AZ-Intec-GmbH/AZ-NIX
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

+AZ-LPT-100

Browse Source
This commit is contained in:
sascha.koenig 2025-08-25 07:37:33 +02:00
parent b460ee8b83
commit a1087f9522
47 changed files with 2222 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

28
flake.lock generated
View File

@ -163,6 +163,27 @@
"type": "github" "type": "github"
} }
}, },
"home-manager-unstable": {
"inputs": {
"nixpkgs": [
"nixpkgs-unstable"
]
},
"locked": {
"lastModified": 1755914636,
"narHash": "sha256-VJ+Gm6YsHlPfUCpmRQxvdiZW7H3YPSrdVOewQHAhZN8=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "8b55a6ac58b678199e5bba701aaff69e2b3281c0",
"type": "github"
},
"original": {
"owner": "nix-community",
"ref": "master",
"repo": "home-manager",
"type": "github"
}
},
"home-manager_2": { "home-manager_2": {
"inputs": { "inputs": {
"nixpkgs": [ "nixpkgs": [
@ -290,11 +311,11 @@
}, },
"nixpkgs-unstable": { "nixpkgs-unstable": {
"locked": { "locked": {
"lastModified": 1753250450, "lastModified": 1755615617,
"narHash": "sha256-i+CQV2rPmP8wHxj0aq4siYyohHwVlsh40kV89f3nw1s=", "narHash": "sha256-HMwfAJBdrr8wXAkbGhtcby1zGFvs+StOp19xNsbqdOg=",
"owner": "nixos", "owner": "nixos",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "fc02ee70efb805d3b2865908a13ddd4474557ecf", "rev": "20075955deac2583bb12f07151c2df830ef346b4",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -342,6 +363,7 @@
"deploy-rs": "deploy-rs", "deploy-rs": "deploy-rs",
"disko": "disko", "disko": "disko",
"home-manager": "home-manager_2", "home-manager": "home-manager_2",
"home-manager-unstable": "home-manager-unstable",
"nixos-anywhere": "nixos-anywhere", "nixos-anywhere": "nixos-anywhere",
"nixpkgs": "nixpkgs_3", "nixpkgs": "nixpkgs_3",
"nixpkgs-unstable": "nixpkgs-unstable" "nixpkgs-unstable": "nixpkgs-unstable"

16
flake.nix
View File

@ -15,6 +15,10 @@
url = "github:nix-community/home-manager/release-25.05"; url = "github:nix-community/home-manager/release-25.05";
inputs.nixpkgs.follows = "nixpkgs"; inputs.nixpkgs.follows = "nixpkgs";
}; };
home-manager-unstable = {
url = "github:nix-community/home-manager/master";
inputs.nixpkgs.follows = "nixpkgs-unstable";
};
nixpkgs.url = "github:nixos/nixpkgs/nixos-25.05"; nixpkgs.url = "github:nixos/nixpkgs/nixos-25.05";
nixpkgs-unstable.url = "github:nixos/nixpkgs/nixos-unstable"; nixpkgs-unstable.url = "github:nixos/nixpkgs/nixos-unstable";
@ -99,15 +103,23 @@
inputs.disko.nixosModules.disko inputs.disko.nixosModules.disko
]; ];
}; };
AZ-LPT-100 = inputs.nixpkgs-unstable.lib.nixosSystem {
specialArgs = {inherit inputs outputs;};
modules = [
./hosts/AZ-LPT-100
agenix.nixosModules.default
inputs.home-manager-unstable.nixosModules.home-manager
];
};
}; };
deploy.nodes = { deploy.nodes = {
AZ-CLD-1 = { AZ-CLD-1 = {
hostname = "AZ-CLD-1"; hostname = "AZ-CLD-1";
profiles.system = { profiles.system = {
sshUser = "sascha.koenig"; sshUser = "sascha.koenig";
interactiveSudo = false; interactiveSudo = false;
sshOpts = [ "-tt" ]; sshOpts = ["-tt"];
remoteBuild = true; remoteBuild = true;
path = deploy-rs.lib.x86_64-linux.activate.nixos self.nixosConfigurations.AZ-CLD-1; path = deploy-rs.lib.x86_64-linux.activate.nixos self.nixosConfigurations.AZ-CLD-1;
}; };

100
home/features/cli/default.nix Normal file
View File

@ -0,0 +1,100 @@
{pkgs, ...}: {
imports = [
./fish.nix
./fzf.nix
./nitch.nix
./nushell.nix
./secrets.nix
./starship.nix
./zellij.nix
];
programs.carapace = {
enable = true;
enableFishIntegration = true;
enableNushellIntegration = true;
enableBashIntegration = true;
};
programs.zoxide = {
enable = true;
enableFishIntegration = true;
enableNushellIntegration = true;
};
programs.neovim = {
enable = true;
defaultEditor = true;
viAlias = true;
vimAlias = true;
vimdiffAlias = true;
withNodeJs = true;
withPython3 = true;
};
programs.bat = {enable = true;};
programs.direnv = {
enable = true;
enableNushellIntegration = true;
nix-direnv.enable =
true;
};
programs.eza = {
enable = true;
enableFishIntegration = true;
enableBashIntegration = true;
extraOptions = ["-l" "--icons" "--git" "-a"];
};
programs.lf = {
enable = true;
settings = {
preview = true;
drawbox = true;
hidden = true;
icons = true;
theme = "Dracula";
previewer = "bat";
};
};
home.packages = with pkgs; [
agenix-cli
alejandra
bc
claude-code
comma
coreutils
devenv
fd
gcc
go
htop
httpie
jq
just
lazygit
llm
lf
nix-index
nushellPlugins.skim
progress
ripgrep
rocmPackages.rocm-smi
rocmPackages.rocminfo
rocmPackages.rocm-runtime
tldr
pomodoro-timer
trash-cli
unimatrix
unzip
vulkan-tools
wttrbar
wireguard-tools
yazi
zellij-ps
zip
];
}

77
home/features/cli/fish.nix Normal file
View File

@ -0,0 +1,77 @@
{
config,
lib,
...
}:
with lib; let
cfg = config.features.cli.fish;
in {
options.features.cli.fish.enable = mkEnableOption "enable fish shell";
config = mkIf cfg.enable {
programs.fish = {
enable = true;
loginShellInit = ''
set -x NIX_PATH nixpkgs=channel:nixos-unstable
set -x NIX_LOG info
set -x WEBKIT_DISABLE_COMPOSITING_MODE 1
set -x TERMINAL kitty
set -x EDITOR nvim
set -x VISUAL zed
set -x XDG_DATA_HOME $HOME/.local/share
set -x FZF_CTRL_R_OPTS "
--preview='bat --color=always -n {}'
--preview-window up:3:hidden:wrap
--bind 'ctrl-/:toggle-preview'
--bind 'ctrl-y:execute-silent(echo -n {2..} | wl-copy)+abort'
--color header:bold
--header 'Press CTRL-Y to copy command into clipboard'"
set -x FZF_DEFAULT_COMMAND fd --type f --exclude .git --follow --hidden
set -x FZF_CTRL_T_COMMAND "$FZF_DEFAULT_COMMAND"
set -x FLAKE $HOME/p/nixos/nixos-config
source /run/agenix/${config.home.username}-secrets
if test (tty) = "/dev/tty1"
exec uwsm start -S -F /run/current-system/sw/bin/Hyprland
end
if test (tty) = "/dev/tty2"
exec gamescope -O HDMI-A-1 -W 1920 -H 1080 --adaptive-sync --hdr-enabled --rt --steam -- steam -pipewire-dmabuf -tenfoot
end
'';
shellAbbrs = {
".." = "cd ..";
"..." = "cd ../..";
b = "yazi";
ls = "eza";
l = "eza -l --icons --git -a";
lt = "eza --tree --level=2 --long --icons --git";
grep = "rg";
ps = "procs";
just = "just --unstable";
fs = "du -ah . | sort -hr | head -n 10";
n = "nix";
nd = "nix develop -c $SHELL";
ns = "nix shell";
nsn = "nix shell nixpkgs#";
nb = "nix build";
nbn = "nix build nixpkgs#";
nf = "nix flake";
nr = "sudo nixos-rebuild --flake .";
nrs = "sudo nixos-rebuild switch --flake .#(uname -n)";
snr = "sudo nixos-rebuild --flake .";
snrs = "sudo nixos-rebuild --flake . switch";
hm = "home-manager --flake .";
hms = "home-manager --flake . switch";
hmr = "cd ~/projects/nix-configurations; nix flake lock --update-input dotfiles; home-manager --flake .#(whoami)@(hostname) switch";
tsu = "sudo tailscale up";
tsd = "sudo tailscale down";
vi = "nvim";
vim = "nvim";
};
};
};
}

