📝 add a comment

✨ Add Volume Commands to i3
♻️ minor refactoring
2024-09-17 08:44:54 +07:00 · 2024-09-17 07:40:53 +07:00 · 2024-09-16 08:58:27 +07:00 · 2024-09-16 08:53:03 +07:00 · 2024-09-16 07:06:03 +07:00 · 2024-09-16 06:36:08 +07:00
258 changed files with 5840 additions and 3430 deletions
--- a/.forgejo/workflows/nix_build.yaml
+++ b/.forgejo/workflows/nix_build.yaml
@ -1,18 +1,15 @@
 name: Build all NixOS Configurations
 on:
  push:
    branches:
      - "**"
  schedule:
-    - cron: "30 2 * * *" # not to frequent, GitHub only allows a few pulls per hour
+    - cron: "30 2/6 * * *" # not to frequent, GitHub only allows a few pulls per hour
 jobs:
  nix build:
    runs-on: native
    steps:
      - uses: actions/checkout@v4
      - name: update nix flakes
        if: ${{ github.event_name == 'schedule' }}
        # we need to use our ssh key here because we need access to private flakes
@ -30,7 +27,6 @@ jobs:
          echo $SSH_AGENT_PID
          kill $SSH_AGENT_PID
          rm .ssh_key
      - name: nix flake archive/check
        # we need to use our ssh key here because we need access to private flakes
        run: |
@ -48,22 +44,16 @@ jobs:
          echo $SSH_AGENT_PID
          kill $SSH_AGENT_PID
          rm .ssh_key
      - name: nix build orbi
        run: nix build .#nixosConfigurations.orbi.config.system.build.toplevel
      - name: nix build cream
        run: nix build .#nixosConfigurations.cream.config.system.build.toplevel
      - name: nix build cherry
        run: nix build .#nixosConfigurations.cherry.config.system.build.toplevel
      - name: nix build chungus
        run: nix build .#nixosConfigurations.chungus.config.system.build.toplevel
-
+      - name: nix build usbstick
-      - name: nix build sternchen
+        run: nix build .#nixosConfigurations.usbstick.config.system.build.toplevel
        run: nix build .#nixosConfigurations.sternchen.config.system.build.toplevel
      - name: commit & push
        if: ${{ github.event_name == 'schedule' }}
        # only if all nix builds are fine we update our branch
--- a/components/README.md
+++ b/components/README.md
@ -1,6 +1,8 @@
 # components concept
 - components are kinda opinionated.
- should be project agnostic (e.g.: configure bugwarrior via options but leave specifics out).
+- should be project agnostic (e.g.: configure bugwarrior via options but leave
- `component.<toplevel>.enabled` should usually be the default for all it subcomponents (`comonent.<topleve>.<subcomponent>.enabled`).
+  specifics out).
 - `component.<toplevel>.enabled` should usually be the default for all it
  subcomponents (`comonent.<topleve>.<subcomponent>.enabled`).
  - But default should make sense here!
--- a/components/chaospott.nix
+++ b/components/chaospott.nix
@ -1,4 +1,9 @@
-{ config, lib, pkgs, ... }:
+{
  config,
  lib,
  pkgs,
  ...
 }:
 with lib;
 {
--- a/components/default.nix
+++ b/components/default.nix
@ -10,8 +10,8 @@
    ./nixos
    ./terminal
    ./timezone.nix
    ./virtualisation
    ./yubikey.nix
  ];
 }
--- a/components/gui/audio.nix
+++ b/components/gui/audio.nix
@ -1,5 +1,10 @@
 # TODO test `alsactl init` after suspend to reinit mic
-{ pkgs, config, lib, ... }:
+{
  pkgs,
  config,
  lib,
  ...
 }:
 with lib;
 {
  options.components.gui.audio.enable = mkOption {
--- a/components/gui/browser.nix
+++ b/components/gui/browser.nix
@ -34,50 +34,59 @@ in
          home = "${homeFolder}/development-browser";
          homeBackup = "${backupFolder}/development-browser";
          gpu = false;
          sudoUsers = [ config.users.users.mainUser.name ];
        };
        google = {
          home = "${homeFolder}/google-browser";
          homeBackup = "${backupFolder}/google-browser";
          gpu = false;
          sudoUsers = [ config.users.users.mainUser.name ];
        };
        finance = {
          home = "${homeFolder}/finance-browser";
          homeBackup = "${backupFolder}/finance-browser";
          gpu = false;
          sudoUsers = [ config.users.users.mainUser.name ];
        };
        facebook = {
          home = "${homeFolder}/facebook-browser";
          homeBackup = "${backupFolder}/facebook-browser";
          gpu = false;
          sudoUsers = [ config.users.users.mainUser.name ];
        };
        shopping = {
          home = "${homeFolder}/shopping-browser";
          homeBackup = "${backupFolder}/shopping-browser";
          gpu = false;
          sudoUsers = [ config.users.users.mainUser.name ];
        };
        jobrad = {
          browserType = "chrome";
          home = "${homeFolder}/jobrad-chrome";
          homeBackup = "${backupFolder}/jobrad-chrome";
          gpu = false;
          sudoUsers = [ config.users.users.mainUser.name ];
        };
        firefox-tmp = {
          browserType = "firefox";
          home = "${homeFolder}/firefox-tmp";
          homeBackup = "${backupFolder}/firefox-tmp-browser";
          gpu = false;
          sudoUsers = [ config.users.users.mainUser.name ];
        };
        chromium-tmp = {
          browserType = "chrome";
          home = "${homeFolder}/chromium-tmp";
          homeBackup = "${backupFolder}/chrome-tmp-browser";
          gpu = false;
          sudoUsers = [ config.users.users.mainUser.name ];
        };
        google-tmp = {
          browserType = "google";
          home = "${homeFolder}/google-tmp";
          homeBackup = "${backupFolder}google-tmp-browser";
          gpu = false;
          sudoUsers = [ config.users.users.mainUser.name ];
        };
      };
--- a/components/gui/default.nix
+++ b/components/gui/default.nix
@ -1,4 +1,9 @@
-{ pkgs, lib, config, ... }:
+{
  pkgs,
  lib,
  config,
  ...
 }:
 with lib;
 {
  options.components.gui = {
@ -10,7 +15,6 @@ with lib;
    ./audio.nix
    ./browser.nix
    ./cups.nix
    ./fonts.nix
    ./home-manager
    ./kmonad.nix
    #./noti.nix # todo: make this different (use password store and such)
--- a/components/gui/fonts.nix
+++ b/components/gui/fonts.nix
@ -1,36 +0,0 @@
 { pkgs, config, lib, ... }:
 with lib;
 {
  options.components.gui.style.enable = mkOption {
    type = lib.types.bool;
    default = config.components.gui.enable;
  };
  config = mkIf (config.components.gui.style.enable) {
    fonts.packages = with pkgs; [
      corefonts
      hasklig
      inconsolata
      source-code-pro
      symbola
      ubuntu_font_family
      # symbol fonts
      # ------------
      nerdfonts
      powerline-fonts
      font-awesome
      fira-code-symbols
      jetbrains-mono
      # shell font
      # ----------
      terminus_font
      gohufont
    ];
  };
 }
--- a/components/gui/home-manager/default.nix
+++ b/components/gui/home-manager/default.nix
@ -1,4 +1,9 @@
-{ pkgs, lib, config, ... }:
+{
  pkgs,
  lib,
  config,
  ...
 }:
 with lib;
 {
--- a/components/gui/kmonad.nix
+++ b/components/gui/kmonad.nix
@ -1,4 +1,9 @@
-{ config, pkgs, lib, ... }:
+{
  config,
  pkgs,
  lib,
  ...
 }:
 {
  options.components.gui.kmonad.enable = lib.mkOption {
@ -79,9 +84,21 @@
        in
        {
-          nativ = keyboard "/dev/input/by-path/platform-i8042-serio-0-event-kbd" [ "lctl" "lmet" "lalt" ];
+          nativ = keyboard "/dev/input/by-path/platform-i8042-serio-0-event-kbd" [
-          dasKeyboard = keyboard "/dev/input/by-id/usb-Metadot_-_Das_Keyboard_Das_Keyboard-event-kbd" [ "lctl" "lmet" "lalt" ];
+            "lctl"
-          uhk = keyboard "/dev/input/by-id/usb-Ultimate_Gadget_Laboratories_UHK_60_v2-event-kbd" [ "lctl" "lmet" "lalt" ];
+            "lmet"
            "lalt"
          ];
          dasKeyboard = keyboard "/dev/input/by-id/usb-Metadot_-_Das_Keyboard_Das_Keyboard-event-kbd" [
            "lctl"
            "lmet"
            "lalt"
          ];
          uhk = keyboard "/dev/input/by-id/usb-Ultimate_Gadget_Laboratories_UHK_60_v2-event-kbd" [
            "lctl"
            "lmet"
            "lalt"
          ];
        };
    };
  };
--- a/components/gui/noti.nix
+++ b/components/gui/noti.nix
@ -1,6 +1,11 @@
 # notify me when a command is finished
 # todo : secret managment is shit
-{ config, pkgs, lib, ... }:
+{
  config,
  pkgs,
  lib,
  ...
 }:
 with lib;
 {
  options.components.gui.noti.enable = mkOption {
--- a/components/gui/pass.nix
+++ b/components/gui/pass.nix
@ -1,11 +1,17 @@
-{ pkgs, config, lib, ... }:
+{
  pkgs,
  config,
  lib,
  ...
 }:
 with lib;
 let
  # desktop file
  # ------------
  # makes it possible to be used by other programs
-  desktopFile = name: bin:
+  desktopFile =
    name: bin:
    pkgs.writeTextFile {
      name = "${name}.desktop";
      destination = "/share/applications/${name}.desktop";
@ -34,7 +40,9 @@ in
    environment.systemPackages = [
      (pkgs.pass.withExtensions (ext: [ ext.pass-otp ]))
      # todo : use upstream desktop file creator
-      (desktopFile "passmenu" "${pkgs.pass.withExtensions (ext: [ext.pass-otp])}/bin/passmenu --type -l 10")
+      (desktopFile "passmenu" "${
        pkgs.pass.withExtensions (ext: [ ext.pass-otp ])
      }/bin/passmenu --type -l 10")
      pkgs.otpmenu
--- a/components/gui/steam.nix
+++ b/components/gui/steam.nix
@ -1,4 +1,9 @@
-{ config, pkgs, lib, ... }:
+{
  config,
  pkgs,
  lib,
  ...
 }:
 with lib;
 {
  options.components.gui.steam.enable = mkOption {
@ -22,7 +27,12 @@ with lib;
      isSystemUser = true;
      home = "/home/steam";
      createHome = true;
-      extraGroups = [ "audio" "input" "video" "pipewire" ];
+      extraGroups = [
        "audio"
        "input"
        "video"
        "pipewire"
      ];
      group = "steam";
      shell = pkgs.bashInteractive;
    };
--- a/components/gui/suspend.nix
+++ b/components/gui/suspend.nix
@ -1,4 +1,9 @@
-{ pkgs, config, lib, ... }:
+{
  pkgs,
  config,
  lib,
  ...
 }:
 with lib;
 {
  options.components.gui.suspend.enable = mkOption {
@ -13,13 +18,11 @@ with lib;
      requiredBy = [ "sleep.target" ];
      environment =
        let
-          display =
+          display = if (config.services.xserver.display != null) then config.services.xserver.display else 0;
            if (config.services.xserver.display != null) then
              config.services.xserver.display
            else
              0;
        in
-        { DISPLAY = ":${toString display}"; };
+        {
          DISPLAY = ":${toString display}";
        };
      script = ''
        ${pkgs.xlockmore}/bin/xlock -mode life1d -size 1 &
        sleep 1
--- a/components/gui/vscode.nix
+++ b/components/gui/vscode.nix
@ -1,4 +1,9 @@
-{ config, pkgs, lib, ... }:
+{
  config,
  pkgs,
  lib,
  ...
 }:
 with lib;
 {
  options.components.gui.vscode.enable = mkOption {
--- a/components/gui/wayland.nix
+++ b/components/gui/wayland.nix
@ -1,13 +1,18 @@
-{ config, pkgs, lib, ... }:
+{
  config,
  pkgs,
  lib,
  ...
 }:
 with lib;
 {
  options.components.gui.wayland.enable = mkOption {
    type = lib.types.bool;
-    default = ! config.components.gui.xorg.enable;
+    default = !config.components.gui.xorg.enable;
  };
-  config = mkIf config.components.gui.wayland.enable {
+  config = mkIf (config.components.gui.wayland.enable && config.components.gui.enable) {
-    programs.hyprland.enable = true;
+    programs.sway.enable = false;
  };
 }
--- a/components/gui/xorg/default.nix
+++ b/components/gui/xorg/default.nix
@ -1,4 +1,9 @@
-{ config, pkgs, lib, ... }:
+{
  config,
  pkgs,
  lib,
  ...
 }:
 with lib;
 {
@ -9,7 +14,7 @@ with lib;
    default = config.components.gui.enable;
  };
-  config = mkIf config.components.gui.xorg.enable {
+  config = mkIf (config.components.gui.xorg.enable && config.components.gui.enable) {
    # system.custom.fonts.enable = true;
    services.displayManager = {
@ -78,4 +83,3 @@ with lib;
  };
 }
--- a/components/gui/xorg/xlock.nix
+++ b/components/gui/xorg/xlock.nix
@ -1,4 +1,9 @@
-{ lib, pkgs, config, ... }:
+{
  lib,
  pkgs,
  config,
  ...
 }:
 with lib;
 let
--- a/components/mainUser.nix
+++ b/components/mainUser.nix
@ -1,18 +1,20 @@
-{ config, pkgs, lib, ... }:
+{
  config,
  pkgs,
  lib,
  ...
 }:
 with lib;
 with types;
 let
  cfg = config.components.mainUser;
-  dockerGroup =
+  # todo : use optionalList
-    if (config.virtualisation.docker.enable) then [ "docker" ] else [ ];
+  dockerGroup = if (config.virtualisation.docker.enable) then [ "docker" ] else [ ];
-  vboxGroup =
+  # todo : use optionalList
-    if (config.virtualisation.virtualbox.host.enable) then
+  vboxGroup = if (config.virtualisation.virtualbox.host.enable) then [ "vboxusers" ] else [ ];
      [ "vboxusers" ]
    else
      [ ];
 in
 {
@ -71,8 +73,16 @@ in
        uid = cfg.uid;
        home = "/home/${cfg.userName}";
        initialPassword = cfg.userName;
-        extraGroups = [ "wheel" "networkmanager" "transmission" "wireshark" "audio" "pipewire" "input" "dialout" ]
+        extraGroups = [
-          ++ dockerGroup ++ vboxGroup ++ cfg.extraGroups;
+          "wheel"
          "networkmanager"
          "transmission"
          "wireshark"
          "audio"
          "pipewire"
          "input"
          "dialout"
        ] ++ dockerGroup ++ vboxGroup ++ cfg.extraGroups;
        openssh.authorizedKeys.keyFiles = cfg.authorizedKeyFiles;
        group = config.users.groups.mainUser.name;
      };
--- a/components/media/icecast.nix
+++ b/components/media/icecast.nix
@ -4,7 +4,12 @@
 # * connect via mixxx to it.
 # * add the podcast to mpd in the same network
 # --------------------------------------------------
-{ pkgs, config, lib, ... }:
+{
  pkgs,
  config,
  lib,
  ...
 }:
 with lib;
 let
--- a/components/media/tts.nix
+++ b/components/media/tts.nix
@ -1,4 +1,9 @@
-{ pkgs, config, lib, ... }:
+{
  pkgs,
  config,
  lib,
  ...
 }:
 with lib;
 {
--- a/components/media/video.nix
+++ b/components/media/video.nix
@ -1,31 +1,35 @@
-{ config, pkgs, lib, ... }:
+{
  config,
  pkgs,
  lib,
  ...
 }:
 with lib;
 let
-  obs-cmd = pkgs.rustPlatform.buildRustPackage
+  obs-cmd = pkgs.rustPlatform.buildRustPackage rec {
-    rec {
+    pname = "obs-cmd";
-      pname = "obs-cmd";
+    version = "v0.15.2";
-      version = "v0.15.2";
+    src = pkgs.fetchFromGitHub {
-      src = pkgs.fetchFromGitHub {
+      owner = "grigio";
-        owner = "grigio";
+      repo = "obs-cmd";
-        repo = "obs-cmd";
+      rev = version;
-        rev = version;
+      sha256 = "sha256-RRkP0QLWcJLKv8oqESjMgHGW1QScANG7+fzR/rwSyDI=";
        sha256 = "sha256-RRkP0QLWcJLKv8oqESjMgHGW1QScANG7+fzR/rwSyDI=";
      };
      cargoSha256 = "sha256-JqR7MAt2VNEnZGbn+hExtFG6F7X0KhFM1n7GZ+QaHc0=";
      #cargoSha256 = fakeSha256;
      meta = with lib; {
        description = "a minimal obs CLI for obs-websocket v5";
        homepage = "https://github.com/grigio/obs-cmd";
        license = licenses.mit;
        maintainers = [ maintainers.mrVanDalo ];
        platforms = platforms.all;
      };
    };
    cargoSha256 = "sha256-JqR7MAt2VNEnZGbn+hExtFG6F7X0KhFM1n7GZ+QaHc0=";
    #cargoSha256 = fakeSha256;
    meta = with lib; {
      description = "a minimal obs CLI for obs-websocket v5";
      homepage = "https://github.com/grigio/obs-cmd";
      license = licenses.mit;
      maintainers = [ maintainers.mrVanDalo ];
      platforms = platforms.all;
    };
  };
  # Lassulus streaming setup
  # -------------------------
  # ffmpeg \
@ -53,7 +57,12 @@ let
    name = "screen-keys";
    paths =
      let
-        screenKeyScript = { position ? "bottom", size ? "small", ... }:
+        screenKeyScript =
          {
            position ? "bottom",
            size ? "small",
            ...
          }:
          pkgs.writeShellScriptBin "screenkeys-${position}-${size}" # sh
            ''
              ${pkgs.screenkey}/bin/screenkey \
@ -65,27 +74,41 @@ let
                                "$@"
            '';
      in
-      lib.flatten (lib.flip map [ "large" "small" "medium" ] (size:
+      lib.flatten (
-        lib.flip map [ "top" "center" "bottom" ]
+        lib.flip map
-          (position: screenKeyScript { inherit size position; })));
+          [
            "large"
            "small"
            "medium"
          ]
          (
            size:
            lib.flip map [
              "top"
              "center"
              "bottom"
            ] (position: screenKeyScript { inherit size position; })
          )
      );
  };
  mpvReview =
    let
-      moveToDir = key: dir: pkgs.writeText "move-with-${key}.lua" ''
+      moveToDir =
-        tmp_dir = "${dir}"
+        key: dir:
        pkgs.writeText "move-with-${key}.lua" ''
          tmp_dir = "${dir}"
-        function move_current_track_${key}()
+          function move_current_track_${key}()
-          track = mp.get_property("path")
+            track = mp.get_property("path")
-          os.execute("mkdir -p '" .. tmp_dir .. "'")
+            os.execute("mkdir -p '" .. tmp_dir .. "'")
-          os.execute("mv '" .. track .. "' '" .. tmp_dir .. "'")
+            os.execute("mv '" .. track .. "' '" .. tmp_dir .. "'")
-          print("moved '" .. track .. "' to " .. tmp_dir)
+            print("moved '" .. track .. "' to " .. tmp_dir)
-          mp.command("playlist-next")
+            mp.command("playlist-next")
-        end
+          end
-        mp.add_key_binding("${key}", "move_current_track_${key}", move_current_track_${key})
+          mp.add_key_binding("${key}", "move_current_track_${key}", move_current_track_${key})
-      '';
+        '';
      delete = moveToDir "D" "./.graveyard";
      good = moveToDir "G" "./.good";
    in
@ -110,7 +133,6 @@ in
  config = mkIf (config.components.media.video.enable) {
    home-manager.sharedModules = [
      {
        programs.obs-studio = {
@ -123,7 +145,6 @@ in
      }
    ];
    boot.kernelModules = [ "v4l2loopback" ];
    boot.extraModulePackages = [ pkgs.linuxPackages.v4l2loopback ];
@ -137,7 +158,6 @@ in
      alphaSafe
      sanitizeFolder
      # obs studio stuff
      obs-cli
      v4l-utils
@ -154,8 +174,6 @@ in
      handbrake
      ffmpeg-full
    ];
  };
 }
--- a/components/monitor/logs-promtail.nix
+++ b/components/monitor/logs-promtail.nix
@ -33,7 +33,7 @@ in
      services.promtail = {
        enable = true;
        configuration = {
-          server. disable = true;
+          server.disable = true;
          positions.filename = "/var/cache/promtail/positions.yaml";
          clients = [
@ -49,7 +49,15 @@ in
              _end = ''{{ end }}'';
              elseblock = index: replacement: "${_elseif index}${_replace index replacement}";
              ifblock = index: replacement: "${_if index}${_replace index replacement}";
-              createTemplateLine = list: "${concatStrings (imap0 (index: replacement: if index == 0 then ifblock index replacement else elseblock index replacement) list)}${_end}";
+              createTemplateLine =
                list:
                "${
                  concatStrings (
                    imap0 (
                      index: replacement: if index == 0 then ifblock index replacement else elseblock index replacement
                    ) list
                  )
                }${_end}";
            in
            [
              {
@ -117,36 +125,35 @@ in
                  }
                  {
                    # Map facility to human readable
-                    template =
+                    template = {
-                      {
+                      source = "facility_label";
-                        source = "facility_label";
+                      template = createTemplateLine [
-                        template = createTemplateLine [
+                        "kern" # Kernel messages
-                          "kern" # Kernel messages
+                        "user" # User-level messages
-                          "user" # User-level messages
+                        "mail" # Mail system	Archaic POSIX still supported and sometimes used (for more mail(1))
-                          "mail" # Mail system	Archaic POSIX still supported and sometimes used (for more mail(1))
+                        "daemon" # System daemons	All daemons, including systemd and its subsystems
-                          "daemon" # System daemons	All daemons, including systemd and its subsystems
+                        "auth" # Security/authorization messages	Also watch for different facility 10
-                          "auth" # Security/authorization messages	Also watch for different facility 10
+                        "syslog" # Messages generated internally by syslogd	For syslogd implementations (not used by systemd, see facility 3)
-                          "syslog" # Messages generated internally by syslogd	For syslogd implementations (not used by systemd, see facility 3)
+                        "lpr" # Line printer subsystem (archaic subsystem)
-                          "lpr" # Line printer subsystem (archaic subsystem)
+                        "news" # Network news subsystem (archaic subsystem)
-                          "news" # Network news subsystem (archaic subsystem)
+                        "uucp" # UUCP subsystem (archaic subsystem)
-                          "uucp" # UUCP subsystem (archaic subsystem)
+                        "clock" # Clock daemon	systemd-timesyncd
-                          "clock" # Clock daemon	systemd-timesyncd
+                        "authpriv" # Security/authorization messages	Also watch for different facility 4
-                          "authpriv" # Security/authorization messages	Also watch for different facility 4
+                        "ftp" # FTP daemon
-                          "ftp" # FTP daemon
+                        "-" # NTP subsystem
-                          "-" # NTP subsystem
+                        "-" # Log audit
-                          "-" # Log audit
+                        "-" # Log alert
-                          "-" # Log alert
+                        "cron" # Scheduling daemon
-                          "cron" # Scheduling daemon
+                        "local0" # Local use 0 (local0)
-                          "local0" # Local use 0 (local0)
+                        "local1" # Local use 1 (local1)
-                          "local1" # Local use 1 (local1)
+                        "local2" # Local use 2 (local2)
-                          "local2" # Local use 2 (local2)
+                        "local3" # Local use 3 (local3)
-                          "local3" # Local use 3 (local3)
+                        "local4" # Local use 4 (local4)
-                          "local4" # Local use 4 (local4)
+                        "local5" # Local use 5 (local5)
-                          "local5" # Local use 5 (local5)
+                        "local6" # Local use 6 (local6)
-                          "local6" # Local use 6 (local6)
+                        "local7" # Local use 7 (local7)
-                          "local7" # Local use 7 (local7)
+                      ];
-                        ];
+                    };
                      };
                  }
                  {
                    # Key is REQUIRED and the name for the label that will be created.
--- a/components/monitor/metrics-export-zfs.nix
+++ b/components/monitor/metrics-export-zfs.nix
@ -1,4 +1,9 @@
-{ pkgs, config, lib, ... }:
+{
  pkgs,
  config,
  lib,
  ...
 }:
 with lib;
 with types;
 {
@ -18,9 +23,11 @@ with types;
          {
            job_name = "zfs";
            scrape_interval = "10s";
-            static_configs = [{
+            static_configs = [
-              targets = [ "127.0.0.1:${toString config.services.prometheus.exporters.zfs.port}" ];
+              {
-            }];
+                targets = [ "127.0.0.1:${toString config.services.prometheus.exporters.zfs.port}" ];
              }
            ];
          }
        ];
        service.pipelines.metrics.receivers = [ "prometheus" ];
--- a/components/monitor/metrics-netdata.nix
+++ b/components/monitor/metrics-netdata.nix
@ -1,4 +1,9 @@
-{ lib, pkgs, config, ... }:
+{
  lib,
  pkgs,
  config,
  ...
 }:
 with lib;
 with types;
 {
@ -18,7 +23,7 @@ with types;
        scrape_interval = "10s";
        metrics_path = "/api/v1/allmetrics";
        params.format = [ "prometheus" ];
-        static_configs = [{ targets = [ "127.0.0.1:19999" ]; }];
+        static_configs = [ { targets = [ "127.0.0.1:19999" ]; } ];
      }
    ];
--- a/components/monitor/metrics-prometheus.nix
+++ b/components/monitor/metrics-prometheus.nix
@ -36,7 +36,7 @@ in
          job_name = "opentelemetry";
          metrics_path = "/metrics";
          scrape_interval = "10s";
-          static_configs = [{ targets = [ "localhost:${toString cfg.port}" ]; }];
+          static_configs = [ { targets = [ "localhost:${toString cfg.port}" ]; } ];
        }
      ];
    })
--- a/components/monitor/metrics-telegraf.nix
+++ b/components/monitor/metrics-telegraf.nix
@ -1,4 +1,9 @@
-{ config, pkgs, lib, ... }:
+{
  config,
  pkgs,
  lib,
  ...
 }:
 with lib;
 with types;
 let
@ -24,7 +29,9 @@ in
        receivers.influxdb.endpoint = "127.0.0.1:${toString cfg.influxDBPort}";
        service.pipelines.metrics.receivers = [ "influxdb" ];
      };
-      services.telegraf.extraConfig.outputs.influxdb_v2.urls = [ "http://127.0.0.1:${toString cfg.influxDBPort}" ];
+      services.telegraf.extraConfig.outputs.influxdb_v2.urls = [
        "http://127.0.0.1:${toString cfg.influxDBPort}"
      ];
    })
    (mkIf config.components.monitor.telegraf.enable {
@ -41,7 +48,7 @@ in
            processes = { };
            system = { };
            systemd_units = { };
-            ping = [{ urls = [ "10.100.0.1" ]; }]; # actually important to make machine visible over wireguard
+            ping = [ { urls = [ "10.100.0.1" ]; } ]; # actually important to make machine visible over wireguard
          };
        };
      };
--- a/components/monitor/opentelemetry.nix
+++ b/components/monitor/opentelemetry.nix
@ -1,4 +1,9 @@
-{ pkgs, config, lib, ... }:
+{
  pkgs,
  config,
  lib,
  ...
