updates

.sops.yaml

@@ -1,15 +1,22 @@
 keys:
   - &personal_pgp_key 0x141576B17B4AE789
   - &pc_main 0DCB1C584AECEB2674BB76C179FE3B714935CDAB
+  - &venus age1l6v7c5cp6sh6typgskwfufzkn3qw4av7r42z7lqyns6mtupytqhs2fg49u
+  - &personal_age_key age16p54d6tx3mg0htkzj43q2mzpvlqj4gz63mz5qzx8mpsp5zx4xexsszdhuk
 
 creation_rules:
   # This rule applies to any file named 'secrets.yaml' directly in the 'secrets/' directory
   # or 'secrets/github-deploy-key.yaml' etc.
-  - path_regex: "secrets/.*\\.yaml$"
+  - path_regex: "secrets/vpn-config.yaml$"
     key_groups:
       - pgp:
           - *personal_pgp_key
           - *pc_main
+  - path_regex: "secrets/matrix-db.yaml$"
+    key_groups:
+      - age:
+          - *venus
+          - *personal_age_key
         # Add host keys for decryption on the target system
         # sops-nix will automatically pick up the system's SSH host keys
         # as decryption keys if enabled in your NixOS config.

f.nix

@@ -0,0 +1,201 @@
+{
+  config,
+  lib,
+  pkgs,
+  inputs,
+  ...
+}:
+with lib;
+with lib.custom; let
+  cfg = config.wms.hyprland;
+
+  mkService = recursiveUpdate {
+    Unit.PartOf = ["graphical-session.target"];
+    Unit.After = ["graphical-session.target"];
+    Install.WantedBy = ["graphical-session.target"];
+  };
+
+  mod = "SUPER";
+in {
+  options.wms.hyprland = with types; {
+    enable = mkBoolOpt false "Enable Hyprland";
+  };
+
+  config = mkIf cfg.enable {
+    home.packages = with pkgs; [
+      xwayland
+      grim
+      slurp
+    ];
+
+    wayland.windowManager.hyprland = {
+      enable = true;
+      # package = inputs.hyprland.packages.${pkgs.system}.hyprland;
+      xwayland.enable = true;
+
+      systemd = {
+        enable = false;
+        enableXdgAutostart = true;
+      };
+    };
+    imports = [./conf/binds.nix];
+    wayland.windowManager.hyprland.settings = with colors; {
+      exec-once = [
+        # "dbus-update-activation-environment --systemd WAYLAND_DISPLAY XDG_CURRENT_DESKTOP"
+        # "systemctl --user import-environment WAYLAND_DISPLAY XDG_CURRENT_DESKTOP"
+        "zen"
+        "vesktop"
+        "cider-2"
+        "networkmanagerapplet"
+        "[workspace 9 silent] kitty"
+        "[workspace 9 silent] kitty"
+        "[workspace 9 silent] kitty"
+        "[workspace 10 silent] kitty"
+      ];
+
+      env = [
+        "XDG_SESSION_TYPE,wayland"
+        "XDG_SESSION_DESKTOP,Hyprland"
+        "XDG_CURRENT_DESKTOP,Hyprland"
+      ];
+
+      general = {
+        # gaps
+        gaps_in = 2;
+        gaps_out = 4;
+
+        # border thiccness
+        border_size = 2;
+
+        # active border color
+        "col.active_border" = "rgb(${rose})";
+        "col.inactive_border" = "rgb(${muted})";
+      };
+
+      input = {
+        kb_layout = "us,ru(phonetic)";
+        kb_options = grp:win_space_toggle;
+        sensitivity = 0; # -1.0 - 1.0, 0 means no modification.
+        accel_profile = "flat";
+        force_no_accel = false;
+      };
+
+      dwindle = {
+        force_split = 2;
+      };
+
+      decoration = {
+        # fancy corners
+        rounding = 6;
+        # blur
+        blur = {
+          enabled = true;
+          size = 8;
+          passes = 2;
+          new_optimizations = 1;
+          contrast = 1;
+          brightness = 1;
+        };
+
+        shadow = {
+          # shadow config
+          enabled = false;
+          # range = 60;
+          # render_power = 5;
+          # color = "rgba(07061f29)";
+        };
+      };
+
+      misc = {
+        # disable redundant renders
+        disable_splash_rendering = true;
+        force_default_wallpaper = 0;
+        disable_hyprland_logo = true;
+
+        vfr = false;
+        vrr = 2;
+
+        # dpms
+        # mouse_move_enables_dpms = true; # enable dpms on mouse/touchpad action
+        # key_press_enables_dpms = true; # enable dpms on keyboard action
+        disable_autoreload = true; # autoreload is unnecessary on nixos, because the config is readonly anyway
+      };
+
+      xwayland = {
+        force_zero_scaling = true;
+      };
+
+      cursor = {
+        no_hardware_cursors = true;
+      };
+
+      monitor = ["DP-1,1920x1080@165,0x0,1"];
+
+      layerrule = [
+        "blur, ^(gtk-layer-shell)$"
+        "blur, ^(launcher)$"
+        "ignorezero, ^(gtk-layer-shell)$"
+        "ignorezero, ^(launcher)$"
+        "blur, notifications"
+        "ignorezero, notificatios"
+        "blur, bar"
+        "ignorezero, bar"
+        "ignorezero, ^(gtk-layer-shell|anyrun)$"
+        "blur, ^(gtk-layer-shell|anyrun)$"
+        "noanim, launcher"
+        "noanim, bar"
+      ];
+      workspace = [
+        "1,monitor:DP-1"
+        "2,monitor:DP-1"
+        "3,monitor:DP-1"
+        "9,monitor:DP-1"
+        "10,monitor:DP-1"
+      ];
+      windowrulev2 = [
+        # only allow shadows for floating windows
+        "noshadow, floating:0"
+        "tile, title:Cider"
+
+        "idleinhibit focus, class:^(mpv)$"
+
+        "float, title:^(Picture-in-Picture)$"
+        "pin, title:^(Picture-in-Picture)$"
+
+        "float,class:udiskie"
+
+        # "workspace special silent,class:^(pavucontrol)$"
+
+        "float, class:^(imv)$"
+
+        # throw sharing indicators away
+        "workspace special silent, title:^(Firefox — Sharing Indicator)$"
+        "workspace special silent, title:^(.*is sharing (your screen|a window)\.)$"
+
+        # specify what applications start on (at boot and normal startup of the app)
+        "workspace 2, class:^(vesktop)$"
+        "workspace 3, class:^(cider)$"
+        "workspace 4, class:^(zen)"
+      ];
+    };
+
+    # # fake a tray to let apps start
+    # # https://github.com/nix-community/home-manager/issues/2064
+    # systemd.user.targets.tray = {
+    #   Unit = {
+    #     Description = "Home Manager System Tray";
+    #     Requires = ["graphical-session-pre.target"];
+    #   };
+    # };
+
+    systemd.user.services = {
+      swaybg = mkService {
+        Unit.Description = "Wallpaper chooser";
+        Service = {
+          ExecStart = "${getExe pkgs.swaybg} -i ${wallpaper}";
+          Restart = "always";
+        };
+      };
+    };
+  };
+}

fix-niri-nvidia.patch

@@ -1,31 +0,0 @@
-diff --git a/src/backend/tty.rs b/src/backend/tty.rs
-index 1f0eae32..97cd058b 100644
---- a/src/backend/tty.rs
-+++ b/src/backend/tty.rs
-@@ -2220,16 +2220,16 @@ fn surface_dmabuf_feedback(
-     // planes.
-     let scanout = builder
-         .clone()
--        .add_preference_tranche(
--            surface_render_node.dev_id(),
--            Some(TrancheFlags::Scanout),
--            primary_scanout_formats,
--        )
--        .add_preference_tranche(
--            surface_render_node.dev_id(),
--            Some(TrancheFlags::Scanout),
--            primary_or_overlay_scanout_formats,
--        )
-+        // .add_preference_tranche(
-+        //     surface_render_node.dev_id(),
-+        //     Some(TrancheFlags::Scanout),
-+        //     primary_scanout_formats,
-+        // )
-+        // .add_preference_tranche(
-+        //     surface_render_node.dev_id(),
-+        //     Some(TrancheFlags::Scanout),
-+        //     primary_or_overlay_scanout_formats,
-+        // )
-         .build()?;
- 
-     // If this is the primary node surface, send scanout formats in both tranches to avoid

flake.nix

@@ -47,6 +47,12 @@
 
     pnpm2nix.url = "github:nzbr/pnpm2nix-nzbr";
 
