = "24.11"
[config]
locale = "uk_UA.UTF-8"
timeZone = "Europe/Kyiv"
# secureBoot = true
secureBoot = true
tpmDiskUnlock = true

32
hosts/dunamis/misc/audio-group.nix Normal file
View File

@@ -0,0 +1,32 @@
{
security.pam.loginLimits = [
{
domain = "@audio";
item = "memlock";
type = "-";
value = "unlimited";
}
{
domain = "@audio";
item = "rtprio";
type = "-";
value = "99";
}
{
domain = "@audio";
item = "nofile";
type = "soft";
value = "99999";
}
{
domain = "@audio";
item = "nofile";
type = "hard";
value = "99999";
}
];
users = {
groups.audio = {};
users.user.extraGroups = ["audio"];
};
}

48
hosts/dunamis/misc/default.nix
View File

@@ -1,6 +1,50 @@
{
imports = [
# ./minecraft.nix
# ./nix-ssh-serve.nix
./audio-group.nix
./lact.nix
./monkeytype.nix
./nix-ssh-serve.nix
];
services.monkeytype = {
enable = false;
httpPort = 25001;
backendPort = 25002;
settings.configuration = {
results = {
savingEnabled = true;
};
users = {
signUp = false;
profiles = {
enabled = false;
};
};
dailyLeaderboards = {
enabled = true;
leaderboardExpirationTimeInDays = 15;
validModeRules = [
{
language = "english";
mode = "time";
mode2 = "15";
}
{
language = "english";
mode = "time";
mode2 = "30";
}
{
language = "english";
mode = "time";
mode2 = "60";
}
];
};
leaderboards = {
minTimeTyping = 0;
};
};
};
}

19
hosts/dunamis/misc/lact.nix Normal file
View File

@@ -0,0 +1,19 @@
{
services.lact.enable = true;
# services.lact.settings = {
# version = 5;
# daemon = {
# log_level = "info";
# admin_group = "lact";
# disable_clocks_cleanup = false;
# apply_settings_timer = 5;
# current_profile = null;
# auto_switch_profiles = false;
# };
# }; # read-only config == can't write settings from lact gui
systemd.tmpfiles.rules = ["Z /run/lactd.sock 0660 root lact - -"];
users.groups.lact.members = ["user"];
hardware.amdgpu.overdrive.enable = true;
boot.kernelParams = ["amdgpu.ppfeaturemask=0xffffffff"];
}

187
hosts/dunamis/misc/monkeytype.nix Normal file
View File

@@ -0,0 +1,187 @@
{
pkgs,
lib,
config,
...
}: let
cfg = config.services.monkeytype;
in {
options = {
services.monkeytype = {
enable = lib.mkEnableOption "Enable monkeytype";
settings = lib.mkOption {
# type = lib.types.set;
default = {};
};
httpPort = lib.mkOption {
type = lib.types.int;
default = 8080;
};
backendPort = lib.mkOption {
type = lib.types.int;
default = 5005;
};
frontendUrl = lib.mkOption {
type = lib.types.str;
default = "http://localhost";
};
backendUrl = lib.mkOption {
type = lib.types.str;
default = "http://localhost";
};
containerName = lib.mkOption {
type = lib.types.str;
default = "monkeytype";
};
};
};
config = let
backend-conf =
if (cfg.settings != {})
then (pkgs.formats.json {}).generate "${cfg.containerName}-backend-configuration" cfg.settings
else null;
environment = {
MONKEYTYPE_FRONTENDURL =
if (cfg.frontendUrl == "http://localhost")
then "${cfg.frontendUrl}:${toString cfg.httpPort}"
else "${cfg.frontendUrl}";
MONKEYTYPE_BACKENDURL = "${cfg.backendUrl}:${toString cfg.backendPort}";
};
in
lib.mkIf cfg.enable {
virtualisation = {
oci-containers.backend = "podman";
podman = {
enable = true;
autoPrune.enable = true;
dockerCompat = true;
};
};
# Enable container name DNS for all Podman networks.
networking.firewall.interfaces = let
matchAll =
if !config.networking.nftables.enable
then "podman+"
else "podman*";
in {
"${matchAll}".allowedUDPPorts = [53];
};
virtualisation.oci-containers.containers = {
# Containers
"${cfg.containerName}-backend" = {
image = "monkeytype/monkeytype-backend:latest";
environment =
environment
// {
"DB_NAME" = "${cfg.containerName}";
"DB_URI" = "mongodb://${cfg.containerName}-mongodb:27017";
"REDIS_URI" = "redis://${cfg.containerName}-redis:6379";
};
volumes = lib.optionals (backend-conf != null) ["${backend-conf}:/app/backend/dist/backend-configuration.json:ro"];
ports = ["${toString cfg.backendPort}:5005/tcp"];
dependsOn = ["${cfg.containerName}-mongodb" "${cfg.containerName}-redis"];
log-driver = "journald";
extraOptions = [
"--health-cmd=[\"nc\", \"-z\", \"-v\", \"localhost\", \"5005\"]"
"--health-interval=5s"
"--health-retries=15"
"--health-start-period=5s"
"--health-timeout=10s"
"--network-alias=${cfg.containerName}-backend"
"--network=${cfg.containerName}_default"
];
};
"${cfg.containerName}-frontend" = {
image = "monkeytype/monkeytype-frontend:latest";
inherit environment;
ports = ["${toString cfg.httpPort}:80/tcp"];
dependsOn = ["${cfg.containerName}-backend"];
log-driver = "journald";
extraOptions = ["--network-alias=${cfg.containerName}-frontend" "--network=${cfg.containerName}_default"];
};
"${cfg.containerName}-mongodb" = {
image = "mongo:5.0.13";
volumes = ["${cfg.containerName}_mongo_data:/data/db:rw"];
log-driver = "journald";
extraOptions = [
"--health-cmd=echo 'db.stats().ok' | mongo localhost:27017/test --quiet"
"--health-interval=5s"
"--health-retries=15"
"--health-start-period=10s"
"--health-timeout=10s"
"--network-alias=${cfg.containerName}-mongodb"
"--network=${cfg.containerName}_default"
];
};
"${cfg.containerName}-redis" = {
image = "redis:6.2.6";
volumes = ["${cfg.containerName}_redis_data:/data:rw"];
log-driver = "journald";
extraOptions = [
"--health-cmd=[\"redis-cli\", \"--raw\", \"incr\", \"ping\"]"
"--health-interval=5s"
"--health-retries=15"
"--health-start-period=10s"
"--health-timeout=10s"
"--network-alias=${cfg.containerName}-redis"
"--network=${cfg.containerName}_default"
];
};
};
systemd.services = let
path = [pkgs.podman];
serviceConfig.Restart = lib.mkOverride 90 "on-failure";
after = ["podman-network-${cfg.containerName}_default.service"];
requires = ["podman-network-${cfg.containerName}_default.service"];
partOf = ["podman-compose-${cfg.containerName}-root.target"];
wantedBy = ["podman-compose-${cfg.containerName}-root.target"];
in {
"podman-${cfg.containerName}-backend" = {inherit serviceConfig after requires partOf wantedBy;};
"podman-${cfg.containerName}-frontend" = {inherit serviceConfig after requires partOf wantedBy;};
"podman-${cfg.containerName}-mongodb" = {
inherit serviceConfig partOf wantedBy;
after = after ++ ["podman-volume-${cfg.containerName}_mongo_data.service"];
requires = requires ++ ["podman-volume-${cfg.containerName}_mongo_data.service"];
};
"podman-${cfg.containerName}-redis" = {
inherit serviceConfig partOf wantedBy;
after = after ++ ["podman-volume-${cfg.containerName}_redis_data.service"];
requires = requires ++ ["podman-volume-${cfg.containerName}_redis_data.service"];
};
"podman-network-${cfg.containerName}_default" = {
inherit path partOf wantedBy;
serviceConfig.Type = "oneshot";
serviceConfig.RemainAfterExit = true;
serviceConfig.ExecStop = "podman network rm -f ${cfg.containerName}_default";
script = ''
podman network inspect ${cfg.containerName}_default || podman network create ${cfg.containerName}_default
'';
};
"podman-volume-${cfg.containerName}_mongo_data" = {
inherit path partOf wantedBy;
serviceConfig.Type = "oneshot";
serviceConfig.RemainAfterExit = true;
script = ''
podman volume inspect ${cfg.containerName}_mongo_data || podman volume create ${cfg.containerName}_mongo_data
'';
};
"podman-volume-${cfg.containerName}_redis_data" = {
inherit path partOf wantedBy;
serviceConfig.Type = "oneshot";
serviceConfig.RemainAfterExit = true;
script = ''
podman volume inspect ${cfg.containerName}_redis_data || podman volume create ${cfg.containerName}_redis_data
'';
};
};
systemd.targets."podman-compose-${cfg.containerName}-root" = {
unitConfig.Description = "Root target generated by compose2nix.";
wantedBy = ["multi-user.target"];
};
};
}

14
hosts/dunamis/misc/nix-ssh-serve.nix Normal file
View File

@@ -0,0 +1,14 @@
{config, ...}: let
inherit (builtins) readFile;
inherit (config.users.users) user;
in {
nix = {
sshServe = {
enable = true;
keys = map (f: readFile f) user.openssh.authorizedKeys.keyFiles;
protocol = "ssh-ng";
trusted = true;
write = true;
};
};
}

