home/neovim: remove unused plugin

home/home.nix

@@ -10,22 +10,34 @@ in {
 
     ./programs/aria2.nix
     ./programs/atuin.nix
+    ./programs/bash.nix
+    ./programs/bat.nix
     ./programs/beets.nix
+    ./programs/bottom.nix
     ./programs/comma.nix
     ./programs/direnv
+    ./programs/eza.nix
+    ./programs/fzf.nix
     ./programs/gdb.nix
-    ./programs/gh.nix
     ./programs/gh-dash.nix
+    ./programs/gh.nix
     ./programs/git
     ./programs/gpg
+    ./programs/home-manager.nix
     ./programs/jq.nix
     ./programs/less.nix
+    ./programs/man.nix
     ./programs/neovim
     ./programs/nix-index
+    ./programs/pandoc.nix
+    ./programs/ripgrep.nix
     ./programs/ssh
     ./programs/tealdeer
+    ./programs/texlive.nix
     ./programs/thunderbird.nix
     ./programs/tmux
+    ./programs/yt-dlp.nix
+    ./programs/zoxide.nix
     ./programs/zsh
 
     ./services/nix-channel-update.nix
@@ -39,9 +51,12 @@ in {
 
     ./programs/alacritty.nix
     ./programs/emacs
+    ./programs/feh.nix
     ./programs/firefox.nix
+    ./programs/mpv.nix
     ./programs/ncmpcpp.nix
     ./programs/newsboat
+    ./programs/obs-studio.nix
     ./programs/qutebrowser.nix
     ./programs/rofi.nix
     ./programs/taskwarrior.nix
@@ -54,7 +69,10 @@ in {
     ./services/copyq.nix
     ./services/dunst.nix
     ./services/fcitx5.nix
+    ./services/gnome-keyring.nix
+    ./services/keybase.nix
     ./services/mpd.nix
+    ./services/network-manager.nix
     ./services/picom.nix
     ./services/polybar.nix
     ./services/screen-locker.nix
@@ -133,51 +151,6 @@ in {
 
   fonts.fontconfig.enable = mkForce true;
 
-  programs = {
-    home-manager.enable = true;
-
-    bash = {
-      enable = true;
-      historyFile = "${config.xdg.dataHome}/bash_history";
-      historySize = 100000;
-      bashrcExtra = ''
-        source "${config.xdg.configHome}/mutable_env.sh"
-      '';
-    };
-
-    bat.enable = true;
-    bottom = {
-      enable = true;
-      settings.flags.enable_gpu = true;
-    };
-    eza.enable = true;
-    feh.enable = mkIf graphics true;
-    fzf = {
-      enable = true;
-      defaultCommand = "fd --type f";
-    };
-    man = {
-      enable = true;
-      generateCaches = true;
-    };
-    mpv.enable = mkIf graphics true;
-    obs-studio.enable = mkIf graphics true;
-    ssh = {
-      enable = true;
-      includes = [ "mutable_config" ];
-    };
-    texlive = {
-      enable = true;
-      # packageSet = pkgs.texlive.combined.scheme-medium;
-    };
-    zoxide.enable = true;
-  };
-
-  services = {
-    gnome-keyring.enable = mkIf graphics true;
-    network-manager-applet.enable = mkIf graphics true;
-  };
-
   manual = {
     html.enable = true;
     manpages.enable = true;

home/packages.nix

@@ -5,7 +5,6 @@
     cloc
     cyme
     czkawka
-    delta
     diskonaut
     duf
     duff
@@ -21,7 +20,6 @@
     httpie
     imagemagick
     kepubify
-    # keybase
     keymapviz
     libwebp
     lnav
@@ -41,18 +39,15 @@
     # nixops
     nmap
     ouch
-    pandoc
     parallel
     progress
     pwntools
     python3
     rclone
-    ripgrep
     rsync
     # sc-im
     slack-term
     tea
-    tealdeer
     terminal-parrot
     termtosvg
     toilet
@@ -64,7 +59,6 @@
     waifu2x-converter-cpp
     wavemon
     wiki-tui
-    yt-dlp
     yubico-pam
     yubikey-agent
     yubikey-manager

home/programs/bash.nix

@@ -0,0 +1,11 @@
+{ config, ... }:
+{
+  programs.bash = {
+    enable = true;
+    historyFile = "${config.xdg.dataHome}/bash_history";
+    historySize = 100000;
+    bashrcExtra = ''
+      source "${config.xdg.configHome}/mutable_env.sh"
+    '';
+  };
+}