 }:
 with lib;
 with types;
 let
@ -22,7 +27,10 @@ in
      description = "endpoint to ship opentelementry data too";
    };
    exporter.debug = mkOption {
-      type = nullOr (enum [ "logs" "metrics" ]);
+      type = nullOr (enum [
        "logs"
        "metrics"
      ]);
      default = null;
      description = "enable debug exporter.";
    };
@ -61,11 +69,13 @@ in
              include = ".*";
              match_type = "regexp";
              action = "update";
-              operations = [{
+              operations = [
-                action = "add_label";
+                {
-                new_label = "machine";
+                  action = "add_label";
-                new_value = config.networking.hostName;
+                  new_label = "machine";
-              }];
+                  new_value = config.networking.hostName;
                }
              ];
            }
          ];
        };
@ -85,7 +95,6 @@ in
      };
    })
    (mkIf (config.components.monitor.opentelemetry.exporter.debug != null) {
      services.opentelemetry-collector.settings = {
        exporters.debug = {
@ -111,24 +120,26 @@ in
    })
    (mkIf
      (
-        config.components.monitor.opentelemetry.exporter.endpoint != null &&
+        config.components.monitor.opentelemetry.exporter.endpoint != null
-        config.components.monitor.logs.enable
+        && config.components.monitor.logs.enable
      )
      {
        services.opentelemetry-collector.settings = {
          service.pipelines.logs.exporters = [ "otlp" ];
        };
-      })
+      }
    )
    (mkIf
      (
-        config.components.monitor.opentelemetry.exporter.endpoint != null &&
+        config.components.monitor.opentelemetry.exporter.endpoint != null
-        config.components.monitor.metrics.enable
+        && config.components.monitor.metrics.enable
      )
      {
        services.opentelemetry-collector.settings = {
          service.pipelines.metrics.exporters = [ "otlp" ];
        };
-      })
+      }
    )
    # ship from other instance
    (mkIf (config.components.monitor.opentelemetry.receiver.endpoint != null) {
@ -138,26 +149,26 @@ in
    })
    (mkIf
      (
-        config.components.monitor.opentelemetry.receiver.endpoint != null &&
+        config.components.monitor.opentelemetry.receiver.endpoint != null
-        config.components.monitor.logs.enable
+        && config.components.monitor.logs.enable
      )
      {
        services.opentelemetry-collector.settings = {
          service.pipelines.logs.receivers = [ "otlp" ];
        };
-      })
+      }
    )
    (mkIf
      (
-        config.components.monitor.opentelemetry.receiver.endpoint != null &&
+        config.components.monitor.opentelemetry.receiver.endpoint != null
-        config.components.monitor.metrics.enable
+        && config.components.monitor.metrics.enable
      )
      {
        services.opentelemetry-collector.settings = {
          service.pipelines.metrics.receivers = [ "otlp" ];
        };
-      })
+      }
-
+    )
    # scrape opentelemetry-colectors metrics
    # todo: this should be collected another way (opentelemetry internal?)
@ -169,9 +180,11 @@ in
            {
              job_name = "otelcol";
              scrape_interval = "10s";
-              static_configs = [{
+              static_configs = [
-                targets = [ cfg.metrics.endpoint ];
+                {
-              }];
+                  targets = [ cfg.metrics.endpoint ];
                }
              ];
              metric_relabel_configs = [
                {
                  source_labels = [ "__name__" ];
@ -195,7 +208,7 @@ in
      };
    })
-    (mkIf (! config.components.monitor.metrics.enable) {
+    (mkIf (!config.components.monitor.metrics.enable) {
      services.opentelemetry-collector.settings = {
        service.telemetry.metrics.level = "none";
      };
--- a/components/network/default.nix
+++ b/components/network/default.nix
@ -11,7 +11,6 @@ with types;
  imports = [
    #./avahi.nix
    ./fail2ban.nix
    ./hosts.nix
    ./nginx.nix
    ./sshd
--- a/components/network/nginx.nix
+++ b/components/network/nginx.nix
@ -1,4 +1,10 @@
-{ config, lib, pkgs, assets, ... }:
+{
  config,
  lib,
  pkgs,
  assets,
  ...
 }:
 with lib;
 {
  options.components.network.nginx.enable = mkOption {
@ -16,8 +22,13 @@ with lib;
      environment.systemPackages = [
        pkgs.nginx-config-formatter
-        (pkgs.writers.writePython3Bin "nginx-show-config" { flakeIgnore = [ "E265" "E225" "W292" ]; }
+        (pkgs.writers.writePython3Bin "nginx-show-config" {
-          (lib.fileContents "${assets}/nginx-show-config.py"))
+          flakeIgnore = [
            "E265"
            "E225"
            "W292"
          ];
        } (lib.fileContents "${assets}/nginx-show-config.py"))
      ];
      security.acme.defaults.email = "contact@ingolf-wagner.de";
@ -85,7 +96,11 @@ with lib;
          root = pkgs.landingpage.override {
            jsonConfig =
              let
-                entry = { machine, items ? [ ] }:
+                entry =
                  {
                    machine,
                    items ? [ ],
                  }:
                  {
                    text = machine;
                    items = [
@ -174,14 +189,12 @@ with lib;
                    {
                      label = "Hetzner Cloud";
                      href = "https://console.hetzner.cloud/projects";
-                      image =
+                      image = "https://media.giphy.com/media/NECZ8crkbXR0k/giphy.gif";
                        "https://media.giphy.com/media/NECZ8crkbXR0k/giphy.gif";
                    }
                    {
                      label = "Cups";
                      href = "http://localhost:631/";
-                      image =
+                      image = "https://media.giphy.com/media/7hU7x4GPurk2c/giphy.gif";
                        "https://media.giphy.com/media/7hU7x4GPurk2c/giphy.gif";
                    }
                  ];
                }
@ -191,52 +204,42 @@ with lib;
                    {
                      label = "NixOS Manual";
                      href = "https://nixos.org/nixos/manual/";
-                      image =
+                      image = "https://media.giphy.com/media/dsdVyKkSqccEzoPufX/giphy.gif";
                        "https://media.giphy.com/media/dsdVyKkSqccEzoPufX/giphy.gif";
                    }
                    {
                      label = "Nixpkgs Manual";
                      href = "https://nixos.org/nixpkgs/manual/";
-                      image =
+                      image = "https://media.giphy.com/media/dsdVyKkSqccEzoPufX/giphy.gif";
                        "https://media.giphy.com/media/dsdVyKkSqccEzoPufX/giphy.gif";
                    }
                    {
                      label = "NixOS Reference";
-                      href =
+                      href = "https://storage.googleapis.com/files.tazj.in/nixdoc/manual.html#sec-functions-library";
-                        "https://storage.googleapis.com/files.tazj.in/nixdoc/manual.html#sec-functions-library";
+                      image = "https://media.giphy.com/media/LkjlH3rVETgsg/giphy.gif";
                      image =
                        "https://media.giphy.com/media/LkjlH3rVETgsg/giphy.gif";
                    }
                    {
                      label = "Nix Packages";
                      href = "https://nixos.org/nixos/packages.html";
-                      image =
+                      image = "https://media.giphy.com/media/l2YWlohvjPnsvkdEc/giphy.gif";
                        "https://media.giphy.com/media/l2YWlohvjPnsvkdEc/giphy.gif";
                    }
                    {
                      label = "NixOS Language specific helpers";
-                      href =
+                      href = "https://nixos.wiki/wiki/Language-specific_package_helpers";
-                        "https://nixos.wiki/wiki/Language-specific_package_helpers";
+                      image = "https://media.giphy.com/media/LkjlH3rVETgsg/giphy.gif";
                      image =
                        "https://media.giphy.com/media/LkjlH3rVETgsg/giphy.gif";
                    }
                    {
                      label = "NixOS Weekly";
                      href = "https://weekly.nixos.org/";
-                      image =
+                      image = "https://media.giphy.com/media/lXiRLb0xFzmreM8k8/giphy.gif";
                        "https://media.giphy.com/media/lXiRLb0xFzmreM8k8/giphy.gif";
                    }
                    {
                      label = "NixOS Security";
                      href = "https://broken.sh/";
-                      image =
+                      image = "https://media.giphy.com/media/BqILAHjH1Ttm0/giphy.gif";
                        "https://media.giphy.com/media/BqILAHjH1Ttm0/giphy.gif";
                    }
                    {
                      label = "NixOS RFCs";
                      href = "https://github.com/NixOS/rfcs/";
-                      image =
+                      image = "https://media.giphy.com/media/Uq9bGjGKg08M0/giphy.gif";
                        "https://media.giphy.com/media/Uq9bGjGKg08M0/giphy.gif";
                    }
                  ];
                }
--- a/components/network/sshd/default.nix
+++ b/components/network/sshd/default.nix
@ -1,4 +1,10 @@
-{ pkgs, config, lib, assets, ... }:
+{
  pkgs,
  config,
  lib,
  assets,
  ...
 }:
 with lib;
 with types;
 let
@ -6,12 +12,10 @@ let
  cfg = config.components.network.sshd;
  # maybe ascii-image-converter is also nice here
-  sshBanner = pkgs.runCommand "ssh-banner"
+  sshBanner = pkgs.runCommand "ssh-banner" { nativeBuildInputs = [ pkgs.boxes ]; } ''
    { nativeBuildInputs = [ pkgs.boxes ]; } ''
    echo "${config.networking.hostName}" | boxes -d ansi -s 80x1 -a r > $out
  '';
 in
 {
@ -31,10 +35,6 @@ in
      default = [ ];
      description = "keys to root login";
    };
    sshguard.enable = mkOption {
      type = bool;
      default = config.components.network.sshd.enable;
    };
    onlyTincAccess = mkOption {
      type = bool;
      default = false;
@ -71,12 +71,6 @@ in
    })
    (mkIf cfg.sshguard.enable {
      environment.systemPackages = [ pkgs.ipset ];
      services.sshguard.enable = lib.mkDefault true;
      #boot.kernelModules = ["xt_set"];
    })
    (mkIf (cfg.onlyTincAccess && cfg.enable) {
      networking.firewall.extraCommands = ''
        iptables --table nat --append PREROUTING ! --in-interface tinc.+ --protocol tcp --match tcp --dport 22 --jump REDIRECT --to-ports 0
--- a/components/network/sshd/known-hosts-manual.nix
+++ b/components/network/sshd/known-hosts-manual.nix
@ -1,4 +1,10 @@
-{ pkgs, config, lib, clanLib, ... }:
+{
  pkgs,
  config,
  lib,
  clanLib,
  ...
 }:
 with lib;
 let
  publicKey = clanLib.readFact "ssh.id_ed25519.pub";
--- a/components/network/sshd/known-hosts-public.nix
+++ b/components/network/sshd/known-hosts-public.nix
@ -1,4 +1,9 @@
-{ pkgs, config, lib, ... }:
+{
  pkgs,
  config,
  lib,
  ...
 }:
 with lib;
 {
  config = mkIf (config.components.network.sshd.enable) {
@ -28,65 +33,66 @@ with lib;
      };
      gitlab = {
        hostNames = [ "gitlab.com" ];
-        publicKey =
+        publicKey = "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBFSMqzJeV9rUzU4kWitGjeR4PWSa29SPqJ1fVkhtj3Hw9xjLVXVYrU9QlYWrOLXBpQ6KWjbjTDTdDkoohFzgbEY=";
          "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBFSMqzJeV9rUzU4kWitGjeR4PWSa29SPqJ1fVkhtj3Hw9xjLVXVYrU9QlYWrOLXBpQ6KWjbjTDTdDkoohFzgbEY=";
      };
      gitlab-bk = {
-        hostNames = [ "gitlab.bk-bund-berlin.de" "116.203.133.59" ];
+        hostNames = [
-        publicKey =
+          "gitlab.bk-bund-berlin.de"
-          "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBCG/sjnOlbrmpUliFtM5fmZTcm2wpUoP5OQEzFrrkkwhstCO9fMty9mp5qnKlezYA9+l78RTd218qFjSKYxTQNw=";
+          "116.203.133.59"
        ];
        publicKey = "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBCG/sjnOlbrmpUliFtM5fmZTcm2wpUoP5OQEzFrrkkwhstCO9fMty9mp5qnKlezYA9+l78RTd218qFjSKYxTQNw=";
      };
      # space-left
      gitlabSpaceLeft = {
        hostNames = [ "git.space-left.org" ];
-        publicKey =
+        publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAapztj8I3xy6Ea8A1q7Mo5C6zdgsK1bguAXcKUDCRBO";
          "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAapztj8I3xy6Ea8A1q7Mo5C6zdgsK1bguAXcKUDCRBO";
      };
      # c-base
      "bnd-cbase" = {
        hostNames = [ "bnd.cbrp3.c-base.org" ];
-        publicKey =
+        publicKey = "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBKDknNl4M2WZChp1N/eRIpem2AEOceGIqvjo0ptBuwxUn0w0B8MGTVqoI+pnUVypORJRoNrLPOAkmEVr32BDN3E=";
          "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBKDknNl4M2WZChp1N/eRIpem2AEOceGIqvjo0ptBuwxUn0w0B8MGTVqoI+pnUVypORJRoNrLPOAkmEVr32BDN3E=";
      };
      "shell.cbase" = {
        hostNames = [ "shell.c-base.org" ];
-        publicKey =
+        publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOBKBn0mZtG3KWxpFqqcog8zvdIVrZmwj+ARujuNIAfo";
          "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOBKBn0mZtG3KWxpFqqcog8zvdIVrZmwj+ARujuNIAfo";
      };
      "kgb.cbase" = {
        hostNames = [ "kgb.cbrp3.c-base.org" ];
-        publicKey =
+        publicKey = "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBAdyl7fnnCqomghJ1TDbh5FWFQWFwoO1Y1U/FpmWd8a9RcQvN0Izhg/7A+7ptDxbmpVii8hqfghlqUwtvVy7jo8=";
          "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBAdyl7fnnCqomghJ1TDbh5FWFQWFwoO1Y1U/FpmWd8a9RcQvN0Izhg/7A+7ptDxbmpVii8hqfghlqUwtvVy7jo8=";
      };
      "cns.cbase" = {
        hostNames = [ "cns.c-base.org" ];
-        publicKey =
+        publicKey = "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBOtlyLA2nMK9Uqpv4EbWS+rZ9Mx4bAjURmH+zrXkuRGBcU1cKm+TZfWe9/rPX57KaMPBDyIygOJIsM2T5SqX90A=";
          "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBOtlyLA2nMK9Uqpv4EbWS+rZ9Mx4bAjURmH+zrXkuRGBcU1cKm+TZfWe9/rPX57KaMPBDyIygOJIsM2T5SqX90A=";
      };
      "lassulus" = {
        hostNames = [ "[lassul.us]:45621" ];
-        publicKey =
+        publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAsANFdMi825qWQXQbWLYuNZ6/fARt3lnh1KStQHQQMD";
          "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAsANFdMi825qWQXQbWLYuNZ6/fARt3lnh1KStQHQQMD";
      };
      renoise = {
-        hostNames = [ "*.renoise.com" "renoise.com" "94.130.128.97" ];
+        hostNames = [
-        publicKey =
+          "*.renoise.com"
-          "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBLXxhBlYQJxgcLqKywpl1tI1N/+B5bkptAnR2a3tsRybq0IHZnIkSRGUYcu5zPwJT+bitVw8BvIaGzxI+Zm2ivE=";
+          "renoise.com"
          "94.130.128.97"
        ];
        publicKey = "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBLXxhBlYQJxgcLqKywpl1tI1N/+B5bkptAnR2a3tsRybq0IHZnIkSRGUYcu5zPwJT+bitVw8BvIaGzxI+Zm2ivE=";
      };
      git-renoise = {
-        hostNames = [ "[git.renoise.com]:2229" "[94.130.128.97]:2229" ];
+        hostNames = [
-        publicKey =
+          "[git.renoise.com]:2229"
-          "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCmIOTjQsD1TaD9MiECcRqwfAXfRdbI+2pkuF+zhBUkrX41NA4LzifPY4Iw3PlklE0YGIOzYyNitzkdgxIWkeqa0Y9iL3gGZBuLFORj5YXWlDKB2RrPAsZRL8y69y4H6RWPpL6DHHsf9eT+HgRzWzzn5nUFLfkCsuM96BqjIKN1pinIBcE6gst1UUSwSTjK8XZA5d4BiSrLF4HiNXnDm+qniYGbGkzZcjn1ua+l0GdGbfg9TotFnSK/QXgN3MeHHDZKnIjOIkOXCY+L5URe0RHo6pBFdj+BLr211AJhB52MrDNudQcY6eSQiJ08LeE6SkcrsQO/VZ/JnOkHxHd2mOyH";
+          "[94.130.128.97]:2229"
        ];
        publicKey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCmIOTjQsD1TaD9MiECcRqwfAXfRdbI+2pkuF+zhBUkrX41NA4LzifPY4Iw3PlklE0YGIOzYyNitzkdgxIWkeqa0Y9iL3gGZBuLFORj5YXWlDKB2RrPAsZRL8y69y4H6RWPpL6DHHsf9eT+HgRzWzzn5nUFLfkCsuM96BqjIKN1pinIBcE6gst1UUSwSTjK8XZA5d4BiSrLF4HiNXnDm+qniYGbGkzZcjn1ua+l0GdGbfg9TotFnSK/QXgN3MeHHDZKnIjOIkOXCY+L5URe0RHo6pBFdj+BLr211AJhB52MrDNudQcY6eSQiJ08LeE6SkcrsQO/VZ/JnOkHxHd2mOyH";
      };
      "siteground" = {
-        hostNames = [ "[es5.siteground.eu]:18765" "[37.60.224.6]:18765" ];
+        hostNames = [
-        publicKey =
+          "[es5.siteground.eu]:18765"
-          "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBHZuvHooyHa69rU+SfOghM6yfc7bce5cMi9sh5JkoLPi+m8QEkX3oiG9rRpAhp0GYnB74M4l1+0XlxmG7/HVmq0=";
+          "[37.60.224.6]:18765"
        ];
        publicKey = "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBHZuvHooyHa69rU+SfOghM6yfc7bce5cMi9sh5JkoLPi+m8QEkX3oiG9rRpAhp0GYnB74M4l1+0XlxmG7/HVmq0=";
      };
      "cracksucht.de" = {
        hostNames = [ "cracksucht.de" ];
-        publicKey =
+        publicKey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDVqpWzX+C7veO/1MDSdh5ukFhpI4cfXevbl6DVb9gVt1wdYB0JsiMiWfl13MZJy9iEP/KfwRLYmu8i36tDR9uJfHQyLK8G7q2DhrleIPgM3dFCdDU1QtulE8hEq/ZsqzMn/QIHYIipIqzNfmC/xnpX2gIo09T7EY+n863ALlj+GqxMb4nr2XDLY+Lllo2yMzylJIz9q8U5hOmzrlCnBpf2MPMwanHXnZXj2CmO80VyBHnAMJ/h72AN1qzDaHFlhxh0Li/POc1bpDjiVjiUPgimHZWpi3VObxWLLn2zf+RH2lx0yXMccSEnkWvHp+Ll5apIUUS+vTlDo3niWpEfGZLl root@debian";
          "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDVqpWzX+C7veO/1MDSdh5ukFhpI4cfXevbl6DVb9gVt1wdYB0JsiMiWfl13MZJy9iEP/KfwRLYmu8i36tDR9uJfHQyLK8G7q2DhrleIPgM3dFCdDU1QtulE8hEq/ZsqzMn/QIHYIipIqzNfmC/xnpX2gIo09T7EY+n863ALlj+GqxMb4nr2XDLY+Lllo2yMzylJIz9q8U5hOmzrlCnBpf2MPMwanHXnZXj2CmO80VyBHnAMJ/h72AN1qzDaHFlhxh0Li/POc1bpDjiVjiUPgimHZWpi3VObxWLLn2zf+RH2lx0yXMccSEnkWvHp+Ll5apIUUS+vTlDo3niWpEfGZLl root@debian";
      };
    };
--- a/components/network/sshd/known-hosts-zerotier.nix
+++ b/components/network/sshd/known-hosts-zerotier.nix
@ -1,27 +1,38 @@
-{ lib, config, clanLib, ... }:
+{
  lib,
  config,
  clanLib,
  ...
 }:
 with lib;
 with types;
 let
  machines = clanLib.allMachineNames;
  publicKey = clanLib.readFact "ssh.id_ed25519.pub";
  tld = config.clan.static-hosts.topLevelDomain;
-  knownHosts = lib.genAttrs machines
+  knownHosts = lib.genAttrs machines (machine: {
-    (machine:
+    hostNames = [
-      {
+      "${machine}"
-        hostNames = [
+      "${machine}.${tld}"
-          "[${machine}]:2222"
+      "${machine}.private"
-          "[${machine}.${tld}]:2222"
+    ];
-          "[${machine}.private]:2222"
+    publicKey = publicKey machine;
-          "${machine}"
+  });
-          "${machine}.${tld}"
+  bootMachines = clanLib.readFactFromAllMachines "ssh.boot.id_ed25519.pub";
-          "${machine}.private"
+  knownBootHosts = lib.mapAttrs' (
-        ];
+    machine: publicKey:
-        publicKey = publicKey machine;
+    nameValuePair "boot_${machine}" {
-      }
+      inherit publicKey;
-    );
+      hostNames = [
        "[${machine}]:2222"
        "[${machine}.public]:2222"
      ];
    }
  ) bootMachines;
 in
 {
  # todo : move this to the proper place
  options.components.network.zerotier = {
    enable = mkOption {
      type = bool;
@ -30,6 +41,6 @@ in
  };
  config = mkIf config.components.network.zerotier.enable {
-    services.openssh.knownHosts = knownHosts;
+    services.openssh.knownHosts = knownHosts // knownBootHosts;
  };
 }
--- a/components/network/syncthing.nix
+++ b/components/network/syncthing.nix
@ -1,15 +1,13 @@
-{ config, lib, pkgs, factsGenerator, clanLib, ... }:
+{
-let
+  config,
-  clanMachines =
+  lib,
-    lib.mapAttrs
+  pkgs,
-      (machine: facts: {
+  factsGenerator,
-        name = machine;
+  clanLib,
-        id = facts."syncthing.pub";
+  ...
-        addresses = [ "tcp://[${facts."zerotier-ip"}]:22000" ];
+}:
-      })
+with lib;
-      (clanLib.readFactsFromAllMachines [ "syncthing.pub" "zerotier-ip" ]);
+{
 in
 with lib; {
  # networking.firewall.interfaces."gummybears".allowedTCPPorts = [ 8384 ];
@ -22,6 +20,19 @@ with lib; {
    cert = config.clan.core.facts.services.syncthing.secret."syncthing.cert".path;
    settings.devices =
      let
        clanMachines =
          lib.mapAttrs
            (machine: facts: {
              name = machine;
              id = facts."syncthing.pub";
              addresses = [ "tcp://[${facts."zerotier-ip"}]:22000" ];
            })
            (
              clanLib.readFactsFromAllMachines [
                "syncthing.pub"
                "zerotier-ip"
              ]
            );
        device = machine: id: {
          "${machine}" = {
            name = machine;
@ -32,22 +43,26 @@ with lib; {
      in
      clanMachines
      // (device "iPhone" "RPQBSRB-DYEUUWQ-EAPMBA2-PL4MJ73-Y4F4ZTH-TAD7DUE-GEK56BG-HYW6YAF")
-      // (device "bumba" "JS7PWTO-VKFGBUP-GNFLSWP-MGFJ2KH-HLO2LKW-V3RPCR6-PCB5SQC-42FCKQZ")
+      // (device "bumba" "JS7PWTO-VKFGBUP-GNFLSWP-MGFJ2KH-HLO2LKW-V3RPCR6-PCB5SQC-42FCKQZ");
    ;
    settings.folders = {
      # needs to be on encrypted drives
      # -------------------------------
      audiobooks = {
        enable = lib.mkDefault false;
        path = lib.mkDefault "/tmp/audiobooks";
-        devices = [ "chungus" "orbi" ];
+        devices = [
          "chungus"
          "orbi"
        ];
      };
      books = {
        enable = lib.mkDefault false;
        path = lib.mkDefault "/tmp/books";
-        devices = [ "chungus" "cream" "cherry" ];
+        devices = [
          "chungus"
          "cream"
          "cherry"
        ];
        versioning = {
          type = "simple";
          params.keep = "2";
@ -56,12 +71,20 @@ with lib; {
      desktop = {
        enable = lib.mkDefault false;
        path = lib.mkDefault "/tmp/desktop";
-        devices = [ "chungus" "cream" "cherry" ];
+        devices = [
          "chungus"
          "cream"
          "cherry"
        ];
      };
      finance = {
        enable = lib.mkDefault false;
        path = lib.mkDefault "/tmp/finance";
-        devices = [ "chungus" "cream" "cherry" ];
+        devices = [
          "chungus"
          "cream"
          "cherry"
        ];
        versioning = {
          type = "simple";
          params.keep = "10";
@ -70,27 +93,46 @@ with lib; {
      flix = {
        enable = lib.mkDefault false;
        path = lib.mkDefault "/tmp/flix";
-        devices = [ "chungus" "orbi" ];
+        devices = [
          "chungus"
          "orbi"
        ];
      };
      logseq = {
        enable = lib.mkDefault false;
        path = lib.mkDefault "/tmp/logseq";
-        devices = [ "chungus" "cream" "cherry" "iPhone" ];
+        devices = [
          "chungus"
          "cream"
          "cherry"
          "iPhone"
        ];
      };
      lectures = {
        enable = lib.mkDefault false;
        path = lib.mkDefault "/tmp/lectures";
-        devices = [ "chungus" "orbi" ];
+        devices = [
          "chungus"
          "orbi"
        ];
      };
      oscar_cpap = {
        enable = lib.mkDefault false;
        path = lib.mkDefault "/tmp/oscar_cpap";
-        devices = [ "chungus" "cream" "cherry" ];
+        devices = [
          "chungus"
          "cream"
          "cherry"
        ];
      };
      password-store = {
        enable = lib.mkDefault false;
        path = lib.mkDefault "/tmp/password-store";
-        devices = [ "chungus" "cream" "cherry" ];
+        devices = [
          "chungus"
          "cream"
          "cherry"
        ];
        versioning = {
          type = "simple";
          params.keep = "10";
@ -100,18 +142,12 @@ with lib; {
      share = {
        enable = lib.mkDefault false;
        path = lib.mkDefault "/tmp/password-store";
-        devices = [ "cream" "cherry" "orbi" ];
+        devices = [
          "cream"
          "cherry"
          "orbi"
        ];
      };
      # todo remove if zfs is is used
      #nextcloud_backup = {
      #  enable = lib.mkDefault false;
      #  path = lib.mkDefault "/tmp/lost-fotos";
      #  devices = [ "chungus"  ];
      #  versioning = {
      #    type = "simple";
      #    params.keep = "2";
      #  };
      #};
    };
  };
--- a/components/network/tinc/default.nix
+++ b/components/network/tinc/default.nix
@ -1,4 +1,10 @@
-{ lib, config, factsGenerator, clanLib, ... }:
+{
  lib,
  config,
  factsGenerator,
  clanLib,
  ...
