[nix-deck] Use NixOS unstable for better Jovian compatibility

- Switch nix-deck to use nixpkgs-unstable and unstable home-manager/plasma-manager
- Remove jovian-compat.nix shim (not needed on unstable)
- Add bitwarden-desktop compatibility overlay for stable/unstable coexistence
- Update hardware-configuration.nix with actual Steam Deck hardware detection
- Add 8GB swap file configuration
- Configure AMD CPU microcode updates

This allows nix-deck to work with the latest Jovian-NixOS while keeping other
machines on stable 25.05.

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>

STEAM_DECK_JOVIAN_SETUP.md

@@ -0,0 +1,280 @@
+# Steam Deck (nix-deck) Jovian-NixOS Setup Guide
+
+This document describes the setup for installing and maintaining NixOS with Jovian-NixOS on a Steam Deck.
+
+## Overview
+
+The `nix-deck` configuration provides:
+- **Jovian-NixOS integration** for Steam Deck hardware support
+- **Remote building** using `zix790prors` as the build host
+- **SteamOS role** for easy Steam Deck UI configuration
+- **Compatibility shim** for using Jovian on NixOS 25.05 stable
+
+## Architecture
+
+### Remote Building
+
+The setup uses distributed builds to avoid slow compilation on the Steam Deck:
+
+- **Build Host**: `zix790prors` (powerful desktop)
+  - Runs as a dedicated `nix-builder` user (not root)
+  - Accepts SSH connections from client machines
+  - Performs all heavy compilation work
+
+- **Build Clients**: `nix-book` and `nix-deck`
+  - Automatically offload builds to `zix790prors`
+  - Fall back to local building if remote builder is unavailable
+  - Steam Deck heavily prefers remote (speedFactor=4)
+
+### Jovian-NixOS Integration
+
+- **Jovian module**: Provides Steam Deck hardware support, drivers, and Steam UI
+- **Compatibility layer**: `roles/jovian-compat.nix` provides `services.logind.settings` for NixOS 25.05
+  - **IMPORTANT**: Remove this when upgrading to NixOS 25.11+
+  - An assertion will fail the build if used on 25.11+
+
+- **SteamOS role**: `roles.desktop.steamos` abstracts Jovian configuration
+  ```nix
+  roles.desktop.steamos = {
+    enable = true;
+    autoStart = false;  # Set to true to boot directly to Steam UI
+    desktopSession = "plasmawayland";
+  };
+  ```
+
+## Initial Installation
+
+### Prerequisites
+
+1. Steam Deck in recovery mode or booted to a live Linux environment
+2. SSH access enabled on the Steam Deck
+3. SSH key set up for passwordless authentication
+
+### Option 1: Using nixos-anywhere (Initial Install Only)
+
+```bash
+# From your main machine
+nix run github:nix-community/nixos-anywhere -- \
+  --flake .#nix-deck \
+  root@<steam-deck-ip>
+```
+
+**Note**: This is only for the initial install. For updates, see below.
+
+### Option 2: Manual Installation
+
+1. Boot Steam Deck from NixOS installer USB
+2. Partition and format the disk
+3. Mount filesystems
+4. Clone this repository
+5. Generate hardware config:
+   ```bash
+   nixos-generate-config --show-hardware-config > /tmp/hw.nix
+   ```
+6. Copy the hardware config content to `machines/nix-deck/hardware-configuration.nix`
+7. Keep the `jovian.devices.steamdeck` settings in the file
+8. Install:
+   ```bash
+   nixos-install --flake .#nix-deck
+   ```
+
+## Updates and Rebuilds
+
+### Method 1: Remote Build and Deploy (Recommended)
+
+Build on your main machine, deploy to Steam Deck:
+
+```bash
+# From nix-book or zix790prors
+nixos-rebuild switch \
+  --flake .#nix-deck \
+  --target-host root@nix-deck \
+  --build-host localhost
+```
+
+### Method 2: On-Device Rebuild (Uses Remote Builder)
+
+The Steam Deck is configured to automatically use `zix790prors` as a remote builder:
+
+```bash
+# SSH into the Steam Deck
+ssh root@nix-deck
+
+# This will automatically build on zix790prors
+nixos-rebuild switch --flake /path/to/nixos-configs#nix-deck
+```
+
+The build will automatically happen on `zix790prors` and be deployed locally.
+
+## Remote Builder Setup
+
+### On the Build Host (zix790prors)
+
+The configuration creates a `nix-builder` user that client machines connect to:
