Big refactor (#8)

* Update to 24.11 channel and add `ghostty`

* full restructure

* minor changes

* fix issues

* fixes and improvements

* Add back some old config

* working example for now

nixos/configuration.nix

@@ -0,0 +1,54 @@
+{ config, pkgs, inputs, ... }:
+
+{
+  # Bootloader and EFI settings
+  boot.loader.systemd-boot.enable = true;
+  boot.loader.efi.canTouchEfiVariables = true;
+
+  # Hostname and networking
+  networking.hostName = "tongfang";
+  networking.networkmanager.enable = true;
+
+  # Time and locale settings
+  time.timeZone = "Europe/Amsterdam";
+  i18n.defaultLocale = "en_US.UTF-8";
+  i18n.extraLocaleSettings = {
+    LC_ADDRESS = "nl_NL.UTF-8";
+    LC_IDENTIFICATION = "nl_NL.UTF-8";
+    LC_MEASUREMENT = "nl_NL.UTF-8";
+    LC_MONETARY = "nl_NL.UTF-8";
+    LC_NAME = "nl_NL.UTF-8";
+    LC_NUMERIC = "nl_NL.UTF-8";
+    LC_PAPER = "nl_NL.UTF-8";
+    LC_TELEPHONE = "nl_NL.UTF-8";
+    LC_TIME = "en_US.UTF-8";
+  };
+
+  # Fonts configuration
+  fonts = {
+    enableDefaultPackages = true;
+    packages = with pkgs; [
+      jetbrains-mono
+    ];
+  };
+
+  # Optimization & Garbage Collection
+
+  # Optimize Nix-Store During Rebuilds
+    # NOTE: Optimizes during builds - results in slower builds
+  nix.settings.auto-optimise-store = true;
+
+  # Purge Unused Nix-Store Entries
+  nix.gc = {
+    automatic = true;
+    dates = "weekly";
+    options = "--delete-older-than 14d";
+  };
+
+  # Enable Nix Flakes and experimental features
+  nixpkgs.config.allowUnfree = true;
+  nix.settings.experimental-features = [ "nix-command" "flakes" ];
+
+  # System state version
+  system.stateVersion = "24.11";
+}

nixos/flake.lock

@@ -0,0 +1,58 @@
+{
+  "nodes": {
+    "nixpkgs": {
+      "locked": {
+        "lastModified": 0,
+        "narHash": "sha256-vH5mXxEvZeoGNkqKoCluhTGfoeXCZ1seYhC2pbMN0sg=",
+        "path": "/nix/store/zd5dgszslv09jzybcpf25gpl12s6r2d9-source",
+        "type": "path"
+      },
+      "original": {
+        "id": "nixpkgs",
+        "type": "indirect"
+      }
+    },
+    "nixpkgs_2": {
+      "locked": {
+        "lastModified": 1735471104,
+        "narHash": "sha256-0q9NGQySwDQc7RhAV2ukfnu7Gxa5/ybJ2ANT8DQrQrs=",
+        "owner": "nixos",
+        "repo": "nixpkgs",
+        "rev": "88195a94f390381c6afcdaa933c2f6ff93959cb4",
+        "type": "github"
+      },
+      "original": {
+        "owner": "nixos",
+        "ref": "nixos-unstable",
+        "repo": "nixpkgs",
+        "type": "github"
+      }
+    },
+    "root": {
+      "inputs": {
+        "nixpkgs": "nixpkgs",
+        "zen-browser": "zen-browser"
+      }
+    },
+    "zen-browser": {
+      "inputs": {
+        "nixpkgs": "nixpkgs_2"
+      },
+      "locked": {
+        "lastModified": 1737404254,
+        "narHash": "sha256-L8Lxp/WVdy9gKO2cXptphdP8cMsnGvZF5Noj8N3jLzI=",
+        "owner": "0xc000022070",
+        "repo": "zen-browser-flake",
+        "rev": "f8ef9c97ac2f49d5c04dbf3b3d80a0490c05fefb",
+        "type": "github"
+      },
+      "original": {
+        "owner": "0xc000022070",
+        "repo": "zen-browser-flake",
+        "type": "github"
+      }
+    }
+  },
+  "root": "root",
+  "version": 7
+}