 }:
 with lib;
 {
@ -20,18 +26,21 @@ with lib;
  };
  config = mkMerge [
-    (mkIf config.tinc.private.enable (import ./private.nix {
+    (mkIf config.tinc.private.enable (
-      ipv4 = config.tinc.private.ipv4;
+      import ./private.nix {
-      ipv6 = null;
+        ipv4 = config.tinc.private.ipv4;
-      inherit (lib) optionalString concatStringsSep mapAttrsToList;
+        ipv6 = null;
-      inherit config factsGenerator clanLib;
+        inherit (lib) optionalString concatStringsSep mapAttrsToList;
-    }))
+        inherit config factsGenerator clanLib;
-    (mkIf config.tinc.secret.enable (import ./secret.nix {
+      }
-      ipv4 = config.tinc.secret.ipv4;
+    ))
-      ipv6 = null;
+    (mkIf config.tinc.secret.enable (
-      inherit (lib) optionalString concatStringsSep mapAttrsToList;
+      import ./secret.nix {
-      inherit config factsGenerator clanLib;
+        ipv4 = config.tinc.secret.ipv4;
-    }))
+        ipv6 = null;
        inherit (lib) optionalString concatStringsSep mapAttrsToList;
        inherit config factsGenerator clanLib;
      }
    ))
  ];
 }
--- a/components/network/tinc/private.nix
+++ b/components/network/tinc/private.nix
@ -1,12 +1,13 @@
-{ ipv4
+{
-, ipv6
+  ipv4,
-, config
+  ipv6,
-, optionalString
+  config,
-, concatStringsSep
+  optionalString,
-, factsGenerator
+  concatStringsSep,
-, mapAttrsToList
+  factsGenerator,
-, clanLib
+  mapAttrsToList,
-, ...
+  clanLib,
  ...
 }:
 let
  hosts = {
@ -26,6 +27,7 @@ let
    "prowlarr.orbi" = hosts.orbi;
    "photoprism.orbi" = hosts.orbi;
    # chungus
    "video.chungus" = hosts.chungus;
    "de.tts.chungus" = hosts.chungus;
    "en.tts.chungus" = hosts.chungus;
    "flix.chungus" = hosts.chungus;
@ -50,35 +52,36 @@ in
  services.tinc.networks = {
    ${network} = {
-      ed25519PrivateKeyFile = config.clan.core.facts.services.tinc_private.secret."tinc.private.ed25519_key.priv".path;
+      ed25519PrivateKeyFile =
        config.clan.core.facts.services.tinc_private.secret."tinc.private.ed25519_key.priv".path;
      interfaceType = "tap";
      extraConfig = ''
        LocalDiscovery = yes
      '';
      hostSettings = {
        mobi = {
-          subnets = [{ address = hosts.mobi; }];
+          subnets = [ { address = hosts.mobi; } ];
          settings.Ed25519PublicKey = "X5sp3YYevVNUrzYvi+HZ2iW5WbO0bIb58jR4jZFH6MB";
        };
        bobi = {
-          subnets = [{ address = hosts.bobi; }];
+          subnets = [ { address = hosts.bobi; } ];
          settings.Ed25519PublicKey = "jwvNd4oAgz2cWEI74VTVYU1qgPWq823/a0iEDqJ8KMD";
        };
        cream = {
-          subnets = [{ address = hosts.cream; }];
+          subnets = [ { address = hosts.cream; } ];
          settings.Ed25519PublicKey = Ed25519PublicKey "cream";
        };
        cherry = {
-          subnets = [{ address = hosts.cherry; }];
+          subnets = [ { address = hosts.cherry; } ];
          settings.Ed25519PublicKey = Ed25519PublicKey "cherry";
        };
        chungus = {
-          subnets = [{ address = hosts.chungus; }];
+          subnets = [ { address = hosts.chungus; } ];
          settings.Ed25519PublicKey = Ed25519PublicKey "chungus";
        };
        orbi = {
-          addresses = [{ address = "95.216.66.212"; }];
+          addresses = [ { address = "95.216.66.212"; } ];
-          subnets = [{ address = hosts.orbi; }];
+          subnets = [ { address = hosts.orbi; } ];
          settings.Ed25519PublicKey = Ed25519PublicKey "orbi";
        };
      };
@ -99,6 +102,8 @@ in
    LinkLocalAddressing = no
  '';
-  networking.extraHosts = concatStringsSep "\n" (mapAttrsToList (name: ip: "${ip} ${name}.${network}") (hosts // subDomains));
+  networking.extraHosts = concatStringsSep "\n" (
    mapAttrsToList (name: ip: "${ip} ${name}.${network}") (hosts // subDomains)
  );
 }
--- a/components/network/tinc/secret.nix
+++ b/components/network/tinc/secret.nix
@ -1,11 +1,12 @@
-{ ipv4
+{
-, ipv6
+  ipv4,
-, config
+  ipv6,
-, optionalString
+  config,
-, concatStringsSep
+  optionalString,
-, mapAttrsToList
+  concatStringsSep,
-, factsGenerator
+  mapAttrsToList,
-, ...
+  factsGenerator,
  ...
 }:
 let
  port = 721;
@ -23,31 +24,37 @@ in
  services.tinc.networks = {
    ${network} = {
-      ed25519PrivateKeyFile = config.clan.core.facts.services.tinc_secret.secret."tinc.secret.ed25519_key.priv".path;
+      ed25519PrivateKeyFile =
        config.clan.core.facts.services.tinc_secret.secret."tinc.secret.ed25519_key.priv".path;
      extraConfig = ''
        LocalDiscovery = yes
        Port = ${toString port}
      '';
      hostSettings = {
        sternchen = {
-          subnets = [{ address = hosts.sternchen; }];
+          subnets = [ { address = hosts.sternchen; } ];
          settings.Ed25519PublicKey = "Z567IKl00Kw5JFBNwMvjL33QYe2hRoNtQcNIDFRPReB";
        };
        cream = {
-          subnets = [{ address = hosts.cream; }];
+          subnets = [ { address = hosts.cream; } ];
          settings.Ed25519PublicKey = "Y/YRA90mAlNEmdhUWlUTHjjsco6d6hlvW11sPtarIdL";
        };
        cherry = {
-          subnets = [{ address = hosts.cherry; }];
+          subnets = [ { address = hosts.cherry; } ];
          settings.Ed25519PublicKey = "BsPIrZjbzn0aryC0HO3OXSb4oFCMmzNDmMDQmxUXUuC";
        };
        sterni = {
-          subnets = [{ address = hosts.sterni; }];
+          subnets = [ { address = hosts.sterni; } ];
          settings.Ed25519PublicKey = "r6mRDc814z2YtyG9ev/XXV2SgquqWR8n53V13xNXb7O";
        };
        robi = {
-          addresses = [{ address = "144.76.13.147"; port = port; }];
+          addresses = [
-          subnets = [{ address = hosts.robi; }];
+            {
              address = "144.76.13.147";
              port = port;
            }
          ];
          subnets = [ { address = hosts.robi; } ];
          settings.Ed25519PublicKey = "bZUbSdME4fwudNVbUoNO7PpoOS2xALsyTs81F260KbL";
        };
      };
@ -68,23 +75,37 @@ in
    LinkLocalAddressing = no
  '';
-  networking.extraHosts = concatStringsSep "\n" (mapAttrsToList (name: ip: "${ip} ${name}.${network}") hosts);
+  networking.extraHosts = concatStringsSep "\n" (
    mapAttrsToList (name: ip: "${ip} ${name}.${network}") hosts
  );
  services.openssh.knownHosts = {
    "cream.${network}" = {
-      hostNames = [ "cream.${network}" hosts.cream ];
+      hostNames = [
        "cream.${network}"
        hosts.cream
      ];
      publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIConHiCL7INgAhuN6Z9TqP0zP+xNpdV7+OHwUca4IRDD";
    };
    "sternchen.${network}" = {
-      hostNames = [ "sterni.${network}" hosts.sterni ];
+      hostNames = [
        "sterni.${network}"
        hosts.sterni
      ];
      publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILriD/0+65L1mkbjKENwpvB3wUMXz/rEf9J8wuJjJa0q";
    };
    "sterni.${network}" = {
-      hostNames = [ "sterni.${network}" hosts.sterni ];
+      hostNames = [
        "sterni.${network}"
        hosts.sterni
      ];
      publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEQRH4gzT4vWSx3KN80ePPYhSPZRUae/qSyEym6pJTht";
    };
    "robi" = {
-      hostNames = [ "robi.${network}" hosts.robi ];
+      hostNames = [
        "robi.${network}"
        hosts.robi
      ];
      publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIK2PGX6cZuBUGX4VweMzi0aRh4uQ61yngCzZGcK3w5XV";
    };
  };
--- a/components/network/wifi.nix
+++ b/components/network/wifi.nix
@ -1,4 +1,9 @@
-{ config, lib, pkgs, ... }:
+{
  config,
  lib,
  pkgs,
  ...
 }:
 with lib;
 with types;
 {
@ -22,7 +27,6 @@ with types;
    # Setting this value to 1 means to try activation once, without retry.
    networking.networkmanager.settings.main.autoconnect-retries-default = 999;
    hardware.enableRedistributableFirmware = true;
    # because Networkd-wait-online is just failing.
@ -47,4 +51,3 @@ with types;
  };
 }
--- a/components/network/wireguard.nix
+++ b/components/network/wireguard.nix
@ -28,6 +28,4 @@ with lib;
    '';
  };
 }
--- a/components/nixos/default.nix
+++ b/components/nixos/default.nix
@ -2,7 +2,6 @@
 {
  imports = [
    ./upgrade-diff.nix
    ./tor-ssh.nix
  ];
  options.components.nixos.enable = lib.mkOption {
--- a/components/nixos/tor-ssh.nix
+++ b/components/nixos/tor-ssh.nix
@ -1,137 +0,0 @@
 { config, lib, pkgs, factsGenerator, clanLib, ... }:
 with lib;
 with types;
 {
  options.components.nixos.boot = {
    enable = lib.mkOption {
      type = lib.types.bool;
      default = false;
    };
    kernelModules = mkOption {
      type = listOf str;
      default = [ ];
      description =
        "lspci -v will tell you which kernel module is used for the ethernet interface";
    };
    ssh.enable = lib.mkOption {
      type = lib.types.bool;
      default = config.components.nixos.boot.enable;
    };
    tor.enable = lib.mkOption {
      type = lib.types.bool;
      default = config.components.nixos.boot.ssh.enable;
    };
  };
  config = mkMerge [
    # todo : not working at the moment, because onion hostnames are secrets
    (
      let
        onionIds = clanLib.readFactFromAllMachines "tor.initrd.hostname";
        generateOnionUnlockScript = machine: onionId: pkgs.writers.writeDashBin "unlock-boot-${machine}-via-tor" ''
          ${pkgs.tor}/bin/torify ${pkgs.openssh}/bin/ssh root@${onionId} -p 2222
        '';
      in
      {
        # add known hosts
        services.openssh.knownHosts =
          mapAttrs
            (_machine: onionId: {
              hostNames = [ "[${onionId}]:2222" ];
            })
            onionIds;
        # create unlook tor boot script
        environment.systemPackages =
          mapAttrsToList generateOnionUnlockScript onionIds;
      }
    )
    # tor part
    # --------
    (mkIf (config.components.nixos.boot.tor.enable) {
      #services.tor = {
      #  enable = true;
      #  client.enable = true;
      #  relay.onionServices.bootup.map = [{ port = 2222; }];
      #};
      # tor setup
      clan.core.facts.services.initrd_tor = factsGenerator.tor { name = ""; };
      boot.initrd.secrets = {
        "/etc/tor/onion/bootup/tor.priv" = config.clan.core.facts.services.initrd_tor.secret."tor.initrd.priv".path;
        "/etc/tor/onion/bootup/hostname" = config.clan.core.facts.services.initrd_tor.secret."tor.initrd.hostname".path;
      };
      #boot.initrd.extraUtilsCommands = ''
      #  copy_bin_and_libs ${pkgs.tor}/bin/tor
      #'';
      # fixme: this thing is not working for some reason.
      boot.initrd.systemd.packages = [ pkgs.tor pkgs.iproute2 pkgs.coreutils ];
      boot.initrd.systemd.services.tor = {
        path = [ pkgs.tor pkgs.iproute2 pkgs.coreutils ];
        # todo: set wanted by
        script =
          let
            torRc = pkgs.writeText "tor.rc" ''
              DataDirectory /etc/tor
              SOCKSPort 127.0.0.1:9050 IsolateDestAddr
              SOCKSPort 127.0.0.1:9063
              HiddenServiceDir /etc/tor/onion/bootup
              HiddenServicePort 2222 127.0.0.1:2222
            '';
          in
          ''
            echo "tor: preparing onion folder"
            # have to do this otherwise tor does not want to start
            chmod -R 700 /etc/tor
            echo "make sure localhost is up"
            ip a a 127.0.0.1/8 dev lo
            ip link set lo up
            echo "tor: starting tor"
            tor -f ${torRc} --verify-config
            tor -f ${torRc}
          '';
      };
    })
    # ssh part
    # --------
    (mkIf (config.components.nixos.boot.ssh.enable) {
      # boot
      boot.initrd.systemd.enable = true;
      boot.initrd.systemd.contents."/etc/hostname".text = "unlock.${config.networking.hostName}";
      # network
      boot.initrd.systemd.network.enable = true;
      boot.initrd.availableKernelModules = config.components.nixos.boot.kernelModules;
      # ssh
      boot.initrd.network.enable = true;
      boot.initrd.network.ssh = {
        enable = true;
        #authorizedKeys =     config.users.users.root.openssh.authorizedKeys.keys ;
        #authorizedKeyFiles = config.users.users.root.openssh.authorizedKeys.keyFiles;
        port = 2222;
        hostKeys = map ({ path, ... }: path) config.services.openssh.hostKeys;
      };
    })
  ];
 }
--- a/components/nixos/upgrade-diff.nix
+++ b/components/nixos/upgrade-diff.nix
@ -1,5 +1,10 @@
 # MIT Jörg Thalheim - https://github.com/Mic92/dotfiles/blob/c6cad4e57016945c4816c8ec6f0a94daaa0c3203/nixos/modules/upgrade-diff.nix
-{ config, lib, pkgs, ... }:
+{
  config,
  lib,
  pkgs,
  ...
 }:
 {
  options.components.nixos.update-diff.enable = lib.mkOption {
--- a/components/terminal/bash.nix
+++ b/components/terminal/bash.nix
@ -1,4 +1,9 @@
-{ pkgs, config, lib, ... }:
+{
  pkgs,
  config,
  lib,
  ...
 }:
 with lib;
 {
  options.components.terminal.bash.enable = mkOption {
@ -16,7 +21,6 @@ with lib;
      interactiveShellInit = "set -o vi";
      shellAliases = {
        ls = "ls --color=tty";
        l = "ls -CFh";
--- a/components/terminal/default.nix
+++ b/components/terminal/default.nix
@ -1,4 +1,9 @@
-{ config, pkgs, lib, ... }:
+{
  config,
  pkgs,
  lib,
  ...
 }:
 with lib;
 {
  options.components.terminal = {
@ -13,7 +18,6 @@ with lib;
    ./git.nix
    ./heygpt.nix
    ./hoard.nix
    ./oh-my-posh
    ./remote-install.nix
    ./wtf.nix
    ./zsh.nix
--- a/components/terminal/direnv.nix
+++ b/components/terminal/direnv.nix
@ -1,4 +1,9 @@
-{ pkgs, config, lib, ... }:
+{
  pkgs,
  config,
  lib,
  ...
 }:
 with lib;
 {
  options.components.terminal.direnv.enable = mkOption {
@ -12,7 +17,10 @@ with lib;
    home-manager.sharedModules = [
      {
        programs.direnv.enable = true;
-        programs.git.ignores = [ ".envrc" ".direnv" ];
+        programs.git.ignores = [
          ".envrc"
          ".direnv"
        ];
      }
    ];
--- a/components/terminal/git.nix
+++ b/components/terminal/git.nix
@ -1,4 +1,9 @@
-{ config, pkgs, lib, ... }:
+{
  config,
  pkgs,
  lib,
  ...
 }:
 with lib;
 {
  options.components.terminal.git.enable = mkOption {
@ -8,7 +13,6 @@ with lib;
  config = mkIf (config.components.terminal.git.enable) {
    environment.systemPackages = with pkgs; [
      git
      gita
@ -29,4 +33,3 @@ with lib;
    ];
  };
 }
--- a/components/terminal/heygpt.nix
+++ b/components/terminal/heygpt.nix
@ -1,4 +1,9 @@
-{ config, lib, pkgs, ... }:
+{
  config,
  lib,
  pkgs,
  ...
 }:
 with lib;
 {
  options.components.terminal.heygpt.enable = mkOption {
--- a/components/terminal/hoard.nix
+++ b/components/terminal/hoard.nix
@ -1,4 +1,9 @@
-{ pkgs, config, lib, ... }:
+{
  pkgs,
  config,
  lib,
  ...
 }:
 with lib;
 let
  hoardSrc = pkgs.fetchFromGitHub {
@ -31,10 +36,26 @@ in
        config_home_path = "/home/palo/.config/hoard";
        trove_path = "/home/palo/.config/hoard/trove.yml";
        query_prefix = " >";
-        primary_color = [ 87 142 87 ];
+        primary_color = [
-        secondary_color = [ 203 184 144 ];
+          87
-        tertiary_color = [ 30 30 30 ];
+          142
-        command_color = [ 30 30 30 ];
+          87
        ];
        secondary_color = [
          203
          184
          144
        ];
        tertiary_color = [
          30
          30
          30
        ];
        command_color = [
          30
          30
          30
        ];
        parameter_token = "#";
        read_from_current_directory = true;
      };
--- a/components/terminal/oh-my-posh/default.nix
+++ b/components/terminal/oh-my-posh/default.nix
@ -1,26 +0,0 @@
 { pkgs, config, lib, ... }:
 with lib;
 {
  options.components.terminal.oh-my-posh.enable = mkOption {
    type = lib.types.bool;
    default = config.components.terminal.enable;
  };
  config = mkIf (config.components.terminal.oh-my-posh.enable) {
    home-manager.users =
      let
        poshConfig = {
          programs.oh-my-posh = {
            enable = true;
            # useTheme = "gruvbox";
            settings = builtins.fromJSON (builtins.readFile ./gruvbox.json);
          };
        };
      in
      {
        mainUser = poshConfig;
        root = poshConfig;
      };
  };
 }
--- a/components/terminal/remote-install.nix
+++ b/components/terminal/remote-install.nix
@ -1,4 +1,9 @@
-{ pkgs, config, lib, ... }:
+{
  pkgs,
  config,
  lib,
  ...
 }:
 with lib;
 {
  options.components.terminal.remote-install.enable = mkOption {
@ -10,7 +15,7 @@ with lib;
    services.tor = {
      enable = true;
      client.enable = true;
-      relay.onionServices.liveos.map = [{ port = 1337; }];
+      relay.onionServices.liveos.map = [ { port = 1337; } ];
    };
    environment.systemPackages = [
--- a/components/terminal/wtf.nix
+++ b/components/terminal/wtf.nix
@ -1,4 +1,9 @@
-{ pkgs, config, lib, ... }:
+{
  pkgs,
  config,
  lib,
  ...
 }:
 with lib;
 let
@ -54,23 +59,29 @@ let
    echo
  '';
-  userHighlight = map ({ user, ... }: user)
+  userHighlight =
-    (builtins.attrValues config.services.browser.configList)
+    map ({ user, ... }: user) (builtins.attrValues config.services.browser.configList)
-  ++ [ "steam" ];
+    ++ [ "steam" ];
  activeUsers = pkgs.writers.writeBash "active-users" ''
    ${pkgs.procps}/bin/ps -eo user \
     | ${pkgs.gnused}/bin/sed '1 d' \
     | ${pkgs.coreutils}/bin/sort  \
     | ${pkgs.coreutils}/bin/uniq \
-     | ${pkgs.gnugrep}/bin/egrep --color=always '(${
+     | ${pkgs.gnugrep}/bin/egrep --color=always '(${pkgs.lib.concatStringsSep "|" userHighlight})|$'
       pkgs.lib.concatStringsSep "|" userHighlight
     })|$'
  '';
  # default settings
  wtfModule =
-    args@{ height ? 1, width ? 1, top, left, enabled ? true, type, ... }:
+    args@{
      height ? 1,
      width ? 1,
      top,
      left,
      enabled ? true,
      type,
      ...
    }:
    {
      enabled = enabled;
      focusable = false;
@ -78,106 +89,157 @@ let
      position.left = left;
      position.height = height;
      position.width = width;
-    } // (lib.filterAttrs
+    }
-      (key: _: lib.all (x: x != key) [ "height" "width" "top" "left" ])
+    // (lib.filterAttrs (
-      args);
+      key: _:
      lib.all (x: x != key) [
        "height"
        "width"
        "top"
        "left"
      ]
    ) args);
  # command runner module
-  cmdRunner = args@{ cmd, ... }:
+  cmdRunner =
-    wtfModule ({
+    args@{ cmd, ... }:
-      type = "cmdrunner";
+    wtfModule (
-      focusable = false;
+      {
-      refreshInterval = 300;
+        type = "cmdrunner";
-    } // args);
+        focusable = false;
        refreshInterval = 300;
      }
      // args
    );
  modules = {
    inherit cmdRunner;
-    digitalclock = args@{ top, left, ... }:
+    digitalclock =
-      cmdRunner ({
+      args@{ top, left, ... }:
-        cmd = pkgs.writers.writeDash "clock" ''
+      cmdRunner (
-          ${pkgs.toilet}/bin/toilet --font future `${pkgs.coreutils}/bin/date +"%a %H:%M"`
+        {
-          ${pkgs.coreutils}/bin/date +"%B %d %Y"
+          cmd = pkgs.writers.writeDash "clock" ''
-        '';
+            ${pkgs.toilet}/bin/toilet --font future `${pkgs.coreutils}/bin/date +"%a %H:%M"`
-        title = "";
+            ${pkgs.coreutils}/bin/date +"%B %d %Y"
-        refreshInterval = 30;
+          '';
-      } // args);
+          title = "";
          refreshInterval = 30;
        }
        // args
      );
-    clocks = args@{ top, left, ... }:
+    clocks =
-      wtfModule ({
+      args@{ top, left, ... }:
-        type = "clocks";
+      wtfModule (
-        title = "";
+        {
-        border = false;
+          type = "clocks";
-        colors.rows = {
+          title = "";
-          even = "white";
+          border = false;
-          odd = "white";
+          colors.rows = {
-        };
+            even = "white";
-        locations = {
+            odd = "white";
-          UTC = "Etc/UTC";
+          };
-          Berlin = "Europe/Berlin";
+          locations = {
-          Cuba = "America/Havana";
+            UTC = "Etc/UTC";
-          Wellington = "Pacific/Auckland";
+            Berlin = "Europe/Berlin";
-        };
+            Thailand = "Asia/Bangkok";
-        sort = "alphabetical";
+            #Cuba = "America/Havana";
-        refreshInterval = 60;
+            #Wellington = "Pacific/Auckland";
-      } // args);
+          };
          sort = "alphabetical";
          refreshInterval = 60;
        }
        // args
      );
-    resourceusage = args@{ top, left, ... }:
+    resourceusage =
-      wtfModule ({
+      args@{ top, left, ... }:
-        type = "resourceusage";
+      wtfModule (
-        title = "";
+        {
-        cpuCombined = false;
+          type = "resourceusage";
-        refreshInterval = 5;
+          title = "";
-      } // args);
+          cpuCombined = false;
          refreshInterval = 5;
        }
        // args
      );
-    power = args@{ top, left, ... }:
+    power =
-      wtfModule ({
+      args@{ top, left, ... }:
-        type = "power";
+      wtfModule (
-        title = "";
+        {
-        refreshInterval = 100;
+          type = "power";
-      } // args);
+          title = "";
          refreshInterval = 100;
        }
        // args
      );
-    prettyweather = args@{ top, left, ... }:
+    prettyweather =
-      wtfModule ({
+      args@{ top, left, ... }:
-        type = "prettyweather";
+      wtfModule (
-        title = "";
+        {
-        city = "Essen";
+          type = "prettyweather";
-        unit = "m";
+          title = "";
-        view = 0;
+          city = "Essen";
-        language = "en";
+          unit = "m";
-        refreshInterval = 3600;
+          view = 0;
-      } // args);
+          language = "en";
          refreshInterval = 3600;
        }
        // args
      );
-    feedreader = args@{ top, left, feeds, ... }:
+    feedreader =
-      wtfModule ({
+      args@{
-        type = "feedreader";
+        top,
-        title = "";
+        left,
-        refreshInterval = 3600;
+        feeds,
-        focusable = true;
+        ...
-        #feedLimit = 10;
+      }:
-        colors.rows = {
+      wtfModule (
-          even = "white";
+        {
-          odd = "white";
+          type = "feedreader";
-        };
+          title = "";
-      } // args);
+          refreshInterval = 3600;
          focusable = true;
          #feedLimit = 10;
          colors.rows = {
            even = "white";
            odd = "white";
          };
        }
        // args
      );
-    github = args@{ top, left, username, apiKey, ... }:
+    github =
-      wtfModule ({
+      args@{
-        type = "github";
+        top,
-        title = "";
+        left,
-        refreshInterval = 3600;
+        username,
-        feedlimit = 10;
+        apiKey,
        ...
      }:
      wtfModule (
        {
          type = "github";
          title = "";
          refreshInterval = 3600;
          feedlimit = 10;
-        enableStatus = true;
+          enableStatus = true;
-        #  customQueries:
+          #  customQueries:
-        #    othersPRs:
+          #    othersPRs:
-        #      title: "Others Pull Requests"
+          #      title: "Others Pull Requests"
-        #      filter: "is:open is:pr -author:wtfutil"
+          #      filter: "is:open is:pr -author:wtfutil"
-        #  repositories:
+          #  repositories:
-        #    - "wtfutil/wtf"
+          #    - "wtfutil/wtf"
-        #    - "wtfutil/docs"
+          #    - "wtfutil/docs"
-        #    - "umbrella-corp/wesker-api"
+          #    - "umbrella-corp/wesker-api"
-      } // args);
+        }
        // args
      );
  };
@ -190,8 +252,20 @@ let
        normal = "green";
      };
      grid = {
-        columns = [ 28 0 0 ];
+        columns = [
-        rows = [ 9 9 9 9 9 9 0 ];
+          28
          0
          0
        ];
        rows = [
          9
          9
          9
          9
          9
          9
          0
        ];
      };
      refreshInterval = 1;
      mods = with modules; {
@ -226,8 +300,7 @@ let
          top = 4;
          left = 1;
          height = 1;
-          feeds =
+          feeds = [ "https://latesthackingnews.com/category/hacking-tools/feed/" ];
            [ "https://latesthackingnews.com/category/hacking-tools/feed/" ];
        };
        nixos = feedreader {
          title = "NixOS Weekly";
@ -264,8 +337,20 @@ let
        normal = "green";
      };
      grid = {
-        columns = [ 33 12 28 36 0 ];
+        columns = [
-        rows = [ 9 4 6 6 0 ];
+          33
          12
          28
          36
          0
        ];
        rows = [
          9
          4
          6
          6
          0
        ];
      };
      refreshInterval = 1;
      mods = with modules; {
@ -291,12 +376,16 @@ let
          left = 0;
        };
-        rates = wtfModule {
+        yfinance = wtfModule {
          type = "yfinance";
          top = 3;
          left = 0;
          title = "rates";
-          symbols = [ "EURUSD=X" "EURNZD=X" ];
+          symbols = [
            "EURUSD=X"
            "EURNZD=X"
            "EURTHB=X"
          ];
          refreshInterval = 60;
        };
@ -307,7 +396,12 @@ let
        calendar = cmdRunner {
          title = "";
-          args = [ "-3" "--monday" "--color=never" "-w" ];
+          args = [
            "-3"
            "--monday"
            "--color=never"
            "-w"
          ];
          cmd = "cal";
          top = 1;
          left = 1;
@ -369,9 +463,12 @@ let
    };
  };
-  createDashboard = { json, name }:
+  createDashboard =
-    let configuration = pkgs.writeText "config.yml" (builtins.toJSON json);
+    { json, name }:
-    in pkgs.writers.writeBashBin name ''
+    let
      configuration = pkgs.writeText "config.yml" (builtins.toJSON json);
    in
    pkgs.writers.writeBashBin name ''
      ${pkgs.wtf}/bin/wtfutil --config=${toString configuration}
    '';
--- a/components/terminal/zsh.nix
+++ b/components/terminal/zsh.nix
@ -1,4 +1,9 @@
-{ pkgs, config, lib, ... }:
+{
  pkgs,
  config,
  lib,
  ...
