Introduction
Hello! Welcome to my literate file that describes (and generates) the configuration for all my computers.
For people who are confused, this file has a bunch of source blocks that are then put into individual files using emacs+org’s tangle mode.
Once the files are generated, they are converted into an immutable system configuration using nixos.
This repository consists of configuration for my main machine
smallbox– my wfh computer and main laptop
To generate the actual nix files, you need to open this file in emacs and then execute M-x org-babel-tangle.
Or run the following from the command line
emacs README.org --batch -f org-babel-tangle
Once the nix files are ready, you can deploy using
nixos-rebuild switch --flake .#<machine>Other files in this repo are :-
flake.lockso as to keep my versions intact. More on that later.assets/*contains images like the wallpaper that cannot be part of this.secrets/secrets.yamlcontains encrypted keys and is edited usingsops.
Everything else in this repository is generated. They ideally shouldn’t be edited directly. There’s also a github action that generates and commits these files if they do differ.
Emacs + Org + Tangle
- Emacs is the text editor that I use. Some people might take offense at me calling it a text editor.
- Org mode is an inbuilt plugin for emacs that helps with managing org files like this one. Org files are similar to markdown but with superpowers.
- Tangle is an org mode option that lets us export snippets to other files. In this case, the configuration snippets you see are written to individual files.
- Anything that appears in
<<code-id>>is like a variable that gets filled in later. You will see them in the snippets below where they are filled in by other snippets later in the file.
- Anything that appears in
Nix & Nixos
- Nix is a bespoke programming language, used mainly to configure environments and dependencies.
- Nixos is a linux distro where you define your operating system and other things using nix.
The expectation is that the output of evaluating the nix files is a “configuration” that can be applied.
This way your operating system is always defined by configuration files. You almost never install anything.
Make a change to the configuration, reapply and repeat. You need vim? Add it to the config, and rebuild.
YourNixCode(Input) -> System ConfigurationI use nix flakes which means that the entry point for the nix evaluation is a file called
flake.nixwhich has two parts (among other things){ inputs: # describes the function input, consisting mainly of package sources outputs: # what the function outputs, a nixos configuration in our case }
Nix flakes is still behind an
experimentalflag, but it is considered the standard by most of the community. Flakes allow us to pin the input package versions using aflake.lockfile. This prevents unwanted and surprise updates when rebuilding without changing the configuration.
TLDR App List
| Window Manager | Hyprland |
| Bar | Waybar |
| Application Launcher | Walker |
| Notification Daemon | Dunst |
| Terminal Emulator | Alacritty |
| Shell | Zsh and Starship |
| Text Editor | Emacs |
| File Manager | Thunar |
| Fonts | Aporeti |
| Colors | Catppuccin |
| Icons | Catppuccin Nix |
| Lock Screen | Hyprlock |
| Wallpapers | Hyprpaper |
Configuration Variables
I have a bunch of constant strings that I would rather put in a file. Thats what user.nix is.
The values are imported at the beginning and are available to almost all the functions being called to configure the system.
{ system = "x86_64-linux"; username = "nambiar"; stateVersion = "25.11"; locale = "sv_SE.UTF-8"; }
Flake Inputs
The inputs for my system’s configuration are very simple
- nixpkgs - the main nix repository of packages. Its huge and growing. Pinned to the unstable release channel. Sometimes pinned to a specific commit because unstable broke something and the fix hasn’t made it into the release yet.
- home-manager - a nix module that helps keep track of user specific dotfiles and configurations as part of my nix config.
- emacs-overlay - this has more configuration options and generally a newer emacs available provided by the community.
- sops-nix - adds latest sops for secrets management.
- catppuccin - nix module that allows everything to be catppuccin themed.
{ description = "Sandeep's nixos configuration"; inputs = { nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable"; home-manager = { url = "github:nix-community/home-manager"; inputs.nixpkgs.follows = "nixpkgs"; }; emacs-overlay = { url = "github:nix-community/emacs-overlay"; inputs.nixpkgs.follows = "nixpkgs"; }; sops-nix = { url = "github:Mic92/sops-nix"; inputs.nixpkgs.follows = "nixpkgs"; }; catppuccin = { url = "github:catppuccin/nix"; inputs.nixpkgs.follows = "nixpkgs"; }; }; <<flake-outputs>> }
Flake Output
Now that the inputs are ready, the outputs define what the system will actually look like. I also define the machines that this configuration specifies early on. Finally, I iterate over the machines list and pull files from /.machines/${name} subdirectory. This allows me to have configuration that has machine specific configuration limited to those files while also keeping a modular reusable base.
We also add a devshell that makes editing this repository easier in emacs.
outputs = { nixpkgs, home-manager, emacs-overlay, sops-nix, catppuccin, ... }: let user = import ./user.nix; lib = nixpkgs.lib; machines = [ "smallbox" ]; pkgs = import nixpkgs { inherit (user) system; }; in { nixosConfigurations = builtins.listToAttrs ( builtins.map (machine: { name = machine; value = lib.nixosSystem { modules = [ <<flake-emacs-module>> <<flake-config-module>> <<flake-home-module>> sops-nix.nixosModules.sops # sops catppuccin.nixosModules.catppuccin # theme ]; specialArgs = { hostname = machine; inherit user; }; }; }) machines ); devShells.${user.system}.default = pkgs.mkShell { buildInputs = with pkgs; [ nil # nix lsp server nixfmt-rfc-style # nix formatter sops # used to edit secrets ]; }; };
Lets look at the individual modules
- Emacs
The first is the emacs overlay so that it uses the nix-community emacs overlay from the inputs instead of the nixpkgs one.
Overlays are a special nix way to override existing packages within a repository.
({ ... }: { nixpkgs.overlays = [ emacs-overlay.overlays.default ]; })
- Then the machine specific configuration, in this case, just “smallbox”.
./machines/${machine}/configuration.nix - And finally the home-manager module.
This can be initialized and managed on its own but I’d rather use the
nixos-rebuildcommand to build everything instead of managing userland dotfiles separately.home-manager.nixosModules.home-manager { home-manager.useGlobalPkgs = true; home-manager.useUserPackages = true; home-manager.extraSpecialArgs = { inherit user; }; <<flake-home-backup>> <<flake-home-config>> }
- Home-Manager will not overwrite existing configuration files and that is good in most cases, but when everything is declarative like it is here, I’d rather that home-manager create a
.backupand replace the file.home-manager.backupFileExtension = "backup";
- Finally I pull in the machine specific home configuration. Along with the overrides from catppuccin.
home-manager.users.${user.username} = { imports = [ ./machines/${machine}/home.nix catppuccin.homeModules.catppuccin ]; };
- Home-Manager will not overwrite existing configuration files and that is good in most cases, but when everything is declarative like it is here, I’d rather that home-manager create a
Envrc + Direnv
Editing this file will be much nicer if we have the dev environment configured. That is done in the devshells section. But to auto load this dev shell, we need a .envrc file. This tells direnv to load the devshell in the flake. Finally, we also look for a .envrc-private file and try to load that. That contains devshell specific secrets.
use flake watch_file .envrc.private if [[ -f .envrc.private ]]; then source_env .envrc.private fi
Machines
The individual machines subdirectory is configured as follows :-
+--machine
| +--configuration.nix
| +--home.nix
| +--hardware-configuration.nix
- configuration.nix has the system configuration.
- home.nix has the user level configuration.
- hardware-configuration.nix has the unique hardware configuration.
nixos-rebuild switch --flake .#smallbox looks for the smallbox configuration (in /machines/smallbox) and returns the configuration that is specific to that computer.
