My dotfiles for my nixos machines and infra
cleanup desktop config
+481
-608
+1
-1
default.nix
+1
-1
default.nix
+7
-15
hosts/desktop/default.nix
+7
-15
hosts/desktop/default.nix
···
8
8
# disabledModules = [ "services/networking/tetrd.nix" ];
9
9
10
10
imports = [
11
-
./system/configuration.nix # Main configuration
12
-
./system/networking.nix # Network config
13
-
./system/services.nix
11
+
./system
12
+
./services
14
13
./hjem-rum/snowy.nix # :3
14
+
15
15
../../modules/private/desktop.nix
16
+
../../modules/sops/snowflake.nix
17
+
# ../../modules/snownet
16
18
17
19
# /mnt/SnowData/snowy/Documents/repos/nixpkgs/nixos/modules/services/networking/tetrd.nix
20
+
/mnt/SnowData/snowy/Documents/repos/nixpkgs/nixos/modules/services/networking/pgdog.nix
18
21
19
22
args.flakes.hjem.nixosModules.default
20
23
args.flakes.nix-gaming-edge.nixosModules.default
21
-
# (import "${args.pins.lix-nixos-module}/module.nix" ({
22
-
# lix = args.pins.lix;
23
-
# # versionSuffix = "pre${builtins.substring 0 8 args.pins.lix.lastModifiedDate}-${
24
-
# # args.pins.lix.shortRev or args.pins.lix.dirtyShortRev
25
-
# # }";
26
-
# }))
27
-
28
-
# (import "${args.pins.lix-nixos-module}/module.nix" { lix = args.pins.lix; })
29
-
#
30
-
../../modules/sops/snowflake.nix
31
-
../../modules/snownet
32
24
];
33
25
34
26
nixpkgs = {
35
-
# inherit system;
36
27
config = {
37
28
permittedInsecurePackages = [ ];
38
29
allowUnfree = true;
···
42
33
overlays = [
43
34
args.flakes.nix-gaming-edge.overlays.mesa-git
44
35
args.flakes.nix-gaming-edge.overlays.proton-cachyos
36
+
args.flakes.nix-gaming-edge.overlays.eden-emulator
45
37
(final: prev: {
46
38
# tetrd = repos.custom.tetrd;
47
39
})
+189
-95
hosts/desktop/hjem-rum/snowy.nix
+189
-95
hosts/desktop/hjem-rum/snowy.nix
···
2
2
args,
3
3
config,
4
4
pkgs,
5
-
# repos,
5
+
repos,
6
6
...
7
7
}:
8
8
9
9
{
10
10
users.users.snowy.packages = with pkgs; [
11
-
fluxer-desktop
12
-
nicotine-plus
13
-
14
-
# factorio
15
-
# factorio-space-age
11
+
12
+
### GUI apps
13
+
mpv
14
+
tauon
15
+
ente-desktop
16
+
cherry-studio
16
17
args.flakes.zen-browser.packages."${stdenv.hostPlatform.system}".twilight
17
18
args.flakes.helium.packages.x86_64-linux.default
18
19
zed-editor
19
20
vscode
20
-
helix
21
-
gh
22
-
nix-output-monitor
23
-
glow
24
-
delta
25
-
nixpkgs-review
26
-
27
-
ctop
28
-
waypipe
29
-
ente-desktop
30
-
tauon
31
-
yt-dlp
32
-
mpv
33
-
34
-
jetbrains.idea
35
-
# jetbrains.rider
36
-
# unityhub
37
-
38
-
#language servers
39
-
bash-language-server
40
-
hyprls
41
-
kdePackages.qtdeclarative
42
-
kdePackages.qtutilities
43
-
python313Packages.python-lsp-server
44
-
45
-
chafa
46
-
# repos.unstable.grayjay
47
-
48
-
# gaphor
49
-
# d-spyd
50
-
# bustle
51
-
21
+
fluxer-desktop
22
+
nicotine-plus
23
+
eden-emulator
24
+
ryubing
52
25
vesktop
53
-
54
-
rustup
55
-
gcc
56
-
just
57
-
jujutsu
58
-
sops
59
-
60
-
# silly game
61
-
clonehero
62
-
63
-
# silly
26
+
clonehero # silly game
64
27
papers
65
28
loupe
66
29
gnome-clocks
67
-
# helvum # deprecated
68
30
crosspipe
69
31
# krita
70
32
orca-slicer
71
-
protonplus
72
-
protontricks
33
+
# protonplus
34
+
# protontricks
73
35
winetricks
74
36
obsidian
75
-
element-desktop
76
-
radio-cli # rust
37
+
# element-desktop
77
38
heroic
78
-
bottles
39
+
# bottles
79
40
# hydralauncher
80
-
81
41
wineWow64Packages.stagingFull
82
-
easyeffects
42
+
repos.stable.easyeffects
43
+
jellyfin-desktop
44
+
amdgpu_top
45
+
mangojuice
46
+
rofi
47
+
mako
48
+
blueman
49
+
pavucontrol
50
+
waybar
51
+
dconf-editor
52
+
nautilus
53
+
file-roller
54
+
prismlauncher
55
+
signal-desktop
56
+
qbittorrent
83
57
84
-
monocraft
58
+
glogg
59
+
# monero-gui
60
+
# p2pool
61
+
# keyguard
62
+
bitwarden-desktop
63
+
quickshell
64
+
pear-desktop
65
+
r2modman
66
+
hoppscotch
67
+
# ani-cli
68
+
syncplay
69
+
mumble
70
+
# speedtest-cli
71
+
72
+
### CLI stuff
85
73
python3
86
-
jellyfin-desktop
87
-
# wine64
88
-
# hyprlandPlugins.hyprsplit
74
+
radio-cli # rust
75
+
scrcpy
76
+
# ctop
77
+
yt-dlp
78
+
waypipe
79
+
nix-output-monitor
80
+
glow
81
+
chafa
82
+
delta
83
+
nixpkgs-review
84
+
just
85
+
jujutsu
86
+
sops
87
+
android-tools
88
+
playerctl
89
+
hyprpicker
90
+
swaybg
91
+
# hyprshot
92
+
93
+
## language servers
94
+
bash-language-server
95
+
hyprls
96
+
kdePackages.qtdeclarative
97
+
kdePackages.qtutilities
98
+
python313Packages.python-lsp-server
99
+
100
+
### DEPS
101
+
adwaita-icon-theme
102
+
adw-gtk3
103
+
polkit_gnome
104
+
mangohud
105
+
bluez-tools
106
+
gh # for nix review
89
107
];
90
108
109
+
systemd.user.services = {
110
+
polkit-gnome-authentication-agent-1 = {
111
+
description = "polkit-gnome-authentication-agent-1";
112
+
wantedBy = [ "graphical-session.target" ];
113
+
wants = [ "graphical-session.target" ];
114
+
after = [ "graphical-session.target" ];
115
+
serviceConfig = {
116
+
Type = "simple";
117
+
