Update dotfiles, nix config, home-manager

2022-12-29 18:31:28 +00:00 · 2022-12-29 18:31:28 +00:00 · 0556866761
parent 278c3f6adb
commit 0556866761
8 changed files with 506 additions and 586 deletions
--- a/.emacs.d/init.el
+++ b/.emacs.d/init.el
@ -124,7 +124,7 @@
 ;; Org styling, hide markup etc.
 org-hide-emphasis-markers t
 org-pretty-entities t
- org-ellipsis " >"
+ org-ellipsis " →"
 ;; Agenda styling
 org-agenda-tags-column 0
@ -148,6 +148,7 @@
 (use-package nix-mode :straight t
  :mode "\\.nix\\'")
 (use-package yaml-mode :straight t)
 (use-package svelte-mode :straight t)
 (use-package terraform-mode :straight t)
 (use-package yasnippet :straight t)
 (yas-global-mode 1)
--- a/.emacs.d/theme-day.el
+++ b/.emacs.d/theme-day.el
@ -0,0 +1,47 @@
 ;;; theme-day.el --- switch themes based on time of day and mode.                     -*- lexical-binding: t; -*-
 ;; Copyright (C) 2022 Gabriel Simmer
 ;; Author: Gabriel Simmer <gsimmer@protonmail.com>
 ;; Keywords: themes, utility
 ;; Version: 0.0.1
 ;;; Commentary:
 ;; This package provides a quick way of switching between predefined themes
 ;; with a simple toggle. Future versions may include a way of doing so automatically
 ;; at certain times of the day.
 ;;; Code:
 (require 'cl-lib)
 (defvar theme-day-keep-enabled '() "List of themes to keep enabled when toggling")
 (defconst theme-day-light 'modus-operandi
  "The theme to use during the day - preferably something lighter")
 (defconst theme-day-night 'modus-vivendi
  "The theme to use at night - preferably something dark")
 (defvar theme-day-current-theme theme-day-light)
 (defun swap-theme (new &optional keep)
  "Swaps out enabled theme(s) for new, keeping any specified"
  (setq enabled-themes (cl-intersection keep custom-enabled-themes))
  (push new enabled-themes)
  (customize-set-variable 'custom-enabled-themes enabled-themes))
 (defun theme-day-toggle ()
  (if (eq theme-day-current-theme theme-day-light)
 	  (progn
 		(theme-day-swap theme-day-night)
 		(setq theme-day-current-theme theme-day-night))
 	  (progn
 		(theme-day-swap theme-day-light)
 		(setq theme-day-current-theme theme-day-light))))
 (defun theme-day-swap (theme)
  "Trigger theme swap"
  (swap-theme theme theme-day-keep-enabled))
 (defun theme-day () (interactive) (theme-day-toggle))
 (provide 'theme-day)
 ;;; theme-day.el ends here
--- a/Dots.org
+++ b/Dots.org
@ -1,391 +0,0 @@
 * Dotfiles
 #+PROPERTY: header-args :mkdirp yes
 /now do it with orgmode!/
 original old configs are in =archive/=.
 ** Table of Contents
 :properties:
 :toc: :include all :ignore this
 :end:
 :contents:
 - [[#my-setup][My Setup]]
  - [[#zsh][zsh]]
  - [[#wezterm][WezTerm]]
  - [[#systemd-units][Systemd Units]]
  - [[#sublime-text][Sublime Text]]
  - [[#emacs][emacs]]
 :end:
 ** My Setup
   ...is a little in flux.
   Over the past several months, I've been investing time into [[https://blog.gabrielsimmer.com/posts/emacs-induction/][learning emacs]], replacing
   Sublime in my workflow. As a part of this I've also considered using Guix (see: =seedfile.org=),
   but am not quite there in my journey, so they aren't included here.
 *** zsh
    zsh is my choice of shell, with some written-in-Rust replacements for
    a few CLI tools.
 =.zshrc=
 #+begin_src shell :tangle .zshrc
 export ZSH="/home/gsimmer/.oh-my-zsh"
 ZSH_THEME="frisk"
 plugins=(git fzf zsh-autosuggestions)
 source $ZSH/oh-my-zsh.sh
 export GOPATH="/home/gsimmer/projects/go"
 export CARGOPATH="/home/gsimmer/.cargo/bin"
 export PATH="/home/gsimmer/.local/bin:$GOPATH/bin:$CARGOPATH:$PATH"
 # Starship init.
 #eval "$(starship init zsh)"
 # aliases for various Rust-based utils.
 if [ $(which exa) != 'exa not found' ]; then
   alias ls=exa
 fi
 if [ $(which bat) != 'bat not found' ]; then
   alias cat=bat
 fi
 if [ $(which rg) != 'rg not found' ]; then
   alias grep=rg
 fi
 export NVM_DIR="$HOME/.nvm"
 [ -s "$NVM_DIR/nvm.sh" ] && \. "$NVM_DIR/nvm.sh"  # This loads nvm
 [ -s "$NVM_DIR/bash_completion" ] && \. "$NVM_DIR/bash_completion"  # This loads nvm bash_completion
 export FLYCTL_INSTALL="/home/gsimmer/.fly"
 export PATH="$FLYCTL_INSTALL/bin:$PATH"
 #+end_src
 *** wezterm
    WezTerm is my terminal of choice these days, and is configured with Lua.