+    dms.url = "github:AvengeMedia/DankMaterialShell";
+    dms.inputs.nixpkgs.follows = "nixpkgs";
+
+    nix-matrix-modules.url = "github:D4ndellion/nixos-matrix-modules";
+    nix-matrix-modules.inputs.nixpkgs.follows = "nixpkgs";
+
     solaar = {
       url = "github:Svenum/Solaar-Flake/main"; # Uncomment line for latest unstable version
       inputs.nixpkgs.follows = "nixpkgs";
@@ -60,7 +66,7 @@
     blog.url = "git+https://code.zoeys.cloud/zoey/web.git";
 
     lanzaboote = {
-      url = "github:nix-community/lanzaboote/v0.4.2";
+      url = "github:nix-community/lanzaboote/v0.4.3";
 
       # Optional but recommended to limit the size of your system closure.
       inputs.nixpkgs.follows = "nixpkgs";
@@ -133,29 +139,19 @@
       inputs.nixpkgs.follows = "nixpkgs";
     };
 
-    rust-overlay = {
-      url = "github:oxalica/rust-overlay";
-      inputs.nixpkgs.follows = "nixpkgs";
-    };
-
     disko.url = "github:nix-community/disko";
     disko.inputs.nixpkgs.follows = "nixpkgs";
 
-    # niri-src.url = "github:YaLTeR/niri";
+    niri-src.url = "github:YaLTeR/niri";
-    # niri-src.inputs.nixpkgs.follows = "nixpkgs";
-
-    niri-src.url = "github:visualglitch91/niri/feat/blur";
     niri-src.inputs.nixpkgs.follows = "nixpkgs";
 
-    quickshell = {
+    # niri-src.url = "github:visualglitch91/niri/feat/blur";
-      url = "git+https://git.outfoxxed.me/outfoxxed/quickshell";
+    # niri-src.inputs.nixpkgs.follows = "nixpkgs";
-
-      inputs.nixpkgs.follows = "nixpkgs";
-    };
 
     niri.url = "github:sodiboo/niri-flake";
 
     chaotic.url = "github:chaotic-cx/nyx";
+    lazyvim.url = "github:pfassina/lazyvim-nix";
 
     vpn-confinement.url = "github:Maroka-chan/VPN-Confinement";
   };
@@ -166,22 +162,22 @@
       src = ./.;
 
       overlays = with inputs; [
-        rust-overlay.overlays.default
+        # rust-overlay.overlays.default
         (final: prev: {
           ghostty = ghostty.packages."x86_64-linux".default;
         })
-        (final: prev: {
+        # (final: prev: {
-          shadps4 = prev.shadps4.overrideAttrs {
+        #   shadps4 = prev.shadps4.overrideAttrs {
-            src = prev.fetchFromGitHub {
+        #     src = prev.fetchFromGitHub {
-              owner = "shadps4-emu";
+        #       owner = "shadps4-emu";
-              repo = "shadPS4";
+        #       repo = "shadPS4";
-              rev = "41b39428335025e65f9e707ed8d5a9a1b09ba942";
+        #       rev = "41b39428335025e65f9e707ed8d5a9a1b09ba942";
-              hash = "sha256-5oe2By8TjJJIVubkp5lzqx2slBR7hxIHV4wZLgRYKl8=";
+        #       hash = "sha256-5oe2By8TjJJIVubkp5lzqx2slBR7hxIHV4wZLgRYKl8=";
-              fetchSubmodules = true;
+        #       fetchSubmodules = true;
-            };
+        #     };
-            patches = [];
+        #     patches = [];
-          };
+        #   };
-        })
+        # })
         niri.overlays.niri
       ];
 
@@ -200,6 +196,9 @@
         spicetify-nix.homeManagerModules.default
         catppuccin.homeModules.default
         ags.homeManagerModules.default
+        dms.homeModules.dankMaterialShell.default
+        dms.homeModules.dankMaterialShell.niri
+        lazyvim.homeManagerModules.default
       ];
 
       systems.modules.nixos = with inputs; [
@@ -215,7 +214,7 @@
         disko.nixosModules.disko
         niri.nixosModules.niri
         chaotic.nixosModules.default
-
+        nix-matrix-modules.nixosModules.default
         vpn-confinement.nixosModules.default
       ];
 

homes/x86_64-linux/aspect@pluto/default.nix

@@ -53,12 +53,10 @@
 
   programs.cava = {
     enable = true;
-    catppuccin.enable = true;
   };
 
   programs.btop = {
     enable = true;
-    catppuccin.enable = true;
     extraConfig = ''
       update_ms = 100
       vim_keys = true
@@ -67,11 +65,9 @@
 
   programs.lazygit = {
     enable = true;
-    catppuccin.enable = true;
   };
 
   programs.fzf = {
     enable = true;
-    catppuccin.enable = true;
   };
 }

homes/x86_64-linux/zack@pluto/default.nix

@@ -52,12 +52,10 @@
 
   programs.cava = {
     enable = true;
-    catppuccin.enable = true;
   };
 
   programs.btop = {
     enable = true;
-    catppuccin.enable = true;
     extraConfig = ''
       update_ms = 100
       vim_keys = true
@@ -66,11 +64,9 @@
 
   programs.lazygit = {
     enable = true;
-    catppuccin.enable = true;
   };
 
   programs.fzf = {
     enable = true;
-    catppuccin.enable = true;
   };
 }

homes/x86_64-linux/zoey@earth/default.nix

@@ -7,6 +7,7 @@
 }: {
   wms.hyprland.enable = false;
   wms.niri.enable = true;
+
   apps = {
     web.librewolf.enable = true;
     web.librewolf.setDefault = true;
@@ -29,14 +30,13 @@
     term.alacritty.enable = true;
     term.ghostty.enable = true;
 
-    music.spotify.enable = true;
     video.mpv.enable = true;
 
     mail.aerc.enable = true;
 
     helpers = {
-      waybar.enable = true;
+      waybar.enable = false;
-      swaync.enable = true;
+      swaync.enable = false;
     };
   };
 
@@ -62,14 +62,38 @@
     };
   };
 
-  programs.distrobox = {
+  catppuccin.vivid.enable = false;
+
+  programs = {
+    dankMaterialShell = {
       enable = true;
-    containers = {
+
-      proton-tkg = {
+      niri.enableKeybinds = true;
-        image = "archlinux";
+      systemd.enable = true;
-        additional_packages = "build-essential git";
+
+      enableCalendarEvents = true;
+      enableDynamicTheming = true;
+      enableSystemMonitoring = true;
+      enableAudioWavelength = true;
     };
   };
+
+  systemd.user.services.polkit-gnome-authentication-agent-1 = {
+    Unit = {
+      Description = "polkit-gnome-authentication-agent-1";
+      Wants = ["graphical-session.target"];
+      After = ["graphical-session.target"];
+    };
+    Install = {
+      WantedBy = ["graphical-session.target"];
+    };
+    Service = {
+      Type = "simple";
+      ExecStart = "${pkgs.polkit_gnome}/libexec/polkit-gnome-authentication-agent-1";
+      Restart = "on-failure";
+      RestartSec = 1;
+      TimeoutStopSec = 10;
+    };
   };
 
   catppuccin.mako.enable = false;
@@ -154,10 +178,13 @@
     awscli2
     monero-cli
 
