diff --git a/flake.lock b/flake.lock
index 4df3563..d309bd2 100644
--- a/flake.lock
+++ b/flake.lock
@@ -883,7 +883,7 @@
"oisd": {
"flake": false,
"locked": {
- "narHash": "sha256-BimlCciIYi63B1KGZzUzlpduFmj0jtjASH+QORYWoww=",
+ "narHash": "sha256-QIpM9e7dye+EDO9rvlhSbDVLtmcgw8aLtg0DncPHK2s=",
"type": "file",
"url": "https://big.oisd.nl/domainswild"
},
diff --git a/hosts/sakura/default.nix b/hosts/sakura/default.nix
index 22418e6..0832657 100644
--- a/hosts/sakura/default.nix
+++ b/hosts/sakura/default.nix
@@ -16,9 +16,11 @@ in
./../../modules/services/tailscale.nix
./../../modules/services/mpd.nix
./../../modules/services/smart-monitoring.nix
+ ./../../modules/services/mullvad.nix
inputs.nixos-hardware.nixosModules.framework-13-7040-amd
- ./../../modules/security/dnscrypt.nix
- ./../../modules/security/syslogd.nix
+ ./../../modules/home/steam.nix
+ ./../../modules/services/ollama.nix
+ # ./../../modules/services/automount.nix
];
# install some system-utilities; set hosts to be editable by the user.
@@ -26,6 +28,7 @@ in
systemPackages = with pkgs; [
fwupd
fw-ectool
+ monero-gui
];
etc.hosts.mode = "0700";
};
@@ -36,6 +39,7 @@ in
creative.enable = true;
amdgpu.enable = true;
gui.enable = true;
+ wine.enable = true;
};
services = {
@@ -56,14 +60,14 @@ in
# networkmanager.ethernet.macAddress = "13:37:6a:8a:ed:a4";
};
- environment.etc."NetworkManager/conf.d/20-ethernet-mac-address.conf".text = ''
- [connection.20-ethernet-mac-addr]
- match-device=type:ethernet
- ethernet.cloned-mac-address=${mac_ethernet}
+ #environment.etc."NetworkManager/conf.d/20-ethernet-mac-address.conf".text = ''
+ # [connection.20-ethernet-mac-addr]
+ # match-device=type:ethernet
+ # ethernet.cloned-mac-address=${mac_ethernet}
- [.config]
- enable=nm-version-min:1.45
- '';
+ # [.config]
+ # enable=nm-version-min:1.45
+ #'';
powerManagement = {
enable = true;
diff --git a/modules/core/sops.nix b/modules/core/sops.nix
index 4091447..3a0e7a0 100644
--- a/modules/core/sops.nix
+++ b/modules/core/sops.nix
@@ -33,6 +33,7 @@
"systemMailerPassword" = { };
"dandelionSyncthingId" = { };
"sakuraSyncthingId" = { };
+ "homeExternalIPv4" = { };
}
else if (host == "dandelion") then
{
diff --git a/modules/home/default.nix b/modules/home/default.nix
index 8abd449..aaec9da 100644
--- a/modules/home/default.nix
+++ b/modules/home/default.nix
@@ -10,6 +10,7 @@
++ [ (import ./kitty.nix) ]
++ [ (import ./kanshi.nix) ]
++ [ (import ./foot.nix) ]
+ ++ [ (import ./nextcloud.nix) ]
++ [ (import ./nvim.nix) ]
++ [ (import ./zathura.nix) ]
++ [ (import ./packages.nix) ]
diff --git a/modules/home/hyprland/config.nix b/modules/home/hyprland/config.nix
index 4f09651..500712a 100644
--- a/modules/home/hyprland/config.nix
+++ b/modules/home/hyprland/config.nix
@@ -37,6 +37,7 @@
"foot --server &"
"hyprfloat &"
"gsettings set org.gnome.desktop.interface color-scheme 'prefer-dark' &"
+ "nwg-dock-hyprland &"
];
input = {
@@ -58,7 +59,6 @@
border_size = 2;