    Most of the tweaks from the default config are around using Monokai Pro
    colours.
 =.config/wezterm/wezterm.lua=
 #+begin_src lua :tangle .config/wezterm/wezterm.lua
 local wezterm = require 'wezterm';
 return {
  automatically_reload_config = true,
  font = wezterm.font("IBM Plex Mono"),
  window_close_confirmation = "NeverPrompt",
  font_size = 12,
  initial_cols = 120,
  initial_rows = 35,
  colors = {
      foreground = "#f7f1ff",
      background = "#222222",
      cursor_bg = "#8b888f",
      cursor_fg = "#f7f1ff",
      cursor_border = "#8b888f",
      selection_fg = "#363537",
      selection_bg = "#69676c",
      scrollbar_thumb = "#222222",
      split = "#fce566",
      tab_bar = {
      background = "#222222",
      active_tab = {
        bg_color = "#f7f1ff",
        fg_color = "#69676c",
        intensity = "Normal",
        underline = "None",
        italic = false,
        strikethrough = false,
      },
      inactive_tab = {
        bg_color = "#69676c",
        fg_color = "#f7f1ff",
      },
      inactive_tab_hover = {
        bg_color = "#69676c",
        fg_color = "#f7f1ff",
        italic = true,
      }
    }
  }
 }
 #+end_src
 *** systemd units
    When I move to Guix I expect I'll need to port these to Herd, but in the meantime...
 **** clock
     This runs a small webserver that renders a date that is fetched and displayed
     on a Raspberry Pi with a small eink display.
     You can read more about it [[https://dev.to/gmemstr/tiny-eink-dashboard-29a4][here]].
 =.config/systemd/user/clock.service=
 #+begin_src :tangle .config/systemd/user/clock.service
 [Unit]
 Description=eink Clock Server Daemon
 [Service]
 WorkingDirectory=/mnt/wd/Projects/eink-dashboard
 ExecStart=python server/main.py
 [Install]
 WantedBy=default.target
 #+end_src
 **** backup
     This runs the rclone command to back up my large data SSD to my NAS. Coupled with
     a timer.
 =.config/systemd/user/backup.service=
 #+begin_src :tangle .config/systemd/user/backup.service
 [Unit]
 Description=Backup Service for Projects
 Wants=gsimmer.timer
 [Service]
 Type=oneshot
 WorkingDirectory=/mnt/fhg
 ExecStart=bash rclone-pi.sh
 [Install]
 WantedBy=default.target
 #+end_src
 =.config/systemd/user/gsimmer.timer=
 #+begin_src :tangle .config/systemd/user/gsimmer.timer
 [Unit]
 Description=Runs backup script for project directories to Raspberry Pi.
 Requires=backup.service
 [Timer]
 Unit=backup.service
 OnBootSec=15min
 OnUnitActive=1w
 [Install]
 WantedBy=timers.target
 #+end_src
 *** emacs
    Ah, the star of the show! I'm still working on this configuration,
    and plan to split it into seperate files for each package. In the
    meantime, enjoy the monolith.
 =..emacs.d/init.el=
 #+begin_src elisp :tangle .emacs.d/init.el
 (setq inhibit-startup-message t)
 ;; neccesary non-package related config
 (setq auto-save-default nil)
 (setq make-backup-files nil)
 (global-set-key (kbd "<escape>") 'keyboard-escape-quit)
 (set-face-attribute 'default nil :font "IBM Plex Mono" :height 120)
 (scroll-bar-mode -1)
 (tool-bar-mode -1)
 (set-fringe-mode 10)
 (menu-bar-mode -1)
 (setq org-edit-src-content-indentation 0
      org-src-tab-acts-natively t
      org-src-preserve-indentation t)
 ;; stupid hacks
 (global-set-key (kbd "C-c y") 'clipboard-yank)
 (global-set-key (kbd "C-c x") 'kill-ring-save)
 ;; straight.el bootstrapping
 (defvar bootstrap-version)
 (let ((bootstrap-file
       (expand-file-name "straight/repos/straight.el/bootstrap.el" user-emacs-directory))
      (bootstrap-version 5))
  (unless (file-exists-p bootstrap-file)
    (with-current-buffer
        (url-retrieve-synchronously
         "https://raw.githubusercontent.com/raxod502/straight.el/develop/install.el"
         'silent 'inhibit-cookies)
      (goto-char (point-max))
      (eval-print-last-sexp)))
  (load bootstrap-file nil 'nomessage))
 ;; package list we want installed
 ;; first grab use-package :3
 (straight-use-package 'use-package)
 (use-package el-patch :straight t)
 (use-package monokai-pro-theme
  :straight t
  :config (load-theme 'monokai-pro-spectrum t))
 (use-package doom-modeline
  :straight t
  :init (doom-modeline-mode 1)
  :custom (doom-mode-line-height 14))
 (use-package all-the-icons :straight t)
 (use-package paredit
  :straight t
  :config
  (add-hook 'emacs-lisp-mode-hook #'paredit-mode)
  (add-hook 'lisp-interaction-mode-hook #'paredit-mode)
  (add-hook 'ielm-mode-hook #'paredit-mode)
  (add-hook 'lisp-mode-hook #'paredit-mode)
  (add-hook 'eval-expression-minibuffer-setup-hook #'paredit-mode))
 (use-package which-key
  :straight t
  :config (which-key-mode))
 (use-package projectile
  :straight t
  :init (projectile-mode +1)
  :config (setq projectile-project-search-path '("~/projects"))
  :bind (:map projectile-mode-map
 	      ("s-p" . projectile-command-map)
 	      ("C-c p" . projectile-command-map)))
 (use-package treemacs
  :straight t
  :init (with-eval-after-load 'winum
 	  (define-key winum-keymap (kbd "M-0") #'treemacs-select-window))
  :bind
  (:map global-map
 	("M-0" . treemacs-select-window)
 	("C-x t t" . treemacs)
 	("C-x t C-t" . treemacs-find-file)))
 (use-package treemacs-projectile
  :straight t
  :after (treemacs projectile))
 ;; I hate that I need this, but WSL is /special/.
