changes to fix compliance with home server

LICENSE

@@ -1,6 +1,6 @@
 MIT License
 
-Copyright © 2024 canasta
+Copyright © 2025 canasta
 
 Permission is hereby granted, free of charge, to any person obtaining a copy
 of this software and associated documentation files (the “Software”), to deal

flake.lock

@@ -144,11 +144,11 @@
         "rust-overlay": "rust-overlay"
       },
       "locked": {
-        "lastModified": 1751233610,
+        "lastModified": 1751333492,
-        "narHash": "sha256-MEPUIeFkbrva11hEz+epaDFK/Qz4wTU9VMfwqjqEhjE=",
+        "narHash": "sha256-ePQTd+GHFiFK2bxmZm3aiWlhyTwbpasjmc+kuM0nxeg=",
         "owner": "chaotic-cx",
         "repo": "nyx",
-        "rev": "41a000489d5a84e18d22b9dca682cf479a0541cf",
+        "rev": "d107b2c87bf7446959668fcc22b2b09b37b27cf3",
         "type": "github"
       },
       "original": {
@@ -203,11 +203,11 @@
         "rust-analyzer-src": "rust-analyzer-src"
       },
       "locked": {
-        "lastModified": 1751265761,
+        "lastModified": 1751352216,
-        "narHash": "sha256-VSbk7ppgFSqBxlsWtzIO52iT9TKkLJrmVYOIhQi13Kg=",
+        "narHash": "sha256-dJj8TUoZGj55Ttro37vvFGF2L+xlYNfspQ9u4BfqTFw=",
         "owner": "nix-community",
         "repo": "fenix",
-        "rev": "19c910fe3de1768e64e76b5ee6daa346e6b07410",
+        "rev": "61b4f1e21bd631da91981f1ed74c959d6993f554",
         "type": "github"
       },
       "original": {
@@ -459,11 +459,11 @@
         "zon2nix": "zon2nix"
       },
       "locked": {
-        "lastModified": 1751249933,
+        "lastModified": 1751356667,
-        "narHash": "sha256-v7zWYl6ifTnPLFwRF4kdBeae/c6Tc1SUZWRCOGX332s=",
+        "narHash": "sha256-OBNrvzhPinpzsXK/0VV52L3QIGfzctYtuM0lJksblUc=",
         "owner": "ghostty-org",
         "repo": "ghostty",
-        "rev": "259228698873c0c934741445ec6790cfafb64502",
+        "rev": "7cb7cdf88d8907e37f42435b709f2263e2f96dde",
         "type": "github"
       },
       "original": {
@@ -570,11 +570,11 @@
         "rust-overlay": "rust-overlay_2"
       },
       "locked": {
-        "lastModified": 1751148058,
+        "lastModified": 1751357214,
-        "narHash": "sha256-8Zvw/xGpWtOXtz7l1ZDIHsX/TSnc34p38CEnYANwzRk=",
+        "narHash": "sha256-qMHpy5i0Va8OTVFiGF8JBkRm0hMxnslqvLItvYFCEMI=",
         "owner": "helix-editor",
         "repo": "helix",
-        "rev": "f75d71844f27a13b313603af42c58a5c6d6b608e",
+        "rev": "0043c16506f1c76f7b1c860a04608549d7827fab",
         "type": "github"
       },
       "original": {
@@ -590,11 +590,11 @@
         ]
       },
       "locked": {
-        "lastModified": 1751239699,
+        "lastModified": 1751336185,
-        "narHash": "sha256-zA1uUdAq3c26fHm26xMWMuF5COhI18EzaH7az/P2OWM=",
+        "narHash": "sha256-ptnVr2x+sl7cZcTuGx/0BOE2qCAIYHTcgfA+/h60ml0=",
         "owner": "nix-community",
         "repo": "home-manager",
-        "rev": "f6deff178cc4d6049d30785dbfc831e6c6e3a219",
+        "rev": "96354906f58464605ff81d2f6c2ea23211cbf051",
         "type": "github"
       },
       "original": {
@@ -632,11 +632,11 @@
         ]
       },
       "locked": {
-        "lastModified": 1750973805,
+        "lastModified": 1751238753,
-        "narHash": "sha256-BZXgag7I0rnL/HMHAsBz3tQrfKAibpY2vovexl2lS+Y=",
+        "narHash": "sha256-hJUPWfz/h+QgXKaKovPwFAdNBnALsvVMggAPgBB+Qvw=",
         "owner": "nix-community",
         "repo": "home-manager",
-        "rev": "080e8b48b0318b38143d5865de9334f46d51fce3",
+        "rev": "cab8104e9236fab1eb9a702165454ffed353c20f",
         "type": "github"
       },
       "original": {
@@ -783,11 +783,11 @@
         "xdph": "xdph"
       },
       "locked": {