ExecStart = "${pkgs.polkit_gnome}/libexec/polkit-gnome-authentication-agent-1";
118
+
Restart = "on-failure";
119
+
RestartSec = 1;
120
+
TimeoutStopSec = 10;
121
+
};
122
+
};
123
+
};
124
+
91
125
hjem.users.snowy = {
92
126
enable = true;
93
127
directory = config.users.users.snowy.home;
94
128
user = "snowy";
95
-
# environment.sessionVariables = {
96
-
97
-
# };
98
129
99
130
xdg = {
100
131
config.files = {
101
-
"environment.d/10-hjem-rum.conf" = {
132
+
"environment.d/10-env.conf" = {
102
133
text = ''
103
-
POLKIT_GNOME = "${pkgs.polkit_gnome}/libexec/polkit-gnome-authentication-agent-1";
134
+
PATH=$HOME/.local/bin:$PATH
135
+
TERMINAL=foot
136
+
#TERM=foot
137
+
EDITOR=hx
138
+
139
+
# XDG
140
+
XDG_DATA_HOME=$HOME/.local/share
141
+
XDG_CONFIG_HOME=$HOME/.config
142
+
XDG_STATE_HOME=$HOME/.local/state
143
+
XDG_CACHE_HOME=$HOME/.cache
144
+
145
+
# WAYLAND STUFF
146
+
ELECTRON_OZONE_PLATFORM_HINT=auto
147
+
#OZONE_PLATFORM=WAYLAND
148
+
149
+
#GTK
150
+
GTK_USE_PORTAL=1
151
+
GTK2_RC_FILES=$XDG_CONFIG_HOME/gtk-2.0/gtkrc
152
+
153
+
#RUST
154
+
CARGO_HOME=$XDG_DATA_HOME/cargo
155
+
RUSTUP_HOME=$XDG_DATA_HOME/rustup
156
+
157
+
# NPM
158
+
NPM_CONFIG_INIT_MODULE=$XDG_CONFIG_HOME/npm/config/npm-init.js
159
+
NPM_CONFIG_CACHE=$XDG_CACHE_HOME/npm
160
+
NPM_CONFIG_TMP=$XDG_RUNTIME_DIR/npm
161
+
162
+
# GO
163
+
GOPATH=$XDG_DATA_HOME/go
164
+
165
+
# PYTHON
166
+
PYTHON_HISTORY=$XDG_STATE_HOME/python/history
167
+
168
+
# ANDROID
169
+
ANDROID_USER_HOME=$XDG_DATA_HOME/android
170
+
ANDROID_HOME=$XDG_DATA_HOME/android/sdk # For sdk
171
+
172
+
# GPG
173
+
GNUPGHOME=$XDG_DATA_HOME/gnupg
104
174
175
+
# X11 STUFF
176
+
XCURSOR_PATH=/usr/share/icons:$XDG_DATA_HOME/icons
177
+
XAUTHORITY=$XDG_RUNTIME_DIR/Xauthority
105
178
XCURSOR_THEME = "phinger-cursors-light";
106
179
XCURSOR_SIZE = "24";
180
+
181
+
# TERMINFO
182
+
TERMINFO=$XDG_DATA_HOME/terminfo
183
+
TERMINFO_DIRS=$XDG_DATA_HOME/terminfo:/usr/share/terminfo
184
+
185
+
# NUGET
186
+
NUGET_PACKAGES=$XDG_CACHE_HOME/NuGetPackages
187
+
188
+
# JAVA
189
+
_JAVA_OPTIONS=-Djava.util.prefs.userRoot=$XDG_CONFIG_HOME/java
190
+
GRADLE_USER_HOME=$XDG_DATA_HOME/gradle
191
+
192
+
# WINE
193
+
WINEPREFIX=$XDG_DATA_HOME/wine
194
+
195
+
# DOTNET
196
+
DOTNET_CLI_HOME=$XDG_DATA_HOME/dotnet
197
+
198
+
# AMD Vulkan
199
+
AMD_VULKAN_ICD=RADV
200
+
201
+
# Docker
202
+
DOCKER_CONFIG=$XDG_CONFIG_HOME/docker
107
203
'';
108
204
};
109
205
};
···
123
219
};
124
220
};
125
221
126
-
rum = {
127
-
programs = {
128
-
direnv = {
129
-
enable = true;
130
-
integrations = {
131
-
fish.enable = true;
132
-
nix-direnv.enable = true;
133
-
};
134
-
settings = {
135
-
global = {
136
-
log_filter = "^$";
137
-
log_format = "-";
138
-
};
222
+
rum.programs = {
223
+
direnv = {
224
+
enable = true;
225
+
integrations = {
226
+
fish.enable = true;
227
+
nix-direnv.enable = true;
228
+
};
229
+
settings = {
230
+
global = {
231
+
log_filter = "^$";
232
+
log_format = "-";
139
233
};
140
234
};
235
+
};
141
236
142
-
helix = {
143
-
enable = true;
144
-
};
237
+
# helix = {
238
+
# enable = true;
239
+
# };
145
240
146
-
nix-your-shell = {
147
-
enable = true;
148
-
integrations.fish.enable = true;
149
-
};
241
+
nix-your-shell = {
242
+
enable = true;
243
+
integrations.fish.enable = true;
244
+
};
150
245
151
-
obs-studio = {
152
-
enable = true;
153
-
package = pkgs.wrapOBS {
154
-
plugins = with pkgs.obs-studio-plugins; [
155
-
obs-vkcapture
156
-
obs-pipewire-audio-capture
157
-
obs-text-pthread
158
-
];
159
-
};
246
+
obs-studio = {
247
+
enable = true;
248
+
package = pkgs.wrapOBS {
249
+
plugins = with pkgs.obs-studio-plugins; [
250
+
obs-vkcapture
251
+
obs-pipewire-audio-capture
252
+
obs-text-pthread
253
+
];
160
254
};
161
255
};
162
256
};
+25
hosts/desktop/services/apps.nix
+25
hosts/desktop/services/apps.nix
···
1
+
{ pkgs, ... }:
2
+
{
3
+
services = {
4
+
flatpak.enable = true;
5
+
blueman.enable = true;
6
+
7
+
ollama = {
8
+
enable = true;
9
+
package = pkgs.ollama-rocm;
10
+
host = "[::]";
11
+
};
12
+
13
+
# lsfg-vk = {
14
+
# enable = true;
15
+
# ui.enable = true; # installs gui for configuring lsfg-vk
16
+
# };
17
+
18
+
sunshine = {
19
+
enable = true;
20
+
autoStart = true;
21
+
capSysAdmin = true;
22
+
openFirewall = true;
23
+
};
24
+
};
25
+
}
+8
hosts/desktop/services/default.nix
+8
hosts/desktop/services/default.nix
+36
hosts/desktop/services/network.nix
+36
hosts/desktop/services/network.nix
···
1
+
{ repos, ... }:
2
+
{
3
+
services = {
4
+
timesyncd.enable = true;
5
+
ntp.enable = true;
6
+
7
+
mullvad-vpn.enable = true;
8
+
9
+
tailscale = {
10
+
enable = true;
11
+
extraUpFlags = [
12
+
"--accept-dns=false"
13
+
];
14
+
};
15
+
16
+
netbird = {
17
+
package = repos.stable.netbird;
18
+
ui.enable = false;
19
+
clients.fennec = {
20
+
port = 51820;
21
+
environment = {
22
+
NB_MANAGEMENT_URL = "https://netbird.awoo.ren";
23
+
