system/home-manager
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Establish baseline

Browse Source
This commit is contained in:
Nina Chlóe Kassandra Reiß
2026-04-20 04:21:11 +02:00
commit 8df205457a
26 changed files with 678 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
.gitignore vendored Normal file
View File

@@ -0,0 +1,2 @@
*.log
result

0
README.md Normal file
View File

9
applications/matrix.nix Normal file
View File

@@ -0,0 +1,9 @@
{ config, pkgs, lib, ... }:
let
profile = import ./profile.nix;
in
{
home.packages = with pkgs; [
fluffychat
];
}

6
desktop-environment/application-browser.nix Normal file
View File

@@ -0,0 +1,6 @@
{ pkgs, ... }:
{
home.packages = with pkgs; [
# New system packages
];
}

113
desktop-environment/browser.nix Normal file
View File

@@ -0,0 +1,113 @@
{ config, pkgs, ... }:
{
home.packages = with pkgs; [
# New system packages
];
programs.firefox = {
enable = true;
policies = {
AppAutoUpdate = false;
AllowFileSelectionDialogs = true;
AutofillAddressEnabled = true;
AutofillCreditCardEnabled = false;
CaptivePortal = true;
DisableFirefoxAccounts = true;
DisableSecurityBypass = {
InvalidCertificate = false;
SafeBrowsing = false;
};
DisableSetDesktopBackground = true;
DisableTelemetry = true;
ExtensionUpdate = true;
FirefoxHome = {
Search = true;
TopSites = true;
SponsoredTopSites = false;
Highlights = true;
Pocket = false;
Stories = false;
SponsoredPocket = false;
SponsoredStories = false;
Snippets = true;
Locked = true;
};
PictureInPicture = {
Enabled = true;
Locked = false;
};
ExtensionSettings = {
"nextcloud-passwords@nextcloud.com" = {
installation_mode = "force_installed";
install_url = "https://addons.mozilla.org/firefox/downloads/latest/nextcloud-passwords/latest.xpi";
};
"instapaper@instapaper.com" = {
installation_mode = "force_installed";
install_url = "https://addons.mozilla.org/firefox/downloads/latest/instapaper-official/latest.xpi";
};
"weh@mozilla.org" = {
installation_mode = "force_installed";
install_url = "https://addons.mozilla.org/firefox/downloads/latest/video-downloadhelper/latest.xpi";
};
};
Preferences = {
# Tracking Protection
"browser.contentblocking.category" = "strict";
"privacy.trackingprotection.enabled" = true;
"privacy.trackingprotection.socialtracking.enabled" = true;
# Cookies
"network.cookie.cookieBehavior" = 1; # block third-party cookies
# Fingerprinting Protection
"privacy.resistFingerprinting" = true;
"privacy.resistFingerprinting.block_mozAddonManager" = true;
# WebRTC IP Leak verhindern
"media.peerconnection.enabled" = false;
# Telemetrie vollständig deaktivieren
"toolkit.telemetry.enabled" = false;
"toolkit.telemetry.unified" = false;
"toolkit.telemetry.archive.enabled" = false;
"datareporting.healthreport.uploadEnabled" = false;
"app.shield.optoutstudies.enabled" = false;
# SafeBrowsing (lokal behalten, aber keine unnötige Kommunikation)
"browser.safebrowsing.downloads.remote.enabled" = false;
# HTTPS-Only Mode
"dom.security.https_only_mode" = true;
# DNS over HTTPS Fallback deaktivieren
"network.trr.mode" = 3;
"network.trr.uri" = "https://dns.quad9.net/dns-query";
# Referrer reduzieren
"network.http.referer.XOriginPolicy" = 2;
# Clipboard API nur bei User Interaction
"dom.events.asyncClipboard.readText" = false;
# WebGL einschränken
"webgl.disabled" = true;
};
SearchEngines = {
Default = "Ecosia";
Add = [
{
Name = "Ecosia";
URLTemplate = "https://www.ecosia.org/search?q={searchTerms}";
Method = "GET";
}
];
Remove = [ "Google" "Bing" "Amazon.com" "eBay" ];
};
};
};
}

