anotherhadi/nixy
1
Fork 0
mirror of https://github.com/anotherhadi/nixy.git synced 2026-05-20 21:32:33 +02:00
Code Issues Packages Projects Releases Wiki Activity

Compare commits

base: anotherhadi/nixy:ae024e308d531b807db35d195f32da933dfa54b9
Branches Tags
anotherhadi/nixy:main
anotherhadi/nixy:v5.0.0 anotherhadi/nixy:v4.0.0 anotherhadi/nixy:v3.2.0 anotherhadi/nixy:v3.1.1 anotherhadi/nixy:v3.1.0 anotherhadi/nixy:v3.0.0 anotherhadi/nixy:v2.4.0 anotherhadi/nixy:v2.3.0 anotherhadi/nixy:v2.2.0 anotherhadi/nixy:v2.1.0 anotherhadi/nixy:v2.0.1 anotherhadi/nixy:v2.0.0 anotherhadi/nixy:v1.0.0
..
compare: anotherhadi/nixy:main
Branches Tags
anotherhadi/nixy:main
anotherhadi/nixy:v5.0.0 anotherhadi/nixy:v4.0.0 anotherhadi/nixy:v3.2.0 anotherhadi/nixy:v3.1.1 anotherhadi/nixy:v3.1.0 anotherhadi/nixy:v3.0.0 anotherhadi/nixy:v2.4.0 anotherhadi/nixy:v2.3.0 anotherhadi/nixy:v2.2.0 anotherhadi/nixy:v2.1.0 anotherhadi/nixy:v2.0.1 anotherhadi/nixy:v2.0.0 anotherhadi/nixy:v1.0.0

74 Commits
ae024e308d .. main

Author SHA1 Message Date
Hadi edf013bb08 update flake 
Signed-off-by: Hadi <112569860+anotherhadi@users.noreply.github.com>
 2026-05-12 11:35:30 +02:00
Hadi cb323223f8 USBGuard rules for work 
Signed-off-by: Hadi <hadi@example.com>
 2026-05-07 09:47:53 +02:00
Hadi d1462de38c Update LICENSE 
Signed-off-by: Hadi <hadi@example.com>
 2026-05-06 14:23:30 +02:00
Hadi 8419542ea2 fix accent 
Signed-off-by: Hadi <112569860+anotherhadi@users.noreply.github.com>
 2026-05-05 21:46:16 +02:00
Hadi 2740475af1 edit usbguard rules 
Signed-off-by: Hadi <112569860+anotherhadi@users.noreply.github.com>
 2026-05-05 20:40:22 +02:00
Hadi 5e9b5ad633 Moove greasemonkey's script to home.activation 
Signed-off-by: Hadi <hadi@example.com>
 2026-05-05 10:00:41 +02:00
Hadi 0452f40b25 Add usbguard-tui 
Signed-off-by: Hadi <hadi@example.com>
 2026-05-05 09:54:52 +02:00
Hadi d71c9d8169 Nix fmt 
Signed-off-by: Hadi <112569860+anotherhadi@users.noreply.github.com>
 2026-05-04 20:40:09 +02:00
Hadi e805c868a7 Add usbguard service 
Signed-off-by: Hadi <112569860+anotherhadi@users.noreply.github.com>
 2026-05-04 19:51:01 +02:00
Hadi 0fd0a73e92 Move monitor to host's home.nix file 
Signed-off-by: Hadi <112569860+anotherhadi@users.noreply.github.com>
 2026-05-04 19:50:35 +02:00
Hadi cd2896eb5d add home manager module 
Signed-off-by: Hadi <hadi@example.com>
 2026-05-04 10:31:56 +02:00
Hadi 35b79af191 Merge branch 'main' of github.com:anotherhadi/nixy 2026-05-04 09:49:27 +02:00
Hadi 325cacc86f update blog 
Signed-off-by: Hadi <112569860+anotherhadi@users.noreply.github.com>
 2026-04-29 22:44:05 +02:00
Hadi 7862c970fd Add Security Headers 
Signed-off-by: Hadi <112569860+anotherhadi@users.noreply.github.com>
 2026-04-29 22:18:16 +02:00
Hadi 498ed902a2 Add error pages 
Signed-off-by: Hadi <112569860+anotherhadi@users.noreply.github.com>
 2026-04-29 19:43:59 +02:00
Hadi 3478a9a0a5 change nvf flake.nix 
Signed-off-by: Hadi <hadi@example.com>
 2026-04-28 14:34:00 +02:00
Hadi f6d056deb3 Add inputs via module.args 
Signed-off-by: Hadi <hadi@example.com>
 2026-04-28 09:49:13 +02:00
Hadi 795621ada6 nixy to home manager module 
Signed-off-by: Hadi <hadi@example.com>
 2026-04-28 09:45:47 +02:00
Hadi 31964cca35 Export nixy as a flake 
Signed-off-by: Hadi <hadi@example.com>
 2026-04-28 09:41:17 +02:00
github-actions abcadd4eaf Update README.md (auto) 2026-04-27 19:14:25 +00:00
Hadi 5945a72b01 Refactor flakes 
Signed-off-by: Hadi <112569860+anotherhadi@users.noreply.github.com>
 2026-04-27 21:13:58 +02:00
Hadi df6381db85 Qutebrowser greasemonkey as flake now 
Signed-off-by: Hadi <112569860+anotherhadi@users.noreply.github.com>
 2026-04-27 20:31:47 +02:00
Hadi 6ed60d7a13 Change formater 
Signed-off-by: Hadi <112569860+anotherhadi@users.noreply.github.com>
 2026-04-25 15:35:57 +02:00
Hadi bcd4fa9839 fix bug with caelestia conf being read-only 
Signed-off-by: Hadi <112569860+anotherhadi@users.noreply.github.com>
 2026-04-25 14:57:29 +02:00
Hadi 143c5d2a34 Edit qutebrowser userscripts & overlay 
Signed-off-by: Hadi <112569860+anotherhadi@users.noreply.github.com>
 2026-04-25 14:56:21 +02:00
Hadi 4ed04ebf55 edit ssh config 
Signed-off-by: Hadi <112569860+anotherhadi@users.noreply.github.com>
 2026-04-25 13:36:29 +02:00
Hadi 1a57874e68 update flake 
Signed-off-by: Hadi <112569860+anotherhadi@users.noreply.github.com>
 2026-04-25 13:23:54 +02:00
Hadi 2127ffbe31 remove "privateBookmars" 
Signed-off-by: Hadi <hadi@example.com>
 2026-04-23 09:52:11 +02:00
Hadi a76f81fa13 update caelestia conf 
Signed-off-by: Hadi <hadi@example.com>
 2026-04-22 11:34:48 +02:00
Hadi f9d5c6ab00 Merge branch 'main' of github.com:anotherhadi/nixy 2026-04-22 10:38:12 +02:00
Hadi b51a78ac1c add secrets 
Signed-off-by: Hadi <hadi@example.com>
 2026-04-22 10:33:19 +02:00
Hadi 96b5d5e671 move feedly 
Signed-off-by: Hadi <hadi@example.com>
 2026-04-22 10:33:10 +02:00
Hadi a222958eea remove sesh 
Signed-off-by: Hadi <112569860+anotherhadi@users.noreply.github.com>
 2026-04-21 18:44:39 +02:00
Hadi c3f86c9831 Add netrc 
Signed-off-by: Hadi <hadi@example.com>
 2026-04-21 15:21:55 +02:00
Hadi dc5c7dc915 create dirs 
Signed-off-by: Hadi <hadi@example.com>
 2026-04-20 16:51:37 +02:00
Hadi 3cbe2a1ab2 add Feedly to bookmarks 
Signed-off-by: Hadi <hadi@example.com>
 2026-04-20 14:21:49 +02:00
Hadi a1ed4ebc4c add list & tools 
Signed-off-by: Hadi <hadi@example.com>
 2026-04-20 14:21:44 +02:00
Hadi 80aa828ee5 Init the work config v2 
Signed-off-by: Hadi <hadi@example.com>
 2026-04-20 14:05:09 +02:00
Hadi 28cdcb6dad Add tool & bookmark 
Signed-off-by: Hadi <hadi@example.com>
 2026-04-20 14:04:41 +02:00
Hadi e620c5296f edit bookmarks 
Signed-off-by: Hadi <112569860+anotherhadi@users.noreply.github.com>
 2026-04-19 19:34:13 +02:00
Hadi 80ca377585 v5.0.0 2026-04-19 18:51:14 +02:00
Hadi 3a8ac99f43 fix warning 
Signed-off-by: Hadi <112569860+anotherhadi@users.noreply.github.com>
 2026-04-19 18:50:55 +02:00
Hadi 6724573f16 Merge pull request #54 from Chiloute/fix-nvf-tailwind-install 
nvf tailwind new install method
 2026-04-19 18:48:30 +02:00
Hadi 13ae753f3d update 
Signed-off-by: Hadi <112569860+anotherhadi@users.noreply.github.com>
 2026-04-19 18:45:22 +02:00
Hadi 805f43618c Edit qutebrowser config 
Signed-off-by: Hadi <112569860+anotherhadi@users.noreply.github.com>
 2026-04-19 18:45:19 +02:00
Hadi 4489c9e0ae Add Proton Mail & Calendar shortcuts 
Signed-off-by: Hadi <112569860+anotherhadi@users.noreply.github.com>
 2026-04-19 17:38:03 +02:00
Hadi 3a86013330 new theme! 
Signed-off-by: Hadi <112569860+anotherhadi@users.noreply.github.com>
 2026-04-18 20:11:38 +02:00
Hadi 922a412cda tabs switching & shortcuts 
Signed-off-by: Hadi <112569860+anotherhadi@users.noreply.github.com>
 2026-04-18 01:25:06 +02:00
Hadi cedf87698c edit home src 
Signed-off-by: Hadi <112569860+anotherhadi@users.noreply.github.com>
 2026-04-18 01:13:04 +02:00
Hadi 52561cf335 qutebrowser configuration 
Signed-off-by: Hadi <112569860+anotherhadi@users.noreply.github.com>
 2026-04-18 01:12:46 +02:00
Hadi 9429c9f93b dead imports 
Signed-off-by: Hadi <112569860+anotherhadi@users.noreply.github.com>
 2026-04-18 01:03:57 +02:00
Hadi 5e0dd70cfa Edit secrets & hostname 
Signed-off-by: Hadi <112569860+anotherhadi@users.noreply.github.com>
 2026-04-18 00:53:51 +02:00
Hadi 9e24c44c53 A lot of QOL changement, remove Zen, config Qutebrowser, update a lot of things 
Signed-off-by: Hadi <112569860+anotherhadi@users.noreply.github.com>
 2026-04-18 00:44:22 +02:00
pph 241db5ce7a init qutebrowser 
Signed-off-by: pph <pph@pph.pph>
 2026-04-17 14:43:58 +02:00
pph 00faa213bf move shortcuts 
Signed-off-by: pph <pph@pph.pph>
 2026-04-17 13:40:29 +02:00
pph 0aac097e77 edit groups 
Signed-off-by: pph <pph@pph.pph>
 2026-04-17 13:40:23 +02:00
pph 5aaeba1512 new bookmark 
Signed-off-by: pph <pph@pph.pph>
 2026-04-16 14:54:37 +02:00
Chiloute 1bdf7a3af5 nvf tailwind new install method 
Signed-off-by: Chiloute <35150997+Chiloute@users.noreply.github.com>
 2026-04-15 19:33:59 +02:00
Hadi 4f3cf99b99 nevermind 
Signed-off-by: Hadi <112569860+anotherhadi@users.noreply.github.com>
 2026-04-12 20:24:15 +02:00
Hadi f7a2aa6256 change from number to username + env var 
Signed-off-by: Hadi <112569860+anotherhadi@users.noreply.github.com>
 2026-04-12 19:24:24 +02:00
Hadi ac3c0886b7 auto upgrades 
Signed-off-by: Hadi <112569860+anotherhadi@users.noreply.github.com>
 2026-04-12 19:02:46 +02:00
Hadi 17f976d4e7 edit keybinds 
Signed-off-by: Hadi <112569860+anotherhadi@users.noreply.github.com>
 2026-04-11 17:44:25 +02:00
Hadi daaf0d2b27 edit secrets 
Signed-off-by: Hadi <112569860+anotherhadi@users.noreply.github.com>
 2026-04-11 12:26:35 +02:00
Hadi 5f0d3bff5f remove pins and change some keybinds 
Signed-off-by: Hadi <112569860+anotherhadi@users.noreply.github.com>
 2026-04-11 12:22:53 +02:00
Hadi 36ad6aeb57 Change from brave to zen 
Signed-off-by: Hadi <112569860+anotherhadi@users.noreply.github.com>
 2026-04-11 11:59:04 +02:00
Hadi 2326857f65 hardening 
Signed-off-by: Hadi <112569860+anotherhadi@users.noreply.github.com>
 2026-04-11 11:27:39 +02:00
Hadi 28b7923e47 New way to deploy apps in my server 
Signed-off-by: Hadi <112569860+anotherhadi@users.noreply.github.com>
 2026-04-11 02:26:00 +02:00
Hadi 29bdd6468a remove discord 
Signed-off-by: Hadi <112569860+anotherhadi@users.noreply.github.com>
 2026-04-11 01:34:02 +02:00
Hadi 08db0a42c4 add claude-code to jack 
Signed-off-by: Hadi <112569860+anotherhadi@users.noreply.github.com>
 2026-04-10 22:57:18 +02:00
Hadi 66cc2a3958 add colors 
Signed-off-by: Hadi <112569860+anotherhadi@users.noreply.github.com>
 2026-04-10 22:57:09 +02:00
Hadi 80afef207a edit gitignore 
Signed-off-by: Hadi <112569860+anotherhadi@users.noreply.github.com>
 2026-04-10 22:23:05 +02:00
Hadi d18d67d86e update 
Signed-off-by: Hadi <112569860+anotherhadi@users.noreply.github.com>
 2026-04-07 22:48:29 +02:00
pph 2e10d6feff Merge branch 'main' of github.com:anotherhadi/nixy 2026-04-07 13:42:51 +02:00
pph dea17ebf3c remove update nws 
Signed-off-by: pph <pph@pph.pph>
 2026-04-07 13:42:40 +02:00
119 changed files with 3351 additions and 1669 deletions
Expand all files Collapse all files
.github/assets/README_template.md
+2
View File
@@ -119,6 +119,8 @@ sudo nixos-rebuild switch --flake ~/.config/nixos#yourhostname
- [THEMES](docs/THEMES.md): How themes work and how to create your own - [THEMES](docs/THEMES.md): How themes work and how to create your own
- [WALLPAPERS](https://github.com/anotherhadi/awesome-wallpapers): An awesome - [WALLPAPERS](https://github.com/anotherhadi/awesome-wallpapers): An awesome
collection of wallpapers collection of wallpapers
- [NEOVIM](docs/NEOVIM.md): How to use the Neovim config in your own flake
- [GROUPS](docs/GROUPS.md): Reusable package groups (dev, cybersecurity)
- [CONTRIBUTING](docs/CONTRIBUTING.md): How to contribute - [CONTRIBUTING](docs/CONTRIBUTING.md): How to contribute
- [LICENSE](LICENSE): MIT License - [LICENSE](LICENSE): MIT License
.gitignore
+1
View File
@@ -1,2 +1,3 @@
.sops.yaml .sops.yaml
.claude/
old/ old/
LICENSE
+1 -1
View File
@@ -1,6 +1,6 @@
MIT License MIT License
Copyright (c) 2024 Hadi Copyright (c) 2026 Hadi
Permission is hereby granted, free of charge, to any person obtaining a copy Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal of this software and associated documentation files (the "Software"), to deal
README.md
+2
View File
@@ -129,6 +129,8 @@ sudo nixos-rebuild switch --flake ~/.config/nixos#yourhostname
- [THEMES](docs/THEMES.md): How themes work and how to create your own - [THEMES](docs/THEMES.md): How themes work and how to create your own
- [WALLPAPERS](https://github.com/anotherhadi/awesome-wallpapers): An awesome - [WALLPAPERS](https://github.com/anotherhadi/awesome-wallpapers): An awesome
collection of wallpapers collection of wallpapers
- [NEOVIM](docs/NEOVIM.md): How to use the Neovim config in your own flake
- [GROUPS](docs/GROUPS.md): Reusable package groups (dev, cybersecurity)
- [CONTRIBUTING](docs/CONTRIBUTING.md): How to contribute - [CONTRIBUTING](docs/CONTRIBUTING.md): How to contribute
- [LICENSE](LICENSE): MIT License - [LICENSE](LICENSE): MIT License
docs/GROUPS.md
+44
View File
@@ -0,0 +1,44 @@
# Groups
Groups are curated sets of packages exposed as flake outputs. Each group has two forms:
- **`homeManagerModules.<group>`** — full home-manager module (packages + files + systemd units)
- **`packages.<group>`** — standalone environment for `nix shell` (packages only)
## Available groups
- dev (go, bun, air, ...)
- cybersecurity (nmap, john, dirb, ffuf, ...)
For the Cybersecurity group, the home-manager module also sets up:
- `~/Cyber/wordlists/` with SecLists, fuzz4bounty, and hashcat rules
- `~/Cyber/tmp/` as a temporary workspace
## Use in another flake
Add this repo as an input:
```nix
inputs.nixy.url = "github:anotherhadi/nixy";
```
Import the home-manager module in your home configuration:
```nix
{ inputs, ... }: {
imports = [
inputs.nixy.homeManagerModules.cybersecurity
# inputs.nixy.homeManagerModules.dev
];
}
```
## Quick shell without installing
```sh
nix shell github:anotherhadi/nixy#cybersecurity
nix shell github:anotherhadi/nixy#dev
```
This drops you into a shell with all tools in `PATH`. No home-manager required, no wordlists or systemd units.
docs/NEOVIM.md
+40
View File
@@ -0,0 +1,40 @@
# Neovim
The Neovim configuration is built with [nvf](https://github.com/notashelf/nvf) and exposed as a standalone flake output.
It can be used in three ways: run it directly, import it into another flake's home-manager setup, or use it as part of this config.
## Run directly
No installation needed:
```sh
nix run github:anotherhadi/nixy#nvim
```
## Use in another flake
Add this repo as an input:
```nix
inputs.nixy.url = "github:anotherhadi/nixy";
```
Then import the home-manager module in your home configuration:
```nix
{ inputs, ... }: {
imports = [ inputs.nixy.homeManagerModules.nvim ];
}
```
## What's included
| File | Description |
| --------------- | ---------------------------------------------------------------------- |
| `options.nix` | Core settings: theme (catppuccin mocha), clipboard, indentation, folds |
| `languages.nix` | LSP, treesitter, formatters, diagnostics, and per-language config |
| `keymaps.nix` | All key mappings (leader: `space`) |
| `picker.nix` | Snacks picker + oil.nvim |
| `snacks.nix` | Snacks extras: image preview, zen mode, git signs, statuscolumn |
| `utils.nix` | Bufferline, lualine, copilot, lazygit, toggleterm, autocomplete |
| `mini.nix` | Mini.nvim suite: pairs, comment, icons, indentscope, diff, git |
docs/SERVER.md
-2
View File
@@ -24,8 +24,6 @@ The server hosts several key applications:
- **Mealie**: A self-hosted recipe manager and meal planner with a clean user interface. - **Mealie**: A self-hosted recipe manager and meal planner with a clean user interface.
- **Stirling-PDF**: A powerful, locally hosted web application for editing, merging, and converting PDF files. - **Stirling-PDF**: A powerful, locally hosted web application for editing, merging, and converting PDF files.
- **CyberChef**: The "Cyber Swiss Army Knife" for data analysis, decoding, and encryption tasks. - **CyberChef**: The "Cyber Swiss Army Knife" for data analysis, decoding, and encryption tasks.
- **Linkding**: A simple, fast, and minimalist bookmark manager.
- **Mazanoke**: A utility service for image processing, specialized in format conversion and downgrading/optimization. - **Mazanoke**: A utility service for image processing, specialized in format conversion and downgrading/optimization.
- **Eleakxir**: A private search engine for exploring data wells (parquet files) with a modern web interface.
- **SSH**: Secure remote access configuration for server management. (via browser too) - **SSH**: Secure remote access configuration for server management. (via browser too)
- **Security related stuff**: Cloudflared, Fail2Ban, Firewall - **Security related stuff**: Cloudflared, Fail2Ban, Firewall
flake.lock
Generated
+339 -263
View File
File diff suppressed because it is too large Load Diff
flake.nix
+34 -51
View File
@@ -7,14 +7,14 @@
inputs = { inputs = {
nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable"; nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable";
nixpkgs-stable.url = "github:nixos/nixpkgs/nixos-25.05"; nixpkgs-stable.url = "github:nixos/nixpkgs/nixos-25.11";
nixos-hardware.url = "github:NixOS/nixos-hardware/master"; nixos-hardware.url = "github:NixOS/nixos-hardware/master";
hyprland.url = "git+https://github.com/hyprwm/Hyprland?submodules=1"; hyprland.url = "git+https://github.com/hyprwm/Hyprland?submodules=1";
stylix.url = "github:danth/stylix"; stylix.url = "github:danth/stylix";
nixcord.url = "github:kaylorben/nixcord";
sops-nix.url = "github:Mic92/sops-nix"; sops-nix.url = "github:Mic92/sops-nix";
nvf.url = "github:notashelf/nvf"; nvf.url = "github:notashelf/nvf";
bun2nix.url = "github:nix-community/bun2nix"; bun2nix.url = "github:nix-community/bun2nix";
usbguard-tui.url = "github:anotherhadi/usbguard-tui";
nix-index-database = { nix-index-database = {
url = "github:nix-community/nix-index-database"; url = "github:nix-community/nix-index-database";
@@ -43,56 +43,39 @@
default-creds.url = "github:anotherhadi/default-creds"; default-creds.url = "github:anotherhadi/default-creds";
blog.url = "github:anotherhadi/blog"; blog.url = "github:anotherhadi/blog";
awesome-wallpapers.url = "github:anotherhadi/awesome-wallpapers"; awesome-wallpapers.url = "github:anotherhadi/awesome-wallpapers";
iknowyou.url = "github:anotherhadi/iknowyou";
}; };
outputs = inputs @ {nixpkgs, ...}: { outputs = inputs @ {
nixosConfigurations = { nixpkgs,
nixy = nixpkgs-stable,
# CHANGEME: This should match the 'hostname' in your variables.nix file ...
nixpkgs.lib.nixosSystem { }: let
modules = [ system = "x86_64-linux";
{ pkgs = nixpkgs.legacyPackages.${system};
nixpkgs.overlays = []; args = {
_module.args = { inherit
inherit inputs; inputs
}; nixpkgs
} system
inputs.nixos-hardware.nixosModules.omen-16-n0005ne # CHANGEME: check https://github.com/NixOS/nixos-hardware pkgs
inputs.home-manager.nixosModules.home-manager ;
inputs.stylix.nixosModules.stylix pkgs-stable = nixpkgs-stable.legacyPackages.${system};
inputs.nix-index-database.nixosModules.default
./hosts/laptop/configuration.nix # CHANGEME: change the path to match your host folder
];
};
pph = nixpkgs.lib.nixosSystem {
modules = [
{
nixpkgs.overlays = [];
_module.args = {
inherit inputs;
};
}
inputs.home-manager.nixosModules.home-manager
inputs.stylix.nixosModules.stylix
inputs.nix-index-database.nixosModules.default
./hosts/pph/configuration.nix
];
};
# Jack is my server
jack = nixpkgs.lib.nixosSystem {
modules = [
{_module.args = {inherit inputs;};}
inputs.home-manager.nixosModules.home-manager
inputs.stylix.nixosModules.stylix
inputs.sops-nix.nixosModules.sops
inputs.nixarr.nixosModules.default
# inputs.eleakxir.nixosModules.eleakxir
inputs.nix-index-database.nixosModules.default
inputs.default-creds.nixosModules.default
./hosts/server/configuration.nix
];
};
}; };
}; merge = nixpkgs.lib.foldl nixpkgs.lib.recursiveUpdate {};
in
merge [
(import ./home/programs/nvf/flake.nix args)
(import ./home/programs/group/flake.nix args)
(import ./home/programs/nixy/flake.nix args)
{
formatter.${system} = pkgs.alejandra;
nixosConfigurations = {
h-laptop = import ./hosts/laptop/flake.nix args;
h-work = import ./hosts/work/flake.nix args;
jack = import ./hosts/server/flake.nix args;
};
}
];
} }
home/programs/brave/default.nix
+13 -39
View File
@@ -1,4 +1,4 @@
{pkgs, ...}: { {
programs.brave = { programs.brave = {
enable = true; enable = true;
commandLineArgs = [ commandLineArgs = [
@@ -35,13 +35,6 @@
]; ];
extensions = let extensions = let
ids = [ ids = [
"cjpalhdlnbpafiamejdnhcphjbkeiagm" # ublock origin
"dbepggeogbaibhgnhhndojpepiihcmeb" # vimium
"eimadpbcbfnmbkopoojfekhnkhdbieeh" # dark reader
"pkehgijcmpdhfbdbbnkijodmdjhbjlgp" # privacy badger
"ghmbeldphafepmbegfdlkpapadhbakde" # proton pass
"mmjbdbjnoablegbkcklggeknkfcjkjia" # custom new tab page
"oabailhgoobiboghkmlppflobceplfde" # Enable Clipboard
]; ];
in in
map (id: {inherit id;}) ids; map (id: {inherit id;}) ids;
@@ -63,11 +56,6 @@
BraveDarkMode = 1; BraveDarkMode = 1;
}; };
home.sessionVariables = {
DEFAULT_BROWSER = "${pkgs.brave}/bin/brave";
BROWSER = "${pkgs.brave}/bin/brave";
};
xdg.desktopEntries = { xdg.desktopEntries = {
brave-incognito = { brave-incognito = {
name = "Brave (Private window)"; name = "Brave (Private window)";
@@ -75,8 +63,14 @@
exec = "brave --incognito"; exec = "brave --incognito";
icon = "brave-browser"; icon = "brave-browser";
terminal = false; terminal = false;
categories = ["Network" "WebBrowser"]; categories = [
mimeType = ["text/html" "text/xml"]; "Network"
"WebBrowser"
];
mimeType = [
"text/html"
"text/xml"
];
}; };
brave-tor = { brave-tor = {
name = "Brave (Private window w/Tor)"; name = "Brave (Private window w/Tor)";
@@ -84,30 +78,10 @@
exec = "brave --tor"; exec = "brave --tor";
icon = "brave-browser"; icon = "brave-browser";
terminal = false; terminal = false;
categories = ["Network" "WebBrowser"]; categories = [
"Network"
"WebBrowser"
];
}; };
}; };
# =================================================================
# BRAVE SETTINGS (via brave://flags)
# =================================================================
# These need to be set manually in brave://flags on first launch:
# - Enable Tab Groups (UI)
# - Enable Parallel Downloading
# - Enable Reader Mode
# - GPU Rasterization: Enabled
# - Override software rendering list: Enabled
#
# Privacy settings (brave://settings/privacy):
# - Block trackers & ads: Aggressive
# - Block all fingerprinting
# - Upgrade connections to HTTPS
# - Block scripts: Off (breaks sites, use uBlock instead)
# - Block cookies: Only 3rd party
#
# Appearance (brave://settings/appearance):
# - Show home button: Off
# - Show bookmarks bar: Only on new tab
# - Use wide address bar: On
} }
home/programs/discord/default.nix
-9
View File
@@ -1,9 +0,0 @@
# Discord is a popular chat application.
{inputs, ...}: {
imports = [inputs.nixcord.homeModules.nixcord];
programs.nixcord = {
enable = true;
config = {frameless = true;};
};
}
home/programs/fetch/default.nix
-367
View File
@@ -1,367 +0,0 @@
# Nerdfetch, a simple system info script written in bash
# Source: https://github.com/ThatOneCalculator/NerdFetch
{pkgs, ...}: let
nerdfetch = pkgs.writeShellScriptBin "nerdfetch" ''
ostype="$(uname)"
version=8.1.1
font=nerd
distrotype=none
osi=""
ki=""
ri="󰍛"
pi="󰏔"
ui="󰅶"
ci=""
case $1 in
"-p")
font=phosphor
osi=""
ki=""
ri=""
pi=""
ui=""
ci=""
;;
"-c")
font=cozette
ki=""
ri=""
pi=""
ui=""
ci=""
;;
"-e")
font=emoji
osi="🐧"
ki="💓"
ri="🐐"
pi="📦"
ui=""
ci="🎨"
;;
"-v")
echo "NerdFetch $version"
exit
;;
"-h")
echo "Flags:
-c: Cozette font
-p: Phosphor font
-e: Emoji font
-v: Version"
exit
;;
esac
if command -v getprop 1>/dev/null; then
distrotype=android
fi
kernel="$(echo $(uname -r) | cut -d'-' -f1-1)"
case $ostype in
*"Linux"*)
if [ $distrotype = android ]; then
host="$(hostname)"
USER="$(whoami)"
os="Android $(getprop ro.build.version.release)"
case $font in
phosphor) osi="" ;;
emoji) osi="🤖" ;;
*) osi="󰀲" ;;
esac
else
host="$(cat /proc/sys/kernel/hostname)"
. /etc/os-release
if [ -f /bedrock/etc/bedrock-release ]; then
os="$(brl version)"
else
os="''${PRETTY_NAME}"
if [ $font = nerd ]; then
case $(echo $ID | sed 's/ .*//') in
debian) osi="" ;;
arch) osi="󰣇" ;;
endeavouros) osi="" ;;
fedora) osi="" ;;
gentoo) osi="" ;;
rhel) osi="" ;;
slackware) osi="" ;;
void) osi="" ;;
alpine) osi="" ;;
nixos) osi="󱄅" ;;
artix) osi="" ;;
exherbo) osi="󰆚" ;;
mageia) osi="" ;;
manjaro) osi="" ;;
opensuse) osi="" ;;
solus) osi="" ;;
ubuntu) osi="" ;;
mint) osi="󰣭" ;;
trisquel) osi="" ;;
puppy) osi="" ;;
coreos) osi="" ;;
mx) osi="" ;;
vanilla) osi="" ;;
pop_os) osi="" ;;
raspbian) osi="" ;;
deepin) osi="" ;;
almalinux) osi="" ;;
garuda) osi="" ;;
centos) osi="" ;;
rocky) osi="" ;;
esac
elif [ $font = cozette ]; then
case $(echo $ID | sed 's/ .*//') in
debian) osi="" ;;
arch) osi="" ;;
fedora) osi="" ;;
gentoo) osi="" ;;
slackware) osi="" ;;
void) osi="" ;;
alpine) osi="" ;;
nixos) osi="" ;;
mageia) osi="" ;;
manjaro) osi="" ;;
opensuse) osi="" ;;
ubuntu) osi="" ;;
mint) osi="" ;;
coreos) osi="" ;;
centos) osi="" ;;
esac
fi
fi
fi
shell=$(basename "$SHELL")
;;
*"Darwin"*)
host="$(hostname -f | sed -e 's/^[^.]*\.//')"
mac_product="$(/usr/libexec/PlistBuddy -c "Print:ProductName" /System/Library/CoreServices/SystemVersion.plist)"
mac_version="$(/usr/libexec/PlistBuddy -c "Print:ProductVersion" /System/Library/CoreServices/SystemVersion.plist)"
os="''${mac_product} ''${mac_version}"
case $font in
nerd) osi="" ;;
phosphor) osi="" ;;
cozette) osi="" ;;
emoji) osi="🍎" ;;
esac
;;
*"FreeBSD"*)
host="$(hostname)"
distrotype=bsd
os="FreeBSD $(freebsd-version | sed 's/-.*//')"
case $font in
nerd) osi="" ;;
phosphor) osi="" ;;
cozette) osi="" ;;
emoji) osi="😈" ;;
esac
;;
*"OpenBSD"*)
host="$(hostname)"
distrotype=bsd
os="OpenBSD $(uname -r)"
case $font in
nerd) osi="" ;;
phosphor) osi="" ;;
cozette) osi="" ;;
emoji) osi="🐡" ;;
esac
;;
*"NetBSD"*)
host="$(hostname)"
distrotype=netbsd
os="NetBSD $(uname -r)"
case $font in
nerd) osi="󰉀" ;;
phosphor) osi="" ;;
cozette) osi="" ;;
emoji) osi="🚩" ;;
esac
;;
*)
os="Unix-like"
host="host"
;;
esac
## PACKAGE MANAGER AND PACKAGES DETECTION
MANAGER=$(which nix-env pkg flatpak yum zypper dnf rpm dpkg-query brew port pacman xbps-query emerge cave apk kiss pmm /usr/sbin/slackpkg bulge birb yay paru pacstall cpm pmm eopkg getprop 2>/dev/null)
manager=$(basename "$MANAGER")
if [ $distrotype = netbsd ]; then
manager="pkg_info-netbsd"
fi
case $manager in
cpm) packages="$(cpm C)" ;;
flatpak) packages="$(flatpak list --app | wc -l)" ;;
brew) packages="$(printf '%s\n' "$(brew --cellar)/"* | wc -l)" ;;
port) packages="$(port installed | wc -l)" ;;
dpkg-query) packages="$(dpkg-query -f '${"binary:Package"}\n' -W | wc -l)" ;;
rpm) packages="$(rpm -qa --last | wc -l)" ;;
yum) packages="$(yum list installed | wc -l)" ;;
dnf) packages="$(dnf list installed | wc -l)" ;;
zypper) packages="$(zypper se | wc -l)" ;;
pacman) packages="$(pacman -Q | wc -l)" ;;
yay) packages="$(yay -Q | wc -l)" ;;
paru) packages="$(paru -Q | wc -l)" ;;
pacstall) packages="$(pacstall -L | wc -l)" ;;
kiss) packages="$(kiss list | wc -l)" ;;
emerge) packages="$(qlist -I | wc -l)" ;;
pkg) packages="$(pkg info | wc -l | tr -d ' ')" ;;
cave) packages="$(cave show installed-slots | wc -l)" ;;
xbps-query) packages="$(xbps-query -l | wc -l)" ;;
nix-env) packages="$(nix-store -q --requisites /run/current-system/sw | wc -l)" ;;
apk) packages="$(apk list --installed | wc -l)" ;;
pmm) packages="$(/bedrock/libexec/pmm pacman pmm -Q 2>/dev/null | wc -l)" ;;
eopkg) packages="$(eopkg li | wc -l)" ;;
/usr/sbin/slackpkg) packages="$(ls /var/log/packages | wc -l)" ;;
bulge) packages="$(bulge list | wc -l)" ;;
birb) packages="$(birb --list-installed | wc -l)" ;;
pkg_info)
packages="$(pkg_info -A | wc -l)"
manager="pkg"
;;
pkg_info-netbsd)
packages="$(pkg_info -a | wc -l)"
manager="pkg"
;;
*)
if [ $distrotype = android ]; then
packages="$(dpkg-query -f '${"binary:Package"}\n' -W | wc -l)"
manager="dpkg"
else
packages="$(ls /usr/bin | wc -l)"
manager="bin"
fi
;;
esac
packages="''${packages#"''${packages%%[![:space:]]*}"}"
manager=$(echo $manager | sed "s/-query//; s/\/usr\/.*\///")
## UPTIME DETECTION
if [ $distrotype = android ]; then
uptime="$(echo $(uptime -p) | cut -c 4-)"
elif [ $distrotype = bsd ] || [ $distrotype = netbsd ]; then
uptime="$(uptime | sed -e 's/.* up //; s/, [0-9]* user.*//')"
else
case $ostype in
*"Linux"*)
IFS=. read -r s _ </proc/uptime
;;
*)
s=$(sysctl -n kern.boottime)
s=''${s#*=}
s=''${s%,*}
s=$(($(date +%s) - s))
;;
esac
d="$((s / 60 / 60 / 24))"
h="$((s / 60 / 60 % 24))"
m="$((s / 60 % 60))"
