Modules/Niri: Update DMS default config

README.md

@@ -1,6 +1,6 @@
 # NixOS Configuration
 
-Modular NixOS configuration, using Hyprland for a lightweight desktop.
+Modular NixOS configuration, using Hyprland (yikes) or Niri for a tiling/scrolling desktop.
 
 ![](FastFetch.png)
 
@@ -10,7 +10,10 @@ Modular NixOS configuration, using Hyprland for a lightweight desktop.
   <img src="/Btop.png" width="33%" />
 </p>
 
+![](Niri.png)
+
 To install, run `nixos-rebuild` with the `--flake` parameter from the `NixFlake` directory: `nixos-rebuild switch --flake .#nixinator`.
+Alternatively, use `nh os switch` or `nh os boot`.
 
 ## NixFlake/system
 
@@ -19,6 +22,7 @@ Contains all the system configurations.
 - There is a common configuration used for all systems: `NixFlake/system/default.nix`
 - Every system has its own special configuration: `NixFlake/system/<hostname>/default.nix`
 - System modules are located in `NixFlake/system/modules`
+- Hosted services are located in `NixFlake/system/services`
 
 When creating a NixOS configuration inside the `NixFlake/flake.nix` the common configuration is imported.
 Because the hostname is propagated to the common configuration, it can import the host-specific config by itself.
@@ -41,6 +45,6 @@ Each derivation is loaded into `NixFlake/derivations/default.nix`.
 
 ## NixFlake/overlays
 
-Contains (not at the moment) all overlays.
+Contains all overlays, e.g. package version overrides.
-The `NixFlake/overlays/default.nix` imports all of the overlays and all of the derivations.
+The `NixFlake/overlays/default.nix` imports all overlays and all derivations.
-It is then imported by the toplevel `NixFlake/flake.nix`, to make everything available to the system/home configurations.
+It is then imported by the top-level `NixFlake/flake.nix`, to make everything available to the system/home configurations.

flake.nix

@@ -60,7 +60,7 @@
     # Noctalia shell
     noctalia.url = "github:noctalia-dev/noctalia-shell";
     noctalia.inputs.nixpkgs.follows = "nixpkgs";
-    noctalia.inputs.quickshell.follows = "quickshell";
+    # noctalia.inputs.quickshell.follows = "quickshell";
 
     # Lol
     waifu-cursors.url = "github:kagurazakei/waifu-cursors";
@@ -73,13 +73,13 @@
     # caelestia-cli.inputs.nixpkgs.follows = "nixpkgs";
 
     # DankMaterialShell
-    # dgop.url = "github:AvengeMedia/dgop";
+    dgop.url = "github:AvengeMedia/dgop";
-    # dgop.inputs.nixpkgs.follows = "nixpkgs";
+    dgop.inputs.nixpkgs.follows = "nixpkgs";
     # dms-cli.url = "github:AvengeMedia/danklinux";
     # dms-cli.inputs.nixpkgs.follows = "nixpkgs";
-    # dankMaterialShell.url = "github:AvengeMedia/DankMaterialShell";
+    dankMaterialShell.url = "github:AvengeMedia/DankMaterialShell";
-    # dankMaterialShell.inputs.nixpkgs.follows = "nixpkgs";
+    dankMaterialShell.inputs.nixpkgs.follows = "nixpkgs";
-    # dankMaterialShell.inputs.dgop.follows = "dgop";
+    dankMaterialShell.inputs.dgop.follows = "dgop";
 
     # Hyprland (use flake so plugins are not built from source)
     hyprland.url = "github:hyprwm/Hyprland";

home/christoph/default.nix

@@ -57,7 +57,7 @@ in
         extraPackages = with pkgs; [
           papirus-icon-theme
           bibata-cursors
-          inputs.waifu-cursors.packages.${pkgs.system}.all
+          inputs.waifu-cursors.packages.${pkgs.stdenv.hostPlatform.system}.all
         ];
 
         cursor = "Bibata-Modern-Classic";
@@ -98,7 +98,7 @@ in
       };
 
       hyprland = {
-        enable = !headless;
+        enable = false;
         dunst.enable = !config.modules.hyprpanel.enable; # Disable for hyprpanel
         bars.enable = false;
         dynamicCursor.enable = false;
@@ -225,8 +225,8 @@ in
 
         windowrules = [
           # Fix jetbrains tooltip flicker
-          "float,class:^(jetbrains-.*)$,title:^(win[0-9]+)$"
+          "match:class ^(jetbrains-.*)$, match:title ^(win[0-9]+)$, float 1"
-          "nofocus,class:^(jetbrains-.*)$,title:^(win[0-9]+)$"
+          "match:class ^(jetbrains-.*)$, match:title ^(win[0-9]+)$, no_initial_focus 1"
         ];
 
         workspacerules = {
@@ -537,10 +537,10 @@ in
             # Run unpatched binaries on NixOS
             # Sets NIX_LD_LIBRARY_PATH and NIX_LD variables for nix-ld.
             # Usage: "nix-alien-ld -- <Executable>".
-            inputs.nix-alien.packages.${system}.nix-alien
+            inputs.nix-alien.packages.${pkgs.stdenv.hostPlatform.system}.nix-alien
 
             # Search nixpkgs
-            inputs.nps.packages.${system}.default
+            inputs.nps.packages.${pkgs.stdenv.hostPlatform.system}.default
 
             # Use NixCommunity binary cache
             cachix
@@ -854,7 +854,7 @@ in
       nushell.enable = false;
 
       # spicetify = let
-      #   spicePkgs = inputs.spicetify-nix.legacyPackages.${pkgs.system};
+      #   spicePkgs = inputs.spicetify-nix.legacyPackages.${pkgs.stdenv.hostPlatform.system};
       # in {
       #   enable = true;
       #

home/christoph/nixinator/default.nix

@@ -140,6 +140,8 @@
         makemkv
         lrcget
         msty
+        # jellyfin-media-player # CVE, can't install
+        jellyfin-mpv-shim
 
         steam-devices-udev-rules
       ];

