WIP: home/{hyprland,waybar}: init

also add smartd, systemd-lock-handler and usbtop

flake.nix

@@ -101,6 +101,8 @@
           inherit (nonrecursive-unstable-pkgs) atuin wstunnel;
         })
 
+        (import ./overlays/wayland-ime-integration.nix)
+
         # https://github.com/NixOS/nixpkgs/pull/251706
         (self: super: {
           mozc = self.qt6Packages.callPackage ./package-overrides/mozc.nix { };

home/config/gtk.nix

@@ -16,14 +16,16 @@
     gtk2.configLocation = "${config.xdg.configHome}/gtk-2.0/gtkrc";
 
     gtk3.bookmarks = map (s: "file://${config.home.homeDirectory}/${s}") [
-      "Dropbox"
       "Downloads"
+      "pictures"
+      "documents"
+      "music"
+      ".config"
+      ".local/share"
+      # "Dropbox"
+      "git"
       "git/pvv"
       "nix"
-      "NTNU"
-      "ng"
-      "git"
-      "music"
     ];
   };
 }

home/config/xdg/default.nix

@@ -9,13 +9,13 @@
     userDirs = {
       enable = true;
       desktop = "${config.home.homeDirectory}/Desktop";
-      documents = "${config.home.homeDirectory}/Documents";
+      documents = "${config.home.homeDirectory}/documents";
       download = "${config.home.homeDirectory}/Downloads";
       music = "${config.home.homeDirectory}/music";
-      pictures = "${config.home.homeDirectory}/Pictures";
+      pictures = "${config.home.homeDirectory}/pictures";
       publicShare = "${config.home.homeDirectory}/public";
       templates = "${config.home.homeDirectory}/templates";
-      videos = "${config.home.homeDirectory}/Videos";
+      videos = "${config.home.homeDirectory}/videos";
     };
   };
 }

home/home.nix

@@ -11,19 +11,18 @@ in {
 
     ./programs/atuin.nix
     ./programs/comma.nix
-    ./programs/direnv.nix
+    ./programs/direnv
     ./programs/gdb.nix
     ./programs/gh.nix
     ./programs/git
     ./programs/gpg
     ./programs/less.nix
-    ./programs/neovim.nix
+    ./programs/neovim
     ./programs/nix-index
-    ./programs/tealdeer.nix
+    ./programs/tealdeer
     ./programs/tmux.nix
     ./programs/zsh
 
-    ./services/git-maintenance.nix
     ./services/nix-channel-update.nix
     ./services/pueue.nix
 
@@ -35,25 +34,28 @@ in {
     ./programs/alacritty.nix
     ./programs/emacs
     ./programs/firefox.nix
+    ./programs/hyprland.nix
     ./programs/ncmpcpp.nix
     ./programs/newsboat
     ./programs/qutebrowser.nix
     ./programs/rofi.nix
     ./programs/taskwarrior.nix
-    ./programs/vscode.nix
+    ./programs/vscode
+    ./programs/waybar.nix
     # ./programs/xmobar
     ./programs/xmonad
     ./programs/zathura.nix
+    ./programs/zed
 
     ./services/copyq.nix
     ./services/dunst.nix
     ./services/fcitx5.nix
     ./services/mpd.nix
-    ./services/picom.nix
-    ./services/polybar.nix
-    ./services/screen-locker.nix
+    # ./services/picom.nix
+    # ./services/polybar.nix
+    # ./services/screen-locker.nix
     # ./services/stalonetray.nix
-    ./services/sxhkd.nix
+    # ./services/sxhkd.nix
     ./services/tumblerd.nix
   ];
 

home/packages.nix

@@ -13,7 +13,9 @@
     ffmpeg
     file
     gh-dash
+    glances
     gpg-tui
+    gping
     graphviz
     httpie
     imagemagick

home/programs/direnv/auto-prune.nix

@@ -0,0 +1,38 @@
+{ config, pkgs, lib, ... }:
+let
+  cfg = config.programs.direnv;
+in
+{
+  config = {
+    systemd.user.services.prune-allowed-direnv-dirs = {
+      Unit = {
+        Description = "Prune unused allowed directories for direnv";
+        Documentation = [ "man:direnv(1)" ];
+      };
+
+      Service = {
+        Type = "oneshot";
+        CPUSchedulingPolicy = "idle";
+        IOSchedulingClass = "idle";
+        ExecStart = "${lib.getExe cfg.package} prune";
+      };
+    };
+
+    systemd.user.timers.prune-allowed-direnv-dirs = {
+      Unit = {
+        Description = "Prune unused allowed directories for direnv";
+        Documentation = [ "man:direnv(1)" ];
+      };
+
+      Timer = {
+        Unit = "prune-allowed-direnv-dirs.service";
+        OnCalendar = "daily";
+        Persistent = true;
+      };
+
+      Install = {
+        WantedBy = [ "timers.target" ];
+      };
+    };
+  };
+}

home/programs/direnv/default.nix

@@ -1,5 +1,9 @@
 { ... }:
 {
+  imports = [
+    ./auto-prune.nix
+  ];
+
   programs.direnv = {
     enable = true;
     enableZshIntegration = true;

home/programs/git/default.nix

@@ -14,6 +14,10 @@ let
   ];
 in
 {
+  imports = [
+    ./maintenance-timers.nix
+  ];
+
   # TODO: convert to template once nix-sops supports it in hm module
   sops.secrets."git/nordicsemi-config" = { };
 
@@ -50,6 +54,7 @@ in
         authors = "shortlog --summary --numbered --email";
         si = "switch-interactive";
         rebase-author = "rebase -i -x \"git commit --amend --reset-author -CHEAD\"";
+        git = "!git";
       };
 
       extraConfig = {
@@ -84,6 +89,10 @@ in
 
         maintenance.strategy = "incremental";
 
+        scalar = {
+          repo = [ "${config.home.homeDirectory}/nixpkgs" ];
+        };
+
         transfer.fsckObjects = true;
 
         receive.fsckObjects = true;

home/programs/git/maintenance-timers.nix

@@ -42,6 +42,7 @@ in
 
     Timer = {
       Persistent = true;
+      OnCalendar = "%i";
     };
 
