anotherhadi/nixy
1
Fork 0
mirror of https://github.com/anotherhadi/nixy.git synced 2026-05-20 13:22:34 +02:00
Code Issues Packages Projects Releases Wiki Activity

Compare commits

base: anotherhadi/nixy:v4.0.0
Branches Tags
anotherhadi/nixy:main
anotherhadi/nixy:v5.0.0 anotherhadi/nixy:v4.0.0 anotherhadi/nixy:v3.2.0 anotherhadi/nixy:v3.1.1 anotherhadi/nixy:v3.1.0 anotherhadi/nixy:v3.0.0 anotherhadi/nixy:v2.4.0 anotherhadi/nixy:v2.3.0 anotherhadi/nixy:v2.2.0 anotherhadi/nixy:v2.1.0 anotherhadi/nixy:v2.0.1 anotherhadi/nixy:v2.0.0 anotherhadi/nixy:v1.0.0
...
compare: anotherhadi/nixy:498ed902a2d790c2f04d43b0e7a9b96f80df6162
Branches Tags
anotherhadi/nixy:main
anotherhadi/nixy:v5.0.0 anotherhadi/nixy:v4.0.0 anotherhadi/nixy:v3.2.0 anotherhadi/nixy:v3.1.1 anotherhadi/nixy:v3.1.0 anotherhadi/nixy:v3.0.0 anotherhadi/nixy:v2.4.0 anotherhadi/nixy:v2.3.0 anotherhadi/nixy:v2.2.0 anotherhadi/nixy:v2.1.0 anotherhadi/nixy:v2.0.1 anotherhadi/nixy:v2.0.0 anotherhadi/nixy:v1.0.0

172 Commits
v4.0.0 ... 498ed902a2

Author SHA1 Message Date
Hadi 498ed902a2 Add error pages 
Signed-off-by: Hadi <112569860+anotherhadi@users.noreply.github.com>
 2026-04-29 19:43:59 +02:00
github-actions abcadd4eaf Update README.md (auto) 2026-04-27 19:14:25 +00:00
Hadi 5945a72b01 Refactor flakes 
Signed-off-by: Hadi <112569860+anotherhadi@users.noreply.github.com>
 2026-04-27 21:13:58 +02:00
Hadi df6381db85 Qutebrowser greasemonkey as flake now 
Signed-off-by: Hadi <112569860+anotherhadi@users.noreply.github.com>
 2026-04-27 20:31:47 +02:00
Hadi 6ed60d7a13 Change formater 
Signed-off-by: Hadi <112569860+anotherhadi@users.noreply.github.com>
 2026-04-25 15:35:57 +02:00
Hadi bcd4fa9839 fix bug with caelestia conf being read-only 
Signed-off-by: Hadi <112569860+anotherhadi@users.noreply.github.com>
 2026-04-25 14:57:29 +02:00
Hadi 143c5d2a34 Edit qutebrowser userscripts & overlay 
Signed-off-by: Hadi <112569860+anotherhadi@users.noreply.github.com>
 2026-04-25 14:56:21 +02:00
Hadi 4ed04ebf55 edit ssh config 
Signed-off-by: Hadi <112569860+anotherhadi@users.noreply.github.com>
 2026-04-25 13:36:29 +02:00
Hadi 1a57874e68 update flake 
Signed-off-by: Hadi <112569860+anotherhadi@users.noreply.github.com>
 2026-04-25 13:23:54 +02:00
Hadi 2127ffbe31 remove "privateBookmars" 
Signed-off-by: Hadi <hadi@example.com>
 2026-04-23 09:52:11 +02:00
Hadi a76f81fa13 update caelestia conf 
Signed-off-by: Hadi <hadi@example.com>
 2026-04-22 11:34:48 +02:00
Hadi f9d5c6ab00 Merge branch 'main' of github.com:anotherhadi/nixy 2026-04-22 10:38:12 +02:00
Hadi b51a78ac1c add secrets 
Signed-off-by: Hadi <hadi@example.com>
 2026-04-22 10:33:19 +02:00
Hadi 96b5d5e671 move feedly 
Signed-off-by: Hadi <hadi@example.com>
 2026-04-22 10:33:10 +02:00
Hadi a222958eea remove sesh 
Signed-off-by: Hadi <112569860+anotherhadi@users.noreply.github.com>
 2026-04-21 18:44:39 +02:00
Hadi c3f86c9831 Add netrc 
Signed-off-by: Hadi <hadi@example.com>
 2026-04-21 15:21:55 +02:00
Hadi dc5c7dc915 create dirs 
Signed-off-by: Hadi <hadi@example.com>
 2026-04-20 16:51:37 +02:00
Hadi 3cbe2a1ab2 add Feedly to bookmarks 
Signed-off-by: Hadi <hadi@example.com>
 2026-04-20 14:21:49 +02:00
Hadi a1ed4ebc4c add list & tools 
Signed-off-by: Hadi <hadi@example.com>
 2026-04-20 14:21:44 +02:00
Hadi 80aa828ee5 Init the work config v2 
Signed-off-by: Hadi <hadi@example.com>
 2026-04-20 14:05:09 +02:00
Hadi 28cdcb6dad Add tool & bookmark 
Signed-off-by: Hadi <hadi@example.com>
 2026-04-20 14:04:41 +02:00
Hadi e620c5296f edit bookmarks 
Signed-off-by: Hadi <112569860+anotherhadi@users.noreply.github.com>
 2026-04-19 19:34:13 +02:00
Hadi 80ca377585 v5.0.0 2026-04-19 18:51:14 +02:00
Hadi 3a8ac99f43 fix warning 
Signed-off-by: Hadi <112569860+anotherhadi@users.noreply.github.com>
 2026-04-19 18:50:55 +02:00
Hadi 6724573f16 Merge pull request #54 from Chiloute/fix-nvf-tailwind-install 
nvf tailwind new install method
 2026-04-19 18:48:30 +02:00
Hadi 13ae753f3d update 
Signed-off-by: Hadi <112569860+anotherhadi@users.noreply.github.com>
 2026-04-19 18:45:22 +02:00
Hadi 805f43618c Edit qutebrowser config 
Signed-off-by: Hadi <112569860+anotherhadi@users.noreply.github.com>
 2026-04-19 18:45:19 +02:00
Hadi 4489c9e0ae Add Proton Mail & Calendar shortcuts 
Signed-off-by: Hadi <112569860+anotherhadi@users.noreply.github.com>
 2026-04-19 17:38:03 +02:00
Hadi 3a86013330 new theme! 
Signed-off-by: Hadi <112569860+anotherhadi@users.noreply.github.com>
 2026-04-18 20:11:38 +02:00
Hadi 922a412cda tabs switching & shortcuts 
Signed-off-by: Hadi <112569860+anotherhadi@users.noreply.github.com>
 2026-04-18 01:25:06 +02:00
Hadi cedf87698c edit home src 
Signed-off-by: Hadi <112569860+anotherhadi@users.noreply.github.com>
 2026-04-18 01:13:04 +02:00
Hadi 52561cf335 qutebrowser configuration 
Signed-off-by: Hadi <112569860+anotherhadi@users.noreply.github.com>
 2026-04-18 01:12:46 +02:00
Hadi 9429c9f93b dead imports 
Signed-off-by: Hadi <112569860+anotherhadi@users.noreply.github.com>
 2026-04-18 01:03:57 +02:00
Hadi 5e0dd70cfa Edit secrets & hostname 
Signed-off-by: Hadi <112569860+anotherhadi@users.noreply.github.com>
 2026-04-18 00:53:51 +02:00
Hadi 9e24c44c53 A lot of QOL changement, remove Zen, config Qutebrowser, update a lot of things 
Signed-off-by: Hadi <112569860+anotherhadi@users.noreply.github.com>
 2026-04-18 00:44:22 +02:00
pph 241db5ce7a init qutebrowser 
Signed-off-by: pph <pph@pph.pph>
 2026-04-17 14:43:58 +02:00
pph 00faa213bf move shortcuts 
Signed-off-by: pph <pph@pph.pph>
 2026-04-17 13:40:29 +02:00
pph 0aac097e77 edit groups 
Signed-off-by: pph <pph@pph.pph>
 2026-04-17 13:40:23 +02:00
pph 5aaeba1512 new bookmark 
Signed-off-by: pph <pph@pph.pph>
 2026-04-16 14:54:37 +02:00
Chiloute 1bdf7a3af5 nvf tailwind new install method 
Signed-off-by: Chiloute <35150997+Chiloute@users.noreply.github.com>
 2026-04-15 19:33:59 +02:00
Hadi 4f3cf99b99 nevermind 
Signed-off-by: Hadi <112569860+anotherhadi@users.noreply.github.com>
 2026-04-12 20:24:15 +02:00
Hadi f7a2aa6256 change from number to username + env var 
Signed-off-by: Hadi <112569860+anotherhadi@users.noreply.github.com>
 2026-04-12 19:24:24 +02:00
Hadi ac3c0886b7 auto upgrades 
Signed-off-by: Hadi <112569860+anotherhadi@users.noreply.github.com>
 2026-04-12 19:02:46 +02:00
Hadi 17f976d4e7 edit keybinds 
Signed-off-by: Hadi <112569860+anotherhadi@users.noreply.github.com>
 2026-04-11 17:44:25 +02:00
Hadi daaf0d2b27 edit secrets 
Signed-off-by: Hadi <112569860+anotherhadi@users.noreply.github.com>
 2026-04-11 12:26:35 +02:00
Hadi 5f0d3bff5f remove pins and change some keybinds 
Signed-off-by: Hadi <112569860+anotherhadi@users.noreply.github.com>
 2026-04-11 12:22:53 +02:00
Hadi 36ad6aeb57 Change from brave to zen 
Signed-off-by: Hadi <112569860+anotherhadi@users.noreply.github.com>
 2026-04-11 11:59:04 +02:00
Hadi 2326857f65 hardening 
Signed-off-by: Hadi <112569860+anotherhadi@users.noreply.github.com>
 2026-04-11 11:27:39 +02:00
Hadi 28b7923e47 New way to deploy apps in my server 
Signed-off-by: Hadi <112569860+anotherhadi@users.noreply.github.com>
 2026-04-11 02:26:00 +02:00
Hadi 29bdd6468a remove discord 
Signed-off-by: Hadi <112569860+anotherhadi@users.noreply.github.com>
 2026-04-11 01:34:02 +02:00
Hadi 08db0a42c4 add claude-code to jack 
Signed-off-by: Hadi <112569860+anotherhadi@users.noreply.github.com>
 2026-04-10 22:57:18 +02:00
Hadi 66cc2a3958 add colors 
Signed-off-by: Hadi <112569860+anotherhadi@users.noreply.github.com>
 2026-04-10 22:57:09 +02:00
Hadi 80afef207a edit gitignore 
Signed-off-by: Hadi <112569860+anotherhadi@users.noreply.github.com>
 2026-04-10 22:23:05 +02:00
Hadi d18d67d86e update 
Signed-off-by: Hadi <112569860+anotherhadi@users.noreply.github.com>
 2026-04-07 22:48:29 +02:00
pph 2e10d6feff Merge branch 'main' of github.com:anotherhadi/nixy 2026-04-07 13:42:51 +02:00
pph dea17ebf3c remove update nws 
Signed-off-by: pph <pph@pph.pph>
 2026-04-07 13:42:40 +02:00
Hadi ae024e308d Merge branch 'main' of github.com:anotherhadi/nixy 2026-04-06 15:13:17 +02:00
Hadi 302f0ceec9 Add variables for domain & tunnel id 
Signed-off-by: Hadi <112569860+anotherhadi@users.noreply.github.com>
 2026-04-06 15:13:10 +02:00
github-actions 1cddeef739 Update README.md (auto) 2026-04-03 18:45:39 +00:00
Hadi d7b72277f7 change gitlab user 
Signed-off-by: Hadi <112569860+anotherhadi@users.noreply.github.com>
 2026-04-03 20:45:03 +02:00
Hadi 5d9ab362a3 update blog config 
Signed-off-by: Hadi <112569860+anotherhadi@users.noreply.github.com>
 2026-03-30 20:00:00 +02:00
Hadi a6b2f66ac8 init swappy config 
Signed-off-by: Hadi <112569860+anotherhadi@users.noreply.github.com>
 2026-03-30 18:30:34 +02:00
Hadi e2a60b15dc Merge branch 'main' of github.com:anotherhadi/nixy 2026-03-30 18:30:19 +02:00
Hadi d029d6f205 init gitea instance 
Signed-off-by: Hadi <112569860+anotherhadi@users.noreply.github.com>
 2026-03-30 18:30:14 +02:00
Hadi d9b4102bed rename 
Signed-off-by: Hadi <112569860+anotherhadi@users.noreply.github.com>
 2026-03-30 18:05:44 +02:00
Hadi a744d85f48 update secrets 
Signed-off-by: Hadi <112569860+anotherhadi@users.noreply.github.com>
 2026-03-30 18:05:22 +02:00
github-actions 5d50819d49 Update README.md (auto) 2026-03-30 15:11:28 +00:00
Hadi 087f71d2d5 update readme 
Signed-off-by: Hadi <112569860+anotherhadi@users.noreply.github.com>
 2026-03-30 17:10:18 +02:00
Hadi 3f36665767 new secret 
Signed-off-by: Hadi <112569860+anotherhadi@users.noreply.github.com>
 2026-03-28 19:31:18 +01:00
Hadi 6cb4d1eb96 Merge branch 'main' of github.com:anotherhadi/nixy 2026-03-28 18:59:06 +01:00
Hadi 983c83b981 change gitlab secret 
Signed-off-by: Hadi <112569860+anotherhadi@users.noreply.github.com>
 2026-03-28 18:59:02 +01:00
Hadi c482e6e075 update flake 
Signed-off-by: Hadi <112569860+anotherhadi@users.noreply.github.com>
 2026-03-25 21:57:24 +01:00
Hadi 0a01e8f3e8 update flake 
Signed-off-by: Hadi <112569860+anotherhadi@users.noreply.github.com>
 2026-03-25 21:40:18 +01:00
Hadi 641411ad51 edit bookmarks 
Signed-off-by: Hadi <112569860+anotherhadi@users.noreply.github.com>
 2026-03-25 21:40:13 +01:00
Hadi 86fd60fd3d update flake 
Signed-off-by: Hadi <112569860+anotherhadi@users.noreply.github.com>
 2026-03-25 20:53:09 +01:00
Hadi 9a41aff92d migration hadi.diy > hadi.icu 
Signed-off-by: Hadi <112569860+anotherhadi@users.noreply.github.com>
 2026-03-25 20:30:02 +01:00
Hadi e4a2a7abd0 edit tunnels 
Signed-off-by: Hadi <112569860+anotherhadi@users.noreply.github.com>
 2026-03-25 18:51:17 +01:00
Hadi b4d8e87abe change domain name 
Signed-off-by: Hadi <112569860+anotherhadi@users.noreply.github.com>
 2026-03-25 18:35:27 +01:00
Hadi 5de0ce50d6 edit secrets 
Signed-off-by: Hadi <112569860+anotherhadi@users.noreply.github.com>
 2026-03-25 18:34:43 +01:00
Hadi aba6dafffa Remove eleakxir for now #53 
Signed-off-by: Hadi <112569860+anotherhadi@users.noreply.github.com>
 2026-03-24 22:57:28 +01:00
Hadi 290471fcc2 Update default-creds 
Signed-off-by: Hadi <112569860+anotherhadi@users.noreply.github.com>
 2026-03-20 20:16:28 +01:00
pph ac90e05258 edit ghostty configuration 
Signed-off-by: pph <pph@pph.pph>
 2026-03-17 11:30:00 +01:00
Hadi 562f2507c0 update flake 
Signed-off-by: Hadi <112569860+anotherhadi@users.noreply.github.com>
 2026-03-16 23:49:16 +01:00
Hadi a393b97680 +umami 
Signed-off-by: Hadi <112569860+anotherhadi@users.noreply.github.com>
 2026-03-16 23:27:43 +01:00
Hadi 59901b0081 Enable clipboard even in ssh 
Signed-off-by: Hadi <112569860+anotherhadi@users.noreply.github.com>
 2026-03-16 22:40:13 +01:00
Hadi 6ecf475301 Update hyprland 
Signed-off-by: Hadi <112569860+anotherhadi@users.noreply.github.com>
 2026-03-16 21:17:40 +01:00
pph 75483ea97a update 
Signed-off-by: pph <pph@pph.pph>
 2026-03-16 14:25:11 +01:00
pph 4cd0eccde5 Merge branch 'main' of github.com:anotherhadi/nixy 2026-03-16 09:45:05 +01:00
pph d32c4a317f edit secrets 
Signed-off-by: pph <pph@pph.pph>
 2026-03-16 09:44:54 +01:00
Hadi 5ecc516a2f init default-creds 
Signed-off-by: Hadi <112569860+anotherhadi@users.noreply.github.com>
 2026-03-14 21:16:01 +01:00
Hadi de489d7d9c remove Neofetch: deprecated 
Signed-off-by: Hadi <112569860+anotherhadi@users.noreply.github.com>
 2026-03-14 21:13:56 +01:00
pph 19bfd1201b Edit keymaps & add dependencies 
Signed-off-by: pph <pph@pph.pph>
 2026-03-13 13:47:00 +01:00
pph 20f7bca099 add nix-index-database 
Signed-off-by: pph <pph@pph.pph>
 2026-03-13 13:13:16 +01:00
pph 72ed018351 fix type 
Signed-off-by: pph <pph@pph.pph>
 2026-03-12 09:35:33 +01:00
pph b904fd4fde suppress float event from brave 
Signed-off-by: pph <pph@pph.pph>
 2026-03-11 17:02:15 +01:00
pph b1cf5fb3a1 QOL vim option 
Signed-off-by: pph <pph@pph.pph>
 2026-03-11 17:02:02 +01:00
pph fee44db81c let nixy take arguments 
Signed-off-by: pph <pph@pph.pph>
 2026-03-10 12:59:16 +01:00
pph 214095c02a edit secret 
Signed-off-by: pph <pph@pph.pph>
 2026-03-09 13:41:38 +01:00
Hadi 29fc893847 more stable nvidia version & fan control 
Signed-off-by: Hadi <112569860+anotherhadi@users.noreply.github.com>
 2026-02-28 22:37:32 +01:00
Hadi 3689215480 add extension 
Signed-off-by: Hadi <112569860+anotherhadi@users.noreply.github.com>
 2026-02-28 22:26:24 +01:00
Hadi 14168a65ea add amazon to bookmarks 
Signed-off-by: Hadi <112569860+anotherhadi@users.noreply.github.com>
 2026-02-24 21:59:24 +01:00
Hadi 43ae447b34 clamav: init 
Signed-off-by: Hadi <112569860+anotherhadi@users.noreply.github.com>
 2026-02-24 21:58:41 +01:00
Hadi 07fa66f1b6 add firefox to cybersecurity 
Signed-off-by: Hadi <112569860+anotherhadi@users.noreply.github.com>
 2026-02-24 21:58:32 +01:00
Hadi 168423cf16 Update images path 2026-02-24 18:25:34 +01:00
pph bde39be205 Add proton to work 
Signed-off-by: pph <pph@pph.pph>
 2026-02-23 10:59:59 +01:00
Hadi 18137f444a add bookmarks 
Signed-off-by: Hadi <112569860+anotherhadi@users.noreply.github.com>
 2026-02-20 20:57:32 +01:00
Hadi e835f2466b revert hyprland: current bug with external monitor 
Signed-off-by: Hadi <112569860+anotherhadi@users.noreply.github.com>
 2026-02-20 20:54:27 +01:00
Hadi d2a9fff0d1 DRM DEVICES now in host files 
Signed-off-by: Hadi <112569860+anotherhadi@users.noreply.github.com>
 2026-02-20 20:53:36 +01:00
Hadi 081e05c702 update 
Signed-off-by: Hadi <112569860+anotherhadi@users.noreply.github.com>
 2026-02-20 20:04:17 +01:00
Hadi 4a4b997ef3 fix brave fullscreen 
Signed-off-by: Hadi <112569860+anotherhadi@users.noreply.github.com>
 2026-02-20 19:05:31 +01:00
pph 37abf49364 Merge branch 'main' of github.com:anotherhadi/nixy 2026-02-20 15:28:06 +01:00
pph 36f5ef3792 Add monitor 
Signed-off-by: pph <pph@pph.pph>
 2026-02-20 15:27:54 +01:00
Hadi 3d4099c97b Fix brave fullscreen 
Signed-off-by: Hadi <112569860+anotherhadi@users.noreply.github.com>
 2026-02-19 20:29:03 +01:00
Hadi 89413d06a8 add apps 
Signed-off-by: Hadi <112569860+anotherhadi@users.noreply.github.com>
 2026-02-18 21:44:57 +01:00
Hadi 76e3368f3e lock instead of logout 
Signed-off-by: Hadi <112569860+anotherhadi@users.noreply.github.com>
 2026-02-18 21:44:48 +01:00
Hadi 0f40fccb5e remove usefull keymaps 
Signed-off-by: Hadi <112569860+anotherhadi@users.noreply.github.com>
 2026-02-18 21:44:42 +01:00
Hadi cefebdbd0a quit without confirmation 
Signed-off-by: Hadi <112569860+anotherhadi@users.noreply.github.com>
 2026-02-18 21:44:36 +01:00
pph 05cfe684c2 add python lsp 
Signed-off-by: pph <pph@pph.pph>
 2026-02-18 15:00:11 +01:00
pph f11bd21e00 add apps 
Signed-off-by: pph <pph@pph.pph>
 2026-02-18 15:00:07 +01:00
pph 40477c6562 change theme 
Signed-off-by: pph <pph@pph.pph>
 2026-02-18 15:00:02 +01:00
Hadi d1fec1128d Merge branch 'main' of github.com:anotherhadi/nixy 2026-02-16 22:48:16 +01:00
Hadi 677a279eda add freshrss 
Signed-off-by: Hadi <112569860+anotherhadi@users.noreply.github.com>
 2026-02-16 22:48:13 +01:00
Hadi 1489261fa9 add a shortcut for the dashboard 
Signed-off-by: Hadi <112569860+anotherhadi@users.noreply.github.com>
 2026-02-15 21:21:21 +01:00
Hadi 29d19d5502 add brave & brave incognito to which-key 
Signed-off-by: Hadi <112569860+anotherhadi@users.noreply.github.com>
 2026-02-15 20:36:52 +01:00
Hadi 2f69c6e1d4 fix env variables 
Signed-off-by: Hadi <112569860+anotherhadi@users.noreply.github.com>
 2026-02-15 19:43:37 +01:00
Hadi 9ad71c5775 add binding to restart caelestia-shell 
Signed-off-by: Hadi <112569860+anotherhadi@users.noreply.github.com>
 2026-02-15 19:16:58 +01:00
Hadi b5c64e96c4 change theme 
Signed-off-by: Hadi <112569860+anotherhadi@users.noreply.github.com>
 2026-02-15 18:23:16 +01:00
Hadi af787952ad add bookmarks 
Signed-off-by: Hadi <112569860+anotherhadi@users.noreply.github.com>
 2026-02-15 18:23:11 +01:00
Hadi 4ebf579743 new bindings! which-key like 
Signed-off-by: Hadi <112569860+anotherhadi@users.noreply.github.com>
 2026-02-15 17:36:49 +01:00
Hadi 78aa49547d edit opacity 
Signed-off-by: Hadi <112569860+anotherhadi@users.noreply.github.com>
 2026-02-13 23:19:37 +01:00
pph d21fc81a19 Don't show on hover the dashbaord 
Signed-off-by: pph <pph@pph.pph>
 2026-02-10 09:38:12 +01:00
pph b0684b2e56 fix thunar config overwrite 
Signed-off-by: pph <pph@pph.pph>
 2026-02-10 09:37:52 +01:00
Hadi 49a9f3f169 new theme 
Signed-off-by: Hadi <112569860+anotherhadi@users.noreply.github.com>
 2026-02-07 21:49:14 +01:00
Hadi 8caa02139c fix caelestia scheme change 
Signed-off-by: Hadi <112569860+anotherhadi@users.noreply.github.com>
 2026-02-07 21:49:07 +01:00
Hadi 0c0a487488 add cache to glance 
Signed-off-by: Hadi <112569860+anotherhadi@users.noreply.github.com>
 2026-02-07 20:37:54 +01:00
Hadi 6f463fc7f9 add brave settings 
Signed-off-by: Hadi <112569860+anotherhadi@users.noreply.github.com>
 2026-02-07 20:33:18 +01:00
Hadi 3e82b1cd60 Add desktop entries for incognito & tor 
Signed-off-by: Hadi <112569860+anotherhadi@users.noreply.github.com>
 2026-02-07 19:53:44 +01:00
Hadi f9d171cef3 add QOL apps 
Signed-off-by: Hadi <112569860+anotherhadi@users.noreply.github.com>
 2026-02-07 19:52:40 +01:00
Hadi 89c61650bc +witr 
Signed-off-by: Hadi <112569860+anotherhadi@users.noreply.github.com>
 2026-02-07 19:16:04 +01:00
Hadi c94559d29f done 
Signed-off-by: Hadi <112569860+anotherhadi@users.noreply.github.com>
 2026-02-07 13:27:44 +01:00
Hadi e91047a3e1 Kitty -> Ghostty 
Signed-off-by: Hadi <112569860+anotherhadi@users.noreply.github.com>
 2026-02-07 13:27:14 +01:00
Hadi 1d75175be8 Change default for text & add title 
Signed-off-by: Hadi <112569860+anotherhadi@users.noreply.github.com>
 2026-02-07 13:22:00 +01:00
Hadi ea18558cb3 add code mime files 
Signed-off-by: Hadi <112569860+anotherhadi@users.noreply.github.com>
 2026-02-07 13:16:42 +01:00
Hadi 72c13294e6 update flake 
Signed-off-by: Hadi <112569860+anotherhadi@users.noreply.github.com>
 2026-02-07 13:02:37 +01:00
Hadi a771f685b2 remove notifications from audio input/output change 
Signed-off-by: Hadi <112569860+anotherhadi@users.noreply.github.com>
 2026-02-07 12:46:58 +01:00
Hadi 27ad0783bc change inactive border opacity 
Signed-off-by: Hadi <112569860+anotherhadi@users.noreply.github.com>
 2026-02-07 12:37:35 +01:00
Hadi d61e378405 remove blueman 
Signed-off-by: Hadi <112569860+anotherhadi@users.noreply.github.com>
 2026-02-07 12:31:29 +01:00
Hadi baa1ce858d add more icons lib 
Signed-off-by: Hadi <112569860+anotherhadi@users.noreply.github.com>
 2026-02-07 12:31:06 +01:00
Hadi f32ea27565 fix icons 
Signed-off-by: Hadi <112569860+anotherhadi@users.noreply.github.com>
 2026-02-07 12:22:37 +01:00
Hadi b657e5a891 New mono font 
Signed-off-by: Hadi <112569860+anotherhadi@users.noreply.github.com>
 2026-02-07 12:22:25 +01:00
pph 48f3f3170b change ssh config 
Signed-off-by: pph <pph@pph.pph>
 2026-02-05 22:01:22 +01:00
pph 87778bd3fa init new host 
Signed-off-by: pph <pph@pph.pph>
 2026-02-05 19:57:56 +01:00
Hadi 5736c8ccf2 jellyfin on gpu 
Signed-off-by: Hadi <112569860+anotherhadi@users.noreply.github.com>
 2026-02-01 18:22:18 +01:00
Hadi 31031447ce glance rewrite 
Signed-off-by: Hadi <112569860+anotherhadi@users.noreply.github.com>
 2026-02-01 18:22:08 +01:00
Hadi 4fb4058dca Merge branch 'main' of github.com:anotherhadi/nixy 2026-02-01 18:21:43 +01:00
Hadi 33b3ef66f2 update 
Signed-off-by: Hadi <112569860+anotherhadi@users.noreply.github.com>
 2026-01-30 16:49:58 +01:00
Hadi 52ee08e13b Firewall allow port 53: DNS requests 
Signed-off-by: Hadi <112569860+anotherhadi@users.noreply.github.com>
 2026-01-15 18:48:18 +01:00
Hadi 8c4b9340b6 add comments 
Signed-off-by: Hadi <112569860+anotherhadi@users.noreply.github.com>
 2026-01-13 20:30:49 +01:00
Hadi a1d57253f0 Merge branch 'main' of github.com:anotherhadi/nixy 2026-01-13 20:26:06 +01:00
Hadi 6e21914113 +mazanoke 
Signed-off-by: Hadi <112569860+anotherhadi@users.noreply.github.com>
 2026-01-13 20:25:57 +01:00
Hadi 7acddfafa1 Update flake 
Signed-off-by: Hadi <112569860+anotherhadi@users.noreply.github.com>
 2026-01-10 15:23:28 +01:00
Hadi 9fb4072893 add unrar & 7z to utils 
Signed-off-by: Hadi <112569860+anotherhadi@users.noreply.github.com>
 2026-01-07 22:33:12 +01:00
Hadi fd644671af Server update 
Signed-off-by: Hadi <112569860+anotherhadi@users.noreply.github.com>
 2026-01-06 17:24:21 +01:00
Hadi bfb7c2f4e0 -tailscale 
Signed-off-by: Hadi <112569860+anotherhadi@users.noreply.github.com>
 2026-01-06 16:53:35 +01:00
Hadi 22b5aa9797 change ssh config 
Signed-off-by: Hadi <112569860+anotherhadi@users.noreply.github.com>
 2026-01-06 16:53:30 +01:00
Hadi 4ac3945174 Vivaldi->Brave 
Signed-off-by: Hadi <112569860+anotherhadi@users.noreply.github.com>
 2026-01-06 16:53:23 +01:00
Hadi d3cdc25481 Merge branch 'main' of github.com:anotherhadi/nixy 2026-01-04 00:40:14 +01:00
Hadi 6a0b3418a7 update 
Signed-off-by: Hadi <112569860+anotherhadi@users.noreply.github.com>
 2026-01-04 00:40:10 +01:00
Hadi f2c2540cd4 Merge branch 'main' of github.com:anotherhadi/nixy 2026-01-04 00:28:28 +01:00
Hadi 223f785c3a auto start vpn 
Signed-off-by: Hadi <112569860+anotherhadi@users.noreply.github.com>
 2026-01-04 00:28:20 +01:00
Hadi 81ab17fed7 go back to brave 
Signed-off-by: Hadi <112569860+anotherhadi@users.noreply.github.com>
 2026-01-04 00:28:13 +01:00
Hadi 8f16767240 add cloudflared 
Signed-off-by: Hadi <112569860+anotherhadi@users.noreply.github.com>
 2026-01-04 00:11:37 +01:00
116 changed files with 4578 additions and 1918 deletions
Expand all files Collapse all files
.github/assets/README_template.md
+11 -1
View File
@@ -1,5 +1,5 @@
<div align="center">
<img alt="nixy logo" src="https://raw.githubusercontent.com/anotherhadi/nixy/main/.github/assets/logo.png" width="120px" />
<img alt="nixy logo" src="./.github/assets/logo.png" width="120px" />
</div>
<br>
@@ -119,6 +119,16 @@ sudo nixos-rebuild switch --flake ~/.config/nixos#yourhostname
- [THEMES](docs/THEMES.md): How themes work and how to create your own
- [WALLPAPERS](https://github.com/anotherhadi/awesome-wallpapers): An awesome
collection of wallpapers
- [NEOVIM](docs/NEOVIM.md): How to use the Neovim config in your own flake
- [GROUPS](docs/GROUPS.md): Reusable package groups (dev, cybersecurity)
- [CONTRIBUTING](docs/CONTRIBUTING.md): How to contribute
- [LICENSE](LICENSE): MIT License
---
<div align="center">
<a href="https://github.com/anotherhadi/nixy">github</a> |
<a href="https://gitlab.com/anotherhadi_mirror/nixy">gitlab (mirror)</a> |
<a href="https://git.hadi.icu/anotherhadi/nixy">gitea (mirror)</a>
</div
.github/assets/large.png → .github/assets/banner.png
View File
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 412 KiB

After

Width:  |  Height:  |  Size: 412 KiB

.gitignore
+1
View File
@@ -1,2 +1,3 @@
.sops.yaml
.claude/
old/
README.md
+11 -1
View File
@@ -1,6 +1,6 @@
[//]: # (This file is autogenerated)
<div align="center">
<img alt="nixy logo" src="https://raw.githubusercontent.com/anotherhadi/nixy/main/.github/assets/logo.png" width="120px" />
<img alt="nixy logo" src="./.github/assets/logo.png" width="120px" />
</div>
<br>
@@ -129,6 +129,16 @@ sudo nixos-rebuild switch --flake ~/.config/nixos#yourhostname
- [THEMES](docs/THEMES.md): How themes work and how to create your own
- [WALLPAPERS](https://github.com/anotherhadi/awesome-wallpapers): An awesome
collection of wallpapers
- [NEOVIM](docs/NEOVIM.md): How to use the Neovim config in your own flake
- [GROUPS](docs/GROUPS.md): Reusable package groups (dev, cybersecurity)
- [CONTRIBUTING](docs/CONTRIBUTING.md): How to contribute
- [LICENSE](LICENSE): MIT License
---
<div align="center">
<a href="https://github.com/anotherhadi/nixy">github</a> |
<a href="https://gitlab.com/anotherhadi_mirror/nixy">gitlab (mirror)</a> |
<a href="https://git.hadi.icu/anotherhadi/nixy">gitea (mirror)</a>
</div
docs/GROUPS.md
+44
View File
@@ -0,0 +1,44 @@
# Groups
Groups are curated sets of packages exposed as flake outputs. Each group has two forms:
- **`homeManagerModules.<group>`** — full home-manager module (packages + files + systemd units)
- **`packages.<group>`** — standalone environment for `nix shell` (packages only)
## Available groups
- dev (go, bun, air, ...)
