chris/sneeuwvlok
chris/sneeuwvlok
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

FINALLY, it was stylix that was breaking the desktop!!!

Browse source
This commit is contained in:
Chris Kruining 2025-03-23 16:12:22 +01:00
parent ec7429d384
commit 32f2213e88
Signed by: chris
SSH key fingerprint: SHA256:nG82MUfuVdRVyCKKWqhY+pCrbz9nbX6uzUns4RKa1Pg
10 changed files with 317 additions and 234 deletions
Download patch file Download diff file Expand all files Collapse all files

26
default.nix
View file

@ -1,26 +0,0 @@
{ inputs, config, lib, pkgs, ... }:
let
inherit (builtins) toString;
inherit (lib.modules) mkAliasOptionModule mkIf;
inherit (lib.my) mapModulesRec' mapModules mkSysUser mkHmUser;
in
{
imports = [
inputs.sops-nix.nixosModules.sops
];
config = {
nix.settings.experimental-features = [ "nix-command" "flakes" ];
environment.variables = {
NIXPKGS_ALLOW_UNFREE = "1";
};
sops = {
defaultSopsFile = ./secrets/secrets.yml;
defaultSopsFormat = "yml";
age.keyFile = "/home/";
};
};
}

7
flake.nix
View file

@ -74,12 +74,7 @@
};
};
nixosModules =
{
sneeuwvlok = import ./.;
}
// mapModulesRec ./modules import;
nixosModules = mapModulesRec ./modules import;
nixosConfigurations = mapHosts ./hosts {};
};
}

3
lib/nixos.nix
View file

@ -27,7 +27,7 @@ in rec
inputs.nixos-boot.nixosModules.default
({ options, config, ...}: {
nixpkgs.pkgs = pkgs;
networking.hostName = mkDefault (removeSuffix ".nix" (baseNameOf path));
system = {
@ -57,7 +57,6 @@ in rec
};
})
(filterAttrs (n: v: !elem n ["system"]) attrs)
../. # ../default.nix
(import path)
]
++ (map (user: {

