[desktop] Add steam sleep inhibitor

Adds sleep inhibitor based on whether or not Steam is actively streaming a remote session
2025-07-19 15:11:33 -07:00
18 changed files with 156 additions and 998 deletions
--- a/build-liveusb.sh
+++ b/build-liveusb.sh
@@ -1,19 +0,0 @@
 #!/usr/bin/env bash
 # Build Live USB ISO from flake configuration
 # Creates an uncompressed ISO suitable for Ventoy and other USB boot tools
 set -e
 echo "Building Live USB ISO..."
 nix build .#nixosConfigurations.live-usb.config.system.build.isoImage --show-trace
 if [ -f "./result/iso/"*.iso ]; then
    iso_file=$(ls ./result/iso/*.iso)
    echo "✅ Build complete!"
    echo "📁 ISO location: $iso_file"
    echo "💾 Ready for Ventoy or dd to USB"
 else
    echo "❌ Build failed - no ISO file found"
    exit 1
 fi
--- a/flake.lock
+++ b/flake.lock
@@ -43,11 +43,11 @@
        ]
      },
      "locked": {
-        "lastModified": 1755914636,
+        "lastModified": 1752402455,
-        "narHash": "sha256-VJ+Gm6YsHlPfUCpmRQxvdiZW7H3YPSrdVOewQHAhZN8=",
+        "narHash": "sha256-mCHfZhQKdTj2JhCFcqfOfa3uKZbwUkPQbd0/zPnhOE8=",
        "owner": "nix-community",
        "repo": "home-manager",
-        "rev": "8b55a6ac58b678199e5bba701aaff69e2b3281c0",
+        "rev": "bf893ad4cbf46610dd1b620c974f824e266cd1df",
        "type": "github"
      },
      "original": {
@@ -62,11 +62,11 @@
        "nixpkgs": "nixpkgs"
      },
      "locked": {
-        "lastModified": 1755261305,
+        "lastModified": 1752199438,
-        "narHash": "sha256-EOqCupB5X5WoGVHVcfOZcqy0SbKWNuY3kq+lj1wHdu8=",
+        "narHash": "sha256-xSBMmGtq8K4Qv80TMqREmESCAsRLJRHAbFH2T/2Bf1Y=",
        "owner": "nix-community",
        "repo": "NixOS-WSL",
-        "rev": "203a7b463f307c60026136dd1191d9001c43457f",
+        "rev": "d34d9412556d3a896e294534ccd25f53b6822e80",
        "type": "github"
      },
      "original": {
@@ -78,11 +78,11 @@
    },
    "nixpkgs": {
      "locked": {
-        "lastModified": 1754725699,
+        "lastModified": 1751792365,
-        "narHash": "sha256-iAcj9T/Y+3DBy2J0N+yF9XQQQ8IEb5swLFzs23CdP88=",
+        "narHash": "sha256-J1kI6oAj25IG4EdVlg2hQz8NZTBNYvIS0l4wpr9KcUo=",
        "owner": "NixOS",
        "repo": "nixpkgs",
-        "rev": "85dbfc7aaf52ecb755f87e577ddbe6dbbdbc1054",
+        "rev": "1fd8bada0b6117e6c7eb54aad5813023eed37ccb",
        "type": "github"
      },
      "original": {
@@ -94,11 +94,11 @@
    },
    "nixpkgs_2": {
      "locked": {
-        "lastModified": 1755615617,
+        "lastModified": 1751984180,
-        "narHash": "sha256-HMwfAJBdrr8wXAkbGhtcby1zGFvs+StOp19xNsbqdOg=",
+        "narHash": "sha256-LwWRsENAZJKUdD3SpLluwDmdXY9F45ZEgCb0X+xgOL0=",
        "owner": "nixos",
        "repo": "nixpkgs",
-        "rev": "20075955deac2583bb12f07151c2df830ef346b4",
+        "rev": "9807714d6944a957c2e036f84b0ff8caf9930bc0",
        "type": "github"
      },
      "original": {
@@ -118,11 +118,11 @@
        ]
      },
      "locked": {
-        "lastModified": 1754501628,
+        "lastModified": 1748196248,
-        "narHash": "sha256-FExJ54tVB5iu7Dh2tLcyCSWpaV+lmUzzWKZUkemwXvo=",
+        "narHash": "sha256-1iHjsH6/5UOerJEoZKE+Gx1BgAoge/YcnUsOA4wQ/BU=",
        "owner": "nix-community",
        "repo": "plasma-manager",
-        "rev": "cca090f8115c4172b9aef6c5299ae784bdd5e133",
+        "rev": "b7697abe89967839b273a863a3805345ea54ab56",
        "type": "github"
      },
      "original": {
--- a/flake.nix
+++ b/flake.nix
@@ -74,34 +74,6 @@
      ];
    };
    nixosConfigurations.zix790prors = nixpkgs.lib.nixosSystem rec {
      system = "x86_64-linux";
      modules = baseModules ++ [
        ./machines/zix790prors/configuration.nix
        inputs.home-manager.nixosModules.home-manager
        {
          home-manager.users.johno = import ./home/home.nix;
          home-manager.extraSpecialArgs = { inherit system; };
        }
      ];
    };
    # Live USB ISO configuration
    nixosConfigurations.live-usb = nixpkgs.lib.nixosSystem rec {
      system = "x86_64-linux";
      modules = baseModules ++ [
        ./machines/live-usb/configuration.nix
        {
          home-manager.users.nixos = { ... }: {
            imports = [ ./home/home.nix ];
            home.username = nixpkgs.lib.mkForce "nixos";
            home.homeDirectory = nixpkgs.lib.mkForce "/home/nixos";
          };
          home-manager.extraSpecialArgs = { inherit system; };
        }
      ];
    };
    homeConfigurations."johno" = inputs.home-manager.lib.homeManagerConfiguration {
      pkgs = inputs.nixpkgs.legacyPackages."x86_64-linux";
      modules = [
--- a/home/home.nix
+++ b/home/home.nix
@@ -57,7 +57,6 @@ in
    pkgs.ncdu
    pkgs.nextcloud-talk-desktop
    pkgs.openscad-unstable