# NB_SETUP_KEY_FILE = config.sops.secrets.nb_setup_key.path;
24
+
};
25
+
};
26
+
};
27
+
28
+
# for mdns, then I can just access devices with hostname.local
29
+
avahi = {
30
+
enable = true;
31
+
nssmdns4 = true;
32
+
nssmdns6 = true;
33
+
openFirewall = true;
34
+
};
35
+
};
36
+
}
+55
hosts/desktop/services/system.nix
+55
hosts/desktop/services/system.nix
···
1
+
{ pkgs, ... }:
2
+
{
3
+
services = {
4
+
gvfs.enable = true;
5
+
gnome.gnome-keyring.enable = true;
6
+
7
+
lact.enable = true;
8
+
fwupd.enable = true;
9
+
10
+
# dbus.packages = with pkgs; [
11
+
# # gnome-keyring
12
+
# gcr
13
+
# ];
14
+
15
+
pipewire = {
16
+
enable = true;
17
+
alsa.enable = true;
18
+
# alsa.support32Bit = true;
19
+
pulse.enable = true;
20
+
jack.enable = true;
21
+
wireplumber.enable = true;
22
+
};
23
+
24
+
udev = {
25
+
enable = true;
26
+
extraRules = ''
27
+
ENV{ID_VENDOR_ID}=="303a", ENV{ID_MODEL_ID}=="1001", MODE="0777"
28
+
'';
29
+
packages = [
30
+
pkgs.opentabletdriver
31
+
];
32
+
};
33
+
34
+
greetd = {
35
+
enable = true;
36
+
restart = true;
37
+
useTextGreeter = true;
38
+
settings.default_session = {
39
+
command = "${pkgs.tuigreet}/bin/tuigreet --remember --remember-session --user-menu --time --greeting 'Hello, Snowflake!'";
40
+
user = "greeter";
41
+
};
42
+
};
43
+
44
+
# Configure keymap in X11
45
+
xserver.xkb = {
46
+
layout = "us";
47
+
# options = "caps:escape";
48
+
};
49
+
50
+
desktopManager = {
51
+
gnome.enable = true;
52
+
cosmic.enable = false;
53
+
};
54
+
};
55
+
}
+36
-201
hosts/desktop/system/configuration.nix
+36
-201
hosts/desktop/system/configuration.nix
···
12
12
}:
13
13
14
14
{
15
-
imports = [
16
-
# Include the results of the hardware scan.
17
-
./hardware-configuration.nix
18
-
];
19
-
20
15
qt = {
21
16
enable = true;
22
17
# style = "adwaita-dark";
···
28
23
registry.nixpkgs.to = {
29
24
type = "path";
30
25
path = args.pins.nixpkgs-unstable.outPath;
31
-
# narHash = args.pins.nixpkgs-unstable.narHash;
32
26
};
33
27
34
28
package = repos.unstable.lixPackageSets.git.lix;
···
44
38
];
45
39
auto-optimise-store = true;
46
40
use-xdg-base-directories = true;
47
-
48
-
# substituters = [
49
-
# "https://cache.garnix.io?priority=3"
50
-
# ];
51
-
# trusted-public-keys = [
52
-
# "cache.garnix.io:CTFPyKSLcx5RMJKfLo5EEPUObbA78b0YQ2DTCJXqr9g="
53
-
# ];
54
41
};
55
42
56
43
gc = {
···
66
53
swapDevices = [
67
54
{
68
55
device = "/swapfile";
69
-
size = 16 * 1024; # 32GB
56
+
size = 16 * 1024;
70
57
}
71
58
];
72
59
···
133
120
134
121
spiceUSBRedirection.enable = true;
135
122
136
-
docker = {
137
-
rootless = {
138
-
enable = true;
139
-
setSocketVariable = true;
140
-
};
141
-
};
123
+
# docker = {
124
+
# rootless = {
125
+
# enable = true;
126
+
# setSocketVariable = true;
127
+
# };
128
+
# };
142
129
143
130
# waydroid = {
144
131
# enable = true;
···
157
144
enable = true;
158
145
enable32Bit = true;
159
146
# extraPackages = with pkgs; [
160
-
# # # mesa
161
-
# # libva
162
-
# # libvdpau-va-gl
163
-
164
-
# # #vulkano
165
-
# # vulkan-loader
166
-
# # vulkan-validation-layers
167
-
168
-
# # #opencl
169
-
# # rocmPackages.clr.icd
170
147
# ];
171
148
};
172
149
···
205
182
'';
206
183
};
207
184
208
-
rtkit.enable = true;
185
+
polkit.enable = true;
186
+
rtkit.enable = true; # for pipewire and such
209
187
210
188
pam = {
211
189
loginLimits = [
···
222
200
value = -20;
223
201
}
224
202
];
225
-
services = {
226
-
greetd.enableGnomeKeyring = true;
227
-
greetd-password.enableGnomeKeyring = true;
228
-
};
203
+
# services = {
204
+
# greetd.enableGnomeKeyring = true;
205
+
# greetd-password.enableGnomeKeyring = true;
206
+
# };
229
207
};
230
208
231
209
wrappers = {
232
-
docker-rootlesskit = {
233
-
owner = "root";
234
-
group = "root";
235
-
capabilities = "cap_net_bind_service+ep";
236
-
source = "${pkgs.rootlesskit}/bin/rootlesskit";
237
-
};
210
+
# docker-rootlesskit = {
211
+
# owner = "root";
212
+
# group = "root";
213
+
# capabilities = "cap_net_bind_service+ep";
214
+
# source = "${pkgs.rootlesskit}/bin/rootlesskit";
215
+
# };
238
216
239
-
qemu-netcap = {
240
-
source = "${pkgs.qemu_kvm}/bin/qemu-system-x86_64";
241
-
capabilities = "cap_net_bind_service=ep";
242
-
owner = "snowy";
243
-
group = "wheel";
244
-
};
217
+
# qemu-netcap = {
218
+
# source = "${pkgs.qemu_kvm}/bin/qemu-system-x86_64";
219
+
# capabilities = "cap_net_bind_service=ep";
220
+
# owner = "snowy";
221
+
# group = "wheel";
222
+
# };
245
223
246
-
passt = {
247
-
source = "${pkgs.passt}/bin/passt";
248
-
capabilities = "cap_net_bind_service=ep";
249
-
owner = "snowy";
250
-
group = "wheel";
251
-
};
224
+
# passt = {
225
+
# source = "${pkgs.passt}/bin/passt";
226
+
# capabilities = "cap_net_bind_service=ep";
227
+
# owner = "snowy";
228
+
# group = "wheel";
229
+
# };
252
230
};
253
231
};
254
232
···
264
242
LC_TIME = "en_GB.UTF-8";
265
243
};
266
244
};