- cybersecurity (nmap, john, dirb, ffuf, ...)
For the Cybersecurity group, the home-manager module also sets up:
- `~/Cyber/wordlists/` with SecLists, fuzz4bounty, and hashcat rules
- `~/Cyber/tmp/` as a temporary workspace
## Use in another flake
Add this repo as an input:
```nix
inputs.nixy.url = "github:anotherhadi/nixy";
```
Import the home-manager module in your home configuration:
```nix
{ inputs, ... }: {
imports = [
inputs.nixy.homeManagerModules.cybersecurity
# inputs.nixy.homeManagerModules.dev
];
}
```
## Quick shell without installing
```sh
nix shell github:anotherhadi/nixy#cybersecurity
nix shell github:anotherhadi/nixy#dev
```
This drops you into a shell with all tools in `PATH`. No home-manager required, no wordlists or systemd units.
docs/NEOVIM.md
+46
View File
@@ -0,0 +1,46 @@
# Neovim
The Neovim configuration is built with [nvf](https://github.com/notashelf/nvf) and exposed as a standalone flake output.
It can be used in three ways: run it directly, import it into another flake's home-manager setup, or use it as part of this config.
## Run directly
No installation needed:
```sh
nix run github:anotherhadi/nixy#nvim
```
## Use in another flake
Add this repo as an input:
```nix
inputs.nixy.url = "github:anotherhadi/nixy";
```
Then import the home-manager module in your home configuration:
```nix
{ inputs, ... }: {
imports = [
inputs.nixy.inputs.nvf.homeManagerModules.default
inputs.nixy.homeManagerModules.nvim
];
}
```
> [!NOTE]
> The `nvf` home-manager module is required. It is re-exported via `inputs.nixy.inputs.nvf` so you don't need to declare it separately in your own flake.
## What's included
| File | Description |
| --------------- | ---------------------------------------------------------------------- |
| `options.nix` | Core settings: theme (catppuccin mocha), clipboard, indentation, folds |
| `languages.nix` | LSP, treesitter, formatters, diagnostics, and per-language config |
| `keymaps.nix` | All key mappings (leader: `space`) |
| `picker.nix` | Snacks picker + oil.nvim |
| `snacks.nix` | Snacks extras: image preview, zen mode, git signs, statuscolumn |
| `utils.nix` | Bufferline, lualine, copilot, lazygit, toggleterm, autocomplete |
| `mini.nix` | Mini.nvim suite: pairs, comment, icons, indentscope, diff, git |
docs/SERVER.md
+12 -36
View File
@@ -1,53 +1,29 @@
# SERVER
> Update in comming. Early 2026
## Overview
This document describes the architecture and setup of the self-hosted **NixOS server**, which is securely accessible via **Tailscale**. The server is designed for private, secure, and easily manageable self-hosting of various services.
This document describes the architecture and setup of the self-hosted **NixOS server**, which is securely accessible via **a Cloudflare Tunnel**.
The server is designed for private, secure, and easily manageable self-hosting of various services.
![server dashboard](../.github/assets/server_dashboard.png)
## **Why This Setup?**
- **Private & Secure**: Services are only accessible through Tailscale, preventing exposure to the public internet.
- **Domain-based Access**: A custom domain (`example.org`) maps to the server's Tailscale IP, making service access simple and consistent.
- **Automatic SSL Certificates**: Using DNS-01 challenges, valid SSL certificates are generated even though the services are not publicly exposed.
- **Modular & Declarative**: Everything is managed through NixOS modules, ensuring reproducibility and easy configuration.
- **Private & Secure**: Services are only accessible through Cloudflare's access control, preventing exposure to the "public internet".
- **Domain-based Access**: A custom domain maps to the server's tunnel, making service access simple and consistent.
- **Modular & Declarative**: Everything is managed through NixOS modules (except for access control), ensuring reproducibility and easy configuration.
## **Self-Hosted Services**
The server hosts several key applications:
### **Core Infrastructure**
- **NGINX**: Reverse proxy for routing traffic to services via `example.org`.
### **Networking & Security**
- **NGINX**: Reverse proxy for routing traffic to services via my domain name.
- **AdGuard Home**: A self-hosted DNS ad blocker for network-wide ad and tracker filtering.
### **Monitoring & Storage**
- **Glance**: An awesome dashboard! (See the screenshot above)
### **Media & Content Management**
- **Arr Stack (Radarr, Sonarr, etc.)**: Automated media management tools for handling movies and TV shows. (legaly ofc)
## **How It Works**
1. **Domain Configuration**
- `example.org` is pointed to the Tailscale IP of the server. (cloudflare A record, not proxied)
- This allows for easy access without exposing services to the internet.
2. **SSL Certificate Generation**
- Certificates are obtained using a **DNS-01 challenge**, verifying domain ownership without requiring public access.
3. **NGINX Reverse Proxy**
- Routes incoming requests from `*.example.org` to the correct internal service.
- Ensures SSL termination and secure connections.
4. **Access Control**
- Only devices within the Tailscale network can reach the services.
- Firewall rules restrict access further based on necessity.
- **Mealie**: A self-hosted recipe manager and meal planner with a clean user interface.
- **Stirling-PDF**: A powerful, locally hosted web application for editing, merging, and converting PDF files.
- **CyberChef**: The "Cyber Swiss Army Knife" for data analysis, decoding, and encryption tasks.
- **Mazanoke**: A utility service for image processing, specialized in format conversion and downgrading/optimization.
- **SSH**: Secure remote access configuration for server management. (via browser too)
- **Security related stuff**: Cloudflared, Fail2Ban, Firewall
docs/THEMES.md
+3 -3
View File
@@ -12,6 +12,6 @@ Wallpapers are loaded from the [hadi's awesome-wallpapers](https://github.com/an
### Rose-pine
![Home](.github/assets/rose-pine/home.png)
![Flake & Spotify](.github/assets/rose-pine/flake-spotify.png)
![Browser and notification center](.github/assets/rose-pine/browser-and-notifications.png)
![Home](../.github/assets/rose-pine/home.png)
![Flake & Spotify](../.github/assets/rose-pine/flake-spotify.png)
![Browser and notification center](../.github/assets/rose-pine/browser-and-notifications.png)
flake.lock
Generated
+863 -300
View File
File diff suppressed because it is too large Load Diff
flake.nix
+62 -34
View File
@@ -7,13 +7,18 @@
inputs = {
nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable";
nixpkgs-stable.url = "github:nixos/nixpkgs/nixos-25.05";
nixpkgs-stable.url = "github:nixos/nixpkgs/nixos-25.11";
nixos-hardware.url = "github:NixOS/nixos-hardware/master";
hyprland.url = "git+https://github.com/hyprwm/Hyprland?submodules=1";
stylix.url = "github:danth/stylix";
nixcord.url = "github:kaylorben/nixcord";
sops-nix.url = "github:Mic92/sops-nix";
nvf.url = "github:notashelf/nvf";
bun2nix.url = "github:nix-community/bun2nix";
nix-index-database = {
url = "github:nix-community/nix-index-database";
inputs.nixpkgs.follows = "nixpkgs";
};
home-manager = {
url = "github:nix-community/home-manager";
inputs.nixpkgs.follows = "nixpkgs";
@@ -31,40 +36,63 @@
inputs.nixpkgs.follows = "nixpkgs";
};
# Server
eleakxir.url = "github:anotherhadi/eleakxir";
# FIXME: Deleted repo for now
# eleakxir.url = "github:anotherhadi/eleakxir";
nixarr.url = "github:rasmus-kirk/nixarr";
};
default-creds.url = "github:anotherhadi/default-creds";
blog.url = "github:anotherhadi/blog";
awesome-wallpapers.url = "github:anotherhadi/awesome-wallpapers";
iknowyou.url = "github:anotherhadi/iknowyou";
outputs = inputs @ {nixpkgs, ...}: {
nixosConfigurations = {
nixy =
# CHANGEME: This should match the 'hostname' in your variables.nix file
nixpkgs.lib.nixosSystem {
modules = [
{
nixpkgs.overlays = [];
_module.args = {
inherit inputs;
};
}
inputs.nixos-hardware.nixosModules.omen-16-n0005ne # CHANGEME: check https://github.com/NixOS/nixos-hardware
inputs.home-manager.nixosModules.home-manager
inputs.stylix.nixosModules.stylix
./hosts/laptop/configuration.nix # CHANGEME: change the path to match your host folder
];
};
# Jack is my server
jack = nixpkgs.lib.nixosSystem {
modules = [
{_module.args = {inherit inputs;};}
inputs.home-manager.nixosModules.home-manager
inputs.stylix.nixosModules.stylix
inputs.sops-nix.nixosModules.sops
inputs.nixarr.nixosModules.default
inputs.eleakxir.nixosModules.eleakxir
./hosts/server/configuration.nix
];
};
# Qutebrowser userscripts (greasemonkey)
qs-return-youtube-dislike = {
url = "https://update.greasyfork.org/scripts/436115/Return%20YouTube%20Dislike.user.js";
flake = false;
};
qs-sponsorblock-lite = {
url = "https://update.greasyfork.org/scripts/560869/SponsorBlock%20Lite.user.js";
flake = false;
};
qs-dont-track-me-google = {
url = "https://update.greasyfork.org/scripts/428243/Don%27t%20track%20me%20Google.user.js";
flake = false;
};
qs-i-dont-care-about-cookies = {
url = "https://update.greasyfork.org/scripts/522645/I%20don%27t%20care%20about%20cookies.user.js";
flake = false;
};
qs-tracking-token-stripper = {
url = "https://github.com/doggy8088/TrackingTokenStripper/raw/refs/heads/master/TrackingTokenStripper.user.js";
flake = false;
};
qs-bypass-paywalls-clean = {
url = "https://gitflic.ru/project/magnolia1234/bypass-paywalls-clean-filters/blob/raw?file=userscript/bpc.en.user.js";
flake = false;
};
qs-anti-adblock-fuckoff = {
url = "https://update.greasyfork.org/scripts/397070/Anti-AdBlocker%20Fuckoff.user.js";
flake = false;
};
};
outputs = inputs @ {nixpkgs, nixpkgs-stable, ...}: let
system = "x86_64-linux";
args = {
inherit inputs nixpkgs system;
pkgs = nixpkgs.legacyPackages.${system};
pkgs-stable = nixpkgs-stable.legacyPackages.${system};
};
merge = nixpkgs.lib.foldl nixpkgs.lib.recursiveUpdate {};
in
merge [
(import ./home/programs/nvf/flake.nix args)
(import ./home/programs/group/flake.nix args)
{
nixosConfigurations = {
h-laptop = import ./hosts/laptop/flake.nix args;
h-work = import ./hosts/work/flake.nix args;
jack = import ./hosts/server/flake.nix args;
};
}
];
}
home/programs/brave/default.nix
+78
View File
@@ -0,0 +1,78 @@
{
programs.brave = {
enable = true;
commandLineArgs = [
# Wayland Native
"--enable-features=UseOzonePlatform"
"--ozone-platform=wayland"
# Hardware Acceleration (NVIDIA optimized)
"--enable-accelerated-video-decode"
"--enable-gpu-rasterization"
"--enable-zero-copy"
"--ignore-gpu-blocklist"
# Performance
"--enable-features=VaapiVideoDecoder"
"--enable-features=VaapiVideoEncoder"
"--enable-features=CanvasOopRasterization"
"--disable-features=UseChromeOSDirectVideoDecoder"
# Privacy & Security
"--disable-features=MediaRouter" # Disable Chromecast
"--disable-features=OptimizationHints" # No Google suggestions
"--disable-features=AutofillSavePaymentMethods"
"--disable-background-networking" # No telemetry
"--disable-sync" # Manual sync control
# Wayland-specific fixes
"--disable-features=WaylandWpColorManagerV1" # Color management fix
# UI/UX
"--force-dark-mode" # Match Stylix theme
"--enable-features=WebUIDarkMode"
"--no-default-browser-check"
];
extensions = let
ids = [
];
in
map (id: {inherit id;}) ids;
};
xdg.configFile."BraveSoftware/Brave-Browser/Policies/managed/policy.json".text = builtins.toJSON {
BraveShieldsAdControl = 2;
BraveShieldsTrackersBlocked = 1;
BraveShieldsHttpsEverywhere = 1;
BraveRewardsDisabled = 1;
BraveWalletDisabled = 1;
BraveVPNDisabled = 1;
BraveAIChatEnabled = 0;
PasswordManagerEnabled = 0;
BravePlaylistEnabled = 0;
BraveWebDiscoveryEnabled = 0;
BraveStatsPingEnabled = 0;
DnsOverHttpsMode = "automatic";
BraveDarkMode = 1;
};
xdg.desktopEntries = {
brave-incognito = {
name = "Brave (Private window)";
genericName = "Navigateur Web";
exec = "brave --incognito";
icon = "brave-browser";
terminal = false;
categories = ["Network" "WebBrowser"];
mimeType = ["text/html" "text/xml"];
};
brave-tor = {
name = "Brave (Private window w/Tor)";
genericName = "Navigateur Web";
exec = "brave --tor";
icon = "brave-browser";
terminal = false;
categories = ["Network" "WebBrowser"];
};
};
}
home/programs/discord/default.nix
-9
View File
@@ -1,9 +0,0 @@
# Discord is a popular chat application.
{inputs, ...}: {
imports = [inputs.nixcord.homeModules.nixcord];
programs.nixcord = {
enable = true;
config = {frameless = true;};
};
}
home/programs/fetch/default.nix
-2
View File
@@ -1,2 +0,0 @@
# Import all fetch scripts
{imports = [./neofetch ./nerdfetch];}
home/programs/fetch/neofetch/default.nix
-148
View File
@@ -1,148 +0,0 @@
# Legacy
{pkgs, ...}: {
home.packages = with pkgs; [neofetch];
xdg.configFile."neofetch/ascii.txt".text = ''
''${c6}
'';
xdg.configFile."neofetch/config.conf".text = ''
# From: https://github.com/Chick2D/neofetch-themes/
# Made by https://github.com/Dan1jel
print_info() {
prin "\n"
info "\n \n OS" distro
info "\n \n Host" model
info "\n \n Kernel" kernel
info "\n \n Uptime" uptime
info "\n \n Packages" packages
info "\n \n Shell" shell
info "\n \n Resolution" resolution
info "\n \n DE" de
info "\n \n WM" wm
info "\n \n WM Theme" wm_theme
info "\n \n Theme" theme
info "\n \n Icons" icons
info "\n \n Terminal" term
info "\n \n Terminal Font" term_font
info "\n \n CPU" cpu
info "\n \n GPU" gpu
info "\n \n Memory" memory
info "\n \n Disk" disk
info "\n \n Battery" battery
info "\n \n Font" font
info "\n \n Song" song
[[ "$player" ]] && prin "\n \n Music Player" "$player"
info "\n \n Local IP" local_ip
prin "\n"
# prin "\n \n ''${cl0}''${cl1}''${cl2}''${cl3}''${cl4}''${cl5}''${cl6}''${cl7}"
prin "\n \n \n \n \n \n ''${cl0} \n \n ''${cl1} \n \n ''${cl2} \n \n ''${cl3} \n \n ''${cl4} \n \n ''${cl5} \n \n ''${cl6} \n \n ''${cl7}"
}
reset="\033[0m"
gray="\033[1;90m"
red="\033[1;31m"
green="\033[1;32m"
yellow="\033[1;33m"
blue="\033[1;34m"
magenta="\033[1;35m"
cyan="\033[1;36m"
white="\033[1;37m"
cl0="''${gray}"
cl1="''${red}"
cl2="''${green}"
cl3="''${yellow}"
cl4="''${blue}"
cl5="''${magenta}"
cl6="''${cyan}"
cl7="''${white}"
title_fqdn="off"
kernel_shorthand="on"
distro_shorthand="off"
os_arch="off"
uptime_shorthand="on"
memory_percent="off"
memory_unit="mib"
package_managers="on"
shell_path="off"
shell_version="on"
speed_type="bios_limit"
speed_shorthand="off"
cpu_brand="on"
cpu_speed="on"
cpu_cores="logical"
cpu_temp="off"
gpu_brand="on"
gpu_type="all"
refresh_rate="off"
gtk_shorthand="off"
gtk2="on"
gtk3="on"
de_version="on"
disk_show=('/storage/emulated' '/' '/server')
disk_subtitle="none"
disk_percent="on"
music_player="auto"
song_format="%artist% - %album% - %title%"
song_shorthand="off"
mpc_args=()
bold="on"
underline_enabled="on"
underline_char="-"
separator=":"
block_range=(0 15)
color_blocks="on"
block_width=3
block_height=1
col_offset="auto"
bar_char_elapsed="-"
bar_char_total="="
bar_border="on"
bar_length=15
bar_color_elapsed="distro"
bar_color_total="distro"
cpu_display="off"
memory_display="off"
battery_display="off"
disk_display="off"
image_backend="ascii"
image_source="$HOME/.config/neofetch/ascii.txt"
ascii_distro="auto"
ascii_colors=(distro)
ascii_bold="on"
image_loop="off"
thumbnail_dir="''${XDG_CACHE_HOME:-''${HOME}/.cache}/thumbnails/neofetch"
crop_mode="normal"
crop_offset="center"
image_size="auto"
gap=2
yoffset=0
xoffset=0
background_color=
stdout="off"
'';
}
home/programs/fetch/nerdfetch/default.nix
-367
View File
@@ -1,367 +0,0 @@
# Nerdfetch, a simple system info script written in bash
# Source: https://github.com/ThatOneCalculator/NerdFetch
{pkgs, ...}: let
nerdfetch = pkgs.writeShellScriptBin "nerdfetch" ''
ostype="$(uname)"
version=8.1.1
font=nerd
distrotype=none
osi=""
ki=""
ri="󰍛"
pi="󰏔"
ui="󰅶"
ci=""
case $1 in
"-p")
font=phosphor
osi=""
ki=""
ri=""
pi=""
ui=""
ci=""
;;
"-c")
font=cozette
ki=""
ri=""
pi=""
ui=""
ci=""
;;
"-e")
font=emoji
osi="🐧"
ki="💓"
ri="🐐"
pi="📦"
ui=""
ci="🎨"
;;
"-v")
echo "NerdFetch $version"
exit
;;
"-h")
echo "Flags:
-c: Cozette font
-p: Phosphor font
-e: Emoji font
-v: Version"
exit
;;
esac
if command -v getprop 1>/dev/null; then
distrotype=android
fi
kernel="$(echo $(uname -r) | cut -d'-' -f1-1)"
case $ostype in
*"Linux"*)
if [ $distrotype = android ]; then
host="$(hostname)"
USER="$(whoami)"
os="Android $(getprop ro.build.version.release)"
case $font in
phosphor) osi="" ;;
emoji) osi="🤖" ;;
*) osi="󰀲" ;;
esac
else
host="$(cat /proc/sys/kernel/hostname)"
. /etc/os-release
if [ -f /bedrock/etc/bedrock-release ]; then
os="$(brl version)"
else
os="''${PRETTY_NAME}"
if [ $font = nerd ]; then
case $(echo $ID | sed 's/ .*//') in
debian) osi="" ;;
arch) osi="󰣇" ;;
endeavouros) osi="" ;;
fedora) osi="" ;;
gentoo) osi="" ;;
rhel) osi="" ;;
slackware) osi="" ;;
void) osi="" ;;
alpine) osi="" ;;
nixos) osi="󱄅" ;;
artix) osi="" ;;
exherbo) osi="󰆚" ;;
mageia) osi="" ;;
manjaro) osi="" ;;
opensuse) osi="" ;;
solus) osi="" ;;
ubuntu) osi="" ;;
mint) osi="󰣭" ;;
trisquel) osi="" ;;
puppy) osi="" ;;
coreos) osi="" ;;
mx) osi="" ;;
vanilla) osi="" ;;
pop_os) osi="" ;;
raspbian) osi="" ;;
deepin) osi="" ;;
almalinux) osi="" ;;
garuda) osi="" ;;
centos) osi="" ;;
rocky) osi="" ;;
esac
elif [ $font = cozette ]; then
case $(echo $ID | sed 's/ .*//') in
debian) osi="" ;;
arch) osi="" ;;
fedora) osi="" ;;
gentoo) osi="" ;;
slackware) osi="" ;;
void) osi="" ;;
alpine) osi="" ;;
nixos) osi="" ;;
mageia) osi="" ;;
manjaro) osi="" ;;
opensuse) osi="" ;;
ubuntu) osi="" ;;
mint) osi="" ;;
coreos) osi="" ;;
centos) osi="" ;;
esac
fi
fi
fi
shell=$(basename "$SHELL")
;;
*"Darwin"*)
host="$(hostname -f | sed -e 's/^[^.]*\.//')"
mac_product="$(/usr/libexec/PlistBuddy -c "Print:ProductName" /System/Library/CoreServices/SystemVersion.plist)"
mac_version="$(/usr/libexec/PlistBuddy -c "Print:ProductVersion" /System/Library/CoreServices/SystemVersion.plist)"
os="''${mac_product} ''${mac_version}"
case $font in
nerd) osi="" ;;
phosphor) osi="" ;;
cozette) osi="" ;;
emoji) osi="🍎" ;;
esac
;;
*"FreeBSD"*)
host="$(hostname)"
distrotype=bsd
os="FreeBSD $(freebsd-version | sed 's/-.*//')"
case $font in
nerd) osi="" ;;
phosphor) osi="" ;;
cozette) osi="" ;;
emoji) osi="😈" ;;
esac
;;
*"OpenBSD"*)
host="$(hostname)"
distrotype=bsd
os="OpenBSD $(uname -r)"
case $font in
nerd) osi="" ;;
phosphor) osi="" ;;
cozette) osi="" ;;
emoji) osi="🐡" ;;
esac
;;
*"NetBSD"*)
host="$(hostname)"
distrotype=netbsd
os="NetBSD $(uname -r)"
case $font in
nerd) osi="󰉀" ;;
phosphor) osi="" ;;
cozette) osi="" ;;
emoji) osi="🚩" ;;
esac
;;
*)
os="Unix-like"
host="host"
;;
esac
## PACKAGE MANAGER AND PACKAGES DETECTION
MANAGER=$(which nix-env pkg flatpak yum zypper dnf rpm dpkg-query brew port pacman xbps-query emerge cave apk kiss pmm /usr/sbin/slackpkg bulge birb yay paru pacstall cpm pmm eopkg getprop 2>/dev/null)
manager=$(basename "$MANAGER")
if [ $distrotype = netbsd ]; then
manager="pkg_info-netbsd"
fi
case $manager in
cpm) packages="$(cpm C)" ;;
flatpak) packages="$(flatpak list --app | wc -l)" ;;
brew) packages="$(printf '%s\n' "$(brew --cellar)/"* | wc -l)" ;;
port) packages="$(port installed | wc -l)" ;;
dpkg-query) packages="$(dpkg-query -f '${"binary:Package"}\n' -W | wc -l)" ;;
rpm) packages="$(rpm -qa --last | wc -l)" ;;
yum) packages="$(yum list installed | wc -l)" ;;
dnf) packages="$(dnf list installed | wc -l)" ;;
zypper) packages="$(zypper se | wc -l)" ;;
pacman) packages="$(pacman -Q | wc -l)" ;;
yay) packages="$(yay -Q | wc -l)" ;;
paru) packages="$(paru -Q | wc -l)" ;;
pacstall) packages="$(pacstall -L | wc -l)" ;;
kiss) packages="$(kiss list | wc -l)" ;;
emerge) packages="$(qlist -I | wc -l)" ;;
pkg) packages="$(pkg info | wc -l | tr -d ' ')" ;;
cave) packages="$(cave show installed-slots | wc -l)" ;;
xbps-query) packages="$(xbps-query -l | wc -l)" ;;
nix-env) packages="$(nix-store -q --requisites /run/current-system/sw | wc -l)" ;;
apk) packages="$(apk list --installed | wc -l)" ;;
pmm) packages="$(/bedrock/libexec/pmm pacman pmm -Q 2>/dev/null | wc -l)" ;;
eopkg) packages="$(eopkg li | wc -l)" ;;
/usr/sbin/slackpkg) packages="$(ls /var/log/packages | wc -l)" ;;
bulge) packages="$(bulge list | wc -l)" ;;
birb) packages="$(birb --list-installed | wc -l)" ;;
pkg_info)
packages="$(pkg_info -A | wc -l)"
manager="pkg"
;;
pkg_info-netbsd)
packages="$(pkg_info -a | wc -l)"
manager="pkg"
;;
*)
if [ $distrotype = android ]; then
packages="$(dpkg-query -f '${"binary:Package"}\n' -W | wc -l)"
manager="dpkg"
else
packages="$(ls /usr/bin | wc -l)"
manager="bin"
fi
;;
esac
packages="''${packages#"''${packages%%[![:space:]]*}"}"
manager=$(echo $manager | sed "s/-query//; s/\/usr\/.*\///")
## UPTIME DETECTION
if [ $distrotype = android ]; then
uptime="$(echo $(uptime -p) | cut -c 4-)"
elif [ $distrotype = bsd ] || [ $distrotype = netbsd ]; then
uptime="$(uptime | sed -e 's/.* up //; s/, [0-9]* user.*//')"
else
case $ostype in
*"Linux"*)
IFS=. read -r s _ </proc/uptime
;;
*)
s=$(sysctl -n kern.boottime)
s=''${s#*=}
s=''${s%,*}
s=$(($(date +%s) - s))
;;
esac
d="$((s / 60 / 60 / 24))"
h="$((s / 60 / 60 % 24))"
m="$((s / 60 % 60))"
