sid/nix-config
1
0
Fork 0
Code Issues 1 Pull requests Projects Releases Packages Wiki Activity Actions

initial commit

Browse source
This commit is contained in:
sid 2026-02-23 20:50:47 +01:00
commit c094b5770c
113 changed files with 6879 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

128
users/sid/home/hyprland/README.md Normal file
View file

@ -0,0 +1,128 @@
# Manual configuration
The following things are not (yet) automated by Nix. Follow these steps after finishing the installation (including Home Manager).
## Import secrets
It is assumed that your secrets are stored on a LUKS encrypted USB drive partition (sda3 in this case).
```bash
USB=/dev/sda
USER=$(whoami)
HOST=$(cat /etc/hostname)
# Open crypt
sudo mkdir -p /mnt/crypt
sudo cryptsetup open "$USB"3 crypt
sudo mount /dev/mapper/crypt /mnt/crypt
# Copy secrets
sudo rsync -vP /mnt/crypt/gpg-backup.sec.asc /tmp
sudo rsync -vP /mnt/crypt/$HOST/keys.txt /tmp
sudo chown $USER:$USER /tmp/gpg-backup.sec.asc
sudo chown $USER:$USER /tmp/keys.txt
# Import secrets
mkdir -p ~/.config/sops/age && mv /tmp/keys.txt ~/.config/sops/age && chmod 0400 ~/.config/sops/age/keys.txt
gpg --decrypt /tmp/gpg-backup.sec.asc | gpg --import
gpg --edit-key D371C8E7D58F9D1E # replace with your key ID
gpg> trust
Your decision? 5
Do you really want to set this key to ultimate trust? (y/N) y
gpg> q
# Close crypt
sudo umount -lf /mnt/crypt
sudo cryptsetup close crypt
```
## Clone password store repository
```bash
git clone ssh://git.portuus.de:2299/home/sid/git/password-store $PASSWORD_STORE_DIR
```
## Librewolf
Librewolf is handled through its Home Manager module. Extensions do not need to be installed, just activated.
- Extensions (allow every extension to run in private windows)
- PassFF
- Preferences
- Behavior of Enter key: Fill and submit
- Behavior of Shift-Enter key: Goto, fill and submit
- floccus
- Add profile
- Nextcloud Bookmarks
- Bookmarks folder: Bookmarks Toolbar
TODO
- all custom search bookmarks lost their keywords
- set Searx as the default search engine
## Element Desktop
- Authentication via username, password and security key
- Settings
- Appearance
- Theme: Dark
- Preferences
- Allow spell check
- Add: German (Germany)
- Keyboard shortcuts
- Use Ctrl + F to search timeline: true
## Thunderbird
The account setup must be done manually, as the `accounts.email` HM module requires setting personal information that would end up being public on the Git web frontend.
- Spelling
- Add Dictionaries...
- German: Download Dictionary
## Spotify
- Authentication via username and password
## Jellyfin Media Player
- Add server
- Authentication via username and password
## OBS-Studio
- Scenes
- Scene
- Sources
- Add: Screen Capture (PipeWire) > OK > Screen 0 (or a window or a region) > OK
- Audio Mixer
- Mic/Aux: Mute
- File
- Settings
- Output
- Recording
- Recording Path: /home/sid/vid/recordings
- Generate File Name without Space
- Video
- Base Resolution: 2560x1600
- Output Resolution: 2560x1600
- Common FPS Values: 60
> TODO: adjust video and audio codecs/quality
> TODO: keyboard shortcuts (currently using waybar tray icon)
## Eduroam
Download the eduroam configuration script [here](https://cat.eduroam.org/?idp=5134&profile=8268).
Execute it:
```bash
nix-shell -p python3 python3Packages.dbus-python --run 'python eduroam-linux-THK-members_of_TH_Koln.py'
```
## Zoom
- Authentication via username and password
- Check "Keep me signed in"

