adriangl/nix-dotfiles-v2
1
1
Fork 0
Code Issues Pull Requests Releases Activity

Compare commits

base: adriangl:e36fae405119e79bfaf5d9532bf581a5fdf5c79c
Branches Tags
adriangl:main adriangl:galadriel-fra-legolas
...
compare: adriangl:main
Branches Tags
adriangl:main adriangl:galadriel-fra-legolas

153 Commits
e36fae4051 ... main

Author SHA1 Message Date
Adrian G L
09c72c3384 feat: add android-cli package with FHS environment wrapper 2026-04-17 19:20:51 +02:00
Adrian G L
1cfeec1918 chore: remove unused uv2nix and pyproject-nix flake inputs 2026-04-13 16:51:32 +02:00
Your Name
0e034361b2 update llama 2026-04-12 15:45:07 +02:00
Your Name
11d33abdae fix(thermal): add util-linux to service path for logger command 2026-04-12 12:12:10 +02:00
Your Name
bc9ddbabb6 fix(thermal): remove unavailable options for NixOS 25.11 2026-04-12 12:03:44 +02:00
Your Name
9e0da9a1d2 feat(aragon): add thermal monitoring with thermald, mcelog and lm_sensors 2026-04-12 11:59:43 +02:00
Adrian Gunnar Lauterer
b200beb7ac ai updated 2026-04-07 17:48:27 +02:00
Adrian G L
0cd2f1ea6d fix: disable glm4.7, fix gemma4 quant typo, set omnivoice to cpu mode 2026-04-06 10:06:33 +02:00
Adrian G L
dbdb16fde2 feat: add llama-cpp-nightly package (b8667) and replace unstable llama-cpp-vulkan 2026-04-06 09:49:43 +02:00
Adrian Gunnar Lauterer
ea5c79367c llama swap oci edition 2026-04-06 09:45:55 +02:00
Adrian Gunnar Lauterer
4e406aeadb updates 2026-04-05 22:36:26 +02:00
Adrian Gunnar Lauterer
0ca7e7a219 added gemma 4 2026-04-05 22:35:41 +02:00
Adrian Gunnar Lauterer
17df27edee updates 2026-04-05 22:35:40 +02:00
Adrian G L
11710d6573 ai 2026-04-05 22:32:10 +02:00
Adrian G L
8b73151a1b fix(chatterbox-tts-api): skip django tests to fix cascading build failures 2026-04-02 17:50:45 +02:00
Adrian G L
25ee286ff7 feat: add chatterbox-tts-api package and authelia session secret 2026-04-02 12:29:08 +02:00
Adrian G L
c426b2b621 nvim updates 2026-03-31 13:48:33 +02:00
Adrian G L
994b321c8a feat: tts 
:q
 2026-03-31 13:27:06 +02:00
Adrian G L
45d13b7dbc feat: tts 
:q
 2026-03-24 15:36:31 +01:00
Adrian G L
bba4bd532c feat: llama-swap transcribe 2026-03-24 13:46:20 +01:00
Adrian G L
6d61867bc7 refactor: niri keybinds 2026-03-24 11:20:07 +01:00
Your Name
ed8523e77b image models 2026-03-24 00:45:14 +01:00
Your Name
461b9c1a2c fix swap 2026-03-23 23:48:36 +01:00
Your Name
18abd6f613 llama swap updates 2026-03-23 23:22:51 +01:00
Adrian Gunnar Lauterer
83fdef416e format and llama tuning 2026-03-23 22:19:15 +01:00
Adrian G L
8173b617e7 refactor: unify python packages across jupyter, devel and home configs 
- Create modules/python-packages.nix as single source of truth for 51 packages
- Update develPackages.nix to use shared package list with jupyter included
- Update jupyterhub.nix kernel to use shared package list
- Update home/python.nix to use shared package list
- Disable kicad/easyeda2kicad (transient GitLab download corruption)
 2026-03-23 14:41:09 +01:00
Adrian G L
cef3df711d refactor: simplify noctalia config and update xdg portals 2026-03-23 13:54:31 +01:00
Your Name
fa3792be0e qwen-asr and clenaup 2026-03-22 12:24:01 +01:00
Adrian Gunnar Lauterer
16ca4c733b some llama swap fixes 2026-03-03 21:20:22 +01:00
Your Name
c8f305a5bd updated models 2026-03-03 00:48:40 +01:00
Your Name
30a4f1e83f added cache to llama swap 2026-03-02 23:24:21 +01:00
Adrian G L
a6e5b1e0eb :redid llama-swap 2026-03-02 17:38:45 +01:00
Adrian Gunnar Lauterer
ca06437580 llama-cpp 2026-03-02 15:36:10 +01:00
Adrian Gunnar Lauterer
327f6dc6f0 llama-cpp instead of swap, native swap functionality is coming 2026-03-02 15:36:10 +01:00
Adrian G L
9ae8480f1b handy 2026-03-02 15:35:32 +01:00
Your Name
87bb5605d5 remove ollama its bad 2026-03-01 22:57:40 +01:00
Your Name
1139d767b1 application and dev stuff 2026-03-01 22:17:23 +01:00
Your Name
66c8320ef6 aragon aarch crossbuild 2026-03-01 22:16:29 +01:00
Adrian G L
d7ebdab4df galadriel intel stuff 2026-02-25 12:17:18 +01:00
Adrian Gunnar Lauterer
f6f95fdbdc galadriel stash 2026-02-25 10:24:48 +01:00
Adrian G L
eb792800a1 add more intel hardware drivers to galadriel 2026-02-25 10:19:52 +01:00
Adrian G L
1e33700125 niri noctalia keybind updates 2026-02-25 10:04:46 +01:00
Adrian Gunnar Lauterer
fb14fbcc13 added ollama models 2026-02-10 23:53:33 +01:00
Adrian G L
4c012d7100 niri noctalia keybind updates 2026-02-10 10:51:03 +01:00
Adrian G L
e933df2150 noctalia plugins 2026-02-10 10:51:03 +01:00
Adrian G L
0fa36a0b71 noctalia plugins 2026-02-09 14:00:20 +01:00
Adrian G L
c9ec662395 fix noctalia 2026-02-03 13:50:55 +01:00
Adrian G L
ad68106bd3 authelia 2026-02-03 13:00:19 +01:00
Adrian Gunnar Lauterer
4185127c3e fix qbit 2026-02-03 11:17:25 +01:00
Adrian G L
30af7733db fix xfs 2026-02-03 11:13:48 +01:00
Adrian G L
0c4354f120 move fcxit to system options. 2026-02-02 12:22:06 +01:00
Adrian G L
95fa504dc8 snapshot 2026-02-02 11:21:26 +01:00
Adrian Gunnar Lauterer
7a9781e260 galadriel hardware uppgrade 2026-01-28 17:20:08 +01:00
Adrian G L
c17203e6a5 more noctalia 2026-01-28 17:19:52 +01:00
Adrian G L
1653f58e52 noctalia 2026-01-27 19:30:01 +01:00
Adrian G L
9f2b5eeaf7 mako silent mode 2026-01-27 14:26:32 +01:00
Adrian G L
36cf6a4fc3 update pangolin 2026-01-24 19:52:46 +01:00
Adrian G L
828cbc67c7 pangolin env 2026-01-24 19:47:48 +01:00
Adrian G L
2cf89a9a1a pangolin 2026-01-24 19:37:59 +01:00
Adrian G L
084cdc1f36 python 2026-01-19 12:49:29 +01:00
Adrian G L
66beefe0b3 revert fuzzel to custom 2026-01-07 08:26:29 +01:00
Your Name
9419e8cd30 stuff 2026-01-06 20:28:43 +01:00
Adrian G L
101ee551b5 inital homemanager reconfig 2026-01-06 20:22:40 +01:00
Adrian G L
685fab808e nixpkgs cleanup 2026-01-02 22:41:52 +01:00
Adrian G L
32aa882014 diffs 2025-12-17 17:36:45 +01:00
Adrian Gunnar Lauterer
c43f27e371 jupyter fix 2025-12-16 19:19:29 +01:00
Your Name
23eb2ae842 testing elros 2025-12-16 19:10:32 +01:00
Your Name
8defa56f4f fix: remove boot.nix import from elros configuration 
Co-authored-by: aider (openrouter/mistralai/devstral-2512:free) <aider@aider.chat>
 2025-12-16 19:08:29 +01:00
Your Name
31ae9a3583 feat: add unstable.nix module to flake modules 2025-12-16 19:08:28 +01:00
Adrian Gunnar Lauterer
a44ec01dab Update flake.nix 2025-12-16 18:53:22 +01:00
Your Name
c30e1479cf alros 2025-12-16 18:39:10 +01:00
Your Name
48bfbd1f30 feat: add explicit ROCm and Vulkan support for compilation 
Co-authored-by: aider (openrouter/mistralai/devstral-2512:free) <aider@aider.chat>
 2025-12-16 18:39:10 +01:00
Adrian Gunnar Lauterer
ddda931c58 galadriel nvidia 2025-12-15 20:54:42 +01:00
Adrian Gunnar Lauterer
9898acd20b jupyter 2025-12-15 20:54:41 +01:00
Adrian Gunnar Lauterer
c82983b6d5 jupyter new packages 2025-12-15 20:53:51 +01:00
Adrian Gunnar Lauterer
338655e0b1 nvidia 2025-12-15 20:53:04 +01:00
Adrian Gunnar Lauterer
2cd032ef2a nvidia 2025-12-15 20:53:02 +01:00
Adrian G L
5c25748fec fix 2025-12-14 12:35:24 +01:00
Adrian G L
ce86eafd38 coders 2025-12-14 12:24:53 +01:00
Adrian G L
6cb75f5957 treefmt 2025-12-09 23:07:55 +01:00
Adrian G L
ef13eb8858 fix: allow broken packages in docling module 
Co-authored-by: aider (openrouter/google/gemini-3-pro-preview) <aider@aider.chat>
 2025-12-08 16:55:51 +01:00
Adrian G L
5d9674da2f fix: bind docling-serve to localhost 2025-12-08 16:55:43 +01:00
Adrian G L
c76199e73c added basic docling 2025-12-08 16:44:12 +01:00
Adrian G L
64f8f359eb dm 2025-12-05 21:04:06 +01:00
Adrian G L
2aec319e9f fix sddm 2025-12-05 14:16:41 +01:00
Adrian G L
c994b85ca9 vim 2025-12-05 13:27:41 +01:00
Adrian G L
243b202360 stylix foot, new colors 2025-12-04 13:56:16 +01:00
Adrian G L
2b81323d98 fixed sddm theming 2025-12-04 11:08:42 +01:00
Your Name
0e4702031c updates 2025-12-03 23:25:53 +01:00
Your Name
61896c8791 fix: remove string interpolation from catppuccin-sddm background path 
Co-authored-by: aider (openrouter/x-ai/grok-4.1-fast:free) <aider@aider.chat>
 2025-12-03 11:00:40 +01:00
Adrian G L
a4c23dc36f styled code and dotfiles 2025-12-02 10:43:45 +01:00
Adrian G L
b8906d74ef feat: disable stylix auto-enable and enable gtk/qt targets 
Co-authored-by: aider (openrouter/google/gemini-3-pro-preview) <aider@aider.chat>
 2025-12-01 16:00:07 +01:00
Adrian G L
74b1e3f80a refactor: group stylix configuration and remove wallpaper 2025-12-01 15:59:36 +01:00
Adrian G L
732ea6f993 fix: update stylix module name and remove conflicting manual theming 
Co-authored-by: aider (openrouter/google/gemini-3-pro-preview) <aider@aider.chat>
 2025-12-01 15:55:52 +01:00
Adrian G L
869172bd48 chore: remove stylix image configuration 2025-12-01 15:55:39 +01:00
Adrian G L
9970a7c382 feat: add stylix to home manager config using nix-colors palette 
Co-authored-by: aider (openrouter/google/gemini-3-pro-preview) <aider@aider.chat>
 2025-12-01 15:50:40 +01:00
Adrian G L
3188032143 25.11 final 2025-12-01 15:47:02 +01:00
Adrian G L (aider)
e39c2a165e fix: resolve NixOS and Home Manager deprecation warnings 2025-12-01 14:42:39 +01:00
Adrian G L
b5b7d8560e 25.11 2025-12-01 14:40:43 +01:00
Adrian G L (aider)
1e0eefe7e4 fix: re-enable useGlobalPkgs to fix missing unstable overlay 2025-12-01 14:36:00 +01:00
Adrian G L
73831eef96 chore: update nixpkgs to 25.11 and remove stylix 2025-12-01 14:35:51 +01:00
Adrian G L
8da0b07a86 cleanup 2025-12-01 14:25:47 +01:00
Adrian G L
db5312b5ca fixes 2025-11-27 21:23:05 +01:00
Adrian G L (aider)
d3043498a9 fix: adjust kernel params to resolve sleep crashes on legolas 2025-11-27 21:23:05 +01:00
Adrian G L
05435bb34d feat: add stylix flake input and enable stylix modules 2025-11-27 21:23:05 +01:00
Your Name
466bde0a26 pull openwebui 2025-11-10 14:33:58 +01:00
Your Name
92b1292880 unstable 2025-11-10 14:22:12 +01:00
Adrian G L
4a92a6f4bc kdeconnect testing 2025-11-08 18:46:58 +01:00
Adrian G L
2b8f60cf1e kdeconnect 2025-11-03 13:49:10 +01:00
Adrian G L
d3c2cd9d70 legoals fixes 2025-11-03 13:31:47 +01:00
Adrian G L
0b3df2e535 ollama add granite4:tiny-h 2025-10-27 12:24:58 +01:00
Adrian G L
f66c53c9c6 legolas updates 2025-10-27 12:20:34 +01:00
Adrian G L
d35039e780 legolas stuff 2025-10-22 12:36:56 +02:00
Your Name
1b188e35e1 sdr stuff 2025-10-19 21:37:46 +02:00
Adrian Gunnar Lauterer
6ec962a860 immich fix 2025-10-16 15:21:22 +02:00
Adrian Gunnar Lauterer
5ba4b94afa jupyteruptade 2025-10-16 15:16:50 +02:00
Adrian G L
f79d2959dd immich galadriel 2025-10-16 15:15:24 +02:00
Adrian G L
7e048cb77a immich 2025-10-16 15:14:08 +02:00
Adrian G L
9e3ababbbc dialout 2025-10-16 13:29:34 +02:00
Your Name
af0b840bdc aragon 2025-10-16 01:39:16 +02:00
Adrian Gunnar Lauterer
20a8370909 final galadriel migration 2025-10-15 12:53:37 +02:00
Adrian Gunnar Lauterer
90da56e58f unstable galadriel 2025-10-14 22:08:09 +02:00
Adrian Gunnar Lauterer
93936eedae add services to galadriel 2025-10-14 21:31:31 +02:00
Adrian G L
602bc358ad update galadriel tailscale ip 2025-10-14 21:30:26 +02:00
Adrian Gunnar Lauterer
17cd8d6795 fix miniflux name 2025-10-13 23:50:35 +02:00
Your Name
191835ff2b galadriel 2025-10-13 23:49:50 +02:00
Adrian G L
49508224e4 migrated services from old config 2025-10-13 15:25:08 +02:00
Adrian G L
2b3be19f47 blog 2025-10-13 11:02:26 +02:00
Adrian G L
3cef588673 services 2025-10-13 11:02:09 +02:00
Adrian Gunnar Lauterer
fabf35e401 galadriel 2025-10-13 09:50:13 +02:00
Your Name
6b16d4c79f cleanup wallpapers 2025-10-12 18:50:14 +02:00
Your Name
0451814841 minor 2025-10-03 13:46:05 +02:00
Your Name
be2ddb472e aragon 2025-10-03 13:46:05 +02:00
Your Name
1667016ad9 aragon, ps1, openrouter 2025-10-03 13:46:05 +02:00
Your Name
17898239f8 untrack flacke.lock 2025-10-03 13:46:03 +02:00
Your Name
c1209d3602 added aragon 2025-10-03 13:44:05 +02:00
Adrian G L
2e0535eac9 update niri 2025-10-03 13:43:57 +02:00
Adrian G L
99a7c38118 added devel packages 2025-10-01 08:28:48 +02:00
Adrian G L
2e72caad36 tried fixing freezes 2025-09-26 09:45:19 +02:00
Adrian G L
03fa3736fe fix swap 2025-09-25 14:52:33 +02:00
Adrian G L
cd2747523d update 2025-09-25 14:51:53 +02:00
Adrian G L
ebcca4a5b3 aider and format 2025-09-15 12:38:47 +02:00
Adrian G L
ef574c90da updates 2025-09-09 19:44:03 +02:00
Adrian G L
3a2df7bb96 fix 2025-09-06 22:30:13 +02:00
Adrian G L
123a37ac81 snapshot 2025-09-06 17:55:08 +02:00
Adrian G L
f27bc65d9a huh 2025-09-04 16:35:23 +02:00
Adrian G L
cb04e33c1c python home manager 2025-09-03 10:40:39 +02:00
Adrian G L
c137417db2 fix: formatting and merge conflicts 2025-09-03 10:23:04 +02:00
Adrian G L
d40cba92ff updates 2025-09-03 10:21:42 +02:00
Adrian G L
46badb6493 openscad 2025-08-30 16:24:52 +02:00
Adrian G L
0a82cb8b66 theme 2025-08-29 19:50:08 +02:00
Adrian G L
abb8f03242 aasdafa 2025-08-29 02:23:00 +02:00
Adrian G L
7fec3f76c6 fix: xwayland on legolas 2025-08-25 15:57:26 +02:00
124 changed files with 5590 additions and 1187 deletions
Expand all files Collapse all files

2
.gitignore vendored Normal file
View File

@@ -0,0 +1,2 @@
flake.lock
result

5
README.md Normal file
View File

@@ -0,0 +1,5 @@
first install enable lanzaboote 'sudo sbctl create-keys'
rebuild 'sudo nixos-rebuild switch --flake .# --no-write-lock-file -L --builders ""'