# Plurals
[ "$d" -gt 1 ] && dp=s
[ "$h" -gt 1 ] && hp=s
[ "$m" -gt 1 ] && mp=s
[ "$s" -gt 1 ] && sp=s
# Hide empty fields.
[ "$d" = 0 ] && d=
[ "$h" = 0 ] && h=
[ "$m" = 0 ] && m=
[ "$m" != "" ] && s=
# Make the output of uptime smaller.
[ "$d" ] && uptime="$d day$dp, "
[ "$h" ] && uptime="$uptime$h hour$hp, "
[ "$m" ] && uptime="$uptime$m min$mp"
[ "$s" ] && uptime="$uptime$s sec$sp"
uptime=''${uptime%, }
fi
## RAM DETECTION
case $ostype in
*"Linux"*)
while IFS=':k ' read -r key val _; do
case $key in
MemTotal)
mem_used=$((mem_used + val))
mem_full=$val
;;
Shmem) mem_used=$((mem_used + val)) ;;
MemFree | Buffers | Cached | SReclaimable) mem_used=$((mem_used - val)) ;;
esac
done </proc/meminfo
mem_used=$((mem_used / 1024))
mem_full=$((mem_full / 1024))
;;
*"Darwin"*)
mem_full=$(($(sysctl -n hw.memsize) / 1024 / 1024))
while IFS=:. read -r key val; do
case $key in
*' wired'* | *' active'* | *' occupied'*)
mem_used=$((mem_used + ${"val:-0"}))
;;
esac
done <-EOF
$(vm_stat)
EOF
mem_used=$((mem_used * 4 / 1024))
;;
*"BSD"*)
mem_full=$(($(sysctl -n hw.physmem) / 1024 / 1024))
if [ $distrotype = netbsd ]; then
mem_free=$(($(vmstat | awk 'NR==3 {print $4}') / 1024))
else
mem_free=$(($(sysctl -n vm.stats.vm.v_free_count) * $(sysctl -n vm.stats.vm.v_page_size) / 1024 / 1024))
fi
mem_used=$((mem_full - mem_free))
;;
*)
mem_full=1
mem_used=0
;;
esac
memstat="''${mem_used}/''${mem_full} MiB"
if which expr >/dev/null 2>&1; then
mempercent="($(expr $(expr ''${mem_used} \* 100 / ''${mem_full}))%)"
fi
## DEFINE COLORS
bold=''
black=''
red=''
green=''
yellow=''
blue=''
magenta=''
cyan=''
white=''
grey=''
reset=''
## USER VARIABLES -- YOU CAN CHANGE THESE
lc="$reset$bold$magenta" # labels
nc="$reset$bold$magenta" # labels
hn="$reset$bold$magenta" # labels
ic="$reset$white" # info
c0="$reset$grey" # first color
c1="$reset$white" # second color
c2="$reset$yellow" # third color
## OUTPUT
echo """
''${c0} ___ ''${nc}''${USER}''${grey}@''${reset}''${hn}''${host}''${reset}
''${c0} (''${c1}.. ''${c0}\ ''${lc}''${osi} ''${ic}''${os}''${reset}
''${c0} (''${c2}<> ''${c0}| ''${lc}''${ki} ''${ic}''${kernel}''${reset}
''${c0} /''${c1}/ \\ ''${c0}\\ ''${lc}''${ri} ''${ic}''${RAM}''${memstat} ''${mempercent}
''${c0} ( ''${c1}| | ''${c0}/| ''${lc}''${pi} ''${ic}''${packages} (''${manager})''${reset}
''${c2} _''${c0}/\\ ''${c1}__)''${c0}/''${c2}_''${c0}) ''${lc}''${ui} ''${ic}''${uptime}''${reset}
''${c2} \/''${c0}-____''${c2}\/''${reset} ''${lc}''${ci} ''${red}''${green}''${yellow}''${blue}''${magenta}''${cyan}''${reset}
"""
'';
in {home.packages = [nerdfetch];}
home/programs/ghostty/default.nix
+7
View File
@@ -1,4 +1,11 @@
{ {
home.sessionVariables = {
TERMINAL = "ghostty";
TERM = "ghostty";
XMODIFIERS = "@im=none";
GTK_IM_MODULE = "simple";
};
programs.ghostty = { programs.ghostty = {
enable = true; enable = true;
installVimSyntax = true; installVimSyntax = true;
home/programs/git/default.nix
+2 -4
View File
@@ -44,10 +44,8 @@ in {
st = "status"; st = "status";
br = "branch"; br = "branch";
df = "!git hist | peco | awk '{print $2}' | xargs -I {} git diff {}^ {}"; df = "!git hist | peco | awk '{print $2}' | xargs -I {} git diff {}^ {}";
hist = '' hist = ''log --pretty=format:"%Cgreen%h %Creset%cd %Cblue[%cn] %Creset%s%C(yellow)%d%C(reset)" --graph --date=relative --decorate --all'';
log --pretty=format:"%Cgreen%h %Creset%cd %Cblue[%cn] %Creset%s%C(yellow)%d%C(reset)" --graph --date=relative --decorate --all''; llog = ''log --graph --name-status --pretty=format:"%C(red)%h %C(reset)(%cd) %C(green)%an %Creset%s %C(yellow)%d%Creset" --date=relative'';
llog = ''
log --graph --name-status --pretty=format:"%C(red)%h %C(reset)(%cd) %C(green)%an %Creset%s %C(yellow)%d%Creset" --date=relative'';
edit-unmerged = "!f() { git ls-files --unmerged | cut -f2 | sort -u ; }; hx `f`"; edit-unmerged = "!f() { git ls-files --unmerged | cut -f2 | sort -u ; }; hx `f`";
}; };
}; };
home/programs/git/lazygit.nix
+4 -1
View File
@@ -21,7 +21,10 @@ in {
}; };
gui = { gui = {
theme = { theme = {
activeBorderColor = [accent "bold"]; activeBorderColor = [
accent
"bold"
];
inactiveBorderColor = [muted]; inactiveBorderColor = [muted];
}; };
showListFooter = false; showListFooter = false;
home/programs/git/signing.nix
+8 -5
View File
@@ -3,10 +3,13 @@
# CHANGEME: change this to your own SSH key. # CHANGEME: change this to your own SSH key.
home.file.".ssh/allowed_signers".text = "* ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIINhWby7lUUXQNKbRu9/UOrGjWDf3fvoAwGHomWv/+lL"; home.file.".ssh/allowed_signers".text = "* ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIINhWby7lUUXQNKbRu9/UOrGjWDf3fvoAwGHomWv/+lL";
programs.git.settings = { programs.git = {
commit.gpgsign = true; signing.format = "openpgp";
gpg.ssh.allowedSignersFile = "~/.ssh/allowed_signers"; settings = {
gpg.format = "ssh"; commit.gpgsign = true;
user.signingkey = "~/.ssh/key.pub"; gpg.ssh.allowedSignersFile = "~/.ssh/allowed_signers";
gpg.format = "ssh";
user.signingkey = "~/.ssh/key.pub";
};
}; };
} }
home/programs/group/basic-apps.nix
+21
View File
@@ -0,0 +1,21 @@
{
pkgs,
pkgs-stable,
...
}: {
home.packages = with pkgs-stable; [
vlc # Video player
blanket # White-noise app
obsidian # Note taking app
textpieces # Manipulate texts
resources # Ressource monitor
gnome-clocks # Clocks app
gnome-text-editor # Basic graphic text editor
ticktick # Todo app
pinta # Image editor
onlyoffice-desktopeditors # Office suite
signal-desktop # Messaging app
element-desktop # Messaging app
];
}
home/programs/group/cybersecurity.nix
+65 -4
View File
@@ -1,16 +1,77 @@
{ {
pkgs-stable,
pkgs, pkgs,
inputs,
... ...
}: { }: {
home.packages = with pkgs; [ home.packages = with pkgs-stable; [
firefox
wireshark wireshark
nmap nmap
john john
hashcat hashcat
# inputs.eleakxir.packages.${stdenv.hostPlatform.system}.leak-utils metasploit
haiti
hydra
dnsrecon
whois
dig
nosqli
jwt-cli
nuclei
# Web
caido caido
nuclei nuclei
gobuster
dirb
ffuf
sqlmap
# Utils
inetutils
samba
openvpn
mariadb
redis
]; ];
systemd.user.tmpfiles.rules = [
"d %h/Cyber/tmp 0755 - - -"
"d %h/Cyber/wordlists 0755 - - -"
"d %h/Cyber/wordlists/rules 0755 - - -"
];
home.file = {
"Cyber/wordlists/seclists" = {
source = pkgs.fetchFromGitHub {
owner = "danielmiessler";
repo = "SecLists";
rev = "47aa98053fce8670c6489e4f6fb57dc34881d8bd";
hash = "sha256-ojXLB/TXap1Qi0MtV5/WJlJpjNIDYx/sLY2KHm0uFKI=";
};
};
"Cyber/wordlists/fuzz4bounty" = {
source = pkgs.fetchFromGitHub {
owner = "0xPugal";
repo = "fuzz4bounty";
rev = "a805f6b434033f054312da0ddc2bc3021cc9a3b0";
hash = "sha256-wMhx1CcxIyw2E7gJXQxXAFc7m5nYt0FXNkoTZqFMQh4=";
};
};
# RULES
"Cyber/wordlists/rules/oneruletorulethemstill".source = pkgs.fetchFromGitHub {
owner = "stealthsploit";
repo = "oneruletorulethemstill";
rev = "4bfb7322e189305b5f35bb7fcd4e9cc233c3d3c6";
hash = "sha256-h7MeymIXS/6wlPRt4lzsIEqOOssP0lDx9nQip65cwZw=";
};
"Cyber/wordlists/rules/best64.rule" = {
source = pkgs.fetchurl {
url = "https://raw.githubusercontent.com/CarlosLannister/OwadeReborn/refs/heads/master/owade/fileAnalyze/hashcatLib/best64.rule%7E";
hash = "sha256-T0XkMHJZQiy63/j25nGTkaiDFjc+blmgEVGTAFgVylU=";
};
};
};
} }
home/programs/group/dev.nix
+24
View File
@@ -0,0 +1,24 @@
{
pkgs,
pkgs-stable,
inputs,
...
}: {
home.packages =
(with pkgs; [
# Unstable: latest toolchain versions preferred for dev
go
bun
nodejs
claude-code
inputs.bun2nix.packages.${stdenv.hostPlatform.system}.default
])
++ (with pkgs-stable; [
air
duckdb
docker
python3
jq
just
]);
}
home/programs/group/flake.nix
+69
View File
@@ -0,0 +1,69 @@
{
inputs,
pkgs,
pkgs-stable,
system,
...
}: {
packages.${system} = {
dev = pkgs.buildEnv {
name = "dev-tools";
paths =
(with pkgs; [
go
bun
nodejs
air
duckdb
claude-code
inputs.bun2nix.packages.${system}.default
])
++ (with pkgs-stable; [
docker
python3
jq
just
]);
};
cybersecurity = pkgs.buildEnv {
name = "cybersecurity-tools";
paths = with pkgs-stable; [
wireshark
nmap
john
hashcat
metasploit
haiti
hydra
dnsrecon
whois
dig
nosqli
jwt-cli
nuclei
caido
gobuster
dirb
ffuf
sqlmap
inetutils
samba
openvpn
mariadb
redis
];
};
};
homeManagerModules = {
dev = {
_module.args.pkgs-stable = pkgs-stable;
imports = [./dev.nix];
};
cybersecurity = {
_module.args.pkgs-stable = pkgs-stable;
imports = [./cybersecurity.nix];
};
};
}
home/programs/group/misc.nix
+14
View File
@@ -0,0 +1,14 @@
{
pkgs-stable,
inputs,
...
}: {
home.packages = with pkgs-stable; [
peaclock
cbonsai
pipes
cmatrix
fastfetch
inputs.usbguard-tui.packages.${system}.default
];
}
home/programs/nixy/default.nix
+20 -72
View File
@@ -6,78 +6,26 @@
#- - `nixy rebuild` - Rebuild the system. #- - `nixy rebuild` - Rebuild the system.
#- - `nixy ...` - ... see the script for more commands. #- - `nixy ...` - ... see the script for more commands.
{ {
pkgs,
config, config,
lib,
pkgs,
... ...
}: let }: {
configDirectory = config.var.configDirectory; options.programs.nixy = {
enable = lib.mkEnableOption "nixy";
configDirectory = lib.mkOption {
type = lib.types.str;
default = "$HOME/.config/nixos";
description = "Path to the NixOS configuration directory";
};
};
nixy = config = lib.mkIf config.programs.nixy.enable {
pkgs.writeShellScriptBin "nixy" home.packages = [
# bash (import ./package.nix {
'' inherit pkgs;
EXTRA_ARGS="''${@:2}" inherit (config.programs.nixy) configDirectory;
})
function exec() { ];
$@ };
} }
function ui(){
DEFAULT_ICON="󰘳"
# "icon;name;command"[]
apps=(
"󰑓;Rebuild;nixy rebuild"
"󰐊;Test;nixy test"
"󰚰;Update;nixy update"
";Collect Garbage;nixy gc"
"󰍜;Clean Boot Menu;nixy cb"
";List generation;nixy listgen"
"󰌌;Hyprland Keybindings;nvim ${configDirectory}/docs/KEYBINDINGS-HYPRLAND.md"
"󰋩;Wallpapers;zen https://github.com/anotherhadi/nixy-wallpapers"
)
# Apply default icons if empty:
for i in "''${!apps[@]}"; do
apps[i]=$(echo "''${apps[i]}" | sed 's/^;/'$DEFAULT_ICON';/')
done
fzf_result=$(printf "%s\n" "''${apps[@]}" | awk -F ';' '{print $1" "$2}' | fzf)
[[ -z $fzf_result ]] && exit 0
fzf_result=''${fzf_result/ /;}
line=$(printf "%s\n" "''${apps[@]}" | grep "$fzf_result")
command=$(echo "$line" | sed 's/^[^;]*;//;s/^[^;]*;//')
exec "$command"
exit $?
}
[[ $1 == "" ]] && ui
if [[ $1 == "rebuild" ]];then
cd ${configDirectory} && git add . && sudo nixos-rebuild switch --flake . $EXTRA_ARGS
elif [[ $1 == "test" ]];then
cd ${configDirectory} && git add . && sudo nixos-rebuild test --flake . $EXTRA_ARGS
elif [[ $1 == "update" ]];then
cd ${configDirectory} && nix flake update $EXTRA_ARGS
elif [[ $1 == "gc" ]];then
echo "Starting Nix garbage collection..."
cd ${configDirectory} && \
echo "Cleaning up system garbage..." && \
sudo nix-collect-garbage -d && \
echo "Cleaning up user garbage..." && \
nix-collect-garbage -d && \
echo "Collecting garbage from Nix store..." && \
nix-store --gc && \
echo "Optimizing Nix store..." && \
nix-store --optimise
echo "Nix garbage collection complete."
elif [[ $1 == "cb" ]];then
sudo /run/current-system/bin/switch-to-configuration boot
elif [[ $1 == "listgen" ]];then
sudo nix-env -p /nix/var/nix/profiles/system --list-generations
else
echo "Unknown argument"
fi
'';
in {home.packages = [nixy];}
home/programs/nixy/flake.nix
+14
View File
@@ -0,0 +1,14 @@
{
pkgs,
system,
...
}: {
packages.${system}.nixy = import ./package.nix {
inherit pkgs;
configDirectory = "$HOME/.config/nixos";
};
homeManagerModules.nixy = {
imports = [./default.nix];
};
}
home/programs/nixy/package.nix
+69
View File
@@ -0,0 +1,69 @@
{
pkgs,
configDirectory,
}:
pkgs.writeShellScriptBin "nixy"
# bash
''
EXTRA_ARGS="''${@:2}"
function exec() {
$@
}
function ui(){
DEFAULT_ICON="󰘳"
# "icon;name;command"[]
apps=(
"󰑓;Rebuild;nixy rebuild"
"󰐊;Test;nixy test"
"󰚰;Update;nixy update"
";Collect Garbage;nixy gc"
"󰍜;Clean Boot Menu;nixy cb"
";List generation;nixy listgen"
)
# Apply default icons if empty:
for i in "''${!apps[@]}"; do
apps[i]=$(echo "''${apps[i]}" | sed 's/^;/'$DEFAULT_ICON';/')
done
fzf_result=$(printf "%s\n" "''${apps[@]}" | awk -F ';' '{print $1" "$2}' | fzf)
[[ -z $fzf_result ]] && exit 0
fzf_result=''${fzf_result/ /;}
line=$(printf "%s\n" "''${apps[@]}" | grep "$fzf_result")
command=$(echo "$line" | sed 's/^[^;]*;//;s/^[^;]*;//')
exec "$command"
exit $?
}
[[ $1 == "" ]] && ui
if [[ $1 == "rebuild" ]];then
cd ${configDirectory} && git add . && sudo nixos-rebuild switch --flake . $EXTRA_ARGS
elif [[ $1 == "test" ]];then
cd ${configDirectory} && git add . && sudo nixos-rebuild test --flake . $EXTRA_ARGS
elif [[ $1 == "update" ]];then
cd ${configDirectory} && nix flake update $EXTRA_ARGS
elif [[ $1 == "gc" ]];then
echo "Starting Nix garbage collection..."
cd ${configDirectory} && \
echo "Cleaning up system garbage..." && \
sudo nix-collect-garbage -d && \
echo "Cleaning up user garbage..." && \
nix-collect-garbage -d && \
echo "Collecting garbage from Nix store..." && \
nix-store --gc && \
echo "Optimizing Nix store..." && \
nix-store --optimise
echo "Nix garbage collection complete."
elif [[ $1 == "cb" ]];then
sudo /run/current-system/bin/switch-to-configuration boot
elif [[ $1 == "listgen" ]];then
sudo nix-env -p /nix/var/nix/profiles/system --list-generations
else
echo "Unknown argument"
fi
''
home/programs/nvf/default.nix
+19 -10
View File
@@ -1,21 +1,30 @@
# NVF is a Neovim configuration that provides a minimal setup with essential plugins and configurations.
{ {
inputs, inputs,
pkgs, pkgs,
... ...
}: { }: {
imports = [ imports = [inputs.nvf.homeManagerModules.default];
inputs.nvf.homeManagerModules.default # Packages needed by snacks image preview
./options.nix home.packages = with pkgs; [
./languages.nix imagemagick
./picker.nix tree-sitter
./snacks.nix ghostscript
./keymaps.nix tectonic
./utils.nix mermaid-cli
./mini.nix
]; ];
programs.nvf = { programs.nvf = {
enable = true; enable = true;
settings = {
imports = [
./options.nix
./languages.nix
./picker.nix
./snacks.nix
./keymaps.nix
./utils.nix
./mini.nix
];
};
}; };
} }
home/programs/nvf/flake.nix
+37
View File
@@ -0,0 +1,37 @@
{
inputs,
pkgs,
system,
...
}: let
nvimConfig = inputs.nvf.lib.neovimConfiguration {
inherit pkgs;
modules = [
./options.nix
./languages.nix
./picker.nix
./snacks.nix
./keymaps.nix
./utils.nix
./mini.nix
];
};
in {
packages.${system}.nvim = nvimConfig.neovim;
apps.${system}.nvim = {
type = "app";
program = "${nvimConfig.neovim}/bin/nvim";
};
defaultApp.${system} = {
type = "app";
program = "${nvimConfig.neovim}/bin/nvim";
};
homeManagerModules.nvim = {
imports = [
inputs.nvf.homeManagerModules.default
./default.nix
];
};
}
home/programs/nvf/keymaps.nix
+41 -13
View File
@@ -1,10 +1,9 @@
{ {
programs.nvf.settings.vim = { vim = {
globals.mapleader = " "; globals.mapleader = " ";
binds = { binds = {
whichKey = { whichKey = {
enable = true; enable = true;
# TODO: registers
register = {}; register = {};
}; };
}; };
@@ -63,19 +62,31 @@
} }
{ {
key = "<MiddleMouse>"; key = "<MiddleMouse>";
mode = ["n" "i" "v"]; # Normal, Insert, Visual mode = [
action = "<nop>"; # No Operation "n"
silent = true; "i"
} "v"
{ ];
key = "<2-MiddleMouse>"; # Désactive aussi le double clic molette
mode = ["n" "i" "v"];
action = "<nop>"; action = "<nop>";
silent = true; silent = true;
} }
{ {
key = "<3-MiddleMouse>"; # Désactive aussi le double clic molette key = "<2-MiddleMouse>";
mode = ["n" "i" "v"]; mode = [
"n"
"i"
"v"
];
action = "<nop>";
silent = true;
}
{
key = "<3-MiddleMouse>";
mode = [
"n"
"i"
"v"
];
action = "<nop>"; action = "<nop>";
silent = true; silent = true;
} }
@@ -207,10 +218,23 @@
desc = "Move to right window"; desc = "Move to right window";
} }
# Format
{
key = "<leader>lf";
mode = "n";
silent = true;
action = "<cmd>lua require('conform').format({ async = true, lsp_format = 'fallback' })<cr>";
desc = "Format file";
}
# Save # Save
{ {
key = "<C-s>"; key = "<C-s>";
mode = ["n" "i" "v"]; mode = [
"n"
"i"
"v"
];
silent = true; silent = true;
action = "<cmd>w<cr>"; action = "<cmd>w<cr>";
desc = "Save file"; desc = "Save file";
@@ -219,7 +243,11 @@
# Deactivate "esc" # Deactivate "esc"
{ {
key = "<Esc>"; key = "<Esc>";
mode = ["n" "i" "v"]; mode = [
"n"
"i"
"v"
];
silent = true; silent = true;
action = "<Nop>"; action = "<Nop>";
desc = "Disable Escape"; desc = "Disable Escape";
home/programs/nvf/languages.nix
+14 -7
View File
@@ -3,7 +3,7 @@
pkgs, pkgs,
... ...
}: { }: {
programs.nvf.settings.vim = { vim = {
diagnostics = { diagnostics = {
enable = true; enable = true;
config = { config = {
@@ -26,7 +26,6 @@
'' ''
function(diagnostic) function(diagnostic)
return string.format("%s", diagnostic.message) return string.format("%s", diagnostic.message)
--return string.format("%s (%s)", diagnostic.message, diagnostic.source)
end end
''; '';
}; };
@@ -35,22 +34,27 @@
enable = true; enable = true;
}; };
}; };
syntaxHighlighting = true;
treesitter = { treesitter = {
enable = true; enable = true;
autotagHtml = true; autotagHtml = true;
context.enable = true; context.enable = true;
highlight.enable = true; highlight.enable = true;
grammars = with pkgs.vimPlugins.nvim-treesitter.builtGrammars; [ grammars = with pkgs.vimPlugins.nvim-treesitter.builtGrammars; [
typescript # in language settings only tsx gets enabled, not typescript typescript
]; ];
}; };
lsp = { lsp = {
enable = true; enable = true;
presets = {
tailwindcss-language-server = {
enable = true;
};
};
trouble.enable = true; trouble.enable = true;
lspSignature.enable = true; lspSignature.enable = true;
lspconfig.enable = true; lspconfig.enable = true;
formatOnSave = true; formatOnSave = true;
mappings.format = null;
inlayHints.enable = true; inlayHints.enable = true;
null-ls.enable = true; null-ls.enable = true;
servers.nixd.settings.nil.nix.autoArchive = true; servers.nixd.settings.nil.nix.autoArchive = true;
@@ -106,20 +110,23 @@
}; };
extraDiagnostics.enable = true; extraDiagnostics.enable = true;
}; };
ts = { typescript = {
enable = true; enable = true;
extensions.ts-error-translator.enable = true; extensions.ts-error-translator.enable = true;
}; };
css.enable = true; css.enable = true;
svelte.enable = true; svelte = {
enable = true;
format.enable = false;
};
html.enable = true; html.enable = true;
bash.enable = true; bash.enable = true;
nix.enable = true; nix.enable = true;
tailwind.enable = true;
}; };
formatter = { formatter = {
conform-nvim = { conform-nvim = {
enable = true; enable = true;
setupOpts.format_after_save = null;
}; };
}; };
}; };
home/programs/nvf/mini.nix
+1 -2
View File
@@ -1,8 +1,7 @@
{ {
programs.nvf.settings.vim.mini = { vim.mini = {
starter.enable = true; starter.enable = true;
comment.enable = true; comment.enable = true;
# cursorword.enable = true;
icons.enable = true; icons.enable = true;
indentscope.enable = true; indentscope.enable = true;
notify.enable = true; notify.enable = true;
home/programs/nvf/options.nix
+3 -4
View File
@@ -1,9 +1,8 @@
{lib, ...}: { {lib, ...}: {
programs.nvf.settings.vim = { vim = {
viAlias = false; viAlias = false;
vimAlias = true; vimAlias = true;
withNodeJs = true; withNodeJs = true;
# syntaxHighlighting = true;
options = { options = {
autoindent = true; autoindent = true;
smartindent = true; smartindent = true;
@@ -19,8 +18,8 @@
wrap = false; wrap = false;
}; };
globals = { globals = {
navic_silence = true; # navic tries to attach multiple LSPs and fails navic_silence = true;
suda_smart_edit = 1; # use super user write automatically suda_smart_edit = 1;
neovide_scale_factor = 0.7; neovide_scale_factor = 0.7;
neovide_cursor_animation_length = 0.1; neovide_cursor_animation_length = 0.1;
neovide_cursor_short_animation_length = 0; neovide_cursor_short_animation_length = 0;
home/programs/nvf/picker.nix
+2 -3
View File
@@ -1,5 +1,5 @@
{ {
programs.nvf.settings.vim = { vim = {
utility = { utility = {
oil-nvim.enable = true; oil-nvim.enable = true;
snacks-nvim = { snacks-nvim = {
@@ -66,8 +66,7 @@
key = "<leader>fc"; key = "<leader>fc";
mode = "n"; mode = "n";
silent = true; silent = true;
action = '' action = ''<cmd>lua Snacks.picker.files({ cwd = vim.fn.stdpath("config") })<cr>'';
<cmd>lua Snacks.picker.files({ cwd = vim.fn.stdpath("config") })<cr>'';
desc = "Find Config File"; desc = "Find Config File";
} }
{ {
home/programs/nvf/snacks.nix
+2 -9
View File
@@ -1,12 +1,5 @@
{pkgs, ...}: { {
home.packages = with pkgs; [ vim.utility.snacks-nvim = {
imagemagick
tree-sitter
ghostscript
tectonic
mermaid-cli
];
programs.nvf.settings.vim.utility.snacks-nvim = {
enable = true; enable = true;
setupOpts = { setupOpts = {
image = { image = {
home/programs/nvf/utils.nix
+1 -1
View File
@@ -1,5 +1,5 @@
{pkgs, ...}: { {pkgs, ...}: {
programs.nvf.settings.vim = { vim = {
undoFile.enable = true; undoFile.enable = true;
utility = { utility = {
motion.flash-nvim.enable = true; motion.flash-nvim.enable = true;
home/programs/proton/default.nix
+17 -1
View File
@@ -1,6 +1,6 @@
{pkgs, ...}: { {pkgs, ...}: {
home.packages = with pkgs; [ home.packages = with pkgs; [
protonvpn-gui proton-vpn
proton-pass proton-pass
proton-authenticator proton-authenticator
]; ];
@@ -15,5 +15,21 @@
categories = ["Utility"]; categories = ["Utility"];
terminal = false; terminal = false;
}; };
"Proton Calendar" = {
name = "Proton Calendar";
exec = "${pkgs.qutebrowser}/bin/qutebrowser \"https://calendar.proton.me\"";
icon = "proton-calendar";
type = "Application";
categories = ["Utility"];
terminal = false;
};
"Proton Mail" = {
name = "Proton Mail";
exec = "${pkgs.qutebrowser}/bin/qutebrowser \"https://mail.proton.me/\"";
icon = "proton-mail";
type = "Application";
categories = ["Utility"];
terminal = false;
};
}; };
} }
home/programs/qutebrowser/bookmarks/default.nix
+484
View File
@@ -0,0 +1,484 @@
{
config,
lib,
pkgs,
...
