Alright this ain't finished cause of the home stuff but I don't wanna lose what I've done. Impermanence, disko, lots of changes. TODO: add modularity to home.

modules/home/default.nix

@@ -1,6 +1,16 @@
-{ ... }:
+{ nur, ... }:
 {
-  programs.home-manager.enable = true;
-  nixpkgs.config.allowUnfree = true;
-  home.stateVersion = "24.05";
+  imports = [
+    ./files
+    ./programs
+    ./services
+    ./settings
+    ./sway
+    ./users
+    ../../overlays
+    ../../variables
+
+    # Imports
+    nur.nixosModules.nur
+  ];
 }

modules/home/files/default.nix

@@ -7,10 +7,10 @@
       source = ./assets/pfp.png;
     };
     ".assets/wallpapers" = {
-      source = ./assets/wallpapers/${config.look.colors.wallpapers};
+      source = ./assets/wallpapers;
     };
     ".assets/lockscreen" = {
-      source = ./assets/lockscreens/holymoly;
+      source = ./assets/lockscreen;
     };
     ".icons/default" = {
       source = "${pkgs.simp1e-cursors}/share/icons/Simp1e-Dark";

modules/home/programs/gui/easyeffects/default.nix

@@ -1,11 +1,11 @@
 { pkgs, ... }:
 {
-  home = {
-    packages = with pkgs; [
-      easyeffects
-    ];
-    file = {
-      ".config/easyeffects/output/JimHeadphones.json".source = ./JimHeadphones.json;
-    };
+  services.easyeffects = {
+    enable = true;
+    preset = "headphones";
+  };
+
+  home.file = {
+    ".config/easyeffects/output/headphones.json".source = ./headphones.json;
   };
 }

modules/home/programs/gui/librewolf/default.nix

@@ -312,7 +312,7 @@ in {
               ];
             }
           ];
-          definedAliases = ["@g"];
+          definedAliases = [ "@g" ];
         };
         "NixPKGs" = {
           urls = [
@@ -331,7 +331,7 @@ in {
             }
           ];
           icon = "${pkgs.nixos-icons}/share/icons/hicolor/scalable/apps/nix-snowflake.svg";
-          definedAliases = ["@pkgs"];
+          definedAliases = [ "@pkgs" ];
         };
       };
     };
@@ -348,6 +348,7 @@ in {
       "privacy.userContext.newTabContainerOnLeftClick.enabled" = true;
       "privacy.clearOnShutdown.history" = false;
       "privacy.clearOnShutdown.cookies" = false;
+      "privacy.clearOnShutdown_v2.cookiesAndStorage" = false;
       "browser.toolbars.bookmarks.visibility" = "never";
       "media.hardware-video-decoding.force-enabled" = true;
       "svg.context-properties.content.enabled" = true;
@@ -400,7 +401,7 @@ in {
             icon = "fingerprint";
             id = 200;
           };
-          Seneca = {
+          Work = {
             color = "red";
             icon = "briefcase";
             id = 201;

modules/home/programs/gui/mako/default.nix

@@ -14,7 +14,12 @@
     defaultTimeout = 6000;
     font = "${config.look.fonts.main} 12";
     anchor = "bottom-right";
-    extraConfig = "on-button-right=dismiss-all\nouter-margin=10\n[mode=do-not-disturb]\ninvisible=1";
+    extraConfig = ''
+      on-button-right=dismiss-all
+      outer-margin=10
+      [mode=do-not-disturb]
+      invisible=1
+    '';
   };
 
   home.packages = let
@@ -36,7 +41,5 @@
         makoctl mode -a do-not-disturb
       fi
     '';
-  in with pkgs; [
-    makoToggle
-  ];
+  in with pkgs; [ makoToggle ];
 }

modules/home/programs/gui/mangohud/default.nix

@@ -1,10 +1,9 @@
 { pkgs, ... }:
 {
   home = {
-    packages = with pkgs; [
-      mangohud
-    ];
+    packages = with pkgs; [ mangohud ];
     file = {
+      # I know options exist for this, but the order is not respected.
       ".config/MangoHud/MangoHud.conf".text = ''
         table_columns=2
         frametime=0
@@ -12,7 +11,6 @@
         font_scale=0.80
         background_alpha=0.25
         
