johno/nixos-configs
1
0
Fork 0
Code Issues 3 Pull Requests 8 Actions Packages Projects Releases Wiki Activity

Compare commits

base: johno:63bf19b85f611e0136337d4be9a60a73f3f5ac89
Branches Tags
johno:main johno:beads-sync johno:bead/nixos-configs-2mk johno:bead/nixos-configs-tcu johno:bead/nixos-configs-pea johno:bead/nixos-configs-ek5 johno:bead/nixos-configs-bli johno:bead/nixos-configs-vru johno:bead/nixos-configs-fkt johno:bead/nixos-configs-u81 johno:bead/nixos-configs-tdf johno:bead/nixos-configs-2hq johno:bead/nixos-configs-85h johno:bead/nixos-configs-7hd johno:bead/nixos-configs-is4 johno:bead/nixos-configs-0ov johno:bead/nixos-configs-v2v johno:bead/nixos-configs-0vf johno:feat/prebuilt-doom-usb-nixos-configs-1wd johno:feat/starship-prompt-nixos-configs-uji johno:fix/mu4e-email-body-nixos-configs-9l8 johno:feature/sendspin-cli-package johno:25.11 johno:nix-deck-setup johno:boxy-app-launcher johno:btrfs-role johno:convert-nixbook-to-btrfs johno:add-liveusb johno:shared-steam-library johno:add-steam-streaming-sleep-inhibitor johno:kodi-add-kdeconnect johno:kodi-updates johno:kodi-hdr johno:spotifyd johno:plasma-manager johno:fix-kodi-wayland johno:k3s johno:sway johno:kodi-to-wayland johno:home-manager-as-nixos-module
..
compare: johno:25.11
Branches Tags
johno:beads-sync johno:main johno:bead/nixos-configs-2mk johno:bead/nixos-configs-tcu johno:bead/nixos-configs-pea johno:bead/nixos-configs-ek5 johno:bead/nixos-configs-bli johno:bead/nixos-configs-vru johno:bead/nixos-configs-fkt johno:bead/nixos-configs-u81 johno:bead/nixos-configs-tdf johno:bead/nixos-configs-2hq johno:bead/nixos-configs-85h johno:bead/nixos-configs-7hd johno:bead/nixos-configs-is4 johno:bead/nixos-configs-0ov johno:bead/nixos-configs-v2v johno:bead/nixos-configs-0vf johno:feat/prebuilt-doom-usb-nixos-configs-1wd johno:feat/starship-prompt-nixos-configs-uji johno:fix/mu4e-email-body-nixos-configs-9l8 johno:feature/sendspin-cli-package johno:25.11 johno:nix-deck-setup johno:boxy-app-launcher johno:btrfs-role johno:convert-nixbook-to-btrfs johno:add-liveusb johno:shared-steam-library johno:add-steam-streaming-sleep-inhibitor johno:kodi-add-kdeconnect johno:kodi-updates johno:kodi-hdr johno:spotifyd johno:plasma-manager johno:fix-kodi-wayland johno:k3s johno:sway johno:kodi-to-wayland johno:home-manager-as-nixos-module

21 Commits
63bf19b85f ... 25.11

Author SHA1 Message Date
John Ogle
0ae4d84ca2 Simplify aerospace launchd config and remove menu bar hiding 
- Remove menu bar hiding code (no longer needed for SketchyBar)
- Use built-in programs.aerospace.launchd.enable instead of custom agent
- Remove redundant launchd.agents.aerospace configuration block
 2025-12-05 14:13:05 -08:00
John Ogle
7c877fde84 Remove mbedtls_2 workaround for dolphin packages 
Dolphin-emu and dolphin-emu-primehack now use maintained mbedtls version
3.6.5 instead of unmaintained mbedtls_2. No longer need to permit insecure
packages.

Verified both packages build successfully without the workaround.
 2025-12-04 21:22:49 -08:00
John Ogle
d53286e04c Re-enable packages after NixOS 25.11 upgrade 
Re-enable dolphin-emu-primehack now that binary build is fixed in 25.11.
Re-enable fluffychat as security issues have been resolved in nixpkgs 25.11.

Both packages verified to build and function correctly.
 2025-12-04 21:22:41 -08:00
John Ogle
445b0cd558 Add --unsupported-gpu flag to Sway for zix790prors compatibility 2025-12-04 16:30:55 -08:00
John Ogle
6d9686f14b Fix deprecated package names for NixOS 25.11 
- Remove amdvlk from boxy config (replaced by RADV, enabled by default)
- Rename vaapiVdpau to libva-vdpau-driver in wixos config
- Fixes nix flake check errors
 2025-12-04 16:21:43 -08:00
John Ogle
4164832eea Upgrade NixOS to 25.11 and fix Jovian module organization 
- Update flake inputs from 25.05 to 25.11 (nixpkgs, home-manager, nix-darwin)
- Remove Jovian compatibility shim that's no longer needed
- Move SteamOS configuration to only import in nix-deck machine
- Fixes jovian module not found error during nixos-rebuild
 2025-12-04 16:12:58 -08:00
John Ogle
ade60ba5ec Add macOS Ctrl keyboard shortcuts with terminal-aware overrides 
Implement Linux-style Ctrl shortcuts (Ctrl+C/V/X/Z for clipboard, Ctrl+N/T/W
for navigation, etc.) while preserving terminal behavior where Ctrl+C sends
SIGINT. Uses per-app NSUserKeyEquivalents to remap Ghostty back to Cmd for
clipboard operations.

Also consolidate aerospace configuration by moving spans-displays preference
from system-level module to home-manager role, allowing full aerospace
configuration to live in home-manager for better modularity.
 2025-12-03 10:30:39 -08:00
John Ogle
48fb7cdada Add SketchyBar integration to aerospace with bottom bar positioning 
Integrate SketchyBar status bar with aerospace window manager, providing
a native macOS status bar replacement with workspace indicators and system
monitoring. Key features:

- Add sketchybar.enable option to aerospace module
- Install sketchybar package and fonts conditionally
- Create main sketchybarrc with i3/sway color theme
- Position bar at bottom with 40px bottom gap
- Implement workspace indicators with dynamic visibility:
  - Hide empty workspaces
  - Show focused workspace with blue highlight
  - Show non-empty workspaces with inactive styling
  - Use centered icons with fixed 32px width
- Add system monitoring plugins: CPU, memory, disk, battery, volume, clock
- Integrate menu bar extras (Bluetooth, WiFi) as aliases
- Configure aerospace to trigger workspace change events
- Hide native macOS menu bar when SketchyBar enabled
- Set up launchd agent for auto-start
- Use SF Mono Regular 13.0 font matching waybar aesthetic
 2025-12-03 09:51:22 -08:00
John Ogle
2d8cfe75a0 Align aerospace keybindings with i3+sway and add resize mode 
- Enable programs.aerospace to ensure config generation
- Disable normalizations for pure i3-style tree management
- Update layout keybindings to match i3+sway:
  - cmd-w: accordion-horizontal (tabbed)
  - cmd-s: accordion-vertical (stacking)
  - cmd-e: tiles layout with orientation toggle
- Replace direct resize bindings with cmd-r resize mode
- Add resize mode with hjkl directional controls
 2025-12-02 16:07:12 -08:00
John Ogle
385fd798de Fix aerospace namespace conflict and claude-code override 
Rename custom aerospace module from services.aerospace to roles.aerospace
to avoid conflicting with nix-darwin's built-in aerospace service support.

Move claude-code package override to flake-level overlay to ensure the
GCS-distributed version is used instead of the npm registry version in
unstable. This is necessary for corporate environments where npm registry
access may be blocked.
 2025-12-02 15:16:55 -08:00
John Ogle
fe6558e0c1 Refactor: Extract platform-specific roles to base-linux and base-darwin 
Create base-linux and base-darwin modules to cleanly separate platform-
specific role imports from shared roles. This prevents importing modules
that require platform-specific home-manager modules (like plasma-manager
on NixOS) in environments where they don't exist (like nix-darwin).

- base-linux includes: plasma-manager, i3+sway
- base-darwin includes: aerospace
- roles/default.nix now only contains truly cross-platform roles

This architecture makes it immediately clear which roles are shared
versus platform-specific and makes it easy to add new platform-specific
roles in the future.
 2025-12-02 15:16:42 -08:00
John Ogle
b9c48f9dd1 Complete migration of home-manager modules to roles 
Migrate all remaining home-manager modules from home/modules/ to home/roles/
to establish a unified role-based configuration pattern. This completes the
migration started in Phase 1.

Changes:
- Phase 1-3: Migrated tmux, plasma-manager, kubectl, and emacs to roles
- Phase 4: Migrated aerospace with custom options under home.roles.aerospace.*
- Phase 5: Migrated i3+sway with shared config and override options
- Phase 6: Removed empty home/modules/ directory

All home configs now import only ./roles with role-based enable options.
Updated flake.nix machine-specific overrides to use new namespaces.

Verified with nix flake check - all configurations build successfully.
 2025-12-02 14:34:11 -08:00
John Ogle
34351403d1 Extract aerospace configuration into reusable modules 
Create both home-manager and nix-darwin modules for aerospace window
manager configuration, removing 110+ lines of duplicated config from
machine-specific files.

Changes:
- Add home/modules/aerospace module with configurable leader key
- Add modules/aerospace.nix for system-level macOS settings
- Include autoraise configuration in home module
- Update home-darwin-work.nix to use new modules
- Update johno-macbookpro configuration to use system module
- Remove inline aerospace/autoraise config and launchd agents
 2025-12-01 19:02:00 -08:00
John Ogle
12820ce9ff [aerospace] Disable macOS Spaces mutli-display 
This option is known to cause all sorts of issues with aerospace
apparently
 2025-12-01 18:18:56 -08:00
John Ogle
0f5eb2e572 [i3+sway] Add focus child binding 2025-12-01 17:39:33 -08:00
John Ogle
f356c91fdb [gaming] Remove heavy build packages 
dolphin-emu-primehack will be available as a pre-build in 25.11

retroarch-full -- in general I'm wondering of using steam>retroarch is a
better experience
 2025-11-29 11:30:10 -08:00
John Ogle
6b42612135 [gaming] Use recommended steam setup 
Updated to use programs.steam recommended from the NixOS wiki
 2025-11-29 11:29:43 -08:00
John Ogle
50a8c44d10 [launchers] Add launcher wrappers for compact env 
Adds a module to launch specific nixpkgs dynamically, such that they
won't be always included in the nix store
 2025-11-29 11:28:04 -08:00
John Ogle
7011fb27a5 Update workspace button background color in waybar 2025-11-26 17:20:55 -08:00
John Ogle
1ff8b81f44 Add environment-specific claude-code package distribution system 
Development environments now use standard nixpkgs claude-code by default.
Work environments override with custom binary distribution to bypass
corporate npm registry restrictions via Google Cloud Storage.
 2025-11-26 17:20:31 -08:00
John Ogle
55f13dfb08 Rename claude-cli package to claude-code for consistency with nixpkgs 2025-11-26 17:20:17 -08:00
37 changed files with 1424 additions and 770 deletions
Expand all files Collapse all files