- Note about imports
imports = []in a nix file will pull in the function/object from the list of files provided. This imported object (or function result) is just trivially merged into a common object.
We can take a look at that the common hardware options I have for all my machines.
Other Utils
Updates
To update the computer, I just need to update the flake.lock file to have references to the latest repository. This is done with :-
Editing secrets
The age key needs to exist. Then I can edit the secrets using :-
sops edit secrets/secrets.yaml
Hardware
I’ll let the code comments explain the file here.
{ pkgs, lib, user, config, ...} : { nixpkgs.hostPlatform = lib.mkDefault user.system; # x86_64-linux powerManagement.cpuFreqGovernor = lib.mkDefault "powersave"; # enable power saving on the cpu # update cpu microcode with firmware that allows redistribution hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; hardware = { # always enable bluetooth bluetooth.enable = true; # always enable graphics drivers and enable a bunch of layers for it (including vulkan validation) graphics = { enable = true; extraPackages = with pkgs; [ vulkan-validation-layers # helps catch and debug vulkan crashes ]; }; }; hardware.enableAllFirmware = true; # enable all firmware regardless of license }
Configuration
This section describes the main system configuration for the computers that I have. Nix will look for a default.nix file if you give it a path to a folder to import. And default.nix looks as follows :-
{ pkgs, user, ... } : { imports = [ ./boot.nix ./login.nix ./cli.nix ./files.nix ./locale.nix ./nix-settings.nix ./networking.nix ./hyprland.nix ./services.nix ./audio.nix ./steam.nix ./sops.nix ]; <<config-system-packages>> <<config-user>> <<config-programs>> <<config-fonts>> # enable the catppuccin theme for everything with mocha + blue accents catppuccin.enable = true; catppuccin.flavor = "mocha"; catppuccin.accent = "blue"; system.stateVersion = user.stateVersion; }
Whoa. Thats a lot of imports. Lets go through them one by one.
Nix Settings
These are global nix settings that configure the settings for the actual tool.
{ pkgs, user, ... } : { nix.settings = { # enable flakes experimental-features = ["nix-command" "flakes"]; # add a cache that speed up new applications by downloading binaries # from the trusted cache instead of compiling from sourcer substituters = [ "https://nix-community.cachix.org" ]; # trust the cache public key trusted-public-keys = [ "nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs=" ]; }; # allow proprietary software on this machine. I'm not a purist. nixpkgs.config.allowUnfree = true; # unityhub depends on this... for now nixpkgs.config.permittedInsecurePackages = [ "libxml2-2.13.8" ]; # this declares how often old configurations are cleared up. # i cleanup anything older than a week, every week. nix.gc = { automatic = true; options = "--delete-older-than 7d"; dates = "weekly"; }; programs = { # command line utility that makes applying changes easy and pretty nh = { enable = true; flake = "/home/${user.username}/system"; }; }; }
Boot
This file has most of the settings the control how the computer boots up.
{ pkgs, ... } : { boot = { initrd = { verbose = false; # its a lot of logs. dont need it, unless we do. kernelModules = [ ]; # no kernel modules on boot }; extraModulePackages = [ ]; # no extra packages on boot either kernelPackages = pkgs.linuxPackages_latest; # latest greatest linux kernel kernelParams = [ "silent" ]; # quiet those logs consoleLogLevel = 0; # quiten more logs plymouth.enable = true; # graphical boot animation instead supportedFilesystems = [ "ntfs" ]; # should see the ntfs (windows) loader = { systemd-boot.enable = true; # systemd-boot systemd-boot.configurationLimit = 2; efi.canTouchEfiVariables = true; # allow editing efi to edit the boot loader timeout = 5; # grub timeout to make a selection }; }; }
Login
Here we control what the login screen would look like. I’m using greetd’s tuigreet for the ui. Doesn’t match the rest of the aesthetic of the system (with hyprland), but I like its simplicity.
{ pkgs, user, ... } : { environment.systemPackages = with pkgs; [ tuigreet ]; services.greetd = { enable = true; settings = { default_session = { command = pkgs.lib.mkForce "${pkgs.tuigreet}/bin/tuigreet --remember --time --time-format '%I:%M %p | %a • %h | %F'"; }; }; }; }
CLI
This is the initial system level configuration for the terminal that I use on this machine. Its just zsh.
{ pkgs, user, ... }: { console.useXkbConfig = true; users.users.${user.username}.shell = pkgs.zsh; environment.shells = with pkgs; [ zsh ]; programs.zsh.enable = true; environment.pathsToLink = [ "/share/zsh" ]; }
Files
I use Thunar as the file explorer. Also setup a few plugins for Thunar in this config. Along with that, a few other utilities like zip and enabling services to automount usb drives.
{ pkgs, user, config, ... } : { environment.systemPackages = with pkgs; [ zip unzip p7zip usbutils udiskie ]; programs.thunar = { enable = true; plugins = with pkgs.xfce; [ thunar-archive-plugin thunar-media-tags-plugin thunar-volman ]; }; programs.file-roller.enable = true; # thunar zip support programs.xfconf.enable = true; # to save thunar settings services = { gvfs.enable = true; # Mount, trash, and other functionalities tumbler.enable = true; # Thumbnail support for images udisks2.enable = true; # Auto mount usb drives }; }
Locale
I live in Sweden and would like all my locale and timezone settings to match. Except my default locale.
{ user, ... } : let locale = user.locale; defaultLocale = "en_GB.UTF-8"; in { # Set your time zone. time.timeZone = "Europe/Stockholm"; # Select internationalisation properties. i18n.defaultLocale = defaultLocale; i18n.extraLocaleSettings = { LC_ADDRESS = locale; LC_IDENTIFICATION = locale; LC_MEASUREMENT = locale; LC_MONETARY = locale; LC_NAME = locale; LC_NUMERIC = locale; LC_PAPER = locale; LC_TELEPHONE = locale; LC_TIME = defaultLocale; }; }
Networking
Not much to see here. I want networking to be enabled. I want firewall as well.
{ pkgs, ... } : { networking = { # allow automatic ip assignment when connecting to a network useDHCP = pkgs.lib.mkDefault true; networkmanager.enable = true; firewall.enable = true; # let wifi info be NOT declarative, allowing user to configure wifi. wireless.userControlled.enable = true; wireless.iwd.enable = true; networkmanager.wifi.backend = "iwd"; }; # tui to manage wifi networks environment.systemPackages = with pkgs; [ impala ]; }
Hyprland
This is a big one because the DE needs so much configuration. This section mostly installs Hyprland. The configuration is done in the home manager section.
