From f976b8a3ffdffab94f62096f060028c3c81542bc Mon Sep 17 00:00:00 2001 From: min Date: Mon, 6 Jan 2025 14:50:04 -0500 Subject: [PATCH] update jan 6 --- flake.lock | 364 +++++++++++++++++++++++++++++++++++- flake.nix | 6 + homes/min/default.nix | 10 +- homes/min/firefox.nix | 12 ++ homes/min/git.nix | 1 + homes/min/helix.nix | 2 +- homes/min/hyprland.nix | 179 +++++++++++++++++- homes/min/mpris.nix | 4 + homes/min/nh.nix | 2 +- homes/min/shell.nix | 18 +- homes/min/social.nix | 3 + homes/min/ssh.nix | 40 ++++ homes/min/waybar.nix | 191 +++++++++++++++++++ hosts/mpl/audio.nix | 12 ++ hosts/mpl/bootloader.nix | 30 ++- hosts/mpl/configuration.nix | 26 ++- hosts/mpl/default.nix | 2 + hosts/mpl/mounts.nix | 10 + modules/networking.nix | 2 + modules/programs.nix | 2 +- 20 files changed, 892 insertions(+), 24 deletions(-) create mode 100644 homes/min/firefox.nix create mode 100644 homes/min/mpris.nix create mode 100644 homes/min/social.nix create mode 100644 homes/min/ssh.nix create mode 100644 homes/min/waybar.nix diff --git a/flake.lock b/flake.lock index b696c63..a1ae7c3 100644 --- a/flake.lock +++ b/flake.lock @@ -1,5 +1,74 @@ { "nodes": { + "catppuccin": { + "inputs": { + "catppuccin-v1_1": "catppuccin-v1_1", + "catppuccin-v1_2": "catppuccin-v1_2", + "home-manager": "home-manager", + "home-manager-stable": "home-manager-stable", + "nixpkgs": [ + "nixpkgs" + ], + "nixpkgs-stable": "nixpkgs-stable", + "nuscht-search": "nuscht-search" + }, + "locked": { + "lastModified": 1736069220, + "narHash": "sha256-76MaB3COao55nlhWmSmq9PKgu2iGIs54C1cAE0E5J6Y=", + "owner": "catppuccin", + "repo": "nix", + "rev": "8eada392fd6571a747e1c5fc358dd61c14c8704e", + "type": "github" + }, + "original": { + "owner": "catppuccin", + "repo": "nix", + "type": "github" + } + }, + "catppuccin-v1_1": { + "locked": { + "lastModified": 1734055249, + "narHash": "sha256-pCWJgwo77KD7EJpwynwKrWPZ//dwypHq2TfdzZWqK68=", + "rev": "7221d6ca17ac36ed20588e1c3a80177ac5843fa7", + "revCount": 326, + "type": "tarball", + "url": "https://api.flakehub.com/f/pinned/catppuccin/nix/1.1.1/0193bdc0-b045-7eed-bbec-95611a8ecdf5/source.tar.gz" + }, + "original": { + "type": "tarball", + "url": "https://flakehub.com/f/catppuccin/nix/1.1.%2A.tar.gz" + } + }, + "catppuccin-v1_2": { + "locked": { + "lastModified": 1734728407, + "narHash": "sha256-Let3uJo4YDyfqbqaw66dpZxhJB2TrDyZWSFd5rpPLJA=", + "rev": "23ee86dbf4ed347878115a78971d43025362fab1", + "revCount": 341, + "type": "tarball", + "url": "https://api.flakehub.com/f/pinned/catppuccin/nix/1.2.0/0193e5e0-33b7-7149-a362-bfe56b20f64e/source.tar.gz" + }, + "original": { + "type": "tarball", + "url": "https://flakehub.com/f/catppuccin/nix/1.2.%2A.tar.gz" + } + }, + "crane": { + "locked": { + "lastModified": 1731098351, + "narHash": "sha256-HQkYvKvaLQqNa10KEFGgWHfMAbWBfFp+4cAgkut+NNE=", + "owner": "ipetkov", + "repo": "crane", + "rev": "ef80ead953c1b28316cc3f8613904edc2eb90c28", + "type": "github" + }, + "original": { + "owner": "ipetkov", + "repo": "crane", + "type": "github" + } + }, "disko": { "inputs": { "nixpkgs": [ @@ -20,6 +89,22 @@ "type": "github" } }, + "flake-compat": { + "flake": false, + "locked": { + "lastModified": 