103
users/sid/home/hyprland/anyrun.nix Normal file
View file

@ -0,0 +1,103 @@
{
inputs,
config,
pkgs,
...
}:
let
mkDir = dir: {
path = config.home.homeDirectory + "/" + dir;
recurse = true;
};
mkDirs = dirs: map mkDir dirs;
dirs = [
"aud"
"dls"
"doc"
"img"
"src"
"vid"
];
inherit (pkgs.stdenv.hostPlatform) system;
in
{
imports = [
inputs.kidex.homeModules.kidex
];
programs.anyrun = {
enable = true;
package = inputs.anyrun.packages."${system}".anyrun-with-all-plugins;
config = {
x = {
fraction = 0.5;
};
y = {
fraction = 0.3;
};
width = {
fraction = 0.3;
};
hideIcons = true;
layer = "overlay";
hidePluginInfo = true;
showResultsImmediately = true;
plugins = with inputs.anyrun.packages."${system}"; [
applications
dictionary
kidex
randr
rink
translate
websearch
];
};
extraCss = ''
#window {
background-color: rgba(0, 0, 0, 0);
}
'';
extraConfigFiles = {
"dictionary.ron".text = ''
Config(
prefix: ":def",
max_entries: 5,
)
'';
"translate.ron".text = ''
Config(
prefix: ":t",
language_delimiter: ">",
max_entries: 3,
)
'';
"randr.ron".text = ''
Config(
prefix: ":dp",
max_entries: 5,
)
'';
# TODO: websearch.ron: set custom search engine
};
};
services.kidex = {
enable = true;
settings = {
ignored = [
"*/.git/*"
"*/.cache/*"
"*/.direnv/*"
];
directories = mkDirs dirs;
};
};
wayland.windowManager.hyprland.settings.bind = [
"$mod, space, exec, anyrun"
];
}

34
users/sid/home/hyprland/default.nix Normal file
View file

@ -0,0 +1,34 @@
{
inputs,
lib,
pkgs,
...
}:
{
imports = [
# ./anyrun.nix
./flatpak.nix
./fzf-open.nix
./gpg.nix
./hyprland.nix
./librewolf.nix
./newsboat.nix
# ./nextcloud-sync.nix
./obs-studio.nix
./opencode.nix
./packages.nix
./rclone.nix
# ./recoll.nix
./shell-aliases.nix
./spotify-player.nix
./ssh-hosts.nix
./stylix.nix
./vscode.nix
./waybar.nix
./xdg.nix
./yazi.nix
inputs.synix.homeModules.virtualisation
];
}

38
users/sid/home/hyprland/flatpak.nix Normal file
View file

@ -0,0 +1,38 @@
{ inputs, pkgs, ... }:
{
imports = [
inputs.nix-flatpak.homeManagerModules.nix-flatpak
];
services.flatpak = {
enable = true;
update = {
onActivation = false;
auto = {
enable = true;
onCalendar = "weekly";
};
};
packages = [
{
appId = "org.mypaint.MyPaint";
origin = "flathub";
}
# FIXME: does not start. installed `chat.commet.commetapp.flatpak` manually
{
appId = "im.riot.Riot";
origin = "flathub";
}
{
appId = "us.zoom.Zoom";
origin = "flathub";
}
];
};
home.packages = with pkgs; [
flatpak
flatpak-builder
];
}

35
users/sid/home/hyprland/fzf-open.nix Normal file
View file

@ -0,0 +1,35 @@
{ pkgs, ... }:
let
fzf-dirs = "~/doc ~/img ~/aud ~/dls ~/src ~/.config ~/.local";
fzf-open = pkgs.writeShellScriptBin "fzf-open" ''
fzf --preview="pistol {}" --bind "enter:execute(hyprctl dispatch togglespecialworkspace fzf-open && xdg-open {} > /dev/null 2>&1 &)"
'';
in
{
wayland.windowManager.hyprland = {
settings = {
bind = [
"$mod, Space, togglespecialworkspace, fzf-open"
];
windowrulev2 = [
"float, class:floating"
"size 50% 50%, title:fzf-open"
];
};
extraConfig = ''
workspace = special:fzf-open, on-created-empty:kitty --class=floating -e ${fzf-open}/bin/fzf-open
'';
};
home = {
sessionVariables = {
# FZF_DEFAULT_COMMAND = "rg --files --hidden --glob '!.git/**' ${fzf-dirs}";
FZF_DEFAULT_COMMAND = "rg --files ${fzf-dirs}";
};
packages = [
fzf-open
];
};
}