home/modules/1_deprecated/ags/default.nix

@@ -17,20 +17,20 @@ in {
 
       # AGS libs go here
       extraPackages = [
-        inputs.ags.packages.${pkgs.system}.apps
+        inputs.ags.packages.${pkgs.stdenv.hostPlatform.system}.apps
-        inputs.ags.packages.${pkgs.system}.auth
+        inputs.ags.packages.${pkgs.stdenv.hostPlatform.system}.auth
-        inputs.ags.packages.${pkgs.system}.battery
+        inputs.ags.packages.${pkgs.stdenv.hostPlatform.system}.battery
-        inputs.ags.packages.${pkgs.system}.bluetooth
+        inputs.ags.packages.${pkgs.stdenv.hostPlatform.system}.bluetooth
-        inputs.ags.packages.${pkgs.system}.cava
+        inputs.ags.packages.${pkgs.stdenv.hostPlatform.system}.cava
-        # inputs.ags.packages.${pkgs.system}.greet
+        # inputs.ags.packages.${pkgs.stdenv.hostPlatform.system}.greet
-        inputs.ags.packages.${pkgs.system}.hyprland
+        inputs.ags.packages.${pkgs.stdenv.hostPlatform.system}.hyprland
-        inputs.ags.packages.${pkgs.system}.mpris
+        inputs.ags.packages.${pkgs.stdenv.hostPlatform.system}.mpris
-        inputs.ags.packages.${pkgs.system}.network
+        inputs.ags.packages.${pkgs.stdenv.hostPlatform.system}.network
-        inputs.ags.packages.${pkgs.system}.notifd
+        inputs.ags.packages.${pkgs.stdenv.hostPlatform.system}.notifd
-        # inputs.ags.packages.${pkgs.system}.powerprofiles
+        # inputs.ags.packages.${pkgs.stdenv.hostPlatform.system}.powerprofiles
-        # inputs.ags.packages.${pkgs.system}.river
+        # inputs.ags.packages.${pkgs.stdenv.hostPlatform.system}.river
-        inputs.ags.packages.${pkgs.system}.tray
+        inputs.ags.packages.${pkgs.stdenv.hostPlatform.system}.tray
-        inputs.ags.packages.${pkgs.system}.wireplumber
+        inputs.ags.packages.${pkgs.stdenv.hostPlatform.system}.wireplumber
       ];
 
       # This should symlink but doesn't, it copies the files :/
@@ -40,7 +40,7 @@ in {
     # The ags module doesn't expose the "astal" cli tool or extraPackages
     home.packages =
       [
-        inputs.ags.packages.${pkgs.system}.io
+        inputs.ags.packages.${pkgs.stdenv.hostPlatform.system}.io
       ]
       ++ config.programs.ags.extraPackages;
 

home/modules/default.nix

@@ -35,8 +35,8 @@
     # inputs.niri.homeModules.niri # Imported by system module
     inputs.noctalia.homeModules.default
     inputs.caelestia.homeManagerModules.default
-    # inputs.dankMaterialShell.homeModules.dankMaterialShell.default
+    inputs.dankMaterialShell.homeModules.dankMaterialShell.default
-    # inputs.dankMaterialShell.homeModules.dankMaterialShell.niri
+    inputs.dankMaterialShell.homeModules.dankMaterialShell.niri
 
     # NOTE: Do NOT use this, use the system module (the HM module has to rely on fuse)
     # inputs.impermanence.homeManagerModules.impermanence

home/modules/docs/default.nix

@@ -12,9 +12,11 @@ in {
   config = lib.mkIf docs.enable {
     home = {
       packages = with pkgs; [
-        texliveFull
         inkscape
-        typst
+
+        texliveFull # TODO: LaTeX packages
+
+        typst # TODO: Typst packages
       ];
 
       file = {

home/modules/hyprland/default.nix

@@ -142,8 +142,8 @@ in {
 
     wayland.windowManager.hyprland = {
       enable = true;
-      package = inputs.hyprland.packages.${pkgs.system}.hyprland;
+      package = inputs.hyprland.packages.${pkgs.stdenv.hostPlatform.system}.hyprland;
-      portalPackage = inputs.hyprland.packages.${pkgs.system}.xdg-desktop-portal-hyprland;
+      portalPackage = inputs.hyprland.packages.${pkgs.stdenv.hostPlatform.system}.xdg-desktop-portal-hyprland;
 
       systemd.enable = true; # Enable hyprland-session.target
       systemd.variables = ["--all"]; # Import PATH into systemd
@@ -152,16 +152,16 @@ in {
       plugins = builtins.concatLists [
         (lib.optionals
           hyprland.bars.enable
-          [inputs.hyprland-plugins.packages.${pkgs.system}.hyprbars])
+          [inputs.hyprland-plugins.packages.${pkgs.stdenv.hostPlatform.system}.hyprbars])
         (lib.optionals
           hyprland.dynamicCursor.enable
-          [inputs.hypr-dynamic-cursors.packages.${pkgs.system}.hypr-dynamic-cursors])
+          [inputs.hypr-dynamic-cursors.packages.${pkgs.stdenv.hostPlatform.system}.hypr-dynamic-cursors])
         (lib.optionals
           hyprland.trails.enable
-          [inputs.hyprland-plugins.packages.${pkgs.system}.hyprtrails])
+          [inputs.hyprland-plugins.packages.${pkgs.stdenv.hostPlatform.system}.hyprtrails])
         (lib.optionals
           hyprland.hyprspace.enable
-          [inputs.hyprspace.packages.${pkgs.system}.Hyprspace])
+          [inputs.hyprspace.packages.${pkgs.stdenv.hostPlatform.system}.Hyprspace])
       ];
 
       settings = import ./settings.nix {

home/modules/hyprland/settings.nix

@@ -111,19 +111,19 @@
 
   windowrule = let
     mkWorkspaceRule = workspace: class:
-      "workspace ${workspace}, "
+      "match:class ^(${class})$, "
-      + "class:^(${class})$";
+      + "workspace ${workspace}";
     mkWorkspaceRules = workspace: class-list:
       builtins.map (mkWorkspaceRule workspace) class-list;
 
     mkFloatingRule = attrs:
-      "float"
+      (lib.optionalString (builtins.hasAttr "class" attrs) "match:class ^(${attrs.class})$, ")
-      + (lib.optionalString (builtins.hasAttr "class" attrs) ", class:^(${attrs.class})$")
+      + (lib.optionalString (builtins.hasAttr "title" attrs) "match:title ^(${attrs.title})$, ")
-      + (lib.optionalString (builtins.hasAttr "title" attrs) ", title:^(${attrs.title})$");
+      + "float 1";
 
     mkTranslucentRule = class:
-      "opacity ${hyprland.transparent-opacity} ${hyprland.transparent-opacity}, "
+      "match:class ^(${class})$, "
-      + "class:^(${class})$";
+      + "opacity ${hyprland.transparent-opacity} ${hyprland.transparent-opacity}";
   in
     lib.mkMerge [
       (hyprland.workspacerules
@@ -165,15 +165,15 @@
   # Because those are not windows, but layers,
   # we have to blur them explicitly
   layerrule = [
-    "blur,rofi"
+    "match:class rofi, blur 1"
-    "ignorealpha 0.001,rofi" # Fix pixelated corners
+    # "match:class rofi, ignore_alpha 0.001" # Fix pixelated corners
-    "xray 0,rofi" # Render on top of other windows
+    # "match:class rofi, xray 0" # Render on top of other windows
-    "dimaround,rofi"
+    # "match:class rofi, dim_around 1"
 