16
hosts/dunamis/misc/user-uni.nix Normal file
View File

@@ -0,0 +1,16 @@
{
config,
pkgs,
...
}: {
users.groups.uni = {};
users.users.uni = {
createHome = true;
home = "/home/uni";
isNormalUser = true;
group = "uni";
extraGroups = ["nix" "users"];
hashedPasswordFile = config.sops.secrets."user-password-hashed".path;
shell = pkgs.fish;
};
}

9
hosts/dunamis/rebuild-with-x86_64-v3.nix
View File

@@ -1,9 +0,0 @@
let
gcc.arch = "x86-64-v3";
in {
nix.settings.system-features = ["gccarch-${gcc.arch}"];
nixpkgs.hostPlatform = {
system = "x86_64-linux";
inherit gcc;
};
}

41
hosts/dunamis/steam.nix Normal file
View File

@@ -0,0 +1,41 @@
{
pkgs,
perSystem,
...
}: {
programs = {
gamescope.enable = true;
gamescope.capSysNice = true;
gamemode.enable = true;
steam.enable = true;
steam.package = perSystem.mypackages.steam-bwrapped.override {
unfreePkgs = ["steam" "steam-unwrapped"];
addPkgs = let
runtimeInputs = with pkgs; [mangohud gamemode gamescope];
in
runtimeInputs
++ [
(pkgs.writeShellApplication {
name = "mygamescope";
inherit runtimeInputs;
text = ''
export LD_PRELOAD=""
export PROTON_ENABLE_WAYLAND=1
export DXVK_ALLOWFSE=true
export DXVK_HUD=compiler
gamescope -H 1440 -r 170 -f \
--adaptive-sync \
--rt \
--force-grab-cursor \
--mangoapp \
"$@"
'';
})
];
bwrapperOpts.mounts.readWrite = ["/storage/games/steam"];
};
};
}

1
hosts/dunamis/uni/home-configuration.nix Normal file
View File

@@ -0,0 +1 @@
{flake, ...}: {imports = [flake.modules.users.uni];}

9
hosts/dunamis/users/user/home-configuration.nix
View File

@@ -1 +1,8 @@
{flake, ...}: {imports = [flake.modules.users.user];}
{
flake,
lib,
...
}: {
imports = [flake.modules.users.user];
# programs.niri.settings.input.keyboard.xkb.variant = lib.mkForce "colemak_dh,";
}

2
hosts/eldrid/configuration.nix
View File

@@ -1,7 +1,7 @@
{inputs, ...}: {
imports = with inputs; [
self.modules.shared.nixos
self.nixosModules.desktop
self.nixosModules.shared
self.nixosModules.system
./disko
./hardware

4
hosts/legion/configuration.nix
View File

@@ -7,14 +7,14 @@
}: {
imports = with flake;
[
modules.shared.nixos
nixosModules.desktop
nixosModules.shared
# nixosModules.system
]
++ (with inputs; [
nix-bwrapper.nixosModules.default
])
++ (with inputs.self.modules.programs-nixos; [
++ (with inputs.self.modules.nixosPrograms; [
# opentabletdriver
# qmk-vial
libvirt

37
hosts/morphius/configuration.nix
View File

@@ -1,20 +1,14 @@
{inputs, ...}: {
imports = with inputs; [
self.nixosModules.desktop
self.nixosModules.system
self.modules.shared.nixos
./disko
./hardware
./misc
];
networking = {
hostId = "bd1b5837";
hostName = "morphius";
};
system.stateVersion = "25.11";
time.timeZone = "Europe/Kyiv";
imports = with inputs;
[
self.nixosModules.desktop
self.nixosModules.shared
self.nixosModules.system
./disko
./hardware
./misc
]
++ [inputs.nix-bwrapper.nixosModules.default];
desktop.gnome.enable = true;
@@ -31,17 +25,24 @@
];
module = {
host = {
id = "bd1b5837";
name = "morphius";
type = "laptop";
stateVersion = "25.11";
};
config = {
secureBoot = true;
# secureBoot = true;
tpmDiskUnlock = true;
powerSave = true;
useIwd = true;
vaapi = "intel-media-driver";
locale = "uk_UA.UTF-8";
timeZone = "Europe/Kyiv";
};
stylix = {
enable = true;
theme = "sandcastle";
};
locale = "uk_UA.UTF-8";
};
}

2
hosts/sarien/configuration.nix
View File

@@ -1,8 +1,8 @@
{inputs, ...}: {
imports = with inputs; [
self.nixosModules.desktop
self.nixosModules.shared
self.nixosModules.system
self.modules.shared.nixos
./disko
./hardware
./misc

4
justfile
View File

@@ -34,6 +34,10 @@ build:
switch:
{{privesc}} nixos-rebuild switch --flake {{flake_path}}
[group('nix')]
boot:
{{privesc}} nixos-rebuild boot --flake {{flake_path}}
# Update and switch
[group('nix')]
update:

10
modules/home/desktop/cosmic/config/dconf.nix Normal file
View File

@@ -0,0 +1,10 @@
{
dconf.settings = {
"org/gnome/desktop/wm/preferences" = {
button-layout = "icon:minimize,maximize,close";
};
# "org/gnome/desktop/interface" = {
# icon-theme = config.gtk.iconTheme.name;
# };
};
}

15
modules/home/desktop/cosmic/config/default.nix Normal file
View File

@@ -0,0 +1,15 @@
{
lib,
importWithArgs,
...
}:
lib.mkMerge [
(import ./dconf.nix)
(importWithArgs ./mimeapps.nix)
(importWithArgs ./packages.nix)
# (importWithArgs ./programs/niri.nix)
# (import ./programs/satty.nix)
(importWithArgs ./programs/wl-kbptr.nix)
(importWithArgs ./services.nix)
(importWithArgs ./stylix.nix)
]

54
modules/home/desktop/cosmic/config/mimeapps.nix Normal file
View File

@@ -0,0 +1,54 @@
{
# config,
# lib,
pkgs,
...
}: {
home.packages = with pkgs; [
browsers # app chooser in rust (and without bugs)
celluloid # mpv gui in libadwaita
file-roller # archive manager
gnome-text-editor
helvum # pipewire patchbay in rust
# junction # app chooser
loupe # image viewer and editor in rust
nautilus # file manager
papers # pdf reader in rust
];
xdg = {
configFile."mimeapps.list".force = true;
mime.enable = true;
mimeApps = {
enable = true;
defaultApplications = let
archive_manager = ["org.gnome.FileRoller.desktop"];
file_manager = ["org.gnome.Nautilus.desktop"];
image_viewer = ["org.gnome.Loupe.desktop"];
pdf_reader = ["org.gnome.Papers.desktop"];
video_player = ["io.github.celluloid_player.Celluloid.desktop"];
web_browser = ["software.Browsers.desktop"];
in {
# TODO: add text/ mimetypes for gnome-editor
"application/pdf" = pdf_reader;
"application/vnd.rar" = archive_manager;
"application/x-7z-compressed" = archive_manager;
"application/x-bzip2-compressed-tar" = archive_manager;
"application/x-compressed-tar" = archive_manager;
"application/x-xz-compressed-tar" = archive_manager;
"application/zip" = archive_manager;
"image/jpeg" = image_viewer;
"image/png" = image_viewer;
"inode/directory" = file_manager;
"text/html" = web_browser;
"video/mp4" = video_player;
"video/mpeg" = video_player;
"video/x-matroska" = video_player;
"video/x-mpeg" = video_player;
"x-scheme-handler/about" = web_browser;
"x-scheme-handler/http" = web_browser;
"x-scheme-handler/https" = web_browser;
"x-scheme-handler/unknown" = web_browser;
};
};
};
}

9
modules/home/desktop/cosmic/config/packages.nix Normal file
View File

@@ -0,0 +1,9 @@
{pkgs, ...}: {
home.packages = with pkgs; [
# gui libadwaita utilities
helvum # pipewire patchbay in rust
pwvucontrol # pipewire gui in rust
wdisplays # wlroots display configurator
wlrctl
];
}