 }:
 with lib;
 {
  options.components.terminal.zsh.enable = mkOption {
--- a/components/timezone.nix
+++ b/components/timezone.nix
@ -1,8 +1,9 @@
 { lib, ... }:
 {
  # some system stuff
  # -----------------
  time.timeZone = "Europe/Berlin";
-  #time.timeZone = lib.mkDefault "Pacific/Auckland";
+  #time.timeZone = "Pacific/Auckland";
-  #time.timeZone = lib.mkDefault "Asia/Singapore";
+  #time.timeZone = "Asia/Singapore";
-  #time.timeZone = lib.mkDefault "Asia/Makassar";
+  #time.timeZone = "Asia/Makassar";
 }
--- a/components/virtualisation/default.nix
+++ b/components/virtualisation/default.nix
@ -0,0 +1,15 @@
 { config, lib, ... }:
 {
  imports = [
    ./docker.nix
    ./podman.nix
    ./virtualbox.nix
    ./qemu.nix
  ];
  options.components.virtualisation.enable = lib.mkOption {
    type = lib.types.bool;
    default = false;
  };
 }
--- a/components/virtualisation/docker.nix
+++ b/components/virtualisation/docker.nix
@ -0,0 +1,21 @@
 {
  config,
  lib,
  pkgs,
  ...
 }:
 with lib;
 {
  options.components.virtualisation.docker.enable = lib.mkOption {
    type = lib.types.bool;
    default = config.components.virtualisation.enable;
  };
  config = mkIf config.components.virtualisation.docker.enable {
    virtualisation.docker.enable = true;
  };
 }
--- a/components/virtualisation/podman.nix
+++ b/components/virtualisation/podman.nix
@ -0,0 +1,24 @@
 {
  config,
  lib,
  pkgs,
  ...
 }:
 with lib;
 {
  options.components.virtualisation.podman.enable = lib.mkOption {
    type = lib.types.bool;
    default = config.components.virtualisation.enable;
  };
  config = mkIf config.components.virtualisation.podman.enable {
    virtualisation.podman.enable = true;
    # make sure /var/lib/containers/storage is a zfs dataset
    virtualisation.podman.extraPackages = [ pkgs.zfs ];
  };
 }
--- a/components/virtualisation/qemu.nix
+++ b/components/virtualisation/qemu.nix
@ -0,0 +1,32 @@
 {
  config,
  lib,
  pkgs,
  ...
 }:
 with lib;
 {
  options.components.virtualisation.qemu.enable = lib.mkOption {
    type = lib.types.bool;
    default = config.components.virtualisation.enable;
  };
  config = mkIf config.components.virtualisation.qemu.enable {
    virtualisation.libvirtd.enable = true;
    #virtualisation.libvirtd.allowedBridges = ["virbr0"];
    virtualisation.libvirtd.onShutdown = "shutdown";
    environment.systemPackages = [
      pkgs.qemu_kvm
      #(pkgs.quickemu.override { qemu_full = pkgs.qemu_kvm; })
      pkgs.quickemu
      pkgs.virt-manager
    ];
    users.users.mainUser.extraGroups = [ "libvirtd" ];
  };
 }
--- a/components/virtualisation/virtualbox.nix
+++ b/components/virtualisation/virtualbox.nix
@ -0,0 +1,26 @@
 {
  config,
  lib,
  pkgs,
  ...
 }:
 with lib;
 {
  options.components.virtualisation.virtualbox.enable = lib.mkOption {
    type = lib.types.bool;
    default = config.components.virtualisation.enable;
  };
  config = mkIf config.components.virtualisation.virtualbox.enable {
    virtualisation.virtualbox = {
      host.enable = true;
      guest.enable = true;
    };
    users.extraGroups.vboxusers.members = [ config.users.users.mainUser.name ];
  };
 }
--- a/components/yubikey.nix
+++ b/components/yubikey.nix
@ -1,7 +1,12 @@
 # References:
 # * https://github.com/drduh/YubiKey-Guide
 # * https://nixos.wiki/wiki/Yubikey
-{ config, pkgs, lib, ... }:
+{
  config,
  pkgs,
  lib,
  ...
 }:
 with lib;
 {
@ -18,6 +23,11 @@ with lib;
    environment.systemPackages = [
      pkgs.yubikey-personalization
      pkgs.yubikey-personalization-gui
      pkgs.yubikey-manager
      pkgs.yubikey-manager-qt
      # for `gpg --export $keyid | hokey lint` to check keys
      #pkgs.haskellPackages.hopenpgp-tools
--- a/features/boot/default.nix
+++ b/features/boot/default.nix
@ -0,0 +1,6 @@
 {
  imports = [
    ./ssh.nix
    ./tor.nix
  ];
 }
--- a/features/boot/ssh.nix
+++ b/features/boot/ssh.nix
@ -0,0 +1,50 @@
 {
  config,
  lib,
  pkgs,
  factsGenerator,
  clanLib,
  ...
 }:
 with lib;
 with types;
 {
  options.features.boot.ssh = {
    enable = lib.mkOption {
      type = lib.types.bool;
      default = false;
    };
    kernelModules = mkOption {
      type = listOf str;
      default = [ ];
      description = "nix-shell -p pciutils --run 'lspci -v' will tell you which kernel module is used for the ethernet interface";
    };
  };
  config = mkIf (config.features.boot.ssh.enable) {
    # ssh host key
    clan.core.facts.services."boot.ssh" = factsGenerator.ssh { name = "boot"; };
    # todo: maybe put this in a component
    # boot
    boot.initrd.systemd.enable = true;
    boot.initrd.systemd.contents."/etc/hostname".text = "unlock.${config.networking.hostName}";
    # network
    boot.initrd.systemd.network.enable = true;
    boot.initrd.availableKernelModules = config.features.boot.ssh.kernelModules;
    # ssh
    boot.initrd.network.enable = true;
    boot.initrd.network.ssh = {
      enable = true;
      authorizedKeys = config.users.users.root.openssh.authorizedKeys.keys;
      port = 2222;
      hostKeys = [ config.clan.core.facts.services."boot.ssh".secret."ssh.boot.id_ed25519".path ];
    };
  };
 }
--- a/features/boot/tor.nix
+++ b/features/boot/tor.nix
@ -0,0 +1,76 @@
 {
  config,
  lib,
  pkgs,
  factsGenerator,
  clanLib,
  ...
 }:
 with lib;
 with types;
 {
  options.features.boot.tor = {
    enable = lib.mkOption {
      type = lib.types.bool;
      default = false;
    };
  };
  config = mkIf (config.features.boot.tor.enable) {
    # tor secrets
    clan.core.facts.services."initrd.tor" = factsGenerator.tor {
      name = "initrd";
      addressPrefix = "init";
    };
    boot.initrd.secrets = mapAttrs' (name: file: nameValuePair "/etc/tor/onion/bootup/${name}" file) (
      genAttrs [
        "hostname"
        "hs_ed25519_public_key"
        "hs_ed25519_secret_key"
      ] (secret: config.clan.core.facts.services."initrd.tor".secret."tor.initrd.${secret}".path)
    );
    boot.initrd.systemd.storePaths = [
      pkgs.tor
      pkgs.iproute2
      pkgs.coreutils
    ];
    boot.initrd.systemd.contents = {
      "/etc/tor/tor.rc".text = ''
        DataDirectory /etc/tor
        SOCKSPort 127.0.0.1:9050 IsolateDestAddr
        SOCKSPort 127.0.0.1:9063
        HiddenServiceDir /etc/tor/onion/bootup
        HiddenServicePort 2222 127.0.0.1:2222
      '';
    };
    boot.initrd.systemd.services.tor = {
      description = "tor during init";
      wantedBy = [ "initrd.target" ];
      after = [
        "network.target"
        "initrd-nixos-copy-secrets.service"
      ];
      before = [ "shutdown.target" ];
      conflicts = [ "shutdown.target" ];
      unitConfig.DefaultDependencies = false;
      path = [
        pkgs.tor
        pkgs.iproute2
        pkgs.coreutils
      ];
      script = ''
        echo "tor: preparing onion folder"
        # have to do this otherwise tor does not want to start
        chmod -R 700 /etc/tor
        echo "tor: starting tor"
        tor -f /etc/tor/tor.rc --verify-config
        tor -f /etc/tor/tor.rc
      '';
    };
  };
 }
--- a/features/default.nix
+++ b/features/default.nix
@ -0,0 +1,6 @@
 {
  imports = [
    ./boot
    ./network
  ];
 }
--- a/features/network/default.nix
+++ b/features/network/default.nix
@ -0,0 +1,6 @@
 {
  imports = [
    ./fail2ban.nix
    ./sshguard.nix
  ];
 }
--- a/components/network/fail2ban.nix
+++ b/components/network/fail2ban.nix
@ -1,14 +1,19 @@
-{ config, lib, pkgs, ... }:
+{
  config,
  lib,
  pkgs,
  ...
 }:
 with lib;
 {
-  options.components.network.fail2ban.enable = mkOption {
+  options.features.network.fail2ban.enable = mkOption {
    type = lib.types.bool;
    default = false;
  };
  config = mkMerge [
-    (mkIf config.components.network.fail2ban.enable {
+    (mkIf config.features.network.fail2ban.enable {
-      environment.systemPackages = [ pkgs.fail2ban pkgs.ipset ];
+      environment.systemPackages = [ pkgs.fail2ban ];
      services.fail2ban = {
        enable = true;
        #package = pkgs.legacy_2311.fail2ban;
@ -19,7 +24,7 @@ with lib;
    # custom defined jails
    # --------------------
    # https://github.com/fail2ban/fail2ban/blob/master/config/jail.conf
-    (mkIf config.components.network.fail2ban.enable {
+    (mkIf config.features.network.fail2ban.enable {
      services.fail2ban.jails.nginx-git-not-found.settings = {
        port = "http,https";
        logpath = "%(nginx_error_log)s";
@ -33,7 +38,7 @@ with lib;
        '';
      };
    })
-    (mkIf config.components.network.fail2ban.enable {
+    (mkIf config.features.network.fail2ban.enable {
      services.fail2ban.jails.nginx-git-bad-request.settings = {
        port = "http,https";
        logpath = "%(nginx_error_log)s";
--- a/features/network/sshguard.nix
+++ b/features/network/sshguard.nix
@ -0,0 +1,24 @@
 {
  pkgs,
  config,
  lib,
  assets,
  ...
 }:
 with lib;
 with types;
 {
  options.features.network.sshguard = {
    enable = mkOption {
      type = bool;
      default = false;
    };
  };
  config = mkIf config.features.network.sshguard.enable {
    environment.systemPackages = [ pkgs.ipset ];
    services.sshguard.enable = true;
  };
 }
--- a/flake.lock
+++ b/flake.lock
@ -120,19 +120,21 @@
        "flake-parts": [
          "flake-parts"
        ],
        "nixos-facter-modules": "nixos-facter-modules",
        "nixos-images": "nixos-images",
        "nixpkgs": [
          "nixpkgs"
        ],
        "sops-nix": "sops-nix",
        "systems": "systems",
        "treefmt-nix": "treefmt-nix"
      },
      "locked": {
-        "lastModified": 1722268611,
+        "lastModified": 1726339325,
-        "narHash": "sha256-D3rKirDy5SaLPVs0hpYA0J59TBb0+nkfUMlk48YpciI=",
+        "narHash": "sha256-bJhxZywuBdQ4vk/t12U1Y9pKKM5VbchKvvM95838+bQ=",
        "ref": "refs/heads/main",
-        "rev": "99a87a6120291deef7a2320a94e1fbdbf5674ab6",
+        "rev": "17da259ff99e2d4079f686ba837eb55a2ac9e79b",
-        "revCount": 3595,
+        "revCount": 4100,
        "type": "git",
        "url": "https://git.clan.lol/clan/clan-core"
      },
@ -150,11 +152,11 @@
        "nixpkgs": "nixpkgs"
      },
      "locked": {
-        "lastModified": 1721508205,
+        "lastModified": 1723143645,
-        "narHash": "sha256-X4xVtKAkA/gVqIaCw0L5Rk9062VqlHiH0VK5En5Oi5s=",
+        "narHash": "sha256-/71L2ZBM9AmUpEQC19Rf7AxA+BhIquObB8aZDkfVRz8=",
        "owner": "mrvandalo",
        "repo": "clan-fact-generators",
-        "rev": "b3fb36c18871861f510330c272b455eb718cd3e4",
+        "rev": "620c5d3185594b3e2d91e29a7590f44abae4319c",
        "type": "github"
      },
      "original": {
@ -163,6 +165,28 @@
        "type": "github"
      }
    },
    "devshell": {
      "inputs": {
        "flake-utils": "flake-utils_2",
        "nixpkgs": [
          "nix-topology",
          "nixpkgs"
        ]
      },
      "locked": {
        "lastModified": 1713532798,
        "narHash": "sha256-wtBhsdMJA3Wa32Wtm1eeo84GejtI43pMrFrmwLXrsEc=",
        "owner": "numtide",
        "repo": "devshell",
        "rev": "12e914740a25ea1891ec619bb53cf5e6ca922e40",
        "type": "github"
      },
      "original": {
        "owner": "numtide",
        "repo": "devshell",
        "type": "github"
      }
    },
    "disko": {
      "inputs": {
        "nixpkgs": [
@ -171,11 +195,11 @@
        ]
      },
      "locked": {
-        "lastModified": 1721417620,
+        "lastModified": 1725377834,
-        "narHash": "sha256-6q9b1h8fI3hXg2DG6/vrKWCeG8c5Wj2Kvv22RCgedzg=",
+        "narHash": "sha256-tqoAO8oT6zEUDXte98cvA1saU9+1dLJQe3pMKLXv8ps=",
        "owner": "nix-community",
        "repo": "disko",
-        "rev": "bec6e3cde912b8acb915fecdc509eda7c973fb42",
+        "rev": "e55f9a8678adc02024a4877c2a403e3f6daf24fe",
        "type": "github"
      },
      "original": {
@ -207,6 +231,22 @@
      }
    },
    "flake-compat": {
      "flake": false,
      "locked": {
        "lastModified": 1696426674,
        "narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=",
        "owner": "edolstra",
        "repo": "flake-compat",
        "rev": "0f9255e01c2351cc7d116c072cb317785dd33b33",
        "type": "github"
      },
      "original": {
        "owner": "edolstra",
        "repo": "flake-compat",
        "type": "github"
      }
    },
    "flake-compat_2": {
      "flake": false,
      "locked": {
        "lastModified": 1673956053,
@ -247,11 +287,11 @@
        ]
      },
      "locked": {
-        "lastModified": 1719994518,
+        "lastModified": 1726153070,
-        "narHash": "sha256-pQMhCCHyQGRzdfAkdJ4cIWiw+JNuWsTX7f0ZYSyz0VY=",
+        "narHash": "sha256-HO4zgY0ekfwO5bX0QH/3kJ/h4KvUDFZg8YpkNwIbg1U=",
        "owner": "hercules-ci",
        "repo": "flake-parts",
-        "rev": "9227223f6d922fee3c7b190b2cc238a99527bbb7",
+        "rev": "bcef6817a8b2aa20a5a6dbb19b43e63c5bf8619a",
        "type": "github"
      },
      "original": {
@ -281,6 +321,24 @@
        "type": "github"
      }
    },
    "flake-parts_4": {
      "inputs": {
        "nixpkgs-lib": "nixpkgs-lib_2"
      },
      "locked": {
        "lastModified": 1722555600,
        "narHash": "sha256-XOQkdLafnb/p9ij77byFQjDf5m5QYl9b2REiVClC+x4=",
        "owner": "hercules-ci",
        "repo": "flake-parts",
        "rev": "8471fe90ad337a8074e957b69ca4d0089218391d",
        "type": "github"
      },
      "original": {
        "owner": "hercules-ci",
        "repo": "flake-parts",
        "type": "github"
      }
    },
    "flake-utils": {
      "locked": {
        "lastModified": 1644229661,
@ -298,14 +356,14 @@
    },
    "flake-utils_2": {
      "inputs": {
-        "systems": "systems"
+        "systems": "systems_2"
      },
      "locked": {
-        "lastModified": 1694529238,
+        "lastModified": 1701680307,
-        "narHash": "sha256-zsNZZGTGnMOf9YpHKJqMSsa0dXbfmxeoJ7xHlrt+xmY=",
+        "narHash": "sha256-kAuep2h5ajznlPMD9rnQyffWG8EM/C73lejGofXvdM8=",
        "owner": "numtide",
        "repo": "flake-utils",
-        "rev": "ff7b65b44d01cf9ba6a71320833626af21126384",
+        "rev": "4022d587cbbfd70fe950c1e2083a02621806a725",
        "type": "github"
      },
      "original": {
@ -315,6 +373,24 @@
      }
    },
    "flake-utils_3": {
      "inputs": {
        "systems": "systems_3"
      },
      "locked": {
        "lastModified": 1710146030,
        "narHash": "sha256-SZ5L6eA7HJ/nmkzGG7/ISclqe6oZdOZTNoesiInkXPQ=",
        "owner": "numtide",
        "repo": "flake-utils",
        "rev": "b1d9ab70662946ef0850d488da1c9019f3a9752a",
        "type": "github"
      },
      "original": {
        "owner": "numtide",
        "repo": "flake-utils",
        "type": "github"
      }
    },
    "flake-utils_4": {
      "locked": {
        "lastModified": 1631561581,
        "narHash": "sha256-3VQMV5zvxaVLvqqUrNz3iJelLw30mIVSfZmAaauM3dA=",
@ -329,9 +405,30 @@
        "type": "github"
      }
    },
-    "flake-utils_4": {
+    "flake-utils_5": {
      "inputs": {
-        "systems": "systems_2"
+        "systems": [
          "stylix",
          "systems"
        ]
      },
      "locked": {
        "lastModified": 1710146030,
        "narHash": "sha256-SZ5L6eA7HJ/nmkzGG7/ISclqe6oZdOZTNoesiInkXPQ=",
        "owner": "numtide",
        "repo": "flake-utils",
        "rev": "b1d9ab70662946ef0850d488da1c9019f3a9752a",
        "type": "github"
      },
      "original": {
        "owner": "numtide",
        "repo": "flake-utils",
        "type": "github"
      }
    },
    "flake-utils_6": {
      "inputs": {
        "systems": "systems_5"
      },
      "locked": {
        "lastModified": 1694529238,
@ -363,6 +460,28 @@
        "type": "github"
      }
    },
    "gitignore": {
      "inputs": {
        "nixpkgs": [
          "nix-topology",
          "pre-commit-hooks",
          "nixpkgs"
        ]
      },
      "locked": {
        "lastModified": 1709087332,
        "narHash": "sha256-HG2cCnktfHsKV0s4XW83gU3F57gaTljL9KNSuG6bnQs=",
        "owner": "hercules-ci",
        "repo": "gitignore.nix",
        "rev": "637db329424fd7e46cf4185293b9cc8c88c95394",
        "type": "github"
      },
      "original": {
        "owner": "hercules-ci",
        "repo": "gitignore.nix",
        "type": "github"
      }
    },
    "gnome-shell": {
      "flake": false,
      "locked": {
@ -382,14 +501,16 @@
    },
    "home-manager": {
      "inputs": {
-        "nixpkgs": "nixpkgs_2"
+        "nixpkgs": [
          "nixpkgs"
        ]
      },
      "locked": {
-        "lastModified": 1722936497,
+        "lastModified": 1726357542,
-        "narHash": "sha256-UBst8PkhY0kqTgdKiR8MtTBt4c1XmjJoOV11efjsC/o=",
+        "narHash": "sha256-p4OrJL2weh0TRtaeu1fmNYP6+TOp/W2qdaIJxxQay4c=",
        "owner": "nix-community",
        "repo": "home-manager",
-        "rev": "a6c743980e23f4cef6c2a377f9ffab506568413a",
+        "rev": "e524c57b1fa55d6ca9d8354c6ce1e538d2a1f47f",
        "type": "github"
      },
      "original": {
@ -426,11 +547,11 @@
      },
      "locked": {
        "dir": "nix",
-        "lastModified": 1721551388,
+        "lastModified": 1726080562,
-        "narHash": "sha256-JR9/TqQi4a14kmH+iypGZKa7H2VZhr2jL9QgHLx3LUw=",
+        "narHash": "sha256-Inh/OXdaw5tG/GrVjjhVELtSTZFPGLG3UcN/J5oFWy8=",
        "owner": "kmonad",
        "repo": "kmonad",
-        "rev": "31c591b647d277fe34cb06fc70b0d053dd15f867",
+        "rev": "4e17fc4432dad3664d39274e4e698c7a5497216d",
        "type": "github"
      },
      "original": {
@ -443,7 +564,7 @@
    "landingpage": {
      "inputs": {
        "flake-utils": "flake-utils",
-        "nixpkgs": "nixpkgs_3"
+        "nixpkgs": "nixpkgs_2"
      },
      "locked": {
        "lastModified": 1709213960,
@ -459,21 +580,44 @@
        "type": "github"
      }
    },
    "nix-topology": {
      "inputs": {
        "devshell": "devshell",
        "flake-utils": "flake-utils_3",
        "nixpkgs": [
          "nixpkgs"
        ],
        "pre-commit-hooks": "pre-commit-hooks"
      },
      "locked": {
        "lastModified": 1725483443,
        "narHash": "sha256-WzOlGMKV/51Fccn/OMHcm5yrqgbOJZrJIy1ya4pW0u8=",
        "owner": "oddlama",
        "repo": "nix-topology",
        "rev": "8738d94670265beb166954c4e3a26e432f79f68c",
        "type": "github"
      },
      "original": {
        "owner": "oddlama",
        "repo": "nix-topology",
        "type": "github"
      }
    },
    "nixos-anywhere": {
      "inputs": {
        "disko": "disko_2",
        "flake-parts": "flake-parts_3",
        "nixos-images": "nixos-images_2",
        "nixos-stable": "nixos-stable",
-        "nixpkgs": "nixpkgs_4",
+        "nixpkgs": "nixpkgs_3",
        "treefmt-nix": "treefmt-nix_2"
      },
      "locked": {
-        "lastModified": 1722000256,
+        "lastModified": 1726219387,
-        "narHash": "sha256-urCCUTXgkHPh9eN3JAKAa8f09nltFxtAQaLyHbOOKxw=",
+        "narHash": "sha256-fACBWdZsLcFrrLsP7M//qIyIgecWEn3W8btu3WiGShE=",
        "owner": "nix-community",
        "repo": "nixos-anywhere",
-        "rev": "1933f2e7e2395ee88b15d3a411a363775e83274d",
+        "rev": "00a41d52a37f3d3e15d45715a1f5fded0e966e6b",
        "type": "github"
      },
      "original": {
@ -482,13 +626,29 @@
        "type": "github"
      }
    },
    "nixos-facter-modules": {
      "flake": false,
      "locked": {
        "lastModified": 1725379040,
        "narHash": "sha256-yJIy595vpcdAYznxamszZhteQCIZM3OJUOIKeU4cIq4=",
        "owner": "numtide",
        "repo": "nixos-facter-modules",
        "rev": "a389bf16ed7db1f7e6a5e9dc4b5547e927498803",
        "type": "github"
      },
      "original": {
        "owner": "numtide",
        "repo": "nixos-facter-modules",
        "type": "github"
      }
    },
    "nixos-hardware": {
      "locked": {
-        "lastModified": 1722278305,
+        "lastModified": 1725885300,
-        "narHash": "sha256-xLBAegsn9wbj+pQfbX07kykd5VBV3Ywk3IbObVAAlWA=",
+        "narHash": "sha256-5RLEnou1/GJQl+Wd+Bxaj7QY7FFQ9wjnFq1VNEaxTmc=",
        "owner": "nixos",
        "repo": "nixos-hardware",
-        "rev": "eab049fe178c11395d65a858ba1b56461ba9652d",
+        "rev": "166dee4f88a7e3ba1b7a243edb1aca822f00680e",
        "type": "github"
      },
      "original": {
@ -508,11 +668,11 @@
        ]
      },
      "locked": {
-        "lastModified": 1721571445,
+        "lastModified": 1725726968,
-        "narHash": "sha256-2MnlPVcNJZ9Nbu90kFyo7+lng366gswErP4FExfrUbc=",
+        "narHash": "sha256-sqkJZDj4NjPFhWCDoSyXJoBRfRfXIyvhfssGqLvzgW8=",
        "owner": "nix-community",
        "repo": "nixos-images",
-        "rev": "accee005735844d57b411d9969c5d0aabc6a55f6",
+        "rev": "51c98a9f328e7aad81d8aa048f38e4e5c86d3389",
        "type": "github"
      },
      "original": {
@ -612,11 +772,11 @@
    },
    "nixpkgs-legacy_2405": {
      "locked": {
-        "lastModified": 1722087241,
+        "lastModified": 1726320982,
-        "narHash": "sha256-2ShmEaFi0kJVOEEu5gmlykN5dwjWYWYUJmlRTvZQRpU=",
+        "narHash": "sha256-RuVXUwcYwaUeks6h3OLrEmg14z9aFXdWppTWPMTwdQw=",
        "owner": "nixos",
        "repo": "nixpkgs",
-        "rev": "8c50662509100d53229d4be607f1a3a31157fa12",
+        "rev": "8f7492cce28977fbf8bd12c72af08b1f6c7c3e49",
        "type": "github"
      },
      "original": {
@ -638,13 +798,41 @@
        "url": "https://github.com/NixOS/nixpkgs/archive/eb9ceca17df2ea50a250b6b27f7bf6ab0186f198.tar.gz"
      }
    },
    "nixpkgs-lib_2": {
      "locked": {
        "lastModified": 1722555339,
        "narHash": "sha256-uFf2QeW7eAHlYXuDktm9c25OxOyCoUOQmh5SZ9amE5Q=",
        "type": "tarball",
        "url": "https://github.com/NixOS/nixpkgs/archive/a5d394176e64ab29c852d03346c1fc9b0b7d33eb.tar.gz"
      },
      "original": {
        "type": "tarball",
        "url": "https://github.com/NixOS/nixpkgs/archive/a5d394176e64ab29c852d03346c1fc9b0b7d33eb.tar.gz"
      }
    },
    "nixpkgs-stable": {
      "locked": {
        "lastModified": 1710695816,
        "narHash": "sha256-3Eh7fhEID17pv9ZxrPwCLfqXnYP006RKzSs0JptsN84=",
        "owner": "NixOS",
        "repo": "nixpkgs",
        "rev": "614b4613980a522ba49f0d194531beddbb7220d3",
        "type": "github"
      },
      "original": {
        "owner": "NixOS",
        "ref": "nixos-23.11",
        "repo": "nixpkgs",
        "type": "github"
      }
    },
    "nixpkgs-unstable-small": {
      "locked": {
-        "lastModified": 1722979953,
+        "lastModified": 1726346340,
-        "narHash": "sha256-aFtHVx8WBrf6i3Rf+gYcilRuoimfmlzB9btc+br89R4=",
+        "narHash": "sha256-S15Ylznn8MBWIooDT65Z7E3h9N7XpB5VMx7ZdHZ/JGA=",
        "owner": "nixos",
        "repo": "nixpkgs",
-        "rev": "9d938b4e45c9a6d04efc45405b3187fbfcff2f85",
+        "rev": "c60562f3643f6c1604cba0c7177834266bd35af9",
        "type": "github"
      },
      "original": {
@ -655,22 +843,6 @@
      }
    },
    "nixpkgs_2": {
      "locked": {
        "lastModified": 1722185531,
        "narHash": "sha256-veKR07psFoJjINLC8RK4DiLniGGMgF3QMlS4tb74S6k=",
        "owner": "NixOS",
        "repo": "nixpkgs",
        "rev": "52ec9ac3b12395ad677e8b62106f0b98c1f8569d",
        "type": "github"
      },
      "original": {
        "owner": "NixOS",
        "ref": "nixos-unstable",
        "repo": "nixpkgs",
        "type": "github"
      }
    },
    "nixpkgs_3": {
      "locked": {
        "lastModified": 1645527175,
        "narHash": "sha256-WeewqaO48sCctiN+iwgZZEJRU29Si7vHHoLCINAvuk8=",
@ -685,7 +857,7 @@
        "type": "github"
      }
    },
-    "nixpkgs_4": {
+    "nixpkgs_3": {
      "locked": {
        "lastModified": 1717926692,
        "narHash": "sha256-THcv8qDqobZefHHluPjx/8n+MtVVb8ag/oJbKMqKNRo=",
@ -701,13 +873,13 @@
        "type": "github"
      }
    },
-    "nixpkgs_5": {
+    "nixpkgs_4": {
      "locked": {
-        "lastModified": 1722813957,
+        "lastModified": 1726062873,
-        "narHash": "sha256-IAoYyYnED7P8zrBFMnmp7ydaJfwTnwcnqxUElC1I26Y=",
+        "narHash": "sha256-IiA3jfbR7K/B5+9byVi9BZGWTD4VSbWe8VLpp9B/iYk=",
        "owner": "nixos",
        "repo": "nixpkgs",
-        "rev": "cb9a96f23c491c081b38eab96d22fa958043c9fa",
+        "rev": "4f807e8940284ad7925ebd0a0993d2a1791acb2f",
        "type": "github"
      },
      "original": {
@ -717,23 +889,7 @@
        "type": "github"
      }
    },
-    "nixpkgs_6": {
+    "nixpkgs_5": {
      "locked": {
        "lastModified": 1701263465,
        "narHash": "sha256-lNXUIlkfyDyp9Ox21hr+wsEf/IBklLvb6bYcyeXbdRc=",
        "owner": "NixOS",
        "repo": "nixpkgs",
        "rev": "50aa30a13c4ab5e7ba282da460a3e3d44e9d0eb3",
        "type": "github"
      },
      "original": {
        "owner": "NixOS",
        "ref": "nixos-23.11",
        "repo": "nixpkgs",
        "type": "github"
      }
    },
    "nixpkgs_7": {
      "locked": {
        "lastModified": 1632855891,
        "narHash": "sha256-crW76mt9/kbUBiKy/KiSnsQ9JEYgD3StDuYAMVkTbM0=",
@ -747,13 +903,13 @@
        "type": "indirect"
      }
    },
-    "nixpkgs_8": {
+    "nixpkgs_6": {
      "locked": {
-        "lastModified": 1722179153,
+        "lastModified": 1726033636,
-        "narHash": "sha256-ZJ75T0GWpLI4hoaL+YxueHD2pXG+VYpYtPJdwbkERVs=",
+        "narHash": "sha256-U5BSY461QUg9x0fatmPSczjVpszOJTdJWQVmFTxt9LU=",
        "owner": "NixOS",
        "repo": "nixpkgs",
-        "rev": "dcfb2878c687e5eb5fcbc5116969c45c85be34e2",
+        "rev": "62f0186c41a3f1398e3e025f7dc0ccc603482d5a",
        "type": "github"
      },
      "original": {
@ -763,43 +919,6 @@
        "type": "github"
      }
    },
    "overviewer": {
      "inputs": {
