titaniumtown/dotfiles
Archived
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compare commits

base: titaniumtown:1f994ec56c02e2feb0d5dd7e2800118511add550
Branches Tags
titaniumtown:main
titaniumtown:final-before-unify
..
compare: titaniumtown:main
Branches Tags
titaniumtown:main
titaniumtown:final-before-unify

67 Commits
1f994ec56c ... main

Author SHA1 Message Date
primary
c8c1e656c1 archive: repo moved to titaniumtown/nixos 2026-04-18 01:51:22 -04:00
Simon Gardling
e9a44f677d update
All checks were successful
Build / build (push) Successful in 7m2s
 2026-04-17 23:26:43 -04:00
Simon Gardling
0c881602e9 yarn: fix steamos update flow 2026-04-17 23:26:15 -04:00
Simon Gardling
7f375e8574 kernel: re-enable SND_PCI
All checks were successful
Build / build (push) Successful in 1h35m51s
 2026-04-17 18:26:21 -04:00
Simon Gardling
577b5eeb77 update
All checks were successful
Build / build (push) Successful in 1h36m48s
 2026-04-17 12:33:33 -04:00
Simon Gardling
91aba32afb pi: update to claude opus 4.7
All checks were successful
Build / build (push) Successful in 4m19s
 2026-04-17 00:25:38 -04:00
Simon Gardling
29e71fb127 ??!?!?!??!
All checks were successful
Build / build (push) Successful in 6m25s
 2026-04-16 23:46:13 -04:00
Simon Gardling
ff94c3b027 steamos-update: exit 0 not 7
All checks were successful
Build / build (push) Successful in 6m14s
 2026-04-16 23:05:24 -04:00
Simon Gardling
0b457b83d3 fix build
All checks were successful
Build / build (push) Successful in 5m49s
 2026-04-16 22:53:11 -04:00
Simon Gardling
c23240c529 yarn: move pull-update into steamos-update script
Some checks failed
Build / build (push) Failing after 1m25s
 2026-04-16 22:28:49 -04:00
Simon Gardling
e40929018f eww: remove
All checks were successful
Build / build (push) Successful in 1m13s
 2026-04-16 18:02:02 -04:00
Simon Gardling
5997c886f6 pull-update: improvement
All checks were successful
Build / build (push) Successful in 3m0s
 2026-04-16 17:43:35 -04:00
Simon Gardling
72d37f57ac update
All checks were successful
Build / build (push) Successful in 12m59s
 2026-04-16 16:31:49 -04:00
Simon Gardling
0718568bec pull-update: forgot lib.getExe 2026-04-16 15:03:06 -04:00
Simon Gardling
982cc4aebc pull-update: use writeShellApplication instead 2026-04-16 15:02:08 -04:00
Simon Gardling
d2d25bbdfe omp: remove patch that didn't work 2026-04-16 14:52:51 -04:00
Simon Gardling
76cdd535c8 gitea workflow: remove notifications
All checks were successful
Build / build (push) Successful in 3m41s
 2026-04-16 13:35:26 -04:00
Simon Gardling
0be90ace43 initrd: fix module loading
Some checks failed
Build / build (push) Failing after 4m55s
 2026-04-16 13:04:22 -04:00
Simon Gardling
13f16fe775 update
Some checks failed
Build / build (push) Failing after 1h39m57s
 2026-04-16 11:15:13 -04:00
Simon Gardling
20df895312 pull-update: update and reboot
Some checks failed
Build / build (push) Failing after 3m42s
 2026-04-16 00:50:13 -04:00
Simon Gardling
4542a5002c fix pull-update 2026-04-16 00:15:29 -04:00
Simon Gardling
d0d8d5b9d2 ci: prevent gc from deleting 2026-04-15 23:25:45 -04:00
Simon Gardling
21658b7bc0 update
Some checks failed
Build / build (push) Failing after 1h48m36s
 2026-04-15 22:08:59 -04:00
Simon Gardling
56cda525cd fix gitea workflow
Some checks failed
Build / build (push) Failing after 2m33s
 2026-04-15 22:06:22 -04:00
Simon Gardling
194c66feb4 fix initrd build
Some checks failed
Build / build (push) Failing after 2m10s
 2026-04-15 21:57:04 -04:00
Simon Gardling
7ab17f132e kernel: compile for x86_64-v3 (common target)
Some checks failed
Build / build (push) Failing after 12s
 2026-04-15 17:33:21 -04:00
Simon Gardling
da1bfbb778 update
Some checks failed
Build / build (push) Failing after 3h25m51s
 2026-04-15 13:32:34 -04:00
Simon Gardling
ec42b906d6 update 2026-04-15 09:31:15 -04:00
Simon Gardling
b050ecc5bf kernel: enable CHROME_PLATFORMS for framework laptop 2026-04-15 09:30:51 -04:00
Simon Gardling
d2032e517b yarn: rely on server for updates
Some checks failed
Build / build (push) Failing after 12s
 2026-04-14 20:56:35 -04:00
Simon Gardling
6254f98ca7 kernel: remove more more things 2026-04-14 20:56:24 -04:00
Simon Gardling
09fdd39b00 kernel: remove more things 2026-04-14 20:51:50 -04:00
Simon Gardling
d722329803 kernel: things
Some checks failed
Build and Deploy / deploy (push) Has been cancelled
 2026-04-14 14:11:00 -04:00
Simon Gardling
5529c66e5f kernel: fix?
Some checks failed
Build and Deploy / deploy (push) Has been cancelled
 2026-04-14 13:44:11 -04:00
Simon Gardling
95af71b0d8 kernel: disable selecting modules
Some checks failed
Build and Deploy / deploy (push) Failing after 1m55s
 2026-04-14 13:38:30 -04:00
Simon Gardling
711b55a042 kernel: fix gameport option
Some checks failed
Build and Deploy / deploy (push) Failing after 2m38s
 2026-04-14 13:32:15 -04:00
Simon Gardling
928eb5ef0a kernel: disable chromeos platforms
Some checks failed
Build and Deploy / deploy (push) Failing after 2m47s
 2026-04-14 13:25:58 -04:00
Simon Gardling
502ae492a8 zen: fix private window search engine
Some checks failed
Build and Deploy / deploy (push) Has been cancelled
 2026-04-14 13:25:08 -04:00
Simon Gardling
d5bfbf83be kernel: strip out some things I won't use 2026-04-14 13:24:52 -04:00
Simon Gardling
abb762604d cachyos kernel
Some checks failed
Build and Deploy / deploy (push) Failing after 2h24m5s
 2026-04-13 22:58:29 -04:00
Simon Gardling
ca4e0d42b3 update
Some checks failed
Build and Deploy / deploy (push) Has been cancelled
 2026-04-13 21:23:42 -04:00
Simon Gardling
c50e056e2a update
Some checks failed
Build and Deploy / deploy (push) Failing after 11m22s
 2026-04-12 22:15:34 -04:00
Simon Gardling
100f8d6328 update
Some checks failed
Build and Deploy / deploy (push) Failing after 20m54s
 2026-04-11 10:27:17 -04:00
Simon Gardling
a13a7e8887 update
Some checks failed
Build and Deploy / deploy (push) Failing after 6m24s
 2026-04-09 21:49:52 -04:00
Simon Gardling
0a7c24da4e llm-agents.nix: change was upstreamed
Some checks failed
Build and Deploy / deploy (push) Failing after 13m45s
 2026-04-08 18:12:21 -04:00
Simon Gardling
27096b17be a 2026-04-08 18:11:37 -04:00
Simon Gardling
3627cb19c6 omp: add fix auth patch (to test)
Some checks failed
Build and Deploy / deploy (push) Failing after 12m21s
 2026-04-08 13:08:30 -04:00
Simon Gardling
0f0429b4b2 llm-agents.nix: use fork that compiles omp from source 2026-04-08 13:04:30 -04:00
Simon Gardling
8485f07c8d zen: add consumer-rights-wiki addon
Some checks failed
Build and Deploy / deploy (push) Failing after 3m20s
 2026-04-07 23:46:50 -04:00
Simon Gardling
3cee862bd0 re-enable rtkit 2026-04-07 20:53:53 -04:00
Simon Gardling
325e2720ec borg: remove signal and zen backups (handled by other means
Some checks failed
Build and Deploy / deploy (push) Failing after 4m2s
 2026-04-07 14:31:09 -04:00
Simon Gardling
841195425d README.md: remove old TODO
Some checks failed
Build and Deploy / deploy (push) Failing after 1h6m16s
 2026-04-07 13:54:29 -04:00
Simon Gardling
269a0c4d27 update
Some checks failed
Build and Deploy / deploy (push) Failing after 4s
 2026-04-07 13:45:43 -04:00
Simon Gardling
08486e25e6 gitea: also build laptop
Some checks failed
Build and Deploy / deploy (push) Failing after 2s
 2026-04-06 14:38:21 -04:00
Simon Gardling
4c04e5b0a2 use my own nix cache
Some checks failed
Build and Deploy Desktop / deploy (push) Has been cancelled
 2026-04-06 14:21:43 -04:00
Simon Gardling
7e571f4986 update
Some checks failed
Build and Deploy Desktop / deploy (push) Failing after 3s
 2026-04-06 13:07:19 -04:00
Simon Gardling
4b73e237cb pi: specify anthropic for models 2026-04-06 00:57:36 -04:00
Simon Gardling
f96e99ff4d update
Some checks failed
Build and Deploy Desktop / deploy (push) Failing after 4s
 2026-04-04 01:52:44 -04:00
Simon Gardling
d7dd05e028 remove claude-code and claude-code-bridge 2026-04-04 01:52:24 -04:00
Simon Gardling
5e9e6bcd40 pi: fix llama.cpp provider discovery with auth
Some checks failed
Build and Deploy Desktop / deploy (push) Failing after 4s
Add api, authHeader, and discovery.type fields so omp can
discover models via GET /v1/models with the Bearer token.
 2026-04-02 18:14:09 -04:00
Simon Gardling
3e35fea183 pi: fix openrouter apiKey, add llama.cpp provider 
openrouter was broken: !cat + nix store path is not valid omp config.
Use builtins.readFile to inline the key at eval time.