7
modules/home/desktop/cosmic/config/programs/default.nix Normal file
View File

@@ -0,0 +1,7 @@
{
imports = [
# ./niri.nix
# ./satty.nix
./wl-kbptr.nix
];
}

423
modules/home/desktop/cosmic/config/programs/niri.nix Normal file
View File

@@ -0,0 +1,423 @@
{
config,
lib,
pkgs,
perSystem,
...
}:
with lib; let
binds = {
suffixes,
prefixes,
substitutions ? {},
}: let
replacer = replaceStrings (attrNames substitutions) (attrValues substitutions);
format = prefix: suffix: let
actual-suffix =
if isList suffix.action
then {
action = head suffix.action;
args = tail suffix.action;
}
else {
inherit (suffix) action;
args = [];
};
action = replacer "${prefix.action}-${actual-suffix.action}";
in {
name = "${prefix.key}+${suffix.key}";
value.action.${action} = actual-suffix.args;
};
pairs = attrs: fn:
concatMap (
key:
fn {
inherit key;
action = attrs.${key};
}
) (attrNames attrs);
in
listToAttrs (pairs prefixes (prefix: pairs suffixes (suffix: [(format prefix suffix)])));
in {
programs.niri.settings = {
environment = {
DMS_SCREENSHOT_EDITOR = "satty";
ELECTRON_OZONE_PLATFORM_HINT = "auto";
QT_QPA_PLATFORM = "wayland";
QT_QPA_PLATFORMTHEME = "gtk3";
QT_QPA_PLATFORMTHEME_QT6 = "gtk3";
XDG_CURRENT_DESKTOP = "niri";
};
input = {
keyboard = {
xkb = {
layout = "us,ua";
variant = "colemak_dh_ortho,";
};
repeat-delay = 200;
repeat-rate = 50;
track-layout = "window";
};
mouse = {
accel-speed = 0.0;
accel-profile = "flat";
};
touchpad = {
tap = true;
dwt = true;
natural-scroll = true;
click-method = "clickfinger";
};
tablet.map-to-output = "eDP-1";
touch.map-to-output = "eDP-1";
};
animations.enable = true;
animations.slowdown = 0.4;
clipboard.disable-primary = true;
hotkey-overlay.skip-at-startup = true;
prefer-no-csd = true;
xwayland-satellite.path = lib.getExe perSystem.xwst.xwayland-satellite;
overview.workspace-shadow.enable = false;
# TODO: enable when implemented in github:sodiboo/niri-flake
# recent-windows.highlight.corner-radius = 12;
screenshot-path = "${config.xdg.userDirs.pictures}/screenshots/screenshot-%Y-%m-%d-%H-%M-%S.png";
layout = {
gaps = 3;
struts.left = 32;
struts.right = 32;
always-center-single-column = true;
center-focused-column = "on-overflow";
# default-column-display = "tabbed";
empty-workspace-above-first = true;
default-column-width.proportion = 2.0 / 3.0;
preset-column-widths = [
{proportion = 1.0 / 3.0;}
{proportion = 1.0 / 2.0;}
{proportion = 2.0 / 3.0;}
];
background-color = "transparent";
border.enable = true;
border.width = 1;
focus-ring.enable = false;
shadow.enable = false;
tab-indicator = let
i = 4;
in {
position = "bottom";
gaps-between-tabs = i;
corner-radius = i;
width = i;
place-within-column = true;
# hide-when-single-tab = true;
# place-within-column = true;
};
};
binds = with config.lib.niri.actions; let
dms-ipc = spawn "dms" "ipc";
sh = spawn "sh" "-c";
focus = spawn "wlrctl" "window" "focus";
focus-meet = pkgs.writeShellApplication {
name = "focus-zen-google-meet";
runtimeInputs = with pkgs; [wlrctl jq gnugrep config.programs.niri.package];
text = ''
wlrctl window focus app_id:app.zen_browser.zen \
title:"$(niri msg --json windows \
| jq -r '.[].title' \
| grep -E 'Meet: "[a-zA-Z0-9-]+?"')"
'';
};
focus-equicord = pkgs.writeShellApplication {
name = "focus-equicord";
runtimeInputs = with pkgs; [wlrctl jq gnugrep config.programs.niri.package];
text = ''
wlrctl window focus app_id:equibop \
title:"$(niri msg --json windows \
| jq -r '.[].title' \
| grep -E 'Meet: "[a-zA-Z0-9-]+?"')"
'';
};
in
lib.attrsets.mergeAttrsList [
{
"Mod+Shift+Slash".action = show-hotkey-overlay;
"Mod+Tab".action = focus-workspace-previous;
"Mod+C".action = center-column;
"Mod+Q".action = close-window;
"Mod+M".action = maximize-column;
"Mod+Ctrl+M".action = fullscreen-window;
"Mod+Shift+M".action = maximize-window-to-edges;
"Mod+Ctrl+Shift+M".action = toggle-windowed-fullscreen;
"Mod+S".action = set-column-width "50%";
"Mod+Shift+S".action = set-column-width "33%";
"Mod+Ctrl+S".action = set-column-width "67%";
"Mod+T" = {action = toggle-column-tabbed-display;};
"Mod+F".action = switch-focus-between-floating-and-tiling;
"Mod+Ctrl+F".action = toggle-window-floating;
"Mod+Ctrl+Comma".action = consume-or-expel-window-left;
"Mod+Ctrl+Period".action = consume-or-expel-window-right;
"Mod+Minus".action = set-column-width "-10%";
"Mod+Equal".action = set-column-width "+10%";
"Mod+Plus".action = set-column-width "+10%";
"Mod+Shift+Minus".action = set-window-height "-10%";
"Mod+Shift+Plus".action = set-window-height "+10%";
"Print".action = dms-ipc "niri" "screenshot";
"Ctrl+Print".action = dms-ipc "niri" "screenshotScreen";
"Shift+Print".action = dms-ipc "niri" "screenshotWindow";
"Mod+Space" = {action = switch-layout "next";};
"Mod+Ctrl+Space" = {
repeat = false;
action = toggle-overview;
};
"Mod+Return" = {action = sh "$TERMINAL";};
"Mod+R".action = sh "wl-kbptr -o modes=floating,click";
"Mod+Ctrl+R".action = sh "while wl-kbptr -o modes=split,click; do :; done";
"Mod+Shift+R".action = sh "wl-kbptr -o modes=tile,bisect,click";
"Super+Alt+G".action = spawn "${lib.getExe focus-meet}";
"Super+Alt+G".hotkey-overlay.title = "Focus Google Meet";
"Super+Alt+U".action = focus "app.zen_browser.zen" "state:inactive";
"Super+Alt+B".action = focus "io.github.ungoogled_software.ungoogled_chromium" "state:inactive";
"Super+Alt+D".action = focus "equibop";
"Super+Alt+T".action = focus "io.github.kukuruzka165.materialgram";
"Mod+D" = {
action = spawn "vicinae" "toggle";
hotkey-overlay.title = "Toggle Application Launcher";
};
# "Mod+N" = {
# action = dms-ipc "notifications" "toggle";
# hotkey-overlay.title = "Toggle Notification Center";
# };
# "Mod+Comma" = {
# action = dms-ipc "settings" "toggle";
# hotkey-overlay.title = "Toggle Settings";
# };
# "Mod+P" = {
# action = dms-ipc "notepad" "toggle";
# hotkey-overlay.title = "Toggle Notepad";
# };
"Mod+Ctrl+L" = {
action = dms-ipc "lock" "lock";
hotkey-overlay.title = "Toggle Lock Screen";
};
"Mod+Ctrl+Q" = {
action = dms-ipc "powermenu" "toggle";
hotkey-overlay.title = "Toggle Power Menu";
};
"XF86AudioRaiseVolume" = {
allow-when-locked = true;
action = dms-ipc "audio" "increment" "3";
};
"XF86AudioLowerVolume" = {
allow-when-locked = true;
action = dms-ipc "audio" "decrement" "3";
};
"XF86AudioMute" = {
allow-when-locked = true;
action = dms-ipc "audio" "mute";
};
"Shift+XF86AudioMute" = {
allow-when-locked = true;
action = dms-ipc "audio" "micmute";
};
"XF86AudioMicMute" = {
allow-when-locked = true;
action = dms-ipc "audio" "micmute";
};
"XF86AudioPlay".action = dms-ipc "mpris" "playPause";
"XF86AudioPause".action = dms-ipc "mpris" "pause";
"XF86AudioPrev".action = dms-ipc "mpris" "previous";
"XF86AudioNext".action = dms-ipc "mpris" "next";
"Mod+Alt+N" = {
allow-when-locked = true;
action = dms-ipc "night" "toggle";
hotkey-overlay.title = "Toggle Night Mode";
};
"Mod+V" = {
action = spawn "vicinae" "vicinae://extensions/vicinae/clipboard/history";
hotkey-overlay.title = "Toggle Clipboard Manager";
};
"XF86MonBrightnessUp" = {
allow-when-locked = true;
action = dms-ipc "brightness" "increment" "5" "";
};
"XF86MonBrightnessDown" = {
allow-when-locked = true;
action = dms-ipc "brightness" "decrement" "5" "";
};
}
(let
left = "N";
down = "E";
up = "I";
right = "O";
in
binds rec {
suffixes = {
"Left" = "column-left";
"Down" = "window-or-workspace-down";
"Up" = "window-or-workspace-up";
"Right" = "column-right";
${left} = suffixes."Left";
${down} = suffixes."Down";
${up} = suffixes."Up";
${right} = suffixes."Right";
};
prefixes = {
"Mod" = "focus";
"Mod+Ctrl" = "move";
"Mod+Shift" = "focus-monitor";
"Mod+Shift+Ctrl" = "move-window-to-monitor";
};
substitutions = {
"monitor-column" = "monitor";
"monitor-window-or-workspace" = "monitor";
"move-window-or-workspace" = "move-window";
};
})
# {
# "Mod+V".action = switch-focus-between-floating-and-tiling;
# "Mod+Shift+V".action = toggle-window-floating;
# }
(binds {
suffixes."Home" = "first";
suffixes."End" = "last";
prefixes."Mod" = "focus-column";
prefixes."Mod+Ctrl" = "move-column-to";
})
(binds {
# PageDown and PageUp
suffixes."Prior" = "workspace-up";
suffixes."Next" = "workspace-down";
suffixes."WheelScrollUp" = "workspace-up";
suffixes."WheelScrollDown" = "workspace-down";
prefixes."Mod" = "focus";
prefixes."Mod+Ctrl" = "move-column-to";
prefixes."Mod+Shift" = "move";
})
(binds {
suffixes = builtins.listToAttrs (
map (n: {
name = toString n;
value = [
"workspace"
(n + 1)
]; # workspace 1 is empty; workspace 2 is the logical first.
}) (range 1 9)
);
prefixes."Mod" = "focus";
prefixes."Mod+Ctrl" = "move-window-to";
})
];
window-rules = [
{
clip-to-geometry = true;
geometry-corner-radius = let
r = 12.0;
in {
top-left = r;
top-right = r;
bottom-left = r;
bottom-right = r;
};
}
# {
# matches = [{is-active = false;}];
# draw-border-with-background = false;
# opacity = 0.9;
# }
{
matches = [
{title = "Picture-in-Picture";}
{title = "Картинка в картинці";}
{
# telegram's picture-in-picture mode
app-id = "io.github.kukuruzka165.materialgram";
title = "materialgram";
}
];
open-floating = true;
}
# {
# matches = [
# {
# # telegram's picture-in-picture mode
# app-id = "io.github.kukuruzka165.materialgram";
# title = "materialgram";
# }
# ];
# }
{
matches = [
{app-id = "re.sonny.Junction";}
{app-id = "com.github.hluk.copyq";}
{title = "Zen - Choose User Profile";}
];
open-floating = true;
open-focused = true;
}
{
matches = [
{app-id = "org.keepassxc.KeePassXC";}
{app-id = "org.gnome.World.Secrets";}
{app-id = "Bitwarden";}
{app-id = "io.github.kukuruzka165.materialgram";}
{app-id = "org.telegram.desktop";}
{app-id = "org.signal.Signal";}
{app-id = "WebCord";}
{app-id = "equibop";}
];
block-out-from = "screencast";
}
{
matches = [
{app-id = "Alacritty";}
{app-id = "com.mitchellh.ghostty";}
{app-id = "org.wezfurlong.wezterm";}
{app-id = "app.zen_browser.zen";}
];
# default-column-width = {proportion = 1.0;};
draw-border-with-background = false;
}
{
matches = [{app-id = "org.quickshell";}];
open-floating = true;
}
];
layer-rules = [
{
matches = [{namespace = "^quickshell$";}];
place-within-backdrop = true;
}
];
};
}