 (when (and (eq system-type 'gnu/linux)
           (getenv "WSLENV"))
  (use-package exec-path-from-shell :straight t)
  (exec-path-from-shell-initialize)
 )
 ;; lsp-mode stuff
 (use-package eglot :straight t
 	     :config (add-hook 'go-mode-hook 'eglot-ensure))
 (use-package company :straight t
  :config
  (add-hook 'after-init-hook 'global-company-mode)
  (setq company-idle-delay 0)
  (setq company-minimum-prefix-length 1))
 (use-package go-mode :straight t)
 #+end_src
 *** sublime text
    Although I've moved to emacs for what I would use Sublime for, I still
    keep this configuration around for quick setup in the case I need it
    (e.g a virtual machine).
    Most of these settings are for Monokai Pro.
 =.config/sublime-text-3/Packages/User/Preferences.sublime-settings=
 #+begin_src json :tangle .config/sublime-text-3/Packages/User/Preferences.sublime-setting
 {
 	"auto_complete_delay": 20,
 	"color_scheme": "Monokai Pro (Filter Spectrum).sublime-color-scheme",
 	"font_face": "Iosevka Regular",
 	"font_size": 13,
 	"ignored_packages":
 	[
 		"Rust",
 		"Vintage"
 	],
 	"monokai_pro_file_icons": true,
 	"monokai_pro_highlight_open_folders": true,
 	"monokai_pro_minimal": true,
 	"monokai_pro_sidebar_headings": true,
 	"monokai_pro_style_title_bar": true,
 	"monokai_pro_ui_font_face": "IBM Plex Mono",
 	"rulers":
 	[
 		80
 	],
 	"theme": "Monokai Pro (Filter Spectrum).sublime-theme",
 	"mini_diff": "auto",
 	"hardware_acceleration": "opengl",
 	"themed_title_bar": true,
 }
 #+end_src
    I also keep a Package Control file to auto install stuff.
 =.config/sublime-text-3/Packages/User/Package Control.sublime-settings=
 #+begin_src json :tangle .config/sublime-text-3/Packages/User/Package Control.sublime-settings
 {
 	"bootstrapped": true,
 	"debug": true,
 	"in_process_packages":
 	[
 	],
 	"installed_packages":
 	[
 		"Dockerfile Syntax Highlighting",
 		"Emmet",
 		"GitGutter",
 		"Gofmt",
 		"Golang Build",
 		"HexViewer",
 		"LSP",
 		"LSP-bash",
 		"LSP-intelephense",
 		"LSP-pyright",
 		"LSP-SourceKit",
 		"LSP-typescript",
 		"LSP-yaml",
 		"Package Control",
 		"paredit",
 		"Rust Enhanced",
 		"SideBarEnhancements",
 		"SublimeLinter",
 		"Swift",
 		"Theme - Monokai Pro",
 		"TOML",
 		"TypeScript",
 	],
 }
 #+end_src
    And a Markdown specific configuration to bring the distraction-free
    mode to the default windowed view.
 =.config/sublime-text-3/Packages/User/Markdown.sublime-settings=
 #+begin_src json :tangle .config/sublime-text-3/Packages/User/Markdown.sublime-settings
 {
    "auto_complete": false,	
    "ignored_packages": ["Vintage", "Emmet", "SublimeCodeIntel"],
    "draw_centered": true,
    "spell_check": true,
    "tab_completion": false,
    "auto_complete_triggers": [],
    "word_wrap": true,
    "line_numbers": false,
    "gutter": false,
    "wrap_width": 80,
    "word_wrap": true,
    "scroll_past_end": true
 }
 #+end_src
--- a/Home.org
+++ b/Home.org
@ -0,0 +1,96 @@
 #+title: Home Manager Configurations
 #+cdPROPERTY: header-args :mkdirp yes
 * Abstract
 I use home-manager to manage my... home. 'nuff said?
