amaury_joly/nix-config
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

c'est le bordel un peu

Browse Source
This commit is contained in:
Amaury JOLY
2026-04-10 18:38:21 +02:00
parent 6105c58cda
commit b4f7205dce
22 changed files with 283 additions and 290 deletions
Download Patch File Download Diff File Expand all files Collapse all files

47
configuration-vmgaming.nix
View File

@@ -5,37 +5,27 @@
...
}: {
imports = [
./hosts/vmgaming/configuration.nix
./hosts/vmgaming
./modules/nixos/base.nix
./modules/nixos/desktop-i3.nix
./modules/nixos/parsec.nix
./modules/common/base.nix
./modules/common/desktop-i3.nix
./modules/common/parsec.nix
./modules/common/users.nix
./modules/laptop/users.nix
./modules/laptop/gaming.nix
];
networking.hostName = "VMGaming";
networking.useDHCP = lib.mkDefault true;
# Proxmox VM: boot in UEFI mode without touching host EFI variables.
boot.loader.grub = {
enable = true;
efiSupport = true;
efiInstallAsRemovable = true;
device = "nodev";
};
boot.loader.efi.canTouchEfiVariables = false;
boot.blacklistedKernelModules = ["nouveau"];
services.spice-vdagentd.enable = true;
services.qemuGuest.enable = true;
# services.spice-vdagentd.enable = true;
# Gaming VM guest optimizations
programs.gamemode.enable = true;
programs.gamescope.enable = true;
security.rtkit.enable = true;
# security.rtkit.enable = true;
services.pipewire = {
enable = true;
@@ -45,26 +35,9 @@
};
services.pulseaudio.enable = false;
hardware.graphics = {
enable = true;
enable32Bit = true;
};
# NVIDIA passthrough guest defaults.
# If you pass through an AMD GPU instead, replace with:
services.xserver.videoDrivers = ["nvidia"];
hardware.nvidia = {
modesetting.enable = true;
#powerManagement.enable = false;
open = false;
#nvidiaSettings = true;
package = config.boot.kernelPackages.nvidiaPackages.stable;
};
services.xserver.deviceSection = ''
Option "AllowEmptyInitialConfiguration"
'';
# services.xserver.deviceSection = ''
# Option "AllowEmptyInitialConfiguration"
# '';
powerManagement.cpuFreqGovernor = lib.mkDefault "performance";

22
configuration.nix
View File

@@ -8,17 +8,17 @@
./hosts/laptop/configuration.nix
# NixOS base modules
./modules/nixos/base.nix
./modules/nixos/yubikey.nix
./modules/nixos/desktop-i3.nix
./modules/nixos/net.nix
./modules/nixos/wireless-networks.nix
./modules/nixos/parsec.nix
./modules/common/base.nix
./modules/common/yubikey.nix
./modules/common/desktop-i3.nix
./modules/common/net.nix
./modules/common/parsec.nix
./modules/common/users.nix
./modules/common/obs.nix
# Laptop-specific modules
./modules/laptop/default.nix
./modules/laptop/fingerprint.nix
./modules/laptop/users.nix
./modules/laptop/home-manager.nix
./modules/laptop/bluetooth.nix
./modules/laptop/zwift.nix
@@ -62,4 +62,12 @@
custom.bluetooth.powerOnBoot = true;
custom.zwift.enable = true;
services.pipewire = {
enable = true;
alsa.enable = true;
alsa.support32Bit = true;
pulse.enable = true;
};
services.pulseaudio.enable = false;
}