3
modules/home/desktop/cosmic/config/programs/satty.nix Normal file
View File

@@ -0,0 +1,3 @@
{
programs.satty.enable = true;
}

51
modules/home/desktop/cosmic/config/programs/wl-kbptr.nix Normal file
View File

@@ -0,0 +1,51 @@
{config, ...}: {
programs.wl-kbptr = {
enable = true;
settings = with config.lib.stylix.colors.withHashtag; rec {
general.cancellation_status_code = 1;
mode_floating = {
source = "detect";
label_color = base05;
label_select_color = base0A;
unselectable_bg_color = "#2222";
selectable_bg_color = base01 + "66";
selectable_border_color = base01;
label_font_family = config.stylix.fonts.sansSerif.name;
label_font_size = "12 50% 100";
label_symbols = "abcdefghijklmnopqrstuvwxyz";
};
mode_tile = {
label_font_size = "8 50% 100";
inherit
(mode_floating)
label_color
label_select_color
unselectable_bg_color
selectable_bg_color
selectable_border_color
label_font_family
label_symbols
;
};
mode_bisect = {
inherit (mode_floating) label_color unselectable_bg_color label_font_family;
label_font_size = 20;
label_padding = "12";
pointer_size = 24;
pointer_color = base08;
even_area_bg_color = base0C + "aa";
even_area_border_color = base0C;
odd_area_bg_color = base0D + "aa";
odd_area_border_color = base0D;
history_border_color = base01;
};
mode_split = {
inherit (mode_bisect) pointer_size pointer_color history_border_color;
bg_color = mode_floating.unselectable_bg_color;
area_bg_color = mode_floating.selectable_bg_color;
vertical_color = base09;
horizontal_color = mode_bisect.odd_area_border_color;
};
};
};
}

44
modules/home/desktop/cosmic/config/services.nix Normal file
View File

@@ -0,0 +1,44 @@
{
# config,
pkgs,
lib,
...
}: {
services = {
gnome-keyring = {
enable = true;
components = ["secrets"];
};
# kanshi = import ../../niri/services/kanshi;
# udiskie = {
# enable = true;
# automount = false;
# notify = true;
# tray = "auto";
# };
};
# systemd.user.services = let
# mkGraphicalService = config: lib.attrsets.recursiveUpdate graphicalService config;
# graphicalService = {
# Install.WantedBy = ["niri.service"];
# Unit = {
# Requisite = ["graphical-session.target"];
# PartOf = ["graphical-session.target"];
# After = ["graphical-session.target"];
# };
# Service = {
# Restart = "on-failure";
# TimeoutStopSec = 10;
# RestartSec = 1;
# };
# };
# in {
# polkit-agent = mkGraphicalService {
# Service = {
# Type = "simple";
# ExecStart = pkgs.mate.mate-polkit + "/libexec/polkit-mate-authentication-agent-1";
# };
# };
# };
}

52
modules/home/desktop/cosmic/config/stylix.nix Normal file
View File

@@ -0,0 +1,52 @@
{
config,
pkgs,
lib,
...
}: {
# dconf.settings = {
# "org/gnome/desktop/interface" = {
# icon-theme = config.gtk.iconTheme.name;
# color-scheme =
# if config.stylix.polarity == "dark"
# then lib.mkDefault "prefer-dark"
# else lib.mkDefault "prefer-light";
# };
# };
# stylix.targets.niri.enable = false;
# stylix.targets.gtk.enable = false;
# gtk = {
# enable = true;
# theme = {
# name = "adw-gtk3";
# package = pkgs.adw-gtk3;
# };
# };
#
# stylix.targets.qt.enable = false;
qt = {
enable = true;
platformTheme.name = "gtk3";
};
stylix.targets = {
qt.enable = false;
# gtk.enable = false;
};
gtk = {
enable = true;
# iconTheme = {
# name =
# if config.stylix.polarity == "dark"
# then "Papirus-Dark"
# else "Papirus-Light";
# package =
# if (removeSuffix "-light" theme) == "nord"
# then pkgs.papirus-nord
# else pkgs.papirus-icon-theme;
# };
};
}

85
modules/home/desktop/cosmic/default.nix
View File

@@ -1,94 +1,21 @@
{
osConfig,
perSystem,
config,
pkgs,
lib,
...
}:
with lib; let
inherit (osConfig.module.stylix) theme;
# inherit (osConfig.module.stylix) theme;
cfg = config.desktop.cosmic;
in {
options = {
desktop.cosmic.enable =
mkEnableOption "enable cosmic desktop";
};
config = mkIf cfg.enable {
stylix.targets = {
qt.enable = false;
gtk.enable = false;
};
home.packages = with pkgs; [
helvum
loupe
papers
junction
celluloid
mission-center
dconf
libnotify
playerctl
wdisplays
pwvucontrol
wl-clipboard
];
gtk = {
enable = true;
iconTheme = {
name =
if config.stylix.polarity == "dark"
then "Papirus-Dark"
else "Papirus-Light";
package =
if (removeSuffix "-light" theme) == "nord"
then pkgs.papirus-nord
else pkgs.papirus-icon-theme;
};
};
qt = {
enable = true;
platformTheme.name = "gtk3";
};
services = {
gnome-keyring = {
enable = true;
components = ["secrets"];
};
};
dconf.settings = {
"org/gnome/desktop/wm/preferences" = {
button-layout = "icon:minimize,maximize,close";
};
"org/gnome/desktop/interface" = {
icon-theme = config.gtk.iconTheme.name;
};
};
xdg = {
mime.enable = true;
mimeApps = {
enable = true;
defaultApplications = let
file_manager = ["org.gnome.Nautilus.desktop"];
image_viewer = ["org.gnome.Loupe.desktop"];
pdf_reader = ["org.gnome.Papers.desktop"];
video_player = ["io.github.celluloid_player.Celluloid.desktop"];
web_browser = ["re.sonny.Junction.desktop"];
in {
"application/pdf" = pdf_reader;
"image/jpeg" = image_viewer;
"image/png" = image_viewer;
"inode/directory" = file_manager;
"text/html" = web_browser;
"video/mp4" = video_player;
"video/mpeg" = video_player;
"video/x-matroska" = video_player;
"video/x-mpeg" = video_player;
"x-scheme-handler/about" = web_browser;
"x-scheme-handler/http" = web_browser;
"x-scheme-handler/https" = web_browser;
"x-scheme-handler/unknown" = web_browser;
};
};
};
};
config = let
importWithArgs = file: import file {inherit config inputs lib perSystem pkgs importWithArgs;};
in
mkIf cfg.enable (importWithArgs ./config);
}

1
modules/home/programs/atuin.nix → modules/homePrograms/atuin.nix
View File

@@ -1,4 +1,5 @@
{
programs.atuin.enable = true; # shell history and more in rust
programs.atuin = {
flags = [
"--disable-up-arrow"

1
modules/home/programs/default.nix → modules/homePrograms/default.nix
View File

@@ -1,6 +1,7 @@
{
imports = [
./atuin.nix
./direnv.nix
./fish.nix
./ghostty.nix
./helix.nix

7
modules/homePrograms/direnv.nix Normal file
View File

@@ -0,0 +1,7 @@
{
programs.direnv.enable = true;
programs.direnv = {
silent = true;
nix-direnv.enable = true;
};
}

1
modules/home/programs/fish.nix → modules/homePrograms/fish.nix
View File

@@ -5,6 +5,7 @@
}: let
inherit (lib) getExe;
in {
programs.fish.enable = true; # friendly interactive shell in rust
programs.fish = {
shellAliases = {
cd = "z";

1
modules/home/programs/ghostty.nix → modules/homePrograms/ghostty.nix
View File

@@ -4,6 +4,7 @@
perSystem,
...
}: {
programs.ghostty.enable = true;
programs.ghostty = {
package = perSystem.ghostty.ghostty;
settings = {