-    "blur,waybar"
+    "match:class waybar, blur 1"
-    "blur,gtk4-layer-shell"
+    "match:class gtk4-layer-shell, blur 1"
-    "blur,bar-0"
+    "match:class bar-0, blur 1"
-    "blur,bar-1"
+    "match:class bar-1, blur 1"
   ];
 
   decoration = {

home/modules/neovim/default.nix

@@ -1,6 +1,7 @@
 {
   inputs,
   system,
+  headless,
   username,
   hostname,
   config,
@@ -27,13 +28,7 @@ in {
         builtins.concatLists [
           (lib.optionals neovim.neovide [neovide])
 
-          [
+          (lib.optionals (!headless) [
-            (pkgs.ripgrep.override {withPCRE2 = true;})
-
-            # Dependencies
-            lua54Packages.jsregexp # For tree-sitter
-            # nodejs_latest
-
             # Language servers
             clang-tools
             clojure-lsp
@@ -80,6 +75,14 @@ in {
             rustfmt
             stylua
             typstyle
+          ])
+
+          [
+            (pkgs.ripgrep.override {withPCRE2 = true;})
+
+            # Dependencies
+            lua54Packages.jsregexp # For tree-sitter
+            # nodejs_latest
           ]
         ];
     };

home/modules/niri/dankMaterialShell.nix

@@ -0,0 +1,482 @@
+{color}: {
+  enable = true;
+
+  systemd = {
+    enable = false;
+    restartIfChanged = true;
+  };
+
+  # Deprecated
+  # enableClipboard = true;
+  # enableBrightnessControl = false;
+  # enableColorPicker = true;
+  # enableSystemSound = false;
+
+  enableSystemMonitoring = true;
+  enableVPN = true;
+  enableDynamicTheming = false;
+  enableAudioWavelength = true;
+  enableCalendarEvents = false;
+
+  niri = {
+    enableKeybinds = false;
+    enableSpawn = false;
+  };
+
+  # This is generated from the DMS settings dialog.
+  # Run: nix eval --impure --expr 'builtins.fromJSON (builtins.readFile ~/.config/DankMaterialShell/settings.json)'
+  default.settings = {
+    # Bar
+    barConfigs = [
+      {
+        # Widgets
+        leftWidgets = [
+          {
+            enabled = true;
+            id = "launcherButton";
+          }
+          {
+            enabled = true;
+            id = "workspaceSwitcher";
+          }
+          {
+            enabled = true;
+            focusedWindowCompactMode = true;
+            id = "focusedWindow";
+          }
+        ];
+        centerWidgets = [
+          {
+            enabled = true;
+            id = "music";
+            mediaSize = 1;
+          }
+        ];
+        rightWidgets = [
+          {
+            enabled = true;
+            id = "cpuUsage";
+            minimumWidth = true;
+          }
+          {
+            enabled = true;
+            id = "memUsage";
+            minimumWidth = true;
+          }
+          {
+            enabled = true;
+            id = "diskUsage";
+          }
+          {
+            enabled = true;
+            id = "clipboard";
+          }
+          {
+            enabled = true;
+            id = "controlCenterButton";
+          }
+          {
+            enabled = true;
+            id = "systemTray";
+          }
+          {
+            clockCompactMode = true;
+            enabled = true;
+            id = "clock";
+          }
+          {
+            enabled = true;
+            id = "notificationButton";
+          }
+        ];
+
+        enabled = true;
+        id = "default";
+        name = "Main Bar";
+
+        # Behavior
+        autoHide = false;
+        autoHideDelay = 250;
+        maximizeDetection = true;
+        openOnOverview = false;
+
+        # Border
+        borderColor = "surfaceText";
+        borderEnabled = false;
+        borderOpacity = 1;
+        borderThickness = 2;
+        gothCornerRadiusOverride = false;
+        gothCornerRadiusValue = 12;
+        gothCornersEnabled = false;
+
+        # Styling
+        position = 0;
+        fontScale = 1.1;
+        bottomGap = 0;
+        innerPadding = 4;
+        noBackground = false;
+        popupGapsAuto = true;
+        popupGapsManual = 4;
+        spacing = 0;
+        transparency = 1;
+        widgetOutlineColor = "primary";
+        widgetOutlineEnabled = false;
+        widgetOutlineOpacity = 1;
+        widgetOutlineThickness = 2;
+        widgetTransparency = 1;
+        squareCorners = true;
+        screenPreferences = ["all"];
+        showOnLastDisplay = true;
+        visible = true;
+      }
+    ];
+
+    # Power saving
+    acLockTimeout = 0;
+    acMonitorTimeout = 0;
+    acProfileName = "";
+    acSuspendBehavior = 0;
+    acSuspendTimeout = 0;
+
+    animationSpeed = 1;
+
+    # Launcher
+    appLauncherGridColumns = 4;
+    appLauncherViewMode = "list";
+    launchPrefix = "";
+    launcherLogoBrightness = 0.5;
+    launcherLogoColorInvertOnMode = false;
+    launcherLogoColorOverride = "";
+    launcherLogoContrast = 1;
+    launcherLogoCustomPath = "";
+    launcherLogoMode = "os";
+    launcherLogoSizeOffset = 0;
+
+    # Audio
+    audioInputDevicePins = {};
+    audioOutputDevicePins = {};
+    audioVisualizerEnabled = true;
+
+    # Battery
+    batteryLockTimeout = 0;
+    batteryMonitorTimeout = 0;
+    batteryProfileName = "";
+    batterySuspendBehavior = 0;
+    batterySuspendTimeout = 0;
+
+    # Wallpaper
+    blurWallpaperOnOverview = true;
+    blurredWallpaperLayer = false;
+    wallpaperFillMode = "Fill";
+
+    # Control center
+    controlCenterShowAudioIcon = true;
+    controlCenterShowBatteryIcon = false;
+    controlCenterShowBluetoothIcon = true;
+    controlCenterShowBrightnessIcon = false;
+    controlCenterShowMicIcon = true;
+    controlCenterShowNetworkIcon = true;
+    controlCenterShowPrinterIcon = false;
+    controlCenterShowVpnIcon = true;
+    controlCenterWidgets = [
+      {
+        enabled = true;
+        id = "volumeSlider";
+        width = 50;
+      }
+      {
+        enabled = true;
+        id = "brightnessSlider";
+        width = 50;
+      }
+      {
+        enabled = true;
+        id = "wifi";
+        width = 50;
+      }
+      {
+        enabled = true;
+        id = "bluetooth";
+        width = 50;
+      }
+      {
+        enabled = true;
+        id = "audioOutput";
+        width = 50;
+      }
+      {
+        enabled = true;
+        id = "audioInput";
+        width = 50;
+      }
+      {
+        enabled = true;
+        id = "nightMode";
+        width = 50;
+      }
+      {
+        enabled = true;
+        id = "darkMode";
+        width = 50;
+      }
+    ];
+
+    # Styling
+    cornerRadius = 10;
+    currentThemeName = "cat-mauve";
+    customAnimationDuration = 500;
+    fontFamily = "MonoLisa Normal";
+    monoFontFamily = "MonoLisa Normal";
+    fontScale = 1;
+    fontWeight = 500;
+    gtkThemingEnabled = false;
+    iconTheme = "System Default";
+
+    # Lock
+    fadeToLockEnabled = true;
+    fadeToLockGracePeriod = 5;
+    lockBeforeSuspend = false;
+    lockDateFormat = "yyyy-MM-dd";
+    lockScreenActiveMonitor = "all";
+    lockScreenInactiveColor = "#000000";
+    lockScreenShowDate = true;
+    lockScreenShowPasswordField = true;