72
devshells.nix Normal file
View File

@@ -0,0 +1,72 @@
{pkgs}: let
latexDevExtension = with pkgs.vscode-extensions; [
james-yu.latex-workshop
eamodio.gitlens
jebbs.plantuml
];
extensionJsonFile = pkgs.writeTextFile {
name = "vscode-exentsions-json";
destination = "/share/vscode/extension/extension.json";
text = pkgs.vscode-utils.toExtensionJson latexDevExtension;
};
seededExtension = pkgs.buildEnv {
name = "vscode-tex-seeded-extensions";
paths = latexDevExtension ++ [extensionJsonFile];
};
vscodeIsolated = pkgs.writeShellScriptBin "code" ''
set -euo pipefail
VSCODE_TEX_HOME="''${XDG_CACHE_HOME:-$HOME/.cache}/vscode-tex-shell"
USER_DATA_DIR="$VSCODE_TEX_HOME/user-data"
EXT_DIR="$VSCODE_TEX_HOME/extensions"
mkdir -p "$USER_DATA_DIR" "$EXT_DIR"
for ext in ${seededExtension}/share/vscode/extensions/*; do
name="$(basename "$ext")"
if [ ! -e "$EXT_DIR/$name" ]; then
ln -s "$ext" "$EXT_DIR/$name"
fi
done
exec ${pkgs.vscode}/bin/code \
--user-data-dir "$USER_DATA_DIR" \
--extensions-dir "$EXT_DIR" \
"$@"
'';
in {
default = pkgs.mkShell {
packages = [
vscodeIsolated
# pkgs.latexmk
(pkgs.texliveBasic.withPackages
(
ps: [
ps.beamer
ps.preprint
ps.tikz-ext
ps.latexmk
ps.microtype
ps.mathtools
ps.thmtools
ps.enumitem
ps.csquotes
ps.cleveref
ps.algorithm2e
ps.ifoddpage
ps.relsize
ps.amsfonts
ps.amsmath
ps.geometry
ps.hyperref
ps.lm
ps.xcolor
ps.datetime2
]
))
];
};
}

