modules: services: wireguard: add 'milady'

I haven't tested it on darwin, and it just so happens that some
dependency is broken on that system (breaking `nix flake check`)...

Will revisit this later in case I ever happen to use a darwin system.

.drone.yml

@@ -1,24 +1,27 @@
+---
 kind: pipeline
-name: check config
+type: exec
+name: NixOS config check
 
 steps:
-  - name: format check
-    image: nixos/nix
-    commands:
-      - nix-shell -p nixpkgs-fmt --run 'nixpkgs-fmt . --check'
+- name: nix flake check
+  commands:
+  - nix flake check
 
-  - name: notify
-    image: plugins/matrix
-    settings:
-      homeserver:
-        from_secret: matrix_homeserver
-      roomid:
-        from_secret: matrix_roomid
-      username:
-        from_secret: matrix_username
-      password:
-        from_secret: matrix_password
-      trigger:
-        status:
-          - failure
-          - success
+- name: notifiy
+  commands:
+  - nix run .#matrix-notifier
+  environment:
+    ADDRESS:
+      from_secret: matrix_homeserver
+    ROOM:
+      from_secret: matrix_roomid
+    USER:
+      from_secret: matrix_username
+    PASS:
+      from_secret: matrix_password
+  when:
+    status:
+      - failure
+      - success
+...

.envrc

@@ -6,3 +6,4 @@ use_flake() {
 
 ulimit -s unlimited # Bypass current bug in `nix` flakes evaluation
 use flake
+eval "$shellHooks"

.git-crypt/.gitattributes

@@ -1,4 +0,0 @@
-# Do not edit this file.  To specify the files to encrypt, create your own
-# .gitattributes file in the directory where your files are.
-* !filter !diff
-*.gpg binary

.gitignore

@@ -0,0 +1 @@
+/.pre-commit-config.yaml

.pre-commit-config.yaml

@@ -1,21 +0,0 @@
-repos:
-- repo: 'https://github.com/pre-commit/pre-commit-hooks'
-  rev: 'v2.3.0'
-  hooks:
-  - id: 'trailing-whitespace'
-  - id: 'end-of-file-fixer'
-  - id: 'check-yaml'
-  - id: 'check-added-large-files'
-- repo: 'https://github.com/jumanjihouse/pre-commit-hooks'
-  rev: '2.1.4'
-  hooks:
-  - id: 'forbid-binary'
-- repo: 'local'
-  hooks:
-  - id: 'nixpkgs-fmt'
-    name: 'nixpkgs-fmt'
-    description: 'Format nix code with nixpkgs-fmt'
-    entry: 'nixpkgs-fmt'
-    language: 'system'
-    files: '\.nix$'
-    always_run: true

README.md

@@ -21,3 +21,4 @@ Secondly, take care of a few manual steps:
 * Configure Sonarr, Radarr, Bazarr
 * Configure Transmission's webui port
 * Configure Quassel user
+* Configure Flood account

bootstrap.sh

@@ -58,6 +58,8 @@ get_ssh() {
 
     get_doc "SysAdmin/SSH" "shared-key-public" "$HOME/.ssh/shared_rsa.pub" 644
     get_doc "SysAdmin/SSH" "shared-key-private" "$HOME/.ssh/shared_rsa" 600
+    get_doc "SysAdmin/SSH" "agenix-public" "$HOME/.ssh/id_ed25519.pub" 644
+    get_doc "SysAdmin/SSH" "agenix-private" "$HOME/.ssh/id_ed25519" 600
 }
 
 get_pgp() {
@@ -78,7 +80,7 @@ get_pgp() {
 }
 
 get_creds() {
-    BW_SESSION="$(bw login --raw)"
+    BW_SESSION="$(bw login --raw || bw unlock --raw)"
     export BW_SESSION
 
     get_ssh

flake.lock

@@ -1,12 +1,33 @@
 {
   "nodes": {
+    "agenix": {
+      "inputs": {
+        "nixpkgs": [
+          "nixpkgs"
+        ]
+      },
+      "locked": {
+        "lastModified": 1631896269,
+        "narHash": "sha256-DAyCxJ8JacayOzGgGSfzrn7ghtsfL/EsCyk1NEUaAR8=",
+        "owner": "ryantm",
+        "repo": "agenix",
+        "rev": "daf1d773989ac5d949aeef03fce0fe27e583dbca",
+        "type": "github"
+      },
+      "original": {
+        "owner": "ryantm",
+        "ref": "master",
+        "repo": "agenix",
+        "type": "github"
+      }
+    },
     "futils": {
       "locked": {
-        "lastModified": 1619345332,
-        "narHash": "sha256-qHnQkEp1uklKTpx3MvKtY6xzgcqXDsz5nLilbbuL+3A=",
+        "lastModified": 1631561581,
+        "narHash": "sha256-3VQMV5zvxaVLvqqUrNz3iJelLw30mIVSfZmAaauM3dA=",
         "owner": "numtide",
         "repo": "flake-utils",
-        "rev": "2ebf2558e5bf978c7fb8ea927dfaed8fefab2e28",
+        "rev": "7e5bf3925f6fbdfaf50a2a7ca0be2879c4261d19",
         "type": "github"
       },
       "original": {
@@ -23,11 +44,11 @@
         ]
       },
       "locked": {
-        "lastModified": 1619558193,
-        "narHash": "sha256-DljP5/9EX0eXEPhzCUFqFEHkkcFuXJBx1PTgcv0OgyM=",
+        "lastModified": 1633296444,
+        "narHash": "sha256-DnC7yVyoYFSsvFze16AWDa5iSHgtT1MbDGgp8rSC3H4=",
         "owner": "nix-community",
         "repo": "home-manager",
-        "rev": "18ad12d52b8cebbb57013865eec2be5125de050a",
+        "rev": "099cbcf13e8219f07b493980a66fe64df0e32d09",
         "type": "github"
       },
       "original": {
@@ -39,11 +60,11 @@
     },
     "nixpkgs": {
       "locked": {
-        "lastModified": 1619464443,
-        "narHash": "sha256-R7WAb8EnkIJxxaF6GTHUPytjonhB4Zm0iatyWoW169A=",
+        "lastModified": 1633263894,
+        "narHash": "sha256-InuWViZr3SL8PqRROkWhmSd3N8gGkiP7YaA7BRdjmhk=",
         "owner": "NixOS",
         "repo": "nixpkgs",
-        "rev": "8e4fe32876ca15e3d5eb3ecd3ca0b224417f5f17",
+        "rev": "01f2f2842aaa7f3af957fef93439d639e6941e6c",
         "type": "github"
       },
       "original": {
@@ -55,11 +76,11 @@
     },
     "nur": {
       "locked": {
-        "lastModified": 1619628114,
-        "narHash": "sha256-s3pQyvMfXVmbQOX224yOWQf6zi8406sShFF4u17LVQ0=",
+        "lastModified": 1633342505,
+        "narHash": "sha256-UgXnO+jX6V33mtbFgQKPLndNQid1DqOnMcsPlxqeWdk=",
         "owner": "nix-community",
         "repo": "NUR",
-        "rev": "0615e756dc14986c4968fa478c0bd080d621cb2b",
+        "rev": "061e44abde1dc11b10ff93fe6a388272850f473c",
         "type": "github"
       },
       "original": {
@@ -69,12 +90,38 @@
         "type": "github"
       }
     },
+    "pre-commit-hooks": {
+      "inputs": {
+        "flake-utils": [
+          "futils"
+        ],
+        "nixpkgs": [
+          "nixpkgs"
+        ]
+      },
+      "locked": {
+        "lastModified": 1631170176,
+        "narHash": "sha256-RLN/kur2Kpxt0cJp0Fms8ixuGpT8IHX0OpeQ8u8f0X4=",
+        "owner": "cachix",
+        "repo": "pre-commit-hooks.nix",
+        "rev": "3ed0e618cebc1ff291c27b749cf7568959cac028",
+        "type": "github"
+      },
+      "original": {
+        "owner": "cachix",
+        "ref": "master",
+        "repo": "pre-commit-hooks.nix",
+        "type": "github"
+      }
+    },
     "root": {
       "inputs": {
+        "agenix": "agenix",
         "futils": "futils",
         "home-manager": "home-manager",
         "nixpkgs": "nixpkgs",
-        "nur": "nur"
+        "nur": "nur",
+        "pre-commit-hooks": "pre-commit-hooks"
       }
     }
   },

flake.nix

@@ -1,6 +1,16 @@
 {
   description = "NixOS configuration with flakes";
   inputs = {
+    agenix = {
+      type = "github";
+      owner = "ryantm";
+      repo = "agenix";
+      ref = "master";
+      inputs = {
+        nixpkgs.follows = "nixpkgs";
+      };
+    };
+
     futils = {
       type = "github";
       owner = "numtide";
@@ -31,9 +41,29 @@
       repo = "NUR";
       ref = "master";
     };
+
+    pre-commit-hooks = {
+      type = "github";
+      owner = "cachix";
+      repo = "pre-commit-hooks.nix";
+      ref = "master";
+      inputs = {
+        flake-utils.follows = "futils";
+        nixpkgs.follows = "nixpkgs";
+      };
+    };
   };
 
-  outputs = { self, futils, home-manager, nixpkgs, nur } @ inputs:
+  outputs =
+    inputs @
+    { self
+    , agenix
+    , futils
+    , home-manager
+    , nixpkgs
+    , nur
+    , pre-commit-hooks
+    }:
     let
       inherit (futils.lib) eachDefaultSystem;
 
@@ -51,58 +81,81 @@
             nur.overlay
           ];
         }
-        home-manager.nixosModules.home-manager
-        {
-          home-manager.users.ambroisie = import ./home;
-          # Nix Flakes compatibility
-          home-manager.useGlobalPkgs = true;
-          home-manager.useUserPackages = true;
-        }
+        # Include generic settings
+        ./modules
+        # Include bundles of settings
+        ./profiles
       ];
 
       buildHost = name: system: lib.nixosSystem {
         inherit system;
         modules = defaultModules ++ [
-          (./. + "/${name}.nix")
+          (./. + "/machines/${name}")
         ];
         specialArgs = {
           # Use my extended lib in NixOS configuration
           inherit lib;
+          # Inject inputs to use them in global registry
+          inherit inputs;
         };
       };
     in
     eachDefaultSystem
       (system:
-        let
-          pkgs = nixpkgs.legacyPackages.${system};
-        in
-        rec {
-          apps = {
-            diff-flake = futils.lib.mkApp { drv = packages.diff-flake; };
+      let
+        pkgs = nixpkgs.legacyPackages.${system};
+      in
+      rec {
+        apps = {
+          diff-flake = futils.lib.mkApp { drv = packages.diff-flake; };
+        };
+
+        checks = {
+          pre-commit = pre-commit-hooks.lib.${system}.run {
+            src = ./.;
+
+            hooks = {
+              nixpkgs-fmt = {
+                enable = true;
+              };
+            };
           };
+        };
 
-          defaultApp = apps.diff-flake;
+        defaultApp = apps.diff-flake;
 
-          devShell = pkgs.mkShell {
-            name = "NixOS-config";
-            buildInputs = with pkgs; [
-              git-crypt
-              gitAndTools.pre-commit
-              gnupg
-              nixpkgs-fmt
-            ];
-          };
+        devShell = pkgs.mkShell {
+          name = "NixOS-config";
 
-          packages = import ./pkgs { inherit pkgs; };
-        }) // {
+          nativeBuildInputs = with pkgs; [
+            gitAndTools.pre-commit
+            gnupg
+            nixpkgs-fmt
+          ];
+
+          inherit (self.checks.${system}.pre-commit) shellHook;
+        };
+
+        packages =
+          let
+            inherit (futils.lib) filterPackages flattenTree;
+            packages = import ./pkgs { inherit pkgs; };
+            flattenedPackages = flattenTree packages;
+            finalPackages = filterPackages system flattenedPackages;
+          in
+          finalPackages;
+      }) // {
       overlay = self.overlays.pkgs;
 