-        # Set the loads and such
         exec=echo $(echo $XDG_CURRENT_DESKTOP | sed 's/./\U&/') on $(cat /etc/os-release | grep PRETTY_NAME | cut -d '"' -f 2)
         fps
         fps_color_change

modules/home/programs/gui/mpv/default.nix

@@ -1,7 +1,12 @@
-{ ... }:
+{ pkgs, ... }:
 {
   programs.mpv = {
     enable = true;
+    scripts = with pkgs.mpvScripts; [
+      mpris
+      sponsorblock
+      thumbnail
+    ];
     config = {
       volume = 55;
       loop-playlist = "inf";

modules/home/programs/misc/avtools/default.nix

@@ -5,6 +5,7 @@
     spotdl
     playerctl
     ffmpeg
+    alsa-utils
     puddletag
     pulsemixer
   ];

modules/home/programs/misc/chat/default.nix

@@ -1,4 +1,4 @@
-{ pkgs, lib, config, ... }:
+{ pkgs, ... }:
 {
   home.packages = with pkgs; [
     vesktop

modules/home/programs/misc/default.nix

@@ -3,7 +3,11 @@
   imports = [
     ./avtools
     ./chat
+    ./gaming
     ./general
     ./headless
+    ./production
+    ./remote-desktop
+    ./school
   ];
 }

modules/home/programs/misc/gaming/emulators/default.nix

@@ -1,4 +1,4 @@
-{ pkgs, lib, config, ... }:
+{ pkgs, ... }:
 {
   home.packages = with pkgs; [
     dolphin-emu
@@ -6,6 +6,6 @@
     ryujinx
     duckstation
     pcsx2
-    #lime3ds
+    #unstable.lime3ds
   ];
 }

modules/home/programs/misc/gaming/launchers/default.nix

@@ -1,4 +1,4 @@
-{ pkgs, lib, config, ... }:
+{ pkgs, ... }:
 {
   home.packages = with pkgs; [
     steam

modules/home/programs/misc/gaming/xash3d/default.nix

@@ -1,6 +1,4 @@
-{ pkgs, lib, config, ... }:
+{ pkgs, ... }:
 {
-  home.packages = with pkgs; [
-    xash3d
-  ];
+  home.packages = with pkgs; [ xash3d ];
 }

modules/home/programs/misc/general/default.nix

@@ -1,4 +1,4 @@
-{ pkgs, lib, config, ... }:
+{ pkgs, ... }:
 {
   home.packages = with pkgs; [
     imv

modules/home/programs/misc/headless/default.nix

@@ -2,12 +2,9 @@
 {
   home.packages = with pkgs; [
     gotop
-    tcptrack
     p7zip
     vimv
     dua
-    pciutils
-    usbutils
     protonvpn-cli_2
   ];
 }

modules/home/programs/misc/production/default.nix

@@ -1,15 +1,12 @@
 { pkgs, blender-bin, ... }:
 {
-  imports = [
-    ./obs
-  ];
+  imports = [ ./obs ];
 
   home.packages = with pkgs; [
     krita
     inkscape
     audacity
     blender_4_2
-    sunvox
   ];
 
   nixpkgs.overlays = [ blender-bin.overlays.default ];

modules/home/programs/misc/production/obs/default.nix

@@ -1,4 +1,4 @@
-{ pkgs, lib, config, ... }:
+{ pkgs, ... }:
 {
   programs.obs-studio = {
     enable = true;

modules/home/programs/misc/school/default.nix

@@ -4,6 +4,6 @@
     remmina
     freerdp
     zoom-us
-    globalprotect-openconnect
+    unstable.gpauth
   ];
 }

modules/home/programs/terminal/default.nix

@@ -7,5 +7,6 @@
     ./neovim
     ./ranger
     ./tmux
+    ./zsh
   ];
 }

modules/home/programs/terminal/zsh/default.nix

@@ -18,10 +18,8 @@
 
       # Flake commands
       flakedate = "doas nix flake update /etc/nixos";
-      sysswitch = "doas nixos-rebuild switch --flake /etc/nixos";
-      homeswitch = "home-manager switch --flake /etc/nixos";
-      nixswitch = "sysswitch; homeswitch";
-      nixdate = "flakedate && sysswitch; homeswitch";
+      nixswitch = "doas nixos-rebuild switch --flake /etc/nixos";
+      nixdate = "flakedate && nixswitch";
 
       # Shortcut aliases
       neo = "clear && fastfetch";
@@ -38,8 +36,7 @@
       myip = "curl ifconfig.co";
 
       # Download from sources
-      ytdl = "yt-dlp --embed-thumbnail --embed-metadata --output \"%(title)s.%(ext)s\"";
-      ytmp4 = "ytdl --recode-video webm";
+      ytdl = ''yt-dlp --embed-thumbnail --embed-metadata --output "%(title)s.%(ext)s"'';
       ytm3u = "yt-dlp -gS proto:m3u8";
       opusdl = "ytdl --recode-video opus";
       ytopus = "opusdl --format 251";

modules/home/services/default.nix

@@ -3,6 +3,5 @@
   imports = [
     ./gnome-keyring
     ./udiskie
-    ./zsh
   ];
 }

modules/home/settings/default.nix

@@ -4,6 +4,7 @@
     ./dconf
     ./fonts
     ./gtk
+    ./nix
     ./xdg
   ];
 }

modules/home/settings/fonts/default.nix

@@ -1,4 +1,5 @@
-{ pkgs, ... }: {
+{ pkgs, ... }:
+{
   home.packages = with pkgs; [
     liberation_ttf
     twitter-color-emoji

