wip: refactor structure

system/all.nix

@@ -0,0 +1,167 @@
+# Edit this configuration file to define what should be installed on
+# your system.  Help is available in the configuration.nix(5) man page
+# and in the NixOS manual (accessible by running ‘nixos-help’).
+
+{
+  config,
+  lib,
+  pkgs,
+  inputs,
+  ...
+}:
+
+{
+  nix.settings.experimental-features = [
+    "nix-command"
+    "flakes"
+  ];
+
+  nix.settings.trusted-users = [
+    "root"
+    "sckova"
+  ];
+
+  home-manager.useGlobalPkgs = true;
+  home-manager.useUserPackages = true;
+  home-manager.users.sckova = {
+    imports = [
+      ../home/all.nix
+      ../home/${config.networking.hostName}.nix
+    ];
+  };
+
+  boot = {
+
+    plymouth = {
+      enable = true;
+    };
+
+    loader = {
+      timeout = 3;
+      systemd-boot = {
+        enable = true;
+        configurationLimit = null;
+      };
+      efi = {
+        canTouchEfiVariables = false;
+      };
+    };
+    kernelParams = [
+      "quiet"
+      "splash"
+      "vga=current"
+      "rd.systemd.show_status=false"
+      "rd.udev.log_level=3"
+      "udev.log_priority=3"
+      "boot.shell_on_fail"
+      "apple_dcp.show_notch=1"
+    ];
+    consoleLogLevel = 0;
+    initrd.verbose = false;
+  };
+
+  catppuccin = {
+    enable = true;
+    flavor = "mocha";
+  };
+
+  networking.networkmanager.enable = true;
+  hardware.bluetooth.enable = true;
+
+  time.timeZone = "America/New_York";
+  i18n.defaultLocale = "en_US.UTF-8";
+  i18n.extraLocaleSettings = {
+    LC_ADDRESS = "en_US.UTF-8";
+    LC_IDENTIFICATION = "en_US.UTF-8";
+    LC_MEASUREMENT = "en_US.UTF-8";
+    LC_MONETARY = "en_US.UTF-8";
+    LC_NAME = "en_US.UTF-8";
+    LC_NUMERIC = "en_US.UTF-8";
+    LC_PAPER = "en_US.UTF-8";
+    LC_TELEPHONE = "en_US.UTF-8";
+    LC_TIME = "en_US.UTF-8";
+  };
+
+  # Enable OpenGL
+  hardware.graphics = {
+    enable = true;
+  };
+
+  services = {
+    desktopManager.plasma6.enable = true;
+    displayManager.sddm = {
+      enable = true;
+      wayland.enable = true;
+      enableHidpi = true;
+    };
+    libinput.enable = true;
+    tailscale = {
+      enable = true;
+      useRoutingFeatures = "client";
+    };
+  };
+
+  services.printing.enable = true;
+
+  services.pipewire = {
+    enable = true;
+    alsa.enable = true;
+    alsa.support32Bit = true;
+    pulse.enable = true;
+  };
+
+  users.users.sckova = {
+    isNormalUser = true;
+    description = "Sean Kovacs";
+    extraGroups = [
+      "networkmanager"
+      "wheel"
+    ];
+    packages = with pkgs; [ ];
+    hashedPassword = "$6$bvwRUFaJNMpH8rm3$FGDWFN6tBScJ/2DynAjnlZE8JRfyADN78d6c4GawxpAjyNLNE/AjQzMA09tLRqpKX7WnN5PIUZLAm2bT9/RbG0";
+  };
+
+  programs.bash = {
+    interactiveShellInit = ''
+      if [[ $(${pkgs.procps}/bin/ps --no-header --pid=$PPID --format=comm) != "fish" && -z ''${BASH_EXECUTION_STRING} ]]
+      then
+        shopt -q login_shell && LOGIN_OPTION='--login' || LOGIN_OPTION=""
+        exec ${pkgs.fish}/bin/fish $LOGIN_OPTION
+      fi
+    '';
+  };
+
+  nixpkgs.config.allowUnfree = true;
+
+  environment = {
+    systemPackages = with pkgs; [
+      git
+      inputs.kwin-effects-forceblur.packages.${pkgs.stdenv.hostPlatform.system}.default
+      firefoxpwa
+    ];
+    sessionVariables = {
+      NIXOS_OZONE_WL = "1";
+    };
+  };
+
+  programs.gnupg.agent = {
+    enable = true;
+    enableSSHSupport = true;
+  };
+
+  services.openssh.enable = true;
+  networking.firewall.enable = false;
+
+  networking.extraHosts = ''
+    0.0.0.0 apresolve.spotify.com
+  '';
+
+  # This value determines the NixOS release from which the default
+  # settings for stateful data, like file locations and database versions
+  # on your system were taken. It‘s perfectly fine and recommended to leave
+  # this value at the release version of the first install of this system.
+  # Before changing this value read the documentation for this option
+  # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
+  system.stateVersion = "25.05"; # Did you read the comment?
+
+}