-      overlays = {
+      overlays = import ./overlays // {
         lib = final: prev: { inherit lib; };
-        pkgs = final: prev: { ambroisie = import ./pkgs { pkgs = prev; }; };
+        pkgs = final: prev: {
+          ambroisie = prev.recurseIntoAttrs (import ./pkgs { pkgs = prev; });
+        };
       };
 
       nixosConfigurations = lib.mapAttrs buildHost {
+        aramis = "x86_64-linux";
         porthos = "x86_64-linux";
       };
     };

home/bluetooth/default.nix

@@ -0,0 +1,19 @@
+{ config, lib, ... }:
+let
+  cfg = config.my.home.bluetooth;
+in
+{
+  options.my.home.bluetooth = with lib; {
+    enable = mkEnableOption "bluetooth configuration";
+  };
+
+  config = lib.mkIf cfg.enable {
+    services.blueman-applet = {
+      enable = true;
+    };
+
+    services.mpris-proxy = {
+      enable = true;
+    };
+  };
+}

home/comma/default.nix

@@ -0,0 +1,29 @@
+{ config, lib, pkgs, ... }:
+let
+  cfg = config.my.home.comma;
+in
+{
+  options.my.home.comma = with lib; {
+    enable = my.mkDisableOption "comma configuration";
+
+    pkgsFlake = mkOption {
+      type = types.str;
+      default = "pkgs";
+      example = "nixpkgs";
+      description = ''
+        Which flake from the registry should be used with
+        <command>nix shell</command>.
+      '';
+    };
+  };
+
+  config = lib.mkIf cfg.enable {
+    home.packages = with pkgs; [
+      ambroisie.comma
+    ];
+
+    home.sessionVariables = {
+      COMMA_PKGS_FLAKE = cfg.pkgsFlake;
+    };
+  };
+}

home/default.nix

@@ -1,20 +1,37 @@
 { ... }:
 {
   imports = [
-    ./bat.nix
-    ./direnv.nix
-    ./documentation.nix
+    ./bat
+    ./bluetooth
+    ./comma
+    ./direnv
+    ./documentation
+    ./feh
+    ./firefox
+    ./flameshot
+    ./gammastep
+    ./gdb
     ./git
-    ./gpg.nix
-    ./htop.nix
-    ./jq.nix
-    ./packages.nix
-    ./pager.nix
-    ./secrets # Home-manager specific secrets
-    ./ssh.nix
-    ./tmux.nix
+    ./gpg
+    ./gtk
+    ./htop
+    ./jq
+    ./mail
+    ./mpv
+    ./nix-index
+    ./nm-applet
+    ./packages
+    ./pager
+    ./power-alert
+    ./ssh
+    ./terminal
+    ./tmux
+    ./udiskie
     ./vim
-    ./xdg.nix
+    ./wm
+    ./x
+    ./xdg
+    ./zathura
     ./zsh
   ];
 

home/direnv/default.nix

@@ -9,7 +9,11 @@ in
 
   config.programs.direnv = lib.mkIf cfg.enable {
     enable = true;
-    # A better `use_nix`
-    enableNixDirenvIntegration = true;
+    nix-direnv = {
+      # A better `use_nix`
+      enable = true;
+      # And `use_flake`
+      enableFlakes = true;
+    };
   };
 }

home/feh/default.nix

@@ -0,0 +1,13 @@
+{ config, lib, ... }:
+let
+  cfg = config.my.home.feh;
+in
+{
+  options.my.home.feh = with lib; {
+    enable = mkEnableOption "feh configuration";
+  };
+
+  config.programs.feh = lib.mkIf cfg.enable {
+    enable = true;
+  };
+}

home/firefox/default.nix

@@ -0,0 +1,84 @@
+{ config, lib, pkgs, ... }:
+let
+  cfg = config.my.home.firefox;
+in
+{
+  imports = [
+    ./tridactyl
+  ];
+
+  options.my.home.firefox = with lib; {
+    enable = mkEnableOption "firefox configuration";
+
+    tridactyl = {
+      enable = mkOption {
+        type = types.bool;
+        description = "tridactyl configuration";
+        example = false;
+        default = config.my.home.firefox.enable;
+      };
+    };
+
+    ff2mpv = {
+      enable = mkOption {
+        type = types.bool;
+        description = "ff2mpv configuration";
+        example = false;
+        default = config.my.home.mpv.enable;
+      };
+    };
+  };
+
+  config.programs.firefox = lib.mkIf cfg.enable {
+    enable = true;
+
+    package = pkgs.firefox.override {
+      cfg = {
+        enableTridactylNative = cfg.tridactyl.enable;
+      };
+
+      extraNativeMessagingHosts = with pkgs; ([ ]
+        # Watch videos using mpv
+        ++ lib.optional cfg.ff2mpv.enable ambroisie.ff2mpv-go
+      );
+    };
+
+    profiles = {
+      default = {
+        id = 0;
+
+        settings = {
+          "browser.bookmarks.showMobileBookmarks" = true; # Mobile bookmarks
+          "browser.download.useDownloadDir" = false; # Ask for download location
+          "browser.in-content.dark-mode" = true; # Dark mode
+          "browser.newtabpage.activity-stream.feeds.section.topstories" = false; # Disable top stories
+          "browser.newtabpage.activity-stream.feeds.sections" = false;
+          "browser.newtabpage.activity-stream.feeds.system.topstories" = false; # Disable top stories
+          "browser.newtabpage.activity-stream.section.highlights.includePocket" = false; # Disable pocket
+          "extensions.pocket.enabled" = false; # Disable pocket
+          "media.eme.enabled" = true; # Enable DRM
+          "media.gmp-widevinecdm.visible" = true; # Enable DRM
+          "media.gmp-widevinecdm.enabled" = true; # Enable DRM
+          "signon.autofillForms" = false; # Disable built-in form-filling
+          "signon.rememberSignons" = false; # Disable built-in password manager
+          "ui.systemUsesDarkTheme" = true; # Dark mode
+        };
+      };
+    };
+
+    extensions = with pkgs.nur.repos.rycee.firefox-addons; ([
+      bitwarden
+      form-history-control
+      https-everywhere
+      i-dont-care-about-cookies
+      reddit-comment-collapser
+      reddit-enhancement-suite
+      refined-github
+      sponsorblock
+      ublock-origin
+    ]
+    ++ lib.optional (cfg.tridactyl.enable) tridactyl
+    ++ lib.optional (cfg.ff2mpv.enable) ff2mpv
+    );
+  };
+}

home/firefox/tridactyl/default.nix

@@ -0,0 +1,9 @@
+{ config, lib, ... }:
+let
+  cfg = config.my.home.firefox.tridactyl;
+in
+{
+  config = lib.mkIf cfg.enable {
+    xdg.configFile."tridactyl/tridactylrc".source = ./tridactylrc;
+  };
+}

home/firefox/tridactyl/tridactylrc

@@ -0,0 +1,75 @@
+" Shamelessly taken from bovine3dom's example configuration file from the docs
+
+" Basics {{{
+" Use dark color scheme
+colorscheme dark
+
+" Make tridactyl open Vim in my prefered terminal
+" FIXME: make it follow my prefered terminal
+set editorcmd termite --class tridactyl_editor -e 'vim %f'
+" }}}
+
+" Binds {{{
+" Reddit et al. {{{
+" Toggle comments on Reddit, Hacker News, Lobste.rs
+bind ;c hint -c [class*="expand"],[class="togg"],[class="comment_folder"]
+
+" Make `gu` take me back to subreddit from comments
+bindurl reddit.com gu urlparent 3
+
+" Only hint search results on Google
+bindurl www.google.com f hint -Jc #search div:not(.action-menu) > a
+bindurl www.google.com F hint -Jbc #search div:not(.action-menu) > a
+
+" Only hint search results on DuckDuckGo
+bindurl ^https://duckduckgo.com f hint -Jc [class=result__a]
+bindurl ^https://duckduckgo.com F hint -Jbc [class=result__a]
+
+" Only hint item pages on Hacker News
+bindurl news.ycombinator.com ;f hint -Jc .age > a
+bindurl news.ycombinator.com ;F hint -Jtc .age > a
+" }}}
+
+" Better bindings {{{
+" Handy multiwindow binds
+bind gd tabdetach
+bind gD composite tabduplicate; tabdetach
+
+" Duplicate a tab without detaching window
+bind <Space>d tabduplicate
+
+" Make yy use canonical links on the few websites that support them
+bind yy clipboard yankcanon
+" }}}
+
+" Search {{{
+" Case insensitive only if fully lowercase
+set findcase smart
+
+" Search forward/backward
+bind / fillcmdline find
+bind ? fillcmdline find -?
+
+" Go to next/previous match
+bind n findnext 1
+bind N findnext -1
+
+" Because :nohls never works
+bind <Space><Space> nohlsearch
+
+" Use browser's native find when using Ctrl-F
+unbind <C-f>
+" }}}
+" }}}
+
+" Redirections {{{
+" Always redirect Reddit to the old site
+autocmd DocStart ^http(s?)://www.reddit.com js tri.excmds.urlmodify("-t", "www", "old")
+" }}}
+
+" Disabled websites {{{
+blacklistadd netflix.com
+blacklistadd jellyfin.belanyi.fr
+" }}}
+
+" vim: set filetype=vim foldmethod=marker:

home/flameshot/default.nix

@@ -0,0 +1,13 @@
+{ config, lib, ... }:
+let
+  cfg = config.my.home.flameshot;
+in
+{
+  options.my.home.flameshot = with lib; {
+    enable = mkEnableOption "flameshot configuration";
+  };
+
+  config.services.flameshot = lib.mkIf cfg.enable {
+    enable = true;
+  };
+}

home/gammastep/default.nix

@@ -0,0 +1,44 @@
+{ config, lib, ... }:
+let
+  cfg = config.my.home.gammastep;
+
+  mkTempOption = with lib; description: default: mkOption {
+    inherit description default;
+    type = types.int;
+    example = 1000;
+  };
+
+  mkTimeOption = with lib; description: default: mkOption {
+    inherit description default;
+    type = types.str;
+    example = "12:00-14:00";
+  };
+in
+{
+  options.my.home.gammastep = with lib; {
+    enable = mkEnableOption "gammastep configuration";
+
+    temperature = {
+      day = mkTempOption "Colour temperature to use during the day" 6500;
+      night = mkTempOption "Colour temperature to use during the night" 2000;
+    };
+
+    times = {
+      dawn = mkTimeOption "Dawn time" "6:00-7:30";
+      dusk = mkTimeOption "Dusk time" "18:30-20:00";
+    };
+  };
+
+  config.services.gammastep = lib.mkIf cfg.enable {
+    enable = true;
+
+    tray = true;
+
+    dawnTime = cfg.times.dawn;
+    duskTime = cfg.times.dusk;
+
+    temperature = {
+      inherit (cfg.temperature) day night;
+    };
+  };
+}

home/gdb/default.nix

@@ -0,0 +1,42 @@
+{ config, lib, pkgs, ... }:
+let
+  cfg = config.my.home.gdb;
+in
+{
+  options.my.home.gdb = with lib; {
+    enable = my.mkDisableOption "gdb configuration";
+
+    rr = {
+      enable = my.mkDisableOption "rr configuration";
+
+      package = mkOption {
+        type = types.package;
+        default = pkgs.rr;
+        defaultText = literalExample "pkgs.rr";
+        description = ''
+          Package providing rr
+        '';
+      };
+    };
+  };
+
+  config = lib.mkMerge [
+    (lib.mkIf cfg.enable {
+      home.packages = with pkgs; [
+        gdb
+      ];
+
+      # FIXME: waiting for commit 64aaad6349d2b2c45063a5383f877ce9a3a0c354
+      xdg.configFile."gdb/gdbinit".source = ./gdbinit;
+
+      # FIXME: remove once `gdb` is updated from version 10.2
+      home.file.".gdbinit".source = ./gdbinit;
+    })
+
+    (lib.mkIf cfg.rr.enable {
+      home.packages = [
+        cfg.rr.package
+      ];
+    })
+  ];
+}

home/gdb/gdbinit

@@ -0,0 +1,24 @@
+ # Keep a history of all commands in each directory
+set history save on
+
+# Enable those pretty-printers
+enable pretty-printer
+
+# Pretty formatting of structures
+set print pretty on
+# Show derived type based on VTable
+set print object on
+# Show static members
+set print static-members on
+# Show VTable
+set print vtbl on
+# Demangle types
+set print demangle on
+
+# Read python scrips in the load path
+set auto-load python-scripts
+
+# Allow autoloading project-local .gdbinit files
+set auto-load safe-path ~/git/
+# Allow autoloading from the Nix store
+set auto-load safe-path /nix/store

home/git/default.nix

@@ -18,11 +18,12 @@ in
     package = pkgs.gitAndTools.gitFull;
 
     aliases = {
-      lol = "log --graph --decorate --pretty=oneline --abbrev-commit";
+      lol = "log --graph --decorate --pretty=oneline --abbrev-commit --topo-order";
       lola = "lol --all";
       assume = "update-index --assume-unchanged";
       unassume = "update-index --no-assume-unchanged";
       assumed = "!git ls-files -v | grep ^h | cut -c 3-";
+      pick = "log -p -G";
       push-new = "!git push -u origin "
         + ''"$(git branch | grep '^* ' | cut -f2- -d' ')"'';
     };

