c'est le bordel un peu

config.nix

@@ -1,7 +1,6 @@
 # Central Configuration
 # Define user-specific and system-specific values here
 # This file should be imported in flake.nix as specialArgs
-
 {
   # User configuration
   username = "alice";

configuration-vmgaming.nix

@@ -1,38 +1,31 @@
-{ config, lib, pkgs, ... }:
-
 {
+  config,
+  lib,
+  pkgs,
+  ...
+}: {
   imports = [
-    ./hosts/vmgaming/configuration.nix
+    ./hosts/vmgaming
 
-    ./modules/nixos/base.nix
+    ./modules/common/base.nix
-    ./modules/nixos/desktop-i3.nix
+    ./modules/common/desktop-i3.nix
-    ./modules/nixos/parsec.nix
+    ./modules/common/parsec.nix
+    ./modules/common/users.nix
 
-    ./modules/laptop/users.nix
     ./modules/laptop/gaming.nix
   ];
 
   networking.hostName = "VMGaming";
   networking.useDHCP = lib.mkDefault true;
 
-  # Proxmox VM: boot in UEFI mode without touching host EFI variables.
-  boot.loader.grub = {
-    enable = true;
-    efiSupport = true;
-    efiInstallAsRemovable = true;
-    device = "nodev";
-  };
-  boot.loader.efi.canTouchEfiVariables = false;
-
   boot.blacklistedKernelModules = ["nouveau"];
 
-  services.spice-vdagentd.enable = true;
+  # services.spice-vdagentd.enable = true;
-  services.qemuGuest.enable = true;
 
   # Gaming VM guest optimizations
   programs.gamemode.enable = true;
   programs.gamescope.enable = true;
-  security.rtkit.enable = true;
+  # security.rtkit.enable = true;
 
   services.pipewire = {
     enable = true;
@@ -42,26 +35,9 @@
   };
   services.pulseaudio.enable = false;
 
-  hardware.graphics = {
+  # services.xserver.deviceSection = ''
-    enable = true;
+  #   Option "AllowEmptyInitialConfiguration"
-    enable32Bit = true;
+  # '';
-  };
-
-  # NVIDIA passthrough guest defaults.
-  # If you pass through an AMD GPU instead, replace with:
-  services.xserver.videoDrivers = [ "nvidia" ];
-
-  hardware.nvidia = {
-    modesetting.enable = true;
-    #powerManagement.enable = false;
-    open = false;
-    #nvidiaSettings = true;
-    package = config.boot.kernelPackages.nvidiaPackages.stable;
-  };
-
-  services.xserver.deviceSection = ''
-    Option "AllowEmptyInitialConfiguration"
-  '';
 
   powerManagement.cpuFreqGovernor = lib.mkDefault "performance";
 

configuration.nix

@@ -1,22 +1,24 @@
-{ config, pkgs, ... }:
-
 {
+  config,
+  pkgs,
+  ...
+}: {
   imports = [
     # Hardware configuration
     ./hosts/laptop/configuration.nix
 
     # NixOS base modules
-    ./modules/nixos/base.nix
+    ./modules/common/base.nix
-    ./modules/nixos/yubikey.nix
+    ./modules/common/yubikey.nix
-    ./modules/nixos/desktop-i3.nix
+    ./modules/common/desktop-i3.nix
-    ./modules/nixos/net.nix
+    ./modules/common/net.nix
-    ./modules/nixos/wireless-networks.nix
+    ./modules/common/parsec.nix
-    ./modules/nixos/parsec.nix
+    ./modules/common/users.nix
+    ./modules/common/obs.nix
 
     # Laptop-specific modules
     ./modules/laptop/default.nix
     ./modules/laptop/fingerprint.nix
-    ./modules/laptop/users.nix
     ./modules/laptop/home-manager.nix
     ./modules/laptop/bluetooth.nix
     ./modules/laptop/zwift.nix
@@ -60,4 +62,12 @@
   custom.bluetooth.powerOnBoot = true;
 
   custom.zwift.enable = true;
+
+  services.pipewire = {
+    enable = true;
+    alsa.enable = true;
+    alsa.support32Bit = true;
+    pulse.enable = true;
+  };
+  services.pulseaudio.enable = false;
 }

devshells.nix

@@ -0,0 +1,72 @@
+{pkgs}: let
+  latexDevExtension = with pkgs.vscode-extensions; [
+    james-yu.latex-workshop
+    eamodio.gitlens
+    jebbs.plantuml
+  ];
+
+  extensionJsonFile = pkgs.writeTextFile {
+    name = "vscode-exentsions-json";
+    destination = "/share/vscode/extension/extension.json";
+    text = pkgs.vscode-utils.toExtensionJson latexDevExtension;
+  };
+
+  seededExtension = pkgs.buildEnv {
+    name = "vscode-tex-seeded-extensions";
+    paths = latexDevExtension ++ [extensionJsonFile];
+  };
+
+  vscodeIsolated = pkgs.writeShellScriptBin "code" ''
+    set -euo pipefail
+
+    VSCODE_TEX_HOME="''${XDG_CACHE_HOME:-$HOME/.cache}/vscode-tex-shell"
+    USER_DATA_DIR="$VSCODE_TEX_HOME/user-data"
+    EXT_DIR="$VSCODE_TEX_HOME/extensions"
+
+    mkdir -p "$USER_DATA_DIR" "$EXT_DIR"
+
+    for ext in ${seededExtension}/share/vscode/extensions/*; do
+      name="$(basename "$ext")"
+      if [ ! -e "$EXT_DIR/$name" ]; then
+        ln -s "$ext" "$EXT_DIR/$name"
+      fi
+    done
+
+    exec ${pkgs.vscode}/bin/code \
+      --user-data-dir "$USER_DATA_DIR" \
+      --extensions-dir "$EXT_DIR" \
+      "$@"
+  '';
+in {
+  default = pkgs.mkShell {
+    packages = [
+      vscodeIsolated
+      # pkgs.latexmk
+      (pkgs.texliveBasic.withPackages
+        (
+          ps: [
+            ps.beamer
+            ps.preprint
+            ps.tikz-ext
+            ps.latexmk
+            ps.microtype
+            ps.mathtools
+            ps.thmtools
+            ps.enumitem
+            ps.csquotes
+            ps.cleveref
+            ps.algorithm2e
+            ps.ifoddpage
+            ps.relsize
+            ps.amsfonts
+            ps.amsmath
+            ps.geometry
+            ps.hyperref
+            ps.lm
+            ps.xcolor
+            ps.datetime2
+          ]
+        ))
+    ];
+  };
+}

dotconfig/i3/config

@@ -1,130 +1,76 @@
-# This file has been auto-generated by i3-config-wizard(1).
-# It will not be overwritten, so edit it as you like.
-#
-# Should you change your keyboard layout some time, delete
-# this file and re-run i3-config-wizard(1).
-#
-
 # i3 config file (v4)
-#
+# Reference: https://i3wm.org/docs/userguide.html
-# Please see https://i3wm.org/docs/userguide.html for a complete reference!
+
+############################
+# Appearance and globals
+############################
+set $mod Mod4
+set $refresh_i3status killall -SIGUSR1 i3status
 
 gaps inner 10
 gaps outer 12
 default_border pixel 0
 default_floating_border pixel 0
-
-set $mod Mod4
-
-# Font for window titles. Will also be used by the bar unless a different font
-# is used in the bar {} block below.
 font pango:monospace 8
 