+    lockScreenShowPowerActions = true;
+    lockScreenShowProfileImage = true;
+    lockScreenShowSystemIcons = true;
+    lockScreenShowTime = true;
+    loginctlLockIntegration = true;
+
+    # Notifications
+    notificationOverlayEnabled = false;
+    notificationPopupPosition = 0;
+    notificationTimeoutCritical = 0;
+    notificationTimeoutLow = 5000;
+    notificationTimeoutNormal = 5000;
+
+    # OSD
+    osdAlwaysShowValue = true;
+    osdAudioOutputEnabled = true;
+    osdBrightnessEnabled = true;
+    osdCapsLockEnabled = true;
+    osdIdleInhibitorEnabled = true;
+    osdMediaVolumeEnabled = true;
+    osdMicMuteEnabled = true;
+    osdPosition = 7;
+    osdPowerProfileEnabled = false;
+    osdVolumeEnabled = true;
+
+    # Power menu
+    powerActionConfirm = true;
+    powerActionHoldDuration = 0.5;
+    powerMenuActions = ["reboot" "logout" "poweroff" "lock" "restart"];
+    powerMenuDefaultAction = "poweroff";
+    powerMenuGridLayout = false;
+
+    # Settings
+    focusedWindowCompactMode = false;
+    hideBrightnessSlider = false;
+    keyboardLayoutNameCompactMode = false;
+    modalDarkenBackground = true;
+    nightModeEnabled = false;
+    niriOverviewOverlayEnabled = true;
+    showBattery = false;
+    showCapsLockIndicator = false;
+    showClipboard = true;
+    showClock = true;
+    showControlCenterButton = true;
+    showCpuTemp = true;
+    showCpuUsage = true;
+    showDock = false;
+    showFocusedWindow = true;
+    showGpuTemp = false;
+    showLauncherButton = true;
+    showMemUsage = true;
+    showMusic = true;
+    showNotificationButton = true;
+    showOccupiedWorkspacesOnly = false;
+    showPrivacyButton = false;
+    showSystemTray = true;
+    showWorkspaceApps = false;
+    showWorkspaceIndex = false;
+    showWorkspacePadding = false;
+    showWorkspaceSwitcher = true;
+    soundNewNotification = true;
+    soundPluggedIn = true;
+    soundVolumeChanged = true;
+    soundsEnabled = false;
+
+    # Launcher
+    sortAppsAlphabetically = false;
+    spotlightCloseNiriOverview = true;
+    spotlightModalViewMode = "list";
+
+    # Clock
+    use24HourClock = true;
+    showSeconds = true;
+    clockCompactMode = false;
+    clockDateFormat = "yyyy-MM-dd";
+
+    # Media
+    waveProgressEnabled = true;
+    scrollTitleEnabled = true;
+
+    # Weather
+    showWeather = true;
+    useFahrenheit = false;
+    useAutoLocation = false;
+    weatherCoordinates = "51.5142273,7.4652789";
+    weatherEnabled = true;
+    weatherLocation = "Dortmund, Nordrhein-Westfalen";
+
+    # Workspaces
+    workspaceNameIcons = {};
+    workspaceScrolling = false;
+    workspacesPerMonitor = true;
+
+    # Dock
+    dockAutoHide = false;
+    dockBorderColor = "surfaceText";
+    dockBorderEnabled = false;
+    dockBorderOpacity = 1;
+    dockBorderThickness = 1;
+    dockBottomGap = 0;
+    dockGroupByApp = false;
+    dockIconSize = 40;
+    dockIndicatorStyle = "circle";
+    dockMargin = 0;
+    dockOpenOnOverview = false;
+    dockPosition = 1;
+    dockSpacing = 4;
+    dockTransparency = 1;
+
+    # Random shit
+    widgetBackgroundColor = "sc";
+    widgetColorMode = "default";
+    wifiNetworkPins = {};
+    brightnessDevicePins = {};
+    bluetoothDevicePins = {};
+    centeringMode = "index";
+    useSystemSoundTheme = false;
+    vpnLastConnected = "";
+    syncModeWithPortal = true;
+    terminalsAlwaysDark = false;
+    updaterCustomCommand = "";
+    updaterTerminalAdditionalParams = "";
+    updaterUseCustomCommand = false;
+    showOnLastDisplay = {};
+    dwlShowAllTags = false;
+    enableFprint = false;
+    enabledGpuPciIds = [];
+    customPowerActionHibernate = "";
+    customPowerActionLock = "";
+    customPowerActionLogout = "";
+    customPowerActionPowerOff = "";
+    customPowerActionReboot = "";
+    customPowerActionSuspend = "";
+    customThemeFile = "";
+    displayNameMode = "system";
+    matugenScheme = "scheme-tonal-spot";
+    matugenTargetMonitor = "";
+    matugenTemplateAlacritty = true;
+    matugenTemplateDgop = true;
+    matugenTemplateFirefox = true;
+    matugenTemplateFoot = true;
+    matugenTemplateGhostty = true;
+    matugenTemplateGtk = true;
+    matugenTemplateKcolorscheme = true;
+    matugenTemplateKitty = true;
+    matugenTemplateNiri = true;
+    matugenTemplatePywalfox = true;
+    matugenTemplateQt5ct = true;
+    matugenTemplateQt6ct = true;
+    matugenTemplateVesktop = true;
+    matugenTemplateVscode = true;
+    matugenTemplateWezterm = true;
+    notepadFontFamily = "";
+    notepadFontSize = 14;
+    notepadLastCustomTransparency = 0.7;
+    notepadShowLineNumbers = false;
+    notepadTransparencyOverride = -1;
+    notepadUseMonospace = true;
+    maxFprintTries = 15;
+    maxWorkspaceIcons = 3;
+    mediaSize = 1;
+    networkPreference = "auto";
+    selectedGpuIndex = 0;
+    popupTransparency = 1;
+    privacyShowCameraIcon = false;
+    privacyShowMicIcon = false;
+    privacyShowScreenShareIcon = false;
+    qtThemingEnabled = false;
+    runDmsMatugenTemplates = false;
+    runUserMatugenTemplates = false;
+    runningAppsCompactMode = true;
+    runningAppsCurrentWorkspace = false;
+    runningAppsGroupByApp = false;
+    screenPreferences = {};
+
+    configVersion = 2;
+  };
+
+  default.session = {
+    # Settings
+    doNotDisturb = false;
+    isLightMode = false;
+    weatherHourlyDetailed = true;
+
+    # Night
+    nightModeAutoEnabled = true;
+    nightModeAutoMode = "time";
+    nightModeEnabled = true;
+    nightModeEndHour = 6;
+    nightModeEndMinute = 0;
+    nightModeHighTemperature = 6500;
+    nightModeLocationProvider = "";
+    nightModeStartHour = 22;
+    nightModeStartMinute = 0;
+    nightModeTemperature = 5500;
+    nightModeUseIPLocation = false;
+
+    # Hardware
+    nonNvidiaGpuTempEnabled = false;
+    nvidiaGpuTempEnabled = false;
+    selectedGpuIndex = 0;
+    wifiDeviceOverride = "";
+    enabledGpuPciIds = [];
+    lastBrightnessDevice = "";
+
+    # Wallpapers
+    perModeWallpaper = false;
+    perMonitorWallpaper = false;
+    wallpaperCyclingEnabled = false;
+    wallpaperCyclingInterval = 300;
+    wallpaperCyclingMode = "interval";
+    wallpaperCyclingTime = "06:00";
+    wallpaperPath = "/home/christoph/NixFlake/wallpapers/Windows.jpg";
+    wallpaperPathDark = "";
+    wallpaperPathLight = "";
+    wallpaperTransition = "iris bloom";
+
+    # Random shit
+    includedTransitions = ["fade" "wipe" "disc" "stripes" "iris bloom" "pixelate" "portal"];
+    launchPrefix = "";
+    latitude = 0;
+    longitude = 0;
+    pinnedApps = [];
+    hiddenTrayIds = [];
+    recentColors = [];
+    showThirdPartyPlugins = true;
+
+    # Ultra random shit
+    monitorCyclingSettings = {};
+    monitorWallpapers = {};
+    monitorWallpapersDark = {};
+    monitorWallpapersLight = {};
+    brightnessExponentValues = {};
+    brightnessExponentialDevices = {};
+    brightnessUserSetValues = {};
+
+    configVersion = 1;
+  };
+}