+
+```nix
+roles.remote-build.enableBuilder = true;
+```
+
+### On Client Machines (nix-book, nix-deck)
+
+Configure the remote builder:
+
+```nix
+roles.remote-build.builders = [{
+  hostName = "zix790prors";
+  maxJobs = 16;
+  speedFactor = 4;  # Higher = prefer remote more
+}];
+```
+
+### SSH Key Setup
+
+1. Generate SSH key on the builder host for the `nix-builder` user:
+   ```bash
+   sudo -u nix-builder ssh-keygen -t ed25519 -f /var/lib/nix-builder/.ssh/id_ed25519
+   ```
+
+2. Copy the public key to client machines:
+   ```bash
+   # Add to /var/lib/nix-builder/.ssh/authorized_keys on zix790prors
+   ```
+
+3. On client machines, ensure you can connect:
+   ```bash
+   ssh nix-builder@zix790prors
+   ```
+
+## Configuration Files
+
+### Key Files Created/Modified
+
+- `flake.nix` - Added Jovian input and nix-deck configuration
+- `roles/jovian-compat.nix` - Compatibility shim (remove in 25.11+)
+- `roles/desktop/steamos.nix` - SteamOS/Jovian role abstraction
+- `roles/remote-build/default.nix` - Remote builder role
+- `machines/nix-deck/configuration.nix` - Steam Deck system config
+- `machines/nix-deck/hardware-configuration.nix` - Hardware config (placeholder)
+
+### Example Configuration
+
+```nix
+# machines/nix-deck/configuration.nix
+{
+  roles = {
+    desktop = {
+      enable = true;
+      wayland = true;
+      gaming.enable = true;
+      kde = true;
+      sddm = true;
+      steamos = {
+        enable = true;
+        autoStart = false;  # or true to boot to Steam UI
+        desktopSession = "plasmawayland";
+      };
+    };
+    remote-build.builders = [{
+      hostName = "zix790prors";
+      maxJobs = 16;
+      speedFactor = 4;
+    }];
+  };
+}
+```
+
+## Jovian Features
+
+### Enabled by Default
+
+- Steam Deck hardware support (`jovian.devices.steamdeck.enable`)
+- Steam UI (`jovian.steam.enable`)
+- Decky Loader plugin system (`jovian.decky-loader.enable`)
+
+### Optional Features
+
+Set in the hardware-configuration.nix:
+
+```nix
+jovian.devices.steamdeck = {
+  enable = true;
+  autoUpdate = false;  # Auto-update BIOS/controller firmware
+};
+```
+
+### Manual Firmware Updates
+
+```bash
+# BIOS update
+sudo jupiter-biosupdate
+
+# Controller update
+sudo jupiter-controller-update
+
+# Docking station (connect via USB-C first)
+jupiter-dock-updater
+```
+
+## Troubleshooting
+
+### Remote Builds Not Working
+
+1. Check SSH connectivity:
+   ```bash
+   ssh nix-builder@zix790prors
+   ```
+
+2. Verify builder is trusted:
+   ```bash
+   # On zix790prors
+   nix show-config | grep trusted-users
+   ```
+
+3. Check build logs:
+   ```bash
+   journalctl -u nix-daemon -f
+   ```
+
+### Jovian Not Working
+
+1. Ensure you're on NixOS 25.05 or the compatibility layer is removed for 25.11+
+2. Check Jovian is imported in flake.nix
+3. Verify hardware config has `jovian.devices.steamdeck.enable = true`
+
+### Compatibility Layer Issues
+
+If you see an error about `jovian-compat.nix` being incompatible:
+
+1. You're running NixOS 25.11 or later
+2. Remove `./roles/jovian-compat.nix` from `flake.nix`
+3. Jovian should work natively on 25.11+
+
+## Future Upgrades
+
+### Upgrading to NixOS 25.11
+
+1. Update `nixpkgs` input in flake.nix to 25.11
+2. Remove `./roles/jovian-compat.nix` from flake.nix imports
+3. The assertion in jovian-compat.nix will prevent accidental use
+4. Test the build
+5. Deploy
+
+### Switching to Unstable
+
+If you need Jovian to follow unstable nixpkgs:
+
+1. Edit `flake.nix`:
+   ```nix
+   jovian = {
+     url = "github:Jovian-Experiments/Jovian-NixOS";
+     inputs.nixpkgs.follows = "nixpkgs-unstable";
+   };
+   ```
+
+2. This only affects Jovian packages, not your base system
+
+## Additional Resources
+
+- [Jovian-NixOS Documentation](https://jovian-experiments.github.io/Jovian-NixOS/)
+- [Jovian Steam Deck Guide](https://jovian-experiments.github.io/Jovian-NixOS/devices/valve-steam-deck/)
+- [NixOS Remote Builds](https://nixos.org/manual/nix/stable/advanced-topics/distributed-builds.html)