172
dotconfig/i3/config
View File

@@ -1,130 +1,76 @@
# This file has been auto-generated by i3-config-wizard(1).
# It will not be overwritten, so edit it as you like.
#
# Should you change your keyboard layout some time, delete
# this file and re-run i3-config-wizard(1).
#
# i3 config file (v4)
#
# Please see https://i3wm.org/docs/userguide.html for a complete reference!
# Reference: https://i3wm.org/docs/userguide.html
############################
# Appearance and globals
############################
set $mod Mod4
set $refresh_i3status killall -SIGUSR1 i3status
gaps inner 10
gaps outer 12
default_border pixel 0
default_floating_border pixel 0
set $mod Mod4
# Font for window titles. Will also be used by the bar unless a different font
# is used in the bar {} block below.
font pango:monospace 8
# https://thomashunter.name/i3-configurator/
# class border bground text indicator child_border
client.focused #2F4A36 #2F4A36 #FFFFFF #2F4A36 #2F4A36
client.focused_inactive #52805E #52805E #FFFFFF #484E50 #5F676A
client.unfocused #0A100B #0A100B #888888 #292D2E #222222
client.urgent #2F343A #900000 #FFFFFF #900000 #900000
client.placeholder #000000 #0C0C0C #FFFFFF #000000 #0C0C0C
client.background #FFFFFF
# This font is widely installed, provides lots of unicode glyphs, right-to-left
# text rendering and scalability on retina/hidpi displays (thanks to pango).
#font pango:DejaVu Sans Mono 8
# Start XDG autostart .desktop files using dex. See also
# https://wiki.archlinux.org/index.php/XDG_Autostart
############################
# Startup
############################
exec --no-startup-id dex --autostart --environment i3
# exec_always --no-startup-id /home/alice/.config/i3/autostart.sh
# The combination of xss-lock, nm-applet and pactl is a popular choice, so
# they are included here as an example. Modify as you see fit.
# xss-lock grabs a logind suspend inhibit lock and will use i3lock to lock the
# screen before suspend. Use loginctl lock-session to lock your screen.
exec --no-startup-id xss-lock --transfer-sleep-lock -- i3lock --nofork
# NetworkManager is the most popular way to manage wireless networks on Linux,
# and nm-applet is a desktop environment-independent system tray GUI for it.
# exec --no-startup-id nm-applet
# Use pactl to adjust volume in PulseAudio.
set $refresh_i3status killall -SIGUSR1 i3status
############################
# Audio
############################
bindsym XF86AudioRaiseVolume exec --no-startup-id pactl set-sink-volume @DEFAULT_SINK@ +10% && $refresh_i3status
bindsym XF86AudioLowerVolume exec --no-startup-id pactl set-sink-volume @DEFAULT_SINK@ -10% && $refresh_i3status
bindsym XF86AudioMute exec --no-startup-id pactl set-sink-mute @DEFAULT_SINK@ toggle && $refresh_i3status
bindsym XF86AudioMicMute exec --no-startup-id pactl set-source-mute @DEFAULT_SOURCE@ toggle && $refresh_i3status
# Use Mouse+$mod to drag floating windows to their wanted position
############################
# Core behavior
############################
floating_modifier $mod
# start a terminal
# bindsym $mod+Return exec i3-sensible-terminal
# kill focused window
bindsym $mod+Shift+Q kill
# start dmenu (a program launcher)
bindsym $mod+d exec --no-startup-id rofi -show drun -show-icons
# A more modern dmenu replacement is rofi:
# bindcode $mod+40 exec "rofi -modi drun,run -show drun"
# There also is i3-dmenu-desktop which only displays applications shipping a
# .desktop file. It is a wrapper around dmenu, so you need that installed.
# bindcode $mod+40 exec --no-startup-id i3-dmenu-desktop
bindsym $mod+Return exec alacritty
bindsym $mod+Tab exec rofi -show combi -show-icons
# change focus
# bindsym $mod+j focus left
# bindsym $mod+k focus down
# bindsym $mod+l focus up
# bindsym $mod+m focus right
# alternatively, you can use the cursor keys:
# Focus
bindsym $mod+Left focus left
bindsym $mod+Down focus down
bindsym $mod+Up focus up
bindsym $mod+Right focus right
# move focused window
# bindsym $mod+Shift+j move left
# bindsym $mod+Shift+k move down
# bindsym $mod+Shift+l move up
# bindsym $mod+Shift+M move right
# alternatively, you can use the cursor keys:
# Move windows
bindsym $mod+Shift+Left move left
bindsym $mod+Shift+Down move down
bindsym $mod+Shift+Up move up
bindsym $mod+Shift+Right move right
# split in horizontal orientation
# Layout
bindsym $mod+h split h
# split in vertical orientation
bindsym $mod+v split v
# enter fullscreen mode for the focused container
bindsym $mod+f fullscreen toggle
# change container layout (stacked, tabbed, toggle split)
bindsym $mod+s layout stacking
bindsym $mod+z layout tabbed
bindsym $mod+e layout toggle split
# toggle tiling / floating
bindsym $mod+Shift+space floating toggle
# change focus between tiling / floating windows
bindsym $mod+space focus mode_toggle
# focus the parent container
bindsym $mod+q focus parent
# focus the child container
#bindsym $mod+d focus child
# Define names for default workspaces for which we configure key bindings later on.
# We use variables to avoid repeating the names in multiple places.
############################
# Workspaces (AZERTY row)
############################
set $ws1 "1"
set $ws2 "2"
set $ws3 "3"
@@ -136,7 +82,6 @@ set $ws8 "8"
set $ws9 "9"
set $ws10 "10"
# switch to workspace
bindsym $mod+ampersand workspace number $ws1
bindsym $mod+eacute workspace number $ws2
bindsym $mod+quotedbl workspace number $ws3
@@ -148,7 +93,6 @@ bindsym $mod+underscore workspace number $ws8
bindsym $mod+ccedilla workspace number $ws9
bindsym $mod+agrave workspace number $ws10
# move focused container to workspace
bindsym $mod+Shift+1 move container to workspace number $ws1
bindsym $mod+Shift+eacute move container to workspace number $ws2
bindsym $mod+Shift+3 move container to workspace number $ws3
@@ -160,33 +104,25 @@ bindsym $mod+Shift+8 move container to workspace number $ws8
bindsym $mod+Shift+ccedilla move container to workspace number $ws9
bindsym $mod+Shift+agrave move container to workspace number $ws10
# reload the configuration file
bindsym $mod+p move workspace to output left
############################
# Session controls
############################
bindsym $mod+Shift+c reload
# restart i3 inplace (preserves your layout/session, can be used to upgrade i3)
bindsym $mod+Shift+r restart
# exit i3 (logs you out of your X session)
bindsym $mod+Shift+e exec "i3-nagbar -t warning -m 'You pressed the exit shortcut. Do you really want to exit i3? This will end your X session.' -B 'Yes, exit i3' 'i3-msg exit'"
bindsym $mod+Shift+l exec --no-startup-id i3lock -n -c 000000
# resize window (you can also use the mouse for that)
############################
# Resize mode
############################
mode "resize" {
# These bindings trigger as soon as you enter the resize mode
# Pressing left will shrink the windows width.
# Pressing right will grow the windows width.
# Pressing up will shrink the windows height.
# Pressing down will grow the windows height.
# bindsym j resize shrink width 10 px or 10 ppt
# bindsym k resize grow height 10 px or 10 ppt
# bindsym l resize shrink height 10 px or 10 ppt
# bindsym m resize grow width 10 px or 10 ppt
# same bindings, but for the arrow keys
bindsym Left resize shrink width 10 px or 10 ppt
bindsym Down resize grow height 10 px or 10 ppt
bindsym Up resize shrink height 10 px or 10 ppt
bindsym Right resize grow width 10 px or 10 ppt
# back to normal: Enter or Escape or $mod+r
bindsym Return mode "default"
bindsym Escape mode "default"
bindsym $mod+r mode "default"
@@ -194,41 +130,7 @@ mode "resize" {
bindsym $mod+r mode "resize"
# Start i3bar to display a workspace bar (plus the system information i3status
# finds out, if available)
# bar {
# status_command /home/alice/.config/polybar/start.sh
# }
# exec --no-startup-id tint2
# custom
exec_always --no-startup-id /home/alice/.config/i3/autostart.sh
exec_always --no-startup-id /home/alice/.config/polybar/start.sh
exec_always --no-startup-id picom
# exec_always --no-startup-id eww open frame
# exec_alwaysé --no-startup-id betterlockscreen -u /home/alice/.config/betterlockscreen -u /home/alice/wallpaper/ -l dimb
bindsym $mod+Shift+l exec --no-startup-id i3lock -c 000000
bindsym $mod+Return exec alacritty
bindsym $mod+Tab exec rofi -show combi -show-icons
bindsym $mod+p move workspace to output left
# bindsym $mod+m exec autorandr right_h
# bindsym $mod+Shift+m exec autorandr right_v
# bindsym $mod+k exec autorandr left_h
# bindsym $mod+Shift+k exec autorandr left_v
# bindsym $mod+l exec autorandr laptop
# bindsym $mod+o exec autorandr duplicate
## Screenshots
# bindsym Print exec --no-startup-id maim "/home/$USER/Pictures/$(date)"
# bindsym $mod+Print exec --no-startup-id maim --window $(xdotool getactivewindow) "/home/$USER/Pictures/$(date)"
# bindsym Shift+Print exec --no-startup-id maim --select "/home/$USER/Pictures/$(date)"
## Clipboard Screenshots
# bindsym Ctrl+Print exec --no-startup-id maim | xclip -selection clipboard -t image/png
# bindsym Ctrl+$mod+Print exec --no-startup-id maim --window $(xdotool getactivewindow) | xclip -selection clipboard -t image/png
############################
# Screenshots
############################
bindsym $mod+Shift+Print exec --no-startup-id maim --select | xclip -selection clipboard -t image/png

