.gitignore

@@ -1,2 +1,2 @@
-kogami.qcow2
+
-ginoza.qcow2
+laptop.qcow2

TODO.md

@@ -7,26 +7,18 @@
 - [x] cliphist manager fix
 - [x] stylix theming to each module
 - [x] rofi theme and other themes, where are colors setup declaratively
-- [x] enabling nvidia graphics and disabling it
+- [ ] enabling nvidia graphics and disabling it
-- [x] add zsh to my config
-- [x] custom if else statements
-- [x] move sops
-- [x] figure out yubico authentication
-- [x] options for YUBIKEY to make more sense and control
-- [x] power profiles solution in waybar
-- [x] auto-cpufreq
 - [ ] modularity connected via configuration.nix file with home manager (disable gnome, gnome configuration will be disabled too)
+- [x] custom if else statements
 - [ ] neovim
 - [ ] librewolf and firefox fix
+- [ ] fix kde theme in stylix
+- [x] move sops
+- [ ] figure out yubico authentication
 - [ ] graph of my system structure
+- [x] add zsh to my config
+- [ ] ?tryout starship?
 - [ ] cleanup hyprland subtools (rofi, hyprlock, waybar)
+- [ ] auto-cpufreq
 - [ ] modularize hyprland config into multiple files
 - [ ] consider moving nh config helper into module
-- [ ] make static background folder and figure out how to simply manage backgrounds across my devices
-- [ ] NVIDIA options
-- [ ] fix plasma manager and extend gnome configuration
-- [ ] merge shell aliases
-
-- [ ] update my home page and create new web
-- [ ] fix kde theme in stylix
-- [ ] ?tryout starship?