{ pkgs, ... }: { nix.settings = { # add the hyprland cache so that we dont build hyprland from source substituters = [ "https://hyprland.cachix.org" ]; trusted-public-keys = [ "hyprland.cachix.org-1:a7pgxzMz7+chwVL3/pzj6jIBMioiJM7ypFP8PwtkuGc=" ]; }; # these extra portals allow for things like screen sharing xdg = { portal = { enable = true; extraPortals = [ pkgs.xdg-desktop-portal-wlr pkgs.xdg-desktop-portal-gtk ]; }; }; environment.systemPackages = with pkgs; [ hyprland # the actual package walker # launcher uwsm # wayland session manager hyprland-qtutils # needed by hyprland hyprpolkitagent # polkit agent grimblast # screenshot ]; # we use uwsm to manage launching hyprland # uswm will add hyprland to the login sessions with tuigreet. programs = { uwsm.enable = true; uwsm.waylandCompositors = { hyprland = { prettyName = "Hyprland"; comment = "Hyprland compositor managed by UWSM"; binPath = "/run/current-system/sw/bin/Hyprland"; }; }; hyprland = { withUWSM = true; enable = true; xwayland.enable = true; }; }; # this is mainly for the lock screen # lock.png is provided elsewhere services.xserver = { enable = true; desktopManager = { xterm.enable = false; }; displayManager = { lightdm.background = ./lock.png; }; }; # this is a lot of env vars. # and this requires some cleanup # but hyprland moves fast and some of these are probably outdated already environment.sessionVariables = { XDG_SESSION_TYPE="wayland"; XDG_CURRENT_DESKTOP="Hyprland"; XDG_SESSION_DESKTOP="Hyprland"; NIXOS_OZONE_WL="1"; XCURSOR_SIZE="24"; }; # allow hyprlock (lockscreen) to lock user session security.pam.services.hyprlock = { }; security.polkit.enable = true; security.pam.services.gdm.enableGnomeKeyring = true; }
Services
These are some of the services that I enable at the system level. Explanation in the comments.
{ user, ...} : { services = { blueman.enable = true; # bluetooth manager fwupd.enable = true; # firmware updating service fstrim.enable = true; # ssd maintenance service thermald.enable = true; # thermal regulation service printing.enable = true; # printing services, cups gnome.gnome-keyring.enable = true; # keyring flatpak.enable = true; # allow installing things from flatpaks # printer discovery avahi = { enable = true; nssmdns4 = true; openFirewall = true; }; }; virtualisation.docker.enable = true; # enable docker users.users.${user.username}.extraGroups = [ "docker" ]; # add self to docker user group }
Audio
This is still a work in progress, but it almost works. I enable all the audio related services, hoping everything is going to be okay.
{ pkgs, ...}: { environment.systemPackages = with pkgs; [ pamixer ]; services.pipewire = { enable = true; alsa.enable = true; alsa.support32Bit = true; pulse.enable = true; jack.enable = true; }; # pipewire needs realtime scheduling access security.rtkit.enable = true; }
Steam
Finally, I have steam installed and it requires a few extra things as well.
{ pkgs, ... } : { environment.systemPackages = with pkgs; [ steam-run # also used for random executables that expect fhs ]; programs.steam = { enable = true; # Open ports in the firewall for Steam Remote Play remotePlay.openFirewall = true; # Open ports in the firewall for Source Dedicated Server dedicatedServer.openFirewall = true; }; }
Sops
We use sops to manage secrets on this machine.
{ user, ...} : { sops.defaultSopsFile = ../secrets/secrets.yaml; sops.defaultSopsFormat = "yaml"; sops.age.keyFile = "/home/${user.username}/.config/sops/age/keys.txt"; sops.secrets.claude_key = { # anthropic claude api key, used in emacs owner = "${user.username}"; }; }
Sops requires a public .sops.yaml that dictates how the secrets are encrypted.
This contains the public key and path to the secrets file.
keys: - &primary age1yq35g6mmlem0rhr47u6ewh8dctlwp9hj0s0ac60e4hrw9hjzlqms6crf7n creation_rules: - path_regex: secrets/secrets.yaml$ key_groups: - age: - *primary
Miscellaneous Packages and Programs
environment.systemPackages = with pkgs; [ wget # fetch utility curl # more fetch utility binutils # executable utilities, like ld dmidecode # tool for dumping system info libnotify # notification daemon python3 # nice to have this ready for quick things cacert # certificate authority remmina # remote desktop app ]; # to enable icons with wlogout # https://github.com/catppuccin/nix/issues/584 programs.gdk-pixbuf.modulePackages = [ pkgs.librsvg ];
programs = { nix-ld.enable = true; # helps with linking troubles with dynamic libraries appimage.enable = true; # allow appimage installations dconf.enable = true; # to save user settings gnupg.agent = { # pgp client enable = true; enableSSHSupport = true; }; firefox.enable = true; # browser wireshark.enable = true; # vpn };
Fonts
Nothing much to see here. I love Aporetic, and I use it everywhere.
fonts.packages = with pkgs; [ aporetic nerd-fonts.iosevka ];
User Config
This creates the user profile that I login with. Initially created during install.
users.users.${user.username} = { isNormalUser = true; description = "Sandeep Nambiar"; extraGroups = [ "networkmanager" # allow editing network connections "wheel" # can do sudo "scanner" # access to the network scanner "lp" # access to the printer ]; };
Home
I use home-manager to manage my user level dotfiles and configurations. Most of the “theme” of the system is decided here. I also use it to install programs that are okay with being installed at the user level instead of the system.
{ pkgs, user, ... } : { imports = [ ./waybar.nix ./wallpaper.nix ./lock.nix ./unity.nix ./hyprland.nix ./walker.nix ./theme.nix ./terminal.nix ./dev.nix ./emacs ]; <<home-user>> <<home-packages>> programs.home-manager.enable = true; }
Oof! Again with all the imports! We can go through them one at a time!
Waybar
Mostly styling and enabling modules in the top bar.
{ programs.waybar = { enable = true; settings = { mainBar = { layer = "top"; height = 34; modules-left = [ "hyprland/workspaces" "hyprland/window" ]; modules-right = [ "idle_inhibitor" "pulseaudio" "network" "cpu" "memory" "temperature" "battery" "tray" "clock" ]; "idle_inhibitor" = { format = "{icon}"; format-icons = { activated = " "; deactivated = " "; }; }; "pulseaudio" = { "format" = "{volume}% {icon}"; "format-bluetooth" = "{volume}% {icon}"; "format-muted" = ""; "format-icons"= { "headphones"= ""; "headset"= ""; "phone"= ""; "portab le"= ""; "default"= ["" ""]; }; "on-click"= "pavucontrol"; }; "network" = { "format-wifi" = " ({bandwidthDownBits})"; "format-ethernet" = " ({bandwidthDownBits})"; "format-disconnected" = "Disconnected ⚠"; "tooltip-format-wifi" = "{essid} ({signalStrength}%)"; "tooltip-format-ethernet" = "{ifname}: {ipaddr}/{cidr}"; "on-click" = "impala"; }; "cpu".format = "{usage}% "; "cpu".tooltip = false; "temperature" = { "format" = "{temperatureC}°C "; }; "temperature".tooltip = false; "tray".spacing = 10; "tray".icon-size = 14; "clock".format = "{:%a, %d %b %Y - %H:%M}"; "clock".tooltip = false; "battery" = { "bat" = "BAT0"; "states" = { "good" = 95; "warning" = 30; "critical" = 15; }; "format" = "{capacity}% {icon}"; "format-charging" = "{capacity}% "; "format-plugged" = "{capacity}% "; "format-icons" = ["" "" "" "" " "]; }; "memory".format = "{percentage}% "; }; }; style = '' * { font-family: Aporetic Sans Mono, Iosevka Nerd Font, Roboto, Helvetica, Arial, sans-serif; font-size: 13px; } window#waybar { background-color: @base; color: @text; transition-property: background-color; border-bottom: 0px solid rgba(0, 0, 0, 0); transition-duration: .5s; } #workspaces button { padding: 0 5px; background-color: transparent; border: none; border-radius: 0; color: @text; } #workspaces button:hover { background: @surface1; color: @text; } #workspaces button.active { background-color: @green; color: @base; box-shadow: inset 0 -3px @subtext1; } #clock, #idle_inhibitor #battery, #cpu, #memory, #temperature, #network, #pulseaudio, #tray { margin: 0 5px; padding: 0 2px; } #idle_inhibitor.activated { background-color: @green; } #battery.charging { color: @green; } @keyframes blink { to { background-color: #ffffff; color: black; } } #battery.warning:not(.charging) { color: white; animation-name: blink; animation-duration: 0.5s; animation-timing-function: linear; animation-iteration-count: infinite; animation-direction: alternate; } #window, #workspaces { margin: 0 4px; } .modules-left > widget:first-child > #workspaces { margin-left: 0; } .modules-right > widget:last-child > #workspaces { margin-right: 0; } #network.disconnected { background-color: @red; } #temperature.critical { background-color: @red; } ''; }; }
Wallpaper
I use hyprpaper for setting the wallpaper. The image is copied into the home folder when applying this configuration and the tool picks it from there.