Add self-hosted llama.cpp provider at llm.sigkill.computer with
Bearer token auth.
 2026-04-02 17:57:51 -04:00
Simon Gardling
9a3ac53c50 mreow: power stuff 2026-04-02 13:06:59 -04:00
Simon Gardling
84bb728633 update 2026-04-02 12:53:25 -04:00
Simon Gardling
3768e032ba update 2026-04-02 00:07:24 -04:00
Simon Gardling
07a808271d Move from opencode to oh-my-pi
Some checks failed
Build and Deploy Desktop / deploy (push) Failing after 4s
 2026-04-01 14:33:44 -04:00
Simon Gardling
302bb599db update
Some checks failed
Build and Deploy Desktop / deploy (push) Failing after 2s
 2026-04-01 13:25:53 -04:00
Simon Gardling
f77f596222 opencode: move android stuff to android-ui skill 2026-03-31 18:44:08 -04:00
27 changed files with 760 additions and 977 deletions
Expand all files Collapse all files

41
.gitea/workflows/deploy.yml
View File

@@ -1,10 +1,10 @@
name: Build and Deploy Desktop
name: Build
on:
push:
branches: [main]
jobs:
deploy:
build:
runs-on: nix
steps:
- uses: https://github.com/actions/checkout@v4
@@ -19,33 +19,20 @@ jobs:
run: |
nix build .#nixosConfigurations.yarn.config.system.build.toplevel -L
- name: Deploy to desktop
- name: Record yarn store path for pull-update
continue-on-error: true
run: |
eval $(ssh-agent -s)
ssh-add /run/agenix/ci-deploy-key
if ssh -i /run/agenix/ci-deploy-key -o StrictHostKeyChecking=no -o ConnectTimeout=10 root@desktop "echo reachable" 2>/dev/null; then
nix run github:serokell/deploy-rs -- .#yarn --ssh-opts="-o StrictHostKeyChecking=no"
echo "Deploy to desktop succeeded"
else
echo "Desktop unreachable - skipping deploy. Build succeeded."
fi
mkdir -p /var/lib/dotfiles-deploy
readlink -f result > /var/lib/dotfiles-deploy/yarn
nix-store --add-root /var/lib/dotfiles-deploy/yarn-gcroot -r "$(readlink -f result)"
- name: Notify success
if: success()
- name: Build NixOS configuration (mreow)
run: |
curl -sf -X POST \
"https://ntfy.sigkill.computer/deployments" \
-H "Title: [yarn] Build succeeded" \
-H "Priority: default" \
-H "Tags: white_check_mark" \
-d "dotfiles built from commit ${GITHUB_SHA::8}"
nix build .#nixosConfigurations.mreow.config.system.build.toplevel -L
- name: Notify failure
if: failure()
- name: Record mreow store path
continue-on-error: true
run: |
curl -sf -X POST \
"https://ntfy.sigkill.computer/deployments" \
-H "Title: [yarn] Build FAILED" \
-H "Priority: urgent" \
-H "Tags: rotating_light" \
-d "dotfiles build failed at commit ${GITHUB_SHA::8}"
mkdir -p /var/lib/dotfiles-deploy
readlink -f result > /var/lib/dotfiles-deploy/mreow
nix-store --add-root /var/lib/dotfiles-deploy/mreow-gcroot -r "$(readlink -f result)"

8
AGENTS.md
View File

@@ -4,7 +4,7 @@
NixOS dotfiles for two hosts using Nix flakes + home-manager:
- **mreow** — Framework 13 AMD AI 300 laptop, niri WM, greetd, swaylock
- **yarn** — Desktop, Jovian-NixOS (Steam deck mode), impermanence, sddm, deploy-rs target
- **yarn** — Desktop, Jovian-NixOS (Steam deck mode), impermanence, sddm, pull-based updates from CI
Secrets in `system/secrets/` and `home-manager/secrets/` are encrypted with git-crypt. **Never read or write files in those directories.**
@@ -21,8 +21,10 @@ Secrets in `system/secrets/` and `home-manager/secrets/` are encrypted with git-
nix build .#nixosConfigurations.mreow.config.system.build.toplevel -L
nix build .#nixosConfigurations.yarn.config.system.build.toplevel -L
# Remote deploy to yarn via deploy-rs
deploy .#yarn
# yarn pulls updates automatically on boot from the binary cache.
# CI builds the yarn closure, records the store path, and Harmonia serves it.
# To manually trigger the pull on yarn:
systemctl start pull-update
# Format all Nix files (uses nixfmt-tree, declared in flake.nix)
nix fmt

8
README.md
View File

@@ -1,3 +1,10 @@
> **Archived.** These dotfiles have moved into the unified
> [`titaniumtown/nixos`](https://git.sigkill.computer/titaniumtown/nixos) repo
> (merged with `server-config`). The final pre-unify commit is tagged
> `final-before-unify`. No new commits will land here.
---
# My Dotfiles ✨
These are my dotfiles for my laptop and desktop (which I use [NixOS](https://nixos.org/) and [home-manager](https://github.com/nix-community/home-manager) on).
@@ -18,5 +25,4 @@ There is more that I'm using, but those are the main ones! Read my configs to ge
- Got my background from [here](https://old.reddit.com/r/celestegame/comments/11dtgwg/all_most_of_the_backgrounds_in_celeste_edited/) and used the command `magick input.png -filter Point -resize 2880x1920! output.png` to upscale it bilinearly
## TODO!
- [ ] further unify desktop and laptop configs
- [ ] Seperate out common shell utilities into a module or some sort (could be used on other machines)