40
dotconfig/picom/picom.conf
View File

@@ -1,40 +0,0 @@
# Picom configuration file
# Backend
backend = "glx";
vsync = true;
use-damage = true;
# Shadows
shadow = true;
shadow-radius = 10;
shadow-offset-x = -5;
shadow-offset-y = -5;
shadow-opacity = 0.8;
# Opacity
frame-opacity = 1.0;
# Fading
fading = true;
fade-in-step = 0.03;
fade-out-step = 0.03;
fade-delta = 10;
corner-radius = 20;
# regles par application
rules: ({
match = "class_g = 'Alacritty'";
opacity = 0.8;
}, {
match = "class_g = 'i3-frame'";
corner-radius = 0;
} , {
match = "class_g = 'Polybar'";
corner-radius = 0;
} , {
match = "class_g = 'Eww'";
corner-radius = 0;
}
);

10
dotconfig/polybar/config.ini.model
View File

@@ -69,7 +69,7 @@ offset-y = 40
background = ${color.background}
modules-left = net-wireless
modules-center = fs-system
modules-right = volume
modules-right = defaultaudio volume
radius-top = 0
; =========================
@@ -218,10 +218,16 @@ format-muted = <label-muted>
label-muted = VOL mute
label-muted-foreground = ${color.foreground-dim}
[module/defaultaudio]
type = custom/script
exec = wpctl inspect @DEFAULT_AUDIO_SINK@ 2>/dev/null | awk -F'"' '/^[[:space:]]*device\.api = "bluez5"/ { bt=1 } /^[[:space:]]*media\.name = "/ { name=$2 } END { print (bt && name) ? name : "local" }'
interval = 3
label = %output%
[module/tray]
type = internal/tray
format-margin = 2
tray-spacing = 0
tray-spacing = 2
[module/ping-amaury]
type = custom/script