modules/home/settings/nix/default.nix

@@ -0,0 +1,5 @@
+{ ... }:
+{
+  nixpkgs.config.allowUnfree = true;
+  home.stateVersion = "24.05";
+}

modules/home/sway/default.nix

@@ -28,10 +28,6 @@
         url = "https://raw.githubusercontent.com/iguanajuice/sway-font-awesome/6b7a9d08974eea1b9cddb8d444e1c89d6837083a/icons";
         sha256 = "09ki5qw1h91kd33k3fwzq7cb6ck8sq4haswgizrsy387sfr2a75x";
       }}
-
-      # Switch to workspace 1
-      workspace ${config.ws.w7}
-      workspace ${config.ws.w1}
     '';
   };
 }

modules/home/sway/hotkeys/default.nix

@@ -5,8 +5,8 @@
       # Set default modifier and variables
       primeMod = "Mod4";
       secMod = "Mod1";
-      resizeAmount = ''55'';
-      sendNotif = ''notify-send --expire-time=1500'';
+      resizeAmount = "55";
+      sendNotif = "notify-send --expire-time=1500";
     in {
       # Hotkeys
       modifier = "${primeMod}";

modules/home/sway/programs/default.nix

@@ -1,14 +1,15 @@
 { pkgs, ... }:
 {
   home.packages = with pkgs; [
-    wl-clipboard
-    wdisplays
     clipman
+    swaybg
     libnotify
     grim
     slurp
     swappy
-    jq
     lm_sensors
+    wl-clipboard
+    wdisplays
+    jq
   ];
 }

modules/home/sway/rules/default.nix

@@ -5,30 +5,30 @@
       # Assign workspaces to config
       workspaceOutputAssign = let
         workspaces1 = [
-	  "${config.ws.w0}"
-	  "${config.ws.w1}"
-	  "${config.ws.w2}"
-	  "${config.ws.w3}"
-	  "${config.ws.w1a}"
-	  "${config.ws.w2a}"
-	  "${config.ws.w3a}"
-	];
+          "${config.ws.w0}"
+          "${config.ws.w1}"
+          "${config.ws.w2}"
+          "${config.ws.w3}"
+          "${config.ws.w1a}"
+          "${config.ws.w2a}"
+          "${config.ws.w3a}"
+        ];
         workspaces2 = [
-	  "${config.ws.w4}"
-	  "${config.ws.w5}"
-	  "${config.ws.w6}"
-	  "${config.ws.w4a}"
-	  "${config.ws.w5a}"
-	  "${config.ws.w6a}"
-	];
+          "${config.ws.w4}"
+          "${config.ws.w5}"
+          "${config.ws.w6}"
+          "${config.ws.w4a}"
+          "${config.ws.w5a}"
+          "${config.ws.w6a}"
+        ];
         workspaces3 = [
-	  "${config.ws.w7}"
-	  "${config.ws.w8}"
-	  "${config.ws.w9}"
-	  "${config.ws.w7a}"
-	  "${config.ws.w8a}"
-	  "${config.ws.w9a}"
-	];
+          "${config.ws.w7}"
+          "${config.ws.w8}"
+          "${config.ws.w9}"
+          "${config.ws.w7a}"
+          "${config.ws.w8a}"
+          "${config.ws.w9a}"
+        ];
         assign = output: workspaces:
           map (workspace: {
             inherit workspace;
@@ -37,94 +37,103 @@
           workspaces;
       in
         (assign "${config.displays.d1}" workspaces1) ++
-	(assign "${config.displays.d2}" workspaces2) ++
-	(assign "${config.displays.d3}" workspaces3);
+        (assign "${config.displays.d2}" workspaces2) ++
+        (assign "${config.displays.d3}" workspaces3);
 
       # Rules
+      defaultWorkspace = config.ws.w1;
+
       window = {
         border = config.look.border.int;
         titlebar = false;
         commands = [
           # Scratchpads
           {
-            criteria = {con_mark = "scratchpad";};
+            criteria = { con_mark = "scratchpad"; };
             command = ''floating enable, sticky enable, move scratchpad, mark borderless'';
           }
           {
-            criteria = {app_id = "gotop";};
+            criteria = { app_id = "gotop"; };
             command = ''mark scratchpad'';
           }
           {
-            criteria = {app_id = "music";};
+            criteria = { app_id = "music"; };
             command = ''mark scratchpad'';
           }
           {
-            criteria = {app_id = "sound";};
+            criteria = { app_id = "sound"; };
             command = ''mark scratchpad'';
           }
           {
-            criteria = {app_id = "com.github.wwmm.easyeffects";};
+            criteria = { app_id = "com.github.wwmm.easyeffects"; };
             command = ''mark scratchpad, opacity 0.9'';
           }
 