+    tidal-hifi
+
     pandoc
     cider-2
 
     feather
+    prismlauncher
 
     qt6Packages.qt5compat
     libsForQt5.qt5.qtgraphicaleffects
@@ -185,8 +212,6 @@
     heroic
     cartridges
 
-    custom.nvidia-nsight
-
     custom.enc
 
     neural-amp-modeler-lv2
@@ -236,7 +261,7 @@
     starfetch
     lib.custom.nixos-stable.kiwix
 
-    mpc-cli
+    mpc
     zathura
     gpgme.dev
 
@@ -254,7 +279,7 @@
     man-pages
     man-pages-posix
 
-    ardour
+    devenv
   ];
 
   programs.thunderbird = {
@@ -324,7 +349,7 @@
   services = {
     gpg-agent = {
       enable = true;
-      pinentryPackage = lib.mkForce pkgs.pinentry-gnome3;
+      pinentry.package = lib.mkForce pkgs.pinentry-gnome3;
       enableSshSupport = true;
       enableZshIntegration = true;
       enableFishIntegration = true;

homes/x86_64-linux/zoey@pluto/default.nix

@@ -52,12 +52,10 @@
 
   programs.cava = {
     enable = true;
-    catppuccin.enable = true;
   };
 
   programs.btop = {
     enable = true;
-    catppuccin.enable = true;
     extraConfig = ''
       update_ms = 100
       vim_keys = true
@@ -66,11 +64,9 @@
 
   programs.lazygit = {
     enable = true;
-    catppuccin.enable = true;
   };
 
   programs.fzf = {
     enable = true;
-    catppuccin.enable = true;
   };
 }

homes/x86_64-linux/zoey@venus/default.nix

@@ -50,22 +50,22 @@
     options = ["--cmd cd"];
   };
 
+  catppuccin.btop.enable = true;
   programs.btop = {
     enable = true;
-    catppuccin.enable = true;
     extraConfig = ''
       update_ms = 100
       vim_keys = true
     '';
   };
 
+  catppuccin.lazygit.enable = true;
   programs.lazygit = {
     enable = true;
-    catppuccin.enable = true;
   };
 
+  catppuccin.fzf.enable = true;
   programs.fzf = {
     enable = true;
-    catppuccin.enable = true;
   };
 }

modules/home/apps/helpers/waybar/default.nix

@@ -81,7 +81,7 @@ in {
           passthrough = false;
           "fixed-center" = true;
           "modules-left" = ["hyprland/workspaces" "hyprland/window" "niri/workspaces" "niri/window" "network#speed" "custom/cava-system" "custom/cava-tt"];
-          "modules-center" = ["custom/spotify"];
+          "modules-center" = ["mpris"];
           "modules-right" = [
             "cpu"
             "memory"
@@ -99,15 +99,6 @@ in {
             "custom/power"
           ];
 
-          "custom/spotify" = {
-            format = "{}";
-            "return-type" = "json";
-            "on-click" = "${lib.getExe inputs.ciderd.packages.${pkgs.system}.default} play-pause";
-            "on-click-right" = "${lib.getExe inputs.ciderd.packages.${pkgs.system}.default} like";
-            "on-click-middle" = "${lib.getExe inputs.ciderd.packages.${pkgs.system}.default} skip";
-            exec = "${lib.getExe inputs.ciderd.packages.${pkgs.system}.default} monitor";
-          };
-
           "custom/mullvad" = {
             format = "{}";
             return-type = "json";
@@ -145,7 +136,7 @@ in {
           };
 
           mpris = {
-            player = "spotify";
+            player = "chromium";
             "dynamic-order" = ["artist" "title"];
             format = "{player_icon} {dynamic}";
             "format-paused" = "{status_icon} <i>{dynamic}</i>";

modules/home/apps/term/alacritty/default.nix

@@ -66,9 +66,10 @@ in {
   };
 
   config = mkIf cfg.enable {
+    catppuccin.alacritty.enable = true;
+
     programs.alacritty = {
       enable = true;
-      catppuccin.enable = true;
 
       settings = {
         colors = {

modules/home/apps/term/kitty/default.nix

@@ -14,20 +14,20 @@ in {
   };
 
   config = mkIf cfg.enable {
+    catppuccin.kitty.enable = true;
+
     programs.kitty = {
       enable = true;
       extraConfig = ''
-        font_family      family='Berkeley Mono' style='Regular ExtraCondensed'
+        font_family      family='Berkeley Mono' style='Retina ExtraCondensed'
-        bold_font        family='Berkeley Mono' style='Retina ExtraCondensed'
+        bold_font        family='Berkeley Mono' style='SemiBold ExtraCondensed'
-        italic_font      family='Berkeley Mono' style='Regular ExtraCondensed'
+        italic_font      family='Berkeley Mono' style='Retina ExtraCondensed'
-        bold_italic_font family='Berkeley Mono' style='Retina ExtraCondensed'
+        bold_italic_font family='Berkeley Mono' style='SemiBold ExtraCondensed'
       '';
 
-      catppuccin.enable = true;
-
       settings = {
         window_padding_width = 20;
-        background_opacity = "0.9";
+        # background_opacity = "0.9";
 
         font_hinting = "slight";
 

modules/home/apps/tools/bat/default.nix

@@ -14,11 +14,11 @@ in {
   };
 
   config = mkIf cfg.enable {
+    catppuccin.bat.enable = true;
+
     programs.bat = {
       enable = true;
 
-      catppuccin.enable = true;
-
       config = {
         pager = "less -FR";
       };

modules/home/apps/tools/git/default.nix

@@ -17,11 +17,18 @@ in {
   };
 
   config = mkIf cfg.enable {
-    home.packages = with pkgs; [zsh-forgit gitflow];
+    home.packages = with pkgs; [
+      zsh-forgit
+      gitflow
+    ];
+
+    programs.delta = {
+      enable = true;
+      enableGitIntegration = true;
+    };
+
     programs.git = {
       enable = true;
-      userName = "zack";
-      userEmail = "hi@zoeys.computer";
       ignores = [
         ".cache/"
         ".DS_Store"
@@ -38,8 +45,15 @@ in {
         key = cfg.signingKey;
         signByDefault = cfg.signByDefault;
       };
-      extraConfig = {
+      lfs.enable = true;
-        init = {defaultBranch = "main";};
+      settings = {
+        user = {
+          name = "zack";
+          email = "hi@zoeys.computer";
+        };
+        init = {
+          defaultBranch = "main";
+        };
         delta = {
           options.map-styles = "bold purple => syntax #ca9ee6, bold cyan => syntax #8caaee";
           line-numbers = true;
@@ -64,10 +78,7 @@ in {
           smtpencryption = "ssl";
           smtpserverport = 465;
         };
-      };
+        alias = {
-      lfs.enable = true;
-      delta.enable = true;
-      aliases = {
           essa = "push --force";
           co = "checkout";
           fuck = "commit --amend -m";
@@ -87,12 +98,11 @@ in {
           st = "status";
           br = "branch";
           df = "!git hist | peco | awk '{print $2}' | xargs -I {} git diff {}^ {}";
-        hist = ''
+          hist = ''log --pretty=format:"%Cgreen%h %Creset%cd %Cblue[%cn] %Creset%s%C(yellow)%d%C(reset)" --graph --date=relative --decorate --all'';
-          log --pretty=format:"%Cgreen%h %Creset%cd %Cblue[%cn] %Creset%s%C(yellow)%d%C(reset)" --graph --date=relative --decorate --all'';
+          llog = ''log --graph --name-status --pretty=format:"%C(red)%h %C(reset)(%cd) %C(green)%an %Creset%s %C(yellow)%d%Creset" --date=relative'';
-        llog = ''
-          log --graph --name-status --pretty=format:"%C(red)%h %C(reset)(%cd) %C(green)%an %Creset%s %C(yellow)%d%Creset" --date=relative'';
           edit-unmerged = "!f() { git ls-files --unmerged | cut -f2 | sort -u ; }; hx `f`";
         };
       };
     };
+  };
 }