-        "lastModified": 1751214576,
+        "lastModified": 1751362428,
-        "narHash": "sha256-88TyGNyk+uSsIXhTjS+YmL/4pMaH6M9NYkHadR7fEkU=",
+        "narHash": "sha256-5WSMaz0iS8uAxalv1Jn3Xz67wDMbxOvK4k9B5Wm9nHw=",
         "owner": "hyprwm",
         "repo": "hyprland",
-        "rev": "ee8978b961b9b02ed41bd7b6d1e91cc607b6b530",
+        "rev": "e9c5594186d7ba935e966751d4d676cda998c34b",
         "type": "github"
       },
       "original": {
@@ -1288,11 +1288,11 @@
         ]
       },
       "locked": {
-        "lastModified": 1751163021,
+        "lastModified": 1751335864,
-        "narHash": "sha256-BZGuvFape+quvsfFm+RJdjABUu/xMWnRNd+mzvfrj30=",
+        "narHash": "sha256-gzOCRagb6AYmjw6pSKNAJUajnSk0gKNsfZYSbiyrBkM=",
         "owner": "fufexan",
         "repo": "nix-gaming",
-        "rev": "094da7499257ec96bb1708f76cf221687a9aa498",
+        "rev": "9ebdcaea0533a5277a65b4fc9935b66e0619e053",
         "type": "github"
       },
       "original": {
@@ -1357,11 +1357,11 @@
     },
     "nixpkgs_10": {
       "locked": {
-        "lastModified": 1751011381,
+        "lastModified": 1751271578,
-        "narHash": "sha256-krGXKxvkBhnrSC/kGBmg5MyupUUT5R6IBCLEzx9jhMM=",
+        "narHash": "sha256-P/SQmKDu06x8yv7i0s8bvnnuJYkxVGBWLWHaU+tt4YY=",
         "owner": "NixOS",
         "repo": "nixpkgs",
-        "rev": "30e2e2857ba47844aa71991daa6ed1fc678bcbb7",
+        "rev": "3016b4b15d13f3089db8a41ef937b13a9e33a8df",
         "type": "github"
       },
       "original": {
@@ -1421,11 +1421,11 @@
     },
     "nixpkgs_4": {
       "locked": {
-        "lastModified": 1751011381,
+        "lastModified": 1751271578,
-        "narHash": "sha256-krGXKxvkBhnrSC/kGBmg5MyupUUT5R6IBCLEzx9jhMM=",
+        "narHash": "sha256-P/SQmKDu06x8yv7i0s8bvnnuJYkxVGBWLWHaU+tt4YY=",
         "owner": "NixOS",
         "repo": "nixpkgs",
-        "rev": "30e2e2857ba47844aa71991daa6ed1fc678bcbb7",
+        "rev": "3016b4b15d13f3089db8a41ef937b13a9e33a8df",
         "type": "github"
       },
       "original": {
@@ -1615,11 +1615,11 @@
     "rust-analyzer-src": {
       "flake": false,
       "locked": {
-        "lastModified": 1751210071,
+        "lastModified": 1751296293,
-        "narHash": "sha256-v7XmmLBNRMzRXiVCeH60ZeGEqo+aagmwawI0Z9+EoXY=",
+        "narHash": "sha256-oaGMVdCcI32y6jQ7RE0+CqshZngfI19XnY31eYjdinI=",
         "owner": "rust-lang",
         "repo": "rust-analyzer",
-        "rev": "6df12139bccaaeecf6a34789e0ca799d1fe99c53",
+        "rev": "eaf37e2c98b66ff7f7a0ac04e4cada39e51fde4b",
         "type": "github"
       },
       "original": {
@@ -1637,11 +1637,11 @@
         ]
       },
       "locked": {
-        "lastModified": 1751078221,
+        "lastModified": 1751165203,
-        "narHash": "sha256-/SRmXIPxL7ixFLZgcDdgZDuIwt8eWQAamMYer0ODwbM=",
+        "narHash": "sha256-3QhlpAk2yn+ExwvRLtaixWsVW1q3OX3KXXe0l8VMLl4=",
         "owner": "oxalica",
         "repo": "rust-overlay",
-        "rev": "1712a6d3430ca75353d366b7ddd1c79d6b243efc",
+        "rev": "90f547b90e73d3c6025e66c5b742d6db51c418c3",
         "type": "github"
       },
       "original": {
@@ -1884,11 +1884,11 @@
       },
       "locked": {
         "dir": "nix",
-        "lastModified": 1750745566,
+        "lastModified": 1751352443,
-        "narHash": "sha256-uu3LULgJSgVBWYgdf3Za9T/kTNCu394togdfRIEqWdg=",
+        "narHash": "sha256-psuDPdulVRIl2DvVCvNfl4ZkKhUlZ/9/RvHc7vWr0js=",
         "owner": "wez",
         "repo": "wezterm",
-        "rev": "2deb317ec069b8f94ec1282253faaa71a8d997fc",
+        "rev": "54675c9c35788466f7828f5d722832bd1f310a62",
         "type": "github"
       },
       "original": {