267
-
268
-
# console = {
269
-
# font = "Lat2-Terminus16";
270
-
# keyMap = "us";
271
-
# useXkbConfig = true; # use xkb.options in tty.
272
-
# };
273
245
274
246
systemd.services = {
275
-
lact = {
276
-
description = "AMDGPU Control Deamon";
277
-
after = [ "multi-user.target" ];
278
-
wantedBy = [ "multi-user.target" ];
279
-
serviceConfig = {
280
-
ExecStart = "${pkgs.lact}/bin/lact daemon";
281
-
};
282
-
enable = true;
283
-
};
284
-
NetworkManager-wait-online.enable = false;
285
-
# firewall.enable = false;
247
+
# NetworkManager-wait-online.enable = false;
286
248
};
287
249
288
250
xdg = {
···
313
275
};
314
276
};
315
277
316
-
programs = {
317
-
steam = {
318
-
enable = true;
319
-
remotePlay.openFirewall = true;
320
-
localNetworkGameTransfers.openFirewall = true;
321
-
dedicatedServer.openFirewall = true;
322
-
protontricks.enable = true;
323
-
};
324
-
325
-
gamescope.enable = true;
326
-
noisetorch.enable = true;
327
-
fish.enable = true;
328
-
329
-
# gamemode = {
330
-
# enable = true;
331
-
332
-
# settings = {
333
-
# gpu = {
334
-
# apply_gpu_optimisations = "accept-responsibility"; # Setting this to the keyphrase "accept-responsibility" will allow gamemode to apply GPU optimisations such as overclocks
335
-
# amd_performance_level = "high"; # This corresponds to power_dpm_force_performance_level, "manual" is not supported for now
336
-
# gpu_device = 1; # The DRM device number on the system (usually 0), ie. the number in /sys/class/drm/card0/
337
-
# };
338
-
# custom = {
339
-
# start = "${pkgs.libnotify}/bin/notify-send 'GameMode started!' && systemctl --user stop docker opentabletdriver obex gvfs-daemon.service && pkexec systemctl stop bluetooth.service mullvad-daemon.service avahi-daemon.service systemd-machined ntpd";
340
-
# end = "${pkgs.libnotify}/bin/notify-send 'GameMode stopped!' && systemctl --user start docker opentabletdriver obex gvfs-daemon.service && pkexec systemctl start bluetooth.service mullvad-daemon.service avahi-daemon.service systemd-machined ntpd";
341
-
# };
342
-
# };
343
-
# };
344
-
345
-
hyprland = {
346
-
enable = true;
347
-
xwayland.enable = true;
348
-
withUWSM = true;
349
-
#systemd.enable = true;
350
-
#portalPackage = unstable.xdg-desktop-portal-hyprland;
351
-
#package = unstable.hyprland;
352
-
};
353
-
354
-
niri.enable = true;
355
-
356
-
wireshark = {
357
-
enable = true;
358
-
dumpcap.enable = true;
359
-
usbmon.enable = true;
360
-
};
361
-
362
-
seahorse.enable = true;
363
-
dconf.enable = true;
364
-
365
-
nautilus-open-any-terminal = {
366
-
enable = true;
367
-
terminal = "foot";
368
-
};
369
-
370
-
gnupg.agent = {
371
-
enable = true;
372
-
enableSSHSupport = true;
373
-
pinentryPackage = pkgs.pinentry-gnome3;
374
-
};
375
-
376
-
nix-ld.enable = true;
377
-
378
-
winbox = {
379
-
package = pkgs.winbox4;
380
-
openFirewall = true;
381
-
enable = true;
382
-
};
383
-
};
384
-
385
278
fonts = {
386
279
enableDefaultPackages = true;
387
280
···
403
296
];
404
297
};
405
298
406
-
# List packages installed in system profile. To search, run:
407
-
# $ nix search wget
408
-
#
409
299
environment = {
410
300
systemPackages = with pkgs; [
411
301
nh
412
302
npins
413
-
glib # for gsettings
414
-
adwaita-icon-theme
415
-
adw-gtk3
303
+
# glib # for gsettings
416
304
417
305
tuigreet
418
306
libsecret
419
-
hyprpicker
420
-
hyprshot
421
307
nixd
422
308
nixfmt
423
309
···
431
317
openssh
432
318
dosfstools
433
319
btrfs-progs
434
-
# corretto21
435
-
jdk
436
-
jdk17
437
-
android-tools
438
320
439
321
gst_all_1.gstreamer
440
322
gst_all_1.gst-plugins-base
···
459
341
fastfetch
460
342
cpufetch
461
343
alsa-utils
462
-
speedtest-cli
463
-
# zopfli
464
-
fwupd
465
-
android-tools
466
-
netcap
467
344
468
345
# nemo-with-extensions
469
346
# nemo-fileroller
···
471
348
472
349
zellij
473
350
helix
474
-
nano
475
351
yazi
476
352
rclone
477
-
478
-
bluez-tools
479
353
passt # needed for user-mode port forwarding in vm
480
354
481
355
vulkan-tools
482
356
rocmPackages.rocminfo
483
357
rocmPackages.rocm-smi
484
-
amdgpu_top
485
-
mangohud
486
-
mangojuice
487
358
488
-
rofi
489
-
mako
490
359
libnotify
491
-
playerctl
492
-
waybar
493
-
polkit_gnome
494
360
cliphist
495
361
wl-clipboard
496
-
lact
497
362
498
363
libsForQt5.qt5ct
499
364
kdePackages.qt6ct
500
365
kdePackages.breeze
501
366
kdePackages.breeze-icons
502
-
dconf-editor
503
-
nautilus
504
-
file-roller
505
367
foot
506
-
blueman
507
-
pavucontrol
508
368
509
369
# niri
510
370
repos.unstable.xwayland-satellite
511
371
xdg-desktop-portal-gnome
512
372
513
-
swaybg
373
+
wireshark-qt
514
374
# swww
515
-
516
-
virt-manager
517
-
prismlauncher
518
-
signal-desktop
519
-
qbittorrent
520
-
wireshark
521
-
scrcpy
522
-
glogg
523
-
524
-
pear-desktop
525
-
r2modman
526
-
hoppscotch
527
-
ani-cli
528
-
syncplay
529
-
mumble
530
-
531
-
monero-gui
532
-
p2pool
533
-
# keyguard
534
-
bitwarden-desktop
535
-
quickshell
536
-
# distrobox
537
-
538
-
# (discord.override {
539
-
# withOpenASAR = true;
540
-
# withVencord = true;
541
-
# })
375
+
# netcap
376
+
# virt-manager
542
377
];
543
378
544
379
gnome.excludePackages = with pkgs; [
+10
hosts/desktop/system/default.nix
+10
hosts/desktop/system/default.nix
-1
hosts/desktop/system/hardware-configuration.nix
-1
hosts/desktop/system/hardware-configuration.nix
+9
-159
hosts/desktop/system/networking.nix
+9
-159
hosts/desktop/system/networking.nix
···
1
1
{
2
2
config,
3
-
lib,
4
-
pkgs,
5
-
pkgs-unstable,
6
3
...
