Refactors, konawall-py for darwin, sumireko update to Sonoma

2026-02-09 04:19:19 -08:00 · 2023-11-15 11:10:44 -08:00 · 2023-11-15 11:10:44 -08:00 · bc61d82487
commit bc61d82487
parent 091ddb5b91
151 changed files with 691 additions and 792 deletions
--- a/common/home.nix
+++ b/common/home.nix
@ -18,9 +18,10 @@ in {
      ]
      ++ list.optional (tree.${systemType} ? home) tree.${systemType}.home;
-    users.kat.imports = with tree.kat; [
+    users.kat.imports = with tree.home.profiles; [
      common
    ];
    extraSpecialArgs = {
      inherit tree machine std inputs;
      parent = config;
--- a/darwin/distributed.nix
+++ b/darwin/distributed.nix
@ -4,14 +4,16 @@
  };
  launchd.daemons.start_nixos_native = {
-    serviceConfig.ProgramArguments = [
+    serviceConfig = {
      ProgramArguments = [
        "/bin/sh"
        "-c"
        "/bin/wait4path /nix/store &amp;&amp; ${pkgs.writeScript "start_nixos_native" ''
          /usr/bin/open "utm://start?name=NixOS Native"
        ''}"
      ];
-    serviceConfig.Label = "org.kittywitch.start_nixos_native";
+      Label = "org.kittywitch.start_nixos_native";
-    serviceConfig.RunAtLoad = true;
+      RunAtLoad = true;
    };
  };
 }
--- a/darwin/orbstack.nix
+++ b/darwin/orbstack.nix
@ -0,0 +1,71 @@
 {
  tree,
  std,
  ...
 }: let
  inherit (std) string;
 in {
  home-manager.users.root.programs.ssh = {
    enable = true;
    extraConfig = ''
      Host orb
        HostName 127.0.0.1
        Port 32222
        User default
        IdentityFile /Users/kat/.orbstack/ssh/id_ed25519
        ProxyCommand env HOME=/Users/kat '/Applications/OrbStack.app/Contents/Frameworks/OrbStack Helper (VM).app/Contents/MacOS/OrbStack Helper (VM)' ssh-proxy-fdpass
        ProxyUseFdpass yes
    '';
  };
  home-manager.users.kat = {
    home.file = {
      ".orbstack/ssh/authorized_keys".text =
        (string.concatSep "\n" tree.home.user.data.keys)
        + ''
          ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILW2V8yL2vC/KDmIQdxhEeevKo1vGG18bvMNj9mLL/On
        '';
      ".ssh/authorized_keys".text = ''
        ${string.concatSep "\n" tree.home.user.data.keys}
      '';
    };
    programs.ssh = {
      enable = true;
      extraConfig = ''
        Host orb
          HostName 127.0.0.1
          Port 32222
          User default
          IdentityFile /Users/kat/.orbstack/ssh/id_ed25519
          ProxyCommand env HOME=/Users/kat '/Applications/OrbStack.app/Contents/Frameworks/OrbStack Helper (VM).app/Contents/MacOS/OrbStack Helper (VM)' ssh-proxy-fdpass
          ProxyUseFdpass yes
      '';
    };
  };
  nix = {
    buildMachines = [
      {
        hostName = "nixos@orb";
        system = "aarch64-linux";
        supportedFeatures = ["nixos-test" "benchmark" "big-parallel" "kvm"];
      }
      {
        hostName = "nixos@orb";
        system = "x86_64-linux";
        supportedFeatures = ["nixos-test" "benchmark" "big-parallel" "kvm"];
      }
    ];
    distributedBuilds = true;
    extraOptions = ''
      builders-use-substitutes = true
    '';
  };
  homebrew = {
    casks = [
      "orbstack"
    ];
  };
 }
--- a/home/environments/darwin/konawall.nix
+++ b/home/environments/darwin/konawall.nix
@ -0,0 +1,93 @@
 {
  config,
  inputs,
  pkgs,
  ...
