entirely vibed refactor

nixos/hosts/electra/configuration.nix

@@ -0,0 +1,40 @@
+{ pkgs, ... }:
+{
+  imports = [ ./hardware-configuration.nix ];
+
+  networking.hostName = "electra";
+
+  boot = {
+    loader.systemd-boot.enable = true;
+    loader.efi.canTouchEfiVariables = true;
+    initrd = {
+      enable = true;
+      luks.devices."luks-654125f4-7b26-408d-b1b5-d31648ec8770".device = "/dev/disk/by-uuid/654125f4-7b26-408d-b1b5-d31648ec8770";
+      verbose = false;
+    };
+  };
+
+  environment.systemPackages = [
+    pkgs.bluetui
+    pkgs.wakeonlan
+  ];
+
+  systemd.services.fprintd = {
+    wantedBy = [ "multi-user.target" ];
+    serviceConfig.Type = "simple";
+  };
+
+  services = {
+    fprintd = {
+      enable = true;
+      tod.enable = true;
+      tod.driver = pkgs.libfprint-2-tod1-goodix;
+    };
+    tuned.enable = true;
+  };
+
+  hardware.bluetooth = {
+    enable = true;
+    powerOnBoot = true;
+  };
+}

nixos/hosts/electra/hardware-configuration.nix

@@ -0,0 +1,42 @@
+# Do not modify this file!  It was generated by ‘nixos-generate-config’
+# and may be overwritten by future invocations.  Please make changes
+# to /etc/nixos/configuration.nix instead.
+{ config, lib, pkgs, modulesPath, ... }:
+
+{
+  imports =
+    [ (modulesPath + "/installer/scan/not-detected.nix")
+    ];
+
+  boot.initrd.availableKernelModules = [ "xhci_pci" "thunderbolt" "nvme" "usb_storage" "sd_mod" ];
+  boot.initrd.kernelModules = [ ];
+  boot.kernelModules = [ "kvm-intel" ];
+  boot.extraModulePackages = [ ];
+
+  fileSystems."/" =
+    { device = "/dev/disk/by-uuid/a2e7843f-dfbe-4e96-87d7-b4e55cc6d710";
+      fsType = "ext4";
+    };
+
+  boot.initrd.luks.devices."luks-d67e4840-ebc5-42be-9b26-d72a72b09617".device = "/dev/disk/by-uuid/d67e4840-ebc5-42be-9b26-d72a72b09617";
+
+  fileSystems."/boot" =
+    { device = "/dev/disk/by-uuid/18A0-A1AC";
+      fsType = "vfat";
+      options = [ "fmask=0077" "dmask=0077" ];
+    };
+
+  swapDevices =
+    [ { device = "/dev/disk/by-uuid/c49249b9-0d68-44af-97e0-e399c8409408"; }
+    ];
+
+  # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
+  # (the default) this is the recommended approach. When using systemd-networkd it's
+  # still possible to use this option, but it's recommended to use it in conjunction
+  # with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
+  networking.useDHCP = lib.mkDefault true;
+  # networking.interfaces.wlp0s20f3.useDHCP = lib.mkDefault true;
+
+  nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
+  hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
+}

nixos/hosts/nuc/configuration.nix

@@ -0,0 +1,48 @@
+{ pkgs, repoRoot, ... }:
+{
+  imports = [ ./hardware-configuration.nix ];
+
+  environment.systemPackages = with pkgs; [
+    wakeonlan
+  ];
+
+  security.sudo.wheelNeedsPassword = false;
+  networking.hostName = "nuc";
+
+  boot.initrd.enable = true;
+  boot.loader.systemd-boot.enable = true;
+
+  networking.firewall.allowedTCPPorts = [
+    53
+    80
+    443
+  ];
+  networking.firewall.allowedUDPPorts = [ 53 ];
+
+  systemd.timers.autowin = {
+    wantedBy = [ "timers.target" ];
+    timerConfig = {
+      OnCalendar = "Wed *-*-21..28 02:00:00";
+      Unit = "autowin.service";
+    };
+  };
+
+  systemd.services.autowin = {
+    script = ''
+      ${pkgs.python3Packages.python}/bin/python ${repoRoot}/util/wol_man.py autowin
+    '';
+    serviceConfig = {
+      Type = "oneshot";
+      TimeoutStartSec = "3600";
+      User = "alisceon";
+    };
+  };
+
+  virtualisation.oci-containers.containers.isponsorblocktv = {
+    image = "ghcr.io/dmunozv04/isponsorblocktv:latest";
+    autoStart = true;
+    volumes = [
+      "/home/alisceon/isponsorblocktv:/app/data"
+    ];
+  };
+}