# Plurals
[ "$d" -gt 1 ] && dp=s
[ "$h" -gt 1 ] && hp=s
[ "$m" -gt 1 ] && mp=s
[ "$s" -gt 1 ] && sp=s
# Hide empty fields.
[ "$d" = 0 ] && d=
[ "$h" = 0 ] && h=
[ "$m" = 0 ] && m=
[ "$m" != "" ] && s=
# Make the output of uptime smaller.
[ "$d" ] && uptime="$d day$dp, "
[ "$h" ] && uptime="$uptime$h hour$hp, "
[ "$m" ] && uptime="$uptime$m min$mp"
[ "$s" ] && uptime="$uptime$s sec$sp"
uptime=''${uptime%, }
fi
## RAM DETECTION
case $ostype in
*"Linux"*)
while IFS=':k ' read -r key val _; do
case $key in
MemTotal)
mem_used=$((mem_used + val))
mem_full=$val
;;
Shmem) mem_used=$((mem_used + val)) ;;
MemFree | Buffers | Cached | SReclaimable) mem_used=$((mem_used - val)) ;;
esac
done </proc/meminfo
mem_used=$((mem_used / 1024))
mem_full=$((mem_full / 1024))
;;
*"Darwin"*)
mem_full=$(($(sysctl -n hw.memsize) / 1024 / 1024))
while IFS=:. read -r key val; do
case $key in
*' wired'* | *' active'* | *' occupied'*)
mem_used=$((mem_used + ${"val:-0"}))
;;
esac
done <-EOF
$(vm_stat)
EOF
mem_used=$((mem_used * 4 / 1024))
;;
*"BSD"*)
mem_full=$(($(sysctl -n hw.physmem) / 1024 / 1024))
if [ $distrotype = netbsd ]; then
mem_free=$(($(vmstat | awk 'NR==3 {print $4}') / 1024))
else
mem_free=$(($(sysctl -n vm.stats.vm.v_free_count) * $(sysctl -n vm.stats.vm.v_page_size) / 1024 / 1024))
fi
mem_used=$((mem_full - mem_free))
;;
*)
mem_full=1
mem_used=0
;;
esac
memstat="''${mem_used}/''${mem_full} MiB"
if which expr >/dev/null 2>&1; then
mempercent="($(expr $(expr ''${mem_used} \* 100 / ''${mem_full}))%)"
fi
## DEFINE COLORS
bold=''
black=''
red=''
green=''
yellow=''
blue=''
magenta=''
cyan=''
white=''
grey=''
reset=''
## USER VARIABLES -- YOU CAN CHANGE THESE
lc="$reset$bold$magenta" # labels
nc="$reset$bold$magenta" # labels
hn="$reset$bold$magenta" # labels
ic="$reset$white" # info
c0="$reset$grey" # first color
c1="$reset$white" # second color
c2="$reset$yellow" # third color
## OUTPUT
echo """
''${c0} ___ ''${nc}''${USER}''${grey}@''${reset}''${hn}''${host}''${reset}
''${c0} (''${c1}.. ''${c0}\ ''${lc}''${osi} ''${ic}''${os}''${reset}
''${c0} (''${c2}<> ''${c0}| ''${lc}''${ki} ''${ic}''${kernel}''${reset}
''${c0} /''${c1}/ \\ ''${c0}\\ ''${lc}''${ri} ''${ic}''${RAM}''${memstat} ''${mempercent}
''${c0} ( ''${c1}| | ''${c0}/| ''${lc}''${pi} ''${ic}''${packages} (''${manager})''${reset}
''${c2} _''${c0}/\\ ''${c1}__)''${c0}/''${c2}_''${c0}) ''${lc}''${ui} ''${ic}''${uptime}''${reset}
''${c2} \/''${c0}-____''${c2}\/''${reset} ''${lc}''${ci} ''${red}''${green}''${yellow}''${blue}''${magenta}''${cyan}''${reset}
"""
'';
in {home.packages = [nerdfetch];}
home/programs/ghostty/default.nix
+13 -3
View File
@@ -1,19 +1,29 @@
{
home.sessionVariables = {
TERMINAL = "ghostty";
TERM = "ghostty";
};
programs.ghostty = {
enable = true;
installVimSyntax = true;
enableZshIntegration = true;
settings = {
window-padding-x = 10;
confirm-close-surface = false;
window-padding-y = 10;
clipboard-read = "allow";
clipboard-write = "allow";
copy-on-select = "clipboard";
app-notifications = false;
keybind = [
"ctrl+j=goto_split:left"
"ctrl+i=goto_split:up"
"ctrl+k=goto_split:down"
"ctrl+l=goto_split:right"
"shift+ctrl+j=new_split:left"
"shift+ctrl+i=new_split:up"
"shift+ctrl+k=new_split:down"
"shift+ctrl+h=new_split:left"
"shift+ctrl+j=new_split:down"
"shift+ctrl+k=new_split:up"
"shift+ctrl+l=new_split:right"
"shift+ctrl+tab=new_tab"
];
home/programs/git/signing.nix
+8 -5
View File
@@ -3,10 +3,13 @@
# CHANGEME: change this to your own SSH key.
home.file.".ssh/allowed_signers".text = "* ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIINhWby7lUUXQNKbRu9/UOrGjWDf3fvoAwGHomWv/+lL";
programs.git.settings = {
commit.gpgsign = true;
gpg.ssh.allowedSignersFile = "~/.ssh/allowed_signers";
gpg.format = "ssh";
user.signingkey = "~/.ssh/key.pub";
programs.git = {
signing.format = "openpgp";
settings = {
commit.gpgsign = true;
gpg.ssh.allowedSignersFile = "~/.ssh/allowed_signers";
gpg.format = "ssh";
user.signingkey = "~/.ssh/key.pub";
};
};
}
home/programs/group/basic-apps.nix
+21
View File
@@ -0,0 +1,21 @@
{
pkgs,
pkgs-stable,
...
}: {
home.packages = with pkgs-stable; [
vlc # Video player
blanket # White-noise app
obsidian # Note taking app
textpieces # Manipulate texts
resources # Ressource monitor
gnome-clocks # Clocks app
gnome-text-editor # Basic graphic text editor
ticktick # Todo app
pinta # Image editor
onlyoffice-desktopeditors # Office suite
signal-desktop # Messaging app
element-desktop # Messaging app
];
}
home/programs/group/cybersecurity.nix
+65 -3
View File
@@ -1,15 +1,77 @@
{
pkgs-stable,
pkgs,
inputs,
...
}: {
home.packages = with pkgs; [
home.packages = with pkgs-stable; [
wireshark
nmap
john
hashcat
inputs.eleakxir.packages.${stdenv.hostPlatform.system}.leak-utils
metasploit
haiti
hydra
dnsrecon
whois
dig
nosqli
jwt-cli
nuclei
# Web
caido
nuclei
gobuster
dirb
ffuf
sqlmap
# Utils
inetutils
samba
openvpn
mariadb
redis
];
systemd.user.tmpfiles.rules = [
"d %h/Cyber/tmp 0755 - - -"
"d %h/Cyber/wordlists 0755 - - -"
"d %h/Cyber/wordlists/rules 0755 - - -"
];
home.file = {
"Cyber/wordlists/seclists" = {
source = pkgs.fetchFromGitHub {
owner = "danielmiessler";
repo = "SecLists";
rev = "47aa98053fce8670c6489e4f6fb57dc34881d8bd";
hash = "sha256-ojXLB/TXap1Qi0MtV5/WJlJpjNIDYx/sLY2KHm0uFKI=";
};
};
"Cyber/wordlists/fuzz4bounty" = {
source = pkgs.fetchFromGitHub {
owner = "0xPugal";
repo = "fuzz4bounty";
rev = "a805f6b434033f054312da0ddc2bc3021cc9a3b0";
hash = "sha256-wMhx1CcxIyw2E7gJXQxXAFc7m5nYt0FXNkoTZqFMQh4=";
};
};
# RULES
"Cyber/wordlists/rules/oneruletorulethemstill".source = pkgs.fetchFromGitHub {
owner = "stealthsploit";
repo = "oneruletorulethemstill";
rev = "4bfb7322e189305b5f35bb7fcd4e9cc233c3d3c6";
hash = "sha256-h7MeymIXS/6wlPRt4lzsIEqOOssP0lDx9nQip65cwZw=";
};
"Cyber/wordlists/rules/best64.rule" = {
source = pkgs.fetchurl {
url = "https://raw.githubusercontent.com/CarlosLannister/OwadeReborn/refs/heads/master/owade/fileAnalyze/hashcatLib/best64.rule%7E";
hash = "sha256-T0XkMHJZQiy63/j25nGTkaiDFjc+blmgEVGTAFgVylU=";
};
};
};
}
home/programs/group/dev.nix
+24
View File
@@ -0,0 +1,24 @@
{
pkgs,
pkgs-stable,
inputs,
...
}: {
home.packages =
(with pkgs; [
# Unstable: latest toolchain versions preferred for dev
go
bun
nodejs
air
duckdb
claude-code
inputs.bun2nix.packages.${stdenv.hostPlatform.system}.default
])
++ (with pkgs-stable; [
docker
python3
jq
just
]);
}
home/programs/group/flake.nix
+69
View File
@@ -0,0 +1,69 @@
{
inputs,
pkgs,
pkgs-stable,
system,
...
}: {
packages.${system} = {
dev = pkgs.buildEnv {
name = "dev-tools";
paths =
(with pkgs; [
go
bun
nodejs
air
duckdb
claude-code
inputs.bun2nix.packages.${system}.default
])
++ (with pkgs-stable; [
docker
python3
jq
just
]);
};
cybersecurity = pkgs.buildEnv {
name = "cybersecurity-tools";
paths = with pkgs-stable; [
wireshark
nmap
john
hashcat
metasploit
haiti
hydra
dnsrecon
whois
dig
nosqli
jwt-cli
nuclei
caido
gobuster
dirb
ffuf
sqlmap
inetutils
samba
openvpn
mariadb
redis
];
};
};
homeManagerModules = {
dev = {
_module.args.pkgs-stable = pkgs-stable;
imports = [./dev.nix];
};
cybersecurity = {
_module.args.pkgs-stable = pkgs-stable;
imports = [./cybersecurity.nix];
};
};
}
home/programs/group/misc.nix
+9
View File
@@ -0,0 +1,9 @@
{pkgs-stable, ...}: {
home.packages = with pkgs-stable; [
peaclock
cbonsai
pipes
cmatrix
fastfetch
];
}
home/programs/nix-utils/default.nix
+5
View File
@@ -0,0 +1,5 @@
{inputs, ...}: {
imports = [inputs.nix-index-database.homeModules.default];
programs.nix-index.enable = true;
programs.nix-index-database.comma.enable = true;
}
home/programs/nixy/default.nix
+14 -10
View File
@@ -5,13 +5,19 @@
#- - `nixy` - UI wizard to manage the system.
#- - `nixy rebuild` - Rebuild the system.
#- - `nixy ...` - ... see the script for more commands.
{ pkgs, config, ... }:
let
configDirectory = config.var.configDirectory;
{
pkgs,
config,
...
}: let
inherit (config.var) configDirectory;
nixy = pkgs.writeShellScriptBin "nixy"
nixy =
pkgs.writeShellScriptBin "nixy"
# bash
''
EXTRA_ARGS="''${@:2}"
function exec() {
$@
}
@@ -27,8 +33,6 @@ let
";Collect Garbage;nixy gc"
"󰍜;Clean Boot Menu;nixy cb"
";List generation;nixy listgen"
"󰌌;Hyprland Keybindings;nvim ${configDirectory}/docs/KEYBINDINGS-HYPRLAND.md"
"󰋩;Wallpapers;zen https://github.com/anotherhadi/nixy-wallpapers"
)
# Apply default icons if empty:
@@ -49,11 +53,11 @@ let
[[ $1 == "" ]] && ui
if [[ $1 == "rebuild" ]];then
cd ${configDirectory} && git add . && sudo nixos-rebuild switch --flake
cd ${configDirectory} && git add . && sudo nixos-rebuild switch --flake . $EXTRA_ARGS
elif [[ $1 == "test" ]];then
cd ${configDirectory} && git add . && sudo nixos-rebuild test --flake
cd ${configDirectory} && git add . && sudo nixos-rebuild test --flake . $EXTRA_ARGS
elif [[ $1 == "update" ]];then
cd ${configDirectory} && nix flake update
cd ${configDirectory} && nix flake update $EXTRA_ARGS
elif [[ $1 == "gc" ]];then
echo "Starting Nix garbage collection..."
cd ${configDirectory} && \
@@ -74,4 +78,4 @@ let
echo "Unknown argument"
fi
'';
in { home.packages = [ nixy ]; }
in {home.packages = [nixy];}
home/programs/nvf/default.nix
+18 -13
View File
@@ -1,25 +1,30 @@
# NVF is a Neovim configuration that provides a minimal setup with essential plugins and configurations.
{
inputs,
pkgs,
...
}: {
imports = [
inputs.nvf.homeManagerModules.default
./options.nix
./languages.nix
./picker.nix
./snacks.nix
./keymaps.nix
./utils.nix
./mini.nix
imports = [inputs.nvf.homeManagerModules.default];
# Packages needed by snacks image preview
home.packages = with pkgs; [
imagemagick
tree-sitter
ghostscript
tectonic
mermaid-cli
];
programs.nvf = {
enable = true;
settings.vim = {
startPlugins = [
pkgs.vimPlugins.vim-kitty-navigator
settings = {
imports = [
./options.nix
./languages.nix
./picker.nix
./snacks.nix
./keymaps.nix
./utils.nix
./mini.nix
];
};
};
home/programs/nvf/flake.nix
+32
View File
@@ -0,0 +1,32 @@
{
inputs,
pkgs,
system,
...
}: let
nvimConfig = inputs.nvf.lib.neovimConfiguration {
inherit pkgs;
modules = [
./options.nix
./languages.nix
./picker.nix
./snacks.nix
./keymaps.nix
./utils.nix
./mini.nix
];
};
in {
packages.${system}.nvim = nvimConfig.neovim;
apps.${system}.nvim = {
type = "app";
program = "${nvimConfig.neovim}/bin/nvim";
};
defaultApp.${system} = {
type = "app";
program = "${nvimConfig.neovim}/bin/nvim";
};
homeManagerModules.nvim = {imports = [./default.nix];};
}
home/programs/nvf/keymaps.nix
+93 -29
View File
@@ -1,10 +1,9 @@
{
programs.nvf.settings.vim = {
vim = {
globals.mapleader = " ";
binds = {
whichKey = {
enable = true;
# TODO: registers
register = {};
};
};
@@ -32,33 +31,7 @@
desc = "Next Buffer";
}
# Kitty navigator
{
key = "<C-h>";
mode = "n";
silent = true;
action = "<cmd>KittyNavigateLeft<cr>";
}
{
key = "<C-j>";
mode = "n";
silent = true;
action = "<cmd>KittyNavigateDown<cr>";
}
{
key = "<C-k>";
mode = "n";
silent = true;
action = "<cmd>KittyNavigateUp<cr>";
}
{
key = "<C-l>";
mode = "n";
silent = true;
action = "<cmd>KittyNavigateRight<cr>";
}
# Disable Arrow Keys in Normal Mode
# Disable Arrow Keys in Normal Mode and Middle click
{
key = "<Up>";
mode = "n";
@@ -87,6 +60,24 @@
action = "<Nop>";
desc = "Disable Right Arrow";
}
{
key = "<MiddleMouse>";
mode = ["n" "i" "v"];
action = "<nop>";
silent = true;
}
{
key = "<2-MiddleMouse>";
mode = ["n" "i" "v"];
action = "<nop>";
silent = true;
}
{
key = "<3-MiddleMouse>";
mode = ["n" "i" "v"];
action = "<nop>";
silent = true;
}
# UI
{
@@ -168,6 +159,79 @@
action = "<cmd>close<cr>";
desc = "Close";
}
# QOL
{
key = ">";
mode = "v";
silent = true;
action = ">gv";
desc = "Indent and keep selection";
}
{
key = "<";
mode = "v";
silent = true;
action = "<gv";
desc = "Dedent and keep selection";
}
# Move
{
key = "<C-h>";
mode = "n";
silent = true;
action = "<C-w>h";
desc = "Move to left window";
}
{
key = "<C-j>";
mode = "n";
silent = true;
action = "<C-w>j";
desc = "Move to bottom window";
}
{
key = "<C-k>";
mode = "n";
silent = true;
action = "<C-w>k";
desc = "Move to top window";
}
{
key = "<C-l>";
mode = "n";
silent = true;
action = "<C-w>l";
desc = "Move to right window";
}
# Format
{
key = "<leader>lf";
mode = "n";
silent = true;
action = "<cmd>lua require('conform').format({ async = true, lsp_format = 'fallback' })<cr>";
desc = "Format file";
}
# Save
{
key = "<C-s>";
mode = ["n" "i" "v"];
silent = true;
action = "<cmd>w<cr>";
desc = "Save file";
}
# Deactivate "esc"
{
key = "<Esc>";
mode = ["n" "i" "v"];
silent = true;
action = "<Nop>";
desc = "Disable Escape";
}
];
};
}
home/programs/nvf/languages.nix
+21 -7
View File
@@ -3,7 +3,7 @@
pkgs,
...
}: {
programs.nvf.settings.vim = {
vim = {
diagnostics = {
enable = true;
config = {
@@ -26,7 +26,6 @@
''
function(diagnostic)
return string.format("%s", diagnostic.message)
--return string.format("%s (%s)", diagnostic.message, diagnostic.source)
end
'';
};
@@ -35,22 +34,27 @@
enable = true;
};
};
syntaxHighlighting = true;
treesitter = {
enable = true;
autotagHtml = true;
context.enable = true;
highlight.enable = true;
grammars = with pkgs.vimPlugins.nvim-treesitter.builtGrammars; [
typescript # in language settings only tsx gets enabled, not typescript
typescript
];
};
lsp = {
enable = true;
presets = {
tailwindcss-language-server = {
enable = true;
};
};
trouble.enable = true;
lspSignature.enable = true;
lspconfig.enable = true;
formatOnSave = true;
mappings.format = null;
inlayHints.enable = true;
null-ls.enable = true;
servers.nixd.settings.nil.nix.autoArchive = true;
@@ -87,6 +91,13 @@
enableFormat = true;
enableTreesitter = true;
python = {
enable = true;
lsp = {
enable = true;
servers = ["pyright"];
};
};
astro.enable = true;
go.enable = true;
markdown = {
@@ -99,20 +110,23 @@
};
extraDiagnostics.enable = true;
};
ts = {
typescript = {
enable = true;
extensions.ts-error-translator.enable = true;
};
css.enable = true;
svelte.enable = true;
svelte = {
enable = true;
format.enable = false;
};
html.enable = true;
bash.enable = true;
nix.enable = true;
tailwind.enable = true;
};
formatter = {
conform-nvim = {
enable = true;
setupOpts.format_after_save = null;
};
};
};
home/programs/nvf/mini.nix
+1 -2
View File
@@ -1,8 +1,7 @@
{
programs.nvf.settings.vim.mini = {
vim.mini = {
starter.enable = true;
comment.enable = true;
# cursorword.enable = true;
icons.enable = true;
indentscope.enable = true;
notify.enable = true;
home/programs/nvf/options.nix
+16 -4
View File
@@ -1,9 +1,8 @@
{lib, ...}: {
programs.nvf.settings.vim = {
vim = {
viAlias = false;
vimAlias = true;
withNodeJs = true;
# syntaxHighlighting = true;
options = {
autoindent = true;
smartindent = true;
@@ -19,8 +18,8 @@
wrap = false;
};
globals = {
navic_silence = true; # navic tries to attach multiple LSPs and fails
suda_smart_edit = 1; # use super user write automatically
navic_silence = true;
suda_smart_edit = 1;
neovide_scale_factor = 0.7;
neovide_cursor_animation_length = 0.1;
neovide_cursor_short_animation_length = 0;
@@ -30,6 +29,19 @@
registers = "unnamedplus";
providers.wl-copy.enable = true;
};
luaConfigRC.osc52-clipboard = ''
vim.g.clipboard = {
name = 'OSC 52',
copy = {
['+'] = require('vim.ui.clipboard.osc52').copy '+',
['*'] = require('vim.ui.clipboard.osc52').copy '*',
},
paste = {
['+'] = require('vim.ui.clipboard.osc52').paste '+',
['*'] = require('vim.ui.clipboard.osc52').paste '*',
},
}
'';
theme = {
enable = true;
name = lib.mkForce "catppuccin";
home/programs/nvf/picker.nix
+1 -1
View File
@@ -1,5 +1,5 @@
{
programs.nvf.settings.vim = {
vim = {
utility = {
oil-nvim.enable = true;
snacks-nvim = {
home/programs/nvf/snacks.nix
+1 -1
View File
@@ -1,5 +1,5 @@
{
programs.nvf.settings.vim.utility.snacks-nvim = {
vim.utility.snacks-nvim = {
enable = true;
setupOpts = {
image = {
home/programs/nvf/utils.nix
+1 -2
View File
@@ -1,5 +1,5 @@
{pkgs, ...}: {
programs.nvf.settings.vim = {
vim = {
undoFile.enable = true;
utility = {
motion.flash-nvim.enable = true;
@@ -18,7 +18,6 @@
enable = true;
sources = {
buffer = "[Buffer]";
nvim-cmp = null;
path = "[Path]";
};
sourcePlugins = [
home/programs/proton/auto-start-vpn.nix
+5
View File
@@ -0,0 +1,5 @@
{
wayland.windowManager.hyprland.settings.exec-once = [
"protonvpn-app --start-minimized &"
];
}
home/programs/proton/default.nix
+17 -1
View File
@@ -1,6 +1,6 @@
{pkgs, ...}: {
home.packages = with pkgs; [
protonvpn-gui
proton-vpn
proton-pass
proton-authenticator
];
@@ -15,5 +15,21 @@
categories = ["Utility"];
terminal = false;
};
"Proton Calendar" = {
name = "Proton Calendar";
exec = "${pkgs.qutebrowser}/bin/qutebrowser \"https://calendar.proton.me\"";
icon = "proton-calendar";
type = "Application";
categories = ["Utility"];
terminal = false;
};
"Proton Mail" = {
name = "Proton Mail";
exec = "${pkgs.qutebrowser}/bin/qutebrowser \"https://mail.proton.me/\"";
icon = "proton-mail";
type = "Application";
categories = ["Utility"];
terminal = false;
};
};
}
home/programs/qutebrowser/bookmarks/default.nix
+488
View File
@@ -0,0 +1,488 @@
{
config,
lib,
pkgs,
...