42
desktop-environment/config.nix Normal file
View File

@@ -0,0 +1,42 @@
{ pkgs, ... }:
let
profile = import ../profile.nix;
in
{
imports = [
./browser.nix
#./planner.nix
./window-manager.nix
../applications/matrix.nix
];
home.packages = with pkgs; [
kitty
pamixer
nemo-with-extensions
];
#services.dbus.enable = true;
#programs.dconf.enable = true;
services.greetd = {
enable = true;
settings = {
default_session = {
command = "Hyprland";
user = profile.username;
};
};
};
xdg.portal = {
enable = true;
extraPortals = [ pkgs.xdg-desktop-portal-hyprland ];
};
systemd.targets.sleep.enable = false;
systemd.targets.suspend.enable = false;
systemd.targets.hibernate.enable = false;
systemd.targets.hybrid-sleep.enable = false;
}

6
desktop-environment/file-browser.nix Normal file
View File

@@ -0,0 +1,6 @@
{ pkgs, ... }:
{
home.packages = with pkgs; [
# New system packages
];
}

48
desktop-environment/planner.nix Normal file
View File

@@ -0,0 +1,48 @@
{ config, pkgs, lib, ... }:
let
tbProfile = pkgs.stdenv.mkDerivation {
name = "thunderbird-profile";
src = ./thunderbird-profile;
installPhase = ''
mkdir -p $out
cp -r . $out/
'';
};
in
{
home.packages = with pkgs; [
# New system packages
];
programs.thunderbird = {
enable = true;
package = pkgs.thunderbird;
policies = {
DisableTelemetry = true;
DisableAppUpdate = true;
Preferences = {
"mail.provider.enabled" = false;
"mail.openpgp.allow_external_gnupg" = true;
"calendar.timezone.local" = "Europe/Berlin";
};
Certificates = {
ImportEnterpriseRoots = true;
};
PasswordManagerEnabled = true;
Cookies = {
"Default" = false;
"AcceptThirdParty" = "never";
"Locked" = true;
};
DefaultDownloadDirectory = "/tmp";
DisableBuiltinPDFViewer = true;
DisablePasswordReveal = true;
};
};
}

6
desktop-environment/status-bar.nix Normal file
View File

@@ -0,0 +1,6 @@
{ pkgs, ... }:
{
home.packages = with pkgs; [
# New system packages
];
}

6
desktop-environment/terminal-emulator.nix Normal file
View File

@@ -0,0 +1,6 @@
{ pkgs, ... }:
{
home.packages = with pkgs; [
# New system packages
];
}

9
desktop-environment/window-manager.nix Normal file
View File

@@ -0,0 +1,9 @@
{ pkgs, lib, ... }:
let
profile = import ../profile.nix;
in
{
imports = [
#./window-manager/${profile.interface}.nix
];
}

59
desktop-environment/window-manager/hyprland.nix Normal file
View File

@@ -0,0 +1,59 @@
{ pkgs, lib, ... }:
let
dotfiles_hypr = pkgs.fetchgit {
url = "https://git.nichkara.eu/dotfiles/hypr";
rev = "83da92f0d64620c6503b8b2d9fa27bd79816e025";
sha256 = "sha256-kEKJiH0oK0PuciJZ6ucinTKX5eMWxPPZXYNS1+HIcRA=";
};
dotfiles_waybar = pkgs.fetchgit {
url = "https://git.nichkara.eu/dotfiles/waybar";
rev = "cd3d5d8a97f9fbc1cc8a69fc9e570dfcf669dce7";
sha256 = "sha256-FTpGumhxY6ChUXqnykO+aSJiFD4A80W0eqx7hXS9Iwc=";
};
profile = import ../../profile.nix;
in
{
home.packages = with pkgs; [
wofi
grim
swaynotificationcenter
swaylock
hyprpaper
lxsession
hyprshot
wayvnc
pamixer
pavucontrol
brightnessctl
python313Packages.requests
networkmanagerapplet
];
#fonts.packages = with pkgs; [
# nerd-fonts.space-mono
# ];
programs.hyprland = {
enable = true;
withUWSM = true;
xwayland.enable = true;
};
programs.waybar = {
enable = true;
};
home.file.".config/hypr" = {
source = dotfiles_hypr;
recursive = true;
};
home.file.".config/waybar" = {
source = dotfiles_waybar;
recursive = true;
};
}

6
desktop-environment/workspace-manager.nix Normal file
View File

@@ -0,0 +1,6 @@
{ pkgs, ... }:
{
home.packages = with pkgs; [
# New system packages
];
}