nixos/hosts/nuc/hardware-configuration.nix

@@ -0,0 +1,33 @@
+# Do not modify this file!  It was generated by ‘nixos-generate-config’
+# and may be overwritten by future invocations.  Please make changes
+# to /etc/nixos/configuration.nix instead.
+{ config, lib, pkgs, modulesPath, ... }:
+
+{
+  imports =
+    [ (modulesPath + "/installer/scan/not-detected.nix")
+    ];
+
+  boot.initrd.availableKernelModules = [ "xhci_pci" "ehci_pci" "ahci" "usbhid" "usb_storage" "sd_mod" ];
+  boot.initrd.kernelModules = [ ];
+  boot.kernelModules = [ "kvm-intel" ];
+  boot.extraModulePackages = [ ];
+
+  fileSystems."/" =
+    { device = "/dev/disk/by-uuid/d22372b3-fce6-407b-82a3-77cdff9d701e";
+      fsType = "ext4";
+    };
+
+  fileSystems."/boot" =
+    { device = "/dev/disk/by-uuid/2359-96B5";
+      fsType = "vfat";
+      options = [ "fmask=0077" "dmask=0077" ];
+    };
+
+  swapDevices =
+    [ { device = "/dev/disk/by-uuid/faa61292-4c72-46af-b6d4-aa1e4172c75c"; }
+    ];
+
+  nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
+  hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
+}

nixos/hosts/tesla-nixos/configuration.nix

@@ -0,0 +1,99 @@
+{ pkgs, ... }:
+let
+  modpack = pkgs.fetchPackwizModpack {
+    url = "https://git.malice.zone/alisceon/tfcpack/-/raw/main/pack.toml";
+    packHash = "sha256-AKmS+CLiex+N2YipHNbOJpOS+cUut4fcG2oKCWuXBwY=";
+  };
+in
+{
+  imports = [ ./hardware-configuration.nix ];
+
+  security.sudo.wheelNeedsPassword = false;
+  networking.hostName = "tesla-nixos";
+
+  boot = {
+    initrd.enable = true;
+    loader.systemd-boot.enable = true;
+  };
+
+  environment.systemPackages = with pkgs; [ tmux ];
+
+  virtualisation.podman.dockerCompat = false;
+  virtualisation.docker = {
+    enable = true;
+    autoPrune = {
+      enable = true;
+      dates = "daily";
+    };
+    daemon.settings = {
+      runtimes.crun.path = "${pkgs.crun}/bin/crun";
+      default-runtime = "crun";
+    };
+  };
+
+  networking.firewall.allowedTCPPorts = [
+    8100
+  ];
+
+  services.minecraft-servers = {
+    enable = true;
+    eula = true;
+    openFirewall = true;
+    servers.tfcpack = {
+      enable = true;
+      package = pkgs.neoforgeServers.neoforge-1_21_1-21_1_219;
+      autoStart = true;
+      serverProperties = {
+        motd = "TFC Pack - Tesla Nixos";
+        max-players = "20";
+        view-distance = "32";
+        level-type = "tfc\\:overworld";
+        spawn-protection = "0";
+        max-tick-time = "-1";
+      };
+      jvmOpts = [
+        "-Xmx24G"
+        "-Xms24G"
+        "-XX:+UseZGC"
+        "-XX:+ZGenerational"
+      ];
+      symlinks.mods = "${modpack}/mods";
+      files."config/bluemap/core.conf" = "${modpack}/config/bluemap/core.conf";
+    };
+  };
+
+  users.users.gitlab-runner = {
+    isNormalUser = true;
+    home = "/var/lib/gitlab-runner";
+    createHome = true;
+    shell = pkgs.bashInteractive;
+    extraGroups = [ "docker" "wheel" ];
+    group = "gitlab-runner";
+  };
+
+  users.groups.gitlab-runner = { };
+  users.groups.docker = { };
+
+  systemd.services.enable-linger-gitlab-runner = {
+    description = "Enable linger for gitlab-runner";
+    wantedBy = [ "multi-user.target" ];
+    serviceConfig = {
+      Type = "oneshot";
+      ExecStart = "${pkgs.systemd}/bin/loginctl enable-linger gitlab-runner";
+      RemainAfterExit = true;
+    };
+  };
+
+  services.gitlab-runner = {
+    enable = true;
+    services.ci-nspawn-docker = {
+      authenticationTokenConfigFile = "/var/lib/gitlab-runner/token-env";
+      executor = "docker";
+      dockerImage = "alpine:3";
+      dockerPrivileged = true;
+      dockerVolumes = [
+        "/var/lib/gitlab-runner/cache:/cache"
+      ];
+    };
+  };
+}