home/gpg/default.nix

@@ -3,8 +3,15 @@ let
   cfg = config.my.home.gpg;
 in
 {
-  options.my.home.gpg = with lib.my; {
-    enable = mkDisableOption "gpg configuration";
+  options.my.home.gpg = with lib; {
+    enable = my.mkDisableOption "gpg configuration";
+
+    pinentry = mkOption {
+      type = types.str;
+      default = "tty";
+      example = "gtk2";
+      description = "Which pinentry interface to use";
+    };
   };
 
   config = lib.mkIf cfg.enable {
@@ -15,7 +22,7 @@ in
     services.gpg-agent = {
       enable = true;
       enableSshSupport = true; # One agent to rule them all
-      pinentryFlavor = "tty";
+      pinentryFlavor = cfg.pinentry;
       extraConfig = ''
         allow-loopback-pinentry
       '';

home/gtk/default.nix

@@ -0,0 +1,33 @@
+{ config, lib, pkgs, ... }:
+let
+  cfg = config.my.home.gtk;
+in
+{
+  options.my.home.gtk = with lib; {
+    enable = mkEnableOption "GTK configuration";
+  };
+
+  config.gtk = lib.mkIf cfg.enable {
+    enable = true;
+
+    font = {
+      package = pkgs.dejavu_fonts;
+      name = "DejaVu Sans";
+    };
+
+    gtk2 = {
+      # That sweet, sweet clean home that I am always aiming for...
+      configLocation = "${config.xdg.configHome}/gtk-2.0/gtkrc";
+    };
+
+    iconTheme = {
+      package = pkgs.gnome3.gnome_themes_standard;
+      name = "Adwaita";
+    };
+
+    theme = {
+      package = pkgs.gnome3.gnome_themes_standard;
+      name = "Adwaita";
+    };
+  };
+}

home/mail/accounts/default.nix

@@ -0,0 +1,105 @@
+{ config, lib, pkgs, ... }:
+let
+  cfg = config.my.home.mail;
+
+  mkAddress = address: domain: "${address}@${domain}";
+
+  mkConfig = { domain, address, passName, aliases ? [ ], primary ? false }: {
+    realName = lib.mkDefault "Bruno BELANYI";
+    userName = lib.mkDefault (mkAddress address domain);
+    passwordCommand =
+      lib.mkDefault [ "${pkgs.ambroisie.bw-pass}/bin/bw-pass" "Mail" passName ];
+
+    address = mkAddress address domain;
+    aliases = builtins.map (lib.flip mkAddress domain) aliases;
+
+    inherit primary;
+
+    himalaya = {
+      enable = cfg.himalaya.enable;
+    };
+
+    msmtp = {
+      enable = cfg.msmtp.enable;
+    };
+  };
+
+  migaduConfig = {
+    imap = {
+      host = "imap.migadu.com";
+      port = 993;
+      tls = {
+        enable = true;
+      };
+    };
+    smtp = {
+      host = "smtp.migadu.com";
+      port = 465;
+      tls = {
+        enable = true;
+      };
+    };
+  };
+
+  gmailConfig = {
+    flavor = "gmail.com";
+    folders = {
+      drafts = "[Gmail]/Drafts";
+      sent = "[Gmail]/Sent Mail";
+      trash = "[Gmail]/Trash";
+    };
+  };
+
+  office365Config = {
+    imap = {
+      host = "outlook.office365.com";
+      port = 993;
+      tls = {
+        enable = true;
+      };
+    };
+    smtp = {
+      host = "outlook.office365.com";
+      port = 587;
+      tls = {
+        enable = true;
+        useStartTls = true;
+      };
+    };
+  };
+in
+{
+  config.accounts.email.accounts = {
+    personal = lib.mkMerge [
+      # Common configuraton
+      (mkConfig {
+        domain = "belanyi.fr";
+        address = "bruno";
+        passName = "Migadu";
+        aliases = [ "admin" "postmaster" ];
+        primary = true; # This is my primary email
+      })
+      migaduConfig
+    ];
+
+    gmail = lib.mkMerge [
+      # Common configuraton
+      (mkConfig {
+        domain = "gmail.com";
+        address = "brunobelanyi";
+        passName = "GMail";
+      })
+      gmailConfig
+    ];
+
+    epita = lib.mkMerge [
+      # Common configuration
+      (mkConfig {
+        domain = "epita.fr";
+        address = "bruno.belanyi";
+        passName = "EPITA";
+      })
+      office365Config
+    ];
+  };
+}

home/mail/default.nix

@@ -0,0 +1,31 @@
+{ config, lib, ... }:
+let
+  cfg = config.my.home.mail;
+
+  mkRelatedOption = desc: lib.mkEnableOption desc // { default = cfg.enable; };
+in
+{
+  imports = [
+    ./accounts
+    ./himalaya
+    ./msmtp
+  ];
+
+  options.my.home.mail = with lib; {
+    enable = my.mkDisableOption "email configuration";
+
+    himalaya = {
+      enable = mkRelatedOption "himalaya configuration";
+    };
+
+    msmtp = {
+      enable = mkRelatedOption "msmtp configuration";
+    };
+  };
+
+  config = {
+    accounts.email = {
+      maildirBasePath = "mail";
+    };
+  };
+}

home/mail/himalaya/default.nix

@@ -0,0 +1,23 @@
+{ config, lib, pkgs, ... }:
+let
+  cfg = config.my.home.mail.himalaya;
+in
+{
+  config.programs.himalaya = lib.mkIf cfg.enable {
+    enable = true;
+
+    settings = {
+      notify-cmd =
+        let
+          notify-send = "${pkgs.libnotify}/bin/notify-send";
+        in
+        pkgs.writeScript "mail-notifier" ''
+          SENDER="$1"
+          SUBJECT="$2"
+          ${notify-send} \
+            -c himalaya \
+            -- "$(printf 'Received email from %s\n\n%s' "$SENDER" "$SUBJECT")"
+        '';
+    };
+  };
+}

home/mail/msmtp/default.nix

@@ -0,0 +1,9 @@
+{ config, lib, ... }:
+let
+  cfg = config.my.home.mail.msmtp;
+in
+{
+  config.programs.msmtp = lib.mkIf cfg.enable {
+    enable = true;
+  };
+}

home/mpv/default.nix

@@ -0,0 +1,19 @@
+{ config, lib, pkgs, ... }:
+let
+  cfg = config.my.home.mpv;
+in
+{
+  options.my.home.mpv = with lib; {
+    enable = mkEnableOption "mpv configuration";
+  };
+
+  config = lib.mkIf cfg.enable {
+    programs.mpv = {
+      enable = true;
+
+      scripts = [
+        pkgs.mpvScripts.mpris # Allow controlling using media keys
+      ];
+    };
+  };
+}

home/nix-index/default.nix

@@ -0,0 +1,13 @@
+{ config, lib, ... }:
+let
+  cfg = config.my.home.nix-index;
+in
+{
+  options.my.home.nix-index = with lib.my; {
+    enable = mkDisableOption "nix-index configuration";
+  };
+
+  config.programs.nix-index = lib.mkIf cfg.enable {
+    enable = true;
+  };
+}

home/nm-applet/default.nix

@@ -0,0 +1,13 @@
+{ config, lib, ... }:
+let
+  cfg = config.my.home.nm-applet;
+in
+{
+  options.my.home.nm-applet = with lib; {
+    enable = mkEnableOption "network-manager-applet configuration";
+  };
+
+  config.services.network-manager-applet = lib.mkIf cfg.enable {
+    enable = true;
+  };
+}

home/packages.nix

@@ -1,20 +0,0 @@
-{ config, lib, pkgs, ... }:
-let
-  cfg = config.my.home.packages;
-in
-{
-  options.my.home.packages = with lib.my; {
-    enable = mkDisableOption "user packages";
-  };
-
-  config.home.packages = with pkgs; lib.mkIf cfg.enable [
-    # Git related
-    gitAndTools.git-absorb
-    gitAndTools.git-revise
-    gitAndTools.tig
-    # Dev work
-    rr
-    # Terminal prettiness
-    termite.terminfo
-  ];
-}

home/packages/default.nix

@@ -0,0 +1,28 @@
+{ config, lib, pkgs, ... }:
+let
+  cfg = config.my.home.packages;
+in
+{
+  options.my.home.packages = with lib; {
+    enable = my.mkDisableOption "user packages";
+
+    additionalPackages = mkOption {
+      type = with types; listOf package;
+      default = [ ];
+      example = literalExample ''
+        with pkgs; [
+          quasselClient
+        ]
+      '';
+    };
+  };
+
+  config.home.packages = with pkgs; lib.mkIf cfg.enable ([
+    file
+    gitAndTools.git-absorb
+    gitAndTools.git-revise
+    gitAndTools.tig
+    rr
+    termite.terminfo
+  ] ++ cfg.additionalPackages);
+}

home/pager.nix

@@ -1,18 +0,0 @@
-{ config, lib, ... }:
-let
-  cfg = config.my.home.pager;
-in
-{
-  options.my.home.pager = with lib.my; {
-    enable = mkDisableOption "pager configuration";
-  };
-
-  config.programs.lesspipe.enable = cfg.enable;
-
-  config.home.sessionVariables = lib.mkIf cfg.enable {
-    # My default pager
-    PAGER = "less";
-    # Clear the screen on start and exit
-    LESS = "-R -+X -c";
-  };
-}

home/pager/default.nix

@@ -0,0 +1,36 @@
+{ config, lib, ... }:
+let
+  cfg = config.my.home.pager;
+in
+{
+  options.my.home.pager = with lib.my; {
+    enable = mkDisableOption "pager configuration";
+  };
+
+
+  config = lib.mkIf cfg.enable {
+    home.sessionVariables = {
+      # My default pager
+      PAGER = "less";
+      # Clear the screen on start and exit
+      LESS = "-R -+X -c";
+    };
+
+    programs.zsh.localVariables = {
+      # Colored man pages
+      LESS_TERMCAP_mb = "$(tput bold; tput setaf 2)";
+      LESS_TERMCAP_md = "$(tput bold; tput setaf 6)";
+      LESS_TERMCAP_me = "$(tput sgr0)";
+      LESS_TERMCAP_so = "$(tput bold; tput setaf 3; tput setab 4)";
+      LESS_TERMCAP_se = "$(tput rmso; tput sgr0)";
+      LESS_TERMCAP_us = "$(tput bold; tput setaf 2)";
+      LESS_TERMCAP_ue = "$(tput rmul; tput sgr0)";
+      LESS_TERMCAP_mr = "$(tput rev)";
+      LESS_TERMCAP_mh = "$(tput dim)";
+      LESS_TERMCAP_ZN = "$(tput ssubm)";
+      LESS_TERMCAP_ZV = "$(tput rsubm)";
+      LESS_TERMCAP_ZO = "$(tput ssupm)";
+      LESS_TERMCAP_ZW = "$(tput rsupm)";
+    };
+  };
+}

home/power-alert/default.nix

@@ -0,0 +1,15 @@
+{ config, lib, ... }:
+let
+  cfg = config.my.home.power-alert;
+in
+{
+  options.my.home.power-alert = with lib; {
+    enable = mkEnableOption "power-alert configuration";
+  };
+
+  config = lib.mkIf cfg.enable {
+    services.poweralertd = {
+      enable = true;
+    };
+  };
+}

home/secrets/.gitattributes

@@ -1,3 +0,0 @@
-* filter=git-crypt diff=git-crypt
-.gitattributes !filter !diff
-/default.nix !filter !diff

home/secrets/default.nix

@@ -1,19 +0,0 @@
-{ lib, ... }:
-
-with lib;
-let
-  canaryHash = builtins.hashFile "sha256" ./canary;
-  expectedHash =
-    "9df8c065663197b5a1095122d48e140d3677d860343256abd5ab6e4fb4c696ab";
-in
-if canaryHash != expectedHash then
-  abort "Secrets are not readable. Have you run `git-crypt unlock`?"
-else {
-  options.my.secrets = mkOption {
-    type = types.attrs;
-  };
-
-  config.my.secrets = {
-    # Home-manager secrets go here
-  };
-}

home/ssh/default.nix

@@ -7,7 +7,7 @@ in
     enable = mkDisableOption "ssh configuration";
   };
 