flake.lock

@@ -33,26 +33,6 @@
         "type": "github"
       }
     },
-    "auto-cpufreq": {
-      "inputs": {
-        "nixpkgs": [
-          "nixpkgs"
-        ]
-      },
-      "locked": {
-        "lastModified": 1733175750,
-        "narHash": "sha256-tczSI0dnsitstia/uVt7FyGQbtuW8lMhhMYj0TRSAT4=",
-        "owner": "AdnanHodzic",
-        "repo": "auto-cpufreq",
-        "rev": "4dae1d4b59bedc1d57118a9eb704c2e1cde5f83c",
-        "type": "github"
-      },
-      "original": {
-        "owner": "AdnanHodzic",
-        "repo": "auto-cpufreq",
-        "type": "github"
-      }
-    },
     "base16": {
       "inputs": {
         "fromYaml": "fromYaml"
@@ -128,11 +108,11 @@
       },
       "locked": {
         "dir": "pkgs/firefox-addons",
-        "lastModified": 1735202720,
+        "lastModified": 1734943800,
-        "narHash": "sha256-7aEdACqT2B7nZNFjn2Y66Qucfl1AHHVFKxm4yvO0O10=",
+        "narHash": "sha256-T6tJ1fGRcVksmRqbDRsvYD3Qnw8AU3e2j0Im01twFcI=",
         "owner": "rycee",
         "repo": "nur-expressions",
-        "rev": "fe816609e68ee1887ee89e43c9ca1aad75362477",
+        "rev": "2c702b4a038306dce64a90fc011c92ebabb82f63",
         "type": "gitlab"
       },
       "original": {
@@ -288,11 +268,11 @@
         ]
       },
       "locked": {
-        "lastModified": 1735053786,
+        "lastModified": 1734944412,
-        "narHash": "sha256-Gm+0DcbUS338vvkwyYWms5jsWlx8z8MeQBzcnIDuIkw=",
+        "narHash": "sha256-36QfCAl8V6nMIRUCgiC79VriJPUXXkHuR8zQA1vAtSU=",
         "owner": "nix-community",
         "repo": "home-manager",
-        "rev": "35b98d20ca8f4ca1f6a2c30b8a2c8bb305a36d84",
+        "rev": "8264bfe3a064d704c57df91e34b795b6ac7bad9e",
         "type": "github"
       },
       "original": {
@@ -398,11 +378,11 @@
         "xdph": "xdph"
       },
       "locked": {
-        "lastModified": 1735310446,
+        "lastModified": 1734907157,
-        "narHash": "sha256-1wUsJQ0MJBzAuQ+3c3e3OR5SW8iUF1sHco33xIcvDSg=",
+        "narHash": "sha256-sF3Wot4jIemoSo0YigdHyoR5JMaXgKja+mPJGoXXk/k=",
         "owner": "hyprwm",
         "repo": "Hyprland",
-        "rev": "43ca66779b7d267cc6c52bdea75d3ff8eb60132f",
+        "rev": "5f7ad767dbf0bac9ddd6bf6c825fb9ed7921308a",
         "type": "github"
       },
       "original": {
@@ -598,11 +578,11 @@
     },
     "nixpkgs-stable_2": {
       "locked": {
-        "lastModified": 1735141468,
+        "lastModified": 1734875076,
-        "narHash": "sha256-VIAjBr1qGcEbmhLwQJD6TABppPMggzOvqFsqkDoMsAY=",
+        "narHash": "sha256-Pzyb+YNG5u3zP79zoi8HXYMs15Q5dfjDgwCdUI5B0nY=",
         "owner": "nixos",
         "repo": "nixpkgs",
-        "rev": "4005c3ff7505313cbc21081776ad0ce5dfd7a3ce",
+        "rev": "1807c2b91223227ad5599d7067a61665c52d1295",
         "type": "github"
       },
       "original": {
@@ -622,11 +602,11 @@
         ]
       },
       "locked": {
-        "lastModified": 1735049224,
+        "lastModified": 1733858086,
-        "narHash": "sha256-fWUd9kyXdepphJ7cCzOsuSo7l0kbFCkUqfgKqZyFZzE=",
+        "narHash": "sha256-h2BDIDKiqgMpA6E+mu0RgMGy3FeM6k+EuJ9xgOQ1+zw=",
         "owner": "nix-community",
         "repo": "plasma-manager",
-        "rev": "d16bbded0ae452bc088489e7dca3ef58d8d1830b",
+        "rev": "7e2010249529931a3848054d5ff0dbf24675ab68",
         "type": "github"
       },
       "original": {
@@ -661,7 +641,6 @@
     },
     "root": {
       "inputs": {
-        "auto-cpufreq": "auto-cpufreq",
         "firefox-addons": "firefox-addons",
         "home-manager": "home-manager",
         "hyprland": "hyprland",
@@ -702,11 +681,11 @@
         ]
       },
       "locked": {
-        "lastModified": 1735272951,
+        "lastModified": 1734927365,
-        "narHash": "sha256-xGQ4qVMb8XRIpDYq+tNu3db5LzoKyAJFRl3VA0us/+M=",
+        "narHash": "sha256-xuYqPNPPsmb5djiU4odmyTidFQC3TeLe814ubuvXJo4=",
         "owner": "Gerg-L",
         "repo": "spicetify-nix",
-        "rev": "c4e2fb9a6a46acf1fd842ae33a342e71bd9a2263",
+        "rev": "678dd4c5c2957f1f359a329ef00e17cbd273bd50",
         "type": "github"
       },
       "original": {
@@ -734,11 +713,11 @@
         "tinted-tmux": "tinted-tmux"
       },
       "locked": {
-        "lastModified": 1735253599,
+        "lastModified": 1734885904,
-        "narHash": "sha256-aKLAUkdeMH2N5gMDNiOC7KghRNy1necLtLa9+zUcj1g=",
+        "narHash": "sha256-NxA4JnLuXyle2/nUKDbW8vORwSd+Z20limIl7DhlZbs=",
         "owner": "danth",
         "repo": "stylix",
-        "rev": "963e77a3a4fc2be670d5a9a6cbeb249b8a43808a",
+        "rev": "4d87b96ceca38532f39c1b7efd8a9235bfcee3d6",
         "type": "github"
       },
       "original": {