320
flake.lock generated
View File

@@ -1,320 +0,0 @@
{
"nodes": {
"base16-schemes": {
"flake": false,
"locked": {
"lastModified": 1696158499,
"narHash": "sha256-5yIHgDTPjoX/3oDEfLSQ0eJZdFL1SaCfb9d6M0RmOTM=",
"owner": "tinted-theming",
"repo": "base16-schemes",
"rev": "a9112eaae86d9dd8ee6bb9445b664fba2f94037a",
"type": "github"
},
"original": {
"owner": "tinted-theming",
"repo": "base16-schemes",
"type": "github"
}
},
"crane": {
"locked": {
"lastModified": 1731098351,
"narHash": "sha256-HQkYvKvaLQqNa10KEFGgWHfMAbWBfFp+4cAgkut+NNE=",
"owner": "ipetkov",
"repo": "crane",
"rev": "ef80ead953c1b28316cc3f8613904edc2eb90c28",
"type": "github"
},
"original": {
"owner": "ipetkov",
"repo": "crane",
"type": "github"
}
},
"flake-compat": {
"flake": false,
"locked": {
"lastModified": 1696426674,
"narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=",
"owner": "edolstra",
"repo": "flake-compat",
"rev": "0f9255e01c2351cc7d116c072cb317785dd33b33",
"type": "github"
},
"original": {
"owner": "edolstra",
"repo": "flake-compat",
"type": "github"
}
},
"flake-parts": {
"inputs": {
"nixpkgs-lib": [
"lanzaboote",
"nixpkgs"
]
},
"locked": {
"lastModified": 1730504689,
"narHash": "sha256-hgmguH29K2fvs9szpq2r3pz2/8cJd2LPS+b4tfNFCwE=",
"owner": "hercules-ci",
"repo": "flake-parts",
"rev": "506278e768c2a08bec68eb62932193e341f55c90",
"type": "github"
},
"original": {
"owner": "hercules-ci",
"repo": "flake-parts",
"type": "github"
}
},
"gitignore": {
"inputs": {
"nixpkgs": [
"lanzaboote",
"pre-commit-hooks-nix",
"nixpkgs"
]
},
"locked": {
"lastModified": 1709087332,
"narHash": "sha256-HG2cCnktfHsKV0s4XW83gU3F57gaTljL9KNSuG6bnQs=",
"owner": "hercules-ci",
"repo": "gitignore.nix",
"rev": "637db329424fd7e46cf4185293b9cc8c88c95394",
"type": "github"
},
"original": {
"owner": "hercules-ci",
"repo": "gitignore.nix",
"type": "github"
}
},
"home-manager": {
"inputs": {
"nixpkgs": [
"nixpkgs"
]
},
"locked": {
"lastModified": 1753592768,
"narHash": "sha256-oV695RvbAE4+R9pcsT9shmp6zE/+IZe6evHWX63f2Qg=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "fc3add429f21450359369af74c2375cb34a2d204",
"type": "github"
},
"original": {
"owner": "nix-community",
"ref": "release-25.05",
"repo": "home-manager",
"type": "github"
}
},
"lanzaboote": {
"inputs": {
"crane": "crane",
"flake-compat": "flake-compat",
"flake-parts": "flake-parts",
"nixpkgs": [
"nixpkgs"
],
"pre-commit-hooks-nix": "pre-commit-hooks-nix",
"rust-overlay": "rust-overlay"
},
"locked": {
"lastModified": 1737639419,
"narHash": "sha256-AEEDktApTEZ5PZXNDkry2YV2k6t0dTgLPEmAZbnigXU=",
"owner": "nix-community",
"repo": "lanzaboote",
"rev": "a65905a09e2c43ff63be8c0e86a93712361f871e",
"type": "github"
},
"original": {
"owner": "nix-community",
"ref": "v0.4.2",
"repo": "lanzaboote",
"type": "github"
}
},
"nix-colors": {
"inputs": {
"base16-schemes": "base16-schemes",
"nixpkgs-lib": "nixpkgs-lib"
},
"locked": {
"lastModified": 1707825078,
"narHash": "sha256-hTfge2J2W+42SZ7VHXkf4kjU+qzFqPeC9k66jAUBMHk=",
"owner": "misterio77",
"repo": "nix-colors",
"rev": "b01f024090d2c4fc3152cd0cf12027a7b8453ba1",
"type": "github"
},
"original": {
"owner": "misterio77",
"repo": "nix-colors",
"type": "github"
}
},
"nixos-hardware": {
"locked": {
"lastModified": 1755330281,
"narHash": "sha256-aJHFJWP9AuI8jUGzI77LYcSlkA9wJnOIg4ZqftwNGXA=",
"owner": "NixOS",
"repo": "nixos-hardware",
"rev": "3dac8a872557e0ca8c083cdcfc2f218d18e113b0",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "master",
"repo": "nixos-hardware",
"type": "github"
}
},
"nixpkgs": {
"locked": {
"lastModified": 1755593991,
"narHash": "sha256-BA9MuPjBDx/WnpTJ0EGhStyfE7hug8g85Y3Ju9oTsM4=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "a58390ab6f1aa810eb8e0f0fc74230e7cc06de03",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-25.05",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs-lib": {
"locked": {
"lastModified": 1697935651,
"narHash": "sha256-qOfWjQ2JQSQL15KLh6D7xQhx0qgZlYZTYlcEiRuAMMw=",
"owner": "nix-community",
"repo": "nixpkgs.lib",
"rev": "e1e11fdbb01113d85c7f41cada9d2847660e3902",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "nixpkgs.lib",
"type": "github"
}
},
"nixpkgs-stable": {
"locked": {
"lastModified": 1730741070,
"narHash": "sha256-edm8WG19kWozJ/GqyYx2VjW99EdhjKwbY3ZwdlPAAlo=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "d063c1dd113c91ab27959ba540c0d9753409edf3",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-24.05",
"repo": "nixpkgs",
"type": "github"
}
},
"pre-commit-hooks-nix": {
"inputs": {
"flake-compat": [
"lanzaboote",
"flake-compat"
],
"gitignore": "gitignore",
"nixpkgs": [
"lanzaboote",
"nixpkgs"
],
"nixpkgs-stable": "nixpkgs-stable"
},
"locked": {
"lastModified": 1731363552,
"narHash": "sha256-vFta1uHnD29VUY4HJOO/D6p6rxyObnf+InnSMT4jlMU=",
"owner": "cachix",
"repo": "pre-commit-hooks.nix",
"rev": "cd1af27aa85026ac759d5d3fccf650abe7e1bbf0",
"type": "github"
},
"original": {
"owner": "cachix",
"repo": "pre-commit-hooks.nix",
"type": "github"
}
},
"root": {
"inputs": {
"home-manager": "home-manager",
"lanzaboote": "lanzaboote",
"nix-colors": "nix-colors",
"nixos-hardware": "nixos-hardware",
"nixpkgs": "nixpkgs",
"sops-nix": "sops-nix",
"unstable": "unstable"
}
},
"rust-overlay": {
"inputs": {
"nixpkgs": [
"lanzaboote",
"nixpkgs"
]
},
"locked": {
"lastModified": 1731897198,
"narHash": "sha256-Ou7vLETSKwmE/HRQz4cImXXJBr/k9gp4J4z/PF8LzTE=",
"owner": "oxalica",
"repo": "rust-overlay",
"rev": "0be641045af6d8666c11c2c40e45ffc9667839b5",
"type": "github"
},
"original": {
"owner": "oxalica",
"repo": "rust-overlay",
"type": "github"
}
},
"sops-nix": {
"inputs": {
"nixpkgs": [
"nixpkgs"
]
},
"locked": {
"lastModified": 1754988908,
"narHash": "sha256-t+voe2961vCgrzPFtZxha0/kmFSHFobzF00sT8p9h0U=",
"owner": "Mic92",
"repo": "sops-nix",
"rev": "3223c7a92724b5d804e9988c6b447a0d09017d48",
"type": "github"
},
"original": {
"owner": "Mic92",
"repo": "sops-nix",
"type": "github"
}
},
"unstable": {
"locked": {
"lastModified": 1755615617,
"narHash": "sha256-HMwfAJBdrr8wXAkbGhtcby1zGFvs+StOp19xNsbqdOg=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "20075955deac2583bb12f07151c2df830ef346b4",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
}
},
"root": "root",
"version": 7
}

163
flake.nix
View File

@@ -2,15 +2,24 @@
description = "NixOS configuration for legolas (laptop)";
inputs = {
nixpkgs.url = "github:NixOS/nixpkgs/nixos-25.05";
nixpkgs.url = "github:NixOS/nixpkgs/nixos-25.11";
unstable.url = "github:NixOS/nixpkgs/nixos-unstable";
home-manager = {
url = "github:nix-community/home-manager/release-25.05";
url = "github:nix-community/home-manager/release-25.11";
inputs.nixpkgs.follows = "nixpkgs";
};
noctalia = {
url = "github:noctalia-dev/noctalia-shell";
inputs.nixpkgs.follows = "nixpkgs";
};
nix-colors.url = "github:misterio77/nix-colors";
stylix = {
url = "github:nix-community/stylix/release-25.11";
inputs.nixpkgs.follows = "nixpkgs";
};
sops-nix = {
url = "github:Mic92/sops-nix";
@@ -18,12 +27,24 @@
};
lanzaboote = {
url = "github:nix-community/lanzaboote/v0.4.2";
url = "github:nix-community/lanzaboote/v0.4.3";
inputs.nixpkgs.follows = "nixpkgs";
};
nixos-hardware.url = "github:NixOS/nixos-hardware/master";
nixvim = {
url = "github:nix-community/nixvim/nixos-25.11";
inputs.nixpkgs.follows = "nixpkgs";
};
blog-generator.url = "github:adrlau/blog-generator";
niri = {
url = "github:sodiboo/niri-flake";
inputs.nixpkgs.follows = "nixpkgs";
};
};
outputs =
@@ -33,41 +54,171 @@
unstable,
home-manager,
nix-colors,
stylix,
sops-nix,
lanzaboote,
nixos-hardware,
blog-generator,
niri,
noctalia,
nixvim,
...
}@inputs:
let
system = "x86_64-linux";
in
{
packages.${system} =
let
lib = nixpkgs.lib;
pkgs = import nixpkgs {
inherit system;
overlays = [ self.overlays.default ];
config.allowUnfreePredicate =
pkg:
builtins.elem (lib.getName pkg) [
"s2cpp"
"s2-model"
"vllm-omni"
"android-cli"
];
};
in
{
inherit (pkgs)
qwen-asr
llama-swap
z-image-models
whisper-models
s2cpp
s2-model
vllm-omni
llama-cpp-nightly
llama-cpp-nightly-vulkan
llama-cpp-nightly-sycl
android-cli
;
};
overlays.default = final: _prev: {
qwen-asr = final.callPackage ./packages/qwen-asr { };
llama-swap = final.callPackage ./packages/llama-swap { };
z-image-models = final.callPackage ./packages/z-image-models { };
whisper-models = final.callPackage ./packages/whisper-models { };
s2cpp = final.callPackage ./packages/s2cpp { };
s2-model = final.callPackage ./packages/s2-model { };
vllm-omni = final.python3Packages.callPackage ./packages/vllm-omni { };
llama-cpp-nightly = final.callPackage ./packages/llama-cpp-nightly { };
llama-cpp-nightly-vulkan = final.callPackage ./packages/llama-cpp-nightly { vulkanSupport = true; };
llama-cpp-nightly-sycl = final.callPackage ./packages/llama-cpp-nightly {
syclSupport = true;
mkl = final.mkl;
oneDNN = final.oneDNN;
};
android-cli = final.callPackage ./packages/android-cli { };
};
# legolas
nixosConfigurations.legolas = nixpkgs.lib.nixosSystem {
inherit system;
specialArgs = { inherit inputs; };
specialArgs = { inherit inputs system; };
modules = [
./hosts/legolas/configuration.nix
home-manager.nixosModules.home-manager
{
home-manager.useGlobalPkgs = true;
home-manager.useUserPackages = true;
home-manager.users.gunalx = import ./home/gunalx.nix;
home-manager.backupFileExtension = "bac";
home-manager.extraSpecialArgs = { inherit nix-colors inputs; };
home-manager.sharedModules = [
inputs.sops-nix.homeManagerModules.sops
inputs.stylix.homeModules.stylix
inputs.niri.homeModules.niri
inputs.noctalia.homeModules.default
inputs.nixvim.homeModules.nixvim
];
}
{ nixpkgs.overlays = [ niri.overlays.niri ]; }
./modules/unstable.nix
sops-nix.nixosModules.sops
lanzaboote.nixosModules.lanzaboote
nixos-hardware.nixosModules.dell-xps-13-9370
#temporarily for testing run my blog on my laptop
blog-generator.nixosModules.default
];
};
# aragon
nixosConfigurations.aragon = nixpkgs.lib.nixosSystem {
inherit system;
specialArgs = { inherit inputs system; };
modules = [
./hosts/aragon/configuration.nix
home-manager.nixosModules.home-manager
{
home-manager.users.gunalx = import ./home/gunalx.nix;
home-manager.backupFileExtension = "bac";
home-manager.extraSpecialArgs = { inherit nix-colors inputs; };
home-manager.sharedModules = [
inputs.sops-nix.homeManagerModules.sops
inputs.stylix.homeModules.stylix
inputs.niri.homeModules.niri
inputs.noctalia.homeModules.default
inputs.nixvim.homeModules.nixvim
];
}
{
nixpkgs.overlays = [
self.overlays.default
niri.overlays.niri
];
}
./modules/unstable.nix
sops-nix.nixosModules.sops
lanzaboote.nixosModules.lanzaboote
];
};
# galadriel
nixosConfigurations.galadriel = nixpkgs.lib.nixosSystem {
inherit system;
specialArgs = { inherit inputs system; };
modules = [
./modules/unstable.nix
./hosts/galadriel/configuration.nix
sops-nix.nixosModules.sops
lanzaboote.nixosModules.lanzaboote
];
};
# elros
nixosConfigurations.elros = nixpkgs.lib.nixosSystem {
inherit system;
specialArgs = { inherit inputs system; };
modules = [
./modules/unstable.nix
./hosts/elros/configuration.nix
sops-nix.nixosModules.sops
lanzaboote.nixosModules.lanzaboote
];
};

BIN
home/Wallpapers/evergarden2.jpg
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 1016 KiB

BIN
home/Wallpapers/lLfM33a.mp4
View File

Binary file not shown.

BIN
home/Wallpapers/milkywayanime.jpg
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 1.6 MiB

BIN
home/Wallpapers/wallpaper.jpg
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 3.3 MiB

BIN
home/Wallpapers/wp4586807-aesthetic-anime-wallpapers.jpg
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 307 KiB

BIN
home/Wallpapers/wp4591620-90s-anime-aesthetic-desktop-wallpapers.jpg
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 307 KiB

BIN
home/Wallpapers/wp4714974-japan-aesthetic-wallpapers.jpg
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 940 KiB

BIN
home/Wallpapers/wp4728731-street-aesthetic-desktop-wallpapers.jpg
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 148 KiB

BIN
home/Wallpapers/wp4979765-scenery-anime-aesthetic-wallpapers.jpg
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 376 KiB

BIN
home/Wallpapers/wp4979803-scenery-anime-aesthetic-wallpapers.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 480 KiB

BIN
home/Wallpapers/wp5106365-cityscape-night-anime-wallpapers.jpg
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 96 KiB

BIN
home/Wallpapers/wp5138901-anime-aesthetic-street-wallpapers.jpg
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 771 KiB

BIN
home/Wallpapers/wp5882269-purple-aesthetic-anime-desktop-wallpapers.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 3.2 MiB

BIN
home/Wallpapers/wp5897845-retro-anime-city-wallpapers.jpg
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 156 KiB

BIN
home/Wallpapers/wp5997701-desktop-aesthetic-vintage-wallpapers.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 60 KiB

BIN
home/Wallpapers/wp6800016-vintage-aesthetic-anime-desktop-wallpapers.jpg
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 87 KiB

36
home/aider.nix Normal file
View File

@@ -0,0 +1,36 @@
{
pkgs,
lib,
unstable,
config,
...
}:
{
home.packages = with pkgs; [
#aider-chat-full
];
programs.aider-chat = {
enable = true;
package = pkgs.unstable.aider-chat-with-playwright;
settings = {
architect = true;
auto-accept-architect = false;
cache-prompts = true;
check-model-accepts-settings = false;
dark-mode = true;
dirty-commits = false;
lint = true;
show-model-warnings = false;
verify-ssl = false;
watch-files = true;
analytics-disable = true;
check-update = false;
multiline = true;
notifications = true;
show-diffs = true;
};
};
}

3
home/atuin.nix
View File

@@ -12,11 +12,13 @@
filter_mode_shell_up_key_binding = "directory";
# UI
inline_height = 20;
max_preview_height = 2;
show_help = true;
prefers_reduced_motion = true;
# History storage
store_failed = true;
secrets_filter = true;
enter_accept = true;
@@ -47,6 +49,7 @@
"systemctl"
"tmux"
"yarn"
"vim"
];
common_prefix = [ "sudo" ];
};