372
flake.lock generated
View File

@@ -12,11 +12,11 @@
]
},
"locked": {
"lastModified": 1771437256,
"narHash": "sha256-bLqwib+rtyBRRVBWhMuBXPCL/OThfokA+j6+uH7jDGU=",
"lastModified": 1776249299,
"narHash": "sha256-Dt9t1TGRmJFc0xVYhttNBD6QsAgHOHCArqGa0AyjrJY=",
"owner": "numtide",
"repo": "blueprint",
"rev": "06ee7190dc2620ea98af9eb225aa9627b68b0e33",
"rev": "56131e8628f173d24a27f6d27c0215eff57e40dd",
"type": "github"
},
"original": {
@@ -46,35 +46,49 @@
]
},
"locked": {
"lastModified": 1770895533,
"narHash": "sha256-v3QaK9ugy9bN9RXDnjw0i2OifKmz2NnKM82agtqm/UY=",
"owner": "nix-community",
"lastModified": 1776182890,
"narHash": "sha256-+/VOe8XGq5klpU+I19D+3TcaR7o+Cwbq67KNF7mcFak=",
"owner": "Mic92",
"repo": "bun2nix",
"rev": "c843f477b15f51151f8c6bcc886954699440a6e1",
"rev": "648d293c51e981aec9cb07ba4268bc19e7a8c575",
"type": "github"
},
"original": {
"owner": "nix-community",
"owner": "Mic92",
"ref": "catalog-support",
"repo": "bun2nix",
"type": "github"
}
},
"claude-code": {
"inputs": {
"flake-utils": "flake-utils",
"nixpkgs": "nixpkgs"
},
"cachyos-kernel": {
"flake": false,
"locked": {
"lastModified": 1774915705,
"narHash": "sha256-2Kz/KdFU6NXtEALdmM1ypeFdKKK4Yk4O6qzLBksXLY4=",
"owner": "sadjow",
"repo": "claude-code-nix",
"rev": "9158d3e1292887ec13ddb69514179fe4fc6a7d2e",
"lastModified": 1776183001,
"narHash": "sha256-lvLKB5dTqjO1S/YonS9ZyWemEjO6QXtN4D76rYEYy4s=",
"owner": "CachyOS",
"repo": "linux-cachyos",
"rev": "4224303b6d7a50dd1cc3ffa78864050cc9536eec",
"type": "github"
},
"original": {
"owner": "sadjow",
"repo": "claude-code-nix",
"owner": "CachyOS",
"repo": "linux-cachyos",
"type": "github"
}
},
"cachyos-kernel-patches": {
"flake": false,
"locked": {
"lastModified": 1776355454,
"narHash": "sha256-b9Hc0sTxjEzDbphzS9yQqxVha/7bsPIs2cQQQvaG45E=",
"owner": "CachyOS",
"repo": "kernel-patches",
"rev": "b5e029226df5cc30c103651072d49a7af2878202",
"type": "github"
},
"original": {
"owner": "CachyOS",
"repo": "kernel-patches",
"type": "github"
}
},
@@ -93,28 +107,6 @@
"type": "github"
}
},
"deploy-rs": {
"inputs": {
"flake-compat": "flake-compat",
"nixpkgs": [
"nixpkgs"
],
"utils": "utils"
},
"locked": {
"lastModified": 1770019181,
"narHash": "sha256-hwsYgDnby50JNVpTRYlF3UR/Rrpt01OrxVuryF40CFY=",
"owner": "serokell",
"repo": "deploy-rs",
"rev": "77c906c0ba56aabdbc72041bf9111b565cdd6171",
"type": "github"
},
"original": {
"owner": "serokell",
"repo": "deploy-rs",
"type": "github"
}
},
"disko": {
"inputs": {
"nixpkgs": [
@@ -139,11 +131,11 @@
"doomemacs": {
"flake": false,
"locked": {
"lastModified": 1774080407,
"narHash": "sha256-FYbalilgDFjIVwK+D6DjDos1IMmMGA20lRf8k6Ykm1Y=",
"lastModified": 1776400245,
"narHash": "sha256-RuQB1PxazI4DOw3O+rEVU2FPT0vP0Xb+Gp/M6Yqer20=",
"owner": "doomemacs",
"repo": "doomemacs",
"rev": "d8d75443d39d95f3c5256504eb838e0acc62ef44",
"rev": "860a91aaac235701f30b70fdc74259d438818968",
"type": "github"
},
"original": {
@@ -162,11 +154,11 @@
]
},
"locked": {
"lastModified": 1774889817,
"narHash": "sha256-jTTsnHmkpP6Nls+zAeTkcXHYH5MQTwp9j0XojfhyRn4=",
"lastModified": 1776478519,
"narHash": "sha256-4TWCOVYe0iWEKuW7OH93nRI4Z7u68wNT6k9UJn0FZ5w=",
"owner": "nix-community",
"repo": "emacs-overlay",
"rev": "4627a115d6169feff1518ed0b243734f6cce717d",
"rev": "513e332b074507e1b46992952e7d83f329f2c22c",
"type": "github"
},
"original": {
@@ -183,11 +175,11 @@
},
"locked": {
"dir": "pkgs/firefox-addons",
"lastModified": 1774843378,
"narHash": "sha256-8QLbY8F7UdxeQaW0KUVgr1/YPIupe+1lGjS5joR+ZCw=",
"lastModified": 1776398575,
"narHash": "sha256-WArU6WOdWxzbzGqYk4w1Mucg+bw/SCl6MoSp+/cZMio=",
"owner": "rycee",
"repo": "nur-expressions",
"rev": "0a31b668e3ebb599f95dc518076d709e8dddb57c",
"rev": "05815686caf4e3678f5aeb5fd36e567886ab0d30",
"type": "gitlab"
},
"original": {
@@ -200,15 +192,15 @@
"flake-compat": {
"flake": false,
"locked": {
"lastModified": 1733328505,
"narHash": "sha256-NeCCThCEP3eCl2l/+27kNNK7QrwZB1IJCrXfrbv5oqU=",
"owner": "edolstra",
"lastModified": 1767039857,
"narHash": "sha256-vNpUSpF5Nuw8xvDLj2KCwwksIbjua2LZCqhV1LNRDns=",
"owner": "NixOS",
"repo": "flake-compat",
"rev": "ff81ac966bb2cae68946d5ed5fc4994f96d0ffec",
"rev": "5edf11c44bc78a0d334f6334cdaf7d60d732daab",
"type": "github"
},
"original": {
"owner": "edolstra",
"owner": "NixOS",
"repo": "flake-compat",
"type": "github"
}
@@ -237,11 +229,29 @@
]
},
"locked": {
"lastModified": 1772408722,
"narHash": "sha256-rHuJtdcOjK7rAHpHphUb1iCvgkU3GpfvicLMwwnfMT0=",
"lastModified": 1775087534,
"narHash": "sha256-91qqW8lhL7TLwgQWijoGBbiD4t7/q75KTi8NxjVmSmA=",
"owner": "hercules-ci",
"repo": "flake-parts",
"rev": "f20dc5d9b8027381c474144ecabc9034d6a839a3",
"rev": "3107b77cd68437b9a76194f0f7f9c55f2329ca5b",
"type": "github"
},
"original": {
"owner": "hercules-ci",
"repo": "flake-parts",
"type": "github"
}
},
"flake-parts_2": {
"inputs": {
"nixpkgs-lib": "nixpkgs-lib"
},
"locked": {
"lastModified": 1775087534,
"narHash": "sha256-91qqW8lhL7TLwgQWijoGBbiD4t7/q75KTi8NxjVmSmA=",
"owner": "hercules-ci",
"repo": "flake-parts",
"rev": "3107b77cd68437b9a76194f0f7f9c55f2329ca5b",
"type": "github"
},
"original": {
@@ -254,24 +264,6 @@
"inputs": {
"systems": "systems"
},
"locked": {
"lastModified": 1731533236,
"narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "11707dc2f618dd54ca8739b309ec4fc024de578b",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
},
"flake-utils_2": {
"inputs": {
"systems": "systems_3"
},
"locked": {
"lastModified": 1710146030,
"narHash": "sha256-SZ5L6eA7HJ/nmkzGG7/ISclqe6oZdOZTNoesiInkXPQ=",
@@ -315,11 +307,11 @@
]
},
"locked": {
"lastModified": 1774898676,
"narHash": "sha256-0Utnqo+FbB+0CVUi0MI3oonF0Kuzy9VcgRkxl53Euvk=",
"lastModified": 1776454077,
"narHash": "sha256-7zSUFWsU0+jlD7WB3YAxQ84Z/iJurA5hKPm8EfEyGJk=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "a184bd2f8426087bae93f203403cd4b86c99e57d",
"rev": "565e5349208fe7d0831ef959103c9bafbeac0681",
"type": "github"
},
"original": {
@@ -374,11 +366,11 @@
]
},
"locked": {
"lastModified": 1774679353,
"narHash": "sha256-N5L8U18JigqVqxMz1FuwbJVruCCa5lA6hgGeXLg8LI8=",
"lastModified": 1776428236,
"narHash": "sha256-+0SyQglnT2xUiyY07155G+O7aUWISELwqtTnfURufRU=",
"owner": "Jovian-Experiments",
"repo": "Jovian-NixOS",
"rev": "8ffb6db9322542ec3cb541a232864084422f7e90",
"rev": "eac78fc379ca47f7e21be8539c405e5fb489a857",
"type": "github"
},
"original": {
@@ -389,7 +381,7 @@
},
"json2steamshortcut": {
"inputs": {
"flake-utils": "flake-utils_2",
"flake-utils": "flake-utils",
"nixpkgs": [
"nixpkgs"
]
@@ -420,11 +412,11 @@
]
},
"locked": {
"lastModified": 1774858933,
"narHash": "sha256-rgHUoE4QhOvK3Rcl9cbuIVdjPjFjfhcTm/uPs8Y7+2w=",
"lastModified": 1776248416,
"narHash": "sha256-TC6yzbCAex1pDfqUZv9u8fVm8e17ft5fNrcZ0JRDOIQ=",
"owner": "nix-community",
"repo": "lanzaboote",
"rev": "45338aab3013924c75305f5cb3543b9cda993183",
"rev": "18e9e64bae15b828c092658335599122a6db939b",
"type": "github"
},
"original": {
@@ -441,15 +433,15 @@
"nixpkgs": [
"nixpkgs"
],
"systems": "systems_4",
"systems": "systems_2",
"treefmt-nix": "treefmt-nix"
},
"locked": {
"lastModified": 1774883035,
"narHash": "sha256-qDBsLwPwx2aCX9vsKxkL4Shkh/NfoXRiHS7wbbQUYRQ=",
"lastModified": 1776482297,
"narHash": "sha256-KmsWPwtbO8vrlH/R9stIun0LKZ4PFSCCEdqWDeLgbTE=",
"owner": "numtide",
"repo": "llm-agents.nix",
"rev": "9faeb868fef42c7b5800b6f6ac642678d4d3e091",
"rev": "66c76393570f8fc4730caa2dc2d2c470fe33a3c9",
"type": "github"
},
"original": {
@@ -472,11 +464,11 @@
"xwayland-satellite-unstable": "xwayland-satellite-unstable"
},
"locked": {
"lastModified": 1774921404,
"narHash": "sha256-oHqaEduwYqXx3itq7ckP+iuC9nU6DzfCVery4YhUjAU=",
"lastModified": 1776435348,
"narHash": "sha256-qsZnMThxTqxCJZ7DEKu3DD3KjIPcuUBvZ0C9a2uIvaQ=",
"owner": "sodiboo",
"repo": "niri-flake",
"rev": "3d02f5c53d09af97a7d66065b8c058d0599bc547",
"rev": "55b5b1fc9481ab267603a1099e5d4b4ebc7394d7",
"type": "github"
},
"original": {
@@ -505,11 +497,11 @@
"niri-unstable": {
"flake": false,
"locked": {
"lastModified": 1774616418,
"narHash": "sha256-z+dLkAS4bqytIlOI4h2MnjBJrSP4d1Awx0n+IV5YA3Y=",
"lastModified": 1776432730,
"narHash": "sha256-Pq1ZVvRGq/IFiFH6vkNwMfZEpWk23NjgGdX50COdj/c=",
"owner": "YaLTeR",
"repo": "niri",
"rev": "8f48f56fe19918b5cfa02e5d68a47ebaf7bf3dee",
"rev": "c814c656c53ea9d69f5afb45c88f4dc4d25338cd",
"type": "github"
},
"original": {
@@ -518,6 +510,31 @@
"type": "github"
}
},
"nix-cachyos-kernel": {
"inputs": {
"cachyos-kernel": "cachyos-kernel",
"cachyos-kernel-patches": "cachyos-kernel-patches",
"flake-compat": "flake-compat_2",
"flake-parts": "flake-parts_2",
"nixpkgs": [
"nixpkgs"
]
},
"locked": {
"lastModified": 1776386586,
"narHash": "sha256-eVAUaL/6n8mnmBiPpEVW1NDNVSKLWhYVfycG+P0SvWU=",
"owner": "xddxdd",
"repo": "nix-cachyos-kernel",
"rev": "c65c3faf90ae07bae101c15ef502f0bcb06c5d74",
"type": "github"
},
"original": {
"owner": "xddxdd",
"ref": "release",
"repo": "nix-cachyos-kernel",
"type": "github"
}
},
"nix-doom-emacs-unstraightened": {
"inputs": {
"doomemacs": "doomemacs",
@@ -527,14 +544,14 @@
"nixpkgs": [
"nixpkgs"
],
"systems": "systems_5"
"systems": "systems_3"
},
"locked": {
"lastModified": 1774265710,
"narHash": "sha256-ar8pFUSAxXhV7DpVRjNvgviWuqOqWPAImb4MM7lSh5Y=",
"lastModified": 1776419397,
"narHash": "sha256-vmWJwNYtQFexLG6r/v8Dlou/5z8FbFCLo3QqZ/stLYQ=",
"owner": "marienz",
"repo": "nix-doom-emacs-unstraightened",
"rev": "f6022b9192e034a817373692ede18a9319cf9730",
"rev": "7623dd4adbdf5f8a8464ecc5fd089e5c5cb5dada",
"type": "github"
},
"original": {
@@ -582,11 +599,11 @@
},
"nixos-hardware": {
"locked": {
"lastModified": 1774777275,
"narHash": "sha256-qogBiYFq8hZusDPeeKRqzelBAhZvREc7Cl+qlewGUCg=",
"lastModified": 1775490113,
"narHash": "sha256-2ZBhDNZZwYkRmefK5XLOusCJHnoeKkoN95hoSGgMxWM=",
"owner": "NixOS",
"repo": "nixos-hardware",
"rev": "b8f81636927f1af0cca812d22c876bad0a883ccd",
"rev": "c775c2772ba56e906cbeb4e0b2db19079ef11ff7",
"type": "github"
},
"original": {
@@ -598,27 +615,11 @@
},
"nixpkgs": {
"locked": {
"lastModified": 1774701658,
"narHash": "sha256-CIS/4AMUSwUyC8X5g+5JsMRvIUL3YUfewe8K4VrbsSQ=",
"lastModified": 1776169885,
"narHash": "sha256-l/iNYDZ4bGOAFQY2q8y5OAfBBtrDAaPuRQqWaFHVRXM=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "b63fe7f000adcfa269967eeff72c64cafecbbebe",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixpkgs-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_2": {
"locked": {
"lastModified": 1774709303,
"narHash": "sha256-D3Q07BbIA2KnTcSXIqqu9P586uWxN74zNoCH3h2ESHg=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "8110df5ad7abf5d4c0f6fb0f8f978390e77f9685",
"rev": "4bd9165a9165d7b5e33ae57f3eecbcb28fb231c9",
"type": "github"
},
"original": {
@@ -628,6 +629,21 @@
"type": "github"
}
},
"nixpkgs-lib": {
"locked": {
"lastModified": 1774748309,
"narHash": "sha256-+U7gF3qxzwD5TZuANzZPeJTZRHS29OFQgkQ2kiTJBIQ=",
"owner": "nix-community",
"repo": "nixpkgs.lib",
"rev": "333c4e0545a6da976206c74db8773a1645b5870a",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "nixpkgs.lib",
"type": "github"
}
},
"noctalia": {
"inputs": {
"nixpkgs": [
@@ -636,11 +652,11 @@
"noctalia-qs": "noctalia-qs"
},
"locked": {
"lastModified": 1774920276,
"narHash": "sha256-nynVyNuy8SDh2nZWfeov6RAhvsaTAeAQHZog7lBK+A0=",
"lastModified": 1776302695,
"narHash": "sha256-xZc9o1JLQpmWn2Dqui323+Tq2Ai4sSdtdvbFZCs4qLo=",
"owner": "noctalia-dev",
"repo": "noctalia-shell",
"rev": "421ccc4c87228878b0eb29d3d1faead875c49c28",
"rev": "a7c724181fca5d1aff2d47b18fa733504cfdbda2",
"type": "github"
},
"original": {
@@ -655,15 +671,15 @@
"noctalia",
"nixpkgs"
],
"systems": "systems_6",
"systems": "systems_4",
"treefmt-nix": "treefmt-nix_2"
},
"locked": {
"lastModified": 1774902752,
"narHash": "sha256-WC3SgVJX+N78KnRf1v9Z2VowkJBc9SBKpaZsWxWm/Rs=",
"lastModified": 1775957204,
"narHash": "sha256-d4CVRtAty2GzDYXx4xYQmR+nlOjjKovyprQfZhgLckU=",
"owner": "noctalia-dev",
"repo": "noctalia-qs",
"rev": "4f0ceff244748ec55cfccc4f674759a7a2941b18",
"rev": "68e82fe34c68ee839a9c37e3466820e266af0c86",
"type": "github"
},
"original": {
@@ -672,25 +688,9 @@
"type": "github"
}
},
"opencode-claude-bridge": {
"flake": false,
"locked": {
"lastModified": 1774537245,
"narHash": "sha256-G2/GOP6gUGM2NBfOeSsUDnSus/engduft5z3Y7GwtUE=",
"owner": "dotCipher",
"repo": "opencode-claude-bridge",
"rev": "568ca15b5d2b772ebbad14b0b545fa7670272e79",
"type": "github"
},
"original": {
"owner": "dotCipher",
"repo": "opencode-claude-bridge",
"type": "github"
}
},
"pre-commit": {
"inputs": {
"flake-compat": "flake-compat_2",
"flake-compat": "flake-compat",
"gitignore": "gitignore",
"nixpkgs": [
"lanzaboote",
@@ -713,8 +713,6 @@
},
"root": {
"inputs": {
"claude-code": "claude-code",
"deploy-rs": "deploy-rs",
"disko": "disko",
"emacs-overlay": "emacs-overlay",
"firefox-addons": "firefox-addons",
@@ -725,12 +723,12 @@
"lanzaboote": "lanzaboote",
"llm-agents": "llm-agents",
"niri": "niri",
"nix-cachyos-kernel": "nix-cachyos-kernel",
"nix-doom-emacs-unstraightened": "nix-doom-emacs-unstraightened",
"nix-flatpak": "nix-flatpak",
"nixos-hardware": "nixos-hardware",
"nixpkgs": "nixpkgs_2",
"nixpkgs": "nixpkgs",
"noctalia": "noctalia",
"opencode-claude-bridge": "opencode-claude-bridge",
"rust-overlay": "rust-overlay",
"zen-browser": "zen-browser"
}
@@ -742,11 +740,11 @@
]
},
"locked": {
"lastModified": 1774840424,
"narHash": "sha256-3Oi4mBKzOCFQYLUyEjyc0s5cnlNj1MzmhpVKoLptpe8=",
"lastModified": 1776481912,
"narHash": "sha256-Xq7p+Ex3YHFAd+fFFLOYw2Wv67582X7SAmrEDtIDZQ4=",
"owner": "oxalica",
"repo": "rust-overlay",
"rev": "d9f52b51548e76ab8b6e7d647763047ebdec835c",
"rev": "e611106c527e8ab0adbb641183cda284411d575c",
"type": "github"
},
"original": {
@@ -801,36 +799,6 @@
}
},
"systems_4": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "default",
"type": "github"
}
},
"systems_5": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "default",
"type": "github"
}
},
"systems_6": {
"locked": {
"lastModified": 1689347949,
"narHash": "sha256-12tWmuL2zgBgZkdoB6qXZsgJEH9LR3oUgpaQq2RbI80=",
@@ -853,11 +821,11 @@
]
},
"locked": {
"lastModified": 1773297127,
"narHash": "sha256-6E/yhXP7Oy/NbXtf1ktzmU8SdVqJQ09HC/48ebEGBpk=",
"lastModified": 1775636079,
"narHash": "sha256-pc20NRoMdiar8oPQceQT47UUZMBTiMdUuWrYu2obUP0=",
"owner": "numtide",
"repo": "treefmt-nix",
"rev": "71b125cd05fbfd78cab3e070b73544abe24c5016",
"rev": "790751ff7fd3801feeaf96d7dc416a8d581265ba",
"type": "github"
},
"original": {
@@ -875,11 +843,11 @@
]
},
"locked": {
"lastModified": 1773297127,
"narHash": "sha256-6E/yhXP7Oy/NbXtf1ktzmU8SdVqJQ09HC/48ebEGBpk=",
"lastModified": 1775636079,
"narHash": "sha256-pc20NRoMdiar8oPQceQT47UUZMBTiMdUuWrYu2obUP0=",
"owner": "numtide",
"repo": "treefmt-nix",
"rev": "71b125cd05fbfd78cab3e070b73544abe24c5016",
"rev": "790751ff7fd3801feeaf96d7dc416a8d581265ba",
"type": "github"
},
"original": {
@@ -888,24 +856,6 @@
"type": "github"
}
},
"utils": {
"inputs": {
"systems": "systems_2"
},
"locked": {
"lastModified": 1731533236,
"narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "11707dc2f618dd54ca8739b309ec4fc024de578b",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
},
"xwayland-satellite-stable": {
"flake": false,
"locked": {
@@ -949,11 +899,11 @@
]
},
"locked": {
"lastModified": 1774848370,
"narHash": "sha256-Esm+aiabP563BcUFfFUCIOlFaTxKUXPp6jw0LMAV7ik=",
"lastModified": 1776403742,
"narHash": "sha256-ZmGY9XiOsuMS/THsSNkgp2fnc3asXQX/xRrQpWnY9nA=",
"owner": "0xc000022070",
"repo": "zen-browser-flake",
"rev": "712c476500e96df74276be99bb3fa9631f494f3a",
"rev": "ca7077bea5c830470437ea878da2a1940773324c",
"type": "github"
},
"original": {