-# https://thomashunter.name/i3-configurator/
 # class                 border  bground text    indicator child_border
 client.focused          #2F4A36 #2F4A36 #FFFFFF #2F4A36   #2F4A36
 client.focused_inactive #52805E #52805E #FFFFFF #484E50   #5F676A
 client.unfocused        #0A100B #0A100B #888888 #292D2E   #222222
 client.urgent           #2F343A #900000 #FFFFFF #900000   #900000
 client.placeholder      #000000 #0C0C0C #FFFFFF #000000   #0C0C0C
-
 client.background       #FFFFFF
 
-# This font is widely installed, provides lots of unicode glyphs, right-to-left
+############################
-# text rendering and scalability on retina/hidpi displays (thanks to pango).
+# Startup
-#font pango:DejaVu Sans Mono 8
+############################
-
-# Start XDG autostart .desktop files using dex. See also
-# https://wiki.archlinux.org/index.php/XDG_Autostart
 exec --no-startup-id dex --autostart --environment i3
+# exec_always --no-startup-id /home/alice/.config/i3/autostart.sh
 
-# The combination of xss-lock, nm-applet and pactl is a popular choice, so
+############################
-# they are included here as an example. Modify as you see fit.
+# Audio
-
+############################
-# xss-lock grabs a logind suspend inhibit lock and will use i3lock to lock the
-# screen before suspend. Use loginctl lock-session to lock your screen.
-exec --no-startup-id xss-lock --transfer-sleep-lock -- i3lock --nofork
-
-# NetworkManager is the most popular way to manage wireless networks on Linux,
-# and nm-applet is a desktop environment-independent system tray GUI for it.
-# exec --no-startup-id nm-applet
-
-# Use pactl to adjust volume in PulseAudio.
-set $refresh_i3status killall -SIGUSR1 i3status
 bindsym XF86AudioRaiseVolume exec --no-startup-id pactl set-sink-volume @DEFAULT_SINK@ +10% && $refresh_i3status
 bindsym XF86AudioLowerVolume exec --no-startup-id pactl set-sink-volume @DEFAULT_SINK@ -10% && $refresh_i3status
 bindsym XF86AudioMute exec --no-startup-id pactl set-sink-mute @DEFAULT_SINK@ toggle && $refresh_i3status
 bindsym XF86AudioMicMute exec --no-startup-id pactl set-source-mute @DEFAULT_SOURCE@ toggle && $refresh_i3status
 
-# Use Mouse+$mod to drag floating windows to their wanted position
+############################
+# Core behavior
+############################
 floating_modifier $mod
 
-# start a terminal
-# bindsym $mod+Return exec i3-sensible-terminal
-
-# kill focused window
 bindsym $mod+Shift+Q kill
-
-# start dmenu (a program launcher)
 bindsym $mod+d exec --no-startup-id rofi -show drun -show-icons
-# A more modern dmenu replacement is rofi:
+bindsym $mod+Return exec alacritty
-# bindcode $mod+40 exec "rofi -modi drun,run -show drun"
+bindsym $mod+Tab exec rofi -show combi -show-icons
-# There also is i3-dmenu-desktop which only displays applications shipping a
-# .desktop file. It is a wrapper around dmenu, so you need that installed.
-# bindcode $mod+40 exec --no-startup-id i3-dmenu-desktop
 
-# change focus
+# Focus
-# bindsym $mod+j focus left
-# bindsym $mod+k focus down
-# bindsym $mod+l focus up
-# bindsym $mod+m focus right
-
-# alternatively, you can use the cursor keys:
 bindsym $mod+Left focus left
 bindsym $mod+Down focus down
 bindsym $mod+Up focus up
 bindsym $mod+Right focus right
 
-# move focused window
+# Move windows
-# bindsym $mod+Shift+j move left
-# bindsym $mod+Shift+k move down
-# bindsym $mod+Shift+l move up
-# bindsym $mod+Shift+M move right
-
-# alternatively, you can use the cursor keys:
 bindsym $mod+Shift+Left move left
 bindsym $mod+Shift+Down move down
 bindsym $mod+Shift+Up move up
 bindsym $mod+Shift+Right move right
 
-# split in horizontal orientation
+# Layout
 bindsym $mod+h split h
-
-# split in vertical orientation
 bindsym $mod+v split v
-
-# enter fullscreen mode for the focused container
 bindsym $mod+f fullscreen toggle
-
-# change container layout (stacked, tabbed, toggle split)
 bindsym $mod+s layout stacking
 bindsym $mod+z layout tabbed
 bindsym $mod+e layout toggle split
-
-# toggle tiling / floating
 bindsym $mod+Shift+space floating toggle
-
-# change focus between tiling / floating windows
 bindsym $mod+space focus mode_toggle
-
-# focus the parent container
 bindsym $mod+q focus parent
 
-# focus the child container
+############################
-#bindsym $mod+d focus child
+# Workspaces (AZERTY row)
-
+############################
-# Define names for default workspaces for which we configure key bindings later on.
-# We use variables to avoid repeating the names in multiple places.
 set $ws1 "1"
 set $ws2 "2"
 set $ws3 "3"
@@ -136,7 +82,6 @@ set $ws8 "8"
 set $ws9 "9"
 set $ws10 "10"
 
-# switch to workspace
 bindsym $mod+ampersand workspace number $ws1
 bindsym $mod+eacute workspace number $ws2
 bindsym $mod+quotedbl workspace number $ws3
@@ -148,7 +93,6 @@ bindsym $mod+underscore workspace number $ws8
 bindsym $mod+ccedilla workspace number $ws9
 bindsym $mod+agrave workspace number $ws10
 
