nix-on-droid only goes to 24.05

.sops.yaml

@@ -3,28 +3,6 @@ keys:
   - &laptop age1yqgyp2uxz4lzrc9f9ka0mfjl5fr6ahf8nf24nlmran2wulg6fpvq9hyp9q
   - &android age12pnf36uqesjmy3e0lythfnpwam3zg5mv8m936fc4jphy4ces2fdqwn0s74
 creation_rules:
-  - path_regex: homebox/secrets.yaml$
-    key_groups:
-    - age:
-      - *homebox
-  - path_regex: laptop/secrets.yaml$
-    key_groups:
-    - age:
-      - *laptop
-  - path_regex: pi4/secrets.yaml$
-    key_groups:
-    - age:
-      - *laptop
-  - path_regex: live/secrets.yaml$
-    key_groups:
-    - age:
-      - *laptop
-  - path_regex: nathan/secrets.yaml$
-    key_groups:
-    - age:
-      - *laptop
-      - *homebox
-      - *android
   - path_regex: system/secrets.yaml$
     key_groups:
     - age:

flake.lock

@@ -61,11 +61,11 @@
       },
       "locked": {
         "dir": "pkgs/firefox-addons",
-        "lastModified": 1767585814,
-        "narHash": "sha256-7iodv57Ppq05AHVKnS9/IdhhgBYTVpTDZmz2u2enr/E=",
+        "lastModified": 1768150501,
+        "narHash": "sha256-601j0FWA9UzEaDF3xj+12n94bkuVF/zkpLIOt6EfRK0=",
         "owner": "rycee",
         "repo": "nur-expressions",
-        "rev": "66bfeb87deb83ca2f9fa2045704b72de52c6433a",
+        "rev": "1b848102f204ce846360009d193ea6d0280c814a",
         "type": "gitlab"
       },
       "original": {
@@ -212,11 +212,11 @@
         ]
       },
       "locked": {
-        "lastModified": 1767619900,
-        "narHash": "sha256-KpoCBPvwHz3gAQtIUkohE2InRBFK3r0/FM6z5SPWfvM=",
+        "lastModified": 1767910483,
+        "narHash": "sha256-MOU5YdVu4DVwuT5ztXgQpPuRRBjSjUGIdUzOQr9iQOY=",
         "owner": "nix-community",
         "repo": "home-manager",
-        "rev": "6bd04da47cfb48dfd15eabf08364b78ad894f5b2",
+        "rev": "82fb7dedaad83e5e279127a38ef410bcfac6d77c",
         "type": "github"
       },
       "original": {
@@ -301,11 +301,11 @@
         "xdph": "xdph"
       },
       "locked": {
-        "lastModified": 1767654014,
-        "narHash": "sha256-1RG4xtr1FOX7mtSGBR9BcCsTrlRkXbygPaCSFNdT3bs=",
+        "lastModified": 1768144432,
+        "narHash": "sha256-lLV0egdN9VF6BjhG6GVEVMviFuM05XCv35YNsfLzS9w=",
         "ref": "refs/heads/main",
-        "rev": "9817553c664b0b7f6776671383a6368c74ee8dee",
-        "revCount": 6789,
+        "rev": "fbf421df889ceff3bac08a9f4b9493def5eecc4d",
+        "revCount": 6805,
         "submodules": true,
         "type": "git",
         "url": "https://github.com/hyprwm/Hyprland"
@@ -584,11 +584,11 @@
         "nixpkgs": "nixpkgs_2"
       },
       "locked": {
-        "lastModified": 1767147099,
-        "narHash": "sha256-395ehjdAtaqCbKmx+PhKAqnkYLvTtAzq2qzFG9qaGDw=",
+        "lastModified": 1767838769,
+        "narHash": "sha256-KCLU6SUU80tEBKIVZsBrSjRYX6kn1eVIYI3fEEqOp24=",
         "owner": "Infinidoge",
         "repo": "nix-minecraft",
-        "rev": "01f571579edd64433f97c4294137fbc366deef4b",
+        "rev": "4da21f019f6443f513f16af7f220ba4db1cdfc04",
         "type": "github"
       },
       "original": {
@@ -630,11 +630,11 @@
     },
     "nixpkgs-us": {
       "locked": {
-        "lastModified": 1767379071,
-        "narHash": "sha256-EgE0pxsrW9jp9YFMkHL9JMXxcqi/OoumPJYwf+Okucw=",
+        "lastModified": 1767892417,
+        "narHash": "sha256-dhhvQY67aboBk8b0/u0XB6vwHdgbROZT3fJAjyNh5Ww=",
         "owner": "nixos",
         "repo": "nixpkgs",
-        "rev": "fb7944c166a3b630f177938e478f0378e64ce108",
+        "rev": "3497aa5c9457a9d88d71fa93a4a8368816fbeeba",
         "type": "github"
       },
       "original": {
@@ -662,11 +662,11 @@
     },
     "nixpkgs_3": {
       "locked": {
-        "lastModified": 1767480499,
-        "narHash": "sha256-8IQQUorUGiSmFaPnLSo2+T+rjHtiNWc+OAzeHck7N48=",
+        "lastModified": 1768028080,
+        "narHash": "sha256-50aDK+8eLvsLK39TzQhKNq50/HcXyP4hyxOYoPoVxjo=",
         "owner": "nixos",
         "repo": "nixpkgs",
-        "rev": "30a3c519afcf3f99e2c6df3b359aec5692054d92",
+        "rev": "d03088749a110d52a4739348f39a63f84bb0be14",
         "type": "github"
       },
       "original": {
@@ -816,11 +816,11 @@
         ]
       },
       "locked": {
-        "lastModified": 1767499857,
-        "narHash": "sha256-0zUU/PW09d6oBaR8x8vMHcAhg1MOvo3CwoXgHijzzNE=",
+        "lastModified": 1768104471,
+        "narHash": "sha256-HdnXWQsA1EI27IJlaENUEEug58trUrh6+MT0cFiDHmY=",
         "owner": "Mic92",
         "repo": "sops-nix",
-        "rev": "ecc41505948ec2ab0325f14c9862a4329c2b4190",
+        "rev": "94f9cbd20f680ebb2ad6cdf39da97cbcfaedf004",
         "type": "github"
       },
       "original": {

