From f94e0647a9719d25c14d9f3feaa93c5385bcbd96 Mon Sep 17 00:00:00 2001 From: Tibo De Peuter Date: Sun, 26 Oct 2025 16:19:59 +0100 Subject: [PATCH 1/4] [sops/ssh] Add more SSH config/keys --- nixos/secrets/HomeLab.yaml | 8 ++++++-- nixos/users/tdpeuter/secrets.nix | 2 ++ stow/ssh/.ssh/config | 20 +++++++++++++++++++- 3 files changed, 27 insertions(+), 3 deletions(-) diff --git a/nixos/secrets/HomeLab.yaml b/nixos/secrets/HomeLab.yaml index 2cbb8fc..d39ba71 100644 --- a/nixos/secrets/HomeLab.yaml +++ b/nixos/secrets/HomeLab.yaml @@ -1,6 +1,8 @@ HomeLab: Gitea: ssh: ENC[AES256_GCM,data:+H9qhfOg5WlTB7pihvbJ9omY/zLTAADe8KzI4fbdZ7NuaM0auC95AIQqhwNNCZNglg9UGOVL662pY7dNhbQ/2iCLPHSPgFFXf3fx1moRRcYYQzoJxsgxp19FZQeGNJ0qfRf72xYbZQZKslyHQmcqDieoVTyhaLqTfgC8MQ/UZofw/ortmgME7z51rGV5sXXMjxpJpHz9JxiPwQEL0ABWDAeCqBVBzlqqwdmfKEdkcR4l3USHfH1iNF5XQ5V26I+UGDOyoixt1c/BXzD9xzKI7MUDoRz+qfC6C62LIlEgqZY5tWg+tVZnqobakxwH6d8pXtQ7vaIREEP0LqQMkrNcK8X+cDRteToQ1fcxtN1V+JfZSa9pVC+iGgvmSZ00q4bnOgTmgO9IZ80TvOR4bHpRhjM5l4JMbLBv2jqY1zeUx/5L3WNuYIm9sL5mWXkV/RAD8WCemNSWdKbGsvByEUeiFcxczL/vQ6y3fi+ntmXUgeXVy5zVNkNlYbqd+DemBmwZQb9D1T5T97i2ChciYb3/ON1NObja/bt0PTQa,iv:hIbwsPcDSfgDItlvFFy0vCjuQWvgoQHBH60v8nTVTNg=,tag:1T/TdTEy98TfgMzYAxfHKA==,type:str] + HTPC: + ssh: ENC[AES256_GCM,data:svt6jhMXVCydmlcoa052TtFoIwQiAzNJRn9GPZDBuOGSnB83kUpuy/oqPOIa2ipco0L/5F/mQWn7OHUFtyhWWMerzY8niPldUDKH4jgsvRhRIatGOFiDyL8oA+f1O9lmhyFx35uxGa+Q6tn6rtXVKRVWQFe8kYBvGYjugKixsOMugoqLIxY8wUlMTzm6uDd7a72s/0hgQZGKp0eHWBHEdSJGPdv8svVDZ1PBMrlZa5ZpuiUmmvZvyCEnRtImUZALG4nKMvJjunxKr/4MJhWuffQ60jLYzInoGggiJlwBm+E+m43FwIFndY+LJ+ykO5RAbHhSwgXsCS5WXBrvDGuOTNAlIp6yTgSK1DCzSjzOJOc93rVSPhPdkaOoKgxhz1k95qCEhYUf9vyBgyIaOntWEArV+OZmHje6awbk4fpyIzRe7ggHlhKILYoGYzeejxbMGB9nH15RlUiTF7QnAWxWNSwcET6dSn2MtpC3yegnYl4u3eJ7YkHHYYQtwCQ9vCnt0i/sfuJmbrSFBXnVKMWB2w1Att145gDdlDok,iv:4bkSYvgmG6j/AwVnfGsLjdqtyP/gpWRvOKZCQxP0sMs=,tag:LyjE7dTt0+IDuSlbVLgCMg==,type:str] Hugo: ssh: ENC[AES256_GCM,data:y233CFIH7/n4EGEd2D7MuoprcMV9A8DaiV9JYZ6sr5j+hZnGr8sIAm9/55Bi2cD74sBZcE+tjOz+V2aJ2llKgcdS84ZmXMPh6KQ2QYRYuGdBLeztl8foKdimToblBapebTVO7Rc2mdhg7sZtC/TKSIJnG3R3lRfRdKaxNjaRS51epl7VZKGhLBjZoZqMXOezY7lvNBvF3hFfMh5el5I5Te/yQbbp0a7DkAvA+c1nG9bo9FN0h3VJJTzcuHqvGHI736VosLe8UGirMkX9mBwB8ZV4+2Vp7ZsSHnX5or/MzuYexT0zeLbTNHfj64d2W2/LKDkxNc35Sw7NvxwsVj3k2UHC2jEgus2z0AdMFszEFXh+Eu9wK8yX4ebzUut+OHNPuxvIk+ORxYr3OdVkOhhWHLinu/skNg0u5OdUXo/0p1876+gpcnOVC5UrUflwrtKGQgNk+ovWWjSfcQMh+gI6GYXzksX3YdMEriYZt4Z8lev2od/i7q48cV4W3Lo6TDDttipynxQus6K+J3oBKRirLHylRA5gusqUOVzC,iv:thw9OUnA02qe6aMuLTwy+q/a6isB375/k7JixPEy960=,tag:s95FtFRmPG0Up2oVuQyXsg==,type:str] Nextcloud: @@ -11,6 +13,8 @@ HomeLab: Roxanne: ghost: ssh: ENC[AES256_GCM,data:hkgVUVyCLANeYB4bcCTLB/F6eAbg7J4eN8y+VVzBfkcgnpDmXmghBihreQVT7OIwRrHIH1ok2vuH8vgXb38tuplUD5I8e0Gqy3EqpOGagsO8lss4aIg2lRwZ9WazJknvo4OaGc34jrwcZicesnaxK6g+GX2r2N4caGKMuOZ2i1mLKBwOcEtL6l3REKrGkExd3mYJX1Yqs7sMbGLNpfemDghv646zvxDRwPby49qIPA8OtGR+DBMZTTEviNqamJaFbs7YX+K77J1NHK59u6UfzU6hEjTBEYIjkFDzGATAZAopCsjOHcAA0alejHK4QZZt3e8unVsLICNK08ZCyEzwSXQ/wpUh3ccGcLit2t1LYZT4PqqG8+6ooaQYso67Wral0pdsTsrF0mGNfsZm76MDV9puP5B+IInanHz+2mCHbdmTi6rg9t8Q6mpFqrUbrwxMn2Ns1proBXBCqK/sFjC/bVIyMHUVOh6GYcKaVTv8ecB9ZEjp5dZ4VeStqTMT+xqS7dXBAJzGytLwXT/JaQelIE0w47aBaGy63Pqy,iv:WuAGU+ru8xLp2LXK12x/ueCH0XDxA0zGUt7+HWUdVMo=,tag:UqUMD/jSdTXOkf0kyMqwHA==,type:str] + Vaultwarden: + ssh: ENC[AES256_GCM,data:LJ7nbIdl1GqcsBtOwqsDtjKMfks13X5hsGkEFxDj0eX1EegEBkoWnzstu34RTgt1O1O+3Y/Amg7cDce2ZyZrTwDmLqinpuJD3CI7pRtQygAH8X9wPQYE6U3D1t4dXuMcDftjS+uY0CJFmq01dLv0GytSZSiNBcqNepTY+fO20yylyUbDGjI3Foyi86ipEtLVeFJqESiHDMHn/Cr+ggpLNMXijpnyoCRstPlm3GY3n6EhPwKhwovLB3AXolUeScnInIpwiikVTkYLNLCbrG8KAAr+DmWK3GTZYToH0wV8HpacPQI+4cHf96+EvAVlYMwGyQztPmXO7/9xUgWCNYow+z8BD6ijMuyZHT9aNkoAPt/y72N/PSf5HqW0QVWr3LmyIG+i9Bxbhqc7mRUIy4wZsODbtoO8/RtAly6mXIg0DZLlbo8kDe3TE3m+P5E/KQJOAvM2QdL+NXPcf2J2JYHW4kzITx447Bc3+F/DRs616MhekIoDybLhY3MT0XvYX1d1wAv/Ip98EGzfptXjnJvKPcJgTBlqNyeKuPOe,iv:oEGJUpoj+N30TgLpSWQqGdqYBdWLUWnSuQ+7TdSgmFc=,tag:AUZ2QnPUxLHaxsHbrmSYZQ==,type:str] sops: age: - recipient: age1fva6s64s884z0q2w7de024sp69ucvqu0pg9shrhhqsn3ewlpjfpsh6md7y @@ -31,7 +35,7 @@ sops: NFRtOFIybnFPWm1idFY0WEVqVGxOK1UKiJDByqKv/i/l9dvOplDyzDORU3ulhSwi 6xyEqmyNQpIkiS6TLZZYrBlQMDYqZ2gj1HhdIUssWJCf5Ho8KVDjJQ== -----END AGE ENCRYPTED FILE----- - lastmodified: "2025-10-04T19:40:06Z" - mac: ENC[AES256_GCM,data:V/0QsMR9nuoK7Tgj9UVxcsWM5llHlpMj+K0IgN3ZdqFQptOpasq+xVBBnSpNOarNFXB7t2ZCkzLMWptl/6fNH9Cye2qf8GjplHLGTB9x8t2u2XMwJf4BwCjOgxhiKo5jqFmjnFE2mX2EeZmHXv3G8gPwW+1cVttQQ4s7REo3Hww=,iv:AY0RSvevoSscdjl44iGEvWzcb664285csg1h0Hpixn4=,tag:yebUKx6Ssa6sB9HbNlLmUw==,type:str] + lastmodified: "2025-10-18T15:55:58Z" + mac: ENC[AES256_GCM,data:vdVOTFlDD9jlGJksI5TDxk3stPkLY8lB6LMhV6QGqh9R2vaGuGGh6RZuR6AInq1Rm89innA6M1S2UUM6Jef1EKiPgq41neWMx/i3n7Ixx8FcraO/lgUYKG5yszYdjAlLQvKWqIbvX0bMYNwpF10FO5OyiXWiJrP9Om0Pjvk7dO8=,iv:W9I1nv0fKckNlNjJF0U4HlkyI5VDpvOGiSo0GeOODaY=,tag:RjkSTQYejyf1WO0LilbXYg==,type:str] unencrypted_suffix: _unencrypted version: 3.10.2 diff --git a/nixos/users/tdpeuter/secrets.nix b/nixos/users/tdpeuter/secrets.nix index a7afac6..fd1a363 100644 --- a/nixos/users/tdpeuter/secrets.nix +++ b/nixos/users/tdpeuter/secrets.nix @@ -36,10 +36,12 @@ in { # Physical hosts "HomeLab/Hugo/ssh" = HomeLab; "HomeLab/Roxanne/ghost/ssh" = HomeLab; + "HomeLab/HTPC/ssh" = HomeLab; # Virtual hosts "HomeLab/Gitea/ssh" = HomeLab; "HomeLab/Nextcloud/ssh" = HomeLab; + "HomeLab/Vaultwarden/ssh" = HomeLab; "HomeLab/NixOS/admin/ssh" = HomeLab; }); }; diff --git a/stow/ssh/.ssh/config b/stow/ssh/.ssh/config index 2e45b5d..ea3df8e 100644 --- a/stow/ssh/.ssh/config +++ b/stow/ssh/.ssh/config @@ -45,9 +45,15 @@ Host Roxanne IdentitiesOnly yes IdentityFile /run/secrets/HomeLab/Roxanne/ghost/ssh +Host