           # Create a "Scratchpad" for apps I don't want to be seen when launched
           {
-            criteria = {con_mark = "hiddenaway";};
+            criteria = { con_mark = "hiddenaway"; };
             command = ''move scratchpad'';
           }
 
           # Give apps that don't have them borders
           {
-            criteria = {con_mark = "borderless";};
+            criteria = { con_mark = "borderless"; };
             command = ''border pixel ${config.look.border.string}'';
           }
           {
-            criteria = {app_id = "com.github.wwmm.easyeffects";};
+            criteria = { app_id = "com.github.wwmm.easyeffects"; };
             command = ''mark borderless'';
           }
           {
-            criteria = {class = "steam";};
+            criteria = { class = "steam"; };
             command = ''mark borderless'';
           }
           {
-            criteria = {app_id = "swappy";};
+            criteria = { app_id = "swappy"; };
             command = ''mark borderless'';
           }
           {
-            criteria = {app_id = "virt-manager";};
+            criteria = { app_id = "virt-manager"; };
             command = ''mark borderless'';
           }
           {
-            criteria = {window_role = "pop-up";};
+            criteria = { window_role = "pop-up"; };
             command = ''mark borderless'';
           }
 
           # Floating or fullscreen rules
           {
-            criteria = {app_id = "float";};
+            criteria = { app_id = "float"; };
             command = ''floating enable'';
           }
           {
-            criteria = {title = "^GlobalShot";};
+            criteria = { title = "^GlobalShot"; };
             command = ''floating enable, fullscreen enable global'';
           }
         ];
       };
       assigns = {
         # Broconfig.wsers
-        "${config.ws.w1}" = [{app_id = "MainBrowser";}];
-        "${config.ws.w1a}" = [{app_id = "AltBrowser";}];
+        "${config.ws.w1}" = [{ app_id = "MainBrowser"; }];
+        "${config.ws.w1a}" = [{ app_id = "AltBrowser"; }];
 
         # Communication
-        "${config.ws.w3a}" = [{class = "zoom";}];
-        "${config.ws.w7}" = [{app_id = "MiscBrowser";} {app_id = "vesktop";} {class = "vesktop";}];
-        "${config.ws.w8}" = [{app_id = "org.gnome.Fractal";}];
-        "${config.ws.w9}" = [{app_id = "thunderbird";}];
+        "${config.ws.w3a}" = [{ class = "zoom"; }];
+        "${config.ws.w7}" = [
+          { app_id = "MiscBrowser"; }
+          { app_id = "vesktop"; }
+          { class = "vesktop"; }
+        ];
+        "${config.ws.w8}" = [{ app_id = "org.gnome.Fractal"; }];
+        "${config.ws.w9}" = [{ app_id = "thunderbird"; }];
 
-        # Else
-        "${config.ws.w2}" = [{class = "steam";} {app_id = "heroic";}];
-        "${config.ws.w2a}" = [{app_id = "looking-glass-client";}];
-        "${config.ws.w4a}" = [{app_id = "com.obsproject.Studio";}];
+        # Etc
+        "${config.ws.w2}" = [
+          { class = "steam"; }
+          {app_id = "heroic";}
+        ];
+        "${config.ws.w2a}" = [{ app_id = "looking-glass-client"; }];
+        "${config.ws.w4a}" = [{ app_id = "com.obsproject.Studio"; }];
       };
       focus.newWindow = "focus";
     };

modules/home/sway/waybar/default.nix

@@ -47,15 +47,14 @@
     vramModule = {
       exec = pkgs.writeScript "vramScript" ''
         # Don't run the script if running on integrated graphics
-        if lspci -k | grep "Kernel driver in use: nvidia" &> /dev/null || lspci -k | grep "Kernel driver in use: amdgpu" &> /dev/null; then
+        gpu_driver=$(${pkgs.pciutils}/bin/lspci -k | grep -Eo "in use: (nvidia|amdgpu)" | awk '{print $3}')
 
-          # Run the nvidia-smi command and capture the VRAM usage and GPU utilization output
-          if lspci -k | grep "Kernel driver in use: nvidia" &> /dev/null; then
+        if [ -n "$gpu_driver" ]; then
+          if [ "$gpu_driver" == "nvidia" ]; then
             vram_usage_mb=$(nvidia-smi --query-gpu=memory.used --format=csv,noheader,nounits)
             temperature=$(nvidia-smi --query-gpu=temperature.gpu --format=csv,noheader,nounits)
 
-          # Check the drm memory if an AMD GPU is present
-          elif lspci -k | grep "Kernel driver in use: amdgpu" &> /dev/null; then
+          elif [ "$gpu_driver" == "amdgpu" ]; then
             vram_usage_mb=$(echo "$(cat /sys/class/drm/card0/device/mem_info_vram_used || cat /sys/class/drm/card1/device/mem_info_vram_used) / 1024 / 1024" | bc)
             temperature=$(sensors | grep 'edge' | awk '{print $2}' | sed 's/[^0-9.-]//g')
           fi
@@ -69,10 +68,8 @@
             vram_usage_display="$(echo $vram_usage_gib)G"
           fi
 