     Install = {

home/programs/gpg/auto-update-trust-db.nix

@@ -0,0 +1,61 @@
+{ config, pkgs, lib, ... }:
+let
+  cfg = config.programs.gpg;
+in
+{
+  options = {
+    programs.gpg.auto-update-trust-db = {
+      enable = lib.mkEnableOption "a timer that automatically updates your trust db";
+      frequency = lib.mkOption {
+        default = "daily";
+        type = lib.types.str;
+        description = ''
+          How often to update trust db
+
+          :::{.note}
+            This value is passed to the systemd
+            timer configuration as the onCalendar option.  See
+            {manpage}`systemd.time(7)`
+            for more information about the format.
+          :::
+        '';
+      };
+    };
+  };
+
+  config = {
+    systemd.user.services.update-trust-db = lib.mkIf cfg.auto-update-trust-db.enable {
+      Unit = {
+        Description = "Update gpg trust database";
+        Documentation = [ "man:gpg(1)" ];
+      };
+
+      Service = {
+        Type = "oneshot";
+        CPUSchedulingPolicy = "idle";
+        IOSchedulingClass = "idle";
+        ExecStart = "${lib.getExe cfg.package} --update-trustdb";
+        Environment = [
+          "GNUPGHOME=${cfg.homedir}"
+        ];
+      };
+    };
+
+    systemd.user.timers.gpg-refresh-keys = lib.mkIf cfg.auto-update-trust-db.enable {
+      Unit = {
+        Description = "Update gpg trust database";
+        Documentation = [ "man:gpg(1)" ];
+      };
+
+      Timer = {
+        Unit = "update-trust-db.service";
+        OnCalendar = cfg.auto-update-trust-db.frequency;
+        Persistent = true;
+      };
+
+      Install = {
+        WantedBy = [ "timers.target" ];
+      };
+    };
+  };
+}

home/programs/gpg/default.nix

@@ -2,6 +2,7 @@
 {
   imports = [
     ./auto-refresh-keys.nix
+    ./auto-update-trust-db.nix
     ./declarative-key-fetcher.nix
   ];
 