29
flake.nix
View File

@@ -63,12 +63,6 @@
inputs.nixpkgs.follows = "nixpkgs";
inputs.home-manager.follows = "home-manager";
};
deploy-rs = {
url = "github:serokell/deploy-rs";
inputs.nixpkgs.follows = "nixpkgs";
};
jovian-nixos = {
url = "github:Jovian-Experiments/Jovian-NixOS";
inputs.nixpkgs.follows = "nixpkgs";
@@ -79,6 +73,10 @@
inputs.nixpkgs.follows = "nixpkgs";
};
nix-cachyos-kernel = {
url = "github:xddxdd/nix-cachyos-kernel/release";
inputs.nixpkgs.follows = "nixpkgs";
};
llm-agents = {
url = "github:numtide/llm-agents.nix";
inputs.nixpkgs.follows = "nixpkgs";
@@ -88,15 +86,6 @@
url = "github:ChrisOboe/json2steamshortcut";
inputs.nixpkgs.follows = "nixpkgs";
};
claude-code = {
url = "github:sadjow/claude-code-nix";
};
opencode-claude-bridge = {
url = "github:dotCipher/opencode-claude-bridge";
flake = false;
};
};
outputs =
@@ -106,7 +95,6 @@
lanzaboote,
nixos-hardware,
home-manager,
deploy-rs,
jovian-nixos,
...
}@inputs:
@@ -163,14 +151,5 @@
};
}
) { } hostnames;
# Deploy-rs configuration for yarn host only
deploy.nodes.yarn = {
hostname = "desktop";
profiles.system = {
sshUser = "root";
path = deploy-rs.lib.${system}.activate.nixos self.nixosConfigurations.yarn;
};
};
};
}

4
home-manager/desktop.nix
View File

@@ -9,9 +9,6 @@
# niri wayland compositor
./progs/niri.nix
# statusbar
# ./progs/eww/eww.nix
# lockscreen
./progs/swaylock.nix
@@ -29,5 +26,4 @@
# used by /etc/nixos logic to launch niri
config.programs.niri.package
];
}

4
home-manager/no-gui.nix
View File

@@ -119,7 +119,7 @@ in
imports = [
./progs/fish.nix
./progs/helix.nix
./progs/opencode.nix
./progs/pi.nix
(
{ ... }:
{
@@ -211,8 +211,6 @@ in
# power stuff
powerstat
nodePackages_latest.nodejs
yt-dlp
]
rust_pkgs

13
home-manager/progs/borg.nix
View File

@@ -8,7 +8,6 @@
location = {
sourceDirectories = (
map (f: "${homeDirectory}/${f}") [
".zen"
".local/share/fish"
".ssh"
"Documents"
@@ -16,18 +15,6 @@
"Pictures"
"school"
]
++ (map (f: ".config/Signal/${f}") [
"stickers.noindex"
"attachments.noindex"
"downloads.noindex"
"drafts.noindex"
"sql"
"IndexedDB"
"Local Storage"
"SharedStorage"
"config.json"
"Preferences"
])
);
excludeHomeManagerSymlinks = true;

109
home-manager/progs/eww/config/eww.scss
View File

@@ -1,109 +0,0 @@
$background: #1e1e2e;
$pink: #f5c2e7;
$lavendar: #b4befe;
$red: #f38ba8;
$maroon: #eba0ac;
$peach: #fab387;
$yellow: #f9e2af;
$green: #a6e3a1;
$text: #cdd6f4;
$subtext: #a6adc8;
$surface: #585b70;
* {
color: $text;
font-family: CaskaydiaCove Nerd Font Mono;
font-weight: 600;
font-size: 10pt;
padding: 0 1px;
}
.red {
color: $red;
}
.maroon {
color: $maroon;
}
.peach {
color: $peach;
}
.yellow {
color: $yellow;
}
.green {
color: $green;
}
.lavendar {
color: $lavendar;
}
.symbol {
color: $lavendar;
font-size: 20px;
}
.button {
* {
all: unset;
margin: 0 5px;
font-size: 14pt;
transition: color 0.2s ease-in-out;
}
&:hover * {
color: $pink;
}
}
.bluetooth * {
font-size: 10pt;
padding: 0 0.3em;
}
.padded>*:not(:last-child) {
padding: 0 10px;
border-right: 1px solid $surface;
}
.background {
border: 1px solid $pink;
background-color: $background;
border-radius: 12px;
opacity: 0.8;
}
scale trough {
margin: 0 10px;
border: none;
background-color: #FFF;
min-height: 3px;
min-width: 100px;
& slider {
box-shadow: none;
background-image: none;
border: none;
background-color: $pink;
min-width: 5pt;
min-height: 5pt;
margin: -5pt;
}
& highlight {
border: none;
background-color: $lavendar;
}
}
.clipboard {
color: $subtext;
}
.time {
padding-right: 10px;
}