flake.nix

@@ -45,11 +45,6 @@
       url = "github:Mic92/sops-nix";
       inputs.nixpkgs.follows = "nixpkgs";
     };
-
-    auto-cpufreq = {
-      url = "github:AdnanHodzic/auto-cpufreq";
-      inputs.nixpkgs.follows = "nixpkgs";
-    };
   };
 
   outputs = {
@@ -103,7 +98,6 @@
           inputs.stylix.nixosModules.stylix
           inputs.nix-ld.nixosModules.nix-ld
           inputs.sops-nix.nixosModules.sops
-          inputs.auto-cpufreq.nixosModules.default
         ];
       };
       ginoza = nixpkgs.lib.nixosSystem {

ginoza/configuration.nix

@@ -62,11 +62,6 @@
     tor.enable = false;
     virt-manager.enable = false;
     virtualbox.enable = false;
-    yubikey = {
-      enable = false;
-      lock-on-remove = false;
-      notify = false;
-    };
   };
 
   # Basic programs to enable

kogami/configuration.nix

@@ -66,26 +66,14 @@
     tor.enable = true;
     virt-manager.enable = true;
     virtualbox.enable = false;
-    yubikey = {
+    yubikey.enable = true;
-      enable = true;
-      lock-on-remove = false;
-      notify = true;
-    };
   };
 
   # Basic programs to enable
   programs.kdeconnect.enable = true;
   programs.wireshark.enable = true;
-  programs.auto-cpufreq.enable = true;
 
-  programs.ssh.extraConfig = ''
+  services.twingate.enable = true;
-    Host masaoka
-      HostName 192.168.8.140
-      User foglar
-      IdentityFile ~/.ssh/id_masaoka
-  '';
-
-  #services.twingate.enable = true;
 
   # Allow unfree packages
   nixpkgs.config.allowUnfree = true;
@@ -93,6 +81,14 @@
   # List packages installed in system profile. To search, run:
   # $ nix search wget
 
+  # Some programs need SUID wrappers, can be configured further or are
+  # started in user sessions.
+  # programs.mtr.enable = true;
+  # programs.gnupg.agent = {
+  #   enable = true;
+  #   enableSSHSupport = true;
+  # };
+
   # List services that you want to enable:
 
   # Enable the OpenSSH daemon.

kogami/home.nix

@@ -83,7 +83,6 @@
       }
     '';
   };
-
   # Let Home Manager install and manage itself.
   programs.home-manager.enable = true;
 }

nixos/home/packages/tools/shell.nix

@@ -3,38 +3,38 @@
   config,
   pkgs,
   ...
-}: let
+}: {
-  shellAliases = {
-    ls = "${pkgs.eza}/bin/eza --icons";
-    ll = "${pkgs.eza}/bin/eza -alh --icons";
-    l = "${pkgs.eza}/bin/eza -lh  --icons=auto";
-    tree = "${pkgs.eza}/bin/eza --tree --icons";
-    open = "rifle";
-    ip = "ip -c";
-    s = "kitten ssh";
-    diff = "diff --color";
-    respawn = "clear; ${pkgs.pfetch}/bin/pfetch";
-    mkdir = "mkdir -p";
-    cat = "${pkgs.bat}/bin/bat --style plain";
-    rasp = "s masaoka";
-    hist = "history | awk '{for (i=2; i<=NF; i++) printf \$i\" \"; print \"\"}' | fzf | wl-copy";
-    cdx = "${pkgs.zoxide}/bin/zoxide query --interactive";
-    #distrobox-enter = "distrobox-enter --root";
-    #distrobox-create = "distrobox-create --root";
-    #distrobox-list = "distrobox-list --root";
-  };
-in {
   options = {
     sh.bash.enable = lib.mkEnableOption "enables shell bash";
     sh.zsh.enable = lib.mkEnableOption "enables shell zsh";
   };
+
   config = lib.mkMerge [
     (lib.mkIf config.sh.bash.enable {
       programs.bash = {
         enable = true;
         enableCompletion = true;
 