    pkgs.syncthingtray
    pkgs.pandoc
    #pkgs.pinentry-qt
    #pkgs.pytest
@@ -69,7 +68,9 @@ in
    pkgs.wofi
    pkgs.vlc
-    ## Kubernetes cluster management handled by kubectl-secure module
+    ## Kubernetes cluster management
    pkgs.kubectl
    pkgs.kubernetes-helm
    globalInputs.google-cookie-retrieval.packages.${system}.default
  ];
@@ -116,7 +117,6 @@ in
  imports = [
    ./modules/emacs
    ./modules/i3+sway
    ./modules/kubectl
    ./modules/plasma-manager
    ./modules/tmux
  ];
@@ -152,7 +152,7 @@ in
  programs.jq.enable = true;
-  programs.kubectl-secure.enable = true;
+  programs.k9s.enable = true;
  programs.neovim = {
    enable = true;
@@ -194,6 +194,10 @@ in
  services.syncthing = {
    enable = true;
    tray = {
      enable = true;
      command = "syncthingtray --wait";
    };
  };
  xdg.enable = true;
--- a/home/modules/kubectl/default.nix
+++ b/home/modules/kubectl/default.nix
@@ -1,249 +0,0 @@
 { config, lib, pkgs, ... }:
 with lib;
 let
  cfg = config.programs.kubectl-secure;
 in
 {
  options.programs.kubectl-secure = {
    enable = mkEnableOption "secure kubectl configuration with Bitwarden integration";
  };
  config = mkIf cfg.enable {
    home.packages = with pkgs; [
      kubectl
      kubernetes-helm
    ];
    programs.k9s.enable = true;
    programs.bash.initExtra = mkAfter ''
      # Kubectl secure session management
      export KUBECTL_SESSION_DIR="/dev/shm/kubectl-$$"
      kube-select() {
        if [[ $# -ne 1 ]]; then
          echo "Usage: kube-select <context-name>"
          echo "Available contexts: $(kube-list)"
          return 1
        fi
        local context="$1"
        # Clean up any existing session first
        kube-clear 2>/dev/null
        # Create new session directory
        mkdir -p "$KUBECTL_SESSION_DIR"
        chmod 700 "$KUBECTL_SESSION_DIR"
        # Set cleanup trap for this shell session
        trap "rm -rf '$KUBECTL_SESSION_DIR' 2>/dev/null" EXIT
        # Set KUBECONFIG for this session
        export KUBECONFIG="$KUBECTL_SESSION_DIR/config"
        # Load config from Bitwarden secure notes
        if ! rbw get "kubectl-$context" > "$KUBECONFIG" 2>/dev/null; then
          echo "Error: Could not retrieve kubectl-$context from Bitwarden"
          echo "Make sure the entry exists with name: kubectl-$context"
          kube-clear
          return 1
        fi
        # Verify the kubeconfig is valid
        if ! kubectl config view >/dev/null 2>&1; then
          echo "Error: Invalid kubeconfig retrieved from Bitwarden"
          kube-clear
          return 1
        fi
        echo "✓ Loaded kubectl context: $context (session: $$)"
        echo "  Config location: $KUBECONFIG"
      }
      kube-list() {
        echo "Available kubectl contexts in Bitwarden:"
        rbw search kubectl- 2>/dev/null | grep "^kubectl-" | sed 's/^kubectl-/  - /' || echo "  (none found or rbw not accessible)"
      }
      kube-clear() {
        if [[ -n "$KUBECTL_TIMEOUT_PID" ]]; then
          kill "$KUBECTL_TIMEOUT_PID" 2>/dev/null
          unset KUBECTL_TIMEOUT_PID
        fi
        if [[ -d "$KUBECTL_SESSION_DIR" ]]; then
          rm -rf "$KUBECTL_SESSION_DIR"
          echo "Cleared kubectl session ($$)"
        fi
        unset KUBECONFIG
      }
      kube-status() {
        if [[ -f "$KUBECONFIG" ]]; then
          local current_context
          current_context=$(kubectl config current-context 2>/dev/null)
          if [[ -n "$current_context" ]]; then
            echo "Active kubectl context: $current_context"
            echo "Session: $$ | Config: $KUBECONFIG"
            # Show cluster info
            local cluster_server
            cluster_server=$(kubectl config view --minify -o jsonpath='{.clusters[0].cluster.server}' 2>/dev/null)
            if [[ -n "$cluster_server" ]]; then
              echo "Cluster: $cluster_server"
            fi
          else
            echo "No active context in current session"
          fi
        else
          echo "No kubectl session active in this shell"
          echo "Use 'kube-select <context>' to start a session"
        fi
      }
      # Helper function to show available commands
      kube-help() {
        echo "Secure kubectl session management commands:"
        echo ""
        echo "Session management:"
        echo "  kube-select <context>     - Load kubeconfig from Bitwarden"
        echo "  kube-status              - Show current session status"
        echo "  kube-clear               - Clear current session"
        echo ""
        echo "Configuration management:"
        echo "  kube-list                - List available contexts in Bitwarden"
        echo ""
        echo "Help:"
        echo "  kube-help                - Show this help"