-# move focused container to workspace
 bindsym $mod+Shift+1 move container to workspace number $ws1
 bindsym $mod+Shift+eacute move container to workspace number $ws2
 bindsym $mod+Shift+3 move container to workspace number $ws3
@@ -160,33 +104,25 @@ bindsym $mod+Shift+8 move container to workspace number $ws8
 bindsym $mod+Shift+ccedilla move container to workspace number $ws9
 bindsym $mod+Shift+agrave move container to workspace number $ws10
 
-# reload the configuration file
+bindsym $mod+p move workspace to output left
+
+############################
+# Session controls
+############################
 bindsym $mod+Shift+c reload
-# restart i3 inplace (preserves your layout/session, can be used to upgrade i3)
 bindsym $mod+Shift+r restart
-# exit i3 (logs you out of your X session)
 bindsym $mod+Shift+e exec "i3-nagbar -t warning -m 'You pressed the exit shortcut. Do you really want to exit i3? This will end your X session.' -B 'Yes, exit i3' 'i3-msg exit'"
+bindsym $mod+Shift+l exec --no-startup-id i3lock -n -c 000000
 
-# resize window (you can also use the mouse for that)
+############################
+# Resize mode
+############################
 mode "resize" {
-        # These bindings trigger as soon as you enter the resize mode
-
-        # Pressing left will shrink the window’s width.
-        # Pressing right will grow the window’s width.
-        # Pressing up will shrink the window’s height.
-        # Pressing down will grow the window’s height.
-        # bindsym j resize shrink width 10 px or 10 ppt
-        # bindsym k resize grow height 10 px or 10 ppt
-        # bindsym l resize shrink height 10 px or 10 ppt
-        # bindsym m resize grow width 10 px or 10 ppt
-
-        # same bindings, but for the arrow keys
         bindsym Left resize shrink width 10 px or 10 ppt
         bindsym Down resize grow height 10 px or 10 ppt
         bindsym Up resize shrink height 10 px or 10 ppt
         bindsym Right resize grow width 10 px or 10 ppt
 
-        # back to normal: Enter or Escape or $mod+r
         bindsym Return mode "default"
         bindsym Escape mode "default"
         bindsym $mod+r mode "default"
@@ -194,41 +130,7 @@ mode "resize" {
 
 bindsym $mod+r mode "resize"
 
-# Start i3bar to display a workspace bar (plus the system information i3status
+############################
-# finds out, if available)
+# Screenshots
-# bar {
+############################
-#         status_command /home/alice/.config/polybar/start.sh
-# }
-# exec --no-startup-id tint2
-
-# custom
-exec_always --no-startup-id /home/alice/.config/i3/autostart.sh
-exec_always --no-startup-id /home/alice/.config/polybar/start.sh
-exec_always --no-startup-id picom
-# exec_always --no-startup-id eww open frame
-# exec_alwaysé --no-startup-id betterlockscreen -u /home/alice/.config/betterlockscreen -u /home/alice/wallpaper/ -l dimb
-
-bindsym $mod+Shift+l exec --no-startup-id i3lock -c 000000
-
-bindsym $mod+Return exec alacritty
-
-bindsym $mod+Tab exec rofi -show combi -show-icons
-
-bindsym $mod+p move workspace to output left
-
-# bindsym $mod+m exec autorandr right_h
-# bindsym $mod+Shift+m exec autorandr right_v
-# bindsym $mod+k exec autorandr left_h
-# bindsym $mod+Shift+k exec autorandr left_v
-# bindsym $mod+l exec autorandr laptop
-# bindsym $mod+o exec autorandr duplicate
-
-## Screenshots
-# bindsym Print exec --no-startup-id maim "/home/$USER/Pictures/$(date)"
-# bindsym $mod+Print exec --no-startup-id maim --window $(xdotool getactivewindow) "/home/$USER/Pictures/$(date)"
-# bindsym Shift+Print exec --no-startup-id maim --select "/home/$USER/Pictures/$(date)"
-
-## Clipboard Screenshots
-# bindsym Ctrl+Print exec --no-startup-id maim | xclip -selection clipboard -t image/png
-# bindsym Ctrl+$mod+Print exec --no-startup-id maim --window $(xdotool getactivewindow) | xclip -selection clipboard -t image/png
 bindsym $mod+Shift+Print exec --no-startup-id maim --select | xclip -selection clipboard -t image/png

dotconfig/picom/picom.conf

@@ -1,40 +0,0 @@
-# Picom configuration file
-
-# Backend
-backend = "glx";
-vsync = true;
-use-damage = true;
-
-# Shadows
-shadow = true;
-shadow-radius = 10;
-shadow-offset-x = -5;
-shadow-offset-y = -5;
-shadow-opacity = 0.8;
-
-# Opacity
-frame-opacity = 1.0;
-
-# Fading
-fading = true;
-fade-in-step = 0.03;
-fade-out-step = 0.03;
-fade-delta = 10;
-
-corner-radius = 20;
-
-# regles par application
-rules: ({
-    match = "class_g = 'Alacritty'";
-    opacity = 0.8;
-}, {
-    match = "class_g = 'i3-frame'";
-    corner-radius = 0;
-} , {
-    match = "class_g = 'Polybar'";
-    corner-radius = 0;
-} , {
-    match = "class_g = 'Eww'";
-    corner-radius = 0;
-}
-);

dotconfig/polybar/config.ini.model

@@ -69,7 +69,7 @@ offset-y = 40
 background = ${color.background}
 modules-left = net-wireless
 modules-center = fs-system
-modules-right = volume
+modules-right = defaultaudio volume
 radius-top = 0
 
 ; =========================
@@ -218,10 +218,16 @@ format-muted = <label-muted>
 label-muted = VOL mute
 label-muted-foreground = ${color.foreground-dim}
 
+[module/defaultaudio]
+type = custom/script
+exec = wpctl inspect @DEFAULT_AUDIO_SINK@ 2>/dev/null | awk -F'"' '/^[[:space:]]*device\.api = "bluez5"/ { bt=1 } /^[[:space:]]*media\.name = "/ { name=$2 } END { print (bt && name) ? name : "local" }'
+interval = 3
+label = %output%
+
 [module/tray]
 type = internal/tray
 format-margin = 2
-tray-spacing = 0
+tray-spacing = 2
 