nixos/hosts/tesla-nixos/hardware-configuration.nix

@@ -0,0 +1,37 @@
+# Do not modify this file!  It was generated by ‘nixos-generate-config’
+# and may be overwritten by future invocations.  Please make changes
+# to /etc/nixos/configuration.nix instead.
+{ config, lib, pkgs, modulesPath, ... }:
+
+{
+  imports =
+    [ (modulesPath + "/profiles/qemu-guest.nix")
+    ];
+
+  boot.initrd.availableKernelModules = [ "uhci_hcd" "ehci_pci" "ahci" "virtio_pci" "sr_mod" "virtio_blk" ];
+  boot.initrd.kernelModules = [ ];
+  boot.kernelModules = [ "kvm-intel" ];
+  boot.extraModulePackages = [ ];
+
+  fileSystems."/" =
+    { device = "/dev/disk/by-uuid/8befd164-4151-4116-83ec-727e44e87ea8";
+      fsType = "ext4";
+    };
+
+  fileSystems."/boot" =
+    { device = "/dev/disk/by-uuid/6841-1339";
+      fsType = "vfat";
+      options = [ "fmask=0077" "dmask=0077" ];
+    };
+
+  swapDevices = [ ];
+
+  # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
+  # (the default) this is the recommended approach. When using systemd-networkd it's
+  # still possible to use this option, but it's recommended to use it in conjunction
+  # with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
+  networking.useDHCP = lib.mkDefault true;
+  # networking.interfaces.ens18.useDHCP = lib.mkDefault true;
+
+  nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
+}

nixos/hosts/tower/configuration.nix

@@ -0,0 +1,81 @@
+{ config, pkgs, ... }:
+{
+  imports = [ ./hardware-configuration.nix ];
+
+  networking = {
+    hostName = "tower";
+    interfaces.enp10s0.wakeOnLan.enable = true;
+    firewall.allowedUDPPorts = [ 9 ];
+  };
+
+  time.hardwareClockInLocalTime = true;
+
+  boot = {
+    initrd.enable = true;
+    loader = {
+      efi.canTouchEfiVariables = true;
+      systemd-boot = {
+        enable = true;
+        windows = {
+          "nvme0n1p1" = {
+            title = "Windows";
+            efiDeviceHandle = "FS0";
+            sortKey = "1";
+          };
+        };
+        edk2-uefi-shell = {
+          enable = true;
+          sortKey = "0";
+        };
+      };
+    };
+    kernelPackages = pkgs.linuxPackages_6_18;
+  };
+
+  hardware = {
+    graphics = {
+      enable = true;
+      extraPackages = with pkgs; [ nvidia-vaapi-driver ];
+    };
+    nvidia = {
+      modesetting.enable = true;
+      powerManagement.enable = false;
+      powerManagement.finegrained = false;
+      open = true;
+      nvidiaSettings = true;
+      package = config.boot.kernelPackages.nvidiaPackages.stable;
+    };
+  };
+
+  services = {
+    xserver.videoDrivers = [ "nvidia" ];
+    openssh.enable = true;
+  };
+
+  environment = {
+    variables = {
+      GBM_BACKEND = "nvidia-drm";
+      __GLX_VENDOR_LIBRARY_NAME = "nvidia";
+      MOZ_DISABLE_RDD_SANDBOX = "1";
+      LIBVA_DRIVER_NAME = "nvidia";
+    };
+    systemPackages = [
+      pkgs.efibootmgr
+      pkgs.prismlauncher
+      pkgs.nvtopPackages.nvidia
+      pkgs.gamescope
+    ];
+  };
+
+  programs = {
+    gamemode.enable = true;
+    steam = {
+      enable = true;
+      remotePlay.openFirewall = true;
+      extraCompatPackages = [ pkgs.proton-ge-bin ];
+      package = pkgs.steam.override {
+        extraPkgs = _pkgs: [ pkgs.gamemode ];
+      };
+    };
+  };
+}