nixos/flake.nix

@@ -0,0 +1,111 @@
+{
+  description = "Bart's NixOS Configuration";
+
+  inputs = {
+    zen-browser.url = "github:0xc000022070/zen-browser-flake";
+  };
+
+  outputs = { nixpkgs, ... } @ inputs:
+  {
+    nixosConfigurations = {
+      tongfang = nixpkgs.lib.nixosSystem {
+        specialArgs = { inherit inputs; };
+        modules = [
+          ./hardware/tongfang.nix
+          ./configuration.nix
+          ./users.nix
+          ./packages.nix
+          ./services.nix
+        ];
+      };
+
+      # tongfang = nixpkgs.lib.nixosSystem {
+      #   specialArgs = { inherit inputs; };
+      #   modules = [
+      #     ./hardware/tongfang.nix
+
+      #     ./modules/kde.nix
+      #     ./modules/battery.nix
+      #     ./modules/bluetooth.nix
+      #     ./modules/bootloader.nix
+      #     ./modules/configuration.nix
+      #     ./modules/creative-tools.nix
+      #     ./modules/devops-tools.nix
+      #     ./modules/display-manager.nix
+      #     ./modules/environment-variables.nix
+      #     ./modules/firewall.nix
+      #     ./modules/fonts.nix
+      #     ./modules/gc.nix
+      #     ./modules/greeter.nix
+      #     ./modules/info-fetchers.nix
+      #     ./modules/internationalisation.nix
+      #     ./modules/keyboard.nix
+      #     ./modules/linux-kernel.nix
+      #     ./modules/lsp.nix
+      #     ./modules/networking.nix
+      #     ./modules/nix-settings.nix
+      #     ./modules/nixpkgs.nix
+      #     ./modules/open-ssh.nix
+      #     ./modules/printing.nix
+      #     ./modules/programming-languages.nix
+      #     ./modules/screen.nix
+      #     ./modules/services.nix
+      #     ./modules/sound.nix
+      #     ./modules/terminal-utils.nix
+      #     ./modules/theme.nix
+      #     ./modules/time.nix
+      #     ./modules/usb.nix
+      #     ./modules/users.nix
+      #     ./modules/utils.nix
+      #     ./modules/virtualisation.nix
+      #     ./modules/vpn.nix
+      #     ./modules/work.nix
+      #   ];
+      # };
+
+      # qemu = nixpkgs.lib.nixosSystem {
+      #   specialArgs = { inherit inputs; };
+      #   modules = [
+      #     ./hardware/qemu.nix
+
+      #     ./modules/kde.nix
+      #     # ./modules/battery.nix
+      #     # ./modules/bluetooth.nix
+      #     # ./modules/bootloader.nix
+      #     ./modules/configuration.nix
+      #     # ./modules/creative-tools.nix
+      #     # ./modules/devops-tools.nix
+      #     ./modules/display-manager.nix
+      #     # ./modules/environment-variables.nix
+      #     # ./modules/firewall.nix
+      #     # ./modules/fonts.nix
+      #     # ./modules/gc.nix
+      #     ./modules/greeter.nix
+      #     # ./modules/info-fetchers.nix
+      #     # ./modules/internationalisation.nix
+      #     # ./modules/keyboard.nix
+      #     # ./modules/linux-kernel.nix
+      #     # ./modules/lsp.nix
+      #     ./modules/networking.nix
+      #     ./modules/nix-settings.nix
+      #     # ./modules/nixpkgs.nix
+      #     # ./modules/open-ssh.nix
+      #     # ./modules/printing.nix
+      #     # ./modules/programming-languages.nix
+      #     # ./modules/screen.nix
+      #     # ./modules/services.nix
+      #     # ./modules/sound.nix
+      #     # ./modules/terminal-utils.nix
+      #     # ./modules/theme.nix
+      #     # ./modules/time.nix
+      #     # ./modules/usb.nix
+      #     ./modules/users.nix
+      #     # ./modules/utils.nix
+      #     # ./modules/virtualisation.nix
+      #     # ./modules/vpn.nix
+      #     # ./modules/work.nix
+      #   ];
+      # };
+    };
+  };
+}

nixos/hardware/qemu.nix

@@ -0,0 +1,35 @@
+# Do not modify this file!  It was generated by ‘nixos-generate-config’
+# and may be overwritten by future invocations.  Please make changes
+# to /etc/nixos/configuration.nix instead.
+{ config, lib, pkgs, modulesPath, ... }:
+
+{
+  imports =
+    [ (modulesPath + "/profiles/qemu-guest.nix")
+    ];
+
+  boot.initrd.availableKernelModules = [ "ahci" "xhci_pci" "virtio_pci" "sr_mod" "virtio_blk" ];
+  boot.initrd.kernelModules = [ ];
+  boot.kernelModules = [ "kvm-amd" ];
+  boot.extraModulePackages = [ ];
+
+  fileSystems."/" =
+    { device = "/dev/disk/by-uuid/d6b08f23-97da-4e41-b70c-90fcc35db534";
+      fsType = "ext4";
+    };
+
+  swapDevices = [ ];
+
+  # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
+  # (the default) this is the recommended approach. When using systemd-networkd it's
+  # still possible to use this option, but it's recommended to use it in conjunction
+  # with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
+  networking.useDHCP = lib.mkDefault true;
+  # networking.interfaces.wlp2s0.useDHCP = lib.mkDefault true;
+
+  nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
+
+  boot.loader.grub.enable = true;
+  boot.loader.grub.device = "/dev/vda";
+  boot.loader.grub.useOSProber = true;
+}