"col.active_border" = "rgb(ffffff) rgb(ffffff) 45deg";
"col.inactive_border" = "0x00000000";
- no_border_on_floating = false;
};
group = {
"col.border_active" = "rgb(ffffff) rgb(ffffff) 45deg";
@@ -103,22 +103,20 @@
decoration = {
rounding = 0;
- # active_opacity = 0.90;
- # inactive_opacity = 0.90;
+ active_opacity = 1.00;
+ inactive_opacity = 0.75;
# fullscreen_opacity = 1.0;
blur = {
- enabled = false;
- size = 1;
- passes = 1;
- # size = 4;
- # passes = 2;
+ enabled = true;
+ size = 7;
+ passes = 3;
+ noise = 0.08;
brightness = 1;
- contrast = 1.400;
+ contrast = 1.5;
ignore_opacity = true;
- noise = 0;
new_optimizations = true;
- xray = true;
+ xray = false;
};
# drop_shadow = true;
@@ -160,6 +158,9 @@
gesture = [
"3, horizontal, workspace"
+ "4, up, dispatcher, playerctl -p mpd play-pause"
+ "4, left, dispatcher, playerctl -p mpd next"
+ "4, right, dispatcher, playerctl -p mpd previous"
# "4, horizontal, move"
];
@@ -287,52 +288,61 @@
];
# windowrule
- windowrule = [
- "float,title:^(float_kitty)$"
- "center,title:^(float_kitty)$"
- "size 950 600,title:^(float_kitty)$"
- "float,title:^(float_foot)$"
- "center,title:^(float_foot)$"
- "size 950 600,title:^(float_foot)$"
- "float,title:^(Volume Control)$"
- "float,title:^(Librewolf — Sharing Indicator)$"
- "float,title:^(Export Image as PNG)$"
- "move 0 0,title:^(Librewolf — Sharing Indicator)$"
- "size 700 450,title:^(Volume Control)$"
- "move 40 55%,title:^(Volume Control)$"
- "bordersize 0, floating:0, onworkspace:w[tv1]"
- "rounding 0, floating:0, onworkspace:w[tv1]"
- "bordersize 0, floating:0, onworkspace:f[1]"
- "rounding 0, floating:0, onworkspace:f[1]"
- ];
+ # windowrule = [
+ # "float,title:^(float_kitty)$"
+ # "center,title:^(float_kitty)$"
+ # "size 950 600,title:^(float_kitty)$"
+ # "float,title:^(float_foot)$"
+ # "center,title:^(float_foot)$"
+ # "size 950 600,title:^(float_foot)$"
+ # "float,title:^(Volume Control)$"
+ # "float,title:^(Librewolf — Sharing Indicator)$"
+ # "float,title:^(Export Image as PNG)$"
+ # "move 0 0,title:^(Librewolf — Sharing Indicator)$"
+ # "size 700 450,title:^(Volume Control)$"
+ # "move 40 55%,title:^(Volume Control)$"
+ # "bordersize 0, floating:0, onworkspace:w[tv1]"
+ # "rounding 0, floating:0, onworkspace:w[tv1]"
+ # "bordersize 0, floating:0, onworkspace:f[1]"
+ # "rounding 0, floating:0, onworkspace:f[1]"
+ # ];
- # windowrulev2
- windowrulev2 = [
- "noanim, class:^(bemenu)$"
- "float, title:^(Picture-in-Picture)$"
- "opacity 1.0 override 1.0 override, title:^(Picture-in-Picture)$"
- "pin, title:^(Picture-in-Picture)$"
- "opacity 1.0 override 1.0 override, title:^(.*imv.*)$"
- "opacity 1.0 override 1.0 override, title:^(.*mpv.*)$"
- "idleinhibit focus, class:^(mpv)$"
- "idleinhibit fullscreen, class:^(librewolf)$"
- "float,class:^(pavucontrol-qt)$"
- "float,class:^(pavucontrol)$"
- "float,class:^(SoundWireServer)$"
- "float,class:^(.sameboy-wrapped)$"
- "float,class:^(file_progress)$"