}: let
bookmarkList =
(import ./general.nix)
++ (import ./tools.nix)
++ (import ./social.nix)
++ (import ./infosec.nix)
++ (import ./other.nix)
++ (import ./jack.nix);
c = config.lib.stylix.colors;
stripProtocol = url:
lib.removePrefix "https://" (lib.removePrefix "http://" url);
stripDomain = url:
builtins.head (
lib.splitString "/" (stripProtocol url)
);
mkCard = item: let
domain = stripDomain item.url;
initial = builtins.substring 0 1 item.name;
in ''
<a href="${item.url}" class="card">
<div class="favicon-wrapper">
<img class="favicon" src="https://icons.duckduckgo.com/ip3/${domain}.ico" alt="" aria-hidden="true" loading="lazy" onerror="this.style.display='none';this.nextElementSibling.style.display='flex'">
<span class="favicon-fallback" style="display:none">${initial}</span>
</div>
<div class="card-info">
<span class="card-name">${item.name}</span>
<span class="card-url">${stripProtocol item.url}</span>
</div>
</a>'';
mkFolderContent = items: let
step = acc: item:
if item ? url
then acc // {pending = acc.pending ++ [item];}
else {
chunks =
acc.chunks
++ lib.optional (acc.pending != []) {
isCards = true;
items = acc.pending;
}
++ [
{
isCards = false;
folder = item;
}
];
pending = [];
};
result =
lib.foldl' step {
chunks = [];
pending = [];
}
items;
chunks =
result.chunks
++ lib.optional (result.pending != []) {
isCards = true;
items = result.pending;
};
in
lib.concatMapStrings (chunk:
if chunk.isCards
then ''
<div class="cards">
${lib.concatMapStrings mkCard chunk.items}
</div>''
else mkFolder chunk.folder)
chunks;
mkFolder = folder: let
iconHtml =
if folder ? icon
then ''<span class="material-symbols-outlined folder-icon" aria-hidden="true">${folder.icon}</span>''
else "";
in ''
<details class="folder-section" open>
<summary class="folder-title">
${iconHtml}<span class="folder-name">${folder.name}</span>
<svg class="chevron" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2.5" stroke-linecap="round" stroke-linejoin="round" aria-hidden="true"><polyline points="6 9 12 15 18 9"/></svg>
</summary>
<div class="folder-content">
${mkFolderContent folder.bookmarks}
</div>
</details>'';
grouped = let
step = acc: item:
if item ? url
then acc // {pending = acc.pending ++ [item];}
else {
groups =
acc.groups
++ lib.optional (acc.pending != []) {
isRoot = true;
items = acc.pending;
}
++ [
{
isRoot = false;
inherit item;
}
];
pending = [];
};
result =
lib.foldl' step {
groups = [];
pending = [];
}
bookmarkList;
in
result.groups
++ lib.optional (result.pending != []) {
isRoot = true;
items = result.pending;
};
mkSection = group:
if group.isRoot
then ''
<div class="root-section">
<div class="cards">
${lib.concatMapStrings mkCard group.items}
</div>
</div>''
else mkFolder group.item;
collectBookmarks = prefix: items:
lib.concatMapStrings (
item:
if item ? url
then "${item.url} ${prefix}${item.name}\n"
else collectBookmarks "${prefix}${item.name}/" item.bookmarks
)
items;
publicBookmarks =
pkgs.writeText "qutebrowser-public-bookmarks"
(collectBookmarks "" bookmarkList);
in {
config = {
xdg.dataFile."qutebrowser/bookmarks.html".text = ''
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Bookmarks</title>
<link rel="stylesheet" href="https://fonts.googleapis.com/css2?family=Material+Symbols+Outlined:opsz,wght,FILL,GRAD@20,300,0,0">
<style>
*, *::before, *::after { box-sizing: border-box; margin: 0; padding: 0; }
body {
background-color: #${c.base00};
color: #${c.base05};
font-family: 'Source Sans Pro', sans-serif;
font-size: 14px;
min-height: 100vh;
padding: 2.5rem 2rem;
}
.header {
max-width: 1100px;
margin: 0 auto 2rem;
display: flex;
align-items: center;
gap: 1.5rem;
}
.page-title {
font-size: 1.3rem;
font-weight: 700;
color: #${c.base0D};
letter-spacing: -0.01em;
flex-shrink: 0;
}
.search-bar {
flex: 1;
background-color: #${c.base01};
border: 1px solid #${c.base02};
border-radius: 8px;
color: #${c.base05};
font-family: 'Source Sans Pro', sans-serif;
font-size: 0.9rem;
padding: 0.5rem 0.9rem;
outline: none;
transition: border-color 0.15s ease;
}
.search-bar::placeholder { color: #${c.base03}; }
.search-bar:focus { border-color: #${c.base0D}; }
.collapse-btn {
flex-shrink: 0;
background: none;
border: 1px solid #${c.base02};
border-radius: 8px;
color: #${c.base03};
cursor: pointer;
display: flex;
align-items: center;
justify-content: center;
padding: 0.47rem;
transition: color 0.15s ease, border-color 0.15s ease;
}
.collapse-btn:hover {
color: #${c.base0D};
border-color: #${c.base0D};
}
.collapse-btn svg {
width: 16px;
height: 16px;
}
.bookmarks-container {
max-width: 1100px;
margin: 0 auto;
display: flex;
flex-direction: column;
gap: 0.75rem;
}
.root-section {
margin-bottom: 1rem;
}
details.folder-section {
border-radius: 8px;
}
details.folder-section > summary {
list-style: none;
cursor: pointer;
display: flex;
align-items: center;
gap: 0.5rem;
padding: 0.45rem 0.5rem;
border-radius: 8px;
user-select: none;
transition: background-color 0.12s ease;
}
details.folder-section > summary::-webkit-details-marker { display: none; }
details.folder-section > summary:hover {
background-color: #${c.base01};
color: #${c.base0D};
}
details.folder-section > summary:hover .folder-name {
color: #${c.base0D};
}
details.folder-section > summary:hover .folder-icon {
color: #${c.base0D};
}
.folder-icon {
font-size: 14px;
line-height: 1;
flex-shrink: 0;
color: #${c.base04};
user-select: none;
}
.folder-name {
font-size: 0.72rem;
font-weight: 700;
letter-spacing: 0.12em;
text-transform: uppercase;
color: #${c.base03};
flex: 1;
}
.chevron {
width: 13px;
height: 13px;
color: #${c.base03};
transition: transform 0.2s ease;
flex-shrink: 0;
}
details[open] > summary > .chevron {
transform: rotate(180deg);
}
.folder-content {
padding: 0.4rem 0 0.5rem 0;
display: flex;
flex-direction: column;
gap: 0.25rem;
}
.folder-content > details.folder-section > summary {
padding-left: 1.2rem;
}
.folder-content > details.folder-section > .folder-content {
padding-left: 1rem;
}
.cards {
display: grid;
grid-template-columns: repeat(auto-fill, minmax(220px, 1fr));
gap: 0.4rem;
}
.card {
display: flex;
align-items: center;
gap: 0.7rem;
padding: 0.6rem 0.8rem;
background-color: #${c.base01};
border: 1px solid #${c.base02};
border-radius: 10px;
text-decoration: none;
transition: background-color 0.12s ease, border-color 0.12s ease;
overflow: hidden;
}
.card:hover {
background-color: #${c.base02};
border-color: #${c.base0D};
}
.favicon-wrapper { position: relative; width: 18px; height: 18px; flex-shrink: 0; }
.favicon {
position: absolute;
inset: 0;
width: 100%;
height: 100%;
object-fit: contain;
border-radius: 3px;
}
.favicon-fallback {
position: absolute;
inset: 0;
display: flex;
align-items: center;
justify-content: center;
background-color: #${c.base02};
border-radius: 4px;
color: #${c.base04};
font-size: 10px;
font-weight: 700;
text-transform: uppercase;
user-select: none;
}
.card-info {
display: flex;
flex-direction: column;
gap: 0.05rem;
overflow: hidden;
flex: 1;
}
.card-name {
color: #${c.base05};
font-size: 0.86rem;
font-weight: 500;
white-space: nowrap;
overflow: hidden;
text-overflow: ellipsis;
transition: color 0.12s ease;
}
.card:hover .card-name { color: #${c.base0D}; }
.card-url {
color: #${c.base03};
font-family: 'Maple Mono NF', monospace;
font-size: 0.7rem;
white-space: nowrap;
overflow: hidden;
text-overflow: ellipsis;
}
.no-results {
color: #${c.base03};
font-size: 0.9rem;
padding: 0.5rem 0.2rem;
display: none;
}
</style>
</head>
<body>
<div class="header">
<h1 class="page-title">Bookmarks</h1>
<input id="search" class="search-bar" type="text" placeholder="Search" autocomplete="off" spellcheck="false">
<button id="collapse-btn" class="collapse-btn" title="Collapse all folders" aria-label="Collapse all folders">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round">
<polyline points="4 14 10 14 10 20"/><polyline points="20 10 14 10 14 4"/><line x1="10" y1="14" x2="3" y2="21"/><line x1="21" y1="3" x2="14" y2="10"/>
</svg>
</button>
</div>
<div class="bookmarks-container">
<p id="no-results" class="no-results">No results</p>
${lib.concatMapStrings mkSection grouped}
</div>
<script>
window.addEventListener('DOMContentLoaded', function () {
const input = document.getElementById('search');
const noResults = document.getElementById('no-results');
const collapseBtn = document.getElementById('collapse-btn');
input.focus();
collapseBtn.addEventListener('click', function () {
document.querySelectorAll('details.folder-section').forEach(function (d) {
d.open = false;
});
});
input.addEventListener('input', function () {
const query = this.value.toLowerCase().trim();
let anyVisible = false;
if (query) {
document.querySelectorAll('details.folder-section').forEach(function (d) {
d.open = true;
});
}
document.querySelectorAll('.folder-section, .root-section').forEach(function (section) {
let sectionVisible = false;
section.querySelectorAll('.card').forEach(function (card) {
const name = card.querySelector('.card-name').textContent.toLowerCase();
const url = card.querySelector('.card-url').textContent.toLowerCase();
const match = !query || name.includes(query) || url.includes(query);
card.style.display = match ? ''' : 'none';
if (match) { sectionVisible = true; anyVisible = true; }
});
section.style.display = sectionVisible ? ''' : 'none';
});
noResults.style.display = anyVisible || !query ? 'none' : 'block';
});
input.addEventListener('keydown', function (e) {
if (e.key === 'Enter') {
const val = this.value.trim();
const isUrl = /^https?:\/\//i.test(val) || /^[a-zA-Z0-9-]+(\.[a-zA-Z]{2,})(\/.*)?$/.test(val);
if (isUrl) {
location.href = /^https?:\/\//i.test(val) ? val : 'https://' + val;
} else {
const first = document.querySelector('.card:not([style*="none"])');
if (first) {
location.href = first.href;
} else {
const q = encodeURIComponent(val);
if (q) location.href = 'https://www.startpage.com/sp/search?q=' + q;
}
}
}
if (e.key === 'Escape') {
this.value = ''';
this.dispatchEvent(new Event('input'));
}
});
});
</script>
</body>
</html>
'';
home.activation.qutebrowserBookmarks = lib.hm.dag.entryAfter ["writeBoundary"] ''
mkdir -p ${config.home.homeDirectory}/.config/qutebrowser/bookmarks
cat ${publicBookmarks} > ${config.home.homeDirectory}/.config/qutebrowser/bookmarks/urls
'';
};
}
home/programs/qutebrowser/bookmarks/general.nix
+22
View File
@@ -0,0 +1,22 @@
[
{
name = "Proton Mail";
url = "https://mail.proton.me";
}
{
name = "Proton Drive";
url = "https://drive.proton.me";
}
{
name = "Proton Lumo";
url = "https://lumo.proton.me";
}
{
name = "Proton Calendar";
url = "https://calendar.proton.me";
}
{
name = "Github";
url = "https://github.com";
}
]
home/programs/qutebrowser/bookmarks/infosec.nix
+48
View File
@@ -0,0 +1,48 @@
[
{
name = "Infosec";
icon = "terminal";
bookmarks = [
{
name = "Nix 4 Cyber";
url = "https://n4c.hadi.icu";
}
{
name = "Cyberchef";
url = "https://cyberchef.hadi.icu";
}
{
name = "TryHackMe";
url = "https://tryhackme.com";
}
{
name = "Root-Me";
url = "https://root-me.org";
}
{
name = "Hack The Box";
url = "https://hackthebox.com";
}
{
name = "Iknowyou";
url = "https://iknowyou-prod.hadi.icu";
}
{
name = "Exploit-DB";
url = "https://exploit-db.com";
}
{
name = "GTFOBins";
url = "https://gtfobins.org/";
}
{
name = "Crack Station";
url = "https://crackstation.net";
}
{
name = "Osint Tracker";
url = "https://app.osintracker.com";
}
];
}
]
home/programs/qutebrowser/bookmarks/jack.nix
+80
View File
@@ -0,0 +1,80 @@
[
{
name = "Jack";
icon = "dns";
bookmarks = [
{
name = "Glance";
url = "https://home.hadi.icu";
}
{
name = "Blog";
url = "https://hadi.icu";
}
{
name = "Gitea";
url = "https://git.hadi.icu";
}
{
name = "Mealie";
url = "https://mealie.hadi.icu";
}
{
name = "Wallpapers";
url = "https://wallpapers.hadi.icu";
}
{
name = "Default Creds";
url = "https://default-creds.hadi.icu";
}
{
name = "Media";
icon = "subscriptions";
bookmarks = [
{
name = "Radarr";
url = "https://radarr.hadi.icu";
}
{
name = "Sonarr";
url = "https://sonarr.hadi.icu";
}
{
name = "Bazarr";
url = "https://bazarr.hadi.icu";
}
{
name = "Prowlarr";
url = "https://prowlarr.hadi.icu";
}
{
name = "Transmission";
url = "https://transmission.hadi.icu";
}
];
}
{
name = "Infrastructure";
icon = "construction";
bookmarks = [
{
name = "AdGuard";
url = "https://adguard.hadi.icu";
}
{
name = "Umami";
url = "https://umami.hadi.icu";
}
{
name = "Cloudflare";
url = "https://dash.cloudflare.com";
}
{
name = "Cloudflare Zero Trust";
url = "https://one.dash.cloudflare.com";
}
];
}
];
}
]
home/programs/qutebrowser/bookmarks/other.nix
+46
View File
@@ -0,0 +1,46 @@
[
{
name = "Other";
icon = "category";
bookmarks = [
{
name = "Documentation";
icon = "menu_book";
bookmarks = [
{
name = "Hyprland Wiki";
url = "https://wiki.hypr.land";
}
{
name = "Stylix Wiki";
url = "https://nix-community.github.io/stylix/";
}
{
name = "Nixpkgs";
url = "https://github.com/NixOS/nixpkgs";
}
{
name = "tldr";
url = "https://tldr.inbrowser.app/";
}
];
}
{
name = "Startpage Config";
url = "https://www.startpage.com/do/mypage.pl?prfe=45d331deb05471d659dba933e7400df51d952bb103da6f6125c0e769a6be1d65610456a479f495ceeee7e97311cf227d7c1bb198de0ceeb193d8cddf9c455c19a409cc35c3e3f542ee27bd7cecd3";
}
{
name = "Feedly";
url = "https://feedly.com";
}
{
name = "MyNixOS";
url = "https://mynixos.com";
}
{
name = "Amazon";
url = "https://amazon.fr";
}
];
}
]
home/programs/qutebrowser/bookmarks/social.nix
+50
View File
@@ -0,0 +1,50 @@
[
{
name = "Entertainment";
icon = "movie";
bookmarks = [
{
name = "Youtube";
url = "https://youtube.com";
}
{
name = "Jellyfin";
url = "https://media.hadi.icu";
}
{
name = "Seerr";
url = "https://demandemedia.hadi.icu";
}
{
name = "Social Media";
icon = "group";
bookmarks = [
{
name = "Medium";
url = "https://medium.com";
}
{
name = "Bluesky";
url = "https://bsky.app";
}
{
name = "Reddit";
url = "https://reddit.com";
}
{
name = "Instagram";
url = "https://instagram.com";
}
{
name = "Discord";
url = "https://discord.com/channels/@me/";
}
{
name = "Gitlab";
url = "https://gitlab.com/";
}
];
}
];
}
]
home/programs/qutebrowser/bookmarks/tools.nix
+48
View File
@@ -0,0 +1,48 @@
[
{
name = "Tools";
icon = "handyman";
bookmarks = [
{
name = "Maps";
url = "https://maps.apple.com";
}
{
name = "Excalidraw";
url = "https://excalidraw.com";
}
{
name = "Cobalt (downloader)";
url = "https://cobalt.meowing.de";
}
{
name = "Mazanoke (image)";
url = "https://mazanoke.hadi.icu";
}
{
name = "Vert";
url = "https://vert.sh";
}
{
name = "Markdown to PDF";
url = "https://md2file.com";
}
{
name = "Image to Vector";
url = "https://www.vectorcascade.com/";
}
{
name = "PrivateBin";
url = "https://privatebin.net";
}
{
name = "Claude";
url = "https://claude.ai";
}
{
name = "Gemini";
url = "https://gemini.google.com";
}
];
}
]
home/programs/qutebrowser/default.nix
+37
View File
@@ -0,0 +1,37 @@
{...}: {
imports = [
./bookmarks
./search.nix
./keybindings.nix
./settings.nix
./userscripts.nix
];
home.sessionVariables = {
DEFAULT_BROWSER = "qutebrowser";
BROWSER = "qutebrowser";
};
xdg.mimeApps.defaultApplications = {
"text/html" = ["org.qutebrowser.qutebrowser.desktop"];
"text/xml" = ["org.qutebrowser.qutebrowser.desktop"];
"x-scheme-handler/http" = ["org.qutebrowser.qutebrowser.desktop"];
"x-scheme-handler/https" = ["org.qutebrowser.qutebrowser.desktop"];
"x-scheme-handler/unknown" = ["org.qutebrowser.qutebrowser.desktop"];
"x-scheme-handler/about" = ["org.qutebrowser.qutebrowser.desktop"];
"x-scheme-handler/qute" = ["org.qutebrowser.qutebrowser.desktop"];
};
xdg.desktopEntries.qutebrowser-private = {
name = "Qutebrowser (Temp session)";
genericName = "Web Browser";
exec = "qutebrowser --temp-basedir %U";
icon = "qutebrowser";
categories = ["Network" "WebBrowser"];
};
programs.qutebrowser = {
enable = true;
loadAutoconfig = true;
};
}
home/programs/qutebrowser/keybindings.nix
+17
View File
@@ -0,0 +1,17 @@
{config, ...}: {
programs.qutebrowser.keyBindings = {
normal."<Ctrl-w>" = "tab-close";
normal."<Ctrl-Tab>" = "tab-next";
normal."<Ctrl-Shift-Tab>" = "tab-prev";
normal."<Ctrl-b>" = "open file://${config.xdg.dataHome}/qutebrowser/bookmarks.html";
# Ctrl+c is used to leave the current mode and return to normal mode.
insert."<Ctrl-c>" = "mode-leave";
hint."<Ctrl-c>" = "mode-leave";
caret."<Ctrl-c>" = "mode-leave";
command."<Ctrl-c>" = "mode-leave";
prompt."<Ctrl-c>" = "mode-leave";
yesno."<Ctrl-c>" = "mode-leave";
register."<Ctrl-c>" = "mode-leave";
};
}
home/programs/qutebrowser/search.nix
+30
View File
@@ -0,0 +1,30 @@
{
programs.qutebrowser.searchEngines = rec {
startpage = "https://www.startpage.com/sp/search?q={}";
mynixos = "https://mynixos.com/search?q={}";
duckduckgo = "https://duckduckgo.com/?q={}";
google = "https://google.com/search?hl=en&q={}";
yandex = "https://yandex.com/search/?text={}";
bing = "https://bing.com/search?q={}";
youtube = "https://youtube.com/results?search_query={}";
google-images = "https://google.com/search?hl=en&tbm=isch&q={}";
# AI
chatgpt = "https://chatgpt.com/?q={}";
claude = "https://claude.ai/new?q={}";
gemini = "https://gemini.google.com/app?q={}";
# Maps
amap = "https://maps.apple.com/?q={}";
gmap = "https://www.google.com/maps/search/{}";
# shortcuts
g = google;
n = mynixos;
gpt = chatgpt;
gem = gemini;
cla = claude;
DEFAULT = startpage;
};
}
home/programs/qutebrowser/settings.nix
+52
View File
@@ -0,0 +1,52 @@
{config, ...}: {
programs.qutebrowser = {
settings = {
url = rec {
default_page = "file://${config.xdg.dataHome}/qutebrowser/bookmarks.html";
start_pages = [default_page];
};
new_instance_open_target = "window";
"tabs.last_close" = "close";
"statusbar.widgets" = ["keypress" "url" "progress"];
# Adblock
"content.blocking.enabled" = true;
"content.blocking.method" = "adblock";
"content.blocking.adblock.lists" = [
"https://easylist.to/easylist/easylist.txt"
"https://easylist.to/easylist/easyprivacy.txt"
"https://secure.fanboy.co.nz/fanboy-cookiemonster.txt"
];
# Clipboard access (needed for Excalidraw, Cyberchef, etc.)
"content.javascript.clipboard" = "access";
# Downloads
"downloads.location.directory" = "~/Downloads";
"downloads.location.prompt" = false;
# Editor (Ctrl+e in text fields)
"editor.command" = ["ghostty" "-e" "nvim" "{}"];
# Tabs
# "tabs.show" = "switching";
# "tabs.show_switching_delay" = 3000;
# Scrollbar
"scrolling.bar" = "never";
# Statusbar
"statusbar.show" = "in-mode";
# Privacy
"content.geolocation" = false;
"content.cookies.accept" = "no-3rdparty";
};
extraConfig = ''
c.statusbar.padding = {'top': 6, 'bottom': 6, 'left': 8, 'right': 8}
c.tabs.padding = {'top': 6, 'bottom': 6, 'left': 8, 'right': 8}
config.set('content.local_content_can_access_remote_urls', True, 'file://*')
'';
};
}
home/programs/qutebrowser/userscripts.nix
+37
View File
@@ -0,0 +1,37 @@
{
pkgs,
inputs,
...
}: {
xdg.dataFile = {
# Startpage: hide sponsored results (custom script, no upstream)
"qutebrowser/greasemonkey/startpage-no-ads.user.js".text = ''
// ==UserScript==
// @name Startpage - Hide Ads
// @match https://www.startpage.com/*
// @run-at document-start
// ==/UserScript==
new MutationObserver(function(mutations) {
mutations.forEach((mutation) => {
if (mutation.type === 'childList') {
mutation.addedNodes.forEach((node) => {
if (node.nodeType === 1 && node.nodeName === 'DIV' && node.id === 'gcsa-top') {
node.remove();
this.disconnect();
}
});
}
});
}).observe(document, { childList: true, subtree: true });
'';
"qutebrowser/greasemonkey/return-youtube-dislike.user.js".source = inputs.qs-return-youtube-dislike;
"qutebrowser/greasemonkey/sponsorblock-lite.user.js".source = inputs.qs-sponsorblock-lite;
"qutebrowser/greasemonkey/dont-track-me-google.user.js".source = inputs.qs-dont-track-me-google;
"qutebrowser/greasemonkey/i-dont-care-about-cookies.user.js".source = inputs.qs-i-dont-care-about-cookies;
"qutebrowser/greasemonkey/tracking-token-stripper.user.js".source = inputs.qs-tracking-token-stripper;
"qutebrowser/greasemonkey/bypass-paywalls-clean.user.js".source = inputs.qs-bypass-paywalls-clean;
"qutebrowser/greasemonkey/anti-adblock-fuckoff.user.js".source = inputs.qs-anti-adblock-fuckoff;
};
}
home/programs/shell/zsh.nix
+5 -30
View File
@@ -7,11 +7,15 @@
}: let
fetch = config.theme.fetch; # neofetch, nerdfetch, pfetch
in {
home.packages = with pkgs; [bat ripgrep tldr sesh];
home.packages = with pkgs; [bat ripgrep tldr witr];
# Add go binaries to the PATH
home.sessionPath = ["$HOME/go/bin"];
home.sessionVariables = {
COLORTERM = "truecolor";
};
programs.zsh = {
enable = true;
enableCompletion = true;
@@ -47,7 +51,6 @@ in {
tree = "eza --icons=always --tree --no-quotes";
sl = "ls";
open = "${pkgs.xdg-utils}/bin/xdg-open";
icat = "${pkgs.kitty}/bin/kitty +kitten icat";
cat = "bat --theme=base16 --color=always --paging=never --tabs=2 --wrap=never --plain";
mkdir = "mkdir -p";
@@ -93,29 +96,6 @@ in {
else ""
}
function sesh-sessions() {
session=$(sesh list -t -c | fzf --height 70% --reverse)
[[ -z "$session" ]] && return
sesh connect $session
}
function chatgptfolder(){
echo "################################"
echo "### TREE ###"
echo "################################"
${pkgs.eza}/bin/eza --tree -aF --icons never
echo -e "\n\n"
echo "##############################"
echo "### CONTENT ###"
echo "##############################"
find . -type f -not -path '*/.git/*' -print0 | while IFS= read -r -d "" file; do
echo -e "\n--- DEBUT: $file ---\n"
cat "$file"
echo -e "\n--- FIN: $file ---\n"
done
}
function n4c() {
category=''${1:-all}
shift
@@ -123,11 +103,6 @@ in {
nix develop "github:nix4cyber/n4c#''${category}" ''${args} -c zsh
}
zle -N sesh-sessions
bindkey -M emacs '\es' sesh-sessions
bindkey -M vicmd '\es' sesh-sessions
bindkey -M viins '\es' sesh-sessions
# search history based on what's typed in the prompt
autoload -U history-search-end
zle -N history-beginning-search-backward-end history-search-end
home/programs/spicetify/default.nix
+2 -1
View File
@@ -1,6 +1,7 @@
# Spicetify is a spotify client customizer
{
pkgs,
pkgs-stable,
config,
lib,
inputs,
@@ -16,6 +17,7 @@ in {
programs.spicetify = {
enable = true;
spotifyPackage = pkgs-stable.spotify;
theme = lib.mkForce spicePkgs.themes.dribbblish;
colorScheme = "custom";
@@ -31,7 +33,6 @@ in {
enabledExtensions = with spicePkgs.extensions; [
playlistIcons
lastfm
historyShortcut
hidePodcasts
adblock
home/programs/thunar/default.nix
+90 -73
View File
@@ -1,45 +1,59 @@
# Thunar is a file explorer
{
pkgs,
pkgs-stable,
config,
lib,
...