nixos/hardware/tongfang.nix

@@ -0,0 +1,44 @@
+# Do not modify this file!  It was generated by ‘nixos-generate-config’
+# and may be overwritten by future invocations.  Please make changes
+# to /etc/nixos/configuration.nix instead.
+{ config, lib, pkgs, modulesPath, ... }:
+
+let
+  yt6801 = import ./yt6801.nix {
+    inherit (pkgs) stdenv lib fetchzip;
+    kernel = pkgs.linuxPackages.kernel;
+  };
+in
+{
+  imports =
+    [ (modulesPath + "/installer/scan/not-detected.nix")
+    ];
+
+  boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" "thunderbolt" "usb_storage" "sd_mod" "sdhci_pci" ];
+  boot.initrd.kernelModules = [ ];
+  boot.kernelModules = [ "kvm-amd" ];
+  boot.extraModulePackages = [ yt6801 ];
+
+  fileSystems."/" =
+    { device = "/dev/disk/by-uuid/c7cf28c3-5744-45cc-8a81-456d24e44b7a";
+      fsType = "ext4";
+    };
+
+  fileSystems."/boot" =
+    { device = "/dev/disk/by-uuid/CEF6-7DAA";
+      fsType = "vfat";
+      options = [ "fmask=0077" "dmask=0077" ];
+    };
+
+  swapDevices = [ ];
+
+  # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
+  # (the default) this is the recommended approach. When using systemd-networkd it's
+  # still possible to use this option, but it's recommended to use it in conjunction
+  # with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
+  networking.useDHCP = lib.mkDefault true;
+  # networking.interfaces.wlp2s0.useDHCP = lib.mkDefault true;
+
+  nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
+  hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
+}

nixos/hardware/yt6801.nix

@@ -0,0 +1,51 @@
+{
+  kernel,
+  stdenv,
+  lib,
+  fetchzip,
+}:
+
+stdenv.mkDerivation {
+  pname = "yt6801";
+  version = "1.0.29";
+
+  src = fetchzip {
+    url = "https://www.motor-comm.com/Public/Uploads/uploadfile/files/20240812/yt6801-linux-driver-1.0.29.zip";
+    sha256 = "sha256-oz6CeOUN6QWKXxe3WUZljhGDTFArsknjzBuQ4IchGeU=";
+    stripRoot = false;
+  };
+
+  nativeBuildInputs = kernel.moduleBuildDependencies;
+
+  preConfigure = "cd src";
+
+  configurePhase = "true";
+
+  buildFlags = [ "modules" ];
+
+  makeFlags =
+    [
+      "ARCH=${stdenv.hostPlatform.linuxArch}"
+      "KSRC=${kernel.dev}/lib/modules/${kernel.modDirVersion}/build"
+    ]
+    ++ lib.optionals (stdenv.hostPlatform != stdenv.buildPlatform) [
+      "CROSS_COMPILE=${stdenv.cc.targetPrefix}"
+    ];
+
+  installPhase = ''
+    mkdir -p $out/lib/modules/${kernel.modDirVersion}/kernel/drivers/net/ethernet/motorcomm
+    cp src/yt6801.ko $out/lib/modules/${kernel.modDirVersion}/kernel/drivers/net/ethernet/motorcomm/
+  '';
+
+  enableParallelBuilding = true;
+
+  meta = with lib; {
+    description = "Motorcomm yt6801 Network Interface Card driver";
+    homepage = "https://www.motor-comm.com/product/ethernet-control-chip";
+    license = with licenses; [
+      gpl2Plus
+      gpl2Only
+    ];
+    platforms = platforms.linux;
+  };
+}

nixos/modules/battery.nix

@@ -0,0 +1,16 @@
+{ pkgs, ... }:
+
+{
+  services.power-profiles-daemon.enable = false;
+  services.thermald.enable = true;
+
+  services.tlp = {
+    enable = true;
+    settings = {
+      CPU_BOOST_ON_AC = 1;
+      CPU_BOOST_ON_BAT = 0;
+      CPU_SCALING_GOVERNOR_ON_AC = "performance";
+      CPU_SCALING_GOVERNOR_ON_BAT = "powersave";
+    };
+  };
+}

nixos/modules/bluetooth.nix

@@ -0,0 +1,12 @@
+{ pkgs, ... }:
+
+{
+  # Only power the Bluetooth controller after logon
+  hardware.bluetooth.enable = true;
+  hardware.bluetooth.powerOnBoot = false;
+
+  # Use Overskride bluetooth client
+  environment.systemPackages = with pkgs; [
+    overskride
+  ];
+}

nixos/modules/bootloader.nix

@@ -0,0 +1,17 @@
+{ pkgs,  ... }:
+
+{
+  # Bootloader options
+  boot.loader.systemd-boot.enable = true;
+  boot.loader.efi.canTouchEfiVariables = true;
+  boot.loader.timeout = 2;
+  boot.initrd.enable = true;
+  boot.initrd.systemd.enable = true;
+  boot.consoleLogLevel = 3;
+  boot.plymouth = {
+    enable = true;
+    font = "${pkgs.jetbrains-mono}/share/fonts/truetype/JetBrainsMono-Regular.ttf";
+    themePackages = [ pkgs.nixos-bgrt-plymouth ];
+    theme = "nixos-bgrt";
+  };
+}

nixos/modules/configuration.nix

@@ -0,0 +1,9 @@
+# Edit trueconfiguration file to define what should be installed on
+# your system.  Help is available in the configuration.nix(5) man page
+# and in the NixOS manual (accessible by running ‘nixos-help’).
+
+{ ... }:
+
+{
+  system.stateVersion = "24.11";
+}