-          # Print the VRAM usage in MB or GiB, and include GPU utilization and temperature
-          echo "{\"text\":\"󰢮  $(echo $vram_usage_display)\",\"tooltip\":\"$(echo $temperature)°C\"}"
-        else
-          :
+          # Print the VRAM usage and temperature
+	  echo "{\"text\":\"󰢮  $(echo $vram_usage_display)\",\"tooltip\":\"$(echo $temperature)°C\"}"
         fi
       '';
       format = "{}";

modules/system/accounts/users/default.nix

@@ -1,9 +1,12 @@
-{ ... }:
+{ home-manager, ... }:
 {
   imports = [
     ./jimbo
     ./liquidsoap
     ./nextcloud
     ./nginx
+    home-manager.nixosModules.home-manager
   ];
+
+  users.mutableUsers = false;
 }

modules/system/accounts/users/jimbo/default.nix

@@ -1,4 +1,4 @@
-{ pkgs, config, ... }:
+{ pkgs, config, unstable, nur, blender-bin, ... }:
 {
   users.users = {
     jimbo = {
@@ -26,7 +26,6 @@
         "input"
         "disk"
         "dialout"
-        "networkmanager"
         "rtkit"
         "kvm"
         "libvirtd"
@@ -39,4 +38,17 @@
       shell = pkgs.zsh;
     };
   };
+
+  home-manager = {
+    useUserPackages = true;
+    backupFileExtension = "backup";
+    extraSpecialArgs = {
+      inherit
+        unstable
+        nur
+        blender-bin
+        ;
+    };
+    users.jimbo = import ../../../../home;
+  };
 }

modules/system/desktop/sway/default.nix

@@ -2,31 +2,14 @@
 {
   imports = [
     ./greetd
+    ./portals
   ];
 
   programs.sway = {
     enable = true;
-    xwayland.enable = true;
-    extraPackages = with pkgs; [
-      swaylock
-      swaybg
-    ];
+    extraPackages = with pkgs; [ swaylock ];
   };
 
   # Allow swaylock to function
   security.pam.services.swaylock = {};
-
-  xdg.portal = {
-    wlr = {
-      enable = true;
-      settings.screencast = {
-        max_fps = 60;
-        chooser_type = "simple";
-        chooser_cmd = "${pkgs.slurp}/bin/slurp -f %o -or -B 00000066 -b 00000099";
-      };
-    };
-    extraPortals = with pkgs; [
-      xdg-desktop-portal-gtk
-    ];
-  };
 }

modules/system/desktop/sway/greetd/default.nix

@@ -1,34 +1,32 @@
 { pkgs, ... }:
 {
-  services = {
-    # Configure greetd for "auto" login (single user only)
-    greetd = let
-      startSway = pkgs.writeScript "startsway" ''
-        if lspci -k | grep "Kernel driver in use: nvidia" &> /dev/null; then
-          export LIBVA_DRIVER_NAME=nvidia
-          export GBM_BACKEND=nvidia-drm
-          export __GLX_VENDOR_LIBRARY_NAME=nvidia
-        else
-          :
-        fi
+  # Configure greetd for login directly to Sway
+  services.greetd = let
+    startSway = pkgs.writeScript "startsway" ''
+      if ${pkgs.pciutils}/bin/lspci -k | grep "in use: nvidia" &> /dev/null; then
+        export LIBVA_DRIVER_NAME=nvidia
+        export GBM_BACKEND=nvidia-drm
+        export __GLX_VENDOR_LIBRARY_NAME=nvidia
+      else
+        :
+      fi
 
-        export XDG_CURRENT_DESKTOP=sway
-        export QT_QPA_PLATFORM="wayland;xcb"
+      export XDG_CURRENT_DESKTOP=sway
+      export QT_QPA_PLATFORM="wayland;xcb"
 
-        sway --unsupported-gpu
-      '';
-    in {
-      enable = true;
-      restart = true;
-      settings = {
-        terminal = {
-          vt = 2;
-          switch = true;
-        };
-        default_session = {
-          command = "${startSway}";
-          user = "jimbo";
-        };
+      sway --unsupported-gpu
+    '';
+  in {
+    enable = true;
+    restart = true;
+    settings = {
+      terminal = {
+        vt = 2;
+        switch = true;
+      };
+      default_session = {
+        command = "${startSway}";
+        user = "jimbo";
       };
     };
   };

modules/system/desktop/sway/portals/default.nix

@@ -0,0 +1,16 @@
+{ pkgs, ... }:
+{
+  xdg.portal = {
+    wlr = {
+      enable = true;
+      settings.screencast = {
+        max_fps = 60;
+        chooser_type = "simple";
+        chooser_cmd = "${pkgs.slurp}/bin/slurp -f %o -or -B 00000066 -b 00000099";
+      };
+    };
+    extraPortals = with pkgs; [
+      xdg-desktop-portal-gtk
+    ];
+  };
+}