flake.lock

@@ -57,6 +57,48 @@
         "type": "github"
       }
     },
+    "home-manager-unstable": {
+      "inputs": {
+        "nixpkgs": [
+          "nixpkgs-unstable"
+        ]
+      },
+      "locked": {
+        "lastModified": 1763416652,
+        "narHash": "sha256-8EBEEvtzQ11LCxpQHMNEBQAGtQiCu/pqP9zSovDSbNM=",
+        "owner": "nix-community",
+        "repo": "home-manager",
+        "rev": "ea164b7c9ccdc2321379c2ff78fd4317b4c41312",
+        "type": "github"
+      },
+      "original": {
+        "owner": "nix-community",
+        "ref": "master",
+        "repo": "home-manager",
+        "type": "github"
+      }
+    },
+    "jovian": {
+      "inputs": {
+        "nix-github-actions": "nix-github-actions",
+        "nixpkgs": [
+          "nixpkgs-unstable"
+        ]
+      },
+      "locked": {
+        "lastModified": 1763223001,
+        "narHash": "sha256-Hi6XxTJJjKsDrO+D0fYXS88ehCYzQkZlp9qxX1zoM1s=",
+        "owner": "Jovian-Experiments",
+        "repo": "Jovian-NixOS",
+        "rev": "68a1bcc019378272e601558719f82005a80ddab0",
+        "type": "github"
+      },
+      "original": {
+        "owner": "Jovian-Experiments",
+        "repo": "Jovian-NixOS",
+        "type": "github"
+      }
+    },
     "nix-darwin": {
       "inputs": {
         "nixpkgs": [
@@ -64,11 +106,11 @@
         ]
       },
       "locked": {
-        "lastModified": 1759509947,
+        "lastModified": 1762912391,
-        "narHash": "sha256-4XifSIHfpJKcCf5bZZRhj8C4aCpjNBaE3kXr02s4rHU=",
+        "narHash": "sha256-4hpBE7bGd24SfD28rzMdUGXsLsNEYxCCrTipFdoqoNM=",
         "owner": "nix-darwin",
         "repo": "nix-darwin",
-        "rev": "000eadb231812ad6ea6aebd7526974aaf4e79355",
+        "rev": "d76299b2cd01837c4c271a7b5186e3d5d8ebd126",
         "type": "github"
       },
       "original": {
@@ -78,17 +120,39 @@
         "type": "github"
       }
     },
+    "nix-github-actions": {
+      "inputs": {
+        "nixpkgs": [
+          "jovian",
+          "nixpkgs"
+        ]
+      },
+      "locked": {
+        "lastModified": 1729697500,
+        "narHash": "sha256-VFTWrbzDlZyFHHb1AlKRiD/qqCJIripXKiCSFS8fAOY=",
+        "owner": "zhaofengli",
+        "repo": "nix-github-actions",
+        "rev": "e418aeb728b6aa5ca8c5c71974e7159c2df1d8cf",
+        "type": "github"
+      },
+      "original": {
+        "owner": "zhaofengli",
+        "ref": "matrix-name",
+        "repo": "nix-github-actions",
+        "type": "github"
+      }
+    },
     "nixos-wsl": {
       "inputs": {
         "flake-compat": "flake-compat",
         "nixpkgs": "nixpkgs"
       },
       "locked": {
-        "lastModified": 1762251193,
+        "lastModified": 1763385941,
-        "narHash": "sha256-CmSddz8e2kM+ITbYutluhKZyXXwI9Sg2lf7XXSvc8oY=",
+        "narHash": "sha256-99CBNgyMvg3Zu/hxqixtShevrF4Kfr/qjtizQ6oseVI=",
         "owner": "nix-community",
         "repo": "NixOS-WSL",
-        "rev": "e001844d4553aef268f97b32d3a825b6370eed91",