-  config.programs.ssh = {
+  config.programs.ssh = lib.mkIf cfg.enable {
     enable = true;
 
     matchBlocks = {

home/terminal/default.nix

@@ -0,0 +1,61 @@
+{ config, lib, ... }:
+let
+  mkColorOption = with lib; description: default: mkOption {
+    inherit description default;
+    example = "#abcdef";
+    type = types.strMatching "#[0-9a-f]{6}";
+  };
+
+  cfg = config.my.home.terminal;
+in
+{
+  imports = [
+    ./termite
+  ];
+
+  options.my.home = with lib; {
+    terminal = {
+      program = mkOption {
+        type = with types; nullOr (enum [ "termite" ]);
+        default = null;
+        example = "termite";
+        description = "Which terminal to use for home session";
+      };
+
+      colors = {
+        background = mkColorOption "Background color" "#161616";
+        foreground = mkColorOption "Foreground color" "#ffffff";
+        foregroundBold = mkColorOption "Foreground bold color" "#ffffff";
+        cursor = mkColorOption "Cursor color" "#ffffff";
+
+        black = mkColorOption "Black" "#222222";
+        blackBold = mkColorOption "Black bold" "#666666";
+
+        red = mkColorOption "Red" "#e84f4f";
+        redBold = mkColorOption "Red bold" "#d23d3d";
+
+        green = mkColorOption "Green" "#b7ce42";
+        greenBold = mkColorOption "Green bold" "#bde077";
+
+        yellow = mkColorOption "Yellow" "#fea63c";
+        yellowBold = mkColorOption "Yellow bold" "#ffe863";
+
+        blue = mkColorOption "Blue" "#66aabb";
+        blueBold = mkColorOption "Blue bold" "#aaccbb";
+
+        magenta = mkColorOption "Magenta" "#b7416e";
+        magentaBold = mkColorOption "Magenta bold" "#e16a98";
+
+        cyan = mkColorOption "Cyan" "#6d878d";
+        cyanBold = mkColorOption "Cyan bold" "#42717b";
+
+        white = mkColorOption "White" "#dddddd";
+        whiteBold = mkColorOption "White bold" "#cccccc";
+      };
+    };
+  };
+
+  config.home.sessionVariables = lib.mkIf (cfg.program != null) {
+    TERMINAL = cfg.program;
+  };
+}

home/terminal/termite/default.nix

@@ -0,0 +1,53 @@
+{ config, lib, pkgs, ... }:
+let
+  cfg = config.my.home.terminal;
+in
+{
+  config = lib.mkIf (cfg.program == "termite") {
+    programs.termite = {
+      enable = true;
+
+      # Niceties
+      browser = "${pkgs.xdg-utils}/bin/xdg-open";
+      clickableUrl = true;
+      dynamicTitle = true;
+      fullscreen = false;
+      mouseAutohide = true;
+      urgentOnBell = true;
+
+      # Look and feel
+      allowBold = true;
+      audibleBell = false;
+      cursorBlink = "system";
+      font = "Monospace 9";
+      scrollbar = "off";
+
+
+      # Colors
+      backgroundColor = cfg.colors.background;
+      cursorColor = cfg.colors.cursor;
+      foregroundColor = cfg.colors.foreground;
+      foregroundBoldColor = cfg.colors.foregroundBold;
+      colorsExtra = with cfg.colors; ''
+        # Normal colors
+        color0 = ${black}
+        color1 = ${red}
+        color2 = ${green}
+        color3 = ${yellow}
+        color4 = ${blue}
+        color5 = ${magenta}
+        color6 = ${cyan}
+        color7 = ${white}
+        # Bold colors
+        color8 = ${blackBold}
+        color9 = ${redBold}
+        color10 = ${greenBold}
+        color11 = ${yellowBold}
+        color12 = ${blueBold}
+        color13 = ${magentaBold}
+        color14 = ${cyanBold}
+        color15 = ${whiteBold}
+      '';
+    };
+  };
+}

home/tmux/default.nix

@@ -5,6 +5,10 @@ in
 {
   options.my.home.tmux = with lib.my; {
     enable = mkDisableOption "tmux terminal multiplexer";
+
+    service = {
+      enable = mkDisableOption "tmux server service";
+    };
   };
 
   config.programs.tmux = lib.mkIf cfg.enable {
@@ -13,7 +17,7 @@ in
     keyMode = "vi"; # Home-row keys and other niceties
     clock24 = true; # I'm one of those heathens
     escapeTime = 0; # Let vim do its thing instead
-    historyLimit = 5000; # Bigger buffer
+    historyLimit = 50000; # Bigger buffer
     terminal = "tmux-256color"; # I want accurate termcap info
 
     plugins = with pkgs.tmuxPlugins; [
@@ -44,4 +48,30 @@ in
       bind-key -T copy-mode-vi 'y' send -X copy-selection-and-cancel
     '';
   };
+
+  config.systemd.user.services.tmux = lib.mkIf cfg.service.enable {
+    Unit = {
+      Description = "tmux server";
+    };
+
+    Install = {
+      WantedBy = [ "default.target" ];
+    };
+
+    Service =
+      let
+        # Wrap `tmux` in a login shell and set the socket path
+        tmuxCmd = "${config.programs.tmux.package}/bin/tmux";
+        socketExport = lib.optionalString
+          config.programs.tmux.secureSocket
+          ''export TMUX_TMPDIR=''${XDG_RUNTIME_DIR:-"/run/user/\$(id -u)"};'';
+        mkTmuxCommand =
+          c: "${pkgs.runtimeShell} -l -c '${socketExport} ${tmuxCmd} ${c}'";
+      in
+      {
+        Type = "forking";
+        ExecStart = mkTmuxCommand "new -d -s ambroisie";
+        ExecStop = mkTmuxCommand "kill-server";
+      };
+  };
 }

home/udiskie/default.nix

@@ -0,0 +1,13 @@
+{ config, lib, ... }:
+let
+  cfg = config.my.home.udiskie;
+in
+{
+  options.my.home.udiskie = with lib; {
+    enable = mkEnableOption "udiskie configuration";
+  };
+
+  config.services.udiskie = lib.mkIf cfg.enable {
+    enable = true;
+  };
+}

home/vim/default.nix

@@ -31,10 +31,7 @@ in
     plugins = with pkgs.vimPlugins; [
       # Theming
       lightline-vim # Fancy status bar
-      {
-        plugin = onedark-vim; # Nice dark theme
-        optional = true; # Needs to be `packadd`-ed manually...
-      }
+      vim-gruvbox8 # Nice dark theme
 
       # tpope essentials
       vim-commentary # Easy comments

home/vim/init.vim

@@ -68,10 +68,12 @@ set timeoutlen=500
 " Set dark mode by default
 set background=dark
 
-" Load it manually because of autoload functions...
-packadd! onedark-vim
-" Use onedark
-colorscheme onedark
+" Include plug-in integration
+let g:gruvbox_plugin_hi_groups=1
+" Include filetype integration
+let g:gruvbox_filetype_hi_groups=1
+" Use my preferred colorscheme
+colorscheme gruvbox8
 " }}}
 
 " Search parameters {{{

home/vim/plugin/settings/lightline.vim

@@ -2,7 +2,7 @@
 let g:lightline={}
 
 " Use the wombat colorscheme
-let g:lightline.colorscheme='onedark'
+let g:lightline.colorscheme='wombat'
 
 " Status-line for active buffer
 let g:lightline.active={

home/wm/default.nix

@@ -0,0 +1,87 @@
+{ config, lib, pkgs, ... }:
+let
+  mkRelatedOption = description: relatedWMs:
+    let
+      isActivatedWm = wm: config.my.home.wm.windowManager == wm;
+    in
+    (lib.mkEnableOption description) // {
+      default = builtins.any isActivatedWm relatedWMs;
+    };
+in
+{
+  imports = [
+    ./dunst
+    ./i3
+    ./i3bar
+    ./rofi
+    ./screen-lock
+  ];
+
+  options.my.home.wm = with lib; {
+    windowManager = mkOption {
+      type = with types; nullOr (enum [ "i3" ]);
+      default = null;
+      example = "i3";
+      description = "Which window manager to use for home session";
+    };
+
+    dunst = {
+      enable = mkRelatedOption "dunst configuration" [ "i3" ];
+    };
+
+    i3bar = {
+      enable = mkRelatedOption "i3bar configuration" [ "i3" ];
+    };
+
+    rofi = {
+      enable = mkRelatedOption "rofi menu" [ "i3" ];
+    };
+
+    screen-lock = {
+      enable = mkRelatedOption "automatic X screen locker" [ "i3" ];
+
+      command = mkOption {
+        type = types.str;
+        default = "${pkgs.i3lock}/bin/i3lock -n -c 000000";
+        example = "\${pkgs.i3lock}/bin/i3lock -n -i lock.png";
+        description = "Locker command to run";
+      };
+
+      cornerLock = {
+        enable = my.mkDisableOption ''
+          Move mouse to upper-left corner to lock instantly, lower-right corner to
+          disable auto-lock.
+        '';
+
+        delay = mkOption {
+          type = types.int;
+          default = 5;
+          example = 15;
+          description = "How many seconds before locking this way";
+        };
+      };
+
+      notify = {
+        enable = my.mkDisableOption "Notify when about to lock the screen";
+
+        delay = mkOption {
+          type = types.int;
+          default = 5;
+          example = 15;
+          description = ''
+            How many seconds in advance should there be a notification.
+            This value must be at lesser than or equal to `cornerLock.delay`
+            when both options are enabled.
+          '';
+        };
+      };
+
+      timeout = mkOption {
+        type = types.ints.between 1 60;
+        default = 5;
+        example = 1;
+        description = "Inactive time interval to lock the screen automatically";
+      };
+    };
+  };
+}

home/wm/dunst/default.nix

@@ -0,0 +1,68 @@
+{ config, lib, ... }:
+let
+  cfg = config.my.home.wm.dunst;
+in
+{
+  config = lib.mkIf cfg.enable {
+    services.dunst = {
+      enable = true;
+
+      settings = {
+        global = {
+          alignment = "center"; # Put message in the middle of the box
+          browser = "xdg-open"; # use default browser to open links
+          dmenu =
+            lib.mkIf
+              config.my.home.wm.rofi.enable
+              "rofi -p dunst -dmenu"; # use rofi for menu
+          follow = "keyboard"; # follow keyboard focus
+          font = "Monospace 8"; # Simple looking font
+          frame_width = 3; # small frame
+          geometry = "300x50-15+49";
+          markup = "full"; # subset of HTML
+          max_icon_size = 32; # avoid icons that are too big
+          padding = 6; # distance between text and bubble border
+          progress_bar = true; # show a progress bar in notification bubbles
+          separator_color = "frame"; # use frame color to separate bubbles
+          sort = true; # sort messages by urgency
+          word_wrap = true; # Break long lines to make them readable
+        };
+
+        urgency_low = {
+          background = "#191311";
+          foreground = "#3b7c87";
+          frame_color = "#3b7c87";
+          highlight = "#4998a6";
+          timeout = 10;
+        };
+
+        urgency_normal = {
+          background = "#191311";
+          foreground = "#5b8234";
+          frame_color = "#5b8234";
+          highlight = "#73a542";
+          timeout = 10;
+        };
+
+        urgency_critical = {
+          background = "#191311";
+          foreground = "#b7472a";
+          frame_color = "#b7472a";
+          highlight = "#d25637";
+          timeout = 0;
+        };
+
+        fullscreen_delay_everything = {
+          # delay notifications by default
+          fullscreen = "delay";
+        };
+
+        fullscreen_show_critical = {
+          # show critical notification
+          fullscreen = "show";
+          msg_urgency = "critical";
+        };
+      };
+    };
+  };
+}