-        shellAliases = shellAliases;
+        shellAliases = {
+          ls = "${pkgs.eza}/bin/eza --icons";
+          ll = "${pkgs.eza}/bin/eza -alh --icons";
+          l = "${pkgs.eza}/bin/eza -lh  --icons=auto";
+          tree = "${pkgs.eza}/bin/eza --tree --icons";
+          open = "rifle";
+          ip = "ip -c";
+          s = "kitten ssh";
+          diff = "diff --color";
+          respawn = "clear; ${pkgs.pfetch}/bin/pfetch";
+          mkdir = "mkdir -p";
+          cat = "${pkgs.bat}/bin/bat --style plain";
+          rasp = "s foglar@192.168.8.140";
+          hist = "history | awk '{for (i=2; i<=NF; i++) printf \$i\" \"; print \"\"}' | fzf | wl-copy";
+          cdx = "${pkgs.zoxide}/bin/zoxide query --interactive";
+
+          #distrobox-enter = "distrobox-enter --root";
+          #distrobox-create = "distrobox-create --root";
+          #distrobox-list = "distrobox-list --root";
+        };
 
         bashrcExtra = ''
           ${pkgs.pfetch}/bin/pfetch'';
@@ -52,11 +52,19 @@ in {
         autosuggestion.enable = true;
         syntaxHighlighting.enable = true;
 
-        shellAliases = shellAliases;
+        shellAliases = {
-
+          ls = "${pkgs.eza}/bin/eza --icons";
-        initExtra = ''
+          ll = "${pkgs.eza}/bin/eza -alh --icons";
-          ${pkgs.pfetch}/bin/pfetch
+          l = "${pkgs.eza}/bin/eza -lh  --icons=auto";
-          set -o emacs'';
+          tree = "${pkgs.eza}/bin/eza --tree --icons";
+          open = "rifle";
+          ip = "ip -c";
+          s = "kitten ssh";
+          diff = "diff --color";
+          respawn = "clear; ${pkgs.pfetch}/bin/pfetch";
+          mkdir = "mkdir -p";
+          cat = "${pkgs.bat}/bin/bat --style plain";
+        };
       };
     })
   ];

nixos/system/packages.nix

@@ -1,4 +1,7 @@
-{lib, ...}: {
+{
+  lib,
+  ...
+}: {
   imports = [
     ./packages/docker.nix
     ./packages/podman.nix
@@ -17,11 +20,7 @@
     tor.enable = lib.mkDefault true;
     virt-manager.enable = lib.mkDefault true;
     virtualbox.enable = lib.mkDefault true;
-    yubikey = {
+    yubikey.enable = lib.mkDefault false;
-      enable = lib.mkDefault false;
-      lock-on-remove = lib.mkDefault false;
-      notify = lib.mkDefault false;
-    };
   };
   sys.desktop.steamdeck.enable = lib.mkDefault false;
   sys.security.sops.enable = lib.mkDefault true;

