[home] Re-enable openscad-unstable

I'm standardizing on bitwarden and rbw for secrets. No need to build out
a separate secret management system. The complexity of this was just not
worth it for my effectively single-user workflows

.goosehints

@@ -0,0 +1,21 @@
+NixOS Configurations Repository
+================================
+
+Overview:
+---------
+This repository hosts modular and reproducible NixOS configurations managed via Nix flakes. It is structured to separate concerns across machine-specific setups, common roles, and custom packages.
+
+Directory Structure:
+----------------------
+• packages/      - Custom Nix packages leveraged across various configurations.
+• roles/         - Role-based configurations (e.g., kodi, bluetooth) each with its own module (default.nix) for inclusion in machine setups.
+• machines/      - Machine-specific configurations (e.g., nix-book, z790prors, boxy, wixos) including configuration.nix and hardware-configuration.nix tailored for each hardware.
+• home/          - Home-manager configurations for personal environments and application settings (e.g., home-nix-book.nix, home-z790prors.nix).
+
+Design Principles:
+------------------
+• Modularity: Clear separation between roles, machines, and packages allows for flexible and reusable configurations.
+• Declarative & Reproducible: Using Nix flakes guarantees a fully declarative setup that can be effortlessly reproduced across systems.
+• Scalability: The structure is designed to accommodate adding new roles or machines with minimal disruption to existing configurations.
+
+This file serves as a concise guide for navigating and understanding the repository from an advanced Nix perspective. Further documentation can be found within the respective directories or individual README files where applicable.

.sops.yaml

@@ -1,11 +0,0 @@
-keys:
-  - &admin_johno age1ls6a033d4p4u8h4rwazjwt8w4c4xg73wq0mdnm64jajxzcz4k9asvjnks3
-  - &host_z790prors age12l5u7sw59u5pkwp83qm8t3ff7uv0ld2c9k3zh5j4ame9k2szcynqu7ftqe
-  - &host_nixbook age1fa3zqavfmqk4ssa22yne9td90gyqv9q5a8y0s8jp3xak8q7p3yjqyn7rkg
-creation_rules:
-  - path_regex: secrets/[^/]+\.(yaml|json|env|ini)$
-    key_groups:
-      - age:
-          - *admin_johno
-          - *host_z790prors
-          - *host_nixbook

CLAUDE.md

@@ -0,0 +1,110 @@
+# CLAUDE.md
+
+This file provides guidance to Claude Code (claude.ai/code) when working with code in this repository.
+
+## Repository Overview
+
+This is a NixOS configuration repository using flakes, managing multiple machines and home-manager configurations. The repository follows a modular architecture with reusable "roles" that can be composed for different machines.
+
+## Architecture
+
+### Flake Structure
+- **flake.nix**: Main entry point defining inputs (nixpkgs, home-manager, plasma-manager, etc.) and outputs for multiple NixOS configurations
+- **Machines**: `nix-book`, `boxy`, `wixos` (WSL configuration)
+- **Home configurations**: Standalone home-manager configuration for user `johno`
+
+### Directory Structure
+- `machines/`: Machine-specific configurations with hardware-configuration.nix
+- `roles/`: Modular system configurations (audio, bluetooth, desktop, users, etc.)
+- `home/`: Home Manager configurations and user-specific modules
+- `home/modules/`: User environment modules (emacs, i3+sway, plasma-manager, tmux)
+- `packages/`: Custom package definitions
+
+### Role-Based Configuration System
+The repository uses a custom "roles" system where each role is a NixOS module with enable options:
+- `roles.desktop`: Desktop environment with sub-options for X11, Wayland, KDE, gaming, SDDM
+- `roles.audio`: Audio configuration
+- `roles.bluetooth`: Bluetooth support
+- `roles.users`: User account management
+- `roles.virtualisation`: Virtualization setup
+- `roles.kodi`: Kodi media center
+
+Example role usage in machine configuration:
+```nix
+roles = {
+  audio.enable = true;
+  desktop = {
+    enable = true;
+    gaming = true;
+    kde = true;
+    wayland = true;
+  };
+  users.enable = true;
+};
+```
+
+## Common Commands
+
+### Building and Switching Configurations
+```bash
+# Build and switch to a specific machine configuration
+sudo nixos-rebuild switch --flake .#<hostname>
+
+# Build without switching
+nixos-rebuild build --flake .#<hostname>
+
+# Build home-manager configuration only
+home-manager switch --flake .#johno
+```
+
+### Available Machine Configurations
+- `nix-book`: Uses `home/home-nix-book.nix`
+- `boxy`: Gaming desktop with AMD GPU, uses `home/home.nix`
+- `wixos`: WSL configuration, uses `home/home.nix`
+
+### Flake Operations
+```bash
+# Update flake inputs
+nix flake update
+
+# Check flake
+nix flake check
+
+# Show flake info
+nix flake show
+```
+
+### Bootstrap New Machine
+Use the provided bootstrap script:
+```bash
+sudo ./bootstrap.sh <hostname>
+```
+This script pulls from the remote git repository and applies the configuration.
+
+## Development Workflow
+
+### Adding New Machines
+1. Create new directory in `machines/<hostname>/`
+2. Add `configuration.nix` with role assignments
+3. Include hardware-configuration.nix (generated by nixos-generate-config)
+4. Add nixosConfiguration to flake.nix outputs
+
+### Adding New Roles
+1. Create directory in `roles/<role-name>/`
+2. Create `default.nix` with module definition using mkEnableOption
+3. Add role import to `roles/default.nix`
+4. Configure role options in machine configurations
+
+### Home Manager Modules
+- Located in `home/modules/`
+- Each module has its own `default.nix`
+- Imported in main home configuration files
+
+## Key Configuration Details
+
+- **Experimental features**: nix-command and flakes are enabled
+- **User**: Primary user is `johno` with trusted-user privileges
+- **Locale**: en_US.UTF-8, America/Los_Angeles timezone
+- **SSH**: OpenSSH enabled on all configurations
+- **Garbage collection**: Automatic, deletes older than 10 days
+- **Unfree packages**: Allowed globally

bootstrap.sh

@@ -0,0 +1,11 @@
+#!/usr/bin/env bash
+# bootstrap.sh
+# Usage: sudo ./bootstrap.sh <hostname>
+set -euo pipefail
+
+NEW_HOSTNAME="${1:?missing hostname}"
+FLAKE_URI="git+https://git.johnogle.info/johno/nixos-configs.git#${NEW_HOSTNAME}"
+
+export NIX_CONFIG="experimental-features = nix-command flakes"
+nixos-rebuild switch --flake "$FLAKE_URI"
+