modules/home/apps/tools/neovim/config/lazyvim.json

@@ -14,6 +14,7 @@
     "lazyvim.plugins.extras.lang.svelte",
     "lazyvim.plugins.extras.lang.tailwind",
     "lazyvim.plugins.extras.lang.go",
+    "lazyvim.plugins.extras.lang.php",
     "lazyvim.plugins.extras.lang.typescript",
     "lazyvim.plugins.extras.test.core",
     "lazyvim.plugins.extras.util.rest",

modules/home/apps/tools/neovim/config/lua/config/options.lua

@@ -3,12 +3,9 @@
 -- Add any additional options here
 
 if vim.g.neovide then
-  -- Put anything you want to happen only in Neovide here
   vim.o.guifont = "Iosevka,Noto_Color_Emoji:h14:b"
 end
 
--- in this case.
-vim.g.lazyvim_blink_main = true
 vim.g.snacks_animate = false
 vim.o.termguicolors = true
 
@@ -18,7 +15,6 @@ vim.diagnostic.config({
   float = { border = "none" },
 })
 
--- Use crisp single-line borders in LSP handlers
 local border = "none"
 local handlers = vim.lsp.handlers
 handlers["textDocument/hover"] = vim.lsp.with(handlers.hover, { border = border })

modules/home/apps/tools/neovim/config/lua/plugins/core.lua

@@ -2,17 +2,13 @@ return {
   {
     "LazyVim/LazyVim",
     opts = {
-      colorscheme = "catppuccin-mocha",
+      colorscheme = "catppuccin",
       news = { lazyvim = false },
     },
   },
   {
     "catppuccin",
     opts = function(_, opts)
-      local module = require("catppuccin.groups.integrations.bufferline")
-      if module then
-        module.get = module.get_theme
-      end
       opts.transparent_background = true
       opts.flavour = "mocha"
       opts.no_bold = true

modules/home/apps/tools/neovim/config/lua/plugins/mini.ai.lua

@@ -1,4 +1,4 @@
 return {
-  "echasnovski/mini.ai",
+  "nvim-mini/mini.ai",
   version = false,
 }

modules/home/apps/tools/neovim/default.nix

@@ -27,15 +27,20 @@ with lib.custom; let
   in
     result;
 
-  pluginList = plugins: strings.concatMapStrings (plugin: "  [\"${sanitizePluginName plugin.name}\"] = \"${plugin.outPath}\",\n") plugins;
+  pluginList = plugins:
+    strings.concatMapStrings (
+      plugin: "  [\"${sanitizePluginName plugin.name}\"] = \"${plugin.outPath}\",\n"
+    )
+    plugins;
 in {
   options.apps.tools.neovim = with types; {
     enable = mkBoolOpt false "Enable Neovim";
   };
 
   config = mkIf cfg.enable {
+    catppuccin.nvim.enable = false;
+
     programs.neovim = {
-      catppuccin.enable = false;
       enable = true;
       defaultEditor = true;
       package = inputs.neovim-nightly-overlay.packages.${pkgs.system}.default;
@@ -55,22 +60,21 @@ in {
         # LSP
         lua-language-server
         nixd
-        (pkgs.rust-bin.selectLatestNightlyWith
-          (toolchain: toolchain.default))
         rust-analyzer
         nodePackages.typescript-language-server
         #nodePackages.astro-language-server
         nodePackages.bash-language-server
         nodePackages.svelte-language-server
         tailwindcss-language-server
+        vtsls
         taplo
         docker-compose-language-service
-        dockerfile-language-server-nodejs
+        dockerfile-language-server
         haskellPackages.hadolint
         shellcheck
         markdownlint-cli2
         shfmt
-        sqlfluff
+        # sqlfluff
         go
 
         tailwindcss-language-server
@@ -88,7 +92,6 @@ in {
         fswatch # File watcher utility, replacing libuv.fs_event for neovim 10.0
         sqlite
         postgresql
-        mongosh
         # vscode-extensions.vadimcn.vscode-lldb.adapter
       ];
       plugins = with pkgs.vimPlugins; [

modules/home/apps/web/floorp/default.nix

@@ -11,8 +11,8 @@ with lib.custom; let
   natsumi = pkgs.fetchFromGitHub {
     owner = "greeeen-dev";
     repo = "natsumi-browser";
-    rev = "c99affebd8c095c5416e248605557c32636c6476";
+    rev = "v5.7.1";
-    hash = "sha256-5x/XLMEUb9go9Qh2E9E9UR+tSwAfR4SlvWHKq+S9A7E=";
+    hash = "sha256-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=";
   };
 in {
   options.apps.web.floorp = with types; {

modules/home/apps/web/librewolf/default.nix

@@ -12,8 +12,8 @@ with lib.custom; let
   natsumi = pkgs.fetchFromGitHub {
     owner = "greeeen-dev";
     repo = "natsumi-browser";
-    rev = "1300fd5751f4b366b0c8ec668e99ce55b1593d7b";
+    rev = "v5.7.1";
-    hash = "sha256-08oflxcLAYoQV4O4JeWhG4JRIYcNROKdbEDNSxzK4JU=";
+    hash = "sha256-t5xVpFRV2qq5uJRGk7V50EiPnsxbd2cyeKPJYqg/LF0=";
   };
 in {
   options.apps.web.librewolf = with types; {

modules/home/rice/gtk/default.nix

@@ -15,7 +15,7 @@ in {
   };
 
   config = mkIf cfg.enable {
-    catppuccin.pointerCursor.enable = true;
+    catppuccin.cursors.enable = true;
 
     home.pointerCursor = {
       gtk.enable = true;

modules/home/services/hypridle/default.nix

@@ -15,9 +15,10 @@ in {
   };
 
   config = mkIf (cfg.enable && !pkgs.stdenv.isDarwin) {
+    catppuccin.swaylock.enable = false;
+
     programs.swaylock = {
       enable = true;
-      catppuccin.enable = false;
       package = pkgs.swaylock-effects;
       settings = with colors; {
         clock = true;

modules/home/shells/aliases.nix

@@ -16,7 +16,7 @@ with pkgs; {
   untar = "tar -xvf";
   untargz = "tar -xzf";
   MANPAGER = "sh -c 'col -bx | bat -l man -p'";
-  du = getExe du-dust;
+  du = getExe dust;
   ps = getExe procs;
   lb = "pw-loopback -C \"alsa_input.pci-0000_0d_00.4.analog-stereo\" -P \"Scarlett Solo (3rd Gen.) Headphones / Line 1-2\"";
   deploy = "nixos-rebuild switch --flake ~/nixos#pluto --target-host zoeys.computer --use-remote-sudo";
@@ -28,6 +28,8 @@ with pkgs; {
   la = "${getExe eza} -lah --tree";
   ls = "${getExe eza} -h --git --icons --color=auto --group-directories-first -s extension";
   tree = "${getExe eza} --tree --icons --tree";
+  ns = "nh os switch -- --cores 8 --max-jobs 1";
+  nsu = "nh os switch --update -- --cores 8 --max-jobs 1";
   kys = "shutdown now";
   # w = ''| nvim -c "setlocal buftype=nofile bufhidden=wipe" -c "nnoremap <buffer> q :q!<CR>" -'';
   lv = "nvim -c \"normal '\''0\"";