}: let
bookmarkList =
(import ./general.nix)
++ (import ./tools.nix)
++ (import ./social.nix)
++ (import ./infosec.nix)
++ (import ./other.nix)
++ (import ./jack.nix);
c = config.lib.stylix.colors;
stripProtocol = url: lib.removePrefix "https://" (lib.removePrefix "http://" url);
stripDomain = url: builtins.head (lib.splitString "/" (stripProtocol url));
mkCard = item: let
domain = stripDomain item.url;
initial = builtins.substring 0 1 item.name;
in ''
<a href="${item.url}" class="card">
<div class="favicon-wrapper">
<img class="favicon" src="https://icons.duckduckgo.com/ip3/${domain}.ico" alt="" aria-hidden="true" loading="lazy" onerror="this.style.display='none';this.nextElementSibling.style.display='flex'">
<span class="favicon-fallback" style="display:none">${initial}</span>
</div>
<div class="card-info">
<span class="card-name">${item.name}</span>
<span class="card-url">${stripProtocol item.url}</span>
</div>
</a>'';
mkFolderContent = items: let
step = acc: item:
if item ? url
then acc // {pending = acc.pending ++ [item];}
else {
chunks =
acc.chunks
++ lib.optional (acc.pending != []) {
isCards = true;
items = acc.pending;
}
++ [
{
isCards = false;
folder = item;
}
];
pending = [];
};
result =
lib.foldl' step {
chunks = [];
pending = [];
}
items;
chunks =
result.chunks
++ lib.optional (result.pending != []) {
isCards = true;
items = result.pending;
};
in
lib.concatMapStrings (
chunk:
if chunk.isCards
then ''
<div class="cards">
${lib.concatMapStrings mkCard chunk.items}
</div>''
else mkFolder chunk.folder
)
chunks;
mkFolder = folder: let
iconHtml =
if folder ? icon
then ''<span class="material-symbols-outlined folder-icon" aria-hidden="true">${folder.icon}</span>''
else "";
in ''
<details class="folder-section" open>
<summary class="folder-title">
${iconHtml}<span class="folder-name">${folder.name}</span>
<svg class="chevron" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2.5" stroke-linecap="round" stroke-linejoin="round" aria-hidden="true"><polyline points="6 9 12 15 18 9"/></svg>
</summary>
<div class="folder-content">
${mkFolderContent folder.bookmarks}
</div>
</details>'';
grouped = let
step = acc: item:
if item ? url
then acc // {pending = acc.pending ++ [item];}
else {
groups =
acc.groups
++ lib.optional (acc.pending != []) {
isRoot = true;
items = acc.pending;
}
++ [
{
isRoot = false;
inherit item;
}
];
pending = [];
};
result =
lib.foldl' step {
groups = [];
pending = [];
}
bookmarkList;
in
result.groups
++ lib.optional (result.pending != []) {
isRoot = true;
items = result.pending;
};
mkSection = group:
if group.isRoot
then ''
<div class="root-section">
<div class="cards">
${lib.concatMapStrings mkCard group.items}
</div>
</div>''
else mkFolder group.item;
collectBookmarks = prefix: items:
lib.concatMapStrings (
item:
if item ? url
then "${item.url} ${prefix}${item.name}\n"
else collectBookmarks "${prefix}${item.name}/" item.bookmarks
)
items;
publicBookmarks = pkgs.writeText "qutebrowser-public-bookmarks" (collectBookmarks "" bookmarkList);
in {
config = {
xdg.dataFile."qutebrowser/bookmarks.html".text = ''
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Bookmarks</title>
<link rel="stylesheet" href="https://fonts.googleapis.com/css2?family=Material+Symbols+Outlined:opsz,wght,FILL,GRAD@20,300,0,0">
<style>
*, *::before, *::after { box-sizing: border-box; margin: 0; padding: 0; }
body {
background-color: #${c.base00};
color: #${c.base05};
font-family: 'Source Sans Pro', sans-serif;
font-size: 14px;
min-height: 100vh;
padding: 2.5rem 2rem;
}
.header {
max-width: 1100px;
margin: 0 auto 2rem;
display: flex;
align-items: center;
gap: 1.5rem;
}
.page-title {
font-size: 1.3rem;
font-weight: 700;
color: #${c.base0D};
letter-spacing: -0.01em;
flex-shrink: 0;
}
.search-bar {
flex: 1;
background-color: #${c.base01};
border: 1px solid #${c.base02};
border-radius: 8px;
color: #${c.base05};
font-family: 'Source Sans Pro', sans-serif;
font-size: 0.9rem;
padding: 0.5rem 0.9rem;
outline: none;
transition: border-color 0.15s ease;
}
.search-bar::placeholder { color: #${c.base03}; }
.search-bar:focus { border-color: #${c.base0D}; }
.collapse-btn {
flex-shrink: 0;
background: none;
border: 1px solid #${c.base02};
border-radius: 8px;
color: #${c.base03};
cursor: pointer;
display: flex;
align-items: center;
justify-content: center;
padding: 0.47rem;
transition: color 0.15s ease, border-color 0.15s ease;
}
.collapse-btn:hover {
color: #${c.base0D};
border-color: #${c.base0D};
}
.collapse-btn svg {
width: 16px;
height: 16px;
}
.bookmarks-container {
max-width: 1100px;
margin: 0 auto;
display: flex;
flex-direction: column;
gap: 0.75rem;
}
.root-section {
margin-bottom: 1rem;
}
details.folder-section {
border-radius: 8px;
}
details.folder-section > summary {
list-style: none;
cursor: pointer;
display: flex;
align-items: center;
gap: 0.5rem;
padding: 0.45rem 0.5rem;
border-radius: 8px;
user-select: none;
transition: background-color 0.12s ease;
}
details.folder-section > summary::-webkit-details-marker { display: none; }
details.folder-section > summary:hover {
background-color: #${c.base01};
color: #${c.base0D};
}
details.folder-section > summary:hover .folder-name {
color: #${c.base0D};
}
details.folder-section > summary:hover .folder-icon {
color: #${c.base0D};
}
.folder-icon {
font-size: 14px;
line-height: 1;
flex-shrink: 0;
color: #${c.base04};
user-select: none;
}
.folder-name {
font-size: 0.72rem;
font-weight: 700;
letter-spacing: 0.12em;
text-transform: uppercase;
color: #${c.base03};
flex: 1;
}
.chevron {
width: 13px;
height: 13px;
color: #${c.base03};
transition: transform 0.2s ease;
flex-shrink: 0;
}
details[open] > summary > .chevron {
transform: rotate(180deg);
}
.folder-content {
padding: 0.4rem 0 0.5rem 0;
display: flex;
flex-direction: column;
gap: 0.25rem;
}
.folder-content > details.folder-section > summary {
padding-left: 1.2rem;
}
.folder-content > details.folder-section > .folder-content {
padding-left: 1rem;
}
.cards {
display: grid;
grid-template-columns: repeat(auto-fill, minmax(220px, 1fr));
gap: 0.4rem;
}
.card {
display: flex;
align-items: center;
gap: 0.7rem;
padding: 0.6rem 0.8rem;
background-color: #${c.base01};
border: 1px solid #${c.base02};
border-radius: 10px;
text-decoration: none;
transition: background-color 0.12s ease, border-color 0.12s ease;
overflow: hidden;
}
.card:hover {
background-color: #${c.base02};
border-color: #${c.base0D};
}
.favicon-wrapper { position: relative; width: 18px; height: 18px; flex-shrink: 0; }
.favicon {
position: absolute;
inset: 0;
width: 100%;
height: 100%;
object-fit: contain;
border-radius: 3px;
}
.favicon-fallback {
position: absolute;
inset: 0;
display: flex;
align-items: center;
justify-content: center;
background-color: #${c.base02};
border-radius: 4px;
color: #${c.base04};
font-size: 10px;
font-weight: 700;
text-transform: uppercase;
user-select: none;
}
.card-info {
display: flex;
flex-direction: column;
gap: 0.05rem;
overflow: hidden;
flex: 1;
}
.card-name {
color: #${c.base05};
font-size: 0.86rem;
font-weight: 500;
white-space: nowrap;
overflow: hidden;
text-overflow: ellipsis;
transition: color 0.12s ease;
}
.card:hover .card-name { color: #${c.base0D}; }
.card-url {
color: #${c.base03};
font-family: 'Maple Mono NF', monospace;
font-size: 0.7rem;
white-space: nowrap;
overflow: hidden;
text-overflow: ellipsis;
}
.no-results {
color: #${c.base03};
font-size: 0.9rem;
padding: 0.5rem 0.2rem;
display: none;
}
</style>
</head>
<body>
<div class="header">
<h1 class="page-title">Bookmarks</h1>
<input id="search" class="search-bar" type="text" placeholder="Search" autocomplete="off" spellcheck="false">
<button id="collapse-btn" class="collapse-btn" title="Collapse all folders" aria-label="Collapse all folders">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round">
<polyline points="4 14 10 14 10 20"/><polyline points="20 10 14 10 14 4"/><line x1="10" y1="14" x2="3" y2="21"/><line x1="21" y1="3" x2="14" y2="10"/>
</svg>
</button>
</div>
<div class="bookmarks-container">
<p id="no-results" class="no-results">No results</p>
${lib.concatMapStrings mkSection grouped}
</div>
<script>
window.addEventListener('DOMContentLoaded', function () {
const input = document.getElementById('search');
const noResults = document.getElementById('no-results');
const collapseBtn = document.getElementById('collapse-btn');
input.focus();
collapseBtn.addEventListener('click', function () {
document.querySelectorAll('details.folder-section').forEach(function (d) {
d.open = false;
});
});
input.addEventListener('input', function () {
const query = this.value.toLowerCase().trim();
let anyVisible = false;
if (query) {
document.querySelectorAll('details.folder-section').forEach(function (d) {
d.open = true;
});
}
document.querySelectorAll('.folder-section, .root-section').forEach(function (section) {
let sectionVisible = false;
section.querySelectorAll('.card').forEach(function (card) {
const name = card.querySelector('.card-name').textContent.toLowerCase();
const url = card.querySelector('.card-url').textContent.toLowerCase();
const match = !query || name.includes(query) || url.includes(query);
card.style.display = match ? ''' : 'none';
if (match) { sectionVisible = true; anyVisible = true; }
});
section.style.display = sectionVisible ? ''' : 'none';
});
noResults.style.display = anyVisible || !query ? 'none' : 'block';
});
input.addEventListener('keydown', function (e) {
if (e.key === 'Enter') {
const val = this.value.trim();
const isUrl = /^https?:\/\//i.test(val) || /^[a-zA-Z0-9-]+(\.[a-zA-Z]{2,})(\/.*)?$/.test(val);
if (isUrl) {
location.href = /^https?:\/\//i.test(val) ? val : 'https://' + val;
} else {
const first = document.querySelector('.card:not([style*="none"])');
if (first) {
location.href = first.href;
} else {
const q = encodeURIComponent(val);
if (q) location.href = 'https://www.startpage.com/sp/search?q=' + q;
}
}
}
if (e.key === 'Escape') {
this.value = ''';
this.dispatchEvent(new Event('input'));
}
});
});
</script>
</body>
</html>
'';
home.activation.qutebrowserBookmarks = lib.hm.dag.entryAfter ["writeBoundary"] ''
mkdir -p ${config.home.homeDirectory}/.config/qutebrowser/bookmarks
cat ${publicBookmarks} > ${config.home.homeDirectory}/.config/qutebrowser/bookmarks/urls
'';
};
}
home/programs/qutebrowser/bookmarks/general.nix
+22
View File
@@ -0,0 +1,22 @@
[
{
name = "Proton Mail";
url = "https://mail.proton.me";
}
{
name = "Proton Drive";
url = "https://drive.proton.me";
}
{
name = "Proton Lumo";
url = "https://lumo.proton.me";
}
{
name = "Proton Calendar";
url = "https://calendar.proton.me";
}
{
name = "Github";
url = "https://github.com";
}
]
home/programs/qutebrowser/bookmarks/infosec.nix
+48
View File
@@ -0,0 +1,48 @@
[
{
name = "Infosec";
icon = "terminal";
bookmarks = [
{
name = "Nix 4 Cyber";
url = "https://n4c.hadi.icu";
}
{
name = "Cyberchef";
url = "https://cyberchef.hadi.icu";
}
{
name = "TryHackMe";
url = "https://tryhackme.com";
}
{
name = "Root-Me";
url = "https://root-me.org";
}
{
name = "Hack The Box";
url = "https://hackthebox.com";
}
{
name = "Iknowyou";
url = "https://iknowyou-prod.hadi.icu";
}
{
name = "Exploit-DB";
url = "https://exploit-db.com";
}
{
name = "GTFOBins";
url = "https://gtfobins.org/";
}
{
name = "Crack Station";
url = "https://crackstation.net";
}
{
name = "Osint Tracker";
url = "https://app.osintracker.com";
}
];
}
]
home/programs/qutebrowser/bookmarks/jack.nix
+80
View File
@@ -0,0 +1,80 @@
[
{
name = "Jack";
icon = "dns";
bookmarks = [
{
name = "Glance";
url = "https://home.hadi.icu";
}
{
name = "Blog";
url = "https://hadi.icu";
}
{
name = "Gitea";
url = "https://git.hadi.icu";
}
{
name = "Mealie";
url = "https://mealie.hadi.icu";
}
{
name = "Wallpapers";
url = "https://wallpapers.hadi.icu";
}
{
name = "Default Creds";
url = "https://default-creds.hadi.icu";
}
{
name = "Media";
icon = "subscriptions";
bookmarks = [
{
name = "Radarr";
url = "https://radarr.hadi.icu";
}
{
name = "Sonarr";
url = "https://sonarr.hadi.icu";
}
{
name = "Bazarr";
url = "https://bazarr.hadi.icu";
}
{
name = "Prowlarr";
url = "https://prowlarr.hadi.icu";
}
{
name = "Transmission";
url = "https://transmission.hadi.icu";
}
];
}
{
name = "Infrastructure";
icon = "construction";
bookmarks = [
{
name = "AdGuard";
url = "https://adguard.hadi.icu";
}
{
name = "Umami";
url = "https://umami.hadi.icu";
}
{
name = "Cloudflare";
url = "https://dash.cloudflare.com";
}
{
name = "Cloudflare Zero Trust";
url = "https://one.dash.cloudflare.com";
}
];
}
];
}
]
home/programs/qutebrowser/bookmarks/other.nix
+46
View File
@@ -0,0 +1,46 @@
[
{
name = "Other";
icon = "category";
bookmarks = [
{
name = "Documentation";
icon = "menu_book";
bookmarks = [
{
name = "Hyprland Wiki";
url = "https://wiki.hypr.land";
}
{
name = "Stylix Wiki";
url = "https://nix-community.github.io/stylix/";
}
{
name = "Nixpkgs";
url = "https://github.com/NixOS/nixpkgs";
}
{
name = "tldr";
url = "https://tldr.inbrowser.app/";
}
];
}
{
name = "Startpage Config";
url = "https://www.startpage.com/do/mypage.pl?prfe=45d331deb05471d659dba933e7400df51d952bb103da6f6125c0e769a6be1d65610456a479f495ceeee7e97311cf227d7c1bb198de0ceeb193d8cddf9c455c19a409cc35c3e3f542ee27bd7cecd3";
}
{
name = "Feedly";
url = "https://feedly.com";
}
{
name = "MyNixOS";
url = "https://mynixos.com";
}
{
name = "Amazon";
url = "https://amazon.fr";
}
];
}
]
home/programs/qutebrowser/bookmarks/social.nix
+50
View File
@@ -0,0 +1,50 @@
[
{
name = "Entertainment";
icon = "movie";
bookmarks = [
{
name = "Youtube";
url = "https://youtube.com";
}
{
name = "Jellyfin";
url = "https://media.hadi.icu";
}
{
name = "Seerr";
url = "https://demandemedia.hadi.icu";
}
{
name = "Social Media";
icon = "group";
bookmarks = [
{
name = "Medium";
url = "https://medium.com";
}
{
name = "Bluesky";
url = "https://bsky.app";
}
{
name = "Reddit";
url = "https://reddit.com";
}
{
name = "Instagram";
url = "https://instagram.com";
}
{
name = "Discord";
url = "https://discord.com/channels/@me/";
}
{
name = "Gitlab";
url = "https://gitlab.com/";
}
];
}
];
}
]
home/programs/qutebrowser/bookmarks/tools.nix
+48
View File
@@ -0,0 +1,48 @@
[
{
name = "Tools";
icon = "handyman";
bookmarks = [
{
name = "Maps";
url = "https://maps.apple.com";
}
{
name = "Excalidraw";
url = "https://excalidraw.com";
}
{
name = "Cobalt (downloader)";
url = "https://cobalt.meowing.de";
}
{
name = "Mazanoke (image)";
url = "https://mazanoke.hadi.icu";
}
{
name = "Vert";
url = "https://vert.sh";
}
{
name = "Markdown to PDF";
url = "https://md2file.com";
}
{
name = "Image to Vector";
url = "https://www.vectorcascade.com/";
}
{
name = "PrivateBin";
url = "https://privatebin.net";
}
{
name = "Claude";
url = "https://claude.ai";
}
{
name = "Gemini";
url = "https://gemini.google.com";
}
];
}
]
home/programs/qutebrowser/default.nix
+40
View File
@@ -0,0 +1,40 @@
{...}: {
imports = [
./bookmarks
./search.nix
./keybindings.nix
./settings.nix
./userscripts.nix
];
home.sessionVariables = {
DEFAULT_BROWSER = "qutebrowser";
BROWSER = "qutebrowser";
};
xdg.mimeApps.defaultApplications = {
"text/html" = ["org.qutebrowser.qutebrowser.desktop"];
"text/xml" = ["org.qutebrowser.qutebrowser.desktop"];
"x-scheme-handler/http" = ["org.qutebrowser.qutebrowser.desktop"];
"x-scheme-handler/https" = ["org.qutebrowser.qutebrowser.desktop"];
"x-scheme-handler/unknown" = ["org.qutebrowser.qutebrowser.desktop"];
"x-scheme-handler/about" = ["org.qutebrowser.qutebrowser.desktop"];
"x-scheme-handler/qute" = ["org.qutebrowser.qutebrowser.desktop"];
};
xdg.desktopEntries.qutebrowser-private = {
name = "Qutebrowser (Temp session)";
genericName = "Web Browser";
exec = "qutebrowser --temp-basedir %U";
icon = "qutebrowser";
categories = [
"Network"
"WebBrowser"
];
};
programs.qutebrowser = {
enable = true;
loadAutoconfig = true;
};
}
home/programs/qutebrowser/keybindings.nix
+17
View File
@@ -0,0 +1,17 @@
{config, ...}: {
programs.qutebrowser.keyBindings = {
normal."<Ctrl-w>" = "tab-close";
normal."<Ctrl-Tab>" = "tab-next";
normal."<Ctrl-Shift-Tab>" = "tab-prev";
normal."<Ctrl-b>" = "open file://${config.xdg.dataHome}/qutebrowser/bookmarks.html";
# Ctrl+c is used to leave the current mode and return to normal mode.
insert."<Ctrl-c>" = "mode-leave";
hint."<Ctrl-c>" = "mode-leave";
caret."<Ctrl-c>" = "mode-leave";
command."<Ctrl-c>" = "mode-leave";
prompt."<Ctrl-c>" = "mode-leave";
yesno."<Ctrl-c>" = "mode-leave";
register."<Ctrl-c>" = "mode-leave";
};
}
home/programs/qutebrowser/search.nix
+30
View File
@@ -0,0 +1,30 @@
{
programs.qutebrowser.searchEngines = rec {
startpage = "https://www.startpage.com/sp/search?q={}";
mynixos = "https://mynixos.com/search?q={}";
duckduckgo = "https://duckduckgo.com/?q={}";
google = "https://google.com/search?hl=en&q={}";
yandex = "https://yandex.com/search/?text={}";
bing = "https://bing.com/search?q={}";
youtube = "https://youtube.com/results?search_query={}";
google-images = "https://google.com/search?hl=en&tbm=isch&q={}";
# AI
chatgpt = "https://chatgpt.com/?q={}";
claude = "https://claude.ai/new?q={}";
gemini = "https://gemini.google.com/app?q={}";
# Maps
amap = "https://maps.apple.com/?q={}";
gmap = "https://www.google.com/maps/search/{}";
# shortcuts
g = google;
n = mynixos;
gpt = chatgpt;
gem = gemini;
cla = claude;
DEFAULT = startpage;
};
}
home/programs/qutebrowser/settings.nix
+61
View File
@@ -0,0 +1,61 @@
{config, ...}: {
programs.qutebrowser = {
settings = {
url = rec {
default_page = "file://${config.xdg.dataHome}/qutebrowser/bookmarks.html";
start_pages = [default_page];
};
new_instance_open_target = "window";
"tabs.last_close" = "close";
"statusbar.widgets" = [
"keypress"
"url"
"progress"
];
# Adblock
"content.blocking.enabled" = true;
"content.blocking.method" = "adblock";
"content.blocking.adblock.lists" = [
"https://easylist.to/easylist/easylist.txt"
"https://easylist.to/easylist/easyprivacy.txt"
"https://secure.fanboy.co.nz/fanboy-cookiemonster.txt"
];
# Clipboard access (needed for Excalidraw, Cyberchef, etc.)
"content.javascript.clipboard" = "access";
# Downloads
"downloads.location.directory" = "~/Downloads";
"downloads.location.prompt" = false;
# Editor (Ctrl+e in text fields)
"editor.command" = [
"ghostty"
"-e"
"nvim"
"{}"
];
# Tabs
# "tabs.show" = "switching";
# "tabs.show_switching_delay" = 3000;
# Scrollbar
"scrolling.bar" = "never";
# Statusbar
"statusbar.show" = "in-mode";
# Privacy
"content.geolocation" = false;
"content.cookies.accept" = "no-3rdparty";
};
extraConfig = ''
c.statusbar.padding = {'top': 6, 'bottom': 6, 'left': 8, 'right': 8}
c.tabs.padding = {'top': 6, 'bottom': 6, 'left': 8, 'right': 8}
config.set('content.local_content_can_access_remote_urls', True, 'file://*')
'';
};
}
home/programs/qutebrowser/userscripts.nix
+47
View File
@@ -0,0 +1,47 @@
{
config,
lib,
pkgs,
...
}: {
xdg.dataFile."qutebrowser/greasemonkey/startpage-no-ads.user.js".text = ''
// ==UserScript==
// @name Startpage - Hide Ads
// @match https://www.startpage.com/*
// @run-at document-start
// ==/UserScript==
new MutationObserver(function(mutations) {
mutations.forEach((mutation) => {
if (mutation.type === 'childList') {
mutation.addedNodes.forEach((node) => {
if (node.nodeType === 1 && node.nodeName === 'DIV' && node.id === 'gcsa-top') {
node.remove();
this.disconnect();
}
});
}
});
}).observe(document, { childList: true, subtree: true });
'';
home.activation.downloadUserscripts = lib.hm.dag.entryAfter ["writeBoundary"] ''
scripts_dir="${config.home.homeDirectory}/.local/share/qutebrowser/greasemonkey"
$DRY_RUN_CMD mkdir -p "$scripts_dir"
download() {
local name="$1" url="$2"
if [[ ! -f "$scripts_dir/$name" ]]; then
$DRY_RUN_CMD ${pkgs.curl}/bin/curl -sSL -o "$scripts_dir/$name" "$url" || true
fi
}
download "return-youtube-dislike.user.js" "https://update.greasyfork.org/scripts/436115/Return%20YouTube%20Dislike.user.js"
download "sponsorblock-lite.user.js" "https://update.greasyfork.org/scripts/560869/SponsorBlock%20Lite.user.js"
download "dont-track-me-google.user.js" "https://update.greasyfork.org/scripts/428243/Don%27t%20track%20me%20Google.user.js"
download "i-dont-care-about-cookies.user.js" "https://update.greasyfork.org/scripts/522645/I%20don%27t%20care%20about%20cookies.user.js"
download "tracking-token-stripper.user.js" "https://github.com/doggy8088/TrackingTokenStripper/raw/refs/heads/master/TrackingTokenStripper.user.js"
download "bypass-paywalls-clean.user.js" "https://gitflic.ru/project/magnolia1234/bypass-paywalls-clean-filters/blob/raw?file=userscript/bpc.en.user.js"
download "anti-adblock-fuckoff.user.js" "https://update.greasyfork.org/scripts/397070/Anti-AdBlocker%20Fuckoff.user.js"
'';
}
home/programs/shell/default.nix
+7 -1
View File
@@ -1,4 +1,10 @@
# Import all shell configurations # Import all shell configurations
{ {
imports = [./fzf.nix ./zsh.nix ./starship.nix ./zoxide.nix ./eza.nix]; imports = [
./fzf.nix
./zsh.nix
./starship.nix
./zoxide.nix
./eza.nix
];
} }
home/programs/shell/starship.nix
+3 -1
View File
@@ -20,7 +20,9 @@ in {
"$git_status" "$git_status"
"$character" "$character"
]; ];
directory = {style = accent;}; directory = {
style = accent;
};
character = { character = {
success_symbol = "[](${accent})"; success_symbol = "[](${accent})";
home/programs/shell/zsh.nix
+19 -33
View File
@@ -7,18 +7,34 @@
}: let }: let
fetch = config.theme.fetch; # neofetch, nerdfetch, pfetch fetch = config.theme.fetch; # neofetch, nerdfetch, pfetch
in { in {
home.packages = with pkgs; [bat ripgrep tldr witr]; home.packages = with pkgs; [
bat
ripgrep
tldr
witr
];
# Add go binaries to the PATH # Add go binaries to the PATH
home.sessionPath = ["$HOME/go/bin"]; home.sessionPath = ["$HOME/go/bin"];
home.sessionVariables = {
COLORTERM = "truecolor";
};
programs.zsh = { programs.zsh = {
enable = true; enable = true;
enableCompletion = true; enableCompletion = true;
autosuggestion.enable = true; autosuggestion.enable = true;
syntaxHighlighting = { syntaxHighlighting = {
enable = true; enable = true;
highlighters = ["main" "brackets" "pattern" "regexp" "root" "line"]; highlighters = [
"main"
"brackets"
"pattern"
"regexp"
"root"
"line"
];
}; };
historySubstringSearch.enable = true; historySubstringSearch.enable = true;
@@ -29,9 +45,7 @@ in {
}; };
profileExtra = lib.optionalString (config.home.sessionPath != []) '' profileExtra = lib.optionalString (config.home.sessionPath != []) ''
export PATH="$PATH''${PATH:+:}${ export PATH="$PATH''${PATH:+:}${lib.concatStringsSep ":" config.home.sessionPath}"
lib.concatStringsSep ":" config.home.sessionPath
}"
''; '';
shellAliases = { shellAliases = {
@@ -92,29 +106,6 @@ in {
else "" else ""
} }
function sesh-sessions() {
session=$(sesh list -t -c | fzf --height 70% --reverse)
[[ -z "$session" ]] && return
sesh connect $session
}
function chatgptfolder(){
echo "################################"
echo "### TREE ###"
echo "################################"
${pkgs.eza}/bin/eza --tree -aF --icons never
echo -e "\n\n"
echo "##############################"
echo "### CONTENT ###"
echo "##############################"
find . -type f -not -path '*/.git/*' -print0 | while IFS= read -r -d "" file; do
echo -e "\n--- DEBUT: $file ---\n"
cat "$file"
echo -e "\n--- FIN: $file ---\n"
done
}
function n4c() { function n4c() {
category=''${1:-all} category=''${1:-all}
shift shift
@@ -122,11 +113,6 @@ in {
nix develop "github:nix4cyber/n4c#''${category}" ''${args} -c zsh nix develop "github:nix4cyber/n4c#''${category}" ''${args} -c zsh
} }
zle -N sesh-sessions
bindkey -M emacs '\es' sesh-sessions
bindkey -M vicmd '\es' sesh-sessions
bindkey -M viins '\es' sesh-sessions
# search history based on what's typed in the prompt # search history based on what's typed in the prompt
autoload -U history-search-end autoload -U history-search-end
zle -N history-beginning-search-backward-end history-search-end zle -N history-beginning-search-backward-end history-search-end
home/programs/spicetify/default.nix
+2 -1
View File
@@ -1,6 +1,7 @@
# Spicetify is a spotify client customizer # Spicetify is a spotify client customizer
{ {
pkgs, pkgs,
pkgs-stable,
config, config,
lib, lib,
inputs, inputs,
@@ -16,6 +17,7 @@ in {
programs.spicetify = { programs.spicetify = {
enable = true; enable = true;
spotifyPackage = pkgs-stable.spotify;
theme = lib.mkForce spicePkgs.themes.dribbblish; theme = lib.mkForce spicePkgs.themes.dribbblish;
colorScheme = "custom"; colorScheme = "custom";
@@ -31,7 +33,6 @@ in {
enabledExtensions = with spicePkgs.extensions; [ enabledExtensions = with spicePkgs.extensions; [
playlistIcons playlistIcons
lastfm
historyShortcut historyShortcut
hidePodcasts hidePodcasts
adblock adblock
home/programs/thunar/default.nix
+21 -14
View File
@@ -1,6 +1,7 @@
# Thunar is a file explorer # Thunar is a file explorer
{ {
pkgs, pkgs,
pkgs-stable,
config, config,
lib, lib,
... ...
@@ -8,20 +9,24 @@
user = config.var.username; user = config.var.username;
in { in {
# ctrl + m to toggle the menubar # ctrl + m to toggle the menubar
home.packages = with pkgs; [ home.packages =
thunar (with pkgs-stable; [
xfconf xfce.thunar
tumbler xfce.xfconf
thunar-archive-plugin xfce.tumbler
thunar-volman xfce.thunar-archive-plugin
thunar-media-tags-plugin xfce.thunar-volman
p7zip xfce.thunar-media-tags-plugin
xarchiver p7zip
papirus-icon-theme xarchiver
material-icons ])
material-design-icons ++ (with pkgs; [
material-symbols # Icon themes: keep on global pkgs to avoid conflicts with other modules
]; papirus-icon-theme
material-icons
material-design-icons
material-symbols
]);
gtk = { gtk = {
enable = true; enable = true;
@@ -30,6 +35,8 @@ in {
package = pkgs.papirus-icon-theme; package = pkgs.papirus-icon-theme;
}; };
gtk4.theme = null;
# bookmarks for the side pane # bookmarks for the side pane
gtk3.bookmarks = [ gtk3.bookmarks = [
"file:///home/${user}/Downloads Downloads" "file:///home/${user}/Downloads Downloads"
home/programs/zathura/default.nix
-15
View File
@@ -1,15 +0,0 @@
# TODO: Misc section with VLC, Zathura etc
# Zathura is a PDF viewer
{
programs.zathura = {
enable = true;
options = {
guioptions = "v";
adjust-open = "width";
statusbar-basename = true;
render-loading = false;
scroll-step = 120;
};
};
}
home/system/caelestia-shell/appearance.nix
+1 -1
View File
@@ -15,7 +15,7 @@ in {
background.enabled = false; background.enabled = false;
appearance = { appearance = {
transparency = { transparency = {
enable = true; enabled = true;
base = 0.85; base = 0.85;
layers = 0.4; layers = 0.4;
}; };
home/system/caelestia-shell/bar.nix
-1
View File
@@ -19,7 +19,6 @@
label = " "; label = " ";
occupiedBg = true; occupiedBg = true;
occupiedLabel = "󰪥 "; occupiedLabel = "󰪥 ";
rounded = true;
showWindows = false; showWindows = false;
shown = 5; shown = 5;
}; };
home/system/caelestia-shell/default.nix
+11
View File
@@ -3,6 +3,7 @@
{ {
pkgs, pkgs,
inputs, inputs,
lib,
... ...