home/programs/hyprland.nix

@@ -0,0 +1,342 @@
+{ config, pkgs, lib, ... }:
+let
+  cfg = config.wayland.windowManager.hyprland;
+in
+{
+  home.sessionVariables = {
+    WLR_NO_HARDWARE_CURSORS = "1";
+    WLR_RENDERER_ALLOW_SOFTWARE = "1";
+    XDG_CURRENT_DESKTOP = "Hyprland";
+    XDG_SESSION_DESKTOP = "Hyprland";
+    XDG_SESSION_TYPE = "wayland";
+    GDK_BACKEND = "wayland,x11,*";
+    QT_QPA_PLATFORM = "wayland;xcb";
+    NIXOS_OZONE_WL = "1";
+    MOZ_ENABLE_WAYLAND = "1";
+    SDL_VIDEODRIVER = "wayland";
+    OZONE_PLATFORM = "wayland";
+    CLUTTER_BACKEND = "wayland";
+    QT_WAYLAND_DISABLE_WINDOWDECORATION = "1";
+    # QT_QPA_PLATFORMTHEME = "qt6ct";
+    QT_AUTO_SCREEN_SCALE_FACTOR = "1";
+
+    LIBVA_DRIVER_NAME = "nvidia";
+    GBM_BACKEND = "nvidia-drm";
+    __GLX_VENDOR_LIBRARY_NAME = "nvidia";
+  };
+
+  home.packages = with pkgs; [
+    wl-clipboard-rs
+  ];
+
+  programs.hyprlock = {
+    enable = true;
+    settings = {
+      general = {
+        disable_loading_bar = true;
+        grace = 300;
+        hide_cursor = true;
+        no_fade_in = false;
+      };
+    
+      background = [
+        {
+          path = "screenshot";
+          blur_passes = 3;
+          blur_size = 8;
+        }
+      ];
+    
+      input-field = [
+        {
+          size = "200, 50";
+          position = "0, -80";
+          monitor = "";
+          dots_center = true;
+          fade_on_empty = false;
+          font_color = "rgb(202, 211, 245)";
+          inner_color = "rgb(91, 96, 120)";
+          outer_color = "rgb(24, 25, 38)";
+          outline_thickness = 5;
+          placeholder_text = ''Password...'';
+          shadow_passes = 2;
+        }
+      ];
+    };
+  };
+
+  services.hypridle = {
+    enable = true;
+    settings = {
+      general = {
+        ignore_dbus_inhibit = false;
+        lock_cmd = "pidof hyprlock || hyprlock";
+        before_sleep_cmd = "loginctl lock-session";
+        after_sleep_cmd = "hyprctl dispatch dpms on";
+      };
+
+      listener = [
+        {
+          timeout = 900;
+          on-timeout = "hyprlock";
+        }
+        {
+          timeout = 1200;
+          on-timeout = "hyprctl dispatch dpms off";
+          on-resume = "hyprctl dispatch dpms on";
+        }
+      ];
+    };
+  };
+
+  wayland.windowManager.hyprland = {
+    enable = true;
+
+    settings = let
+      scratchpads = [
+        (rec {
+          title = "Floating terminal";
+          class = "floatingTerminal";
+          command = "alacritty --class ${class} -e tmux new-session -A -s f";
+          size = { h = 90; w = 95; };
+          keys = [
+            "$mod, RETURN"
+            "$mod, SPACE"
+          ];
+        })
+        (rec {
+          title = "Ncmpcpp";
+          class = "floatingNcmpcpp";
+          command = "alacritty --class ${class} -e ncmpcpp";
+          size = { h = 95; w = 95; };
+          keys = [ "$mod, Q" ];
+        })
+        # "$mod, W, emacs"
+        # "$mod, E, filebrowser"
+        # "$mod, X, taskwarriortui"
+      ];
+    in {
+      "$mod" = "SUPER";
+
+      # https://github.com/xkbcommon/libxkbcommon/blob/master/include/xkbcommon/xkbcommon-keysyms.h
+      bind = [
+        "$mod SHIFT, Q, exit"
+        "$mod, R, exec, ${pkgs.rofi}/bin/rofi -show drun"
+        "$mod, T, togglefloating"
+
+        # TODO: fix this for upcoming releases
+        "$mod, F, fullscreen, 2"
+        "$mod, C, exec, hyprctl reload"
+
+        "$mod, BACKSPACE, exec, ${lib.getExe (pkgs.writeShellApplication {
+          name = "hyprland-kill-windows-except-scratchpads";
+          runtimeInputs = [ cfg.package pkgs.jq ];
+          text = ''
+            ACTIVE_WINDOW_CLASS=$(hyprctl activewindow -j | jq -r '.class')
+
+            case "$ACTIVE_WINDOW_CLASS" in
+            ${lib.pipe scratchpads [
+              (map ({ class , ... }: ''
+                '${class}')
+                  hyprctl dispatch togglespecialworkspace '${class}Ws'
+                  ;;
+              ''))
+              (map (lib.splitString "\n"))
+              (lib.flatten)
+              (map (x: "  " + x))
+              (lib.concatStringsSep "\n")
+            ]}
+              *)
+                hyprctl dispatch killactive
+                ;;
+            esac
+          '';
+        })}"
+
+        "$mod SHIFT, RETURN, exec, alacritty --class termTerminal -e tmux new-session -A -s term"
+        "$mod SHIFT, SPACE, exec, alacritty --class termTerminal -e tmux new-session -A -s term"
+
+        "$mod, j, layoutmsg,cyclenext"
+        "$mod, k, layoutmsg,cycleprev"
+        "$mod SHIFT, j, layoutmsg, swapnext"
+        "$mod SHIFT, k, layoutmsg, swapprev"
+
+        "$mod, 1, focusworkspaceoncurrentmonitor, 1"
+        "$mod, 2, focusworkspaceoncurrentmonitor, 2"
+        "$mod, 3, focusworkspaceoncurrentmonitor, 3"
+        "$mod, 4, focusworkspaceoncurrentmonitor, 4"
+        "$mod, 5, focusworkspaceoncurrentmonitor, 5"
+        "$mod, 6, focusworkspaceoncurrentmonitor, 6"
+        "$mod, 7, focusworkspaceoncurrentmonitor, 7"
+        "$mod, 8, focusworkspaceoncurrentmonitor, 8"
+        "$mod, 9, focusworkspaceoncurrentmonitor, 9"
+
+        "$mod SHIFT, 1, movetoworkspacesilent, 1"
+        "$mod SHIFT, 2, movetoworkspacesilent, 2"
+        "$mod SHIFT, 3, movetoworkspacesilent, 3"
+        "$mod SHIFT, 4, movetoworkspacesilent, 4"
+        "$mod SHIFT, 5, movetoworkspacesilent, 5"
+        "$mod SHIFT, 6, movetoworkspacesilent, 6"
+        "$mod SHIFT, 7, movetoworkspacesilent, 7"
+        "$mod SHIFT, 8, movetoworkspacesilent, 8"
+        "$mod SHIFT, 9, movetoworkspacesilent, 9"
+
+        "$mod, b, exec, ${pkgs.fcitx5}/bin/fcitx5-remote -s mozc"
+        "$mod, n, exec, ${pkgs.fcitx5}/bin/fcitx5-remote -s keyboard-no"
+        "$mod, m, exec, ${pkgs.fcitx5}/bin/fcitx5-remote -s keyboard-us"
+
+        # TODO: ensure exists in environment
+        "$mod, l, exec, loginctl lock-session"
+
+        # TODO: fix
+        # "super + minus" = "${pkgs.xcalib}/bin/xcalib -invert -alter"
+
+        # TODO: fix
+        ", Print, exec, ${lib.getExe pkgs.grimblast} copy area"
+
+        # "SHIFT, Print, exec, ${lib.getExe pkgs.grimblast} copy area"
+        # "shift + @Print" = "${pkgs.maim}/bin/maim --hidecursor --nokeyboard $SCREENSHOT_DIR/$(date +%s).png"
+
+        # TODO: Add boomer as package
+        # "super + @Print" = "boomer"
+      ]
+      ++
+      (lib.pipe scratchpads [
+        (map ({ keys, command, class, ... }:
+          (map (key: let
+            # TODO: rewrite the scratchpad logic to move windows back and forth
+            #       from the special workspaces, rather than overlay the workspaces.
+            #
+            # TODO: don't invoke the program upon close toggling the scratchpad
+            #
+            # TODO: ensure program becomes in focus upon open toggling the scratchpad
+            invokeIfNotRunningAndToggleWorkspace = pkgs.writeShellApplication {
+              name = "hyprland-toggle-scratchpad-${class}";
+              runtimeInputs = [ cfg.package pkgs.jq ];
+              text = ''
+                SCRATCHPAD_EXISTS=$(hyprctl clients -j | jq -r '[.[].class]|any(. == "${class}")')
+
+                if [ "$SCRATCHPAD_EXISTS" != "true" ]; then
+                  ${command} &
+                fi
+
+                hyprctl dispatch togglespecialworkspace '${class}Ws'
+              '';
+            };
+          in "${key}, exec, ${lib.getExe invokeIfNotRunningAndToggleWorkspace}"
+          ) keys)
+        ))
+        lib.flatten
+      ]);
+
+      bindl = [
+        "$mod, p, exec, ${pkgs.mpc_cli}/bin/mpc toggle"
+        ",XF86AudioPlay, exec, ${pkgs.mpc_cli}/bin/mpc toggle"
+        ",XF86AudioPrev, exec, ${pkgs.mpc_cli}/bin/mpc prev"
+        ",XF86AudioNext, exec, ${pkgs.mpc_cli}/bin/mpc next"
+      ];
+
+      bindle = [
+        ",XF86MonBrightnessUp, exec, ${lib.getExe pkgs.brightnessctl} s +5%"
+        ",XF86MonBrightnessDown, exec, ${lib.getExe pkgs.brightnessctl} s 5%-"
+        ",XF86AudioLowerVolume, exec, ${pkgs.wireplumber}/bin/wpctl set-volume @DEFAULT_AUDIO_SINK@ 2%-"
+        ",XF86AudioRaiseVolume, exec, ${pkgs.wireplumber}/bin/wpctl set-volume @DEFAULT_AUDIO_SINK@ 2%+"
+        "$mod ,F7, exec, ${pkgs.wireplumber}/bin/wpctl set-volume @DEFAULT_AUDIO_SINK@ 2%-"
+        "$mod ,F8, exec, ${pkgs.wireplumber}/bin/wpctl set-volume @DEFAULT_AUDIO_SINK@ 2%+"
+      ];
+
+      windowrulev2 = [
+        "float,class:(Rofi)"
+
+        "workspace 2,class:(firefox)"
+        "workspace 2,class:(google-chrome)"
+
+        "workspace 3,class:(Emacs)"
+        "workspace 3,class:(Code)"
+        "workspace 3,class:(code-url-handler)"
+
+        "workspace 5,class:(discord)"
+        "workspace 5,class:(Element)"
+      ]
+      ++
+      (lib.pipe scratchpads [
+        (map ({ class, size, ... }: [
+          "workspace special:${class}Ws, class:^${class}$"
+          "float, class:^${class}$"
+          "size ${toString size.w}% ${toString size.h}%, class:^${class}$"
+          "move ${toString ((100 - size.w) / 2)}% ${toString ((100 - size.h) / 2)}%, class:^${class}$"
+        ]))
+        lib.flatten
+      ]);
+
+      monitor = [
+        "DP-2, 1920x1080@144.00Hz, 0x0, 1"
+        "DVI-D-1, 1920x1080@144.00Hz, 1920x0, 1"
+        ",preferred,auto,1"
+      ];
+
+      general = {
+        gaps_in = 5;
+        gaps_out = 15;
+
+        border_size = 2;
+
+        "col.active_border" = "rgba(33ccffee) rgba(00ff99ee) 45deg";
+        "col.inactive_border" = "rgba(595959aa)";
+
+        resize_on_border = false;
+        allow_tearing = false;
+        layout = "master";
+      };
+
+      decoration = {
+        rounding = 10;
+
+        # Change transparency of focused and unfocused windows
+        active_opacity = 1.0;
+        inactive_opacity = 1.0;
+
+        drop_shadow = true;
+        shadow_range = 4;
+        shadow_render_power = 3;
+        "col.shadow" = "rgba(1a1a1aee)";
+
+        # https://wiki.hyprland.org/Configuring/Variables/#blur
+        blur = {
+          enabled = true;
+          size = 3;
+          passes = 1;
+
+          vibrancy = 0.1696;
+        };
+      };
+
+      animations.enabled = false;
+
+      master = {
+          new_status = "slave";
+      };
+
+      misc = {
+          force_default_wallpaper = 0; # Set to 0 or 1 to disable the anime mascot wallpapers
+          disable_hyprland_logo = false; # If true disables the random hyprland logo / anime girl background. :(
+      };
+
+      input ={
+          kb_layout = "us";
+          kb_variant = "";
+          kb_model = "";
+          kb_options = "";
+          kb_rules = "";
+
+          follow_mouse = 1;
+
+          sensitivity = 0; # -1.0 - 1.0, 0 means no modification.
+
+          touchpad = {
+              natural_scroll = false;
+          };
+      };
+    };
+  };
+}