modules/system/desktop/wayland/default.nix

@@ -3,7 +3,6 @@
   programs = {
     dconf.enable = true;
     light.enable = true;
-    xwayland.enable = true;
   };
 
   services = {

modules/system/devices/audio/default.nix

@@ -0,0 +1,20 @@
+{ pkgs, ... }:
+{
+  services.pipewire = {
+    enable = true;
+    wireplumber = {
+      enable = true;
+      configPackages = [
+        (pkgs.writeTextDir "share/wireplumber/wireplumber.conf.d/11-bluetooth-policy.conf" ''
+          wireplumber.settings = { bluetooth.autoswitch-to-headset-profile = false }
+        '')
+      ];
+    };
+    alsa = {
+      enable = true;
+      support32Bit = true;
+    };
+    pulse.enable = true;
+    #jack.enable = true;
+  };
+}

modules/system/devices/default.nix

@@ -1,10 +1,11 @@
 { ... }:
 {
   imports = [
+    ./audio
     ./bluetooth
     ./filesystems
+    ./impermanence
     ./networking
-    ./pipewire
     ./printing
     ./udev
     ./video

modules/system/devices/impermanence/default.nix

@@ -0,0 +1,8 @@
+{ impermanence, ... }:
+{
+  imports = [
+    ./root
+    ./jimbo
+    impermanence.nixosModules.impermanence
+  ];
+}

modules/system/devices/impermanence/jimbo/default.nix

@@ -0,0 +1,37 @@
+{ ... }:
+{
+  environment.persistence."/persist" = {
+    hideMounts = true;
+    users.jimbo = {
+      directories = [
+        "Downloads"
+        "Documents"
+        "Games"
+        "Pictures"
+        "Videos"
+        ".snapshots"
+        ".mozilla"
+        ".thunderbird"
+
+        ".config/blender"
+        ".config/vesktop"
+        ".config/sunshine"
+        ".config/heroic"
+        ".config/obs-studio"
+
+        ".local/share/nvim/undo"
+        ".local/share/fractal"
+        ".local/share/PrismLauncher"
+        ".local/share/Steam"
+
+        { directory = ".ssh"; mode = "0700"; }
+        { directory = ".gnupg"; mode = "0700"; }
+        { directory = ".local/share/keyrings"; mode = "0700"; }
+      ];
+      files = [
+        ".zsh_history"
+        ".local/share/clipman.json"
+      ];
+    };
+  };
+}

modules/system/devices/impermanence/root/default.nix

@@ -0,0 +1,24 @@
+{ ... }:
+{
+  environment.persistence."/persist" = {
+    hideMounts = true;
+    directories = [
+      "/etc/nixos"
+      "/etc/secureboot"
+
+      "/var/log"
+      "/var/lib/bluetooth"
+      "/var/lib/mpd"
+      "/var/lib/nixos"
+      "/var/lib/fail2ban"
+      "/var/lib/systemd/coredump"
+    ];
+    files = [
+      "/etc/machine-id"
+      "/etc/ssh/ssh_host_ed25519_key"
+      "/etc/ssh/ssh_host_ed25519_key.pub"
+      "/etc/ssh/ssh_host_rsa_key"
+      "/etc/ssh/ssh_host_rsa_key.pub"
+    ];
+  };
+}

modules/system/devices/networking/default.nix

@@ -4,5 +4,9 @@
     wireless.enable = false;
     dhcpcd.enable = true;
     nftables.enable = true;
+    nameservers = [
+      "1.1.1.1"
+      "1.1.1.2"
+    ];
   };
 }

modules/system/devices/networking/wireguard/pc/default.nix

@@ -1,22 +1,22 @@
 { config, ... }:
 {
-  networking.firewall = {
-    allowedUDPPorts = [ 51820 ];
-  };
+  networking = {
+    firewall.allowedUDPPorts = [ 51820 ];
 
-  networking.wireguard.interfaces = {
-    "${config.ips.wgInt}" = {
-      # Define IP of client in per device config
-      listenPort = 51820;
-      privateKey = config.secrets.wgClientPriv;
-      peers = [
-        {
-          publicKey = "qnOT/lXOJMaQgDUdXpyfGZB2IEyUouRje2m/bCe9ux8=";
-          allowedIPs = [ "${config.ips.wgSpan}.0/24" ];
-          endpoint = "sv.${config.domains.jim1}:51820";
-          persistentKeepalive = 25;
-        }
-      ];
+    wireguard.interfaces = {
+      "${config.ips.wgInt}" = {
+        # Define IP of client in per device config
+        listenPort = 51820;
+        privateKey = config.secrets.wgClientPriv;
+        peers = [
+          { # NixOS Server
+            publicKey = "qnOT/lXOJMaQgDUdXpyfGZB2IEyUouRje2m/bCe9ux8=";
+            allowedIPs = [ "${config.ips.wgSpan}.0/24" ];
+            endpoint = "sv.${config.domains.jim1}:51820";
+            persistentKeepalive = 25;
+          }
+        ];
+      };
     };
   };
 }

modules/system/devices/networking/wireguard/server/default.nix

@@ -6,12 +6,10 @@
       externalInterface = "${config.ips.netInt}";
       internalInterfaces = [ "${config.ips.wgInt}" ];
     };
-    firewall.allowedUDPPorts = [ 51820 ];
-  };
 