 }: let
  konawallConfig = {
    interval = 300;
    rotate = true;
    source = "konachan";
    tags = [
      "rating:s"
      "score:>=50"
      "width:>=1500"
    ];
    logging = {
      file = "INFO";
      console = "DEBUG";
    };
  };
 in {
  home.file."Library/Application Support/konawall/config.toml".source = (pkgs.formats.toml {}).generate "konawall-config" konawallConfig;
  launchd.agents.konawall = {
    enable = true;
    config = let
      replacementPyProject = ''
        [tool.poetry]
        name = "konawall"
        version = "0.1.0"
        license = "MIT"
        description = "A hopefully cross-platform service for fetching wallpapers and setting them"
        authors = [
            "Kat Inskip <kat@inskip.me>"
        ]
        readme = "README.MD"
        packages = [
            {include = "konawall"}
        ]
        [tool.poetry.scripts]
        gui = "konawall.gui:main"
        [tool.poetry.dependencies]
        python = "^3.11"
        pillow = "^10.0.1"
        screeninfo = "^0.8.1"
        requests = "^2.31.0"
        termcolor = "^2.3.0"
        wxpython = "^4.2.1"
        humanfriendly = "^10.0"
        xdg-base-dirs = "^6.0.1"
        [build-system]
        requires = [ "poetry-core" ]
        build-backend = "poetry.core.masonry.api"
      '';
      konawallInitialize = pkgs.writeScriptBin "konawall-initialize" ''
        #!/usr/bin/env bash
        set -xeuo pipefail
        # get a temporary directory
        tmpDir=$(mktemp -d)
        # copy the repository to the temporary directory recursively without keeping the permissions from the nix store
        ${pkgs.coreutils}/bin/cp -r --no-preserve=mode,ownership "${inputs.konawall-py.outPath}" "$tmpDir/konawall"
        # change directory to the copy
        cd $tmpDir/konawall
        # overwrite the pyproject.toml with the one that we want
        # use a EOF heredoc to avoid escaping the quotes
        cat <<EOF > pyproject.toml
        ${replacementPyProject}
        EOF
        # install the dependencies
        ${pkgs.poetry}/bin/poetry lock --no-update
        ${pkgs.poetry}/bin/poetry install
        # run the package
        ${pkgs.poetry}/bin/poetry run gui
      '';
    in {
      # yeah if https://github.com/NixOS/nixpkgs/issues/233265 and https://github.com/NixOS/nixpkgs/issues/101360
      # and https://github.com/NixOS/nixpkgs/issues/105156 were ok we might be able to do this
      #Program = "${inputs.konawall-py.packages.${pkgs.system}.konawall-py}/bin/konawall";
      #ProgramArguments = ["${inputs.konawall-py.packages.${pkgs.system}.konawall-py}/bin/konawall"];
      # it's unfortunate that this has to be done this way, for the most part.
      ProgramArguments = [
        "/usr/bin/env"
        "bash"
        "${konawallInitialize}/bin/konawall-initialize"
      ];
      RunAtLoad = true;
      KeepAlive = true;
    };
  };
 }
--- a/home/environments/gnome/dconf.nix
+++ b/home/environments/gnome/dconf.nix
--- a/home/environments/gnome/extensions.nix
+++ b/home/environments/gnome/extensions.nix
--- a/home/environments/gnome/gtk.nix
+++ b/home/environments/gnome/gtk.nix
--- a/home/environments/gnome/ssh.nix
+++ b/home/environments/gnome/ssh.nix
--- a/home/environments/kde/gtk.nix
+++ b/home/environments/kde/gtk.nix
--- a/home/environments/kde/kde.nix
+++ b/home/environments/kde/kde.nix
--- a/home/environments/kde/konawall.nix
+++ b/home/environments/kde/konawall.nix
--- a/home/environments/kde/qt.nix
+++ b/home/environments/kde/qt.nix
--- a/home/environments/sway/barrier.nix
+++ b/home/environments/sway/barrier.nix
--- a/home/environments/sway/gtk.nix
+++ b/home/environments/sway/gtk.nix
--- a/home/environments/sway/layout.xkb
+++ b/home/environments/sway/layout.xkb
--- a/home/environments/sway/mako.nix
+++ b/home/environments/sway/mako.nix
--- a/home/environments/sway/sway.nix
+++ b/home/environments/sway/sway.nix
--- a/home/environments/sway/waybar.nix
+++ b/home/environments/sway/waybar.nix
--- a/home/environments/sway/waybar.sass
+++ b/home/environments/sway/waybar.sass
--- a/home/environments/sway/wofi.nix
+++ b/home/environments/sway/wofi.nix
--- a/home/environments/sway/wofi.sass
+++ b/home/environments/sway/wofi.sass
--- a/home/environments/sway/xdg.nix
+++ b/home/environments/sway/xdg.nix
--- a/home/environments/sway/xkb.nix