flake.lock

@@ -1,5 +1,41 @@
 {
   "nodes": {
+    "flake-compat": {
+      "flake": false,
+      "locked": {
+        "lastModified": 1747046372,
+        "narHash": "sha256-CIVLLkVgvHYbgI2UpXvIIBJ12HWgX+fjA8Xf8PUmqCY=",
+        "owner": "edolstra",
+        "repo": "flake-compat",
+        "rev": "9100a0f413b0c601e0533d1d94ffd501ce2e7885",
+        "type": "github"
+      },
+      "original": {
+        "owner": "edolstra",
+        "repo": "flake-compat",
+        "type": "github"
+      }
+    },
+    "google-cookie-retrieval": {
+      "inputs": {
+        "nixpkgs": [
+          "nixpkgs"
+        ]
+      },
+      "locked": {
+        "lastModified": 1752428473,
+        "narHash": "sha256-IsE7fdAYbRlZuc0H5FtPfhhuHvlxnDGoAxdlnjpVNCU=",
+        "ref": "refs/heads/main",
+        "rev": "1fad66b55144ab6beaecd900172a21ac3c34dc52",
+        "revCount": 10,
+        "type": "git",
+        "url": "https://git.johnogle.info/johno/google-cookie-retrieval.git"
+      },
+      "original": {
+        "type": "git",
+        "url": "https://git.johnogle.info/johno/google-cookie-retrieval.git"
+      }
+    },
     "home-manager": {
       "inputs": {
         "nixpkgs": [
@@ -7,11 +43,11 @@
         ]
       },
       "locked": {
-        "lastModified": 1728041527,
+        "lastModified": 1752402455,
-        "narHash": "sha256-03liqiJtk9UP7YQHW4r8MduKCK242FQzud8iWvvlK+o=",
+        "narHash": "sha256-mCHfZhQKdTj2JhCFcqfOfa3uKZbwUkPQbd0/zPnhOE8=",
         "owner": "nix-community",
         "repo": "home-manager",
-        "rev": "509dbf8d45606b618e9ec3bbe4e936b7c5bc6c1e",
+        "rev": "bf893ad4cbf46610dd1b620c974f824e266cd1df",
         "type": "github"
       },
       "original": {
@@ -20,13 +56,49 @@
         "type": "github"
       }
     },
+    "nixos-wsl": {
+      "inputs": {
+        "flake-compat": "flake-compat",
+        "nixpkgs": "nixpkgs"
+      },
+      "locked": {
+        "lastModified": 1752199438,
+        "narHash": "sha256-xSBMmGtq8K4Qv80TMqREmESCAsRLJRHAbFH2T/2Bf1Y=",
+        "owner": "nix-community",
+        "repo": "NixOS-WSL",
+        "rev": "d34d9412556d3a896e294534ccd25f53b6822e80",
+        "type": "github"
+      },
+      "original": {
+        "owner": "nix-community",
+        "ref": "main",
+        "repo": "NixOS-WSL",
+        "type": "github"
+      }
+    },
     "nixpkgs": {
       "locked": {
-        "lastModified": 1727802920,
+        "lastModified": 1751792365,
-        "narHash": "sha256-HP89HZOT0ReIbI7IJZJQoJgxvB2Tn28V6XS3MNKnfLs=",
+        "narHash": "sha256-J1kI6oAj25IG4EdVlg2hQz8NZTBNYvIS0l4wpr9KcUo=",
+        "owner": "NixOS",
+        "repo": "nixpkgs",
+        "rev": "1fd8bada0b6117e6c7eb54aad5813023eed37ccb",
+        "type": "github"
+      },
+      "original": {
+        "owner": "NixOS",
+        "ref": "nixos-unstable",
+        "repo": "nixpkgs",
+        "type": "github"
+      }
+    },
+    "nixpkgs_2": {
+      "locked": {
+        "lastModified": 1751984180,
+        "narHash": "sha256-LwWRsENAZJKUdD3SpLluwDmdXY9F45ZEgCb0X+xgOL0=",
         "owner": "nixos",
         "repo": "nixpkgs",
-        "rev": "27e30d177e57d912d614c88c622dcfdb2e6e6515",
+        "rev": "9807714d6944a957c2e036f84b0ff8caf9930bc0",
         "type": "github"
       },
       "original": {
@@ -36,48 +108,36 @@
         "type": "github"
       }
     },
-    "nixpkgs-stable": {
+    "plasma-manager": {
+      "inputs": {
+        "home-manager": [
+          "home-manager"
+        ],
+        "nixpkgs": [
+          "nixpkgs"
+        ]
+      },
       "locked": {
-        "lastModified": 1725762081,
+        "lastModified": 1748196248,
-        "narHash": "sha256-vNv+aJUW5/YurRy1ocfvs4q/48yVESwlC/yHzjkZSP8=",
+        "narHash": "sha256-1iHjsH6/5UOerJEoZKE+Gx1BgAoge/YcnUsOA4wQ/BU=",
-        "owner": "NixOS",
+        "owner": "nix-community",
-        "repo": "nixpkgs",
+        "repo": "plasma-manager",
-        "rev": "dc454045f5b5d814e5862a6d057e7bb5c29edc05",
+        "rev": "b7697abe89967839b273a863a3805345ea54ab56",
         "type": "github"
       },
       "original": {
-        "owner": "NixOS",
+        "owner": "nix-community",
-        "ref": "release-24.05",
+        "repo": "plasma-manager",
-        "repo": "nixpkgs",
         "type": "github"
       }
     },
     "root": {
       "inputs": {
+        "google-cookie-retrieval": "google-cookie-retrieval",
         "home-manager": "home-manager",
-        "nixpkgs": "nixpkgs",
+        "nixos-wsl": "nixos-wsl",
-        "sops-nix": "sops-nix"
+        "nixpkgs": "nixpkgs_2",
-      }
+        "plasma-manager": "plasma-manager"
-    },
-    "sops-nix": {
-      "inputs": {
-        "nixpkgs": [
-          "nixpkgs"
-        ],
-        "nixpkgs-stable": "nixpkgs-stable"
-      },
-      "locked": {
-        "lastModified": 1727423009,
-        "narHash": "sha256-+4B/dQm2EnORIk0k2wV3aHGaE0WXTBjColXjj7qWh10=",
-        "owner": "Mic92",
-        "repo": "sops-nix",
-        "rev": "127a96f49ddc377be6ba76964411bab11ae27803",
-        "type": "github"
-      },
-      "original": {
-        "owner": "Mic92",
-        "repo": "sops-nix",
-        "type": "github"
       }
     }
   },

flake.nix

@@ -3,50 +3,48 @@
 
   inputs = {
     nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable";
-
+    nixos-wsl.url = "github:nix-community/NixOS-WSL/main";
-    sops-nix = {
-      url = "github:Mic92/sops-nix";
-      inputs.nixpkgs.follows = "nixpkgs";
-    };
 
     home-manager = {
       url = "github:nix-community/home-manager";
       inputs.nixpkgs.follows = "nixpkgs";
     };
+
+    plasma-manager = {
+      url = "github:nix-community/plasma-manager";
+      inputs.nixpkgs.follows = "nixpkgs";
+      inputs.home-manager.follows = "home-manager";
     };
 
-  outputs = { self, nixpkgs, ... } @ inputs: let
+    google-cookie-retrieval = {
+      url = "git+https://git.johnogle.info/johno/google-cookie-retrieval.git";
+      inputs.nixpkgs.follows = "nixpkgs";
+    };
+  };
+
+  outputs = { self, nixpkgs, nixos-wsl, ... } @ inputs: let
     baseModules = [
       ./roles
-      inputs.sops-nix.nixosModules.sops
       inputs.home-manager.nixosModules.home-manager
       {
         home-manager.useGlobalPkgs = true;
         home-manager.useUserPackages = true;
+        home-manager.sharedModules = [
+          inputs.plasma-manager.homeManagerModules.plasma-manager
+        ];
+        home-manager.extraSpecialArgs = {
+          globalInputs = inputs;
+        };
       }
     ];
   in {
-    nixosConfigurations.z790prors-nix = nixpkgs.lib.nixosSystem rec {
-      system = "x86_64-linux";
-      specialArgs = { inherit inputs; };
-      modules = baseModules ++ [
-        ./machines/z790prors/configuration.nix
-        {
-          home-manager.users.johno = import ./home/home-z790prors.nix;
-          home-manager.extraSpecialArgs.customPkgs =
-            nixpkgs.legacyPackages."${system}".callPackage ./packages {};
-        }
-      ];
-    };
-
     nixosConfigurations.nix-book = nixpkgs.lib.nixosSystem rec {
       system = "x86_64-linux";
       modules = baseModules ++ [
         ./machines/nix-book/configuration.nix
         {
           home-manager.users.johno = import ./home/home-nix-book.nix;
-          home-manager.extraSpecialArgs.customPkgs =
+          home-manager.extraSpecialArgs = { inherit system; };
-            nixpkgs.legacyPackages."${system}".callPackage ./packages {};
         }
       ];
     };
@@ -57,11 +55,35 @@
         ./machines/boxy/configuration.nix
         inputs.home-manager.nixosModules.home-manager
         {
-          home-manager.users.johno = import ./home/home-default.nix;
+          home-manager.users.johno = import ./home/home.nix;
-          home-manager.extraSpecialArgs.customPkgs =
+          home-manager.extraSpecialArgs = { inherit system; };
-            nixpkgs.legacyPackages."${system}".callPackage ./packages {};
         }
       ];
     };
+
+    nixosConfigurations.wixos = nixpkgs.lib.nixosSystem rec {
+      system = "x86_64-linux";
+      modules = baseModules ++ [
+        nixos-wsl.nixosModules.default
+        ./machines/wixos/configuration.nix
+        inputs.home-manager.nixosModules.home-manager
+        {
+          home-manager.users.johno = import ./home/home.nix;
+          home-manager.extraSpecialArgs = { inherit system; };
+        }
+      ];
+    };
+
+    homeConfigurations."johno" = inputs.home-manager.lib.homeManagerConfiguration {
+      pkgs = inputs.nixpkgs.legacyPackages."x86_64-linux";
+      modules = [
+        inputs.plasma-manager.homeManagerModules.plasma-manager
+        ./home/home.nix
+      ];
+      extraSpecialArgs = {
+        system = "x86_64-linux";
+        globalInputs = inputs;
+      };
+    };
   };
 }

home/home-nix-book.nix

@@ -2,8 +2,7 @@
 
 {
   imports = [
-    ./home-default.nix
+    ./home.nix
-    ./modules/hyprland/nix-book.nix
   ];
 
   home.i3_sway.extraSwayConfig = {

home/home-z790prors.nix

@@ -1,8 +0,0 @@
-{ config, lib, pkgs, ... }:
-
-{
-  imports = [
-    ./home-default.nix
-    ./modules/hyprland/z790prors.nix
-  ];
-}

home/home.nix

@@ -1,5 +1,8 @@
-{ pkgs, customPkgs, ... }:
+{ pkgs, customPkgs, globalInputs, system, ... }:
 