hosts/cnixlab/default.nix

@@ -35,10 +35,12 @@ in {
     ./modules.nix
   ];
 
+  boot.initrd.luks.devices."luks-47b35d4b-467a-4637-a5f9-45177da62897".device = "/dev/disk/by-uuid/47b35d4b-467a-4637-a5f9-45177da62897";
+
   networking.hostName = "cnixlab";
 
   environment.variables.NH_FLAKE = "/home/cnstlab/.nix-config";
 
   #   # https://nixos.wiki/wiki/FAQ/When_do_I_update_stateVersion
-  system.stateVersion = lib.mkDefault "23.11";
+  system.stateVersion = lib.mkDefault "25.05";
 }

hosts/cnixlab/hardware-configuration.nix

@@ -12,59 +12,36 @@
     (modulesPath + "/installer/scan/not-detected.nix")
   ];
 
-  boot.initrd.availableKernelModules = ["nvme" "xhci_pci" "ahci" "usb_storage" "usbhid" "sd_mod"];
+  boot.initrd.availableKernelModules = ["nvme" "xhci_pci" "ahci" "usbhid" "usb_storage" "sd_mod"];
   boot.initrd.kernelModules = [];
-  boot.kernelModules = ["kvm-amd"];
+  boot.kernelModules = [];
   boot.extraModulePackages = [];
 
   fileSystems."/" = {
-    device = "/dev/disk/by-uuid/90eafb57-0f89-4c2a-b417-4e0f2fba5f47";
+    device = "/dev/disk/by-uuid/a0a3595f-e61c-475c-8f4e-bfbb05582c20";
-    fsType = "btrfs";
+    fsType = "ext4";
-    options = ["subvol=root"];
   };
 
-  boot.initrd.luks.devices."enc".device = "/dev/disk/by-uuid/36144799-13f2-4166-9bfe-b29c3df435ab";
+  boot.initrd.luks.devices."luks-4f289fde-55ed-4b05-a6ee-d396db2a887b".device = "/dev/disk/by-uuid/4f289fde-55ed-4b05-a6ee-d396db2a887b";
-
-  fileSystems."/home" = {
-    device = "/dev/disk/by-uuid/90eafb57-0f89-4c2a-b417-4e0f2fba5f47";
-    fsType = "btrfs";
-    options = ["subvol=home"];
-  };
-
-  fileSystems."/nix" = {
-    device = "/dev/disk/by-uuid/90eafb57-0f89-4c2a-b417-4e0f2fba5f47";
-    fsType = "btrfs";
-    options = ["subvol=nix"];
-  };
-
-  fileSystems."/persist" = {
-    device = "/dev/disk/by-uuid/90eafb57-0f89-4c2a-b417-4e0f2fba5f47";
-    fsType = "btrfs";
-    options = ["subvol=persist"];
-  };
-
-  fileSystems."/var/log" = {
-    device = "/dev/disk/by-uuid/90eafb57-0f89-4c2a-b417-4e0f2fba5f47";
-    fsType = "btrfs";
-    options = ["subvol=log"];
-    neededForBoot = true;
-  };
 