 [module/ping-amaury]
 type = custom/script

flake.lock

@@ -1,28 +1,5 @@
 {
   "nodes": {
-    "claude-desktop": {
-      "inputs": {
-        "flake-utils": [
-          "flake-utils"
-        ],
-        "nixpkgs": [
-          "nixpkgs"
-        ]
-      },
-      "locked": {
-        "lastModified": 1764098187,
-        "narHash": "sha256-H6JjWXhKqxZ8QLMoqndZx9e5x0Sv5AiipSmqvIxIbgo=",
-        "owner": "k3d3",
-        "repo": "claude-desktop-linux-flake",
-        "rev": "b2b040cb68231d2118906507d9cc8fd181ca6308",
-        "type": "github"
-      },
-      "original": {
-        "owner": "k3d3",
-        "repo": "claude-desktop-linux-flake",
-        "type": "github"
-      }
-    },
     "fenix": {
       "inputs": {
         "nixpkgs": [
@@ -32,11 +9,11 @@
         "rust-analyzer-src": "rust-analyzer-src"
       },
       "locked": {
-        "lastModified": 1773646590,
+        "lastModified": 1774857716,
-        "narHash": "sha256-qwnecNC3DB0hSu6MvU27xh/Mg9uPbmmg7d1wBOtO7ds=",
+        "narHash": "sha256-z05BKQ6F9/6H2/ecIYEXuq54JCUEiOpdYXTQIijB/wM=",
         "owner": "nix-community",
         "repo": "fenix",
-        "rev": "350a4df2afc34c1ae115173e0509cec7067a06c9",
+        "rev": "9ad9c53e902485e006c07ae54a7dd4ad55a8c4d8",
         "type": "github"
       },
       "original": {
@@ -88,11 +65,11 @@
         ]
       },
       "locked": {
-        "lastModified": 1774007980,
+        "lastModified": 1775622785,
-        "narHash": "sha256-FOnZjElEI8pqqCvB6K/1JRHTE8o4rer8driivTpq2uo=",
+        "narHash": "sha256-/yFxO+7oS1SymDfJ2iVO7K5vJKcYfe9XGIJ+quLqz0Q=",
         "owner": "nix-community",
         "repo": "home-manager",
-        "rev": "9670de2921812bc4e0452f6e3efd8c859696c183",
+        "rev": "527e47b78fe67213072f706bf933a9705a8c4974",
         "type": "github"
       },
       "original": {
@@ -125,11 +102,11 @@
     },
     "nixpkgs": {
       "locked": {
-        "lastModified": 1773821835,
+        "lastModified": 1775423009,
-        "narHash": "sha256-TJ3lSQtW0E2JrznGVm8hOQGVpXjJyXY2guAxku2O9A4=",
+        "narHash": "sha256-vPKLpjhIVWdDrfiUM8atW6YkIggCEKdSAlJPzzhkQlw=",
         "owner": "NixOS",
         "repo": "nixpkgs",
-        "rev": "b40629efe5d6ec48dd1efba650c797ddbd39ace0",
+        "rev": "68d8aa3d661f0e6bd5862291b5bb263b2a6595c9",
         "type": "github"
       },
       "original": {
@@ -164,11 +141,11 @@
         "poetry2nix": "poetry2nix"
       },
       "locked": {
-        "lastModified": 1773927313,
+        "lastModified": 1775547505,
-        "narHash": "sha256-2XjQPMd79Z5hOS67rjCuDyiIW4I7XpBe/7yYRSyhA8k=",
+        "narHash": "sha256-DqQN57mJqoFSfgvC/VY+x2nLGN3gpAPZuQ4EqCuiPP0=",
         "owner": "FirelightFlagboy",
         "repo": "parsec-cloud-nix",
-        "rev": "b45bbf594b3031583c5b2c9609f6c5ebdc4df903",
+        "rev": "ccd1531532d2aeaed550d973719ac3272ca3439b",
         "type": "github"
       },
       "original": {
@@ -204,7 +181,6 @@
     },
     "root": {
       "inputs": {
-        "claude-desktop": "claude-desktop",
         "flake-utils": "flake-utils",
         "home-manager": "home-manager",
         "nixpkgs": "nixpkgs",
@@ -216,11 +192,11 @@
     "rust-analyzer-src": {
       "flake": false,
       "locked": {
-        "lastModified": 1773543526,
+        "lastModified": 1774787924,
-        "narHash": "sha256-CKmkYqUi2pI1uDGDfpK0mkZbRLyjUKCpYDU3eMHtmks=",
+        "narHash": "sha256-Cbpmf0+1pqi/zbpub2vkp5lTPx3QdVtDkkagDwQzHHg=",
         "owner": "rust-lang",
         "repo": "rust-analyzer",
-        "rev": "90c8906e6443e7cee18cece9c2621a8b1c10794c",
+        "rev": "f1297b21119565c626320c1ffc248965fffb2527",
         "type": "github"
       },
       "original": {
@@ -237,11 +213,11 @@
         ]
       },
       "locked": {
-        "lastModified": 1773889674,
+        "lastModified": 1775619836,
-        "narHash": "sha256-+ycaiVAk3MEshJTg35cBTUa0MizGiS+bgpYw/f8ohkg=",
+        "narHash": "sha256-VcC/+MMMldwQKcST2y/QTndGLusSxjeUvYwFwzZKKko=",
         "owner": "Mic92",
         "repo": "sops-nix",
-        "rev": "29b6519f3e0780452bca0ac0be4584f04ac16cc5",
+        "rev": "de5f2d596eb896a5728afcd15f823f59cb9ecfdb",
         "type": "github"
       },
       "original": {
@@ -322,11 +298,11 @@
         "nixpkgs": "nixpkgs_2"
       },
       "locked": {
-        "lastModified": 1773655023,
+        "lastModified": 1775591480,
-        "narHash": "sha256-89jAxVhDIm6nFTBX3eM53NjLm36egOXYJGoPDogN4iE=",
+        "narHash": "sha256-kgyMN5eOJwsOxnSszJ9709vKvp7vvSQ/t1AI8mJ11Sk=",
         "owner": "netbrain",
         "repo": "zwift",
-        "rev": "a015de248bac88a3eec734b6565a86e10214a486",
+        "rev": "f425356bdef3b5d0625dec6d860b23dc1efdef17",
         "type": "github"
       },
       "original": {

flake.nix

@@ -14,46 +14,44 @@
       inputs.nixpkgs.follows = "nixpkgs";
     };
 