        echo ""
        echo "Examples:"
        echo "  kube-select prod                     # Loads from secure note"
        echo "  kubectl get pods"
        echo "  kube-clear"
        echo ""
        echo "Note: Kubeconfigs are stored as secure notes in Bitwarden"
      }
    '';
    programs.zsh.initExtra = mkAfter ''
      # Kubectl secure session management (zsh)
      export KUBECTL_SESSION_DIR="/dev/shm/kubectl-$$"
      kube-select() {
        if [[ $# -ne 1 ]]; then
          echo "Usage: kube-select <context-name>"
          echo "Available contexts: $(kube-list)"
          return 1
        fi
        local context="$1"
        # Clean up any existing session first
        kube-clear 2>/dev/null
        # Create new session directory
        mkdir -p "$KUBECTL_SESSION_DIR"
        chmod 700 "$KUBECTL_SESSION_DIR"
        # Set cleanup trap for this shell session
        trap "rm -rf '$KUBECTL_SESSION_DIR' 2>/dev/null" EXIT
        # Set KUBECONFIG for this session
        export KUBECONFIG="$KUBECTL_SESSION_DIR/config"
        # Load config from Bitwarden secure notes
        if ! rbw get "kubectl-$context" > "$KUBECONFIG" 2>/dev/null; then
          echo "Error: Could not retrieve kubectl-$context from Bitwarden"
          echo "Make sure the entry exists with name: kubectl-$context"
          kube-clear
          return 1
        fi
        # Verify the kubeconfig is valid
        if ! kubectl config view >/dev/null 2>&1; then
          echo "Error: Invalid kubeconfig retrieved from Bitwarden"
          kube-clear
          return 1
        fi
        echo "✓ Loaded kubectl context: $context (session: $$)"
        echo "  Config location: $KUBECONFIG"
        # Optional: Set timeout cleanup
        if [[ ${toString cfg.sessionTimeout} -gt 0 ]]; then
          (sleep ${toString cfg.sessionTimeout}; kube-clear 2>/dev/null) &
          export KUBECTL_TIMEOUT_PID=$!
        fi
      }
      kube-list() {
        echo "Available kubectl contexts in Bitwarden:"
        rbw search kubectl- 2>/dev/null | grep "^kubectl-" | sed 's/^kubectl-/  - /' || echo "  (none found or rbw not accessible)"
      }
      kube-clear() {
        if [[ -n "$KUBECTL_TIMEOUT_PID" ]]; then
          kill "$KUBECTL_TIMEOUT_PID" 2>/dev/null
          unset KUBECTL_TIMEOUT_PID
        fi
        if [[ -d "$KUBECTL_SESSION_DIR" ]]; then
          rm -rf "$KUBECTL_SESSION_DIR"
          echo "Cleared kubectl session ($$)"
        fi
        unset KUBECONFIG
      }
      kube-status() {
        if [[ -f "$KUBECONFIG" ]]; then
          local current_context
          current_context=$(kubectl config current-context 2>/dev/null)
          if [[ -n "$current_context" ]]; then
            echo "Active kubectl context: $current_context"
            echo "Session: $$ | Config: $KUBECONFIG"
            # Show cluster info
            local cluster_server
            cluster_server=$(kubectl config view --minify -o jsonpath='{.clusters[0].cluster.server}' 2>/dev/null)
            if [[ -n "$cluster_server" ]]; then
              echo "Cluster: $cluster_server"
            fi
          else
            echo "No active context in current session"
          fi
        else
          echo "No kubectl session active in this shell"
          echo "Use 'kube-select <context>' to start a session"
        fi
      }
      # Helper function to show available commands
      kube-help() {
        echo "Secure kubectl session management commands:"
        echo ""
        echo "Session management:"
        echo "  kube-select <context>     - Load kubeconfig from Bitwarden"
        echo "  kube-status              - Show current session status"
        echo "  kube-clear               - Clear current session"
        echo ""
        echo "Configuration management:"
        echo "  kube-list                - List available contexts in Bitwarden"
        echo ""
        echo "Help:"
        echo "  kube-help                - Show this help"
        echo ""
        echo "Examples:"
        echo "  kube-select prod                     # Loads from secure note"
        echo "  kubectl get pods"
        echo "  kube-clear"
        echo ""
        echo "Note: Kubeconfigs are stored as secure notes in Bitwarden"
      }
    '';
  };
 }
--- a/machines/boxy/configuration.nix
+++ b/machines/boxy/configuration.nix
@@ -17,7 +17,7 @@ with lib;
    bluetooth.enable = true;
    desktop = {
      enable = true;
-      gaming.enable = true;
+      gaming = true;
      kde = true;
      sddm = true;
      wayland = true;
--- a/machines/live-usb/configuration.nix
+++ b/machines/live-usb/configuration.nix
@@ -1,89 +0,0 @@
 # Live USB ISO configuration for recovery and installation
 { pkgs, modulesPath, ... }:
 {
  imports = [
    # Use minimal installation CD as base
    (modulesPath + "/installer/cd-dvd/installation-cd-minimal.nix")
  ];
  # Use roles structure for consistent configuration
  roles = {
    audio.enable = true;
    bluetooth.enable = true;
    desktop = {
      enable = true;
      kde = true;
      x11 = true;
      wayland = true;
      sddm = true;
    };
  };
  # Allow unfree packages for broader hardware support
  nixpkgs.config.allowUnfree = true;
  # Essential packages for system recovery and installation
  environment.systemPackages = with pkgs; [
    # Text editors
    neovim
    nano
    # System tools
    git
    curl
    wget
    htop
    tree
    lsof
    strace
    # Filesystem tools
    btrfs-progs
    e2fsprogs
    xfsprogs
    ntfs3g
    dosfstools
    # Network tools
    networkmanager
    wirelesstools
    # Hardware tools
    pciutils
    usbutils
    smartmontools
    # Archive tools
    unzip
    p7zip
    # Development tools (for quick fixes)
    gcc
    binutils
  ];
  # Enable NetworkManager for easy wifi setup
  networking.networkmanager.enable = true;
  # Enable SSH daemon for remote access
  services.openssh = {
    enable = true;
    settings = {
      PermitRootLogin = "yes";
      PasswordAuthentication = true;
    };
  };
  # ISO customization
  isoImage = {
    volumeID = "NIXOS-LIVE";
  };
  # Enable some useful services
  services.udisks2.enable = true; # For mounting USB drives
  # Hardware support
  hardware.enableAllFirmware = true;
  hardware.enableRedistributableFirmware = true;
 }
--- a/machines/nix-book/configuration.nix
+++ b/machines/nix-book/configuration.nix
@@ -15,7 +15,7 @@
    desktop = {
      enable = true;
      wayland = true;
-      gaming.enable = false;
+      gaming = false;
      kde = true;
      sddm = true;
    };
@@ -39,7 +39,6 @@
  boot.kernelPackages = pkgs.linuxPackages_latest;
  # Enable networking
  networking.networkmanager.enable = true;
--- a/machines/nix-book/hardware-configuration.nix
+++ b/machines/nix-book/hardware-configuration.nix
@@ -10,28 +10,16 @@
  boot.initrd.availableKernelModules = [ "xhci_pci" "thunderbolt" "vmd" "nvme" "sdhci_pci" ];
  boot.initrd.kernelModules = [ ];
  boot.initrd.luks.devices."luks-4126fbd4-bd09-4ece-af0d-6fff414c21b3".device = "/dev/disk/by-uuid/4126fbd4-bd09-4ece-af0d-6fff414c21b3";
  boot.kernelModules = [ "kvm-intel" ];
  boot.extraModulePackages = [ ];
-  roles.btrfs = {
+  fileSystems."/" =
-    enable = true;
+    { device = "/dev/disk/by-uuid/bd396529-e2c4-47cb-b844-8d6ed841f81a";
-    filesystems."/dev/disk/by-uuid/223a44e5-91e2-4272-830e-129166042a1d" = {
+      fsType = "ext4";
      mountpoints = {
        "/" = {
          compression = "zstd";
          extraOptions = [ "noatime" ];
        };
      };
      scrub.enable = true;
      deduplication = {
        enable = true;
        hashTableSizeMB = 32;
        verbosity = "err";
      };
    };
    };
  boot.initrd.luks.devices."luks-4126fbd4-bd09-4ece-af0d-6fff414c21b3".device = "/dev/disk/by-uuid/4126fbd4-bd09-4ece-af0d-6fff414c21b3";
  fileSystems."/boot" =
    { device = "/dev/disk/by-uuid/7A0B-CF88";
      fsType = "vfat";
--- a/machines/nix-book/nixbook-btrfs-migration.md
+++ b/machines/nix-book/nixbook-btrfs-migration.md
@@ -1,223 +0,0 @@
 # NixBook ext4 to btrfs Migration Guide
 ## Overview
 This guide converts your nixbook machine from ext4 to btrfs with zstd compression and beesd deduplication while preserving your LUKS encryption and all data.
 ## Current System Info
 - **Hostname**: nix-book
 - **Root filesystem**: ext4 on `/dev/disk/by-uuid/bd396529-e2c4-47cb-b844-8d6ed841f81a`
 - **Encryption**: LUKS with two devices configured
 - **Current usage**: 138GB used / 225GB total (65% full)
 - **Free space**: 76GB available (sufficient for conversion)
 ## Pre-Migration Checklist
 ### 1. Create Full System Backup (CRITICAL)
 ```bash
 # Boot from NixOS live USB
 # Mount encrypted filesystem
 cryptsetup luksOpen /dev/disk/by-uuid/4126fbd4-bd09-4ece-af0d-6fff414c21b3 luks-nixbook
 mount /dev/mapper/luks-nixbook /mnt
 # Create backup to external drive (adjust target as needed)
 rsync -avxHAX --progress /mnt/ /path/to/backup/nixbook-backup/
 ```
 ### 2. Verify Configuration Changes
 The following files have been updated for btrfs:
 - `machines/nix-book/configuration.nix` - Added beesd service
 - `machines/nix-book/hardware-configuration.nix` - Changed fsType to btrfs with compression
 ## Migration Process
 ### Phase 1: Boot to Live Environment
 1. **Create NixOS live USB**:
   ```bash
   # Download latest NixOS ISO
   # Flash to USB drive
   dd if=nixos-minimal-xx.xx-x86_64-linux.iso of=/dev/sdX bs=4M status=progress
   ```