1
home-manager/progs/eww/config/eww.yuck
View File

@@ -1 +0,0 @@
(include "./statusbar.yuck")

17
home-manager/progs/eww/config/scripts/currentWindow.sh
View File

@@ -1,17 +0,0 @@
#!/usr/bin/env bash
niri_data=$(niri msg --json focused-window)
if [[ "$niri_data" == "null" ]]; then
exit 0
fi
name=$(echo "$niri_data" | jq -r '.["app_id"], .["title"]' | tr '\n' ' ' | sed 's/.$//')
proc_name=$(echo "$name" | head -c 55)
# TODO! fix this logic, add a '...' at the end
if [[ "$name" != "$proc_name" ]]; then
proc_name="$proc_name..."
fi
echo "$proc_name"

3
home-manager/progs/eww/config/scripts/currentWorkspace.sh
View File

@@ -1,3 +0,0 @@
#!/usr/bin/env fish
niri msg --json workspaces | jq -r '.[] | select(.is_focused == true) | .["id"]'

58
home-manager/progs/eww/config/scripts/power_bat.rs
View File

@@ -1,58 +0,0 @@
#!/usr/bin/env rust-script
use std::{fmt, fs::read_to_string, str::FromStr};
const BASE_PATH: &str = "/sys/class/power_supply/BAT1/";
const CURRENT_NOW_PATH: &str = "current_now";
const VOLTAGE_NOW_PATH: &str = "voltage_now";
const STATUS_PATH: &str = "status";
const FACTOR: f32 = 1e6_f32;
#[derive(Debug)]
enum Status {
Charging,
Discharging,
NotCharging,
}
impl FromStr for Status {
type Err = &'static str;
fn from_str(input: &str) -> Result<Status, Self::Err> {
match input {
"Charging" => Ok(Status::Charging),
"Discharging" => Ok(Status::Discharging),
"Not charging" => Ok(Status::NotCharging),
_ => Err("unknown state"),
}
}
}
impl fmt::Display for Status {
fn fmt(&self, f: &mut fmt::Formatter) -> fmt::Result {
fmt::Debug::fmt(self, f)
}
}
fn fetch_and_trim_into<T: FromStr<Err = impl fmt::Debug>>(path: &str) -> T {
let mut content = read_to_string(BASE_PATH.to_owned() + path).unwrap();
content.pop();
T::from_str(&content).unwrap()
}
fn fetch_bat_info(path: &str) -> f32 {
let value: f32 = fetch_and_trim_into(path);
value / FACTOR
}
fn main() {
let current_now: f32 = fetch_bat_info(CURRENT_NOW_PATH);
let voltage_now: f32 = fetch_bat_info(VOLTAGE_NOW_PATH);
let watts: f32 = current_now * voltage_now;
let status: Status = fetch_and_trim_into(STATUS_PATH);
println!(
"voltage: {:.4}\ncurrent: {:.4}\nwatts: {:.4}\nstatus: {}",
voltage_now, current_now, watts, status
);
}

2
home-manager/progs/eww/config/scripts/sound/getSink.sh
View File

@@ -1,2 +0,0 @@
#!/usr/bin/env sh
wpctl inspect @DEFAULT_SINK@ | grep -E "^ +\* node\.description" | cut -d' ' -f6- | tr -d '"'

22
home-manager/progs/eww/config/scripts/sound/getVolume.sh
View File

@@ -1,22 +0,0 @@
#!/usr/bin/env bash
output=$(wpctl get-volume @DEFAULT_SINK@ | cut -d' ' -f2- | sed -E 's/\.//g' | sed 's/^0*//g')
count=$(echo "$output" | awk -F, '{print $1+0}')
muted=$(echo "$output" | cut -d'[' -f2 | cut -d ']' -f1)
# if not muted, set to empty string
if [ "$muted" == "$count" ]; then
muted=""
fi
color="green"
if ((count > 75)); then color="yellow"; fi
if ((count > 90)); then color="peach"; fi
if ((count > 100)); then color="maroon"; fi
if ((count > 110)); then color="red"; fi
output="${count}%"
if [ "$muted" != "" ]; then
output="${output} [${muted}]"
fi
echo "{\"count\":\"${output}\", \"color\":\"${color}\"}"

23
home-manager/progs/eww/config/scripts/wifiInfo.zsh
View File

@@ -1,23 +0,0 @@
#!/usr/bin/env zsh
export CHARSET=ASCII
case $1 in
name)
nmcli -f IN-USE,SSID d w | grep '*' | sed 's/[\* ]//g' | cat
exit 0;;
strength)
str=$(nmcli -f ACTIVE,BARS d w | grep 'yes' | tr -d ' yesno')
case ${str: 0:-1} in
'****')
icon="󰤨"; colour="green";;
'***')
icon="󰤥"; colour="yellow";;
'**')
icon="󰤢"; colour="peach";;
'*')
icon="󰤟"; colour="maroon";;
*)
icon="󰤯"; colour="red";;
esac
echo "{\"icon\":\"$icon\",\"colour\":\"$colour\"}"
exit 0;;
esac

130
home-manager/progs/eww/config/statusbar.yuck
View File

@@ -1,130 +0,0 @@
(defwindow statusbar
:monitor 0
:stacking "fg"
:exclusive true
:geometry (geometry
:y "0.5%"
:width "100%"
:height "24px"
:anchor "top center")
(statusbar))
(defwidget statusbar []
(centerbox
(box :space-evenly false :halign 'start' :class 'padded'
(window-title))
(time)
(box :space-evenly false :halign 'end' :class 'padded'
(brightness-ctl)
(brightness-ctl-opener)
(volume)
(battery)
(bluetooth)
(wifi))))
(defwidget cmd-slider [?symbol value command max color]
(box :space-evenly false
(label :text symbol :class "symbol")
(scale
:min 0 :max max
:value value
:round-digits 0
:timeout "200ms"
:onchange command)
(label :text "${value}%" :class color)))
(defpoll windowtitle :interval "1s" `scripts/currentWindow.sh`)
(defwidget window-title []
(label
:text {windowtitle == "" ? "" : "(${windowtitle})"}))
(defwidget brightness-ctl []
(box :visible brightnessctl-open
(cmd-slider :symbol "󰃠" :value brightness
:command `brightnessctl set {}%`
:max 101 :color {
brightness >= 80 ? "green" :
brightness >= 50 ? "yellow" :
brightness >= 30 ? "peach" :
brightness >= 10 ? "maroon" : "red"
})))
(defpoll brightness :interval "1s" :run-while brightnessctl-open `brightnessctl -m | awk -F, '{print $4+0}'`)
(defvar brightnessctl-open false)
(defwidget brightness-ctl-opener []
(eventbox :class "button"
(button
:onclick `${EWW_CMD} update brightnessctl-open=${!brightnessctl-open}`
"󰃠")))
(defwidget wifi []
(eventbox
:class "button ${wifi-strength.colour}"
(label
:text {wifi-strength.icon}
:tooltip "Connected To: ${wifi-name}")))
(defpoll wifi-strength :interval "10s" `scripts/wifiInfo.zsh strength`)
(defpoll wifi-name :interval "1m" `scripts/wifiInfo.zsh name`)
(defwidget bluetooth []
(eventbox
:class "bluetooth button ${ bluetooth-name != "" ? "green" : "lavendar" }"
:onclick `blueman-manager &`
(label
:text "${bluetooth-name} 󰂯")))
; `FNR == 1 + head -c 30` so the name doesn't explode the screen
(defpoll bluetooth-name :interval "10s" `bluetoothctl devices Connected | awk '$1 == "Device" {print $0}' | cut -d' ' -f3-`)
(defwidget time []
(box
:space-evenly false
:class "time"
:tooltip {time.long}
(label :class "yellow" :text {time.hour})
(label :text ":")
(label :class "yellow" :text {time.minute})))
(defpoll time :interval "1s" `date +'{"long":"%a %b %e %H:%M:%S %Z %Y","hour":"%H","minute":"%M"}'`)
(defpoll powerstats :interval "2s" `power_bat`)
(defwidget battery []
(box :space-evenly false
:tooltip powerstats
(label
:text {EWW_BATTERY.BAT1.status == "Charging" ? "󰂄" :
EWW_BATTERY.BAT1.capacity >= 90 ? "󰁹" :
EWW_BATTERY.BAT1.capacity >= 80 ? "󰂂" :
EWW_BATTERY.BAT1.capacity >= 70 ? "󰂁" :
EWW_BATTERY.BAT1.capacity >= 60 ? "󰂀" :
EWW_BATTERY.BAT1.capacity >= 50 ? "󰁿" :
EWW_BATTERY.BAT1.capacity >= 40 ? "󰁾" :
EWW_BATTERY.BAT1.capacity >= 30 ? "󰁽" :
EWW_BATTERY.BAT1.capacity >= 20 ? "󰁼" :
EWW_BATTERY.BAT1.capacity >= 10 ? "󰁻" : "󰁺"
}
:class {
EWW_BATTERY.BAT1.capacity >= 80 ? "green" :
EWW_BATTERY.BAT1.capacity >= 50 ? "yellow" :
EWW_BATTERY.BAT1.capacity >= 30 ? "peach" :
EWW_BATTERY.BAT1.capacity >= 10 ? "maroon" : "red"
})
(label :text "${EWW_BATTERY.BAT1.capacity}%" :class "yellow")))
(defpoll volumevalue :interval "1s" `scripts/sound/getVolume.sh`)
(defpoll volumesink :interval "1s" `scripts/sound/getSink.sh`)
(defwidget volume []
(eventbox :tooltip volumesink
:onclick `pwvucontrol &`
(label :text "${volumevalue.count}" :class {volumevalue.color})))
(defpoll currentworkspace :interval "1s" `scripts/currentWorkspace.sh`)

40
home-manager/progs/eww/eww.nix
View File

@@ -1,40 +0,0 @@
{
pkgs,
lib,
config,
...
}:
{
home.packages = with pkgs; [
zsh
bluez
brightnessctl
(callPackage ./power_bat.nix { })
];
programs.eww = {
enable = true;
configDir = ./config;
};
programs.niri.settings.spawn-at-startup = [
{
command = [
(lib.getExe config.programs.eww.package)
"-c"
"${config.programs.eww.configDir}"
"open"
"statusbar"
];
}
# swaybg works on more than just sway (sets a wallpaper)
{
command = [
(lib.getExe pkgs.swaybg)
"-i"
"${../wallpaper.png}"
];
}
];
}

4
home-manager/progs/eww/power_bat.nix
View File

@@ -1,4 +0,0 @@
{ pkgs, lib, ... }:
pkgs.writeShellScriptBin "power_bat" ''
exec ${lib.getExe pkgs.rust-script} ${./config/scripts/power_bat.rs} "$@"
''

