WIP move to template

disko/default.nix

@@ -1,5 +1,5 @@
 {
-  standard = { disks ? [ "/dev/vda" ], ... }: {
+  standard = {disks ? ["/dev/vda"], ...}: {
     # this is my standard partitioning scheme for my machines: an LUKS-encrypted
     # btrfs volume
     disko.devices = {
@@ -29,7 +29,7 @@
                 content = {
                   type = "luks";
                   name = "crypted";
-                  extraOpenArgs = [ "--allow-discards" ];
+                  extraOpenArgs = ["--allow-discards"];
                   # if you want to use the key for interactive login be sure there is no trailing newline
                   # for example use `echo -n "password" > /tmp/secret.key`
                   keyFile = "/tmp/secret.key"; # Interactive
@@ -37,19 +37,19 @@
                   # additionalKeyFiles = ["/tmp/additionalSecret.key"];
                   content = {
                     type = "btrfs";
-                    extraArgs = [ "-f" ];
+                    extraArgs = ["-f"];
                     subvolumes = {
                       "/root" = {
                         mountpoint = "/";
-                        mountOptions = [ "compress=zstd" "noatime" ];
+                        mountOptions = ["compress=zstd" "noatime"];
                       };
                       "/home" = {
                         mountpoint = "/home";
-                        mountOptions = [ "compress=zstd" "noatime" ];
+                        mountOptions = ["compress=zstd" "noatime"];
                       };
                       "/nix" = {
                         mountpoint = "/nix";
-                        mountOptions = [ "compress=zstd" "noatime" ];
+                        mountOptions = ["compress=zstd" "noatime"];
                       };
                     };
                   };
@@ -62,7 +62,7 @@
     };
   };
   # TODO: figure out what I can't have an optiona/default 'name' attribute here so I can DRY with "standard"
-  thinker = { disks ? [ "/dev/vda" ], ... }: {
+  thinker = {disks ? ["/dev/vda"], ...}: {
     # this is my standard partitioning scheme for my machines: an LUKS-encrypted
     # btrfs volume
     disko.devices = {
@@ -92,7 +92,7 @@
                 content = {
                   type = "luks";
                   name = "crypted";
-                  extraOpenArgs = [ "--allow-discards" ];
+                  extraOpenArgs = ["--allow-discards"];
                   # if you want to use the key for interactive login be sure there is no trailing newline
                   # for example use `echo -n "password" > /tmp/secret.key`
                   keyFile = "/tmp/secret.key"; # Interactive
@@ -100,19 +100,19 @@
                   # additionalKeyFiles = ["/tmp/additionalSecret.key"];
                   content = {
                     type = "btrfs";
-                    extraArgs = [ "-f" ];
+                    extraArgs = ["-f"];
                     subvolumes = {
                       "/root" = {
                         mountpoint = "/";
-                        mountOptions = [ "compress=zstd" "noatime" ];
+                        mountOptions = ["compress=zstd" "noatime"];
                       };
                       "/home" = {
                         mountpoint = "/home";
-                        mountOptions = [ "compress=zstd" "noatime" ];
+                        mountOptions = ["compress=zstd" "noatime"];
                       };
                       "/nix" = {
                         mountpoint = "/nix";
-                        mountOptions = [ "compress=zstd" "noatime" ];
+                        mountOptions = ["compress=zstd" "noatime"];
                       };
                     };
                   };
@@ -124,7 +124,7 @@
       };
     };
   };
-  unencrypted = { disks ? [ "/dev/vda" ], ... }: {
+  unencrypted = {disks ? ["/dev/vda"], ...}: {
     disko.devices = {
       disk = {
         primary = {
@@ -151,19 +151,19 @@
                 size = "100%";
                 content = {
                   type = "btrfs";
-                  extraArgs = [ "-f" ];
+                  extraArgs = ["-f"];
                   subvolumes = {
                     "/root" = {
                       mountpoint = "/";
-                      mountOptions = [ ];
+                      mountOptions = [];
                     };
                     "/home" = {
                       mountpoint = "/home";
-                      mountOptions = [ "compress=zstd" ];
+                      mountOptions = ["compress=zstd"];
                     };
                     "/nix" = {
                       mountpoint = "/nix";
-                      mountOptions = [ "compress=zstd" "noatime" ];
+                      mountOptions = ["compress=zstd" "noatime"];
                     };
                   };
                 };