49
home.nix Normal file
View File

@@ -0,0 +1,49 @@
{ config, pkgs, ... }:
let
profile = import ./profile.nix;
home-directory = "/home/${profile.username}";
ssh-filename = "${home-directory}/.ssh/id_ed25519";
in
{
# Home Manager needs a bit of information about you and the paths it should
# manage.
home.username = "nichkara";
home.homeDirectory = "/home/nichkara";
# Configuration options around here
home.stateVersion = "25.11";
imports = [
#./desktop-environment/config.nix
./terminal-environment/config.nix
./system-environment/config.nix
];
# The home.packages option allows you to install Nix packages into your
# environment.
home.packages = with pkgs; [
];
# Home Manager is pretty good at managing dotfiles. The primary way to manage
# plain files is through 'home.file'.
home.file = {
# # Building this configuration will create a copy of 'dotfiles/screenrc' in
# # the Nix store. Activating the configuration will then make '~/.screenrc' a
# # symlink to the Nix store copy.
# ".screenrc".source = dotfiles/screenrc;
# # You can also set the file content immediately.
# ".gradle/gradle.properties".text = ''
# org.gradle.console=verbose
# org.gradle.daemon.idletimeout=3600000
# '';
};
home.sessionVariables = {
# EDITOR = "emacs";
};
# Let Home Manager install and manage itself.
programs.home-manager.enable = true;
}

12
profile.nix Normal file
View File

@@ -0,0 +1,12 @@
{
username = "nichkara";
hostname = "kathleen";
hashed-password = "$y$j9T$51IqmPE8iKV9NmF89vaK40$TJFaBOiMgcxYRWxyj3M5q47QWAIzMbwDhSoqLM3EPk4";
interface = "hyprland";
modules = {
base = true;
office = false;
development = true;
science = true;
};
}

12
profile.nix.template Normal file
View File

@@ -0,0 +1,12 @@
{
username = "nichkara";
hostname = "amelia";
hashed-password = "$y$j9T$W72kGNL9hSTiN7CjnUpqH1$uyE1OzYN4kvbhhylX7pwRmLYYYmouRPVGIDZKwx8YW8";
interface = "hyprland";
modules = {
base = true;
office = false;
development = false;
science = false;
};
}

42
system-environment/config.nix Normal file
View File

@@ -0,0 +1,42 @@
{ pkgs, lib, ... }:
let
profile = import ../profile.nix;
in
{
imports = [
#./file-system.nix
./media.nix
#./security/keyring.nix
];
home.packages = with pkgs; [
gnumake
python3
]
++ lib.optionals profile.modules.development [
cmake
cmakeCurses
# C/C++/Fortran tools
gcc
clang
# Common C based dependencies
eigen
# Ada/+Spark & Rust tools
alire
gnat15
gnat15Packages.gprbuild
gnat15Packages.gpr2
gnat15Packages.gnatprove
gnat15Packages.gnatcoll-core
gnat15Packages.gnatcoll-readline
gnat15Packages.gnatcoll-python3
gnat15Packages.gnatcoll-gmp
rustc
cargo
];
}

19
system-environment/file-system.nix Normal file
View File

@@ -0,0 +1,19 @@
{ pkgs, ... }:
{
services.udisks2.enable = true;
services.gvfs.enable = true;
home.packages = with pkgs; [
nextcloud-client
unzip
deja-dup
gnutar
xz
gzip
gz-utils
file
fileinfo
];
}

12
system-environment/media.nix Normal file
View File

@@ -0,0 +1,12 @@
{ pkgs, ... }:
{
home.packages = with pkgs; [
calibre
kdePackages.okular
vlc
totem
w3m
epr
];
}

15
system-environment/security/keyring.nix Normal file
View File

@@ -0,0 +1,15 @@
{ pkgs, lib, ... }:
let
profile = import ../profile.nix;
in
{
imports = [ ];
home.packages = with pkgs; [
seahorse
];
services.gnome.gnome-keyring.enable = true;
security.pam.services.login.enableGnomeKeyring = true;
}