-    claude-desktop = {
-      url = "github:k3d3/claude-desktop-linux-flake";
-      inputs.nixpkgs.follows = "nixpkgs";
-      inputs.flake-utils.follows = "flake-utils";
-    };
-
     zwift.url = "github:netbrain/zwift";
   };
 
-  outputs = { self, nixpkgs, sops-nix, home-manager, zwift, flake-utils, parsec-cloud-nix, claude-desktop, ... }:
+  outputs = {
-    let
+    self,
+    nixpkgs,
+    sops-nix,
+    home-manager,
+    zwift,
+    flake-utils,
+    parsec-cloud-nix,
+    ...
+  }: let
     customConfig = import ./config.nix;
   in
-    flake-utils.lib.eachDefaultSystem (system:
+    flake-utils.lib.eachDefaultSystem (
-      let
+      system: let
         pkgs = import nixpkgs {
           inherit system;
           config.allowUnfree = true;
         };
       in {
-      }) //
+        devShells = import ./devshells.nix {inherit pkgs;};
-    {
+      }
+    )
+    // {
       nixosConfigurations.laptop = nixpkgs.lib.nixosSystem {
         modules = [
           sops-nix.nixosModules.sops
           home-manager.nixosModules.home-manager
           zwift.nixosModules.zwift
           ./configuration.nix
-          ({ pkgs, lib, ...}: 
-          {
-            environment.systemPackages = with pkgs; [
-              claude-desktop.packages.${pkgs.stdenv.hostPlatform.system}.claude-desktop-with-fhs
-            ];
-          })
         ];
 
         specialArgs = {
           inherit customConfig;
+          inherit self;
           parsec-cloud-nix = parsec-cloud-nix;
-          claude-desktop = claude-desktop;
         };
       };
 
@@ -64,8 +62,8 @@
 
         specialArgs = {
           inherit customConfig;
+          inherit self;
           parsec-cloud-nix = parsec-cloud-nix;
-          claude-desktop = claude-desktop;
         };
       };
     };

hosts/laptop/configuration.nix

@@ -1,11 +1,14 @@
 # Do not modify this file!  It was generated by ‘nixos-generate-config’
 # and may be overwritten by future invocations.  Please make changes
 # to /etc/nixos/configuration.nix instead.
-{ config, lib, pkgs, modulesPath, ... }:
-
 {
-  imports =
+  config,
-    [ (modulesPath + "/installer/scan/not-detected.nix")
+  lib,
+  modulesPath,
+  ...
+}: {
+  imports = [
+    (modulesPath + "/installer/scan/not-detected.nix")
   ];
 
   boot.initrd.availableKernelModules = ["xhci_pci" "thunderbolt" "nvme" "usb_storage" "usbhid" "sd_mod"];
@@ -13,19 +16,19 @@
   boot.kernelModules = ["kvm-intel"];
   boot.extraModulePackages = [];
 
-  fileSystems."/" =
+  fileSystems."/" = {
-    { device = "/dev/disk/by-uuid/e9209e4f-94b4-45ef-bed6-9435c96ee864";
+    device = "/dev/disk/by-uuid/e9209e4f-94b4-45ef-bed6-9435c96ee864";
     fsType = "ext4";
   };
 
-  fileSystems."/boot" =
+  fileSystems."/boot" = {
-    { device = "/dev/disk/by-uuid/E59B-B8FC";
+    device = "/dev/disk/by-uuid/E59B-B8FC";
     fsType = "vfat";
     options = ["fmask=0077" "dmask=0077"];
   };
 
-  swapDevices =
+  swapDevices = [
-    [ { device = "/dev/disk/by-uuid/e8cd6918-bc63-4d24-b8eb-6a1170844a80"; }
+    {device = "/dev/disk/by-uuid/e8cd6918-bc63-4d24-b8eb-6a1170844a80";}
   ];
 
   # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
@@ -33,8 +36,6 @@
   # still possible to use this option, but it's recommended to use it in conjunction
   # with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
   networking.useDHCP = lib.mkDefault true;
-  # networking.interfaces.enp0s31f6.useDHCP = lib.mkDefault true;
-  # networking.interfaces.wlp0s20f3.useDHCP = lib.mkDefault true;
 
   nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
   hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;

hosts/vmgaming/configuration.nix

@@ -1,12 +1,10 @@
 # Do not modify this file directly on every rebuild. It should contain host
 # specific hardware/VM configuration for VMGaming (Proxmox guest).
-{ config, lib, modulesPath, ... }:
-
 {
-  imports = [
+  config,
-    (modulesPath + "/profiles/qemu-guest.nix")
+  lib,
-  ];
+  ...
-
+}: {
   boot.initrd.availableKernelModules = ["ata_piix" "uhci_hcd" "virtio_pci" "virtio_scsi" "sr_mod"];
   boot.initrd.kernelModules = [];
   boot.kernelModules = [];
@@ -33,7 +31,6 @@
   swapDevices = [];
 
   networking.useDHCP = lib.mkDefault true;
-  services.qemuGuest.enable = true;
 
   hardware.xone.enable = true;
 

hosts/vmgaming/default.nix

@@ -0,0 +1,7 @@
+{...}: {
+  imports = [
+    ./configuration.nix
+    ./proxmox.nix
+    ./nvidia.nix
+  ];
+}

hosts/vmgaming/nvidia.nix

@@ -0,0 +1,14 @@
+{config, ...}: {
+  services.xserver.videoDrivers = ["nvidia"];
+
+  hardware.graphics = {
+    enable = true;
+  };
+
+  hardware.nvidia = {
+    modesetting.enable = true;
+    open = false;
+    package = config.boot.kernelPackages.nvidiaPackages.stable;
+    nvidiaSettings = true;
+  };
+}

hosts/vmgaming/proxmox.nix

@@ -0,0 +1,16 @@
+{modulesPath, ...}: {
+  imports = [
+    (modulesPath + "/profiles/qemu-guest.nix")
+  ];
+
+  services.qemuGuest.enable = true;
+
+  boot.loader.grub = {
+    enable = true;
+    efiSupport = true;
+    efiInstallAsRemovable = true;
+    devices = ["nodev"];
+  };
+
+  boot.loader.efi.canTouchEfiVariables = false;
+}

modules/common/base.nix

@@ -2,10 +2,12 @@
 # Description: Core NixOS configuration with Nix settings, base packages, fonts,
 #              localization (FR), Fish shell, and security (GPG)
 # Services: gvfs, udisks2, gnupg-agent
-
-{ pkgs, customConfig, ... }:
-
 {
+  pkgs,
+  customConfig,
+  self,
+  ...
+}: {
   nix.settings = {
     experimental-features = ["nix-command" "flakes"];
     substituters = [
@@ -17,11 +19,13 @@
     ];
   };
 