flake.nix

@@ -41,7 +41,7 @@
     outputs = { self, nixpkgs, home-manager, ... } @ inputs: {
 
         profiles = let 
-            dir = builtins.readDir ./system/profiles;
+            dir = builtins.readDir ./profiles;
             filtered = builtins.filter (x: dir.${x} == "directory") (builtins.attrNames dir);
         in (builtins.listToAttrs 
             (builtins.map 
@@ -51,14 +51,14 @@
                     value = { ... }: {
                         imports = [
                             ./system
-                            ./system/profiles/${name}
+                            ./profiles/${name}
                         ];
                     };
                 })) filtered)
             );
 
         homes = let 
-            dir = builtins.readDir ./system/users;
+            dir = builtins.readDir ./homes;
             filtered = builtins.filter (x: dir.${x} == "directory") (builtins.attrNames dir);
         in (builtins.listToAttrs 
             (builtins.map 
@@ -67,7 +67,7 @@
                         
                     value = { ... } @ exputs: {
                         imports = [
-                            (./system/users/${name}/home-manager (inputs // exputs))
+                            (./homes/${name}/home-manager (inputs // exputs))
                         ];
                     };
                 })) filtered)

homes/nathan/flake.nix

@@ -4,10 +4,10 @@
 
     inputs = {
 
-        nixpkgs.url = "github:nixos/nixpkgs/nixos-25.05";
+        nixpkgs.url = "github:nixos/nixpkgs/nixos-25.11";
 