 2. **Boot from live USB** and ensure you can access the encrypted drives
 ### Phase 2: Filesystem Conversion
 3. **Unlock LUKS volumes**:
   ```bash
   cryptsetup luksOpen /dev/disk/by-uuid/4126fbd4-bd09-4ece-af0d-6fff414c21b3 luks-nixbook
   cryptsetup luksOpen /dev/disk/by-uuid/b614167b-9045-4234-a441-ac6f60a96d81 luks-nixbook2
   ```
 4. **Check filesystem before conversion**:
   ```bash
   fsck.ext4 -f /dev/mapper/luks-nixbook
   ```
 5. **Convert ext4 to btrfs** (this preserves all data):
   ```bash
   # Install btrfs-progs if not available
   nix-shell -p btrfs-progs
   # Convert the filesystem (takes 15-45 minutes depending on data)
   btrfs-convert /dev/mapper/luks-nixbook
   # Verify conversion succeeded
   mount /dev/mapper/luks-nixbook /mnt
   ls -la /mnt  # Should show your normal filesystem
   btrfs filesystem show /mnt
   ```
 6. **Get new filesystem UUID** (may have changed):
   ```bash
   blkid /dev/mapper/luks-nixbook
   # Note the new UUID if it changed
   ```
 ### Phase 3: Configuration Update
 7. **Mount and chroot into system**:
   ```bash
   mount -o compress=zstd,noatime /dev/mapper/luks-nixbook /mnt
   mount /dev/disk/by-uuid/7A0B-CF88 /mnt/boot
   nixos-enter --root /mnt
   ```
 8. **Update hardware-configuration.nix** if UUID changed:
   ```bash
   # Edit /etc/nixos/hardware-configuration.nix if needed
   # Update the UUID in fileSystems."/" section
   ```
 9. **Rebuild system with btrfs configuration**:
   ```bash
   cd /home/johno/nixos-configs
   nixos-rebuild switch --flake .#nix-book
   ```
 ### Phase 4: Enable Compression and Deduplication
 10. **Reboot into new btrfs system**:
    ```bash
    exit  # Exit chroot
    umount -R /mnt
    reboot
    ```
 11. **Verify btrfs is working**:
    ```bash
    mount | grep btrfs
    btrfs filesystem usage /
    ```
 12. **Enable and start beesd**:
    ```bash
    systemctl status beesd-root
    systemctl start beesd-root
    systemctl enable beesd-root
    ```
 13. **Force compression on existing files** (optional but recommended):
    ```bash
    # This will compress existing files with zstd
    btrfs filesystem defragment -r -czstd /
    ```
 ## Post-Migration Verification
 ### Check System Health
 ```bash
 # Verify btrfs health
 btrfs scrub start /
 btrfs scrub status /
 # Check compression effectiveness
 compsize /
 # Monitor beesd deduplication
 journalctl -u beesd-root -f
 # Check filesystem usage
 btrfs filesystem usage /
 df -h /
 ```
 ### Performance Monitoring
 ```bash
 # Monitor beesd hash table
 ls -lh /.beeshash
 # Check compression ratio over time
 compsize /home /nix /var
 ```
 ## Expected Benefits
 ### Space Savings
 - **Compression**: 20-30% reduction in disk usage from zstd
 - **Deduplication**: Additional 10-20% savings on duplicate files
 - **Combined**: Potentially 30-40% total space savings
 ### Performance Impact
 - **Compression**: Minimal CPU overhead, often improves I/O performance
 - **Deduplication**: Background process, minimal impact during normal use
 - **Overall**: Should be neutral to positive performance impact
 ## Rollback Plan (Emergency)
 If something goes wrong:
 1. **Boot from live USB**
 2. **Restore from backup**:
   ```bash
   cryptsetup luksOpen /dev/disk/by-uuid/4126fbd4-bd09-4ece-af0d-6fff414c21b3 luks-nixbook
   mkfs.ext4 /dev/mapper/luks-nixbook
   mount /dev/mapper/luks-nixbook /mnt
   rsync -avxHAX --progress /path/to/backup/nixbook-backup/ /mnt/
   ```
 3. **Restore original hardware-configuration.nix** with ext4 settings
 4. **Rebuild and reboot**
 ## Troubleshooting
 ### Common Issues
 **"Device busy" during conversion**:
 - Ensure no processes are accessing the filesystem
 - Check with `lsof` and `fuser`
 **UUID changed after conversion**:
 - Update hardware-configuration.nix with new UUID
 - Regenerate initrd: `nixos-rebuild switch`
 **Beesd service fails to start**:
 - Check disk space for hash table
 - Verify filesystem is btrfs: `mount | grep btrfs`
 - Check logs: `journalctl -u beesd-root`
 **Boot issues after conversion**:
 - Boot from live USB
 - Check /boot partition is mounted correctly
 - Verify LUKS UUIDs match in configuration
 - Rebuild bootloader: `nixos-rebuild switch --install-bootloader`
 ## Maintenance
 ### Regular Tasks
 ```bash
 # Monthly scrub (checks for corruption)
 btrfs scrub start /
 # Monitor compression effectiveness
 compsize /
 # Check beesd deduplication status
 systemctl status beesd-root
 ```
 ### Space Management
 ```bash
 # Balance filesystem (defragments and optimizes)
 btrfs balance start -dusage=50 /
 # Check for space issues
 btrfs filesystem usage /
 ```
 This migration preserves all your data while gaining the benefits of modern btrfs features including transparent compression and automatic deduplication.