40
home/features/cli/fzf.nix Normal file
View File

@ -0,0 +1,40 @@
{
config,
lib,
...
}:
with lib; let
cfg = config.features.cli.fzf;
in {
options.features.cli.fzf.enable = mkEnableOption "enable fuzzy finder";
config = mkIf cfg.enable {
programs.fzf = {
enable = true;
enableFishIntegration = true;
colors = {
"fg" = "#f8f8f2";
"bg" = "#282a36";
"hl" = "#bd93f9";
"fg+" = "#f8f8f2";
"bg+" = "#44475a";
"hl+" = "#bd93f9";
"info" = "#ffb86c";
"prompt" = "#50fa7b";
"pointer" = "#ff79c6";
"marker" = "#ff79c6";
"spinner" = "#ffb86c";
"header" = "#6272a4";
};
defaultOptions = [
"--preview='bat --color=always -n {}'"
"--bind 'ctrl-/:toggle-preview'"
"--header 'Press CTRL-Y to copy command into clipboard'"
"--bind 'ctrl-/:toggle-preview'"
"--bind 'ctrl-y:execute-silent(echo -n {2..} | wl-copy)+abort'"
];
defaultCommand = "fd --type f --exclude .git --follow --hidden";
changeDirWidgetCommand = "fd --type d --exclude .git --follow --hidden";
};
};
}

15
home/features/cli/nitch.nix Normal file
View File

@ -0,0 +1,15 @@
{
config,
lib,
pkgs,
...
}:
with lib; let
cfg = config.features.cli.nitch;
in {
options.features.cli.nitch.enable = mkEnableOption "enable nitch";
config = mkIf cfg.enable {
home.packages = with pkgs; [nitch];
};
}

147
home/features/cli/nushell.nix Normal file
View File

@ -0,0 +1,147 @@
{
config,
pkgs,
lib,
...
}:
with lib; let
cfg = config.features.cli.nushell;
in {
options.features.cli.nushell.enable = mkEnableOption "enable nushell";
config = mkIf cfg.enable {
programs.nushell = {
enable = true;
envFile.text = ''
$env.config.show_banner = false
$env.NIX_PATH = "nixpkgs=channel:nixos-unstable"
$env.NIX_LOG = "iunfo"
$env.WEBKIT_DISABLE_COMPOSITING_MODE = "1"
$env.TERMINAL = "kitty"
$env.EDITOR = "nvim"
$env.VISUAL = "zed"
$env.FZF_DEFAULT_COMMAND = "fd --type f --exclude .git --follow --hidden"
$env.FZF_DEFAULT_OPTS = "--preview='bat --color=always -n {}' --bind 'ctrl-/:toggle-preview' --header 'Press CTRL-Y to copy command into clipboard' --bind 'ctrl-/:toggle-preview' --bind 'ctrl-y:execute-silent(echo -n {2..} | wl-copy)+abort' --color bg:#282a36,bg+:#44475a,fg:#f8f8f2,fg+:#f8f8f2,header:#6272a4,hl:#bd93f9,hl+:#bd93f9,info:#ffb86c,marker:#ff79c6,pointer:#ff79c6,prompt:#50fa7b,spinner:#ffb86c"
$env.XDG_DATA_HOME = $"($env.HOME)/.local/share"
$env.FZF_DEFAULT_COMMAND = "fd --type f --exclude .git --follow --hidden"
$env.SSH_AUTH_SOCK = "/run/user/1000/gnupg/S.gpg-agent.ssh"
$env.FLAKE = $"($env.HOME)/p/nixos/nixos-config"
#source /run/agenix/${config.home.username}-secrets
'';
# if (tty) == "/dev/tty1" {
# exec uwsm start -S -F /run/current-system/sw/bin/Hyprland
# }
# if (tty) == "/dev/tty2" {
# exec gamescope -O HDMI-A-1 -W 1920 -H 1080 --adaptive-sync --hdr-enabled --rt --steam -- steam -pipewire-dmabuf -tenfoot
# }
configFile.text = ''
alias .. = cd ..
alias ... = cd ...
alias h = cd $env.HOME
alias b = yazi
alias lt = eza --tree --level=2 --long --icons --git
alias grep = rg
alias just = just --unstable
alias n = nix
alias nd = nix develop -c $nu.current-shell
alias ns = nix shell
alias nsn = nix shell nixpkgs#
alias nb = nix build
alias nbn = nix build nixpkgs#
alias nf = nix flake
alias nr = sudo nixos-rebuild --flake .
alias nrs = sudo nixos-rebuild switch --flake .#(sys host | get hostname)
alias snr = sudo nixos-rebuild --flake .
alias snrs = sudo nixos-rebuild --flake . switch
alias hm = home-manager --flake .
alias hms = home-manager --flake . switch
alias hmr = do { cd ~/projects/nix-configurations; nix flake lock --update-input dotfiles; home-manager --flake .#(whoami)@(hostname) switch }
alias tsu = sudo tailscale up
alias tsd = sudo tailscale down
alias vi = nvim
alias vim = nvim
def history_fuzzy [] {
let selected = (
history
| reverse
| get command
| uniq
| to text
| ^fzf
)
if ($selected | is-not-empty) {
commandline edit ($selected)
} else {
null
}
}
def --env dir_fuzzy [] {
let selected = (
fd --type directory
| ^fzf
)
cd $selected
}
def find_fuzzy [] {
# Find non-hidden text files with matches for any content and select one via fuzzy search
let selected = (
^fd --type file --no-hidden -X rg -l --files-with-matches .
| lines
| to text
| ^fzf
)
if ($selected | is-not-empty) {
^$env.EDITOR $selected
}
}
$env.config = {
keybindings: [
{
name: history_fuzzy
modifier: control
keycode: char_r
mode: [emacs, vi_insert, vi_normal]
event: [
{
send: executehostcommand
cmd: "history_fuzzy"
}
]
}
{
name: dir_fuzzy
modifier: alt
keycode: char_c
mode: [emacs, vi_insert, vi_normal]
event: [
{
send: executehostcommand
cmd: "dir_fuzzy"
}
]
}
{
name: history_fuzzy
modifier: control
keycode: char_t
mode: [emacs, vi_insert, vi_normal]
event: [
{
send: executehostcommand
cmd: "find_fuzzy"
}
]
}
]
}
'';
};
};
}

21
home/features/cli/secrets.nix Normal file
View File

@ -0,0 +1,21 @@
{
config,
lib,
pkgs,
...
}:
with lib; let
cfg = config.features.cli.secrets;
in {
options.features.cli.secrets.enable = mkEnableOption "enable secrets";
config = mkIf cfg.enable {
programs.password-store = {
enable = true;
package =
pkgs.pass-wayland.withExtensions
(exts: [exts.pass-otp exts.pass-import]);
};
home.packages = with pkgs; [pinentry];
};
}

18
home/features/cli/starship.nix Normal file
View File

@ -0,0 +1,18 @@
{
config,
lib,
...
}:
with lib; let
cfg = config.features.cli.starship;
in {
options.features.cli.starship.enable = mkEnableOption "enable starship prompt";
config = mkIf cfg.enable {
programs.starship = {
enable = true;
enableFishIntegration = true;
enableNushellIntegration = true;
};
};
}

16
home/features/cli/zellij.nix Normal file
View File

@ -0,0 +1,16 @@
{
config,
lib,
...
}:
with lib; let
cfg = config.features.cli.zellij;
in {
options.features.cli.zellij.enable = mkEnableOption "enable tmux";
config = mkIf cfg.enable {
programs.zellij = {
enable = true;
};
};
}