+++ b/home/environments/sway/xkb.nix
--- a/home/profiles/common/base16.nix
+++ b/home/profiles/common/base16.nix
--- a/home/profiles/common/docs.nix
+++ b/home/profiles/common/docs.nix
@ -3,6 +3,5 @@ _: {
    html.enable = false;
    json.enable = false;
    manpages.enable = false;
    manual.manpages.enable = false;
  };
 }
--- a/home/profiles/common/profile-inheritance.nix
+++ b/home/profiles/common/profile-inheritance.nix
@ -0,0 +1,6 @@
 {tree, ...}: {
  imports = with tree.home.profiles; [
    shell
    neovim
  ];
 }
--- a/home/profiles/devops/packages.nix
+++ b/home/profiles/devops/packages.nix
@ -0,0 +1,25 @@
 {pkgs, ...}: {
  home.packages = with pkgs; [
    # IAC
    terraform # iac tool
    # Kubernetes
    kubectl # kubectl
    k9s # cute k8s client, canines~
    kubernetes-helm # k8s package manager
    # AWS
    awscli2 # awscli v2
    # Nix
    deadnix # nix dead-code scanner
    alejandra # nix code formatter
    statix # nix anti-pattern finder
    rnix-lsp # vscode nix extensions
    deploy-rs.deploy-rs # deployment system
  ];
 }
--- a/home/profiles/graphical/gpg.nix
+++ b/home/profiles/graphical/gpg.nix
--- a/home/profiles/graphical/packages.nix
+++ b/home/profiles/graphical/packages.nix
@ -0,0 +1,43 @@
 {pkgs, ...}: {
  config = {
    home.packages = with pkgs; [
      # Password manager
      bitwarden
      # Task managers
      btop
      htop
      # Mail
      thunderbird
      # Music
      spotify
      # Chat
      discord
      nheko # Matrix
      tdesktop # Telegram
      dino # XMPP
      signal-desktop
      # Exocortex
      obsidian
      # Archivery
      unzip
      zip
      p7zip
      # Misc
      gimp-with-plugins # GIMP
      exiftool # EXIF Stripping
      lm_sensors # Sensor Data
      cryptsetup # Encrypted block devices
      yubikey-manager # Yubikey
      imv # Image viewer
      yt-dlp # Downloading media
      v4l-utils # Webcam
    ];
  };
 }
--- a/home/profiles/graphical/vscode.nix
+++ b/home/profiles/graphical/vscode.nix
--- a/home/profiles/graphical/wezterm.nix
+++ b/home/profiles/graphical/wezterm.nix
--- a/home/profiles/neovim/default.nix
+++ b/home/profiles/neovim/default.nix
@ -7,7 +7,6 @@
 }: let
  inherit (lib.modules) mkIf;
  inherit (std) string set;
  packDir = builtins.toString (pkgs.vimUtils.packDir config.programs.neovim.plugins);
  initLua = pkgs.substituteAll ({
      name = "init.lua";
      src = ./init.lua;
--- a/home/profiles/neovim/init.lua
+++ b/home/profiles/neovim/init.lua
--- a/home/profiles/shell/bitw.nix
+++ b/home/profiles/shell/bitw.nix
@ -7,7 +7,7 @@
    enable = false;
    package = pkgs.rbw-bitw;
    settings = {
-      inherit (tree.kat.user.data) email;
+      inherit (tree.home.user.data) email;
      base_url = "https://vault.kittywit.ch";
      identity_url = null;
      lock_timeout = 3600;
--- a/home/profiles/shell/direnv.nix
+++ b/home/profiles/shell/direnv.nix
--- a/home/profiles/shell/eza.nix
+++ b/home/profiles/shell/eza.nix
@ -1,4 +1,4 @@
-{pkgs, ...}: {
+_: {
  programs.eza = {
    enable = true;
    enableAliases = true;
--- a/home/profiles/shell/fzf.nix
+++ b/home/profiles/shell/fzf.nix
--- a/home/profiles/shell/git.nix
+++ b/home/profiles/shell/git.nix
@ -10,7 +10,7 @@
  ];
  programs.git = {
-    inherit (tree.kat.user.data) userName userEmail;
+    inherit (tree.home.user.data) userName userEmail;
    package = pkgs.gitAndTools.gitFull;
    enable = true;
    extraConfig = {
@ -24,7 +24,7 @@
      };
    };
    signing = {
-      inherit (tree.kat.user.data) key;
+      inherit (tree.home.user.data) key;
      signByDefault = true;
    };
  };
--- a/home/profiles/shell/inputrc.nix
+++ b/home/profiles/shell/inputrc.nix
--- a/home/profiles/shell/lc.nix
+++ b/home/profiles/shell/lc.nix
--- a/home/profiles/shell/packages.nix
+++ b/home/profiles/shell/packages.nix
--- a/home/profiles/shell/rink.nix
+++ b/home/profiles/shell/rink.nix
--- a/home/profiles/shell/ssh.nix
+++ b/home/profiles/shell/ssh.nix
--- a/home/profiles/shell/starship.nix
+++ b/home/profiles/shell/starship.nix
--- a/home/profiles/shell/tmux.nix
+++ b/home/profiles/shell/tmux.nix
--- a/home/profiles/shell/z.nix
+++ b/home/profiles/shell/z.nix
--- a/home/profiles/shell/zsh.nix
+++ b/home/profiles/shell/zsh.nix
--- a/home/user/common.nix
+++ b/home/user/common.nix
@ -4,7 +4,7 @@
  ...