219
home-manager/progs/opencode.nix
View File

@@ -1,219 +0,0 @@
{
config,
lib,
pkgs,
inputs,
...
}:
let
# what model should be used in place of haiku?
haiku-model = "anthropic/claude-haiku-4-5";
opus-model = "anthropic/claude-opus-4-6";
opencode-claude-bridge = pkgs.buildNpmPackage {
pname = "opencode-claude-bridge";
version = "1.8.0";
src = inputs.opencode-claude-bridge;
npmDepsHash = "sha256-jH/UweuHqfeLxICxNRsBODWOBfVdE+ZgIinfW/ITSSc=";
buildPhase = ''
runHook preBuild
npx tsc
runHook postBuild
'';
# the plugin entry point is dist/index.js
installPhase = ''
runHook preInstall
mkdir -p $out/lib/opencode-claude-bridge
cp -r dist $out/lib/opencode-claude-bridge/
runHook postInstall
'';
};
ohMyOpencodeConfig = {
"$schema" =
"https://raw.githubusercontent.com/code-yeongyu/oh-my-opencode/master/assets/oh-my-opencode.schema.json";
git_master = {
commit_footer = false;
include_co_authored_by = false;
};
agents = {
sisyphus.model = opus-model;
sisyphus-junior.model = opus-model;
oracle.model = opus-model;
librarian.model = haiku-model;
explore.model = haiku-model;
multimodal-looker.model = "anthropic/claude-opus-4-6";
prometheus.model = opus-model;
metis.model = opus-model;
momus.model = opus-model;
atlas.model = opus-model;
};
categories = {
visual-engineering.model = "openrouter/google/gemini-3-pro";
ultrabrain.model = opus-model;
artistry = {
model = "openrouter/google/gemini-3-pro";
variant = "max";
};
quick.model = haiku-model;
deep.model = opus-model;
writing.model = "openrouter/google/gemini-3-flash-preview";
};
};
oh-my-opencode-pkg = inputs.llm-agents.packages.${pkgs.stdenv.hostPlatform.system}.oh-my-opencode;
in
{
home.packages = [
oh-my-opencode-pkg
pkgs.playwright-driver.browsers
inputs.claude-code.packages.${pkgs.stdenv.hostPlatform.system}.claude-code
];
home.sessionVariables = {
PLAYWRIGHT_BROWSERS_PATH = "${pkgs.playwright-driver.browsers}";
PLAYWRIGHT_SKIP_BROWSER_DOWNLOAD = "1";
};
xdg.configFile."opencode/oh-my-opencode.json".text = builtins.toJSON ohMyOpencodeConfig;
# Plugins are placed directly in the plugins directory so opencode
# auto-discovers them instead of downloading them from npm at runtime.
xdg.configFile."opencode/plugins/oh-my-opencode.js".source =
"${oh-my-opencode-pkg}/lib/oh-my-opencode/dist/index.js";
xdg.configFile."opencode/plugins/opencode-claude-bridge.js".source =
"${opencode-claude-bridge}/lib/opencode-claude-bridge/dist/index.js";
xdg.configFile."opencode/skills/playwright.md".text =
let
browsers = pkgs.playwright-driver.browsers;
chromiumDir = builtins.head (
builtins.filter (n: builtins.match "chromium-[0-9]+" n != null) (
builtins.attrNames browsers.passthru.entries
)
);
chromiumPath = "${browsers}/${chromiumDir}/chrome-linux64/chrome";
in
''
---
name: playwright
description: "MUST USE for any browser-related tasks. Browser automation via Playwright MCP - verification, browsing, information gathering, web scraping, testing, screenshots, and all browser interactions."
mcp:
playwright:
command: npx
args:
- "@playwright/mcp@latest"
- "--executable-path"
- "${chromiumPath}"
- "--user-data-dir"
- "${config.home.homeDirectory}/.cache/playwright-mcp"
---
# Playwright Browser Automation
This skill provides browser automation capabilities via the Playwright MCP server.
'';
programs.opencode = {
package = inputs.llm-agents.packages.${pkgs.stdenv.targetPlatform.system}.opencode;
enable = true;
rules = ''
You are an intelligent and observant agent.
If instructed to commit, disable gpg signing.
You are on nixOS, if you don't have access to a tool, you can access it via the `nix-shell` command.
## Think deeply about everything.
When given a problem, break it down, abstract it out, understand the fundamentals, then solve it in the real world.
## Misc
For long-running commands, make sure you set the timeout of the Bash tool provided to a larger value.
Do NOT read secret files. Do not directly read files that are api keys or are contextually sensitive.
Do NOT run `skill_mcp [mcp_name=playwright, tool_name=browser_install]` as browsers are provided by NixOS via PLAYWRIGHT_BROWSERS_PATH.
## Behavior
Do not be sycophantic in your responses.
Do not use emojis unless explicitly asked to. This includes in code.
Use Test Driven Development methodology.
## Nix
For using `nix build` append `-L` to get better visibility into the logs.
If you get an error that a file can't be found, always try to `git add` the file before trying other troubleshooting steps.
## Android UI Interaction Workflow Summary
1. Taking Screenshots
adb exec-out screencap -p > /tmp/screen.png
Captures the current screen state as a PNG image.
2. Analyzing Screenshots
I delegate screenshot analysis to an explore agent rather than analyzing images directly:
mcp_task(subagent_type="explore", prompt="Analyze /tmp/screen.png. What screen is this? What elements are visible?")
The agent describes the UI, identifies elements, and estimates Y coordinates.
3. Getting Precise Element Coordinates
UI Automator dump - extracts the full UI hierarchy as XML:
adb shell uiautomator dump /sdcard/ui.xml && adb pull /sdcard/ui.xml /tmp/ui.xml
Then grep for specific elements:
# Find by text
grep -oP 'text="Login".*?bounds="[^"]*"' /tmp/ui.xml
# Find by class
grep -oP 'class="android.widget.EditText".*?bounds="[^"]*"' /tmp/ui.xml
Bounds format: [left,top][right,bottom] tap center: ((left+right)/2, (top+bottom)/2)
4. Tapping Elements
adb shell input tap X Y
Where X, Y are pixel coordinates from the bounds.
5. Text Input
adb shell input text "some_text"
Note: Special characters need escaping (\!, \;, etc.)
6. Other Gestures
# Swipe/scroll
adb shell input swipe startX startY endX endY duration_ms
# Key events
adb shell input keyevent KEYCODE_BACK
adb shell input keyevent KEYCODE_ENTER
7. WebView Limitation
- UI Automator can see WebView content if accessibility is enabled
- Touch events on iframe content (like Cloudflare Turnstile) often fail due to cross-origin isolation
- Form fields in WebViews work if you get exact bounds from the UI dump
Typical Flow
1. Take screenshot analyze with explore agent (get rough layout)
2. Dump UI hierarchy grep for exact element bounds
- NEVER ASSUME COORDINATES. You must ALWAYS check first.
- Do this before ANY tap action as elements on the screen may of changed.
3. Calculate center coordinates from bounds
4. Tap/interact
5. Wait screenshot verify result
'';
settings = {
theme = "opencode";
model = opus-model;
# small model used for titles
small_model = "openrouter/openai/gpt-oss-20b:free";
autoshare = false;
autoupdate = false;
agent = { };
plugin = [ ];
provider = {
openrouter = {
models = {
"openai/gpt-oss-20b:free" = { };
"qwen/qwen3-vl-30b-a3b-thinking" = { };
};
options = {
# TODO! use agenix here instead
apiKey = "{file:${../secrets/openrouter_api_key}}";
};
};
};
};
};
}

179
home-manager/progs/pi.nix Normal file
View File

@@ -0,0 +1,179 @@
{
config,
lib,
pkgs,
inputs,
...
}:
let
# sisyphus/oracle/prometheus → default/slow/plan = opus
# librarian/explore/quick → smol/commit = haiku
ompSettings = {
modelRoles = {
default = "anthropic/claude-opus-4-7:high";
smol = "anthropic/claude-haiku-4-5:low";
slow = "anthropic/claude-opus-4-7:xhigh";
plan = "anthropic/claude-opus-4-7:high";
commit = "anthropic/claude-haiku-4-5:low";
};
};
# provider config — secrets read at eval time via builtins.readFile
# (omp treats apiKey as env-var-name-or-literal, not a shell command)
ompModels = {
providers = {
openrouter = {
apiKey = lib.strings.trim (builtins.readFile ../secrets/openrouter_api_key);
};
"llama.cpp" = {
baseUrl = "https://llm.sigkill.computer";
apiKey = lib.strings.trim (builtins.readFile ../secrets/llama_cpp_api_key);
api = "openai-responses";
authHeader = true;
discovery.type = "llama.cpp";
};
};
};
in
{
home.packages = [
(inputs.llm-agents.packages.${pkgs.stdenv.hostPlatform.system}.omp.overrideAttrs (old: {
patches = (old.patches or [ ]) ++ [ ];
}))
];
# main settings: ~/.omp/agent/config.yml (JSON is valid YAML)
home.file.".omp/agent/config.yml".text = builtins.toJSON ompSettings;
# model/provider config: ~/.omp/agent/models.yml
home.file.".omp/agent/models.yml".text = builtins.toJSON ompModels;
# global instructions loaded at startup
home.file.".omp/agent/AGENTS.md".text = ''
You are an intelligent and observant agent.
If instructed to commit, disable gpg signing.
You are on nixOS, if you don't have access to a tool, you can access it via the `nix-shell` command.
## Think deeply about everything.
When given a problem, break it down, abstract it out, understand the fundamentals, then solve it in the real world.
## Misc
For long-running commands, make sure you set the timeout of the Bash tool provided to a larger value.
Do NOT read secret files. Do not directly read files that are api keys or are contextually sensitive.
## Behavior
Do not be sycophantic in your responses.
Do not use emojis unless explicitly asked to. This includes in code.
Use Test Driven Development methodology.
## Nix
For using `nix build` append `-L` to get better visibility into the logs.
If you get an error that a file can't be found, always try to `git add` the file before trying other troubleshooting steps.
'';
home.file.".omp/agent/skills/android-ui/SKILL.md".text = ''
---
name: android-ui
description: Android UI automation via ADB. Use for any Android device interaction, UI testing, screenshot analysis, element coordinate lookup, and gesture automation.
---
# Android UI
## 1. Taking Screenshots
```
adb exec-out screencap -p > /tmp/screen.png
```
Captures the current screen state as a PNG image.
## 2. Analyzing Screenshots
Read the screenshot file to understand the current screen state and identify UI elements.
## 3. Getting Precise Element Coordinates
UI Automator dump - extracts the full UI hierarchy as XML:
```
adb shell uiautomator dump /sdcard/ui.xml && adb pull /sdcard/ui.xml /tmp/ui.xml
```
Then grep for specific elements:
```sh
# Find by text
grep -oP 'text="Login".*?bounds="[^"]*"' /tmp/ui.xml
# Find by class
grep -oP 'class="android.widget.EditText".*?bounds="[^"]*"' /tmp/ui.xml
```
Bounds format: `[left,top][right,bottom]` tap center: `((left+right)/2, (top+bottom)/2)`
## 4. Tapping Elements
```
adb shell input tap X Y
```
Where X, Y are pixel coordinates from the bounds.
## 5. Text Input
```
adb shell input text "some_text"
```
Note: Special characters need escaping (`\!`, `\;`, etc.)
## 6. Other Gestures
```sh
# Swipe/scroll
adb shell input swipe startX startY endX endY duration_ms
# Key events
adb shell input keyevent KEYCODE_BACK
adb shell input keyevent KEYCODE_ENTER
```
## 7. WebView Limitation
- UI Automator can see WebView content if accessibility is enabled
- Touch events on iframe content (like Cloudflare Turnstile) often fail due to cross-origin isolation
- Form fields in WebViews work if you get exact bounds from the UI dump
## Typical Flow
1. Take screenshot analyze it (get rough layout)
2. Dump UI hierarchy grep for exact element bounds
- NEVER ASSUME COORDINATES. You must ALWAYS check first.
- Do this before ANY tap action as elements on the screen may have changed.
3. Calculate center coordinates from bounds
4. Tap/interact
5. Wait screenshot verify result
'';
# omp has a built-in browser tool with NixOS auto-detection,
# but this skill provides playwright MCP as a supplementary option
home.file.".omp/agent/skills/playwright/SKILL.md".text =
let
browsers = pkgs.playwright-driver.browsers;
chromiumDir = builtins.head (
builtins.filter (n: builtins.match "chromium-[0-9]+" n != null) (
builtins.attrNames browsers.passthru.entries
)
);
chromiumPath = "${browsers}/${chromiumDir}/chrome-linux64/chrome";
in
''
---
name: playwright
description: Browser automation via Playwright MCP. Use as an alternative to the built-in browser tool for Playwright-specific workflows, testing, and web scraping. Chromium is provided by NixOS.
---
# Playwright
## Browser Setup
Chromium is provided by NixOS. Do NOT attempt to download browsers.
- Chromium path: `${chromiumPath}`
- Browsers path: `${browsers}`
## Usage
Launch the Playwright MCP server for browser automation:
```bash
npx @playwright/mcp@latest --executable-path "${chromiumPath}" --user-data-dir "${config.home.homeDirectory}/.cache/playwright-mcp"
```
Set these environment variables if not already set:
```bash
export PLAYWRIGHT_BROWSERS_PATH="${browsers}"
export PLAYWRIGHT_SKIP_BROWSER_DOWNLOAD=1
```
'';
}