HTPC + User root + Hostname 192.168.0.88 + IdentitiesOnly yes + IdentityFile /run/secrets/HomeLab/HTPC/ssh + # Virtual hosts Host Gitea - User admin + User gh0st HostName 192.168.0.24 IdentitiesOnly yes IdentityFile /run/secrets/HomeLab/Gitea/ssh @@ -58,6 +64,18 @@ Host Nextcloud IdentitiesOnly yes IdentityFile /run/secrets/HomeLab/Nextcloud/ssh +Host Vaultwarden + User gh0st + Hostname 192.168.0.22 + IdentitiesOnly yes + IdentityFile /run/secrets/HomeLab/Vaultwarden/ssh + +Host Binnenpost + User admin + Hostname 192.168.0.89 + IdentitiesOnly yes + IdentityFile /run/secrets/HomeLab/NixOS/admin/ssh + Host Development User admin Hostname 192.168.0.91 From e1b5cb2ea413249c7fe5f1d4d004c84a7b795815 Mon Sep 17 00:00:00 2001 From: Tibo De Peuter Date: Sun, 26 Oct 2025 16:23:26 +0100 Subject: [PATCH 2/4] [virtualbox] Remove guest --- .../virtualisation/virtualbox/default.nix | 18 +++++------------- 1 file changed, 5 insertions(+), 13 deletions(-) diff --git a/nixos/modules/virtualisation/virtualbox/default.nix b/nixos/modules/virtualisation/virtualbox/default.nix index 4d5ee2c..3124493 100644 --- a/nixos/modules/virtualisation/virtualbox/default.nix +++ b/nixos/modules/virtualisation/virtualbox/default.nix @@ -6,19 +6,11 @@ in { options.sisyphus.virtualisation.virtualbox.enable = lib.mkEnableOption "VirtualBox"; config = lib.mkIf cfg.enable { - virtualisation.virtualbox = { - host = { - enable = true; - enableExtensionPack = true; - enableHardening = true; - package = pkgs-unstable.virtualbox; - }; - guest = { - enable = true; - clipboard = true; - seamless = true; - vboxsf = false; # Module not found?... - }; + virtualisation.virtualbox.host = { + enable = true; + enableExtensionPack = true; + enableHardening = true; + package = pkgs-unstable.virtualbox; }; From 1f5facd3461abd605f0e58dc8dee36262861028b Mon Sep 17 00:00:00 2001 From: Tibo De Peuter Date: Sun, 26 Oct 2025 16:24:21 +0100 Subject: [PATCH 3/4] [firefox] Add Google Scholar alias --- nixos/users/tdpeuter/default.nix | 1 + nixos/users/tdpeuter/firefox.nix | 10 ++++++++++ 2 files changed, 11 insertions(+) diff --git a/nixos/users/tdpeuter/default.nix b/nixos/users/tdpeuter/default.nix index e3d6514..353a1d4 100644 --- a/nixos/users/tdpeuter/default.nix +++ b/nixos/users/tdpeuter/default.nix @@ -59,6 +59,7 @@ in { vifm # File manager zathura # PDF viewer zellij # Tmux + screen alternative + zotero zsh zsh-autosuggestions zsh-syntax-highlighting diff --git a/nixos/users/tdpeuter/firefox.nix b/nixos/users/tdpeuter/firefox.nix index 626eecc..5bb0b46 100644 --- a/nixos/users/tdpeuter/firefox.nix +++ b/nixos/users/tdpeuter/firefox.nix @@ -101,6 +101,16 @@ in { icon = "${pkgs.nixos-icons}/share/icons/hicolor/scalable/apps/nix-snowflake.svg"; definedAliases = [ "@no" ]; }; + "Google Scholar" = { + urls = [{ + template = "https://scholar.google.ch/scholar"; + params = [ + { name = "q"; value = "{searchTerms}"; } + ]; + }]; + + definedAliases = [ "@gs" ]; + }; }; }; }; From f655e5223d95f1e29f7ce2e3a4f9fc8af53216c2 Mon Sep 17 00:00:00 2001 From: Tibo De Peuter Date: Sun, 26 Oct 2025 21:19:00 +0100 Subject: [PATCH 4/4] [hypr] Add hy3 addon --- nixos/modules/desktop/hyprland/default.nix | 2 + stow/hyprland/.config/hypr/hy3.conf | 164 +++++++++++++++++++++ stow/hyprland/.config/hypr/hyprland.conf | 13 +- stow/hyprland/.config/hypr/keybinds.conf | 8 +- 4 files changed, 175 insertions(+), 12 deletions(-) create mode 100644 stow/hyprland/.config/hypr/hy3.conf diff --git a/nixos/modules/desktop/hyprland/default.nix b/nixos/modules/desktop/hyprland/default.nix index 3049fbe..6d7d25b 100644 --- a/nixos/modules/desktop/hyprland/default.nix +++ b/nixos/modules/desktop/hyprland/default.nix @@ -27,6 +27,8 @@ in { wl-mirror # Mirror an output wdisplays # Tool to configure displays + hyprlandPlugins.hy3 # i3/sway layout plugin + swaylock glib diff --git a/stow/hyprland/.config/hypr/hy3.conf b/stow/hyprland/.config/hypr/hy3.conf new file mode 100644 index 0000000..7d3e999 --- /dev/null +++ b/stow/hyprland/.config/hypr/hy3.conf @@ -0,0 +1,164 @@ + +# TODO Do not hardcode this path +plugin = /nix/store/afivj8v5kfdsadxs4pa45vh0y65s3ajm-hy3-hl0.49.0/lib/libhy3.so + +general:layout = hy3 + +plugin { + hy3 { + # disable gaps when only one window is onscreen + # 0 - always show gaps + # 1 - hide gaps with a single window onscreen + # 2 - 1 but also show the window border + no_gaps_when_only = 1 # default: 0 + + # policy controlling what happens when a node is removed from a group, + # leaving only a group + # 0 = remove the nested group + # 1 = keep the nested group + # 2 = keep the nested group only if its parent is a tab group + node_collapse_policy = 2 # default: 2 + + # offset from group split direction when only one window is in a group + group_inset = 10 # default: 10 + + # if a tab group will automatically be created for the first window spawned in a workspace + tab_first_window = false + + # tab group settings + tabs { + # height of the tab bar + height = 10 # default: 22 + + # padding between the tab bar and its focused node + padding = 0 # default: 6 + + # the tab bar should animate in/out from the top instead of below the window + from_top = false # default: false + + # radius of tab bar corners + radius = 0 # default: 6 + + # tab bar border width + border_width = 2 # default: 2 + + # render the window title on the bar + render_text = false # default: true + + # center the window title + text_center = true # default: true + + # font to render the window title with + text_font = Sans # default: Sans + + # height of the window title + text_height = 8 # default: 8 + + # left padding of the window title + text_padding = 3 # default: 3 + + # active