- "float,class:^(confirm)$"
- "float,class:^(dialog)$"
- "float,class:^(download)$"
- "float,class:^(notification)$"
- "float,class:^(error)$"
- "float,class:^(confirmreset)$"
- "float,title:^(Open File)$"
- "float,title:^(branchdialog)$"
- "float,title:^(Confirm to replace files)$"
- "float,title:^(File Operation Progress)$"
- "float,title:^(float_foot)$"
- "nofocus,class:^$,title:^$,xwayland:1,floating:1,fullscreen:0,pinned:0"
+ ## windowrulev2
+ windowrule = [
+ # "opacity 0.5 0.5, match:class nwg-dock-hyprland"
+ "no_blur on, match:class ungoogled-chromium"
+ "no_blur on, match:class librewolf"
+ # "noanim, class:^(bemenu)$"
+ # "float, title:^(Picture-in-Picture)$"
+ # "opacity 1.0 override 1.0 override, title:^(Picture-in-Picture)$"
+ # "pin, title:^(Picture-in-Picture)$"
+ # "opacity 1.0 override 1.0 override, title:^(.*imv.*)$"
+ # "opacity 1.0 override 1.0 override, title:^(.*mpv.*)$"
+ # "idleinhibit focus, class:^(mpv)$"
+ # "idleinhibit fullscreen, class:^(librewolf)$"
+ # "float,class:^(pavucontrol-qt)$"
+ # "fullscreen,class:Nsxiv"
+ # "fullscreen,title:^(*nsxiv*)$"
+ # "fullscreen,title:^(nsxiv)$"
+ # "fullscreen,class:swiv"
+ # "fullscreen,title:^(*swiv*)$"
+ # "fullscreen,title:^(swiv)$"
+ # "float,class:^(pavucontrol)$"
+ # "float,class:^(SoundWireServer)$"
+ # "float,class:^(.sameboy-wrapped)$"
+ # "float,class:^(file_progress)$"
+ # "float,class:^(confirm)$"
+ # "float,class:^(dialog)$"
+ # "float,class:^(download)$"
+ # "float,class:^(notification)$"
+ # "float,class:^(error)$"
+ # "float,class:^(confirmreset)$"
+ # "float,title:^(Open File)$"
+ # "float,title:^(branchdialog)$"
+ # "float,title:^(Confirm to replace files)$"
+ # "float,title:^(File Operation Progress)$"
+ # "float,title:^(float_foot)$"
+ # "nofocus,class:^$,title:^$,xwayland:1,floating:1,fullscreen:0,pinned:0"
];
};
diff --git a/modules/home/hyprland/hyprland.nix b/modules/home/hyprland/hyprland.nix
index 3903d04..57ea3cb 100644
--- a/modules/home/hyprland/hyprland.nix
+++ b/modules/home/hyprland/hyprland.nix
@@ -10,6 +10,7 @@
glib
wayland
direnv
+ nwg-dock-hyprland
];
# systemd.user.targets.hyprland-session.Unit.Wants = [ "xdg-desktop-autostart.target" ];
wayland.windowManager.hyprland = {
diff --git a/modules/home/kanshi.nix b/modules/home/kanshi.nix
index 267c7b9..1d96caf 100644
--- a/modules/home/kanshi.nix
+++ b/modules/home/kanshi.nix
@@ -66,6 +66,22 @@
];
};
home = {
+ outputs = [
+ {
+ criteria = "eDP-1";
+ position = "152,1440";
+ }
+ {
+ criteria = "LG Electronics LG ULTRAGEAR+ 507NTRLM0646";
+ scale = 1.0;
+ status = "enable";
+ position = "0,0";
+ # adaptiveSync = true;
+ mode = "2560x1440@144Hz";
+ }
+ ];
+ };
+ home-alt = {
outputs = [
{
criteria = "eDP-1";
diff --git a/modules/home/nextcloud.nix b/modules/home/nextcloud.nix
new file mode 100644
index 0000000..7e4d10f
--- /dev/null
+++ b/modules/home/nextcloud.nix
@@ -0,0 +1,40 @@
+{
+ pkgs,
+ config,
+ username,
+ ...