 }: {
  users.users.kat = {
-    inherit (tree.kat.user.data) description;
+    inherit (tree.home.user.data) description;
    shell = pkgs.zsh;
  };
 }
--- a/home/user/darwin.nix
+++ b/home/user/darwin.nix
--- a/home/user/data.nix
+++ b/home/user/data.nix
--- a/home/user/default.nix
+++ b/home/user/default.nix
--- a/home/user/nixos.nix
+++ b/home/user/nixos.nix
@ -3,7 +3,7 @@
    uid = 1000;
    isNormalUser = true;
    openssh.authorizedKeys = {
-      inherit (tree.kat.user.data) keys;
+      inherit (tree.home.user.data) keys;
    };
    extraGroups = [
      "wheel"
--- a/kat/default.nix
+++ b/kat/default.nix
@ -1,42 +0,0 @@
 {
  tree,
  std,
  ...
 }: let
  inherit (std) set list;
  wrapImports = imports:
    set.map
    (_: paths: {config, ...}: {
      config.home-manager.users.kat = {
        imports = list.singleton paths;
      };
    })
    imports;
  dirImports = wrapImports tree.prev;
 in
  dirImports
  // {
    inherit (tree.prev) user;
    common = {
      imports = with tree.prev; [
        base16
        shell
        neovim
      ];
    };
    gui = {
      imports = with dirImports; [
        gui
        wezterm
        vscode
        gpg
      ];
    };
    work = {
      imports = with dirImports; [
        wezterm
        vscode
        gpg
      ];
    };
  }
--- a/kat/gui/media.nix
+++ b/kat/gui/media.nix
@ -1,7 +0,0 @@
 {pkgs, ...}: {
  home.packages = with pkgs; [
    imv # Image viewer
    yt-dlp # Downloading media
    v4l-utils # Webcam
  ];
 }
--- a/kat/gui/mpv.nix
+++ b/kat/gui/mpv.nix
@ -1,125 +0,0 @@
 {
  config,
  lib,
  std,
  pkgs,
  ...
 }: let
  inherit (std) string set;
  inherit (lib.modules) mkMerge mkIf;
 in {
  programs.mpv = {
    enable = true;
    scripts = with pkgs.mpvScripts; [sponsorblock paused];
    bindings = let
      vim = {
        "l" = "seek 5";
        "h" = "seek -5";
        "k" = "seek 60";
        "j" = "seek -60";
        "Ctrl+l" = "seek 1 exact";
        "Ctrl+h" = "seek -1 exact";
        "Ctrl+L" = "sub-seek 1";
        "Ctrl+H" = "sub-seek -1";
        "Ctrl+k" = "add chapter 1";
        "Ctrl+j" = "add chapter -1";
        "Ctrl+K" = "playlist-next";
        "Ctrl+J" = "playlist-prev";
        "Alt+h" = "frame-back-step";
        "Alt+l" = "frame-step";
        "`" = "cycle mute";
        "MBTN_RIGHT" = "cycle pause";
        "w" = "screenshot";
        "W" = "screenshot video";
        "Ctrl+w" = "screenshot window";
        "Ctrl+W" = "screenshot each-frame";
        "o" = "show-progress";
        "O" = "script-message show_osc_dur 5";
        "F1" = "cycle sub";
        "F2" = "cycle audio";
        "Ctrl+p" = "cycle video";
        "L" = "add volume 2";
        "H" = "add volume -2";
        "Alt+H" = "add audio-delay -0.100";
        "Alt+L" = "add audio-delay 0.100";
        "1" = "set volume 10";
        "2" = "set volume 20";
        "3" = "set volume 30";
        "4" = "set volume 40";
        "5" = "set volume 50";
        "6" = "set volume 60";
        "7" = "set volume 70";
        "8" = "set volume 80";
        "9" = "set volume 90";
        ")" = "set volume 150";
        "0" = "set volume 100";