home/wm/i3/default.nix

@@ -0,0 +1,373 @@
+{ config, lib, pkgs, ... }:
+let
+  isEnabled = config.my.home.wm.windowManager == "i3";
+
+  terminal =
+    if config.my.home.terminal.program != null
+    then config.my.home.terminal.program
+    else "i3-sensible-terminal";
+
+  alt = "Mod1"; # `Alt` key
+  modifier = "Mod4"; # `Super` key
+  movementKeys = [ "Left" "Down" "Up" "Right" ];
+  vimMovementKeys = [ "h" "j" "k" "l" ];
+  shutdownMode =
+    "(l)ock, (e)xit, switch_(u)ser, (h)ibernate, (r)eboot, (Shift+s)hutdown";
+
+  # Takes an attrset of bindings for movement keys, transforms it to Vim keys
+  toVimKeyBindings =
+    let
+      toVimKeys = builtins.replaceStrings movementKeys vimMovementKeys;
+    in
+    lib.my.renameAttrs toVimKeys;
+
+  # Takes an attrset of bindings for movement keys, add equivalent Vim keys
+  addVimKeyBindings = bindings: bindings // (toVimKeyBindings bindings);
+  # Generate an attrset of movement bindings, using the mapper function
+  genMovementBindings = f: addVimKeyBindings (lib.my.genAttrs' movementKeys f);
+
+  # Screen backlight management
+  changeBacklight =
+    let
+      brightnessctl = "${pkgs.brightnessctl}/bin/brightnessctl";
+    in
+    pkgs.writeScript "change-backlight" ''
+      #!/bin/sh
+      if [ "$1" = "up" ]; then
+          upDown="+$2%"
+      else
+          upDown="$2%-"
+      fi
+
+      newBrightness="$(${brightnessctl} -m set "$upDown" | cut -d, -f4)"
+      ${pkgs.libnotify}/bin/notify-send -u low \
+          -h string:x-canonical-private-synchronous:change-backlight \
+          -h "int:value:''${newBrightness/\%/}" \
+          -- "Set brightness to $newBrightness"
+    '';
+
+  # Lock management
+  toggleXautolock =
+    let
+      systemctlUser = "${pkgs.systemd}/bin/systemctl --user";
+      notify-send = "${pkgs.libnotify}/bin/notify-send";
+      notify = "${notify-send} -u low"
+        + " -h string:x-canonical-private-synchronous:xautolock-toggle";
+    in
+    pkgs.writeScript "toggle-xautolock" ''
+      #!/bin/sh
+      if ${systemctlUser} is-active xautolock-session.service; then
+        ${systemctlUser} stop --user xautolock-session.service
+        xset s off
+        ${notify} "Disabled Xautolock"
+      else
+        ${systemctlUser} start xautolock-session.service
+        xset s on
+        ${notify} "Enabled Xautolock"
+      fi
+    '';
+in
+{
+  config = lib.mkIf isEnabled {
+    home.packages = with pkgs; [
+      ambroisie.i3-get-window-criteria # little helper for i3 configuration
+      arandr # Used by a mapping
+      pamixer # Used by a mapping
+      playerctl # Used by a mapping
+    ];
+
+    xsession.windowManager.i3 = {
+      enable = true;
+
+      config = {
+        inherit modifier;
+
+        bars =
+          let
+            barConfigPath =
+              config.xdg.configFile."i3status-rust/config-top.toml".target;
+          in
+          [
+            {
+              statusCommand = "i3status-rs ${barConfigPath}";
+              trayOutput = "primary";
+              position = "top";
+
+              colors = {
+                background = "#021215";
+                statusline = "#93a1a1";
+                separator = "#2aa198";
+
+                focusedWorkspace = {
+                  border = "#2aa198";
+                  background = "#073642";
+                  text = "#eee895";
+                };
+
+                activeWorkspace = {
+                  border = "#073642";
+                  background = "#002b36";
+                  text = "#839496";
+                };
+
+                inactiveWorkspace = {
+                  border = "#002b36";
+                  background = "#021215";
+                  text = "#586e75";
+                };
+
+                urgentWorkspace = {
+                  border = "#cb4b16";
+                  background = "#dc322f";
+                  text = "#fdf6e3";
+                };
+              };
+
+              fonts = {
+                names = [ "DejaVu Sans Mono" "FontAwesome5Free" ];
+                size = 8.0;
+              };
+            }
+          ];
+
+        floating = {
+          inherit modifier;
+
+          criteria = [
+            { class = "^tridactyl_editor$"; }
+            { class = "^Blueman-.*$"; }
+            { title = "^htop$"; }
+            { class = "^Thunderbird$"; instance = "Mailnews"; window_role = "filterlist"; }
+            { class = "^Pavucontrol.*$"; }
+            { class = "^Arandr$"; }
+          ];
+        };
+
+        focus = {
+          followMouse = true; # It is annoying sometimes, but useful enough to use
+          mouseWarping = true; # Let's moving around when switching screens
+        };
+
+        fonts = {
+          names = [ "DejaVu Sans Mono" ];
+          size = 8.0;
+        };
+
+        # I don't care for i3's default values, I specify them all explicitly
+        keybindings = lib.my.recursiveMerge [
+          {
+            # The basics
+            "${modifier}+Return" = "exec ${terminal} ${
+              lib.optionalString config.my.home.tmux.enable "-e tmux new-session"
+            }";
+            "${modifier}+Shift+Return" = "exec env TMUX=nil ${terminal}";
+            "${modifier}+Shift+q" = "kill";
+            "${modifier}+f" = "fullscreen toggle";
+            "${modifier}+Shift+c" = "reload";
+            "${modifier}+Shift+r" = "restart";
+            "${modifier}+Shift+e" =
+              "exec i3-nagbar -t warning -m 'Do you want to exit i3?' -b 'Yes' 'i3-msg exit'";
+          }
+          {
+            # Splits
+            "${modifier}+g" = "split h"; # Horizontally
+            "${modifier}+v" = "split v"; # Vertically
+          }
+          {
+            # Layouts
+            "${modifier}+s" = "layout stacking";
+            "${modifier}+w" = "layout tabbed";
+            "${modifier}+e" = "layout toggle split";
+          }
+          {
+            # Toggle tiling/floating
+            "${modifier}+Control+space" = "floating toggle";
+            # Change focus between tiling/floating
+            "${modifier}+space" = "focus mode_toggle";
+          }
+          {
+            # Focus parent container
+            "${modifier}+q" = "focus parent";
+            # Focus child container
+            "${modifier}+a" = "focus child";
+          }
+          (lib.optionalAttrs config.my.home.wm.rofi.enable {
+            # Rofi tools
+            "${modifier}+d" = "exec rofi -show drun -disable-history";
+            "${modifier}+Shift+d" = "exec rofi -show run -disable-history";
+            "${modifier}+p" = "exec --no-startup-id flameshot gui";
+            "${modifier}+Shift+p" = "exec rofi -show emoji";
+          })
+          (
+            # Changing container focus
+            genMovementBindings (
+              key: lib.nameValuePair
+                "${modifier}+${key}"
+                "focus ${lib.toLower key}"
+            )
+          )
+          (
+            # Changing screen focus
+            genMovementBindings (
+              key: lib.nameValuePair
+                "${modifier}+${alt}+${key}"
+                "focus output ${lib.toLower key}"
+            )
+          )
+          (
+            # Moving workspace to another screen
+            genMovementBindings (
+              key: lib.nameValuePair
+                "${modifier}+${alt}+Control+${key}"
+                "move workspace to output ${lib.toLower key}"
+            )
+          )
+          (
+            # Moving container to another screen
+            genMovementBindings (
+              key: lib.nameValuePair
+                "${modifier}+${alt}+Shift+${key}"
+                "move container to output ${lib.toLower key}"
+            )
+          )
+          (addVimKeyBindings {
+            # Scroll through workspaces on given screen
+            "${modifier}+Control+Left" = "workspace prev_on_output";
+            "${modifier}+Control+Right" = "workspace next_on_output";
+            # Use scratchpad
+            "${modifier}+Control+Up" = "move to scratchpad";
+            "${modifier}+Control+Down" = "scratchpad show";
+          })
+          (
+            # Moving floating window
+            genMovementBindings (
+              key: lib.nameValuePair
+                "${modifier}+Shift+${key}"
+                "move ${lib.toLower key} 10 px"
+            )
+          )
+          {
+            # Media keys
+            "XF86AudioRaiseVolume" = "exec pamixer --allow-boost -i 5";
+            "XF86AudioLowerVolume" = "exec pamixer --allow-boost -d 5";
+            "Control+XF86AudioRaiseVolume" = "exec pamixer --allow-boost -i 1";
+            "Control+XF86AudioLowerVolume" = "exec pamixer --allow-boost -d 1";
+            "XF86AudioMute" = "exec pamixer --toggle-mute";
+            "XF86AudioMicMute" = "exec pamixer --default-source --toggle-mute";
+
+            "XF86AudioPlay" = "exec playerctl play-pause";
+            "XF86AudioNext" = "exec playerctl next";
+            "XF86AudioPrev" = "exec playerctl previous";
+          }
+          {
+            # Screen management
+            "XF86Display" = "exec arandr";
+            "XF86MonBrightnessUp" = "exec ${changeBacklight} up 10";
+            "XF86MonBrightnessDown" = "exec ${changeBacklight} down 10";
+            "Control+XF86MonBrightnessUp" = "exec ${changeBacklight} up 1";
+            "Control+XF86MonBrightnessDown" = "exec ${changeBacklight} down 1";
+          }
+          {
+            # Sub-modes
+            "${modifier}+r" = "mode resize";
+            "${modifier}+Shift+space" = "mode floating";
+          }
+          (lib.optionalAttrs config.my.home.wm.screen-lock.enable {
+            "${modifier}+x" = "exec ${toggleXautolock}";
+          })
+          (
+            let
+              execDunstctl = "exec ${pkgs.dunst}/bin/dunstctl";
+            in
+            lib.optionalAttrs config.my.home.wm.dunst.enable {
+              "${modifier}+minus" = "${execDunstctl} close";
+              "${modifier}+Shift+minus" = "${execDunstctl} close-all";
+              "${modifier}+equal" = "${execDunstctl} history-pop";
+            }
+          )
+        ];
+
+        keycodebindings =
+          let
+            toKeycode = n: if n == 0 then 19 else n + 9;
+            createWorkspaceBindings = mapping: command:
+              let
+                createWorkspaceBinding = num:
+                  lib.nameValuePair
+                    "${mapping}+${toString (toKeycode num)}"
+                    "${command} ${toString num}";
+                oneToNine = builtins.genList (x: x + 1) 9;
+              in
+              lib.my.genAttrs' oneToNine createWorkspaceBinding;
+          in
+          lib.my.recursiveMerge [
+            (createWorkspaceBindings modifier "workspace number")
+            (createWorkspaceBindings "${modifier}+Shift" "move container to workspace number")
+            {
+              "${modifier}+${toString (toKeycode 0)}" = ''mode "${shutdownMode}"'';
+            }
+          ];
+
+        modes =
+          let
+            makeModeBindings = attrs: (addVimKeyBindings attrs) // {
+              "Escape" = "mode default";
+              "Return" = "mode default";
+            };
+          in
+          {
+            resize = makeModeBindings {
+              # Normal movements
+              "Left" = "resize shrink width 10 px or 10 ppt";
+              "Down" = "resize grow height 10 px or 10 ppt";
+              "Up" = "resize shrink height 10 px or 10 ppt";
+              "Right" = "resize grow width 10 px or 10 ppt";
+              # Small movements
+              "Control+Left" = "resize shrink width 1 px or 1 ppt";
+              "Control+Down" = "resize grow height 1 px or 1 ppt";
+              "Control+Up" = "resize shrink height 1 px or 1 ppt";
+              "Control+Right" = "resize grow width 1 px or 1 ppt";
+              # Big movements
+              "Shift+Left" = "resize shrink width 100 px or 100 ppt";
+              "Shift+Down" = "resize grow height 100 px or 100 ppt";
+              "Shift+Up" = "resize shrink height 100 px or 100 ppt";
+              "Shift+Right" = "resize grow width 100 px or 100 ppt";
+            };
+
+            floating = makeModeBindings {
+              # Normal movements
+              "Left" = "move left 10 px";
+              "Down" = "move down 10 px";
+              "Up" = "move up 10 px";
+              "Right" = "move right 10 px";
+              # Small movements
+              "Control+Left" = "move left 1 px";
+              "Control+Down" = "move down 1 px";
+              "Control+Up" = "move up 1 px";
+              "Control+Right" = "move right 1 px";
+              # Big movements
+              "Shift+Left" = "move left 100 px";
+              "Shift+Down" = "move down 100 px";
+              "Shift+Up" = "move up 100 px";
+              "Shift+Right" = "move right 100 px";
+            };
+
+            ${shutdownMode} = makeModeBindings {
+              "l" = "exec --no-startup-id loginctl lock-session, mode default";
+              "s" = "exec --no-startup-id systemctl suspend, mode default";
+              "u" = "exec --no-startup-id dm-tool switch-to-greeter, mode default";
+              "e" = "exec --no-startup-id i3-msg exit, mode default";
+              "h" = "exec --no-startup-id systemctl hibernate, mode default";
+              "r" = "exec --no-startup-id systemctl reboot, mode default";
+              "Shift+s" = "exec --no-startup-id systemctl poweroff, mode default";
+            };
+          };
+
+        startup = [
+          # FIXME
+          # { commdand; always; notification; }
+        ];
+      };
+    };
+  };
+}

home/wm/i3bar/default.nix

@@ -0,0 +1,62 @@
+{ config, lib, pkgs, ... }:
+let
+  cfg = config.my.home.wm.i3bar;
+in
+{
+  config = lib.mkIf cfg.enable {
+    home.packages = with pkgs; [
+      alsaUtils # Used by `sound` block
+      lm_sensors # Used by `temperature` block
+      font-awesome # Icon font
+    ];
+
+    programs.i3status-rust = {
+      enable = true;
+
+      bars = {
+        top = {
+          icons = "awesome5";
+
+          blocks = builtins.filter (attr: attr != { }) [
+            {
+              block = "music";
+              buttons = [ "prev" "play" "next" ];
+              max_width = 50;
+              hide_when_empty = true;
+            }
+            {
+              block = "cpu";
+            }
+            {
+              block = "disk_space";
+            }
+            {
+              block = "net";
+              format = "{ssid} {ip} {signal_strength}";
+            }
+            {
+              block = "backlight";
+              invert_icons = true;
+            }
+            {
+              block = "battery";
+              format = "{percentage} ({time})";
+              full_format = "{percentage}";
+            }
+            {
+              block = "temperature";
+              collapsed = false;
+            }
+            {
+              block = "sound";
+            }
+            {
+              block = "time";
+              format = "%F %T";
+            }
+          ];
+        };
+      };
+    };
+  };
+}