+let
+  customPkgs = pkgs.callPackage ../packages {};
+in
 {
   # Home Manager needs a bit of information about you and the paths it should
   # manage.
@@ -36,10 +39,13 @@
     # '')
 
     pkgs.bitwarden
+    pkgs.claude-code
+    pkgs.codex
     pkgs.dunst
     pkgs.element-desktop
     pkgs.fd
     #pkgs.fluffychat # security vulnerability in current version
+    pkgs.goose-cli
     pkgs.gzip
     pkgs.htop
     pkgs.jellyfin-media-player
@@ -49,17 +55,20 @@
     pkgs.less
     pkgs.moonlight-qt
     pkgs.ncdu
+    pkgs.nextcloud-talk-desktop
+    pkgs.openscad-unstable
     pkgs.pandoc
-    pkgs.pinentry-qt
+    #pkgs.pinentry-qt
     #pkgs.pytest
     pkgs.shellcheck
     pkgs.solaar # Logitech management software
+    (pkgs.snapcast.override { pulseaudioSupport = true; })
     pkgs.tmux
     pkgs.waybar
     pkgs.wofi
     pkgs.vlc
 
-    customPkgs.nextcloudTalkDesktop
+    globalInputs.google-cookie-retrieval.packages.${system}.default
   ];
 
   # Home Manager is pretty good at managing dotfiles. The primary way to manage
@@ -75,9 +84,10 @@
     #   org.gradle.console=verbose
     #   org.gradle.daemon.idletimeout=3600000
     # '';
-
   };
 
+  targets.genericLinux.enable = true;
+
   # Home Manager can also manage your environment variables through
   # 'home.sessionVariables'. These will be explicitly sourced when using a
   # shell provided by Home Manager. If you don't want to manage your shell
@@ -100,20 +110,22 @@
   home.sessionPath = [
   ];
 
-  nixpkgs.config.allowUnfree = true;
-
   imports = [
     ./modules/emacs
-    ./modules/lutris
     ./modules/i3+sway
+    ./modules/plasma-manager
+    ./modules/tmux
   ];
 
-  programs.bash.enable = true;
+  programs.bash = {
-
+    enable = true;
-  nix = {
+    initExtra = ''
-    gc = {
+      codex() {
-      automatic = true;
+        local key
-    };
+        key="$(rbw get openai-api-key-codex)"
+        OPENAI_API_KEY="$key" command codex "$@"
+      }
+    '';
   };
 
   # Let Home Manager install and manage itself.
@@ -134,15 +146,6 @@
     };
   };
 
-  programs.gpg.enable = true;
-
-  services.gpg-agent = {
-    enable = true;
-    enableSshSupport = true;
-    defaultCacheTtl = 1800;
-    pinentryPackage = pkgs.pinentry-qt;
-  };
-
   programs.jq.enable = true;
 
   programs.k9s.enable = true;
@@ -175,17 +178,16 @@
     };
   };
 
-  services.home-manager.autoUpgrade = {
-    enable = true;
-    frequency = "weekly";
-  };
-
   services.kdeconnect = {
     enable = true;
     indicator = true;
     package = pkgs.kdePackages.kdeconnect-kde;
   };
 
+  services.gnome-keyring = {
+    enable = true;
+  };
+
   services.syncthing = {
     enable = true;
     tray = {

home/modules/emacs/default.nix

@@ -3,20 +3,25 @@
 with lib;
 
 let
-  doomSync = (let
+  doomEmacs = pkgs.fetchFromGitHub {
-    git = pkgs.git;
+    owner = "doomemacs";
-  in ''
+    repo = "doomemacs";
-    export PATH=${pkgs.emacs}/bin:${git}/bin:$PATH
+    rev = "8406c1ff22b95bd0f816de4a0223fa3ce3c82568";
-    ${config.xdg.configHome}/emacs/bin/doom sync -u -j $((`nproc`/4*3))
+    sha256 = "sha256-rOkgOdmLESVAbOeEM9nJTzxyI+akdk48Ed2VlktOy3Q=";
-  '');
+  };
-in {
+in
+{
   config = {
     home.packages = [
+      pkgs.emacs
+
       pkgs.emacs-all-the-icons-fonts
+      pkgs.fira-code
       pkgs.fontconfig
       pkgs.graphviz
       pkgs.isort
-      pkgs.nerdfonts
+      pkgs.nerd-fonts.fira-code
+      pkgs.nerd-fonts.droid-sans-mono
       pkgs.nil # nix lsp language server
       pkgs.nixfmt-rfc-style
       (pkgs.ripgrep.override {withPCRE2 = true;})
@@ -27,41 +32,16 @@ in {
 
     fonts.fontconfig.enable = true;
 
-    home.file = {
+    home.file."${config.xdg.configHome}/emacs".source = doomEmacs;
-      ".config/emacs" = {
-        source = fetchGit {
-          url = "https://github.com/doomemacs/doomemacs.git";
-          # When updating me, remember to run `doom sync`
-          rev = "5ad99220b86ae1bf421861dfad24492d768ac4d9";
-        };
-        # We need to use recursive mode here or else doom fails to sync for
-        # some reason related to the permissions on the synced path. I'm not
-        # quite sure of everything that's going on here.
-        recursive = true;
-
-        # Because `recursive = true` will cause this to sync every single
-        # activation, we turn this off here.
-        #
-        # There's probably a way we could do better detection of this within
-        # our onChange shell?
-        #
-        # onChange = doomSync;
-      };
-    };
-
-    home.sessionVariables = {
-      DOOMLOCALDIR = "${config.xdg.dataHome}/doom";
-      EDITOR = "emacs -nw";
-    };
-
     home.sessionPath = [
       "${config.xdg.configHome}/emacs/bin"
     ];
 
-    xdg.configFile."doom" = {
+    home.sessionVariables = {
-      source = ./doom;
+      DOOMDIR = "${config.xdg.configHome}/doom";
-      # Sync doom if we updated the config
+      DOOMLOCALDIR = "${config.xdg.dataHome}/doom";
-      onChange = doomSync;
     };
+
+    home.file."${config.xdg.configHome}/doom".source = ./doom;
   };
 }

home/modules/emacs/doom/config.el

@@ -28,6 +28,7 @@
 ;; up, `M-x eval-region' to execute elisp code, and 'M-x doom/reload-font' to
 ;; refresh your font settings. If Emacs still can't find your font, it likely
 ;; wasn't installed correctly. Font issues are rarely Doom issues!
+(setq doom-font (font-spec :family "Fira Code"))
 
 ;; There are two ways to load a theme. Both assume the theme is installed and
 ;; available. You can either set `doom-theme' or manually load a theme with the
@@ -43,7 +44,11 @@
 (setq org-directory "~/org/")
 (after! org
   (setq org-agenda-span 'week
-        org-agenda-files `(,org-directory ,(concat org-directory "roam/"))
+        my-agenda-dirs '("projects" "roam")
+        org-agenda-files (cons org-directory (mapcan (lambda (x) (directory-files-recursively
+                                                                  (expand-file-name x org-directory)
+                                                                  "\.org$"))
+                                                     my-agenda-dirs))
         org-log-done 'time
         org-agenda-custom-commands '(("n" "Agenda"
                                       ((agenda "")
@@ -67,6 +72,16 @@
 ;;         org-caldav-files nil
 ;;         org-caldav-sync-direction 'cal->org))
 
+(defun my/get-rbw-password (alias)
+  "Return the password for ALIAS via rbw, unlocking the vault only if needed."
+  (let* ((cmd     (format "rbw get %s 2>&1" alias))
+         (output  (shell-command-to-string cmd)))
+    (string-trim output)))
+
+(use-package! gptel
+  :defer t
+  :config
+  (setq! gptel-api-key (my/get-rbw-password "openai-api-key-chatgpt-el")))
 
 ;; Whenever you reconfigure a package, make sure to wrap your config in an
 ;; `after!' block, otherwise Doom's defaults may override your settings. E.g.

home/modules/emacs/doom/init.el

@@ -108,7 +108,7 @@
 
        :os
        (:if (featurep :system 'macos) macos)  ; improve compatibility with macOS
-       ;;tty               ; improve the terminal Emacs experience
+       tty               ; improve the terminal Emacs experience
 
        :lang
        ;;agda              ; types of types of types of types...
@@ -149,7 +149,7 @@
        ;;lua               ; one-based indices? one-based indices
        markdown          ; writing docs for people to ignore
        ;;nim               ; python + lisp at the speed of c
-       (nix +tree-sitter +lsp)               ; I hereby declare "nix geht mehr!"
+       (nix +tree-sitter)               ; I hereby declare "nix geht mehr!"
        ;;ocaml             ; an objective camel
        (org +roam2)               ; organize your plain life in plain text
        ;;php               ; perl's insecure younger brother

home/modules/emacs/doom/packages.el

@@ -50,3 +50,5 @@
 ;; (unpin! t)
 