{ pkgs, ... }: { home.packages = with pkgs; [ hyprpaper ]; services.hyprpaper.enable = true; services.hyprpaper.settings = { ipc = "on"; splash = false; splash_offset = 2.0; preload = [ "~/.background-image.png" ]; wallpaper = [ ",~/.background-image.png" ]; }; home.file = { background = { source = ../assets/background.png; target = ".background-image.png"; }; me = { source = ../assets/me.jpg; target = ".me.jpg"; }; }; }
Lock Screen
The lock screen configured using hyprlock. I use hypridle to detect idle time and use wlogout to show a logout menu. They are configured below.
{ pkgs, ... } : { home.packages = with pkgs; [ hyprlock hypridle wlogout ]; home.file = { lock = { source = ../assets/lock.png; target = ".lock.png"; }; }; services = { # hypridle to # 150 seconds - turn of monitor # 300 seconds - lock screen # 330 seconds - turn of monitor # 30 minutes - put to sleep hypridle = { enable = true; settings = { general = { lock_cmd = "pidof hyprlock || hyprlock"; # avoid starting multiple hyprlock instances. before_sleep_cmd = "loginctl lock-session"; # lock before suspend. after_sleep_cmd = "hyprctl dispatch dpms on"; # to avoid having to press a key twice to turn on the display. }; listener = [ { timeout = 150; # 2.5min. on-timeout = "brightnessctl -s set 10"; # set monitor backlight to minimum, avoid 0 on OLED monitor. on-resume = "brightnessctl -r"; # monitor backlight restore. } { timeout = 300; # 5min on-timeout = "loginctl lock-session"; # lock screen when timeout has passed } { timeout = 330; # 5.5min on-timeout = "hyprctl dispatch dpms off"; # screen off when timeout has passed on-resume = "hyprctl dispatch dpms on && brightnessctl -r"; # screen on when activity is detected after timeout has fired. } { timeout = 1800; # 30min on-timeout = "systemctl suspend"; # suspend pc } ]; }; }; }; programs.wlogout = { enable = true; layout = [ { "label" = "lock"; "action" = "hyprlock"; "text" = "Lock"; "keybind" = "l"; } { "label" = "shutdown"; "action" = "systemctl poweroff"; "text" = "Shutdown"; "keybind" = "s"; } { "label" = "suspend"; "action" = "systemctl suspend"; "text" = "Suspend"; "keybind" = "u"; } { "label" = "reboot"; "action" = "systemctl reboot"; "text" = "Reboot"; "keybind" = "r"; } { "label" = "hibernate"; "action" = "systemctl hibernate"; "text" = "Hibernate"; "keybind" = "h"; } { "label" = "reboot"; "action" = "systemctl reboot"; "text" = "Reboot"; "keybind" = "r"; } ]; }; catppuccin.wlogout.iconStyle = "wleave"; programs.hyprlock = { enable = true; settings = { auth = { fingerprint = { enabled = true; }; }; background = { path = "~/.lock.png"; color = "$base"; }; label = { monitor = ""; text = "$TIME"; color = "$text"; font_size = 90; position = "0, 0"; halign = "center"; valign = "top"; }; input-field = { monitor = ""; size = "300, 60"; outline_thickness = 4; dots_size = 0.2; dots_spacing = 0.2; dots_center = true; outer_color = "$accent"; inner_color = "$surface0"; font_color = "$text"; fade_on_empty = true; placeholder_text = ''<span foreground="##$textAlpha"><i> Logged in as </i><span foreground="##$accentAlpha">$USER</span></span>''; hide_input = false; check_color = "$accent"; fail_color = "$red"; fail_text = ''<i>$FAIL <b>($ATTEMPTS)</b></i>''; capslock_color = "$yellow"; position = "0, -47"; halign = "center"; valign = "center"; }; }; }; catppuccin.hyprlock.enable = true; catppuccin.hyprlock.flavor = "mocha"; catppuccin.hyprlock.accent = "blue"; catppuccin.hyprlock.useDefaultConfig = false; # we use our own }
Unity
I work with the Unity Game Engine and I have the unity hub installed globally, instead of in a project flake. Often I work with dotnet directly inside of unity and so we set that up too.
{ pkgs, ... }: { home.packages = with pkgs; [ (pkgs.unityhub.override { extraPkgs = pkgs: with pkgs; [ dotnet-sdk ]; }) ]; }
Hyprland
This configures the desktop environment along with the peripherals. The comments should explain whats happening.
{ # required for the default Hyprland config programs.kitty.enable = true; services.hyprpolkitagent.enable = true; # enable Hyprland wayland.windowManager.hyprland.enable = true; # we start hyprland using uwsm wayland.windowManager.hyprland.systemd.enable = false; # hyprland.conf wayland.windowManager.hyprland.settings = { exec-once = [ # read in env vars "dbus-update-activation-environment --systemd --all" # start waybar "uwsm app -- waybar" ]; input = { follow_mouse = "1"; touchpad = { natural_scroll = "no"; scroll_factor = 0.5; }; scroll_factor = 0.5; accel_profile = "adaptive"; sensitivity = -0.5; # -1.0 - 1.0, 0 means no modification. kb_layout = "us"; # very emacs specific, i use caps as an extra ctrl key kb_options = "ctrl:nocaps"; }; cursor = { no_hardware_cursors = "true"; }; general = { gaps_in = 2; gaps_out = 4; border_size = 2; "col.active_border" = "$blue $green 45deg"; "col.inactive_border" = "$base"; layout = "dwindle"; }; decoration = { rounding = 5; }; animations = { enabled = "yes"; bezier = "myBezier, 0.05, 0.9, 0.1, 1.05"; animation = [ "windows, 1, 7, myBezier" "windowsOut, 1, 7, default, popin 80%" "border, 1, 10, default" "borderangle, 1, 8, default" "fade, 1, 7, default" "workspaces, 1, 6, default" ]; }; dwindle = { pseudotile = "yes"; preserve_split = "yes"; }; gestures = { workspace_swipe = "off"; }; misc = { disable_hyprland_logo = true; focus_on_activate = true; }; "$mainMod" = "SUPER"; bind = [ "$mainMod, Return, exec, uwsm app -- alacritty" "$mainMod, i, exec, firefox" "$mainMod, e, exec, emacs" "$mainMod_SHIFT, Q, killactive" "$mainMod_SHIFT, M, exit" "$mainMod, F, exec, thunar" "$mainMod_SHIFT, Space, togglefloating" # use walker to show exec menu "$mainMod, Space, exec, walker" "$mainMod, P, pseudo" "$mainMod, J, togglesplit" "$mainMod_SHIFT, left, movewindow, l" "$mainMod_SHIFT, right, movewindow, r" "$mainMod_SHIFT, up, movewindow, u" "$mainMod_SHIFT, down, movewindow, d" "$mainMod_CTRL, left, movecurrentworkspacetomonitor, l" "$mainMod_CTRL, right, movecurrentworkspacetomonitor, r" "$mainMod, left, movefocus, l" "$mainMod, right, movefocus, r" "$mainMod, up, movefocus, u" "$mainMod, down, movefocus, d" "$mainMod, mouse_down, workspace, e+1" "$mainMod, mouse_up, workspace, e-1" "$mainMod_SHIFT, p, exec, grimblast -n -f copysave active" "$mainMod_SHIFT, a, exec, grimblast -n -f copysave area" "$mainMod_ALT, p, exec, grimblast -n -f copysave output" "$mainMod_CTRL, p, exec, grimblast -n -f copysave screen" "$mainMod_SHIFT, S, exec, wlogout" ] ++ ( # workspaces # binds $mod + [shift +] {1..9} to [move to] workspace {1..9} builtins.concatLists (builtins.genList (i: let ws = i + 1; in [ "$mainMod, ${toString ws}, workspace, ${toString ws}" "$mainMod SHIFT, ${toString ws}, movetoworkspace, ${toString ws}" ] ) 9) ); bindm = [ "$mainMod, mouse:272, movewindow" "$mainMod, mouse:273, resizewindow" ]; }; }
Walker
This is how I launch applications. It is bound to Win+Space in the hyprland config above.