39
home/bash.nix
View File

@@ -8,11 +8,12 @@
{
sops.secrets = {
"ai/openai" = { };
"ai/openrouter" = { };
"ai/fireworks" = { };
"ai/cerebras" = { };
"ai/groq" = { };
"ai/mistral" = { };
"ai/aistudio" = { };
"ai/zai" = { };
};
programs.bash = {
enable = true;
@@ -29,6 +30,9 @@
"gaa" = "git add -A";
"gb" = "git branch";
"rm" = "rm -i"; # help me awoid accidental removals.
"cim" = "neovim";
"sl" = "eza";
"ls" = "eza";
"lls" = "ls";
@@ -40,11 +44,42 @@
bashrcExtra = ''
# Export AI API keys from decrypted sops-nix secrets
export OPENAI_API_KEY="$(cat ${config.sops.secrets."ai/openai".path})"
export OPENROUTER_API_KEY="$(cat ${config.sops.secrets."ai/openrouter".path})"
export FIREWORKS_API_KEY="$(cat ${config.sops.secrets."ai/fireworks".path})"
export CEREBRAS_API_KEY="$(cat ${config.sops.secrets."ai/cerebras".path})"
export GROQ_API_KEY="$(cat ${config.sops.secrets."ai/groq".path})"
export MISTRAL_API_KEY="$(cat ${config.sops.secrets."ai/mistral".path})"
export AISTUDIO_API_KEY="$(cat ${config.sops.secrets."ai/aistudio".path})"
export ZAI_API_KEY="$(cat ${config.sops.secrets."ai/zai".path})"
export ZAI_API_BASE="https://api.z.ai/api/coding/paas/v4"
#PS1 section
RESET='\[\e[0m\]'
BOLD='\[\e[1m\]'
CYAN='\[\e[36m\]'
GREEN='\[\e[32m\]'
BLUE='\[\e[34m\]'
YELLOW='\[\e[33m\]'
MAGENTA='\[\e[35m\]'
RED='\[\e[31m\]'
if [[ -n "$SSH_CONNECTION" ]]; then
REMOTE_LABEL="\[''${YELLOW}\] (ssh)\[''${RESET}\]"
else
REMOTE_LABEL=""
fi
# Git branch function
parse_git_branch() {
git branch --show-current 2>/dev/null | awk '{print " (" $1 ")"}'
}
# Set prompt
if [[ $EUID -eq 0 ]]; then
PS1="''${BOLD}''${RED}\u''${RESET}:''${BOLD}''${RED}\h''${REMOTE_LABEL}''${RESET}:''${BOLD}''${GREEN}\w''${MAGENTA}\$(parse_git_branch) ''${BLUE}\A''${RESET}\$ "
else
PS1="''${BOLD}''${CYAN}\u''${RESET}:''${BOLD}''${CYAN}\h''${REMOTE_LABEL}''${RESET}:''${BOLD}''${GREEN}\w''${MAGENTA}\$(parse_git_branch) ''${BLUE}\A''${RESET}\$ "
fi
'';
historyControl = [
"ignoredups"

102
home/colors.nix
View File

@@ -1,3 +1,4 @@
# home.nix
{
pkgs,
config,
@@ -5,80 +6,51 @@
...
}:
let
nix-colors-lib = nix-colors.lib.contrib { inherit pkgs; };
background = "010C09";
foreground = "FFFFFF";
offWhite = "F0FFF8";
teal = "60C89A";
red = "E64553";
blue = "58B5E0";
green = "79E05B";
purple = "6B5BDC";
magenta = "80D1A0";
cyan = "5FE2C5";
yellow = "F5D24D";
orange = "FF8800";
pink = "FF4EC9";
grey = "888B8E";
lightGrey = "F3FCF7";
darkTeal = "154E44";
lighterTeal = "2C7A6A";
lightTeal = "B0E8DA";
in
{
imports = [
nix-colors.homeManagerModules.default
];
# colorScheme = nix-colors-lib.colorSchemeFromPicture {
# path = ./assets/evergarden-telescope.jpg;
# variant = "dark";
# };
colorScheme = {
slug = "teal-green-dark";
name = "Teal Green Dark";
author = "Autogenerated";
author = "Adrian";
palette = {
# Base16 TealGreen Dark Theme
base00 = "0f1f1c"; # Default background
base01 = "143028"; # Lighter background (status bars)
base02 = "1e3b34"; # Selection background
base03 = "28514b"; # Comments, secondary content
base04 = "4a7b70"; # Dark foreground (status bars)
base05 = "d4efe0"; # Default foreground
base06 = "e4f8f2"; # Light foreground
base07 = "fafdfb"; # Lightest background
base08 = "63d1be"; # Variables, markup link text
base09 = "3dc28f"; # Integers, constants
base0A = "a2e096"; # Classes, search highlight
base0B = "8ce45a"; # Strings, inserted
base0C = "4cd7e5"; # Support, escape characters
base0D = "2e97d5"; # Functions, headings
base0E = "df6fad"; # Keywords, selectors
base0F = "e5d97f"; # Deprecated tags
# Base16 TealGreen Dark Theme - Enhanced Teal Version
# base00 = "0c1f1d"; # Default background - deeper teal base
# base01 = "12302d"; # Lighter background (status bars)
# base02 = "1c3b38"; # Selection background
# base03 = "26514d"; # Comments, secondary content
# base04 = "447b76"; # Dark foreground (status bars)
# base05 = "c4e5e0"; # Default foreground
# base06 = "d4f0ed"; # Light foreground
# base07 = "f0fbfa"; # Lightest background
# base08 = "5fcac0"; # Variables, markup link text - teal accent
# base09 = "40bfa5"; # Integers, constants - teal-green
# base0A = "60d5b0"; # Classes, search highlight - bright teal
# base0B = "40c0a0"; # Strings, inserted - true teal (less green)
# base0C = "30d0c0"; # Support, escape characters - cyan-teal
# base0D = "2aa198"; # Functions, headings - classic teal
# base0E = "3cb4ac"; # Keywords, selectors - teal-blue
# base0F = "70d0c0"; # Deprecated tags - light teal
## catppuccin mocha based
base00 = "0b1c1a"; # Default background — deeper teal-dark background
base01 = "153532"; # Lighter background / status bars
base02 = "1b3d39"; # Selection background / line highlight
base03 = "275454"; # Comments, secondary UI elements
base04 = "6f7389"; # Dark foreground / secondary text
base05 = "95a0b8"; # Default foreground / main text
base06 = "a8b2ce"; # Light foreground / lighter UI elements
base07 = "ccdffa"; # Lightest background / highlight background
base08 = "f38ba8"; # Errors, alerts — red-pink accent
base09 = "e0a878"; # Numbers, constants — muted peach/orange
base0A = "b8c071"; # Warnings, highlights — golden-yellow
base0B = "4fbf93"; # Strings, inserts — teal-green
base0C = "2ac5c2"; # Support, escape/sequences — cyan-teal
base0D = "2fa6b0"; # Functions, types — classic teal-blue
base0E = "c7a8f5"; # Keywords, special — soft magenta/purple
base0F = "b2b4cf"; # Deprecated / special tags — light cool grey-lavender
};
};
gtk = {
enable = true;
theme = {
name = "Adwaita-dark";
package = pkgs.gnome-themes-extra;
};
};
qt = {
enable = true;
platformTheme.name = "adwaita";
style.name = "adwaita-dark";
};
# Ensure the Adwaita GTK theme is installed so wlogout can load gtk.css
home.packages = with pkgs; [
gnome-themes-extra
];
}

58
home/fonts.nix Normal file
View File

@@ -0,0 +1,58 @@
{
pkgs,
lib,
config,
...
}:
{
# Enable fontconfig (required for font settings)
fonts.fontconfig.enable = true;
# Install fonts
home.packages = with pkgs; [
# Main fonts
notonoto
noto-fonts
noto-fonts-cjk-sans
noto-fonts-cjk-serif
#emoji
noto-fonts-color-emoji
noto-fonts-monochrome-emoji
noto-fonts-emoji-blob-bin
nerd-fonts.noto
nerd-fonts.hack
nerd-fonts.fira-code
zpix-pixel-font
font-awesome_4
font-awesome_5
];
# Set default font families
fonts.fontconfig.defaultFonts = {
monospace = [
"Notonoto Mono"
"Noto Mono"
"FiraCode Nerd Font"
];
sansSerif = [
"Notonoto Sans"
"Noto Sans"
];
serif = [
"Notonoto Serif"
"Noto Serif"
];
emoji = [
"Noto Color Emoji"
"Noto Emoji"
"Noto Emoji Blob"
"Noto Monochrome Emoji"
];
};
}

52
home/foot.nix
View File

@@ -5,47 +5,45 @@
...
}:
{
home.packages = with pkgs; [
foot
];
home.packages = with pkgs; [ foot ];
programs.foot.enable = true;
programs.foot.settings = {
main = {
term = "xterm-256color";
font = "0xproto:size=14";
#font = "0xproto:size=14";
#dpi-aware = "yes";
};
mouse = {
hide-when-typing = "yes";
};
colors = {
alpha = "0.7";
foreground = "${config.colorScheme.palette.base05}";
background = "${config.colorScheme.palette.base00}";
#colors = {
#alpha = "0.7";
#foreground = "${config.colorScheme.palette.base05}";
#background = "${config.colorScheme.palette.base00}";
regular0 = "${config.colorScheme.palette.base00}";
regular1 = "${config.colorScheme.palette.base08}";
regular2 = "${config.colorScheme.palette.base0B}";
regular3 = "${config.colorScheme.palette.base0A}";
regular4 = "${config.colorScheme.palette.base0D}";
regular5 = "${config.colorScheme.palette.base0E}";
regular6 = "${config.colorScheme.palette.base0C}";
regular7 = "${config.colorScheme.palette.base05}";
#regular0 = "${config.colorScheme.palette.base00}";
#regular1 = "${config.colorScheme.palette.base08}";
#regular2 = "${config.colorScheme.palette.base0B}";
#regular3 = "${config.colorScheme.palette.base0A}";
#regular4 = "${config.colorScheme.palette.base0D}";
#regular5 = "${config.colorScheme.palette.base0E}";
#regular6 = "${config.colorScheme.palette.base0C}";
#regular7 = "${config.colorScheme.palette.base05}";
bright0 = "${config.colorScheme.palette.base03}";
bright1 = "${config.colorScheme.palette.base08}";
bright2 = "${config.colorScheme.palette.base0B}";
bright3 = "${config.colorScheme.palette.base0A}";
bright4 = "${config.colorScheme.palette.base0D}";
bright5 = "${config.colorScheme.palette.base0E}";
bright6 = "${config.colorScheme.palette.base0C}";
bright7 = "${config.colorScheme.palette.base07}";
selection-foreground = "${config.colorScheme.palette.base00}";
selection-background = "${config.colorScheme.palette.base0A}";
};
#bright0 = "${config.colorScheme.palette.base03}";
#bright1 = "${config.colorScheme.palette.base08}";
#bright2 = "${config.colorScheme.palette.base0B}";
#bright3 = "${config.colorScheme.palette.base0A}";
#bright4 = "${config.colorScheme.palette.base0D}";
#bright5 = "${config.colorScheme.palette.base0E}";
#bright6 = "${config.colorScheme.palette.base0C}";
#bright7 = "${config.colorScheme.palette.base07}";
#selection-foreground = "${config.colorScheme.palette.base00}";
#selection-background = "${config.colorScheme.palette.base0A}";
#};
};

2
home/fuzzel.nix
View File

@@ -9,8 +9,8 @@
let
palette = config.colorScheme.palette;
hex = colour: lib.removePrefix "#" colour;
in
in
{
programs.fuzzel = {
enable = true;

2
home/git.nix
View File

@@ -7,7 +7,7 @@
{
programs.git = {
enable = true;
extraConfig = {
settings = {
pull.rebase = true;
push.autoSetupRemote = true;
color.ui = "auto";

84
home/gtklock.nix Normal file
View File

@@ -0,0 +1,84 @@
{
pkgs,
config,
lib,
...
}:
let
p = config.colorScheme.palette;
# Get files from ./Wallpapers relative to this flake/module
wallpapersPath = ./Wallpapers;
# Get all image file names
wallpaperFiles = builtins.attrNames (builtins.readDir wallpapersPath);
# Pick a "random" file (first one deterministically)
selectedWallpaper = builtins.elemAt wallpaperFiles 0;
# Define the path to copy the selected wallpaper to
wallpaperTargetPath = ".config/gtklock/${selectedWallpaper}";
in
{
# Install gtklock
home.packages = [
pkgs.gtklock
];
# Copy the selected wallpaper into the config dir
home.file.${wallpaperTargetPath}.source = "${wallpapersPath}/${selectedWallpaper}";
# GTKlock config
xdg.configFile."gtklock/config.ini".text = ''
[main]
# Plugins/configuration here
'';
# GTK CSS styling
xdg.configFile."gtklock/style.css".text = ''
window {
background-image: url("${config.xdg.configHome}/gtklock/${selectedWallpaper}");
background-size: cover;
background-repeat: no-repeat;
background-position: center;
background-color: #${p.base00};
}
label {
color: #${p.base05};
font-weight: bold;
font-size: 16px;
}
entry {
background-color: #${p.base01};
color: #${p.base06};
border: none;
padding: 8px;
border-radius: 4px;
}
button {
background-color: #${p.base02};
color: #${p.base05};
border-radius: 6px;
padding: 6px 12px;
font-weight: bold;
font-size: 14px;
border-width: 2px;
border-style: solid;
border-color: #${p.base0D};
}
button:hover {
background-color: #${p.base03};
border-color: #${p.base0C};
}
button:active {
background-color: #${p.base0D};
color: #${p.base00};
}
'';
}

24
home/gunalx.nix
View File

@@ -6,25 +6,41 @@
}:
{
imports = [
./unstable.nix
./nixpkgs.nix
./sshconfig.nix
./atuin.nix
./git.nix
./bash.nix
#./xdg.nix
# theming
./colors.nix
./stylix.nix
#graphical
./colors.nix
./fuzzel.nix
./swaylock.nix
./gtklock.nix
./swayidle.nix
./waybar.nix
./wlogout.nix
./niri.nix
#./wallpapers.nix
./noctalia.nix
./wallpapers.nix
./swww.nix
./fonts.nix
#applications
./mako.nix
#./mako.nix # superseeded by noctalia
./foot.nix
./zed.nix
#./fcitx5.nix
./aider.nix
./opencode.nix
./nixvim.nix
./python.nix
#secrets
inputs.sops-nix.homeManagerModules.sops

18
home/kdeconnect.nix Normal file
View File

@@ -0,0 +1,18 @@
{
pkgs,
lib,
config,
...
}:
{
home.packages = with pkgs; [
kdePackages.xdg-desktop-portal-kde
kdePackages.kdeconnect-kde
];
services.kdeconnect = {
enable = true;
#package = pkgs.kdePackages.kdeconnect-kde;
package = pkgs.gnomeExtensions.gsconnect;
indicator = true;
};
}

7
home/mako.nix
View File

@@ -46,5 +46,12 @@ in
border-color = "#${palette.base08}FF";
};
settings."mode=silent" = {
invisible = 1;
actions = false;
icons = false;
default-timeout = 0;
};
};
}

139
home/neovim.nix Normal file
View File

@@ -0,0 +1,139 @@
{ pkgs, ... }:
{
programs.neovim = {
enable = true;
viAlias = true;
vimAlias = true;
defaultEditor = true;
# Required for render-markdown and coc
withPython3 = true;
withNodeJs = true;
# Keep your python deps for latex rendering
extraPython3Packages = ps: [ ps.pylatexenc ];
extraPackages = with pkgs; [
fzf
wl-clipboard
xclip
ripgrep # Nvim-tree (and fzf) work better with ripgrep installed
];
plugins = with pkgs.vimPlugins; [
vim-indent-guides
# --- UI / File Explorer (Replaces Chadtree) ---
nvim-tree-lua
nvim-web-devicons
# --- Fuzzy Finder ---
fzf-vim
# --- Editor Utilities ---
vim-lastplace
vim-nix
vim-yaml
# --- Coding / LSP (CoC) ---
# Keeping CoC as requested (switching to Native LSP is a bigger task)
coc-nvim
coc-vimtex
coc-rust-analyzer
# --- Markdown / LaTeX / Typst ---
vimtex
typst-vim
typst-preview-nvim
render-markdown-nvim
markdown-preview-nvim
# --- AI ---
aider-nvim
# --- Treesitter ---
(nvim-treesitter.withPlugins (p: [
p.markdown
p.markdown_inline
p.latex
p.yaml
p.bash
p.rust
p.nix
p.lua
]))
];
# We can consolidate most settings into Lua for simplicity
extraLuaConfig = ''
-- ============================
-- 1. General Settings
-- ============================
vim.opt.number = true
vim.opt.backspace = { "indent", "eol", "start" }
vim.opt.tabstop = 2
vim.opt.softtabstop = 0
vim.opt.shiftwidth = 2
vim.opt.expandtab = true
vim.opt.smarttab = true
vim.opt.autoindent = true
-- Clipboard setup
vim.opt.clipboard = "unnamedplus"
-- ============================
-- 2. File Explorer (Nvim-tree)
-- ============================
-- This replaces Chadtree. It is much more stable.
require("nvim-tree").setup({
sort = { sorter = "case_sensitive" },
view = { width = 30 },
renderer = { group_empty = true },
filters = { dotfiles = false },
})
-- Toggle file explorer with <Leader>e
vim.keymap.set('n', '<leader>e', ':NvimTreeToggle<CR>', { silent = true })
-- ============================
-- 3. Render Markdown Setup
-- ============================
require('render-markdown').setup({
latex = {
enabled = true,
converter = 'latex2text',
highlight = 'RenderMarkdownMath',
top_pad = 0,
bottom_pad = 0,
},
})
'';
# Vimscript is still best for specific CoC and FZF tweaks
extraConfig = ''
syntax on
set mouse=a
" --- CoC Configuration ---
" Use Tab to trigger completion and navigate
inoremap <silent><expr> <TAB>
\ coc#pum#visible() ? coc#pum#next(1) :
\ CheckBackspace() ? "\<Tab>" :
\ coc#refresh()
inoremap <expr><S-TAB> coc#pum#visible() ? coc#pum#prev(1) : "\<C-h>"
" Make <CR> (Enter) accept the selected item
inoremap <silent><expr> <CR> coc#pum#visible() ? coc#pum#confirm()
\: "\<C-g>u\<CR>\<c-r>=coc#on_enter()\<CR>"
function! CheckBackspace() abort
let col = col('.') - 1
return !col || getline('.')[col - 1] =~# '\s'
endfunction
" --- Keymaps ---
" Browser Preview Hotkey
nmap <leader>m <Plug>MarkdownPreviewToggle
'';
};
}