1696426674, + "narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=", + "owner": "edolstra", + "repo": "flake-compat", + "rev": "0f9255e01c2351cc7d116c072cb317785dd33b33", + "type": "github" + }, + "original": { + "owner": "edolstra", + "repo": "flake-compat", + "type": "github" + } + }, "flake-parts": { "inputs": { "nixpkgs-lib": "nixpkgs-lib" @@ -38,7 +123,111 @@ "type": "github" } }, + "flake-parts_2": { + "inputs": { + "nixpkgs-lib": [ + "lanzaboote", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1730504689, + "narHash": "sha256-hgmguH29K2fvs9szpq2r3pz2/8cJd2LPS+b4tfNFCwE=", + "owner": "hercules-ci", + "repo": "flake-parts", + "rev": "506278e768c2a08bec68eb62932193e341f55c90", + "type": "github" + }, + "original": { + "owner": "hercules-ci", + "repo": "flake-parts", + "type": "github" + } + }, + "flake-utils": { + "inputs": { + "systems": "systems" + }, + "locked": { + "lastModified": 1731533236, + "narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "11707dc2f618dd54ca8739b309ec4fc024de578b", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, + "gitignore": { + "inputs": { + "nixpkgs": [ + "lanzaboote", + "pre-commit-hooks-nix", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1709087332, + "narHash": "sha256-HG2cCnktfHsKV0s4XW83gU3F57gaTljL9KNSuG6bnQs=", + "owner": "hercules-ci", + "repo": "gitignore.nix", + "rev": "637db329424fd7e46cf4185293b9cc8c88c95394", + "type": "github" + }, + "original": { + "owner": "hercules-ci", + "repo": "gitignore.nix", + "type": "github" + } + }, "home-manager": { + "inputs": { + "nixpkgs": [ + "catppuccin", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1734622215, + "narHash": "sha256-OOfI0XhSJGHblfdNDhfnn8QnZxng63rWk9eeJ2tCbiI=", + "owner": "nix-community", + "repo": "home-manager", + "rev": "1395379a7a36e40f2a76e7b9936cc52950baa1be", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "home-manager", + "type": "github" + } + }, + "home-manager-stable": { + "inputs": { + "nixpkgs": [ + "catppuccin", + "nixpkgs-stable" + ] + }, + "locked": { + "lastModified": 1734366194, + "narHash": "sha256-vykpJ1xsdkv0j8WOVXrRFHUAdp9NXHpxdnn1F4pYgSw=", + "owner": "nix-community", + "repo": "home-manager", + "rev": "80b0fdf483c5d1cb75aaad909bd390d48673857f", + "type": "github" + }, + "original": { + "owner": "nix-community", + "ref": "release-24.11", + "repo": "home-manager", + "type": "github" + } + }, + "home-manager_2": { "inputs": { "nixpkgs": [ "nixpkgs" @@ -74,6 +263,59 @@ "type": "github" } }, + "ixx": { + "inputs": { + "flake-utils": [ + "catppuccin", + "nuscht-search", + "flake-utils" + ], + "nixpkgs": [ + "catppuccin", + "nuscht-search", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1729958008, + "narHash": "sha256-EiOq8jF4Z/zQe0QYVc3+qSKxRK//CFHMB84aYrYGwEs=", + "owner": "NuschtOS", + "repo": "ixx", + "rev": "9fd01aad037f345350eab2cd45e1946cc66da4eb", + "type": "github" + }, + "original": { + "owner": "NuschtOS", + "ref": "v0.0.6", + "repo": "ixx", + "type": "github" + } + }, + "lanzaboote": { + "inputs": { + "crane": "crane", + "flake-compat": "flake-compat", + "flake-parts": "flake-parts_2", + "nixpkgs": [ + "nixpkgs" + ], + "pre-commit-hooks-nix": "pre-commit-hooks-nix", + "rust-overlay": "rust-overlay" + }, + "locked": { + "lastModified": 1734994463, + "narHash": "sha256-S9MgfQjNt4J3I7obdLOVY23h+Yl/hnyibwGfOl+1uOE=", + "owner": "nix-community", + "repo": "lanzaboote", + "rev": "93e6f0d77548be8757c11ebda5c4235ef4f3bc67", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "lanzaboote", + "type": "github" + } + }, "nixos-hardware": { "locked": { "lastModified": 1734954597, @@ -117,17 +359,122 @@ "url": "https://github.com/NixOS/nixpkgs/archive/5487e69da40cbd611ab2cadee0b4637225f7cfae.tar.gz" } }, + "nixpkgs-stable": { + "locked": { + "lastModified": 1734600368, + "narHash": "sha256-nbG9TijTMcfr+au7ZVbKpAhMJzzE2nQBYmRvSdXUD8g=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "b47fd6fa00c6afca88b8ee46cfdb00e104f50bca", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-24.11", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs-stable_2": { + "locked": { + "lastModified": 1730741070, + "narHash": "sha256-edm8WG19kWozJ/GqyYx2VjW99EdhjKwbY3ZwdlPAAlo=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "d063c1dd113c91ab27959ba540c0d9753409edf3", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-24.05", + "repo": "nixpkgs", + "type": "github" + } + }, + "nuscht-search": { + "inputs": { + "flake-utils": "flake-utils", + "ixx": "ixx", + "nixpkgs": [ + "catppuccin", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1733773348, + "narHash": "sha256-Y47y+LesOCkJaLvj+dI/Oa6FAKj/T9sKVKDXLNsViPw=", + "owner": "NuschtOS", + "repo": "search", + "rev": "3051be7f403bff1d1d380e4612f0c70675b44fc9", + "type": "github" + }, + "original": { + "owner": "NuschtOS", + "repo": "search", + "type": "github" + } + }, + "pre-commit-hooks-nix": { + "inputs": { + "flake-compat": [ + "lanzaboote", + "flake-compat" + ], + "gitignore": "gitignore", + "nixpkgs": [ + "lanzaboote", + "nixpkgs" + ], + "nixpkgs-stable": "nixpkgs-stable_2" + }, + "locked": { + "lastModified": 1731363552, + "narHash": "sha256-vFta1uHnD29VUY4HJOO/D6p6rxyObnf+InnSMT4jlMU=", + "owner": "cachix", + "repo": "pre-commit-hooks.nix", + "rev": "cd1af27aa85026ac759d5d3fccf650abe7e1bbf0", + "type": "github" + }, + "original": { + "owner": "cachix", + "repo": "pre-commit-hooks.nix", + "type": "github" + } + }, "root": { "inputs": { + "catppuccin": "catppuccin", "disko": "disko", "flake-parts": "flake-parts", - "home-manager": "home-manager", + "home-manager": "home-manager_2", "impermanence": "impermanence", + "lanzaboote": "lanzaboote", "nixos-hardware": "nixos-hardware", "nixpkgs": "nixpkgs", "sops-nix": "sops-nix" } }, + "rust-overlay": { + "inputs": { + "nixpkgs": [ + "lanzaboote", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1731897198, + "narHash": "sha256-Ou7vLETSKwmE/HRQz4cImXXJBr/k9gp4J4z/PF8LzTE=", + "owner": "oxalica", + "repo": "rust-overlay", + "rev": "0be641045af6d8666c11c2c40e45ffc9667839b5", + "type": "github" + }, + "original": { + "owner": "oxalica", + "repo": "rust-overlay", + "type": "github" + } + }, "sops-nix": { "inputs": { "nixpkgs": [ @@ -147,6 +494,21 @@ "repo": "sops-nix", "type": "github" } + }, + "systems": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } } }, "root": "root", diff --git a/flake.nix b/flake.nix index 878e2fa..4095e74 100644 --- a/flake.nix +++ b/flake.nix @@ -18,6 +18,12 @@ home-manager.url = "github:nix-community/home-manager/release-24.11"; home-manager.inputs.nixpkgs.follows = "nixpkgs"; + + lanzaboote.url = "github:nix-community/lanzaboote"; + lanzaboote.inputs.nixpkgs.follows = "nixpkgs"; + + catppuccin.url = "github:catppuccin/nix"; + catppuccin.inputs.nixpkgs.follows = "nixpkgs"; }; nixConfig = { diff --git a/homes/min/default.nix b/homes/min/default.nix index 28f8d8e..5585ca4 100644 --- a/homes/min/default.nix +++ b/homes/min/default.nix @@ -1,13 +1,17 @@ -{pkgs, ...}: { +{inputs, ...}: { imports = [ + inputs.catppuccin.homeManagerModules.catppuccin + + ./firefox.nix ./git.nix ./helix.nix ./hyprland.nix + ./mpris.nix ./nh.nix ./shell.nix + ./ssh.nix + ./social.nix ]; - home.packages = [pkgs.fastfetch]; - home.stateVersion = "24.11"; } diff --git a/homes/min/firefox.nix b/homes/min/firefox.nix new file mode 100644 index 0000000..ea65650 --- /dev/null +++ b/homes/min/firefox.nix @@ -0,0 +1,12 @@ +_: { + programs.librewolf = { + enable = true; + settings = { + "webgl.disabled" = false; + "privacy.resistFingerprinting" = false; + "places.history.enabled" = false; + "middlemouse.paste" = false; + "general.autoScroll" = true; + }; + }; +} diff --git a/homes/min/git.nix b/homes/min/git.nix index b3129bc..e741f80 100644 --- a/homes/min/git.nix +++ b/homes/min/git.nix @@ -10,6 +10,7 @@ _: { extraConfig = { gpg.format = "ssh"; + user.signingkey = "~/.ssh/id_ecdsa.pub"; init.defaultBranch = "main"; core.pager = ""; }; diff --git a/homes/min/helix.nix b/homes/min/helix.nix index 6bb434e..978c866 100644 --- a/homes/min/helix.nix +++ b/homes/min/helix.nix @@ -4,7 +4,7 @@ _: { defaultEditor = true; settings = { - theme = "autumn"; + # theme = "autumn"; editor = { cursor-shape.insert = "bar"; file-picker.hidden = false; diff --git a/homes/min/hyprland.nix b/homes/min/hyprland.nix index 60e6b10..ca9bd9d 100644 --- a/homes/min/hyprland.nix +++ b/homes/min/hyprland.nix @@ -1,23 +1,194 @@ -{pkgs, ...}: { +{ + lib, + pkgs, + ... +}: let + borderRadius = 8; + borderSize = 2; + # TODO: font + # TODO: status bar +in { + imports = [ + ./waybar.nix + ]; + + catppuccin = { + flavor = "mocha"; + accent = "lavender"; + + hyprland.enable = true; + rofi.enable = true; + kitty.enable = true; + mako.enable = true; + waybar.enable = true; + helix.enable = true; + zsh-syntax-highlighting.enable = true; + cursors.enable = true; + }; + programs.kitty = { enable = true; shellIntegration.enableZshIntegration = true; + settings = { + window_padding_width = 2; + }; }; # electron app hint home.sessionVariables.NIXOS_OZONE_WL = "1"; + xdg.portal = { + enable = true; + extraPortals = [pkgs.xdg-desktop-portal-hyprland]; + configPackages = [pkgs.hyprland]; + config = {}; + }; + + home.packages = with pkgs; [ + brightnessctl + playerctl + pavucontrol + hyprsunset + hyprpolkitagent + grimblast + ]; + + programs.rofi = { + enable = true; + package = pkgs.rofi-wayland; + }; + + # prefer dark mode for GTK + dconf.settings = { + "org/gnome/desktop/interface" = { + color-scheme = "prefer-dark"; + }; + }; + gtk = { + enable = true; + gtk3.extraConfig = { + gtk-application-prefer-dark-theme = true; + }; + gtk4.extraConfig = { + gtk-application-prefer-dark-theme = true; + }; + }; + + services.mako = { + enable = true; + + inherit borderRadius borderSize; + + padding = "10"; + }; + + services.hyprpaper = { + enable = true; + settings = { + preload = []; + wallpaper = []; + }; + }; + wayland.windowManager.hyprland = { enable = true; xwayland.enable = true; settings = { "$mod" = "SUPER"; + "$term" = "kitty"; + "$menu" = "rofi -show drun"; + "$scshot" = "grimblast copy area"; - bind = [ - "$mod, Return, exec, ${pkgs.kitty}/bin/kitty" - "$mod, M, exit," + monitor = [ + "eDP-1, 2880x1920@120, 0x0, 1.875" ]; + + exec-once = [ + "systemctl start --user hyprpolkitagent.service" + ]; + + bind = + [ + "$mod SHIFT, Y, exit," + + "$mod SHIFT, Return, exec, $term" + "$mod, P, exec, $menu" + ", Print, exec, $scshot" + + "$mod, W, killactive," + "$mod, Return, togglefloating," + "$mod, left, movefocus, l" + "$mod, right, movefocus, r" + "$mod, up, movefocus, u" + "$mod, down, movefocus, d" + ] + ++ (lib.concatLists (lib.genList (i: let + ws = i + 1; + in [ + "$mod, code:1${toString i}, workspace, ${toString ws}" + "$mod SHIFT, code:1${toString i}, movetoworkspace, ${toString ws}" + ]) + 9)); + bindm = [ + "$mod, mouse:272, movewindow" + "$mod, mouse:273, resizewindow" + ]; + + bindel = [ + ",XF86AudioRaiseVolume, exec, wpctl set-volume -l 1 @DEFAULT_AUDIO_SINK@ 5%+" + ",XF86AudioLowerVolume, exec, wpctl set-volume @DEFAULT_AUDIO_SINK@ 5%-" + ",XF86AudioMute, exec, wpctl set-mute @DEFAULT_AUDIO_SINK@ toggle" + ",XF86MonBrightnessUp, exec, brightnessctl s 10%+" + ",XF86MonBrightnessDown, exec, brightnessctl s 10%-" + ]; + bindl = [ + ", XF86AudioNext, exec, playerctl next" + ", XF86AudioPause, exec, playerctl play-pause" + ", XF86AudioPlay, exec, playerctl play-pause" + ", XF86AudioPrev, exec, playerctl previous" + ]; + + windowrulev2 = [ + "suppressevent maximize, class:.*" + "float, title:.*" + "float, initialTitle:.*(Open Files).*" + "nofocus,class:^$,title:^$,xwayland:1,floating:1,fullscreen:0,pinned:0" + ]; + + misc = { + disable_hyprland_logo = true; + disable_splash_rendering = true; + }; + + general = { + layout = "dwindle"; + border_size = borderSize; + + "col.active_border" = "$lavender"; + "col.inactive_border" = "$surface0"; + }; + + decoration = { + rounding = borderRadius; + shadow = { + enabled = true; + range = 4; + render_power = 3; + color = "rgba(1a1a1aee)"; + }; + blur = { + enabled = true; + size = 3; + passes = 1; + vibrancy = 0.1696; + }; + }; + + dwindle = { + pseudotile = true; + preserve_split = true; + }; }; }; } diff --git a/homes/min/mpris.nix b/homes/min/mpris.nix new file mode 100644 index 0000000..0fb217e --- /dev/null +++ b/homes/min/mpris.nix @@ -0,0 +1,4 @@ +_: { + # Enable MPRIS proxy for Bluetooth media control + services.mpris-proxy.enable = true; +} diff --git a/homes/min/nh.nix b/homes/min/nh.nix index 6043ff2..43a9bdb 100644 --- a/homes/min/nh.nix +++ b/homes/min/nh.nix @@ -2,4 +2,4 @@ _: { programs.nh = { enable = true; }; -} \ No newline at end of