30
flake.lock generated
View File

@@ -65,11 +65,11 @@
]
},
"locked": {
"lastModified": 1775104157,
"narHash": "sha256-rm/7k0D2J9SP30pyZ2C1HqarDncZDN6KAUI0gzgg4TA=",
"lastModified": 1775622785,
"narHash": "sha256-/yFxO+7oS1SymDfJ2iVO7K5vJKcYfe9XGIJ+quLqz0Q=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "41e6e2ab37763c09db4e639033392cf40900440a",
"rev": "527e47b78fe67213072f706bf933a9705a8c4974",
"type": "github"
},
"original": {
@@ -102,11 +102,11 @@
},
"nixpkgs": {
"locked": {
"lastModified": 1775036866,
"narHash": "sha256-ZojAnPuCdy657PbTq5V0Y+AHKhZAIwSIT2cb8UgAz/U=",
"lastModified": 1775423009,
"narHash": "sha256-vPKLpjhIVWdDrfiUM8atW6YkIggCEKdSAlJPzzhkQlw=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "6201e203d09599479a3b3450ed24fa81537ebc4e",
"rev": "68d8aa3d661f0e6bd5862291b5bb263b2a6595c9",
"type": "github"
},
"original": {
@@ -141,11 +141,11 @@
"poetry2nix": "poetry2nix"
},
"locked": {
"lastModified": 1774890105,
"narHash": "sha256-nrbMvz/M3Yidq9oag9A4E2yctUn+S07GN2zf1JLsRA0=",
"lastModified": 1775547505,
"narHash": "sha256-DqQN57mJqoFSfgvC/VY+x2nLGN3gpAPZuQ4EqCuiPP0=",
"owner": "FirelightFlagboy",
"repo": "parsec-cloud-nix",
"rev": "7f1f18378e63ad82d138c756a75e721d08d9a6a2",
"rev": "ccd1531532d2aeaed550d973719ac3272ca3439b",
"type": "github"
},
"original": {
@@ -213,11 +213,11 @@
]
},
"locked": {
"lastModified": 1774910634,
"narHash": "sha256-B+rZDPyktGEjOMt8PcHKYmgmKoF+GaNAFJhguktXAo0=",
"lastModified": 1775619836,
"narHash": "sha256-VcC/+MMMldwQKcST2y/QTndGLusSxjeUvYwFwzZKKko=",
"owner": "Mic92",
"repo": "sops-nix",
"rev": "19bf3d8678fbbfbc173beaa0b5b37d37938db301",
"rev": "de5f2d596eb896a5728afcd15f823f59cb9ecfdb",
"type": "github"
},
"original": {
@@ -298,11 +298,11 @@
"nixpkgs": "nixpkgs_2"
},
"locked": {
"lastModified": 1774885989,
"narHash": "sha256-BhBjT/jts56x+6GArrYHhGzg4TM7et+wAKknvJvGfK0=",
"lastModified": 1775591480,
"narHash": "sha256-kgyMN5eOJwsOxnSszJ9709vKvp7vvSQ/t1AI8mJ11Sk=",
"owner": "netbrain",
"repo": "zwift",
"rev": "2ed245f8f481e60709f9aa719e246ab5d61facd2",
"rev": "f425356bdef3b5d0625dec6d860b23dc1efdef17",
"type": "github"
},
"original": {

25
flake.nix
View File

@@ -29,13 +29,16 @@
}: let
customConfig = import ./config.nix;
in
flake-utils.lib.eachDefaultSystem (system: let
pkgs = import nixpkgs {
inherit system;
config.allowUnfree = true;
};
in {
})
flake-utils.lib.eachDefaultSystem (
system: let
pkgs = import nixpkgs {
inherit system;
config.allowUnfree = true;
};
in {
devShells = import ./devshells.nix {inherit pkgs;};
}
)
// {
nixosConfigurations.laptop = nixpkgs.lib.nixosSystem {
modules = [
@@ -43,16 +46,11 @@
home-manager.nixosModules.home-manager
zwift.nixosModules.zwift
./configuration.nix
({
pkgs,
lib,
...
}: {
})
];
specialArgs = {
inherit customConfig;
inherit self;
parsec-cloud-nix = parsec-cloud-nix;
};
};
@@ -64,6 +62,7 @@
specialArgs = {
inherit customConfig;
inherit self;
parsec-cloud-nix = parsec-cloud-nix;
};
};