}: let
user = config.var.username;
in {
# ctrl + m to toggle the menubar
home.packages = with pkgs; [
xfce.thunar
xfce.xfconf
xfce.tumbler
xfce.thunar-archive-plugin
xfce.thunar-volman
xfce.thunar-media-tags-plugin
p7zip
xarchiver
];
home.packages =
(with pkgs-stable; [
xfce.thunar
xfce.xfconf
xfce.tumbler
xfce.thunar-archive-plugin
xfce.thunar-volman
xfce.thunar-media-tags-plugin
p7zip
xarchiver
])
++ (with pkgs; [
# Icon themes: keep on global pkgs to avoid conflicts with other modules
papirus-icon-theme
material-icons
material-design-icons
material-symbols
]);
gtk = {
enable = true;
iconTheme = {
name = "WhiteSur";
package = pkgs.whitesur-icon-theme.override {
boldPanelIcons = true;
alternativeIcons = true;
};
name = "Papirus-Dark";
package = pkgs.papirus-icon-theme;
};
gtk4.theme = null;
# bookmarks for the side pane
gtk3.bookmarks = [
"file:///home/${user}/Downloads Downloads"
"file:///home/${user}/Pictures Pictures"
"file:///home/${user}/.config/nixos NixOS"
"file:///home/${user}/dev Development"
];
};
qt.enable = true;
home.sessionVariables = {
XDG_ICON_DIR = "${pkgs.whitesur-icon-theme}/share/icons/WhiteSur";
XDG_ICON_DIR = "${pkgs.papirus-icon-theme}/share/icons/Papirus";
QS_ICON_THEME = "Papirus";
QT_STYLE_OVERRIDE = lib.mkForce "Fusion";
};
# bookmarks for the side pane
gtk.gtk3.bookmarks = [
"file:///home/${user}/Downloads Downloads"
"file:///home/${user}/Pictures Pictures"
"file:///home/${user}/.config/nixos NixOS"
"file:///home/${user}/dev Development"
];
home.file.".config/xarchiver/xarchiverrc".text = ''
[xarchiver]
preferred_format=0
@@ -56,7 +70,7 @@ in {
show_toolbar=true
preferred_custom_cmd=
preferred_temp_dir=/tmp
preferred_extract_dir=/home/${user}/Downloads
preferred_extract_dir=./
allow_sub_dir=0
ensure_directory=true
overwrite=false
@@ -72,53 +86,56 @@ in {
remove_files=false
'';
home.file.".config/xfce4/xfconf/xfce-perchannel-xml/thunar.xml".text = ''
<?xml version="1.1" encoding="UTF-8"?>
home.file.".config/xfce4/xfconf/xfce-perchannel-xml/thunar.xml" = {
text = ''
<?xml version="1.1" encoding="UTF-8"?>
<channel name="thunar" version="1.0">
<property name="last-view" type="string" value="ThunarIconView"/>
<property name="last-icon-view-zoom-level" type="string" value="THUNAR_ZOOM_LEVEL_100_PERCENT"/>
<property name="last-window-maximized" type="bool" value="true"/>
<property name="last-separator-position" type="int" value="230"/>
<property name="last-statusbar-visible" type="bool" value="false"/>
<property name="last-menubar-visible" type="bool" value="false"/>
<property name="misc-single-click" type="bool" value="false"/>
<property name="shortcuts-icon-emblems" type="bool" value="true"/>
<property name="tree-icon-emblems" type="bool" value="true"/>
<property name="misc-file-size-binary" type="bool" value="false"/>
<property name="misc-thumbnail-draw-frames" type="bool" value="true"/>
<property name="misc-text-beside-icons" type="bool" value="false"/>
<property name="misc-change-window-icon" type="bool" value="false"/>
<property name="hidden-bookmarks" type="array">
<value type="string" value="computer:///"/>
<value type="string" value="recent:///"/>
<value type="string" value="network:///"/>
</property>
<property name="hidden-devices" type="array">
<value type="string" value="52FEA905FEA8E309"/>
</property>
<property name="last-toolbar-item-order" type="string" value="0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17"/>
<property name="last-toolbar-visible-buttons" type="string" value="0,1,0,0,0,0,0,0,0,0,0,0,0,0,1,0,1,0"/>
<property name="last-location-bar" type="string" value="ThunarLocationButtons"/>
<property name="last-show-hidden" type="bool" value="false"/>
<property name="last-details-view-zoom-level" type="string" value="THUNAR_ZOOM_LEVEL_38_PERCENT"/>
<property name="last-details-view-column-widths" type="string" value="50,50,118,111,50,50,50,50,993,50,50,84,50,151"/>
<property name="last-toolbar-items" type="string" value="menu:1,undo:1,back:1,forward:1,open-parent:0,open-home:0,redo:0,zoom-in:0,zoom-out:0,zoom-reset:0,location-bar:1,view-switcher:1,search:1,view-as-icons:0,view-as-detailed-list:0,view-as-compact-list:0,toggle-split-view:0,reload:0,new-tab:0,new-window:0,uca-action-1700000000000001:0"/>
<property name="last-side-pane" type="string" value="THUNAR_SIDEPANE_TYPE_SHORTCUTS"/>
<property name="last-image-preview-visible" type="bool" value="false"/>
<property name="misc-use-csd" type="bool" value="true"/>
<property name="default-view" type="string" value="ThunarIconView"/>
<property name="misc-thumbnail-max-file-size" type="uint64" value="1073741824"/>
<property name="misc-symbolic-icons-in-toolbar" type="bool" value="true"/>
<property name="misc-date-style" type="string" value="THUNAR_DATE_STYLE_SIMPLE"/>
<property name="shortcuts-icon-size" type="string" value="THUNAR_ICON_SIZE_16"/>
<property name="tree-icon-size" type="string" value="THUNAR_ICON_SIZE_16"/>
<property name="misc-symbolic-icons-in-sidepane" type="bool" value="true"/>
<property name="misc-open-new-window-as-tab" type="bool" value="false"/>
<property name="misc-full-path-in-tab-title" type="bool" value="true"/>
<property name="misc-show-delete-action" type="bool" value="false"/>
</channel>
'';
<channel name="thunar" version="1.0">
<property name="last-view" type="string" value="ThunarIconView"/>
<property name="last-icon-view-zoom-level" type="string" value="THUNAR_ZOOM_LEVEL_100_PERCENT"/>
<property name="last-window-maximized" type="bool" value="true"/>
<property name="last-separator-position" type="int" value="230"/>
<property name="last-statusbar-visible" type="bool" value="false"/>
<property name="last-menubar-visible" type="bool" value="false"/>
<property name="misc-single-click" type="bool" value="false"/>
<property name="shortcuts-icon-emblems" type="bool" value="true"/>
<property name="tree-icon-emblems" type="bool" value="true"/>
<property name="misc-file-size-binary" type="bool" value="false"/>
<property name="misc-thumbnail-draw-frames" type="bool" value="true"/>
<property name="misc-text-beside-icons" type="bool" value="false"/>
<property name="misc-change-window-icon" type="bool" value="false"/>
<property name="hidden-bookmarks" type="array">
<value type="string" value="computer:///"/>
<value type="string" value="recent:///"/>
<value type="string" value="network:///"/>
</property>
<property name="hidden-devices" type="array">
<value type="string" value="52FEA905FEA8E309"/>
</property>
<property name="last-toolbar-item-order" type="string" value="0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17"/>
<property name="last-toolbar-visible-buttons" type="string" value="0,1,0,0,0,0,0,0,0,0,0,0,0,0,1,0,1,0"/>
<property name="last-location-bar" type="string" value="ThunarLocationButtons"/>
<property name="last-show-hidden" type="bool" value="false"/>
<property name="last-details-view-zoom-level" type="string" value="THUNAR_ZOOM_LEVEL_38_PERCENT"/>
<property name="last-details-view-column-widths" type="string" value="50,50,118,111,50,50,50,50,993,50,50,84,50,151"/>
<property name="last-toolbar-items" type="string" value="menu:1,undo:1,back:1,forward:1,open-parent:0,open-home:0,redo:0,zoom-in:0,zoom-out:0,zoom-reset:0,location-bar:1,view-switcher:1,search:1,view-as-icons:0,view-as-detailed-list:0,view-as-compact-list:0,toggle-split-view:0,reload:0,new-tab:0,new-window:0,uca-action-1700000000000001:0"/>
<property name="last-side-pane" type="string" value="THUNAR_SIDEPANE_TYPE_SHORTCUTS"/>
<property name="last-image-preview-visible" type="bool" value="false"/>
<property name="misc-use-csd" type="bool" value="true"/>
<property name="default-view" type="string" value="ThunarIconView"/>
<property name="misc-thumbnail-max-file-size" type="uint64" value="1073741824"/>
<property name="misc-symbolic-icons-in-toolbar" type="bool" value="true"/>
<property name="misc-date-style" type="string" value="THUNAR_DATE_STYLE_SIMPLE"/>
<property name="shortcuts-icon-size" type="string" value="THUNAR_ICON_SIZE_16"/>
<property name="tree-icon-size" type="string" value="THUNAR_ICON_SIZE_16"/>
<property name="misc-symbolic-icons-in-sidepane" type="bool" value="true"/>
<property name="misc-open-new-window-as-tab" type="bool" value="false"/>
<property name="misc-full-path-in-tab-title" type="bool" value="true"/>
<property name="misc-show-delete-action" type="bool" value="false"/>
</channel>
'';
force = true;
};
xdg.configFile."Thunar/uca.xml".text = ''
<?xml version="1.0" encoding="UTF-8"?>
@@ -127,8 +144,8 @@ in {
<icon>utilities-terminal</icon>
<name>Open Terminal Here</name>
<unique-id>1700000000000001</unique-id>
<command>kitty -d %f</command>
<description>Opens Kitty terminal in the selected folder</description>
<command>ghostty -d %f</command>
<description>Opens terminal in the selected folder</description>
<patterns>*</patterns>
<startup-notify/>
<directories/>
home/programs/vivaldi/default.nix
-12
View File
@@ -1,12 +0,0 @@
{pkgs, ...}: {
programs.vivaldi = {
enable = true;
commandLineArgs = [
"--no-default-browser-check"
];
};
home.sessionVariables = {
DEFAULT_BROWSER = "${pkgs.vivaldi}/bin/vivaldi";
};
}
home/programs/zathura/default.nix
-15
View File
@@ -1,15 +0,0 @@
# TODO: Misc section with VLC, Zathura etc
# Zathura is a PDF viewer
{
programs.zathura = {
enable = true;
options = {
guioptions = "v";
adjust-open = "width";
statusbar-basename = true;
render-loading = false;
scroll-step = 120;
};
};
}
home/system/caelestia-shell/appearance.nix
+4 -3
View File
@@ -15,7 +15,7 @@ in {
background.enabled = false;
appearance = {
transparency = {
enable = true;
enabled = true;
base = 0.85;
layers = 0.4;
};
@@ -29,8 +29,8 @@ in {
enabled = true;
maxToasts = 4;
toasts = {
audioInputChanged = true;
audioOutputChanged = true;
audioInputChanged = false;
audioOutputChanged = false;
capsLockChanged = false;
chargingChanged = true;
configLoaded = false;
@@ -41,6 +41,7 @@ in {
kbLayoutChanged = false;
};
};
dashboard.showOnHover = false;
border = {
inherit rounding;
thickness = 8;
home/system/caelestia-shell/bar.nix
-1
View File
@@ -19,7 +19,6 @@
label = " ";
occupiedBg = true;
occupiedLabel = "󰪥 ";
rounded = true;
showWindows = false;
shown = 5;
};
home/system/caelestia-shell/bindings.nix
-58
View File
@@ -1,58 +0,0 @@
{
wayland.windowManager.hyprland.settings = {
bindin = [
# Launcher
"$mod, mouse:272, global, caelestia:launcherInterrupt"
"$mod, mouse:273, global, caelestia:launcherInterrupt"
"$mod, mouse:274, global, caelestia:launcherInterrupt"
"$mod, mouse:275, global, caelestia:launcherInterrupt"
"$mod, mouse:276, global, caelestia:launcherInterrupt"
"$mod, mouse:277, global, caelestia:launcherInterrupt"
"$mod, mouse_up, global, caelestia:launcherInterrupt"
"$mod, mouse_down, global, caelestia:launcherInterrupt"
];
bind = [
# Launcher
"$mod, SPACE, global, caelestia:launcher"
"$mod, X, global, caelestia:session" # Powermenu
# Misc
"$mod, L, global, caelestia:lock"
"$mod, N, exec, caelestia shell drawers toggle sidebar"
# Utilities
"$mod+Shift, SPACE, exec, caelestia shell gameMode toggle" # Toggle Focus/Game mode
"$mod+Shift, S, global, caelestia:screenshotFreeze" # Capture region (freeze)
"$mod+Shift+Alt, S, global, caelestia:screenshot" # Capture region
"$mod+Alt, R, exec, caelestia record -s" # Record screen with sound
"Ctrl+Alt, R, exec, caelestia record" # Record screen
"$mod+Shift+Alt, R, exec, caelestia record -r" # Record region
"$mod+Shift, E, exec, pkill fuzzel || caelestia emoji -p"
];
bindl = [
# Brightness
", XF86MonBrightnessUp, global, caelestia:brightnessUp"
", XF86MonBrightnessDown, global, caelestia:brightnessDown"
"$mod, F2, exec, nightshift-toggle"
"$mod, F3, exec, nightshift-toggle"
# Media
", XF86AudioPlay, global, caelestia:mediaToggle"
", XF86AudioPause, global, caelestia:mediaToggle"
", XF86AudioNext, global, caelestia:mediaNext"
", XF86AudioPrev, global, caelestia:mediaPrev"
", XF86AudioStop, global, caelestia:mediaStop"
# Sound
", XF86AudioMute, exec, wpctl set-mute @DEFAULT_AUDIO_SINK@ toggle"
# Utilities
", Print, exec, caelestia screenshot" # Full screen capture > clipboard
];
bindle = [
", XF86AudioRaiseVolume, exec, wpctl set-mute @DEFAULT_AUDIO_SINK@ 0; wpctl set-volume -l 1 @DEFAULT_AUDIO_SINK@ 5%+"
", XF86AudioLowerVolume, exec, wpctl set-mute @DEFAULT_AUDIO_SINK@ 0; wpctl set-volume @DEFAULT_AUDIO_SINK@ 5%-"
];
};
}
home/system/caelestia-shell/default.nix
+13 -1
View File
@@ -3,15 +3,16 @@
{
pkgs,
inputs,
lib,
...
}: {
imports = [
inputs.caelestia-shell.homeManagerModules.default
./bindings.nix
./bar.nix
./launcher.nix
./appearance.nix
./scheme.nix
./swappy.nix
];
programs.caelestia = {
@@ -52,9 +53,20 @@
wayland.windowManager.hyprland.settings.exec-once = [
"uwsm app -- caelestia resizer -d"
"uwsm app -- caelestia shell -d"
"caelestia scheme set -n onedark"
"caelestia scheme set -n custom"
];
# shell.json is managed by home-manager (read-only symlink) but caelestia
# needs to write to it at runtime: replace the symlink with a mutable copy
home.activation.caelestiaWritableShellConfig = lib.hm.dag.entryAfter ["linkGeneration"] ''
if [ -L "$HOME/.config/caelestia/shell.json" ]; then
$DRY_RUN_CMD cp --remove-destination \
"$(readlink -f "$HOME/.config/caelestia/shell.json")" \
"$HOME/.config/caelestia/shell.json"
fi
'';
services.cliphist = {
enable = true;
allowImages = true;
home/system/caelestia-shell/launcher.nix
+1 -1
View File
@@ -1,8 +1,8 @@
{
programs.caelestia.settings = {
session.commands = {
logout = ["loginctl" "terminate-user" ""];
shutdown = ["systemctl" "poweroff"];
logout = ["loginctl" "lock-session"];
hibernate = ["systemctl" "hibernate"];
reboot = ["systemctl" "reboot"];
};
home/system/caelestia-shell/scheme.nix
+3
View File
@@ -120,7 +120,10 @@
onSuccessContainer ${colors.base05}
'';
colorsHash = builtins.hashString "sha256" (builtins.toJSON colors);
customCli = inputs.caelestia-cli.packages.${pkgs.stdenv.hostPlatform.system}.default.overrideAttrs (oldAttrs: {
name = "${oldAttrs.name or "caelestia-cli"}-themed-${colorsHash}";
postUnpack = ''
mkdir -p $sourceRoot/src/caelestia/data/schemes/custom/main
cp ${customSchemeFile} $sourceRoot/src/caelestia/data/schemes/custom/main/dark.txt
home/system/caelestia-shell/swappy.nix
+11
View File
@@ -0,0 +1,11 @@
{
xdg.configFile."swappy/config".text = ''
[Default]
save_dir=~/Pictures/Screenshots
save_filename_format=screenshot-%Y%m%d-%H%M%S.png
show_panel=false
line_size=5
text_size=20
text_font=sans-serif
'';
}
home/system/hyprland/bindings.nix
+176 -19
View File
@@ -1,31 +1,158 @@
{pkgs, ...}: {
{
pkgs,
lib,
config,
...
}: let
colors = config.lib.stylix.colors;
mkMenu = menu: let
configFile =
pkgs.writeText "config.yaml"
(lib.generators.toYAML {} {
anchor = "bottom-right";
border = "#${colors.base0D}80";
background = "#${colors.base01}EE";
color = "#${colors.base05}";
margin_right = 15;
margin_bottom = 15;
rows_per_column = 5;
inherit menu;
});
in
pkgs.writeShellScriptBin "menu" ''
exec ${lib.getExe pkgs.wlr-which-key} ${configFile}
'';
in {
wayland.windowManager.hyprland.settings = {
"$mod" = "SUPER";
"$shiftMod" = "SUPER_SHIFT";
bind =
[
"$mod,RETURN, exec, uwsm app -- ${pkgs.ghostty}/bin/ghostty" # Ghostty (terminal)
"$mod,E, exec, uwsm app -- ${pkgs.xfce.thunar}/bin/thunar" # Thunar
"$mod,B, exec, uwsm app -- ${pkgs.vivaldi}/bin/vivaldi" # Browser (Vivaldi)
"$mod,K, exec, uwsm app -- ${pkgs.proton-pass}/bin/proton-pass" # Proton Pass
"$mod,V, exec, uwsm app -- ${pkgs.protonvpn-gui}/bin/protonvpn-app" # Proton VPN
"$mod,A, exec, uwsm app -- env WEBKIT_DISABLE_COMPOSITING_MODE=1 ${pkgs.proton-authenticator}/bin/proton-authenticator" # Proton Auth
"$mod,M, exec, uwsm app -- ${pkgs.vivaldi}/bin/vivaldi --profile-directory=Default --app-id=jnpecgipniidlgicjocehkhajgdnjekh" # Proton Mail (PWA)
"$mod,C, exec, uwsm app -- ${pkgs.vivaldi}/bin/vivaldi --profile-directory=Default --app-id=ojibjkjikcpjonjjngfkegflhmffeemk" # Proton Calendar (PWA)
"$mod,I, exec, uwsm app -- ${pkgs.vivaldi}/bin/vivaldi --profile-directory=Default --app-id=lcfjlhjhpmdjimnbkdfjnkojodddgfmd" # Proton Lumo (PWA)
# Applications
("$shiftMod, A, exec, "
+ lib.getExe (mkMenu [
{
key = "a";
desc = "Proton Authenticator";
cmd = "env WEBKIT_DISABLE_COMPOSITING_MODE=1 ${pkgs.proton-authenticator}/bin/proton-authenticator";
}
{
key = "p";
desc = "Proton Pass";
cmd = "${pkgs.proton-pass}/bin/proton-pass";
}
{
key = "v";
desc = "Proton VPN";
cmd = "${pkgs.proton-vpn}/bin/protonvpn-app";
}
{
key = "c";
desc = "Proton Calendar";
cmd = "${pkgs.qutebrowser}/bin/qutebrowser 'https://calendar.proton.me/'";
}
{
key = "m";
desc = "Proton Mail";
cmd = "${pkgs.qutebrowser}/bin/qutebrowser 'https://mail.proton.me/'";
}
{
key = "o";
desc = "Obsidian";
cmd = "${pkgs.obsidian}/bin/obsidian";
}
{
key = "s";
desc = "Signal";
cmd = "${pkgs.signal-desktop}/bin/signal-desktop";
}
{
key = "t";
desc = "TickTick";
cmd = "${pkgs.ticktick}/bin/ticktick";
}
{
key = "b";
desc = "Qutebrowser";
cmd = "${pkgs.qutebrowser}/bin/qutebrowser";
}
{
key = "i";
desc = "Qutebrowser (Temp session)";
cmd = "${pkgs.qutebrowser}/bin/qutebrowser --temp-basedir";
}
]))
# Web links
"$mod,B, exec, uwsm app -- ${pkgs.qutebrowser}/bin/qutebrowser" # Browser (Qutebrowser)
# Power
"$mod, X, global, caelestia:session" # Powermenu
("$shiftMod, X, exec, "
+ lib.getExe (mkMenu [
{
key = "l";
desc = "Lock";
cmd = "hyprctl dispatch global caelestia:lock";
}
{
key = "s";
desc = "Suspend";
cmd = "systemctl suspend";
}
{
key = "r";
desc = "Reboot";
cmd = "systemctl reboot";
}
{
key = "p";
desc = "Power Off";
cmd = "systemctl poweroff";
}
{
key = "n";
desc = "Nightshift";
cmd = "nightshift-toggle";
}
{
key = "c";
desc = "Restart caelestia";
cmd = "hyprctl dispatch exec 'caelestia-shell kill | sleep 1 | caelestia-shell'";
}
]))
# Quick launch
"$mod,RETURN, exec, uwsm app -- ${pkgs.ghostty}/bin/ghostty" # Ghostty (terminal)
"$mod,E, exec, uwsm app -- ${pkgs.thunar}/bin/thunar" # Thunar
"$shiftMod, E, exec, pkill fuzzel || caelestia emoji -p" # Emoji picker
"$mod, SPACE, global, caelestia:launcher" # Launcher
"$mod, N, exec, caelestia shell drawers toggle sidebar" # Sidebar (Notifications, quick actions)
"$mod, D, exec, caelestia shell drawers toggle dashboard" # Dashboard
# Windows
"$mod,Q, killactive," # Close window
"$mod,T, togglefloating," # Toggle Floating
"$mod,F, fullscreen" # Toggle Fullscreen
"$mod,left, movefocus, l" # Move focus left
"$mod,right, movefocus, r" # Move focus Right
"$mod,up, movefocus, u" # Move focus Up
"$mod,down, movefocus, d" # Move focus Down
"$shiftMod,up, focusmonitor, -1" # Focus previous monitor
"$shiftMod,down, focusmonitor, 1" # Focus next monitor
"$shiftMod,left, layoutmsg, addmaster" # Add to master
"$shiftMod,right, layoutmsg, removemaster" # Remove from master
"$shiftMod,F, togglefloating," # Toggle Floating
# Focus Windows
"$mod,H, movefocus, l" # Move focus left
"$mod,J, movefocus, d" # Move focus Down
"$mod,K, movefocus, u" # Move focus Up
"$mod,L, movefocus, r" # Move focus Right
"$shiftMod,H, focusmonitor, -1" # Focus previous monitor
"$shiftMod,J, layoutmsg, removemaster" # Remove from master
"$shiftMod,K, layoutmsg, addmaster" # Add to master
"$shiftMod,L, focusmonitor, 1" # Focus next monitor
# Utilities
"$shiftMod, SPACE, exec, caelestia shell gameMode toggle" # Toggle Focus/Game mode
"$shiftMod, S, global, caelestia:screenshotFreeze" # Capture region (freeze)
", Print, global, caelestia:screenshotFreeze" # Capture region (freeze)
"$shiftMod+Alt, S, global, caelestia:screenshot" # Capture region
]
++ (builtins.concatLists (builtins.genList (i: let
ws = i + 1;
@@ -39,5 +166,35 @@
"$mod,mouse:272, movewindow" # Move Window (mouse)
"$mod,R, resizewindow" # Resize Window (mouse)
];
bindl = [
# Brightness
", XF86MonBrightnessUp, global, caelestia:brightnessUp"
", XF86MonBrightnessDown, global, caelestia:brightnessDown"
# Media
", XF86AudioPlay, global, caelestia:mediaToggle"
", XF86AudioPause, global, caelestia:mediaToggle"
", XF86AudioNext, global, caelestia:mediaNext"
", XF86AudioPrev, global, caelestia:mediaPrev"
", XF86AudioStop, global, caelestia:mediaStop"
# Sound
", XF86AudioMute, exec, wpctl set-mute @DEFAULT_AUDIO_SINK@ toggle"
", XF86AudioRaiseVolume, exec, wpctl set-mute @DEFAULT_AUDIO_SINK@ 0; wpctl set-volume -l 1 @DEFAULT_AUDIO_SINK@ 5%+"
", XF86AudioLowerVolume, exec, wpctl set-mute @DEFAULT_AUDIO_SINK@ 0; wpctl set-volume @DEFAULT_AUDIO_SINK@ 5%-"
];
bindin = [
# Launcher
"$mod, mouse:272, global, caelestia:launcherInterrupt"
"$mod, mouse:273, global, caelestia:launcherInterrupt"
"$mod, mouse:274, global, caelestia:launcherInterrupt"
"$mod, mouse:275, global, caelestia:launcherInterrupt"
"$mod, mouse:276, global, caelestia:launcherInterrupt"
"$mod, mouse:277, global, caelestia:launcherInterrupt"
"$mod, mouse_up, global, caelestia:launcherInterrupt"
"$mod, mouse_down, global, caelestia:launcherInterrupt"
];
};
}
home/system/hyprland/default.nix
+16 -22
View File
@@ -13,7 +13,7 @@
rounding = config.theme.rounding;
blur = config.theme.blur;
keyboardLayout = config.var.keyboardLayout;
background = "rgba(" + config.lib.stylix.colors.base00 + "77)";
background = "rgba(" + config.lib.stylix.colors.base00 + "EE)";
in {
imports = [
./animations.nix
@@ -27,6 +27,8 @@ in {
qt6.qtwayland
libsForQt5.qt5ct
qt6Packages.qt6ct
xcb-util-cursor
libxcb
hyprland-qtutils
adw-gtk3
hyprshot
@@ -37,13 +39,9 @@ in {
wlr-randr
brightnessctl
gnome-themes-extra
libva
dconf
wayland-utils
wayland-protocols
glib
direnv
meson
];
wayland.windowManager.hyprland = {
@@ -66,33 +64,24 @@ in {
monitor = [
"eDP-2,highres,0x0,1" # My internal laptop screen
"desc:AOC U34G2G1 0x00000E06,3440x1440@99.98,auto,1" # My external monitor
"desc:United Microelectr Corporation UMC SHARP,3840x2160,auto,2" # TV
"desc:Philips Consumer Electronics Company PHL 221B8L ZV02144013987,highres,0x0,1"
",prefered,auto,1" # default
];
env = [
"XDG_CURRENT_DESKTOP,Hyprland"
"MOZ_ENABLE_WAYLAND,1"
"ANKI_WAYLAND,1"
"DISABLE_QT5_COMPAT,0"
"NIXOS_OZONE_WL,1"
"XDG_SESSION_TYPE,wayland"
"XDG_SESSION_DESKTOP,Hyprland"
"ANKI_WAYLAND,1"
"DISABLE_QT5_COMPAT,0"
"QT_AUTO_SCREEN_SCALE_FACTOR,1"
"QT_QPA_PLATFORM=wayland,xcb"
"QT_QPA_PLATFORM,wayland;xcb"
"QT_QPA_PLATFORMTHEME,gtk3"
"QT_WAYLAND_DISABLE_WINDOWDECORATION,1"
"ELECTRON_OZONE_PLATFORM_HINT,auto"
"__GL_GSYNC_ALLOWED,0"
"__GL_VRR_ALLOWED,0"
"DISABLE_QT5_COMPAT,0"
"DIRENV_LOG_FORMAT,"
"WLR_DRM_NO_ATOMIC,1"
"WLR_BACKEND,vulkan"
"WLR_RENDERER,vulkan"
"WLR_NO_HARDWARE_CURSORS,1"
"SDL_VIDEODRIVER,wayland"
"CLUTTER_BACKEND,wayland"
"AQ_DRM_DEVICES,/dev/dri/card2:/dev/dri/card1" # CHANGEME: Related to the GPU
];
cursor = {
@@ -128,7 +117,7 @@ in {
};
master = {
new_status = true;
new_status = "slave";
allow_small_split = true;
mfact = 0.5;
};
@@ -136,17 +125,18 @@ in {
gesture = "3, horizontal, workspace";
windowrule = [
"match:class .*, suppress_event maximize"
"match:class proton-authenticator, float on"
"match:class proton-authenticator, suppress_event maximize"
"match:class proton-authenticator, center on"
"match:class proton-authenticator, size 500 400"
"match:class protonvpn-app, float on"
"match:class protonvpn-app, center on"
"match:class protonvpn-app, size 500 400"
];
misc = {
vfr = true;
disable_hyprland_logo = true;
disable_splash_rendering = true;
disable_autoreload = true;
@@ -168,6 +158,10 @@ in {
clickfinger_behavior = true;
};
};
ecosystem = {
no_update_news = true;
};
};
};
}
home/system/hyprpaper/default.nix
-1
View File
@@ -6,7 +6,6 @@
settings = {
ipc = "on";
splash = false;
splash_offset = 2.0;
};
};
systemd.user.services.hyprpaper.Unit.After =
home/system/mime/default.nix
+57 -13
View File
@@ -1,23 +1,64 @@
# Mime type associations for the system.
{lib, ...}:
{
lib,
pkgs,
...
}:
with lib; let
defaultApps = {
# check desktop files here: `ls $(echo $XDG_DATA_DIRS| sed "s/:/ /g")`
browser = ["vivaldi-stable.desktop"];
text = ["org.gnome.TextEditor.desktop"];
text = [
# "org.gnome.TextEditor.desktop"
"nvim-ghostty.desktop"
];
code = ["nvim-ghostty.desktop"];
image = ["imv-dir.desktop"];
audio = ["mpv.desktop"];
video = ["mpv.desktop"];
directory = ["thunar.desktop"];
office = ["libreoffice.desktop"];
pdf = ["zathura.desktop"];
terminal = ["kitty.desktop"];
discord = ["discord.desktop"];
terminal = ["ghostty.desktop"];
archive = ["xarchiver.desktop"];
};
mimeMap = {
text = ["text/plain"];
code = [
"text/x-csrc"
"text/x-chdr"
"text/x-c++src"
"text/x-c++hdr"
"text/x-rust"
"text/x-go"
"text/x-java"
"text/x-csharp"
"text/x-python"
"application/x-shellscript"
"text/javascript"
"application/javascript"
"text/css"
"text/x-php"
"text/x-ruby"
"application/json"
"application/xml"
"text/xml"
"text/x-yaml"
"application/x-yaml"
"application/toml"
"text/x-nix"
"text/markdown"
"text/x-dockerfile"
"application/x-yaml"
"text/x-terraform"
"application/x-perl"
"text/x-lua"
"text/x-haskell"
];
image = [
"image/bmp"
"image/gif"
@@ -49,13 +90,6 @@ with lib; let
"video/x-msvideo"
];
directory = ["inode/directory"];
browser = [
"text/html"
"x-scheme-handler/about"
"x-scheme-handler/http"
"x-scheme-handler/https"
"x-scheme-handler/unknown"
];
office = [
"application/vnd.oasis.opendocument.text"
"application/vnd.oasis.opendocument.spreadsheet"
@@ -76,7 +110,15 @@ with lib; let
"application/7z"
"application/*tar"
];
discord = ["x-scheme-handler/discord"];
};
nvim-ghostty = pkgs.makeDesktopItem {
name = "nvim-ghostty";
desktopName = "Neovim (Ghostty)";
exec = ''ghostty --title="Neovim Editor" -e nvim %F'';
terminal = false;
categories = ["Development" "TextEditor"];
mimeTypes = mimeMap.code ++ mimeMap.text;
};
associations = with lists;
@@ -84,6 +126,8 @@ with lib; let
(key: map (type: attrsets.nameValuePair type defaultApps."${key}"))
mimeMap));
in {
home.packages = [nvim-ghostty];
xdg = {
configFile."mimeapps.list".force = true;
mimeApps = {
hosts/laptop/configuration.nix
-2
View File
@@ -11,9 +11,7 @@
../../nixos/sddm.nix
../../nixos/users.nix
../../nixos/utils.nix
../../nixos/tailscale.nix
../../nixos/hyprland.nix
../../nixos/docker.nix
../../nixos/omen.nix # CHANGEME: For my laptop only, remove this (OMEN 16)
hosts/laptop/flake.nix
+27
View File
@@ -0,0 +1,27 @@
{inputs, nixpkgs, ...}:
nixpkgs.lib.nixosSystem {
modules = [
{
nixpkgs.overlays = [
(final: prev: {
# FIXME: Workaround: Mesa crash with AMD GPU + Wayland + Qt 6.11.0
qutebrowser = prev.symlinkJoin {
name = "qutebrowser";
paths = [prev.qutebrowser];
buildInputs = [prev.makeWrapper];
postBuild = ''
wrapProgram $out/bin/qutebrowser \
--set LIBGL_ALWAYS_SOFTWARE 1
'';
};
})
];
_module.args = {inherit inputs;};
}
inputs.nixos-hardware.nixosModules.omen-16-n0005ne
inputs.home-manager.nixosModules.home-manager
inputs.stylix.nixosModules.stylix
inputs.nix-index-database.nixosModules.default
./configuration.nix
];
}
hosts/laptop/home.nix
+14 -52
View File
@@ -1,26 +1,26 @@
{
pkgs,
config,
...
}: {
{config, ...}: {
imports = [
# Programs
../../home/programs/vivaldi
../../home/programs/brave
../../home/programs/proton
../../home/programs/proton/auto-start-vpn.nix
../../home/programs/ghostty
../../home/programs/nvf
../../home/programs/shell
../../home/programs/fetch
../../home/programs/git
../../home/programs/git/lazygit.nix
../../home/programs/git/signing.nix # Change the key or remove this file
../../home/programs/git/signing.nix # CHANGEME: Change the key or remove this file
../../home/programs/spicetify
../../home/programs/thunar
../../home/programs/discord
../../home/programs/nixy
../../home/programs/zathura
../../home/programs/nightshift
../../home/programs/qutebrowser
../../home/programs/nix-utils
../../home/programs/group/basic-apps.nix
../../home/programs/group/cybersecurity.nix
../../home/programs/group/dev.nix
../../home/programs/group/misc.nix
# System (Desktop environment like stuff)
../../home/system/hyprland
@@ -34,52 +34,14 @@
];
home = {
packages = with pkgs; [
# Apps
vlc # Video player
blanket # White-noise app
obsidian # Note taking app
textpieces # Manipulate texts
resources # Ressource monitor
gnome-clocks # Clocks app
gnome-text-editor # Basic graphic text editor
mpv # Video player
ticktick # Todo app
session-desktop # Session app, private messages
signal-desktop # Signal app, private messages
stirling-pdf # TODO: Server version
calibre
# Dev
go
bun
docker
nodejs
python3
jq
just
pnpm
air
duckdb
# Just cool
peaclock
cbonsai
pipes
cmatrix
fastfetch
# Backup
vscode
brave
];
inherit (config.var) username;
homeDirectory = "/home/" + config.var.username;
# Import a profile picture, used by the caelestia dashboard
file.".face" = {source = ./profile_picture.png;};
sessionVariables = {
AQ_DRM_DEVICES = "/dev/dri/card2:/dev/dri/card1"; # CHANGEME: Related to the GPU
};
# Don't touch this
stateVersion = "24.05";
};
hosts/laptop/secrets/default.nix
+16 -8
View File
@@ -1,27 +1,31 @@
# Those are my secrets, encrypted with sops
# You shouldn't import this file, unless you edit it
{
pkgs,
inputs,
pkgs,
config,
...