nixos/modules/creative-tools.nix

@@ -0,0 +1,9 @@
+{ pkgs, ... }:
+
+{
+  environment.systemPackages = with pkgs; [
+    blender
+    inkscape
+    gimp
+  ];
+}

nixos/modules/devops-tools.nix

@@ -0,0 +1,11 @@
+{ pkgs, ... }:
+
+{
+  environment.systemPackages = with pkgs; [
+    azure-cli
+    opentofu
+    curl
+    go-task
+    sops
+  ];
+}

nixos/modules/display-manager.nix

@@ -0,0 +1,18 @@
+{ pkgs, ... }:
+
+{
+  # Enable Display Manager
+  services.greetd = {
+    enable = true;
+    settings = {
+      default_session = {
+        command = "${pkgs.greetd.tuigreet}/bin/tuigreet --time --time-format '%I:%M %p | %a • %h | %F' --cmd Hyprland";
+        user = "greeter";
+      };
+    };
+  };
+
+  environment.systemPackages = with pkgs; [
+    greetd.tuigreet
+  ];
+}

nixos/modules/environment-variables.nix

@@ -0,0 +1,8 @@
+{ pkgs, ... }:
+
+{
+  # Setup Env Variables
+  environment.variables.SPOTIFY_PATH = "${pkgs.spotify}/";
+  environment.variables.JDK_PATH = "${pkgs.jdk11}/";
+  environment.variables.NODEJS_PATH = "${pkgs.nodePackages_latest.nodejs}/";
+}

nixos/modules/firewall.nix

@@ -0,0 +1,10 @@
+{ ... }:
+
+{
+  # Open ports in the firewall.
+  networking.firewall.enable = true;
+  networking.firewall.allowedTCPPorts = [ ];
+  networking.firewall.allowedUDPPorts = [ 
+    5353 # Spotify Connect
+  ];
+}

nixos/modules/fonts.nix

@@ -0,0 +1,10 @@
+{ pkgs, ... }:
+
+{
+  # Fonts
+  fonts.packages = with pkgs; [
+    jetbrains-mono
+    nerd-font-patcher
+    noto-fonts-color-emoji
+  ];
+}

nixos/modules/gaming.nix

@@ -0,0 +1,6 @@
+{ pkgs, ... }:
+
+{
+  # Enable Steam
+  programs.steam.enable = true;
+}

nixos/modules/gc.nix

@@ -0,0 +1,16 @@
+{ ... }:
+
+{
+  # Optimize storage and automatic scheduled GC running
+  # If you want to run GC manually, use commands:
+  # `nix-store --optimize` for finding and eliminating redundant copies of identical store paths
+  # `nix-store --gc` for optimizing the nix store and removing unreferenced and obsolete store paths
+  # `nix-collect-garbage -d` for deleting old generations of user profiles
+  nix.settings.auto-optimise-store = true;
+  nix.optimise.automatic = true;
+  nix.gc = {
+    automatic = true;
+    dates = "weekly";
+    options = "--delete-older-than 14d";
+  };
+}

nixos/modules/gnome.nix

@@ -0,0 +1,10 @@
+{ pkgs, ... }:
+
+{
+  services.xserver = {
+    enable = true;
+    xkb.layout = "us";
+    desktopManager.gnome.enable = true;
+    displayManager.gdm.enable = true;
+  };
+}

nixos/modules/greeter.nix

@@ -0,0 +1,18 @@
+{ pkgs, ... }:
+
+{
+  # Enable Display Manager
+  services.greetd = {
+    enable = true;
+    settings = {
+      default_session = {
+        command = "${pkgs.greetd.tuigreet}/bin/tuigreet --time --time-format '%I:%M %p | %a • %h | %F' --cmd Hyprland";
+        user = "greeter";
+      };
+    };
+  };
+
+  environment.systemPackages = with pkgs; [
+    greetd.tuigreet
+  ];
+}

nixos/modules/hyprland.nix

@@ -0,0 +1,25 @@
+{ inputs, pkgs, ... }:
+
+{
+  # Enable Hyprland
+  programs.hyprland.enable = true;
+  environment.sessionVariables.NIXOS_OZONE_WL = "1";
+  environment.sessionVariables.WLR_NO_HARDWARE_CURSORS = "1";
+
+  environment.systemPackages = with pkgs; [
+    pyprland # plugin system
+    hyprpicker # color picker
+    hyprcursor # cursor format
+    hyprlock # lock screen
+    hypridle # idle daemon
+    hyprpaper # wallpaper util
+
+    inputs.ghostty.packages.${pkgs.system}.default # terminal emulator
+    starship # prompt
+    helix # txt editor
+    inputs.zen-browser.packages.${pkgs.system}.default # browser
+    zathura # pdf viewer
+    mpv # media player
+    imv # image viewer
+  ];
+}