114
home/features/desktop/coding.nix Normal file
View File

@ -0,0 +1,114 @@
{
config,
lib,
pkgs,
...
}:
with lib; let
cfg = config.features.desktop.coding;
in {
options.features.desktop.coding.enable =
mkEnableOption "install coding related stuff";
config = mkIf cfg.enable {
home.packages = with pkgs; [
bruno
insomnia
];
programs.zed-editor = {
enable = true;
userSettings = {
features = {
inline_prediction_provider = "zed";
edit_prediction_provider = "zed";
copilot = false;
};
telemetry = {
metrics = false;
};
lsp = {
rust_analyzer = {
binary = {path_lookup = true;};
};
};
languages = {
Nix = {
language_servers = ["nixd"];
formatter = {
external = {
command = "alejandra";
arguments = ["-q" "-"];
};
};
};
Python = {
language_servers = ["pyrefly"];
formatter = {
external = {
command = "black";
arguments = ["-"];
};
};
};
};
lsp = {
"pyrefly" = {
command = {
path = "pyrefly";
args = ["--lsp"];
env = {};
};
settings = {};
};
};
context_servers = {
"some-context-server" = {
command = {
path = "some-command";
args = ["arg-1" "arg-2"];
env = {};
};
settings = {};
};
};
assistant = {
version = "2";
default_model = {
provider = "anthropic";
model = "Claude 3.7 Sonnet";
};
};
language_models = {
anthropic = {
version = "1";
api_url = "https://api.anthropic.com";
};
openai = {
version = "1";
api_url = "https://api.openai.com/v1";
};
ollama = {
api_url = "http://localhost:11434";
};
};
ssh_connections = [
{
host = "152.53.85.162";
nickname = "m3-atlas";
args = ["-i" "~/.ssh/m3tam3re"];
}
];
auto_update = false;
format_on_save = "on";
vim_mode = true;
load_direnv = "shell_hook";
theme = "Dracula";
buffer_font_family = "FiraCode Nerd Font";
ui_font_size = 16;
buffer_font_size = 16;
show_edit_predictions = true;
};
};
};
}

119
home/features/desktop/default.nix Normal file
View File

@ -0,0 +1,119 @@
{pkgs, ...}: {
imports = [
./coding.nix
./fonts.nix
./hyprland.nix
./media.nix
./office.nix
./rofi.nix
./theme.nix
./wayland.nix
./webapps.nix
];
xdg = {
enable = true;
configFile."mimeapps.list".force = true;
mimeApps = {
enable = true;
associations.added = {
"application/zip" = ["org.gnome.FileRoller.desktop"];
"application/csv" = ["calc.desktop"];
"application/pdf" = ["okularApplication_pdf.desktop"];
};
defaultApplications = {
"application/zip" = ["org.gnome.FileRoller.desktop"];
"application/csv" = ["calc.desktop"];
"application/pdf" = ["okularApplication_pdf.desktop"];
"application/md" = ["nvim.desktop"];
"application/text" = ["nvim.desktop"];
"x-scheme-handler/http" = ["io.github.zen_browser.zen"];
"x-scheme-handler/https" = ["io.github.zen_browser.zen"];
};
};
userDirs = {
enable = true;
createDirectories = true;
};
};
home.sessionVariables = {
WEBKIT_DISABLE_COMPOSITING_MODE = "1";
NIXOS_OZONE_WL = "1";
TERMINAL = "kitty";
QT_QPA_PLATFORM = "wayland";
XDG_CURRENT_DESKTOP = "Hyprland";
XDG_SESSION_TYPE = "wayland";
XDG_SESSION_DESKTOP = "Hyprland";
};
home.sessionPath = ["\${XDG_BIN_HOME}" "\${HOME}/.cargo/bin" "$HOME/.npm-global/bin"];
fonts.fontconfig.enable = true;
programs.kitty = {
enable = true;
shellIntegration = {
enableFishIntegration = true;
enableBashIntegration = true;
};
font = {name = "Fira Code";};
themeFile = "Dracula";
settings = {copy_on_select = "yes";};
};
home.pointerCursor = {
gtk.enable = true;
package = pkgs.bibata-cursors;
name = "Bibata-Modern-Ice";
size = 20;
};
home.packages = with pkgs; [
appimage-run
# blueberry
bemoji
brave
# brightnessctl
# clipman
distrobox
# eww
# firefox-devedition
file-roller
hyprpaper-random
hyprpanel
seahorse
sushi
# glib
# google-chrome
# gsettings-desktop-schemas
# graphviz
# ksnip
nwg-look
# pamixer
# pavucontrol
# libsForQt5.qtstyleplugins
# stable.nyxt
# pcmanfm
rose-pine-hyprcursor
# qt5ct
# qt6.qtwayland
#rustdesk
# socat
# unrar
# unzip
# usbutils
# v4l-utils
remmina
slack
telegram-desktop
vivaldi
vivaldi-ffmpeg-codecs
warp-terminal
# wl-clipboard
# wlogout
# wtype
# xdg-utils
# ydotool
# zip
];
}

24
home/features/desktop/fonts.nix Normal file
View File

@ -0,0 +1,24 @@
{
config,
lib,
pkgs,
...
}:
with lib; let
cfg = config.features.desktop.fonts;
in {
options.features.desktop.fonts.enable =
mkEnableOption "install additional fonts for desktop apps";
config = mkIf cfg.enable {
home.packages = with pkgs; [
fira-code
fira-code-symbols
nerd-fonts.fira-code
nerd-fonts.jetbrains-mono
font-manager
font-awesome_5
noto-fonts
];
};
}

0
home/features/desktop/gnome.nix Normal file
View File

202
home/features/desktop/hyprland.nix Normal file
View File

@ -0,0 +1,202 @@
{
wayland.windowManager.hyprland = {
settings = {
xwayland = {
force_zero_scaling = true;
};
exec-once = [
"hyprpanel"
"hyprpaper"
"hyprpaper-random"
"hypridle"
"wl-paste --type text --watch cliphist store" # Stores only text data
"wl-paste --type image --watch cliphist store" # Stores only image data "wl-paste -p -t text --watch clipman store -P --histpath=\"~/.local/share/clipman-primary.json\""
];
env = [
"XCURSOR_SIZE,32"
"HYPRCURSOR_THEME,Bibata-Modern-Ice"
"WLR_NO_HARDWARE_CURSORS,1"
"GTK_THEME,Dracula"
"XDG_SESSION_TYPE,hyrland"
];
input = {
touchdevice = {
enabled = true;
};
kb_layout = "de,us";
kb_variant = "";
kb_model = "";
kb_rules = "";
kb_options = "ctrl:nocaps";
follow_mouse = 1;
};
general = {
gaps_in = 5;
gaps_out = 5;
border_size = 1;
"col.active_border" = "rgba(9742b5ee) rgba(9742b5ee) 45deg";
"col.inactive_border" = "rgba(595959aa)";
layout = "dwindle";
};
decoration = {
shadow = {
enabled = true;
range = 60;
render_power = 3;
color = "rgba(1E202966)";
offset = "1 2";
scale = 0.97;
};
rounding = 8;
blur = {
enabled = true;
size = 3;
passes = 3;
};
active_opacity = 0.9;
inactive_opacity = 0.5;
};
animations = {
enabled = true;
bezier = "myBezier, 0.05, 0.9, 0.1, 1.05";
animation = [
"windows, 1, 7, myBezier"
"windowsOut, 1, 7, default, popin 80%"
"border, 1, 10, default"
"borderangle, 1, 8, default"
"fade, 1, 7, default"
"workspaces, 1, 6, default"
];
};
dwindle = {
pseudotile = true;
preserve_split = true;
};
master = {
new_status = "master";
};
gestures = {
workspace_swipe = false;
};
device = [
{
name = "epic-mouse-v1";
sensitivity = -0.5;
}
{
name = "zsa-technology-labs-moonlander-mark-i";
kb_layout = "us";
}
{
name = "keychron-keychron-k7";
kb_layout = "us";
}
];
windowrule = [
"float, class:file_progress"
"float, class:confirm"
"float, class:dialog"
"float, class:download"
"float, class:notification"
"float, class:error"
"float, class:splash"
"float, class:confirmreset"
"float, title:Open File"
"float, title:branchdialog"
"float, class:pavucontrol-qt"
"float, class:pavucontrol"
"fullscreen, class:wlogout"
"float, title:wlogout"
"fullscreen, title:wlogout"
"float, class:mpv"
"idleinhibit focus, class:mpv"
"opacity 1.0 override, class:mpv"
"float, title:^(Media viewer)$"
"float, title:^(Volume Control)$"
"float, title:^(Picture-in-Picture)$"
"float,title:^(floating-pomodoro)$"
"size 250 50, title:^(floating-pomodoro)$"
"move 12 100%-150,title:^(floating-pomodoro)$"
"pin,title:^(floating-pomodoro)$"
"float, initialTitle:.*streamlabs.com.*"
"pin, initialTitle:.*streamlabs.com.*"
"size 800 400, initialTitle:.*streamlabs.com.*"
"move 100%-820 102, initialTitle:.*alert-box.*"
"move 100%-820 512, initialTitle:.*chat-box.*"
"opacity 0.5 override, initialTitle:.*streamlabs.com.*"
"idleinhibit focus, initialTitle:.*streamlabs.com.*"
"noanim, initialTitle:.*streamlabs.com.*"
"noborder, initialTitle:.*streamlabs.com.*"
"noshadow, initialTitle:.*streamlabs.com.*"
"noblur, initialTitle:.*streamlabs.com.*"
];
"$mainMod" = "SUPER";
bind = [
"$mainMod, return, exec, nu -c zellij-ps"
# "$mainMod, t, exec, warp-terminal"
"$mainMod, t, exec, kitty -e nu -c 'nitch; exec nu'"
"$mainMod SHIFT, t, exec, launch-timer"
"$mainMod SHIFT, e, exec, kitty -e zellij_nvim"
"$mainMod, o, exec, hyprctl setprop activewindow opaque toggle"
"$mainMod, r, exec, hyprctl dispatch focuswindow \"initialtitle:.*alert-box.*\" && hyprctl dispatch moveactive exact 4300 102 && hyprctl dispatch focuswindow \"initialtitle:.*chat-box.*\" && hyprctl dispatch moveactive exact 4300 512"
"$mainMod, b, exec, thunar"
"$mainMod SHIFT, B, exec, vivaldi"
"$mainMod, Escape, exec, wlogout -p layer-shell"
"$mainMod, Space, togglefloating"
"$mainMod, q, killactive"
"$mainMod, M, exit"
"$mainMod, F, fullscreen"
"$mainMod SHIFT, V, togglefloating"
"$mainMod, D, exec, rofi -show"
"$mainMod, V, exec, cliphist list | rofi -dmenu | cliphist decode | wl-copy"
"$mainMod SHIFT, S, exec, bemoji"
"$mainMod, P, exec, rofi-pass"
"$mainMod SHIFT, P, pseudo"
"$mainMod, J, togglesplit"
"$mainMod, h, movefocus, l"
"$mainMod, l, movefocus, r"
"$mainMod, k, movefocus, u"
"$mainMod, j, movefocus, d"
"$mainMod, 1, workspace, 1"
"$mainMod, 2, workspace, 2"
"$mainMod, 3, workspace, 3"
"$mainMod, 4, workspace, 4"
"$mainMod, 5, workspace, 5"
"$mainMod, 6, workspace, 6"
"$mainMod, 7, workspace, 7"
"$mainMod, 8, workspace, 8"
"$mainMod, 9, workspace, 9"
"$mainMod, 0, workspace, 10"
"$mainMod SHIFT, 1, movetoworkspace, 1"
"$mainMod SHIFT, 2, movetoworkspace, 2"
"$mainMod SHIFT, 3, movetoworkspace, 3"
"$mainMod SHIFT, 4, movetoworkspace, 4"
"$mainMod SHIFT, 5, movetoworkspace, 5"
"$mainMod SHIFT, 6, movetoworkspace, 6"
"$mainMod SHIFT, 7, movetoworkspace, 7"
"$mainMod SHIFT, 8, movetoworkspace, 8"
"$mainMod SHIFT, 9, movetoworkspace, 9"
"$mainMod SHIFT, 0, movetoworkspace, 10"
"$mainMod, mouse_down, workspace, e+1"
"$mainMod, mouse_up, workspace, e-1"
];
bindm = [
"$mainMod, mouse:272, movewindow"
"$mainMod, mouse:273, resizewindow"
];
};
};
}