1265
home/niri.nix
View File

File diff suppressed because it is too large Load Diff

17
home/nixpkgs.nix Normal file
View File

@@ -0,0 +1,17 @@
{
config,
pkgs,
lib,
...
}:
{
nixpkgs = {
config = {
allowUnfree = true;
permittedInsecurePackages = [
# example "python3.11-youtube-dl-2021.12.17"
];
};
};
}

263
home/nixvim.nix Normal file
View File

@@ -0,0 +1,263 @@
{ pkgs, ... }:
{
programs.nixvim = {
enable = true;
viAlias = true;
vimAlias = true;
defaultEditor = true;
withPython3 = true;
extraPython3Packages = ps: [ ps.pylatexenc ];
extraPackages = with pkgs; [
wl-clipboard
xclip
ripgrep
tree-sitter
];
globals.mapleader = " ";
opts = {
number = true;
relativenumber = true;
tabstop = 4;
softtabstop = 0;
shiftwidth = 4;
expandtab = true;
smarttab = true;
autoindent = true;
backspace = [
"indent"
"eol"
"start"
];
mouse = "a";
clipboard = "unnamedplus";
};
userCommands = {
E = {
command = "require('oil').open()";
desc = "Open oil file explorer";
};
};
plugins = {
web-devicons.enable = true;
treesitter = {
enable = true;
settings = {
highlight.enable = true;
indent.enable = true;
ensure_installed = [
"markdown"
"markdown_inline"
"latex"
"yaml"
"bash"
"rust"
"nix"
"lua"
];
};
};
lsp = {
enable = true;
servers = {
rust_analyzer = {
enable = true;
installCargo = true;
installRustc = true;
};
nil_ls.enable = true;
lua_ls.enable = true;
yamlls.enable = true;
};
};
cmp-nvim-lsp.enable = true;
cmp-buffer.enable = true;
cmp-path.enable = true;
cmp = {
enable = true;
autoEnableSources = true;
settings = {
mapping = {
"<Tab>" = {
__raw = ''
cmp.mapping(function(fallback)
if cmp.visible() then
cmp.select_next_item()
elseif require('minuet.virtualtext').action.is_visible() then
require('minuet.virtualtext').action.accept()
else
fallback()
end
end, { 'i', 's' })
'';
};
"<S-Tab>" = {
__raw = ''
cmp.mapping(function(fallback)
if cmp.visible() then
cmp.select_prev_item()
elseif require('minuet.virtualtext').action.is_visible() then
require('minuet.virtualtext').action.dismiss()
else
fallback()
end
end, { 'i', 's' })
'';
};
"<CR>" = "cmp.mapping.confirm({ select = true })";
"<C-Space>" = "cmp.mapping.complete()";
"<C-e>" = "cmp.mapping.abort()";
};
sources = [
{ name = "nvim_lsp"; }
{ name = "minuet"; }
{ name = "path"; }
{ name = "buffer"; }
];
performance.fetching_timeout = 3000;
};
};
telescope = {
enable = true;
keymaps = {
"<leader>ff" = "find_files";
"<leader>fg" = "live_grep";
"<leader>fb" = "buffers";
};
};
oil = {
enable = true;
settings = {
default_file_explorer = true;
columns = [ "icon" ];
view_options.show_hidden = false;
preview_win = {
update_on_cursor_moved = true;
};
keymaps = {
"<C-p>" = "actions.preview";
"-" = "actions.parent";
};
};
};
render-markdown = {
enable = true;
settings = {
latex = {
enabled = true;
converter = "latex2text";
highlight = "RenderMarkdownMath";
top_pad = 0;
bottom_pad = 0;
};
};
};
markdown-preview.enable = true;
vimtex.enable = true;
typst-vim.enable = true;
typst-preview.enable = true;
lastplace.enable = true;
indent-blankline.enable = true;
nix.enable = true;
minuet = {
enable = true;
settings = {
provider = "openai_fim_compatible";
n_completions = 1;
context_window = 1024;
throttle = 1500;
debounce = 600;
virtualtext = {
auto_trigger_ft = [ "*" ];
show_on_completion_menu = false;
};
provider_options = {
openai_fim_compatible = {
name = "Galadriel";
end_point = "http://galadriel:11112/v1/completions";
model = "qwen3.5";
api_key = "supersecret";
stream = true;
optional = {
max_tokens = 32;
};
template = {
prompt = {
__raw = ''
function(context_before_cursor, context_after_cursor, _)
return '<|fim_prefix|>'
.. context_before_cursor
.. '<|fim_suffix|>'
.. context_after_cursor
.. '<|fim_middle|>'
end
'';
};
suffix = false;
};
};
};
};
};
};
keymaps = [
{
mode = "n";
key = "<leader>e";
action = "<cmd>Oil<CR>";
options.desc = "Open oil file explorer";
}
{
mode = "n";
key = "<leader>m";
action = "<cmd>MarkdownPreviewToggle<CR>";
options.desc = "Toggle markdown preview";
}
{
mode = "n";
key = "<leader>fm";
action = "<cmd>lua vim.lsp.buf.format()<CR>";
options.desc = "Format with LSP";
}
{
mode = "n";
key = "<leader>bn";
action = "<cmd>bnext<CR>";
options.desc = "Next buffer";
}
{
mode = "n";
key = "<leader>bp";
action = "<cmd>bprev<CR>";
options.desc = "Previous buffer";
}
{
mode = "n";
key = "<leader>bd";
action = "<cmd>bdelete<CR>";
options.desc = "Delete buffer";
}
{
mode = "n";
key = "<leader>bN";
action = "<cmd>enew<CR>";
options.desc = "New buffer";
}
];
};
}

224
home/noctalia.nix Normal file
View File

@@ -0,0 +1,224 @@
{
pkgs,
config,
lib,
...
}:
{
programs.noctalia-shell = {
enable = true;
settings = {
bar = {
position = "top";
density = "default";
floating = false;
exclusive = true;
widgets = {
left = [
{ id = "Launcher"; }
{
id = "CustomButton";
icon = "keyboard";
tooltip = "Open Keyboard";
leftClickExec = "pkill wvkbd-mobintl || wvkbd-mobintl";
}
{ id = "SystemMonitor"; }
{ id = "MediaMini"; }
{ id = "Workspace"; }
];
center = [
{ id = "ActiveWindow"; }
];
right = [
{ id = "Tray"; }
{ id = "Clock"; }
{ id = "NotificationHistory"; }
{ id = "Battery"; }
{ id = "Brightness"; }
{ id = "Volume"; }
{ id = "Bluetooth"; }
{ id = "Network"; }
{ id = "ControlCenter"; }
#{ id = "SessionMenu"; }
];
};
};
general = {
radiusRatio = 0.2;
#animationSpeed = 2;
animationDisabled = true; # annoying
};
colorSchemes = {
useWallpaperColors = false;
darkMode = true;
};
templates = {
activeTemplates = [ ];
enableUserTheming = false;
};
wallpaper = {
enabled = true;
directory = "~/Pictures/wallpapers";
automationEnabled = true;
wallpaperChangeMode = "random";
randomIntervalSec = 270000;
fillMode = "crop";
};
appLauncher = {
position = "center";
sortByMostUsed = true;
viewMode = "list";
showCategories = true;
enableClipboardHistory = false;
pinnedApps = [ ];
useApp2Unit = false;
terminalCommand = "footclient ";
customLaunchPrefixEnabled = false;
customLaunchPrefix = "";
iconMode = "tabler";
showIconBackground = false;
enableSettingsSearch = true;
ignoreMouseInput = false;
screenshotAnnotationTool = "";
};
notifications = {
enabled = true;
location = "top_right";
#backgroundOpacity = 0.8;
lowUrgencyDuration = 1;
normalUrgencyDuration = 2;
criticalUrgencyDuration = 3;
};
osd = {
enabled = true;
location = "top_right";
autoHideMs = 500;
overlayLayer = true;
backgroundOpacity = lib.mkForce 0.5;
};
location = {
name = "Trondheim";
showWeekNumberInCalendar = true;
firstDayOfWeek = -1;
};
};
plugins = {
sources = [
{
enabled = true;
name = "Official Noctalia Plugins";
url = "https://github.com/noctalia-dev/noctalia-plugins";
}
];
states = {
notes-scratchpad = {
enabled = true;
sourceUrl = "https://github.com/noctalia-dev/noctalia-plugins";
};
#todo = {
# enabled = true;
# sourceUrl = "https://github.com/noctalia-dev/noctalia-plugins";
#};
assistant-panel = {
enabled = true;
sourceUrl = "https://github.com/noctalia-dev/noctalia-plugins";
};
#pomodoro = {
# enabled = true;
# sourceUrl = "https://github.com/noctalia-dev/noctalia-plugins";
#};
#tailscale = {
# enabled = true;
# sourceUrl = "https://github.com/noctalia-dev/noctalia-plugins";
#};
#noctalia-supergfxctl = {
# enabled = true;
# sourceUrl = "https://github.com/noctalia-dev/noctalia-plugins";
#};
#weekly-calendar = {
# enabled = true;
# sourceUrl = "https://github.com/noctalia-dev/noctalia-plugins";
#};
kaomoji-provider = {
enabled = true;
sourceUrl = "https://github.com/noctalia-dev/noctalia-plugins";
};
rss-feed = {
enabled = true;
sourceUrl = "https://github.com/noctalia-dev/noctalia-plugins";
};
keybind-cheatsheet = {
enabled = true;
sourceUrl = "https://github.com/noctalia-dev/noctalia-plugins";
};
};
version = 1;
};
pluginSettings = {
notes-scratchpad = {
panelWidth = 1200;
panelHeigth = 1600;
fontSize = 16;
filePath = "${config.xdg.userDirs.documents}/notes-scratchpad.txt";
};
assistant-panel = {
ai = {
provider = "openai_compatible";
models = {
"openai_compatible" = "qwen3.5";
};
#apiKeys = {};
temperature = 0.6;
systemPrompt = "You are a helpful assistant answering short questions. Be brief, think critically and come with constructual critics where needed.";
openaiLocal = true;
openaiBaseUrl = "http://galadriel:11111/v1/chat/completions";
};
translator = {
backend = "google";
realTimeTranslation = true;
deeplApiKey = "";
};
maxHistoryLength = 10;
panelDetached = true;
panelPosition = "center";
panelHeightRatio = 0.70;
panelWidth = 640;
attachmentStyle = "connected";
scale = 1;
};
rss-feed = {
feeds = [
{
name = "Hacker News";
url = "https://news.ycombinator.com/rss";
}
];
updateInterval = 3600;
maxItemsPerFeed = 10;
showOnlyUnread = true;
markAsReadOnClick = true;
};
};
};
# Noctalia is started via a systemd user service, so it won't see variables
# set only in niri's `settings.environment`. Put theme-related env here.
systemd.user.services.noctalia-shell.Service.Environment = [
"QT_QPA_PLATFORM=wayland;xcb"
"QT_QPA_PLATFORMTHEME=qt6ct"
"QT_AUTO_SCREEN_SCALE_FACTOR=1"
# Ensures Quickshell resolves app icons from a known icon theme.
"QS_ICON_THEME=Papirus-Dark"
];
}

145
home/opencode.nix Normal file
View File

@@ -0,0 +1,145 @@
{
pkgs,
lib,
unstable,
config,
...
}:
{
programs.opencode = {
package = pkgs.unstable.opencode;
enable = true;
enableMcpIntegration = true;
settings = {
#model = "github-copilot/gpt-5.2";
model = "zai-coding-plan/glm-5.1";
small_model = "zai-coding-plan/glm-5-turbo";
autoshare = false;
autoupdate = false;
};
agents = {
code-reviewer = ''
# Code Reviewer Agent
You are a senior software engineer specializing in code reviews.
Focus on code quality, security, and maintainability.
## Guidelines
- Review for potential bugs and edge cases
- Check for security vulnerabilities
- Ensure code follows best practices
- Suggest improvements for readability and performance
'';
debugger = ''
# Debugger Agent
You are a software engineer specializing in debugging and troubleshooting.
Focus on identifying issues, providing insights into existing bugs, and suggesting improvements to the debugging process.
## Guidelines
- Look for unhandled exceptions, crashes, or error states.
- Identify and remove redundant or unnecessary debug/print statements.
- Check for proper logging practices: ensure log levels (info, debug, error) are used correctly.
- Examine error messages for clarity and contextensure they aid in troubleshooting.
- Look for missing or incorrect error handling and suggest improvements.
- Trace the flow of execution to catch logical or state-related bugs.
- Ensure relevant variable states are being monitored during runtime to spot anomalies.
- Suggest improvements to breakpoints, watchpoints, or other debugging tools for better visibility.
- Look for performance bottlenecks that could be causing issues and suggest optimizations.
- Check for edge cases and race conditions that might not be covered by current debugging.
- Ensure debugging steps or tools dont affect production environments (i.e., avoid verbose logging in production).
- Document findings and proposed fixes clearly for future reference.
'';
simplifier = ''
# Simplifier Agent
You are a software engineer specializing in simplifying and refactoring complex code.
Focus on making the code more readable, maintainable, and easier to understand without altering its functionality.
## Guidelines
- Break down long or complex functions into smaller, well-named helper functions or methods.
- Identify and remove any redundant or duplicate logic, consolidating wherever possible.
- Use more descriptive variable and function names to improve clarity.
- Simplify nested loops or conditionals (e.g., consider early returns to reduce indentation).
- Replace complex data structures or algorithms with simpler, more efficient alternatives if appropriate.
- Refactor complex conditional logic (e.g., using polymorphism, strategy pattern, or lookup tables where applicable).
- Replace hardcoded values with constants or configuration variables to improve flexibility.
- Group related logic together to improve cohesion within classes or functions.
- Ensure the code follows the DRY (Don't Repeat Yourself) principle and refactor to remove duplication.
- Simplify error handling by centralizing common error paths or using more consistent exception handling.
- Remove unnecessary comments or redundant code that doesnt add value to readability.
- Check for opportunities to use built-in language features or libraries to reduce custom code (e.g., use `map()` instead of for-loops in Python).
- Ensure code is modular and maintainable, facilitating easier testing and future updates.
- Use early exits or guard clauses to minimize nested logic and make the code more straightforward.
'';
};
commands = {
commit = ''
# Commit Command
Create a git commit with proper message formatting following conventional commits.
Keep it simple and only have one simple commit line. If you need to know what was changed, look at the staged files, and the diffs of the relevant ones.
Usage: /commit [message]
'';
};
rules = ''
### **General Project Guidelines**
#### **Separation of Concerns**
* Keep your code **loosely coupled** components/modules should only know about what they need.
* Maintain clear **separation between domain logic and business logic** ensure your domain layer is independent of infrastructure or framework specific details.
* Ensure **separation of data concerns** never mix UI data, business data, and domain entities in a single layer.
#### **Typing and Type Safety**
* **Always define types** explicitly for variables, parameters, and return values.
* Avoid using `any` if you're unsure about a type, lean on **unknown** or **generics** until you can define it properly.
* **Interfaces and Types** should be descriptive and reusable prefer interfaces for object shapes, and types for unions/intersections or specific business rules.
* Avoid overcomplicating types focus on clarity and consistency.
#### **Code Simplicity**
* Write **simple, understandable code** don't over engineer solutions unless absolutely necessary.
* Keep methods and functions **small and focused** follow the Single Responsibility Principle.
* **Comment only when necessary** to explain complex or non obvious patterns **no comments for simple or self explanatory code**.
#### **Production-Ready Code**
* Always write **production-grade code** optimize for maintainability, readability, and scalability.
* Ensure **robust error handling** catch edge cases, validate inputs, and handle exceptions gracefully.
#### **Framework and Library Usage**
* Use frameworks and libraries **where they make sense**, but avoid unnecessary dependencies, we usually want to keep dependencies down.
* Follow **framework best practices** for structure, state management, and lifecycle methods
* Keep **UI and business logic separate** don't directly tie your UI components to business logic; use hooks or services to handle interactions.
#### **Documentation**
* **Document key architecture decisions** especially if they are complex or non intuitive.
* Only document the **why** and **how** when it's not obvious avoid redundant or trivial comments.
* Keep your documentation to the developmentlog.md Make a new section, dont write to long, just briefely what needs to be documented.
#### **Performance Considerations**
* Optimize for **readability first**, then **performance** measure performance bottlenecks before optimizing.
* When optimizing, our first priority is finding arcitectural problems, then finding out ways to parralelize.
# General Rules
Keep things understandable for a software engineer. You dont need to over explain, and rather keep things a bit simpler. and tify.
Dont overly format your text as well. When writing plain text, markdown or similat, keep the writing in a human style with minimal formating, and good but simple explanations.
Be brief, you dont need to overly explain concepts or content that dont really need more explanation.
Tell the user where it takes wrong if the user does. You are allowed to think critically, and find problems in existing solutions, but start by asking, to get more clarification.
Dont do all the work for the user, rather let the user know where some help from them are needed. Some things are better done manually, and should not be done by you the assistant.
'';
};
}

8
home/python.nix Normal file
View File

@@ -0,0 +1,8 @@
{ pkgs, ... }:
{
home.packages = [
pkgs.poetry
(pkgs.python3.withPackages (import ../modules/python-packages.nix))
];
}

4
home/sops.nix
View File

@@ -3,9 +3,7 @@
sops = {
defaultSopsFile = ../secrets/secrets.yaml;
validateSopsFiles = false;
age.sshKeyPaths = [
"/home/gunalx/.ssh/nixos"
];
age.sshKeyPaths = [ "/home/gunalx/.ssh/nixos" ];
age.keyFile = "/home/gunalx/.config/sops/age/key.txt";
age.generateKey = true;
# This is the actual specification of the secrets.