flake.lock

@@ -120,21 +120,6 @@
         "type": "github"
       }
     },
-    "flake-utils_3": {
-      "locked": {
-        "lastModified": 1644229661,
-        "narHash": "sha256-1YdnJAsNy69bpcjuoKdOYQX0YxZBiCYZo4Twxerqv7k=",
-        "owner": "numtide",
-        "repo": "flake-utils",
-        "rev": "3cecb5b042f7f209c56ffd8371b2711a290ec797",
-        "type": "github"
-      },
-      "original": {
-        "owner": "numtide",
-        "repo": "flake-utils",
-        "type": "github"
-      }
-    },
     "helix": {
       "inputs": {
         "crane": "crane",
@@ -164,15 +149,16 @@
         ]
       },
       "locked": {
-        "lastModified": 1696145345,
-        "narHash": "sha256-3dM7I/d4751SLPJah0to1WBlWiyzIiuCEUwJqwBdmr4=",
+        "lastModified": 1695108154,
+        "narHash": "sha256-gSg7UTVtls2yO9lKtP0yb66XBHT1Fx5qZSZbGMpSn2c=",
         "owner": "nix-community",
         "repo": "home-manager",
-        "rev": "6f9b5b83ad1f470b3d11b8a9fe1d5ef68c7d0e30",
+        "rev": "07682fff75d41f18327a871088d20af2710d4744",
         "type": "github"
       },
       "original": {
         "owner": "nix-community",
+        "ref": "release-23.05",
         "repo": "home-manager",
         "type": "github"
       }
@@ -209,6 +195,22 @@
         "type": "github"
       }
     },
+    "nixpkgs-unstable": {
+      "locked": {
+        "lastModified": 1696019113,
+        "narHash": "sha256-X3+DKYWJm93DRSdC5M6K5hLqzSya9BjibtBsuARoPco=",
+        "owner": "nixos",
+        "repo": "nixpkgs",
+        "rev": "f5892ddac112a1e9b3612c39af1b72987ee5783a",
+        "type": "github"
+      },
+      "original": {
+        "owner": "nixos",
+        "ref": "nixos-unstable",
+        "repo": "nixpkgs",
+        "type": "github"
+      }
+    },
     "nixpkgs_2": {
       "locked": {
         "lastModified": 1696125185,
@@ -243,15 +245,16 @@
     },
     "nixpkgs_4": {
       "locked": {
-        "lastModified": 1696275311,
-        "narHash": "sha256-Z8aJvoUyMv/+0G7iqYIqecxRDFbz05RK2e3/irbWq9M=",
-        "owner": "NixOS",
+        "lastModified": 1696039360,
+        "narHash": "sha256-g7nIUV4uq1TOVeVIDEZLb005suTWCUjSY0zYOlSBsyE=",
+        "owner": "nixos",
         "repo": "nixpkgs",
-        "rev": "828ba8482b64704adad28786355ed8a45d59eb0a",
+        "rev": "32dcb45f66c0487e92db8303a798ebc548cadedc",
         "type": "github"
       },
       "original": {
-        "owner": "NixOS",
+        "owner": "nixos",
+        "ref": "nixos-23.05",
         "repo": "nixpkgs",
         "type": "github"
       }
@@ -279,8 +282,8 @@
         "helix": "helix",
         "home-manager": "home-manager",
         "nixpkgs": "nixpkgs_4",
-        "sops-nix": "sops-nix",
-        "utils": "utils"
+        "nixpkgs-unstable": "nixpkgs-unstable",
+        "sops-nix": "sops-nix"
       }
     },
     "rust-overlay": {
@@ -356,24 +359,6 @@
         "repo": "default",
         "type": "github"
       }
-    },
-    "utils": {
-      "inputs": {
-        "flake-utils": "flake-utils_3"
-      },
-      "locked": {
-        "lastModified": 1696272629,
-        "narHash": "sha256-KprLE/cqg5PFNT1PKQRjE/bJpr4AlgedoUPO/4jee+8=",
-        "owner": "gytis-ivaskevicius",
-        "repo": "flake-utils-plus",
-        "rev": "2893fcad90dcc2ac2265c227b5444a7cd7ef21f0",
-        "type": "github"
-      },
-      "original": {
-        "owner": "gytis-ivaskevicius",
-        "repo": "flake-utils-plus",
-        "type": "github"
-      }
     }
   },
   "root": "root",

flake.nix

@@ -1,26 +1,92 @@
 {
   inputs = {
-    nixpkgs.url = "github:NixOS/nixpkgs";
-    utils.url = "github:gytis-ivaskevicius/flake-utils-plus";
-    # nixpkgs-unstable.url = "github:NixOS/nixpkgs/nixpkgs-channels/nixos-unstable";
-    api-lyte-dev.url = "git+ssh://gitea@git.lyte.dev/lytedev/api.lyte.dev.git";
-    home-manager = {
-      url = "github:nix-community/home-manager";
-      inputs.nixpkgs.follows = "nixpkgs";
-      # inputs.utils.follows = "utils";
-    };
+    nixpkgs.url = "github:nixos/nixpkgs/nixos-23.05";
+    nixpkgs-unstable.url = "github:nixos/nixpkgs/nixos-unstable";
+
+    home-manager.url = "github:nix-community/home-manager/release-23.05";
+    home-manager.inputs.nixpkgs.follows = "nixpkgs";
+
+    helix.url = "github:helix-editor/helix/75c0a5ceb32d8a503915a93ccc1b64c8ad1cba8b";
 
     disko.url = "github:nix-community/disko/master";
     sops-nix.url = "github:Mic92/sops-nix";
-    helix.url = "github:helix-editor/helix/75c0a5ceb32d8a503915a93ccc1b64c8ad1cba8b";
+
+    # TODO: do I really need this in the root of my flake if _only_ beefcake uses it?
+    api-lyte-dev.url = "git+ssh://gitea@git.lyte.dev/lytedev/api.lyte.dev.git";
+
+    # TODO: hardware.url = "github:nixos/nixos-hardware"; # might be useful for laptops
     # TODO: hyprland.url = "github:hyprwm/Hyprland";
+    # TODO: nix-colors.url = "github:misterio77/nix-colors";
   };
 
-  outputs = inputs @ { self, ... }: {
-    diskoConfigurations = import ./disko.nix;
-    homeConfigurations = import ./home.nix inputs;
-    nixosConfigurations = import ./nixos.nix inputs;
+  outputs = {
+    self,
+    nixpkgs,
+    home-manager,
+    ...
+  } @ inputs: let
+    inherit (self) outputs;
+
+    systems = [
+      "aarch64-linux"
+      # "i686-linux"
+      "x86_64-linux"
+      "aarch64-darwin"
+      "x86_64-darwin"
+    ];
+
+    forAllSystems = nixpkgs.lib.genAttrs systems;
+  in {
+    # Your custom packages
+    # Acessible through 'nix build', 'nix shell', etc
+    packages = forAllSystems (system: import ./pkgs nixpkgs.legacyPackages.${system});
+
+    # Formatter for your nix files, available through 'nix fmt'
+    # Other options beside 'alejandra' include 'nixpkgs-fmt'
+    formatter = forAllSystems (system: nixpkgs.legacyPackages.${system}.alejandra);
+
+    # Your custom packages and modifications, exported as overlays
+    overlays = import ./overlays {inherit inputs;};
+
+    # Reusable nixos modules you might want to export
+    # These are usually stuff you would upstream into nixpkgs
+    nixosModules = import ./modules/nixos;
+
+    # Reusable home-manager modules you might want to export
+    # These are usually stuff you would upstream into home-manager
+    homeManagerModules = import ./modules/home-manager;
+
+    # NixOS configuration entrypoint
+    # Available through 'nixos-rebuild --flake .#your-hostname'
+    nixosConfigurations = {
+      dragon = nixpkgs.lib.nixosSystem {
+        specialArgs = {inherit inputs outputs;};
+        modules = [
+          ./nixos/dragon
+        ];
+      };
+    };
+
+    # Standalone home-manager configuration entrypoint
+    # Available through 'home-manager --flake .#your-username@your-hostname'
+    homeConfigurations = {
+      "daniel@lyte.dev" = home-manager.lib.homeManagerConfiguration {
+        pkgs = nixpkgs.legacyPackages.x86_64-linux;
+        extraSpecialArgs = {inherit inputs outputs;};
+        modules = [./home-manager/home.nix];
+      };
+
+      "daniel.flanagan@hq.bill.com" = home-manager.lib.homeManagerConfiguration {
+        pkgs = nixpkgs.legacyPackages.aarch64-darwin;
+        extraSpecialArgs = {inherit inputs outputs;};
+        modules = [./home-manager/home.nix];
+      };
+    };
+
     # TODO: darwin for work?
     # TODO: nixos ISO?
+
+    # Disk partition schemes and functions
+    diskoConfigurations = import ./disko.nix;
   };
 }