 * London
 #+begin_src nix :tangle home-manager/london.nix
 { config, pkgs, callPackage, ... }:
 {
  nixpkgs.overlays = [
    (import (builtins.fetchTarball {
      url = https://github.com/nix-community/emacs-overlay/archive/master.tar.gz;
    }))
  ];
  home.username = "gsimmer";
  home.homeDirectory = "/home/gsimmer";
  nixpkgs.config.allowUnfree = true;
  programs.bash.enable = false;
  programs.zsh = {
    enable = true;
    shellAliases = {
      cat = "bat";
    };
    oh-my-zsh = {
      enable = true;
      plugins = [ "git" ];
      theme = "robbyrussell";
    };
  };
  programs.direnv = {
    enable = true;
    nix-direnv.enable = true;
  };
  services.lorri.enable = true;
  programs.git = {
    enable = true;
    userName = "Gabriel Simmer";
    userEmail = "gsimmer@protonmail.com";
    signing = {
      key = "C81B106D46C5B875";
      signByDefault = true;
    };
  };
  programs.emacs = {
    enable = true;
    package = pkgs.emacsGit;
  };
  programs.exa = {
    enable = true;
    enableAliases = true;
  };
  programs.bat = {
    enable = true;
  };
  home.packages = with pkgs; [ 
    discord
    spotify
    bitwarden-cli
    mullvad-vpn
    transmission-qt
    vlc
    obs-studio
    python3
    lmms
    prismlauncher
    ripgrep
  ];
  # This value determines the Home Manager release that your
  # configuration is compatible with. This helps avoid breakage
  # when a new Home Manager release introduces backwards
  # incompatible changes.
  #
  # You can update Home Manager without changing this value. See
  # the Home Manager release notes for a list of state version
  # changes in each release.
  home.stateVersion = "22.05";
  # Let Home Manager install and manage itself.
  programs.home-manager.enable = true;
 }
 #+end_src
--- a/Systems.org
+++ b/Systems.org
@ -1,3 +1,4 @@
 #+title: NixOS System Configurations
 #+PROPERTY: header-args :mkdirp yes
 * Systems
@ -10,7 +11,10 @@ this is pretty close to the default configuration.
   London is my primary desktop.
   Be sure to import the hardware configuration the Nix installer generates.
 #+begin_src nix :tangle nix/configuration.nix
 # Tangled in ../Systems.org
 { config, pkgs, ... }:
 {
@ -18,55 +22,115 @@ this is pretty close to the default configuration.
    [
      ./hardware-configuration.nix
    ];
 #+end_src
-  nixpkgs.config.allowUnfree = true;
+Bootloader is GRUB so I can dual boot Windows. =enableCryptodisk= is annoying but apparently neccesary.
-  boot.kernelPackages = pkgs.linuxPackages_latest;
+#+begin_src nix :tangle nix/configuration.nix
  boot.loader.grub = {
    enable = true;
    version = 2;
    device = "nodev";
    useOSProber = true;
    efiSupport = true;
    enableCryptodisk = true;
    canTouchEfiVariables = true;
    efiSysMountPoint = "/boot/efi";
  };
 #+end_src
-  # Use the systemd-boot EFI boot loader.
+Basic system stuff that I won't really touch by hand. Importantly, enabled nix flakes.
  boot.loader.systemd-boot.enable = true;
  boot.loader.efi.canTouchEfiVariables = true;
-  networking.hostName = "london";
+#+begin_src nix :tangle nix/configuration.nix
  boot.binfmt.emulatedSystems = [ "aarch64-linux" ];
  boot.kernelPackages = pkgs.linuxPackages_6_0;
-  # i18n stuff.
+  # Setup keyfile
-  time.timeZone = "Europe/London";
+  boot.initrd.secrets = {
-  i18n.defaultLocale = "en_US.UTF-8";
+    "/crypto_keyfile.bin" = null;
  console = {
    font = "Lat2-Terminus16";
    keyMap = "us";
  };
-  # Networking stuff.
+  # Enable swap on luks
-  networking.useDHCP = false;
+  boot.initrd.luks.devices."luks-63100442-37df-4579-a787-cb2f2c67b3d1".device = "/dev/disk/by-uuid/63100442-37df-4579-a787-cb2f2c67b3d1";
-  networking.interfaces.enp4s0.useDHCP = true;
+  boot.initrd.luks.devices."luks-63100442-37df-4579-a787-cb2f2c67b3d1".keyFile = "/crypto_keyfile.bin";
  nix.settings.experimental-features = [ "nix-command" "flakes" ];
  time.timeZone = "Europe/London";
  i18n.defaultLocale = "en_GB.utf8";
 #+end_src
 Networking stuff. I use Tailscale as a mesh VPN, and Mullvad for "privacy".
 #+begin_src nix :tangle nix/configuration.nix
  networking.hostName = "LONDON"; # Define your hostname.
