diff --git a/flake.lock b/flake.lock index 2a496250..24fbbe01 100644 --- a/flake.lock +++ b/flake.lock @@ -341,11 +341,11 @@ ] }, "locked": { - "lastModified": 1741955947, - "narHash": "sha256-2lbURKclgKqBNm7hVRtWh0A7NrdsibD0EaWhahUVhhY=", + "lastModified": 1742238842, + "narHash": "sha256-Z79yUJi+UGSpRC90NbHyuvBjGLkgEtlZaJ8DtzaGkzE=", "owner": "nix-community", "repo": "home-manager", - "rev": "4e12151c9e014e2449e0beca2c0e9534b96a26b4", + "rev": "5a6e5a59a4d332edaa7d5d1604eb58ead27af851", "type": "github" }, "original": { @@ -804,11 +804,11 @@ ] }, "locked": { - "lastModified": 1742209060, - "narHash": "sha256-47/1bOPBGhmAegF06nxLN15d/MClCAkk8s/+WOhJJAM=", + "lastModified": 1742239755, + "narHash": "sha256-ptn8dR4Uat3UUadGYNnB7CIH9SQm8mK69D2A/twBUXQ=", "owner": "Mic92", "repo": "sops-nix", - "rev": "b33837ae3cfa012b65810891bebbee71fa4c0658", + "rev": "787afce414bcce803b605c510b60bf43c11f4b55", "type": "github" }, "original": { @@ -845,11 +845,11 @@ "tinted-zed": "tinted-zed" }, "locked": { - "lastModified": 1742040559, - "narHash": "sha256-Hb3aw00C1/5ORiTCASwMd8vcLAl/GNJfyjXZyl/EKpc=", + "lastModified": 1742234510, + "narHash": "sha256-dQoo4XivjZuJiSi8ePv9CuP0ncE64RLyz2vb46blRx0=", "owner": "danth", "repo": "stylix", - "rev": "bcc674f1994396137438bac9d905971453d33b12", + "rev": "fa288c0dc695b49c9af38614af8da981371fe92a", "type": "github" }, "original": { diff --git a/home/lilith/hyprland/default.nix b/home/lilith/hyprland/default.nix index bb95eb32..31b83fca 100644 --- a/home/lilith/hyprland/default.nix +++ b/home/lilith/hyprland/default.nix @@ -1,13 +1,16 @@ -{ lib, ...}: { +{ hyprland, ... }: +{ imports = [ + hyprland.homeManagerModules.default ./hyprpaper.nix ./hyprlock.nix -# ./hyprgrass.nix -# ./utils.nix + ./hyprgrass.nix + # ./utils.nix ]; wayland.windowManager.hyprland = { enable = true; + # package = hyprland.packages.${pkgs.system}.hyprland; xwayland.enable = true; @@ -16,15 +19,11 @@ settings = { "$terminal" = "alacritty"; - env = [ - "HYPRCURSOR_THEME,rose-pine-hyprcursor" - ]; + env = [ "HYPRCURSOR_THEME,rose-pine-hyprcursor" ]; xwayland.force_zero_scaling = true; - monitor = [ - ",preferred,1" - ]; + monitor = [ ",preferred,1" ]; exec-once = [ "hyprlock" diff --git a/home/lilith/hyprland/hyprgrass.nix b/home/lilith/hyprland/hyprgrass.nix new file mode 100644 index 00000000..571c0b99 --- /dev/null +++ b/home/lilith/hyprland/hyprgrass.nix @@ -0,0 +1,23 @@ +{ + config, + lib, + pkgs, + hyprgrass, + ... +}: +{ + options.desktop.touchSupport = lib.mkEnableOption "Enables touch-related features"; + config.wayland.windowManager.hyprland = lib.mkIf config.desktop.touchSupport { + plugins = [ hyprgrass.packages.