 ;; (package! org-caldav)
+
+(package! gptel :recipe (:nonrecursive t))

home/modules/hyprland/default.nix

@@ -1,94 +0,0 @@
-{ inputs, ... }:
-
-{
-  imports = [
-    ./hyprpaper.nix
-  ];
-
-  wayland.windowManager.hyprland = {
-    enable = true;
-    plugins = [ inputs.hy3.packages.x86_64-linux.hy3 ];
-    settings = {
-      "$mod" = "SUPER";
-      "$terminal" = "kitty";
-      "$fileManager" = "dolphin";
-      "$menu" = "wofi --show drun";
-
-      exec-once = [
-        "waybar"
-        "dunst"
-      ];
-
-      xwayland = {
-        force_zero_scaling = true;
-      };
-
-      input = {
-        kb_layout = "us";
-        kb_options = "caps:escape";
-        follow_mouse = 1;
-        touchpad.natural_scroll = false;
-      };
-
-      windowrulev2 = [
-        # I can guess, but I should figure out what this actually does
-        "suppressevent maximize, class:.*"
-      ];
-
-      general.layout = "hy3";
-
-      bind =
-        [
-          "SHIFT_$mod, Q, killactive"
-          "SHIFT_$mod, M, exit"
-
-          "$mod, D, exec, $menu"
-          "$mod, Return, exec, $terminal"
-
-          "$mod, H, hy3:movefocus, l"
-          "$mod, L, hy3:movefocus, r"
-          "$mod, K, hy3:movefocus, u"
-          "$mod, J, hy3:movefocus, d"
-
-          "SHIFT_$mod, H, hy3:movewindow, l"
-          "SHIFT_$mod, L, hy3:movewindow, r"
-          "SHIFT_$mod, K, hy3:movewindow, u"
-          "SHIFT_$mod, J, hy3:movewindow, d"
-
-          "$mod, V, hy3:makegroup, opposite"
-          "$mod, W, hy3:changegroup, toggletab"
-
-          "$mod, A, hy3:changefocus, raise"
-          "SHIFT_$mod, A, hy3:changefocus, lower"
-
-          "$mod, M, fullscreen, 0"
-          "$mod, E, hy3:expand, expand"
-          "SHIFT_$mod, E, hy3:expand, base"
-
-          "$mod, Q, hy3:warpcursor"
-        ]
-        ++ (
-          # workspaces
-          # binds $mod + [shift +] {1..10} to [move to] workspace {1..10}
-          builtins.concatLists (builtins.genList (
-            x: let
-              ws = let
-                c = (x + 1) / 10;
-              in
-                builtins.toString (x + 1 - (c * 10));
-            in [
-              "$mod, ${ws}, workspace, ${toString (x + 1)}"
-              "$mod SHIFT, ${ws}, hy3:movetoworkspace, ${toString (x + 1)}"
-            ]
-          )
-            10)
-        );
-
-      bindm =
-        [
-          "$mod, mouse:272, movewindow"
-          "$mod, mouse:273, resizewindow"
-        ];
-    };
-  };
-}

home/modules/hyprland/hyprpaper.nix

@@ -1,21 +0,0 @@
-{ config, lib, pkgs, ... }:
-
-{
-  services.hyprpaper = {
-    enable = true;
-    settings = {
-      ipc = "on";
-      splash = false;
-      preload = [
-        "${config.xdg.dataHome}/wallpaper.jpg"
-      ];
-      wallpaper = [
-        ",${config.xdg.dataHome}/wallpaper.jpg"
-      ];
-    };
-  };
-
-  xdg.dataFile."wallpaper.jpg" = {
-    source = ./wallpaper.jpg;
-  };
-}

home/modules/hyprland/nix-book.nix

@@ -1,5 +0,0 @@
-{ config, lib, pkgs, ... }:
-
-{
-  wayland.windowManager.hyprland.settings.monitor = ",preferred,2880x1800@90.00Hz,1.33333";
-}

home/modules/hyprland/z790prors.nix

@@ -1,16 +0,0 @@
-{ config, lib, pkgs, ... }:
-
-{
-  wayland.windowManager.hyprland.settings.monitor = "DP-1,3440x1440@164.90,0x0,1.33333,vrr,1";
-  wayland.windowManager.hyprland.settings.env = [
-    "LIBVA_DRIVER_NAME,nvidia"
-    "XDG_SESSION_TYPE,wayland"
-    "GBM_BACKEND,nvidia-drm"
-    "__GLX_VENDOR_LIBRARY_NAME,nvidia"
-    "NVD_BACKEND,direct"
-    "ELECTRON_OZONE_PLATFORM_HINT,auto"
-    "NIXOS_OZONE_WL,1"
-  ];
-
-  wayland.windowManager.hyprland.settings.cursor.no_hardware_cursors = true;
-}

home/modules/i3+sway/default.nix

@@ -129,6 +129,13 @@ in {
           "type:keyboard" = {
             xkb_options = "caps:escape";
           };
+          "type:touchpad" = {
+            tap = "enabled";
+            tap_button_map = "lrm";
+            drag = "enabled";
+            natural_scroll = "disabled";
+            dwt = "enabled";
+          };
         };
       };
     in {

home/modules/lutris/default.nix

@@ -1,9 +0,0 @@
-{ config, lib, pkgs, ... }:
-
-{
-  home.packages = [
-    pkgs.gamescope
-    pkgs.lutris
-    pkgs.mangohud
-  ];
-}

home/modules/plasma-manager/default.nix

@@ -0,0 +1,127 @@
+{ config, lib, pkgs, ... }:
+
+
+# The current KDE config can be output with the command:
+# nix run github:nix-community/plasma-manager
+#
+# Plasma-manager options documentation
+# https://nix-community.github.io/plasma-manager/options.xhtml
+#
+# TODO: (ambitious) Add Kmail support to plasma-manager
+{
+  programs.plasma = {
+    enable = true;
+    overrideConfig = true;
+
+    hotkeys.commands."launch-konsole" = {
+      name = "Launch Konsole";
+      key = "Meta+Return";
+      command = "konsole";
+    };
+
+    shortcuts = {
+      kmix = {
+        "decrease_microphone_volume" = "Microphone Volume Down";
+        "decrease_volume" = "Volume Down";
+        "decrease_volume_small" = "Shift+Volume Down";
+        "increase_microphone_volume" = "Microphone Volume Up";
+        "increase_volume" = "Volume Up";
+        "increase_volume_small" = "Shift+Volume Up";
+        "mic_mute" = ["Microphone Mute" "Meta+Volume Mute,Microphone Mute" "Meta+Volume Mute,Mute Microphone"];
+        "mute" = "Volume Mute";
+      };
+
+      mediacontrol = {
+        "mediavolumedown" = "none,,Media volume down";
+        "mediavolumeup" = "none,,Media volume up";
+        "nextmedia" = "Media Next";
+        "pausemedia" = "Media Pause";
+        "playmedia" = "none,,Play media playback";
+        "playpausemedia" = "Media Play";
+        "previousmedia" = "Media Previous";
+        "stopmedia" = "Media Stop";
+      };
+
+      ksmserver = {
+        "Lock Session" = ["Meta+Ctrl+Q" "Screensaver" "Screensaver,Lock Session"];
+      };
+
+      kwin = {
+        "Window Close" = "Meta+Shift+Q";
+        "Kill Window" = "Meta+Ctrl+Esc";
+        "Window Operations Menu" = "Alt+F3";
+        "Window Resize" = "Meta+R,,Resize Window";
+
+        "Overview" = "Meta+W";
+        "Grid View" = "Meta+G";
+        "Edit Tiles" = "Meta+T";
+
+        "Activate Window Demanding Attention" = "Meta+Ctrl+A";
+
+        "Show Desktop" = "Meta+D";
+
+        "Walk Through Windows" = "Alt+Tab";
+        "Walk Through Windows (Reverse)" = "Alt+Shift+Tab";
+        "Walk Through Windows of Current Application" = "Alt+`";
+        "Walk Through Windows of Current Application (Reverse)" = "Alt+~";
+        "Window Fullscreen" = "Meta+Shift+F,,Make Window Fullscreen";
+
+        "Window Quick Tile Bottom" = "Meta+Down";
+        "Window Quick Tile Left" = "Meta+Left";
+        "Window Quick Tile Right" = "Meta+Right";
+        "Window Quick Tile Top" = "Meta+Up";
+
+        "view_actual_size" = "Meta+0";
+        "view_zoom_in" = ["Meta++" "Meta+=,Meta++" "Meta+=,Zoom In"];
+        "view_zoom_out" = "Meta+-";
+      };
+      "org_kde_powerdevil"."Decrease Keyboard Brightness" = "Keyboard Brightness Down";
+      "org_kde_powerdevil"."Decrease Screen Brightness" = "Monitor Brightness Down";
+      "org_kde_powerdevil"."Decrease Screen Brightness Small" = "Shift+Monitor Brightness Down";
+      "org_kde_powerdevil"."Hibernate" = "Hibernate";
+      "org_kde_powerdevil"."Increase Keyboard Brightness" = "Keyboard Brightness Up";
+      "org_kde_powerdevil"."Increase Screen Brightness" = "Monitor Brightness Up";
+      "org_kde_powerdevil"."Increase Screen Brightness Small" = "Shift+Monitor Brightness Up";
+      "org_kde_powerdevil"."PowerDown" = "Power Down";
+      "org_kde_powerdevil"."PowerOff" = "Power Off";
+      "org_kde_powerdevil"."Sleep" = "Sleep";
+      "org_kde_powerdevil"."Toggle Keyboard Backlight" = "Keyboard Light On/Off";
+      "org_kde_powerdevil"."Turn Off Screen" = [ ];
+      "org_kde_powerdevil"."powerProfile" = ["Battery" "Meta+B,Battery" "Meta+B,Switch Power Profile"];
+
+      plasmashell = {
+        "activate application launcher" = ["Meta" "Alt+F1,Meta" "Alt+F1,Activate Application Launcher"];
+        "activate task manager entry 1" = "none,,";
+        "activate task manager entry 2" = "none,,";
+        "activate task manager entry 3" = "none,,";
+        "activate task manager entry 4" = "none,,";
+        "activate task manager entry 5" = "none,,";
+        "activate task manager entry 6" = "none,,";
+        "activate task manager entry 7" = "none,,";
+        "activate task manager entry 8" = "none,,";
+        "activate task manager entry 9" = "none,,";
+        "activate task manager entry 10" = "none,,";
+        "show activity switcher" = "none,,";
+      };
+    };
+
+    configFile = {
+      kwinrc.Desktops.Number = {
+        value = 10;
+        immutable = true;
+      };
+
+      kcminputrc.Libinput = {
+        AccelerationProfile = "adaptive";
+        PointerAcceleration = 0.5;
+      };
+
+      kcminputrc.Mouse = {
+        X11LibInputXAccelProfileFlat = false;
+        XLbInptAccelProfileFlat = false;
+      };
+
+      kdeglobals.KDE.LookAndFeelPackage = "org.kde.breezedark.desktop";
+    };
+  };
+}