+        "rev": "cc6483354b236c2fc95cc1d4ba1f0f40b7345e69",
         "type": "github"
       },
       "original": {
@@ -100,11 +164,11 @@
     },
     "nixpkgs": {
       "locked": {
-        "lastModified": 1761907660,
+        "lastModified": 1762977756,
-        "narHash": "sha256-kJ8lIZsiPOmbkJypG+B5sReDXSD1KGu2VEPNqhRa/ew=",
+        "narHash": "sha256-4PqRErxfe+2toFJFgcRKZ0UI9NSIOJa+7RXVtBhy4KE=",
         "owner": "NixOS",
         "repo": "nixpkgs",
-        "rev": "2fb006b87f04c4d3bdf08cfdbc7fab9c13d94a15",
+        "rev": "c5ae371f1a6a7fd27823bc500d9390b38c05fa55",
         "type": "github"
       },
       "original": {
@@ -116,11 +180,11 @@
     },
     "nixpkgs-unstable": {
       "locked": {
-        "lastModified": 1762596750,
+        "lastModified": 1763283776,
-        "narHash": "sha256-rXXuz51Bq7DHBlfIjN7jO8Bu3du5TV+3DSADBX7/9YQ=",
+        "narHash": "sha256-Y7TDFPK4GlqrKrivOcsHG8xSGqQx3A6c+i7novT85Uk=",
         "owner": "nixos",
         "repo": "nixpkgs",
-        "rev": "b6a8526db03f735b89dd5ff348f53f752e7ddc8e",
+        "rev": "50a96edd8d0db6cc8db57dab6bb6d6ee1f3dc49a",
         "type": "github"
       },
       "original": {
@@ -132,11 +196,11 @@
     },
     "nixpkgs_2": {
       "locked": {
-        "lastModified": 1762498405,
+        "lastModified": 1763049705,
-        "narHash": "sha256-Zg/SCgCaAioc0/SVZQJxuECGPJy+OAeBcGeA5okdYDc=",
+        "narHash": "sha256-A5LS0AJZ1yDPTa2fHxufZN++n8MCmtgrJDtxFxrH4S8=",
         "owner": "nixos",
         "repo": "nixpkgs",
-        "rev": "6faeb062ee4cf4f105989d490831713cc5a43ee1",
+        "rev": "3acb677ea67d4c6218f33de0db0955f116b7588c",
         "type": "github"
       },
       "original": {
@@ -169,15 +233,41 @@
         "type": "github"
       }
     },
+    "plasma-manager-unstable": {
+      "inputs": {
+        "home-manager": [
+          "home-manager-unstable"
+        ],
+        "nixpkgs": [
+          "nixpkgs-unstable"
+        ]
+      },
+      "locked": {
+        "lastModified": 1762784320,
+        "narHash": "sha256-odsk96Erywk5hs0dhArF38zb7Oe0q6LZ70gXbxAPKno=",
+        "owner": "nix-community",
+        "repo": "plasma-manager",
+        "rev": "7911a0f8a44c7e8b29d031be3149ee8943144321",
+        "type": "github"
+      },
+      "original": {
+        "owner": "nix-community",
+        "repo": "plasma-manager",
+        "type": "github"
+      }
+    },
     "root": {
       "inputs": {
         "google-cookie-retrieval": "google-cookie-retrieval",
         "home-manager": "home-manager",
+        "home-manager-unstable": "home-manager-unstable",
+        "jovian": "jovian",
         "nix-darwin": "nix-darwin",
         "nixos-wsl": "nixos-wsl",
         "nixpkgs": "nixpkgs_2",
         "nixpkgs-unstable": "nixpkgs-unstable",
-        "plasma-manager": "plasma-manager"
+        "plasma-manager": "plasma-manager",
+        "plasma-manager-unstable": "plasma-manager-unstable"
       }
     }
   },