+  nix.registry.tex.flake = self;
+
   programs.nh = {
     enable = true;
     clean.enable = true;
     clean.extraArgs = "--keep-since 4d --keep 3";
-    flake = builtins.toString customConfig.configFlakePath;
+    flake = toString customConfig.configFlakePath;
   };
 
   nixpkgs.config.allowUnfree = true;
@@ -47,6 +51,8 @@
     unzip
 
     scream
+    nixd
+    alejandra
   ];
 
   fonts.packages = with pkgs; [

modules/common/desktop-i3.nix

@@ -2,34 +2,77 @@
 # Description: Enables X11 with i3 window manager and associated desktop tools
 # Services: xserver with i3
 # Packages: alacritty (terminal), tint2 (panel), rofi (launcher), i3lock, dunst
-
+{pkgs, ...}: let
-{ pkgs, ... }:
-
-let 
   updatescreen = pkgs.writeShellScript "updatescreens.sh" ''
     #!/bin/sh
     i3-msg restart
     feh --bg-fill --no-xinerama Downloads/fire1.png
   '';
-in
+in {
-{
+  services.xserver = {
-  services.xserver.enable = true;
+    enable = true;
-  services.xserver.windowManager.i3.enable = true;
+    windowManager.i3.enable = true;
-  services.xserver.autorun = true;
+    autorun = true;
+  };
+
+  services.displayManager.defaultSession = "none+i3";
+
+  programs.i3lock.enable = true;
+  programs.xss-lock = {
+    enable = true;
+    lockerCommand = "${pkgs.i3lock}/bin/i3lock --nofork -c 000000";
+    extraOptions = ["--transfer-sleep-lock"];
+  };
+
+  services.logind.settings.Login = {
+    IdleAction = "suspend";
+    IdleActionSec = "15min";
+
+    HandleLidSwitch = "suspend";
+  };
+
+  services.picom = {
+    enable = true;
+
+    backend = "glx";
+    vSync = true;
+
+    shadow = true;
+    shadowOpacity = 0.8;
+    shadowOffsets = [(-5) (-5)];
+
+    fade = true;
+    fadeDelta = 10;
+    fadeSteps = [0.03 0.03];
+
+    opacityRules = [
+      "80:class_g = 'Alacritty'"
+    ];
+
+    settings = {
+      use-damage = true;
+
+      shadow-radius = 10;
+
+      frame-opacity = 1.0;
+      corner-radius = 20;
+
+      rounded-corners-exclude = [
+        "class_g = 'i3-frame'"
+        "class_g = 'Polybar'"
+      ];
+    };
+  };
 
   environment.systemPackages = with pkgs; [
     alacritty
-    tint2
-    awesome
     maim
     xclip
     dunst
-    xss-lock
     dex
     rofi
     polybarFull
     oh-my-posh
-    picom
     playerctl
     zscroll
     feh

modules/common/net.nix

@@ -3,10 +3,13 @@
 #              configuration via wpa_supplicant, and hostname settings
 # Services: dnscrypt-proxy (primary + backup), wpa_supplicant
 # Security: WiFi credentials stored via sops-nix secrets
-
+{
-{ config, lib, pkgs, customConfig, ... }:
+  config,
-
+  lib,
-let
+  pkgs,
+  customConfig,
+  ...
+}: let
   backupToml = pkgs.writeText "dnscrypt-proxy-backup.toml" ''
     listen_addresses = ["127.0.0.2:53"]
     server_names = ["dns0-eu"]
@@ -17,11 +20,7 @@ let
     minisign_key = 'RWQf6LRCGA9i53mlYecO4IzT51TGPpvWucNSCh1CBM0QTaLn73Y7GFO3'
     refresh_delay = 72
   '';
-
+in {
-  userHome = "/home/${customConfig.username}";
-in
-
-{
   networking.nftables.enable = true;
   networking.firewall = {
     enable = true;
@@ -54,8 +53,14 @@ in
   # networking.wireless.networks = { ... };
 
   networking.interfaces.lo.ipv4.addresses = [
-    { address = "127.0.0.1"; prefixLength = 8; }
+    {
-    { address = "127.0.0.2"; prefixLength = 8; }
+      address = "127.0.0.1";
+      prefixLength = 8;
+    }
+    {
+      address = "127.0.0.2";
+      prefixLength = 8;
+    }
   ];
 
   networking.nameservers = ["127.0.0.1" "127.0.0.2"];

modules/common/obs.nix

@@ -0,0 +1,11 @@
+{pkgs, ...}: {
+  programs.obs-studio = {
+    enable = true;
+
+    enableVirtualCamera = true;
+
+    plugins = with pkgs.obs-studio-plugins; [
+      obs-pipewire-audio-capture
+    ];
+  };
+}

modules/common/parsec.nix

@@ -2,10 +2,11 @@
 # Description: Installs Parsec Cloud client (v3) with CLI and GUI
 # Dependencies: parsec-cloud-nix flake input
 # Note: Requires increased Node.js heap size during build (workaround)
-
+{
-{ pkgs, parsec-cloud-nix, ... }:
+  pkgs,
-
+  parsec-cloud-nix,
-let
+  ...
+}: let
   pc = parsec-cloud-nix.packages.${pkgs.stdenv.hostPlatform.system};
 
   # WORKAROUND: Parsec build runs out of memory without increased heap size
@@ -19,8 +20,7 @@ let
   };
 
   parsecCli = pc.parsec-cloud.v3.cli;
-in
+in {
-{
   environment.systemPackages = [
     parsecClientPatched
     parsecCli

modules/common/users.nix

@@ -2,10 +2,11 @@
 # Description: Defines the main user 'alice' with groups, permissions, and user packages
 # Packages: Browsers (Firefox), Office (LibreOffice), Development (VSCode, Git),
 #           Media (VLC, Spotify), Communication (Slack, Thunderbird), and more
-
-{ pkgs, customConfig, ... }:
-
 {
+  pkgs,
+  customConfig,
+  ...
+}: {
   users.users."${customConfig.username}" = {
     isNormalUser = true;
     home = "/home/${customConfig.username}";
@@ -44,8 +45,9 @@
 
       # Gaming & Entertainment
       prismlauncher # Minecraft launcher
-      widelands           # Strategy game
+      # widelands           # Strategy game
       wasistlos # Game
+      signal-desktop
       moonlight-qt # Game streaming
 