home/modules/tmux/default.nix

@@ -0,0 +1,52 @@
+{ config, lib, pkgs, ... }:
+
+let
+  tokyo-night = pkgs.tmuxPlugins.mkTmuxPlugin {
+    pluginName = "tokyo-night";
+    rtpFilePath = "tokyo-night.tmux";
+    version = "1.6.1";
+    src = pkgs.fetchFromGitHub {
+      owner = "janoamaral";
+      repo = "tokyo-night-tmux";
+      rev = "d610ced20d5f602a7995854931440e4a1e0ab780";
+      sha256 = "sha256-17vEgkL7C51p/l5gpT9dkOy0bY9n8l0/LV51mR1k+V8=";
+    };
+  };
+in
+{
+  programs.tmux.enable = true;
+  programs.tmux.terminal = "tmux-direct";
+  programs.tmux.keyMode = "vi";
+  programs.tmux.escapeTime = 0;
+  programs.tmux.mouse = true;
+  programs.tmux.newSession = true;
+  programs.tmux.historyLimit = 50000;
+  programs.tmux.clock24 = true;
+  programs.tmux.baseIndex = 1;
+  programs.tmux.prefix = "M-\\\\";
+
+  programs.tmux.plugins = with pkgs; [
+    tmuxPlugins.cpu
+    tmuxPlugins.battery
+    tmuxPlugins.better-mouse-mode
+    tmuxPlugins.net-speed
+    tmuxPlugins.online-status
+    tmuxPlugins.pain-control
+    tmuxPlugins.tilish
+    tmuxPlugins.yank
+
+    {
+      plugin = tmuxPlugins.resurrect;
+      extraConfig = "set -g @resurrect-strategy-nvim 'session'";
+    }
+    {
+      plugin = tmuxPlugins.continuum;
+      extraConfig = ''
+        set -g @continuum-restore 'on'
+        set -g @continuum-save-interval '15' # minutes
+      '';
+    }
+
+    tokyo-night
+  ];
+}

machines/boxy/configuration.nix

@@ -2,7 +2,7 @@
 # your system. Help is available in the configuration.nix(5) man page, on
 # https://search.nixos.org/options and in the NixOS manual (`nixos-help`).
 
-{ lib, ... }:
+{ lib, pkgs, ... }:
 
 with lib;
 
@@ -14,9 +14,17 @@ with lib;
 
   roles = {
     audio.enable = true;
+    bluetooth.enable = true;
+    desktop = {
+      enable = true;
+      gaming = true;
+      kde = true;
+      sddm = true;
+      wayland = true;
+    };
     kodi = {
       enable = true;
-      autologin = true;
+      autologin = false;
       wayland = true;
     };
     users.enable = true;
@@ -28,9 +36,15 @@ with lib;
 
   networking.hostName = "boxy"; # Define your hostname.
 
+  services.xserver.videoDrivers = [ "amdgpu" ];
   hardware.graphics.enable = true;
-
+  hardware.graphics.enable32Bit = true;
-  services.displayManager.enable = mkForce false;
+  hardware.graphics.extraPackages = with pkgs; [
+    amdvlk
+  ];
+  hardware.graphics.extraPackages32 = with pkgs; [
+    driversi686Linux.amdvlk
+  ];
 
   # This option defines the first version of NixOS you have installed on this particular machine,
   # and is used to maintain compatibility with application data (e.g. databases) created on older NixOS versions.

machines/boxy/hardware-configuration.nix

@@ -9,7 +9,7 @@
     ];
 
   boot.initrd.availableKernelModules = [ "xhci_pci" "nvme" "thunderbolt" "usb_storage" "usbhid" "sd_mod" ];
-  boot.initrd.kernelModules = [ ];
+  boot.initrd.kernelModules = [ "amdgpu" ];
   boot.kernelModules = [ "kvm-amd" ];
   boot.extraModulePackages = [ ];
 

machines/nix-book/configuration.nix

@@ -12,9 +12,16 @@
   roles = {
     audio.enable = true;
     bluetooth.enable = true;
-    desktop.enable = true;
+    desktop = {
+      enable = true;
+      wayland = true;
+      gaming = true;
+      kde = true;
+      sddm = true;
+    };
     nfs-mounts.enable = true;
     printing.enable = true;
+    spotifyd.enable = true;
     users = {
       enable = true;
       extraGroups = [ "video" ];

machines/nix-book/hardware-configuration.nix

@@ -29,6 +29,7 @@
   swapDevices =
     [ { device = "/dev/disk/by-uuid/ec1f70ea-27b6-4646-ad3b-eac41bd83e3e"; }
     ];
+  zramSwap.enable = true;
 
   # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
   # (the default) this is the recommended approach. When using systemd-networkd it's

machines/wixos/configuration.nix

@@ -0,0 +1,62 @@
+# Edit this configuration file to define what should be installed on
+# your system. Help is available in the configuration.nix(5) man page, on
+# https://search.nixos.org/options and in the NixOS manual (`nixos-help`).
+
+# NixOS-WSL specific options are documented on the NixOS-WSL repository:
+# https://github.com/nix-community/NixOS-WSL
+
+{ config, lib, pkgs, ... }:
+
+{
+  imports = [
+  ];
+
+  roles = {
+    audio.enable = true;
+    desktop = {
+      enable = true;
+      wayland = true;
+    };
+    users.enable = true;
+  };
+
+  networking.hostName = "wixos";
+
+  wsl.enable = true;
+  wsl.defaultUser = "johno";
+  wsl.startMenuLaunchers = true;
+  wsl.useWindowsDriver = true;
+  wsl.wslConf.network.hostname = "wixos";
+  wsl.wslConf.user.default = "johno";
+
+  services.xserver.videoDrivers = [ "nvidia" ];
+  hardware.graphics = { 
+    enable = true;
+
+    extraPackages = with pkgs; [
+      mesa
+      libvdpau-va-gl
+      vaapiVdpau
+    ];
+  };
+  environment.sessionVariables = {
+    LD_LIBRARY_PATH = [
+      "/usr/lib/wsl/lib"
+      "/run/opengl-driver/lib"
+    ];
+  };
+  hardware.nvidia = {
+    modesetting.enable = true;
+    nvidiaSettings = true;
+    open = true;
+    package = config.boot.kernelPackages.nvidiaPackages.latest;
+  };
+
+  # This value determines the NixOS release from which the default
+  # settings for stateful data, like file locations and database versions
+  # on your system were taken. It's perfectly fine and recommended to leave
+  # this value at the release version of the first install of this system.
+  # Before changing this value read the documentation for this option
+  # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
+  system.stateVersion = "24.05"; # Did you read the comment?
+}