home/programs/neovim/auto-clean-swapfiles.nix

@@ -0,0 +1,56 @@
+{ config, pkgs, lib, ... }:
+let
+  daysBeforeDeletion = 2;
+in
+{
+  config = {
+    systemd.user.services.clean-neovim-swap-files = {
+      Unit = {
+        Description = "Clean old swap files for neovim";
+      };
+
+      Service = {
+        Type = "oneshot";
+        CPUSchedulingPolicy = "idle";
+        IOSchedulingClass = "idle";
+        ExecStart = lib.getExe (pkgs.writeShellApplication {
+          name = "clean-neovim-swap-files";
+          runtimeInputs = with pkgs; [ findutils ];
+          text = ''
+            echo "Cleaning old swap files for neovim"
+
+            OLD_SWAPFILES=$(find "${config.xdg.stateHome}/nvim/swap" -type f -name '*.swp' -mtime +${toString daysBeforeDeletion})
+
+            if [ -z "$OLD_SWAPFILES" ]; then
+              echo "No old swap files found"
+              exit 0
+            fi
+
+            for swapfile in $OLD_SWAPFILES; do
+              echo "Removing $swapfile"
+              rm -- "$swapfile"
+            done
+
+            echo "Done"
+          '';
+        });
+      };
+    };
+
+    systemd.user.timers.clean-neovim-swap-files = {
+      Unit = {
+        Description = "Clean old swap files for neovim";
+      };
+
+      Timer = {
+        Unit = "clean-neovim-swap-files.service";
+        OnCalendar = "daily";
+        Persistent = true;
+      };
+
+      Install = {
+        WantedBy = [ "timers.target" ];
+      };
+    };
+  };
+}

home/programs/neovim/default.nix

@@ -1,5 +1,9 @@
 { pkgs, home, ... }:
 {
+  imports = [
+    ./auto-clean-swapfiles.nix
+  ];
+
   programs.neovim = {
     enable = true;
 
@@ -17,6 +21,7 @@
       vim-surround
       vim-fugitive
       vim-css-color
+      vim-wayland-clipboard
       semshi
       {
         plugin = goyo-vim;

home/programs/newsboat/default.nix

@@ -16,6 +16,10 @@ in {
     maxItems = 50;
     browser = ''"${defaultBrowser}"'';
     extraConfig = lib.strings.concatStringsSep "\n" [
+      ''
+        auto-reload no
+      ''
+
       ''
         macro m set browser "${videoViewer}"; open-in-browser ; set browser "${defaultBrowser}"
         macro l set browser "${defaultBrowser}"; open-in-browser ; set browser "${defaultBrowser}"

home/programs/newsboat/sources.nix

@@ -37,5 +37,6 @@ in {
     (mkSource [ "tech" "linux" "nixos" ] "https://myme.no/feed.xml")
     (mkSource [ "tech" "linux" "nixos" "compilers" ] "https://flyx.org/feed.xml")
     (mkSource [ "tech" "linux" ] "https://blog.jfx.ac/feed.xml")
+    (mkSource [ "tech" "linux" "nixos" ] "https://dandellion.xyz/atom.xml")
   ];
 }

home/programs/nix-index/fetch-nix-index-database.nix

@@ -34,6 +34,7 @@ in
         ExecStart = lib.getExe (pkgs.writeShellApplication {
           name = "fetch-nix-index-database";
           runtimeInputs = with pkgs; [
+            coreutils
             gnused
             wget
           ];

home/programs/tealdeer/auto-update-tldr-db.nix

@@ -1,10 +1,8 @@
 { pkgs, lib, ... }:
 {
-  programs.tealdeer.enable = true;
-
-  systemd.user.services.tealdeer-refresh = {
+  systemd.user.services.update-tldr-db = {
     Unit = {
-      Description = "Refresh tealdeer contents";
+      Description = "Update tealdeer database";
     };
 
     Service = {
@@ -15,13 +13,13 @@
     };
   };
 
-  systemd.user.timers.tealdeer-refresh = {
+  systemd.user.timers.update-tldr-db = {
     Unit = {
-      Description = "Refresh tealdeer contents";
+      Description = "Update tealdeer database";
     };
 
     Timer = {
-      Unit = "tealdeer-refresh.service";
+      Unit = "update-tldr-db.service";
       OnCalendar = "daily";
       Persistent = true;
     };

home/programs/tealdeer/default.nix

@@ -0,0 +1,8 @@
+{ pkgs, lib, ... }:
+{
+  imports = [
+    ./auto-update-tldr-db.nix
+  ];
+
+  programs.tealdeer.enable = true;
+}

home/programs/vscode/auto-update-extensions.nix

@@ -0,0 +1,35 @@
+{ config, lib, ... }:
+let
+  cfg = config.programs.vscode;
+in
+{
+  # TODO: add `dirname` to $PATH upstream
+  systemd.user.services.update-vscode-extensions = {
+    Unit = {
+      Description = "Update vscode extensions";
+    };
+
+    Service = {
+      Type = "oneshot";
+      CPUSchedulingPolicy = "idle";
+      IOSchedulingClass = "idle";
+      ExecStart = "${lib.getExe cfg.package} --update-extensions";
+    };
+  };
+
+  systemd.user.timers.update-vscode-extensions = {
+    Unit = {
+      Description = "Update vscode extensions";
+    };
+
+    Timer = {
+      Unit = "update-vscode-extensions.service";
+      OnCalendar = "daily";
+      Persistent = true;
+    };
+
+    Install = {
+      WantedBy = [ "timers.target" ];
+    };
+  };
+}

home/programs/vscode/default.nix

@@ -14,6 +14,11 @@ let
   configFilePath = "${userDir}/settings.json";
 in
 {
+  imports = [
+    ./auto-update-extensions.nix
+    # ./extensions
+  ];
+
   home.file.${configFilePath} = {
     target = "${configFilePath}.ro";
     onChange = ''install -m660 $(realpath "${configFilePath}.ro") "${configFilePath}"'';

