restructure

desktop/audio.nix

@@ -0,0 +1,28 @@
+{
+  pkgs,
+  config,
+  lib,
+  ...
+}:
+let
+  cfg = config.hd.desktop.audio;
+  inherit (lib) mkEnableOption mkIf;
+in
+{
+  options.hd.desktop.audio.enable = mkEnableOption "Audio";
+
+  config = mkIf cfg.enable {
+    environment.systemPackages = with pkgs; [
+      pavucontrol
+      alsa-utils
+    ];
+
+    services.pulseaudio.enable = false;
+    services.pipewire = {
+      enable = true;
+      alsa.enable = true;
+      alsa.support32Bit = true;
+      pulse.enable = true;
+    };
+  };
+}

desktop/default.nix

@@ -0,0 +1,62 @@
+{
+  inputs,
+  lib,
+  config,
+  options,
+  ...
+}:
+let
+  cfg = config.hd.desktop;
+  inherit (lib) mkEnableOption mkIf;
+in
+{
+  imports = [
+    ./audio.nix
+    ./fonts.nix
+    ./gpg.nix
+    ./network.nix
+    ./security.nix
+    ./services.nix
+    ./software
+    ./window-manager.nix
+    inputs.nixos-config-hidden.nixosModules.pc
+  ];
+
+  options = {
+    hd.desktop.enable = mkEnableOption "Desktop Configuration";
+    home = lib.mkOption {
+      type = lib.types.attrsOf lib.types.str;
+      default = { };
+      description = "home-manager configuration.";
+    };
+  };
+
+  config = mkIf cfg.enable {
+    hd.desktop = {
+      audio.enable = true;
+      fonts.enable = true;
+      gpg.enable = true;
+      network.enable = true;
+      security.enable = true;
+      services.enable = true;
+      software.enable = true;
+      wm.enable = true;
+    };
+
+    nixpkgs.config.allowUnfreePredicate =
+      pkg:
+      builtins.elem (lib.getName pkg) [
+        "nvidia-x11"
+        "nvidia-settings"
+        "vscode"
+        "obsidian"
+        "steam"
+        "steam-unwrapped"
+        "gateway" # jetbrains
+        "spotify"
+        "rust-rover"
+      ];
+
+    programs.nix-ld.enable = true;
+  };
+}

desktop/fonts.nix

@@ -0,0 +1,25 @@
+{
+  pkgs,
+  config,
+  lib,
+  ...
+}:
+let
+  cfg = config.hd.desktop.fonts;
+  inherit (lib) mkEnableOption mkIf;
+in
+{
+  options.hd.desktop.fonts.enable = mkEnableOption "Fonts";
+  config = mkIf cfg.enable {
+    fonts = {
+      packages = with pkgs; [
+        noto-fonts
+        noto-fonts-cjk-sans
+        noto-fonts-emoji
+        nerd-fonts.noto
+      ];
+      fontDir.enable = true;
+      fontconfig.defaultFonts.monospace = [ "Noto Nerd Font Mono" ];
+    };
+  };
+}

desktop/gpg.nix

@@ -0,0 +1,33 @@
+{
+  config,
+  lib,
+  pkgs,
+  ...
+}:
+let
+  cfg = config.hd.desktop.gpg;
+  inherit (lib) mkEnableOption mkIf;
+in
+{
+  options.hd.desktop.gpg.enable = mkEnableOption "GPG";
+  config = mkIf cfg.enable {
+    home = {
+      home.packages = with pkgs; [
+        seahorse
+        libsecret
+        gnome-keyring
+      ];
+      programs.gpg = {
+        enable = true;
+      };
+      services.gpg-agent = {
+        enable = true;
+        enableSshSupport = true;
+        pinentry.package = pkgs.pinentry-gtk2;
+      };
+    };
+    services.gnome.gnome-keyring = {
+      enable = true;
+    };
+  };
+}

desktop/network.nix

@@ -0,0 +1,87 @@
+{
+  host,
+  var,
+  config,
+  lib,
+  ...
+}:
+let
+  cfg = config.hd.desktop.network;
+  inherit (lib) mkEnableOption mkIf;
+in
+{
+  options.hd.desktop.network = {
+    enable = mkEnableOption "All Network Options";
+  };
+
+  config = mkIf cfg.enable {
+
+    hardware.bluetooth.enable = true;
+    systemd.network.wait-online.enable = false;
+
+    services = {
+      mullvad-vpn.enable = true;
+      blueman.enable = true;
+      resolved = {
+        # TODO: find out why doh breaks moodle...
+        enable = true;
+      };
+    };
+
+    networking = {
+      enableIPv6 = true;
+
+      wireguard.enable = true;
+      wg-quick = {
+        interfaces = {
+          "onet" = {
+            address = var.wg.wireguard-network.${host}.ips;
+            privateKeyFile = var.wg.keyFile;
+            peers = [ (lib.removeAttrs var.wg.wireguard-network."roam" [ "ips" ]) ];
+          };
+        };
+      };
+
+      networkmanager = {
+        enable = true;
+        wifi.macAddress = "random";
+        ensureProfiles.profiles = {
+          "tuda-vpn" = {
+            connection = {
+              autoconnect = "false";
+              id = "tuda-vpn";
+              type = "vpn";
+            };
+            ipv4 = {
+              method = "auto";
+            };
+            ipv6 = {
+              addr-gen-mode = "stable-privacy";
+              method = "auto";
+            };
+            vpn = {
+              authtype = "password";
+              autoconnect-flags = "0";
+              certsigs-flags = "0";
+              cookie-flags = "2";
+              disable_udp = "no";
+              enable_csd_trojan = "no";
+              gateway = "vpn.hrz.tu-darmstadt.de";
+              gateway-flags = "2";
+              gwcert-flags = "2";
+              lasthost-flags = "0";
+              pem_passphrase_fsid = "no";
+              prevent_invalid_cert = "no";
+              protocol = "anyconnect";
+              resolve-flags = "2";
+              service-type = "org.freedesktop.NetworkManager.openconnect";
+              stoken_source = "disabled";
+              xmlconfig-flags = "0";
+              password-flags = 0;
+            };
+          };
+        };
+      };
+    };
+  };
+}