{ services.walker.enable = true; services.walker.settings = { close = "ctrl g"; next = "ctrl n"; previous = "ctrl p"; quick_activate = ["1" "2" "3" "4"]; }; }
Theme
I use the Catppuccin almost everywhere. The nix module integrates almost automatically everywhere (except gtk). You’ll notice the color values in multiple places outside this as well.
{ pkgs, ...}: { gtk = { enable = true; colorScheme = "dark"; theme = { name = "Catppuccin-GTK-Grey-Dark-Compact"; package = (pkgs.magnetic-catppuccin-gtk.override { accent = [ "grey" ]; shade = "dark"; tweaks = [ "black" ]; size = "compact"; }); }; iconTheme.name = "Papirus-Dark"; }; catppuccin.enable = true; catppuccin.flavor = "mocha"; catppuccin.accent = "blue"; catppuccin.gtk.icon.enable = true; catppuccin.cursors.enable = true; }
Terminal
Alacritty is my terminal program. The snippet below configures how it looks.
{ programs = { alacritty = { enable = true; settings = { font.normal.family = "Aporetic Sans Mono"; font.size = 12; terminal.shell.program = "zsh"; window = { padding.x = 4; padding.y = 4; }; }; }; }; catppuccin.alacritty.enable = true; catppuccin.alacritty.flavor = "mocha"; }
Dev Tools
All the miscellaneous dev tools on this computer.
{ user, pkgs, ... }: { programs = { vscode.enable = true; # yes, sometimes i like to dabble vim.enable = true; # and this one too ripgrep.enable = true; # fast text search across projects btop.enable = true; # even better task manager # nicer terminal info starship = { enable = true; enableZshIntegration = true; enableBashIntegration = true; }; # fuzzy finder fzf = { enable = true; enableZshIntegration = true; enableBashIntegration = true; }; # better cd zoxide = { enable = true; enableZshIntegration = true; enableBashIntegration = true; }; # better ls eza = { enable = true; enableZshIntegration = true; enableBashIntegration = true; }; # this is mainly for integration with nix flakes in individual projects direnv = { enable = true; enableZshIntegration = true; enableBashIntegration = true; nix-direnv.enable = true; }; # zsh everywhere with oh-my-zsh zsh = { enable = true; oh-my-zsh = { enable = true; plugins = [ "git" ]; theme = "robbyrussell"; }; shellAliases = { cd = "z"; # zoxide }; # for emacs-eat package initContent = pkgs.lib.mkOrder 1200 '' [ -n "$EAT_SHELL_INTEGRATION_DIR" ] && \ source "$EAT_SHELL_INTEGRATION_DIR/zsh" ''; }; # git with lfs git = { lfs.enable = true; enable = true; }; }; }
Other Settings
Some repeated info from the configuration.
Home User
home.username = "${user.username}"; home.homeDirectory = pkgs.lib.mkDefault "/home/${user.username}"; home.stateVersion = user.stateVersion;
Home Packages
A bunch of programs that I use.
home.packages = with pkgs; [ audacity # audio recording zoom-us # meetings handbrake # video transcoding xdg-utils # utils, for screensharing vlc # media player discord # other chat slack # work chat pavucontrol # audio control everdo # gtd tool spotify # music player simple-scan # scanner software pinta # image editor mpv # media player ]; services.dunst.enable = true; # notifications daemon programs.obs-studio.enable = true; # screen recording tool
Emacs
I practically live inside emacs. The configuration for it is a mix between init.el and the nix configuration. Nix allows me to install emacs packages as part of the configuration which is most of the following file. I install the nix community provided emacs overlay that lets me have the latest emacs with pgtk ui (for wayland). Comments describe the emacs package and what it does.
{ pkgs, ... }: { programs.emacs = { enable = true; # install with tree sitter enabled package = (pkgs.emacs-git-pgtk.override { withTreeSitter = true; }); extraPackages = epkgs: [ # also install all tree sitter grammars epkgs.manualPackages.treesit-grammars.with-all-grammars epkgs.nerd-icons # nerd fonts support epkgs.doom-modeline # model line epkgs.diminish # hides modes from modeline epkgs.eldoc # doc support epkgs.pulsar # pulses the cursor when jumping about epkgs.which-key # help porcelain epkgs.expreg # expand region epkgs.vundo # undo tree epkgs.puni # structured editing epkgs.avy # jumping utility epkgs.consult # emacs right click epkgs.vertico # minibuffer completion epkgs.marginalia # annotations for completions epkgs.crux # utilities epkgs.magit # git porcelain epkgs.nerd-icons-corfu # nerd icons for completion epkgs.corfu # completion epkgs.cape # completion extensions epkgs.orderless # search paradigm epkgs.yasnippet # snippets support epkgs.yasnippet-snippets # commonly used snippets epkgs.rg # ripgrep epkgs.exec-path-from-shell # load env and path epkgs.eat # better shell epkgs.rust-mode # rust mode (when rust-ts doesn't cut it) epkgs.rustic # more rust things epkgs.nix-mode # nix lang epkgs.hcl-mode # hashicorp file mode epkgs.shell-pop # quick shell popup epkgs.envrc # support for loading .envrc epkgs.nixpkgs-fmt # format nix files epkgs.f # string + file utilities epkgs.gptel # llm chat (mainly claude) epkgs.catppuccin-theme # catppuccin theme epkgs.eldoc-box # docs in a box epkgs.sideline # mainly for flymake errors on the side epkgs.sideline-flymake # mainly for flymake errors on the side epkgs.sideline-eglot # mainly for flymake errors on the side ]; }; home.sessionVariables = { EDITOR = "emacs"; XDG_SCREENSHOTS_DIR = "~/screenshots"; }; home.file = { emacs-init = { source = ./early-init.el; target = ".emacs.d/early-init.el"; }; emacs = { source = ./init.el; target = ".emacs.d/init.el"; }; }; services.nextcloud-client = { enable = true; }; }
Early Initialization
There are some emacs settings that can be configured before the gui shows up. And some of them help increase performance and let the gui show up that much faster. These are listed here.