315
modules/home/desktop/plasma.nix
View file

@ -51,135 +51,222 @@ in
sharedModules = [
inputs.plasma-manager.homeManagerModules.plasma-manager
];
};
home-manager.users.${user}.programs.plasma = {
enable = true;
immutableByDefault = false;
windows.allowWindowsToRememberPositions = true;
users.${user}.programs.plasma = {
enable = true;
immutableByDefault = true;
windows.allowWindowsToRememberPositions = true;
workspace = {
colorScheme = "CatppuccinMocha";
};
spectacle.shortcuts = {
captureRectangularRegion = "Meta+Shift+S";
};
kwin = {
edgeBarrier = 0;
cornerBarrier = false;
effects = {
translucency.enable = true;
blur = {
enable = true;
strength = 5;
noiseStrength = 5;
};
snapHelper.enable = true;
workspace = {
colorScheme = "CatppuccinMocha";
wallpaper = config.stylix.image;
};
};
panels = [
# Windows-like panel at the bottom
{
location = "bottom";
widgets = [
"org.kde.plasma.kickoff"
{
name = "org.kde.plasma.icontasks";
config = {
launchers = [
"preferred://browser"
"applications:org.kde.konsole.desktop"
"applications:org.kde.dolphin.desktop"
"applications:equibop.desktop"
"applications:code.desktop"
"applications:com.obsproject.Studio"
"applications:spotify.desktop"
];
};
}
"org.kde.plasma.systemtray"
"org.kde.plasma.digitalclock"
];
floating = true;
minLength = 1743;
maxLength = 1920;
hiding = "dodgewindows";
}
];
powerdevil = {
AC = {
powerButtonAction = "shutDown";
whenLaptopLidClosed = "doNothing";
autoSuspend.action = "nothing";
dimDisplay.enable = false;
turnOffDisplay = {
idleTimeout = "never";
};
spectacle.shortcuts = {
captureRectangularRegion = "Meta+Shift+S";
};
battery = {
powerButtonAction = "shutDown";
whenLaptopLidClosed = "doNothing";
autoSuspend.action = "nothing";
dimDisplay.enable = false;
kwin = {
edgeBarrier = 0;
cornerBarrier = false;
turnOffDisplay = {
idleTimeout = "never";
};
effects = {
translucency.enable = true;
blur = {
enable = true;
strength = 5;
noiseStrength = 5;
};
snapHelper.enable = true;
};
};
lowBattery = {
powerButtonAction = "shutDown";
whenLaptopLidClosed = "doNothing";
autoSuspend.action = "nothing";
dimDisplay.enable = false;
panels = [
# Windows-like panel at the bottom
{
location = "bottom";
floating = true;
lengthMode = "fill";
height = 32;
hiding = "dodgewindows";
screen = "all";
widgets = [
{
kickoff = {
applicationsDisplayMode = "list";
compactDisplayStyle = false;
favoritesDisplayMode = "grid";
sortAlphabetically = true;
showButtonsFor = {
custom = [
"shutdown"
"reboot"
"logout"
"lock-screen"
];
};
showActionButtonCaptions = true;
};
}
{
appMenu = {
compactView = false;
};
}
{
panelSpacer = {
expanding = true;
};
}
{
iconTasks = {
appearance = {
fill = false;
highlightWindows = true;
iconSpacing = "medium";
indicateAudioStreams = true;
rows = {
multirowView = "never";
maximum = null;
};
showTooltips = true;
};
behavior = {
grouping = {
clickAction = "showPresentWindowsEffect";
method = "byProgramName";
};
minimizeActiveTaskOnClick = true;
newTasksAppearOn = "right";
showTasks = {
onlyInCurrentActivity = true;
onlyInCurrentDesktop = true;
onlyMinimized = false;
onlyInCurrentScreen = false;
};
sortingMethod = "manually";
unhideOnAttentionNeeded = true;
wheel = {
ignoreMinimizedTasks = true;
switchBetweenTasks = true;
};
};
launchers = [
"applications:org.kde.dolphin.desktop"
"preferred://browser"
"preferred://terminal"
"preferred://editor"
"applications:vesktop.desktop"
"applications:steam.desktop"
];
};
}
{
panelSpacer = {
expanding = true;
};
}
{
systemTray = {
icons = {
scaleToFit = true;
spacing = "small";
};
items = {
hidden = [
"org.kde.plasma.brightness"
];
};
pin = false;
};
}
{
digitalClock = {
date = {
enable = true;
format = "shortDate";
position = "belowTime";
};
time = {
format = "24h";
showSeconds = "onlyInTooltip";
};
};
}
];
}
];
turnOffDisplay = {
idleTimeout = "never";
};
};
};
powerdevil = {
AC = {
powerButtonAction = "shutDown";
whenLaptopLidClosed = "doNothing";
kscreenlocker = {
autoLock = false;
lockOnResume = false;
lockOnStartup = false;
autoSuspend.action = "nothing";
dimDisplay.enable = false;
appearance = {
alwaysShowClock = true;
showMediaControls = true;
};
};
turnOffDisplay = {
idleTimeout = "never";
};
};
battery = {
powerButtonAction = "shutDown";
whenLaptopLidClosed = "doNothing";
configFile = {
kdeglobals = {
General = {
# enable font antialiasing
XftAntialias = true;
XftHintStyle = "hintslight";
XftSubPixel = "rgb";
};
autoSuspend.action = "nothing";
dimDisplay.enable = false;
turnOffDisplay = {
idleTimeout = "never";
};
};
lowBattery = {
powerButtonAction = "shutDown";
whenLaptopLidClosed = "doNothing";
autoSuspend.action = "nothing";
dimDisplay.enable = false;
turnOffDisplay = {
idleTimeout = "never";
};
};
};
kwalletrc = {
Wallet.Enabled = false;
kscreenlocker = {
autoLock = false;
lockOnResume = false;
lockOnStartup = false;
appearance = {
alwaysShowClock = true;
showMediaControls = true;
};
};
plasmarc = {
General = {
RaiseMaximumVolume = true;
VolumeStep = 2;
};
};
kcminputrc = {
Keyboard.NumLock.value = 0;
configFile = {
kdeglobals = {
General = {
# enable font antialiasing
XftAntialias = true;
XftHintStyle = "hintslight";
XftSubPixel = "rgb";
};
};
kwalletrc = {
Wallet.Enabled = false;
};
plasmarc = {
General = {
RaiseMaximumVolume = true;
VolumeStep = 2;
};
};
kcminputrc = {
Keyboard.NumLock.value = 0;
};
};
};
};