11
modules/home/programs/helix.nix → modules/homePrograms/helix.nix
View File

@@ -6,8 +6,18 @@
}: let
inherit (lib) getExe;
in {
programs.helix.enable = true;
programs.helix = {
# defaultEditor = true;
package = pkgs.helix.overrideAttrs (previousAttrs: {
patches =
(previousAttrs.patches or [])
++ [
./loader.patch
./term.patch
];
});
settings = {
editor = {
bufferline = "multiple";
@@ -110,6 +120,7 @@ in {
name = "typst";
auto-format = true;
formatter.command = getExe pkgs.typstyle;
formatter.args = ["-l" "100"];
language-servers = ["tinymist"];
}
{

0
modules/home/programs/kitty.nix → modules/homePrograms/kitty.nix
View File

10
modules/homePrograms/loader.patch Normal file
View File

@@ -0,0 +1,10 @@
--- a/helix-loader/src/config.rs
+++ b/helix-loader/src/config.rs
@@ -11,7 +11,6 @@ pub fn default_lang_config() -> toml::Value {
pub fn user_lang_config() -> Result<toml::Value, toml::de::Error> {
let config = [
crate::config_dir(),
- crate::find_workspace().0.join(".helix"),
]
.into_iter()
.map(|path| path.join("languages.toml"))

1
modules/home/programs/oh-my-posh.nix → modules/homePrograms/oh-my-posh.nix
View File

@@ -3,6 +3,7 @@
lib,
...
}: {
programs.oh-my-posh.enable = true;
programs.oh-my-posh = {
settings = {
# version = 2;

0
modules/home/programs/syncthing.nix → modules/homePrograms/syncthing.nix
View File

17
modules/homePrograms/term.patch Normal file
View File

@@ -0,0 +1,17 @@
--- a/helix-term/src/config.rs
+++ b/helix-term/src/config.rs
@@ -58,12 +58,11 @@ fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
impl Config {
pub fn load(
global: Result<String, ConfigLoadError>,
- local: Result<String, ConfigLoadError>,
+ _local: Result<String, ConfigLoadError>,
) -> Result<Config, ConfigLoadError> {
let global_config: Result<ConfigRaw, ConfigLoadError> =
global.and_then(|file| toml::from_str(&file).map_err(ConfigLoadError::BadConfig));
- let local_config: Result<ConfigRaw, ConfigLoadError> =
- local.and_then(|file| toml::from_str(&file).map_err(ConfigLoadError::BadConfig));
+ let local_config: Result<ConfigRaw, ConfigLoadError> = Err(ConfigLoadError::default());
let res = match (global_config, local_config) {
(Ok(global), Ok(local)) => {
let mut keys = keymap::default();

1
modules/home/programs/wezterm.nix → modules/homePrograms/wezterm.nix
View File

@@ -5,6 +5,7 @@
lib,
...
}: {
programs.wezterm.enable = true;
programs.wezterm = {
# package = inputs.wezterm.packages.${pkgs.system}.default;
extraConfig = let

0
modules/home/programs/wl-kbptr.nix → modules/homePrograms/wl-kbptr.nix
View File

1
modules/home/programs/yazi.nix → modules/homePrograms/yazi.nix
View File

@@ -4,6 +4,7 @@
lib,
...
}: {
programs.yazi.enable = true;
programs.yazi = {
shellWrapperName = "y";
settings = {

0
modules/home/programs/zed-editor.nix → modules/homePrograms/zed-editor.nix
View File

41
modules/nixos/desktop/common/pipewire.nix
View File

@@ -1,4 +1,5 @@
{
pkgs,
lib,
config,
...
@@ -12,10 +13,10 @@ in {
};
config = mkIf cfg.enable {
security.rtkit = {
enable = true;
args = ["--no-canary"];
};
# security.rtkit = {
# enable = true;
# args = ["--no-canary"];
# };
services.pulseaudio.enable = false;
services.pipewire = {
enable = true;
@@ -25,13 +26,14 @@ in {
# "context.properties" = {
# "default.clock.rate" = 48000;
# "default.clock.quantum" = 32;
# "default.clock.min-quantum" = 32;
# "default.clock.min-quantum" = 2048;
# "default.clock.max-quantum" = 32;
# };
# };
wireplumber.extraConfig."10-alsa-vm" = {
"api.alsa.period-size" = 1024 / 2; # seems to fix random crackling
};
# wireplumber.extraConfig."10-alsa-vm" = {
# "api.alsa.period-size" = 1024; # seems to fix random crackling
# "api.alsa.headroom" = 128;
# };
extraConfig.pipewire-pulse."93-auto-connect" = {
"pulse.cmd" = [
{
@@ -60,5 +62,28 @@ in {
# };
# };
};
services.pipewire.wireplumber.configPackages = [
(pkgs.writeTextDir "share/wireplumber/main.lua.d/10-disable-suspend.conf" ''
monitor.alsa.rules = [
{
matches = [
{
# Matches all sources
node.name = "~alsa_input.*"
},
{
# Matches all sinks
node.name = "~alsa_output.*"
}
]
actions = {
update-props = {
session.suspend-timeout-seconds = 0
}
}
}
]
'')
];
};
}

4
modules/nixos/desktop/dms/default.nix
View File

@@ -26,6 +26,10 @@ in {
config.common."org.freedesktop.impl.portal.Secret" = ["gnome-keyring"];
};
environment.systemPackages = with pkgs; [
libnotify
];
module.gnome-keyring.enable = true;
module.pipewire.enable = true;

0
modules/shared/nixos/default.nix → modules/nixos/shared/default.nix
View File

0
modules/shared/nixos/hardware/default.nix → modules/nixos/shared/hardware/default.nix
View File

17
modules/nixos/shared/hardware/facter.nix Normal file
View File

@@ -0,0 +1,17 @@
{
config,
lib,
inputs,
...
}: let
inherit (inputs) mysecrets;
inherit (config.networking) hostName;
in {
# imports = with inputs; [
# nixos-facter-modules.nixosModules.facter
# ];
hardware.facter.reportPath = "${mysecrets}/facter/${hostName}.json";
systemd.network.wait-online.enable = false;
networking.dhcpcd.enable = lib.mkForce false;
networking.networkmanager.dhcp = "internal";
}

0
modules/shared/nixos/kanata/internal.kbd → modules/nixos/shared/kanata/internal.kbd
View File

1
modules/shared/nixos/misc/default.nix → modules/nixos/shared/misc/default.nix
View File

@@ -7,6 +7,7 @@
imports = [
# inputs.chaotic.nixosModules.default
./slim.nix
./uutils.nix
];
boot = {
consoleLogLevel = 0;

0
modules/shared/nixos/misc/slim.nix → modules/nixos/shared/misc/slim.nix
View File

63
modules/nixos/shared/misc/uutils.nix Normal file
View File

@@ -0,0 +1,63 @@
{pkgs, ...}: let
coreutils-full-name =
"coreuutils-full"
+ builtins.concatStringsSep ""
(builtins.genList (_: "_") (builtins.stringLength pkgs.coreutils-full.version));
coreutils-name =
"coreuutils"
+ builtins.concatStringsSep ""
(builtins.genList (_: "_") (builtins.stringLength pkgs.coreutils.version));
findutils-name =
"finduutils"
+ builtins.concatStringsSep ""
(builtins.genList (_: "_") (builtins.stringLength pkgs.findutils.version));
diffutils-name =
"diffuutils"
+ builtins.concatStringsSep ""
(builtins.genList (_: "_") (builtins.stringLength pkgs.diffutils.version));
in {
system.replaceDependencies.replacements = [
# coreutils
{
# system
oldDependency = pkgs.coreutils-full;
newDependency = pkgs.symlinkJoin {
# Make the name length match so it builds
name = coreutils-full-name;
paths = [pkgs.uutils-coreutils-noprefix];
};
}
{
# applications
oldDependency = pkgs.coreutils;
newDependency = pkgs.symlinkJoin {
# Make the name length match so it builds
name = coreutils-name;
paths = [pkgs.uutils-coreutils-noprefix];
};
}
# findutils
# {
# # applications
# oldDependency = pkgs.findutils;
# newDependency = pkgs.symlinkJoin {
# # Make the name length match so it builds
# name = findutils-name;
# paths = [pkgs.uutils-findutils];
# };
# }
# diffutils
# {
# # applications
# oldDependency = pkgs.diffutils;
# newDependency = pkgs.symlinkJoin {
# # Make the name length match so it builds
# name = diffutils-name;
# paths = [pkgs.uutils-diffutils];
# };
# }
];
}

0
modules/shared/nixos/module/lanzaboote.nix → modules/nixos/shared/module/lanzaboote.nix
View File

0
modules/shared/nixos/module/locale.nix → modules/nixos/shared/module/locale.nix
View File

0
modules/shared/nixos/networking/default.nix → modules/nixos/shared/networking/default.nix
View File

0
modules/shared/nixos/networking/hosts.nix → modules/nixos/shared/networking/hosts.nix
View File

0
modules/shared/nixos/nix/common.nix → modules/nixos/shared/nix/common.nix
View File

0
modules/shared/nixos/nix/default.nix → modules/nixos/shared/nix/default.nix
View File

0
modules/shared/nixos/nix/substituters.nix → modules/nixos/shared/nix/substituters.nix
View File

0
modules/shared/nixos/programs.nix → modules/nixos/shared/programs.nix
View File

4
modules/shared/nixos/security/boot.nix → modules/nixos/shared/security/boot.nix
View File

@@ -105,6 +105,10 @@
"iommu.strict=1"
"iommu=force"
# "lockdown=integrity" # confidentiality
"kvm_amd.sev=1"
"kvm_amd.sev_es=1"
"kvm_amd.sev_snp=1"
# "mitigations=auto,nosmt"
"module.sig_enforce=1"
"page_alloc.shuffle=1"
"randomize_kstack_offset=on"