nixos/system/packages/sops/secrets/secrets.yaml

@@ -3,8 +3,6 @@ kogami:
 ginoza:
     password-hash: ENC[AES256_GCM,data:xqE0y3Z7+kasYFQLn4Wuo+/c9L8BEakf2HKgN5BsttC2iDuzYSvXrP8K6pe5Skdi5Aq0MVz9LixJFM3PBgLORL1C6k0iDSardw==,iv:bKL40h0rGNmnnkA7EieKAD5KyENXOiTNsTVH1V0B7HU=,tag:c1MsRuiOK/j2b0iKOyO8FQ==,type:str]
 yubikey_id: ENC[AES256_GCM,data:ZyamX5gxoW4=,iv:4tW7muk6AaJf9VmXmFd6Ut63U27fFD8QgYSBx3RgOfw=,tag:IFlSiOffMyc33Rw1gxwCPA==,type:int]
-ssh_keys:
-    masaoka: ENC[AES256_GCM,data:VNR1euaaG0wfDvuSbwqga86QC/yir/GJ1sZLT6mzu3DxrxjexXbXP0nO79+l7FRQENZEU/e/wZ+V8Pb+9Tw/whDOVYM3EgAgsuialdc7LAkaaGyRe47+PpPaN7n/O6pPBRGSApDVf0xsw1R95pmL2jsM7nzs6WiiC+yG5FM2VdSxkxVJPkABmQpMzjoMyuB6QlQGCU+Q/+cuOL/7tsW6JFyKu8snTXyQg3EKomR07ZpxcE8whbEfmxdZbiNFitNmsnaRLGqkyd9iVHfW5PlvfU9s0C0CWZPTw23okCpGjaUwnbHcKVWlb6b1qbQRRoHwqFIArqC44COY6zT50rPsbwjLvU0gozBMCRYmZtZtMFQ50NYn2mfEU/6ZTWS67EmjYHwyR6mxTM9TeLpgsYWIqewB1te87y1q5+/EFHUAba3iINx/P/yJUUVUS9B85eosMgQsn4sn+3iMq7aZbNQeDOLU78xwFZpxHYK8MXVSLZf0dwQHyyFAHPtfHSXKJc3sWqMOeRuB8L3Xdn+k2cJAOfHZb4AidYYdie37oFXaVjLyCBgtvZzVFGUTameByD46TU82kFDzgNxKBzBNpNK5xM6l1eyE1Xm6t1bH69RiWF5Hn2i2UQj2vm3ScTlHdOymLy/DRBpg9BuhkkxA6FoaM0Iw0c0EInvcj2HdBR8FhoknktwBZDU/+zWj4vEkEnvvDyBJ0UH4QkgMDast6f+STqdURGCJAB/rBJcbmvJTsDa7,iv:wI2fH8hCBopVz3rWXj8el0Uof3DeL0lkezqE6MeMJ/k=,tag:uKDGStJ96RRqxX1wdIzgaQ==,type:str]
 sops:
     kms: []
     gcp_kms: []
@@ -20,8 +18,8 @@ sops:
             T0cxV21SN0hJaFg3R3hpTjIxa3lJNVEKdIrR5XDHxpCojk2A1pxc4dYtSJRrObbY
             JS/nDgu74LugEchiOhuIJ7nh3MS5XBOmmt2GTHrqxZEZFoIykjIGug==
             -----END AGE ENCRYPTED FILE-----
-    lastmodified: "2024-12-27T12:09:56Z"
+    lastmodified: "2024-12-26T19:06:52Z"
-    mac: ENC[AES256_GCM,data:AFNKn5oyHEwxKkLHh67le/02QaBitPipF1+BzvYdxQgHjTm5JCGn1yZZHmNDMIRAVTSECubWh1fvBiCVbkTSIGnYjXEb/Kw3732E+Cb4RYAPQRVkdJeg9h1ZwmdGUGajjZwCtnuuUl65ZMpW7njVHT0M+y91nWAQJ4CAbrAfAbw=,iv:2wmu+hBG3azJT+wrvlZPpdfqaEAbBCeDM0ncgfvhzOg=,tag:5PVBh6a/bsLV9YsXnPO5aw==,type:str]
+    mac: ENC[AES256_GCM,data:1n5O72DFe6dgvEfE6ZOAP1JR4TFZQAWeDYU/NLtisjoVliREcVmaZEM3vxDnrLueLFdNZ0jxu9fEjG0cnwUDkJNIeFyj8mhzY3bIC5LiSVriKPLGiJW3fMBsK6btJTa8OJ7xJsFIKgXpVHAgOit9ZBT24VnLZ9zFgWk84whR1eE=,iv:RaKCWl5zfKsD0502WVRv8Vx2+jGz3J7yhRkSzb/RFPM=,tag:JT2sKaoK7SCKCk1nWrHZMQ==,type:str]
     pgp: []
     unencrypted_suffix: _unencrypted
     version: 3.9.2

nixos/system/packages/sops/sops.nix

@@ -18,22 +18,7 @@
       neededForUsers = true;
     };
 