}: {
}: let
home = config.home.homeDirectory;
in {
imports = [inputs.sops-nix.homeManagerModules.sops];
sops = {
age.keyFile = "/home/hadi/.config/sops/age/keys.txt";
age.keyFile = "${home}/.config/sops/age/keys.txt";
defaultSopsFile = ./secrets.yaml;
secrets = {
sshconfig = {path = "/home/hadi/.ssh/config";};
github-key = {path = "/home/hadi/.ssh/github";};
jack-key = {path = "/home/hadi/.ssh/jack";};
signing-key = {path = "/home/hadi/.ssh/key";};
signing-pub-key = {path = "/home/hadi/.ssh/key.pub";};
ssh-config = {path = "${home}/.ssh/config";};
github-key = {path = "${home}/.ssh/github";};
jack-key = {path = "${home}/.ssh/jack";};
signing-key = {path = "${home}/.ssh/key";};
signing-pub-key = {path = "${home}/.ssh/key.pub";};
};
};
home.file.".config/nixos/.sops.yaml".text = ''
keys:
- &primary age12yvtj49pfh3fqzqflscm0ek4yzrjhr6cqhn7x89gdxnlykq0xudq5c7334
- &work age1c8pawdsxptfslgrz2c56s39mrtnjzc5mm3hfzgr2wdwu2v6vfsdsupjsq6
creation_rules:
- path_regex: hosts/laptop/secrets/secrets.yaml$
key_groups:
@@ -31,6 +35,10 @@
key_groups:
- age:
- *primary
- path_regex: hosts/work/secrets/secrets.yaml$
key_groups:
- age:
- *work
'';
systemd.user.services.mbsync.Unit.After = ["sops-nix.service"];
hosts/laptop/secrets/secrets.yaml
+4 -6
View File
@@ -1,7 +1,5 @@
pia: ENC[AES256_GCM,data:0bnhHeVqKSLHVimd78a94ShHlO3+LUoZ4oiKD3cnBYkaZsw=,iv:S+/IChlFlqdI+PyFF+Ti4AJUkch2MS0qKiqHL1Q3RMk=,tag:+v2kV70ou84eIc01dKnAhA==,type:str]
sshconfig: ENC[AES256_GCM,data:1EY0vnJ6NHb/GODYkiOKVR6i0UoojFPileQW1/ZokxDswGnz6P0eicS72wkMjwsw9tY5l0OM0NNbTIyYkqgE+q0HJw8IkRHvmvBq4AX/6o+2++YJuDTMpCcDkMAp4BNtrzqpBkKaqXJgMbxTpEPRNTnSpg96sinluCtuASEZaI8Ej+QKq/pEeELIGnkYkUr9d8/M8ZavzZ59oQmUsOxOCtYBsCi5BHMpATfVg+WqyXv3uptMB2PoTwsJiJ9IiQTJHWgkpe+WpIIsi4Dc49YpX3O2pHytimfuuy8D5DESKTOtcqg8qIL/xcR8iJl8ISJAA9IZg8eJ1FYdEpfTruwfiPYo6Ce5zH4W/BVm3iQ8B3Tuzi+gvRBwffcRpYkdAS4c7tk7cgF3U7sr1L7yLL6OmuBXaNSnALyHO2W5b3tefGY0YmwGUfh6M5FMI8/5SfxcMfSOAZKxhcckRL1CpFMzmKkAdY/PRCghmEWobU1KswBPiYWQ6vfubbdN1Yx1mng4z6zmkXmiqrc5IQfOBpbY71VnUoXh384Et9PM3cti4K6SmZFYX1uZStP7KXLhw4ZnVZ0J0fIks4RZ11A3NWtE1yak9z7QXj7k/PtdfrsNtIphVZ7LsZEvOvdgIlUToYNcyvagYsRRlreQPqhLSc7ninjIbRaL4a/s6kIdrr3qovPNSlE3R3HRGTBOjTEF9Bmp+oGb5L9HvBBu6NmNwHQ76gySAXbMnRa34JuXtzpEIZ5yo4AI5i2eDPeM2Dx6jUSl7OJm3wT6cVMF/2rLj0zHzp8B1bYOsf7VaMzHCYEhXMu7REMmmfDKwtb9zsuf/r1zlPXJcukDCrtJ3Z/mFl03,iv:0hS7g9gVVntWVSRSPCgZ3rjGcMf2RzQPjMpgSz0GlxE=,tag:mnDakNZiG28H4jmnZH00eg==,type:str]
ssh-config: ENC[AES256_GCM,data:/TWslzoF2wtZ9T41H1y0wLNEx+Xzff8pQGr6AfEcACExRCv4rd5hD9pNAlmlcTtISJJBPEWY45WsLfSKuD4r3715IENM2biQUvlq47THfkGviQuQ6KAXiJxBQ/7qRNqGGt7WFRlWFRGYCiyjw9h4pOhovGgw8TU6tIgIsXjo0psclHoJoE4B3cSOby7DbN8jVI9NjpBGiQMXmUB3JVz7muC9F5EAs+XZUIl7TjQMxob3PiF5LqTJITODSxboAAk901rjS5gjQKpQKfj28TpUs5yCIo9RzSBO3z5orJy+ylupocRuqtC8ujAMqNb828G+0nRx18tpiGqXxRWUBZRNbM+vQHWzb5JWQpEBsu1twsOownVVrkyPkbLpYX4YSSnRdnL8VHmlZfLk1ZFURbsdDSRf57F+Bxo5Yn8XAkFaM5HYgUo4VBabGzVVAHOBWJWi3lRrlAqYdMBbSvDl1t6eQ0xp990RGh7wZvwnaTDqtkOJnLoAknTFi4yjMzSyk5UV,iv:1UJQU4eBZE1BMVnJY2CQTDH8jXSMlrv3gGU3cKTOvdU=,tag:OzLQRkTAKG2KQXv+Vh7Msw==,type:str]
github-key: ENC[AES256_GCM,data:xUgFMlBo8e+3eXqNscxbby1dWug3SgUagDiNUe/IGVbU6cczkaJ3uOaB0OuRBQ8AYhOLkzXj0pIKjUrElHwmYrhURtS1aF4SFEGJsjhhobNA//j3E2/5/nLVjfco+lRzyHdwmsNhEUCqEhsXrrodJMb39H4b5oip3z0rjc729YveiWUKQxXVZVPurp3nq9yNnix9R4CA6XYFRW6T6MNqgPD5qhbcDlhxLb/SN+uI5h+5eZIS24VDWlKaTaCLL5KLhZmfuA37SquOQ+edi9Yg8MnfrZkMrp/3qmAjP2rSQLMOc4QdQCLQBQSf0/snpydgLwY+FoJmMSztwtkqUdIZWOfDUJbJxegEOrAR68jLTNbp+GYiDn3thtOZDiK5p/M1amjCT+A9qeFMed5WS+aZHNTRbR9UcfiP6+48MGZFt1mr7q+/CoL04/DTp0w6tUf6/SZD31NvTJDqngkhpc0ZH9Dh5+2JcnBWpq25AM36kZTn1hIQCLNTr/oGWZXSLA2tksAhQCaUcFj4IIh6Bl96,iv:GEJsAs5NriwENYTV/VShgJF6iMmrtTwNiXOvfXyEP8E=,tag:nfZgsFqaet075GjQAoVZxQ==,type:str]
gitlab-key: ENC[AES256_GCM,data:6271Tg7LIJsXAw7Co32vva+iUWv+eRAfVfXaGkoirHxiPTAgZfq8yDpGJwti2D/aFnLvbURcUgp3B5zy1aURu9puXi6QMu3orJOE2Zx0dX3lyeHyIhOZ1hAWsQxwBDkJYODuMZbIKHNrF26Mkk6smFF9SrGoADZGxY7XSou/iopw6yrLvQAXP6lN55PQvoP5/ek/QzKNwjJAbAjp7FjjtPqPUbUdj7bfIfr9avs6gpRYnRzb2H3auyhb5qvyuRWnKu4+FeZUofC7HnfRU1eSI8UzG49Rg4f2b1Xqr0JtsjvEmuRx7lbptINXEAjW7zaSZ2B9NgotWPIzkNZRNZkuTEaOulBf5iH3wJ9GM1FcbUu2gpCt6y+CMIk5QkVvETYtKuALLbcPx9/sc90doiH1411LeKQCs5l88BBILG9KPkKmXiGGUVNxzFtjbRYQIUEmmyl95kPPEdCkkzGzHXNfE3F9HRu4MCGKPK2yZPZtCXd3Jp1b21wKSIRNYqLqxru+J8eLSljd3czO0SuTG/Vx,iv:E+y3aVLaiStlPLTQBqyfJuEXtAQyOvDUYS+XfuOHuA0=,tag:6d1IAsGcmcpgL1pE9dDcbw==,type:str]
jack-key: ENC[AES256_GCM,data:VfCl3wH0MMBc8QDyjLDFeSvzSEsf7uGpfJvRjFrmjW+bPRUXBpZhJV8a9VQIAz7z7zZXvzARMfCeI0ydyC57CW81GH5/H5pneJ4b+xreINjVfdLbL1nC1thelo/O64jda/L+xVKhgE+QQi8/zt4JmXGghkP+74nYcTTaMpmcbgWw354J1ybXqyCEY+88nsJ1d2s+M7M2bplx4fGb7sLUs6sqdsad3sENzhH/0HQCFXreHTtgsLbIs8ccmdRgFNKM8/wD0OoW76rOQsJoA9JY4yOTQNVoX5M8+Olj6+wVlt6QBrWrYRuEztGnHrHvzxiHXtmEkMwVNfoPpEflQyRYRa0rVp/66REOkMckGx6/LbxKFgrxnifRlsK3kWd28v2bRGVQOghUluYUtVkaJ+eh6o6ik0NQKx8/H6BznBSDE6MjDwbLv434LHBfDtAqhWN1eMbOlunFivsl5Hb/6rl9kydHlcCS6FY8cUHoKQ90gDaUuDrvUifwmdO5hU0GH5tgvGi1ReK9ndcpQsrHptG6,iv:oC1xU5Tu3The105VYRmxIw4kEwDoqe8T/EH6mmqpqwQ=,tag:Pu8c536u6W7ALrqjRsvXDw==,type:str]
signing-key: ENC[AES256_GCM,data:NvLqmt7NzrWkbQQqFfosmSMvEv8C8+MDDpxSoDo3zZ3MR6WXr9B+6CnUc6rtevM230wgE17VC9XlmcQxX+PjJsWq6gZteK5THTIcrR5zPJVNlVCEyeLKoFj/6m7qBgyyoN3OjCNjgMkhsm009jwBgNk0qJMAYebOGo8eoP/al+4ytm7dhna+iX5WZabAg0J4z4JMDQonqQl3SaDnCEdHvk9m7ZEP2vUFscPkbLj4ewgFq+bUCHOOQb2uqRJoEgcR/NetRFcQfzcU6lp7JxobaICaO3zdmomUm7oabIUTrc3Kom3Wjw8ryqfqC1/SC0SHr5XGk2ygk0WnlQ4kNshqriL2dwbWAzy1Z/cTX9+aB/KNtC0U6zWG1bpnL3dgSgvhRiocIis/eNg1HWsLWVicmdebL/lXHztxFMdTuX/gWgQBotggTmx+OFGZfP9ZGlF3635mDxM/fEOCtTyA195dMicCUsjEpBegNtXsp+oOtxyRI0jSW47MBcXFP09f5ywELTPyz4eOUHO8sQ6UfJ6X,iv:KNQUlMPaiR4x1Fw+HZe/EOmh/gfsrqlefpq23uflz/8=,tag:illu42HKunQXnijjsUIvnQ==,type:str]
signing-pub-key: ENC[AES256_GCM,data:XuokZmCsnaNQ0rvVa3k81T4vtxw//r63xp1yHDLaNAMwA2r2bh6addl9WoAmm76g1rweqZrAAIw1PXDb90ubPaBP1iEHSkGZpwUpy/tOTePRdHMW2WtVvidpHQ==,iv:auB/bA89cJK6DnQi1BK2uldXRPyJfo+r7nl5qOLefUk=,tag:/I3kB6El1yesBMGOjJ+oHA==,type:str]
@@ -16,7 +14,7 @@ sops:
cmVxVC8rVDlWMUdZaGw3bmdOaWZGS1EKYahBlc8XpB5UdKZQkvxbLcKQ/xkFJjWo
FSfQWnjhe/a7BJtJEcKZkjOQU0mYqlSu+uT2RA9diCQeRUJPRF+nAw==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2025-09-27T13:28:57Z"
mac: ENC[AES256_GCM,data:XMPDLGHwTYIxgEz9Stj7j+lWgAOpzkEsnoRdWVVs4798m1sQRIyUuvEiCgbHoAktajrAAzXq3GZ4HJ1dfE1fDWGh+B7WwRoJKxtP6qI8Ub4h7lSiDsxJhr8ieqm5bzmHZkn8VJkrqBrSSXesirLprRLR5yZOVLAgco0lg9boM1Y=,iv:pYA5oz8cldKw1Ai7k2LCQBipE2keZa49L3SHcL+eDp0=,tag:4kVsC95SSPCCSZDf6qDeqA==,type:str]
lastmodified: "2026-04-25T11:23:30Z"
mac: ENC[AES256_GCM,data:ZnLSwtyhaiMIcXxzlwhtk0dWVnOkn0avfeRezPPNBUXd0oyJY+krBsLXJdSNPHV/X/L58476okYjUzfIQzEAkrL9Fb7v/Jt0aw4SDrxbF+qbcfdvsWPUjFDJIPovuf3ee3o7iXGU2ItGTaJa2eFACoyd37KVc7jZd6gvYYAyULA=,iv:7IKqe0c5CTgJrS7OgCQWhtxaCVKo+UWEibttFUVCWGM=,tag:OfCrKPzrPBZThCR1j7IB7A==,type:str]
unencrypted_suffix: _unencrypted
version: 3.10.2
version: 3.12.2
hosts/laptop/variables.nix
+2 -2
View File
@@ -5,11 +5,11 @@
}: {
imports = [
# Choose your theme here:
../../themes/rose-pine.nix
../../themes/darkviolet.nix
];
config.var = {
hostname = "nixy";
hostname = "h-laptop";
username = "hadi";
configDirectory =
"/home/"
hosts/server/configuration.nix
+14 -6
View File
@@ -6,19 +6,27 @@
../../nixos/systemd-boot.nix
../../nixos/users.nix
../../nixos/utils.nix
../../nixos/docker.nix
../../nixos/tailscale.nix
../../nixos/amd-graphics.nix
# NixOS server modules
../../server-modules/ssh.nix
# ../../server-modules/bitwarden.nix
../../server-modules/firewall.nix
../../server-modules/nginx.nix
../../server-modules/glance.nix
../../server-modules/cloudflared.nix
../../server-modules/glance
../../server-modules/adguardhome.nix
../../server-modules/arr.nix
../../server-modules/blog.nix
../../server-modules/awesome-wallpapers.nix
../../server-modules/iknowyou.nix
../../server-modules/stirling-pdf.nix
../../server-modules/cyberchef.nix
../../server-modules/mazanoke.nix
../../server-modules/kernel-hardening.nix
../../server-modules/fail2ban.nix
../../server-modules/default-creds.nix
../../server-modules/umami.nix
../../server-modules/gitea.nix
../../server-modules/mealie.nix
../../server-modules/eleakxir.nix
# You should let those lines as is
./hardware-configuration.nix
hosts/server/flake.nix
+14
View File
@@ -0,0 +1,14 @@
{inputs, nixpkgs, ...}:
nixpkgs.lib.nixosSystem {
modules = [
{_module.args = {inherit inputs;};}
inputs.home-manager.nixosModules.home-manager
inputs.stylix.nixosModules.stylix
inputs.sops-nix.nixosModules.sops
inputs.nixarr.nixosModules.default
# inputs.eleakxir.nixosModules.eleakxir
inputs.nix-index-database.nixosModules.default
inputs.default-creds.nixosModules.default
./configuration.nix
];
}
hosts/server/home.nix
+5 -30
View File
@@ -1,8 +1,4 @@
{
pkgs,
config,
...
}: {
{config, ...}: {
imports = [
# Mostly user-specific configuration
./variables.nix
@@ -10,39 +6,18 @@
# Programs
../../home/programs/nvf
../../home/programs/shell
../../home/programs/fetch
../../home/programs/git
../../home/programs/lazygit
../../home/programs/git/lazygit.nix
../../home/programs/nixy
../../home/programs/nix-utils
# Scripts
../../home/scripts # All scripts
../../home/programs/group/dev.nix
];
home = {
inherit (config.var) username;
homeDirectory = "/home/" + config.var.username;
packages = with pkgs; [
# Dev
go
nodejs
python3
jq
just
pnpm
wireguard-tools
duckdb
# Utils
zip
unzip
optipng
pfetch
btop
fastfetch
tailscale
];
# Don't touch this
stateVersion = "24.05";
};
hosts/server/secrets/secrets.yaml
+7 -8
View File
@@ -1,13 +1,12 @@
umami-secret: ENC[AES256_GCM,data:tImpd4sD92Omf/YFB8YE4gxAu+g801wQNR+k5rhY6AbzIIYOzpVmQL4XGjfp9Teky3olii4s3XTcmTyuMoxMWg==,iv:QFAEzYnAnxOOtrHWiM2IkvSs0Aqk3s1T5X7j5WC+tO8=,tag:FIbgHLfRVMJ2qZ6dOJ8zLw==,type:str]
sshconfig: ENC[AES256_GCM,data:R54HVxqAyj9yGO/AYL8p6cnXgYxkQKW9XveHlBMTnDXBJ7r/4HgnefdymprnXmdlbNWcWrRqmaLEuzJs/0BfixXfMvmGTUrmJ0ASVuDrz9k6rOLADAKFikQh0dib7NU4JmPgmUzMncXc2WuCd3BCG3kwBQ==,iv:Ro9FA+MzTAp+ERQMT88z8ioCox/dTj2vWcqCDOSLag4=,tag:5XiXIyz5/pjGFOB5ZjdOVg==,type:str]
github-key: ENC[AES256_GCM,data:NRYhcBIwGJEV13+YECLR+2IErsn/7clbnkx0Mltr7dQajSb5WHZ3QDH0KQPylEHhplE5IVS0h4I0z+Pb1B0UteCxFmJ5wZq+2BKZkvE7G3dojqBpgHcVqJV2GLEJkRjlHfRgsbq/OBe8xcsPh20P1KUyP0WIwVbpt+9dFWGxEGYkp2uSyuBIJ98kElt0zuVgl7WcYoDO7v5WmGzZfla+yZwURvMk8zcM3gopo+4KL6YnYUs+UA3VlBBn6VK4Nvbqy6X0R0+ZA5HHAXg+OFgGmfWnENZmsyQJHXEchGGgEldzThkQ4r8yMkgN/ax+AGouLyzbITapGE4sE11FFgL6Hmp4pSXxl3UAGF+cvV5pIujbb28CXmSPRMyYpoNxI93PSYz/txAzE6Cr2dgwxR4zpMelv4i6IaGnY8NgpY8jp2Y6C0uuJxJCN0RtnjQw1rM2uRnm7vMGyU7XXz9DEVfGnYpTWnykXsEjHE5DVGy80ejYQlc6dtmf3vdTWpt+YYdCPw8/cd0PIx2D6geh1c28,iv:wl+RG24mXYMklD8CBGXVD36DMhlWT/7zh8ZMvr7vgOk=,tag:OJhqF8PoXotr7IsyFW6q1g==,type:str]
cloudflare-dns-token: ENC[AES256_GCM,data:JIXUtVDpYS9B74W0ooj50kd4v2+PX+FdF218gvgaS04rYATu4N6w9KEFPfdQqLjUmVihzV6s/IR1fg==,iv:AlbQ86kvFQbetvmFwt/hEyUcqKTI+XzL/NvSMXW9wm4=,tag:1JQeK4KrTDa6Kz+JhWxkxQ==,type:str]
nextcloud-pwd: ENC[AES256_GCM,data:2oqsNceKuwGscBN2VxAK,iv:FoSfHItgeB91fG38zqtuQzayvNjNPFQyZjZlpUq/eic=,tag:MoEpAmTj+zqVu6OLasD4kQ==,type:str]
adguard-pwd: ENC[AES256_GCM,data:QavwLWENAURnRrFwiLntkiM=,iv:bxdQfBxNL5rwUr7CEKbwXtv5mUUXZHhvyqQL2KoPwEY=,tag:T+cSyzbGeo7E5smSsuFlHw==,type:str]
hoarder: ENC[AES256_GCM,data:8A3eGqIlHJ2XpC2OdMNBXPm+5BdfMlOfTSgiibPtM+SFyiPtGhjWQNmVCD9REf0P2C4pikZ3R7vtwyKpjrraaoSAY7ztAk9eqqikorIzD8hn8wbHz/y+Eko=,iv:ngoVgF348IxokWGQVpbpTGhdIwjOOA6T8qLb1wX6GEU=,tag:+v9HLUksQJ1e2vRR/5fzEg==,type:str]
recyclarr: ENC[AES256_GCM,data:3rZgs4Z/XaQPxbueepPQlUthHMSKn1e92FyIOpzn1MsGmEL8LBSUJvWp903n1BXDI+SK4ph9DaxOFavPkfCnaNMascX13TkGf03zGTEbd3xDZCL5GoXl3yobt0EMRYyRlYu5C1gidj9CjTujIaEXsF1AT2x0xtYweuC1xhpMhq2gj8eBy06sGnyKV/9Kdxo3H80skHVH6ZokndDyv6LfpkCDKQFsSBsEKBfVBDws7IgGFXCv6toWJPNgidReWzMmwKiClkviWAJiqAvI2IABRe4rEZ3Gkr3XFuoxOX2yfvQ1O7PH6O0dXvtfyBOTpGTaZihOqM1WhIutSr9SWX7QivIwtsVMGEmAmKx8JyDrnjhbCCbzjG+4Y6YoHawHYFFwKyOCxtJcsLBFvvkiuUt2ZVUVYCwhEIp3Xk2xb4cxYOIYRStxhiTuhEb8a9PkvkjmQQ4eAMB8bNPlo+vGqAQGPc6FOhm67dh3JbdQpsr9/U+P/AGsJM60SAhx+OzBcDSIS1U6/qJ6udXPOw58wXhJMD+F+gqV7blVBkXITQJ7AaLl/aWmDlkoqkjFVTIjE980e6ap6BuNbRGsN9x3EiVwqfDnqnQ2udGiLOcu/WguLzNjCvXWILoSYWwpEMwEW3SWASbGgk0wUpwZfNKY1HagdcVFO17OW9DrlTuGuJs4eJgVXm6e3glS3CS0dCL8FRs0EH4Rh8mUzhf9VP0/GlkN0kxJEM8PnjqGl0JMnaeQsSr9FDJdqv/2z4hjQBeq8//ER1BPIRSbXNQqZv5HcumSZs+JEttYUgInWL+LZhQrtpkba3sKQGkQF6X1kGpPZmiVSRgM+7PAt3ezpUKS8nMTS880l03cSaxMm+vebPhYtGC1O+4XLhv7E8MPULMkCOQoNLNcQCqKU82fa3vEtS28X6+izRMi56vbzG6Kjls85/NMGVz6rDySnQHMP5vSapcszSHwqGeAXJKfXYPzXQo1SIy0RlvRbllPt7zfOkTDMr52oH/pbtuxLSrSDe4ZjHkmdDzO+t0yAyG9xsvzldYUbDkfAWbnFXay3TICi5JOGe/Otp62sv3/7fjSmKm+9Um5AFj5F5Zo58LKCrH8qy2omIh80uFW0/yNgbuXmA4GqnDmYWaWlccc7yhPsmdAWHIypNS7GxRyW66+d4P7mhccvKGT7mx/gKuHgdUIRjy8bKtjLN2vuKfIiJR6bqWZGtbNEqY4XPfhdYdGdnox8vdrT/8DiR+6Jq+3qvJswTXhg+wYzOVTNjl8qK215VA2/FF25+T8xmSfV+cnPrLIrOrD8t1D34U4eEMrVzx+6dQ2dN1qDwj5o5GSYuYSQ5o5hy2BKt8PPVDI564MzjPfLaAf8cLK+0PKsbi2E4jGRI5BejmpMWHoLAUJvX4kdajd8Ggh5wZFS07pje3T1adzeS/UUnpy/IeLnEz8FfoH9ro7Qz0XGmtItVSjumppBg6jwbf1se9sP13pHfIh/SvVJhOOH6KiFs0lECSetuhIupsqHuJg6ZLa+V8GO9otYiJGZnOKGiZNrBYSek9l4Ncn/2Q+dqOYaCkZ8Xx6gY+qKHgiwavbsYYiJUPK3DLNhTzH,iv:00efefMekG2TsnDH3yNNdMBIITDyxo/qKN85qVGA6f8=,tag:hmwsyJRiT1MbFPKm4Kt5lw==,type:str]
adguard-pwd: ENC[AES256_GCM,data:CAmZFpKN6FFRlCk=,iv:cz45T/z2ZYHNC46FNVp2YHmdhXD4ERhM31+Jo+9PkSk=,tag:GTUvzkYSP4flXs/HUNGYhw==,type:str]
recyclarr: ENC[AES256_GCM,data:eJNbGHb4SZvbF7FAHMrpRynmpVyPiTpyZqNx40Fo+lanqdm7d7oRhkLD2PfqxpTcIyV6BxJk12wGUC0uWVuAihmToL/Ih2FJWIQFUOdbaov/xNWHE9mtoRX/A3gIwD8e3DoFMK/dAk2/TyvvAfxi2eYTDJvxecEttHQGxafq1jveHFDcC9e1aFk3M8O8YlX5yF3zl90mugsUVP+iaSURnY/nglZuEDzfJ6Edge7r5OSL6WYh3OUIu1yzuuKXRZ47B/gpXO/cP89JMmxdPj3FUJkk7Htf0s9ALzpVE9fRohDGcpPIkR6COCLTL+mqvVmyopA1zPoX8/X8eiuocpaT3vqJit7Bc6InzflY/5rlg1x0SyoXWQfEsperfNBeiZGngp382I7rrZ8QSwF4AIsmngNeyDRAnfasAU5OVwK+yPIVhRueEFLNrJPG3j2hpArlzpvY2EPBVJDrYwFslis8CASoUdvu6C7VxtJXFcOZR8QemwJarJFU7v1bVhQoIkarn3V7FfAXg/8RfYrn9HAIq5AiFFbQRNHWXzIceIgNKQFb5yfagtMtMq6XKhjsV07jeYt9X/YU80XRfkPm05yiLdLQHcDNmlB3R+SFPD7qjTE7LuSH1Kdc3DvxwrKfHJLsJ+nSIL1po8gDMW8BPc0g4n4dpQ6CFK5BaDFK4eovNpgAXoRC9orkGw/16YmMozp6J78VJLzu3jcYMFbySFznDUuWcFf/7dVV+7pLAj2ffWXzScLISRBhZ9RNUMaZAKAk7WTmxBhw0yzNiih8OFUkbpp1FFLuU0bnBY0iEz+8/OSwv8H7t0HYe29HO61p1huH34B/ZkPA5VLKivFh2mOPNzbvMqtIAkq1ro82Psvc6t88gVIc+VAOZ9zDLohp0FXrNVXwnrs7fxevQa0pUClDivO1ib5G4Znor7q+13jZglmh3G7nHiniO607dRoxszzVEQdTn8ku3XAfIPStsSfQwH46nXhr2kDkspcA7BqwJph0dsKKlfzf22C0OJkDY0L1DgKFvJRmmKAhOdB6XxXYwS+BcDT+8ugejTKpulyPSsbdb0m9p9lVAVu0GMxFEbUsuE+QHiAAP5Vle7swpl4h3i8uHSfKFra3qEswwRnPAHhPSdLSaSU6O6T5gN/b0hhO6dAiNR0UOkOG59fPasL0MRpeb3SkM4Nd6g5b/hY8dXaXR7pQHvh+4GmfJFWYaWm/cZ8k9JAYAw9Sn/spWnjRmpv9bnSxADGbkdV8NDHquDDDFVIIoDnWhQJpqrL61KZITx2Ete1SYdNiy++p3mOYisJgHDsRR1RNQNxhRW4EY8c5nCzgc8x+rU432pCOfMbAuGEfQXMwMGFGeoUg6EL5xEyUEJ/aqymxI+Vjk8h7KfDnOyyL/+1BKEd/GccrjeQfeZGRLI0Tu5gVgL6twc+u4av6inNMMhPFzZuVrfeo6bip5C8R0dK6Pbdz2L/fsgn3E4NNi14NM/DgLLhJRLvKQdCQx+BT+3soNRw5htTzuNS48MD2YDwZYvNfu6mo0r4j4I7Tj8zuCjddbGVa2/5XnhcfdUBx1VOd90H1RKkk8kgSoR0bgo7mLls=,iv:HT3a2YnFy0cF9qUO671kwqxuzFfNnfqynCUVGHf+3dM=,tag:nrA++7fsnc4Cx0OPSDKaRw==,type:str]
wireguard-pia: ENC[AES256_GCM,data:2IvJARGhesMuH9RdWzsyrwA7eqrhLyacQqZ1RNEkGOPUkQGX4uimKBSzkxXRy/haZ4V2k73JdLSaB9rAuI0n65GmWHmarwZekOyhRZSNb+zvFgw5BPZmywG1wR2HiTGR/qILovAaz47q/VnohUnjbbMCUvarC4PytWGxMUH96GIgZar8HjHFtK8grCSxlvpHKiDeKx8VSXnY/Pxj1EplBtIqwmtAeZdf/VjtwOL0nY54doPwHdIAvJ0B8Cu0a1zJIGEbV1NlKIHEJ1YA7rmv1ODkBnbXbIHMxAR3jeqR/UDqhDmXe41KujhiJI7nNeO7FKo2v92jK3fSbxYKatLrzXktHpE9JsMYVBXzTK7yAXPgoDdgLXzWH0OrJGBSisPrvqmxUko7MPreuwVYfFlKpll6JLifk8sML4A+94UPR8b89guXn7kBkLg1Y1oIAyguCdKpNOD31nXBMFF0nTcmCwyshDySaGTfJDgox65/77AiN1wH,iv:cdu6lBjLnEEfSFmWMC4Vn2sLKsvpCaatzXlgRNkEMeA=,tag:y1rAeNPB+DNGTpnP94iQrA==,type:str]
signing-key: ENC[AES256_GCM,data:FrJzuTgH/ooZkcnYL55uQcc4u+QzNnFvNVs2wDSE4nnwku+EuCJBlb8pd/6W0KPwIXzcki/8CY0YfRcRrzjExMgMa4hwxrlxS9bk3LNPzJsrRK5RJgPg3iA8L791f1zcDxNf8RuWatIqm1TCK+Vhdk/p+221zy1Gcq1dW8X+o4XzbPBzHdLagcIdB0wpjYTtIoGP2X8GoL/NJpuzIiQBK1HdGNKvUI2+ztqCQZOsxm+Fki57NteX3/Llw8AwABjdZvviOBZ62OvJ/SsOQ9NYAvKfAkog5zCn8DLvaqAPGSxRBQEYWM8GyL2imgs54YfEsOpGa4DzMiv4Sc5m398E/asaPq357eksUqh3EYpzoKZ5bIbd5+Vs3KBWKHltUCzXLHaLrIX0CuJFQFi7DCxEbYqlb04x5t3jc/c+/7uwqBHv1Y5gwAjd8JswDWmE7Q3xSk96Za57SCxWPYTo2ErsA2XdL+yxXdhmqkhDZKtUzrcHExhnYe7YLpSlBEclJ/G2BeTOFIWoAmN+1y4rh21R,iv:VaZrv5/41ZyIax702Yae4QmFKpcEaWwPmTo2Mxao3bU=,tag:HC0eqDNit7jQKeeDAKWXKg==,type:str]
signing-pub-key: ENC[AES256_GCM,data:CB7uU2Q4oTEKihpTIXGLaV0fJ1cv/p4oJJ5kjaU6BZiKhsiMA1JILUw2oVIDTDb+80WPzolDzZwWM8v31d5QIrZpHcPrdRLyV0X2USfG9U4aQ/ls79QAyOOJXA==,iv:/Eb5/+p86tw3tqNiDVHGu7HS1KBtFiYIgasRYJsAiEo=,tag:dGdJlcrnuU73s+IMQ3w3hA==,type:str]
cloudflared-token: ENC[AES256_GCM,data:7DwWFL6JbJXuc6fSyrZkMt/+DAcqDYBQOzJ1QhBL4yfCpQ57mjDV2beRZ8H7SuyoKY3caifHfAVVPDGG1YnffZ9anLRyDW383aHKmgaeztOXj44eVQcHi3evnSiH6h0HasiyO8pNzhnKpYew8CwHSvYZMraX3ITz8UKOTtsanO9/8ZD6Y9gyxfLoySqbeBy2x/0Ql5hrDfrX854C+vYuXM9VJbtQqMBa7+IBydUvddk=,iv:jZTk5ptuwc+1aP2rimqGnyCHR4/J+W4Kyn3LKXXkv/I=,tag:xr/LhoNH5aWdIJr0Py6nAg==,type:str]
sops:
age:
- recipient: age12yvtj49pfh3fqzqflscm0ek4yzrjhr6cqhn7x89gdxnlykq0xudq5c7334
@@ -19,7 +18,7 @@ sops:
TEc5d01RaVFGNXc3dlljM0FTTHpENjQKOqwI+pl8UxVIVl43glnOYvW660/PsDGY
yefODJGVtHrOm3yeXC2xlTi3sFW+c5wUl2yPqddbvcBt5Ud/yd4iXQ==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2025-09-14T19:20:44Z"
mac: ENC[AES256_GCM,data:nJ5lnPSVPyfMKhlNwzhxYGWY32i60P3N+jpBZKo8oEh8sqjsb4zHAECG/vMXrGTPwYzZ46m5PQQURCyeOvjuMaXK8184zMwFkehXtMJWI7/aKYbSpQqOchl8BN7QdlxH58kqtCwUkdldiW6t6cr4/VAUUPPLqpK19GDrwUYIVrY=,iv:JZBz5X8PdCFXonSPBd1hYiFG+t0aMQDmgCmAbclnpis=,tag:7Pm7V96xMRQZa/JAiDGYmQ==,type:str]
lastmodified: "2026-04-12T18:24:10Z"
mac: ENC[AES256_GCM,data:D7gWC1fxZkpG8dCr7aWhcyLT92NK1OefS4SIAq5ZImMYRJzzvhXtyJM9tzUYVWPU0ojhgOJyawlWEFk1P/DWjOrafBsBHdxUl5FtZrRb4Z/rquODhR8OT8UYFVKyAmjSfomUEDzYetJdXdAxhX3eNlT+eKI51IjqD9y1dYqcjMw=,iv:ZPIkMf/fUETeUYQdqu4TpS/ZE752079jIW9BlehhWlw=,tag:Z3i/Zc0zkEF5rsNnkmUB9A==,type:str]
unencrypted_suffix: _unencrypted
version: 3.10.2
version: 3.12.2
hosts/server/variables.nix
+5 -1
View File
@@ -5,7 +5,7 @@
}: {
imports = [
# Choose your theme here:
../../themes/nixy.nix
../../themes/rose-pine.nix
];
config.var = {
@@ -30,6 +30,10 @@
autoUpgrade = false;
autoGarbageCollector = true;
domain = "hadi.icu";
tunnelId = "a1dfa315-7fc3-4a65-8c02-8387932c35c3";
networkInterface = "enp3s0";
};
# Let this here
hosts/work/configuration.nix
+26
View File
@@ -0,0 +1,26 @@
{config, ...}: {
imports = [
# Mostly system related configuration
../../nixos/audio.nix
../../nixos/bluetooth.nix
../../nixos/fonts.nix
../../nixos/home-manager.nix
../../nixos/nix.nix
../../nixos/systemd-boot.nix
../../nixos/sddm.nix
../../nixos/users.nix
../../nixos/utils.nix
../../nixos/hyprland.nix
# You should let those lines as is
./hardware-configuration.nix
./variables.nix
];
home-manager.users."${config.var.username}" = import ./home.nix;
networking.firewall.allowedTCPPorts = [9001];
# Don't touch this
system.stateVersion = "24.05";
}
hosts/work/flake.nix
+13
View File
@@ -0,0 +1,13 @@
{inputs, nixpkgs, ...}:
nixpkgs.lib.nixosSystem {
modules = [
{
nixpkgs.overlays = [];
_module.args = {inherit inputs;};
}
inputs.home-manager.nixosModules.home-manager
inputs.stylix.nixosModules.stylix
inputs.nix-index-database.nixosModules.default
./configuration.nix
];
}
hosts/work/hardware-configuration.nix
+35
View File
@@ -0,0 +1,35 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{
config,
lib,
pkgs,
modulesPath,
...