       # System & Cloud

modules/common/yubikey.nix

@@ -1,9 +1,7 @@
 # Module: YubiKey Authentication
 # Description: Enables YubiKey-based PAM auth for login and sudo across systems
-
+# TODO
-{ pkgs, ... }:
+{pkgs, ...}: {
-
-{
   security.pam.services = {
     login.u2fAuth = true;
     sudo.u2fAuth = true;

modules/laptop/bluetooth.nix

@@ -1,10 +1,11 @@
 # Module: Bluetooth Configuration
 # Description: Enables Bluetooth with dual controller mode and experimental features
 # Services: bluetooth, blueman (GUI manager)
-
-{ config, lib, ... }:
-
 {
+  config,
+  lib,
+  ...
+}: {
   options.custom.bluetooth = {
     enable = lib.mkEnableOption "Bluetooth support with blueman GUI";
 

modules/laptop/default.nix

@@ -3,13 +3,9 @@
 # Services: sops-nix
 # Dependencies: sops-nix for secrets management
 # Note: Other laptop features (gaming, virtualization, etc.) are in separate modules
-
+{customConfig, ...}: let
-{ customConfig, ... }:
-
-let
   userHome = "/home/${customConfig.username}";
-in
+in {
-{
   sops.validateSopsFiles = false;
   sops.age.keyFile = "${userHome}/.config/sops/age/keys.txt";
 

modules/laptop/fingerprint.nix

@@ -1,6 +1,4 @@
-{ pkgs, ... }:
+{pkgs, ...}: {
-
-{
   services.fprintd.enable = true;
   services.fprintd.tod.enable = true;
   services.fprintd.tod.driver = pkgs.libfprint-2-tod1-goodix-550a;

modules/laptop/gaming.nix

@@ -1,10 +1,12 @@
 # Module: Gaming Support
 # Description: Enables Steam and gamepad drivers (xpadneo for Xbox controllers)
 # Services: Steam, steam-hardware
-
-{ config, lib, pkgs, ... }:
-
 {
+  config,
+  lib,
+  pkgs,
+  ...
+}: {
   options.custom.gaming = {
     enable = lib.mkEnableOption "gaming support (Steam, gamepad drivers)";
 

modules/laptop/home-manager.nix

@@ -1,6 +1,8 @@
-{ lib, customConfig, ... }:
+{
-
+  lib,
-let
+  customConfig,
+  ...
+}: let
   username = customConfig.username;
   dotconfigPath = ../../dotconfig;
   dotconfigEntries = lib.filterAttrs (name: _: !(lib.hasPrefix "." name)) (builtins.readDir dotconfigPath);
@@ -15,8 +17,7 @@ let
         recursive = true;
       }
     );
-in
+in {
-{
   home-manager.useGlobalPkgs = true;
   home-manager.useUserPackages = true;
   home-manager.backupFileExtension = "hm-backup";

modules/laptop/power.nix

@@ -1,10 +1,11 @@
 # Module: Power Management
 # Description: CPU frequency governor and power management settings
 # Services: powerManagement
-
-{ config, lib, ... }:
-
 {
+  config,
+  lib,
+  ...
+}: {
   options.custom.power = {
     enable = lib.mkEnableOption "power management configuration";
 

modules/laptop/printing.nix

@@ -1,10 +1,11 @@
 # Module: Printing Configuration
 # Description: CUPS printing service with configured printers
 # Services: printing (CUPS)
-
-{ config, lib, ... }:
-
 {
+  config,
+  lib,
+  ...
+}: {
   options.custom.printing = {
     enable = lib.mkEnableOption "printing support (CUPS)";
 
@@ -26,7 +27,8 @@
 
     hardware.printers = lib.mkIf (config.custom.printing.printers != []) {
       ensurePrinters = config.custom.printing.printers;
-      ensureDefaultPrinter = lib.mkIf (config.custom.printing.defaultPrinter != null) 
+      ensureDefaultPrinter =
+        lib.mkIf (config.custom.printing.defaultPrinter != null)
         config.custom.printing.defaultPrinter;
     };
   };

modules/laptop/virtualization.nix

@@ -1,10 +1,13 @@
 # Module: Virtualization
 # Description: Docker and VirtualBox virtualization support
 # Services: Docker daemon, VirtualBox
-
-{ config, lib, pkgs, customConfig, ... }:
-
 {
+  config,
+  lib,
+  pkgs,
+  customConfig,
+  ...
+}: {
   options.custom.virtualization = {
     docker = {
       enable = lib.mkEnableOption "Docker container runtime";

modules/laptop/zwift.nix

@@ -2,10 +2,13 @@
 # Description: Configures Zwift cycling simulator via Docker with proper networking
 # Services: Zwift Docker container
 # Ports: UDP 3022, 3024 / TCP 21587, 21588
-
-{ config, lib, pkgs, customConfig, ... }:
-
 {
+  config,
+  lib,
+  pkgs,
+  customConfig,
+  ...
+}: {
   options.custom.zwift = {
     enable = lib.mkEnableOption "Zwift cycling simulator";
   };

modules/nixos/wireless-networks.nix

@@ -1,16 +0,0 @@
-# Module: Wireless Networks Configuration (Encrypted)
-# Description: WiFi networks configuration fully encrypted with sops-nix
-# Security: Network names, SSIDs, and all configuration stored in encrypted secrets
-# Files: ~/.config/secrets/wifi-networks.yaml (encrypted with sops)
-# Note: The actual networks are loaded at runtime from the encrypted file
-
-{ config, lib, pkgs, ... }:
-
-{
-  # WiFi networks are loaded from encrypted file at runtime
-  # The file is in wpa_supplicant.conf format and gets included by wpa_supplicant
-  # This approach keeps network names and configuration completely private
-  
-  # Note: If wifi-networks secret doesn't exist yet, this won't cause errors
-  # You can still use the old method (networking.wireless.networks in Nix) if needed
-}