home/wm/rofi/default.nix

@@ -0,0 +1,21 @@
+{ config, lib, pkgs, ... }:
+let
+  cfg = config.my.home.wm.rofi;
+in
+{
+  config = lib.mkIf cfg.enable {
+    programs.rofi = {
+      enable = true;
+
+      terminal = config.my.home.terminal.program; # null by default
+
+      package = pkgs.rofi.override {
+        plugins = with pkgs; [
+          rofi-emoji
+        ];
+      };
+
+      theme = "gruvbox-dark-hard";
+    };
+  };
+}

home/wm/screen-lock/default.nix

@@ -0,0 +1,54 @@
+{ config, lib, pkgs, ... }:
+let
+  cfg = config.my.home.wm.screen-lock;
+
+  notficationCmd =
+    let
+      duration = toString (cfg.notify.delay * 1000);
+      notifyCmd = "${pkgs.libnotify}/bin/notify-send -u critical -t ${duration}";
+    in
+    # Needs to be surrounded by quotes for systemd to launch it correctly
+    ''"${notifyCmd} -- 'Locking in ${toString cfg.notify.delay} seconds'"'';
+in
+{
+  config = lib.mkIf cfg.enable {
+    assertions = [
+      {
+        assertion =
+          let
+            inherit (cfg) cornerLock notify;
+            bothEnabled = cornerLock.enable && notify.enable;
+            cornerLockHigherThanNotify = cornerLock.delay >= notify.delay;
+          in
+          bothEnabled -> cornerLockHigherThanNotify;
+        message = ''
+          `config.my.home.wm.notify.delay` cannot have a value higher than
+          `config.my.home.wm.cornerLock.delay`.
+        '';
+      }
+    ];
+
+    services.screen-locker = {
+      enable = true;
+
+      inactiveInterval = cfg.timeout;
+
+      lockCmd = cfg.command;
+
+      xautolockExtraOptions = lib.optionals cfg.cornerLock.enable [
+        # Mouse corners: instant lock on upper-left, never lock on lower-right
+        "-cornerdelay"
+        "${toString cfg.cornerLock.delay}"
+        "-cornerredelay"
+        "${toString cfg.cornerLock.delay}"
+        "-corners"
+        "+00-"
+      ] ++ lib.optionals cfg.notify.enable [
+        "-notify"
+        "${toString cfg.notify.delay}"
+        "-notifier"
+        notficationCmd
+      ];
+    };
+  };
+}

home/x/cursor/default.nix

@@ -0,0 +1,12 @@
+{ config, lib, pkgs, ... }:
+let
+  cfg = config.my.home.x;
+in
+{
+  config = lib.mkIf cfg.enable {
+    xsession.pointerCursor = {
+      package = pkgs.ambroisie.vimix-cursors;
+      name = "Vimix-cursors";
+    };
+  };
+}

home/x/default.nix

@@ -0,0 +1,22 @@
+{ config, lib, pkgs, ... }:
+let
+  cfg = config.my.home.x;
+in
+{
+  imports = [
+    ./cursor
+    ./keyboard
+  ];
+
+  options.my.home.x = with lib; {
+    enable = mkEnableOption "X server configuration";
+  };
+
+  config = lib.mkIf cfg.enable {
+    xsession.enable = true;
+
+    home.packages = with pkgs; [
+      xsel
+    ];
+  };
+}

home/x/keyboard/default.nix

@@ -0,0 +1,12 @@
+{ config, lib, ... }:
+let
+  cfg = config.my.home.x;
+in
+{
+  config = lib.mkIf cfg.enable {
+    home.keyboard = {
+      layout = "fr";
+      variant = "us";
+    };
+  };
+}

home/xdg/default.nix

@@ -31,6 +31,7 @@ in
     # A tidy home is a tidy mind
     dataFile = {
       "bash/.keep".text = "";
+      "gdb/.keep".text = "";
       "tig/.keep".text = "";
     };
   };
@@ -39,6 +40,7 @@ in
   config.home.sessionVariables = with config.xdg; lib.mkIf cfg.enable {
     CARGO_HOME = "${dataHome}/cargo";
     DOCKER_CONFIG = "${configHome}/docker";
+    GDBHISTFILE = "${dataHome}/gdb/gdb_history";
     HISTFILE = "${dataHome}/bash/history";
     INPUTRC = "${configHome}/readline/inputrc";
     LESSHISTFILE = "${dataHome}/less/history";

home/zathura/default.nix

@@ -0,0 +1,20 @@
+{ config, lib, ... }:
+let
+  cfg = config.my.home.zathura;
+in
+{
+  options.my.home.zathura = with lib; {
+    enable = mkEnableOption "zathura configuration";
+  };
+
+  config.programs.zathura = lib.mkIf cfg.enable {
+    enable = true;
+
+    options = {
+      # Show '~' instead of full path to '$HOME' in window title
+      "window-title-home-tilde" = true;
+      # Show '~' instead of full path to '$HOME' in status bar
+      "statusbar-home-tilde" = true;
+    };
+  };
+}

home/zsh/default.nix

@@ -13,10 +13,12 @@ in
     enableCompletion = true;
 
     history = {
-      size = 50000;
+      size = 500000;
+      save = 500000;
+      extended = false;
       ignoreSpace = true;
       ignoreDups = true;
-      share = true;
+      share = false;
       path = "${config.xdg.dataHome}/zsh/zsh_history";
     };
 
@@ -44,6 +46,16 @@ in
     # Modal editing is life, but CLI benefits from emacs gymnastics
     defaultKeymap = "emacs";
 
+    # Make those happen early to avoid doing double the work
+    initExtraFirst =
+      lib.optionalString config.my.home.tmux.enable ''
+        # Launch tmux unless already inside one
+        if [ -z "$TMUX" ]; then
+          exec tmux new-session
+        fi
+      ''
+    ;
+
     initExtra = lib.concatMapStrings builtins.readFile [
       ./completion-styles.zsh
       ./extra-mappings.zsh
@@ -65,6 +77,12 @@ in
       # Sometime `gpg-agent` errors out...
       reset-agent = "gpg-connect-agent updatestartuptty /bye";
     };
+
+    # Enable VTE integration when using one of the affected shells
+    enableVteIntegration =
+      builtins.any (name: config.my.home.terminal.program == name) [
+        "termite"
+      ];
   };
 
   # Fuzzy-wuzzy

home/zsh/extra-mappings.zsh

@@ -1,4 +1,4 @@
-# Fix delete key not working 
+# Fix delete key not working
 bindkey "\e[3~" delete-char
 
 # Fix Ctrl+u killing from the cursor instead of the whole line

home/zsh/options.zsh

@@ -8,5 +8,9 @@ setopt autopushd pushdminus pushdsilent
 setopt rcquotes
 # Single word commands can resume an existing job
 setopt autoresume
+# Append commands to history as they are exectuted
+setopt inc_append_history_time
+# Remove useless whitespace from commands
+setopt hist_reduce_blanks
 # Those options aren't wanted
 unsetopt beep extendedglob notify

lib/attrs.nix

@@ -1,7 +1,50 @@
 { lib, ... }:
 let
-  inherit (lib) filterAttrs mapAttrs';
+  inherit (lib)
+    filterAttrs
+    foldl
+    listToAttrs
+    mapAttrs'
+    nameValuePair
+    recursiveUpdate
+    ;
 in
 {
+  # Filter a generated set of attrs using a predicate function.
+  #
+  # mapFilterAttrs ::
+  #   (name -> value -> bool)
+  #   (name -> value -> { name = any; value = any; })
+  #   attrs
   mapFilterAttrs = pred: f: attrs: filterAttrs pred (mapAttrs' f attrs);
+
+  # Generate an attribute set by mapping a function over a list of values.
+  #
+  # genAttrs' ::
+  #   [ values ]
+  #   (value -> { name = any; value = any; })
+  #   attrs
+  genAttrs' = values: f: listToAttrs (map f values);
+
+  # Merge a list of attrs recursively, later values override previous ones.
+  #
+  # recursiveMerge ::
+  #   [ attrs ]
+  #   attrs
+  recursiveMerge = foldl recursiveUpdate { };
+
+  # Rename each of the attributes in an attribute set using the mapping function
+  #
+  # renameAttrs ::
+  #   (name -> new name)
+  #   attrs
+  renameAttrs = f: mapAttrs' (name: value: nameValuePair (f name) value);
+
+  # Rename each of the attributes in an attribute set using a function which
+  # takes the attribute's name and value as inputs.
+  #
+  # renameAttrs' ::
+  #   (name -> value -> new name)
+  #   attrs
+  renameAttrs' = f: mapAttrs' (name: value: nameValuePair (f name value) value);
 }

lib/default.nix

@@ -12,8 +12,7 @@ let
   };
 
   mylib = makeExtensible (self:
-    with self; mapModules ./.
-      (file: import file { inherit self lib pkgs inputs; })
+    mapModules ./. (file: import file { inherit self lib pkgs inputs; })
   );
 in
 mylib.extend (self: super:

lib/lists.nix

@@ -0,0 +1,27 @@
+{ lib, ... }:
+let
+  inherit (lib) filter foldl';
+in
+{
+  # Count the number of appararitions of each value in a list.
+  #
+  # countValues ::
+  #   [ any ] -> ({ any = int; })
+  countValues =
+    let
+      addToCount = acc: x:
+        let
+          v = toString x;
+        in
+        acc // { ${v} = (acc.${v} or 0) + 1; };
+    in
+    foldl' addToCount { };
+
+  # Filter a list using a predicate function after applying a map.
+  #
+  # mapFilter ::
+  #   (value -> bool)
+  #   (any -> value)
+  #   [ any ]
+  mapFilter = pred: f: attrs: filter pred (map f attrs);
+}

lib/modules.nix

@@ -3,21 +3,48 @@ let
   inherit (builtins) readDir pathExists;
   inherit (lib) hasPrefix hasSuffix nameValuePair removeSuffix;
   inherit (self.attrs) mapFilterAttrs;
+
+  implOptionalRecursion = recurse:
+    let
+      recurseStep =
+        if recurse
+        then (n: path: fn: nameValuePair n (impl path fn))
+        else (_: _: _: nameValuePair "" null);
+      impl = dir: fn:
+        mapFilterAttrs
+          (n: _: n != "" && !(hasPrefix "_" n))
+          (n: v:
+            let
+              path = "${toString dir}/${n}";
+            in
+            if v == "directory"
+            then
+              if pathExists "${path}/default.nix"
+              then nameValuePair n (fn path)
+              else recurseStep n path fn
+            else if v == "regular" && n != "default.nix" && hasSuffix ".nix" n
+            then nameValuePair (removeSuffix ".nix" n) (fn path)
+            else nameValuePair "" null)
+          (readDir dir);
+    in
+    impl;
 in
 {
-  mapModules = dir: fn:
-    mapFilterAttrs
-      (n: v:
-        v != null &&
-        !(hasPrefix "_" n))
-      (n: v:
-        let path = "${toString dir}/${n}"; in
-        if v == "directory" && pathExists "${path}/default.nix"
-        then nameValuePair n (fn path)
-        else if v == "regular" &&
-          n != "default.nix" &&
-          hasSuffix ".nix" n
-        then nameValuePair (removeSuffix ".nix" n) (fn path)
-        else nameValuePair "" null)
-      (readDir dir);
+  # Find all nix modules in a directory, discard any prefixed with "_",
+  # map a function to each resulting path, and generate an attribute set
+  # to associate module name to resulting value.
+  #
+  # mapModules ::
+  #   path
+  #   (path -> any)
+  #   attrs
+  mapModules = implOptionalRecursion false;
+
+  # Recursive version of mapModules.
+  #
+  # mapModulesRec ::
+  #   path
+  #   (path -> any)
+  #   attrs
+  mapModulesRec = implOptionalRecursion true;
 }

machines/aramis/boot.nix

@@ -0,0 +1,32 @@
+{ ... }:
+{
+  boot = {
+    loader = {
+      systemd-boot.enable = true;
+      efi.canTouchEfiVariables = true;
+    };
+
+    initrd = {
+      availableKernelModules = [
+        "nvme"
+        "sd_mod"
+        "sdhci_pci"
+        "usb_storage"
+        "usbhid"
+        "xhci_pci"
+      ];
+      kernelModules = [
+        "dm-snapshot"
+      ];
+      luks.devices.crypt = {
+        device = "/dev/nvme0n1p1";
+        preLVM = true;
+      };
+    };
+
+    kernelModules = [
+      "kvm-intel"
+    ];
+    extraModulePackages = [ ];
+  };
+}

machines/aramis/default.nix

@@ -1,18 +1,27 @@
-# Porthos self-hosted server
+# Edit this configuration file to define what should be installed on
+# your system.  Help is available in the configuration.nix(5) man page
+# and in the NixOS manual (accessible by running ‘nixos-help’).
+
 { ... }:
 