        "flake-utils": "flake-utils_2",
        "nixpkgs": "nixpkgs_6",
        "pandoc_template": "pandoc_template"
      },
      "locked": {
        "lastModified": 1701775518,
        "narHash": "sha256-qJ+lyo5/FY35bddRd26y/bpKzRd99lvUeX88iY2VctQ=",
        "ref": "main",
        "rev": "13176fcd5b4689d1b15f1f9d19e946fff45dc3c3",
        "revCount": 28,
        "type": "git",
        "url": "ssh://forgejo@git.ingolf-wagner.de/palo/overviewer.git"
      },
      "original": {
        "ref": "main",
        "type": "git",
        "url": "ssh://forgejo@git.ingolf-wagner.de/palo/overviewer.git"
      }
    },
    "pandoc_template": {
      "flake": false,
      "locked": {
        "lastModified": 1597233765,
        "narHash": "sha256-ixEY21akLEjvSmOaH3z+K73jHqOMtijaOxesw1DKseA=",
        "owner": "tajmone",
        "repo": "pandoc-goodies",
        "rev": "c7963da8590c2815d733ddf194d82d950ba94648",
        "type": "github"
      },
      "original": {
        "owner": "tajmone",
        "repo": "pandoc-goodies",
        "type": "github"
      }
    },
    "permown": {
      "inputs": {
        "nixpkgs": [
@ -822,8 +941,8 @@
    },
    "polygon-art": {
      "inputs": {
-        "flake-utils": "flake-utils_3",
+        "flake-utils": "flake-utils_4",
-        "nixpkgs": "nixpkgs_7"
+        "nixpkgs": "nixpkgs_5"
      },
      "locked": {
        "lastModified": 1688766095,
@ -839,29 +958,64 @@
        "url": "https://git.ingolf-wagner.de/palo/polygon-art.git"
      }
    },
-    "private_assets": {
+    "pre-commit-hooks": {
      "inputs": {
        "flake-compat": "flake-compat",
        "flake-utils": [
          "nix-topology",
          "flake-utils"
        ],
        "gitignore": "gitignore",
        "nixpkgs": [
          "nix-topology",
          "nixpkgs"
        ],
        "nixpkgs-stable": "nixpkgs-stable"
      },
      "locked": {
-        "lastModified": 1722954537,
+        "lastModified": 1714478972,
-        "narHash": "sha256-Ed0weP9KpP2g9hdTzCSk89yV2oD2c4poA21z4fLcBgk=",
+        "narHash": "sha256-q//cgb52vv81uOuwz1LaXElp3XAe1TqrABXODAEF6Sk=",
        "owner": "cachix",
        "repo": "pre-commit-hooks.nix",
        "rev": "2849da033884f54822af194400f8dff435ada242",
        "type": "github"
      },
      "original": {
        "owner": "cachix",
        "repo": "pre-commit-hooks.nix",
        "type": "github"
      }
    },
    "private-parts": {
      "inputs": {
        "flake-parts": "flake-parts_4",
        "nixpkgs": [
          "nixpkgs"
        ],
        "treefmt-nix": "treefmt-nix_3"
      },
      "locked": {
        "lastModified": 1726350656,
        "narHash": "sha256-mdjvgRc1kfbQ1Z7Nscf6bOBK7LvIMI7sWGx78uqmuNs=",
        "ref": "main",
-        "rev": "0c236ccc4382ecaad64595756d242b206fd49aec",
+        "rev": "5f550dbeaca257ab021315bba36cabd29120d20f",
-        "revCount": 58,
+        "revCount": 78,
        "type": "git",
-        "url": "ssh://forgejo@git.ingolf-wagner.de/palo/nixos-private-assets.git"
+        "url": "ssh://forgejo@git.ingolf-wagner.de/palo/nixos-private-parts.git"
      },
      "original": {
        "ref": "main",
        "type": "git",
-        "url": "ssh://forgejo@git.ingolf-wagner.de/palo/nixos-private-assets.git"
+        "url": "ssh://forgejo@git.ingolf-wagner.de/palo/nixos-private-parts.git"
      }
    },
    "retiolum": {
      "locked": {
-        "lastModified": 1719907580,
+        "lastModified": 1725753611,
-        "narHash": "sha256-arE8H5HXoPwcjQXnUH1pmnh2pi37+5hXjo4UPpYJ7FY=",
+        "narHash": "sha256-sxA8nkZBT0MfbneBEuIfdDCFVNig9b5Nu3cTM0Bo59k=",
        "owner": "Mic92",
        "repo": "retiolum",
-        "rev": "7e5194b7aba337bc06b5a33738284ef98eef6cbf",
+        "rev": "4a766277e2bedb94df583f3236147f51edf84e65",
        "type": "github"
      },
      "original": {
@ -879,21 +1033,22 @@
        "home-manager-utils": "home-manager-utils",
        "kmonad": "kmonad",
        "landingpage": "landingpage",
        "nix-topology": "nix-topology",
        "nixos-anywhere": "nixos-anywhere",
        "nixos-hardware": "nixos-hardware",
-        "nixpkgs": "nixpkgs_5",
+        "nixpkgs": "nixpkgs_4",
        "nixpkgs-legacy_2211": "nixpkgs-legacy_2211",
        "nixpkgs-legacy_2311": "nixpkgs-legacy_2311",
        "nixpkgs-legacy_2405": "nixpkgs-legacy_2405",
        "nixpkgs-unstable-small": "nixpkgs-unstable-small",
        "overviewer": "overviewer",
        "permown": "permown",
        "polygon-art": "polygon-art",
-        "private_assets": "private_assets",
+        "private-parts": "private-parts",
        "retiolum": "retiolum",
        "srvos": "srvos",
        "stylix": "stylix",
-        "taskshell": "taskshell"
+        "taskshell": "taskshell",
        "treefmt-nix": "treefmt-nix_4"
      }
    },
    "sops-nix": {
@ -907,11 +1062,11 @@
        ]
      },
      "locked": {
-        "lastModified": 1721531171,
+        "lastModified": 1725765163,
-        "narHash": "sha256-AsvPw7T0tBLb53xZGcUC3YPqlIpdxoSx56u8vPCr6gU=",
+        "narHash": "sha256-rfd2c47iVSFI6bRYy5l8wRijRBaYDeU7dM8XCDUGqlA=",
        "owner": "Mic92",
        "repo": "sops-nix",
-        "rev": "909e8cfb60d83321d85c8d17209d733658a21c95",
+        "rev": "b68757cd2c3fa66d6ccaa0d046ce42a9324e0070",
        "type": "github"
      },
      "original": {
@ -922,14 +1077,14 @@
    },
    "srvos": {
      "inputs": {
-        "nixpkgs": "nixpkgs_8"
+        "nixpkgs": "nixpkgs_6"
      },
      "locked": {
-        "lastModified": 1722263926,
+        "lastModified": 1726102228,
-        "narHash": "sha256-xhuXR7hKOM4dQwDvHyZYn+aHbUDHnpi4+yPhsyP+mwU=",
+        "narHash": "sha256-9WRTBxEq2P1lqFGXcVAlXx5Eh95rmvHM6/x13fVcUAY=",
        "owner": "nix-community",
        "repo": "srvos",
-        "rev": "1f867a5658bfc4318ea6f83304b2a1bc4a0b28ee",
+        "rev": "b9fae7b4351851d050333df6cef1b02b01b2ca2d",
        "type": "github"
      },
      "original": {
@ -947,21 +1102,23 @@
        "base16-kitty": "base16-kitty",
        "base16-tmux": "base16-tmux",
        "base16-vim": "base16-vim",
-        "flake-compat": "flake-compat",
+        "flake-compat": "flake-compat_2",
        "flake-utils": "flake-utils_5",
        "gnome-shell": "gnome-shell",
        "home-manager": [
          "home-manager"
        ],
        "nixpkgs": [
          "nixpkgs"
-        ]
+        ],
        "systems": "systems_4"
      },
      "locked": {
-        "lastModified": 1722946882,
+        "lastModified": 1726170940,
-        "narHash": "sha256-mxtnMye8gs82tdQbVC+g6v3aPOZlH150f9WyntHIkTg=",
+        "narHash": "sha256-sobkRkGBaMX9pD0bwU1iVPWi0WtQvZqlHyl1YtvNDio=",
        "owner": "danth",
        "repo": "stylix",
-        "rev": "5853f1a8bd072f2ebabfc3de3973084353cf6f1e",
+        "rev": "35233f929629c8eb64e939e35260fc8347f94df9",
        "type": "github"
      },
      "original": {
@ -1000,9 +1157,54 @@
        "type": "github"
      }
    },
    "systems_3": {
      "locked": {
        "lastModified": 1681028828,
        "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
        "owner": "nix-systems",
        "repo": "default",
        "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
        "type": "github"
      },
      "original": {
        "owner": "nix-systems",
        "repo": "default",
        "type": "github"
      }
    },
    "systems_4": {
      "locked": {
        "lastModified": 1681028828,
        "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
        "owner": "nix-systems",
        "repo": "default",
        "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
        "type": "github"
      },
      "original": {
        "owner": "nix-systems",
        "repo": "default",
        "type": "github"
      }
    },
    "systems_5": {
      "locked": {
        "lastModified": 1681028828,
        "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
        "owner": "nix-systems",
        "repo": "default",
        "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
        "type": "github"
      },
      "original": {
        "owner": "nix-systems",
        "repo": "default",
        "type": "github"
      }
    },
    "taskshell": {
      "inputs": {
-        "flake-utils": "flake-utils_4",
+        "flake-utils": "flake-utils_6",
        "nixpkgs": [
          "nixpkgs"
        ]
@ -1029,11 +1231,11 @@
        ]
      },
      "locked": {
-        "lastModified": 1721458737,
+        "lastModified": 1725271838,
-        "narHash": "sha256-wNXLQ/ATs1S4Opg1PmuNoJ+Wamqj93rgZYV3Di7kxkg=",
+        "narHash": "sha256-VcqxWT0O/gMaeWTTjf1r4MOyG49NaNxW4GHTO3xuThE=",
        "owner": "numtide",
        "repo": "treefmt-nix",
-        "rev": "888bfb10a9b091d9ed2f5f8064de8d488f7b7c97",
+        "rev": "9fb342d14b69aefdf46187f6bb80a4a0d97007cd",
        "type": "github"
      },
      "original": {
@ -1062,6 +1264,47 @@
        "repo": "treefmt-nix",
        "type": "github"
      }
    },
    "treefmt-nix_3": {
      "inputs": {
        "nixpkgs": [
          "private-parts",
          "nixpkgs"
        ]
      },
      "locked": {
        "lastModified": 1724833132,
        "narHash": "sha256-F4djBvyNRAXGusJiNYInqR6zIMI3rvlp6WiKwsRISos=",
        "owner": "numtide",
        "repo": "treefmt-nix",
        "rev": "3ffd842a5f50f435d3e603312eefa4790db46af5",
        "type": "github"
      },
      "original": {
        "owner": "numtide",
        "repo": "treefmt-nix",
        "type": "github"
      }
    },
    "treefmt-nix_4": {
      "inputs": {
        "nixpkgs": [
          "nixpkgs"
        ]
      },
      "locked": {
        "lastModified": 1725271838,
        "narHash": "sha256-VcqxWT0O/gMaeWTTjf1r4MOyG49NaNxW4GHTO3xuThE=",
        "owner": "numtide",
        "repo": "treefmt-nix",
        "rev": "9fb342d14b69aefdf46187f6bb80a4a0d97007cd",
        "type": "github"
      },
      "original": {
        "owner": "numtide",
        "repo": "treefmt-nix",
        "type": "github"
      }
    }
  },
  "root": "root",
--- a/flake.nix
+++ b/flake.nix
@ -1,80 +1,46 @@
 {
  # "git+file:///<full-path>" for fixing an input
  inputs = {
-    flake-parts.url = "github:hercules-ci/flake-parts";
+    clan-core.inputs.flake-parts.follows = "flake-parts";
    clan-core.inputs.nixpkgs.follows = "nixpkgs";
    clan-core.url = "git+https://git.clan.lol/clan/clan-core";
    clan-fact-generators.inputs.clan-core.follows = "clan-core";
    clan-fact-generators.url = "github:mrvandalo/clan-fact-generators";
    flake-parts.inputs.nixpkgs-lib.follows = "nixpkgs";
-
+    flake-parts.url = "github:hercules-ci/flake-parts";
-    clan-fact-generators = {
+    home-manager-utils.inputs.home-manager.follows = "home-manager";
-      url = "github:mrvandalo/clan-fact-generators";
+    home-manager-utils.url = "github:mrvandalo/home-manager-utils";
-      inputs.clan-core.follows = "clan-core";
+    home-manager.inputs.nixpkgs.follows = "nixpkgs";
-    };
+    home-manager.url = "github:nix-community/home-manager";
-
+    kmonad.inputs.nixpkgs.follows = "nixpkgs"; # fixme: kmonad crashes every now and than and the keyboard is not usable anymore.
-    clan-core = {
+    kmonad.url = "github:kmonad/kmonad?dir=nix"; # todo: mabye use https://github.com/jtroo/kanata instead
-      url = "git+https://git.clan.lol/clan/clan-core";
+    landingpage.url = "github:mrVanDalo/landingpage";
-      #url = "git+file:///home/palo/dev/clan-core";
+    nixos-anywhere.url = "github:nix-community/nixos-anywhere";
-      inputs.nixpkgs.follows = "nixpkgs"; # Needed if your configuration uses nixpkgs unstable.
+    nix-topology.inputs.nixpkgs.follows = "nixpkgs";
-      inputs.flake-parts.follows = "flake-parts";
+    nix-topology.url = "github:oddlama/nix-topology";
-    };
+    nixos-hardware.url = "github:nixos/nixos-hardware";
    nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable";
    nixpkgs-unstable-small.url = "github:nixos/nixpkgs/nixos-unstable-small";
    nixpkgs-legacy_2211.url = "github:nixos/nixpkgs/nixos-22.11";
    nixpkgs-legacy_2311.url = "github:nixos/nixpkgs/nixos-23.11";
    nixpkgs-legacy_2405.url = "github:nixos/nixpkgs/nixos-24.05";
-    nixos-hardware.url = "github:nixos/nixos-hardware";
+    nixpkgs-unstable-small.url = "github:nixos/nixpkgs/nixos-unstable-small";
-    nixos-anywhere.url = "github:nix-community/nixos-anywhere";
+    nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable";
-
+    permown.inputs.nixpkgs.follows = "nixpkgs";
-    home-manager = {
+    permown.url = "github:mrVanDalo/module.permown";
-      #url = "github:nix-community/home-manager/release-23.11";
+    polygon-art.url = "git+https://git.ingolf-wagner.de/palo/polygon-art.git";
-      url = "github:nix-community/home-manager";
+    private-parts.inputs.nixpkgs.follows = "nixpkgs"; # only private input
-      #inputs.nixpkgs.follows = "nixpkgs";
+    private-parts.url = "git+ssh://forgejo@git.ingolf-wagner.de/palo/nixos-private-parts.git?ref=main";
-    };
+    #private-parts.url = "git+file:///home/palo/dev/nixos/nixos-private-parts";
-
+    retiolum.url = "github:Mic92/retiolum";
    polygon-art = {
      url = "git+https://git.ingolf-wagner.de/palo/polygon-art.git";
    };
    home-manager-utils = {
      url = "github:mrvandalo/home-manager-utils";
      inputs.home-manager.follows = "home-manager";
    };
    permown = {
      url = "github:mrVanDalo/module.permown";
      #url = "git+file:///home/palo/dev/nixos/permown";
      inputs.nixpkgs.follows = "nixpkgs";
    };
    private_assets = {
      #url = "git+file:///home/palo/dev/nixos/nixos-private-assets";
      url = "git+ssh://forgejo@git.ingolf-wagner.de/palo/nixos-private-assets.git?ref=main";
      flake = true;
    };
    retiolum = {
      url = "github:Mic92/retiolum";
      #url = "git+file:///home/palo/dev/nixos/retiolum";
    };
    srvos.url = "github:nix-community/srvos";
-
+    stylix.inputs.home-manager.follows = "home-manager";
-    landingpage = {
+    stylix.inputs.nixpkgs.follows = "nixpkgs";
-      #url = "git+file:///home/palo/dev/landingpage";
+    stylix.url = "github:danth/stylix";
-      url = "github:mrVanDalo/landingpage";
+    taskshell.inputs.nixpkgs.follows = "nixpkgs";
-    };
+    taskshell.url = "github:mrvandalo/taskshell";
-
+    treefmt-nix.inputs.nixpkgs.follows = "nixpkgs";
-    # todo: mabye use https://github.com/jtroo/kanata instead
+    treefmt-nix.url = "github:numtide/treefmt-nix";
    # fixme: kmonad crashes every now and than and the keyboard is not usable anymore.
    kmonad = {
      url = "github:kmonad/kmonad?dir=nix";
      inputs.nixpkgs.follows = "nixpkgs";
    };
    stylix = {
      url = "github:danth/stylix";
      inputs.nixpkgs.follows = "nixpkgs";
      inputs.home-manager.follows = "home-manager";
    };
    # smoke test framwork to trigger tests (enable if I  want to use it for real)
    #smoke = {
@ -82,151 +48,172 @@
    #  inputs.nixpkgs.follows = "nixpkgs";
    #};
    # had to override it to  remove colors
    taskshell = {
      url = "github:mrvandalo/taskshell";
      inputs.nixpkgs.follows = "nixpkgs";
    };
    # my  own tool
    overviewer.url = "git+ssh://forgejo@git.ingolf-wagner.de/palo/overviewer.git?ref=main";
  };
  outputs =
-    inputs@{ self
+    inputs@{
-    , clan-core
+      self,
-    , clan-fact-generators
+      clan-core,
-    , flake-parts
+      clan-fact-generators,
-    , home-manager
+      flake-parts,
-    , home-manager-utils
+      home-manager,
-    , kmonad
+      home-manager-utils,
-    , landingpage
+      kmonad,
-    , nixos-anywhere
+      landingpage,
-    , nixos-hardware
+      nixos-anywhere,
-    , nixpkgs
+      nixos-hardware,
-    , nixpkgs-legacy_2211
+      nixpkgs,
-    , nixpkgs-legacy_2311
+      nixpkgs-legacy_2211,
-    , nixpkgs-legacy_2405
+      nixpkgs-legacy_2311,
-    , nixpkgs-unstable-small
+      nixpkgs-legacy_2405,
-    , overviewer
+      nixpkgs-unstable-small,
-    , permown
+      permown,
-    , polygon-art
+      polygon-art,
-    , private_assets
+      private-parts,
-    , retiolum
+      retiolum,
-    , srvos
+      srvos,
-    , stylix
+      stylix,
-    , taskshell
+      taskshell,
      treefmt-nix,
      nix-topology,
    }:
    let
      #system = "x86_64-linux";
      #pkgs = nixpkgs.legacyPackages.${system};
      inherit (nixpkgs) lib;
      meta = rec {
        system = "x86_64-linux";
-        pkgs = import nixpkgs {
+        pkgs =
-          inherit system;
+          let
-          config.allowUnfree = true;
+            allowUnfree = true;
-          config.permittedInsecurePackages = [
+            permittedInsecurePackages = [
-            "electron-24.8.6" # for bitwarden
+              "electron-24.8.6" # for bitwarden
-            "python-2.7.18.6"
+              "python-2.7.18.6"
-            "python-2.7.18.7"
+              "python-2.7.18.7"
-            "python-2.7.18.8"
+              "python-2.7.18.8"
-            "electron-27.3.11" # for logseq
+              "electron-27.3.11" # for logseq
-            "electron-28.3.3" # for logseq
+              "electron-28.3.3" # for logseq
-          ];
+            ];
-          overlays = [
+          in
-            (_self: _super: {
+          import nixpkgs {
-              unstable-small = import nixpkgs-unstable-small {
+            inherit system;
-                inherit system;
+            config = {
-                config.allowUnfree = true;
+              inherit allowUnfree permittedInsecurePackages;
-              };
+            };
-              legacy_2211 = import nixpkgs-legacy_2211 {
+            overlays = [
-                inherit system;
+              (_self: _super: {
-                config.allowUnfree = true;
+                unstable-small = import nixpkgs-unstable-small {
-              };
+                  inherit system;
-              legacy_2311 = import nixpkgs-legacy_2311 {
+                  config = {
-                inherit system;
+                    inherit allowUnfree permittedInsecurePackages;
-                config.allowUnfree = true;
+                  };
-              };
+                };
-              legacy_2405 = import nixpkgs-legacy_2405 {
+                legacy_2211 = import nixpkgs-legacy_2211 {
-                inherit system;
+                  inherit system;
-                config.allowUnfree = true;
+                  config = {
-              };
+                    inherit allowUnfree permittedInsecurePackages;
-              polygon-art = polygon-art.packages.${system};
+                  };
-              landingpage = landingpage.packages.${system}.plain;
+                };
-              kmonad = kmonad.packages.${system}.kmonad;
+                legacy_2311 = import nixpkgs-legacy_2311 {
-              tasksh = taskshell.packages.${system}.tasksh;
+                  inherit system;
-              overviewer = overviewer.packages.${system}.overviewer;
+                  config = {
-              pkl = self.packages.${system}.pkl;
+                    inherit allowUnfree permittedInsecurePackages;
-            })
+                  };
-            (import ./pkgs)
+                };
-          ];
+                legacy_2405 = import nixpkgs-legacy_2405 {
-        };
+                  inherit system;
                  config = {
                    inherit allowUnfree permittedInsecurePackages;
                  };
                };
                polygon-art = polygon-art.packages.${system};
                landingpage = landingpage.packages.${system}.plain;
                kmonad = kmonad.packages.${system}.kmonad;
                tasksh = taskshell.packages.${system}.tasksh;
                inherit (self.packages.${system})
                  otpmenu
                  taskwarrior-hooks
                  nsxiv
                  bugwarrior
                  ;
              })
            ];
          };
        specialArgs = {
-          inherit private_assets inputs;
+          inherit inputs;
          assets = ./assets;
          factsGenerator = clan-fact-generators.lib { inherit pkgs; };
-          clanLib = import ./lib/clanlib.nix { inherit (pkgs) lib; machineDir = ./machines; };
+          clanLib = import ./lib/clanlib.nix {
-          zerotierDeviceName = "ztbn67ogn2";
+            inherit (pkgs) lib;
            machineDir = ./machines;
          };
          # https://git.clan.lol/clan/clan-core/issues/1575 < here is how I could do this generic
          zerotierInterface = "ztbn67ogn2";
          components = ./components;
          features = ./features;
        };
      };
      clanSetup =
-        { name
+        {
-        , host
+          name,
-        , modules
+          host,
-        }: {
+          modules,
        }:
        {
          clan.core.networking.targetHost = lib.mkDefault "root@${host}";
          nixpkgs.pkgs = meta.pkgs;
          nixpkgs.hostPlatform = meta.system;
          clan.core.facts.secretStore = "password-store";
-          imports = modules ++ defaultModules ++ [
+          imports =
-            ./machines/${name}/configuration.nix
+            modules
            ++ defaultModules
            ++ [
              ./machines/${name}/configuration.nix
              nix-topology.nixosModules.default
              self.nixosModules.verify
            ];
        };
      zerotierControllerModule = {
        clan.core.networking.zerotier.controller = {
          enable = true;
          public = false;
        };
      };
      zerotierModules =
        { pkgs, ... }:
        {
          imports = [
            # this magically adds all my machines in the zero tier network
            # and makes the controller accept them.
            # will automatic look into `/machines/<name>/facts/zerotier-ip
            inputs.clan-core.clanModules.zerotier-static-peers
            # Statically configure the host names of machines based on their respective zerotier-ip.
            inputs.clan-core.clanModules.static-hosts
            # generate ssh host keys with facts
            inputs.clan-core.clanModules.sshd
            # manual configs
            {
              clan.static-hosts.topLevelDomain = "bear";
              components.network.zerotier.enable = true;
              environment.systemPackages = [
                clan-core.packages.${pkgs.system}.clan-cli
                (pkgs.writers.writeBashBin "zerotier-script-nodeid" ''
                  sudo ${pkgs.zerotierone}/bin/zerotier-cli info | cut -d " " -f 3
                '')
              ];
            }
          ];
        };
      zerotierControllerModule =
        {
          clan.core.networking.zerotier.controller = {
            enable = true;
            public = false;
          };
        };
      zerotierModules = { pkgs, ... }: {
        imports = [
          # this magically adds all my machines in the zero tier network
          # and makes the controller accept them.
          # will automatic look into `/machines/<name>/facts/zerotier-ip
          inputs.clan-core.clanModules.zerotier-static-peers
          # Statically configure the host names of machines based on their respective zerotier-ip.
          inputs.clan-core.clanModules.static-hosts
          # generate ssh host keys with facts
          inputs.clan-core.clanModules.sshd
          # manual configs
          {
            clan.static-hosts.topLevelDomain = "bear";
            components.network.zerotier.enable = true;
            environment.systemPackages = [
              clan-core.packages.${pkgs.system}.clan-cli
              (pkgs.writers.writeBashBin "zerotier-script-nodeid" ''
                sudo ${pkgs.zerotierone}/bin/zerotier-cli info | cut -d " " -f 3
              '')
            ];
          }
        ];
      };
      defaultModules = [
        # make flake inputs accessiable in NixOS
        {
@ -234,25 +221,42 @@
          _module.args.inputs = self.inputs;
        }
        # ssh keys
-        ({ config, ... }: {
+        (
-          users.users.root.openssh.authorizedKeys.keyFiles = [
+          { config, ... }:
            # master key
            ./assets/mrvandalo_rsa.pub
            # backup key
            "${config.clan.core.clanDir}/machines/chungus/facts/ssh.syncoid.id_ed25519.pub"
            "${config.clan.core.clanDir}/machines/chungus/facts/ssh.rbackup.id_ed25519.pub"
          ];
        })
        # configure nix
        ({ pkgs, lib, clanLib, ... }:
          {
-            nix.settings.substituters = [
+            users.users.root.openssh.authorizedKeys.keyFiles = [
-              "http://cache.orbi.wg0"
+              # master key
              ./assets/mrvandalo_rsa.pub
              # backup key
              "${config.clan.core.clanDir}/machines/chungus/facts/ssh.syncoid.id_ed25519.pub"
              "${config.clan.core.clanDir}/machines/chungus/facts/ssh.rbackup.id_ed25519.pub"
            ];
-            nix.settings.trusted-public-keys = [
+          }
-              (clanLib.readFact "nix-serve.pub" "orbi")
+        )
        {
          # disable emergency mode everywhere, although it might be needed on laptops
          boot.initrd.systemd.emergencyAccess = false;
          boot.initrd.systemd.suppressedUnits = [
            "emergency.service"
            "emergency.target"
          ];
          systemd.enableEmergencyMode = false;
        }
        # configure nix
        (
          {
            pkgs,
            lib,
            clanLib,
            ...