-  networking.wireguard = {
-    enable = true;
-    interfaces = {
+    firewall.allowedUDPPorts = [ 51820 ];
+
+    wireguard.interfaces = {
       "${config.ips.wgInt}" = {
         ips = [ "${config.ips.wgSpan}.1/24" ];
         listenPort = 51820;

modules/system/devices/networking/wireless/default.nix

@@ -5,7 +5,5 @@
     enableB43Firmware = true;
   };
 
-  environment.systemPackages = with pkgs; [
-    unstable.impala
-  ];
+  environment.systemPackages = with pkgs; [ unstable.impala ];
 }

modules/system/devices/pipewire/default.nix

@@ -1,23 +0,0 @@
-{ pkgs, ... }:
-{
-  services = {
-    pipewire = {
-      enable = true;
-      audio.enable = true;
-      wireplumber = {
-        enable = true;
-        configPackages = [(
-	  pkgs.writeTextDir "share/wireplumber/wireplumber.conf.d/11-bluetooth-policy.conf" ''
-            wireplumber.settings = { bluetooth.autoswitch-to-headset-profile = false }
-          ''
-	)];
-      };
-      alsa = {
-        enable = true;
-        support32Bit = true;
-      };
-      pulse.enable = true;
-      #jack.enable = true;
-    };
-  };
-}

modules/system/devices/printing/default.nix

@@ -3,7 +3,7 @@
   services = {
     printing = {
       enable = true;
-      drivers = with pkgs; [hplip];
+      drivers = with pkgs; [ hplip ];
       webInterface = false;
     };
     avahi = {

modules/system/devices/udev/oculus/default.nix

@@ -7,8 +7,6 @@
       destination = "/etc/udev/rules.d/10-oculus.rules";
     };
   in {
-    packages = [
-      oculusRules
-    ];
+    packages = [ oculusRules ];
   };
 }

modules/system/devices/udev/pdp/default.nix

@@ -7,8 +7,6 @@
       destination = "/etc/udev/rules.d/10-pdp.rules";
     };
   in {
-    packages = [
-      pdpRules
-    ];
+    packages = [ pdpRules ];
   };
 }

modules/system/services/pc/default.nix

@@ -1,11 +1,11 @@
 { ... }:
 {
   imports = [
-    ./fwupd
     ./gnome-keyring
+    ./gvfs
     ./keyd
     ./mpd
-    ./networkfs
     ./polkit
+    ./snapper
   ];
 }

modules/system/services/pc/fwupd/default.nix

@@ -1,8 +0,0 @@
-{ pkgs, ... }:
-{
-  services.fwupd.enable = true;
-
-  environment.systemPackages = with pkgs; [
-    fwupd
-  ];
-}

modules/system/services/pc/keyd/default.nix

@@ -8,7 +8,6 @@
         main = {
           capslock = "overload(control,esc)";
           leftcontrol = "overload(ctrlmod,noop)";
-
           esc = "`";
           rightcontrol = "esc";
           left = "noop";

modules/system/services/pc/school/default.nix

@@ -1,6 +0,0 @@
-{ ... }:
-{
-  imports = [
-    ./globalprotect
-  ];
-}

modules/system/services/pc/school/globalprotect/default.nix

@@ -1,4 +0,0 @@
-{ ... }:
-{
-  services.globalprotect.enable = true;
-}

modules/system/services/pc/snapper/default.nix

@@ -0,0 +1,13 @@
+{ ... }:
+{
+  imports = [
+    ./root
+    ./jimbo
+  ];
+
+  services.snapper = {
+    snapshotInterval = "0/6:00:00";
+    cleanupInterval = "12:00:00";
+    persistentTimer = true;
+  };
+}

modules/system/services/pc/snapper/jimbo/default.nix

@@ -0,0 +1,12 @@
+{ ... }:
+{
+  services.snapper.configs.jimbo = {
+    SUBVOLUME = "/persist/home/jimbo";
+    TIMELINE_CREATE = true;
+    TIMELINE_CLEANUP = true;
+    TIMELINE_LIMIT_DAILY = 1;
+    TIMELINE_LIMIT_WEEKLY = 1;
+    TIMELINE_LIMIT_MONTHLY = 0;
+    TIMELINE_LIMIT_YEARLY = 0;
+  };
+}