tab bar segment colors + #col.active = # default: rgba(33ccff40) + #col.active.border = # default: rgba(33ccffee) + #col.active.text = # default: rgba(ffffffff) + + # active tab bar segment colors for bars on an unfocused monitor + #col.active_alt_monitor = # default: rgba(60606040) + #col.active_alt_monitor.border = # default: rgba(808080ee) + #col.active_alt_monitor.text = # default: rgba(ffffffff) + + # focused tab bar segment colors (focused node in unfocused container) + #col.focused = # default: rgba(60606040) + #col.focused.border = # default: rgba(808080ee) + #col.focused.text = # default: rgba(ffffffff) + + # inactive tab bar segment colors + col.inactive = rgba(a6a6a620) # default: rgba(30303020) + col.inactive.border = rgba(a6a6a6aa) # default: rgba(606060aa) + #col.inactive.text = # default: rgba(ffffffff) + + # urgent tab bar segment colors + #col.urgent = # default: rgba(ff223340) + #col.urgent.border = # default: rgba(ff2233ee) + #col.urgent.text = # default: rgba(ffffffff) + + # urgent tab bar segment colors + #col.locked = # default: rgba(90903340) + #col.locked.border = # default: rgba(909033ee) + #col.locked.text = # default: rgba(ffffffff) + + # if tab backgrounds should be blurred + # Blur is only visible when the above colors are not opaque. + blur = true # default: true + + # opacity multiplier for tabs + # Applies to blur as well as the given colors. + opacity = 1.0 # default: 1.0 + } + + # autotiling settings + autotile { + # enable autotile + enable = true # default: false + + # make autotile-created groups ephemeral + ephemeral_groups = true # default: true + + # if a window would be squished smaller than this width, a vertical split will be created + # -1 = never automatically split vertically + # 0 = always automatically split vertically + # = pixel width to split at + trigger_width = -1 # default: 0 + + # if a window would be squished smaller than this height, a horizontal split will be created + # -1 = never automatically split horizontally + # 0 = always automatically split horizontally + # = pixel height to split at + trigger_height = 0 # default: 0 + + # a space or comma separated list of workspace ids where autotile should be enabled + # it's possible to create an exception rule by prefixing the definition with "not:" + # workspaces = 1,2 # autotiling will only be enabled on workspaces 1 and 2 + # workspaces = not:1,2 # autotiling will be enabled on all workspaces except 1 and 2 + workspaces = all # default: all + } + } +} + +# Keybinds + +# Navigation + +# Focus + +# First, unbind default +unbind = $flag, $up +unbind = $flag, $right +unbind = $flag, $down +unbind = $flag, $left + +unbind = $flag, up +unbind = $flag, right +unbind = $flag, down +unbind = $flag, left + +bind = $flag, $up, hy3:movefocus, u +bind = $flag, $right, hy3:movefocus, r +bind = $flag, $down, hy3:movefocus, d +bind = $flag, $left, hy3:movefocus, l + +bind = $flag, up, hy3:movefocus, u +bind = $flag, right, hy3:movefocus, r +bind = $flag, down, hy3:movefocus, d +bind = $flag, left, hy3:movefocus, l + +# Layout +bind = $flag, z, hy3:changegroup, opposite +bind = $flag, x, hy3:changegroup, toggletab +bind = $flag, c, hy3:changegroup, h +bind = $flag, v, hy3:changegroup, v + +bind = $flag, p, hy3:changefocus, raise +bind = $flag+Shift, p, hy3:changefocus, lower +bind = $flag, space, hy3:togglefocuslayer + diff --git a/stow/hyprland/.config/hypr/hyprland.conf b/stow/hyprland/.config/hypr/hyprland.conf index cdcf89e..84fb8cb 100644 --- a/stow/hyprland/.config/hypr/hyprland.conf +++ b/stow/hyprland/.config/hypr/hyprland.conf @@ -201,7 +201,6 @@ xwayland { opengl { nvidia_anti_flicker = false - force_introspection = 2 } render { @@ -250,7 +249,7 @@ exec-once = wlsunset -t 2500 -l 50.51 -L 4.21 exec-once = nextcloud --background # Turn volume off at boot -exec-once = pactl set-sink-mute @DEFAULT_SINK@ 1 +exec-once = wpctl set-mute @DEFAULT_SINK@ 1 # STYLING exec-once = swaybg -i "${HOME}/.local/state/sisyphus/bg" --mode=fill @@ -268,11 +267,13 @@ $term = foot $menu = j4-dmenu-desktop --dmenu="rofi -dmenu -i" --no-generic --usage-log="/home/tdpeuter/.local/state/dmenu.log" --term=$term $lock = swaylock --daemonize -source = /home/tdpeuter/.config/hypr/input-output.conf -source = /home/tdpeuter/.config/hypr/keybinds.conf -source = /home/tdpeuter/.config/hypr/modes.conf - # https://wiki.hyprland.org/Nvidia/#environment-variables env = __GLX_VENDOR_LIBRARY_NAME,nvidia env = LIBVA_DRIVER_NAME,nvidia env = NVD_BACKEND,direct + +source = /home/tdpeuter/.config/hypr/input-output.conf +source = /home/tdpeuter/.config/hypr/keybinds.conf +source = /home/tdpeuter/.config/hypr/modes.conf +source = /home/tdpeuter/.config/hypr/hy3.conf # Sway tiling plugin + diff --git a/stow/hyprland/.config/hypr/keybinds.conf b/stow/hyprland/.config/hypr/keybinds.conf index 26385f3..1a4f1e1 100644 --- a/stow/hyprland/.config/hypr/keybinds.conf +++ b/stow/hyprland/.config/hypr/keybinds.conf @@ -45,11 +45,6 @@ bind = $flag, Prior, togglespecialworkspace, special:scratchpad # bind = $flag, KP_Next, togglespecialworkspace, magic # Layouts -# bind = $flag, z, layout toggle split -# bind = $flag, x, layout tabbed -# bind = $flag, c, split horizontal -# bind = $flag, v, split vertical - bind = $flag, f, togglefloating bind = $flag+Shift, f, settiled @@ -171,7 +166,8 @@ bind = CTRL&ALT, T, exec, $term bind = Alt, Space, exec, $menu bind = Alt, Tab, focuscurrentorlast -bind = $flag, e, exec, $term -e vifm +bind = $flag, e, exec, $term -e vifm +bind = Ctrl+Shift, Escape, exec, $term -e zenith bind = Ctrl+Shift, a, exec, notify-send "hole!" && hyprctl setcursor _ 87 && sleep 5 && hyprctl setcursor _ 24