}: { }: {
imports = [ imports = [
@@ -56,6 +57,16 @@
"caelestia scheme set -n custom" "caelestia scheme set -n custom"
]; ];
# shell.json is managed by home-manager (read-only symlink) but caelestia
# needs to write to it at runtime: replace the symlink with a mutable copy
home.activation.caelestiaWritableShellConfig = lib.hm.dag.entryAfter ["linkGeneration"] ''
if [ -L "$HOME/.config/caelestia/shell.json" ]; then
$DRY_RUN_CMD cp --remove-destination \
"$(readlink -f "$HOME/.config/caelestia/shell.json")" \
"$HOME/.config/caelestia/shell.json"
fi
'';
services.cliphist = { services.cliphist = {
enable = true; enable = true;
allowImages = true; allowImages = true;
home/system/caelestia-shell/launcher.nix
+64 -15
View File
@@ -1,10 +1,22 @@
{ {
programs.caelestia.settings = { programs.caelestia.settings = {
session.commands = { session.commands = {
shutdown = ["systemctl" "poweroff"]; shutdown = [
logout = ["loginctl" "lock-session"]; "systemctl"
hibernate = ["systemctl" "hibernate"]; "poweroff"
reboot = ["systemctl" "reboot"]; ];
logout = [
"loginctl"
"lock-session"
];
hibernate = [
"systemctl"
"hibernate"
];
reboot = [
"systemctl"
"reboot"
];
}; };
launcher = { launcher = {
actionPrefix = "/"; actionPrefix = "/";
@@ -13,7 +25,10 @@
name = "Calculator"; name = "Calculator";
icon = "calculate"; icon = "calculate";
description = "Do simple math equations (powered by Qalc)"; description = "Do simple math equations (powered by Qalc)";
command = ["autocomplete" "calc"]; command = [
"autocomplete"
"calc"
];
enabled = true; enabled = true;
dangerous = false; dangerous = false;
} }
@@ -21,7 +36,10 @@
name = "Shutdown"; name = "Shutdown";
icon = "power_settings_new"; icon = "power_settings_new";
description = "Shutdown the system"; description = "Shutdown the system";
command = ["systemctl" "poweroff"]; command = [
"systemctl"
"poweroff"
];
enabled = true; enabled = true;
dangerous = true; dangerous = true;
} }
@@ -29,7 +47,10 @@
name = "Reboot"; name = "Reboot";
icon = "cached"; icon = "cached";
description = "Reboot the system"; description = "Reboot the system";
command = ["systemctl" "reboot"]; command = [
"systemctl"
"reboot"
];
enabled = true; enabled = true;
dangerous = true; dangerous = true;
} }
@@ -37,7 +58,11 @@
name = "Logout"; name = "Logout";
icon = "exit_to_app"; icon = "exit_to_app";
description = "Log out of the current session"; description = "Log out of the current session";
command = ["loginctl" "terminate-user" ""]; command = [
"loginctl"
"terminate-user"
""
];
enabled = true; enabled = true;
dangerous = true; dangerous = true;
} }
@@ -45,7 +70,10 @@
name = "Lock"; name = "Lock";
icon = "lock"; icon = "lock";
description = "Lock the current session"; description = "Lock the current session";
command = ["loginctl" "lock-session"]; command = [
"loginctl"
"lock-session"
];
enabled = true; enabled = true;
dangerous = false; dangerous = false;
} }
@@ -53,7 +81,10 @@
name = "Sleep"; name = "Sleep";
icon = "bedtime"; icon = "bedtime";
description = "Suspend then hibernate"; description = "Suspend then hibernate";
command = ["systemctl" "suspend-then-hibernate"]; command = [
"systemctl"
"suspend-then-hibernate"
];
enabled = true; enabled = true;
dangerous = false; dangerous = false;
} }
@@ -61,7 +92,12 @@
name = "Restart caelestia"; name = "Restart caelestia";
icon = "cached"; icon = "cached";
description = "Restart caelestia"; description = "Restart caelestia";
command = ["hyprctl" "dispatch" "exec" "caelestia-shell kill | sleep 1 | caelestia-shell"]; command = [
"hyprctl"
"dispatch"
"exec"
"caelestia-shell kill | sleep 1 | caelestia-shell"
];
enabled = true; enabled = true;
dangerous = false; dangerous = false;
} }
@@ -69,7 +105,11 @@
name = "Emoji Picker"; name = "Emoji Picker";
icon = "mood"; icon = "mood";
description = "Toggle the emoji picker"; description = "Toggle the emoji picker";
command = ["caelestia" "emoji" "-p"]; command = [
"caelestia"
"emoji"
"-p"
];
enabled = true; enabled = true;
dangerous = false; dangerous = false;
} }
@@ -77,7 +117,10 @@
name = "Clipboard History"; name = "Clipboard History";
icon = "content_paste"; icon = "content_paste";
description = "Toggle the clipboard history"; description = "Toggle the clipboard history";
command = ["caelestia" "clipboard"]; command = [
"caelestia"
"clipboard"
];
enabled = true; enabled = true;
dangerous = false; dangerous = false;
} }
@@ -85,7 +128,10 @@
name = "Delete from Clipboard History"; name = "Delete from Clipboard History";
icon = "content_paste_off"; icon = "content_paste_off";
description = "Delete a line from the clipboard history"; description = "Delete a line from the clipboard history";
command = ["caelestia" "clipboard"]; command = [
"caelestia"
"clipboard"
];
enabled = true; enabled = true;
dangerous = false; dangerous = false;
} }
@@ -101,7 +147,10 @@
name = "Hyprpicker"; name = "Hyprpicker";
icon = "colorize"; icon = "colorize";
description = "Pick an hex color"; description = "Pick an hex color";
command = ["hyprpicker" "-a"]; command = [
"hyprpicker"
"-a"
];
enabled = true; enabled = true;
dangerous = false; dangerous = false;
} }
home/system/caelestia-shell/scheme.nix
+10 -8
View File
@@ -122,14 +122,16 @@
colorsHash = builtins.hashString "sha256" (builtins.toJSON colors); colorsHash = builtins.hashString "sha256" (builtins.toJSON colors);
customCli = inputs.caelestia-cli.packages.${pkgs.stdenv.hostPlatform.system}.default.overrideAttrs (oldAttrs: { customCli =
name = "${oldAttrs.name or "caelestia-cli"}-themed-${colorsHash}"; inputs.caelestia-cli.packages.${pkgs.stdenv.hostPlatform.system}.default.overrideAttrs
postUnpack = '' (oldAttrs: {
mkdir -p $sourceRoot/src/caelestia/data/schemes/custom/main name = "${oldAttrs.name or "caelestia-cli"}-themed-${colorsHash}";
cp ${customSchemeFile} $sourceRoot/src/caelestia/data/schemes/custom/main/dark.txt postUnpack = ''
echo "Custom scheme added to source" mkdir -p $sourceRoot/src/caelestia/data/schemes/custom/main
''; cp ${customSchemeFile} $sourceRoot/src/caelestia/data/schemes/custom/main/dark.txt
}); echo "Custom scheme added to source"
'';
});
in { in {
programs.caelestia.cli.package = customCli; programs.caelestia.cli.package = customCli;
} }
home/system/hyprland/bindings.nix
+39 -64
View File
@@ -7,9 +7,8 @@
colors = config.lib.stylix.colors; colors = config.lib.stylix.colors;
mkMenu = menu: let mkMenu = menu: let
configFile = configFile = pkgs.writeText "config.yaml" (
pkgs.writeText "config.yaml" lib.generators.toYAML {} {
(lib.generators.toYAML {} {
anchor = "bottom-right"; anchor = "bottom-right";
border = "#${colors.base0D}80"; border = "#${colors.base0D}80";
background = "#${colors.base01}EE"; background = "#${colors.base01}EE";
@@ -19,7 +18,8 @@
rows_per_column = 5; rows_per_column = 5;
inherit menu; inherit menu;
}); }
);
in in
pkgs.writeShellScriptBin "menu" '' pkgs.writeShellScriptBin "menu" ''
exec ${lib.getExe pkgs.wlr-which-key} ${configFile} exec ${lib.getExe pkgs.wlr-which-key} ${configFile}
@@ -32,7 +32,8 @@ in {
bind = bind =
[ [
# Applications # Applications
("$shiftMod, A, exec, " (
"$shiftMod, A, exec, "
+ lib.getExe (mkMenu [ + lib.getExe (mkMenu [
{ {
key = "a"; key = "a";
@@ -47,7 +48,17 @@ in {
{ {
key = "v"; key = "v";
desc = "Proton VPN"; desc = "Proton VPN";
cmd = "${pkgs.protonvpn-gui}/bin/protonvpn-app"; cmd = "${pkgs.proton-vpn}/bin/protonvpn-app";
}
{
key = "c";
desc = "Proton Calendar";
cmd = "${pkgs.qutebrowser}/bin/qutebrowser 'https://calendar.proton.me/'";
}
{
key = "m";
desc = "Proton Mail";
cmd = "${pkgs.qutebrowser}/bin/qutebrowser 'https://mail.proton.me/'";
} }
{ {
key = "o"; key = "o";
@@ -66,65 +77,24 @@ in {
} }
{ {
key = "b"; key = "b";
desc = "Brave"; desc = "Qutebrowser";
cmd = "${pkgs.brave}/bin/brave"; cmd = "${pkgs.qutebrowser}/bin/qutebrowser";
} }
{ {
key = "i"; key = "i";
desc = "Brave (Private window)"; desc = "Qutebrowser (Temp session)";
cmd = "${pkgs.brave}/bin/brave --incognito"; cmd = "${pkgs.qutebrowser}/bin/qutebrowser --temp-basedir";
} }
])) ])
)
# Web links # Web links
"$mod,B, exec, uwsm app -- ${pkgs.brave}/bin/brave" # Browser (Brave) "$mod,B, exec, uwsm app -- ${pkgs.qutebrowser}/bin/qutebrowser" # Browser (Qutebrowser)
("$shiftMod, B, exec, "
+ lib.getExe (mkMenu [
{
key = "h";
desc = "Home";
cmd = "${pkgs.brave}/bin/brave 'https://home.hadi.icu'";
}
{
key = "m";
desc = "Proton Mail";
cmd = "${pkgs.brave}/bin/brave 'https://mail.proton.me/u/2/inbox'";
}
{
key = "c";
desc = "Proton Calendar";
cmd = "${pkgs.brave}/bin/brave 'https://calendar.proton.me/u/2'";
}
{
key = "l";
desc = "Proton Lumo";
cmd = "${pkgs.brave}/bin/brave 'https://lumo.proton.me/u/2'";
}
{
key = "d";
desc = "Proton Drive";
cmd = "${pkgs.brave}/bin/brave 'https://drive.proton.me/u/2/'";
}
{
key = "G";
desc = "Google Gemini";
cmd = "${pkgs.brave}/bin/brave 'https://gemini.google.com/'";
}
{
key = "g";
desc = "Github";
cmd = "${pkgs.brave}/bin/brave 'https://github.com/'";
}
{
key = "n";
desc = "MyNixos";
cmd = "${pkgs.brave}/bin/brave 'https://mynixos.com/'";
}
]))
# Power # Power
"$mod, X, global, caelestia:session" # Powermenu "$mod, X, global, caelestia:session" # Powermenu
("$shiftMod, X, exec, " (
"$shiftMod, X, exec, "
+ lib.getExe (mkMenu [ + lib.getExe (mkMenu [
{ {
key = "l"; key = "l";
@@ -156,7 +126,8 @@ in {
desc = "Restart caelestia"; desc = "Restart caelestia";
cmd = "hyprctl dispatch exec 'caelestia-shell kill | sleep 1 | caelestia-shell'"; cmd = "hyprctl dispatch exec 'caelestia-shell kill | sleep 1 | caelestia-shell'";
} }
])) ])
)
# Quick launch # Quick launch
"$mod,RETURN, exec, uwsm app -- ${pkgs.ghostty}/bin/ghostty" # Ghostty (terminal) "$mod,RETURN, exec, uwsm app -- ${pkgs.ghostty}/bin/ghostty" # Ghostty (terminal)
@@ -187,13 +158,17 @@ in {
", Print, global, caelestia:screenshotFreeze" # Capture region (freeze) ", Print, global, caelestia:screenshotFreeze" # Capture region (freeze)
"$shiftMod+Alt, S, global, caelestia:screenshot" # Capture region "$shiftMod+Alt, S, global, caelestia:screenshot" # Capture region
] ]
++ (builtins.concatLists (builtins.genList (i: let ++ (builtins.concatLists (
ws = i + 1; builtins.genList (
in [ i: let
"$mod,code:1${toString i}, workspace, ${toString ws}" ws = i + 1;
"$mod SHIFT,code:1${toString i}, movetoworkspace, ${toString ws}" in [
]) "$mod,code:1${toString i}, workspace, ${toString ws}"
9)); "$mod SHIFT,code:1${toString i}, movetoworkspace, ${toString ws}"
]
)
9
));
bindm = [ bindm = [
"$mod,mouse:272, movewindow" # Move Window (mouse) "$mod,mouse:272, movewindow" # Move Window (mouse)
home/system/hyprland/default.nix
+7 -23
View File
@@ -39,13 +39,9 @@ in {
wlr-randr wlr-randr
brightnessctl brightnessctl
gnome-themes-extra gnome-themes-extra
libva
dconf dconf
wayland-utils wayland-utils
wayland-protocols wayland-protocols
glib
direnv
meson
]; ];
wayland.windowManager.hyprland = { wayland.windowManager.hyprland = {
@@ -66,33 +62,21 @@ in {
]; ];
monitor = [ monitor = [
"eDP-2,highres,0x0,1" # My internal laptop screen
"desc:AOC U34G2G1 0x00000E06,3440x1440@99.98,auto,1" # My external monitor
"desc:Philips Consumer Electronics Company PHL 221B8L ZV02144013987,highres,0x0,1"
",prefered,auto,1" # default ",prefered,auto,1" # default
]; ];
env = [ env = [
"XDG_CURRENT_DESKTOP,Hyprland" "XDG_CURRENT_DESKTOP,Hyprland"
"MOZ_ENABLE_WAYLAND,1"
"ANKI_WAYLAND,1"
"DISABLE_QT5_COMPAT,0"
"NIXOS_OZONE_WL,1"
"XDG_SESSION_TYPE,wayland" "XDG_SESSION_TYPE,wayland"
"XDG_SESSION_DESKTOP,Hyprland" "XDG_SESSION_DESKTOP,Hyprland"
"ANKI_WAYLAND,1"
"DISABLE_QT5_COMPAT,0"
"QT_AUTO_SCREEN_SCALE_FACTOR,1" "QT_AUTO_SCREEN_SCALE_FACTOR,1"
"QT_QPA_PLATFORM,wayland;xcb" "QT_QPA_PLATFORM,wayland;xcb"
"QT_QPA_PLATFORMTHEME,gtk3" "QT_QPA_PLATFORMTHEME,gtk3"
"QT_WAYLAND_DISABLE_WINDOWDECORATION,1" "QT_WAYLAND_DISABLE_WINDOWDECORATION,1"
"ELECTRON_OZONE_PLATFORM_HINT,auto" "ELECTRON_OZONE_PLATFORM_HINT,auto"
"__GL_GSYNC_ALLOWED,0"
"__GL_VRR_ALLOWED,0"
"DISABLE_QT5_COMPAT,0"
"DIRENV_LOG_FORMAT," "DIRENV_LOG_FORMAT,"
"WLR_DRM_NO_ATOMIC,1"
"WLR_BACKEND,vulkan"
"WLR_RENDERER,vulkan"
"WLR_NO_HARDWARE_CURSORS,1"
"SDL_VIDEODRIVER,wayland" "SDL_VIDEODRIVER,wayland"
"CLUTTER_BACKEND,wayland" "CLUTTER_BACKEND,wayland"
]; ];
@@ -130,7 +114,7 @@ in {
}; };
master = { master = {
new_status = true; new_status = "slave";
allow_small_split = true; allow_small_split = true;
mfact = 0.5; mfact = 0.5;
}; };
@@ -139,9 +123,6 @@ in {
windowrule = [ windowrule = [
"match:class .*, suppress_event maximize" "match:class .*, suppress_event maximize"
"match:class brave-browser, suppress_event float"
"match:class brave-browser, sync_fullscreen 0"
"match:class proton-authenticator, float on" "match:class proton-authenticator, float on"
"match:class proton-authenticator, center on" "match:class proton-authenticator, center on"
@@ -153,7 +134,6 @@ in {
]; ];
misc = { misc = {
vfr = true;
disable_hyprland_logo = true; disable_hyprland_logo = true;
disable_splash_rendering = true; disable_splash_rendering = true;
disable_autoreload = true; disable_autoreload = true;
@@ -175,6 +155,10 @@ in {
clickfinger_behavior = true; clickfinger_behavior = true;
}; };
}; };
ecosystem = {
no_update_news = true;
};
}; };
}; };
} }
home/system/hyprland/keyboard-backlight.nix
+3 -1
View File
@@ -39,4 +39,6 @@
''; '';
command = "bash ${keyboard-backlight}/bin/keyboard-backlight &"; command = "bash ${keyboard-backlight}/bin/keyboard-backlight &";
in {wayland.windowManager.hyprland.settings.exec-once = [command];} in {
wayland.windowManager.hyprland.settings.exec-once = [command];
}
home/system/hyprpaper/default.nix
+1 -2
View File
@@ -8,8 +8,7 @@
splash = false; splash = false;
}; };
}; };
systemd.user.services.hyprpaper.Unit.After = systemd.user.services.hyprpaper.Unit.After = lib.mkForce "graphical-session.target";
lib.mkForce "graphical-session.target";
wayland.windowManager.hyprland.settings.exec-once = [ wayland.windowManager.hyprland.settings.exec-once = [
"systemctl --user enable --now hyprpaper.service" "systemctl --user enable --now hyprpaper.service"
home/system/mime/default.nix
+7 -14
View File
@@ -7,7 +7,6 @@
with lib; let with lib; let
defaultApps = { defaultApps = {
# check desktop files here: `ls $(echo $XDG_DATA_DIRS| sed "s/:/ /g")` # check desktop files here: `ls $(echo $XDG_DATA_DIRS| sed "s/:/ /g")`
browser = ["brave.desktop"];
text = [ text = [
# "org.gnome.TextEditor.desktop" # "org.gnome.TextEditor.desktop"
"nvim-ghostty.desktop" "nvim-ghostty.desktop"
@@ -20,7 +19,6 @@ with lib; let
office = ["libreoffice.desktop"]; office = ["libreoffice.desktop"];
pdf = ["zathura.desktop"]; pdf = ["zathura.desktop"];
terminal = ["ghostty.desktop"]; terminal = ["ghostty.desktop"];
discord = ["discord.desktop"];
archive = ["xarchiver.desktop"]; archive = ["xarchiver.desktop"];
}; };
@@ -92,13 +90,6 @@ with lib; let
"video/x-msvideo" "video/x-msvideo"
]; ];
directory = ["inode/directory"]; directory = ["inode/directory"];
browser = [
"text/html"
"x-scheme-handler/about"
"x-scheme-handler/http"
"x-scheme-handler/https"
"x-scheme-handler/unknown"
];
office = [ office = [
"application/vnd.oasis.opendocument.text" "application/vnd.oasis.opendocument.text"
"application/vnd.oasis.opendocument.spreadsheet" "application/vnd.oasis.opendocument.spreadsheet"
@@ -119,7 +110,6 @@ with lib; let
"application/7z" "application/7z"
"application/*tar" "application/*tar"
]; ];
discord = ["x-scheme-handler/discord"];
}; };
nvim-ghostty = pkgs.makeDesktopItem { nvim-ghostty = pkgs.makeDesktopItem {
@@ -127,14 +117,17 @@ with lib; let
desktopName = "Neovim (Ghostty)"; desktopName = "Neovim (Ghostty)";
exec = ''ghostty --title="Neovim Editor" -e nvim %F''; exec = ''ghostty --title="Neovim Editor" -e nvim %F'';
terminal = false; terminal = false;
categories = ["Development" "TextEditor"]; categories = [
"Development"
"TextEditor"
];
mimeTypes = mimeMap.code ++ mimeMap.text; mimeTypes = mimeMap.code ++ mimeMap.text;
}; };
associations = with lists; associations = with lists;
listToAttrs (flatten (mapAttrsToList listToAttrs (
(key: map (type: attrsets.nameValuePair type defaultApps."${key}")) flatten (mapAttrsToList (key: map (type: attrsets.nameValuePair type defaultApps."${key}")) mimeMap)
mimeMap)); );
in { in {
home.packages = [nvim-ghostty]; home.packages = [nvim-ghostty];
hosts/laptop/configuration.nix
+30 -2
View File
@@ -12,8 +12,7 @@
../../nixos/users.nix ../../nixos/users.nix
../../nixos/utils.nix ../../nixos/utils.nix
../../nixos/hyprland.nix ../../nixos/hyprland.nix
../../nixos/docker.nix ../../nixos/usbguard.nix
../../nixos/clamav.nix
../../nixos/omen.nix # CHANGEME: For my laptop only, remove this (OMEN 16) ../../nixos/omen.nix # CHANGEME: For my laptop only, remove this (OMEN 16)
@@ -22,6 +21,35 @@
./variables.nix ./variables.nix
]; ];
# USBGuard:
# Allow all USB devices until a proper policy is configured.
# Run `sudo usbguard generate-policy` with your devices plugged in,
# then set rules = "<output>" and switch implicitPolicyTarget to "block".
# services.usbguard.implicitPolicyTarget = lib.mkForce "allow";
services.usbguard.rules = ''
allow id 1d6b:0002 serial "0000:05:00.3" name "xHCI Host Controller" hash "4a4NgfdUaJO43rkCzmWRSeHHR/uUh5+SNsXnhosm9qs=" parent-hash "ldMchY4Tt4GPUYo30eNGvai+Fs/EdnVY3vMyxJUq4Nk=" with-interface 09:00:00 with-connect-type ""
allow id 1d6b:0003 serial "0000:05:00.3" name "xHCI Host Controller" hash "d+DNGWARDtv9nEK2ZvnNOCtFernuMu5/e/oZ7kCppqQ=" parent-hash "ldMchY4Tt4GPUYo30eNGvai+Fs/EdnVY3vMyxJUq4Nk=" with-interface 09:00:00 with-connect-type ""
allow id 1d6b:0002 serial "0000:05:00.4" name "xHCI Host Controller" hash "icotY3rI59mWiKsGxc59BGZZeBjfbuH0b4NUByj3cbQ=" parent-hash "tHvBfznK5rpQn+oa0PEEjHa29EAEvGyCcZixsfwA6W0=" with-interface 09:00:00 with-connect-type ""
allow id 1d6b:0003 serial "0000:05:00.4" name "xHCI Host Controller" hash "UbEoCZW8HT2ldc3qDeiK+IiQlGeaBC7F63681OwmKhI=" parent-hash "tHvBfznK5rpQn+oa0PEEjHa29EAEvGyCcZixsfwA6W0=" with-interface 09:00:00 with-connect-type ""
allow id 1d6b:0002 serial "0000:07:00.3" name "xHCI Host Controller" hash "pz29Oo0RhQ+5+7LgOZR4v3OlcsVv3m9kCgGsGUnoUjI=" parent-hash "DRyV2/31MYHdzkIEfbPQeb/1w4/PjOW6GqWrXkftf2I=" with-interface 09:00:00 with-connect-type ""
allow id 1d6b:0003 serial "0000:07:00.3" name "xHCI Host Controller" hash "O6iOpcl9StImWT62SrbeXacqbG6N/mTIipTRc0ipCGM=" parent-hash "DRyV2/31MYHdzkIEfbPQeb/1w4/PjOW6GqWrXkftf2I=" with-interface 09:00:00 with-connect-type ""
allow id 1d6b:0002 serial "0000:07:00.4" name "xHCI Host Controller" hash "Hp8B0Enf+ACRT2tyy0EqXj7eNsFDAnTRZadzuh/Iqd4=" parent-hash "l2vhvC+VGVKlkBUUK/usFu8jHJ/5bWOnJG6WzRexpt4=" with-interface 09:00:00 with-connect-type ""
allow id 1d6b:0003 serial "0000:07:00.4" name "xHCI Host Controller" hash "rJ3LKdvkCK3SUrCU3lV8qVbmPjA+r9Fe5106x2HlgK4=" parent-hash "l2vhvC+VGVKlkBUUK/usFu8jHJ/5bWOnJG6WzRexpt4=" with-interface 09:00:00 with-connect-type ""
allow id 0bda:c85c serial "00e04c000001" name "Bluetooth Radio" hash "Q/wlToV8WQgEYHBW/UIhnSwCCusCGqAR2D5gspSCImQ=" parent-hash "4a4NgfdUaJO43rkCzmWRSeHHR/uUh5+SNsXnhosm9qs=" with-interface { e0:01:01 e0:01:01 e0:01:01 e0:01:01 e0:01:01 e0:01:01 e0:01:01 e0:01:01 } with-connect-type "hardwired"
allow id 30c9:009f serial "01.00.00" name "HP True Vision FHD Camera" hash "eYW5fqReJd29tfHXkEktKC63dGfDpmlRMo5uMGUWwME=" parent-hash "icotY3rI59mWiKsGxc59BGZZeBjfbuH0b4NUByj3cbQ=" with-interface { 0e:01:01 0e:02:01 0e:02:01 0e:02:01 0e:02:01 0e:02:01 0e:02:01 0e:02:01 0e:02:01 0e:02:01 0e:02:01 0e:02:01 0e:02:01 fe:01:01 } with-connect-type "hardwired"
allow id 03f0:036b serial "" name "HP USB-C Dock G5" hash "iPFGrgGz0sWgKQjWD/F8eNOhkeR728dTG8JJtkUSvuM=" parent-hash "Hp8B0Enf+ACRT2tyy0EqXj7eNsFDAnTRZadzuh/Iqd4=" via-port "7-1" with-interface { 09:00:01 09:00:02 } with-connect-type "hotplug"
allow id 03f0:066b serial "" name "HP USB-C Dock G5" hash "JHDjLFApQNqijjmuKdJSWH5+1oLL7S6LQ9QHTAk5fTk=" parent-hash "rJ3LKdvkCK3SUrCU3lV8qVbmPjA+r9Fe5106x2HlgK4=" via-port "8-1" with-interface 09:00:00 with-connect-type "hotplug"
allow id 03f0:056b serial "201604140001" name "USB Audio" hash "OxQ8HQenW3/4HSGEBOSYFS15rXDTOaNDnjMbICweHgw=" parent-hash "iPFGrgGz0sWgKQjWD/F8eNOhkeR728dTG8JJtkUSvuM=" with-interface { 01:01:00 01:02:00 01:02:00 01:02:00 01:02:00 03:00:00 } with-connect-type "unknown"
allow id 03f0:086b serial "" name "USB2734" hash "MSXcPAlZqkpTyZQylOhSIB8eMfST2AzVHV9EbrBGTWc=" parent-hash "iPFGrgGz0sWgKQjWD/F8eNOhkeR728dTG8JJtkUSvuM=" via-port "7-1.3" with-interface { 09:00:01 09:00:02 } with-connect-type "unknown"
allow id 03f0:046b serial "11AD1D0A89EA2D08310E0B00" name "HP USB-C Dock G5" hash "DEGeuj1u4lwqrzp0UksFX7mSEY9JnGLxg7yxGbglAKE=" parent-hash "iPFGrgGz0sWgKQjWD/F8eNOhkeR728dTG8JJtkUSvuM=" with-interface { 11:00:00 ff:03:00 03:00:00 } with-connect-type "unknown"
allow id 03f0:076b serial "" name "USB5734" hash "BshoqybYo0IKgoDORYPRtbhhlmQrYAxPQb2EAm1JsWA=" parent-hash "JHDjLFApQNqijjmuKdJSWH5+1oLL7S6LQ9QHTAk5fTk=" via-port "8-1.3" with-interface 09:00:00 with-connect-type "unknown"
allow id 0bda:8153 serial "000001000000" name "USB 10/100/1000 LAN" hash "utEnXKJ57kRUbPcGUaNWhEyoOEbLOYAFxvlsyC0PZkk=" parent-hash "JHDjLFApQNqijjmuKdJSWH5+1oLL7S6LQ9QHTAk5fTk=" with-interface { ff:ff:00 02:06:00 0a:00:00 0a:00:00 } with-connect-type "unknown"
allow id 046d:0ab7 serial "2046BAB04T68" name "Blue Microphones" hash "cC6AQ2e1Q/BeFeostpbf1mH2WpoUmt6bhau4NlA3niU=" parent-hash "MSXcPAlZqkpTyZQylOhSIB8eMfST2AzVHV9EbrBGTWc=" with-interface { 01:01:00 01:02:00 01:02:00 01:02:00 01:02:00 01:02:00 01:02:00 03:00:00 } with-connect-type "unknown"
allow id 1532:02a1 serial "" name "Razer Ornata V3" hash "wfuIjBhhGuge8gflyA526SKqKoy8rHJZQZ+2o6usMiE=" parent-hash "MSXcPAlZqkpTyZQylOhSIB8eMfST2AzVHV9EbrBGTWc=" via-port "7-1.3.3" with-interface { 03:01:01 03:00:01 03:00:02 } with-connect-type "unknown"
allow id 13fd:5900 serial "50026B76861EE752 " name "External" hash "l/QvVV5hzZj1z6OUwB/kWl+WnH/7awrdMBoiNVx660M=" parent-hash "MSXcPAlZqkpTyZQylOhSIB8eMfST2AzVHV9EbrBGTWc=" with-interface { 08:06:50 08:06:62 } with-connect-type "unknown"
'';
home-manager.users."${config.var.username}" = import ./home.nix; home-manager.users."${config.var.username}" = import ./home.nix;
# Don't touch this # Don't touch this
hosts/laptop/flake.nix
+31
View File
@@ -0,0 +1,31 @@
{
inputs,
nixpkgs,
...
}:
nixpkgs.lib.nixosSystem {
modules = [
{
nixpkgs.overlays = [
(final: prev: {
# FIXME: Workaround: Mesa crash with AMD GPU + Wayland + Qt 6.11.0
qutebrowser = prev.symlinkJoin {
name = "qutebrowser";
paths = [prev.qutebrowser];
buildInputs = [prev.makeWrapper];
postBuild = ''
wrapProgram $out/bin/qutebrowser \
--set LIBGL_ALWAYS_SOFTWARE 1
'';
};
})
];
_module.args = {inherit inputs;};
}
inputs.nixos-hardware.nixosModules.omen-16-n0005ne
inputs.home-manager.nixosModules.home-manager
inputs.stylix.nixosModules.stylix
inputs.nix-index-database.nixosModules.default
./configuration.nix
];
}
hosts/laptop/hardware-configuration.nix
+11 -2
View File
@@ -11,7 +11,13 @@
(modulesPath + "/installer/scan/not-detected.nix") (modulesPath + "/installer/scan/not-detected.nix")
]; ];
boot.initrd.availableKernelModules = ["nvme" "xhci_pci" "uas" "usbhid" "sd_mod"]; boot.initrd.availableKernelModules = [
"nvme"
"xhci_pci"
"uas"
"usbhid"
"sd_mod"
];
boot.initrd.kernelModules = []; boot.initrd.kernelModules = [];
boot.kernelModules = ["kvm-amd"]; boot.kernelModules = ["kvm-amd"];
boot.extraModulePackages = []; boot.extraModulePackages = [];
@@ -24,7 +30,10 @@
fileSystems."/boot" = { fileSystems."/boot" = {
device = "/dev/disk/by-uuid/5251-9B85"; device = "/dev/disk/by-uuid/5251-9B85";
fsType = "vfat"; fsType = "vfat";
options = ["fmask=0077" "dmask=0077"]; options = [
"fmask=0077"
"dmask=0077"
];
}; };
swapDevices = []; swapDevices = [];
hosts/laptop/home.nix
+23 -57
View File
@@ -1,9 +1,4 @@
{ {config, ...}: {
pkgs,
config,
inputs,
...
}: {
imports = [ imports = [
# Programs # Programs
../../home/programs/brave ../../home/programs/brave
@@ -12,19 +7,21 @@
../../home/programs/ghostty ../../home/programs/ghostty
../../home/programs/nvf ../../home/programs/nvf
../../home/programs/shell ../../home/programs/shell
../../home/programs/fetch
../../home/programs/git ../../home/programs/git
../../home/programs/git/lazygit.nix ../../home/programs/git/lazygit.nix
../../home/programs/git/signing.nix # Change the key or remove this file ../../home/programs/git/signing.nix # CHANGEME: Change the key or remove this file
../../home/programs/spicetify ../../home/programs/spicetify
../../home/programs/thunar ../../home/programs/thunar
../../home/programs/discord
../../home/programs/nixy ../../home/programs/nixy
../../home/programs/zathura
../../home/programs/nightshift ../../home/programs/nightshift
../../home/programs/group/cybersecurity.nix ../../home/programs/qutebrowser
../../home/programs/nix-utils ../../home/programs/nix-utils
../../home/programs/group/basic-apps.nix
../../home/programs/group/cybersecurity.nix
../../home/programs/group/dev.nix
../../home/programs/group/misc.nix
# System (Desktop environment like stuff) # System (Desktop environment like stuff)
../../home/system/hyprland ../../home/system/hyprland
../../home/system/caelestia-shell ../../home/system/caelestia-shell
@@ -37,53 +34,11 @@
]; ];
home = { home = {
packages = with pkgs; [
# Apps
vlc # Video player
blanket # White-noise app
obsidian # Note taking app
textpieces # Manipulate texts
resources # Ressource monitor
gnome-clocks # Clocks app
gnome-text-editor # Basic graphic text editor
mpv # Video player
ticktick # Todo app
session-desktop # Session app, private messages
signal-desktop # Signal app, private messages
stirling-pdf # PDF Editor
calibre # Ebooks
swappy # Screenshot tool
pinta # Image editor
notesnook
element-desktop
clamtk
# Dev
go
bun
inputs.bun2nix.packages.${system}.default
docker
nodejs
python3
jq
just
air
duckdb
lazydocker
# Just cool
peaclock
cbonsai
pipes
cmatrix
fastfetch
];
inherit (config.var) username; inherit (config.var) username;
homeDirectory = "/home/" + config.var.username; homeDirectory = "/home/" + config.var.username;
file.".face" = {
# Import a profile picture, used by the caelestia dashboard source = ./profile_picture.png;
file.".face" = {source = ./profile_picture.png;}; };
sessionVariables = { sessionVariables = {
AQ_DRM_DEVICES = "/dev/dri/card2:/dev/dri/card1"; # CHANGEME: Related to the GPU AQ_DRM_DEVICES = "/dev/dri/card2:/dev/dri/card1"; # CHANGEME: Related to the GPU
@@ -93,5 +48,16 @@
stateVersion = "24.05"; stateVersion = "24.05";
}; };
programs.home-manager.enable = true; wayland.windowManager.hyprland.settings.monitor = [
"eDP-2,highres,0x0,1" # My internal laptop screen
"desc:AOC U34G2G1 0x00000E06,3440x1440@99.98,auto,1" # My external monitor
];
programs = {
home-manager.enable = true;
nixy = {
enable = true;
configDirectory = config.var.configDirectory;
};
};
} }
hosts/laptop/secrets/default.nix
+30 -11
View File
@@ -1,29 +1,41 @@
# Those are my secrets, encrypted with sops # Those are my secrets, encrypted with sops
# You shouldn't import this file, unless you edit it # You shouldn't import this file, unless you edit it
{ {
pkgs,
inputs, inputs,
pkgs,
config,
... ...