        "m" = "cycle mute";
        "Ctrl+r" = "loadfile \${path}";
        "Ctrl+R" = "video-reload";
        "d" = "drop-buffers";
        "Ctrl+d" = "quit";
      };
      other = {
        "RIGHT" = vim."l";
        "LEFT" = vim."h";
        "UP" = vim."k";
        "DOWN" = vim."j";
        "Ctrl+0" = "set speed 1.0";
        "Ctrl+=" = "multiply speed 1.1";
        "Ctrl+-" = "multiply speed 1/1.1";
        "Shift+LEFT" = vim."H";
        "Shift+RIGHT" = vim."L";
        "Ctrl+RIGHT" = vim."Ctrl+l";
        "Ctrl+LEFT" = vim."Ctrl+h";
        "Ctrl+Shift+LEFT" = vim."Ctrl+H";
        "Ctrl+Shift+RIGHT" = vim."Ctrl+L";
        "Ctrl+UP" = vim."Ctrl+k";
        "Ctrl+DOWN" = vim."Ctrl+j";
        "Ctrl+Shift+UP" = vim."Ctrl+K";
        "Ctrl+Shift+DOWN" = vim."Ctrl+J";
        "Alt+LEFT" = vim."Alt+h";
        "Alt+RIGHT" = vim."Alt+l";
        "SPACE" = vim."MBTN_RIGHT";
        "m" = vim."`";
        "WHEEL_UP" = vim."L";
        "WHEEL_DOWN" = vim."H";
      };
    in
      vim // other;
    config = mkMerge [
      (mkIf config.wayland.windowManager.sway.enable {
        gpu-context = "wayland";
      })
      {
        no-input-default-bindings = "";
        profile = "gpu-hq";
        hwdec = "auto";
        vo = "gpu";
        volume-max = 200;
        keep-open = true;
        opengl-waitvsync = true;
        demuxer-max-bytes = "2000MiB";
        demuxer-max-back-bytes = "250MiB";
        osd-scale-by-window = false;
        osd-bar-h = 2.5; # 3.125 default
        osd-border-size = 2; # font border pixels, default 3
        term-osd-bar = true;
        script-opts =
          string.concatSep ","
          (set.mapToValues (k: v: "${k}=${toString v}") {
            ytdl_hook-ytdl_path = "${pkgs.yt-dlp}/bin/yt-dlp";
            osc-layout = "slimbox";
            osc-vidscale = "no";
            osc-deadzonesize = 0.75;
            osc-minmousemove = 4;
            osc-hidetimeout = 2000;
            osc-valign = 0.9;
            osc-timems = "yes";
            osc-seekbarstyle = "knob";
            osc-seekbarkeyframes = "no";
            osc-seekrangestyle = "slider";
          });
      }
    ];
  };
 }
--- a/kat/gui/packages.nix
+++ b/kat/gui/packages.nix
@ -1,32 +0,0 @@
 {pkgs, ...}: {
  home.packages = with pkgs; [
    # Password manager
    bitwarden
    # Task managers
    btop
    htop
    # Mail
    thunderbird
    # Music
    spotify
    playerctl
    # Chat
    discord
    nheko # Matrix
    tdesktop # Telegram
    dino # XMPP
    signal-desktop
    # Exocortex
    obsidian
    # Archivery
    unzip
    zip
    p7zip
    # Misc
    gimp-with-plugins # GIMP
    exiftool # EXIF Stripping
    lm_sensors # Sensor Data
    cryptsetup # Encrypted block devices
    yubikey-manager # Yubikey
  ];
 }
--- a/modules/nixos/machine.nix
+++ b/modules/nixos/machine.nix
@ -0,0 +1,15 @@
 {lib, ...}: let
  inherit (lib.modules) mkOption;
  inherit (lib.types) enum;
 in {
  options.machine = {
    cpuVendor = mkOption {
      type = enum [
        "intel"
        "amd"
        "apple"
      ];
      description = "CPU vendor";
    };
  };
 }
--- a/nixos/common/access.nix
+++ b/nixos/common/access.nix