4
modules/home/desktop/terminal/ghostty.nix
View file

@ -25,8 +25,8 @@ in {
enable = true;
settings = {
background-blur-radius = 20;
theme = "dark:stylix,light:stylix";
window-theme = config.stylix.polarity;
# theme = "dark:stylix,light:stylix";
# window-theme = config.stylix.polarity;
background-opacity = 0.8;
minimum-contrast = 1.1;
};

18
modules/home/shell/toolset/starship.nix
View file

@ -1,19 +1,25 @@
{ config, options, lib, pkgs, user, ... }:
{ config, lib, user, ... }:
let
inherit (lib.modules) mkIf;
inherit (lib.options) mkEnableOption;
in
{
options.modules.${user}.shell.toolset.starship = let
inherit (lib.options) mkEnableOption;
in {
enable = mkEnableOption "minimal shell ricing";
options.modules.${user}.shell.toolset.starship = {
enable = mkEnableOption "fancy pansy shell prompt";
};
config = mkIf config.modules.${user}.shell.toolset.starship.enable {
home-manager.users.${user}.programs.starship = {
enable = true;
settings = let
inherit (config.lib.stylix.colors) cyan red magenta yellow green blue;
# inherit (config.lib.stylix.colors) cyan red magenta yellow green blue;
cyan = "#00ffff";
red = "#ff0000";
magenta = "#ff00ff";
yellow = "#ffff00";
green = "#00ff00";
blue = "#0000ff";
in {
scan_timeout = 10;
add_newline = true;

34
modules/home/themes/default.nix
View file

@ -1,19 +1,13 @@
{ inputs, config, options, lib, pkgs, user, ... }:
{ config, lib, pkgs, user, ... }:
let
inherit (builtins) getEnv map;
inherit (lib.attrsets) attrValues mapAttrsToList;
inherit (lib.meta) getExe;
inherit (lib.modules) mkIf mkMerge;
inherit (lib.strings) concatStringsSep optionalString;
inherit (lib) mkIf mkDefault;
inherit (lib.options) mkOption mkEnableOption;
inherit (lib.types) nullOr enum;
cfg = config.modules.${user}.themes;
desktop = config.modules.${user}.desktop;
in {
options.modules.${user}.themes = let
inherit (lib.options) mkOption mkEnableOption;
inherit (lib.types) nullOr enum;
in {
options.modules.${user}.themes = {
enable = mkEnableOption "Theming (Stylix)";
theme = mkOption {
@ -33,6 +27,24 @@ in {
config = mkIf (cfg.enable) {
modules.theming.enable = true;
environment.sessionVariables = { QT_QPA_PLATFORMTHEME = "kde"; };
home-manager.users.${user} = {
xdg.configFile."menus/applications.menu".source = "${pkgs.kdePackages.plasma-workspace}/etc/xdg/menus/plasma-applications.menu";
qt = {
enable = true;
platformTheme.package = with pkgs.kdePackages; [
plasma-integration
systemsettings
];
style = {
package = pkgs.kdePackages.breeze;
name = mkDefault "Breeze";
};
};
};
stylix = {
enable = true;
autoEnable = true;

5
modules/system/options.nix
View file

@ -14,6 +14,10 @@ in
};
config = {
environment.variables = {
NIXPKGS_ALLOW_UNFREE = "1";
};
nix.settings = let
inherit (lib) elem attrNames filterAttrs;
@ -22,6 +26,7 @@ in
{
trusted-users = users;
allowed-users = users;
experimental-features = [ "nix-command" "flakes" ];
};
};
}