  # Enable networking
  networking.networkmanager.enable = true;
  systemd.services.NetworkManager-wait-online.enable = false;
  networking.firewall.checkReversePath = "loose";
  networking.firewall.allowedTCPPorts = [ 3389 ]; # for RDP
  services.mullvad-vpn.enable = true;
  services.tailscale.enable = true;
 #+end_src
 Next, X11! I haven't quite made the switch to Wayland. Theoretically Plasma supports it but it doesn't seem to want to work. Long term I want to run Sway on an ultrawide. I also enable RDP in case I need to remote back into my desktop (if I can't use SSH for whatever reason). Also enable the nvidia drivers here.
 #+begin_src nix :tangle nix/configuration.nix
  # Enable the X11 windowing system.
  services.xserver.enable = true;
  services.xserver.videoDrivers = [ "nvidia" ];
-  hardware.opengl = {
+  # Enable the KDE Plasma Desktop Environment.
-    enable = true;
+  services.xserver.displayManager.sddm.enable = true;
-    extraPackages = with pkgs; [
+  services.xserver.desktopManager.plasma5.enable = true;
      vaapiIntel
      vaapiVdpau
      libvdpau-va-gl
    ];
    setLdLibraryPath = true;
    driSupport32Bit = true;
  };
  # Required for Proton games to function.
  programs.steam.enable = true;
-  # Enable the GNOME Desktop Environment.
+  services.xrdp.enable = true;
-  services.xserver.displayManager.gdm.enable = true;
+  services.xrdp.defaultWindowManager = "startplasma-x11";
  services.xserver.desktopManager.gnome.enable = true;
  # Configure keymap in X11
-  services.xserver.layout = "us";
+  services.xserver = {
    layout = "us";
    xkbVariant = "";
  };
-  # Disabled and replaced with Pipewire.
+  
  # Allow unfree packages
  nixpkgs.config.allowUnfree = true;
  services.xserver.videoDrivers = [ "nvidia" ];
  hardware.opengl.enable = true;
 #+end_src
 Basic user setup. I use home-manager for my profile applications so just give me vim and that's it (I actually use emacs, but it doesn't hurt to have a fallback).
 #+begin_src nix :tangle nix/configuration.nix
  programs.zsh.enable = true;
  environment.shells = with pkgs; [ zsh ];
  users.users.gsimmer = {
    shell = pkgs.zsh;
    isNormalUser = true;
    description = "Gabriel Simmer";
    extraGroups = [ "networkmanager" "wheel" ];
    packages = with pkgs; [ vim ];
  };
 #+end_src
 Misc. utilities. Printing, sound, Docker, Steam, fonts. Why is Steam installed at a system level? I don't know. I think I got confused. This will be move to home-manager at some point.
 #+begin_src nix :tangle nix/configuration.nix
  environment.systemPackages = with pkgs; [
    os-prober
    tailscale
    cifs-utils
    pinentry-curses
  ];
  # Enable CUPS to print documents.
  services.printing.enable = true;
  # Enable sound with pipewire.
  sound.enable = true;
  hardware.pulseaudio.enable = false;
  security.rtkit.enable = true;
  services.pipewire = {
@ -74,52 +138,55 @@ this is pretty close to the default configuration.
    alsa.enable = true;
    alsa.support32Bit = true;
    pulse.enable = true;
-    jack.enable = true;
+    # If you want to use JACK applications, uncomment this
    #jack.enable = true;
  };
-  programs.zsh.enable = true;
+  virtualisation = {
-  users.users.gsimmer = {
+    docker = {
-    isNormalUser = true;
+      enable = true;
-    shell = pkgs.zsh;
+      rootless = {
-    extraGroups = [ "wheel" "networkmanager" ];
+        enable = true;
        setSocketVariable = true;
      };
    };
  };
-  environment.systemPackages = with pkgs; [
+  programs.dconf.enable = true;
-    vim
+
-    wget
+  programs.steam = {
-    firefox
+    enable = true;
-    emacs
+    remotePlay.openFirewall = true;
-    curl
+    dedicatedServer.openFirewall = false;
-    podman
+  };
-    tailscale
+
  fonts.fonts = with pkgs; [
    ibm-plex
    jetbrains-mono
  ];
-  services.flatpak.enable = true;
+
-  xdg.portal.enable = true;
+  services.yubikey-agent.enable = true;
-  programs.mtr.enable = true;
+  services.pcscd.enable = true;
  # Some programs need SUID wrappers, can be configured further or are
  # started in user sessions.
  # programs.mtr.enable = true;
  programs.gnupg.agent = {
    enable = true;
    pinentryFlavor = "curses";
    enableSSHSupport = true;
  };
-  networking.firewall.enable = false;
+  system.stateVersion = "22.05";
  boot.binfmt.emulatedSystems = [ "aarch64-linux" ];
  # This value determines the NixOS release from which the default
  # settings for stateful data, like file locations and database versions
  # on your system were taken. It‘s perfectly fine and recommended to leave
  # this value at the release version of the first install of this system.
  # Before changing this value read the documentation for this option
  # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
  system.stateVersion = "21.05"; # Did you read the comment?