+}:
+let
+ nexturl = "cloud.liv.town";
+in
+{
+ home.packages = with pkgs; [
+ nextcloud-client
+ ];
+ systemd.user = {
+ services.nextcloud-autosync = {
+ Unit = {
+ Description = "Auto sync Nextcloud";
+ After = "network-online.target";
+ };
+ Service = {
+ Type = "simple";
+ ExecStart = "${pkgs.nextcloud-client}/bin/nextcloudcmd -h -n --path /music /home/${username}/cloud/music https://${nexturl}";
+ TimeoutStopSec = "180";
+ KillMode = "process";
+ KillSignal = "SIGINT";
+ };
+ Install.WantedBy = [ "multi-user.target" ];
+ };
+ timers.nextcloud-autosync = {
+ Unit.Description = "Automatic sync files with Nextcloud when booted up after 5 minutes then rerun every 60 minutes";
+ Timer.OnBootSec = "5min";
+ Timer.OnUnitActiveSec = "30min";
+ Install.WantedBy = [
+ "multi-user.target"
+ "timers.target"
+ ];
+ };
+ startServices = true;
+ };
+}
diff --git a/modules/home/packages.nix b/modules/home/packages.nix
index 84d23cc..7fe86cd 100644
--- a/modules/home/packages.nix
+++ b/modules/home/packages.nix
@@ -29,6 +29,7 @@
gcc
gnumake
python3
+ nautilus
# CLI shit
bitwarden-cli
@@ -36,7 +37,6 @@
foot
termpdfpy
vimv
- iamb
pass
lm_sensors
neofetch
diff --git a/modules/home/waybar/default.nix b/modules/home/waybar/default.nix
index 2ee9979..dec5655 100644
--- a/modules/home/waybar/default.nix
+++ b/modules/home/waybar/default.nix
@@ -27,11 +27,11 @@
"position": "top",
"modules-left": [
+ "custom/devices",
"privacy",
"network",
"custom/music",
"custom/vpn",
- "custom/devices",
"sway/mode",
"tray",
],
@@ -98,12 +98,14 @@
},
"custom/vpn": {
- "format": "{icon}",
- "tooltip-format": "{text}",
- "format-icons": [ "","" ],
+ "format": "VPN: {text}", // ({location})",
+ // "format": "{text}",
+ // "format-icons": [ "","" ],
+ // "tooltip": true,
+ // "tooltip-format": "{node}",
"return-type": "json",
- "exec": "~/.local/bin/waybar-vpn",
- "interval": 30
+ "exec": "~/.local/bin/waybar-mullvad",
+ "interval": 10
},
"custom/music": {
diff --git a/modules/home/waybar/scripts.nix b/modules/home/waybar/scripts.nix
index 4932a4d..7db02b1 100644
--- a/modules/home/waybar/scripts.nix
+++ b/modules/home/waybar/scripts.nix
@@ -1,5 +1,13 @@
-{ pkgs, username, ... }:
-
+{
+ pkgs,
+ username,
+ config,
+ ...