          }:
          {
            nix.settings.substituters = [ "http://cache.orbi.wg0" ];
            nix.settings.trusted-public-keys = [ (clanLib.readFact "nix-serve.pub" "orbi") ];
            nix.settings.experimental-features = [
              "nix-command"
              "flakes"
            ];
            nix.settings.experimental-features = [ "nix-command" "flakes" ];
            nix.settings.max-jobs = 1;
            # no channesl needed this way
            nix.nixPath = [ "nixpkgs=${pkgs.path}" ];
@ -264,7 +268,12 @@
            documentation.nixos.options.warningsAreErrors = false; # todo make this true again
            documentation.nixos.extraModules = [
              ./components
              ./features
              #./modules
              inputs.clan-core.nixosModules.clanCore
              {
                clan.core.clanDir = ./.; # fixes issues with clanCore https://git.clan.lol/clan/clan-core/issues/1979
              }
              # inputs.stylix.nixosModules.stylix # fixme: not working
              permown.nixosModules.permown
              kmonad.nixosModules.default
@ -275,230 +284,240 @@
            boot.loader.systemd-boot.configurationLimit = lib.mkDefault 10;
            boot.loader.generic-extlinux-compatible.configurationLimit = lib.mkDefault 10;
            boot.loader.grub.configurationLimit = lib.mkDefault 10;
-          })
+          }
        )
        # My Structure
        ./components
        ./features
        ./modules # todo : spread this across features and components
        #./system/all # todo : spread this across features and components
        # some modules I always use
        permown.nixosModules.permown
        kmonad.nixosModules.default
        # some default things I always want
-        ({ pkgs, ... }: {
+        (
-          boot.tmp.useTmpfs = lib.mkDefault true;
+          { pkgs, ... }:
-          environment.systemPackages = [
+          {
-            pkgs.nixpkgs-fmt
+            boot.tmp.useTmpfs = lib.mkDefault true;
-          ];
+          }
-        })
+        )
      ];
-      stylixModules = { pkgs, config, ... }: {
+      stylixModules =
-        imports = [ stylix.nixosModules.stylix ];
+        {
-        stylix.enable = true;
+          pkgs,
-        stylix.base16Scheme = "${pkgs.base16-schemes}/share/themes/gruvbox-light-medium.yaml";
+          config,
-        stylix.image = ./assets/wallpaper.png;
+          lib,
-        stylix.fonts = {
+          ...
-          serif = {
+        }:
-            package = pkgs.ubuntu_font_family;
+        {
-            name = "Ubuntu";
+          imports = [ stylix.nixosModules.stylix ];
-          };
+          stylix.enable = true;
-          sansSerif = {
+          stylix.base16Scheme = "${pkgs.base16-schemes}/share/themes/gruvbox-light-medium.yaml";
-            package = pkgs.ubuntu_font_family;
+          stylix.image = ./assets/wallpaper.png;
            name = "Ubuntu";
          };
          monospace = {
            package = pkgs.jetbrains-mono;
            name = "JetBrains Mono";
          };
          emoji = {
            package = pkgs.noto-fonts-emoji;
            name = "Noto Color Emoji";
          };
          sizes.popups = 15;
        };
        # todo: remove this if not needed anymore
        #home-manager.sharedModules = [
        #  { stylix.targets.bemenu.enable = false; }
        #];
-      };
+          home-manager.sharedModules = [
-
+            {
-      homeManagerModules = { pkgs, config, ... }: {
+              # no need for hyperland
-        imports = [
+              # https://github.com/danth/stylix/issues/543
-          home-manager.nixosModules.home-manager
+              stylix.targets.hyprpaper.enable = lib.mkForce false;
-        ];
+              stylix.targets.hyprland.enable = lib.mkForce false;
-        home-manager.extraSpecialArgs = {
+            }
-          inherit private_assets;
+          ];
-          assets = ./assets;
+          stylix.fonts = {
            serif = {
              package = pkgs.nerdfonts.override { fonts = [ "Ubuntu" ]; };
              name = "Ubuntu";
            };
            sansSerif = {
              package = pkgs.nerdfonts.override { fonts = [ "Ubuntu" ]; };
              name = "Ubuntu";
            };
            monospace = {
              package = pkgs.nerdfonts.override { fonts = [ "JetBrainsMono" ]; };
              name = "JetBrains Mono";
            };
            emoji = {
              package = pkgs.noto-fonts-emoji;
              name = "Noto Color Emoji";
            };
            sizes.popups = 15;
          };
        };
      homeManagerModules =
        { pkgs, config, ... }:
        {
          imports = [
            home-manager.nixosModules.home-manager
          ];
          home-manager.extraSpecialArgs = {
            assets = ./assets;
          };
          home-manager.useGlobalPkgs = true;
          home-manager.useUserPackages = true;
          home-manager.backupFileExtension = "backup";
          home-manager.sharedModules = [
            home-manager-utils.hmModule
          ];
        };
        home-manager.useGlobalPkgs = true;
        home-manager.useUserPackages = true;
        home-manager.backupFileExtension = "backup";
        home-manager.sharedModules = [
          home-manager-utils.hmModule
        ];
      };
    in
-    flake-parts.lib.mkFlake { inherit inputs; } ({ self, pkgs, ... }: {
+    flake-parts.lib.mkFlake { inherit inputs; } (
-      # We define our own systems below. you can still use this to add system specific outputs to your flake.
+      {
-      # See: https://flake.parts/getting-started
+        self,
-      systems = [ "x86_64-linux" ];
+        self',
        pkgs,
        ...
      }:
      {
        systems = [ "x86_64-linux" ];
        imports = [
          clan-core.flakeModules.default
          ./nix/formatter.nix
          ./nix/packages
          ./nix/verify
          ./nix/topology
        ];
-      # import clan-core modules
+        # Define your clan
-      imports = [
+        clan = {
-        clan-core.flakeModules.default
+          # Clan wide settings.
-      ];
+          meta.name = "gummybears"; # Ensure to choose a unique name.
          specialArgs = meta.specialArgs;
-      perSystem = { pkgs, ... }: {
+          machines = {
        packages.pkl = pkgs.callPackage ./pkgs/pkl { };
      };
-      # Define your clan
+            cream = clanSetup {
-      clan = {
+              name = "cream";
-        # Clan wide settings.
+              host = "cream.bear";
-        meta.name = "gummybears"; # Ensure to choose a unique name.
+              modules = [
-        specialArgs = meta.specialArgs;
+                zerotierModules
                nixos-hardware.nixosModules.framework-12th-gen-intel
                retiolum.nixosModules.retiolum
                private-parts.nixosModules.cream
                homeManagerModules
                stylixModules
                { home-manager.users.mainUser.gui.enable = true; }
                {
                  home-manager.users.mainUser = import ./homes/palo;
                  home-manager.users.root = import ./homes/root;
                }
                {
                  clan.core.machineDescription = "Laptop";
                }
              ];
            };
-        machines = {
+            cherry = clanSetup {
              name = "cherry";
              host = "cherry.bear";
              modules = [
                zerotierModules
                nixos-hardware.nixosModules.framework-13th-gen-intel
                retiolum.nixosModules.retiolum
                private-parts.nixosModules.cherry
                homeManagerModules
                stylixModules
                { home-manager.users.mainUser.gui.enable = true; }
                {
                  home-manager.users.mainUser = import ./homes/palo;
                  home-manager.users.root = import ./homes/root;
                }
                {
                  clan.core.machineDescription = "Laptop";
                }
              ];
            };
-          sternchen = clanSetup {
+            chungus = clanSetup {
-            name = "sternchen";
+              name = "chungus";
-            host = "sternchen.bear";
+              host = "chungus.bear";
-            #host = "192.168.178.25";
+              modules = [
-            modules = [
+                zerotierModules
-              nixos-hardware.nixosModules.lenovo-thinkpad-x220
+                zerotierControllerModule
-              homeManagerModules
+                homeManagerModules
-              stylixModules
+                stylixModules
-              { home-manager.users.mainUser.gui.enable = true; }
+                retiolum.nixosModules.retiolum
-              {
+                private-parts.nixosModules.chungus
-                home-manager.users.mainUser = import ./homes/tina;
+                {
-                home-manager.users.root = import ./homes/root;
+                  home-manager.users.mainUser = import ./homes/palo;
-              }
+                  home-manager.users.root = import ./homes/root;
-              # todo : strange overrides, this should be an option kinda an be changed on another level (the homes/<name> folders or something)
+                }
-              ({ lib, ... }: {
+                {
-                home-manager.sharedModules = [
+                  clan.core.machineDescription = "Home Server";
-                  {
+                }
-                    programs.atuin.enable = lib.mkForce false;
+              ];
-                  }
+            };
                ];
              })
              {
                clan.core.machineDescription = "LaLaptop";
              }
            ];
          };
-          cream = clanSetup {
+            orbi = clanSetup {
-            name = "cream";
+              name = "orbi";
-            host = "cream.bear";
+              host = "orbi.bear";
-            modules = [
+              #host = "95.216.66.212";
-              zerotierModules
+              modules = [
-              nixos-hardware.nixosModules.framework-12th-gen-intel
+                homeManagerModules
-              retiolum.nixosModules.retiolum
+                stylixModules
-              private_assets.nixosModules.cream
+                zerotierModules
-              private_assets.nixosModules.yubikey
+                srvos.nixosModules.hardware-hetzner-online-intel
-              homeManagerModules
+                #srvos.nixosModules.server
-              stylixModules
+                #srvos.nixosModules.mixins-terminfo
-              { home-manager.users.mainUser.gui.enable = true; }
+                {
-              {
+                  home-manager.users.mainUser = import ./homes/palo;
-                home-manager.users.mainUser = import ./homes/palo;
+                  home-manager.users.root = import ./homes/root;
-                home-manager.users.root = import ./homes/root;
+                }
-              }
+                {
-              {
+                  clan.core.machineDescription = "Internet Server";
-                clan.core.machineDescription = "Laptop";
+                }
-              }
+              ];
-            ];
+            };
          };
-          cherry = clanSetup {
+            probe = clanSetup {
-            name = "cherry";
+              name = "probe";
-            host = "cherry.bear";
+              #host = "167.235.205.150";
-            modules = [
+              host = "95.217.18.54";
-              zerotierModules
+              modules = [
-              nixos-hardware.nixosModules.framework-13th-gen-intel
+                homeManagerModules
-              retiolum.nixosModules.retiolum
+                stylixModules
-              private_assets.nixosModules.yubikey
+                srvos.nixosModules.hardware-hetzner-cloud
-              homeManagerModules
+                srvos.nixosModules.server
-              stylixModules
+                srvos.nixosModules.mixins-terminfo
-              { home-manager.users.mainUser.gui.enable = true; }
+                #inputs.clan-core.clanModules.sshd
-              {
+                {
-                home-manager.users.mainUser = import ./homes/palo;
+                  home-manager.users.mainUser = import ./homes/palo;
-                home-manager.users.root = import ./homes/root;
+                  home-manager.users.root = import ./homes/root;
-              }
+                }
-              {
+                {
-                clan.core.machineDescription = "Laptop";
+                  clan.core.machineDescription = "Dummy Internet Server";
-              }
+                }
-            ];
+              ];
-          };
+            };
-          chungus = clanSetup {
+            usbstick = clanSetup {
-            name = "chungus";
+              name = "usbstick";
-            host = "chungus.bear";
+              #host = "usbstick.bear";
-            modules = [
+              host = "10.100.0.100";
-              zerotierModules
+              modules = [
-              zerotierControllerModule
+                homeManagerModules
-              homeManagerModules
+                stylixModules
-              stylixModules
+                zerotierModules
-              retiolum.nixosModules.retiolum
+                { home-manager.users.mainUser.gui.enable = true; }
-              private_assets.nixosModules.chungus
+                {
-              {
+                  home-manager.users.mainUser = import ./homes/palo;
-                home-manager.users.mainUser = import ./homes/palo;
+                  home-manager.users.root = import ./homes/root;
-                home-manager.users.root = import ./homes/root;
+                }
-              }
+                {
-              {
+                  clan.core.machineDescription = "USB-Stick for Backup";
-                clan.core.machineDescription = "Home Server";
+                }
-              }
+              ];
-            ];
+            };
          };
          orbi = clanSetup {
            name = "orbi";
            host = "orbi.bear";
            #host = "95.216.66.212";
            modules = [
              zerotierModules
              homeManagerModules
              stylixModules
              srvos.nixosModules.hardware-hetzner-online-intel
              #srvos.nixosModules.server
              #srvos.nixosModules.mixins-terminfo
              {
                # not needed for servers in general
                boot.initrd.systemd.emergencyAccess = false;
                systemd.enableEmergencyMode = false;
              }
              {
                home-manager.users.mainUser = import ./homes/palo;
                home-manager.users.root = import ./homes/root;
              }
              {
                clan.core.machineDescription = "Internet Server";
              }
            ];
          };
          probe = clanSetup {
            name = "probe";
            host = "probe.bear";
            modules = [
              homeManagerModules
              stylixModules
              srvos.nixosModules.hardware-hetzner-cloud
              srvos.nixosModules.server
              srvos.nixosModules.mixins-terminfo
              {
                home-manager.users.mainUser = import ./homes/palo;
                home-manager.users.root = import ./homes/root;
              }
              {
                clan.core.machineDescription = "Dummy Internet Server";
              }
            ];
          };
        };
-      };
+      }
-
+    );
    });
 }
--- a/homes/common/default.nix
+++ b/homes/common/default.nix
@ -1,6 +1,9 @@
 { lib, ... }:
 {
  imports = [
    ./editor.nix
    ./network.nix
    ./oh-my-posh
    ./packages.nix
    ./terminal.nix
    ./zfs.nix
--- a/homes/common/editor.nix
+++ b/homes/common/editor.nix
@ -1,11 +1,10 @@
 { lib, ... }:
 {
  programs.vim = {
    enable = true;
-    defaultEditor = true;
+    defaultEditor = lib.mkDefault true;
  };
  programs.helix = {
    enable = true;
    # defaultEditor = true;
  };
 }
--- a/homes/common/network.nix
+++ b/homes/common/network.nix
@ -0,0 +1,34 @@
 {
  config,
  pkgs,
  lib,
  ...
 }:
 with lib;
 {
  config = mkMerge [
    {
      home.packages = [
        # firewall analysis
        pkgs.nftables
        pkgs.nixos-firewall-tool
        # analyser
        pkgs.dnsutils
        pkgs.tcpdump
        pkgs.nmap
        pkgs.rustscan
        # helper
        pkgs.ipcalc
      ];
    }
    (mkIf config.gui.enable {
      home.packages = [
        pkgs.wireshark
      ];
    })
  ];
 }
--- a/homes/common/oh-my-posh/default.nix
+++ b/homes/common/oh-my-posh/default.nix
@ -0,0 +1,15 @@
 {
  pkgs,
  config,
  lib,
  ...
 }:
 with lib;
 {
  programs.oh-my-posh = {
    enable = true;
    # https://ohmyposh.dev/docs/themes
    #useTheme = "gmay"; # ganz nice, aber farben sind ein bisl schrill
    settings = builtins.fromJSON (builtins.readFile ./gmay.json);
  };
 }
--- a/homes/common/oh-my-posh/gmay.json
+++ b/homes/common/oh-my-posh/gmay.json
@ -0,0 +1,121 @@
 {
  "$schema": "https://raw.githubusercontent.com/JanDeDobbeleer/oh-my-posh/main/themes/schema.json",
  "blocks": [
    {
      "alignment": "left",
      "segments": [
        {
          "background": "#076678",
          "foreground": "#EBDBB2",
          "leading_diamond": "\ue0b6",
          "style": "diamond",
          "template": " {{ if .WSL }}WSL at {{ end }}{{.Icon}} ",
          "type": "os"
        },
        {
          "background": "#AF3A03",
          "foreground": "#EBDBB2",
          "powerline_symbol": "\ue0b0",
          "style": "powerline",
          "template": " \uf0e7 ",
          "type": "root"
        },
        {
          "background": "#076678",
          "foreground": "#EBDBB2",
          "powerline_symbol": "\ue0b0",
          "style": "powerline",
          "template": " {{ if .SSHSession }}\ueba9 {{ end }}{{ .UserName }}@{{ .HostName }} ",
          "type": "session"
        },
        {
          "background": "#B57614",
          "foreground": "#EBDBB2",
          "powerline_symbol": "\ue0b0",
          "properties": {
            "style": "full"
          },
          "style": "powerline",
          "template": " \ue5ff {{ .Path }} ",
          "type": "path"
        },
        {
          "background": "#79740E",
          "foreground": "#EBDBB2",
          "powerline_symbol": "\ue0b0",
          "properties": {
            "time_format": "2006-01-02 15:04:05"
          },
          "style": "powerline",
          "template": " {{ .CurrentDate | date .Format }} ",
          "type": "time"
        },
        {
          "type": "project",
          "style": "powerline",
          "powerline_symbol": "",
          "foreground": "#193549",
          "background": "#ffeb3b",
          "template": " {{ if .Error }}{{ .Error }}{{ else }}{{ if .Version }} {{.Version}}{{ end }} {{ if .Name }}{{ .Name }}{{ end }}{{ end }} "
        },
        {
          "type": "git",
          "style": "powerline",
          "powerline_symbol": "",
          "background": "#427b58",
          "foreground": "#EBDBB2",
          "background_templates": [
            "{{ if or (.Working.Changed) (.Staging.Changed) }}#8f3f71{{ end }}",
            "{{ if and (gt .Ahead 0) (gt .Behind 0) }}#076678{{ end }}",
            "{{ if gt .Ahead 0 }}#076678{{ end }}",
            "{{ if gt .Behind 0 }}#076678{{ end }}"
          ],
          "template": "{{ .UpstreamIcon }}{{ .HEAD }}{{if .BranchStatus }} {{ .BranchStatus }}{{ end }}{{ if .Working.Changed }}  {{ .Working.String }}{{ end }}{{ if and (.Working.Changed) (.Staging.Changed) }} |{{ end }}{{ if .Staging.Changed }}  {{ .Staging.String }}{{ end }}{{ if gt .StashCount 0 }}  {{ .StashCount }}{{ end }}",
          "properties": {
            "fetch_status": true,
            "fetch_upstream_icon": true,
            "untracked_modes": {
              "/Users/user/Projects/oh-my-posh/": "no"
            },
            "source": "cli",
            "mapped_branches": {
              "feat/*": "🚀 ",
              "bug/*": "🐛 "
            }
          }
        },
        {
          "background": "#427B58",
          "background_templates": [
            "{{ if gt .Code 0 }}#9D0006{{ end }}"
          ],
          "foreground": "#EBDBB2",
          "leading_diamond": "<transparent,background>\ue0b0</>",
          "properties": {
            "always_enabled": true
          },
          "style": "diamond",
          "template": " \ueb05 ",
          "trailing_diamond": "\ue0b4",
          "type": "status"
        }
      ],
      "type": "prompt"
    },
    {
      "alignment": "left",
      "newline": true,
      "segments": [
        {
          "foreground": "#076678",
          "style": "plain",
          "template": "\uf0a9 ",
          "type": "text"
        }
      ],
      "type": "prompt"
    }
  ],
  "final_space": true,
  "version": 2
 }
--- a/components/terminal/oh-my-posh/gruvbox.json
+++ b/components/terminal/oh-my-posh/gruvbox.json
@ -13,9 +13,13 @@
        },
        {
          "background": "#fbf1c7",
-          "background_templates": ["{{ if .Root }}#af3a03{{ end }}"],
+          "background_templates": [
            "{{ if .Root }}#af3a03{{ end }}"
          ],
          "foreground": "#282828",
-          "foreground_templates": ["{{ if .Root }}#fbf1c7{{ end }}"],
+          "foreground_templates": [
            "{{ if .Root }}#fbf1c7{{ end }}"
          ],
          "powerline_symbol": "\ue0b0",
          "style": "powerline",
          "template": " {{ if .SSHSession }} {{ end }}{{ .HostName }} ",
--- a/homes/common/packages.nix
+++ b/homes/common/packages.nix
@ -1,14 +1,16 @@
-{ config, pkgs, lib, ... }:
+{
  config,
  pkgs,
  lib,
  ...
 }:
 with pkgs;
 with lib;
 {
  config = mkMerge [
    {
      home.packages = [
        bind.dnsutils
        nmap
        hexyl
        ipcalc
        units
        difftastic
@ -23,7 +25,7 @@ with lib;
        tldr
-        bandwhich
+        bandwhich # todo : put this to common/networking.nix
        unzip
        genpass
@ -41,7 +43,6 @@ with lib;
    }
    (mkIf config.gui.enable {
      home.packages = [
        libreoffice
@ -54,7 +55,7 @@ with lib;
        aspellDicts.es
        evince
-        sxiv
+        nsxiv
        gimp
        inkscape
--- a/homes/common/terminal.nix
+++ b/homes/common/terminal.nix
@ -1,4 +1,9 @@
-{ lib, pkgs, assets, ... }:
+{
  lib,
  pkgs,
  assets,
  ...
 }:
 {
  programs.zsh = {
--- a/homes/common/zfs.nix
+++ b/homes/common/zfs.nix
@ -1,4 +1,9 @@
-{ config, pkgs, lib, ... }:
+{
  config,
  pkgs,
  lib,
  ...
 }:
 with pkgs;
 with lib;
 {
--- a/homes/palo/default.nix
+++ b/homes/palo/default.nix
@ -1,12 +1,11 @@
-{ pkgs, ... }: {
+{ pkgs, ... }:
 {
  imports = [
    ../common
    ./editor.nix
    ./git.nix
    ./gpg.nix
    ./gui
    #./hyperland.nix
    ./i3.nix
    ./packages
    ./ssh.nix
--- a/homes/palo/doom-emacs.nix
+++ b/homes/palo/doom-emacs.nix
@ -1,35 +0,0 @@
 { config, pkgs, lib, ... }:
 with lib;
 {
  config = mkMerge [
    {
      home.packages = [ pkgs.ripgrep ];
    }
    (mkIf config.gui.enable {
      programs.doom-emacs = {
        enable = lib.mkDefault true;
        doomPrivateDir = ./doom.d;
        extraConfig = ''
          ;; "monospace" means use the system default. However, the default is usually two
          ;; points larger than I'd like, so I specify size 12 here.
          (setq doom-font
            (font-spec :family "Jetbrains Mono" :size ${toString 12} :weight 'light))
          ;;(setq doom-font
          ;; (font-spec :family "Terminus" :size ${toString 12} :weight 'light))
        '';
        #emacsPackagesOverlay = self: super: {
        #  # fixes https://github.com/vlaci/nix-doom-emacs/issues/394
        #  gitignore-mode = pkgs.emacsPackages.git-modes;
        #  gitconfig-mode = pkgs.emacsPackages.git-modes;
        #};
      };
    })
    (mkIf (!config.gui.enable) {
      programs.doom-emacs = {
        enable = lib.mkDefault true;
        doomPrivateDir = ./doom.d;
        package = pkgs.emacs-nox;
      };
    })
  ];
 }
--- a/homes/palo/doom.d/config.el
+++ b/homes/palo/doom.d/config.el
@ -1,4 +0,0 @@
 ;; configure theme
 (setq doom-theme 'doom-solarized-light)
--- a/homes/palo/doom.d/init.el
+++ b/homes/palo/doom.d/init.el
@ -1,187 +0,0 @@
 ;;; init.el -*- lexical-binding: t; -*-
 ;; This file controls what Doom modules are enabled and what order they load
 ;; in. Remember to run 'doom sync' after modifying it!
 ;; NOTE Press 'SPC h d h' (or 'C-h d h' for non-vim users) to access Doom's
 ;;      documentation. There you'll find a "Module Index" link where you'll find
 ;;      a comprehensive list of Doom's modules and what flags they support.
 ;; NOTE Move your cursor over a module's name (or its flags) and press 'K' (or
 ;;      'C-c c k' for non-vim users) to view its documentation. This works on
 ;;      flags as well (those symbols that start with a plus).
 ;;
 ;;      Alternatively, press 'gd' (or 'C-c c d') on a module to browse its
 ;;      directory (for easy access to its source code).