}: {
imports = [
(modulesPath + "/installer/scan/not-detected.nix")
];
boot.initrd.availableKernelModules = ["xhci_pci" "ahci" "nvme" "usb_storage" "usbhid" "sd_mod"];
boot.initrd.kernelModules = [];
boot.kernelModules = ["kvm-intel"];
boot.extraModulePackages = [];
fileSystems."/" = {
device = "/dev/disk/by-uuid/5dbf85d3-d236-4af8-b489-d6066bfe1eb7";
fsType = "ext4";
};
fileSystems."/boot" = {
device = "/dev/disk/by-uuid/043E-1755";
fsType = "vfat";
options = ["fmask=0077" "dmask=0077"];
};
swapDevices = [];
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
}
hosts/work/home.nix
+43
View File
@@ -0,0 +1,43 @@
{config, ...}: {
imports = [
# Programs
../../home/programs/brave
../../home/programs/proton
../../home/programs/ghostty
../../home/programs/nvf
../../home/programs/shell
../../home/programs/git
../../home/programs/git/lazygit.nix
../../home/programs/spicetify
../../home/programs/thunar
../../home/programs/nixy
../../home/programs/nightshift
../../home/programs/qutebrowser
../../home/programs/nix-utils
../../home/programs/group/basic-apps.nix
../../home/programs/group/cybersecurity.nix
../../home/programs/group/dev.nix
../../home/programs/group/misc.nix
# System (Desktop environment like stuff)
../../home/system/hyprland
../../home/system/caelestia-shell
../../home/system/hyprpaper
../../home/system/mime
../../home/system/udiskie
./variables.nix # Mostly user-specific configuration
./secrets # CHANGEME: You should probably remove this line, this is where I store my secrets
];
home = {
inherit (config.var) username;
homeDirectory = "/home/" + config.var.username;
# Don't touch this
stateVersion = "24.05";
};
programs.home-manager.enable = true;
}
hosts/work/secrets/default.nix
+47
View File
@@ -0,0 +1,47 @@
# Those are my secrets, encrypted with sops
# You shouldn't import this file, unless you edit it
{
inputs,
pkgs,
config,
...
}: let
home = config.home.homeDirectory;
in {
imports = [inputs.sops-nix.homeManagerModules.sops];
sops = {
age.keyFile = "${home}/.config/sops/age/keys.txt";
defaultSopsFile = ./secrets.yaml;
secrets = {
ssh-config = {path = "${home}/.ssh/config";};
netrc = {path = "${home}/.netrc";};
github-key = {path = "${home}/.ssh/github";};
gitlab-key = {path = "${home}/.ssh/gitlab";};
};
};
home.file.".config/nixos/.sops.yaml".text = ''
keys:
- &primary age12yvtj49pfh3fqzqflscm0ek4yzrjhr6cqhn7x89gdxnlykq0xudq5c7334
- &work age1c8pawdsxptfslgrz2c56s39mrtnjzc5mm3hfzgr2wdwu2v6vfsdsupjsq6
creation_rules:
- path_regex: hosts/laptop/secrets/secrets.yaml$
key_groups:
- age:
- *primary
- path_regex: hosts/server/secrets/secrets.yaml$
key_groups:
- age:
- *primary
- path_regex: hosts/work/secrets/secrets.yaml$
key_groups:
- age:
- *work
'';
systemd.user.services.mbsync.Unit.After = ["sops-nix.service"];
home.packages = with pkgs; [sops age];
wayland.windowManager.hyprland.settings.exec-once = ["systemctl --user start sops-nix"];
}
hosts/work/secrets/secrets.yaml
+19
View File
@@ -0,0 +1,19 @@
ssh-config: ENC[AES256_GCM,data:npBcAOSwHpApUASlZmRo4stwMrOjdrdmhfYwumjbTpcq8aQ2ybV8le7cjNdVqIyxgwxUFV4/tGfmsq4nlrWIO/85spwfC5DyPGaZ848NI3UZJj8k2GKuw5qk/xGsTveNhq+vNZQcHeL4aeXF2TRmFLDHYGTku9anFL7FWkQ75MmGW78XfPUEyZJ52ylXq3gkYeVSrl6cXuwJw/QBlu+XTgFk4MM+E5BTXBFFNJOYkIt4GwWX7wdI+QqPEof8J0ENYdxUAMKMueL4pLNclWP0fu7QC7gwwRJWjauCNElJiDhpVFa6WukJV/Ut+I30FH9cJtj0rSodeu0hq2fWaiQ0wVbQudxi0JcnxJQs+B9nb6kpF+TN0MiD,iv:c7DMZSmlgMMnNlR0/kNRKPYjCzvNQJ46mZzojHppSg8=,tag:ausjsFk0H9nOiiMebHXSUg==,type:str]
netrc: ENC[AES256_GCM,data:EOpuZhDVXe7Q4P/98C3gtEvkdawI26d4oX/wRNytyp/mAdkHytXiLpFdsuO/3DADOG8h1CCo1UTs9ex+bqoD/LdChdp7INfNDSQ+aDxTiG0rLBgjvy8TIj8=,iv:tc/RbN1Upbjv+3rU5zUR3P//a1Hj1xODInLMShg4i1Y=,tag:7E9G2g4g+eMeJrwI20R/1g==,type:str]
github-key: ENC[AES256_GCM,data:LRgJxUcKvLiqVJ3acz88oGp5qmvbo7QiyTbcft3YwZr+84CLbty9GCMrryJ8DFnP8GCGh+cCQxyvk/n/hA71qz7WZ6vIWbTN2byP0LHwDtQpugYOQi9z1Q04hQU3DYnsqKS8hu6bnUV/SzrDpAOXugyMGZL5dITitidgEsVG5PxB+bzTZGhg7EOcZISz955AEtD+bGedvxaryEcMYPTZwRHYPl2+wvKKIbeZMiup6i0BCCYktUUIb3qSBawbknZ9nfbQFODkZbNuEEhyU2MITz2ajQEx8AjE4eUutjBBQpJsesIhiAyq5H1AmJDzesC4iccFUpTVHFWf20clPX9QTH5njqbJ+aw1hIzU2ljK3vou1eZfoZ5HCdV3+tuQTJGYcfFY29/PaN4sENPhgbYm0p9Ui4UlMbte3FfmhSqdMzIc8jIB8dPMtoUM/NTjxof/dVu/TPMBTqnJplzNgvH1r2UcPToiAVfWj96tXsr2ESZfE9q9oQh9EGMcyGpXxq06Gni4tOnXDaF3oHyWAiJ6jP/wrYag5/67m4DwpFEymg+/ROKcy2ou3MYA+748ocKYFRoOVfY+SwcM4bxl6smstsRZW8SoDo6O9ikZII51LIN7X/6sQ0L+dgsBTT75zm8DOAFx2tnVgSPN8HYsd2tyHA3L6pYxAAGmY6lSGJfgmYP8hForSuZgCSxWhlwPHLLrU14A2wOFw+X5b4Zgy2ZdsTv3pHDn35a8lNwANKiWhXSc/irie0enmNjKyKTQDcVxq65mho2D+q7XANjDYtqQ8VX93HD2mLNljuA5GjJxtlTrw6V80AI9OiKjMlbEIG5BHIwOcDj5z53kZ2hPHIlSMCXVBXgBwZgPzw2GXDnIgsLFtGirVj/H+N8IWUioUgyimLjygPJwk8lcIrRCA279O7PnFAQKW3gchs4BN76vF41dR5AVJrDeWmSRonMHZEmGaHONEy+8pxFYf+u7hI6dC6YwrhNYHFgKymtKoYCGS1VTi3MXVPxzL4KxnS+StgfDqzf/FypqGD+c9Qkz3THw01J5SyQO4r7Y7cJFhpRvF09uDvT55BtUVuxexOUxANsmbzJCSKG0GLEWa6e+8owLHRbUh5fQQHN4WVMOCb2XLJkHM6YkZv+Sl3sjwUOtZS1+hRAz4I5BsxxNYK3OySwlzb5yBF2axC6z0DTpXNhyMUSEm2yI4gGroW+x0q8AK4dYelhcBC2QYYp8a2QkQu7vphg05QusuebZpjhRsFVphkjNmpEmAxAGRK/AaRr6YZtfVe/IsZgXso9xr75TBl/wee3jl5kLfBxs0q4lUCmfAcdfkT9EUWp6IOX6E+l7rgObuPLU5q64QtPzu5WDG2zM8cQWMbGt34EnKqSqwUPP3cmEVNuPSWh4bubLFKh+wcREMaMQ5j9GA9AXHDQnFsp3M9L3+0CBJIdBGnZetkjpg3l8INkqXzI35rNmJ6DkfmAE1a/SLLu9qkYK8HWi+1hsqKpNqv6bAp9iKSCb/tFc88wgNVh2n9UVZXBuWXCmtwc2BUfaN9/rw6L/+iqrTu9vrq0LTDSy8A1RuKr3aY+EyCN9gd+BVjEjpszFD8Jnrgj4qz5jihEgo8/AdGAS5/8QiMhdr18LQ5JaNC2EAsSswHx4MpOtFyyt84qJV0Ip4zegDJ0wMukjBJuRsZ6yR6ThgB0357pdmJsSXvj4XgevTwewWMmyX18kleac/i7oifv1xvp1gQrgigdp7s3tY91zH2o1LG/DqTbife7lgt9P6kR/LsHevJaVOytLv8DTO1ggTZjHDMT+A9DiUVot/gmhPcf5JwMnhV6PII5XtR4dy+lIs876JQFDm2YUgWNTPO+EJS/G63TgHxyJxBhumPCODzbYY58x+RFzykPvBuf+d6MpP2A2Pc2KPgW/SWc4XqTUVj6FIgwS58NJm06uLdh3vrEEUqO+fL6KOzmLYAa5TabqOv9oFGXYpOJ8sJtfGXIj6i+/aG4LrNZGeTzBzvz+W2jOcAH27qciC4YopLcP4NR6aXA3jYLVOLCnh54IfPVgMFFg0ZoqeaHEZN9jJIMsXNGbGsfT+f9FxN8JxAOM/iqqAVeCguXxNiKGJuCl+uQU2QdqyJVSgyq1xtXibRqGfJCDc+oGnXy5/jxjb0uDzhdYH94kfR4cj01MTDqt3kfFNjJtjl0KBR0oXj/E//PJwRgKJ3i0o5jYjRyLSqUfUJvEyiPrOmzAZrXQT8aYeOyB5MO4t0pdcMGBwcrWPkmxRiu3dERJHJttpFD03Iv5qFRZdNAsrfzu0dW59nO9x//Czxs3mcJfRyj2moAjMiyYC6vg5hPZso3lyDyJgvEySZ70GhJAfkb6peossSco7cdEw6lVisXDk9BuPArDn/kua94eUiajB1v3dwwvWNc535HQIQIbTd5478JESiFmB7mt5EXFXWVZWDhPRxkK8Px3KErl+4WBZec+glBSnrY1VqXDdBRG63etA/Ev2P4ih0MTEiv7/Bcbw9uzVsIIwhyopY3JtkJP/YqZpS9HSDzSTnkCcetO9YC6K1aqRjdxzDwfOqadu98gzXxZZOsGMFaBgptFqBwfrP5Z8+CWWebMIL2HzZCEhMZhHRFcfi5dI7t6R2AS6cqRFXQlaB75lYhOvFLmeuMtspjTUL2SQa1J17bZn9JYVNvBfL4twfZdp4zjo5DgFF5LiHC6uQa4LW3aWN8ujQ2CGRP67iRsIgedfrNZG6vdkwDMpzhyFFZXXrs507RTimTJGngX1kBWNb+j+b/RmjLsdONPPgCgE1o9fxJCfHM53zDHSlVcO8rsLideXY6HIUKgZC0khgpif5YBG+iHeqfT3ZBLwhLjK0GH6oP3TKw0xmHWq4Nb6C6OqdEIGQ7Rxt+rWOOPKhUMyzdhwz1YpeZA0zobRdR7isvmWGTMwxS56r+NuI6dOQL6xs+MlVFOPtyYNJAF2qWDHt0XOa/7Kv4XDRF7zDA19ZhqG8xDU9NtDwUDFrPBV5kO0TDSHuh7WShkzyXJYfc62WEIxIfbdMVX1m+mG20/f6Tk2r9wRxtAdxU4WqhK+YaZf8ZE6LfsNwJVyWI+o0VeK2v/2GkdUVeuDvq9aju+BipuUUHs9K09a4EyZOMNJtYUPj53W76rVP3rwAXr2jj+sWeDFCibsNTkv2KuyOzOM1cJCbONXNfqPAo5yx3cAwXp/ikz9kPMwmVqgIHGAd6QsTmaBXe4ex5C+GA1OBCMvk6ZAoSwRsAmoOZdharD+6dEEFL4HeqQx3XT+ddTRcGiQxgxuwPDAxcuCBkvqZSuVt1jb2c4WpL9id1S0TEsfzRtDj6VGM318jV3pj3pZvLXwVMJc7J4o6f0MNhjtgOZdcc302sh6HrusTn/zrRPpQVUPHkmmvmB4eP6IVT6aeKQS8Vt10PNtXbJKLYqFGnlTrrlHxBrGDMfz/j5ycai16VKeaKS1SnR1TQAReOaOksMc17xDVo9hnocOMs89tzCkDQ3e14lKngxWzmcxZAS6NGA5u/Y6x48b8OCiVbsbOxoeI5ouKd37TVPJEHo1VRPOhruVU50xv+eZtCbSkpTWPMq3r4AXZJjTKXn3aYTMQNMisR0yhto4dkdoNQw93ngm+MSduv+Sxt3VG108G6UDVEjE21ylMDueP5rDQ4G2sBPgIT/uSyFWan3tcP2eTFjps4BB0yzx4evjdUqu+Uqkvts7DOPY4MT8/g8YO41PvAW5sFItcwr6gLALyVSK8I3dzePeNELXK6daHLhkcI4EN4Yh3OO+kkT00X29A/V7wqIoV7T06FneC6Hg8rWyPHTFbAO0zqXK58Tp4E0kp0LkZHS+nLbmvuZOKSyQOMNWTvMYcagfRc+VgbAPjnZ9yRCXvWHY6N2z2CTKEioYoqt3Sgs8dgRHVZK/qGoO5lAWfdb6cTUFOZU0FnXYTS2ccQdOf8bJHOmldhavi0Oswe6wWpg3/Rp5Rvm0Y0g3r5CEF6lybkjM4K6eXc3DsFWcV43VPw/1w0sV3ErtuJHVyYxZzyS+iO0FC0Vpvru2emHoylbn0Tw3Cy31onjbnRlJfd9hzEZYiCUDj9l2P5b8Lrmw127NL25pzA+tdnRi55QS+ceUZ6omPqf7YsIO5AygG5+ZDCwFfjBX3tW5dpEFXzsdx1GWLopxT8RkPxjRjm8Z5EJpQtIYmptc3C6nBvPPCx0qVXJKo0LNbm9pZ1QPF0Vi/qS+V8PsL6dwPFH4t5jcKXJUdPNuiVLcqogKVicPSP+NviDn38UjWXixPHhkYk5Rv/2setqUXkKM+vePnOv7fNE3Px8QqJembwYkaj+T5do8st2KbJy08B2/l3gYvKoMZ5A3B3ypz3gghnEYPXb9uK1QyQIUsfV8tPFyFFWLVDQbSBSbqsWDfV1FThAJSi/FhcI4Al2JuqPvESQmjKW3qP6kk2GXQQco+R0lPszTEum1M9YQxq6YnRRy/wAPnHZgSgwNliNzx9d/FQbgo1kNg5LgdFjZh41ooPAubRyxfkHxzsVrnhjEV22wA/7dsAdllnnWRARQjBfn3tzENiG8YV/pWZF78aL8XZwapiPrWI=,iv:2Mvmz1CFO1112RxjIl6sxyNIDqa/cg00um6RcQaHNY8=,tag:+zygdwQdCBeBXVLvAj/jJQ==,type:str]
gitlab-key: ENC[AES256_GCM,data:1iAAh7CEeJGYibM1wcFn9MRK8TtgRFA2dCSVZThiCI53GKkbbf5JZ2cYJm3p/D9loP0/lU7TbNR8IjVyqqGP8MF+u4cm0gFIEL0i9+wBKIJsYXxzXV7XIQNTF1JU26/b+hpfUEcqXANQ88wdaGTrEDYAaMV0kYcBUkpMgUdIU+iCJkr3bPKZRjengA3/Sj6QkRzBTBrWo8ANEAnmi+Nn8NTFdHbwp+uLwelijCOz4iiShMTRjJYtBZ8zlGXf7qv9warXn91oh1p5aPYBRH6CuUwX1lZYDPmFGxOS5usYYippqsRmEEg9Haas0EwxU8CAZgX6cNnfjhq3le86vCapqZnzdNAwR5rvMEQ178Fl89Ri5Ka7n9GU7CFRzzXpykPErKbsG+T3KtfO20Lo2eDWO/gXuQILZcwaFDEbZuXq7qbrtyJ1TmtXQF73paG7yEITwOFLaMeJVRX/WvdXbzFo9X8V7zv7iuyyi4Y/RzkW2g7Ck0x3MIgxyUkDQZnb9XLYm5PzoKZ54uXIC6tqaC7ux7o785VOvaaNJiu1r+mtm7tN3VD3nQGBMGC4BqM4iYEt/KcTC4fn4rSwecfcYTpGQf6LfDOWgZvBz8Fw8AraWIANjHkOMrlWhIJJ8g7N+35rThEfrC1hGAptWsOSVZ0NbZk3UMCzv88KpDJA/9rekLIpAodJaZafM3VhK2ZLU4i6IYprKlsFYB/+WDwvppX+LIofMdhZfGhI+hRyiNF1egh+PBv/UzHIdanNLiITXO6/Kt5kgSujVmr2O6NWOlx+Ve1udxXWzNxp0qrMKa2JVljBS4UFw4HPM0LzQ2KMW3rZ1fWq88/dRtzoBJfouL8smeSrc+VJJACEzHevXq4e8zgjg9+QnK+ZWNwcna1bQgB+lG76hGnfVvIHF4PQM6tGSS6RLQrwsAMI8DMsiRhYUc8Bdrj2+fM8GFTC81pYyRsmha6tJmq+S8oM919iTqFFGFk4NFMy1Mj/95Ckrb0tkCIiJe+Quvu91oLVzLAbkRdDF/H6rudrndhqlAANQs0acPemuD4/rrUfv+jFEiOazjydGrHTae0jnJyS5mR3QZxWst0p7Q+yIlduU+kY9uX+ZuDwjUsOqy56K2mn9+dPVA10D0hqSiWUQQ+TQU5QGaalJRjt4RG2V3fcwCs8nla4XNrxaSty67141CBJHgh4I37qCFcu1f7YqqKJNmVJwBX2/70Rg0nb63FPDh6UWtyaheQD4GL+2ZUJmlh+ZMPzJZEO6fABOQoyyMZhOv2Pem+AQHD97sN32E2WoCiSxMFYFe4Pc9sy5rFkZb7OsdNK3VzoeWVkklhNqpis0sU50Bqt48V+2qXFU12LGUuglzo9dBTJCgaD6xqadEYlh+WH18Q6yQPefcwcWzl0Ql/Y/F0XfSEgaIyd/VZdQ6QP3ZF6q4oEtKOCg+AnkbMVUw5TA+RdW/UnhJlErIs+AQRkKZ8JwpIalTccAEk7VgQQdRiCD1PBhc+0T9gzTbQTqCB8pCqy7M6UEUbumOfyUKOtkosk0Bx8MLtyzX7va+3D0h7Cdze4CFTUT8EZquSWoX5ozwF1DdsBs3wrunIa1FYYaZQDiMiYLZ64TRzVBujeyZxFQLgKPbEBBr1BalgJglGALLZUfkmz01g5stgkZDeXvbTgA0W9PKFhZ+lLfrZ2NQzblZ6DiLeFM5ybxSbCbBSx2gzzBuMgbWOVTFDXLRuGOE0GRWVpzEtcqTncQfbJT+6AicA86e6MuXn12Zq3uyF4HoiybBFEAkYF24qLz2XZ6K9E7aNdWJAY2dcvq+LCoaHKlpekSUO+jrfykEfH5eFhnSj+hrwtSa3+3tLkuNdzjEpTcvq3l0d9dVAcMswv93RrU9PNGs66W7wRKiiOYvC+BqjOIkUvXVxr5Tl/1WDUgah1BTaQO80KEphtmEen4s1gLQEUN6lA0HsBAyDOMHGfkDgcT2pH8A6s5bc8BpXyyGZOLQ89h5vpvCPFFbxHNxffKXgRWLUfoNoXDqBG0kxDm7+CLmkD9jmH1XkRu3a0qr9KgZDUqQoVHCpUMXF8/HN7+1VHIUP5pWO9mupX0jL91ymF16HBCucJQiCWmKr2Cn+huPwtzcRblAoQAZY4da1PbIBwdys8Q77WETrTiK/XrQHiE/ZRiPFZK3B4wPFjMGyp7yhnF23ram76E3ny0xqunfjvyTLcLVmkmdDIz6FpNCa2Qd+oqpkKzFEF3hcmZgue9uqsmjJk4ymAKqTXB2PUdz0GoOe7obg6QyZS0WvgsuCuem5yePjYL43AXiFfyDp4fDRRaB5qpJzXS8HzCh0Whyg3z8UEygVnXMmL1k/84LsfME4/ubMV4cJn5Q9rDFGIwUfk4M98Y1ylPWQfcbwpAxtipBN0uQL6WX6L4dglE4wcf/0d6IGmIxF03E08BvvQvniox7fZEIYY8dP9LlitXZBfKqSDw3jQ5JuLllGI//hbXGu8IxWFnABz5i/NkNGJnSb6b4V5vWXAWSBi918ZZYMmxqH87hypen6ONq2jxPXdgN4lphyQDxL7Sx1oNAUUdm8NqTj47g6Ny0RWHUJPAnKAZNpAljmbCny0fkTzDzg/OhetkUv6+BSRZq800gaGkNz41cmJvTZBe+MOrGEvHwc5C2uFsLJuagJ+vryyN0sdpuSFVF/3Zm8Ch/aFldeS5xjwf7Yfy2Nb2H2WRJbFa01sEbMiMkrhLLpyQdwL9XoFBN/1IKoZyQE0fBLXwU8D9BnL3PCBbSeVDoswRt7hPe40SyBMTu9uhzn9n7DXhWqb+hpbM1ViDlT1wE/P4xx3UcRRb+xx5ANkbuF11Yf16cAa0hwM/2BmRAVInmgeNS4Lp/gre0WBO9x21I3rZ5YaRxRsOUTBlaElYRMcxQQTkw6sc1TM3u7lK+b6Ug8iS8jYP+3m/QGHF4W/3eHVoELfBq8vwYCPa87338sQwlLAmQlf5REYBqDhV0Z075hmwGeOPW/Q+2cKpY8XdlD/eYKhgNuHV1pL1CRAbWCkZg21Lq7zVR+wYuu3tuEqmIT7+P0Yj4EjNiODe523wBNPH2gxLzupPZmT/fR1YoI/ij51qj6QPCQgy1eJB4TTlmNJHDNBKEakVr26wFg4Pd6y+99W1sEPNn6weoezXLk5DWSXln0AdAmYcxa5I8ZWGwDrTMASf6QUNlg0lTXbqw9khZgdk069zrfYzBhtcSyHAqg6DzyHeLzUbPNXmvBS2WGbbJUZX73tqB+cRAD4UUDv02ZQ2YrUT0AQpvc9+dekzWuv/UGnQ1Y085NMSP6s+sGL0WfcOamb39Y7Ov4y6hCikq5M1TiHogndk7Apkm1hQLOiUM3Tb0IXmrBtmX6RxvUgXBLQ+XuZjJ3884soM0swwdt9f2vKljG2lnOnCdHPVSQUO3XQ90itLXQhq21B8SOiFA0DvRWJMEhr4d3LdNOAbj6Iu1yQ0PvdEaD0X+1ND/3Tot6yAlAqzA6+47tnU1Gq0s6Y6uqkW5u2oSSwMoeIoRInBIKLO4tSW/rKICWJznuDivRIm5BHPFajEnahJdzclA7sPsbbKNwXEj7jzJELl+oUympJ/L1dpPfxcM3tSmErgwfwdNWNkf97kml9MZ03F2bUm71Azm1tq26aFUUOGxbsGI2T8NNFJsf25m5CfC06YK3F5Yb8pG08IhKRrkihM356uJcjC0m5V+OUETF2fTQLytWbq1gthXfaG+gE4Gk/MUX1vHfGUprTf3JYgiIZzgIIZeaX5j4XJ7hykwb6ahhIMX/ndB5XYGCER2vkDrDPwspsAL/pXiIOMDFSwJVsvf/9fbLDttYNJCR2B9/Enbjh87abaYlQsgUjsPFPAGH2nw7hX6iuEihrPyLZdUp0xJb2PIq8R4xpiStzomDdVkC018YPRWank9mKXHYf4+1QdQ3AftOs5iDMgf50XASNl/6F4V+NGX2vRiPJ2gxWBvpoPu5csSgKetHiJCqNLbHLggFQEjYJyW3Cepsm87LC1/eEa7AEPdR+eQYsIp4Xr1LMD9cEogHpz+/VOgdtcQmPMrNHsRolTaO5lT1vbrRJE+SM6byoi/ACDKI2pRObI+FPzflmm5X0/Kh+b6InGzCXR+k1CXyUauI6wro82J8T+vHdxPEy59kdXlAicy7q0/+UZ8zF4ApNT7XXV9sgmyhzD3/v1kWwDPnowptr/JJT01TTHTUPtDDqy5X497h56jqwjWex3Lc7cTusrkVrcHg26fIMw/zyTW3pgmrwpGayVC8kg3pNJQw+MX6xYO5Cq/EQv72rOKVw5YY83IWqkh6GHn3bTghvMETiWoCDUPB0JNsPY1i7hrFCYzGJib+p6M53ngNCfjI786qZ78CQVhmIyl8VGGwYrvtHY3UFArXUDK/Y9rc2lvMoCIBCwhq5w/eaJiTN1BhMgFVvgbdI+Y9cj/UgtE3yFjsQp/kI+oEyCDQntuzO1UhZiP2/9nXm4Lyf/ZhUcdEI9I0=,iv:aG4nqGJ/TRiAtiWoPwqej6We+IWEWFibCqL7bGwXbkA=,tag:c5ckW2o4+2rm/5mrGF1tzg==,type:str]
sops:
age:
- recipient: age1c8pawdsxptfslgrz2c56s39mrtnjzc5mm3hfzgr2wdwu2v6vfsdsupjsq6
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBVby9Wa1NUUkpyeDMwU3dM
R0EyeFVtT0tJU0pKaWtXQzRkTDBPY3JjcTFrClNIQnl2WVorS0FZZjhicTQ5V2kx
MUZTZWZtaUk2a1ZhUTBCUnhkWHFIMFUKLS0tIElLcjJLZWNLOUJYN0NNVGFNUEFN
RkMrdTYwNkY1Tlc3M3dxTFdkRXJJZUEKUlYU45jXpS9hJO9Z/uAQ6XMj9QWgMMRI
LbJxvt48+yC+Y0XKOtDE0lHAuGNzUG8R/7FB1tTD8NCamBe46KGCIg==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2026-04-23T07:50:07Z"
mac: ENC[AES256_GCM,data:V3us1oxkQxIg5hn8TMiSHWa0RhNbio2mP8j59lSCKDLjnpTUHUAUZZOan+fkBwPxxtIdZFVZQl/kZuEHcnNwXk8J0DLeT8jrs8pvlDCHMAc+C9uzThNjQ9CrZ2C/dNtoI6uop3a6qo8UMhKhvAus08yR8rLsY7Gqt/In28HKqxU=,iv:g8wmq1thPfkSSfG+mtJS0431wbon/uylDTfH0P31dlw=,tag:5Z6CJMWeGN6frTLJQMxGGw==,type:str]
unencrypted_suffix: _unencrypted
version: 3.12.2
hosts/work/variables.nix
+42
View File
@@ -0,0 +1,42 @@
{
config,
lib,
...