         home-manager = {
-            url = "github:nix-community/home-manager/release-25.05";
+            url = "github:nix-community/home-manager/release-25.11";
             inputs.nixpkgs.follows = "nixpkgs";
         };
 

homes/nathan/home-manager/.sops.yaml

@@ -0,0 +1,11 @@
+keys:
+  - &homebox age1640eg0pnmkruc89m5xguz0m8fek44fl4tzez6qwuzlz6kmapqewsp8esxd
+  - &laptop age1yqgyp2uxz4lzrc9f9ka0mfjl5fr6ahf8nf24nlmran2wulg6fpvq9hyp9q
+  - &android age12pnf36uqesjmy3e0lythfnpwam3zg5mv8m936fc4jphy4ces2fdqwn0s74
+creation_rules:
+  - path_regex: ^secrets.yaml$
+    key_groups:
+    - age:
+      - *laptop
+      - *homebox
+      - *android

homes/nathan/home-manager/default.nix

@@ -1,10 +1,12 @@
 { config, lib, pkgs, inputs, ... }: {
 
-    imports = [
-        ./programs
-        ./services
-        ./packages
-        ./dotfiles
+    imports = let 
+        dir = builtins.readDir ./.;
+    in (builtins.map (x: ./${x}) (builtins.filter 
+        (file: (dir.${file} == "directory"))
+        (builtins.attrNames dir)
+    )) ++ [
+        inputs.sops.homeManagerModules.sops
     ];
 
     options.homeconfig = with lib; {
@@ -60,7 +62,7 @@
             size = 16;
         };
 
-        gtk = lib.mkIf config.homeconfig.graphical {
+        gtk = lib.mkIf (config.homeconfig.graphical && config.homeconfig.hyprland.enable) {
             enable = true;
             theme.name = "Tokyonight-Dark";
             theme.package = pkgs.tokyonight-gtk-theme;

homes/nathan/home-manager/dotfiles/hypr/hyprlock.conf

@@ -11,6 +11,8 @@
 
 $font = Monospace
 
+source = ~/.cache/wal/colors-hypr.conf
+
 general {
     hide_cursor = false
 }
@@ -45,9 +47,9 @@ input-field {
     outline_thickness = 3
     inner_color = rgba(0, 0, 0, 0.0) # no fill
 
-    outer_color = rgba(33ccffee) rgba(00ff99ee) 45deg
-    check_color = rgba(00ff99ee) rgba(ff6633ee) 120deg
-    fail_color = rgba(ff6633ee) rgba(ff0066ee) 40deg
+    outer_color = $color1 $color5 100deg
+    check_color = $color2 $color6 120deg
+    fail_color = $color3 $color7 40deg
 
     font_color = rgb(143, 143, 143)
     fade_on_empty = false

homes/nathan/home-manager/dotfiles/hypr/main.conf

@@ -130,7 +130,7 @@ bind = $mainMod, V, togglefloating,
 
 bind = $mainMod SHIFT, V, exec, hyprrun vlc
 
-bind = , Menu, exec, hyprrun rofi -show drun -show-icons -run-command 'hyprrun {cmd}'
+bind = , Menu, exec, rofi -show drun -show-icons -run-command 'hyprrun {cmd}'
 