+}:
+let
+ # homeExternalIPv4 = "${pkgs.coreutils}/bin/cat ${config.sops.secrets.homeExternalIPv4.path}";
+ homeExternalIPv4 = "92.118.0.69";
+in
{
home.file = {
"/home/${username}/.local/bin/waybar-yubikey" = {
@@ -213,6 +221,7 @@
'';
};
"/home/${username}/.local/bin/waybar-vpn" = {
+ # unused nowadays
executable = true;
text = ''
#!/usr/bin/env bash
@@ -222,6 +231,23 @@
|| echo '{"text":"Disconnected","class":"disconnected","percentage":0}'
'';
};
+ "/home/${username}/.local/bin/waybar-mullvad" = {
+ executable = true;
+ text = ''
+ #!/usr/bin/env bash
+
+ STATUS="$(mullvad status | grep -Eio 'connected|connecting|disconnected' | tr '[:upper:]' '[:lower:]')"
+ NODE="$(mullvad status | grep -Ei 'relay' | awk '{print $2}' | tr '[:upper:]' '[:lower:]')"
+ LOCATION="$(mullvad status | grep -Ei 'location' | cut -d':' -f2 | cut -d'.' -f1 | sed 's/ //g')"
+ IPV4="$(mullvad status | grep 'IPv4' | cut -d':' -f3 | sed 's/ //g')"
+ echo "$IPV4" | grep -q "${homeExternalIPv4}" && LOCATION="home"
+
+ echo "$STATUS" | grep -Eioq 'connected|connecting' && TEXT="{\"text\":\"$STATUS ($LOCATION)\",\"location\":\"$LOCATION\",\"node\":\"$NODE\"}" # || ip address show tailscale0 | grep "global tailscale0" && TEXT="{\"text\":\"tailscale ($LOCATION)\",\"location\":\"$LOCATION\",\"node\":\"$NODE\"}"
+ echo "$STATUS" | grep -Eioq 'disconnected' && TEXT="{\"text\":\"$STATUS\",\"location\":\"$LOCATION\",\"node\":\"$NODE\"}"
+
+ echo "$TEXT"
+ '';
+ };
};
home.packages = with pkgs; [
wf-recorder
diff --git a/modules/security/dnscrypt.nix b/modules/security/dnscrypt.nix
index ca5e4da..3541520 100644
--- a/modules/security/dnscrypt.nix
+++ b/modules/security/dnscrypt.nix
@@ -25,7 +25,7 @@ in
"https://raw.githubusercontent.com/DNSCrypt/dnscrypt-resolvers/master/v3/public-resolvers.md"
"https://download.dnscrypt.info/resolvers-list/v3/public-resolvers.md"
];
- minisign_key = "sha256-LRw8acNa39MUv7XmA0GuheugECcejbN8+GJl2Ra7lpg="; # See https://github.com/DNSCrypt/dnscrypt-resolvers/blob/master/v3/public-resolvers.md
+ minisign_key = "sha256-QIpM9e7dye+EDO9rvlhSbDVLtmcgw8aLtg0DncPHK2s="; # See https://github.com/DNSCrypt/dnscrypt-resolvers/blob/master/v3/public-resolvers.md
cache_file = "/var/lib/dnscrypt/public-resolvers.md";
};
diff --git a/modules/services/mullvad.nix b/modules/services/mullvad.nix
new file mode 100644
index 0000000..85b77bf
--- /dev/null
+++ b/modules/services/mullvad.nix
@@ -0,0 +1,3 @@
+{