}: { }: let
home = config.home.homeDirectory;
in {
imports = [inputs.sops-nix.homeManagerModules.sops]; imports = [inputs.sops-nix.homeManagerModules.sops];
sops = { sops = {
age.keyFile = "/home/hadi/.config/sops/age/keys.txt"; age.keyFile = "${home}/.config/sops/age/keys.txt";
defaultSopsFile = ./secrets.yaml; defaultSopsFile = ./secrets.yaml;
secrets = { secrets = {
sshconfig = {path = "/home/hadi/.ssh/config";}; ssh-config = {
github-key = {path = "/home/hadi/.ssh/github";}; path = "${home}/.ssh/config";
gitlab-key = {path = "/home/hadi/.ssh/gitlab";}; };
netrc = {path = "/home/hadi/.netrc";}; github-key = {
jack-key = {path = "/home/hadi/.ssh/jack";}; path = "${home}/.ssh/github";
signing-key = {path = "/home/hadi/.ssh/key";}; };
signing-pub-key = {path = "/home/hadi/.ssh/key.pub";}; jack-key = {
path = "${home}/.ssh/jack";
};
signing-key = {
path = "${home}/.ssh/key";
};
signing-pub-key = {
path = "${home}/.ssh/key.pub";
};
}; };
}; };
home.file.".config/nixos/.sops.yaml".text = '' home.file.".config/nixos/.sops.yaml".text = ''
keys: keys:
- &primary age12yvtj49pfh3fqzqflscm0ek4yzrjhr6cqhn7x89gdxnlykq0xudq5c7334 - &primary age12yvtj49pfh3fqzqflscm0ek4yzrjhr6cqhn7x89gdxnlykq0xudq5c7334
- &work age1c8pawdsxptfslgrz2c56s39mrtnjzc5mm3hfzgr2wdwu2v6vfsdsupjsq6
creation_rules: creation_rules:
- path_regex: hosts/laptop/secrets/secrets.yaml$ - path_regex: hosts/laptop/secrets/secrets.yaml$
key_groups: key_groups:
@@ -33,10 +45,17 @@
key_groups: key_groups:
- age: - age:
- *primary - *primary
- path_regex: hosts/work/secrets/secrets.yaml$
key_groups:
- age:
- *work
''; '';
systemd.user.services.mbsync.Unit.After = ["sops-nix.service"]; systemd.user.services.mbsync.Unit.After = ["sops-nix.service"];
home.packages = with pkgs; [sops age]; home.packages = with pkgs; [
sops
age
];
wayland.windowManager.hyprland.settings.exec-once = ["systemctl --user start sops-nix"]; wayland.windowManager.hyprland.settings.exec-once = ["systemctl --user start sops-nix"];
} }
hosts/laptop/secrets/secrets.yaml
+3 -6
View File
@@ -1,8 +1,5 @@
pia: ENC[AES256_GCM,data:0bnhHeVqKSLHVimd78a94ShHlO3+LUoZ4oiKD3cnBYkaZsw=,iv:S+/IChlFlqdI+PyFF+Ti4AJUkch2MS0qKiqHL1Q3RMk=,tag:+v2kV70ou84eIc01dKnAhA==,type:str] ssh-config: ENC[AES256_GCM,data:/TWslzoF2wtZ9T41H1y0wLNEx+Xzff8pQGr6AfEcACExRCv4rd5hD9pNAlmlcTtISJJBPEWY45WsLfSKuD4r3715IENM2biQUvlq47THfkGviQuQ6KAXiJxBQ/7qRNqGGt7WFRlWFRGYCiyjw9h4pOhovGgw8TU6tIgIsXjo0psclHoJoE4B3cSOby7DbN8jVI9NjpBGiQMXmUB3JVz7muC9F5EAs+XZUIl7TjQMxob3PiF5LqTJITODSxboAAk901rjS5gjQKpQKfj28TpUs5yCIo9RzSBO3z5orJy+ylupocRuqtC8ujAMqNb828G+0nRx18tpiGqXxRWUBZRNbM+vQHWzb5JWQpEBsu1twsOownVVrkyPkbLpYX4YSSnRdnL8VHmlZfLk1ZFURbsdDSRf57F+Bxo5Yn8XAkFaM5HYgUo4VBabGzVVAHOBWJWi3lRrlAqYdMBbSvDl1t6eQ0xp990RGh7wZvwnaTDqtkOJnLoAknTFi4yjMzSyk5UV,iv:1UJQU4eBZE1BMVnJY2CQTDH8jXSMlrv3gGU3cKTOvdU=,tag:OzLQRkTAKG2KQXv+Vh7Msw==,type:str]
sshconfig: ENC[AES256_GCM,data:+r4RpeGsAGjgwsWMgwQmZnSxwoPLGDQG0hgasm1/xGMA655Q6tLGDOvTD4ypZ6d5TI67cWENJHr1pORzHVdZYB/uS/S7Ejp3VaVEZDRuLtKuq+2mDnp87HH8caE3jmijWSJis+1GM8lgxdyX8sDMz6b/zu76SrZlusf+kMFwQA7svxlA1iHP/wBAN8CFu2XOaGrjXT/Ydwd9GNAXA3VHLf6r9yEzcT1y944/eKGAQdlDFIVEe/bhv5Qxul1AH8TJT/ERMuYdS/OpbqnRLyZHHkREr8y1TllTWdMnGz2sRB7QnZ99ULpyR/h2Qc4XdCiC+qYn0yinXsnPO+NW7ulFn+5lNoyekDveI5pmsv021rnOtJU1SnlEm9xx3dafVdmLpFy6Y8xeJFUeF+nbU3Oc6IHMKHQZoL1ucCsF9qNO38bnyTwVX+wO9g16fcNzR2EfjDCGHj7O8YxdAVzPWvbExKk+2iamkzXrI/P/BdAvy/+QagstPoMz4TxZvw1ir7gd5emk13+t9Cy2vrutbxbouXOAuXKA2021WP7V+aDrwsY1jSGO6oiBFYBwe3wCZ2rPM3+oHxrnyzohhxGRgwN0td//,iv:Wln9pc4ptH7aN2VnBRgO12fKDZiITkIjOJseUW1MZPQ=,tag:BNrMyiDsbu72A9ljdQd3Wg==,type:str]
netrc: ENC[AES256_GCM,data:cTaDDI8b9QbUI3zKzraF2R6v1/x+6h8KEQJbqIgdfKnpvIvg816eFhcMqn4rart4Adtayt0GQOYheR0Q9DfR+TtbL0ne/drdlAABOQxc6PUJdLo+O5kx4f5QJbJ4,iv:aZ+nt9qcmIRWyOhq3HfIU3qYHFnf8EjXOp0c0vQ2fQc=,tag:H6ncweCaKMDxq9VHt51qlw==,type:str]
github-key: ENC[AES256_GCM,data:xUgFMlBo8e+3eXqNscxbby1dWug3SgUagDiNUe/IGVbU6cczkaJ3uOaB0OuRBQ8AYhOLkzXj0pIKjUrElHwmYrhURtS1aF4SFEGJsjhhobNA//j3E2/5/nLVjfco+lRzyHdwmsNhEUCqEhsXrrodJMb39H4b5oip3z0rjc729YveiWUKQxXVZVPurp3nq9yNnix9R4CA6XYFRW6T6MNqgPD5qhbcDlhxLb/SN+uI5h+5eZIS24VDWlKaTaCLL5KLhZmfuA37SquOQ+edi9Yg8MnfrZkMrp/3qmAjP2rSQLMOc4QdQCLQBQSf0/snpydgLwY+FoJmMSztwtkqUdIZWOfDUJbJxegEOrAR68jLTNbp+GYiDn3thtOZDiK5p/M1amjCT+A9qeFMed5WS+aZHNTRbR9UcfiP6+48MGZFt1mr7q+/CoL04/DTp0w6tUf6/SZD31NvTJDqngkhpc0ZH9Dh5+2JcnBWpq25AM36kZTn1hIQCLNTr/oGWZXSLA2tksAhQCaUcFj4IIh6Bl96,iv:GEJsAs5NriwENYTV/VShgJF6iMmrtTwNiXOvfXyEP8E=,tag:nfZgsFqaet075GjQAoVZxQ==,type:str] github-key: ENC[AES256_GCM,data:xUgFMlBo8e+3eXqNscxbby1dWug3SgUagDiNUe/IGVbU6cczkaJ3uOaB0OuRBQ8AYhOLkzXj0pIKjUrElHwmYrhURtS1aF4SFEGJsjhhobNA//j3E2/5/nLVjfco+lRzyHdwmsNhEUCqEhsXrrodJMb39H4b5oip3z0rjc729YveiWUKQxXVZVPurp3nq9yNnix9R4CA6XYFRW6T6MNqgPD5qhbcDlhxLb/SN+uI5h+5eZIS24VDWlKaTaCLL5KLhZmfuA37SquOQ+edi9Yg8MnfrZkMrp/3qmAjP2rSQLMOc4QdQCLQBQSf0/snpydgLwY+FoJmMSztwtkqUdIZWOfDUJbJxegEOrAR68jLTNbp+GYiDn3thtOZDiK5p/M1amjCT+A9qeFMed5WS+aZHNTRbR9UcfiP6+48MGZFt1mr7q+/CoL04/DTp0w6tUf6/SZD31NvTJDqngkhpc0ZH9Dh5+2JcnBWpq25AM36kZTn1hIQCLNTr/oGWZXSLA2tksAhQCaUcFj4IIh6Bl96,iv:GEJsAs5NriwENYTV/VShgJF6iMmrtTwNiXOvfXyEP8E=,tag:nfZgsFqaet075GjQAoVZxQ==,type:str]
gitlab-key: ENC[AES256_GCM,data:4t25oBtu2oMmVdBnLkRMSXCICbDRiEfFBpZuKiBDskTeOH1JvwKELZ1E2I/sSIjZLn0MRi3o+2DyhkNVZYWqctQAUzBsSxKHMlcoRfvspKnLHd+kDFXkr+ltfJenpu81bK3tKP+VB5kZWmhj4bwEH1tR4BTlDU8nvsAq/l0aR/aGeDFfBtN8GyDwlXt9hta1XRv3X8sefb14wdsgn3CmTAmMSUUK7FePbCR4YwA9L+tVzRoeqw1VdrnXL5X/qX6jARH2G/J7Cqpwl8BhE8Oe/b5HqtJxplu3n1W8fOCpTOCTRV0V3k8UXF1doHwNbUurb1ATKiiq7c/BYqb8nZCodF5upGcFSGx6b3UZuLw28c5QwsdJFMaE3GJLCe3yIFnArVoGlOMdBFpWcmCXCc0WSdS0bOGTaFsmeu71SJ436wDZdcfFHNqaxZ2ex8Pvx8bhs0ORCUiZgFFNIFTDrUP/Hvgn6JdBg0u4srU1imjLorGR5OQ/YTgzAoXUlxwMHb3ssMMc6XApHmftwfQTHmPJvT48VwKsQ+HZNAXz4fFgl6ynmkQzCacD5XtBoPs176igzdcg0uSeGTf60PAfKURLDHNUPY+tcy7sjFwAenl0837/rLgacVCzTTmErFZAwcjLIBrcz3b4o9frqwdKataKtLI4ux45XqlcjLxP8Lk2MMuTQH89ivZYPhvtTGbyCFslfc9Y+dztkis7iQ7oNijpxgBt/b8YZID+uLYqokJ8bHNiIAZh98FrhhaQ4UguZhg572Nuea9CZWXQTX59Toa5kxRN4ACZi4M0S9W8feBd4Y7RaD8ip3iBpqgW9C9CsskUGijxTbImsNK7gRHHcmt54Hrc++2b9ljQOHeuOLn3PJwi2JihphdELdGh0POpZAknp8kVkM+M1e6IKZkTSWpTSFyPimczh7cVhIplfHnm5627H7CiI2bKgRoQ8SCJsMrPpL9v38Ug79HkA0PrbCtrxTO6UnaAqIKG9UPhTyklBnv6q3DrDa3lM4Z8W+rF194tATyvp6NYhcvOP6iE+rEv66ARuk3WLZYnAut0vvaMR7D5PoD6gcoDodBM9HDCa2g5G4ob67TCi8nRFUzHmN3tHTmASGeFvzMiGVIZEkxUafKuOx4dA1eyQBF689jJhnPA/YLSvYFRKwXg08puK0uTvfh2rF4Kdo6pV0IpUnfUsiG4odocCgdQFQJR4FH+E41kNfNYpdUx2ufOBwumpNNYIrGYuHOvWcHW5nPASO4qIhiTy73FvFWg/m9kpXeTfexbVVK31NXHcSXL0MejpRPI2pkbyW5WPP6GtLffRpFQvVBnGMlN4+2863gka/52Y7K+foNs038+GL5SxD87CmIg4e+m8qOa7QL/urb7sI63DBIFmcTY0kSsmcYitH7EC3ESGlZMZqNX2Xnv74M2wxeZ6ACTXRU//cc8HQ6FcRhsMwVwKhrT+r/rtkfK+T4YYT8OMzFgOtY6TwS7kj8MwSzC14EkvqWuTNVVm6HP1vxP6wFCmM/bGtDoXSfh1BRIQPUPxUPC8Na7R42COTr3tSGikviDs3CA/N5QYEFuxNntiNyPU2PzW/aASDtsfq+q4DGIRy5/w67Z7i5M+CyXl1FwYmgP1+SC17CgL6JoiCVUlmYIMq5n5VZN6dv4rUvEUcQSVz1Eovz6DbpHD7ZNMuKRVdhRvTD+DigZ53RxKIfFSlaE8Rhy4VxKDSGJymlYutGvcEOLoYWkPDNUJXb583gq227/GGeRvH1mYYVagNjw3wFhphlrNPO6AC6+sb7C596vlqRGqymPn491bUlVJAcQxTetT/yd0z0eLd9Cd1HWj4RnMgCoqGxgILxEer3YjnPRgnwYG5of8kfo3g6TKxpBeIDk4LVypP4fPMrNwyGtBHCjMmRdqMUsSnLQj0csWfBbjEp5ymeRCGcOKWTgeLFbugw3q+noARrqNNnXjA5aWJl5L13gZJ0QUsYUQhXrY0000WPWDbhNLoT7aRxAQ2HHzoj6pIFOVDT6XUTEw1/TUOuyAFk3URrzi+xOSeCJt5Gb1ggeYzQAwCV05opPq8ZVD+8wpxpb9tTDVN0HTmsbwWdpNKtrDsZCmpgAu6dg2V3MIXsPLp3HsAb7fcjj2MGc1T0BR3Ji01xqLuprafXsqnwgkez2D45NUJbAa4PftevAjDLCvzTpS75yaC66RNE20vNruxG2u5zo9eiOBXRQfrEmqua4t/ApnWjYRfKxEkvHvf9zSOel5UYzFN/5Dq2XVs5t0JRp4Q1x8uLZK803Vsy++RdEtw33JbosAjJECSCs3WFNtsCNDetAhQYPH6G8SVj1q/jZWmp/tk/cbYXLSg76Aej3Rni0Uwd7Q8IOISQ598TJw8mqhUdpfz0wRj/8m0d3deTmY3KOOqzaDu+W0weWc9WV4DIzbhUQUh44IjIdCDurB6hveqvWXMgKTS8RHpAB1T1ZSD5eWsG4ZN6FxeO1kNJVKWzt1MwzcDIkdLI+fWLJMUz8/KNAXqlL6772qYM5rK4imC6LLP4xl6faoyPAcyK+eHiVkEgPDXp5f+8LO9bsw8A1hs8orv1ywZf5CeeR9IfCxFDtSMmR/Xnu6LU+Ih5SpHi3DONCtCT5WDQ9hmZg9UQK7KECSbaWKQKVh3aYbKWfpy7SGfeKS7NIALpS1+eTmmWEP5H0kuNYJZ/hi4EosWX52wXSySMQ2S4y+qsK+6yn2lnw+CB+HxuX9Zr1r0QbIqmKOOKMwMY229WAN/C9CaxvlFFpkNJ0PPZgm7LVIoIExq5eDzeYBn5lKzQb7W3webOMtRtP22u0ynRVh23996lIQ0XSII/3YyR/5GtP5lfP6SNWVC9/8j3QLDJNYHuEJwI/4K3CdxaFhdhwryflRpH5pyvvicuFPyNS05AFXhTzyaJFiY7kiscxm5SmZv+DvH71ij/hmWSJqZPM9V2aPf1wtwZiLiBztEEcQoKlaEBdcn7roYv8aHWowq9zzvSYcOX0PWsvkrdWQ7crh2tMBrwCQ0CPKwayqGfzS1+7ZyhwSXuTBd53bqax4z46vaZWtQ0rD3sFugcD6U+EFMZ6SvryTBp+uj7O5usoiQELG1AVWXc9dLS1c8ZiMjSYXpjFyl2v564xvC4DniAIpBoaq7mFMyz9B2uCTC4szYylmFfsj7HPpN6N3nOQ8NduQxo7QZoDgB0D+I7CAZq38YEFDWy8ZzdMoJb8E+Sa9GCKyX38mVTtbnLnHdoVwnie9JBwJ3QyqiupDYmdy/byCI7weMKInASHdVGbkHvpycbzVdQ8PxVTqBmdPuEe0gVmfFwyDb+lmGji7A9aC3w9J5KBfnC+qoFeRJZ2eGpGuJVn0RfywpTedK9E3r2Vlfp/zxVcjCg+hOptBuyd+KUAEgsj/HSpmKOMlZ7ooGsqqTW23IpOImx5Q7BOMK885k/3Uew1b8iEkJxvb/V6/MlO2Kx3PZZkES/9Yv4XMtVMhM1fy4vJGSU8NtW9bc6VsRqt7zeLqTm2d6N+iDQaM05USUhDHYlMz4YAwTU5ykfgtBkXa8WGW/O8GWzqWVDwRekgJKjMNy9B1BkGFSagFn0iyf+cJtlucmbaxTQpPO15gOAUyXhHUTNT6RG+ywaqM/UMDBTYwZdDSkCFG05QvAVTLC3hSw/DCCm4IkGmVHNq2vTxzOoFUv9HqFatEhQxBke7D7UC+vj2tVbweVTfiagImx3UioNYvcXXTStiUy8mm+NoHmeo0QvYCS6+9W6wFtMHAL7i50WoTuCLIP4AudKY+EHv7U7V8nISPnar526Vjtz4W3Y0XbWXUqrs9orudVsu3r5fMgAZoI85JRWwC/vU8MCK3v96GuUN0WCMv3xXQE8EbwW+IDmbD7hoAc8EnBCXMInLyq6dgVbSAgefVibyrw+XHr2ph2ydgxuBWFGs0KlfLU6hh4wBcaM70gsUwUXPaI4bRMoMrRRxM5fCHBH9pCD0d+YUB1WPl/P0bJ+vRXlYbJyHTZbJgr7F7VGl5b6U36c3wsKYBXUmOunVCvQ7W3Yjuarf+uctPDUnD7nZKHtfCm/EAaMfZk1k/oqn9jbnuEOH4ZPfjEgz5CfcMLiO+Ej3Mmea6ukujlmFQ2MgyVfy8n1rThe6/NJQIs37GV3ATM+dzNBPKWBNcHv4oxNOg2/UOmtzLrYvIUosUKotw74hayf/ZU4NlTULeMz7JF+U/u+ZJlICdRPHbINeJuuMIFFnF+7/U7YV6cmQS1V28RcgHhrHhX9yUKdfrQjOh7yxqVX6eJOppmQ7sTDKKPD5baDKChdgptzprSrbLlZ44AC5xcW3kpIcEKjat9jIeXYTBOo+gmOxS1BVk/gAH1pJpxKJsibsWAHaRsTRykj1s5hHlY4ESf/gQ2O4R0XJSvrwGw0DeXSkQIcdqt1Sgn0jX8S1eZ/+lDm0JQtWGkP1AEOwmo9uJmfgFZuEe9R4GizXqCmdvWtoSsgcVtoHqz8IJjuBrVeV7nOz,iv:g4X2GC/9+je4qkvUT4UJl40+r/FzFY88XtYkthiwGVY=,tag:XFfEzXJEeKXB/QJt2fT4Qw==,type:str]
jack-key: ENC[AES256_GCM,data:VfCl3wH0MMBc8QDyjLDFeSvzSEsf7uGpfJvRjFrmjW+bPRUXBpZhJV8a9VQIAz7z7zZXvzARMfCeI0ydyC57CW81GH5/H5pneJ4b+xreINjVfdLbL1nC1thelo/O64jda/L+xVKhgE+QQi8/zt4JmXGghkP+74nYcTTaMpmcbgWw354J1ybXqyCEY+88nsJ1d2s+M7M2bplx4fGb7sLUs6sqdsad3sENzhH/0HQCFXreHTtgsLbIs8ccmdRgFNKM8/wD0OoW76rOQsJoA9JY4yOTQNVoX5M8+Olj6+wVlt6QBrWrYRuEztGnHrHvzxiHXtmEkMwVNfoPpEflQyRYRa0rVp/66REOkMckGx6/LbxKFgrxnifRlsK3kWd28v2bRGVQOghUluYUtVkaJ+eh6o6ik0NQKx8/H6BznBSDE6MjDwbLv434LHBfDtAqhWN1eMbOlunFivsl5Hb/6rl9kydHlcCS6FY8cUHoKQ90gDaUuDrvUifwmdO5hU0GH5tgvGi1ReK9ndcpQsrHptG6,iv:oC1xU5Tu3The105VYRmxIw4kEwDoqe8T/EH6mmqpqwQ=,tag:Pu8c536u6W7ALrqjRsvXDw==,type:str] jack-key: ENC[AES256_GCM,data:VfCl3wH0MMBc8QDyjLDFeSvzSEsf7uGpfJvRjFrmjW+bPRUXBpZhJV8a9VQIAz7z7zZXvzARMfCeI0ydyC57CW81GH5/H5pneJ4b+xreINjVfdLbL1nC1thelo/O64jda/L+xVKhgE+QQi8/zt4JmXGghkP+74nYcTTaMpmcbgWw354J1ybXqyCEY+88nsJ1d2s+M7M2bplx4fGb7sLUs6sqdsad3sENzhH/0HQCFXreHTtgsLbIs8ccmdRgFNKM8/wD0OoW76rOQsJoA9JY4yOTQNVoX5M8+Olj6+wVlt6QBrWrYRuEztGnHrHvzxiHXtmEkMwVNfoPpEflQyRYRa0rVp/66REOkMckGx6/LbxKFgrxnifRlsK3kWd28v2bRGVQOghUluYUtVkaJ+eh6o6ik0NQKx8/H6BznBSDE6MjDwbLv434LHBfDtAqhWN1eMbOlunFivsl5Hb/6rl9kydHlcCS6FY8cUHoKQ90gDaUuDrvUifwmdO5hU0GH5tgvGi1ReK9ndcpQsrHptG6,iv:oC1xU5Tu3The105VYRmxIw4kEwDoqe8T/EH6mmqpqwQ=,tag:Pu8c536u6W7ALrqjRsvXDw==,type:str]
signing-key: ENC[AES256_GCM,data:NvLqmt7NzrWkbQQqFfosmSMvEv8C8+MDDpxSoDo3zZ3MR6WXr9B+6CnUc6rtevM230wgE17VC9XlmcQxX+PjJsWq6gZteK5THTIcrR5zPJVNlVCEyeLKoFj/6m7qBgyyoN3OjCNjgMkhsm009jwBgNk0qJMAYebOGo8eoP/al+4ytm7dhna+iX5WZabAg0J4z4JMDQonqQl3SaDnCEdHvk9m7ZEP2vUFscPkbLj4ewgFq+bUCHOOQb2uqRJoEgcR/NetRFcQfzcU6lp7JxobaICaO3zdmomUm7oabIUTrc3Kom3Wjw8ryqfqC1/SC0SHr5XGk2ygk0WnlQ4kNshqriL2dwbWAzy1Z/cTX9+aB/KNtC0U6zWG1bpnL3dgSgvhRiocIis/eNg1HWsLWVicmdebL/lXHztxFMdTuX/gWgQBotggTmx+OFGZfP9ZGlF3635mDxM/fEOCtTyA195dMicCUsjEpBegNtXsp+oOtxyRI0jSW47MBcXFP09f5ywELTPyz4eOUHO8sQ6UfJ6X,iv:KNQUlMPaiR4x1Fw+HZe/EOmh/gfsrqlefpq23uflz/8=,tag:illu42HKunQXnijjsUIvnQ==,type:str] signing-key: ENC[AES256_GCM,data:NvLqmt7NzrWkbQQqFfosmSMvEv8C8+MDDpxSoDo3zZ3MR6WXr9B+6CnUc6rtevM230wgE17VC9XlmcQxX+PjJsWq6gZteK5THTIcrR5zPJVNlVCEyeLKoFj/6m7qBgyyoN3OjCNjgMkhsm009jwBgNk0qJMAYebOGo8eoP/al+4ytm7dhna+iX5WZabAg0J4z4JMDQonqQl3SaDnCEdHvk9m7ZEP2vUFscPkbLj4ewgFq+bUCHOOQb2uqRJoEgcR/NetRFcQfzcU6lp7JxobaICaO3zdmomUm7oabIUTrc3Kom3Wjw8ryqfqC1/SC0SHr5XGk2ygk0WnlQ4kNshqriL2dwbWAzy1Z/cTX9+aB/KNtC0U6zWG1bpnL3dgSgvhRiocIis/eNg1HWsLWVicmdebL/lXHztxFMdTuX/gWgQBotggTmx+OFGZfP9ZGlF3635mDxM/fEOCtTyA195dMicCUsjEpBegNtXsp+oOtxyRI0jSW47MBcXFP09f5ywELTPyz4eOUHO8sQ6UfJ6X,iv:KNQUlMPaiR4x1Fw+HZe/EOmh/gfsrqlefpq23uflz/8=,tag:illu42HKunQXnijjsUIvnQ==,type:str]
signing-pub-key: ENC[AES256_GCM,data:XuokZmCsnaNQ0rvVa3k81T4vtxw//r63xp1yHDLaNAMwA2r2bh6addl9WoAmm76g1rweqZrAAIw1PXDb90ubPaBP1iEHSkGZpwUpy/tOTePRdHMW2WtVvidpHQ==,iv:auB/bA89cJK6DnQi1BK2uldXRPyJfo+r7nl5qOLefUk=,tag:/I3kB6El1yesBMGOjJ+oHA==,type:str] signing-pub-key: ENC[AES256_GCM,data:XuokZmCsnaNQ0rvVa3k81T4vtxw//r63xp1yHDLaNAMwA2r2bh6addl9WoAmm76g1rweqZrAAIw1PXDb90ubPaBP1iEHSkGZpwUpy/tOTePRdHMW2WtVvidpHQ==,iv:auB/bA89cJK6DnQi1BK2uldXRPyJfo+r7nl5qOLefUk=,tag:/I3kB6El1yesBMGOjJ+oHA==,type:str]
@@ -17,7 +14,7 @@ sops:
cmVxVC8rVDlWMUdZaGw3bmdOaWZGS1EKYahBlc8XpB5UdKZQkvxbLcKQ/xkFJjWo cmVxVC8rVDlWMUdZaGw3bmdOaWZGS1EKYahBlc8XpB5UdKZQkvxbLcKQ/xkFJjWo
FSfQWnjhe/a7BJtJEcKZkjOQU0mYqlSu+uT2RA9diCQeRUJPRF+nAw== FSfQWnjhe/a7BJtJEcKZkjOQU0mYqlSu+uT2RA9diCQeRUJPRF+nAw==
-----END AGE ENCRYPTED FILE----- -----END AGE ENCRYPTED FILE-----
lastmodified: "2026-03-30T15:43:41Z" lastmodified: "2026-04-25T11:23:30Z"
mac: ENC[AES256_GCM,data:fAn9R6YyyWD/WjA38Me0YLdzSzcuclAr4EkKM4De8Hd7sVrhl7FFI+Smoy3QagwljuUwjc9g8U5K6DYQB+Syu0re8ODCQmpzUKyQHsnN7OHHQk5dhrentC4GhTaEXjb+VGnPVGVjlLBo4ulw5faqu5A7iLHwViT0MjpGfq5egqA=,iv:1rP6wrHzjZvZGei4UljSR//6kL/1qzLskAUVCMA+HqI=,tag:QuhLq3ncHRxKyvHPDnH7VA==,type:str] mac: ENC[AES256_GCM,data:ZnLSwtyhaiMIcXxzlwhtk0dWVnOkn0avfeRezPPNBUXd0oyJY+krBsLXJdSNPHV/X/L58476okYjUzfIQzEAkrL9Fb7v/Jt0aw4SDrxbF+qbcfdvsWPUjFDJIPovuf3ee3o7iXGU2ItGTaJa2eFACoyd37KVc7jZd6gvYYAyULA=,iv:7IKqe0c5CTgJrS7OgCQWhtxaCVKo+UWEibttFUVCWGM=,tag:OfCrKPzrPBZThCR1j7IB7A==,type:str]
unencrypted_suffix: _unencrypted unencrypted_suffix: _unencrypted
version: 3.12.2 version: 3.12.2
hosts/laptop/variables.nix
+3 -6
View File
@@ -5,16 +5,13 @@
}: { }: {
imports = [ imports = [
# Choose your theme here: # Choose your theme here:
../../themes/zen.nix ../../themes/darkviolet.nix
]; ];
config.var = { config.var = {
hostname = "nixy"; hostname = "h-laptop";
username = "hadi"; username = "hadi";
configDirectory = configDirectory = "/home/" + config.var.username + "/.config/nixos"; # The path of the nixos configuration directory
"/home/"
+ config.var.username
+ "/.config/nixos"; # The path of the nixos configuration directory
keyboardLayout = "fr"; keyboardLayout = "fr";
hosts/pph/configuration.nix
-25
View File
@@ -1,25 +0,0 @@
{config, ...}: {
imports = [
# Mostly system related configuration
../../nixos/audio.nix
../../nixos/bluetooth.nix
../../nixos/fonts.nix
../../nixos/home-manager.nix
../../nixos/nix.nix
../../nixos/systemd-boot.nix
../../nixos/sddm.nix
../../nixos/users.nix
../../nixos/utils.nix
../../nixos/hyprland.nix
../../nixos/docker.nix
# You should let those lines as is
./hardware-configuration.nix
./variables.nix
];
home-manager.users."${config.var.username}" = import ./home.nix;
# Don't touch this
system.stateVersion = "24.05";
}
hosts/pph/hardware-configuration.nix
-31
View File