home.nix

@@ -1,25 +0,0 @@
-inputs:
-let
-  mkHome = system: modules:
-    let
-      overlay = final: prev: {
-        helix = prev.helix // inputs.helix.packages.${system}.helix;
-      };
-      pkgs = import inputs.nixpkgs { inherit system; overlays = [ overlay ]; };
-    in
-    inputs.home-manager.lib.homeManagerConfiguration {
-      inherit pkgs;
-      modules = [ ] ++ modules;
-    };
-in
-{
-  daniel = mkHome "x86_64-linux" [
-    ./home/user.nix
-    ./home/linux.nix
-  ];
-
-  daniel-work = mkHome "aarch64-darwin" [
-    ./home/user.nix
-    ./home/work.nix
-  ];
-}

home/default.nix

@@ -0,0 +1,25 @@
+inputs: let
+  mkHome = system: modules: let
+    overlay = final: prev: {
+      helix = prev.helix // inputs.helix.packages.${system}.helix;
+    };
+    pkgs = import inputs.nixpkgs {
+      inherit system;
+      overlays = [overlay];
+    };
+  in
+    inputs.home-manager.lib.homeManagerConfiguration {
+      inherit pkgs;
+      modules = [] ++ modules;
+    };
+in {
+  daniel = mkHome "x86_64-linux" [
+    ./home/user.nix
+    ./home/linux.nix
+  ];
+
+  daniel-work = mkHome "aarch64-darwin" [
+    ./home/user.nix
+    ./home/work.nix
+  ];
+}

home/home.nix

@@ -1,9 +1,11 @@
-{ pkgs, lib, ... }:
-let
+{
+  pkgs,
+  lib,
+  ...
+}: let
   email = "daniel@lyte.dev";
   name = "Daniel Flanagan";
-in
-{
+in {
   # TODO: email access?
   # accounts.email.accounts = {
   #   google = {
@@ -36,7 +38,10 @@ in
       pkgs.nixpkgs-fmt
 
       # TODO: os-specific scripts? macOS versus Linux (arch or nixos? do I need to distinguish at that point?)
-      (pkgs.buildEnv { name = "my-scripts-common"; paths = [ ../scripts/common ]; })
+      (pkgs.buildEnv {
+        name = "my-scripts-common";
+        paths = [../scripts/common];
+      })
     ];
 
     file = {
@@ -79,7 +84,7 @@ in
   programs = {
     password-store = {
       enable = true;
-      package = (pkgs.pass.withExtensions (exts: [ exts.pass-otp ]));
+      package = pkgs.pass.withExtensions (exts: [exts.pass-otp]);
     };
 
     git = {
@@ -90,7 +95,7 @@ in
 
       delta = {
         enable = true;
-        options = { };
+        options = {};
       };
 
       lfs = {
@@ -161,25 +166,29 @@ in
         language-server = {
           lexical = {
             command = "lexical";
-            args = [ "start" ];
+            args = ["start"];
           };
 
           next-ls = {
             command = "next-ls";
-            args = [ "--stdout" ];
+            args = ["--stdout"];
           };
 
           deno = {
             command = "deno";
-            args = [ "lsp" ];
-            config = { enable = true; lint = true; unstable = true; };
+            args = ["lsp"];
+            config = {
+              enable = true;
+              lint = true;
+              unstable = true;
+            };
           };
         };
 
         language = [
           {
             name = "elixir";
-            language-servers = [ "elixir-ls" ]; # "lexical" "next-ls" 
+            language-servers = ["elixir-ls"]; # "lexical" "next-ls"
             auto-format = true;
           }
           {
@@ -191,7 +200,7 @@ in
             auto-format = true;
             formatter = {
               command = "nixpkgs-fmt";
-              args = [ ];
+              args = [];
             };
           }
           {
@@ -209,13 +218,13 @@ in
             grammar = "javascript";
             scope = "source.js";
             injection-regex = "^(js|javascript)$";
-            file-types = [ "js" "mjs" ];
-            shebangs = [ "deno" ];
-            language-servers = [ "deno" ];
-            roots = [ "deno.jsonc" "deno.json" ];
+            file-types = ["js" "mjs"];
+            shebangs = ["deno"];
+            language-servers = ["deno"];
+            roots = ["deno.jsonc" "deno.json"];
             formatter = {
               command = "deno";
-              args = [ "fmt" ];
+              args = ["fmt"];
             };
             auto-format = true;
             comment-token = "//";
@@ -231,13 +240,13 @@ in
             grammar = "typescript";
             scope = "source.ts";
             injection-regex = "^(ts|typescript)$";
-            file-types = [ "ts" ];
-            shebangs = [ "deno" ];
-            language-servers = [ "deno" ];
-            roots = [ "deno.jsonc" "deno.json" ];
+            file-types = ["ts"];
+            shebangs = ["deno"];
+            language-servers = ["deno"];
+            roots = ["deno.jsonc" "deno.json"];
             formatter = {
               command = "deno";
-              args = [ "fmt" ];
+              args = ["fmt"];
             };
             auto-format = true;
             comment-token = "//";
@@ -253,10 +262,13 @@ in
             grammar = "jsonc";
             scope = "source.jsonc";
             injection-regex = "^(jsonc)$";
-            roots = [ "deno.jsonc" "deno.json" ];
-            file-types = [ "jsonc" ];
-            language-servers = [ "deno" ];
-            indent = { tab-width = 2; unit = "  "; };
+            roots = ["deno.jsonc" "deno.json"];
+            file-types = ["jsonc"];
+            language-servers = ["deno"];
+            indent = {
+              tab-width = 2;
+              unit = "  ";
+            };
             auto-format = true;
           }
 