7
4
}:
8
5
9
6
{
10
-
# services.resolved.enable = false;
11
-
12
-
# dnsmasq = {
13
-
# enable = true;
14
-
# settings = {
15
-
# servers = [
16
-
# "1.1.1.1"
17
-
# ];
18
-
# dhcp-range = [ "192.168.0.2,192.168.0.254" ];
19
-
# };
20
-
# };
21
-
22
7
networking = {
23
8
hostName = "snowflake";
24
-
# wireless.enable = true;
9
+
25
10
networkmanager.enable = false;
26
11
useNetworkd = true;
27
-
# networkmanager.wifi.backend = "iwd";
28
-
# wireless.iwd.enable = true;
29
-
# useDHCP = true;
30
-
31
-
# dhcpcd = {
32
-
# enable = true;
33
-
34
-
# denyInterfaces = [
35
-
# "br0"
36
-
# "virbr0"
37
-
# ];
38
-
# };
39
-
40
-
# interfaces.br0.useDHCP = true;
41
-
# interfaces.enp9s0.useDHCP = false;
42
-
43
-
# bridges = {
44
-
# br0 = {
45
-
# interfaces = [ "enp9s0" ];
46
-
# };
47
-
# };
48
-
49
-
# search = [
50
-
# "taila3a3d2.ts.net"
51
-
# ];
52
-
53
-
# interfaces = {
54
-
# enp9s0 = {
55
-
# ipv4.addresses = [
56
-
# {
57
-
# address = "192.168.88.69";
58
-
# prefixLength = 24;
59
-
# }
60
-
# ];
61
-
# # ipv6.addresses = [
62
-
# # {
63
-
# # address = "2a0a:4cc0:0:1eb::c0ff:ee";
64
-
# # prefixLength = 64;
65
-
# # }
66
-
# # ];
67
-
# };
68
-
# };
12
+
nftables.enable = true;
69
13
70
14
nameservers = [
71
15
# Cloudflare
···
75
19
"1.0.0.1"
76
20
];
77
21
78
-
# resolvconf = {
79
-
# enable = true;
80
-
# dnsExtensionMechanism = true; # ensures resolvconf picks up new nameservers
81
-
# };
82
-
83
-
# nat = {
84
-
# enable = true;
85
-
# enableIPv6 = true;
86
-
# externalInterface = "wlan0";
87
-
# internalInterfaces = [ "enp9s0" ];
88
-
# };
89
-
90
-
# useNetworkd = true;
91
-
92
-
# wireless.iwd = {
93
-
# enable = true;
94
-
95
-
# settings = {
96
-
# Network = {
97
-
# EnableIPv6 = true;
98
-
# NameResolvingService = "resolvconf";
99
-
# };
100
-
# Settings = {
101
-
# AutoConnect = true;
102
-
# };
103
-
# };
104
-
# };
105
-
106
-
# # Open ports in the firewall.
22
+
# Open ports in the firewall.
107
23
firewall = {
108
24
enable = true;
25
+
26
+
# extraInputRules = ''
27
+
# ip saddr 192.168.1.0/24 tcp dport ${toString config.services.ollama.port} accept comment "Trusted lan connection"
28
+
# '';
109
29
110
30
allowedTCPPorts = [
111
31
12315
···
114
34
# 8080
115
35
27016
116
36
37
+
config.services.ollama.port
38
+
117
39
53
118
40
119
41
33693
···
135
57
];
136
58
};
137
59
};
138
-
139
-
# systemd.network = {
140
-
# enable = true;
141
-
# wait-online.enable = false;
142
-
143
-
# networks = {
144
-
145
-
# "10-wlp" = {
146
-
# matchConfig.Name = "enp9s0";
147
-
# networkConfig = {
148
-
# DHCP = "ipv4";
149
-
# IPv4Forwarding = true;
150
-
# IPv6Forwarding = true;
151
-
# IPv6AcceptRA = true;
152
-
# # DNS = [
153
-
# # "1.1.1.1"
154
-
# # "1.0.0.1"
155
-
# # "2606:4700:4700::1111"
156
-
# # "2606:4700:4700::1001"
157
-
# # ];
158
-
# };
159
-
# };
160
-
161
-
# "99-ethernet-default-dhcp" = {
162
-
# matchConfig = {
163
-
# Kind = "!*";
164
-
# Type = "ether";
165
-
# };
166
-
167
-
# networkConfig = {
168
-
# DHCP = "yes";
169
-
# IPv6PrivacyExtensions = "kernel";
170
-
# };
171
-
# };
172
-
173
-
# "99-wireless-client-dhcp" = {
174
-
# matchConfig.WLANInterfaceType = "station";
175
-
# networkConfig = {
176
-
# DHCP = "yes";
177
-
# IPv6PrivacyExtensions = "kernel";
178
-
# };
179
-
180
-
# dhcpV4Config.RouteMetric = 1025;
181
-
182
-
# ipv6AcceptRAConfig.RouteMetric = 1025;
183
-
# };
184
-
185
-
# # "20-lan" = {
186
-
# # matchConfig.Name = "enp9s0";
187
-
# # networkConfig = {
188
-
# # DHCPServer = true;
189
-
# # IPv4Forwarding = true;
190
-
# # IPv6Forwarding = true;
191
-
# # IPv6SendRA = true;
192
-
# # IPMasquerade = "both";
193
-
# # Address = [ "192.168.100.1/24" ];
194
-
# # };
195
-
# # dhcpServerConfig = {
196
-
# # # DNS = [
197
-
# # # "1.1.1.1"
198
-
# # # "1.0.0.1"
199
-
# # # "2606:4700:4700::1111"
200
-
# # # "2606:4700:4700::1001"
201
-
# # # ];
202
-
# # PoolOffset = 10;
203
-
# # PoolSize = 100;
204