home/programs/waybar.nix

@@ -0,0 +1,239 @@
+{ config, pkgs, lib, ... }:
+let
+  cfg = config.programs.waybar;
+  cfgs = cfg.settings.mainBar;
+in
+{
+  programs.waybar = {
+    enable = true;
+    systemd.enable = true;
+
+    settings = {
+      mainBar = {
+        layer = "top";
+        position = "top";
+        height = 30;
+
+        # TODO: configure this per machine
+        output = [ "DP-2" ];
+
+        modules-left = [ "hyprland/workspaces"  ];
+        modules-center = [ "clock" ];
+        modules-right = [ "mpd" "cpu" "memory" "wireplumber" "pulseaudio/slider" "tray" ];
+
+        "hyprland/workspaces" = {
+          all-outputs = true;
+          disable-scroll = true;
+          persistent-workspaces = {
+            ${lib.head cfgs.output} = [ 1 2 3 4 5 6 7 8 ];
+          };
+        };
+
+        "mpd" = {
+          format = "{filename}";
+        };
+
+        "cpu" = {
+          format = "[#] {usage}%";
+        };
+
+        "memory" = {
+          format = "{used}/{total}Gb";
+        };
+
+        "wireplumber" = {
+          format = "{volume}% {icon}";
+          format-muted = "[M]";
+        };
+
+        "pulseaudio/slider" = {
+          orientation = "horizontal";
+        };
+
+        "tray" = {
+          icon-size = 20;
+          spacing = 8;
+        };
+      };
+    };
+
+    style = let
+      c = config.colors.defaultColorSet;
+    in ''
+      * {
+          font-family: FiraCode, FontAwesome, Roboto, Helvetica, Arial, sans-serif;
+          font-size: 13px;
+      }
+
+      window#waybar {
+          background-color: ${c.background};
+          color: ${c.foreground};
+      }
+
+      #pulseaudio-slider trough {
+          min-height: 10px;
+          min-width: 100px;
+      }
+
+      /**** DEFAULT ****/
+
+      window#waybar.hidden {
+          opacity: 0.2;
+      }
+
+      button {
+          /* Use box-shadow instead of border so the text isn't offset */
+          box-shadow: inset 0 -3px transparent;
+          /* Avoid rounded borders under each button name */
+          border: none;
+          border-radius: 0;
+      }
+
+      /* https://github.com/Alexays/Waybar/wiki/FAQ#the-workspace-buttons-have-a-strange-hover-effect */
+      button:hover {
+          background: inherit;
+          box-shadow: inset 0 -3px #ffffff;
+      }
+
+
+      #workspaces button.empty {
+          color: ${c.yellow};
+      }
+
+      #workspaces button {
+          padding: 0 5px;
+          color: ${c.magenta};
+          background-color: transparent;
+      }
+
+      #workspaces button.visible {
+          color: ${c.green};
+      }
+
+      #workspaces button.urgent {
+          background-color: ${c.red};
+      }
+
+      #workspaces button:hover {
+          background: rgba(0, 0, 0, 0.2);
+      }
+
+      #mode {
+          background-color: #64727D;
+          box-shadow: inset 0 -3px #ffffff;
+      }
+
+      #clock,
+      #battery,
+      #cpu,
+      #memory,
+      #disk,
+      #temperature,
+      #backlight,
+      #network,
+      #pulseaudio,
+      #wireplumber,
+      #custom-media,
+      #tray,
+      #mode,
+      #idle_inhibitor,
+      #scratchpad,
+      #power-profiles-daemon,
+      #mpd {
+          padding: 0 10px;
+          color: ${c.foreground};
+      }
+
+      #window,
+      #workspaces {
+          margin: 0 4px;
+      }
+
+      /* If workspaces is the leftmost module, omit left margin */
+      .modules-left > widget:first-child > #workspaces {
+          margin-left: 0;
+      }
+
+      /* If workspaces is the rightmost module, omit right margin */
+      .modules-right > widget:last-child > #workspaces {
+          margin-right: 0;
+      }
+
+      #clock {
+          background-color: #64727D;
+      }
+
+      #cpu {
+          background-color: ${c.cyan};
+          color: #000000;
+      }
+
+      #memory {
+          background-color: ${c.yellow};
+          color: #000000;
+      }
+
+      #network {
+          background-color: #2980b9;
+      }
+
+      #network.disconnected {
+          background-color: #f53c3c;
+      }
+
+      #pulseaudio {
+          background-color: #f1c40f;
+          color: #000000;
+      }
+
+      #pulseaudio.muted {
+          background-color: #90b1b1;
+          color: #2a5c45;
+      }
+
+      #wireplumber {
+          background-color: #fff0f5;
+          color: #000000;
+      }
+
+      #wireplumber.muted {
+          background-color: #f53c3c;
+      }
+
+      #tray {
+          background-color: #2980b9;
+      }
+
+      #tray > .passive {
+          -gtk-icon-effect: dim;
+      }
+
+      #tray > .needs-attention {
+          -gtk-icon-effect: highlight;
+          background-color: #eb4d4b;
+      }
+
+      #mpd {
+          background-color: #66cc99;
+          color: #2a5c45;
+      }
+
+      #mpd.disconnected {
+          background-color: #f53c3c;
+      }
+
+      #mpd.stopped {
+          background-color: #90b1b1;
+      }
+
+      #mpd.paused {
+          background-color: #51a37a;
+      }
+    '';
+    # background-color: rgba(0,0,0,0);
+    # border-bottom: 3px solid rgba(100, 114, 125, 0.5);
+
+    #style = ''
+    #'';
+  };
+}

home/programs/zed/default.nix

@@ -0,0 +1,34 @@
+{ config, pkgs, lib, ... }:
+{
+  home.packages = with pkgs; [ zed-editor ];
+
+  xdg.configFile."zed/settings.json".source = let
+    format = pkgs.formats.json { };
+  in format.generate "zed-settings.json" {
+    autosave = "off";
+    buffer_font_family = "Fira Code";
+    load_direnv = "shell_hook";
+    format_on_save = "off";
+
+    telemetry = {
+      diagnostics = false;
+      metrics = false;
+    };
+
+    vim_mode = true;
+
+    theme = {
+      mod = "dark";
+      dark = "monokai Classic";
+    };
+  };
+
+  xdg.configFile."zed/themes/monokai.json".source = let
+    package = pkgs.fetchFromGitHub {
+      owner = "billgo";
+      repo = "monokai";
+      rev = "061a86ff4845b11ac2f183c2e26c77b15cfae7d0";
+      hash = "sha256-mlEcgnLStYH1pV3p1iqNSvfVu4MpvpEOc+vxI+90MJs=";
+    };
+  in "${package}/themes/monokai.json";
+}

home/services/dunst.nix

@@ -13,9 +13,9 @@
         class = "Dunst";
         browser = "${pkgs.xdg-utils}/bin/xdg-open";
 