system/browsers/firefox.nix

@@ -0,0 +1,121 @@
+{ pkgs, ... }:
+
+let
+  lock-false = {
+    Value = false;
+    Status = "locked";
+  };
+  lock-true = {
+    Value = true;
+    Status = "locked";
+  };
+in
+{
+  environment.variables = rec {
+    MOZ_GMP_PATH = "${pkgs.widevine-firefox}/gmp-widevinecdm/system-installed";
+  };
+
+  programs.firefox = {
+    enable = true;
+    preferences = {
+      "widget.use-xdg-desktop-portal.file-picker" = 1;
+      "widget.gtk.global-menu.enabled" = true;
+      "widget.gtk.global-menu.wayland.enabled" = true;
+      "browser.tabs.inTitlebar" = 0;
+      "extensions.pocket.enabled" = false;
+      "extensions.screenshots.disabled" = true;
+      "browser.topsites.contile.enabled" = false;
+      "browser.formfill.enable" = false;
+      "browser.search.suggest.enabled" = false;
+      "browser.search.suggest.enabled.private" = false;
+      "browser.urlbar.suggest.searches" = false;
+      "browser.urlbar.showSearchSuggestionsFirst" = false;
+      "browser.newtabpage.activity-stream.feeds.section.topstories" = false;
+      "browser.newtabpage.activity-stream.feeds.snippets" = false;
+      "browser.newtabpage.activity-stream.section.highlights.includePocket" = false;
+      "browser.newtabpage.activity-stream.section.highlights.includeBookmarks" = false;
+      "browser.newtabpage.activity-stream.section.highlights.includeDownloads" = false;
+      "browser.newtabpage.activity-stream.section.highlights.includeVisited" = false;
+      "browser.newtabpage.activity-stream.showSponsored" = false;
+      "browser.newtabpage.activity-stream.system.showSponsored" = false;
+      "browser.newtabpage.activity-stream.showSponsoredTopSites" = false;
+
+      "media.gmp-widevinecdm.version" = "system-installed";
+      "media.gmp-widevinecdm.visible" = true;
+      "media.gmp-widevinecdm.enabled" = true;
+      "media.gmp-widevinecdm.autoupdate" = false;
+
+      "media.eme.enabled" = true;
+      "media.eme.encrypted-media-encryption-scheme.enabled" = true;
+    };
+    policies = {
+      DisableTelemetry = true;
+      DisableFirefoxStudies = true;
+      EnableTrackingProtection = {
+        Value = true;
+        Locked = true;
+        Cryptomining = true;
+        Fingerprinting = true;
+      };
+      DisablePocket = true;
+      DisableFirefoxAccounts = true;
+      DisableAccounts = true;
+      DisableFirefoxScreenshots = true;
+      OverrideFirstRunPage = "";
+      OverridePostUpdatePage = "";
+      DontCheckDefaultBrowser = true;
+      DisplayBookmarksToolbar = "newtab"; # alternatives: "always" or "newtab"
+      DisplayMenuBar = "always"; # alternatives: "always", "never" or "default-on"
+      SearchBar = "unified"; # alternative: "separate"
+
+      # ---- EXTENSIONS ----
+      # Check about:support for extension/add-on ID strings.
+      # Valid strings for installation_mode are "allowed", "blocked",
+      # "force_installed" and "normal_installed".
+      ExtensionSettings = {
+        # blocks all addons except the ones specified below
+        "*".installation_mode = "blocked";
+        "uBlock0@raymondhill.net" = {
+          install_url = "https://addons.mozilla.org/firefox/downloads/latest/ublock-origin/latest.xpi";
+          installation_mode = "force_installed";
+        };
+        "plasma-browser-integration@kde.org" = {
+          install_url = "https://addons.mozilla.org/firefox/downloads/latest/plasma-integration/latest.xpi";
+          installation_mode = "force_installed";
+        };
+        "{7a7a4a92-a2a0-41d1-9fd7-1e92480d612d}" = {
+          install_url = "https://addons.mozilla.org/firefox/downloads/latest/styl-us/latest.xpi";
+          installation_mode = "force_installed";
+        };
+        "{aecec67f-0d10-4fa7-b7c7-609a2db280cf}" = {
+          install_url = "https://addons.mozilla.org/firefox/downloads/latest/violentmonkey/latest.xpi";
+          installation_mode = "force_installed";
+        };
+        "gdpr@cavi.au.dk" = {
+          install_url = "https://addons.mozilla.org/firefox/downloads/latest/consent-o-matic/latest.xpi";
+          installation_mode = "force_installed";
+        };
+        "dont-track-me-google@robwu.nl" = {
+          install_url = "https://addons.mozilla.org/firefox/downloads/latest/dont-track-me-google1/latest.xpi";
+          installation_mode = "force_installed";
+        };
+        "jid1-MnnxcxisBPnSXQ@jetpack" = {
+          install_url = "https://addons.mozilla.org/firefox/downloads/latest/privacy-badger17/latest.xpi";
+          installation_mode = "force_installed";
+        };
+        "FirefoxColor@mozilla.com" = {
+          install_url = "https://addons.mozilla.org/firefox/downloads/latest/firefox-color/latest.xpi";
+          installation_mode = "force_installed";
+        };
+        "sponsorBlocker@ajay.app" = {
+          install_url = "https://addons.mozilla.org/firefox/downloads/latest/sponsorblock/latest.xpi";
+          installation_mode = "force_installed";
+        };
+        # "" = {
+        #   install_url = "https://addons.mozilla.org/firefox/downloads/latest/_/latest.xpi";
+        #   installation_mode = "force_installed";
+        # };
+      };
+    };
+  };
+}