secrets/wifi-networks.yaml

@@ -1,4 +1,4 @@
-wifi-networks: ENC[AES256_GCM,data:jcHmQ+iXRW4+OeZlvMJsn7oz5Fn18BtflKwVO3eHFwAESGvXI1OZGdrO0KyH+JMftRQKgQsGsdsLtxCWQgvVUpisgsyw7EV2XnMVMARWFnVfRxX7MOIszhzJGOsrfLxWbaJ08kGYIkSoamKjQCfltdXnafHF74lZbWVI6iU2KyiRgUB9jUxo1spfeHBWRFH57fa9bWHELg/5Wn7B0AAvgdc/foArEGfbkCUdBWCrm2iR2guw/zeCkufcQdw4erhBIOSX2F48rHPcAwZKZrruut5VGqDBHpHf4++OTieA8lSd+s9LL6MecziieGL2LGEhQ9v0fdmwlvGFp6ADOJJwpwAiv0ApxLvm7dVEXbz3AN6mEhy4P2YjhiWsafOt2yBL2Dskm332ctXvGI8GR2o1d8kh/Dqf6KK/hFVdkV49HH2jr8tgive6pBAc9mPEvPfRopwOkk1cbeP9OL/WUBIAkWVMJcpSZla0TIWZidamnH46uBSX8PdsL3RKBnsTf/cC3QZnyLAWWS5pSZ3UVb5vfBZEyooDZNFfpRLAKoisGmZYOPQKGljrx0ijDz63kGgvE26OWEbgDiEgTXvLFVd2mf4czNDDo4QVdA26G/xb85ub5mEZNJLv/o24AMWeQcqivxMn4rdwjjBwypuqILjA/8qx+CKH1u9vCmsVCf6Rl+Sp9awzsulcxDS6Irs1Hu4loVDnzLo1JE7x8GU4CdiyQS/8huTvrpvWkB0aQJo0QoPh7mixP7R3fDIMUf+sB4mwl8bC2Km2ZCKl80b1SstsXOldnvK4KdXyo09LSUPJzeWE8r/qEegfTptuwLuuyUx+IPqB4qdd1cRCYSOkzJ6LGRFeqOzzOPjpucvVQeNzz8y5vskBWDgTj8+3XQ==,iv:gSu1E7qVgwEcc/k1WL49pMRHIiNRfKGS70srW1JWfqI=,tag:lW1TTxSiBv7EDTHDSNztig==,type:str]
+wifi-networks: ENC[AES256_GCM,data:ttpUrmiypU54BtQb4eSopI5iLt5OFS3v+WPWD9NiyQGbLcV9ABOr4CbGAbUOZqBAZgBJj4Byh6mdx5rNUiSk3pefJyJsXDEttGeFV+acOaw6fmyL8iFWV/lw5fQgzvWlM1rDJLq9WFwVMaNXrL+j8Gpgv/afOQbTa9WiBRh7pEjpAtR6wgRrGrT4Qby9xeoJYIVummilpP9ktAkXVQ7LtvFi2Xow02MFjzq9X9Yy+HjWE4MUDGTMkD1fAOTUq0UBwD2CoFGFceBLEFH7pwJt0PRJEMEtcsolV4nh1KyvHcCkiTR4C/jaC1ZFLbJdsAYf57paqASnRzJDiaR3EwpHlShTvvYSH0sMRZwaxNPJsP7CoYOfojIbVTUoc2bQWz6f4vow5RQRkMlIZ85ZUF46X3HOc3YdaDEFEeLvybgAbhF4X+LwjANc4iEy1SvU/oX/57U+L/urwtPgXIZvX3MDAM4VOotzK6WOUDVokTie24AZuIeSLrEvUJaurqSvzVc+qIvnt6Oigz7l7pNRnJ1auNUnaooAQdM1gwcFg/6sd6JwMgLN/aGd+bNcAohtPb+YlNdPmlZSvZIsTOSbzd1ouBg/CQSdo4GrtREymcaKI9pAQ55NOJqXQuB1LETBflENf2OiKRt555M2z38Zk0nXrhbldI1jMcxvGy/jKweJlpOqvheLIWKyT08P63tQ/UHIO7DxOL4DMlvNZi+pUG9I0XkiBeWi2J4EJwwP8gYAVjw2SxkJIbz1pzYFcLJfJnowbxpBcaHElDYRC87XfTT7LJapCkK6umDQyBjYInYyYyoJBcOaWJFEKpdA00pIsxNAwVY3D2bbqu5wNJ22KgVVAK8kRrkYha12kJt278BokZFKT910ZVZFEtb6uTycztEsvuHnUTbm8ujk19LwgUD9VYkoDb5JA7OMXF/Xo1DmSMbJkma/ghYQyhcsQt8fwXItTTFnnT6PGsj1,iv:J77cp8CzWyvfKTylOksLqlf7/HyqVjiZ8dQmVc10sqc=,tag:eqE7D/l4Pu1IKDovzNz2fw==,type:str]
 sops:
     age:
         - recipient: age1hhyew9sv8lqqfeza92jkxsdudhsgaef66cxalp06ez2cm9k6aqysc7mlf7
@@ -10,7 +10,7 @@ sops:
             NENiek9YeUhXNFhuZkZzRnBIYXdGY2cKpfSlzP7uK6VFl71OYfoHBxAwrKfpJSNT
             QQUngSh6VBrWeJIxoMkJ7O+xSgwZnWc0fnrB+OpoRqy5YVctSmHERg==
             -----END AGE ENCRYPTED FILE-----
-    lastmodified: "2026-03-21T09:20:19Z"
+    lastmodified: "2026-04-06T08:15:15Z"
-    mac: ENC[AES256_GCM,data:20EScEe1X57+zwxObnNTgnG57acwJGLVjXOlN9rbh1Wq0F5Ve6Z4zmiv9AFz3GBOfE2n1T9Q9GcVV5T8PNreaM8tFATBdCihTebxESq0DPhcinReaMMftH+p/785z5zCCYvBR2QV+vmt24pcOH+h8H6X2LnjL3yo1uYx4PafFDE=,iv:xJ29oD17LqXX8KDStKl0SsTASi/7TrDX8f7pAsapWbI=,tag:S/zXh5d4TLfIH7J33ej4cA==,type:str]
+    mac: ENC[AES256_GCM,data:Y9rEWXkTcDaoBtWhQ6RepnaaPUZujA6oeHhG/YdvhLLo0Nq3Or6F59YXaArwmTcOxjJzUP0eaUphZYuinVZKomMkxeFfm6ms4Tg6VHDzCxpmrwJgvWCjmmy69jrFm75l6D/Q1WeGqijsxuOCitYjgpfIDnfwomx1RPWTWNrs77M=,iv:gBspVAUPd8AexuAqKeMcuMDA9HVTXKkl87wntGUOtz0=,tag:B3yFoxu+Qs84bJQDJ6brKQ==,type:str]
     unencrypted_suffix: _unencrypted
-    version: 3.12.1
+    version: 3.12.2