57
home/features/desktop/media.nix Normal file
View File

@ -0,0 +1,57 @@
{
config,
lib,
pkgs,
...
}:
with lib; let
cfg = config.features.desktop.media;
in {
options.features.desktop.media.enable =
mkEnableOption "enable media features";
config = mkIf cfg.enable {
home.packages = with pkgs; [
# handbrake
# kdePackages.kdenlive
# makemkv
# mediainfo
amf
blueberry
ffmpeg_6-full
gst_all_1.gstreamer
gst_all_1.gst-vaapi
handbrake
inkscape
kdePackages.kdenlive
krita
libation
#makemkv
pamixer
pavucontrol
qpwgraph
v4l-utils
plexamp
webcord
# uxplay
# vlc
# webcord
# yt-dlp
unimatrix
];
programs = {
mpv = {
enable = true;
bindings = {
WHEEL_UP = "seek 10";
WHEEL_DOWN = "seek -10";
};
config = {
profile = "gpu-hq";
ytdl-format = "bestvideo+bestaudio";
};
};
};
};
}

18
home/features/desktop/office.nix Normal file
View File

@ -0,0 +1,18 @@
{
config,
lib,
pkgs,
...
}:
with lib; let
cfg = config.features.desktop.office;
in {
options.features.desktop.office.enable =
mkEnableOption "install office and paperwork stuff";
config = mkIf cfg.enable {
home.packages = with pkgs; [
libreoffice-fresh
];
};
}

38
home/features/desktop/rofi.nix Normal file
View File

@ -0,0 +1,38 @@
{
config,
pkgs,
lib,
...
}:
with lib; let
cfg = config.features.desktop.rofi;
in {
options.features.desktop.rofi.enable = mkEnableOption "enable rofi";
config = mkIf cfg.enable {
programs.rofi = with pkgs; {
enable = true;
package = rofi.override {
plugins = [
rofi-calc
rofi-emoji
rofi-file-browser
];
};
pass = {
enable = true;
package = rofi-pass-wayland;
};
terminal = "\${pkgs.kitty}/bin/kitty";
font = "Fira Code";
extraConfig = {
show-icons = true;
disable-history = false;
modi = "drun,calc,emoji,filebrowser";
kb-primary-paste = "Control+V,Shift+Insert";
kb-secondary-paste = "Control+v,Insert";
};
theme = "dracula";
};
};
}

17
home/features/desktop/theme.nix Normal file
View File

@ -0,0 +1,17 @@
{pkgs, ...}: {
qt = {
enable = true;
platformTheme.name = "gtk";
};
gtk = {
enable = true;
theme = {
name = "Dracula";
package = pkgs.dracula-theme;
};
iconTheme = {
name = "Dracula";
package = pkgs.dracula-icon-theme;
};
};
}

31
home/features/desktop/wayland.nix Normal file
View File

@ -0,0 +1,31 @@
{
config,
lib,
pkgs,
...
}:
with lib; let
cfg = config.features.desktop.wayland;
in {
options.features.desktop.wayland.enable = mkEnableOption "wayland extra tools and config";
config = mkIf cfg.enable {
home.packages = with pkgs; [
grim
hyprcursor
hyprlock
hyprpaper
nwg-displays
nwg-look
qt6.qtwayland
slurp
waypipe
wl-clipboard
wf-recorder
wl-mirror
wlogout
wtype
ydotool
];
};
}

35
home/features/desktop/webapps.nix Normal file
View File

@ -0,0 +1,35 @@
{
pkgs,
lib,
...
}: let
icons = {
teams = pkgs.fetchurl {
url = "https://cdn.jsdelivr.net/gh/homarr-labs/dashboard-icons/svg/microsoft-teams.svg";
sha256 = "sha256-Pr9QS8nnXJq97r4/G3c6JXi34zxHl0ps9gcyI8cN/s8=";
};
outlook = pkgs.fetchurl {
url = "https://cdn.jsdelivr.net/gh/homarr-labs/dashboard-icons/svg/microsoft-outlook.svg";
sha256 = "sha256-3u8t5QNHFZvrAegxBiGicO4PjtMWhEaQSCv7MSSfLLc=";
};
};
in {
xdg.desktopEntries = {
teams = {
name = "Microsoft Teams";
exec = "vivaldi --app=https://teams.microsoft.com";
comment = "Open Microsoft Teams as a Desktop App";
categories = ["Application" "Network" "Chat"];
terminal = false;
icon = icons.teams;
};
Outlook = {
name = "Microsoft Outlook";
exec = "vivaldi --app=https://outlook.office.com/mail/";
comment = "Open Microsoft Outlook as a Desktop App";
categories = ["Application" "Network"];
terminal = false;
icon = icons.outlook;
};
};
}