12
users/sid/home/hyprland/gpg.nix Normal file
View file

@ -0,0 +1,12 @@
{ inputs, ... }:
let
key.a.grip = "F8BCC76BE2E55D52C3E92B963ADD3FDD8C153911";
key.e.id = "97BEF39E76001BC0";
in
{
imports = [ inputs.synix.homeModules.gpg ];
services.gpg-agent.sshKeys = [ key.a.grip ];
programs.passwordManager.key = key.e.id;
}

49
users/sid/home/hyprland/hyprland.nix Normal file
View file

@ -0,0 +1,49 @@
{
inputs,
config,
pkgs,
...
}:
{
imports = [ inputs.synix.homeModules.hyprland ];
wayland.windowManager.hyprland = {
enable = true;
autostart = true;
settings = {
bind =
let
flatpakRun = "${pkgs.flatpak}/bin/flatpak --user run";
wineRun = "wine ${config.home.homeDirectory}/.wine/drive_c";
in
[
"$mod, g, exec, gimp"
"$mod, s, exec, kitty -T spotify -e spotify_player"
"$mod, t, exec, teams-for-linux"
"$mod, v, exec, virt-manager"
"$mod, z, exec, ${flatpakRun} us.zoom.Zoom"
"$mod CTRL, i, exec, ${wineRun}/Program\\ Files/AccessData/FTK\\ Imager/FTK\\ Imager.exe"
"$mod CTRL, m, exec, ${flatpakRun} org.mypaint.MyPaint"
"$mod CTRL, o, exec, obs"
"$mod CTRL, p, exec, otp"
"$mod SHIFT, a, exec, chromium --app=https://ai.portuus.de"
];
windowrule = [
"workspace 4, title:^newsboat$"
"workspace 6, class:^thunderbird$, title:Thunderbird$"
"workspace 7, title:^Jellyfin Media Player$"
"workspace 7, title:^spotify$"
"workspace 8, class:^Element$, title:^Element"
"workspace 9, class:^chrome-ai.portuus.de"
"workspace 10, class:^zoom$, title:^Zoom"
"workspace 10, class:^org.qbittorrent.qBittorrent$"
"workspace 10, title:^Virtual Machine Manager$"
];
exec-once = [
"[workspace 5 silent] librewolf"
"[workspace 6 silent] thunderbird"
];
};
};
}

13
users/sid/home/hyprland/librewolf.nix Normal file
View file

@ -0,0 +1,13 @@
{ inputs, pkgs, ... }:
let
inherit (pkgs.stdenv.hostPlatform) system;
in
{
programs.librewolf = {
profiles.default.extensions.packages =
with inputs.nur.legacyPackages."${system}".repos.rycee.firefox-addons; [
zotero-connector
];
};
}

12
users/sid/home/hyprland/newsboat.nix Normal file
View file

@ -0,0 +1,12 @@
{ config, ... }:
{
programs.newsboat = {
extraConfig = ''
urls-source "miniflux"
miniflux-url "https://miniflux.portuus.de/"
miniflux-login "sid"
miniflux-passwordfile "${config.sops.secrets.miniflux.path}"
'';
};
}

29
users/sid/home/hyprland/nextcloud-sync.nix Normal file
View file

@ -0,0 +1,29 @@
{ inputs, config, ... }:
let
mkConnection = dir: {
local = config.home.homeDirectory + "/" + dir;
remote = "/" + dir;
};
mkConnections = dirs: map mkConnection dirs;
connections = [
"aud"
"doc"
"img"
"vid"
];
in
{
imports = [
inputs.synix.homeModules.nextcloud-sync
];
services.nextcloud-sync = {
enable = true;
remote = "cloud.portuus.de";
passwordFile = config.sops.secrets.nextcloud.path;
connections = mkConnections connections;
};
}

9
users/sid/home/hyprland/obs-studio.nix Normal file
View file

@ -0,0 +1,9 @@
{ pkgs, ... }:
{
programs.obs-studio = {
enable = true;
package = pkgs.obs-studio;
plugins = [ pkgs.obs-studio-plugins.wlrobs ];
};
}

10
users/sid/home/hyprland/opencode.nix Normal file
View file

@ -0,0 +1,10 @@
{
programs.opencode = {
enable = true;
settings = {
model = "openrouter/qwen/qwen3-coder";
autoshare = false;
autoupdate = false;
};
};
}