nixos/hosts/tower/hardware-configuration.nix

@@ -0,0 +1,39 @@
+# Do not modify this file!  It was generated by ‘nixos-generate-config’
+# and may be overwritten by future invocations.  Please make changes
+# to /etc/nixos/configuration.nix instead.
+{ config, lib, pkgs, modulesPath, ... }:
+
+{
+  imports =
+    [ (modulesPath + "/installer/scan/not-detected.nix")
+    ];
+
+  boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" "ahci" "usbhid" "usb_storage" "sd_mod" ];
+  boot.initrd.kernelModules = [ ];
+  boot.kernelModules = [ "kvm-amd" ];
+  boot.extraModulePackages = [ ];
+
+  fileSystems."/" =
+    { device = "/dev/disk/by-uuid/0fd6a4e2-3fa3-4a9a-90fa-8679feb0196d";
+      fsType = "btrfs";
+      options = [ "subvol=@" ];
+    };
+
+  fileSystems."/boot" =
+    { device = "/dev/disk/by-uuid/E212-41FD";
+      fsType = "vfat";
+      options = [ "fmask=0077" "dmask=0077" ];
+    };
+
+  swapDevices = [ ];
+
+  # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
+  # (the default) this is the recommended approach. When using systemd-networkd it's
+  # still possible to use this option, but it's recommended to use it in conjunction
+  # with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
+  networking.useDHCP = lib.mkDefault true;
+  # networking.interfaces.enp10s0.useDHCP = lib.mkDefault true;
+
+  nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
+  hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
+}