@ -13,20 +13,6 @@
      config.users.users);
  };
 in {
  security.sudo.extraRules = [
    {
      users = ["deploy"];
      commands = [
        {
          command = "ALL";
          options = [
            "NOPASSWD"
            "SETENV"
          ];
        }
      ];
    }
  ];
  users.users = {
    root = commonUser;
    deploy =
--- a/nixos/common/autoupgrade.nix
+++ b/nixos/common/autoupgrade.nix
@ -1,6 +0,0 @@
 {config, ...}: {
  system.autoUpgrade = {
    enable = false;
    flake = "github:kittywitch/infrastructure#${config.networking.hostName}";
  };
 }
--- a/nixos/common/console.nix
+++ b/nixos/common/console.nix
--- a/nixos/common/disable-documentation.nix
+++ b/nixos/common/disable-documentation.nix
--- a/nixos/common/mutable-users.nix
+++ b/nixos/common/mutable-users.nix
--- a/nixos/common/nftables.nix
+++ b/nixos/common/nftables.nix
@ -1,4 +1,3 @@
 _: {
  networking.nftables.enable = true;
  services.tailscale.enable = true;
 }
--- a/nixos/common/nix-deploy-trusted-user.nix
+++ b/nixos/common/nix-deploy-trusted-user.nix
@ -0,0 +1,9 @@
 _: {
  nix = {
    settings = {
      trusted-users = [
        "deploy"
      ];
    };
  };
 }
--- a/nixos/common/nix.nix
+++ b/nixos/common/nix.nix
@ -1,21 +0,0 @@
 {lib, ...}: let
  inherit (lib.modules) mkDefault;
 in {
  boot.loader = {
    grub.configurationLimit = 8;
    systemd-boot.configurationLimit = 8;
  };
  nix = {
    settings = {
      trusted-users = [
        "deploy"
      ];
    };
    gc = {
      automatic = mkDefault false;
      dates = mkDefault "weekly";
      options = mkDefault "--delete-older-than 7d";
    };
  };
 }
--- a/nixos/common/ssh.nix
+++ b/nixos/common/ssh.nix
@ -9,22 +9,10 @@
 in {
  networking.firewall = {
    allowedTCPPorts = [(list.unsafeHead config.services.openssh.ports)];
    allowedUDPPortRanges = [
      {
        from = 60000;
        to = 61000;
      }
    ];
  };
  services.openssh = {
    enable = true;
    /*
      knownHosts.katca = {
      certAuthority = true;
      publicKey = builtins.readFile ./ca-pubkey.pem;
    };
    */
    settings = {
      KexAlgorithms = ["curve25519-sha256@libssh.org"];
      PasswordAuthentication = false;
@ -37,6 +25,4 @@ in {
      LogLevel VERBOSE
    '';
  };
  programs.mosh.enable = true;
 }
--- a/nixos/common/sudo-nopasswd.nix
+++ b/nixos/common/sudo-nopasswd.nix
@ -0,0 +1,16 @@
 _: {
  security.sudo.extraRules = [
    {
      users = ["deploy"];
      commands = [
        {
          command = "ALL";
          options = [
            "NOPASSWD"
            "SETENV"
          ];
        }
      ];
    }
  ];
 }
--- a/nixos/common/tailscale.nix
+++ b/nixos/common/tailscale.nix
@ -0,0 +1,3 @@
 _: {
  services.tailscale.enable = true;
 }
--- a/nixos/common/tzupdate.nix
+++ b/nixos/common/tzupdate.nix
--- a/nixos/common/shell.nix
+++ b/nixos/common/shell.nix
--- a/nixos/environments/gnome/dconf.nix
+++ b/nixos/environments/gnome/dconf.nix
@ -0,0 +1,3 @@
 _: {
  programs.dconf.enable = true;
 }
--- a/nixos/environments/gnome/packages.nix
+++ b/nixos/environments/gnome/packages.nix
@ -1,15 +1,4 @@
-{
+{pkgs, ...}: {
  pkgs,
  tree,
  ...