84
users/sid/home/hyprland/packages.nix Normal file
View file

@ -0,0 +1,84 @@
{ inputs, pkgs, ... }:
let
inherit (pkgs.stdenv.hostPlatform) system;
in
{
home.packages =
with pkgs;
[
prismlauncher
audacity
drawio
gimp
inkscape
kicad
mermaid-cli
octaveFull
pdfarranger
remmina
spotify
syncthingtray
teams-for-linux
texliveFull
xournalpp
zotero
# inputs.gen-dmc.packages."${system}".gen-dmc
# angryipscanner # FIXME
# autopsy # gradle-7.6.6 is marked as insecure
# jellyfin-media-player # qtwebengine-5.15.19 is marked as insecure
]
# tools
++ [
aichat
compose2nix
duden
ftx-prog
gf
glab
gtkterm
localsend
magic-wormhole
naabu
ocrmypdf
rpi-imager
rustfmt
showmethekey
songrec
speedtest-cli
subfinder
synadm
yt-dlp
inputs.multios-usb.packages."${system}".default
(instaloader.overridePythonAttrs (oldAttrs: {
propagatedBuildInputs = (oldAttrs.propagatedBuildInputs or [ ]) ++ [
python3Packages.browser-cookie3
];
}))
local.gitingest # TODO: PR Nixpkgs
local.otp
local.pdf2printable
local.transcribe
local.yt2rss
synix.bulk-rename
# synix.marker-pdf # FIXME
]
# reverse engineering
# ++ [
# checksec
# ghidra-bin
# ida-free
# ]
# android
++ [
adbfs-rootless
android-tools
scrcpy
];
}

23
users/sid/home/hyprland/rclone.nix Normal file
View file

@ -0,0 +1,23 @@
{ config, ... }:
let
sops = config.sops;
in
{
sops.templates.rclone.path = config.xdg.configHome + "/rclone/rclone.conf";
sops.templates.rclone.content = ''
[portuus]
type = webdav
url = https://cloud.portuus.de/remote.php/dav/files/sid/
vendor = nextcloud
user = sid
pass = ${sops.placeholder."rclone/portuus/pass"}
[sciebo]
type = webdav
url = ${sops.placeholder."rclone/sciebo/url"}
vendor = owncloud
user = ${sops.placeholder."rclone/sciebo/user"}
pass = ${sops.placeholder."rclone/sciebo/pass"}
'';
}

31
users/sid/home/hyprland/recoll.nix Normal file
View file

@ -0,0 +1,31 @@
{ config, ... }:
{
services.recoll = {
enable = true;
configDir = "${config.xdg.configHome}/recoll";
settings = {
nocjk = true;
loglevel = 5;
topdirs = [
"~/aud"
"~/dls"
"~/doc"
"~/img"
"~/src"
];
"~/dls" = {
"skippedNames+" = [ "*.iso" ];
};
"~/src" = {
"skippedNames+" = [
"node_modules"
"target"
"result"
];
};
};
};
}

11
users/sid/home/hyprland/shell-aliases.nix Normal file
View file

@ -0,0 +1,11 @@
{ pkgs, ... }:
{
home.shellAliases = {
bt = "bluetoothctl";
ff = "find . -type f -name";
dd-iso = "dd bs=4M status=progress oflag=sync";
nc-sync = "nextcloud-sync-all";
synapse_change_display_name = "${pkgs.synix.synapse_change_display_name}/bin/synapse_change_display_name -t $(${pkgs.pass}/bin/pass sid.ovh/matrix/access-token) -r sid.ovh";
};
}

47
users/sid/home/hyprland/spotify-player.nix Normal file
View file

@ -0,0 +1,47 @@
{ config, ... }:
{
programs.spotify-player = {
enable = true;
# package = pkgs.spotify-player.override {
# withImage = false;
# withSixel = false;
# };
settings = {
actions = [
{
command = "GoToArtist";
key_sequence = "g A";
}
{
command = "GoToAlbum";
key_sequence = "g B";
target = "PlayingTrack";
}
];
pause_icon = " ";
play_icon = " ";
device = {
audio_cache = true;
autoplay = true;
normalization = true;
volume = 100;
};
layout = {
playback_window_position = "Bottom";
library = {
playlist_percent = 80;
album_percent = 0;
};
};
};
};
services.spotifyd = {
enable = true;
settings = {
username = "zephyrius17";
password_cmd = "cat ${config.sops.secrets.spotify.path}";
};
};
}