;;; package --- early init -*- lexical-binding: t -*- ;;; Commentary: ;;; Prevents white flash and better Emacs defaults ;;; Code: (set-language-environment "UTF-8") (setq-default default-frame-alist '((background-color . "#1e1e2e") (bottom-divider-width . 1) ; Thin horizontal window divider (foreground-color . "#bac2de") ; Default foreground color (fullscreen . maximized) ; Maximize the window by default (horizontal-scroll-bars . nil) ; No horizontal scroll-bars (left-fringe . 8) ; Thin left fringe (menu-bar-lines . 0) ; No menu bar (right-divider-width . 1) ; Thin vertical window divider (right-fringe . 8) ; Thin right fringe (tool-bar-lines . 0) ; No tool bar (undecorated . t) ; Remove extraneous X decorations (vertical-scroll-bars . nil)) ; No vertical scroll-bars user-full-name "Sandeep Nambiar" ; ME! ;; memory configuration ;; Higher garbage collection threshold, prevents frequent gc locks, reset later gc-cons-threshold most-positive-fixnum ;; Ignore warnings for (obsolete) elisp compilations byte-compile-warnings '(not obsolete) ;; And other log types completely warning-suppress-log-types '((comp) (bytecomp)) ;; Large files are okay in the new millenium. large-file-warning-threshold 100000000 ;; dont show garbage collection messages at startup, will reset later garbage-collection-messages nil ;; native compilation package-native-compile t native-comp-warning-on-missing-source nil native-comp-async-report-warnings-errors 'silent ;; Read more based on system pipe capacity read-process-output-max (max (* 10240 10240) read-process-output-max) ;; scroll configuration scroll-margin 0 ; Lets scroll to the end of the margin scroll-conservatively 100000 ; Never recenter the window scroll-preserve-screen-position 1 ; Scrolling back and forth ;; frame config ;; Improve emacs startup time by not resizing to adjust for custom settings frame-inhibit-implied-resize t ;; Dont resize based on character height / width but to exact pixels frame-resize-pixelwise t ;; backups & files backup-directory-alist '(("." . "~/.backups/")) ; Don't clutter backup-by-copying t ; Don't clobber symlinks create-lockfiles nil ; Don't have temp files delete-old-versions t ; Cleanup automatically kept-new-versions 6 ; Update every few times kept-old-versions 2 ; And cleanup even more version-control t ; Version them backups delete-by-moving-to-trash t ; Dont delete, send to trash instead ;; startup inhibit-startup-screen t ; I have already done the tutorial. Twice inhibit-startup-message t ; I know I am ready inhibit-startup-echo-area-message t ; Yep, still know it initial-scratch-message nil ; I know it is the scratch buffer! initial-buffer-choice nil inhibit-startup-buffer-menu t inhibit-x-resources t initial-major-mode 'fundamental-mode pgtk-wait-for-event-timeout 0.001 ; faster child frames ad-redefinition-action 'accept ; dont care about legacy things being redefined inhibit-compacting-font-caches t ;; tabs tab-width 4 ; Always tab 4 spaces. indent-tabs-mode nil ; Never use actual tabs. ;; rendering cursor-in-non-selected-windows nil ; dont render cursors other windows ;; packages use-package-always-defer t load-prefer-newer t default-input-method nil use-dialog-box nil use-file-dialog nil use-package-expand-minimally t package-enable-at-startup nil use-package-enable-imenu-support t auto-mode-case-fold nil ; No second pass of case-insensitive search over auto-mode-alist. package-archives '(("melpa" . "https://melpa.org/packages/") ("gnu" . "https://elpa.gnu.org/packages/") ("nongnu" . "https://elpa.nongnu.org/nongnu/") ("melpa-stable" . "https://stable.melpa.org/packages/")) package-archive-priorities '(("gnu" . 99) ("nongnu" . 80) ("melpa" . 70) ("melpa-stable" . 50)) ) ;;; early-init.el ends here
Initialization
Now starts the main emacs configuration.
;;; package --- Summary - My minimal Emacs init file -*- lexical-binding: t -*- ;;; Commentary: ;;; Simple Emacs setup I carry everywhere ;;; Code: (setq custom-file (locate-user-emacs-file "custom.el")) (load custom-file 'noerror) ;; no error on missing custom file (require 'package) (package-initialize) (defun reset-custom-vars () "Resets the custom variables that were set to crazy numbers" (setopt gc-cons-threshold (* 1024 1024 100)) (setopt garbage-collection-messages t)) (use-package emacs :custom (native-comp-async-query-on-exit t) (read-answer-short t) (use-short-answers t) (enable-recursive-minibuffers t) (which-func-update-delay 1.0) (visible-bell nil) (custom-buffer-done-kill t) (whitespace-line-column nil) (x-underline-at-descent-line t) (imenu-auto-rescan t) (uniquify-buffer-name-style 'forward) (confirm-nonexistent-file-or-buffer nil) (create-lockfiles nil) (make-backup-files nil) (kill-do-not-save-duplicates t) (sentence-end-double-space nil) (treesit-enabled-modes t) :init ;; base visual (menu-bar-mode -1) ;; no menu bar (toggle-scroll-bar -1) ;; no scroll bar (tool-bar-mode -1) ;; no tool bar either (blink-cursor-mode -1) ;; stop blinking ;; font of the century (set-frame-font "Aporetic Sans Mono 12" nil t) :bind (("C-<wheel-up>" . pixel-scroll-precision) ; dont zoom in please, just scroll ("C-<wheel-down>" . pixel-scroll-precision) ; dont zoom in either, just scroll ("C-x k" . kill-current-buffer)) ; kill the buffer, dont ask :hook (text-mode . delete-trailing-whitespace-mode) (prog-mode . delete-trailing-whitespace-mode) (after-init . global-display-line-numbers-mode) ;; always show line numbers (after-init . column-number-mode) ;; column number in the mode line (after-init . size-indication-mode) ;; file size in the mode line (after-init . pixel-scroll-precision-mode) ;; smooth mouse scroll (after-init . electric-pair-mode) ;; i mean ... parens should auto create (after-init . reset-custom-vars) ) (use-package autorevert :ensure nil :custom (auto-revert-interval 3) (auto-revert-remote-files nil) (auto-revert-use-notify t) (auto-revert-avoid-polling nil) (auto-revert-verbose t) :hook (after-init . global-auto-revert-mode)) (use-package recentf :ensure nil :commands (recentf-mode recentf-cleanup) :hook (after-init . recentf-mode) :custom (recentf-auto-cleanup 'never) (recentf-exclude (list "\\.tar$" "\\.tbz2$" "\\.tbz$" "\\.tgz$" "\\.bz2$" "\\.bz$" "\\.gz$" "\\.gzip$" "\\.xz$" "\\.zip$" "\\.7z$" "\\.rar$" "COMMIT_EDITMSG\\'" "\\.\\(?:gz\\|gif\\|svg\\|png\\|jpe?g\\|bmp\\|xpm\\)$" "-autoloads\\.el$" "autoload\\.el$")) :config ;; A cleanup depth of -90 ensures that `recentf-cleanup' runs before ;; `recentf-save-list', allowing stale entries to be removed before the list ;; is saved by `recentf-save-list', which is automatically added to ;; `kill-emacs-hook' by `recentf-mode'. (add-hook 'kill-emacs-hook #'recentf-cleanup -90)) (use-package savehist :ensure nil :commands (savehist-mode savehist-save) :hook (after-init . savehist-mode) :custom (savehist-autosave-interval 600) (savehist-additional-variables '(kill-ring ; clipboard register-alist ; macros mark-ring global-mark-ring ; marks search-ring regexp-search-ring))) (use-package hl-line :ensure nil :custom (hl-line-sticky-flag nil) (global-hl-line-sticky-flag nil) :hook (after-init . global-hl-line-mode)) (use-package saveplace :ensure nil :commands (save-place-mode save-place-local-mode) :hook (after-init . save-place-mode) :custom (save-place-limit 400)) (use-package nerd-icons :custom ;; disable bright icon colors (nerd-icons-color-icons nil)) (use-package doom-modeline :custom (inhibit-compacting-font-caches