home/modules/niri/default.nix

@@ -11,11 +11,15 @@
 in {
   options.modules.niri = import ./options.nix {inherit lib mylib;};
 
-  config = lib.mkIf niri.enable {
+  config = lib.mkIf niri.enable rec {
     assertions = [
       {
         assertion = nixosConfig.programs.niri.enable;
-        message = "Can't enable Niri module with Niri disabled!";
+        message = "Can't enable Niri config with Niri disabled!";
+      }
+      {
+        assertion = !(programs.noctalia-shell.enable && programs.dankMaterialShell.enable);
+        message = "Can't enable Noctalia and DankMaterialShell at the same time!";
       }
     ];
 
@@ -25,6 +29,9 @@ in {
       iconTheme.name = color.iconTheme;
     };
 
+    # Disable niri polkit if we use DMS, as it has its own
+    systemd.user.services.niri-flake-polkit = lib.mkForce {};
+
     home = {
       sessionVariables = {
         QT_QPA_PLATFORMTHEME = "gtk3"; # For Noctalia
@@ -52,8 +59,11 @@ in {
     };
 
     programs = {
+      # TODO: Those should be modules with their own options
       noctalia-shell = import ./noctalia.nix {inherit color;};
+      dankMaterialShell = import ./dankMaterialShell.nix {inherit color;};
 
+      # TODO: Extract options
       niri = {
         # enable = true; # Enabled in system module
 
@@ -90,12 +100,15 @@ in {
           prefer-no-csd = true; # Disable client-side decorations (e.g. window titlebars)
 
           spawn-at-startup = [
-            {argv = ["noctalia-shell"];}
+            # TODO: Depend on options
+            # {argv = ["noctalia-shell"];}
+            {argv = ["dms" "run"];}
 
             {argv = ["kitty" "--hold" "fastfetch"];}
             {argv = ["zeal"];}
             {argv = ["protonvpn-app"];}
             {argv = ["fcitx5"];}
+            {argv = ["jellyfin-mpv-shim"];}
 
             {sh = "sleep 5s && nextcloud --background";}
             {sh = "sleep 5s && keepassxc";}
@@ -120,7 +133,7 @@ in {
               mode = {
                 width = 3440;
                 height = 1440;
-                refresh = 165.0;
+                refresh = 164.999;
               };
               position = {
                 x = 1920;
@@ -320,23 +333,43 @@ in {
               hotkey-overlay = {title = "Edit the NixFlake.";};
             };
 