@@ -1,31 +0,0 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }:
{
imports =
[ (modulesPath + "/installer/scan/not-detected.nix")
];
boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "nvme" "usb_storage" "usbhid" "sd_mod" ];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-intel" ];
boot.extraModulePackages = [ ];
fileSystems."/" =
{ device = "/dev/disk/by-uuid/5dbf85d3-d236-4af8-b489-d6066bfe1eb7";
fsType = "ext4";
};
fileSystems."/boot" =
{ device = "/dev/disk/by-uuid/043E-1755";
fsType = "vfat";
options = [ "fmask=0077" "dmask=0077" ];
};
swapDevices = [ ];
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
}
hosts/pph/secrets/secrets.yaml
-18
View File
@@ -1,18 +0,0 @@
ssh-config: ENC[AES256_GCM,data:jtot9nSlaS/zmVqGEDACG4HarHFnpw3QMLdYGOvHI1rzjFm+FuIw+MXtPBaDT2rWO59XKchp31X2rik6igNoY9iuQ/uncFWonkb8RTOV6zG/BC32cFf08nNmp75slr1y/YA8rc2kM4An81Zq27g0e9AKyRVRqmvI3HEQq/1mpWF8OJpSfdggCIylGQezB2Vy3Ik2hJyoJaf7BSaikN1/jPzaImpPi2OOrREydePuZjX8D0DqM2xm+LUSsUpXutsKWDaaeuMAqWfjH1svOvT4+oyMBoqrp2+ijP7vRjFeuYrxaU858YzDi0+bTdzn8umlAr6rjLZW+9JUKDog5Fja5j/WvIk1PClqfXCX1+hCX4GlAdV3FYTn,iv:vQuRDKuidQFl4u7bQlAEAf3s8kYBdNwmXO6JbcRV32k=,tag:yv7NHfncDwjy9OGrTZI57A==,type:str]
github-key: ENC[AES256_GCM,data:GmZfleQssslbVIiqyzhszhsfXHZcuBgkCREna7AHtP95lyG2F/0u8LUmliQePxwMirJLHCMnl5z0QIvAIsOtXsb6oKEk+Zc9BRapE/d+vmaKqWH06ip5TIEkGHOzxPziR1KmaLPw6RpgyC84p00jiNy6uNPq8iEibdsLA/YPSxfiYCon+i3qZ4qEDws2ZBacEvYCt6A/vyXSTpv3mZCpAUP2Ageghy4mYioIxjt/AG/QwJaN3excyoPPITZ7kMrnJ1t/6vSu0rb15i0sWULFIuOLaniTpp3N3mw7A9t5W+z9POBUIoL9L/m3DMRKsl6Fck8s/Fp+5XvpkSCTZIqG+lJVz/eemZcsr/mR9rvsFmCKNjS7Fa54WZ8O/yABWjIV2e4DCdMgUnq/MlOePmPWJROTqjIjRACrgzco2s9KwCvBAfZJIOenc0sMIhgn0VA1gnxTHC1ycJp5T5awTfTVTImxCACnUZK8nChCEpiK1QGSpnxTD3a9RoaHiE3pBiINmYVK7eU3VWqVh1K9wvIODfTK1zASr3ere8Rvx3xmIiK6NKx5GFQ4DazZsyv1zDZYb/kOVu33sSlmGuoMvJ9QadN0+fu8sTj0hi9OBH6qpTIrSw9SWhJnX4fXMN6mbwC2QJB+jJYrh/G10J3xAZwxlrujVz9t7fFzv31Xitk8zSkvFpfJFbJWcGZArvyvTP4xPDh/2+eXqK01nQ002puv7XIIEJaF0kOcASR0w7qjDXG598IGBwypFyj+oljBWluMkjNV+M9Gc+YhbsDYSyI56fqqraC3Vqek8dXK8PmNFfQ62zZtZ3OMBzMjwe+tq0Q6LKdzaJR3N4pF2wqj9df37S/onJFCpU3+XkU5Ur9fk94bs8McvY5Y5k0r6TZNbz6Ye08yHVZa/MzPQG9dXpc38hHdfldDj6gz87XkHQDbABzqQ+j1RL0N7NUMsa9tR3hJZPV2lZYm5TNQYfAa8jDnuO2NwhGrGoD/jFycVElulyHV2F1goMag9MRGK7obpoVUN2RtnSj1eYlH0E6uGuCwBe8GAjhIVCnXQIn5hErJjh7VWeeastdfMlw5z3JzKMaTPXusLY0BoGejDIvRh8NE+R9vv4kO4PDJk/dTYTGfBhgcjdD+nD/uf1mdpzlV/ojaGbH2JxylQ8LkWVd7rwIhS4skLwcE+9NHuBVTkc2eP9i0FnTxsJOlX1RWQn3OewxrcnNuVaGMnZisIk/hXz4Qj1I32+5vD1w5vzRZyXy9QZBGlED6ggbj7SDuSBKze6KYq2saIf4d0n8pScyiziSjGzaKdjW9k7T15XOg6O4kbwuG+fOQSOLGB0lY173gA5P5hy4SRF12Yyk4fK1N/T80SudI/DTy5Zj+e1uvPcBseAw0EGDUoyWeqSTCMSdk4q+B6mdvFPx3002EuhVKE6saNMzTZ/5CweLQlYFSp4fmIVhkih7XKcNSOamjsUFFVjjg5QNY9lDuvJ25DTIhvD9xhr7VHgyVSV6CoyUUkOpOA0GWW4Qx+xvv+NrDjsVVlmKUlGRsX7HNPZIyS4RiR7ikP/jLVNYYig63vXqvuIqXeLLAdyrO6DwfcnM51u0Q6Dpsb9OJbNR1zjxK9MSyVyHMP6RNs1oQgPfypa67eQMJ7Tw9JEHIH/VMVL/Ha7dfThB3mkAM5HRbnUA6eSMkwYdBjRF27ERXLSywCitIVx9xsN//FcR8yg0iDQvmp+HPWQkL4zJo6lPLblIhgNWsp7i23F554G4KpbosKZU6RwG7xNaqMF0ATAxt2l0oIU7DGmO6iH7W1kyiLmBBAqFOR+43ikSZOqgJh/PjlFLE0hdoDzL3jerFPA7CCU4bmcspBO3afS/wLO1AaQ6i9rLlRpjY+8HRpB6PKEPOVUrAoaef88vICQDN39/Z3a4IfUIqJ6bEYZRhoVrMJF0FXGDpO7hk0cfXabj3VKG7n0LtDFD6vzydhfh2E3sIY6sSUNtSWJ9DOWk0MtrVhuZoHB9XPiXPShm25BitaHJsB6tin+8AUMhLz1kfDO1Qo6FUpNKnFXBVuYL05J2nqG7RRYwXZq9mqwhHLmsUtVjhndpwHK929WeQ/PR1A2OOJPuXWARjp2XhhBlrbrYy1RnY528joLc8wWtQGQVx4LmJKA8lxFtdb3Ina57N8R/U1Vvf//vBBb1blfgYY7w6zfwxeAjtbqnGVhWb3pdM2hAou/5M9rMOJxE+CyUtLibahO7sfZ9nnMb4gltQfKmN4LnwXPmaILz0xx0eJvsbN/yV+CLnmBqJ8D+dJg6ANGrTbMSveWvgIifr3NIIy1t2l6hQyYRava8XhoRCW7xmxTNzQzUh3xY17Z4cw5YJ4ac139Le836mzCKl9yscI5R2a97g7tnGOruQP/PCu6DIUaLRoitfpnEorZBLuVwUU00QW1RUb4ooKrvGap5/GjqglsVdiZQJrml+REmZyJRtoBT29zXU/JI6UYZrwRvXhRu4mWaxrLEmrrqQ5ABqpwy4ednuxQbHZPY3Hy1tXEtc3zeloT877cLgmgJ5CaYHnyXindpHzQBtPBMmbE8zHHs1lyZ11Jz1hfGc5h48U5YjyrXQqpbLSf6DC53ysXDl/JE4lD0WElqUmq15VpTZ2Ue43CEfasbXbP4mAZ7ixQXj3qVZZNz1tZ8Y5MZYqvtZC1YDn/tAWtd0SuUwK5qdq7mRo7d/dLASnkTGQfdg7QD2+EsWPtT2wtmVsPVQyatP3isM6wLO8LY+h/1hZyPyyJ6X9LXbac+/SGXECP6nvxbDkhzbcwQBZDHNopAeVbLQ9TyruvIxqDlyOjBgygigJlOiWA2zihf7ujn+bBjQVV/wNROfFS9IrKgITgWgeInGeWs0fXW4KoJNMqI7ftk7VWcKBonoNItanEHin2pwDRZM+v5xxjbjA5K4ZOqSMnwIPMr7WceKy14OMZN0o1MRmFOV9i128KkcppZAKt5++CmndtLsHfJ4sl+AfoYhLJcX9JTPLMD9sKqtZl086I+dI+rS3RAFkKdzgkY2BMXaOCWg33fC3S8olno4y8qFTnI+6UT/M+EZtsIoh1rG2MX3TdVNH1yppPK+1UluYxmPZxNSLJajUmFgAixq7AqFd40ULrHs/nCozoIgs772ttzo55Ri/7BCO+INtnyBp0MeNCHWC8g+UOwH/vGqdsRIQE28udwrmDIdt3Bh+tK9r5+6GvZN8gC89ZaorI+5uaLxFsjwMM3pNpIMfilahN47tbfcqXKRWpOSNbWo75L9bv0I1U2YPQ5JpKTjPveM5gL5l/8dMARrGfQ7qLB54x7kQRG6HCQmAnQr3t6HWU5bTKL1NKbb4HlqUai11k4/yAAPu8JrJjvDkIcNXILKQkN8wNQYZE91ALo/EsvnFO57+ev9jy1bYfkJkwp+qbirh7w/150qGZpADIWU4u8sirPofqj0aTZQI/53iPiuvhV8B50ZATCL8So3dFV8iQjfHp4jJdjoc6HatQMfuAsSi4PUBDv9Deh7NXRdfjXGwjvDZj03EnTty13qUE/caYxKKcUwbxzlmxLU/BxWL4/Zn6/MK9fCjcT4EBvSQQPNvYgmLUZrAEzL46X4sO7dKaZxvEelHzO2SeNbeW9fYUqL2tQ4ChnC46oKvIF+XT5xfGS1er7Mske6Y2JVs7loOMNpDfzIHZEWNA3iSmFGnhGU51itsWP3DmJAE+/dVRA/lkPiQmP/XofZtuLPyY3JKD/CHmKMvkuDrB+Q6ZZjUONfH7KZcTrBPM0RcNze2xJEk8xjUtL6XQm5tUYyy2RDYl7yVPDn5a1olgATkv+4BroxOLBpQ0HkQpnsj549sa+40IEMOZUDNoExjvs6ukEgax4/Fi8slTc++vRCv7kyMGl6DeFV3oAVzvkTK/vQfG0C8yXwuYG9wN9Ihn9GSgPejXBb4uxuZoFpa0/BfJBa5xYM1c+ewf7qIQA5I0Tnm3W9YXqZ6XHK+TaduqJ6xQcD9MrD79sJpeR7GoMIi7vHGEJU8ZN8AGX1/qpM5dwbB4CfgYk0AQauHhdaVzgYym2AueywyUaaRzit2dn9oIvDfksHqXV+QVfXXBuLbt6x5O7KNGZwuQhaRamPHl/SckxW5Tm+tZjsizs3hB2f+JWCO+BuboxDbO0YfolasX2YUDBfrvtqeCZ/WAt+VQYLJ3fzXtmVafeIWDWmNhi6FfkuZ1gCwmubQzSBMYG4Usc2T6OTUN51cbSx/IGSCIBeJ+goOWCc1hpjyqrvaoH+brTgR0gwbczI5h5ukfi1ZrXuL5Bwqj9mwyK1vkLYBcF2uNL2KDrRTgGBVMbHwc2/5KdCnMTmjmghDtRJxzFkaSsHODjapW8or7wJpMYDDaTLQgGWQ+weUDNrilhWau3HWo2T/V8SlyFRcrGvs2WLhF2o5/4a5lpnZZGcnp22iX5GVU4jBaqraSd9W5DuXIxXGRLCkONrxz82Vw3rzB3hop362O1zSS2ygFLxF/QPk3tspWWNyMMKlXByLne6oqmVRK5etxoNbqYeOiO80fWqXNv7FAG8zjIj+gpQfIQEGQsmpeufKAVgQlczPzglzpR0hcA=,iv:7SuHnThyDeOMpDMZ5/LCiyxsFvzkNwEV8xpL56FI/qw=,tag:4CLUrclfHQU+2M1OxLtw7w==,type:str]
gitlab-key: ENC[AES256_GCM,data:ya9GvFTcPuIGlQ23zrdbfat8JJS4QFiIyvYvHJwQ6xBbLIDMrl17RKtUZAb0p1ZVgMZIrMdI98Dwx5ApLF/cmizeM2nqhFZMUSTK+hTjzKRf6beHJuYKIWexlBHFFhxoMYHpx1Wmf/wlmwcEohkwSG07hyeB7CdRSnClMucv8gl/vtzRZJrKIIdMwFF1opj2ELr+q8a4iKQNFcCbX8TJxBg8UtE9axa4uenZ4XVN5w801tEWrBJjlG6QU/krqFmylOjyXgcUUP4lAyEGRBH8PbgwjKjhJr6wqYuCFO0tkqJcfmd4fZiZOFtrWuuyJ49rDcie3LpR0mK3fZkYm4/Ymt3BDqLP2bTuwKIeCRvr6tKMNv/pXbyQhoVmnE7Ku2qVhUl4R7X5IH6grLlenwJz4rGZgeJz7zHRZsk7mJc+zjtWxewFeKRNMKwD7/es9dPK5lnArXeHi01pFAgkybPG0HYLT0Y89BZcp5/Gg5N5dXyAU86Y4P6SADMD6pzoasrwGK5Pr0Qbxqt0ygyTpajuDalaFtgi2+GdWZC2noiD4ViWDKe5IRSjLr0PPFSBOXXp7PnAKn89mJTlhyuGlY8qc1RI4aipW2K3SO3s2EvPXeN5PT7emWiicG/a7X08OdE4/7zeDbov1RosQj8rHcQt6rUeW5mj1V3sah0x6Z3Vzt9tmsk4vnCmHDp+VHPccH7w1yUilfOufyqgNWIQFtMpOWt0yhOLEbokHtpuN8zXXfzqaCurTS8jIEBgUPnTB5TIf7Sp20a8sy9nSgucRarbpvzxi6MrQXautaB9NjsfuZatJEC0TxzXHO3VMEOihJeZyY2OtDA279hMjYdd8oJjlqS07TrlqKnP71Zo5eJorUjKw2AK49NxzKsRrItvRPS1YhHxQ3Rauu0BQ2ymAy/KZNdnLN+I4F3EERR2PUa8KWnprGOHox3mgqEdwhQOoKM98RiVl12itNb57obtIXejOkAG6tyEyFu6ffL4EAu7ibqrdzsVafWlvWz4H9qtiueyCm0nsMVzsh1pRnJidPG+7kWUIA/wUBF2N8BaNi4WwdQInMSPm9iVYvkkH9OmeX3xS3L61z5Dpok5vwGeNzPEqQrJvRs3fySCFL/UF6N0Y45nEji3sgq9Hg/x/b34UHN23PvzhQZMs0hEpmq5rEkKhfVBNqaF7uykqqt3aWCL+lUdX7PwursWKDbJ6TWFUqy1ahpe3za89QtiW7LZaTw49WwsENRliDa818UGYCAp8+EHCcUR+IguPBPYo+zT6qpieM4P8RZKmfXZGvdsLcgTBpHqLGSWKPD8BYFQeVdWdJOjqEmFtY20eUrLK3sC2ajGRnV0yI2aoxGeTTIKH9Gq5fEhaVCuTuKxfNL/S6BF5fZr8VwRF7qJ4Mi1kRDepe74SPdqo09jHZuytsRkgYZMk8EMoINMSWWRcdWhqEBq5/R7qORkXi0kjsjcCqnuVL7RjJ3cd6XGy/OpdLWz3kSDb2ai58GbJeovPtyTe6gUDbnuPnVN79ChJLGIViQzeg94LZw68b9Jas8CPI5JJxq9FJhNQe6YK/qEsOldfSignQwUhFuijbFvGwxrwTu5cuOHE9r8XM/k2FL2eUL3pxdbmglibuB12IzFFDhRoBtBDI0SY4FlR/4JaT9O81QIQkJzKJTPdTkiNw4rnDFxzZNKvpDMfHSABdm0ODunLVXVCpLhQ9B16zsFj3u5yvWrhpJdu2RisyPLNRSQHY3XWHreCmF3PKw5f3gCktCVraJxf3AZJc5VE37tn/XMU5HWVlIcnxijgBLekL/mijb1Tje+7hFWP+q2jGxnQPR84cQ8mcSVR0mJTPcAMI87jPG85MQl/bjk6cJqJgg0Kzsug086gRZKfbE4p349aPuUTZ2I/dXVft2FLPaPdJg6WrqE5B3LI0e0zo3uM0aNvx0BbRGFsSxNqb/YnL9P3dnCXzpKcFH1tmkfQO0bXR9t6fGLegf8qfUAwn6GEpWC0/ABGVHQ743NGYdNFXaEzQXrKFqbpIkGAl72qz4OP+6Svff3j50t5LGpvavwODzPM8qHvat0GC77H8pDp/NTHAryGM/LNjmBsZ9PdP0zqA/zjtVWnBNE5ExmBatbvTJMb+aPryQtV82gGodbPvYreK3/krGfGnzkmHccOk2YheuG0p5XKuLrm+JNLWO+54Mem/uYu9TLYQ9I9lKAqWlQCOGEEanV5bTsP7oyjEBbvhNzP1IG8GqUSdFpcmSVk33TLrRJQn73A+4TDJUuP1BjU4aJGbMKOXZSELu/+tMgpZHWwJxj5XrEnkdHwHkiVY4EsPizZvifPJJ1te/2Ru2oSdkjbVUTVqjoHq/FJicG+EdCsyXTYvAjGSXapQyM9b7oiYrhojzxSJ2+ck8zOGGxlarjmw/Z7zRzjVg5lHApBvnyFYgruCoUVcojmOfXROs5J+UFTCKMoN6iB9ZXt8YZLB6mb0SS9VD91epo4Ui+oYyB7gKDPpDN3HD5XbXmdTkCVsxCqNYuz5cEsDLpqtH+pZfrDV6qzBIoj+mB+UaC6mjyCF4/0qarGax1VfFJHeWCivLAC+io7TsblEC72bwO2x05PjyhqMlKEGVoPrxLEsq6o/KRqkprYfpkgZEbawmmK8qWqpd/t1OfRbPMYQpBg1zTCmULG5zLQKS7eSHmMMOAbRudud++8ntUKrEmr31rS0A0lZ3YNWshMxhMfYIOdcXWYiSrH88rPnQRFwViRBc6iwXU5u3oUNb9tKamdZYy/nqHIrs33pb1raNiNMyMGUw1CEQDMSnRDFs7Xh9wmO6yKQcAhUok8ym2b3mR+4+7+ZxFarUB8QO8uT31JFRdeUOa42GmRQV0SexpBX/bHXLD0BDtoSa5+wlo2jVjhxMgB9DpSC5VcrCTFHbP543RI2oFkn4MdA2hcd4eh8a0jKCrvfZYXIcxXMVVZq91JdjC97Iy+iMFS3CNH9kaZHd3EE+QoGt75HQDyF8IAoE2J688hnP+3j6NnQ2TV4Sk7oAoZatp7F0L1axy4/zxi19Kyckh1UBw1u2xhDhO9FxEcll6WujMS7TiWsKih2cnT9ggNZuk7gZsYXzK8VS31H8d5r/0VIaA5MwC+UhOdakvnc2RD8D5ghpeuPe07MXpl+drqe1lt1DnF9uSqescjNYx33a+7FL/Xc26+Ywhp8b35r2Gr+ve8utpGZbhzZ7r1NxC9fHk0yNs9UIZEQSSfV63KUX+E/SEuktgQFBJYvKfuClOA/56kC7OCDYTjIEr125mYiSBmsCoDbLtz7dGh0f8Wes7mPu8gLHreuzeUaFC0Yt8uwoTYfEy/2oHtHvzj/LciXkYcqSt4dSkfd9WoAJgUCgPnGEAw41q2Fa2C2aVW0KZpWqgijcQyw2oN+K12xZU0qLXYVUV7J+xoRHcENKmhRROj8yHVwYgyNyuPmg0rkfhx2S83hw+TPt1fwoyNWe+VhA8ZlYABEihN31986XWj5zWqGCNJham8gQx5RcCt+TW1K2T4zYw4XneJHksmaj0GEqdFhKdWfdZ8njrKkMT+Qw1cB4ocGyhr6lAUdvhYSQUaislLp/BsmvQA0g0ENsisP4R0ifzE7MdUYbPA6vw7OeoCfOS3sFio1KhFL6wbVEGn3KhVyGYQlEntYduKPUBag0di8SAxvYTWPZ9VrEAoPVeLiIyQUUaQAxZOByoUVL64aJJOFhJ0Md0lkp4Ioc+EnnbJVmtohWxdcUk9EinhO5hx7UemWkPe7pQ3ufLeDbqW0OpV4n+rGmZXeZjECo7RRnxoQcKfQw6Ii6qU5S8ouLvzKFTuwa0WWoMTQdE9//mIm+uVhbkoZVCTnVkIIxxzNGfpvUq0eNyXa6mh+Mpo2eSBKzfXfbOzKT4sSvQct9QBT1otWn34GScV4k3iLgq1XWonbEBn1juaPTPO/fdLvXJmV7X3xivWmM6zOYQrNecEcf3yFidQe7xdTQ+VGFSeFb90KYuI4ajgdtM5EQ7rxpwcW+7kjAk95DcplizZBHptKvBOrwqxVBZ6NSrYrna3SqsocItUsCGun2ErOXdz5MdLG4U4u5w+L5Cg3IhTEG3Si3HU8o2Ue0fnQA/CsN4VWVPEYYHUNhQ36rA7qhuvuKI3n7dYtqEXUuO5y9169c8AK+efEXFcusack153QM1RoeioGsAt02UXRXKJF8pQKqamt97UmiCjZpTkxQDV/u4zglOcMbH3lY3vJgFZkQ+qEcU+lXGWSyuwWafjeFn2RGg+yjjE1OJcxBGJLxlGuwaqvpfIjtVlQf2fy1qoGxnBhps8vzAi0Zuqeo3b/5oUMhU2K7L8w/+gRXP1nBloA/iGGJL6kjz2YqeBe8jsImX9pt25mjzFx6SQekRL+yXU8wBQzhRNRXmg6gEtDWlMDCKEyGKYe6dk+pFb94Uv7UcavcG7JfFsI6StJYqdnI/FNZrc75w1Sf2/qGCBzPQJpylhSbnFsT9erqclsrirjUX,iv:IKHMuKQt7rsbUfzosTloCS5YF8Xt9RhCaw5qM9wt0HE=,tag:cgMQRQzix3HnO0lEwh4Q2g==,type:str]
sops:
age:
- recipient: age1c8pawdsxptfslgrz2c56s39mrtnjzc5mm3hfzgr2wdwu2v6vfsdsupjsq6
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBvelBDQ2FYR3dvRHl6dUc4
UmwyZXhKL3JyS09JSUxZUFEzdmlTQk4xZFJRCm9vQmlzUzlZelZCWlVTVzJEN3N1
MXV1RGZSTHN2KzBRVDdvQURGTE1PZUUKLS0tIEp6UlZsZlFORUVSb0w0ZERsQ1pB
Szd1TDFqQ016WWd1SFowN0ptcGlyRGcKRH424S/7enLTuACcJyFUdbIgsUl0U/5i
6WRrU0kHesh0gcxU1QMvLKiUZdYwo+pFoDWZiocNUKlEt49isncMrQ==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2026-03-16T08:42:01Z"
mac: ENC[AES256_GCM,data:RbYlNcntZ9k4t469eq5AO4CJQ2zSWetFYz3K14sN4vwAvYgErkvVZSQvzaTPuBpfNCFxTnfSH/d73EZvqTskfBElef6TgPK6EiDV5hMfz5sdnZmc97+le+Uvzs0c6Y38faKfs4ZrqtbMRIH1YuWpnLKfJmfCPIFayeEoockgbTs=,iv:P32AWbPLsV68Ee4G+AiBkDdKHm3vZngtJGz0D+lz58Y=,tag:AQYyAoxY+CpT6GawCQw+xw==,type:str]
unencrypted_suffix: _unencrypted
version: 3.11.0
hosts/server/configuration.nix
+3 -3
View File
@@ -6,7 +6,6 @@
../../nixos/systemd-boot.nix ../../nixos/systemd-boot.nix
../../nixos/users.nix ../../nixos/users.nix
../../nixos/utils.nix ../../nixos/utils.nix
../../nixos/docker.nix
../../nixos/amd-graphics.nix ../../nixos/amd-graphics.nix
# NixOS server modules # NixOS server modules
@@ -16,17 +15,18 @@
../../server-modules/glance ../../server-modules/glance
../../server-modules/adguardhome.nix ../../server-modules/adguardhome.nix
../../server-modules/arr.nix ../../server-modules/arr.nix
# ../../server-modules/eleakxir.nix
../../server-modules/blog.nix ../../server-modules/blog.nix
../../server-modules/awesome-wallpapers.nix ../../server-modules/awesome-wallpapers.nix
../../server-modules/iknowyou.nix
../../server-modules/stirling-pdf.nix ../../server-modules/stirling-pdf.nix
../../server-modules/cyberchef.nix ../../server-modules/cyberchef.nix
../../server-modules/mazanoke.nix ../../server-modules/mazanoke.nix
../../server-modules/nginx.nix ../../server-modules/kernel-hardening.nix
../../server-modules/fail2ban.nix ../../server-modules/fail2ban.nix
../../server-modules/default-creds.nix ../../server-modules/default-creds.nix
../../server-modules/umami.nix ../../server-modules/umami.nix
../../server-modules/gitea.nix ../../server-modules/gitea.nix
../../server-modules/mealie.nix
# You should let those lines as is # You should let those lines as is
./hardware-configuration.nix ./hardware-configuration.nix
hosts/server/flake.nix
+18
View File
@@ -0,0 +1,18 @@
{
inputs,
nixpkgs,
...
}:
nixpkgs.lib.nixosSystem {
modules = [
{_module.args = {inherit inputs;};}
inputs.home-manager.nixosModules.home-manager
inputs.stylix.nixosModules.stylix
inputs.sops-nix.nixosModules.sops
inputs.nixarr.nixosModules.default
# inputs.eleakxir.nixosModules.eleakxir
inputs.nix-index-database.nixosModules.default
inputs.default-creds.nixosModules.default
./configuration.nix
];
}
hosts/server/hardware-configuration.nix
+17 -5
View File
@@ -9,7 +9,14 @@
... ...
}: { }: {
imports = [(modulesPath + "/installer/scan/not-detected.nix")]; imports = [(modulesPath + "/installer/scan/not-detected.nix")];
boot.initrd.availableKernelModules = ["xhci_pci" "ahci" "nvme" "usbhid" "usb_storage" "sd_mod"]; boot.initrd.availableKernelModules = [
"xhci_pci"
"ahci"
"nvme"
"usbhid"
"usb_storage"
"sd_mod"
];
boot.initrd.kernelModules = ["dm-snapshot"]; boot.initrd.kernelModules = ["dm-snapshot"];
boot.kernelModules = ["kvm-amd"]; boot.kernelModules = ["kvm-amd"];
boot.extraModulePackages = []; boot.extraModulePackages = [];
@@ -20,12 +27,18 @@
fileSystems."/boot" = { fileSystems."/boot" = {
device = "/dev/disk/by-uuid/DD15-1125"; device = "/dev/disk/by-uuid/DD15-1125";
fsType = "vfat"; fsType = "vfat";
options = ["fmask=0077" "dmask=0077"]; options = [
"fmask=0077"
"dmask=0077"
];
}; };
fileSystems."/mnt/data" = { fileSystems."/mnt/data" = {
device = "/dev/disk/by-uuid/0b055155-0134-448c-b1ca-e81030ff064e"; device = "/dev/disk/by-uuid/0b055155-0134-448c-b1ca-e81030ff064e";
fsType = "btrfs"; fsType = "btrfs";
options = ["subvol=/" "compress=zstd"]; # adapte selon si t'as des subvolumes options = [
"subvol=/"
"compress=zstd"
]; # adapte selon si t'as des subvolumes
}; };
swapDevices = []; swapDevices = [];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
@@ -35,6 +48,5 @@
networking.useDHCP = lib.mkDefault true; networking.useDHCP = lib.mkDefault true;
# networking.interfaces.enp3s0.useDHCP = lib.mkDefault true; # networking.interfaces.enp3s0.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
hardware.cpu.amd.updateMicrocode = hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
lib.mkDefault config.hardware.enableRedistributableFirmware;
} }
hosts/server/home.nix
+8 -24
View File
@@ -1,8 +1,4 @@
{ {config, ...}: {
pkgs,
config,
...