t) ;; speed (doom-modeline-buffer-file-name-style 'relative-from-project) (doom-modeline-major-mode-icon nil) ;; distracting icons, no thank you (doom-modeline-buffer-encoding nil) ;; everything is utf-8 anyway (doom-modeline-buffer-state-icon nil) ;; the filename already shows me (doom-modeline-lsp nil) ;; lsp state is too distracting, too often :hook (after-init . doom-modeline-mode)) (load-theme 'catppuccin :no-confirm) (use-package diminish :demand t) ;; declutter the modeline (use-package eldoc :diminish eldoc-mode :custom (eldoc-echo-area-use-multiline-p nil)) ;; docs for everything (use-package eldoc-box :defer t :config (set-face-background 'eldoc-box-border (catppuccin-color 'green)) (set-face-background 'eldoc-box-body (catppuccin-color 'base)) :bind (("M-h" . eldoc-box-help-at-point))) (use-package pulsar :commands pulsar-global-mode pulsar-recenter-top pulsar-reveal-entry :init (defface pulsar-catppuccin `((default :extend t) (((class color) (min-colors 88) (background light)) :background ,(catppuccin-color 'sapphire)) (((class color) (min-colors 88) (background dark)) :background ,(catppuccin-color 'sapphire)) (t :inverse-video t)) "Alternative nord face for `pulsar-face'." :group 'pulsar-faces) :custom (pulsar-face 'pulsar-catppuccin) :hook (after-init . pulsar-global-mode)) (use-package which-key :commands which-key-mode :diminish which-key-mode :hook (after-init . which-key-mode)) (use-package expreg :bind ("M-m" . expreg-expand)) (use-package vundo) ;; undo tree ;; better structured editing (use-package puni :commands puni-global-mode :hook (after-init . puni-global-mode)) (use-package avy :bind ("M-i" . avy-goto-char-2) :custom (avy-background t)) (use-package consult :bind ("C-x b" . consult-buffer) ;; orig. switch-to-buffer ("M-y" . consult-yank-pop) ;; orig. yank-pop ("M-g M-g" . consult-goto-line) ;; orig. goto-line ("M-g i" . consult-imenu) ;; consult version is interactive ("M-g r" . consult-ripgrep) ;; find in project also works :custom (consult-narrow-key "<")) (use-package vertico :commands vertico-mode :custom (read-file-name-completion-ignore-case t) (read-buffer-completion-ignore-case t) (completion-ignore-case t) (enable-recursive-minibuffers t) (minibuffer-prompt-properties '(read-only t cursor-intangible t face minibuffer-prompt)) :init (vertico-mode) :hook (minibuffer-setup-hook . cursor-intangible-mode)) (use-package marginalia :commands marginalia-mode :hook (after-init . marginalia-mode)) (use-package crux :bind ("C-c M-e" . crux-find-user-init-file) ("C-c C-w" . crux-transpose-windows) ("C-c M-d" . crux-find-current-directory-dir-locals-file) ("C-a" . crux-move-beginning-of-line)) (use-package magit :bind (("C-M-g" . magit-status))) (use-package nerd-icons-corfu :commands nerd-icons-corfu-formatter :defines corfu-margin-formatters) (use-package corfu :commands global-corfu-mode :custom (corfu-cycle t) (corfu-auto t) (corfu-auto-delay 1) (corfu-auto-prefix 3) (corfu-separator ?_) :hook (after-init . global-corfu-mode) :config (add-to-list 'corfu-margin-formatters #'nerd-icons-corfu-formatter)) (use-package cape) (use-package orderless :custom (completion-styles '(orderless partial-completion basic)) (completion-category-defaults nil) (completion-category-overrides nil)) (use-package yasnippet :commands yas-global-mode :diminish yas-minor-mode :hook (after-init . yas-global-mode)) (use-package yasnippet-snippets :after yasnippet) (use-package exec-path-from-shell :commands exec-path-from-shell-initialize :custom (exec-path-from-shell-arguments nil) :hook (after-init . exec-path-from-shell-initialize)) (use-package nixpkgs-fmt :custom (nixpkgs-fmt-command "nixfmt")) (use-package eat :bind (("C-c e p" . eat-project) ("C-c e t" . eat))) (use-package f :demand t) (use-package envrc :commands envrc-global-mode :hook (after-init . envrc-global-mode)) (use-package gptel :commands gptel-make-anthropic f-read-text :config (gptel-make-anthropic "Claude" :stream t :key (f-read-text "/run/secrets/claude_key"))) (use-package sideline-flymake) (use-package sideline-eglot) (use-package sideline :custom (sideline-backends-right '(sideline-flymake sideline-eglot)) :hook (eglot-managed-mode . sideline-mode) (flymake-mode . sideline-mode)) (use-package eglot :custom (eglot-extend-to-xref t) (eglot-ignored-server-capabilities '(:inlayHintProvider)) (jsonrpc-event-hook nil) :hook (eglot-managed-mode . eldoc-box-hover-mode) (before-save . eldoc-format-buffer) :bind (:map eglot-mode-map ("C-c l a" . eglot-code-actions) ("C-c l r" . eglot-rename) ("C-c l h" . eldoc) ("C-c l g" . xref-find-references) ("C-c l w" . eglot-reconnect))) (use-package proced :custom (proced-auto-update-flag t) (proced-auto-update-interval 3) (proced-enable-color-flag t) (proced-show-remote-processes t)) (use-package org :ensure t :defer t :commands (org-mode org-capture org-agenda) :init (defvar org-journal-file "~/nextcloud/org/journal.org") (defvar org-archive-file "~/nextcloud/org/archive.org") (defvar org-notes-file "~/nextcloud/org/notes.org") (defvar org-inbox-file "~/nextcloud/org/inbox.org") (defvar org-work-file "~/nextcloud/org/work.org") (defun my/org-capture-project-target-heading () "Determine Org target headings from the current file's project path. This function assumes a directory structure like '~/projects/COMPANY/PROJECT/'. It extracts 'COMPANY' and 'PROJECT' to use as nested headlines for an Org capture template. If the current buffer is not visi ting a file within such a project structure, it returns nil, causing capture to default to the top of the file." (when-let* ((path (buffer-file-name))) ; Ensure we are in a file-visiting buffer (let ((path-parts (split-string path "/" t " "))) (when-let* ((projects-pos (cl-position "projects" path-parts :test #'string=)) (company (nth (+ 1 projects-pos) path-parts)) (project (nth (+ 2 projects-pos) path-parts))) ;; Return a list of headlines for Org to find or create. (list company project))))) :bind (("C-c c" . org-capture) ("C-c i" . org-store-link) ("C-c a" . org-agenda) :map org-mode-map ("C-c t" . org-toggle-inline-images) ("C-c l" . org-toggle-link-display)) :custom (org-agenda-files (list org-inbox-file org-journal-file)) (org-directory "~/nextcloud/org") (org-default-notes-file org-inbox-file) (org-archive-location (concat org-archive-file "::* From %s")) (org-log-done 'time) (org-log-into-drawer t) (org-hide-emphasis-markers t) (org-src-fontify-natively t) (org-src-tab-acts-natively t) (org-capture-templates '(("t" "Todo" entry (file org-inbox-file) "* TODO %?\n:PROPERTIES:\n:CREATED: %U\n:END:\n\n%a\n\n)") ("j" "Journal" entry (file+olp+datetree org-journal-file) "* %?\n:PROPERTIES:\n:CREATED: %U\n:END:\n\n%a\n\n") ("n" "Note" entry (file org-notes-file) "* %?\n:PROPERTIES:\n:CREATED: %U\n:END:\n\n%a\n\n") ("p" "Project Task" item (file+function org-work-file my/org-capture-project-target-heading) "* TODO %? \n CLOCK: %U" )) ) :config ;; Enable syntax highlighting in code blocks (add-hook 'org-mode-hook 'turn-on-font-lock) (add-hook 'org-mode-hook 'org-indent-mode)) ;; extras (use-package comp-run :ensure nil :config (push "tramp-loaddefs.el.gz" native-comp-jit-compilation-deny-list) (push "cl-loaddefs.el.gz" native-comp-jit-compilation-deny-list)) (use-package rustic :custom (rustic-lsp-client 'eglot)) (provide 'init) ;;; init.el ends here
Machines
Only a few more things left. Specifically the machine level extra settings.