22
home-manager/progs/zen/default.nix
View File

@@ -24,6 +24,20 @@ let
};
};
consumer-rights-wiki = buildFirefoxXpiAddon {
pname = "consumer-rights-wiki";
version = "1.0.34";
addonId = "@crw-extension-firefox";
url = "https://addons.mozilla.org/firefox/downloads/file/4730448/consumer_rights_wiki-1.0.34.xpi";
sha256 = "732969ed4d5c7965b6254a1190a82ce4ab0ff44bda2295264eb8a22c452899ea";
meta = with lib; {
homepage = "https://github.com/FULU-Foundation/CRW-Extension";
description = "Shows a popup when the site you're viewing has an article on the Consumer Rights Wiki";
license = licenses.mit;
platforms = platforms.all;
};
};
ublockSettings = import ./ublock.nix { inherit lib; };
darkReaderSettings = import ./dark-reader.nix { inherit lib; };
redirectorSettings = import ./redirector.nix { inherit lib; };
@@ -54,7 +68,10 @@ in
steam-database
ublock-origin
])
++ [ hacker-smacker ];
++ [
hacker-smacker
consumer-rights-wiki
];
settings = {
"uBlock0@raymondhill.net" = ublockSettings;
@@ -92,6 +109,9 @@ in
# https://github.com/nix-community/home-manager/issues/6083
"services.sync.engine.prefs" = false;
"services.sync.engine.addons" = false;
# use a separate default search engine in private windows
"browser.search.separatePrivateDefault.ui.enabled" = true;
"browser.search.separatePrivateDefault" = true;
# disable built-in password manager — using bitwarden
"signon.rememberSignons" = false;
"signon.autofillForms" = false;

BIN
home-manager/secrets/llama_cpp_api_key Normal file
View File

Binary file not shown.

202
system/common.nix
View File

@@ -78,23 +78,208 @@
options = "--delete-older-than 30d";
};
# enable flakes!
settings.experimental-features = [
"nix-command"
"flakes"
];
settings = {
# enable flakes!
experimental-features = [
"nix-command"
"flakes"
];
# Use muffin server as a binary cache
substituters = [ "https://nix-cache.sigkill.computer" ];
trusted-public-keys = [
"nix-cache.sigkill.computer-1:ONtQC9gUjL+2yNgMWB68NudPySXhyzJ7I3ra56/NPgk="
];
netrc-file = "${./secrets/nix-cache-netrc}";
};
};
# cachyos kernel overlay
nixpkgs.overlays = [ inputs.nix-cachyos-kernel.overlays.default ];
# kernel options
boot = {
kernelPackages = pkgs.linuxPackages_testing;
# kernelPackages = pkgs.linuxPackages_latest;
# cachyos kernel: bore scheduler, full lto, x86_64-v3 (common to zen 3 + zen 5)
kernelPackages =
let
helpers = pkgs.callPackage "${inputs.nix-cachyos-kernel}/helpers.nix" { };
kernel = pkgs.cachyosKernels.linux-cachyos-bore-lto.override {
lto = "full";
processorOpt = "x86_64-v3";
};
in
helpers.kernelModuleLLVMOverride (pkgs.linuxKernel.packagesFor kernel);
# disable legacy subsystems neither host will ever use
kernelPatches = [
{
name = "disable-legacy-subsystems";
patch = null;
structuredExtraConfig = with lib.kernel; {
# ancient bus/card standards
PCMCIA = lib.mkForce no;
PCCARD = lib.mkForce no;
PARPORT = lib.mkForce no;
GAMEPORT = lib.mkForce module;
FIREWIRE = lib.mkForce no;
AGP = lib.mkForce no;
# legacy networking
ATM = lib.mkForce no;
FDDI = lib.mkForce no;
ISDN = lib.mkForce no;
CAN = lib.mkForce no;
NFC = lib.mkForce no;
INFINIBAND = lib.mkForce no;
# amateur radio (HAMRADIO is the umbrella but these are separate symbols)
HAMRADIO = lib.mkForce no;
AX25 = lib.mkForce no;
NETROM = lib.mkForce no;
ROSE = lib.mkForce no;
# dead protocols
PHONET = lib.mkForce no;
IEEE802154 = lib.mkForce no;
"6LOWPAN" = lib.mkForce no;
NET_9P = lib.mkForce no;
BATMAN_ADV = lib.mkForce no;
# tv tuners / digital video broadcasting
MEDIA_ANALOG_TV_SUPPORT = lib.mkForce no;
MEDIA_DIGITAL_TV_SUPPORT = lib.mkForce no;
DVB_CORE = lib.mkForce no;
# hypervisor guest support (bare metal only)
HYPERV = lib.mkForce no;
XEN = lib.mkForce no;
VMWARE_VMCI = lib.mkForce no;
VMWARE_BALLOON = lib.mkForce no;
VMWARE_PVSCSI = lib.mkForce no;
VMWARE_VMCI_VSOCKETS = lib.mkForce no;
VMXNET3 = lib.mkForce no;
DRM_VMWGFX = lib.mkForce no;
VBOXGUEST = lib.mkForce no;
VBOXSF_FS = lib.mkForce no;
# staging drivers (experimental/unmaintained)
STAGING = lib.mkForce no;
# SND_PCI stays — SND_HDA_INTEL (AMD HDA audio) lives under it
ACCESSIBILITY = lib.mkForce no;
MTD = lib.mkForce no;
MEDIA_RC_SUPPORT = lib.mkForce no;
# legacy storage (AHCI for modern SATA is independent)
ATA_SFF = lib.mkForce no;
SCSI_LOWLEVEL = lib.mkForce no;
FUSION = lib.mkForce no;
# misc legacy
MOST = lib.mkForce no;
PPDEV = lib.mkForce no;
PHANTOM = lib.mkForce no;
X86_ANDROID_TABLETS = lib.mkForce no;
# CHROME_PLATFORMS stays — Framework laptops use CrOS EC
SURFACE_PLATFORMS = lib.mkForce no;
MCTP = lib.mkForce no;
GPIB = lib.mkForce no;
SIOX = lib.mkForce no;
SLIMBUS = lib.mkForce no;
WWAN = lib.mkForce no;
# nvidia gpu
DRM_NOUVEAU = lib.mkForce no;
# other gpus not present
DRM_RADEON = lib.mkForce no;
DRM_GMA500 = lib.mkForce no;
DRM_AST = lib.mkForce no;
DRM_MGAG200 = lib.mkForce no;
DRM_HISI_HIBMC = lib.mkForce no;
DRM_APPLETBDRM = lib.mkForce no;
# intel gpu
DRM_I915 = lib.mkForce no;
DRM_XE = lib.mkForce no;
# intel cpu / platform
INTEL_IOMMU = lib.mkForce no;
INTEL_IDLE = lib.mkForce no;
INTEL_HFI_THERMAL = lib.mkForce no;
INTEL_TCC_COOLING = lib.mkForce no;
INTEL_SOC_DTS_THERMAL = lib.mkForce no;
INTEL_PCH_THERMAL = lib.mkForce no;
INTEL_POWERCLAMP = lib.mkForce no;
X86_PKG_TEMP_THERMAL = lib.mkForce no;
X86_INTEL_LPSS = lib.mkForce no;
INTEL_MEI = lib.mkForce no;
INTEL_TH = lib.mkForce no;
INTEL_VSEC = lib.mkForce no;
INTEL_IDXD = lib.mkForce no;
INTEL_IOATDMA = lib.mkForce no;
EDAC_E752X = lib.mkForce no;
EDAC_I82975X = lib.mkForce no;
EDAC_I3000 = lib.mkForce no;
EDAC_I3200 = lib.mkForce no;
EDAC_IE31200 = lib.mkForce no;
EDAC_X38 = lib.mkForce no;
EDAC_I5400 = lib.mkForce no;
EDAC_I7CORE = lib.mkForce no;
EDAC_I5100 = lib.mkForce no;
EDAC_I7300 = lib.mkForce no;
EDAC_SBRIDGE = lib.mkForce no;
EDAC_SKX = lib.mkForce no;
EDAC_I10NM = lib.mkForce no;
EDAC_IMH = lib.mkForce no;
EDAC_PND2 = lib.mkForce no;
EDAC_IGEN6 = lib.mkForce no;
# intel audio
SND_SOC_SOF_INTEL_TOPLEVEL = lib.mkForce no;
SND_SOC_INTEL_SST_TOPLEVEL = lib.mkForce no;
# mellanox networking
MLX4_CORE = lib.mkForce no;
MLX5_CORE = lib.mkForce no;
MLXSW_CORE = lib.mkForce no;
MLX_PLATFORM = lib.mkForce no;
# fpga
FPGA = lib.mkForce no;
# old x86 cpufreq / platform (both systems are modern Zen)
AMD_NUMA = lib.mkForce no;
X86_POWERNOW_K8 = lib.mkForce no;
X86_P4_CLOCKMOD = lib.mkForce no;
X86_SPEEDSTEP_LIB = lib.mkForce no;
# cxl (datacenter memory expansion)
CXL_BUS = lib.mkForce no;
# embedded SoC peripherals (not present on desktop/laptop)
INPUT_TOUCHSCREEN = lib.mkForce no;
INPUT_TABLET = lib.mkForce no;
INPUT_JOYSTICK = lib.mkForce no;
MEDIA_PLATFORM_DRIVERS = lib.mkForce no;
MEDIA_TEST_SUPPORT = lib.mkForce no;
# deprecated userland compat
SGETMASK_SYSCALL = lib.mkForce no;
UID16 = lib.mkForce no;
X86_X32_ABI = lib.mkForce no;
};
}
];
# aes_generic is built-in as of linux 7.0, no longer a loadable module
initrd.luks.cryptoModules = lib.mkForce (
lib.filter (m: m != "aes_generic") options.boot.initrd.luks.cryptoModules.default
);
# some default initrd modules (ata_piix etc) don't exist with ATA_SFF=n
initrd.allowMissingModules = true;
lanzaboote = {
enable = true;
# TODO: proper secrets management so this is not stored in nix store
@@ -226,8 +411,7 @@
# Enable sound with pipewire.
services.pulseaudio.enable = false; # pipewire >>>>>>> pulseaudio
# BUG! disable rtkit in order to fix mumble: https://github.com/NixOS/nixpkgs/issues/392992#issuecomment-2799867278
security.rtkit.enable = false;
security.rtkit.enable = true;
services.pipewire = {
enable = true;
alsa.enable = true;