 }: {
  imports = with tree.nixos.roles; [
    graphical
  ];
  services.xserver.enable = true;
  services.xserver.displayManager.gdm.enable = true;
  services.xserver.desktopManager.gnome.enable = true;
  environment.gnome.excludePackages =
    (with pkgs; [
      gnome-photos
@ -30,7 +19,6 @@
      gnome-contacts
      gnome-initial-setup
    ]);
  programs.dconf.enable = true;
  environment.systemPackages = with pkgs; [
    gnome.gnome-tweaks
    gnome-extension-manager
--- a/nixos/environments/gnome/profile-inheritance.nix
+++ b/nixos/environments/gnome/profile-inheritance.nix
@ -0,0 +1,9 @@
 {tree, ...}: {
  imports = with tree.nixos.profiles; [
    graphical
  ];
  home-manager.users.kat.imports = with tree.home.environments; [
    gnome
  ];
 }
--- a/nixos/environments/gnome/xserver.nix
+++ b/nixos/environments/gnome/xserver.nix
@ -0,0 +1,7 @@
 _: {
  services.xserver = {
    enable = true;
    displayManager.gdm.enable = true;
    desktopManager.gnome.enable = true;
  };
 }
--- a/nixos/environments/kde/dconf.nix
+++ b/nixos/environments/kde/dconf.nix
@ -0,0 +1,3 @@
 _: {
  programs.dconf.enable = true;
 }
--- a/nixos/environments/kde/profile-inheritance.nix
+++ b/nixos/environments/kde/profile-inheritance.nix
@ -0,0 +1,9 @@
 {tree, ...}: {
  imports = with tree.nixos.profiles; [
    graphical
  ];
  home-manager.users.kat.imports = with tree.home.environments; [
    kde
  ];
 }
--- a/nixos/environments/kde/xserver.nix
+++ b/nixos/environments/kde/xserver.nix
@ -0,0 +1,7 @@
 _: {
  services.xserver = {
    enable = true;
    displayManager.sddm.enable = true;
    desktopManager.plasma5.enable = true;
  };
 }
--- a/nixos/environments/sway/profile-inheritance.nix
+++ b/nixos/environments/sway/profile-inheritance.nix
@ -0,0 +1,9 @@
 {tree, ...}: {
  imports = with tree.nixos.profiles; [
    graphical
  ];
  home-manager.users.kat.imports = with tree.home.environments; [
    sway
  ];
 }
--- a/nixos/environments/sway/sway.nix
+++ b/nixos/environments/sway/sway.nix
--- a/nixos/environments/sway/xdg-portals.nix
+++ b/nixos/environments/sway/xdg-portals.nix
--- a/nixos/hardware/default.nix
+++ b/nixos/hardware/default.nix
@ -1,26 +0,0 @@
 {tree, ...}: let
  profiles = tree.prev;
  appendedProfiles = {
    common-wifi-bt = {
      imports = with profiles; [
        wifi
        bluetooth
      ];
    };
    laptop = {
      imports = with profiles; [
        laptop
        sound
      ];
    };
    lenovo-thinkpad-x260 = {
      imports = with profiles; [
        lenovo-thinkpad-x260
        lenovo-thinkpad-x260-local
        appendedProfiles.laptop
        appendedProfiles.common-wifi-bt
      ];
    };
  };
 in
  profiles // appendedProfiles
--- a/nixos/hardware/intel.nix
+++ b/nixos/hardware/intel.nix
@ -0,0 +1,11 @@
 {
  config,
  lib,
  ...
 }: let
  inherit (lib.modules) mkIf;
 in {
  config = mkIf (config.machine.cpuVendor == "intel") {
    boot.kernelModules = ["kvm-intel"];
  };
 }
--- a/nixos/hardware/laptop.nix
+++ b/nixos/hardware/laptop.nix
@ -1,37 +0,0 @@
 {
  lib,
  pkgs,
  ...
 }: let
  inherit (lib.modules) mkDefault;
 in {
  powerManagement.cpuFreqGovernor = mkDefault "powersave";
  programs.light.enable = true;
  home-manager.sharedModules = [
    {
      programs.waybar.settings.main = {
        modules-right = [
          "backlight"
          "battery"
        ];
        backlight = {
          format = " {percent}%";
          on-scroll-up = "${pkgs.light}/bin/light -A 1";
          on-scroll-down = "${pkgs.light}/bin/light -U 1";
        };
        battery = {
          states = {
            good = 90;
            warning = 30;
            critical = 15;
          };
          format = "{icon} {capacity}%";
          format-charging = " {capacity}%";
          format-plugged = " {capacity}%";
          format-alt = "{icon} {time}";
          format-icons = ["" "" "" "" ""];
        };
      };
    }
  ];
 }
--- a/nixos/hardware/lenovo-thinkpad-x260-local.nix
+++ b/nixos/hardware/lenovo-thinkpad-x260-local.nix
@ -1,17 +0,0 @@
 _: {
  boot = {
    initrd.availableKernelModules = ["xhci_pci" "nvme" "usb_storage" "sd_mod" "sr_mod" "rtsx_usb_sdmmc"];