-
# # };
205
-
# # linkConfig.RequiredForOnline = "no";
206
-
# # };
207
-
208
-
# };
209
-
# };
210
60
}
+79
hosts/desktop/system/programs.nix
+79
hosts/desktop/system/programs.nix
···
1
+
{ pkgs, ... }:
2
+
3
+
{
4
+
programs = {
5
+
steam = {
6
+
enable = true;
7
+
remotePlay.openFirewall = true;
8
+
localNetworkGameTransfers.openFirewall = true;
9
+
dedicatedServer.openFirewall = true;
10
+
protontricks.enable = true;
11
+
};
12
+
13
+
appimage = {
14
+
enable = true;
15
+
binfmt = true;
16
+
package = pkgs.appimage-run.override {
17
+
extraPkgs = pkgs: [
18
+
pkgs.icu
19
+
# pkgs.libxcrypt-legacy
20
+
# pkgs.python312
21
+
# pkgs.python312Packages.torch
22
+
];
23
+
};
24
+
};
25
+
26
+
gamescope.enable = true;
27
+
noisetorch.enable = true;
28
+
fish.enable = true;
29
+
seahorse.enable = true;
30
+
dconf.enable = true;
31
+
nix-ld.enable = true;
32
+
virt-manager.enable = true;
33
+
34
+
hyprland = {
35
+
enable = true;
36
+
xwayland.enable = true;
37
+
withUWSM = true;
38
+
};
39
+
40
+
niri = {
41
+
enable = true;
42
+
useNautilus = true;
43
+
};
44
+
45
+
wireshark = {
46
+
enable = true;
47
+
dumpcap.enable = true;
48
+
usbmon.enable = true;
49
+
};
50
+
51
+
nautilus-open-any-terminal = {
52
+
enable = true;
53
+
terminal = "foot";
54
+
};
55
+
56
+
gnupg.agent = {
57
+
enable = true;
58
+
enableSSHSupport = true;
59
+
pinentryPackage = pkgs.pinentry-gnome3;
60
+
};
61
+
62
+
winbox = {
63
+
package = pkgs.winbox4;
64
+
openFirewall = true;
65
+
enable = true;
66
+
};
67
+
68
+
# gamemode = {
69
+
# enable = true;
70
+
# settings = {
71
+
# gpu = {
72
+
# apply_gpu_optimisations = "accept-responsibility"; # Setting this to the keyphrase "accept-responsibility" will allow gamemode to apply GPU optimisations such as overclocks
73
+
# amd_performance_level = "high"; # This corresponds to power_dpm_force_performance_level, "manual" is not supported for now
74
+
# gpu_device = 1; # The DRM device number on the system (usually 0), ie. the number in /sys/class/drm/card0/
75
+
# };
76
+
# };
77
+
# };
78
+
};
79
+
}
-110
hosts/desktop/system/services.nix
-110
hosts/desktop/system/services.nix
···
1
-
{ pkgs, repos, ... }:
2
-
{
3
-
services = {
4
-
timesyncd.enable = true;
5
-
6
-
pipewire = {
7
-
enable = true;
8
-
alsa.enable = true;
9
-
alsa.support32Bit = true;
10
-
pulse.enable = true;
11
-
jack.enable = true;
12
-
13
-
wireplumber.enable = true;
14
-
};
15
-
16
-
udev = {
17
-
enable = true;
18
-
extraRules = ''
19
-
ENV{ID_VENDOR_ID}=="303a", ENV{ID_MODEL_ID}=="1001", MODE="0777"
20
-
'';
21
-
packages = [
22
-
pkgs.opentabletdriver
23
-
];
24
-
};
25
-
26
-
greetd = {
27
-
enable = true;
28
-
settings = {
29
-
default_session = {
30
-
command = "${pkgs.tuigreet}/bin/tuigreet --remember --remember-session --user-menu --time --greeting 'Hello, Snowflake!'";
31
-
user = "greeter";
32
-
};
33
-
};
34
-
};
35
-
36
-
# Configure keymap in X11
37
-
xserver.xkb = {
38
-
layout = "us";
39
-
options = "caps:escape";
40
-
};
41
-
42
-
mullvad-vpn = {
43
-
enable = true;
44
-
package = pkgs.mullvad-vpn;
45
-
};
46
-
47
-
ntp.enable = true;
48
-
gvfs = {
49
-
enable = true;
50
-
package = pkgs.gnome.gvfs;
51
-
};
52
-
gnome.gnome-keyring.enable = true;
53
-
flatpak.enable = true;
54
-
blueman.enable = true;
55
-
56
-
dbus.packages = with pkgs; [
57
-
gnome-keyring
58
-
gcr
59
-
# libsecret
60
-
];
61
-
62
-
tailscale = {
63
-
enable = true;
64
-
extraUpFlags = [
65
-
"--accept-dns=false"
66
-
];
67
-
};
68
-
69
-
netbird = {
70
-
package = repos.stable.netbird;
71
-
ui = {
72
-
enable = true;
73
-
package = repos.stable.netbird-ui;
74
-
};
75
-
clients.fennec = {
76
-
77
-
port = 51820;
78
-
environment = {
79
-
NB_MANAGEMENT_URL = "https://netbird.killuaa.dev";
80
-
# NB_SETUP_KEY_FILE = config.sops.secrets.nb_setup_key.path;
81
-
};
82
-
};
83
-
};
84
-
85
-
# lsfg-vk = {
86
-
# enable = true;
87
-