modules/home/shells/fish/default.nix

@@ -91,7 +91,7 @@ in {
         fzf
 
         # dns client
-        dogdns
+        doggo
 
         # neofetch but for git repos
         onefetch
@@ -114,9 +114,6 @@ in {
         imagemagick
         ffmpeg-full
 
-        # preview images in terminal
-        catimg
-
         # networking stuff
         nmap
         wget

modules/home/shells/nu/aliases.nix

@@ -16,7 +16,7 @@ with pkgs; {
   untar = "tar -xvf";
   untargz = "tar -xzf";
   MANPAGER = "sh -c 'col -bx | bat -l man -p'";
-  du = getExe du-dust;
+  du = getExe dust;
   lb = "pw-loopback -C \"alsa_input.pci-0000_0d_00.4.analog-stereo\" -P \"Scarlett Solo (3rd Gen.) Headphones / Line 1-2\"";
   deploy = "nixos-rebuild switch --flake ~/nixos#pluto --target-host zoeys.computer --use-remote-sudo";
   m = "mkdir";

modules/home/shells/nu/default.nix

@@ -53,7 +53,7 @@ in {
         ripgrep
         gping
         fzf
-        dogdns
+        doggo
         onefetch
         cpufetch
         yt-dlp
@@ -62,7 +62,6 @@ in {
         hyperfine
         imagemagick
         ffmpeg-full
-        catimg
         nmap
         wget
         fd

modules/home/shells/zsh/default.nix

@@ -92,7 +92,7 @@ in {
         gping
 
         # dns client
-        dogdns
+        doggo
 
         # neofetch but for git repos
         onefetch
@@ -115,9 +115,6 @@ in {
         imagemagick
         ffmpeg-full
 
-        # preview images in terminal
-        catimg
-
         # networking stuff
         nmap
         wget

modules/nixos/hardware/audio/default.nix

@@ -24,39 +24,9 @@ in {
       jack.enable = true;
     };
 
-    systemd.user.services.cava-combine-inputs = {
+    services.pipewire.extraConfig.pipewire."92-low-latency" = {
-      description = "Combine MOTU M4 Line Inputs L/R for Cava";
+      "context.properties" = {
-
+        "default.clock.rate" = 192000;
-      # Ensure this runs after pipewire-pulse is started
-      after = ["pipewire-pulse.service"];
-      wants = ["pipewire-pulse.service"]; # Start pipewire-pulse if not already running
-
-      # Make it part of the default user session target
-      wantedBy = ["default.target"];
-
-      # Service configuration details
-      serviceConfig = {
-        Type = "oneshot"; # Run the command once and exit
-        # Use RemainAfterExit if you want the service to show as 'active' after running
-        # RemainAfterExit = true;
-
-        # Command to execute. Use full paths for robustness.
-        # We use sh -c to run multiple commands sequentially.
-        # pactl is provided by the pulseaudio package.
-        ExecStart = "${pkgs.writeShellScriptBin "cava-start" ''
-          echo "Attempting to load Cava combine modules..."
-          # Load null sink (returns non-zero if it fails AND module doesn't exist)
-          ${pkgs.pulseaudio}/bin/pactl load-module module-null-sink sink_name=cava-line-in sink_properties=device.description="Cava_Combined_LineIn"
-          # Load loopbacks (returns non-zero on failure)
-          ${pkgs.pulseaudio}/bin/pactl load-module module-loopback source="alsa_input.usb-MOTU_M4_M4MA03F7DV-00.HiFi__Line3__source" sink=cava-line-in latency_msec=10
-          ${pkgs.pulseaudio}/bin/pactl load-module module-loopback source="alsa_input.usb-MOTU_M4_M4MA03F7DV-00.HiFi__Line4__source" sink=cava-line-in latency_msec=10
-          echo "Finished loading Cava combine modules (ignore errors if already loaded)."
-          # Exit successfully even if modules were already loaded (pactl might return 0)
-          exit 0
-        ''}/bin/cava-start";
-
-        # Prevent service from restarting automatically
-        Restart = "no";
       };
     };
   };

modules/nixos/hardware/gpu-passthru/default.nix

@@ -110,14 +110,6 @@ with lib.custom; let
   libvirtd-cfg = config.virtualisation.libvirtd;
 
   qemuConfigFile = pkgs.writeText "qemu.conf" ''
-    ${optionalString libvirtd-cfg.qemu.ovmf.enable ''
-      nvram = [
-        "/run/libvirt/nix-ovmf/AAVMF_CODE.fd:/run/libvirt/nix-ovmf/AAVMF_VARS.fd",
-        "/run/libvirt/nix-ovmf/AAVMF_CODE.ms.fd:/run/libvirt/nix-ovmf/AAVMF_VARS.ms.fd",
-        "/run/libvirt/nix-ovmf/OVMF_CODE.fd:/run/libvirt/nix-ovmf/OVMF_VARS.fd",
-        "/run/libvirt/nix-ovmf/OVMF_CODE.ms.fd:/run/libvirt/nix-ovmf/OVMF_VARS.ms.fd"
-      ]
-    ''}
     ${optionalString (!libvirtd-cfg.qemu.runAsRoot) ''
       user = "qemu-libvirtd"
       group = "qemu-libvirtd"
@@ -162,16 +154,6 @@ in {
         package = pkgs.qemu_kvm;
         runAsRoot = true;
         swtpm.enable = true;
-        ovmf = {
-          enable = true;
-          packages = [
-            (pkgs.OVMF.override {
-              secureBoot = true;
-              tpmSupport = true;
-            })
-            .fd
-          ];
-        };
       };
     };
 
@@ -217,20 +199,6 @@ in {
       done
 
       ln -s --force ${libvirtd-cfg.qemu.package}/bin/qemu-pr-helper /run/${dirName}/nix-helpers/
-
-      ${optionalString libvirtd-cfg.qemu.ovmf.enable (
-        let
-          ovmfpackage = pkgs.buildEnv {
-            name = "qemu-ovmf";
-            paths = libvirtd-cfg.qemu.ovmf.packages;
-          };
-        in ''
-          ln -s --force ${ovmfpackage}/FV/AAVMF_CODE{,.ms}.fd /run/${dirName}/nix-ovmf/
-          ln -s --force ${ovmfpackage}/FV/OVMF_CODE{,.ms}.fd /run/${dirName}/nix-ovmf/
-          ln -s --force ${ovmfpackage}/FV/AAVMF_VARS{,.ms}.fd /run/${dirName}/nix-ovmf/
-          ln -s --force ${ovmfpackage}/FV/OVMF_VARS{,.ms}.fd /run/${dirName}/nix-ovmf/
-        ''
-      )}
     '';
 
     system.activationScripts.libvirt-hooks.text = ''

modules/nixos/hardware/nvidia/default.nix

@@ -44,12 +44,12 @@ in {
 
       # Optionally, you may need to select the appropriate driver version for your specific GPU.
       package = config.boot.kernelPackages.nvidiaPackages.mkDriver {
-        version = "580.82.07";
+        version = "580.82.09";
-        sha256_64bit = "sha256-Bh5I4R/lUiMglYEdCxzqm3GLolQNYFB0/yJ/zgYoeYw=";
+        sha256_64bit = "sha256-Puz4MtouFeDgmsNMKdLHoDgDGC+QRXh6NVysvltWlbc=";
-        sha256_aarch64 = "sha256-or3//aV4TQcPDgcLxFB75H/kB8n+3RzwTO1C2ZbJAJI=";
+        sha256_aarch64 = "sha256-6tHiAci9iDTKqKrDIjObeFdtrlEwjxOHJpHfX4GMEGQ=";
-        openSha256 = "sha256-8/7ZrcwBMgrBtxebYtCcH5A51u3lAxXTCY00LElZz08=";
+        openSha256 = "sha256-YB+mQD+oEDIIDa+e8KX1/qOlQvZMNKFrI5z3CoVKUjs=";
-        settingsSha256 = "sha256-lx1WZHsW7eKFXvi03dAML6BoC5glEn63Tuiz3T867nY=";
+        settingsSha256 = "sha256-um53cr2Xo90VhZM1bM2CH4q9b/1W2YOqUcvXPV6uw2s=";
-        persistencedSha256 = "sha256-1JCk2T3H5NNFQum0gA9cnio31jc0pGvfGIn2KkAz9kA=";
+        persistencedSha256 = "sha256-lbYSa97aZ+k0CISoSxOMLyyMX//Zg2Raym6BC4COipU=";
       };
     };
 

modules/nixos/protocols/wayland/default.nix

@@ -27,8 +27,8 @@ in {
       };
     };
 
