From 2c0a4229b90af63a384790fa410275d2d9dfa2e2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Matej=20Jane=C5=BEi=C4=8D?= Date: Sat, 21 Feb 2026 03:16:16 +0100 Subject: [PATCH 1/3] feat: extract some config into modules --- modules/nixos/desktop.nix | 51 ++++++++++++++++++++++++++++++++++++++ modules/nixos/openssh.nix | 30 ++++++++++++++++++++++ modules/nixos/printing.nix | 21 ++++++++++++++++ 3 files changed, 102 insertions(+) create mode 100644 modules/nixos/desktop.nix create mode 100644 modules/nixos/openssh.nix create mode 100644 modules/nixos/printing.nix diff --git a/modules/nixos/desktop.nix b/modules/nixos/desktop.nix new file mode 100644 index 0000000..d2faff1 --- /dev/null +++ b/modules/nixos/desktop.nix @@ -0,0 +1,51 @@ +{ + lib, + config, + pkgs, + ... +}: +{ + options = { + desktop = { + enable = lib.mkEnableOption "base desktop environment"; + }; + }; + + config = lib.mkIf config.desktop.enable { + # Audio + services.pipewire = { + enable = true; + pulse.enable = true; + }; + + # Bluetooth + hardware.bluetooth.enable = true; + services.blueman.enable = true; + + # Security + security.polkit.enable = true; + + # D-Bus + services.dbus.enable = true; + + # Player control + services.playerctld.enable = true; + + # XDG Portals + xdg.portal = { + enable = true; + xdgOpenUsePortal = true; + extraPortals = [ + pkgs.xdg-desktop-portal-wlr + pkgs.xdg-desktop-portal-gtk + ]; + }; + + # Fonts + fonts.packages = with pkgs; [ + font-awesome + nerd-fonts.jetbrains-mono + maple-mono.NF + ]; + }; +} diff --git a/modules/nixos/openssh.nix b/modules/nixos/openssh.nix new file mode 100644 index 0000000..daeb04a --- /dev/null +++ b/modules/nixos/openssh.nix @@ -0,0 +1,30 @@ +{ + lib, + config, + ... +}: +{ + options = { + openssh = { + enable = lib.mkEnableOption "hardened SSH server"; + port = lib.mkOption { + type = lib.types.port; + default = 22; + description = "SSH server port"; + }; + }; + }; + + config = lib.mkIf config.openssh.enable { + services.openssh = { + enable = true; + ports = [ config.openssh.port ]; + settings = { + PasswordAuthentication = false; + AllowUsers = null; + PermitRootLogin = "no"; + StreamLocalBindUnlink = "yes"; + }; + }; + }; +} diff --git a/modules/nixos/printing.nix b/modules/nixos/printing.nix new file mode 100644 index 0000000..0b9c49c --- /dev/null +++ b/modules/nixos/printing.nix @@ -0,0 +1,21 @@ +{ + lib, + config, + ... +}: +{ + options = { + printing = { + enable = lib.mkEnableOption "CUPS printing with Avahi discovery"; + }; + }; + + config = lib.mkIf config.printing.enable { + services.printing.enable = true; + services.avahi = { + enable = true; + nssmdns4 = true; + openFirewall = true; + }; + }; +} From 22030ec205fa7c1e762b7665ec96202340baa26b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Matej=20Jane=C5=BEi=C4=8D?= Date: Sat, 21 Feb 2026 03:17:29 +0100 Subject: [PATCH 2/3] feat: add users/{user}/nixos.nix support --- lib/mkHost.nix | 9 ++++++++- users/matej/keys.nix | 6 ++++++ users/matej/nixos.nix | 25 +++++++++++++++++++++++++ 3 files changed, 39 insertions(+), 1 deletion(-) create mode 100644 users/matej/keys.nix create mode 100644 users/matej/nixos.nix diff --git a/lib/mkHost.nix b/lib/mkHost.nix index efd2078..c0e23f4 100644 --- a/lib/mkHost.nix +++ b/lib/mkHost.nix @@ -15,8 +15,14 @@ let hostHWConfig = ../hosts/${name}/hardware-configuration.nix; hasHWConfig = builtins.pathExists hostHWConfig; + # Load NixOS-level user config (account, groups, SSH keys) + userNixosConfigs = map (user: ../users/${user}/nixos.nix) ( + builtins.filter (user: builtins.pathExists ../users/${user}/nixos.nix) users + ); + + # Load home-manager user config userHMConfigs = nixpkgs.lib.genAttrs users ( - user: import ../users/${user}/home-manager.nix { inherit inputs; } + user: import ../users/${user}/home-manager.nix ); in @@ -31,6 +37,7 @@ nixpkgs.lib.nixosSystem { hostConfig ] ++ nixpkgs.lib.optional hasHWConfig hostHWConfig + ++ userNixosConfigs ++ [ inputs.home-manager.nixosModules.home-manager { diff --git a/users/matej/keys.nix b/users/matej/keys.nix new file mode 100644 index 0000000..4abff00 --- /dev/null +++ b/users/matej/keys.nix @@ -0,0 +1,6 @@ +{ + sshAuthorizedKeys = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICQGLdINKzs+sEy62Pefng0bcedgU396+OryFgeH99/c janezicmatej" + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDk00+Km03epQXQs+xEwwH3zcurACzkEH+kDOPBw6RQe openpgp:0xB095D449" + ]; +} diff --git a/users/matej/nixos.nix b/users/matej/nixos.nix new file mode 100644 index 0000000..4337655 --- /dev/null +++ b/users/matej/nixos.nix @@ -0,0 +1,25 @@ +{ + lib, + config, + ... +}: +let + keys = import ./keys.nix; +in +{ + users.users.matej = { + uid = 1000; + isNormalUser = true; + home = "/home/matej"; + extraGroups = [ + "wheel" + "docker" + ]; + openssh.authorizedKeys.keys = keys.sshAuthorizedKeys; + }; + + users.groups.matej = { + gid = 1000; + members = [ "matej" ]; + }; +} From 6c23125e0522363b547047e9b01ef83850c5ce7e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Matej=20Jane=C5=BEi=C4=8D?= Date: Sat, 21 Feb 2026 03:17:48 +0100 Subject: [PATCH 3/3] feat: move and cleanup host configs --- hosts/matej-nixos/configuration.nix | 261 ++++---------------------- hosts/matej-tower/configuration.nix | 274 ++++------------------------ users/gorazd/home-manager.nix | 2 - users/matej/home-manager.nix | 38 +++- 4 files changed, 114 insertions(+), 461 deletions(-) diff --git a/hosts/matej-nixos/configuration.nix b/hosts/matej-nixos/configuration.nix index 1cea18f..4aa657c 100644 --- a/hosts/matej-nixos/configuration.nix +++ b/hosts/matej-nixos/configuration.nix @@ -1,7 +1,3 @@ -# Edit this configuration file to define what should be installed on -# your system. Help is available in the configuration.nix(5) man page, on -# https://search.nixos.org/options and in the NixOS manual (`nixos-help`). - { config, lib, @@ -20,10 +16,23 @@ in inputs.stylix.nixosModules.stylix inputs.self.nixosModules.yubikey inputs.self.nixosModules.sway + inputs.self.nixosModules.openssh + inputs.self.nixosModules.desktop + inputs.self.nixosModules.printing ]; + # Modules yubikey.enable = true; + openssh.enable = true; + desktop.enable = true; + printing.enable = true; + sway = { + enable = true; + cmdFlags = [ "--unsupported-gpu" ]; + }; + + # Stylix theming stylix = { enable = true; polarity = "dark"; @@ -31,87 +40,38 @@ in base16Scheme = "${pkgs.base16-schemes}/share/themes/gruvbox-material-dark-medium.yaml"; }; + # Boot + boot.loader.systemd-boot.enable = true; + boot.loader.efi.canTouchEfiVariables = true; + + # Locale + time.timeZone = "Europe/Ljubljana"; + environment.variables.TZ = "America/New_York"; + i18n.defaultLocale = "en_US.UTF-8"; + + # Docker virtualisation.docker = { enable = true; logDriver = "json-file"; }; + # nix-ld for pip-installed binaries # WARN:(matej) probably want to drop this in the future - # i added this to get ruff working when installed via pip programs.nix-ld.enable = true; programs.nix-ld.libraries = options.programs.nix-ld.libraries.default; - services.blueman.enable = true; - security.polkit.enable = true; + # Security security.pki.certificateFiles = [ packages.ca-matheo-si ]; - services.gnome.gnome-keyring.enable = true; - # Use the systemd-boot EFI boot loader. - boot.loader.systemd-boot.enable = true; - boot.loader.efi.canTouchEfiVariables = true; - + # Services + services.teamviewer.enable = true; services.tailscale = { enable = true; useRoutingFeatures = "both"; }; - # Set your time zone. - time.timeZone = "Europe/Ljubljana"; - environment.variables.TZ = "America/New_York"; - - # Select internationalisation properties. - i18n.defaultLocale = "en_US.UTF-8"; - - #console = { - # font = "Lat2-Terminus16"; - # keyMap = "us"; - # #useXkbConfig = true; - #}; - - users.defaultUserShell = pkgs.zsh; - users.users.matej = { - uid = 1000; - isNormalUser = true; - home = "/home/matej"; - extraGroups = [ - "wheel" - "docker" - ]; - openssh.authorizedKeys.keys = [ - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICQGLdINKzs+sEy62Pefng0bcedgU396+OryFgeH99/c janezicmatej" - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDk00+Km03epQXQs+xEwwH3zcurACzkEH+kDOPBw6RQe openpgp:0xB095D449" - ]; - }; - - services.teamviewer.enable = true; - users.groups.matej = { - gid = 1000; - members = [ "matej" ]; - }; - - home-manager.backupFileExtension = "backup"; - home-manager.users.matej = { - home.stateVersion = "24.11"; - home.packages = [ ]; - }; - - programs.zsh = { - enable = true; - }; - environment.etc."zshenv".text = '' - export ZDOTDIR=$HOME/.config/zsh - ''; - - # Wayland, X, etc. support for session vars - # systemd.user.sessionVariables = config.home-manager.users.matej.home.sessionVariables; }; - - # enable Sway window manager - sway = { - enable = true; - cmdFlags = [ "--unsupported-gpu" ]; - }; - + # Greetd services.greetd = { enable = true; settings = { @@ -121,173 +81,32 @@ in }; }; }; - # users.users.greeter = { - # isSystemUser = true; - # description = "greetd user"; - # group = "nogroup"; - # home = "/var/lib/greetd"; - # }; + # Programs programs.thunderbird.enable = true; programs._1password.enable = true; programs._1password-gui.enable = true; - - services.playerctld.enable = true; - - fonts.packages = with pkgs; [ - font-awesome - nerd-fonts.jetbrains-mono - maple-mono.NF - ]; - - programs.gnupg.agent = { - enable = true; - enableExtraSocket = true; - enableSSHSupport = true; - }; - + programs.firefox.enable = true; programs.steam = { enable = true; - remotePlay.openFirewall = true; # Open ports in the firewall for Steam Remote Play - dedicatedServer.openFirewall = true; # Open ports in the firewall for Source Dedicated Server - localNetworkGameTransfers.openFirewall = true; # Open ports in the firewall for Steam Local Network Game Transfers + remotePlay.openFirewall = true; + dedicatedServer.openFirewall = true; + localNetworkGameTransfers.openFirewall = true; }; + + # Hardware hardware.keyboard.zsa.enable = true; hardware.ledger.enable = true; + # System packages environment.systemPackages = with pkgs; [ - # discord - vesktop - rocketchat-desktop - telegram-desktop - slack - # - ghostty - mdbook - pass - google-chrome - # nodejs - pavucontrol - protonmail-bridge - python3 - zathura smartmontools - marksman - mdformat - jellyfin-media-player - cider-2 - libnotify # need this for runelite - bolt-launcher - ledger-live-desktop ]; - # Enable the X11 windowing system. - # services.xserver.enable = true; - - # Configure keymap in X11 - # services.xserver.xkb.layout = "us"; - # services.xserver.xkb.options = "eurosign:e,caps:escape"; - - # Enable CUPS to print documents. - services.printing.enable = true; - services.avahi = { - enable = true; - nssmdns4 = true; - openFirewall = true; + # XDG + xdg.mime.defaultApplications = { + "application/pdf" = "org.pwmt.zathura.desktop"; }; - # Enable sound. - # hardware.pulseaudio.enable = true; - # OR - services.pipewire = { - enable = true; - # alsa.enable = true; - # alsa.support32Bit = true; - pulse.enable = true; - # jack.enable = true; - }; - - services.dbus.enable = true; - - xdg = { - portal = { - xdgOpenUsePortal = true; - enable = true; - extraPortals = [ - pkgs.xdg-desktop-portal-wlr - pkgs.xdg-desktop-portal-gtk - ]; - }; - mime.defaultApplications = { - "application/pdf" = "org.pwmt.zathura.desktop"; - }; - }; - - # Enable touchpad support (enabled default in most desktopManager). - # services.libinput.enable = true; - - # Define a user account. Don't forget to set a password with ‘passwd’. - # users.users.alice = { - # isNormalUser = true; - # extraGroups = [ "wheel" ]; # Enable ‘sudo’ for the user. - # packages = with pkgs; [ - # tree - # ]; - # }; - - programs.firefox.enable = true; - - # List packages installed in system profile. To search, run: - # $ nix search wget - # environment.systemPackages = with pkgs; [ - # vim # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default. - # wget - # ]; - - # Some programs need SUID wrappers, can be configured further or are - # started in user sessions. - # programs.mtr.enable = true; - # programs.gnupg.agent = { - # enable = true; - # enableSSHSupport = true; - # }; - - # List services that you want to enable: - - # Enable the OpenSSH daemon. - services.openssh = { - enable = true; - ports = [ 22 ]; - settings = { - PasswordAuthentication = false; - AllowUsers = null; - PermitRootLogin = "no"; - StreamLocalBindUnlink = "yes"; - }; - }; - - # Copy the NixOS configuration file and link it from the resulting system - # (/run/current-system/configuration.nix). This is useful in case you - # accidentally delete configuration.nix. - # system.copySystemConfiguration = true; - - # This option defines the first version of NixOS you have installed on this particular machine, - # and is used to maintain compatibility with application data (e.g. databases) created on older NixOS versions. - # - # Most users should NEVER change this value after the initial install, for any reason, - # even if you've upgraded your system to a new NixOS release. - # - # This value does NOT affect the Nixpkgs version your packages and OS are pulled from, - # so changing it will NOT upgrade your system - see https://nixos.org/manual/nixos/stable/#sec-upgrading for how - # to actually do that. - # - # This value being lower than the current NixOS release does NOT mean your system is - # out of date, out of support, or vulnerable. - # - # Do NOT change this value unless you have manually inspected all the changes it would make to your configuration, - # and migrated your data accordingly. - # - # For more information, see `man configuration.nix` or https://nixos.org/manual/nixos/stable/options#opt-system.stateVersion . - system.stateVersion = "24.11"; # Did you read the comment? - + system.stateVersion = "24.11"; } diff --git a/hosts/matej-tower/configuration.nix b/hosts/matej-tower/configuration.nix index 714c735..72367bf 100644 --- a/hosts/matej-tower/configuration.nix +++ b/hosts/matej-tower/configuration.nix @@ -1,7 +1,3 @@ -# Edit this configuration file to define what should be installed on -# your system. Help is available in the configuration.nix(5) man page, on -# https://search.nixos.org/options and in the NixOS manual (`nixos-help`). - { config, lib, @@ -11,27 +7,25 @@ ... }: -let - packages = inputs.self.outputs.packages.${pkgs.stdenv.hostPlatform.system}; -in - { imports = [ inputs.stylix.nixosModules.stylix inputs.lanzaboote.nixosModules.lanzaboote inputs.self.nixosModules.yubikey inputs.self.nixosModules.sway + inputs.self.nixosModules.openssh + inputs.self.nixosModules.desktop + inputs.self.nixosModules.printing ]; - sway.enable = true; + # Modules yubikey.enable = true; + openssh.enable = true; + desktop.enable = true; + printing.enable = true; + sway.enable = true; - fonts.packages = with pkgs; [ - font-awesome - nerd-fonts.jetbrains-mono - maple-mono.NF - ]; - + # Stylix theming stylix = { enable = true; polarity = "dark"; @@ -39,254 +33,64 @@ in base16Scheme = "${pkgs.base16-schemes}/share/themes/gruvbox-material-dark-medium.yaml"; }; - virtualisation.docker = { - enable = true; - logDriver = "json-file"; - }; - - # Use the systemd-boot EFI boot loader. + # Boot - Lanzaboote secure boot boot.loader.efi.canTouchEfiVariables = true; - boot.loader.systemd-boot.enable = lib.mkForce false; boot.lanzaboote = { enable = true; pkiBundle = "/var/lib/sbctl"; }; - services.udev.packages = with pkgs; [ - yubikey-personalization - ]; + # Locale + time.timeZone = "Europe/Ljubljana"; + environment.variables.TZ = "Europe/Ljubljana"; + # Docker + virtualisation.docker = { + enable = true; + logDriver = "json-file"; + }; + + # Services services.tailscale = { enable = true; useRoutingFeatures = "both"; }; - services.udisks2.enable = true; - security.polkit.enable = true; - hardware.bluetooth.enable = true; - services.blueman.enable = true; - - users.defaultUserShell = pkgs.zsh; - programs.zsh = { + # Greetd + services.greetd = { enable = true; + settings = { + default_session = { + command = "${pkgs.tuigreet}/bin/tuigreet --time --remember --cmd sway"; + user = "greeter"; + }; + }; }; - environment.etc."zshenv".text = '' - export ZDOTDIR=$HOME/.config/zsh - ''; + # Programs programs._1password.enable = true; programs._1password-gui.enable = true; - users.users.matej = { - uid = 1000; - isNormalUser = true; - home = "/home/matej"; - extraGroups = [ - "wheel" - "docker" - ]; - openssh.authorizedKeys.keys = [ - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICQGLdINKzs+sEy62Pefng0bcedgU396+OryFgeH99/c janezicmatej" - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDk00+Km03epQXQs+xEwwH3zcurACzkEH+kDOPBw6RQe openpgp:0xB095D449" - ]; - }; - - services.openssh = { - enable = true; - ports = [ 22 ]; - settings = { - PasswordAuthentication = false; - AllowUsers = null; - PermitRootLogin = "no"; - StreamLocalBindUnlink = "yes"; + # Higher sample rate pipewire for audio equipment + services.pipewire.extraConfig.pipewire.adjust-sample-rate = { + "context.properties" = { + "default.clock.rate" = 192000; + "defautlt.allowed-rates" = [ 192000 ]; }; }; - services.greetd = { - enable = true; - useTextGreeter = true; - settings = { - default_session = { - user = "greeter"; - command = '' - ${pkgs.tuigreet}/bin/tuigreet \ - --time \ - --remember \ - --cmd "sway" - ''; - }; - }; - }; - - networking.hostName = "matej-tower"; # Define your hostname. - # Pick only one of the below networking options. - # networking.wireless.enable = true; # Enables wireless support via wpa_supplicant. - # networking.networkmanager.enable = true; # Easiest to use and most distros use this by default. - - # Set your time zone. - # time.timeZone = "Europe/Amsterdam"; - time.timeZone = "Europe/Ljubljana"; - environment.variables.TZ = "Europe/Ljubljana"; - - # Configure network proxy if necessary - # networking.proxy.default = "http://user:password@proxy:port/"; - # networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain"; - - # Select internationalisation properties. - # i18n.defaultLocale = "en_US.UTF-8"; - # console = { - # font = "Lat2-Terminus16"; - # keyMap = "us"; - # useXkbConfig = true; # use xkb.options in tty. - # }; - - # Enable the X11 windowing system. - # services.xserver.enable = true; - - # Configure keymap in X11 - # services.xserver.xkb.layout = "us"; - # services.xserver.xkb.options = "eurosign:e,caps:escape"; - - # Enable CUPS to print documents. - # services.printing.enable = true; - - # Enable sound. - # services.pulseaudio.enable = true; - # OR - # services.pipewire = { - # enable = true; - # pulse.enable = true; - # }; - - # Enable touchpad support (enabled default in most desktopManager). - # services.libinput.enable = true; - - # Define a user account. Don't forget to set a password with ‘passwd’. - # users.users.alice = { - # isNormalUser = true; - # extraGroups = [ "wheel" ]; # Enable ‘sudo’ for the user. - # packages = with pkgs; [ - # tree - # ]; - # }; - - # programs.firefox.enable = true; - - services.printing.enable = true; - services.avahi = { - enable = true; - nssmdns4 = true; - openFirewall = true; - }; - - services.pipewire = { - enable = true; - # alsa.enable = true; - # alsa.support32Bit = true; - pulse.enable = true; - # jack.enable = true; - extraConfig.pipewire.adjust-sample-rate = { - "context.properties" = { - "default.clock.rate" = 192000; - #"defautlt.allowed-rates" = [ 192000 48000 44100 ]; - "defautlt.allowed-rates" = [ 192000 ]; - # "default.clock.quantum" = 32; - # "default.clock.min-quantum" = 32; - # "default.clock.max-quantum" = 32; - }; - }; - }; - - services.dbus.enable = true; - - services.playerctld.enable = true; - - xdg = { - portal = { - xdgOpenUsePortal = true; - enable = true; - extraPortals = [ - pkgs.xdg-desktop-portal-wlr - pkgs.xdg-desktop-portal-gtk - ]; - }; - mime.defaultApplications = { - "application/pdf" = "org.pwmt.zathura.desktop"; - }; - }; - - # List packages installed in system profile. - # You can use https://search.nixos.org/ to find more packages (and options). + # System packages environment.systemPackages = with pkgs; [ - vim - wget - ghostty - vesktop - rocketchat-desktop - telegram-desktop - slack - mdbook - google-chrome - pavucontrol - protonmail-bridge - python3 - zathura smartmontools - marksman - mdformat - jellyfin-media-player - cider-2 - bolt-launcher easyeffects ]; - # Some programs need SUID wrappers, can be configured further or are - # started in user sessions. - # programs.mtr.enable = true; - # programs.gnupg.agent = { - # enable = true; - # enableSSHSupport = true; - # }; - programs.gnupg.agent = { - enable = true; - enableExtraSocket = true; - enableSSHSupport = true; + # XDG + xdg.mime.defaultApplications = { + "application/pdf" = "org.pwmt.zathura.desktop"; }; - # List services that you want to enable: - - # Enable the OpenSSH daemon. - - # Open ports in the firewall. - # networking.firewall.allowedTCPPorts = [ ... ]; - # networking.firewall.allowedUDPPorts = [ ... ]; - # Or disable the firewall altogether. - # networking.firewall.enable = false; - - # Copy the NixOS configuration file and link it from the resulting system - # (/run/current-system/configuration.nix). This is useful in case you - # accidentally delete configuration.nix. - # system.copySystemConfiguration = true; - - # This option defines the first version of NixOS you have installed on this particular machine, - # and is used to maintain compatibility with application data (e.g. databases) created on older NixOS versions. - # - # Most users should NEVER change this value after the initial install, for any reason, - # even if you've upgraded your system to a new NixOS release. - # - # This value does NOT affect the Nixpkgs version your packages and OS are pulled from, - # so changing it will NOT upgrade your system - see https://nixos.org/manual/nixos/stable/#sec-upgrading for how - # to actually do that. - # - # This value being lower than the current NixOS release does NOT mean your system is - # out of date, out of support, or vulnerable. - # - # Do NOT change this value unless you have manually inspected all the changes it would make to your configuration, - # and migrated your data accordingly. - # - # For more information, see `man configuration.nix` or https://nixos.org/manual/nixos/stable/options#opt-system.stateVersion . - system.stateVersion = "25.05"; # Did you read the comment? - + system.stateVersion = "25.05"; } diff --git a/users/gorazd/home-manager.nix b/users/gorazd/home-manager.nix index de5ae1b..850ece1 100644 --- a/users/gorazd/home-manager.nix +++ b/users/gorazd/home-manager.nix @@ -1,5 +1,3 @@ -{ inputs, ... }: - { config, lib, diff --git a/users/matej/home-manager.nix b/users/matej/home-manager.nix index 3a8b340..e141599 100644 --- a/users/matej/home-manager.nix +++ b/users/matej/home-manager.nix @@ -1,5 +1,3 @@ -{ inputs, ... }: - { config, lib, @@ -20,7 +18,6 @@ in home.packages = [ pkgs.bibata-cursors - pkgs.pinentry-curses pkgs.starship @@ -54,6 +51,30 @@ in # need for gcp stuff pkgs.google-cloud-sdk pkgs.google-cloud-sql-proxy + + # desktop apps + pkgs.vesktop + pkgs.rocketchat-desktop + pkgs.telegram-desktop + pkgs.slack + pkgs.ghostty + pkgs.google-chrome + pkgs.zathura + pkgs.pavucontrol + pkgs.jellyfin-media-player + pkgs.cider-2 + pkgs.protonmail-bridge + pkgs.ledger-live-desktop + pkgs.bolt-launcher + pkgs.libnotify + + # writing/docs + pkgs.mdbook + pkgs.marksman + pkgs.mdformat + + # security + pkgs.pass ]; home.file.".assets".source = inputs.assets; @@ -63,6 +84,17 @@ in nix-direnv.enable = true; }; + programs.zsh = { + enable = true; + dotDir = "${config.xdg.configHome}/zsh"; + }; + + services.gpg-agent = { + enable = true; + enableSshSupport = true; + enableExtraSocket = true; + }; + stylix.targets.neovim.enable = false; programs.neovim = { enable = true;