0
modules/shared/nixos/security/coredump.nix → modules/nixos/shared/security/coredump.nix
View File

0
modules/shared/nixos/security/default.nix → modules/nixos/shared/security/default.nix
View File

0
modules/shared/nixos/security/services.nix → modules/nixos/shared/security/services.nix
View File

0
modules/shared/nixos/security/ssh.nix → modules/nixos/shared/security/ssh.nix
View File

2
modules/shared/nixos/services.nix → modules/nixos/shared/services.nix
View File

@@ -33,6 +33,6 @@
InterceptUnknown = true;
ProcMonitorMethod = "ebpf";
};
scx.scheduler = "scx_flash";
scx.scheduler = "scx_rustland";
};
}

0
modules/shared/nixos/sops.nix → modules/nixos/shared/sops.nix
View File

39
modules/shared/nixos/stylix/default.nix → modules/nixos/shared/stylix/default.nix
View File

@@ -37,6 +37,19 @@
themes = {
dark = {
tomorrow = {
polarity = "dark";
base16Scheme = fromBase16Schemes "tomorrow-night";
# image = wallpapers.abstract.lambda;
inherit (interIosevka) serif monospace;
cursor = {
package = pkgs.bibata-cursors;
name = "Bibata-Modern-Classic";
size = 24;
};
};
ashes = {
polarity = "dark";
base16Scheme = fromBase16Schemes "classic-dark";
@@ -215,6 +228,32 @@
};
};
light = {
tomorrow = {
polarity = "light";
base16Scheme = fromBase16Schemes "tomorrow";
# image = wallpapers.abstract.lambda;
inherit (interIosevka) serif monospace;
cursor = {
package = pkgs.bibata-cursors;
name = "Bibata-Modern-Ice";
size = 24;
};
};
selenized = {
polarity = "light";
base16Scheme = fromBase16Schemes "selenized-white";
# image = wallpapers.abstract.lambda;
inherit (interIosevka) serif monospace;
cursor = {
package = pkgs.bibata-cursors;
name = "Bibata-Modern-Ice";
size = 24;
};
};
rose-pine-dawn = {
polarity = "light";
base16Scheme = fromBase16Schemes "rose-pine-dawn";

0
modules/shared/nixos/stylix/wallpapers.nix → modules/nixos/shared/stylix/wallpapers.nix
View File

0
modules/shared/nixos/users.nix → modules/nixos/shared/users.nix
View File

0
modules/programs-nixos/docker.nix → modules/nixosPrograms/docker.nix
View File

0
modules/programs-nixos/libvirt.nix → modules/nixosPrograms/libvirt.nix
View File

0
modules/programs-nixos/opentabletdriver.nix → modules/nixosPrograms/opentabletdriver.nix
View File

0
modules/programs-nixos/podman.nix → modules/nixosPrograms/podman.nix
View File

0
modules/programs-nixos/qmk-vial.nix → modules/nixosPrograms/qmk-vial.nix
View File

14
modules/shared/nixos/hardware/facter.nix
View File

@@ -1,14 +0,0 @@
{
config,
inputs,
...
}: let
inherit (inputs) mysecrets;
inherit (config.networking) hostName;
in {
imports = with inputs; [
nixos-facter-modules.nixosModules.facter
];
facter.reportPath = "${mysecrets}/facter/${hostName}.json";
systemd.network.wait-online.enable = false;
}

4
modules/users/user/common.nix
View File

@@ -5,9 +5,9 @@
...
}: {
imports = with inputs; [
nix-index-database.hmModules.nix-index
nix-index-database.homeModules.nix-index
self.homeModules.desktop
self.homeModules.programs
# self.homeModules.programs
];
inherit (osConfig) desktop;

69
modules/users/user/programs.nix
View File

@@ -11,8 +11,16 @@
inherit (osConfig.virtualisation) libvirtd;
inherit (osConfig.hardware) bluetooth;
in {
imports = with flake.homeModules; [
programs
imports = with flake.modules.homePrograms; [
atuin
direnv
fish
helix
oh-my-posh
syncthing
wezterm
wl-kbptr
yazi
];
systemd.user.settings.Manager.DefaultEnvironment = {
@@ -31,16 +39,6 @@ in {
programs =
lib.attrsets.recursiveUpdate
{
atuin.enable = true;
fish.enable = true; # friendly interactive shell in rust
oh-my-posh.enable = true;
helix.enable = true;
yazi.enable = true;
wezterm.enable = true;
ghostty.enable = true;
bat.enable = true; # cat in rust
btop.enable = true;
# direnv.enable = true;
@@ -75,6 +73,7 @@ in {
git.signing.format = "ssh";
git.settings.alias.cl = "clone";
git.settings.alias.co = "checkout";
git.settings.sequence.editor = lib.getExe pkgs.git-interactive-rebase-tool;
keychain.keys = ["id_ed25519"];
@@ -115,7 +114,10 @@ in {
systemctl-tui # systemctl tui in rust
trashy # trash cli in rust
up # ultimate plumber in go
wiremix # pavucontrol for wireplumber in rust
]
++ [
# various wrappers
(perSystem.mypackages.prismlauncher-bwrapped.override {
addPkgs = with pkgs; [mangohud gamemode gamescope glfw3-minecraft];
packageOverrides = {
@@ -128,26 +130,14 @@ in {
};
})
(perSystem.mypackages.zen-browser-bwrapped.override {
bwrapperOpts = {
sockets.x11 = false;
};
bwrapperOpts.sockets.x11 = false;
})
(perSystem.mypackages.legcord-bwrapped.override {
bwrapperOpts = {
sockets.x11 = false;
};
bwrapperOpts.sockets.x11 = false;
})
(perSystem.mypackages.helium-browser-bwrapped.override {
bwrapperOpts = {
sockets.x11 = false;
mounts.readWrite = [
# "$XDG_DOCUMENTS_DIR"
"$XDG_DOWNLOAD_DIR"
# "$XDG_MUSIC_DIR"
# "$XDG_VIDEOS_DIR"
# "$XDG_PICTURES_DIR"
];
};
bwrapperOpts.sockets.x11 = false;
bwrapperOpts.mounts.readWrite = ["$XDG_DOWNLOAD_DIR"];
})
(pkgs.mkBwrapper rec {
app = {
@@ -197,6 +187,19 @@ in {
runtimeInputs = with pkgs; [rbw wl-clipboard];
text = ''rbw get --clipboard "$1" && sleep 5 && wl-copy -c'';
})
(pkgs.writeShellApplication {
name = "bw-get";
runtimeInputs = with pkgs; [bitwarden-cli jq wl-clipboard csvlens];
text = ''
bw get item \
"$(bw list items \
| jq -r '["name","user","id"], (.[] | [(.name), (.login.username), (.id)]) | @csv' \
| csvlens)" \
| jq -r '.login.password' \
| wl-copy \
&& sleep 5 && wl-copy -c
'';
})
(pkgs.writeShellApplication {
name = "rbw-totp";
runtimeInputs = with pkgs; [rbw wl-clipboard];
@@ -207,7 +210,7 @@ in {
# misc apps
adwaita-icon-theme
# vial # qmk keyboard configuring app
pinentry-qt # pinentry for rbw
pinentry-gnome3 # pinentry for rbw
(mkIf libvirtd.enable virt-manager) # libvirt gui
# waycheck # check wayland protocols
gpu-screen-recorder-gtk
@@ -218,10 +221,10 @@ in {
# gnome-text-editor
helvum # pipewire patchbay in rust
# junction # app chooser
mission-center # task manager in rust (partly)
(mkIf bluetooth.enable overskride) # bluetooth gui in rust
# mission-center # task manager in rust (partly)
# (mkIf bluetooth.enable overskride) # bluetooth gui in rust
pika-backup # borg gui in rust
pwvucontrol # pipewire gui in rust
# pwvucontrol # pipewire gui in rust
perSystem.zmx.default
# sonusmix # pipewire routing tool in rust
];

53
packages/aim/default.nix
View File

@@ -1,53 +0,0 @@
{pkgs}: let
inherit
(pkgs)
lib
rustPlatform
fetchFromGitHub
pkg-config
openssl
zlib
stdenv
darwin
;
in
rustPlatform.buildRustPackage rec {
pname = "aim";
version = "1.8.6";
src = fetchFromGitHub {
owner = "mihaigalos";
repo = "aim";
rev = version;
hash = "sha256-+oeyaPBsgQ+eNEGx9lRnNKjTSowLd0T+8WUln1UizBA=";
};
cargoHash = "sha256-LeFhaXtzCSujlVuqaIiXYL2TlhlpgqsN9+fACv9iEmY=";
nativeBuildInputs = [
pkg-config
];
buildInputs =
[
openssl
zlib
]
++ lib.optionals stdenv.isDarwin [
darwin.apple_sdk.frameworks.Security
darwin.apple_sdk.frameworks.SystemConfiguration
];
env = {
OPENSSL_NO_VENDOR = true;
};
meta = {
description = "A command line download/upload tool with resume";
homepage = "https://github.com/mihaigalos/aim";
changelog = "https://github.com/mihaigalos/aim/blob/${src.rev}/CHANGELOG.md";
license = lib.licenses.mit;
maintainers = with lib.maintainers; [];
mainProgram = "aim";
};
}