66
flake.lock generated
View File

@@ -43,16 +43,16 @@
]
},
"locked": {
"lastModified": 1758463745,
"narHash": "sha256-uhzsV0Q0I9j2y/rfweWeGif5AWe0MGrgZ/3TjpDYdGA=",
"lastModified": 1764866045,
"narHash": "sha256-0GsEtXV9OquDQ1VclQfP16cU5VZh7NEVIOjSH4UaJuM=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "3b955f5f0a942f9f60cdc9cacb7844335d0f21c3",
"rev": "f63d0fe9d81d36e5fc95497217a72e02b8b7bcab",
"type": "github"
},
"original": {
"owner": "nix-community",
"ref": "release-25.05",
"ref": "release-25.11",
"repo": "home-manager",
"type": "github"
}
@@ -64,11 +64,11 @@
]
},
"locked": {
"lastModified": 1763416652,
"narHash": "sha256-8EBEEvtzQ11LCxpQHMNEBQAGtQiCu/pqP9zSovDSbNM=",
"lastModified": 1764872372,
"narHash": "sha256-uZuXRz9CzeCHsRbc2MQvKomwoX6GcFC5BUMEk3ouSFU=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "ea164b7c9ccdc2321379c2ff78fd4317b4c41312",
"rev": "05a56dbf24f195c62286e3273a2671d3b4904b00",
"type": "github"
},
"original": {
@@ -86,11 +86,11 @@
]
},
"locked": {
"lastModified": 1763223001,
"narHash": "sha256-Hi6XxTJJjKsDrO+D0fYXS88ehCYzQkZlp9qxX1zoM1s=",
"lastModified": 1764746434,
"narHash": "sha256-6ymFuw+Z1C90ezf8H0BP3c2JFZhJYwMq31px2StwWHU=",
"owner": "Jovian-Experiments",
"repo": "Jovian-NixOS",
"rev": "68a1bcc019378272e601558719f82005a80ddab0",
"rev": "b4c0b604148adacf119b89824ed26df8926ce42c",
"type": "github"
},
"original": {
@@ -106,16 +106,16 @@
]
},
"locked": {
"lastModified": 1762912391,
"narHash": "sha256-4hpBE7bGd24SfD28rzMdUGXsLsNEYxCCrTipFdoqoNM=",
"lastModified": 1764161084,
"narHash": "sha256-HN84sByg9FhJnojkGGDSrcjcbeioFWoNXfuyYfJ1kBE=",
"owner": "nix-darwin",
"repo": "nix-darwin",
"rev": "d76299b2cd01837c4c271a7b5186e3d5d8ebd126",
"rev": "e95de00a471d07435e0527ff4db092c84998698e",
"type": "github"
},
"original": {
"owner": "nix-darwin",
"ref": "nix-darwin-25.05",
"ref": "nix-darwin-25.11",
"repo": "nix-darwin",
"type": "github"
}
@@ -148,11 +148,11 @@
"nixpkgs": "nixpkgs"
},
"locked": {
"lastModified": 1763385941,
"narHash": "sha256-99CBNgyMvg3Zu/hxqixtShevrF4Kfr/qjtizQ6oseVI=",
"lastModified": 1764730608,
"narHash": "sha256-FxKIa3OCSRVC23qrk7VT68vExUcmSruJ8OobVlSWOxc=",
"owner": "nix-community",
"repo": "NixOS-WSL",
"rev": "cc6483354b236c2fc95cc1d4ba1f0f40b7345e69",
"rev": "10124c58674360765adcb38c9a8b081fb72904e4",
"type": "github"
},
"original": {
@@ -164,11 +164,11 @@
},
"nixpkgs": {
"locked": {
"lastModified": 1762977756,
"narHash": "sha256-4PqRErxfe+2toFJFgcRKZ0UI9NSIOJa+7RXVtBhy4KE=",
"lastModified": 1764517877,
"narHash": "sha256-pp3uT4hHijIC8JUK5MEqeAWmParJrgBVzHLNfJDZxg4=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "c5ae371f1a6a7fd27823bc500d9390b38c05fa55",
"rev": "2d293cbfa5a793b4c50d17c05ef9e385b90edf6c",
"type": "github"
},
"original": {
@@ -180,11 +180,11 @@
},
"nixpkgs-unstable": {
"locked": {
"lastModified": 1763283776,
"narHash": "sha256-Y7TDFPK4GlqrKrivOcsHG8xSGqQx3A6c+i7novT85Uk=",
"lastModified": 1764667669,
"narHash": "sha256-7WUCZfmqLAssbDqwg9cUDAXrSoXN79eEEq17qhTNM/Y=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "50a96edd8d0db6cc8db57dab6bb6d6ee1f3dc49a",
"rev": "418468ac9527e799809c900eda37cbff999199b6",
"type": "github"
},
"original": {
@@ -196,16 +196,16 @@
},
"nixpkgs_2": {
"locked": {
"lastModified": 1763049705,
"narHash": "sha256-A5LS0AJZ1yDPTa2fHxufZN++n8MCmtgrJDtxFxrH4S8=",
"lastModified": 1764677808,
"narHash": "sha256-H3lC7knbXOBrHI9hITQ7modLuX20mYJVhZORL5ioms0=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "3acb677ea67d4c6218f33de0db0955f116b7588c",
"rev": "1aab89277eb2d87823d5b69bae631a2496cff57a",
"type": "github"
},
"original": {
"owner": "nixos",
"ref": "nixos-25.05",
"ref": "nixos-25.11",
"repo": "nixpkgs",
"type": "github"
}
@@ -220,11 +220,11 @@
]
},
"locked": {
"lastModified": 1762784320,
"narHash": "sha256-odsk96Erywk5hs0dhArF38zb7Oe0q6LZ70gXbxAPKno=",
"lastModified": 1763909441,
"narHash": "sha256-56LwV51TX/FhgX+5LCG6akQ5KrOWuKgcJa+eUsRMxsc=",
"owner": "nix-community",
"repo": "plasma-manager",
"rev": "7911a0f8a44c7e8b29d031be3149ee8943144321",
"rev": "b24ed4b272256dfc1cc2291f89a9821d5f9e14b4",
"type": "github"
},
"original": {
@@ -243,11 +243,11 @@
]
},
"locked": {
"lastModified": 1762784320,
"narHash": "sha256-odsk96Erywk5hs0dhArF38zb7Oe0q6LZ70gXbxAPKno=",
"lastModified": 1763909441,
"narHash": "sha256-56LwV51TX/FhgX+5LCG6akQ5KrOWuKgcJa+eUsRMxsc=",
"owner": "nix-community",
"repo": "plasma-manager",
"rev": "7911a0f8a44c7e8b29d031be3149ee8943144321",
"rev": "b24ed4b272256dfc1cc2291f89a9821d5f9e14b4",
"type": "github"
},
"original": {

16
flake.nix
View File

@@ -2,17 +2,17 @@
description = "A very basic flake";
inputs = {
nixpkgs.url = "github:nixos/nixpkgs/nixos-25.05";
nixpkgs.url = "github:nixos/nixpkgs/nixos-25.11";
nixpkgs-unstable.url = "github:nixos/nixpkgs/nixos-unstable";
nixos-wsl.url = "github:nix-community/NixOS-WSL/main";
nix-darwin = {
url = "github:nix-darwin/nix-darwin/nix-darwin-25.05";
url = "github:nix-darwin/nix-darwin/nix-darwin-25.11";
inputs.nixpkgs.follows = "nixpkgs";
};
home-manager = {
url = "github:nix-community/home-manager/release-25.05";
url = "github:nix-community/home-manager/release-25.11";
inputs.nixpkgs.follows = "nixpkgs";
};
@@ -48,7 +48,6 @@
nixosModules = [
./roles
] ++ [
./roles/jovian-compat.nix
inputs.home-manager.nixosModules.home-manager
{
nixpkgs.overlays = [
@@ -110,6 +109,13 @@
unstable = import nixpkgs-unstable {
system = prev.system;
config.allowUnfree = true;
overlays = [
# Override claude-code in unstable to use our custom GCS-based build
# (needed for corporate networks that block npm registry)
(ufinal: uprev: {
claude-code = prev.custom.claude-code or (prev.callPackage ./packages {}).claude-code;
})
];
};
custom = prev.callPackage ./packages {};
# Compatibility: bitwarden renamed to bitwarden-desktop in unstable
@@ -133,7 +139,7 @@
home-manager.users.johno = {
imports = [ ./home/home-laptop-compact.nix ];
# Machine-specific overrides
home.i3_sway.extraSwayConfig = {
home.roles.i3_sway.extraSwayConfig = {
output.eDP-1.scale = "1.75";
};
};

141
home/home-darwin-work.nix
View File

@@ -1,8 +1,5 @@
{ config, lib, pkgs, globalInputs, system, ... }:
let
leader = "cmd"; # Change this to experiment with different leader keys (e.g., "cmd", "ctrl")
in
{
# Home Manager configuration for Darwin work laptop
# Corporate-friendly setup with essential development tools
@@ -13,40 +10,11 @@ in
# System packages
home.packages = with pkgs; [
autoraise
google-cloud-sdk
];
# Note: ghostty installed via Homebrew (managed outside of nix)
# Auto-start autoraise on login
launchd.agents.autoraise = {
enable = true;
config = {
ProgramArguments = [
"${pkgs.autoraise}/bin/AutoRaise"
"-pollMillis" "50"
"-delay" "2"
"-focusDelay" "2"
];
RunAtLoad = true;
KeepAlive = true;
};
};
# Auto-start aerospace on login
# NOTE: In 25.11+, this can be simplified to `programs.aerospace.launchd.enable = true`
launchd.agents.aerospace = {
enable = true;
config = {
Program = "${pkgs.aerospace}/Applications/AeroSpace.app/Contents/MacOS/AeroSpace";
RunAtLoad = true;
KeepAlive = true;
StandardOutPath = "/tmp/aerospace.log";
StandardErrorPath = "/tmp/aerospace.err.log";
};
};
# Override Darwin-incompatible settings from base role
programs.rbw.settings.pinentry = lib.mkForce pkgs.pinentry_mac;
@@ -128,111 +96,28 @@ in
home.shell.enableShellIntegration = true;
# TODO: Move this to its own role and/or module
programs.aerospace = {
enable = true;
userSettings.mode.main.binding = {
"${leader}-slash" = "layout tiles horizontal vertical";
"${leader}-comma" = "layout accordion horizontal vertical";
"${leader}-shift-q" = "close";
"${leader}-shift-f" = "fullscreen";
"${leader}-h" = "focus left";
"${leader}-j" = "focus down";
"${leader}-k" = "focus up";
"${leader}-l" = "focus right";
"${leader}-shift-h" = "move left";
"${leader}-shift-j" = "move down";
"${leader}-shift-k" = "move up";
"${leader}-shift-l" = "move right";
"${leader}-minus" = "resize smart -50";
"${leader}-equal" = "resize smart +50";
"${leader}-1" = "workspace 1";
"${leader}-2" = "workspace 2";
"${leader}-3" = "workspace 3";
"${leader}-4" = "workspace 4";
"${leader}-5" = "workspace 5";
"${leader}-6" = "workspace 6";
"${leader}-7" = "workspace 7";
"${leader}-8" = "workspace 8";
"${leader}-9" = "workspace 9";
"${leader}-0" = "workspace 10";
"${leader}-shift-1" = "move-node-to-workspace 1";
"${leader}-shift-2" = "move-node-to-workspace 2";
"${leader}-shift-3" = "move-node-to-workspace 3";
"${leader}-shift-4" = "move-node-to-workspace 4";
"${leader}-shift-5" = "move-node-to-workspace 5";
"${leader}-shift-6" = "move-node-to-workspace 6";
"${leader}-shift-7" = "move-node-to-workspace 7";
"${leader}-shift-8" = "move-node-to-workspace 8";
"${leader}-shift-9" = "move-node-to-workspace 9";
"${leader}-shift-0" = "move-node-to-workspace 10";
"${leader}-tab" = "workspace-back-and-forth";
"${leader}-shift-tab" = "move-workspace-to-monitor --wrap-around next";
"${leader}-enter" = ''
exec-and-forget osascript <<'APPLESCRIPT'
tell application "Ghostty"
activate
tell application "System Events"
keystroke "n" using {command down}
end tell
end tell
APPLESCRIPT
'';
"${leader}-shift-enter" = ''
exec-and-forget osascript <<'APPLESCRIPT'
tell application "Google Chrome"
set newWindow to make new window
activate
tell newWindow to set index to 1
end tell
APPLESCRIPT
'';
"${leader}-shift-e" = "exec-and-forget zsh --login -c \"emacsclient -c -n\"";
# Service mode: Deliberate aerospace window management
"${leader}-i" = "mode service";
# Passthrough mode: Temporarily disable aerospace to use macOS shortcuts
# Press Cmd-P, then use any macOS shortcut (like Cmd-K in Slack), then press Cmd-P again to exit
"${leader}-p" = "mode passthrough";
};
# Service mode: For deliberate aerospace window management operations
userSettings.mode.service.binding = {
esc = ["reload-config" "mode main"];
r = ["flatten-workspace-tree" "mode main"]; # reset layout
f = ["layout floating tiling" "mode main"]; # Toggle between floating and tiling layout
backspace = ["close-all-windows-but-current" "mode main"];
"${leader}-shift-h" = ["join-with left" "mode main"];
"${leader}-shift-j" = ["join-with down" "mode main"];
"${leader}-shift-k" = ["join-with up" "mode main"];
"${leader}-shift-l" = ["join-with right" "mode main"];
};
# Passthrough mode: All shortcuts pass through to macOS
# This mode has minimal bindings - just ways to exit back to main mode
userSettings.mode.passthrough.binding = {
esc = "mode main";
"${leader}-p" = "mode main"; # Toggle back with same key (Cmd-P)
};
};
home.roles = {
base.enable = true;
development = {
enable = true;
allowArbitraryClaudeCodeModelSelection = true;
};
tmux.enable = true;
emacs.enable = true;
aerospace = {
enable = true;
leader = "cmd";
ctrlShortcuts.enable = true;
sketchybar.enable = true;
# Optional: Add per-machine userSettings overrides
# userSettings = {
# mode.main.binding."${leader}-custom" = "custom-command";
# };
};
};
imports = [
./roles
./modules/emacs
./modules/kubectl
./modules/tmux
./roles/base-darwin
];
}