machines/z790prors/configuration.nix

@@ -1,63 +0,0 @@
-# Edit this configuration file to define what should be installed on
-# your system.  Help is available in the configuration.nix(5) man page
-# and in the NixOS manual (accessible by running ‘nixos-help’).
-
-{ ... }:
-
-{
-  imports =
-    [ # Include the results of the hardware scan.
-      ./hardware-configuration.nix
-    ];
-
-  roles = {
-    audio.enable = true;
-    desktop = {
-      enable = true;
-      x11Only = true;
-    };
-    kodi.enable = true;
-    nfs-mounts.enable = true;
-    printing.enable = true;
-    spotifyd.enable = true;
-    users = {
-      enable = true;
-      extraGroups = [ "input" "libvirtd" ];
-      kids = true;
-    };
-    virtualisation.enable = true;
-  };
-
-  # Use the systemd-boot EFI boot loader.
-  boot.loader.systemd-boot.enable = true;
-  boot.loader.efi.canTouchEfiVariables = true;
-  boot.loader.grub.useOSProber = true;
-
-  networking = {
-    hostName = "z790prors-nix"; # Define your hostname.
-    domain = "oglehome";
-    defaultGateway = "10.0.0.1";
-    nameservers = [ "10.0.0.1" ];
-
-    # The global useDHCP flag is deprecated, therefore explicitly set to false here.
-    # Per-interface useDHCP will be mandatory in the future, so this generated config
-    # replicates the default behaviour.
-    useDHCP = false;
-    
-    interfaces.enp3s0.ipv4.addresses = [{
-      address = "10.0.0.37";
-      prefixLength = 24;
-    }];
-  };
-
-  # TODO: Figure out something with this
-  nix.settings.secret-key-files = /root/cache-priv-key.pem;
-
-  # This value determines the NixOS release from which the default
-  # settings for stateful data, like file locations and database versions
-  # on your system were taken. It‘s perfectly fine and recommended to leave
-  # this value at the release version of the first install of this system.
-  # Before changing this value read the documentation for this option
-  # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
-  system.stateVersion = "21.11"; # Did you read the comment?
-}

machines/z790prors/hardware-configuration.nix

@@ -1,53 +0,0 @@
-# Do not modify this file!  It was generated by ‘nixos-generate-config’
-# and may be overwritten by future invocations.  Please make changes
-# to /etc/nixos/configuration.nix instead.
-{ config, lib, modulesPath, ... }:
-
-{
-  imports =
-    [ (modulesPath + "/installer/scan/not-detected.nix")
-    ];
-
-  boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "nvme" "usbhid" "usb_storage" "sd_mod" ];
-  boot.initrd.kernelModules = [
-    "nvidia"
-    "nvidia_modeset"
-    "nvidia_uvm"
-    "nvidia_drm"
-  ];
-  boot.kernelModules = [ "kvm-intel" ];
-  boot.extraModulePackages = [ ];
-
-  hardware.graphics.enable = true;
-  services.xserver.videoDrivers = ["nvidia"];
-  services.xserver.screenSection = ''Option "metamodes" "3440x1440_165 +0+0"'';
-  services.xserver.enableTearFree = true;
-  hardware.nvidia = {
-    modesetting.enable = true;
-    powerManagement.enable = false;
-    powerManagement.finegrained = false;
-    open = false;
-    nvidiaSettings = true;
-    package = config.boot.kernelPackages.nvidiaPackages.production;
-  };
-
-  fileSystems."/" =
-    { device = "/dev/disk/by-uuid/8d996d13-6d55-4524-83a2-6f6fb47a09ea";
-      fsType = "btrfs";
-    };
-
-  fileSystems."/boot" =
-    { device = "/dev/disk/by-uuid/7445-C336";
-      fsType = "vfat";
-    };
-
-  fileSystems."/arch" =
-    { device = "/dev/disk/by-label/endeavouros";
-      fsType = "btrfs";
-    };
-
-  swapDevices = [ ];
-
-  powerManagement.cpuFreqGovernor = lib.mkDefault "powersave";
-  hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
-}

packages/default.nix

@@ -1,4 +1,4 @@
 { pkgs, ... }:
 {
-  nextcloudTalkDesktop = pkgs.callPackage ./nextcloud-talk-desktop {};
+  vulkanHDRLayer = pkgs.callPackage ./vulkan-hdr-layer {};
 }

packages/nextcloud-talk-desktop/default.nix

@@ -1,79 +0,0 @@
-{ lib
-, stdenv
-, fetchzip
-, autoPatchelfHook
-
-, nss
-, cairo
-, xorg
-, libxkbcommon
-, alsa-lib
-, at-spi2-core
-, mesa
-, pango
-, libdrm
-, vivaldi-ffmpeg-codecs
-, gtk3
-, libGL
-, libglvnd
-, systemd
-}:
-
-stdenv.mkDerivation (finalAttrs: {
-  pname = "nextcloud-talk-desktop";
-  version = "0.29.0";
-
-  # Building from source would require building also building Server and Talk components
-  # See https://github.com/nextcloud/talk-desktop?tab=readme-ov-file#%EF%B8%8F-prerequisites
-  src = fetchzip {
-    url = "https://github.com/nextcloud-releases/talk-desktop/releases/download/v${finalAttrs.version}/Nextcloud.Talk-linux-x64-${finalAttrs.version}.zip";
-    hash = "sha256-fBIeNv8tfrVTFExLQDBPhIazvbsJ7a76+W9G0cuQDlw=";
-    stripRoot = false;
-  };
-
-  nativeBuildInputs = [ autoPatchelfHook ];
-
-  buildInputs = [
-    nss
-    cairo
-    alsa-lib
-    at-spi2-core
-    pango
-    libdrm
-    libxkbcommon
-    gtk3
-    vivaldi-ffmpeg-codecs
-    mesa
-    libGL
-    libglvnd
-  ] ++ (with xorg; [libX11 libXcomposite libXdamage libXrandr libXfixes libXcursor]);
-
-  # Required to launch the application and proceed past the zygote_linux fork() process
-  # Fixes `Zygote could not fork`
-  runtimeDependencies = [ systemd ];
-
-  preInstall = ''
-    mkdir -p $out/bin
-    mkdir -p $out/opt
-
-    cp -r $src/* $out/opt/
-  '';
-
-  installPhase = ''
-    runHook preInstall
-
-    # Link the application in $out/bin away from contents of `preInstall`
-    ln -s "$out/opt/Nextcloud Talk-linux-x64/Nextcloud Talk" $out/bin/${finalAttrs.pname}
-
-    runHook postInstall
-  '';
-
-  meta = with lib; {
-    description = "Nextcloud Talk Desktop Client Preview";
-    homepage = "https://github.com/nextcloud/talk-desktop";
-    changelog = "https://github.com/nextcloud/talk-desktop/blob/${finalAttrs.version}/CHANGELOG.md";
-    license = licenses.agpl3Only;
-    maintainers = with maintainers; [ kashw2 ];
-    mainProgram = finalAttrs.pname;
-  };
-})

packages/vulkan-hdr-layer/default.nix

@@ -0,0 +1,34 @@
+{ lib, stdenv, fetchFromGitHub, meson, pkg-config, vulkan-loader, ninja, writeText, vulkan-headers, vulkan-utility-libraries,  jq, libX11, libXrandr, libxcb, wayland, wayland-scanner }:
+
+stdenv.mkDerivation rec {
+  pname = "vulkan-hdr-layer";
+  version = "63d2eec";
+
+  src = (fetchFromGitHub {
+    owner = "Zamundaaa";
+    repo = "VK_hdr_layer";
+    rev = "869199cd2746e7f69cf19955153080842b6dacfc";
+    fetchSubmodules = true;
+    hash = "sha256-xfVYI+Aajmnf3BTaY2Ysg5fyDO6SwDFGyU0L+F+E3is=";
+  }).overrideAttrs (_: {
+    GIT_CONFIG_COUNT = 1;
+    GIT_CONFIG_KEY_0 = "url.https://github.com/.insteadOf";
+    GIT_CONFIG_VALUE_0 = "git@github.com:";
+  });
+
+  nativeBuildInputs = [ vulkan-headers meson ninja pkg-config jq ];
+
+  buildInputs = [ vulkan-headers vulkan-loader vulkan-utility-libraries libX11 libXrandr libxcb wayland wayland-scanner ];
+
+  # Help vulkan-loader find the validation layers
+  setupHook = writeText "setup-hook" ''
+    addToSearchPath XDG_DATA_DIRS @out@/share
+  '';
+
+  meta = with lib; {
+    description = "Layers providing Vulkan HDR";
+    homepage = "https://github.com/Zamundaaa/VK_hdr_layer";
+    platforms = platforms.linux;
+    license = licenses.mit;
+  };
+}

roles/audio/default.nix

@@ -22,11 +22,19 @@ in
         enable = true;
         pulse.enable = true;
       };
-      hardware.pulseaudio.package = pkgs.pulseaudioFull;
+
-      hardware.pulseaudio.extraConfig = "
+      services.pulseaudio = {
+        package = pkgs.pulseaudioFull;
+        extraConfig = ''
           load-module module-combine-sink
           load-module module-switch-on-connect
-      ";
+        '';
+      };
+
+      services.squeezelite = {
+        #enable = true;
+        pulseAudio = true;
+      };
     };
 