 bind = $mainMod, Menu, exec, hyprrun hyprpanel -q; hyprrun hyprpanel
 

homes/nathan/home-manager/dotfiles/wal/templates/ohmyposh.toml

@@ -0,0 +1,112 @@
+#:schema https://raw.githubusercontent.com/JanDeDobbeleer/oh-my-posh/main/themes/schema.json
+
+version = 2
+final_space = true
+console_title_template = '{{{{ .Shell }}}} in {{{{ .Folder }}}}'
+
+[[blocks]]
+  type = 'prompt'
+  alignment = 'left'
+  newline = true
+
+  [[blocks.segments]]
+    type = 'os'
+    style = 'diamond'
+    trailing_diamond = ''
+    background = 'p:c1'
+    foreground = 'p:c12'
+    template = ' {{{{ .Icon }}}} '
+
+  [[blocks.segments]]
+    type = 'session'
+    style = 'diamond'
+    trailing_diamond = ''
+    background = 'p:c2'
+    foreground = 'p:c14'
+    template = '{{{{ .UserName }}}}@{{{{ .HostName }}}}'
+
+  [[blocks.segments]]
+    type = 'path'
+    style = 'diamond'
+    trailing_diamond = ''
+    background = 'p:c4'
+    foreground = 'p:c13'
+    template = '{{{{ .Path }}}}'
+
+    [blocks.segments.properties]
+      style = 'full'
+
+[[blocks]]
+  type = 'prompt'
+  overflow = 'hidden'
+  alignment = 'right'
+
+  [[blocks.segments]]
+    type = 'executiontime'
+    style = 'diamond'
+    leading_diamond = ''
+    background = 'p:c4'
+    foreground = 'p:c13'
+    template = '{{{{ .FormattedMs }}}}'
+
+  [[blocks.segments]]
+    type = 'time'
+    style = 'diamond'
+    leading_diamond = ''
+    background = 'p:c2'
+    foreground = 'p:c14'
+
+  [[blocks.segments]]
+    type = 'shell'
+    style = 'diamond'
+    leading_diamond = ''
+    background = 'p:c1'
+    foreground = 'p:c12'
+
+[[blocks]]
+  type = 'prompt'
+  alignment = 'left'
+  newline = true
+
+  [[blocks.segments]]
+    type = 'text'
+    style = 'plain'
+    background = 'transparent'
+    foreground_templates = [
+      "{{{{ if gt .Code 0 }}}}p:c13{{{{end}}}}",
+      "{{{{ if eq .Code 0 }}}}p:c14{{{{end}}}}",
+    ]
+    template = "{{{{ if gt .Code 0 }}}}!❭ {{{{else}}}}❭ {{{{end}}}}"
+
+[transient_prompt] 
+  foreground_templates = [
+    "{{{{ if gt .Code 0 }}}}p:c13{{{{end}}}}",
+    "{{{{ if eq .Code 0 }}}}p:c14{{{{end}}}}",
+  ]
+  background = 'transparent'
+  template = "{{{{ if gt .Code 0 }}}}!❭ {{{{else}}}}❭ {{{{end}}}}"
+
+[secondary_prompt]
+  background = 'transparent'
+  forground = 'p:c14'
+  template = "❭❭ "
+
+
+[palette]
+
+c0 = "{color0}"
+c1 = "{color1}"
+c2 = "{color2}"
+c3 = "{color3}"
+c4 = "{color4}"
+c5 = "{color5}"
+c6 = "{color6}"
+c7 = "{color7}"
+c8 = "{color8}"
+c9 = "{color9}"
+c10 = "{color10}"
+c11 = "{color11}"
+c12 = "{color12}"
+c13 = "{color13}"
+c14 = "{color14}"
+c15 = "{color15}"

homes/nathan/home-manager/packages/default.nix

@@ -22,18 +22,17 @@
 
             home.packages = with pkgs; [
 
-                inputs.disko.packages.${pkgs.stdenv.hostPlatform.system}.disko-install 
-
                 kjv
                 openssh
                 sops
-                killall
+                dig
+                toybox
                 btop
                 zip    
                 unzip
                 rsync
                 curl
-                wget
+
                 (python313.withPackages (ps: with ps; [
                     gpustat
                     numpy
@@ -65,7 +64,6 @@
             cava 
             android-tools
             neovim-remote
-            gcc
             zulu
             fastfetch
             ncmpcpp
@@ -77,7 +75,7 @@
 
         (mkIf (!config.homeconfig.minimal && config.homeconfig.graphical) {
 
-            nixpkgs.config = mkIf (!config.homeconfig.minimal) {
+            nixpkgs.config = {
                 allowUnfree = true;
             };
 

homes/nathan/home-manager/packages/scripts/default.nix

@@ -95,14 +95,14 @@
 	        '')
 