nixos/modules/info-fetchers.nix

@@ -0,0 +1,28 @@
+{ pkgs, ... }:
+
+{
+  environment.systemPackages = with pkgs; [
+    neofetch
+    onefetch
+    ipfetch
+    cpufetch
+    ramfetch
+    starfetch
+    octofetch
+    htop
+    bottom
+    btop
+    zfxtop
+    kmon
+
+    vulkan-tools
+    # opencl-info
+    # clinfo
+    # vdpauinfo
+    # libva-utils
+    wlr-randr
+    gpu-viewer
+    dig
+    speedtest-rs
+  ];
+}

nixos/modules/internationalisation.nix

@@ -0,0 +1,30 @@
+{ pkgs, ... }:
+
+{
+  i18n.supportedLocales = [
+    "en_US.UTF-8/UTF-8"
+    "nl_NL.UTF-8/UTF-8"
+  ];
+  
+  i18n.defaultLocale = "en_US.UTF-8";
+
+  i18n.extraLocaleSettings = {
+    LC_ADDRESS = "en_US.UTF-8";
+    LC_IDENTIFICATION = "en_US.UTF-8";
+    LC_MEASUREMENT = "en_US.UTF-8";
+    LC_MONETARY = "en_US.UTF-8";
+    LC_NAME = "en_US.UTF-8";
+    LC_NUMERIC = "en_US.UTF-8";
+    LC_PAPER = "en_US.UTF-8";
+    LC_TELEPHONE = "en_US.UTF-8";
+    LC_TIME = "en_US.UTF-8";
+  };
+
+  environment.systemPackages = with pkgs; [
+    nuspell
+    hyphen
+    hunspell
+    hunspellDicts.en_US
+    hunspellDicts.nl_NL
+  ];
+}

nixos/modules/kde.nix

@@ -0,0 +1,11 @@
+{ pkgs, ... }:
+
+{
+  # Enable KDE Plasma 6
+  services.xserver.enable = true;
+  services.displayManager.sddm = {
+    enable = true;
+    wayland.enable = true;
+  };
+  services.desktopManager.plasma6.enable = true;
+}

nixos/modules/keyboard.nix

@@ -0,0 +1,14 @@
+{ pkgs, ... }:
+
+{
+  services.xserver = {
+    xkb.layout = "us";
+    xkb.options = "grp:alt_shift_toggle";
+  };
+
+  environment.systemPackages = with pkgs; [
+    klavaro # typing tutor
+    gtypist # typing tutor
+    via # keyboard configurator
+  ];
+}

nixos/modules/linux-kernel.nix

@@ -0,0 +1,21 @@
+{ pkgs, ... }:
+
+{
+  # Linux Kernel
+  boot.kernelPackages = pkgs.linuxKernel.packages.linux_zen;
+  boot.kernelParams = [ 
+    "splash"
+    "quiet"
+    "fbcon=nodefer"
+    "vt.global_cursor_default=0"
+    "kernel.modules_disabled=1"
+    "lsm=landlock,lockdown,yama,integrity,bpf,tomoyo"
+    "usbcore.autosuspend=-1"
+    "video4linux"
+    "acpi_rev_override=5"
+  ];
+
+  environment.systemPackages = with pkgs; [
+    policycoreutils
+  ];
+}

nixos/modules/lsp.nix

@@ -0,0 +1,31 @@
+{ pkgs, ... }:
+
+{
+  environment.systemPackages = with pkgs; [
+    python311Packages.python-lsp-server
+    nodePackages_latest.nodemon
+    nodePackages_latest.typescript
+    nodePackages_latest.typescript-language-server
+    nodePackages_latest.vscode-langservers-extracted
+    nodePackages_latest.yaml-language-server
+    nodePackages_latest.dockerfile-language-server-nodejs
+    nodePackages_latest.bash-language-server
+    nodePackages_latest.graphql-language-service-cli
+    sumneko-lua-language-server
+    marksman
+    markdown-oxide
+    nil
+    zls
+    gopls
+    delve
+    emmet-language-server
+    buf
+    cmake-language-server
+    docker-compose-language-service
+    vscode-extensions.vadimcn.vscode-lldb
+    slint-lsp
+    terraform-ls
+    ansible-language-server
+    hyprls
+  ];  
+}

nixos/modules/networking.nix

@@ -0,0 +1,13 @@
+{ pkgs, ... }:
+
+{
+  # Enable networking
+  networking.hostName = "tongfang";
+  networking.networkmanager.enable = true;
+  users.extraGroups.networkmanager.members = [ "bart" ];
+  
+  environment.systemPackages = with pkgs; [
+    iwgtk
+    impala
+  ];
+}

nixos/modules/nix-settings.nix

@@ -0,0 +1,8 @@
+{ ... }:
+
+{
+  # Nix Configuration
+  nix.settings = {
+    experimental-features = [ "nix-command" "flakes" ];    
+  };
+}

nixos/modules/nixpkgs.nix

@@ -0,0 +1,6 @@
+{ ... }:
+
+{
+  # Allow unfree packages
+  nixpkgs.config.allowUnfree = true;
+}

nixos/modules/open-ssh.nix

@@ -0,0 +1,14 @@
+{ pkgs, ... }:
+
+{
+  # Enable the OpenSSH daemon.
+  services.openssh = {
+    enable = true;
+    settings = {
+      PasswordAuthentication = false;
+      KbdInteractiveAuthentication = false;
+      PermitRootLogin = "no";
+      AllowUsers = [ "bart" ];
+    };
+  };
+}