-        offset = let 
-          status-bar-height = config.services.polybar.settings."bar/top".height;
-        in "15x${toString (status-bar-height + 10)}";
+        # offset = let
+        #   status-bar-height = config.services.polybar.settings."bar/top".height;
+        # in "15x${toString (status-bar-height + 10)}";
 
         corner_radius = 0;
         font = "Droid Sans 9";

hosts/common/default.nix

@@ -3,102 +3,28 @@ let
   inherit (config) machineVars;
 in {
   imports = [
-    ./nix-builders/bob.nix
-    ./nix-builders/isvegg.nix
-    ./nix-builders/tsuki.nix
+    ./fonts.nix
+    ./nix.nix
+
+    ./programs/gnupg.nix
+    ./programs/neovim.nix
+    ./programs/nix-ld.nix
+    ./programs/ssh.nix
+    ./programs/usbtop.nix
+
+    ./services/dbus.nix
+    ./services/openssh.nix
+    ./services/pcscd.nix
+    ./services/pipewire.nix
+    ./services/printing.nix
+    ./services/resolved.nix
+    ./services/smartd.nix
+    ./services/systemd-lock-handler.nix
+    ./services/xserver.nix
   ];
 
   sops.defaultSopsFile = ./../.. + "/secrets/${config.networking.hostName}.yaml";
 
-  sops.secrets = {
-    "nix/access-tokens" = { sopsFile = ./../../secrets/common.yaml; };
-
-    "ssh/secret-config" = {
-      sopsFile = ./../../secrets/common.yaml;
-      mode = "0444";
-    };
-  };
-
-  nix = {
-    package = unstable-pkgs.nixVersions.stable;
-    distributedBuilds = config.networking.hostName != "tsuki";
-
-    settings = {
-      allow-dirty = true;
-      allowed-uris = [ "http://" "https://" ];
-      auto-optimise-store = true;
-      binary-caches = [ "https://cache.nixos.org/" ];
-      builders-use-substitutes = true;
-      experimental-features = [ "nix-command" "flakes" ];
-      log-lines = 50;
-      trusted-users = [ "h7x4" "nix-builder" ];
-      use-xdg-base-directories = true;
-    };
-
-    extraOptions = ''
-      !include ${config.sops.secrets."nix/access-tokens".path}
-    '';
-
-    registry = {
-      home.to = {
-        type = "path";
-        path = "/home/h7x4/nix";
-      };
-      wack.to = {
-        type = "path";
-        path = "/home/h7x4/git/wack-ctf-flake";
-      };
-      nxpt.to = {
-        type = "path";
-        path = "/home/h7x4/git/nixpkgs-tools";
-      };
-    };
-  };
-
-  programs.nix-ld = {
-    enable = true;
-    libraries = with pkgs; [
-      libusb1
-    ];
-  };
-
-  programs.ssh = {
-    extraConfig = ''
-      Include ${config.sops.secrets."ssh/secret-config".path}
-    '';
-
-    knownHosts = {
-      bob = {
-        hostNames = [
-          "bob.pvv.ntnu.no"
-          "bob.pvv.org"
-        ];
-        publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGJSgh20qDIYEXiK4MUZhc879dJIyH0K/s0RZ+9wFI0F";
-      };
-      hildring = {
-        hostNames = [
-          "hildring.pvv.ntnu.no"
-          "hildring.pvv.org"
-          "login.pvv.ntnu.no"
-          "login.pvv.org"
-        ];
-        publicKey = "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBGurF7rdnrDP/VgIK2Tx38of+bX/QGCGL+alrWnZ1Ca5llGneMulUt1RB9xZzNLHiaWIE+HOP0i4spEaeZhilfU=";
-      };
-      isvegg = {
-        hostNames = [
-          "isvegg.pvv.ntnu.no"
-          "isvegg.pvv.org"
-        ];
-        publicKey = "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBGurF7rdnrDP/VgIK2Tx38of+bX/QGCGL+alrWnZ1Ca5llGneMulUt1RB9xZzNLHiaWIE+HOP0i4spEaeZhilfU=";
-      };
-    #   tsukir = {
-    #     hostNames = [ "nani.wtf" "gingakei.loginto.me" ];
-    #     # publicKeyFile = config.sops.secrets."ssh/nix-builders/tsuki/pub".path;
-    #     publicKeyFile = "/var/keys/tsuki_nix-builder.pub";
-    #   };
-    };
-  };
-
   time.timeZone = "Europe/Oslo";
 
   console = {
@@ -162,49 +88,6 @@ in {
           else (lib.mkIf (fixDisplayCommand != null) fixDisplayCommand));
   };
 
-  fonts = {
-    fontDir.enable = true;
-
-    enableDefaultPackages = true;
-    packages = with pkgs; [
-      ark-pixel-font
-      cm_unicode
-      corefonts
-      dejavu_fonts
-      fira-code
-      fira-code-symbols
-      iosevka
-      ipaexfont
-      ipafont
-      liberation_ttf
-      migmix
-      noto-fonts
-      noto-fonts-cjk-sans
-      noto-fonts-cjk-serif
-      noto-fonts-emoji
-      ocr-a
-      open-sans
-      powerline-fonts
-      source-han-sans
-      source-sans
-      symbola
-      texlivePackages.asana-math
-      ubuntu_font_family
-      victor-mono
-      yasashisa-gothic
-      (nerdfonts.override { fonts = [ "FiraCode" "DroidSansMono" ]; })
-    ];
-
-    fontconfig = {
-      defaultFonts = {
-        serif = [ "Droid Sans Serif" "Ubuntu" ];
-        sansSerif = [ "Droid Sans" "Ubuntu" ];
-        monospace = [ "Fira Code" "Ubuntu" ];
-        emoji = [ "Noto Sans Emoji" ];
-      };
-    };
-  };
-
   users = {
     users.h7x4 = {
       isNormalUser = true;
@@ -233,21 +116,7 @@ in {
   };
 
   services = {
-    tumbler.enable = !config.machineVars.headless;
     gnome.gnome-keyring.enable = !config.machineVars.headless;
-    printing.enable = !config.machineVars.headless;
-
-    resolved.enable = true;
-
-    openssh = {
-      startWhenNeeded = true;
-      settings = {
-        StreamLocalBindUnlink = true;
-        PasswordAuthentication = false;
-        KbdInteractiveAuthentication = false;
-        PermitRootLogin = "no";
-      };
-    };
 
     udev.packages = with pkgs; [
       yubikey-personalization
@@ -255,49 +124,10 @@ in {
       light
     ];
 