   fileSystems."/boot" = {
-    device = "/dev/disk/by-uuid/1D4A-3121";
+    device = "/dev/disk/by-uuid/E03E-5458";
     fsType = "vfat";
-    options = ["fmask=0022" "dmask=0022"];
+    options = ["fmask=0077" "dmask=0077"];
   };
 
-  swapDevices = [{device = "/dev/disk/by-uuid/91e16a5f-6a1c-4c7d-aa61-5823068fdaf0";}];
+  swapDevices = [
+    {device = "/dev/disk/by-uuid/704e09db-c7dd-462b-9560-47bbf845905d";}
+  ];
 
   # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
   # (the default) this is the recommended approach. When using systemd-networkd it's
   # still possible to use this option, but it's recommended to use it in conjunction
   # with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
   networking.useDHCP = lib.mkDefault true;
-  # networking.interfaces.eno1.useDHCP = lib.mkDefault true;
+  # networking.interfaces.enp5s0.useDHCP = lib.mkDefault true;
-  # networking.interfaces.wlp11s0.useDHCP = lib.mkDefault true;
+  # networking.interfaces.enp6s0.useDHCP = lib.mkDefault true;
+  # networking.interfaces.wlp4s0.useDHCP = lib.mkDefault true;
 
   nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
   hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;

hosts/cnixlab/modules.nix

@@ -4,8 +4,7 @@
       kernel = {
         extraBlacklistedModules = [];
         extraKernelParams = [];
-        hardware = "amd";
+        variant = "stable";
-        variant = "latest";
       };
       loader = {
         default = {
@@ -18,7 +17,7 @@
     };
     hardware = {
       bluetooth = {
-        enable = true;
+        enable = false;
       };
       graphics = {
         amd = {

hosts/cnixpad/modules.nix

@@ -21,13 +21,8 @@
         enable = true;
       };
       graphics = {
-        amd = {
         enable = true;
-          packageSet = "standard";
+        vendor = "amd";
-        };
-        nvidia = {
-          enable = false;
-        };
       };
       logitech = {
         enable = false;

hosts/cnixtop/default.nix

@@ -39,7 +39,10 @@ in {
 
   networking.hostName = "cnixtop";
 
-  environment.variables.NH_FLAKE = "/home/cnst/.nix-config";
+  environment.variables = {
+    NH_FLAKE = "/home/cnst/.nix-config";
+    GEMINI_API_KEY = config.age.secrets.gcapi.path;
+  };
 
   programs.hyprland.settings = {
     monitor = [

hosts/cnixtop/hardware-configuration.nix

@@ -12,19 +12,6 @@
     (modulesPath + "/installer/scan/not-detected.nix")
   ];
 
-  # Use system-wide overlays to override linux-firmware
-  # nixpkgs.overlays = [
-  #   (final: prev: {
-  #     linux-firmware = prev.linux-firmware.overrideAttrs (old: rec {
-  #       version = "20250509";
-  #       src = prev.fetchzip {
-  #         url = "https://cdn.kernel.org/pub/linux/kernel/firmware/linux-firmware-${version}.tar.xz";
-  #         hash = "sha256-0FrhgJQyCeRCa3s0vu8UOoN0ZgVCahTQsSH0o6G6hhY=";
-  #       };
-  #     });
-  #   })
-  # ];
-
   boot.initrd.availableKernelModules = ["nvme" "xhci_pci" "ahci" "usb_storage" "usbhid" "sd_mod"];
   boot.initrd.kernelModules = [];
   boot.kernelModules = ["kvm-amd"];