-    services.xserver.displayManager.gdm.enable = false;
+    services.displayManager.gdm.enable = false;
-    services.xserver.displayManager.gdm.wayland = true;
+    services.displayManager.gdm.wayland = true;
 
     # services.displayManager.sddm.enable = true;
     # services.displayManager.sddm.package = lib.mkForce pkgs.kdePackages.sddm;

modules/nixos/services/crypto/default.nix

@@ -14,18 +14,18 @@ in {
   config = mkIf cfg.enable {
     services.wg-container.enable = true;
 
-    systemd.services.monero.vpnConfinement = {
+    # systemd.services.monero.vpnConfinement = {
-      enable = true;
+    #   enable = true;
-      vpnNamespace = "wg";
+    #   vpnNamespace = "wg";
-    };
+    # };
-
+    #
-    services.monero = {
+    # services.monero = {
-      enable = true;
+    #   enable = true;
-      mining.enable = false;
+    #   mining.enable = false;
-      rpc = {address = "192.168.15.1";};
+    #   rpc = {address = "192.168.15.1";};
-      extraConfig = ''
+    #   extraConfig = ''
-        confirm-external-bind=1
+    #     confirm-external-bind=1
-      '';
+    #   '';
-    };
+    # };
   };
 }

modules/nixos/services/mail/default.nix

@@ -33,7 +33,7 @@ in {
       gitlab-email-pw-hashed.file = ./sec/gitlab-email-pw-hashed.age;
     };
 
-    mailserver = {
+    mailserver = rec {
       enable = true;
       fqdn = "mail.zoeys.email";
       domains = ["zoeys.email" "zoeys.cloud" "zoeys.computer" "zackmyers.io" "zacharymyers.com" "pictureofcat.com"];
@@ -64,27 +64,23 @@ in {
         };
       };
 
-      certificateScheme = "acme-nginx";
+      enableManageSieve = true;
+
+      dmarcReporting.enable = true;
+
+      x509.useACMEHost = fqdn;
       virusScanning = true;
       stateVersion = 3;
     };
 
-    # services.nginx = {
+    services.nginx = {
-    #   virtualHosts = {
+      virtualHosts = {
-    #     "cal.zoeys.cloud" = {
+        "${config.mailserver.fqdn}" = {
-    #       forceSSL = true;
+          forceSSL = true;
-    #       enableACME = true;
+          enableACME = true;
-    #       locations."/" = {
+        };
-    #         proxyPass = "http://localhost:5232/";
+      };
-    #         extraConfig = ''
+    };
-    #           proxy_set_header  X-Script-Name /;
-    #           proxy_set_header  X-Forwarded-For $proxy_add_x_forwarded_for;
-    #           proxy_pass_header Authorization;
-    #         '';
-    #       };
-    #     };
-    #   };
-    # };
 
     services.roundcube = {
       enable = true;

modules/nixos/services/matrix/default.nix

@@ -0,0 +1,146 @@
+{
+  lib,
+  config,
+  pkgs,
+  ...
+}:
+with lib;
+with lib.custom; let
+  cfg = config.services.matrix;
+in {
+  options.services.matrix = with types; {
+    enable = mkBoolOpt false "Matrix Web Server";
+  };
+  config = mkIf cfg.enable {
+    sops = {
+      defaultSopsFile = ../../../.sops.yaml;
+      gnupg.home = "/var/lib/sops";
+      gnupg.sshKeyPaths = [];
+
+      secrets = {
+        "password" = {
+          sopsFile = ../../../../secrets/matrix-db.yaml;
+          owner = "root";
+          group = "root";
+          mode = "0444";
+          neededForUsers = true;
+        };
+      };
+    };
+
+    services.matrix-synapse-next = {
+      enable = true;
+
+      workers.federationSenders = 2;
+      workers.federationReceivers = 2;
+      workers.initialSyncers = 2;
+      workers.normalSyncers = 2;
+      workers.eventPersisters = 2;
+      workers.useUserDirectoryWorker = true;
+
+      enableNginx = true;
+
+      settings = {
+        server_name = "zoeys.cloud";
+
+        recaptcha_public_key = "6LdcENQrAAAAAKFi-gTzPnf6Q2xq7yTmIYv6Xw5o";
+        recaptcha_private_key = "6LdcENQrAAAAABfnE6TVkMWtRrw0OZqZEfYaGm7m";
+
+        enable_registration = true;
+        enable_registration_captcha = true;
+
+        database = {
+          name = "psycopg2";
+          args = {
+            host = "localhost";
+            user = "synapse";
+            password = "synapse";
+            dbname = "synapse";
+          };
+        };
+      };
+    };
+
+    services.redis.servers."".enable = true;
+
+    services.coturn = rec {
+      enable = true;
+      no-cli = true;
+      no-tcp-relay = true;
+      min-port = 49000;
+      max-port = 50000;
+      use-auth-secret = true;
+      static-auth-secret = "will be world readable for local users :(";
+      realm = "turn.zoeys.cloud";
+      cert = "${config.security.acme.certs.${realm}.directory}/full.pem";
+      pkey = "${config.security.acme.certs.${realm}.directory}/key.pem";
+      extraConfig = ''
+        verbose
+
+        no-multicast-peers
+        denied-peer-ip=0.0.0.0-0.255.255.255
+        denied-peer-ip=10.0.0.0-10.255.255.255
+        denied-peer-ip=100.64.0.0-100.127.255.255
+        denied-peer-ip=127.0.0.0-127.255.255.255
+        denied-peer-ip=169.254.0.0-169.254.255.255
+        denied-peer-ip=172.16.0.0-172.31.255.255
+        denied-peer-ip=192.0.0.0-192.0.0.255
+        denied-peer-ip=192.0.2.0-192.0.2.255
+        denied-peer-ip=192.88.99.0-192.88.99.255
+        denied-peer-ip=192.168.0.0-192.168.255.255
+        denied-peer-ip=198.18.0.0-198.19.255.255
+        denied-peer-ip=198.51.100.0-198.51.100.255
+        denied-peer-ip=203.0.113.0-203.0.113.255
+        denied-peer-ip=240.0.0.0-255.255.255.255
+        denied-peer-ip=::1
+        denied-peer-ip=64:ff9b::-64:ff9b::ffff:ffff
+        denied-peer-ip=::ffff:0.0.0.0-::ffff:255.255.255.255
+        denied-peer-ip=100::-100::ffff:ffff:ffff:ffff
+        denied-peer-ip=2001::-2001:1ff:ffff:ffff:ffff:ffff:ffff:ffff
+        denied-peer-ip=2002::-2002:ffff:ffff:ffff:ffff:ffff:ffff:ffff
+        denied-peer-ip=fc00::-fdff:ffff:ffff:ffff:ffff:ffff:ffff:ffff
+        denied-peer-ip=fe80::-febf:ffff:ffff:ffff:ffff:ffff:ffff:ffff
+      '';
+    };
+
+    networking.firewall = {
+      interfaces.ens3 = let
+        range = with config.services.coturn; [
+          {
+            from = min-port;
+            to = max-port;
+          }
+        ];
+      in {
+        allowedUDPPortRanges = range;
+        allowedUDPPorts = [3478 5349];
+        allowedTCPPortRanges = [];
+        allowedTCPPorts = [3478 5349];
+      };
+    };
+
+    services.nginx.virtualHosts.${config.services.coturn.realm} = {
+      forceSSL = true;
+      enableACME = true;
+      locations."/" = {
+        return = "200 '<html><body>Hai :3</body></html>'";
+      };
+    };
+
+    users.groups.turnserver.members = ["nginx"];
+
+    security.acme.certs.${config.services.coturn.realm} = {
+      /*
+      insert here the right configuration to obtain a certificate
+      */
+      postRun = "systemctl restart coturn.service";
+      group = "turnserver";
+    };
+    # configure synapse to point users to coturn
+    services.matrix-synapse.settings = with config.services.coturn; {
+      turn_uris = ["turn:${realm}:3478?transport=udp" "turn:${realm}:3478?transport=tcp"];
+      turn_shared_secret = static-auth-secret;
+      turn_user_lifetime = "1h";
+    };
+  };
+}