10
home/home-desktop.nix
View File

@@ -17,6 +17,10 @@
sync.enable = true;
kdeconnect.enable = true;
kubectl.enable = true;
tmux.enable = true;
plasma-manager.enable = true;
emacs.enable = true;
i3_sway.enable = true;
};
targets.genericLinux.enable = true;
@@ -25,10 +29,6 @@
imports = [
./roles
./modules/emacs
./modules/i3+sway
./modules/kubectl
./modules/plasma-manager
./modules/tmux
./roles/base-linux
];
}

19
home/home-laptop-compact.nix
View File

@@ -18,7 +18,18 @@
media.enable = true;
sync.enable = true;
kubectl.enable = true;
# office.enable = false; # Excluded for storage constraints
tmux.enable = true;
plasma-manager.enable = true;
emacs.enable = true;
i3_sway.enable = true;
# Launcher wrappers for excluded/optional packages
launchers = {
enable = true;
packages = [
"libreoffice"
];
};
};
targets.genericLinux.enable = true;
@@ -27,10 +38,6 @@
imports = [
./roles
./modules/emacs
./modules/i3+sway
./modules/kubectl
./modules/plasma-manager
./modules/tmux
./roles/base-linux
];
}

12
home/home-live-usb.nix
View File

@@ -12,8 +12,12 @@
home.roles = {
base.enable = true;
desktop.enable = true;
tmux.enable = true;
plasma-manager.enable = true;
emacs.enable = true;
i3_sway.enable = true;
# development.enable = false; # Not needed for live USB
# communication.enable = false; # Not needed for live USB
# communication.enable = false; # Not needed for live USB
# office.enable = false; # Not needed for live USB
# media.enable = false; # Not needed for live USB
# sync.enable = false; # No persistent sync on live USB
@@ -26,11 +30,7 @@
imports = [
./roles
./modules/emacs
./modules/i3+sway
./modules/kubectl
./modules/plasma-manager
./modules/tmux
./roles/base-linux
];
# Live USB specific overrides can go here if needed

10
home/home-media-center.nix
View File

@@ -16,6 +16,10 @@
communication.enable = true;
kdeconnect.enable = true;
development.enable = true;
tmux.enable = true;
plasma-manager.enable = true;
emacs.enable = true;
i3_sway.enable = true;
# office.enable = false; # Not needed for media center
# sync.enable = false; # Shared machine, no personal file sync
};
@@ -26,11 +30,7 @@
imports = [
./roles
./modules/emacs
./modules/i3+sway
./modules/kubectl
./modules/plasma-manager
./modules/tmux
./roles/base-linux
];
# Media center specific overrides can go here if needed

249
home/modules/kubectl/default.nix
View File

@@ -1,249 +0,0 @@
{ config, lib, pkgs, ... }:
with lib;
let
cfg = config.programs.kubectl-secure;
in
{
options.programs.kubectl-secure = {
enable = mkEnableOption "secure kubectl configuration with Bitwarden integration";
};
config = mkIf cfg.enable {
home.packages = with pkgs; [
kubectl
kubernetes-helm
];
programs.k9s.enable = true;
programs.bash.initExtra = mkAfter ''
# Kubectl secure session management
export KUBECTL_SESSION_DIR="/dev/shm/kubectl-$$"
kube-select() {
if [[ $# -ne 1 ]]; then
echo "Usage: kube-select <context-name>"
echo "Available contexts: $(kube-list)"
return 1
fi
local context="$1"
# Clean up any existing session first
kube-clear 2>/dev/null
# Create new session directory
mkdir -p "$KUBECTL_SESSION_DIR"
chmod 700 "$KUBECTL_SESSION_DIR"
# Set cleanup trap for this shell session
trap "rm -rf '$KUBECTL_SESSION_DIR' 2>/dev/null" EXIT
# Set KUBECONFIG for this session
export KUBECONFIG="$KUBECTL_SESSION_DIR/config"
# Load config from Bitwarden secure notes
if ! rbw get "kubectl-$context" > "$KUBECONFIG" 2>/dev/null; then
echo "Error: Could not retrieve kubectl-$context from Bitwarden"
echo "Make sure the entry exists with name: kubectl-$context"
kube-clear
return 1
fi
# Verify the kubeconfig is valid
if ! kubectl config view >/dev/null 2>&1; then
echo "Error: Invalid kubeconfig retrieved from Bitwarden"
kube-clear
return 1
fi
echo " Loaded kubectl context: $context (session: $$)"
echo " Config location: $KUBECONFIG"
}
kube-list() {
echo "Available kubectl contexts in Bitwarden:"
rbw search kubectl- 2>/dev/null | grep "^kubectl-" | sed 's/^kubectl-/ - /' || echo " (none found or rbw not accessible)"
}
kube-clear() {
if [[ -n "$KUBECTL_TIMEOUT_PID" ]]; then
kill "$KUBECTL_TIMEOUT_PID" 2>/dev/null
unset KUBECTL_TIMEOUT_PID
fi
if [[ -d "$KUBECTL_SESSION_DIR" ]]; then
rm -rf "$KUBECTL_SESSION_DIR"
echo "Cleared kubectl session ($$)"
fi
unset KUBECONFIG
}
kube-status() {
if [[ -f "$KUBECONFIG" ]]; then
local current_context
current_context=$(kubectl config current-context 2>/dev/null)
if [[ -n "$current_context" ]]; then
echo "Active kubectl context: $current_context"
echo "Session: $$ | Config: $KUBECONFIG"
# Show cluster info
local cluster_server
cluster_server=$(kubectl config view --minify -o jsonpath='{.clusters[0].cluster.server}' 2>/dev/null)
if [[ -n "$cluster_server" ]]; then
echo "Cluster: $cluster_server"
fi
else
echo "No active context in current session"
fi
else
echo "No kubectl session active in this shell"
echo "Use 'kube-select <context>' to start a session"
fi
}
# Helper function to show available commands
kube-help() {
echo "Secure kubectl session management commands:"
echo ""
echo "Session management:"
echo " kube-select <context> - Load kubeconfig from Bitwarden"
echo " kube-status - Show current session status"
echo " kube-clear - Clear current session"
echo ""
echo "Configuration management:"
echo " kube-list - List available contexts in Bitwarden"
echo ""
echo "Help:"
echo " kube-help - Show this help"
echo ""
echo "Examples:"
echo " kube-select prod # Loads from secure note"
echo " kubectl get pods"
echo " kube-clear"
echo ""
echo "Note: Kubeconfigs are stored as secure notes in Bitwarden"
}
'';
programs.zsh.initExtra = mkAfter ''
# Kubectl secure session management (zsh)
export KUBECTL_SESSION_DIR="/dev/shm/kubectl-$$"
kube-select() {
if [[ $# -ne 1 ]]; then
echo "Usage: kube-select <context-name>"
echo "Available contexts: $(kube-list)"
return 1
fi
local context="$1"
# Clean up any existing session first
kube-clear 2>/dev/null
# Create new session directory
mkdir -p "$KUBECTL_SESSION_DIR"
chmod 700 "$KUBECTL_SESSION_DIR"
# Set cleanup trap for this shell session
trap "rm -rf '$KUBECTL_SESSION_DIR' 2>/dev/null" EXIT
# Set KUBECONFIG for this session
export KUBECONFIG="$KUBECTL_SESSION_DIR/config"
# Load config from Bitwarden secure notes
if ! rbw get "kubectl-$context" > "$KUBECONFIG" 2>/dev/null; then
echo "Error: Could not retrieve kubectl-$context from Bitwarden"
echo "Make sure the entry exists with name: kubectl-$context"
kube-clear
return 1
fi
# Verify the kubeconfig is valid
if ! kubectl config view >/dev/null 2>&1; then
echo "Error: Invalid kubeconfig retrieved from Bitwarden"
kube-clear
return 1
fi
echo " Loaded kubectl context: $context (session: $$)"
echo " Config location: $KUBECONFIG"
# Optional: Set timeout cleanup
if [[ ${toString cfg.sessionTimeout} -gt 0 ]]; then
(sleep ${toString cfg.sessionTimeout}; kube-clear 2>/dev/null) &
export KUBECTL_TIMEOUT_PID=$!
fi
}
kube-list() {
echo "Available kubectl contexts in Bitwarden:"
rbw search kubectl- 2>/dev/null | grep "^kubectl-" | sed 's/^kubectl-/ - /' || echo " (none found or rbw not accessible)"
}
kube-clear() {
if [[ -n "$KUBECTL_TIMEOUT_PID" ]]; then
kill "$KUBECTL_TIMEOUT_PID" 2>/dev/null
unset KUBECTL_TIMEOUT_PID
fi
if [[ -d "$KUBECTL_SESSION_DIR" ]]; then
rm -rf "$KUBECTL_SESSION_DIR"
echo "Cleared kubectl session ($$)"
fi
unset KUBECONFIG
}
kube-status() {
if [[ -f "$KUBECONFIG" ]]; then
local current_context
current_context=$(kubectl config current-context 2>/dev/null)
if [[ -n "$current_context" ]]; then
echo "Active kubectl context: $current_context"
echo "Session: $$ | Config: $KUBECONFIG"
# Show cluster info
local cluster_server
cluster_server=$(kubectl config view --minify -o jsonpath='{.clusters[0].cluster.server}' 2>/dev/null)
if [[ -n "$cluster_server" ]]; then
echo "Cluster: $cluster_server"
fi
else
echo "No active context in current session"
fi
else
echo "No kubectl session active in this shell"
echo "Use 'kube-select <context>' to start a session"
fi
}
# Helper function to show available commands
kube-help() {
echo "Secure kubectl session management commands:"
echo ""
echo "Session management:"
echo " kube-select <context> - Load kubeconfig from Bitwarden"
echo " kube-status - Show current session status"
echo " kube-clear - Clear current session"
echo ""
echo "Configuration management:"
echo " kube-list - List available contexts in Bitwarden"
echo ""
echo "Help:"
echo " kube-help - Show this help"
echo ""
echo "Examples:"
echo " kube-select prod # Loads from secure note"
echo " kubectl get pods"
echo " kube-clear"
echo ""
echo "Note: Kubeconfigs are stored as secure notes in Bitwarden"
}
'';
};
}