 (doom! :input
       ;;chinese
       ;;japanese
       ;;layout            ; auie,ctsrnm is the superior home row
       :completion
       company           ; the ultimate code completion backend
       ;;helm              ; the *other* search engine for love and life
       ;;ido               ; the other *other* search engine...
       ivy               ; a search engine for love and life
       :ui
       ;;deft              ; notational velocity for Emacs
       doom              ; what makes DOOM look the way it does
       doom-dashboard    ; a nifty splash screen for Emacs
       doom-quit         ; DOOM quit-message prompts when you quit Emacs
       ;;(emoji +unicode)  ; 🙂
       hl-todo           ; highlight TODO/FIXME/NOTE/DEPRECATED/HACK/REVIEW
       ;;hydra
       ;;indent-guides     ; highlighted indent columns
       ;;ligatures         ; ligatures and symbols to make your code pretty again
       ;;minimap           ; show a map of the code on the side
       modeline          ; snazzy, Atom-inspired modeline, plus API
       ;;nav-flash         ; blink cursor line after big motions
       ;;neotree           ; a project drawer, like NERDTree for vim
       ophints           ; highlight the region an operation acts on
       (popup +defaults)   ; tame sudden yet inevitable temporary windows
       ;;tabs              ; a tab bar for Emacs
       ;;treemacs          ; a project drawer, like neotree but cooler
       ;;unicode           ; extended unicode support for various languages
       vc-gutter         ; vcs diff in the fringe
       vi-tilde-fringe   ; fringe tildes to mark beyond EOB
       ;;window-select     ; visually switch windows
       workspaces        ; tab emulation, persistence & separate workspaces
       ;;zen               ; distraction-free coding or writing
       :editor
       (evil +everywhere); come to the dark side, we have cookies
       file-templates    ; auto-snippets for empty files
       fold              ; (nigh) universal code folding
       ;;(format +onsave)  ; automated prettiness
       ;;god               ; run Emacs commands without modifier keys
       ;;lispy             ; vim for lisp, for people who don't like vim
       ;;multiple-cursors  ; editing in many places at once
       ;;objed             ; text object editing for the innocent
       ;;parinfer          ; turn lisp into python, sort of
       ;;rotate-text       ; cycle region at point between text candidates
       snippets          ; my elves. They type so I don't have to
       ;;word-wrap         ; soft wrapping with language-aware indent
       :emacs
       dired             ; making dired pretty [functional]
       electric          ; smarter, keyword-based electric-indent
       ;;ibuffer         ; interactive buffer management
       undo              ; persistent, smarter undo for your inevitable mistakes
       vc                ; version-control and Emacs, sitting in a tree
       :term
       ;;eshell            ; the elisp shell that works everywhere
       ;;shell             ; simple shell REPL for Emacs
       ;;term              ; basic terminal emulator for Emacs
       ;;vterm             ; the best terminal emulation in Emacs
       :checkers
       syntax              ; tasing you for every semicolon you forget
       ;;(spell +flyspell) ; tasing you for misspelling mispelling
       ;;grammar           ; tasing grammar mistake every you make
       :tools
       ;;ansible
       ;;debugger          ; FIXME stepping through code, to help you add bugs
       ;;direnv
       ;;docker
       ;;editorconfig      ; let someone else argue about tabs vs spaces
       ;;ein               ; tame Jupyter notebooks with emacs
       (eval +overlay)     ; run code, run (also, repls)
       ;;gist              ; interacting with github gists
       lookup              ; navigate your code and its documentation
       ;;lsp               ; M-x vscode
       magit             ; a git porcelain for Emacs
       ;;make              ; run make tasks from Emacs
       ;;pass              ; password manager for nerds
       ;;pdf               ; pdf enhancements
       ;;prodigy           ; FIXME managing external services & code builders
       ;;rgb               ; creating color strings
       ;;taskrunner        ; taskrunner for all your projects
       ;;terraform         ; infrastructure as code
       ;;tmux              ; an API for interacting with tmux
       ;;upload            ; map local to remote projects via ssh/ftp
       :os
       (:if IS-MAC macos)  ; improve compatibility with macOS
       ;;tty               ; improve the terminal Emacs experience
       :lang
       ;;agda              ; types of types of types of types...
       ;;beancount         ; mind the GAAP
       ;;cc                ; C > C++ == 1
       ;;clojure           ; java with a lisp
       ;;common-lisp       ; if you've seen one lisp, you've seen them all
       ;;coq               ; proofs-as-programs
       ;;crystal           ; ruby at the speed of c
       ;;csharp            ; unity, .NET, and mono shenanigans
       ;;data              ; config/data formats
       ;;(dart +flutter)   ; paint ui and not much else
       ;;elixir            ; erlang done right
       ;;elm               ; care for a cup of TEA?
       emacs-lisp        ; drown in parentheses
       ;;erlang            ; an elegant language for a more civilized age
       ;;ess               ; emacs speaks statistics
       ;;factor
       ;;faust             ; dsp, but you get to keep your soul
       ;;fsharp            ; ML stands for Microsoft's Language
       ;;fstar             ; (dependent) types and (monadic) effects and Z3
       ;;gdscript          ; the language you waited for
       ;;(go +lsp)         ; the hipster dialect
       ;;(haskell +dante)  ; a language that's lazier than I am
       ;;hy                ; readability of scheme w/ speed of python
       ;;idris             ; a language you can depend on
       ;;json              ; At least it ain't XML
       ;;(java +meghanada) ; the poster child for carpal tunnel syndrome
       ;;javascript        ; all(hope(abandon(ye(who(enter(here))))))
       ;;julia             ; a better, faster MATLAB
       ;;kotlin            ; a better, slicker Java(Script)
       ;;latex             ; writing papers in Emacs has never been so fun
       ;;lean              ; for folks with too much to prove
       ;;ledger            ; be audit you can be
       ;;lua               ; one-based indices? one-based indices
       markdown            ; writing docs for people to ignore
       ;;nim               ; python + lisp at the speed of c
       nix                 ; I hereby declare "nix geht mehr!"
       ;;ocaml             ; an objective camel
       (org +roam2)        ; organize your plain life in plain text
       ;;php               ; perl's insecure younger brother
       ;;plantuml          ; diagrams for confusing people more
       ;;purescript        ; javascript, but functional
       ;;python            ; beautiful is better than ugly
       ;;qt                ; the 'cutest' gui framework ever
       ;;racket            ; a DSL for DSLs
       ;;raku              ; the artist formerly known as perl6
       ;;rest              ; Emacs as a REST client
       ;;rst               ; ReST in peace
       ;;(ruby +rails)     ; 1.step {|i| p "Ruby is #{i.even? ? 'love' : 'life'}"}
       ;;rust              ; Fe2O3.unwrap().unwrap().unwrap().unwrap()
       ;;scala             ; java, but good
       ;;(scheme +guile)   ; a fully conniving family of lisps
       sh                ; she sells {ba,z,fi}sh shells on the C xor
       ;;sml
       ;;solidity          ; do you need a blockchain? No.
       ;;swift             ; who asked for emoji variables?
       ;;terra             ; Earth and Moon in alignment for performance.
       ;;web               ; the tubes
       ;;yaml              ; JSON, but readable
       ;;zig               ; C, but simpler
       :email
       ;;(mu4e +gmail)
       ;;notmuch
       ;;(wanderlust +gmail)
       :app
       ;;calendar
       ;;emms
       ;;everywhere        ; *leave* Emacs!? You must be joking
       ;;irc               ; how neckbeards socialize
       ;;(rss +org)        ; emacs as an RSS reader
       ;;twitter           ; twitter client https://twitter.com/vnought
       :config
       ;;literate
       (default +bindings +smartparens))
--- a/homes/palo/doom.d/packages.el
+++ b/homes/palo/doom.d/packages.el
--- a/homes/palo/git.nix
+++ b/homes/palo/git.nix
@ -10,16 +10,24 @@ with pkgs;
      key = "42AC51C9482D0834CF488AF1389EC2D64AC71EAC";
      signByDefault = true;
    };
-    ignores = [ "*.swp" "*~" ".idea" ".*penis.*" "result" ".envrc" ".direnv" ];
+    ignores = [
      "*.swp"
      "*~"
      ".idea"
      ".*penis.*"
      "result"
      ".envrc"
      ".direnv"
    ];
    extraConfig = {
      init.defaultBranch = "main";
      pull.ff = "only";
      push.autoSetupRemote = true;
    };
    #diff-so-fancy.enable = true;
    difftastic.enable = true;
  };
  home.packages = [
    pre-commit
    gita
--- a/homes/palo/gpg.nix
+++ b/homes/palo/gpg.nix
@ -12,8 +12,7 @@
      keyserver = "keyserver.ubuntu.com";
      personal-digest-preferences = "SHA512";
      cert-digest-algo = "SHA512";
-      default-preference-list =
+      default-preference-list = "SHA512 SHA384 SHA256 SHA224 AES256 AES192 AES CAST5 ZLIB BZIP2 ZIP Uncompressed";
        "SHA512 SHA384 SHA256 SHA224 AES256 AES192 AES CAST5 ZLIB BZIP2 ZIP Uncompressed";
    };
  };
--- a/homes/palo/gui/alacritty.nix
+++ b/homes/palo/gui/alacritty.nix
@ -1,4 +1,9 @@
-{ pkgs, lib, config, ... }:
+{
  pkgs,
  lib,
  config,
  ...
 }:
 with lib;
 {
--- a/homes/palo/gui/kitty.nix
+++ b/homes/palo/gui/kitty.nix
@ -1,4 +1,9 @@
-{ lib, pkgs, config, ... }:
+{
  lib,
  pkgs,
  config,
  ...
 }:
 with lib;
 {
@ -31,6 +36,5 @@ with lib;
      };
    };
  };
 }
--- a/homes/palo/hyperland.nix
+++ b/homes/palo/hyperland.nix
@ -1,161 +0,0 @@
 { pkgs, ... }:
 {
  home.file.".config/hypr/hyperland.conf".text = ''
    autogenerated = 1 # remove this line to remove the warning
    # See https://wiki.hyprland.org/Configuring/Monitors/
    monitor=,preferred,auto,auto
    # Some default env vars.
    env = XCURSOR_SIZE,24
    # For all categories, see https://wiki.hyprland.org/Configuring/Variables/
    input {
        kb_layout = us
        kb_variant =
        kb_model =
        kb_options =
        kb_rules =
        follow_mouse = 1
        touchpad {
            natural_scroll = no
        }
        sensitivity = 0 # -1.0 - 1.0, 0 means no modification.
    }
    general {
        # See https://wiki.hyprland.org/Configuring/Variables/ for more
        gaps_in = 5
        gaps_out = 20
        border_size = 2
        col.active_border = rgba(33ccffee) rgba(00ff99ee) 45deg
        col.inactive_border = rgba(595959aa)
        layout = dwindle
        # Please see https://wiki.hyprland.org/Configuring/Tearing/ before you turn this on
        allow_tearing = false
    }
    decoration {
        # See https://wiki.hyprland.org/Configuring/Variables/ for more
        rounding = 10
        blur {
            enabled = true
            size = 3
            passes = 1
        }
        drop_shadow = yes
        shadow_range = 4
        shadow_render_power = 3
        col.shadow = rgba(1a1a1aee)
    }
    animations {
        enabled = yes
        # Some default animations, see https://wiki.hyprland.org/Configuring/Animations/ for more
        bezier = myBezier, 0.05, 0.9, 0.1, 1.05
        animation = windows, 1, 7, myBezier
        animation = windowsOut, 1, 7, default, popin 80%
        animation = border, 1, 10, default
        animation = borderangle, 1, 8, default
        animation = fade, 1, 7, default
        animation = workspaces, 1, 6, default
    }
    dwindle {
        # See https://wiki.hyprland.org/Configuring/Dwindle-Layout/ for more
        pseudotile = yes # master switch for pseudotiling. Enabling is bound to mainMod + P in the keybinds section below
        preserve_split = yes # you probably want this
    }
    master {
        # See https://wiki.hyprland.org/Configuring/Master-Layout/ for more
        new_is_master = true
    }
    gestures {
        # See https://wiki.hyprland.org/Configuring/Variables/ for more
        workspace_swipe = off
    }
    misc {
        # See https://wiki.hyprland.org/Configuring/Variables/ for more
        force_default_wallpaper = -1 # Set to 0 to disable the anime mascot wallpapers
    }
    # Example per-device config
    # See https://wiki.hyprland.org/Configuring/Keywords/#executing for more
    device:epic-mouse-v1 {
        sensitivity = -0.5
    }
    # See https://wiki.hyprland.org/Configuring/Keywords/ for more
    $mainMod = SUPER
    # Example binds, see https://wiki.hyprland.org/Configuring/Binds/ for more
    bind = $mainMod, enter, exec, alacritty
    bind = $mainMod, C, killactive,
    bind = $mainMod, Q, exit,
    bind = $mainMod, E, exec, dolphin
    bind = $mainMod, V, togglefloating,
    bind = $mainMod, R, exec, wofi --show drun
    bind = $mainMod, P, pseudo, # dwindle
    bind = $mainMod, J, togglesplit, # dwindle
    # Move focus with mainMod + arrow keys
    bind = $mainMod, left, movefocus, l
    bind = $mainMod, right, movefocus, r
    bind = $mainMod, up, movefocus, u
    bind = $mainMod, down, movefocus, d
    # Switch workspaces with mainMod + [0-9]
    bind = $mainMod, 1, workspace, 1
    bind = $mainMod, 2, workspace, 2
    bind = $mainMod, 3, workspace, 3
    bind = $mainMod, 4, workspace, 4
    bind = $mainMod, 5, workspace, 5
    bind = $mainMod, 6, workspace, 6
    bind = $mainMod, 7, workspace, 7
    bind = $mainMod, 8, workspace, 8
    bind = $mainMod, 9, workspace, 9
    bind = $mainMod, 0, workspace, 10
    # Move active window to a workspace with mainMod + SHIFT + [0-9]
    bind = $mainMod SHIFT, 1, movetoworkspace, 1
    bind = $mainMod SHIFT, 2, movetoworkspace, 2
    bind = $mainMod SHIFT, 3, movetoworkspace, 3
    bind = $mainMod SHIFT, 4, movetoworkspace, 4
    bind = $mainMod SHIFT, 5, movetoworkspace, 5
    bind = $mainMod SHIFT, 6, movetoworkspace, 6
    bind = $mainMod SHIFT, 7, movetoworkspace, 7
    bind = $mainMod SHIFT, 8, movetoworkspace, 8
    bind = $mainMod SHIFT, 9, movetoworkspace, 9
    bind = $mainMod SHIFT, 0, movetoworkspace, 10
    # Example special workspace (scratchpad)
    bind = $mainMod, S, togglespecialworkspace, magic
    bind = $mainMod SHIFT, S, movetoworkspace, special:magic
    # Scroll through existing workspaces with mainMod + scroll
    bind = $mainMod, mouse_down, workspace, e+1
    bind = $mainMod, mouse_up, workspace, e-1
    # Move/resize windows with mainMod + LMB/RMB and dragging
    bindm = $mainMod, mouse:272, movewindow
    bindm = $mainMod, mouse:273, resizewindow
  '';
 }
--- a/homes/palo/i3.nix
+++ b/homes/palo/i3.nix
@ -1,8 +1,20 @@
-{ config, lib, pkgs, osConfig, ... }:
+{
  config,
  lib,
  pkgs,
  osConfig,
  ...
 }:
 with lib;
 let
-  rofi = pkgs.rofi.override { plugins = [ pkgs.rofi-emoji pkgs.rofi-calc pkgs.xdotool ]; };
+  rofi = pkgs.rofi.override {
    plugins = [
      pkgs.rofi-emoji
      pkgs.rofi-calc
      pkgs.xdotool
    ];
  };
  backgroundCommand = pkgs.writers.writeDash "background" ''
    ${pkgs.xorg.xrandr}/bin/xrandr | grep " connected" | grep "primary" | \
@ -43,14 +55,15 @@ in
        pkgs.autorandr
        pkgs.polygon-art.polygon-art
        pkgs.xdotool # needed for rofi-emoji
        pkgs.xclicker # makes stuff much easier
      ];
    programs.i3status-rust = {
      enable = true;
      bars = {
        my = {
-          icons = "awesome5";
+          icons = "material-nf"; # nerd fonts (influenced by stylix.font settings)
-          theme = "gruvbox-light";
+          theme = "gruvbox-light"; # not configured by stylix yet.
          # https://github.com/greshake/i3status-rust/blob/v0.22.0/doc/blocks.md
          blocks = [
            {
@ -140,21 +153,25 @@ in
          focus = {
            followMouse = true;
          };
-          colors.focused =
+          colors.focused = with config.lib.stylix.colors.withHashtag; {
-            with config.lib.stylix.colors.withHashtag;
+            # stylix color overrides
            border = lib.mkForce base08;
            background = lib.mkForce base0A;
            text = lib.mkForce base00;
          };
          startup = [
            #{ command = "${pkgs.jellyfin-mpv-shim}/bin/jellyfin-mpv-shim"; always = true; }
            {
-              # stylix color overrides
+              command = "${pkgs.networkmanagerapplet}/bin/nm-applet --indicator";
-              border = lib.mkForce base08;
+              always = true;
-              background = lib.mkForce base0A;
+            }
-              text = lib.mkForce base00;
+            {
-            };
+              command = toString backgroundCommand;
-          startup =
+              always = true;
-            [
+            }
-              #{ command = "${pkgs.jellyfin-mpv-shim}/bin/jellyfin-mpv-shim"; always = false; }
+            {
-              { command = "${pkgs.networkmanagerapplet}/bin/nm-applet --indicator"; always = true; }
+              command = toString (
-              { command = toString backgroundCommand; always = true; }
+                pkgs.writers.writeDash "xsettings" ''
              {
                command = toString (pkgs.writers.writeDash "xsettings" ''
                  # to allow sudo commands to access X
                  ${pkgs.xorg.xhost}/bin/xhost +
                  # no shitty pcspkr crap
@ -162,13 +179,15 @@ in
                  # no sleeping monitor
                  ${pkgs.xorg.xset}/bin/xset -dpms
                  ${pkgs.xorg.xset}/bin/xset s off
-                '');
+                ''
-                always = true;
+              );
-              }
+              always = true;
-            ];
+            }
          ];
          bars = [
-            (config.lib.stylix.i3.bar //
+            (
-              {
+              config.lib.stylix.i3.bar
              // {
                #mode = "hide";
                hiddenState = "hide";
                position = "top";
@ -188,6 +207,16 @@ in
            in
            {
              "Print" = "exec ${pkgs.flameshot}/bin/flameshot gui -c -p /share/";
              # --- Brightness controls --- #
              "XF86MonBrightnessUp" = "exec --no-startup-id ${pkgs.brightnessctl}/bin/brightnessctl set +5%";
              "XF86MonBrightnessDown" = "exec --no-startup-id ${pkgs.brightnessctl}/bin/brightnessctl set 5%-";
              # --- Pulse/Pipewire Audio controls --- #
              "XF86AudioRaiseVolume" = "exec --no-startup-id ${pkgs.pulseaudio}/bin/pactl set-sink-volume @DEFAULT_SINK@ +5%";
              "XF86AudioLowerVolume" = "exec --no-startup-id ${pkgs.pulseaudio}/bin/pactl set-sink-volume @DEFAULT_SINK@ -5%";
              "XF86AudioMute" = "exec --no-startup-id ${pkgs.pulseaudio}/bin/pactl set-sink-mute @DEFAULT_SINK@ toggle";
              "${modifier}+Return" = "exec ${cfg.config.terminal}";
              "${modifier}+Shift+q" = "exit";
              "${modifier}+q" = "kill";
--- a/homes/palo/packages/development.nix
+++ b/homes/palo/packages/development.nix
@ -1,4 +1,9 @@
-{ pkgs, lib, config, ... }:
+{
  pkgs,
  lib,
  config,
  ...
 }:
 with pkgs;
 with lib;
 {
@ -29,15 +34,18 @@ with lib;
        jetbrains.pycharm-professional
        # planing
-        ((ganttproject-bin.override {
+        (
-          jre = pkgs.openjdk11;
+          (ganttproject-bin.override {
-        }).overrideAttrs (old: {
+            jre = pkgs.openjdk11;
-          version = "3.1.3100";
+          }).overrideAttrs
-          src = pkgs.fetchzip {
+          (old: {
-            url = "https://dl.ganttproject.biz/ganttproject-3.1.3100/ganttproject-3.1.3100.zip";
+            version = "3.1.3100";
-            sha256 = "sha256-hw2paak0P670/kemiuqYHIaN0uUtkVKy+AX2X7OdnJ4=";
+            src = pkgs.fetchzip {
-          };
+              url = "https://dl.ganttproject.biz/ganttproject-3.1.3100/ganttproject-3.1.3100.zip";
-        }))
+              sha256 = "sha256-hw2paak0P670/kemiuqYHIaN0uUtkVKy+AX2X7OdnJ4=";
            };
          })
        )
        # Pkl
        # ---
@ -79,7 +87,7 @@ with lib;
        termtosvg
        #surrealist
-        surrealdb
+        #surrealdb # fixme: not working because of rust update or something
        boxes
@ -101,7 +109,8 @@ with lib;
    {
      home.packages =
        let
-          pandocScript = { inputFormat, outputFormat }:
+          pandocScript =
            { inputFormat, outputFormat }:
            pkgs.writers.writeDashBin "pandoc-from-${inputFormat}-to-${outputFormat}" ''
              ${pkgs.pandoc}/bin/pandoc \
                --from ${inputFormat} \
@ -135,10 +144,26 @@ with lib;
            ${pkgs.less}/bin/less
          '')
-        ] ++ (map pandocScript (lib.cartesianProduct {
+        ]
-          inputFormat = [ "man" "markdown" "mediawiki" "asciidoc" ];
+        ++ (map pandocScript (
-          outputFormat = [ "mediawiki" "docbook5" "html5" "man" "jira" "markdown" "asciidoc" ];
+          lib.cartesianProduct {
-        }));
+            inputFormat = [
              "man"
              "markdown"
              "mediawiki"
              "asciidoc"
            ];
            outputFormat = [
              "mediawiki"
              "docbook5"
              "html5"
              "man"
              "jira"
              "markdown"
              "asciidoc"
            ];
          }
        ));
    }
  ];
--- a/homes/palo/packages/graphics.nix
+++ b/homes/palo/packages/graphics.nix
@ -1,4 +1,9 @@
-{ config, lib, pkgs, ... }:
+{
  config,
  lib,
  pkgs,
  ...
 }:
 with pkgs;
 with lib;
 {
@ -11,7 +16,6 @@ with lib;
      gimp
      inkscape
      imagemagick
      nsxiv
      blender
      lightburn
      colorpicker
@ -23,6 +27,9 @@ with lib;
      qrencode
      xclicker
      xdotool
    ];
  };
--- a/homes/palo/packages/logseq.nix
+++ b/homes/palo/packages/logseq.nix
@ -1,4 +1,9 @@
-{ config, lib, pkgs, ... }:
+{
  config,
  lib,
  pkgs,
  ...
 }:
 with pkgs;
 with lib;
 {
--- a/homes/palo/packages/media.nix
+++ b/homes/palo/packages/media.nix
@ -1,5 +1,9 @@
-{ pkgs, lib, config, ... }:
+{
-with pkgs;
+  pkgs,
  lib,
  config,
  ...
 }:
 with lib;
 {
@ -7,25 +11,21 @@ with lib;
    (mkIf config.gui.enable {
      home.packages = [
-        freetube
+        pkgs.freetube
-        vlc
+        pkgs.vlc
        # music editors
        # =============
-        picard # musicbrainz editor
+        pkgs.picard # musicbrainz editor
-        #kid3-qt # id3 tag editor
+        pkgs.easytag
-        easytag
+        pkgs.dconf
-        dconf
+
        pkgs.jellyfin-mpv-shim
      ];
    })
    {
-      home.packages = [
+      home.packages = [ ];
        # music editors
        # =============
        kid3-cli
      ];
    }
  ];
 }
--- a/homes/palo/packages/nextcloud.nix
+++ b/homes/palo/packages/nextcloud.nix
@ -1,10 +1,16 @@
-{ config, lib, pkgs, ... }:
+{
  config,
  lib,
  pkgs,
  ...
 }:
 with pkgs;
 with lib;
 let
  nextcloud-client = pkgs.legacy_2311.nextcloud-client;
-  nextcloudSync = folder:
+  nextcloudSync =
    folder:
    let
      password = "$( ${pkgs.pass}/bin/pass show home/nextcloud/palo/nextcloudcmd-token )";
      user = "palo";
@ -16,19 +22,18 @@ let
        "https://${user}:${password}@nextcloud.ingolf-wagner.de"
    '';
-  borrow = pkgs.writers.writeDashBin "borrow"
+  borrow = pkgs.writers.writeDashBin "borrow" ''
-    ''
+    ${getExe hledger-ui} \
-      ${getExe hledger-ui} \
+      --all \
-        --all \
+      --theme=terminal \
-        --theme=terminal \
+      --file ~/Nextcloud/Unterlagen/.hledger-borrow "$@"
        --file ~/Nextcloud/Unterlagen/.hledger-borrow "$@"
-      ${getExe gum} confirm \
+    ${getExe gum} confirm \
-          --affirmative="update" \
+        --affirmative="update" \
-          --negative="skip" \
+        --negative="skip" \
-          --default=false \
+        --default=false \
-          "Syncronize with Nextcloud?" && ${getExe(nextcloudSync "Unterlagen")}
+        "Syncronize with Nextcloud?" && ${getExe (nextcloudSync "Unterlagen")}
-    '';
+  '';
 in
 {
--- a/homes/palo/packages/packages.nix
+++ b/homes/palo/packages/packages.nix
@ -1,4 +1,9 @@
-{ config, lib, pkgs, ... }:
+{
  config,
  lib,
  pkgs,
  ...
 }:
 with pkgs;
 with lib;
 {
@ -8,7 +13,6 @@ with lib;
    # ¯\_(ツ)_/¯
    home.packages = [
      nixos-shell
      # bluetooth gui
--- a/homes/palo/packages/social.nix
+++ b/homes/palo/packages/social.nix
@ -1,4 +1,9 @@
-{ config, lib, pkgs, ... }:
+{
  config,
  lib,
  pkgs,
  ...
 }:
 with pkgs;
 with lib;
 {
--- a/homes/palo/ssh.nix
+++ b/homes/palo/ssh.nix
@ -1,4 +1,9 @@
-{ pkgs, lib, config, ... }:
+{
  pkgs,
  lib,
  config,
  ...
 }:
 {
  home.packages = [ pkgs.sshuttle ];
--- a/homes/palo/taskwarrior.nix
+++ b/homes/palo/taskwarrior.nix
@ -1,99 +1,131 @@
-{ config, pkgs, lib, ... }:
+{
  config,
  pkgs,
  lib,
  ...
 }:
 with lib;
 with types;
 let
-  mkMagicMergeOption = { description ? "", example ? { }, default ? { }, apply ? id, ... }:
+  mkMagicMergeOption =
    {
      description ? "",
      example ? { },
      default ? { },
      apply ? id,
      ...