+ services.mullvad-vpn.enable = true;
+}
diff --git a/modules/services/ollama.nix b/modules/services/ollama.nix
index 03dd175..928725f 100644
--- a/modules/services/ollama.nix
+++ b/modules/services/ollama.nix
@@ -5,5 +5,5 @@
# loadModels = [ "llama3.2:3b" "deepseek-r1:1.5b"];
acceleration = "rocm"; # nope, 5700XT is too old for this
};
- services.open-webui.enable = true;
+ services.open-webui.enable = false;
}
diff --git a/secrets/sakura/secrets.yaml b/secrets/sakura/secrets.yaml
index b6ee715..79906d4 100644
--- a/secrets/sakura/secrets.yaml
+++ b/secrets/sakura/secrets.yaml
@@ -1,6 +1,7 @@
systemMailerPassword: ENC[AES256_GCM,data:fdCLxxQOPw00kSGrddcr/ZsYWJ9xYPkfxUeS52jA+MNM4dNNfeQ2rhvWKLYpH/6D3/J7CND0UNUVuRLtPdEnU8ct8jkAmYX5nGDm9HAnVScDvbn5dMvaNxg+0o34Fz7E0XbmRM3B6zpzL4T6Odmmd2iRh/cRiz7WBwmKUpcCV3Q=,iv:ddPxnK6f1wEH+xxQLLADO5SdG8YZkbSVlNfan+AA4vs=,tag:WLrQzVsok6dtxSSQH3HHsw==,type:str]
dandelionSyncthingId: ENC[AES256_GCM,data:crzT7Ph2gDYm/LAyEM2yw/THzu+Dv5SBrw17NF42j2jCvGMLaDgdlMAhkJlr7bonnpjII+9/TLjEXtcEIhcd,iv:6e94tT8rCLFxwDWLNj2T/Fx+0yAuhfS2AdjAKJKt/k0=,tag:Ai44ZvRZps4lQ4gLBbfUDw==,type:str]
sakuraSyncthingId: ENC[AES256_GCM,data:/4MQEcCYVsw2ad2WmUn8Y2f/9mUcyjU9l7Z7PorexQfwaIucmfNH1+Z/FF+0wRj4uaUQLqpR29bRl3EQr/ve,iv:FsiLQYuLZ9YvkfqyF3mAV6jW7csZ5+yXx0sN8f768BE=,tag:U/OTuSnjkOeVT6Vdz96bOw==,type:str]
+homeExternalIPv4: ENC[AES256_GCM,data:dn9FTTAUBB23N58=,iv:ktRZexN+P2jDUngN+5hlGB14SgiR/DxQ8ybqFiRTYbo=,tag:d6q9OsBl0218YPvuLMHGyA==,type:str]
sops:
age:
- recipient: age1yzapmznelujajfyrpw5mxmy86ckg377494w5ap4yej39jatewursfxls9w
@@ -12,7 +13,7 @@ sops:
bjBJd2RtdDhkSFlaUzVRTkQyTVpVSDgKoZ7S/izFqmPw3qHT37ws8m2Cmmb8prC/
JaVn8U57G4aRgp1BqXQvpnKA98HT3BwEsMce5LeNvX7kAtdqkU5eRQ==
-----END AGE ENCRYPTED FILE-----
- lastmodified: "2025-08-04T12:32:56Z"
- mac: ENC[AES256_GCM,data:so7buQVx6nUTRYBfCPdITDccVWOjEmfPslkG8+Z0RKkDgIgwH4Aa/GnTkX0WxmB2bbI6/GQ1PhILE4UXTo8O7W0OO10+PWV2AWwngMcog+ggbH7qpd1395Tw0A8KiiXdPXwxFBEZqrYkKmYVyw314H02+h5+Qd3irH0bWqmpGOg=,iv:Sy4wR3GdSJCR1tlAxV2lau7cpLox/CoiGTC5eZoNVos=,tag:W2pv//unvIE0HBuJ0v35GA==,type:str]
+ lastmodified: "2025-12-01T13:34:49Z"
+ mac: ENC[AES256_GCM,data:XldUv7jmveRET1kM2YEFztQeRqyy533YbR80NpLDUkWBOvU03zaFxdkDlbWmReSASdDc/0W/e06IKz8tlR67Fo+yQFTvf8Uie46xMGLFBtsx9gZIPMZr6Kqvn2JyZO4m/O8y6tYDgans5MlHlJH/Hm4LpDKXmKSp8fQLHIpFJuM=,iv:hyovgfW11kLA1/pkg//q4AJBi7U6k06J1AnvVUMFn1Q=,tag:oCKy73zRgYAtk9pf6O4HWQ==,type:str]
unencrypted_suffix: _unencrypted
- version: 3.10.2
+ version: 3.11.0