    kernelModules = ["kvm-intel"];
  };
  home-manager.sharedModules = [
    {
      wayland.windowManager.sway.config.input."2:7:SynPS/2_Synaptics_TouchPad" = {
        dwt = "enabled";
        tap = "enabled";
        natural_scroll = "enabled";
        middle_emulation = "enabled";
        click_method = "clickfinger";
      };
    }
  ];
 }
--- a/nixos/hardware/sound.nix
+++ b/nixos/hardware/sound.nix
@ -1,45 +0,0 @@
 {pkgs, ...}: {
  environment.systemPackages = with pkgs; [pulsemixer];
  sound = {
    enable = true;
    extraConfig = ''
      defaults.pcm.rate_converter "speexrate_best"
    '';
  };
  hardware.pulseaudio.enable = false;
  security.rtkit.enable = true;
  services.pipewire = {
    enable = true;
    pulse.enable = true;
    alsa.support32Bit = true;
    jack.enable = true;
    alsa.enable = true;
  };
  home-manager.sharedModules = [
    {
      programs.waybar.settings.main = {
        modules-right = [
          "pulseaudio"
        ];
        pulseaudio = {
          format = "{icon} {volume}%";
          format-muted = "";
          on-click = "${pkgs.wezterm}/bin/wezterm start ${pkgs.pulsemixer}/bin/pulsemixer";
          format-icons = {
            headphone = "";
            headset = "";
            default = [
              ""
              ""
              ""
            ];
          };
        };
      };
    }
  ];
 }
--- a/nixos/profiles/bootable/loader-config-limit.nix
+++ b/nixos/profiles/bootable/loader-config-limit.nix
@ -0,0 +1,8 @@
 _: {
  boot = {
    loader = {
      grub.configurationLimit = 8;
      systemd-boot.configurationLimit = 8;
    };
  };
 }
--- a/nixos/profiles/bootable/sysctl.nix
+++ b/nixos/profiles/bootable/sysctl.nix
@ -0,0 +1,15 @@
 {lib, ...}: let
  inherit (lib.modules) mkDefault;
 in {
  boot = {
    kernel.sysctl = {
      "fs.inotify.max_user_watches" = 524288;
      "net.core.rmem_max" = 16777216;
      "net.core.wmem_max" = 16777216;
      "net.ipv4.tcp_rmem" = "4096 87380 16777216";
      "net.ipv4.tcp_wmem" = "4096 65536 16777216";
      "net.ipv4.ip_forward" = mkDefault "1";
      "net.ipv6.conf.all.forwarding" = "1";
    };
  };
 }
--- a/nixos/profiles/bootable/tmp.nix
+++ b/nixos/profiles/bootable/tmp.nix
@ -0,0 +1,8 @@
 _: {
  boot = {
    tmp = {
      tmpfsSize = "80%";
      useTmpfs = true;
    };
  };
 }
--- a/nixos/profiles/bootable/zfs.nix
+++ b/nixos/profiles/bootable/zfs.nix
@ -0,0 +1,14 @@
 {
  std,
  config,
  lib,
  ...
 }: let
  inherit (std) list;
  inherit (lib.modules) mkDefault mkIf;
 in {
  boot = mkIf (list.elem "zfs" config.boot.supportedFilesystems) {
    kernelPackages = mkDefault config.boot.zfs.package.latestCompatibleLinuxPackages;
    zfs.enableUnstable = true;
  };
 }
--- a/nixos/profiles/gaming/steam.nix
+++ b/nixos/profiles/gaming/steam.nix
--- a/nixos/profiles/graphical/dns.nix
+++ b/nixos/profiles/graphical/dns.nix
--- a/nixos/profiles/graphical/fonts.nix
+++ b/nixos/profiles/graphical/fonts.nix
--- a/nixos/profiles/graphical/gpg.nix
+++ b/nixos/profiles/graphical/gpg.nix
--- a/nixos/profiles/graphical/hardware.nix
+++ b/nixos/profiles/graphical/hardware.nix
--- a/nixos/profiles/graphical/nfs.nix
+++ b/nixos/profiles/graphical/nfs.nix
--- a/nixos/profiles/graphical/packages.nix
+++ b/nixos/profiles/graphical/packages.nix
--- a/nixos/profiles/graphical/pam.nix
+++ b/nixos/profiles/graphical/pam.nix
--- a/nixos/profiles/graphical/profile-inheritance.nix
+++ b/nixos/profiles/graphical/profile-inheritance.nix
@ -0,0 +1,5 @@
 {tree, ...}: {
  imports = with tree.nixos.profiles; [
    bootable
  ];
 }
--- a/nixos/profiles/graphical/qt.nix
+++ b/nixos/profiles/graphical/qt.nix
--- a/nixos/profiles/graphical/sound.nix
+++ b/nixos/profiles/graphical/sound.nix
@ -0,0 +1,21 @@
 {pkgs, ...}: {
  environment.systemPackages = with pkgs; [pulsemixer];
  sound = {
    enable = true;
    extraConfig = ''
      defaults.pcm.rate_converter "speexrate_best"
    '';
  };
  hardware.pulseaudio.enable = false;
  security.rtkit.enable = true;
  services.pipewire = {
    enable = true;
    pulse.enable = true;
    alsa.support32Bit = true;
    jack.enable = true;
    alsa.enable = true;
  };
 }
--- a/Show more
+++ b/Show more