 }

roles/default.nix

@@ -10,7 +10,6 @@ with lib;
     ./kodi
     ./nfs-mounts
     ./printing
-    ./secrets
     ./spotifyd
     ./users
     ./virtualisation
@@ -31,34 +30,56 @@ with lib;
     };
     time.timeZone = "America/Los_Angeles";
 
+    services.xserver.xkb = {
+      layout = "us";
+      variant = "";
+      options = "caps:escape";
+    };
+
+    # Don't go to emergency mode if we aren't able to mount filesystems.
+    # This is silly if you have multiple hard drives or partitions
+    # configured on a machine and then one goes away intentionally or
+    # unintentionally. If the system is already booting, let it continue
+    # to try and boot.
+    systemd.enableEmergencyMode = false;
+
     # Enable the OpenSSH daemon.
     services.openssh.enable = true;
 
     environment.systemPackages = with pkgs; [
-      vim # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default.
       git
+      glances
+      pciutils
+      tree
+      usbutils
+      vim
     ];
 
     nix = {
-      package = pkgs.nixFlakes;
+      package = pkgs.nix;
-      distributedBuilds = true;
+      # distributedBuilds = true;
-      buildMachines = [{
+      # buildMachines = [{
-        hostName = "z790prors.oglehome";
+      #   hostName = "z790prors.oglehome";
-        system = "x86_64-linux";
+      #   system = "x86_64-linux";
-        protocol = "ssh-ng";
+      #   protocol = "ssh-ng";
-        sshUser = "johno";
+      #   sshUser = "johno";
-        sshKey = "/root/.ssh/id_ed25519";
+      #   sshKey = "/root/.ssh/id_ed25519";
-        maxJobs = 3;
+      #   maxJobs = 3;
-        speedFactor = 2;
+      #   speedFactor = 2;
-      }];
+      # }];
       settings = {
         experimental-features = [ "nix-command" "flakes" ];
         max-jobs = "auto";
         trusted-users = [ "johno" ];
         substituters = [
-          "https://hyprland.cachix.org"
         ];
       };
+
+      gc = {
+        automatic = true;
+        randomizedDelaySec = "14m";
+        options = "--delete-older-than 10d";
+      };
     };
 
     nixpkgs.config.allowUnfree = true;

roles/desktop/default.nix

@@ -2,103 +2,23 @@
 
 with lib;
 
-let
-  cfg = config.roles.desktop;
-
-  basePackages = with pkgs; [
-    brightnessctl
-  ];
-
-  x11BasePackages = with pkgs; [
-
-  ];
-
-  x11OnlyPackages = with pkgs; [
-    emacs
-  ];
-
-  waylandBasePackages = with pkgs; [
-    grim
-    slurp
-    wl-clipboard
-    mako
-  ];
-
-  waylandOnlyPackages = with pkgs; [
-    emacs-gtk
-  ];
-in
 {
   options.roles.desktop = {
-    enable = mkEnableOption "Enable the desktop role";
+    enable = mkEnableOption "Enable the desktop role.";
-    x11Only = mkOption {
+
-      type = types.bool;
+    x11 = mkOption { type = types.bool; default = false; description = "Enable X11 support."; };
-      default = false;
+    wayland = mkOption { type = types.bool; default = false; description = "Enable Wayland support."; };
-    };
+    kde = mkOption { type = types.bool; default = false; description = "Enable KDE."; };
+    gaming = mkOption { type = types.bool; default = false; description = "Enable gaming support."; };
+    sddm = mkOption { type = types.bool; default = false; description = "Enable SDDM greeter."; };
   };
 
-  config = mkIf cfg.enable
+  imports = [
-    {
+    ./x11.nix
-      services.xserver.xkb = {
+    ./wayland.nix
-        layout = "us";
+    ./gaming.nix
-        variant = "";
+    ./kde.nix
-        options = "caps:escape";
+    ./programs.nix
-      };
+    ./sddm.nix
-      services.xserver.enable = true;
-
-      services.displayManager.sddm = {
-        enable = true;
-        wayland.enable = !cfg.x11Only;
-      };
-      services.desktopManager.plasma6.enable = true;
-
-      services.xserver.windowManager.i3 = {
-        enable = true;
-        extraPackages = with pkgs; [
-          dmenu
-          i3status
-          i3lock
   ];
-      };
-      programs.dconf.enable = true;
-      services.gnome.gnome-keyring.enable = true;
-
-      programs.sway = mkIf (!cfg.x11Only) {
-        enable = true;
-        wrapperFeatures.gtk = true;
-      };
-      programs.light.enable = mkIf (!cfg.x11Only) true;
-
-      programs.kdeconnect.enable = true;
-      programs.java.enable = true;
-      programs.steam = {
-        enable = true;
-        remotePlay.openFirewall = true;
-        localNetworkGameTransfers.openFirewall = true;
-        #package = pkgs.steam.override {
-        #withJava = true;
-        #withPrimus = true;
-        #extraPkgs = pkgs: [ bumblebee glxinfo ];
-        #};
-      };
-      services.sunshine = {
-        enable = true;
-        autoStart = true;
-        capSysAdmin = true;
-        openFirewall = true;
-      };
-
-      virtualisation.docker.enable = true;
-      users.extraGroups.docker.members = [ "johno" ];
-
-      environment.systemPackages = with pkgs; mkMerge [
-        basePackages
-        x11BasePackages
-        (mkIf cfg.x11Only x11OnlyPackages)
-        # TODO: Do we need a "wayland only" mode?
-        (mkIf (!cfg.x11Only) waylandBasePackages)
-        (mkIf (!cfg.x11Only) waylandOnlyPackages)
-      ];
-    };
-
 }

roles/desktop/gaming.nix

@@ -0,0 +1,18 @@
+{ lib, config, pkgs, ... }:
+
+with lib;
+
+let
+  cfg = config.roles.desktop;
+in
+{
+  config = mkIf (cfg.enable && cfg.gaming) {
+    environment.systemPackages = with pkgs; [
+      steam
+      lutris
+      moonlight
+    ];
+
+    # Possibly other gaming specific services or settings
+  };
+}

roles/desktop/kde.nix

@@ -0,0 +1,12 @@
+{ config, lib, pkgs, ... }:
+
+with lib;
+
+let
+  cfg = config.roles.desktop;
+in
+{
+  config = mkIf (cfg.enable && cfg.kde) {
+    services.desktopManager.plasma6.enable = true;
+  };
+}

roles/desktop/programs.nix

@@ -0,0 +1,20 @@
+{ lib, config, pkgs, ... }:
+
+with lib;
+
+let
+  cfg = config.roles.desktop;
+in
+{
+  config = mkIf cfg.enable {
+    environment.systemPackages = with pkgs; [
+      brightnessctl
+      emacs-nox
+      moonlight-qt
+    ];
+
+    programs.dconf.enable = true;
+    services.gnome.gnome-keyring.enable = true;
+    programs.kdeconnect.enable = true;
+  };
+}

roles/desktop/sddm.nix

@@ -0,0 +1,15 @@
+{ lib, config, pkgs, ... }:
+
+with lib;
+
+let
+  cfg = config.roles.desktop;
+in
+{
+  config = mkIf (cfg.enable && cfg.sddm) {
+    services.displayManager.sddm = {
+      enable = true;
+      wayland.enable = (!cfg.x11 && cfg.wayland);
+    };
+  };
+}

roles/desktop/wayland.nix

@@ -0,0 +1,23 @@
+{ lib, config, pkgs, ... }:
+
+with lib;
+
+let
+  cfg = config.roles.desktop;
+in
+{
+  config = mkIf (cfg.enable && cfg.wayland) {
+    programs.sway = {
+      enable = true;
+      wrapperFeatures.gtk = true;
+    };
+    programs.light.enable = true;
+
+    environment.systemPackages = with pkgs; [
+      grim
+      slurp
+      wl-clipboard
+      mako
+    ];
+  };
+}

roles/desktop/x11.nix

@@ -0,0 +1,19 @@
+{ lib, config, pkgs, ... }:
+
+with lib;
+
+let
+  cfg = config.roles.desktop;
+in
+{
+  config = mkIf (cfg.enable && cfg.x11) {
+    services.xserver = {
+      enable = true;
+
+      windowManager.i3 = {
+        enable = true;
+        extraPackages = with pkgs; [ dmenu i3status i3lock ];
+      };
+    };
+  };
+}

roles/kodi/default.nix

@@ -27,45 +27,28 @@ in
     ]);
   in mkIf cfg.enable
     {
-      users.extraUsers.kodi.isNormalUser = true;
+      users.extraUsers.kodi = {
+        isNormalUser = true;
+	extraGroups = [ "wheel" "networkmanager" "audio" "video" ];
+      };
 
       networking.firewall = {
         allowedTCPPorts = [ 8080 ];
         allowedUDPPorts = [ 8080 ];
       };
 