 }
 #+end_src
-My goal here is to leverage the hardware configuration generated by
+Hardware configuration generated by the NixOS installer.
 the NixOS to seperate out the specific-to-my-current-hardware configuration.
 #+begin_src nix :tangle nix/hardware-configuration.nix
 # Do not modify this file!  It was generated by ‘nixos-generate-config’
 # and may be overwritten by future invocations.  Please make changes
 # to /etc/nixos/configuration.nix instead.
 { config, lib, pkgs, modulesPath, ... }:
 {
@ -127,63 +194,51 @@ the NixOS to seperate out the specific-to-my-current-hardware configuration.
    [ (modulesPath + "/installer/scan/not-detected.nix")
    ];
-  boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" "ahci" "usbhid" "usb_storage" "sd_mod" ];
+  boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" "ahci" "usb_storage" "usbhid" "sd_mod" ];
  boot.initrd.kernelModules = [ ];
  boot.kernelModules = [ "kvm-amd" ];
  boot.extraModulePackages = [ ];
  services.xserver = {
    libinput = {
      enable = true;
      mouse = { accelProfile = "flat"; };
    };
  };
  fileSystems."/" =
-    { device = "/dev/disk/by-uuid/eb8699bd-a9e9-4166-8879-559b244caa20";
+    { device = "/dev/disk/by-uuid/cd6f3e34-65ce-4be5-b4d4-6818e70dcff3";
      fsType = "ext4";
      options = [ "noatime" "nodiratime" "discard" ];
    };
-  fileSystems."/boot" =
+  boot.initrd.luks.devices."luks-0cd5d85e-e232-4f75-a8b3-087737657fef".device = "/dev/disk/by-uuid/0cd5d85e-e232-4f75-a8b3-087737657fef";
-    { device = "/dev/disk/by-uuid/D582-4408";
+
  fileSystems."/boot/efi" =
    { device = "/dev/disk/by-uuid/AB23-FA19";
      fsType = "vfat";
      options = [ "noatime" "nodiratime" "discard" ];
    };
-  fileSystems."/mnt/wd" =
+  fileSystems."/home/gsimmer/FHG" = {
-    { device = "/dev/disk/by-partlabel/WD";
+    device = "/dev/disk/by-label/FHG";
    fsType = "ext4";
      options = [ "noatime" "nodiratime" "discard" ];
    };
  fileSystems."/mnt/fhg" =
    { device = "/dev/disk/by-label/FHG";
      fsType = "ext4";
      options = [ "noatime" "nodiratime" "discard" ];
  };
  swapDevices =
-    [ { device = "/dev/disk/by-uuid/8a0c74ad-a88f-4ecd-a6ac-d7985355bce6"; }
+    [ { device = "/dev/disk/by-uuid/c50f2d93-2f31-4afc-ad26-4730a8f4b7f0"; }
    ];
-  # high-resolution display
+  networking.useDHCP = lib.mkDefault true;
  hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
  hardware.video.hidpi.enable = lib.mkDefault true;
 }
 #+end_src
 ** Raspberry Pis
 /This section is deprecated, as my Pis now run Raspbian with k3s./
 I have two Raspberry Pis - a 3B+ ("watcher"), and a 4 ("panda"). Watcher
 serves as a watchdog for my self hosted services, usually living on Panda.
 *** The Installer Image
-    Very minimal changes required here, only really need to enabled the SSH daemon
+Very minimal changes required here, only really need to enabled the SSH daemon and add my key so I can push the actual configuration.
    and add my key so I can push the actual configuration.
-    I might investigate bundling the "real" configurations into the live installer
+I might investigate bundling the "real" configurations into the live installer image, so I have to run fewer commands.
    image, so I have to run fewer commands.
    [[https://nixos.wiki/wiki/NixOS_on_ARM#Getting_the_installer][More info on the NixOS Wiki]]
@ -203,7 +258,6 @@ the NixOS to seperate out the specific-to-my-current-hardware configuration.
    openssh.authorizedKeys.keys = ["ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILIztwQxt+jqroFONSgq+xzPMuE2I5Dq/zWPQ8RcTYJr gabriel@gitgalaxy.com"];
  };
 }
 #+end_src
 *** Watcher
--- a/home-manager/london.nix
+++ b/home-manager/london.nix
@ -0,0 +1,85 @@
 { config, pkgs, callPackage, ... }:
 {
  nixpkgs.overlays = [
    (import (builtins.fetchTarball {
      url = https://github.com/nix-community/emacs-overlay/archive/master.tar.gz;
    }))
  ];
  home.username = "gsimmer";
  home.homeDirectory = "/home/gsimmer";
  nixpkgs.config.allowUnfree = true;
  programs.bash.enable = false;
  programs.zsh = {
    enable = true;
    shellAliases = {
      cat = "bat";
    };
    oh-my-zsh = {
      enable = true;
      plugins = [ "git" ];
      theme = "robbyrussell";
    };
  };
  programs.direnv = {
    enable = true;
    nix-direnv.enable = true;
  };
  services.lorri.enable = true;
  programs.git = {
    enable = true;
    userName = "Gabriel Simmer";
    userEmail = "gsimmer@protonmail.com";
    signing = {
      key = "C81B106D46C5B875";
      signByDefault = true;
    };
  };
  programs.emacs = {
    enable = true;
    package = pkgs.emacsGit;
  };
  programs.exa = {
    enable = true;
    enableAliases = true;
  };
  programs.bat = {
    enable = true;
  };
  home.packages = with pkgs; [ 
    discord
    spotify
    bitwarden-cli
    mullvad-vpn
    transmission-qt
    vlc
    obs-studio
    python3
    lmms
    prismlauncher
    ripgrep
  ];