-    # SSH private keys
-    sops.secrets = {
-      "ssh_keys/masaoka" = {
-        path = "/home/${userSettings.username}/.ssh/id_masaoka";
-        owner = userSettings.username;
-        group = "users";
-      };
-    };
-
     users.users.${userSettings.username}.hashedPasswordFile = "${config.sops.secrets."${userSettings.hostname}/password-hash".path}";
-    security.pam.yubico.id =
+    security.pam.yubico.id = ["${config.sops.secrets.yubikey_id}".value];
-      []
-      ++ (
-        if config.program.yubikey.enable
-        then ["${config.sops.secrets.yubikey_id}".value]
-        else []
-      );
   };
 }

nixos/system/packages/yubikey.nix

@@ -7,60 +7,49 @@
   options = {
     program.yubikey = {
       enable = lib.mkEnableOption "Enable YubiKey authentication";
-      lock-on-remove = lib.mkEnableOption "Lock the session when the YubiKey is removed";
-      notify = lib.mkEnableOption "Notify when the YubiKey is touched";
     };
   };
 
-  config = lib.mkMerge [
+  config = lib.mkIf config.program.yubikey.enable {
-    (lib.mkIf config.program.yubikey.enable {
+    environment.systemPackages = with pkgs; [
-      environment.systemPackages = with pkgs; [
+      yubioath-flutter
-        yubioath-flutter
+      yubikey-manager
-        yubikey-manager
+      pam_u2f
-        pam_u2f
+    ];
-      ];
 
-      # Only have to be connected to the notebook
+    # Only have to be connected to the notebook
-      #security.pam.services = {
+    #security.pam.services = {
-      #  login.u2fAuth = true;
+    #  login.u2fAuth = true;
-      #  sudo.u2fAuth = true;
+    #  sudo.u2fAuth = true;
-      #};
+    #};
 
-      security.pam.yubico = {
+    security.pam.yubico = {
-        enable = true;
+      enable = true;
-        debug = false;
+      debug = false;
-        mode = "challenge-response";
+      mode = "challenge-response";
-        control = "sufficient";
+      control = "sufficient";
-        #! id = [ "1234567890" ];
+      #! id = [ "1234567890" ];
-        #! YubiKey ID is stored in SOPS
+      #! YubiKey ID is stored in SOPS
-        #! and is set in the module configuration
+      #! and is set in the module configuration
-        #! file ./sops/sops.nix
+      #! file ./sops/sops.nix
-      };
+    };
 
-      services.pcscd = {
+    services.pcscd = {
-        enable = true;
+      enable = true;
-      };
+    };
 
-      programs.gnupg.agent = {
+    programs.gnupg.agent = {
-        enable = true;
+      enable = true;
-        enableSSHSupport = true;
+      enableSSHSupport = true;
-      };
+    };
-    })
+
-    (lib.mkIf config.program.yubikey.notify {
+    services.udev.extraRules = ''
-      programs.yubikey-touch-detector = {
+      ACTION=="remove",\
-        enable = true;
+       ENV{ID_BUS}=="usb",\
-        libnotify = true;
+       ENV{ID_MODEL_ID}=="0407",\
-      };
+       ENV{ID_VENDOR_ID}=="1050",\
-    })
+       ENV{ID_VENDOR}=="Yubico",\
-    (lib.mkIf config.program.yubikey.lock-on-remove {
+       RUN+="${pkgs.systemd}/bin/loginctl lock-sessions"
-      services.udev.extraRules = ''
+    '';
-        ACTION=="remove",\
+  };
-         ENV{ID_BUS}=="usb",\
-         ENV{ID_MODEL_ID}=="0407",\
-         ENV{ID_VENDOR_ID}=="1050",\
-         ENV{ID_VENDOR}=="Yubico",\
-         RUN+="${pkgs.systemd}/bin/loginctl lock-sessions"
-      '';
-    })
-  ];
 }

nixos/system/settings/desktops.nix

@@ -60,6 +60,8 @@
       };
 
       services.udisks2.enable = true;
+      services.power-profiles-daemon.enable = true;
+
       security = {
         polkit.enable = true;
         pam.services.hyprlock = {};