+            # TODO: Enable with Noctalia option
             # Noctalia
+            # "Mod+A" = {
+            #   action = spawn "noctalia-shell" "ipc" "call" "launcher" "toggle";
+            #   hotkey-overlay = {title = "Toggle the application launcher.";};
+            # };
+            # "Mod+Ctrl+L" = {
+            #   action = spawn "noctalia-shell" "ipc" "call" "lockScreen" "lock";
+            #   hotkey-overlay = {title = "Lock the screen.";};
+            # };
+            # "Mod+W" = {
+            #   action = spawn "noctalia-shell" "ipc" "call" "wallpaper" "toggle";
+            #   hotkey-overlay = {title = "Toggle the wallpaper chooser.";};
+            # };
+            # "Mod+Escape" = {
+            #   action = spawn "noctalia-shell" "ipc" "call" "sessionMenu" "toggle";
+            #   hotkey-overlay = {title = "Toggle the session menu.";};
+            # };
+
+            # TODO: Enable with DMS option
+            # DankMaterialShell
             "Mod+A" = {
-              action = spawn "noctalia-shell" "ipc" "call" "launcher" "toggle";
+              action = spawn "dms" "ipc" "call" "spotlight" "toggle";
               hotkey-overlay = {title = "Toggle the application launcher.";};
             };
             "Mod+Ctrl+L" = {
-              action = spawn "noctalia-shell" "ipc" "call" "lockScreen" "lock";
+              action = spawn "dms" "ipc" "call" "lock" "lock";
               hotkey-overlay = {title = "Lock the screen.";};
             };
-            "Mod+W" = {
-              action = spawn "noctalia-shell" "ipc" "call" "wallpaper" "toggle";
-              hotkey-overlay = {title = "Toggle the wallpaper chooser.";};
-            };
             "Mod+Escape" = {
-              action = spawn "noctalia-shell" "ipc" "call" "sessionMenu" "toggle";
+              action = spawn "dms" "ipc" "call" "powermenu" "toggle";
               hotkey-overlay = {title = "Toggle the session menu.";};
             };
+            "Mod+C" = {
+              action = spawn "dms" "ipc" "call" "clipboard" "toggle";
+              hotkey-overlay = {title = "Show clipboard history.";};
+            };
 
             # Screenshots
             "Mod+S" = {
@@ -348,6 +381,12 @@ in {
               hotkey-overlay = {title = "Take a screenshot of a region.";};
             };
 
+            # Niri
+            "Mod+Shift+Slash" = {
+              action = show-hotkey-overlay;
+              hotkey-overlay = {hidden = true;};
+            };
+
             # Audio
             "XF86AudioRaiseVolume" = {
               action = spawn "wpctl" "set-volume" "-l" "1.5" "@DEFAULT_AUDIO_SINK@" "5%+";
@@ -370,12 +409,6 @@ in {
               hotkey-overlay = {hidden = true;};
             };
 
-            # Niri
-            "Mod+Shift+Slash" = {
-              action = show-hotkey-overlay;
-              hotkey-overlay = {hidden = true;};
-            };
-
             # Niri windows
             "Mod+Q" = {
               action = close-window;
@@ -442,7 +475,7 @@ in {
               hotkey-overlay = {hidden = true;};
             };
             "Mod+Shift+H" = {
-              action = move-column-left;
+              action = move-column-left-or-to-monitor-left;
               hotkey-overlay = {title = "Move column to the left. Equivalent bindings for other directions.";};
             };
             "Mod+Shift+J" = {
@@ -454,7 +487,7 @@ in {
               hotkey-overlay = {hidden = true;};
             };
             "Mod+Shift+L" = {
-              action = move-column-right;
+              action = move-column-right-or-to-monitor-right;
               hotkey-overlay = {hidden = true;};
             };
 

home/modules/niri/noctalia.nix

@@ -1,5 +1,6 @@
 {color}: {
-  enable = true;
+  enable = false;
+
   settings = {
     # configure noctalia here; defaults will
     # be deep merged with these attributes.
@@ -129,6 +130,7 @@
       visualizerQuality = "high";
       mprisBlacklist = [];
       preferredPlayer = "";
+      externalMixer = "kitty --title=Ncpamixer ncpamixer";
     };
 
     nightLight = {
@@ -211,17 +213,36 @@
           }
         ];
         right = [
+          # {
+          #   id = "SystemMonitor";
+          #   usePrimaryColor = true;
+          #   showCpuUsage = true;
+          #   showCpuTemp = false;
+          #   showMemoryUsage = true;
+          #   showMemoryAsPercent = false;
+          #   showNetworkStats = true;
+          #   showDiskUsage = true;
+          #   diskPath = "/";
+          # }
           {
             id = "Volume";
+            # displayMode = "alwaysShow";
           }
           {
             id = "Microphone";
-          }
+            # displayMode = "alwaysShow";
-          {
-            id = "WiFi";
           }
           {
             id = "Bluetooth";
+            # displayMode = "alwaysShow";
+          }
+          {
+            id = "WiFi";
+            # displayMode = "alwaysShow";
+          }
+          {
+            id = "VPN";
+            # displayMode = "alwaysShow";
           }
           {
             id = "Tray";

overlays/default.nix

@@ -29,6 +29,7 @@
     # Remove this after jetbrains.jdk builds again (nixpkgs issue 425328)
     # jetbrains.rider = pkgs-stable.jetbrains.rider;
 
+    # Now in Nixpkgs
     # neovide = prev.neovide.overrideAttrs (finalAttrs: prevAttrs: {
     #   version = "0.15.1";
     #   src = prev.fetchFromGitHub {
@@ -44,20 +45,21 @@
     #   };
     # });
 
-    rmpc = prev.rmpc.overrideAttrs (finalAttrs: prevAttrs: {
+    # Now in Nixpkgs
-      version = "0.10.0";
+    # rmpc = prev.rmpc.overrideAttrs (finalAttrs: prevAttrs: {
-      src = prev.fetchFromGitHub {
+    #   version = "0.10.0";
-        owner = "mierak";
+    #   src = prev.fetchFromGitHub {
-        repo = "rmpc";
+    #     owner = "mierak";
-        rev = "v0.10.0";
+    #     repo = "rmpc";
-        hash = "sha256-NU8T26oPhm8L7wdO4p65cpNa0pax7/oqHGs98QDoEc0=";
+    #     rev = "v0.10.0";
-      };
+    #     hash = "sha256-NU8T26oPhm8L7wdO4p65cpNa0pax7/oqHGs98QDoEc0=";
-      cargoHash = "sha256-d2/4q2s/11HNE18D8d8Y2yWidhT+XsUS4J9ahnxToI0=";
+    #   };
-      cargoDeps = prev.rustPlatform.fetchCargoVendor {
+    #   cargoHash = "sha256-d2/4q2s/11HNE18D8d8Y2yWidhT+XsUS4J9ahnxToI0=";
-        inherit (finalAttrs) pname src version;
+    #   cargoDeps = prev.rustPlatform.fetchCargoVendor {
-        hash = finalAttrs.cargoHash;
+    #     inherit (finalAttrs) pname src version;
-      };
+    #     hash = finalAttrs.cargoHash;
-    });
+    #   };
+    # });
   };
 in
   # Composes a list of overlays and returns a single overlay function that combines them.

system/default.nix

@@ -346,8 +346,8 @@ with mylib.networking; {
     hyprland = {
       enable = !headless;
 