hosts/cnixtop/modules.nix

@@ -21,13 +21,8 @@
         enable = true;
       };
       graphics = {
-        amd = {
         enable = true;
-          packageSet = "standard";
+        vendor = "amd";
-        };
-        nvidia = {
-          enable = false;
-        };
       };
       logitech = {
         enable = true;

hosts/toothpc/modules.nix

@@ -21,11 +21,9 @@
         enable = false;
       };
       graphics = {
-        amd = {
-          enable = false;
-        };
-        nvidia = {
         enable = true;
+        vendor = "nvidia";
+        nvidia = {
           package = "beta";
           open = {
             enable = true;

modules/default.nix

@@ -58,8 +58,7 @@
         ./nixos/boot/loader
 
         ./nixos/hardware/bluetooth
-        ./nixos/hardware/graphics/amd
+        ./nixos/hardware/graphics
-        ./nixos/hardware/graphics/nvidia
         ./nixos/hardware/logitech
         ./nixos/hardware/network
 

modules/home/programs/waybar/config/style.css

@@ -11,7 +11,7 @@
 
 window#waybar {
   color: #fbf1c7;
-  background-color: rgba(43, 45, 50, 0.5);
+  background-color: rgba(43, 45, 50, 0.6);
 }
 
 #workspaces button {
@@ -60,7 +60,7 @@ window#waybar {
 #cpu.warning,
 #custom-dnd.dnd-notification,
 #custom-dnd.dnd-none {
-  border-top: 3px solid #282828;
+  border-top: 3px solid transparent;
   border-bottom: 3px solid #c35e0a;
 }
 
@@ -71,12 +71,12 @@ window#waybar {
 #cpu.critical,
 #custom-yubikey,
 #custom-recording {
-  border-top: 3px solid #282828;
+  border-top: 3px solid transparent;
   border-bottom: 3px solid #c14a4a;
 }
 
 #battery.charging {
-  border-top: 3px solid #282828;
+  border-top: 3px solid transparent;
   border-bottom: 3px solid #4c7a5d;
 }
 

modules/home/programs/waybar/default.nix

@@ -26,14 +26,12 @@ in {
         ConditionEnvironment = "WAYLAND_DISPLAY";
         Description = "waybar";
       };
-
       Service = {
         ExecStart = "${uwsm} app -- ${waybar} -c ${waybarAssets}/config.jsonc -s ${waybarAssets}/style.css";
         Slice = "app-graphical.slice";
         Restart = "always";
-        RestartSec = 10;
+        RestartSec = 30;
       };
-
       Install = {
         WantedBy = ["graphical-session.target"];
       };

modules/nixos/boot/kernel/default.nix

@@ -17,7 +17,7 @@ in {
 
       hardware = mkOption {
         type = types.enum ["amd" "nvidia"];
-        default = "amd";
+        default = "";
         description = "Hardware type (GPU) configuration.";
       };
 