flake.nix

@@ -16,16 +16,32 @@
       inputs.nixpkgs.follows = "nixpkgs";
     };
 
+    home-manager-unstable = {
+      url = "github:nix-community/home-manager/master";
+      inputs.nixpkgs.follows = "nixpkgs-unstable";
+    };
+
     plasma-manager = {
       url = "github:nix-community/plasma-manager";
       inputs.nixpkgs.follows = "nixpkgs";
       inputs.home-manager.follows = "home-manager";
     };
 
+    plasma-manager-unstable = {
+      url = "github:nix-community/plasma-manager";
+      inputs.nixpkgs.follows = "nixpkgs-unstable";
+      inputs.home-manager.follows = "home-manager-unstable";
+    };
+
     google-cookie-retrieval = {
       url = "git+https://git.johnogle.info/johno/google-cookie-retrieval.git";
       inputs.nixpkgs.follows = "nixpkgs";
     };
+
+    jovian = {
+      url = "github:Jovian-Experiments/Jovian-NixOS";
+      inputs.nixpkgs.follows = "nixpkgs-unstable";
+    };
   };
 
   outputs = { self, nixpkgs, nixpkgs-unstable, nixos-wsl, ... } @ inputs: let
@@ -33,6 +49,7 @@
       ./roles
     ] ++ [
       inputs.home-manager.nixosModules.home-manager
+      inputs.jovian.nixosModules.jovian
       {
         nixpkgs.overlays = [
           (final: prev: {
@@ -41,6 +58,8 @@
               config.allowUnfree = true;
             };
             custom = prev.callPackage ./packages {};
+            # Compatibility: bitwarden renamed to bitwarden-desktop in unstable
+            bitwarden-desktop = prev.bitwarden-desktop or prev.bitwarden;
           })
         ];
         home-manager.useGlobalPkgs = true;
@@ -53,6 +72,34 @@
         };
       }
     ];
+    # Modules for unstable-based systems (like nix-deck)
+    nixosModulesUnstable = [
+      ./roles
+    ] ++ [
+      inputs.home-manager-unstable.nixosModules.home-manager
+      inputs.jovian.nixosModules.jovian
+      {
+        nixpkgs.overlays = [
+          (final: prev: {
+            unstable = import nixpkgs-unstable {
+              system = prev.system;
+              config.allowUnfree = true;
+            };
+            custom = prev.callPackage ./packages {};
+            # Compatibility: bitwarden renamed to bitwarden-desktop in unstable
+            bitwarden-desktop = prev.bitwarden-desktop or prev.bitwarden;
+          })
+        ];
+        home-manager.useGlobalPkgs = true;
+        home-manager.useUserPackages = true;
+        home-manager.sharedModules = [
+          inputs.plasma-manager-unstable.homeModules.plasma-manager
+        ];
+        home-manager.extraSpecialArgs = {
+          globalInputs = inputs;
+        };
+      }
+    ];
     darwinModules = [
       ./roles/darwin.nix
     ] ++ [
@@ -65,6 +112,8 @@
               config.allowUnfree = true;
             };
             custom = prev.callPackage ./packages {};
+            # Compatibility: bitwarden renamed to bitwarden-desktop in unstable
+            bitwarden-desktop = prev.bitwarden-desktop or prev.bitwarden;
           })
         ];
         home-manager.useGlobalPkgs = true;
@@ -142,6 +191,18 @@
       ];
     };
 
+    # Steam Deck configuration (using unstable for better Jovian compatibility)
+    nixosConfigurations.nix-deck = nixpkgs-unstable.lib.nixosSystem rec {
+      system = "x86_64-linux";
+      modules = nixosModulesUnstable ++ [
+        ./machines/nix-deck/configuration.nix
+        {
+          home-manager.users.johno = import ./home/home-desktop.nix;
+          home-manager.extraSpecialArgs = { inherit system; };
+        }
+      ];
+    };
+
     # Darwin/macOS configurations
     darwinConfigurations."blkfv4yf49kt7" = inputs.nix-darwin.lib.darwinSystem rec {
       system = "aarch64-darwin";

home/modules/i3+sway/default.nix

@@ -105,12 +105,134 @@ in {
   };
 