modules/system/services/pc/snapper/root/default.nix

@@ -0,0 +1,12 @@
+{ ... }:
+{
+  services.snapper.configs.root = {
+    SUBVOLUME = "/persist";
+    TIMELINE_CREATE = true;
+    TIMELINE_CLEANUP = true;
+    TIMELINE_LIMIT_DAILY = 1;
+    TIMELINE_LIMIT_WEEKLY = 0;
+    TIMELINE_LIMIT_MONTHLY = 0;
+    TIMELINE_LIMIT_YEARLY = 0;
+  };
+}

modules/system/services/pc/sunshine/default.nix

@@ -2,7 +2,6 @@
 {
   services.sunshine = {
     enable = true;
-    settings.port = 57989;
     autoStart = false;
   };
 }

modules/system/services/server/fileserver/local/samba/default.nix

@@ -5,24 +5,25 @@
       enable = true;
       securityType = "user";
       openFirewall = true;
-      extraConfig = ''
-        workgroup = WORKGROUP
-        server string = JimSMB
-        security = user 
-        hosts allow = ${config.ips.localSpan}. 127.0.0.1 localhost
-        hosts deny = 0.0.0.0/0
-        guest account = nobody
-        map to guest = bad user
-      '';
-      shares = {
-        roms = {
-          comment = "Samba share with my ROMs";
-          path = "/export/JimboNFS/Downloads/GameFiles/ROMS";
-          browseable = "yes";
+      settings = {
+        global = {
+          "workgroup" = "WORKGROUP";
+          "server string" = "JimSMB";
+          "security" = "user";
+          "hosts allow" = "${config.ips.localSpan}. 127.0.0.1 localhost";
+          "hosts deny" = "0.0.0.0/0";
+          "guest account" = "nobody";
+          "map to guest" = "bad user";
+        };
+        "roms" = {
+          "path" = "/export/JimboNFS/Downloads/GameFiles/ROMS";
+          "browseable" = "yes";
           "read only" = "no";
-          "guest ok" = "no";
+          "guest ok" = "yes";
           "create mask" = "0644";
           "directory mask" = "0755";
+          "force user" = "username";
+          "force group" = "groupname";
         };
       };
     };

modules/system/services/server/social/matrix/synapse/coturn/default.nix

@@ -12,7 +12,7 @@
       min-port = 49000;
       max-port = 50000;
       use-auth-secret = true;
-      static-auth-secret = "will be world readable for local users :(";
+      static-auth-secret = config.secrets.coturnSecret;
       realm = "turn.${config.domains.jim1}";
       cert = "/var/lib/acme/turn.${config.domains.jim1}.com/fullchain.pem";
       pkey = "/var/lib/acme/turn.${config.domains.jim1}.com/key.pem";
@@ -24,7 +24,7 @@
         "turn:turn.${config.domains.jim1}:3478?transport=udp"
         "turn:turn.${config.domains.jim1}:3478?transport=tcp"
       ];
-      turn_shared_secret = config.services.coturn.static-auth-secret;
+      turn_shared_secret = config.secrets.coturnSecret;
       turn_user_lifetime = "1h";
     };
   };
@@ -32,10 +32,12 @@
   # Open coturn ports
   networking.firewall = {
     allowedUDPPorts = [
-      3478 5349
-    ];
-    allowedUDPPortRanges = [
-      { from = 49000; to = 50000; }
+      3478
+      5349
     ];
+    allowedUDPPortRanges = [{
+      from = config.services.coturn.min-port;
+      to = config.services.coturn.max-port;
+    }];
   };
 }

modules/system/services/server/social/matrix/synapse/default.nix

@@ -13,14 +13,16 @@
       public_baseurl = "https://matrix.${config.domains.jim1}";
       suppress_key_server_warning = true;
 
-      listeners = [{
-        port = 8008;
-        bind_addresses = [ "::" "0.0.0.0" ];
-        resources = [ { compress = false;  names = [ "client" "federation" ]; } ];
-        type = "http";
-        tls = false;
-        x_forwarded = true;
-      }];
+      listeners = [
+        {
+          port = 8008;
+          bind_addresses = [ "::" "0.0.0.0" ];
+          resources = [ { compress = true;  names = [ "client" "federation" ]; } ];
+          type = "http";
+          tls = false;
+          x_forwarded = true;
+        }
+      ];
 
       email = {
         notif_from = "Jimbo's Matrix <noreply@${config.domains.jim1}>";

modules/system/services/server/transmission/default.nix

@@ -8,8 +8,6 @@
     enable = true;
     credentialsFile = pkgs.writeText "credentials" config.secrets.transmissionCredFile;
     openPeerPorts = true;
-    settings = {
-      rpc-authentication-required = true;
-    };
+    settings.rpc-authentication-required = true;
   };
 }