modules/nixos/hardware/graphics/amd/default.nix

@@ -1,106 +0,0 @@
-{
-  pkgs,
-  config,
-  lib,
-  ...
-}: let
-  inherit (lib) mkIf mkOption types mkEnableOption mkMerge;
-  cfg = config.nixos.hardware.graphics.amd;
-in {
-  options = {
-    nixos.hardware.graphics.amd = {
-      enable = mkEnableOption "AMD graphics support";
-
-      packageSet = mkOption {
-        type = types.enum ["standard" "chaotic"];
-        default = "standard";
-        description = ''
-          Which set of AMD graphics packages to use:
-          - standard: Additional AMD-specific tools and utilities
-          - chaotic: Chaotic Mesa git version with additional optimizations
-        '';
-      };
-    };
-  };
-
-  config = mkIf cfg.enable (mkMerge [
-    {
-      # Base configuration
-      hardware.graphics = {
-        enable = true;
-        enable32Bit = true;
-      };
-    }
-
-    # Standard Package Set
-    (mkIf (cfg.packageSet == "standard") {
-      hardware.graphics.extraPackages = with pkgs; [
-        libva
-        vaapiVdpau
-        libvdpau-va-gl
-        vulkan-loader
-        vulkan-validation-layers
-        vulkan-extension-layer
-        vulkan-utility-libraries
-      ];
-      hardware.graphics.extraPackages32 = with pkgs.pkgsi686Linux; [
-        libva
-        vaapiVdpau
-        libvdpau-va-gl
-      ];
-      environment.systemPackages = with pkgs; [
-        vulkan-tools
-        wayland
-        wayland-protocols
-        scx.rustscheds
-        libGL
-        # rocmPackages.rocm-smi
-      ];
-    })
-
-    # Chaotic Package Set
-    (mkIf (cfg.packageSet == "chaotic") {
-      chaotic = {
-        mesa-git = {
-          enable = true;
-          extraPackages = with pkgs; [
-            libva
-            libvdpau-va-gl
-            vaapiVdpau
-            libdrm_git
-            latencyflex-vulkan
-            mesa_git
-            mesa_git.opencl
-            vulkanPackages_latest.vulkan-loader
-            vulkanPackages_latest.vulkan-headers
-            vulkanPackages_latest.vulkan-validation-layers
-            vulkanPackages_latest.vulkan-extension-layer
-            vulkanPackages_latest.vulkan-utility-libraries
-            vulkanPackages_latest.vulkan-volk
-            vulkanPackages_latest.spirv-headers
-            vulkanPackages_latest.spirv-tools
-          ];
-          extraPackages32 = with pkgs.pkgsi686Linux; [
-            pkgs.mesa32_git
-            pkgs.mesa32_git.opencl
-            libdrm32_git
-            libva
-            libvdpau-va-gl
-            vaapiVdpau
-          ];
-        };
-      };
-      environment.systemPackages = with pkgs; [
-        vulkanPackages_latest.vulkan-tools
-        # vulkanPackages_latest.vulkan-tools-lunarg
-        vulkanPackages_latest.gfxreconstruct
-        vulkanPackages_latest.spirv-cross
-        wayland-protocols_git
-        wayland_git
-        scx.rustscheds
-        # rocmPackages.rocm-smi
-        libGL
-      ];
-    })
-  ]);
-}