-      package = inputs.hyprland.packages.${system}.hyprland;
+      package = inputs.hyprland.packages.${pkgs.stdenv.hostPlatform.system}.hyprland;
-      portalPackage = inputs.hyprland.packages.${system}.xdg-desktop-portal-hyprland;
+      portalPackage = inputs.hyprland.packages.${pkgs.stdenv.hostPlatform.system}.xdg-desktop-portal-hyprland;
 
       xwayland.enable = true;
       withUWSM = true;
@@ -463,6 +463,7 @@ with mylib.networking; {
     services."refresh-nps-cache" = {
       # Make sure `nix` and `nix-env` are findable by systemd.services.
       path = ["/run/current-system/sw/"];
+      after = ["network.target"];
       serviceConfig = {
         Type = "oneshot";
         User = "${username}";
@@ -470,7 +471,7 @@ with mylib.networking; {
       script = ''
         set -eu
         echo "Start refreshing nps cache..."
-        ${inputs.nps.packages.${system}.default}/bin/nps -dddd -e -r
+        ${inputs.nps.packages.${pkgs.stdenv.hostPlatform.system}.default}/bin/nps -dddd -e -r
         echo "... finished nps cache with exit code $?."
       '';
     };

system/modules/impermanence/default.nix

@@ -142,6 +142,7 @@ in {
             (mkUDir ".config/Ferdium" m755)
             (mkUDir ".config/fish/completions" m755)
             (mkUDir ".config/impermanence" m755)
+            (mkUDir ".config/jellyfin-mpv-shim" m755)
             (mkUDir ".config/JetBrains" m755)
             (mkUDir ".config/kdeconnect" m755)
             (mkUDir ".config/keepassxc" m755)

system/nixinator/default.nix

@@ -108,7 +108,7 @@
 
   boot = {
     kernelPackages = pkgs.linuxPackages_zen;
-    # kernelPackages = lib.mkDefault pkgs.linuxPackages_latest;
+    # kernelPackages = pkgs.linuxPackages_latest;
 
     # kernelParams = [ "quiet" ];
     # plymouth.enable = true;

system/nixinator/hardware-configuration.nix

@@ -116,6 +116,12 @@
       fsType = "nfs";
       options = ["defaults" "rw" "noatime" "_netdev" "bg" "soft"];
     };
+
+    "/media/Box" = {
+      device = "192.168.86.20:/mnt/Seagate4TB/Box";
+      fsType = "nfs";
+      options = ["defaults" "rw" "relatime" "_netdev" "bg" "soft"];
+    };
   };
 
   hardware = {
@@ -127,8 +133,8 @@
     nvidia-container-toolkit.enable = true;
 
     nvidia = {
-      package = config.boot.kernelPackages.nvidiaPackages.stable;
+      # package = config.boot.kernelPackages.nvidiaPackages.stable;
-      # package = config.boot.kernelPackages.nvidiaPackages.beta;
+      package = config.boot.kernelPackages.nvidiaPackages.beta;
 
       open = true;
       nvidiaSettings = false; # Those are for x-server

system/servenix/default.nix

@@ -25,9 +25,9 @@
     # General services
     ../services/authelia.nix
     ../services/bazarr.nix
+    ../services/box.nix
     ../services/fileflows.nix
     ../services/gitea.nix
-    ../services/gitea-runner.nix
     ../services/immich.nix
     ../services/jellyfin.nix
     ../services/kopia.nix
@@ -36,6 +36,7 @@
     ../services/paperless.nix
     # ../services/plex.nix # Their monetization strategy is absolutely atrocious
     ../services/portainer-agent.nix
+    ../services/pulse-agent-servenix.nix
     ../services/prowlarr.nix
     ../services/radarr.nix
     ../services/sabnzbd-movies.nix

system/servenix/hardware-configuration.nix

@@ -63,6 +63,12 @@
       fsType = "nfs";
       options = ["defaults" "rw" "relatime" "_netdev" "bg" "soft"];
     };
+
+    "/media/Box" = {
+      device = "192.168.86.20:/mnt/Seagate4TB/Box";
+      fsType = "nfs";
+      options = ["defaults" "rw" "relatime" "_netdev" "bg" "soft"];
+    };
   };
 
   swapDevices = [

system/services/box.nix

@@ -0,0 +1,59 @@
+{
+  config,
+  lib,
+  pkgs,
+  ...
+}: let
+  boxVersion = "v0.29.3";
+in {
+  virtualisation.oci-containers.containers = {
+    box = {
+      image = "stashapp/stash:${boxVersion}";
+      autoStart = true;
+
+      login = {
+        # Uses DockerHub by default
+        # registry = "";
+
+        # DockerHub Credentials
+        username = "christoph.urlacher@protonmail.com";
+        passwordFile = "${config.sops.secrets.docker-password.path}";
+      };
+
+      dependsOn = [];
+
+      ports = [
+        # "9999:9999"
+      ];
+
+      volumes = [
+        "/etc/localtime:/etc/localtime:ro"
+
+        "/media/Box:/data"
+
+        "box_config:/root/.stash"
+        "box_metadata:/metadata"
+        "box_cache:/cache"
+        "box_blobs:/blobs"
+        "box_generated:/generated"
+      ];
+
+      environment = {
+        PUID = "3000";
+        PGID = "3000";
+        TZ = "Europe/Berlin";
+
+        STASH_STASH = "/data/";
+        STASH_GENERATED = "/generated/";
+        STASH_METADATA = "/metadata/";
+        STASH_CACHE = "/cache/";
+      };
+
+      extraOptions = [
+        "--privileged"
+        "--device=nvidia.com/gpu=all"
+        "--net=behind-nginx"
+      ];
+    };
+  };
+}