26
packages/bt/default.nix
View File

@@ -1,26 +0,0 @@
{pkgs}: let
inherit (pkgs) lib buildGoModule fetchFromGitHub;
in
buildGoModule rec {
pname = "bt";
version = "1.1.0";
src = fetchFromGitHub {
owner = "LeperGnome";
repo = "bt";
rev = "v${version}";
hash = "sha256-q6vi9dxKWz+mCqRQ11BA/rjXGEOGcHIsmsQSuyWtaLk=";
};
vendorHash = "sha256-nBswqk3XAPvjW1qRMHq1waqXLKwXYXVXFpGcByqSS2k=";
ldflags = ["-s" "-w"];
meta = {
description = "Interactive tree-like terminal file manager";
homepage = "https://github.com/LeperGnome/bt";
license = lib.licenses.mit;
maintainers = with lib.maintainers; [];
mainProgram = "bt";
};
}

77
packages/helium-browser-bwrapped/default.nix
View File

@@ -1,77 +0,0 @@
{
# lib,
# pkgs,
inputs,
system,
perSystem,
addPkgs ? [],
bwrapperOpts ? {},
# packageOverrides ? {},
unfreePkgs ? [],
...
}: let
pkgs = import inputs.nixpkgs {
config.allowUnfreePredicate = pkg:
builtins.elem (pkgs.lib.getName pkg) unfreePkgs;
inherit system;
overlays = [inputs.nix-bwrapper.overlays.bwrapper];
};
in (pkgs.mkBwrapper (pkgs.lib.attrsets.recursiveUpdate rec {
app = {
inherit addPkgs;
package = perSystem.self.helium-browser;
id = "net.imput.Helium" + "_bwrapped";
runScript = "helium";
env = {
GSETTINGS_BACKEND = "dconf";
};
};
# https://github.com/flathub/io.github.ungoogled_software.ungoogled_chromium/blob/master/io.github.ungoogled_software.ungoogled_chromium.yaml
dbus.system.talks = [
"org.bluez"
"org.freedesktop.Avahi"
"org.freedesktop.UPower"
];
dbus.session.talks = [
# "org.a11y.Bus"
# "org.gtk.vfs.*"
"ca.desrt.dconf"
"com.canonical.AppMenu.Registrar"
"org.cinnamon.ScreenSaver"
"org.freedesktop.FileManager1"
"org.freedesktop.Notifications"
"org.freedesktop.ScreenSaver"
"org.freedesktop.secrets"
"org.gnome.Mutter.IdleMonitor.*"
"org.gnome.ScreenSaver"
"org.gnome.SessionManager"
"org.kde.StatusNotifierWatcher"
"org.kde.kwalletd5"
"org.kde.kwalletd6"
"org.xfce.ScreenSaver"
];
dbus.session.owns = [
"org.mpris.MediaPlayer2.chromium.*"
];
mounts.readWrite = [
# - --filesystem=/run/.heim_org.h5l.kcm-socket
# - --filesystem=host-etc
# "$XDG_RUNTIME_DIR/app/${app.id}"
# "$XDG_RUNTIME_DIR/speech-dispatcher:ro"
"$XDG_RUNTIME_DIR/pipewire-0"
# For GNOME proxy resolution
"$XDG_RUNTIME_DIR/dconf"
# To install a PWA application
"~/.local/share/applications"
"~/.local/share/icons"
];
mounts.read = [
"$HOME/.config/dconf"
];
}
bwrapperOpts))

61
packages/helium-browser-bwrapped/helium.nix
View File

@@ -1,61 +0,0 @@
{
pkgs,
perSystem,
...
}:
pkgs.mkBwrapper rec {
app = {
package = perSystem.helium-browser.helium; #.override packageOverrides;
id = "net.imput.Helium" + "_bwrapped";
runScript = "helium";
env = {
GSETTINGS_BACKEND = "dconf";
};
};
# https://github.com/flathub/io.github.ungoogled_software.ungoogled_chromium/blob/master/io.github.ungoogled_software.ungoogled_chromium.yaml
dbus.system.talks = [
"org.bluez"
"org.freedesktop.Avahi"
"org.freedesktop.UPower"
];
dbus.session.talks = [
# "org.a11y.Bus"
# "org.gtk.vfs.*"
"ca.desrt.dconf"
"com.canonical.AppMenu.Registrar"
"org.cinnamon.ScreenSaver"
"org.freedesktop.FileManager1"
"org.freedesktop.Notifications"
"org.freedesktop.ScreenSaver"
"org.freedesktop.secrets"
"org.gnome.Mutter.IdleMonitor.*"
"org.gnome.ScreenSaver"
"org.gnome.SessionManager"
"org.kde.StatusNotifierWatcher"
"org.kde.kwalletd5"
"org.kde.kwalletd6"
"org.xfce.ScreenSaver"
];
dbus.session.owns = [
"org.mpris.MediaPlayer2.chromium.*"
];
mounts.readWrite = [
# - --filesystem=/run/.heim_org.h5l.kcm-socket
# - --filesystem=host-etc
"$XDG_RUNTIME_DIR/app/${app.id}"
# "$XDG_RUNTIME_DIR/speech-dispatcher:ro"
# "$XDG_RUNTIME_DIR/pipewire-0"
"$XDG_DOCUMENTS_DIR"
"$XDG_DOWNLOAD_DIR"
"$XDG_MUSIC_DIR"
"$XDG_VIDEOS_DIR"
"$XDG_PICTURES_DIR"
# For GNOME proxy resolution
"$XDG_RUNTIME_DIR/dconf"
];
mounts.read = [
"$HOME/.config/dconf"
];
}

175
packages/helium-browser/default.nix
View File

@@ -1,175 +0,0 @@
{
system,
inputs,
...
}: let
pkgs = import inputs.nixpkgs {
inherit system;
config.allowUnfree = true;
};
version = "0.7.7.1";
srcs = {
x86_64-linux = {
url = "https://github.com/imputnet/helium-linux/releases/download/${version}/helium-${version}-x86_64_linux.tar.xz";
hash = "sha256-aY9GwIDPTcskm55NluSyxkCHC6drd6BdBaNYZhrzlRE=";
};
aarch64-linux = {
url = "https://github.com/imputnet/helium-linux/releases/download/${version}/helium-${version}-arm64_linux.tar.xz";
hash = "sha256-76hJ19/bHzdE1//keGF9imYkMHOy6VHpA56bxEkgwgA=";
};
x86_64-darwin = {
url = "https://github.com/imputnet/helium-macos/releases/download/${version}/helium_${version}_x86_64-macos.dmg";
hash = "sha256-LtxzeBkECRML+q+qtcTljuFoPefuZdk1PIcdDqSGl0Y=";
};
aarch64-darwin = {
url = "https://github.com/imputnet/helium-macos/releases/download/${version}/helium_${version}_arm64-macos.dmg";
hash = "sha256-iFE2OigeG+sDfGKmuqqb6LKUyxhZ2Jcti+jLzeHMLYM=";
};
};
in
pkgs.stdenv.mkDerivation {
pname = "helium";
inherit version;
src = pkgs.fetchurl (srcs.${system} or (throw "Unsupported system: ${system}"));
nativeBuildInputs = with pkgs;
[
makeWrapper
]
++ pkgs.lib.optionals stdenv.isLinux [
autoPatchelfHook
copyDesktopItems
]
++ pkgs.lib.optionals stdenv.isDarwin [
_7zz
];
unpackCmd = pkgs.lib.optionalString pkgs.stdenv.isDarwin ''
7zz x $src
'';
buildInputs = with pkgs;
pkgs.lib.optionals stdenv.isLinux [
alsa-lib
at-spi2-atk
at-spi2-core
atk
cairo
cups
dbus
expat
fontconfig
freetype
gdk-pixbuf
glib
gtk3
libGL
xorg.libX11
xorg.libXScrnSaver
xorg.libXcomposite
xorg.libXcursor
xorg.libXdamage
xorg.libXext
xorg.libXfixes
xorg.libXi
xorg.libXrandr
xorg.libXrender
xorg.libXtst
libdrm
libgbm
libpulseaudio
xorg.libxcb
libxkbcommon
mesa
nspr
nss
pango
pipewire
systemd
vulkan-loader
wayland
libxshmfence
libuuid
kdePackages.qtbase
];
autoPatchelfIgnoreMissingDeps = pkgs.lib.optionals pkgs.stdenv.isLinux [
"libQt6Core.so.6"
"libQt6Gui.so.6"
"libQt6Widgets.so.6"
"libQt5Core.so.5"
"libQt5Gui.so.5"
"libQt5Widgets.so.5"
];
dontWrapQtApps = pkgs.stdenv.isLinux;
installPhase =
if pkgs.stdenv.isDarwin
then ''
runHook preInstall
mkdir -p $out/Applications/Helium.app
cp -r . $out/Applications/Helium.app
mkdir -p $out/bin
makeWrapper $out/Applications/Helium.app/Contents/MacOS/Helium $out/bin/helium \
--add-flags "--disable-component-update" \
--add-flags "--simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT'" \
--add-flags "--check-for-update-interval=0" \
--add-flags "--disable-background-networking"
runHook postInstall
''
else ''
runHook preInstall
mkdir -p $out/bin $out/opt/helium
cp -r * $out/opt/helium
# The binary is named 'chrome' in the tarball
makeWrapper $out/opt/helium/chrome $out/bin/helium \
--prefix LD_LIBRARY_PATH : "${pkgs.lib.makeLibraryPath (with pkgs; [
libGL
libvdpau
libva
pipewire
])}" \
--add-flags "--ozone-platform-hint=auto" \
--add-flags "--enable-features=WaylandWindowDecorations" \
--add-flags "--disable-component-update" \
--add-flags "--simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT'" \
--add-flags "--check-for-update-interval=0" \
--add-flags "--disable-background-networking"
# Install icon
mkdir -p $out/share/icons/hicolor/256x256/apps
cp $out/opt/helium/product_logo_256.png $out/share/icons/hicolor/256x256/apps/helium.png
runHook postInstall
'';
desktopItems = pkgs.lib.optionals pkgs.stdenv.isLinux [
(pkgs.makeDesktopItem {
name = "helium";
exec = "helium %U";
icon = "helium";
desktopName = "Helium";
genericName = "Web Browser";
categories = ["Network" "WebBrowser"];
terminal = false;
mimeTypes = ["text/html" "text/xml" "application/xhtml+xml" "x-scheme-handler/http" "x-scheme-handler/https"];
})
];
meta = with pkgs.lib; {
description = "Private, fast, and honest web browser based on ungoogled-chromium";
homepage = "https://helium.computer/";
license = licenses.gpl3Only;
platforms = ["x86_64-linux" "aarch64-linux" "x86_64-darwin" "aarch64-darwin"];
mainProgram = "helium";
};
}