home/programs/bat.nix

@@ -0,0 +1,4 @@
+{ ... }:
+{
+  programs.bat.enable = true;
+}

home/programs/bottom.nix

@@ -0,0 +1,7 @@
+{ ... }:
+{
+  programs.bottom = {
+    enable = true;
+    settings.flags.enable_gpu = true;
+  };
+}

home/programs/eza.nix

@@ -0,0 +1,4 @@
+{ ... }:
+{
+  programs.eza.enable = true;
+}

home/programs/feh.nix

@@ -0,0 +1,4 @@
+{ machineVars, ... }:
+{
+  programs.feh.enable = !machineVars.headless;
+}

home/programs/fzf.nix

@@ -0,0 +1,7 @@
+{ ... }:
+{
+  programs.fzf = {
+    enable = true;
+    defaultCommand = "fd --type f";
+  };
+}

home/programs/home-manager.nix

@@ -0,0 +1,4 @@
+{ ... }:
+{
+  programs.home-manager.enable = true;
+}

home/programs/man.nix

@@ -0,0 +1,7 @@
+{ ... }:
+{
+  programs.man = {
+    enable = true;
+    generateCaches = true;
+  };
+}

home/programs/mpv.nix

@@ -0,0 +1,4 @@
+{ machineVars, ... }:
+{
+  programs.mpv.enable = !machineVars.headless;
+}

home/programs/ncmpcpp.nix

@@ -1,4 +1,4 @@
-{pkgs, ...}:
+{ config, pkgs, ... }:
 {
   programs.ncmpcpp = {
     enable = true;
@@ -332,11 +332,11 @@
       window_border_color = "green";
       active_window_border = "red";
 
-      visualizer_data_source = "/tmp/mpd.fifo";
+      visualizer_data_source = "/run/user/${toString config.home.uid}/mpd/visualizer.fifo";
       visualizer_output_name = "Visualizer feed";
       visualizer_in_stereo = "no";
-      visualizer_type = "spectrum"; # spectrum, ellipse, wave_filled, wave
-      visualizer_look = "+█"; # wave | spectrum, ellipse, wave_filled
+      # visualizer_type = "spectrum"; # spectrum, ellipse, wave_filled, wave
+      # visualizer_look = "+█"; # wave | spectrum, ellipse, wave_filled
     };
   };
 }

home/programs/neovim/default.nix

@@ -66,7 +66,6 @@
       }
       limelight-vim
       vim-tmux-navigator
-      # vim-polyglot
       lightline-vim
       vim-better-whitespace
       {

home/programs/obs-studio.nix

@@ -0,0 +1,4 @@
+{ machineVars, ... }:
+{
+  programs.obs-studio.enable = !machineVars.headless;
+}

home/programs/pandoc.nix

@@ -0,0 +1,4 @@
+{ ... }:
+{
+  programs.pandoc.enable = true;
+}

home/programs/ripgrep.nix

@@ -0,0 +1,4 @@
+{ ... }:
+{
+  programs.ripgrep.enable = true;
+}

home/programs/ssh/default.nix

@@ -10,5 +10,11 @@
     mode = "0444";
   };
 
-  programs.ssh.includes = [ config.sops.secrets."ssh/secret-config".path ];
+  programs.ssh = {
+    enable = true;
+    includes = [
+      config.sops.secrets."ssh/secret-config".path
+      "mutable_config"
+    ];
+  };
 }

home/programs/texlive.nix

@@ -0,0 +1,7 @@
+{ ... }:
+{
+  programs.texlive = {
+    enable = true;
+    # packageSet = pkgs.texlive.combined.scheme-medium;
+  };
+}

home/programs/yt-dlp.nix

@@ -0,0 +1,4 @@
+{ ... }:
+{
+  programs.yt-dlp.enable = true;
+}

home/programs/zoxide.nix

@@ -0,0 +1,4 @@
+{ ... }:
+{
+  programs.zoxide.enable = true;
+}

home/services/gnome-keyring.nix

@@ -0,0 +1,4 @@
+{ machineVars, ... }:
+{
+  services.gnome-keyring.enable = !machineVars.headless;
+}