${pkgs.system}.default ]; + + settings.plugin.touch_gestures = { + sensitivity = 2.0; + workspace_swipe_fingers = 3; + workspace_swipe_edge = "d"; + + long_press_delay = 500; + resize_on_border_long_press = true; + edge_margin = 20; + }; + }; +} diff --git a/home/lilith/hyprland/hyprlock.nix b/home/lilith/hyprland/hyprlock.nix index 0d0b9f52..798eceb0 100644 --- a/home/lilith/hyprland/hyprlock.nix +++ b/home/lilith/hyprland/hyprlock.nix @@ -1,4 +1,5 @@ -{ config, lib, ...}:{ +{ lib, ... }: +{ programs.hyprlock = { enable = true; @@ -26,7 +27,7 @@ input-field = [ { - size = "800, 80"; + size = "30%, 5%"; position = "0, 0"; monitor = ""; dots_center = true; @@ -39,6 +40,25 @@ shadow_passes = 2; } ]; + + label = [ + { + text = "Welcome!"; + position = "0, 20%"; + font_size = 40; + font_family = "JetBrains Mono"; + halign = "center"; + valign = "center"; + } + { + text = "$TIME"; + position = "0, 15%"; + font_size = 25; + font_family = "JetBrains Mono"; + halign = "center"; + valign = "center"; + } + ]; }; }; } diff --git a/home/lilith/stylix.nix b/home/lilith/stylix.nix index 7abb8d3b..02bffc23 100644 --- a/home/lilith/stylix.nix +++ b/home/lilith/stylix.nix @@ -1,4 +1,5 @@ -{...}: { +{ ... }: +{ stylix.targets = { firefox.enable = true; }; diff --git a/hosts/lilith-pad/default.nix b/hosts/lilith-pad/default.nix index 4be6ba77..e5f28216 100644 --- a/hosts/lilith-pad/default.nix +++ b/hosts/lilith-pad/default.nix @@ -6,6 +6,8 @@ in system.stateVersion = "24.11"; desktop.enable = true; + home-manager.users."lilith".desktop.touchSupport = true; + gaming.enable = false; nfs.client.enable = true; auto_styling.enable = true; diff --git a/secrets/default.yaml b/secrets/default.yaml new file mode 100644 index 00000000..8f067073 --- /dev/null +++ b/secrets/default.yaml @@ -0,0 +1,44 @@ +ssh: + nixremote: + public: ENC[AES256_GCM,data:cpgaIleEj+S0AdPnZQ0HeOS44SZNRljSCzi2uzMfA/vb4rmXWPqE+Yh0yG+UD0UThEYmVkZnvK5JNps2lTvp3Dqo92rYLQrn14vFP8yCQMU=,iv:9R5n3yE5yx0JLESRqax2ZWuYFR2XT1Xd882BU/SnAdQ=,tag:IIykViHleEO2lgu1Tjz5pw==,type:str] + private: ENC[AES256_GCM,data:7nT/pKf9rfUDQrRgXH/trJ7jv7C+1L71ZiAWK8uKbfYyonHzq3EJZ5hjSiP+9NFa1qoisL3JH/cv5kuDR8FZFLVTv0+oLW55YPD7SOAzVAeL45cnHzgaVvz7CCikve3ZtGHKurqyUcN7MXKDOqwnuQ1tcvzhAmfDBWwbnheUylmokBq20+eivjQ7AGt1lc0e0J2tpEZDdlUOrVFQd0QdoGBGOnadh/yA6fARfZb9oOYryooV1cGhlzoJNQ9/jXEasIDN+GDaNRpvXK5bvWKBNVmNF4QLnt9wJjIVfnpG6IrJJ2yduecgwAFnKj5Gn7NAkJ9RJzE0ysHLWYnIZWm8TGaBaphQLsmd6VJ/47nAiwfAGVoaCWI45lAFwEu9eEdbZn9joQvBFGsE6TEBbjb/JDWSzHFFwFDHNsApIs0w1FN6qEea2BoI6VINgwgzzcyV7XJNPqHd9KFQSSe7eqKAl6OiCGRxrF2pLzTohX/NCDkorkfdDLJ/DlEe+8B+Qe+IGDNtnbzLGDftI+GWYsSyjrUwGXcTSq1meIBB,iv:UBQb9m85xeYioV7VDi5tr7T75MTG9yddBMXASRwvq3A=,tag:1fkwUF1ZuvxNU6ntoXGk0w==,type:str] +sops: + kms: [] + gcp_kms: [] + azure_kv: [] + hc_vault: [] + age: + - recipient: age1mqw75xvd2gnhx2wsmkr8yctegjfym6xkypwjh82s3yws2glk4vms3cxqaz + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA3U1h5dy8xRkc5YUY2Si91 + dU81eEtjTzVDa2N2My9ycmp1aFRweHcwcTJjClJhY1laNmp5ZG9VN1UwTGdGMVZo + N1luQldHNzBYb2dpRGQrbkFwc1V4YUEKLS0tIGxzQU9QUHVzWWt5UnNLT0lYMnpJ + TnFFQXNEUDZTdVlOVkV2RVQyaWRRcEUKb/3gZ4lIfWeb6fXcUgdizdG158tpv0hm + objc1wG5HjIGiIZoJSvGmI5PnZzmKf8LFjMMfUP2m2JUVpOFKL2baQ== + -----END AGE ENCRYPTED FILE----- + - recipient: age1pyav93usza3s363g56687yxh9jmp364w32gs77le7t0cgg7jveyq4zcl6v + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB2S0pYL1kwZ2M4VkZWQ3Bl + WHdUUDJjOVQ3TkZWRDVGMkJoTnJPWkRWQlM0Cks1SVAwV0M3K3dHRkNHd3JvSEFF + QzNCa0ZFWWRLdkhOY0UrZHJNTVFrZEkKLS0tIGtaM2QwK1V3TUxlYkRyWTM3THls + endmMkVMRjgvb05ycS9SamFOUk54QVUKB7eaUO/4Ttxjtt3/ZoryQiHeodnTcqHy + 7Z4xQ21bWqDK3Bw/IaYsMEu1GJ5ZR7KcNENnuoU8wza3ymLv60Xzgw== + -----END AGE ENCRYPTED FILE----- + lastmodified: "2025-03-17T17:44:37Z" + mac: ENC[AES256_GCM,data:ws3pqokNCWVxXgXOFI8mDZQ9XTY1G8WZEEVzk3mD/+ERynLoD4xcPHL5tu3EisPBNIe90olnQy7/FwN8ZOkUl7UWjTPfCOPBqpY8P253YHz5mSdBp3U+9x16nbQHXH2InTzQQwbj7Z2Uz6kzz7Tk8tg8x+zli8lqWwFdpqv7p2k=,iv:Eqw4Q4Yy8/Yq8avXJ3na3lnu275YLvnacjluB++ta54=,tag:FcJDDJtPLm4pCG7ZKWCK0Q==,type:str] + pgp: + - created_at: "2025-03-17T17:42:02Z" + enc: |- + -----BEGIN PGP MESSAGE----- + + hF4DCgMW7d7co2gSAQdA6aDjYqTJFftxYboMahLPLvKcqzy++N+t6iKVR0J0k2sw + HroxiisYugH8mXue6VkCprlXiNt0M61gDLK1EeiUpN3FqqTxkKiKzF/kQRTrHJGU + 0l4BwaRyJyL+2Of0SwmB8rKfeVqSGW/PExZnrRrTRYxqxxaZwqNHqFxlQBC+COBg + u/h2KP2NCz5O5Pt1rjPWxlLcz0TsxPH8a4HiBQfmiwM91dowvq+6mWVcwW5NAmf5 + =EnO5 + -----END PGP MESSAGE----- + fp: 3586D8D6689B9C9ECD598C588712A0F317C37175 + unencrypted_suffix: _unencrypted + version: 3.9.4 diff --git a/system/core/nix.nix b/system/core/nix.nix index 870b737e..abd0a152 100644 --- a/system/core/nix.nix +++ b/system/core/nix.nix @@ -1,4 +1,5 @@ -{...}: { +{ ... }: +{ nix = { gc = { automatic = true; @@ -8,8 +9,25 @@ settings = { keep-outputs = true; auto-optimise-store = true; - experimental-features = ["nix-command" "flakes"]; - trusted-users = ["root" "@wheel"]; + experimental-features = [ + "nix-command" + "flakes" + ]; + trusted-users = [ + "root" + "@wheel" + ]; + + builders-use-substitutes = true; }; + + distributedBuilds = true; + buildMachines = [ + { + hostName = "lilith-server-builder"; + system = "x86_64-linux"; + protocol = "ssh-ng"; + } + ]; }; } diff --git a/system/core/persistence.nix b/system/core/persistence.nix index d4d55aa7..a695ec34 100644 --- a/system/core/persistence.nix +++ b/system/core/persistence.nix @@ -1,5 +1,12 @@ -{impermanence, conf, lib, config, ...