# ui.enable = true; # installs gui for configuring lsfg-vk
88
-
# };
89
-
90
-
desktopManager.gnome.enable = true;
91
-
92
-
# Enable the COSMIC desktop environment
93
-
desktopManager.cosmic.enable = false;
94
-
95
-
sunshine = {
96
-
enable = true;
97
-
autoStart = true;
98
-
capSysAdmin = true;
99
-
openFirewall = true;
100
-
};
101
-
102
-
# for mdns, then I can just access devices with hostname.local
103
-
avahi = {
104
-
enable = true;
105
-
nssmdns4 = true;
106
-
nssmdns6 = true;
107
-
openFirewall = true;
108
-
};
109
-
};
110
-
}
+23
-23
modules/npins/sources.json
+23
-23
modules/npins/sources.json
···
23
23
},
24
24
"branch": "master",
25
25
"submodules": false,
26
-
"revision": "b422c32cbb574728c93e24ce2542806e27993c03",
27
-
"url": "https://github.com/amaanq/helium-flake/archive/b422c32cbb574728c93e24ce2542806e27993c03.tar.gz",
28
-
"hash": "sha256-ZK0fQvpYf3e+ty62WHbzK+ZcIJLnfZuyQV2x0PWuyCU="
26
+
"revision": "d6f4aa6d9f313acdbdf7c356fd55c7d5e3c4c991",
27
+
"url": "https://github.com/amaanq/helium-flake/archive/d6f4aa6d9f313acdbdf7c356fd55c7d5e3c4c991.tar.gz",
28
+
"hash": "sha256-yILdOXqhZyCCWVEMCERd179AwPaMl94ZZdnBcV1kkGQ="
29
29
},
30
30
"hjem": {
31
31
"type": "Git",
···
36
36
},
37
37
"branch": "main",
38
38
"submodules": false,
39
-
"revision": "32bd6d54d805a3eb41efa62a940eeceaf263c4a8",
40
-
"url": "https://github.com/feel-co/hjem/archive/32bd6d54d805a3eb41efa62a940eeceaf263c4a8.tar.gz",
41
-
"hash": "sha256-W+kpLQ5J/DDaY1nUmvN9aIAfh5ixdyqYM76ZUdcvMBU="
39
+
"revision": "35c2158ba101d7b42b05debfcb169ba32dad3bbc",
40
+
"url": "https://github.com/feel-co/hjem/archive/35c2158ba101d7b42b05debfcb169ba32dad3bbc.tar.gz",
41
+
"hash": "sha256-a0O56qWfPEKe0mBKgvcQL5UDpWmon70AKJspHNkEJV8="
42
42
},
43
43
"hjem-rum": {
44
44
"type": "Git",
···
75
75
},
76
76
"branch": "nightly",
77
77
"submodules": false,
78
-
"revision": "4a86b355eb417057fbcaf8791fa8c9059a0337d2",
79
-
"url": "https://github.com/powerofthe69/nix-gaming-edge/archive/4a86b355eb417057fbcaf8791fa8c9059a0337d2.tar.gz",
80
-
"hash": "sha256-rlOm9gD6gbfL14UNq16BoNsODfdpJGO0k73T9v6UrtY="
78
+
"revision": "cc5d6ade3dea271bed0631888b6ca597991f06cd",
79
+
"url": "https://github.com/powerofthe69/nix-gaming-edge/archive/cc5d6ade3dea271bed0631888b6ca597991f06cd.tar.gz",
80
+
"hash": "sha256-05PDthJs6UBkLjLN03qzO0EpjGnwkC/6f+T6I6GKdAY="
81
81
},
82
82
"nixpkgs-stable": {
83
83
"type": "Git",
···
88
88
},
89
89
"branch": "nixos-25.11",
90
90
"submodules": false,
91
-
"revision": "54170c54449ea4d6725efd30d719c5e505f1c10e",
92
-
"url": "https://github.com/NixOS/nixpkgs/archive/54170c54449ea4d6725efd30d719c5e505f1c10e.tar.gz",
93
-
"hash": "sha256-t+HZK42pB6N+i5RGbuy7Xluez/VvWbembBdvzsc23Ss="
91
+
"revision": "a4bf06618f0b5ee50f14ed8f0da77d34ecc19160",
92
+
"url": "https://github.com/NixOS/nixpkgs/archive/a4bf06618f0b5ee50f14ed8f0da77d34ecc19160.tar.gz",
93
+
"hash": "sha256-AIiMJiqvGrN4HyLEbKAoCSRRYn0rnlW5VbKNIMIYqm4="
94
94
},
95
95
"nixpkgs-unstable": {
96
96
"type": "Git",
···
101
101
},
102
102
"branch": "nixos-unstable",
103
103
"submodules": false,
104
-
"revision": "4c1018dae018162ec878d42fec712642d214fdfa",
105
-
"url": "https://github.com/NixOS/nixpkgs/archive/4c1018dae018162ec878d42fec712642d214fdfa.tar.gz",
106
-
"hash": "sha256-ar3rofg+awPB8QXDaFJhJ2jJhu+KqN/PRCXeyuXR76E="
104
+
"revision": "0726a0ecb6d4e08f6adced58726b95db924cef57",
105
+
"url": "https://github.com/NixOS/nixpkgs/archive/0726a0ecb6d4e08f6adced58726b95db924cef57.tar.gz",
106
+
"hash": "sha256-EHq1/OX139R1RvBzOJ0aMRT3xnWyqtHBRUBuO1gFzjI="
107
107
},
108
108
"sops-nix": {
109
109
"type": "Git",
···
114
114
},
115
115
"branch": "master",
116
116
"submodules": false,
117
-
"revision": "31ac5fe5d015f76b54058c69fcaebb66a55871a4",
118
-
"url": "https://github.com/Mic92/sops-nix/archive/31ac5fe5d015f76b54058c69fcaebb66a55871a4.tar.gz",
119
-
"hash": "sha256-VKp9bhVSm0bT6JWctFy06ocqxGGnWHi1NfoE90IgIcY="
117
+
"revision": "8eaee5c45428b28b8c47a83e4c09dccec5f279b5",