178
home/modules/plasma-manager/default.nix
View File

@@ -1,178 +0,0 @@
{ config, lib, pkgs, ... }:
# The current KDE config can be output with the command:
# nix run github:nix-community/plasma-manager
#
# Plasma-manager options documentation
# https://nix-community.github.io/plasma-manager/options.xhtml
#
# TODO: (ambitious) Add Kmail support to plasma-manager
{
programs.plasma = {
enable = true;
overrideConfig = true;
hotkeys.commands."launch-ghostty" = {
name = "Launch Ghostty";
key = "Meta+Return";
command = "ghostty";
};
shortcuts = {
kmix = {
"decrease_microphone_volume" = "Microphone Volume Down";
"decrease_volume" = "Volume Down";
"decrease_volume_small" = "Shift+Volume Down";
"increase_microphone_volume" = "Microphone Volume Up";
"increase_volume" = "Volume Up";
"increase_volume_small" = "Shift+Volume Up";
"mic_mute" = ["Microphone Mute" "Meta+Volume Mute,Microphone Mute" "Meta+Volume Mute,Mute Microphone"];
"mute" = "Volume Mute";
};
mediacontrol = {
"mediavolumedown" = "none,,Media volume down";
"mediavolumeup" = "none,,Media volume up";
"nextmedia" = "Media Next";
"pausemedia" = "Media Pause";
"playmedia" = "none,,Play media playback";
"playpausemedia" = "Media Play";
"previousmedia" = "Media Previous";
"stopmedia" = "Media Stop";
};
ksmserver = {
"Lock Session" = ["Meta+Ctrl+Q" "Screensaver" "Screensaver,Lock Session"];
};
kwin = {
"Window Close" = "Meta+Shift+Q";
"Kill Window" = "Meta+Ctrl+Esc";
"Window Operations Menu" = "Alt+F3";
"Window Resize" = "Meta+R,,Resize Window";
"Overview" = "Meta+Ctrl+W";
"Grid View" = "Meta+G";
"Edit Tiles" = "Meta+T";
"Activate Window Demanding Attention" = "Meta+Ctrl+A";
"Show Desktop" = "Meta+Ctrl+D";
"Walk Through Windows" = "Alt+Tab";
"Walk Through Windows (Reverse)" = "Alt+Shift+Tab";
"Walk Through Windows of Current Application" = "Alt+`";
"Walk Through Windows of Current Application (Reverse)" = "Alt+~";
"Window Quick Tile Bottom" = "Meta+Down";
"Window Quick Tile Left" = "Meta+Left";
"Window Quick Tile Right" = "Meta+Right";
"Window Quick Tile Top" = "Meta+Up";
"Switch to Desktop 1" = "Meta+1";
"Switch to Desktop 2" = "Meta+2";
"Switch to Desktop 3" = "Meta+3";
"Switch to Desktop 4" = "Meta+4";
"Switch to Desktop 5" = "Meta+5";
"Switch to Desktop 6" = "Meta+6";
"Switch to Desktop 7" = "Meta+7";
"Switch to Desktop 8" = "Meta+8";
"Switch to Desktop 9" = "Meta+9";
"Switch to Desktop 10" = "Meta+0";
"Window to Desktop 1" = "Meta+!"; # Meta+Shift+1
"Window to Desktop 2" = "Meta+@"; # Meta+Shift+2
"Window to Desktop 3" = "Meta+#"; # Meta+Shift+3
"Window to Desktop 4" = "Meta+$"; # Meta+Shift+4
"Window to Desktop 5" = "Meta+%"; # Meta+Shift+5
"Window to Desktop 6" = "Meta+^"; # Meta+Shift+6
"Window to Desktop 7" = "Meta+&"; # Meta+Shift+7
"Window to Desktop 8" = "Meta+*"; # Meta+Shift+8
"Window to Desktop 9" = "Meta+("; # Meta+Shift+9
"Window to Desktop 10" = "Meta+)"; # Meta+Shift+0
"view_actual_size" = "Meta+Ctrl+=";
"view_zoom_in" = ["Meta++" "Meta+=,Meta++" "Meta+=,Zoom In"];
"view_zoom_out" = "Meta+-";
};
"org_kde_powerdevil"."Decrease Keyboard Brightness" = "Keyboard Brightness Down";
"org_kde_powerdevil"."Decrease Screen Brightness" = "Monitor Brightness Down";
"org_kde_powerdevil"."Decrease Screen Brightness Small" = "Shift+Monitor Brightness Down";
"org_kde_powerdevil"."Hibernate" = "Hibernate";
"org_kde_powerdevil"."Increase Keyboard Brightness" = "Keyboard Brightness Up";
"org_kde_powerdevil"."Increase Screen Brightness" = "Monitor Brightness Up";
"org_kde_powerdevil"."Increase Screen Brightness Small" = "Shift+Monitor Brightness Up";
"org_kde_powerdevil"."PowerDown" = "Power Down";
"org_kde_powerdevil"."PowerOff" = "Power Off";
"org_kde_powerdevil"."Sleep" = "Sleep";
"org_kde_powerdevil"."Toggle Keyboard Backlight" = "Keyboard Light On/Off";
"org_kde_powerdevil"."Turn Off Screen" = [ ];
"org_kde_powerdevil"."powerProfile" = ["Battery" "Meta+B,Battery" "Meta+B,Switch Power Profile"];
plasmashell = {
"activate application launcher" = ["Meta" "Alt+F1,Meta" "Alt+F1,Activate Application Launcher"];
"activate task manager entry 1" = "none,,";
"activate task manager entry 2" = "none,,";
"activate task manager entry 3" = "none,,";
"activate task manager entry 4" = "none,,";
"activate task manager entry 5" = "none,,";
"activate task manager entry 6" = "none,,";
"activate task manager entry 7" = "none,,";
"activate task manager entry 8" = "none,,";
"activate task manager entry 9" = "none,,";
"activate task manager entry 10" = "none,,";
"show activity switcher" = "none,,";
};
};
configFile = {
kwinrc.Desktops.Number = {
value = 10;
immutable = true;
};
# Enable KWin tiling features
kwinrc.Tiling = {
# Enable tiling functionality
"padding" = 4;
};
# Enable krohnkite plugin automatically
kwinrc.Plugins = {
krohnkiteEnabled = true;
};
kwinrc.Effect-overview = {
# Configure overview effect for better tiling workflow
BorderActivate = 9; # Top-left corner activation
};
kcminputrc.Libinput = {
AccelerationProfile = "adaptive";
PointerAcceleration = 0.5;
};
kcminputrc.Mouse = {
X11LibInputXAccelProfileFlat = false;
XLbInptAccelProfileFlat = false;
};
kdeglobals.KDE.LookAndFeelPackage = "org.kde.breezedark.desktop";
# Focus follows mouse configuration
kwinrc.Windows = {
FocusPolicy = "FocusFollowsMouse";
AutoRaise = true; # Set to true if you want windows to auto-raise on focus
AutoRaiseInterval = 750; # Delay in ms before auto-raise (if enabled)
DelayFocusInterval = 0; # Delay in ms before focus follows mouse
};
# Desktop wallpaper configuration
plasma-localerc.Formats.LANG = "en_US.UTF-8";
# Set wallpaper for all desktops
plasmarc.Wallpapers.usersWallpapers = "${../../wallpapers/metroid-samus-returns-kz-3440x1440.jpg}";
};
};
}

52
home/modules/tmux/default.nix
View File

@@ -1,52 +0,0 @@
{ config, lib, pkgs, ... }:
let
tokyo-night = pkgs.tmuxPlugins.mkTmuxPlugin {
pluginName = "tokyo-night";
rtpFilePath = "tokyo-night.tmux";
version = "1.6.1";
src = pkgs.fetchFromGitHub {
owner = "janoamaral";
repo = "tokyo-night-tmux";
rev = "d610ced20d5f602a7995854931440e4a1e0ab780";
sha256 = "sha256-17vEgkL7C51p/l5gpT9dkOy0bY9n8l0/LV51mR1k+V8=";
};
};
in
{
programs.tmux.enable = true;
programs.tmux.terminal = "tmux-direct";
programs.tmux.keyMode = "vi";
programs.tmux.escapeTime = 0;
programs.tmux.mouse = true;
programs.tmux.newSession = true;
programs.tmux.historyLimit = 50000;
programs.tmux.clock24 = true;
programs.tmux.baseIndex = 1;
programs.tmux.prefix = "M-\\\\";
programs.tmux.plugins = with pkgs; [
tmuxPlugins.cpu
tmuxPlugins.battery
tmuxPlugins.better-mouse-mode
tmuxPlugins.net-speed
tmuxPlugins.online-status
tmuxPlugins.pain-control
tmuxPlugins.tilish
tmuxPlugins.yank
{
plugin = tmuxPlugins.resurrect;
extraConfig = "set -g @resurrect-strategy-nvim 'session'";
}
{
plugin = tmuxPlugins.continuum;
extraConfig = ''
set -g @continuum-restore 'on'
set -g @continuum-save-interval '15' # minutes
'';
}
tokyo-night
];
}