14
home/sshconfig.nix
View File

@@ -5,8 +5,7 @@
...
}:
{
imports = [
];
imports = [ ];
home.packages = with pkgs; [
openssh
@@ -18,10 +17,13 @@
programs.ssh = {
enable = true;
compression = true;
# compression moved to matchBlocks."*"
# Default config is deprecated, disabling it and managing defaults manually if needed
enableDefaultConfig = false;
matchBlocks = {
"*" = {
compression = true;
identityFile = [
"~/.ssh/nixos"
"~/.ssh/id_ed25519"
@@ -70,6 +72,10 @@
user = "adriangl";
hostname = "login2.pvv.ntnu.no";
};
"bekkalokk" = {
user = "adriangl";
hostname = "bekkalokk.pvv.ntnu.no";
};
#home
"aragon" = {
@@ -79,7 +85,7 @@
"galadriel" = {
port = 6969;
hostname = "100.84.215.84";
hostname = "100.110.96.125";
};
"gandalf" = {

62
home/stylix.nix Normal file
View File

@@ -0,0 +1,62 @@
{ pkgs, config, ... }:
{
stylix = {
enable = true;
#autoEnable = false;
#targets.gtk.enable = true;
#targets.qt.enable = true;
#manually disable stuff i have done manually
targets.mako.enable = false;
#targets.foot.enable = false;
targets.swaylock.enable = false;
targets.fuzzel.enable = false;
targets.zed.enable = false;
base16Scheme = {
scheme = config.colorScheme.name;
author = config.colorScheme.author;
base00 = config.colorScheme.palette.base00;
base01 = config.colorScheme.palette.base01;
base02 = config.colorScheme.palette.base02;
base03 = config.colorScheme.palette.base03;
base04 = config.colorScheme.palette.base04;
base05 = config.colorScheme.palette.base05;
base06 = config.colorScheme.palette.base06;
base07 = config.colorScheme.palette.base07;
base08 = config.colorScheme.palette.base08;
base09 = config.colorScheme.palette.base09;
base0A = config.colorScheme.palette.base0A;
base0B = config.colorScheme.palette.base0B;
base0C = config.colorScheme.palette.base0C;
base0D = config.colorScheme.palette.base0D;
base0E = config.colorScheme.palette.base0E;
base0F = config.colorScheme.palette.base0F;
};
opacity = {
desktop = 0.7;
terminal = 0.7;
};
fonts = {
sizes = {
applications = 14;
terminal = 24;
desktop = 12;
};
serif = config.stylix.fonts.monospace;
sansSerif = config.stylix.fonts.monospace;
monospace = {
package = pkgs.notonoto-35;
#name = "NOTONOTO-35-Bold";
name = "NOTONOTO-35";
};
emoji = {
package = pkgs.noto-fonts-monochrome-emoji;
name = "Noto Emoji";
};
};
};
}

39
home/swayidle.nix Normal file
View File

@@ -0,0 +1,39 @@
{
pkgs,
inputs,
lib,
config,
...
}:
{
services.swayidle = {
enable = true;
timeouts = [
{
timeout = 210;
#command = "swaylock";
command = "gtklock";
resumeCommand = null;
}
{
timeout = 180;
command = "niri msg action power-off-monitors";
resumeCommand = "niri msg action power-on-monitors";
}
];
events = [
#{
# event = "before-sleep";
# #command = "swaylock";
# command = "gtklock";
#}
];
extraArgs = [ "-w" ];
package = pkgs.swayidle;
systemdTarget = "graphical-session.target";
};
}

4
home/swaylock.nix
View File

@@ -22,7 +22,9 @@ in
# authentication grace
grace = 3; # --grace
submit-on-touch = true; # --submit-on-touch
submit-on-touch = false; # --submit-on-touch
ignore-empty-password = true;
show-failed-attempts = true;
# clock
clock = true; # --clock

8
home/swww.nix Normal file
View File

@@ -0,0 +1,8 @@
{ config, pkgs, ... }:
let
palette = config.colorscheme.palette;
in
{
services.swww.enable = true;
}

17
home/unstable.nix Normal file
View File

@@ -0,0 +1,17 @@
{
config,
inputs,
...
}:
let
unstableOverlay = final: prev: {
unstable = import inputs.unstable {
inherit (final.stdenv.hostPlatform) system;
config = config.nixpkgs.config;
};
};
in
{
nixpkgs.overlays = [ unstableOverlay ];
}

2
home/wallpapers.nix
View File

@@ -2,7 +2,7 @@
let
# Path to your source folder of wallpapers
wallpaperSrc = ./wallpapers;
wallpaperSrc = ./Wallpapers;
# Read all file names in that directory
names = lib.attrNames (builtins.readDir wallpaperSrc);

5
home/waybar.nix
View File

@@ -42,8 +42,7 @@ in
"modules-left": ["custom/overview", "custom/launcher", "custom/keyboard", "sway/workspaces", "niri/workspaces"],
"modules-center": ["niri/window"],
"modules-right": [
"idle_inhibitor", "backlight", "pulseaudio", "keyboard-state",
"network", "cpu", "memory", "temperature", "battery",
"idle_inhibitor", "backlight", "pulseaudio", "cpu", "memory", "temperature", "battery",
"power-profiles-daemon", "clock", "tray", "custom/power"
],
@@ -103,7 +102,7 @@ in
"pulseaudio": {
"format": "{volume}% {icon}",
"format-muted": "",
"format-icons": { "default": ["","",""] },
"format-icons": { "default": ["🔈","🔉","🔊"] },
"on-click": "pavucontrol"
},

4
home/wlogout.nix
View File

@@ -19,8 +19,8 @@ let
# Path to the wleave-provided icons
iconsDir = "${pkgs.wleave}/share/wleave/icons";
in
in
{
programs.wlogout = {
enable = true;
@@ -30,7 +30,7 @@ in
layout = [
{
label = "lock";
action = "swaylock";
action = "gtklock";
text = "Lock";
keybind = "l";
}

42
home/xdg.nix Normal file
View File

@@ -0,0 +1,42 @@
{
pkgs,
lib,
config,
...
}:
{
# Enable XDG base directories
xdg.enable = true;
# Install the necessary packages for XDG compliance and management
home.packages = with pkgs; [
xdg-utils
xdg-launch
xdg-ninja
];
# Define session variables for XDG directories
home.sessionVariables = {
# Set other tools' paths to XDG directories (they should be relative to XDG_DATA_HOME or XDG_STATE_HOME)
GOPATH = "$XDG_DATA_HOME/go";
CARGO_HOME = "$XDG_DATA_HOME/cargo";
RUSTUP_HOME = "$XDG_DATA_HOME/rustup";
DOTNET_CLI_HOME = "$XDG_DATA_HOME/dotnet";
GNUPGHOME = "$XDG_DATA_HOME/gnupg";
ZDOTDIR = "$XDG_CONFIG_HOME/zsh"; # Optional, for Zsh configuration
HISTFILE = "$XDG_STATE_HOME/bash/history"; # Optional, for Bash history file location
};
# Enable XDG user directories (like Documents, Downloads, etc.)
xdg.userDirs.enable = true;
xdg.userDirs.createDirectories = true;
# Enable autostart functionality with read-only mode (prevents arbitrary service additions)
xdg.autostart.enable = true;
xdg.autostart.readOnly = true;
# Handle XDG MIME type associations (useful for apps)
xdg.mime.enable = true;
xdg.mimeApps.enable = true;
}

75
home/zed.nix
View File

@@ -5,7 +5,82 @@
...
}:
{
home.packages = with pkgs; [
copilot-language-server
github-copilot-cli
nixd
vscode-extensions.github.copilot
];
programs.zed-editor = {
enable = true;
#package = pkgs.zed-editor-fhs;
package = pkgs.unstable.zed-editor-fhs;
extraPackages = with pkgs; [
nodejs
copilot-language-server
github-copilot-cli
nixd
vscode-extensions.github.copilot
];
extensions = [
"nix"
"toml"
"rust"
"html"
"yaml"
"python"
"make"
"xml"
"dockerfile"
"vue"
"latex"
"csv"
"rainbow csv"
"snippets"
"typst"
"mermaid"
"markdownlint"
"markdown oxide"
"java"
"dart"
"go"
"c#"
"json"
"flask snippets"
"python snippets"
"flutter snippets"
"tokyo night themes"
"opencode"
];
userSettings = {
theme = {
mode = "system";
dark = "Tokyo Night";
light = "Tokyo Night Storm";
};
features = {
edit_prediction_provider = "copilot";
};
agent = {
default_profile = "write";
default_model = {
provider = "copilot_chat";
model = "claude-opus-4.5";
};
model_parameters = [ ];
};
hour_format = "hour24";
node = {
path = lib.getExe pkgs.nodejs;
npm_path = lib.getExe' pkgs.nodejs "npm";
};
load_direnv = "shell_hook";
base_keymap = "VSCode";
show_whitespaces = "boundary";
};
};
}

117
hosts/aragon/configuration.nix Normal file
View File

@@ -0,0 +1,117 @@
# Edit this configuration file to define what should be installed on
# your system. Help is available in the configuration.nix(5) man page
# and in the NixOS manual (accessible by running nixos-help).
{
config,
pkgs,
lib,
...
}:
{
imports = [
# Include the results of the hardware scan.
./hardware-configuration.nix
# Core system modules
../../modules/boot.nix
../../modules/nix.nix
../../modules/pam.nix
../../modules/polkit.nix
../../modules/zram.nix
../../modules/thermal.nix
# Networking and remote access
../../modules/openssh.nix
../../modules/tailscale.nix
# User interface and desktop
../../modules/displaymanager.nix
../../modules/xdg.nix
../../modules/sound.nix
../../modules/bluetooth.nix
../../modules/desktopApplications.nix
# Development tools and user configuration
../../modules/basePackages.nix
../../modules/develPackages.nix
../../modules/gunalx.nix
# Containerization and cloud
../../modules/podman.nix
# Scientific and data tools
../../modules/jupyterhub.nix
# Software and gaming
../../modules/steam.nix
# SDR (Software Defined Radio)
../../modules/rtlsdr.nix
../../modules/websdr.nix
# Secrets management
../../secrets/sops.nix
../../secrets/sopsconf.nix
];
services.desktopManager.gnome.enable = true;
environment.systemPackages = [
pkgs.qwen-asr
];
# Bootloader.
boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = true;
boot.binfmt.emulatedSystems = [ "aarch64-linux" ];
# Setup keyfile
boot.initrd.secrets = {
"/crypto_keyfile.bin" = null;
};
# Enable swap on luks
boot.initrd.luks.devices."luks-08650b6b-6143-4503-8bf5-a3d32ef62d73".device =
"/dev/disk/by-uuid/08650b6b-6143-4503-8bf5-a3d32ef62d73";
boot.initrd.luks.devices."luks-08650b6b-6143-4503-8bf5-a3d32ef62d73".keyFile =
"/crypto_keyfile.bin";
networking.hostName = "aragon"; # Define your hostname.
time.timeZone = "Europe/Amsterdam";
#time.hardwareClockInLocalTime = true;
networking.networkmanager.enable = true;
# Enable the X11 windowing system.
services.xserver.enable = true;
services.xserver.videoDrivers = [ "amdgpu" ];
# sleep wakeup rules
services.udev.extraRules = ''
ACTION=="add", SUBSYSTEM=="pci", DRIVER=="pcieport", ATTR{power/wakeup}="disabled"
'';
#comment out to enable sleep. Uncommented over vacations
# systemd.targets.sleep.enable = false;
# systemd.targets.suspend.enable = false;
# systemd.targets.hibernate.enable = false;
# systemd.targets.hybrid-sleep.enable = false;
# Open ports in the firewall.
# networking.firewall.allowedTCPPorts = [ ... ];
# networking.firewall.allowedUDPPorts = [ ... ];
# Or disable the firewall altogether.
networking.firewall.enable = false;
# This value determines the NixOS release from which the default
# settings for stateful data, like file locations and database versions
# on your system were taken. Its perfectly fine and recommended to leave
# this value at the release version of the first install of this system.
# Before changing this value read the documentation for this option
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
system.stateVersion = "23.05"; # Did you read the comment?
}

115
hosts/aragon/hardware-configuration.nix Normal file
View File

@@ -0,0 +1,115 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{
config,
lib,
pkgs,
modulesPath,
...
}:
{
imports = [
(modulesPath + "/installer/scan/not-detected.nix")
];
boot.initrd.availableKernelModules = [
"nvme"
"xhci_pci"
"ahci"
"usb_storage"
"usbhid"
"sd_mod"
"sr_mod"
];
boot.initrd.kernelModules = [ "amdgpu" ];
boot.kernelModules = [ "kvm-amd" ];
boot.extraModulePackages = [ ];
hardware.amdgpu.opencl.enable = true;
boot.kernelPackages = pkgs.linuxPackages_latest;
services.xserver.videoDrivers = [ "amdgpu" ];
systemd.tmpfiles.rules = [
"L+ /opt/rocm/hip - - - - ${pkgs.rocmPackages.clr}"
];
nixpkgs.config.rocmSupport = true;
nixpkgs.config.rocmTargets = [ "gfx1030" ];
environment.variables = {
HSA_OVERRIDE_GFX_VERSION = "10.3.0";
};
# Environment variables for ROCm
environment.sessionVariables = {
HSA_OVERRIDE_GFX_VERSION = "10.3.0";
ROCM_PATH = "${pkgs.rocmPackages.rocm-core}/opt/rocm";
HIP_PATH = "${pkgs.rocmPackages.rocm-core}/opt/rocm/hip";
};
hardware.graphics = {
enable = true;
extraPackages = with pkgs; [
rocmPackages.clr.icd
vulkan-loader
vulkan-tools
vulkan-headers
];
};
# You *can* still put utilities here
environment.systemPackages = with pkgs; [
vulkan-tools
clinfo
rocmPackages.clr
rocmPackages.rocminfo
rocmPackages.rocm-runtime
rocmPackages.rocm-core
rocmPackages.rocm-smi
rocmPackages.rocblas
rocmPackages.rccl
rocmPackages.hipcc
lact
rocmPackages.rocminfo
rocmPackages.rocm-smi
rocmPackages.rocm-runtime
rocmPackages.rocm-device-libs
rocmPackages.rocm-core
rocmPackages.rocm-cmake
rocmPackages.rocgdb
rocmPackages.rocblas
rocmPackages.rccl
rocmPackages.hipcc
];
systemd.packages = with pkgs; [ lact ];
systemd.services.lactd.wantedBy = [ "multi-user.target" ];
fileSystems."/" = {
device = "/dev/disk/by-uuid/8ab16ad5-08d2-44f9-a9e4-2e6240bfd8f8";
fsType = "ext4";
};
fileSystems."/mnt/steam" = {
device = "/dev/disk/by-id/nvme-Samsung_SSD_990_PRO_with_Heatsink_2TB_S7HPNJ0X304250L-part1";
fsType = "ext4";
};
boot.initrd.luks.devices."luks-31bf11fb-518a-408a-af06-93af528a5985".device =
"/dev/disk/by-uuid/31bf11fb-518a-408a-af06-93af528a5985";
fileSystems."/boot" = {
device = "/dev/disk/by-uuid/9A50-906F";
fsType = "vfat";
};
swapDevices = [
{ device = "/dev/disk/by-uuid/c7cdfab4-2c92-42de-b951-ccc6fcd7b7d7"; }
];
networking.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
}

62
hosts/elros/configuration.nix Normal file
View File

@@ -0,0 +1,62 @@
# Edit this configuration file to define what should be installed on
# your system. Help is available in the configuration.nix(5) man page, on
# https://search.nixos.org/options and in the NixOS manual (`nixos-help`).
{
config,
lib,
pkgs,
...
}:
{
imports = [
# Include the results of the hardware scan.
./hardware-configuration.nix
../../modules/boot.nix
../../modules/zram.nix
../../modules/nix.nix
../../modules/openssh.nix
../../modules/gunalx.nix
../../secrets/sops.nix
../../secrets/sopsconf.nix
../../modules/pam.nix
../../modules/tailscale.nix
../../modules/basePackages.nix
../../modules/acme.nix
../../modules/pangolin.nix
];
boot.binfmt.emulatedSystems = [ "aarch64-linux" ]; # support rpi building
# Use the systemd-boot EFI boot loader.
boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = true;
networking.hostName = "elros";
networking.networkmanager.enable = true;
time.timeZone = "Europe/Amsterdam";
# This option defines the first version of NixOS you have installed on this particular machine,
# and is used to maintain compatibility with application data (e.g. databases) created on older NixOS versions.
#
# Most users should NEVER change this value after the initial install, for any reason,
# even if you've upgraded your system to a new NixOS release.
#
# This value does NOT affect the Nixpkgs version your packages and OS are pulled from,
# so changing it will NOT upgrade your system - see https://nixos.org/manual/nixos/stable/#sec-upgrading for how
# to actually do that.
#
# This value being lower than the current NixOS release does NOT mean your system is
# out of date, out of support, or vulnerable.
#
# Do NOT change this value unless you have manually inspected all the changes it would make to your configuration,
# and migrated your data accordingly.
#
# For more information, see `man configuration.nix` or https://nixos.org/manual/nixos/stable/options#opt-system.stateVersion .
system.stateVersion = "25.05"; # Did you read the comment?
}

55
hosts/elros/hardware-configuration.nix Normal file
View File

@@ -0,0 +1,55 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{
config,
lib,
pkgs,
modulesPath,
...
}:
{
imports = [
(modulesPath + "/profiles/qemu-guest.nix")
];
boot.initrd.availableKernelModules = [
"ata_piix"
"uhci_hcd"
"virtio_pci"
"virtio_scsi"
"sd_mod"
"sr_mod"
];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ ];
boot.extraModulePackages = [ ];
fileSystems."/" = {
device = "/dev/disk/by-uuid/7fa4de3a-20bb-4d0f-b049-dd6a0a0aee6e";
fsType = "ext4";
};
fileSystems."/boot" = {
device = "/dev/disk/by-uuid/E04D-431D";
fsType = "vfat";
options = [
"fmask=0022"
"dmask=0022"
];
};
swapDevices = [ ];
services.qemuGuest.enable = true;
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's
# still possible to use this option, but it's recommended to use it in conjunction
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
networking.useDHCP = lib.mkDefault true;
# networking.interfaces.ens18.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
}