91
home/sascha.koenig/AZ-LPT-100.nix Normal file
View File

@ -0,0 +1,91 @@
{
config,
lib,
...
}:
with lib; let
cfg = config.features.desktop.hyprland;
in {
imports = [
../common
./home.nix
../features/cli
../features/desktop
];
options.features.desktop.hyprland.enable =
mkEnableOption "enable Hyprland";
config = mkMerge [
# Base configuration
{
xdg = {
# TODO: better structure
enable = true;
configFile."mimeapps.list".force = true;
mimeApps = {
enable = true;
associations.added = {
"application/zip" = ["org.gnome.FileRoller.desktop"];
"application/csv" = ["calc.desktop"];
"application/pdf" = ["vivaldi-stable.desktop"];
"x-scheme-handler/http" = ["vivaldi-stable.desktop"];
"x-scheme-handler/https" = ["vivaldi-stable.desktop"];
};
defaultApplications = {
"application/zip" = ["org.gnome.FileRoller.desktop"];
"application/csv" = ["calc.desktop"];
"application/pdf" = ["vivaldi-stable.desktop"];
"application/md" = ["dev.zed.Zed.desktop"];
"application/text" = ["dev.zed.Zed.desktop"];
"x-scheme-handler/http" = ["vivaldi-stable.desktop"];
"x-scheme-handler/https" = ["vivaldi-stable.desktop"];
};
};
};
features = {
cli = {
fish.enable = true;
nushell.enable = true;
fzf.enable = true;
nitch.enable = true;
secrets.enable = true;
starship.enable = true;
};
desktop = {
coding.enable = true;
hyprland.enable = true;
media.enable = true;
office.enable = true;
rofi.enable = true;
fonts.enable = true;
wayland.enable = true;
};
};
}
(mkIf cfg.enable {
wayland.windowManager.hyprland = {
enable = true;
settings = {
source = "~/.config/hypr/monitors.conf";
workspace = [
"1, monitor:eDP-1, default:true"
"2, monitor:eDP-1"
"3, monitor:DP-9"
"4, monitor:DP-9"
"5, monitor:DP-8,border:false,rounding:false"
"6, monitor:DP-8"
];
windowrule = [
"workspace 1,class:(com.obsproject.Studio)"
"workspace 3,class:dev.zed.Zed"
"workspace 5,opacity 1.0, class:(vivaldi-stable)"
"workspace 6,opacity 1.0, initialTitle:(teams.microsoft.com_/)"
"workspace 6,opacity 1.0, initialTitle:(outlook.office.com_/mail/)"
];
};
};
})
];
}

19
home/sascha.koenig/home.nix
View File

@ -24,7 +24,6 @@
# The home.packages option allows you to install Nix packages into your # The home.packages option allows you to install Nix packages into your
# environment. # environment.
home.packages = with pkgs; [ home.packages = with pkgs; [
neovim
# # Adds the 'hello' command to your environment. It prints a friendly # # Adds the 'hello' command to your environment. It prints a friendly
# # "Hello, world!" when run. # # "Hello, world!" when run.
# pkgs.hello # pkgs.hello
@ -100,7 +99,23 @@
home.sessionVariables = { home.sessionVariables = {
# EDITOR = "emacs"; # EDITOR = "emacs";
}; };
programs.ssh = {
enable = true;
matchBlocks = {
"git.az-gruppe.com" = {
hostname = "152.53.186.119";
user = "sascha.koenig";
port = 2022;
identityFile = "~/.ssh/sascha.koenig";
};
"AZ-CLD-1" = {
hostname = "152.53.186.119";
user = "sascha.koenig";
port = 2022;
identityFile = "~/.ssh/sascha.koenig";
};
};
};
# Let Home Manager install and manage itself. # Let Home Manager install and manage itself.
programs.home-manager.enable = true; programs.home-manager.enable = true;
} }

127
hosts/AZ-LPT-100/configuration.nix Normal file
View File

@ -0,0 +1,127 @@
# Edit this configuration file to define what should be installed on
# your system. Help is available in the configuration.nix(5) man page, on
# https://search.nixos.org/options and in the NixOS manual (`nixos-help`).
{
config,
pkgs,
...
}: {
imports = [
# Include the results of the hardware scan.
./hardware-configuration.nix
];
# Bootloader.
boot.loader.systemd-boot.enable = true;
boot.initrd.kernelModules = ["amdgpu" "hid_asus"];
boot.kernelPackages = pkgs.linuxPackages_6_16;
boot.extraModprobeConfig = ''
options hid_asus enable_touchpad=1
'';
services.xserver.videoDrivers = ["amdgpu"];
security.polkit.enable = true;
security.pam.services.gdm.enableGnomeKeyring = true;
networking.hostName = "AZ-LPT-100";
# Define your hostname.
# warp-terminal update fix
# networking.extraHosts = ''
# 127.0.0.1 releases.warp.dev
# 127.0.0.1 app.warp.dev
# '';
# Pick only one of the below networking options.
# networking.wireless.enable = true; # Enables wireless support via wpa_supplicant.
networking.networkmanager.enable =
true; # Easiest to use and most distros use this by default.
# Set your time zone.
time.timeZone = "Europe/Berlin";
# Configure network proxy if necessary
# networking.proxy.default = "http://user:password@proxy:port/";
# networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain";
# Select internationalisation properties.
i18n.defaultLocale = "de_DE.UTF-8";
# console = {
# font = "Lat2-Terminus16";
# keyMap = "us";
# useXkbConfig = true; # use xkb.options in tty.
# };
# Enable the X11 windowing system.
# services.xserver.enable = true;
# Enable the GNOME Desktop Environment.
# services.xserver.displayManager.gdm.enable = true;
# services.xserver.desktopManager.gnome.enable = true;
# Configure keymap in X11
# services.xserver.xkb.layout = "us";
# services.xserver.xkb.options = "eurosign:e,caps:escape";
# Enable CUPS to print documents.
# services.printing.enable = true;
# Enable sound.
# hardware.pulseaudio.enable = true;
# OR
# Enable touchpad support (enabled default in most desktopManager).
# services.libinput.enable = true;
# Define a user account. Don't forget to set a password with passwd.
# List packages installed in system profile. To search, run:
# $ nix search wget
environment.systemPackages = with pkgs; [asusctl git];
# Some programs need SUID wrappers, can be configured further or are
# started in user sessions.
# programs.mtr.enable = true;
# programs.gnupg.agent = {
# enable = true;
# enableSSHSupport = true;
# };
# List services that you want to enable:
# Enable the OpenSSH daemon.
services.openssh = {
enable = true;
settings.PermitRootLogin = "no";
settings = {
PasswordAuthentication = true;
};
};
services.fstrim.enable = true;
# Open ports in the firewall.
# networking.firewall.allowedTCPPorts = [ ... ];
# networking.firewall.allowedUDPPorts = [ ... ];
# Or disable the firewall altogether.
# networking.firewall.enable = false;
# Copy the NixOS configuration file and link it from the resulting system
# (/run/current-system/configuration.nix). This is useful in case you
# accidentally delete configuration.nix.
# system.copySystemConfiguration = true;
# This option defines the first version of NixOS you have installed on this particular machine,
# and is used to maintain compatibility with application data (e.g. databases) created on older NixOS versions.
#
# Most users should NEVER change this value after the initial install, for any reason,
# even if you've upgraded your system to a new NixOS release.
#
# This value does NOT affect the Nixpkgs version your packages and OS are pulled from,
# so changing it will NOT upgrade your system - see https://nixos.org/manual/nixos/stable/#sec-upgrading for how
# to actually do that.
#
# This value being lower than the current NixOS release does NOT mean your system is
# out of date, out of support, or vulnerable.
#
# Do NOT change this value unless you have manually inspected all the changes it would make to your configuration,
# and migrated your data accordingly.
#
# For more information, see `man configuration.nix` or https://nixos.org/manual/nixos/stable/options#opt-system.stateVersion .
system.stateVersion = "25.05"; # Did you read the comment?
}