modules/nixos/hardware/graphics/default.nix

@@ -0,0 +1,136 @@
+{
+  pkgs,
+  config,
+  lib,
+  ...
+}: let
+  inherit (lib) mkEnableOption mkOption types mkIf mkMerge;
+
+  cfg = config.nixos.hardware.graphics;
+  vendor = cfg.vendor;
+
+  # Common packages used across all vendors
+  commonPackages = with pkgs; [
+    libva
+    vaapiVdpau
+    libvdpau-va-gl
+    libGL
+  ];
+  commonPackages32 = with pkgs.pkgsi686Linux; [
+    libva
+    vaapiVdpau
+    libvdpau-va-gl
+  ];
+
+  # Mesa Vulkan packages (used by AMD & Intel only)
+  mesaVulkanPackages = with pkgs; [
+    vulkan-loader
+    vulkan-validation-layers
+    vulkan-extension-layer
+    vulkan-utility-libraries
+  ];
+
+  # Extra desktop utilities
+  tools = with pkgs; [
+    vulkan-tools
+    wayland
+    wayland-protocols
+    scx.rustscheds
+    libGL
+  ];
+
+  nvidiaOffloadScript = pkgs.writeShellScriptBin "nvidia-offload" ''
+    export LIBVA_DRIVER_NAME=nvidia
+    export GBM_BACKEND=nvidia-drm
+    export __GLX_VENDOR_LIBRARY_NAME=nvidia
+    export __GL_VRR_ALLOWED=1
+    export XDG_SESSION_TYPE=wayland
+    export NVD_BACKEND=direct
+    export ELECTRON_OZONE_PLATFORM_HINT=auto
+    exec "$@"
+  '';
+in {
+  options.nixos.hardware.graphics = {
+    enable = mkEnableOption "Enable general graphics support";
+
+    vendor = mkOption {
+      type = types.enum ["amd" "intel" "nvidia"];
+      default = "amd";
+      description = "GPU vendor to configure support for.";
+    };
+
+    nvidia = {
+      open.enable = mkEnableOption "Enable NVidia open drivers";
+      package = mkOption {
+        type = types.enum ["stable" "beta" "production" "latest"];
+        default = "stable";
+        description = "NVidia driver package to use.";
+      };
+    };
+  };
+
+  config = mkIf cfg.enable (
+    mkMerge [
+      {
+        hardware.graphics = {
+          enable = true;
+          enable32Bit = true;
+        };
+      }
+
+      # AMD-specific configuration
+      (mkIf (vendor == "amd") {
+        hardware.graphics.extraPackages = commonPackages ++ mesaVulkanPackages;
+        hardware.graphics.extraPackages32 = commonPackages32;
+        environment.systemPackages = tools;
+      })
+
+      # Intel-specific configuration
+      (mkIf (vendor == "intel") {
+        hardware.graphics.extraPackages =
+          commonPackages
+          ++ mesaVulkanPackages
+          ++ (with pkgs; [
+            intel-media-driver
+            intel-compute-runtime
+          ]);
+        hardware.graphics.extraPackages32 = commonPackages32;
+        environment.systemPackages = tools;
+      })
+
+      # Nvidia-specific configuration
+      (mkIf (vendor == "nvidia") {
+        hardware.graphics.extraPackages =
+          commonPackages
+          ++ (with pkgs; [
+            nvidiaOffloadScript
+            intel-media-driver
+            nvidia-vaapi-driver
+            vulkan-tools
+          ]);
+        hardware.graphics.extraPackages32 = commonPackages32;
+        environment.systemPackages = with pkgs; [
+          egl-wayland
+          libGL
+        ];
+
+        hardware.nvidia = {
+          package =
+            if cfg.nvidia.package == "beta"
+            then config.boot.kernelPackages.nvidiaPackages.beta
+            else if cfg.nvidia.package == "latest"
+            then config.boot.kernelPackages.nvidiaPackages.latest
+            else if cfg.nvidia.package == "production"
+            then config.boot.kernelPackages.nvidiaPackages.production
+            else config.boot.kernelPackages.nvidiaPackages.stable;
+
+          modesetting.enable = true;
+          powerManagement.enable = false;
+          powerManagement.finegrained = false;
+          open = cfg.nvidia.open.enable;
+          nvidiaSettings = true;
+        };
+      })
+    ]
+  );
+}

modules/nixos/hardware/graphics/nvidia/default.nix

@@ -1,74 +0,0 @@
-{
-  pkgs,
-  config,
-  lib,
-  ...
-}: let
-  nvidia-offload = pkgs.writeShellScriptBin "nvidia-offload" ''
-    export LIBVA_DRIVER_NAME=nvidia
-    export GBM_BACKEND=nvidia-drm
-    export __GLX_VENDOR_LIBRARY_NAME=nvidia
-    export __GL_VRR_ALLOWED=1
-    export XDG_SESSION_TYPE=wayland
-    export NVD_BACKEND=direct
-    export ELECTRON_OZONE_PLATFORM_HINT=auto
-        exec "$@"
-  '';
-  inherit (lib) types mkIf mkEnableOption mkOption;
-  cfg = config.nixos.hardware.graphics.nvidia;
-in {
-  options = {
-    nixos.hardware.graphics.nvidia = {
-      enable = mkEnableOption "Enables NVidia graphics";
-      open.enable = mkEnableOption "Enables open version of drivers";
-      package = mkOption {
-        type = types.enum ["stable" "beta" "production" "latest"];
-        default = "stable";
-        description = "Choose between the stable, beta, latest, or production NVidia driver package";
-      };
-    };
-  };
-
-  config = mkIf cfg.enable {
-    environment.systemPackages = with pkgs; [
-      egl-wayland
-      libGL
-    ];
-    hardware = {
-      graphics = {
-        enable = true;
-        enable32Bit = true;
-        extraPackages = with pkgs; [
-          nvidia-offload
-          libva
-          vaapiVdpau
-          libvdpau-va-gl
-          intel-media-driver
-          nvidia-vaapi-driver
-          vulkan-tools
-        ];
-        extraPackages32 = with pkgs.pkgsi686Linux; [
-          vaapiVdpau
-          libvdpau-va-gl
-        ];
-      };
-      nvidia = {
-        package =
-          if cfg.package == "beta"
-          then config.boot.kernelPackages.nvidiaPackages.beta
-          else if cfg.package == "latest"
-          then config.boot.kernelPackages.nvidiaPackages.latest
-          else if cfg.package == "production"
-          then config.boot.kernelPackages.nvidiaPackages.prodution
-          else config.boot.kernelPackages.nvidiaPackages.stable;
-        modesetting.enable = true;
-        powerManagement = {
-          enable = false;
-          finegrained = false;
-        };
-        open = cfg.open.enable;
-        nvidiaSettings = true;
-      };
-    };
-  };
-}