@@ -311,7 +323,7 @@ in
           color-modes = false;
           bufferline = "multiple";
           scrolloff = 8;
-          rulers = [ 80 120 ];
+          rulers = [80 120];
           cursorline = true;
 
           cursor-shape = {
@@ -331,16 +343,19 @@ in
             display-inlay-hints = true;
           };
           statusline = {
-            left = [ "mode" "spinner" "selections" "primary-selection-length" "position" "position-percentage" "diagnostics" "workspace-diagnostics" ];
-            center = [ "file-name" ];
-            right = [ "version-control" "total-line-numbers" "file-encoding" ];
+            left = ["mode" "spinner" "selections" "primary-selection-length" "position" "position-percentage" "diagnostics" "workspace-diagnostics"];
+            center = ["file-name"];
+            right = ["version-control" "total-line-numbers" "file-encoding"];
           };
-
         };
         keys = {
-
           insert = {
-            j = { k = "normal_mode"; j = "normal_mode"; K = "normal_mode"; J = "normal_mode"; };
+            j = {
+              k = "normal_mode";
+              j = "normal_mode";
+              K = "normal_mode";
+              J = "normal_mode";
+            };
           };
 
           normal = {
@@ -362,9 +377,11 @@ in
             };
           };
 
-
           select = {
-            space = { q = ":reflow 80"; Q = ":reflow 120"; };
+            space = {
+              q = ":reflow 80";
+              Q = ":reflow 120";
+            };
             "L" = "repeat_last_motion";
           };
         };
@@ -406,13 +423,14 @@ in
             repo = "bat";
             rev = "477622171ec0529505b0ca3cada68fc9433648c6";
             sha256 = "6WVKQErGdaqb++oaXnY3i6/GuH2FhTgK0v4TN4Y0Wbw=";
-          } + "/Catppuccin-mocha.tmTheme");
+          }
+          + "/Catppuccin-mocha.tmTheme");
       };
     };
 
     kitty = {
       enable = true;
-      darwinLaunchOptions = [ "--single-instance" ];
+      darwinLaunchOptions = ["--single-instance"];
       shellIntegration = {
         enableFishIntegration = true;
       };
@@ -689,7 +707,11 @@ in
         };
 
         verbs = [
-          { invocation = "edit"; shortcut = "e"; execution = "$EDITOR {file}"; }
+          {
+            invocation = "edit";
+            shortcut = "e";
+            execution = "$EDITOR {file}";
+          }
         ];
       };
     };
@@ -747,7 +769,7 @@ in
 
         has_command = "command --quiet --search $argv[1]";
       };
-      shellAbbrs = { };
+      shellAbbrs = {};
       shellAliases = {
         l = "br";
         ls = "eza --group-directories-first --classify";

home/linux.nix

@@ -1,4 +1,8 @@
-{ config, pkgs, ... }: {
+{
+  config,
+  pkgs,
+  ...
+}: {
   home.pointerCursor = {
     name = "Bibata-Modern-Classic";
     package = pkgs.bibata-cursors;
@@ -16,16 +20,39 @@
       enable = true;
 
       events = [
-        { event = "before-sleep"; command = "${pkgs.swaylock}/bin/swaylock"; }
+        {
+          event = "before-sleep";
+          command = "${pkgs.swaylock}/bin/swaylock";
+        }
       ];
 
       timeouts = [
-        { timeout = 330; command = "notify-send \"Idling in 300 seconds\""; resumeCommand = "notify-send \"Idling cancelled.\""; }
-        { timeout = 540; command = "notify-send \"Idling in 90 seconds\""; }
-        { timeout = 570; command = "notify-send \"Idling in 60 seconds\""; }
-        { timeout = 600; command = "notify-send \"Idling in 30 seconds...\""; }
-        { timeout = 630; command = "swaylock -f"; }
-        { timeout = 660; command = "swaymsg \"output * dpms off\""; resumeCommand = "swaymsg \"output * dpms on\" & maybe-good-morning &"; }
+        {
+          timeout = 330;
+          command = "notify-send \"Idling in 300 seconds\"";
+          resumeCommand = "notify-send \"Idling cancelled.\"";
+        }
+        {
+          timeout = 540;
+          command = "notify-send \"Idling in 90 seconds\"";
+        }
+        {
+          timeout = 570;
+          command = "notify-send \"Idling in 60 seconds\"";
+        }
+        {
+          timeout = 600;
+          command = "notify-send \"Idling in 30 seconds...\"";
+        }
+        {
+          timeout = 630;
+          command = "swaylock -f";
+        }
+        {
+          timeout = 660;
+          command = "swaymsg \"output * dpms off\"";
+          resumeCommand = "swaymsg \"output * dpms on\" & maybe-good-morning &";
+        }
       ];
     };
   };
@@ -38,16 +65,16 @@
     # set $tilers "(wezterm.*|kitty.*|firefox.*|slack.*|Slack.*|thunar.*|Alacritty.*|alacritty.*|Discord.*|discord.*)"
     # for_window [title=".*"] floating enable
     # for_window [app_id=$tilers] floating disable
-    # 
+    #
     # # for_window [title=".*"] opacity $opacity
-    # 
+    #
     # client.focused          #74c7ec #74c7ec #74c7ec #74c7ec #74c7ec
     # client.focused_inactive #100814 #100814 #9b9ebf #100814 #100814
     # client.unfocused        #100814 #100814 #9b9ebf #100814 #100814
-    # 
+    #
     # # TODO: I forget why I needed this - could google it I expect?
     # exec /usr/lib/polkit-kde-authentication-agent-1
-    # 
+    #
     # # prevent all windows from stealing focus
     # no_focus [class=".*"]
 