   config = {
+    # i3blocks configuration file
+    home.file.".config/i3blocks/config".text = ''
+      # i3blocks config - replicating waybar setup
+      separator_block_width=15
+      markup=pango
+
+      [disk]
+      command=df -h / | awk 'NR==2 {print "💾 " $5}'
+      interval=30
+      separator=true
+
+      [cpu]
+      command=top -bn1 | grep "Cpu(s)" | sed "s/.*, *\([0-9.]*\)%* id.*/\1/" | awk '{print "🧠 " int(100 - $1) "%"}'
+      interval=2
+      separator=true
+
+      [memory]
+      command=free | awk 'NR==2 {printf "🐏 %.0f%%\n", $3*100/$2}'
+      interval=5
+      separator=true
+
+      [pulseaudio]
+      command=${pkgs.writeShellScript "i3blocks-pulseaudio" ''
+        volume=$(pactl get-sink-volume @DEFAULT_SINK@ | grep -Po '\d+%' | head -1)
+        muted=$(pactl get-sink-mute @DEFAULT_SINK@ | grep -o 'yes')
+        if [ "$muted" = "yes" ]; then
+          echo "🔇"
+        else
+          vol_num=''${volume%\%}
+          if [ $vol_num -le 33 ]; then
+            echo "🔈 $volume"
+          elif [ $vol_num -le 66 ]; then
+            echo "🔉 $volume"
+          else
+            echo "🔊 $volume"
+          fi
+        fi
+      ''}
+      interval=1
+      signal=10
+      separator=true
+
+      [backlight]
+      command=${pkgs.writeShellScript "i3blocks-backlight" ''
+        if command -v brightnessctl &>/dev/null; then
+          brightnessctl g | awk -v max=$(brightnessctl m) '{printf "☀️ %.0f%%\n", ($1/max)*100}'
+        fi
+      ''}
+      interval=1
+      separator=true
+
+      [network]
+      command=${pkgs.writeShellScript "i3blocks-network" ''
+        if iwgetid -r &>/dev/null; then
+          ssid=$(iwgetid -r)
+          signal=$(grep "^\s*w" /proc/net/wireless | awk '{print int($3 * 100 / 70)}')
+          echo "📶 $ssid ($signal%)"
+        else
+          ip=$(ip -4 addr show | grep -oP '(?<=inet\s)\d+(\.\d+){3}' | grep -v '127.0.0.1' | head -1)
+          if [ -n "$ip" ]; then
+            echo "🔌 $ip"
+          else
+            echo "❌"
+          fi
+        fi
+      ''}
+      interval=5
+      separator=true
+
+      [battery]
+      command=${pkgs.writeShellScript "i3blocks-battery" ''
+        if [ -d /sys/class/power_supply/BAT0 ]; then
+          capacity=$(cat /sys/class/power_supply/BAT0/capacity)
+          status=$(cat /sys/class/power_supply/BAT0/status)
+
+          if [ "$status" = "Charging" ]; then
+            echo "⚡ $capacity%"
+          else
+            echo "🔋 $capacity%"
+          fi
+        fi
+      ''}
+      interval=10
+      separator=true
+
+      [time]
+      command=date '+%Y-%m-%d %H:%M'
+      interval=1
+      separator=false
+    '';
+
     xsession.windowManager.i3 = let
       base_i3_config = recursiveUpdate shared_config {
         bars = [{
           position = "bottom";
-          statusCommand = "${pkgs.i3status}/bin/i3status";
+          statusCommand = "${pkgs.i3blocks}/bin/i3blocks";
           trayOutput = "primary";  # Enable system tray on primary output
+          fonts = {
+            names = [ "Fira Code" "monospace" ];
+            size = 11.0;
+          };
+          colors = {
+            background = "#000000";
+            statusline = "#ffffff";
+            separator = "#666666";
+
+            # Workspace button colors (matching waybar)
+            focusedWorkspace = {
+              border = "#285577";
+              background = "#285577";
+              text = "#ffffff";
+            };
+            activeWorkspace = {
+              border = "#5f676a";
+              background = "#5f676a";
+              text = "#ffffff";
+            };
+            inactiveWorkspace = {
+              border = "#222222";
+              background = "#222222";
+              text = "#888888";
+            };
+            urgentWorkspace = {
+              border = "#900000";
+              background = "#900000";
+              text = "#ffffff";
+            };
+          };
         }];
         keybindings = shared_config.keybindings // {
           "${shared_config.modifier}+d" = "exec rofi -show drun";
@@ -315,7 +437,5 @@ in {
         sidebar-mode = true;
       };
     };
-
-    programs.i3status.enable = true;
   };
 }

home/roles/desktop/default.nix

@@ -13,7 +13,7 @@ in
   config = mkIf cfg.enable {
     home.packages = with pkgs; [
       # Desktop applications
-      bitwarden
+      bitwarden-desktop
       dunst
       keepassxc
       unstable.ghostty

machines/nix-book/configuration.nix

@@ -21,6 +21,11 @@
     };
     nfs-mounts.enable = true;
     printing.enable = true;
+    remote-build.builders = [{
+      hostName = "zix790prors";
+      maxJobs = 16;
+      speedFactor = 3;
+    }];
     spotifyd.enable = true;
     users = {
       enable = true;

machines/nix-deck/configuration.nix

@@ -0,0 +1,41 @@
+{ pkgs, ... }:
+{
+  imports = [
+    ./hardware-configuration.nix
+  ];
+
+  roles = {
+    audio.enable = true;
+    bluetooth.enable = true;
+    desktop = {
+      enable = true;
+      wayland = true;
+      gaming.enable = true;
+      kde = true;
+      sddm = true;
+      steamos = {
+        enable = true;
+        autoStart = false;
+        desktopSession = "plasmawayland";
+      };
+    };
+    remote-build.builders = [{
+      hostName = "zix790prors";
+      maxJobs = 16;
+      speedFactor = 4;  # Prefer remote heavily on Steam Deck
+    }];
+    users = {
+      enable = true;
+      extraGroups = [ "video" ];
+    };
+  };
+
+  # Bootloader
+  boot.loader.systemd-boot.enable = true;
+  boot.loader.efi.canTouchEfiVariables = true;
+
+  networking.hostName = "nix-deck";
+  networking.networkmanager.enable = true;
+
+  system.stateVersion = "25.05";
+}