nixos/modules/base.nix

@@ -0,0 +1,191 @@
+{ config, pkgs, lib, repoLocalPath, ... }:
+{
+  boot = {
+    kernelPackages = lib.mkDefault pkgs.linuxPackages_latest;
+    kernel.sysctl = {
+      "net.ipv4.ip_unprivileged_port_start" = 0;
+    };
+    initrd = {
+      network = {
+        ssh.shell = pkgs.bash;
+      };
+    };
+  };
+
+  security.sudo-rs.enable = true;
+  system.stateVersion = "24.05";
+
+  system.autoUpgrade = {
+    enable = true;
+    persistent = true;
+    flake = repoLocalPath;
+    flags = [
+      "--print-build-logs"
+      "--no-write-lock-file"
+    ];
+    dates = "daily";
+  };
+
+  nix = {
+    settings = {
+      experimental-features = [ "nix-command" "flakes" ];
+      auto-optimise-store = true;
+      trusted-users = [ "root" "alisceon" ];
+    };
+    gc = {
+      automatic = true;
+      persistent = true;
+      dates = "daily";
+      options = "--delete-older-than 7d";
+    };
+    registry = {
+      templates.to = {
+        type = "git";
+        url = "git+ssh://git@git.malice.zone/alisceon/devenv_templates.git";
+      };
+      nixpkgs.to = {
+        type = "github";
+        owner = "NixOS";
+        repo = "nixpkgs";
+        ref = "nixos-unstable";
+      };
+      nixpkgs-stable.to = {
+        type = "github";
+        owner = "NixOS";
+        repo = "nixpkgs";
+        ref = "nixos-25.05";
+      };
+    };
+  };
+
+  console.keyMap = "sv-latin1";
+  networking.networkmanager.enable = true;
+  time.timeZone = "Europe/Stockholm";
+  i18n.defaultLocale = "en_US.UTF-8";
+  i18n.extraLocaleSettings = {
+    LC_ADDRESS = "sv_SE.UTF-8";
+    LC_IDENTIFICATION = "sv_SE.UTF-8";
+    LC_MEASUREMENT = "sv_SE.UTF-8";
+    LC_MONETARY = "sv_SE.UTF-8";
+    LC_NAME = "sv_SE.UTF-8";
+    LC_NUMERIC = "sv_SE.UTF-8";
+    LC_PAPER = "sv_SE.UTF-8";
+    LC_TELEPHONE = "sv_SE.UTF-8";
+    LC_TIME = "sv_SE.UTF-8";
+  };
+
+  environment = {
+    systemPackages = with pkgs; [
+      libressl
+      git
+      wget
+      curl
+      btop
+      ripgrep
+      fd
+      nh
+      jq
+      ncdu
+      pciutils
+      usbutils
+      tree
+      fzf
+      psmisc
+      pv
+      file
+      nix-tree
+      unzip
+      lsd
+      bash
+      nushell
+      fish
+      powershell
+      python3
+      python3Packages.python-lsp-server
+      podman
+    ];
+
+    shells = with pkgs; [
+      bash
+      nushell
+      fish
+      powershell
+      xonsh
+    ];
+
+    etc."current-system-packages".text =
+      let
+        packages = builtins.map (p: "${p.name}:\t${p}") config.environment.systemPackages;
+        sortedUnique = builtins.sort builtins.lessThan (pkgs.lib.lists.unique packages);
+      in
+      pkgs.lib.strings.concatLines sortedUnique;
+  };
+
+  virtualisation = {
+    libvirtd = {
+      enable = true;
+      qemu.swtpm.enable = true;
+    };
+    containers.enable = true;
+    docker.enable = true;
+    podman = {
+      enable = true;
+      dockerCompat = false;
+      defaultNetwork.settings.dns_enabled = true;
+    };
+    oci-containers.backend = "podman";
+  };
+
+  users = {
+    defaultUserShell = pkgs.bash;
+    groups.docker = { };
+    users.alisceon = {
+      isNormalUser = true;
+      extraGroups = [ "wheel" "networkmanager" "podman" "docker" "libvirtd" ];
+      shell = pkgs.xonsh;
+      openssh.authorizedKeys.keys = [
+        "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBPN1Cd2UlHo03Jqgi5Yb4io/3gh/X4wCb8LcmKlpAovQa271CKDBtYOUKn+Fts03g6dBMfaWMty6VGPMGDMONmc= alisceon@electra"
+        "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCvRYyYjN8z0yoPrHtaTQXY0iEtPl79K6/uXVceuS+31JGjRnqJjuDYg6KxAykGSfhercNdAJ2BTYJRGpMsW0Xn7+iq07TItcjJjERm7rjQZko4vauS62NdnV6BEG+6ktasb9CcepzwoRkLEXQOad3XbLbo0V2sj6uI5Rgq2Cfh6f9x1E1DJ87o6Ngkm+vQzdv4NYeya/O4vuoAw6BNhp4vyr9k+0K+TRLjflYPUwtb8U/agoYI5RoLZMa6eBKdPbLVYyahpMlYjHwr90H4c9veHliILcDSA8h6upcXSDwZiCPyu6cI4zRbzGQVg84iLmIs5ocMWsnuDQbqn5iM3BTV37atnTPI3O2C9WBxuOaGpk4C338V0CAfTo6GG/OSaFzfLBFE29nY6uXcCPH7KiDpig0naVWlpHZhED5OQRoSXBeyu4BgadV6eZ43HOcdbOAqbLcB1nvkKPi52Vj+JqwS8zIjQpipX22Trx2u4ike99ijeK6/XeoTnEAcUS0fcYQ0FDqqfLmr/HuxkEQ2NZF0sFFqVGUlpVJMFblNOH4L8A2kApnsrmlxnlVE+r0tTnnnK5tfCpyou/LPDM+4TzGw2nV2cwsZKbGaHvMM/qIvVva90mTcYfuDvGB10eQ2P9tN1TIjseONVLDVKNjNGzDBFY4RMeMJOWWQy0aBh0FP5Q== user@hannah.afk"
+      ];
+    };
+  };
+
+  programs = {
+    command-not-found.enable = true;
+    fzf.fuzzyCompletion = true;
+    xonsh = {
+      enable = true;
+      extraPackages = ps: with ps; [
+        pyperclip
+        xonsh.xontribs.xonsh-direnv
+        pkgs.nur.repos.xonsh-xontribs.xontrib-fish-completer
+        pkgs.nur.repos.xonsh-xontribs.xontrib-abbrevs
+        pkgs.nur.repos.xonsh-xontribs.xontrib-clp
+        pkgs.nur.repos.xonsh-xontribs.xontrib-bashisms
+        (
+          ps.buildPythonPackage
+          rec {
+            name = "xontrib-fzf-completions";
+            version = "v0.0.2";
+            format = "pyproject";
+            nativeBuildInputs = [ ps.setuptools ps.setuptools-scm ps.wheel ];
+            propagatedBuildInputs = [ ps.xonsh ];
+            src = pkgs.fetchFromGitHub {
+              owner = "doronz88";
+              repo = "${name}";
+              rev = "${version}";
+              sha256 = "sha256-1z5xHX4Psevn8686QkwIzv/LOJ5IMJc2nQ5Hg/2svTc=";
+            };
+            meta = {
+              homepage = "https://github.com/doronz88/xontrib-fzf-completions";
+              description = "fuzzy completions for xonsh";
+              license = pkgs.lib.licenses.mit;
+              maintainers = [ ];
+            };
+          }
+        )
+      ];
+      config = builtins.readFile ../../home/conf/xonsh/xonshrc;
+    };
+  };
+}