modules/nixos/programs/hyprland/keybinds.nix

@@ -92,7 +92,7 @@ in {
 
     (mkIf (host == "cnixtop") {
       programs.hyprland.settings = {
-        "$terminal" = "ghostty";
+        "$terminal" = "alacritty";
         "$browser" = "zen";
         "$browserinc" = "zen --private-window";
         "$mod" = "SUPER";

modules/nixos/programs/pkgs/default.nix

@@ -88,6 +88,7 @@ in {
 
         (mkIf cfg.dev.enable [
           # lldb_20 # some biuld error atm
+          gemini-cli
           nfs-utils
           gcc
           rust-analyzer

modules/nixos/services/agenix/default.nix

@@ -39,6 +39,10 @@ in {
           certpem.file = "${self}/secrets/certpem.age";
           keypem.file = "${self}/secrets/keypem.age";
           mailpwd.file = "${self}/secrets/mailpwd.age";
+          gcapi = {
+            file = "${self}/secrets/gcapi.age";
+            owner = "cnst";
+          };
         };
       })
       (mkIf cfg.toothpc.enable {
@@ -53,9 +57,11 @@ in {
       })
     ];
 
-    environment.systemPackages = [
+    environment = {
+      systemPackages = [
         inputs.agenix.packages.x86_64-linux.default
         pkgs.age
       ];
     };
+  };
 }

secrets/gcapi.age

@@ -0,0 +1,7 @@
+age-encryption.org/v1
+-> ssh-ed25519 t9iOEg ydR02MhXV3N6GfI578UWBng7FxsI5ArruLz5WXg6P0I
+Y4ejUnutRej5VIHbfr92UvmNCbAppF2teW5ccbxSvuQ
+-> ssh-ed25519 KUYMFA vGk9K010hQ3VykjTKfvnHfEIRI8bFmWd5ORSvef/3Xc
+S8YL7o4yYrWsi+XgMDvVcfBZfbwCnPlYttylLfG/trQ
+--- TWtKeF/A5qS3fpwIBitsaneypzD3wEt1y740lZHcj14
+<EFBFBD>B<EFBFBD><EFBFBD>X<EFBFBD>ɹ<>'<27><><EFBFBD>]<5D>y<EFBFBD>$(<28>6<EFBFBD><36>/<2F><15><19>W<EFBFBD>><06>껿<EFBFBD>.l><3E><>e)<29><>G<EFBFBD><47>ݰ]V˱g&gb<67>19ŧ<39>]5

secrets/secrets.nix

@@ -7,4 +7,5 @@ in {
   "certpem.age".publicKeys = [cnst cnix];
   "keypem.age".publicKeys = [cnst cnix];
   "mailpwd.age".publicKeys = [cnst cnix];
+  "gcapi.age".publicKeys = [cnst cnix];
 }

users/cnst/default.nix

@@ -34,6 +34,7 @@
       STEAM_EXTRA_COMPAT_TOOLS_PATHS = "/home/cnst/.steam/root/compatibilitytools.d";
       QT_QPA_PLATFORM = "wayland";
       XDG_SESSION_TYPE = "wayland";
+      # GEMINI_API_KEY = "$(cat ${config.age.secrets.gcapi.path})";
     };
   };