}: { - imports = [impermanence.nixosModule]; +{ + impermanence, + conf, + lib, + config, + ... +}: +{ + imports = [ impermanence.nixosModule ]; environment.persistence."/persist/data" = { hideMounts = true; @@ -7,20 +14,20 @@ "/etc/NetworkManager/system-connections" "/var/lib/bluetooth" ]; - files = []; + files = [ ]; users.lilith = { directories = [ ".config/syncthing" ".config/sops" ".config/keepassxc" - ".config/obsidian" ".config/vesktop" ".gnupg" ".ssh" ".thunderbird" ".mozilla" + ".zen" "nixos" "sync" @@ -31,7 +38,7 @@ ".local/share/lutris" ".local/share/games" ]; - files = []; + files = [ ]; }; }; @@ -45,9 +52,7 @@ "/var/lib/systemd/timers" "/var/log" ]; - files = [ - "/etc/machine-id" - ]; + files = [ "/etc/machine-id" ]; users.lilith = { directories = [ @@ -55,9 +60,8 @@ ".cache/keepassxc" ".cargo" ".local/state/wireplumber" - "tmp" ]; - files = []; + files = [ ]; }; }; } diff --git a/system/core/ssh.nix b/system/core/ssh.nix index 3aeb7287..9d0d27f1 100644 --- a/system/core/ssh.nix +++ b/system/core/ssh.nix @@ -1,11 +1,27 @@ -{...}: { - networking.firewall.allowedTCPPorts = [22]; +{ ... }: +{ + networking.firewall.allowedTCPPorts = [ 22 ]; + + sops.secrets."ssh/nixremote/private" = { + sopsFile = ../../secrets/default.yaml; + path = "/root/.ssh/nixremote"; + }; + services.openssh = { enable = true; - ports = [22]; + ports = [ 22 ]; settings = { PermitRootLogin = "no"; PasswordAuthentication = false; }; }; + + programs.ssh = { + extraConfig = '' + Host lilith-server-builder + HostName 2a01:4f9:4a:1ecb::2 + User nixremote + IdentityFile /root/.ssh/nixremote + ''; + }; } diff --git a/system/optional/desktop.nix b/system/optional/desktop.nix index 1d634829..4bd14a46 100644 --- a/system/optional/desktop.nix +++ b/system/optional/desktop.nix @@ -1,15 +1,23 @@ -{ config, lib, ...}: { +{ + config, + lib, + pkgs, + hyprland, + ... +}: +{ options.desktop.enable = lib.mkEnableOption "Enable Wayland compositor with hyprland login"; config = lib.mkIf config.desktop.enable { hardware.graphics.enable = true; - + security.polkit.enable = true; - security.pam.services.hyprlock = {}; + security.pam.services.hyprlock = { }; services.dbus.enable = true; programs.hyprland.enable = true; + programs.hyprland.package = hyprland.packages.${pkgs.system}.hyprland; services.greetd = { enable = true; diff --git a/system/optional/stylix.nix b/system/optional/stylix.nix index 43a9e157..70911a58 100644 --- a/system/optional/stylix.nix +++ b/system/optional/stylix.nix @@ -54,6 +54,7 @@ cursor = { package = pkgs.rose-pine-cursor; name = "Rosé Pine"; + size = 10; }; }; };