{ lib, pkgs, config, ... }: let shellType = config.my.shell.type; krita-thumbnailer = pkgs.writeTextFile { name = "krita-thumbnailer"; destination = "/share/thumbnailers/kra.thumbnailer"; text = '' [Thumbnailer Entry] Exec=sh -c "${pkgs.unzip}/bin/unzip -p %i preview.png > %o" MimeType=application/x-krita; ''; }; in { imports = [ ./hardware-configuration.nix ../../config/base.nix ../../config/stylix.nix ]; my = import ./toggles.nix // { nix.cores = 8; nix.maxJobs = 8; users.nixremote.enable = true; users.nixremote.authorizedKeys = [ ../../secrets/ssh/ed25519_nixserver.pub ../../secrets/ssh/ed25519_nixminiserver.pub ]; }; home-manager.users.jawz = { programs = { vscode = { enable = true; package = pkgs.vscode; }; ghostty = { enable = true; package = pkgs.ghostty; enableBashIntegration = shellType == "bash"; enableZshIntegration = shellType == "zsh"; installBatSyntax = true; installVimSyntax = true; }; }; }; specialisation = { gnome.configuration = { imports = [ ../../environments/gnome.nix ]; services.flatpak.enable = true; }; hyprland.configuration = { imports = [ ../../environments/hyprland.nix ]; services.flatpak.enable = true; }; }; networking = { hostName = "workstation"; firewall = let kdeconnectPortRange = { from = 1714; to = 1764; }; ns-usbloaderPort = 6674; syncthingPort = 8384; openPorts = [ ns-usbloaderPort syncthingPort ]; openPortRanges = [ kdeconnectPortRange ]; in { allowedTCPPorts = openPorts; allowedUDPPorts = openPorts; allowedTCPPortRanges = openPortRanges; allowedUDPPortRanges = openPortRanges; }; }; users.users.jawz.packages = [ (pkgs.google-cloud-sdk.withExtraComponents [ pkgs.google-cloud-sdk.components.gke-gcloud-auth-plugin ]) ] ++ builtins.attrValues { inherit (pkgs) distrobox # install packages from other os gocryptfs # encrypted filesystem! shhh!!! vcsi # video thumbnails for torrents, can I replace it with ^? keypunch # practice typing google-cloud-sdk-gce ; }; environment = { pathsToLink = [ "share/thumbnailers" ]; systemPackages = builtins.attrValues { # thumbnail for heif files & videos inherit krita-thumbnailer; inherit (pkgs) libheif ffmpegthumbnailer bign-handheld-thumbnailer gnome-epub-thumbnailer podman-compose code-cursor scrcpy ; inherit (pkgs.libheif) out; }; etc."wireplumber/bluetooth.lua.d/51-bluez-config.lua".text = '' bluez_monitor.properties = { ["bluez5.enable-sbc-xq"] = true, ["bluez5.enable-msbc"] = true, ["bluez5.enable-hw-volume"] = true, ["bluez5.headset-roles"] = "[ hsp_hs hsp_ag hfp_hf hfp_ag ]" } ''; }; programs = { kdeconnect = { enable = true; package = pkgs.gnomeExtensions.gsconnect; }; obs-studio = { enable = true; enableVirtualCamera = true; plugins = builtins.attrValues { inherit (pkgs.obs-studio-plugins) droidcam-obs obs-vkcapture obs-vaapi obs-tuna input-overlay ; }; }; }; security.pki.certificateFiles = [ ../../secrets/ssh/iqQCY4iAWO-ca.pem ../../secrets/ssh/root-private-ca.pem ]; services = { flatpak.enable = lib.mkDefault false; open-webui.enable = true; scx = { enable = true; scheduler = "scx_lavd"; }; btrfs.autoScrub = { enable = true; fileSystems = [ "/" ]; }; protonmail-bridge = { enable = true; path = [ pkgs.gnome-keyring ]; }; ollama = { enable = true; acceleration = "cuda"; models = "/srv/ai/ollama"; }; sunshine = { enable = true; autoStart = false; capSysAdmin = true; openFirewall = true; }; tailscale.enable = true; }; }