--- a/machines/zix790prors/configuration.nix
+++ b/machines/zix790prors/configuration.nix
@@ -1,92 +0,0 @@
 # Edit this configuration file to define what should be installed on
 # your system. Help is available in the configuration.nix(5) man page, on
 # https://search.nixos.org/options and in the NixOS manual (`nixos-help`).
 { lib, pkgs, ... }:
 with lib;
 {
  imports =
    [ # Include the results of the hardware scan.
      ./hardware-configuration.nix
    ];
  roles = {
    audio.enable = true;
    bluetooth.enable = true;
    desktop = {
      enable = true;
      gaming = {
        enable = true;
        emulation = true;
      };
      kde = true;
      sddm = true;
      wayland = true;
    };
    nfs-mounts.enable = true;
    printing.enable = true;
    users.enable = true;
    virtualisation.enable = true;
  };
  # Use the systemd-boot EFI boot loader.
  boot.loader.systemd-boot.enable = true;
  boot.loader.systemd-boot.configurationLimit = 2; # Reduced to save /boot space (TODO Increase /boot partition size)
  boot.loader.efi.canTouchEfiVariables = true;
  boot.loader.timeout = 10;
  networking.hostName = "zix790prors"; # Define your hostname.
  # Enable networking
  networking.networkmanager.enable = true;
  # Fix dual boot clock sync - tell Linux to use local time for hardware clock
  time.hardwareClockInLocalTime = true;
  # NVIDIA Graphics configuration
  services.xserver.videoDrivers = [ "nvidia" ];
  hardware.graphics.enable = true;
  hardware.graphics.enable32Bit = true;
  hardware.nvidia = {
    # Modesetting is required.
    modesetting.enable = true;
    # Enable the Nvidia settings menu,
    # accessible via `nvidia-settings`.
    nvidiaSettings = true;
    # Optionally, you may need to select the appropriate driver version for your specific GPU.
    package = pkgs.linuxPackages.nvidiaPackages.stable;
    # Use open source kernel modules (recommended for RTX/GTX 16xx and newer)
    # Set to false if you have an older GPU
    open = true;
    # For gaming performance
    powerManagement.enable = false;
    powerManagement.finegrained = false;
  };
  # This option defines the first version of NixOS you have installed on this particular machine,
  # and is used to maintain compatibility with application data (e.g. databases) created on older NixOS versions.
  #
  # Most users should NEVER change this value after the initial install, for any reason,
  # even if you've upgraded your system to a new NixOS release.
  #
  # This value does NOT affect the Nixpkgs version your packages and OS are pulled from,
  # so changing it will NOT upgrade your system - see https://nixos.org/manual/nixos/stable/#sec-upgrading for how
  # to actually do that.
  #
  # This value being lower than the current NixOS release does NOT mean your system is
  # out of date, out of support, or vulnerable.
  #
  # Do NOT change this value unless you have manually inspected all the changes it would make to your configuration,
  # and migrated your data accordingly.
  #
  # For more information, see `man configuration.nix` or https://nixos.org/manual/nixos/stable/options#opt-system.stateVersion .
  system.stateVersion = "25.11"; # Did you read the comment?
 }
--- a/machines/zix790prors/hardware-configuration.nix
+++ b/machines/zix790prors/hardware-configuration.nix
@@ -1,57 +0,0 @@
 # Do not modify this file!  It was generated by ‘nixos-generate-config’
 # and may be overwritten by future invocations.  Please make changes
 # to /etc/nixos/configuration.nix instead.
 { config, lib, pkgs, modulesPath, ... }:
 {
  imports =
    [ (modulesPath + "/installer/scan/not-detected.nix")
    ];
  boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "nvme" "usbhid" "usb_storage" "sd_mod" ];
  boot.initrd.kernelModules = [ ];
  boot.kernelModules = [ "kvm-intel" ];
  boot.extraModulePackages = [ ];
  fileSystems."/boot" =
    { device = "/dev/disk/by-uuid/76B0-738E";
      fsType = "vfat";
      options = [ "fmask=0077" "dmask=0077" ];
    };
  roles.btrfs = {
    enable = true;
    filesystems."/dev/disk/by-uuid/ec22734b-d1a3-4c99-8c6f-86f6a8d79007" = {
      mountpoints = {
        "/" = {
          compression = "zstd";
          extraOptions = [ "noatime" ];
        };
      };
      scrub.enable = true;
      deduplication = {
        enable = true;
        hashTableSizeMB = 128;
        verbosity = "err";
      };
    };
    filesystems."/dev/disk/by-uuid/4f9844ac-c1ad-4426-8eb3-21f2306345fb" = {
      mountpoints = {
        "/games" = {
          extraOptions = [ "noatime" ];
        };
      };
      scrub.enable = true;
      deduplication = {
        enable = true;
        hashTableSizeMB = 256;
        verbosity = "err";
      };
    };
  };
  swapDevices = [ ];
  nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
  hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
 }
--- a/roles/btrfs/default.nix
+++ b/roles/btrfs/default.nix
@@ -1,173 +0,0 @@
 { lib, config, pkgs, ... }:
 with lib;
 let
  cfg = config.roles.btrfs;
 in
 {
  options.roles.btrfs = {
    enable = mkEnableOption "Enable btrfs filesystem management";
    filesystems = mkOption {
      type = types.attrsOf (types.submodule {
        options = {
          # Filesystem-level maintenance options
          scrub = {
            enable = mkOption { 
              type = types.bool; 
              default = true;
              description = "Enable automatic scrubbing for this filesystem";