    }:
    mkOption {
-      inherit example description default apply;
+      inherit
-      type = with lib.types;
+        example
        description
        default
        apply
        ;
      type =
        with lib.types;
        let
-          valueType = nullOr
+          valueType =
-            (oneOf [
+            nullOr (oneOf [
              bool
              int
              float
              str
              (attrsOf valueType)
              (listOf valueType)
-            ]) // {
+            ])
-            description = "bool, int, float or str";
+            // {
-            emptyValue.value = { };
+              description = "bool, int, float or str";
-          };
+              emptyValue.value = { };
            };
        in
        valueType;
    };
  #taskwarrior-tui = pkgs.legacy_2311.taskwarrior-tui;
  taskwarrior-tui = pkgs.taskwarrior-tui;
-  taskwarrior-tui = pkgs.legacy_2311.taskwarrior-tui;
+  taskwarrior = pkgs.taskwarrior3;
 in
 {
  # bugwarrior (a bit fiddly)
-  imports = [{
+  imports = [
    {
-    options.bugwarrior.config = mkMagicMergeOption {
+      options.bugwarrior.config = mkMagicMergeOption {
-      type = attrs;
+        type = attrs;
-      default = { };
+        default = { };
-    };
+      };
-    config = {
+      config = mkIf config.gui.enable {
-      home.file.".config/bugwarrior/bugwarrior.toml".source = (pkgs.formats.toml { }).generate "bugwarriorrc.toml" config.bugwarrior.config;
+        home.file.".config/bugwarrior/bugwarrior.toml".source =
-      # todo : before deleting this, put it in logseq
+          (pkgs.formats.toml { }).generate "bugwarriorrc.toml"
            (
              {
                general.taskrc = pkgs.writeText "taskrc" "data.location=$HOME/.bugwarrior";
              }
              // config.bugwarrior.config
            );
        home.packages = [
          pkgs.bugwarrior
          #export TASKRC=$HOME/.bugwarrior/${pkgs.writeText "bugwarrior.taskrc" "data.location=$HOME/.bugwarrior"}
          (pkgs.writers.writeBashBin "bugwarrior-sync" ''
            set -eo pipefail
-      home.packages = [
+            mkdir -p $HOME/.bugwarrior
-        (pkgs.legacy_2311.python3Packages.bugwarrior.overrideAttrs (old: {
+            touch $HOME/.bugwarrior/taskrc
          version = "develop";
          src = pkgs.fetchFromGitHub {
            owner = "ralphbean";
            repo = "bugwarrior";
            rev = "6554e70c199cc766a2b5e4e4fe22e4e46d64bba1";
            sha256 = "sha256-cKhL8FBH7wxCxXrybVRLfCHQTCxursFqtBDl3e1UUXs=";
          };
          propagatedBuildInputs = old.propagatedBuildInputs ++ [
            pkgs.legacy_2311.python3Packages.pydantic
            pkgs.legacy_2311.python3Packages.tomli
            pkgs.legacy_2311.python3Packages.email-validator
            pkgs.legacy_2311.python3Packages.packaging
          ];
        }))
      ];
    };
-  }];
+            export TASKRC=$HOME/.bugwarrior/taskrc
            export TASKDATA=$HOME/.bugwarrior
            echo "bugwarrior pull" | ${pkgs.boxes}/bin/boxes -d ansi
            ${pkgs.bugwarrior}/bin/bugwarrior pull "$@"
            echo "task export" | ${pkgs.boxes}/bin/boxes -d ansi
            ${pkgs.taskwarrior}/bin/task export > $HOME/.bugwarrior/bugwarrior.json
            unset TASKRC
            unset TASKDATA
            echo "task import" | ${pkgs.boxes}/bin/boxes -d ansi
            ${taskwarrior}/bin/task import rc.hooks=0 $HOME/.bugwarrior/bugwarrior.json
          '')
        ];
      };
    }
  ];
  config = mkIf config.gui.enable {
-    home.packages = with pkgs;
+    home.packages = [
      [
-        taskwarrior
+      pkgs.timewarrior
        taskwarrior-tui
-        timewarrior
+      taskwarrior
-        tasksh
+      pkgs.tasksh
-        taskwarrior-hooks
+      pkgs.taskwarrior-hooks
-        (pkgs.writeShellScriptBin "tsak" ''${pkgs.taskwarrior}/bin/task "$@"'')
+      (pkgs.writeShellScriptBin "tsak" ''${taskwarrior}/bin/task "$@"'')
-        vit
+      pkgs.vit
-        (pkgs.writers.writeBashBin "active" "${taskwarrior-tui}/bin/taskwarrior-tui -r active")
+      taskwarrior-tui
-        (pkgs.writers.writeBashBin "todo" "${taskwarrior-tui}/bin/taskwarrior-tui -r todo")
+      (pkgs.writers.writeBashBin "active" "${taskwarrior-tui}/bin/taskwarrior-tui -r active")
      (pkgs.writers.writeBashBin "todo" "${taskwarrior-tui}/bin/taskwarrior-tui -r todo")
-        (pkgs.writers.writeBashBin "calendar" ''
+      (pkgs.writers.writeBashBin "calendar" ''
-          ${pkgs.taskwarrior}/bin/task calendar
+        ${taskwarrior}/bin/task calendar
-          ${pkgs.taskwarrior}/bin/task calendar_report
+        ${taskwarrior}/bin/task calendar_report
-        '')
+      '')
-        # todo : belongs to calendar.nix
+      # todo : belongs to calendar.nix
-        vdirsyncer
+      pkgs.vdirsyncer
-        khal
+      pkgs.khal
-        (pkgs.writers.writeBashBin "kalendar" ''
+      (pkgs.writers.writeBashBin "kalendar" ''
-          ${pkgs.vdirsyncer}/bin/vdirsyncer sync
+        ${pkgs.vdirsyncer}/bin/vdirsyncer sync
-          ${pkgs.khal}/bin/ikhal
+        ${pkgs.khal}/bin/ikhal
-        '')
+      '')
-      ];
+    ];
  };
--- a/homes/root/default.nix
+++ b/homes/root/default.nix
@ -2,6 +2,7 @@
  imports = [
    ../common
  ];
  gui.enable = false;
  home.stateVersion = "22.11";
--- a/homes/tina/logseq.nix
+++ b/homes/tina/logseq.nix
@ -1,4 +1,9 @@
-{ config, lib, pkgs, ... }:
+{
  config,
  lib,
  pkgs,
  ...
 }:
 with pkgs;
 with lib;
 {
@ -6,13 +11,17 @@ with lib;
    home.packages = [
      logseq
    ];
-    home.file.".config/Logseq/Preferences".source = (pkgs.formats.json { }).generate "LogseqPreferences.json"
+    home.file.".config/Logseq/Preferences".source =
-      {
+      (pkgs.formats.json { }).generate "LogseqPreferences.json"
-        spellcheck = {
+        {
-          dictionaries = [ "en-US" "de-DE" ];
+          spellcheck = {
-          dictionary = "";
+            dictionaries = [
              "en-US"
              "de-DE"
            ];
            dictionary = "";
          };
        };
      };
  };
 }
--- a/Show more
+++ b/Show more
Author	SHA1	Message	Date
Ingolf Wagner	2f769675fd	📝 add a comment Some checks failed Build all NixOS Configurations / nix build (push) Failing after 1h58m53s Details	2024-09-17 08:44:54 +07:00
Ingolf Wagner	a5a36ce5c8	✨ Add Volume Commands to i3 Some checks are pending Build all NixOS Configurations / nix build (push) Waiting to run Details	2024-09-17 07:40:53 +07:00
Ingolf Wagner	eea3ddf0cf	♻️ minor refactoring All checks were successful Build all NixOS Configurations / nix build (push) Successful in 12m31s Details	2024-09-16 08:58:27 +07:00
Ingolf Wagner	62315ee2c2	📝 update module documentation Some checks failed Build all NixOS Configurations / nix build (push) Has been cancelled Details	2024-09-16 08:53:03 +07:00
Ingolf Wagner	e43f4514bc	✨ create verify.http options All checks were successful Build all NixOS Configurations / nix build (push) Successful in 12m40s Details	2024-09-16 07:06:03 +07:00
Ingolf Wagner	c584bb39ce	✨ add service-taskchampion verify test All checks were successful Build all NixOS Configurations / nix build (push) Successful in 12m17s Details	2024-09-16 06:36:08 +07:00
Forgejo Action :robot	e62d841524	⬆️ nix flake update	2024-09-15 08:43:38 +02:00
Ingolf Wagner	d0a34454d4	✅ add some more smoke tests. Some checks failed Build all NixOS Configurations / nix build (push) Failing after 3h2m38s Details	2024-09-15 09:11:25 +07:00
Ingolf Wagner	743a9fc885	✅ add some smoke tests. Some checks failed Build all NixOS Configurations / nix build (push) Has been cancelled Details	2024-09-15 07:22:02 +07:00
Ingolf Wagner	a52e1b39a0	🚚 get rid of modules/default.nix in verify flake module Some checks failed Build all NixOS Configurations / nix build (push) Has been cancelled Details	2024-09-15 07:08:05 +07:00
Ingolf Wagner	614a1d8e37	✨ add local command to verify Some checks failed Build all NixOS Configurations / nix build (push) Has been cancelled Details	2024-09-15 07:04:59 +07:00
Ingolf Wagner	7e8c3d41c9	🚸 improve verify flake Some checks failed Build all NixOS Configurations / nix build (push) Has been cancelled Details	2024-09-15 06:09:53 +07:00
Ingolf Wagner	c264db7f13	📝 add documentation to verify flake module Some checks failed Build all NixOS Configurations / nix build (push) Failing after 12m28s Details	2024-09-15 05:31:47 +07:00
Ingolf Wagner	577003f607	🚑 enable zfs auto snapshots again	2024-09-15 05:29:33 +07:00
Ingolf Wagner	267b8d73a0	⬆️ nix flake update Some checks failed Build all NixOS Configurations / nix build (push) Failing after 30m53s Details	2024-09-15 04:53:32 +07:00
Ingolf Wagner	e5f1729bdc	🔧 enable push.autoSetupRemote	2024-09-15 04:48:47 +07:00
Ingolf Wagner	c53b563565	🔧 disable samba share because it has a new way to configure Some checks failed Build all NixOS Configurations / nix build (push) Failing after 10s Details	2024-09-14 16:49:09 +07:00
Ingolf Wagner	8279af8370	🔧 use photoprism thumb unchached default Some checks failed Build all NixOS Configurations / nix build (push) Failing after 17s Details	2024-09-14 08:52:00 +07:00
Ingolf Wagner	70aba78c06	♻️ refactor samba.extraConfig	2024-09-14 08:51:15 +07:00
Ingolf Wagner	c42e7e669a	✨ add counter to autoclicker script All checks were successful Build all NixOS Configurations / nix build (push) Successful in 11m34s Details	2024-09-14 08:16:28 +07:00
Ingolf Wagner	9afb53585b	✨ add autoclicker script All checks were successful Build all NixOS Configurations / nix build (push) Successful in 13m26s Details	2024-09-14 07:51:31 +07:00
Ingolf Wagner	31d674132b	✨ verify closed ports script kinda works now. All checks were successful Build all NixOS Configurations / nix build (push) Successful in 13m25s Details	2024-09-14 07:09:41 +07:00
Ingolf Wagner	4c1a3ef72f	♻️ refactor the options interface	2024-09-14 06:02:32 +07:00
Ingolf Wagner	f49730a0a9	🚚 renaming All checks were successful Build all NixOS Configurations / nix build (push) Successful in 11m42s Details	2024-09-13 14:36:17 +07:00
Ingolf Wagner	7ef34db19b	🚧 poc of rustscan script generator Some checks failed Build all NixOS Configurations / nix build (push) Has been cancelled Details	2024-09-13 14:32:10 +07:00
Ingolf Wagner	e795a3bed9	🚑 don't use nextcloud deck for now, because of https://github.com/GothenburgBitFactory/bugwarrior/issues/1062 All checks were successful Build all NixOS Configurations / nix build (push) Successful in 11m20s Details	2024-09-13 11:37:46 +07:00
Forgejo Action :robot	a6284e6509	⬆️ nix flake update	2024-09-11 08:40:48 +02:00
Ingolf Wagner	1d044521e8	🚧 use nextcloud deck with bugwarrior All checks were successful Build all NixOS Configurations / nix build (push) Successful in 13m24s Details	2024-09-11 10:36:15 +07:00
Ingolf Wagner	84a6dd2c8f	🔧 cache.orbi.wg0: 10 -> 50	2024-09-11 10:36:14 +07:00
Forgejo Action :robot	abe153cdce	⬆️ nix flake update	2024-09-08 08:41:53 +02:00
Ingolf Wagner	488a63db26	🚧 taskwarrior-webui as podman container but not working as expected All checks were successful Build all NixOS Configurations / nix build (push) Successful in 11m34s Details	2024-09-08 11:29:49 +07:00
Ingolf Wagner	3a72b901b3	🔧 brightness configuration	2024-09-08 11:29:48 +07:00
Ingolf Wagner	347acf7e6e	🚧 working on taskwarrior-webui It can't use wireguard to access stuff, so we will put it on orbi behind an nginx	2024-09-08 11:29:47 +07:00
Ingolf Wagner	903e963d05	🚑 hotfix bugwarrior by introducing bugwarrior-sync	2024-09-08 11:29:46 +07:00
Ingolf Wagner	9aa5e1ef09	📦 update bugwarrior package	2024-09-08 11:29:45 +07:00
Forgejo Action :robot	7402e5ad5e	⬆️ nix flake update	2024-09-06 08:43:33 +02:00
Ingolf Wagner	f670c2af5f	🚚 rename services to service on chungus All checks were successful Build all NixOS Configurations / nix build (push) Successful in 12m17s Details	2024-09-05 09:31:08 +07:00
Ingolf Wagner	5655847c08	📦 bump bugwarrior	2024-09-05 09:29:48 +07:00
Ingolf Wagner	7f27ccd07c	🚚 extract bugwarrior to packages	2024-09-05 09:21:16 +07:00
Ingolf Wagner	0e5387dfc0	🔧 remove hyperland from stylix All checks were successful Build all NixOS Configurations / nix build (push) Successful in 11m49s Details	2024-09-04 16:51:59 +07:00
Ingolf Wagner	51e3d8df22	📦 add network packages All checks were successful Build all NixOS Configurations / nix build (push) Successful in 12m13s Details	2024-09-04 16:32:40 +07:00
Ingolf Wagner	ae3a14f5fa	🔧 add jellyfin-mpv-shim All checks were successful Build all NixOS Configurations / nix build (push) Successful in 11m32s Details	2024-09-04 07:57:18 +07:00
Ingolf Wagner	394790bf0e	💄 nix fmt All checks were successful Build all NixOS Configurations / nix build (push) Successful in 16m37s Details	2024-09-03 18:21:26 +07:00
Ingolf Wagner	e619cc2dab	🔧 migrate to taskwarrior 3 Some checks failed Build all NixOS Configurations / nix build (push) Has been cancelled Details	2024-09-03 18:20:29 +07:00
Ingolf Wagner	c03727fd80	🔥 delete emacs	2024-09-03 18:19:24 +07:00
Ingolf Wagner	485cdfe116	✨ add etags All checks were successful Build all NixOS Configurations / nix build (push) Successful in 9m34s Details	2024-09-01 21:23:00 +07:00
Ingolf Wagner	ad35b322c5	🐛 fix insecure packages error All checks were successful Build all NixOS Configurations / nix build (push) Successful in 12m34s Details	2024-09-01 19:32:28 +07:00
Ingolf Wagner	96c388bbac	🔧 add some topology information All checks were successful Build all NixOS Configurations / nix build (push) Successful in 10m34s Details	2024-08-31 23:29:18 +07:00
Forgejo Action :robot	229eff0d63	⬆️ nix flake update	2024-08-31 08:45:44 +02:00
Ingolf Wagner	8da0bbc3ef	🔧 add some topology information All checks were successful Build all NixOS Configurations / nix build (push) Successful in 19m3s Details	2024-08-31 08:33:28 +07:00
Forgejo Action :robot	3833b870dd	⬆️ nix flake update	2024-08-30 14:41:05 +02:00
Ingolf Wagner	1564bd8d72	🔧 add some topology information All checks were successful Build all NixOS Configurations / nix build (push) Successful in 12m0s Details	2024-08-30 17:34:57 +07:00
Ingolf Wagner	55c2e14337	🔧 configure nsxiv	2024-08-30 16:32:00 +07:00
Ingolf Wagner	ee13d7fa82	✨ add nix run .#topology All checks were successful Build all NixOS Configurations / nix build (push) Successful in 11m11s Details	2024-08-30 14:18:51 +07:00
Forgejo Action :robot	2f3a6ba574	⬆️ nix flake update	2024-08-30 08:42:09 +02:00
Ingolf Wagner	f7ac29e2fa	➕ add nix-topology All checks were successful Build all NixOS Configurations / nix build (push) Successful in 11m5s Details	2024-08-30 08:50:04 +07:00
Ingolf Wagner	71f9225dc6	♻️ refactored flake.nix inputs to easily sort them	2024-08-30 08:50:03 +07:00
Ingolf Wagner	aed3dbd602	🚚 private_assets -> private-parts All checks were successful Build all NixOS Configurations / nix build (push) Successful in 10m30s Details	2024-08-30 07:31:06 +07:00
Ingolf Wagner	d1c9241245	♻️ move pkgs to nix/packages	2024-08-30 07:31:05 +07:00
Ingolf Wagner	db2187a2e7	♻️ migrated pkgs to flake-parts	2024-08-30 07:31:05 +07:00
Forgejo Action :robot	09d8f33a01	⬆️ nix flake update	2024-08-29 20:49:24 +02:00
Ingolf Wagner	0f42a99288	🎨 nix fmt All checks were successful Build all NixOS Configurations / nix build (push) Successful in 10m49s Details	2024-08-29 13:22:51 +07:00
Ingolf Wagner	32e0eacffa	🔧 update formatter.nix	2024-08-29 13:22:29 +07:00
Ingolf Wagner	7a6510a4e6	nix fmt Some checks are pending Build all NixOS Configurations / nix build (push) Waiting to run Details	2024-08-29 08:26:04 +07:00
Ingolf Wagner	200063fcb1	introduce treefmt-nix	2024-08-29 08:25:41 +07:00
Ingolf Wagner	2bc86a4912	improve syncthing.nix All checks were successful Build all NixOS Configurations / nix build (push) Successful in 10m11s Details	2024-08-29 08:06:27 +07:00
Forgejo Action :robot	4c647291bc	⬆️ nix flake update	2024-08-28 08:42:30 +02:00
Ingolf Wagner	2758c873bb	made oh-my-posh look nice All checks were successful Build all NixOS Configurations / nix build (push) Successful in 11m27s Details	2024-08-28 09:47:09 +07:00
Ingolf Wagner	a48aa680a4	clean up private_assets All checks were successful Build all NixOS Configurations / nix build (push) Successful in 11m10s Details	2024-08-28 06:02:37 +07:00
Ingolf Wagner	581d41238c	fix timezone	2024-08-28 06:01:56 +07:00
Ingolf Wagner	4489b24659	fix timezones Some checks failed Build all NixOS Configurations / nix build (push) Failing after 3m25s Details	2024-08-28 05:37:18 +07:00
Forgejo Action :robot	167875c1fc	⬆️ nix flake update	2024-08-27 21:06:57 +02:00
Ingolf Wagner	c4bd159888	configure photoprism All checks were successful Build all NixOS Configurations / nix build (push) Successful in 11m10s Details	2024-08-27 17:03:22 +02:00
Ingolf Wagner	0430d97d24	fix clan core update All checks were successful Build all NixOS Configurations / nix build (push) Successful in 11m16s Details	2024-08-27 15:30:09 +02:00
Ingolf Wagner	ffc8bcafa7	remove sternchen All checks were successful Build all NixOS Configurations / nix build (push) Successful in 11m17s Details	2024-08-27 11:31:25 +02:00
Ingolf Wagner	0209b7ca42	remove overviewer All checks were successful Build all NixOS Configurations / nix build (push) Successful in 11m15s Details	2024-08-27 09:43:40 +02:00
Ingolf Wagner	644705cdb2	no need for clanDir it breaks stuff All checks were successful Build all NixOS Configurations / nix build (push) Successful in 10m0s Details	2024-08-27 09:17:23 +02:00
Ingolf Wagner	ec2a51c514	set clanDir manually Some checks failed Build all NixOS Configurations / nix build (push) Failing after 15s Details	2024-08-27 07:30:02 +02:00
Ingolf Wagner	2e9bf75dab	don't use sternchen anymore All checks were successful Build all NixOS Configurations / nix build (push) Successful in 11m5s Details	2024-08-27 05:17:18 +02:00
Ingolf Wagner	47f717392a	comment photoprism All checks were successful Build all NixOS Configurations / nix build (push) Successful in 15m9s Details	2024-08-26 17:58:19 +02:00
Forgejo Action :robot	d0ff322489	⬆️ nix flake update	2024-08-23 20:44:13 +02:00
Ingolf Wagner	8879a739b6	fix photoprism All checks were successful Build all NixOS Configurations / nix build (push) Successful in 11m55s Details	2024-08-23 17:02:48 +02:00
Forgejo Action :robot	a2a7763b47	⬆️ nix flake update	2024-08-23 09:18:02 +02:00
Ingolf Wagner	bc595a1198	fiddeling with photoprism All checks were successful Build all NixOS Configurations / nix build (push) Successful in 13m34s Details	2024-08-23 07:51:07 +02:00
Ingolf Wagner	b04dd0738b	update All checks were successful Build all NixOS Configurations / nix build (push) Successful in 20m59s Details	2024-08-23 06:40:05 +02:00
Ingolf Wagner	1cdd13956b	update	2024-08-23 06:39:17 +02:00
Ingolf Wagner	e50d61faf4	increase update attempt rate.	2024-08-22 22:14:58 +02:00
Ingolf Wagner	11871fc506	update All checks were successful Build all NixOS Configurations / nix build (push) Successful in 12m8s Details	2024-08-18 13:38:02 +02:00
Ingolf Wagner	8f6fa5939b	fix opengl All checks were successful Build all NixOS Configurations / nix build (push) Successful in 12m3s Details	2024-08-17 19:01:35 +02:00
Ingolf Wagner	ee4d9bcc4f	fix typo	2024-08-17 19:00:59 +02:00
Ingolf Wagner	ac30776e4c	update All checks were successful Build all NixOS Configurations / nix build (push) Successful in 15m25s Details	2024-08-16 23:07:02 +02:00
Forgejo Action :robot	22a49f5599	⬆️ nix flake update	2024-08-15 03:13:29 +02:00
Ingolf Wagner	8cdd63bdcc	fix sternchen All checks were successful Build all NixOS Configurations / nix build (push) Successful in 16m29s Details	2024-08-14 16:57:40 +02:00
Ingolf Wagner	33d716ea6b	vim for everybody as default Some checks failed Build all NixOS Configurations / nix build (push) Failing after 14s Details	2024-08-14 16:43:55 +02:00
Ingolf Wagner	aed8c552ba	update yubikey-image.nix	2024-08-14 11:24:08 +02:00
Ingolf Wagner	96ee5a488e	update Some checks failed Build all NixOS Configurations / nix build (push) Failing after 9s Details	2024-08-13 13:21:55 +02:00
Ingolf Wagner	eec51b58b3	update Some checks failed Build all NixOS Configurations / nix build (push) Failing after 8s Details	2024-08-12 01:42:31 +02:00
Ingolf Wagner	161486b887	fix fonts and oh-my-posh Some checks failed Build all NixOS Configurations / nix build (push) Failing after 6s Details	2024-08-11 21:09:53 +02:00
Ingolf Wagner	29e3213e4b	create virtualisation component. All checks were successful Build all NixOS Configurations / nix build (push) Successful in 15m3s Details	2024-08-11 14:46:03 +02:00
Ingolf Wagner	7e1e13e897	enable virtualbox All checks were successful Build all NixOS Configurations / nix build (push) Successful in 13m59s Details	2024-08-11 11:35:04 +02:00
Forgejo Action :robot	53187fb603	⬆️ nix flake update	2024-08-11 03:03:25 +02:00
Ingolf Wagner	800045c1c5	working on usbstick All checks were successful Build all NixOS Configurations / nix build (push) Successful in 13m3s Details	2024-08-11 00:02:35 +02:00
Ingolf Wagner	77459df69c	Update facts/secrets for service zerotier in machine usbstick	2024-08-11 00:02:34 +02:00
Forgejo Action :robot	7e2c61ad88	⬆️ nix flake update	2024-08-10 02:42:26 +02:00
Ingolf Wagner	50688f4500	use gui on usbstick All checks were successful Build all NixOS Configurations / nix build (push) Successful in 11m22s Details	2024-08-09 16:27:15 +02:00
Ingolf Wagner	4f6924d5d7	give access to wg0 in usbstick All checks were successful Build all NixOS Configurations / nix build (push) Successful in 14m55s Details	2024-08-09 16:07:11 +02:00
Ingolf Wagner	b24094155a	Update facts/secrets for service wireguard_ip in machine usbstick	2024-08-09 15:47:09 +02:00
Ingolf Wagner	1447d96b43	Update facts/secrets for service wireguard in machine usbstick	2024-08-09 15:47:08 +02:00
Ingolf Wagner	848eccb959	made usbstick work again All checks were successful Build all NixOS Configurations / nix build (push) Successful in 10m19s Details	2024-08-09 02:45:22 +02:00
Ingolf Wagner	569d891a7e	Update facts/secrets for service zerotier in machine usbstick	2024-08-09 02:45:21 +02:00
Ingolf Wagner	7a4f203752	Update facts/secrets for service openssh in machine usbstick	2024-08-09 02:45:20 +02:00
Ingolf Wagner	efd451e180	Update facts/secrets for service syncthing in machine usbstick	2024-08-09 02:45:19 +02:00
Ingolf Wagner	3fa5c09a62	make usbsticks work again	2024-08-09 02:45:18 +02:00
Forgejo Action :robot	9cdfeba305	⬆️ nix flake update	2024-08-09 02:40:30 +02:00
Ingolf Wagner	0780abb35d	fix tor unlock for chungus All checks were successful Build all NixOS Configurations / nix build (push) Successful in 10m6s Details	2024-08-08 21:19:42 +02:00
Ingolf Wagner	1b9105f158	initrd.systemd: disable emergency mode All checks were successful Build all NixOS Configurations / nix build (push) Successful in 10m3s Details we disable emergency mode in systemd, but if systemd is enabled during boot we still end up in emergency mode eventually, this will fix that.	2024-08-08 19:47:00 +02:00
Ingolf Wagner	26aaec9101	fixing fail2ban and set up ssh + tor on chungus All checks were successful Build all NixOS Configurations / nix build (push) Successful in 12m39s Details	2024-08-08 19:25:19 +02:00
Ingolf Wagner	cc5d655ef7	cleanup All checks were successful Build all NixOS Configurations / nix build (push) Successful in 11m26s Details	2024-08-08 17:30:08 +02:00
Ingolf Wagner	e471c24d93	cleanup All checks were successful Build all NixOS Configurations / nix build (push) Successful in 10m14s Details	2024-08-08 17:05:09 +02:00
Ingolf Wagner	509f283924	introduced features All checks were successful Build all NixOS Configurations / nix build (push) Successful in 9m31s Details	2024-08-08 16:39:50 +02:00
Ingolf Wagner	40e5456517	delete buildbot All checks were successful Build all NixOS Configurations / nix build (push) Successful in 9m43s Details	2024-08-08 15:59:15 +02:00
Ingolf Wagner	060261dc90	Update facts/secrets for service boot.ssh in machine chungus Some checks failed Build all NixOS Configurations / nix build (push) Has been cancelled Details	2024-08-08 15:48:27 +02:00
Forgejo Action :robot	69bbf19f91	⬆️ nix flake update	2024-08-08 02:57:24 +02:00
Ingolf Wagner	8327f1860d	made tor work All checks were successful Build all NixOS Configurations / nix build (push) Successful in 12m28s Details	2024-08-08 01:12:10 +02:00
Ingolf Wagner	f411567ad6	refactor hardware/hetzner.nix All checks were successful Build all NixOS Configurations / nix build (push) Successful in 9m21s Details	2024-08-08 00:14:52 +02:00
Ingolf Wagner	ca0e7382a3	use cache.orbi.wg0 again All checks were successful Build all NixOS Configurations / nix build (push) Successful in 9m31s Details	2024-08-07 23:08:28 +02:00
Ingolf Wagner	9b7ff29143	refactor All checks were successful Build all NixOS Configurations / nix build (push) Successful in 9m45s Details	2024-08-07 22:03:11 +02:00
Ingolf Wagner	4f6ed530db	Update facts/secrets for service boot.ssh in machine orbi	2024-08-07 21:52:03 +02:00
Ingolf Wagner	2b9062e1f1	refactor	2024-08-07 21:51:43 +02:00
Ingolf Wagner	d5f1ef4af6	extract nixos.boot.ssh and set up probe All checks were successful Build all NixOS Configurations / nix build (push) Successful in 7m44s Details	2024-08-07 21:39:32 +02:00
		`@ -1,4 +0,0 @@`
			`;; configure theme`
			`(setq doom-theme 'doom-solarized-light)`