nixos/modules/profiles/server.nix

@@ -0,0 +1,14 @@
+{ pkgs, ... }:
+{
+  system.autoUpgrade.allowReboot = true;
+
+  services.openssh = {
+    enable = true;
+    permitRootLogin = "no";
+  };
+
+  environment.systemPackages = with pkgs; [
+    devenv
+    direnv
+  ];
+}

nixos/modules/profiles/workstation.nix

@@ -0,0 +1,72 @@
+{ pkgs, pkgs-unstable, ... }:
+{
+  boot = {
+    plymouth.enable = true;
+    kernelParams = [
+      "quiet"
+      "udev.log_level=3"
+      "systemd.show_status=auto"
+    ];
+  };
+
+  security.sudo.wheelNeedsPassword = false;
+
+  services = {
+    printing.enable = true;
+    pulseaudio.enable = false;
+    pipewire = {
+      enable = true;
+      alsa.enable = true;
+      pulse.enable = true;
+      jack.enable = true;
+    };
+    xserver.xkb.layout = "se";
+    gnome = {
+      gnome-keyring.enable = true;
+      gnome-initial-setup.enable = false;
+    };
+    udev.packages = [
+      pkgs.via
+      pkgs.qmk
+      pkgs.qmk-udev-rules
+      pkgs.qmk_hid
+    ];
+    fwupd.enable = true;
+    openssh.settings.PasswordAuthentication = false;
+  };
+
+  programs.dconf.enable = true;
+
+  networking.firewall.allowedTCPPorts = [
+    1312
+    8000
+    8080
+    8888
+  ];
+
+  environment = {
+    systemPackages = [
+      pkgs.discord
+      pkgs.signal-desktop
+      pkgs.mumble
+      (pkgs.chromium.override { enableWideVine = true; })
+      pkgs.google-chrome
+      pkgs.vscodium
+      pkgs.codex
+      pkgs.devenv
+      pkgs.direnv
+      pkgs.syncthing
+      pkgs.steam
+      pkgs.krita
+      pkgs.edk2-uefi-shell
+      pkgs-unstable.obsidian
+      pkgs.gparted
+      pkgs.vlc
+      pkgs.via
+      pkgs.plymouth
+      pkgs.xorg.xhost
+      (pkgs.bottles.override { removeWarningPopup = true; })
+    ];
+    sessionVariables.NIXOS_OZONE_WL = "1";
+  };
+}

nixos/modules/theme/stylix.nix

@@ -0,0 +1,65 @@
+{ pkgs, ... }:
+{
+  stylix = {
+    enable = true;
+    autoEnable = true;
+    enableReleaseChecks = false;
+    base16Scheme = {
+      base00 = "#181818";
+      base01 = "#252525";
+      base02 = "#3b3b3b";
+      base03 = "#777777";
+      base04 = "#777777";
+      base05 = "#b9b9b9";
+      base06 = "#dedede";
+      base07 = "#dedede";
+      base08 = "#ed4a46";
+      base09 = "#e67f43";
+      base0A = "#dbb32d";
+      base0B = "#70b433";
+      base0C = "#3fc5b7";
+      base0D = "#a580e2";
+      base0E = "#368aeb";
+      base0F = "#eb6eb7";
+    };
+
+    polarity = "dark";
+    fonts = {
+      monospace = {
+        package = pkgs.inconsolata;
+        name = "Inconsolata";
+      };
+      sansSerif = {
+        package = pkgs.noto-fonts;
+        name = "NotoSans";
+      };
+      serif = {
+        package = pkgs.noto-fonts;
+        name = "NotoSerif";
+      };
+      emoji = {
+        package = pkgs.noto-fonts-color-emoji;
+        name = "noto-fonts-color-emoji";
+      };
+      sizes = {
+        applications = 14;
+        terminal = 14;
+        desktop = 14;
+        popups = 14;
+      };
+    };
+
+    cursor = {
+      package = pkgs.whitesur-cursors;
+      name = "WhiteSur-cursors";
+      size = 20;
+    };
+
+    icons = {
+      enable = true;
+      package = pkgs.whitesur-icon-theme;
+      light = "WhiteSur-light";
+      dark = "WhiteSur-dark";
+    };
+  };
+}