  # This value determines the Home Manager release that your
  # configuration is compatible with. This helps avoid breakage
  # when a new Home Manager release introduces backwards
  # incompatible changes.
  #
  # You can update Home Manager without changing this value. See
  # the Home Manager release notes for a list of state version
  # changes in each release.
  home.stateVersion = "22.05";
  # Let Home Manager install and manage itself.
  programs.home-manager.enable = true;
 }
--- a/nix/configuration.nix
+++ b/nix/configuration.nix
@ -1,3 +1,4 @@
 # Tangled in ../Systems.org
 { config, pkgs, ... }:
 {
@ -6,54 +7,89 @@
      ./hardware-configuration.nix
    ];
-  nixpkgs.config.allowUnfree = true;
+  boot.loader.grub = {
-
+    enable = true;
-  boot.kernelPackages = pkgs.linuxPackages_latest;
+    version = 2;
-
+    device = "nodev";
-  # Use the systemd-boot EFI boot loader.
+    useOSProber = true;
-  boot.loader.systemd-boot.enable = true;
+    efiSupport = true;
-  boot.loader.efi.canTouchEfiVariables = true;
+    enableCryptodisk = true;
-
+    canTouchEfiVariables = true;
-  networking.hostName = "london";
+    efiSysMountPoint = "/boot/efi";
  # i18n stuff.
  time.timeZone = "Europe/London";
  i18n.defaultLocale = "en_US.UTF-8";
  console = {
    font = "Lat2-Terminus16";
    keyMap = "us";
  };
-  # Networking stuff.
+  boot.binfmt.emulatedSystems = [ "aarch64-linux" ];
-  networking.useDHCP = false;
+  boot.kernelPackages = pkgs.linuxPackages_6_0;
-  networking.interfaces.enp4s0.useDHCP = true;
+
  # Setup keyfile
  boot.initrd.secrets = {
    "/crypto_keyfile.bin" = null;
  };
  # Enable swap on luks
  boot.initrd.luks.devices."luks-63100442-37df-4579-a787-cb2f2c67b3d1".device = "/dev/disk/by-uuid/63100442-37df-4579-a787-cb2f2c67b3d1";
  boot.initrd.luks.devices."luks-63100442-37df-4579-a787-cb2f2c67b3d1".keyFile = "/crypto_keyfile.bin";
  nix.settings.experimental-features = [ "nix-command" "flakes" ];
  time.timeZone = "Europe/London";
  i18n.defaultLocale = "en_GB.utf8";
  networking.hostName = "LONDON"; # Define your hostname.
  # Enable networking
  networking.networkmanager.enable = true;
  systemd.services.NetworkManager-wait-online.enable = false;
  networking.firewall.checkReversePath = "loose";
  networking.firewall.allowedTCPPorts = [ 3389 ]; # for RDP
  services.mullvad-vpn.enable = true;
  services.tailscale.enable = true;
  # Enable the X11 windowing system.
  services.xserver.enable = true;
  services.xserver.videoDrivers = [ "nvidia" ];
-  hardware.opengl = {
+  # Enable the KDE Plasma Desktop Environment.
-    enable = true;
+  services.xserver.displayManager.sddm.enable = true;
-    extraPackages = with pkgs; [
+  services.xserver.desktopManager.plasma5.enable = true;
      vaapiIntel
      vaapiVdpau
      libvdpau-va-gl
    ];
    setLdLibraryPath = true;
    driSupport32Bit = true;
  };
  # Required for Proton games to function.
  programs.steam.enable = true;
-  # Enable the GNOME Desktop Environment.
+  services.xrdp.enable = true;
-  services.xserver.displayManager.gdm.enable = true;
+  services.xrdp.defaultWindowManager = "startplasma-x11";
  services.xserver.desktopManager.gnome.enable = true;
  # Configure keymap in X11
-  services.xserver.layout = "us";
+  services.xserver = {
    layout = "us";
    xkbVariant = "";
  };
-  # Disabled and replaced with Pipewire.