80
terminal-environment/config.nix Normal file
View File

@@ -0,0 +1,80 @@
{ config, pkgs, ... }:
let
profile = import ../profile.nix;
in
{
imports = [
./editor.nix
./tex-environment.nix
];
home.packages = with pkgs; [
astyle
hyfetch
fzf-zsh
distrobox
];
programs.tmux = {
enable = true;
clock24 = true;
extraConfig = ''
'';
};
programs.direnv.enable = true;
programs.direnv.nix-direnv.enable = true;
programs.zsh = {
enable = true;
enableCompletion = true;
autocd = true;
autosuggestion = {
enable = true;
};
syntaxHighlighting = {
enable = true;
};
history = {
size = 4096;
ignoreSpace = true;
ignorePatterns = [ ];
saveNoDups = true;
ignoreAllDups = true;
};
oh-my-zsh = {
enable = true;
theme = "sonicradish";
plugins = [
"git"
"z"
"dotenv"
"battery"
"emoji"
"emoji-clock"
"fzf"
"kitty"
"themes"
"tmux"
"vi-mode"
];
};
setOptions = [
"HIST_IGNORE_ALL_DUPS"
];
shellAliases = {
ll = "ls -lh";
nix-check = "nixos-rebuild build";
nix-update = "sudo nixos-rebuild switch";
sirc = "ssh -t nichkara.eu tmux new-session -A -s weechat weechat";
};
};
}

25
terminal-environment/editor.nix Normal file
View File

@@ -0,0 +1,25 @@
{ config, pkgs, ... }:
let
profile = import ../profile.nix;
in
{
home.packages = with pkgs; [
vim
fzf
ripgrep
ripgrep-all
ctags
lua54Packages.luarocks-nix
];
programs.neovim = {
enable = true;
defaultEditor = true;
withPython3 = true;
withRuby = true;
withNodeJs = true;
viAlias = true;
vimAlias = true;
};
}

67
terminal-environment/genv/default.nix Normal file
View File

@@ -0,0 +1,67 @@
{ pkgs, lib, ... }:
let
genv = pkgs.writeShellScriptBin "genv" ''
#!/usr/bin/env bash
set -e
DISTRO="$1"
PRESET="$2"
if [ -z "$DISTRO" ] || [ -z "$PRESET" ]; then
echo "Usage: genv <distro> <preset>"
exit 1
fi
PROJECT=$(basename "$PWD")
BOX="genv-$PROJECT"
# distro mapping
case "$DISTRO" in
ubuntu) IMAGE="docker.io/library/ubuntu:24.04" ;;
arch) IMAGE="docker.io/library/archlinux:latest" ;;
alpine) IMAGE="docker.io/library/alpine:latest" ;;
*) IMAGE="$DISTRO" ;;
esac
echo "[genv] image: $IMAGE"
# container nur erstellen wenn nötig
if ! distrobox list | grep -q "$BOX"; then
distrobox create --name "$BOX" --image "$IMAGE"
fi
mkdir -p .genv
# preset kopieren
cp ${./presets}/$PRESET.sh .genv/setup.sh
chmod +x .genv/setup.sh
# envrc generieren
cat > .envrc <<EOF
export GENV_BOX="$BOX"
# container starten
distrobox start "$GENV_BOX" >/dev/null 2>&1 || true
# setup einmalig
if [ ! -f .genv/.init ]; then
echo "[genv] setup läuft"
distrobox enter "$GENV_BOX" -- bash .genv/setup.sh
touch .genv/.init
fi
# tmux workflow
if [ -z "$TMUX" ]; then
tmux new-session -A -s "$GENV_BOX" \
\; new-window -n editor "nvim" \
\; new-window -n dev "distrobox enter $GENV_BOX"
fi
EOF
echo "[genv] fertig direnv allow"
'';
in
{
home.packages = [ genv ];
}

11
terminal-environment/genv/presets/c.sh Normal file
View File

@@ -0,0 +1,11 @@
#!/usr/bin/env bash
set -e
if command -v apt >/dev/null; then
sudo apt update
sudo apt install -y build-essential cmake
elif command -v pacman >/dev/null; then
sudo pacman -Sy --noconfirm base-devel cmake
elif command -v apk >/dev/null; then
sudo apk add build-base cmake
fi

11
terminal-environment/genv/presets/data-science.sh Normal file
View File

@@ -0,0 +1,11 @@
#!/usr/bin/env bash
set -e
if command -v apt >/dev/null; then
sudo apt update
sudo apt install -y python3
elif command -v pacman >/dev/null; then
sudo pacman -Sy --noconfirm base-devel python3
elif command -v apk >/dev/null; then
sudo apk add build-base python3
fi

11
terminal-environment/tex-environment.nix Normal file
View File

@@ -0,0 +1,11 @@
{ config, pkgs, ... }:
let
profile = import ../profile.nix;
in
{
home.packages = with pkgs; [
texliveMedium
];
}