716
home/roles/aerospace/default.nix Normal file
View File

@@ -0,0 +1,716 @@
{ config, lib, pkgs, ... }:
with lib;
let
cfg = config.home.roles.aerospace;
in
{
options.home.roles.aerospace = {
enable = mkEnableOption "AeroSpace tiling window manager for macOS";
leader = mkOption {
type = types.str;
default = "cmd";
description = "Leader key for aerospace shortcuts (e.g., 'cmd', 'ctrl', 'alt')";
example = "ctrl";
};
launchd.enable = mkOption {
type = types.bool;
default = true;
description = "Whether to enable launchd agent for auto-starting aerospace";
};
userSettings = mkOption {
type = types.attrs;
default = {};
description = ''
Additional aerospace configuration settings to merge with defaults.
Use this to override or extend the default configuration on a per-machine basis.
'';
example = literalExpression ''
{
mode.main.binding."''${leader}-custom" = "custom-command";
}
'';
};
autoraise = {
enable = mkOption {
type = types.bool;
default = true;
description = "Whether to enable autoraise (auto-focus window on hover)";
};
pollMillis = mkOption {
type = types.int;
default = 50;
description = "Polling interval in milliseconds";
};
delay = mkOption {
type = types.int;
default = 2;
description = "Delay before raising window";
};
focusDelay = mkOption {
type = types.int;
default = 2;
description = "Delay before focusing window";
};
};
enableSpansDisplays = mkOption {
type = types.bool;
default = true;
description = ''
Configure macOS Spaces to span displays (required for aerospace multi-monitor support).
Sets com.apple.spaces.spans-displays to true.
NOTE: This was previously set at the system level in modules/aerospace.nix,
but has been moved to home-manager for better modularity.
'';
};
ctrlShortcuts = {
enable = mkOption {
type = types.bool;
default = false;
description = ''
Remap common macOS Cmd shortcuts to Ctrl equivalents for all operations.
This makes macOS behave more like Linux.
Shortcuts remapped globally:
- Ctrl+N: New Window
- Ctrl+T: New Tab
- Ctrl+W: Close Tab
- Ctrl+S: Save / Save As
- Ctrl+O: Open
- Ctrl+F: Find
- Ctrl+H: Find and Replace
- Ctrl+P: Print
- Ctrl+C/V/X: Copy/Paste/Cut
- Ctrl+Z: Undo
NOTE: Terminal emulators like Ghostty require per-app overrides (configured separately)
to preserve Ctrl+C as SIGINT instead of Copy.
'';
};
};
sketchybar = {
enable = mkOption {
type = types.bool;
default = false;
description = "Whether to enable SketchyBar status bar";
};
};
};
config = mkIf cfg.enable {
# Only apply on Darwin systems
assertions = [
{
assertion = pkgs.stdenv.isDarwin;
message = "Aerospace role is only supported on macOS (Darwin) systems";
}
];
# Configure macOS preferences via targets.darwin.defaults
targets.darwin.defaults = mkMerge [
# Spaces span displays (required for multi-monitor aerospace)
(mkIf cfg.enableSpansDisplays {
"com.apple.spaces" = {
spans-displays = true;
};
})
# Ctrl shortcuts to make macOS behave more like Linux
(mkIf cfg.ctrlShortcuts.enable {
NSGlobalDomain.NSUserKeyEquivalents = {
# Window/Tab operations
"New Window" = "^n";
"New Tab" = "^t";
"Close Tab" = "^w";
# File operations
"Save" = "^s";
"Save As" = "^$s"; # Ctrl+Shift+S
"Open" = "^o";
"Open" = "^o";
# Find operations
"Find" = "^f";
"Find" = "^f";
"Find and Replace" = "^h";
"Find and Replace" = "^h";
# Print
"Print" = "^p";
"Print" = "^p";
# Clipboard operations
"Copy" = "^c";
"Paste" = "^v";
"Cut" = "^x";
# Undo/Redo
"Undo" = "^z";
"Redo" = "^$z"; # Ctrl+Shift+Z
};
})
# Ghostty-specific overrides to preserve terminal behavior
# Remap clipboard operations back to Cmd (macOS default) so Ctrl+C remains SIGINT
(mkIf cfg.ctrlShortcuts.enable {
"com.mitchellh.ghostty".NSUserKeyEquivalents = {
# Remap back to Cmd for clipboard operations
"Copy" = "@c"; # Cmd+C
"Paste" = "@v"; # Cmd+V
"Cut" = "@x"; # Cmd+X
"Undo" = "@z"; # Cmd+Z
"Redo" = "@$z"; # Cmd+Shift+Z
};
})
];
# Install aerospace package and optional tools if enabled
home.packages = [ pkgs.aerospace ]
++ optionals cfg.autoraise.enable [ pkgs.autoraise ]
++ optionals cfg.sketchybar.enable [ pkgs.sketchybar pkgs.sketchybar-app-font ];
# Enable and configure aerospace
programs.aerospace.enable = true;
programs.aerospace.launchd.enable = cfg.launchd.enable;
programs.aerospace.userSettings = mkMerge [
# Default configuration with leader key substitution
{
# Disable normalizations for i3-like behavior
enable-normalization-flatten-containers = false;
enable-normalization-opposite-orientation-for-nested-containers = false;
mode.main.binding = {
"${cfg.leader}-w" = "layout accordion horizontal"; # tabbed
"${cfg.leader}-s" = "layout accordion vertical"; # stacking
"${cfg.leader}-e" = "layout tiles horizontal vertical"; # tiles, toggles orientation
"${cfg.leader}-shift-q" = "close";
"${cfg.leader}-shift-f" = "fullscreen";
"${cfg.leader}-h" = "focus left";
"${cfg.leader}-j" = "focus down";
"${cfg.leader}-k" = "focus up";
"${cfg.leader}-l" = "focus right";
"${cfg.leader}-shift-h" = "move left";
"${cfg.leader}-shift-j" = "move down";
"${cfg.leader}-shift-k" = "move up";
"${cfg.leader}-shift-l" = "move right";
"${cfg.leader}-r" = "mode resize";
"${cfg.leader}-1" = "workspace 1";
"${cfg.leader}-2" = "workspace 2";
"${cfg.leader}-3" = "workspace 3";
"${cfg.leader}-4" = "workspace 4";
"${cfg.leader}-5" = "workspace 5";
"${cfg.leader}-6" = "workspace 6";
"${cfg.leader}-7" = "workspace 7";
"${cfg.leader}-8" = "workspace 8";
"${cfg.leader}-9" = "workspace 9";
"${cfg.leader}-0" = "workspace 10";
"${cfg.leader}-shift-1" = "move-node-to-workspace 1";
"${cfg.leader}-shift-2" = "move-node-to-workspace 2";
"${cfg.leader}-shift-3" = "move-node-to-workspace 3";
"${cfg.leader}-shift-4" = "move-node-to-workspace 4";
"${cfg.leader}-shift-5" = "move-node-to-workspace 5";
"${cfg.leader}-shift-6" = "move-node-to-workspace 6";
"${cfg.leader}-shift-7" = "move-node-to-workspace 7";
"${cfg.leader}-shift-8" = "move-node-to-workspace 8";
"${cfg.leader}-shift-9" = "move-node-to-workspace 9";
"${cfg.leader}-shift-0" = "move-node-to-workspace 10";
"${cfg.leader}-tab" = "workspace-back-and-forth";
"${cfg.leader}-shift-tab" = "move-workspace-to-monitor --wrap-around next";
"${cfg.leader}-enter" = ''
exec-and-forget osascript <<'APPLESCRIPT'
tell application "Ghostty"
activate
tell application "System Events"
keystroke "n" using {command down}
end tell
end tell
APPLESCRIPT
'';
"${cfg.leader}-shift-enter" = ''
exec-and-forget osascript <<'APPLESCRIPT'
tell application "Google Chrome"
set newWindow to make new window
activate
tell newWindow to set index to 1
end tell
APPLESCRIPT
'';
"${cfg.leader}-shift-e" = "exec-and-forget zsh --login -c \"emacsclient -c -n\"";
# Service mode: Deliberate aerospace window management
"${cfg.leader}-i" = "mode service";
# Passthrough mode: Temporarily disable aerospace to use macOS shortcuts
"${cfg.leader}-p" = "mode passthrough";
};
# Resize mode: For window resizing operations
mode.resize.binding = {
h = "resize width -50";
j = "resize height +50";
k = "resize height -50";
l = "resize width +50";
minus = "resize smart -50";
equal = "resize smart +50";
esc = "mode main";
enter = "mode main";
};
# Service mode: For deliberate aerospace window management operations
mode.service.binding = {
esc = ["reload-config" "mode main"];
r = ["flatten-workspace-tree" "mode main"]; # reset layout
f = ["layout floating tiling" "mode main"]; # Toggle between floating and tiling layout
backspace = ["close-all-windows-but-current" "mode main"];
"${cfg.leader}-shift-h" = ["join-with left" "mode main"];
"${cfg.leader}-shift-j" = ["join-with down" "mode main"];
"${cfg.leader}-shift-k" = ["join-with up" "mode main"];
"${cfg.leader}-shift-l" = ["join-with right" "mode main"];
};
# Passthrough mode: All shortcuts pass through to macOS
mode.passthrough.binding = {
esc = "mode main";
"${cfg.leader}-p" = "mode main";
};
# SketchyBar integration - notify bar of workspace changes
exec-on-workspace-change = mkIf cfg.sketchybar.enable [
"/bin/bash" "-c"
"${pkgs.sketchybar}/bin/sketchybar --trigger aerospace_workspace_change FOCUSED=$AEROSPACE_FOCUSED_WORKSPACE PREV=$AEROSPACE_PREV_WORKSPACE"
];
}
# Gaps configuration - prevent windows from overlapping SketchyBar
(mkIf cfg.sketchybar.enable {
gaps = {
outer = {
top = 0;
bottom = 40;
left = 0;
right = 0;
};
};
})
cfg.userSettings
];
# Launchd agent for autoraise
launchd.agents.autoraise = mkIf cfg.autoraise.enable {
enable = true;
config = {
ProgramArguments = [
"${pkgs.autoraise}/bin/AutoRaise"
"-pollMillis" (toString cfg.autoraise.pollMillis)
"-delay" (toString cfg.autoraise.delay)
"-focusDelay" (toString cfg.autoraise.focusDelay)
];
RunAtLoad = true;
KeepAlive = true;
};
};
# SketchyBar configuration
home.file.".config/sketchybar/sketchybarrc" = mkIf cfg.sketchybar.enable {
executable = true;
onChange = "${pkgs.sketchybar}/bin/sketchybar --reload";
text = ''
#!/bin/bash
# Plugin directory
PLUGIN_DIR="$HOME/.config/sketchybar/plugins"
# Colors - i3/sway theme with exact color matching
# Focused window/workspace color from i3/sway
FOCUSED=0xff285577
# Background colors matching i3blocks bar
BAR_BG=0xcc000000 # Semi-transparent black
ITEM_BG=0xff333333 # Dark gray for inactive items
# Text colors
TEXT=0xffffffff # White text
GRAY=0xff888888 # Muted text for inactive items
# Accent colors for warnings
WARNING=0xffff9900
CRITICAL=0xff900000
# Configure the bar appearance
${pkgs.sketchybar}/bin/sketchybar --bar \
position=bottom \
height=32 \
color=$BAR_BG \
border_width=0 \
corner_radius=0 \
padding_left=10 \
padding_right=10
# Set default properties for all items
# Using monospace font to match waybar's Fira Code styling
${pkgs.sketchybar}/bin/sketchybar --default \
updates=when_shown \
icon.font="SF Mono:Regular:13.0" \
icon.color=$TEXT \
icon.padding_left=4 \
icon.padding_right=4 \
label.font="SF Mono:Regular:13.0" \
label.color=$TEXT \
label.padding_left=4 \
label.padding_right=4 \
padding_left=4 \
padding_right=4 \
background.corner_radius=5 \
background.height=24
# Register aerospace workspace change event
${pkgs.sketchybar}/bin/sketchybar --add event aerospace_workspace_change
# Create workspace indicators for workspaces 1-10
for sid in 1 2 3 4 5 6 7 8 9 10; do
# Display "0" for workspace 10
if [ "$sid" = "10" ]; then
display="0"
else
display="$sid"
fi
${pkgs.sketchybar}/bin/sketchybar --add item space.$sid left \
--subscribe space.$sid aerospace_workspace_change \
--set space.$sid \
update_freq=2 \
width=32 \
background.color=$ITEM_BG \
background.corner_radius=5 \
background.height=20 \
background.drawing=on \
icon="$display" \
icon.padding_left=13 \
icon.padding_right=11 \
icon.align=center \
label.drawing=off \
click_script="${pkgs.aerospace}/bin/aerospace workspace $sid" \
script="$PLUGIN_DIR/aerospace.sh $sid"
done
# Separator after workspaces
${pkgs.sketchybar}/bin/sketchybar --add item separator_left left \
--set separator_left \
icon="" \
label="" \
background.drawing=off \
padding_left=10 \
padding_right=10
# System monitoring modules (right side)
# Note: Items added to 'right' appear in reverse order (last added = leftmost)
# Adding in reverse to get: disk | cpu | memory | battery | volume | calendar
${pkgs.sketchybar}/bin/sketchybar --add item calendar right \
--set calendar \
icon="📅" \
update_freq=30 \
background.color=$ITEM_BG \
background.drawing=on \
script="$PLUGIN_DIR/calendar.sh"
${pkgs.sketchybar}/bin/sketchybar --add item separator_media right \
--set separator_media \
icon="|" \
label="" \
background.drawing=off \
padding_left=5 \
padding_right=5
${pkgs.sketchybar}/bin/sketchybar --add item volume right \
--set volume \
background.color=$ITEM_BG \
background.drawing=on \
script="$PLUGIN_DIR/volume.sh" \
--subscribe volume volume_change
${pkgs.sketchybar}/bin/sketchybar --add item battery right \
--set battery \
update_freq=120 \
background.color=$ITEM_BG \
background.drawing=on \
script="$PLUGIN_DIR/battery.sh" \
--subscribe battery system_woke power_source_change
${pkgs.sketchybar}/bin/sketchybar --add item separator_sys right \
--set separator_sys \
icon="|" \
label="" \
background.drawing=off \
padding_left=5 \
padding_right=5
${pkgs.sketchybar}/bin/sketchybar --add item memory right \
--set memory \
update_freq=5 \
icon="🐏" \
background.color=$ITEM_BG \
background.drawing=on \
script="$PLUGIN_DIR/memory.sh"
${pkgs.sketchybar}/bin/sketchybar --add item cpu right \
--set cpu \
update_freq=2 \
icon="🧠" \
background.color=$ITEM_BG \
background.drawing=on \
script="$PLUGIN_DIR/cpu.sh"
${pkgs.sketchybar}/bin/sketchybar --add item disk right \
--set disk \
update_freq=60 \
icon="💾" \
background.color=$ITEM_BG \
background.drawing=on \
script="$PLUGIN_DIR/disk.sh"
# Menu bar extras / system tray items (rightmost)
# Note: Requires Screen Recording permission for SketchyBar in System Settings
# Use 'sketchybar --query default_menu_items' to discover available items
# Bluetooth
${pkgs.sketchybar}/bin/sketchybar --add alias "Control Center,Bluetooth" right \
--set "Control Center,Bluetooth" \
alias.update_freq=1 \
padding_left=0 \
padding_right=0
# WiFi
${pkgs.sketchybar}/bin/sketchybar --add alias "Control Center,WiFi" right \
--set "Control Center,WiFi" \
alias.update_freq=1 \
padding_left=0 \
padding_right=0
# Add other menu bar apps as discovered
# Common examples:
# - Cloudflare WARP: --add alias "Cloudflare WARP,Item-0" right
# - Notion Calendar: --add alias "Notion Calendar,Item-0" right
# Run 'sketchybar --query default_menu_items' to find exact names
# Update the bar
${pkgs.sketchybar}/bin/sketchybar --update
'';
};
# SketchyBar aerospace workspace plugin
home.file.".config/sketchybar/plugins/aerospace.sh" = mkIf cfg.sketchybar.enable {
executable = true;
text = ''
#!/bin/bash
# Colors
FOCUSED_COLOR=0xff285577
ITEM_BG=0xff333333
TEXT=0xffffffff
GRAY=0xff555555
# Get the currently focused workspace directly from aerospace
# Trim whitespace to ensure clean comparison
FOCUSED=$(${pkgs.aerospace}/bin/aerospace list-workspaces --focused | tr -d ' \n\r')
# Get list of empty workspaces
EMPTY_WORKSPACES=$(${pkgs.aerospace}/bin/aerospace list-workspaces --monitor all --empty)
# Clean up the workspace number parameter
WORKSPACE_NUM=$(echo "$1" | tr -d ' \n\r')
# Check if workspace has windows (is NOT empty)
IS_EMPTY=false
if echo "$EMPTY_WORKSPACES" | grep -q "^$WORKSPACE_NUM$"; then
IS_EMPTY=true
fi
# Check if this workspace is focused
IS_FOCUSED=false
if [ "$WORKSPACE_NUM" = "$FOCUSED" ]; then
IS_FOCUSED=true
fi
# Determine visibility and styling
# Always show focused workspace (even if empty) with fixed width
# Hide non-focused empty workspaces by setting width to 0 (collapsed)
# Show non-focused non-empty workspaces with fixed width and inactive styling
if [ "$IS_FOCUSED" = "true" ]; then
# Focused workspace - always show with focused styling
${pkgs.sketchybar}/bin/sketchybar --set space.$WORKSPACE_NUM \
drawing=on \
width=32 \
icon.padding_left=13 \
icon.padding_right=11 \
icon.align=center \
background.color=$FOCUSED_COLOR \
background.drawing=on \
icon.color=$TEXT
elif [ "$IS_EMPTY" = "true" ]; then
# Empty workspace (not focused) - hide by turning off drawing
${pkgs.sketchybar}/bin/sketchybar --set space.$WORKSPACE_NUM \
drawing=off
else
# Non-empty workspace (not focused) - show with inactive styling
${pkgs.sketchybar}/bin/sketchybar --set space.$WORKSPACE_NUM \
drawing=on \
width=32 \
icon.padding_left=13 \
icon.padding_right=11 \
icon.align=center \
background.color=$ITEM_BG \
background.drawing=on \
icon.color=$GRAY
fi
'';
};
# SketchyBar CPU monitoring plugin
home.file.".config/sketchybar/plugins/cpu.sh" = mkIf cfg.sketchybar.enable {
executable = true;
text = ''
#!/bin/bash
CORE_COUNT=$(sysctl -n machdep.cpu.thread_count)
CPU_INFO=$(ps -eo pcpu,user)
CPU_SYS=$(echo "$CPU_INFO" | grep -v $(whoami) | sed "s/[^ 0-9\.]//g" | awk "{sum+=\$1} END {print sum/(100.0 * $CORE_COUNT)}")
CPU_USER=$(echo "$CPU_INFO" | grep $(whoami) | sed "s/[^ 0-9\.]//g" | awk "{sum+=\$1} END {print sum/(100.0 * $CORE_COUNT)}")
CPU_PERCENT="$(echo "$CPU_SYS $CPU_USER" | awk '{printf "%.0f\n", ($1 + $2)*100}')"
${pkgs.sketchybar}/bin/sketchybar --set $NAME label="$CPU_PERCENT%"
'';
};
# SketchyBar memory monitoring plugin
home.file.".config/sketchybar/plugins/memory.sh" = mkIf cfg.sketchybar.enable {
executable = true;
text = ''
#!/bin/bash
MEMORY_STATS=$(vm_stat)
PAGES_FREE=$(echo "$MEMORY_STATS" | grep "Pages free" | awk '{print $3}' | tr -d '.')
PAGES_ACTIVE=$(echo "$MEMORY_STATS" | grep "Pages active" | awk '{print $3}' | tr -d '.')
PAGES_INACTIVE=$(echo "$MEMORY_STATS" | grep "Pages inactive" | awk '{print $3}' | tr -d '.')
PAGES_WIRED=$(echo "$MEMORY_STATS" | grep "Pages wired down" | awk '{print $4}' | tr -d '.')
PAGES_COMPRESSED=$(echo "$MEMORY_STATS" | grep "Pages stored in compressor" | awk '{print $5}' | tr -d '.')
TOTAL_PAGES=$((PAGES_FREE + PAGES_ACTIVE + PAGES_INACTIVE + PAGES_WIRED + PAGES_COMPRESSED))
USED_PAGES=$((PAGES_ACTIVE + PAGES_INACTIVE + PAGES_WIRED + PAGES_COMPRESSED))
MEMORY_PERCENT=$((USED_PAGES * 100 / TOTAL_PAGES))
${pkgs.sketchybar}/bin/sketchybar --set $NAME label="$MEMORY_PERCENT%"
'';
};
# SketchyBar disk monitoring plugin
home.file.".config/sketchybar/plugins/disk.sh" = mkIf cfg.sketchybar.enable {
executable = true;
text = ''
#!/bin/bash
DISK_USAGE=$(df -H / | grep -v Filesystem | awk '{print $5}')
${pkgs.sketchybar}/bin/sketchybar --set $NAME label="$DISK_USAGE"
'';
};
# SketchyBar battery monitoring plugin
home.file.".config/sketchybar/plugins/battery.sh" = mkIf cfg.sketchybar.enable {
executable = true;
text = ''
#!/bin/bash
PERCENTAGE=$(pmset -g batt | grep -Eo "\d+%" | cut -d% -f1)
CHARGING=$(pmset -g batt | grep 'AC Power')
if [ "$PERCENTAGE" = "" ]; then
exit 0
fi
# Select icon based on battery level
case ''${PERCENTAGE} in
9[0-9]|100) ICON="🔋"
;;
[6-8][0-9]) ICON="🔋"
;;
[3-5][0-9]) ICON="🔋"
;;
[1-2][0-9]) ICON="🔋"
;;
*) ICON="🪫"
esac
# Show charging icon if connected to power
if [[ $CHARGING != "" ]]; then
ICON=""
fi
${pkgs.sketchybar}/bin/sketchybar --set $NAME icon="$ICON" label="''${PERCENTAGE}%"
'';
};
# SketchyBar volume monitoring plugin
home.file.".config/sketchybar/plugins/volume.sh" = mkIf cfg.sketchybar.enable {
executable = true;
text = ''
#!/bin/bash
if [ "$SENDER" = "volume_change" ]; then
VOLUME=$(osascript -e "output volume of (get volume settings)")
MUTED=$(osascript -e "output muted of (get volume settings)")
if [ "$MUTED" = "true" ]; then
ICON="🔇"
LABEL=""
else
case $VOLUME in
[6-9][0-9]|100) ICON="🔊"
;;
[3-5][0-9]) ICON="🔉"
;;
*) ICON="🔈"
esac
LABEL="$VOLUME%"
fi
${pkgs.sketchybar}/bin/sketchybar --set $NAME icon="$ICON" label="$LABEL"
fi
'';
};
# SketchyBar calendar/clock plugin
home.file.".config/sketchybar/plugins/calendar.sh" = mkIf cfg.sketchybar.enable {
executable = true;
text = ''
#!/bin/bash
${pkgs.sketchybar}/bin/sketchybar --set $NAME label="$(date '+%Y-%m-%d %H:%M')"
'';
};
# Launchd agent for auto-starting sketchybar
launchd.agents.sketchybar = mkIf cfg.sketchybar.enable {
enable = true;
config = {
ProgramArguments = [ "${pkgs.sketchybar}/bin/sketchybar" ];
RunAtLoad = true;
KeepAlive = true;
StandardOutPath = "/tmp/sketchybar.log";
StandardErrorPath = "/tmp/sketchybar.err.log";
};
};
};
}