+  
  # Allow unfree packages
  nixpkgs.config.allowUnfree = true;
  services.xserver.videoDrivers = [ "nvidia" ];
  hardware.opengl.enable = true;
  programs.zsh.enable = true;
  environment.shells = with pkgs; [ zsh ];
  users.users.gsimmer = {
    shell = pkgs.zsh;
    isNormalUser = true;
    description = "Gabriel Simmer";
    extraGroups = [ "networkmanager" "wheel" ];
    packages = with pkgs; [ vim ];
  };
  environment.systemPackages = with pkgs; [
    os-prober
    tailscale
    cifs-utils
    pinentry-curses
  ];
  # Enable CUPS to print documents.
  services.printing.enable = true;
  # Enable sound with pipewire.
  sound.enable = true;
  hardware.pulseaudio.enable = false;
  security.rtkit.enable = true;
  services.pipewire = {
@ -61,43 +97,44 @@
    alsa.enable = true;
    alsa.support32Bit = true;
    pulse.enable = true;
-    jack.enable = true;
+    # If you want to use JACK applications, uncomment this
    #jack.enable = true;
  };
-  programs.zsh.enable = true;
+  virtualisation = {
-  users.users.gsimmer = {
+    docker = {
-    isNormalUser = true;
+      enable = true;
-    shell = pkgs.zsh;
+      rootless = {
-    extraGroups = [ "wheel" "networkmanager" ];
+        enable = true;
        setSocketVariable = true;
      };
    };
  };
-  environment.systemPackages = with pkgs; [
+  programs.dconf.enable = true;
-    vim
+
-    wget
+  programs.steam = {
-    firefox
+    enable = true;
-    emacs
+    remotePlay.openFirewall = true;
-    curl
+    dedicatedServer.openFirewall = false;
-    podman
+  };
-    tailscale
+
  fonts.fonts = with pkgs; [
    ibm-plex
    jetbrains-mono
  ];
-  services.flatpak.enable = true;
+
-  xdg.portal.enable = true;
+  services.yubikey-agent.enable = true;
-  programs.mtr.enable = true;
+  services.pcscd.enable = true;
  # Some programs need SUID wrappers, can be configured further or are
  # started in user sessions.
  # programs.mtr.enable = true;
  programs.gnupg.agent = {
    enable = true;
    pinentryFlavor = "curses";
    enableSSHSupport = true;
  };
-  networking.firewall.enable = false;
+  system.stateVersion = "22.05";
  boot.binfmt.emulatedSystems = [ "aarch64-linux" ];
  # This value determines the NixOS release from which the default
  # settings for stateful data, like file locations and database versions
  # on your system were taken. It‘s perfectly fine and recommended to leave
  # this value at the release version of the first install of this system.
  # Before changing this value read the documentation for this option
  # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
  system.stateVersion = "21.05"; # Did you read the comment?
 }
--- a/nix/hardware-configuration.nix
+++ b/nix/hardware-configuration.nix
@ -1,3 +1,6 @@
 # Do not modify this file!  It was generated by ‘nixos-generate-config’
 # and may be overwritten by future invocations.  Please make changes
 # to /etc/nixos/configuration.nix instead.
 { config, lib, pkgs, modulesPath, ... }:
 {
@ -5,46 +8,34 @@
    [ (modulesPath + "/installer/scan/not-detected.nix")
    ];
-  boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" "ahci" "usbhid" "usb_storage" "sd_mod" ];
+  boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" "ahci" "usb_storage" "usbhid" "sd_mod" ];
  boot.initrd.kernelModules = [ ];
  boot.kernelModules = [ "kvm-amd" ];
  boot.extraModulePackages = [ ];
  services.xserver = {
    libinput = {
      enable = true;
      mouse = { accelProfile = "flat"; };
    };
  };
  fileSystems."/" =
-    { device = "/dev/disk/by-uuid/eb8699bd-a9e9-4166-8879-559b244caa20";
+    { device = "/dev/disk/by-uuid/cd6f3e34-65ce-4be5-b4d4-6818e70dcff3";
      fsType = "ext4";
      options = [ "noatime" "nodiratime" "discard" ];
    };
-  fileSystems."/boot" =
+  boot.initrd.luks.devices."luks-0cd5d85e-e232-4f75-a8b3-087737657fef".device = "/dev/disk/by-uuid/0cd5d85e-e232-4f75-a8b3-087737657fef";
-    { device = "/dev/disk/by-uuid/D582-4408";
+
  fileSystems."/boot/efi" =
    { device = "/dev/disk/by-uuid/AB23-FA19";
      fsType = "vfat";
      options = [ "noatime" "nodiratime" "discard" ];
    };
-  fileSystems."/mnt/wd" =
+  fileSystems."/home/gsimmer/FHG" = {
-    { device = "/dev/disk/by-partlabel/WD";
+    device = "/dev/disk/by-label/FHG";
    fsType = "ext4";
      options = [ "noatime" "nodiratime" "discard" ];
    };
  fileSystems."/mnt/fhg" =
    { device = "/dev/disk/by-label/FHG";
      fsType = "ext4";
      options = [ "noatime" "nodiratime" "discard" ];
  };
  swapDevices =
-    [ { device = "/dev/disk/by-uuid/8a0c74ad-a88f-4ecd-a6ac-d7985355bce6"; }
+    [ { device = "/dev/disk/by-uuid/c50f2d93-2f31-4afc-ad26-4730a8f4b7f0"; }
    ];
-  # high-resolution display
+  networking.useDHCP = lib.mkDefault true;
  hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
  hardware.video.hidpi.enable = lib.mkDefault true;
 }