nixos/modules/printing.nix

@@ -0,0 +1,8 @@
+{ ... }:
+
+{
+  # Enable CUPS to print documents.
+  services.printing.enable = true;
+  # Disable browsed: https://discourse.nixos.org/t/newly-announced-vulnerabilities-in-cups
+  services.printing.browsed.enable = false;
+}

nixos/modules/programming-languages.nix

@@ -0,0 +1,13 @@
+{ pkgs, ... }:
+
+{
+  environment.systemPackages = with pkgs; [
+    go
+    (python312Full.withPackages(ps: with ps; [ pygobject3 gobject-introspection pyqt6-sip]))
+    nodePackages_latest.nodejs
+    nodePackages_latest.pnpm
+    bun
+    lua
+    zig
+  ];
+}

nixos/modules/screen.nix

@@ -0,0 +1,10 @@
+{ pkgs, ... }:
+
+{
+  programs.light.enable = true;
+
+  environment.systemPackages = with pkgs; [
+    wlsunset
+    brightnessctl
+  ];
+}

nixos/modules/services.nix

@@ -0,0 +1,56 @@
+{ pkgs, ... }:
+
+{
+  # Systemd services setup
+  systemd.packages = with pkgs; [
+    auto-cpufreq
+  ];
+  
+  # Enable Services
+  programs.direnv.enable = true;
+  services.upower.enable = true;
+  programs.dconf.enable = true;
+  services.dbus = {
+    enable = true;
+    implementation = "broker";
+    packages = with pkgs; [
+      xfce.xfconf
+      gnome2.GConf
+    ];
+  };
+  services.mpd.enable = true;
+  programs.thunar.enable = true;
+  programs.xfconf.enable = true;
+  services.tumbler.enable = true; 
+  services.fwupd.enable = true;
+  services.auto-cpufreq.enable = true;
+  # services.gnome.core-shell.enable = true;
+  # services.udev.packages = with pkgs; [ gnome.gnome-settings-daemon ];
+
+  environment.systemPackages = with pkgs; [
+    at-spi2-atk
+    qt6.qtwayland
+    psi-notify
+    poweralertd
+    playerctl
+    psmisc
+    grim
+    slurp
+    imagemagick
+    swappy
+    ffmpeg_6-full
+    wl-screenrec
+    wl-clipboard
+    wl-clip-persist
+    cliphist
+    xdg-utils
+    wtype
+    wlrctl
+    waybar
+    rofi-wayland
+    dunst
+    avizo
+    wlogout
+    gifsicle
+  ];
+}

nixos/modules/sound.nix

@@ -0,0 +1,25 @@
+{ pkgs, ... }:
+
+{
+  # Enable sound with pipewire.
+  services.pulseaudio.enable = false;
+  security.rtkit.enable = true;
+  services.pipewire = {
+    enable = true;
+    alsa.enable = true;
+    alsa.support32Bit = true;
+    pulse.enable = true;
+    wireplumber.enable = true;
+    # If you want to use JACK applications, uncomment this
+    # jack.enable = true;
+
+    # use the example session manager (no others are packaged yet so this is enabled by default,
+    # no need to redefine it in your config for now)
+    # media-session.enable = true;
+  };
+
+  environment.systemPackages = with pkgs; [
+    pamixer
+    pavucontrol
+  ];
+}

nixos/modules/terminal-utils.nix

@@ -0,0 +1,59 @@
+{ pkgs, ... }:
+
+{
+  environment.systemPackages = with pkgs; [
+    file
+    upx
+    git
+    lazygit
+    delta
+    license-generator
+    git-ignore
+    gitleaks
+    git-secrets
+    pass-git-helper
+    just
+    xh
+    process-compose
+    # mcfly # terminal history
+    zellij
+    progress
+    noti
+    topgrade
+    ripgrep
+    rewrk
+    wrk2
+    procs
+    tealdeer
+    monolith
+    aria
+    sd
+    ouch
+    duf
+    du-dust
+    fd
+    jq
+    gh
+    trash-cli
+    zoxide
+    tokei
+    fzf
+    bat
+    hexyl
+    mdcat
+    pandoc
+    lsd
+    lsof
+    gping
+    viu
+    tre-command
+    yazi
+    chafa
+
+    cmatrix
+    pipes-rs
+    rsclock
+    cava
+    figlet
+  ];
+}