            };
            interval = mkOption { 
              type = types.str; 
              default = "weekly";
              description = "Scrub interval (systemd timer format)";
            };
          };
          deduplication = {
            enable = mkOption { 
              type = types.bool; 
              default = false;
              description = "Enable beesd deduplication for this filesystem";
            };
            hashTableSizeMB = mkOption { 
              type = types.int; 
              default = 1024;
              description = "Hash table size in MB (should be multiple of 16)";
            };
            verbosity = mkOption { 
              type = types.str; 
              default = "info";
              description = "Logging verbosity level";
            };
          };
          balance = {
            enable = mkOption { 
              type = types.bool; 
              default = false;
              description = "Enable periodic balance operations";
            };
            interval = mkOption { 
              type = types.str; 
              default = "monthly";
              description = "Balance interval (systemd timer format)";
            };
            dataUsage = mkOption { 
              type = types.int; 
              default = 50;
              description = "Data usage threshold for balance";
            };
            metadataUsage = mkOption { 
              type = types.int; 
              default = 50;
              description = "Metadata usage threshold for balance";
            };
          };
          # Mountpoint-based configuration
          mountpoints = mkOption {
            type = types.attrsOf (types.submodule {
              options = {
                subvolume = mkOption { 
                  type = types.nullOr types.str; 
                  default = null;
                  description = "Subvolume name. If null, uses default subvolume.";
                };
                compression = mkOption { 
                  type = types.str; 
                  default = "zstd";
                  description = "Compression algorithm (zstd, lzo, lz4, none)";
                };
                autodefrag = mkOption { 
                  type = types.bool; 
                  default = false;
                  description = "Enable automatic defragmentation";
                };
                extraOptions = mkOption { 
                  type = types.listOf types.str; 
                  default = [];
                  description = "Additional mount options";
                };
              };
            });
            default = {};
            description = "Mountpoint configurations for this filesystem";
          };
        };
      });
      default = {};
      description = "Btrfs filesystems configuration";
    };
  };
  config = mkIf cfg.enable {
    environment.systemPackages = with pkgs; [
      btrfs-progs
      compsize
    ];
    # Generate fileSystems configuration from mountpoints
    fileSystems = mkMerge (flatten (mapAttrsToList (device: fsCfg:
      mapAttrsToList (mountpoint: mountCfg:
        {
          ${mountpoint} = {
            device = device;
            fsType = "btrfs";
            options = 
              (optional (mountCfg.subvolume != null) "subvol=${mountCfg.subvolume}") ++
              [ "compress=${mountCfg.compression}" ] ++
              (optional mountCfg.autodefrag "autodefrag") ++
              mountCfg.extraOptions;
          };
        }
      ) fsCfg.mountpoints
    ) cfg.filesystems));
    # Configure scrub service using NixOS built-in
    services.btrfs.autoScrub = mkIf (any (fs: fs.scrub.enable) (attrValues cfg.filesystems)) {
      enable = true;
      interval = "weekly"; # TODO: Make this configurable per filesystem
      fileSystems = attrNames (filterAttrs (_: fs: fs.scrub.enable) cfg.filesystems);
    };
    # Configure beesd for filesystems with deduplication enabled
    services.beesd.filesystems = mapAttrs' (device: fsCfg: 
      nameValuePair (replaceStrings ["/"] ["_"] (replaceStrings ["-"] ["_"] device)) {
        spec = device;
        hashTableSizeMB = fsCfg.deduplication.hashTableSizeMB;
        verbosity = fsCfg.deduplication.verbosity;
      }
    ) (filterAttrs (_: fs: fs.deduplication.enable) cfg.filesystems);
    # Custom balance services for filesystems with balance enabled
    systemd.services = mkMerge (mapAttrsToList (device: fsCfg: mkIf fsCfg.balance.enable {
      "btrfs-balance-${replaceStrings ["/"] ["-"] (replaceStrings ["-"] ["_"] device)}" = {
        description = "Balance btrfs filesystem ${device}";
        script = ''
          ${pkgs.btrfs-progs}/bin/btrfs balance start \
            -dusage=${toString fsCfg.balance.dataUsage} \
            -musage=${toString fsCfg.balance.metadataUsage} \
            ${device}
        '';
        serviceConfig = {
          Type = "oneshot";
          Nice = 19;
          IOSchedulingClass = "idle";
        };
      };
    }) cfg.filesystems);
    # Balance timers
    systemd.timers = mkMerge (mapAttrsToList (device: fsCfg: mkIf fsCfg.balance.enable {
      "btrfs-balance-${replaceStrings ["/"] ["-"] (replaceStrings ["-"] ["_"] device)}" = {
        description = "Periodic balance for ${device}";
        wantedBy = [ "timers.target" ];
        timerConfig = {
          OnCalendar = fsCfg.balance.interval;