@@ -88,10 +115,16 @@
       };
 
       startup = [
-        { command = "systemctl --user restart waybar"; always = true; }
-        { command = "systemctl --user restart swayidle"; always = true; }
-        { command = "firefox"; }
-        { command = "kitty --single-instance"; }
+        {
+          command = "systemctl --user restart waybar";
+          always = true;
+        }
+        {
+          command = "systemctl --user restart swayidle";
+          always = true;
+        }
+        {command = "firefox";}
+        {command = "kitty --single-instance";}
       ];
 
       modes = {
@@ -128,11 +161,12 @@
           tap = "enabled";
           natural_scroll = "enabled";
           middle_emulation = "enabled";
-          # pointer_accel 
+          # pointer_accel
         };
-
       };
-      keybindings = let mod = config.wayland.windowManager.sway.config.modifier; in {
+      keybindings = let
+        mod = config.wayland.windowManager.sway.config.modifier;
+      in {
         # bindsym $mod+shift+space exec wofi --show drun
         "${mod}+control+space" = "exec makoctl dismiss";
         "${mod}+shift+space" = "exec makoctl invoke";
@@ -237,9 +271,9 @@
 
         "${mod}+shift+alt+f" = "for_window [class=$tilers] floating toggle";
       };
-      assigns = { };
-      bars = [ ];
-      colors = { };
+      assigns = {};
+      bars = [];
+      colors = {};
     };
   };
 
@@ -248,16 +282,19 @@
     theme = {
       name = "Catppuccin-Mocha-Compact-Sapphire-dark";
       package = pkgs.catppuccin-gtk.override {
-        accents = [ "sapphire" ];
+        accents = ["sapphire"];
         size = "compact";
-        tweaks = [ "rimless" "black" ];
+        tweaks = ["rimless" "black"];
         variant = "mocha";
       };
     };
   };
 
   home.packages = [
-    (pkgs.buildEnv { name = "my-linux-scripts"; paths = [ ../scripts/linux ]; })
+    (pkgs.buildEnv {
+      name = "my-linux-scripts";
+      paths = [../scripts/linux];
+    })
   ];
 
   programs = {
@@ -267,10 +304,10 @@
         mainBar = {
           "layer" = "top";
           "position" = "bottom";
-          "output" = [ "eDP-1" "DP-3" ];
+          "output" = ["eDP-1" "DP-3"];
           "height" = 32;
-          "modules-left" = [ "clock" "sway/window" ];
-          "modules-center" = [ "sway/workspaces" ];
+          "modules-left" = ["clock" "sway/window"];
+          "modules-center" = ["sway/workspaces"];
           "modules-right" = [
             "mpris"
             "idle_inhibitor"
@@ -303,15 +340,15 @@
           "sway/workspaces" = {
             "disable-scroll" = false;
             "persistent_workspaces" = {
-              "1" = [ ];
-              "2" = [ ];
-              "3" = [ ];
-              "4" = [ ];
-              "5" = [ ];
-              "6" = [ ];
-              "7" = [ ];
-              "8" = [ ];
-              "9" = [ ];
+              "1" = [];
+              "2" = [];
+              "3" = [];
+              "4" = [];
+              "5" = [];
+              "6" = [];
+              "7" = [];
+              "8" = [];
+              "9" = [];
               # "10" = [;
             };
             "all-outputs" = true;
@@ -346,12 +383,12 @@
             "critical-threshold" = 80;
             # "format-critical" = "{temperatureC}°C {icon}";
             "format" = "{temperatureC}°C {icon}";
-            "format-icons" = [ "" "" "" ];
+            "format-icons" = ["" "" ""];
           };
           "backlight" = {
             # "device" = "acpi_video1";
             "format" = "{percent}% {icon}";
-            "format-icons" = [ "" "" ];
+            "format-icons" = ["" ""];
           };
           "battery" = {
             "states" = {
@@ -365,7 +402,7 @@
             "format-alt" = "{time} {icon}";
             "format-good" = ""; # An empty format will hide the modul;
             "format-full" = "󰁹";
-            "format-icons" = [ "󰂎" "󰁻" "󰁽" "󰁿" "󰂂" ];
+            "format-icons" = ["󰂎" "󰁻" "󰁽" "󰁿" "󰂂"];
           };
           "network" = {
             "format-wifi" = "{essid} ({signalStrength}%) ";
@@ -394,7 +431,7 @@
               "phone" = "";
               "portable" = "";
               "car" = "";
-              "default" = [ "" "" "" ];
+              "default" = ["" "" ""];
             };
             # TODO: toggle mute?
             "on-click" = "pavucontrol";
@@ -638,7 +675,6 @@
       systemd = {
         enable = true;
       };
-
     };
 
     firefox = {
@@ -647,7 +683,7 @@
       enable = true;
 
       # TODO: uses nixpkgs.pass so pass otp doesn't work
-      package = (pkgs.firefox.override { extraNativeMessagingHosts = [ pkgs.passff-host ]; });
+      package = pkgs.firefox.override {extraNativeMessagingHosts = [pkgs.passff-host];};
 
       # extensions = with pkgs.nur.repos.rycee.firefox-addons; [
       #   ublock-origin
@@ -726,5 +762,3 @@
     };
   };
 }
-
-

home/work.nix

@@ -1,8 +1,6 @@
-{ lib, ... }:
-let
+{lib, ...}: let
   username = "daniel.flanagan@divvypay.com";
-in
-{
+in {
   home.username = username;
   home.homeDirectory = "/Users/${username}";
 }

modules/home-manager/default.nix

@@ -0,0 +1,6 @@
+# Add your reusable home-manager modules to this directory, on their own file (https://nixos.wiki/wiki/Module).
+# These should be stuff you would like to share with others, not your personal configurations.
+{
+  # List your module files here
+  # my-module = import ./my-module.nix;
+}

modules/nixos/amd.nix

@@ -1,3 +1,7 @@
-{ config, lib, ... }: {
+{
+  config,
+  lib,
+  ...
+}: {
   hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
 }