}: {
imports = [
# Choose your theme here:
../../themes/darkviolet.nix
];
config.var = {
hostname = "h-work";
username = "hadrien";
configDirectory =
"/home/"
+ config.var.username
+ "/.config/nixos"; # The path of the nixos configuration directory
keyboardLayout = "fr";
location = "Paris";
timeZone = "Europe/Paris";
defaultLocale = "en_US.UTF-8";
extraLocale = "fr_FR.UTF-8";
git = {
username = "Hadi";
email = "hadi@example.com";
};
autoUpgrade = false;
autoGarbageCollector = true;
};
# DON'T TOUCH THIS
options = {
var = lib.mkOption {
type = lib.types.attrs;
default = {};
};
};
}
nixos/amd-graphics.nix
+11
View File
@@ -0,0 +1,11 @@
{pkgs, ...}: {
hardware.graphics = {
enable = true;
extraPackages = with pkgs; [
rocmPackages.clr.icd
# Support VA-API pour AMD
libvdpau-va-gl
libva-vdpau-driver
];
};
}
nixos/bluetooth.nix
+1 -3
View File
@@ -1,9 +1,7 @@
# Bluetooth configuration for NixOS
{pkgs, ...}: {
environment.systemPackages = with pkgs; [blueman];
{
hardware.bluetooth = {
enable = true;
powerOnBoot = true;
};
services.blueman.enable = true;
}
nixos/home-manager.nix
+8 -2
View File
@@ -1,9 +1,15 @@
# Home-manager configuration for NixOS
{inputs, ...}: {
{inputs, pkgs, ...}: {
home-manager = {
useGlobalPkgs = true;
useUserPackages = true;
backupFileExtension = "hm-backup";
extraSpecialArgs = {inherit inputs;};
extraSpecialArgs = {
inherit inputs;
pkgs-stable = import inputs.nixpkgs-stable {
system = pkgs.stdenv.hostPlatform.system;
config.allowUnfree = true;
};
};
};
}
nixos/nix.nix
+6 -1
View File
@@ -6,6 +6,11 @@
}: let
autoGarbageCollector = config.var.autoGarbageCollector;
in {
# Ask for password once per SSH session (tied to the tty, expires when session closes)
security.sudo.extraConfig = ''
Defaults timestamp_type=tty,timestamp_timeout=-1
'';
security.sudo.extraRules = [
{
users = [config.var.username];
@@ -19,7 +24,7 @@ in {
];
nixpkgs.config = {
allowUnfree = true;
allowBroken = true;
allowBroken = false;
};
nix = {
nixPath = ["nixpkgs=${inputs.nixpkgs}"];
nixos/nvidia.nix
+4 -6
View File
@@ -6,7 +6,7 @@
...
}: let
# Using beta driver for recent GPUs like RTX 4070
nvidiaDriverChannel = config.boot.kernelPackages.nvidiaPackages.beta;
nvidiaDriverChannel = config.boot.kernelPackages.nvidiaPackages.production;
in {
# Video drivers configuration for Xorg and Wayland
services.xserver.videoDrivers = ["nvidia"]; # Simplified - other modules are loaded automatically
@@ -15,7 +15,6 @@ in {
boot.kernelParams = [
"nvidia-drm.modeset=1" # Enable mode setting for Wayland
"nvidia.NVreg_PreserveVideoMemoryAllocations=1" # Improves resume after sleep
"nvidia.NVreg_RegistryDwords=PowerMizerEnable=0x1;PerfLevelSrc=0x2222;PowerMizerLevel=0x3;PowerMizerDefault=0x3;PowerMizerDefaultAC=0x3" # Performance/power optimizations
];
# Blacklist nouveau to avoid conflicts
@@ -24,14 +23,11 @@ in {
# Environment variables for better compatibility
environment.variables = {
LIBVA_DRIVER_NAME = "nvidia"; # Hardware video acceleration
XDG_SESSION_TYPE = "wayland"; # Force Wayland
GBM_BACKEND = "nvidia-drm"; # Graphics backend for Wayland
__GLX_VENDOR_LIBRARY_NAME = "nvidia"; # Use Nvidia driver for GLX
WLR_NO_HARDWARE_CURSORS = "1"; # Fix for cursors on Wayland
NIXOS_OZONE_WL = "1"; # Wayland support for Electron apps
__GL_GSYNC_ALLOWED = "1"; # Enable G-Sync if available
__GL_VRR_ALLOWED = "1"; # Enable VRR (Variable Refresh Rate)
WLR_DRM_NO_ATOMIC = "1"; # Fix for some issues with Hyprland
NVD_BACKEND = "direct"; # Configuration for new driver
MOZ_ENABLE_WAYLAND = "1"; # Wayland support for Firefox
};
@@ -73,7 +69,6 @@ in {
# Enhanced graphics support
graphics = {
enable = true;
package = nvidiaDriverChannel;
enable32Bit = true;
extraPackages = with pkgs; [
nvidia-vaapi-driver
@@ -102,4 +97,7 @@ in {
mesa-demos
libva-utils # VA-API debugging tools
];
# Enable Nvidia container toolkit for GPU acceleration in containers (docker)
hardware.nvidia-container-toolkit.enable = false;
}
nixos/omen.nix
+1
View File
@@ -37,6 +37,7 @@
in {
boot.extraModulePackages = [hp-omen-linux-module];
boot.kernelModules = ["hp-wmi"];
boot.kernelParams = ["hp_wmi.force_slow_fan_control=1"];
users.groups.omen-rgb = {};
users.users.${config.var.username}.extraGroups = ["omen-rgb"];
nixos/tailscale.nix
-41
View File
@@ -1,41 +0,0 @@
# Tailscale is a VPN service that makes it easy to connect your devices between each other.
{
config,
inputs,
...
}: let
username = config.var.username;
in {
security.sudo.extraRules = [
{
users = [username];
# Allow running Tailscale commands without a password
commands = [
{
command = "/etc/profiles/per-user/${username}/bin/tailscale";
options = ["NOPASSWD"];
}
{
command = "/run/current-system/sw/bin/tailscale";
options = ["NOPASSWD"];
}
];
}
];
environment.systemPackages = with inputs.nixpkgs-stable.legacyPackages.x86_64-linux; [
tailscale
];
services.tailscale = {
enable = true;
package = inputs.nixpkgs-stable.legacyPackages.x86_64-linux.tailscale;
openFirewall = true;
};
networking.firewall = {
trustedInterfaces = ["tailscale0"];
# required to connect to Tailscale exit nodes
checkReversePath = "loose";
};
}
nixos/utils.nix
+2 -3
View File
@@ -57,9 +57,6 @@ in {
XDG_DATA_HOME = "$HOME/.local/share";
PASSWORD_STORE_DIR = "$HOME/.local/share/password-store";
EDITOR = "nvim";
TERMINAL = "kitty";
TERM = "kitty";
BROWSER = "zen-beta";
};
services.libinput.enable = true;
@@ -109,6 +106,8 @@ in {
jpegoptim
pfetch
btop
unrar
p7zip
];
xdg.portal = {
server-modules/adguardhome.nix
+18 -16
View File
@@ -1,20 +1,22 @@
# Adguard is a network-wide ad blocker
# When installed, open localhost:3000 to setup
{config, ...}: let
domain = "adguard.hadi.diy";
in {
services = {
adguardhome = {
enable = true;
port = 3000;
};
nginx.virtualHosts."${domain}" = {
useACMEHost = "hadi.diy";
forceSSL = true;
locations."/" = {
proxyPass = "http://127.0.0.1:${toString config.services.adguardhome.port}";
};
};
{config, ...}: {
services.adguardhome = {
enable = true;
port = 3000;
};
networking.firewall = {
allowedTCPPorts = [53];
allowedUDPPorts = [53];
# Allow containers to reach adguard UI (for glance dns-stats widget)
extraCommands = ''
iptables -I INPUT 1 -s 10.233.0.0/16 -p tcp --dport 3000 -j ACCEPT
'';
extraStopCommands = ''
iptables -D INPUT -s 10.233.0.0/16 -p tcp --dport 3000 -j ACCEPT 2>/dev/null || true
'';
};
services.cloudflared.tunnels."${config.var.tunnelId}".ingress."adguard.${config.var.domain}" = "http://localhost:${toString config.services.adguardhome.port}";
}
server-modules/arr.nix
+15 -17
View File
@@ -2,12 +2,6 @@
# See https://github.com/rasmus-kirk/nixarr
# Setup guide: https://nixarr.com/wiki/setup/
{config, ...}: let
domain = "hadi.diy";
mkVirtualHost = port: {
useACMEHost = domain;
forceSSL = true;
locations."/" = {proxyPass = "http://127.0.0.1:${toString port}";};
};
username = config.var.username;
in {
# Add my secrets
@@ -40,10 +34,13 @@ in {
radarr.enable = true;
sonarr.enable = true;
bazarr.enable = true;
readarr.enable = true;
transmission = {
enable = true;
extraSettings = {trash-original-torrent-files = true;};
extraSettings = {
trash-original-torrent-files = true;
rpc-whitelist-enabled = false;
rpc-host-whitelist-enabled = false;
};
vpn.enable = true;
};
recyclarr = {
@@ -52,14 +49,15 @@ in {
};
};
services.nginx.virtualHosts = {
"jellyfin.${domain}" = mkVirtualHost 8096;
"jellyseerr.${domain}" = mkVirtualHost 5055;
"bazarr.${domain}" = mkVirtualHost 6767;
"prowlarr.${domain}" = mkVirtualHost 9696;
"radarr.${domain}" = mkVirtualHost 7878;
"sonarr.${domain}" = mkVirtualHost 8989;
"transmission.${domain}" = mkVirtualHost 9091;
"readarr.${domain}" = mkVirtualHost 8787;
users.users.jellyfin.extraGroups = ["video" "render"];
services.cloudflared.tunnels."${config.var.tunnelId}".ingress = {
"media.${config.var.domain}" = "http://localhost:8096";
"demandemedia.${config.var.domain}" = "http://localhost:5055";
"bazarr.${config.var.domain}" = "http://localhost:6767";
"prowlarr.${config.var.domain}" = "http://localhost:9696";
"radarr.${config.var.domain}" = "http://localhost:7878";
"sonarr.${config.var.domain}" = "http://localhost:8989";
"transmission.${config.var.domain}" = "http://localhost:9091";
};
}
server-modules/awesome-wallpapers.nix
+33
View File
@@ -0,0 +1,33 @@
{ config, inputs, lib, ... }:
let
inherit (import ./mk-container.nix { inherit lib config; }) mkContainer;
in
{
imports = [
(mkContainer {
name = "wallpapers";
hostIp = "10.233.4.1";
containerIp = "10.233.4.2";
nixosConfig = { pkgs, ... }: {
services.nginx = {
enable = true;
virtualHosts."wallpapers" = {
root = "${inputs.awesome-wallpapers.packages.${pkgs.system}.default}/share/awesome-wallpapers";
listen = [{ addr = "0.0.0.0"; port = 8080; }];
locations."/" = {
tryFiles = "$uri $uri/ /index.html";
};
extraConfig = ''
port_in_redirect off;
absolute_redirect off;
'';
};
};
networking.firewall.allowedTCPPorts = [ 8080 ];
system.stateVersion = "24.05";
};
})
];
services.cloudflared.tunnels."${config.var.tunnelId}".ingress."wallpapers.${config.var.domain}" = "http://10.233.4.2:8080";
}
server-modules/bitwarden.nix
-27
View File
@@ -1,27 +0,0 @@
# Bitwarden (or vaultwarden) is a self-hosted password manager.
{config, ...}: let
domain = "vault.hadi.diy";
in {
services = {
vaultwarden = {
enable = true;
config = {
DOMAIN = "https://" + domain;
SIGNUPS_ALLOWED = true;
ROCKET_ADDRESS = "127.0.0.1";
ROCKET_PORT = 8222;
ROCKET_LOG = "critical";
};
};
nginx.virtualHosts."${domain}" = {
useACMEHost = "hadi.diy";
forceSSL = true;
locations."/" = {
proxyPass = "http://127.0.0.1:${
toString config.services.vaultwarden.config.ROCKET_PORT
}";
};
};
};
}
server-modules/blog.nix
+61
View File
@@ -0,0 +1,61 @@
{
config,
inputs,
lib,
...
}: let
inherit (import ./mk-container.nix {inherit lib config;}) mkContainer;
domain = config.var.domain;
in {
imports = [
(mkContainer {
name = "blog";
hostIp = "10.233.3.1";
containerIp = "10.233.3.2";
nixosConfig = {pkgs, ...}: {
services.nginx = {
enable = true;
virtualHosts = {
"blog" = {
root = "${inputs.blog.packages.${pkgs.system}.default}/share/blog";
listen = [
{
addr = "0.0.0.0";
port = 8080;
}
];
locations."/" = {
tryFiles = "$uri $uri/ =404";
};
extraConfig = ''
port_in_redirect off;
absolute_redirect off;
error_page 403 /403.html;
error_page 404 /404.html;
error_page 500 /500.html;
error_page 503 /503.html;
add_header Content-Security-Policy "default-src 'self'; script-src 'self' 'unsafe-inline' data: https://umami.${domain}; style-src 'self' 'unsafe-inline'; img-src 'self' data: https://git.${domain}; connect-src 'self' https://umami.${domain};" always;
'';
};
"www-redirect" = {
listen = [
{
addr = "0.0.0.0";
port = 8081;
}
];
extraConfig = "return 301 https://${domain}$request_uri;";
};
};
};
networking.firewall.allowedTCPPorts = [8080 8081];
system.stateVersion = "24.05";
};
})
];
services.cloudflared.tunnels."${config.var.tunnelId}".ingress = {
"${config.var.domain}" = "http://10.233.3.2:8080";
"www.${config.var.domain}" = "http://10.233.3.2:8081";
};
}
server-modules/cloudflared.nix
+37
View File
@@ -0,0 +1,37 @@
# Cloudflared tunnel configuration for NixOS
# It allows exposing services securely via Cloudflare Tunnel
{
config,
pkgs,
...
}: {
sops.secrets.cloudflared-token.mode = "0400";
# To setup cloudflared, run:
# - `cloudflared tunnel login`
# - `cloudflared tunnel create YourTunnelName`
#
# This will create a credentials file & give you the tunnel ID to use below.
services.cloudflared = {
enable = true;
tunnels."${config.var.tunnelId}" = {
credentialsFile = config.sops.secrets."cloudflared-token".path;
default = "http_status:404";
};
};
environment.systemPackages = with pkgs; [
cloudflared
];
systemd.services."cloudflared-tunnel-${config.var.tunnelId}" = {
wantedBy = ["multi-user.target"];
after = ["network-online.target"];
wants = ["network-online.target"];
};
# At the moment (2025), for support of browser rendering of the tunnels, this line is required:
services.openssh.settings.Macs = [
"hmac-sha2-256"
];
}
server-modules/cyberchef.nix
+26
View File
@@ -0,0 +1,26 @@
{ config, lib, ... }:
let
inherit (import ./mk-container.nix { inherit lib config; }) mkContainer;
in
{
imports = [
(mkContainer {
name = "cyberchef";
hostIp = "10.233.5.1";
containerIp = "10.233.5.2";
nixosConfig = { pkgs, ... }: {
services.nginx = {
enable = true;
virtualHosts."cyberchef" = {
root = "${pkgs.cyberchef}/share/cyberchef";
listen = [{ addr = "0.0.0.0"; port = 8080; }];
};
};
networking.firewall.allowedTCPPorts = [ 8080 ];
system.stateVersion = "24.05";
};
})
];
services.cloudflared.tunnels."${config.var.tunnelId}".ingress."cyberchef.${config.var.domain}" = "http://10.233.5.2:8080";
}
server-modules/default-creds.nix
+33
View File
@@ -0,0 +1,33 @@
{ config, inputs, lib, ... }:
let
inherit (import ./mk-container.nix { inherit lib config; }) mkContainer;
domain = config.var.domain;
in
{
imports = [
(mkContainer {
name = "def-creds";
hostIp = "10.233.6.1";
containerIp = "10.233.6.2";
nixosConfig = { ... }: {
imports = [ inputs.default-creds.nixosModules.default ];
services.default-creds = {
enable = true;
port = 8087;
};
networking.firewall.allowedTCPPorts = [ 8087 ];
systemd.services.default-creds.environment = {
HOST = lib.mkForce "0.0.0.0";
PUBLIC_UMAMI_URL = "https://umami.${domain}";
PUBLIC_UMAMI_WEBSITE_ID = "7197484c-01ad-488e-9caa-5ab7b7595f08";
UMAMI_URL = "https://umami.${domain}";
UMAMI_WEBSITE_ID = "7197484c-01ad-488e-9caa-5ab7b7595f08";
};
system.stateVersion = "24.05";
};
})
];
services.default-creds.enable = lib.mkForce false;
services.cloudflared.tunnels."${config.var.tunnelId}".ingress."default-creds.${config.var.domain}" = "http://10.233.6.2:8087";
}
server-modules/eleakxir.nix
-33
View File
@@ -1,33 +0,0 @@
{
config,
inputs,
pkgs,
...
}: {
users.groups.eleakxir = {};
users.users.hadi.extraGroups = ["eleakxir"];
services.eleakxir = {
enable = true;
port = 9198;
user = "eleakxir";
group = "eleakxir";
limit = 1000;
folders = ["/var/lib/eleakxir/leaks/" "/mnt/data/clean-leak/"];
debug = true;
};
environment.systemPackages = [
inputs.eleakxir.packages.${pkgs.stdenv.hostPlatform.system}.leak-utils
];
services.nginx.virtualHosts."eleakxir-back.hadi.diy" = {
useACMEHost = "hadi.diy";
forceSSL = true;
locations."/" = {
proxyPass = "http://127.0.0.1:${
toString config.services.eleakxir.port
}";
};
};
}
server-modules/fail2ban.nix
+14
View File
@@ -0,0 +1,14 @@
# Fail2Ban is a log-parsing application that protects Linux servers from brute-force attacks.
{
services.fail2ban = {
enable = true;
maxretry = 5;
bantime = "24h"; # Ban IPs for one day on the first ban
bantime-increment = {
enable = true; # Enable increment of bantime after each violation
multipliers = "1 2 4 8 16 32 64";
maxtime = "168h"; # Do not ban for more than 1 week
overalljails = true; # Calculate the bantime based on all the violations
};
};
}
server-modules/gitea.nix
+79
View File
@@ -0,0 +1,79 @@
{ config, pkgs, lib, ... }:
let
inherit (import ./mk-container.nix { inherit lib config; }) mkContainer;
domain = config.var.domain;
catppuccin-gitea = pkgs.fetchzip {
url = "https://github.com/catppuccin/gitea/releases/download/v1.0.2/catppuccin-gitea.tar.gz";
sha256 = "sha256-rZHLORwLUfIFcB6K9yhrzr+UwdPNQVSadsw6rg8Q7gs=";
stripRoot = false;
};
in
{
imports = [
(mkContainer {
name = "gitea";
hostIp = "10.233.11.1";
containerIp = "10.233.11.2";
internet = true;
bindMounts."/var/lib/gitea" = {
hostPath = "/var/lib/gitea";
isReadOnly = false;
};
nixosConfig = { lib, ... }: {
users.users.gitea.uid = lib.mkForce 978;
users.groups.gitea.gid = lib.mkForce 968;
services.postgresql = {
enable = true;
ensureDatabases = [ "gitea" ];
ensureUsers = [{
name = "gitea";
ensureDBOwnership = true;
}];
};
services.gitea = {
enable = true;
database.type = "postgres";
settings = {
server = {
HTTP_ADDR = "0.0.0.0";
HTTP_PORT = 3002;
ROOT_URL = "https://git.${domain}/";
DOMAIN = "git.${domain}";
LANDING_PAGE = "/anotherhadi";
};
service = {
REGISTER_MANUAL_CONFIRM = true;
DISABLE_REGISTRATION = true;
DEFAULT_KEEP_EMAIL_PRIVATE = true;
SHOW_REGISTRATION_BUTTON = false;
};
ui = {
DEFAULT_THEME = "catppuccin-mocha-mauve";
THEMES = "catppuccin-latte-mauve,catppuccin-frappe-mauve,catppuccin-macchiato-mauve,catppuccin-mocha-mauve";
};
explore = {
DISABLE_USERS_PAGE = true;
DISABLE_ORGANIZATIONS_PAGE = true;
};
repository.DISABLE_STARS = true;
mailer.ENABLED = false;
api.ENABLE_SWAGGER = false;
other.SHOW_FOOTER_VERSION = false;
};
};
systemd.services.gitea.preStart = lib.mkAfter ''
mkdir -p /var/lib/gitea/custom/public/assets
ln -sfn ${catppuccin-gitea} /var/lib/gitea/custom/public/assets/css
'';
networking.firewall.allowedTCPPorts = [ 3002 ];
system.stateVersion = "24.05";
};
})
];
services.cloudflared.tunnels."${config.var.tunnelId}".ingress."git.${domain}" = "http://10.233.11.2:3002";
}

Some files were not shown because too many files have changed in this diff Show More