system/hosts/alien/default.nix

@@ -0,0 +1,50 @@
+{
+  config,
+  pkgs,
+  lib,
+  catppuccin,
+  ...
+}:
+{
+  networking.hostName = "alien";
+
+  catppuccin.accent = "blue";
+
+  home-manager.users.sckova = {
+    imports = [ catppuccin.homeModules.catppuccin ];
+  };
+
+  boot.kernelPackages = pkgs.linuxPackages;
+  boot.loader.systemd-boot.consoleMode = "max";
+
+  programs = {
+    gamescope = {
+      enable = true;
+      capSysNice = true;
+    };
+    steam = {
+      enable = true;
+      gamescopeSession.enable = true;
+      localNetworkGameTransfers.openFirewall = true;
+    };
+  };
+
+  services.xserver.videoDrivers = [
+    "modesetting"
+    "nvidia"
+  ];
+
+  services.displayManager.autoLogin = {
+    enable = true;
+    user = "sckova";
+  };
+  security.sudo.wheelNeedsPassword = true;
+
+  hardware.nvidia = {
+    modesetting.enable = true;
+    powerManagement.enable = false;
+    nvidiaSettings = false;
+    open = false;
+    package = pkgs.linuxPackages.nvidiaPackages.stable;
+  };
+}

system/hosts/peach/default.nix

@@ -0,0 +1,34 @@
+{
+  config,
+  pkgs,
+  lib,
+  catppuccin,
+  ...
+}:
+{
+  networking.hostName = "peach";
+
+  catppuccin.accent = "peach";
+
+  home-manager.users.sckova = {
+    imports = [ catppuccin.homeModules.catppuccin ];
+  };
+
+  hardware.asahi = {
+    enable = true;
+    setupAsahiSound = true;
+    # extractPeripheralFirmware = false;
+    # This is broken because of flake git tracking.
+    # I can't figure out how to make it work.
+    peripheralFirmwareDirectory = ./firmware;
+  };
+
+  swapDevices = [
+    {
+      device = "/swapfile";
+      size = 32000; # 32GB
+    }
+  ];
+
+  security.sudo.wheelNeedsPassword = false;
+}