             (pkgs.writeShellScriptBin "colorPrefix" ''
-                eval "$@" &
-	            sleep 0.4
-	            ${pkgs.pywalfox-native}/bin/pywalfox update &
-	            pidof kitty && pkill -USR1 kitty
-	            pidof cava && pkill -USR1 cava
+	            pidof firefox > /dev/null && ${pkgs.pywalfox-native}/bin/pywalfox update &
+	            pidof kitty > /dev/null && pkill -USR1 kitty
+	            pidof cava > /dev/null && pkill -USR1 cava
                 for i in ''$(ls /run/user/1000 | grep nvim); do 
                     ${pkgs.neovim-remote}/bin/nvr -s --servername /run/user/1000/''$i --remote-send '<cmd>colorscheme pywal<CR>'; 
                 done
+                
+                eval "''$@"
 	        '')
             
 	        (pkgs.writeShellScriptBin "onSystemStart" ''

homes/nathan/home-manager/programs/default.nix

@@ -1,18 +1,12 @@
 { config, lib, pkgs, inputs, ... }: {
 
-    imports = [
-        ./git
-        ./nh
-        ./hyprland
-        ./hyprpanel
-	    ./terminal
-        ./rofi
-        ./pywal
-        ./hyprlock
-        ./calcurse
-        ./firefox
-        ./quickshell
-    ];
+    imports = let 
+        dir = builtins.readDir ./.;
+    in builtins.map (x: ./${x}) (builtins.filter 
+        (file: (dir.${file} == "directory"))
+        (builtins.attrNames dir)
+    );
+
 
     config = {
 

homes/nathan/home-manager/services/default.nix

@@ -0,0 +1,9 @@
+{ ... }: {
+
+    imports = let 
+        dir = builtins.readDir ./.;
+    in builtins.map (x: ./${x}) (builtins.filter 
+        (file: (dir.${file} == "directory"))
+        (builtins.attrNames dir)
+    );
+}

homes/nathan/home.nix

@@ -1,11 +1,11 @@
-{ ... }:
+{ lib, ... }:
 
 {
 
     config = {                    
         homeconfig = {
-            graphical = false;
-            minimal = false;
+            graphical = lib.mkDefault false;
+            minimal = lib.mkDefault false;
         };
     };
  }

profiles/homebox/default.nix

@@ -0,0 +1,121 @@
+{ config, pkgs, lib, disko, sops-nix, home-manager, ... }:
+
+{
+  imports =
+    [
+      disko.nixosModules.default
+      
+      sops-nix.nixosModules.sops
+      
+      home-manager.nixosModules.default
+      
+    ];
+
+    config = {
+        
+        boot = {
+            kernelPackages = pkgs.linuxKernel.packages.linux_6_18;
+            loader = {
+                systemd-boot.enable = true;
+                efi.canTouchEfiVariables = true;
+            };
+            binfmt.emulatedSystems = lib.mkIf config.sysconfig.remoteBuildHost [ "aarch64-linux" ];
+        };
+
+        systemd.settings.Manager.DefaultLimitNOFILE = 2048;
+
+        programs.zsh.enable = true;
+        environment.shells = with pkgs; [ zsh bashInteractive ];
+
+        nixpkgs.config.allowUnfree = true;
+
+        networking = {
+            nameservers = lib.mkDefault [ "1.1.1.1" "1.0.0.1" ];
+            networkmanager = {
+                enable = true;
+                dns = "none";
+            };
+            useDHCP = false;
+            dhcpcd.enable = false;
+
+            nftables = {};
+            nat = {
+                enable = true;
+                internalInterfaces = [ "ve-.+" ];
+                externalInterface = "wlp7s0"; # wifi
+                #externalInterface = "enp6s0"; # ethernet
+            };
+        };
+        
+        sysconfig = {
+            remoteBuildHost = true;
+            graphical = false;
+
+            services = {
+                sddm.enable = false;
+                openssh.enable = true;
+                pipewire.enable = true;
+                netbird.enable = true;
+
+                ollama.enable = false;
+                wyoming = {
+                    enable = true;
+                    piper = false;
+                    openwakeword = true;
+                    faster-whisper = true;
+                };
+            };
+
+            programs = {
+                hyprland.enable = false;
+                hyprpanel.enable = false;
+                steam.enable = false;
+            };
+
+            docker = {
+                enable = true;
+
+                portainer.enable = true;
+                pihole.enable = true;
+                ollama.enable = true;
+                searxng.enable = true;
+            };
+
+            containers = {
+                traefik.enable = true;
+                jellyfin.enable = true;
+                "esotericbytes.com".enable = true;
+                nextcloud.enable = true;
+                ntfy.enable = false;
+                gitea.enable = true;
+                n8n.enable = true;
+                keycloak.enable = true;
+                netbird.enable = true;
+                
+                openwebui.enable = true;
+                homeassistant.enable = true;
+                
+                wyoming = {
+                    enable = false;
+                    piper = false;
+                    openwakeword = true;
+                    faster-whisper = true;
+                };
+                
+                rustdesk.enable = false; #broken
+                
+                code-server.enable = false;
+                
+                novnc.enable = false;
+                
+                minecraft.enable = true;
+
+                sandbox.enable = false;
+            };
+        };
+
+        fonts.packages = with pkgs; [ nerd-fonts.fira-code ];
+
+    };
+
+}