88
hosts/elros/routes.nix Normal file
View File

@@ -0,0 +1,88 @@
{
config,
pkgs,
lib,
...
}:
{
services.caddy.virtualHosts = {
"managment.lauterer.it" = {
extraConfig = ''
reverse_proxy http://100.104.182.48
basicauth {
import ${config.sops.secrets."nginx/defaultpass".path}
}
'';
};
"funn-nas.lauterer.it" = {
extraConfig = ''
reverse_proxy https://100.104.182.48:30044 {
transport http {
tls_insecure_skip_verify
}
}
basicauth {
import ${config.sops.secrets."nginx/defaultpass".path}
}
'';
};
"film.lauterer.it" = {
extraConfig = ''
reverse_proxy http://100.104.182.48:8096
'';
};
"home.lauterer.it" = {
extraConfig = ''
reverse_proxy http://10.0.0.32:8123
'';
};
"jellyfin.lauterer.it" = {
extraConfig = ''
reverse_proxy http://100.84.215.84:8096
'';
};
"podgrab.lauterer.it" = {
extraConfig = ''
reverse_proxy http://100.84.215.84:4242
basicauth {
import ${config.sops.secrets."nginx/defaultpass".path}
}
'';
};
"jupyter.lauterer.it" = {
extraConfig = ''
reverse_proxy http://100.84.215.84:8771
'';
};
"rss.lauterer.it" = {
extraConfig = ''
reverse_proxy http://100.84.215.84:8089
'';
};
"ai.lauterer.it" = {
extraConfig = ''
reverse_proxy http://100.84.215.84:11111
'';
};
"chat.lauterer.it" = {
extraConfig = ''
reverse_proxy http://100.84.215.84:11111
'';
};
"archive.lauterer.it" = {
extraConfig = ''
reverse_proxy http://100.84.215.84:8082
'';
};
};
}

80
hosts/galadriel/configuration.nix Normal file
View File

@@ -0,0 +1,80 @@
# Edit this configuration file to define what should be installed on
# your system. Help is available in the configuration.nix(5) man page, on
# https://search.nixos.org/options and in the NixOS manual (`nixos-help`).
{
config,
lib,
pkgs,
...
}:
{
imports = [
# Include the results of the hardware scan.
./hardware-configuration.nix
#./nvidia.nix #we have intel gpu now
../../modules/boot.nix
../../modules/zram.nix
../../modules/zfs.nix
../../modules/polkit.nix
../../modules/nix.nix
../../modules/openssh.nix
../../modules/gunalx.nix
../../secrets/sops.nix
../../secrets/sopsconf.nix
../../modules/pam.nix
../../modules/tailscale.nix
../../modules/podman.nix
../../modules/basePackages.nix
../../modules/develPackages.nix
../../modules/vaultvarden.nix
../../modules/immich.nix
../../modules/qbittorrent.nix
../../modules/jellyfin.nix
../../modules/mealie.nix
../../modules/miniflux.nix
../../modules/jupyterhub.nix
../../modules/openwebui.nix
../../modules/llama-swap.nix
];
networking.hostId = "1ccccd3a";
## Load zfs pool
boot.zfs.extraPools = [
"lorien"
];
boot.zfs.requestEncryptionCredentials = true;
# Use the systemd-boot EFI boot loader.
boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = true;
networking.hostName = "galadriel";
networking.networkmanager.enable = true;
time.timeZone = "Europe/Amsterdam";
# This option defines the first version of NixOS you have installed on this particular machine,
# and is used to maintain compatibility with application data (e.g. databases) created on older NixOS versions.
#
# Most users should NEVER change this value after the initial install, for any reason,
# even if you've upgraded your system to a new NixOS release.
#
# This value does NOT affect the Nixpkgs version your packages and OS are pulled from,
# so changing it will NOT upgrade your system - see https://nixos.org/manual/nixos/stable/#sec-upgrading for how
# to actually do that.
#
# This value being lower than the current NixOS release does NOT mean your system is
# out of date, out of support, or vulnerable.
#
# Do NOT change this value unless you have manually inspected all the changes it would make to your configuration,
# and migrated your data accordingly.
#
# For more information, see `man configuration.nix` or https://nixos.org/manual/nixos/stable/options#opt-system.stateVersion .
system.stateVersion = "25.05"; # Did you read the comment?
}

97
hosts/galadriel/hardware-configuration.nix Normal file
View File

@@ -0,0 +1,97 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{
config,
lib,
pkgs,
modulesPath,
...
}:
{
imports = [
(modulesPath + "/installer/scan/not-detected.nix")
];
boot.initrd.availableKernelModules = [
"xhci_pci"
"ahci"
"nvme"
"usb_storage"
"usbhid"
"sd_mod"
];
boot.kernelPackages = pkgs.linuxPackages_6_19; # migth need to bump down if zfs compat breaks.
boot.zfs.package = pkgs.zfs_2_4;
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-amd" ];
boot.extraModulePackages = [ ];
boot.kernelParams = [
"xe.force_probe=e212"
"xe.vram_force_mmapable=1"
"transparent_hugepage=always"
];
services.udev.extraRules = ''
ACTION=="add", SUBSYSTEM=="drm", KERNEL=="card*", ATTR{device/tile0/gt0/engines/ccs0/job_timeout_ms}="100000"
ACTION=="add", SUBSYSTEM=="drm", KERNEL=="card*", ATTR{device/tile0/gt0/engines/rcs0/job_timeout_ms}="100000"
'';
hardware.enableRedistributableFirmware = true;
hardware.firmware = [ pkgs.linux-firmware ];
environment.systemPackages = with pkgs; [
mkl
];
hardware.graphics = {
enable = true;
extraPackages = with pkgs; [
vpl-gpu-rt
mkl
#hardware decode and opencl
intel-media-driver # LIBVA_DRIVER_NAME=iHD (for HD Graphics starting Broadwell (2014) and newer)
intel-vaapi-driver # LIBVA_DRIVER_NAME=i965 (older but works better for Firefox/Chromium)
libvdpau-va-gl
intel-compute-runtime
intel-ocl
intel-graphics-compiler
level-zero
vulkan-loader
vulkan-validation-layers
];
};
fileSystems."/" = {
device = "/dev/disk/by-uuid/7789ad41-d578-40bc-bf86-b761e0a4921e";
fsType = "btrfs";
};
boot.initrd.luks.devices."NIXROOT".device =
"/dev/disk/by-uuid/082790fd-3d4b-4307-8a43-b9c56bd86e03";
fileSystems."/boot" = {
device = "/dev/disk/by-uuid/3DE0-D86E";
fsType = "vfat";
options = [
"fmask=0022"
"dmask=0022"
];
};
swapDevices = [ ];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's
# still possible to use this option, but it's recommended to use it in conjunction
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
networking.useDHCP = lib.mkDefault true;
# networking.interfaces.eno1.useDHCP = lib.mkDefault true;
# networking.interfaces.enp7s0f3u2.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
}

58
hosts/legolas/configuration.nix
View File

@@ -16,6 +16,7 @@
../../modules/boot.nix
../../modules/zram.nix
../../modules/displaymanager.nix
../../modules/polkit.nix
../../modules/nix.nix
../../secrets/sops.nix
../../secrets/sopsconf.nix
@@ -24,6 +25,20 @@
../../modules/pam.nix
../../modules/tailscale.nix
../../modules/podman.nix
../../modules/steam.nix
../../modules/xdg.nix
../../modules/bluetooth.nix
../../modules/powerprofiles.nix
../../modules/basePackages.nix
../../modules/develPackages.nix
#../../modules/jupyterhub.nix
../../modules/blog.nix
#../../modules/ollama.nix
#../../modules/docling.nix # temp for dev ... Waiting for non broken docling-serve
../../modules/kdeconnect.nix
../../modules/desktopApplications.nix
../../modules/fcitx5.nix
];
networking.hostName = "legolas";
@@ -32,6 +47,11 @@
# Select internationalisation properties.
# i18n.defaultLocale = "en_US.UTF-8";
#testing terminal from printer cable.
services.printing.enable = true;
boot.kernelModules = [ "usblp" ];
boot.binfmt.emulatedSystems = [ "aarch64-linux" ];
# Enable the X11 windowing system.
services.xserver.enable = true;
services.xserver.videoDrivers = [
@@ -42,48 +62,16 @@
services.libinput.enable = true;
programs.firefox.enable = true;
# List packages installed in system profile.
# You can use https://search.nixos.org/ to find more packages (and options).
environment.systemPackages = with pkgs; [
vim
git
alacritty
foot
firefox
fuzzel
niri
nixfmt-rfc-style
nixfmt-tree
distrobox
distrobox-tui
boxbuddy
gcc
cargo
rustup
cmake
];
# Some programs need SUID wrappers, can be configured further or are
# started in user sessions.
programs.mtr.enable = true;
programs.gnupg.agent = {
enable = true;
enableSSHSupport = true;
};
# Enable the OpenSSH daemon.
# services.openssh.enable = true;
services.dbus.enable = true;
services.dbus.implementation = "broker";
# Open ports in the firewall.
# networking.firewall.allowedTCPPorts = [ ... ];
# networking.firewall.allowedUDPPorts = [ ... ];
# Or disable the firewall altogether.
# networking.firewall.enable = false;
services.desktopManager.gnome.enable = true;
# This option defines the first version of NixOS you have installed on this particular machine,
# and is used to maintain compatibility with application data (e.g. databases) created on older NixOS versions.

62
hosts/legolas/hardware-configuration.nix
View File

@@ -1,6 +1,3 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{
config,
lib,
@@ -10,8 +7,14 @@
}:
{
imports = [
(modulesPath + "/installer/scan/not-detected.nix")
imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];
#boot.kernelPackages = pkgs.linuxPackages_zen;
boot.kernelPackages = pkgs.linuxPackages_latest;
boot.kernelParams = [
"nvme_core.default_ps_max_latency_us=0"
"mem_sleep_default=deep"
];
boot.initrd.availableKernelModules = [
@@ -29,18 +32,6 @@
fsType = "ext4";
};
boot.initrd.luks.devices = {
"luks_secure" = {
device = "/dev/disk/by-uuid/c21c8089-29a7-4266-a8a6-6e80ccca167c";
preLVM = true;
allowDiscards = true;
crypttabExtraOpts = [
"tpm2-device=auto"
"tpm2-measure-pcr=yes"
];
};
};
fileSystems."/boot" = {
device = "/dev/disk/by-label/NIXBOOT";
fsType = "vfat";
@@ -50,17 +41,42 @@
];
};
swapDevices = [ ];
boot.initrd.luks.devices.luks_secure = {
device = "/dev/disk/by-uuid/c21c8089-29a7-4266-a8a6-6e80ccca167c";
crypttabExtraOpts = [
#"tpm2-device=auto"
#"tpm2-measure-pcr=yes"
];
};
boot.kernel.sysctl = {
# "vm.swappiness" = 10;
};
systemd.targets.hibernate.enable = false;
#services.logind.lidSwitch = "suspend";
powerManagement.enable = true;
# Disable hibernation
systemd.sleep = {
extraConfig = ''
AllowHibernation=no
AllowHybridSleep=no
AllowSuspendThenHibernate=no
'';
};
# Disable PCIe wakeups
services.udev.extraRules = ''
ACTION=="add", SUBSYSTEM=="pci", DRIVER=="pcieport", ATTR{power/wakeup}="disabled"
'';
hardware.graphics = {
enable = true;
extraPackages = with pkgs; [
vpl-gpu-rt
intel-media-sdk
];
extraPackages = with pkgs; [ vpl-gpu-rt ];
};
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
}

43
modules/acme.nix Normal file
View File

@@ -0,0 +1,43 @@
{
config,
pkgs,
lib,
...
}:
{
sops.secrets."acme/certs" = { };
networking.enableIPv6 = false; # For some reason acme only works without ipv6, probably because of missing AAAA records.
networking.domain = "lauterer.it";
#acme and certs helpful blog https://carjorvaz.com/posts/
security.acme = {
acceptTerms = true;
defaults.email = "adrian+acme@lauterer.it";
certs."${config.networking.domain}" = {
domain = "${config.networking.domain}";
extraDomainNames = [
"*.${config.networking.domain}"
"lb0fj.eu"
"*.lb0fj.eu"
"256.no"
"*.256.no"
"*.addictedmaker.eu"
"addictedmaker.eu"
];
## for testing.
#server = "https://acme-staging-v02.api.letsencrypt.org/directory";
#enableDebugLogs = true;
#legos registrar specific stuff.
dnsResolver = "ns1.hyp.net:53";
dnsProvider = "domeneshop";
dnsPropagationCheck = true;
#need to manually create this file according to dnsprovider secrets, and format of key according to lego in privider and add to secrets.yaml
credentialsFile = config.sops.secrets."acme/certs".path;
};
};
#add proxyserver to acme group
#users.users.nginx.extraGroups = [ "acme" ];
users.users.root.extraGroups = [ "acme" ];
}

70
modules/authelia.nix Normal file
View File

@@ -0,0 +1,70 @@
{
config,
pkgs,
lib,
...
}:
{
sops.secrets."authelia/usersFile" = {
owner = "authelia-main";
group = "authelia-main";
mode = "0400";
};
sops.secrets."authelia/jwtSecretFile" = {
owner = "authelia-main";
group = "authelia-main";
mode = "0400";
};
sops.secrets."authelia/storageEncryptionKeyFile" = {
owner = "authelia-main";
group = "authelia-main";
mode = "0400";
};
sops.secrets."authelia/sessionSecretFile" = {
owner = "authelia-main";
group = "authelia-main";
mode = "0400";
};
services.authelia.instances.main = {
enable = true;
secrets.storageEncryptionKeyFile = config.sops.secrets."authelia/storageEncryptionKeyFile".path;
secrets.jwtSecretFile = config.sops.secrets."authelia/jwtSecretFile".path;
secrets.sessionSecretFile = config.sops.secrets."authelia/sessionSecretFile".path;
settings = {
theme = "dark";
default_2fa_method = "totp";
log.level = "warn";
server.disable_healthcheck = false;
server.address = "tcp://0.0.0.0:9091/";
authentication_backend = {
file = {
path = lib.mkDefault config.sops.secrets."authelia/usersFile".path;
};
};
session = {
cookies = [
{
domain = "lauterer.it";
authelia_url = "https://authelia.lauterer.it";
}
];
};
access_control = {
default_policy = "one_factor";
};
storage = {
local = {
path = lib.mkDefault "/var/lib/authelia/main/db.sqlite3";
};
};
notifier = {
filesystem = {
filename = lib.mkDefault "/var/lib/authelia/main/notification.txt";
};
};
};
};
}

31
modules/basePackages.nix Normal file
View File

@@ -0,0 +1,31 @@
{
config,
pkgs,
lib,
...
}:
{
environment.systemPackages = with pkgs; [
vim
git
wget
htop
bottom
nvtopPackages.full
uutils-coreutils
nixfmt-rfc-style
nixfmt-tree
zip
unzip
ripgrep
eza
fastfetch
rsync
screen
];
}

8
modules/blog.nix Normal file
View File

@@ -0,0 +1,8 @@
{ pkgs, ... }:
{
services.blog-generator = {
enable = true;
contentDir = "/var/lib/www/blog/content";
port = 8080;
};
}

25
modules/bluetooth.nix Normal file
View File

@@ -0,0 +1,25 @@
{
config,
pkgs,
lib,
...
}:
{
imports = [ ];
environment.systemPackages = with pkgs; [
bluez
];
hardware.bluetooth.enable = lib.mkDefault true;
hardware.bluetooth.settings = lib.mkDefault {
General = {
Enable = "Source,Sink,Media,Socket";
Experimental = true;
};
};
services.blueman.enable = lib.mkDefault true;
}

9
modules/boot.nix
View File

@@ -13,13 +13,6 @@
kernelParams = [
"quiet"
"splash"
"loglevel=0"
"udev.log_priority=3"
"vt.global_cursor_default=0"
"rd.systemd.show_status=auto"
"rd.udev.log_level=3"
"boot.shell_on_fail"
"console=tty1"
];
initrd = {
@@ -37,11 +30,11 @@
fonts.packages = with pkgs; [
dejavu_fonts
hack-font
];
# Integrate with Lanzaboote
boot.loader.systemd-boot.enable = lib.mkForce false;
boot.loader.grub.enable = lib.mkForce false;
boot.lanzaboote = {
enable = true;
#pkiBundle = "/etc/secureboot"; # old way. use sbctl setup --migrate

87
modules/desktopApplications.nix Normal file
View File

@@ -0,0 +1,87 @@
{
config,
pkgs,
lib,
inputs,
...
}:
{
environment.systemPackages = with pkgs; [
element-desktop
discord
firefox
nautilus
obs-studio
gimp
feh
gparted
libreoffice-fresh
kdePackages.okular
#zed-editor-fhs
inkscape
krita
sweethome3d.application
audacity
bitwarden-desktop
openvpn
zettlr # notes
logseq
pandoc
typst
texliveFull
openscad
prusa-slicer
freecad-wayland
openscad-unstable
#kicad # somehow stalls building.
#easyeda2kicad # could not build
easyeffects
musescore
mpv
spotify
spotify-tray
rclone
distrobox
boxbuddy
dbeaver-bin
sqlite
sqlitebrowser
postman
mitmproxy
wireshark
gdb
calibre
anki
bibletime
aerc
thunderbird
#eddie # old dotnet
steam
prismlauncher
protonplus
qbittorrent
kdePackages.filelight
kdePackages.kdeconnect-kde # could use valent instead.
solaar
cheese
ffmpeg
openvpn
wireguard-tools
fontforge
piper-tts
yt-dlp
tealdeer
clipboard-jh
ffmpeg
wl-clipboard
ydotool
wl-mirror
noto-fonts-cjk-sans
];
programs.dconf.enable = true;
}