1
hosts/laptop/configuration.nix
View File

@@ -4,7 +4,6 @@
{
config,
lib,
pkgs,
modulesPath,
...
}: {

6
hosts/vmgaming/configuration.nix
View File

@@ -3,13 +3,8 @@
{
config,
lib,
modulesPath,
...
}: {
imports = [
(modulesPath + "/profiles/qemu-guest.nix")
];
boot.initrd.availableKernelModules = ["ata_piix" "uhci_hcd" "virtio_pci" "virtio_scsi" "sr_mod"];
boot.initrd.kernelModules = [];
boot.kernelModules = [];
@@ -36,7 +31,6 @@
swapDevices = [];
networking.useDHCP = lib.mkDefault true;
services.qemuGuest.enable = true;
hardware.xone.enable = true;

7
hosts/vmgaming/default.nix Normal file
View File

@@ -0,0 +1,7 @@
{...}: {
imports = [
./configuration.nix
./proxmox.nix
./nvidia.nix
];
}

14
hosts/vmgaming/nvidia.nix Normal file
View File

@@ -0,0 +1,14 @@
{config, ...}: {
services.xserver.videoDrivers = ["nvidia"];
hardware.graphics = {
enable = true;
};
hardware.nvidia = {
modesetting.enable = true;
open = false;
package = config.boot.kernelPackages.nvidiaPackages.stable;
nvidiaSettings = true;
};
}

16
hosts/vmgaming/proxmox.nix Normal file
View File

@@ -0,0 +1,16 @@
{modulesPath, ...}: {
imports = [
(modulesPath + "/profiles/qemu-guest.nix")
];
services.qemuGuest.enable = true;
boot.loader.grub = {
enable = true;
efiSupport = true;
efiInstallAsRemovable = true;
devices = ["nodev"];
};
boot.loader.efi.canTouchEfiVariables = false;
}

7
modules/nixos/base.nix → modules/common/base.nix
View File

@@ -5,6 +5,7 @@
{
pkgs,
customConfig,
self,
...
}: {
nix.settings = {
@@ -18,11 +19,13 @@
];
};
nix.registry.tex.flake = self;
programs.nh = {
enable = true;
clean.enable = true;
clean.extraArgs = "--keep-since 4d --keep 3";
flake = builtins.toString customConfig.configFlakePath;
flake = toString customConfig.configFlakePath;
};
nixpkgs.config.allowUnfree = true;
@@ -48,6 +51,8 @@
unzip
scream
nixd
alejandra
];
fonts.packages = with pkgs; [

61
modules/nixos/desktop-i3.nix → modules/common/desktop-i3.nix
View File

@@ -9,23 +9,70 @@
feh --bg-fill --no-xinerama Downloads/fire1.png
'';
in {
services.xserver.enable = true;
services.xserver.windowManager.i3.enable = true;
services.xserver.autorun = true;
services.xserver = {
enable = true;
windowManager.i3.enable = true;
autorun = true;
};
services.displayManager.defaultSession = "none+i3";
programs.i3lock.enable = true;
programs.xss-lock = {
enable = true;
lockerCommand = "${pkgs.i3lock}/bin/i3lock --nofork -c 000000";
extraOptions = ["--transfer-sleep-lock"];
};
services.logind.settings.Login = {
IdleAction = "suspend";
IdleActionSec = "15min";
HandleLidSwitch = "suspend";
};
services.picom = {
enable = true;
backend = "glx";
vSync = true;
shadow = true;
shadowOpacity = 0.8;
shadowOffsets = [(-5) (-5)];
fade = true;
fadeDelta = 10;
fadeSteps = [0.03 0.03];
opacityRules = [
"80:class_g = 'Alacritty'"
];
settings = {
use-damage = true;
shadow-radius = 10;
frame-opacity = 1.0;
corner-radius = 20;
rounded-corners-exclude = [
"class_g = 'i3-frame'"
"class_g = 'Polybar'"
];
};
};
environment.systemPackages = with pkgs; [
alacritty
tint2
awesome
maim
xclip
dunst
xss-lock
dex
rofi
polybarFull
oh-my-posh
picom
playerctl
zscroll
feh

2
modules/nixos/net.nix → modules/common/net.nix
View File

@@ -20,8 +20,6 @@
minisign_key = 'RWQf6LRCGA9i53mlYecO4IzT51TGPpvWucNSCh1CBM0QTaLn73Y7GFO3'
refresh_delay = 72
'';
userHome = "/home/${customConfig.username}";
in {
networking.nftables.enable = true;
networking.firewall = {