modules/nixos/default.nix

@@ -0,0 +1,14 @@
+# Add your reusable NixOS modules to this directory, on their own file (https://nixos.wiki/wiki/Module).
+# These should be stuff you would like to share with others, not your personal configurations.
+{
+  amd = import ./amd.nix;
+  default = import ./default.nix;
+  desktop-usage = import ./desktop-usage.nix;
+  intel = import ./intel.nix;
+  pipewire = import ./pipewire.nix;
+  podman = import ./podman.nix;
+  postgres = import ./postgres.nix;
+  sway = import ./sway.nix;
+  user-installed-applications = import ./user-installed-applications.nix;
+  wifi = import ./wifi.nix;
+}

modules/nixos/desktop-usage.nix

@@ -1,4 +1,4 @@
-{ pkgs, ... }: {
+{pkgs, ...}: {
   # TODO: add a DE and include either plasma or gnome as a fallback?
   imports = [
     ./sway.nix
@@ -6,7 +6,7 @@
   ];
 
   fonts.packages = with pkgs; [
-    (nerdfonts.override { fonts = [ "NerdFontsSymbolsOnly" ]; })
+    (nerdfonts.override {fonts = ["NerdFontsSymbolsOnly"];})
     (iosevka.override {
       set = "lyteterm";
       privateBuildPlan = ''
@@ -147,4 +147,3 @@
     magicOrExtension = ''\x7fELF....AI\x02'';
   };
 }
-

modules/nixos/intel.nix

@@ -1,8 +1,12 @@
-{ lib, config, pkgs, ... }: {
-
+{
+  lib,
+  config,
+  pkgs,
+  ...
+}: {
   nixpkgs.config = {
     packageOverrides = pkgs: {
-      vaapiIntel = pkgs.vaapiIntel.override { enableHybridCodec = true; };
+      vaapiIntel = pkgs.vaapiIntel.override {enableHybridCodec = true;};
     };
   };
 

modules/nixos/pipewire.nix

@@ -1,4 +1,4 @@
-{ ... }: {
+{...}: {
   services.pipewire = {
     enable = true;
 

modules/nixos/podman.nix

@@ -1,4 +1,4 @@
-{ pkgs, ... }: {
+{pkgs, ...}: {
   environment = {
     systemPackages = with pkgs; [
       podman-compose

modules/nixos/postgres.nix

@@ -1,8 +1,8 @@
-{ pkgs, ... }: {
+{pkgs, ...}: {
   # this is really just for development usage
   services.postgresql = {
     enable = true;
-    ensureDatabases = [ "daniel" ];
+    ensureDatabases = ["daniel"];
     ensureUsers = [
       {
         name = "daniel";

modules/nixos/sway.nix

@@ -1,5 +1,4 @@
-{ pkgs, ... }:
-let
+{pkgs, ...}: let
   # this is unused because it's referenced by my sway config
   dbus-sway-environment = pkgs.writeTextFile {
     name = "dbus-sway-environment";
@@ -7,10 +6,10 @@ let
     executable = true;
 
     text = ''
-      			dbus-update-activation-environment --systemd WAYLAND_DISPLAY XDG_CURRENT_DESKTOP=sway
-      			systemctl --user stop wireplumber xdg-desktop-portal xdg-desktop-portal-wlr
-      			systemctl --user start wireplumber xdg-desktop-portal xdg-desktop-portal-wlr
-      		'';
+      dbus-update-activation-environment --systemd WAYLAND_DISPLAY XDG_CURRENT_DESKTOP=sway
+      systemctl --user stop wireplumber xdg-desktop-portal xdg-desktop-portal-wlr
+      systemctl --user start wireplumber xdg-desktop-portal xdg-desktop-portal-wlr
+    '';
   };
 
   # this is unused because it's referenced by my sway config
@@ -18,20 +17,17 @@ let
     name = "configure-gtk";
     destination = "/bin/configure-gtk";
     executable = true;
-    text =
-      let
-        schema = pkgs.gsettings-desktop-schemas;
-        datadir = "${schema}/share/gsettings-schemas/${schema.name}";
-      in
-      ''
-        				export XDG_DATA_DIRS="${datadir}:$XDG_DATA_DIRS
-        				gnome_schema = org.gnome.desktop.interface
-        				gsettings set $gnome_schema gtk-theme 'Catppuccin-Mocha'
-        			'';
+    text = let
+      schema = pkgs.gsettings-desktop-schemas;
+      datadir = "${schema}/share/gsettings-schemas/${schema.name}";
+    in ''
+      export XDG_DATA_DIRS="${datadir}:$XDG_DATA_DIRS
+      gnome_schema = org.gnome.desktop.interface
+      gsettings set $gnome_schema gtk-theme 'Catppuccin-Mocha'
+    '';
   };
-in
-{
-  imports = [ ./pipewire.nix ];
+in {
+  imports = [./pipewire.nix];
 
   # services.xserver.libinput.enable = true;
 
@@ -61,7 +57,7 @@ in
 
   programs.thunar = {
     enable = true;
-    plugins = with pkgs.xfce; [ thunar-archive-plugin thunar-volman ];
+    plugins = with pkgs.xfce; [thunar-archive-plugin thunar-volman];
   };
 
   services.gvfs = {

modules/nixos/user-installed-applications.nix

@@ -1,3 +1,3 @@
-{ ... }: {
+{...}: {
   services.flatpak.enable = true;
 }

modules/nixos/wifi.nix

@@ -1,4 +1,4 @@
-{ ... }: {
+{...}: {
   networking.networkmanager.enable = true;
 
   # iwd?

nixos/beefcake.nix

@@ -1,40 +1,41 @@
 # Edit this configuration file to define what should be installed on
 # your system.  Help is available in the configuration.nix(5) man page
 # and in the NixOS manual (accessible by running 'nixos-help').
-
-{ modulesPath, config, pkgs, ... }: {
+{
+  modulesPath,
+  config,
+  pkgs,
+  ...
+}: {
   imports = [
     (modulesPath + "/installer/scan/not-detected.nix")
     ../modules/intel.nix
   ];
 