system/services/gitea-runner.nix

@@ -1,52 +0,0 @@
-{
-  config,
-  lib,
-  pkgs,
-  ...
-}: let
-  runnerVersion = "0.2.12";
-in {
-  virtualisation.oci-containers.containers = {
-    gitea-runner = {
-      image = "gitea/act_runner:${runnerVersion}"; # NOTE: vegardit has other runner images
-      autoStart = true;
-
-      login = {
-        # Uses DockerHub by default
-        # registry = "";
-
-        # DockerHub Credentials
-        username = "christoph.urlacher@protonmail.com";
-        passwordFile = "${config.sops.secrets.docker-password.path}";
-      };
-
-      dependsOn = [];
-
-      ports = [];
-
-      volumes = [
-        "gitea-runner_data:/data"
-        "gitea-runner_config:/config" # Managed by env variables for vegardit image
-
-        "/var/run/docker.sock:/var/run/docker.sock" # Disable for dind
-      ];
-
-      environment = {
-        # gitlab.local.chriphost.de doesn't work, because it gets resolved to 192.168.86.25:443, which is nginx
-        GITEA_INSTANCE_URL = "http://192.168.86.25:3000";
-        GITEA_RUNNER_NAME = "servenix";
-
-        # Can be generated from inside the container using act_runner generate-config > /config/config.yaml
-        CONFIG_FILE = "/config/config.yaml";
-
-        # This token is invalid, when re-registering is needed it has to be refreshed
-        GITEA_RUNNER_REGISTRATION_TOKEN = "Mq6wr0dPthqDij3iaryP8s5VYZA5kPfOQbHA6wm6";
-      };
-
-      extraOptions = [
-        # "--privileged" # Enable for dind
-        "--net=behind-nginx"
-      ];
-    };
-  };
-}

system/services/gitea.nix

@@ -5,6 +5,7 @@
   ...
 }: let
   giteaVersion = "1.24.2";
+  runnerVersion = "0.2.12";
 in {
   users = {
     groups.git = {};
@@ -101,5 +102,49 @@ in {
         "--net=behind-nginx"
       ];
     };
+
+    gitea-runner = {
+      image = "gitea/act_runner:${runnerVersion}"; # NOTE: vegardit has other runner images
+      autoStart = true;
+
+      login = {
+        # Uses DockerHub by default
+        # registry = "";
+
+        # DockerHub Credentials
+        username = "christoph.urlacher@protonmail.com";
+        passwordFile = "${config.sops.secrets.docker-password.path}";
+      };
+
+      dependsOn = [
+        "gitea"
+      ];
+
+      ports = [];
+
+      volumes = [
+        "gitea-runner_data:/data"
+        "gitea-runner_config:/config" # Managed by env variables for vegardit image
+
+        "/var/run/docker.sock:/var/run/docker.sock" # Disable for dind
+      ];
+
+      environment = {
+        # gitlab.local.chriphost.de doesn't work, because it gets resolved to 192.168.86.25:443, which is nginx
+        GITEA_INSTANCE_URL = "http://192.168.86.25:3000";
+        GITEA_RUNNER_NAME = "servenix";
+
+        # Can be generated from inside the container using act_runner generate-config > /config/config.yaml
+        CONFIG_FILE = "/config/config.yaml";
+
+        # This token is invalid, when re-registering is needed it has to be refreshed
+        GITEA_RUNNER_REGISTRATION_TOKEN = "Mq6wr0dPthqDij3iaryP8s5VYZA5kPfOQbHA6wm6";
+      };
+
+      extraOptions = [
+        # "--privileged" # Enable for dind
+        "--net=behind-nginx"
+      ];
+    };
   };
 }

system/services/pulse-agent-servenix.nix

@@ -0,0 +1,40 @@
+{
+  config,
+  lib,
+  pkgs,
+  ...
+}: let
+  pulseAgentServenixVersion = "4.35.0";
+in {
+  virtualisation.oci-containers.containers = {
+    pulse-agent-servenix = {
+      image = "ghcr.io/rcourtman/pulse-docker-agent:${pulseAgentServenixVersion}";
+      autoStart = true;
+
+      dependsOn = [];
+
+      ports = [];
+
+      volumes = [
+        "/var/run/docker.sock:/var/run/docker.sock"
+      ];
+
+      environment = {
+        PUID = "1000";
+        PGID = "1000";
+        TZ = "Europe/Berlin";
+
+        PULSE_URL = "https://pulse.think.chriphost.de";
+        PULSE_TOKEN = "6a72f3951990d6724f09106d052302f6f60fc9e94f71720bf8e8a1fe4a27d4a2";
+      };
+
+      extraOptions = [
+        # "--privileged"
+        # "--device=nvidia.com/gpu=all"
+        "--net=behind-nginx"
+        "--pid=host"
+        "--uts=host"
+      ];
+    };
+  };
+}

system/services/pulse-agent-thinknix.nix

@@ -0,0 +1,42 @@
+{
+  config,
+  lib,
+  pkgs,
+  ...
+}: let
+  pulseAgentThinknixVersion = "4.35.0";
+in {
+  virtualisation.oci-containers.containers = {
+    pulse-agent-thinknix = {
+      image = "ghcr.io/rcourtman/pulse-docker-agent:${pulseAgentThinknixVersion}";
+      autoStart = true;
+
+      dependsOn = [
+        "pulse"
+      ];
+
+      ports = [];
+
+      volumes = [
+        "/var/run/docker.sock:/var/run/docker.sock"
+      ];
+
+      environment = {
+        PUID = "1000";
+        PGID = "1000";
+        TZ = "Europe/Berlin";
+
+        PULSE_URL = "https://pulse.think.chriphost.de";
+        PULSE_TOKEN = "6ab80ff7336a0cd7e0edcf3cd270a72bf6e075bcff337235ab011d1f70231e2f";
+      };
+
+      extraOptions = [
+        # "--privileged"
+        # "--device=nvidia.com/gpu=all"
+        "--net=behind-nginx"
+        "--pid=host"
+        "--uts=host"
+      ];
+    };
+  };
+}

system/services/pulse.nix

@@ -0,0 +1,46 @@
+{
+  config,
+  lib,
+  pkgs,
+  ...
+}: let
+  pulseVersion = "4.35.0";
+in {
+  virtualisation.oci-containers.containers = {
+    pulse = {
+      image = "rcourtman/pulse:${pulseVersion}";
+      autoStart = true;
+
+      login = {
+        # Uses DockerHub by default
+        # registry = "";
+
+        # DockerHub Credentials
+        username = "christoph.urlacher@protonmail.com";
+        passwordFile = "${config.sops.secrets.docker-password.path}";
+      };
+
+      dependsOn = [];
+
+      ports = [
+        # "7655:7655"
+      ];
+
+      volumes = [
+        "pulse_data:/data"
+      ];
+
+      environment = {
+        PUID = "1000";
+        PGID = "1000";
+        TZ = "Europe/Berlin";
+      };
+
+      extraOptions = [
+        # "--privileged"
+        # "--device=nvidia.com/gpu=all"
+        "--net=behind-nginx"
+      ];
+    };
+  };
+}

system/thinknix/default.nix

@@ -20,6 +20,8 @@
     ../services/adguard.nix
     ../services/nginx-proxy-manager.nix
     ../services/portainer.nix
+    ../services/pulse.nix
+    ../services/pulse-agent-thinknix.nix
     ../services/whats-up-docker.nix
   ];