54
users/sid/home/hyprland/ssh-hosts.nix Normal file
View file

@ -0,0 +1,54 @@
{ pkgs, ... }:
{
programs.ssh.matchBlocks = {
edge = {
host = "e edge";
hostname = "49.12.227.10";
port = 2299;
user = "sid";
};
uvm = {
host = "u uvm";
hostname = "localhost";
port = 2222;
user = "root";
checkHostIP = false;
};
portuus = {
host = "p portuus *.portuus.de";
hostname = "portuus.de";
port = 2299;
user = "sid";
};
sid = {
host = "s sid *.sid.ovh";
hostname = "sid.ovh";
port = 2299;
user = "sid";
};
X99S = {
host = "X X99S";
hostname = "steffen.fail";
port = 2299;
user = "sid";
};
};
# setup: sudo mkdir -p /mnt/sshfs && sudo chown sid:sid /mnt/sshfs
programs.sftpman = {
enable = true;
# gpg --export-ssh-key <auth key id> > ~/.ssh/id_rsa.pub
defaultSshKey = "/home/sid/.ssh/id_rsa.pub";
mounts = {
portuus = {
host = "portuus.de";
user = "sid";
port = 2299;
mountPoint = "/home/sid/.config/nixos";
};
};
};
home.shellAliases.sm = "sftpman";
home.packages = [ pkgs.sshfs ];
}

16
users/sid/home/hyprland/stylix.nix Normal file
View file

@ -0,0 +1,16 @@
{ inputs, ... }:
{
imports = [
inputs.synix.homeModules.stylix
];
stylix = {
enable = true;
scheme = "moonfly";
targets = {
waybar'.enable = true;
bemenu'.enable = true;
};
};
}

19
users/sid/home/hyprland/vscode.nix Normal file
View file

@ -0,0 +1,19 @@
{ pkgs, ... }:
{
programs = {
vscode = {
enable = true;
package = pkgs.vscodium;
profiles.default.extensions = with pkgs.vscode-extensions; [
mkhl.direnv
ms-vscode.cmake-tools
ms-vscode.cpptools
];
};
direnv = {
enable = true;
nix-direnv.enable = true;
};
};
}

19
users/sid/home/hyprland/waybar.nix Normal file
View file

@ -0,0 +1,19 @@
{
programs.waybar.settings = {
mainBar = {
modules-right = [
"custom/timer"
"custom/newsboat"
"network"
"bluetooth"
"cpu"
"memory"
"disk"
"pulseaudio#input"
"pulseaudio#output"
"battery"
"tray"
];
};
};
}

18
users/sid/home/hyprland/xdg.nix Normal file
View file

@ -0,0 +1,18 @@
{ config, ... }:
{
xdg.userDirs =
let
homeDir = config.home.homeDirectory;
in
{
desktop = "${homeDir}";
documents = "${homeDir}/doc";
download = "${homeDir}/dls";
music = "${homeDir}/aud/music";
pictures = "${homeDir}/img";
publicShare = "${homeDir}";
templates = "${homeDir}";
videos = "${homeDir}/vid";
};
}

33
users/sid/home/hyprland/yazi.nix Normal file
View file

@ -0,0 +1,33 @@
{ pkgs, lib, ... }:
{
programs.yazi =
let
hide-yazi-workspace = pkgs.writeShellScript "hide-yazi-workspace.sh" ''
(hyprctl monitors -j | ${lib.getExe pkgs.jq} -e 'any(.specialWorkspace.name == "special:yazi")' > /dev/null) && hyprctl dispatch togglespecialworkspace yazi
'';
in
{
keymap = {
mgr.prepend_keymap = [
{
on = "o";
run = [
"shell --orphan ${hide-yazi-workspace}"
"open"
];
desc = "";
}
];
};
};
wayland.windowManager.hyprland = {
extraConfig = ''
workspace = special:yazi, on-created-empty:kitty -T yazi -e yazi
bind = $mod, x, togglespecialworkspace, yazi
windowrule = float, title:^yazi$
windowrule = size 50% 50%, title:^yazi$
'';
};
}