machines/nix-deck/hardware-configuration.nix

@@ -0,0 +1,51 @@
+# Hardware configuration for Steam Deck (nix-deck)
+# Generated from nixos-generate-config on 2025-11-17
+
+{ config, lib, pkgs, modulesPath, ... }:
+
+{
+  imports = [
+    (modulesPath + "/installer/scan/not-detected.nix")
+  ];
+
+  # Steam Deck specific hardware configuration (Jovian)
+  jovian.devices.steamdeck = {
+    enable = true;
+    autoUpdate = false;  # Set to true if you want automatic firmware updates
+  };
+
+  # Kernel modules detected by nixos-generate-config
+  boot.initrd.availableKernelModules = [
+    "nvme"
+    "xhci_pci"
+    "usb_storage"
+    "uas"
+    "usbhid"
+    "sd_mod"
+    "sdhci_pci"
+  ];
+  boot.initrd.kernelModules = [ ];
+  boot.kernelModules = [ "kvm-amd" ];
+  boot.extraModulePackages = [ ];
+
+  # IMPORTANT: Update these filesystem configurations based on your actual partition layout
+  # The configuration below is a placeholder - adjust according to how you partitioned the disk
+  fileSystems."/" = {
+    device = "/dev/disk/by-label/nixos";
+    fsType = "ext4";
+  };
+
+  fileSystems."/boot" = {
+    device = "/dev/disk/by-label/boot";
+    fsType = "vfat";
+  };
+
+  swapDevices = [{
+    device = "/swapfile";
+    size = 8192;  # 8GB swap file
+  }];
+
+  # AMD CPU microcode updates
+  nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
+  hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
+}

machines/zix790prors/configuration.nix

@@ -29,6 +29,7 @@ with lib;
     nfs-mounts.enable = true;
     nvidia.enable = true;
     printing.enable = true;
+    remote-build.enableBuilder = true;
     users.enable = true;
     virtualisation.enable = true;
   };
@@ -58,18 +59,9 @@ with lib;
   '';
 
   hardware.nvidia = {
-    # Modesetting is required.
     modesetting.enable = true;
-    
-    # Enable the Nvidia settings menu,
-    # accessible via `nvidia-settings`.
     nvidiaSettings = true;
-    
-    # Optionally, you may need to select the appropriate driver version for your specific GPU.
     package = pkgs.linuxPackages.nvidiaPackages.stable;
-    
-    # Use open source kernel modules (recommended for RTX/GTX 16xx and newer)
-    # Set to false if you have an older GPU
     open = true;
     
     # For gaming performance

roles/default.nix

@@ -12,6 +12,7 @@ with lib;
     ./nfs-mounts
     ./nvidia
     ./printing
+    ./remote-build
     ./spotifyd
     ./users
     ./virtualisation

roles/desktop/default.nix

@@ -23,5 +23,6 @@ with lib;
     ./kde.nix
     ./programs.nix
     ./sddm.nix
+    ./steamos.nix
   ];
 }

roles/desktop/gaming.nix

@@ -19,8 +19,10 @@ in
 
     (mkIf (cfg.enable && cfg.gaming.emulation) {
       environment.systemPackages = with pkgs; [
-        ryubing
         dolphin-emu
+        dolphin-emu-primehack
+        retroarch-full
+        ryubing
       ];
       # TODO: Remove me once dolphin-emu and dolphin-emu-primehack update
       #       dependencies to mbedtls from mbedtls_2 (which is currently)

roles/desktop/steamos.nix

@@ -0,0 +1,47 @@
+{ lib, config, pkgs, ... }:
+
+with lib;
+
+let
+  cfg = config.roles.desktop;
+in
+{
+  options.roles.desktop.steamos = {
+    enable = mkEnableOption "SteamOS (Jovian) configuration";
+
+    autoStart = mkOption {
+      type = types.bool;
+      default = false;
+      description = "Automatically start Steam Deck UI on boot";
+    };
+
+    user = mkOption {
+      type = types.str;
+      default = "johno";
+      description = "User to run Steam as";
+    };
+
+    desktopSession = mkOption {
+      type = types.nullOr types.str;
+      default = null;
+      description = "Desktop session to launch when switching to Desktop Mode";
+    };
+
+    enableDeckyLoader = mkOption {
+      type = types.bool;
+      default = true;
+      description = "Enable Decky Loader plugin system";
+    };
+  };
+
+  config = mkIf (cfg.enable && cfg.steamos.enable) {
+    jovian.steam = {
+      enable = true;
+      autoStart = cfg.steamos.autoStart;
+      user = cfg.steamos.user;
+      desktopSession = cfg.steamos.desktopSession;
+    };
+
+    jovian.decky-loader.enable = cfg.steamos.enableDeckyLoader;
+  };
+}