          Persistent = true;
        };
      };
    }) cfg.filesystems);
  };
 }
--- a/roles/default.nix
+++ b/roles/default.nix
@@ -6,7 +6,6 @@ with lib;
  imports = [
    ./audio
    ./bluetooth
    ./btrfs
    ./desktop
    ./kodi
    ./nfs-mounts
--- a/roles/desktop/default.nix
+++ b/roles/desktop/default.nix
@@ -9,10 +9,7 @@ with lib;
    x11 = mkOption { type = types.bool; default = false; description = "Enable X11 support."; };
    wayland = mkOption { type = types.bool; default = false; description = "Enable Wayland support."; };
    kde = mkOption { type = types.bool; default = false; description = "Enable KDE."; };
-    gaming = {
+    gaming = mkOption { type = types.bool; default = false; description = "Enable gaming support."; };
      enable = mkOption { type = types.bool; default = false; description = "Enable gaming support."; };
      emulation = mkOption { type = types.bool; default = false; description = "Enable emulation support."; };
    };
    sddm = mkOption { type = types.bool; default = false; description = "Enable SDDM greeter."; };
  };
@@ -23,5 +20,6 @@ with lib;
    ./kde.nix
    ./programs.nix
    ./sddm.nix
    ./steam-sleep-inhibitor.nix
  ];
 }
--- a/roles/desktop/gaming.nix
+++ b/roles/desktop/gaming.nix
@@ -6,8 +6,7 @@ let
  cfg = config.roles.desktop;
 in
 {
-  config = mkMerge [
+  config = mkIf (cfg.enable && cfg.gaming) {
    (mkIf (cfg.enable && cfg.gaming.enable) {
    environment.systemPackages = with pkgs; [
      steam
      lutris
@@ -15,13 +14,5 @@ in
    ];
    # Possibly other gaming specific services or settings
-    })
+  };
    (mkIf (cfg.enable && cfg.gaming.emulation) {
      environment.systemPackages = with pkgs; [
        ryubing
        dolphin-emu
      ];
    })
  ];
 }
--- a/roles/desktop/steam-sleep-inhibitor.nix
+++ b/roles/desktop/steam-sleep-inhibitor.nix
@@ -0,0 +1,116 @@
 { lib, config, pkgs, ... }:
 with lib;
 let
  cfg = config.roles.desktop;
  steamSleepInhibitor = pkgs.writeShellScript "steam-sleep-inhibitor" ''
    #!/usr/bin/env bash
    # Steam log path - adjust if different
    STEAM_LOG="$HOME/.local/share/Steam/logs/streaming_log.txt"
    FALLBACK_LOG="$HOME/.steam/steam/logs/streaming_log.txt"
    # Find Steam log file
    if [[ -f "$STEAM_LOG" ]]; then
      LOG_FILE="$STEAM_LOG"
    elif [[ -f "$FALLBACK_LOG" ]]; then
      LOG_FILE="$FALLBACK_LOG"
    else
      # Monitor Steam process for streaming activity
      LOG_FILE=""
    fi
    INHIBITOR_PID=""
    MONITORING=false
    cleanup() {
      if [[ -n "$INHIBITOR_PID" ]]; then
        echo "Stopping sleep inhibitor (PID: $INHIBITOR_PID)"
        kill "$INHIBITOR_PID" 2>/dev/null
      fi
      exit 0
    }
    start_inhibitor() {
      if [[ -z "$INHIBITOR_PID" ]]; then
        echo "Starting sleep inhibitor for Steam Remote Play session"
        ${pkgs.systemd}/bin/systemd-inhibit \
          --what=sleep \
          --who="Steam Remote Play" \
          --why="Active streaming session detected" \
          --mode=block \
          sleep infinity &
        INHIBITOR_PID=$!
      fi
    }
    stop_inhibitor() {
      if [[ -n "$INHIBITOR_PID" ]]; then
        echo "Stopping sleep inhibitor - streaming session ended"
        kill "$INHIBITOR_PID" 2>/dev/null
        INHIBITOR_PID=""
      fi
    }
    # Check if Steam Remote Play is active by looking for streaming processes
    check_streaming_active() {
      # Check for Steam streaming processes
      if pgrep -f "streaming_client" >/dev/null || \
         pgrep -f "steamremoteplay" >/dev/null || \
         ${pkgs.procps}/bin/pgrep -f "Remote Play" >/dev/null; then
        return 0
      fi
      # Check for active network connections on Steam streaming ports
      if ${pkgs.nettools}/bin/netstat -an 2>/dev/null | grep -E ":(27036|27037)" | grep ESTABLISHED >/dev/null; then
        return 0
      fi
      return 1
    }
    trap cleanup EXIT INT TERM
    echo "Steam sleep inhibitor monitoring started"
    while true; do
      if check_streaming_active; then
        if [[ "$MONITORING" == "false" ]]; then
          MONITORING=true
          start_inhibitor
        fi
      else
        if [[ "$MONITORING" == "true" ]]; then
          MONITORING=false
          stop_inhibitor
        fi
      fi
      sleep 10
    done
  '';
 in
 {
  config = mkIf (cfg.enable && cfg.kde && cfg.gaming) {
    # Steam streaming sleep inhibitor service
    systemd.user.services.steam-sleep-inhibitor = {
      description = "Steam Remote Play Sleep Inhibitor";
      wantedBy = [ "default.target" ];
      after = [ "graphical-session.target" ];
      serviceConfig = {
        Type = "simple";
        ExecStart = "${steamSleepInhibitor}";
        Restart = "always";
        RestartSec = "5";
      };
    };
    # Steam-specific environment variables to prevent sleep interference
    environment.sessionVariables = {
      SDL_VIDEO_ALLOW_SCREENSAVER = "1";
    };
  };
 }
--- a/roles/printing/default.nix
+++ b/roles/printing/default.nix
@@ -19,12 +19,5 @@ in
        nssmdns4 = true;
        openFirewall = true;
      };
      hardware.printers.ensurePrinters = [{
        name = "MFC-L8900CDW_series";
        deviceUri = "dnssd://Brother%20MFC-L8900CDW%20series._ipp._tcp.local/?uuid=e3248000-80ce-11db-8000-b422006699d8";
        model = "everywhere";
      }];
      hardware.printers.ensureDefaultPrinter = "MFC-L8900CDW_series";
    };
 }