7
home/roles/base-darwin/default.nix Normal file
View File

@@ -0,0 +1,7 @@
{
# Base imports for Darwin home configurations
# Includes Darwin-specific roles that only work on macOS
imports = [
../aerospace
];
}

8
home/roles/base-linux/default.nix Normal file
View File

@@ -0,0 +1,8 @@
{
# Base imports for Linux home configurations
# Includes Linux-specific roles that require Linux-only home-manager modules
imports = [
../plasma-manager
../i3+sway
];
}

3
home/roles/communication/default.nix
View File

@@ -14,7 +14,8 @@ in
home.packages = [
# Communication apps
pkgs.element-desktop
#pkgs.fluffychat #marked insecure as of nixos 25.05
# Re-enabled in 25.11 after security issues were resolved
pkgs.fluffychat
pkgs.nextcloud-talk-desktop
# For logging back into google chat

6
home/roles/default.nix
View File

@@ -1,4 +1,7 @@
{
# Shared roles that work across all platforms (Linux, Darwin, etc.)
# Platform-specific roles are imported via base-linux or base-darwin
# in each home configuration file
imports = [
./base
./communication
@@ -7,8 +10,11 @@
./gaming
./kdeconnect
./kubectl
./launchers
./media
./office
./sync
./tmux
./emacs
];
}

2
home/roles/development/default.nix
View File

@@ -36,12 +36,12 @@ in
config = mkIf cfg.enable {
home.packages = [
pkgs.unstable.claude-code
pkgs.unstable.claude-code-router
pkgs.unstable.codex
# Custom packages
pkgs.custom.tea-rbw
pkgs.custom.claude-cli
];
# Install Claude Code humanlayer command and agent plugins

15
home/modules/emacs/default.nix → home/roles/emacs/default.nix
View File

@@ -3,6 +3,8 @@
with lib;
let
cfg = config.home.roles.emacs;
doomEmacs = pkgs.fetchFromGitHub {
owner = "doomemacs";
repo = "doomemacs";
@@ -17,20 +19,23 @@ let
];
# Default emacs configuration with vterm support
defaultEmacsPackage =
if pkgs.stdenv.isDarwin
defaultEmacsPackage =
if pkgs.stdenv.isDarwin
then pkgs.emacs-macport.pkgs.withPackages emacsPackages
else pkgs.emacs.pkgs.withPackages emacsPackages;
in
{
config = {
options.home.roles.emacs = {
enable = mkEnableOption "Doom Emacs with vterm and tree-sitter support";
};
config = mkIf cfg.enable {
home.packages = [
pkgs.emacs-all-the-icons-fonts
pkgs.fira-code
pkgs.fontconfig
pkgs.graphviz
pkgs.isort
#pkgs.libvterm # native vterm library
pkgs.nerd-fonts.fira-code
pkgs.nerd-fonts.droid-sans-mono
pkgs.nil # nix lsp language server
@@ -66,7 +71,7 @@ in
home.activation.doomConfig = lib.hm.dag.entryAfter ["writeBoundary"] ''
# Always remove and recreate the symlink to ensure it points to the source directory
rm -rf "${config.xdg.configHome}/doom"
ln -sf "${config.home.homeDirectory}/nixos-configs/home/modules/emacs/doom" "${config.xdg.configHome}/doom"
ln -sf "${config.home.homeDirectory}/nixos-configs/home/roles/emacs/doom" "${config.xdg.configHome}/doom"
'';
};
}

0
home/modules/emacs/doom/config.el → home/roles/emacs/doom/config.el
View File

0
home/modules/emacs/doom/init.el → home/roles/emacs/doom/init.el
View File

0
home/modules/emacs/doom/packages.el → home/roles/emacs/doom/packages.el
View File

24
home/modules/i3+sway/default.nix → home/roles/i3+sway/default.nix
View File

@@ -3,7 +3,7 @@
with lib;
let
cfg = config.home.i3_sway;
cfg = config.home.roles.i3_sway;
shared_config = recursiveUpdate rec {
modifier = "Mod4";
@@ -14,6 +14,9 @@ let
"${shared_config.modifier}+Return" = "exec ${terminal}";
"${shared_config.modifier}+Shift+q" = "kill";
"${shared_config.modifier}+a" = "focus parent";
"${shared_config.modifier}+Shift+a" = "focus child";
"${shared_config.modifier}+h" = "focus left";
"${shared_config.modifier}+j" = "focus down";
"${shared_config.modifier}+k" = "focus up";
@@ -45,8 +48,6 @@ let
"${shared_config.modifier}+Shift+space" = "floating toggle";
"${shared_config.modifier}+space" = "focus mode_toggle";
"${shared_config.modifier}+a" = "focus parent";
"${shared_config.modifier}+Shift+minus" = "move scratchpad";
"${shared_config.modifier}+minus" = "scratchpad show";
@@ -92,19 +93,29 @@ let
};
} cfg.extraSharedConfig;
in {
options.home.i3_sway = {
options.home.roles.i3_sway = {
enable = mkEnableOption "i3 and Sway tiling window managers with waybar and rofi";
extraSharedConfig = mkOption {
type = types.attrs;
default = {};
description = "Extra configuration shared between i3 and sway";
};
extraI3Config = mkOption {
type = types.attrs;
default = {};
description = "Extra i3-specific configuration";
};
extraSwayConfig = mkOption {
type = types.attrs;
default = {};
description = "Extra sway-specific configuration";
};
};
config = {
config = mkIf cfg.enable {
# i3blocks configuration file
home.file.".config/i3blocks/config".text = ''
# i3blocks config - replicating waybar setup
@@ -316,6 +327,7 @@ in {
};
in {
enable = true;
extraOptions = [ "--unsupported-gpu" ];
config = recursiveUpdate base_sway_config cfg.extraSwayConfig;
};
@@ -419,7 +431,7 @@ in {
#workspaces button {
padding: 0 8px;
background-color: transparent;
background-color: #333333;
color: #ffffff;
border: none;
}