}: {
imports = [ imports = [
# Mostly user-specific configuration # Mostly user-specific configuration
./variables.nix ./variables.nix
@@ -10,38 +6,26 @@
# Programs # Programs
../../home/programs/nvf ../../home/programs/nvf
../../home/programs/shell ../../home/programs/shell
../../home/programs/fetch
../../home/programs/git ../../home/programs/git
../../home/programs/git/lazygit.nix ../../home/programs/git/lazygit.nix
../../home/programs/nixy ../../home/programs/nixy
../../home/programs/nix-utils ../../home/programs/nix-utils
../../home/programs/group/dev.nix
]; ];
home = { home = {
inherit (config.var) username; inherit (config.var) username;
homeDirectory = "/home/" + config.var.username; homeDirectory = "/home/" + config.var.username;
packages = with pkgs; [
# Dev
go
nodejs
python3
jq
just
pnpm
wireguard-tools
duckdb
# Utils
zip
unzip
btop
fastfetch
];
# Don't touch this # Don't touch this
stateVersion = "24.05"; stateVersion = "24.05";
}; };
programs.home-manager.enable = true; programs.home-manager.enable = true;
programs.nixy = {
enable = true;
configDirectory = config.var.configDirectory;
};
} }
hosts/server/secrets/default.nix
+4 -1
View File
@@ -26,5 +26,8 @@
}; };
}; };
environment.systemPackages = with pkgs; [sops age]; environment.systemPackages = with pkgs; [
sops
age
];
} }
hosts/server/secrets/secrets.yaml
+4 -4
View File
@@ -1,7 +1,7 @@
umami-secret: ENC[AES256_GCM,data:tImpd4sD92Omf/YFB8YE4gxAu+g801wQNR+k5rhY6AbzIIYOzpVmQL4XGjfp9Teky3olii4s3XTcmTyuMoxMWg==,iv:QFAEzYnAnxOOtrHWiM2IkvSs0Aqk3s1T5X7j5WC+tO8=,tag:FIbgHLfRVMJ2qZ6dOJ8zLw==,type:str] umami-secret: ENC[AES256_GCM,data:tImpd4sD92Omf/YFB8YE4gxAu+g801wQNR+k5rhY6AbzIIYOzpVmQL4XGjfp9Teky3olii4s3XTcmTyuMoxMWg==,iv:QFAEzYnAnxOOtrHWiM2IkvSs0Aqk3s1T5X7j5WC+tO8=,tag:FIbgHLfRVMJ2qZ6dOJ8zLw==,type:str]
sshconfig: ENC[AES256_GCM,data:R54HVxqAyj9yGO/AYL8p6cnXgYxkQKW9XveHlBMTnDXBJ7r/4HgnefdymprnXmdlbNWcWrRqmaLEuzJs/0BfixXfMvmGTUrmJ0ASVuDrz9k6rOLADAKFikQh0dib7NU4JmPgmUzMncXc2WuCd3BCG3kwBQ==,iv:Ro9FA+MzTAp+ERQMT88z8ioCox/dTj2vWcqCDOSLag4=,tag:5XiXIyz5/pjGFOB5ZjdOVg==,type:str] sshconfig: ENC[AES256_GCM,data:R54HVxqAyj9yGO/AYL8p6cnXgYxkQKW9XveHlBMTnDXBJ7r/4HgnefdymprnXmdlbNWcWrRqmaLEuzJs/0BfixXfMvmGTUrmJ0ASVuDrz9k6rOLADAKFikQh0dib7NU4JmPgmUzMncXc2WuCd3BCG3kwBQ==,iv:Ro9FA+MzTAp+ERQMT88z8ioCox/dTj2vWcqCDOSLag4=,tag:5XiXIyz5/pjGFOB5ZjdOVg==,type:str]
github-key: ENC[AES256_GCM,data:NRYhcBIwGJEV13+YECLR+2IErsn/7clbnkx0Mltr7dQajSb5WHZ3QDH0KQPylEHhplE5IVS0h4I0z+Pb1B0UteCxFmJ5wZq+2BKZkvE7G3dojqBpgHcVqJV2GLEJkRjlHfRgsbq/OBe8xcsPh20P1KUyP0WIwVbpt+9dFWGxEGYkp2uSyuBIJ98kElt0zuVgl7WcYoDO7v5WmGzZfla+yZwURvMk8zcM3gopo+4KL6YnYUs+UA3VlBBn6VK4Nvbqy6X0R0+ZA5HHAXg+OFgGmfWnENZmsyQJHXEchGGgEldzThkQ4r8yMkgN/ax+AGouLyzbITapGE4sE11FFgL6Hmp4pSXxl3UAGF+cvV5pIujbb28CXmSPRMyYpoNxI93PSYz/txAzE6Cr2dgwxR4zpMelv4i6IaGnY8NgpY8jp2Y6C0uuJxJCN0RtnjQw1rM2uRnm7vMGyU7XXz9DEVfGnYpTWnykXsEjHE5DVGy80ejYQlc6dtmf3vdTWpt+YYdCPw8/cd0PIx2D6geh1c28,iv:wl+RG24mXYMklD8CBGXVD36DMhlWT/7zh8ZMvr7vgOk=,tag:OJhqF8PoXotr7IsyFW6q1g==,type:str] github-key: ENC[AES256_GCM,data:NRYhcBIwGJEV13+YECLR+2IErsn/7clbnkx0Mltr7dQajSb5WHZ3QDH0KQPylEHhplE5IVS0h4I0z+Pb1B0UteCxFmJ5wZq+2BKZkvE7G3dojqBpgHcVqJV2GLEJkRjlHfRgsbq/OBe8xcsPh20P1KUyP0WIwVbpt+9dFWGxEGYkp2uSyuBIJ98kElt0zuVgl7WcYoDO7v5WmGzZfla+yZwURvMk8zcM3gopo+4KL6YnYUs+UA3VlBBn6VK4Nvbqy6X0R0+ZA5HHAXg+OFgGmfWnENZmsyQJHXEchGGgEldzThkQ4r8yMkgN/ax+AGouLyzbITapGE4sE11FFgL6Hmp4pSXxl3UAGF+cvV5pIujbb28CXmSPRMyYpoNxI93PSYz/txAzE6Cr2dgwxR4zpMelv4i6IaGnY8NgpY8jp2Y6C0uuJxJCN0RtnjQw1rM2uRnm7vMGyU7XXz9DEVfGnYpTWnykXsEjHE5DVGy80ejYQlc6dtmf3vdTWpt+YYdCPw8/cd0PIx2D6geh1c28,iv:wl+RG24mXYMklD8CBGXVD36DMhlWT/7zh8ZMvr7vgOk=,tag:OJhqF8PoXotr7IsyFW6q1g==,type:str]
adguard-pwd: ENC[AES256_GCM,data:dOFEyLRG3yG9h74J,iv:S/TpCjqakvK5NgSzDukDyI58Y6SLl7NkuutUOY/SrY8=,tag:I9Rv3XYBG8T492ozHoCOWQ==,type:str] adguard-pwd: ENC[AES256_GCM,data:CAmZFpKN6FFRlCk=,iv:cz45T/z2ZYHNC46FNVp2YHmdhXD4ERhM31+Jo+9PkSk=,tag:GTUvzkYSP4flXs/HUNGYhw==,type:str]
recyclarr: ENC[AES256_GCM,data:eJNbGHb4SZvbF7FAHMrpRynmpVyPiTpyZqNx40Fo+lanqdm7d7oRhkLD2PfqxpTcIyV6BxJk12wGUC0uWVuAihmToL/Ih2FJWIQFUOdbaov/xNWHE9mtoRX/A3gIwD8e3DoFMK/dAk2/TyvvAfxi2eYTDJvxecEttHQGxafq1jveHFDcC9e1aFk3M8O8YlX5yF3zl90mugsUVP+iaSURnY/nglZuEDzfJ6Edge7r5OSL6WYh3OUIu1yzuuKXRZ47B/gpXO/cP89JMmxdPj3FUJkk7Htf0s9ALzpVE9fRohDGcpPIkR6COCLTL+mqvVmyopA1zPoX8/X8eiuocpaT3vqJit7Bc6InzflY/5rlg1x0SyoXWQfEsperfNBeiZGngp382I7rrZ8QSwF4AIsmngNeyDRAnfasAU5OVwK+yPIVhRueEFLNrJPG3j2hpArlzpvY2EPBVJDrYwFslis8CASoUdvu6C7VxtJXFcOZR8QemwJarJFU7v1bVhQoIkarn3V7FfAXg/8RfYrn9HAIq5AiFFbQRNHWXzIceIgNKQFb5yfagtMtMq6XKhjsV07jeYt9X/YU80XRfkPm05yiLdLQHcDNmlB3R+SFPD7qjTE7LuSH1Kdc3DvxwrKfHJLsJ+nSIL1po8gDMW8BPc0g4n4dpQ6CFK5BaDFK4eovNpgAXoRC9orkGw/16YmMozp6J78VJLzu3jcYMFbySFznDUuWcFf/7dVV+7pLAj2ffWXzScLISRBhZ9RNUMaZAKAk7WTmxBhw0yzNiih8OFUkbpp1FFLuU0bnBY0iEz+8/OSwv8H7t0HYe29HO61p1huH34B/ZkPA5VLKivFh2mOPNzbvMqtIAkq1ro82Psvc6t88gVIc+VAOZ9zDLohp0FXrNVXwnrs7fxevQa0pUClDivO1ib5G4Znor7q+13jZglmh3G7nHiniO607dRoxszzVEQdTn8ku3XAfIPStsSfQwH46nXhr2kDkspcA7BqwJph0dsKKlfzf22C0OJkDY0L1DgKFvJRmmKAhOdB6XxXYwS+BcDT+8ugejTKpulyPSsbdb0m9p9lVAVu0GMxFEbUsuE+QHiAAP5Vle7swpl4h3i8uHSfKFra3qEswwRnPAHhPSdLSaSU6O6T5gN/b0hhO6dAiNR0UOkOG59fPasL0MRpeb3SkM4Nd6g5b/hY8dXaXR7pQHvh+4GmfJFWYaWm/cZ8k9JAYAw9Sn/spWnjRmpv9bnSxADGbkdV8NDHquDDDFVIIoDnWhQJpqrL61KZITx2Ete1SYdNiy++p3mOYisJgHDsRR1RNQNxhRW4EY8c5nCzgc8x+rU432pCOfMbAuGEfQXMwMGFGeoUg6EL5xEyUEJ/aqymxI+Vjk8h7KfDnOyyL/+1BKEd/GccrjeQfeZGRLI0Tu5gVgL6twc+u4av6inNMMhPFzZuVrfeo6bip5C8R0dK6Pbdz2L/fsgn3E4NNi14NM/DgLLhJRLvKQdCQx+BT+3soNRw5htTzuNS48MD2YDwZYvNfu6mo0r4j4I7Tj8zuCjddbGVa2/5XnhcfdUBx1VOd90H1RKkk8kgSoR0bgo7mLls=,iv:HT3a2YnFy0cF9qUO671kwqxuzFfNnfqynCUVGHf+3dM=,tag:nrA++7fsnc4Cx0OPSDKaRw==,type:str] recyclarr: ENC[AES256_GCM,data:eJNbGHb4SZvbF7FAHMrpRynmpVyPiTpyZqNx40Fo+lanqdm7d7oRhkLD2PfqxpTcIyV6BxJk12wGUC0uWVuAihmToL/Ih2FJWIQFUOdbaov/xNWHE9mtoRX/A3gIwD8e3DoFMK/dAk2/TyvvAfxi2eYTDJvxecEttHQGxafq1jveHFDcC9e1aFk3M8O8YlX5yF3zl90mugsUVP+iaSURnY/nglZuEDzfJ6Edge7r5OSL6WYh3OUIu1yzuuKXRZ47B/gpXO/cP89JMmxdPj3FUJkk7Htf0s9ALzpVE9fRohDGcpPIkR6COCLTL+mqvVmyopA1zPoX8/X8eiuocpaT3vqJit7Bc6InzflY/5rlg1x0SyoXWQfEsperfNBeiZGngp382I7rrZ8QSwF4AIsmngNeyDRAnfasAU5OVwK+yPIVhRueEFLNrJPG3j2hpArlzpvY2EPBVJDrYwFslis8CASoUdvu6C7VxtJXFcOZR8QemwJarJFU7v1bVhQoIkarn3V7FfAXg/8RfYrn9HAIq5AiFFbQRNHWXzIceIgNKQFb5yfagtMtMq6XKhjsV07jeYt9X/YU80XRfkPm05yiLdLQHcDNmlB3R+SFPD7qjTE7LuSH1Kdc3DvxwrKfHJLsJ+nSIL1po8gDMW8BPc0g4n4dpQ6CFK5BaDFK4eovNpgAXoRC9orkGw/16YmMozp6J78VJLzu3jcYMFbySFznDUuWcFf/7dVV+7pLAj2ffWXzScLISRBhZ9RNUMaZAKAk7WTmxBhw0yzNiih8OFUkbpp1FFLuU0bnBY0iEz+8/OSwv8H7t0HYe29HO61p1huH34B/ZkPA5VLKivFh2mOPNzbvMqtIAkq1ro82Psvc6t88gVIc+VAOZ9zDLohp0FXrNVXwnrs7fxevQa0pUClDivO1ib5G4Znor7q+13jZglmh3G7nHiniO607dRoxszzVEQdTn8ku3XAfIPStsSfQwH46nXhr2kDkspcA7BqwJph0dsKKlfzf22C0OJkDY0L1DgKFvJRmmKAhOdB6XxXYwS+BcDT+8ugejTKpulyPSsbdb0m9p9lVAVu0GMxFEbUsuE+QHiAAP5Vle7swpl4h3i8uHSfKFra3qEswwRnPAHhPSdLSaSU6O6T5gN/b0hhO6dAiNR0UOkOG59fPasL0MRpeb3SkM4Nd6g5b/hY8dXaXR7pQHvh+4GmfJFWYaWm/cZ8k9JAYAw9Sn/spWnjRmpv9bnSxADGbkdV8NDHquDDDFVIIoDnWhQJpqrL61KZITx2Ete1SYdNiy++p3mOYisJgHDsRR1RNQNxhRW4EY8c5nCzgc8x+rU432pCOfMbAuGEfQXMwMGFGeoUg6EL5xEyUEJ/aqymxI+Vjk8h7KfDnOyyL/+1BKEd/GccrjeQfeZGRLI0Tu5gVgL6twc+u4av6inNMMhPFzZuVrfeo6bip5C8R0dK6Pbdz2L/fsgn3E4NNi14NM/DgLLhJRLvKQdCQx+BT+3soNRw5htTzuNS48MD2YDwZYvNfu6mo0r4j4I7Tj8zuCjddbGVa2/5XnhcfdUBx1VOd90H1RKkk8kgSoR0bgo7mLls=,iv:HT3a2YnFy0cF9qUO671kwqxuzFfNnfqynCUVGHf+3dM=,tag:nrA++7fsnc4Cx0OPSDKaRw==,type:str]
wireguard-pia: ENC[AES256_GCM,data:2IvJARGhesMuH9RdWzsyrwA7eqrhLyacQqZ1RNEkGOPUkQGX4uimKBSzkxXRy/haZ4V2k73JdLSaB9rAuI0n65GmWHmarwZekOyhRZSNb+zvFgw5BPZmywG1wR2HiTGR/qILovAaz47q/VnohUnjbbMCUvarC4PytWGxMUH96GIgZar8HjHFtK8grCSxlvpHKiDeKx8VSXnY/Pxj1EplBtIqwmtAeZdf/VjtwOL0nY54doPwHdIAvJ0B8Cu0a1zJIGEbV1NlKIHEJ1YA7rmv1ODkBnbXbIHMxAR3jeqR/UDqhDmXe41KujhiJI7nNeO7FKo2v92jK3fSbxYKatLrzXktHpE9JsMYVBXzTK7yAXPgoDdgLXzWH0OrJGBSisPrvqmxUko7MPreuwVYfFlKpll6JLifk8sML4A+94UPR8b89guXn7kBkLg1Y1oIAyguCdKpNOD31nXBMFF0nTcmCwyshDySaGTfJDgox65/77AiN1wH,iv:cdu6lBjLnEEfSFmWMC4Vn2sLKsvpCaatzXlgRNkEMeA=,tag:y1rAeNPB+DNGTpnP94iQrA==,type:str] wireguard-pia: ENC[AES256_GCM,data:2IvJARGhesMuH9RdWzsyrwA7eqrhLyacQqZ1RNEkGOPUkQGX4uimKBSzkxXRy/haZ4V2k73JdLSaB9rAuI0n65GmWHmarwZekOyhRZSNb+zvFgw5BPZmywG1wR2HiTGR/qILovAaz47q/VnohUnjbbMCUvarC4PytWGxMUH96GIgZar8HjHFtK8grCSxlvpHKiDeKx8VSXnY/Pxj1EplBtIqwmtAeZdf/VjtwOL0nY54doPwHdIAvJ0B8Cu0a1zJIGEbV1NlKIHEJ1YA7rmv1ODkBnbXbIHMxAR3jeqR/UDqhDmXe41KujhiJI7nNeO7FKo2v92jK3fSbxYKatLrzXktHpE9JsMYVBXzTK7yAXPgoDdgLXzWH0OrJGBSisPrvqmxUko7MPreuwVYfFlKpll6JLifk8sML4A+94UPR8b89guXn7kBkLg1Y1oIAyguCdKpNOD31nXBMFF0nTcmCwyshDySaGTfJDgox65/77AiN1wH,iv:cdu6lBjLnEEfSFmWMC4Vn2sLKsvpCaatzXlgRNkEMeA=,tag:y1rAeNPB+DNGTpnP94iQrA==,type:str]
signing-key: ENC[AES256_GCM,data:FrJzuTgH/ooZkcnYL55uQcc4u+QzNnFvNVs2wDSE4nnwku+EuCJBlb8pd/6W0KPwIXzcki/8CY0YfRcRrzjExMgMa4hwxrlxS9bk3LNPzJsrRK5RJgPg3iA8L791f1zcDxNf8RuWatIqm1TCK+Vhdk/p+221zy1Gcq1dW8X+o4XzbPBzHdLagcIdB0wpjYTtIoGP2X8GoL/NJpuzIiQBK1HdGNKvUI2+ztqCQZOsxm+Fki57NteX3/Llw8AwABjdZvviOBZ62OvJ/SsOQ9NYAvKfAkog5zCn8DLvaqAPGSxRBQEYWM8GyL2imgs54YfEsOpGa4DzMiv4Sc5m398E/asaPq357eksUqh3EYpzoKZ5bIbd5+Vs3KBWKHltUCzXLHaLrIX0CuJFQFi7DCxEbYqlb04x5t3jc/c+/7uwqBHv1Y5gwAjd8JswDWmE7Q3xSk96Za57SCxWPYTo2ErsA2XdL+yxXdhmqkhDZKtUzrcHExhnYe7YLpSlBEclJ/G2BeTOFIWoAmN+1y4rh21R,iv:VaZrv5/41ZyIax702Yae4QmFKpcEaWwPmTo2Mxao3bU=,tag:HC0eqDNit7jQKeeDAKWXKg==,type:str] signing-key: ENC[AES256_GCM,data:FrJzuTgH/ooZkcnYL55uQcc4u+QzNnFvNVs2wDSE4nnwku+EuCJBlb8pd/6W0KPwIXzcki/8CY0YfRcRrzjExMgMa4hwxrlxS9bk3LNPzJsrRK5RJgPg3iA8L791f1zcDxNf8RuWatIqm1TCK+Vhdk/p+221zy1Gcq1dW8X+o4XzbPBzHdLagcIdB0wpjYTtIoGP2X8GoL/NJpuzIiQBK1HdGNKvUI2+ztqCQZOsxm+Fki57NteX3/Llw8AwABjdZvviOBZ62OvJ/SsOQ9NYAvKfAkog5zCn8DLvaqAPGSxRBQEYWM8GyL2imgs54YfEsOpGa4DzMiv4Sc5m398E/asaPq357eksUqh3EYpzoKZ5bIbd5+Vs3KBWKHltUCzXLHaLrIX0CuJFQFi7DCxEbYqlb04x5t3jc/c+/7uwqBHv1Y5gwAjd8JswDWmE7Q3xSk96Za57SCxWPYTo2ErsA2XdL+yxXdhmqkhDZKtUzrcHExhnYe7YLpSlBEclJ/G2BeTOFIWoAmN+1y4rh21R,iv:VaZrv5/41ZyIax702Yae4QmFKpcEaWwPmTo2Mxao3bU=,tag:HC0eqDNit7jQKeeDAKWXKg==,type:str]
@@ -18,7 +18,7 @@ sops:
TEc5d01RaVFGNXc3dlljM0FTTHpENjQKOqwI+pl8UxVIVl43glnOYvW660/PsDGY TEc5d01RaVFGNXc3dlljM0FTTHpENjQKOqwI+pl8UxVIVl43glnOYvW660/PsDGY
yefODJGVtHrOm3yeXC2xlTi3sFW+c5wUl2yPqddbvcBt5Ud/yd4iXQ== yefODJGVtHrOm3yeXC2xlTi3sFW+c5wUl2yPqddbvcBt5Ud/yd4iXQ==
-----END AGE ENCRYPTED FILE----- -----END AGE ENCRYPTED FILE-----
lastmodified: "2026-03-25T19:14:13Z" lastmodified: "2026-04-12T18:24:10Z"
mac: ENC[AES256_GCM,data:x1OqP6JxTExZm+J75hbLsbZ3X2/WO/ncAF0U+vvI7da+ft+yjT7zf7+nGlaTL3Aus1QBrDBI0WElyemILsRlLZ6dN5tZNBPivsec1HCoJ9wb5hKtM3poZiQWYZDyFUqbFvBiXShJZI8gC7wPKxkycPe8IFLzpJhf2B/WPCBKjUc=,iv:oUZb8hZkEX3APUMllJEZ6c1wdVUJaOuZT4M7ZjW1bZY=,tag:sF/gB8qizWJRliR8PWAoMA==,type:str] mac: ENC[AES256_GCM,data:D7gWC1fxZkpG8dCr7aWhcyLT92NK1OefS4SIAq5ZImMYRJzzvhXtyJM9tzUYVWPU0ojhgOJyawlWEFk1P/DWjOrafBsBHdxUl5FtZrRb4Z/rquODhR8OT8UYFVKyAmjSfomUEDzYetJdXdAxhX3eNlT+eKI51IjqD9y1dYqcjMw=,iv:ZPIkMf/fUETeUYQdqu4TpS/ZE752079jIW9BlehhWlw=,tag:Z3i/Zc0zkEF5rsNnkmUB9A==,type:str]
unencrypted_suffix: _unencrypted unencrypted_suffix: _unencrypted
version: 3.12.1 version: 3.12.2
hosts/server/variables.nix
+2 -4
View File
@@ -11,10 +11,7 @@
config.var = { config.var = {
hostname = "jack"; hostname = "jack";
username = "hadi"; username = "hadi";
configDirectory = configDirectory = "/home/" + config.var.username + "/.config/nixos"; # The path of the nixos configuration directory
"/home/"
+ config.var.username
+ "/.config/nixos"; # The path of the nixos configuration directory
keyboardLayout = "fr"; keyboardLayout = "fr";
@@ -33,6 +30,7 @@
domain = "hadi.icu"; domain = "hadi.icu";
tunnelId = "a1dfa315-7fc3-4a65-8c02-8387932c35c3"; tunnelId = "a1dfa315-7fc3-4a65-8c02-8387932c35c3";
networkInterface = "enp3s0";
}; };
# Let this here # Let this here
hosts/work/configuration.nix
+43
View File
@@ -0,0 +1,43 @@
{
config,
lib,
...
}: {
imports = [
# Mostly system related configuration
../../nixos/audio.nix
../../nixos/bluetooth.nix
../../nixos/fonts.nix
../../nixos/home-manager.nix
../../nixos/nix.nix
../../nixos/systemd-boot.nix
../../nixos/sddm.nix
../../nixos/usbguard.nix
../../nixos/users.nix
../../nixos/utils.nix
../../nixos/hyprland.nix
# You should let those lines as is
./hardware-configuration.nix
./variables.nix
];
home-manager.users."${config.var.username}" = import ./home.nix;
# USBGuard:
# Allow all USB devices until a proper policy is configured.
# Run `sudo usbguard generate-policy` with your devices plugged in,
# then set rules = "<output>" and switch implicitPolicyTarget to "block".
# services.usbguard.implicitPolicyTarget = lib.mkForce "allow";
services.usbguard.rules = ''
allow id 1d6b:0002 serial "0000:00:14.0" name "xHCI Host Controller" hash "jEP/6WzviqdJ5VSeTUY8PatCNBKeaREvo2OqdplND/o=" parent-hash "rV9bfLq7c2eA4tYjVjwO4bxhm+y6GgZpl9J60L0fBkY=" with-interface 09:00:00 with-connect-type ""
allow id 1d6b:0003 serial "0000:00:14.0" name "xHCI Host Controller" hash "prM+Jby/bFHCn2lNjQdAMbgc6tse3xVx+hZwjOPHSdQ=" parent-hash "rV9bfLq7c2eA4tYjVjwO4bxhm+y6GgZpl9J60L0fBkY=" with-interface 09:00:00 with-connect-type ""
allow id 17ef:608d serial "" name "Lenovo USB Optical Mouse" hash "klpDZuv1jhWGNqZLOl+KXF+75Ir3PfBm6D6ncjoLRBU=" parent-hash "jEP/6WzviqdJ5VSeTUY8PatCNBKeaREvo2OqdplND/o=" via-port "1-7" with-interface 03:01:02 with-connect-type "hotplug"
allow id 17ef:6190 serial "" name "Lenovo Calliope USB Keyboard G2" hash "CfZ9R/aoXGm7BN/ojVEzKQwVoxCUtRWMuACrE7BL/5Y=" parent-hash "jEP/6WzviqdJ5VSeTUY8PatCNBKeaREvo2OqdplND/o=" via-port "1-10" with-interface { 03:01:01 03:00:00 } with-connect-type "hotplug"
'';
networking.firewall.allowedTCPPorts = [9001];
# Don't touch this
system.stateVersion = "24.05";
}
hosts/work/flake.nix
+17
View File
@@ -0,0 +1,17 @@
{
inputs,
nixpkgs,
...
}:
nixpkgs.lib.nixosSystem {
modules = [
{
nixpkgs.overlays = [];
_module.args = {inherit inputs;};
}
inputs.home-manager.nixosModules.home-manager
inputs.stylix.nixosModules.stylix
inputs.nix-index-database.nixosModules.default
./configuration.nix
];
}
hosts/work/hardware-configuration.nix
+45
View File
@@ -0,0 +1,45 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{
config,
lib,
pkgs,
modulesPath,
...
}: {
imports = [
(modulesPath + "/installer/scan/not-detected.nix")
];
boot.initrd.availableKernelModules = [
"xhci_pci"
"ahci"
"nvme"
"usb_storage"
"usbhid"
"sd_mod"
];
boot.initrd.kernelModules = [];
boot.kernelModules = ["kvm-intel"];
boot.extraModulePackages = [];
fileSystems."/" = {
device = "/dev/disk/by-uuid/5dbf85d3-d236-4af8-b489-d6066bfe1eb7";
fsType = "ext4";
};
fileSystems."/boot" = {
device = "/dev/disk/by-uuid/043E-1755";
fsType = "vfat";
options = [
"fmask=0077"
"dmask=0077"
];
};
swapDevices = [];
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
}
hosts/pph/home.nix → hosts/work/home.nix
+21 -46
View File
@@ -1,25 +1,25 @@
{ {config, ...}: {
pkgs,
config,
...
}: {
imports = [ imports = [
# Programs # Programs
../../home/programs/brave ../../home/programs/brave
../../home/programs/proton
../../home/programs/ghostty ../../home/programs/ghostty
../../home/programs/nvf ../../home/programs/nvf
../../home/programs/shell ../../home/programs/shell
../../home/programs/fetch
../../home/programs/git ../../home/programs/git
../../home/programs/git/lazygit.nix ../../home/programs/git/lazygit.nix
../../home/programs/spicetify
../../home/programs/thunar ../../home/programs/thunar
../../home/programs/nixy ../../home/programs/nixy
../../home/programs/zathura
../../home/programs/nightshift ../../home/programs/nightshift
../../home/programs/group/cybersecurity.nix ../../home/programs/qutebrowser
../../home/programs/proton
../../home/programs/nix-utils ../../home/programs/nix-utils
../../home/programs/group/basic-apps.nix
../../home/programs/group/cybersecurity.nix
../../home/programs/group/dev.nix
../../home/programs/group/misc.nix
# System (Desktop environment like stuff) # System (Desktop environment like stuff)
../../home/system/hyprland ../../home/system/hyprland
../../home/system/caelestia-shell ../../home/system/caelestia-shell
@@ -28,45 +28,10 @@
../../home/system/udiskie ../../home/system/udiskie
./variables.nix # Mostly user-specific configuration ./variables.nix # Mostly user-specific configuration
./secrets ./secrets # CHANGEME: You should probably remove this line, this is where I store my secrets
]; ];
home = { home = {
packages = with pkgs; [
# Apps
vlc # Video player
blanket # White-noise app
obsidian # Note taking app
textpieces # Manipulate texts
resources # Ressource monitor
gnome-clocks # Clocks app
gnome-text-editor # Basic graphic text editor
mpv # Video player
swappy # Screenshot tool
pinta # Image editor
libreoffice
notesnook
# Dev
go
bun
docker
nodejs
python3
jq
just
air
duckdb
lazydocker
# Just cool
peaclock
cbonsai
pipes
cmatrix
fastfetch
];
inherit (config.var) username; inherit (config.var) username;
homeDirectory = "/home/" + config.var.username; homeDirectory = "/home/" + config.var.username;
@@ -74,5 +39,15 @@
stateVersion = "24.05"; stateVersion = "24.05";
}; };
programs.home-manager.enable = true; wayland.windowManager.hyprland.settings.monitor = [
"desc:Philips Consumer Electronics Company PHL 221B8L ZV02144013987,highres,0x0,1"
];
programs = {
home-manager.enable = true;
nixy = {
enable = true;
configDirectory = config.var.configDirectory;
};
};
} }
hosts/pph/secrets/default.nix → hosts/work/secrets/default.nix
+23 -8
View File
@@ -1,19 +1,31 @@
# Those are my secrets, encrypted with sops # Those are my secrets, encrypted with sops
# You shouldn't import this file, unless you edit it # You shouldn't import this file, unless you edit it
{ {
pkgs,
inputs, inputs,
pkgs,
config,
... ...
}: { }: let
home = config.home.homeDirectory;
in {
imports = [inputs.sops-nix.homeManagerModules.sops]; imports = [inputs.sops-nix.homeManagerModules.sops];
sops = { sops = {
age.keyFile = "/home/hadrien/.config/sops/age/keys.txt"; age.keyFile = "${home}/.config/sops/age/keys.txt";
defaultSopsFile = ./secrets.yaml; defaultSopsFile = ./secrets.yaml;
secrets = { secrets = {
ssh-config = {path = "/home/hadrien/.ssh/config";}; ssh-config = {
github-key = {path = "/home/hadrien/.ssh/github";}; path = "${home}/.ssh/config";
gitlab-key = {path = "/home/hadrien/.ssh/gitlab";}; };
netrc = {
path = "${home}/.netrc";
};
github-key = {
path = "${home}/.ssh/github";
};
gitlab-key = {
path = "${home}/.ssh/gitlab";
};
}; };
}; };
@@ -30,14 +42,17 @@
key_groups: key_groups:
- age: - age:
- *primary - *primary
- path_regex: hosts/pph/secrets/secrets.yaml$ - path_regex: hosts/work/secrets/secrets.yaml$
key_groups: key_groups:
- age: - age:
- *work - *work
''; '';
systemd.user.services.mbsync.Unit.After = ["sops-nix.service"]; systemd.user.services.mbsync.Unit.After = ["sops-nix.service"];
home.packages = with pkgs; [sops age]; home.packages = with pkgs; [
sops
age
];
wayland.windowManager.hyprland.settings.exec-once = ["systemctl --user start sops-nix"]; wayland.windowManager.hyprland.settings.exec-once = ["systemctl --user start sops-nix"];
} }
hosts/work/secrets/secrets.yaml
+19
View File
@@ -0,0 +1,19 @@
ssh-config: ENC[AES256_GCM,data:npBcAOSwHpApUASlZmRo4stwMrOjdrdmhfYwumjbTpcq8aQ2ybV8le7cjNdVqIyxgwxUFV4/tGfmsq4nlrWIO/85spwfC5DyPGaZ848NI3UZJj8k2GKuw5qk/xGsTveNhq+vNZQcHeL4aeXF2TRmFLDHYGTku9anFL7FWkQ75MmGW78XfPUEyZJ52ylXq3gkYeVSrl6cXuwJw/QBlu+XTgFk4MM+E5BTXBFFNJOYkIt4GwWX7wdI+QqPEof8J0ENYdxUAMKMueL4pLNclWP0fu7QC7gwwRJWjauCNElJiDhpVFa6WukJV/Ut+I30FH9cJtj0rSodeu0hq2fWaiQ0wVbQudxi0JcnxJQs+B9nb6kpF+TN0MiD,iv:c7DMZSmlgMMnNlR0/kNRKPYjCzvNQJ46mZzojHppSg8=,tag:ausjsFk0H9nOiiMebHXSUg==,type:str]
netrc: ENC[AES256_GCM,data:EOpuZhDVXe7Q4P/98C3gtEvkdawI26d4oX/wRNytyp/mAdkHytXiLpFdsuO/3DADOG8h1CCo1UTs9ex+bqoD/LdChdp7INfNDSQ+aDxTiG0rLBgjvy8TIj8=,iv:tc/RbN1Upbjv+3rU5zUR3P//a1Hj1xODInLMShg4i1Y=,tag:7E9G2g4g+eMeJrwI20R/1g==,type:str]
github-key: ENC[AES256_GCM,data:LRgJxUcKvLiqVJ3acz88oGp5qmvbo7QiyTbcft3YwZr+84CLbty9GCMrryJ8DFnP8GCGh+cCQxyvk/n/hA71qz7WZ6vIWbTN2byP0LHwDtQpugYOQi9z1Q04hQU3DYnsqKS8hu6bnUV/SzrDpAOXugyMGZL5dITitidgEsVG5PxB+bzTZGhg7EOcZISz955AEtD+bGedvxaryEcMYPTZwRHYPl2+wvKKIbeZMiup6i0BCCYktUUIb3qSBawbknZ9nfbQFODkZbNuEEhyU2MITz2ajQEx8AjE4eUutjBBQpJsesIhiAyq5H1AmJDzesC4iccFUpTVHFWf20clPX9QTH5njqbJ+aw1hIzU2ljK3vou1eZfoZ5HCdV3+tuQTJGYcfFY29/PaN4sENPhgbYm0p9Ui4UlMbte3FfmhSqdMzIc8jIB8dPMtoUM/NTjxof/dVu/TPMBTqnJplzNgvH1r2UcPToiAVfWj96tXsr2ESZfE9q9oQh9EGMcyGpXxq06Gni4tOnXDaF3oHyWAiJ6jP/wrYag5/67m4DwpFEymg+/ROKcy2ou3MYA+748ocKYFRoOVfY+SwcM4bxl6smstsRZW8SoDo6O9ikZII51LIN7X/6sQ0L+dgsBTT75zm8DOAFx2tnVgSPN8HYsd2tyHA3L6pYxAAGmY6lSGJfgmYP8hForSuZgCSxWhlwPHLLrU14A2wOFw+X5b4Zgy2ZdsTv3pHDn35a8lNwANKiWhXSc/irie0enmNjKyKTQDcVxq65mho2D+q7XANjDYtqQ8VX93HD2mLNljuA5GjJxtlTrw6V80AI9OiKjMlbEIG5BHIwOcDj5z53kZ2hPHIlSMCXVBXgBwZgPzw2GXDnIgsLFtGirVj/H+N8IWUioUgyimLjygPJwk8lcIrRCA279O7PnFAQKW3gchs4BN76vF41dR5AVJrDeWmSRonMHZEmGaHONEy+8pxFYf+u7hI6dC6YwrhNYHFgKymtKoYCGS1VTi3MXVPxzL4KxnS+StgfDqzf/FypqGD+c9Qkz3THw01J5SyQO4r7Y7cJFhpRvF09uDvT55BtUVuxexOUxANsmbzJCSKG0GLEWa6e+8owLHRbUh5fQQHN4WVMOCb2XLJkHM6YkZv+Sl3sjwUOtZS1+hRAz4I5BsxxNYK3OySwlzb5yBF2axC6z0DTpXNhyMUSEm2yI4gGroW+x0q8AK4dYelhcBC2QYYp8a2QkQu7vphg05QusuebZpjhRsFVphkjNmpEmAxAGRK/AaRr6YZtfVe/IsZgXso9xr75TBl/wee3jl5kLfBxs0q4lUCmfAcdfkT9EUWp6IOX6E+l7rgObuPLU5q64QtPzu5WDG2zM8cQWMbGt34EnKqSqwUPP3cmEVNuPSWh4bubLFKh+wcREMaMQ5j9GA9AXHDQnFsp3M9L3+0CBJIdBGnZetkjpg3l8INkqXzI35rNmJ6DkfmAE1a/SLLu9qkYK8HWi+1hsqKpNqv6bAp9iKSCb/tFc88wgNVh2n9UVZXBuWXCmtwc2BUfaN9/rw6L/+iqrTu9vrq0LTDSy8A1RuKr3aY+EyCN9gd+BVjEjpszFD8Jnrgj4qz5jihEgo8/AdGAS5/8QiMhdr18LQ5JaNC2EAsSswHx4MpOtFyyt84qJV0Ip4zegDJ0wMukjBJuRsZ6yR6ThgB0357pdmJsSXvj4XgevTwewWMmyX18kleac/i7oifv1xvp1gQrgigdp7s3tY91zH2o1LG/DqTbife7lgt9P6kR/LsHevJaVOytLv8DTO1ggTZjHDMT+A9DiUVot/gmhPcf5JwMnhV6PII5XtR4dy+lIs876JQFDm2YUgWNTPO+EJS/G63TgHxyJxBhumPCODzbYY58x+RFzykPvBuf+d6MpP2A2Pc2KPgW/SWc4XqTUVj6FIgwS58NJm06uLdh3vrEEUqO+fL6KOzmLYAa5TabqOv9oFGXYpOJ8sJtfGXIj6i+/aG4LrNZGeTzBzvz+W2jOcAH27qciC4YopLcP4NR6aXA3jYLVOLCnh54IfPVgMFFg0ZoqeaHEZN9jJIMsXNGbGsfT+f9FxN8JxAOM/iqqAVeCguXxNiKGJuCl+uQU2QdqyJVSgyq1xtXibRqGfJCDc+oGnXy5/jxjb0uDzhdYH94kfR4cj01MTDqt3kfFNjJtjl0KBR0oXj/E//PJwRgKJ3i0o5jYjRyLSqUfUJvEyiPrOmzAZrXQT8aYeOyB5MO4t0pdcMGBwcrWPkmxRiu3dERJHJttpFD03Iv5qFRZdNAsrfzu0dW59nO9x//Czxs3mcJfRyj2moAjMiyYC6vg5hPZso3lyDyJgvEySZ70GhJAfkb6peossSco7cdEw6lVisXDk9BuPArDn/kua94eUiajB1v3dwwvWNc535HQIQIbTd5478JESiFmB7mt5EXFXWVZWDhPRxkK8Px3KErl+4WBZec+glBSnrY1VqXDdBRG63etA/Ev2P4ih0MTEiv7/Bcbw9uzVsIIwhyopY3JtkJP/YqZpS9HSDzSTnkCcetO9YC6K1aqRjdxzDwfOqadu98gzXxZZOsGMFaBgptFqBwfrP5Z8+CWWebMIL2HzZCEhMZhHRFcfi5dI7t6R2AS6cqRFXQlaB75lYhOvFLmeuMtspjTUL2SQa1J17bZn9JYVNvBfL4twfZdp4zjo5DgFF5LiHC6uQa4LW3aWN8ujQ2CGRP67iRsIgedfrNZG6vdkwDMpzhyFFZXXrs507RTimTJGngX1kBWNb+j+b/RmjLsdONPPgCgE1o9fxJCfHM53zDHSlVcO8rsLideXY6HIUKgZC0khgpif5YBG+iHeqfT3ZBLwhLjK0GH6oP3TKw0xmHWq4Nb6C6OqdEIGQ7Rxt+rWOOPKhUMyzdhwz1YpeZA0zobRdR7isvmWGTMwxS56r+NuI6dOQL6xs+MlVFOPtyYNJAF2qWDHt0XOa/7Kv4XDRF7zDA19ZhqG8xDU9NtDwUDFrPBV5kO0TDSHuh7WShkzyXJYfc62WEIxIfbdMVX1m+mG20/f6Tk2r9wRxtAdxU4WqhK+YaZf8ZE6LfsNwJVyWI+o0VeK2v/2GkdUVeuDvq9aju+BipuUUHs9K09a4EyZOMNJtYUPj53W76rVP3rwAXr2jj+sWeDFCibsNTkv2KuyOzOM1cJCbONXNfqPAo5yx3cAwXp/ikz9kPMwmVqgIHGAd6QsTmaBXe4ex5C+GA1OBCMvk6ZAoSwRsAmoOZdharD+6dEEFL4HeqQx3XT+ddTRcGiQxgxuwPDAxcuCBkvqZSuVt1jb2c4WpL9id1S0TEsfzRtDj6VGM318jV3pj3pZvLXwVMJc7J4o6f0MNhjtgOZdcc302sh6HrusTn/zrRPpQVUPHkmmvmB4eP6IVT6aeKQS8Vt10PNtXbJKLYqFGnlTrrlHxBrGDMfz/j5ycai16VKeaKS1SnR1TQAReOaOksMc17xDVo9hnocOMs89tzCkDQ3e14lKngxWzmcxZAS6NGA5u/Y6x48b8OCiVbsbOxoeI5ouKd37TVPJEHo1VRPOhruVU50xv+eZtCbSkpTWPMq3r4AXZJjTKXn3aYTMQNMisR0yhto4dkdoNQw93ngm+MSduv+Sxt3VG108G6UDVEjE21ylMDueP5rDQ4G2sBPgIT/uSyFWan3tcP2eTFjps4BB0yzx4evjdUqu+Uqkvts7DOPY4MT8/g8YO41PvAW5sFItcwr6gLALyVSK8I3dzePeNELXK6daHLhkcI4EN4Yh3OO+kkT00X29A/V7wqIoV7T06FneC6Hg8rWyPHTFbAO0zqXK58Tp4E0kp0LkZHS+nLbmvuZOKSyQOMNWTvMYcagfRc+VgbAPjnZ9yRCXvWHY6N2z2CTKEioYoqt3Sgs8dgRHVZK/qGoO5lAWfdb6cTUFOZU0FnXYTS2ccQdOf8bJHOmldhavi0Oswe6wWpg3/Rp5Rvm0Y0g3r5CEF6lybkjM4K6eXc3DsFWcV43VPw/1w0sV3ErtuJHVyYxZzyS+iO0FC0Vpvru2emHoylbn0Tw3Cy31onjbnRlJfd9hzEZYiCUDj9l2P5b8Lrmw127NL25pzA+tdnRi55QS+ceUZ6omPqf7YsIO5AygG5+ZDCwFfjBX3tW5dpEFXzsdx1GWLopxT8RkPxjRjm8Z5EJpQtIYmptc3C6nBvPPCx0qVXJKo0LNbm9pZ1QPF0Vi/qS+V8PsL6dwPFH4t5jcKXJUdPNuiVLcqogKVicPSP+NviDn38UjWXixPHhkYk5Rv/2setqUXkKM+vePnOv7fNE3Px8QqJembwYkaj+T5do8st2KbJy08B2/l3gYvKoMZ5A3B3ypz3gghnEYPXb9uK1QyQIUsfV8tPFyFFWLVDQbSBSbqsWDfV1FThAJSi/FhcI4Al2JuqPvESQmjKW3qP6kk2GXQQco+R0lPszTEum1M9YQxq6YnRRy/wAPnHZgSgwNliNzx9d/FQbgo1kNg5LgdFjZh41ooPAubRyxfkHxzsVrnhjEV22wA/7dsAdllnnWRARQjBfn3tzENiG8YV/pWZF78aL8XZwapiPrWI=,iv:2Mvmz1CFO1112RxjIl6sxyNIDqa/cg00um6RcQaHNY8=,tag:+zygdwQdCBeBXVLvAj/jJQ==,type:str]