98
hosts/AZ-LPT-100/default.nix Normal file
View File

@ -0,0 +1,98 @@
{
inputs,
outputs,
pkgs,
lib,
...
}: {
imports = [
# Import only the parts we need from common, avoiding Home Manager conflicts
../common/extraServices
./configuration.nix
./hardware.nix
./programs.nix
./secrets.nix
./services
# Import unstable Home Manager directly
inputs.home-manager-unstable.nixosModules.home-manager
];
# Create the user directly here
users.users."sascha.koenig" = {
hashedPassword = "$y$j9T$ORX4btVZgs9Xjq2oIvzJm0$lXiPwaa0D6t.eMDIx1UBesEAMOkWXBoGwpeI7X0aS8D";
isNormalUser = true;
group = "sascha.koenig";
extraGroups = [
"wheel"
"networkmanager"
"libvirtd"
"flatpak"
"plugdev"
"input"
"kvm"
"qemu-libvirtd"
];
openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEZbg/Z9mnflXuLahGY8WOSBMqbgeqVIkIwRkquys1Ml sascha.koenig@azintec.com"
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQC3YEmpYbM+cpmyD10tzNRHEn526Z3LJOzYpWEKdJg8DaYyPbDn9iyVX30Nja2SrW4Wadws0Y8DW+Urs25/wVB6mKl7jgPJVkMi5hfobu3XAz8gwSdjDzRSWJrhjynuaXiTtRYED2INbvjLuxx3X8coNwMw58OuUuw5kNJp5aS2qFmHEYQErQsGT4MNqESe3jvTP27Z5pSneBj45LmGK+RcaSnJe7hG+KRtjuhjI7RdzMeDCX73SfUsal+rHeuEw/mmjYmiIItXhFTDn8ZvVwpBKv7ykgP0jk79ldT3Dv+2Hj0CdAWT2cJAdFX58KQ9jUPT3tBnObSF1lGMI7t77VU= m3tam3re@MBP-Sascha.fritz.box"
];
packages = [inputs.home-manager-unstable.packages.${pkgs.system}.default];
};
users.groups."sascha.koenig" = {};
# Configure Home Manager with unstable
home-manager = {
useUserPackages = true;
extraSpecialArgs = {inherit inputs outputs;};
users."sascha.koenig" = import ../../home/sascha.koenig/AZ-LPT-100.nix;
};
# Configure nixpkgs to use unstable
nixpkgs = {
overlays = [
outputs.overlays.additions
outputs.overlays.modifications
# Add stable as an overlay since base is unstable
(final: _prev: {
stable = import inputs.nixpkgs {
system = final.system;
config.allowUnfree = true;
};
})
];
config = {
allowUnfree = true;
};
};
# Copy nix settings from common
nix = {
settings = {
experimental-features = "nix-command flakes";
trusted-users = [
"root"
"sascha.koenig"
];
};
gc = {
automatic = true;
options = "--delete-older-than 30d";
};
optimise.automatic = true;
registry =
(lib.mapAttrs (_: flake: {inherit flake;}))
((lib.filterAttrs (_: lib.isType "flake")) (inputs
// {
# Use unstable nixpkgs in registry
nixpkgs = inputs.nixpkgs-unstable;
}));
nixPath = ["/etc/nix/path"];
};
extraServices = {
flatpak.enable = true;
ollama.enable = true;
podman.enable = true;
virtualisation.enable = true;
};
}

68
hosts/AZ-LPT-100/hardware-configuration.nix Normal file
View File

@ -0,0 +1,68 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{
config,
lib,
modulesPath,
...
}: {
imports = [
(modulesPath + "/installer/scan/not-detected.nix")
];
boot.initrd.availableKernelModules = ["nvme" "xhci_pci" "thunderbolt" "usbhid" "usb_storage" "sd_mod" "sdhci_pci"];
boot.initrd.kernelModules = [];
boot.kernelModules = ["kvm-amd"];
boot.extraModulePackages = [];
fileSystems."/" = {
device = "/dev/disk/by-uuid/9fcbe547-12dc-467d-a0e2-cefeedaf28d9";
fsType = "btrfs";
options = ["subvol=root" "compress=zstd" "noatime" "ssd" "discard=async"];
};
fileSystems."/home" = {
device = "/dev/disk/by-uuid/9fcbe547-12dc-467d-a0e2-cefeedaf28d9";
fsType = "btrfs";
options = ["subvol=home" "compress=zstd" "noatime" "ssd" "discard=async"];
};
fileSystems."/nix" = {
device = "/dev/disk/by-uuid/9fcbe547-12dc-467d-a0e2-cefeedaf28d9";
fsType = "btrfs";
options = ["subvol=nix" "compress=zstd" "noatime" "ssd" "discard=async"];
};
fileSystems."/persist" = {
device = "/dev/disk/by-uuid/9fcbe547-12dc-467d-a0e2-cefeedaf28d9";
fsType = "btrfs";
options = ["subvol=persist" "compress=zstd" "noatime" "ssd" "discard=async"];
};
fileSystems."/var/log" = {
device = "/dev/disk/by-uuid/9fcbe547-12dc-467d-a0e2-cefeedaf28d9";
fsType = "btrfs";
options = ["subvol=log" "compress=zstd" "noatime" "ssd" "discard=async"];
};
fileSystems."/boot" = {
device = "/dev/disk/by-uuid/89EE-C4CE";
fsType = "vfat";
options = ["fmask=0022" "dmask=0022"];
};
swapDevices = [
{device = "/dev/disk/by-uuid/7e78ee33-a051-439a-80aa-635d0ab698e4";}
];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's
# still possible to use this option, but it's recommended to use it in conjunction
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
networking.useDHCP = lib.mkDefault true;
# networking.interfaces.wlp194s0.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
}

8
hosts/AZ-LPT-100/hardware.nix Normal file
View File

@ -0,0 +1,8 @@
{
hardware = {
amdgpu.opencl.enable = true;
bluetooth.enable = true;
keyboard.zsa.enable = true;
graphics.enable = true;
};
}

41
hosts/AZ-LPT-100/programs.nix Normal file
View File

@ -0,0 +1,41 @@
{pkgs, ...}: {
programs.nix-ld.enable = true;
programs.nix-ld.libraries = with pkgs; [
# Add any missing dynamic libraries for unpackaged programs
# here, NOT in environment.systemPackages
];
programs.hyprland = {
enable = true;
xwayland.enable = true;
withUWSM = true;
};
programs.fish.enable = true;
programs.thunar = {
enable = true;
plugins = with pkgs.xfce; [thunar-archive-plugin thunar-volman];
};
programs.gnupg.agent = {
enable = true;
enableSSHSupport = true;
pinentryPackage = pkgs.pinentry-gnome3;
settings = {default-cache-ttl = 10800;};
};
programs.obs-studio = {
enable = true;
enableVirtualCamera = true;
plugins = with pkgs.obs-studio-plugins; [
obs-composite-blur
obs-vaapi
# obs-vertical-canvas
obs-vkcapture
obs-webkitgtk
wlrobs
];
};
programs.nh = {
enable = true;
clean.enable = true;
clean.extraArgs = "--keep-since 4d --keep 3";
flake = "/home/m3tam3re/p/nixos/nixos-config";
};
}

1
hosts/AZ-LPT-100/secrets.nix Normal file
View File

@ -0,0 +1 @@
{}

99
hosts/AZ-LPT-100/services/ad.nix Normal file
View File

@ -0,0 +1,99 @@
{
config,
pkgs,
...
}: {
environment.systemPackages = with pkgs; [
adcli # Helper library and tools for Active Directory client operations
realmd # Diagnostic command; Does not configure AD client on NixOS
samba # Standard Windows interoperability suite of programs for Linux and Unix
];
#
# Security
#
security = {
krb5 = {
enable = true;
settings = {
libdefaults = {
udp_preference_limit = 0;
default_realm = "AZ-GROUP";
};
};
};
pam = {
makeHomeDir.umask = "077";
services.login.makeHomeDir = true;
services.sshd.makeHomeDir = true;
};
sudo = {
extraConfig = ''
%domain\ admins ALL=(ALL:ALL) NOPASSWD: ALL
Defaults:%domain\ admins env_keep+=TERMINFO_DIRS
Defaults:%domain\ admins env_keep+=TERMINFO
'';
# Use extraConfig because of blank space in 'domain admins'.
# Alternatively, you can use the GID.
# extraRules = [
# { groups = [ "domain admins" ];
# commands = [ { command = "ALL"; options = [ "NOPASSWD" ]; } ]; }
# ];
};
};
#
# Services
#
services = {
nscd = {
enable = true;
config = ''
server-user nscd
enable-cache hosts yes
positive-time-to-live hosts 0
negative-time-to-live hosts 0
shared hosts yes
enable-cache passwd no
enable-cache group no
enable-cache netgroup no
enable-cache services no
'';
};
sssd = {
enable = true;
config = ''
[sssd]
domains = az-group
config_file_version = 2
services = nss, pam
[pam]
offline_credentials_expiration = 365
[domain/az-group]
override_shell = /run/current-system/sw/bin/zsh
krb5_store_password_if_offline = true
cache_credentials = true
account_cache_expiration = 365
entry_cache_timeout = 14400
krb5_realm = AZ-GROUP
realmd_tags = manages-system joined-with-samba
id_provider = ad
fallback_homedir = /home/%u
ad_domain = az-group
use_fully_qualified_names = false
ldap_id_mapping = false
auth_provider = ad
access_provider = ad
chpass_provider = ad
ad_gpo_access_control = permissive
enumerate = true
'';
};
};
}

37
hosts/AZ-LPT-100/services/default.nix Normal file
View File

@ -0,0 +1,37 @@
{
imports = [
# ./ad.nix
./sound.nix
./udev.nix
];
services = {
hypridle.enable = true;
printing.enable = true;
gvfs.enable = true;
gnome.gnome-keyring.enable = true;
qdrant = {
enable = true;
settings = {
service = {
host = "0.0.0.0";
};
};
};
upower.enable = true;
avahi = {
enable = true;
nssmdns4 = true;
publish = {
addresses = true;
workstation = true;
userServices = true;
};
};
asusd = {
enable = true;
enableUserService = true;
};
desktopManager.gnome.enable = true;
displayManager.gdm.enable = true;
};
}