70
modules/develPackages.nix Normal file
View File

@@ -0,0 +1,70 @@
{
config,
pkgs,
lib,
...
}:
{
environment.systemPackages = with pkgs; [
zip
unzip
jq
curl
wget
openssl
gdb
libgcc
gcc
gccStdenv
gnumake
libcxx
libclc
libcap
libcutl
cmake
i2pd-tools
autoconf
xorg-autoconf
automake
autobuild
libtool
pkgconf
libpkgconf
pkg-config
valgrind
fontconfig
imagemagickBig
plantuml
rustup
rustfmt
treefmt
yarn
nodejs-slim
node2nix
uv
poetry
thonny
(python3.withPackages (import ./python-packages.nix))
github-copilot-cli
#dotnet-sdk_8
#dotnet-sdk_9
#dotnet-sdk_10
#dotnet-aspnetcore
#dotnet-ef
#gamedev
godot
];
programs.dconf.enable = lib.mkDefault true;
}

15
modules/displaymanager.nix
View File

@@ -6,16 +6,29 @@
}:
{
imports = [ ];
environment.systemPackages = [
(pkgs.catppuccin-sddm.override {
flavor = "mocha";
accent = "teal";
fontSize = "24";
background = ../home/Wallpapers/1346679.jpg;
loginBackground = true;
})
];
services.displayManager = {
enable = true;
sessionPackages = with pkgs; [ niri ];
defaultSession = "niri";
sddm = {
enable = true;
autoNumlock = true;
enableHidpi = true;
wayland.enable = true;
theme = "catppuccin-mocha-teal";
package = pkgs.kdePackages.sddm;
};
};

16
modules/docling.nix Normal file
View File

@@ -0,0 +1,16 @@
{
config,
pkgs,
lib,
...
}:
{
services.docling-serve = {
enable = true;
package = pkgs.unstable.docling-serve;
port = 5001;
host = "127.0.0.1";
openFirewall = true;
};
}

56
modules/fcitx5.nix Normal file
View File

@@ -0,0 +1,56 @@
{
config,
pkgs,
lib,
...
}:
{
# System-level fcitx5 configuration for Wayland
# This prevents GTK_IM_MODULE from being set, which is recommended for Wayland
i18n.inputMethod = {
enable = true;
type = "fcitx5";
fcitx5 = {
waylandFrontend = true;
settings = {
globalOptions.Hotkey = {
TriggerKey = "Control+space";
};
inputMethod = {
GroupOrder."0" = "Default";
"Groups/0" = {
Name = "Default";
"Default Layout" = "us";
DefaultIM = "mozc";
};
"Groups/0/Items/0" = {
Name = "keyboard-us";
Layout = "us";
};
"Groups/0/Items/1" = {
Name = "mozc";
Layout = "";
};
"Groups/0/Items/2" = {
Name = "keyboard-no";
Layout = "no";
};
};
};
addons = with pkgs; [
fcitx5-rime
fcitx5-mozc
fcitx5-gtk
qt6Packages.fcitx5-configtool
];
};
};
# Ensure fcitx5 starts with the session
services.xserver.desktopManager.runXdgAutostartIfNone = true;
# environment.sessionVariables = {
# GTK_IM_MODULE = lib.mkForce "";
# };
}

6
modules/gunalx.nix
View File

@@ -14,8 +14,10 @@
"tss"
"networking"
"podman"
]; # Enable sudo for the user.
packages = with pkgs; [
"pipewire"
"plugdev"
"dialout"
];
packages = with pkgs; [ ];
};
}

23
modules/immich.nix Normal file
View File

@@ -0,0 +1,23 @@
{
config,
pkgs,
lib,
...
}:
{
services.immich = {
enable = true;
port = 2283;
host = "0.0.0.0";
openFirewall = true;
mediaLocation = "/lorien/media/pictures";
accelerationDevices = null;
settings = {
newVersionCheck.enabled = false;
};
};
}

15
modules/jellyfin.nix Normal file
View File

@@ -0,0 +1,15 @@
{
config,
pkgs,
lib,
...
}:
{
users.groups.media.members = [ "jellyfin" ]; # have media directory owned by media group
services.jellyfin = {
enable = true;
group = "media";
openFirewall = true;
};
}

73
modules/jupyterhub.nix Normal file
View File

@@ -0,0 +1,73 @@
{
config,
pkgs,
lib,
...
}:
let
myPythonPackages = import ./python-packages.nix;
myPython = pkgs.python3;
myJupyterHubEnv = myPython.withPackages (
ps:
with ps;
[
jupyterhub
jupyterhub-systemdspawner
]
++ myPythonPackages ps
);
myJupyterLabEnv = myPython.withPackages (
ps:
with ps;
[
jupyterhub
]
++ myPythonPackages ps
);
in
{
users.users.tdt4117 = {
isNormalUser = true;
home = "/home/tdt4117";
description = "tdt4117 - delete after h25";
extraGroups = [ ];
# openssh.authorizedKeys.keys = [ "ssh-dss AAAAB3Nza... " ];
};
services.jupyterhub = {
jupyterhubEnv = myJupyterHubEnv;
jupyterlabEnv = myJupyterLabEnv;
enable = true;
port = 8770;
host = "0.0.0.0";
extraConfig = ''
c.Authenticator.allow_all = True
c.ConfigurableHTTPProxy.api_url = 'http://0.0.0.0:8770'
c.JupyterHub.bind_url = 'http://0.0.0.0:8771'
'';
kernels = {
python3 =
let
env = pkgs.python3.withPackages myPythonPackages;
in
{
displayName = "Python 3 for machine learning";
argv = [
"${env.interpreter}"
"-m"
"ipykernel_launcher"
"-f"
"{connection_file}"
];
language = "python";
logo32 = "${env}/${env.sitePackages}/ipykernel/resources/logo-32x32.png";
logo64 = "${env}/${env.sitePackages}/ipykernel/resources/logo-64x64.png";
};
};
};
}

28
modules/kdeconnect.nix Normal file
View File

@@ -0,0 +1,28 @@
{
pkgs,
lib,
config,
...
}:
{
environment.systemPackages = with pkgs; [
kdePackages.xdg-desktop-portal-kde
kdePackages.kdeconnect-kde
gnomeExtensions.gsconnect
kdePackages.qttools
];
programs.kdeconnect = {
#package = pkgs.kdePackages.kdeconnect-kde;
package = pkgs.gnomeExtensions.gsconnect;
enable = true;
};
networking.firewall = rec {
allowedTCPPortRanges = [
{
from = 1714;
to = 1764;
}
];
allowedUDPPortRanges = allowedTCPPortRanges;
};
}

70
modules/librechat.nix Normal file
View File

@@ -0,0 +1,70 @@
{ config, pkgs, ... }:
let
librechatPort = 3080;
mongoUri = "mongodb://127.0.0.1:27017/LibreChat";
in
{
sops.secrets."librechat/environmentFile" = { };
# Enable MongoDB
services.mongodb = {
enable = true;
package = pkgs.mongodb-ce;
# Optional: enableAuth = true;
# initialRootPasswordFile = "/path/to/mongo-root-password-file";
};
# LibreChat systemd service
systemd.services.librechat = {
# Make enable flagged when built
enable = true;
description = "LibreChat server";
# **Native systemd dependency declarations**
requires = [ "mongodb.service" ];
after = [
"network.target"
"mongodb.service"
];
serviceConfig = {
EnvironmentFile = config.sops.secrets."librechat/environmentFile".path;
Restart = "on-failure";
User = "librechat";
Group = "librechat";
# ExecStart binds to package binary
ExecStart = ''
${pkgs.librechat}/bin/librechat-server \
--host 0.0.0.0 \
--port ${toString librechatPort} \
--config /var/lib/librechat/config.yaml
'';
WorkingDirectory = "/var/lib/librechat";
};
wantedBy = [ "multi-user.target" ];
};
# Create user
users.users.librechat = {
isSystemUser = true;
description = "LibreChat service user";
home = "/var/lib/librechat";
createHome = true;
};
users.users.librechat.group = "librechat";
users.groups.librechat = { };
systemd.tmpfiles.rules = [
"d /var/lib/librechat 0755 librechat librechat -"
];
networking.firewall.allowedTCPPorts = [
librechatPort
27017
];
}

43
modules/llama-cpp.nix Normal file
View File

@@ -0,0 +1,43 @@
{
config,
pkgs,
lib,
unstable,
inputs,
system,
...
}:
let
hostname = config.networking.hostName;
in
{
environment.systemPackages = [ pkgs.unstable.ollama ];
services.llama-cpp = {
enable = true;
host = "0.0.0.0";
port = 11111;
package = inputs.self.packages.${system}.llama-cpp-nightly-vulkan;
openFirewall = true;
model = "/var/lib/llama/models/Qwen3.5-35B-A3B-UD-Q2_K_XL.gguf";
extraFlags = [
"-c"
"32000"
"-ngl"
"41" # techincally entire qwen3.5
"--image-min-tokens"
"1024"
"--image-max-tokens"
"2048"
#"--hf-repo" "unsloth/Qwen3.5-35B-A3B-GGUF:Q2_K_L"
"--mmproj"
"/var/lib/llama/models/mmproj-F16.gguf"
"-ctk"
"q4_0"
"-ctv"
"q4_0" # quantisize kv cache.
"--no-mmap"
];
};
}

253
modules/llama-swap.nix Normal file
View File

@@ -0,0 +1,253 @@
{
config,
pkgs,
lib,
inputs,
system,
...
}:
{
environment.systemPackages = [
inputs.self.packages.${system}.llama-cpp-nightly-vulkan
pkgs.unstable.stable-diffusion-cpp-vulkan
pkgs.unstable.whisper-cpp-vulkan
inputs.self.packages.${system}.z-image-models
inputs.self.packages.${system}.whisper-models
#inputs.self.packages.${system}.fish-speech-models
];
services.llama-swap = {
enable = true;
package = inputs.self.packages.${system}.llama-swap;
port = 11112;
openFirewall = true;
settings =
let
llama-server = lib.getExe' inputs.self.packages.${system}.llama-cpp-nightly-vulkan "llama-server";
sd-server = lib.getExe' pkgs.unstable.stable-diffusion-cpp-vulkan "sd-server";
whisper-server = lib.getExe' pkgs.unstable.whisper-cpp-vulkan "whisper-server";
podman = lib.getExe pkgs.podman;
z-image-models = inputs.self.packages.${system}.z-image-models;
whisper-models = inputs.self.packages.${system}.whisper-models;
in
{
healthCheckTimeout = 180;
startPort = 12000;
globalTTL = 600;
logLevel = "info";
macros = {
ctx = 32000;
ngl = 99;
kv_cache = "-ctk q4_0 -ctv q4_0 -fa 1";
batch = "-b 1024 -ub 1024"; # default 512 512
hf_repo = "";
image-tokens = "--image-min-tokens 256 --image-max-tokens 1536";
qwen35-thinking = "--chat-template-kwargs '{\"enable_thinking\":true}'";
qwen35-no-thinking = "--chat-template-kwargs '{\"enable_thinking\":false}'";
};
models = {
"qwen3.5-35b-a3b" = {
cmd = "${llama-server} --port $\{PORT\} --host 0.0.0.0 --ctx-size $\{ctx\} -ngl $\{ngl\} $\{kv_cache\} $\{batch\} --hf-repo $\{hf_repo\} $\{image-tokens\} $\{qwen35-no-thinking\} ";
aliases = [ "qwen3.5" ];
ttl = 1800;
macros = {
ctx = 49152;
hf_repo = "unsloth/Qwen3.5-35B-A3B-GGUF:UD-IQ3_XXS";
};
};
"qwen3.5-9b" = {
cmd = "${llama-server} --port $\{PORT\} --host 0.0.0.0 --ctx-size $\{ctx\} $\{kv_cache\} -ngl $\{ngl\} --hf-repo $\{hf_repo\} $\{batch\} $\{image-tokens\} $\{qwen35-thinking\} ";
ttl = 900;
macros = {
hf_repo = "unsloth/Qwen3.5-9B-GGUF:UD-Q4_K_XL";
ctx = 128000;
};
};
"qwen3.5-2b" = {
cmd = "${llama-server} --port $\{PORT\} --host 0.0.0.0 --ctx-size $\{ctx\} $\{kv_cache\} $\{batch\} $\{image-tokens\} -ngl $\{ngl\} --hf-repo $\{hf_repo\} ";
ttl = 900;
macros = {
hf_repo = "unsloth/Qwen3.5-2B-GGUF:UD-Q8_K_XL";
ctx = 200000;
};
};
"glm4.7-flash" = {
cmd = "${llama-server} --port $\{PORT\} --host 0.0.0.0 --ctx-size $\{ctx\} -fa 0 -ngl $\{ngl\} --hf-repo $\{hf_repo\}";
ttl = 900;
aliases = [ "coder" ];
macros = {
hf_repo = "unsloth/GLM-4.7-Flash-REAP-23B-A3B-GGUF"; # Reap should allow more context in gpu mem
ctx = 32000;
};
};
"gemma4" = {
cmd = "${llama-server} --port $\{PORT\} --host 0.0.0.0 --ctx-size $\{ctx\} -fa 0 -ngl $\{ngl\} --hf-repo $\{hf_repo\}";
ttl = 900;
macros = {
hf_repo = "unsloth/gemma-4-26B-A4B-it-GGUF:UD-IQ3_XXS";
ctx = 36000;
};
};
"gemma4E4" = {
cmd = "${llama-server} --port $\{PORT\} --host 0.0.0.0 --ctx-size $\{ctx\} $\{kv_cache\} -ngl $\{ngl\} --hf-repo $\{hf_repo\}";
ttl = 900;
macros = {
hf_repo = "unsloth/gemma-4-E4B-it-GGUF";
ctx = 128000;
};
};
"ministal-3-8b-reasonning" = {
cmd = "${llama-server} --port $\{PORT\} --host 0.0.0.0 --ctx-size $\{ctx\} -ngl $\{ngl\} --hf-repo $\{hf_repo\}";
aliases = [ "ministral3" ];
ttl = 900;
macros.hf_repo = "mistralai/Ministral-3-8B-Reasoning-2512-GGUF";
};
"ministal-3-3b" = {
cmd = "${llama-server} --port $\{PORT\} --host 0.0.0.0 --ctx-size $\{ctx\} -ngl $\{ngl\} --hf-repo $\{hf_repo\}";
aliases = [ "ministral3-mini" ];
ttl = 900;
macros.hf_repo = "mistralai/Ministral-3-3B-Instruct-2512-GGUF";
};
"minicpm-o-4_5" = {
cmd = "${llama-server} --port $\{PORT\} --host 0.0.0.0 --ctx-size $\{ctx\} -ngl $\{ngl\} --hf-repo $\{hf_repo\} --mmproj-url https://huggingface.co/openbmb/MiniCPM-o-4_5-gguf/resolve/main/vision/MiniCPM-o-4_5-vision-F16.gguf";
aliases = [
"openbmb/MiniCPM-o-4_5-gguf"
"minicpm"
];
ttl = 900;
macros.hf_repo = "openbmb/MiniCPM-o-4_5-gguf";
};
"z-image-turbo" = {
cmd = "${sd-server} --listen-port $\{PORT\} --diffusion-model $\{diffusion_model\} --vae $\{vae\} --llm $\{llm\} --offload-to-cpu --cfg-scale 1.0 --height 1024 --width 1024 --steps 4";
checkEndpoint = "/";
ttl = 300;
aliases = [
"gpt-image-1"
"dall-e-3"
];
macros = {
diffusion_model = "${z-image-models}/models/z-image-turbo-Q4_K.gguf";
vae = "${z-image-models}/models/ae.safetensors";
llm = "${z-image-models}/models/Qwen3-4B-Instruct-2507-Q4_K_M.gguf";
};
};
"distil-whisper-v3.5" = {
cmd = "${whisper-server} --host 127.0.0.1 --port $\{PORT\} -m $\{model\} --request-path /v1/audio/transcriptions --inference-path \"\"";
checkEndpoint = "/v1/audio/transcriptions/";
ttl = 0;
aliases = [
"whisper"
"whisper-1"
];
macros.model = "${whisper-models}/models/distil-large-v3.5.bin";
};
"nb-whisper-small" = {
cmd = "${whisper-server} --host 127.0.0.1 --port $\{PORT\} -m $\{model\} --request-path /v1/audio/transcriptions --inference-path \"\" --language no";
checkEndpoint = "/v1/audio/transcriptions/";
ttl = 0;
aliases = [
"whisper-no"
"whisper-nb"
];
macros.model = "${whisper-models}/models/nb-whisper-small-q5_0.bin";
};
"omnivoice" = {
cmd = "${pkgs.bash}/bin/bash -c '${pkgs.systemd}/bin/systemctl start podman-omnivoice.service && exec sleep infinity'";
cmdStop = "${pkgs.systemd}/bin/systemctl stop podman-omnivoice.service";
checkEndpoint = "/v1/audio/voices";
proxy = "http://127.0.0.1:8091";
ttl = 900;
};
"kokoro" = {
cmd = "${podman} run --init --rm --name kokoro-tts -p $\{PORT\}:8880 ghcr.io/remsky/kokoro-fastapi-cpu:latest";
cmdStop = "${podman} stop kokoro-tts";
checkEndpoint = "/v1/audio/voices";
ttl = 900;
};
};
};
};
virtualisation.oci-containers.containers.omnivoice = {
image = "vllm/vllm-openai:nightly";
ports = [ "8091:8091" ];
environment = {
VLLM_DEVICE = "cpu";
};
cmd = [
"vllm"
"serve"
"k2-fsa/OmniVoice"
"--omni"
"--device"
"cpu"
"--port"
"8091"
"--trust-remote-code"
];
extraOptions = [ "--rm" ];
autoStart = false;
};
systemd.services.llama-swap = {
serviceConfig = {
StateDirectory = "llama-swap";
CacheDirectory = "llama-swap";
RuntimeDirectory = "llama-swap";
Environment = [
"HOME=/var/lib/llama-swap"
"XDG_CACHE_HOME=/var/cache/llama-swap"
"MESA_SHADER_CACHE_DIR=/var/cache/llama-swap/mesa"
];
DynamicUser = lib.mkForce false;
User = "root";
Group = "root";
PrivateDevices = lib.mkForce false;
PrivateTmp = lib.mkForce false;
PrivateMounts = lib.mkForce false;
PrivateUsers = lib.mkForce false;
ProtectClock = lib.mkForce false;
ProtectControlGroups = lib.mkForce false;
ProtectHome = lib.mkForce false;
ProtectKernelLogs = lib.mkForce false;
ProtectKernelModules = lib.mkForce false;
ProtectKernelTunables = lib.mkForce false;
ProtectSystem = lib.mkForce false;
ProtectHostname = lib.mkForce false;
ProtectProc = lib.mkForce "";
MemoryDenyWriteExecute = lib.mkForce false;
LockPersonality = lib.mkForce false;
NoNewPrivileges = lib.mkForce false;
RemoveIPC = lib.mkForce false;
RestrictNamespaces = lib.mkForce true;
RestrictRealtime = lib.mkForce false;
RestrictSUIDSGID = lib.mkForce false;
RestrictAddressFamilies = lib.mkForce [
"AF_INET"
"AF_INET6"
"AF_UNIX"
"AF_NETLINK"
];
CapabilityBoundingSet = lib.mkForce "";
SystemCallArchitectures = lib.mkForce "";
SystemCallFilter = lib.mkForce [ ];
SystemCallErrorNumber = lib.mkForce "";
ProcSubset = lib.mkForce "all";
};
};
}