 {
   imports = [
-    # Include generic settings
-    ./modules
-    # Include porthos-specific modules
-    ./machines/porthos
-    # Include my secrets
-    ./secrets
-    # Include my services
-    ./services
+    ./boot.nix
+    ./hardware.nix
+    ./home.nix
+    ./networking.nix
+    ./profiles.nix
+    ./programs.nix
+    ./services.nix
+    ./sound.nix
   ];
 
+  # Set your time zone.
+  time.timeZone = "Europe/Paris";
+
+  # Enable CUPS to print documents.
+  services.printing.enable = true;
+
   # This value determines the NixOS release from which the default
   # settings for stateful data, like file locations and database versions
   # on your system were taken. It‘s perfectly fine and recommended to leave

machines/aramis/hardware.nix

@@ -0,0 +1,34 @@
+{ lib, modulesPath, ... }:
+{
+  imports = [
+    (modulesPath + "/installer/scan/not-detected.nix")
+  ];
+
+  fileSystems = {
+    "/" = {
+      device = "/dev/disk/by-label/nixos";
+      fsType = "ext4";
+    };
+
+    "/boot" = {
+      device = "/dev/disk/by-label/boot";
+      fsType = "vfat";
+    };
+  };
+
+  swapDevices = [
+    { device = "/dev/disk/by-label/swap"; }
+  ];
+
+  powerManagement.cpuFreqGovernor = lib.mkDefault "powersave";
+
+  hardware = {
+    cpu.intel.updateMicrocode = true;
+
+    trackpoint = {
+      enable = true;
+
+      emulateWheel = true; # Holding middle buttons allows scrolling
+    };
+  };
+}

machines/aramis/home.nix

@@ -0,0 +1,28 @@
+{ pkgs, ... }:
+{
+  my.home = {
+    # Image viewver
+    feh.enable = true;
+    # Firefo profile and extensions
+    firefox.enable = true;
+    # Blue light filter
+    gammastep.enable = true;
+    # Use a small popup to enter passwords
+    gpg.pinentry = "gtk2";
+    # Machine specific packages
+    packages.additionalPackages = with pkgs; [
+      jellyfin-media-player # Wraps the webui and mpv together
+      pavucontrol # Audio mixer GUI
+      quasselClient # IRC client
+      transgui # Transmission remote
+    ];
+    # Minimal video player
+    mpv.enable = true;
+    # Network-Manager applet
+    nm-applet.enable = true;
+    # Termite terminal
+    terminal.program = "termite";
+    # Zathura document viewer
+    zathura.enable = true;
+  };
+}

machines/aramis/install.sh

@@ -0,0 +1,53 @@
+#!/bin/sh
+
+set -eu
+
+if [ "$(id -u)" -ne 0 ]; then
+    echo "This script must be run as root" >&2
+    exit 1
+fi
+
+SWAP_SIZE=16GiB
+
+parted /dev/nvme0n1 --script -- \
+    mklabel gpt \
+    mkpart primary 512MiB 100% \
+    mkpart ESP fat32 1MiB 512MiB \
+    set 2 esp on
+
+cryptsetup luksFormat /dev/nvme0n1p1
+cryptsetup open /dev/nvme0n1p1 crypt
+
+pvcreate /dev/mapper/crypt
+vgcreate lvm /dev/mapper/crypt
+lvcreate -L "$SWAP_SIZE" -n swap lvm
+lvcreate -l 100%FREE -n root lvm
+
+mkfs.ext4 -L nixos /dev/lvm/root
+mkswap -L swap /dev/lvm/swap
+mkfs.vfat -n boot /dev/nvme0n1p2
+
+mount /dev/disk/by-label/nixos /mnt
+mkdir /mnt/boot
+mount /dev/nvme0n1p2 /mnt/boot
+swapon /dev/lvm/swap
+
+cat << EOF
+# Run the following commands as setup user
+nixos-generate-config --root /mnt
+
+# Change uuids to labels
+vim /mnt/etc/nixos/hardware-configuration.nix
+
+# Install system
+mkdir -p /mnt/home/ambroisie/git/nix/config
+cd /mnt/home/ambroisie/git/nix/config
+
+git clone <this-repo> .
+# Assuming you set up GPG key correctly
+git crypt unlock
+
+# Setup LUKS with 'boot.initrd.luks.devices.crypt', device is /dev/nvme0n1p1, preLVM = true
+
+# Use 'nixos-install --flake .#aramis --root /mnt --impure' because of home-manager issue
+EOF

machines/aramis/networking.nix

@@ -0,0 +1,25 @@
+{ ... }:
+{
+  networking = {
+    hostName = "aramis";
+    domain = "nodomain.local"; # FIXME: gotta fix domain handling
+
+    # The global useDHCP flag is deprecated, therefore explicitly set to false here.
+    # Per-interface useDHCP will be mandatory in the future, so this generated config
+    # replicates the default behaviour.
+    useDHCP = false;
+
+    interfaces = {
+      enp0s31f6.useDHCP = true;
+      wlp0s20f3.useDHCP = true;
+    };
+  };
+
+  my.hardware.networking = {
+    # Which interface is used to connect to the internet
+    externalInterface = "enp0s3";
+
+    # Enable WiFi integration
+    wireless.enable = true;
+  };
+}

machines/aramis/profiles.nix

@@ -0,0 +1,17 @@
+{ ... }:
+{
+  my.profiles = {
+    # Bluetooth configuration and GUI
+    bluetooth.enable = true;
+    # Mouse and keyboard configuration
+    devices.enable = true;
+    # GTK theme configuration
+    gtk.enable = true;
+    # Laptop specific configuration
+    laptop.enable = true;
+    # i3 configuration
+    wm.windowManager = "i3";
+    # X configuration
+    x.enable = true;
+  };
+}

machines/aramis/programs.nix

@@ -0,0 +1,7 @@
+{ ... }:
+{
+  my.programs = {
+    # Steam configuration
+    steam.enable = true;
+  };
+}

machines/aramis/services.nix

@@ -0,0 +1,8 @@
+{ ... }:
+{
+  config.my.services = {
+    wireguard = {
+      enable = true;
+    };
+  };
+}

machines/aramis/sound.nix

@@ -0,0 +1,8 @@
+{ ... }:
+{
+  my.hardware.sound = {
+    pipewire = {
+      enable = true;
+    };
+  };
+}

machines/porthos/default.nix

@@ -9,4 +9,15 @@
     ./services.nix
     ./users.nix
   ];
+
+  # Set your time zone.
+  time.timeZone = "Europe/Paris";
+
+  # This value determines the NixOS release from which the default
+  # settings for stateful data, like file locations and database versions
+  # on your system were taken. It‘s perfectly fine and recommended to leave
+  # this value at the release version of the first install of this system.
+  # Before changing this value read the documentation for this option
+  # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
+  system.stateVersion = "20.09"; # Did you read the comment?
 }

machines/porthos/networking.nix

@@ -31,5 +31,5 @@
   };
 
   # Which interface is used to connect to the internet
-  my.networking.externalInterface = "eth0";
+  my.hardware.networking.externalInterface = "eth0";
 }

machines/porthos/services.nix

@@ -1,7 +1,7 @@
 # Deployed services
 { config, ... }:
 let
-  my = config.my;
+  secrets = config.age.secrets;
 in
 {
   # List services that you want to enable:
@@ -19,11 +19,8 @@ in
         OnActiveSec = "6h";
         OnUnitActiveSec = "6h";
       };
-      # Insecure, I don't care.
-      passwordFile =
-        builtins.toFile "password.txt" my.secrets.backup.password;
-      credentialsFile =
-        builtins.toFile "creds.env" my.secrets.backup.credentials;
+      passwordFile = secrets."backup/password".path;
+      credentialsFile = secrets."backup/credentials".path;
     };
     # My blog and related hosts
     blog.enable = true;
@@ -34,11 +31,12 @@ in
     drone = {
       enable = true;
       runners = [ "docker" "exec" ];
-      # Insecure, I don't care.
-      secretFile =
-        builtins.toFile "gitea.env" my.secrets.drone.gitea;
-      sharedSecretFile =
-        builtins.toFile "rpc.env" my.secrets.drone.secret;
+      secretFile = secrets."drone/gitea".path;
+      sharedSecretFile = secrets."drone/secret".path;
+    };
+    # Flood UI for transmission
+    flood = {
+      enable = true;
     };
     # Gitea forge
     gitea.enable = true;
@@ -52,36 +50,66 @@ in
     # Gitea mirrorig service
     lohr = {
       enable = true;
-      sharedSecretFile =
-        let
-          content = "LOHR_SECRET=${my.secrets.lohr.secret}";
-        in
-        builtins.toFile "lohr-secret.env" content;
+      sharedSecretFile = secrets."lohr/secret".path;
     };
     # Matrix backend and Element chat front-end
     matrix = {
       enable = true;
-      secret = my.secrets.matrix.secret;
+      mailConfigFile = secrets."matrix/mail".path;
+      # Only necessary when doing the initial registration
+      # secret = "change-me";
     };
     miniflux = {
       enable = true;
-      password = my.secrets.miniflux.password;
+      credentialsFiles = secrets."miniflux/credentials".path;
+    };
+    # Various monitoring dashboards
+    monitoring = {
+      enable = true;
+      grafana = {
+        passwordFile = secrets."monitoring/password".path;
+      };
+    };
+    # FLOSS music streaming server
+    navidrome = {
+      enable = true;
+      musicFolder = "/data/media/music";
     };
     # Nextcloud self-hosted cloud
     nextcloud = {
       enable = true;
-      password = my.secrets.nextcloud.password;
+      passwordFile = secrets."nextcloud/password".path;
+    };
+    nginx = {
+      enable = true;
+      acme = {
+        credentialsFile = secrets."acme/dns-key".path;
+      };
+      sso = {
+        authKeyFile = secrets."sso/auth-key".path;
+        users = {
+          ambroisie = {
+            passwordHashFile = secrets."sso/ambroisie/password-hash".path;
+            totpSecretFile = secrets."sso/ambroisie/totp-secret".path;
+          };
+        };
+        groups = {
+          root = [ "ambroisie" ];
+        };
+      };
+    };
+    paperless = {
+      enable = true;
+      documentPath = "/data/media/paperless";
+      passwordFile = secrets."paperless/password".path;
+      secretKeyFile = secrets."paperless/secret-key".path;
     };
     # The whole *arr software suite
     pirate.enable = true;
     # Podcast automatic downloader
     podgrab = {
       enable = true;
-      passwordFile =
-        let
-          contents = "PASSWORD=${my.secrets.podgrab.password}";
-        in
-        builtins.toFile "podgrab.env" contents;
+      passwordFile = secrets."podgrab/password".path;
       port = 9598;
     };
     # Regular backups
@@ -97,8 +125,7 @@ in
     # Torrent client and webui
     transmission = {
       enable = true;
-      username = "Ambroisie";
-      password = my.secrets.transmission.password;
+      credentialsFile = secrets."transmission/credentials".path;
     };
     # Simple, in-kernel VPN
     wireguard = {
@@ -106,9 +133,4 @@ in
       startAtBoot = true; # Server must be started to ensure clients can connect
     };
   };
-
-  programs.gnupg.agent = {
-    enable = true;
-    enableSSHSupport = true;
-  };
 }

machines/porthos/ssh/drone.pub

@@ -0,0 +1 @@
+ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDWVUvOT1/triPcj7wiLAmiVkPZ71crySbReetHaGxMYYdKNFurJQsP6BqsdCAwrGbduLUDJovLtjOM7SxghjkGqh2RZucj/zqpja8YoFqYTcLutlqa1NwUqQTq21azKBDSdvkBPWWyZhOKssnag+0bZRN3vVajoDrwAU6zJLhHh9eNESTEytAnZnllXsHB1dKF1p7FWVwYTGAc1PdHHSQNMkjg9aCM+VBzTHhp8nF+GOtGzt0A0XnoZGdhn6KqhKyH7KxwPMmeD3RNeCEmQY/TXjthOx/mBkgTEa8LWOBxdy/Rs6edUenvPcQ5tK5nX0GSxxqtbORlhT+tGiqq1UHeIUhXirBUaS7pnDo+Edc0m8ruLcwHwyQ5yVn2ts3daKxb87+PyjYiRxxeQXvbF84ef7ZOkLTEn0tnftFHLqszBfOjoV1DmMNSWPDULD3krObzNbr1I0xHE7bDRXw2t8L1cwHOLHTL9KwsTCw1d25JSxINp2wAZxlGVZLXoXVMKTjfx1xSGbUuRzA1Q6+1IH9WDvSSixDzvc2Dqnj91/xardivApK+T+OxTBurwWsxzEezIAbTCpoKW9ulzu06xWGWhxATkzUmVh/qhFUHAVlmhEvn0KqlYbWteEcUxgKS1uSAoA6+pZh5NMG1u1hLEktBQbDnS0VdyKYBUHZidLuR4w== ambroisie@porthos

machines/porthos/users.nix

@@ -10,6 +10,6 @@ in
     group = "nginx";
     createHome = false; # Messes with permissions
     home = "/var/www/";
-    openssh.authorizedKeys.keys = [ my.secrets.drone.ssh.publicKey ];
+    openssh.authorizedKeys.keyFiles = [ ./ssh/drone.pub ];
   };
 }

modules/default.nix

@@ -1,15 +1,28 @@
 # Common modules
-{ ... }:
+{ lib, ... }:
 