-    pcscd.enable = true;
-
-    dbus = {
-      enable = true;
-      packages = with pkgs; [
-        gcr
-        dconf
-      ];
-    };
-
     libinput = {
       enable = !config.machineVars.headless;
       touchpad.disableWhileTyping = true;
     };
-
-    displayManager.defaultSession = "none+xmonad";
-
-    xserver = {
-      enable = !config.machineVars.headless;
-
-      xkb = {
-        layout = "us";
-        options = "caps:escape";
-      };
-
-      desktopManager = {
-        xterm.enable = false;
-        xfce.enable = !config.machineVars.headless;
-      };
-
-      displayManager.lightdm.enable = !config.machineVars.headless;
-
-      windowManager.xmonad = {
-        enable = true;
-        enableContribAndExtras = true;
-        enableConfiguredRecompile = true;
-        extraPackages = hPkgs: with hPkgs; [
-          dbus
-        ];
-      };
-
-    };
-
   };
 
   programs = {
@@ -305,38 +135,7 @@ in {
     git.enable = true;
     tmux.enable = true;
     zsh.enable = true;
-
-    gnupg.agent.enable = true;
-    gnupg.agent.pinentryPackage = pkgs.pinentry-curses;
-
-    neovim = {
-      enable = true;
-      defaultEditor = true;
-      viAlias = true;
-      vimAlias = true;
-      configure = {
-        packages.myVimPackage = with pkgs.vimPlugins; {
-          start = [
-            direnv-vim
-            vim-nix
-            vim-polyglot
-          ];
-
-          opt = [
-            vim-monokai
-          ];
-        };
-
-        customRC = ''
-          set number relativenumber
-          set undofile
-          set undodir=~/.cache/vim/undodir
-
-          packadd! vim-monokai
-          colorscheme monokai
-        '';
-      };
-    };
+    hyprland.enable = true;
   };
 
   system.extraDependencies =
@@ -379,12 +178,6 @@ in {
     ]);
 
   security.rtkit.enable = !config.machineVars.headless;
-  services.pipewire = {
-    enable = !config.machineVars.headless;
-    alsa.enable = true;
-    alsa.support32Bit = true;
-    pulse.enable = true;
-  };
 
   security.sudo.extraConfig = let
     sudoLecture = pkgs.writeText "sudo-lecture.txt" (extendedLib.termColors.front.red "Be careful or something, idk...\n");

hosts/common/fonts.nix

@@ -0,0 +1,45 @@
+{ pkgs, ... }:
+{
+  fonts = {
+    fontDir.enable = true;
+
+    enableDefaultPackages = true;
+    packages = with pkgs; [
+      ark-pixel-font
+      cm_unicode
+      corefonts
+      dejavu_fonts
+      fira-code
+      fira-code-symbols
+      iosevka
+      ipaexfont
+      ipafont
+      liberation_ttf
+      migmix
+      noto-fonts
+      noto-fonts-cjk-sans
+      noto-fonts-cjk-serif
+      noto-fonts-emoji
+      ocr-a
+      open-sans
+      powerline-fonts
+      source-han-sans
+      source-sans
+      symbola
+      texlivePackages.asana-math
+      ubuntu_font_family
+      victor-mono
+      yasashisa-gothic
+      (nerdfonts.override { fonts = [ "FiraCode" "DroidSansMono" ]; })
+    ];
+
+    fontconfig = {
+      defaultFonts = {
+        serif = [ "Droid Sans Serif" "Ubuntu" ];
+        sansSerif = [ "Droid Sans" "Ubuntu" ];
+        monospace = [ "Fira Code" "Ubuntu" ];
+        emoji = [ "Noto Sans Emoji" ];
+      };
+    };
+  };
+}

hosts/common/nix-builders/bob.nix

@@ -18,11 +18,21 @@
     # sshKey = config.sops.secrets."ssh/nix-builders/bob/key".path;
   }];
 
-  programs.ssh.extraConfig = ''
+  programs.ssh = {
+    extraConfig = ''
       Host nix-builder-bob
         HostName bob.pvv.ntnu.no
         ProxyJump nix-builder-isvegg
         User oysteikt
         IdentityFile ${config.sops.secrets."ssh/nix-builders/bob/key".path}
     '';
+
+    knownHosts.bob = {
+      hostNames = [
+        "bob.pvv.ntnu.no"
+        "bob.pvv.org"
+      ];
+      publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGJSgh20qDIYEXiK4MUZhc879dJIyH0K/s0RZ+9wFI0F";
+    };
+  };
 }

hosts/common/nix-builders/tsuki.nix

@@ -22,9 +22,17 @@
     sshKey = config.sops.secrets."ssh/nix-builders/tsuki/key".path;
   }];
 
-  programs.ssh.extraConfig = ''
+  programs.ssh = {
+    extraConfig = ''
       Host nix-builder-tsukir
         HostName gingakei.loginto.me
         Port ${toString secrets.ports.ssh.home-in}
     '';
+
+    # knownHosts.tsukir = {
+    #   hostNames = [ "nani.wtf" "gingakei.loginto.me" ];
+    #   # publicKeyFile = config.sops.secrets."ssh/nix-builders/tsuki/pub".path;
+    #   publicKeyFile = "/var/keys/tsuki_nix-builder.pub";
+    # };
+  };
 }

hosts/common/nix.nix

@@ -0,0 +1,48 @@
+{ config, unstable-pkgs, ... }:
+{
+  imports = [
+    ./nix-builders/bob.nix
+    ./nix-builders/isvegg.nix
+    ./nix-builders/tsuki.nix
+  ];
+
+  sops.secrets = {
+    "nix/access-tokens" = { sopsFile = ./../../secrets/common.yaml; };
+  };
+
+  nix = {
+    package = unstable-pkgs.nixVersions.stable;
+    distributedBuilds = config.networking.hostName != "tsuki";
+
+    settings = {
+      allow-dirty = true;
+      allowed-uris = [ "http://" "https://" ];
+      auto-optimise-store = true;
+      binary-caches = [ "https://cache.nixos.org/" ];
+      builders-use-substitutes = true;
+      experimental-features = [ "nix-command" "flakes" ];
+      log-lines = 50;
+      trusted-users = [ "h7x4" "nix-builder" ];
+      use-xdg-base-directories = true;
+    };
+
+    extraOptions = ''
+      !include ${config.sops.secrets."nix/access-tokens".path}
+    '';
+
+    registry = {
+      home.to = {
+        type = "path";
+        path = "/home/h7x4/nix";
+      };
+      wack.to = {
+        type = "path";
+        path = "/home/h7x4/git/wack-ctf-flake";
+      };
+      nxpt.to = {
+        type = "path";
+        path = "/home/h7x4/git/nixpkgs-tools";
+      };
+    };
+  };
+}

hosts/common/programs/gnupg.nix

@@ -0,0 +1,9 @@
+{ pkgs, ... }:
+{
+  programs.gnupg = {
+    agent = {
+      enable = true;
+      pinentryPackage = pkgs.pinentry-curses;
+    };
+  };
+}