Smallbox
The configuration for the laptop does not change much. Most changes are because the hardware is different.
System Level
Nothing specific for the laptop.
{ user, ... } : { imports = [ ./hardware-configuration.nix ../../configuration ]; <<smallbox-secrets>> }
Hardware
This is the most different. Mostly taken from hardware-configuration.nix setup at first install. As you might notice, there are a lot more kernel modules. This device has thunderbolt for example.
{ hostname, pkgs, lib, modulesPath, user, ... }: { imports = [ (modulesPath + "/installer/scan/not-detected.nix") ../../hardware/hardware.nix ]; boot.initrd.availableKernelModules = [ "xhci_pci" # usb wake up (usb host controller) "thunderbolt" # :/ "nvme" # support for the nvme disk in here "usb_storage" # :/ "sd_mod" # hard drive controller ]; boot.kernelParams = [ "amd_pstate=active" "acpi.ec_no_wakeup=1" # Force use of the thinkpad_acpi driver for backlight control. # This allows the backlight save/load systemd service to work. "acpi_backlight=native" # Needed for touchpad to work properly (click doesn't register by pushing down the touchpad). "psmouse.synaptics_intertouch=0" ]; boot.kernelModules = [ "kvm-amd" ]; boot.loader.grub.efiSupport = true; boot.loader.grub.useOSProber = true; # detect windows since thats on a partition here boot.loader.grub.devices = [ "/dev/nvme0n1" ]; fileSystems."/" = { device = "/dev/disk/by-uuid/0bda9355-76f4-4b55-9012-0a14a73ac6b9"; fsType = "ext4"; }; boot.initrd.luks.devices."luks-f400c0ed-57e0-4b5a-b701-c1a10c19480f".device = "/dev/disk/by-uuid/f400c0ed-57e0-4b5a-b701-c1a10c19480f"; fileSystems."/boot" = { device = "/dev/disk/by-uuid/5A5A-DEFE"; fsType = "vfat"; options = [ "fmask=0077" "dmask=0077" ]; }; # external disk fileSystems."/home/${user.username}/external" = { device = "/dev/disk/by-uuid/18818348-1ee4-4fa5-9984-e4e01b9fa304"; fsType = "ext4"; }; swapDevices = []; hardware.graphics = { enable = lib.mkDefault true; enable32Bit = lib.mkDefault true; }; hardware.amdgpu.initrd.enable = lib.mkDefault true; networking.hostName = hostname; # enalbe fingerprinting services services.fprintd.enable = true; }
Home
This is mostly about configuring the monitor and key bindings. And laptop specific utilities.
{ pkgs, ... } : { imports = [ ../../home ]; home.packages = with pkgs; [ brightnessctl ]; wayland.windowManager.hyprland.settings = { bind = [ ", XF86MonBrightnessUp, exec, brightnessctl set 5%+" ", XF86MonBrightnessDown, exec, brightnessctl set 5%-" ", XF86AudioRaiseVolume, exec, wpctl set-volume @DEFAULT_AUDIO_SINK@ 5%+" ", XF86AudioLowerVolume, exec, wpctl set-volume @DEFAULT_AUDIO_SINK@ 5%-" ", XF86AudioMute, exec, wpctl set-mute @DEFAULT_AUDIO_SINK@ toggle" ", XF86AudioMicMute, exec, wpctl set-mute @DEFAULT_AUDIO_SOURCE@ toggle" ]; bindl = [ '', switch:on:Lid Switch, exec, hyprctl keyword monitor "eDP-1, disable"'' '', switch:off:Lid Switch, exec, hyprctl keyword monitor "eDP-1, preferred, 2560x0, 2"'' ]; monitor = [ "desc:AOC Q3279WG5B 0x00000161, preferred, 0x0, 1, vrr, 2" # main monitor "eDP-1, preferred, 2560x0, 2" # laptop monitor ]; workspace = [ "1,monitor:desc:AOC Q3279WG5B 0x00000161, default:true" "2,monitor:desc:AOC Q3279WG5B 0x00000161, default:true" "3,monitor:desc:AOC Q3279WG5B 0x00000161, default:true" "5,monitor:eDP-1, default:true" "6,monitor:eDP-1, default:true" ]; windowrule = [ "workspace:1, class:firefox" "workspace:2, class:emacs" "workspace:5, class:Slack" ]; exec-once = [ "[workspace 1 silent] firefox" "[workspace 2 silent] emacs" "[workspace 5 silent] slack" ]; }; }
Secrets
sops.secrets."ssh/smallbox/private" = { # ssh private key owner = "${user.username}"; mode = "600"; path = "/home/${user.username}/.ssh/id_ed25519"; }; sops.secrets."ssh/smallbox/public" = { # ssh public key owner = "${user.username}"; mode = "644"; path = "/home/${user.username}/.ssh/id_ed25519.pub"; }; sops.secrets."ssh/wavefunk/private" = { # ssh private key owner = "${user.username}"; mode = "600"; path = "/home/${user.username}/.ssh/wavefunk"; }; sops.secrets."ssh/wavefunk/public" = { # ssh public key owner = "${user.username}"; mode = "644"; path = "/home/${user.username}/.ssh/wavefunk.pub"; }; sops.secrets."ssh/wavefunk_dev/private" = { # ssh private key owner = "${user.username}"; mode = "600"; path = "/home/${user.username}/.ssh/wavefunk_dev"; }; sops.secrets."ssh/wavefunk_dev/public" = { # ssh public key owner = "${user.username}"; mode = "644"; path = "/home/${user.username}/.ssh/wavefunk_dev.pub"; }; programs._1password.enable = true; programs._1password-gui = { enable = true; polkitPolicyOwners = [ "${user.username}" ]; };
README Utils
Headers
This script adds a DO NOT MODIFY header to all the generated nix files.
(progn (defun add-tangle-headers () (message "running in %s" (buffer-file-name)) (when (string= (file-name-extension (buffer-file-name)) "nix") (goto-char (point-min)) (insert "# WARNING : This file was generated by README.org\n# DO NOT MODIFY THIS FILE!\n# Any changes made here will be overwritten.\n") (save-buffer)) (save-buffer)) (add-hook 'org-babel-post-tangle-hook 'add-tangle-headers))