gitlab-key: ENC[AES256_GCM,data:1iAAh7CEeJGYibM1wcFn9MRK8TtgRFA2dCSVZThiCI53GKkbbf5JZ2cYJm3p/D9loP0/lU7TbNR8IjVyqqGP8MF+u4cm0gFIEL0i9+wBKIJsYXxzXV7XIQNTF1JU26/b+hpfUEcqXANQ88wdaGTrEDYAaMV0kYcBUkpMgUdIU+iCJkr3bPKZRjengA3/Sj6QkRzBTBrWo8ANEAnmi+Nn8NTFdHbwp+uLwelijCOz4iiShMTRjJYtBZ8zlGXf7qv9warXn91oh1p5aPYBRH6CuUwX1lZYDPmFGxOS5usYYippqsRmEEg9Haas0EwxU8CAZgX6cNnfjhq3le86vCapqZnzdNAwR5rvMEQ178Fl89Ri5Ka7n9GU7CFRzzXpykPErKbsG+T3KtfO20Lo2eDWO/gXuQILZcwaFDEbZuXq7qbrtyJ1TmtXQF73paG7yEITwOFLaMeJVRX/WvdXbzFo9X8V7zv7iuyyi4Y/RzkW2g7Ck0x3MIgxyUkDQZnb9XLYm5PzoKZ54uXIC6tqaC7ux7o785VOvaaNJiu1r+mtm7tN3VD3nQGBMGC4BqM4iYEt/KcTC4fn4rSwecfcYTpGQf6LfDOWgZvBz8Fw8AraWIANjHkOMrlWhIJJ8g7N+35rThEfrC1hGAptWsOSVZ0NbZk3UMCzv88KpDJA/9rekLIpAodJaZafM3VhK2ZLU4i6IYprKlsFYB/+WDwvppX+LIofMdhZfGhI+hRyiNF1egh+PBv/UzHIdanNLiITXO6/Kt5kgSujVmr2O6NWOlx+Ve1udxXWzNxp0qrMKa2JVljBS4UFw4HPM0LzQ2KMW3rZ1fWq88/dRtzoBJfouL8smeSrc+VJJACEzHevXq4e8zgjg9+QnK+ZWNwcna1bQgB+lG76hGnfVvIHF4PQM6tGSS6RLQrwsAMI8DMsiRhYUc8Bdrj2+fM8GFTC81pYyRsmha6tJmq+S8oM919iTqFFGFk4NFMy1Mj/95Ckrb0tkCIiJe+Quvu91oLVzLAbkRdDF/H6rudrndhqlAANQs0acPemuD4/rrUfv+jFEiOazjydGrHTae0jnJyS5mR3QZxWst0p7Q+yIlduU+kY9uX+ZuDwjUsOqy56K2mn9+dPVA10D0hqSiWUQQ+TQU5QGaalJRjt4RG2V3fcwCs8nla4XNrxaSty67141CBJHgh4I37qCFcu1f7YqqKJNmVJwBX2/70Rg0nb63FPDh6UWtyaheQD4GL+2ZUJmlh+ZMPzJZEO6fABOQoyyMZhOv2Pem+AQHD97sN32E2WoCiSxMFYFe4Pc9sy5rFkZb7OsdNK3VzoeWVkklhNqpis0sU50Bqt48V+2qXFU12LGUuglzo9dBTJCgaD6xqadEYlh+WH18Q6yQPefcwcWzl0Ql/Y/F0XfSEgaIyd/VZdQ6QP3ZF6q4oEtKOCg+AnkbMVUw5TA+RdW/UnhJlErIs+AQRkKZ8JwpIalTccAEk7VgQQdRiCD1PBhc+0T9gzTbQTqCB8pCqy7M6UEUbumOfyUKOtkosk0Bx8MLtyzX7va+3D0h7Cdze4CFTUT8EZquSWoX5ozwF1DdsBs3wrunIa1FYYaZQDiMiYLZ64TRzVBujeyZxFQLgKPbEBBr1BalgJglGALLZUfkmz01g5stgkZDeXvbTgA0W9PKFhZ+lLfrZ2NQzblZ6DiLeFM5ybxSbCbBSx2gzzBuMgbWOVTFDXLRuGOE0GRWVpzEtcqTncQfbJT+6AicA86e6MuXn12Zq3uyF4HoiybBFEAkYF24qLz2XZ6K9E7aNdWJAY2dcvq+LCoaHKlpekSUO+jrfykEfH5eFhnSj+hrwtSa3+3tLkuNdzjEpTcvq3l0d9dVAcMswv93RrU9PNGs66W7wRKiiOYvC+BqjOIkUvXVxr5Tl/1WDUgah1BTaQO80KEphtmEen4s1gLQEUN6lA0HsBAyDOMHGfkDgcT2pH8A6s5bc8BpXyyGZOLQ89h5vpvCPFFbxHNxffKXgRWLUfoNoXDqBG0kxDm7+CLmkD9jmH1XkRu3a0qr9KgZDUqQoVHCpUMXF8/HN7+1VHIUP5pWO9mupX0jL91ymF16HBCucJQiCWmKr2Cn+huPwtzcRblAoQAZY4da1PbIBwdys8Q77WETrTiK/XrQHiE/ZRiPFZK3B4wPFjMGyp7yhnF23ram76E3ny0xqunfjvyTLcLVmkmdDIz6FpNCa2Qd+oqpkKzFEF3hcmZgue9uqsmjJk4ymAKqTXB2PUdz0GoOe7obg6QyZS0WvgsuCuem5yePjYL43AXiFfyDp4fDRRaB5qpJzXS8HzCh0Whyg3z8UEygVnXMmL1k/84LsfME4/ubMV4cJn5Q9rDFGIwUfk4M98Y1ylPWQfcbwpAxtipBN0uQL6WX6L4dglE4wcf/0d6IGmIxF03E08BvvQvniox7fZEIYY8dP9LlitXZBfKqSDw3jQ5JuLllGI//hbXGu8IxWFnABz5i/NkNGJnSb6b4V5vWXAWSBi918ZZYMmxqH87hypen6ONq2jxPXdgN4lphyQDxL7Sx1oNAUUdm8NqTj47g6Ny0RWHUJPAnKAZNpAljmbCny0fkTzDzg/OhetkUv6+BSRZq800gaGkNz41cmJvTZBe+MOrGEvHwc5C2uFsLJuagJ+vryyN0sdpuSFVF/3Zm8Ch/aFldeS5xjwf7Yfy2Nb2H2WRJbFa01sEbMiMkrhLLpyQdwL9XoFBN/1IKoZyQE0fBLXwU8D9BnL3PCBbSeVDoswRt7hPe40SyBMTu9uhzn9n7DXhWqb+hpbM1ViDlT1wE/P4xx3UcRRb+xx5ANkbuF11Yf16cAa0hwM/2BmRAVInmgeNS4Lp/gre0WBO9x21I3rZ5YaRxRsOUTBlaElYRMcxQQTkw6sc1TM3u7lK+b6Ug8iS8jYP+3m/QGHF4W/3eHVoELfBq8vwYCPa87338sQwlLAmQlf5REYBqDhV0Z075hmwGeOPW/Q+2cKpY8XdlD/eYKhgNuHV1pL1CRAbWCkZg21Lq7zVR+wYuu3tuEqmIT7+P0Yj4EjNiODe523wBNPH2gxLzupPZmT/fR1YoI/ij51qj6QPCQgy1eJB4TTlmNJHDNBKEakVr26wFg4Pd6y+99W1sEPNn6weoezXLk5DWSXln0AdAmYcxa5I8ZWGwDrTMASf6QUNlg0lTXbqw9khZgdk069zrfYzBhtcSyHAqg6DzyHeLzUbPNXmvBS2WGbbJUZX73tqB+cRAD4UUDv02ZQ2YrUT0AQpvc9+dekzWuv/UGnQ1Y085NMSP6s+sGL0WfcOamb39Y7Ov4y6hCikq5M1TiHogndk7Apkm1hQLOiUM3Tb0IXmrBtmX6RxvUgXBLQ+XuZjJ3884soM0swwdt9f2vKljG2lnOnCdHPVSQUO3XQ90itLXQhq21B8SOiFA0DvRWJMEhr4d3LdNOAbj6Iu1yQ0PvdEaD0X+1ND/3Tot6yAlAqzA6+47tnU1Gq0s6Y6uqkW5u2oSSwMoeIoRInBIKLO4tSW/rKICWJznuDivRIm5BHPFajEnahJdzclA7sPsbbKNwXEj7jzJELl+oUympJ/L1dpPfxcM3tSmErgwfwdNWNkf97kml9MZ03F2bUm71Azm1tq26aFUUOGxbsGI2T8NNFJsf25m5CfC06YK3F5Yb8pG08IhKRrkihM356uJcjC0m5V+OUETF2fTQLytWbq1gthXfaG+gE4Gk/MUX1vHfGUprTf3JYgiIZzgIIZeaX5j4XJ7hykwb6ahhIMX/ndB5XYGCER2vkDrDPwspsAL/pXiIOMDFSwJVsvf/9fbLDttYNJCR2B9/Enbjh87abaYlQsgUjsPFPAGH2nw7hX6iuEihrPyLZdUp0xJb2PIq8R4xpiStzomDdVkC018YPRWank9mKXHYf4+1QdQ3AftOs5iDMgf50XASNl/6F4V+NGX2vRiPJ2gxWBvpoPu5csSgKetHiJCqNLbHLggFQEjYJyW3Cepsm87LC1/eEa7AEPdR+eQYsIp4Xr1LMD9cEogHpz+/VOgdtcQmPMrNHsRolTaO5lT1vbrRJE+SM6byoi/ACDKI2pRObI+FPzflmm5X0/Kh+b6InGzCXR+k1CXyUauI6wro82J8T+vHdxPEy59kdXlAicy7q0/+UZ8zF4ApNT7XXV9sgmyhzD3/v1kWwDPnowptr/JJT01TTHTUPtDDqy5X497h56jqwjWex3Lc7cTusrkVrcHg26fIMw/zyTW3pgmrwpGayVC8kg3pNJQw+MX6xYO5Cq/EQv72rOKVw5YY83IWqkh6GHn3bTghvMETiWoCDUPB0JNsPY1i7hrFCYzGJib+p6M53ngNCfjI786qZ78CQVhmIyl8VGGwYrvtHY3UFArXUDK/Y9rc2lvMoCIBCwhq5w/eaJiTN1BhMgFVvgbdI+Y9cj/UgtE3yFjsQp/kI+oEyCDQntuzO1UhZiP2/9nXm4Lyf/ZhUcdEI9I0=,iv:aG4nqGJ/TRiAtiWoPwqej6We+IWEWFibCqL7bGwXbkA=,tag:c5ckW2o4+2rm/5mrGF1tzg==,type:str]
sops:
age:
- recipient: age1c8pawdsxptfslgrz2c56s39mrtnjzc5mm3hfzgr2wdwu2v6vfsdsupjsq6
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBVby9Wa1NUUkpyeDMwU3dM
R0EyeFVtT0tJU0pKaWtXQzRkTDBPY3JjcTFrClNIQnl2WVorS0FZZjhicTQ5V2kx
MUZTZWZtaUk2a1ZhUTBCUnhkWHFIMFUKLS0tIElLcjJLZWNLOUJYN0NNVGFNUEFN
RkMrdTYwNkY1Tlc3M3dxTFdkRXJJZUEKUlYU45jXpS9hJO9Z/uAQ6XMj9QWgMMRI
LbJxvt48+yC+Y0XKOtDE0lHAuGNzUG8R/7FB1tTD8NCamBe46KGCIg==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2026-04-23T07:50:07Z"
mac: ENC[AES256_GCM,data:V3us1oxkQxIg5hn8TMiSHWa0RhNbio2mP8j59lSCKDLjnpTUHUAUZZOan+fkBwPxxtIdZFVZQl/kZuEHcnNwXk8J0DLeT8jrs8pvlDCHMAc+C9uzThNjQ9CrZ2C/dNtoI6uop3a6qo8UMhKhvAus08yR8rLsY7Gqt/In28HKqxU=,iv:g8wmq1thPfkSSfG+mtJS0431wbon/uylDTfH0P31dlw=,tag:5Z6CJMWeGN6frTLJQMxGGw==,type:str]
unencrypted_suffix: _unencrypted
version: 3.12.2
hosts/pph/variables.nix → hosts/work/variables.nix
+5 -8
View File
@@ -5,16 +5,13 @@
}: { }: {
imports = [ imports = [
# Choose your theme here: # Choose your theme here:
../../themes/zen.nix ../../themes/darkviolet.nix
]; ];
config.var = { config.var = {
hostname = "pph"; hostname = "h-work";
username = "hadrien"; username = "hadrien";
configDirectory = configDirectory = "/home/" + config.var.username + "/.config/nixos"; # The path of the nixos configuration directory
"/home/"
+ config.var.username
+ "/.config/nixos"; # The path of the nixos configuration directory
keyboardLayout = "fr"; keyboardLayout = "fr";
@@ -24,8 +21,8 @@
extraLocale = "fr_FR.UTF-8"; extraLocale = "fr_FR.UTF-8";
git = { git = {
username = "pph"; username = "Hadi";
email = "pph@pph.pph"; email = "hadi@example.com";
}; };
autoUpgrade = false; autoUpgrade = false;
nixos/audio.nix
+3 -1
View File
@@ -13,7 +13,9 @@
enable = true; enable = true;
extraConfig = { extraConfig = {
"10-disable-camera" = { "10-disable-camera" = {
"wireplumber.profiles" = {main."monitor.libcamera" = "disabled";}; "wireplumber.profiles" = {
main."monitor.libcamera" = "disabled";
};
}; };
}; };
}; };
nixos/clamav.nix
-12
View File
@@ -1,12 +0,0 @@
{pkgs, ...}: {
environment.systemPackages = with pkgs; [
clamav
];
services.clamav = {
daemon.enable = true;
updater.enable = true;
scanner.enable = true;
fangfrisch.enable = true;
};
}
nixos/home-manager.nix
+12 -2
View File
@@ -1,9 +1,19 @@
# Home-manager configuration for NixOS # Home-manager configuration for NixOS
{inputs, ...}: { {
inputs,
pkgs,
...
}: {
home-manager = { home-manager = {
useGlobalPkgs = true; useGlobalPkgs = true;
useUserPackages = true; useUserPackages = true;
backupFileExtension = "hm-backup"; backupFileExtension = "hm-backup";
extraSpecialArgs = {inherit inputs;}; extraSpecialArgs = {
inherit inputs;
pkgs-stable = import inputs.nixpkgs-stable {
system = pkgs.stdenv.hostPlatform.system;
config.allowUnfree = true;
};
};
}; };
} }
nixos/nix.nix
+10 -2
View File
@@ -6,6 +6,11 @@
}: let }: let
autoGarbageCollector = config.var.autoGarbageCollector; autoGarbageCollector = config.var.autoGarbageCollector;
in { in {
# Ask for password once per SSH session (tied to the tty, expires when session closes)
security.sudo.extraConfig = ''
Defaults timestamp_type=tty,timestamp_timeout=-1
'';
security.sudo.extraRules = [ security.sudo.extraRules = [
{ {
users = [config.var.username]; users = [config.var.username];
@@ -19,7 +24,7 @@ in {
]; ];
nixpkgs.config = { nixpkgs.config = {
allowUnfree = true; allowUnfree = true;
allowBroken = true; allowBroken = false;
}; };
nix = { nix = {
nixPath = ["nixpkgs=${inputs.nixpkgs}"]; nixPath = ["nixpkgs=${inputs.nixpkgs}"];
@@ -30,7 +35,10 @@ in {
settings = { settings = {
download-buffer-size = 262144000; # 250 MB (250 * 1024 * 1024) download-buffer-size = 262144000; # 250 MB (250 * 1024 * 1024)
auto-optimise-store = true; auto-optimise-store = true;
experimental-features = ["nix-command" "flakes"]; experimental-features = [
"nix-command"
"flakes"
];
substituters = [ substituters = [
# high priority since it's almost always used # high priority since it's almost always used
"https://cache.nixos.org?priority=10" "https://cache.nixos.org?priority=10"
nixos/nvidia.nix
+2 -8
View File
@@ -15,7 +15,6 @@ in {
boot.kernelParams = [ boot.kernelParams = [
"nvidia-drm.modeset=1" # Enable mode setting for Wayland "nvidia-drm.modeset=1" # Enable mode setting for Wayland
"nvidia.NVreg_PreserveVideoMemoryAllocations=1" # Improves resume after sleep "nvidia.NVreg_PreserveVideoMemoryAllocations=1" # Improves resume after sleep
"nvidia.NVreg_RegistryDwords=PowerMizerEnable=0x1;PerfLevelSrc=0x2222;PowerMizerLevel=0x3;PowerMizerDefault=0x3;PowerMizerDefaultAC=0x3" # Performance/power optimizations
]; ];
# Blacklist nouveau to avoid conflicts # Blacklist nouveau to avoid conflicts
@@ -24,14 +23,11 @@ in {
# Environment variables for better compatibility # Environment variables for better compatibility
environment.variables = { environment.variables = {
LIBVA_DRIVER_NAME = "nvidia"; # Hardware video acceleration LIBVA_DRIVER_NAME = "nvidia"; # Hardware video acceleration
XDG_SESSION_TYPE = "wayland"; # Force Wayland
GBM_BACKEND = "nvidia-drm"; # Graphics backend for Wayland GBM_BACKEND = "nvidia-drm"; # Graphics backend for Wayland
__GLX_VENDOR_LIBRARY_NAME = "nvidia"; # Use Nvidia driver for GLX __GLX_VENDOR_LIBRARY_NAME = "nvidia"; # Use Nvidia driver for GLX
WLR_NO_HARDWARE_CURSORS = "1"; # Fix for cursors on Wayland
NIXOS_OZONE_WL = "1"; # Wayland support for Electron apps NIXOS_OZONE_WL = "1"; # Wayland support for Electron apps
__GL_GSYNC_ALLOWED = "1"; # Enable G-Sync if available __GL_GSYNC_ALLOWED = "1"; # Enable G-Sync if available
__GL_VRR_ALLOWED = "1"; # Enable VRR (Variable Refresh Rate) __GL_VRR_ALLOWED = "1"; # Enable VRR (Variable Refresh Rate)
WLR_DRM_NO_ATOMIC = "1"; # Fix for some issues with Hyprland
NVD_BACKEND = "direct"; # Configuration for new driver NVD_BACKEND = "direct"; # Configuration for new driver
MOZ_ENABLE_WAYLAND = "1"; # Wayland support for Firefox MOZ_ENABLE_WAYLAND = "1"; # Wayland support for Firefox
}; };
@@ -59,8 +55,7 @@ in {
# Optimized configuration for switchable graphics laptops # Optimized configuration for switchable graphics laptops
offload = { offload = {
enable = true; # Mode optimized for power saving enable = true; # Mode optimized for power saving
enableOffloadCmd = enableOffloadCmd = true; # Allows running applications with dedicated GPU
true; # Allows running applications with dedicated GPU
}; };
# sync.enable disabled as offload is generally better for laptops # sync.enable disabled as offload is generally better for laptops
sync.enable = false; sync.enable = false;
@@ -73,7 +68,6 @@ in {
# Enhanced graphics support # Enhanced graphics support
graphics = { graphics = {
enable = true; enable = true;
package = nvidiaDriverChannel;
enable32Bit = true; enable32Bit = true;
extraPackages = with pkgs; [ extraPackages = with pkgs; [
nvidia-vaapi-driver nvidia-vaapi-driver
@@ -104,5 +98,5 @@ in {
]; ];
# Enable Nvidia container toolkit for GPU acceleration in containers (docker) # Enable Nvidia container toolkit for GPU acceleration in containers (docker)
hardware.nvidia-container-toolkit.enable = true; hardware.nvidia-container-toolkit.enable = false;
} }
nixos/omen.nix
+4 -4
View File
@@ -5,9 +5,8 @@
pkgs, pkgs,
... ...
}: let }: let
hp-omen-linux-module = hp-omen-linux-module = pkgs.callPackage (
pkgs.callPackage {
({
kernel ? config.boot.kernelPackages.kernel, kernel ? config.boot.kernelPackages.kernel,
stdenv, stdenv,
fetchFromGitHub, fetchFromGitHub,
@@ -33,7 +32,8 @@
install hp-wmi.ko -Dm444 -t $out/lib/modules/${kernel.modDirVersion}/kernel/drivers/platform/x86/hp/ install hp-wmi.ko -Dm444 -t $out/lib/modules/${kernel.modDirVersion}/kernel/drivers/platform/x86/hp/
runHook postInstall runHook postInstall
''; '';
})) {kernel = config.boot.kernelPackages.kernel;}; })
) {kernel = config.boot.kernelPackages.kernel;};
in { in {
boot.extraModulePackages = [hp-omen-linux-module]; boot.extraModulePackages = [hp-omen-linux-module];
boot.kernelModules = ["hp-wmi"]; boot.kernelModules = ["hp-wmi"];
nixos/systemd-boot.nix
+4 -3
View File
@@ -11,8 +11,7 @@
}; };
}; };
tmp.cleanOnBoot = true; tmp.cleanOnBoot = true;
kernelPackages = kernelPackages = pkgs.linuxPackages_latest; # _zen, _hardened, _rt, _rt_latest, etc.
pkgs.linuxPackages_latest; # _zen, _hardened, _rt, _rt_latest, etc.
# Silent boot # Silent boot
kernelParams = [ kernelParams = [
@@ -38,5 +37,7 @@
}; };
# To avoid systemd services hanging on shutdown # To avoid systemd services hanging on shutdown
systemd.settings.Manager = { DefaultTimeoutStopSec = "10s"; }; systemd.settings.Manager = {
DefaultTimeoutStopSec = "10s";
};
} }
nixos/usbguard.nix
+10
View File
@@ -0,0 +1,10 @@
{config, ...}: {
services.usbguard = {
enable = true;
implicitPolicyTarget = "block";
IPCAllowedUsers = [
"root"
config.var.username
];
};
}
nixos/users.nix
+4 -1
View File
@@ -13,7 +13,10 @@ in {
users.${username} = { users.${username} = {
isNormalUser = true; isNormalUser = true;
description = "${username} account"; description = "${username} account";
extraGroups = ["networkmanager" "wheel"]; extraGroups = [
"networkmanager"
"wheel"
];
}; };
}; };
} }
nixos/utils.nix
+16 -7
View File
@@ -21,11 +21,17 @@ in {
enable = autoUpgrade; enable = autoUpgrade;
dates = "04:00"; dates = "04:00";
flake = "${configDir}"; flake = "${configDir}";
flags = ["--update-input" "nixpkgs" "--commit-lock-file"]; flags = [
"--update-input"
"nixpkgs"
"--commit-lock-file"
];
allowReboot = false; allowReboot = false;
}; };
time = {timeZone = timeZone;}; time = {
timeZone = timeZone;
};
i18n.defaultLocale = defaultLocale; i18n.defaultLocale = defaultLocale;
i18n.extraLocaleSettings = { i18n.extraLocaleSettings = {
LC_ADDRESS = extraLocale; LC_ADDRESS = extraLocale;
@@ -57,9 +63,6 @@ in {
XDG_DATA_HOME = "$HOME/.local/share"; XDG_DATA_HOME = "$HOME/.local/share";
PASSWORD_STORE_DIR = "$HOME/.local/share/password-store"; PASSWORD_STORE_DIR = "$HOME/.local/share/password-store";
EDITOR = "nvim"; EDITOR = "nvim";
TERMINAL = "ghostty";
TERM = "ghostty";
BROWSER = "zen-beta";
}; };
services.libinput.enable = true; services.libinput.enable = true;
@@ -68,7 +71,10 @@ in {
dbus = { dbus = {
enable = true; enable = true;
implementation = "broker"; implementation = "broker";
packages = with pkgs; [gcr gnome-settings-daemon]; packages = with pkgs; [
gcr
gnome-settings-daemon
];
}; };
gvfs.enable = true; gvfs.enable = true;
upower.enable = true; upower.enable = true;
@@ -118,7 +124,10 @@ in {
xdgOpenUsePortal = true; xdgOpenUsePortal = true;
config = { config = {
common.default = ["gtk"]; common.default = ["gtk"];
hyprland.default = ["gtk" "hyprland"]; hyprland.default = [
"gtk"
"hyprland"
];
}; };
extraPortals = [pkgs.xdg-desktop-portal-gtk]; extraPortals = [pkgs.xdg-desktop-portal-gtk];
server-modules/adguardhome.nix
+7
View File
@@ -9,6 +9,13 @@
networking.firewall = { networking.firewall = {
allowedTCPPorts = [53]; allowedTCPPorts = [53];
allowedUDPPorts = [53]; allowedUDPPorts = [53];
# Allow containers to reach adguard UI (for glance dns-stats widget)
extraCommands = ''
iptables -I INPUT 1 -s 10.233.0.0/16 -p tcp --dport 3000 -j ACCEPT
'';
extraStopCommands = ''
iptables -D INPUT -s 10.233.0.0/16 -p tcp --dport 3000 -j ACCEPT 2>/dev/null || true
'';
}; };
services.cloudflared.tunnels."${config.var.tunnelId}".ingress."adguard.${config.var.domain}" = "http://localhost:${toString config.services.adguardhome.port}"; services.cloudflared.tunnels."${config.var.tunnelId}".ingress."adguard.${config.var.domain}" = "http://localhost:${toString config.services.adguardhome.port}";
server-modules/arr.nix
+4 -1
View File
@@ -49,7 +49,10 @@ in {
}; };
}; };
users.users.jellyfin.extraGroups = ["video" "render"]; users.users.jellyfin.extraGroups = [
"video"
"render"
];
services.cloudflared.tunnels."${config.var.tunnelId}".ingress = { services.cloudflared.tunnels."${config.var.tunnelId}".ingress = {
"media.${config.var.domain}" = "http://localhost:8096"; "media.${config.var.domain}" = "http://localhost:8096";
server-modules/awesome-wallpapers.nix
+35 -20
View File
@@ -1,26 +1,41 @@
{ {
config, config,
inputs, inputs,
pkgs, lib,
... ...
}: { }: let
services = { inherit (import ./mk-container.nix {inherit lib config;}) mkContainer;
nginx.virtualHosts."wall.local" = { in {
root = "${inputs.awesome-wallpapers.packages.${pkgs.system}.default}/share/awesome-wallpapers"; imports = [
listen = [ (mkContainer {
{ name = "wallpapers";
addr = "127.0.0.1"; hostIp = "10.233.4.1";
port = 8759; containerIp = "10.233.4.2";
} nixosConfig = {pkgs, ...}: {
]; services.nginx = {
locations."/" = { enable = true;
tryFiles = "$uri $uri/ /index.html"; virtualHosts."wallpapers" = {
root = "${inputs.awesome-wallpapers.packages.${pkgs.system}.default}/share/awesome-wallpapers";
listen = [
{
addr = "0.0.0.0";
port = 8080;
}
];
locations."/" = {
tryFiles = "$uri $uri/ /index.html";
};
extraConfig = ''
port_in_redirect off;
absolute_redirect off;
'';
};
};
networking.firewall.allowedTCPPorts = [8080];
system.stateVersion = "24.05";
}; };
extraConfig = '' })
port_in_redirect off; ];
absolute_redirect off;
''; services.cloudflared.tunnels."${config.var.tunnelId}".ingress."wallpapers.${config.var.domain}" = "http://10.233.4.2:8080";
};
cloudflared.tunnels."${config.var.tunnelId}".ingress."wallpapers.${config.var.domain}" = "http://127.0.0.1:8759";
};
} }
server-modules/blog.nix
+57 -35
View File
@@ -1,45 +1,67 @@
{ {
config, config,
inputs, inputs,
pkgs, lib,
... ...
}: { }: let
services = { inherit (import ./mk-container.nix {inherit lib config;}) mkContainer;
nginx.virtualHosts = { domain = config.var.domain;
"blog.local" = { in {
root = "${inputs.blog.packages.${pkgs.system}.default}/share/blog"; imports = [
listen = [ (mkContainer {
{ name = "blog";
addr = "127.0.0.1"; hostIp = "10.233.3.1";
port = 8758; containerIp = "10.233.3.2";
} nixosConfig = {pkgs, ...}: {
]; services.nginx = {
locations."/" = { enable = true;
tryFiles = "$uri $uri/ /index.html"; virtualHosts = {
"blog" = {
root = "${inputs.blog.packages.${pkgs.system}.default}/share/blog";
listen = [
{
addr = "0.0.0.0";
port = 8080;
}
];
locations."/" = {
tryFiles = "$uri $uri/ =404";
};
extraConfig = ''
port_in_redirect off;
absolute_redirect off;
error_page 403 /403.html;
error_page 404 /404.html;
error_page 500 /500.html;
error_page 503 /503.html;
add_header Content-Security-Policy "default-src 'self'; script-src 'self' 'unsafe-inline' data: https://umami.${domain}; style-src 'self' 'unsafe-inline'; img-src 'self' data: https://git.${domain}; connect-src 'self' https://umami.${domain};" always;
add_header X-Frame-Options "SAMEORIGIN" always;
add_header X-Content-Type-Options "nosniff" always;
add_header Permissions-Policy "camera=(), microphone=(), geolocation=()" always;
'';
};
"www-redirect" = {
listen = [
{
addr = "0.0.0.0";
port = 8081;
}
];
extraConfig = "return 301 https://${domain}$request_uri;";
};
};
}; };
extraConfig = '' networking.firewall.allowedTCPPorts = [
port_in_redirect off; 8080
absolute_redirect off; 8081
add_header Content-Security-Policy "default-src 'self'; script-src 'self' 'unsafe-inline' data: https://umami.${config.var.domain}; style-src 'self' 'unsafe-inline'; img-src 'self' data: https://git.${config.var.domain}; connect-src 'self' https://umami.${config.var.domain};" always;
'';
};
"www.blog.local" = {
listen = [
{
addr = "127.0.0.1";
port = 8189;
}
]; ];
extraConfig = '' system.stateVersion = "24.05";
return 301 https://${config.var.domain}$request_uri;
'';
}; };
}; })
];
cloudflared.tunnels."${config.var.tunnelId}".ingress = { services.cloudflared.tunnels."${config.var.tunnelId}".ingress = {
"${config.var.domain}" = "http://127.0.0.1:8758"; "${config.var.domain}" = "http://10.233.3.2:8080";
"www.${config.var.domain}" = "http://127.0.0.1:8189"; "www.${config.var.domain}" = "http://10.233.3.2:8081";
};
}; };
} }

Some files were not shown because too many files have changed in this diff Show More