11
modules/common/obs.nix Normal file
View File

@@ -0,0 +1,11 @@
{pkgs, ...}: {
programs.obs-studio = {
enable = true;
enableVirtualCamera = true;
plugins = with pkgs.obs-studio-plugins; [
obs-pipewire-audio-capture
];
};
}

0
modules/nixos/parsec.nix → modules/common/parsec.nix
View File

3
modules/laptop/users.nix → modules/common/users.nix
View File

@@ -31,8 +31,6 @@
tcpdump
pandoc
libsecret
nixd
alejandra
# Communication
slack
@@ -49,6 +47,7 @@
prismlauncher # Minecraft launcher
# widelands # Strategy game
wasistlos # Game
signal-desktop
moonlight-qt # Game streaming
# System & Cloud

1
modules/nixos/yubikey.nix → modules/common/yubikey.nix
View File

@@ -1,5 +1,6 @@
# Module: YubiKey Authentication
# Description: Enables YubiKey-based PAM auth for login and sudo across systems
# TODO
{pkgs, ...}: {
security.pam.services = {
login.u2fAuth = true;

18
modules/nixos/wireless-networks.nix
View File

@@ -1,18 +0,0 @@
# Module: Wireless Networks Configuration (Encrypted)
# Description: WiFi networks configuration fully encrypted with sops-nix
# Security: Network names, SSIDs, and all configuration stored in encrypted secrets
# Files: ~/.config/secrets/wifi-networks.yaml (encrypted with sops)
# Note: The actual networks are loaded at runtime from the encrypted file
{
config,
lib,
pkgs,
...
}: {
# WiFi networks are loaded from encrypted file at runtime
# The file is in wpa_supplicant.conf format and gets included by wpa_supplicant
# This approach keeps network names and configuration completely private
# Note: If wifi-networks secret doesn't exist yet, this won't cause errors
# You can still use the old method (networking.wireless.networks in Nix) if needed
}