BIN
system/secrets/nix-cache-netrc Normal file
View File

Binary file not shown.

23
system/system-mreow.nix
View File

@@ -24,6 +24,29 @@
# if I move to another lock screen program, i will have to replace `swaylock`
security.pam.services.swaylock = { };
# Kernel-level power tuning. These are boot-time / module-load-time settings
# that power-profiles-daemon (in common.nix) does not manage. ppd handles
# governor and EPP at runtime; these cover everything else.
boot.kernelParams = [
# Disable NMI watchdog. Eliminates periodic perf-counter interrupts
# across all cores (~1 W). Kernel softlockup watchdog remains active.
"nmi_watchdog=0"
# Route kernel work items to already-busy CPUs rather than waking idle
# ones. Reduces C-state exit frequency -- significant on battery where
# cores idle often.
"workqueue.power_efficient=1"
];
boot.kernel.sysctl."kernel.nmi_watchdog" = 0;
# Power-gate the HDA codec between audio activity. 1-second inactivity
# timeout; controller powers down fully. Wakes transparently on next
# audio event -- no audible artifacts on Framework 13 AMD.
boot.extraModprobeConfig = ''
options snd_hda_intel power_save=1 power_save_controller=Y
'';
# Greetd display manager
services.greetd = {
enable = true;

204
system/system-yarn.nix
View File

@@ -75,12 +75,54 @@
# LACT (Linux AMDGPU Configuration Tool): https://github.com/ilya-zlobintsev/LACT
environment.systemPackages = with pkgs; [
lact
jovian-stubs
];
systemd.packages = with pkgs; [ lact ];
systemd.services.lactd.wantedBy = [ "multi-user.target" ];
systemd.services.lactd.serviceConfig.ExecStartPre = "${lib.getExe pkgs.bash} -c \"sleep 3s\"";
# root-level service that applies a pending update. Triggered by
# steamos-update (via systemctl start) when the user accepts an update.
# Runs as root so it can write the system profile and boot entry.
systemd.services.pull-update-apply = {
description = "Apply pending NixOS update pulled from binary cache";
serviceConfig = {
Type = "oneshot";
ExecStart = pkgs.writeShellScript "pull-update-apply" ''
set -uo pipefail
export PATH=${
pkgs.lib.makeBinPath [
pkgs.curl
pkgs.coreutils
pkgs.nix
]
}
STORE_PATH=$(curl -sf --max-time 30 "https://nix-cache.sigkill.computer/deploy/yarn" || true)
if [ -z "$STORE_PATH" ]; then
echo "server unreachable"
exit 1
fi
echo "applying $STORE_PATH"
nix-store -r "$STORE_PATH" || { echo "fetch failed"; exit 1; }
nix-env -p /nix/var/nix/profiles/system --set "$STORE_PATH" || { echo "profile set failed"; exit 1; }
"$STORE_PATH/bin/switch-to-configuration" boot || { echo "boot entry failed"; exit 1; }
echo "update applied; reboot required"
'';
};
};
# Allow primary user to start pull-update-apply.service without a password
security.polkit.extraConfig = ''
polkit.addRule(function(action, subject) {
if (action.id == "org.freedesktop.systemd1.manage-units" &&
action.lookup("unit") == "pull-update-apply.service" &&
subject.user == "${username}") {
return polkit.Result.YES;
}
});
'';
nixpkgs.config.allowUnfreePredicate =
pkg:
builtins.elem (lib.getName pkg) [
@@ -96,65 +138,123 @@
# This prevents Steam from requesting reboots for "system updates"
# Steam client updates will still work normally
nixpkgs.overlays = [
(final: prev: {
jovian-stubs = prev.stdenv.mkDerivation {
name = "jovian-stubs-no-update";
dontUnpack = true;
installPhase = ''
mkdir -p $out/bin
(
final: prev:
let
deploy-url = "https://nix-cache.sigkill.computer/deploy/yarn";
# steamos-update: always report "no update available" (exit 7)
# This disables the kernel mismatch check that triggers reboot prompts
cat > $out/bin/steamos-update << 'STUB'
#!/bin/sh
>&2 echo "[JOVIAN] $0: stub called with: $* (system updates disabled)"
exit 7
STUB
steamos-update-script = final.writeShellScript "steamos-update" ''
export PATH=${
final.lib.makeBinPath [
final.curl
final.coreutils
final.systemd
]
}
# steamos-reboot: reboot the system
cat > $out/bin/steamos-reboot << 'STUB'
#!/bin/sh
>&2 echo "[JOVIAN] $0: stub called with: $*"
systemctl reboot
STUB
STORE_PATH=$(curl -sf --max-time 30 "${deploy-url}" || true)
# steamos-select-branch: no-op stub
cat > $out/bin/steamos-select-branch << 'STUB'
#!/bin/sh
>&2 echo "[JOVIAN] $0: stub called with: $*"
exit 0
STUB
if [ -z "$STORE_PATH" ]; then
>&2 echo "[steamos-update] server unreachable"
exit 7
fi
# steamos-factory-reset-config: no-op stub
cat > $out/bin/steamos-factory-reset-config << 'STUB'
#!/bin/sh
>&2 echo "[JOVIAN] $0: stub called with: $*"
exit 0
STUB
CURRENT=$(readlink -f /nix/var/nix/profiles/system)
if [ "$CURRENT" = "$STORE_PATH" ]; then
>&2 echo "[steamos-update] no update available"
exit 0
fi
# steamos-firmware-update: no-op stub
cat > $out/bin/steamos-firmware-update << 'STUB'
#!/bin/sh
>&2 echo "[JOVIAN] $0: stub called with: $*"
exit 0
STUB
# check-only mode: just report that an update exists
if [ "''${1:-}" = "check" ] || [ "''${1:-}" = "--check-only" ]; then
>&2 echo "[steamos-update] update available"
exit 0
fi
# pkexec: pass through to real pkexec
cat > $out/bin/pkexec << 'STUB'
#!/bin/sh
exec /run/wrappers/bin/pkexec "$@"
STUB
# sudo: pass through to doas
cat > $out/bin/sudo << 'STUB'
#!/bin/sh
exec /run/wrappers/bin/doas "$@"
STUB
chmod 755 $out/bin/*
# apply: trigger the root-running systemd service to install the update
>&2 echo "[steamos-update] applying update..."
if systemctl start --wait pull-update-apply.service; then
>&2 echo "[steamos-update] update installed, reboot to apply"
exit 0
else
>&2 echo "[steamos-update] apply failed; see 'journalctl -u pull-update-apply'"
exit 1
fi
'';
};
})
in
{
jovian-stubs = prev.stdenv.mkDerivation {
name = "jovian-stubs";
dontUnpack = true;
installPhase = ''
mkdir -p $out/bin
ln -s ${steamos-update-script} $out/bin/steamos-update
ln -s ${steamos-update-script} $out/bin/steamos-mandatory-update
# jupiter-initial-firmware-update: no-op (not a real steam deck)
cat > $out/bin/jupiter-initial-firmware-update << 'STUB'
#!/bin/sh
exit 0
STUB
# jupiter-biosupdate: no-op (not a real steam deck)
cat > $out/bin/jupiter-biosupdate << 'STUB'
#!/bin/sh
exit 0
STUB
# steamos-reboot: reboot the system
cat > $out/bin/steamos-reboot << 'STUB'
#!/bin/sh
>&2 echo "[JOVIAN] $0: stub called with: $*"
systemctl reboot
STUB
# steamos-select-branch: no-op stub
cat > $out/bin/steamos-select-branch << 'STUB'
#!/bin/sh
>&2 echo "[JOVIAN] $0: stub called with: $*"
exit 0
STUB
# steamos-factory-reset-config: no-op stub
cat > $out/bin/steamos-factory-reset-config << 'STUB'
#!/bin/sh
>&2 echo "[JOVIAN] $0: stub called with: $*"
exit 0
STUB
# steamos-firmware-update: no-op stub
cat > $out/bin/steamos-firmware-update << 'STUB'
#!/bin/sh
>&2 echo "[JOVIAN] $0: stub called with: $*"
exit 0
STUB
# pkexec: pass through to real pkexec
cat > $out/bin/pkexec << 'STUB'
#!/bin/sh
exec /run/wrappers/bin/pkexec "$@"
STUB
# sudo: strip flags and run the command directly (no escalation).
# privileged ops are delegated to root systemd services via systemctl.
cat > $out/bin/sudo << 'STUB'
#!/bin/sh
while [ $# -gt 0 ]; do
case "$1" in
-*) shift ;;
*) break ;;
esac
done
exec "$@"
STUB
find $out/bin -type f -exec chmod 755 {} +
'';
};
}
)
];
jovian = {