desktop/security.nix

@@ -0,0 +1,18 @@
+{
+  config,
+  lib,
+  pkgs,
+  ...
+}:
+let
+  cfg = config.hd.desktop.security;
+  inherit (lib) mkEnableOption mkIf;
+in
+{
+  options.hd.desktop.security.enable = mkEnableOption "Security";
+  config = mkIf cfg.enable {
+    security = {
+
+    };
+  };
+}

desktop/services.nix

@@ -0,0 +1,49 @@
+{
+  pkgs,
+  lib,
+  config,
+  ...
+}:
+let
+  cfg = config.hd.desktop.services;
+  inherit (lib) mkEnableOption mkIf;
+in
+{
+  options.hd.desktop.services.enable = mkEnableOption "Services";
+
+  config = mkIf cfg.enable {
+    services = {
+      printing.enable = true;
+      avahi = {
+        enable = true;
+        nssmdns4 = true;
+        openFirewall = true;
+      };
+      udisks2.enable = true;
+      emacs.enable = true;
+    };
+
+    home.services.protonmail-bridge = {
+      enable = true;
+      path = with pkgs; [
+        pass
+        gnome-keyring
+      ];
+    };
+
+    home.services.unison' = {
+      # TODO: parameterize
+      enable = true;
+      pairs = {
+        "docs".roots = [
+          "/home/hd/Documents"
+          "ssh://roam//home/hd/Documents"
+        ];
+        "desktop".roots = [
+          "/home/hd/Desktop"
+          "ssh://roam//home/hd/Desktop"
+        ];
+      };
+    };
+  };
+}

desktop/software/default.nix

@@ -0,0 +1,65 @@
+{
+  config,
+  lib,
+  pkgs,
+  ...
+}:
+let
+  cfg = config.hd.desktop.software;
+  inherit (lib) mkEnableOption mkIf;
+in
+{
+  imports = [ ./development.nix ];
+
+  options.hd.desktop.software.enable = mkEnableOption "Software";
+
+  config = mkIf cfg.enable {
+    hd.desktop.software.development.enable = true;
+
+    environment.systemPackages = with pkgs; [
+      # vesktop
+      bitwarden
+      calibre
+      element-desktop
+      gh
+      kitty
+      nil
+      obsidian
+      rclone
+      signal-desktop
+      spotify
+      starship
+      stow
+      tor-browser
+      vlc
+      wireguard-tools
+      wl-clipboard
+      zotero
+      zulip
+    ];
+
+    virtualisation = {
+      docker.enable = true;
+    };
+
+    programs = {
+      firefox.enable = true;
+      git.enable = true;
+      kdeconnect.enable = true;
+    };
+
+    home = {
+      programs.thunderbird = {
+        enable = true;
+        package = pkgs.thunderbird-latest;
+        profiles.default = {
+          isDefault = true;
+          withExternalGnupg = true;
+        };
+      };
+    };
+
+    # Some excludes
+    services.xserver.excludePackages = [ pkgs.xterm ];
+  };
+}

desktop/software/development.nix

@@ -0,0 +1,35 @@
+{
+  config,
+  pkgs,
+  lib,
+  ...
+}:
+let
+  cfg = config.hd.desktop.software.development;
+  inherit (lib) mkEnableOption mkIf;
+in
+{
+  options.hd.desktop.software.development.enable = mkEnableOption "Dev Software";
+
+  config = mkIf cfg.enable {
+    documentation.dev.enable = true;
+
+    environment.systemPackages = with pkgs; [
+      vscode
+      binutils
+      clang
+      gcc
+      gdb
+      gnumake
+      man-pages
+      man-pages-posix
+      nixfmt-rfc-style
+      python313
+      python313Packages.mypy
+      rustup
+      emacs
+      jetbrains.gateway
+      jetbrains.rust-rover
+    ];
+  };
+}

desktop/window-manager.nix

@@ -0,0 +1,22 @@
+{
+  pkgs,
+  config,
+  lib,
+  ...
+}:
+let
+  cfg = config.hd.desktop.wm;
+  inherit (lib) mkEnableOption mkIf;
+in
+{
+  options.hd.desktop.wm.enable = mkEnableOption "Window Manager";
+
+  config = mkIf cfg.enable {
+    # Enable the KDE Plasma Desktop Environment.
+    services.displayManager.sddm = {
+      enable = true;
+      wayland.enable = true;
+    };
+    services.desktopManager.plasma6.enable = true;
+  };
+}