51
packages/legcord-bwrapped/default.nix
View File

@@ -1,51 +0,0 @@
{
# lib,
# pkgs,
inputs,
system,
# perSystem,
addPkgs ? [],
bwrapperOpts ? {},
packageOverrides ? {},
unfreePkgs ? [],
...
}: let
pkgs = import inputs.nixpkgs {
config.allowUnfreePredicate = pkg:
builtins.elem (pkgs.lib.getName pkg) unfreePkgs;
inherit system;
overlays = [inputs.nix-bwrapper.overlays.bwrapper];
};
in (pkgs.mkBwrapper (pkgs.lib.attrsets.recursiveUpdate {
app = {
inherit addPkgs;
package = pkgs.legcord.override packageOverrides;
runScript = "legcord";
# TODO: figure out the right id
id = "dev.pzurek.Legcord" + "_bwrapped";
execArgs = "--disable-gpu-memory-buffer-video-frames";
env = {
ELECTRON_TRASH = "gio";
};
};
mounts.readWrite = [
"$XDG_RUNTIME_DIR/app/com.discordapp.Discord"
"$XDG_RUNTIME_DIR/speech-dispatcher"
# "$HOME/Downloads"
];
dbus.session.talks = [
"org.freedesktop.ScreenSaver"
"org.kde.StatusNotifierWatcher"
"com.canonical.AppMenu.Registrar"
"com.canonical.indicator.application"
"com.canonical.Unity"
];
dbus.system.talks = [
"org.freedesktop.UPower"
];
dbus.session.owns = [
"com.discordapp.Discord"
];
}
bwrapperOpts))

33
packages/pillager/default.nix
View File

@@ -1,33 +0,0 @@
{pkgs}: let
inherit (pkgs) lib buildGoModule fetchFromGitHub;
in
buildGoModule rec {
pname = "pillager";
version = "0.11.6";
src = fetchFromGitHub {
owner = "brittonhayes";
repo = "pillager";
rev = "v${version}";
hash = "sha256-GHjAm6x96m79pnberfYKiUujnlahsVqNixY4I9R7AOc=";
};
vendorHash = "sha256-uNPNUsD1hEvHKGb5EyEjDanc21ro6dm68ecdyG/+hlk=";
ldflags = [
"-s"
"-w"
"-X=github.com/brittonhayes/pillager/internal/commands/version.version=${version}"
"-X=main.commit=${src.rev}"
"-X=main.date=1970-01-01T00:00:00Z"
"-X=main.builtBy=goreleaser"
];
meta = {
description = "Pillage filesystems for sensitive information with Go";
homepage = "https://github.com/brittonhayes/pillager";
license = lib.licenses.mit;
maintainers = with lib.maintainers; [];
mainProgram = "pillager";
};
}

45
packages/prismlauncher-bwrapped/default.nix
View File

@@ -1,45 +0,0 @@
{
# lib,
# pkgs,
inputs,
system,
unfreePkgs ? [],
addPkgs ? [],
packageOverrides ? {},
bwrapperOpts ? {},
...
}: let
pkgs = import inputs.nixpkgs {
config.allowUnfreePredicate = pkg:
builtins.elem (pkgs.lib.getName pkg) unfreePkgs;
inherit system;
overlays = [inputs.nix-bwrapper.overlays.bwrapper];
};
in (pkgs.mkBwrapper (pkgs.lib.attrsets.recursiveUpdate rec {
app = {
inherit addPkgs;
# addPkgs = with pkgs; [mangohud gamemode gamescope glfw3-minecraft];
package = pkgs.prismlauncher.override (
pkgs.lib.attrsets.recursiveUpdate
{
additionalPrograms = app.addPkgs;
}
packageOverrides
);
id = "org.prismlauncher.PrismLauncher" + "_bwrapped";
runScript = "prismlauncher";
};
mounts.read = [
"/sys/kernel/mm/hugepages"
"/sys/kernel/mm/transparent_hugepage"
];
dbus.session.talks = [
"org.a11y.Bus"
"org.gtk.vfs.*"
];
dbus.system.talks = [
"org.freedesktop.UDisks2"
];
}
bwrapperOpts))

58
packages/steam-bwrapped/default.nix
View File

@@ -1,58 +0,0 @@
{
# lib,
# pkgs,
inputs,
system,
addPkgs ? [],
bwrapperOpts ? {},
packageOverrides ? {},
unfreePkgs ? [],
...
}: let
pkgs = import inputs.nixpkgs {
config.allowUnfreePredicate = pkg:
builtins.elem (pkgs.lib.getName pkg) unfreePkgs;
inherit system;
overlays = [inputs.nix-bwrapper.overlays.bwrapper];
};
in
pkgs.mkBwrapper (pkgs.lib.attrsets.recursiveUpdate {
app = rec {
inherit addPkgs;
# addPkgs = with pkgs; [mangohud gamemode gamescope];
package = pkgs.steam.override (pkgs.lib.attrsets.recursiveUpdate {
extraPkgs = pkgs: addPkgs;
}
packageOverrides);
id = "com.valvesoftware.Steam" + "_bwrapped";
runScript = "steam";
isFhsenv = true;
};
# mounts.readWrite = [
# "/storage/games/steam"
# # "/sys/kernel/mm/transparent_hugepage"
# ];
mounts.sandbox = [
{
name = "dot-steam";
path = "$HOME/.steam";
}
];
dbus.session.talks = [
"org.a11y.Bus"
"org.gtk.vfs.*"
"org.gnome.SettingsDaemon.MediaKeys"
"org.freedesktop.ScreenSaver"
"org.freedesktop.PowerManagement"
"org.freedesktop.Notifications"
];
dbus.session.owns = [
"com.steampowered.*"
];
dbus.system.talks = [
"org.freedesktop.UDisks2"
"org.freedesktop.UPower"
];
}
bwrapperOpts)

44
packages/wl-tray-bridge/default.nix
View File

@@ -1,44 +0,0 @@
{pkgs}: let
inherit
(pkgs)
lib
rustPlatform
fetchFromGitHub
pkg-config
cairo
glib
pango
wayland
;
in
rustPlatform.buildRustPackage rec {
pname = "wl-tray-bridge";
version = "unstable-2024-10-24";
src = fetchFromGitHub {
owner = "mahkoh";
repo = "wl-tray-bridge";
rev = "5ea5bbddcf1dbb2ab4836b00b300803c928469c5";
hash = "sha256-ewoHopL9/hgErshUWZBZ4H6MKt7iQD7x+4MebNzDdXQ=";
};
cargoHash = "sha256-yvuHE3LdFUSZkcBZH3zangFUfCZNAlkDeW8qFyU/LgU=";
nativeBuildInputs = [
pkg-config
];
buildInputs = [
cairo
glib
pango
wayland
];
meta = {
description = "";
homepage = "https://github.com/mahkoh/wl-tray-bridge";
license = lib.licenses.gpl3Only;
mainProgram = "wl-tray-bridge";
};
}

58
packages/zen-browser-bwrapped/default.nix
View File

@@ -1,58 +0,0 @@
{
# lib,
# pkgs,
inputs,
system,
perSystem,
addPkgs ? [],
bwrapperOpts ? {},
packageOverrides ? {},
unfreePkgs ? [],
...
}: let
pkgs = import inputs.nixpkgs {
config.allowUnfreePredicate = pkg:
builtins.elem (pkgs.lib.getName pkg) unfreePkgs;
inherit system;
overlays = [inputs.nix-bwrapper.overlays.bwrapper];
};
in (pkgs.mkBwrapper (pkgs.lib.attrsets.recursiveUpdate rec {
# fhsenv.skipExtraInstallCmds = true;
fhsenv.extraInstallCmds = ''
mv $out/bin/zen-browser $out/bin/zen
'';
app = {
inherit addPkgs;
package = perSystem.zen-browser.zen-browser.override packageOverrides;
id = "app.zen_browser.zen" + "_bwrapped";
runScript = "zen";
# isFhsenv = true;
};
mounts.readWrite = [
# "$XDG_RUNTIME_DIR/doc/by-app"
"$XDG_RUNTIME_DIR/app/${app.id}"
"$XDG_RUNTIME_DIR/speech-dispatcher:ro"
# "$HOME/downloads"
];
mounts.sandbox = [
{
name = "config/zen";
path = "$HOME/.zen";
}
];
dbus.session.talks = [
"org.a11y.Bus"
"org.gtk.vfs.*"
];
dbus.system.talks = [
"org.freedesktop.NetworkManager"
"org.freedesktop.UPower"
];
dbus.session.owns = [
"org.mozilla.zen.*"
"org.mpris.MediaPlayer2.firefox.*"
];
}
bwrapperOpts))