profiles/laptop/default.nix

@@ -63,7 +63,7 @@
             };
 
 
-            virtualization = {
+            containers = {
 
                 wyoming = {
                     enable = mkDefault false;
@@ -105,8 +105,16 @@
         programs.zsh.enable = true;
 
         networking = {
-            nameservers = [ "1.1.1.1" "1.0.0.1" ];
-            networkmanager.enable = true;
+            nameservers = [ 
+                "1.1.1.1" 
+                "1.0.0.1" 
+            ];
+            networkmanager = {
+                enable = true;
+                dns = "none";
+            };
+            useDHCP = false;
+            dhcpcd.enable = false;
         };
 
 

system/default.nix

@@ -1,11 +1,11 @@
-{ config, lib, nixpkgs, ... }: {
+{ config, lib, pkgs, nixpkgs, ... }: {
 
-    imports = [ 
-        ./services
-        ./packages
-        ./programs
-        ./users
-    ];
+    imports = let 
+        dir = builtins.readDir ./.;
+    in builtins.map (x: ./${x}) (builtins.filter 
+        (file: (dir.${file} == "directory"))
+        (builtins.attrNames dir)
+    );
 
     options.sysconfig = with lib; {
         host = mkOption {
@@ -65,13 +65,25 @@
             createHome = false;
         };
 
+        sops.secrets = let 
+            dir = builtins.readDir ../machines;
+        in lib.mkIf config.sysconfig.remoteBuildHost (builtins.listToAttrs 
+            (builtins.map 
+                (y: { name = "remoteBuildClientKeys/${y}"; value = { sopsFile = ./secrets.yaml; }; }) 
+                (builtins.filter 
+                    (x: dir.${x} == "directory" && (import ../machines/${x} { config = {}; inputs = {}; inherit lib pkgs; }).config.sysconfig.remoteBuildClient) 
+                    (builtins.attrNames dir)
+                )
+            )
+        );
+
         sops.templates."remote-builder" = lib.mkIf config.sysconfig.remoteBuildHost {
             content = builtins.concatStringsSep ''''\n'' (builtins.map 
                     (y: config.sops.placeholder.${y}) 
-                    (builtins.partition 
+                    (builtins.filter 
                      (x: (builtins.match "^remoteBuildClientKeys/.+" x) != null) 
                      (builtins.attrNames config.sops.secrets)
-                    ).right
+                    )
                     );
             path = "/etc/ssh/authorized_keys.d/remote-builder";
             owner = "remote-builder";