11
hosts/AZ-LPT-100/services/sound.nix Normal file
View File

@ -0,0 +1,11 @@
{
security.rtkit.enable = true;
services.pipewire = {
enable = true;
alsa.enable = true;
alsa.support32Bit = true;
pulse.enable = true;
jack.enable = false;
wireplumber.enable = true;
};
}

8
hosts/AZ-LPT-100/services/udev.nix Normal file
View File

@ -0,0 +1,8 @@
{pkgs, ...}: {
services.udev.extraRules = ''
SUBSYSTEM=="usb", MODE="0666"
'';
environment.systemPackages = with pkgs; [
zsa-udev-rules
];
}

3
hosts/common/extraServices/default.nix
View File

@ -1,5 +1,8 @@
{ {
imports = [ imports = [
./flatpak.nix
./ollama.nix
./podman.nix ./podman.nix
./virtualisation.nix
]; ];
} }

24
hosts/common/extraServices/flatpak.nix Normal file
View File

@ -0,0 +1,24 @@
{
config,
lib,
pkgs,
...
}:
with lib; let
cfg = config.extraServices.flatpak;
in {
options.extraServices.flatpak.enable = mkEnableOption "enable flatpak";
config = mkIf cfg.enable {
services.flatpak.enable = true;
xdg.portal = {
# xdg desktop intergration (required for flatpak)
enable = true;
wlr.enable = true;
extraPortals = with pkgs; [
xdg-desktop-portal-hyprland
];
config.common.default = "*";
};
};
}

32
hosts/common/extraServices/ollama.nix Normal file
View File

@ -0,0 +1,32 @@
{
config,
lib,
pkgs,
...
}:
with lib; let
cfg = config.extraServices.ollama;
in {
options.extraServices.ollama.enable = mkEnableOption "enable ollama";
config = mkIf cfg.enable {
services.ollama = {
enable = true;
acceleration =
if config.services.xserver.videoDrivers == ["amdgpu"]
then "rocm"
else if config.services.xserver.videoDrivers == ["nvidia"]
then "cuda"
else null;
host = "[::]";
openFirewall = true;
environmentVariables = {
OLLAMA_HOST = "0.0.0.0";
};
};
nixpkgs.config = {
rocmSupport = config.services.xserver.videoDrivers == ["amdgpu"];
cudaSupport = config.services.xserver.videoDrivers == ["nvidia"];
};
};
}

52
hosts/common/extraServices/virtualisation.nix Normal file
View File

@ -0,0 +1,52 @@
{
config,
lib,
pkgs,
...
}:
with lib; let
cfg = config.extraServices.virtualisation;
in {
options.extraServices.virtualisation.enable = mkEnableOption "enable virtualisation";
config = mkIf cfg.enable {
virtualisation = {
libvirtd = {
enable = true;
qemu = {
package = pkgs.qemu_kvm;
runAsRoot = true;
swtpm.enable = true;
ovmf = {
enable = true;
packages = [
(pkgs.OVMF.override {
secureBoot = true;
tpmSupport = true;
})
.fd
];
};
};
};
};
programs.virt-manager.enable = true;
environment = {
systemPackages = [pkgs.qemu];
etc = {
"ovmf/OVMF_CODE.fd" = {
source = "${(pkgs.OVMF.override {
secureBoot = true;
tpmSupport = true;
}).fd}/FV/OVMF_CODE.fd";
};
"ovmf/OVMF_VARS.fd" = {
source = "${(pkgs.OVMF.override {
secureBoot = true;
tpmSupport = true;
}).fd}/FV/OVMF_VARS.fd";
};
};
};
};
}

1
hosts/common/users/sascha.koenig.nix
View File

@ -19,6 +19,7 @@
]; ];
openssh.authorizedKeys.keys = [ openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEZbg/Z9mnflXuLahGY8WOSBMqbgeqVIkIwRkquys1Ml sascha.koenig@azintec.com" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEZbg/Z9mnflXuLahGY8WOSBMqbgeqVIkIwRkquys1Ml sascha.koenig@azintec.com"
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQC3YEmpYbM+cpmyD10tzNRHEn526Z3LJOzYpWEKdJg8DaYyPbDn9iyVX30Nja2SrW4Wadws0Y8DW+Urs25/wVB6mKl7jgPJVkMi5hfobu3XAz8gwSdjDzRSWJrhjynuaXiTtRYED2INbvjLuxx3X8coNwMw58OuUuw5kNJp5aS2qFmHEYQErQsGT4MNqESe3jvTP27Z5pSneBj45LmGK+RcaSnJe7hG+KRtjuhjI7RdzMeDCX73SfUsal+rHeuEw/mmjYmiIItXhFTDn8ZvVwpBKv7xsJG90DkaX2vaTk0wgJdMnpVIuIRBa4EkmMWOQ3bMLGkLQeK/4FUkNcvQ/4+zcZsg4cY9Q7Fj55DD41hAUdF6SYODtn5qMPsTCnJz44glHt/oseKXMSd556NIw2HOvihbJW7Rwl4OEjGaO/dF4nUw4c9tHWmMn9dLslAVpUuZOb7ykgP0jk79ldT3Dv+2Hj0CdAWT2cJAdFX58KQ9jUPT3tBnObSF1lGMI7t77VU= m3tam3re@MBP-Sascha.fritz.box"
]; ];
packages = [inputs.home-manager.packages.${pkgs.system}.default]; packages = [inputs.home-manager.packages.${pkgs.system}.default];
}; };

6
overlays/default.nix
View File

@ -12,6 +12,12 @@
# }); # });
}; };
stable-packages = final: _prev: {
stable = import inputs.nixpkgs {
system = final.system;
config.allowUnfree = true;
};
};
unstable-packages = final: _prev: { unstable-packages = final: _prev: {
unstable = import inputs.nixpkgs-unstable { unstable = import inputs.nixpkgs-unstable {
system = final.system; system = final.system;

56
pkgs/aider-chat-env/default.nix Normal file
View File

@ -0,0 +1,56 @@
{
lib,
stdenv,
python3,
zlib,
libffi,
makeWrapper,
}: let
pythonEnv = python3.withPackages (ps:
with ps; [
pip
virtualenv
]);
in
stdenv.mkDerivation rec {
pname = "aider-chat-env";
version = "0.1.0";
src = ./.;
nativeBuildInputs = [makeWrapper];
buildInputs = [pythonEnv zlib libffi];
installPhase = ''
mkdir -p $out/bin
cat > $out/bin/aider-chat-env <<EOF
#!/bin/sh
VENV_DIR="\$HOME/.aider-chat-venv"
if [ ! -d "\$VENV_DIR" ]; then
echo "Creating new virtual environment in \$VENV_DIR..."
${pythonEnv}/bin/python -m venv "\$VENV_DIR"
source "\$VENV_DIR/bin/activate"
# Upgrade pip first
python -m pip install --no-cache-dir --upgrade pip
# Install aider-chat
python -m pip install --no-cache-dir aider-chat
else
source "\$VENV_DIR/bin/activate"
fi
exec "\$SHELL"
EOF
chmod +x $out/bin/aider-chat-env
'';
postFixup = ''
wrapProgram $out/bin/aider-chat-env \
--prefix PATH : ${lib.makeBinPath buildInputs} \
--prefix LD_LIBRARY_PATH : ${lib.makeLibraryPath [stdenv.cc.cc.lib zlib libffi]}
'';
meta = with lib; {
description = "Python environment with aider-chat";
license = licenses.mit;
platforms = platforms.all;
};
}

36
pkgs/code2prompt/default.nix Normal file
View File

@ -0,0 +1,36 @@
{
lib,
fetchFromGitHub,
rustPlatform,
pkg-config,
perl,
openssl,
}:
rustPlatform.buildRustPackage rec {
pname = "code2prompt";
version = "3.0.2";
src = fetchFromGitHub {
owner = "mufeedvh";
repo = "code2prompt";
rev = "v${version}";
hash = "sha256-9YbsrbExRFbsEz2GifklmUGp3YlsEUOi25+P5vPK8fs=";
};
cargoLock = {
lockFile = src + "/Cargo.lock";
};
buildAndTestSubdir = "crates/code2prompt";
nativeBuildInputs = [pkg-config perl];
buildInputs = [openssl];
meta = {
description = "A CLI tool that converts your codebase into a single LLM prompt with a source tree, prompt templating, and token counting";
homepage = "https://github.com/mufeedvh/code2prompt";
license = lib.licenses.mit;
mainProgram = "code2prompt";
};
}