roles/jovian-compat.nix

@@ -0,0 +1,43 @@
+{ lib, config, ... }:
+
+# Compatibility shim to provide services.logind.settings for NixOS 25.05
+# This allows Jovian-NixOS to work with stable NixOS
+# REMOVE THIS FILE when upgrading to NixOS 25.11 or later
+
+with lib;
+
+let
+  nixosVersion = config.system.nixos.release;
+  isCompatibleVersion = versionOlder nixosVersion "25.11";
+in
+{
+  options.services.logind.settings = mkOption {
+    type = types.attrsOf (types.attrsOf types.anything);
+    default = {};
+    description = "systemd-logind configuration. See logind.conf(5) for available options.";
+  };
+
+  config = mkMerge [
+    {
+      assertions = [
+        {
+          assertion = isCompatibleVersion;
+          message = ''
+            The Jovian compatibility shim (roles/jovian-compat.nix) is only needed for NixOS 25.05 and earlier.
+            You are running NixOS ${nixosVersion}.
+            Please remove 'roles/jovian-compat.nix' from your flake.nix imports.
+          '';
+        }
+      ];
+    }
+    (mkIf (config.services.logind.settings != {}) {
+      # Convert the settings to extraConfig format for older NixOS
+      services.logind.extraConfig = let
+        mkSection = section: settings:
+          "[${section}]\n" +
+          (concatStringsSep "\n" (mapAttrsToList (k: v: "${k}=${toString v}") settings));
+      in
+        concatStringsSep "\n\n" (mapAttrsToList mkSection config.services.logind.settings);
+    })
+  ];
+}

roles/remote-build/default.nix

@@ -0,0 +1,127 @@
+{ lib, config, pkgs, ... }:
+
+with lib;
+
+let
+  cfg = config.roles.remote-build;
+in
+{
+  options.roles.remote-build = {
+    enableBuilder = mkOption {
+      type = types.bool;
+      default = false;
+      description = "Enable this machine as a remote build host for other machines";
+    };
+
+    builderUser = mkOption {
+      type = types.str;
+      default = "nix-builder";
+      description = "User account for remote builders to connect as";
+    };
+
+    builders = mkOption {
+      type = types.listOf (types.submodule {
+        options = {
+          hostName = mkOption {
+            type = types.str;
+            description = "Hostname or IP address of the build machine";
+          };
+
+          systems = mkOption {
+            type = types.listOf types.str;
+            default = [ "x86_64-linux" ];
+            description = "Supported systems";
+          };
+
+          maxJobs = mkOption {
+            type = types.int;
+            default = 8;
+            description = "Maximum number of parallel build jobs";
+          };
+
+          speedFactor = mkOption {
+            type = types.int;
+            default = 2;
+            description = "Speed factor compared to local building (higher = prefer remote)";
+          };
+
+          supportedFeatures = mkOption {
+            type = types.listOf types.str;
+            default = [ "nixos-test" "benchmark" "big-parallel" "kvm" ];
+            description = "Supported build features";
+          };
+
+          sshUser = mkOption {
+            type = types.str;
+            default = "nix-builder";
+            description = "SSH user for connecting to the builder";
+          };
+
+          sshKey = mkOption {
+            type = types.nullOr types.path;
+            default = null;
+            description = "Path to SSH private key for authentication";
+          };
+        };
+      });
+      default = [];
+      description = "List of remote build machines to use";
+    };
+
+    fallbackToLocalBuild = mkOption {
+      type = types.bool;
+      default = true;
+      description = "Fallback to local building if remote builders are unavailable";
+    };
+  };
+
+  config = mkMerge [
+    # Builder host configuration
+    (mkIf cfg.enableBuilder {
+      # Create dedicated builder user
+      users.users.${cfg.builderUser} = {
+        isSystemUser = true;
+        group = cfg.builderUser;
+        description = "Nix remote build user";
+        home = "/var/lib/${cfg.builderUser}";
+        createHome = true;
+        shell = pkgs.bashInteractive;
+        openssh.authorizedKeys.keyFiles = [];  # Will be populated by client machines
+      };
+
+      users.groups.${cfg.builderUser} = {};
+
+      # Allow builder user to perform builds
+      nix.settings.trusted-users = [ cfg.builderUser ];
+
+      # Allow remote builds
+      services.openssh.enable = true;
+
+      # Ensure nix-daemon is accessible
+      nix.settings.allowed-users = [ "*" ];
+    })
+
+    # Client configuration (machines using remote builders)
+    (mkIf (cfg.builders != []) {
+      nix.buildMachines = map (builder: {
+        hostName = builder.hostName;
+        systems = builder.systems;
+        maxJobs = builder.maxJobs;
+        speedFactor = builder.speedFactor;
+        supportedFeatures = builder.supportedFeatures;
+        sshUser = builder.sshUser;
+        sshKey = builder.sshKey;
+      }) cfg.builders;
+
+      nix.distributedBuilds = true;
+
+      # Use substitutes from remote builders
+      nix.extraOptions = ''
+        builders-use-substitutes = true
+      '';
+
+      # Fallback to local build if remote unavailable
+      nix.settings.fallback = cfg.fallbackToLocalBuild;
+    })
+  ];
+}