-  boot.initrd.availableKernelModules = [ "ehci_pci" "megaraid_sas" "usbhid" "uas" "sd_mod" ];
-  boot.kernelModules = [ "kvm-intel" ];
+  boot.initrd.availableKernelModules = ["ehci_pci" "megaraid_sas" "usbhid" "uas" "sd_mod"];
+  boot.kernelModules = ["kvm-intel"];
 
-  fileSystems."/" =
-    {
-      device = "/dev/disk/by-uuid/0747dcba-f590-42e6-89c8-6cb2f9114d64";
-      fsType = "ext4";
-      options = [
-        "usrquota"
-      ];
-    };
+  fileSystems."/" = {
+    device = "/dev/disk/by-uuid/0747dcba-f590-42e6-89c8-6cb2f9114d64";
+    fsType = "ext4";
+    options = [
+      "usrquota"
+    ];
+  };
 
-  fileSystems."/boot" =
-    {
-      device = "/dev/disk/by-uuid/7E3C-9018";
-      fsType = "vfat";
-    };
+  fileSystems."/boot" = {
+    device = "/dev/disk/by-uuid/7E3C-9018";
+    fsType = "vfat";
+  };
 
-  fileSystems."/storage" =
-    {
-      device = "/dev/disk/by-uuid/ea8258d7-54d1-430e-93b3-e15d33231063";
-      fsType = "btrfs";
-      options = [
-        "compress=zstd:5"
-        "space_cache=v2"
-      ];
-    };
+  fileSystems."/storage" = {
+    device = "/dev/disk/by-uuid/ea8258d7-54d1-430e-93b3-e15d33231063";
+    fsType = "btrfs";
+    options = [
+      "compress=zstd:5"
+      "space_cache=v2"
+    ];
+  };
 
   services.nix-serve = {
     enable = true;
@@ -55,7 +56,7 @@
   sops = {
     defaultSopsFile = ../secrets/beefcake/secrets.yml;
     age = {
-      sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ];
+      sshKeyPaths = ["/etc/ssh/ssh_host_ed25519_key"];
       keyFile = "/var/lib/sops-nix/key.txt";
       generateKey = true;
     };
@@ -140,11 +141,11 @@
   networking.hostName = "beefcake";
 
   users.extraGroups = {
-    "plausible" = { };
-    "lytedev" = { };
+    "plausible" = {};
+    "lytedev" = {};
   };
-  users.groups.daniel.members = [ "daniel" ];
-  users.groups.nixadmin.members = [ "daniel" ];
+  users.groups.daniel.members = ["daniel"];
+  users.groups.nixadmin.members = ["daniel"];
 
   users.users.daniel = {
     extraGroups = [
@@ -165,7 +166,7 @@
 
   users.users.ben = {
     isNormalUser = true;
-    packages = [ pkgs.vim ];
+    packages = [pkgs.vim];
     openssh.authorizedKeys.keys = [
       "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKUfLZ+IX85p9355Po2zP1H2tAxiE0rE6IYb8Sf+eF9T ben@benhany.com"
     ];
@@ -173,7 +174,7 @@
 
   users.users.alan = {
     isNormalUser = true;
-    packages = [ pkgs.vim ];
+    packages = [pkgs.vim];
     openssh.authorizedKeys.keys = [
       ""
     ];
@@ -182,9 +183,11 @@
   users.users.restic = {
     # used for other machines to backup to
     isNormalUser = true;
-    openssh.authorizedKeys.keys = [
-      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJbPqzKB09U+i4Kqu136yOjflLZ/J7pYsNulTAd4x903 root@chromebox.h.lyte.dev"
-    ] ++ config.users.users.daniel.openssh.authorizedKeys.keys;
+    openssh.authorizedKeys.keys =
+      [
+        "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJbPqzKB09U+i4Kqu136yOjflLZ/J7pYsNulTAd4x903 root@chromebox.h.lyte.dev"
+      ]
+      ++ config.users.users.daniel.openssh.authorizedKeys.keys;
   };
 
   users.users.guest = {
@@ -201,13 +204,13 @@
     group = "plausible";
   };
 
-  environment.systemPackages = [ pkgs.linuxquota ];
+  environment.systemPackages = [pkgs.linuxquota];
 
   # TODO: make the client declarative? right now I think it's manually git
   # clone'd to /root
   systemd.services.deno-netlify-ddns-client = {
     serviceConfig.Type = "oneshot";
-    path = with pkgs; [ curl bash ];
+    path = with pkgs; [curl bash];
     environment = {
       NETLIFY_DDNS_RC_FILE = "/root/deno-netlify-ddns-client/.env";
     };
@@ -216,8 +219,8 @@
     '';
   };
   systemd.timers.deno-netlify-ddns-client = {
-    wantedBy = [ "timers.target" ];
-    partOf = [ "deno-netlify-ddns-client.service" ];
+    wantedBy = ["timers.target"];
+    partOf = ["deno-netlify-ddns-client.service"];
     timerConfig = {
       OnBootSec = "10sec";
       OnUnitActiveSec = "5min";
@@ -277,7 +280,7 @@
       nix.h.lyte.dev {
         reverse_proxy :${toString config.services.nix-serve.port}
       }
-        
+
       # proxy everything else to chromebox
       :80 {
         reverse_proxy 10.0.0.5:80
@@ -369,7 +372,7 @@
 
   services.postgresql = {
     enable = true;
-    ensureDatabases = [ "daniel" "plausible" ];
+    ensureDatabases = ["daniel" "plausible"];
     ensureUsers = [
       {
         name = "daniel";
@@ -391,9 +394,9 @@
 
     authentication = pkgs.lib.mkOverride 10 ''
       #type database  DBuser    auth-method
-      local all       postgres  peer map=superuser_map        
-      local all       daniel    peer map=superuser_map        
-      local sameuser  all       peer map=superuser_map        
+      local all       postgres  peer map=superuser_map
+      local all       daniel    peer map=superuser_map
+      local sameuser  all       peer map=superuser_map
       local plausible plausible peer map=superuser_map
 