file +} diff --git a/homes/min/shell.nix b/homes/min/shell.nix index 35d3f5c..e610994 100644 --- a/homes/min/shell.nix +++ b/homes/min/shell.nix @@ -14,12 +14,20 @@ _: { autocd = true; shellAliases = { - l = "eza"; - + cl = "clear"; md = "mkdir -p"; ip = "ip --color"; }; + + initExtra = '' + unsetopt HIST_SAVE_BY_COPY + ''; + + oh-my-zsh = { + # enable = true; + theme = "eastwood"; + }; }; direnv = enableZsh; @@ -27,11 +35,13 @@ _: { fzf = enableZsh; eza = enableZsh; zoxide = enableZsh; + ripgrep.enable = true; + + fastfetch.enable = true; - tmux.enable = true; btop = { enable = true; - settings.color_theme = "ayu"; + # settings.color_theme = "ayu"; }; }; } diff --git a/homes/min/social.nix b/homes/min/social.nix new file mode 100644 index 0000000..cfe9676 --- /dev/null +++ b/homes/min/social.nix @@ -0,0 +1,3 @@ +{pkgs, ...}: { + home.packages = [pkgs.vesktop]; +} diff --git a/homes/min/ssh.nix b/homes/min/ssh.nix new file mode 100644 index 0000000..72c834d --- /dev/null +++ b/homes/min/ssh.nix @@ -0,0 +1,40 @@ +{pkgs, ...}: { + home.packages = [pkgs.ssh-tpm-agent]; + + programs.zsh.profileExtra = '' + export SSH_AUTH_SOCK=$(ssh-tpm-agent --print-socket) + ''; + + # reworked from `ssh-tpm-agent --install-user-units` + systemd.user = { + services.ssh-tpm-agent = { + Unit = { + ConditionEnvironment = "!SSH_AGENT_PID"; + Description = "ssh-tpm-agent service"; + Documentation = "man:ssh-agent(1) man:ssh-add(1) man:ssh(1)"; + Requires = "ssh-tpm-agent.socket"; + }; + Service = { + Environment = "SSH_AUTH_SOCK=%t/ssh-tpm-agent.sock"; + ExecStart = "${pkgs.ssh-tpm-agent}/bin/ssh-tpm-agent"; + PassEnvironment = "SSH_AGENT_PID"; + SuccessExitStatus = 2; + Type = "simple"; + }; + Install.Also = "ssh-agent.socket"; + }; + + sockets.ssh-tpm-agent = { + Unit = { + Description = "SSH TPM agent socket"; + Documentation = "man:ssh-agent(1) man:ssh-add(1) man:ssh(1)"; + }; + Socket = { + ListenStream = "%t/ssh-tpm-agent.sock"; + SocketMode = "0600"; + Service = "ssh-tpm-agent.service"; + }; + Install.WantedBy = ["sockets.target"]; + }; + }; +} diff --git a/homes/min/waybar.nix b/homes/min/waybar.nix new file mode 100644 index 0000000..dd5227e --- /dev/null +++ b/homes/min/waybar.nix @@ -0,0 +1,191 @@ +_: { + programs.waybar = { + enable = true; + systemd.enable = true; + + settings = { + mainBar = { + layer = "top"; + position = "top"; + # Choose the order of the modules + modules-left = ["hyprland/workspaces"]; + modules-center = ["custom/music"]; + modules-right = ["wireplumber" "backlight" "battery" "clock" "tray" "custom/lock" "custom/power"]; + "hyprland/workspaces" = { + "format" = " {icon} "; + "format-icons" = { + "default" = " "; + }; + }; + tray = { + "icon-size" = 21; + "spacing" = 10; + }; + "custom/music" = { + format = " {}"; + escape = true; + interval = 5; + tooltip = false; + exec = "playerctl metadata --format='{{ title }}'"; + on-click = "playerctl play-pause"; + max-length = 50; + }; + clock = { + timezone = "America/New_York"; + tooltip-format = "{:%Y %B}\n{calendar}"; + format-alt = " {:%B %d, %Y}"; + format = " {:%I:%M %p}"; + }; + backlight = { + device = "amdgpu_bl1"; + format = "{icon} {percent}%"; + format-icons = [" " " " " " " " " " " " " " " " " "]; + }; + battery = { + states = { + warning = 30; + critical = 15; + }; + format = "{icon} {capacity}%"; + format-icons = [" " " " " " " " " "]; + }; + wireplumber = { + format = "{icon} {volume}%"; + format-muted = " "; + format-icons = { + default = ["" " " " "]; + }; + on-click = "pavucontrol"; + }; + "custom/lock" = { + "tooltip" = false; + "on-click" = "echo lock"; + "format" = " "; + }; + "custom/power" = { + "tooltip" = false; + "on-click" = "echo power"; + "format" = " "; + }; + }; + }; + + style = '' + * { + font-family: "FantasqueSansM Nerd Font"; + font-size: 17px; + min-height: 0; + } + + #waybar { + background: transparent; + color: @text; + margin: 5px 5px; + } + + #workspaces { + border: 2px solid @lavender; + border-radius: 8px; + margin: 5px; + background-color: @base; + margin-left: 20px; + } + + #workspaces button { + color: @lavender; + border-radius: 8px; + padding: 0.4rem; + } + + #workspaces button.active { + color: @mauve; + border-radius: 8px; + } + + #workspaces button:hover { + color: @pink; + border-radius: 8px; + } + + #custom-music, + #tray, + #backlight, + #clock, + #battery, + #wireplumber, + #custom-lock, + #custom-power { + border-top: 2px solid @lavender; + border-bottom: 2px solid @lavender; + background-color: @base; + padding: 0.5rem 1rem; + margin: 5px 0; + } + + #clock { + color: @blue; + border-radius: 0px 8px 8px 0px; + margin-right: 1rem; + border-right: 2px solid @lavender; + } + + #battery { + color: @green; + } + + #battery.charging { + color: @green; + } + + #battery.warning:not(.charging) { + color: @red; + } + + #backlight { + color: @yellow; + } + + #backlight, #battery { + border-radius: 0; + } + + #wireplumber { + color: @maroon; + border-radius: 8px 0px 0px 8px; + border-left: 2px solid @lavender; + margin-left: 1rem; + } + + #custom-music { + color: @text; + border-radius: 8px; + border-left: 2px solid @lavender; + border-right: 2px solid @lavender; + } + + #custom-lock { + border-radius: 8px 0px 0px 8px; + border-top: 2px solid @lavender; + border-bottom: 2px solid @lavender; + border-left: 2px solid @lavender; + color: @lavender; + } + + #custom-power { + margin-right: 20px; + border-radius: 0px 8px 8px 0px; + border-top: 2px solid @lavender; + border-bottom: 2px solid @lavender; + border-right: 2px solid @lavender; + color: @lavender; + } + + #tray { + margin-right: 1rem; + border-radius: 8px; + border-left: 2px solid @lavender; + border-right: 2px solid @lavender; + } + ''; + }; +} diff --git a/hosts/mpl/audio.nix b/hosts/mpl/audio.nix index f438632..932c013 100644 --- a/hosts/mpl/audio.nix +++ b/hosts/mpl/audio.nix @@ -12,4 +12,16 @@ _: { security.rtkit.enable = true; hardware.framework.laptop13.audioEnhancement.enable = true; + + # Enable bluetooth. + hardware.bluetooth = { + enable = true; + + settings = { + General = { + Experimental = true; + Enable = "Source,Sink,Media,Socket"; + }; + }; + }; } diff --git a/hosts/mpl/bootloader.nix b/hosts/mpl/bootloader.nix index 8805588..408c628 100644 --- a/hosts/mpl/bootloader.nix +++ b/hosts/mpl/bootloader.nix @@ -1,14 +1,30 @@ -_: { - # TODO: lanzaboote +{ + pkgs, + lib, + ... +}: { + environment.systemPackages = [pkgs.sbctl]; + boot = { + initrd.systemd = { + enable = true; + tpm2.enable = true; + }; + loader = { efi.canTouchEfiVariables = true; - timeout = 2; - systemd-boot = { - enable = true; - configurationLimit = 3; - }; + timeout = 1; + + # disable systemd-boot in favor of lanzaboote + systemd-boot.enable = lib.mkForce false; }; }; + + boot.lanzaboote = { + enable = true; + + pkiBundle = "/etc/secureboot"; + configurationLimit = 3; + }; } diff --git a/hosts/mpl/configuration.nix b/hosts/mpl/configuration.nix index 1c79cce..4910e06 100644 --- a/hosts/mpl/configuration.nix +++ b/hosts/mpl/configuration.nix @@ -30,6 +30,20 @@ keyMap = "us"; }; + # Install fonts. + fonts = { + packages = with pkgs; [nerdfonts source-sans]; + + fontconfig = { + enable = true; + antialias = true; # >200dpi + + defaultFonts = { + monospace = ["FantasqueSansMono Nerd Font"]; + }; + }; + }; + # Enable touchpad support (enabled default in most desktopManager). services.libinput.enable = true; @@ -39,7 +53,7 @@ min = { isNormalUser = true; - extraGroups = ["wheel"]; # Enable ‘sudo’ for the user. + extraGroups = ["wheel" "networkmanager" "tss"]; hashedPasswordFile = config.sops.secrets."user-pw".path; }; }; @@ -55,11 +69,19 @@ # started in user sessions. programs.gnupg.agent = { enable = true; - enableSSHSupport = true; # TODO: pinentryPackage - rofi/bemenu maybe }; services.pcscd.enable = true; + # Enable TPM2 + security.tpm2 = { + enable = true; + pkcs11.enable = true; + }; + + # SSH askpass + programs.ssh.enableAskPassword = true; + # Home-manager home-manager = { extraSpecialArgs = {inherit inputs;}; diff --git a/hosts/mpl/default.nix b/hosts/mpl/default.nix index f896c12..021170a 100644 --- a/hosts/mpl/default.nix +++ b/hosts/mpl/default.nix @@ -6,6 +6,8 @@ inputs.disko.nixosModules.disko inputs.impermanence.nixosModules.impermanence inputs.home-manager.nixosModules.home-manager + inputs.lanzaboote.nixosModules.lanzaboote + inputs.catppuccin.nixosModules.catppuccin ./configuration.nix ]; homes = [ diff --git a/hosts/mpl/mounts.nix b/hosts/mpl/mounts.nix index a746296..fe0aab7 100644 --- a/hosts/mpl/mounts.nix +++ b/hosts/mpl/mounts.nix @@ -27,6 +27,13 @@ mode = "0700"; } ".local/share/direnv" + ".local/share/zoxide" + ".local/share/nix" # trusted settings + ".local/state/wireplumber" # volumes, etc + + # apps + ".config/vesktop" + ".librewolf" # languages ".cargo" @@ -39,6 +46,9 @@ # TODO: "Music" should probably be mounted via NFS "p" ]; + files = [ + ".zsh_history" + ]; }; }; environment.systemPackages = [pkgs.ncdu]; diff --git a/modules/networking.nix b/modules/networking.nix index afa9b90..9b07bcf 100644 --- a/modules/networking.nix +++ b/modules/networking.nix @@ -1,3 +1,5 @@ _: { + # prevent networkmanager from taking dns servers from dhcp (we have provided our own) + networking.networkmanager.dns = "none"; networking.nameservers = ["1.1.1.1" "1.0.0.1"]; } diff --git a/modules/programs.nix b/modules/programs.nix index 196e732..5f105ec 100644 --- a/modules/programs.nix +++ b/modules/programs.nix @@ -4,4 +4,4 @@ tmux helix ]; -} \ No newline at end of file +}