modules/nixos/services/web/nginx/default.nix

@@ -20,7 +20,7 @@ in {
 
     services.nginx = {
       enable = true;
-      package = pkgs.nginxStable.override {openssl = pkgs.libressl;};
+      # package = pkgs.nginxStable.override {openssl = pkgs.libressl;};
       recommendedProxySettings = true;
       recommendedGzipSettings = true;
       recommendedOptimisation = true;

modules/nixos/sites/code/default.nix

@@ -36,7 +36,7 @@ in {
     catppuccin.forgejo.enable = false;
 
     services.gitea-actions-runner = {
-      package = pkgs.forgejo-actions-runner;
+      package = pkgs.forgejo-runner;
       instances.default = {
         enable = true;
         name = "monolith";

modules/nixos/sites/pterodactyl/default.nix

@@ -148,6 +148,8 @@ in {
       '';
     };
 
+    security.acme.certs."node.nyc.zackmyers.io".keyType = "rsa4096";
+
     services.phpfpm = {
       phpOptions = ''
         extension=${pkgs.php83Extensions.openssl}/lib/php/extensions/openssl.so

modules/nixos/ui/fonts/default.nix

@@ -57,7 +57,7 @@ in {
         #   })
         noto-fonts
         noto-fonts-cjk-sans
-        noto-fonts-emoji
+        noto-fonts-color-emoji
         jetbrains-mono
         nerd-fonts.iosevka
         nerd-fonts.zed-mono

overlays/monado/default.nix

@@ -0,0 +1,10 @@
+{...}: final: prev: {
+  monado = prev.monado.overrideAttrs (old: {
+    buildInputs = builtins.filter (x: x != prev.opencv) old.buildInputs;
+    cmakeFlags =
+      (old.cmakeFlags or [])
+      ++ [
+        "-DBUILD_WITH_OPENCV=OFF"
+      ];
+  });
+}

packages/atproto-pds/default.nix

@@ -7,7 +7,7 @@
     owner = "bluesky-social";
     repo = "pds";
     rev = "main";
-    hash = "sha256-dEB5u++Zx+F4TH5q44AF/tuwAhLEyYT+U5/18viT4sw=";
+    hash = "sha256-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=";
   };
 in
   inputs.pnpm2nix.packages.${pkgs.system}.mkPnpmPackage {

packages/discord-music-presence/default.nix

@@ -0,0 +1,47 @@
+{
+  fetchurl,
+  stdenv,
+  autoPatchelfHook,
+  xorg,
+  libGL,
+  libgcc,
+  systemdLibs,
+  libz,
+  glibc,
+  fontconfig,
+  e2fsprogs,
+}:
+stdenv.mkDerivation {
+  src = fetchurl {
+    url = "https://cdn.discordapp.com/attachments/1306271439493533776/1414196667304902707/music-presence-2.3.3-preview.6-linux-x86_64.tar.gz?ex=68beb0c7&is=68bd5f47&hm=09a61b4eeadb1f0b61ed70a6d1a14fe267f320027e0aae8dca1923d0813b063a&";
+    hash = "sha256-KqGnG4xdZcOQJQXrNU3leLXDNjNFAVjvuDUKAR38IBs=";
+  };
+
+  nativeBuildInputs = [autoPatchelfHook];
+
+  preBuild = ''
+    addAutoPatchelfSearchPath ./usr/plugins/
+    addAutoPatchelfSearchPath ./usr/bin/
+    addAutoPatchelfSearchPath ./usr/lib/
+  '';
+
+  buildInputs = [
+    xorg.libX11
+    xorg.libxcb
+    libGL
+    libgcc
+    systemdLibs
+    libz
+    glibc
+    fontconfig
+    e2fsprogs
+  ];
+
+  installPhase = ''
+    runHook preInstall
+    cp -r . $out
+    runHook postInstall
+  '';
+
+  name = "discord-music-presence";
+}

patch.patch

@@ -1,24 +0,0 @@
-From 2ce643428722dc0d6e181ea4745097c6e18feca2 Mon Sep 17 00:00:00 2001
-From: Lars Kellogg-Stedman <larsks>
-Date: Wed, 7 May 2025 21:45:00 -0400
-Subject: [PATCH] Fix broken integration with Mason 2.0.0
-
----
- lua/lazyvim/plugins/lsp/init.lua | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/lua/lazyvim/plugins/lsp/init.lua b/lua/lazyvim/plugins/lsp/init.lua
-index b5cba5f..1dfc8c7 100644
---- a/lua/lazyvim/plugins/lsp/init.lua
-+++ b/lua/lazyvim/plugins/lsp/init.lua
-@@ -212,7 +212,7 @@ return {
-       local have_mason, mlsp = pcall(require, "mason-lspconfig")
-       local all_mslp_servers = {}
-       if have_mason then
--        all_mslp_servers = vim.tbl_keys(require("mason-lspconfig.mappings.server").lspconfig_to_package)
-+        all_mslp_servers = require("mason-lspconfig").get_mappings().lspconfig_to_package
-       end
- 
-       local ensure_installed = {} ---@type string[]
--- 
-2.49.0

secrets/matrix-db.yaml

@@ -0,0 +1,26 @@
+password: ENC[AES256_GCM,data:0fl9Py+dOU7yBG5+S9oikr/uVXM=,iv:ivZPbvIqCNH974p24ZXgobDQjZh4EaRqr9Mav0Ofv7Q=,tag:rPY6loyq5wCe/SXKsz39LA==,type:str]
+sops:
+    shamir_threshold: 1
+    age:
+        - recipient: age1l6v7c5cp6sh6typgskwfufzkn3qw4av7r42z7lqyns6mtupytqhs2fg49u
+          enc: |
+            -----BEGIN AGE ENCRYPTED FILE-----
+            YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBOZElOWnpHWC9mdGhOaVRQ
+            U2d1Z3U0Uk9sZGhZWFp5ejRLV1FEbUpFcVNNCm1WN0xrV1FkLzB5TXBWa3dnMDFD
+            eEI5L0hPbk1CM0dESWsxRXRKemp0RG8KLS0tIFNWR0M4a0tHSjR3ODV6aGpHQzZy
+            Y3hyR2p4Qk52S2FRVnFQK2pTb21sK2cKfTp78UNAFB4umRGvwDq782dhBYPeO6ms
+            wx9+gVmeRbHWC2SoVvjEpsK7FpSQDV5T6qDZP+L3DwWRKM2OfAdjRA==
+            -----END AGE ENCRYPTED FILE-----
+        - recipient: age16p54d6tx3mg0htkzj43q2mzpvlqj4gz63mz5qzx8mpsp5zx4xexsszdhuk
+          enc: |
+            -----BEGIN AGE ENCRYPTED FILE-----
+            YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBXTXUwaHhQdHBBVWVSMmNH
+            dUNJUys2VnhPbjdYd3NCUDM1dXV5am9FNkhzCnVmMnBOcmtrNVE5d012NzlsRm54
+            SDlQekQxR3JkbENJbXkxbGdSa3BGMVkKLS0tIEV1b3pJbHdFbXMzSGRrOXpPUW1U
+            OFpZeVVYYzJyMVMxOVBoNzFDVFdDc0UKu0T/bsKe7qaBbqWyalMEZ+MzuhZN2Jxk
+            mAQsc9ZAZeRda/0IjpnWjwfxCbt99wMKms1cPyDwGxRdDu5xSNKmUg==
+            -----END AGE ENCRYPTED FILE-----
+    lastmodified: "2025-09-20T18:43:33Z"
+    mac: ENC[AES256_GCM,data:n0J6Go+8GfyG9CO/o2DAcaUCzEWjANRy9ZFHkoogqKX1N6oCFWnojqx3qeUw1QlzNHKYsCVRawsYp/oezox9wyjH/EvKS1Ocxm4b6segIFL38y2zllR+AKDu7FsfEz+nkgp8VrzruaoobTBp4HLxNvlVKg9sWLboIDw38jt58EA=,iv:Lz3ph/lelLNyIVlWRowW3QZQoZw2VhCGUhA0kJHM3wc=,tag:ucu/ee0YhDO53xCBtkOHfg==,type:str]
+    unencrypted_suffix: _unencrypted
+    version: 3.10.2