127
modules/system/security.nix
View file

@ -1,70 +1,77 @@
{ pkgs, ... }:
{ inputs, pkgs, ... }:
{
environment.systemPackages = with pkgs; [
kdePackages.kwallet-pam
bitwarden
sops
];
imports = [
inputs.sops-nix.nixosModules.sops
];
security = {
sudo.execWheelOnly = true;
acme.acceptTerms = true;
polkit.enable = true;
pam = {
u2f = {
enable = true;
settings.cue = true;
};
config = {
environment.systemPackages = with pkgs; [
bitwarden
sops
];
services.kwallet = {
name = "kwallet";
enableKwallet = true;
};
};
};
sops = {
defaultSopsFile = ./secrets/secrets.yml;
defaultSopsFormat = "yml";
networking.firewall.enable = true;
programs.gnupg.agent.enable = true;
boot = {
loader.systemd-boot = {
editor = false;
configurationLimit = 50;
age.keyFile = "/home/";
};
kernelModules = [ "tcp_bbr" ];
kernel.sysctl = {
## TCP hardening
# Prevent bogus ICMP errors from filling up logs.
"net.ipv4.icmp_ignore_bogus_error_responses" = 1;
# Reverse path filtering causes the kernel to do source validation of
# packets received from all interfaces. This can mitigate IP spoofing.
"net.ipv4.conf.default.rp_filter" = 1;
"net.ipv4.conf.all.rp_filter" = 1;
# Do not accept IP source route packets (we're not a router)
"net.ipv4.conf.all.accept_source_route" = 0;
"net.ipv6.conf.all.accept_source_route" = 0;
# Don't send ICMP redirects (again, we're on a router)
"net.ipv4.conf.all.send_redirects" = 0;
"net.ipv4.conf.default.send_redirects" = 0;
# Refuse ICMP redirects (MITM mitigations)
"net.ipv4.conf.all.accept_redirects" = 0;
"net.ipv4.conf.default.accept_redirects" = 0;
"net.ipv4.conf.all.secure_redirects" = 0;
"net.ipv4.conf.default.secure_redirects" = 0;
"net.ipv6.conf.all.accept_redirects" = 0;
"net.ipv6.conf.default.accept_redirects" = 0;
# Protects against SYN flood attacks
"net.ipv4.tcp_syncookies" = 1;
# Incomplete protection again TIME-WAIT assassination
"net.ipv4.tcp_rfc1337" = 1;
security = {
sudo.execWheelOnly = true;
acme.acceptTerms = true;
polkit.enable = true;
pam = {
u2f = {
enable = true;
settings.cue = true;
};
};
};
## TCP optimization
# Enable TCP Fast Open for incoming and outgoing connections
"net.ipv4.tcp_fastopen" = 3;
# Bufferbloat mitigations + slight improvement in throughput & latency
"net.ipv4.tcp_congestion_control" = "bbr";
"net.core.default_qdisc" = "cake";
networking.firewall.enable = true;
programs.gnupg.agent.enable = true;
boot = {
loader.systemd-boot = {
editor = false;
configurationLimit = 50;
};
kernelModules = [ "tcp_bbr" ];
kernel.sysctl = {
## TCP hardening
# Prevent bogus ICMP errors from filling up logs.
"net.ipv4.icmp_ignore_bogus_error_responses" = 1;
# Reverse path filtering causes the kernel to do source validation of
# packets received from all interfaces. This can mitigate IP spoofing.
"net.ipv4.conf.default.rp_filter" = 1;
"net.ipv4.conf.all.rp_filter" = 1;
# Do not accept IP source route packets (we're not a router)
"net.ipv4.conf.all.accept_source_route" = 0;
"net.ipv6.conf.all.accept_source_route" = 0;
# Don't send ICMP redirects (again, we're on a router)
"net.ipv4.conf.all.send_redirects" = 0;
"net.ipv4.conf.default.send_redirects" = 0;
# Refuse ICMP redirects (MITM mitigations)
"net.ipv4.conf.all.accept_redirects" = 0;
"net.ipv4.conf.default.accept_redirects" = 0;
"net.ipv4.conf.all.secure_redirects" = 0;
"net.ipv4.conf.default.secure_redirects" = 0;
"net.ipv6.conf.all.accept_redirects" = 0;
"net.ipv6.conf.default.accept_redirects" = 0;
# Protects against SYN flood attacks
"net.ipv4.tcp_syncookies" = 1;
# Incomplete protection again TIME-WAIT assassination
"net.ipv4.tcp_rfc1337" = 1;
## TCP optimization
# Enable TCP Fast Open for incoming and outgoing connections
"net.ipv4.tcp_fastopen" = 3;
# Bufferbloat mitigations + slight improvement in throughput & latency
"net.ipv4.tcp_congestion_control" = "bbr";
"net.core.default_qdisc" = "cake";
};
};
};
}

12
modules/system/theming.nix
View file

@ -1,18 +1,16 @@
{ inputs, config, options, lib, pkgs, ... }:
{ inputs, config, lib, ... }:
let
inherit (lib) mkIf;
inherit (lib.options) mkEnableOption;
cfg = config.modules.theming;
in
{
imports = [
inputs.stylix.nixosModules.stylix
];
inputs.stylix.nixosModules.stylix
];
options.modules.theming = let
inherit (lib.options) mkEnableOption;
in
{
options.modules.theming = {
enable = mkEnableOption "enable theming";
};