231
home/roles/kubectl/default.nix
View File

@@ -7,10 +7,237 @@ let
in
{
options.home.roles.kubectl = {
enable = mkEnableOption "Enable management tools for the homelab k3s oglenet cluster";
enable = mkEnableOption "management tools for the homelab k3s oglenet cluster with secure Bitwarden integration";
};
config = mkIf cfg.enable {
programs.kubectl-secure.enable = true;
home.packages = with pkgs; [
kubectl
kubernetes-helm
];
programs.k9s.enable = true;
programs.bash.initExtra = mkAfter ''
# Kubectl secure session management
export KUBECTL_SESSION_DIR="/dev/shm/kubectl-$$"
kube-select() {
if [[ $# -ne 1 ]]; then
echo "Usage: kube-select <context-name>"
echo "Available contexts: $(kube-list)"
return 1
fi
local context="$1"
# Clean up any existing session first
kube-clear 2>/dev/null
# Create new session directory
mkdir -p "$KUBECTL_SESSION_DIR"
chmod 700 "$KUBECTL_SESSION_DIR"
# Set cleanup trap for this shell session
trap "rm -rf '$KUBECTL_SESSION_DIR' 2>/dev/null" EXIT
# Set KUBECONFIG for this session
export KUBECONFIG="$KUBECTL_SESSION_DIR/config"
# Load config from Bitwarden secure notes
if ! rbw get "kubectl-$context" > "$KUBECONFIG" 2>/dev/null; then
echo "Error: Could not retrieve kubectl-$context from Bitwarden"
echo "Make sure the entry exists with name: kubectl-$context"
kube-clear
return 1
fi
# Verify the kubeconfig is valid
if ! kubectl config view >/dev/null 2>&1; then
echo "Error: Invalid kubeconfig retrieved from Bitwarden"
kube-clear
return 1
fi
echo " Loaded kubectl context: $context (session: $$)"
echo " Config location: $KUBECONFIG"
}
kube-list() {
echo "Available kubectl contexts in Bitwarden:"
rbw search kubectl- 2>/dev/null | grep "^kubectl-" | sed 's/^kubectl-/ - /' || echo " (none found or rbw not accessible)"
}
kube-clear() {
if [[ -n "$KUBECTL_TIMEOUT_PID" ]]; then
kill "$KUBECTL_TIMEOUT_PID" 2>/dev/null
unset KUBECTL_TIMEOUT_PID
fi
if [[ -d "$KUBECTL_SESSION_DIR" ]]; then
rm -rf "$KUBECTL_SESSION_DIR"
echo "Cleared kubectl session ($$)"
fi
unset KUBECONFIG
}
kube-status() {
if [[ -f "$KUBECONFIG" ]]; then
local current_context
current_context=$(kubectl config current-context 2>/dev/null)
if [[ -n "$current_context" ]]; then
echo "Active kubectl context: $current_context"
echo "Session: $$ | Config: $KUBECONFIG"
# Show cluster info
local cluster_server
cluster_server=$(kubectl config view --minify -o jsonpath='{.clusters[0].cluster.server}' 2>/dev/null)
if [[ -n "$cluster_server" ]]; then
echo "Cluster: $cluster_server"
fi
else
echo "No active context in current session"
fi
else
echo "No kubectl session active in this shell"
echo "Use 'kube-select <context>' to start a session"
fi
}
# Helper function to show available commands
kube-help() {
echo "Secure kubectl session management commands:"
echo ""
echo "Session management:"
echo " kube-select <context> - Load kubeconfig from Bitwarden"
echo " kube-status - Show current session status"
echo " kube-clear - Clear current session"
echo ""
echo "Configuration management:"
echo " kube-list - List available contexts in Bitwarden"
echo ""
echo "Help:"
echo " kube-help - Show this help"
echo ""
echo "Examples:"
echo " kube-select prod # Loads from secure note"
echo " kubectl get pods"
echo " kube-clear"
echo ""
echo "Note: Kubeconfigs are stored as secure notes in Bitwarden"
}
'';
programs.zsh.initExtra = mkAfter ''
# Kubectl secure session management (zsh)
export KUBECTL_SESSION_DIR="/dev/shm/kubectl-$$"
kube-select() {
if [[ $# -ne 1 ]]; then
echo "Usage: kube-select <context-name>"
echo "Available contexts: $(kube-list)"
return 1
fi
local context="$1"
# Clean up any existing session first
kube-clear 2>/dev/null
# Create new session directory
mkdir -p "$KUBECTL_SESSION_DIR"
chmod 700 "$KUBECTL_SESSION_DIR"
# Set cleanup trap for this shell session
trap "rm -rf '$KUBECTL_SESSION_DIR' 2>/dev/null" EXIT
# Set KUBECONFIG for this session
export KUBECONFIG="$KUBECTL_SESSION_DIR/config"
# Load config from Bitwarden secure notes
if ! rbw get "kubectl-$context" > "$KUBECONFIG" 2>/dev/null; then
echo "Error: Could not retrieve kubectl-$context from Bitwarden"
echo "Make sure the entry exists with name: kubectl-$context"
kube-clear
return 1
fi
# Verify the kubeconfig is valid
if ! kubectl config view >/dev/null 2>&1; then
echo "Error: Invalid kubeconfig retrieved from Bitwarden"
kube-clear
return 1
fi
echo " Loaded kubectl context: $context (session: $$)"
echo " Config location: $KUBECONFIG"
}
kube-list() {
echo "Available kubectl contexts in Bitwarden:"
rbw search kubectl- 2>/dev/null | grep "^kubectl-" | sed 's/^kubectl-/ - /' || echo " (none found or rbw not accessible)"
}
kube-clear() {
if [[ -n "$KUBECTL_TIMEOUT_PID" ]]; then
kill "$KUBECTL_TIMEOUT_PID" 2>/dev/null
unset KUBECTL_TIMEOUT_PID
fi
if [[ -d "$KUBECTL_SESSION_DIR" ]]; then
rm -rf "$KUBECTL_SESSION_DIR"
echo "Cleared kubectl session ($$)"
fi
unset KUBECONFIG
}
kube-status() {
if [[ -f "$KUBECONFIG" ]]; then
local current_context
current_context=$(kubectl config current-context 2>/dev/null)
if [[ -n "$current_context" ]]; then
echo "Active kubectl context: $current_context"
echo "Session: $$ | Config: $KUBECONFIG"
# Show cluster info
local cluster_server
cluster_server=$(kubectl config view --minify -o jsonpath='{.clusters[0].cluster.server}' 2>/dev/null)
if [[ -n "$cluster_server" ]]; then
echo "Cluster: $cluster_server"
fi
else
echo "No active context in current session"
fi
else
echo "No kubectl session active in this shell"
echo "Use 'kube-select <context>' to start a session"
fi
}
# Helper function to show available commands
kube-help() {
echo "Secure kubectl session management commands:"
echo ""
echo "Session management:"
echo " kube-select <context> - Load kubeconfig from Bitwarden"
echo " kube-status - Show current session status"
echo " kube-clear - Clear current session"
echo ""
echo "Configuration management:"
echo " kube-list - List available contexts in Bitwarden"
echo ""
echo "Help:"
echo " kube-help - Show this help"
echo ""
echo "Examples:"
echo " kube-select prod # Loads from secure note"
echo " kubectl get pods"
echo " kube-clear"
echo ""
echo "Note: Kubeconfigs are stored as secure notes in Bitwarden"
}
'';
};
}

36
home/roles/launchers/default.nix Normal file
View File

@@ -0,0 +1,36 @@
{ config, lib, pkgs, ... }:
with lib;
let
cfg = config.home.roles.launchers;
# Generate a wrapper script for a package
makeLauncher = packageName: pkgs.writeShellScriptBin packageName ''
exec env NIXPKGS_ALLOW_UNFREE=1 ${pkgs.nix}/bin/nix run --impure nixpkgs#${packageName} -- "$@"
'';
# Generate all launcher scripts from the package list
launcherPackages = map makeLauncher cfg.packages;
in
{
options.home.roles.launchers = {
enable = mkEnableOption "wrapper launchers for excluded packages";
packages = mkOption {
type = types.listOf types.str;
default = [];
example = [ "steam" "libreoffice" "lutris" ];
description = ''
List of package names to create launcher wrappers for.
Each wrapper will run: NIXPKGS_ALLOW_UNFREE=1 nix run --impure nixpkgs#<package>
This is useful for occasionally running packages without permanently installing them.
'';
};
};
config = mkIf cfg.enable {
home.packages = launcherPackages;
};
}

188
home/roles/plasma-manager/default.nix Normal file
View File

@@ -0,0 +1,188 @@
{ config, lib, pkgs, ... }:
with lib;
let
cfg = config.home.roles.plasma-manager;
in
{
options.home.roles.plasma-manager = {
enable = mkEnableOption "KDE Plasma desktop environment configuration";
};
config = mkIf cfg.enable {
# The current KDE config can be output with the command:
# nix run github:nix-community/plasma-manager
#
# Plasma-manager options documentation
# https://nix-community.github.io/plasma-manager/options.xhtml
#
# TODO: (ambitious) Add Kmail support to plasma-manager
programs.plasma = {
enable = true;
overrideConfig = true;
hotkeys.commands."launch-ghostty" = {
name = "Launch Ghostty";
key = "Meta+Return";
command = "ghostty";
};
shortcuts = {
kmix = {
"decrease_microphone_volume" = "Microphone Volume Down";
"decrease_volume" = "Volume Down";
"decrease_volume_small" = "Shift+Volume Down";
"increase_microphone_volume" = "Microphone Volume Up";
"increase_volume" = "Volume Up";
"increase_volume_small" = "Shift+Volume Up";
"mic_mute" = ["Microphone Mute" "Meta+Volume Mute,Microphone Mute" "Meta+Volume Mute,Mute Microphone"];
"mute" = "Volume Mute";
};
mediacontrol = {
"mediavolumedown" = "none,,Media volume down";
"mediavolumeup" = "none,,Media volume up";
"nextmedia" = "Media Next";
"pausemedia" = "Media Pause";
"playmedia" = "none,,Play media playback";
"playpausemedia" = "Media Play";
"previousmedia" = "Media Previous";
"stopmedia" = "Media Stop";
};
ksmserver = {
"Lock Session" = ["Meta+Ctrl+Q" "Screensaver" "Screensaver,Lock Session"];
};
kwin = {
"Window Close" = "Meta+Shift+Q";
"Kill Window" = "Meta+Ctrl+Esc";
"Window Operations Menu" = "Alt+F3";
"Window Resize" = "Meta+R,,Resize Window";
"Overview" = "Meta+Ctrl+W";
"Grid View" = "Meta+G";
"Edit Tiles" = "Meta+T";
"Activate Window Demanding Attention" = "Meta+Ctrl+A";
"Show Desktop" = "Meta+Ctrl+D";
"Walk Through Windows" = "Alt+Tab";
"Walk Through Windows (Reverse)" = "Alt+Shift+Tab";
"Walk Through Windows of Current Application" = "Alt+`";
"Walk Through Windows of Current Application (Reverse)" = "Alt+~";
"Window Quick Tile Bottom" = "Meta+Down";
"Window Quick Tile Left" = "Meta+Left";
"Window Quick Tile Right" = "Meta+Right";
"Window Quick Tile Top" = "Meta+Up";
"Switch to Desktop 1" = "Meta+1";
"Switch to Desktop 2" = "Meta+2";
"Switch to Desktop 3" = "Meta+3";
"Switch to Desktop 4" = "Meta+4";
"Switch to Desktop 5" = "Meta+5";
"Switch to Desktop 6" = "Meta+6";
"Switch to Desktop 7" = "Meta+7";
"Switch to Desktop 8" = "Meta+8";
"Switch to Desktop 9" = "Meta+9";
"Switch to Desktop 10" = "Meta+0";
"Window to Desktop 1" = "Meta+!"; # Meta+Shift+1
"Window to Desktop 2" = "Meta+@"; # Meta+Shift+2
"Window to Desktop 3" = "Meta+#"; # Meta+Shift+3
"Window to Desktop 4" = "Meta+$"; # Meta+Shift+4
"Window to Desktop 5" = "Meta+%"; # Meta+Shift+5
"Window to Desktop 6" = "Meta+^"; # Meta+Shift+6
"Window to Desktop 7" = "Meta+&"; # Meta+Shift+7
"Window to Desktop 8" = "Meta+*"; # Meta+Shift+8
"Window to Desktop 9" = "Meta+("; # Meta+Shift+9
"Window to Desktop 10" = "Meta+)"; # Meta+Shift+0
"view_actual_size" = "Meta+Ctrl+=";
"view_zoom_in" = ["Meta++" "Meta+=,Meta++" "Meta+=,Zoom In"];
"view_zoom_out" = "Meta+-";
};
"org_kde_powerdevil"."Decrease Keyboard Brightness" = "Keyboard Brightness Down";
"org_kde_powerdevil"."Decrease Screen Brightness" = "Monitor Brightness Down";
"org_kde_powerdevil"."Decrease Screen Brightness Small" = "Shift+Monitor Brightness Down";
"org_kde_powerdevil"."Hibernate" = "Hibernate";
"org_kde_powerdevil"."Increase Keyboard Brightness" = "Keyboard Brightness Up";
"org_kde_powerdevil"."Increase Screen Brightness" = "Monitor Brightness Up";
"org_kde_powerdevil"."Increase Screen Brightness Small" = "Shift+Monitor Brightness Up";
"org_kde_powerdevil"."PowerDown" = "Power Down";
"org_kde_powerdevil"."PowerOff" = "Power Off";
"org_kde_powerdevil"."Sleep" = "Sleep";
"org_kde_powerdevil"."Toggle Keyboard Backlight" = "Keyboard Light On/Off";
"org_kde_powerdevil"."Turn Off Screen" = [ ];
"org_kde_powerdevil"."powerProfile" = ["Battery" "Meta+B,Battery" "Meta+B,Switch Power Profile"];
plasmashell = {
"activate application launcher" = ["Meta" "Alt+F1,Meta" "Alt+F1,Activate Application Launcher"];
"activate task manager entry 1" = "none,,";
"activate task manager entry 2" = "none,,";
"activate task manager entry 3" = "none,,";
"activate task manager entry 4" = "none,,";
"activate task manager entry 5" = "none,,";
"activate task manager entry 6" = "none,,";
"activate task manager entry 7" = "none,,";
"activate task manager entry 8" = "none,,";
"activate task manager entry 9" = "none,,";
"activate task manager entry 10" = "none,,";
"show activity switcher" = "none,,";
};
};
configFile = {
kwinrc.Desktops.Number = {
value = 10;
immutable = true;
};
# Enable KWin tiling features
kwinrc.Tiling = {
# Enable tiling functionality
"padding" = 4;
};
# Enable krohnkite plugin automatically
kwinrc.Plugins = {
krohnkiteEnabled = true;
};
kwinrc.Effect-overview = {
# Configure overview effect for better tiling workflow
BorderActivate = 9; # Top-left corner activation
};
kcminputrc.Libinput = {
AccelerationProfile = "adaptive";
PointerAcceleration = 0.5;
};
kcminputrc.Mouse = {
X11LibInputXAccelProfileFlat = false;
XLbInptAccelProfileFlat = false;
};
kdeglobals.KDE.LookAndFeelPackage = "org.kde.breezedark.desktop";
# Focus follows mouse configuration
kwinrc.Windows = {
FocusPolicy = "FocusFollowsMouse";
AutoRaise = true; # Set to true if you want windows to auto-raise on focus
AutoRaiseInterval = 750; # Delay in ms before auto-raise (if enabled)
DelayFocusInterval = 0; # Delay in ms before focus follows mouse
};
# Desktop wallpaper configuration
plasma-localerc.Formats.LANG = "en_US.UTF-8";
# Set wallpaper for all desktops
plasmarc.Wallpapers.usersWallpapers = "${../../wallpapers/metroid-samus-returns-kz-3440x1440.jpg}";
};
};
};
}