hosts/common/programs/neovim.nix

@@ -0,0 +1,31 @@
+{ pkgs, ... }:
+{
+  programs.neovim = {
+    enable = true;
+    defaultEditor = true;
+    viAlias = true;
+    vimAlias = true;
+    configure = {
+      packages.myVimPackage = with pkgs.vimPlugins; {
+        start = [
+          direnv-vim
+          vim-nix
+          vim-polyglot
+        ];
+
+        opt = [
+          vim-monokai
+        ];
+      };
+
+      customRC = ''
+        set number relativenumber
+        set undofile
+        set undodir=~/.cache/vim/undodir
+
+        packadd! vim-monokai
+        colorscheme monokai
+      '';
+    };
+  };
+}

hosts/common/programs/nix-ld.nix

@@ -0,0 +1,9 @@
+{ pkgs, ... }:
+{
+  programs.nix-ld = {
+    enable = true;
+    libraries = with pkgs; [
+      libusb1
+    ];
+  };
+}

hosts/common/programs/ssh.nix

@@ -0,0 +1,32 @@
+{ config, ... }:
+{
+  sops.secrets."ssh/secret-config" = {
+    sopsFile = ./../../../secrets/common.yaml;
+    mode = "0444";
+  };
+
+  programs.ssh = {
+    extraConfig = ''
+      Include ${config.sops.secrets."ssh/secret-config".path}
+    '';
+
+    knownHosts = {
+      hildring = {
+        hostNames = [
+          "hildring.pvv.ntnu.no"
+          "hildring.pvv.org"
+          "login.pvv.ntnu.no"
+          "login.pvv.org"
+        ];
+        publicKey = "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBGurF7rdnrDP/VgIK2Tx38of+bX/QGCGL+alrWnZ1Ca5llGneMulUt1RB9xZzNLHiaWIE+HOP0i4spEaeZhilfU=";
+      };
+      isvegg = {
+        hostNames = [
+          "isvegg.pvv.ntnu.no"
+          "isvegg.pvv.org"
+        ];
+        publicKey = "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBGurF7rdnrDP/VgIK2Tx38of+bX/QGCGL+alrWnZ1Ca5llGneMulUt1RB9xZzNLHiaWIE+HOP0i4spEaeZhilfU=";
+      };
+    };
+  };
+}

hosts/common/programs/usbtop.nix

@@ -0,0 +1,22 @@
+{ pkgs, lib, ... }:
+{
+  # programs.usbtop.enable = true;
+
+  boot.kernelModules = [ "usbmon" ];
+
+  security.wrappers."usbtop" = {
+    owner = "root";
+    group = "usbmon";
+    setgid = true;
+    source = lib.getExe pkgs.usbtop;
+  };
+
+  users.groups.usbmon = {
+    # NOTE: picked at random
+    gid = 872;
+  };
+
+  services.udev.extraRules = ''
+    SUBSYSTEM=="usbmon", MODE="0660", OWNER="root", GROUP="usbmon"
+  '';
+}

hosts/common/services/dbus.nix

@@ -0,0 +1,10 @@
+{ pkgs, ... }:
+{
+  services.dbus = {
+    enable = true;
+    packages = with pkgs; [
+      gcr
+      dconf
+    ];
+  };
+}

hosts/common/services/openssh.nix

@@ -0,0 +1,12 @@
+{ ... }:
+{
+  services.openssh = {
+    startWhenNeeded = true;
+    settings = {
+      StreamLocalBindUnlink = true;
+      PasswordAuthentication = false;
+      KbdInteractiveAuthentication = false;
+      PermitRootLogin = "no";
+    };
+  };
+}

hosts/common/services/pcscd.nix

@@ -0,0 +1,4 @@
+{ ... }:
+{
+  services.pcscd.enable = true;
+}

hosts/common/services/pipewire.nix

@@ -0,0 +1,9 @@
+{ config, ... }:
+{
+  services.pipewire = {
+    enable = !config.machineVars.headless;
+    alsa.enable = true;
+    alsa.support32Bit = true;
+    pulse.enable = true;
+  };
+}

hosts/common/services/printing.nix

@@ -0,0 +1,4 @@
+{ config, ... }:
+{
+  services.printing.enable = !config.machineVars.headless;
+}

hosts/common/services/resolved.nix

@@ -0,0 +1,4 @@
+{ ... }:
+{
+  services.resolved.enable = true;
+}

hosts/common/services/smartd.nix

@@ -0,0 +1,4 @@
+{ ... }:
+{
+  services.smartd.enable = true;
+}

hosts/common/services/systemd-lock-handler.nix

@@ -0,0 +1,4 @@
+{ ... }:
+{
+  services.systemd-lock-handler.enable = true;
+}

hosts/common/services/xserver.nix

@@ -0,0 +1,36 @@
+{ config, ... }:
+{
+  services.displayManager = {
+    enable = true;
+    defaultSession = "none+xmonad";
+    sddm = {
+      enable = !config.machineVars.headless;
+      wayland.enable = true;
+    };
+  };
+
+  services.xserver = {
+    enable = !config.machineVars.headless;
+
+    xkb = {
+      layout = "us";
+      options = "caps:escape";
+    };
+
+    # desktopManager = {
+    #   xterm.enable = false;
+    #   xfce.enable = !config.machineVars.headless;
+    # };
+
+    # displayManager.lightdm.enable = !config.machineVars.headless;
+
+    windowManager.xmonad = {
+      enable = true;
+      enableContribAndExtras = true;
+      enableConfiguredRecompile = true;
+      extraPackages = hPkgs: with hPkgs; [
+        dbus
+      ];
+    };
+  };
+}

hosts/dosei/configuration.nix

@@ -66,8 +66,6 @@
     # hostId = "";
   };
 
-  programs.usbtop.enable = true;
-
   services = {
     openssh = {
       enable = true;

hosts/kasei/configuration.nix

@@ -12,6 +12,8 @@
 
   system.stateVersion = "22.05";
 
+  security.pam.services.hyprlock = {};
+
   boot.binfmt.emulatedSystems = [
     "x86_64-windows"
     "aarch64-linux"
@@ -73,7 +75,7 @@
   services = {
     openssh = {
       enable = true;
-      settings.X11Forwarding = true;
+      # settings.X11Forwarding = true;
     };
     xserver.videoDrivers = [ "amdgpu" ];
     tailscale.enable = true;

overlays/wayland-ime-integration.nix

@@ -0,0 +1,20 @@
+final: prev: let
+  inherit (prev) lib;
+
+  wrapWithWaylandIMEFlag = pkg: let
+    binaryName = lib.removePrefix "${lib.getBin pkg}/bin/" (lib.getExe pkg);
+  in pkg.overrideAttrs (prev': {
+    postInstall = (prev'.postInstall or "") + ''
+      wrapProgram "$out/bin/${binaryName}" \
+        --add-flags "--enable-wayland-ime"
+    '';
+  });
+
+  programList = [
+    "element-desktop"
+    "vscode"
+    "chromium"
+    "discord"
+  ];
+in
+  lib.genAttrs programList (name: wrapWithWaylandIMEFlag prev.${name})