home/services/keybase.nix

@@ -0,0 +1,5 @@
+{ ... }:
+{
+  services.keybase.enable = true;
+  services.kbfs.enable = true;
+}

home/services/mpd.nix

@@ -1,28 +1,141 @@
-{ config, ... }:
+{ config, pkgs, lib, ... }:
+let
+  cfg = config.services.mpd;
+in
 {
-  services.mpd = rec {
+  services.mpd = {
     enable = true;
     musicDirectory = config.xdg.userDirs.music;
-    playlistDirectory = "${musicDirectory}/playlists/MPD";
+    playlistDirectory = "${cfg.musicDirectory}/playlists/MPD";
     network.startWhenNeeded = true;
 
-    # TODO: make the path specific to the user unit
     extraConfig = ''
-      audio_output {
-        type "fifo"
-        name "Visualizer feed"
-        path "/tmp/mpd.fifo"
-        format "44100:16:2"
-      }
+      pid_file "/run/user/${toString config.home.uid}/mpd/pid"
+
+      zeroconf_enabled "no"
+
+      replaygain "auto"
+
+      restore_paused "yes"
+
+      auto_update "no"
 
       audio_output {
         type "pipewire"
         name "PipeWire Sound Server"
       }
+
+      audio_output {
+        type "fifo"
+        name "Visualizer feed"
+        path "/run/user/${toString config.home.uid}/mpd/visualizer.fifo"
+        format "44100:16:2"
+      }
+
+      resampler {
+        plugin "soxr"
+        quality "very high"
+      }
+
+      playlist_plugin {
+        name "cue"
+        enabled "true"
+      }
+
+      playlist_plugin {
+        name "m3u"
+        enabled "true"
+      }
+
+      playlist_plugin {
+        name "extm3u"
+        enabled "true"
+      }
+
+      playlist_plugin {
+        name "flac"
+        enabled "true"
+      }
+
+      playlist_plugin {
+        name "rss"
+        enabled "true"
+      }
     '';
   };
 
-  # TODO: disable auto_update and use systemd path to listen for changes
   # TODO: upstream unix socket support to home-manager
+
+  systemd.user.services.mpd = {
+    Unit = {
+      Documentation = [
+        "man:mpd(1)"
+        "man:mpd.conf(5)"
+      ];
+    };
+    Service = {
+      WatchdogSec = 120;
+
+      # for io_uring
+      LimitMEMLOCK = "64M";
+
+      # allow MPD to use real-time priority 40
+      LimitRTPRIO = 40;
+      LimitRTTIME = "infinity";
+
+      PrivateUsers = true;
+      ProtectSystem = true;
+      NoNewPrivileges = true;
+      ProtectKernelTunables = true;
+      ProtectControlGroups = true;
+      RestrictAddressFamilies = [
+        "AF_INET"
+        "AF_UNIX"
+      ];
+      RestrictNamespaces = true;
+    };
+  };
+
+  systemd.user.paths.mpd-update-library = {
+    Unit = {
+      Description = "Watchdog that updates the mpd library whenever the files are modified";
+      Documentation = [
+        "man:mpd(1)"
+        "man:mpd.conf(5)"
+      ];
+      WantedBy = [ "paths.target" ];
+    };
+    Path = {
+      PathChanged = cfg.musicDirectory;
+      Unit = "mpd-update-library.service";
+      TriggerLimitIntervalSec = "1s";
+      TriggerLimitBurst = "1";
+    };
+  };
+
+  systemd.user.services.mpd-update-library = {
+    Unit = {
+      Description = "Watchdog that updates the mpd library whenever the files are modified";
+      Documentation = [
+        "man:mpd(1)"
+        "man:mpd.conf(5)"
+      ];
+    };
+    Service = {
+      Type = "oneshot";
+      ExecStart = "${lib.getExe pkgs.mpc-cli} update --wait";
+
+      PrivateUsers = true;
+      ProtectSystem = true;
+      NoNewPrivileges = true;
+      ProtectKernelTunables = true;
+      ProtectControlGroups = true;
+      RestrictAddressFamilies = [
+        "AF_INET"
+        "AF_UNIX"
+      ];
+      RestrictNamespaces = true;
+    };
+  };
 }
 

home/services/network-manager.nix

@@ -0,0 +1,4 @@
+{ machineVars, ... }:
+{
+  services.network-manager-applet.enable = !machineVars.headless;
+}