16
modules/mealie.nix Normal file
View File

@@ -0,0 +1,16 @@
{
config,
pkgs,
lib,
...
}:
{
services.mealie = {
enable = true;
settings = {
ALLOW_SIGNUP = "true";
};
database.createLocally = true;
};
}

17
modules/miniflux.nix Normal file
View File

@@ -0,0 +1,17 @@
{
config,
pkgs,
lib,
...
}:
{
sops.secrets."miniflux/adminCredentialsFile" = {
restartUnits = [ "miniflux.service" ];
mode = "0755";
};
services.miniflux.enable = true;
services.miniflux.config.LISTEN_ADDR = "0.0.0.0:8089";
services.miniflux.adminCredentialsFile = config.sops.secrets."miniflux/adminCredentialsFile".path;
}

29
modules/nix.nix
View File

@@ -6,14 +6,10 @@
}:
{
imports = [ ];
imports = [ ./nixpkgs.nix ]; # migrate this afterwards.
system.rebuild.enableNg = true;
nixpkgs.config.allowUnfree = true;
nixpkgs.config.permittedInsecurePackages = [
# example "python3.11-youtube-dl-2021.12.17"
];
sops.secrets."github/api" = {
mode = "0444";
group = "root";
@@ -60,10 +56,13 @@
}
{
hostName = "aragon";
system = "x86_64-linux";
#system = "x86_64-linux";
# if the builder supports building for multiple architectures,
# replace the previous line by, e.g.,
# systems = ["x86_64-linux" "aarch64-linux"];
systems = [
"x86_64-linux"
"aarch64-linux"
];
maxJobs = 6;
speedFactor = 6001;
supportedFeatures = [ ];
@@ -74,22 +73,10 @@
system = "x86_64-linux";
maxJobs = 4;
speedFactor = 4001;
supportedFeatures = [ "cuda" ];
#supportedFeatures = [ "cuda" ];
supportedFeatures = [ ];
mandatoryFeatures = [ ];
}
{
hostName = "bolle.pbsds.net";
system = "x86_64-linux";
maxJobs = 6;
speedFactor = 6000;
}
{
hostName = "garp.pbsds.net";
system = "x86_64-linux";
maxJobs = 4;
# i7-6700
speedFactor = 4000;
}
];
distributedBuilds = true;

19
modules/nixpkgs.nix Normal file
View File

@@ -0,0 +1,19 @@
{
config,
pkgs,
lib,
...
}:
{
imports = [ ];
nixpkgs = {
config = {
allowUnfree = true;
permittedInsecurePackages = [
# example "python3.11-youtube-dl-2021.12.17"
];
};
};
}

51
modules/nvidia.nix Normal file
View File

@@ -0,0 +1,51 @@
{
config,
lib,
pkgs,
...
}:
{
# Enable OpenGL
hardware.graphics = {
enable = true;
enable32Bit = true;
};
# Load nvidia driver for Xorg and Wayland
services.xserver.videoDrivers = [ "nvidia" ];
boot = {
blacklistedKernelModules = [ "nouveau" ];
extraModulePackages = [ config.boot.kernelPackages.nvidia_x11 ];
initrd.kernelModules = [ "nvidia" ];
};
hardware.nvidia = {
modesetting.enable = true;
# Nvidia power management. Experimental, and can cause sleep/suspend to fail.
#powerManagement.enable = true;
# Fine-grained power management. Turns off GPU when not in use. Experimental and only works on modern Nvidia GPUs (Turing or newer).
powerManagement.finegrained = false;
# Use the NVidia open source kernel module (not to be confused with the independent third-party "nouveau" open source driver).
# Currently alpha-quality/buggy, so false is currently the recommended setting.
open = false; # need proprietary for cuda.
# Enable the Nvidia settings menu, accessible via `nvidia-settings`.
#nvidiaSettings = true;
# Optionally, you may need to select the appropriate driver version for your specific GPU.
package = config.boot.kernelPackages.nvidiaPackages.stable;
};
# Enable the CUDA toolkit
#install packages
environment.systemPackages = with pkgs; [
cudaPackages.cudatoolkit
cudaPackages.cudnn
nvtopPackages.nvidia
cudaPackages.nccl
pkgs.cudaPackages.libcublas
];
}

46
modules/ollama.nix Normal file
View File

@@ -0,0 +1,46 @@
{
config,
pkgs,
lib,
unstable,
...
}:
let
hostname = config.networking.hostName;
in
{
environment.systemPackages = [ pkgs.unstable.ollama ];
services.ollama = {
enable = true;
package = lib.mkDefault pkgs.unstable.ollama-vulkan;
acceleration = lib.mkDefault "vulkan";
host = "0.0.0.0";
openFirewall = true;
port = 11434;
home = "/var/lib/ollama";
environmentVariables = {
OLLAMA_CONTEXT_LENGTH = "32000";
};
# Preloaded models
loadModels = [
"qwen3:latest"
"qwen3:4b"
"glm-4.7-flash:latest"
"rnj-1:latest"
"lfm2.5-thinking:latest"
"qwen3-vl:4b"
"qwen3-vl:2b-instruct-q8_0"
"qwen3-vl:latest"
"gemma3:4b"
"ministral-3:3b"
"ministral-3:latest"
"granite3.2-vision"
"granite4:tiny-h"
"gpt-oss:20b"
];
};
}

36
modules/openssh.nix Normal file
View File

@@ -0,0 +1,36 @@
{
config,
pkgs,
lib,
...
}:
let
sshLookup = pkgs.writeShellScriptBin "ssh-lookup-root-pubs" ''
#!/bin/sh
cat /root/.ssh/*.pub 2>/dev/null
'';
in
{
services.openssh = {
enable = true;
settings.UseDns = true;
settings.PermitRootLogin = "prohibit-password";
startWhenNeeded = true;
ports = [ 6969 ];
openFirewall = true;
#settings.Ciphers = [
# "chacha20-poly1305@openssh.com"
# "aes256-gcm@openssh.com"
# "aes128-gcm@openssh.com"
# "aes256-ctr"
# # remove some weaker ciphers
#];
authorizedKeysCommand = "${sshLookup}";
};
services.endlessh-go = {
enable = true;
port = 22;
openFirewall = true;
};
services.sshguard.enable = true; # protection against brute force attacks
}

59
modules/openwebui.nix Normal file
View File

@@ -0,0 +1,59 @@
{
config,
pkgs,
lib,
...
}:
let
stateDir = "/var/lib/open-webui";
port = 11111;
in
{
virtualisation.podman.enable = true;
virtualisation.oci-containers.backend = "podman";
virtualisation.oci-containers.containers.openwebui = {
image = "ghcr.io/open-webui/open-webui:latest";
autoStart = true;
ports = [
"0.0.0.0:${toString port}:8080"
];
volumes = [
"${stateDir}/data:/app/backend/data"
"${stateDir}/static:/app/backend/static"
"${stateDir}/build:/app/frontend/build"
];
extraOptions = [ "--pull=newer" ];
environment = {
ANONYMIZED_TELEMETRY = "False";
DO_NOT_TRACK = "True";
SCARF_NO_ANALYTICS = "True";
WEBUI_AUTH = "True";
ENABLE_SIGNUP = "True";
DEFAULT_USER_ROLE = "pending";
ENV = "prod";
# Optional — helps internal routing
WEBUI_PORT = toString port;
WEBUI_HOST = "0.0.0.0";
};
};
# Create persistent state directories (like StateDirectory in systemd)
systemd.tmpfiles.rules = [
"d ${stateDir}/data 0755 root root - -"
"d ${stateDir}/static 0755 root root - -"
"d ${stateDir}/build 0755 root root - -"
];
# Optional — open firewall for access
networking.firewall.allowedTCPPorts = [ port ];
}

2
modules/pam.nix
View File

@@ -10,6 +10,8 @@
security.polkit.enable = true;
security.pam.services.gtklock = { };
security.pam.services.swaylock = { };
security.pam.services.swaylock-effects = { };

31
modules/pangolin.nix Normal file
View File

@@ -0,0 +1,31 @@
{
config,
pkgs,
lib,
...
}:
{
sops.secrets."pangolin/environmentFile" = {
restartUnits = [ "pangolin.service" ];
owner = "pangolin";
mode = "0755";
};
users.users.pangolin.extraGroups = [ "acme" ];
services.pangolin = {
enable = true;
openFirewall = true;
package = pkgs.unstable.fosrl-pangolin;
baseDomain = "lauterer.it";
dashboardDomain = "auth.lauterer.it";
dnsProvider = "domeneshop";
#settings
environmentFile = config.sops.secrets."pangolin/environmentFile".path;
#dataDir
};
}

26
modules/polkit.nix Normal file
View File

@@ -0,0 +1,26 @@
{
config,
pkgs,
lib,
...
}:
{
imports = [ ];
systemd = {
user.services.polkit-gnome-authentication-agent-1 = {
description = "polkit-gnome-authentication-agent-1";
wantedBy = [ "graphical-session.target" ];
wants = [ "graphical-session.target" ];
after = [ "graphical-session.target" ];
serviceConfig = {
Type = "simple";
ExecStart = "${pkgs.polkit_gnome}/libexec/polkit-gnome-authentication-agent-1";
Restart = "on-failure";
RestartSec = 1;
TimeoutStopSec = 10;
};
};
};
}

15
modules/powerprofiles.nix Normal file
View File

@@ -0,0 +1,15 @@
{
config,
pkgs,
lib,
...
}:
{
environment.systemPackages = with pkgs; [
power-profiles-daemon
];
services.power-profiles-daemon.enable = true;
}

52
modules/python-packages.nix Normal file
View File

@@ -0,0 +1,52 @@
ps: with ps; [
ipykernel
jupyter
jupyterlab
notebook
numpy
scipy
pandas
polars
matplotlib
seaborn
scikit-learn
scikit-image
sympy
nltk
huggingface-hub
datasets
tokenizers
transformers
accelerate
peft
bitsandbytes
torch
torchvision
lightning
keras
opencv-python
pillow
pyvista
vispy
pygame
tqdm
flask
flask-sqlalchemy
flask-socketio
werkzeug
gunicorn
requests
pyyaml
authlib
litellm
openai
langchain
langchain-community
pydantic
pydantic-core
docling-core
pycryptodome
flake8
pip
tkinter
]

91
modules/qbittorrent.nix Normal file
View File

@@ -0,0 +1,91 @@
{
config,
lib,
pkgs,
...
}:
let
dataLocation = "/lorien/media/";
in
{
sops.secrets."qbittorrent/interfaceAddress" = {
restartUnits = [ "qbittorrent-nox.service" ];
owner = "qbittorrent";
mode = "0755";
};
sops.templates."qbittorrent-interface-addr.conf".content = ''
# This is injected via sops template
interfaceAddress = "${config.sops.placeholder."qbittorrent/interfaceAddress"}";
'';
sops.templates."qbittorrent-interface-addr.conf".owner = "qbittorrent";
users.users.qbittorrent = {
group = lib.mkForce "media";
};
users.groups.qbittorrent = { };
services.qbittorrent = {
enable = true;
webuiPort = 8090;
torrentingPort = 44183;
serverConfig = {
LegalNotice.Accepted = true;
Meta.MigrationVersion = 6;
Network.PortForwardingEnabled = true;
Preferences = {
WebUI = {
AuthSubnetWhitelist = "192.168.1.0/24, 100.0.0.0/8";
AuthSubnetWhitelistEnabled = true;
UseUPnP = false;
};
BitTorrent = {
Session = {
AddExtensionToIncompleteFiles = true;
AlternativeGlobalDLSpeedLimit = 1000;
AlternativeGlobalUPSpeedLimit = 1000;
AnonymousModeEnabled = false;
BTProtocol = "Both";
BandwidthSchedulerEnabled = false;
DefaultSavePath = dataLocation + "Downloads";
Encryption = 1;
FinishedTorrentExportDirectory = dataLocation + "Downloads/torrents-complete";
GlobalDLSpeedLimit = 0;
GlobalMaxRatio = 1.5;
GlobalUPSpeedLimit = 0;
I2P.Enabled = true;
IgnoreLimitsOnLAN = true;
IncludeOverheadInLimits = true;
Interface = "tun0";
InterfaceAddress = "${config.sops.placeholder."qbittorrent/interfaceAddress"}";
#InterfaceAddress="${interfaceaddress}";
InterfaceName = "tun0";
LSDEnabled = "true";
MaxActiveCheckingTorrents = 15;
MaxRatioAction = 1;
Port = 44183;
Preallocation = true;
QueueingSystemEnabled = false;
SubcategoriesEnabled = true;
Tags = "movie, anime";
TempPath = "/Main/Data/media/Downloads/temp";
TempPathEnabled = true;
TorrentContentLayout = "Subfolder";
TorrentExportDirectory = dataLocation + "Downloads/torrents";
UseAlternativeGlobalSpeedLimit = false;
};
};
RSS = {
AutoDownloader = {
DownloadRepacks = true;
EnableProcessing = true;
SmartEpisodeFilter = "s(\\d+)e(\\d+), (\\d+)x(\\d+), \"(\\d{4}[.\\-]\\d{1,2}[.\\-]\\d{1,2})\", \"(\\d{1,2}[.\\-]\\d{1,2}[.\\-]\\d{4})\"";
};
Session.EnableProcessing = true;
};
General.Locale = "en";
};
};
};
}

21
modules/rtlsdr.nix Normal file
View File

@@ -0,0 +1,21 @@
{
config,
pkgs,
lib,
...
}:
{
hardware.rtl-sdr.enable = true;
environment.systemPackages = with pkgs; [
libusb1
pkgs.rtl-sdr
gqrx
cubicsdr
openwebrx
];
}

3
modules/sound.nix
View File

@@ -12,6 +12,9 @@
security.rtkit.enable = lib.mkDefault true;
services.pipewire = lib.mkDefault {
enable = true;
systemWide = true;
audio.enable = true;
alsa.enable = true;
alsa.support32Bit = true;
pulse.enable = true;

21
modules/steam.nix Normal file
View File

@@ -0,0 +1,21 @@
{ pkgs, lib, ... }:
{
nixpkgs.config.allowUnfreePredicate =
pkg:
builtins.elem (lib.getName pkg) [
"steam"
"steam-original"
"steam-run"
];
programs.steam = {
enable = true;
remotePlay.openFirewall = true; # Open ports in the firewall for Steam Remote Play
dedicatedServer.openFirewall = true; # Open ports in the firewall for Source Dedicated Server
};
environment.systemPackages = [
pkgs.steam-run
];
}

38
modules/thermal.nix Normal file
View File

@@ -0,0 +1,38 @@
{
config,
pkgs,
lib,
...
}:
{
services.thermald.enable = true;
environment.systemPackages = with pkgs; [
lm_sensors
];
systemd.services.thermal-log = {
description = "Periodic thermal logging to journal";
serviceConfig.Type = "oneshot";
path = with pkgs; [
lm_sensors
gnugrep
coreutils
util-linux
];
script = ''
TEMP=$(sensors 2>/dev/null | grep -i 'Tctl\|Tdie' | head -1 || echo "N/A")
logger -t thermal-log "CPU Temp: $TEMP"
'';
};
systemd.timers.thermal-log = {
wantedBy = [ "timers.target" ];
timerConfig = {
OnBootSec = "5min";
OnUnitActiveSec = "5min";
Persistent = true;
};
};
}

17
modules/unstable.nix Normal file
View File

@@ -0,0 +1,17 @@
{
config,
inputs,
...
}:
let
unstableOverlay = final: prev: {
unstable = import inputs.unstable {
inherit (final.stdenv.hostPlatform) system;
inherit (config.nixpkgs) config;
};
};
in
{
nixpkgs.overlays = [ unstableOverlay ];
}

26
modules/vaultvarden.nix Normal file
View File

@@ -0,0 +1,26 @@
{
config,
pkgs,
lib,
...
}:
{
environment.systemPackages = [
pkgs.system-sendmail
];
sops.secrets."vaultwarden/environmentFile" = {
restartUnits = [ "vaultwarden.service" ];
owner = "vaultwarden";
mode = "0755";
};
services.vaultwarden = {
enable = true;
environmentFile = config.sops.secrets."vaultwarden/environmentFile".path;
dbBackend = "sqlite";
backupDir = "/var/backup/vaultwarden";
};
}

13
modules/websdr.nix Normal file
View File

@@ -0,0 +1,13 @@
{
config,
pkgs,
lib,
...
}:
{
hardware.rtl-sdr.enable = true;
services.openwebrx.enable = true;
}

Some files were not shown because too many files have changed in this diff Show More