-      services = if cfg.autologin then mkMerge [
+      environment.systemPackages = with pkgs; [
-        (mkIf cfg.wayland {
+	kodiPkg
-          cage = mkIf cfg.wayland {
+        wget
-            user = "kodi";
+      ];
-            program = "${kodiPkg}/bin/kodi-standalone";
-            enable = true;
-          };
-          xserver = {
-            enable = false;
-            autorun = false;
-          };
-        })
 
-        (mkIf (!cfg.wayland) {
+      services = if cfg.autologin then {
-          xserver = {
-            enable = true;
-            desktopManager.kodi = {
-              enable = true;
-              package = kodiPkg;
-            };
-            displayManager.lightdm = {
-              enable = true;
-              greeter.enable = false;
-            };
-          };
           displayManager = {
             autoLogin.enable = true;
             autoLogin.user = "kodi";
             defaultSession = "kodi";
-            sessionData.autologinSession = "kodi";
+            sessionData.autologinSession = "plasma";
           };
-        })
+      } else {};
-      ] else {};
     };
 }

roles/secrets/default.nix

@@ -1,8 +0,0 @@
-{ config, lib, pkgs, inputs, ... }:
-
-{
-  sops.defaultSopsFile = ../../secrets/secrets.yaml;
-  sops.defaultSopsFormat = "yaml";
-  sops.age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" "/home/johno/.ssh/id_ed25519" ];
-  sops.secrets.example_key = {};
-}

roles/users/default.nix

@@ -25,7 +25,7 @@ in
     users.users.johno = {
       isNormalUser = true;
       description = "John Ogle";
-      extraGroups = [ "wheel" "networkmanager" "audio" ] ++ cfg.extraGroups;
+      extraGroups = [ "wheel" "networkmanager" "audio" "video" ] ++ cfg.extraGroups;
     };
 
     users.users.eli = mkIf cfg.kids {

roles/virtualisation/default.nix

@@ -14,5 +14,7 @@ in
     {
       virtualisation.libvirtd.enable = true;
       programs.virt-manager.enable = true;
+      virtualisation.docker.enable = true;
+      users.extraGroups.docker.members = [ "johno" ];
     };
 }

secrets/secrets.yaml

@@ -1,48 +0,0 @@
-hello: ENC[AES256_GCM,data:5ZpbPx3D8gQc1fOhViUqiCr0zLWYotB+vIBixqTbqP9XLS52y6tr5DXus0aV9mTgka5deqc=,iv:yPJaCqDD9WD56swfBjSm7A62ZTTIQDqyAKOgP1ese+U=,tag:bo8+7Ne2f9aEZSvpkt1fzA==,type:str]
-example_key: ENC[AES256_GCM,data:v15bEcb0H3vaj13blg==,iv:9P3IA7ChBamo41VE8G8tj46sZqeijsO1LcvwLtEPVPA=,tag:o/lAyAYYGNLP9EjQNa/K8Q==,type:str]
-example_array:
-    - ENC[AES256_GCM,data:3Vwa7dfNfKzRc/xpk6I=,iv:IevBgxwWdaBvZY1ywteWcfWwDIA8lK3FTWs67lLBKxw=,tag:Mx5lzUeNZ/3wJBWAl5XSBw==,type:str]
-    - ENC[AES256_GCM,data:epkT6WPGW5Oe/S+4HtU=,iv:N0yoDuieAaEi+NuCoCL4zrkhaDDdkttboI89m+UccjQ=,tag:OoERRByb0OM4un9oGLJQgA==,type:str]
-#ENC[AES256_GCM,data:YzMFXxn3sbbHpGB4jPRtRw==,iv:TN6ogQuH7c6xtDoWt0Ew9B2f7wuaipJynvscZmaJYoU=,tag:No0UwEktEyMNBg/46P+Zmg==,type:comment]
-example_number: ENC[AES256_GCM,data:jmLoVC+8YIlB2A==,iv:u9GztD/aE9UN5zWq3Am2nhYwmYt3sf8sy65MHbhVoD0=,tag:wKuf1mMr5XBJveJrz0uHPA==,type:float]
-example_booleans:
-    - ENC[AES256_GCM,data:ZacILA==,iv:xo+7aFFQXzbJzKDY0mYTeFLf10AlnHkywDRAMHeprEM=,tag:F/OnJdqjrZP02sTLWLmnbg==,type:bool]
-    - ENC[AES256_GCM,data:NaFrvrs=,iv:kKDmGs9u/w5qrZ/379Jlx8AotUVADvH+eHwHCqykmkE=,tag:nD9TsmkXUm4ABaT1ABWmcg==,type:bool]
-sops:
-    kms: []
-    gcp_kms: []
-    azure_kv: []
-    hc_vault: []
-    age:
-        - recipient: age1ls6a033d4p4u8h4rwazjwt8w4c4xg73wq0mdnm64jajxzcz4k9asvjnks3
-          enc: |
-            -----BEGIN AGE ENCRYPTED FILE-----
-            YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBjak9vRVJtVmJoanhEZ0hQ
-            MFJwMEE4UDcrRkdPRmZ6R09FSDY1aTk3Y1dNClZJYXRLNU5senR3Qzh6VmZGMlhu
-            bnl6VjlaUEFISnBtSTVrcEd0ZjI5Q2MKLS0tIFl1b3A5ZWVqc1gvWVZnZis0ZHFk
-            bWhnNVB2TUJ4YzY4NHdSVXhPc3dReTgKWRYBbBE3+oGsRNw1CROhFY+btENbShfv
-            gw3IdW7OoZV6JpJBOcI82eOuOkIxrmgSGDGeyy10/a5MA/cB1umm+w==
-            -----END AGE ENCRYPTED FILE-----
-        - recipient: age12l5u7sw59u5pkwp83qm8t3ff7uv0ld2c9k3zh5j4ame9k2szcynqu7ftqe
-          enc: |
-            -----BEGIN AGE ENCRYPTED FILE-----
-            YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBGcmV3TDlNL2Zxb0h5QTYx
-            QkVmczA0MDc2ZnpNNU1YeFVzSXJwc3RWUmk4CjF4bHIrVU9VM3htTUxGZ2FUR256
-            UEovdVV2cmNIbkloS1VobTNFSDVyRG8KLS0tIEFhUk5kL3hCNGs4MGJBTmNJaVFm
-            b2ZBUGJ1K0lKTitKYTRUMWszQzhBU0UKBaM6t6JmWfiG+wPorGea1gqvV5RSIPyw
-            6yb2PcH2oZ0HrjJM5sjfu7XOWY3KneiZZikR1BpD5KvevfagWTSR/w==
-            -----END AGE ENCRYPTED FILE-----
-        - recipient: age1fa3zqavfmqk4ssa22yne9td90gyqv9q5a8y0s8jp3xak8q7p3yjqyn7rkg
-          enc: |
-            -----BEGIN AGE ENCRYPTED FILE-----
-            YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBaMFJiNjVOb0lTcmJ3VnhH
-            WlRKZERRZFM3TFZBZGNSZC9GdHlHakMza21zClJ3SDdFUkVRc3oyVVU3WEtDQzBu
-            OEFqS3NwbHZFUlpCYlN6RW84N0F1amcKLS0tIHFZK21aTHdwZ2dWbVRrWEZDWFZj
-            aU1IQzdTMVhnbHhsNENwMG05dXhOU2MK8fEJea9sL5JLgltVlTI6mRDb+Tl83Iz7
-            4wPYvo68cn8vimXqSk45ldHRrNa3zhYai3CalQaGtDT3fkWGvSq0zQ==
-            -----END AGE ENCRYPTED FILE-----
-    lastmodified: "2024-09-28T15:44:39Z"
-    mac: ENC[AES256_GCM,data:YUi+AbS6DQTmrSyOXsbkZWfWaMyKGR8fYm/MHcxmqChi8hng+UWHBZjsLBe6ef/FLH3rnP6bhfwK8KYnVS6fHvHahoqIq/BHydTsqrclnSgRAGl8Lh0yuhwISNRvP1AuW5pd50sdQaS0uGOtzOCharI/pZ9H+cmt2SB5WOCdeLs=,iv:2nBG6it3tNSLSia8hGzCcesuK9QwzB9EzfjWegjQ2kw=,tag:RGGPAPw/rQKhWA2OqLjTJw==,type:str]
-    pgp: []
-    unencrypted_suffix: _unencrypted
-    version: 3.9.0