118
+
"url": "https://github.com/Mic92/sops-nix/archive/8eaee5c45428b28b8c47a83e4c09dccec5f279b5.tar.gz",
119
+
"hash": "sha256-bc+ZZCmOTNq86/svGnw0tVpH7vJaLYvGLLKFYP08Q8E="
120
120
},
121
121
"tangled_core": {
122
122
"type": "Git",
···
126
126
},
127
127
"branch": "master",
128
128
"submodules": false,
129
-
"revision": "d404bb7633c163b35e61f6bebfc642444247ac9f",
129
+
"revision": "ba44ea59aabf51db4712ea10ef0d6261e44c8b93",
130
130
"url": null,
131
-
"hash": "sha256-aYeDY7ruf9MHsI++hpoEHyWIk6jxbItpS5lPRJfwYRE="
131
+
"hash": "sha256-Y3Tgo5vCb6YkOHKPRqFTkOVpnvapW+feWVjOd8AQuas="
132
132
},
133
133
"wire": {
134
134
"type": "Git",
···
152
152
},
153
153
"branch": "main",
154
154
"submodules": false,
155
-
"revision": "4f2e98c1125ab4be758cd1b51b526ad998e9618f",
156
-
"url": "https://github.com/0xc000022070/zen-browser-flake/archive/4f2e98c1125ab4be758cd1b51b526ad998e9618f.tar.gz",
157
-
"hash": "sha256-Vwmi3P4LAUmOrE2zc9JpnRrNxNwamDN46hqcXpWTkp0="
155
+
"revision": "b3c972b3d8537a9cf7a0db96b164c9c3e580884a",
156
+
"url": "https://github.com/0xc000022070/zen-browser-flake/archive/b3c972b3d8537a9cf7a0db96b164c9c3e580884a.tar.gz",
157
+
"hash": "sha256-fOhJpz7QAkBWAAih72CmnIfIN0pHfuZjhZQ/hBLNWxo="
158
158
}
159
159
},
160
160
"version": 7
+3
-3
modules/sops/vps/postgres.sql
+3
-3
modules/sops/vps/postgres.sql
···
1
1
{
2
-
"data": "ENC[AES256_GCM,data:cOp1hnXVvO9SLGt2L4O1m/6fpHDDFpPy5alF03zMF2QGmj5isfdPhMVu0jFNY+fgg6Zu1f5Yin9N42WhJyB4p/p9czekiqhTH8nMPpdchQqO1QYptrh+YClv3dN4kbmtYl3QRix0uuwamsCRqqtkY9aI1BB02wqO4md4yJE9V/k1ZNxUM3VeXPUEiRtlLrTIm4lVZogM4c2b3rrpumEII1TjSTdvZJeOgdp7Bp0KQXbXAwo8ev8e7JRIzNEaGVInx31iUcLhsUWSNREuSsfijHZWdjSxR1S5VBKTmMKx3SsL5vGsLbS9h8Sb15iHM2/srzIQtLYVmpxy414lK8IseuxyWbOEVe3umNmYlYO/dxL1dHhynEqnFiIDi5vQhWq/7E9Y3+lZFJ3a8yXhPPDErjK616dV+/q/KRsRZ7iolj52zSc3jQmschfWmsawVgtJzieWGXHcO76cdmmdShC9iSatXIGUbTAoYf6wWF63JeEOSkuo,iv:dBpAsf17rqzpoVli0WSUgoD4uJXNXl4vjWbzuNPRxPo=,tag:VrbNg8j4tixR/FrAbMEdmw==,type:str]",
2
+
"data": "ENC[AES256_GCM,data:xxFMtP0+rzbtSlOafy6xRapdYMa+I78EOYgjCLoTKdf9q7ugPHRLVpqINGsEEkhFCzPBbt0sft2M8Vx71NG4dB5FVnQpoDrw49/f1uKIAnJ8QRkgZSFWpPXq75FZ+w2QFi3TaG9+/8x0pYtLbvynsfL46PXnPxHR5dcr09EO+6W7irYFrfUIjjthWuOQiayjUQH2zexcAJDSHg5DY6Aa5EEZD5PL95EMqkGOI8etcMZWMZJlhDjQ30DgS6TivdMI4Sr7DvA++fmNv1ffb4lTQFnQ48fSn4fsRLzLakEn3T+kUjGjjmXUhqFQ5y7aGCpdskK8AAtjaeJtaWRLf/axZTGswKroaCzOPdFkTpRe7Cw1mR+r0GTbs1E0UtJ+ocRxl+dam8FlxCp1XoSpVaLaSqGK4veyNhzftCn10x+n2jOoM3W6T0v2OxtAW85j0j3fn2af6Ln40hP8vLmDUgcB8W4IdurDTv4PMwv3HuqPjxl8eNkegfNE4T2LPzANqx+SAZWcQbJChGMXklyETC/WnKeWK6PP5JatDfvwMQzubq/djXkgDb9+36g303+JK8+fu4Cz5foC5BA4f3a8aXSyHeGgFBB3r0rtNx4nM8rwmmD/fP6+yiqij161zw==,iv:C1bKdsob1nv4ng7+kQ5NVJlMF5XK3aaY3FvUju+rDYs=,tag:aTHyBRhCD5EWTK8Qhz7pCA==,type:str]",
3
3
"sops": {
4
4
"age": [
5
5
{
···
7
7
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBPdVpaenUrYVpMeEpRZlBl\nTndhYmkvUEcxQWZ5UjZFUHFUcGpqMXdoZ2xFCkFLUmY4YlhRRTdIUmpQTzNPYSsz\nZ2JaZ0JTM3NHNWNwMHdiR2J2M1RRb1kKLS0tIERXbGtkRUlRSnFybExqYlVoQjVz\ndFdNQ0kxU3FMT0Y1ZnRhZkxWZWcrbEEK8hSNNXzhRXLrqEUHsXnPM6p+2ZynT/is\nLT+kR1IhJjuAB0uFjlGDtL19OsQdwb85TV79i2shQZIxwftqVwYoeg==\n-----END AGE ENCRYPTED FILE-----\n"
8
8
}
9
9
],
10
-
"lastmodified": "2026-03-27T01:12:24Z",
11
-
"mac": "ENC[AES256_GCM,data:gr7cD6ZUjgTjpzHCF8TjY2UQaFpBvNRirseL+ZWCuy5DKdC21srAmgNM1i4hGw2wFVCNoYhVnB2HPp3q5zjWlRsWUF/TcgbYAi0sFM4jM16bSjeT8kJDlcDKf/04M99A7UM7235Ks949fy+Gl9ZOYeR9hIXL5Y2ajbHWVpqgevw=,iv:JVZwzJIHoXl0NwNlPP4mNdD+UjMLJpfNdq+D1aDU/TI=,tag:Ed97R1gIoDzLmTM2+8KbzA==,type:str]",
10
+
"lastmodified": "2026-04-16T17:56:44Z",
11
+
"mac": "ENC[AES256_GCM,data:E/35bN11woXVq2wxHA57SmO4ffugr8BRoV70qCsVbtfgpikU3gvB0nTSg+Uv1GQv1nB1DdpSbSAMHjBW05jMI0YQja8W/P+BKrFWtdu4BRjxOJ7uGgFDV1/ZsM6MYhNY8eWwmCuRTklWbjRiPyscfOA6CPWFkJB+Zjz+6Hko5kw=,iv:LdFCmC0RJmGFeSS0f6Yn9kbxGag21GfKvy3md5Y4r74=,tag:1vwZ6eeqBNBHcWF++RwGCA==,type:str]",
12
12
"pgp": [
13
13
{
14
14
"created_at": "2026-01-29T17:28:29Z",