nixos/modules/wm/gnome.nix

@@ -0,0 +1,38 @@
+{ pkgs, ... }:
+{
+  security.sudo.wheelNeedsPassword = false;
+
+  services = {
+    xserver.displayManager = {
+      gdm.enable = true;
+      gdm.wayland = true;
+    };
+    xserver.desktopManager.gnome.enable = true;
+    gnome = {
+      gnome-keyring.enable = true;
+      gnome-initial-setup.enable = false;
+    };
+  };
+
+  environment = {
+    gnome.excludePackages = with pkgs; [
+      evolution
+      geary
+      gnome-contacts
+      gnome-music
+      gnome-user-docs
+      gnome-tour
+      gnome-weather
+      gnome-maps
+      gnome-calendar
+      gnome-initial-setup
+      gnome-clocks
+    ];
+
+    systemPackages = [
+      pkgs.gnome-tweaks
+      pkgs.dconf-editor
+      pkgs.gnomeExtensions.ddterm
+    ];
+  };
+}

nixos/modules/wm/sway.nix

@@ -0,0 +1,99 @@
+{ pkgs, ... }:
+{
+  environment.systemPackages = with pkgs; [
+    pavucontrol
+    libinput
+    libinput-gestures
+    libnotify
+    wmctrl
+    playerctl
+    xdg-utils
+    shared-mime-info
+    libsecret
+    gnome-text-editor
+    loupe
+    evince
+    seahorse
+    nautilus
+  ];
+
+  programs = {
+    sway = {
+      enable = true;
+      wrapperFeatures.base = true;
+      wrapperFeatures.gtk = true;
+      extraOptions = [ "--unsupported-gpu" ];
+      extraPackages = with pkgs; [
+        swayidle
+        swaylock
+        swaybg
+        grim
+        slurp
+        wl-clipboard
+        pulseaudio
+        sway-contrib.grimshot
+        foot
+        kitty
+        dotool
+        mako
+        espanso-wayland
+      ];
+    };
+
+    uwsm = {
+      enable = true;
+      waylandCompositors = {
+        sway = {
+          prettyName = "Sway";
+          comment = "Sway compositor managed by UWSM";
+          binPath = "${pkgs.sway}/bin/sway";
+          extraArgs = [ "--unsupported-gpu" ];
+        };
+      };
+    };
+
+    light.enable = true;
+    dconf.enable = true;
+    seahorse.enable = true;
+  };
+
+  security = {
+    polkit.enable = true;
+    pam.services = {
+      greetd.enableGnomeKeyring = true;
+      login.enableGnomeKeyring = true;
+      swaylock.text = ''
+        auth sufficient pam_unix.so try_first_pass likeauth nullok
+        auth sufficient pam_fprintd.so
+        auth include login
+      '';
+    };
+  };
+
+  services = {
+    greetd = {
+      enable = true;
+      settings = {
+        initial_session = {
+          command = "uwsm start -- sway-uwsm.desktop";
+          user = "alisceon";
+        };
+        default_session = {
+          command = "${pkgs.tuigreet}/bin/tuigreet --time --cmd 'uwsm start -- sway-uwsm.desktop' --remember --asterisks''";
+          user = "greeter";
+        };
+      };
+    };
+
+    logind.settings.Login = {
+      HandleLidSwitch = "suspend";
+      HandleLidSwitchExternalPower = "suspend";
+    };
+
+    dbus.packages = [ pkgs.seahorse pkgs.gnome-keyring pkgs.gcr ];
+    gnome.gcr-ssh-agent.enable = true;
+    gvfs.enable = true;
+  };
+
+  users.users.alisceon.extraGroups = [ "video" "input" ];
+}