nixos/modules/theme.nix

@@ -0,0 +1,62 @@
+{ pkgs, ... }:
+
+{
+  # Enable Theme
+  environment.variables.GTK_THEME = "catppuccin-macchiato-teal-standard";
+  environment.variables.XCURSOR_THEME = "Catppuccin-Macchiato-Teal";
+  environment.variables.XCURSOR_SIZE = "24";
+  environment.variables.HYPRCURSOR_THEME = "Catppuccin-Macchiato-Teal";
+  environment.variables.HYPRCURSOR_SIZE = "24";
+  qt.enable = true;
+  qt.platformTheme = "gtk2";
+  qt.style = "gtk2";
+  console = {
+    earlySetup = true;
+    colors = [
+      "24273a"
+      "ed8796"
+      "a6da95"
+      "eed49f"
+      "8aadf4"
+      "f5bde6"
+      "8bd5ca"
+      "cad3f5"
+      "5b6078"
+      "ed8796"
+      "a6da95"
+      "eed49f"
+      "8aadf4"
+      "f5bde6"
+      "8bd5ca"
+      "a5adcb"
+    ];
+  };
+
+  # Override packages
+  nixpkgs.config.packageOverrides = pkgs: {
+    colloid-icon-theme = pkgs.colloid-icon-theme.override { colorVariants = ["teal"]; };
+    catppuccin-gtk = pkgs.catppuccin-gtk.override {
+      accents = [ "teal" ]; # You can specify multiple accents here to output multiple themes 
+      size = "standard";
+      variant = "macchiato";
+    };
+    discord = pkgs.discord.override {
+      withOpenASAR = true;
+      withTTS = true;
+    };
+  };
+
+  environment.systemPackages = with pkgs; [
+    numix-icon-theme-circle
+    colloid-icon-theme
+    catppuccin-gtk
+    catppuccin-kvantum
+    catppuccin-cursors.macchiatoTeal
+
+    # gnome.gnome-tweaks
+    # gnome.gnome-shell
+    # gnome.gnome-shell-extensions
+    # xsettingsd
+    # themechanger
+  ];
+}

nixos/modules/time.nix

@@ -0,0 +1,7 @@
+{ ... }:
+
+{
+  # Set your time zone.
+  time.hardwareClockInLocalTime = true;
+  time.timeZone = "Europe/Amsterdam";
+}

nixos/modules/usb.nix

@@ -0,0 +1,25 @@
+{ pkgs, ... }:
+
+{
+  # USB Automounting
+  services.gvfs.enable = true;
+  # services.udisks2.enable = true;
+  # services.devmon.enable = true;
+
+  # Enable USB Guard
+  # services.usbguard = {
+  #   enable = true;
+  #   dbus.enable = true;
+  #   implicitPolicyTarget = "block";
+  #   # FIXME: set yours pref USB devices (change {id} to your trusted USB device), use `lsusb` command (from usbutils package) to get list of all connected USB devices including integrated devices like camera, bluetooth, wifi, etc. with their IDs or just disable `usbguard`
+  #   rules = ''
+  #     allow id {id} # device 1
+  #     allow id {id} # device 2
+  #   '';
+  # };
+
+  # Enable USB-specific packages
+  environment.systemPackages = with pkgs; [
+    usbutils
+  ];
+}

nixos/modules/users.nix

@@ -0,0 +1,19 @@
+{ pkgs, ... }:
+
+{
+  # Define a user account.
+  users.users.bart = {
+    isNormalUser = true;
+    description = "Bart van der Braak";
+    extraGroups = [ "networkmanager" "input" "wheel" "video" "audio" "tss" ];
+    shell = pkgs.bash;
+    packages = with pkgs; [
+      spotify
+      discord
+      vscodium
+    ];
+  };
+
+  # Change runtime directory size
+  services.logind.extraConfig = "RuntimeDirectorySize=8G";
+}

nixos/modules/utils.nix

@@ -0,0 +1,18 @@
+{ pkgs, ... }:
+
+{
+  environment.systemPackages = with pkgs; [
+    mold
+    gcc
+    clang
+    lld
+    lldb
+    musl
+    jdk11
+    dioxus-cli
+    surrealdb
+    surrealdb-migrations
+    surrealist
+    trunk
+  ];
+}

nixos/modules/virtualisation.nix

@@ -0,0 +1,23 @@
+{ pkgs, ... }:
+
+{
+  # Enable Docker
+  virtualisation.docker.enable = true;
+  virtualisation.docker.rootless = {
+    enable = true;
+    setSocketVariable = true;
+  };
+  users.extraGroups.docker.members = [ "bart" ];
+
+  # Add KVM support
+  virtualisation.libvirtd.enable = true;
+  programs.virt-manager.enable = true;
+  users.extraGroups.libvirtd.members = [ "bart" ];
+
+  environment.systemPackages = with pkgs; [
+    qemu
+    docker-compose
+    lazydocker
+    docker-credential-helpers
+  ];
+}

nixos/modules/vpn.nix

@@ -0,0 +1,12 @@
+{ pkgs, ... }:
+
+{
+  # Enable Mullvad VPN, OpenVPN via Network Manager and Tailscale
+  services.mullvad-vpn.enable = true;
+  services.mullvad-vpn.package = pkgs.mullvad;
+  services.tailscale.enable = true;
+  environment.systemPackages = with pkgs; [
+    networkmanager-openvpn
+    mullvad-closest
+  ];
+}

nixos/modules/work.nix

@@ -0,0 +1,12 @@
+{ pkgs, ... }:
+
+{
+  environment.systemPackages = with pkgs; [
+    thunderbird
+    element-desktop
+    aws-sam-cli
+    awscli2
+    gnumake
+    cmake
+  ];
+}