62
home/roles/tmux/default.nix Normal file
View File

@@ -0,0 +1,62 @@
{ config, lib, pkgs, ... }:
with lib;
let
cfg = config.home.roles.tmux;
tokyo-night = pkgs.tmuxPlugins.mkTmuxPlugin {
pluginName = "tokyo-night";
rtpFilePath = "tokyo-night.tmux";
version = "1.6.1";
src = pkgs.fetchFromGitHub {
owner = "janoamaral";
repo = "tokyo-night-tmux";
rev = "d610ced20d5f602a7995854931440e4a1e0ab780";
sha256 = "sha256-17vEgkL7C51p/l5gpT9dkOy0bY9n8l0/LV51mR1k+V8=";
};
};
in
{
options.home.roles.tmux = {
enable = mkEnableOption "tmux terminal multiplexer with Tokyo Night theme";
};
config = mkIf cfg.enable {
programs.tmux.enable = true;
programs.tmux.terminal = "tmux-direct";
programs.tmux.keyMode = "vi";
programs.tmux.escapeTime = 0;
programs.tmux.mouse = true;
programs.tmux.newSession = true;
programs.tmux.historyLimit = 50000;
programs.tmux.clock24 = true;
programs.tmux.baseIndex = 1;
programs.tmux.prefix = "M-\\\\";
programs.tmux.plugins = with pkgs; [
tmuxPlugins.cpu
tmuxPlugins.battery
tmuxPlugins.better-mouse-mode
tmuxPlugins.net-speed
tmuxPlugins.online-status
tmuxPlugins.pain-control
tmuxPlugins.tilish
tmuxPlugins.yank
{
plugin = tmuxPlugins.resurrect;
extraConfig = "set -g @resurrect-strategy-nvim 'session'";
}
{
plugin = tmuxPlugins.continuum;
extraConfig = ''
set -g @continuum-restore 'on'
set -g @continuum-save-interval '15' # minutes
'';
}
tokyo-night
];
};
}

7
machines/boxy/configuration.nix
View File

@@ -39,12 +39,7 @@ with lib;
services.xserver.videoDrivers = [ "amdgpu" ];
hardware.graphics.enable = true;
hardware.graphics.enable32Bit = true;
hardware.graphics.extraPackages = with pkgs; [
amdvlk
];
hardware.graphics.extraPackages32 = with pkgs; [
driversi686Linux.amdvlk
];
# RADV (AMD's Vulkan driver) is now enabled by default, amdvlk was removed
# This option defines the first version of NixOS you have installed on this particular machine,
# and is used to maintain compatibility with application data (e.g. databases) created on older NixOS versions.

2
machines/nix-book/configuration.nix
View File

@@ -15,7 +15,7 @@
desktop = {
enable = true;
wayland = true;
gaming.enable = false;
gaming.enable = true;
kde = true;
sddm = true;
};

1
machines/nix-deck/configuration.nix
View File

@@ -2,6 +2,7 @@
{
imports = [
./hardware-configuration.nix
../../roles/desktop/steamos.nix
];
roles = {

2
machines/wixos/configuration.nix
View File

@@ -36,7 +36,7 @@
extraPackages = with pkgs; [
mesa
libvdpau-va-gl
vaapiVdpau
libva-vdpau-driver
];
};
environment.sessionVariables = {

0
packages/claude-cli/README.md → packages/claude-code/README.md
View File

5
packages/claude-cli/default.nix → packages/claude-code/default.nix
View File

@@ -2,7 +2,6 @@
, stdenv
, fetchurl
, autoPatchelfHook
, makeWrapper
}:
let
@@ -30,7 +29,7 @@ let
src = srcs.${stdenv.hostPlatform.system} or (throw "Unsupported system: ${stdenv.hostPlatform.system}");
in stdenv.mkDerivation {
pname = "claude-cli";
pname = "claude-code";
inherit version;
src = fetchurl {
@@ -58,4 +57,4 @@ in stdenv.mkDerivation {
platforms = [ "aarch64-darwin" "x86_64-darwin" "x86_64-linux" "aarch64-linux" ];
mainProgram = "claude";
};
}
}

34
packages/claude-code/npm.nix Normal file
View File

@@ -0,0 +1,34 @@
{ lib
, buildNpmPackage
, fetchurl
, nodejs_18
}:
buildNpmPackage {
pname = "claude-cli";
version = "0.2.65";
src = fetchurl {
url = "https://registry.npmjs.org/@anthropic-ai/claude-code/-/claude-code-0.2.65.tgz";
sha256 = "0wwaqq7k9p5aw4vqhfpdgf3da09x64q55wibqaprk6kjvn130i92";
};
npmDepsHash = "sha256-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA="; # Will be updated after first build
nodejs = nodejs_18;
# Don't run npm audit or other network operations during build
npmConfigHook = ''
npm config set audit false
npm config set fund false
'';
meta = with lib; {
description = "Terminal-based AI coding assistant from Anthropic (npm distribution)";
homepage = "https://www.anthropic.com/claude-code";
license = licenses.unfree;
maintainers = [ ];
platforms = platforms.all;
mainProgram = "claude";
};
}

4
packages/claude-cli/update.sh → packages/claude-code/update.sh
View File

@@ -127,6 +127,6 @@ echo " aarch64-linux: $SHA_ARM64_LINUX"
echo ""
echo "Next steps:"
echo " 1. Review changes: git diff $NIX_FILE"
echo " 2. Test build: NIXPKGS_ALLOW_UNFREE=1 nix-build -E 'with import <nixpkgs> { config.allowUnfree = true; }; callPackage ./packages/claude-cli {}'"
echo " 2. Test build: NIXPKGS_ALLOW_UNFREE=1 nix-build -E 'with import <nixpkgs> { config.allowUnfree = true; }; callPackage ./packages/claude-code {}'"
echo " 3. Verify version: ./result/bin/claude --version"
echo " 4. Commit: git add $NIX_FILE && git commit -m 'claude-cli: Update to version $NEW_VERSION'"
echo " 4. Commit: git add $NIX_FILE && git commit -m 'claude-code: Update to version $NEW_VERSION'"

2
packages/default.nix
View File

@@ -3,5 +3,5 @@
vulkanHDRLayer = pkgs.callPackage ./vulkan-hdr-layer {};
tea-rbw = pkgs.callPackage ./tea-rbw {};
app-launcher-server = pkgs.callPackage ./app-launcher-server {};
claude-cli = pkgs.callPackage ./claude-cli {};
claude-code = pkgs.callPackage ./claude-code {};
}

1
roles/desktop/default.nix
View File

@@ -22,6 +22,5 @@ with lib;
./kde.nix
./programs.nix
./sddm.nix
./steamos.nix
];
}

21
roles/desktop/gaming.nix
View File

@@ -9,24 +9,27 @@ in
config = mkMerge [
(mkIf (cfg.enable && cfg.gaming.enable) {
environment.systemPackages = with pkgs; [
steam
lutris
moonlight
# Emulators
dolphin-emu
# Re-enabled in 25.11 after binary build was fixed
dolphin-emu-primehack
retroarch-full
# Experimenting with just using the steam version + downloading
# indiviudal cores
#retroarch-full
ryubing
];
# TODO: Remove me once dolphin-emu and dolphin-emu-primehack update
# dependencies to mbedtls from mbedtls_2 (which is currently)
# unmaintained
nixpkgs.config.permittedInsecurePackages = [ "mbedtls-2.28.10" ];
warnings = [
"Using insecure mbedtls-2.28.10 for Dolphin Emu - check for updates regularly"
];
programs.steam = {
enable = true;
remotePlay.openFirewall = true;
dedicatedServer.openFirewall = true;
localNetworkGameTransfers.openFirewall = true;
};
})
];
}

64
roles/jovian-compat.nix
View File

@@ -1,64 +0,0 @@
{ lib, config, ... }:
# Minimal Jovian compatibility layer for NixOS stable (25.05)
# Defines only the Jovian options used by roles/desktop/steamos.nix
# No actual implementation - just option definitions to prevent evaluation errors
# REMOVE THIS FILE when all systems are on NixOS 25.11+ or unstable
with lib;
let
nixosVersion = config.system.nixos.release;
isCompatibleVersion = versionOlder nixosVersion "25.11";
in
{
options.jovian = {
steam = {
enable = mkEnableOption "Steam (jovian-compat stub)";
autoStart = mkOption {
type = types.bool;
default = false;
description = "Auto-start Steam (jovian-compat stub)";
};
user = mkOption {
type = types.str;
default = "user";
description = "Steam user (jovian-compat stub)";
};
desktopSession = mkOption {
type = types.nullOr types.str;
default = null;
description = "Desktop session (jovian-compat stub)";
};
};
decky-loader = {
enable = mkEnableOption "Decky Loader (jovian-compat stub)";
};
};
config = mkMerge [
{
assertions = [
{
assertion = isCompatibleVersion;
message = ''
The Jovian compatibility shim (roles/jovian-compat.nix) is only needed for NixOS 25.05 and earlier.
You are running NixOS ${nixosVersion}.
Please remove 'roles/jovian-compat.nix' from your flake.nix nixosModules list.
'';
}
];
}
# No config implementation - these options do nothing on stable systems
# steamos role is only enabled on nix-deck which uses unstable anyway
(mkIf config.jovian.steam.enable {
warnings = [
"Jovian is enabled but you're using the compatibility stub. This won't work correctly. Use NixOS unstable for Jovian support."
];
})
];
}