systems/x86_64-linux/earth/default.nix

@@ -6,7 +6,10 @@
   config,
   ...
 }: {
-  imports = [./disk-config.nix ./hardware-configuration.nix];
+  imports = [
+    ./disk-config.nix
+    ./hardware-configuration.nix
+  ];
 
   nix.settings = {
     trusted-users = ["zoey"];
@@ -59,13 +62,24 @@
       configuration = {
         services.desktopManager.plasma6.enable = true;
         services.displayManager.sddm.enable = true;
-        services.xserver.displayManager.gdm.enable = lib.mkForce false;
+        services.displayManager.gdm.enable = lib.mkForce false;
 
         programs.seahorse.enable = lib.mkForce false;
       };
     };
   };
 
+  # services.monado = {
+  #   enable = true;
+  #   defaultRuntime = true;
+  # };
+  #
+  # systemd.user.services.monado.environment = {
+  #   STEAMVR_LH_ENABLE = "1";
+  #   XRT_COMPOSITOR_COMPUTE = "1";
+  #   XRT_COMPOSITOR_FORCE_WAYLAND_DIRECT = "1";
+  # };
+
   programs.steam = {
     enable = true;
     extraPackages = with pkgs; [
@@ -114,8 +128,8 @@
   services.xserver.enable = true;
   services.lorri.enable = true;
   services.udisks2.enable = true;
-  services.crypto.enable = true;
+  services.crypto.enable = false;
-  services.torrent.enable = true;
+  services.torrent.enable = false;
   services.gnome.gnome-keyring.enable = true;
   # services.solaar = {
   #   enable = true;
@@ -125,6 +139,8 @@
     polkitPolicyOwnerUsername = "zoey";
   };
 
+  security.polkit.enable = true;
+
   # Bootloader.
   boot.loader.systemd-boot.enable = lib.mkForce false;
   boot.lanzaboote = {
@@ -154,7 +170,6 @@
   # services.scx.package = pkgs.scx_git.full;
 
   boot.kernelPackages = pkgs.linuxPackages_zen;
-  # CachyOS-inspired kernel parameters for better desktop responsiveness and gaming
   boot.kernelParams = [
     "nowatchdog"
     "preempt=full"
@@ -162,11 +177,6 @@
     "tsc=reliable"
     "clocksource=tsc"
     "preempt=voluntary"
-    "futex.futex2_interface=1" # Better Wine/Proton compatibility
-    "NVreg_UsePageAttributeTable=1" # Improved GPU memory management
-    "io_uring.sqpoll=2" # Modern I/O scheduler polling
-    "transparent_hugepage=madvise" # Better memory management
-    "elevator=bfq" # Better I/O scheduling for gaming
   ];
   boot.supportedFilesystems = ["ntfs"];
 
@@ -190,17 +200,6 @@
     pkgs.kdiskmark
     pkgs.mangohud
     pkgs.sops
-    inputs.quickshell.packages.${system}.default
-    (pkgs.shadps4.overrideAttrs {
-      version = "0.9.0";
-      src = pkgs.fetchFromGitHub {
-        owner = "AzaharPlus";
-        repo = "shadPS4Plus";
-        tag = "SHADPS4PLUS_0_9_0_A";
-        hash = "sha256-ZwP+bOE4roWt51Ii53blDZzdq/SxK4Q69I4rLCNARLA=";
-        fetchSubmodules = true;
-      };
-    })
     (pkgs.lutris.override {
       extraPkgs = pkgs: [
         pkgs.winetricks
@@ -214,14 +213,15 @@
     pkgs.protonup-qt
     pkgs.restic
     pkgs.qt5.qtwayland
-    pkgs.vkBasalt # Vulkan post-processing layer for better visuals
+    pkgs.vkbasalt # Vulkan post-processing layer for better visuals
     pkgs.goverlay # MangoHud and vkBasalt GUI configurator
     pkgs.cpupower-gui # CPU frequency control GUI
     pkgs.ananicy-cpp # Process priority daemon
-    (inputs.umu.packages.${system}.umu-launcher.override {
+    pkgs.umu-launcher
-      withTruststore = true;
+    # (inputs.umu.packages.${system}.umu-launcher.override {
-      withDeltaUpdates = true;
+    #   withTruststore = true;
-    })
+    #   withDeltaUpdates = true;
+    # })
     inputs.agenix.packages.${system}.agenix
   ];
 
@@ -231,12 +231,18 @@
   users.users.zoey = {
     isNormalUser = true;
     description = "zoey";
-    extraGroups = ["networkmanager" "wheel" "docker" "libvirtd" "plugdev"];
+    extraGroups = [
+      "networkmanager"
+      "wheel"
+      "docker"
+      "libvirtd"
+      "plugdev"
+    ];
     shell = pkgs.fish;
     initialHashedPassword = "$6$rounds=2000000$rFBJH7LwdEHvv.0i$HdHorWqp8REPdWPk5fEgZXX1TujRJkMxumGK0f0elFN0KRPlBjJMW2.35A.ID/o3eC/hGTwbSJAcJcwVN2zyV/";
   };
 
-  services.gnome.core-utilities.enable = true; # Enable core GNOME utilities
+  services.gnome.core-apps.enable = true; # Enable core GNOME utilities
 
   users.groups.plugdev = {};
 
@@ -256,7 +262,7 @@
     ports = [22];
   };
 
-  networking.firewall.allowedTCPPorts = [22];
+  networking.firewall.allowedTCPPorts = [22 1069];
 
   services.samba = {
     enable = true;

systems/x86_64-linux/pluto/default.nix

@@ -97,7 +97,7 @@
     pterodactyl.enable = true;
     search.enable = true;
     map.enable = true;
-    hydra.enable = true;
+    hydra.enable = false;
     cache.enable = true;
     minio.enable = true;
     immich.enable = true;
@@ -105,7 +105,7 @@
     sourcehut.enable = false;
     forgejo.enable = true;
     zoeycomputer = {
-      enable = true;
+      enable = false;
       domain = "zoeys.computer";
       phx = {
         database = {

systems/x86_64-linux/venus/default.nix

@@ -45,6 +45,7 @@
 
   services.web.nginx.enable = true;
   services.mail.enable = true;
+  services.matrix.enable = false;
 
   environment.systemPackages = map lib.lowPrio [
     pkgs.curl