 {
   imports = [
-    ./documentation.nix
-    ./ergodox.nix
-    ./language.nix
-    ./media.nix
-    ./networking.nix
-    ./nix.nix
-    ./packages.nix
-    ./users.nix
+    ./hardware
+    ./home
+    ./programs
+    ./secrets
+    ./services
+    ./system
   ];
+
+  options.my = with lib; {
+    user = {
+      name = mkOption {
+        type = types.str;
+        default = "ambroisie";
+        example = "alice";
+        description = "my username";
+      };
+
+      home = {
+        enable = my.mkDisableOption "home-manager configuration";
+      };
+    };
+  };
 }

modules/documentation.nix

@@ -1,37 +0,0 @@
-{ config, lib, ... }:
-let
-  cfg = config.my.module.documentation;
-
-  # I usually want everything enabled at once, but keep it customizable
-  defaultToGlobal = description: lib.mkEnableOption description // {
-    default = cfg.enable;
-  };
-in
-{
-  options.my.module.documentation = with lib.my; {
-    enable = mkDisableOption "Documentation integration";
-
-    dev.enable = defaultToGlobal "Documentation aimed at developers";
-
-    info.enable = defaultToGlobal "Documentation aimed at developers";
-
-    man.enable = defaultToGlobal "Documentation aimed at developers";
-
-    nixos.enable = defaultToGlobal "NixOS documentation";
-  };
-
-  config.documentation = {
-    enable = cfg.enable;
-
-    dev.enable = cfg.dev.enable;
-
-    info.enable = cfg.info.enable;
-
-    man = {
-      enable = cfg.man.enable;
-      generateCaches = true;
-    };
-
-    nixos.enable = cfg.nixos.enable;
-  };
-}

modules/hardware/bluetooth/default.nix

@@ -0,0 +1,75 @@
+{ config, lib, pkgs, ... }:
+let
+  cfg = config.my.hardware.bluetooth;
+in
+{
+  options.my.hardware.bluetooth = with lib; {
+    enable = mkEnableOption "bluetooth configuration";
+
+    enableHeadsetIntegration = my.mkDisableOption "A2DP sink configuration";
+
+    loadExtraCodecs = my.mkDisableOption "extra audio codecs";
+  };
+
+  config = lib.mkIf cfg.enable (lib.mkMerge [
+    # Enable bluetooth devices and GUI to connect to them
+    {
+      hardware.bluetooth.enable = true;
+      services.blueman.enable = true;
+    }
+
+    # Support for additional bluetooth codecs
+    (lib.mkIf cfg.loadExtraCodecs {
+      hardware.pulseaudio = {
+        extraModules = [ pkgs.pulseaudio-modules-bt ];
+        package = pkgs.pulseaudioFull;
+      };
+
+      services.pipewire = {
+        media-session.config.bluez-monitor.rules = [
+          {
+            # Matches all cards
+            matches = [{ "device.name" = "~bluez_card.*"; }];
+            actions = {
+              "update-props" = {
+                "bluez5.reconnect-profiles" = [
+                  "hfp_hf"
+                  "hsp_hs"
+                  "a2dp_sink"
+                ];
+                # mSBC provides better audio + microphone
+                "bluez5.msbc-support" = true;
+                # SBC XQ provides better audio
+                "bluez5.sbc-xq-support" = true;
+              };
+            };
+          }
+          {
+            matches = [
+              # Matches all sources
+              {
+                "node.name" = "~bluez_input.*";
+              }
+              # Matches all outputs
+              {
+                "node.name" = "~bluez_output.*";
+              }
+            ];
+            actions = {
+              "node.pause-on-idle" = false;
+            };
+          }
+        ];
+      };
+    })
+
+    # Support for A2DP audio profile
+    (lib.mkIf cfg.enableHeadsetIntegration {
+      hardware.bluetooth.settings = {
+        General = {
+          Enable = "Source,Sink,Media,Socket";
+        };
+      };
+    })
+  ]);
+}

modules/hardware/default.nix

@@ -0,0 +1,13 @@
+# Hardware-related modules
+{ ... }:
+
+{
+  imports = [
+    ./bluetooth
+    ./ergodox
+    ./mx-ergo
+    ./networking
+    ./sound
+    ./upower
+  ];
+}

modules/hardware/ergodox/default.nix

@@ -1,16 +1,14 @@
 # ZSA keyboard udev rules
 { config, lib, ... }:
 let
-  cfg = config.my.modules.ergodox;
+  cfg = config.my.hardware.ergodox;
 in
 {
-  options.my.modules.ergodox = with lib; {
+  options.my.hardware.ergodox = with lib; {
     enable = mkEnableOption "ZSA udev rules and user group configuration";
   };
 
   config = lib.mkIf cfg.enable {
     hardware.keyboard.zsa.enable = true;
-
-    users.extraGroups = [ "plugdev" ];
   };
 }

modules/hardware/mx-ergo/default.nix

@@ -0,0 +1,26 @@
+# Hold down the `next page` button to scroll using the ball
+{ config, lib, ... }:
+let
+  cfg = config.my.hardware.mx-ergo;
+in
+{
+  options.my.hardware.mx-ergo = with lib; {
+    enable = mkEnableOption "MX Ergo configuration";
+  };
+
+  config = lib.mkIf cfg.enable {
+    services.xserver = {
+      # This section must be *after* the one configured by `libinput`
+      # for the `ScrollMethod` configuration to not be overriden
+      inputClassSections = lib.mkAfter [
+        ''
+          Identifier      "MX Ergo scroll button configuration"
+          MatchProduct    "MX Ergo"
+          MatchIsPointer  "on"
+          Option          "ScrollMethod"    "button"
+          Option          "ScrollButton"    "9"
+        ''
+      ];
+    };
+  };
+}

modules/hardware/networking/default.nix

@@ -0,0 +1,27 @@
+{ config, lib, ... }:
+let
+  cfg = config.my.hardware.networking;
+in
+{
+  options.my.hardware.networking = with lib; {
+    externalInterface = mkOption {
+      type = types.nullOr types.str;
+      default = null;
+      example = "eth0";
+      description = ''
+        Name of the network interface that egresses to the internet. Used for
+        e.g. NATing internal networks.
+      '';
+    };
+
+    wireless = {
+      enable = mkEnableOption "wireless configuration";
+    };
+  };
+
+  config = lib.mkMerge [
+    (lib.mkIf cfg.wireless.enable {
+      networking.networkmanager.enable = true;
+    })
+  ];
+}

modules/hardware/sound/default.nix

@@ -0,0 +1,67 @@
+{ config, lib, ... }:
+let
+  cfg = config.my.hardware.sound;
+in
+{
+  options.my.hardware.sound = with lib; {
+    pipewire = {
+      enable = mkEnableOption "pipewire configuration";
+    };
+
+    pulse = {
+      enable = mkEnableOption "pulseaudio configuration";
+    };
+  };
+
+  config = (lib.mkMerge [
+    # Sanity check
+    {
+      assertions = [
+        {
+          assertion = builtins.all (lib.id) [
+            (cfg.pipewire.enable -> !cfg.pulse.enable)
+            (cfg.pulse.enable -> !cfg.pipewire.enable)
+          ];
+          message = ''
+            `config.my.hardware.sound.pipewire.enable` and
+            `config.my.hardware.sound.pulse.enable` are incompatible.
+          '';
+        }
+      ];
+    }
+
+    (lib.mkIf cfg.pipewire.enable {
+      # RealtimeKit is recommended
+      security.rtkit.enable = true;
+
+      services.pipewire = {
+        enable = true;
+
+        alsa = {
+          enable = true;
+          support32Bit = true;
+        };
+
+        pulse = {
+          enable = true;
+        };
+
+        jack = {
+          enable = true;
+        };
+
+        media-session = {
+          enable = true;
+        };
+      };
+    })
+
+    # Pulseaudio setup
+    (lib.mkIf cfg.pulse.enable {
+      # ALSA
+      sound.enable = true;
+
+      hardware.pulseaudio.enable = true;
+    })
+  ]);
+}

modules/hardware/upower/default.nix

@@ -0,0 +1,44 @@
+{ config, lib, ... }:
+let
+  cfg = config.my.hardware.upower;
+in
+{
+  options.my.hardware.upower = with lib; {
+    enable = mkEnableOption "upower configuration";
+
+    levels = {
+      low = mkOption {
+        type = types.ints.unsigned;
+        default = 25;
+        example = 10;
+        description = "Low percentage";
+      };
+
+      critical = mkOption {
+        type = types.ints.unsigned;
+        default = 15;
+        example = 5;
+        description = "Critical percentage";
+      };
+
+      action = mkOption {
+        type = types.ints.unsigned;
+        default = 5;
+        example = 3;
+        description = "Percentage at which point an action must be taken";
+      };
+    };
+  };
+
+  config = lib.mkIf cfg.enable {
+    services.upower = {
+      enable = true;
+
+      percentageLow = cfg.levels.low;
+
+      percentageCritical = cfg.levels.critical;
+
+      percentageAction = cfg.levels.action;
+    };
+  };
+}

modules/home/default.nix

@@ -0,0 +1,24 @@
+{ config, inputs, lib, ... }:
+let
+  actualPath = [ "home-manager" "users" config.my.user.name "my" "home" ];
+  aliasPath = [ "my" "home" ];
+
+  cfg = config.my.user.home;
+in
+{
+  imports = [
+    inputs.home-manager.nixosModule # enable home-manager options
+    (lib.mkAliasOptionModule aliasPath actualPath) # simplify setting home options
+  ];
+
+  config = lib.mkIf cfg.enable {
+    home-manager = {
+      # Not a fan of out-of-directory imports, but this is a good exception
+      users.${config.my.user.name} = import ../../home;
+
+      # Nix Flakes compatibility
+      useGlobalPkgs = true;
+      useUserPackages = true;
+    };
+  };
+}

modules/language.nix

@@ -1,7 +0,0 @@
-# Language settings
-{ ... }:
-
-{
-  # Select internationalisation properties.
-  i18n.defaultLocale = "en_US.UTF-8";
-}

modules/media.nix

@@ -1,16 +0,0 @@
-# Abstracting away the need for a common 'media' group
-
-{ config, lib, ... }:
-let
-  mediaServices = with config.my.services; [
-    calibre-web
-    jellyfin
-    pirate
-    sabnzbd
-    transmission
-  ];
-  needed = builtins.any (service: service.enable) mediaServices;
-in
-{
-  config.users.groups.media = lib.mkIf needed { };
-}

modules/networking.nix

@@ -1,13 +0,0 @@
-{ lib, ... }:
-
-{
-  options.my.networking.externalInterface = with lib; mkOption {
-    type = types.nullOr types.str;
-    default = null;
-    example = "eth0";
-    description = ''
-      Name of the network interface that egresses to the internet. Used for
-      e.g. NATing internal networks.
-    '';
-  };
-}

modules/nix.nix

@@ -1,11 +0,0 @@
-# Nix related settings
-{ pkgs, ... }:
-
-{
-  nix = {
-    package = pkgs.nixFlakes;
-    extraOptions = ''
-      experimental-features = nix-command flakes
-    '';
-  };
-}

modules/packages.nix

@@ -1,19 +0,0 @@
-# Common packages
-{ pkgs, ... }:
-
-{
-  # List packages installed in system profile. To search, run:
-  # $ nix search wget
-  environment.systemPackages = with pkgs; [
-    git
-    git-crypt
-    mosh
-    vim
-    wget
-  ];
-
-  programs.vim.defaultEditor = true; # Modal editing is life
-  programs.zsh.enable = true; # Use integrations
-
-  nixpkgs.config.allowUnfree = true; # Because I don't care *that* much.
-}