nixos/packages.nix

@@ -0,0 +1,34 @@
+{ pkgs, inputs, config, ... }:
+
+let
+  customWallpaper = pkgs.fetchurl {
+    url = "https://w.wallhaven.cc/full/2y/wallhaven-2y2wg6.png";
+    sha256 = "9c5a0d7e4ed8fc218a5adb1c384e463b1b212397859a9a56be1c47cce27a9820";
+  };
+in
+{
+  environment.systemPackages = with pkgs; with inputs; [
+    inputs.zen-browser.packages."${system}".default
+    firefox
+    git
+    vim
+    wget
+    curl
+    fzf
+    jq
+    silver-searcher
+    ranger
+    ripgrep
+    networkmanager-openvpn
+    (pkgs.writeTextDir "share/sddm/themes/breeze/theme.conf.user" ''
+    [General]
+    background=${customWallpaper}
+    '')
+    dig
+    caligula
+    zig
+    zls
+    spotify
+    texlive.combined.scheme-full
+  ];
+}

nixos/services.nix

@@ -0,0 +1,43 @@
+{ pkgs, ... }:
+
+{
+  # Desktop, display and greeter configuration
+  services.xserver.enable = true;
+  services.displayManager.sddm = {
+    enable = true;
+    wayland.enable = true;
+  };
+  services.desktopManager.plasma6.enable = true;
+
+  # Audio system with PipeWire
+  # Enable PipeWire and ALSA support
+  services.pipewire = {
+    enable = true;
+    alsa.enable = true;       # Enable ALSA support
+    alsa.support32Bit = true; # Support for 32-bit applications
+    pulse.enable = true;      # Enable PulseAudio compatibility layer
+  };
+  
+  # Enable libinput for input device handling
+  services.libinput.enable = true;
+
+  # Enable security-related service for realtime audio tasks
+  security.rtkit.enable = true;
+  
+  # Enable to update some devices' firmware
+  services.fwupd.enable = true;
+
+  # Steam, Tailscale, and other programs/services
+  programs.steam.enable = true;
+  services.tailscale.enable = true;
+  programs.partition-manager.enable = true;
+
+  # Environment variables
+  environment.sessionVariables.NIXOS_OZONE_WL = "1";
+
+  # Printing and Bluetooth
+  # Disable browsed: https://discourse.nixos.org/t/newly-announced-vulnerabilities-in-cups
+  services.printing.enable = true;
+  services.printing.browsed.enable = false;
+  hardware.bluetooth.enable = true;
+}

nixos/symlink.sh

@@ -0,0 +1,19 @@
+#!/usr/bin/env bash
+
+nixos_home="${1:-$(dirname "$(realpath "$0")")}"
+
+# Check if the symlink exists and is valid
+if [ -L /etc/nixos ] && [ -e /etc/nixos ]; then
+    echo "The symlink /etc/nixos already exists and is valid. Exiting."
+    exit 0
+fi
+
+# Backup current /etc/nixos if it exists
+if [ -e /etc/nixos ]; then
+    mv /etc/nixos /etc/nixos.bak
+    echo "Created backup of current /etc/nixos"
+fi
+
+# Create symlink
+ln -s "$nixos_home" /etc/nixos
+echo "Symlinked /etc/nixos to $nixos_home"

nixos/users.nix

@@ -0,0 +1,71 @@
+{ config, pkgs, ... }:
+
+{
+  users.users.bart = {
+    isNormalUser = true;
+    description = "Bart van der Braak";
+    extraGroups = [ "networkmanager" "wheel" "libvirtd" "docker" ];
+    packages = with pkgs; [
+      vscodium
+      thunderbird
+      fastfetch
+      wezterm
+      neovim
+      logseq
+      element-desktop
+      go-task
+      opentofu
+      python3
+      gnumake
+      gccgo
+      # nodejs_22
+      # corepack_22
+      azure-cli
+      sops
+      blender
+      inkscape
+      gimp
+      nixfmt-rfc-style
+    ];
+  };
+
+  # Enable discovery of Google Cast and Spotify Connect devices
+  networking.firewall.allowedUDPPorts = [ 5353 ];
+
+  nixpkgs.config.permittedInsecurePackages = [
+    # Workaround for electron dependency in Logseq
+    "electron-27.3.11"
+  ];
+
+  programs._1password.enable = true;
+  programs._1password-gui = {
+    enable = true;
+    # Certain features, including CLI integration and system authentication support,
+    # require enabling PolKit integration on some desktop environments (e.g. Plasma).
+    polkitPolicyOwners = [ "bart" ];
+  };
+
+  # SSH agent configuration
+  programs.ssh.startAgent = true;
+  programs.ssh.extraConfig = ''
+    Host *
+      AddKeysToAgent yes
+      ServerAliveInterval 60
+      ServerAliveCountMax 3
+  '';
+
+  # GPG agent configuration
+  programs.gnupg.agent.enable = true;
+  programs.gnupg.dirmngr.enable = true;
+
+  # Add KVM support
+  virtualisation.libvirtd.enable = true;
+  programs.virt-manager.enable = true;
+
+  # Add Docker support
+  virtualisation.docker.enable = true;
+  virtualisation.docker.rootless = {
+    enable = true;
+    setSocketVariable = true;
+  };
+}