8
secrets/wifi-networks.yaml
View File

@@ -1,4 +1,4 @@
wifi-networks: ENC[AES256_GCM,data:jcHmQ+iXRW4+OeZlvMJsn7oz5Fn18BtflKwVO3eHFwAESGvXI1OZGdrO0KyH+JMftRQKgQsGsdsLtxCWQgvVUpisgsyw7EV2XnMVMARWFnVfRxX7MOIszhzJGOsrfLxWbaJ08kGYIkSoamKjQCfltdXnafHF74lZbWVI6iU2KyiRgUB9jUxo1spfeHBWRFH57fa9bWHELg/5Wn7B0AAvgdc/foArEGfbkCUdBWCrm2iR2guw/zeCkufcQdw4erhBIOSX2F48rHPcAwZKZrruut5VGqDBHpHf4++OTieA8lSd+s9LL6MecziieGL2LGEhQ9v0fdmwlvGFp6ADOJJwpwAiv0ApxLvm7dVEXbz3AN6mEhy4P2YjhiWsafOt2yBL2Dskm332ctXvGI8GR2o1d8kh/Dqf6KK/hFVdkV49HH2jr8tgive6pBAc9mPEvPfRopwOkk1cbeP9OL/WUBIAkWVMJcpSZla0TIWZidamnH46uBSX8PdsL3RKBnsTf/cC3QZnyLAWWS5pSZ3UVb5vfBZEyooDZNFfpRLAKoisGmZYOPQKGljrx0ijDz63kGgvE26OWEbgDiEgTXvLFVd2mf4czNDDo4QVdA26G/xb85ub5mEZNJLv/o24AMWeQcqivxMn4rdwjjBwypuqILjA/8qx+CKH1u9vCmsVCf6Rl+Sp9awzsulcxDS6Irs1Hu4loVDnzLo1JE7x8GU4CdiyQS/8huTvrpvWkB0aQJo0QoPh7mixP7R3fDIMUf+sB4mwl8bC2Km2ZCKl80b1SstsXOldnvK4KdXyo09LSUPJzeWE8r/qEegfTptuwLuuyUx+IPqB4qdd1cRCYSOkzJ6LGRFeqOzzOPjpucvVQeNzz8y5vskBWDgTj8+3XQ==,iv:gSu1E7qVgwEcc/k1WL49pMRHIiNRfKGS70srW1JWfqI=,tag:lW1TTxSiBv7EDTHDSNztig==,type:str]
wifi-networks: ENC[AES256_GCM,data:ttpUrmiypU54BtQb4eSopI5iLt5OFS3v+WPWD9NiyQGbLcV9ABOr4CbGAbUOZqBAZgBJj4Byh6mdx5rNUiSk3pefJyJsXDEttGeFV+acOaw6fmyL8iFWV/lw5fQgzvWlM1rDJLq9WFwVMaNXrL+j8Gpgv/afOQbTa9WiBRh7pEjpAtR6wgRrGrT4Qby9xeoJYIVummilpP9ktAkXVQ7LtvFi2Xow02MFjzq9X9Yy+HjWE4MUDGTMkD1fAOTUq0UBwD2CoFGFceBLEFH7pwJt0PRJEMEtcsolV4nh1KyvHcCkiTR4C/jaC1ZFLbJdsAYf57paqASnRzJDiaR3EwpHlShTvvYSH0sMRZwaxNPJsP7CoYOfojIbVTUoc2bQWz6f4vow5RQRkMlIZ85ZUF46X3HOc3YdaDEFEeLvybgAbhF4X+LwjANc4iEy1SvU/oX/57U+L/urwtPgXIZvX3MDAM4VOotzK6WOUDVokTie24AZuIeSLrEvUJaurqSvzVc+qIvnt6Oigz7l7pNRnJ1auNUnaooAQdM1gwcFg/6sd6JwMgLN/aGd+bNcAohtPb+YlNdPmlZSvZIsTOSbzd1ouBg/CQSdo4GrtREymcaKI9pAQ55NOJqXQuB1LETBflENf2OiKRt555M2z38Zk0nXrhbldI1jMcxvGy/jKweJlpOqvheLIWKyT08P63tQ/UHIO7DxOL4DMlvNZi+pUG9I0XkiBeWi2J4EJwwP8gYAVjw2SxkJIbz1pzYFcLJfJnowbxpBcaHElDYRC87XfTT7LJapCkK6umDQyBjYInYyYyoJBcOaWJFEKpdA00pIsxNAwVY3D2bbqu5wNJ22KgVVAK8kRrkYha12kJt278BokZFKT910ZVZFEtb6uTycztEsvuHnUTbm8ujk19LwgUD9VYkoDb5JA7OMXF/Xo1DmSMbJkma/ghYQyhcsQt8fwXItTTFnnT6PGsj1,iv:J77cp8CzWyvfKTylOksLqlf7/HyqVjiZ8dQmVc10sqc=,tag:eqE7D/l4Pu1IKDovzNz2fw==,type:str]
sops:
age:
- recipient: age1hhyew9sv8lqqfeza92jkxsdudhsgaef66cxalp06ez2cm9k6aqysc7mlf7
@@ -10,7 +10,7 @@ sops:
NENiek9YeUhXNFhuZkZzRnBIYXdGY2cKpfSlzP7uK6VFl71OYfoHBxAwrKfpJSNT
QQUngSh6VBrWeJIxoMkJ7O+xSgwZnWc0fnrB+OpoRqy5YVctSmHERg==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2026-03-21T09:20:19Z"
mac: ENC[AES256_GCM,data:20EScEe1X57+zwxObnNTgnG57acwJGLVjXOlN9rbh1Wq0F5Ve6Z4zmiv9AFz3GBOfE2n1T9Q9GcVV5T8PNreaM8tFATBdCihTebxESq0DPhcinReaMMftH+p/785z5zCCYvBR2QV+vmt24pcOH+h8H6X2LnjL3yo1uYx4PafFDE=,iv:xJ29oD17LqXX8KDStKl0SsTASi/7TrDX8f7pAsapWbI=,tag:S/zXh5d4TLfIH7J33ej4cA==,type:str]
lastmodified: "2026-04-06T08:15:15Z"
mac: ENC[AES256_GCM,data:Y9rEWXkTcDaoBtWhQ6RepnaaPUZujA6oeHhG/YdvhLLo0Nq3Or6F59YXaArwmTcOxjJzUP0eaUphZYuinVZKomMkxeFfm6ms4Tg6VHDzCxpmrwJgvWCjmmy69jrFm75l6D/Q1WeGqijsxuOCitYjgpfIDnfwomx1RPWTWNrs77M=,iv:gBspVAUPd8AexuAqKeMcuMDA9HVTXKkl87wntGUOtz0=,tag:B3yFoxu+Qs84bJQDJ6brKQ==,type:str]
unencrypted_suffix: _unencrypted
version: 3.12.1
version: 3.12.2