       # lan ipv4
@@ -452,8 +455,14 @@
 
   services.openssh = {
     listenAddresses = [
-      { addr = "0.0.0.0"; port = 64022; }
-      { addr = "0.0.0.0"; port = 22; }
+      {
+        addr = "0.0.0.0";
+        port = 64022;
+      }
+      {
+        addr = "0.0.0.0";
+        port = 22;
+      }
     ];
   };
 
@@ -575,7 +584,7 @@
 
         "/storage/postgres-backups"
       ];
-      exclude = [ ];
+      exclude = [];
       repository = "/storage/backups/local";
     };
     rascal = {

nixos/common.nix

@@ -1,8 +1,12 @@
-{ config, lib, inputs, system, ... }:
-let
-  pkgs = inputs.nixpkgs.legacyPackages.${system};
-in
 {
+  config,
+  lib,
+  inputs,
+  system,
+  ...
+}: let
+  pkgs = inputs.nixpkgs.legacyPackages.${system};
+in {
   services.journald.extraConfig = "SystemMaxUse=1G";
 
   environment = {
@@ -68,8 +72,8 @@ in
         "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAPLXOjupz3ScYjgrF+ehrbp9OvGAWQLI6fplX6w9Ijb daniel@lyte.dev"
       ];
       group = "daniel";
-      extraGroups = [ "users" "wheel" "video" ];
-      packages = [ ];
+      extraGroups = ["users" "wheel" "video"];
+      packages = [];
     };
 
     root = {
@@ -142,15 +146,15 @@ in
     firewall = {
       enable = lib.mkDefault true;
       allowPing = lib.mkDefault true;
-      allowedTCPPorts = lib.mkDefault [ 22 ];
-      allowedUDPPorts = lib.mkDefault [ ];
+      allowedTCPPorts = lib.mkDefault [22];
+      allowedUDPPorts = lib.mkDefault [];
     };
   };
 
   nix = {
     settings = {
-      trusted-users = [ "root" "daniel" ];
-      experimental-features = lib.mkDefault [ "nix-command" "flakes" ];
+      trusted-users = ["root" "daniel"];
+      experimental-features = lib.mkDefault ["nix-command" "flakes"];
       substituters = [
         "https://cache.nixos.org/"
         "https://helix.cachix.org"

nixos/default.nix

@@ -1,28 +1,29 @@
-inputs @ { self, ... }:
-let
+inputs @ {self, ...}: let
   daniel = system: {
     home-manager.users.daniel = {
-      imports = [ ./home/user.nix ./home/linux.nix ];
+      imports = [./home/user.nix ./home/linux.nix];
     };
   };
   hms = system: [
     inputs.home-manager.nixosModules.home-manager
     (daniel system)
   ];
-  disko = args @ { scheme, ... }: [
+  disko = args @ {scheme, ...}: [
     inputs.disko.nixosModules.disko
     self.diskoConfigurations.${scheme}
-    { _module.args = args; }
+    {_module.args = args;}
   ];
   nixosSystem = system: modules: (inputs.nixpkgs.lib.nixosSystem {
-    specialArgs = { inherit inputs system; };
-    modules = [
-      inputs.sops-nix.nixosModules.sops
-      ./nixos/common.nix
-    ] ++ modules ++ hms system;
+    specialArgs = {inherit inputs system;};
+    modules =
+      [
+        inputs.sops-nix.nixosModules.sops
+        ./nixos/common.nix
+      ]
+      ++ modules
+      ++ hms system;
   });
-in
-{
+in {
   # TODO: disko-fy rascal and beefcake?
 
   beefcake = nixosSystem "x86_64-linux" [
@@ -30,23 +31,26 @@ in
     inputs.api-lyte-dev.nixosModules.x86_64-linux.api-lyte-dev
   ];
 
-  rascal = nixosSystem "x86_64-linux" [ ./nixos/rascal.nix ];
+  rascal = nixosSystem "x86_64-linux" [./nixos/rascal.nix];
 
   musicbox = nixosSystem "x86_64-linux" (disko
     {
       scheme = "unencrypted";
-      disks = [ "/dev/sda" ];
-    } ++ [ ./nixos/musicbox.nix ]);
+      disks = ["/dev/sda"];
+    }
+    ++ [./nixos/musicbox.nix]);
 
   thinker = nixosSystem "x86_64-linux" (disko
     {
       scheme = "thinker";
-      disks = [ "/dev/nvme0n1" ];
-    } ++ [ ./nixos/thinker.nix ]);
+      disks = ["/dev/nvme0n1"];
+    }
+    ++ [./nixos/thinker.nix]);
 
   dragon = nixosSystem "x86_64-linux" (disko
     {
       scheme = "standard";
-      disks = [ "/dev/nvme0n1" ];
-    } ++ [ ./nixos/dragon.nix ]);
+      disks = ["/dev/nvme0n1"];
+    }
+    ++ [./nixos/dragon.nix]);
 }

nixos/dragon.nix

@@ -1,43 +0,0 @@
-{ modulesPath, lib, pkgs, ... }: {
-  imports =
-    [
-      ../modules/amd.nix
-      ../modules/desktop-usage.nix
-      ../modules/podman.nix
-      ../modules/wifi.nix
-
-      (modulesPath + "/installer/scan/not-detected.nix")
-    ];
-
-  # TODO: fonts? right now, I'm just installing to ~/.local/share/fonts
-
-  # hardware
-  boot.loader.efi.canTouchEfiVariables = true;
-  boot.loader.systemd-boot.enable = true;
-  boot.initrd.availableKernelModules = [ "xhci_pci" "nvme" "usb_storage" "sd_mod" ];
-
-  networking.hostName = "dragon";
-
-  hardware.bluetooth.enable = true;
-  powerManagement.cpuFreqGovernor = lib.mkDefault "powersave";
-  services.printing.enable = true;
-
-  environment = {
-    systemPackages = with pkgs; [
-      radeontop
-    ];
-  };
-
-
-  networking = {
-    firewall = {
-      enable = true;
-      allowPing = true;
-      allowedTCPPorts = [ 22 ];
-      allowedUDPPorts = [ ];
-    };
-  };
-
-  system.stateVersion = "23.11";
-}
-