8
pkgs/default.nix
View File

@ -1,4 +1,10 @@
{pkgs, ...}: { {pkgs, ...}: {
# Define your custom packages here # Define your custom packages here
# my-package = pkgs.callPackage ./my-package {}; hyprpaper-random = pkgs.callPackage ./hyprpaper-random {};
msty = pkgs.callPackage ./msty {};
msty-sidecar = pkgs.callPackage ./msty-sidecar {};
zellij-ps = pkgs.callPackage ./zellij-ps {};
aider-chat-env = pkgs.callPackage ./aider-chat-env {};
code2prompt = pkgs.callPackage ./code2prompt {};
pomodoro-timer = pkgs.callPackage ./pomodoro-timer {};
} }

72
pkgs/hyprpaper-random/default.nix Normal file
View File

@ -0,0 +1,72 @@
{
lib,
stdenv,
writeShellScriptBin,
fd,
hyprland,
coreutils,
gawk,
}: let
script = writeShellScriptBin "hyprpaper-random" ''
#!/usr/bin/env bash
set -euo pipefail
# Directory (override with WALLPAPER_DIR)
DIR="''${WALLPAPER_DIR:-''${XDG_CONFIG_HOME:-$HOME/.config}/hypr/wallpapers}"
HYPRCTL="${hyprland}/bin/hyprctl"
FD="${fd}/bin/fd"
SHUF="${coreutils}/bin/shuf"
TR="${coreutils}/bin/tr"
AWK="${gawk}/bin/awk"
# Pick one random image (null-safe)
WALLPAPER="$(
"$FD" . "$DIR" -t f -e jpg -e jpeg -e png -e webp -e avif -0 --follow --hidden \
| "$SHUF" -z -n1 \
| "$TR" -d '\0'
)"
if [[ -z "''${WALLPAPER:-}" ]]; then
echo "No wallpapers found in: $DIR" >&2
exit 1
fi
# Preload so hyprpaper can use it
"$HYPRCTL" hyprpaper preload "$WALLPAPER" >/dev/null 2>&1 || true
# Apply to all monitors
"$HYPRCTL" monitors \
| "$AWK" '/^Monitor /{print $2}' \
| while IFS= read -r mon; do
[ -n "$mon" ] && "$HYPRCTL" hyprpaper wallpaper "$mon,$WALLPAPER"
done
exit 0
'';
in
stdenv.mkDerivation {
pname = "hyprpaper-random";
version = "0.1.1";
dontUnpack = true;
buildInputs = [
fd
hyprland
coreutils
gawk
];
installPhase = ''
mkdir -p "$out/bin"
ln -s ${script}/bin/hyprpaper-random "$out/bin/hyprpaper-random"
'';
meta = with lib; {
description = "Minimal random wallpaper setter for Hyprpaper";
license = licenses.mit;
platforms = platforms.linux;
mainProgram = "hyprpaper-random";
};
}

38
pkgs/msty-sidecar/default.nix Normal file
View File

@ -0,0 +1,38 @@
{
appimageTools,
fetchurl,
nodejs,
nodePackages,
uv,
python3,
makeWrapper,
}: let
pname = "msty-sidecar";
version = "0.4.0";
src = fetchurl {
url = "https://sidecar-assets.msty.studio/prod/latest/linux/amd64/MstySidecar_x86_64_amd64.AppImage";
sha256 = "sha256-UhsokCG0NPqn5nhn//AaIuY6sWlZkejNlqMEyN4Opqg=";
};
appimageContents = appimageTools.extractType2 {inherit pname version src;};
in
appimageTools.wrapType2 {
inherit pname version src;
nativeBuildInputs = [makeWrapper];
extraPkgs = pkgs: [
nodejs
nodePackages.npm
uv
python3
];
extraInstallCommands = ''
install -m 444 -D ${appimageContents}/mstysidecar.desktop -t $out/share/applications
substituteInPlace $out/share/applications/mstysidecar.desktop \
--replace 'Exec=AppRun' 'Exec=${pname}'
install -m 444 -D ${appimageContents}/mstysidecar.png \
$out/share/icons/hicolor/256x256/apps/mstysidecar.png
wrapProgram $out/bin/${pname} \
--prefix PATH : ${nodejs}/bin:${nodePackages.npm}/bin:${uv}/bin:${python3}/bin
'';
}

28
pkgs/msty/default.nix Normal file
View File

@ -0,0 +1,28 @@
{
appimageTools,
fetchurl,
makeWrapper,
}: let
pname = "msty";
version = "1.9.2";
src = fetchurl {
url = "https://assets.msty.app/prod/latest/linux/amd64/Msty_x86_64_amd64.AppImage";
sha256 = "sha256-Z4t0EcV9X4g5X0lBwipiMdP8lgPuBkhykAIKjHSUpnI=";
};
appimageContents = appimageTools.extractType2 {inherit pname version src;};
in
appimageTools.wrapType2 {
inherit pname version src;
nativeBuildInputs = [makeWrapper];
extraInstallCommands = ''
install -m 444 -D ${appimageContents}/msty.desktop -t $out/share/applications
substituteInPlace $out/share/applications/msty.desktop \
--replace 'Exec=AppRun' 'Exec=${pname}'
install -m 444 -D ${appimageContents}/msty.png \
$out/share/icons/hicolor/256x256/apps/msty.png
wrapProgram $out/bin/${pname} \
--set XDG_CURRENT_DESKTOP GNOME
'';
}

92
pkgs/pomodoro-timer/default.nix Normal file
View File

@ -0,0 +1,92 @@
{
lib,
stdenv,
writeShellScriptBin,
timer,
kitty,
rofi,
libnotify,
speechd,
}: let
launcher = writeShellScriptBin "launch-timer" ''
#!/bin/bash
validate_time() {
local input=$1
if [[ $input =~ ^[0-9]+[mhs]$ ]]; then
return 0
else
return 1
fi
}
notify_end() {
local session_name=$1
${libnotify}/bin/notify-send "Pomodoro" "$session_name session ended!"
${speechd}/bin/spd-say "$session_name session ended"
}
start_timer() {
local duration=$1
local session_name=$2
kitty \
--class="floating-pomodoro" \
--title="floating-pomodoro" \
${timer}/bin/timer $duration
notify_end "$session_name"
}
# Show rofi menu with options
selected=$(printf "work\nbreak\ncustom" | rofi -dmenu -p "Work Timer:" -l 3)
# Exit if no selection was made
[ -z "$selected" ] && exit
case $selected in
"work")
start_timer "45m" "work"
;;
"break")
start_timer "10m" "break"
;;
"custom")
# Show input dialog for custom time
custom_time=$(rofi -dmenu -p "Enter time (e.g., 25m, 1h, 30s):" -l 0)
# Validate input and start timer
if [ ! -z "$custom_time" ] && validate_time "$custom_time"; then
start_timer "$custom_time" "custom"
else
${libnotify}/bin/notify-send "Invalid time format" "Please use format: 30s, 25m, or 1h"
exit 1
fi
;;
esac
'';
in
stdenv.mkDerivation {
pname = "work-timer";
version = "0.1.0";
dontUnpack = true;
buildInputs = [
timer
kitty
rofi
libnotify
speechd
];
installPhase = ''
mkdir -p $out/bin
ln -s ${launcher}/bin/launch-timer $out/bin/launch-timer
'';
meta = with lib; {
description = "A Work timer.";
license = licenses.mit;
platforms = platforms.linux;
maintainers = [];
};
}

41
pkgs/zellij-ps/default.nix Normal file
View File

@ -0,0 +1,41 @@
{
lib,
stdenv,
fetchFromGitea,
fish,
fd,
fzf,
makeWrapper,
zellij,
}:
with lib;
stdenv.mkDerivation {
pname = "zellij-ps";
version = "0.1.0";
src = fetchFromGitea {
domain = "code.m3tam3re.com";
owner = "m3tam3re";
repo = "helper-scripts";
rev = "08a3217b83391c1110545c1ee3161eecd5dbe5e9";
sha256 = "1sc4i58mwcg3qsq0wwl5rvk08ykbxc497bq7mrxiirndsarskby7";
};
buildInputs = [];
nativeBuildInputs = [makeWrapper];
installPhase = ''
mkdir -p $out/bin
cp zellij-ps.fish $out/bin/zellij-ps
wrapProgram $out/bin/zellij-ps \
--prefix PATH : ${lib.makeBinPath [fish fd fzf zellij]}
'';
meta = with lib; {
description = "A small project script for zellij";
homepage = "https://code.m3tam3re.com/m3tam3re/helper-scripts";
license = licenses.mit;
maintainers = with maintainers; [m3tam3re];
platforms = platforms.unix;
};
}